FIPS Certification

Simon Josefsson simon at
Tue Nov 17 11:58:45 CET 2009

Simon Josefsson <simon at> writes:

> "Hoyt, David" <hoyt6 at> writes:
>> Is or will there be an effort to become FIPS certified? If so, is
>> there a schedule laid out for the process? Is there a webpage I can
>> look at to keep myself up-to-date on the certification process?
> All the crypto in GnuTLS normally happens in libgcrypt, and I recall
> seeing libgcrypt mentioned on the list of projects underway of becoming
> FIPS-certified some time ago.

Looking again, I see that AES/3DES/SHA1/SHA2/RSA/DSA/RNG in libgcrypt
have been FIPS certified.  Follow links from:

Still, older TLS does not use standard RSA PKCS#1 so you have to make
sure GnuTLS is really using the right crypto bits from libgcrypt.


More information about the Gnutls-help mailing list