Correct FIPS cipher choice for OpenSSL 3.0

Matt Caswell matt at openssl.org
Fri Feb 2 08:46:43 UTC 2024



On 01/02/2024 21:40, Wall, Stephen wrote:
> https://wiki.openssl.org/index.php/FIPS_mode_and_TLS 
> <https://wiki.openssl.org/index.php/FIPS_mode_and_TLS> has a 
> recommendation for what cipher specification to use to select only 
> FIPS-permitted ciphers (“TLSv1.2+FIPS:kRSA+FIPS:!eNULL:!aNULL”), but it 
> looks like it hasn’t been updated in some time.  Have the OpenSSL 3.x 
> branches updated the definition of cipher selection “FIPS” so that this 
> is no longer necessary, or is it the same as it was in 1.0.2 and 
> includes ciphers that are no longer allowed?  Does FIPS 140-3 affect 
> this at all?

That page discusses the old FIPS module and is not relevant to 3.x. I've 
made an update at the beginning to make that clear.

The cipher selection "FIPS" still exists but is undocumented and is 
based on the old FIPS module. I've actually raised an issue about this, 
because it needs to be reviewed in light of the new module:

https://github.com/openssl/openssl/issues/23457

Matt



More information about the openssl-users mailing list