Enable/Disable Common Crypto FIPS support

Privacy & Security General
Eren.Shi OP
Created Sep ’19
Replies 1
Boosts 0
Views 1.5k
Participants 2

Hi guys,


I am researching how iOS App support FIPS.


According to Apple's document https://developer.apple.com/security/,


"Both Security Framework and Common Crypto rely on the corecrypto library to provide implementations of low level cryptographic primitives. This is also the library submitted for validation of compliance with U.S. Federal Information Processing Standards (FIPS) 140-2 Level 1."


So I think when I'm using '#import <CommonCrypto/CommonHMAC.h>', it will support FIPS by default, that's greate.


My question is , is there one way to disable FIPS support to CommonCrypto library? Because some of the clients, don't like crypto library support FIPS.

Replies  1
Boosts  0
Views  1.5k
Participants  2
DTS Engineer OP
Apple
Sep ’19

is there one way to disable FIPS support to CommonCrypto library?

I can confirm that there’s no way to do this via the API. That is, there’s FIPS/non-FIPS mode that you can tweak programmatically.

Because some of the clients, don't like crypto library support FIPS.

Huh? What are they hoping to accomplish by this? HMAC is going to produce the same results for the some input regardless of the code’s certification.

Share and Enjoy

Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware 

let myEmail = "eskimo" + "1" + "@apple.com"
0
Enable/Disable Common Crypto FIPS support
First post date Last post date
 
 
Q