[openssl-users] FIPS, continuous tests, and error reporting

Steve Marquess marquess at openssl.com
Thu Feb 19 19:34:38 UTC 2015

On 02/19/2015 11:09 AM, Salz, Rich wrote:
>> For instance, any of the void DES_*_encrypt().  This cursory observation is
>> also supported by a vendor application code such as:
> Ah, okay.  Those functions are 'just math'  They depend on no external state.  They can't fail.  It's shifts and masking, etc.

Which incidentally is true also of most of the FIPS 140-2 required KATs;
they are tautological in the sense that they only way they can possibly
fail is if the math is wrong, i.e. 1+1 != 2.

Apparently in the dim mists of time from whence the basic FIPS 140-2
requirements originated, when cryptography was done with mechanical
devices and dedicated discrete component electronics, such failures were
a serious concern. So to this day in a FIPS module the POST does the
equivalent of diligently confirming that 1+1=2, many times over.

If one of those tautological tests *does* fail, then you have worse
problems than a non-functioning FIPS module.

-Steve M.

Steve Marquess
OpenSSL Software Foundation, Inc.
1829 Mount Ephraim Road
Adamstown, MD  21710
+1 877 673 6775 s/b
+1 301 874 2571 direct
marquess at opensslfoundation.com
marquess at openssl.com
gpg/pgp key: http://openssl.com/docs/0x6D1892F5.asc

More information about the openssl-users mailing list