Before you begin
Before beginning to incorporate NanoSSH Client into an application, get familiarized with some related documents and concepts, as well as the recommended general integration approach.
FIPS and Suite B support
The Federal Information Processing Standard (FIPS) Publication 140-2 is a U.S. government computer security standard used to accredit cryptographic modules. FIPS 140-2 validation is a requirement when selling products containing embedded cryptography to the U.S. government, and the standard has been increasingly adopted as a baseline requirement by regulated industries such as finance, manufacturing, and healthcare.
The National Institute of Standards and Technology (NIST) established the Cryptographic Module Validation Program (CMVP) that validates cryptographic modules to FIPS 140-2 (see http://csrc.nist.gov/groups/STM/cmvp). For information about the FIPS 140-2-validated TrustCore SDK NanoCrypto FIPS binary, refer to the NIST website at http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/1401vend.htm.
To claim FIPS 140-2 validation for your product, a licensed TrustCore SDK NanoCrypto FIPS binary must be purchased and used with the product. Alternatively, you can conduct your own FIPS 140-2 validation.
Suite B cryptography is a set of cryptographic algorithms and protocols specified by NIST that are approved by the NSA for protecting classified and unclassified National Security Systems (NSS). TrustCore SDK API functions that are related to NSA Suite B cryptography are available only if NanoCrypto Advanced has been purchased. By default, only NanoCrypto Basic is included.
If your TrustCore SDK product is used with the TrustCore SDK FIPS binaries, then the Suite B algorithms are already included.
General approach
Regardless of which product is being built or whether a system is being integrated with a TrustCore SDK licensed binary (such as FIPS), we recommend taking a staged approach to the integration:
Build the example code.
Customize the example code or use it as a model for the application’s integration.