TeXLive 2019 help when FIPS enabled

Mojca Miklavec mojca.miklavec.lists at gmail.com
Thu May 9 22:49:26 CEST 2019


Dear Bryan,

On Thu, 9 May 2019 at 16:46, Novack, Bryan <Bryan.Novack at dynetics.com> wrote:
>
> I’m in the unfortunate position of having to use TeXLive 20190410 on an offline CentOS7 system that is STIG’d meaning FIPS is enabled. I downloaded the offline tarballs and have successfully extracted the files into the correct directory structure. I can even build a pdf using texexec…..when FIPS is disabled. Unfortunately IT requires FIPS be enabled and that is when I receive an error trying to use texexec because under the covers somewhere it is using an MD5 hash for something.

You should ask the question on the ntg-context mailing list:
    https://mailman.ntg.nl/mailman/listinfo/ntg-context

But please note that:
- ConTeXt MKII which you seem to be using has been frozen for many
years (unless it's a trivial change needed, it is somewhat unlikely
that something would be fixed there).
- You should probably try "context" instead of "texexec". That said, I
somewhat doubt that you'll be able to get a cryptography-free
functionality. You might be able to get around the detection of its
use, but md5 is probably used for trivial stuff like checking whether
a file has changed, so that the speed can be optimized.


> I’ve done a large amount of scouring of online forums trying to find a workaround and have been unsuccessful thus far. I did some digging in the files contained in the tarballs and found things dealing with Digest::MD5 in tlpkg/TeXLive/TLCrypto.pm. I tried changing that file to use SHA1 but it made no difference.

These files are completely unrelated to texexec.

Mojca



More information about the tex-live mailing list