Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

(FIPS Backport) Add EVP_md_null and SSL_set_ciphersuites (#1637) #1653

Merged
merged 4 commits into from
Jun 21, 2024
Merged

(FIPS Backport) Add EVP_md_null and SSL_set_ciphersuites (#1637) #1653

merged 4 commits into from
Jun 21, 2024

Conversation

WillChilds-Klein
Copy link
Contributor

Issues:

Resolves #ISSUE-NUMBER1
Addresses #ISSUE-NUMBER2

Description of changes:

Backport of commit to main.

NOTE: All changes in this commit are outside of the FIPS module boundary and as such do not affect the module hash.

This commit adds two functions used by OpenLDAP 2.5.17+. Both functions are very straightforward.

From OpenSSL's [docs][1] for EVP_md_null:

A "null" message digest that does nothing: i.e. the hash it returns is
of zero length.

From OpenSSL's [docs][2] for SSL_set_ciphersuites:

SSL_set_ciphersuites() is the same as SSL_CTX_set_ciphersuites()
except it configures the ciphersuites for ssl.

[1]: https://www.openssl.org/docs/man1.1.1/man3/EVP_md_null.html [2]:
https://www.openssl.org/docs/man1.1.1/man3/SSL_set_ciphersuites.html

Call-outs:

  • does not affect FIPS module hash

Testing:

  • CI

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license and the ISC license.

@WillChilds-Klein
Add EVP_md_null and SSL_set_ciphersuites (aws#1637)
01fcacb 
**NOTE:** All changes in this commit are outside of the FIPS module
boundary and as such do not affect the module hash.

This commit adds two functions used by OpenLDAP 2.5.17+. Both functions
are very straightforward.

From OpenSSL's [docs][1] for `EVP_md_null`:

>A "null" message digest that does nothing: i.e. the hash it returns is
of zero length.

From OpenSSL's [docs][2] for `SSL_set_ciphersuites`:

> SSL_set_ciphersuites() is the same as SSL_CTX_set_ciphersuites()
except it configures the ciphersuites for ssl.

[1]: https://www.openssl.org/docs/man1.1.1/man3/EVP_md_null.html
[2]:
https://www.openssl.org/docs/man1.1.1/man3/SSL_set_ciphersuites.html
@WillChilds-Klein
Trim down integrations workflow to OpenLDAP
51ec673
@WillChilds-Klein WillChilds-Klein marked this pull request as ready for review June 20, 2024 21:48
@WillChilds-Klein WillChilds-Klein requested review from a team as code owners June 20, 2024 21:48
@justsmth justsmth merged commit 41c106d into aws:fips-2022-11-02 Jun 21, 2024
7 of 9 checks passed
@WillChilds-Klein WillChilds-Klein deleted the fips-2022-11-02 branch June 21, 2024 14:22
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@samuel40791765 samuel40791765 samuel40791765 approved these changes

@darylmartin100 darylmartin100 darylmartin100 approved these changes

@justsmth justsmth justsmth approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@WillChilds-Klein @samuel40791765 @darylmartin100 @justsmth