This page was not yet optimized for use on mobile devices.
Amazon Linux 2023 Kernel Cryptographic API
Certificate #4808
Webpage information ?
Security policy ?
Symmetric Algorithms
AES, AES-128, AES-192, AES-256, CAST, HMAC, HMAC-SHA-512, HMAC-SHA-384, HMAC-SHA-224, HMAC-SHA-256, CMACAsymmetric Algorithms
ECDH, ECDSA, Diffie-Hellman, DHHash functions
SHA-1, SHA-256, SHA-512, SHA-224, SHA-384, SHA3-224, SHA3-256, SHA3-384, SHA3-512, SHA-3, PBKDF2Schemes
MAC, Key AgreementProtocols
IKEv2, IPsecRandomness
DRBG, RNG, RBGElliptic Curves
P-256, P-384Block cipher modes
ECB, CBC, CTR, CFB, OFB, GCM, CCM, XTSTrusted Execution Environments
PSP, SSCSecurity level
Level 1Standards
FIPS 140-3, FIPS PUB 140-3, FIPS 197, FIPS 186-4, FIPS 198-1, FIPS 180-4, FIPS 202, FIPS 186-5, SP 800-38A, SP 800-38C, SP 800-38B, SP 800-38D, SP 800-38F, SP 800-38E, SP 800-90A, SP 800-90B, PKCS#1, RFC 4106, RFC 7296, ISO/IEC 24759File metadata
| Title | FIPS 140-3 Non-Proprietary Security Policy |
|---|---|
| Author | Grigori Burlea |
| Creation date | D:20240920085415+00'00' |
| Modification date | D:20240920085415+00'00' |
| Pages | 36 |
| Creator | Microsoft Word |
Heuristics ?
CPE matches
References ?
No references are available for this certificate.
Updates ?
-
14.10.2024 The certificate data changed.
Certificate changed
The web extraction data was updated.
- The certificate_pdf_url property was set to
https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/September 2024_011024_0217.pdf.
- The certificate_pdf_url property was set to
-
01.10.2024 The certificate was first processed.
New certificate
A new FIPS 140 certificate with the product name was processed.
Raw data
{
"_type": "sec_certs.sample.fips.FIPSCertificate",
"cert_id": 4808,
"dgst": "e919459e6234a3df",
"heuristics": {
"_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
"algorithms": {
"_type": "Set",
"elements": [
"AES-KWA4566",
"AES-GMACA4566",
"KAS-FFC-SSC Sp800-56Ar3A4551",
"AES-CBCA4566",
"AES-GCMA4568",
"AES-CFB128A4566",
"SHA3-224A4557",
"SHA-1A4571",
"SHA3-384A4557",
"KAS-ECC-SSC Sp800-56Ar3A4551",
"AES-ECBA4568",
"HMAC-SHA3-256A4557",
"ECDSA KeyGen (FIPS186-4)A4551",
"AES-XTS Testing Revision 2.0A4566",
"HMAC-SHA3-512A4557",
"AES-OFBA4566",
"Counter DRBGA4568",
"AES-CCMA4566",
"HMAC-SHA-1A4571",
"HMAC DRBGA4571",
"SHA3-512A4557",
"RSA SigVer (FIPS186-4)A4571",
"Safe Primes Key GenerationA4551",
"SHA2-256A4571",
"SHA3-256A4557",
"SHA2-512A4571",
"HMAC-SHA2-224A4571",
"Hash DRBGA4571",
"HMAC-SHA3-224A4557",
"SHA2-384A4571",
"AES-CTRA4566",
"AES-CMACA4566",
"HMAC-SHA2-256A4571",
"SHA2-224A4571",
"HMAC-SHA2-384A4571",
"HMAC-SHA2-512A4571",
"HMAC-SHA3-384A4557",
"AES-CBC-CS3A4566"
]
},
"cpe_matches": {
"_type": "Set",
"elements": [
"cpe:2.3:o:amazon:linux_2:-:*:*:*:*:*:*:*"
]
},
"direct_transitive_cves": null,
"extracted_versions": {
"_type": "Set",
"elements": [
"2023"
]
},
"indirect_transitive_cves": null,
"module_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"module_prunned_references": {
"_type": "Set",
"elements": []
},
"policy_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"policy_prunned_references": {
"_type": "Set",
"elements": []
},
"related_cves": null,
"verified_cpe_matches": null
},
"pdf_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
"keywords": {
"asymmetric_crypto": {
"ECC": {
"ECDH": {
"ECDH": 4
},
"ECDSA": {
"ECDSA": 2
}
},
"FF": {
"DH": {
"DH": 23,
"Diffie-Hellman": 11
}
}
},
"certification_process": {},
"cipher_mode": {
"CBC": {
"CBC": 5
},
"CCM": {
"CCM": 4
},
"CFB": {
"CFB": 1
},
"CTR": {
"CTR": 4
},
"ECB": {
"ECB": 2
},
"GCM": {
"GCM": 18
},
"OFB": {
"OFB": 2
},
"XTS": {
"XTS": 9
}
},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {},
"crypto_protocol": {
"IKE": {
"IKEv2": 1
},
"IPsec": {
"IPsec": 7
}
},
"crypto_scheme": {
"KA": {
"Key Agreement": 1
},
"MAC": {
"MAC": 7
}
},
"device_model": {},
"ecc_curve": {
"NIST": {
"P-256": 14,
"P-384": 14
}
},
"eval_facility": {
"atsec": {
"atsec": 38
}
},
"fips_cert_id": {},
"fips_certlike": {
"Certlike": {
"AES-128": 3,
"AES-192": 2,
"AES-256": 2,
"HMAC- SHA-224": 1,
"HMAC- SHA-256": 2,
"HMAC-SHA- 256": 2,
"HMAC-SHA- 384": 4,
"HMAC-SHA- 512": 4,
"HMAC-SHA-1": 8,
"HMAC-SHA-224": 2,
"HMAC-SHA-256": 2,
"HMAC-SHA-384": 4,
"HMAC-SHA-512": 16,
"PKCS#1": 18,
"SHA- 512": 1,
"SHA-1": 10,
"SHA-224": 6,
"SHA-256": 14,
"SHA-3": 2,
"SHA-384": 4,
"SHA-512": 11,
"SHA3-224": 2,
"SHA3-256": 5,
"SHA3-384": 3,
"SHA3-512": 4
}
},
"fips_security_level": {
"Level": {
"Level 1": 2
}
},
"hash_function": {
"PBKDF": {
"PBKDF2": 3
},
"SHA": {
"SHA1": {
"SHA-1": 10
},
"SHA2": {
"SHA-224": 6,
"SHA-256": 14,
"SHA-384": 4,
"SHA-512": 11
},
"SHA3": {
"SHA-3": 2,
"SHA3-224": 4,
"SHA3-256": 5,
"SHA3-384": 3,
"SHA3-512": 4
}
}
},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {
"PRNG": {
"DRBG": 18
},
"RNG": {
"RBG": 2,
"RNG": 2
}
},
"side_channel_analysis": {},
"standard_id": {
"FIPS": {
"FIPS 140-3": 49,
"FIPS 180-4": 2,
"FIPS 186-4": 8,
"FIPS 186-5": 2,
"FIPS 197": 13,
"FIPS 198-1": 7,
"FIPS 202": 2,
"FIPS PUB 140-3": 2
},
"ISO": {
"ISO/IEC 24759": 2
},
"NIST": {
"SP 800-38A": 10,
"SP 800-38B": 2,
"SP 800-38C": 3,
"SP 800-38D": 5,
"SP 800-38E": 3,
"SP 800-38F": 3,
"SP 800-90A": 1,
"SP 800-90B": 1
},
"PKCS": {
"PKCS#1": 9
},
"RFC": {
"RFC 4106": 3,
"RFC 7296": 1
}
},
"symmetric_crypto": {
"AES_competition": {
"AES": {
"AES": 41,
"AES-128": 3,
"AES-192": 2,
"AES-256": 2
},
"CAST": {
"CAST": 3
}
},
"constructions": {
"MAC": {
"CMAC": 3,
"HMAC": 20,
"HMAC-SHA-224": 1,
"HMAC-SHA-256": 1,
"HMAC-SHA-384": 2,
"HMAC-SHA-512": 8
}
}
},
"tee_name": {
"AMD": {
"PSP": 2
},
"IBM": {
"SSC": 1
}
},
"tls_cipher_suite": {},
"vendor": {},
"vulnerability": {}
},
"policy_metadata": {
"/Author": "Grigori Burlea",
"/CreationDate": "D:20240920085415+00\u002700\u0027",
"/Creator": "Microsoft Word",
"/ModDate": "D:20240920085415+00\u002700\u0027",
"/Title": "FIPS 140-3 Non-Proprietary Security Policy",
"pdf_file_size_bytes": 635327,
"pdf_hyperlinks": {
"_type": "Set",
"elements": [
"https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?product=17141",
"https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?product=17152",
"https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?product=17138",
"https://docs.aws.amazon.com/linux/al2023/ug/fips-mode.html",
"https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-4.pdf",
"https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-5.pdf",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-140Br1.pdf",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-90Ar1.pdf",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-133r2.pdf",
"https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?validation=37180",
"https://csrc.nist.gov/publications/nistpubs/800-38a/sp800-38a.pdf",
"https://csrc.nist.gov/publications/nistpubs/800-38D/SP-800-38D.pdf",
"https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?product=17142",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-131Ar2.pdf",
"https://csrc.nist.gov/publications/nistpubs/800-38E/nist-sp-800-38E.pdf",
"https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?product=17140",
"https://csrc.nist.gov/Projects/cryptographic-module-validation-program/fips-140-3-ig-announcements",
"https://datatracker.ietf.org/doc/html/rfc4106",
"https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?product=17149",
"https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?product=17153",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-38F.pdf",
"https://csrc.nist.gov/publications/nistpubs/800-38B/SP_800-38B.pdf",
"https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?validation=37163",
"https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?product=17144",
"https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?product=17135",
"https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.202.pdf",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-108r1.pdf",
"https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?product=17136",
"https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38c.pdf",
"https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38a-add.pdf",
"https://csrc.nist.gov/projects/cryptographic-module-validation-program/entropy-validations/certificate/105",
"https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?product=17148",
"https://www.ietf.org/rfc/rfc3447.txt",
"https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?product=17146",
"https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?product=17155",
"https://csrc.nist.gov/publications/fips/fips197/fips-197.pdf",
"https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.140-3.pdf",
"https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?product=17143",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-90B.pdf",
"https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.180-4.pdf",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-56Ar3.pdf",
"https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?product=17147",
"https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?product=17151",
"https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?validation=37179",
"https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?product=17150",
"http://www.atsec.com/",
"https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/entropy/E105_PublicUse.pdf",
"https://csrc.nist.gov/publications/fips/fips198-1/FIPS-198-1_final.pdf",
"https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?product=17145",
"https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?product=17139"
]
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 36
}
},
"state": {
"_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
"module_download_ok": true,
"module_extract_ok": true,
"policy_convert_garbage": false,
"policy_convert_ok": true,
"policy_download_ok": true,
"policy_extract_ok": true,
"policy_pdf_hash": "a88820fbf273585ffa65f329e0366ba6f6c98f98b84ca56d35a85489337b0270",
"policy_txt_hash": "202ba4e9a9f4657c9156b0b35d9af5870071cfc2b52460c7d0c25248a9f7a431"
},
"web_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
"caveat": "Interim validation. When operated in approved mode. When installed, initialized and configured as specified in Section 11 of the Security Policy.",
"certificate_pdf_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/September 2024_011024_0217.pdf",
"date_sunset": "2026-09-22",
"description": "The Amazon Linux 2023 Kernel Cryptographic API provides cryptographic services to Linux kernel space software components and user space via the AF_ALG interface.",
"embodiment": "Multi-Chip Stand Alone",
"exceptions": [
"Physical security: N/A",
"Non-invasive security: N/A",
"Mitigation of other attacks: N/A",
"Documentation requirements: N/A",
"Cryptographic module security policy: N/A"
],
"fw_versions": null,
"historical_reason": null,
"hw_versions": null,
"level": 1,
"mentioned_certs": {},
"module_name": "Amazon Linux 2023 Kernel Cryptographic API",
"module_type": "Software",
"revoked_link": null,
"revoked_reason": null,
"standard": "FIPS 140-3",
"status": "active",
"sw_versions": "kernel 6.1.41-64.118.amzn2023, 6.1.41-64.118.fips.amzn2023; libkcapi 1.4.0-105.amzn2023",
"tested_conf": [
"Amazon Linux 2023 on EC2 c6i.metal running on Intel Xeon Platinum 8375C with PAA",
"Amazon Linux 2023 on EC2 c6i.metal running on Intel Xeon Platinum 8375C without PAA",
"Amazon Linux 2023 on EC2 c7g.metal running on AWS Graviton3 with PAA",
"Amazon Linux 2023 on EC2 c7g.metal running on AWS Graviton3 without PAA",
"SnowOS 1.0 on AWS Snowball running on AMD EPYC 7702 with PAA",
"SnowOS 1.0 on AWS Snowball running on AMD EPYC 7702 without PAA",
"SnowOS 1.0 on AWS Snowblade running on Intel Xeon Gold 6314U with PAA",
"SnowOS 1.0 on AWS Snowblade running on Intel Xeon Gold 6314U without PAA",
"SnowOS 1.0 on AWS Snowcone running on Intel Atom C3558 with PAA",
"SnowOS 1.0 on AWS Snowcone running on Intel Atom C3558 without PAA"
],
"validation_history": [
{
"_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
"date": "2024-09-23",
"lab": "ATSEC INFORMATION SECURITY CORP",
"validation_type": "Initial"
}
],
"vendor": "Amazon Web Services, Inc.",
"vendor_url": "http://www.amazon.com"
}
}