This page was not yet optimized for use on mobile devices.
Canonical Ltd. Ubuntu 22.04 OpenSSL Cryptographic Module
Certificate #4794
Webpage information ?
Security policy ?
Symmetric Algorithms
AES, AES-128, AES-192, AES-256, AES-, CAST, HMAC, KMAC, CMACAsymmetric Algorithms
RSA-OAEP, ECDH, ECDSA, ECC, DHE, DH, Diffie-Hellman, DSAHash functions
SHA-1, SHA3-224, SHA3-256, SHA3-384, SHA3-512, SHA-3, PBKDF2, PBKDFSchemes
MAC, Key Exchange, Key AgreementProtocols
SSH, TLS v1.2, TLS v1.3, TLS 1.2, TLS, TLS 1.3, IKERandomness
DRBG, RBGLibraries
OpenSSLElliptic Curves
P-224, P-256, P-384, P-521, P-192, curve P-192, B-233, B-283, B-409, B-571, K-233, K-283, K-409, K-571, B-163, K-163Block cipher modes
ECB, CBC, CTR, CFB, OFB, GCM, CCM, XTSTrusted Execution Environments
PSP, SSCSecurity level
Level 1Side-channel analysis
Fault InductionStandards
FIPS 140-3, FIPS PUB 140-3, FIPS186-4, FIPS 186-4, FIPS 198-1, FIPS 180-4, FIPS 202, FIPS 186-5, FIPS 197, SP 800-132, SP 800-38A, SP 800-38C, SP 800-38B, SP 800-38F, SP 800-38E, SP 800-38D, SP 800-56A, SP 800-135, SP 800-185, SP 800-56C, SP 800-90A, SP 800-108, SP 800-90B, SP 800-140B, PKCS 1, PKCS#1, RFC7627, RFC 5288, RFC8446, RFC 8446, RFC 4253, RFC 6668, RFC 3526, RFC 7919File metadata
| Author | Hawes, David J. (Fed) |
|---|---|
| Creation date | D:20240905220705+00'00' |
| Modification date | D:20240905220705+00'00' |
| Pages | 105 |
| Creator | Microsoft Word |
Heuristics ?
No heuristics are available for this certificate.
References ?
No references are available for this certificate.
Updates ?
-
16.09.2024 The certificate was first processed.
New certificate
A new FIPS 140 certificate with the product name was processed.
Raw data
{
"_type": "sec_certs.sample.fips.FIPSCertificate",
"cert_id": 4794,
"dgst": "4f41b6fdedda792a",
"heuristics": {
"_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
"algorithms": {
"_type": "Set",
"elements": [
"SHA-1A4005",
"KDA OneStep SP800-56Cr2A3965",
"HMAC DRBGA3970",
"Safe Primes Key VerificationA3992",
"KDF ANS 9.63A4005",
"ECDSA SigGen (FIPS186-4)A4005",
"AES-CCMA3982",
"TLS v1.2 KDF RFC7627A4005",
"Hash DRBGA3970",
"AES-CMACA3982",
"SHA2-224A4005",
"AES-CTRA3982",
"SHAKE-256A3979",
"SHA2-256A4005",
"AES-GMACA4002",
"AES-KWA3982",
"HMAC-SHA2-512/256A4005",
"AES-ECBA3987",
"AES-XTS Testing Revision 2.0A3982",
"KAS-ECC-SSC Sp800-56Ar3A4005",
"AES-CBC-CS1A3982",
"PBKDFA4005",
"KMAC-128A3979",
"KAS-FFC-SSC Sp800-56Ar3A3992",
"KDF SP800-108A3991",
"AES-GCMA4002",
"HMAC-SHA3-256A3979",
"RSA SigGen (FIPS186-4)A4005",
"SHA3-512A3979",
"AES-CBCA3982",
"AES-KWPA3982",
"SHA2-384A4005",
"RSA KeyGen (FIPS186-4)A4005",
"ECDSA KeyGen (FIPS186-4)A4005",
"KDF SSHA3987",
"SHAKE-128A3979",
"Safe Primes Key GenerationA3992",
"AES-CBC-CS2A3982",
"SHA3-224A3979",
"HMAC-SHA-1A4005",
"Counter DRBGA3970",
"TLS v1.3 KDFA3969",
"KMAC-256A3979",
"HMAC-SHA3-512A3979",
"HMAC-SHA2-256A4005",
"ECDSA SigVer (FIPS186-4)A4005",
"AES-CFB8A3982",
"HMAC-SHA2-224A4005",
"SHA2-512/224A4005",
"SHA3-256A3979",
"HMAC-SHA2-512A4005",
"SHA2-512/256A4005",
"KDA HKDF Sp800-56Cr1A3969",
"HMAC-SHA2-512/224A4005",
"ECDSA KeyVer (FIPS186-4)A4005",
"HMAC-SHA3-384A3979",
"AES-CFB128A3982",
"SHA3-384A3979",
"AES-CBC-CS3A3982",
"HMAC-SHA2-384A4005",
"HMAC-SHA3-224A3979",
"KDF ANS 9.42A4005",
"SHA2-512A4005",
"AES-CFB1A3982",
"RSA SigVer (FIPS186-4)A4005",
"AES-OFBA3982"
]
},
"cpe_matches": null,
"direct_transitive_cves": null,
"extracted_versions": {
"_type": "Set",
"elements": [
"22.04"
]
},
"indirect_transitive_cves": null,
"module_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"module_prunned_references": {
"_type": "Set",
"elements": []
},
"policy_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"policy_prunned_references": {
"_type": "Set",
"elements": []
},
"related_cves": null,
"verified_cpe_matches": null
},
"pdf_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
"keywords": {
"asymmetric_crypto": {
"ECC": {
"ECC": {
"ECC": 2
},
"ECDH": {
"ECDH": 6
},
"ECDSA": {
"ECDSA": 165
}
},
"FF": {
"DH": {
"DH": 31,
"DHE": 1,
"Diffie-Hellman": 7
},
"DSA": {
"DSA": 6
}
},
"RSA": {
"RSA-OAEP": 4
}
},
"certification_process": {},
"cipher_mode": {
"CBC": {
"CBC": 2
},
"CCM": {
"CCM": 2
},
"CFB": {
"CFB": 1
},
"CTR": {
"CTR": 1
},
"ECB": {
"ECB": 1
},
"GCM": {
"GCM": 18
},
"OFB": {
"OFB": 1
},
"XTS": {
"XTS": 8
}
},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {
"OpenSSL": {
"OpenSSL": 112
}
},
"crypto_protocol": {
"IKE": {
"IKE": 6
},
"SSH": {
"SSH": 43
},
"TLS": {
"TLS": {
"TLS": 22,
"TLS 1.2": 5,
"TLS 1.3": 5,
"TLS v1.2": 36,
"TLS v1.3": 6
}
}
},
"crypto_scheme": {
"KA": {
"Key Agreement": 2
},
"KEX": {
"Key Exchange": 2
},
"MAC": {
"MAC": 17
}
},
"device_model": {},
"ecc_curve": {
"NIST": {
"B-163": 3,
"B-233": 37,
"B-283": 7,
"B-409": 12,
"B-571": 13,
"K-163": 4,
"K-233": 12,
"K-283": 12,
"K-409": 12,
"K-571": 14,
"P-192": 24,
"P-224": 140,
"P-256": 112,
"P-384": 98,
"P-521": 98,
"curve P-192": 2
}
},
"eval_facility": {
"atsec": {
"atsec": 107
}
},
"fips_cert_id": {},
"fips_certlike": {
"Certlike": {
"- PKCS 1": 14,
"AES-128": 8,
"AES-192": 7,
"AES-256": 9,
"HMAC-SHA-1": 24,
"PKCS 1": 14,
"PKCS#1": 44,
"SHA-1": 68,
"SHA-3": 1,
"SHA2-224": 42,
"SHA2-256": 139,
"SHA2-384": 56,
"SHA2-512": 70,
"SHA3- 256": 1,
"SHA3-224": 17,
"SHA3-256": 21,
"SHA3-384": 17,
"SHA3-512": 18
}
},
"fips_security_level": {
"Level": {
"Level 1": 2
}
},
"hash_function": {
"PBKDF": {
"PBKDF": 41,
"PBKDF2": 5
},
"SHA": {
"SHA1": {
"SHA-1": 68
},
"SHA3": {
"SHA-3": 1,
"SHA3-224": 17,
"SHA3-256": 21,
"SHA3-384": 17,
"SHA3-512": 18
}
}
},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {
"PRNG": {
"DRBG": 41
},
"RNG": {
"RBG": 2
}
},
"side_channel_analysis": {
"FI": {
"Fault Induction": 2
}
},
"standard_id": {
"FIPS": {
"FIPS 140-3": 117,
"FIPS 180-4": 51,
"FIPS 186-4": 70,
"FIPS 186-5": 1,
"FIPS 197": 1,
"FIPS 198-1": 63,
"FIPS 202": 19,
"FIPS PUB 140-3": 2,
"FIPS186-4": 235
},
"NIST": {
"SP 800-108": 1,
"SP 800-132": 17,
"SP 800-135": 31,
"SP 800-140B": 1,
"SP 800-185": 6,
"SP 800-38A": 78,
"SP 800-38B": 8,
"SP 800-38C": 8,
"SP 800-38D": 33,
"SP 800-38E": 9,
"SP 800-38F": 16,
"SP 800-56A": 11,
"SP 800-56C": 2,
"SP 800-90A": 3,
"SP 800-90B": 1
},
"PKCS": {
"PKCS 1": 14,
"PKCS#1": 22
},
"RFC": {
"RFC 3526": 3,
"RFC 4253": 1,
"RFC 5288": 3,
"RFC 6668": 1,
"RFC 7919": 3,
"RFC 8446": 2,
"RFC7627": 28,
"RFC8446": 2
}
},
"symmetric_crypto": {
"AES_competition": {
"AES": {
"AES": 47,
"AES-": 4,
"AES-128": 8,
"AES-192": 7,
"AES-256": 9
},
"CAST": {
"CAST": 318
}
},
"constructions": {
"MAC": {
"CMAC": 2,
"HMAC": 20,
"KMAC": 10
}
}
},
"tee_name": {
"AMD": {
"PSP": 3
},
"IBM": {
"SSC": 3
}
},
"tls_cipher_suite": {},
"vendor": {},
"vulnerability": {}
},
"policy_metadata": {
"/Author": "Hawes, David J. (Fed)",
"/CreationDate": "D:20240905220705+00\u002700\u0027",
"/Creator": "Microsoft Word",
"/ModDate": "D:20240905220705+00\u002700\u0027",
"pdf_file_size_bytes": 1362809,
"pdf_hyperlinks": {
"_type": "Set",
"elements": [
"https://www.ietf.org/rfc/rfc3526.txt",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-56Ar3.pdf",
"https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38a-add.pdf",
"https://www.ietf.org/rfc/rfc5288.txt",
"https://www.ietf.org/rfc/rfc7919.txt",
"https://csrc.nist.gov/publications/nistpubs/800-38E/nist-sp-800-38E.pdf",
"http://www.ietf.org/rfc/rfc3447.txt",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-52r2.pdf",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-56Cr1.pdf",
"https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38c.pdf",
"https://csrc.nist.gov/publications/nistpubs/800-38a/sp800-38a.pdf",
"https://csrc.nist.gov/publications/nistpubs/800-38B/SP_800-38B.pdf",
"http://www.canonical.com/",
"https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-135r1.pdf",
"https://csrc.nist.gov/publications/fips/fips198-1/FIPS-198-1_final.pdf",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-56Cr2.pdf",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-108r1.pdf",
"https://webstore.ansi.org/standards/ascx9/ansix9422001",
"https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.140-3.pdf",
"https://csrc.nist.gov/publications/nistpubs/800-132/nist-sp800-132.pdf",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-90Ar1.pdf",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-133r2.pdf",
"http://www.atsec.com/",
"https://csrc.nist.gov/Projects/cryptographic-module-validation-program/fips-140-3-ig-announcements",
"https://www.ietf.org/rfc/rfc8446.txt",
"https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-4.pdf",
"https://csrc.nist.gov/publications/fips/fips197/fips-197.pdf",
"https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.180-4.pdf",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-90B.pdf",
"https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.202.pdf",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-38F.pdf",
"https://webstore.ansi.org/standards/ascx9/ansix9632001"
]
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 105
}
},
"state": {
"_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
"module_download_ok": true,
"module_extract_ok": true,
"policy_convert_garbage": false,
"policy_convert_ok": true,
"policy_download_ok": true,
"policy_extract_ok": true,
"policy_pdf_hash": "dc886b6b29fdb6f4305b569a2fb1c73430d0db47939aa10b7dcae93b08abd49d",
"policy_txt_hash": "06df15eaed036a34888a949cfa0c21412c489e031e0c88c8ee008ca8063f1b7a"
},
"web_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
"caveat": "Interim validation; When operated in approved mode; When installed, initialized and configured as specified in Section 11 of the Security Policy",
"certificate_pdf_url": null,
"date_sunset": "2026-09-10",
"description": "The Canonical Ltd. Ubuntu 22.04 OpenSSL Cryptographic Module provides a C language application program interface (API) for use by other applications that require cryptographic functionality.",
"embodiment": "Multi-Chip Stand Alone",
"exceptions": [
"Physical security: N/A",
"Non-invasive security: N/A",
"Documentation requirements: N/A",
"Cryptographic module security policy: N/A"
],
"fw_versions": null,
"historical_reason": null,
"hw_versions": null,
"level": 1,
"mentioned_certs": {},
"module_name": "Canonical Ltd. Ubuntu 22.04 OpenSSL Cryptographic Module",
"module_type": "Software",
"revoked_link": null,
"revoked_reason": null,
"standard": "FIPS 140-3",
"status": "active",
"sw_versions": "3.0.5-0ubuntu0.1+Fips2.1",
"tested_conf": [
"Ubuntu 22.04 on IBM z15 with IBM z15 processor with PAI",
"Ubuntu 22.04 on IBM z15 with IBM z15 processor without PAI",
"Ubuntu 22.04 running on Amazon Web Services (AWS) c6g.metal with AWS Graviton2 processor with PAA",
"Ubuntu 22.04 running on Amazon Web Services (AWS) c6g.metal with AWS Graviton2 processor without PAA",
"Ubuntu 22.04 running on Supermicro SYS-1019P-WTR with Intel Xeon Gold 6226 processor with PAA",
"Ubuntu 22.04 running on Supermicro SYS-1019P-WTR with Intel Xeon Gold 6226 processor without PAA"
],
"validation_history": [
{
"_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
"date": "2024-09-11",
"lab": "ATSEC INFORMATION SECURITY CORP",
"validation_type": "Initial"
}
],
"vendor": "Canonical Ltd.",
"vendor_url": "http://www.canonical.com"
}
}