-----Original Message----- From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] On Behalf Of Dr. Stephen Henson Sent: 05 February 2009 12:29 To: openssl-users@openssl.org Subject: Re: OpenSSL command line HMAC
> On Thu, Feb 05, 2009, Young, Alistair wrote: > > > Thanks Steve. Unfortunately we need to something with FIPS validation > > behind it, so the standard Java crypto libraries (or something like > > BouncyCastle) are out. It also means that we can't modify the OpenSSL > > source so would have to add wrappers if we wanted to extend its > > functionality. > > > Well you can modify the OpenSSL source just not the validated source. OpenSSL 0.9.8j is an example of that. > > I'm not a JNI expert but if the bindings use the shared libraries you should just be able to use 0.9.8j+fips > shared libraries. The only addition you'd need is FIPS_mode_set(). Many thanks for the advice, Steve - I'll bear this in mind. Cheers, Alistair. Please help Logica to respect the environment by not printing this email / Merci d'aider Logica à préserver l'environnement en évitant d'imprimer ce mail / Bitte drucken Sie diese Nachricht nicht aus und helfen Sie so Logica dabei die Umwelt zu schuetzen / Por favor ajude a Logica a respeitar o ambiente não imprimindo este correio electrónico. This e-mail and any attachment is for authorised use by the intended recipient(s) only. It may contain proprietary material, confidential information and/or be subject to legal privilege. It should not be copied, disclosed to, retained or used by, any other party. If you are not an intended recipient then please promptly delete this e-mail and any attachment and all copies and inform the sender. Thank you. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
