We are currently beginning the process of Common Criteria certification of our SLES 12 SP2 product.
It has come to our attention that the current version of OpenSSL, v1.0.2j-60.11.2, is currently using RSA for key encapsulation (used as part of TLS) that will be non-approved starting in 2018. See section 6 of http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-131Ar1.pdf. Starting 2018, this needs to be as per SP 800-56B or else it will not be allowed.
As per the SLES 12 OpenSSL Security Policy (https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2435.pdf), Table 4 indicates that it is using RSA for key-wrapping using non-compliant schemes, which is allowed till 12/31/2017.
Starting 2018, RSA used for key-wrapping should be implemented as per SP 800-56B key transport scheme.
I would like to know when SUSE plans to update the RSA key encapsulation for OpenSSL provided by SLES 12 SP2.
