This document is a guide to the use of the OpenSSL FIPS Object Module, a software component intended for use with the OpenSSL cryptographic library and toolkit. It is a companion document to the OpenSSL FIPS 140-2 Security Policy document submitted to NIST as part of the FIPS 140-2 validation process. It is intended as a technical reference for developers using, and system administrators installing, the OpenSSL FIPS software, for use in risk assessment reviews by security auditors, and as a summary and overview for program managers. It is intended as a guide for annotation and more detailed explanation of the Security Policy, and not as a replacement.
Familiarity with the OpenSSL distribution and library API (Application Programming Interface) is assumed. This document is not a tutorial on the use of OpenSSL and it only covers issues specific to the FIPS 140-2 validation.