Skip to content
/ openssl-fips Public

OpenSSL FIPS-compliant 140-2 cryptographic module canister for Docker container targets.

sgnn7.org

License

Apache-2.0 license
0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

sgnn7/openssl-fips

BranchesTags

Repository files navigation

openssl-fips

OpenSSL FIPS 140-2 cryptographic module canister for Docker containers

Work in progress

Description

You can use the content of this repo to build a FIPS-compliant OpenSSL version with containerized (aka reproducible) results. HAProxy is also provided as an example of a derivative container that can then be built with this as a FIPS-compliant application.

Pre-requisites

  • jq
  • docker

Usage

$ # Build FIPS OpenSSL container with FIPS canister
$ ./build.sh

$ # Build FIPS-compliant HAProxy
$ ./build.sh haproxy

$ # Build just the FIPS canister
$ ./build_fips_canister.sh

Current Progress

  • [Linux] OpenSSL FIPS Canister container buildable
  • [Linux] FIPS OpenSSL container buildable
  • [Linux] FIPS HAProxy container buildable with FIPS-enforcement patch

TODO

  • [Linux] Additional FIPS checks on HAProxy functionality
  • [Windows] Pretty much everything

Authors

About

OpenSSL FIPS-compliant 140-2 cryptographic module canister for Docker container targets.

sgnn7.org

Topics

docker security cryptography encryption openssl docker-container containers fips fips140-2 openssl-tools fips-140-2 trusted-execution-environment fips-build

Resources

Readme

License

Apache-2.0 license
Activity

Stars

0 stars

Watchers

2 watching

Forks

0 forks
Report repository

Languages