[gnutls-devel] GnuTLS | Improve FIPS signatures self-tests (!1206)

Development of GNU's TLS library gnutls-devel at lists.gnutls.org
Fri Mar 13 10:49:28 CET 2020




Stephan Mueller commented:


Just a note on the basic requirement: for asym cipher operations where there the FIPS specifications only define non-deterministic operations (DSA, ECDSA, PSS) the self tests must also use those non-deterministic operations. For deterministic operations (PKCS 1.5), a deterministic self test is to be used.

The use of the deterministic cipher mode for DSA, ECDSA for FIPS self-testing is not yet approved. You may leave it in the code, but you need to provide the non-deterministic self tests for each cipher.

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1206#note_304448283
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20200313/ecfbc7a5/attachment.html>


More information about the Gnutls-devel mailing list