[gnutls-help] ECDH internal functions and FIPS140-2 mode
Daiki Ueno
ueno at gnu.org
Mon Feb 22 16:10:28 CET 2021
Hello,
Nicolas Mora <nicolas at babelouest.org> writes:
> I'd like to use ECDH key agreement with GnuTLS. As far as I can see,
> there is no public function to generate a shared secret with ECC keys.
I think this is a long wanted feature:
https://gitlab.com/gnutls/gnutls/-/issues/894
> In lib/nettle/pk.c [1], the ECDH functions are defined if
> ENABLE_FIPS140 is defined.
>
> According to thee documentation [2], FIPS140-2 mode is not available
> without adding configure option –enable-fips140-mode.
>
> In an old message on this ML [3], it was offered these functions to be
> exported in the normal API, but this message wasn't answered, and the
> ecdh functions are still private and available only with FIPS140-2
> mode.
>
> I'd like to make a feature request for the ECDH functions to be
> available in the normal API, even in non FIPS140-2 mode. Would it be
> possible in a future version?
Yes, that would be very useful. What I am concerned with this is how it
would affect FIPS140-2 validation. Once they become part of the public
API, we may need to add checks to meet the SP800-56A requirements when
they are called under FIPS140-2 mode. Having said that, I guess the
implementation of such checks wouldn't be that hard. Stephan (Cc'ed)
might have some opinion on that.
Regards,
--
Daiki Ueno
More information about the Gnutls-help
mailing list