Fipscheck X FIPS_incore_fingerprint

[Tatiana Evers]

Hi,

I'm a little confused with FIPS integrity test. I'm using openssh and it is
using fipscheck library (FIPSCHECK_verify) to verify integrity of its
binaries. But FIPS_mode_set function calls FIPS_incore_fingerprint to verify
in execution time the integrity of the application. Why do we need an
external validation? Isn't FIPS_incore_fingerprint sufficient to verify
integrity?

Thanks in advance,

Tatiana