mirror of
https://github.com/openssl/openssl.git
synced 2024-11-27 05:21:51 +08:00
bfa6aaab45
We check that EVP_default_properties_is_fips_enabled() is working even before other function calls have auto-loaded the config file. Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/12567)
17 lines
391 B
INI
17 lines
391 B
INI
openssl_conf = openssl_init
|
|
|
|
.include fipsmodule.cnf
|
|
|
|
[openssl_init]
|
|
providers = provider_sect
|
|
alg_section = evp_properties
|
|
|
|
[evp_properties]
|
|
# Ensure FIPS non-approved algorithms in the FIPS module are suppressed (e.g.
|
|
# TEST-RAND). This also means that EVP_default_properties_is_fips_enabled()
|
|
# returns the expected value
|
|
default_properties = "fips=yes"
|
|
|
|
[provider_sect]
|
|
fips = fips_sect
|