On Fri, Feb 10, 2012, Erik Tkal wrote:
>
> I think the following in evp_enc.c at line 123 might work to only clean up
> the CTX if you were specifying a cipher and one was already present:
>
> if (cipher)
> {
> /* Ensure a context left lying around from last ti
On Fri, Feb 10, 2012, Erik Tkal wrote:
> Hi Steve, thanks. This also seems to be a general issue with setting other
> fields in the context, for example to override the key length (even in
> non-FIPS mode) you have to initialize the cipher context with the cipher,
> then set the fields in the
Just go get source code for RC4 and call it directly when you need RC4.
--David
On 2/10/2012 6:39 AM, Erik Tkal wrote:
I am experimenting with the OpenSSL FIPS Module 2.0, but am
encountering some difficulty.
I need to perform some RC4 calculations in code that does not need to
be FIP
ev@openssl.org
Subject: Re: FIPS Module 2.0 -- using non-FIPS ciphers
On Fri, Feb 10, 2012, Erik Tkal wrote:
> I'm just saying that there are options to allow this and it just doesn't seem
> to work.
>
>
> #define EVP_MD_CTX_FLAG_
On Fri, Feb 10, 2012, Erik Tkal wrote:
> I'm just saying that there are options to allow this and it just doesn't seem
> to work.
>
>
> #define EVP_MD_CTX_FLAG_NON_FIPS_ALLOW0x0008 /* Allow use of non
> FIPS digest
>* in FIPS mode */
>
sl.org] On
Behalf Of Thor Lancelot Simon
Sent: Friday, February 10, 2012 10:08 AM
To: openssl-dev@openssl.org
Subject: Re: FIPS Module 2.0 -- using non-FIPS ciphers
On Fri, Feb 10, 2012 at 10:01:43AM -0500, Erik Tkal wrote:
> Yes, I understand all that; we currently have our own certified FIPS mod
On Fri, Feb 10, 2012 at 10:01:43AM -0500, Erik Tkal wrote:
> Yes, I understand all that; we currently have our own certified FIPS module
> that I wired into OpenSSL via the engine APIs. Assuming that the module
> boundary is the code in the FIPS canister, I want that module to perform all
> FIP
penssl.org] On
Behalf Of Thor Lancelot Simon
Sent: Friday, February 10, 2012 9:52 AM
To: openssl-dev@openssl.org
Subject: Re: FIPS Module 2.0 -- using non-FIPS ciphers
On Fri, Feb 10, 2012 at 09:39:20AM -0500, Erik Tkal wrote:
> I am experimenting with the OpenSSL FIPS Module 2.0, but am enco
On Fri, Feb 10, 2012 at 09:39:20AM -0500, Erik Tkal wrote:
> I am experimenting with the OpenSSL FIPS Module 2.0, but am encountering some
> difficulty.
>
>
>
> I need to perform some RC4 calculations in code that does not need to be
> FIPS compliant, even though I want all FIPS ciphers to be p
I am experimenting with the OpenSSL FIPS Module 2.0, but am encountering some
difficulty.
I need to perform some RC4 calculations in code that does not need to be FIPS
compliant, even though I want all FIPS ciphers to be performed in FIPS mode.
I'm trying to use the EVP_CIPH_FLAG_NON_FIPS_A
10 matches
Mail list logo
