[openssl-users] ECDSA and ECDH
rsalz at akamai.com
Fri Jun 2 12:26:25 UTC 2017
> with a host device which will be ported with FIPS compliant OpenSSL library. Our embedded device will be using ECDSA (FIPS 186-3) and ECDH (FIPS SP800-56A) by calling APIs of ATECC508A SDK. Is there any compatibility issue?
There shouldn't be. But interop is a hard thing, and a single bug on either side can break compatibility. You really won't know until you test it.
> 1. Whether a digest signed using openssl library can be verified in our embedded module and vice-versa .
As I said, it should work.
> 2. We understand that, OpenSSL doesn’t have FIPS 140-2 certification for ECDH. If we use ECDH, whether we can claim our system to be FIPS 140-2 compliant?
You should be careful what you say. If you claim to be certified, that would be lying ...
> ---Disclaimer------------------------------ This e-mail contains PRIVILEGED AND CONFIDENTIAL INFORMATION
Please get your company policy changed. Posting a big block disclaimer like this, when writing to a public mailing list, is very obnoxious.
More information about the openssl-users