3 <!--#include virtual="/inc/head.shtml" -->
5 <!--#include virtual="/inc/banner.shtml" -->
8 <div class="blog-index">
10 <header><h2>OpenSSL and FIPS 140-2</h2></header>
12 <div class="entry-content">
13 <p>The most recent open source based validation of a cryptographic
14 module (Module) compatible with the OpenSSL libraries is v2.0.9,
15 FIPS 140-2 certificate <a
16 href="http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140val-all.htm#1747">#1747</a>.
17 This Module is documented in the
18 <a href="fips/UserGuide-2.0.pdf">2.0 User Guide</a>. It substantially
19 updates and improves the earlier v1.2 module, FIPS 140-2
22 href="http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140val-all.htm#1051">#1051</a>,
23 which is documented in the
24 <a href="fips/UserGuide-1.2.pdf">1.2 User Guide</a>.</p>
26 <p><strong>Important Note:</strong>
27 Due to new requirements introduced in 2013 the current v2.0 Module
28 is no longer suitable as a reference for private label
29 validations; see the <a
30 href="https://www.openssl.com/fips/ig95.html">I.G. 9.5 FAQ</a>.
31 Due to earlier changes in the FIPS 140-2 validation requirements
32 the v1.2 Module is no longer be a suitable model for private label
33 validations in its current form past the year 2010; see the NIST <a
34 href="http://csrc.nist.gov/groups/STM/cmvp/notices.html">Notices</a>,
36 href="http://csrc.nist.gov/groups/ST/key_mgmt/documents/Transitioning_CryptoAlgos_070209.pdf">discussion paper</a>
38 href="http://csrc.nist.gov/publications/drafts/800-131/draft-800-131_transition-paper.pdf">Draft 800-131</a>.</p>
41 <p>The OpenSSL FIPS Object Module validations receive support
42 from multiple sources for each validation effort; however only
43 those sponsors who have elected to be recognised for their
44 contribution to OpenSSL are listed below.</p>
47 <a href="http://www.darpa.mil/Our_Work/I2O/Programs/Transformative_Apps.aspx">Defense Advanced Research Projects Agency (DARPA) Transformative Apps Program</a>,
48 original primary sponsor of the overall validation with several Android on ARMv7 platforms.
51 <a href="http://www.securenetterm.com/">Intersoft International, Inc.</a>,
52 platform sponsor (VC++ Win32/x86 asm optimisation)
55 <img src="/img/opengear-logo-med.jpg">
56 <a href="http://www.opengear.com/">Opengear, Inc.</a>, platform sponsor
57 (uCLinux ARMv4 asm optimisation)
60 <img src="/img/quintessence-logo-med.jpg">
61 <a href="http://www.quintessencelabs.com/">QuintessenceLabs Pty Ltd</a>,
62 platform sponsor (Fedora 14 x86-64 asm optimisation)
65 <img src="/img/pkware-logo-med.jpg">
66 <a href="https://www.pkware.com/">PKWARE, Inc.</a>, platform sponsor
67 (HPUX 11i on Itanium 32, 64 bit with asm optimisation)
70 <img src="/img/cerberus-logo-med.jpg">
71 <a href="https://www.cerberusftp.com/">Cerberus, LLC</a>, general sponsor
73 <img src="/img/DHS-logo-med.jpg">
74 <a href="http://www.cyber.st.dhs.gov/host.html">DHS Science and Technology Directorate-sponsored Homeland Open Security Technology (HOST) program</a>,
75 algorithm sponsor (CMAC, AES-CCM)
78 <img src="/img/innominate-logo-med.jpg">
79 <a href="https://www.innominate.com/">Innominate Security Technologies AG</a>,
80 platform sponsor (Linux on Freescale MPC8313)
83 <img src="/img/psw-logo-med.jpg">
84 <a href="http://www.psw.net/">PSW GROUP</a>,
88 <img src="/img/citrix-logo-med.jpg">
89 <a href="https://www.citrix.com/">Citrix Systems, Inc.</a>,
90 platform sponsor (multiple platforms)
94 <p>If you have an interest in sponsoring any changes or additions
95 to this validation please contact <a
96 href="https://openssl.com/fips">OpenSSL Validation Services</a>.</p>
97 <p>Some commercial software vendors ask us "what do we gain from
98 sponsoring a validation that our competition can also use?". Our
99 answer is "nothing, if you think in terms of obstructing your
100 competition". If, on the other hand, you compete primarily on the
101 merits of your products then what others may do with the validation is
102 less of a threat as they derive no more advantage from it than you
103 do. Your advantage is that your sponsorship will probably cost
104 less that the commercial software license you would otherwise have
105 to buy, and you will retain backwards compatibility with the
106 regular OpenSSL API while avoiding vendor lock-in.</p>
109 You are here: <a href="/">Home</a>
110 : <a href=".">Documentation</a>
111 : <a href="">OpenSSL and FIPS 140-2</a>
112 <br/><a href="/sitemap.txt">Sitemap</a>
116 <!--#include virtual="sidebar.shtml" -->
119 <!--#include virtual="/inc/footer.shtml" -->