matthew/sonic-buildimage
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
master
sonic-buildimage/rules/sonic-fips.dep
xumia 8ec8900d31
Support SONiC OpenSSL FIPS 140-3 based on SymCrypt engine (#9573) 
Why I did it
Support OpenSSL FIPS 140-3, see design doc: https://github.com/Azure/SONiC/blob/master/doc/fips/SONiC-OpenSSL-FIPS-140-3.md.

How I did it
Install the fips packages.
To build the fips packages, see https://github.com/Azure/sonic-fips
Azure pipelines: https://dev.azure.com/mssonic/build/_build?definitionId=412

How to verify it
Validate the SymCrypt engine:

admin@sonic:~$ dpkg-query -W | grep openssl
openssl 1.1.1k-1+deb11u1+fips
symcrypt-openssl        0.1

admin@sonic:~$ openssl engine -v | grep -i symcrypt
(symcrypt) SCOSSL (SymCrypt engine for OpenSSL)
admin@sonic:~$
2022-05-06 07:21:30 +08:00

11 lines
508 B
Plaintext
Raw Permalink Blame History

SPATH := $($(SYMCRYPT_OPENSSL)_SRC_PATH)
DEP_FILES := $(SONIC_COMMON_FILES_LIST) rules/sonic-fips.mk rules/sonic-fips.dep
DEP_FILES += $(SONIC_COMMON_BASE_FILES_LIST)
SMDEP_FILES := $(addprefix $(SPATH)/,$(shell cd $(SPATH) && git ls-files))
$(SYMCRYPT_OPENSSL)_CACHE_MODE := GIT_CONTENT_SHA
$(SYMCRYPT_OPENSSL)_DEP_FLAGS := $(SONIC_COMMON_FLAGS_LIST)
$(SYMCRYPT_OPENSSL)_DEP_FILES := $(DEP_FILES)
$(SYMCRYPT_OPENSSL)_SMDEP_FILES := $(SMDEP_FILES)
$(SYMCRYPT_OPENSSL)_SMDEP_PATHS := $(SPATH)
Reference in New Issue View Git Blame Copy Permalink