This page was not yet optimized for use on mobile devices.
VMware's BoringCrypto Module
Certificate #4694
Webpage information ?
Security policy ?
Symmetric Algorithms
AES, AES-256, DES, Triple-DES, TDEA, HMAC, HMAC-SHA-256, HMAC-SHA-512Asymmetric Algorithms
ECDSA, ECC, DH, Diffie-HellmanHash functions
SHA-1, SHA-256, SHA-512, MD4, MD5Schemes
MAC, Key AgreementProtocols
SSL, TLS, TLS 1.0, TLS v1.2Randomness
DRBGLibraries
BoringSSLElliptic Curves
P-224, P-256, P-384, P-521, Curve P-256Block cipher modes
ECB, CBC, CTR, CFB, OFB, GCM, CCMTrusted Execution Environments
SSCVendor
Broadcom, Broadcom Inc, CiscoSecurity level
Level 1Standards
FIPS 140-2, FIPS 140, FIPS 197, FIPS 186-4, FIPS 198-1, FIPS 180-4, FIPS PUB 140-2, SP 800-38A, SP 800-38C, SP 800-38D, SP 800-38F, SP 800-67, SP 800-135, NIST SP 800-133, NIST SP 800-90A, SP 800-90A, NIST SP 800-52, NIST SP 800-38D, NIST SP 800-131A, SP 800-133, RFC 2313, RFC 5288, RFC 5246File metadata
| Title | Security Policy |
|---|---|
| Subject | FIPS 140-2 Security Policy Template |
| Author | Manoj Maskara |
| Creation date | D:20240410175853-07'00' |
| Modification date | D:20240410175921-07'00' |
| Pages | 31 |
| Creator | Acrobat PDFMaker 24 for Word |
| Producer | Adobe PDF Library 24.1.149 |
Heuristics ?
No heuristics are available for this certificate.
References ?
No references are available for this certificate.
Updates ?
-
04.07.2024 The certificate was first processed.
New certificate
A new FIPS 140 certificate with the product name was processed.
Raw data
{
"_type": "sec_certs.sample.fips.FIPSCertificate",
"cert_id": 4694,
"dgst": "6900c3ccdcfc05cf",
"heuristics": {
"_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
"algorithms": {
"_type": "Set",
"elements": [
"AES#A4970",
"KAS#A4970"
]
},
"cpe_matches": null,
"direct_transitive_cves": null,
"extracted_versions": {
"_type": "Set",
"elements": [
"-"
]
},
"indirect_transitive_cves": null,
"module_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"module_prunned_references": {
"_type": "Set",
"elements": []
},
"policy_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"policy_prunned_references": {
"_type": "Set",
"elements": []
},
"related_cves": null,
"verified_cpe_matches": null
},
"pdf_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
"keywords": {
"asymmetric_crypto": {
"ECC": {
"ECC": {
"ECC": 2
},
"ECDSA": {
"ECDSA": 18
}
},
"FF": {
"DH": {
"DH": 7,
"Diffie-Hellman": 6
}
}
},
"certification_process": {},
"cipher_mode": {
"CBC": {
"CBC": 3
},
"CCM": {
"CCM": 1
},
"CFB": {
"CFB": 4
},
"CTR": {
"CTR": 2
},
"ECB": {
"ECB": 2
},
"GCM": {
"GCM": 4
},
"OFB": {
"OFB": 4
}
},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {
"BoringSSL": {
"BoringSSL": 2
}
},
"crypto_protocol": {
"TLS": {
"SSL": {
"SSL": 1
},
"TLS": {
"TLS": 10,
"TLS 1.0": 1,
"TLS v1.2": 1
}
}
},
"crypto_scheme": {
"KA": {
"Key Agreement": 4
},
"MAC": {
"MAC": 1
}
},
"device_model": {},
"ecc_curve": {
"NIST": {
"Curve P-256": 1,
"P-224": 2,
"P-256": 9,
"P-384": 6,
"P-521": 4
}
},
"eval_facility": {},
"fips_cert_id": {},
"fips_certlike": {
"Certlike": {
"AES-256": 1,
"HMAC-SHA-1": 4,
"HMAC-SHA-256": 4,
"HMAC-SHA-512": 2,
"PAA 10": 1,
"PAA 11": 1,
"PAA 12": 1,
"PAA 13": 1,
"PAA 14": 1,
"PAA 16": 1,
"PAA 17": 1,
"PAA 18": 1,
"PAA 19": 1,
"PAA 2": 1,
"PAA 20": 1,
"PAA 3": 1,
"PAA 4": 1,
"PAA 5": 1,
"PAA 6": 1,
"PAA 7": 1,
"PAA 8": 1,
"PAA 9": 1,
"SHA-1": 4,
"SHA-256": 2,
"SHA-512": 1,
"SHA2- 256": 1,
"SHA2-224": 2,
"SHA2-384": 1,
"SHA2-512": 1
}
},
"fips_security_level": {
"Level": {
"Level 1": 2
}
},
"hash_function": {
"MD": {
"MD4": {
"MD4": 4
},
"MD5": {
"MD5": 5
}
},
"SHA": {
"SHA1": {
"SHA-1": 4
},
"SHA2": {
"SHA-256": 2,
"SHA-512": 1
}
}
},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {
"PRNG": {
"DRBG": 6
}
},
"side_channel_analysis": {},
"standard_id": {
"FIPS": {
"FIPS 140": 4,
"FIPS 140-2": 21,
"FIPS 180-4": 2,
"FIPS 186-4": 3,
"FIPS 197": 2,
"FIPS 198-1": 2,
"FIPS PUB 140-2": 1
},
"NIST": {
"NIST SP 800-131A": 1,
"NIST SP 800-133": 1,
"NIST SP 800-38D": 1,
"NIST SP 800-52": 1,
"NIST SP 800-90A": 1,
"SP 800-133": 1,
"SP 800-135": 3,
"SP 800-38A": 2,
"SP 800-38C": 1,
"SP 800-38D": 2,
"SP 800-38F": 2,
"SP 800-67": 2,
"SP 800-90A": 2
},
"RFC": {
"RFC 2313": 1,
"RFC 5246": 2,
"RFC 5288": 1
}
},
"symmetric_crypto": {
"AES_competition": {
"AES": {
"AES": 20,
"AES-256": 1
}
},
"DES": {
"3DES": {
"TDEA": 4,
"Triple-DES": 15
},
"DES": {
"DES": 5
}
},
"constructions": {
"MAC": {
"HMAC": 6,
"HMAC-SHA-256": 2,
"HMAC-SHA-512": 1
}
}
},
"tee_name": {
"IBM": {
"SSC": 1
}
},
"tls_cipher_suite": {},
"vendor": {
"Broadcom": {
"Broadcom": 3,
"Broadcom Inc": 2
},
"Cisco": {
"Cisco": 1
}
},
"vulnerability": {}
},
"policy_metadata": {
"/Author": "Manoj Maskara",
"/Comments": "",
"/Company": "VMware, Inc.",
"/ContentTypeId": "0x0101000CC072FC7533904AB17D8DD2B08CC389",
"/CreationDate": "D:20240410175853-07\u002700\u0027",
"/Creator": "Acrobat PDFMaker 24 for Word",
"/DocDate": "October 20, 2020",
"/DocName": "Security Policy",
"/DocVersion": "0.1",
"/Keywords": "",
"/ModDate": "D:20240410175921-07\u002700\u0027",
"/ModuleNameFull": "VMware\u0027s BoringCrypto Module",
"/ModuleNameShort": "\u003cModuleNameShort\u003e",
"/ModuleVersion": "1.0",
"/Producer": "Adobe PDF Library 24.1.149",
"/SourceModified": "D:20240409205750",
"/Subject": "FIPS 140-2 Security Policy Template",
"/Title": "Security Policy",
"/VendorNameFull": "VMware, Inc.",
"/VendorNameShort": "VMware",
"pdf_file_size_bytes": 670401,
"pdf_hyperlinks": {
"_type": "Set",
"elements": [
"https://golang.org/dl/",
"https://csrc.nist.gov/groups/STM/cmvp/index.html",
"https://cmake.org/download/",
"https://commondatastorage.googleapis.com/chromium-boringssl-fips/boringssl-853ca1ea1168dff08011e5d42d94609cc0ca2e27.tar.xz",
"https://github.com/ninja-build/ninja/releases",
"http://releases.llvm.org/download.html"
]
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 31
}
},
"state": {
"_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
"module_download_ok": true,
"module_extract_ok": true,
"policy_convert_garbage": false,
"policy_convert_ok": true,
"policy_download_ok": true,
"policy_extract_ok": true,
"policy_pdf_hash": "46ec3e66d7ba755e612efb4a2dcddf8f3c26b77747a0f57050e6b34d2ee4a6af",
"policy_txt_hash": "3e80c8d2787b0a4338d2038efb6920a5755864d3ae59f6c5e763bac4d5315dec"
},
"web_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
"caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys.",
"certificate_pdf_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/April 2024_010524_0757.pdf",
"date_sunset": "2026-09-21",
"description": "VMware\u2019s BoringCrypto Module is a versatile software library that implements and provides FIPS 140-2 Approved cryptographic functionalities to various VMware products and services.",
"embodiment": "Multi-Chip Stand Alone",
"exceptions": [
"Physical Security: N/A",
"Mitigation of Other Attacks: N/A"
],
"fw_versions": null,
"historical_reason": null,
"hw_versions": null,
"level": 1,
"mentioned_certs": {},
"module_name": "VMware\u0027s BoringCrypto Module",
"module_type": "Software",
"revoked_link": null,
"revoked_reason": null,
"standard": "FIPS 140-2",
"status": "active",
"sw_versions": "6.0",
"tested_conf": [
"Amazon Linux 2 OS on VMware ESXi 8.0 running on Dell PowerEdge R650 with Intel\u00ae Xeon Gold 6330 with PAA",
"Amazon Linux 2 OS on VMware ESXi 8.0 running on Dell PowerEdge R650 with Intel\u00ae Xeon Gold 6330 without PAA",
"Amazon Linux 2023 OS on VMware ESXi 8.0 running on Dell PowerEdge R650 with Intel\u00ae Xeon Gold 6330 with PAA",
"Amazon Linux 2023 OS on VMware ESXi 8.0 running on Dell PowerEdge R650 with Intel\u00ae Xeon Gold 6330 without PAA",
"Photon OS 3.0 on VMware ESXi 8.0 running on Dell PowerEdge R650 with Intel\u00ae Xeon Gold 6330 with PAA",
"Photon OS 3.0 on VMware ESXi 8.0 running on Dell PowerEdge R650 with Intel\u00ae Xeon Gold 6330 without PAA",
"Photon OS 4.0 on VMware ESXi 8.0 running on Dell PowerEdge R650 with Intel\u00ae Xeon Gold 6330 with PAA",
"Photon OS 4.0 on VMware ESXi 8.0 running on Dell PowerEdge R650 with Intel\u00ae Xeon Gold 6330 without PAA",
"Photon OS 5.0 on VMware ESXi 8.0 running on Dell PowerEdge R650 with Intel\u00ae Xeon Gold 6330 with PAA",
"Photon OS 5.0 on VMware ESXi 8.0 running on Dell PowerEdge R650 with Intel\u00ae Xeon Gold 6330 without PAA",
"RHEL 8.2 on VMware ESXi 8.0 running on Dell PowerEdge R650 with Intel\u00ae Xeon Gold 6330 with PAA",
"RHEL 8.2 on VMware ESXi 8.0 running on Dell PowerEdge R650 with Intel\u00ae Xeon Gold 6330 without PAA",
"Ubuntu 20.04 on VMware ESXi 8.0 running on Dell PowerEdge R650 with Intel\u00ae Xeon Gold 6330 with PAA",
"Ubuntu 20.04 on VMware ESXi 8.0 running on Dell PowerEdge R650 with Intel\u00ae Xeon Gold 6330 without PAA",
"Ubuntu 20.04 running on Dell Precision 5550 with Intel\u00ae Core I7 with PAA",
"Ubuntu 20.04 running on Dell Precision 5550 with Intel\u00ae Core I7 without PAA",
"Ubuntu 22.04 on VMware ESXi 8.0 running on Dell PowerEdge R650 with Intel\u00ae Xeon Gold 6330 with PAA",
"Ubuntu 22.04 on VMware ESXi 8.0 running on Dell PowerEdge R650 with Intel\u00ae Xeon Gold 6330 without PAA",
"VMware ESXi 8.0U3 running on Dell PowerEdge R650 with Intel\u00ae Xeon Gold 6330 with PAA",
"VMware ESXi 8.0U3 running on Dell PowerEdge R650 with Intel\u00ae Xeon Gold 6330 without PAA"
],
"validation_history": [
{
"_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
"date": "2024-04-24",
"lab": "ACUMEN SECURITY, LLC",
"validation_type": "Initial"
}
],
"vendor": "Broadcom Inc.",
"vendor_url": "http://www.vmware.com"
}
}