[gnutls-devel] GnuTLS | Release 3.8.1 (!1762)

Fri Aug 4 04:14:17 CEST 2023

Daiki Ueno started a new discussion on NEWS: https://gitlab.com/gnutls/gnutls/-/merge_requests/1762#note_1499943407

>     needs to set up a callback that formats the PSK identity using
>     gnutls_psk_format_imported_identity().
>  
> +** libgnutls: Add a new priority string modifier %FORCE_SESSION_HASH,
> +   which requires to negotiate extended master secret and aborts the
> +   connection if the peer does not send the extension in hello messages.
> +   In FIPS mode %FORCE_SESSION_HASH is enabled by default.
> +
> +** libgnutls: %GNUTLS_NO_EXTENSIONS has been renamed to
> +   %GNUTLS_NO_DEFAULT_EXTENSIONS.
> +
> +** libgnutls: Add additional PBKDF limit checks in FIPS mode as
> +   defined in SP 800-132. Minimum salt length is 128 bits and
> +   minimum iterations bound is 1000 for PBKDF in FIPS mode.
> +
> +** libgnutls: use of non-EMS PRF is marked as non-approved in FIPS mode.

I guess it makes more sense to merge into the previous one about session hash / EMS. Something like:
```text
** libgnutls: Add a mechanism to control whether to enforce extended master secret (RFC 7627).
   FIPS 140-3 mandates the use of TLS session hash (extended master
   secret, EMS) in TLS 1.2. To enforce this, a new priority keyword
   %FORCE_SESSION_HASH is added and if it is set and EMS is not set, the
   peer aborts the connection. This behavior is the default in FIPS mode,
   though it can be overridden through the configuration file with the
   "tls-session-hash" option. In either case non-EMS PRF is reported as a
   non-approved operation through the FIPS service indicator.
```

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1762#note_1499943407
You're receiving this email because of your account on gitlab.com.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20230804/db6b8fe9/attachment-0001.html>