[ << ] | [ < ] | [ Up ] | [ > ] | [ >> ] | [Top] | [Contents] | [Index] | [ ? ] |
B.1 Restrictions in FIPS Mode
If Libgcrypt is used in FIPS mode these restrictions are effective:
-
The cryptographic algorithms are restricted to this list:
- GCRY_CIPHER_3DES
3 key EDE Triple-DES symmetric encryption.
- GCRY_CIPHER_AES128
AES 128 bit symmetric encryption.
- GCRY_CIPHER_AES192
AES 192 bit symmetric encryption.
- GCRY_CIPHER_AES256
AES 256 bit symmetric encryption.
- GCRY_MD_SHA1
SHA-1 message digest.
- GCRY_MD_SHA224
SHA-224 message digest.
- GCRY_MD_SHA256
SHA-256 message digest.
- GCRY_MD_SHA384
SHA-384 message digest.
- GCRY_MD_SHA512
SHA-512 message digest.
- GCRY_MD_SHA1,GCRY_MD_FLAG_HMAC
HMAC using a SHA-1 message digest.
- GCRY_MD_SHA224,GCRY_MD_FLAG_HMAC
HMAC using a SHA-224 message digest.
- GCRY_MD_SHA256,GCRY_MD_FLAG_HMAC
HMAC using a SHA-256 message digest.
- GCRY_MD_SHA384,GCRY_MD_FLAG_HMAC
HMAC using a SHA-384 message digest.
- GCRY_MD_SHA512,GCRY_MD_FLAG_HMAC
HMAC using a SHA-512 message digest.
- GCRY_PK_RSA
RSA encryption and signing.
- GCRY_PK_DSA
DSA signing.
Note that the CRC algorithms are not considered cryptographic algorithms and thus are in addition available.
- RSA key generation refuses to create a key with a keysize of less than 1024 bits.
- DSA key generation refuses to create a key with a keysize other than 1024 bits.
-
The
transient-key
flag for RSA and DSA key generation is ignored. - Support for the VIA Padlock engine is disabled.
- FIPS mode may only be used on systems with a /dev/random device. Switching into FIPS mode on other systems will fail at runtime.
- Saving and loading a random seed file is ignored.
- An X9.31 style random number generator is used in place of the large-pool-CSPRNG generator.
-
The command
GCRYCTL_ENABLE_QUICK_RANDOM
is ignored. - Message digest debugging is disabled.
- All debug output related to cryptographic data is suppressed.
- On-the-fly self-tests are not performed, instead self-tests are run before entering operational state.
-
The function
gcry_set_allocation_handler
may not be used. If it is used Libgcrypt disables FIPS mode unless Enforced FIPS mode is enabled, in which case Libgcrypt will enter the error state. - The digest algorithm MD5 may not be used. If it is used Libgcrypt disables FIPS mode unless Enforced FIPS mode is enabled, in which case Libgcrypt will enter the error state.
-
In Enforced FIPS mode the command
GCRYCTL_DISABLE_SECMEM
is ignored. In standard FIPS mode it disables FIPS mode. -
A handler set by
gcry_set_outofcore_handler
is ignored. -
A handler set by
gcry_set_fatalerror_handler
is ignored.
Note that when we speak about disabling FIPS mode, it merely means
that the function gcry_fips_mode_active
returns false; it does
not mean that any non FIPS algorithms are allowed.
[ << ] | [ < ] | [ Up ] | [ > ] | [ >> ] | [Top] | [Contents] | [Index] | [ ? ] |
This document was generated on February 9, 2014 using texi2html 5.0.