Commit Graph

9 Commits

Author SHA1 Message Date
Dmitry Belyavskiy
72772f737e Add missing ECDH Public Key Check in FIPS mode
Resolves: RHEL-15990
2023-11-08 12:38:23 +01:00
Clemens Lang
e5f783d552 Fix Wpointer-sign compiler warning
```
providers/implementations/signature/ecdsa_sig.c: scope_hint: In function 'do_ec_pct'
providers/implementations/signature/ecdsa_sig.c:594:46: warning[-Wpointer-sign]: pointer targets in passing argument 2 of 'ecdsa_digest_signverify_update' differ in signedness
providers/implementations/signature/ecdsa_sig.c:325:69: note: expected 'const unsigned char *' but argument is of type 'const char *'
```

```
providers/implementations/signature/rsa_sig.c: scope_hint: In function 'do_rsa_pct'
providers/implementations/signature/rsa_sig.c:1518:44: warning[-Wpointer-sign]: pointer targets in passing argument 2 of 'rsa_digest_signverify_update' differ in signedness
providers/implementations/signature/rsa_sig.c:910:62: note: expected 'const unsigned char *' but argument is of type 'const char *'
```

Resolves: rhbz#2178034
Signed-off-by: Clemens Lang <cllang@redhat.com>
2023-03-16 14:08:55 +01:00
Dmitry Belyavskiy
fb4b72ff2f DH PCT should abort on failure
Resolves: rhbz#2178039
2023-03-14 17:29:33 +01:00
Dmitry Belyavskiy
960e6deebf Abort on PCT failure
Related: rhbz#2168324
2023-03-14 17:27:20 +01:00
Dmitry Belyavskiy
dd6f0d33c8 Remove previous low-level PCT
Related: rhbz#2168324
2023-03-14 17:27:20 +01:00
Dmitry Belyavskiy
fa195e46a2 Pairwise consistency tests should use Digest+Sign/Verify
Resolves: rhbz#2178034
2023-03-14 17:27:15 +01:00
Dmitry Belyavskiy
a0907c129c Use signature for RSA pairwise test according FIPS-140-3 requirements
Related: rhbz#2102540
2022-08-05 14:31:48 +02:00
Dmitry Belyavskiy
f1dba9d301 Deal with ECDH keys in FIPS mode according FIPS-140-3 requirements
Related: rhbz#2102537
2022-08-05 14:31:48 +02:00
Dmitry Belyavskiy
3f7cd79d02 Deal with DH keys in FIPS mode according FIPS-140-3 requirements
Related: rhbz#2102536
2022-08-05 14:31:48 +02:00