Certificate 733 - OpenSSL FIPS Object Module
intCertNum 733
strVendorName Open Source Software Institute
strURL http://www.oss-institute.org
strAddress1 Administrative Office
strAddress2 P.O. Box 547
strAddress3
strCity Oxford
strStateProv MS
strPostalCode 38655
strCountry 38655
strContact John Weathersby
strEmail OpenSSL@oss-institute.org
strPhone 601-427-0152
strFax 601-427-0156
strContact2
strEmail2
strFax2
strPhone2
intCertNum 733
strModuleName OpenSSL FIPS Object Module
strPartNumber Source Content Version: opensslfips1.1.1.tar.gz;
Resultant Compiled Software Version: 1.1.1
memModuleNotes When built, installed, protected and initialized as assumed by the Crypto Officer role and specified in the provided Security Policy. Appendix B of the provided Security Policy specifies the complete set of source files of this module. There shall be no additions, deletions or alterations of this set as used during module build. All source files, including the specified OpenSSL distribution tar file, shall be verified as specified in Appendix B of the provided Security Policy. Installation, protection, and initialization shall be completed as specified in Appendix C of the provided Security Policy. Any deviation from specified verification, protection, installation and initialization procedures will result in a FIPS 140-2 non-compliant module.
str140Version 140-2
_sp_ Security Policy   [pdf][html][txt]
_cert_ Certificate   [pdf][txt]
strPURL http://www.openssl.org/source/
strModuleType Software
strValidationDate 02/06/2007;11/30/2007
intOverallLevel 1
memIndividualLevelNotes -Operational Environment: Tested as meeting Level 1 with SuSE Linux Version 9.0 (gcc Compiler Version 3.3.1), and HPUX Version 11i (gcc Compiler Version 3.4.2) (in single user mode)
strFIPSAlgorithms Triple-DES (Cert. #451);
AES (Cert. #420);
SHS (Cert. #490);
HMAC (Cert. #194);
RSA (Cert. #177);
DSA (SigVer, Cert. #175);
strOtherAlgorithms DES;
Diffie-Hellman (key agreement: key establishment methodology provides between 112 and 256 bits of encryption strength;
non-compliant less than 112 bits of encryption strength);
RSA (key wrapping;
key establishment methodology provides between 112 and 150 bits of encryption strength;
non-compliant less than 112 bits of encryption strength);
RNG (Cert. #216;
non-compliant. This RNG shall not be used for any services requiring the use of random bits);
DSA (SigGen and KeyGen, Cert. #175;
non-compliant);
strConfiguration Multi-chip standalone
memModuleDescription The OpenSSL FIPS Object Module is a cryptographic library that can be
downloaded from http://www.openssl.org/source/
intModuleCount 1
memAdditionalNotes 11/30/07: RNG (Cert. #216) changed to non-compliant. This RNG shall not be used for any services requiring the use of random bits. DSA SigGen and KeyGen (Cert. #175) changed to non-compliant as it is bound to the non-compliant RNG (Cert. #216)
05/22/12: Modified certificate caveat
strFirstValidtionDate 02/06/07 00:00:00
strLabName DOMUS
strValidationYear 2007