FIPS 3.0 private_* hash functions
pdrotter at us.ibm.com
Thu Oct 10 15:40:02 UTC 2019
I am in the process of making required changes to migrate our code to the
1.1.x branch. We are currently using the FIPS Object Module 2.0 and eagerly
await word on the new 3.0 FIPS Object Module, but in the meantime there is
one issue of concern in our code for which I need some clarification:
This is a fairly old code base which contains some MD4 and MD5 usages. These
are merely used to create some comparison hashes, but because of constraints
with other applications we integrate with, it would be painful to replace
these with newer FIPS-compliant hashes. For our current code using 1.0.2 we
got around the FIPS Object Module in these cases by using the private
variants of these hash functions (i.e. private_MD5_init).
Will there be any such provisions for the 3.0 FIPS Object Module?
Sent from: http://openssl.6102.n7.nabble.com/OpenSSL-User-f3.html
More information about the openssl-users