Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Cryptographic Module Validation Program CMVP

Certificate #1051

Details

Module Name
OpenSSL FIPS Object Module
Standard
FIPS 140-2
Status
Historical
 Historical Reason
RNG SP800-131A Revision 1 Transition
Overall Level
1
Caveat
When built, installed, protected and initialized as assumed by the Crypto Officer role and as specified in the provided Security Policy. Appendix B of the provided Security Policy specifies the actual distribution tar file containing the source code of this module. There shall be no additions, deletions or alterations to the tar file contents as used during module build. The distribution tar file, shall be verified as specified in Appendix B of the provided Security Policy. Installation and protection shall be completed as specified in Appendix A of the provided Security Policy. Initialization shall be invoked as per Section 2.3 of the provided Security Policy. Any deviation from specified verification, protection, installation and initialization procedures will result in a FIPS 140-2 non-compliant module.
Module Type
Software
Embodiment
Multi-chip standalone
Description
The OpenSSL FIPS Object Module is a cryptographic library that can be downloaded from www.openssl.org/source/
Tested Configuration(s)
  • µClinux Kernel Version 2.4.32 (gcc Compiler Version 3.4.4)
  • Android 2.2 (gcc Compiler Version 4.4.0)
  • Apple iOS 5.0 (gcc Compiler Version 4.2.1)
  • Apple OS X 11 32 bit (gcc Compiler Version 4.2.1)
  • Apple OS X 11 64 bit (gcc Compiler Version 4.2.1) (single-user mode)
  • OpenSuSE Linux 32-bit Version 10.2 (gcc Compiler Version 4.1.2 20061115 prerelease)
  • OpenSuSE Linux 64-bit Version 10.2 (gcc Compiler Version 4.1.2 20061115 prerelease)
  • VxWorks 6.7 (gcc Compiler Version 4.1.2)
  • Wind River 1.4 (gcc Compiler Version 3.4.4)
  • Wind River 4.0 (gcc Compiler Version 4.4.1)
  • Windows XP Pro SP2 32 bit (Microsoft Visual C++ version 8)
  • Windows XP Pro SP2 64 bit (Microsoft Visual C++ version 8)
Approved Algorithms
AES Certs. #695, #1534, #1630, #1933 and #2011
DSA Certs. #264, #475, #512, #616 and #637
HMAC Certs. #373, #892, #957, #1167 and #1216
RNG Certs. #407, #826, #873, #1018 and #1053
RSA Certs. #323, #745, #804, #999 and #1040
SHS Certs. #723, #1362, #1435, #1698 and #1761
Triple-DES Certs. #627, #1011, #1066, #1259 and #1297
Other Algorithms
Diffie-Hellman; RSA (key wrapping; key establishment methodology provides between 112 and 256 bits of encryption strength; non-compliant less than 112 bits of encryption strength)
Software Versions
1.2, 1.2.1, 1.2.2, 1.2.3 or 1.2.4

Vendor

Open Source Software Institute
3610 Pearl Street
Hattiesburg, MS 39401
USA

John Weathersby
OpenSSL@oss-institute.org
Phone: 601-427-0152
Fax: 601-427-0156

Validation History

Date Type Lab
11/17/2008 Initial DOMUS
11/20/2009 Update
12/8/2010 Update UL VERIFICATION SERVICES INC
5/12/2011 Update UL VERIFICATION SERVICES INC
3/7/2012 Update UL VERIFICATION SERVICES INC
3/14/2012 Update UL VERIFICATION SERVICES INC
5/29/2012 Update SAIC-VA
6/21/2012 Update UL VERIFICATION SERVICES INC