rpms/openssl
8
1
Fork 1
Code Issues Pull Requests Releases Activity
Utilities from the general purpose cryptography library with TLS implementation
91 Commits 10 Branches 65 Tags 7.2 MiB
C 97.3%
Shell 2.7%
b393177f7d
Go to file
Dmitry Belyavskiy b393177f7d openssl ecparam -list_curves lists only FIPS-approved curves in FIPS mode 
Resolves: rhbz#2083240
2022-05-23 19:16:09 +02:00
.gitignore Rebase to upstream version 3.0.1 2022-01-18 18:30:10 +01:00
0001-Aarch64-and-ppc64le-use-lib64.patch Rebase to OpenSSL version 3.0.0 2021-04-12 00:34:30 +02:00
0002-Use-more-general-default-values-in-openssl.cnf.patch Rebase to OpenSSL version 3.0.0 2021-04-12 00:34:30 +02:00
0003-Do-not-install-html-docs.patch Rebase to OpenSSL version 3.0.0 2021-04-12 00:34:30 +02:00
0004-Override-default-paths-for-the-CA-directory-tree.patch Fixes override of openssl_conf in openssl.cnf 2021-07-06 13:56:08 +02:00
0005-apps-ca-fix-md-option-help-text.patch Rebase to OpenSSL version 3.0.0 2021-04-12 00:34:30 +02:00
0006-Disable-signature-verification-with-totally-unsafe-h.patch Update to Beta1 version 2021-07-14 13:31:08 +02:00
0007-Add-support-for-PROFILE-SYSTEM-system-default-cipher.patch Rebase to upstream version 3.0.1 2022-01-18 18:30:10 +01:00
0008-Add-FIPS_mode-compatibility-macro.patch Update to Beta1 version 2021-07-14 13:31:08 +02:00
0009-Add-Kernel-FIPS-mode-flag-support.patch Rebase to upstream version 3.0.1 2022-01-18 18:30:10 +01:00
0011-Remove-EC-curves.patch Update to Beta1 version 2021-07-14 13:31:08 +02:00
0012-Disable-explicit-ec.patch Reworked patch forbidding explicit EC parameters 2022-05-06 16:51:28 +02:00
0013-FIPS-provider-explicit-ec.patch Adaptation of upstream patches disabling explicit EC parameters in FIPS mode 2022-05-06 17:41:32 +02:00
0014-FIPS-disable-explicit-ec.patch Adaptation of upstream patches disabling explicit EC parameters in FIPS mode 2022-05-06 17:41:32 +02:00
0024-load-legacy-prov.patch Always activate default provider via config 2021-11-23 16:52:23 +01:00
0025-for-tests.patch Always activate default provider via config 2021-11-23 16:52:23 +01:00
0031-tmp-Fix-test-names.patch KTLS and FIPS may interfere, so tests need to be tuned 2021-09-22 17:15:22 +02:00
0032-Force-fips.patch -config argument of openssl app should work properly 2022-05-12 13:29:27 +02:00
0033-FIPS-embed-hmac.patch Remove volatile attribute from HMAC to make annocheck happy 2022-01-21 13:48:28 +01:00
0034.fipsinstall_disable.patch Rebase to upstream version 3.0.1 2022-01-18 18:30:10 +01:00
0035-speed-skip-unavailable-dgst.patch openssl speed should run in FIPS mode 2021-12-21 16:16:07 +01:00
0045-FIPS-services-minimize.patch openssl ecparam -list_curves lists only FIPS-approved curves in FIPS mode 2022-05-23 19:16:09 +02:00
0046-FIPS-s390x-hardening.patch On the s390x, zeroize all the copies of TLS premaster secret 2022-01-26 16:50:19 +01:00
0047-FIPS-early-KATS.patch KATS self-tests should run before HMAC verifcation 2022-01-21 13:48:28 +01:00
0048-correctly-handle-records.patch s_server: correctly handle 2^14 byte long records 2022-02-03 15:37:48 +01:00
0049-Selectively-disallow-SHA1-signatures.patch Fix RSA PSS padding with SHA-1 disabled 2022-03-10 13:29:29 +01:00
0050-FIPS-enable-pkcs12-mac.patch OpenSSL will generate keys with prime192v1 curve if it is provided using explicit parameters 2022-02-22 16:32:34 +01:00
0051-Support-different-R_BITS-lengths-for-KBKDF.patch OpenSSL FIPS module should not build in non-approved algorithms 2022-05-05 17:34:49 +02:00
0052-Allow-SHA1-in-seclevel-2-if-rh-allow-sha1-signatures.patch Fix SHA1 certs in LEGACY without openssl lib ctxt 2022-03-18 13:36:55 +01:00
0053-CVE-2022-0778.patch CVE-2022-0778 fix 2022-03-16 15:03:25 +01:00
0054-Replace-size-check-with-more-meaningful-pubkey-check.patch Fix occasional internal error in TLS when DHE is used 2022-03-22 13:04:16 +01:00
0055-nonlegacy-fetch-null-deref.patch Fix openssl curl error with LANG=tr_TR.utf8 2022-04-21 15:16:46 +02:00
0056-strcasecmp.patch OpenSSL FIPS module should not build in non-approved algorithms 2022-05-05 17:34:49 +02:00
0057-strcasecmp-fix.patch Fix regression in evp_pkey_name2type caused by tr_TR locale fix 2022-04-28 13:39:35 +02:00
0058-FIPS-limit-rsa-encrypt.patch When FIPS provider is in use, we forbid only some padding modes 2022-05-02 17:42:54 +02:00
0060-FIPS-KAT-signature-tests.patch Use KAT for ECDSA signature tests 2022-05-16 18:54:17 +02:00
0061-Deny-SHA-1-signature-verification-in-FIPS-provider.patch FIPS: Disable SHA1 signs and EVP_PKEY_{sign,verify} 2022-05-23 17:02:25 +02:00
0062-Disable-EVP_PKEY_-sign-verify-in-FIPS-provider.patch FIPS: Disable SHA1 signs and EVP_PKEY_{sign,verify} 2022-05-23 17:02:25 +02:00
configuration-prefix.h Rebase to OpenSSL version 3.0.0 2021-04-12 00:34:30 +02:00
configuration-switch.h Rebase to OpenSSL version 3.0.0 2021-04-12 00:34:30 +02:00
ec_curve.c Rebase to OpenSSL version 3.0.0 2021-04-12 00:34:30 +02:00
ectest.c Reworked patch forbidding explicit EC parameters 2022-05-06 16:51:28 +02:00
gating.yaml Temporary manual test 2022-04-21 13:20:27 +02:00
genpatches Rebase to OpenSSL version 3.0.0 2021-04-12 00:34:30 +02:00
hobble-openssl RHEL 9.0.0 Alpha bootstrap 2020-10-15 22:27:53 +02:00
make-dummy-cert RHEL 9.0.0 Alpha bootstrap 2020-10-15 22:27:53 +02:00
Makefile.certificate RHEL 9.0.0 Alpha bootstrap 2020-10-15 22:27:53 +02:00
openssl.spec openssl ecparam -list_curves lists only FIPS-approved curves in FIPS mode 2022-05-23 19:16:09 +02:00
renew-dummy-cert RHEL 9.0.0 Alpha bootstrap 2020-10-15 22:27:53 +02:00
rpminspect.yaml Make rpminspect happy 2021-12-10 14:19:15 +01:00
sources Rebase to upstream version 3.0.1 2022-01-18 18:30:10 +01:00