Hi All, I have a question about FIPS mode and Integrity check. 1)I built FIPS 2.0.2 module, libcrypto.1.0.0 with FIPS and dynamically linked against *sshd* and installed on target machine, which is working fine. 2)I cleaned up the libraries, build FIPS module and libcrypto.so.1.0.0 again and replaced earlier libcrypto in the target machine with new library.
SSHD dumped once, and after restart it is working fine in FIPS mode. Since FIPS mode is turned on, integrity test must have been passed. How integrity check is passing in this case? Does fipscanister creates same fingerprint for different compilation? Or is the Intergrity check is confined only to libcrypto library and doesnt depend on the executable? Thanks. -- View this message in context: http://openssl.6102.n7.nabble.com/FIPS-Mode-set-and-Integrity-check-tp45125.html Sent from the OpenSSL - User mailing list archive at Nabble.com. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
