Demo: 2022-12-3
Prod: 2022-12-28
CLIENT-BREAKING CHANGE -- PLEASE SEE THE "KDA HKDF Sp800-56Cr2 and KDA TwoStep Sp800-56Cr2" SECTION OF THE RELEASE NOTES FOR A CLIENT-BREAKING CHANGE
- RSA decryptionPrimitive Sp800-56Br2 - New algorithm with improved testing, support for additional modulo and support for the CRT key format.
- KDA HKDF Sp800-56Cr2 and KDA TwoStep Sp800-56Cr2 - corrects the hybrid shared secret testing for these two algorithms. This is considered a client-breaking change as registrations for these algorithms will now require the
usesHybridSharedSecretregistration property to be provided to indicate whether a hybrid shared secret is being tested. If a hybrid shared secret is being tested, then the auxSharedSecretLen registration property is also required. The auxiliary shared secret is no longer treated as a potential component of the fixedInfoPattern, but rather Z prime = Z || T as per SP 800-56Cr2. Several new properties are also added at the test group level of the prompt file. For more information see the HKDF and TwoStep algorithm specification documents.
Prod Update: 2023-02-03
- FIPS 186-5 algorithms enabled on Prod, including EdDSA, Deterministic ECDSA, updated ECDAS and RSA testing.