Note: This is a public test instance of Red Hat Bugzilla. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback at bugzilla.redhat.com.
Bug 1940085
Summary: | FIPS_selftest() fails in FIPS mode. | |||
---|---|---|---|---|
Product: | Red Hat Enterprise Linux 8 | Reporter: | Martin Poole <mpoole> | |
Component: | openssl | Assignee: | Nobody <nobody> | |
Status: | VERIFIED --- | QA Contact: | Hubert Kario <hkario> | |
Severity: | medium | Docs Contact: | ||
Priority: | medium | |||
Version: | 8.3 | CC: | hkario, qguo, xiliang | |
Target Milestone: | rc | Keywords: | Triaged | |
Target Release: | --- | |||
Hardware: | Unspecified | |||
OS: | Unspecified | |||
Whiteboard: | ||||
Fixed In Version: | openssl-1.1.1k-3.el8 | Doc Type: | Bug Fix | |
Doc Text: |
Cause:
The FIPS_selftest() library call tries to perform operations that are forbidden for a library working in FIPS mode.
Consequence:
Application calling the method fails FIPS_selftest and reports error or crashes.
Fix:
FIPS_selftest() updated to perform only operations allowed in FIPS mode.
Please note that FIPS_selftest() is not a part of API of the current FIPS module. Calling it is not necessary for FIPS compliance. OpenSSL automatically performs self-tests when it detects that the system is running in FIPS mode.
Result:
Applications that call FIPS_selftest() no longer crash.
|
Story Points: | --- | |
Clone Of: | ||||
: | 1969692 (view as bug list) | Environment: | ||
Last Closed: | Type: | Bug | ||
Regression: | --- | Mount Type: | --- | |
Documentation: | --- | CRM: | ||
Verified Versions: | Category: | --- | ||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | ||
Cloudforms Team: | --- | Target Upstream Version: | ||
Embargoed: | ||||
Bug Depends On: | ||||
Bug Blocks: | 1969692 |
Description
Martin Poole
2021-03-17 15:08:45 UTC
|