On Tue, Oct 27, 2009, Miller, Rob (Omaha) wrote: > Hi, My question is regarding the library in FIPS mode and the FIPS_selftest > function. The current FIPS_selftest routine in 0.9.8k calls sha1, hmac, > aes, des, rsa, and dsa selftests. It doesn't call any sha256, 512 KAT > selftests and I didn't find these routines in the source. In FIPS mode I'm > allowed to use EVP_DigestInit( &ctx, EVP_sha256() ); successfully. > > Why is the sha hash algorithms not tested when FIPS_selftest is called? >
The HMAC algorithm is tested using all sha* algorithms including sha256. HMAC KAT tests test the associate digest algorithm as well as the HMAC operation. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
