This page was not yet optimized for use on mobile
devices.
i.MX 8X SECO HSMv2
Certificate #4152
Webpage information
Security policy
Symmetric Algorithms
AES, AES-128, AES-256, HMAC, HMAC-SHA-256, HMAC-SHA-384, CMAC, CBC-MACAsymmetric Algorithms
ECDHE, ECDSA, ECC, DHHash functions
SHA-256, SHA-384, SHA-512, SHA-224Schemes
MAC, Key Agreement, Key agreement, AEADProtocols
TLS, TLS v1.2, TLS 1.2, TLSv1.2Randomness
DRBGElliptic Curves
P-256, P-384, P-521, curve P-256Block cipher modes
ECB, CBC, CTR, GCM, CCMTLS cipher suites
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_ECDSA_WITH_AES_256_CCM, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384Trusted Execution Environments
TrustZone, PSP, SSCVendor
NXP Semiconductors, NXPSecurity level
Level 3Standards
FIPS 140-2, FIPS PUB 140-2, FIPS 180-4, FIPS 186-4, FIPS 197, FIPS 198-1, SP 800-107, SP 800-108, SP 800-131A, SP 800-133, SP 800-135, SP 800-38A, SP 800-38B, SP 800-38C, SP 800-38D, SP 800-38F, SP 800-90A, SP 800-90B, SP 800-56A, SP 800-56C, SP 800-57, PKCS 1, RFC5246, RFC5289, RFC5639, RFC7627File metadata
| Author | Steve Weymann |
|---|---|
| Creation date | D:20220207114524-08'00' |
| Modification date | D:20220207114532-08'00' |
| Pages | 16 |
| Creator | Acrobat PDFMaker 17 for Word |
| Producer | Adobe PDF Library 17.11.238 |
Heuristics
Automated inference - use with caution
All attributes shown in this section (e.g., links between certificates, products, vendors, and known CVEs) are generated by automated heuristics and have not been reviewed by humans. These methods can produce false positives or false negatives and should not be treated as definitive without independent verification. For details on our data sources and inference methods, see our methodology. If you believe any information here is inaccurate or harmful, please submit feedback.References
No references are available for this certificate.
Updates Feed
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate was first processed.
Raw data
{
"_type": "sec_certs.sample.fips.FIPSCertificate",
"cert_id": 4152,
"dgst": "18cb37e2865113e6",
"heuristics": {
"_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
"algorithms": {
"_type": "Set",
"elements": [
"CVL#C1957",
"RSA#C1953",
"CVL#A1251",
"SHS#C1952",
"SHS#C1955",
"AES#C1951",
"KDA#A905",
"KAS#A904",
"AES#C1956",
"KAS#A905",
"KBKDF#C1959",
"HMAC#A892",
"AES#C1958",
"KAS-SSC#A904",
"AES#C1954",
"ECDSA#C1957",
"KTS#C1958"
]
},
"cpe_matches": {
"_type": "Set",
"elements": [
"cpe:2.3:h:nxp:i.mx_8:-:*:*:*:*:*:*:*",
"cpe:2.3:h:nxp:i.mx_8x:-:*:*:*:*:*:*:*"
]
},
"direct_transitive_cves": null,
"extracted_versions": {
"_type": "Set",
"elements": [
"4.8.0",
"1.3",
"1.72"
]
},
"indirect_transitive_cves": null,
"module_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"module_prunned_references": {
"_type": "Set",
"elements": []
},
"policy_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"policy_prunned_references": {
"_type": "Set",
"elements": []
},
"related_cves": null,
"verified_cpe_matches": null
},
"pdf_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
"keywords": {
"asymmetric_crypto": {
"ECC": {
"ECC": {
"ECC": 7
},
"ECDH": {
"ECDHE": 5
},
"ECDSA": {
"ECDSA": 18
}
},
"FF": {
"DH": {
"DH": 1
}
}
},
"certification_process": {},
"cipher_mode": {
"CBC": {
"CBC": 4
},
"CCM": {
"CCM": 9
},
"CTR": {
"CTR": 1
},
"ECB": {
"ECB": 4
},
"GCM": {
"GCM": 16
}
},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {},
"crypto_protocol": {
"TLS": {
"TLS": {
"TLS": 42,
"TLS 1.2": 2,
"TLS v1.2": 7,
"TLSv1.2": 1
}
}
},
"crypto_scheme": {
"AEAD": {
"AEAD": 1
},
"KA": {
"Key Agreement": 3,
"Key agreement": 7
},
"MAC": {
"MAC": 5
}
},
"device_model": {},
"ecc_curve": {
"NIST": {
"P-256": 33,
"P-384": 32,
"P-521": 10,
"curve P-256": 1
}
},
"eval_facility": {},
"fips_cert_id": {},
"fips_certlike": {
"Certlike": {
"AES CMAC (128": 1,
"AES GCM (128": 1,
"AES [197": 1,
"AES key (128": 2,
"AES-128": 4,
"AES-256": 3,
"HMAC [198": 1,
"HMAC-SHA-256": 12,
"HMAC-SHA-384": 6,
"PKCS 1": 2,
"SHA-224": 4,
"SHA-256": 27,
"SHA-384": 15,
"SHA-512": 14,
"SHS [180": 2
}
},
"fips_security_level": {
"Level": {
"Level 3": 1
}
},
"hash_function": {
"SHA": {
"SHA2": {
"SHA-224": 4,
"SHA-256": 27,
"SHA-384": 15,
"SHA-512": 14
}
}
},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {
"PRNG": {
"DRBG": 15
}
},
"side_channel_analysis": {},
"standard_id": {
"FIPS": {
"FIPS 140-2": 20,
"FIPS 180-4": 1,
"FIPS 186-4": 1,
"FIPS 197": 1,
"FIPS 198-1": 1,
"FIPS PUB 140-2": 2
},
"NIST": {
"SP 800-107": 1,
"SP 800-108": 1,
"SP 800-131A": 1,
"SP 800-133": 1,
"SP 800-135": 1,
"SP 800-38A": 1,
"SP 800-38B": 1,
"SP 800-38C": 1,
"SP 800-38D": 1,
"SP 800-38F": 1,
"SP 800-56A": 1,
"SP 800-56C": 1,
"SP 800-57": 1,
"SP 800-90A": 1,
"SP 800-90B": 1
},
"PKCS": {
"PKCS 1": 1
},
"RFC": {
"RFC5246": 3,
"RFC5289": 1,
"RFC5639": 1,
"RFC7627": 3
}
},
"symmetric_crypto": {
"AES_competition": {
"AES": {
"AES": 34,
"AES-128": 4,
"AES-256": 3
}
},
"constructions": {
"MAC": {
"CBC-MAC": 1,
"CMAC": 8,
"HMAC": 8,
"HMAC-SHA-256": 6,
"HMAC-SHA-384": 3
}
}
},
"tee_name": {
"AMD": {
"PSP": 1
},
"ARM": {
"TrustZone": 1
},
"IBM": {
"SSC": 1
}
},
"tls_cipher_suite": {
"TLS": {
"TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256": 1,
"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256": 1,
"TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384": 1,
"TLS_ECDHE_ECDSA_WITH_AES_256_CCM": 1,
"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384": 1
}
},
"vendor": {
"NXP": {
"NXP": 7,
"NXP Semiconductors": 33
}
},
"vulnerability": {}
},
"policy_metadata": {
"/Author": "Steve Weymann",
"/Comments": "",
"/Company": "",
"/ContentTypeId": "0x010100D9AAB3949C6C4A418E3247549DC2AB6F",
"/CreationDate": "D:20220207114524-08\u002700\u0027",
"/Creator": "Acrobat PDFMaker 17 for Word",
"/Keywords": "",
"/ModDate": "D:20220207114532-08\u002700\u0027",
"/Producer": "Adobe PDF Library 17.11.238",
"/SourceModified": "D:20220207194444",
"/Subject": "",
"/Title": "",
"/_dlc_DocIdItemGuid": "4ad9bc11-6e66-4e47-91a0-f650da983d75",
"pdf_file_size_bytes": 605138,
"pdf_hyperlinks": {
"_type": "Set",
"elements": [
"https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?validation=32857",
"https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38c.pdf",
"https://www.nxp.com/",
"https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-108.pdf",
"https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38a.pdf",
"https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?validation=33491",
"https://keypair.us/",
"https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?validation=33860",
"https://tools.ietf.org/html/rfc5246",
"https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-4.pdf",
"https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?validation=32863",
"https://csrc.nist.gov/publications/detail/sp/800-38d/final",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-57pt1r5.pdf",
"https://csrc.nist.gov/publications/detail/fips/198/1/final",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-133r2.pdf",
"https://tools.ietf.org/html/rfc7627",
"https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-135r1.pdf",
"https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.140-2.pdf",
"https://tools.ietf.org/html/rfc5639",
"https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?validation=32859",
"https://csrc.nist.gov/CSRC/media/Projects/Cryptographic-Module-Validation-Program/documents/fips140-2/FIPS1402DTR.pdf",
"https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?validation=32862",
"https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-107r1.pdf",
"https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?validation=33503",
"https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?validation=32861",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-90Ar1.pdf",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-131Ar2.pdf",
"https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.180-4.pdf",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-56Cr1.pdf",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-56Ar3.pdf",
"https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?validation=32860",
"https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?validation=32858",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-38F.pdf",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-90B.pdf",
"https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?validation=32864",
"https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?validation=33504",
"https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.197.pdf",
"https://datatracker.ietf.org/doc/html/rfc5289",
"https://csrc.nist.gov/CSRC/media/Projects/Cryptographic-Module-Validation-Program/documents/fips140-2/FIPS1402IG.pdf",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-38b.pdf",
"https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?validation=32865"
]
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 16
}
},
"state": {
"_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
"module_download_ok": true,
"module_extract_ok": true,
"policy_convert_ok": true,
"policy_download_ok": true,
"policy_extract_ok": true,
"policy_json_hash": null,
"policy_pdf_hash": "222ec1821c927f41c883b1e140750cae3e908a155b561fe5694a882fddb726ee",
"policy_txt_hash": "b6c0dbe8854d42cfbc655bbde08c51da66a27842d77c44d0f4620a811973613a"
},
"web_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
"caveat": "When operated in FIPS mode and utilizing a Trusted Path as specified in the Security Policy",
"certificate_pdf_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/February 2022_010322_0121_Signed.pdf",
"date_sunset": "2026-09-21",
"description": "The i.MX 8X HSMv2 extends the rich capabilities of the i.MX 8X family of products with advanced security and cryptographic capabilities. These HSM extensions implemented in the i.MX 8X integrated cryptographic module offer OEMs the capability to configure the part in the desired FIPS mode to support challenging IoT use cases and more. The i.MX 8X cryptographic module is an integral part of the NXP i.MX 8X application processors and can be used together with other features offered by these SOCs to reduce both the OEM design bill of materials as well as time to market.",
"embodiment": "Single Chip",
"exceptions": null,
"fw_versions": "ROM mem_i.MX8QX_s28roml_w20480x032m32B2_1Tlms_m0_1.3; SECO FW 4.8.0",
"historical_reason": null,
"hw_versions": "P/N: rpp_cm0p_sec_subsys (version tag DA_SSL_iMX8QX_SCU_SUBSYS_LN28FDSOI_1.72)",
"level": 3,
"mentioned_certs": {},
"module_name": "i.MX 8X SECO HSMv2",
"module_type": "Hardware",
"revoked_link": null,
"revoked_reason": null,
"standard": "FIPS 140-2",
"status": "active",
"sw_versions": null,
"tested_conf": [
"[Version number: SOC_iMX8_QuadX_CMOS28FDSOI_1.88",
"MiMX8DX6FVLFZAC, MiMX8DX5FVLFZAC, MiMX8DX4FVLFZAC, MiMX8DX3FVLFZAC, MiMX8DX2FVLFZAC, MiMX8DX1FVLFZAC, MiMX8DX6GVLFZAC, MiMX8DX5GVLFZAC",
"MiMX8UX6FVLFZAC, MiMX8UX5FVLFZAC, MiMX8UX2FVLFZAC, MiMX8UX1FVLFZAC, MiMX8UX6GVLFZAC, MiMX8UX5GVLFZAC]",
"P/Ns: MiMX8QX6FVLFZAC, MiMX8QX5FVLFZAC, MiMX8QX2FVLFZAC, MiMX8QX1FVLFZAC, MiMX8QX6GVLFZAC, MiMX8QX5GVLFZAC, PIMX8QX6AVLFZAC, PIMX8QX6FVLFZAC"
],
"validation_history": [
{
"_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
"date": "2022-02-14",
"lab": "UL Verification Services, Inc.",
"validation_type": "Initial"
}
],
"vendor": "NXP Semiconductors",
"vendor_url": "http://www.nxp.com"
}
}