On 01/25/2012 10:00 PM, Thor Lancelot Simon wrote: > On Wed, Jan 25, 2012 at 06:35:58PM -0500, Steve Marquess wrote: >> >> A rough rule of thumb is that if you create a FIPS module >> (fipscanister.o) on a formally tested platform (O/S and processor as >> listed in the Security Policy), and if that binary file when copied > > Does the Security Policy list the compiler? When I did this, years ago, > I think we did not have to specify the compiler even when we applied > for our algorithm certificates.
Correct, the compiler version is typically not listed. > ... That seemed very, very wrong, since one > of the changes most likely to break a highly optimized implementation of > an algorithm is a change to the compiler! I disagree. While it is certainly possible to write software that is dependent on a specific version of a specific compiler, OpenSSL (and the OpenSSL FIPS Object Module) is carefully designed for portability across a wide range of platforms (O/S, processor, and compiler). That portability is demonstrated continuously across a very large installed user base. If the specific compiler version were to be considered a vital element of the Operational Environment, then so should be the run-time libraries, run-time loader, specific kernel modules and patches, and so forth. Or in other words, instead of a few thousand validated modules (current count as of today for all validated modules is 1,669, only some of which are software modules) you would need many tens of thousands -- with a wait time of many months for each one. Also consider the consequences of a "broken" compilation due to a compiler mismatch (or run-time library, or O/S, or whatever). The odds that the generated code will compile an executable file and yet fail in such a way as to still survive the POST (integrity check and algorithm KAT and continuous tests) and yet perform incorrect cryptographic operations is not high. -Steve M. -- Steve Marquess OpenSSL Software Foundation, Inc. 1829 Mount Ephraim Road Adamstown, MD 21710 USA +1 877 673 6775 s/b +1 301 874 2571 direct [email protected] ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [email protected]
