jaimeperez
commented
9 years ago Hi @nickamon!
I don't recall exactly to what extent we can do the exact same things with OpenSSL than we can with mcrypt. However, this is something we don't decide ourselves, since it's a dependency imposed by xmlseclibs. Not much we can do here, unfortunately... :disappointed:
Hi,
Thanks for the great software!!! I've integrated simplesamlphp with our product but I've hit a snag with FIPS 140-2 compliance and mcrypt usage in xmlsec.libs.php. Are there any functional reasons that mcrypt is being used for symmetric encryption rather than openssl or is it rather for performance? Furthermore, do you foresee any issues updating the code to also use openssl for symmetric encryption and not mcrypt?
Thanks in advance.