Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/sgnn7/openssl-fips

OpenSSL FIPS-compliant 140-2 cryptographic module canister for Docker container targets.
https://github.com/sgnn7/openssl-fips

containers cryptography docker docker-container encryption fips fips-140-2 fips-build fips140-2 openssl openssl-tools security trusted-execution-environment

Last synced: 7 days ago
JSON representation

OpenSSL FIPS-compliant 140-2 cryptographic module canister for Docker container targets.

Awesome Lists containing this project

README 

        
# openssl-fips



OpenSSL FIPS 140-2 cryptographic module canister for Docker containers



**Work in progress**



## Description



You can use the content of this repo to build a FIPS-compliant OpenSSL

version with containerized (aka reproducible) results. HAProxy is also

provided as an example of a derivative container that can then be built

with this as a FIPS-compliant application.



## Pre-requisites



- `jq`

- `docker`



## Usage



```sh-session

$ # Build FIPS OpenSSL container with FIPS canister

$ ./build.sh



$ # Build FIPS-compliant HAProxy

$ ./build.sh haproxy



$ # Build just the FIPS canister

$ ./build_fips_canister.sh

```



## Current Progress



- [Linux] OpenSSL FIPS Canister container buildable

- [Linux] FIPS OpenSSL container buildable

- [Linux] FIPS HAProxy container buildable with FIPS-enforcement patch



## TODO



- [Linux] Additional FIPS checks on HAProxy functionality

- [Windows] Pretty much everything



## Authors



- [Srdjan Grubor](https://github.com/sgnn7)