Build the FIPS Object Module issue on Ubuntu 18.04
Jakob Bohm
jb-openssl at wisemo.com
Thu May 16 08:21:15 UTC 2019
On 16/05/2019 02:11, Paul Dale wrote:
> Just noting that any module built in this manner is *not* FIPS compliant.
>
> The distribution must be unmodified and build exactly as per the documentation. Any change to the files or the build process renders the result invalid from a FIPS perspective.
>
Only deviations from the official process in creating the
fipscanister invalidates the FIPS validation.
The FIPS-capable OpenSSL is "outside the boundary" of the
FIPS module and can be changed at will. This is why a new
FIPS validation is not needed every time OpenSSL releases
a bugfix to OpenSSL 1.0.x . 1.1.x will not have FIPS
support, and 4.y.x may lack this agility.
Enjoy
Jakob
--
Jakob Bohm, CIO, Partner, WiseMo A/S. https://www.wisemo.com
Transformervej 29, 2860 Søborg, Denmark. Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded
More information about the openssl-users
mailing list