Joachim Vandersmissen
Joachim Vandersmissen
@beldmit what would be the purpose of a "FIPS compliant" indicator for specific key objects?
> Take ECDSA, for example, where NIST has disallowed passing a hash. Rather the digest has to be computed inside the sign/verify call. This is nuts and we ought to...
How does this patch interact with PBKDF2? That algorithm uses HMAC internally on a password which may not be 112 bits long.
> > > as eventually indicators will not be allowed or desired either. > > > > > > Any background for this? I do not see any reason why...
> Ok, but right now there is no API to HMAC to specify if something is a "key" or "salt". Do we need to add flags to HMAC derive to...
@t8m is PKEY_sign/verify always supposed to behave the same as DigestSign/Verify with no MD? Also, regarding the FIPS provider, isn't that a more general issue? Let's say 3.1.x is validated,...
> Please drop the merge commit. If it is necessary because of conflicts, please rebase the pull request against fresh master branch. Yeah, there was a conflict. I rebased it...
It doesn't look like this PR will be accepted, so I'm closing it. EVP_DigestSign and EVP_DigestVerify will have to be exposed to the FIPS provider for the EdDSA self-tests.
Also the case for Arch Linux with the `rust` and `rust-src` packages, sources installed in `/usr/lib/rustlib/src/rust/library/`.
> What this buys us is an almost complete dissociation of the exception mechanism from the FIPS provider. Keeping the FIPS provider clean is good because it's painful to modify....