Thanks Brian.
While I am aware of OpenSSL FIPS , my company insists we use RSA
libraries ( Dont ask me for reasons :-) )
I need to know what does it take to replace openssl with RSA in
libcurl, and whether anyone has any experience in this regard.

On Wed, Mar 12, 2008 at 10:00 AM, Brian Dessent <brian_at_dessent.net> wrote:
>
> Sudeep Das wrote:
>
> > I am a developer for a product which uses libcurl very extensively,
> > and we have been using it since the last so many years.Now, we have a
> > requirement to support TLS , with the cryto backend being RSA
> > implementations ( FIPS etc )
> > Can someone please confirm whether this is possible with libcurl ? If
> > not, what does it take to get there ? How much effort would that be ?
>
> openssl has a FIPS certified module:
>
> <http://www.openssl.org/source/openssl-fips-1.1.2.tar.gz>
> <http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140sp/140sp733.pdf>
> <http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140crt/140crt733.pdf>
>
> Other people have reported success building libcurl against that version
> of openssl and tweaking it to enable the FIPS module from libcurl:
>
> <http://thread.gmane.org/gmane.comp.web.curl.library/14471/focus=14473>
>
> Brian
>
Received on 2008-03-12