Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-67181

Hybrid ML-KEM doesn't work in FIPS mode

Linking RHIVOS CVEs to...Migration: Automation ...SWIFT: Generate New Ti...SWIFT: POC ConversionSync from "Extern...XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Obsolete
    • Icon: Normal Normal
    • None
    • rhel-10.0
    • oqsprovider
    • None
    • No
    • Moderate
    • rhel-security-crypto
    • ssg_security
    • None
    • False
    • False
    • Hide

      None

      Show
      None
    • None
    • None
    • None
    • None
    • None

      When system is running in FIPS mode, enabling "FIPS:TEST-PQ" doesn't enable the hybrid key exchanges.

      running:

      openssl s_server -key localhost.key -cert localhost.crt -www -groups SecP256r1MLKEM768:P-256

      makes it abort with:

      Call to SSL_CONF_cmd(-groups, SecP256r1MLKEM768:P-256) failed

              dbelyavs@redhat.com Dmitry Belyavskiy
              hkario@redhat.com Alicja Kario
              Dmitry Belyavskiy Dmitry Belyavskiy
              Alicja Kario Alicja Kario
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated:
                Resolved: