On 01/02/2024 21:40, Wall, Stephen wrote:
https://wiki.openssl.org/index.php/FIPS_mode_and_TLS <https://wiki.openssl.org/index.php/FIPS_mode_and_TLS> has a recommendation for what cipher specification to use to select only FIPS-permitted ciphers (“TLSv1.2+FIPS:kRSA+FIPS:!eNULL:!aNULL”), but it looks like it hasn’t been updated in some time. Have the OpenSSL 3.x branches updated the definition of cipher selection “FIPS” so that this is no longer necessary, or is it the same as it was in 1.0.2 and includes ciphers that are no longer allowed? Does FIPS 140-3 affect this at all?
That page discusses the old FIPS module and is not relevant to 3.x. I've made an update at the beginning to make that clear.
The cipher selection "FIPS" still exists but is undocumented and is based on the old FIPS module. I've actually raised an issue about this, because it needs to be reviewed in light of the new module:
https://github.com/openssl/openssl/issues/23457 Matt
