openssl icon indicating copy to clipboard operation
openssl copied to clipboard
verified publisher icon spacemonkeygo

Update fips.go for OpenSSL 3.x compatability

Open ricky-charlet opened this issue 3 years ago • 5 comments

openssl 1.X api FIPS_mode_set() was deprecated and replaced with EVP_default_properties_enable_fips()

modify fips.go so it can link with libcrypto in the presence of a build with openssl 3.x

ricky-charlet avatar Jun 24 '22 21:06 ricky-charlet

not yet tested. Fri Jun 24 3pm PST. do not merge yet...

ricky-charlet avatar Jun 24 '22 21:06 ricky-charlet

Actually, this will fail in the presence of older openssl versions. You probably should not merge this.

ricky-charlet avatar Jun 24 '22 22:06 ricky-charlet

Based on the install HOST openssl version, Could we call FIPS_mode_set() or EVP_default_properties_enable_fips() ??

srajesh-elisity avatar Mar 10 '23 08:03 srajesh-elisity

Yes, Rajesh-elisity. That sounds like the right approach.

ricky-charlet avatar Apr 02 '23 19:04 ricky-charlet

My patch, as it is, succeeds in the presence of opnessl1.1+ or 3.x but fails in the presence of openssl1.0 or lower.

ricky-charlet avatar Apr 02 '23 19:04 ricky-charlet