diff options
author | Matt Caswell <matt@openssl.org> | 2020-08-05 14:46:48 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2020-08-17 11:27:51 +0100 |
commit | bfa6aaab45c30ced2da851ee92f8ac5942f08078 (patch) | |
tree | ffdb18915c6a46038a36918c093aeb4cdf33ab16 /test/fips.cnf | |
parent | e6c54619d151eeec32055bbd713cda11a9182246 (diff) |
Test that EVP_default_properties_is_fips_enabled() works early
We check that EVP_default_properties_is_fips_enabled() is working even
before other function calls have auto-loaded the config file.
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12567)
Diffstat (limited to 'test/fips.cnf')
-rw-r--r-- | test/fips.cnf | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/test/fips.cnf b/test/fips.cnf index d6c3c6be14..fa131a8bf6 100644 --- a/test/fips.cnf +++ b/test/fips.cnf @@ -4,6 +4,13 @@ openssl_conf = openssl_init [openssl_init] providers = provider_sect +alg_section = evp_properties + +[evp_properties] +# Ensure FIPS non-approved algorithms in the FIPS module are suppressed (e.g. +# TEST-RAND). This also means that EVP_default_properties_is_fips_enabled() +# returns the expected value +default_properties = "fips=yes" [provider_sect] fips = fips_sect |