Openssl 3.0 fips usage

Manish Patidar mann.patidar at gmail.com
Tue Feb 4 10:59:32 UTC 2020


Hi,

Can some one clarify if below usage is allowed by fips

According to FIPS 140-2 IG document, CSP defined in approved mode of
operation shall not be accessed or shared with non-approved mode of
operation.

If  both default and fips provider are loaded and application generate Rsa
key pair(2048 bits) from fips provider and  try to use default provider to
sign with sha1,  is this allowed?
If allowed, will it not break the fips rules?

Regards
Manish
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20200204/a5aca542/attachment.html>


More information about the openssl-users mailing list