This page was not yet optimized for use on mobile devices.
NetApp CryptoMod
Certificate #4731
Webpage information ?
Security policy ?
Symmetric Algorithms
AES, AES-, AES-256, HMAC, CMACHash functions
SHA-1, SHA1, SHA-3, SHA3-256, PBKDFProtocols
TLS, IPsecRandomness
DRBG, RNGBlock cipher modes
ECB, CBC, CTR, GCM, CCM, XEX, XTSVendor
MicrosoftSecurity level
Level 1Standards
FIPS 140-3, FIPS 197, FIPS 198-1, FIPS 202, FIPS 180-4, NIST SP 800-90B, RFC 5288, RFC 4106, ISO/IEC 24759File metadata
| Title | Standard TR Template |
|---|---|
| Author | IE CCS |
| Creation date | D:20240719125608-04'00' |
| Modification date | D:20240719125608-04'00' |
| Pages | 27 |
| Creator | Microsoft® Word for Microsoft 365 |
| Producer | Microsoft® Word for Microsoft 365 |
Heuristics ?
No heuristics are available for this certificate.
References ?
No references are available for this certificate.
Updates ?
-
12.08.2024 The certificate data changed.
Certificate changed
The web extraction data was updated.
- The certificate_pdf_url property was set to
https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/July 2024_010824_1146.pdf.
- The certificate_pdf_url property was set to
-
24.07.2024 The certificate was first processed.
New certificate
A new FIPS 140 certificate with the product name was processed.
Raw data
{
"_type": "sec_certs.sample.fips.FIPSCertificate",
"cert_id": 4731,
"dgst": "d2c5ea6c63da5897",
"heuristics": {
"_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
"algorithms": {
"_type": "Set",
"elements": [
"HMAC-SHA2-256A2640",
"Counter DRBGA2640",
"KDF SP800-108A2640",
"AES-CCMA2640",
"AES-CBCA2640",
"AES-GMACA2640",
"PBKDFA2640",
"HMAC-SHA-1A2640",
"SHA3-256A2640",
"AES-CMACA2640",
"AES-ECBA2640",
"AES-GCMA2640",
"SHA-1A2640",
"HMAC-SHA2-512A2640",
"SHA2-256A2640",
"AES-KWPA2640",
"AES-XTS Testing Revision 2.0A2640",
"SHA2-512A2640"
]
},
"cpe_matches": null,
"direct_transitive_cves": null,
"extracted_versions": {
"_type": "Set",
"elements": [
"-"
]
},
"indirect_transitive_cves": null,
"module_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"module_prunned_references": {
"_type": "Set",
"elements": []
},
"policy_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"policy_prunned_references": {
"_type": "Set",
"elements": []
},
"related_cves": null,
"verified_cpe_matches": null
},
"pdf_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
"keywords": {
"asymmetric_crypto": {},
"certification_process": {},
"cipher_mode": {
"CBC": {
"CBC": 2
},
"CCM": {
"CCM": 8
},
"CTR": {
"CTR": 7
},
"ECB": {
"ECB": 2
},
"GCM": {
"GCM": 11
},
"XEX": {
"XEX": 1
},
"XTS": {
"XTS": 7
}
},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {},
"crypto_protocol": {
"IPsec": {
"IPsec": 4
},
"TLS": {
"TLS": {
"TLS": 5
}
}
},
"crypto_scheme": {},
"device_model": {},
"ecc_curve": {},
"eval_facility": {},
"fips_cert_id": {
"Cert": {
"#2": 1
}
},
"fips_certlike": {
"Certlike": {
"AES- 256": 1,
"AES-256": 1,
"HMAC SHA-1": 2,
"HMAC- SHA1": 2,
"HMAC-SHA-1": 2,
"SHA-1": 6,
"SHA-3": 2,
"SHA1": 2,
"SHA2-256": 6,
"SHA2-512": 8,
"SHA3- 256": 1,
"SHA3-256": 2
}
},
"fips_security_level": {
"Level": {
"Level 1": 8
}
},
"hash_function": {
"PBKDF": {
"PBKDF": 9
},
"SHA": {
"SHA1": {
"SHA-1": 6,
"SHA1": 2
},
"SHA3": {
"SHA-3": 2,
"SHA3-256": 3
}
}
},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {
"PRNG": {
"DRBG": 29
},
"RNG": {
"RNG": 1
}
},
"side_channel_analysis": {},
"standard_id": {
"FIPS": {
"FIPS 140-3": 20,
"FIPS 180-4": 2,
"FIPS 197": 4,
"FIPS 198-1": 2,
"FIPS 202": 2
},
"ISO": {
"ISO/IEC 24759": 4
},
"NIST": {
"NIST SP 800-90B": 1
},
"RFC": {
"RFC 4106": 1,
"RFC 5288": 1
}
},
"symmetric_crypto": {
"AES_competition": {
"AES": {
"AES": 37,
"AES-": 5,
"AES-256": 1
}
},
"constructions": {
"MAC": {
"CMAC": 4,
"HMAC": 13
}
}
},
"tee_name": {},
"tls_cipher_suite": {},
"vendor": {
"Microsoft": {
"Microsoft": 1
}
},
"vulnerability": {}
},
"policy_metadata": {
"/Author": "IE CCS",
"/CreationDate": "D:20240719125608-04\u002700\u0027",
"/Creator": "Microsoft\u00ae Word for Microsoft 365",
"/ModDate": "D:20240719125608-04\u002700\u0027",
"/Producer": "Microsoft\u00ae Word for Microsoft 365",
"/Title": "Standard TR Template",
"pdf_file_size_bytes": 421870,
"pdf_hyperlinks": {
"_type": "Set",
"elements": [
"https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/entropy/E1_PublicUse.pdf",
"https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38a.pdf",
"https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38d.pdf",
"https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38e.pdf",
"https://docs.netapp.com/",
"https://csrc.nist.gov/publications/fips/fips197/fips-197.pdf",
"https://docs.netapp.com/us-en/cloud-volumes-ontap-relnotes/reference-configs-gcp.html",
"https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.180-4.pdf",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-38F.pdf",
"https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-108.pdf",
"https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-132.pdf",
"https://docs.netapp.com/us-en/cloud-volumes-ontap-relnotes/reference-configs-aws.html",
"https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38c.pdf",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-38b.pdf",
"https://csrc.nist.gov/csrc/media/publications/fips/198/1/final/documents/fips-198-1_final.pdf",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-90Ar1.pdf",
"https://docs.netapp.com/us-en/cloud-volumes-ontap-relnotes/reference-configs-azure.html",
"https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.202.pdf",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-133r2.pdf"
]
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 27
}
},
"state": {
"_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
"module_download_ok": true,
"module_extract_ok": true,
"policy_convert_garbage": false,
"policy_convert_ok": true,
"policy_download_ok": true,
"policy_extract_ok": true,
"policy_pdf_hash": "8e429152daca1588ebca167b441eda6c5d5f993ad8865fa767cff708276f47de",
"policy_txt_hash": "4498242105f13aef6681629d93faa3372df9ea3e7e77f5fe486f7a75d64f21fe"
},
"web_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
"caveat": "Interim validation. When installed, initialized and configured as specified in section 11 of the Security Policy",
"certificate_pdf_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/July 2024_010824_1146.pdf",
"date_sunset": "2026-07-18",
"description": "NetApp CryptoMod is a software cryptographic module whose purpose is to provide encryption/decryption services for NetApp\u2019s ONTAP Operating System (OS) kernel. The CryptoMod module makes use of the AES-NI instruction set in Intel\uf0e2 processors. Since CryptoMod can support non-PAA implementations as well as PAA implementations of the pertinent cryptographic algorithms, CryptoMod is designated as a software-only cryptographic module.",
"embodiment": "Multi-Chip Stand Alone",
"exceptions": [
"Physical security: N/A",
"Mitigation of other attacks: N/A",
"Documentation requirements: N/A",
"Cryptographic module security policy: N/A"
],
"fw_versions": null,
"historical_reason": null,
"hw_versions": null,
"level": 1,
"mentioned_certs": {},
"module_name": "NetApp CryptoMod",
"module_type": "Software",
"revoked_link": null,
"revoked_reason": null,
"standard": "FIPS 140-3",
"status": "active",
"sw_versions": "3.0",
"tested_conf": [
"ONTAP 9.11.1 running on AFF A250 system with an Intel Xeon D-2164IT with PAA",
"ONTAP 9.11.1 running on AFF A250 system with an Intel Xeon D-2164IT without PAA",
"ONTAP 9.11.1 running on AFF A400 system with an Intel Xeon Silver 4210 with PAA",
"ONTAP 9.11.1 running on AFF A400 system with an Intel Xeon Silver 4210 without PAA",
"ONTAP 9.11.1 running on AFF A900system with an Intel Xeon Platinum 8352Y with PAA",
"ONTAP 9.11.1 running on AFF A900system with an Intel Xeon Platinum 8352Y without PAA"
],
"validation_history": [
{
"_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
"date": "2024-07-19",
"lab": "Lightship Security, Inc.",
"validation_type": "Initial"
}
],
"vendor": "NetApp, Inc.",
"vendor_url": "http://www.netapp.com"
}
}