diff options
author | Jakub Jelen <jjelen@redhat.com> | 2021-09-17 15:03:57 +0200 |
---|---|---|
committer | Werner Koch <wk@gnupg.org> | 2021-09-20 08:32:25 +0200 |
commit | 3f4dd47ba74e0a9f18feba1809eeddff8790707e (patch) | |
tree | 1cf12a0335311635de85df031ba0e65d4a82d8d6 /doc/gcrypt.texi | |
parent | edbc1dd10bc3e1fcc0e355fe1a9c4c8769f51daf (diff) | |
download | libgcrypt-3f4dd47ba74e0a9f18feba1809eeddff8790707e.tar.gz |
Remove the forced fips mode
* cipher/rsa.c (generate_fips): Drop reference to enforced fips mode and
use normal FIPS mode check
* doc/gcrypt.texi: Drop references to enforced FIPS mode
* src/fips.c (enforced_fips_mode): Removed
(_gcry_initialize_fips_mode): Remove reading of the FIPS_FORCE_FILE
to enforce FIPS mode
(_gcry_enforced_fips_mode): Remove
(_gcry_set_enforced_fips_mode): Remove
* src/g10lib.h (_gcry_enforced_fips_mode): Remove declaration
(_gcry_set_enforced_fips_mode): Remova declaration
* src/global.c (print_config): Remove the forced fips flag
(_gcry_vcontrol): Deprecate GCRYCTL_SET_ENFORCED_FIPS_FLAG
(get_no_secure_memory): Ignore the option in FIPS mode
--
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
(_gcry_vcontrol): Simply ignore GCRYCTL_SET_ENFORCED_FIPS_FLAG.
Signed-off-by: Werner Koch <wk@gnupg.org>
GnuPG-bug-id: 5244
Diffstat (limited to 'doc/gcrypt.texi')
-rw-r--r-- | doc/gcrypt.texi | 42 |
1 files changed, 8 insertions, 34 deletions
diff --git a/doc/gcrypt.texi b/doc/gcrypt.texi index 6ef68884..4d7d93f1 100644 --- a/doc/gcrypt.texi +++ b/doc/gcrypt.texi @@ -535,21 +535,6 @@ initialization (i.e. before @code{gcry_check_version}). @end itemize -@cindex Enforced FIPS mode - -In addition to the standard FIPS mode, Libgcrypt may also be put into -an Enforced FIPS mode by writing a non-zero value into the file -@file{/etc/gcrypt/fips_enabled} or by using the control command -@code{GCRYCTL_SET_ENFORCED_FIPS_FLAG} before any other calls to -libgcrypt. The Enforced FIPS mode helps to detect applications -which don't fulfill all requirements for using -Libgcrypt in FIPS mode (@pxref{FIPS Mode}). - -Once Libgcrypt has been put into FIPS mode, it is not possible to -switch back to standard mode without terminating the process first. -If the logging verbosity level of Libgcrypt has been set to at least -2, the state transitions and the self-tests are logged. - @node Hardware features @section How to disable hardware features @cindex hardware features @@ -677,10 +662,8 @@ to disable secure memory is to use @code{GCRYCTL_DISABLE_SECMEM} right after initialization. @item GCRYCTL_DISABLE_SECMEM; Arguments: none -This command disables the use of secure memory. If this command is -used in FIPS mode, FIPS mode will be disabled and the function -@code{gcry_fips_mode_active} returns false. However, in Enforced FIPS -mode this command has no effect at all. +This command disables the use of secure memory. In FIPS mode this command +has no effect at all. Many applications do not require secure memory, so they should disable it right away. This command should be executed right after @@ -889,13 +872,7 @@ application switch the library into FIPS mode. Note that Libgcrypt will reject an attempt to switch to fips mode during or after the initialization. @item GCRYCTL_SET_ENFORCED_FIPS_FLAG; Arguments: none -Running this command sets the internal flag that puts the library into -the enforced FIPS mode during the FIPS mode initialization. This command -does not affect the library if the library is not put into the FIPS mode and -it must be used before any other libgcrypt library calls that initialize -the library such as @code{gcry_check_version}. Note that Libgcrypt will -reject an attempt to switch to the enforced fips mode during or after -the initialization. +This command is obsolete and has no effect; do not use it. @item GCRYCTL_SET_PREFERRED_RNG_TYPE; Arguments: int These are advisory commands to select a certain random number @@ -6771,18 +6748,15 @@ On-the-fly self-tests are not performed, instead self-tests are run before entering operational state. @item -The function @code{gcry_set_allocation_handler} may not be used. If -it is used Libgcrypt disables FIPS mode unless Enforced FIPS mode is -enabled, in which case Libgcrypt will enter the error state. +The function @code{gcry_set_allocation_handler} may not be used. In FIPS mode +this function does not have any effect, because FIPS has a requirements for +memory zeroization. @item -The digest algorithm MD5 may not be used. If it is used Libgcrypt -disables FIPS mode unless Enforced FIPS mode is enabled, in which case -Libgcrypt will enter the error state. +The digest algorithm MD5 may not be used. @item -In Enforced FIPS mode the command @code{GCRYCTL_DISABLE_SECMEM} is -ignored. In standard FIPS mode it disables FIPS mode. +In FIPS mode the command @code{GCRYCTL_DISABLE_SECMEM} is ignored. @item A handler set by @code{gcry_set_outofcore_handler} is ignored. |