[gnutls-devel] GnuTLS | Improve FIPS signatures self-tests (!1206)

Development of GNU's TLS library gnutls-devel at lists.gnutls.org
Fri Mar 13 10:10:57 CET 2020

Merge request https://gitlab.com/gnutls/gnutls/-/merge_requests/1206 was reviewed by Anderson Sasaki

Anderson Sasaki commented on a discussion: https://gitlab.com/gnutls/gnutls/-/merge_requests/1206#note_304424012

Ok, I'll fill an issue

Anderson Sasaki commented on a discussion on tests/slow/cipher-test.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1206#note_304424017

>  {
> +
> +	if (gnutls_fips140_mode_enabled()) {

The deterministic signature API (i.e. calling the signatures with ``GNUTLS_PRIVKEY_FLAG_REPRODUCIBLE`` flag set) can't be used in FIPS mode from the beginning (since 3beaa23ef5852e2d8aaa610aac9cde9b46be4f77). It was written specifically to be used during the self-tests.

Do you have a suggestion on how to keep running the test in FIPS mode?

Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1206
You're receiving this email because of your account on gitlab.com.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20200313/1b0ed6b5/attachment.html>

More information about the Gnutls-devel mailing list