This should probably be clarified: The application must only use FIPS-approved modules for all cryptography. However, most FIPS-approved modules cost a lot of money -- there are two that do not, but OpenSSL is the only one available for UNIX systems that does not, and it's the only one that can be distributed in source form.
FIPS-approved modules, once put into FIPS mode (and thus running their internal consistency checks), will only operate with FIPS-approved algorithms. (Interestingly, AES-256 is NOT an approved algorithm, as AES only specifies 128 bits.) The modules must be used in compliance with their security policies. Key data (and entropy) needs to be overwritten in non-module memory as soon as possible. Various other issues exist as well. To simplify things, "All cryptography must be done using OpenSSL FIPS functions" is the easiest way to ensure that only FIPS-approved algorithms and modes are used. It's short, simple, and to the point. -Kyle H On 4/11/06, Lyon, Jay <[EMAIL PROTECTED]> wrote: > > > > The following appears in the FIPS 140-2 Validation presentation from Linux > World Expo. (oss-institute.org/OpenSSL/LWE_040406_BOF.pdf) > > > > Page 23: FIPS mode requirements: > > * The application must use only OpenSSL for all cryptography. > > > > Where can I find this in the security policy? > > > > Are there any exceptions? What if "other crypto" is also FIPS validated? > > > > What is the purpose of the requirement? > > > > ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
