Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-95221

ML-DSA should be approved and covered by self-tests in FIPS mode

Linking RHIVOS CVEs to...Migration: Automation ...Sync from "Extern...XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Normal Normal
    • None
    • rhel-10.1
    • gnutls
    • None
    • No
    • Moderate
    • rhel-security-crypto-spades
    • ssg_security
    • None
    • False
    • False
    • Hide

      None

      Show
      None
    • None
    • None
    • None
    • None
    • Unspecified
    • Unspecified
    • Unspecified
    • None

      What were you trying to do that didn't work?

      In FIPS mode, generate ML-DSA keys (upstream test privkey-keygen)

      Please provide the package NVR for which the bug is seen:

      gnutls-3.8.9-16.el10

      How reproducible is this bug?:

      Reliably

      Expected results

      Can generate ML-DSA keys, indicator is approved, algorithm has sufficient self-tests.

      Actual results

      Can generate ML-DSA keys, indicator is approved, algorithm has insufficient self-tests.

      Next update it's gonna become unapproved because of https://gitlab.com/gnutls/gnutls/-/merge_requests/1945, but we want ML-DSA self-tests and the algorithm approved: https://gitlab.com/gnutls/gnutls/-/issues/1689

              dueno@redhat.com Daiki Ueno
              asosedki@redhat.com Alexander Sosedkin
              Daiki Ueno Daiki Ueno
              Alexander Sosedkin Alexander Sosedkin
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Created:
                Updated: