Link Openssl-FIPS library for Python3

Question

I have built OpenSSL in fips mode and trying to build python3, and use the existing OpenSSL libraries.

LDD command shows it correct crypto and ssl shared objects.

Also, I can get the correct version from ssl.OPENSSL_VERSION

But even after setting FIPS_mode(), hash md5 executes without error.

Below is the output

Python 3.6.5 (default, Feb  6 2020, 08:35:23)
GCC 4.7.4] on linux
OPENSSL_VERSION: XXXXXX 1.0.2u.XXXXX-fips
FIPS_mode(): 0
FIPS_mode_set(1): 1
FIPS_mode(): 1
SHA1: da39a3ee5e6b4b0d3255bfef95601890afd80709
MD5: d41d8cd98f00b204e9800998ecf8427e

I am not able to figure out why MD5 is not failing.

score 1 · Answer 1 · answered Feb 12 '20 at 00:44

1

This scenario was because Python comes with its own MD5. This can be seen in python3 hashlib.py file where first it tries to load OpenSSL md5 if it doesn't find then it will load its own library(_md5) of md5.

answered Feb 12 '20 at 00:44

Raghu

41
2

Link Openssl-FIPS library for Python3

1 Answers1