This page was not yet optimized for use on mobile
devices.
Microsoft Azure Linux Kernel Crypto API
Certificate #4277
Webpage information
Security policy
Symmetric Algorithms
AES, AES-128, AES-192, AES-256, DES, Triple-DES, HMAC, HMAC-SHA-512, CMACAsymmetric Algorithms
ECDH, ECDSAHash functions
SHA-1, SHA1, SHA-256, SHA-384, SHA-512, SHA-224, SHA3-224, SHA3-256, SHA3-512, SHA3-384Schemes
Key AgreementProtocols
TLS, IPsecRandomness
DRBG, RNGElliptic Curves
P-192, P-256Block cipher modes
ECB, CBC, CTR, CFB, GCM, CCM, XTSVendor
Microsoft Corporation, MicrosoftStandards
FIPS 140, FIPS 140-2, FIPS 197, FIPS 180-4, FIPS 202, FIPS 198-1, FIPS 186-4, NIST SP 800-38B, SP 800-38C, NIST SP 800-38D, NIST SP 800-38E, NIST SP 800-38F, NIST SP 800-67, NIST SP 800-56A, NIST SP 800-90A, NIST SP 800-131A, NIST SP 800-90B, SP 800-90A, SP 800-90B, SP 800-38F, SP 800-57, SP 800-132, NIST SP 800-52, PKCS#1, RFC3686File metadata
| Creation date | D:20231004134043-04'00' |
|---|---|
| Modification date | D:20231004134043-04'00' |
| Pages | 30 |
Heuristics
No heuristics are available for this certificate.
References
No references are available for this certificate.
Updates Feed
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate was first processed.
Raw data
{
"_type": "sec_certs.sample.fips.FIPSCertificate",
"cert_id": 4277,
"dgst": "a62699c162816b54",
"heuristics": {
"_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
"algorithms": {
"_type": "Set",
"elements": [
"DRBG#A1755",
"SHS#A3494",
"CVL#A1755",
"KTS#A1755",
"SHA-3#A3494",
"RSA#A1755",
"AES#A3494",
"HMAC#A1755",
"KAS-SSC#A1755",
"Triple-DES#A1755",
"CVL#A3494",
"SHS#A1755",
"HMAC#A3494",
"RSA#A3494",
"AES#A1755",
"DRBG#A3494",
"KTS#A3494",
"Triple-DES#A3494",
"KAS-SSC#A3494",
"SHA-3#A1755"
]
},
"cpe_matches": null,
"direct_transitive_cves": null,
"extracted_versions": {
"_type": "Set",
"elements": [
"-"
]
},
"indirect_transitive_cves": null,
"module_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"module_prunned_references": {
"_type": "Set",
"elements": []
},
"policy_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"policy_prunned_references": {
"_type": "Set",
"elements": []
},
"related_cves": null,
"verified_cpe_matches": null
},
"pdf_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
"keywords": {
"asymmetric_crypto": {
"ECC": {
"ECDH": {
"ECDH": 1
},
"ECDSA": {
"ECDSA": 4
}
}
},
"certification_process": {},
"cipher_mode": {
"CBC": {
"CBC": 7
},
"CCM": {
"CCM": 5
},
"CFB": {
"CFB": 2
},
"CTR": {
"CTR": 10
},
"ECB": {
"ECB": 10
},
"GCM": {
"GCM": 10
},
"XTS": {
"XTS": 6
}
},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {},
"crypto_protocol": {
"IPsec": {
"IPsec": 2
},
"TLS": {
"TLS": {
"TLS": 1
}
}
},
"crypto_scheme": {
"KA": {
"Key Agreement": 2
}
},
"device_model": {},
"ecc_curve": {
"NIST": {
"P-192": 8,
"P-256": 8
}
},
"eval_facility": {},
"fips_cert_id": {},
"fips_certlike": {
"Certlike": {
"AES CMAC 192": 1,
"AES-128": 5,
"AES-192": 3,
"AES-256": 6,
"HMAC SHA- 224": 1,
"HMAC SHA- 256": 1,
"HMAC SHA- 384": 1,
"HMAC SHA- 512": 1,
"HMAC SHA-1": 4,
"HMAC SHA-224": 1,
"HMAC SHA-256": 3,
"HMAC SHA-384": 3,
"HMAC SHA-512": 6,
"HMAC-SHA-1": 2,
"HMAC-SHA-512": 2,
"PKCS#1": 4,
"RSA PKCS#1": 2,
"SHA- 224": 1,
"SHA- 256": 2,
"SHA- 384": 1,
"SHA- 512": 1,
"SHA- 512 2048": 1,
"SHA-1": 13,
"SHA-224": 1,
"SHA-256": 9,
"SHA-384": 9,
"SHA-512": 12,
"SHA1": 2,
"SHA2- 512": 1,
"SHA2-256": 5,
"SHA2-384": 4,
"SHA2-512": 3,
"SHA3- 256": 1,
"SHA3- 384": 2,
"SHA3-224": 4,
"SHA3-256": 3,
"SHA3-384": 2,
"SHA3-512": 4
}
},
"fips_security_level": {},
"hash_function": {
"SHA": {
"SHA1": {
"SHA-1": 13,
"SHA1": 2
},
"SHA2": {
"SHA-224": 1,
"SHA-256": 9,
"SHA-384": 9,
"SHA-512": 12
},
"SHA3": {
"SHA3-224": 4,
"SHA3-256": 3,
"SHA3-384": 2,
"SHA3-512": 4
}
}
},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {
"PRNG": {
"DRBG": 36
},
"RNG": {
"RNG": 3
}
},
"side_channel_analysis": {},
"standard_id": {
"FIPS": {
"FIPS 140": 2,
"FIPS 140-2": 9,
"FIPS 180-4": 1,
"FIPS 186-4": 3,
"FIPS 197": 1,
"FIPS 198-1": 1,
"FIPS 202": 1
},
"NIST": {
"NIST SP 800-131A": 2,
"NIST SP 800-38B": 2,
"NIST SP 800-38D": 1,
"NIST SP 800-38E": 2,
"NIST SP 800-38F": 4,
"NIST SP 800-52": 1,
"NIST SP 800-56A": 2,
"NIST SP 800-67": 1,
"NIST SP 800-90A": 4,
"NIST SP 800-90B": 1,
"SP 800-132": 1,
"SP 800-38C": 2,
"SP 800-38F": 2,
"SP 800-57": 1,
"SP 800-90A": 3,
"SP 800-90B": 3
},
"PKCS": {
"PKCS#1": 3
},
"RFC": {
"RFC3686": 3
}
},
"symmetric_crypto": {
"AES_competition": {
"AES": {
"AES": 31,
"AES-128": 5,
"AES-192": 3,
"AES-256": 6
}
},
"DES": {
"3DES": {
"Triple-DES": 12
},
"DES": {
"DES": 4
}
},
"constructions": {
"MAC": {
"CMAC": 8,
"HMAC": 60,
"HMAC-SHA-512": 1
}
}
},
"tee_name": {},
"tls_cipher_suite": {},
"vendor": {
"Microsoft": {
"Microsoft": 10,
"Microsoft Corporation": 32
}
},
"vulnerability": {}
},
"policy_metadata": {
"/CreationDate": "D:20231004134043-04\u002700\u0027",
"/MSIP_Label_c968a81f-7ed4-4faa-9408-9652e001dd96_ActionId": "0532fc76-2ee6-4a67-a38a-bf4204b9d836",
"/MSIP_Label_c968a81f-7ed4-4faa-9408-9652e001dd96_ContentBits": "0",
"/MSIP_Label_c968a81f-7ed4-4faa-9408-9652e001dd96_Enabled": "true",
"/MSIP_Label_c968a81f-7ed4-4faa-9408-9652e001dd96_Method": "Privileged",
"/MSIP_Label_c968a81f-7ed4-4faa-9408-9652e001dd96_Name": "Unrestricted",
"/MSIP_Label_c968a81f-7ed4-4faa-9408-9652e001dd96_SetDate": "2023-05-30T16:27:58Z",
"/MSIP_Label_c968a81f-7ed4-4faa-9408-9652e001dd96_SiteId": "b64da4ac-e800-4cfc-8931-e607f720a1b8",
"/MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Application": "Microsoft Azure Information Protection",
"/MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Enabled": "True",
"/MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Extended_MSFT_Method": "Automatic",
"/MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Name": "General",
"/MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Owner": "[email protected]",
"/MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SetDate": "2018-01-05T22:02:27.1067180Z",
"/MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SiteId": "72f988bf-86f1-41af-91ab-2d7cd011db47",
"/ModDate": "D:20231004134043-04\u002700\u0027",
"pdf_file_size_bytes": 658356,
"pdf_hyperlinks": {
"_type": "Set",
"elements": [
"https://csrc.nist.gov/publications/detail/sp/800-38f/final",
"https://csrc.nist.gov/publications/detail/sp/800-90a/rev-1/final",
"http://creativecommons.org/licenses/by-nd-nc/1.0/",
"http://webstore.ansi.org/FindStandards.aspx?%20Action=displaydept\u0026DeptID=80\u0026Acro=X9\u0026DpName=X9,%20Inc%20",
"https://csrc.nist.gov/projects/cryptographic-module-validationprogram/standards",
"https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38e.pdf",
"https://www.kernel.org/doc/html/latest/crypto/index.html",
"https://docs.microsoft.com/en-us/windows/security/threat-protection/fips-140-validation",
"https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-4.pdf",
"https://csrc.nist.gov/publications/detail/sp/800-52/rev-2/final",
"https://csrc.nist.gov/publications/detail/sp/800-131a/rev-2/final",
"https://csrc.nist.gov/publications/detail/sp/800-132/final"
]
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 30
}
},
"state": {
"_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
"module_download_ok": true,
"module_extract_ok": true,
"policy_convert_ok": true,
"policy_download_ok": true,
"policy_extract_ok": true,
"policy_json_hash": null,
"policy_pdf_hash": "df81e68210c8044264b67f076f10b6d1f97cf7944d1d57d6279a1f95ce095e2f",
"policy_txt_hash": "37ece4e7ec6b0be74187af96eedfc4c427ed7830e299b5bd9f80c1c71a66500f"
},
"web_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
"caveat": "When operated in FIPS mode",
"certificate_pdf_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/August 2022_010922_0715_signed.pdf",
"date_sunset": "2026-09-21",
"description": "The Microsoft Azure Linux Kernel Crypto API Cryptographic Module is a general-purpose, software-based cryptographic module. The module provides general purpose cryptographic services that leverage FIPS 140-2-approved cryptographic algorithms. The module runs as part of the operating system kernel, provides cryptographic services to kernel applications through a C language Application Program Interface (API), and provides cryptographic services to user applications through an AF_ALG socket interface. The module is implemented as a set of shared libraries and binary files.",
"embodiment": "Multi-Chip Stand Alone",
"exceptions": [
"Physical Security: N/A",
"Mitigation of Other Attacks: N/A"
],
"fw_versions": null,
"historical_reason": null,
"hw_versions": null,
"level": 1,
"mentioned_certs": {},
"module_name": "Microsoft Azure Linux Kernel Crypto API",
"module_type": "Software",
"revoked_link": null,
"revoked_reason": null,
"standard": "FIPS 140-2",
"status": "active",
"sw_versions": "1.0 and 2.0",
"tested_conf": [
"Microsoft Azure Linux 1.0 on Azure Host Hypervisor running on an Azure Compute C2030 Server with an Intel Xeon Platinum 8272CL with PAA",
"Microsoft Azure Linux 1.0 on Azure Host Hypervisor running on an Azure Compute C2030 Server with an Intel Xeon Platinum 8272CL without PAA",
"Microsoft Azure Linux 1.0 running on an Azure Compute C2030 Server with an Intel Xeon Platinum 8272CL with PAA",
"Microsoft Azure Linux 1.0 running on an Azure Compute C2030 Server with an Intel Xeon Platinum 8272CL without PAA",
"Microsoft Azure Linux 2.0 on Azure Host Hypervisor running on an Azure Compute C2030 Server with an Intel Xeon Platinum 8272CL with PAA",
"Microsoft Azure Linux 2.0 on Azure Host Hypervisor running on an Azure Compute C2030 Server with an Intel Xeon Platinum 8272CL without PAA",
"Microsoft Azure Linux 2.0 running on an Azure Compute C2030 Server with an Intel Xeon Platinum 8272CL with PAA",
"Microsoft Azure Linux 2.0 running on an Azure Compute C2030 Server with an Intel Xeon Platinum 8272CL without PAA"
],
"validation_history": [
{
"_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
"date": "2022-08-15",
"lab": "Leidos Accredited Testing \u0026 Evaluation (AT\u0026E) Lab",
"validation_type": "Initial"
},
{
"_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
"date": "2024-03-01",
"lab": "Leidos Accredited Testing \u0026 Evaluation (AT\u0026E) Lab",
"validation_type": "Update"
}
],
"vendor": "Microsoft Corporation",
"vendor_url": "http://www.microsoft.com"
}
}