William A. Rowe Jr. wrote: > On 1/14/2011 10:15 AM, Steve Marquess wrote: > >> To date the following platforms are included in the validation: >> >> Android on ARM >> VC++ WIN32/x86 >> > > Clarification please; in the past the source code build has been validated, > with specific platforms chosen for validation testing.
Not so! A subtle distinction in terminology perhaps, but the CMVP will tell you loud and clear that they have not and never will validate source code. From their perspective they only validate executable code. The #1051 (and predecessor) validations are for binary modules. The generation of those modules occurs during the "installation" of the module (what you and I would call the "build" from source). Those binary modules are directly validated by certificate #1051 only for the test platforms listed in the Security Policy and on the certificate itself. However, section G.5 of the Implementation Guidance (http://csrc.nist.gov/groups/STM/cmvp/documents/fips140-2/FIPS1402IG.pdf) allows for something called "vendor affirmation" which is widely employed by commercial vendors. In essence, vendor affirmation means that if the vendor "merely recompiles" the source code for a validated module, the result can be "vendor affirmed" as equivalent to a directly validated module. See section 5.5 of the user Guide (http://www.openssl.org/docs/fips/UserGuide.pdf) for more discussion. > Will this remain > the case, or will only specific platforms be validated? > We will include as many test platforms as we can, which is to say as many as we have funding to cover. The per platform cost is typically about US$5,000, depending on the specifics of the platform. There are a number of reasons why a specific platform should be explicitly included as a test platform, I.G. G.5 notwithstanding. One is that "vendor affirmation" only works for code that has been directly exercised on at least one test platform. So, for instance, the assembler optimizations which are platform specific remain out of scope with respect to the validation until they appear in a test platform. Another is the 32/64bit flavors of each processor architecture; the CMVP recognizes that significantly different machine code is generated from the same source code on 32 and 64 bit platforms, so both should be covered in the validation. Ditto little-endian versus big-endian. By that reasoning the standard two Lintel/Wintel platforms represent eight validation test platforms: Linux 32bit pure C Linux 32bit optimized Linux 64bit pure C Linux 64bit optimized Windows 32bit pure C Windows 32bit optimized Windows 64bit pure C Windows 64bit optimized The prior validation (#1051) covered all eight of those platforms and more. Only one of those eight are currently addressed in the upcoming validation (courtesy Intersoft International, Inc.). -Steve M. -- Steve Marquess OpenSSL Software Foundation, Inc. 1829 Mount Ephraim Road Adamstown, MD 21710 USA +1 877-673-6775 marqu...@opensslfoundation.com ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
