Closed Bug 2017918 Opened 2 months ago Closed 2 months ago

FIPS indicators on HDKF needs to be restricted to TLS usage.

Categories

(NSS :: Libraries, enhancement, P3)

Product:
NSS
Component:
Libraries
Type:
enhancement

Tracking

(nss 3.122)

Status:
RESOLVED FIXED
Tracking Flags:
Tracking Status
nss --- 3.122

People

(Reporter: rrelyea, Assigned: rrelyea)

References

(Blocks 1 open bug)

Details

Attachments

(1 file)

Bug 2017918 FIPS indicators on HDKF needs to be restricted to TLS usage.
48 bytes, text/x-phabricator-request
Details

HKDF is only FIPS if it's used in a TLS use. We need to detect TLS type usage and turn off the indicator when it is used in another context.

Assignee: nobody → rrelyea
Blocks: 2017787
Severity: -- → N/A
Priority: -- → P3

HKDF is only FIPS if it's used in a TLS use. We need to detect TLS type usage and turn off the indicator when it is used in another context. We do this by tracking the source of the key and making sure a given key came from a TLS expected context, and by checking if the parameters pass match with parameters we expect from a FIPS context.

Status: NEW → ASSIGNED
Blocks: 2017788

Pushed by rrelyea@redhat.com:
https://hg.mozilla.org/projects/nss/rev/c290c99d848e
FIPS indicators on HDKF needs to be restricted to TLS usage.

Status: ASSIGNED → RESOLVED
Closed: 2 months ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: