All the providers can use the low-level APIs internally to implement crypto algorithms. The FIPS provider however includes all the low level implementations as a separately built and statically linked code. That means you cannot use the low-level calls in an application and still be FIPS compliant as the low-level API calls called from an application are implemented by the libcrypto library and not the FIPS provider. Tomas Mraz, OpenSSL On Tue, 2022-05-03 at 10:12 -0500, Joy Latten wrote: > Hi, > I understand that low-level APIs have been deprecated in version 3. I > have been playing some with the fips provider trying to understand > the config options to use with it. I noticed that the fips provider > source code includes a few low level APIs like SHA256_Init(). > Is it correct to conclude that although use of the low level APIs are > deprecated, perhaps for a grace period for transitioning they are > permitted in the fips provider? > > Thanks for all help! > regards, > Joy > > -- Tomáš Mráz, OpenSSL
