Replies: 4 comments
-
|
Beta Was this translation helpful? Give feedback.
0 replies
-
|
"RSA SSA" in SPDM spec means "RSASSA-PKCS1 v1.5". |
Beta Was this translation helpful? Give feedback.
0 replies
-
|
Discussed with Xiaoyu, we are thinking to introduce another MACRO -
|
Beta Was this translation helpful? Give feedback.
0 replies
-
|
Status summary:
|
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
Uh oh!
There was an error while loading. Please reload this page.
-
Ref: #1260
Ref: https://icmconference.org/wp-content/uploads/C22b-RuanX.pdf
background
openssl
Openssl 3.0 info
https://www.openssl.org/docs/fips.html
https://www.openssl.org/docs/man3.0/man7/fips_module.html
Legacy Openssl 1.1 info
https://beta.openssl.org/docs/fips.html
https://beta.openssl.org/docs/fips/UserGuide-2.0.pdf
NIST doc
https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4282.pdf
API
https://github.com/openssl/openssl/blob/OpenSSL-fips-2_0-stable/fips/fips.h
mbedtls
https://mbed-tls.readthedocs.io/en/latest/kb/generic/is-mbedtls-fips-certified/
FIPS 140-2 certification Mbed-TLS/mbedtls#5995
wolfssl
info
https://www.wolfssl.com/license/fips/
https://www.wolfssl.com/docs/fips-ready-user-guide/
NIST doc
https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3389.pdf
API
wolfssl-5.5.3-gplv3-fips-ready\wolfssl\wolfcrypt\fips.h
TPM
https://trustedcomputinggroup.org/resource/tcg-fips-140-2-guidance-for-tpm-2-0/
proposal
Design
Reference:
[1] Implementation Guide: https://csrc.nist.gov/CSRC/media/Projects/cryptographic-module-validation-program/documents/fips%20140-3/FIPS%20140-3%20IG.pdf
[2] Cryptographic Algorithm Validation Program (CAVP): https://csrc.nist.gov/Projects/cryptographic-algorithm-validation-program
[3] Cryptographic Module Validation Program (CMVP): https://csrc.nist.gov/Projects/cryptographic-module-validation-program
[4] CMVP Approved Security Functions: https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-140Cr1.pdf
[5] CMVP Approved Sensitive Security Parameter Generation and Establishment Methods: https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-140Dr1.pdf
[6] Cryptographic Standards and Guidelines (Examples with Intermediate Values): https://csrc.nist.gov/projects/cryptographic-standards-and-guidelines/example-values
SM2-key-exchange (*)
GB/T 32918.4-2016, GB/T 32918.5-2016, ISO/IEC 14888-3:2018
It maybe Known Answer Test (KAT) or Pairwise Consistency Test (PCT).
The Test Vector (KAT) can be found at [2] and [6].
It uses HMAC-SHA-256, TBD.
Implementation
Beta Was this translation helpful? Give feedback.
All reactions