We're looking at using OPENWRT on a wireless router for a project which needs to integrate with our application, but it needs to be FIPS 140-2 Compliant. Do we just need to implement OpenSSL or are there specific devices anyone would suggest?
That leave’s a very broad and free interpretation of “how much” compliant?
So per definition OpenSSL is enough, or anything with a FIPS 140-2 whatever in the documentation.
Are we talking about any sort of crypto guarantees according or certified to FIPS 140-2, then we are in a completely other ballgame.
This maybe? It has coreboot. You can get no name brands like these, but these are the only ones i know of that have support and you can get coreboot directly from them matched to these routers.
I have heard you can take protectli's software and possibly flash them on the ones you get from aliexpress, but thats quite a gamble and not guaranteed to work.
Anyway, they run openwrt great, and it has Intel ME disabled, which is good, imo.
No chance with openwrt - as the code changes too often (as it should) and you loose compliance with any change.
If you want compliance go to traditional vendors like cisco and fortinet
2 Likes