Ummm.... have you even looked at the FIPS testing criteria? Have you looked at the FIPS 140-2 standard? Just because you have a well-known FIPS company guiding you through the process doesn't mean you're going to get certified -- and, in fact, they may well steer you wrong just to collect more consulting fees. (Which seems to be what they're doing.)
FIPS requires certain deterministic random number generation algorithms, as well as certain ciphers. Once you go into FIPS mode, you cannot use anything else. This is why the FIPS random number code had to be added to 0.9.7 -- because the code that was already implemented (and is implemented in 0.9.8a) isn't FIPS-compliant. You need to look at the documents yourself, and understand what they say. You can't skate by on "oh, this'll pass" from another FIPS vendor, and then get your test results back saying "you fail!". That's not due diligence. But, it's your checkbook. All I can say is it took years to get OpenSSL FIPS-certified, and it's still not completely there yet. (All of its technical tests passed, as far as I'm aware, but I'm not in the loop and there's a lot of private info that's passed between the testing companies and the vendors.) -Kyle H On 3/3/06, OpenSSLGRT <[EMAIL PROTECTED]> wrote: > Hi -- > > Thanks for the below info. > > Below is some info on why I have been asking questions that are FIPs > oriented. I'd appretiate if anything you see here that is not correct you > would comment on -- we are new to FIPs process, which is, no doubt, probably > obvious if you saw my other posts :) > > ***We are not trying to get/make a FIPs validated version of the OpenSSL > Library -- its our PDA app that we are hoping to get submitted to a testing > lab. That application is what we are trying to get FIPs validated. The > application will use OpenSSL but OpenSSL will not itself validated. > > We have one of the well-known FIPs consulting companies guiding us in the > process. As we have move through the process of preparing the application > we have had a variety of requirements. One is that we force TLS and the > correct cipher suite (3DES, RSA, SHA). We use OpenSSL 0.9.8a to accomplish > that. Since FIPs requires alogorithm tests we did our own KATs for the > OpenSSL and also we must do the PRNG tests. I'd like to use OpenSSL 0.9.7 > since th etests are internal there but I have to use 0.9.8a since I have > that in good working order on Windows CE 4.2 and 5.0. > > ***I am writing the tests outside of the OpenSSL -- I did not modify 0.9.8a > but rather I when the app starts I call OpenSSL functions to do the KATs, > etc. > > I am not sure what will happen with this project but the consultants we have > say that we can use OpenSSL non-FIPs version provided we do the requirements > (KATs, startup tests for the app and the openssl dlls, and PRNG tests, as > well as all the other FIPs requirements). ***I assume that is correct since > people must have gotten apps validated that used OpenSSL before OpenSSL had > a FIPs version. > > With the above in mind I am trying to determine particularly how to do he > PRNG seed value test -- outside of OpenSSL like I did the KATs. > > Also I am still wondering about the PRNG startup test: if I do seed, rand1, > rand2 they do not come out the same. I think the requirement is to seed and > get a rand and then to get a rand again using that seed and ensure they are > the same. They are never the same -- I am missing why that does not work? > > Thank you for your time and expertise -- please comment on any of the above > as it would be greatly appretiated! > > Best regards > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Dr. Stephen Henson > Sent: Friday, March 03, 2006 6:58 PM > To: openssl-users@openssl.org > Subject: SPAM-URL Re: Another RAND question... > > On Fri, Mar 03, 2006, OpenSSLGRT wrote: > > > I did see that but I think I misunderstood, so ... > > I still am not sure then how I would accomplish the following: > > 1.) Take a seed and the known output of the PRNG with that seed. > > 2.) Seed the PRNG with the seed and get a RAND > > 3.) See if that RAND in step 2 I sthe same as the one in Step 1 > > > > The standard PRNG mixes in various random sources of data at various points > and its output depends on its internal state which is affected by explicit > calls to seed it and calls to obtain random data from it. > > BTW if this is for FIPS then you can't use the standard OpenSSL PRNG because > it isn't FIPS compliant, that's why an alternative PRNG in the FIPS module > in 0.9.7. > > Steve. > -- > Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage > OpenSSL project core developer and freelance consultant. > Funding needed! Details on homepage. > Homepage: http://www.drh-consultancy.demon.co.uk > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager [EMAIL PROTECTED] > > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager [EMAIL PROTECTED] > ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
