On Fri, Feb 10, 2012, Erik Tkal wrote: > I'm just saying that there are options to allow this and it just doesn't seem > to work. > > > #define EVP_MD_CTX_FLAG_NON_FIPS_ALLOW 0x0008 /* Allow use of non > FIPS digest > * in FIPS mode */ > > /* Allow non FIPS cipher in FIPS mode */ > #define EVP_CIPH_FLAG_NON_FIPS_ALLOW 0x8000 > > > Obviously the EVP_MD_CTX_FLAG_NON_FIPS_ALLOW flag handling works, since the > SSL/TLS processing uses this to allow MD5 during the handshake. >
That's a bug. Looking into a fix. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org