blob: a30adea8c9b540ca85fdde7e77d10339f8e7c8f8 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
|
Preliminary status and build information for FIPS module v2.0
To build the module do:
./config fipscanisterbuild
make
Build should complete without errors.
Run test suite:
test/fips_test_suite
again should complete without errors.
Run test vectors:
1. Download an appropriate set of testvectors from www.openssl.org/docs/fips
those for 2007 are OK.
2. Extract the files to a suitable directory.
3. Run the test vector perl script, for example:
cd fips
perl fipsalgtest.pl --dir=/wherever/stuff/was/extracted
4. It should say "passed all tests" at the end. Report full details of any
failures.
Run:
make clean
to remove any object modules from previous compile.
Run symbol hiding test:
./config fipscanisteronly -DOPENSSL_FIPSSYMS
make
This time only the fips utilities should be built.
Examine the external symbols in fips/fipscanister.o they should all begin
with FIPS or fips. One way to check with GNU nm is:
nm -g --defined-only fips/fipscanister.o | grep -v -i fips
Restricted tarball tests.
The validated module will have its own tarball containing sufficient code to
build fipscanister.o and the associated algorithm tests. You can create a
similar tarball yourself for testing purposes using the commands below.
Standard restricted tarball:
make -f Makefile.fips dist
Prime field field only ECC tarball:
make NOEC2M=1 -f Makefile.fips dist
Once you've created the tarball extract into a fresh directory and do:
./config
make
You can then run the algorithm tests as above. This build automatically uses
fipscanisteronly and -DOPENSSL_FIPSYMS and no-ec2m as appropriate.
Known issues:
Algorithm tests are pre-2011.
The fipslagtest.pl script wont auto run new algorithm tests such as DSA2.
Usage of ECDH/DH needs review and whether any KDFs need to be implemented.
Selftests need updating with larger key sizes in some cases and redundant
tests pruned.
SP800-90 DRBG needs more work: check for compliance, continuous PRNG test
when entropy gathering, periodic health tests.
Some algorithms need to check security strength of PRNG: keygen etc.
No CCM.
No XTS.
The "FIPS capable OpenSSL" is not yet complete: meaning that the rest of
OpenSSL doesn't always use the correct FIPS module APIs and block others
in FIPS mode.
|
