have you read UserGuide? http://www.openssl.org/docs/fips/UserGuide-1.2.pdf the APIs are the same but you have to add call FIPS_mode_set() and make sure you use only FIPS approved algorithms
Galina On Tue, Feb 17, 2009 at 9:23 PM, Randy Turner <rtur...@amalfisystems.com>wrote: > > Hello List, > > I was curious about the diffs between the FIPS distribution of OpenSSL and > the "standard" distribution. > > It seems like the FIPS tar file is based on an entirely different > versioning system, but I'm assuming there is a table somewhere that maps > this version back to a 0.9.x release version, but this is just a guess. > > I guess the basic question I have is this: > > If I have an application that utilizes OpenSSL 0.9.8j and all the functions > seem to work fine, and then I realize I need a version of my application > that will > be undergoing FIPS certification, can I just rebuild my application, > pointing at the FIPS openssl libraries or do the API calls into openssl > change (like adding a "FIPS_" prefix in front of each normal openssl API > call). > > Thanks! > Randy > > > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager majord...@openssl.org >
