Status of FIPS 1.2

2008-05-30 Thread Gatfield, Geoffrey
Hello Everyone, Is there any update on when openssl-fips-1.2.0 certification will be complete? Geoff

Problem switching between FIPS and non FIPS mode

2008-03-07 Thread Gatfield, Geoffrey
Hello, I'm testing with Fips 1.2 and FIPS 1.1.2 and I am having a problem switching between FIPS-mode and non FIPS-mode. I can enable FIPS mode initially using FIPS_mode_set(1) but after that if it's disabled (with FIPS_mode_set(0)) then re-enabled the library fails with a selftest error. We de

Problem testing with openssl-fips-test-1.2.0

2008-02-29 Thread Gatfield, Geoffrey
Hello, I've been testing with the Fips 1.2 drop with no problem. Now I've discovered that I can't switch back and forth between FIPS and non-FIPS mode. We use a FIPS enabled library with a client that must be able to switch between modes. This works with openssl-fips-1.1.1. Is there any way t

Creating shared libraries for FIPS compliance

2007-08-17 Thread Gatfield, Geoffrey
Hey Guys, I'm upgrading a set of shared libraries to be FIPS compliant. I haven't been able to link with the FIPS crypto library on Solaris. Is there any way to build shared libraries with a FIPS crypto library? Thanks, Geoff

RE: RSA Key exchange and FIPS compliance

2007-04-19 Thread Gatfield, Geoffrey
This helps a lot. Thanks for the clarification. -Geoff -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Steve Marquess Sent: Thursday, April 19, 2007 4:48 PM To: openssl-users@openssl.org Subject: Re: RSA Key exchange and FIPS compliance Gatfield

RSA Key exchange and FIPS compliance

2007-04-16 Thread Gatfield, Geoffrey
Hello, We use OpenSSL for encryption within our application. I am now enhancing our application to become FIPS compliant. The OpenSSL FIPS Security Policy lists RSA key wrapping and key establishment as non-approved. But the policy states that it is included when 80 to 150 bits of encryption stren