cosign-fips

Fips

Stig

Utils

docker pull reg.mini.dev/cosign-fips

Fips

Stig

Utils

Updated on June 14

docker pull reg.mini.dev/cosign-fips

Compliance

Understand the compliance standards and security best practices supported by this image.

90% CIS Docker compliance 80% NIST compliance FIPS 140-3 validated 100% STIG compliance

FIPS

FIPS 140-3 validated

OpenSSLJava

Certification

Certificate #5142- FIPS 140-3 validated provider for Java
Requires an external entropy source

Verification

To test the module, save the following code as the file TestFIPS.java

import java.security.Provider;
import java.security.Security;

public class TestFIPS {
    public static void main(String[] args) {
        System.out.println("=== FIPS Compliance Test ===");
...
}

Compile and run the test:

docker run --rm -v $(pwd):/home/build reg.mini.dev/cosign-fips sh -c \
  "javac TestFIPS.java && java TestFIPS"

The module validations will print to the terminal for review. For example:

Test Results

=== FIPS Compliance Test ===
[OK] SafeLogic CryptoComply provider found at position 1
[OK] Bouncy Castle JSSE provider found at position 2
[OK] SafeLogic CryptoComply provider is at correct position (1)
[OK] Bouncy Castle JSSE provider is at correct position (2)
[OK] AES algorithm available
[OK] SHA-256 algorithm available
[OK] RSA algorithm available
[OK] MD5 correctly blocked by FIPS compliance: ...
=== FIPS Compliance Test PASSED ===

Certification

Verification

This page is available on desktop