Re: [EXTERNAL] Re: MD5 and FIPS

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



You need to load the default provider to access MD5.

So:

1. load the FIPS and default providers into your library context;

2. set the default property query to `fips="yes"' -- using configuration, EVP_set_default_properties(), EVP_default_properties_enable_fips() or whatever;

3. load MD5 via EVP_MD_fetch(libctx, "md5", "fips=no").



Pauli

On 2/2/23 11:45, Sands, Daniel wrote:

-----Original Message-----
From: openssl-users <openssl-users-bounces@xxxxxxxxxxx> On Behalf Of Dr
Paul Dale
Sent: Wednesday, February 1, 2023 2:33 PM
To: openssl-users@xxxxxxxxxxx
Subject: [EXTERNAL] Re: MD5 and FIPS

If you are using OpenSSL 1.0.2 and the old FOM, you're out of luck.

If you are using OpenSSL 3.0 with the FIPS provider, you can still access MD5 by
loading appropriate providers and specifying a property query.  See the
migration or FIPS guides.
This sounds like an acceptable workaround.  So if I load the legacy provider, then request MD5 (or SHA1) explicitly through that provider, it should provide a working context?




[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux