FIPS 140-3 mode dependencies
Read about the requirements posed on libica by the FIPS 140-3 compliance standards and how they are fulfilled.
- TDES/3DES functions are blocked when running in FIPS mode (FIPS 140-2 and later). See also Use of TDES/3DES functions in FIPS mode.
- Use a FIPS 140-3 compliant random number generator for ECC key generation. Therefore, libica transparently enforces ECC key generation via OpenSSL when running in FIPS mode. Triggering internal quality and integrity checks, OpenSSL ensures a FIPS-compliant ECC key generation. CPACF and CCA cryptographic coprocessors are not considered to be FIPS 140-3 compliant for ECC key generation. See also Using ECC in FIPS mode.
- The libica self-tests are enhanced to include self-tests for ECDSA via CPACF.
- ECC processing limits the available curves to the ones supported by CPACF with MSA9: p256, p384, p521. Self-tests for ECDH using CCA cryptographic coprocessors are also added for these three curves.
- Brainpool curves, Edwards (Ed25519/448), and Montgomery (X25519/448) curves are blocked, because they are not yet FIPS 140-3 approved as of December 2022.
- Provide key checking for the ica_ecdh_derive_secret() API function as required by NIST Special Publication 800-56A, Revision 3, sections 5.6.2.3.2 and 5.6.2.3.3. As libica does not know how the application created the key material, these checks inside the ECDH derive function are necessary.
- Only support FIPS-approved RSA key lengths.
- libica version 4.1 or later requires RSA key lengths of 2048 bits and higher when running in FIPS mode.
- libica version 4.4.2 or later requires RSA key lengths of 3072 bits and higher when running in FIPS mode.
- Starting with libica version 4.4.2, the SHA-1 mechanism is disabled in FIPS 140-3 mode.
- The AES ECB, SHA-224, SHA-512/224, and SHA3-224 functions are marked as Available but non-approved in the output of the icainfo -f command in libica version 4.4.2.
- Use FIPS 140-3 compliant random number sources. The libica deterministic random bit generator (DRBG) is not FIPS 140-3 compliant and it is up to applications whether to use it or not. The DRBG API (see NIST compliant ica_drbg functions) is not blocked in FIPS mode.