[Bug 1553309] Re: [FFe]: Include FIPS 140-2 into openssl package
Joy Latten
joy.latten at canonical.com
Tue Apr 12 20:01:51 UTC 2016
Code Review Resolutions:
1. Original one patch divided up into a patch-series of 6 patches. The first 5 patches are the original patches from fedora. The 6th patch authored by me to fix compiler warnings and use updated fips compliant algorithms and tests from upstream openssl and openssl fips module.
2. Restored error codes to those from openssl upstream and any news ones associated with fips were given a value of 200+
to avoid collisions with openssl upstream updates.
3. Restored defines that had been changed in evp/evp.h
4. Removed fips-prng references in fips-rand.c since no longer allowed in fips mode and was specifically added for fips.
New test package in
https://launchpad.net/~j-latten/+archive/ubuntu/myppa
All testcases were run and succeeded.
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1553309
Title:
[FFe]: Include FIPS 140-2 into openssl package
Status in openssl package in Ubuntu:
Incomplete
Bug description:
This is a request for a Feature Freeze Exception to include FIPS 140-2 selftest into the openssl package in preparation for the FIPS 140-2 compliance for 16.0.4.
This patchset will :
- add ability to config, compile, run with fips option enabled
- add the selftest files to crypto/fips directory.
- minor changes to several algorithms in crypto directory to ensure the selftest compile successfully when fips is enabled.
The selftest will be initiated externally at this point and not internally.
Hope to have a test package ready early next week.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1553309/+subscriptions
More information about the foundations-bugs
mailing list