genrsa: unable to load provider fips
Norman Ashley (nashley)
nashley at cisco.com
Fri Jun 12 19:00:29 UTC 2020
Running apps/openssl genrsa -provider fips results in the following error …
genrsa: unable to load provider fips
C0FDC40A01000000:error::common libcrypto routines:provider_activate:init fail:crypto/provider_core.c:503:
What am I missing?
Thanks,
Norman
perl configdata.pm --dump
Command line (with current working directory = .):
perl ./Configure darwin64-x86_64-cc --prefix=/Downloads/ossl-3-install --openssldir=/Downloads/ossl-3-install/ssl --debug
Perl information:
perl
5.18.4 for darwin-thread-multi-2level
Enabled features:
aria
asm
async
autoalginit
autoerrinit
autoload-config
bf
blake2
camellia
capieng
cast
chacha
cmac
cmp
cms
comp
ct
deprecated
des
dgram
dh
dsa
dso
dtls
dynamic-engine
ec
ec2m
ecdh
ecdsa
engine
err
filenames
fips
gost
idea
legacy
makedepend
md4
mdc2
module
multiblock
nextprotoneg
pinshared
ocb
ocsp
padlockeng
pic
poly1305
posix-io
psk
rc2
rc4
rdrand
rfc3779
rmd160
scrypt
secure-memory
seed
shared
siphash
siv
sm2
sm3
sm4
sock
srp
srtp
sse2
ssl
static-engine
stdio
tests
threads
tls
ts
ui-console
whirlpool
tls1
tls1-method
tls1_1
tls1_1-method
tls1_2
tls1_2-method
tls1_3
dtls1
dtls1-method
dtls1_2
dtls1_2-method
Disabled features:
afalgeng [not-linux] OPENSSL_NO_AFALGENG
asan [default] OPENSSL_NO_ASAN
buildtest-c++ [default]
crypto-mdebug [default] OPENSSL_NO_CRYPTO_MDEBUG
devcryptoeng [default] OPENSSL_NO_DEVCRYPTOENG
ec_nistp_64_gcc_128 [default] OPENSSL_NO_EC_NISTP_64_GCC_128
egd [default] OPENSSL_NO_EGD
external-tests [default] OPENSSL_NO_EXTERNAL_TESTS
fuzz-libfuzzer [default] OPENSSL_NO_FUZZ_LIBFUZZER
fuzz-afl [default] OPENSSL_NO_FUZZ_AFL
ktls [default] OPENSSL_NO_KTLS
md2 [default] OPENSSL_NO_MD2 (skip crypto/md2)
msan [default] OPENSSL_NO_MSAN
rc5 [default] OPENSSL_NO_RC5 (skip crypto/rc5)
sctp [default] OPENSSL_NO_SCTP
ssl-trace [default] OPENSSL_NO_SSL_TRACE
trace [default] OPENSSL_NO_TRACE
ubsan [default] OPENSSL_NO_UBSAN
unit-test [default] OPENSSL_NO_UNIT_TEST
uplink [no uplink_arch] OPENSSL_NO_UPLINK
weak-ssl-ciphers [default] OPENSSL_NO_WEAK_SSL_CIPHERS
zlib [default]
zlib-dynamic [default]
ssl3 [default] OPENSSL_NO_SSL3
ssl3-method [default] OPENSSL_NO_SSL3_METHOD
Config target attributes:
AR => "ar",
ARFLAGS => "r",
CC => "cc",
CFLAGS => "-g -O0 -Wall",
HASHBANGPERL => "/usr/bin/env perl",
RANLIB => "ranlib -c",
RC => "windres",
asm_arch => "x86_64",
bn_ops => "SIXTY_FOUR_BIT_LONG",
build_file => "Makefile",
build_scheme => [ "unified", "unix" ],
cflags => "-arch x86_64",
cppflags => "-D_REENTRANT",
defines => [ "OPENSSL_BUILDING_OPENSSL" ],
disable => [ ],
dso_scheme => "dlfcn",
enable => [ ],
includes => [ ],
lflags => "-Wl,-search_paths_first",
lib_cflags => "",
lib_cppflags => "-DL_ENDIAN",
lib_defines => [ ],
module_cflags => "-fPIC",
module_cxxflags => undef,
module_ldflags => "-bundle",
perl_platform => "Unix",
perlasm_scheme => "macosx",
shared_cflag => "-fPIC",
shared_defines => [ ],
shared_extension => ".\$(SHLIB_VERSION_NUMBER).dylib",
shared_ldflag => "-dynamiclib -current_version \$(SHLIB_VERSION_NUMBER) -compatibility_version \$(SHLIB_VERSION_NUMBER)",
shared_rcflag => "",
shared_sonameflag => "-install_name \$(INSTALLTOP)/\$(LIBDIR)/",
shared_target => "darwin-shared",
sys_id => "MACOSX",
thread_defines => [ ],
thread_scheme => "pthreads",
unistd => "<unistd.h>",
Recorded environment:
AR =
ARFLAGS =
AS =
ASFLAGS =
BUILDFILE =
CC =
CFLAGS =
CPP =
CPPDEFINES =
CPPFLAGS =
CPPINCLUDES =
CROSS_COMPILE =
CXX =
CXXFLAGS =
HASHBANGPERL =
LD =
LDFLAGS =
LDLIBS =
MT =
MTFLAGS =
OPENSSL_LOCAL_CONFIG_DIR =
PERL =
RANLIB =
RC =
RCFLAGS =
RM =
WINDRES =
__CNF_CFLAGS =
__CNF_CPPDEFINES =
__CNF_CPPFLAGS =
__CNF_CPPINCLUDES =
__CNF_CXXFLAGS =
__CNF_LDFLAGS =
__CNF_LDLIBS =
Makevars:
AR = ar
ARFLAGS = r
CC = cc
CFLAGS = -g -O0 -Wall
CPPDEFINES =
CPPFLAGS =
CPPINCLUDES =
CXXFLAGS =
HASHBANGPERL = /usr/bin/env perl
LDFLAGS =
LDLIBS =
PERL = perl
RANLIB = ranlib -c
RC = windres
RCFLAGS =
NOTE: These variables only represent the configuration view. The build file
template may have processed these variables further, please have a look at the
build file for more exact data:
Makefile
build file:
Makefile
build file templates:
Configurations/common0.tmpl
Configurations/unix-Makefile.tmpl
Configurations/common.tmpl
==========================================================
apps/openssl fipsinstall -out /Downloads/ossl-3-install/ssl/fipsmodule.cnf -module /Downloads/ossl-3-install/lib/ossl-modules/fips.dylib -provider_name fips -mac_name HMAC -macopt digest:SHA256 -macopt hexkey:00 -section_name fips_sect
HMAC : (Module_Integrity) : Pass
SHA1 : (KAT_Digest) : Pass
SHA2 : (KAT_Digest) : Pass
SHA3 : (KAT_Digest) : Pass
TDES : (KAT_Cipher) : Pass
AES_GCM : (KAT_Cipher) : Pass
RSA : (KAT_Signature) : Pass
ECDSA : (KAT_Signature) : Pass
DSA : (KAT_Signature) : Pass
HKDF : (KAT_KDF) : Pass
SSKDF : (KAT_KDF) : Pass
HASH : (DRBG) : Pass
CTR : (DRBG) : Pass
HMAC : (DRBG) : Pass
DH : (KAT_KA) : Pass
ECDH : (KAT_KA) : Pass
INSTALL PASSED
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-users/attachments/20200612/5aa2b190/attachment-0001.html>
More information about the openssl-users
mailing list