rpms / nss

Clone
Source Code
GIT

Blame SOURCES/nss-3.79-pkcs12-fips-defaults.patch

c4 c5 c5-plus c6 c6-plus c7 c7-aarch64 c7-alt c7-beta c8 c8-beta c8-sig-altarch-armhfp c8s c9 c9-beta
  1.   c8
  2.   SOURCES
  3.   nss-3.79-pkcs12-fips-defaults.patch
Blob History Raw
7093c5 
diff -up ./cmd/pk12util/pk12util.c.pkcs12_fips_defaults ./cmd/pk12util/pk12util.c
7093c5 
--- ./cmd/pk12util/pk12util.c.pkcs12_fips_defaults	2022-07-20 13:40:24.152212683 -0700
7093c5 
+++ ./cmd/pk12util/pk12util.c	2022-07-20 13:42:40.031094190 -0700
7093c5 
@@ -1146,6 +1146,11 @@ main(int argc, char **argv)
7093c5 
         goto done;
7093c5 
     }
7093c5
7093c5 
+    if (PK11_IsFIPS()) {
7093c5 
+        cipher =  SEC_OID_AES_256_CBC;
7093c5 
+        certCipher =  SEC_OID_AES_128_CBC;
7093c5 
+    }
7093c5 
+
7093c5 
     if (pk12util.options[opt_Cipher].activated) {
7093c5 
         char *cipherString = pk12util.options[opt_Cipher].arg;
7093c5
7093c5 
@@ -1160,9 +1165,6 @@ main(int argc, char **argv)
7093c5 
         }
7093c5 
     }
7093c5
7093c5 
-    if (PK11_IsFIPS()) {
7093c5 
-        certCipher =  SEC_OID_UNKNOWN;
7093c5 
-    }
7093c5 
     if (pk12util.options[opt_CertCipher].activated) {
7093c5 
         char *cipherString = pk12util.options[opt_CertCipher].arg;
7093c5

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation