This page was not yet optimized for use on mobile devices.

Comparing certificates Experimental feature

You are comparing two certificates. By default, only differing attributes are shown. Use the button below to show/hide all attributes.

Showing only differing attributes.

	SUSE Rancher Kubernetes Cryptographic Library	SUSE Rancher Kubernetes Cryptographic Library
cert_id	4578	4691
dgst	243b8a8b497f3126	eaa7de80f155ad3c
heuristics/algorithms	KTS#A865, SHS#A865, RSA#A865, DRBG#A865, AES#A865, CVL#A865, HMAC#A865, Triple-DES#A865, ECDSA#A865	SHS#A5181, ECDSA#A5181, KAS#A5181, HMAC#A5181, RSA#A5181, CVL#A5181, AES#A5181, KTS#A5181, DRBG#A5181, KAS-SSC#A5181, Triple-DES#A5181
heuristics/cpe_matches	{}	{}
heuristics/direct_transitive_cves	{}	{}
heuristics/extracted_versions	-	-
heuristics/indirect_transitive_cves	{}	{}
heuristics/module_processed_references/directly_referenced_by	{}	{}
heuristics/module_processed_references/directly_referencing	{}	{}
heuristics/module_processed_references/indirectly_referenced_by	{}	{}
heuristics/module_processed_references/indirectly_referencing	{}	{}
heuristics/module_prunned_references	{}	{}
heuristics/policy_processed_references/directly_referenced_by	{}	{}
heuristics/policy_processed_references/directly_referencing	500	{}
heuristics/policy_processed_references/indirectly_referenced_by	{}	{}
heuristics/policy_processed_references/indirectly_referencing	500	{}
heuristics/policy_prunned_references	500	{}
heuristics/related_cves	{}	{}
heuristics/verified_cpe_matches	{}	{}
pdf_data/keywords/fips_cert_id	Cert: #500: 1
pdf_data/keywords/fips_security_level	Level: Level 1: 2	Level: Level 1: 1
pdf_data/keywords/fips_certlike	Certlike: AES-256: 1 DRBG 7: 1 HMAC-SHA-1: 4 HMAC-SHA-224: 2 HMAC-SHA-256: 2 HMAC-SHA-384: 2 HMAC-SHA-512: 6 SHA-1: 2 SHA-224: 1 SHA-256: 3 SHA-384: 1 SHA-512: 2	Certlike: AES-256: 1 HMAC-SHA-1: 4 HMAC-SHA-224: 2 HMAC-SHA-256: 6 HMAC-SHA-384: 2 HMAC-SHA-512: 4 PAA 2: 1 PAA 3: 1 PAA 4: 1 PAA 5: 1 PAA 6: 1 PAA 7: 1 PAA 8: 1 SHA-1: 4 SHA-224: 1 SHA-256: 3 SHA-384: 1 SHA-512: 2
pdf_data/keywords/vendor
pdf_data/keywords/eval_facility
pdf_data/keywords/symmetric_crypto	AES_competition: AES: AES: 18 AES-256: 1 DES: 3DES: TDEA: 1 Triple-DES: 11 DES: DES: 2 constructions: MAC: HMAC: 6 HMAC-SHA-224: 1 HMAC-SHA-256: 1 HMAC-SHA-384: 1 HMAC-SHA-512: 3	AES_competition: AES: AES: 18 AES-256: 1 DES: 3DES: TDEA: 4 Triple-DES: 17 DES: DES: 3 constructions: MAC: HMAC: 6 HMAC-SHA-224: 1 HMAC-SHA-256: 3 HMAC-SHA-384: 1 HMAC-SHA-512: 2
pdf_data/keywords/asymmetric_crypto	ECC: ECC: ECC: 2 ECDSA: ECDSA: 18 FF: DH: DH: 1 Diffie-Hellman: 3	ECC: ECC: ECC: 2 ECDSA: ECDSA: 18 FF: DH: DH: 7 Diffie-Hellman: 6
pdf_data/keywords/pq_crypto
pdf_data/keywords/hash_function	MD: MD4: MD4: 2 MD5: MD5: 3 SHA: SHA1: SHA-1: 2 SHA2: SHA-224: 1 SHA-256: 3 SHA-384: 1 SHA-512: 2	MD: MD4: MD4: 4 MD5: MD5: 5 SHA: SHA1: SHA-1: 4 SHA2: SHA-224: 1 SHA-256: 3 SHA-384: 1 SHA-512: 2
pdf_data/keywords/crypto_scheme	KA: Key Agreement: 4	KA: Key Agreement: 4 MAC: MAC: 1
pdf_data/keywords/crypto_protocol	TLS: TLS: TLS: 5	TLS: SSL: SSL: 1 TLS: TLS: 10 TLS 1.0: 1 TLS v1.2: 1
pdf_data/keywords/randomness	PRNG: DRBG: 8	PRNG: DRBG: 6
pdf_data/keywords/cipher_mode	CBC: CBC: 1 CFB: CFB: 3 CTR: CTR: 1 ECB: ECB: 1 GCM: GCM: 3 OFB: OFB: 3	CBC: CBC: 3 CCM: CCM: 1 CFB: CFB: 4 CTR: CTR: 2 ECB: ECB: 2 GCM: GCM: 4 OFB: OFB: 4
pdf_data/keywords/ecc_curve	NIST: P-224: 2 P-256: 4 P-384: 2 P-521: 2	NIST: P-224: 6 P-256: 10 P-384: 6 P-521: 6
pdf_data/keywords/crypto_engine
pdf_data/keywords/tls_cipher_suite
pdf_data/keywords/crypto_library	BoringSSL: BoringSSL: 3	BoringSSL: BoringSSL: 2
pdf_data/keywords/vulnerability
pdf_data/keywords/side_channel_analysis
pdf_data/keywords/device_model
pdf_data/keywords/tee_name
pdf_data/keywords/os_name
pdf_data/keywords/cplc_data
pdf_data/keywords/ic_data_group
pdf_data/keywords/standard_id	FIPS: FIPS 140-2: 20 FIPS 180-4: 3 FIPS 186-4: 4 FIPS 197: 3 FIPS 198-1: 3 NIST: NIST SP 800-131A: 1 NIST SP 800-133: 1 NIST SP 800-135: 1 NIST SP 800-38A: 1 NIST SP 800-38D: 1 NIST SP 800-38F: 1 NIST SP 800-56A: 1 NIST SP 800-56B: 1 NIST SP 800-57: 1 NIST SP 800-67: 1 NIST SP 800-90A: 1 SP 800-131A: 2 SP 800-133: 3 SP 800-135: 3 SP 800-38A: 3 SP 800-38D: 3 SP 800-38F: 2 SP 800-56A: 5 SP 800-56B: 3 SP 800-57: 1 SP 800-67: 2 SP 800-90A: 5 RFC: RFC 5246: 1 RFC 5288: 1	FIPS: FIPS 140-2: 20 FIPS 180-4: 2 FIPS 186-4: 3 FIPS 197: 2 FIPS 198-1: 2 FIPS PUB 140-2: 1 NIST: NIST SP 800-131A: 1 NIST SP 800-133: 1 NIST SP 800-38D: 1 NIST SP 800-52: 1 NIST SP 800-90A: 1 SP 800-133: 1 SP 800-135: 3 SP 800-38A: 2 SP 800-38C: 1 SP 800-38D: 2 SP 800-38F: 2 SP 800-67: 2 SP 800-90A: 2 RFC: RFC 2313: 1 RFC 5246: 2 RFC 5288: 1
pdf_data/keywords/javacard_version
pdf_data/keywords/javacard_api_const
pdf_data/keywords/javacard_packages
pdf_data/keywords/certification_process
pdf_data/policy_metadata	/Author: Rachel Shelby /CreationDate: D:20230209211224-08'00' /Creator: Microsoft® Word for Microsoft 365 /ModDate: D:20230209211224-08'00' /Producer: Microsoft® Word for Microsoft 365 pdf_file_size_bytes: 557566 pdf_hyperlinks: https://csrc.nist.gov/publications/detail/sp/800-67/rev-2/final, https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?validation=33463, https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-56Ar3.pdf, https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-56Br2.pdf, http://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.198-1.pdf, https://csrc.nist.gov/CSRC/media/Projects/Cryptographic-Module-Validation-Program/documents/fips140-2/FIPS1402IG.pdf, http://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.140-2.pdf, https://csrc.nist.gov/CSRC/media/Publications/fips/140/2/final/documents/fips1402annexa.pdf, https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-131Ar2.pdf, http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-38F.pdf, https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-57pt1r5.pdf, http://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.197.pdf, https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-133r2.pdf, https://csrc.nist.gov/publications/detail/sp/800-135/rev-1/final, https://csrc.nist.gov/CSRC/media/Publications/fips/140/2/final/documents/fips1402annexc.pdf, http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-90Ar1.pdf, http://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-4.pdf, https://csrc.nist.gov/CSRC/media/Publications/fips/140/2/final/documents/fips1402annexd.pdf, http://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.180-4.pdf, http://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38a.pdf, https://csrc.nist.gov/publications/detail/sp/800-38d/final, https://csrc.nist.gov/CSRC/media/Projects/Cryptographic-Module-Validation-Program/documents/fips140-2/FIPS1402DTR.pdf pdf_is_encrypted: False pdf_number_of_pages: 16	/Author: Rahul Kalsariya /CreationDate: D:20240329001216-05'00' /Creator: Microsoft® Word for Microsoft 365 /ModDate: D:20240329001216-05'00' /Producer: Microsoft® Word for Microsoft 365 pdf_file_size_bytes: 535947 pdf_hyperlinks: https://github.com/ninja-build/ninja/releases, https://golang.org/dl/, http://releases.llvm.org/download.html pdf_is_encrypted: False pdf_number_of_pages: 18
state/module_download_ok	True	True
state/module_extract_ok	True	True
state/policy_convert_garbage	False	False
state/policy_convert_ok	True	True
state/policy_download_ok	True	True
state/policy_extract_ok	True	True
state/policy_pdf_hash	Different	Different
state/policy_txt_hash	Different	Different
web_data/caveat	When installed, initialized and configured as specified in Section 9.1 of the Security Policy and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy.	When operated in FIPS mode. No assurance of the minimum strength of generated keys.
web_data/certificate_pdf_url	https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/September 2023_101023_1100 signed (2).pdf	https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/April 2024_010524_0757.pdf
web_data/date_sunset		21.09.2026
web_data/description	A software library that contains cryptography to serve SUSE’s Rancher Kubernetes Engine and its ecosystem of supported cloud-native tools written in the Go programming language.	A software library that contains cryptography to serve SUSE’s Rancher Kubernetes Engine and its ecosystem of supported cloud-native tools written in the Go programming language.
web_data/embodiment	Multi-Chip Stand Alone	Multi-Chip Stand Alone
web_data/exceptions	Physical Security: N/A, Mitigation of Other Attacks: N/A	Physical Security: N/A, Mitigation of Other Attacks: N/A
web_data/fw_versions	[]	[]
web_data/historical_reason	Moved to historical list due to sunsetting	None
web_data/hw_versions	[]	[]
web_data/level	1	1
web_data/mentioned_certs
web_data/module_name	SUSE Rancher Kubernetes Cryptographic Library	SUSE Rancher Kubernetes Cryptographic Library
web_data/module_type	Software	Software
web_data/revoked_link	None	None
web_data/revoked_reason	None	None
web_data/standard	FIPS 140-2	FIPS 140-2
web_data/status	historical	active
web_data/sw_versions	66005f41fbc3529ffe8d007708756720529da20d	853ca1ea1168dff08011e5d42d94609cc0ca2e27
web_data/tested_conf	CentOS 7.8 running on Dell PowerEdge R440 with Intel® Xeon® Silver 4214R with PAA (clang 6.0.1), CentOS 7.8 running on Dell PowerEdge R440 with Intel® Xeon® Silver 4214R without PAA (clang 6.0.1), CentOS 8.2 running on Dell PowerEdge R440 with Intel® Xeon® Silver 4214R with PAA (clang 6.0.1), CentOS 8.2 running on Dell PowerEdge R440 with Intel® Xeon® Silver 4214R without PAA (clang 6.0.1), Red Hat Enterprise Linux 7.8 running on Dell PowerEdge R440 with Intel® Xeon® Silver 4214R with PAA (clang 6.0.1), Red Hat Enterprise Linux 7.8 running on Dell PowerEdge R440 with Intel® Xeon® Silver 4214R without PAA (clang 6.0.1), Red Hat Enterprise Linux 8.2 running on Dell PowerEdge R440 with Intel® Xeon® Silver 4214R with PAA (clang 6.0.1), Red Hat Enterprise Linux 8.2 running on Dell PowerEdge R440 with Intel® Xeon® Silver 4214R without PAA (clang 6.0.1) (single-user mode)	Red Hat Enterprise Linux 7.9 running on Dell PowerEdge R440 with Intel® Xeon® Silver 4214R with PAA, Red Hat Enterprise Linux 7.9 running on Dell PowerEdge R440 with Intel® Xeon® Silver 4214R without PAA, Red Hat Enterprise Linux 8.8 running on Dell PowerEdge R440 with Intel® Xeon® Silver 4214R with PAA, Red Hat Enterprise Linux 8.8 running on Dell PowerEdge R440 with Intel® Xeon® Silver 4214R without PAA (single-user mode), SUSE Liberty Linux 7.9 running on Dell PowerEdge R440 with Intel® Xeon® Silver 4214R with PAA, SUSE Liberty Linux 7.9 running on Dell PowerEdge R440 with Intel® Xeon® Silver 4214R without PAA, SUSE Liberty Linux 8.8 running on Dell PowerEdge R440 with Intel® Xeon® Silver 4214R with PAA, SUSE Liberty Linux 8.8 running on Dell PowerEdge R440 with Intel® Xeon® Silver 4214R without PAA
web_data/validation_history	date: 01.09.2023 lab: ACUMEN SECURITY, LLC validation_type: Initial	date: 12.04.2024 lab: ACUMEN SECURITY, LLC validation_type: Initial
web_data/vendor	SUSE LLC	SUSE LLC
web_data/vendor_url	https://www.suse.com	http://www.suse.com