This page was not yet optimized for use on mobile
devices.
Junos® OS Evolved OpenSSL Cryptographic Module
Certificate #4775
Webpage information
Security policy
Symmetric Algorithms
AES, AES-128, AES-192, AES-256, AES-, CAST, HMAC, KMAC, CMACAsymmetric Algorithms
ECDH, ECDSA, ECC, DH, Diffie-HellmanHash functions
SHA-1, SHA1, SHA-3, SHA3-224, SHA3-256, SHA3-384, SHA3-512, PBKDF2Schemes
MAC, Key Exchange, Key AgreementProtocols
SSH, TLS 1.2, TLS v1.2, TLS 1.3, TLS v1.3, TLS, IKERandomness
DRBG, RNGLibraries
OpenSSLElliptic Curves
P-224, P-256, P-384, P-521, B-233, B-283, B-409, B-571, K-233, K-283, K-409, K-571Block cipher modes
ECB, CBC, CTR, CFB, OFB, GCM, CCM, XTSTrusted Execution Environments
SSCSecurity level
Level 1, level 1Standards
FIPS 140-3, FIPS PUB 140-3, FIPS180-4, FIPS202, FIPS197, FIPS198-1, FIPS186-4, FIPS 186-4, FIPS 180-4, FIPS 197, FIPS 198-1, FIPS 202, SP 800-132, SP 800-38E, SP 800-38A, SP 800-38B, SP 800-38C, SP 800-38D, SP 800-38F, SP 800-52, SP 800-57, SP 800-140B, SP 800-185, PKCS#1, RFC 8446, RFC 3526, RFC 7919, ISO/IEC 24759File metadata
| Creation date | D:20240823190518Z00'00' |
|---|---|
| Modification date | D:20240823190518Z00'00' |
| Pages | 45 |
| Producer | macOS Version 13.6.9 (Build 22G830) Quartz PDFContext |
References
Outgoing- 4776 - active - Junos® OS Evolved Kernel Cryptographic Module
Heuristics
No heuristics are available for this certificate.
References
Loading...
Updates Feed
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate was first processed.
Raw data
{
"_type": "sec_certs.sample.fips.FIPSCertificate",
"cert_id": 4775,
"dgst": "32b39bf12b85ca3a",
"heuristics": {
"_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
"algorithms": {
"_type": "Set",
"elements": [
"SHA2-512/256A4249",
"Safe Primes Key VerificationA4251",
"RSA SigVer (FIPS186-4)A4249",
"KAS-FFC-SSC Sp800-56Ar3A4251",
"Hash DRBGA3601",
"HMAC-SHA2-224A4249",
"SHA3-256A4236",
"KDF ANS 9.42A4249",
"SHA3-224A4236",
"HMAC DRBGA3599",
"KMAC-128A4236",
"RSA KeyGen (FIPS186-4)A4249",
"SHA2-512A4249",
"SHA-1A4249",
"AES-CBC-CS3A4231",
"ECDSA KeyVer (FIPS186-4)A4249",
"AES-CCMA4231",
"KDA HKDF Sp800-56Cr1A4228",
"AES-CFB8A4231",
"TLS v1.3 KDFA4228",
"HMAC-SHA3-224A4236",
"AES-XTS Testing Revision 2.0A4231",
"ECDSA SigVer (FIPS186-4)A4249",
"HMAC-SHA3-384A4236",
"AES-CTRA4231",
"Counter DRBGA3599",
"ECDSA SigGen (FIPS186-4)A4249",
"HMAC-SHA2-384A4249",
"HMAC-SHA2-512/256A4249",
"HMAC-SHA2-512A4249",
"HMAC-SHA2-256A4249",
"HMAC-SHA3-512A4236",
"SHA2-224A4249",
"TLS v1.2 KDF RFC7627A4249",
"HMAC-SHA3-256A4236",
"RSA SigGen (FIPS186-4)A4249",
"SHA3-512A4236",
"AES-GCMA4245",
"SHA2-512/224A4249",
"AES-KWPA4231",
"KMAC-256A4236",
"AES-OFBA4231",
"AES-ECBA4235",
"AES-CMACA4231",
"SHA2-256A4249",
"KDA OneStep SP800-56Cr2A4224",
"KAS-ECC-SSC Sp800-56Ar3A4249",
"AES-CBCA4231",
"AES-KWA4231",
"HMAC-SHA2-512/224A4249",
"AES-CBC-CS1A4231",
"KDF ANS 9.63A4249",
"AES-GMACA4245",
"SHAKE-256A4236",
"PBKDFA4249",
"SHA3-384A4236",
"AES-CFB128A4231",
"SHA2-384A4249",
"KDF SP800-108A4250",
"Safe Primes Key GenerationA4251",
"AES-CBC-CS2A4231",
"AES-CFB1A4231",
"SHAKE-128A4236",
"KDF SSHA4235",
"HMAC-SHA-1A4249",
"ECDSA KeyGen (FIPS186-4)A4249"
]
},
"cpe_matches": null,
"direct_transitive_cves": null,
"extracted_versions": {
"_type": "Set",
"elements": [
"-"
]
},
"indirect_transitive_cves": null,
"module_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": {
"_type": "Set",
"elements": [
"4776",
"4820",
"4878"
]
},
"directly_referencing": {
"_type": "Set",
"elements": [
"4776"
]
},
"indirectly_referenced_by": {
"_type": "Set",
"elements": [
"4776",
"4775",
"4820",
"4878"
]
},
"indirectly_referencing": {
"_type": "Set",
"elements": [
"4776",
"4775"
]
}
},
"module_prunned_references": {
"_type": "Set",
"elements": [
"4776"
]
},
"policy_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": {
"_type": "Set",
"elements": [
"4776",
"4820",
"4878"
]
},
"directly_referencing": {
"_type": "Set",
"elements": [
"4776"
]
},
"indirectly_referenced_by": {
"_type": "Set",
"elements": [
"4776",
"4775",
"4820",
"4878"
]
},
"indirectly_referencing": {
"_type": "Set",
"elements": [
"4776",
"4775"
]
}
},
"policy_prunned_references": {
"_type": "Set",
"elements": [
"4776"
]
},
"related_cves": null,
"verified_cpe_matches": null
},
"pdf_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
"keywords": {
"asymmetric_crypto": {
"ECC": {
"ECC": {
"ECC": 2
},
"ECDH": {
"ECDH": 39
},
"ECDSA": {
"ECDSA": 13
}
},
"FF": {
"DH": {
"DH": 50,
"Diffie-Hellman": 8
}
}
},
"certification_process": {},
"cipher_mode": {
"CBC": {
"CBC": 5
},
"CCM": {
"CCM": 5
},
"CFB": {
"CFB": 1
},
"CTR": {
"CTR": 4
},
"ECB": {
"ECB": 6
},
"GCM": {
"GCM": 14
},
"OFB": {
"OFB": 4
},
"XTS": {
"XTS": 8
}
},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {
"OpenSSL": {
"OpenSSL": 50
}
},
"crypto_protocol": {
"IKE": {
"IKE": 5
},
"SSH": {
"SSH": 22
},
"TLS": {
"TLS": {
"TLS": 8,
"TLS 1.2": 21,
"TLS 1.3": 20,
"TLS v1.2": 1,
"TLS v1.3": 1
}
}
},
"crypto_scheme": {
"KA": {
"Key Agreement": 2
},
"KEX": {
"Key Exchange": 2
},
"MAC": {
"MAC": 25
}
},
"device_model": {},
"ecc_curve": {
"NIST": {
"B-233": 5,
"B-283": 4,
"B-409": 4,
"B-571": 4,
"K-233": 4,
"K-283": 4,
"K-409": 4,
"K-571": 4,
"P-224": 10,
"P-256": 10,
"P-384": 8,
"P-521": 8
}
},
"eval_facility": {
"atsec": {
"atsec": 3
}
},
"fips_cert_id": {
"Cert": {
"#4776": 1
}
},
"fips_certlike": {
"Certlike": {
"AES key 128, 192": 1,
"AES-128": 3,
"AES-192": 2,
"AES-256": 2,
"HMAC SHA-1": 3,
"HMAC-SHA1": 2,
"PKCS#1": 10,
"RSA PKCS#1": 2,
"SHA- 1": 1,
"SHA-1": 19,
"SHA-3": 4,
"SHA1": 1,
"SHA2- 224": 2,
"SHA2- 256": 7,
"SHA2- 384": 2,
"SHA2- 512": 3,
"SHA2-224": 16,
"SHA2-256": 33,
"SHA2-384": 18,
"SHA2-512": 19,
"SHA2-512 224": 3,
"SHA3- 224": 2,
"SHA3- 256": 3,
"SHA3- 512": 2,
"SHA3-224": 13,
"SHA3-256": 14,
"SHA3-384": 15,
"SHA3-512": 13,
"SHA3-512 224": 1
}
},
"fips_security_level": {
"Level": {
"Level 1": 2,
"level 1": 1
}
},
"hash_function": {
"PBKDF": {
"PBKDF2": 15
},
"SHA": {
"SHA1": {
"SHA-1": 19,
"SHA1": 1
},
"SHA3": {
"SHA-3": 4,
"SHA3-224": 13,
"SHA3-256": 14,
"SHA3-384": 15,
"SHA3-512": 14
}
}
},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {
"PRNG": {
"DRBG": 15
},
"RNG": {
"RNG": 1
}
},
"side_channel_analysis": {},
"standard_id": {
"FIPS": {
"FIPS 140-3": 54,
"FIPS 180-4": 1,
"FIPS 186-4": 8,
"FIPS 197": 1,
"FIPS 198-1": 1,
"FIPS 202": 1,
"FIPS PUB 140-3": 2,
"FIPS180-4": 1,
"FIPS186-4": 2,
"FIPS197": 9,
"FIPS198-1": 1,
"FIPS202": 2
},
"ISO": {
"ISO/IEC 24759": 2
},
"NIST": {
"SP 800-132": 8,
"SP 800-140B": 1,
"SP 800-185": 1,
"SP 800-38A": 2,
"SP 800-38B": 1,
"SP 800-38C": 1,
"SP 800-38D": 1,
"SP 800-38E": 2,
"SP 800-38F": 1,
"SP 800-52": 1,
"SP 800-57": 1
},
"PKCS": {
"PKCS#1": 6
},
"RFC": {
"RFC 3526": 3,
"RFC 7919": 3,
"RFC 8446": 2
}
},
"symmetric_crypto": {
"AES_competition": {
"AES": {
"AES": 47,
"AES-": 4,
"AES-128": 3,
"AES-192": 2,
"AES-256": 2
},
"CAST": {
"CAST": 2
}
},
"constructions": {
"MAC": {
"CMAC": 6,
"HMAC": 22,
"KMAC": 8
}
}
},
"tee_name": {
"IBM": {
"SSC": 3
}
},
"tls_cipher_suite": {},
"vendor": {},
"vulnerability": {}
},
"policy_metadata": {
"/CreationDate": "D:20240823190518Z00\u002700\u0027",
"/ModDate": "D:20240823190518Z00\u002700\u0027",
"/Producer": "macOS Version 13.6.9 (Build 22G830) Quartz PDFContext",
"pdf_file_size_bytes": 842224,
"pdf_hyperlinks": {
"_type": "Set",
"elements": [
"https://tools.ietf.org/html/rfc7919.txt",
"http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-90Ar1.pdf",
"https://www.ietf.org/rfc/rfc8446.txt",
"http://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38c.pdf",
"http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-38F.pdf",
"http://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-4.pdf",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-57pt1r5.pdf",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-133r2.pdf",
"https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.202.pdf",
"http://www.ietf.org/rfc/rfc3447.txt",
"http://www.atsec.com/",
"https://csrc.nist.gov/publications/nistpubs/800-132/nist-sp800-132.pdf",
"http://www.juniper.net/",
"http://csrc.nist.gov/publications/nistpubs/800-38B/SP_800-38B.pdf",
"http://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.180-4.pdf",
"http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-52r2.pdf",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-108r1.pdf",
"http://csrc.nist.gov/publications/nistpubs/800-38E/nist-sp-800-38E.pdf",
"http://csrc.nist.gov/publications/nistpubs/800-38a/sp800-38a.pdf",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-56Cr2.pdf",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-185.pdf",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-131Ar2.pdf",
"http://csrc.nist.gov/publications/fips/fips198-1/FIPS-198-1_final.pdf",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-56Ar3.pdf",
"https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38a-add.pdf",
"https://webstore.ansi.org/standards/ascx9/ansix9632001",
"https://www.ietf.org/rfc/rfc3526.txt",
"http://csrc.nist.gov/publications/nistpubs/800-38D/SP-800-38D.pdf",
"https://webstore.ansi.org/standards/ascx9/ansix9422001"
]
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 45
}
},
"state": {
"_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
"module_download_ok": true,
"module_extract_ok": true,
"policy_convert_ok": true,
"policy_download_ok": true,
"policy_extract_ok": true,
"policy_json_hash": null,
"policy_pdf_hash": "5d06e03e0bbb46798ac7eca69bada9458ff097ea72c09018fb52bc031cda376f",
"policy_txt_hash": "2f13658b69691487039f6039cc8e19170abf686fc1609ec242e280b671f9867f"
},
"web_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
"caveat": "Interim Validation. When operated in approved mode with module Junos\u00ae OS Evolved Kernel Cryptographic Module version 2.0 validated to FIPS 140-3 under Cert. #4776 operating in the Approved mode. When installed, initialized and configured as specified in section 11 of the Security Policy. The module generates cryptographic keys whose strengths are modified by available entropy",
"certificate_pdf_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/September 2024_011024_0217.pdf",
"date_sunset": "2026-09-02",
"description": "The Junos\u00ae OS Evolved OpenSSL Cryptographic Module provides a C language application program interface (API) for use by other applications that require cryptographic functionality.",
"embodiment": "Multi-Chip Stand Alone",
"exceptions": [
"Physical security: N/A",
"Non-invasive security: N/A"
],
"fw_versions": null,
"historical_reason": null,
"hw_versions": null,
"level": 1,
"mentioned_certs": {
"4776": 1
},
"module_name": "Junos\u00ae OS Evolved OpenSSL Cryptographic Module",
"module_type": "Software",
"revoked_link": null,
"revoked_reason": null,
"standard": "FIPS 140-3",
"status": "active",
"sw_versions": "3.0.8",
"tested_conf": [
"Junos\u00ae OS Evolved version 22.4 running on Juniper Networks\u00ae Packet Transport Router Model PTX10001-36MR with Intel\u00ae Xeon\u00ae D-2163IT with PAA",
"Junos\u00ae OS Evolved version 22.4 running on Juniper Networks\u00ae Packet Transport Router Model PTX10001-36MR with Intel\u00ae Xeon\u00ae D-2163IT without PAA"
],
"validation_history": [
{
"_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
"date": "2024-09-03",
"lab": "atsec information security corporation",
"validation_type": "Initial"
}
],
"vendor": "Juniper Networks, Inc.",
"vendor_url": "http://www.juniper.net"
}
}