Private label validations (rebrands) for open-source software FIPS 140 modules
UPDATE: Early testing is available for the KeyPair FIPS Provider for OpenSSL 3. The FIPS 140-3 validation report is in the review process at the CMVP. Please send an email to [email protected] or call +1 (805) 316-5024 for information.
Results you can expect:
- FIPS 140-2 certificate issued in your company’s name
- FIPS testing on your supported operating systems
- Turnkey service with completion times between 8-16 weeks
- A “FIPS 140-2” educated sales force
Additional Information:
- Any of the open-source FIPS cryptographic modules in the table below may be rebranded in your company’s name.
- Keep your engineering team focused on product development. Only minimal effort required from you. KeyPair Consulting handles all of the FIPS testing and FIPS Lab interaction.
- You control the “Tested Configurations” listed on your FIPS 140-2 certificate. (A “Tested Configuration” is the combination of operating system and hardware that was used for the FIPS testing of the cryptographic module.)
- Your Sales Team receives training from KeyPair Consulting
| FIPS Cert | Vendor | Module Name | Sunset Date (mm/dd/yyyy) |
|---|---|---|---|
| 4407 | Google, Inc. | BoringCrypto | 9/21/2026 |
| 3678 | Google, Inc. | BoringCrypto | 7/12/2025 |
| 4156 | Google, Inc. | BoringCrypto Android | 9/21/2026 |
| FIPS 140-3 review in process | KeyPair Consulting Inc. | KeyPair FIPS Provider for OpenSSL 3 | TBD |
| 4416 | Legion of the Bouncy Castle Inc. | BC-FNA (Bouncy Castle FIPS .NET API) | 9/21/2026 |
| 3514 | Legion of the Bouncy Castle Inc. | BC-FJA (Bouncy Castle FIPS Java API) | 8/22/2024 |
Other services:
Entropy Assessments
FIPS Consulting