OpenSSL FIPS for 1.1.x
Matt Caswell
matt at openssl.org
Mon Aug 10 16:09:49 UTC 2020
On 10/08/2020 16:25, Vijay Chander wrote:
>
> Thank you Matt.
>
> Our FIPS compliance vendor is recommending the following for openssl 1.1
> from Oracle.
>
> https://github.com/oracle/solaris-userland/tree/master/components/openssl/openssl-fips-140/fipscanister-dev/patches
I can't comment on those patches because I know nothing about them. But
there is no official module from the OpenSSL Project that works with
1.1.x and certainly not one covered by our FIPS certificates. Its
possible that third parties have their own modules and certificates - I
don't know. But if so you'd have to seek guidance from those third parties.
Matt
>
> Thanks,
> -vijay
>
> On Mon, Aug 10, 2020 at 8:08 AM Matt Caswell <matt at openssl.org
> <mailto:matt at openssl.org>> wrote:
>
>
>
> On 10/08/2020 16:01, Vijay Chander wrote:
> > Hi,
> >
> > This link here below only seems to talk about 1.0.x
> > https://wiki.openssl.org/index.php/FIPS_Library_and_Android
> >
> > Is there a wiki for openssl fips for openssl-1.1.0x ?
>
> There is no FIPS module for the 1.1.x series. We are currently working
> on a new module which will be integrated into OpenSSL 3.0 (i.e. its all
> one download, not two separate ones)
>
> Matt
>
More information about the openssl-users
mailing list