FIPS 140-3 mode dependencies
Read about the requirements posed on libica by the FIPS 140-3 compliance standards and how they are fulfilled.
- TDES/3DES functions are blocked when running in FIPS mode (FIPS 140-2 and later). See also Use of TDES/3DES functions in FIPS mode.
- Use a FIPS 140-3 compliant random number generator for ECC key generation. Therefore, libica transparently enforces ECC key generation via OpenSSL when running in FIPS mode. Triggering internal quality and integrity checks, OpenSSL ensures a FIPS-compliant ECC key generation. CPACF and CCA cryptographic coprocessors are not considered to be FIPS 140-3 compliant for ECC key generation. See also Using ECC in FIPS mode.
- The libica self-tests are enhanced to include self-tests for ECDSA via CPACF.
- ECC processing limits the available curves to the ones supported by CPACF with MSA9: p256, p384, p521. Self-tests for ECDH using CCA cryptographic coprocessors are also added for these three curves.
- Brainpool curves, Edwards (Ed25519/448), and Montgomery (X25519/448) curves are blocked, because they are not yet FIPS 140-3 approved as of December 2022.
- Provide key checking for the ica_ecdh_derive_secret() API function as required by NIST Special Publication 800-56A, Revision 3, sections 5.6.2.3.2 and 5.6.2.3.3. As libica does not know how the application created the key material, these checks inside the ECDH derive function are necessary.
- Only support FIPS-approved RSA key lengths. libica version 4.1 allows RSA key lengths of 2048 bits and higher when running in FIPS mode. See also Using RSA in FIPS mode. Also, the minimum RSA public exponent size is 65537.
- Use FIPS 140-3 compliant random number sources. The libica deterministic random bit generator (DRBG) is not FIPS 140-3 compliant and it is up to applications whether to use it or not. The DRBG API (see NIST compliant ica_drbg functions) is not blocked in FIPS mode.