FIPS support for Kerberos
Abhidnya Joshi
abhidnyachirmule at gmail.com
Fri May 3 01:14:48 EDT 2019
Hi All,
Is there a FIPS compliant version of Kerberos library available?
Even if I build it with fips comliant openssl crypto, it gives problem for
low level functions calls like SHA256_init, AES_set_encrypt_key, etc.
Openssl libcrypto aborts on call to such function when FIPS mode is on.
There is also MD5 used via krb5_rc_hash_message() which aborts via openssl
libcrypto.
Any suggestion/comments on how to handle this? ANy configurable to control
these options?
Thanks
Abhidnya Joshi
More information about the krbdev
mailing list