Here's an example of the binary string that will be present from fips/rand/fips_drbg_selftest.h: 0x2e,0xbf,0x98,0xf9,0x85,0x27,0x8b,0xff, Selftest files: aes_selftest.c, dsa_selftes.c, ….Various subdirectories: aes, cmac, des, …, ecdsa, dsa, ….Binary string data in RO section of executable.CRYPTO_R_FIPS_MODE_NOT_SUPPORTED returned FTW!.FIPS_set_mode(1) is called and does not fail.FIPS_text_start(), FIPS_text_end(), FIPS_rodata_start, FIPS_rodata_end, FIPS_signature.FIPS_mode_set(), FIPS_module_mode_set(), FIPS_mode(), FIPS_module_mode().Expected user space symbols are present.Here are some of the things you can check (from the slide deck discussed below): Be sure to have a Developer Prompt open (and not a regular command prompt) to ensure tools like dumpbin are on path. Though the former question is Linux, you can do the same on Windows using dumpbin, find and strings. Windows is sufficiently different, so this question should remain open. If its FIPS validated cryptography, then it will say something like: > openssl versionĪ related question for doing so on Linux is at How to check FIPS 140-2 support in OpenSSL?. The easiest is to run openssl version from the command line.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. Archives
September 2023
Categories |