Loading...

Linking RHIVOS CVEs to...

Migration: Automation ...

SWIFT: Generate New Ti...

SWIFT: POC Conversion

Sync from "Extern...

XML

Word

Printable

Type: Bug
Resolution: Done-Errata
Priority: Normal
Fix Version/s: rhel-10.1
Affects Version/s: rhel-10.0
Component/s: openssl
Labels:
- Accepted
- CY25Q3
- Committed
- rn-yml

Fixed in Build:
openssl-3.5.1-1.el10
Regression:
No
Severity:
Low
Epic Link:
CRYPTO-15725
sprint_count:
2

AssignedTeam:
rhel-security-crypto
Sub-System Group:

ssg_security

Internal Target Milestone:
26
Story Points:
0.5
ACKs Check:

QE ack, Dev ack
Blocked:
False
Ready:
False
Blocked Reason:

Hide

None

Show
None
Product Documentation Required:
Yes
Sprint:
Crypto25Q2, Crypto25July

Acceptance Criteria:

Hide

For both ML-DSA and ML-KEM algorithms:
1. OpenSSL is able to read files created by the oqsprovider we shipped in RHEL-10.0 and convert them to the "expandedKey" IETF format

Show
For both ML-DSA and ML-KEM algorithms: 1. OpenSSL is able to read files created by the oqsprovider we shipped in RHEL-10.0 and convert them to the "expandedKey" IETF format
Preliminary Testing:
Pass
Errata Link:
https://errata.engineering.redhat.com/advisory/148482
Gating Tests:

Not Needed
Test Coverage:

Automated

Release Note Type:
Enhancement
Release Note Text:

Hide
.OpenSSL 3.5 uses standard format for ML-KEM and ML-DSA

In RHEL 10.0, the `oqsprovider` library used a pre-standard format for the Module-Lattice-Based Key-Encapsulation Mechanism (ML-KEM) and the Module-Lattice-Based Digital Signature Algorithm (ML-DSA) private keys. With the rebase to OpenSSL 3.5, you must convert the ML-KEM and ML-DSA keys to the standard format by using the following command:

----
# openssl pkcs8 -in <old_private_key> -nocrypt -topk8 -out <standard_private_key>
----

Replace `<old_private_key>` with the path to the non-standard private key, and `<standard_private_key>` with the path where the standard key will be saved.

Show
.OpenSSL 3.5 uses standard format for ML-KEM and ML-DSA In RHEL 10.0, the `oqsprovider` library used a pre-standard format for the Module-Lattice-Based Key-Encapsulation Mechanism (ML-KEM) and the Module-Lattice-Based Digital Signature Algorithm (ML-DSA) private keys. With the rebase to OpenSSL 3.5, you must convert the ML-KEM and ML-DSA keys to the standard format by using the following command: ---- # openssl pkcs8 -in <old_private_key> -nocrypt -topk8 -out <standard_private_key> ---- Replace `<old_private_key>` with the path to the non-standard private key, and `<standard_private_key>` with the path where the standard key will be saved.
Release Note Status:
Done
ProdDocsReview-CCS:
Unspecified
ProdDocsReview-Dev:
Unspecified
ProdDocsReview-QE:
Unspecified

Experience:

PX Impact Score:
SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

Planning:
None

oqsprovider shipped in RHEL10 creates private keys in its own format that doesn't correspond the IETF ones we expect.

After rebasing to OpenSSL 3.5 we need to verify that we can convert it and document the way how to convert into smth more standard.

is blocked by

RHEL-80811 Rebase OpenSSL to 3.5

Closed

is related to

RHEL-72719 oqsprovider stores ML-KEM and ML-DSA private keys in non-standard format

Closed

links to

RHBA-2025:148482 openssl bug fix and enhancement update

Assignee:: Dmitry Belyavskiy

Reporter:: Dmitry Belyavskiy

Developer:: Dmitry Belyavskiy

QA Contact:: Georgios Stavros Pantelakis

Doc Contact:: Jan Fiala

Votes:: 0 Vote for this issue

Watchers:: 7 Start watching this issue

Created:: 2025/03/07 1:00 PM

Updated:: 2025/11/11 8:43 AM

Resolved:: 2025/11/11 8:43 AM

Target end:: 2025/08/25

Next Planned Release Date:: 2025/11/11

Release Date:: 2025/11/11

Details

Description

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates