I am having a problem where FIPS_incore_fingerprint is failing to generate the same signature as our build script.
If I set a breakpoint in FIPS_incore_fingerprint it appears that p1-p4 are all being set correctly. If I dump memory for each section (p1-p2 and p3-p4) and concatenate the binary data and run openssl sha1 -hmac etaonrishdlcupfm concatenateddata.bin I get the same result as we are storing into FIPS_signature. However, after the HMAC_Final call in FIPS_incore_fingerprint the resulting signature is not the same. I set breakpoints and skipped the second HMAC_Update (so as to just hash the text section) and I do not get the same result as expected for just that section. If I skip the first HMAC_Update to just hash the data section, then that does return the expected result for that section every time. I have dumped the text section (p1-p2) before and after the first HMAC_Update and there is no difference in the memory contents, and I get the same contents for every run, yet the resulting hash for that chunk is different every time. Any idea what might be going on here? Thanks, Erik Tkal -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
