GitLab

Hi libbsd developers, As i found out, libbsd is using it's own internal implementation of sha512 and md5. This is unfortunate because imho it is less secure than using official implementations from for example openssl. Another issue is that openssl supports fips[0] mode which forbids fips non compliant cryptographic algorithms and when you are not using it, then fedora's fips feature [1] is not effective on libbsd. Would you be open to my merge request where i would add some configure options? These configure options would allow user to build libbsd with openssl and thus replace these internal implementations at least on linux. [0] - https://en.wikipedia.org/wiki/FIPS_140-2 [1] - https://www.dogtagpki.org/wiki/Configuring_FIPS_on_Fedora