Add NIST security categories for symmetric ciphers and digests by paulidale · Pull Request #27612 · openssl/openssl · GitHub | Latest TMZ Celebrity News & Gossip | Watch TMZ Live
Skip to content

Add NIST security categories for symmetric ciphers and digests #27612

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 30 commits into
base: master
Choose a base branch
from
Open

Add NIST security categories for symmetric ciphers and digests #27612

wants to merge 30 commits into from
+2,122 −429

Conversation

paulidale
Copy link
Contributor

@paulidale paulidale commented May 14, 2025
edited
Loading

This is based over #27571 which is awaiting its second review.
Replaces #27556.

  • documentation is added or updated
  • tests are added or updated

@paulidale paulidale self-assigned this May 14, 2025
@paulidale paulidale added branch: master Merge to master branch triaged: feature The issue/pr requests/adds a feature severity: fips change The pull request changes FIPS provider sources tests: present The PR has suitable tests present severity: ABI change This pull request contains ABI changes extended tests Run extended tests in CI PQC Post Quantum Crypto related labels May 14, 2025
@paulidale paulidale force-pushed the security-categories branch from 9d57000 to d5d056d Compare May 14, 2025 00:57
@paulidale paulidale added the style: waived exempted from style checks label May 14, 2025
@paulidale paulidale force-pushed the security-categories branch 2 times, most recently from 65917e8 to 85b5ac1 Compare May 14, 2025 01:28
@paulidale paulidale marked this pull request as draft May 14, 2025 03:05
@paulidale paulidale force-pushed the security-categories branch 6 times, most recently from 1d0f69d to 9639de7 Compare May 14, 2025 04:02
@paulidale paulidale marked this pull request as ready for review May 14, 2025 04:14
@paulidale paulidale requested a review from a team May 14, 2025 07:03
@paulidale paulidale added the approval: review pending This pull request needs review by a committer label May 14, 2025
@paulidale paulidale changed the title Add NIST security categories for symmetric ciphers Add NIST security categories for symmetric ciphers and digests May 15, 2025
@paulidale paulidale mentioned this pull request May 15, 2025
Closed
@paulidale paulidale force-pushed the security-categories branch 2 times, most recently from b3d5f1a to fbb9ce5 Compare May 15, 2025 11:23
@slontis
Copy link
Member

slontis commented May 23, 2025

This is a bit hard to review until the other PR is reviewed (there are a ridiculous number of commits in here :))

@paulidale paulidale force-pushed the security-categories branch 3 times, most recently from ff32e47 to 77d9043 Compare May 27, 2025 08:15
paulidale added 21 commits July 3, 2025 08:51
@paulidale
evp_test: add tests for cipher security category
f73f969
@paulidale
test: add test data for testing cipher security categories
593daac
@paulidale
test: include security strength category information
913fe13
@paulidale
ciphers: add security strength category inforamtion to all legacy cip…
32bd0cd 
…hers
@paulidale
ciphers: add security strength category information to provided ciphers
27c43d3 
Some of the values for legacy ciphers might seem weird since they are one
rather than the more expected zero:

* IDEA
* SEED

Both meet the 128 bit strength requirement for category 1.
@paulidale
test: update evp_test to support security category checking for ciphers
c11dd40
@paulidale
cipher: add OSSL_CIPHER_PARAM_ENCRYPT_THEN_MAC parameter
07ac89f
@paulidale
Add two security category param names
13b468d
@paulidale
digest: convert common code to use TRIE param decoding
02e5c5f
@paulidale
evp: add security category defines and fields
defda12
@paulidale
evp: add EVP_MD_get_*_security_category() calls
547da44
@paulidale
export new public calls
21d2ea3
@paulidale
doc: document the new calls and underlying parameters
f2a56cd
@paulidale
digest: security category infrastructure
fab2032
@paulidale
digest: add security strength category inforamtion to all provided di…
fc847c5 
…gests
@paulidale
digest: add security strength category inforamtion to all legacy digests
402441e
@paulidale
evp_test: add digest security category support
c3ecbf7
@paulidale
evp_test: add digest security caterogy test data
fbd4803
@paulidale
evp_test: add digest security category data file to recipe
d80d57c
@paulidale
doc: Add changes entry
b739af5
@paulidale
update gitignore with new generated files
5b6a763
@paulidale paulidale force-pushed the security-categories branch from 86aec30 to 5b6a763 Compare July 2, 2025 23:06
@paulidale
Copy link
Contributor Author

Fairly clean rebase to current master.

@paulidale paulidale requested review from beldmit and a team July 3, 2025 01:12
beldmit
beldmit reviewed Jul 3, 2025
View reviewed changes
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@beldmit beldmit beldmit left review comments

@slontis slontis Awaiting requested review from slontis

At least 2 approving reviews are required to merge this pull request.

Assignees

@paulidale paulidale

Labels
approval: review pending This pull request needs review by a committer branch: master Merge to master branch extended tests Run extended tests in CI PQC Post Quantum Crypto related severity: ABI change This pull request contains ABI changes severity: fips change The pull request changes FIPS provider sources style: waived exempted from style checks tests: present The PR has suitable tests present triaged: feature The issue/pr requests/adds a feature
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@paulidale @slontis @beldmit

TMZ Celebrity News – Breaking Stories, Videos & Gossip

Looking for the latest TMZ celebrity news? You've come to the right place. From shocking Hollywood scandals to exclusive videos, TMZ delivers it all in real time.

Whether it’s a red carpet slip-up, a viral paparazzi moment, or a legal drama involving your favorite stars, TMZ news is always first to break the story. Stay in the loop with daily updates, insider tips, and jaw-dropping photos.

🎥 Watch TMZ Live

TMZ Live brings you daily celebrity news and interviews straight from the TMZ newsroom. Don’t miss a beat—watch now and see what’s trending in Hollywood.