I have an OpenSSL app which performs ECDH-KAS using openssl-1.0.1g + openssl-fips-2.0.5. It needs to be FIPS compatible. The app was written using the low level ECDH functions similar to what is documented here:
https://wiki.openssl.org/index.php/Elliptic_Curve_Diffie_Hellman#Using_the_Low_Level_APIs According to the OpenSSL 3.0.0 Wiki, I MUST rewrite my code to use the high level EVP functions if I want FIPS compatibility. If so, I was going to follow the EVP example at the top of the same URL above. However, I can use some help. Using the EVP example on that page, when and which methods do I need to fetch? If I just add this at the top: EVP_set_default_properties(NULL, "fips=yes”); will that be enough? Thanks, Kory
