-
Notifications
You must be signed in to change notification settings - Fork 108
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
DSA no longer approved for signature generation by FIPS 186-5 #858
Comments
Moving to verification only, possibly placing signing under a |
I tried to put signing under I don't think it's a good idea to put all those tests under Any other possible approach? |
It's fine to gate the tests on the corresponding feature. They won't work unless the feature is enabled. |
Please have a look at PR #859 There are two main issues there:
|
You can also feature gate the examples. Here's an example of a pattern we use to do this: https://github.com/RustCrypto/SSH/blob/f741cf0/ssh-key/src/lib.rs#L44-L45 |
I think we are talking about different "examples". In my case example is just a binary crate, binary crate must have "main" function. So, the error I get is this:
Of course, I can add dummy "main", but I'm not sure if it makes sense. |
You can use |
done. please have a look at PR #859 |
FIPS 186-4 referenced in README.md has been superseded by FIPS 186-5 which no longer approves DSA for digital signature generation. DSA may be used only to verify already existing signatures.
Link:
https://csrc.nist.gov/pubs/fips/186-5/final
Should we add this information as part of README.md?
The text was updated successfully, but these errors were encountered: