diff options
author | Daiki Ueno <ueno@gnu.org> | 2020-06-26 10:21:26 +0200 |
---|---|---|
committer | Daiki Ueno <ueno@gnu.org> | 2020-06-27 12:57:09 +0200 |
commit | 3f4532862bf9140976d970ab14e102cede61d1c7 (patch) | |
tree | e7f66327cb9a9dd1463b24a3446cb673b14a6a1f /doc/credentials/Makefile.am | |
parent | 481e48f3236be42ff1fcb96f96c4efcbb2b69242 (diff) | |
download | gnutls-tmp-sp800-56ar3.tar.gz |
dhe: check if DH params in SKE match the FIPS approved algorithmstmp-sp800-56ar3
SP800-56A rev. 3 restricts the FIPS compliant clients to use only
approved DH parameters, defined in RFC 7919 and RFC 3526. This adds a
check in the handling of ServerKeyExchange if DHE is negotiated.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Diffstat (limited to 'doc/credentials/Makefile.am')
-rw-r--r-- | doc/credentials/Makefile.am | 24 |
1 files changed, 24 insertions, 0 deletions
diff --git a/doc/credentials/Makefile.am b/doc/credentials/Makefile.am index ecdd57a106..25778856f6 100644 --- a/doc/credentials/Makefile.am +++ b/doc/credentials/Makefile.am @@ -31,3 +31,27 @@ EXTRA_DIST += srp-passwd.txt srp-tpasswd.conf EXTRA_DIST += psk-passwd.txt +EXTRA_DIST += \ + dhparams/rfc2409-group-1-768.pem \ + dhparams/rfc2409-group-2-1024.pem \ + dhparams/rfc3526-group-14-2048.pem \ + dhparams/rfc3526-group-15-3072.pem \ + dhparams/rfc3526-group-16-4096.pem \ + dhparams/rfc3526-group-17-6144.pem \ + dhparams/rfc3526-group-18-8192.pem \ + dhparams/rfc3526-group-5-1536.pem \ + dhparams/rfc5054-1024.pem \ + dhparams/rfc5054-1536.pem \ + dhparams/rfc5054-2048.pem \ + dhparams/rfc5054-3072.pem \ + dhparams/rfc5054-4096.pem \ + dhparams/rfc5054-6144.pem \ + dhparams/rfc5054-8192.pem \ + dhparams/rfc5114-group-22-1024.pem \ + dhparams/rfc5114-group-23-2048.pem \ + dhparams/rfc5114-group-24-2048.pem \ + dhparams/rfc7919-ffdhe2048.pem \ + dhparams/rfc7919-ffdhe3072.pem \ + dhparams/rfc7919-ffdhe4096.pem \ + dhparams/rfc7919-ffdhe6144.pem \ + dhparams/rfc7919-ffdhe8192.pem |