Revert ‘Disable EVP_PKEY_sign/EVP_PKEY_verify in FIPS mode’
Related: rhbz#2087234
Use KAT for ECDSA signature tests, s390 arch
Resolves: rhbz#2086866
[1:3.0.1-32]
openssl ecparam -list_curves lists only FIPS-approved curves in FIPS mode
Resolves: rhbz#2091929
Ciphersuites with RSA KX should be filterd in FIPS mode
Related: rhbz#2091994
In FIPS mode, signature verification works with keys of arbitrary size
above 2048 bit, and only with 1024, 1280, 1536, 1792 bits for keys
below 2048 bits
Resolves: rhbz#2091938
[1:3.0.1-31]
Disable SHA-1 signature verification in FIPS mode
Disable EVP_PKEY_sign/EVP_PKEY_verify in FIPS mode
Resolves: rhbz#2087234
[1:3.0.1-30]
Use KAT for ECDSA signature tests
Resolves: rhbz#2086866
[1:3.0.1-29]
-config argument of openssl app should work properly in FIPS mode
Resolves: rhbz#2085500
openssl req defaults on PKCS#8 encryption changed to AES-256-CBC
Resolves: rhbz#2085499
[1:3.0.1-28]
OpenSSL should not accept custom elliptic curve parameters
Resolves rhbz#2085508
OpenSSL should not accept explicit curve parameters in FIPS mode
Resolves rhbz#2085521
[1:3.0.1-27]
Change FIPS module version to include hash of specfile, patches and sources
Resolves: rhbz#2082585
[1:3.0.1-26]
OpenSSL FIPS module should not build in non-approved algorithms
Resolves: rhbz#2082584
[1:3.0.1-25]
FIPS provider should block RSA encryption for key transport.
Other RSA encryption options should still be available
Resolves: rhbz#2053289
[1:3.0.1-24]
Fix occasional internal error in TLS when DHE is used
Resolves: rhbz#2080323