Here at wolfSSL, we’ve got a new product that should interest you! We love it when we can help make potentially painful decisions easier for our customers.
Have you switched over to the 3.x series of releases on OpenSSL? It was likely a very large investment in time and human resources, but you needed to because the 1.1.1 series of releases recently went EOL (End of Life) in early September. Congratulations if you successfully completed your migration.
If after that migration you suddenly have a new FIPS 140-3 requirement, you’re probably wondering what a FIPS canister is going to look like for the the 3.x series of releases of OpenSSL. You’re likely aware that they are no longer supporting the “engine” interface and have moved to the “provider” model. There is a fips-provider, but if you look at the documentation you’ll note that it only provides FIPS 140-2. What about FIPS 140-3? Unfortunately, there is no support for it. When will OpenSSL’s certification for FIPS-140-3 be ready? No one knows; not even the OpenSSL Team.
What about wolfSSL? Our wolfCrypt FIPS product is right on the cusp of being granted FIPS 140-3 certification. How does that help you? Well, we have a wolfProvider product that provides the glue between OpenSSL 3.x series of releases and wolfCrypt FIPS. To use wolfProvider and wolfCrypt FIPS you don’t even need to recompile OpenSSL nor your applications. Just specify where wolfProvider is located via configuration file, install the wolfssl library to the default system location and you’re good to go!
Go ahead and take it for a spin! You can find wolfCrypt FIPS as part of the wolfssl fips-ready release which you can download and wolfProvider in its github repo all under GPL licensing terms until you want to use it for commercial purposes.
If you have questions about any of the above, please contact us at facts@wolfSSL.com or call us at +1 425 245 8247
Download wolfSSL Now