FIPS 140

All of the certificates are sourced from the NIST CMVP (Cryptographic Module Validation Program) portal at csrc.nist.gov. The site provides a search and HTML listing of the certified products with some metadata. These listings were crawled (along with the certificates and security targets themselves) to gather the data provided here.

sec-certs

Search

Search and browse through the certificates and our extracted metadata.

Go Fulltext

References

Explore an interactive graph of references in FIPS 140 certificates.

Go

Analysis

View a part of our results of our analysis of the FIPS 140 certificate data.

Go

Random

Look at a random FIPS 140 certificate.

Go

Data

The full and up-to-date dataset used on this site can be downloaded here. It is updated weekly and all the pages and data on this site are extracted from it. It is a JSON file as produced by the sec-certs fips command from the tool. Documentation for the tool, including a quick-start guide, can be found on here.

The dataset was last successfully updated at 02:04 on 08.10.2024 using version 0.2.1.post1.dev34+g5f893fb of the sec-certs tool and it contains 4818 certificates.

Main dataset The main dataset is a JSON file with data on the certificates extracted from the certification artifacts (i.e. PDFs). It does not contain the files themselves.
Full datasset The full dataset contains the dataset mentioned above as well as the certification artifacts themselves (i.e. PDFs). It is a gzip-compressed tar archive. Download this if you want to do your own processing on top of the data provided by our tooling.

MIP and IUT

The FIPS 140 Modules In Process (MIP) and Implementations Under Test (IUT) lists provide information about modules currently undergoing NIST CMVP evaluation. We crawl theese lists daily and provide a log of snapshots

MIP IUT