Re: OpenSSL validation question
On 01/25/2012 10:00 PM, Thor Lancelot Simon wrote: On Wed, Jan 25, 2012 at 06:35:58PM -0500, Steve Marquess wrote: A rough rule of thumb is that if you create a FIPS module (fipscanister.o) on a formally tested platform (O/S and processor as listed in the Security Policy), and if that binary file when copied Does the Security Policy list the compiler? When I did this, years ago, I think we did not have to specify the compiler even when we applied for our algorithm certificates. Correct, the compiler version is typically not listed. ... That seemed very, very wrong, since one of the changes most likely to break a highly optimized implementation of an algorithm is a change to the compiler! I disagree. While it is certainly possible to write software that is dependent on a specific version of a specific compiler, OpenSSL (and the OpenSSL FIPS Object Module) is carefully designed for portability across a wide range of platforms (O/S, processor, and compiler). That portability is demonstrated continuously across a very large installed user base. If the specific compiler version were to be considered a vital element of the Operational Environment, then so should be the run-time libraries, run-time loader, specific kernel modules and patches, and so forth. Or in other words, instead of a few thousand validated modules (current count as of today for all validated modules is 1,669, only some of which are software modules) you would need many tens of thousands -- with a wait time of many months for each one. Also consider the consequences of a broken compilation due to a compiler mismatch (or run-time library, or O/S, or whatever). The odds that the generated code will compile an executable file and yet fail in such a way as to still survive the POST (integrity check and algorithm KAT and continuous tests) and yet perform incorrect cryptographic operations is not high. -Steve M. -- Steve Marquess OpenSSL Software Foundation, Inc. 1829 Mount Ephraim Road Adamstown, MD 21710 USA +1 877 673 6775 s/b +1 301 874 2571 direct marqu...@opensslfoundation.com __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
OpenSSL validation question
Hi, Does the FIPS module certification is missed if the fipscanister module is compiled to a configuration (architecture, compiler version etc) different from those listed on OpenSSL security policy? Our concern is if a change to something on the build tools like compiler version or architecture can invalidate the certification. Thanks -- Adriano Godinho
Re: OpenSSL validation question
Hi, Does the FIPS module certification is missed if the fipscanister module is compiled to a configuration (architecture, compiler version etc) different from those listed on OpenSSL security policy? Our concern is if a change to something on the build tools like compiler version or architecture can invalidate the certification. That's a very general question, so I can't give a specific answer. It depends. A rough rule of thumb is that if you create a FIPS module (fipscanister.o) on a formally tested platform (O/S and processor as listed in the Security Policy), and if that binary file when copied as-is to another platform executes successfully, then you are *generally* justified in claiming it as validated. The Implementation Guidance document (http://csrc.nist.gov/groups/STM/cmvp/documents/fips140-2/FIPS1402IG.pdf) is a more official discussion. See in particular section G.5. -Steve M. -- Steve Marquess OpenSSL Software Foundation, Inc. 1829 Mount Ephraim Road Adamstown, MD 21710 USA +1 877 673 6775 s/b +1 301 874 2571 direct marqu...@opensslfoundation.com
Re: OpenSSL validation question
On Wed, Jan 25, 2012 at 06:35:58PM -0500, Steve Marquess wrote: A rough rule of thumb is that if you create a FIPS module (fipscanister.o) on a formally tested platform (O/S and processor as listed in the Security Policy), and if that binary file when copied Does the Security Policy list the compiler? When I did this, years ago, I think we did not have to specify the compiler even when we applied for our algorithm certificates. That seemed very, very wrong, since one of the changes most likely to break a highly optimized implementation of an algorithm is a change to the compiler! __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org