[Bug 1209053] openssl 3 should fail on certain hash algorithms on FIPS
https://bugzilla.suse.com/show_bug.cgi?id=1209053 https://bugzilla.suse.com/show_bug.cgi?id=1209053#c4 --- Comment #4 from Pedro Monreal Gonzalez <pmonrealgonzalez@suse.com> --- In Factory, ATM we have openssl version 3.0.8 as the default openssl and we are planning to update to the new OpenSSL 3.1 series that will be released tomorrow, see: * https://www.openssl.org/blog/blog/2023/03/07/OpenSSL3.1Release/ This new version is FIPS 140-3 compliant and we plan to verify the requirements in there. So, we can keep this bug open until this is clarified in that version. Regarding MD4, it is already blocked and it shows the expected result. As Marcus mentioned in https://bugzilla.suse.com/show_bug.cgi?id=1209037#c1, the QA openssl_fips_hash test would need to capture the reported string from openssl 3 the same way. Probably the string might have changed since openssl 1.1.1. -- You are receiving this mail because: You are on the CC list for the bug.
participants (1)
-
bugzilla_noreply@suse.com