[openssl-users] FIPS mode restrictions and DES
jonetsu
jonetsu at teksavvy.com
Mon Apr 13 15:33:09 UTC 2015
Thanks for the comments - much appreciated.
The following question might be on the naive side of things, but then I'm
all new to this. Since crypt() in glibc2 supports SHA-256 and SHA-512 for
password, and assuming that these two are FIPS compatible, what would be the
(financial) overhead of having the crypto part of glibc2 go through
validation ? It sounds very odd, not to mention very expensive, but I'm
asking nevertheless, in case there is a possibility. In other words, is the
only practical and viable option regarding this to re-implement crypt()
using EVP methods ? - thanks.
Regards.
--
View this message in context: http://openssl.6102.n7.nabble.com/openssl-users-FIPS-mode-restrictions-and-DES-tp57497p57527.html
Sent from the OpenSSL - User mailing list archive at Nabble.com.
More information about the openssl-users
mailing list