se052f mbedtls fips140-3

ar01 · ‎08-22-2024

Hi,

I have a doubt regarding about the FIPS140-3 certification maintenance in the secure element SE052F. MbedTLS doesn't have a FIPS certification. However, the document AN12543 specifies which applet features must be set and which must be disabled in order to maintain the certification, and there is no specific mention about mbedTLS. According to AN13030, it says that enabling mbedTLS ALT allows mbedTLS stack to use the secure element cryptographic functions.

Could you confirm if the FIPS 140-3 certification is maintained when you use the MbedTLS library and enable mbedTLS ALT?

Kan_Li · ‎08-22-2024

Hi @ar01 ,

MbedTLS library is running on the host not SE, so whether you use MbedTLS or not doesn't affect the FIPS maintenance , just make sure the applet features within SE052F are configured correctly according to AN12543 , that is what we configure it for FIPS140-3 certification.

Hope that makes sense,

Have a great day,
Kan

-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!
- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------

se052f mbedtls fips140-3

se052f mbedtls fips140-3

SE050