[prev in list] [next in list] [prev in thread] [next in thread]
List: libreswan-commit
Subject: [Swan-commit] Changes to ref refs/heads/master
From: paul () vault ! libreswan ! fi (Paul Wouters)
Date: 2018-04-21 21:55:52
Message-ID: 20180421215553.015CB31E1F60 () vault ! libreswan ! fi
[Download RAW message or body]
New commits:
commit c72f5a9e7a0b6cc88ecdc45fa1d7bad01f3a33b5
Author: Paul Wouters <pwouters@redhat.com>
Date: Sat Apr 21 17:54:02 2018 -0400
testing: bump standard X509 key to 3072 (FIPS minimum)
Rename the unused "bigkey" which used 2048, to "smallkey" so it can
be used in FIPS testing for proper rejection.
commit 50a40f8492b1a2849e2643c9be75436eeab611e4
Author: Paul Wouters <pwouters@redhat.com>
Date: Sat Apr 21 17:49:01 2018 -0400
FIPS: reject RSA keys < 3072 bits - Patch by Matt Rogers
This patch was forgotten and dormant in the fips_key_size branch
If NSS is running in FIPS mode, it should also have rejected any
operations with a < 3072 RSA bit, but we might as well reject it
at load time instead of at use time.
_______________________________________________
Swan-commit mailing list
Swan-commit@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-commit
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic