Home / FIPS 140 / 20fa0bcc74ce3b21
Link Link by certificate ID Link by certificate name

Pensando TLS Library

Certificate #4689

Webpage information ?

Status active
Validation dates 03.04.2024
Sunset date 21-09-2026
Standard FIPS 140-2
Security level 1
Type Software
Embodiment Multi-Chip Stand Alone
Caveat When operated in FIPS mode. No assurance of the minimum strength of generated keys
Exceptions
  • Physical Security: N/A
  • Mitigation of Other Attacks: N/A
Description Pensando TLS Library is a set of standard Transport Layer Security (TLS) functions that are written in the GO programming language. It supports TLS protocol version 1.2 (client and server) and standard cryptographic functions, such as SHA, AES, etc.
Tested configurations
  • ArubaOS-CX version 10.12 running on Aruba CX 10000 Switch with Intel Xeon D-1637 (single-user mode)
  • CentOS v7.7 on VMware ESXi 6.7 running on HPE:ProLiant DL360 Gen10 with Intel Xeon Gold 6140
  • Linux 4.14.18 running on Capri 1.0 with Capri 1.0
Vendor Pensando Systems, Inc
References

This certificate's webpage directly references 0 certificates, transitively this expands into 0 certificates.
Certificate
Webpage

Security policy ?

Security target PDF TXT

Symmetric Algorithms
AES, AES-, RC4, TDEA, HMAC, HMAC-SHA-256, CMAC
Asymmetric Algorithms
RSA-PSS, ECDSA, ECC, Diffie-Hellman, DH
Hash functions
SHA-1, SHA-256, SHA-384, SHA-512, SHA224, SHA256
Schemes
Key agreement
Protocols
TLS, TLS 1.2
Randomness
DRBG
Elliptic Curves
P-256, P-384, P-224, P-521, Ed25519
Block cipher modes
CBC, CTR, GCM, CCM

Security level
Level 1

Standards
FIPS 140-2, FIPS 197, FIPS 186-4, FIPS198-1, FIPS 180-4, FIPS 198-1, FIPS 202, SP 800-38D, SP 800-52, SP 800-90A, SP 800-38B, SP 800-38C, SP 800-56A, PKCS 1, PKCS#1, PKCS#5, PKCS#12, RFC 5288

File metadata

Title Microsoft Word - FIPS_Security_Policy_Pensando_v1_2.docx
Author Admin
Creation date D:20240228124812-08'00'
Modification date D:20240228124812-08'00'
Pages 11
Creator PScript5.dll Version 5.2.2
Producer GPL Ghostscript 8.64

Heuristics ?

No heuristics are available for this certificate.

References ?

No references are available for this certificate.

Updates ?

  • 04.07.2024 The certificate was first processed.
    New certificate

    A new FIPS 140 certificate with the product name was processed.

Raw data 

{
  "_type": "sec_certs.sample.fips.FIPSCertificate",
  "cert_id": 4689,
  "dgst": "20fa0bcc74ce3b21",
  "heuristics": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
    "algorithms": {
      "_type": "Set",
      "elements": [
        "CVL#A4801",
        "DRBG#C2156",
        "KBKDF#A4801",
        "AES#A4801",
        "ECDSA#A4801",
        "KAS-SSC#A4801",
        "HMAC#C2156",
        "KAS-SSC#A1289",
        "SHS#A4801",
        "AES#C2155",
        "RSA#A4801",
        "DRBG#A4801",
        "SHS#C2156",
        "ECDSA#C2156",
        "AES#C2156",
        "RSA#C2156",
        "HMAC#A4801",
        "KBKDF#C2156",
        "CVL#C2156"
      ]
    },
    "cpe_matches": null,
    "direct_transitive_cves": null,
    "extracted_versions": {
      "_type": "Set",
      "elements": [
        "-"
      ]
    },
    "indirect_transitive_cves": null,
    "module_processed_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": null,
      "indirectly_referenced_by": null,
      "indirectly_referencing": null
    },
    "module_prunned_references": {
      "_type": "Set",
      "elements": []
    },
    "policy_processed_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": null,
      "indirectly_referenced_by": null,
      "indirectly_referencing": null
    },
    "policy_prunned_references": {
      "_type": "Set",
      "elements": []
    },
    "related_cves": null,
    "verified_cpe_matches": null
  },
  "pdf_data": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
    "keywords": {
      "asymmetric_crypto": {
        "ECC": {
          "ECC": {
            "ECC": 5
          },
          "ECDSA": {
            "ECDSA": 10
          }
        },
        "FF": {
          "DH": {
            "DH": 3,
            "Diffie-Hellman": 2
          }
        },
        "RSA": {
          "RSA-PSS": 1
        }
      },
      "certification_process": {},
      "cipher_mode": {
        "CBC": {
          "CBC": 4
        },
        "CCM": {
          "CCM": 1
        },
        "CTR": {
          "CTR": 2
        },
        "GCM": {
          "GCM": 4
        }
      },
      "cplc_data": {},
      "crypto_engine": {},
      "crypto_library": {},
      "crypto_protocol": {
        "TLS": {
          "TLS": {
            "TLS": 31,
            "TLS 1.2": 1
          }
        }
      },
      "crypto_scheme": {
        "KA": {
          "Key agreement": 1
        }
      },
      "device_model": {},
      "ecc_curve": {
        "Edwards": {
          "Ed25519": 1
        },
        "NIST": {
          "P-224": 2,
          "P-256": 6,
          "P-384": 4,
          "P-521": 2
        }
      },
      "eval_facility": {},
      "fips_cert_id": {},
      "fips_certlike": {
        "Certlike": {
          "HMAC-SHA-1": 6,
          "HMAC-SHA-384 160": 2,
          "PKCS 1": 2,
          "PKCS#1": 2,
          "PKCS#12": 2,
          "PKCS#5": 2,
          "SHA- 256": 1,
          "SHA-1": 2,
          "SHA-256": 3,
          "SHA-384": 2,
          "SHA-512": 3,
          "SHA2-256": 1,
          "SHA2-384": 1,
          "SHA224": 1,
          "SHA256": 1
        }
      },
      "fips_security_level": {
        "Level": {
          "Level 1": 2
        }
      },
      "hash_function": {
        "SHA": {
          "SHA1": {
            "SHA-1": 2
          },
          "SHA2": {
            "SHA-256": 3,
            "SHA-384": 2,
            "SHA-512": 3,
            "SHA224": 1,
            "SHA256": 1
          }
        }
      },
      "ic_data_group": {},
      "javacard_api_const": {},
      "javacard_packages": {},
      "javacard_version": {},
      "os_name": {},
      "pq_crypto": {},
      "randomness": {
        "PRNG": {
          "DRBG": 13
        }
      },
      "side_channel_analysis": {},
      "standard_id": {
        "FIPS": {
          "FIPS 140-2": 3,
          "FIPS 180-4": 2,
          "FIPS 186-4": 2,
          "FIPS 197": 3,
          "FIPS 198-1": 1,
          "FIPS 202": 1,
          "FIPS198-1": 1
        },
        "NIST": {
          "SP 800-38B": 1,
          "SP 800-38C": 1,
          "SP 800-38D": 3,
          "SP 800-52": 2,
          "SP 800-56A": 1,
          "SP 800-90A": 2
        },
        "PKCS": {
          "PKCS 1": 1,
          "PKCS#1": 1,
          "PKCS#12": 1,
          "PKCS#5": 1
        },
        "RFC": {
          "RFC 5288": 1
        }
      },
      "symmetric_crypto": {
        "AES_competition": {
          "AES": {
            "AES": 10,
            "AES-": 1
          },
          "RC": {
            "RC4": 1
          }
        },
        "DES": {
          "3DES": {
            "TDEA": 1
          }
        },
        "constructions": {
          "MAC": {
            "CMAC": 1,
            "HMAC": 11,
            "HMAC-SHA-256": 1
          }
        }
      },
      "tee_name": {},
      "tls_cipher_suite": {},
      "vendor": {},
      "vulnerability": {}
    },
    "policy_metadata": {
      "/Author": "Admin",
      "/CreationDate": "D:20240228124812-08\u002700\u0027",
      "/Creator": "PScript5.dll Version 5.2.2",
      "/ModDate": "D:20240228124812-08\u002700\u0027",
      "/Producer": "GPL Ghostscript 8.64",
      "/Title": "Microsoft Word - FIPS_Security_Policy_Pensando_v1_2.docx",
      "pdf_file_size_bytes": 244297,
      "pdf_hyperlinks": {
        "_type": "Set",
        "elements": []
      },
      "pdf_is_encrypted": false,
      "pdf_number_of_pages": 11
    }
  },
  "state": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
    "module_download_ok": true,
    "module_extract_ok": true,
    "policy_convert_garbage": false,
    "policy_convert_ok": true,
    "policy_download_ok": true,
    "policy_extract_ok": true,
    "policy_pdf_hash": "5021ae57b05e06fa3fc2781f3f85b751e44e6dd3615b6aa05958a8061afa7073",
    "policy_txt_hash": "91a1dda16e6b14d12a15791734126122296307d411f7908a485352433165ded1"
  },
  "web_data": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
    "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys",
    "certificate_pdf_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/April 2024_010524_0757.pdf",
    "date_sunset": "2026-09-21",
    "description": "Pensando TLS Library is a set of standard Transport Layer Security (TLS) functions that are written in the GO programming language. It supports TLS protocol version 1.2 (client and server) and standard cryptographic functions, such as SHA, AES, etc.",
    "embodiment": "Multi-Chip Stand Alone",
    "exceptions": [
      "Physical Security: N/A",
      "Mitigation of Other Attacks: N/A"
    ],
    "fw_versions": null,
    "historical_reason": null,
    "hw_versions": null,
    "level": 1,
    "mentioned_certs": {},
    "module_name": "Pensando TLS Library",
    "module_type": "Software",
    "revoked_link": null,
    "revoked_reason": null,
    "standard": "FIPS 140-2",
    "status": "active",
    "sw_versions": "1.0",
    "tested_conf": [
      "ArubaOS-CX version 10.12 running on Aruba CX 10000 Switch with Intel Xeon D-1637 (single-user mode)",
      "CentOS v7.7 on VMware ESXi 6.7 running on HPE:ProLiant DL360 Gen10 with Intel Xeon Gold 6140",
      "Linux 4.14.18 running on Capri 1.0 with Capri 1.0"
    ],
    "validation_history": [
      {
        "_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
        "date": "2024-04-03",
        "lab": "ADVANCED DATA SECURITY LLC",
        "validation_type": "Initial"
      }
    ],
    "vendor": "Pensando Systems, Inc",
    "vendor_url": "http://pensando.io"
  }
}