Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Analyze and test CC/FIPS140 certificates for non-standard vendor-specific algorithm constants #263

Open
petrs opened this issue May 31, 2023 · 0 comments
Open

Analyze and test CC/FIPS140 certificates for non-standard vendor-specific algorithm constants #263

petrs opened this issue May 31, 2023 · 0 comments
Labels
enhancement

Comments

@petrs
Copy link
Member

petrs commented May 31, 2023

Example: Oberthur ID-One Cosmo128 v5.5 D, security policy document
https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp944.pdf
2.3.2 Additional Cryptographic Algorithms

Alternative: Scan whole range of constants for a given algorithm build factory-style method

Examples from Oberthur ID-One Cosmo128 v5.5 D, security policy document
ALG_SHA_224 (0x08) Message Digest operationsALG_SHA_CHAIN (0x81)
ALG_SHA2_CHAIN (0x82)
Elliptic Curves ALG_ECDSA_SHA224(0x21)
GF(p) algorithm
Signature/verification operations
Elliptic Curves ALG_ECDSA_SHA256(0x22)
Elliptic Curves ALG_ECDSA_SHA384(0x23)
ALG_ECDSA_SHA_LDS (0x25)
ALG_ECDSA_SHA256_LDS(0x26)
ALG_ECDSA_SHA384_LDS(0x27)
Diffie-Hellman KEYAGREEMENT_ALGO_RSA(0x81) Key Agreement OperationsDiffie-Hellman ALG_EC_SVDP_DH_GK (0x82)
Diffie-Hellman ALG_EC_SVDP_DHC_GK (0x83)
Non-Deterministic Random Number Generator (NDRNG) Hardware Seed Generation for
the Deterministic RNG
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@petrs