Hi all, We use the OpenSSL FIPS Object Module v.2.0, but are not allowed anymore (as of the start of this year) to submit new product for validation because the RSA implementation is only FIPS 186-2 compliant. Based on extensive review and research it seems to be possible to "patch" the RSA key generation to be FIPS 186-4 compliant and apparently (correct me if I am wrong) the sign/verify is close enough to FIPS 186-4 to pass.
I am in no way capable of writing such a patch and was hoping that someone is willing to share. To be more specific I need a patch that will change the key generation from: d = e-1 mod((p-1)(q-1)) to this: d = e-1 mod(LCM(p-1, q-1)) I would appreciate any comment about the statement that the RSA implementation for sign and verify will pass the CAVP testing for FIPS 186-4. As usual thanks for your help Regards, LJB
