diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2011-06-20 19:41:13 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2011-06-20 19:41:13 +0000 |
commit | 3a5b97b7f124cbd5346ab0d8fe6fc1705a81a675 (patch) | |
tree | 0f027ac3ffcd69a7242023f43d5b309be2b71983 /CHANGES | |
parent | 45bf825066b1929ec219b8b76321f5191e44f370 (diff) | |
download | openssl-new-3a5b97b7f124cbd5346ab0d8fe6fc1705a81a675.tar.gz |
Don't set default public key methods in FIPS mode so applications
can switch between modes.
Diffstat (limited to 'CHANGES')
-rw-r--r-- | CHANGES | 6 |
1 files changed, 6 insertions, 0 deletions
@@ -4,6 +4,12 @@ Changes between 1.0.0e and 1.0.1 [xx XXX xxxx] + *) For FIPS capable OpenSSL interpret a NULL default public key method + as unset and return the appopriate default but do *not* set the default. + This means we can return the appopriate method in applications that + swicth between FIPS and non-FIPS modes. + [Steve Henson] + *) Redirect HMAC and CMAC operations to FIPS module in FIPS mode. If an ENGINE is used then we cannot handle that in the FIPS module so we keep original code iff non-FIPS operations are allowed. |