[gnutls-devel] GnuTLS | fips: tighten check on DH parameters according to SP800-56A (rev 3) (!1295)

Development of GNU's TLS library gnutls-devel at lists.gnutls.org
Mon Jun 29 07:49:00 CEST 2020

Daiki Ueno commented on a discussion: https://gitlab.com/gnutls/gnutls/-/merge_requests/1295#note_369635899

> This function seems to indicate that the call is in the TLS server

It's the other way around: the function is called by the client to handle ServerKeyExchange sent from the server. The only possible way to let the server use custom DH parameters is through `gnutls_dh_params_import_pkcs3` at the initialization time, but we suggest documenting that in the security policy rather than actually restricting the uses.

> wouldn't the check be better found in the actual DH function like gnutls_pk_derive or similar?

That could be, but I guess it would make testing harder (because we need to have FIPS/non-FIPS setup for the client and the server).

Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1295#note_369635899
You're receiving this email because of your account on gitlab.com.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20200629/279a94aa/attachment-0001.html>

More information about the Gnutls-devel mailing list