rpms/java-1.8.0-openjdk
7
0
Fork 0
Code Issues Pull Requests Releases Activity
5b6071b392
java-1.8.0-openjdk/nss.fips.cfg.in
Francisco Ferrari Bihurriet 5b6071b392 RH2007331: SecretKey generate/import operations don't add the CKA_SIGN attribute in FIPS mode 
Use SunPKCS11 Attributes Configuration to set CKA_SIGN=true on SecretKey generate/import operations in FIPS mode, see:
https://docs.oracle.com/javase/8/docs/technotes/guides/security/p11guide.html#ATTRS

Resolves: rhbz#2102435
2022-07-08 17:59:46 +01:00

9 lines
197 B
INI
Raw Blame History

name = NSS-FIPS
nssLibraryDirectory = @NSS_LIBDIR@
nssSecmodDirectory = sql:/etc/pki/nssdb
nssDbMode = readOnly
nssModule = fips
attributes(*,CKO_SECRET_KEY,CKK_GENERIC_SECRET)={ CKA_SIGN=true }
Reference in New Issue View Git Blame Copy Permalink