Private label validations (rebrands) for open-source software FIPS 140 modules

UPDATE: Early testing is available for the KeyPair FIPS Provider for OpenSSL 3. The FIPS 140-3 validation report is in the review process at the CMVP. Please send an email to info@keypair.us or call +1 (805) 316-5024 for information.
Results you can expect:
- FIPS 140-2 certificate issued in your company’s name
- FIPS testing on your supported operating systems
- Turnkey service with completion times between 8-12 weeks
- A “FIPS 140-2” educated sales force
Additional Information:
- Any of the open-source FIPS cryptographic modules in the table below may be rebranded in your company’s name.
- Keep your engineering team focused on product development. Only minimal effort required from you. KeyPair Consulting handles all of the FIPS testing and FIPS Lab interaction.
- You control the “Tested Configurations” listed on your FIPS 140-2 certificate. (A “Tested Configuration” is the combination of operating system and hardware that was used for the FIPS testing of the cryptographic module.)
- Your Sales Team receives training from KeyPair Consulting
FIPS Cert | Vendor | Module Name | Sunset Date (mm/dd/yyyy) |
---|---|---|---|
3678 | Google, Inc. | BoringCrypto | 7/12/2025 |
3753 | Google, Inc. | BoringCrypto Android | 12/1/2025 |
3503 | KeyPair Consulting Inc. | KeyPair FIPS Object Module for OpenSSL 1.0.2 (Includes FIPS 186-4 RSA KeyGen and default entry point with CentOS 6 & 7, Ubuntu 18.04) | 12/2/2023 |
FIPS 140-3 review in process | KeyPair Consulting Inc. | KeyPair FIPS Provider for OpenSSL 3 | TBD |
3514 | Legion of the Bouncy Castle Inc. | BC-FJA (Bouncy Castle FIPS Java API) | 8/22/2024 |
Other services:
Entropy Assessments
FIPS Consulting