Stack Overflow
Stack Overflow

Questions tagged [fips]

The term "fips" commonly refers to the Federal Information Processing Standards Publication 140 (FIPS 140), a document published by the National Institute of Standards and Technology (NIST), a U.S. government agency. Cryptographic software and hardware that complies with the standard must use only cryptographic algorithms specified in FIPS 140-2, the latest published revision.

The term FIPS is sometimes used to refer to a specific publication, Security Requirements for Cryptographic Modules FIPS 140. Cryptographic software and hardware that complies with the standard must use only cryptographic algorithms specified in FIPS 140-2, the latest published revision.

However, FIPS 140-2 is one of many publications that describes information technology standards for use by U.S. Government Agencies.

Further information can be found at the FIPS Home Page

432 questions
1
vote
2 answers

'java.io.IOException: parseAlgParameters failed: PBE AlgorithmParameters not available' on RHEL 8.3 with FIPS mode enabled

Recently, I discovered that on one of the servers, Java 11 has been updated: From: java-11-openjdk-headless-1:11.0.13.0.8-1.el8_4.x86_64 To: java-11-openjdk-headless-1:11.0.14.0.9-2.el8_5.x86_64 So from 11.0.13.0.8-1 to 11.0.14.0.9-2. Host is…
gczarnocki
  • 173
  • 1
  • 16
1
vote
0 answers

Pre-built binaries for BoringCrypto Android?

Section 12.1 of the BoringCrypto Android FIPS 140-2 Security Policy gives instructions for building BoringCrypto Android from source. Are these binaries distributed anywhere so I don't need to build from source?
Adam Johns
  • 35,397
  • 25
  • 123
  • 176
1
vote
0 answers

OpenSSL v3.0.0 FIPS Builds OK - What's Next

I successfully built OpenSSL v3.0.0 with the FIPS option from the current .gz download from the official OpenSSL site. I have also ensured my application code has been upgraded from OpenSSL '1.0.2t to v3.0.0 (v1.1.1l setters/getters). My application…
Ray A Brown
  • 11
  • 1
1
vote
1 answer

Node 16.13 with FIPS (OpenSSL 3.0.0)

Has anyone managed to make this work, following the instructions from Node 16.13 BUILDING.md I managed to compile but when I run: node --enable-fips -p 'crypto.getFips()' I get: OpenSSL error when trying to enable…
markobugbg
  • 11
  • 2
1
vote
1 answer

RHEL8: FIPS Object Module (fipscanister) existing?

I am confused by RHEL8. It reports: # openssl OpenSSL> version OpenSSL 1.1.1g FIPS 21 Apr 2020 OpenSSL> exit # find / -name fipscanister*.* My system reports to be running a FIPS compliant OpenSSL, but I do not find a FIPS canister on the system…
René Heuven
  • 197
  • 16
1
vote
1 answer

Is it possible to get Google Cloud HSM device metadata?

When using a key stored inside Google Cloud HSM, is it possible to get the following metadata fields about the HSM hardware being used: Device model name Device serial number Firmware Version Hardware Version Valid FIPS certificate for…
fornwall
  • 2,877
  • 3
  • 25
  • 38
1
vote
0 answers

KeyStore.setKeyEntry not working in FIPS mode

I am using RHEL 8.3 with FIPS mode on and openjdk 1.8.0.265. I am using the following token for initializing the Keystore. name = NSSfips nssLibraryDirectory = /usr/lib64 nssSecmodDirectory = nssModule = fips For keypair generation…
Paul Schimmer
  • 161
  • 3
  • 22
1
vote
1 answer

How to avoid OpenSSL error using pyinstaller?

I was able to directly execute the python script in the environment. But after I compile the package using pyinstaller: pyinstaller myscript.py --onefile When executing the execuable binary, there will be an OpenSSL error: $…
cynkiller
  • 73
  • 9
1
vote
1 answer

Configuring embedded Tomcat to serve FIPS-compliant HTTP2 with BouncyCastle

I'm trying to configure an embedded Tomcat server so that it can serve HTTP2 in FIPs mode, using BouncyCastle's FIPs libraries. I've set the accepted protocols to TLSv1.2+TLSv1.3. I've tried various suggested cipher suites, but it seems no matter…
JDS
  • 153
  • 9
1
vote
1 answer

KeyStore API throws error : java.security.KeyStoreException: BCFIPS JKS store is read-only and only supports certificate entries

I have created a JKS trust-store for an application. (PKCS12 is not yet supported by the OpenJDK in production server) I am trying to add a certificate to the truststore using the KeyStore API: public addToTrustStore(List certChain) { String…
gkns
  • 697
  • 2
  • 12
  • 32
1
vote
1 answer

How does electron use openssl?

I have an app made using angular and electron.I use http and https in my application. Electron uses BoringSSL which is a fork of openssl. I want to know if openssl of electron is used in any way for my application. I am new to openssl and as far as…
Shubham
  • 95
  • 13
1
vote
2 answers

Map the value of a new column by searching another dataframe

I have two dataframes: df_geo and df_event. I want to create two new columns in df_event. The data frames resemble the following, although additional columns have been removed for the sake of simplicity: data_geo = …
Drew111
  • 23
  • 6
1
vote
1 answer

Kafka fips: BCFIPS not working with upgrade to JAVA11

I have a kafka cluster running in FIPS mode with below configuration. Brokers: 3, Zookeeper Nodes: 3 Kafka: 2.0.0, Scala: 2.12 Zookeeper: 3.4.14 Java - 8 bc-fips - 1.0.1 This cluster is running fine and is in a healthy state. Currently we have…
Tushar H
  • 755
  • 11
  • 29
1
vote
1 answer

How to change State Abbreviations to State Names in Stata?

I have these two datasets (pictured below) that I need to do a 1-to-1 merge on the state variable. The problem is that in the one dataset the state values are named as abbreviations and the other has the states as numerics with their full name as…
BangaiiWatchman
  • 33
  • 6
1
vote
1 answer

How do I check for FIPS compliance at compile time?

I have a large C# .NET project which I must turn into FIPS compliant, so I need to find and change every piece of code that calls any non-compliant API. If I enable FipsAlgorithmPolicy in the registry I start getting runtime exceptions like "This…
Ra.
  • 2,499
  • 3
  • 28
  • 41
1 2 3
28 29