This page was not yet optimized for use on mobile devices.
Junos® OS Evolved OpenSSL Cryptographic Module
Certificate #4775
Webpage information ?
Security policy ?
Symmetric Algorithms
AES, AES-128, AES-192, AES-256, AES-, CAST, HMAC, KMAC, CMACAsymmetric Algorithms
ECDH, ECDSA, ECC, DH, Diffie-HellmanHash functions
SHA-1, SHA1, SHA-3, SHA3-224, SHA3-256, SHA3-384, SHA3-512, PBKDF2Schemes
MAC, Key Exchange, Key AgreementProtocols
SSH, TLS 1.2, TLS v1.2, TLS 1.3, TLS v1.3, TLS, IKERandomness
DRBG, RNGLibraries
OpenSSLElliptic Curves
P-224, P-256, P-384, P-521, B-233, B-283, B-409, B-571, K-233, K-283, K-409, K-571Block cipher modes
ECB, CBC, CTR, CFB, OFB, GCM, CCM, XTSTrusted Execution Environments
SSCSecurity level
Level 1, level 1Standards
FIPS 140-3, FIPS PUB 140-3, FIPS180-4, FIPS202, FIPS197, FIPS198-1, FIPS186-4, FIPS 186-4, FIPS 180-4, FIPS 197, FIPS 198-1, FIPS 202, SP 800-132, SP 800-38E, SP 800-38A, SP 800-38B, SP 800-38C, SP 800-38D, SP 800-38F, SP 800-52, SP 800-57, SP 800-140B, SP 800-185, PKCS#1, RFC 8446, RFC 3526, RFC 7919, ISO/IEC 24759File metadata
| Creation date | D:20240823190518Z00'00' |
|---|---|
| Modification date | D:20240823190518Z00'00' |
| Pages | 45 |
| Producer | macOS Version 13.6.9 (Build 22G830) Quartz PDFContext |
References
Outgoing- 4776 - active - Junos® OS Evolved Kernel Cryptographic Module
- 4776 - active - Junos® OS Evolved Kernel Cryptographic Module
Heuristics ?
No heuristics are available for this certificate.
References ?
Updates ?
-
09.09.2024 The certificate was first processed.
New certificate
A new FIPS 140 certificate with the product name was processed.
Raw data
{
"_type": "sec_certs.sample.fips.FIPSCertificate",
"cert_id": 4775,
"dgst": "32b39bf12b85ca3a",
"heuristics": {
"_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
"algorithms": {
"_type": "Set",
"elements": [
"AES-CTRA4231",
"KDF SSHA4235",
"KDF ANS 9.63A4249",
"AES-GMACA4245",
"SHA3-384A4236",
"KAS-ECC-SSC Sp800-56Ar3A4249",
"Safe Primes Key GenerationA4251",
"SHAKE-128A4236",
"SHA3-512A4236",
"AES-CFB8A4231",
"TLS v1.3 KDFA4228",
"AES-CBC-CS3A4231",
"HMAC-SHA3-384A4236",
"KDF ANS 9.42A4249",
"Counter DRBGA3599",
"HMAC-SHA2-384A4249",
"HMAC-SHA2-256A4249",
"AES-KWA4231",
"AES-OFBA4231",
"AES-CFB1A4231",
"SHA2-224A4249",
"SHA2-384A4249",
"SHA2-512/256A4249",
"PBKDFA4249",
"SHAKE-256A4236",
"AES-CCMA4231",
"Hash DRBGA3601",
"SHA2-512A4249",
"RSA KeyGen (FIPS186-4)A4249",
"SHA2-512/224A4249",
"HMAC-SHA2-224A4249",
"AES-CMACA4231",
"AES-GCMA4245",
"KMAC-256A4236",
"KAS-FFC-SSC Sp800-56Ar3A4251",
"AES-CBC-CS1A4231",
"KDA HKDF Sp800-56Cr1A4228",
"AES-CBCA4231",
"RSA SigGen (FIPS186-4)A4249",
"AES-CBC-CS2A4231",
"ECDSA SigVer (FIPS186-4)A4249",
"KDF SP800-108A4250",
"HMAC-SHA2-512/256A4249",
"HMAC-SHA3-224A4236",
"ECDSA KeyGen (FIPS186-4)A4249",
"HMAC-SHA3-256A4236",
"HMAC-SHA2-512/224A4249",
"HMAC-SHA-1A4249",
"ECDSA SigGen (FIPS186-4)A4249",
"KDA OneStep SP800-56Cr2A4224",
"SHA-1A4249",
"Safe Primes Key VerificationA4251",
"HMAC-SHA3-512A4236",
"SHA3-224A4236",
"HMAC-SHA2-512A4249",
"SHA2-256A4249",
"AES-KWPA4231",
"RSA SigVer (FIPS186-4)A4249",
"AES-ECBA4235",
"HMAC DRBGA3599",
"AES-CFB128A4231",
"KMAC-128A4236",
"ECDSA KeyVer (FIPS186-4)A4249",
"TLS v1.2 KDF RFC7627A4249",
"SHA3-256A4236",
"AES-XTS Testing Revision 2.0A4231"
]
},
"cpe_matches": null,
"direct_transitive_cves": null,
"extracted_versions": {
"_type": "Set",
"elements": [
"-"
]
},
"indirect_transitive_cves": null,
"module_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": {
"_type": "Set",
"elements": [
"4776"
]
},
"directly_referencing": {
"_type": "Set",
"elements": [
"4776"
]
},
"indirectly_referenced_by": {
"_type": "Set",
"elements": [
"4776",
"4775"
]
},
"indirectly_referencing": {
"_type": "Set",
"elements": [
"4776",
"4775"
]
}
},
"module_prunned_references": {
"_type": "Set",
"elements": [
"4776"
]
},
"policy_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": {
"_type": "Set",
"elements": [
"4776"
]
},
"directly_referencing": {
"_type": "Set",
"elements": [
"4776"
]
},
"indirectly_referenced_by": {
"_type": "Set",
"elements": [
"4776",
"4775"
]
},
"indirectly_referencing": {
"_type": "Set",
"elements": [
"4776",
"4775"
]
}
},
"policy_prunned_references": {
"_type": "Set",
"elements": [
"4776"
]
},
"related_cves": null,
"verified_cpe_matches": null
},
"pdf_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
"keywords": {
"asymmetric_crypto": {
"ECC": {
"ECC": {
"ECC": 2
},
"ECDH": {
"ECDH": 39
},
"ECDSA": {
"ECDSA": 13
}
},
"FF": {
"DH": {
"DH": 50,
"Diffie-Hellman": 8
}
}
},
"certification_process": {},
"cipher_mode": {
"CBC": {
"CBC": 5
},
"CCM": {
"CCM": 5
},
"CFB": {
"CFB": 1
},
"CTR": {
"CTR": 4
},
"ECB": {
"ECB": 6
},
"GCM": {
"GCM": 14
},
"OFB": {
"OFB": 4
},
"XTS": {
"XTS": 8
}
},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {
"OpenSSL": {
"OpenSSL": 50
}
},
"crypto_protocol": {
"IKE": {
"IKE": 5
},
"SSH": {
"SSH": 22
},
"TLS": {
"TLS": {
"TLS": 8,
"TLS 1.2": 21,
"TLS 1.3": 20,
"TLS v1.2": 1,
"TLS v1.3": 1
}
}
},
"crypto_scheme": {
"KA": {
"Key Agreement": 2
},
"KEX": {
"Key Exchange": 2
},
"MAC": {
"MAC": 25
}
},
"device_model": {},
"ecc_curve": {
"NIST": {
"B-233": 5,
"B-283": 4,
"B-409": 4,
"B-571": 4,
"K-233": 4,
"K-283": 4,
"K-409": 4,
"K-571": 4,
"P-224": 10,
"P-256": 10,
"P-384": 8,
"P-521": 8
}
},
"eval_facility": {
"atsec": {
"atsec": 3
}
},
"fips_cert_id": {
"Cert": {
"#4776": 1
}
},
"fips_certlike": {
"Certlike": {
"AES key 128, 192": 1,
"AES-128": 3,
"AES-192": 2,
"AES-256": 2,
"HMAC SHA-1": 3,
"HMAC-SHA1": 2,
"PKCS#1": 10,
"RSA PKCS#1": 2,
"SHA- 1": 1,
"SHA-1": 19,
"SHA-3": 4,
"SHA1": 1,
"SHA2- 224": 2,
"SHA2- 256": 7,
"SHA2- 384": 2,
"SHA2- 512": 3,
"SHA2-224": 16,
"SHA2-256": 33,
"SHA2-384": 18,
"SHA2-512": 19,
"SHA2-512 224": 3,
"SHA3- 224": 2,
"SHA3- 256": 3,
"SHA3- 512": 2,
"SHA3-224": 13,
"SHA3-256": 14,
"SHA3-384": 15,
"SHA3-512": 13,
"SHA3-512 224": 1
}
},
"fips_security_level": {
"Level": {
"Level 1": 2,
"level 1": 1
}
},
"hash_function": {
"PBKDF": {
"PBKDF2": 15
},
"SHA": {
"SHA1": {
"SHA-1": 19,
"SHA1": 1
},
"SHA3": {
"SHA-3": 4,
"SHA3-224": 13,
"SHA3-256": 14,
"SHA3-384": 15,
"SHA3-512": 14
}
}
},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {
"PRNG": {
"DRBG": 15
},
"RNG": {
"RNG": 1
}
},
"side_channel_analysis": {},
"standard_id": {
"FIPS": {
"FIPS 140-3": 54,
"FIPS 180-4": 1,
"FIPS 186-4": 8,
"FIPS 197": 1,
"FIPS 198-1": 1,
"FIPS 202": 1,
"FIPS PUB 140-3": 2,
"FIPS180-4": 1,
"FIPS186-4": 2,
"FIPS197": 9,
"FIPS198-1": 1,
"FIPS202": 2
},
"ISO": {
"ISO/IEC 24759": 2
},
"NIST": {
"SP 800-132": 8,
"SP 800-140B": 1,
"SP 800-185": 1,
"SP 800-38A": 2,
"SP 800-38B": 1,
"SP 800-38C": 1,
"SP 800-38D": 1,
"SP 800-38E": 2,
"SP 800-38F": 1,
"SP 800-52": 1,
"SP 800-57": 1
},
"PKCS": {
"PKCS#1": 6
},
"RFC": {
"RFC 3526": 3,
"RFC 7919": 3,
"RFC 8446": 2
}
},
"symmetric_crypto": {
"AES_competition": {
"AES": {
"AES": 47,
"AES-": 4,
"AES-128": 3,
"AES-192": 2,
"AES-256": 2
},
"CAST": {
"CAST": 2
}
},
"constructions": {
"MAC": {
"CMAC": 6,
"HMAC": 22,
"KMAC": 8
}
}
},
"tee_name": {
"IBM": {
"SSC": 3
}
},
"tls_cipher_suite": {},
"vendor": {},
"vulnerability": {}
},
"policy_metadata": {
"/CreationDate": "D:20240823190518Z00\u002700\u0027",
"/ModDate": "D:20240823190518Z00\u002700\u0027",
"/Producer": "macOS Version 13.6.9 (Build 22G830) Quartz PDFContext",
"pdf_file_size_bytes": 842224,
"pdf_hyperlinks": {
"_type": "Set",
"elements": [
"http://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-4.pdf",
"https://www.ietf.org/rfc/rfc3526.txt",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-56Ar3.pdf",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-185.pdf",
"https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38a-add.pdf",
"http://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.180-4.pdf",
"https://tools.ietf.org/html/rfc7919.txt",
"http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-38F.pdf",
"http://csrc.nist.gov/publications/nistpubs/800-38D/SP-800-38D.pdf",
"http://www.ietf.org/rfc/rfc3447.txt",
"http://csrc.nist.gov/publications/nistpubs/800-38E/nist-sp-800-38E.pdf",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-52r2.pdf",
"http://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38c.pdf",
"http://www.juniper.net/",
"http://csrc.nist.gov/publications/fips/fips198-1/FIPS-198-1_final.pdf",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-56Cr2.pdf",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-108r1.pdf",
"https://webstore.ansi.org/standards/ascx9/ansix9422001",
"https://csrc.nist.gov/publications/nistpubs/800-132/nist-sp800-132.pdf",
"http://csrc.nist.gov/publications/nistpubs/800-38a/sp800-38a.pdf",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-133r2.pdf",
"http://www.atsec.com/",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-57pt1r5.pdf",
"https://www.ietf.org/rfc/rfc8446.txt",
"http://csrc.nist.gov/publications/nistpubs/800-38B/SP_800-38B.pdf",
"http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-131Ar2.pdf",
"https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.202.pdf",
"http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-90Ar1.pdf",
"https://webstore.ansi.org/standards/ascx9/ansix9632001"
]
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 45
}
},
"state": {
"_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
"module_download_ok": true,
"module_extract_ok": true,
"policy_convert_garbage": false,
"policy_convert_ok": true,
"policy_download_ok": true,
"policy_extract_ok": true,
"policy_pdf_hash": "5d06e03e0bbb46798ac7eca69bada9458ff097ea72c09018fb52bc031cda376f",
"policy_txt_hash": "2f13658b69691487039f6039cc8e19170abf686fc1609ec242e280b671f9867f"
},
"web_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
"caveat": "Interim Validation. When operated in approved mode with module Junos\u00ae OS Evolved Kernel Cryptographic Module version 2.0 validated to FIPS 140-3 under Cert. #4776 operating in the Approved mode. When installed, initialized and configured as specified in section 11 of the Security Policy. The module generates cryptographic keys whose strengths are modified by available entropy",
"certificate_pdf_url": null,
"date_sunset": "2026-09-02",
"description": "The Junos\u00ae OS Evolved OpenSSL Cryptographic Module provides a C language application program interface (API) for use by other applications that require cryptographic functionality.",
"embodiment": "Multi-Chip Stand Alone",
"exceptions": [
"Physical security: N/A",
"Non-invasive security: N/A",
"Documentation requirements: N/A",
"Cryptographic module security policy: N/A"
],
"fw_versions": null,
"historical_reason": null,
"hw_versions": null,
"level": 1,
"mentioned_certs": {
"4776": 1
},
"module_name": "Junos\u00ae OS Evolved OpenSSL Cryptographic Module",
"module_type": "Software",
"revoked_link": null,
"revoked_reason": null,
"standard": "FIPS 140-3",
"status": "active",
"sw_versions": "3.0.8",
"tested_conf": [
"Junos\u00ae OS Evolved version 22.4 running on Juniper Networks\u00ae Packet Transport Router Model PTX10001-36MR with Intel\u00ae Xeon\u00ae D-2163IT with PAA",
"Junos\u00ae OS Evolved version 22.4 running on Juniper Networks\u00ae Packet Transport Router Model PTX10001-36MR with Intel\u00ae Xeon\u00ae D-2163IT without PAA"
],
"validation_history": [
{
"_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
"date": "2024-09-03",
"lab": "ATSEC INFORMATION SECURITY CORP",
"validation_type": "Initial"
}
],
"vendor": "Juniper Networks, Inc.",
"vendor_url": "http://www.juniper.net"
}
}