mirror of https://github.com/openssl/openssl
32 lines
1.0 KiB
Plaintext
32 lines
1.0 KiB
Plaintext
A "wish list" of changes we'd like to make to the FIPS module if we could.
|
|
Note the CMVP requires retesting of all previously tested platforms
|
|
("Operational Environments") to implement any changes considered "cryptographically
|
|
significant". Since the OpenSSL FIPS module v2.0 has some 250 such formally
|
|
tested platforms (and counting), retesting just isn't logistically or economically
|
|
feasible.
|
|
|
|
--------
|
|
https://github.com/openssl/openssl/pull/4157
|
|
From 2017-08-14, Fix GCM MAC computation for AES-GCM by srahul123
|
|
cryptographically significant, not fixable
|
|
|
|
--------
|
|
Andy Polyakov: harmonize with __thumb__ clause in FIPS_ref_point() (#3354),
|
|
https://patch-diff.githubusercontent.com/raw/openssl/openssl/pull/3354.patch
|
|
https://github.com/openssl/openssl/pull/3354#pullrequestreview-36086406
|
|
May be possible to introduce in future change letter
|
|
|
|
--------
|
|
CVE-2016-0701
|
|
cryptographically significant, not fixable
|
|
|
|
--------
|
|
CVE-2014-0076
|
|
cryptographically significant, not fixable
|
|
|
|
--------
|
|
"Lucky 13", CVE-2013-0169
|
|
cryptographically significant, not fixable
|
|
|
|
--------
|