T7338: Make SHA1 non-FIPS and differentiate in the SLI
NIIBE Yutaka
gniibe at fsij.org
Fri Feb 21 06:38:27 CET 2025
Hello,
NIIBE Yutaka <gniibe at fsij.org> wrote:
> (1) Fixing the behaviour of gcry_pk_sign and gcry_pk_verify.
Here is a patch fixing gcry_pk_sign and gcry_pk_verify.
I'm not sure if allowing use of gcry_pk_sign and gcry_pk_verify is good/bad
under FIPS mode since hashing is done beforehand with RSA and ECDSA.
--
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-cipher-rsa-Mark-reject-SHA1-unknown-with-RSA-signatu.patch
Type: text/x-diff
Size: 22904 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gcrypt-devel/attachments/20250221/c890ce24/attachment-0001.patch>
More information about the Gcrypt-devel
mailing list