jeroen
commented
2 years ago Added fips_mode() api: https://github.com/jeroen/openssl/commit/bcdf9dd2a70e1baf42cc1414e074426abb44b8c6
Open jeroen opened 2 years ago
jeroen
commented
2 years ago Added fips_mode() api: https://github.com/jeroen/openssl/commit/bcdf9dd2a70e1baf42cc1414e074426abb44b8c6
atheriel
commented
2 years ago I have a patch that allows the test suite to run on a FIPS system. Should I submit it to help with this issue?
jeroen
commented
2 years ago Sure, I made a start by skipping some tests. But it looks like there are some are actual bugs, where openssl is refusing an operation in places that I did not anticipate. I just saw an error negative length vectors are not allowed which probably means that I am somewhere treating an error code -1 as an actual result and trying to copy that into an R vector.
atheriel
commented
2 years ago I think I fixed those, let me verify and submit.
jeroen
commented
2 years ago Btw, do you have access to the rstudio cloud revdep checker? It would be good if we can identify if the changes broke any R packages.
atheriel
commented
2 years ago @jeroen I think the answer is "yes". Can you let me know which commit you'd like me to run it against?
On CentOS we can set an envvar
OPENSSL_FORCE_FIPS_MODE=1to enable FIPS. See https://github.com/jeroen/openssl/pull/95