Manish asked:
> There is DRBG kat test data in fips_drbg_selftest.h. (Openssl-fips-2.0.16)
> Can anyone let me know, What is the source of this constant arrays. NIST
> link or any other source will be helpful?
I'm pretty sure that the test data for the DRBG KAT (known answer test)
came from the
Responding to some earlier questions:
> Can you give any guidance on which platforms will be validated with the
OpenSSL FIPS 3.0 module? My recollection is that it will only be a handful
of platforms.
I would expect the number of platforms to be small. The wonderful 5
sponsors of the FIPS
I'm responding to a previous post about obtaining a CD of the OpenSSL FIPS
Object Module from KeyPair Consulting rather than directly from OpenSSL.
The question is:
> Just curious, but does this satisfy Section 6.6 of the User Guide,
> since the CD does not come directly from the OpenSSL
If you are looking for a copy of the OpenSSL FIPS Object Module (versions
2.0 to 2.0.16) delivered to you on CD, then please send an email to
c...@keypair.us with your shipping address.
We will send you a copy of the original OpenSSL FOM CD.
For details, see: https://keypair.us/2018/05/cd/
Mark
Oleg wrote:
> We would like to add to our product OpenSSL with FIPS 140-2 module. The
problem is that our OS
> and CPUs are not FIPS certified. We use vxWorks 5.5.1 with 3 types of
CPUs in different products.
>
> How can we get certification for these environments? OSF answered that
they do not do
> From the OpenSSL FIPS Security Policy chapter 4, it mentioned there are a
> number of non-FIPS approved algorithms/ services which are still
> implemented by the FIPS canister modules (e.g. RSA, DSA, DRDB, ECDSA etc).
>
> Just wondering why these algorithms are still implemented by FIPS
The OpenSSL FOM Cert. #1747 will not be moved to the CMVP Historical List since
it does not implement a non-compliant AES key wrapping service in the defined
cryptographic boundary.
All of the FIPS modules that implement a non-compliant AES key wrapping service
have already been moved to the
If you need a FIPS resource for the OpenSSL FIPS Object Module -- my
business partner (Steve Weymann) and I worked with Steve Marquess when we
were at a FIPS Testing Lab to achieve the FIPS 140-2 Cert. #1747 for the
OpenSSL FIPS Object Module.
We are now helping technology companies that need