Re: SHA1 Hashing in FIPS Provider

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Fri, 2022-02-11 at 08:35 +0000, Kevin Millson wrote:
> Hello OpenSSL Users,
>  
> I’m trying to use SHA1 message digest hashing in combination with the
> FIPS provider, but seem to be running into issues. My code looks like
> the following:
>  
> EVP_PKEY* privateKey = getPrivateKey();
> EVP_MD_CTX* mdContex = EVP_MD_CTX_new();
> if (mdContex != NULL) {
>       const EVP_MD* messageDigest = EVP_MD_fetch(NULL, "SHA-1",
> "provider=fips");
>       if (EVP_DigestSignInit(mdContex, NULL, messageDigest, NULL,
> privateKey) == 1) {
>             std::cout << "Success";
>       } else {
>             std::cout << "EVP_DigestSignInit failed";
>       }
> EVP_MD_CTX_free(mdContex);
> }
>  
> The call to EVP_DigestSignInit() always fails. If I switch to SHA-256
> then it works fine. I thought SHA-1 wasn’t allowed for raw sign
> operations, but was still okay for message digests calculated via the
> EVP_MD related methods, is that thinking incorrect? And in fact, all
> use of SHA-1 with FIPS is disallowed?

With FIPS SHA-1 is disallowed for signing. SHA-1 is allowed in other
contexts than signing. It is allowed for legacy purposes in
verification of signatures, it is also allowed in HMACs.

-- 
Tomáš Mráz, OpenSSL





[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux