On 10/21/2015 03:22 PM, jonetsu wrote: >> From: "Steve Marquess" <marqu...@openssl.com> >> Date: 10/21/15 14:18 >> See Appendix B of the OpenSSL FIPS User Guide: > >> https://openssl.org/docs/fips/UserGuide-2.0.pdf > > Thanks. > >> The specific algorithm tests have changed quite a bit since then >> (constant change is part of the fun), but the general concept is the >> same. The algorithm testing is the easiest part of FIPS 140-2 validations. > > What would you consider being the difficult parts ?
The CMVP part. The CAVP requirements are fairly well articulated and consistently applied. New versions of the CAVS tool, and newly introduced test vectors, occasionally have problems but those can usually be worked out without too much grief. The wait time for CAVP approvals is also a lot more predictable. The CMVP, on the other hand, is not nearly as predictable or consistent. -Steve M. -- Steve Marquess OpenSSL Software Foundation, Inc. 1829 Mount Ephraim Road Adamstown, MD 21710 USA +1 877 673 6775 s/b +1 301 874 2571 direct marqu...@opensslfoundation.com marqu...@openssl.com gpg/pgp key: http://openssl.com/docs/0x6D1892F5.asc _______________________________________________ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
