Marek,
Thanks for your reply.
That page in security policy, 17& 18, is really what I'm referring to.
Based on that I drew a conclusion that RSA public-key encyrption is not
approvied algorithms in the OpenSSL FIPS module. However in the FIPS source
code in /fips-1.0/rsa/fips_rsa_eay.c , I saw the API RSA_eay_public_encrypt()
and RSA_eay_private_decrypt(). In fips_rsa_selftest.c, there're self-tests
against public-key encyrption/decryption. It's a little confusing. I'm trying
to seek some explanation from experts on this.
-Raymond
----- Original Message ----
From: Marek Marcola <[EMAIL PROTECTED]>
To: openssl-users@openssl.org
Sent: Thursday, July 5, 2007 3:08:15 PM
Subject: Re: OpenSSL FIPS module doesn't support RSA public-key encryption
scheme?
Hello,
>
> According to my understanding on OpenSSL FIPS module security
> policy, RSA public-key encryption scheme is not approved algorithm in
> the module. However, in OpenSSL FIPS module source code, I saw the API
> like RSA_eay_public_encrypt(). Could someone shed a light on this?
Look at:
http://www.openssl.org/docs/fips/SecurityPolicy-1.1.1.pdf
page 17.
Best regards,
--
Marek Marcola <[EMAIL PROTECTED]>
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
____________________________________________________________________________________
Pinpoint customers who are looking for what you sell.
http://searchmarketing.yahoo.com/
