Hi,
--
Stiju Easo
The unexamined life is not worth living for man.
Socrates, in Plato, Dialogues, Apology
Greek philosopher in Athens (469 BC - 399 BC)
I am working to package OpenSSL 3.1.x with my product.
As I prefer to be FIPS complaint, I would like to use FIPS module from OpenSSL 3.0.9.
As I prefer to be FIPS complaint, I would like to use FIPS module from OpenSSL 3.0.9.
1) From the Documentation(https://github.com/openssl/openssl/blob/master/README-FIPS.md) , what I understood is,
I need to build and install OpenSSL 3.1.x to the location. and then install fips from OpenSSL3.0.9 overlaying the 3.1.x install. Am I right with my understanding? or is there any other way 3.1.x built with FIPS module from 3.0.9. like in OpenSSL 1.0.x ( like using --with-fipsdir etc).
I need to build and install OpenSSL 3.1.x to the location. and then install fips from OpenSSL3.0.9 overlaying the 3.1.x install. Am I right with my understanding? or is there any other way 3.1.x built with FIPS module from 3.0.9. like in OpenSSL 1.0.x ( like using --with-fipsdir etc).
2) Also , I need conformation on FOM FIPS certification
I build fips.so from 3.0.9 source , can I claim FIPS compliance directly based on the certificate (https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4282) given to the FOM. I am building OpenSSL on Alma Linux.
I assume its a yes, Please let me know if I am wrong.
I build fips.so from 3.0.9 source , can I claim FIPS compliance directly based on the certificate (https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4282) given to the FOM. I am building OpenSSL on Alma Linux.
I assume its a yes, Please let me know if I am wrong.
Stiju Easo
The unexamined life is not worth living for man.
Socrates, in Plato, Dialogues, Apology
Greek philosopher in Athens (469 BC - 399 BC)
