Ecosyste.ms: Timeline
Browse the timeline of events for every public repo on GitHub. Data updated hourly from GH Archive.
jvdsn opened an issue on usnistgov/CMVP
WebCryptik SSP relationship types
Currently WebCryptik is quite limited in the SSP relationship types it supports. Of course there's the catch-all "Other" option, but it would be nice if the following could be added to the drop-dow...
jvdsn created a comment on a pull request on openssl/openssl
IG 10.3.A does say "generated/imported" but everywhere else consistently says generated. The requirement is inherited from FIPS 140-3 (actually ISO/IEC 19790) which explicitly only says generation....
jvdsn created a comment on a pull request on latchset/kryoptic
You might also need to think about hash algorithms for CKM_TLS_MAC/CKM_TLS12_MAC, CKM_PKCS5_PBKD2, CKM_RSA_PKCS_OAEP and PRFs for CKM_SP800_108_*_KDF. Also, do you support the extended master secret?
jvdsn created a comment on a pull request on latchset/kryoptic
> That is a good point. So I assume SHA2 and better are ok and SHA1 not or do we have some other limitations? Only SHA-256, SHA-384 or SHA-512 are approved at this point.
jvdsn created a review comment on a pull request on latchset/kryoptic
Is there any particular reason why TLSPRF::finish takes label and seed as one Vec instead of two parameters as defined in RFC 5246?
jvdsn created a comment on a pull request on latchset/kryoptic
I would personally be more concerned about the allowed hash functions, but maybe that's checked somewhere else that I didn't see.
jvdsn created a comment on a pull request on latchset/kryoptic
I don't think we as a lab currently enforce lower/upper bounds on the inputs for the TLS PRFs (since it's a pretty big mess to determine the right values). In any case the limits seem reasonable en...
jvdsn created a review comment on a pull request on latchset/kryoptic
SP 800-135r1 approves the KDFs only "in the context of the TLS protocol". So if there is no usecase for CKM_TLS[12]_KDF that is not already covered by the other mechanisms, then it should be non-ap...
jvdsn created a review comment on a pull request on latchset/kryoptic
Should this variable name be more specific?
jvdsn created a review comment on a pull request on latchset/kryoptic
What are the use cases for CKM_TLS12_KDF and CKM_TLS_KDF? We wouldn't consider those mechanisms as approved for FIPS unless there's a TLS protocol usecase that can't be done using MASTER_KEY_DERIVE...
jvdsn opened a pull request on smuellerDD/jitterentropy-library
No longer analyze (vetted) conditioning component
Since SHA3-256 is vetted, there won't be any conditioned data to analyze.
jvdsn pushed 1 commit to master jvdsn/jitterentropy-library
- No longer analyze (vetted) conditioning component 826336a
jvdsn pushed 23 commits to master jvdsn/jitterentropy-library
- Remove unused library Fixes #123. Signed-off-by: Stephan Mueller <[email protected]> 3201eea
- internal timer: add support on Apple Signed-off-by: Stephan Mueller <[email protected]> 2790b23
- tests: add -DJENT_CONF_ENABLE_INTERNAL_TIMER This compile time flag enables the internal timer support for the test ... 1182938
- Improve portability and compiler support Signed-off-by: Stephan Mueller <[email protected]> fa29de9
- Remove trailing variable construction Signed-off-by: Stephan Mueller <[email protected]> 6ff3dc5
- Modify the comment associated with JENT_APT_MASK to describe the current state of affairs with respect to truncation ... 4ccb6cb
- Add support for the JENT_CACHE_SHIFT_BITS macro, which allows the developer to request a larger memory region. In thi... 4078664
- Improvements for userspace hashtime collection. The existing tool always produces two columns of textual data, even ... 5e7286f
- Add a tool "jitterentropy-osr" that allows selection of a maximal osr bound that would be acceptable under the constr... 90b84d2
- Make the jitterentropy-osr tool output a bit more informative and consistent, and support automated use of the result... a69625e
- Tried to better distinguish between the osr bound, the various bounds on this bound, and the invariants that are used... 99f42ca
- Add a first set of guesses using linear interpolation. Signed-off-by: Stephan Mueller <[email protected]> b85993b
- Consistently update minTime when minBound is updated. Signed-off-by: Stephan Mueller <[email protected]> 37d87d9
- Add support for SunPRO compiler Signed-off-by: Adam Gorak <[email protected]> Signed-off-by: Stephan Mueller ... 550c1eb
- Replace sed with tr in Makefile. According to POSIX, \n is not supported in the sed(1) substitute function. The UNI... 2e51539
- Document changes Signed-off-by: Stephan Mueller <[email protected]> fee585d
- compile fix: variable time -> time_now The variable was updated, but in a code path disabled by default, one update ... 8abd82a
- prepare release 3.6.1 Signed-off-by: Stephan Mueller <[email protected]> 16c9e5c
- Call EATOOL with options before arguments. It is a GNU extension that getopt(3) sorts the command line options in fr... df2b28e
- EATOOL_NONIID variable name is misleading. In validation-restart processdata.sh script, the variable EATOOL_NONIID c... 83efded
- and 3 more ...
jvdsn created a comment on an issue on usnistgov/ACVP-Server
> Based on your initial feedback, how long has this been a problem? In my experience this morning (~9 am CST), I've requested test vectors that I never got. It might've been ongoing earlier, or ma...
jvdsn created a comment on an issue on usnistgov/ACVP
Obviously, this becomes very interesting if the hash algorithms contains all 12 algorithms supported by the server. 12 x 12 (external) + 12 (internal) = 156 test groups!?
jvdsn created a comment on an issue on usnistgov/ACVP
@smuellerDD just to clarify, mixing and matching preHash and pure requests does work, but it seems like the server doesn't like it if you provide multiple capabilities. So what you'd do is somethi...
jvdsn created a comment on an issue on usnistgov/ESV-Server
@jarnold01 yes, this hotfix addresses the issue. Thanks.
jvdsn closed an issue on usnistgov/ESV-Server
LabNameIsInvalid: Lab name entropyId is null or empty for Lab Id 2.
I get the below response from the ESV server when trying to certify "eaId":1813: ``` [ { "esvVersion": "1.0" }, { "status": "error", "errors": { "errorList": [ "Lab...
jvdsn opened a pull request on usnistgov/ESV-Server
Fix run_type submit
Let me know if you need anything copyright-related from me to merge this. As far as I'm concerned, this change is released in the public domain.
jvdsn opened an issue on usnistgov/ESV-Server
LabNameIsInvalid: Lab name entropyId is null or empty for Lab Id 2.
I get the below response from the ESV server when trying to certify "eaId":1813: ``` [ { "esvVersion": "1.0" }, { "status": "error", "errors": { "errorList": [ "Lab...
jvdsn created a comment on an issue on usnistgov/ACVP-Server
It seems like commenting it out works, but I'm still curious to know what it's used for.
jvdsn opened an issue on usnistgov/ACVP-Server
teamcity.itl.nist.gov not available
Since version 1.1.0.37, teamcity.itl.nist.gov is included in nuget.config, however this domain name does not resolve (presumably it's internal - itl). Is there a workaround to develop ACVP Server w...