This page was not yet optimized for use on mobile
devices.
Canonical Ltd. Ubuntu 22.04 OpenSSL Cryptographic Module
Certificate #4794
Webpage information
Security policy
Symmetric Algorithms
AES, AES-128, AES-192, AES-256, AES-, CAST, HMAC, KMAC, CMACAsymmetric Algorithms
RSA-OAEP, ECDH, ECDSA, ECC, DHE, DH, Diffie-Hellman, DSAHash functions
SHA-1, SHA3-224, SHA3-256, SHA3-384, SHA3-512, SHA-3, PBKDF2, PBKDFSchemes
MAC, Key Exchange, Key AgreementProtocols
SSH, TLS v1.2, TLS v1.3, TLS 1.2, TLS, TLS 1.3, IKERandomness
DRBG, RBGLibraries
OpenSSLElliptic Curves
P-224, P-256, P-384, P-521, P-192, curve P-192, B-233, B-283, B-409, B-571, K-233, K-283, K-409, K-571, B-163, K-163Block cipher modes
ECB, CBC, CTR, CFB, OFB, GCM, CCM, XTSTrusted Execution Environments
PSP, SSCSecurity level
Level 1Side-channel analysis
Fault InductionStandards
FIPS 140-3, FIPS PUB 140-3, FIPS186-4, FIPS 186-4, FIPS 198-1, FIPS 180-4, FIPS 202, FIPS 186-5, FIPS 197, SP 800-132, SP 800-38A, SP 800-38C, SP 800-38B, SP 800-38F, SP 800-38E, SP 800-38D, SP 800-56A, SP 800-135, SP 800-185, SP 800-56C, SP 800-90A, SP 800-108, SP 800-90B, SP 800-140B, PKCS 1, PKCS#1, RFC7627, RFC 5288, RFC8446, RFC 8446, RFC 4253, RFC 6668, RFC 3526, RFC 7919File metadata
| Author | Hawes, David J. (Fed) |
|---|---|
| Creation date | D:20240905220705+00'00' |
| Modification date | D:20240905220705+00'00' |
| Pages | 105 |
| Creator | Microsoft Word |
References
Incoming- 4911 - active - Canonical Ltd. Ubuntu 22.04 Strongswan Cryptographic Module
Heuristics
No heuristics are available for this certificate.
References
Loading...
Updates Feed
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate was first processed.
Raw data
{
"_type": "sec_certs.sample.fips.FIPSCertificate",
"cert_id": 4794,
"dgst": "4f41b6fdedda792a",
"heuristics": {
"_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
"algorithms": {
"_type": "Set",
"elements": [
"TLS v1.2 KDF RFC7627A4005",
"HMAC-SHA2-512A4005",
"KDA HKDF Sp800-56Cr1A3969",
"HMAC-SHA3-256A3979",
"SHA2-512/256A4005",
"HMAC-SHA2-384A4005",
"AES-GMACA4002",
"ECDSA SigGen (FIPS186-4)A4005",
"AES-ECBA3987",
"SHA2-512/224A4005",
"SHA3-224A3979",
"SHA3-256A3979",
"KAS-FFC-SSC Sp800-56Ar3A3992",
"AES-XTS Testing Revision 2.0A3982",
"RSA SigGen (FIPS186-4)A4005",
"ECDSA KeyGen (FIPS186-4)A4005",
"KDF SSHA3987",
"AES-CBC-CS1A3982",
"AES-CMACA3982",
"SHA3-512A3979",
"KMAC-128A3979",
"HMAC-SHA-1A4005",
"AES-KWA3982",
"HMAC-SHA2-224A4005",
"KDF ANS 9.42A4005",
"AES-CBC-CS2A3982",
"TLS v1.3 KDFA3969",
"RSA KeyGen (FIPS186-4)A4005",
"HMAC-SHA3-512A3979",
"KAS-ECC-SSC Sp800-56Ar3A4005",
"SHA2-256A4005",
"AES-CFB128A3982",
"KDF SP800-108A3991",
"AES-GCMA4002",
"SHA-1A4005",
"SHA2-224A4005",
"AES-CBCA3982",
"KDA OneStep SP800-56Cr2A3965",
"HMAC-SHA3-384A3979",
"AES-CFB8A3982",
"HMAC DRBGA3970",
"AES-CBC-CS3A3982",
"Hash DRBGA3970",
"HMAC-SHA2-512/256A4005",
"SHAKE-256A3979",
"AES-OFBA3982",
"Safe Primes Key GenerationA3992",
"HMAC-SHA2-512/224A4005",
"KMAC-256A3979",
"KDF ANS 9.63A4005",
"HMAC-SHA2-256A4005",
"HMAC-SHA3-224A3979",
"AES-CFB1A3982",
"SHA2-384A4005",
"RSA SigVer (FIPS186-4)A4005",
"ECDSA SigVer (FIPS186-4)A4005",
"AES-CCMA3982",
"SHAKE-128A3979",
"SHA2-512A4005",
"Safe Primes Key VerificationA3992",
"PBKDFA4005",
"AES-KWPA3982",
"ECDSA KeyVer (FIPS186-4)A4005",
"SHA3-384A3979",
"AES-CTRA3982",
"Counter DRBGA3970"
]
},
"cpe_matches": null,
"direct_transitive_cves": null,
"extracted_versions": {
"_type": "Set",
"elements": [
"22.04"
]
},
"indirect_transitive_cves": null,
"module_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": {
"_type": "Set",
"elements": [
"4911"
]
},
"directly_referencing": null,
"indirectly_referenced_by": {
"_type": "Set",
"elements": [
"4911"
]
},
"indirectly_referencing": null
},
"module_prunned_references": {
"_type": "Set",
"elements": []
},
"policy_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": {
"_type": "Set",
"elements": [
"4911"
]
},
"directly_referencing": null,
"indirectly_referenced_by": {
"_type": "Set",
"elements": [
"4911"
]
},
"indirectly_referencing": null
},
"policy_prunned_references": {
"_type": "Set",
"elements": []
},
"related_cves": null,
"verified_cpe_matches": null
},
"pdf_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
"keywords": {
"asymmetric_crypto": {
"ECC": {
"ECC": {
"ECC": 2
},
"ECDH": {
"ECDH": 6
},
"ECDSA": {
"ECDSA": 165
}
},
"FF": {
"DH": {
"DH": 31,
"DHE": 1,
"Diffie-Hellman": 7
},
"DSA": {
"DSA": 6
}
},
"RSA": {
"RSA-OAEP": 4
}
},
"certification_process": {},
"cipher_mode": {
"CBC": {
"CBC": 2
},
"CCM": {
"CCM": 2
},
"CFB": {
"CFB": 1
},
"CTR": {
"CTR": 1
},
"ECB": {
"ECB": 1
},
"GCM": {
"GCM": 18
},
"OFB": {
"OFB": 1
},
"XTS": {
"XTS": 8
}
},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {
"OpenSSL": {
"OpenSSL": 112
}
},
"crypto_protocol": {
"IKE": {
"IKE": 6
},
"SSH": {
"SSH": 43
},
"TLS": {
"TLS": {
"TLS": 22,
"TLS 1.2": 5,
"TLS 1.3": 5,
"TLS v1.2": 36,
"TLS v1.3": 6
}
}
},
"crypto_scheme": {
"KA": {
"Key Agreement": 2
},
"KEX": {
"Key Exchange": 2
},
"MAC": {
"MAC": 17
}
},
"device_model": {},
"ecc_curve": {
"NIST": {
"B-163": 3,
"B-233": 37,
"B-283": 7,
"B-409": 12,
"B-571": 13,
"K-163": 4,
"K-233": 12,
"K-283": 12,
"K-409": 12,
"K-571": 14,
"P-192": 24,
"P-224": 140,
"P-256": 112,
"P-384": 98,
"P-521": 98,
"curve P-192": 2
}
},
"eval_facility": {
"atsec": {
"atsec": 107
}
},
"fips_cert_id": {},
"fips_certlike": {
"Certlike": {
"- PKCS 1": 14,
"AES-128": 8,
"AES-192": 7,
"AES-256": 9,
"HMAC-SHA-1": 24,
"PKCS 1": 14,
"PKCS#1": 44,
"SHA-1": 68,
"SHA-3": 1,
"SHA2-224": 42,
"SHA2-256": 139,
"SHA2-384": 56,
"SHA2-512": 70,
"SHA3- 256": 1,
"SHA3-224": 17,
"SHA3-256": 21,
"SHA3-384": 17,
"SHA3-512": 18
}
},
"fips_security_level": {
"Level": {
"Level 1": 2
}
},
"hash_function": {
"PBKDF": {
"PBKDF": 41,
"PBKDF2": 5
},
"SHA": {
"SHA1": {
"SHA-1": 68
},
"SHA3": {
"SHA-3": 1,
"SHA3-224": 17,
"SHA3-256": 21,
"SHA3-384": 17,
"SHA3-512": 18
}
}
},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {
"PRNG": {
"DRBG": 41
},
"RNG": {
"RBG": 2
}
},
"side_channel_analysis": {
"FI": {
"Fault Induction": 2
}
},
"standard_id": {
"FIPS": {
"FIPS 140-3": 117,
"FIPS 180-4": 51,
"FIPS 186-4": 70,
"FIPS 186-5": 1,
"FIPS 197": 1,
"FIPS 198-1": 63,
"FIPS 202": 19,
"FIPS PUB 140-3": 2,
"FIPS186-4": 235
},
"NIST": {
"SP 800-108": 1,
"SP 800-132": 17,
"SP 800-135": 31,
"SP 800-140B": 1,
"SP 800-185": 6,
"SP 800-38A": 78,
"SP 800-38B": 8,
"SP 800-38C": 8,
"SP 800-38D": 33,
"SP 800-38E": 9,
"SP 800-38F": 16,
"SP 800-56A": 11,
"SP 800-56C": 2,
"SP 800-90A": 3,
"SP 800-90B": 1
},
"PKCS": {
"PKCS 1": 14,
"PKCS#1": 22
},
"RFC": {
"RFC 3526": 3,
"RFC 4253": 1,
"RFC 5288": 3,
"RFC 6668": 1,
"RFC 7919": 3,
"RFC 8446": 2,
"RFC7627": 28,
"RFC8446": 2
}
},
"symmetric_crypto": {
"AES_competition": {
"AES": {
"AES": 47,
"AES-": 4,
"AES-128": 8,
"AES-192": 7,
"AES-256": 9
},
"CAST": {
"CAST": 318
}
},
"constructions": {
"MAC": {
"CMAC": 2,
"HMAC": 20,
"KMAC": 10
}
}
},
"tee_name": {
"AMD": {
"PSP": 3
},
"IBM": {
"SSC": 3
}
},
"tls_cipher_suite": {},
"vendor": {},
"vulnerability": {}
},
"policy_metadata": {
"/Author": "Hawes, David J. (Fed)",
"/CreationDate": "D:20240905220705+00\u002700\u0027",
"/Creator": "Microsoft Word",
"/ModDate": "D:20240905220705+00\u002700\u0027",
"pdf_file_size_bytes": 1362809,
"pdf_hyperlinks": {
"_type": "Set",
"elements": [
"https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38c.pdf",
"https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.140-3.pdf",
"https://www.ietf.org/rfc/rfc8446.txt",
"https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-4.pdf",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-133r2.pdf",
"https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.202.pdf",
"https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-135r1.pdf",
"http://www.ietf.org/rfc/rfc3447.txt",
"http://www.canonical.com/",
"http://www.atsec.com/",
"https://csrc.nist.gov/publications/nistpubs/800-132/nist-sp800-132.pdf",
"https://csrc.nist.gov/publications/nistpubs/800-38B/SP_800-38B.pdf",
"https://csrc.nist.gov/publications/fips/fips198-1/FIPS-198-1_final.pdf",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-52r2.pdf",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-108r1.pdf",
"https://csrc.nist.gov/Projects/cryptographic-module-validation-program/fips-140-3-ig-announcements",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-56Cr2.pdf",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-90Ar1.pdf",
"https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.180-4.pdf",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-56Cr1.pdf",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-56Ar3.pdf",
"https://www.ietf.org/rfc/rfc5288.txt",
"https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38a-add.pdf",
"https://csrc.nist.gov/publications/nistpubs/800-38E/nist-sp-800-38E.pdf",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-38F.pdf",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-90B.pdf",
"https://webstore.ansi.org/standards/ascx9/ansix9632001",
"https://csrc.nist.gov/publications/nistpubs/800-38a/sp800-38a.pdf",
"https://www.ietf.org/rfc/rfc3526.txt",
"https://www.ietf.org/rfc/rfc7919.txt",
"https://csrc.nist.gov/publications/fips/fips197/fips-197.pdf",
"https://webstore.ansi.org/standards/ascx9/ansix9422001"
]
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 105
}
},
"state": {
"_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
"module_download_ok": true,
"module_extract_ok": true,
"policy_convert_ok": true,
"policy_download_ok": true,
"policy_extract_ok": true,
"policy_json_hash": null,
"policy_pdf_hash": "dc886b6b29fdb6f4305b569a2fb1c73430d0db47939aa10b7dcae93b08abd49d",
"policy_txt_hash": "06df15eaed036a34888a949cfa0c21412c489e031e0c88c8ee008ca8063f1b7a"
},
"web_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
"caveat": "Interim validation; When operated in approved mode; When installed, initialized and configured as specified in Section 11 of the Security Policy",
"certificate_pdf_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/September 2024_011024_0217.pdf",
"date_sunset": "2026-09-10",
"description": "The Canonical Ltd. Ubuntu 22.04 OpenSSL Cryptographic Module provides a C language application program interface (API) for use by other applications that require cryptographic functionality.",
"embodiment": "Multi-Chip Stand Alone",
"exceptions": [
"Physical security: N/A",
"Non-invasive security: N/A"
],
"fw_versions": null,
"historical_reason": null,
"hw_versions": null,
"level": 1,
"mentioned_certs": {},
"module_name": "Canonical Ltd. Ubuntu 22.04 OpenSSL Cryptographic Module",
"module_type": "Software",
"revoked_link": null,
"revoked_reason": null,
"standard": "FIPS 140-3",
"status": "active",
"sw_versions": "3.0.5-0ubuntu0.1+Fips2.1",
"tested_conf": [
"Ubuntu 22.04 on IBM z15 with IBM z15 processor with PAI",
"Ubuntu 22.04 on IBM z15 with IBM z15 processor without PAI",
"Ubuntu 22.04 running on Amazon Web Services (AWS) c6g.metal with AWS Graviton2 processor with PAA",
"Ubuntu 22.04 running on Amazon Web Services (AWS) c6g.metal with AWS Graviton2 processor without PAA",
"Ubuntu 22.04 running on Supermicro SYS-1019P-WTR with Intel Xeon Gold 6226 processor with PAA",
"Ubuntu 22.04 running on Supermicro SYS-1019P-WTR with Intel Xeon Gold 6226 processor without PAA"
],
"validation_history": [
{
"_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
"date": "2024-09-11",
"lab": "atsec information security corporation",
"validation_type": "Initial"
}
],
"vendor": "Canonical Ltd.",
"vendor_url": "http://www.canonical.com"
}
}