The branch master has been updated via 13757e128378af79b3522002b4ae6b2a0678cf96 (commit) from 21dfdbef4965d95d65bfc942aafafd342cb61e4c (commit)
- Log ----------------------------------------------------------------- commit 13757e128378af79b3522002b4ae6b2a0678cf96 Author: Dmitry Belyavskiy <beld...@gmail.com> Date: Tue Jun 22 17:33:12 2021 +0200 Some clear guidelines for the legacy algs. Reviewed-by: Tomas Mraz <to...@openssl.org> Reviewed-by: Paul Dale <pa...@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15860) ----------------------------------------------------------------------- Summary of changes: doc/man7/migration_guide.pod | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/doc/man7/migration_guide.pod b/doc/man7/migration_guide.pod index 82c7ffcc43..6d281472c9 100644 --- a/doc/man7/migration_guide.pod +++ b/doc/man7/migration_guide.pod @@ -60,6 +60,12 @@ There is however a dedicated C<install_fips> make target, which serves the special purpose of installing only the FIPS provider into an existing OpenSSL installation. +Not all algorithms may be available for the application at a particular moment. +If the application code uses any digest or cipher algorithm via the EVP interface, +the application should verify the result of the L<EVP_EncryptInit(3)>, +L<EVP_EncryptInit_ex(3)>, and L<EVP_DigestInit(3)> functions. In case when +the requested algorithm is not available, these functions will fail. + See also L</Legacy Algorithms> for information on the legacy provider. See also L</Completing the installation of the FIPS Module> and