Dr. Stephen Henson wrote:
On Tue, Aug 12, 2008, Justin A wrote:
Hi,
When fips mode enabled I am running into issue with this call in my code
1)
Issue:-
---------------------
PEM_write_bio_RSAPrivateKey(priv_bp, key, EVP_des_ede3_cbc(), NULL, NULL,
some_cb, NULL)
When I checked the code which in turns points to
int
PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp,
char *x, const EVP_CIPHER *enc, unsigned char *kstr,
int klen, pem_password_cb *callback, void *u)
The source where I extracted from is
cvs -d [EMAIL PROTECTED]:/openssl-cvs co -r OpenSSL-fips-0_9_8-stable openssl
2)
In this implementation internally its using EVP_md5() which is not supported by FIPS.
So is there a patch for this one..? or a different API which I could us,
which is FIPS compliant.
OpenSSL 0.9.8 does not support FIPS mode.
The validated 0.9.7 source and the (hopefully) soon to be validate 0.9.8-fips
source in FIPS mode redirects such calls automatically to
PEM_write_bio_PKCS8PrivateKey() which uses SHA1 for key derivation.
Is this allowed for FIPS 140-2? The implementation guidance at
http://csrc.nist.gov/groups/STM/cmvp/documents/fips140-2/FIPS1402IG.pdf
states on page 61 (section 7.1):
The following key establishment methods are unacceptable:
...
• Password-Based Key Establishment Methods: all password-based
key establishment
methods such as PKCS#5 are not to be used in the FIPS mode.
My understanding (which could easily be flawed) is that PKCS#8 uses a
password-based
key derivation mechanism, and so is unacceptable for key transport.
Tom
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
