[openssl-users] Building an application with OpenSSL and FIPS support.
Dr. Stephen Henson
steve at openssl.org
Mon Oct 10 12:44:06 UTC 2016
On Fri, Oct 07, 2016, Matthew Heimlich wrote:
> Which returns
> Attempting to set FIPS mode to 1...
> Last error was: 2d06b06f
> FIPS_mode_set failed: 2d06b06f
> FIPS mode is: 0???
> So it would appear that my FIPS mode is never even being set, and walking through the code would seem to confirm this. In addition, the error code doesn't seem to be present in the FIPS documentation, but errstr informs me that it is
> error:2D06B06F:FIPS routines:DSA_BUILTIN_PARAMGEN2:fingerprint does not match nonpic relocated???
> Any tips on where to go from here?
Which versions of the FIPS module and OpenSSL are you using?
In the FIPS capable OpenSSL try this:
OPENSSL_FIPS=1 openssl md5 /dev/null
OPENSSL_FIPS=1 openssl sha1 /dev/null
Please give details of any errors you get.
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org
More information about the openssl-users