projects / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 282de1c) | patch
Add fips checks for rsa signatures.
authorShane Lontis <shane.lontis@oracle.com>
Sat, 29 Aug 2020 02:25:54 +0000 (12:25 +1000)
committerMatt Caswell <matt@openssl.org>
Fri, 18 Sep 2020 13:20:37 +0000 (14:20 +0100)
commit3f699197ac0ccf7e3dda6ff3cddaa33803285299
treeeba8d61a8759fa683eafbb41b2e01504d96c88f4tree | snapshot
parent282de1cc2d71a95482ce431b9ed620f85eb6acbdcommit | diff
Add fips checks for rsa signatures.

In fips mode SHA1 should not be allowed for signing, but may be present for verifying.
Add keysize check.
Add missing 'ossl_unused' to gettable and settable methods.
Update fips related tests that have these restrictions.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12745)
providers/common/include/prov/provider_util.h diff | blob | history
providers/common/provider_util.c diff | blob | history
providers/implementations/signature/rsa.c diff | blob | history
test/recipes/30-test_evp.t diff | blob | history
test/recipes/30-test_evp_data/evppkey_rsa.txt diff | blob | history
test/recipes/30-test_evp_data/evppkey_rsa_common.txt [new file with mode: 0644] blob
test/recipes/80-test_cms.t diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.