Module Name
KeyPair FIPS Object Module for OpenSSL
Validation Dates
8/1/2019
Caveat
When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy. This validation entry is a non-security relevant modification to Cert. #3335.
Security Level Exceptions
- Roles, Services, and Authentication: Level 2
- Physical Security: N/A
- Design Assurance: Level 3
- Mitigation of Other Attacks: N/A
Embodiment
Multi-Chip Stand Alone
Description
The KeyPair FIPS Object Module for OpenSSL is a software library replacement for applications that use OpenSSL 1.0.2 and require FIPS 140-2 validated cryptography (including FIPS 186-4 RSA KeyGen). Please contact KeyPair Consulting to include your desired operating system as a Tested Configuration on a FIPS 140-2 certificate branded in your company's name.
Tested Configuration(s)
- Ubuntu 18.04 LTS running on HPE ProLiant DL60 Gen9 with Intel Xeon E5-2609 without PAA
- Ubuntu 18.04 LTS running on HPE ProLiant DL60 Gen9 with Intel Xeon E5-2609 with PAA (single user mode)
FIPS Algorithms
|
|
| ECDSA (Cert. #C904 |
|
| HMAC (Cert. #C904 |
|
| AES |
Cert. #C904 |
| CKG |
vendor affirmed |
| CVL |
Cert. #C904 |
| DRBG |
Cert. #C904 |
| DSA |
Cert. #C904 |
| RSA |
Cert. #C904 |
| SHS |
Cert. #C904 |
| Triple-DES |
Cert. #C904 |
Allowed Algorithms
Diffie-Hellman (key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength); EC Diffie-Hellman (CVL Cert. #C904, key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength); NDRNG; RSA (key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength)