3 <!--#include virtual="/inc/head.shtml" -->
5 <!--#include virtual="/inc/banner.shtml" -->
8 <div class="blog-index">
10 <header><h2>FIPS-140</h2></header>
11 <div class="entry-content">
13 <p>For a basic introduction,
14 <a href="#background">see below</a>. Thanks to multiple platform
15 sponsorships, the 2.0 validations include the largest number of
16 formally tested platforms for any validated module.</p>
18 <p>The most recent open source based validation of a cryptographic
19 module (Module) compatible with the OpenSSL 1.0.1 and 1.0.2
20 libraries is v2.0.16, FIPS 140-2 certificate <a
21 href="http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140val-all.htm#1747">#1747</a>.
22 This Module is documented in the
23 <a href="fips/UserGuide-2.0.pdf">2.0 User Guide</a>;
24 the <a href="/source/openssl-fips-2.0.16.tar.gz">source code</a>,
25 and <a href="fips/SecurityPolicy-2.0.16.pdf">Security Policy</a>
29 For convoluted bureaucratic reasons, the same module is also
30 available under the validations <a
31 href="http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140val-all.htm#2398">#2398</a>
32 (revision 2.0.16) and <a
33 href="http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140val-all.htm#2473">#2473</a>
38 Here is the complete set of files. Note that if you are interested
39 in the "1747" validation, you only need the three files mentioned
45 <td>Date </td>
48 <!--#include virtual="fips.inc" -->
52 <h3><a name="background">Background</a></h3>
54 <p>Please please read the <a
55 href="fips/UserGuide.pdf">User Guide</a>.</p>
59 <li>OpenSSL itself is not validated. Instead a special
60 carefully defined software component called the OpenSSL FIPS
61 Object Module has been created. This Module was designed for
62 compatibility with OpenSSL so that products using the OpenSSL
63 API can be converted to use validated cryptography with minimal
66 <li>The OpenSSL FIPS Object Module validation is "delivered" in
67 source code form, meaning that if you can use it exactly as is
68 and can build it (according to the very specific documented
69 instructions) for your platform, then you can use it as
70 validated cryptography on a "vendor affirmed" basis.</li>
72 <li>If even the tiniest source code or build process changes are
73 required for your intended application, you cannot use the open
74 source based validated module directly. You must obtain your
77 <li>None of the validations will work with OpenSSL 1.1.0 or
84 You are here: <a href="/">Home</a>
85 : <a href=".">Docs</a>
86 : <a href="">FIPS-140</a>
87 <br/><a href="/sitemap.txt">Sitemap</a>
91 <!--#include virtual="sidebar.shtml" -->
94 <!--#include virtual="/inc/footer.shtml" -->