Re: [openssl-dev] FIPs mode and openssl

Fri, 27 May 2016 03:02:59 -0700 

Thanks Steve,

My question here is do I need to put openssl in FIPS mode for my application, 
even when Kernel is in FIPS mode. I get FIPS_mode() returning true when I 
initialize openssl from my application.

Regards
Darshan

________________________________________
From: openssl-dev [openssl-dev-boun...@openssl.org] on behalf of Steve Marquess 
[marqu...@openssl.com]
Sent: Friday, May 27, 2016 2:58 PM
To: openssl-dev@openssl.org
Subject: Re: [openssl-dev] FIPs mode and openssl

On 05/27/2016 05:11 AM, Mody, Darshan (Darshan) wrote:
> Hi,
>
>
>
> I have a query with regards to FIPS mode and use of Openssl. I have put
> my kernel image n FIPs mode using the documentation
> (https://urldefense.proofpoint.com/v2/url?u=https-3A__access.redhat.com_documentation_en-2DUS_Red-5FHat-5FEnterprise-5FLinux_6_html_Security-5FGuide_sect-2DSecurity-5FGuide-2DFederal-5FStandards-5FAnd-5FRegulations-2DFederal-5FInformation-5FProcessing-5FStandard.html&d=CwICAg&c=BFpWQw8bsuKpl1SgiZH64Q&r=bsEULbVnjelD7InzgsegHBEbtXzaIDagy9EuEhJrKfQ&m=GTOvXwENarIDt6ceeifX3cwsUHwEPSoA5Nst5bYguXc&s=-Gf_V2cek9XebA8eKWhFeL2hXCtHLqwJauOD0IuopLU&e=
>  )
>
>
>
> Do I need to put the openssl in FIPs mode using the API FIPS_mode_set(1)
> or will by default the openssl will put itself in FIPS mode for my
> application. There are couple of application on the server we use
> openssl. Do I need to put each of the application openssl in FIPS mode
> or will it put itself in FIPS since the kernel is in FIPS mode.
>
>
>
> Thanks
>
> Darshan
>
>
>


You are using the Red Hat FIPS module, not the OpenSSL one, so you'll
need to ask that vendor.

-Steve M.

--
Steve Marquess
OpenSSL Validation Services, Inc.
1829 Mount Ephraim Road
Adamstown, MD  21710
USA
+1 877 673 6775 s/b
+1 301 874 2571 direct
marqu...@openssl.com
gpg/pgp key: 
https://urldefense.proofpoint.com/v2/url?u=http-3A__openssl.com_docs_0x6D1892F5.asc&d=CwICAg&c=BFpWQw8bsuKpl1SgiZH64Q&r=bsEULbVnjelD7InzgsegHBEbtXzaIDagy9EuEhJrKfQ&m=GTOvXwENarIDt6ceeifX3cwsUHwEPSoA5Nst5bYguXc&s=pvfmLNV5wFtbE8TvbGtpQdBRmzZzuuCQF0UgxmaZW34&e=
--
openssl-dev mailing list
To unsubscribe: 
https://urldefense.proofpoint.com/v2/url?u=https-3A__mta.openssl.org_mailman_listinfo_openssl-2Ddev&d=CwICAg&c=BFpWQw8bsuKpl1SgiZH64Q&r=bsEULbVnjelD7InzgsegHBEbtXzaIDagy9EuEhJrKfQ&m=GTOvXwENarIDt6ceeifX3cwsUHwEPSoA5Nst5bYguXc&s=XQfgkJcZEf0I-0-rMIEw2wp4U7mgrCk8EPGFlSM461U&e=

-- 
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

Reply via email to