Open paulidale opened 9 months ago
It must not be backported into openssl-3.1 branch by default, only in case the lab requires it.
See The "FIPS 140-3 IG" Section "C.K Transition from FIPS 186-4 to FIPS 186-5 and SP 800-186" They are all "soft transitions". See "Additional Comments" (1) .
It is verified in "Resolution" (5) that X25519/X448 are not permitted for SP800-56 key agreement.
@slontis However the Resolution (5) can be hardly interpreted as "transition", it is just a clarification of existing rules, IMO.
PR in https://github.com/openssl/openssl/pull/24099
Marking as done.
X25519 and X448 need to be moved to non-approved in FIPS 140-3, i.e. the properties have to be fips=no.
We've been queried about this numerous times. Our lab's response was that they are permitted but not approved.
Recently this become more clear that we will have to do this.