mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2024-11-21 01:15:20 +08:00
Code Issues Packages Projects Releases Wiki Activity
f88c2f2d17
openssl/providers
History
Dimitri John Ledkov 9d70bba135 fips no-des: compile out TDES KAT 
FIPS provider correctly supports no-des build time option and doesn't
advertise DES related algorithms. However KAT test for DES is still
attempted to be executed and fails.

This prevents configuring FIPS provider without legacy behaviour as
defined in SP 800-131Arev2. Also see #25761 internal docs.

Fix `enable-fips no-des` build option, and add a daily checker for
"legacy-free" (as much as currently feasible) FIPS configuration.

Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25762)
2024-10-24 15:27:43 +02:00
..
common
fips fips no-des: compile out TDES KAT 2024-10-24 15:27:43 +02:00
implementations first cut at KEM & key management skeletons 2024-10-21 11:47:16 +01:00
baseprov.c
build.info first cut at KEM & key management skeletons 2024-10-21 11:47:16 +01:00
decoders.inc
defltprov.c
encoders.inc
fips-sources.checksums
fips.checksum
fips.module.sources
legacyprov.c
nullprov.c
prov_running.c
stores.inc