{"_type": "sec_certs.sample.fips.FIPSCertificate", "dgst": "8c525f93672f3080", "cert_id": 5287, "web_data": {"_type": "sec_certs.sample.fips.FIPSCertificate.WebData", "module_name": "Cisco Adaptive Security Appliance on 4K/9K Cryptographic Module", "validation_history": [{"_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry", "date": "2026-05-22", "validation_type": "Initial", "lab": "Gossamer Security Solutions"}], "vendor_url": "http://www.cisco.com", "vendor": "Cisco Systems, Inc.", "certificate_pdf_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/May 2026_030626_0716.pdf", "module_type": "Hardware", "standard": "FIPS 140-3", "status": "active", "level": 1, "caveat": "When operated in approved mode and installed, initialized and configured as specified in Section 11 of the Security Policy.", "exceptions": ["Roles, services, and authentication: Level 3", "Non-invasive security: N/A", "Mitigation of other attacks: N/A"], "embodiment": "MultiChipEmbed", "description": "Cisco Adaptive Security Appliance on 4K/9K Cryptographic Module is an integrated network security system providing enterprise-class firewall with a comprehensive range of next-generation network security services, intrusion prevention system (IPS), content security and secure unified communications, HTTPS/TLSv1.2, SSHv2, IPsec/IKEv2, SNMPv3 and Cryptographic Cipher Suite B using the ASA Cryptographic Module.", "tested_conf": null, "hw_versions": null, "fw_versions": null, "sw_versions": null, "mentioned_certs": {}, "historical_reason": null, "date_sunset": "2031-05-21", "revoked_reason": null, "revoked_link": null}, "pdf_data": {"_type": "sec_certs.sample.fips.FIPSCertificate.PdfData", "keywords": {"fips_cert_id": {"Cert": {"#1": 1}}, "fips_security_level": {"Level": {"Level 1": 3}}, "fips_certlike": {"Certlike": {"HMAC-SHA-1": 12, "HMAC- SHA-1": 3, "SHA2-224": 4, "SHA2-256": 8, "SHA2- 384": 4, "SHA2-512": 9, "SHA-1": 12, "SHA2- 256": 7, "SHA2-384": 6, "SHA2- 512": 4, "SHA3-256": 1, "RSA 2048": 3, "- PKCS 1": 1, "PKCS 1": 3, "AES-128": 3, "AES-192": 2, "AES-256": 2, "AES-128/192/256": 1, "DRBG 384": 1}}, "vendor": {"Cisco": {"Cisco Systems, Inc": 78, "Cisco": 12}}, "eval_facility": {}, "symmetric_crypto": {"AES_competition": {"AES": {"AES-128": 3, "AES-192": 2, "AES-256": 2, "AES": 29, "AES-": 4}, "CAST": {"CAST": 64}}, "DES": {"3DES": {"3DES": 6}}, "constructions": {"MAC": {"HMAC": 27}}}, "asymmetric_crypto": {"RSA": {"RSA 2048": 3}, "ECC": {"ECDH": {"ECDH": 90, "ECDHE": 1}, "ECDSA": {"ECDSA": 84}, "ECC": {"ECC": 3}}, "FF": {"DH": {"Diffie-Hellman": 1, "DH": 87}, "DSA": {"DSA": 3}}}, "pq_crypto": {}, "hash_function": {"SHA": {"SHA1": {"SHA-1": 12}, "SHA3": {"SHA3-256": 1}}}, "crypto_scheme": {"MAC": {"MAC": 5}}, "crypto_protocol": {"SSH": {"SSHv2": 131, "SSH": 125}, "TLS": {"TLS": {"TLS v1.2": 7, "TLSv1.2": 131, "TLSv1.3": 4, "TLS": 129}}, "IKE": {"IKEv2": 75, "IKE": 4}, "IPsec": {"IPsec": 1}, "VPN": {"VPN": 6}}, "randomness": {"PRNG": {"DRBG": 88}, "RNG": {"RBG": 2}}, "cipher_mode": {"GCM": {"GCM": 8}}, "ecc_curve": {"NIST": {"P-256": 38, "P-384": 36, "P-521": 32, "secp256r1": 2, "secp384r1": 2, "secp521r1": 2}}, "crypto_engine": {}, "tls_cipher_suite": {}, "crypto_library": {}, "vulnerability": {}, "side_channel_analysis": {}, "device_model": {}, "tee_name": {"AMD": {"PSP": 18}, "IBM": {"SSC": 6}}, "os_name": {}, "cplc_data": {}, "ic_data_group": {}, "standard_id": {"FIPS": {"FIPS 140-3": 8, "FIPS186-4": 25, "FIPS 186-4": 8, "FIPS 198-1": 9, "FIPS 180-4": 9}, "NIST": {"SP 800-140": 1, "SP 800-38A": 2, "SP 800-38D": 2, "SP 800-90A": 1, "SP 800-56A": 3, "SP 800-135": 4, "SP 800-52": 1}, "PKCS": {"PKCS 1": 2}, "RFC": {"RFC7627": 3, "RFC 5647": 4, "RFC 5288": 1, "RFC 7296": 1, "RFC 4419": 2, "RFC 7919": 2, "RFC 3526": 2, "RFC 4492": 1, "RFC 5903": 1}, "ISO": {"ISO/IEC 19790": 2}}, "javacard_version": {}, "javacard_api_const": {}, "javacard_packages": {}, "certification_process": {"OutOfScope": {"out of scope": 1, "fails. Any firmware loaded into the module that is not shown on the module certificate, is out of scope of this validation and requires a separate FIPS 140-3 validation. 4.6 Bypass Actions and Status The": 1}}}, "policy_metadata": {"pdf_file_size_bytes": 1102846, "pdf_is_encrypted": false, "pdf_number_of_pages": 74, "/Author": "JustinBettencourt", "/Creator": "Microsoft\u00ae Word for Microsoft 365", "/CreationDate": "D:20260522064728-04'00'", "/ModDate": "D:20260522064728-04'00'", "/Producer": "Microsoft\u00ae Word for Microsoft 365", "pdf_hyperlinks": {"_type": "Set", "elements": ["https://www.cisco.com/c/en/us/td/docs/security/asa/asa919/configuration/general/asa-919-general-config.html", "https://www.cisco.com/c/en/us/products/collateral/security/firepower-9000-series/datasheet-c78-742471.html", "https://www.cisco.com/c/en/us/products/collateral/security/firepower-4100-series/datasheet-c78-742474.html"]}}}, "heuristics": {"_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics", "algorithms": {"_type": "Set", "elements": []}, "extracted_versions": {"_type": "Set", "elements": ["-"]}, "cpe_matches": {"_type": "Set", "elements": ["cpe:2.3:h:cisco:adaptive_security_appliance_5520:-:*:*:*:*:*:*:*", "cpe:2.3:h:cisco:adaptive_security_appliance_5510:-:*:*:*:*:*:*:*", "cpe:2.3:h:cisco:adaptive_security_appliance_5505:-:*:*:*:*:*:*:*", "cpe:2.3:h:cisco:adaptive_security_appliance_5550:-:*:*:*:*:*:*:*", "cpe:2.3:h:cisco:adaptive_security_appliance_5540:-:*:*:*:*:*:*:*"]}, "verified_cpe_matches": null, "related_cves": null, "policy_prunned_references": {"_type": "Set", "elements": []}, "module_prunned_references": {"_type": "Set", "elements": []}, "policy_processed_references": {"_type": "sec_certs.sample.certificate.References", "directly_referenced_by": null, "indirectly_referenced_by": null, "directly_referencing": null, "indirectly_referencing": null}, "module_processed_references": {"_type": "sec_certs.sample.certificate.References", "directly_referenced_by": null, "indirectly_referenced_by": null, "directly_referencing": null, "indirectly_referencing": null}, "direct_transitive_cves": null, "indirect_transitive_cves": null}, "state": {"_type": "sec_certs.sample.fips.InternalState", "module": {"_type": "sec_certs.sample.document_state.DocumentState", "download_ok": true, "convert_ok": true, "extract_ok": true, "source_hash": null, "txt_hash": null, "json_hash": null}, "policy": {"_type": "sec_certs.sample.document_state.DocumentState", "download_ok": true, "convert_ok": true, "extract_ok": true, "source_hash": "5bea45ee58d18789645bdc663eea1449f9d4a5ef5d937678e4aa4ed81602a97b", "txt_hash": "a851fd6fac8a59d4794a943db14966d7d17c15ea2aac166eb6fb591dfccc529c", "json_hash": null}}}