[openssl-users] CAVP protocol testing - what does it really consist of ?

Steve Marquess marquess at openssl.com
Wed Oct 21 18:18:02 UTC 2015

On 10/21/2015 12:02 PM, jonetsu wrote:
> Hello,
> Sorry if this is a bit beside OpenSSL per se, the idea behind this
> post is to perhaps have some information form the OpenSSL experience
> with FIPS validation.  There was so much effort put into FIPS
> compliance that it would not be far-fetched to consider that there is
> also knowledge about what seems to be /protocol/ testing.
> I would like to know what's involved in the CAVP testing of the SSH
> protocol.  I browsed the NIST CAVP web site, browsed some documents,
> although I haven't found any satisfying, technically-oriented,
> document on what has to be done if say, I have an editor opened with
> the SSH source code.  Not the fully gruesome details, but an overview
> of how such testing works.

See Appendix B of the OpenSSL FIPS User Guide:


The specific algorithm tests have changed quite a bit since then
(constant change is part of the fun), but the general concept is the
same. The algorithm testing is the easiest part of FIPS 140-2 validations.

Note the CAVP only tests specific cryptographic algorithms, not
cryptographic protocol suites like SSH (secsh). OpenSSH itself is just
application code from the perspective of FIPS 140-2 and thus out of
scope (as is OpenSSL; the OpenSSL FIPS Object Module is a separate
software component carefully crafted to satisfy the peculiar
restrictions and requirements of FIPS 140-2).

Also note that converting stock OpenSSH to exclusive use of FIPS
validated cryptographic is a non-trivial exercise.

-Steve M.

Steve Marquess
OpenSSL Software Foundation, Inc.
1829 Mount Ephraim Road
Adamstown, MD  21710
+1 877 673 6775 s/b
+1 301 874 2571 direct
marquess at opensslfoundation.com
marquess at openssl.com
gpg/pgp key: http://openssl.com/docs/0x6D1892F5.asc

More information about the openssl-users mailing list