12345678910111213141516171819202122232425262728293031 |
- A "wish list" of changes we'd like to make to the FIPS module if we could.
- Note the CMVP requires retesting of all previously tested platforms
- ("Operational Environments") to implement any changes considered "cryptographically
- significant". Since the OpenSSL FIPS module v2.0 has some 250 such formally
- tested platforms (and counting), retesting just isn't logistically or economically
- feasible.
- --------
- https://github.com/openssl/openssl/pull/4157
- From 2017-08-14, Fix GCM MAC computation for AES-GCM by srahul123
- cryptographically significant, not fixable
- --------
- Andy Polyakov: harmonize with __thumb__ clause in FIPS_ref_point() (#3354),
- https://patch-diff.githubusercontent.com/raw/openssl/openssl/pull/3354.patch
- https://github.com/openssl/openssl/pull/3354#pullrequestreview-36086406
- May be possible to introduce in future change letter
- --------
- CVE-2016-0701
- cryptographically significant, not fixable
- --------
- CVE-2014-0076
- cryptographically significant, not fixable
- --------
- "Lucky 13", CVE-2013-0169
- cryptographically significant, not fixable
- --------
|