Comparing certificates Experimental feature

You are comparing two certificates. By default, only differing attributes are shown. Use the button below to show/hide all attributes.

Showing only differing attributes.
Okta Cryptographic Module for Java
Okta Cryptographic Module for Java
cert_id 4370 3353
dgst c70e8a8dbc45421e e1deda4c9751baf1
heuristics/algorithms SHA-3-Customized#A2720, AES#A2720, SHS#A2720, HMAC#A2720, KBKDF#A2720, CVL#A2720, ECDSA#A2720, SHA-3#A2720, Triple-DES#A2720, RSA#A2720, DSA#A2720, KTS#A2720, DRBG#A2720 Triple-DES#2494, CVL#1344, SHS#3849, SHA-3#24, KTS#2494, DRBG#1600, CVL#1345, AES#4702, CVL#1343, ECDSA#1160, RSA#2562, DSA#1244, CVL#1342, HMAC#3114, KBKDF#145
heuristics/module_processed_references/directly_referencing {} 3080
heuristics/module_processed_references/indirectly_referencing {} 3080
heuristics/module_prunned_references {} 3080
pdf_data/keywords/fips_cert_id
  • Cert:
    • #1: 1
    • #1342: 1
    • #1344: 1
    • #1600: 1
    • #3114: 1
pdf_data/keywords/fips_certlike
  • Certlike:
    • AES (128: 1
    • AES9: 1
    • DRBG 112: 1
    • DRBG 15: 1
    • DRBG14: 1
    • DSA3: 1
    • Diffie-Hellman (160: 1
    • Diffie-Hellman (2048: 1
    • HMAC-SHA-1: 2
    • HMAC-SHA-224: 2
    • HMAC-SHA-256: 8
    • HMAC-SHA-384: 2
    • HMAC-SHA-512: 2
    • HMAC-SHA-512/224: 2
    • HMAC-SHA-512/256: 2
    • PKCS 1: 6
    • PKCS#1: 4
    • PKCS#12: 4
    • PKCS#5: 4
    • SHA- 224: 1
    • SHA- 256: 1
    • SHA-1: 9
    • SHA-2: 3
    • SHA-224: 3
    • SHA-256: 5
    • SHA-3: 5
    • SHA-384: 4
    • SHA-512: 6
    • SHA-5128: 1
    • SHA3: 1
    • SHA3-224: 1
    • SHA3-256: 2
    • SHA3-384: 1
    • SHA3-512: 1
  • Certlike:
    • AES 128, 192: 2
    • CVL #1342: 1
    • CVL #1344: 1
    • DRBG #1600: 1
    • DRBG 112: 1
    • DSA3: 1
    • HMAC #3114: 2
    • PKCS #1: 2
    • PKCS#1: 4
    • PKCS#12: 4
    • PKCS#5: 4
    • PKCS1: 2
pdf_data/keywords/symmetric_crypto
  • AES_competition:
    • AES:
      • AES: 44
    • CAST:
      • CAST5: 1
    • RC:
      • RC2: 1
      • RC4: 1
    • Serpent:
      • Serpent: 1
    • Twofish:
      • Twofish: 1
  • DES:
    • 3DES:
      • TDEA: 6
      • TDES: 2
      • Triple-DES: 31
    • DES:
      • DES: 5
  • constructions:
    • MAC:
      • CBC-MAC: 1
      • CMAC: 9
      • HMAC: 16
      • HMAC-SHA-224: 1
      • HMAC-SHA-256: 4
      • HMAC-SHA-384: 1
      • HMAC-SHA-512: 1
      • KMAC: 1
  • miscellaneous:
    • Blowfish:
      • Blowfish: 1
    • Camellia:
      • Camellia: 1
    • IDEA:
      • IDEA: 1
    • SEED:
      • SEED: 1
  • AES_competition:
    • AES:
      • AES: 28
    • CAST:
      • CAST5: 1
    • RC:
      • RC2: 1
      • RC4: 1
    • Serpent:
      • Serpent: 1
    • Twofish:
      • Twofish: 1
  • DES:
    • 3DES:
      • TDEA: 6
      • TDES: 1
      • TripleDES: 1
    • DES:
      • DES: 4
  • constructions:
    • MAC:
      • CMAC: 5
      • HMAC: 12
  • miscellaneous:
    • Blowfish:
      • Blowfish: 1
    • Camellia:
      • Camellia: 1
    • IDEA:
      • IDEA: 1
    • SEED:
      • SEED: 1
pdf_data/keywords/asymmetric_crypto
  • ECC:
    • ECC:
      • ECC: 2
    • ECDSA:
      • ECDSA: 11
    • EdDSA:
      • EdDSA: 2
  • FF:
    • DH:
      • DH: 8
      • Diffie-Hellman: 6
    • DSA:
      • DSA: 17
  • RSA:
    • RSA-OAEP: 1
  • ECC:
    • ECC:
      • ECC: 2
    • ECDSA:
      • ECDSA: 12
  • FF:
    • DH:
      • DH: 8
    • DSA:
      • DSA: 15
pdf_data/keywords/hash_function
  • MD:
    • MD5:
      • MD5: 4
  • PBKDF:
    • PBKDF: 19
  • RIPEMD:
    • RIPEMD: 1
    • RIPEMD128: 1
    • RIPEMD160: 1
    • RIPEMD256: 1
    • RIPEMD320: 1
  • SHA:
    • SHA1:
      • SHA-1: 9
    • SHA2:
      • SHA-2: 3
      • SHA-224: 3
      • SHA-256: 5
      • SHA-384: 4
      • SHA-512: 6
    • SHA3:
      • SHA-3: 5
      • SHA3: 1
      • SHA3-224: 1
      • SHA3-256: 2
      • SHA3-384: 1
      • SHA3-512: 1
  • SHAKE:
    • SHAKE128: 1
    • SHAKE256: 2
  • scrypt:
    • scrypt: 1
  • MD:
    • MD5:
      • MD5: 4
  • PBKDF:
    • PBKDF: 14
  • RIPEMD:
    • RIPEMD: 1
    • RIPEMD128: 1
    • RIPEMD256: 1
    • RIPEMD320: 1
  • SHAKE:
    • SHAKE128: 2
    • SHAKE256: 2
pdf_data/keywords/crypto_scheme
  • KA:
    • Key Agreement: 8
  • MAC:
    • MAC: 4
  • KA:
    • Key Agreement: 7
  • MAC:
    • MAC: 4
pdf_data/keywords/crypto_protocol
  • IKE:
    • IKEv2: 7
  • SSH:
    • SSH: 7
  • TLS:
    • TLS:
      • TLS: 18
      • TLS 1.2: 1
  • IKE:
    • IKEv2: 5
  • SSH:
    • SSH: 5
  • TLS:
    • TLS:
      • TLS: 14
      • TLS 1.2: 1
pdf_data/keywords/randomness
  • PRNG:
    • DRBG: 48
    • PRNG: 1
  • RNG:
    • RNG: 2
  • PRNG:
    • DRBG: 23
    • PRNG: 1
  • RNG:
    • RNG: 2
pdf_data/keywords/cipher_mode
  • CBC:
    • CBC: 3
  • CCM:
    • CCM: 5
  • CFB:
    • CFB: 1
  • CTR:
    • CTR: 10
  • ECB:
    • ECB: 3
  • GCM:
    • GCM: 15
  • OFB:
    • OFB: 2
  • CBC:
    • CBC: 3
  • CCM:
    • CCM: 4
  • CFB:
    • CFB: 1
  • CTR:
    • CTR: 6
  • ECB:
    • ECB: 3
  • GCM:
    • GCM: 11
  • OFB:
    • OFB: 2
pdf_data/keywords/ecc_curve
  • Edwards:
    • Ed25519: 1
    • Ed448: 1
  • NIST:
    • B-163: 1
    • B-233: 5
    • B-283: 5
    • B-409: 4
    • B-571: 5
    • K-163: 1
    • K-233: 5
    • K-283: 5
    • K-409: 5
    • K-571: 4
    • P-192: 2
    • P-224: 10
    • P-256: 12
    • P-384: 10
    • P-521: 8
pdf_data/keywords/tee_name
  • IBM:
    • SE: 1
pdf_data/keywords/standard_id
  • FIPS:
    • FIPS 140: 8
    • FIPS 140-2: 15
    • FIPS 180-4: 2
    • FIPS 186-2: 2
    • FIPS 186-4: 10
    • FIPS 197: 5
    • FIPS 198-1: 3
    • FIPS 202: 2
    • FIPS PUB 140-2: 1
  • NIST:
    • NIST SP 800-90C: 1
    • SP 800-108: 9
    • SP 800-132: 5
    • SP 800-133: 2
    • SP 800-135: 7
    • SP 800-185: 2
    • SP 800-38A: 7
    • SP 800-38B: 3
    • SP 800-38C: 4
    • SP 800-38D: 5
    • SP 800-38F: 5
    • SP 800-56A: 2
    • SP 800-56B: 9
    • SP 800-56C: 7
    • SP 800-67: 5
    • SP 800-89: 1
    • SP 800-90A: 5
  • PKCS:
    • PKCS 1: 3
    • PKCS#1: 2
    • PKCS#12: 2
    • PKCS#5: 2
  • RFC:
    • RFC 7914: 1
  • FIPS:
    • FIPS 140: 6
    • FIPS 197: 2
    • FIPS 202: 2
  • PKCS:
    • PKCS #1: 1
    • PKCS#1: 2
    • PKCS#12: 2
    • PKCS#5: 2
    • PKCS1: 1
pdf_data/keywords/javacard_api_const
  • curves:
    • X25519: 1
    • X448: 1
pdf_data/policy_metadata
  • /Author: dspann
  • /CreationDate: D:20181217173936-08'00'
  • /Creator: PScript5.dll Version 5.2.2
  • /ModDate: D:20181217173936-08'00'
  • /Producer: Acrobat Distiller 11.0 (Windows)
  • /Title: Microsoft Word - Security Policy.docx
  • pdf_file_size_bytes: 412504
  • pdf_hyperlinks: {}
  • pdf_is_encrypted: False
  • pdf_number_of_pages: 33
state/policy_pdf_hash Different Different
state/policy_txt_hash Different Different
web_data/caveat When installed, initialized and configured as specified in the Security Policy Section 3 and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy. When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy. No assurance of the minimum strength of generated keys. This validation entry is a non-security relevant modification to Cert. #3080.
web_data/certificate_pdf_url https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/November 2022_051222_0640_signed.pdf https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/JanuaryConsolidatedCert.pdf
web_data/date_sunset 22.02.2025
web_data/description The Okta Cryptographic Module for Java manages functions for secure key management, data integrity, data at rest encryption, and secure communications for the Okta Multifactor Authentication solution. The Okta Cryptographic Module for JavaMobile manages functions for secure key management, data integrity, data at rest encryption, and secure communications for the Okta Multifactor Authentication solution
web_data/historical_reason Moved to historical list due to sunsetting
web_data/mentioned_certs
  • 3080: 1
web_data/status active historical
web_data/sw_versions 3.0.2.1 2.1
web_data/tested_conf VMware Photon OS 2.0 with JDK 11 on Vmware ESXi 6.7 running on Dell PowerEdge R830 with Intel Xeon E5 (single-user mode) CentOS 6 and OpenJDK 1.7 running on HP ProLiant DL360 G7 Server using an Intel Xeon X5670 (single-user mode)
web_data/validation_history
  • date: 16.11.2022
  • lab: ÆGISOLVE
  • validation_type: Initial
  • date: 29.01.2019
  • lab: ÆGISOLVE
  • validation_type: Initial