Bug 711336

Summary: Enable the AES-NI support in the FIPS mode
Product: Red Hat Enterprise Linux 6 Reporter: RHEL Program Management <pm-rhel>
Component: opensslAssignee: Tomas Mraz <tmraz>
Status: CLOSED ERRATA QA Contact: BaseOS QE Security Team <qe-baseos-security>
Severity: urgent Docs Contact:
Priority: urgent    
Version: 6.2CC: iboverma, pm-eus, pvrabec, sgrubb, smueller, tcapek, tmraz
Target Milestone: rcKeywords: ZStream
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: openssl-1.0.0-10.el6_1.3 Doc Type: Bug Fix
Doc Text:
With this update, the implementation of the AES encryption algorithm with the support for AES-NI processor instructions is now enabled also in the FIPS mode.
 Story Points: ---
Clone Of: Environment:
Last Closed: 2011-06-15 06:45:10 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Bug Depends On: 710488    
Bug Blocks:    

Description RHEL Program Management 2011-06-07 08:57:53 UTC 
This bug has been copied from bug #710488 and has been proposed
to be backported to 6.1 z-stream (EUS).
Comment 4 Tomas Capek 2011-06-07 13:10:07 UTC 
    Technical note added. If any revisions are required, please edit the "Technical Notes" field
    accordingly. All revisions will be proofread by the Engineering Content Services team.
    
    New Contents:
With this update, the implementation of the AES encryption algorithm with the support for AES-NI processor instructions is now enabled also in the FIPS mode.
Comment 6 Tomas Mraz 2011-06-08 14:07:31 UTC 
I forgot to mark the EVP structures in the AESNI engine as FIPS allowed.
Comment 8 errata-xmlrpc 2011-06-15 06:45:10 UTC 
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHEA-2011-0868.html