FIPS support for Kerberos
abhidnyachirmule at gmail.com
Fri May 3 01:14:48 EDT 2019
Is there a FIPS compliant version of Kerberos library available?
Even if I build it with fips comliant openssl crypto, it gives problem for
low level functions calls like SHA256_init, AES_set_encrypt_key, etc.
Openssl libcrypto aborts on call to such function when FIPS mode is on.
There is also MD5 used via krb5_rc_hash_message() which aborts via openssl
Any suggestion/comments on how to handle this? ANy configurable to control
More information about the krbdev