Private label validations (rebrands) for open-source software FIPS 140 modules

UPDATE: Early testing is available for the KeyPair FIPS Provider for OpenSSL 3. The FIPS 140-3 validation report is in the review process at the CMVP. Please send an email to [email protected] or call +1 (805) 316-5024 for information.

Results you can expect:

  • FIPS 140-2 certificate issued in your company’s name
  • FIPS testing on your supported operating systems
  • Turnkey service with completion times between 8-16 weeks
  • A “FIPS 140-2” educated sales force

Additional Information:

  • Any of the open-source FIPS cryptographic modules in the table below may be rebranded in your company’s name.
  • Keep your engineering team focused on product development. Only minimal effort required from you. KeyPair Consulting handles all of the FIPS testing and FIPS Lab interaction.
  • You control the “Tested Configurations” listed on your FIPS 140-2 certificate. (A “Tested Configuration” is the combination of operating system and hardware that was used for the FIPS testing of the cryptographic module.)
  • Your Sales Team receives training from KeyPair Consulting
FIPS CertVendorModule NameSunset Date
4407Google, Inc.BoringCrypto9/21/2026
3678Google, Inc.BoringCrypto7/12/2025
4156Google, Inc.BoringCrypto Android9/21/2026
FIPS 140-3 review in processKeyPair Consulting Inc.KeyPair FIPS Provider for OpenSSL 3TBD
4416Legion of the Bouncy Castle Inc.BC-FNA (Bouncy Castle FIPS .NET API)9/21/2026

Other services:
Entropy Assessments
FIPS Consulting