[gnutls-devel] GnuTLS | Optimize FIPS power-on self-tests (!1907)

[Read-only notification of GnuTLS library development activities]

Clemens Lang commented on a discussion on lib/fips.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1907#note_2267119149

 >  	}
 >  
 >  	/* PK */
 > -	if (_gnutls_config_is_rsa_pkcs1_encrypt_allowed()) {
 > -		ret = gnutls_pk_self_test(0, GNUTLS_PK_RSA);
 > -		if (ret < 0) {
 > -			return gnutls_assert_val(GNUTLS_E_SELF_TEST_ERROR);
 > -		}
 > +	ret = gnutls_pk_self_test(0, GNUTLS_PK_RSA_PSS);

We're removing that, in favor of the signature and signature verification self test. FIPS 140-3 IG D.G has this on the matter:

> If an RSA signature generation algorithm and an approved RSA-based key un-encapsulation scheme are both supported by the module using the same implementation (same hardware, same code for the RSA primitive computations) and the module is performing the signature generation self-test then it is not necessary to also perform a self-test for the key un-encapsulation scheme, as long as the signature generation CAST is performed prior to the first use of the signature generation or key un-encapsulation functions.
>
> Similarly, if the same implementation performs the common functionality for both the RSA signature verification and an approved RSA-based key encapsulation scheme then it is sufficient to perform a CAST just for the signature verification algorithm, as long as the signature verification CAST is performed prior to the first use of the signature verification or key encapsulation functions.

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1907#note_2267119149
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20241219/e1eafbdc/attachment-0001.html>