On Mon, Oct 01, 2007, Bill Colvin wrote:
>
> One might expect that aes-256-cbc would operate the same regardless of
> whether it is FIPS mode or not. Am I missing something here?
>
>
You aren't just using aes-256-cbc you are also using a key derivation
algorithm that converts the password in
I have OpenSSL-fips-1.1.1 and OpenSSL-0.9.7m built on a linux system
according to the guides.
Now consider the following simple test script:
#!/bin/bash
openssl aes-256-cbc -e -in a -out a.nofips -k 'abcdefghijk'
export OPENSSL_FIPS=1
openssl aes-256-cbc -e -in a -out a.fips -k 'abcde
