On 23/09/2021 18:24, Zeke Evans wrote:
I noticed the OpenSSL FIPS Provider is not listed on the CMVP Modules
In Process List. Assuming this is the 3.0 FIPS module that was just
released. Nice work on getting to this point. Which platforms is the
module being validated on? I haven’t seen
I noticed the OpenSSL FIPS Provider is not listed on the CMVP Modules In
Process List. Assuming this is the 3.0 FIPS module that was just released.
Nice work on getting to this point. Which platforms is the module being
validated on? I haven't seen an official list if that was published
Hello,
Our product was FIPS-certified a few years ago. We are now about to start
the re-certification process.
The test for RSA X9.31 key generation have somewhat changed, or so it looks
like to me anyway.
A few years ago, we received test vectors with the following parameters:
modulus size,
Hello,
We use OpenSSL-1.0.2a and FIPS 2.0.9 and have questions we need to answer in
conjunction with the FIPS validation
process.
One question is whether SHA1 accepts NULL (zero-length) messages? I couldn't
find anything on the OpenSSL
wiki so I thought I'd ask here.
Also, another questions
Hello,
We use OpenSSL-1.0.2a and FIPS 2.0.9 and have questions we need to answer in
conjunction with the FIPS validation
process.
One question is whether SHA1 accepts NULL (zero-length) messages? I couldn't
find anything on the OpenSSL
wiki so I thought I'd ask here.
Also, another
Subject: Fwd: X9.31 RSA key generation for FIPS validation (180-4)
To: openssl-users@openssl.org
Hello,
Our product was FIPS-certified a few years ago. We are now about to start
the re-certification process.
The test for RSA X9.31 key generation have somewhat changed, or so it looks
like to me
Hello,
Our product was FIPS-certified a few years ago. We are now about to start
the re-certification process.
The test for RSA X9.31 key generation have somewhat changed, or so it looks
like to me anyway.
A few years ago, we received test vectors with the following parameters:
modulus size,
Hi,
We are in the process of validating our product to FIPS 140-2 level 3. The
product is based on OpenSSL FIPS Object Module v2.0.2.
I have a question/concern with regard to the latest Summary of SP 800-131A and
FIPS 186-2 to FIPS 186-4 Transitions document from the CAVP. Please correct me
On 03/24/2014 07:55 AM, Leon Brits wrote:
Hi,
We are in the process of validating our product to FIPS 140-2 level 3.
The product is based on OpenSSL FIPS Object Module v2.0.2.
I have a question/concern with regard to the latest Summary of SP
800-131A and FIPS 186-2 to FIPS 186-4
Greetings,
Apologies if this has been covered before, but I couldn't find it in a
search.
I'm trying to deploy FIPS 140 validated crypto to a RHEL 5 box as part of
a FISMA covered project.
I think the relevant policy is
On 11/07/2013 08:39 AM, Robert W Weaver wrote:
Greetings,
Apologies if this has been covered before, but I couldn't find it in a
search.
I'm trying to deploy FIPS 140 validated crypto to a RHEL 5 box as part
of a FISMA covered project.
I think the relevant policy is
Steve Marquess marqu...@opensslfoundation.com wrote on 11/07/2013
09:02:05 AM:
Is there a basis for asserting FIPS 140 validation with
openssl-0.9.8e-26.el5_9.1|(none), or must the original RPM be used?
You'll need to ask Red Hat; it's their proprietary validation. From a
quick glance it
On 09/08/2012 10:03 AM, V.Ravikumar wrote:
Hello All,
I would be so thankful if somebody explains the application fips validation
process in details.
Also need purpose of below files and how they will be used in validation
process.
fipscanister.o
fipscanister.o.sha1
fips_premain.c
On Tue, Nov 01, 2011, William A. Rowe Jr. wrote:
On 11/1/2011 8:35 PM, Bin Lu wrote:
Do you have an answer for my question below? Is the fips-2.0-test code
branched off from a
FIPS-capable version? Which version is it based on if yes?
AIUI, fipscanister doesn't include TLS 1.2. Nor
that are included in FIPS
2.0?
Thanks a lot,
-binlu
-Original Message-
From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org]
On Behalf Of Dr. Stephen Henson
Sent: Wednesday, November 02, 2011 5:10 AM
To: openssl-users@openssl.org
Subject: Re: FW: FIPS validation and TLS 1.2
Sent: Friday, October 28, 2011 5:27 PM
To: openssl-users@openssl.org
Subject: FIPS validation and TLS 1.2
Hi there,
Could somebody confirm if the OpenSSL FIPS validation includes TLS 1.2? My
check of the FIPS module code (openssl-fips-2.0-test-20111028.tar.gz) shows it
is not.
Please confirm
On 11/1/2011 8:35 PM, Bin Lu wrote:
Do you have an answer for my question below? Is the fips-2.0-test code
branched off from a
FIPS-capable version? Which version is it based on if yes?
AIUI, fipscanister doesn't include TLS 1.2. Nor 1.0, nor SSLv3 or v2.
That's the beauty of proper
Hi there,
Could somebody confirm if the OpenSSL FIPS validation includes TLS 1.2? My
check of the FIPS module code (openssl-fips-2.0-test-20111028.tar.gz) shows it
is not.
Please confirm. And what is the plan to include it if it is not currently.
Thanks,
-binlu
Kyle Hamilton wrote:
The FIPS version of OpenSSL has an external verification
mechanism
which does not require a PGP signature verification. In the Security
Policy, there are keyed HMACs ...
Thanks for your reply, now this would be I think the second
verification, after the
Hi everyone,
I expect this has been asked before, but which PGP product is
appropriate for the FIPS validation of the FIPS ssl archive
(openssl-fips-1.1.1.tar.gz) via the openssl-fips-1.1.1.tar.gz.asc file?
I verified it with gpg, per the FIPS instructions ("gpg --verify *.asc
*.gz&quo
to verify what you downloaded.
-Kyle H
On 4/24/07, Lee Merrill [EMAIL PROTECTED] wrote:
Hi everyone,
I expect this has been asked before, but which PGP product is
appropriate for the FIPS validation of the FIPS ssl archive
(openssl-fips-1.1.1.tar.gz) via the openssl-fips-1.1.1.tar.gz.asc file
Hello All, I am using OpenSSL 0.9.7e with fips configure option. I edited one of the fips source files and tried to build OpenSSL and I got the error"Your source code does not match the FIPS validated source." This error can be overcomeas follows i. Edit the fips source files.ii. Generate
22 matches
Mail list logo
