]> git.ipfire.org Git - thirdparty/openssl.git/commit
projects / thirdparty / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 86fd4c1) | patch
Disable DSA signing in the FIPS provider.
authorslontis <shane.lontis@oracle.com>
Thu, 4 Jul 2024 01:59:43 +0000 (11:59 +1000)
committerPauli <ppzgs1@gmail.com>
Thu, 25 Jul 2024 23:24:04 +0000 (09:24 +1000)
commit85caa417e0915aaae9fa6f87ccfa6c4c79b41dbb
treebfb57626e8af7a86422c162845873b61632d5608tree
parent86fd4c1df91e58d316c863b5160d18c0f80dc6accommit | diff
Disable DSA signing in the FIPS provider.

This is a FIPS 140-3 requirement.
This uses a FIP indicator if either the FIPS configurable "dsa_sign_disabled" is set to 0,
OR OSSL_SIGNATURE_PARAM_FIPS_SIGN_CHECK is set to 0 in the dsa signing context.

Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24799)
20 files changed:
apps/fipsinstall.c diff | blob | blame | history
doc/man1/openssl-fipsinstall.pod.in diff | blob | blame | history
doc/man7/EVP_SIGNATURE-DSA.pod diff | blob | blame | history
doc/man7/provider-signature.pod diff | blob | blame | history
include/openssl/fips_names.h diff | blob | blame | history
providers/common/include/prov/fipscommon.h diff | blob | blame | history
providers/common/include/prov/securitycheck.h diff | blob | blame | history
providers/fips/fipsprov.c diff | blob | blame | history
providers/fips/self_test_data.inc diff | blob | blame | history
providers/fips/self_test_kats.c diff | blob | blame | history
providers/implementations/signature/dsa_sig.c diff | blob | blame | history
test/acvp_test.c diff | blob | blame | history
test/evp_test.c diff | blob | blame | history
test/recipes/20-test_cli_fips.t diff | blob | blame | history
test/recipes/30-test_evp_data/evppkey_dsa.txt diff | blob | blame | history
test/recipes/80-test_cms.t diff | blob | blame | history
test/recipes/80-test_ssl_new.t diff | blob | blame | history
test/recipes/80-test_ssl_old.t diff | blob | blame | history
util/mk-fipsmodule-cnf.pl diff | blob | blame | history
util/perl/OpenSSL/paramnames.pm diff | blob | blame | history
Mirror of https://github.com/openssl/openssl.git