Mike Trent wrote:
>
> It seems that after setting FIPS mode off one cannot set it back on again
> in the same executable.
>
> I have a test program which does:
>
> FIPS_mode_set(1) - works ok indicated by a return true.
> FIPS_mode_set(0) - to turn off and works ok, at least the FIPS_mode() call
> returns 0, so it seems to be off.
>
> Then followed by again FIPS_mode_set(1) which returns a 0 indicating
> failure. A FIPS_Mode() call indicates that the test program is still in
> non FIPS mode.
>
> Is it possible to turn off FIPS and turn it back on in an executable?
>
> Thanks.
>
Ok... found the answer.
One needs to make this call: RAND_set_rand_method(NULL);
prior to making a FIPS_mode_set(1) after having turned off FIPS.
--
View this message in context:
http://www.nabble.com/FIPS_mode_set%281%29---FIPS_mode_set%280%29---FIPS_mode_set%281%29-tp25121412p25121535.html
Sent from the OpenSSL - User mailing list archive at Nabble.com.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [email protected]
Automated List Manager [email protected]
