git.ipfire.org Git - thirdparty/openssl.git/commit

author	Dimitri John Ledkov <dimitri.ledkov@surgut.co.uk>
	Thu, 14 Nov 2024 12:03:10 +0000 (12:03 +0000)
committer	Tomas Mraz <tomas@openssl.org>
	Fri, 22 Nov 2024 13:26:01 +0000 (14:26 +0100)
commit	635bf4946a7e948f26a348ddc3b5a8d282354f64
tree	97a388f423042d0e23b3933a2e9678269913ffb4	tree
parent	5946465a8745069afc6db1135e42a3cd718a37dc	commit \| diff

fips: remove redundant RSA encrypt/decrypt KAT

FIPS 140-2 IG D.9 has become FIPS 140-3 D.G (see "Mapping FIPS 140-2
IGs to FIPS 140-3" in the FIPS 140-3 IG).

The requirements w.r.t. RSA KATs have now been relaxed, meaning that
existing full-message RSA signature verification (which is performed
separately) is sufficient to meet KAT requirements for all RSA
usecases (KEM/Encrypt/Decrypt/Sign/Verify).

Dropping this KAT is very useful, because it is large/expensive on
module startup, but also because it enables in the future to block RSA
Encrypt/Decrypt operations with paddings other than OAEP, which are
legacy or deprecated by either current or draft algorithm transition
SP.

Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25988)

providers/fips/self_test_data.inc		diff \| blob \| blame \| history
providers/fips/self_test_kats.c		diff \| blob \| blame \| history
test/recipes/03-test_fipsinstall.t		diff \| blob \| blame \| history