Hi,
That Redhat/Fedora patch is based on openssl library alone.
But I am using the fips canister approach where i use both openssl and
openssl-fips-ecp libraries.
Though the redhat/fedora patch is OK, it is not straight forward
portable to the canister model.
Any idea of patches available for
Hi,
On Mon, Oct 09, 2017 at 05:24:17PM +0530, murugesh pitchaiah wrote:
> Hi,
>
> Thanks for the comment.
>
> I know that openSSL is not 186-4 compliant. That is why I am looking
> for anybody have the patch for the same.
>
> I see there are some works in Fedora:
>
Hi,
Thanks for the comment.
I know that openSSL is not 186-4 compliant. That is why I am looking
for anybody have the patch for the same.
I see there are some works in Fedora:
http://pkgs.fedoraproject.org/cgit/rpms/openssl.git/tree/openssl-1.1.0-fips.patch
Thanks,
Murugesh P.
On 10/6/17,
➢ This FIPS186-4 is not just about SHA. It basically about the key
generation parameters. Especially I am looking for RSA key generation
parameters wrt FIPS 186-4.
I do not know how you got the opinion that OpenSSL has 186-4 support. It does
not. Perhaps other people have written
Hi Jacob,
Thanks for looking into this.
This FIPS186-4 is not just about SHA. It basically about the key
generation parameters. Especially I am looking for RSA key generation
parameters wrt FIPS 186-4.
Thanks,
Murugesh P.
On 10/5/17, Jakob Bohm wrote:
> On 05/10/2017
On 05/10/2017 13:51, murugesh pitchaiah wrote:
Hi All,
I am looking for the FIPS 186-4 patch. I see it is not yet implemented
in openssl FIPS 2.0
I assume FIPS 186-4 is the updated SHA standard that adds the SHA-3
specification.
In that case, that would be something that OpenSSL would first
Hi All,
I am looking for the FIPS 186-4 patch. I see it is not yet implemented
in openssl FIPS 2.0
I see many vendors have implemented their own fix for FIPS 186-4
compliance. I am looking for the patch which i can reuse. Looks like
redhat too has its own patch.
Kindly share any pointers for