On Tue, Jan 20, 2015, John Laundree wrote: > I want to use code like the following while in FIPS mode.... > > const EVP_MD *md > md = EVP_md5(); > > so I can call HMAC() > > unsigned char *HMAC(const EVP_MD *evp_md, const void *key, int key_len, > const unsigned char *d, size_t n, unsigned char *md, > unsigned int *md_len); > > It appears that OPENSSL_NO_MD5 is defined so EVP_md5() is unavailable... > I am new to openssl/FIPS and was wondering if there was another way to generate a HMAC MD5? > Are you sure EVP_md5() is unavailable? I wouldn't expect OpenSSL to compile if MD5 was disabled. EVP_md5() wont be present in the FIPS module (which doesn't implement it) but it should be present in libcrypto. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org