Matt Caswell
Matt Caswell
You need OpenSSL 3.0 with the FIPS provider (configure OpenSSL with "enable-fips" during the build). Your application will then need to be written/configured to *use* the FIPS provider. See: https://www.openssl.org/docs/man3.0/man7/fips_module.html...
KTLS will also need some more work. I plan to have a separate KTLS record method implementation - but at the moment its still mixed in with the rest of...
SSLv3 decryption code has also now been moved to the new approach.
Updated with TLSv1.3 decryption code now also moved.
Updated to move the KTLS code to use the new read record layer. Also some significant re-org of the code so far
I've now added support to move data received by a record layer object in one epoch into a record layer object in the next epoch. For example, in the case...
The CIs are now passing for this PR except for one - which is in the external tests. Specifically the oqsprovider test: ```` patching file test/ssltestlib.c Hunk #9 succeeded at...
> testing will be changed to require presence of openssl master (thus doing away with patching) which should solve the chicken-and-egg problem: https://github.com/open-quantum-safe/oqs-provider/issues/55. Awesome! Thanks.
@baentsch Thanks! I've updated the oqs-provider submodule in this PR to the latest commit in order to pick up your latest changes. I also had to modify our oqsprovider.sh script...