> Does anyone have any experience with porting the implementation of
> SHA256 algorithm from 0.9.8 to 0.9.7 ?


Why don't you use 0.9.8?

> Any known patch for this one or for similar ones?


SHA256/512 are available in fips tar-ball, which is based on 0.9.7.

> Do you know what is the potential risk by doing it manually?


You can't add SHA256 without breaking binary compatibility. SHA256 was
back-ported to fips tar-ball, because to enable application for fips
mode you have to modify source and recompile in either case. A.
__________________________________________________ ____________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager majordomo@openssl.org