This page was not yet optimized for use on mobile devices.
Junos® OS Evolved OpenSSL Cryptographic Module
Certificate #4775
Webpage information ?
Security policy ?
Symmetric Algorithms
AES, AES-128, AES-192, AES-256, AES-, CAST, HMAC, KMAC, CMACAsymmetric Algorithms
ECDH, ECDSA, ECC, DH, Diffie-HellmanHash functions
SHA-1, SHA1, SHA-3, SHA3-224, SHA3-256, SHA3-384, SHA3-512, PBKDF2Schemes
MAC, Key Exchange, Key AgreementProtocols
SSH, TLS 1.2, TLS v1.2, TLS 1.3, TLS v1.3, TLS, IKERandomness
DRBG, RNGLibraries
OpenSSLElliptic Curves
P-224, P-256, P-384, P-521, B-233, B-283, B-409, B-571, K-233, K-283, K-409, K-571Block cipher modes
ECB, CBC, CTR, CFB, OFB, GCM, CCM, XTSTrusted Execution Environments
SSCSecurity level
Level 1, level 1Standards
FIPS 140-3, FIPS PUB 140-3, FIPS180-4, FIPS202, FIPS197, FIPS198-1, FIPS186-4, FIPS 186-4, FIPS 180-4, FIPS 197, FIPS 198-1, FIPS 202, SP 800-132, SP 800-38E, SP 800-38A, SP 800-38B, SP 800-38C, SP 800-38D, SP 800-38F, SP 800-52, SP 800-57, SP 800-140B, SP 800-185, PKCS#1, RFC 8446, RFC 3526, RFC 7919, ISO/IEC 24759File metadata
| Creation date | D:20240823190518Z00'00' |
|---|---|
| Modification date | D:20240823190518Z00'00' |
| Pages | 45 |
| Producer | macOS Version 13.6.9 (Build 22G830) Quartz PDFContext |
References
Outgoing- 4776 - active - Junos® OS Evolved Kernel Cryptographic Module
Heuristics ?
No heuristics are available for this certificate.
References ?
Updates ?
-
18.11.2024 The certificate data changed.
Certificate changed
The computed heuristics were updated.
- The policy_processed_references property was updated, with the
{'directly_referenced_by': {'__add__': {'_type': 'Set', 'elements': ['4878']}}, 'indirectly_referenced_by': {'__add__': {'_type': 'Set', 'elements': ['4878']}}}data. - The module_processed_references property was updated, with the
{'directly_referenced_by': {'__add__': {'_type': 'Set', 'elements': ['4878']}}, 'indirectly_referenced_by': {'__add__': {'_type': 'Set', 'elements': ['4878']}}}data.
- The policy_processed_references property was updated, with the
-
14.10.2024 The certificate data changed.
Certificate changed
The web extraction data was updated.
- The certificate_pdf_url property was set to
https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/September 2024_011024_0217.pdf.
- The certificate_pdf_url property was set to
-
08.10.2024 The certificate data changed.
Certificate changed
The computed heuristics were updated.
- The policy_processed_references property was updated, with the
{'directly_referenced_by': {'__add__': {'_type': 'Set', 'elements': ['4820']}}, 'indirectly_referenced_by': {'__add__': {'_type': 'Set', 'elements': ['4820']}}}data. - The module_processed_references property was updated, with the
{'directly_referenced_by': {'__add__': {'_type': 'Set', 'elements': ['4820']}}, 'indirectly_referenced_by': {'__add__': {'_type': 'Set', 'elements': ['4820']}}}data.
- The policy_processed_references property was updated, with the
-
09.09.2024 The certificate was first processed.
New certificate
A new FIPS 140 certificate with the product name was processed.
Raw data
{
"_type": "sec_certs.sample.fips.FIPSCertificate",
"cert_id": 4775,
"dgst": "32b39bf12b85ca3a",
"heuristics": {
"_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
"algorithms": {
"_type": "Set",
"elements": [
"ECDSA SigVer (FIPS186-4)A4249",
"HMAC-SHA2-512/224A4249",
"SHA2-256A4249",
"AES-CFB128A4231",
"HMAC-SHA3-512A4236",
"AES-ECBA4235",
"ECDSA KeyGen (FIPS186-4)A4249",
"HMAC-SHA-1A4249",
"HMAC-SHA3-224A4236",
"SHA-1A4249",
"AES-CFB8A4231",
"AES-CBC-CS1A4231",
"AES-GCMA4245",
"AES-CCMA4231",
"HMAC-SHA3-384A4236",
"SHA3-512A4236",
"AES-CBCA4231",
"SHA2-224A4249",
"HMAC-SHA2-384A4249",
"KMAC-256A4236",
"AES-XTS Testing Revision 2.0A4231",
"HMAC DRBGA3599",
"AES-KWPA4231",
"SHA2-512/256A4249",
"ECDSA SigGen (FIPS186-4)A4249",
"HMAC-SHA2-512/256A4249",
"KMAC-128A4236",
"KAS-FFC-SSC Sp800-56Ar3A4251",
"RSA SigVer (FIPS186-4)A4249",
"SHA3-224A4236",
"AES-CBC-CS3A4231",
"Safe Primes Key VerificationA4251",
"KDA OneStep SP800-56Cr2A4224",
"RSA SigGen (FIPS186-4)A4249",
"SHA2-512A4249",
"SHAKE-256A4236",
"TLS v1.2 KDF RFC7627A4249",
"KAS-ECC-SSC Sp800-56Ar3A4249",
"HMAC-SHA2-512A4249",
"KDF SSHA4235",
"AES-CFB1A4231",
"SHA3-256A4236",
"AES-KWA4231",
"Safe Primes Key GenerationA4251",
"PBKDFA4249",
"AES-OFBA4231",
"SHAKE-128A4236",
"KDF ANS 9.42A4249",
"AES-CTRA4231",
"AES-GMACA4245",
"HMAC-SHA2-256A4249",
"SHA2-384A4249",
"HMAC-SHA3-256A4236",
"SHA2-512/224A4249",
"KDF ANS 9.63A4249",
"AES-CMACA4231",
"RSA KeyGen (FIPS186-4)A4249",
"KDA HKDF Sp800-56Cr1A4228",
"KDF SP800-108A4250",
"Counter DRBGA3599",
"SHA3-384A4236",
"TLS v1.3 KDFA4228",
"HMAC-SHA2-224A4249",
"AES-CBC-CS2A4231",
"ECDSA KeyVer (FIPS186-4)A4249",
"Hash DRBGA3601"
]
},
"cpe_matches": null,
"direct_transitive_cves": null,
"extracted_versions": {
"_type": "Set",
"elements": [
"-"
]
},
"indirect_transitive_cves": null,
"module_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": {
"_type": "Set",
"elements": [
"4820",
"4776",
"4878"
]
},
"directly_referencing": {
"_type": "Set",
"elements": [
"4776"
]
},
"indirectly_referenced_by": {
"_type": "Set",
"elements": [
"4820",
"4775",
"4776",
"4878"
]
},
"indirectly_referencing": {
"_type": "Set",
"elements": [
"4776",
"4775"
]
}
},
"module_prunned_references": {
"_type": "Set",
"elements": [
"4776"
]
},
"policy_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": {
"_type": "Set",
"elements": [
"4820",
"4776",
"4878"
]
},
"directly_referencing": {
"_type": "Set",
"elements": [
"4776"
]
},
"indirectly_referenced_by": {
"_type": "Set",
"elements": [
"4820",
"4775",
"4776",
"4878"
]
},
"indirectly_referencing": {
"_type": "Set",
"elements": [
"4776",
"4775"
]
}
},
"policy_prunned_references": {
"_type": "Set",
"elements": [
"4776"
]
},
"related_cves": null,
"verified_cpe_matches": null
},
"pdf_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
"keywords": {
"asymmetric_crypto": {
"ECC": {
"ECC": {
"ECC": 2
},
"ECDH": {
"ECDH": 39
},
"ECDSA": {
"ECDSA": 13
}
},
"FF": {
"DH": {
"DH": 50,
"Diffie-Hellman": 8
}
}
},
"certification_process": {},
"cipher_mode": {
"CBC": {
"CBC": 5
},
"CCM": {
"CCM": 5
},
"CFB": {
"CFB": 1
},
"CTR": {
"CTR": 4
},
"ECB": {
"ECB": 6
},
"GCM": {
"GCM": 14
},
"OFB": {
"OFB": 4
},
"XTS": {
"XTS": 8
}
},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {
"OpenSSL": {
"OpenSSL": 50
}
},
"crypto_protocol": {
"IKE": {
"IKE": 5
},
"SSH": {
"SSH": 22
},
"TLS": {
"TLS": {
"TLS": 8,
"TLS 1.2": 21,
"TLS 1.3": 20,
"TLS v1.2": 1,
"TLS v1.3": 1
}
}
},
"crypto_scheme": {
"KA": {
"Key Agreement": 2
},
"KEX": {
"Key Exchange": 2
},
"MAC": {
"MAC": 25
}
},
"device_model": {},
"ecc_curve": {
"NIST": {
"B-233": 5,
"B-283": 4,
"B-409": 4,
"B-571": 4,
"K-233": 4,
"K-283": 4,
"K-409": 4,
"K-571": 4,
"P-224": 10,
"P-256": 10,
"P-384": 8,
"P-521": 8
}
},
"eval_facility": {
"atsec": {
"atsec": 3
}
},
"fips_cert_id": {
"Cert": {
"#4776": 1
}
},
"fips_certlike": {
"Certlike": {
"AES key 128, 192": 1,
"AES-128": 3,
"AES-192": 2,
"AES-256": 2,
"HMAC SHA-1": 3,
"HMAC-SHA1": 2,
"PKCS#1": 10,
"RSA PKCS#1": 2,
"SHA- 1": 1,
"SHA-1": 19,
"SHA-3": 4,
"SHA1": 1,
"SHA2- 224": 2,
"SHA2- 256": 7,
"SHA2- 384": 2,
"SHA2- 512": 3,
"SHA2-224": 16,
"SHA2-256": 33,
"SHA2-384": 18,
"SHA2-512": 19,
"SHA2-512 224": 3,
"SHA3- 224": 2,
"SHA3- 256": 3,
"SHA3- 512": 2,
"SHA3-224": 13,
"SHA3-256": 14,
"SHA3-384": 15,
"SHA3-512": 13,
"SHA3-512 224": 1
}
},
"fips_security_level": {
"Level": {
"Level 1": 2,
"level 1": 1
}
},
"hash_function": {
"PBKDF": {
"PBKDF2": 15
},
"SHA": {
"SHA1": {
"SHA-1": 19,
"SHA1": 1
},
"SHA3": {
"SHA-3": 4,
"SHA3-224": 13,
"SHA3-256": 14,
"SHA3-384": 15,
"SHA3-512": 14
}
}
},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {
"PRNG": {
"DRBG": 15
},
"RNG": {
"RNG": 1
}
},
"side_channel_analysis": {},
"standard_id": {
"FIPS": {
"FIPS 140-3": 54,
"FIPS 180-4": 1,
"FIPS 186-4": 8,
"FIPS 197": 1,
"FIPS 198-1": 1,
"FIPS 202": 1,
"FIPS PUB 140-3": 2,
"FIPS180-4": 1,
"FIPS186-4": 2,
"FIPS197": 9,
"FIPS198-1": 1,
"FIPS202": 2
},
"ISO": {
"ISO/IEC 24759": 2
},
"NIST": {
"SP 800-132": 8,
"SP 800-140B": 1,
"SP 800-185": 1,
"SP 800-38A": 2,
"SP 800-38B": 1,
"SP 800-38C": 1,
"SP 800-38D": 1,
"SP 800-38E": 2,
"SP 800-38F": 1,
"SP 800-52": 1,
"SP 800-57": 1
},
"PKCS": {
"PKCS#1": 6
},
"RFC": {
"RFC 3526": 3,
"RFC 7919": 3,
"RFC 8446": 2
}
},
"symmetric_crypto": {
"AES_competition": {
"AES": {
"AES": 47,
"AES-": 4,
"AES-128": 3,
"AES-192": 2,
"AES-256": 2
},
"CAST": {
"CAST": 2
}
},
"constructions": {
"MAC": {
"CMAC": 6,
"HMAC": 22,
"KMAC": 8
}
}
},
"tee_name": {
"IBM": {
"SSC": 3
}
},
"tls_cipher_suite": {},
"vendor": {},
"vulnerability": {}
},
"policy_metadata": {
"/CreationDate": "D:20240823190518Z00\u002700\u0027",
"/ModDate": "D:20240823190518Z00\u002700\u0027",
"/Producer": "macOS Version 13.6.9 (Build 22G830) Quartz PDFContext",
"pdf_file_size_bytes": 842224,
"pdf_hyperlinks": {
"_type": "Set",
"elements": [
"http://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-4.pdf",
"https://webstore.ansi.org/standards/ascx9/ansix9422001",
"https://csrc.nist.gov/publications/nistpubs/800-132/nist-sp800-132.pdf",
"http://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.180-4.pdf",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-56Cr2.pdf",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-52r2.pdf",
"http://csrc.nist.gov/publications/nistpubs/800-38D/SP-800-38D.pdf",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-131Ar2.pdf",
"http://csrc.nist.gov/publications/nistpubs/800-38B/SP_800-38B.pdf",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-56Ar3.pdf",
"http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-90Ar1.pdf",
"http://csrc.nist.gov/publications/nistpubs/800-38a/sp800-38a.pdf",
"https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.202.pdf",
"https://www.ietf.org/rfc/rfc8446.txt",
"http://www.ietf.org/rfc/rfc3447.txt",
"http://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38c.pdf",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-133r2.pdf",
"https://tools.ietf.org/html/rfc7919.txt",
"http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf",
"https://www.ietf.org/rfc/rfc3526.txt",
"https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38a-add.pdf",
"http://www.atsec.com/",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-57pt1r5.pdf",
"http://csrc.nist.gov/publications/fips/fips198-1/FIPS-198-1_final.pdf",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-108r1.pdf",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-185.pdf",
"http://www.juniper.net/",
"https://webstore.ansi.org/standards/ascx9/ansix9632001",
"http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-38F.pdf",
"http://csrc.nist.gov/publications/nistpubs/800-38E/nist-sp-800-38E.pdf"
]
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 45
}
},
"state": {
"_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
"module_download_ok": true,
"module_extract_ok": true,
"policy_convert_garbage": false,
"policy_convert_ok": true,
"policy_download_ok": true,
"policy_extract_ok": true,
"policy_pdf_hash": "5d06e03e0bbb46798ac7eca69bada9458ff097ea72c09018fb52bc031cda376f",
"policy_txt_hash": "2f13658b69691487039f6039cc8e19170abf686fc1609ec242e280b671f9867f"
},
"web_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
"caveat": "Interim Validation. When operated in approved mode with module Junos\u00ae OS Evolved Kernel Cryptographic Module version 2.0 validated to FIPS 140-3 under Cert. #4776 operating in the Approved mode. When installed, initialized and configured as specified in section 11 of the Security Policy. The module generates cryptographic keys whose strengths are modified by available entropy",
"certificate_pdf_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/September 2024_011024_0217.pdf",
"date_sunset": "2026-09-02",
"description": "The Junos\u00ae OS Evolved OpenSSL Cryptographic Module provides a C language application program interface (API) for use by other applications that require cryptographic functionality.",
"embodiment": "Multi-Chip Stand Alone",
"exceptions": [
"Physical security: N/A",
"Non-invasive security: N/A",
"Documentation requirements: N/A",
"Cryptographic module security policy: N/A"
],
"fw_versions": null,
"historical_reason": null,
"hw_versions": null,
"level": 1,
"mentioned_certs": {
"4776": 1
},
"module_name": "Junos\u00ae OS Evolved OpenSSL Cryptographic Module",
"module_type": "Software",
"revoked_link": null,
"revoked_reason": null,
"standard": "FIPS 140-3",
"status": "active",
"sw_versions": "3.0.8",
"tested_conf": [
"Junos\u00ae OS Evolved version 22.4 running on Juniper Networks\u00ae Packet Transport Router Model PTX10001-36MR with Intel\u00ae Xeon\u00ae D-2163IT with PAA",
"Junos\u00ae OS Evolved version 22.4 running on Juniper Networks\u00ae Packet Transport Router Model PTX10001-36MR with Intel\u00ae Xeon\u00ae D-2163IT without PAA"
],
"validation_history": [
{
"_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
"date": "2024-09-03",
"lab": "ATSEC INFORMATION SECURITY CORP",
"validation_type": "Initial"
}
],
"vendor": "Juniper Networks, Inc.",
"vendor_url": "http://www.juniper.net"
}
}