This page was not yet optimized for use on mobile devices.

Comparing certificates Experimental feature

You are comparing two certificates. By default, only differing attributes are shown. Use the button below to show/hide all attributes.

Showing only differing attributes.

	Red Hat Enterprise Linux NSS Cryptographic Module	Red Hat Enterprise Linux NSS Cryptographic Module
cert_id	3070	3270
dgst	557fe9494c53f976	b8d9bdf6adecc293
heuristics/algorithms	CVL#1378, ECDSA#1182, HMAC#3157, RSA#2588, SHS#3884, RSA#2589, AES#4740, CVL#1379, AES#4739, DRBG#1625, DRBG#1626, HMAC#3156, AES#4742, ECDSA#1181, DSA#1272, SHS#3885, Triple-DES#2521, AES#4741, DSA#1271, Triple-DES#2520	SHS#4499, ECDSA#1515, DSA#1442, CVL#2027, RSA#3013, AES#5601, CVL#2026, DSA#1441, AES#5603, DRBG#2246, AES#5600, DRBG#2245, AES#5602, CVL#2024, CVL#2025, Triple-DES#2816, Triple-DES#2817, RSA#3012, ECDSA#1514, SHS#4498, HMAC#3735, HMAC#3734
heuristics/cpe_matches	{}	{}
heuristics/direct_transitive_cves	{}	CVE-2019-9636, CVE-2001-1002, CVE-2018-11763, CVE-2011-2767, CVE-2000-1207, CVE-2001-0128, CVE-2003-0364, CVE-2018-14618, CVE-2000-1214, CVE-2001-0869, CVE-1999-0297, CVE-2002-0083, CVE-2003-0188, CVE-1999-0798, CVE-2001-0441, CVE-2016-9675, CVE-2016-3616, CVE-2017-15715, CVE-2001-0946, CVE-2003-0247, CVE-2001-0139, CVE-2004-1333, CVE-2003-0041, CVE-2004-1026, CVE-2002-0080, CVE-2004-1613, CVE-2018-16396, CVE-2018-8777, CVE-2018-18311, CVE-2001-0859, CVE-2018-1079, CVE-2001-0119, CVE-2001-0116, CVE-2018-18314, CVE-2016-3699, CVE-2003-0370, CVE-2001-0473, CVE-2002-1509, CVE-2004-0904, CVE-2004-0112, CVE-2004-0905, CVE-2017-15134, CVE-2004-1025, CVE-2015-5229, CVE-2002-0044, CVE-2001-0120, CVE-2005-0750, CVE-2002-0836, CVE-2001-0143, CVE-1999-1288, CVE-2018-1000199, CVE-1999-0037, CVE-2002-1160, CVE-2000-0917, CVE-2018-12374, CVE-2017-5645, CVE-2018-1301, CVE-2018-16866, CVE-2001-0142, CVE-2018-1283, CVE-2001-0233, CVE-2000-0963, CVE-2001-1374, CVE-2001-0690, CVE-2018-12373, CVE-2001-0736, CVE-2001-0140, CVE-2016-7091, CVE-2002-1232, CVE-2018-10184, CVE-2019-14816, CVE-2018-1124, CVE-2000-0017, CVE-2001-0852, CVE-2018-8778, CVE-2002-0045, CVE-2018-18313, CVE-2015-7833, CVE-2001-1013, CVE-2004-0079, CVE-2018-1002200, CVE-2003-0194, CVE-2003-0464, CVE-2001-0197, CVE-2018-20615, CVE-2003-0248, CVE-2003-0354, CVE-2018-18312, CVE-2018-17456, CVE-2003-0434, CVE-2017-1000253, CVE-2018-16850, CVE-2004-1335, CVE-2001-0977, CVE-2001-1030, CVE-2000-1208, CVE-2018-3760, CVE-2001-0439, CVE-2021-3672, CVE-1999-0894, CVE-2002-1155, CVE-2001-0872, CVE-2001-0635, CVE-2001-0889, CVE-2001-0787, CVE-2018-14645, CVE-2000-1095, CVE-2019-12384, CVE-2017-15710, CVE-2007-3103, CVE-2000-0816, CVE-2003-0461, CVE-2018-6914, CVE-2001-1383, CVE-2002-0638, CVE-2018-12372, CVE-2004-0081, CVE-2018-16395, CVE-2001-0886, CVE-2001-0138, CVE-2001-0641, CVE-2001-1375, CVE-2002-0002, CVE-2004-0903, CVE-2001-0117, CVE-2018-1111, CVE-2000-0701, CVE-2001-0118, CVE-2015-7837, CVE-2000-1213, CVE-2004-1334, CVE-2004-0902
heuristics/extracted_versions	-	-
heuristics/indirect_transitive_cves	{}	CVE-2019-9636, CVE-2001-1002, CVE-2018-11763, CVE-2011-2767, CVE-2000-1207, CVE-2001-0128, CVE-2003-0364, CVE-2018-14618, CVE-2000-1214, CVE-2001-0869, CVE-1999-0297, CVE-2002-0083, CVE-2003-0188, CVE-1999-0798, CVE-2001-0441, CVE-2016-9675, CVE-2016-3616, CVE-2017-15715, CVE-2001-0946, CVE-2003-0247, CVE-2001-0139, CVE-2004-1333, CVE-2003-0041, CVE-2004-1026, CVE-2002-0080, CVE-2004-1613, CVE-2018-16396, CVE-2018-8777, CVE-2018-18311, CVE-2001-0859, CVE-2018-1079, CVE-2001-0119, CVE-2001-0116, CVE-2018-18314, CVE-2016-3699, CVE-2003-0370, CVE-2001-0473, CVE-2002-1509, CVE-2004-0904, CVE-2004-0112, CVE-2004-0905, CVE-2017-15134, CVE-2004-1025, CVE-2015-5229, CVE-2002-0044, CVE-2001-0120, CVE-2005-0750, CVE-2002-0836, CVE-2001-0143, CVE-1999-1288, CVE-2018-1000199, CVE-1999-0037, CVE-2002-1160, CVE-2000-0917, CVE-2018-12374, CVE-2017-5645, CVE-2018-1301, CVE-2018-16866, CVE-2001-0142, CVE-2018-1283, CVE-2001-0233, CVE-2000-0963, CVE-2001-1374, CVE-2001-0690, CVE-2018-12373, CVE-2001-0736, CVE-2001-0140, CVE-2016-7091, CVE-2002-1232, CVE-2018-10184, CVE-2019-14816, CVE-2018-1124, CVE-2000-0017, CVE-2001-0852, CVE-2018-8778, CVE-2002-0045, CVE-2018-18313, CVE-2015-7833, CVE-2001-1013, CVE-2004-0079, CVE-2018-1002200, CVE-2003-0194, CVE-2003-0464, CVE-2001-0197, CVE-2018-20615, CVE-2003-0248, CVE-2003-0354, CVE-2018-18312, CVE-2018-17456, CVE-2003-0434, CVE-2017-1000253, CVE-2018-16850, CVE-2004-1335, CVE-2001-0977, CVE-2001-1030, CVE-2000-1208, CVE-2018-3760, CVE-2001-0439, CVE-2021-3672, CVE-1999-0894, CVE-2002-1155, CVE-2001-0872, CVE-2001-0635, CVE-2001-0889, CVE-2001-0787, CVE-2018-14645, CVE-2000-1095, CVE-2019-12384, CVE-2017-15710, CVE-2007-3103, CVE-2000-0816, CVE-2003-0461, CVE-2018-6914, CVE-2001-1383, CVE-2002-0638, CVE-2018-12372, CVE-2004-0081, CVE-2018-16395, CVE-2001-0886, CVE-2001-0138, CVE-2001-0641, CVE-2001-1375, CVE-2002-0002, CVE-2004-0903, CVE-2001-0117, CVE-2018-1111, CVE-2000-0701, CVE-2001-0118, CVE-2015-7837, CVE-2000-1213, CVE-2004-1334, CVE-2004-0902
heuristics/module_processed_references/directly_referenced_by	3145, 3083	3565, 3292, 3293, 3563
heuristics/module_processed_references/directly_referencing	{}	{}
heuristics/module_processed_references/indirectly_referenced_by	3145, 3083	3565, 3292, 3293, 3563
heuristics/module_processed_references/indirectly_referencing	{}	{}
heuristics/module_prunned_references	{}	{}
heuristics/policy_processed_references/directly_referenced_by	3145, 3083	3563, 3292, 3293
heuristics/policy_processed_references/directly_referencing	{}	{}
heuristics/policy_processed_references/indirectly_referenced_by	3145, 3083	3563, 3292, 3293
heuristics/policy_processed_references/indirectly_referencing	{}	{}
heuristics/policy_prunned_references	{}	{}
heuristics/related_cves	{}	{}
heuristics/verified_cpe_matches	{}	{}
pdf_data/keywords/fips_cert_id	Cert: #11: 9 #1181: 2 #1182: 2 #1271: 2 #1272: 2 #1378: 1 #1379: 1 #1625: 1 #1626: 1 #2520: 1 #2521: 1 #2588: 2 #2589: 2 #3156: 1 #3157: 1 #3884: 1 #3885: 1 #4739: 1 #4740: 1 #4741: 1 #4742: 1	Cert: #11: 9 #1441: 2 #1442: 2 #1514: 2 #1515: 2 #2024: 1 #2025: 1 #2026: 1 #2027: 1 #2245: 1 #2246: 1 #2816: 1 #2817: 1 #3012: 2 #3013: 2 #3734: 1 #3735: 1 #4498: 1 #4499: 1 #5600: 1 #5601: 1 #5602: 1 #5603: 1
pdf_data/keywords/fips_security_level	Level: Level 1: 2 level 1: 1	Level: Level 1: 2 level 1: 1
pdf_data/keywords/fips_certlike	Certlike: #1182 RSA: 1 #2589 RSA: 1 #3885 HMAC: 1 AES 128, 192 and 256: 2 DSA 1024: 2 DSA 2048: 3 HMAC-SHA- 384: 2 HMAC-SHA-1: 2 HMAC-SHA-244: 2 HMAC-SHA-256: 2 HMAC-SHA-512: 2 PKCS #11: 16 PKCS#1: 2 RSA 1024: 1 RSA 2048: 4 RSA 3072: 1 RSA PKCS#1: 2 SHA- 512: 1 SHA-1: 3 SHA-224: 3 SHA-256: 7 SHA-384: 3 SHA-512: 2	Certlike: #1515 RSA: 1 #3013 RSA: 1 #4499 HMAC: 1 AES 128, 192 and 256: 2 DSA 1024: 2 DSA 2048: 3 HMAC-SHA- 384: 2 HMAC-SHA-1: 2 HMAC-SHA-244: 2 HMAC-SHA-256: 2 HMAC-SHA-512: 2 PKCS #11: 16 PKCS#1: 2 RSA 1024: 1 RSA 2048: 4 RSA 3072: 1 RSA PKCS#1: 2 SHA- 512: 1 SHA-1: 3 SHA-224: 3 SHA-256: 7 SHA-384: 3 SHA-512: 2
pdf_data/keywords/vendor
pdf_data/keywords/eval_facility
pdf_data/keywords/symmetric_crypto	AES_competition: AES: AES: 17 RC: RC2: 7 RC4: 6 RC5: 7 DES: 3DES: TDEA: 2 Triple-DES: 20 DES: DES: 8 constructions: MAC: HMAC: 16 HMAC-SHA-256: 1 HMAC-SHA-512: 1 miscellaneous: Camellia: Camellia: 7 SEED: SEED: 7	AES_competition: AES: AES: 17 RC: RC2: 7 RC4: 6 RC5: 7 DES: 3DES: TDEA: 1 Triple-DES: 20 DES: DES: 8 constructions: MAC: HMAC: 16 HMAC-SHA-256: 1 HMAC-SHA-512: 1 miscellaneous: Camellia: Camellia: 7 SEED: SEED: 7
pdf_data/keywords/asymmetric_crypto	ECC: ECDSA: ECDSA: 14 FF: DH: Diffie-Hellman: 15 DSA: DSA: 35 RSA: RSA 1024: 1 RSA 2048: 4 RSA 3072: 1	ECC: ECDSA: ECDSA: 14 FF: DH: Diffie-Hellman: 15 DSA: DSA: 35 RSA: RSA 1024: 1 RSA 2048: 4 RSA 3072: 1
pdf_data/keywords/pq_crypto
pdf_data/keywords/hash_function	MD: MD5: MD5: 4 SHA: SHA1: SHA-1: 3 SHA2: SHA-224: 3 SHA-256: 7 SHA-384: 3 SHA-512: 2	MD: MD5: MD5: 4 SHA: SHA1: SHA-1: 3 SHA2: SHA-224: 3 SHA-256: 7 SHA-384: 3 SHA-512: 2
pdf_data/keywords/crypto_scheme	MAC: MAC: 2	KA: Key Agreement: 1 MAC: MAC: 1
pdf_data/keywords/crypto_protocol	TLS: TLS: TLS: 16 TLS v1.0: 1 TLS v1.1: 1 TLS v1.2: 1	TLS: TLS: TLS: 16 TLS v1.0: 1 TLS v1.1: 1 TLS v1.2: 1
pdf_data/keywords/randomness	PRNG: DRBG: 20	PRNG: DRBG: 19
pdf_data/keywords/cipher_mode	CBC: CBC: 5 CTR: CTR: 3 ECB: ECB: 5 GCM: GCM: 2	CBC: CBC: 5 CTR: CTR: 3 ECB: ECB: 5 GCM: GCM: 3
pdf_data/keywords/ecc_curve	NIST: P-256: 6 P-384: 6 P-521: 10	NIST: P-256: 6 P-384: 6 P-521: 10
pdf_data/keywords/crypto_engine
pdf_data/keywords/tls_cipher_suite
pdf_data/keywords/crypto_library	NSS: NSS: 45	NSS: NSS: 46
pdf_data/keywords/vulnerability
pdf_data/keywords/side_channel_analysis	SCA: Timing Attacks: 2 Timing attack: 1 Timing attacks: 1 timing attacks: 1	SCA: Timing Attacks: 2 Timing attack: 1 Timing attacks: 1 timing attacks: 1
pdf_data/keywords/device_model
pdf_data/keywords/tee_name
pdf_data/keywords/os_name
pdf_data/keywords/cplc_data
pdf_data/keywords/ic_data_group
pdf_data/keywords/standard_id	FIPS: FIPS 140-2: 48 FIPS 180-4: 1 FIPS 186-4: 1 FIPS 197: 1 FIPS 198-1: 1 FIPS186-4: 2 NIST: NIST SP 800-38A: 1 NIST SP 800-38D: 1 NIST SP 800-38F: 1 NIST SP 800-56A: 1 NIST SP 800-56B: 1 NIST SP 800-67: 1 NIST SP 800-90A: 1 SP 800-90A: 1 PKCS: PKCS #11: 8 PKCS#1: 2	FIPS: FIPS 140-2: 48 FIPS 180-4: 1 FIPS 186-4: 1 FIPS 197: 1 FIPS 198-1: 1 FIPS186-4: 2 NIST: NIST SP 800-38A: 1 NIST SP 800-38D: 1 NIST SP 800-38F: 1 NIST SP 800-56A: 1 NIST SP 800-56B: 1 NIST SP 800-67: 1 NIST SP 800-90A: 1 SP 800-90A: 1 PKCS: PKCS #11: 8 PKCS#1: 2
pdf_data/keywords/javacard_version
pdf_data/keywords/javacard_api_const
pdf_data/keywords/javacard_packages
pdf_data/keywords/certification_process
pdf_data/policy_metadata	/Author: Alejandro Fabio Masino /CreationDate: D:20180131083235-06'00' /Creator: Writer /Producer: LibreOffice 5.3 /Subject: Red Hat Enterprise Linux NSS Cryptographic Module v4.0 /Title: FIPS 140-2 Non-Proprietary Security Policy pdf_file_size_bytes: 373614 pdf_hyperlinks: http://csrc.nist.gov/groups/STM/cmvp/standards.html, http://csrc.nist.gov/publications/PubsFIPS.html, http://www.cryptography.com/timingattack/, http://crypto.stanford.edu/~dabo/abstracts/ssl-timing.html, http://www.daemonology.net/papers/htt.pdf pdf_is_encrypted: False pdf_number_of_pages: 34	/Author: Alejandro Fabio Masino /CreationDate: D:20190510095855-05'00' /Creator: Writer /Producer: LibreOffice 5.3 /Subject: Red Hat Enterprise Linux NSS Cryptographic Module /Title: FIPS 140-2 Non-Proprietary Security Policy pdf_file_size_bytes: 371899 pdf_hyperlinks: http://csrc.nist.gov/groups/STM/cmvp/standards.html, http://csrc.nist.gov/publications/PubsFIPS.html, http://www.cryptography.com/timingattack/, http://crypto.stanford.edu/~dabo/abstracts/ssl-timing.html, http://www.daemonology.net/papers/htt.pdf pdf_is_encrypted: False pdf_number_of_pages: 34
state/module_download_ok	True	True
state/module_extract_ok	True	True
state/policy_convert_garbage	False	False
state/policy_convert_ok	True	True
state/policy_download_ok	True	True
state/policy_extract_ok	True	True
state/policy_pdf_hash	Different	Different
state/policy_txt_hash	Different	Different
web_data/caveat	When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy	When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy
web_data/certificate_pdf_url	https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/FIPS140ConsolidatedCertDec2017.pdf	https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/FIPS140ConsolidatedCertAug2018.pdf
web_data/date_sunset
web_data/description	Network Security Services (NSS) is a set of open source C libraries designed to support cross-platform development of security-enabled applications. NSS implements major Internet security standards. NSS is available free of charge under a variety of open source compatible licenses. See http://www.mozilla.org/projects/security/pki/nss/.	Network Security Services (NSS) is a set of open source C libraries designed to support cross-platform development of security-enabled applications. NSS implements major Internet security standards. NSS is available free of charge under a variety of open source compatible licenses. See http://www.mozilla.org/projects/security/pki/nss/.
web_data/embodiment	Multi-Chip Stand Alone	Multi-Chip Stand Alone
web_data/exceptions	Roles, Services, and Authentication: Level 2, Physical Security: N/A, Design Assurance: Level 2	Roles, Services, and Authentication: Level 2, Physical Security: N/A, Design Assurance: Level 2
web_data/fw_versions	[]	[]
web_data/historical_reason	SP 800-56Arev3 transition	SP 800-56Arev3 transition
web_data/hw_versions	[]	[]
web_data/level	1	1
web_data/mentioned_certs
web_data/module_name	Red Hat Enterprise Linux NSS Cryptographic Module	Red Hat Enterprise Linux NSS Cryptographic Module
web_data/module_type	Software	Software
web_data/revoked_link	None	None
web_data/revoked_reason	None	None
web_data/standard	FIPS 140-2	FIPS 140-2
web_data/status	historical	historical
web_data/sw_versions	5.0	6.0
web_data/tested_conf	Red Hat Enterprise Linux 7.4 running on Dell PowerEdge R630 with PAA, Red Hat Enterprise Linux 7.4 running on Dell PowerEdge R630 without PAA (single-user mode)	Red Hat Enterprise Linux 7 running on Dell PowerEdge R630 with PAA, Red Hat Enterprise Linux 7 running on Dell PowerEdge R630 without PAA (single-user mode)
web_data/validation_history	date: 01.12.2017 lab: ATSEC INFORMATION SECURITY CORP validation_type: Initial date: 08.02.2018 lab: ATSEC INFORMATION SECURITY CORP validation_type: Update	date: 29.08.2018 lab: ATSEC INFORMATION SECURITY CORP validation_type: Initial date: 17.06.2019 lab: ATSEC INFORMATION SECURITY CORP validation_type: Update
web_data/vendor	Red Hat®, Inc.	Red Hat®, Inc.
web_data/vendor_url	http://www.redhat.com	http://www.redhat.com