]> git.ipfire.org Git - thirdparty/openssl.git/commit
projects / thirdparty / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: d484893) | patch
Change all existing FIPS configurable checks to use FIPS indicators.
authorslontis <shane.lontis@oracle.com>
Mon, 1 Jul 2024 01:36:58 +0000 (11:36 +1000)
committerPauli <ppzgs1@gmail.com>
Wed, 10 Jul 2024 22:29:43 +0000 (08:29 +1000)
commitc13ddf0a6c71efac8ef546f0d3632341afab3f07
tree8c87439328e16479f39457c639d5128b3c7bee02tree
parentd4848934a61a668d16078f3118786c9a741b7efdcommit | diff
Change all existing FIPS configurable checks to use FIPS indicators.

This changes the logic to always do the security checks and then decide
what to do based on if this passes or not. Failure of a check causes
either a failure OR the FIPS indicator callback to be triggered.

Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24623)
32 files changed:
doc/man7/EVP_ASYM_CIPHER-RSA.pod diff | blob | blame | history
doc/man7/EVP_KDF-TLS1_PRF.pod diff | blob | blame | history
doc/man7/EVP_KEM-RSA.pod diff | blob | blame | history
doc/man7/EVP_KEYEXCH-DH.pod diff | blob | blame | history
doc/man7/EVP_KEYEXCH-ECDH.pod diff | blob | blame | history
doc/man7/EVP_SIGNATURE-DSA.pod diff | blob | blame | history
doc/man7/EVP_SIGNATURE-ECDSA.pod diff | blob | blame | history
doc/man7/EVP_SIGNATURE-RSA.pod diff | blob | blame | history
doc/man7/provider-asym_cipher.pod diff | blob | blame | history
doc/man7/provider-kem.pod diff | blob | blame | history
doc/man7/provider-keyexch.pod diff | blob | blame | history
doc/man7/provider-rand.pod diff | blob | blame | history
doc/man7/provider-signature.pod diff | blob | blame | history
providers/common/include/prov/fipsindicator.h diff | blob | blame | history
providers/common/include/prov/securitycheck.h diff | blob | blame | history
providers/common/securitycheck.c diff | blob | blame | history
providers/common/securitycheck_default.c diff | blob | blame | history
providers/common/securitycheck_fips.c diff | blob | blame | history
providers/implementations/asymciphers/rsa_enc.c diff | blob | blame | history
providers/implementations/exchange/dh_exch.c diff | blob | blame | history
providers/implementations/exchange/ecdh_exch.c diff | blob | blame | history
providers/implementations/kdfs/tls1_prf.c diff | blob | blame | history
providers/implementations/kem/rsa_kem.c diff | blob | blame | history
providers/implementations/rands/drbg.c diff | blob | blame | history
providers/implementations/rands/drbg_ctr.c diff | blob | blame | history
providers/implementations/rands/drbg_hash.c diff | blob | blame | history
providers/implementations/rands/drbg_hmac.c diff | blob | blame | history
providers/implementations/rands/drbg_local.h diff | blob | blame | history
providers/implementations/signature/dsa_sig.c diff | blob | blame | history
providers/implementations/signature/ecdsa_sig.c diff | blob | blame | history
providers/implementations/signature/rsa_sig.c diff | blob | blame | history
util/perl/OpenSSL/paramnames.pm diff | blob | blame | history
Mirror of https://github.com/openssl/openssl.git