subject:"Re\: \[openssl\-users\] Building an application with OpenSSL and FIPS support."

Re: [openssl-users] Building an application with OpenSSL and FIPS support.

2016-10-12 Thread Matthew Heimlich

I recompiled with dynamic libraries and after linking to them the program runs without issue. I'll keep trying to hunt down the issues with the static libs. Thanks for the help. Thanks, Matt Heimlich Linux Security Engineer SteelCloud LLC 703.999.4346

Re: [openssl-users] Building an application with OpenSSL and FIPS support.

2016-10-11 Thread Dr. Stephen Henson

On Mon, Oct 10, 2016, Matthew Heimlich wrote: > $openssl version > > returns: > > OpenSSL 1.0.2j-fips > > My FIPS module version is openssl-fips-2.0.13 > > $OPENSSL_FIPS=1 openssl md5 /dev/null > > returns: > > Error setting digest md5 > 140066569107136:error:060A80A3:digital envelope >

Re: [openssl-users] Building an application with OpenSSL and FIPS support.

2016-10-10 Thread Matthew Heimlich

$openssl version returns: OpenSSL 1.0.2j-fips My FIPS module version is openssl-fips-2.0.13 $OPENSSL_FIPS=1 openssl md5 /dev/null returns: Error setting digest md5 140066569107136:error:060A80A3:digital envelope routines:FIPS_DIGESTINIT:disabled for fips:fips_md.c:180: $OPENSSL_FIPS=1

Re: [openssl-users] Building an application with OpenSSL and FIPS support.

2016-10-10 Thread Dr. Stephen Henson

On Fri, Oct 07, 2016, Matthew Heimlich wrote: > Which returns > > > Attempting to set FIPS mode to 1... > Last error was: 2d06b06f > FIPS_mode_set failed: 2d06b06f > FIPS mode is: 0??? > > So it would appear that my FIPS mode is never even being set, and walking > through the code would seem

Re: [openssl-users] Building an application with OpenSSL and FIPS support.

2016-10-07 Thread Matthew Heimlich

Running fails specifically on the line: if(1 != EVP_EncryptFinal_ex(ctx, ciphertext + len, )) handleErrors(); Although I've added some additional debugging code at this point, including this function: int Check_Enable_FIPS(void) { int mode = FIPS_mode(); int ret = 0; unsigned

Re: [openssl-users] Building an application with OpenSSL and FIPS support.

2016-10-07 Thread Ethan Rahn

Matt, What part of the selftest fails? Can you step through it with a debugger? Cheers, Ethan On Fri, Oct 7, 2016 at 10:56 AM, Matthew Heimlich wrote: > I'm on RHEL7. I've got a very simple encryption/decryption program that > works fine without FIPS support

Re: [openssl-users] Building an application with OpenSSL and FIPS support.

Re: [openssl-users] Building an application with OpenSSL and FIPS support.

Re: [openssl-users] Building an application with OpenSSL and FIPS support.

Re: [openssl-users] Building an application with OpenSSL and FIPS support.

Re: [openssl-users] Building an application with OpenSSL and FIPS support.

Re: [openssl-users] Building an application with OpenSSL and FIPS support.

6 matches

Site Navigation

Mail list logo

Footer information