Digest MD5 forbidden in FIPS mode

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

> I wrote a C code which enter in FIPS mode with fips_mod_set(1).
>
> But, when I call MD5 functions after setting FIPS mode, I get this error:
>
> md5_dgst.c(75): OpenSSL internal error, assertion failed: Low level API call
> to digest MD5 forbidden in FIPS mode! Aborted.
>
> Does anybody know what is wrong? How can I correct it?

Nothing is going wrong; everything is working as expected.

MD5 is essentially forbidden in US Federal except under a few
exemptions. The exemptions include the PRF in TLS. But I've never seen
a library expose MD5 even if its using it under the hood.

Also see FIPS 140-2 and http://www.nsrl.nist.gov/collision.html.

Jeff
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux