openssl

mirror of https://github.com/openssl/openssl.git synced 2024-12-09 05:51:54 +08:00

History

Dimitri John Ledkov fa338aa7cd fips: zeroization of public security parameters (PSPs) ISO 19790:2012/Cor.1:2015 7.9 requires cryptographic module to provide methods to zeroise all unproctected security sensitive parameters (which inclues both Critical/Private and Public security parameters). And those that are temprorarly stored are required to be zeroised after they are no longer needed at security levels 2 and higher. Comply with the above requirements by always zeroising public security parameters whenever they are freed. This is currently done under the FIPS feature, however the requirement comes from the ISO 19790:2012 which may also be needed in other jurisdictions. If not always. Note FIPS 140-3 includes ISO 19790:2012 by reference. Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24355)		2024-05-13 11:14:11 +02:00
..
build.info
ffc_backend.c
ffc_dh.c
ffc_key_generate.c
ffc_key_validate.c
ffc_params_generate.c	ffc/ffc_params_generate.c: Add the check for the EVP_MD_get_size()	2024-04-09 20:47:47 +02:00
ffc_params_validate.c
ffc_params.c	fips: zeroization of public security parameters (PSPs)	2024-05-13 11:14:11 +02:00