[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: libssh FIPS support
[Thread Prev] | [Thread Next]
- Subject: Re: libssh FIPS support
- From: jijo thomas <jijo7thomas@xxxxxxxxx>
- Reply-to: libssh@xxxxxxxxxx
- Date: Tue, 12 May 2020 19:14:58 +0530
- To: libssh@xxxxxxxxxx
Latest available openssl FIPS module is 2.0.16 which is compatible with openssl 1.0.2 But libssh 0.9.4 require openssl 1.1.1 I don't think openssl 1.1.1g could be compiled with openssl-fips-2.0.16 (at least I was not able to do that) What am I missing here, to compile libssh with FIPS support in windows? -- Jijo On Mon, May 11, 2020 at 1:07 PM Jakub Jelen <jjelen@xxxxxxxxxx> wrote: > On Fri, 2020-05-08 at 16:33 +0530, jijo thomas wrote: > > Hi, > > > > 1) Is the libssh 0.9.4 FIPS compliance valid if I use libssh + > > openssl? > > FIPS is more complicated than saying that particular version is or is > not FIPS compliant. Libssh 0.9.4 has all the bits to be FIPS compliant > if it is built and used against openssl FIPS module with openssh KDF > [1] (for example as part of RHEL8). In these conditions, libssh does > not do any restricted cryptographic operations. > > [1] https://github.com/openssl/openssl/pull/7290 > > Regards, > -- > Jakub Jelen > Senior Software Engineer > Security Technologies > Red Hat, Inc. > > >
| Re: libssh FIPS support | Anderson Sasaki <ansasaki@xxxxxxxxxx> |
| libssh FIPS support | jijo thomas <jijo7thomas@xxxxxxxxx> |
| Re: libssh FIPS support | Jakub Jelen <jjelen@xxxxxxxxxx> |