[gnutls-devel] GnuTLS | cipher: add restriction on CCM tag length under FIPS mode (!1658)
Read-only notification of GnuTLS library development activities
gnutls-devel at lists.gnutls.org
Fri Oct 21 14:24:37 CEST 2022
Merge request https://gitlab.com/gnutls/gnutls/-/merge_requests/1658 was reviewed by Alexander Sosedkin
--
<!-- Get preloaded note discussion-->
Alexander Sosedkin started a new discussion on lib/accelerated/aarch64/aes-ccm-aarch64.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1658#note_1144606023
> + break;
> + default:
> + if (_gnutls_fips_mode_enabled()) {
Would it hurt to also flip the indicator to `ERROR`?
--
<!-- Get preloaded note discussion-->
Alexander Sosedkin started a new discussion on tests/fips-test.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1658#note_1144606032
> + fips_pop_context(fips_context, expected_state);
> +
> + /* We can't proceed with decryption when encryption failed,
... leaving us with decryption limitations untested in <4 tag length case.
--
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1658
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20221021/d0a57bd8/attachment-0001.html>
More information about the Gnutls-devel
mailing list