-
Steve Beattie authored
Cryptographic libraries that have had FIPS 140-2 patches applied with read from and validate themselves against a validation file, which is in the same directory as the library itself. As an example, A FIPS 140-2 version libgcrypt on x86-64 has the following shared library and hmac file: /lib/x86_64-linux-gnu/libgcrypt.so.20.2.1 /lib/x86_64-linux-gnu/.libgcrypt.so.20.hmac A similarly named version of libgcrypt + hmac file can be seen for SUSE systems in: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2464.pdf and Red Hat: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2657.pdf The libraries provided by FIPS 140-2 compliant versions of OpenSSL also include this. Signed-off-by: Steve Beattie <steve.beattie@canonical.com> MR: !595