Intel® Software Guard Extensions (Intel® SGX)
Discussion board focused on hardware-based isolation and memory encryption to provide extended code protection in solutions.

Intel SGX with OpenSSL FIPS mode

Anandakumar
New Contributor II
1,102 Views

Hello All,

 

We have been testing our Intel SGX implementation with the SGXSSL encryption library. We can build and run the OpenSSL in FIPS mode, which is validated and tested under FIPS compliance regulations.

 

Is there any way to build the SGXSSL with FIPS mode OpenSSL? 

Please share your experience and thoughts about this.

 

Thanks,

Anand

 

 

0 Kudos
1 Solution
Sahira_Intel
Moderator
1,029 Views

Hi Anand,

Sorry for the late reply. The latest SGXSSL is based on OpenSSL 1.1.1, which doesn't support FIPS mode. So that functionality is not supported.

OpenSSL however does support FIPS mode.


Sincerely,

Sahira



View solution in original post

0 Kudos
2 Replies
Sahira_Intel
Moderator
1,069 Views

Hey Anand,

I am checking with the SGX SSL team on this and will get back to you.


Sincerely,

Sahira


0 Kudos
Sahira_Intel
Moderator
1,030 Views

Hi Anand,

Sorry for the late reply. The latest SGXSSL is based on OpenSSL 1.1.1, which doesn't support FIPS mode. So that functionality is not supported.

OpenSSL however does support FIPS mode.


Sincerely,

Sahira



0 Kudos
Reply