{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 ▲ chillily 的问题《Make a Android application use FIPS 140-2 valiated》','https://www.manongdao.com/q-657432.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
I have client who wants our application to use FIPS 140-2 validated cryptography. The app uses Okhttp and does some HTTPS requests. AFAIK Android uses OpenSSL C library and uses java wrapper javax/net/ssl.
Questions:
How to make android Application FIPS 140 -2 Complaint?
Is it not android at stack(OS) level should use FIPS Compliant OpenSSL, hence all app are default FIPS 140 -2 Compliant?
Or our app should use FIPS 140-2 validated cryptography and make java javax/net/ssl to use it? Feasible?
Is there a FIPS 140-2 JCE library which can be pluggable to OKhttp?
Thanks
Modified OKHTTP and OKIO code to use the WolfSSL java wrappers and made it work.
Now any https requests made will go to WolfSSL layer instead of stock android BoringSSL/OpenSSL.