BoringCrypto

Certificate #4407

Webpage information ?

Status active
Validation dates 04.01.2023
Sunset date 21-09-2026
Standard FIPS 140-2
Security level 1
Type Software
Embodiment Multi-Chip Stand Alone
Caveat When operated in FIPS mode. No assurance of the minimum strength of generated keys.
Exceptions
  • Physical Security: N/A
  • Mitigation of Other Attacks: N/A
Description A software library that contains cryptographic functionality to serve BoringSSL and other user-space applications.
Tested configurations
  • Debian Linux 5.10.40 (Rodete) running on HPE Z620 with Intel Xeon E5-2680 with PAA
  • Debian Linux 5.10.40 (Rodete) running on HPE Z620 with Intel Xeon E5-2680 without PAA
  • Google prodimage with Linux 4.15.0 running on Ampere Altra SoC with ARM Neoverse N1 with PAA
  • Google prodimage with Linux 4.15.0 running on Ampere Altra SoC with ARM Neoverse N1 without PAA (single-user mode)
  • Google prodimage with Linux 4.15.0 running on Google Arcadia-Rome with AMD Rome with PAA
  • Google prodimage with Linux 4.15.0 running on Google Arcadia-Rome with AMD Rome without PAA
Vendor Google, LLC.
References

This certificate's webpage directly references 0 certificates, transitively this expands into 0 certificates.

Security policy ?

Symmetric Algorithms
AES, AES-256, DES, Triple-DES, TDEA, HMAC, HMAC-SHA-384, HMAC-SHA-512, HMAC-SHA-256
Asymmetric Algorithms
ECDSA, ECC, DH, Diffie-Hellman
Hash functions
SHA-1, SHA-224, SHA-384, SHA-512, SHA-256, MD4, MD5
Schemes
MAC, Key Agreement
Protocols
SSL, TLS, TLS 1.0, TLS v1.2
Randomness
DRBG
Libraries
BoringSSL
Elliptic Curves
P-224, P-256, P-384, P-521, Curve P-256
Block cipher modes
ECB, CBC, CTR, CFB, OFB, GCM, CCM

Security level
Level 1

Standards
FIPS 140-2, FIPS 140, FIPS 197, FIPS 186-4, FIPS 198-1, FIPS 180-4, FIPS PUB 140-2, SP 800-38A, SP 800-38C, SP 800-38D, SP 800-38F, SP 800-67, SP 800-135, NIST SP 800-133, NIST SP 800-90A, SP 800-90A, NIST SP 800-52, NIST SP 800-38D, NIST SP 800-131A, SP 800-133, RFC 2313, RFC 5288, RFC 5246

File metadata

Creation date D:20220509100725-07'00'
Modification date D:20220509100725-07'00'
Pages 25
Creator Microsoft® Word for Microsoft 365
Producer Microsoft® Word for Microsoft 365

Heuristics ?

No heuristics are available for this certificate.

References ?

No references are available for this certificate.

Updates ?

  • 09.02.2023 The certificate was first processed.
    New certificate

    A new FIPS 140 certificate with the product name was processed.

Raw data

{
  "_type": "sec_certs.sample.fips.FIPSCertificate",
  "cert_id": 4407,
  "dgst": "8a3430bd81b8f235",
  "heuristics": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
    "algorithms": {
      "_type": "Set",
      "elements": [
        "CVL#A1657",
        "KAS-SSC#A1657",
        "AES#A1657",
        "KAS#A1657",
        "DRBG#A1657",
        "HMAC#A1657",
        "SHS#A1657",
        "KTS#A1657",
        "ECDSA#A1657",
        "RSA#A1657",
        "Triple-DES#A1657"
      ]
    },
    "cpe_matches": null,
    "direct_transitive_cves": null,
    "extracted_versions": {
      "_type": "Set",
      "elements": [
        "-"
      ]
    },
    "indirect_transitive_cves": null,
    "module_processed_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": null,
      "indirectly_referenced_by": null,
      "indirectly_referencing": null
    },
    "module_prunned_references": {
      "_type": "Set",
      "elements": []
    },
    "policy_processed_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": null,
      "indirectly_referenced_by": null,
      "indirectly_referencing": null
    },
    "policy_prunned_references": {
      "_type": "Set",
      "elements": []
    },
    "related_cves": null,
    "verified_cpe_matches": null
  },
  "pdf_data": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
    "keywords": {
      "asymmetric_crypto": {
        "ECC": {
          "ECC": {
            "ECC": 2
          },
          "ECDSA": {
            "ECDSA": 18
          }
        },
        "FF": {
          "DH": {
            "DH": 7,
            "Diffie-Hellman": 6
          }
        }
      },
      "certification_process": {},
      "cipher_mode": {
        "CBC": {
          "CBC": 3
        },
        "CCM": {
          "CCM": 1
        },
        "CFB": {
          "CFB": 4
        },
        "CTR": {
          "CTR": 2
        },
        "ECB": {
          "ECB": 2
        },
        "GCM": {
          "GCM": 4
        },
        "OFB": {
          "OFB": 4
        }
      },
      "cplc_data": {},
      "crypto_engine": {},
      "crypto_library": {
        "BoringSSL": {
          "BoringSSL": 2
        }
      },
      "crypto_protocol": {
        "TLS": {
          "SSL": {
            "SSL": 1
          },
          "TLS": {
            "TLS": 10,
            "TLS 1.0": 1,
            "TLS v1.2": 1
          }
        }
      },
      "crypto_scheme": {
        "KA": {
          "Key Agreement": 4
        },
        "MAC": {
          "MAC": 1
        }
      },
      "device_model": {},
      "ecc_curve": {
        "NIST": {
          "Curve P-256": 1,
          "P-224": 6,
          "P-256": 9,
          "P-384": 6,
          "P-521": 4
        }
      },
      "eval_facility": {},
      "fips_cert_id": {},
      "fips_certlike": {
        "Certlike": {
          "AES-256": 1,
          "AES-GCM 21": 1,
          "HMAC- SHA-224": 1,
          "HMAC-SHA- 256": 2,
          "HMAC-SHA-1": 4,
          "HMAC-SHA-256": 4,
          "HMAC-SHA-384": 2,
          "HMAC-SHA-512": 4,
          "PAA 2": 1,
          "PAA 4": 1,
          "PAA 5": 2,
          "PAA 6": 1,
          "SHA- 256": 1,
          "SHA-1": 4,
          "SHA-224": 2,
          "SHA-256": 2,
          "SHA-384": 1,
          "SHA-512": 2
        }
      },
      "fips_security_level": {
        "Level": {
          "Level 1": 2
        }
      },
      "hash_function": {
        "MD": {
          "MD4": {
            "MD4": 4
          },
          "MD5": {
            "MD5": 5
          }
        },
        "SHA": {
          "SHA1": {
            "SHA-1": 4
          },
          "SHA2": {
            "SHA-224": 2,
            "SHA-256": 2,
            "SHA-384": 1,
            "SHA-512": 2
          }
        }
      },
      "ic_data_group": {},
      "javacard_api_const": {},
      "javacard_packages": {},
      "javacard_version": {},
      "os_name": {},
      "pq_crypto": {},
      "randomness": {
        "PRNG": {
          "DRBG": 6
        }
      },
      "side_channel_analysis": {},
      "standard_id": {
        "FIPS": {
          "FIPS 140": 4,
          "FIPS 140-2": 22,
          "FIPS 180-4": 2,
          "FIPS 186-4": 3,
          "FIPS 197": 2,
          "FIPS 198-1": 2,
          "FIPS PUB 140-2": 1
        },
        "NIST": {
          "NIST SP 800-131A": 1,
          "NIST SP 800-133": 1,
          "NIST SP 800-38D": 1,
          "NIST SP 800-52": 1,
          "NIST SP 800-90A": 1,
          "SP 800-133": 1,
          "SP 800-135": 3,
          "SP 800-38A": 2,
          "SP 800-38C": 1,
          "SP 800-38D": 2,
          "SP 800-38F": 2,
          "SP 800-67": 2,
          "SP 800-90A": 2
        },
        "RFC": {
          "RFC 2313": 1,
          "RFC 5246": 2,
          "RFC 5288": 1
        }
      },
      "symmetric_crypto": {
        "AES_competition": {
          "AES": {
            "AES": 18,
            "AES-256": 1
          }
        },
        "DES": {
          "3DES": {
            "TDEA": 4,
            "Triple-DES": 16
          },
          "DES": {
            "DES": 4
          }
        },
        "constructions": {
          "MAC": {
            "HMAC": 6,
            "HMAC-SHA-256": 2,
            "HMAC-SHA-384": 1,
            "HMAC-SHA-512": 2
          }
        }
      },
      "tee_name": {},
      "tls_cipher_suite": {},
      "vendor": {},
      "vulnerability": {}
    },
    "policy_metadata": {
      "/CreationDate": "D:20220509100725-07\u002700\u0027",
      "/Creator": "Microsoft\u00ae Word for Microsoft 365",
      "/ModDate": "D:20220509100725-07\u002700\u0027",
      "/Producer": "Microsoft\u00ae Word for Microsoft 365",
      "pdf_file_size_bytes": 493847,
      "pdf_hyperlinks": {
        "_type": "Set",
        "elements": [
          "https://commondatastorage.googleapis.com/chromium-boringssl-fips/boringssl-853ca1ea1168dff08011e5d42d94609cc0ca2e27.tar.xz",
          "https://cmake.org/download/",
          "http://releases.llvm.org/download.html",
          "https://github.com/ninja-build/ninja/releases",
          "https://golang.org/dl/",
          "https://csrc.nist.gov/groups/STM/cmvp/index.html"
        ]
      },
      "pdf_is_encrypted": false,
      "pdf_number_of_pages": 25
    }
  },
  "state": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
    "module_download_ok": true,
    "module_extract_ok": true,
    "policy_convert_garbage": false,
    "policy_convert_ok": true,
    "policy_download_ok": true,
    "policy_extract_ok": true,
    "policy_pdf_hash": "344017adf5b97c005dc5b53261967b4c083d81e95b4ad12e1f58ac0aa2727e65",
    "policy_txt_hash": "715095cada027c55dfc635272023b08d442c21511949b42b95282934136e0821"
  },
  "web_data": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
    "caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys.",
    "certificate_pdf_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/January 2023_010223_0657_signed.pdf",
    "date_sunset": "2026-09-21",
    "description": "A software library that contains cryptographic functionality to serve BoringSSL and other user-space applications.",
    "embodiment": "Multi-Chip Stand Alone",
    "exceptions": [
      "Physical Security: N/A",
      "Mitigation of Other Attacks: N/A"
    ],
    "fw_versions": null,
    "historical_reason": null,
    "hw_versions": null,
    "level": 1,
    "mentioned_certs": {},
    "module_name": "BoringCrypto",
    "module_type": "Software",
    "revoked_link": null,
    "revoked_reason": null,
    "standard": "FIPS 140-2",
    "status": "active",
    "sw_versions": "853ca1ea1168dff08011e5d42d94609cc0ca2e27",
    "tested_conf": [
      "Debian Linux 5.10.40 (Rodete) running on HPE Z620 with Intel Xeon E5-2680 with PAA",
      "Debian Linux 5.10.40 (Rodete) running on HPE Z620 with Intel Xeon E5-2680 without PAA",
      "Google prodimage with Linux 4.15.0 running on Ampere Altra SoC with ARM Neoverse N1 with PAA",
      "Google prodimage with Linux 4.15.0 running on Ampere Altra SoC with ARM Neoverse N1 without PAA (single-user mode)",
      "Google prodimage with Linux 4.15.0 running on Google Arcadia-Rome with AMD Rome with PAA",
      "Google prodimage with Linux 4.15.0 running on Google Arcadia-Rome with AMD Rome without PAA"
    ],
    "validation_history": [
      {
        "_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
        "date": "2023-01-04",
        "lab": "ACUMEN SECURITY, LLC",
        "validation_type": "Initial"
      }
    ],
    "vendor": "Google, LLC.",
    "vendor_url": "https://www.google.com/"
  }
}