Make basic AES ciphers available from within the FIPS providers#9038
Closed
mattcaswell wants to merge 4 commits intoopenssl:masterfrom
Closed
Make basic AES ciphers available from within the FIPS providers#9038mattcaswell wants to merge 4 commits intoopenssl:masterfrom
mattcaswell wants to merge 4 commits intoopenssl:masterfrom
Conversation
These ciphers were already provider aware, and were available from the default provider. We move them into the FIPS provider too.
There are various C macro definitions that are passed via the compiler to enable AES assembler optimisation. We need to make sure that these defines are also passed during compilation of the FIPS module.
Member
Author
|
Pushed a new commit to address the travis failure. |
Member
Author
|
Spotted that I was bringing in 2 more files into the module than actually needed - so I removed those in a fixup commit. Ping? |
Member
Author
|
Fixup pushed to try and address the appveyor failure. |
levitte
reviewed
Jun 3, 2019
| if ($target{aes_asm_src} =~ m/bsaes/) { | ||
| push @{$config{lib_defines}}, "BSAES_ASM"; | ||
| push @{$config{module_defines}}, "BSAES_ASM"; | ||
| } |
Member
There was a problem hiding this comment.
Mental note: This makes me think that we should be able to attach the definition of these macros to the use of those files, rather than this ugly hackery.
levitte
approved these changes
Jun 3, 2019
Member
Author
|
Pushed. Thanks! |
levitte
pushed a commit
that referenced
this pull request
Jun 3, 2019
These ciphers were already provider aware, and were available from the default provider. We move them into the FIPS provider too. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from #9038)
levitte
pushed a commit
that referenced
this pull request
Jun 3, 2019
There are various C macro definitions that are passed via the compiler to enable AES assembler optimisation. We need to make sure that these defines are also passed during compilation of the FIPS module. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from #9038)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
These ciphers were already provider aware, and were available from the
default provider. We move them into the FIPS provider too.
(Needed in order to move the RAND code into the FIPS provider - see #9035)