Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-47338

? syntax for optional names doesn't work in FIPS mode

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Normal Normal
    • None
    • rhel-10.0.beta
    • openssl
    • None
    • None
    • Low
    • rhel-sst-security-crypto
    • ssg_security
    • None
    • False
    • Hide

      None

      Show
      None
    • None
    • None
    • None
    • None
    • None

      the "?" syntax for optional names doesn't work in FIPS mode.

      When openssl is executed with openssl s_server -groups ?P-384:P-256 -serverpref -www and client with default settings, the connection ends up with P-256 curve.

      that's with openssl-3.2.2-3.el9

      Same for sig algs.

              dbelyavs@redhat.com Dmitry Belyavskiy
              hkario@redhat.com Alicja Kario
              Dmitry Belyavskiy Dmitry Belyavskiy
              George Pantelakis George Pantelakis
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

                Created:
                Updated: