On Fri, Feb 24, 2012, gatewood_gr...@mcafee.com wrote: > What is your test environment and method? We've tried this in both our > embedded OS (minimized LFS style build) and OpenSUSE. Both ways the > result is the same. >
Specificically tested on Ubuntu 64 bit VM but it should be OK on any platform where the PRNG is auto seeded. > Focusing on the PRNG, We cannot get FIPS_rand_status() to report 1. > Tried both on hardware and in VMs. > Do you get any error print out at all? Try calling ERR_load_crypto_strings() at the start of the program instead of only after an error. If the PRNG cannot be seeded then RAND_status() should fail outside FIPS mode and RAND_bytes() should return an error too. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
