WOLFCRYPT FIPS 140-2 and FIPS 140-3

What are FIPS 140-2 and FIPS 140-3?

Federal Information Processing Standards (FIPS) 140-2 is a mandatory standard for the protection of sensitive or valuable data within Federal systems.

FIPS 140-3 is an incremental advancement of FIPS 140-2, which now standardizes on the ISO 19790:2012 and ISO 24759:2017 specifications. Historically, ISO 19790 was based on FIPS 140-2, but has continued to advance since that time. FIPS 140-3 will now point back to ISO 19790 for security requirements. Keeping FIPS 140-3 as a separate standard will still allow NIST to mandate additional requirements on top of what the ISO standard contains when needed.

Among the changes for FIPS 140-3 are conditional algorithm self-tests, where the algorithm self-tests are only performed if used. The pre-operational self-test is now faster, as all the algorithms are not tested until needed. This helps with startup times as the public key self-testing can be time consuming. The self tests can be run at appropriate times for your application startup. Also, there is additional testing of the DRBG entropy sources.

wolfSSL is working hard with our lab to make wolfCrypt be the first cryptography library to have FIPS 140-3 validation. We are very excited about the changes that are a part of FIPS 140-3. Read our blog about wolfCrypt FIPS 140-3 here!

wolfCrypt has been listed on the CMVP Modules in Process List for FIPS 140-3! We are currently working with our testing lab to get validated as quickly as possible with the new FIPS standard from the NIST. wolfSSL was the first software library on the FIPS 140-3 IUT list for embedded development.

Why is FIPS 140 Important?

FIPS Validated 140-2

Federal agencies purchasing cryptographic-based security systems must confirm an associated FIPS 140-2 certificate exists.

This procurement “check-box” item is a deal breaker. Vendor claims of “designed for FIPS” or “FIPS ready” are not sufficient to pass this hurdle.

No FIPS certificate = No sale

Many private and commercial organizations perceive an advantage in selecting a product with a FIPS 140-2 certificate over a solution that has not undergone the rigorous approval process.

What is the status of the wolfSSL FIPS and CAVP validation efforts?

wolfSSL is currently the leader in embedded FIPS certificates. We currently maintain two FIPS 140-2 certificates for the wolfCrypt Cryptographic Module: #2425 and #3389. Certificate #3389 includes algorithm support required for TLS 1.3 and can be used in conjunction with the wolfSSL embedded SSL/TLS library for full TLS 1.3 client and server support. wolfSSL intends to continue to serve our customers by taking wolfCrypt through the FIPS 140-3 validation process, as mentioned above.

wolfSSL also supports the new ACVP (Automated Cryptographic Validation Protocol), which is the successor to the two decade old CAVP system from NIST.  ACVP is intended to alleviate the manual steps of the older CAVP process, creating a more efficient and effective method for cryptographic algorithm testing and validation.  Learn more about ACVP in our blog posts here and here.

For additional information contact fips@wolfssl.com.  Read our blog post update here, and our update on the most recent certificate here!

wolfCrypt FIPS 140-2 Level 1 Certificate #2425
wolfCrypt v4 FIPS 140-2 Level 1 Certificate #3389

For a full list of currently validated Operating Environments, please see the section below.

I am a Techie. What is so great about the wolfCrypt FIPS module?

wolfCrypt is a cryptographic software API library. Your application may rely on wolfCrypt to provide all of the cryptographic processing. Instead of performing your own FIPS validation, you may claim that you are using an embedded FIPS cryptographic module. This will make your Federal customers happy.

wolfCrypt is compliant with FIPS 140-2 Implementation Guidance 9.10. We implemented a default entry point to run self-tests automatically. The FIPS OpenSSL module does not provide a default entry point.

wolfCrypt FIPS Boundary Design

wolfSSL has defined the wolfCrypt FIPS boundary specifically around a subset of the wolfCrypt algorithms such that it is easy and painless to update to new wolfSSL releases while maintaining an existing wolfCrypt FIPS validation. Most bugs and vulnerabilities happen in the SSL/TLS layer code - outside the cryptographic module code itself. With the FIPS boundary drawn around only the wolfCrypt cryptography algorithms, this allows users to update to newer versions of the wolfSSL SSL/TLS code and keep the same validated wolfCrypt FIPS code underneath. With a current wolfSSL support package in place, our FIPS customers receive new wolfSSL SSL/TLS release bundles packaged with their existing validated version of wolfCrypt, making it easy to stay secure and up to date!

Can I get a FIPS certificate in my company’s name?

Yes. You have the option of rebranding the wolfCrypt module and NIST will issue a FIPS 140-2 certificate in your company’s name. Your Sales Teams will thank you.

How can wolfSSL help me?

At wolfSSL, our security experts have the FIPS expertise you need. We will form a FIPS strategy that is best for you, optionally including on-site FIPS consulting! Before you search for a FIPS Consultant or begin calling several of the 22 FIPS Laboratories, contact us.  We can save you time, money, and effort.

wolfSSL FIPS Ready

wolfSSL also provides support for a wolfCrypt FIPS Ready version of the library! wolfCrypt FIPS Ready is our FIPS enabled cryptography layer code included in the wolfSSL source tree that you can enable and build. You do not get a FIPS certificate, you are not FIPS approved, but you will be FIPS Ready. FIPS Ready means that you have included the FIPS code into your build and that you are operating according to the FIPS enforced best practices of default entry point, and power on self test.

wolfCrypt FIPS Ready can be downloaded from the wolfSSL download page located here: https://www.wolfssl.com/download/. More information on getting set up with wolfCrypt FIPS Ready can be found in our FIPS Ready User guide here: https://www.wolfssl.com/docs/fips-ready-user-guide/

Currently Validated Operating Environments

wolfCrypt has been validated on a number of Operating Environments (OEs). The current validated OE list for both wolfCrypt FIPS certificates (#2425 and #3389) are listed here for reference.  wolfSSL can easily add additional OEs to existing wolfCrypt FIPS certificates. To learn more about this process, contact us today!

Certificate #2425 Current OE List:

Operating SystemProcessorPlatform
Linux 3.13 (Ubuntu)Intel® Core™ i7-3720QM CPU @2.60GHz x 8HP EliteBook
iOS 8.1Apple™ A8iPhone™ 6
Android 4.4Qualcomm Krait 400Samsung Galaxy S5
FreeRTOS 7.6ST Micro STM32FuTrust TS Reader
Windows 7 (64-bit)Intel® Core™ i5Sony Vaio Pro
Linux 3.0 (SLES 11 SP4, 64-bit)Intel® Xeon® E3-1225Imprivata OneSign
Linux 3.0 (SLES 11 SP4, 64-bit) on Microsoft Hyper-V 2012R2 CoreIntel® Xeon® E5-2640Dell® PowerEdge™ r630
Linux 3.0 (SLES 11 SP4, 64-bit) on VMWare ESXi 5.5.0Intel® Xeon® E5-2640Dell® PowerEdge™ r630
Windows 7 (64-bit) on VMWare ESXi 5.5.0Intel® Xeon® E5-2640Dell® PowerEdge™ r630
Android Dalvik 4.2.2NXP i.MX6 MXT?700?NC 7” touch
panel
Linux 4.1.15NXP i.MX5NX?1200 NetLinx NX
Integrated Controller
Debian 8.8Intel Xeon® 1275v3CA PAM 304L Server
Windows Server 2012R2Intel® Xeon® E5335CA Technologies
PAMHAF995
Windows 7 Professional SP1Intel® Core™ i7?2640MDell™ Latitude™ E6520
Debian 8.7.0Intel ® Xeon® E3 Family with SGX supportIntel® x64 Server System
R1304SP
Windows 10 ProIntel ® Core ™ i5 with SGX supportDell™ Latitude™ 7480
NET+OS v7.6 Digi International NS9210Sigma IV infusion pump
Linux 4.4 (SLES 12 SP3, 64?
bit) on Microsoft Hyper?V
2016 Core		Intel® Xeon® E5?2650Dell® PowerEdge™ r720
Linux 4.4 (SLES 12 SP3, 64?
bit) on VMWare ESXi 6.5.0		Intel® Xeon® E5?2403Dell® PowerEdge™ r420

Certificate #3389 Current OE List:

Operating SystemProcessorPlatform
Linux 4.4
(Ubuntu 16.04 LTS)		Intel® Core™ i5-5300U CPU @2.30GHz x 4 with
AES-NI		Intel Ultrabook 2 in 1
Linux 4.4
(Ubuntu 16.04 LTS)		Intel® Core™ i5-5300U CPU @2.30GHz x 4
without AES-NI		Intel Ultrabook 2 in 1
Windows 10 (64-bit)Intel® Core™ i5-5300U CPU @2.30GHz x 4
with AES-NI		Intel Ultrabook 2 in 1
Windows 10 (64-bit)Intel® Core™ i5-5300U CPU @2.30GHz x 4
without AES-NI		Intel Ultrabook 2 in 1
OpenRTOS v10.1.1STMicroelectronics STM32L4xSTMicroelectronics
STM32L4R9I-DISCO
(Discovery Kit)
HP Imaging &
Printing Linux 4.9		ARM Cortex-A72 with PAAHP PN 3PZ95-60002
HP Imaging &
Printing Linux 4.9		ARM Cortex-A72 without PAAHP PN 3PZ95-60002
Windows 10
Enterprise		Intel® Core™ i7-7820 @2.9GHz x 4 with AES-NIRadar FCL Package
Utility
Windows 10
Enterprise		Intel® Core™ i7-7820 @2.9GHz x 4 without AES-NIRadar FCL Package
Utility
Linux socfpga
Cyclone V		Armv7 rev 0, Cortex A-9SEL 2700 Series 24-
Port Ethernet Switch
Red Hat Enterprise
Linux Workstation		Intel (R) Xeon(R) W-2155 @3.3GHz x 20 with PAADELL Precision 5820
Red Hat Enterprise
Linux Workstation		Intel (R) Xeon(R) W-2155 @3.3GHz x 20 without
PAA		DELL Precision 5820
Fusion Embedded
RTOS 5.0		Analog Devices ADSP-BF516 (BlackFin)Classone® IP Radio
Gateway
Linux 4.12 Yocto
Standard		Freescale i.MX6 DualLite ARMv7 Cortex-A9 x2 with
PAA		Metasys® SNC Series
Network Control
Engine
Linux 4.12 Yocto
Standard		Freescale i.MX6 DualLite ARMv7 Cortex-A9 x2
without PAA		Metasys® SNC Series
Network Control
Engine
Nucleus 3.0 version 2013.08.1Freescale Vybrid VF500XL200 Radio
CodeOS v1.4CodeCorp CT8200 (ARM FA626TE)Series CR2700 Code Reader(s)
Linux 4.14ARMv8 Cortex A53 with PAASEL-2742S
Linux 4.14ARMv8 Cortex A53 without PAASEL-2742S
Windows CE 6.0ARM Cortex A8 ARMv7HP Color LaserJet Enterprise MFP M681
Linux 4.19ARMv8 Cortex A53 with PAACloudworx Video ENC-DEC
Linux 4.19ARMv8 Cortex A53 without PAACloudworx Video ENC-DEC
CMSIS-RTOS2 v2.1.3Silicon Labs EFM32G (Gecko)Alto