Do you have a product you are working on that may one day be utilized by a government agency either foreign or domestic or any agency that requires a FIPS certification? If you think your product is a candidate for FIPS use but are not quite sure when you may have a FIPS purchase come through wolfSSL FIPS Ready is exactly what you are looking for!
What is FIPS Ready?
wolfSSL FIPS Ready is the wolfCrypt FIPS enabled cryptography layer code included in the wolfSSL source tree. With wolfSSL FIPS Ready you get to benefit from all the enhanced security features that come with a FIPS module but you don’t have to get a certificate until you are confident you have a FIPS customer that will justify the effort of getting the cert!
What are the Limitations?
With wolfSSL FIPS Ready you are not FIPS approved, but you will be READY to get approved at a moments’ notice saving you time when that FIPS customer comes knocking. Being FIPS Ready means you have included the FIPS code in your build, you are already operating according to the FIPS enforced best practices of default entry point, you have a code integrity check of your crypto module and you are running the power on self test to ensure proper cryptographic functionality. When the time comes, you can get your operating environment tested and validated and all the coding work will have already been done in advance making the validation process much faster!
Can I deploy it today?
FIPS Ready is open source and dual-licensed. We distribute FIPS Ready wolfSSL with the GPLv3 license or we can negotiate commercial licensing terms with support!
You can download a copy of the wolfssl-4.4.0-gplv3-fips-ready.zip from the DOWNLOADS page on the wolfSSL website.
FIPS is a complicated topic so if you have questions after reviewing this post, then just contact us at facts@wolfssl.com anytime, we are always happy to help in any way we can!