mirror of
https://github.com/openssl/openssl.git
synced 2024-11-21 01:15:20 +08:00
9d70bba135
FIPS provider correctly supports no-des build time option and doesn't advertise DES related algorithms. However KAT test for DES is still attempted to be executed and fails. This prevents configuring FIPS provider without legacy behaviour as defined in SP 800-131Arev2. Also see #25761 internal docs. Fix `enable-fips no-des` build option, and add a daily checker for "legacy-free" (as much as currently feasible) FIPS configuration. Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25762) |
||
---|---|---|
.. | ||
common | ||
fips | ||
implementations | ||
baseprov.c | ||
build.info | ||
decoders.inc | ||
defltprov.c | ||
encoders.inc | ||
fips-sources.checksums | ||
fips.checksum | ||
fips.module.sources | ||
legacyprov.c | ||
nullprov.c | ||
prov_running.c | ||
stores.inc |