This page was not yet optimized for use on mobile
devices.
KeyPair Cryptographic Module for OpenSSL
Certificate #3220
Webpage information
Security policy
Symmetric Algorithms
AES, TDEA, TDES, HMAC, CMACAsymmetric Algorithms
ECDSA, ECC, DH, DSAHash functions
SHA-1, SHA1, SHA-224, SHA224, SHA256, SHA384, SHA512, SHA-256, SHA-384, SHA-2Schemes
Key Agreement, Key agreementRandomness
DRBG, RNGLibraries
OpenSSLElliptic Curves
P-224, P-384, P-192, P-256, K-233, K-409, B-233, B-409, B-163Block cipher modes
ECB, CBC, CTR, CFB, OFB, GCM, CCM, XTSTrusted Execution Environments
SEVendor
NXP, Qualcomm, Microsoft, Microsoft CorporationStandards
FIPS 140-2, FIPS 180-4, FIPS 186-4, FIPS 197, FIPS 198-1, FIPS 198, FIPS 186-2, SP 800-38B, SP 800-38C, SP 800-38D, SP 800-38E, SP 800-56A, SP 800-56B, SP 800-57, SP 800-67, SP 800-89, SP 800-90A, SP 800-131A, PKCS#1File metadata
| Author | Mark Minnoch |
|---|---|
| Creation date | D:20200930174759-07'00' |
| Modification date | D:20200930174907-07'00' |
| Pages | 27 |
| Creator | Acrobat PDFMaker 17 for Word |
| Producer | Adobe PDF Library 15.0 |
References
Outgoing- 2398 - historical - OpenSSL FIPS Object Module SE
Heuristics
No heuristics are available for this certificate.
References
Loading...
Updates Feed
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate was first processed.
Raw data
{
"_type": "sec_certs.sample.fips.FIPSCertificate",
"cert_id": 3220,
"dgst": "698eddbc91b225fd",
"heuristics": {
"_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
"algorithms": {
"_type": "Set",
"elements": [
"AES#5667",
"RSA#1664",
"SHS#3294",
"SHS#2847",
"SHS#3411",
"DSA#1124",
"HMAC#3772",
"DRBG#1027",
"Triple-DES#2366",
"RSA#2258",
"DRBG#2289",
"Triple-DES#1780",
"AES#3751",
"ECDSA#558",
"SHS#2553",
"CVL#534",
"ECDSA#886",
"Triple-DES#2840",
"ECDSA#1091",
"DSA#1195",
"Triple-DES#2086",
"ECDSA#620",
"AES#4469",
"HMAC#2918",
"CVL#1181",
"AES#3264",
"DRBG#845",
"Triple-DES#1853",
"SHS#2702",
"RSA#2444",
"RSA#1766",
"Triple-DES#2399",
"RSA#3049",
"HMAC#2197",
"CVL#372",
"Triple-DES#1942",
"ECDSA#698",
"RSA#2374",
"DRBG#1451",
"ECDSA#1533",
"AES#3451",
"DSA#933",
"AES#4141",
"DSA#1456",
"AES#4391",
"DRBG#1256",
"CVL#814",
"CVL#699",
"Triple-DES#2190",
"AES#3090",
"DSA#896",
"SHS#3620",
"SHS#4541",
"CVL#947",
"HMAC#2714",
"HMAC#2063",
"Triple-DES#2263",
"AES#3990",
"HMAC#2605",
"ECDSA#801",
"HMAC#2452",
"CVL#472",
"RSA#2048",
"CVL#2051",
"DSA#970",
"SHS#3681",
"DRBG#723",
"DRBG#607",
"SHS#3121",
"DSA#1085",
"ECDSA#952",
"RSA#1928",
"HMAC#1937",
"DSA#1170",
"CVL#1094",
"DSA#1040",
"RSA#1581",
"HMAC#2966",
"DRBG#1414",
"DRBG#1182"
]
},
"cpe_matches": null,
"direct_transitive_cves": null,
"extracted_versions": {
"_type": "Set",
"elements": [
"-"
]
},
"indirect_transitive_cves": null,
"module_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": {
"_type": "Set",
"elements": [
"3313",
"3269",
"3524",
"3711"
]
},
"directly_referencing": null,
"indirectly_referenced_by": {
"_type": "Set",
"elements": [
"3313",
"3269",
"3524",
"3711"
]
},
"indirectly_referencing": null
},
"module_prunned_references": {
"_type": "Set",
"elements": []
},
"policy_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": {
"_type": "Set",
"elements": [
"2398"
]
},
"indirectly_referenced_by": null,
"indirectly_referencing": {
"_type": "Set",
"elements": [
"112",
"2398"
]
}
},
"policy_prunned_references": {
"_type": "Set",
"elements": [
"2398"
]
},
"related_cves": null,
"verified_cpe_matches": null
},
"pdf_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
"keywords": {
"asymmetric_crypto": {
"ECC": {
"ECC": {
"ECC": 4
},
"ECDSA": {
"ECDSA": 15
}
},
"FF": {
"DH": {
"DH": 9
},
"DSA": {
"DSA": 15
}
}
},
"certification_process": {},
"cipher_mode": {
"CBC": {
"CBC": 3
},
"CCM": {
"CCM": 4
},
"CFB": {
"CFB": 3
},
"CTR": {
"CTR": 2
},
"ECB": {
"ECB": 3
},
"GCM": {
"GCM": 5
},
"OFB": {
"OFB": 1
},
"XTS": {
"XTS": 4
}
},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {
"OpenSSL": {
"OpenSSL": 44
}
},
"crypto_protocol": {},
"crypto_scheme": {
"KA": {
"Key Agreement": 2,
"Key agreement": 2
}
},
"device_model": {},
"ecc_curve": {
"NIST": {
"B-163": 1,
"B-233": 1,
"B-409": 1,
"K-233": 3,
"K-409": 1,
"P-192": 2,
"P-224": 6,
"P-256": 2,
"P-384": 4
}
},
"eval_facility": {},
"fips_cert_id": {
"Cert": {
"#2398": 1,
"#3220": 1
}
},
"fips_certlike": {
"Certlike": {
"AES 128/192/256": 2,
"AES, 256": 1,
"DRBG5": 1,
"HMAC SHA-1": 1,
"HMAC-SHA- 1": 2,
"HMAC-SHA-1": 26,
"HMAC-SHA1": 2,
"PKCS#1": 2,
"RSA10": 1,
"SHA- 1": 1,
"SHA-1": 17,
"SHA-1, 224": 23,
"SHA-2": 6,
"SHA-2 (224": 2,
"SHA-224": 16,
"SHA-256": 1,
"SHA-384": 1,
"SHA1": 1,
"SHA224": 1,
"SHA256": 4,
"SHA384": 1,
"SHA512": 2
}
},
"fips_security_level": {},
"hash_function": {
"SHA": {
"SHA1": {
"SHA-1": 40,
"SHA1": 1
},
"SHA2": {
"SHA-2": 8,
"SHA-224": 16,
"SHA-256": 1,
"SHA-384": 1,
"SHA224": 1,
"SHA256": 4,
"SHA384": 1,
"SHA512": 2
}
}
},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {
"PRNG": {
"DRBG": 20
},
"RNG": {
"RNG": 3
}
},
"side_channel_analysis": {},
"standard_id": {
"FIPS": {
"FIPS 140-2": 17,
"FIPS 180-4": 2,
"FIPS 186-2": 2,
"FIPS 186-4": 9,
"FIPS 197": 2,
"FIPS 198": 1,
"FIPS 198-1": 1
},
"NIST": {
"SP 800-131A": 2,
"SP 800-38B": 2,
"SP 800-38C": 2,
"SP 800-38D": 2,
"SP 800-38E": 2,
"SP 800-56A": 4,
"SP 800-56B": 2,
"SP 800-57": 2,
"SP 800-67": 2,
"SP 800-89": 1,
"SP 800-90A": 9
},
"PKCS": {
"PKCS#1": 1
}
},
"symmetric_crypto": {
"AES_competition": {
"AES": {
"AES": 20
}
},
"DES": {
"3DES": {
"TDEA": 1,
"TDES": 9
}
},
"constructions": {
"MAC": {
"CMAC": 15,
"HMAC": 8
}
}
},
"tee_name": {
"IBM": {
"SE": 1
}
},
"tls_cipher_suite": {},
"vendor": {
"Microsoft": {
"Microsoft": 1,
"Microsoft Corporation": 1
},
"NXP": {
"NXP": 1
},
"Qualcomm": {
"Qualcomm": 2
}
},
"vulnerability": {}
},
"policy_metadata": {
"/Author": "Mark Minnoch",
"/Company": "KeyPair Consulting",
"/CreationDate": "D:20200930174759-07\u002700\u0027",
"/Creator": "Acrobat PDFMaker 17 for Word",
"/ModDate": "D:20200930174907-07\u002700\u0027",
"/Producer": "Adobe PDF Library 15.0",
"/SourceModified": "D:20201001004449",
"pdf_file_size_bytes": 506322,
"pdf_hyperlinks": {
"_type": "Set",
"elements": [
"https://www.openssl.org/source/old/fips/openssl-fips-2.0.9.tar.gz",
"http://www.openssl.org/source/openssl-fips-2.0.16.tar.gz",
"http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-90Ar1.pdf",
"https://keypair.us/",
"https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-56ar.pdf",
"https://www.openssl.org/source/",
"http://www.openssl.org/source/old/fips/openssl-fips-2.0.10.tar.gz",
"https://csrc.nist.gov/csrc/media/publications/fips/198/1/final/documents/fips-198-1_final.pdf",
"http://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-4.pdf",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-57pt1r5.pdf",
"http://www.openssl.org/source/openssl-fips-ecp-2.0.16.tar.gz",
"http://software.intel.com/en-us/articles/intel-advanced-encryption-standard-instructions-aes-ni/?wapkw=aes-ni",
"http://csrc.nist.gov/publications/fips/fips140-2/fips1402.pdf",
"https://csrc.nist.gov/Projects/Cryptographic-Module-Validation-Program/Certificate/2398",
"http://www.openssl.org/source/old/fips/openssl-fips-2.0.12.tar.gz",
"http://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38e.pdf",
"http://www.openssl.org/source/old/fips/openssl-fips-ecp-2.0.13.tar.gz",
"http://www.openssl.org/source/old/fips/openssl-fips-ecp-2.0.10.tar.gz",
"http://www.openssl.org/source/old/fips/openssl-fips-ecp-2.0.9.tar.gz",
"http://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-89.pdf",
"http://www.openssl.org/source/old/fips/openssl-fips-2.0.15.tar.gz",
"http://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.180-4.pdf",
"http://www.openssl.org/source/old/fips/",
"http://www.arm.com/products/processors/technologies/neon.php",
"http://www.openssl.org/source/old/fips/openssl-fips-ecp-2.0.12.tar.gz",
"http://www.openssl.org/source/old/fips/openssl-fips-ecp-2.0.15.tar.gz",
"http://www.openssl.org/source/old/fips/openssl-fips-ecp-2.0.11.tar.gz",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-67r2.pdf",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-131Ar2.pdf",
"http://www.openssl.org/source/old/fips/openssl-fips-ecp-2.0.14.tar.gz",
"http://www.openssl.org/source/old/fips/openssl-fips-2.0.13.tar.gz",
"https://csrc.nist.gov/Projects/Cryptographic-Module-Validation-Program/Certificate/3220",
"http://www.intel.com/support/processors/sb/CS-030123.htm?wapkw=sse2",
"http://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.197.pdf",
"https://keypair.us/2018/05/cd/",
"http://csrc.nist.gov/publications/nistpubs/800-38D/SP-800-38D.pdf",
"https://csrc.nist.gov/CSRC/media/Projects/Cryptographic-Module-Validation-Program/documents/fips140-2/FIPS1402IG.pdf",
"http://csrc.nist.gov/publications/nistpubs/800-38C/SP800-38C_updated-July20_2007.pdf",
"http://www.openssl.org/source/",
"http://www.openssl.org/source/old/fips/openssl-fips-2.0.14.tar.gz",
"http://www.openssl.org/source/old/fips/openssl-fips-2.0.11.tar.gz",
"http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-56Br1.pdf"
]
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 27
}
},
"state": {
"_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
"module_download_ok": true,
"module_extract_ok": true,
"policy_convert_ok": true,
"policy_download_ok": true,
"policy_extract_ok": true,
"policy_json_hash": null,
"policy_pdf_hash": "ac98734993c8a77b2ae2e821d8606ab55373a5df0acd04ac5ad7d4dfb79bbf18",
"policy_txt_hash": "ad56dc977f31319e52c16832fc021f5e8da72eafaff5c503a99aa0195c3d4b17"
},
"web_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
"caveat": "When built, installed, protected and initialized as assumed by the Crypto Officer role and as specified in the provided Security Policy and operated in FIPS mode. Appendix A of the provided Security Policy specifies the actual distribution tar file containing the source code of this module. There shall be no additions, deletions or alterations to the tar file contents as used during module build. The distribution tar file shall be verified as specified in Appendix A of the provided Security Policy. Installation and protection shall be completed as specified in Appendix A of the provided Security Policy. Initialization shall be invoked as per Section 4 of the provided Security Policy. Any deviation from specified verification, protection, installation and initialization procedures will result in a non FIPS 140-2 compliant module.",
"certificate_pdf_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/JulyConsolidatedCert.pdf",
"date_sunset": null,
"description": "The KeyPair Cryptographic Module for OpenSSL expands the list of Tested Configurations (operating system + processor) for the OpenSSL FIPS Object Module v2.0. Please contact KeyPair Consulting to include your desired operating system as a Tested Configuration on a FIPS 140-2 certificate branded in your company\u2019s name.",
"embodiment": "Multi-Chip Stand Alone",
"exceptions": [
"Roles, Services, and Authentication: Level 2",
"Physical Security: N/A",
"Design Assurance: Level 3",
"Mitigation of Other Attacks: N/A"
],
"fw_versions": null,
"historical_reason": "Moved to historical list due to sunsetting",
"hw_versions": null,
"level": 1,
"mentioned_certs": {},
"module_name": "KeyPair Cryptographic Module for OpenSSL",
"module_type": "Software",
"revoked_link": null,
"revoked_reason": null,
"standard": "FIPS 140-2",
"status": "historical",
"sw_versions": "2.0.9, 2.0.10, 2.0.11, 2.0.12, 2.0.13, 2.0.14, 2.0.15 or 2.0.16",
"tested_conf": [
"AIX 6.1 32-bit running on IBM POWER 7 (PPC) (IBM XL C/C++ for AIX Compiler Version V13.1)",
"AIX 6.1 32-bit running on IBM POWER 7 (PPC) with PAA (IBM XL C/C++ for AIX Compiler Version V10.1)",
"AIX 6.1 64-bit running on IBM POWER 7 (PPC) (IBM XL C/C++ for AIX Compiler Version V13.1)",
"AIX 6.1 64-bit running on IBM POWER 7 (PPC) with PAA (IBM XL C/C++ for AIX Compiler Version V10.1)",
"AIX 7.1 32-bit running on IBM POWER 7 (PPC) (IBM XL C/C++ for AIX Compiler Version V13.1)",
"AIX 7.1 32-bit running on IBM Power8 (PPC) with PAA (IBM XL Compiler V13.1)",
"AIX 7.1 32-bit running on IBM Power8 (PPC) without PAA (IBM XL Compiler V13.1)",
"AIX 7.1 64-bit running on IBM POWER 7 (PPC) (IBM XL C/C++ for AIX Compiler Version V13.1)",
"AIX 7.1 64-bit running on IBM Power8 (PPC) with PAA (IBM XL Compiler V13.1)",
"AIX 7.1 64-bit running on IBM Power8 (PPC) without PAA (IBM XL Compiler V13.1)",
"AIX 7.2 32-bit running on IBM Power7 (PPC) without PAA (IBM XL Compiler V13.1)",
"AIX 7.2 32-bit running on IBM Power8 (PPC) with PAA (IBM XL Compiler V13.1)",
"AIX 7.2 32-bit running on IBM Power8 (PPC) without PAA (IBM XL Compiler V13.1)",
"AIX 7.2 64-bit running on IBM Power7 (PPC) without PAA (IBM XL Compiler V13.1)",
"AIX 7.2 64-bit running on IBM Power8 (PPC) with PAA (IBM XL Compiler V13.1)",
"AIX 7.2 64-bit running on IBM Power8 (PPC) without PAA (IBM XL Compiler V13.1)",
"Android 5.0 32-bit running on Qualcomm APQ8084 (ARMv7) with PAA (gcc Compiler Version 4.9)",
"Android 5.0 32-bit running on Qualcomm APQ8084 (ARMv7) without PAA (gcc Compiler Version 4.9)",
"Android 5.0 64-bit running on SAMSUNG Exynos7420 (ARMv8) with PAA (gcc Compiler Version 4.9)",
"Android 5.0 64-bit running on SAMSUNG Exynos7420 (ARMv8) without PAA (gcc Compiler Version 4.9)",
"Android 8.1 running on Nvidia Tegra X1 with PAA (gcc Compiler Version 5.4.0)",
"Android 8.1 running on Nvidia Tegra X1 without PAA (gcc Compiler Version 5.4.0)",
"CentOS 6 running on Intel Xeon E5 (family) with PAA (gcc Compiler Version 4.4.7)",
"CentOS 6 running on Intel Xeon E5 (family) without PAA (gcc Compiler Version 4.4.7)",
"CentOS 7 running on Intel Xeon E5 (family) with PAA (gcc Compiler Version 4.8.5)",
"CentOS 7 running on Intel Xeon E5 (family) without PAA (gcc Compiler Version 4.8.5)",
"DataGravity Discovery Series OS V2.0 running on Intel Xeon E5-2420 (x86) with PAA (gcc Compiler Version 4.7.2)",
"DataGravity Discovery Series OS V2.0 running on Intel Xeon E5-2420 (x86) without PAA (gcc Compiler Version 4.7.2)",
"Debian 9 running on Intel Atom E3845 (x86) with PAA (gcc Compiler Version 6.3.0)",
"Debian 9 running on Intel Atom E3845 (x86) without PAA (gcc Compiler Version 6.3.0)",
"ExtremeXOS-Linux 3.1 running on Cavium Octeon II (MIPS) (gcc Compiler Version 4.9.2)",
"ExtremeXOS-Linux 3.18 32-bit running on Intel Atom C2558 (x86) with PAA (gcc Compiler Version 4.9.2)",
"ExtremeXOS-Linux 3.18 32-bit running on Intel Atom C2558 (x86) without PAA (gcc Compiler Version 4.9.2)",
"ExtremeXOS-Linux 3.18 running on Cavium Octeon II (MIPS) (gcc Compiler Version 4.9.2)",
"iOS 8.1 32-bit running on Apple A7 (ARMv8) with PAA (clang Compiler Version 600.0.56)",
"iOS 8.1 32-bit running on Apple A7 (ARMv8) without PAA (clang Compiler Version 600.0.56)",
"iOS 8.1 64-bit running on Apple A7 (ARMv8) with PAA and Crypto Extensions (clang Compiler Version 600.0.56)",
"iOS 8.1 64-bit running on Apple A7 (ARMv8) without PAA and Crypto Extensions (clang Compiler Version 600.0.56)",
"Linux 3.10 32-bit running on Intel Atom E3845 (x86) with PAA (gcc Compiler Version 4.8.1)",
"Linux 3.10 32-bit running on Intel Atom E3845 (x86) without PAA (gcc Compiler Version 4.8.1)",
"Linux 3.12 running on NXP T2080 (PPC) (gcc Compiler Version 4.9.2)",
"SurfWare 7.2 running on TI c64 DSP (TMS320C6x Compiler Version 6.0.19)",
"TS-Linux 2.4 running on Arm920Tid (ARMv4) (gcc Compiler Version 4.3.2)",
"Ubuntu 12.04 running on Intel Xeon E5-2430L (x86) with PAA (gcc Compiler Version 4.6.3)",
"Ubuntu 12.04 running on Intel Xeon E5-2430L (x86) without PAA (gcc Compiler Version 4.6.3)",
"Ubuntu 16.04 LTS (Xenial) running on Intel Xeon E5 (family) with PAA (gcc Compiler Version 5.4.0)",
"Ubuntu 16.04 LTS (Xenial) running on Intel Xeon E5 (family) without PAA (gcc Compiler Version 5.4.0)",
"VxWorks 6.7 running on Intel Core 2 Duo (x86) (gcc Compiler Version 4.1.2)",
"VxWorks 6.9 running on Freescale P2020 (PPC) (gcc Compiler Version 4.3.3) (single-user mode)"
],
"validation_history": [
{
"_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
"date": "2018-07-05",
"lab": "UL Verification Services, Inc.",
"validation_type": "Initial"
},
{
"_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
"date": "2018-10-17",
"lab": "UL Verification Services, Inc.",
"validation_type": "Update"
},
{
"_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
"date": "2020-08-11",
"lab": "UL Verification Services, Inc.",
"validation_type": "Update"
},
{
"_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
"date": "2020-10-02",
"lab": "UL Verification Services, Inc.",
"validation_type": "Update"
}
],
"vendor": "KeyPair Consulting Inc.",
"vendor_url": "http://www.keypair.us"
}
}