3 <!--#include virtual="/inc/head.shtml" -->
5 <!--#include virtual="/inc/banner.shtml" -->
8 <div class="blog-index">
10 <header><h2>FIPS-140</h2></header>
11 <div class="entry-content">
13 <p>The most recent open source based validation of a cryptographic
14 module (Module) compatible with the OpenSSL 1.0.2
15 is v2.0.16, FIPS 140-2 certificate <a
16 href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/Certificate/1747">#1747</a>.
17 This Module is documented in the
18 <a href="fips/UserGuide-2.0.pdf">2.0 User Guide</a>;
19 the <a href="/source/openssl-fips-2.0.16.tar.gz">source code</a>,
20 and <a href="fips/SecurityPolicy-2.0.16.pdf">Security Policy</a>
24 For various bureaucratic reasons, the same module is also
25 available as validation <a
26 href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/Certificate/2398">#2398</a>
31 Here is the complete set of files. Note that if you are interested
32 in the "1747" validation, you only need the three files mentioned
38 <td>Date </td>
41 <!--#include virtual="fips.inc" -->
45 <h3><a name="background">Background</a></h3>
47 <p>Please please read the <a
48 href="fips/UserGuide.pdf">User Guide</a>.</p>
52 <li>OpenSSL itself is not validated. Instead a special
53 carefully defined software component called the OpenSSL FIPS
54 Object Module has been created. This Module was designed for
55 compatibility with OpenSSL so that products using the OpenSSL
56 API can be converted to use validated cryptography with minimal
59 <li>The OpenSSL FIPS Object Module validation is "delivered" in
60 source code form, meaning that if you can use it exactly as is
61 and can build it (according to the very specific documented
62 instructions) for your platform, then you can use it as
63 validated cryptography on a "vendor affirmed" basis.</li>
65 <li>If even a single line of the source code or build process
67 for your intended application, you cannot use the open
68 source based validated module directly. You must obtain your
71 <li>None of the validations will work with OpenSSL 1.1.0 or
74 <li>We are starting work on a new validation based on the
75 upcoming 1.1.1 release.</li>
81 You are here: <a href="/">Home</a>
82 : <a href=".">Docs</a>
83 : <a href="">FIPS-140</a>
84 <br/><a href="/sitemap.txt">Sitemap</a>
88 <!--#include virtual="sidebar.shtml" -->
91 <!--#include virtual="/inc/footer.shtml" -->