Closed Bug 372162 Opened 15 years ago Closed 13 years ago
shlibsign should be a stand-alone program that generates HMAC-SHA-256 .chk files
OpenSSL's FIPS 140-2 validation (Cert# 642 and Cert# 733) showed that HMAC-SHA-1 with a hardcoded HMAC key is an acceptable authentication technique for the software/firmware integrity test of FIPS 140-2. The biggest advantage of HMAC over DSA is that HMAC does not require a big num library, so we can create a stand-alone, self-contained SHA-x and HMAC implementation easily. For example, NSS has a stand-alone implementation of SHA-1 in http://lxr.mozilla.org/security/source/security/nss/lib/freebl/sha.h http://lxr.mozilla.org/security/source/security/nss/lib/freebl/sha.c (For the hash function, I suggest that we use SHA-256 rather than SHA-1.) This would solve the cross-compilation problem we have with shlibsign. (We would compile the stand-alone shlibsign program for the host platform.) This would also fix bug 305693 and bug 347037 as a by-product. The cost would be that we'll need to validate the stand-alone SHA-256 and HMAC implementations.
Just wanted to clarify -- the validation of SHA-256 and HMAC that I referred to is *algorithm* validation, which is much simpler than *cryptographic module* validation.
Status: NEW → RESOLVED
Closed: 13 years ago
Resolution: --- → WONTFIX
Draft FIPS 140-3 has a new requirement that DSA be used in the Software Integrity Test at Level 2. We should not change shlibsign to use HMAC-SHA-256 because this potential new requirement.
You need to log in before you can comment on or make changes to this bug.