[openssl-users] Using FIPS mode and modifying apps

jonetsu at teksavvy.com jonetsu at teksavvy.com
Wed Jan 14 02:33:49 UTC 2015


A system running in FIPS can have several applications using libssl.
openvpn and openswan are two.  There can be 3rd party web servers.  So
on.  Is there any 'library magic' these days that would prevent
modifying each and every application to add a FIPS_mode_set() call and
error handling ?  I guess there isn't although I'm not risking anything
in asking :)

So basically every app that uses libssl will have to be modified to
add a FIPS_mode_set() call near the beginning.  Is that right ?

Thanks for any comments and suggestions !


More information about the openssl-users mailing list