Module Name
OpenSSL FIPS Object Module
Historical Reason
186-2 transition
Caveat
When built, installed, protected and initialized as assumed by the Crypto Officer role and as specified in the provided Security Policy. Appendix A of the provided Security Policy specifies the actual distribution tar file containing the source code of this module. There shall be no additions, deletions or alterations to the tar file contents as used during module build. The distribution tar file shall be verified as specified in Appendix A of the provided Security Policy. Installation and protection shall be completed as specified in Appendix A of the provided Security Policy. Initialization shall be invoked as per Section 4 of the provided Security Policy. Any deviation from specified verification, protection, installation and initialization procedures will result in a non FIPS 140-2 compliant module.
Security Level Exceptions
- Roles, Services, and Authentication: Level 2
- Design Assurance: Level 3
Embodiment
Multi-chip standalone
Description
The OpenSSL FIPS Object Module 2.0 is a general purpose cryptographic module delivered as open source code. It is designed for ease of use with the popular OpenSSL cryptographic library and toolkit and is available for use without charge for a wide variety of platforms. The basic validation can also be extended quickly and affordably to accommodate new platforms and many types of modifications.
Approved Algorithms
AES |
Certs. #1884, #2116, #2234, #2342, #2394, #2484, #2824, #2929, #3090 and #3264 |
CVL |
Certs. #10, #12, #24, #36, #49, #53, #71, #85, #260, #331, #372 and #472 |
DRBG |
Certs. #157, #229, #264, #292, #316, #342, #485, #540, #607 and #723 |
DSA |
Certs. #589, #661, #693, #734, #748, #764, #853, #870, #896 and #933 |
ECDSA |
Certs. #264, #270, #315, #347, #378, #383, #394, #413, #496, #528, #558 and #620 |
HMAC |
Certs. #1126, #1288, #1363, #1451, #1485, #1526, #1768, #1856, #1937 and #2063 |
RSA |
Certs. #960, #1086, #1145, #1205, #1237, #1273, #1477, #1535, #1581 and #1664 |
SHS |
Certs. #1655, #1840, #1923, #2019, #2056, #2102, #2368, #2465, #2553 and #2702 |
Triple-DES |
Certs. #1223, #1346, #1398, #1465, #1492, #1522, #1695, #1742, #1780 and #1853 |
Other Algorithms
EC Diffie-Hellman; RSA (encrypt/decrypt); RNG
Software Versions
2.0, 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, 2.0.6, 2.0.7, 2.0.8, 2.0.9 or 2.0.10