Questions tagged [fips]

The term "fips" commonly refers to the Federal Information Processing Standards Publication 140 (FIPS 140), a document published by the National Institute of Standards and Technology (NIST), a U.S. government agency. Cryptographic software and hardware that complies with the standard must use only cryptographic algorithms specified in FIPS 140-2, the latest published revision.

The term FIPS is sometimes used to refer to a specific publication, Security Requirements for Cryptographic Modules FIPS 140. Cryptographic software and hardware that complies with the standard must use only cryptographic algorithms specified in FIPS 140-2, the latest published revision.

However, FIPS 140-2 is one of many publications that describes information technology standards for use by U.S. Government Agencies.

Further information can be found at the FIPS Home Page

432 questions

votes

0 answers

Loading FIPS OpenSSL DLL at a fixed base address on Windows

A FIPS validated OpenSSL library must load libeay32.dll at a fixed address. This is indicated, for example, at: Fixed address is occupied in .NET Using techniques described at: IIS7 App Pool can't load library with Fixed Base Address, and How do you…

asked Feb 28 '16 at 01:05

asavige

votes

0 answers

OpenSSL FIPS enabled and Java JNI

I’ve been banging my head against the wall for a while now. I have a library that depends on openssl (and by customer requirements FIPS enabled). Then I use that library from Java via JNI (Windows). I’ve tried all kind of things and I have narrowed…

java windows openssl java-native-interface fips

asked Dec 29 '15 at 08:36

Joaquin Fernandez

votes

2 answers

AJAX.NET and FIPS

We have a few sections of our application that are using AJAX.NET 5.7.25.1. Our server administrators have enabled FIPS and we are running into the following error: This implementation is not part of the Windows Platform FIPS validated…

ajax.net fips

asked Aug 02 '10 at 21:07

Clay Benoit

votes

2 answers

Make ASP.NET web application FIPS Compliant?

I need to understand how to make an ASP.NET web application FIPS compliant. To keep it simple, I created a new web application within VS 2008. I have FIPS enabled on my development machine, as the client using the web application will be a Federal…

asp.net fips

asked Jun 25 '10 at 17:21

Chris

2,148
8
31
52

votes

2 answers

Is it possible to create a FIPS 140-2 compliant server in Perl?

The question is pretty simple, is it possible to create a FIPS 140-2 compliant server in Perl? Especially, is it possible without modifying any of the C code for the modules? If it's not possible in straight Perl, what would be the easiest way to go…

perl security encryption cryptography fips

asked Jun 14 '10 at 20:26

Nayruden

votes

1 answer

What are the benefits of using fips for the JCE?

I used the FIPS provider in the JCE, but couldn't really see any difference - I specifically looked for the maximum key sizes but didn't find any difference there. What advantages does enabling FIPS actually provide?

java jce fips

asked May 11 '10 at 09:42

AbdullahC

6,649
3
27
43

votes

1 answer

FIPS-compliant encryption in .NET 2.0

We have a .NET 2.0 application that uses the RijindaelManaged class to encrypt some sensitive data. This was fine until we ran into some machines that require the use of FIPS-compliant algorithms. We'd like to switch to AesCryptoServiceProvider, but…

c# encryption fips aescryptoserviceprovider

asked May 05 '10 at 13:23

Odrade

7,409
11
42
65

votes

0 answers

Is enforceFIPSPolicy config key setting is not compatible with web applications/services?

Is enforceFIPSPolicy config key, as described here meant for windows application only? On my development machine (Windows 7) I enabled FIPS and then If I created a simple console app, as follows: static void Main(string[] args) { var algorithm =…

wcf asp.net-mvc-4 .net-4.5 fips

asked Sep 17 '14 at 18:36

Sebastian K

6,235
1
43
67

votes

2 answers

Unknown cpu type when compiling OpenSSL FIPS Capable libraries for arm64 or arm7s

I can successfully (at least without warnings and with resulting .a files) compile for arm7, x86_64, and i386. When I compile for arm64, I get Unknown cpu type 100000c, no adjustments made. When I compile for arm7s, I get Unknown cpu type 100000c,…

ios openssl fips

asked Sep 10 '14 at 15:05

Peter DeWeese

18,141
8
79
101

votes

2 answers

Are we using FIPS certified encryption libraries on Windows Phone 8

Per this link, Windows Phone 8 received the FIPS 140-2 validation on the following modules: Kernel Mode Cryptographic Primitives Library (CNG.SYS) Cryptographic Primitives Library (BCRYPTPRIMITIVES.DLL) Enhanced DSS and Diffie-Hellman…

windows-phone-8 fips

asked Jul 28 '14 at 19:45

windfly2006

1,703
3
25
48

votes

2 answers

What does it mean for an application to be FIPS 140 compliant?

Is it as simple as using FIPS 140 compliant crypto providers or is there more to it? Are there differences if it is a web app vs a windows app? What if it is a distributed app? Are there any special considerations for IIS, WCF, ASP.Net,…

.net fips

asked Mar 04 '10 at 18:52

Matthew

2,210
1
19
30

votes

3 answers

Java 8 64 bit on Windows with NSS for FIPS 140 compliance

According to JEP 131, Java 8 should provide a PKCS#11 Crypto provider for 64 bit Windows: https://blogs.oracle.com/mullan/entry/jep_131_pkcs_11_crypto. With that in mind, I downloaded and built both 32 and 64 bit versions of NSS with NSPR using…

windows 64-bit java-8 fips nss

asked Dec 11 '13 at 14:04

Jon H

votes

1 answer

Calling FINGERPRINT_premain on more c++ compiler/platforms

I am trying to use a statically link OpenSSL in FIPS mode on IBM PLinux using xlC_r as the compiler/linker. This combination is not supported by fipsld or fips_premain.c. fipld will add linker options to call FINGERPRINT_premain on uname -s in…

c++ openssl fips

asked Oct 22 '13 at 20:13

TylerEli

votes

1 answer

FIPS Capable OpenSSL and `make depend`

I'm trying to build a FIPS Capable OpenSSL for an iDevice. I'm working with the FIPS 2.0 gear, and the 1.0.1 sources. Step 1 is OpenSSL FIPS Object Module, and it went fairly well. Step 2 is FIPS Capable OpenSSL. To configure FIPS Capable OpenSSL,…

openssl makefile fips

asked Dec 25 '12 at 12:16

jww

97,681
90
411
885

votes

1 answer

How to use DRBG from OpenSSL FIPS Object module v2.0

I am trying to use the OpenSSL FIPS Object module v2.0 with the base OpenSSL library (1.0.1c) to make my application FIPS 140-2 complaint. The problem is I am not able to figure out how to use the DRBG API from the FIPS object module for replacing…

openssl fips

asked Dec 18 '12 at 08:43

user1912223

Prev 1 2 3

…

28 29 Next