How to use Poco C++ library's FIPS mode cross-platform?

Question

We are evaluating Poco C++ libraries for use in our product. We need our software to be FIPS compliant, and work on Windows, Linux, and OSX platforms. Poco C++ seems to have FIPS mode from documentation of Poco::Crypto::OpenSSLInitializer::enableFIPSMode method. But the documentation is too short. If I open its H file, I can see only this comment:

Enable or disable FIPS mode. If FIPS is not available, this method doesn't do anything.

Based on this information, it's unclear to me how to use Poco's FIPS mode. Namely,

1. Is it available across all supported platforms?
2. Is any compile time macro needed to be defined for this? For example, I can find a macro check for OPENSSL_FIPS in Poco's H files. Do I need to define it while building?
3. What version of OpenSSL should be used for enabling Poco's FIPS mode? Any OpenSSL function we need to call to initialize it for FIPS mode?

Where can I find enough information about this?

Answer 1

All the questions are really openssl-related, because POCO is only a wrapper, delegating openssl calls to the openssl library.

1. it depends on what version of openssl you are using
2. OPENSSL_FIPS is an openssl macro - it is either defined or not at compile time by openssl; if it is not enabled, then it is not supported at runtime; check your opensslconf.h to see if it is enabled
3. a version of openssl that is capable of, and has FIPS enabled as described in 2.; consult openssl documentation for respective platform/release