问题描述
我已按照以下网站的步骤操作 https://access.redhat.com/solutions/137833 安装 yum install dracut-fips、yum install dracut-fips-aesni 并按照其他步骤操作。
cat /proc/sys/crypto/fips_enabled
1
我运行了 wiki 中提到的一个小程序 https://wiki.openssl.org/index.php/FIPS_mode_set()
int mode = FIPS_mode(),ret = 0; unsigned long err = 0;
/* Toggle FIPS mode */
if(mode == 0)
{
ret = FIPS_mode_set(1 /*on*/);
if(ret != 1)
{
err = ERR_get_error();
}
}
else
{
ret = FIPS_mode_set(0 /*off*/);
if(ret != 1)
{
err = ERR_get_error();
}
}
if(ret != 1)
printf("FIPS_mode_set Failed: %lx.",err);
未在输出中设置 FIPS 模式。 FIPS 模式值返回为 0。错误:0F06D065:common libcrypto 例程:FIPS_mode_set:fips 模式不受支持。
openssl version
OpenSSL 1.0.2k-fips 26 Jan 2017
which openssl
/usr/bin/openssl
ldd `which openssl`
linux-vdso.so.1 => (0x00007ffc72349000)
libssl.so.10 => /lib64/libssl.so.10 (0x00007f10aa175000)
libgssapi_krb5.so.2 => /lib64/libgssapi_krb5.so.2 (0x00007f10a9f28000)
libkrb5.so.3 => /lib64/libkrb5.so.3 (0x00007f10a9c3f000)
libcom_err.so.2 => /lib64/libcom_err.so.2 (0x00007f10a9a3b000)
libk5crypto.so.3 => /lib64/libk5crypto.so.3 (0x00007f10a9820000)
libcrypto.so.10 => /lib64/libcrypto.so.10 (0x00007f10a93bf000)
libdl.so.2 => /lib64/libdl.so.2 (0x00007f10a91bb000)
libz.so.1 => /lib64/libz.so.1 (0x00007f10a8fa5000)
libc.so.6 => /lib64/libc.so.6 (0x00007f10a8bd8000)
libkrb5support.so.0 => /lib64/libkrb5support.so.0 (0x00007f10a89c9000)
libkeyutils.so.1 => /lib64/libkeyutils.so.1 (0x00007f10a87c5000)
libresolv.so.2 => /lib64/libresolv.so.2 (0x00007f10a85ac000)
libpthread.so.0 => /lib64/libpthread.so.0 (0x00007f10a8390000)
/lib64/ld-linux-x86-64.so.2 (0x00007f10aa3e7000)
libselinux.so.1 => /lib64/libselinux.so.1 (0x00007f10a8169000)
libpcre.so.1 => /lib64/libpcre.so.1 (0x00007f10a7f07000)
cat /etc/redhat-release
Red Hat Enterprise Linux Server release 7.6 (Maipo)
如何在 RHEL 7 中将 FIPS 模式设置为 1?
提前致谢。
解决方法
暂无找到可以解决该程序问题的有效方法,小编努力寻找整理中!
如果你已经找到好的解决方法,欢迎将解决方案带上本链接一起发送给小编。
小编邮箱:dio#foxmail.com (将#修改为@)