]> git.ipfire.org Git - thirdparty/openembedded/openembedded-core-contrib.git/commit
projects / thirdparty / openembedded / openembedded-core-contrib.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: c695edc) | patch
openssl: add fips support
authorYi Zhao <yi.zhao@windriver.com>
Fri, 9 May 2025 14:55:00 +0000 (22:55 +0800)
committerRichard Purdie <richard.purdie@linuxfoundation.org>
Thu, 15 May 2025 09:10:40 +0000 (10:10 +0100)
commit29979937e2d40885e7e91bb9a7e7dca6763e3d52
tree1017386bcaada50e564f03c646a89943e1738386tree | snapshot
parentc695edcc33ecd5bc01b5fc91ce08a87475a9ace9commit | diff
openssl: add fips support

* Add PACKAGECONFIG[fips] to enable fips build.
* Split a new package openssl-ossl-module-fips for fips.so.
* Add pkg_postinst_ontarget for openssl-ossl-module-fips to ensure the
  config file fipsmodule.cnf is created on target. This is because we
  should not use the same fipsmodule.cnf on different machines.
  The 'openssl fipsinstall' commandline in pkg_postinst_ontarget will do
  the following things:
  1. Run the FIPS module self tests on target.
  2. Generate config file fipsmodule.conf containing information about
     the FIPS module such as the calculated MAC of the module.

Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
meta/recipes-connectivity/openssl/openssl_3.5.0.bb diff | blob | blame | history
Mirror of git://git.openembedded.org/openembedded-core-contrib