> On 4 Dec 2024, at 16:57, Joe Conway <m...@joeconway.com> wrote: > I can send you the source RPM for openssl 1.1.1c which was an earlier FIPS > validated version, but the main FIPS patch contains:
AFAICT the forks of 1.1.1 which offer FIPS certification all patch the common OpenSSL API FIPS_mode() rather than invent a new one, so the earlier approach should work fine. PFA an updated version which I propose we go ahead with. -- Daniel Gustafsson
v4-0001-pgcrypto-Make-it-possible-to-disable-built-in-cry.patch
Description: Binary data
