Ce contenu n'est pas disponible dans la langue sélectionnée.
1.56. fipscheck
1.56.1. RHEA-2009:1266: enhancement update
An updated fipscheck package which contains enhancements necessary for FIPS validation is now available.
FIPSCheck is a library used to verify the integrity of modules validated under FIPS-140-2. The fipscheck package provides helper binaries for creating and verifying HMAC-SHA256 checksum files.
These updated fipscheck packages add the following enhancements:
- previously, the fipscheck libraries and binaries were installed in / (root). However, because they are not required by anything in /, they are now relocated to /usr. (BZ#475800)
- previously, the fipscheck libraries were packaged in the main fipscheck package. This would lead to a file conflict when installing fipscheck on architectures with multilib support. The fipscheck libraries are now shipped in fipscheck-lib subpackages for each architecture, therefore avoiding the file conflict. (BZ#502676)
- fipscheck now includes a runtime integrity self-test which is necessary for FIPS 140-2 level 1 validation of Red Hat Enterprise Linux 5 cryptography modules.
- the FIPSCHECK_DEBUG environment variable adds improved debugging. Error messages can be saved to the syslog or sent to stderr.
- fipscheck can now compute HMACs on multiple files at the same time.
Users of fipscheck are advised to upgrade to these updated packages, which add these enhancements.
