This is a problem for us with FIPS module 1.2.0.
wolfoftheair wrote: > > Is this still present in FIPS module 1.2.0? > > -Kyle H > > On Mon, Aug 24, 2009 at 11:55 AM, Mike Trent<michael.tr...@xerox.com> > wrote: >> >> >> >> Mike Trent wrote: >>> >>> It seems that after setting FIPS mode off one cannot set it back on >>> again >>> in the same executable. >>> >>> I have a test program which does: >>> >>> FIPS_mode_set(1) - works ok indicated by a return true. >>> FIPS_mode_set(0) - to turn off and works ok, at least the FIPS_mode() >>> call >>> returns 0, so it seems to be off. >>> >>> Then followed by again FIPS_mode_set(1) which returns a 0 indicating >>> failure. A FIPS_Mode() call indicates that the test program is still in >>> non FIPS mode. >>> >>> Is it possible to turn off FIPS and turn it back on in an executable? >>> >>> Thanks. >>> >> Ok... found the answer. >> One needs to make this call: RAND_set_rand_method(NULL); >> prior to making a FIPS_mode_set(1) after having turned off FIPS. >> >> >> -- >> View this message in context: >> http://www.nabble.com/FIPS_mode_set%281%29---FIPS_mode_set%280%29---FIPS_mode_set%281%29-tp25121412p25121535.html >> Sent from the OpenSSL - User mailing list archive at Nabble.com. >> ______________________________________________________________________ >> OpenSSL Project http://www.openssl.org >> User Support Mailing List openssl-us...@openssl.org >> Automated List Manager majord...@openssl.org >> > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager majord...@openssl.org > > -- View this message in context: http://www.nabble.com/FIPS_mode_set%281%29---FIPS_mode_set%280%29---FIPS_mode_set%281%29-tp25121412p25530885.html Sent from the OpenSSL - User mailing list archive at Nabble.com. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org