Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The FIPS administrative and cryptographic modules must be installed correctly.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-51355 | OSX8-00-00725 | SV-65565r1_rule | High |
| Description |
|---|
| Cryptography is only as strong as the encryption modules/algorithms that are employed to encrypt the data. Use of weak or untested encryption algorithms undermines the purposes of utilizing encryption to protect data. |
| STIG | Date |
|---|---|
| Apple OS X 10.8 (Mountain Lion) Workstation STIG | 2015-02-10 |
Details
| Check Text ( C-53699r1_chk ) |
|---|
| Run the following command to ensure the correct FIPS administrative and cryptographic modules are installed correctly: sudo codesign -dvvv /usr/libexec/cc_fips_test 2>&1 | grep CDHash | sed 's/CDHash=//' The result should be "bdef561bd742ae2e28589ca3ed44f188530d6910". If it differs, this is a finding. |
| Fix Text (F-56157r1_fix) |
|---|
| Download and install the Apple FIPS Cryptographic Module v3.0 from http://support.apple.com/kb/DL1555 |