Dmitry Belyavskiy
|
f4e1bded66
|
Improve diagnostics when passing unsupported groups in TLS
Related: rhbz#2070197
|
2022-06-24 17:17:35 +02:00 |
|
Dmitry Belyavskiy
|
8638196167
|
Ciphersuites with RSAPSK KX should be filterd in FIPS mode
Related: rhbz#2085088
|
2022-06-16 15:06:45 +02:00 |
|
Dmitry Belyavskiy
|
b5de6bd830
|
In FIPS mode limit key sizes for signature verification
Resolves: rhbz#2077884
|
2022-05-23 19:16:11 +02:00 |
|
Dmitry Belyavskiy
|
7bc4f9f094
|
Ciphersuites with RSA KX should be filterd in FIPS mode
Related: rhbz#2085088
|
2022-05-23 19:16:11 +02:00 |
|
Dmitry Belyavskiy
|
b393177f7d
|
openssl ecparam -list_curves lists only FIPS-approved curves in FIPS mode
Resolves: rhbz#2083240
|
2022-05-23 19:16:09 +02:00 |
|
Dmitry Belyavskiy
|
69c1abb4df
|
openssl req defaults on PKCS#8 encryption changed to AES-256-CBC
Resolves: rhbz#2063947
|
2022-05-12 13:45:42 +02:00 |
|
Dmitry Belyavskiy
|
1b2d08b2c2
|
Adaptation of upstream patches disabling explicit EC parameters in FIPS mode
Resolves: rhbz#2058663
|
2022-05-06 17:41:32 +02:00 |
|
Dmitry Belyavskiy
|
ad863e9fc8
|
OpenSSL FIPS module should not build in non-approved algorithms
Resolves: rhbz#2081378
|
2022-05-05 17:34:49 +02:00 |
|
Dmitry Belyavskiy
|
02c75e5a65
|
We dont'want totally forbid RSA encryption.
Related: rhbz#2053289
|
2022-05-02 15:54:28 +02:00 |
|
Dmitry Belyavskiy
|
7a1c7b28bc
|
FIPS provider doesn't block RSA encryption for key transport
Resolves: rhbz#2053289
|
2022-03-29 13:32:47 +02:00 |
|
Dmitry Belyavskiy
|
922b5301ea
|
Adjust FIPS provider version
FIPS provider version is now autofilled from release and date
Related: rhbz#2026445
|
2022-02-01 16:02:01 +01:00 |
|
Dmitry Belyavskiy
|
d237e7f301
|
Restoring fips=yes to SHA-1
Related: rhbz#2026445
|
2022-01-21 13:48:28 +01:00 |
|
Dmitry Belyavskiy
|
cc37486d86
|
Minimize the list of services allowed for FIPS
Related: rhbz#2026445
|
2022-01-17 13:19:29 +01:00 |
|