Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-35882

Add missing ecdsa HashSign/HashVerify symbols

XMLWordPrintable

    • golang-1.22.3-2.el10
    • None
    • None
    • ZStream
    • 2
    • rhel-sst-pt-llvm-rust-go
    • ssg_platform_tools
    • 2
    • QE ack, Dev ack
    • False
    • Hide

      None

      Show
      None
    • Yes
    • Sprint 4, Sprint 5
    • Approved Blocker
    • Unspecified Release Note Type - Unknown
    • None

      Our Go Toolset distribution has always provided the ecdsa.HashSign and ecdsa.HashVerify symbols. The original reason for this was to ensure that both hashing and signing happen within the same API boundary to ensure that both hashing and signing happen within a certified FIPS crypto module. During the update to `openssl@v2` these symbols were dropped.

      This has caused issues for layered products and other downstream consumers. To fix, the symbols must be added to the upstream golang-fips/go repository for the 1.22 release, currently tracked by the 'main' branch, and then builds will need to be completed using the updated sources.

              rh-ee-deparker Derek Parker
              rh-ee-deparker Derek Parker
              David Benoit David Benoit
              Edjunior Machado Edjunior Machado
              Votes:
              0 Vote for this issue
              Watchers:
              14 Start watching this issue

                Created:
                Updated: