Hello,
Recently I note that when build is in FIPS_MODE some functionality is
lost. For instance RSA_{g|s}et_ex_data is not available.
Reading the code I expect that in FIPS mode use of external keys is
forbidden.
Remark: ex_data is used to store reference information for external keys.
Please confirm that in FIPS mode we could use external keys?
Regards
Roumen Petrov
P.S. If is not allowed this regression to previous FIPS
releases(validations).
Neither OpenSSL nor Red Hat nor Solaris FIPS validation forbid use of
"external" keys.