I was using openssl to encrypt files at the command line and I was wondering if the FIPS mode could be enabled for doing that.
Carl Anderson On Thu, May 7, 2009 at 6:26 PM, Kyle Hamilton <aerow...@gmail.com> wrote: > OpenSSL FIPS is used essentially as a crypto engine, except that it's > not called through the standard engine interface. > > The FIPS module is validated to perform its advertised functions; if > it's in FIPS mode, OpenSSL will use its linked-in OpenSSL FIPS module > to perform all of its cryptographic operations (and should be used in > preference to engines, as well, since a FIPS operational environment > requires all cryptographic operations to be performed within the > bounds of a validated cryptographic canister). > > If the OpenSSL library is not in FIPS mode, then it's essentially ignored. > > -Kyle H > > On Thu, May 7, 2009 at 1:31 PM, <carlyo...@keycomm.co.uk> wrote: >> Hi, >> >> Could someone please explain to me in simple terms the relationship between >> the OpenSSL FIPS module and OpenSSL itself? >> >> Is the FIPS module used by OpenSSL as a crypto engine or such like or am I >> way off base here? >> >> Thanks for any assistance or pointers. >> >> Thanks, >> >> Carl >> >> >> ______________________________________________________________________ >> OpenSSL Project http://www.openssl.org >> User Support Mailing List openssl-us...@openssl.org >> Automated List Manager majord...@openssl.org >> > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-us...@openssl.org > Automated List Manager majord...@openssl.org > ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
