On 06/15/2015 07:19 PM, Stephan Mueller wrote:
>> I'm not familiar with the FIPS requirements. I checked the NIST
>> > recommendations witch states that RSA: |n| >= 2048 is acceptable. If FIPS
>> > allows 2K and 3K only then we need to change it.
> The reason for exclusive 2k/3k is the CAVS testing
Am Montag, 15. Juni 2015, 18:49:15 schrieb Tadeusz Struk:
Hi Tadeusz,
> On 06/15/2015 04:23 PM, Stephan Mueller wrote:
> >> + /* In FIPS mode only allow key size minimum 2K */
> >>
> >> > +if (fips_enabled && (mpi_get_size(key->n) < 256)) {
> >
> > Considering my previous email, should
On 06/15/2015 04:23 PM, Stephan Mueller wrote:
>> +/* In FIPS mode only allow key size minimum 2K */
>> > + if (fips_enabled && (mpi_get_size(key->n) < 256)) {
> Considering my previous email, shouldn't that check rather be
>
> if (fips_enabled &&
> ((mpi_get_size(key->n) != 256) || (mpi_
Am Montag, 15. Juni 2015, 13:18:47 schrieb Tadeusz Struk:
Hi Tadeusz,
> Add a new rsa generic SW implementation.
> This implements only cryptographic primitives.
Thank you, that seems to address the issues around the FIPS side including the
self test code.
Though, I have one question:
> +
> +
Add a new rsa generic SW implementation.
This implements only cryptographic primitives.
Signed-off-by: Tadeusz Struk
---
crypto/Kconfig|7 +
crypto/Makefile |8 +
crypto/rsa.c | 295 +
crypto/rsa_help
5 matches
Mail list logo
