Stack Overflow
Stack Overflow

Questions tagged [fips]

The term "fips" commonly refers to the Federal Information Processing Standards Publication 140 (FIPS 140), a document published by the National Institute of Standards and Technology (NIST), a U.S. government agency. Cryptographic software and hardware that complies with the standard must use only cryptographic algorithms specified in FIPS 140-2, the latest published revision.

The term FIPS is sometimes used to refer to a specific publication, Security Requirements for Cryptographic Modules FIPS 140. Cryptographic software and hardware that complies with the standard must use only cryptographic algorithms specified in FIPS 140-2, the latest published revision.

However, FIPS 140-2 is one of many publications that describes information technology standards for use by U.S. Government Agencies.

Further information can be found at the FIPS Home Page

432 questions
1
vote
3 answers

FIPS validated algorithm to store passwords in a database?

I am looking for a FIPS validated hash algorithm to store passwords in the database. I did use the following code but I still get the error This implementation is not part of the Windows Platform FIPS validated cryptographic…
Macnique
  • 1,028
  • 2
  • 19
  • 44
1
vote
0 answers

Enabling FIPS in openjdk11 and tomcat 9

I am trying to enable FIPS mode using NSS DB, openjdk11 and tomcat 9. Configured --> java.security with security.provider.1=sun.security.pkcs11.SunPKCS11 /usr/share/tomcat/nss_pkcsll_fips.cfg --> Installed NSS DB using modutil --> configure https…
Suresh
  • 11
  • 3
1
vote
1 answer

does same algorithm in different providers really have different implementations in openssl?

In https://www.openssl.org/docs/man3.0/man7/fips_module.html. it says: " If no property query is specified, or more than one implementation matches the property query then it is undefined which implementation of a particular algorithm will be…
ben956
  • 33
  • 5
1
vote
0 answers

Having trouble downloading county-level NOAA data in R

I'm trying to download NOAA data (GHCND dataset: https://www.ncei.noaa.gov/cdo-web/datasets) in R by county FIPS code using the rnoaa package. I feel like it should be possible to download county-level climate data…
user20288214
  • 11
  • 2
1
vote
1 answer

GGplot map stretching counties into lakes

I am trying to make a bivariate US map, but the resulting map seems to stretched counties beyond their borders into lakes, particularly the great lakes region. I've tried both fipio::fips_county() and tigris::counties(year = 2020, class = "sf",…
Quinterpret
  • 133
  • 6
1
vote
1 answer

Does FIPS 140-2 allow using MD5 for checksum

I am using MD5 for checksums. My software is FIPS 140-2 compliant and it doesn't throw any error / exception when I use MD5 for checksum. Where can I find a documentation which says FIPS 140-2 allows using MD5 for checksum. Update: Software as in…
Shreyas
  • 380
  • 1
  • 4
  • 15
1
vote
2 answers

Should a linux system in FIPS mode throw failures for unsupported functions?

I have a RHEL 8.6 system in FIPS mode that I'm testing what happens with containers and their runtimes when the host has FIPS=1. My expectation is that calling an unsupported cipher or method should throw some sort of error. In my testing, I have…
Bonn93
  • 163
  • 1
  • 1
  • 6
1
vote
1 answer

Compiled C Program Wont Run Under My uid But Will Run As Root

System: RHEL8 4.18.0-372.19.1.el8_6.x86_64 Selinux: Enabled FIPS: Enabled Program: #include int main( void ) { fprintf( stdout, "Running test Program...\r\n" ); } Compile: gcc test.c -o test Run Program: ./test -bash: ./test:…
krbo3
  • 11
  • 2
1
vote
0 answers

Use of Conscrypt library

How to use conscrypt library in a way that we can use a boringCrypto module? In conscrypt we have nativeCrypto class in that we have native methods present i have to utilize that methods for encryption and decryption in such a way that it is FIPS…
Sunny Khatik
  • 17
  • 4
1
vote
0 answers

BouncyCastle ALPN broken when running with JDK 11 code compiled with JDK 8

I setup my jdk provider by Security.addProvider(new BouncyCastleFipsProvider()). Set it in the Grpc client by: SslContextBuilder sslContextBuilder = SslContextBuilder.forClient() .sslProvider(SslProvider.JDK) …
yatir dagan
  • 11
  • 2
1
vote
0 answers

How can I configure custom service endpoints for FIPS compliance using Serverless Framework?

In order to meet FedRAMP compliance, we need to make all communication FIPS compliant. In Terraform there is an option to define custom endpoints, which will make API calls to AWS using the FIPS endpoints in our use case. Can I configure custom…
yuval yacoby
  • 84
  • 4
1
vote
0 answers

'st_intersects' applied to an object of class "data.frame"

I am trying to convert latitude/longitude to Census Tract or FIPS using R studio. I am getting the following error message when I am running "system.time" "Error in UseMethod("st_intersects") : no applicable method for 'st_intersects' applied to an…
Sami
  • 11
  • 2
1
vote
1 answer

Connector NoSuchMethodError: org.bouncycastle.crypto.CryptoServicesRegistrar.isInApprovedOnlyMode()Z

I am running Confluent Platform version 7.1.0 and my Kafka Connector requires bouncy castle fips library to be present in plugin path so that it can decrypt the encrypted private key. The BouncyCastleFipsProvider is needed at runtime to generate a…
JayPatel
  • 121
  • 1
  • 6
1
vote
1 answer

How do you get Solr 8.11 to run on a FIPS enabled environment

I'm trying to get Solr 8.11.1 working on Red Hat Enterprise Linux release 8.5 (Ootpa). The environment has FIPS enabled and I can't get Solr to start. I've followed Solr's install guide…
RyanWorks
  • 39
  • 6
1
vote
0 answers

JWT FIPS compliance

I am developing on Spring framework and using auth0 for JWT authentication. I find out some threads said that auth0 is not FIPS compliance, however I also find a thread said that RSA can be approved for digital signature. auth0 is using RSA. Should…
commander spring
  • 51
  • 5
1 2 3
28 29