rpms/openssl
7
1
Fork 1
Code Issues Pull Requests Releases Activity
e014d8a609
openssl/0039-FIPS-PKCS12-PBMAC1-defaults.patch
Dmitry Belyavskiy 98cf25a4c0 Rebasing to OpenSSL 3.5.1 
Resolves: RHEL-90350
Resolves: RHEL-95613
Resolves: RHEL-97796
Resolves: RHEL-99353
Resolves: RHEL-100168
2025-07-01 16:33:14 +02:00

36 lines
1.0 KiB
Diff
Raw Blame History

From 16b5a03db729e5977ab88b3107f99586be34006b Mon Sep 17 00:00:00 2001
From: Simo Sorce <simo@redhat.com>
Date: Thu, 13 Feb 2025 18:16:29 -0500
Subject: [PATCH 39/53] FIPS: PKCS12: PBMAC1 defaults
From-dist-git-commit: 8fc2d4842385584094d57f6f66fcbc2a07865708
---
apps/pkcs12.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/apps/pkcs12.c b/apps/pkcs12.c
index 9964faf21a..59439a8cc0 100644
--- a/apps/pkcs12.c
+++ b/apps/pkcs12.c
@@ -17,6 +17,7 @@
#include <openssl/asn1.h>
#include <openssl/crypto.h>
#include <openssl/err.h>
+#include <openssl/evp.h>
#include <openssl/pem.h>
#include <openssl/pkcs12.h>
#include <openssl/provider.h>
@@ -709,6 +710,9 @@ int pkcs12_main(int argc, char **argv)
}
if (maciter != -1) {
+ if (EVP_default_properties_is_fips_enabled(NULL))
+ pbmac1_pbkdf2 = 1;
+
if (pbmac1_pbkdf2 == 1) {
if (!PKCS12_set_pbmac1_pbkdf2(p12, mpass, -1, NULL,
macsaltlen, maciter,
--
2.50.0
Reference in New Issue View Git Blame Copy Permalink