Linux OpenSSL FIPS Provider

Certificate #5284

Webpage information

Status active
Validation dates 21.05.2026
Sunset date 17-07-2029
Standard FIPS 140-3
Security level 1
Type Software
Embodiment MultiChipStand
Caveat No assurance of the minimum strength of generated SSPs. No assurance of minimum security of SSPs (e.g., keys, bit strings) that are externally loaded, or of SSPs established with externally loaded SSPs.
Exceptions
  • Physical security: N/A
  • Non-invasive security: N/A
Description Linux OpenSSL FIPS Provider is a cryptographic module integrated in KAYTUS products (e.g Server Baseboard Management Controller) to provide FIPS 140-3 validated cryptography for the protection of sensitive information
Vendor KAYTUS SYSTEMS PTE. LTD.
References

This certificate's webpage directly references 0 certificates, transitively this expands into 0 certificates.

Security policy

Symmetric Algorithms
AES, AES-128, AES-192, AES-256, AES-, AES128, CAST, HMAC, HMAC-SHA-256, HMAC-SHA-384, HMAC-SHA-512, KMAC, CMAC
Asymmetric Algorithms
ECDH, ECDSA, ECC, DHE, DH, Diffie-Hellman, DSA
Hash functions
SHA-1, SHA-224, SHA-384, SHA-512, SHA-256, SHA-3, SHA3-224, SHA3-384, SHA3-512, SHA3-256, PBKDF, PBKDF2
Schemes
MAC, Key Agreement
Protocols
SSH, SSHv2, TLS v1.2, TLS v1.3, TLS 1.2, TLS, TLS 1.3
Randomness
DRBG, RBG
Libraries
OpenSSL
Elliptic Curves
P-224, P-256, P-384, P-521, P-192, B-233, B-283, B-409, B-571, K-233, K-283, K-409, B-163, K-163, K-571
Block cipher modes
ECB, CBC, CTR, OFB, GCM, CCM, XTS
TLS cipher suites
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, TLS_DHE_DSS_WITH_AES_128_GCM_SHA256, TLS_DHE_DSS_WITH_AES_256_GCM_SHA384

Trusted Execution Environments
PSP

Security level
level 1, Level 1
Side-channel analysis
side-channel, timing attacks

Standards
FIPS 140-3, FIPS186-4, FIPS 186-4, FIPS 198-1, FIPS 180-4, FIPS 202, SP 800-38F, SP 800-38E, SP 800-135, SP 800-108, SP 800-185, SP 800-132, NIST SP 800-38D, SP 800-57, PKCS 1, PKCS1, RFC7627, RFC 5288, RFC 5246, RFC 8446, ISO/IEC 19790:2012

File metadata

Author Hawes, David J. (Fed)
Creation date D:20260520142042-04'00'
Modification date D:20260520142042-04'00'
Pages 80
Creator Microsoft® Word for Microsoft 365
Producer Microsoft® Word for Microsoft 365

Heuristics

No heuristics are available for this certificate.

References

No references are available for this certificate.

Updates Feed

  • The certificate data changed.
  • The certificate was first processed.

Raw data

{
  "_type": "sec_certs.sample.fips.FIPSCertificate",
  "cert_id": 5284,
  "dgst": "7e5cbdfe81560262",
  "heuristics": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
    "algorithms": {
      "_type": "Set",
      "elements": []
    },
    "cpe_matches": null,
    "direct_transitive_cves": null,
    "extracted_versions": {
      "_type": "Set",
      "elements": [
        "-"
      ]
    },
    "indirect_transitive_cves": null,
    "module_processed_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": null,
      "indirectly_referenced_by": null,
      "indirectly_referencing": null
    },
    "module_prunned_references": {
      "_type": "Set",
      "elements": []
    },
    "policy_processed_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": null,
      "indirectly_referenced_by": null,
      "indirectly_referencing": null
    },
    "policy_prunned_references": {
      "_type": "Set",
      "elements": []
    },
    "related_cves": null,
    "verified_cpe_matches": null
  },
  "pdf_data": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
    "keywords": {
      "asymmetric_crypto": {
        "ECC": {
          "ECC": {
            "ECC": 3
          },
          "ECDH": {
            "ECDH": 17
          },
          "ECDSA": {
            "ECDSA": 37
          }
        },
        "FF": {
          "DH": {
            "DH": 3,
            "DHE": 5,
            "Diffie-Hellman": 18
          },
          "DSA": {
            "DSA": 39
          }
        }
      },
      "certification_process": {},
      "cipher_mode": {
        "CBC": {
          "CBC": 10
        },
        "CCM": {
          "CCM": 6
        },
        "CTR": {
          "CTR": 14
        },
        "ECB": {
          "ECB": 5
        },
        "GCM": {
          "GCM": 12
        },
        "OFB": {
          "OFB": 10
        },
        "XTS": {
          "XTS": 17
        }
      },
      "cplc_data": {},
      "crypto_engine": {},
      "crypto_library": {
        "OpenSSL": {
          "OpenSSL": 90
        }
      },
      "crypto_protocol": {
        "SSH": {
          "SSH": 4,
          "SSHv2": 6
        },
        "TLS": {
          "TLS": {
            "TLS": 7,
            "TLS 1.2": 5,
            "TLS 1.3": 3,
            "TLS v1.2": 8,
            "TLS v1.3": 9
          }
        }
      },
      "crypto_scheme": {
        "KA": {
          "Key Agreement": 3
        },
        "MAC": {
          "MAC": 42
        }
      },
      "device_model": {},
      "ecc_curve": {
        "NIST": {
          "B-163": 4,
          "B-233": 10,
          "B-283": 9,
          "B-409": 9,
          "B-571": 12,
          "K-163": 4,
          "K-233": 14,
          "K-283": 9,
          "K-409": 12,
          "K-571": 7,
          "P-192": 8,
          "P-224": 28,
          "P-256": 22,
          "P-384": 20,
          "P-521": 24
        }
      },
      "eval_facility": {},
      "fips_cert_id": {},
      "fips_certlike": {
        "Certlike": {
          "AES- 128": 2,
          "AES- 192": 4,
          "AES-128": 11,
          "AES-192": 7,
          "AES-192/256": 2,
          "AES-256": 11,
          "AES128": 1,
          "DRBG 128": 1,
          "DRBG 160, 224": 1,
          "HMAC- SHA-1": 1,
          "HMAC- SHA-1 192": 2,
          "HMAC- SHA-224 256": 2,
          "HMAC-SHA- 1": 8,
          "HMAC-SHA-1": 6,
          "HMAC-SHA-256": 6,
          "HMAC-SHA-256 384": 4,
          "HMAC-SHA-384": 4,
          "HMAC-SHA-512": 4,
          "PKCS 1": 10,
          "PKCS1": 2,
          "SHA- 256": 2,
          "SHA- 384": 1,
          "SHA-1": 39,
          "SHA-1 192": 4,
          "SHA-224": 6,
          "SHA-256": 2,
          "SHA-3": 6,
          "SHA-384": 3,
          "SHA-512": 4,
          "SHA2- 224": 6,
          "SHA2- 256": 9,
          "SHA2- 512": 4,
          "SHA2-224": 40,
          "SHA2-256": 56,
          "SHA2-384": 61,
          "SHA2-512": 53,
          "SHA3- 256": 2,
          "SHA3-224": 12,
          "SHA3-256": 13,
          "SHA3-384": 12,
          "SHA3-512": 16
        }
      },
      "fips_security_level": {
        "Level": {
          "Level 1": 2,
          "level 1": 2
        }
      },
      "hash_function": {
        "PBKDF": {
          "PBKDF": 5,
          "PBKDF2": 27
        },
        "SHA": {
          "SHA1": {
            "SHA-1": 43
          },
          "SHA2": {
            "SHA-224": 6,
            "SHA-256": 2,
            "SHA-384": 3,
            "SHA-512": 4
          },
          "SHA3": {
            "SHA-3": 6,
            "SHA3-224": 12,
            "SHA3-256": 13,
            "SHA3-384": 12,
            "SHA3-512": 16
          }
        }
      },
      "ic_data_group": {},
      "javacard_api_const": {},
      "javacard_packages": {},
      "javacard_version": {},
      "os_name": {},
      "pq_crypto": {},
      "randomness": {
        "PRNG": {
          "DRBG": 70
        },
        "RNG": {
          "RBG": 2
        }
      },
      "side_channel_analysis": {
        "SCA": {
          "side-channel": 1,
          "timing attacks": 2
        }
      },
      "standard_id": {
        "FIPS": {
          "FIPS 140-3": 10,
          "FIPS 180-4": 7,
          "FIPS 186-4": 15,
          "FIPS 198-1": 11,
          "FIPS 202": 6,
          "FIPS186-4": 39
        },
        "ISO": {
          "ISO/IEC 19790:2012": 1
        },
        "NIST": {
          "NIST SP 800-38D": 2,
          "SP 800-108": 1,
          "SP 800-132": 6,
          "SP 800-135": 14,
          "SP 800-185": 2,
          "SP 800-38E": 1,
          "SP 800-38F": 2,
          "SP 800-57": 1
        },
        "PKCS": {
          "PKCS 1": 5,
          "PKCS1": 1
        },
        "RFC": {
          "RFC 5246": 1,
          "RFC 5288": 1,
          "RFC 8446": 2,
          "RFC7627": 3
        }
      },
      "symmetric_crypto": {
        "AES_competition": {
          "AES": {
            "AES": 78,
            "AES-": 7,
            "AES-128": 11,
            "AES-192": 7,
            "AES-256": 11,
            "AES128": 1
          },
          "CAST": {
            "CAST": 64
          }
        },
        "constructions": {
          "MAC": {
            "CMAC": 4,
            "HMAC": 38,
            "HMAC-SHA-256": 5,
            "HMAC-SHA-384": 2,
            "HMAC-SHA-512": 2,
            "KMAC": 8
          }
        }
      },
      "tee_name": {
        "AMD": {
          "PSP": 5
        }
      },
      "tls_cipher_suite": {
        "TLS": {
          "TLS_DHE_DSS_WITH_AES_128_GCM_SHA256": 1,
          "TLS_DHE_DSS_WITH_AES_256_GCM_SHA384": 1,
          "TLS_DHE_RSA_WITH_AES_128_GCM_SHA256": 1,
          "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384": 1,
          "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256": 1,
          "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384": 1,
          "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256": 1,
          "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384": 1
        }
      },
      "vendor": {},
      "vulnerability": {}
    },
    "policy_metadata": {
      "/Author": "Hawes, David J. (Fed)",
      "/CreationDate": "D:20260520142042-04\u002700\u0027",
      "/Creator": "Microsoft\u00ae Word for Microsoft 365",
      "/ModDate": "D:20260520142042-04\u002700\u0027",
      "/Producer": "Microsoft\u00ae Word for Microsoft 365",
      "pdf_file_size_bytes": 902717,
      "pdf_hyperlinks": {
        "_type": "Set",
        "elements": []
      },
      "pdf_is_encrypted": false,
      "pdf_number_of_pages": 80
    }
  },
  "state": {
    "_type": "sec_certs.sample.fips.InternalState",
    "module": {
      "_type": "sec_certs.sample.document_state.DocumentState",
      "convert_ok": true,
      "download_ok": true,
      "extract_ok": true,
      "json_hash": null,
      "source_hash": null,
      "txt_hash": null
    },
    "policy": {
      "_type": "sec_certs.sample.document_state.DocumentState",
      "convert_ok": true,
      "download_ok": true,
      "extract_ok": true,
      "json_hash": null,
      "source_hash": "316fe898377b42b2ffb31fc8b6d536f9c7dfb23044235a02596cde767bda6b28",
      "txt_hash": "0a902b6f9f737eb824b298e478ad7b3d20bbaa62c8f96a2aee1d4c3f63772186"
    }
  },
  "web_data": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
    "caveat": "No assurance of the minimum strength of generated SSPs. No assurance of minimum security of SSPs (e.g., keys, bit strings) that are externally loaded, or of SSPs established with externally loaded SSPs.",
    "certificate_pdf_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/May 2026_030626_0716.pdf",
    "date_sunset": "2029-07-17",
    "description": "Linux OpenSSL FIPS Provider is a cryptographic module integrated in KAYTUS products (e.g Server Baseboard Management Controller) to provide FIPS 140-3 validated cryptography for the protection of sensitive information",
    "embodiment": "MultiChipStand",
    "exceptions": [
      "Physical security: N/A",
      "Non-invasive security: N/A"
    ],
    "fw_versions": null,
    "historical_reason": null,
    "hw_versions": null,
    "level": 1,
    "mentioned_certs": {},
    "module_name": "Linux OpenSSL FIPS Provider",
    "module_type": "Software",
    "revoked_link": null,
    "revoked_reason": null,
    "standard": "FIPS 140-3",
    "status": "active",
    "sw_versions": null,
    "tested_conf": null,
    "validation_history": [
      {
        "_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
        "date": "2026-05-21",
        "lab": "DEKRA Cybersecurity Certification Laboratory",
        "validation_type": "Initial"
      }
    ],
    "vendor": "KAYTUS SYSTEMS PTE. LTD.",
    "vendor_url": "https://www.kaytus.com/"
  }
}