<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body>
<br>
<blockquote type="cite"
cite="mid:MN2PR19MB4029264EEC4460C5577665949AB49@MN2PR19MB4029.namprd19.prod.outlook.com">
<div class="WordSection1">
<p class="MsoNormal">Are there any specific .h files where we
can refer to this method that needs to be used ( ex: evp.h )?
</p>
</div>
</blockquote>
<br>
#include "openssl/evp.h" should be enough to get the EVP APIs. You
will need other includes for other parts of OpenSSL but that covers
EVP well enough.<br>
<br>
<br>
<blockquote type="cite"
cite="mid:MN2PR19MB4029264EEC4460C5577665949AB49@MN2PR19MB4029.namprd19.prod.outlook.com">
<div class="WordSection1">
<p class="MsoNormal">still, are there any files that we can go
through once before calling in the fips mode?<o:p></o:p></p>
</div>
</blockquote>
<br>
Turn on <font face="monospace">-Wdeprecated</font> or equivalent in
your compile and the low level calls will be flagged. They should
all be deprecated.<br>
<br>
<br>
<blockquote type="cite"
cite="mid:MN2PR19MB4029264EEC4460C5577665949AB49@MN2PR19MB4029.namprd19.prod.outlook.com">
<div class="WordSection1">
<p class="MsoNormal">One more doubt is How can we set fips
enabled for the complete application (process/service) while
running so that if we are using non-compliant
algorithms/methods it should throw errors? Is it possible in
OpenSSL 3.0.x?</p>
</div>
</blockquote>
<br>
The call you are looking for is:<br>
<br>
<font face="monospace">EVP_set_default_properties(libctx,
"fips=yes");<br>
</font><br>
I strongly suggest reading the documentation about the <a
href="https://www.openssl.org/docs/man3.0/man7/fips_module.html">FIPS
provider</a> and the <a
href="https://www.openssl.org/docs/man3.0/man7/migration_guide.html">migration
guide</a>. Both the avoidance of low level calls and setting the
default properties are covered therein. There are a number of other
nuances to trip over when using the FIPS provider.<br>
<br>
<br>
Paul Dale<br>
<br>
</body>
</html>