FIPS mode: Need to use FIPS versions of (EVP) methods ?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Tue, Aug 02, 2016, jonetsu wrote:

> FIPS: Need to use FIPS versions of (EVP) methods ?
> 
> In FIPS mode, is there a need to use the FIPS_* methods instead of the
> regular ones once FIPS_mode_set(1) was successfully executed ?  For
> instance, is there a need to use FIPS_evp_sha1() instead of EVP_sha1()
> ?  Wouldn't the FIPS version of EVP_sha1() be used automatically when
> in FIPS mode ?
> 

The FIPS implementation of sha1 is automatically used in FIPS mode yes. You
shouldn't use FIPS_evp_sha1() etc.

Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux