This page was not yet optimized for use on mobile devices.

Comparing certificates Experimental feature

You are comparing two certificates. By default, only differing attributes are shown. Use the button below to show/hide all attributes.

Showing only differing attributes.

	Amazon Linux 2 OpenSSL Cryptographic Module	Amazon Linux 2 OpenSSL Cryptographic Module
cert_id	3553	4548
dgst	4d2b4fd054827a51	fe86430130c978b2
heuristics/algorithms	HMAC#C524, SHS#C524, DRBG#C525, ECDSA#C523, SHS#C526, AES#C523, Triple-DES#C523, KTS#C524, DSA#C523, AES#C524, HMAC#C523, DRBG#C526, RSA#C523, HMAC#C526, DRBG#C523, SHS#C525, KTS#C525, KTS#C523, HMAC#C525, KTS#C526, AES#C525, CVL#C523, SHS#C523, DRBG#C524	Triple-DES#A4140, HMAC#C524, CVL#A4147, KTS#A4140, SHS#C524, DRBG#C525, ECDSA#C523, CVL#A4143, SHS#C526, AES#C523, DRBG#A4145, Triple-DES#C523, KTS#C524, DSA#C523, AES#C524, DRBG#A4148, KTS#A4144, DRBG#A4141, DSA#A4147, AES#A4149, DRBG#C526, SHS#A4144, RSA#C523, AES#A4142, DRBG#A4147, HMAC#C523, HMAC#A4147, HMAC#C526, ECDSA#A4147, AES#A4146, ECDSA#A4143, SHS#A4147, KTS#A4143, SHS#A4143, KTS#A4147, RSA#A4143, DRBG#C523, AES#A4148, SHS#C525, KTS#C525, DSA#A4143, KTS#C523, HMAC#C525, KTS#C526, AES#A4141, HMAC#A4144, CVL#C523, AES#C525, HMAC#A4143, RSA#A4147, SHS#C523, AES#A4145, DRBG#A4143, DRBG#C524
heuristics/cpe_matches	cpe:2.3:o:amazon:linux_2:-:::::::*	cpe:2.3:o:amazon:linux_2:-:::::::*
heuristics/direct_transitive_cves	{}	{}
heuristics/extracted_versions	2	2
heuristics/indirect_transitive_cves	{}	{}
heuristics/module_processed_references/directly_referenced_by	3652, 3567, 3562	{}
heuristics/module_processed_references/directly_referencing	{}	{}
heuristics/module_processed_references/indirectly_referenced_by	3652, 3567, 3562	{}
heuristics/module_processed_references/indirectly_referencing	{}	{}
heuristics/module_prunned_references	{}	{}
heuristics/policy_processed_references/directly_referenced_by	3652, 3567, 3562	{}
heuristics/policy_processed_references/directly_referencing	{}	{}
heuristics/policy_processed_references/indirectly_referenced_by	3562, 3566, 2606, 2958, 3652, 3567, 2605	{}
heuristics/policy_processed_references/indirectly_referencing	{}	{}
heuristics/policy_prunned_references	{}	{}
heuristics/related_cves	{}	{}
heuristics/verified_cpe_matches	{}	{}
pdf_data/keywords/fips_cert_id
pdf_data/keywords/fips_security_level	Level: Level 1: 4	Level: Level 1: 4
pdf_data/keywords/fips_certlike	Certlike: AES-128: 1 AES-256: 2 AES128: 1 AES192: 1 AES256: 1 Cert# AES: 1 HMAC- SHA-384: 1 HMAC-SHA- 224: 2 HMAC-SHA-1: 4 HMAC-SHA-224: 2 HMAC-SHA-256: 6 HMAC-SHA-256 9: 2 HMAC-SHA-384: 2 HMAC-SHA-512: 4 PKCS#1: 4 SHA-1: 12 SHA-224: 16 SHA-256: 29 SHA-384: 20 SHA-512: 12 SHA-512 1024: 2 SHA-512 112: 1 SHA-512 2048 and 3072: 2 SHA-512 4096: 2	Certlike: AES-128: 1 AES-256: 2 AES-GCM 128: 1 AES128: 1 AES192: 1 AES256: 1 Cert# AES: 1 HMAC- SHA-1: 1 HMAC- SHA-224: 1 HMAC- SHA-256: 1 HMAC- SHA-384: 1 HMAC-SHA- 1: 2 HMAC-SHA- 224: 2 HMAC-SHA- 512: 4 HMAC-SHA-1: 4 HMAC-SHA-224: 2 HMAC-SHA-256: 8 HMAC-SHA-256 9: 2 HMAC-SHA-384: 6 HMAC-SHA-512: 4 PKCS#1: 4 SHA-1: 12 SHA-224: 17 SHA-256: 30 SHA-384: 20 SHA-512: 11 SHA-512 1024: 2 SHA-512 112: 1 SHA-512 2: 1 SHA-512 2048 and 3072: 2 SHA-512 4096: 2
pdf_data/keywords/vendor
pdf_data/keywords/eval_facility	atsec: atsec: 38	atsec: atsec: 39
pdf_data/keywords/symmetric_crypto	AES_competition: AES: AES: 38 AES-: 1 AES-128: 1 AES-256: 2 AES128: 1 AES192: 1 AES256: 1 CAST: CAST: 2 RC: RC2: 2 RC4: 2 RC5: 2 DES: 3DES: TDEA: 1 Triple-DES: 26 DES: DES: 3 constructions: MAC: CMAC: 8 HMAC: 16 HMAC-SHA-224: 1 HMAC-SHA-256: 4 HMAC-SHA-384: 1 HMAC-SHA-512: 2 miscellaneous: Camellia: Camellia: 2 IDEA: IDEA: 2	AES_competition: AES: AES: 54 AES-: 2 AES-128: 1 AES-256: 2 AES128: 1 AES192: 1 AES256: 1 CAST: CAST: 2 RC: RC2: 2 RC4: 2 RC5: 2 DES: 3DES: TDEA: 1 TDES: 2 Triple-DES: 28 DES: DES: 3 constructions: MAC: CMAC: 8 HMAC: 18 HMAC-SHA-224: 1 HMAC-SHA-256: 5 HMAC-SHA-384: 3 HMAC-SHA-512: 2 miscellaneous: Camellia: Camellia: 2 IDEA: IDEA: 2
pdf_data/keywords/asymmetric_crypto	ECC: ECC: ECC: 5 ECDH: ECDH: 1 ECDSA: ECDSA: 18 FF: DH: DH: 2 DHE: 1 Diffie-Hellman: 40 DSA: DSA: 22	ECC: ECC: ECC: 1 ECDH: ECDH: 1 ECDSA: ECDSA: 21 FF: DH: DH: 1 DHE: 1 Diffie-Hellman: 11 DSA: DSA: 25
pdf_data/keywords/pq_crypto
pdf_data/keywords/hash_function	MD: MD4: MD4: 2 MD5: MD5: 2 RIPEMD: RIPEMD: 2 SHA: SHA1: SHA-1: 12 SHA2: SHA-224: 16 SHA-256: 29 SHA-384: 20 SHA-512: 19	MD: MD4: MD4: 2 MD5: MD5: 3 RIPEMD: RIPEMD: 2 SHA: SHA1: SHA-1: 12 SHA2: SHA-224: 17 SHA-256: 30 SHA-384: 20 SHA-512: 19
pdf_data/keywords/crypto_scheme	KA: Key Agreement: 7 Key agreement: 6 KEX: Key Exchange: 3 MAC: MAC: 6 PAKE: PAKE: 1	KA: Key Agreement: 3 Key agreement: 2 KEX: Key Exchange: 3 MAC: MAC: 6 PAKE: PAKE: 1
pdf_data/keywords/crypto_protocol	IKE: IKE: 1 TLS: TLS: TLS: 41 TLS v1.2: 2	IKE: IKE: 1 TLS: TLS: TLS: 31 TLS v1.2: 2
pdf_data/keywords/randomness	PRNG: DRBG: 29 PRNG: 1 RNG: RNG: 3	PRNG: DRBG: 28 PRNG: 1 RNG: RNG: 3
pdf_data/keywords/cipher_mode	CBC: CBC: 3 CCM: CCM: 4 CTR: CTR: 3 ECB: ECB: 6 GCM: GCM: 8 OFB: OFB: 2 XTS: XTS: 4	CBC: CBC: 4 CCM: CCM: 4 CTR: CTR: 3 ECB: ECB: 6 GCM: GCM: 14 OFB: OFB: 2 XTS: XTS: 4
pdf_data/keywords/ecc_curve	NIST: P-192: 4 P-256: 16 P-384: 12 P-521: 12	NIST: P-256: 10 P-384: 8 P-521: 8
pdf_data/keywords/crypto_engine
pdf_data/keywords/tls_cipher_suite
pdf_data/keywords/crypto_library	OpenSSL: OpenSSL: 49	OpenSSL: OpenSSL: 49
pdf_data/keywords/vulnerability
pdf_data/keywords/side_channel_analysis	SCA: timing attacks: 1	SCA: timing attacks: 1
pdf_data/keywords/device_model
pdf_data/keywords/tee_name
pdf_data/keywords/os_name
pdf_data/keywords/cplc_data
pdf_data/keywords/ic_data_group
pdf_data/keywords/standard_id	FIPS: FIPS 140: 2 FIPS 140-2: 64 FIPS 186-4: 5 FIPS PUB 180-4: 1 FIPS PUB 186-4: 1 FIPS PUB 197: 1 FIPS PUB 198-1: 1 FIPS180-4: 1 FIPS186-2: 1 FIPS186-4: 3 FIPS197: 6 FIPS198-1: 1 NIST: NIST SP 800-131A: 1 NIST SP 800-135: 1 NIST SP 800-67: 1 NIST SP 800-90A: 1 SP 800-52: 1 SP 800-90A: 1 PKCS: PKCS#1: 2 RFC: RFC 5246: 1 RFC 5288: 1 RFC5288: 1 X509: X.509: 3	FIPS: FIPS 140: 2 FIPS 140-2: 63 FIPS 186-4: 4 FIPS PUB 180-4: 1 FIPS PUB 186-4: 1 FIPS PUB 197: 1 FIPS PUB 198-1: 1 FIPS180-4: 1 FIPS186-2: 1 FIPS186-4: 3 FIPS197: 10 FIPS198-1: 3 NIST: NIST SP 800-131A: 1 NIST SP 800-67: 1 NIST SP 800-90A: 1 SP 800-52: 1 SP 800-90A: 1 PKCS: PKCS#1: 2 RFC: RFC 5246: 1 RFC 5288: 1 RFC5288: 1 X509: X.509: 3
pdf_data/keywords/javacard_version
pdf_data/keywords/javacard_api_const
pdf_data/keywords/javacard_packages
pdf_data/keywords/certification_process
pdf_data/policy_metadata	/Author: Marcos Portnoi /CreationDate: D:20191010111646-05'00' /Creator: Microsoft® Word 2016 /ModDate: D:20191010111646-05'00' /Producer: Microsoft® Word 2016 /Title: FIPS 140-2 Non-Proprietary Security Policy pdf_file_size_bytes: 677753 pdf_hyperlinks: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?validation=30919, https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?validation=30920, https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?validation=30921, https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?product=10885, http://csrc.nist.gov/groups/STM/cmvp/index.html, http://www.oracle.com/ pdf_is_encrypted: False pdf_number_of_pages: 37	/Author: Marcos Portnoi /CreationDate: D:20231012184547+00'00' /Creator: Microsoft Word /ModDate: D:20231012184547+00'00' /Title: FIPS 140-2 Non-Proprietary Security Policy pdf_file_size_bytes: 673424 pdf_hyperlinks: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?product=16678, https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?product=16684, https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?product=16682, https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?validation=30920, https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?validation=30919, https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?validation=30921, https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?product=10885, http://csrc.nist.gov/groups/STM/cmvp/index.html, https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?product=16687, https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?product=16685, https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?product=16683, https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?product=16680, https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?product=16686, https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?product=16681, https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?product=16688, http://www.oracle.com/ pdf_is_encrypted: False pdf_number_of_pages: 37
state/module_download_ok	True	True
state/module_extract_ok	True	True
state/policy_convert_garbage	False	False
state/policy_convert_ok	True	True
state/policy_download_ok	True	True
state/policy_extract_ok	True	True
state/policy_pdf_hash	Different	Different
state/policy_txt_hash	Different	Different
web_data/caveat	When operated in FIPS mode	When operated in FIPS mode
web_data/certificate_pdf_url	https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/FIPSConsolidatedOct2019 .pdf	https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/July 2023_010823_0649 signed.pdf
web_data/date_sunset
web_data/description	Amazon Linux 2 OpenSSL Crypto Module is a general purpose cryptographic library designed to provide FIPS 140-2 validated cryptographic functionality for the applications running on Amazon Linux 2.	Amazon Linux 2 OpenSSL Crypto Module is a general purpose cryptographic library designed to provide FIPS 140-2 validated cryptographic functionality for the applications running on Amazon Linux 2.
web_data/embodiment	Multi-Chip Stand Alone	Multi-Chip Stand Alone
web_data/exceptions	Physical Security: N/A	Physical Security: N/A
web_data/fw_versions	[]	[]
web_data/historical_reason	SP 800-56Arev3 transition - replaced by certificate #4548	Moved to historical list due to sunsetting
web_data/hw_versions	[]	[]
web_data/level	1	1
web_data/mentioned_certs
web_data/module_name	Amazon Linux 2 OpenSSL Cryptographic Module	Amazon Linux 2 OpenSSL Cryptographic Module
web_data/module_type	Software	Software
web_data/revoked_link	None	None
web_data/revoked_reason	None	None
web_data/standard	FIPS 140-2	FIPS 140-2
web_data/status	historical	historical
web_data/sw_versions	1.0	1.0
web_data/tested_conf	Amazon Linux 2 running on Amazon EC2 i3.metal with Intel Xeon E5-2686 with PAA, Amazon Linux 2 running on Amazon EC2 i3.metal with Intel Xeon E5-2686 without PAA (single-user mode), None, None	Amazon Linux 2 running on Amazon EC2 c6g.metal with Graviton 2 with PAA, Amazon Linux 2 running on Amazon EC2 c6g.metal with Graviton 2 without PAA (single-user mode), Amazon Linux 2 running on Amazon EC2 i3.metal with Intel Xeon E5-2686 with PAA, Amazon Linux 2 running on Amazon EC2 i3.metal with Intel Xeon E5-2686 without PAA
web_data/validation_history	date: 23.10.2019 lab: ATSEC INFORMATION SECURITY CORP validation_type: Initial	date: 10.07.2023 lab: ATSEC INFORMATION SECURITY CORP validation_type: Initial
web_data/vendor	Amazon Web Services, Inc.	Amazon Web Services, Inc.
web_data/vendor_url	http://aws.amazon.com	http://aws.amazon.com