Dr. Henson,
I tried the change for MD5 you mentioned of using the EVP interface,
but it isn't working as I am getting the forbidden algorithm error. Below
is the new code. The init is passing but it is failing on the update. I
noticed that the flag is cleared after the init so I set the
EVP_MD_CTX_FLAG_NON_FIPS_ALLOW flag again before update but it still fails.
EVP_MD_CTX ctx;
size_t i;
unsigned int mac_len;
// We are bypassing the OpenSSL FIPS EVP code since MD5 is not FIPS approved
// but this is only for RADIUS authentication which is approved and therefore
// acceptable.
EVP_MD_CTX_set_flags(&ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
EVP_DigestInit(&ctx, EVP_md5());
for(i = 0; i < num_elem; i++)
{
EVP_DigestUpdate(&ctx, addr[i], len[i]);
}
EVP_DigestFinal(&ctx, mac, &mac_len);
