Migrating to openssl3 and fips

TC terry.y.t.chong at gmail.com
Fri Jul 7 19:13:43 UTC 2023


Hi we have an application written using openssl1 and we would like to
migrate to openssl3, and we have several questions:

1. Is the compiler smart enough to raise warnings for all usage of
deprecated APIs? Do we need to do any exhaustive code walkthrough to look
for them?
2. We had been ignoring the warnings via compiler flags (gcc
no-deprecated-warnings).  We are wondering if that would still work if we
want to use FIPS in openssl3?
3. Do we have to use the new provider method to pick a FIPS provider on
openssl3 if we want to use FIPS?  Would that be a problem if we don't want
to migrate our deprecated APIs yet and want to continue to ignore the
warnings?

Thanks for your help in advance!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-users/attachments/20230707/da991a83/attachment.htm>


More information about the openssl-users mailing list