wolfCrypt FIPS Module

The CMVP has issued FIPS 140-2 Certificate #2425 for the wolfCrypt Module developed by wolfSSL Inc.

What is FIPS 140-2?


Federal Information Processing Standards (FIPS) 140-2 is a mandatory standard for the protection of sensitive or valuable data within Federal systems.


Why is FIPS 140-2 important?


Federal agencies purchasing cryptographic-based security systems must confirm an associated FIPS 140-2 certificate exists.


This procurement “check-box” item is a deal breaker. Vendor claims of “designed for FIPS” or “FIPS ready” are not sufficient to pass this hurdle.


No FIPS certificate = No sale


Many private and commercial organizations perceive an advantage in selecting a product with a FIPS 140-2 certificate over a solution that has not undergone the rigorous approval process.

wolfCrypt FIPS 140-2

Copyright 2016 wolfSSL Inc.  All rights reserved.

Questions?

Please feel free to contact us with any questions you might have.

wolfSSL 3.9.8

Release 3.9.8 of wolfSSL has bug fixes and new features including support for custom ECC curves, addition of RSA blinding, support for Brainpool curves and more.

embedded ssl

Questions? +1 (425) 245-8247

What is the status of the wolfSSL FIPS validation effort?


A version of the wolfCrypt cryptography library has been FIPS 140-2 validated (Certificate #2425). For additional information, visit the wolfCrypt FIPS FAQ or contact [email protected].  Read our blog post update here!


wolfCrypt FIPS 140-2 Level 1 Certificate #2425:

http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140val-all.htm#2425


I am a Techie. What is so great about the wolfCrypt FIPS module?


wolfCrypt is a cryptographic software API library. Your application may rely on wolfCrypt to provide all of the cryptographic processing. Instead of performing your own FIPS validation, you may claim that you are using an embedded FIPS cryptographic module. This will make your Federal customers happy.


wolfCrypt is compliant with FIPS 140-2 Implementation Guidance 9.10. We implemented a default entry point to run self-tests automatically. The FIPS OpenSSL module does not provide a default entry point.


Can I get a FIPS certificate in my company’s name?


Yes. You have the option of rebranding the wolfCrypt module and NIST will issue a FIPS 140-2 certificate in your company’s name. Your Sales Teams will thank you.


How can wolfSSL help me?


The wolfSSL team has the FIPS expertise you need. We will form a FIPS strategy that is best for you. Before you search for a FIPS Consultant or begin calling several of the 22 FIPS Laboratories, contact us.  We can save you time, money, and effort.