The branch master has been updated via 96d7bc5229d5b350756a63878e5c38a683a26016 (commit) via 981f70449c60812d9fef4106755ec637b6b868b4 (commit) via 7fb9357ff70ce58df6c4e13ceb0e9a4dead77cc4 (commit) from 7c84bf7db927de5a6676a0fad2e88546e7e6e7ed (commit)
- Log ----------------------------------------------------------------- commit 96d7bc5229d5b350756a63878e5c38a683a26016 Author: Pauli <paul.d...@oracle.com> Date: Wed Nov 4 10:50:24 2020 +1000 Remove the TLS fixes items for CBC and key agreement. Both of these have been completed and are no longer relevant FIPS related work. Neither is a FIPS algorithm in of itself. Reviewed-by: Matt Caswell <m...@openssl.org> (Merged from https://github.com/openssl/openssl/pull/204) commit 981f70449c60812d9fef4106755ec637b6b868b4 Author: Pauli <paul.d...@oracle.com> Date: Wed Nov 4 10:49:25 2020 +1000 Update FIPS algorithm list to indicate compliance. The algorithms are now compliant, indicate this in the table. Reviewed-by: Matt Caswell <m...@openssl.org> (Merged from https://github.com/openssl/openssl/pull/204) commit 7fb9357ff70ce58df6c4e13ceb0e9a4dead77cc4 Author: Pauli <paul.d...@oracle.com> Date: Wed Nov 4 10:43:21 2020 +1000 Update FIPS algorithm list. Some additional algorithms have been added to the FIPS validation. Reflect this in the appendix. Reviewed-by: Matt Caswell <m...@openssl.org> (Merged from https://github.com/openssl/openssl/pull/204) ----------------------------------------------------------------------- Summary of changes: docs/OpenSSL300Design.md | 184 ++++++++++++++++++++++++++++++++++++++++------- 1 file changed, 159 insertions(+), 25 deletions(-) diff --git a/docs/OpenSSL300Design.md b/docs/OpenSSL300Design.md index e552692..6aab23a 100644 --- a/docs/OpenSSL300Design.md +++ b/docs/OpenSSL300Design.md @@ -1,7 +1,7 @@ --- title: OpenSSL 3.0.0 Design author: OpenSSL Management Committee (OMC) -date: January, 2019 +date: November, 2020 state: DRAFT header-includes: - | @@ -2801,6 +2801,18 @@ Security Policy statement regarding the <a href="https://csrc.nist.gov/publicati <td>All AES cipher modes supporting 128, 192 and 256 bits. </td> </tr> + <tr> + <td> + </td> + <td>CBC CTS + </td> + <td> + </td> + <td>✓ + </td> + <td> + </td> + </tr> <tr> <td> </td> @@ -2810,7 +2822,19 @@ Security Policy statement regarding the <a href="https://csrc.nist.gov/publicati </td> <td>✓ </td> - <td>It's likely easier to include all of these than to remove some of them. + <td> + </td> + </tr> + <tr> + <td> + </td> + <td>CFB + </td> + <td><a href="https://csrc.nist.gov/publications/detail/sp/800-38a/final">SP 800-38A</a> + </td> + <td>✓ + </td> + <td> </td> </tr> <tr> @@ -2844,7 +2868,7 @@ Security Policy statement regarding the <a href="https://csrc.nist.gov/publicati </td> <td><a href="https://csrc.nist.gov/publications/detail/sp/800-38d/final">SP 800-38D</a> </td> - <td>✗ + <td>✓ </td> <td>Changes in IV. Module must generate the IV. </td> @@ -2861,6 +2885,18 @@ Security Policy statement regarding the <a href="https://csrc.nist.gov/publicati <td> </td> </tr> + <tr> + <td> + </td> + <td>OFB + </td> + <td><a href="https://csrc.nist.gov/publications/detail/sp/800-38a/final">SP 800-38A</a> + </td> + <td>✓ + </td> + <td> + </td> + </tr> <tr> <td> </td> @@ -2868,7 +2904,7 @@ Security Policy statement regarding the <a href="https://csrc.nist.gov/publicati </td> <td><a href="https://csrc.nist.gov/publications/detail/sp/800-38e/final">SP 800-38E</a> </td> - <td>✗ + <td>✓ </td> <td>See <a href="https://csrc.nist.gov/CSRC/media/Projects/Cryptographic-Module-Validation-Program/documents/fips140-2/FIPS1402IG.pdf">FIPS 140-2 I.G.</a> A.9. Needs key check added. This mode does not support 192 bits. Check added by <a href="https://github.com/openssl/openssl/pull/7120">#7120</a>. </td> @@ -2979,6 +3015,42 @@ Security Policy statement regarding the <a href="https://csrc.nist.gov/publicati <td> </td> </tr> + <tr> + <td>CMAC + </td> + <td> + </td> + <td> + </td> + <td>✓ + </td> + <td> + </td> + </tr> + <tr> + <td>GMAC + </td> + <td> + </td> + <td> + </td> + <td>✓ + </td> + <td> + </td> + </tr> + <tr> + <td>KMAC + </td> + <td> + </td> + <td> + </td> + <td>✓ + </td> + <td> + </td> + </tr> <tr> <td>DRBG </td> @@ -2986,7 +3058,7 @@ Security Policy statement regarding the <a href="https://csrc.nist.gov/publicati </td> <td><a href="https://csrc.nist.gov/publications/detail/sp/800-90a/rev-1/final">SP 800-90A</a> </td> - <td>✗ + <td>✓ </td> <td rowspan="3" >Issues with <a href="https://csrc.nist.gov/publications/detail/sp/800-90c/draft">SP 800-90C</a>. <p> @@ -3000,7 +3072,7 @@ All comply with <a href="https://csrc.nist.gov/publications/detail/sp/800-90a/re </td> <td><a href="https://csrc.nist.gov/publications/detail/sp/800-90a/rev-1/final">SP 800-90A</a> </td> - <td>✗ + <td>✓ </td> </tr> <tr> @@ -3010,7 +3082,7 @@ All comply with <a href="https://csrc.nist.gov/publications/detail/sp/800-90a/re </td> <td><a href="https://csrc.nist.gov/publications/detail/sp/800-90a/rev-1/final">SP 800-90A</a> </td> - <td>✗ + <td>✓ </td> </tr> <tr> @@ -3032,7 +3104,7 @@ All comply with <a href="https://csrc.nist.gov/publications/detail/sp/800-90a/re </td> <td><a href="https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-4.pdf">FIPS 186-4</a> </td> - <td>✗ + <td>✓ </td> <td>Refer also to <a href="https://csrc.nist.gov/publications/detail/sp/800-56b/rev-2/draft">SP 800-56B</a>. PKCS#1.5, PSS, Key pair generation. Modulus size changes. </td> @@ -3044,7 +3116,7 @@ All comply with <a href="https://csrc.nist.gov/publications/detail/sp/800-90a/re </td> <td><a href="https://csrc.nist.gov/publications/detail/sp/800-56b/rev-2/draft">SP 800-56B</a> </td> - <td>✗ + <td>✓ </td> <td>OAEP. Update to <a href="https://csrc.nist.gov/publications/detail/sp/800-56b/rev-2/draft">SP 800-56B rev-1</a> standard. </td> @@ -3056,7 +3128,7 @@ All comply with <a href="https://csrc.nist.gov/publications/detail/sp/800-90a/re </td> <td><a href="https://csrc.nist.gov/publications/detail/sp/800-56a/rev-3/final">SP 800-56A</a> </td> - <td>✗ + <td>✓ </td> <td>Update to <a href="https://csrc.nist.gov/publications/detail/sp/800-56a/rev-3/final">SP 800-56A rev-3</a> standard. </td> @@ -3068,7 +3140,7 @@ All comply with <a href="https://csrc.nist.gov/publications/detail/sp/800-90a/re </td> <td><a href="https://csrc.nist.gov/CSRC/media/Projects/Cryptographic-Algorithm-Validation-Program/documents/keymgmt/KASVS.pdf">KASVS</a> </td> - <td>✗ + <td>✓ </td> <td>Additional testing to meet ZZonly. CVL/KAS. </td> @@ -3080,7 +3152,7 @@ All comply with <a href="https://csrc.nist.gov/publications/detail/sp/800-90a/re </td> <td><a href="https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-4.pdf">FIPS 186-4</a> </td> - <td>✗ + <td>✓ </td> <td>PQG generation & verification, signature generation & verification, key pair generation. </td> @@ -3092,7 +3164,7 @@ All comply with <a href="https://csrc.nist.gov/publications/detail/sp/800-90a/re </td> <td><a href="https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-4.pdf">FIPS 186-4</a> </td> - <td>✗ + <td>✓ </td> <td>Key pair generation, public key generation, signature generation & verification. </td> @@ -3104,7 +3176,7 @@ All comply with <a href="https://csrc.nist.gov/publications/detail/sp/800-90a/re </td> <td><a href="https://csrc.nist.gov/publications/detail/sp/800-56a/rev-3/final">SP 800-56A</a> </td> - <td>✗ + <td>✓ </td> <td>B-233, 283, 409, 571; K-233, 283, 409, 571; P-224, 256, 384, 521. Update to <a href="https://csrc.nist.gov/publications/detail/sp/800-56a/rev-3/final">SP 800-56A rev-3</a> standard. </td> @@ -3116,7 +3188,7 @@ All comply with <a href="https://csrc.nist.gov/publications/detail/sp/800-90a/re </td> <td><a href="https://csrc.nist.gov/CSRC/media/Projects/Cryptographic-Algorithm-Validation-Program/documents/keymgmt/KASVS.pdf">KASVS</a> </td> - <td>✗ + <td>✓ </td> <td>Additional testing to meet ZZonly. CVL/KAS. </td> @@ -3128,43 +3200,105 @@ All comply with <a href="https://csrc.nist.gov/publications/detail/sp/800-90a/re </td> <td><a href="https://csrc.nist.gov/publications/detail/sp/800-132/final">SP 800-132</a> </td> - <td>✗ + <td>✓ </td> <td>Verify conformance with standards. See <a href="https://github.com/openssl/openssl/pull/6674">#6674</a>. </td> </tr> <tr> - <td>TLS + <td> </td> - <td>PRF + <td>HKDF </td> <td> </td> - <td>✗ + <td>✓ </td> - <td>For TLS 1.2 and 1.3. + <td> </td> </tr> <tr> <td> </td> - <td>RSA + <td>SSKDF </td> <td> </td> - <td>N/A + <td>✓ </td> - <td rowspan="2" ><em>These two are not algorithms, they serve as a reminder that the custom code for these in libssl would need to move to libcrypto and then be incorporated into the FIPS module.</em> + <td> </td> </tr> <tr> <td> </td> - <td>CBC + <td>SSHKDF </td> <td> </td> - <td>N/A + <td>✓ + </td> + <td> + </td> + </tr> + <tr> + <td> + </td> + <td>X9.42 KDF + </td> + <td> + </td> + <td>✓ + </td> + <td> + </td> + </tr> + <tr> + <td> + </td> + <td>X9.63 KDF + </td> + <td> + </td> + <td>✓ + </td> + <td> + </td> + </tr> + <tr> + <td> + </td> + <td>KBKDF + </td> + <td> + </td> + <td>✓ + </td> + <td> + </td> + </tr> + <tr> + <td> + </td> + <td>TLS PRF + </td> + <td> + </td> + <td>✓ + </td> + <td> + </td> + </tr> + <tr> + <td>TLS + </td> + <td>PRF + </td> + <td> + </td> + <td>✓ + </td> + <td>For TLS 1.2 and 1.3. </td> </tr> </table>