The ongoing effort to obtain a new FIPS 140-2 validation for an OpenSSL based cryptographic module has committed enough source code to permit general review and feedback. If you have an interest in this upcoming validated module please feel free to examine the current results in CVS HEAD (see http://www.openssl.org/source/repos.html).
As before the "fipscanister.o" module can be built with the "fipcanister" build-time option (see the README.FIPS file). We are interested in problem reports (to openssl-dev) on a variety of platforms for the tests described there. Please check README.FIPS from the most recent snapshot, or better still directly from CVS HEAD, to see any known issues to avoid duplication. We are calling this new module the OpenSSL FIPS Object Module v2.0. It will replace the currently validated v1.2.2 module, and while similar in many ways it will have several significant improvements and extensions. The v2.0 module is designed for use with OpenSSL v1.0.1 and greater. Please note that not only is this code still incomplete, but the "FIPS capable" support has not yet been added to the 1.0.1+ baseline. We anticipate taking approximately another two months to complete and finalize the source code, at which point a code freeze will be necessary to embark on the next phase of the validation process. So, comments and feedback on issues with the source code will be most useful in that two month period. -Steve M. -- Steve Marquess OpenSSL Software Foundation, Inc. 1829 Mount Ephraim Road Adamstown, MD 21710 USA +1 877-673-6775 marqu...@opensslfoundation.com ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org