This page was not yet optimized for use on mobile devices.
CryptoComply 140-3 FIPS Provider
Certificate #4781
Webpage information ?
Security policy ?
Symmetric Algorithms
AES-128, AES-192, AES-256, AES, AES-, CAST, Triple-DES, TDES, HMAC, HMAC-SHA-256, KMAC, CMACAsymmetric Algorithms
ECDH, ECDSA, EdDSA, ECC, DHE, Diffie-Hellman, DH, DSAHash functions
SHA-1, SHA-256, SHA-512, SHA-224, SHA-384, SHA-2, SHA3-224, SHA3-256, SHA3-384, SHA3-512, SHAKE256, PBKDFSchemes
MAC, Key AgreementProtocols
SSH, TLS v1.2, TLS v1.3, TLS 1.2, TLS 1.3Randomness
DRBG, RNG, RBGLibraries
OpenSSLElliptic Curves
P-224, P-256, P-384, P-521, P-192, B-233, B-283, B-409, B-571, K-233, K-283, K-409, K-571, B-163, K-163, brainpoolP224r1, brainpoolP256r1, brainpoolP320r1, brainpoolP384r1, brainpoolP512r1, Ed25519, Ed448Block cipher modes
CBC, GCM, XTSTrusted Execution Environments
PSP, SSCSecurity level
Level 1Side-channel analysis
side-channel, timing attacks, timing attackStandards
FIPS 140-3, FIPS 140, FIPS 186-4, FIPS 186-5, FIPS 198-1, FIPS 180-4, FIPS 202, FIPS186-4, SP 800-38A, SP 800-38C, SP 800-38B, SP 800-38D, SP 800-38F, SP 800-38E, SP 800-133, SP 800-90A, SP 800-185, SP 800-132, SP 800-186, NIST SP 800-38D, PKCS 1, PKCS#1, RFC7627, RFC 8446, RFC 5288, RFC 5246, RFC 7627, ISO/IEC 24759File metadata
| Title | Security Policy |
|---|---|
| Subject | CryptoComply 140-3 FIPS Provider |
| Author | SafeLogic Inc. |
| Creation date | D:20240627143222-07'00' |
| Modification date | D:20240627143222-07'00' |
| Pages | 100 |
| Creator | Microsoft® Word for Microsoft 365 |
| Producer | Microsoft® Word for Microsoft 365 |
Heuristics ?
No heuristics are available for this certificate.
References ?
No references are available for this certificate.
Updates ?
-
09.09.2024 The certificate was first processed.
New certificate
A new FIPS 140 certificate with the product name was processed.
Raw data
{
"_type": "sec_certs.sample.fips.FIPSCertificate",
"cert_id": 4781,
"dgst": "d265908f76c0179e",
"heuristics": {
"_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
"algorithms": {
"_type": "Set",
"elements": [
"Hash DRBGA5173",
"KMAC-128A5173",
"DSA PQGVer (FIPS186-4)A5173",
"EDDSA KeyVerA5173",
"KDF KMAC Sp800-108r1A5173",
"AES-CTRA5173",
"SHA2-256A5173",
"SHA2-512A5173",
"Safe Primes Key GenerationA5173",
"KDF SP800-108A5173",
"AES-CBC-CS1A5173",
"AES-KWPA5173",
"HMAC-SHA2-384A5173",
"KMAC-256A5173",
"KDA TwoStep SP800-56Cr2A5173",
"ECDSA SigGen (FIPS186-4)A4593",
"AES-GCMA5173",
"SHA2-512/256A5173",
"AES-KWA5173",
"TDES-CBCA5173",
"AES-CFB1A5173",
"AES-OFBA5173",
"HMAC-SHA3-256A5173",
"SHA3-224A5173",
"ECDSA SigVer (FIPS186-4)A5173",
"HMAC-SHA2-512/224A5173",
"RSA KeyGen (FIPS186-4)A5173",
"DSA PQGGen (FIPS186-4)A5173",
"HMAC DRBGA5173",
"SHAKE-256A5173",
"AES-CBC-CS2A5173",
"SHA2-512/224A5173",
"EDDSA KeyGenA5173",
"SHAKE-128A5173",
"AES-CMACA5173",
"KAS-IFC-SSCA5173",
"PBKDFA5173",
"AES-ECBA5173",
"AES-CBCA5173",
"HMAC-SHA-1A5173",
"KDF SSHA5173",
"KAS-ECC-SSC Sp800-56Ar3A5173",
"KAS-FFC-SSC Sp800-56Ar3A5173",
"Safe Primes Key VerificationA5173",
"HMAC-SHA2-224A5173",
"HMAC-SHA2-512A5173",
"AES-XTS Testing Revision 2.0A5173",
"SHA3-256A5173",
"AES-CFB128A5173",
"AES-GMACA5173",
"EDDSA SigVerA4593",
"HMAC-SHA3-224A5173",
"Counter DRBGA5173",
"RSA SigGen (FIPS186-4)A5173",
"AES-CBC-CS3A5173",
"SHA3-384A5173",
"HMAC-SHA2-256A5173",
"TLS v1.3 KDFA5173",
"DSA KeyGen (FIPS186-4)A5173",
"AES-CCMA5173",
"SHA2-384A5173",
"ECDSA KeyGen (FIPS186-4)A5173",
"ECDSA KeyVer (FIPS186-4)A5173",
"DSA SigVer (FIPS186-4)A5173",
"HMAC-SHA3-512A5173",
"KDF ANS 9.63A5173",
"SHA3-512A5173",
"SHA-1A5173",
"HMAC-SHA2-512/256A5173",
"SHA2-224A5173",
"EDDSA SigGenA5173",
"KDA HKDF SP800-56Cr2A5173",
"KDA OneStep SP800-56Cr2A5173",
"KDF ANS 9.42A5173",
"AES-CFB8A5173",
"TLS v1.2 KDF RFC7627A5173",
"RSA SigVer (FIPS186-4)A5173",
"HMAC-SHA3-384A5173",
"KTS-IFCA5173",
"TDES-ECBA5173"
]
},
"cpe_matches": null,
"direct_transitive_cves": null,
"extracted_versions": {
"_type": "Set",
"elements": [
"3",
"140"
]
},
"indirect_transitive_cves": null,
"module_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"module_prunned_references": {
"_type": "Set",
"elements": []
},
"policy_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"policy_prunned_references": {
"_type": "Set",
"elements": []
},
"related_cves": null,
"verified_cpe_matches": null
},
"pdf_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
"keywords": {
"asymmetric_crypto": {
"ECC": {
"ECC": {
"ECC": 6
},
"ECDH": {
"ECDH": 10
},
"ECDSA": {
"ECDSA": 53
},
"EdDSA": {
"EdDSA": 17
}
},
"FF": {
"DH": {
"DH": 27,
"DHE": 1,
"Diffie-Hellman": 12
},
"DSA": {
"DSA": 38
}
}
},
"certification_process": {},
"cipher_mode": {
"CBC": {
"CBC": 1
},
"GCM": {
"GCM": 4
},
"XTS": {
"XTS": 7
}
},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {
"OpenSSL": {
"OpenSSL": 8
}
},
"crypto_protocol": {
"SSH": {
"SSH": 7
},
"TLS": {
"TLS": {
"TLS 1.2": 7,
"TLS 1.3": 7,
"TLS v1.2": 6,
"TLS v1.3": 6
}
}
},
"crypto_scheme": {
"KA": {
"Key Agreement": 42
},
"MAC": {
"MAC": 32
}
},
"device_model": {},
"ecc_curve": {
"Brainpool": {
"brainpoolP224r1": 4,
"brainpoolP256r1": 2,
"brainpoolP320r1": 2,
"brainpoolP384r1": 2,
"brainpoolP512r1": 2
},
"Edwards": {
"Ed25519": 5,
"Ed448": 5
},
"NIST": {
"B-163": 2,
"B-233": 5,
"B-283": 5,
"B-409": 5,
"B-571": 5,
"K-163": 2,
"K-233": 7,
"K-283": 5,
"K-409": 5,
"K-571": 5,
"P-192": 4,
"P-224": 14,
"P-256": 12,
"P-384": 10,
"P-521": 10
}
},
"eval_facility": {},
"fips_cert_id": {},
"fips_certlike": {
"Certlike": {
"AES-128": 2,
"AES-192": 2,
"AES-256": 2,
"HMAC 160": 1,
"HMAC 160, 224": 1,
"HMAC-SHA- 256": 2,
"HMAC-SHA-1": 20,
"HMAC-SHA-256": 22,
"HMAC-SHA-256 2": 2,
"HMAC-SHA-2561": 2,
"HMAC-SHA-2562": 2,
"PKCS 1": 4,
"PKCS#1": 4,
"SHA- 256": 2,
"SHA- 3": 1,
"SHA-1": 36,
"SHA-1, 256": 2,
"SHA-2": 1,
"SHA-224": 2,
"SHA-256": 10,
"SHA-384": 1,
"SHA-512": 9,
"SHA-51212": 1,
"SHA2-224": 34,
"SHA2-256": 46,
"SHA2-384": 42,
"SHA2-512": 45,
"SHA3-224": 13,
"SHA3-256": 12,
"SHA3-25611": 1,
"SHA3-384": 12,
"SHA3-512": 11
}
},
"fips_security_level": {
"Level": {
"Level 1": 3
}
},
"hash_function": {
"PBKDF": {
"PBKDF": 13
},
"SHA": {
"SHA1": {
"SHA-1": 38
},
"SHA2": {
"SHA-2": 1,
"SHA-224": 2,
"SHA-256": 10,
"SHA-384": 1,
"SHA-512": 9
},
"SHA3": {
"SHA3-224": 13,
"SHA3-256": 12,
"SHA3-384": 12,
"SHA3-512": 11
}
},
"SHAKE": {
"SHAKE256": 1
}
},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {
"PRNG": {
"DRBG": 136
},
"RNG": {
"RBG": 20,
"RNG": 3
}
},
"side_channel_analysis": {
"SCA": {
"side-channel": 1,
"timing attack": 1,
"timing attacks": 2
}
},
"standard_id": {
"FIPS": {
"FIPS 140": 7,
"FIPS 140-3": 15,
"FIPS 180-4": 14,
"FIPS 186-4": 15,
"FIPS 186-5": 7,
"FIPS 198-1": 11,
"FIPS 202": 10,
"FIPS186-4": 15
},
"ISO": {
"ISO/IEC 24759": 2
},
"NIST": {
"NIST SP 800-38D": 1,
"SP 800-132": 5,
"SP 800-133": 1,
"SP 800-185": 2,
"SP 800-186": 1,
"SP 800-38A": 7,
"SP 800-38B": 1,
"SP 800-38C": 1,
"SP 800-38D": 4,
"SP 800-38E": 2,
"SP 800-38F": 5,
"SP 800-90A": 7
},
"PKCS": {
"PKCS 1": 2,
"PKCS#1": 2
},
"RFC": {
"RFC 5246": 1,
"RFC 5288": 1,
"RFC 7627": 1,
"RFC 8446": 3,
"RFC7627": 6
}
},
"symmetric_crypto": {
"AES_competition": {
"AES": {
"AES": 55,
"AES-": 4,
"AES-128": 2,
"AES-192": 2,
"AES-256": 2
},
"CAST": {
"CAST": 46
}
},
"DES": {
"3DES": {
"TDES": 4,
"Triple-DES": 5
}
},
"constructions": {
"MAC": {
"CMAC": 1,
"HMAC": 42,
"HMAC-SHA-256": 12,
"KMAC": 11
}
}
},
"tee_name": {
"AMD": {
"PSP": 8
},
"IBM": {
"SSC": 1
}
},
"tls_cipher_suite": {},
"vendor": {},
"vulnerability": {}
},
"policy_metadata": {
"/Author": "SafeLogic Inc.",
"/CreationDate": "D:20240627143222-07\u002700\u0027",
"/Creator": "Microsoft\u00ae Word for Microsoft 365",
"/ModDate": "D:20240627143222-07\u002700\u0027",
"/Producer": "Microsoft\u00ae Word for Microsoft 365",
"/Subject": "CryptoComply 140-3 FIPS Provider",
"/Title": "Security Policy",
"pdf_file_size_bytes": 1585833,
"pdf_hyperlinks": {
"_type": "Set",
"elements": [
"http://www.safelogic.com/",
"https://csrc.nist.gov/projects/cryptographic-module-validation-program",
"https://www.safelogic.com/cryptocomply"
]
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 100
}
},
"state": {
"_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
"module_download_ok": true,
"module_extract_ok": true,
"policy_convert_garbage": false,
"policy_convert_ok": true,
"policy_download_ok": true,
"policy_extract_ok": true,
"policy_pdf_hash": "f75f31d2853c1eb59fcbcb281eb6ff9a3a1dd9cb8fb80ced35fe344c0c3b3bef",
"policy_txt_hash": "3459fa647464cb980b4e8e79ff74db94bbaf2450166f934c3eb091638e256a6e"
},
"web_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
"caveat": "Interim validation. When installed, initialized and configured as specified in Section 11.1 of the Security Policy. No assurance of the minimum strength of generated SSPs (e.g., keys) and random strings. No assurance of minimum security of SSPs (e.g., keys, bit strings) that are externally loaded, or of SSPs established with externally loaded SSPs",
"certificate_pdf_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/August 2024_010924_0336.pdf",
"date_sunset": "2026-08-26",
"description": "CryptoComply 140-3 FIPS Provider is a standards-based \u201cDrop-in Compliance\u2122\u201d cryptographic engine. The module delivers core cryptographic functions to applications such as servers, personal computers, mobile devices, and appliances. The module features robust algorithm support, including CNSA algorithms. The module delivers cryptographic services to host applications through a C language Application Programming Interface (API).",
"embodiment": "Multi-Chip Stand Alone",
"exceptions": [
"Physical security: N/A",
"Non-invasive security: N/A",
"Documentation requirements: N/A",
"Cryptographic module security policy: N/A"
],
"fw_versions": null,
"historical_reason": null,
"hw_versions": null,
"level": 1,
"mentioned_certs": {},
"module_name": "CryptoComply 140-3 FIPS Provider",
"module_type": "Software",
"revoked_link": null,
"revoked_reason": null,
"standard": "FIPS 140-3",
"status": "active",
"sw_versions": "3.0.0-FIPS 140-3, 3.0.1-FIPS 140-3",
"tested_conf": [
"AlmaLinux 9 running on a Dell PowerEdge R830 with an Intel Xeon E5-4667v4 with PAA",
"AlmaLinux 9 running on a Dell PowerEdge R830 with an Intel Xeon E5-4667v4 without PAA",
"Android 13 running on a Google Pixel 7 with a Google Tensor G2",
"Debian 11 running on a Dell PowerEdge R830 with an Intel Xeon E5-4667v4 with PAA",
"Debian 11 running on a Dell PowerEdge R830 with an Intel Xeon E5-4667v4 without PAA",
"FreeBSD 13 running on a Dell PowerEdge R830 with an Intel Xeon E5-4667v4 with PAA",
"FreeBSD 13 running on a Dell PowerEdge R830 with an Intel Xeon E5-4667v4 without PAA",
"iOS 16 running on an iPhone 13 Mini with an Apple A15 Bionic without PAA",
"iPadOS 16 running on an iPad Air (2022) with an Apple M1 without No",
"macOS 13 (Ventura) running on a Mac Mini M2 with an Apple M2",
"Oracle Solaris 11.4 running on a Dell PowerEdge R830 with an Intel Xeon E5-4667v4 with PAA",
"Oracle Solaris 11.4 running on a Dell PowerEdge R830 with an Intel Xeon E5-4667v4 without PAA",
"Red Hat Enterprise Linux 9 running on a Dell PowerEdge R830 with an Intel Xeon E5-4667v4 with PAA",
"Red Hat Enterprise Linux 9 running on a Dell PowerEdge R830 with an Intel Xeon E5-4667v4 without PAA",
"Rocky Linux 9 running on a Dell PowerEdge R830 with an Intel Xeon E5-4667v4 with PAA",
"Rocky Linux 9 running on a Dell PowerEdge R830 with an Intel Xeon E5-4667v4 without PAA",
"SUSE Linux Enterprise Server 15 running on a Dell PowerEdge R830 with an Intel Xeon E5-4667v4 with PAA",
"SUSE Linux Enterprise Server 15 running on a Dell PowerEdge R830 with an Intel Xeon E5-4667v4 without PAA",
"Ubuntu 22.04 running on a Dell PowerEdge R830 with an Intel Xeon E5-4667v4 with PAA",
"Ubuntu 22.04 running on a Dell PowerEdge R830 with an Intel Xeon E5-4667v4 without PAA",
"Windows 10 running on a Dell PowerEdge R830 with an Intel Xeon E5-4667v4 with PAA",
"Windows 10 running on a Dell PowerEdge R830 with an Intel Xeon E5-4667v4 without PAA",
"Windows 11 running on a Dell PowerEdge R830 with an Intel Xeon E5-4667v4 with PAA",
"Windows 11 running on a Dell PowerEdge R830 with an Intel Xeon E5-4667v4 without PAA",
"Windows Server 2019 running on a Dell PowerEdge R830 with an Intel Xeon E5-4667v4 with PAA",
"Windows Server 2019 running on a Dell PowerEdge R830 with an Intel Xeon E5-4667v4 without PAA",
"Windows Server 2022 running on a Dell PowerEdge R830 with an Intel Xeon E5-4667v4 with PAA",
"Windows Server 2022 running on a Dell PowerEdge R830 with an Intel Xeon E5-4667v4 without PAA"
],
"validation_history": [
{
"_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
"date": "2024-08-27",
"lab": "LEIDOS CSTL",
"validation_type": "Initial"
}
],
"vendor": "SafeLogic Inc.",
"vendor_url": "http://www.safelogic.com"
}
}