[erlang-questions] crypto application in FIPS mode

Drew Varner <>
Sat Apr 14 20:15:09 CEST 2012


Has anyone toyed around with running the crypto application linked against an OpenSSL library in FIPS 140-2 mode (http://www.openssl.org/docs/fips/UserGuide.pdf)? I am interested in using Erlang libraries (http servers) and SSL distribution using the FIPS-certified library.

I believe the application would need to put the OpenSSL module in FIPS mode (assuming it was compiled in FIPS mode) and then trigger the power-on self tests at initialization. Perhaps the NIFs could return "atom_notsup" where the OpenSSL library did not support the given operation in FIPS mode.

Thanks,
Drew 


More information about the erlang-questions mailing list