Module Name
OpenSSL FIPS Object Module
Historical Reason
RNG SP800-131A Revision 1 Transition
Caveat
When built, installed, protected and initialized as assumed by the Crypto Officer role and as specified in the provided Security Policy. Appendix B of the provided Security Policy specifies the actual distribution tar file containing the source code of this module. There shall be no additions, deletions or alterations to the tar file contents as used during module build. The distribution tar file, shall be verified as specified in Appendix B of the provided Security Policy. Installation and protection shall be completed as specified in Appendix A of the provided Security Policy. Initialization shall be invoked as per Section 2.3 of the provided Security Policy. Any deviation from specified verification, protection, installation and initialization procedures will result in a FIPS 140-2 non-compliant module.
Embodiment
Multi-chip standalone
Description
The OpenSSL FIPS Object Module is a cryptographic library that can be downloaded from www.openssl.org/source/
Tested Configuration(s)
- µClinux Kernel Version 2.4.32 (gcc Compiler Version 3.4.4)
- Android 2.2 (gcc Compiler Version 4.4.0)
- Apple iOS 5.0 (gcc Compiler Version 4.2.1)
- Apple OS X 11 32 bit (gcc Compiler Version 4.2.1)
- Apple OS X 11 64 bit (gcc Compiler Version 4.2.1) (single-user mode)
- OpenSuSE Linux 32-bit Version 10.2 (gcc Compiler Version 4.1.2 20061115 prerelease)
- OpenSuSE Linux 64-bit Version 10.2 (gcc Compiler Version 4.1.2 20061115 prerelease)
- VxWorks 6.7 (gcc Compiler Version 4.1.2)
- Wind River 1.4 (gcc Compiler Version 3.4.4)
- Wind River 4.0 (gcc Compiler Version 4.4.1)
- Windows XP Pro SP2 32 bit (Microsoft Visual C++ version 8)
- Windows XP Pro SP2 64 bit (Microsoft Visual C++ version 8)
Approved Algorithms
AES |
Certs. #695, #1534, #1630, #1933 and #2011 |
DSA |
Certs. #264, #475, #512, #616 and #637 |
HMAC |
Certs. #373, #892, #957, #1167 and #1216 |
RNG |
Certs. #407, #826, #873, #1018 and #1053 |
RSA |
Certs. #323, #745, #804, #999 and #1040 |
SHS |
Certs. #723, #1362, #1435, #1698 and #1761 |
Triple-DES |
Certs. #627, #1011, #1066, #1259 and #1297 |
Other Algorithms
Diffie-Hellman; RSA (key wrapping; key establishment methodology provides between 112 and 256 bits of encryption strength; non-compliant less than 112 bits of encryption strength)
Software Versions
1.2, 1.2.1, 1.2.2, 1.2.3 or 1.2.4