SP 800-90A Health Testing Mandatory for FIPS 140-2 Cryptographic Modules

Effective immediately, FIPS Testing Laboratories must verify that cryptographic modules implement the health testing described in SP 800-90A (Section 11.3).

The wolfCrypt FIPS 140-2 Cryptographic Module (currently in “Coordination” at the CMVP) implements the health testing for the SP 800-90A Hash_DRBG.  

Cryptographic modules that do not include health testing will be placed on “HOLD” by the CMVP. The status on the NIST Modules in Process list will return to “IUT” (Implementation Under Test) until the health testing is implemented and retesting is completed.

See the recent blog post from InfoGard Laboratories for additional details: http://fips140.blogspot.com/2015/05/urgent-cmvp-guidance-effective.html

Please contact wolfSSL by email at fips@wolfssl.com, or call us at 425 245 8247 if you have any FIPS 140-2 questions.