Hi Jacob, Thanks for looking into this. This FIPS186-4 is not just about SHA. It basically about the key generation parameters. Especially I am looking for RSA key generation parameters wrt FIPS 186-4. Thanks, Murugesh P. On 10/5/17, Jakob Bohm <jb-openssl@xxxxxxxxxx> wrote: > On 05/10/2017 13:51, murugesh pitchaiah wrote: >> Hi All, >> >> I am looking for the FIPS 186-4 patch. I see it is not yet implemented >> in openssl FIPS 2.0 > I assume FIPS 186-4 is the updated SHA standard that adds the SHA-3 > specification. > > In that case, that would be something that OpenSSL would first add to the > basic OpenSSL library (perhaps in version 1.1.x). > > Once that is working as secure and tested (but not government "validated"), > OpenSSL could incorporate that into their upcoming FIPS-validation (which I > guess will become the "FIPS module 3.0"). > > The "FIPS validation" bureaucracy is such that even basic bug fixes are > very > expensive and time consuming to get approved, thus adding new algorithms or > other new features inside the "boundary" of the FIPS module is not > something > done under normal circumstances, and certainly not just to add another > algorithm that isn't used by many people yet to a FIPS module that is only > used by the OpenSSL 1.0.x library that they are trying to discontinue. > > Enjoy > > Jakob > -- > Jakob Bohm, CIO, Partner, WiseMo A/S. https://www.wisemo.com > Transformervej 29, 2860 Søborg, Denmark. Direct +45 31 13 16 10 > This public discussion message is non-binding and may contain errors. > WiseMo - Remote Service Management for PCs, Phones and Embedded > > -- > openssl-users mailing list > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users > -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
