testing/openssl-3
SHA256
3
0
Fork 0
forked from pool/openssl-3
Code Pull Requests Activity
1 Commit 2 Branches 0 Tags 31 MiB
C 100%
6bc57d937f
Go to file
Pedro Monreal Gonzalez 6bc57d937f - FIPS: Deny SHA-1 signature verification in FIPS provider [bsc#1221365] 
* SHA-1 is not allowed anymore in FIPS 186-5 for signature
    verification operations. After 12/31/2030, NIST will disallow
    SHA-1 for all of its usages.
  * Add openssl-3-FIPS-Deny-SHA-1-sigver-in-FIPS-provider.patch

- FIPS: RSA keygen PCT requirements.
  * Skip the rsa_keygen_pairwise_test() PCT in rsa_keygen() as the
    self-test requirements are covered by do_rsa_pct() for both
    RSA-OAEP and RSA signatures [bsc#1221760]
  * Enforce error state if rsa_keygen PCT is run and fails [bsc#1221753]
  * Add openssl-3-FIPS-PCT_rsa_keygen.patch

- FIPS: Check that the fips provider is available before setting
  it as the default provider in FIPS mode. [bsc#1220523]
  * Rebase openssl-Force-FIPS.patch

- FIPS: Port openssl to use jitterentropy [bsc#1220523]
  * Set the module in error state if the jitter RNG fails either on
    initialization or entropy gathering because health tests failed.
  * Add jitterentropy as a seeding source output also in crypto/info.c
  * Move the jitter entropy collector and the associated lock out
    of the header file to avoid redefinitions.
  * Add the fips_local.cnf symlink to the spec file. This simlink
    points to the openssl_fips.config file that is provided by the
    crypto-policies package.
  * Rebase openssl-3-jitterentropy-3.4.0.patch
  * Rebase openssl-FIPS-enforce-EMS-support.patch

- FIPS: Block non-Approved Elliptic Curves [bsc#1221786]

OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-3?expand=0&rev=110
2024-08-07 21:54:42 +00:00
.gitattributes - FIPS: Deny SHA-1 signature verification in FIPS provider [bsc#1221365] 2024-08-07 21:54:42 +00:00
.gitignore - FIPS: Deny SHA-1 signature verification in FIPS provider [bsc#1221365] 2024-08-07 21:54:42 +00:00
baselibs.conf - FIPS: Deny SHA-1 signature verification in FIPS provider [bsc#1221365] 2024-08-07 21:54:42 +00:00
openssl-3-FIPS-Deny-SHA-1-sigver-in-FIPS-provider.patch - FIPS: Deny SHA-1 signature verification in FIPS provider [bsc#1221365] 2024-08-07 21:54:42 +00:00
openssl-3-FIPS-GCM-Implement-explicit-indicator-for-IV-gen.patch - FIPS: Deny SHA-1 signature verification in FIPS provider [bsc#1221365] 2024-08-07 21:54:42 +00:00
openssl-3-FIPS-PCT_rsa_keygen.patch - FIPS: Deny SHA-1 signature verification in FIPS provider [bsc#1221365] 2024-08-07 21:54:42 +00:00
openssl-3-jitterentropy-3.4.0.patch - FIPS: Deny SHA-1 signature verification in FIPS provider [bsc#1221365] 2024-08-07 21:54:42 +00:00
openssl-3-use-include-directive.patch - FIPS: Deny SHA-1 signature verification in FIPS provider [bsc#1221365] 2024-08-07 21:54:42 +00:00
openssl-3.1.4.tar.gz - FIPS: Deny SHA-1 signature verification in FIPS provider [bsc#1221365] 2024-08-07 21:54:42 +00:00
openssl-3.1.4.tar.gz.asc - FIPS: Deny SHA-1 signature verification in FIPS provider [bsc#1221365] 2024-08-07 21:54:42 +00:00
openssl-3.changes - FIPS: Deny SHA-1 signature verification in FIPS provider [bsc#1221365] 2024-08-07 21:54:42 +00:00
openssl-3.spec - FIPS: Deny SHA-1 signature verification in FIPS provider [bsc#1221365] 2024-08-07 21:54:42 +00:00
openssl-Add_support_for_Windows_CA_certificate_store.patch - FIPS: Deny SHA-1 signature verification in FIPS provider [bsc#1221365] 2024-08-07 21:54:42 +00:00
openssl-Add-changes-to-ectest-and-eccurve.patch - FIPS: Deny SHA-1 signature verification in FIPS provider [bsc#1221365] 2024-08-07 21:54:42 +00:00
openssl-Add-FIPS_mode-compatibility-macro.patch - FIPS: Deny SHA-1 signature verification in FIPS provider [bsc#1221365] 2024-08-07 21:54:42 +00:00
openssl-Add-FIPS-indicator-parameter-to-HKDF.patch - FIPS: Deny SHA-1 signature verification in FIPS provider [bsc#1221365] 2024-08-07 21:54:42 +00:00
openssl-Add-Kernel-FIPS-mode-flag-support.patch - FIPS: Deny SHA-1 signature verification in FIPS provider [bsc#1221365] 2024-08-07 21:54:42 +00:00
openssl-Add-support-for-PROFILE-SYSTEM-system-default-cipher.patch - FIPS: Deny SHA-1 signature verification in FIPS provider [bsc#1221365] 2024-08-07 21:54:42 +00:00
openssl-Allow-disabling-of-SHA1-signatures.patch - FIPS: Deny SHA-1 signature verification in FIPS provider [bsc#1221365] 2024-08-07 21:54:42 +00:00
openssl-Allow-SHA1-in-seclevel-2-if-rh-allow-sha1-signatures.patch - FIPS: Deny SHA-1 signature verification in FIPS provider [bsc#1221365] 2024-08-07 21:54:42 +00:00
openssl-crypto-policies-support.patch - FIPS: Deny SHA-1 signature verification in FIPS provider [bsc#1221365] 2024-08-07 21:54:42 +00:00
openssl-CVE-2023-5678.patch - FIPS: Deny SHA-1 signature verification in FIPS provider [bsc#1221365] 2024-08-07 21:54:42 +00:00
openssl-CVE-2023-6129.patch - FIPS: Deny SHA-1 signature verification in FIPS provider [bsc#1221365] 2024-08-07 21:54:42 +00:00
openssl-CVE-2023-6237.patch - FIPS: Deny SHA-1 signature verification in FIPS provider [bsc#1221365] 2024-08-07 21:54:42 +00:00
openssl-CVE-2024-0727.patch - FIPS: Deny SHA-1 signature verification in FIPS provider [bsc#1221365] 2024-08-07 21:54:42 +00:00
openssl-CVE-2024-2511.patch - FIPS: Deny SHA-1 signature verification in FIPS provider [bsc#1221365] 2024-08-07 21:54:42 +00:00
openssl-CVE-2024-4603.patch - FIPS: Deny SHA-1 signature verification in FIPS provider [bsc#1221365] 2024-08-07 21:54:42 +00:00
openssl-CVE-2024-4741.patch - FIPS: Deny SHA-1 signature verification in FIPS provider [bsc#1221365] 2024-08-07 21:54:42 +00:00
openssl-CVE-2024-5535.patch - FIPS: Deny SHA-1 signature verification in FIPS provider [bsc#1221365] 2024-08-07 21:54:42 +00:00
openssl-DEFAULT_SUSE_cipher.patch - FIPS: Deny SHA-1 signature verification in FIPS provider [bsc#1221365] 2024-08-07 21:54:42 +00:00
openssl-DH-Disable-FIPS-186-4-type-parameters-in-FIPS-mode.patch - FIPS: Deny SHA-1 signature verification in FIPS provider [bsc#1221365] 2024-08-07 21:54:42 +00:00
openssl-Disable-default-provider-for-test-suite.patch - FIPS: Deny SHA-1 signature verification in FIPS provider [bsc#1221365] 2024-08-07 21:54:42 +00:00
openssl-Disable-explicit-ec.patch - FIPS: Deny SHA-1 signature verification in FIPS provider [bsc#1221365] 2024-08-07 21:54:42 +00:00
openssl-disable-fipsinstall.patch - FIPS: Deny SHA-1 signature verification in FIPS provider [bsc#1221365] 2024-08-07 21:54:42 +00:00
openssl-ec-56-bit-Limb-Solinas-Strategy-for-secp384r1.patch - FIPS: Deny SHA-1 signature verification in FIPS provider [bsc#1221365] 2024-08-07 21:54:42 +00:00
openssl-ec-powerpc64le-Add-asm-implementation-of-felem_-squa.patch - FIPS: Deny SHA-1 signature verification in FIPS provider [bsc#1221365] 2024-08-07 21:54:42 +00:00
openssl-ec-Use-static-linkage-on-nistp521-felem_-square-mul-.patch - FIPS: Deny SHA-1 signature verification in FIPS provider [bsc#1221365] 2024-08-07 21:54:42 +00:00
openssl-ecc-Remove-extraneous-parentheses-in-secp384r1.patch - FIPS: Deny SHA-1 signature verification in FIPS provider [bsc#1221365] 2024-08-07 21:54:42 +00:00
openssl-Enable-BTI-feature-for-md5-on-aarch64.patch - FIPS: Deny SHA-1 signature verification in FIPS provider [bsc#1221365] 2024-08-07 21:54:42 +00:00
openssl-FIPS-140-3-DRBG.patch - FIPS: Deny SHA-1 signature verification in FIPS provider [bsc#1221365] 2024-08-07 21:54:42 +00:00
openssl-FIPS-140-3-keychecks.patch - FIPS: Deny SHA-1 signature verification in FIPS provider [bsc#1221365] 2024-08-07 21:54:42 +00:00
openssl-FIPS-140-3-zeroization.patch - FIPS: Deny SHA-1 signature verification in FIPS provider [bsc#1221365] 2024-08-07 21:54:42 +00:00
openssl-FIPS-Add-explicit-indicator-for-key-length.patch - FIPS: Deny SHA-1 signature verification in FIPS provider [bsc#1221365] 2024-08-07 21:54:42 +00:00
openssl-FIPS-Add-SP800-56Br2-6.4.1.2.1-3.c-check.patch - FIPS: Deny SHA-1 signature verification in FIPS provider [bsc#1221365] 2024-08-07 21:54:42 +00:00
openssl-FIPS-early-KATS.patch - FIPS: Deny SHA-1 signature verification in FIPS provider [bsc#1221365] 2024-08-07 21:54:42 +00:00
openssl-FIPS-embed-hmac.patch - FIPS: Deny SHA-1 signature verification in FIPS provider [bsc#1221365] 2024-08-07 21:54:42 +00:00
openssl-FIPS-enforce-EMS-support.patch - FIPS: Deny SHA-1 signature verification in FIPS provider [bsc#1221365] 2024-08-07 21:54:42 +00:00
openssl-FIPS-Enforce-error-state.patch - FIPS: Deny SHA-1 signature verification in FIPS provider [bsc#1221365] 2024-08-07 21:54:42 +00:00
openssl-FIPS-enforce-security-checks-during-initialization.patch - FIPS: Deny SHA-1 signature verification in FIPS provider [bsc#1221365] 2024-08-07 21:54:42 +00:00
openssl-FIPS-Expose-a-FIPS-indicator.patch - FIPS: Deny SHA-1 signature verification in FIPS provider [bsc#1221365] 2024-08-07 21:54:42 +00:00
openssl-FIPS-limit-rsa-encrypt.patch - FIPS: Deny SHA-1 signature verification in FIPS provider [bsc#1221365] 2024-08-07 21:54:42 +00:00
openssl-FIPS-release_num_in_version_string.patch - FIPS: Deny SHA-1 signature verification in FIPS provider [bsc#1221365] 2024-08-07 21:54:42 +00:00
openssl-FIPS-Remove-X9.31-padding-from-FIPS-prov.patch - FIPS: Deny SHA-1 signature verification in FIPS provider [bsc#1221365] 2024-08-07 21:54:42 +00:00
openssl-FIPS-RSA-disable-shake.patch - FIPS: Deny SHA-1 signature verification in FIPS provider [bsc#1221365] 2024-08-07 21:54:42 +00:00
openssl-FIPS-RSA-encapsulate.patch - FIPS: Deny SHA-1 signature verification in FIPS provider [bsc#1221365] 2024-08-07 21:54:42 +00:00
openssl-FIPS-services-minimize.patch - FIPS: Deny SHA-1 signature verification in FIPS provider [bsc#1221365] 2024-08-07 21:54:42 +00:00
openssl-FIPS-signature-Add-indicator-for-PSS-salt-length.patch - FIPS: Deny SHA-1 signature verification in FIPS provider [bsc#1221365] 2024-08-07 21:54:42 +00:00
openssl-FIPS-Use-digest_sign-digest_verify-in-self-test.patch - FIPS: Deny SHA-1 signature verification in FIPS provider [bsc#1221365] 2024-08-07 21:54:42 +00:00
openssl-FIPS-Use-FFDHE2048-in-self-test.patch - FIPS: Deny SHA-1 signature verification in FIPS provider [bsc#1221365] 2024-08-07 21:54:42 +00:00
openssl-FIPS-Use-OAEP-in-KATs-support-fixed-OAEP-seed.patch - FIPS: Deny SHA-1 signature verification in FIPS provider [bsc#1221365] 2024-08-07 21:54:42 +00:00
openssl-Fix-EVP_PKEY_CTX_add1_hkdf_info-behavior.patch - FIPS: Deny SHA-1 signature verification in FIPS provider [bsc#1221365] 2024-08-07 21:54:42 +00:00
openssl-Force-FIPS.patch - FIPS: Deny SHA-1 signature verification in FIPS provider [bsc#1221365] 2024-08-07 21:54:42 +00:00
openssl-Handle-empty-param-in-EVP_PKEY_CTX_add1_hkdf_info.patch - FIPS: Deny SHA-1 signature verification in FIPS provider [bsc#1221365] 2024-08-07 21:54:42 +00:00
openssl-Improve-performance-for-6x-unrolling-with-vpermxor-i.patch - FIPS: Deny SHA-1 signature verification in FIPS provider [bsc#1221365] 2024-08-07 21:54:42 +00:00
openssl-load-legacy-provider.patch - FIPS: Deny SHA-1 signature verification in FIPS provider [bsc#1221365] 2024-08-07 21:54:42 +00:00
openssl-no-date.patch - FIPS: Deny SHA-1 signature verification in FIPS provider [bsc#1221365] 2024-08-07 21:54:42 +00:00
openssl-no-html-docs.patch - FIPS: Deny SHA-1 signature verification in FIPS provider [bsc#1221365] 2024-08-07 21:54:42 +00:00
openssl-pbkdf2-Set-indicator-if-pkcs5-param-disabled-checks.patch - FIPS: Deny SHA-1 signature verification in FIPS provider [bsc#1221365] 2024-08-07 21:54:42 +00:00
openssl-pbkdf2-Set-minimum-password-length-of-8-bytes.patch - FIPS: Deny SHA-1 signature verification in FIPS provider [bsc#1221365] 2024-08-07 21:54:42 +00:00
openssl-pkgconfig.patch - FIPS: Deny SHA-1 signature verification in FIPS provider [bsc#1221365] 2024-08-07 21:54:42 +00:00
openssl-powerpc-ecc-Fix-stack-allocation-secp384r1-asm.patch - FIPS: Deny SHA-1 signature verification in FIPS provider [bsc#1221365] 2024-08-07 21:54:42 +00:00
openssl-ppc64-config.patch - FIPS: Deny SHA-1 signature verification in FIPS provider [bsc#1221365] 2024-08-07 21:54:42 +00:00
openssl-rand-Forbid-truncated-hashes-SHA-3-in-FIPS-prov.patch - FIPS: Deny SHA-1 signature verification in FIPS provider [bsc#1221365] 2024-08-07 21:54:42 +00:00
openssl-Remove-EC-curves.patch - FIPS: Deny SHA-1 signature verification in FIPS provider [bsc#1221365] 2024-08-07 21:54:42 +00:00
openssl-Revert-Improve-FIPS-RSA-keygen-performance.patch - FIPS: Deny SHA-1 signature verification in FIPS provider [bsc#1221365] 2024-08-07 21:54:42 +00:00
openssl-skipped-tests-EC-curves.patch - FIPS: Deny SHA-1 signature verification in FIPS provider [bsc#1221365] 2024-08-07 21:54:42 +00:00
openssl-truststore.patch - FIPS: Deny SHA-1 signature verification in FIPS provider [bsc#1221365] 2024-08-07 21:54:42 +00:00
openssl.keyring - FIPS: Deny SHA-1 signature verification in FIPS provider [bsc#1221365] 2024-08-07 21:54:42 +00:00
reproducible.patch - FIPS: Deny SHA-1 signature verification in FIPS provider [bsc#1221365] 2024-08-07 21:54:42 +00:00
showciphers.c - FIPS: Deny SHA-1 signature verification in FIPS provider [bsc#1221365] 2024-08-07 21:54:42 +00:00