This page was not yet optimized for use on mobile devices.
SUSE Rancher Kubernetes Cryptographic Library
Certificate #4968
Webpage information ?
Security policy ?
Symmetric Algorithms
AES, AES-256, AES-, CAST, DES, Triple-DES, HMACAsymmetric Algorithms
ECDSA, ECC, DHHash functions
SHA-1, MD4, MD5Schemes
MAC, Key AgreementProtocols
SSL, TLS, TLS 1.2, TLS v1.2Randomness
DRBGElliptic Curves
P-224, P-256, P-384, P-521Block cipher modes
ECB, CBC, CTR, CFB, OFB, GCM, CCMTrusted Execution Environments
PSPVendor
QualcommSecurity level
Level 1Standards
FIPS 140-3, FIPS 197, FIPS 186-4, FIPS 198-1, FIPS 180-4, FIPS PUB 140-3, NIST SP 800-52, NIST SP 800-38D, SP 800-38A, SP 800-38C, SP 800-38D, SP 800-38F, SP 800-52, SP 800-56A, SP 800-90A, SP 800-131A, SP 800-133, SP 800-135, PKCS 1, RFC 5288, RFC 5246, ISO/IEC 24759, ISO/IEC 19790File metadata
| Author | Scott Ehrlich |
|---|---|
| Creation date | D:20241015002017+10'00' |
| Modification date | D:20241015002048+10'00' |
| Pages | 32 |
| Creator | Acrobat PDFMaker 24 for Word |
| Producer | Adobe PDF Library 24.3.212 |
Heuristics ?
No heuristics are available for this certificate.
References ?
No references are available for this certificate.
Updates ?
-
24.02.2025 The certificate was first processed.
New certificate
A new FIPS 140 certificate with the product name SUSE Rancher Kubernetes Cryptographic Library was processed.
Raw data
{
"_type": "sec_certs.sample.fips.FIPSCertificate",
"cert_id": 4968,
"dgst": "914a6de7d89980a5",
"heuristics": {
"_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
"algorithms": {
"_type": "Set",
"elements": [
"ECDSA KeyVer (FIPS186-4)A2811",
"AES-KWPA2811",
"HMAC-SHA2-256A2811",
"SHA2-512/256A2811",
"AES-CBCA2811",
"ECDSA SigVer (FIPS186-4)A2811",
"HMAC-SHA-1A2811",
"AES-CCMA2811",
"RSA KeyGen (FIPS186-4)A2811",
"RSA SigVer (FIPS186-4)A2811",
"AES-ECBA2811",
"SHA-1A2811",
"HMAC-SHA2-512A2811",
"SHA2-256A2811",
"AES-CTRA2811",
"SHA2-512A2811",
"KAS-ECC-SSC Sp800-56Ar3A2811",
"ECDSA SigGen (FIPS186-4)A2811",
"HMAC-SHA2-384A2811",
"HMAC-SHA2-224A2811",
"SHA2-224A2811",
"KDF TLSA2811",
"AES-GCMA2811",
"AES-KWA2811",
"SHA2-384A2811",
"Counter DRBGA2811",
"RSA SigGen (FIPS186-4)A2811",
"ECDSA KeyGen (FIPS186-4)A2811"
]
},
"cpe_matches": null,
"direct_transitive_cves": null,
"extracted_versions": {
"_type": "Set",
"elements": [
"-"
]
},
"indirect_transitive_cves": null,
"module_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"module_prunned_references": {
"_type": "Set",
"elements": []
},
"policy_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"policy_prunned_references": {
"_type": "Set",
"elements": []
},
"related_cves": null,
"verified_cpe_matches": null
},
"pdf_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
"keywords": {
"asymmetric_crypto": {
"ECC": {
"ECC": {
"ECC": 1
},
"ECDSA": {
"ECDSA": 23
}
},
"FF": {
"DH": {
"DH": 9
}
}
},
"certification_process": {},
"cipher_mode": {
"CBC": {
"CBC": 7
},
"CCM": {
"CCM": 5
},
"CFB": {
"CFB": 1
},
"CTR": {
"CTR": 5
},
"ECB": {
"ECB": 5
},
"GCM": {
"GCM": 6
},
"OFB": {
"OFB": 1
}
},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {},
"crypto_protocol": {
"TLS": {
"SSL": {
"SSL": 1
},
"TLS": {
"TLS": 20,
"TLS 1.2": 3,
"TLS v1.2": 1
}
}
},
"crypto_scheme": {
"KA": {
"Key Agreement": 7
},
"MAC": {
"MAC": 1
}
},
"device_model": {},
"ecc_curve": {
"NIST": {
"P-224": 4,
"P-256": 10,
"P-384": 2,
"P-521": 4
}
},
"eval_facility": {},
"fips_cert_id": {},
"fips_certlike": {
"Certlike": {
"AES-256": 1,
"AES-GCM IV4": 1,
"HMAC-SHA-1": 6,
"PAA 10": 1,
"PAA 11": 1,
"PAA 12": 1,
"PAA 14": 1,
"PAA 15": 1,
"PAA 16": 1,
"PAA 17": 1,
"PAA 18": 1,
"PAA 2": 1,
"PAA 3": 1,
"PAA 4": 1,
"PAA 5": 1,
"PAA 6": 1,
"PAA 7": 1,
"PAA 8": 1,
"PAA 9": 1,
"PKCS 1": 2,
"SHA-1": 2,
"SHA-13": 1,
"SHA2- 384": 2,
"SHA2-224": 2,
"SHA2-256": 6,
"SHA2-384": 1,
"SHA2-512": 5
}
},
"fips_security_level": {
"Level": {
"Level 1": 3
}
},
"hash_function": {
"MD": {
"MD4": {
"MD4": 4
},
"MD5": {
"MD5": 5
}
},
"SHA": {
"SHA1": {
"SHA-1": 2
}
}
},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {
"PRNG": {
"DRBG": 13
}
},
"side_channel_analysis": {},
"standard_id": {
"FIPS": {
"FIPS 140-3": 13,
"FIPS 180-4": 2,
"FIPS 186-4": 3,
"FIPS 197": 5,
"FIPS 198-1": 2,
"FIPS PUB 140-3": 1
},
"ISO": {
"ISO/IEC 19790": 2,
"ISO/IEC 24759": 2
},
"NIST": {
"NIST SP 800-38D": 1,
"NIST SP 800-52": 1,
"SP 800-131A": 1,
"SP 800-133": 1,
"SP 800-135": 1,
"SP 800-38A": 1,
"SP 800-38C": 1,
"SP 800-38D": 1,
"SP 800-38F": 1,
"SP 800-52": 1,
"SP 800-56A": 1,
"SP 800-90A": 1
},
"PKCS": {
"PKCS 1": 1
},
"RFC": {
"RFC 5246": 1,
"RFC 5288": 1
}
},
"symmetric_crypto": {
"AES_competition": {
"AES": {
"AES": 21,
"AES-": 1,
"AES-256": 1
},
"CAST": {
"CAST": 3
}
},
"DES": {
"3DES": {
"Triple-DES": 3
},
"DES": {
"DES": 3
}
},
"constructions": {
"MAC": {
"HMAC": 5
}
}
},
"tee_name": {
"AMD": {
"PSP": 3
}
},
"tls_cipher_suite": {},
"vendor": {
"Qualcomm": {
"Qualcomm": 6
}
},
"vulnerability": {}
},
"policy_metadata": {
"/Author": "Scott Ehrlich",
"/Company": "",
"/ContentTypeId": "0x0101008CEA64F1FB1D5A4F93ABC4EA3F4AF0B8",
"/CreationDate": "D:20241015002017+10\u002700\u0027",
"/Creator": "Acrobat PDFMaker 24 for Word",
"/Keywords": "",
"/MediaServiceImageTags": "",
"/ModDate": "D:20241015002048+10\u002700\u0027",
"/Producer": "Adobe PDF Library 24.3.212",
"/SourceModified": "",
"/Subject": "",
"/Title": "",
"/_Document Date": "October 14, 2024",
"/_Document Revision": "0.2",
"/_Document Year": "2024",
"/_Module Name (long)": "SUSE Rancher Kubernetes Cryptographic Library",
"/_Module Version": "2.0",
"/_Security Level": "1",
"/_Vendor Name (long)": "SUSE LLC.",
"/_Vendor Name (short)": "SUSE",
"pdf_file_size_bytes": 601323,
"pdf_hyperlinks": {
"_type": "Set",
"elements": [
"https://csrc.nist.gov/projects/cryptographic-module-validation-program",
"https://ci.android.com/builds/submitted/8918218/aosp_arm64-userdebug/latest/manifest_8918218.xml",
"http://www.corsec.com/",
"https://cmake.org/download/",
"https://git-scm.com/download/linux",
"https://github.com/ninja-build/ninja/releases",
"https://golang.org/dl/",
"https://boringssl.googlesource.com/boringssl.git/+/refs/heads/fips-20220613/crypto/fipsmodule/FIPS.md",
"http://releases.llvm.org/download.html",
"https://boringssl.googlesource.com/boringssl"
]
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 32
}
},
"state": {
"_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
"module_download_ok": true,
"module_extract_ok": true,
"policy_convert_garbage": false,
"policy_convert_ok": true,
"policy_download_ok": true,
"policy_extract_ok": true,
"policy_pdf_hash": "b6764be67820a6b2783b0ca241177e7984b28b4ceccd3d924e634f2674dc72dd",
"policy_txt_hash": "acbb9a77d001ed96148212ec7a37ec97c9a122aa80846c80b0cff60007eac429"
},
"web_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
"caveat": "No assurance of the minimum strength of generated SSPs (e.g., keys). When operated in approved mode.",
"certificate_pdf_url": null,
"date_sunset": "2029-07-22",
"description": "A software library that contains cryptography to serve SUSE\u2019s Rancher Kubernetes Engine and its ecosystem of supported cloud-native tools written in the Go programming language.",
"embodiment": "Multi-Chip Stand Alone",
"exceptions": [
"Physical security: N/A",
"Non-invasive security: N/A",
"Mitigation of other attacks: N/A"
],
"fw_versions": null,
"historical_reason": null,
"hw_versions": null,
"level": 1,
"mentioned_certs": {},
"module_name": "SUSE Rancher Kubernetes Cryptographic Library",
"module_type": "Software",
"revoked_link": null,
"revoked_reason": null,
"standard": "FIPS 140-3",
"status": "active",
"sw_versions": "2.0",
"tested_conf": [
"Android 13 running on Google Pixel 4a with Qualcomm Snapdragon 730 32-bit with PAA",
"Android 13 running on Google Pixel 4a with Qualcomm Snapdragon 730 32-bit without PAA",
"Android 13 running on Google Pixel 4a with Qualcomm Snapdragon 730 64-bit with PAA",
"Android 13 running on Google Pixel 4a with Qualcomm Snapdragon 730 64-bit without PAA",
"Android 13 running on Google Pixel 4XL with Qualcomm Snapdragon 855 32-bit with PAA",
"Android 13 running on Google Pixel 4XL with Qualcomm Snapdragon 855 32-bit without PAA",
"Android 13 running on Google Pixel 4XL with Qualcomm Snapdragon 855 64-bit with PAA",
"Android 13 running on Google Pixel 4XL with Qualcomm Snapdragon 855 64-bit without PAA",
"Android 13 running on Google Pixel 5a with Qualcomm Snapdragon 765 32-bit with PAA",
"Android 13 running on Google Pixel 5a with Qualcomm Snapdragon 765 32-bit without PAA",
"Android 13 running on Google Pixel 5a with Qualcomm Snapdragon 765 64-bit with PAA",
"Android 13 running on Google Pixel 5a with Qualcomm Snapdragon 765 64-bit without PAA",
"Android 13 running on Google Pixel 6 Pro with Google Tensor 32-bit with PAA",
"Android 13 running on Google Pixel 6 Pro with Google Tensor 32-bit without PAA",
"Android 13 running on Google Pixel 6 Pro with Google Tensor 64-bit with PAA",
"Android 13 running on Google Pixel 6 Pro with Google Tensor 64-bit without PAA",
"Android 13 running on Google Pixel 7 Pro with Google Tensor G2 32-bit with PAA",
"Android 13 running on Google Pixel 7 Pro with Google Tensor G2 32-bit without PAA",
"Android 13 running on Google Pixel 7 Pro with Google Tensor G2 64-bit with PAA",
"Android 13 running on Google Pixel 7 Pro with Google Tensor G2 64-bit without PAA",
"Debian Linux 5.17.11 (Rodete) running on n2d with AMD EPYC 7B12 with PAA",
"Debian Linux 5.17.11 (Rodete) running on n2d with AMD EPYC 7B12 without PAA",
"Google Prodimage with Linux 4.15.0 running on n1 with Intel Xeon E5 2696 v4 with PAA",
"Google Prodimage with Linux 4.15.0 running on n1 with Intel Xeon E5 2696 v4 without PAA",
"Google Prodimage with Linux 4.15.0 running on Tau t2a with Ampere Altra with PAA",
"Google Prodimage with Linux 4.15.0 running on Tau t2a with Ampere Altra without PAA",
"Google Prodimage with Linux 5.10.120 running on IN762 with PAA",
"Google Prodimage with Linux 5.10.120 running on IN762 without PAA"
],
"validation_history": [
{
"_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
"date": "2025-02-20",
"lab": "Teron Labs",
"validation_type": "Initial"
}
],
"vendor": "SUSE LLC",
"vendor_url": "http://www.suse.com"
}
}