[openssl-users] Forcing the FIPS module to fail (no way)

Steve Marquess marquess at opensslfoundation.com
Wed Sep 2 18:51:54 UTC 2015

On 09/02/2015 02:35 PM, Alberto Roman Linacero wrote:
> Yep, I understand now. I thought that the whole binary file
> application was signed, and not only the FIPS module part.

An understandable assumption, see below.

> I already did some tests (with that string and also in different parts
> of the code that belongs to the fipscanister.o), and it -correctly-
> fails.

Side note on ancient history: our initial implementation (circa 2003)
calculated a digest over the entire binary file, application code plus
FIPS module code. Our reasoning was that if the digest of the entire
file did not change then no subset could have changed either.

That was rejected by the CMVP on the grounds that there might be a SHA-1
digest collision; we are only allowed to calculate the digest over the
FIPS module code proper. Needless to say that complicated the design of
the "incore" calculation a bit.

-Steve M.

Steve Marquess
OpenSSL Software Foundation, Inc.
1829 Mount Ephraim Road
Adamstown, MD  21710
+1 877 673 6775 s/b
+1 301 874 2571 direct
marquess at openssl.com
marquess at opensslfoundation.net
gpg/pgp key: http://openssl.com/docs/0x6D1892F5.asc

More information about the openssl-users mailing list