Search code examples
crypto++fips

What is compliance with FIPS 140-2 in CRYPTOPP?

How can I meet such compliance? In the method GenerateRandom of InvertibleRSAFunction, I am getting an exception when the method SignaturePairwiseConsistencyTest_FIPS_140_Only(signer, verifier) is called. Am I choosing the seed wrong? Or the length?

if (FIPS_140_2_ComplianceEnabled())
{
    RSASS<PKCS1v15, SHA>::Signer signer(*this);
    RSASS<PKCS1v15, SHA>::Verifier verifier(signer);
    SignaturePairwiseConsistencyTest_FIPS_140_Only(signer, verifier);

    RSAES<OAEP<SHA> >::Decryptor decryptor(*this);
    RSAES<OAEP<SHA> >::Encryptor encryptor(decryptor);
    EncryptionPairwiseConsistencyTest_FIPS_140_Only(encryptor, decryptor);
}
Solution

  • How can I meet FIPS140-2 compliance?

    That's a big topic. Crypto++ has a wiki page on the subject at FIPS DLL. Below are some of the higher level bullet points.

    • Validation on applicable to Windows
    • Must download prebuilt FIPS DLL
    • Operational Environments:
      • Windows 2000 Professional Operating System, Service Pack 1
      • Windows 2000 Professional Operating System, Service Pack 1
      • Windows XP Professional with SP2 and Windows Server 2003 X64 with SP1

    In the summer of 2017 I gave a talk at International Cryptographic Module Conference. The talk was titled Crypto++: Past Validations and Future Directions.

    The short of it is:

    • Crypto++ is on the historical validation list. For all intents and purposes, we are no longer validated
    • Crypto++ probably will not seek another validation. Its too expensive
    • Validating a C++ library is no different than a C library
    • Implementing and using a C++ library is painful compared to a C library
    • Crypto++ can use OpenSSL's FIPS Object Module (FOM) to provide validated cryptography. I demonstrated it at the talk

    It may seem kind of odd that Crypto++ would wrap OpenSSL. I think it is, too. However, FIPS 140-2 is a process. It has very little to do with the actual technical implementation of the algorithms. Crypto++ wrapping the OpenSSL module was an immediate solution to a number of problems that costs nothing (as opposed to $100,000 USD for a new validation).

    June 2019 edit: We marked the FIPS related Visual Studio projects as deprecated at Crypto++ 8.0 release. As discussed at FIPS DLL on the Crypto++ wiki, the two projects are cryptdll.vcxproj and dlltest.vcxproj. They are subject to removal in a future release.

    We are not going to remove the two project until we have something in place to potentially provide FIPS validated cryptography. That will likely be a wrapper around OpenSSL's FIPS Object Module. The idea is, we funnel validations to OpenSSL and the world benefits. Users pay $5,000 or $10,000 to OpenSSL for the new platform validation. Crypto++ supports the OpenSSL validation/integration at no charge.

    The downside to the user is, the user losses exclusivity because anyone in the world can use the new platform. The upside to the user is, it does not cost $150,000 for a private validation. Effectively our policy will force users to pool resources for the better good of everyone.