On 12/21/2015 07:06 AM, Jakob Bohm wrote:
> On 18/12/2015 19:58, Steve Marquess wrote:
>> On 12/18/2015 12:58 PM, jonetsu wrote:
>>> Fair enough (in this context). But what about the code itself, is it
>>> ready
>>> to be RSA 186-4 compliant ?
>> We think we know how to write the code that would b
On 18/12/2015 19:58, Steve Marquess wrote:
On 12/18/2015 12:58 PM, jonetsu wrote:
Fair enough (in this context). But what about the code itself, is it ready
to be RSA 186-4 compliant ?
We think we know how to write the code that would be necessary, for FIPS
186-4 and all the other new requirem
On 12/18/2015 12:58 PM, jonetsu wrote:
> Fair enough (in this context). But what about the code itself, is it ready
> to be RSA 186-4 compliant ?
We think we know how to write the code that would be necessary, for FIPS
186-4 and all the other new requirements, though you can never be sure
until *
Fair enough (in this context). But what about the code itself, is it ready
to be RSA 186-4 compliant ?
And, if we go through a validation, can OpenSSL benefit from it ?
--
View this message in context:
http://openssl.6102.n7.nabble.com/RSA-and-FIPS-186-4-in-OpenSSL-1-0-1e-fips-2-0-9-tp61753
On 12/18/2015 01:10 PM, Salz, Rich wrote:
>> What would then be the permitting conditions to pursue a new
>> validation ? If you don't mind me asking. I have read several
>> notes you have on the subject and I agree that the whole thing is
>> of Dedalus proportions. In a nutshell what would be th
Sorry, I forgot: What about the code itself, if we do not mind the validation
? Is the 185-4 RSA compatible code present in any OpenSSL/FIPS module ?
--
View this message in context:
http://openssl.6102.n7.nabble.com/RSA-and-FIPS-186-4-in-OpenSSL-1-0-1e-fips-2-0-9-tp61753p61774.html
Sent from
> What would then be the permitting conditions to pursue a new validation ?
> If you don't mind me asking. I have read several notes you have on the
> subject and I agree that the whole thing is of Dedalus proportions. In a
> nutshell what would be these conditions ?
In a nutshell: someone willi
What would then be the permitting conditions to pursue a new validation ? If
you don't mind me asking. I have read several notes you have on the subject
and I agree that the whole thing is of Dedalus proportions. In a nutshell
what would be these conditions ?
Thanks, much appreciated.
--
Vie
On 12/18/2015 11:03 AM, jonetsu wrote:
> Is there any current solution to have RSA 186-4 in OpenSSL FIPS (now, even if
> this means an upgrade ?)
We aren't allowed to update existing validations to include that type of
"cryptographically significant" change, just like we aren't allowed to
fix vuln
Is there any current solution to have RSA 186-4 in OpenSSL FIPS (now, even if
this means an upgrade ?)
Thanks.
--
View this message in context:
http://openssl.6102.n7.nabble.com/RSA-and-FIPS-186-4-in-OpenSSL-1-0-1e-fips-2-0-9-tp61753p61769.html
Sent from the OpenSSL - User mailing list archive
On Thu, Dec 17, 2015 at 04:26:21PM -0500, jonetsu wrote:
> Hello,
>
>
> I have read about the use of FIPS_rsa_x931_generate_key_ex() for 186-4
> compliance. We are using OpenSSL 1.0.1e with the fips-2.0.9 module. Would
> it make functional sense using those versions to patch RSA_generate_ke
Hello,
I have read about the use of FIPS_rsa_x931_generate_key_ex() for 186-4
compliance. We are using OpenSSL 1.0.1e with the fips-2.0.9 module. Would
it make functional sense using those versions to patch RSA_generate_key_ex()
(../crypto/rsa/rsa_gen.c) to have:
#ifdef OPENSSL_FIPS
12 matches
Mail list logo
