[openssl-project] OpenSSL 3.0 and FIPS Update

Richard Levitte levitte at openssl.org
Fri Feb 15 23:11:48 UTC 2019

On Fri, 15 Feb 2019 20:03:33 +0100,
Sam Roberts wrote:
> I don't see a FIPS repo in https://github.com/openssl, or a FIPS
> branch in https://github.com/openssl/openssl/branches/all
> Has coding started? If so, is it visible anywhere? If not, where
> should we watch for when it does?

Coding has started to appear on github since the beginning of this
week, and there's a related github project that we should attach
related issue and PRs to:


That project should hold a collected view of everything that happens
when it does.

As for the FIPS module itself, it will not appear immediately.  We
need to code the foundation, i.e. the new framework, first.

> The FIPS design doc looks like lots of thought has gone into it,
> which is very promising.
> I also looked around in github.com/openssl,  even the
> OpenSSL_1_0_2-stable branch, and couldn't find where the
> openssl-fips-2.0.16.tar.gz is built from. Where is it located?

There are branches called OpenSSL-fips-*, that's where you want to
look.  We will NOT use that as a model for the 3.0.0 FIPS module,


Richard Levitte         levitte at openssl.org
OpenSSL Project         http://www.openssl.org/~levitte/

More information about the openssl-users mailing list