Stack Overflow
Stack Overflow

Questions tagged [fips]

The term "fips" commonly refers to the Federal Information Processing Standards Publication 140 (FIPS 140), a document published by the National Institute of Standards and Technology (NIST), a U.S. government agency. Cryptographic software and hardware that complies with the standard must use only cryptographic algorithms specified in FIPS 140-2, the latest published revision.

The term FIPS is sometimes used to refer to a specific publication, Security Requirements for Cryptographic Modules FIPS 140. Cryptographic software and hardware that complies with the standard must use only cryptographic algorithms specified in FIPS 140-2, the latest published revision.

However, FIPS 140-2 is one of many publications that describes information technology standards for use by U.S. Government Agencies.

Further information can be found at the FIPS Home Page

432 questions
2
votes
1 answer

Is System.Security.Cryptography.RNGCryptoServiceProvider FIPS 140-2 complaint?

we are using this System.Security.Cryptography.RNGCryptoServiceProvider .net lib. we need to make sure that if its is compliant with FIPS 140-2 here is the link from…
AstroBoy
  • 337
  • 3
  • 16
2
votes
1 answer

Bouncy Castle for fips is not working on linux virtual machine

I implemented Bouncy Castle for fips certificate generation, this worked fine on physical linux environment but on linux virtual machine the code is stuck on keypair generation. Following is the code that i have written: public static KeyPair…
ritesh kumar
  • 81
  • 1
  • 7
2
votes
1 answer

FIPS policy blocks access to RDS-Postgres on AWS

I am facing an access problem when I connect to a postgres database instance on AWS/RDS. The connection is made using the library NPGSQL. Debbugging and logging, I found that the problem occurs during theauthentication. The configuration of PG_HBA…
Massimiliano Carosi
  • 284
  • 4
  • 20
2
votes
2 answers

Building 32 bit OpenSSL FIPS (nmake f ms\ntdll.mak): Illegal Character in macro

My goal is to build the OpenSSL (openssl-1.0.2n) shared libraries (DLLs) in 32 bit with FIPS enabled. Per the procedure pescribed by openssl.org (https://www.openssl.org/docs/fips/UserGuide-2.0.pdf), after building the FIPS canister I did: perl…
Timothy John Laird
  • 1,101
  • 2
  • 13
  • 24
2
votes
0 answers

Visual Studio build error “This implementation is not part of the Windows Platform FIPS validated cryptographic algorithms": What triggers this?

I am administering a set of Jenkins build projects that are now getting the error “This implementation is not part of the Windows Platform FIPS validated cryptographic algorithms" from a new MSBuild project. What attribute of a project triggers…
John Elion
  • 1,323
  • 1
  • 16
  • 30
2
votes
0 answers

FIPS compliant random number generator for PHP 5.6 (Windows)

I am looking for an implementation of FIPS validated or compliant Random Number Generator for PHP 5.6. From what I have seen, random_bytes and random_int are there but they are only available for PHP 7.0 or above. random_bytes uses windows…
Umair Durrani
  • 79
  • 1
  • 3
2
votes
1 answer

ActiveMQ run in FIPS mode

I am workinf with ActiveMQ 5.14 my ssl configuration is:
Michael Biniashvili
  • 500
  • 1
  • 12
  • 24
2
votes
0 answers

RAND_bytes always returns 0 in OpenSSL-FIPS mode

I am trying to understand why RAND_bytes() always returns 0 when used in OpenSSL FIPS mode. I am using OpenSSL-FIPS-2.0.9. To enable FIPS mode, my code first makes a call to FIPS_mode_set( 1 ), defined in openssl-1.0.2j/crypto/o_fips.c. This ensures…
Coder
  • 1,415
  • 2
  • 23
  • 49
2
votes
1 answer

OpenSSL FIPS capable library for iOS arm64 architecture

I am successfully generating OpenSSL FIPS capable library for iOS armv7 architecture by referring Appendix E from https://www.openssl.org/docs/fips/UserGuide-2.0.pdf However for arm64 architecture with grater than iOS8 I am trying to build FIPS…
iSpark
  • 952
  • 7
  • 18
2
votes
0 answers

Enable TLS 1.2 without enabling FIPS policy

I am trying to enable TLS 1.2 on Windows Server 2012 R2. For this I have upgraded my SQL Server 2012 SP2 to 11.2.5678.0. Also, I have performed the following in regedit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft.NETFramework\v4.0.30319] …
queryguy
  • 21
  • 1
  • 5
2
votes
1 answer

Is Erlang 19.xx is FIPS compliant?

Does Erlang 19.x compliant FIPS? Or it needs to be built? How can we build FIPS enable erlang and once build is there, is there some mechanism to verify it? When search erlang documentation, there is no mention of FIPS…
Rafiq
  • 51
  • 7
2
votes
1 answer

FipsUnapprovedOperationError while creating CMS message with BouncyCastle

I am trying to create a CMS Enveloped encrypted message using BouncyCastle FIPS 1.0.0 for Java. I receive the following error indicating that it is trying to use AES for random number generation (which is not an approved algorithm for FIPS…
Michael
  • 2,460
  • 3
  • 27
  • 47
2
votes
0 answers

FIPS mode: only SunJSSE TrustManagers may be used

I found if I turn on fips mode, the JRE only allow SunJSSE TrustManagers and KeyManagers when you create a SSLContext to do SSL handshake. I google the source code of sun.security.ssl.SSLContextImpl, and found the following code: in…
hyderai
  • 31
  • 1
  • 4
2
votes
0 answers

FIPS Compliance in Java deployments

I'm currently working as a QA engineer with a developer on a particular project which we're looking to deploy a FIPS compliant version of the app. We currently have a standard deployment working without FIPS mode enabled. However, when we've been…
zerocoolMI
  • 21
  • 2
2
votes
1 answer

FIPS 140-2 Compliance SHA256Managed and SHA256Cng in .NET

I'm currently performing some analysis and one of the finer details that had me puzzled was the following. What is the difference between SHA256Managed and SHA256Cng in regards to SHA256Cng meeting FIPS 140-2 Compliance? I know the outputs from both…
R007
  • 378
  • 4
  • 11
1 2 3
28 29