FIPS_mode_set(1) error:00000000:lib(0):func(0):reason(0)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

> It compiles without errors. When I try to enable FIPS mode, I get this
> output:
>
> arm:~/nitere/new$ ./fipsctl set 1
> *** Enabling FIPS module. ***
> *** Failed to enable FIPS module. ***
> error:00000000:lib(0):func(0):reason(0)
>
> But FIPS is still disabled:
>
> arm:~/nitere/new$ ./fipsctl get
> *** FIPS module is disabled. ***
>
> Does somebody knows what is wrong?

Just a guess, but it looks like ERR_get_error() is returning the
result of loading the error strings.

If FIPS_mode_set fails, then grab ERR_get_error() immediately and
ouput it in hex. With the hex error code, you can:

    $ openssl errstr 0x060800A3
    error:060800A3:digital envelope routines:EVP_DigestInit_ex:disabled for fips

Jeff
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux