Thanks Matt for looking into this.
Here is the output:
# openssl list --providers -provider fips -provider base
Providers:
base
name: OpenSSL Base Provider
version: 3.0.9
status: active
fips
name: OpenSSL FIPS Provider
version: 3.0.9
status: active
Also ple
What do you get by loading the provider via the "openssl list" command,
i.e. what is the output from:
$ openssl list --providers -provider fips -provider base
Matt
On 24/05/2024 15:48, murugesh pitchaiah wrote:
Thanks Neil for your response. Please find more details below.
Yes we run fipsin
Thanks Neil for your response. Please find more details below.
Yes we run fipsinstall and then edit the fipsmodule.conf file to remove the
'activate=1' line. Then try to programmatically load FIPS provider. Here
are the details steps.
Once the device boots up , The device has fipsmoudle.cnf presen
I assume that, after building the openssl library you ran openssl
fipsinstall? i.e. you're not just using a previously generated
fipsmodule.cnf file? The above errors initially seem like self tests
failed on the fips provider load, suggesting that the module-mac or
install-mac is incorrect in you
On 24/05/2024 02:30, Wiebe Cazemier wrote:
Can you show me in the code where that is?
It's here:
https://github.com/openssl/openssl/blob/b9e084f139c53ce133e66aba2f523c680141c0e6/ssl/record/rec_layer_s3.c#L1038-L1054
The "retry" codepath occurs where we hit the "goto start".
My main conc
