Call for testing - FIPS object module

Thu, 07 Jul 2011 13:30:13 -0700 

Coding of the OpenSSL FIPS Object Module v2.0 ("FIPS Module") is now
complete except for the addition of some new cryptographic
modules our sponsors have recently asked us to include.  That additional
coding will take approximately a month but will not affect the function
of the currently coded FIPS module in any significant way.

In the interest of minimizing the total time to formal validation award
we usually submit the FIPS module for testing as soon as possible, at
which point the code is frozen and subsequent changes are difficult or
impossible.  This delay provides us with an opportunity for some more
extensive testing by the user community.

We encourage all interested parties to download and test the current
FIPS module and accompanying "FIPS capable" OpenSSL (the regular OpenSSL
libraries built to transparently embed the FIPS module).  Since some
minor code changes may still be occurring as problems are reported and
corrected, please use snapshots from the same day for any testing.  The
FIPS module will be in the snapshot file of the form

    ftp://ftp.openssl.org/snapshot/openssl-fips-2.0-test-2011MMDD.tar.gz

and the matching "FIPS capable" OpenSSL distribution will be in

    ftp://ftp.openssl.org/snapshot/openssl-1.0.1-stable-SNAP-2011MMDD.tar.gz

where MMDD is the same month and day for both.

README files in both distributions describe how to build the composite
"FIPS capable" libraries, the quick version is:

    gunzip -c openssl-fips-2.0-test-2011MMDD.tar.gz | tar xf -
    cd openssl-fips-2.0-test-2011MMDD
    ./config && make
    make install
    cd ..

    gunzip -c snapshot/openssl-1.0.1-stable-SNAP-2011MMDD
    ./config fips && make
    make install

We are interested in problem reports at any time, but this special
window of opportunity over the next few weeks will allow us to easily
correct reported problems.

-Steve M.


-- 
Steve Marquess
OpenSSL Software Foundation, Inc.
1829 Mount Ephraim Road
Adamstown, MD  21710
USA
+1 877-673-6775
marqu...@opensslfoundation.com

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@openssl.org
Automated List Manager                           majord...@openssl.org

Reply via email to