-
Notifications
You must be signed in to change notification settings - Fork 114
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Take in BoringSSL service indicator improvements (#564)
This PR takes in the service indicator improvements BoringSSL made. Most of the changes were taken except: * AWS-LC returns NOT_APPROVED for SHA-512/256. This is because we have not gone through FIPS validation for algorithms involving SHA-512/256, but we can expect to do so within the next round of FIPS. * kEVPKeyGenShouldCallFIPSFunctions, kCurveSecp256k1Supported, kEVPDeriveSetsServiceIndicator are set to true. BoringSSL was nice enough to use these bool to help us keep some of our existing AWS-LC specific tests. These are set to false for BoringSSL. * We kept the original behavior for the service indicator macro CALL_SERVICE_AND_CHECK_APPROVED. The new version BoringSSL introduced was only compatibile with C++ and we have interoperability concerns for FIPS consumers building with C packages.
- Loading branch information
1 parent
07f270f
commit 14a4d50
Showing
10 changed files
with
1,793 additions
and
1,525 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.