summaryrefslogtreecommitdiff
path: root/doc/credentials/Makefile.am
diff options
context:
space:
mode:
authorDaiki Ueno <ueno@gnu.org>2020-06-26 10:21:26 +0200
committerDaiki Ueno <ueno@gnu.org>2020-08-31 08:12:54 +0200
commit07c80a2d677e9bebeaab0974deca21693fb173f6 (patch)
tree5649e5379af9508e9738081b3dca24cd2dccb561 /doc/credentials/Makefile.am
parentf643e418e5e5220fe2e332c99275808229ce59ae (diff)
downloadgnutls-07c80a2d677e9bebeaab0974deca21693fb173f6.tar.gz
dhe: check if DH params in SKE match the FIPS approved algorithms
SP800-56A rev. 3 restricts the FIPS compliant clients to use only approved DH parameters, defined in RFC 7919 and RFC 3526. This adds a check in the handling of ServerKeyExchange if DHE is negotiated. Signed-off-by: Daiki Ueno <ueno@gnu.org>
Diffstat (limited to 'doc/credentials/Makefile.am')
-rw-r--r--doc/credentials/Makefile.am24
1 files changed, 24 insertions, 0 deletions
diff --git a/doc/credentials/Makefile.am b/doc/credentials/Makefile.am
index ecdd57a106..25778856f6 100644
--- a/doc/credentials/Makefile.am
+++ b/doc/credentials/Makefile.am
@@ -31,3 +31,27 @@ EXTRA_DIST += srp-passwd.txt srp-tpasswd.conf
EXTRA_DIST += psk-passwd.txt
+EXTRA_DIST += \
+ dhparams/rfc2409-group-1-768.pem \
+ dhparams/rfc2409-group-2-1024.pem \
+ dhparams/rfc3526-group-14-2048.pem \
+ dhparams/rfc3526-group-15-3072.pem \
+ dhparams/rfc3526-group-16-4096.pem \
+ dhparams/rfc3526-group-17-6144.pem \
+ dhparams/rfc3526-group-18-8192.pem \
+ dhparams/rfc3526-group-5-1536.pem \
+ dhparams/rfc5054-1024.pem \
+ dhparams/rfc5054-1536.pem \
+ dhparams/rfc5054-2048.pem \
+ dhparams/rfc5054-3072.pem \
+ dhparams/rfc5054-4096.pem \
+ dhparams/rfc5054-6144.pem \
+ dhparams/rfc5054-8192.pem \
+ dhparams/rfc5114-group-22-1024.pem \
+ dhparams/rfc5114-group-23-2048.pem \
+ dhparams/rfc5114-group-24-2048.pem \
+ dhparams/rfc7919-ffdhe2048.pem \
+ dhparams/rfc7919-ffdhe3072.pem \
+ dhparams/rfc7919-ffdhe4096.pem \
+ dhparams/rfc7919-ffdhe6144.pem \
+ dhparams/rfc7919-ffdhe8192.pem
View Lorry Controller Status