projects / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: be1dc98) | patch
EC only uses approved curves in FIPS mode.
authorShane Lontis <shane.lontis@oracle.com>
Tue, 4 Jun 2019 22:24:16 +0000 (08:24 +1000)
committerShane Lontis <shane.lontis@oracle.com>
Tue, 25 Jun 2019 02:00:25 +0000 (12:00 +1000)
commit10c25644e362381844e0089504f0db42f029d855
treefd1342f8f753b944e76adc1f5ceb53ef72c4d794tree | snapshot
parentbe1dc984e1a5938170188cbdb6e536f1e7ac1656commit | diff
EC only uses approved curves in FIPS mode.

Once there are buildable fips tests, some tests that are data driven
from files will need to be modified to exclude non approved curves in
fips mode.

These changes were tested by temporarily adding #define FIPS_MODE 1 to
all the modified source files.

Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9081)
crypto/ec/ec_check.c diff | blob | history
crypto/ec/ec_curve.c diff | blob | history
test/ecdsatest.c diff | blob | history
test/ectest.c diff | blob | history
test/evp_extra_test.c diff | blob | history
test/evp_pkey_dparams_test.c diff | blob | history
test/recipes/20-test_pkeyutl.t diff | blob | history
test/recipes/25-test_verify.t diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.