Openssl FIPS_模式_集(1)错误:00000000:lib(0):func(0):原因(0)
我正在尝试使用以下代码启用FIPS模式:Openssl FIPS_模式_集(1)错误:00000000:lib(0):func(0):原因(0),openssl,fips,Openssl,Fips,我正在尝试使用以下代码启用FIPS模式: #include <openssl/crypto.h> #include <openssl/err.h> #include <stdio.h> int main ( int argc, char *argv[] ) { #ifdef OPENSSL_FIPS int mode, result; // Get FIPS mode if(strcmp("get",argv[1]) == 0)
#include <openssl/crypto.h>
#include <openssl/err.h>
#include <stdio.h>
int main ( int argc, char *argv[] )
{
#ifdef OPENSSL_FIPS
int mode, result;
// Get FIPS mode
if(strcmp("get",argv[1]) == 0)
{
mode = FIPS_mode();
if(mode == 0)
{
printf("*** FIPS module is disabled. ***\n");
}
if(mode == 1)
{
printf("*** FIPS module is enabled. ***\n");
}
}
// Set FIPS mode
else if(strcmp("set",argv[1]) == 0)
{
if(strcmp("0",argv[2]) == 0)
{
printf("*** Disabling FIPS module. ***\n");
result = FIPS_mode_set(0);
if(result != 1)
{
ERR_load_crypto_strings();
printf("*** Failed to disable FIPS module. ***\n");
printf("%s\n", ERR_error_string(ERR_get_error(), NULL));
return 1;
}
}
else if (strcmp("1",argv[2]) == 0)
{
printf("*** Enabling FIPS module. ***\n");
result = FIPS_mode_set(1);
if(result != 1)
{
ERR_load_crypto_strings();
printf("*** Failed to enable FIPS module. ***\n");
printf("%s\n", ERR_error_string(ERR_get_error(), NULL));
return 1;
}
}
else
{
printf("*** Error: unsupported option. ***\n");
return 1;
}
}
// Unsupported option
else
{
printf("*** Error: unsupported option. ***\n");
return 1;
}
return 0;
#else
printf("OPENSSL_FIPS is not defined");
#endif //OPENSSL_FIPS
}
arm:~/nitere/new$ ./fipsctl set 1
*** Enabling FIPS module. ***
*** Failed to enable FIPS module. ***
error:00000000:lib(0):func(0):reason(0)
arm:~/nitere/new$ ./fipsctl get
*** FIPS module is disabled. ***
谢谢。请注意,成功设置FIPS模式只会影响调用
FIPS\u mode\u setOPENSSL\u FIPS=1/usr/local/ssl/bin/OPENSSL md5/usr/local/ssl/bin/OPENSSLarm:~/nitere/new$ ./fipsctl get
*** FIPS module is disabled. ***