Am 05.03.2018 um 20:07 schrieb Salz, Rich via openssl-users:
>
> * Did you mean if an application uses the low level crypto algorithm
> functions (e.g. SHA256_Init/ SHA256_Update/ SHA256_Final) then
> they won't work under FIPS mode (and hence may cause unpredictable
> issues)?
>
>
>
> Yes.
>
>
>
> It’s not unpredictable issues, but rather that your application cannot
> claim to be FIPS validated.
>
>
>
>
>
It's even worse: If you force an application which is not fips-aware
into FIPS mode and that application uses low level algorithms, then it
will be aborted by OpenSSL, because it is forbidden to use the low level
algorithms directly. To understand how this happens, search the source
code for 'fips_md_init' and 'fips_cipher_abort'. They are defined in
crypto.h, see end of mail.
Changing applications from the low level api is not a simple bugfix.
It's a nontrivial task.
So the situation is hopeless, I would say.
Matthias
crypto.h:
=======
# define fips_md_init(alg) fips_md_init_ctx(alg, alg)
# ifdef OPENSSL_FIPS
# define fips_md_init_ctx(alg, cx) \
int alg##_Init(cx##_CTX *c) \
{ \
if (FIPS_mode()) OpenSSLDie(__FILE__, __LINE__, \
"Low level API call to digest " #alg " forbidden in FIPS
mode!"); \
return private_##alg##_Init(c); \
} \
int private_##alg##_Init(cx##_CTX *c)
# define fips_cipher_abort(alg) \
if (FIPS_mode()) OpenSSLDie(__FILE__, __LINE__, \
"Low level API call to cipher " #alg " forbidden in FIPS
mode!")
# else
# define fips_md_init_ctx(alg, cx) \
int alg##_Init(cx##_CTX *c)
# define fips_cipher_abort(alg) while(0)
# endif
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
