Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-106988

FIPS provider name does not mention Red Hat

Linking RHIVOS CVEs to...Migration: Automation ...Sync from "Extern...XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Major Major
    • rhel-10.1.z
    • rhel-10.1, rhel-9.7
    • fips-provider-next
    • None
    • fips-provider-next-1.2.0-2.el10_1
    • No
    • Critical
    • ZStream
    • 1
    • rhel-security-crypto-clubs
    • 0.5
    • False
    • False
    • Hide

      None

      Show
      None
    • No
    • Crypto25September
    • Regression Exception
    • Hide

      AC) when fips-provider-next is installed, openssl list -providers reports fips provider name and version are set to "Red Hat Enterprise Linux FIPS" and "1.2.0", respectively (implemented by https://pkgs.devel.redhat.com/cgit/tests/openssl/tree/Sanity/fips-module-version).

      Show
      AC) when fips-provider-next is installed, openssl list -providers reports fips provider name and version are set to "Red Hat Enterprise Linux FIPS" and "1.2.0", respectively (implemented by https://pkgs.devel.redhat.com/cgit/tests/openssl/tree/Sanity/fips-module-version ).
    • Pass
    • Enabled
    • Automated
    • Release Note Not Required
    • Unspecified
    • Unspecified
    • Unspecified
    • All
    • None

      What were you trying to do that didn't work?

      Specfile gives impression that the provider name will be "Red Hat Enterprise Linux FIPS Provider":

      -DFIPS_VENDOR='"\"Red Hat Enterprise Linux FIPS Provider\""' \
-DKRYOPTIC_FIPS_VERSION='"\"%{version}\""'

      But instead it is just "OpenSSL FIPS Provider".

      What is the impact of this issue to you?

      Most likely no impact.

      Please provide the package NVR for which the bug is seen:

      fips-provider-next-1.2.0-1.el10

      fips-provider-next-1.2.0-5.el9

      How reproducible is this bug?:

      100% in FIPS mode

      Steps to reproduce

      1. Install fips-provider-next, remove openssl-fips-provider and openssl-fips-provider-so
      2. Enable FIPS mode
      3. List providers (openssl list -providers)

      Expected results

        fips
    name: Red Hat Enterprise Linux FIPS Provider
    version: 1.2.0
    status: active

      Actual results

        fips
    name: OpenSSL FIPS Provider
    version: 1.2.0
    status: active

              rhn-engineering-ssorce Simo Sorce
              omoris Ondrej Moris
              Simo Sorce Simo Sorce
              Stanislav Zidek Stanislav Zidek
              Votes:
              0 Vote for this issue
              Watchers:
              7 Start watching this issue

                Created:
                Updated: