Thanks Steve, that solves our problem.
Dr. Stephen Henson wrote:
Depends on the command used to encrypt/decrypt. If it is the default password
derivation in the 'enc' command then note that this uses MD5 for key
derivation. For compatibility OpenSSL uses MD5 in non-FIPS mode and SHA1 in
FIPS mode for key derivation.
Since you cannot use MD5 in FIPS mode you cannot derive the appropriate keys.
You *can* however change the digest used for derivation using the:
-md sha1
command line switch which will then use SHA1 in FIPS and non-FIPS mode. The
two should then be compatible.
Steve.
--
Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage
OpenSSL project core developer and freelance consultant.
Funding needed! Details on homepage.
Homepage: http://www.drh-consultancy.demon.co.uk
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
--
Leonard F. Elia III, CISSP 757.864.5009
Sr. System Administrator
ConITS - NASA Langley Research Center
NCI Information Systems, Inc., Hampton VA
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
