#4032 p11_child::do_ocsp() function implementation is not FIPS140 compliant
Closed: Fixed 2 years ago by jhrozek. Opened 3 years ago by sbose.

Ticket was cloned from Red Hat Bugzilla (product Red Hat Enterprise Linux 8): Bug 1718478

do_ocsp() function uses EVP_sha1() in security relevant application and thus it
falls under FIPS requirements.
SHA-1 is not approved for use in FIPS and adviced to be replaced with SHA-2 or
SHA-3 to make code FIPS compliant.

Metadata Update from @sbose:
- Custom field rhbz adjusted to https://bugzilla.redhat.com/show_bug.cgi?id=1718478

3 years ago

Metadata Update from @sbose:
- Issue assigned to sbose

3 years ago

Metadata Update from @sbose:
- Custom field patch adjusted to on

3 years ago

Commit ad9dd13 relates to this ticket

Commit a97ec73 relates to this ticket

Metadata Update from @jhrozek:
- Issue close_status updated to: Fixed
- Issue status updated to: Closed (was: Open)

2 years ago

SSSD is moving from Pagure to Github. This means that new issues and pull requests
will be accepted only in SSSD's github repository.

This issue has been cloned to Github and is available here:
- https://github.com/SSSD/sssd/issues/5002

If you want to receive further updates on the issue, please navigate to the github issue
and click on subscribe button.

Thank you for understanding. We apologize for all inconvenience.

Login to comment on this ticket.