OpenSSL FIPS Validation Program

Main Menu

OSSI Programs and Activities

OSSI Calendar

OSSI Quarterly Update: 3rd Qtr 2010 (09/17)
Scheduled Update Release OSCMIS (09/30)
OSSI Quarterly Update: 4ht Qtr 2010 (11/19)

News and Updates

Loading feeds...

OpenSSL FIPS Validation Program

OpenSSL FIPS Program History

FIPS Validated OpenSSL: Program History

A detailed FAQ (Frequently Asked Questions) document regarding OSSI's FIPS 140-2 validation effort for OpenSSL at FIPS Validated OpenSSL FAQ .

What is OpenSSL? -- (wikipedia) - OpenSSL is an open source general purpose cryptographic library that includes implementation of the SSL and TLS protocols. The core library (written in the C programming language) implements the basic cryptographic functions and provides various utility functions. Wrappers allowing the use of the OpenSSL library in a variety of computer languages are available. Versions are available for a vast array operating systems (including Linux, Mac OS X and various open source BSD operating systems), as well as for Microsoft Windows.

Layman's terms: -- OpenSSL (Open Secure Socket Layer) is an open source cryptographic library that is used to ensure secure connections for information shared across the Internet.

Click: "read more" below for complete article

------------------------------------------------------------------------------------------------------

NIST Computer Security Resource Center

Federal Information Processing Standard (FIPS)
Validated Module List
(List of all FIPS validated modules)

The FIPS 140-1 and FIPS 140-2 validation lists contain those cryptographic modules that have been tested and validated under the Cryptographic Module Validation Program as meeting requirements for FIPS PUB 140-1 and FIPS PUB 140-2. A validation certificate has been issued for each of the modules listed. A single validation certificate may list multiple modules. A single validation entry may list multiple versions of the validated module. The validation entry is the official validation information. The provided image of the original validation certificate is for reference only. Updates may have occurred since the printing of the original certificate and will only appear on the validation entry. This list is typically updated either the day of or day after a certificate is issued.

====================================================================================================================================

Click here for updated NIST FIPS 140-2 Pre-Validation "In-Process" List (PDF)
updated weekly by NIST

The Cryptographic Module Validation Program (CMVP) FIPS 140-1 and FIPS 140-2 Modules In Process List is provided for information purposes only. Participation on the list is voluntary and is a joint decision by the vendor and Cryptographic Module Testing (CMT) laboratory. Modules are listed alphabetically by name. Blank entries indicate modules in process but joint decision made not to post. Posting on the list does not imply guarantee of final FIPS 140-1 or FIPS 140-2 validation.The following phases describe the FIPS 140-1 and FIPS 140-2 modules in process. The status of each cryptographic module in the process is identified in the list.

=================================================================================================================================