On 07/04/2014 12:06 PM, Jayalakshmi bhat wrote: > Hi Steve, > > Thank you very much for the response. I have one more question. In order > use a FIPS 140-2 certified TPM hardware in OpenSSL FIPS enabled > environment, do I have to add engine support in OpenSSL FIPS Object Module > and go for private label?
I don't know enough about TPM to say for sure. If you have to make *any* changes to the FIPS module code (which is likely) then you would need a new validation (e.g. a "private label" one). That gets you into a new level of hurt as the #1747 module (the OpenSSL FIPS Object Module v2.0) is no longer usable as-is for copycat validations. -Steve M. -- Steve Marquess OpenSSL Software Foundation, Inc. 1829 Mount Ephraim Road Adamstown, MD 21710 USA +1 877 673 6775 s/b +1 301 874 2571 direct marqu...@opensslfoundation.com marqu...@openssl.com gpg/pgp key: http://openssl.com/docs/0xCE69424E.asc ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
