U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Cryptographic Module Validation Program CMVP

Certificate #4282

Details

Module Name
OpenSSL FIPS Provider
Standard
FIPS 140-2
Status
Active
Sunset Date
9/21/2026
Overall Level
1
Caveat
No assurance of the minimum strength of generated keys.
Security Level Exceptions
  • Physical Security: N/A
  • Design Assurance: Level 3
Module Type
Software
Embodiment
Multi-Chip Stand Alone
Description
The OpenSSL FIPS Provider is a software library providing a C-language application program interface (API) for use by applications that require cryptographic functionality.
Tested Configuration(s)
  • Custom Ubuntu Linux 18.04 running on Akamai X8 system with Intel Xeon D1541 with PAA
  • Debian 10 running on Fujitsu CX400 Blade with Intel Xeon Silver 4116 with PAA
  • FreeBSD stable/13 running on NetApp HCI H700E with Intel Xeon E5-2695v4 with PAA
  • macOS 11.5.2 running on Apple i5 Mac Mini with Intel i7 with PAA
  • macOS 11.5.2 running on Apple i5 Mac Mini with Intel i7 without PAA (single-user mode)
  • macOS 11.5.2 running on Apple M1 Mac Mini with M1 with PAA
  • macOS 11.5.2 running on Apple M1 Mac Mini with M1 without PAA
  • Oracle Solaris 11.4 running on Oracle SPARC T8-1 with Oracle SPARC M8-1 with PAA
  • PhotonOS 4.0 on ESXi 7.0 running on Dell PowerEdge R740 with Intel Xeon Gold 6230R with PAA
  • Ubuntu Linux 20.04.1 Server running on Dell Inspiron 7573 with Intel i7 with PAA
  • Windows 10 running on Dell Inspiron 7591 with Intel i7 with PAA
  • Windows Server 2019 on ESXi 7.0 running on Dell PowerEdge R740 with Intel Xeon Gold 6230R with PAA
FIPS Algorithms
AES Cert. #A1938
CKG vendor affirmed
CVL Cert. #A1938
DRBG Cert. #A1938
DSA Cert. #A1938
ECDSA Cert. #A1938
HMAC Cert. #A1938
KAS-RSA-SSC Cert. #A1938
KAS-SSC Cert. #A1938
KBKDF Cert. #A1938
KDA Cert. #A1938
KMAC Cert. #A1938
KTS AES Cert. #A1938; key establishment methodology provides between 128 and 256 bits of encryption strength
KTS AES Cert. #A1938 and AES Cert. #A1938; key establishment methodology provides between 128 and 256 bits of encryption strength
KTS AES Cert. #A1938 and HMAC Cert. #A1938; key establishment methodology provides between 128 and 256 bits of encryption strength
KTS Triple-DES Cert. #A1938 and HMAC Cert. #A1938; key establishment methodology provides 112 bits of encryption strength
KTS-RSA Cert #A1938; key establishment methodology provides between 112 and 192 bits of encryption strength
PBKDF Cert. #A1938
RSA Cert. #A1938
SHA-3 Cert. #A1938
SHS Cert. #A1938
Triple-DES Cert. #A1938
Software Versions
3.0.0

Vendor

The OpenSSL Project

OpenSSL Management Committee
osf-contact@openssl.org

Validation History

Date Type Lab
8/23/2022 Initial ACUMEN SECURITY, LLC