Remove last trace of FIPS stuff #5326
Conversation
richsalz
added
branch: master
|
-1 please hold off on this until we sort out the forward strategy |
crypto/o_fips.c
Outdated
| return 1; | ||
| CRYPTOerr(CRYPTO_F_FIPS_MODE_SET, CRYPTO_R_FIPS_MODE_NOT_SUPPORTED); | ||
| return 0; | ||
| } |
There was a problem hiding this comment.
This is a no-can-do until 1.2. (you didn't do a make update, btw)
richsalz
changed the title
|
Forgot the WIP tag |
|
I will restore the API. |
richsalz
changed the title
|
API restored, taking off WIP. I know it's going to need a vote, but this is just... waiting. |
|
I'm not familiar with the justification for removal of FIPS. Is it because these components are being removed because they are no longer used? |
|
1.1.0 is not FIPS capable. We will be starting a new FIPS project after 1.1.1; see the last section of https://www.openssl.org/blog/blog/2018/01/18/f2f-london/ |
|
Removal of the ...NON_FIPS_ALLOW flags is a borderline API/ABI break. The flags at some point of time existed and applications could set them. |
|
They are not removed, they are set to zero. No breakage. |
|
The breakage would happen if you reused the previous values for anything else. So is there any point in setting them to zero rather than keeping the pre-reserved values? |
|
How would you get those values? Shrug. It doesn't matter because @t-j-h put a -1 on this, and I don't have the energy/interest to take this through a vote so this won't happen. |
|
The application compiled against older openssl using these defines would set the flags to the old values (and not 0). |
|
Yes, and zero means setting no flag bits, which means no action, which is what the current behavior is. We've done this "set to zero for no-op" before. |
|
Maybe I am not clear enough. Imagine application compiled with openssl-1.1.0 that uses one of these defines - it means that it will try to set some value of the flag to non-zero. If you then later reuse this non-zero value in openssl-1.1.x to mean something else than these FIPS flags, you have an ABI breakage. (not API breakage though) |
|
I understand. I think the FIPS work will at least require a recompile. Maybe I'm wrong. But as I said, Tim put a -1 on this and I'm not working to take it forward past that. |
No description provided.