FIPS 3.0 private_* hash functions

Tomas Mraz tmraz at
Thu Oct 10 15:49:28 UTC 2019

On Thu, 2019-10-10 at 08:40 -0700, Neptune wrote:
> Hi all,
> I am in the process of making required changes to migrate our code to
> the
> 1.1.x branch. We are currently using the FIPS Object Module 2.0 and
> eagerly
> await word on the new 3.0 FIPS Object Module, but in the meantime
> there is
> one issue of concern in our code for which I need some clarification:
> This is a fairly old code base which contains some MD4 and MD5
> usages. These
> are merely used to create some comparison hashes, but because of
> constraints
> with other applications we integrate with, it would be painful to
> replace
> these with newer FIPS-compliant hashes. For our current code using
> 1.0.2 we
> got around the FIPS Object Module in these cases by using the private
> variants of these hash functions (i.e. private_MD5_init).
> Will there be any such provisions for the 3.0 FIPS Object Module?

Yes, they already are there in the master branch!


Tomáš Mráz
No matter how far down the wrong road you've gone, turn back.
                                              Turkish proverb
[You'll know whether the road is wrong if you carefully listen to your

More information about the openssl-users mailing list