[openssl-users] RSA and FIPS 186-4 in OpenSSL 1.0.1e/fips-2.0.9

Steve Marquess marquess at openssl.com
Fri Dec 18 17:28:32 UTC 2015

On 12/18/2015 11:03 AM, jonetsu wrote:
> Is there any current solution to have RSA 186-4 in OpenSSL FIPS (now, even if
> this means an upgrade ?)

We aren't allowed to update existing validations to include that type of
"cryptographically significant" change, just like we aren't allowed to
fix vulnerabilities (e.g. Lucky 13).

So no.

We will address all new FIPS 140-2 requirements, and known
vulnerabilities, and support of OpenSSL 1.1, if and when we're in a
position to pursue a new open source based validation to succeed the
current #1747/#2398/#2473.

-Steve M.

Steve Marquess
OpenSSL Software Foundation
1829 Mount Ephraim Road
Adamstown, MD  21710
+1 877 673 6775 s/b
+1 301 874 2571 direct
marquess at openssl.com
gpg/pgp key: http://openssl.com/docs/0x6D1892F5.asc

More information about the openssl-users mailing list