action #100566
closed[sle][security][backlog][feature][ECO] SLE-21212 - QA: FIPS 140-3: make Openssl module ready for certification process
0%
Description
https://jira.suse.com/browse/SLE-21212
Prepare Openssl module for certification process under FIPS 140-3 standards. Make all code changes necessary, in Openssl, to comply with FIPS 140-3 standards to pass the validation process of NIST and obtain the FIPS certificate for the module.
Confirmed platforms:
x86_64 intel
x86_64 AMD
aarch64
s390x zX (exact platform not yet specify)
Platforms under evaluation, pending for confirmation:
IBM Power 9/10
Algorithms:
12 algorithms:
AES
DSA
SHS
DRBG
HMAC
RSA
ECDSA
ECDH
DH
TLS KDF
SSH KDF
IKE KDF
*Note that we identified 13 algorithms at the beginning, including Triple-DES, however we decided to not include it due to its sunset in 2022.
Standards:
The standards to follow are the FIPS 140-3. See:
https://www.atsec.com/wp-content/uploads/2020/11/atsec_FIPS-140-3_vs_140-2.pdf
Updated by bchou over 2 years ago
- Subject changed from [sle][security][sle15sp4][feature][manual] to [sle][security][sle15sp4][feature][manual] SLE-21212 - QA: FIPS 140-3: make Openssl module ready for certification process
Updated by bchou about 2 years ago
- Subject changed from [sle][security][sle15sp4][feature][manual] SLE-21212 - QA: FIPS 140-3: make Openssl module ready for certification process to [sle][security][sle15sp4][feature][ECO] SLE-21212 - QA: FIPS 140-3: make Openssl module ready for certification process
- Status changed from New to Blocked
- Estimated time set to 40.00 h
This case will be released after SLE15 SP4 GMC. Set this poo as ECO.
Updated by llzhao almost 2 years ago
- Subject changed from [sle][security][sle15sp4][feature][ECO] SLE-21212 - QA: FIPS 140-3: make Openssl module ready for certification process to [sle][security][backlog][feature][ECO] SLE-21212 - QA: FIPS 140-3: make Openssl module ready for certification process
Updated by tjyrinki_suse over 1 year ago
Development still ongoing, but there is now a package ready for testing and we're enabling testing for 15-SP4.
Updated by tjyrinki_suse over 1 year ago
- Status changed from Blocked to In Progress
Updated by bchou over 1 year ago
- Status changed from In Progress to New
- Assignee deleted (
bchou)
This poo can be tracked in SP5 too.