Questions tagged [fips]

The term "fips" commonly refers to the Federal Information Processing Standards Publication 140 (FIPS 140), a document published by the National Institute of Standards and Technology (NIST), a U.S. government agency. Cryptographic software and hardware that complies with the standard must use only cryptographic algorithms specified in FIPS 140-2, the latest published revision.

The term FIPS is sometimes used to refer to a specific publication, Security Requirements for Cryptographic Modules FIPS 140. Cryptographic software and hardware that complies with the standard must use only cryptographic algorithms specified in FIPS 140-2, the latest published revision.

However, FIPS 140-2 is one of many publications that describes information technology standards for use by U.S. Government Agencies.

Further information can be found at the FIPS Home Page

432 questions

votes

1 answer

FIPS compliant password encryption for .NET

I've working on a WinForms in VB.NET (3.5) application that requires the user to enter domain administrator credentials. To make things easier on the user, they should only have to enter the user name and password once, and then just rely on my app…

asked Sep 30 '08 at 22:35

Matt Hanson

3,458
7
40
61

votes

0 answers

Openssl cross-compile linking issues when using fips module

I'm attempting to add the Openssl FIPS module to an existing embedded powerpc system running Linux. Its mostly going well, but I'm stuck on an issue that occurs during the linking phase. If I don't disable certain ciphers when configuring openssl,…

openssl cross-compiling fips

asked Mar 14 '13 at 20:09

Bob Wentz

votes

2 answers

FIPS Compliance and BouncyCastle

I wish to know if my Android App is FIPS 140-2 compliant if it uses only the crypto algorithms provided here? I use SpongyCastle to implement these algorithms. Edit: A generalised question : Can open-source libraries like BouncyCastle/SpongyCastle…

android cryptography bouncycastle fips

asked Jan 04 '13 at 14:54

MediumOne

votes

2 answers

Hashing algorithm that meet FISMA / other federal informations systems requirements

I work in an organization that must meet FISMA requirements for FIPS-enabled systems. One of the thing that I am trying to do is implement a hash algorithm for our passwords. I have many choice on this: SHA-2, MD5, bcrypt (with Blowfish), RIPE,…

fips

asked Jan 02 '13 at 22:18

striders

votes

1 answer

This implementation is not part of the Windows Platform FIPS validated cryptographic algorithms while caching

We have created a web app that caches a drop down list of states and only recaches once a week. I disabled FIPS in the registry and cannot find any information on what to do about this issue. Everytime I run the app I get a FIPS error despite FIPS…

fips

asked Sep 19 '12 at 20:20

Robert

4,306
11
45
95

votes

3 answers

Using OpenSSL in FIPS mode with .NET

I've build OpenSSL FIPS container version 2.0.1, then built OpenSSL 1.0.1c using that container (according to the instructions in User Guide for the OpenSSL FIPS Object Module v2.0): SET FIPSDIR=C:\OpenSSL\FIPS cd…

.net c build openssl fips

asked Sep 01 '12 at 18:33

Cocowalla

13,822
6
66
112

votes

1 answer

What data for BCryptGetFipsAlgorithmMode use to determine FIPs status?

I am having a hard time finding out what factors go into determining whether BCryptGetFipsAlgorithmMode() returns TRUE or FALSE. Does it just return the status of: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Lsa\FIPSAlgorithmPolicy\Enabled…

windows cryptography registry fips cng

asked May 08 '12 at 19:27

Daniel Scire

votes

2 answers

unknown build error "This implementation is not part of the Windows Platform FIPS validated cryptographic algorithms"

So I enabled this group policy and the first time I tried to compile my solution I get this error. The funny thing is that I only use cryptographic function in one place but what I am seeing this on is all my Silverlight ResourceDictionary files and…

wpf silverlight xaml fips

asked Apr 16 '12 at 17:19

mdutra

votes

3 answers

Is PHP's mcrypt extension FIPS 197 compliant?

I'm using the following encryption code which works like a charm, but I have to validate that it's FIPS 197 compliant otherwise Legal will kill me. mcrypt_encrypt(MCRYPT_RIJNDAEL_256, SALT, $plaintext, MCRYPT_MODE_ECB, …

php cryptography mcrypt fips

asked Nov 08 '11 at 15:51

justacoder

2,684
6
47
78

votes

2 answers

OpenSSL Java bindings for Java Cryptography Architecture (JCA)

I'm developing a Java project that needs to use a FIPS 140-2 validated module for crypto signatures. I'm leaning towards using the OpenSSL FIPS Object Module. After browsing around the webs, I couldn't find anything that implemented a Java bindings…

java cryptography openssl digital-signature fips

asked Oct 08 '11 at 01:12

mikey

votes

0 answers

Does google/go dev.boringcrypto branch contains FIPS certified BoringCrypto library?

Go has dev.boringcrypto branch that holds the patches to make Go use BoringCrypto. So, the question is: does src/crypto/internal/boring/goboringcrypto_linux_amd64.syso correspond to the FIPS certified BoringCrypto library specified here: Google's…

go fips

asked Feb 22 '22 at 04:23

arinto

votes

2 answers

Does TLS 1.2 comply with FIPS

I am new for FIPS 140-2, our application is using TLS 1.2 for communication with other systems. I am wondering if there is any requirements for TLS 1.2 to comply with FIPS? In other words, in order to be FIPS-compliant, what does our TLS 1.2…

tls1.2 fips

asked Aug 10 '21 at 13:31

Joe

votes

1 answer

Go dev.boringcrypto branch - x/crypto library FIPS 140-2 compliance

The dev.boringcrypto branch of Go replaces the built-in crypto modules with a FIPS-verified version: We have been working inside Google on a fork of Go that uses BoringCrypto (the core of BoringSSL) for various crypto primitives, in furtherance of…

go encryption cryptography fips boringssl

asked Jul 18 '21 at 21:56

Ben S

votes

2 answers

Using Keycloak with a FIPS-compliant JDK

I have the requirement to build a Docker image with Keycloak and a FIPS-compliant JDK (based on OpenJDK 8). My company has an internal FIPS JDK distribution which works somewhat like this: In a -Djava.endorsed.dirs directory, a security provider is…

java jboss wildfly keycloak fips

asked Mar 17 '20 at 21:43

Sean Patrick Floyd

292,901
67
465
588

votes

1 answer

Link Openssl-FIPS library for Python3

I have built OpenSSL in fips mode and trying to build python3, and use the existing OpenSSL libraries. LDD command shows it correct crypto and ssl shared objects. Also, I can get the correct version from ssl.OPENSSL_VERSION But even after setting…

python python-3.x openssl fips

asked Feb 06 '20 at 08:44

Raghu

Prev 1 2 3

…

28 29 Next