Re: AES-cipher offload to engine in openssl-fips

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

>    Huh?  From the design document, section "Example dynamic views of
    algorithm selection", after the second diagram:
    
        An EVP_DigestSign* operation is more complicated because it
        involves two algorithms: a signing algorithm, and a digest
        algorithm. In general those two algorithms may come from different
        providers or the same one. In the case of the FIPS module the
        algorithms must both come from the same FIPS module provider. The
        operation will fail if an attempt is made to do otherwise.
  
There are two options.  First, the application does the digest and sign as two separate things.  Second, the provider implementing digestSign has to be validated to use the other FIPS module.
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux