On 3/6/2012 8:43 AM, Steve Marquess wrote: > On 03/06/2012 08:49 AM, Vanden, Michelle CTR USAF AFMC AAC/EBYC wrote: >> Hello Steve, >> >> Will the new certificate support that is has been tested in a Windows 7 > > That validation will include the following MS Windows platforms: > > Windows 7 32bit on x86, SSE2 optimization > Windows 7 64bit on x86, SSE2 optimization > > AES-NI optimization is not covered, so for instance the module cannot be > used with Windows on many Intel Core i5 processors.
The real question is what does it take to cripple AES-NI optimization by OpenSSL? If it's not validated, and fips mode is set on, that optimization should simply be crippled. Is this possible? I trust there is no AES-NI code in the validated fipscanister? So therefore any workaround would be possible within the openssl 1.0.1 non-validated code? ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [email protected]
