On Fri, Feb 20, 2015, jonetsu wrote:
> On Feb 19, 2015 10:50am Henrik Grindal Bakken wrote:
>
> > I'm not sure it will be called on every conceivable error in
> > the FIPS module, but what I do in similar situations is
> > something like this:
>
> > static int post_cb(int op, int id, int subid,
ed methods ? For isnatnce, the 'op' variable of
FIPS_post_set_callback() is not described at all. Any manual or
info pages ? Could be other potentially interesting methods in there.
--
View this message in context:
http://openssl.6102.n7.nabble.com/openssl-users-OpenSSL-FIP
"jone...@teksavvy.com"
writes:
> Hello,
>
> Could you please comment on the following ? Any suggestion, insight,
> hint, is greatly appreciated.
>
> In FIPS mode, the OS, the device, must be aware of crypto errors, and
> adopt a certain behaviour when one occurs. Like shutting down all
> data o
-Original Message-
> From: "Marcus Meissner"
> To: openssl-users@openssl.org
> Date: 02/19/15 08:07
> Subject: Re: [openssl-users] OpenSSL FIPS mode system integration
> Well, the writing is that the "crypto module" must stop operating
> o
On 02/19/2015 05:19 AM, jone...@teksavvy.com wrote:
> ...This means that when using OpenSSL, a link must be made between
> OpenSSL (or the application using it) and the OS, if only to signal
> the OS of such errors.
Ummm, no. The FIPS module stops functioning (i.e. doesn't perform any
useful crypt
On Thu, Feb 19, 2015 at 05:19:37AM -0500, jone...@teksavvy.com wrote:
> Hello,
>
> Could you please comment on the following ? Any suggestion, insight,
> hint, is greatly appreciated.
>
> In FIPS mode, the OS, the device, must be aware of crypto errors, and
> adopt a certain behaviour when one o
Hello,
Could you please comment on the following ? Any suggestion, insight,
hint, is greatly appreciated.
In FIPS mode, the OS, the device, must be aware of crypto errors, and
adopt a certain behaviour when one occurs. Like shutting down all
data output interfaces.
This means that when using O
