If you sneeze on the FIPS code, you need a new CMVP change letter.
Setting realistic expectations, there are no plans at this time for any FIPS
work.
--
Rich Salz, OpenSSL dev team; rs...@openssl.org
___
openssl-dev mailing list
To unsubscribe:
On 10/23/2013 06:16 AM, Stephen Henson via RT wrote:
What version of OpenSSL are you using? This was worked around in 1.0.1e due to
the difficulty of changing the FIPS module.
Ah, okay; I see the drbg_free_entropy functions are checking for NULL
there now, which works (even though it's probably
, 2013 3:06 PM
To: r...@openssl.org
Cc: openssl-dev@openssl.org
Subject: Re: [openssl.org #3150] Bug Report (with trivial fix): fips module
segfault
On 10/23/2013 06:16 AM, Stephen Henson via RT wrote:
What version of OpenSSL are you using? This was worked around in
1.0.1e due to the difficulty
, 2013 3:06 PM
To: r...@openssl.org
Cc: openssl-dev@openssl.org
Subject: Re: [openssl.org #3150] Bug Report (with trivial fix): fips module
segfault
On 10/23/2013 06:16 AM, Stephen Henson via RT wrote:
What version of OpenSSL are you using? This was worked around in
1.0.1e due to the difficulty
*Version:
*This bug was found in openssl-fips 2.0.2; I looked in 2.0.5, and the
problem appears to be present there still.
*
Issue:*
The fips module has a bug that can result in segfaults when
fips_get_entropy() fails during initialization of openssl-linked-with-fips.
*Fix:
*Because the fix is
On Wed Oct 23 08:59:59 2013, mco...@akamai.com wrote:
*
Issue:*
The fips module has a bug that can result in segfaults when
fips_get_entropy() fails during initialization of openssl-linked-with-fips.
What version of OpenSSL are you using? This was worked around in 1.0.1e due to
the
On 10/23/2013 06:16 AM, Stephen Henson via RT wrote:
What version of OpenSSL are you using? This was worked around in 1.0.1e due to
the difficulty of changing the FIPS module.
Ah, okay; I see the drbg_free_entropy functions are checking for NULL
there now, which works (even though it's probably
On Wed Oct 23 21:06:00 2013, mco...@akamai.com wrote:
For my curiosity, what's difficult about modifying FIPS? More involved
change-vetting process?
Any change has to be approved as part of a change letter process with labs
which takes time and costs real money. We normally try to include any