Call to PEM_read_bio_PrivateKey function returns the following SSL Error in
FIPS mode.
error:06080090:digital envelope routines:EVP_DigestInit_ex:disabled for fips
error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt
error:0906A065:PEM routines:PEM_do_header:bad decrypt
PEM_read_bio_PrivateKey would read the header in the private key and
retrieve the encryption cipher, then it would try to generate the key using
EVP_BytesToKey by passing MD5 as its second parameter. Since MD5 is
hard-coded as the second parameter, any key file containing a header which
specifies an encryption cipher would fail to be loaded in FIPS mode since
MD5 is not allowed in FIPS mode.
>
>
> Is this a known issue that has been resolved in a later release of OpenSSL.?
>
>
> Thanks
> Anamitra
