[openssl-users] HMAC-MD5 OpenSSL 1.0.1e and FIPS 2.0.7

Dr. Stephen Henson steve at openssl.org
Wed Jan 21 14:29:22 UTC 2015

On Tue, Jan 20, 2015, John Laundree wrote:

> I want to use code like the following while in FIPS mode....
> const EVP_MD *md
> md = EVP_md5();
> so I can call  HMAC()
> unsigned char *HMAC(const EVP_MD *evp_md, const void *key, int key_len,
>                                           const unsigned char *d, size_t n, unsigned char *md,
>                                           unsigned int *md_len);
> It appears that OPENSSL_NO_MD5 is defined so EVP_md5() is unavailable...
> I am new to openssl/FIPS and was wondering if there was another way to generate a HMAC MD5?

Are you sure EVP_md5() is unavailable? I wouldn't expect OpenSSL to compile if
MD5 was disabled.

EVP_md5() wont be present in the FIPS module (which doesn't implement it) but
it should be present in libcrypto.

Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org

More information about the openssl-users mailing list