FIPS compliance for Chrome Browser for Android for WebRTC

386 views
Skip to first unread message

Bibhudatta Biswal

unread,
May 5, 2015, 5:36:09 PM5/5/15
to discuss...@googlegroups.com
We are trying to develop the browser based WebRTC application which requires the cryptographic module to be FIPS 140-2 compliant. I couldn't find out the info to see if the Chrome browser is FIPS compliant so that we can enable the configuration for our WebRTC use.

Can anybody confirm this? Also if the browser is not FIPS 140-2 compliant, then can anybody confirm the native WebRTC plug-in modules for Android/IOS is FIPS complaint?

Thanks,
Bibhu

Randell Jesup

unread,
May 5, 2015, 8:04:15 PM5/5/15
to discuss...@googlegroups.com
In firefox (and I understand Chrome), the encryption is based on
libsrtp, which includes some FIPS tests in the source. Note however
those test it in isolation, so that's not exactly the same thing as
in-the-browser, and that doesn't cover key exchange/derivation via
DTLS-SRTP, etc.

In firefox, see netwerk/srtp/src/*

--
Randell Jesup -- rjesup a t mozilla d o t com
Please please please don't email randel...@jesup.org! Way too much spam

Chris Woodlief

unread,
Dec 19, 2016, 10:48:51 PM12/19/16
to discuss-webrtc
Looking to find this out as well 
Reply all
Reply to author
Forward
0 new messages