Steve, We are talking past each other - sorry for that but that is the way people like me get to understand these things.
First of we have not changed any code of the FIPS Object Module. We simply do not use all of the algorithms based on requirements. The application linking the libcrypto.so, enforce that only required and allowed cryptographic calls is made to the Module. So, if I understand you (or maybe again not), we must test everything in the Module even if we do not use them? And this is why the new directives will give me problems - right? Background: We were hoping to use your certification of the algorithms as part of our products validation. Using your certificate numbers in our SP in section 2 for "Cryptographic Functionality". I thought that is the point of your certification efforts. The lab said we cannot due to the different platform (we have Linux 2.6 on ARMv5tel), but that we simply have to run the algorithm tests on our platform to get our own certification for the algorithms we use. This is an extra cost but less than a complete certification like when we changed code in the Module. So in preparation for these tests I also need to fill in the forms describing each algorithm and their modes. Thanks LJB ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [email protected]
