Managing SignatureAlgorithms from configuration in the age of providers #23784
Replies: 6 comments 10 replies
-
I tag people presumably interested in proper behavior here @baentsch @tomato42 @t184256 |
Beta Was this translation helpful? Give feedback.
-
If the current behaviour incentivises |
Beta Was this translation helpful? Give feedback.
-
If I get it right you are saying that a typo in a config disables a security feature. This to me sounds very wrong. |
Beta Was this translation helpful? Give feedback.
-
@beldmit Would you mind sharing your config such as to use it as (or create a standalone) reproducer -- and maybe as test for eventual PR changing this behaviour? |
Beta Was this translation helpful? Give feedback.
-
Would providing a compile-time defaults for the SignatureAlgorithms (and friends) make the situation better? |
Beta Was this translation helpful? Give feedback.
-
@t8m, I made some experiments. I use Fedora rawhide (OpenSSL 3.2.1 + #23050 + #22779) I build oqsprovider from sources and run the test:
The test loads the config from the command line and the system config (see #23720). System config includes crypto policies defining the SignatureAlgorithms (only classic algorithms). Both system config and the test one contain the If I add a string not matching any algorithms to the crypto policy, the tests start passing. If I understand correctly, it means that any algorithm becomes available despite config_diagnostics (as OpenSSL doesn't know what is the SECLEVEL for PQ algorithms). |
Beta Was this translation helpful? Give feedback.
-
I use openssl master with #22779 (rebased, see #22779 (comment)) applied and make tests with oqsprovider. I have SignatureAlgorithms configured in the config file I test against.
Current behavior is:
?
as implemented by Ignore unknown sigalgs and groups in the configuration #23050), this algorithm (and I think, classic ones also) works, the other don'tI have the following questions:
Beta Was this translation helpful? Give feedback.
All reactions