On 24 May 2013 03:21, <[email protected]> wrote: > Can one use HMAC through EVP? If so, can someone point me to an example? > > It seems that when the OpenSSL module is in FIPS mode, it doesn't like > programs using HMAC_*() functions directly: > > "OpenSSL internal error, assertion failed: Low level API call to digest SHA1 > forbidden in FIPS mode!" > > Thanks. > Yes you can. You use the sign/verify interface. See the following page which includes info on MAC codes: http://wiki.opensslfoundation.com/index.php/EVP_Signing_and_Verifying
You need to use an EVP_PKEY type of EVP_PKEY_HMAC. See "Working with EVP_PKEYs" on this page: http://wiki.opensslfoundation.com/index.php/EVP Matt ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [email protected] Automated List Manager [email protected]
