This page was not yet optimized for use on mobile devices.

AWS OpenSSL FIPS Provider

Certificate #4490

Webpage information

Status	active
Validation dates	26.04.2023 , 26.07.2023 , 20.10.2025
Sunset date	21-09-2026
Standard	FIPS 140-2
Security level	1
Type	Software
Embodiment	Multi-Chip Stand Alone
Caveat	When operated in FIPS mode. No assurance of the minimum strength of generated keys.
Exceptions	Physical Security: N/A Design Assurance: Level 3
Description	The Module is a software library providing a C-language application program interface (API) for use by applications that require cryptographic functionality. The Module is classified under FIPS 140-2 as a software module, with a multi-chip standalone module embodiment. The physical cryptographic boundary is the general-purpose computer on which the module is installed.
Tested configurations	Amazon Linux 2 on Intel Xeon Platinum 8275CL (Cascade Lake) with PAA Amazon Linux 2 on Intel Xeon Platinum 8275CL (Cascade Lake) without PAA Amazon Linux 2 running on AWS EC2 c6g instance with AWS Graviton 2 with PAA Amazon Linux 2 running on AWS EC2 c6g instance with AWS Graviton 2 without PAA Amazon Linux 2 running on AWS EC2 c7g instance with AWS Graviton 3 with PAA Amazon Linux 2 running on AWS EC2 c7g instance with AWS Graviton 3 without PAA Amazon Linux 2023 on Intel Xeon Platinum 8275CL (Cascade Lake) with PAA Amazon Linux 2023 on Intel Xeon Platinum 8275CL (Cascade Lake) without PAA Amazon Linux 2023 running on AWS EC2 c6g instance with AWS Graviton 2 with PAA Amazon Linux 2023 running on AWS EC2 c6g instance with AWS Graviton 2 without PAA Amazon Linux 2023 running on AWS EC2 c7g instance with AWS Graviton 3 with PAA Amazon Linux 2023 running on AWS EC2 c7g instance with AWS Graviton 3 without PAA Debian 11.5 running on Dell Inspiron 7591 with Intel i7(x64) with PAA Debian 11.5 running on Dell Inspiron 7591 with Intel i7(x64) without PAA FreeBSD 13.1 running on Dell Inspiron 7591 with Intel i7(x64) with PAA FreeBSD 13.1 running on Dell Inspiron 7591 with Intel i7(x64) without PAA macOS 11.5.2 running on Apple i7 Mac Mini with Intel i7(x64) with PAA macOS 11.5.2 running on Apple i7 Mac Mini with Intel i7(x64) without PAA macOS 11.5.2 running on Apple M1 Mac Mini with M1 with PAA macOS 11.5.2 running on Apple M1 Mac Mini with M1 without PAA Ubuntu Linux 22.04.1 LTS running on Dell Inspiron 7591 with Intel i7(x64) with PAA Ubuntu Linux 22.04.1 LTS running on Dell Inspiron 7591 with Intel i7(x64) without PAA Windows 10 running on Dell Inspiron 7591 with Intel i7(x64) with PAA Windows 10 running on Dell Inspiron 7591 with Intel i7(x64) without PAA (single-user mode)
Vendor	Amazon Web Services, Inc.
References	This certificate's webpage directly references 0 certificates, transitively this expands into 0 certificates.

Certificate

Webpage

Security policy

Security target PDF TXT

Symmetric Algorithms

AES, AES128, AES192, AES256, AES-128, AES-192, AES-256, Triple-DES, TDES, TDEA, HMAC, KMAC, CMAC

Asymmetric Algorithms

RSA-OAEP, ECDH, ECDSA, ECC, DH, Diffie-Hellman, DSA

Hash functions

SHA-1, SHA-224, SHA-2, SHA-3, SHA-3-224, SHA3-224, SHA-3-256, Keccak, PBKDF2, PBKDF

Schemes

Key Agreement

Protocols

SSHv2, TLS 1.2, TLS 1.3, TLS v1.3, TLS, TLS v1.2

Randomness

DRBG

Libraries

OpenSSL

Elliptic Curves

P-224, P-192, P-256, K-233, B-233, K-163, B-163, Ed25519, Ed448

Block cipher modes

ECB, CBC, CTR, CFB, OFB, GCM, CCM, XTS

JavaCard API constants

X25519, X448

Vendor

Microsoft, Microsoft Corporation

Security level

Level 1

Side-channel analysis

side-channel, timing attacks

Standards

FIPS 140-2, FIPS 140, FIPS 197, FIPS 186-4, FIPS 202, FIPS 180-4, FIPS 198-1, SP 800-135, SP 800-38A, SP 800-38B, SP 800-38C, SP 800-38D, SP 800-38F, SP 800-38E, SP 800-132, SP 800-108, SP 800-185, SP 800-90, NIST SP 800-133, NIST SP 800-38D, PKCS 1, PKCS#1, RFC 8446, RFC 5288, RFC 5246

File metadata

Author	Chaithanya Chilukuri
Creation date	D:20250922192108+05'30'
Modification date	D:20250922192108+05'30'
Pages	40
Creator	Microsoft® Word for Microsoft 365
Producer	Microsoft® Word for Microsoft 365

Heuristics

No heuristics are available for this certificate.

References

No references are available for this certificate.

Updates Feed

15.12.2025

The certificate data changed.
Certificate changed

The state was updated.

The following values were inserted: {'policy_json_hash': None}.

The following properties were deleted: ['policy_convert_garbage'].
27.10.2025

The certificate data changed.
Certificate changed

The web extraction data was updated.

The validation_history property was updated, with the [[2, {'_type': 'sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry', 'date': '2025-10-20', 'validation_type': 'Update', 'lab': 'Acumen Security'}]] values inserted.

The description property was set to The Module is a software library providing a C-language application program interface (API) for use by applications that require cryptographic functionality. The Module is classified under FIPS 140-2 as a software module, with a multi-chip standalone module embodiment. The physical cryptographic boundary is the general-purpose computer on which the module is installed..

The tested_conf property was updated, with the [[0, 'Amazon Linux 2 on Intel Xeon Platinum 8275CL (Cascade Lake) with PAA'], [1, 'Amazon Linux 2 on Intel Xeon Platinum 8275CL (Cascade Lake) without PAA'], [2, 'Amazon Linux 2 running on AWS EC2 c6g instance with AWS Graviton 2 with PAA'], [3, 'Amazon Linux 2 running on AWS EC2 c6g instance with AWS Graviton 2 without PAA'], [4, 'Amazon Linux 2 running on AWS EC2 c7g instance with AWS Graviton 3 with PAA'], [5, 'Amazon Linux 2 running on AWS EC2 c7g instance with AWS Graviton 3 without PAA'], [6, 'Amazon Linux 2023 on Intel Xeon Platinum 8275CL (Cascade Lake) with PAA'], [7, 'Amazon Linux 2023 on Intel Xeon Platinum 8275CL (Cascade Lake) without PAA'], [8, 'Amazon Linux 2023 running on AWS EC2 c6g instance with AWS Graviton 2 with PAA'], [9, 'Amazon Linux 2023 running on AWS EC2 c6g instance with AWS Graviton 2 without PAA'], [10, 'Amazon Linux 2023 running on AWS EC2 c7g instance with AWS Graviton 3 with PAA'], [11, 'Amazon Linux 2023 running on AWS EC2 c7g instance with AWS Graviton 3 without PAA'], [12, 'Debian 11.5 running on Dell Inspiron 7591 with Intel i7(x64) with PAA'], [13, 'Debian 11.5 running on Dell Inspiron 7591 with Intel i7(x64) without PAA'], [18, 'macOS 11.5.2 running on Apple M1 Mac Mini with M1 with PAA'], [19, 'macOS 11.5.2 running on Apple M1 Mac Mini with M1 without PAA'], [22, 'Windows 10 running on Dell Inspiron 7591 with Intel i7(x64) with PAA'], [23, 'Windows 10 running on Dell Inspiron 7591 with Intel i7(x64) without PAA (single-user mode)']] values inserted.

The sw_versions property was set to 3.0.9.

The PDF extraction data was updated.

The keywords property was updated, with the {'fips_certlike': {'__update__': {'Certlike': {'__update__': {'SHA-2': 3, 'SHA-224': 6, 'SHA2-256': 5, 'SHA3-224': 4}, '__delete__': ['HMAC-SHA-256', 'SHA-1, 256', 'SHA-256', '# A3500']}}}, 'symmetric_crypto': {'__update__': {'constructions': {'__update__': {'MAC': {'__update__': {'HMAC': 12}, '__delete__': ['HMAC-SHA-256']}}}}}, 'hash_function': {'__update__': {'SHA': {'__update__': {'SHA1': {'__update__': {'SHA-1': 15}}, 'SHA2': {'__update__': {'SHA-224': 6, 'SHA-2': 5}, '__delete__': ['SHA-256']}, 'SHA3': {'__update__': {'SHA3-224': 4}}}}}}, 'randomness': {'__update__': {'PRNG': {'__update__': {'DRBG': 19}}}}, 'standard_id': {'__update__': {'NIST': {'__delete__': ['SP 800-90A']}}}} data.

The policy_metadata property was updated, with the {'pdf_file_size_bytes': 4647033, '/CreationDate': "D:20250922192108+05'30'", '/ModDate': "D:20250922192108+05'30'", 'pdf_hyperlinks': {'__discard__': {'_type': 'Set', 'elements': ['https://www.openssl.org/source/openssl-3.0.8.tar.gz.', 'tel:7033759820']}, '__add__': {'_type': 'Set', 'elements': ['mailto:[email protected]', 'https://www.openssl.org/source/openssl-3.0.9.tar.gz']}}} data.

The computed heuristics were updated.

The algorithms property was set to {'_type': 'Set', 'elements': ['PBKDF#A4086', 'ECDSA#A4086', 'RSA#A4086', 'KDA#A6725', 'KAS-SSC#A6725', 'KTS#A4086', 'DSA#A6725', 'KTS-RSA#A6725', 'DRBG#A4086', 'DRBG#A6725', 'PBKDF#A6725', 'SHS#A4086', 'ECDSA#A6725', 'KAS-RSA-SSC#A6725', 'AES#A6725', 'KMAC#A6725', 'CVL#A6725', 'KDA#A4086', 'SHA-3#A6725', 'HMAC#A6725', 'KTS#A6725', 'Triple-DES#A4086', 'KAS-SSC#A4086', 'RSA#A6725', 'SHS#A6725', 'KBKDF#A4086', 'KBKDF#A6725', 'CVL#A4086', 'KAS-RSA-SSC#A4086', 'SHA-3#A4086', 'Triple-DES#A6725', 'KTS-RSA#A4086', 'HMAC#A4086', 'KMAC#A4086', 'DSA#A4086', 'AES#A4086']}.

The state was updated.

The policy_pdf_hash property was set to 02c63c8835feb4e6e0bb782f342939ef06005aa3d79cb7b1f0690349f45377d8.

The policy_txt_hash property was set to 1e796631fdb50a8de40d23df6380070028b986805d2545da7eee24ff1f38c728.
08.09.2025

The certificate data changed.
Certificate changed

The web extraction data was updated.

The validation_history property was updated.
04.04.2025

The certificate data changed.
Certificate changed

The PDF extraction data was updated.

The keywords property was updated, with the {'crypto_protocol': {'__insert__': {'SSH': {'SSHv2': 3}}}} data.
31.07.2023

The certificate data changed.
Certificate changed

The web extraction data was updated.

The validation_history property was updated, with the [[1, {'_type': 'sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry', 'date': '2023-07-26', 'validation_type': 'Update', 'lab': 'ACUMEN SECURITY, LLC'}]] values inserted.

The caveat property was set to When operated in FIPS mode. No assurance of the minimum strength of generated keys..

The tested_conf property was set to ['Amazon Linux 2 running on AWS EC2 c5 instance with Intel Xeon Platinum 8275CL (Cascade Lake) with PAA', 'Amazon Linux 2 running on AWS EC2 c6g instance with AWS Graviton 3 with PAA', 'Amazon Linux 2 running on AWS EC2 c7g instance with AWS Graviton 2 with PAA', 'Amazon Linux 2023 running on AWS EC2 c5 instance with Intel Xeon Platinum 8275CL (Cascade Lake) with PAA', 'Amazon Linux 2023 running on AWS EC2 c6g instance with AWS Graviton 3 with PAA', 'Amazon Linux 2023 running on AWS EC2 c7g instance with AWS Graviton 2 with PAA', 'Debian 11.5 running on Dell Inspiron 7591 with Intel i7(x86) with PAA', 'Debian 11.5 running on Dell Inspiron 7591 with Intel i7(x86) without PAA', 'FreeBSD 13.1 running on Dell Inspiron 7591 with Intel i7(x64) with PAA', 'FreeBSD 13.1 running on Dell Inspiron 7591 with Intel i7(x64) without PAA', 'macOS 11.5.2 running on Apple i7 Mac Mini with Intel i7(x64) with PAA', 'macOS 11.5.2 running on Apple i7 Mac Mini with Intel i7(x64) without PAA', 'Ubuntu Linux 22.04.1 LTS running on Dell Inspiron 7591 with Intel i7(x64) with PAA', 'Ubuntu Linux 22.04.1 LTS running on Dell Inspiron 7591 with Intel i7(x64) without PAA', 'Windows 10 running on Dell Inspiron 7591 with Intel i7(x64) with PAA (single-user mode)', 'Windows 10 running on Dell Inspiron 7591 with Intel i7(x64) without PAA'].

The sw_versions property was set to 3.0.8.

The PDF extraction data was updated.

The keywords property was updated, with the {'fips_certlike': {'__update__': {'Certlike': {'__insert__': {'# A3500': 1}, '__delete__': ['# A1938']}}}, 'symmetric_crypto': {'__update__': {'DES': {'__update__': {'3DES': {'__update__': {'TDES': 5}}}}}}} data.

The policy_metadata property was updated, with the {'pdf_file_size_bytes': 876167, 'pdf_number_of_pages': 40, '/CreationDate': "D:20230530201019-04'00'", '/ModDate': "D:20230530201019-04'00'", 'pdf_hyperlinks': {'__discard__': {'_type': 'Set', 'elements': ['https://www.openssl.org/source/openssl-3.0.0.tar.gz.']}, '__add__': {'_type': 'Set', 'elements': ['https://www.openssl.org/source/openssl-3.0.8.tar.gz.']}}} data.

The computed heuristics were updated.

The algorithms property was set to {'_type': 'Set', 'elements': ['DSA#A3607', 'KAS-RSA-SSC#A3500', 'PBKDF#A3607', 'CVL#A3500', 'KTS-RSA#A3607', 'HMAC#A3607', 'DSA#A3500', 'PBKDF#A3500', 'RSA#A3500', 'KDA#A3607', 'KDA#A3500', 'KBKDF#A3607', 'AES#A3607', 'KMAC#A3607', 'ECDSA#A3500', 'CVL#A3607', 'KMAC#A3500', 'Triple-DES#A3500', 'AES#A3500', 'KTS-RSA#A3500', 'KBKDF#A3500', 'DRBG#A3500', 'KAS-SSC#A3500', 'ECDSA#A3607', 'SHA-3#A3607', 'Triple-DES#A3607', 'KAS-RSA-SSC#A3607', 'RSA#A3607', 'SHS#A3500', 'KAS-SSC#A3607', 'KTS#A3607', 'SHS#A3607', 'HMAC#A3500', 'SHA-3#A3500', 'KTS#A3500', 'DRBG#A3607']}.

The state was updated.

The policy_pdf_hash property was set to cf6cc6631125602e436d390f4a8b6d57b3b55bf1180dd595bdd801537d00c71b.

The policy_txt_hash property was set to 3752a69ee482a9e4daeeb1b4a3def16220aa795751b3120f7dbc90de7b9192bc.
18.05.2023

The certificate was first processed.

Raw data

{
  "_type": "sec_certs.sample.fips.FIPSCertificate",
  "cert_id": 4490,
  "dgst": "44489ca1033a2925",
  "heuristics": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
    "algorithms": {
      "_type": "Set",
      "elements": [
        "KTS-RSA#A6725",
        "DRBG#A6725",
        "HMAC#A4086",
        "AES#A4086",
        "PBKDF#A4086",
        "SHS#A4086",
        "KTS-RSA#A4086",
        "DSA#A6725",
        "KDA#A6725",
        "KTS#A4086",
        "KTS#A6725",
        "ECDSA#A6725",
        "KAS-RSA-SSC#A4086",
        "SHA-3#A6725",
        "KAS-SSC#A4086",
        "KBKDF#A4086",
        "KAS-SSC#A6725",
        "KAS-RSA-SSC#A6725",
        "AES#A6725",
        "DSA#A4086",
        "CVL#A6725",
        "Triple-DES#A6725",
        "KMAC#A4086",
        "HMAC#A6725",
        "PBKDF#A6725",
        "SHA-3#A4086",
        "ECDSA#A4086",
        "DRBG#A4086",
        "KMAC#A6725",
        "RSA#A4086",
        "RSA#A6725",
        "CVL#A4086",
        "SHS#A6725",
        "Triple-DES#A4086",
        "KBKDF#A6725",
        "KDA#A4086"
      ]
    },
    "cpe_matches": null,
    "direct_transitive_cves": null,
    "extracted_versions": {
      "_type": "Set",
      "elements": [
        "-"
      ]
    },
    "indirect_transitive_cves": null,
    "module_processed_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": null,
      "indirectly_referenced_by": null,
      "indirectly_referencing": null
    },
    "module_prunned_references": {
      "_type": "Set",
      "elements": []
    },
    "policy_processed_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": null,
      "indirectly_referenced_by": null,
      "indirectly_referencing": null
    },
    "policy_prunned_references": {
      "_type": "Set",
      "elements": []
    },
    "related_cves": null,
    "verified_cpe_matches": null
  },
  "pdf_data": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
    "keywords": {
      "asymmetric_crypto": {
        "ECC": {
          "ECC": {
            "ECC": 2
          },
          "ECDH": {
            "ECDH": 4
          },
          "ECDSA": {
            "ECDSA": 17
          }
        },
        "FF": {
          "DH": {
            "DH": 16,
            "Diffie-Hellman": 3
          },
          "DSA": {
            "DSA": 17
          }
        },
        "RSA": {
          "RSA-OAEP": 1
        }
      },
      "certification_process": {},
      "cipher_mode": {
        "CBC": {
          "CBC": 4
        },
        "CCM": {
          "CCM": 3
        },
        "CFB": {
          "CFB": 3
        },
        "CTR": {
          "CTR": 3
        },
        "ECB": {
          "ECB": 4
        },
        "GCM": {
          "GCM": 9
        },
        "OFB": {
          "OFB": 1
        },
        "XTS": {
          "XTS": 3
        }
      },
      "cplc_data": {},
      "crypto_engine": {},
      "crypto_library": {
        "OpenSSL": {
          "OpenSSL": 47
        }
      },
      "crypto_protocol": {
        "SSH": {
          "SSHv2": 3
        },
        "TLS": {
          "TLS": {
            "TLS": 4,
            "TLS 1.2": 3,
            "TLS 1.3": 3,
            "TLS v1.2": 1,
            "TLS v1.3": 3
          }
        }
      },
      "crypto_scheme": {
        "KA": {
          "Key Agreement": 6
        }
      },
      "device_model": {},
      "ecc_curve": {
        "Edwards": {
          "Ed25519": 2,
          "Ed448": 2
        },
        "NIST": {
          "B-163": 2,
          "B-233": 4,
          "K-163": 2,
          "K-233": 5,
          "P-192": 4,
          "P-224": 12,
          "P-256": 2
        }
      },
      "eval_facility": {
        "Acumen": {
          "Acumen Security": 1
        }
      },
      "fips_cert_id": {},
      "fips_certlike": {
        "Certlike": {
          "AES 128/192/256": 1,
          "AES-128": 1,
          "AES-192": 1,
          "AES-256": 1,
          "AES128": 1,
          "AES192": 1,
          "AES256": 1,
          "HMAC-SHA-1": 4,
          "PKCS 1": 4,
          "PKCS#1": 4,
          "SHA-1": 14,
          "SHA-1, 224": 1,
          "SHA-2": 3,
          "SHA-224": 6,
          "SHA-3": 6,
          "SHA-3-224": 1,
          "SHA-3-256": 1,
          "SHA2-224": 9,
          "SHA2-256": 5,
          "SHA2-512": 1,
          "SHA3-224": 4
        }
      },
      "fips_security_level": {
        "Level": {
          "Level 1": 4
        }
      },
      "hash_function": {
        "Keccak": {
          "Keccak": 1
        },
        "PBKDF": {
          "PBKDF": 1,
          "PBKDF2": 4
        },
        "SHA": {
          "SHA1": {
            "SHA-1": 15
          },
          "SHA2": {
            "SHA-2": 5,
            "SHA-224": 6
          },
          "SHA3": {
            "SHA-3": 6,
            "SHA-3-224": 1,
            "SHA-3-256": 1,
            "SHA3-224": 4
          }
        }
      },
      "ic_data_group": {},
      "javacard_api_const": {
        "curves": {
          "X25519": 10,
          "X448": 10
        }
      },
      "javacard_packages": {},
      "javacard_version": {},
      "os_name": {},
      "pq_crypto": {},
      "randomness": {
        "PRNG": {
          "DRBG": 19
        }
      },
      "side_channel_analysis": {
        "SCA": {
          "side-channel": 1,
          "timing attacks": 2
        }
      },
      "standard_id": {
        "FIPS": {
          "FIPS 140": 1,
          "FIPS 140-2": 20,
          "FIPS 180-4": 2,
          "FIPS 186-4": 6,
          "FIPS 197": 2,
          "FIPS 198-1": 2,
          "FIPS 202": 2
        },
        "NIST": {
          "NIST SP 800-133": 1,
          "NIST SP 800-38D": 2,
          "SP 800-108": 2,
          "SP 800-132": 3,
          "SP 800-135": 4,
          "SP 800-185": 1,
          "SP 800-38A": 2,
          "SP 800-38B": 2,
          "SP 800-38C": 2,
          "SP 800-38D": 2,
          "SP 800-38E": 1,
          "SP 800-38F": 2,
          "SP 800-90": 2
        },
        "PKCS": {
          "PKCS 1": 2,
          "PKCS#1": 2
        },
        "RFC": {
          "RFC 5246": 1,
          "RFC 5288": 2,
          "RFC 8446": 4
        }
      },
      "symmetric_crypto": {
        "AES_competition": {
          "AES": {
            "AES": 30,
            "AES-128": 1,
            "AES-192": 1,
            "AES-256": 1,
            "AES128": 1,
            "AES192": 1,
            "AES256": 1
          }
        },
        "DES": {
          "3DES": {
            "TDEA": 1,
            "TDES": 5,
            "Triple-DES": 7
          }
        },
        "constructions": {
          "MAC": {
            "CMAC": 12,
            "HMAC": 12,
            "KMAC": 5
          }
        }
      },
      "tee_name": {},
      "tls_cipher_suite": {},
      "vendor": {
        "Microsoft": {
          "Microsoft": 1,
          "Microsoft Corporation": 1
        }
      },
      "vulnerability": {}
    },
    "policy_metadata": {
      "/Author": "Chaithanya Chilukuri",
      "/CreationDate": "D:20250922192108+05\u002730\u0027",
      "/Creator": "Microsoft\u00ae Word for Microsoft 365",
      "/ModDate": "D:20250922192108+05\u002730\u0027",
      "/Producer": "Microsoft\u00ae Word for Microsoft 365",
      "pdf_file_size_bytes": 4647033,
      "pdf_hyperlinks": {
        "_type": "Set",
        "elements": [
          "mailto:[email protected]",
          "https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38c.pdf",
          "https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38a.pdf",
          "https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-132.pdf",
          "https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38d.pdf",
          "https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-4.pdf",
          "https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-56Br2.pdf",
          "https://csrc.nist.gov/csrc/media/publications/fips/198/1/final/documents/fips-198-1_final.pdf",
          "https://aws.amazon.com/",
          "https://www.openssl.org/docs/manmaster/man1/openssl-fipsinstall.html",
          "https://www.acumensecurity.net/",
          "https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-133r2.pdf",
          "https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.202.pdf",
          "https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-135r1.pdf",
          "https://www.rfc-editor.org/info/rfc3447",
          "https://nvlpubs.nist.gov/nistpubs/specialpublications/nist.sp.800-38b.pdf",
          "https://csrc.nist.gov/csrc/media/publications/fips/197/final/documents/fips-197.pdf",
          "https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-56Cr2.pdf",
          "https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-67r2.pdf",
          "https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-90Ar1.pdf",
          "https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.180-4.pdf",
          "https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-56Ar3.pdf",
          "https://datatracker.ietf.org/doc/html/rfc5288",
          "https://www.openssl.org/source/openssl-3.0.9.tar.gz",
          "http://csrc.nist.gov/groups/STM/cmvp/index.html",
          "https://datatracker.ietf.org/doc/html/rfc8446",
          "https://csrc.nist.gov/csrc/media/publications/fips/140/2/final/documents/fips1402.pdf"
        ]
      },
      "pdf_is_encrypted": false,
      "pdf_number_of_pages": 40
    }
  },
  "state": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
    "module_download_ok": true,
    "module_extract_ok": true,
    "policy_convert_ok": true,
    "policy_download_ok": true,
    "policy_extract_ok": true,
    "policy_json_hash": null,
    "policy_pdf_hash": "02c63c8835feb4e6e0bb782f342939ef06005aa3d79cb7b1f0690349f45377d8",
    "policy_txt_hash": "1e796631fdb50a8de40d23df6380070028b986805d2545da7eee24ff1f38c728"
  },
  "web_data": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
    "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys.",
    "certificate_pdf_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/April 2023_010523_0646.pdf",
    "date_sunset": "2026-09-21",
    "description": "The Module is a software library providing a C-language application program interface (API) for use by applications that require cryptographic functionality. The Module is classified under FIPS 140-2 as a software module, with a multi-chip standalone module embodiment. The physical cryptographic boundary is the general-purpose computer on which the module is installed.",
    "embodiment": "Multi-Chip Stand Alone",
    "exceptions": [
      "Physical Security: N/A",
      "Design Assurance: Level 3"
    ],
    "fw_versions": null,
    "historical_reason": null,
    "hw_versions": null,
    "level": 1,
    "mentioned_certs": {},
    "module_name": "AWS OpenSSL FIPS Provider",
    "module_type": "Software",
    "revoked_link": null,
    "revoked_reason": null,
    "standard": "FIPS 140-2",
    "status": "active",
    "sw_versions": "3.0.9",
    "tested_conf": [
      "Amazon Linux 2 on Intel Xeon Platinum 8275CL (Cascade Lake) with PAA",
      "Amazon Linux 2 on Intel Xeon Platinum 8275CL (Cascade Lake) without PAA",
      "Amazon Linux 2 running on AWS EC2 c6g instance with AWS Graviton 2 with PAA",
      "Amazon Linux 2 running on AWS EC2 c6g instance with AWS Graviton 2 without PAA",
      "Amazon Linux 2 running on AWS EC2 c7g instance with AWS Graviton 3 with PAA",
      "Amazon Linux 2 running on AWS EC2 c7g instance with AWS Graviton 3 without PAA",
      "Amazon Linux 2023 on Intel Xeon Platinum 8275CL (Cascade Lake) with PAA",
      "Amazon Linux 2023 on Intel Xeon Platinum 8275CL (Cascade Lake) without PAA",
      "Amazon Linux 2023 running on AWS EC2 c6g instance with AWS Graviton 2 with PAA",
      "Amazon Linux 2023 running on AWS EC2 c6g instance with AWS Graviton 2 without PAA",
      "Amazon Linux 2023 running on AWS EC2 c7g instance with AWS Graviton 3 with PAA",
      "Amazon Linux 2023 running on AWS EC2 c7g instance with AWS Graviton 3 without PAA",
      "Debian 11.5 running on Dell Inspiron 7591 with Intel i7(x64) with PAA",
      "Debian 11.5 running on Dell Inspiron 7591 with Intel i7(x64) without PAA",
      "FreeBSD 13.1 running on Dell Inspiron 7591 with Intel i7(x64) with PAA",
      "FreeBSD 13.1 running on Dell Inspiron 7591 with Intel i7(x64) without PAA",
      "macOS 11.5.2 running on Apple i7 Mac Mini with Intel i7(x64) with PAA",
      "macOS 11.5.2 running on Apple i7 Mac Mini with Intel i7(x64) without PAA",
      "macOS 11.5.2 running on Apple M1 Mac Mini with M1 with PAA",
      "macOS 11.5.2 running on Apple M1 Mac Mini with M1 without PAA",
      "Ubuntu Linux 22.04.1 LTS running on Dell Inspiron 7591 with Intel i7(x64) with PAA",
      "Ubuntu Linux 22.04.1 LTS running on Dell Inspiron 7591 with Intel i7(x64) without PAA",
      "Windows 10 running on Dell Inspiron 7591 with Intel i7(x64) with PAA",
      "Windows 10 running on Dell Inspiron 7591 with Intel i7(x64) without PAA (single-user mode)"
    ],
    "validation_history": [
      {
        "_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
        "date": "2023-04-26",
        "lab": "Acumen Security",
        "validation_type": "Initial"
      },
      {
        "_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
        "date": "2023-07-26",
        "lab": "Acumen Security",
        "validation_type": "Update"
      },
      {
        "_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
        "date": "2025-10-20",
        "lab": "Acumen Security",
        "validation_type": "Update"
      }
    ],
    "vendor": "Amazon Web Services, Inc.",
    "vendor_url": "http://www.aws.amazon.com"
  }
}

Sections

AWS OpenSSL FIPS Provider

Certificate #4490

Webpage information

Security policy

Symmetric Algorithms

Asymmetric Algorithms

Hash functions

Schemes

Protocols

Randomness

Libraries

Elliptic Curves

Block cipher modes

JavaCard API constants

Vendor

Security level

Side-channel analysis

Standards

File metadata

Heuristics

References

Updates Feed

Certificate changed

Certificate changed

Certificate changed

Certificate changed

Certificate changed

New certificate

Raw data

Sections

AWS OpenSSL FIPS Provider

Certificate #4490

Webpage information

Security policy

Cryptography

Symmetric Algorithms

Asymmetric Algorithms

Hash functions

Schemes

Protocols

Randomness

Libraries

Elliptic Curves

Block cipher modes

Device

JavaCard API constants

Vendor

Security

Security level

Side-channel analysis

Other

Standards

File metadata

Heuristics

References

Updates Feed

Raw data

Toggle raw data