self test on demand
Dr Paul Dale
pauli at openssl.org
Wed Apr 5 23:14:07 UTC 2023
Try the OSSL_PROVIDER_self_test() call. You should not call any of the
SELF_TEST APIs unless you are writing self tests.
Also note that only the 3.0.0 FIPS provider is validated. You cannot
just build any 3.0.x version and expect to be FIPS compliant.
Paul Dale
On 6/4/23 00:20, Prasad, PCRaghavendra via openssl-users wrote:
>
> Hi Team,
>
> Good morning.
>
> We are in the process of enabling FIPS using OpenSSL 3.0.x and using
> python 3.11.2.
>
> In self-test code, we could see few methods where it can be called on
> demand
>
> /* This API is triggered either on loading of the FIPS module or on
> demand */
>
> int SELF_TEST_post(SELF_TEST_POST_PARAMS *st, int on_demand_test)
>
> so wanted to get some information on how it can be called on demand.
> We know when we call the fipsinstall will internally call this method
> and do self-test, but just we are doing POC of calling it on demand
>
> so is it possible to call this method or we should not call it? If we
> can in the SELF_TEST_POST_PARAMS structure what needs to be filled?
>
> Please provide your input/thoughts.
>
> Thanks,
>
> Raghu
>
>
> Internal Use - Confidential
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-users/attachments/20230406/7322bcd9/attachment.htm>
More information about the openssl-users
mailing list