mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2025-01-06 13:26:43 +08:00
Code Issues Packages Projects Releases Wiki Activity
07e4d7f474
openssl/providers/fips
History
slontis 07e4d7f474 Add RSA Signature restrictions for X9.31 padding in the FIPS provider. 
In FIPS 140-3, RSA Signing with X9.31 padding is not approved,
but verification is allowed for legacy purposes. An indicator has been added
for RSA signing with X9.31 padding.

A strict restriction on the size of the RSA modulus has been added
i.e. It must be 1024 + 256 * s (which is part of the ANSI X9.31 spec).

Added implementation comments to the X9.31 padding code

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <ppzgs1@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/24021)
2024-07-29 10:16:30 +10:00
..
build.info Add FIPS indicator helpers 2024-07-11 08:29:43 +10:00
fips_entry.c PROV: Relegate most of the FIPS provider code to libfips.a 2021-05-21 12:08:31 +02:00
fipsindicator.c fips: correctly initialise FIPS indicator settables 2024-07-19 17:33:19 +02:00
fipsprov.c Add RSA Signature restrictions for X9.31 padding in the FIPS provider. 2024-07-29 10:16:30 +10:00
self_test_data.inc Disable DSA signing in the FIPS provider. 2024-07-26 09:24:04 +10:00
self_test_kats.c Disable DSA signing in the FIPS provider. 2024-07-26 09:24:04 +10:00
self_test.c fips selftest: avoid relying on a real RNG for self tests 2023-09-27 17:22:54 +01:00
self_test.h Rename OPENSSL_CTX prefix to OSSL_LIB_CTX 2020-10-15 11:59:53 +01:00