How to force 'CKM_RSA_PKCS_OAEP' mechanism in "openssl cms -encrypt / openssl cms -decrypt" commands ?

Solution Verified - Updated -

Issue

  • With FIPS-140-3, is it possible to configure the OpenSSL library in such way that we can force the use of CKM_RSA_PKCS_OAEP mechanism when using the "openssl cms -encrypt / openssl cms -decrypt" commands?

Environment

  • Red Hat Enterprise Linux 9
  • Red Hat Enterprise Linux 8
  • Red Hat Enterprise Linux 7

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content