This page was not yet optimized for use on mobile devices.
Axis Cryptographic Module
Certificate #4621
Webpage information
Security policy
Symmetric Algorithms
AES, AES128, AES192, AES256, AES-128, AES-192, AES-256, Triple-DES, TDES, TDEA, HMAC, KMAC, CMACAsymmetric Algorithms
RSA-OAEP, ECDH, ECDSA, ECC, DH, Diffie-Hellman, DSAHash functions
SHA-1, SHA-2, SHA-3, SHA-3-224, SHA3-224, SHA-3-256, Keccak, PBKDF2, PBKDFSchemes
Key AgreementProtocols
SSHv2, TLS 1.2, TLS 1.3, TLS v1.3, TLS, TLS v1.2Randomness
DRBGElliptic Curves
P-224, P-192, P-256, K-233, B-233, K-163, B-163, Ed25519, Ed448Block cipher modes
ECB, CBC, CTR, CFB, OFB, GCM, CCM, XTSJavaCard API constants
X25519, X448Vendor
Microsoft, Microsoft CorporationSecurity level
Level 1Side-channel analysis
side-channel, timing attacksStandards
FIPS 140-2, FIPS 140, FIPS 197, FIPS 186-4, FIPS 202, FIPS 180-4, FIPS 198-1, SP 800-135, SP 800-38A, SP 800-38B, SP 800-38C, SP 800-38D, SP 800-38F, SP 800-38E, SP 800-132, SP 800-108, SP 800-185, SP 800-90, NIST SP 800-133, NIST SP 800-38D, PKCS 1, PKCS#1, RFC 8446, RFC 5288, RFC 5246File metadata
| Author | Aniket Ingle |
|---|---|
| Creation date | D:20250218111220-05'00' |
| Modification date | D:20250218111220-05'00' |
| Pages | 45 |
| Creator | Microsoft® Word for Microsoft 365 |
| Producer | Microsoft® Word for Microsoft 365 |
Heuristics
No heuristics are available for this certificate.
References
No references are available for this certificate.
Updates
-
08.09.2025 The certificate data changed.
Certificate changed
The web extraction data was updated.
- The validation_history property was updated.
-
18.08.2025 The certificate data changed.
Certificate changed
The web extraction data was updated.
- The validation_history property was updated, with the
[[1, {'_type': 'sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry', 'date': '2025-08-15', 'validation_type': 'Update', 'lab': 'ACUMEN SECURITY, LLC'}]]values inserted. - The tested_conf property was updated, with the
[[0, 'AXIS OS 11 (11.9) running AXIS P3265-LVE Dome Camera with an ARM Cortex A-53 with PAA'], [1, 'AXIS OS 11 (11.9) running AXIS P3265-LVE Dome Camera with an ARM Cortex A-53 without PAA'], [2, 'AXIS OS 11 (11.9) running AXIS Q6135-LE PTZ Network Camera with an ARM Cortex A-9 with PAA'], [3, 'AXIS OS 11 (11.9) running AXIS Q6135-LE PTZ Network Camera with an ARM Cortex A-9 without PAA'], [4, 'AXIS OS 12 (12.2) running AXIS A1610 Network Door Controller with an ARM Cortex A-9 with PAA'], [5, 'AXIS OS 12 (12.2) running AXIS A1610 Network Door Controller with an ARM Cortex A-9 without PAA'], [6, 'AXIS OS 12 (12.2) running AXIS C1310-E Mk II Network Horn Speaker with an ARM Cortex A-53 with PAA'], [7, 'AXIS OS 12 (12.2) running AXIS C1310-E Mk II Network Horn Speaker with an ARM Cortex A-53 without PAA'], [8, 'AXIS OS 12 (12.2) running AXIS M3125-LVE Dome Camera with an ARM Cortex A-53 with PAA'], [9, 'AXIS OS 12 (12.2) running AXIS M3125-LVE Dome Camera with an ARM Cortex A-53 without PAA'], [10, 'AXIS OS 12 (12.2) running AXIS Q1728 Block Camera with an ARM Cortex A-55 with PAA'], [11, 'AXIS OS 12 (12.2) running AXIS Q1728 Block Camera with an ARM Cortex A-55 without PAA (single-user mode)']]values inserted. - The sw_versions property was set to
3.0.9.
The PDF extraction data was updated.
- The keywords property was updated, with the
{'fips_certlike': {'__update__': {'Certlike': {'__insert__': {'PAA 3': 6}, '__update__': {'SHA2-224': 14, 'SHA-1, 256': 2, 'SHA2-256': 5, 'SHA3-224': 4}, '__delete__': ['HMAC-SHA-256', 'SHA-1, 224', 'SHA-224', 'SHA-256', '# A3500']}}}, 'symmetric_crypto': {'__update__': {'constructions': {'__update__': {'MAC': {'__update__': {'HMAC': 12}, '__delete__': ['HMAC-SHA-256']}}}}}, 'hash_function': {'__update__': {'SHA': {'__update__': {'SHA2': {'__delete__': ['SHA-224', 'SHA-256']}, 'SHA3': {'__update__': {'SHA3-224': 4}}}}}}, 'randomness': {'__update__': {'PRNG': {'__update__': {'DRBG': 19}}}}, 'crypto_library': {'__delete__': ['OpenSSL']}, 'standard_id': {'__update__': {'NIST': {'__delete__': ['SP 800-90A']}}}}data. - The policy_metadata property was updated, with the
{'pdf_file_size_bytes': 797425, 'pdf_number_of_pages': 45, '/CreationDate': "D:20250218111220-05'00'", '/ModDate': "D:20250218111220-05'00'", 'pdf_hyperlinks': {'__discard__': {'_type': 'Set', 'elements': ['https://www.openssl.org/docs/manmaster/man1/openssl-fipsinstall.html', 'https://www.openssl.org/source/openssl-3.0.8.tar.gz']}, '__add__': {'_type': 'Set', 'elements': ['https://help.axis.com/axis-os-hardening-guide']}}}data.
The computed heuristics were updated.
- The algorithms property was set to
{'_type': 'Set', 'elements': ['CVL#A5198', 'SHS#A5198', 'RSA#A5198', 'KMAC#A5198', 'KTS#A5198', 'DSA#A5198', 'SHA-3#A5198', 'KTS-RSA#A5198', 'ECDSA#A5198', 'KDA#A5198', 'Triple-DES#A5198', 'AES#A5198', 'KBKDF#A5198', 'PBKDF#A5198', 'HMAC#A5198', 'DRBG#A5198', 'KAS-RSA-SSC#A5198', 'KAS-SSC#A5198']}.
The state was updated.
- The policy_pdf_hash property was set to
ccd932f8faf1e6fd1e64e81db068582b4dd01fed4364e9fb1e44391e52e20599. - The policy_txt_hash property was set to
0c01d7e8a4a490e896c7ec4f9b5fbacca915cea0df5d101e6f179474b656e9b4.
- The validation_history property was updated, with the
-
04.04.2025 The certificate data changed.
Certificate changed
The PDF extraction data was updated.
- The keywords property was updated, with the
{'crypto_protocol': {'__insert__': {'SSH': {'SSHv2': 3}}}}data.
- The keywords property was updated, with the
-
06.11.2023 The certificate data changed.
Certificate changed
The web extraction data was updated.
- The certificate_pdf_url property was set to
https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/October 2023_011123_0711.pdf.
- The certificate_pdf_url property was set to
-
01.11.2023 The certificate was first processed.
New certificate
A new FIPS 140 certificate with the product name Axis Cryptographic Module was processed.
Raw data
{
"_type": "sec_certs.sample.fips.FIPSCertificate",
"cert_id": 4621,
"dgst": "c0d32e8f4dc23289",
"heuristics": {
"_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
"algorithms": {
"_type": "Set",
"elements": [
"KMAC#A5198",
"KTS-RSA#A5198",
"DSA#A5198",
"KAS-RSA-SSC#A5198",
"KDA#A5198",
"SHS#A5198",
"SHA-3#A5198",
"KTS#A5198",
"HMAC#A5198",
"CVL#A5198",
"KAS-SSC#A5198",
"Triple-DES#A5198",
"AES#A5198",
"RSA#A5198",
"ECDSA#A5198",
"KBKDF#A5198",
"PBKDF#A5198",
"DRBG#A5198"
]
},
"cpe_matches": null,
"direct_transitive_cves": null,
"extracted_versions": {
"_type": "Set",
"elements": [
"-"
]
},
"indirect_transitive_cves": null,
"module_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"module_prunned_references": {
"_type": "Set",
"elements": []
},
"policy_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"policy_prunned_references": {
"_type": "Set",
"elements": []
},
"related_cves": null,
"verified_cpe_matches": null
},
"pdf_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
"keywords": {
"asymmetric_crypto": {
"ECC": {
"ECC": {
"ECC": 1
},
"ECDH": {
"ECDH": 4
},
"ECDSA": {
"ECDSA": 17
}
},
"FF": {
"DH": {
"DH": 16,
"Diffie-Hellman": 3
},
"DSA": {
"DSA": 17
}
},
"RSA": {
"RSA-OAEP": 1
}
},
"certification_process": {},
"cipher_mode": {
"CBC": {
"CBC": 4
},
"CCM": {
"CCM": 3
},
"CFB": {
"CFB": 3
},
"CTR": {
"CTR": 3
},
"ECB": {
"ECB": 4
},
"GCM": {
"GCM": 9
},
"OFB": {
"OFB": 1
},
"XTS": {
"XTS": 3
}
},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {},
"crypto_protocol": {
"SSH": {
"SSHv2": 3
},
"TLS": {
"TLS": {
"TLS": 4,
"TLS 1.2": 3,
"TLS 1.3": 3,
"TLS v1.2": 1,
"TLS v1.3": 3
}
}
},
"crypto_scheme": {
"KA": {
"Key Agreement": 6
}
},
"device_model": {},
"ecc_curve": {
"Edwards": {
"Ed25519": 2,
"Ed448": 2
},
"NIST": {
"B-163": 2,
"B-233": 4,
"K-163": 2,
"K-233": 5,
"P-192": 4,
"P-224": 12,
"P-256": 2
}
},
"eval_facility": {},
"fips_cert_id": {},
"fips_certlike": {
"Certlike": {
"AES 128/192/256": 1,
"AES-128": 1,
"AES-192": 1,
"AES-256": 1,
"AES128": 1,
"AES192": 1,
"AES256": 1,
"HMAC-SHA-1": 4,
"PAA 3": 6,
"PKCS 1": 4,
"PKCS#1": 4,
"SHA-1": 14,
"SHA-1, 256": 2,
"SHA-2": 2,
"SHA-3": 6,
"SHA-3-224": 1,
"SHA-3-256": 1,
"SHA2-224": 14,
"SHA2-256": 5,
"SHA2-512": 1,
"SHA3-224": 4
}
},
"fips_security_level": {
"Level": {
"Level 1": 4
}
},
"hash_function": {
"Keccak": {
"Keccak": 1
},
"PBKDF": {
"PBKDF": 1,
"PBKDF2": 4
},
"SHA": {
"SHA1": {
"SHA-1": 16
},
"SHA2": {
"SHA-2": 4
},
"SHA3": {
"SHA-3": 6,
"SHA-3-224": 1,
"SHA-3-256": 1,
"SHA3-224": 4
}
}
},
"ic_data_group": {},
"javacard_api_const": {
"curves": {
"X25519": 10,
"X448": 10
}
},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {
"PRNG": {
"DRBG": 19
}
},
"side_channel_analysis": {
"SCA": {
"side-channel": 1,
"timing attacks": 2
}
},
"standard_id": {
"FIPS": {
"FIPS 140": 1,
"FIPS 140-2": 20,
"FIPS 180-4": 2,
"FIPS 186-4": 6,
"FIPS 197": 2,
"FIPS 198-1": 2,
"FIPS 202": 2
},
"NIST": {
"NIST SP 800-133": 1,
"NIST SP 800-38D": 2,
"SP 800-108": 2,
"SP 800-132": 3,
"SP 800-135": 4,
"SP 800-185": 1,
"SP 800-38A": 2,
"SP 800-38B": 2,
"SP 800-38C": 2,
"SP 800-38D": 2,
"SP 800-38E": 1,
"SP 800-38F": 2,
"SP 800-90": 2
},
"PKCS": {
"PKCS 1": 2,
"PKCS#1": 2
},
"RFC": {
"RFC 5246": 1,
"RFC 5288": 2,
"RFC 8446": 4
}
},
"symmetric_crypto": {
"AES_competition": {
"AES": {
"AES": 29,
"AES-128": 1,
"AES-192": 1,
"AES-256": 1,
"AES128": 1,
"AES192": 1,
"AES256": 1
}
},
"DES": {
"3DES": {
"TDEA": 1,
"TDES": 5,
"Triple-DES": 7
}
},
"constructions": {
"MAC": {
"CMAC": 12,
"HMAC": 12,
"KMAC": 5
}
}
},
"tee_name": {},
"tls_cipher_suite": {},
"vendor": {
"Microsoft": {
"Microsoft": 1,
"Microsoft Corporation": 1
}
},
"vulnerability": {}
},
"policy_metadata": {
"/Author": "Aniket Ingle",
"/CreationDate": "D:20250218111220-05\u002700\u0027",
"/Creator": "Microsoft\u00ae Word for Microsoft 365",
"/ModDate": "D:20250218111220-05\u002700\u0027",
"/Producer": "Microsoft\u00ae Word for Microsoft 365",
"pdf_file_size_bytes": 797425,
"pdf_hyperlinks": {
"_type": "Set",
"elements": [
"https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38c.pdf",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-67r2.pdf",
"https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38d.pdf",
"https://csrc.nist.gov/csrc/media/publications/fips/198/1/final/documents/fips-198-1_final.pdf",
"https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38a.pdf",
"https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.180-4.pdf",
"https://datatracker.ietf.org/doc/html/rfc8446",
"https://nvlpubs.nist.gov/nistpubs/specialpublications/nist.sp.800-38b.pdf",
"https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-132.pdf",
"https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-4.pdf",
"https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-135r1.pdf",
"https://www.rfc-editor.org/info/rfc3447",
"http://csrc.nist.gov/groups/STM/cmvp/index.html",
"https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.202.pdf",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-56Br2.pdf",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-56Ar3.pdf",
"https://csrc.nist.gov/csrc/media/publications/fips/197/final/documents/fips-197.pdf",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-90Ar1.pdf",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-56Cr2.pdf",
"https://help.axis.com/axis-os-hardening-guide",
"https://datatracker.ietf.org/doc/html/rfc5288",
"https://csrc.nist.gov/csrc/media/publications/fips/140/2/final/documents/fips1402.pdf",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-133r2.pdf"
]
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 45
}
},
"state": {
"_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
"module_download_ok": true,
"module_extract_ok": true,
"policy_convert_garbage": false,
"policy_convert_ok": true,
"policy_download_ok": true,
"policy_extract_ok": true,
"policy_pdf_hash": "ccd932f8faf1e6fd1e64e81db068582b4dd01fed4364e9fb1e44391e52e20599",
"policy_txt_hash": "0c01d7e8a4a490e896c7ec4f9b5fbacca915cea0df5d101e6f179474b656e9b4"
},
"web_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
"caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys.",
"certificate_pdf_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/October 2023_011123_0711.pdf",
"date_sunset": "2026-09-21",
"description": "The Axis cryptographic module based on OpenSSL is a general-purpose cryptographic library that provides FIPS 140-2 approved cryptographic algorithms serving secure communication for Axis network products.",
"embodiment": "Multi-Chip Stand Alone",
"exceptions": [
"Physical Security: N/A",
"Design Assurance: Level 3"
],
"fw_versions": null,
"historical_reason": null,
"hw_versions": null,
"level": 1,
"mentioned_certs": {},
"module_name": "Axis Cryptographic Module",
"module_type": "Software",
"revoked_link": null,
"revoked_reason": null,
"standard": "FIPS 140-2",
"status": "active",
"sw_versions": "3.0.9",
"tested_conf": [
"AXIS OS 11 (11.9) running AXIS P3265-LVE Dome Camera with an ARM Cortex A-53 with PAA",
"AXIS OS 11 (11.9) running AXIS P3265-LVE Dome Camera with an ARM Cortex A-53 without PAA",
"AXIS OS 11 (11.9) running AXIS Q6135-LE PTZ Network Camera with an ARM Cortex A-9 with PAA",
"AXIS OS 11 (11.9) running AXIS Q6135-LE PTZ Network Camera with an ARM Cortex A-9 without PAA",
"AXIS OS 12 (12.2) running AXIS A1610 Network Door Controller with an ARM Cortex A-9 with PAA",
"AXIS OS 12 (12.2) running AXIS A1610 Network Door Controller with an ARM Cortex A-9 without PAA",
"AXIS OS 12 (12.2) running AXIS C1310-E Mk II Network Horn Speaker with an ARM Cortex A-53 with PAA",
"AXIS OS 12 (12.2) running AXIS C1310-E Mk II Network Horn Speaker with an ARM Cortex A-53 without PAA",
"AXIS OS 12 (12.2) running AXIS M3125-LVE Dome Camera with an ARM Cortex A-53 with PAA",
"AXIS OS 12 (12.2) running AXIS M3125-LVE Dome Camera with an ARM Cortex A-53 without PAA",
"AXIS OS 12 (12.2) running AXIS Q1728 Block Camera with an ARM Cortex A-55 with PAA",
"AXIS OS 12 (12.2) running AXIS Q1728 Block Camera with an ARM Cortex A-55 without PAA (single-user mode)"
],
"validation_history": [
{
"_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
"date": "2023-10-02",
"lab": "Acumen Security",
"validation_type": "Initial"
},
{
"_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
"date": "2025-08-15",
"lab": "Acumen Security",
"validation_type": "Update"
}
],
"vendor": "Axis Communications AB",
"vendor_url": "http://www.axis.com"
}
}