[openssl] master update

Dr. Paul Dale pauli at openssl.org
Sun Aug 8 03:56:28 UTC 2021


The branch master has been updated
       via  474294cb664c5ac5184b7fc1a3ef37214f1f2250 (commit)
       via  5e89262535715aba9ec362e34732e784f4f67936 (commit)
      from  c2b94c0a15254ad8cb28d07ed7793e975ae6736f (commit)


- Log -----------------------------------------------------------------
commit 474294cb664c5ac5184b7fc1a3ef37214f1f2250
Author: Pauli <pauli at openssl.org>
Date:   Fri Aug 6 11:17:03 2021 +1000

    doc: remove errant claim that these are not FIPS okay
    
    Reviewed-by: Tomas Mraz <tomas at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/16239)

commit 5e89262535715aba9ec362e34732e784f4f67936
Author: Pauli <pauli at openssl.org>
Date:   Fri Aug 6 09:16:38 2021 +1000

    doc: Fix ECX FIPS documentation
    
    Both Ed448 and Ed25519 were omitted from the signature list.
    X448 and X25519 were flagged as not FIPS valid which wasn't correct.
    
    Fixes #16234
    
    Reviewed-by: Tomas Mraz <tomas at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/16239)

-----------------------------------------------------------------------

Summary of changes:
 doc/man7/EVP_PKEY-X25519.pod    | 2 --
 doc/man7/OSSL_PROVIDER-FIPS.pod | 8 ++++----
 2 files changed, 4 insertions(+), 6 deletions(-)

diff --git a/doc/man7/EVP_PKEY-X25519.pod b/doc/man7/EVP_PKEY-X25519.pod
index fc7b4233d6..9e13e15f7f 100644
--- a/doc/man7/EVP_PKEY-X25519.pod
+++ b/doc/man7/EVP_PKEY-X25519.pod
@@ -13,8 +13,6 @@ implemented in OpenSSL's default and FIPS providers.  These implementations
 support the associated key, containing the public key I<pub> and the
 private key I<priv>.
 
-In the FIPS provider they are non-approved algorithms and do not have the
-"fips=yes" property set.
 No additional parameters can be set during key generation.
 
 
diff --git a/doc/man7/OSSL_PROVIDER-FIPS.pod b/doc/man7/OSSL_PROVIDER-FIPS.pod
index f13e963a94..62e495aef1 100644
--- a/doc/man7/OSSL_PROVIDER-FIPS.pod
+++ b/doc/man7/OSSL_PROVIDER-FIPS.pod
@@ -116,12 +116,8 @@ The OpenSSL FIPS provider supports these operations and algorithms:
 
 =item X25519, see L<EVP_KEYEXCH-X25519(7)>
 
-This has the property "provider=fips,fips=no"
-
 =item X448, see L<EVP_KEYEXCH-X448(7)>
 
-This has the property "provider=fips,fips=no"
-
 =back
 
 =head2 Asymmetric Signature
@@ -132,6 +128,10 @@ This has the property "provider=fips,fips=no"
 
 =item RSA, see L<EVP_SIGNATURE-RSA(7)>
 
+=item X25519, see L<EVP_SIGNATURE-ED25519(7)>
+
+=item X448, see L<EVP_SIGNATURE-ED448(7)>
+
 =item HMAC, see L<EVP_SIGNATURE-HMAC(7)>
 
 =item CMAC, see L<EVP_SIGNATURE-CMAC(7)>


More information about the openssl-commits mailing list