Thanks for the explanation. > Just link against the library produced by the FIPS capable > OpenSSL build. If, for some reason, that only produced > libcrypto.a, then you need to investigate why ? perhaps you > passed ?no-shared? when running the config script? The confusion came from trying to use methods such as FIPS_evp_sha1, FIPS_evp_sha224, FIPS_evp_sha256. As Steve replied yesterday, these should not be used (is there any case in which they would ?) as the EVP_sha* methods will automatically use the FIPS enabled ones when FIPS mode is active. For instance doing an 'objdump -T' on libcrypto.so.1.0.0 will show some FIPS* methods, but not the sha* for instance. Which now I see is a normal thing since they are not to be used. Thanks. -- View this message in context: http://openssl.6102.n7.nabble.com/FIPS-using-libcrypto-so-tp67694p67705.html Sent from the OpenSSL - User mailing list archive at Nabble.com.
