This page was not yet optimized for use on mobile devices.
VMware's BoringCrypto Module
Certificate #4973
Webpage information ?
Security policy ?
Symmetric Algorithms
AES, AES-256, CAST, DES, Triple-DES, HMACAsymmetric Algorithms
ECDSA, ECC, DH, Diffie-HellmanHash functions
SHA-1, MD4, MD5Schemes
MAC, Key AgreementProtocols
SSL, TLS, TLS 1.2, TLS v1.2Randomness
DRBGLibraries
BoringSSLElliptic Curves
P-224, P-256, P-384, P-521Block cipher modes
ECB, CBC, CTR, CFB, OFB, GCM, CCMTrusted Execution Environments
PSPVendor
Broadcom Inc, BroadcomSecurity level
Level 1Standards
FIPS 140-3, FIPS 197, FIPS 186-4, FIPS 198-1, FIPS 180-4, FIPS PUB 140-3, NIST SP 800-52, NIST SP 800-38D, SP 800-38A, SP 800-38C, SP 800-38D, SP 800-38F, SP 800-52, SP 800-56A, SP 800-90A, SP 800-131A, SP 800-133, SP 800-135, PKCS 1, RFC 5288, RFC 5246, ISO/IEC 24759, ISO/IEC 19790File metadata
| Author | Scott Ehrlich |
|---|---|
| Creation date | D:20241127234352-05'00' |
| Modification date | D:20241127234352-05'00' |
| Pages | 28 |
| Creator | Microsoft® Word for Microsoft 365 |
| Producer | Microsoft® Word for Microsoft 365 |
Heuristics ?
No heuristics are available for this certificate.
References ?
No references are available for this certificate.
Updates ?
-
03.03.2025 The certificate was first processed.
New certificate
A new FIPS 140 certificate with the product name VMware's BoringCrypto Module was processed.
Raw data
{
"_type": "sec_certs.sample.fips.FIPSCertificate",
"cert_id": 4973,
"dgst": "a818957b3a1f9857",
"heuristics": {
"_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
"algorithms": {
"_type": "Set",
"elements": [
"RSA KeyGen (FIPS186-4)A2811",
"RSA SigVer (FIPS186-4)A2811",
"SHA2-512/256A2811",
"ECDSA SigGen (FIPS186-4)A2811",
"SHA2-256A2811",
"AES-KWPA2811",
"HMAC-SHA2-512A2811",
"AES-CCMA2811",
"AES-CBCA2811",
"HMAC-SHA2-224A2811",
"AES-KWA2811",
"ECDSA SigVer (FIPS186-4)A2811",
"SHA2-512A2811",
"HMAC-SHA-1A2811",
"HMAC-SHA2-256A2811",
"AES-ECBA2811",
"AES-GCMA2811",
"SHA-1A2811",
"SHA2-224A2811",
"HMAC-SHA2-384A2811",
"AES-CTRA2811",
"KAS-ECC-SSC Sp800-56Ar3A2811",
"KDF TLSA2811",
"SHA2-384A2811",
"Counter DRBGA2811",
"ECDSA KeyVer (FIPS186-4)A2811",
"ECDSA KeyGen (FIPS186-4)A2811",
"RSA SigGen (FIPS186-4)A2811"
]
},
"cpe_matches": null,
"direct_transitive_cves": null,
"extracted_versions": {
"_type": "Set",
"elements": [
"-"
]
},
"indirect_transitive_cves": null,
"module_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"module_prunned_references": {
"_type": "Set",
"elements": []
},
"policy_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"policy_prunned_references": {
"_type": "Set",
"elements": []
},
"related_cves": null,
"verified_cpe_matches": null
},
"pdf_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
"keywords": {
"asymmetric_crypto": {
"ECC": {
"ECC": {
"ECC": 1
},
"ECDSA": {
"ECDSA": 23
}
},
"FF": {
"DH": {
"DH": 9,
"Diffie-Hellman": 1
}
}
},
"certification_process": {},
"cipher_mode": {
"CBC": {
"CBC": 7
},
"CCM": {
"CCM": 5
},
"CFB": {
"CFB": 1
},
"CTR": {
"CTR": 5
},
"ECB": {
"ECB": 5
},
"GCM": {
"GCM": 6
},
"OFB": {
"OFB": 1
}
},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {
"BoringSSL": {
"BoringSSL": 1
}
},
"crypto_protocol": {
"TLS": {
"SSL": {
"SSL": 1
},
"TLS": {
"TLS": 20,
"TLS 1.2": 3,
"TLS v1.2": 1
}
}
},
"crypto_scheme": {
"KA": {
"Key Agreement": 7
},
"MAC": {
"MAC": 1
}
},
"device_model": {},
"ecc_curve": {
"NIST": {
"P-224": 4,
"P-256": 10,
"P-384": 2,
"P-521": 4
}
},
"eval_facility": {},
"fips_cert_id": {},
"fips_certlike": {
"Certlike": {
"AES-256": 1,
"AES-GCM IV4": 1,
"HMAC-SHA-1": 6,
"PAA 2": 1,
"PAA 3": 1,
"PAA 4": 1,
"PKCS 1": 2,
"SHA-1": 2,
"SHA-13": 1,
"SHA2- 384": 2,
"SHA2-224": 2,
"SHA2-256": 6,
"SHA2-384": 1,
"SHA2-512": 5
}
},
"fips_security_level": {
"Level": {
"Level 1": 3
}
},
"hash_function": {
"MD": {
"MD4": {
"MD4": 4
},
"MD5": {
"MD5": 5
}
},
"SHA": {
"SHA1": {
"SHA-1": 2
}
}
},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {
"PRNG": {
"DRBG": 13
}
},
"side_channel_analysis": {},
"standard_id": {
"FIPS": {
"FIPS 140-3": 12,
"FIPS 180-4": 2,
"FIPS 186-4": 3,
"FIPS 197": 5,
"FIPS 198-1": 2,
"FIPS PUB 140-3": 1
},
"ISO": {
"ISO/IEC 19790": 2,
"ISO/IEC 24759": 2
},
"NIST": {
"NIST SP 800-38D": 1,
"NIST SP 800-52": 1,
"SP 800-131A": 1,
"SP 800-133": 1,
"SP 800-135": 1,
"SP 800-38A": 1,
"SP 800-38C": 1,
"SP 800-38D": 1,
"SP 800-38F": 1,
"SP 800-52": 1,
"SP 800-56A": 1,
"SP 800-90A": 1
},
"PKCS": {
"PKCS 1": 1
},
"RFC": {
"RFC 5246": 1,
"RFC 5288": 1
}
},
"symmetric_crypto": {
"AES_competition": {
"AES": {
"AES": 21,
"AES-256": 1
},
"CAST": {
"CAST": 3
}
},
"DES": {
"3DES": {
"Triple-DES": 3
},
"DES": {
"DES": 3
}
},
"constructions": {
"MAC": {
"HMAC": 5
}
}
},
"tee_name": {
"AMD": {
"PSP": 3
}
},
"tls_cipher_suite": {},
"vendor": {
"Broadcom": {
"Broadcom": 1,
"Broadcom Inc": 5
}
},
"vulnerability": {}
},
"policy_metadata": {
"/Author": "Scott Ehrlich",
"/CreationDate": "D:20241127234352-05\u002700\u0027",
"/Creator": "Microsoft\u00ae Word for Microsoft 365",
"/ModDate": "D:20241127234352-05\u002700\u0027",
"/Producer": "Microsoft\u00ae Word for Microsoft 365",
"pdf_file_size_bytes": 610100,
"pdf_hyperlinks": {
"_type": "Set",
"elements": [
"http://releases.llvm.org/download.html",
"https://csrc.nist.gov/projects/cryptographic-module-validation-program",
"https://cmake.org/download/",
"http://www.acumensecurity.net/",
"https://git-scm.com/download/linux",
"https://boringssl.googlesource.com/boringssl.git/+/refs/heads/fips-20220613/crypto/fipsmodule/FIPS.md",
"https://github.com/ninja-build/ninja/releases",
"https://ci.android.com/builds/submitted/8918218/aosp_arm64-userdebug/latest/manifest_8918218.xml",
"https://boringssl.googlesource.com/boringssl",
"https://golang.org/dl/"
]
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 28
}
},
"state": {
"_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
"module_download_ok": true,
"module_extract_ok": true,
"policy_convert_garbage": false,
"policy_convert_ok": true,
"policy_download_ok": true,
"policy_extract_ok": true,
"policy_pdf_hash": "7b5be571384f7e0e6ea34f827b4310a5261cb947e57a9e54ddbfb8588140059c",
"policy_txt_hash": "fa48a61997a3f7a4959278b313ffc93891aa77a6207488d6d69b1fed50c045b3"
},
"web_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
"caveat": "No assurance of the minimum strength of generated SSPs (e.g., keys). When operated in approved mode.",
"certificate_pdf_url": null,
"date_sunset": "2029-07-22",
"description": "VMware\u2019s BoringCrypto Module is a versatile software library that implements and provides FIPS 140-3 approved cryptographic functionalities to various VMware products and services.",
"embodiment": "Multi-Chip Stand Alone",
"exceptions": [
"Physical security: N/A",
"Non-invasive security: N/A",
"Mitigation of other attacks: N/A"
],
"fw_versions": null,
"historical_reason": null,
"hw_versions": null,
"level": 1,
"mentioned_certs": {},
"module_name": "VMware\u0027s BoringCrypto Module",
"module_type": "Software",
"revoked_link": null,
"revoked_reason": null,
"standard": "FIPS 140-3",
"status": "active",
"sw_versions": "2022061300",
"tested_conf": [
"Debian Linux 5.17.11 (Rodete) running on n2d with AMD EPYC 7B12 with PAA",
"Debian Linux 5.17.11 (Rodete) running on n2d with AMD EPYC 7B12 without PAA",
"Google Prodimage with Linux 4.15.0 running on n1 with Intel Xeon E5 2696 v4 with PAA",
"Google Prodimage with Linux 4.15.0 running on n1 with Intel Xeon E5 2696 v4 without PAA"
],
"validation_history": [
{
"_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
"date": "2025-02-26",
"lab": "ACUMEN SECURITY, LLC",
"validation_type": "Initial"
}
],
"vendor": "Broadcom Inc.",
"vendor_url": "http://www.broadcom.com"
}
}