Stack Overflow
Stack Overflow

Questions tagged [fips]

The term "fips" commonly refers to the Federal Information Processing Standards Publication 140 (FIPS 140), a document published by the National Institute of Standards and Technology (NIST), a U.S. government agency. Cryptographic software and hardware that complies with the standard must use only cryptographic algorithms specified in FIPS 140-2, the latest published revision.

The term FIPS is sometimes used to refer to a specific publication, Security Requirements for Cryptographic Modules FIPS 140. Cryptographic software and hardware that complies with the standard must use only cryptographic algorithms specified in FIPS 140-2, the latest published revision.

However, FIPS 140-2 is one of many publications that describes information technology standards for use by U.S. Government Agencies.

Further information can be found at the FIPS Home Page

432 questions
5
votes
2 answers

How to enforce FIPS in asp.net code (This implementation is not part of the Windows Platform FIPS validated cryptographic algorithms.)

My company has project created with ASP.NET in .Net Framework 3.5 and a windows web server 2008 r2 to host the project. In the web server, we enabled the setting for "System cryptography: Use FIPS compliant algorithms for encryption, hashing, and…
monjuri
  • 121
  • 4
  • 7
5
votes
0 answers

Enabling FIPS causes libgcrypt error

I have two CentOS 6.7 machines (server A and B). Same package versions are installed on each system. Last week I enabled the openSSH FIPS 140-2 module on Server A, and that system works flawlessly (including tsql queries to a SQL Server instance).…
a coder
  • 7,530
  • 20
  • 84
  • 131
5
votes
1 answer

FIPS integrity verification test failed when iniating SSH session

I recently enabled the FIPS module under CentOS 6 (minimum install). Module is confirmed working: cat /proc/sys/crypto/fips_enabled yields 1 openssl md5 somefile(fails) and openssl sha1 somefile(succeeds). openssl version yields OpenSSL…
a coder
  • 7,530
  • 20
  • 84
  • 131
5
votes
4 answers

How can I ensure that a Java object (containing cryptographic material) is zeroized?

My concern is that cryptographic keys and secrets that are managed by the garbage collector may be copied and moved around in memory without zeroization. As a possible solution, is it enough to: public class Key { private char[] key; // ... …
Jeremy Powell
  • 3,426
  • 2
  • 21
  • 29
5
votes
2 answers

Can the ASP.NET ScriptManager be made to work with the Windows FIPS security policy?

If you enable the "Use FIPS compliant algorithms for encryption, hashing, and signing" security policy option in Windows, attempting to use many of the cryptographic classes in the .NET Framework will result in an InvalidOperationException. By…
Tim Danner
  • 630
  • 8
  • 20
5
votes
1 answer

FIPS compliant SSH library for Java

I want to implement SCP (Secure Copy) functionality in my Java application to copy a file from the SSH server to another machine. My java application must be FIPS compliant and hence it uses SunPKCS11 provider to interface with the underlying NSS…
Sanjay Bhat
  • 171
  • 1
  • 1
  • 9
4
votes
2 answers

FIPS validated application with HMAC function based on SHA512?

I'm building a FIPS validated application and have the FIPS mode turned on on my computer. I need an HMAC function hopefully based on SHA512. I understand that the HMAC SHA1 function is FIPS validated but I have a hash function…
hobeau
  • 873
  • 1
  • 11
  • 24
4
votes
1 answer

trying to enable FIPS mode using SunPKCS11 with NSS in Java

I'm working on a project requiring FIPS 140-2 validated cryptography, and I'm trying to use NSS with the SunPKCS11 token interface, and I've gotten it working up until turning on FIPS mode in NSS. I get an error, CKR_USER_NOT_LOGGED_IN, that I just…
nodog
  • 41
  • 1
  • 2
4
votes
2 answers

VS development on FDCC compliant Workstation

I have a FDCC compliant workstation with FIPS 140-1 (Level 1) enabled. Now, i cannot run/debug any VS 2005/2008 applications on my machine I get the following error message on my browser Parser Error Message: This implementation is not part of the…
paramesh kudlur
4
votes
1 answer

BouncyCastle JSSE and BCTLS No Credentials for Cipher

Using BouncyCastle FIPS JSSE and TLS providers for my server application. org.bouncycastle bcpkix-fips 1.0.3
ramtech
  • 757
  • 6
  • 15
4
votes
0 answers

OpenSSL in FIPS mode: connection error (elliptic curve routines:ec_GFp_simple_oct2point:invalid encoding)

I built OpenSSL 1.0.2p on Windows (64bit) with the FIPS module. I followed the standard build procedure for the FIPS module, then I built the OpenSSL dynamic libraries using a custom procedure based on Scons. At runtime, when I enable the FIPS mode,…
antoniosdc
  • 41
  • 3
4
votes
3 answers

Configure Oracle JDK to use IBM JCE/JSSE providers for FIPS compliance

I would like to configure the Oracle JDK to use IBM's FIPS-compliant JCE/JSSE security providers. What JAR files do I need and where should they be installed? What should the provider list in the java.security file look like?
Rob H
  • 14,502
  • 8
  • 42
  • 45
4
votes
1 answer

Why is Python md5 available in FIPS mode?

First I verify that my openssl is correct (compiled with FIPS support). # openssl version OpenSSL 1.0.2q-fips 20 Nov 2018 In normal mode: # echo -n 123456 | openssl md5 (stdin)= e10adc3949ba59abbe56e057f20f883e In FIPS mode: # echo -n 123456 |…
volingas
  • 1,023
  • 9
  • 21
4
votes
1 answer

Verify FIPS mode in golang boringssl

how to verify if fips mode is enabled for binary in golang dev boring crypto branch ? I dont see an easy way apart from internal golang tests
Akshay Khurd
  • 69
  • 1
  • 5
4
votes
1 answer

How to compile Python 3.6 with custom Fips enabled Openssl?

This is a follow up question to this SO question where i was having problems in patching Python 3.6. Now that i have managed to patch python and introduce the FIPS_mode() and FIPS_mode_set() in Python, i need to compile it with a custom openssl with…
Hussain Ali Akbar
  • 1,585
  • 2
  • 16
  • 28
1 2
3
28 29