This page was not yet optimized for use on mobile
devices.
CTERA Crypto Module™ (Java)
Certificate #5016
Webpage information
Security policy
Symmetric Algorithms
AES, AES192, Twofish, Serpent, CAST5, CAST, RC4, RC2, DES, Triple-DES, TDEA, ChaCha20, Poly1305, IDEA, Blowfish, Camellia, SEED, HMAC, HMAC-SHA-256, HMAC-SHA-384, HMAC-SHA-224, KMAC, CMAC, CBC-MACAsymmetric Algorithms
RSA-OAEP, ECDSA, EdDSA, ECC, Diffie-Hellman, DH, DSAPost-quantum Algorithms
HSS, LMSHash functions
SHA-1, SHA-256, SHA-224, SHA-384, SHA-512, SHA-2, SHA3-224, SHA3-256, SHA3-512, SHA3-384, SHA-3, SHAKE128, SHAKE256, MD5, RIPEMD128, RIPEMD160, RIPEMD320, RIPEMD256, RIPEMD, PBKDF, PBKDF2Schemes
MAC, Key Agreement, AEADProtocols
SSH, SSHv2, TLS, TLS 1.2, TLS v1.2, TLS 1.0, TLS 1.1, IKEv2Randomness
PRNG, DRBG, RNG, RBGLibraries
OpenSSL, BouncyCastleElliptic Curves
P-192, P-224, P-256, P-384, P-521, K-163, K-283, K-409, K-571, B-233, B-283, B-409, B-571, B-163, Ed25519, Ed448Block cipher modes
ECB, CBC, CTR, CFB, OFB, GCM, CCMJavaCard API constants
X25519, X448Trusted Execution Environments
SSC, SEVendor
MicrosoftSecurity level
Level 1Side-channel analysis
timing attacks, timing attackStandards
FIPS 140-3, FIPS 140, FIPS 197, FIPS 186-4, FIPS 198-1, FIPS 186-2, FIPS 202, FIPS 180-4, FIPS PUB 140-3, SP 800-38G, SP 800-38A, SP 800-38C, SP 800-38B, SP 800-38D, SP 800-38F, SP 800-108, SP 800-132, SP 800-185, SP 800-90B, SP 800-90A, NIST SP 800-90C, SP 800-89, SP 800-131A, PKCS #1, PKCS1, PKCS#12, PKCS#5, PKCS#1, RFC 8708, RFC 7914, RFC 5246File metadata
| Title | Security Policy |
|---|---|
| Subject | MODULE NAME |
| Author | SafeLogic Inc. |
| Creation date | D:20250116120642-08'00' |
| Modification date | D:20250116120642-08'00' |
| Pages | 73 |
| Creator | Microsoft® Word for Microsoft 365 |
| Producer | Microsoft® Word for Microsoft 365 |
Heuristics
No heuristics are available for this certificate.
References
No references are available for this certificate.
Updates Feed
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate was first processed.
Raw data
{
"_type": "sec_certs.sample.fips.FIPSCertificate",
"cert_id": 5016,
"dgst": "e9cf0653c1f1de47",
"heuristics": {
"_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
"algorithms": {
"_type": "Set",
"elements": [
"KDF IKEv2A4399",
"Safe Primes Key GenerationA4399",
"AES-KWA4399",
"HMAC-SHA3-384A4399",
"RSA Signature PrimitiveA4399",
"SHA3-224A4399",
"SHA2-512A4399",
"AES-CTRA4399",
"AES-CBC-CS2A4399",
"HMAC-SHA2-512/256A4399",
"RSA Decryption PrimitiveA4399",
"HMAC DRBGA4399",
"HMAC-SHA2-224A4399",
"AES-CFB128A4399",
"ECDSA SigVer (FIPS186-4)A4399",
"KDF SNMPA4399",
"RSA KeyGen (FIPS186-4)A4399",
"AES-CCMA4399",
"DSA SigVer (FIPS186-4)A4399",
"ECDSA SigGen (FIPS186-4)A4399",
"SHA-1A4399",
"ECDSA KeyGen (FIPS186-4)A4399",
"HMAC-SHA3-256A4399",
"AES-CMACA4399",
"SHA3-256A4399",
"KDF ANS 9.63A4399",
"DSA SigGen (FIPS186-4)A4399",
"AES-ECBA4399",
"SHA2-256A4399",
"HMAC-SHA2-384A4399",
"AES-CBCA4399",
"HMAC-SHA2-512A4399",
"KDA HKDF SP800-56Cr2A4399",
"KDF SSHA4399",
"KTS-IFCA4399",
"PBKDFA4399",
"KDF SRTPA4399",
"KAS-ECC Sp800-56Ar3A4399",
"KDF TLSA4399",
"SHA3-384A4399",
"ECDSA KeyVer (FIPS186-4)A4399",
"AES-OFBA4399",
"AES-KWPA4399",
"HMAC-SHA2-512/224A4399",
"SHA3-512A4399",
"HMAC-SHA-1A4399",
"KMAC-256A4399",
"Counter DRBGA4399",
"SHA2-512/256A4399",
"SHAKE-256A4399",
"RSA SigVer (FIPS186-4)A4399",
"SHA2-512/224A4399",
"Hash DRBGA4399",
"TupleHash-128A4399",
"KDA OneStep SP800-56Cr2A4399",
"AES-GMACA4399",
"AES-FF1A4399",
"KAS-IFCA4399",
"DSA KeyGen (FIPS186-4)A4399",
"Safe Primes Key VerificationA4399",
"HMAC-SHA3-512A4399",
"RSA SigVer (FIPS186-2)A4399",
"AES-CBC-CS3A4399",
"DSA PQGVer (FIPS186-4)A4399",
"SHAKE-128A4399",
"KDF SP800-108A4399",
"AES-GCMA4399",
"cSHAKE-128A4399",
"KAS-FFC Sp800-56Ar3A4399",
"KDA TwoStep SP800-56Cr2A4399",
"KMAC-128A4399",
"SHA2-384A4399",
"ParallelHash-128A4399",
"cSHAKE-256A4399",
"HMAC-SHA3-224A4399",
"AES-CBC-CS1A4399",
"AES-CFB8A4399",
"ParallelHash-256A4399",
"HMAC-SHA2-256A4399",
"SHA2-224A4399",
"DSA PQGGen (FIPS186-4)A4399",
"RSA SigGen (FIPS186-4)A4399",
"TupleHash-256A4399"
]
},
"cpe_matches": null,
"direct_transitive_cves": null,
"extracted_versions": {
"_type": "Set",
"elements": [
"-"
]
},
"indirect_transitive_cves": null,
"module_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"module_prunned_references": {
"_type": "Set",
"elements": []
},
"policy_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"policy_prunned_references": {
"_type": "Set",
"elements": []
},
"related_cves": null,
"verified_cpe_matches": null
},
"pdf_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
"keywords": {
"asymmetric_crypto": {
"ECC": {
"ECC": {
"ECC": 1
},
"ECDSA": {
"ECDSA": 16
},
"EdDSA": {
"EdDSA": 2
}
},
"FF": {
"DH": {
"DH": 15,
"Diffie-Hellman": 6
},
"DSA": {
"DSA": 27
}
},
"RSA": {
"RSA-OAEP": 1
}
},
"certification_process": {},
"cipher_mode": {
"CBC": {
"CBC": 8
},
"CCM": {
"CCM": 9
},
"CFB": {
"CFB": 1
},
"CTR": {
"CTR": 11
},
"ECB": {
"ECB": 8
},
"GCM": {
"GCM": 24
},
"OFB": {
"OFB": 6
}
},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {
"BouncyCastle": {
"BouncyCastle": 1
},
"OpenSSL": {
"OpenSSL": 2
}
},
"crypto_protocol": {
"IKE": {
"IKEv2": 11
},
"SSH": {
"SSH": 10,
"SSHv2": 1
},
"TLS": {
"TLS": {
"TLS": 22,
"TLS 1.0": 2,
"TLS 1.1": 2,
"TLS 1.2": 6,
"TLS v1.2": 2
}
}
},
"crypto_scheme": {
"AEAD": {
"AEAD": 1
},
"KA": {
"Key Agreement": 8
},
"MAC": {
"MAC": 8
}
},
"device_model": {},
"ecc_curve": {
"Edwards": {
"Ed25519": 2,
"Ed448": 2
},
"NIST": {
"B-163": 1,
"B-233": 2,
"B-283": 2,
"B-409": 2,
"B-571": 1,
"K-163": 2,
"K-283": 2,
"K-409": 2,
"K-571": 2,
"P-192": 4,
"P-224": 4,
"P-256": 10,
"P-384": 4,
"P-521": 4
}
},
"eval_facility": {},
"fips_cert_id": {
"Cert": {
"#1": 4
}
},
"fips_certlike": {
"Certlike": {
"AES (128": 1,
"AES 128": 1,
"AES 192": 1,
"AES 256": 1,
"AES CTR 256": 1,
"AES GCM Decrypt KAT (128": 1,
"AES GCM Encrypt KAT (128": 1,
"AES192": 1,
"AES2": 1,
"DRBG 20": 1,
"DRBG19": 19,
"DSA3": 1,
"HMAC 9": 2,
"HMAC SHA-224": 1,
"HMAC- SHA-2": 1,
"HMAC- SHA-224": 1,
"HMAC- SHA-256": 1,
"HMAC- SHA-512": 1,
"HMAC-SHA- 1": 2,
"HMAC-SHA- 256": 2,
"HMAC-SHA- 3": 2,
"HMAC-SHA- 512": 4,
"HMAC-SHA-1": 6,
"HMAC-SHA-224": 2,
"HMAC-SHA-256": 12,
"HMAC-SHA-384": 6,
"HMAC-SHA-512/224": 6,
"HMAC-SHA-512/256": 6,
"PKCS #1": 8,
"PKCS#1": 6,
"PKCS#12": 6,
"PKCS#5": 6,
"PKCS1": 8,
"SHA- 1": 1,
"SHA- 256": 1,
"SHA- 3": 1,
"SHA- 384": 1,
"SHA-1": 9,
"SHA-2": 1,
"SHA-224": 10,
"SHA-256": 9,
"SHA-3": 7,
"SHA-384": 7,
"SHA-512": 7,
"SHA2- 256": 1,
"SHA2- 384": 2,
"SHA2-224": 2,
"SHA2-256": 4,
"SHA2-384": 1,
"SHA2-512": 6,
"SHA3- 224": 1,
"SHA3- 384": 2,
"SHA3-224": 6,
"SHA3-256": 4,
"SHA3-384": 2,
"SHA3-512": 4
}
},
"fips_security_level": {
"Level": {
"Level 1": 4
}
},
"hash_function": {
"MD": {
"MD5": {
"MD5": 6
}
},
"PBKDF": {
"PBKDF": 21,
"PBKDF2": 1
},
"RIPEMD": {
"RIPEMD": 1,
"RIPEMD128": 2,
"RIPEMD160": 2,
"RIPEMD256": 1,
"RIPEMD320": 2
},
"SHA": {
"SHA1": {
"SHA-1": 9
},
"SHA2": {
"SHA-2": 1,
"SHA-224": 10,
"SHA-256": 9,
"SHA-384": 7,
"SHA-512": 7
},
"SHA3": {
"SHA-3": 7,
"SHA3-224": 6,
"SHA3-256": 4,
"SHA3-384": 2,
"SHA3-512": 4
}
},
"SHAKE": {
"SHAKE128": 1,
"SHAKE256": 2
}
},
"ic_data_group": {},
"javacard_api_const": {
"curves": {
"X25519": 2,
"X448": 2
}
},
"javacard_packages": {
"java": {
"java.runtime.name": 1,
"java.security": 2
},
"org": {
"org.bouncycastle.crypto": 2,
"org.bouncycastle.entropy": 1,
"org.bouncycastle.entropy.factors": 1,
"org.bouncycastle.fips": 2,
"org.bouncycastle.jcajce.provider": 1,
"org.bouncycastle.util": 1
}
},
"javacard_version": {},
"os_name": {},
"pq_crypto": {
"LMS": {
"HSS": 1,
"LMS": 1
}
},
"randomness": {
"PRNG": {
"DRBG": 63,
"PRNG": 2
},
"RNG": {
"RBG": 2,
"RNG": 2
}
},
"side_channel_analysis": {
"SCA": {
"timing attack": 1,
"timing attacks": 1
}
},
"standard_id": {
"FIPS": {
"FIPS 140": 7,
"FIPS 140-3": 17,
"FIPS 180-4": 2,
"FIPS 186-2": 2,
"FIPS 186-4": 8,
"FIPS 197": 2,
"FIPS 198-1": 2,
"FIPS 202": 2,
"FIPS PUB 140-3": 1
},
"NIST": {
"NIST SP 800-90C": 1,
"SP 800-108": 1,
"SP 800-131A": 1,
"SP 800-132": 5,
"SP 800-185": 2,
"SP 800-38A": 3,
"SP 800-38B": 2,
"SP 800-38C": 2,
"SP 800-38D": 3,
"SP 800-38F": 2,
"SP 800-38G": 4,
"SP 800-89": 1,
"SP 800-90A": 2,
"SP 800-90B": 3
},
"PKCS": {
"PKCS #1": 4,
"PKCS#1": 3,
"PKCS#12": 3,
"PKCS#5": 3,
"PKCS1": 4
},
"RFC": {
"RFC 5246": 1,
"RFC 7914": 1,
"RFC 8708": 2
}
},
"symmetric_crypto": {
"AES_competition": {
"AES": {
"AES": 117,
"AES192": 1
},
"CAST": {
"CAST": 2,
"CAST5": 1
},
"RC": {
"RC2": 1,
"RC4": 1
},
"Serpent": {
"Serpent": 1
},
"Twofish": {
"Twofish": 1
}
},
"DES": {
"3DES": {
"TDEA": 2,
"Triple-DES": 7
},
"DES": {
"DES": 2
}
},
"constructions": {
"MAC": {
"CBC-MAC": 1,
"CMAC": 10,
"HMAC": 34,
"HMAC-SHA-224": 1,
"HMAC-SHA-256": 6,
"HMAC-SHA-384": 3,
"KMAC": 14
}
},
"djb": {
"ChaCha": {
"ChaCha20": 2
},
"Poly": {
"Poly1305": 2
}
},
"miscellaneous": {
"Blowfish": {
"Blowfish": 1
},
"Camellia": {
"Camellia": 1
},
"IDEA": {
"IDEA": 1
},
"SEED": {
"SEED": 1
}
}
},
"tee_name": {
"IBM": {
"SE": 79,
"SSC": 1
}
},
"tls_cipher_suite": {},
"vendor": {
"Microsoft": {
"Microsoft": 12
}
},
"vulnerability": {}
},
"policy_metadata": {
"/Author": "SafeLogic Inc.",
"/CreationDate": "D:20250116120642-08\u002700\u0027",
"/Creator": "Microsoft\u00ae Word for Microsoft 365",
"/ModDate": "D:20250116120642-08\u002700\u0027",
"/Producer": "Microsoft\u00ae Word for Microsoft 365",
"/Subject": "MODULE NAME",
"/Title": "Security Policy",
"pdf_file_size_bytes": 1105462,
"pdf_hyperlinks": {
"_type": "Set",
"elements": [
"https://www.ctera.com/",
"https://csrc.nist.gov/projects/cryptographic-module-validation-program",
"https://nvd.nist.gov/",
"mailto:[email protected]",
"http://www.safelogic.com/"
]
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 73
}
},
"state": {
"_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
"module_download_ok": true,
"module_extract_ok": true,
"policy_convert_ok": true,
"policy_download_ok": true,
"policy_extract_ok": true,
"policy_json_hash": null,
"policy_pdf_hash": "b6d39ac4887c525da96a4efcbd83f193a2370639c9fe01f43290e60764041c85",
"policy_txt_hash": "5955e5106834136a6d885972d6a6453961b926dd4d56cd076f7ba836740e57b3"
},
"web_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
"caveat": "When operated in approved mode. No assurance of the minimum strength of generated SSPs (e.g., keys).",
"certificate_pdf_url": null,
"date_sunset": "2029-07-28",
"description": "CTERA Crypto Module\u2122 (Java) is a secure cryptographic engine used by the CTERA Enterprise File Services Platform. CTERA enables enterprises, defense and government agencies to gain control of their file data globally for optimal edge performance, data insight, and governance.",
"embodiment": "Multi-Chip Stand Alone",
"exceptions": [
"Physical security: N/A",
"Non-invasive security: N/A"
],
"fw_versions": null,
"historical_reason": null,
"hw_versions": null,
"level": 1,
"mentioned_certs": {},
"module_name": "CTERA Crypto Module\u2122 (Java)",
"module_type": "Software",
"revoked_link": null,
"revoked_reason": null,
"standard": "FIPS 140-3",
"status": "active",
"sw_versions": "2.0.0",
"tested_conf": [
"VMware Photon OS 4.0 with Java SE Runtime Environment v8 on VMware ESXi 8.0 running on Dell PowerEdge R650 with Intel Xeon Gold 6330, VMware Photon OS 4.0 with Java SE Runtime Environment v11 on VMware ESXi 8.0 running on Dell PowerEdge R650 with Intel Xeon Gold 6330, VMware Photon OS 4.0 with Java SE Runtime Environment v17 on VMware ESXi 8.0 running on Dell PowerEdge R650 with Intel Xeon Gold 6330, VMware Photon OS 5.0 with Java SE Runtime Environment v21 on VMware ESXi 8.0 running on Dell PowerEdge R650 with Intel Xeon Gold 6330"
],
"validation_history": [
{
"_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
"date": "2025-05-13",
"lab": "Leidos Accredited Testing \u0026 Evaluation (AT\u0026E) Lab",
"validation_type": "Initial"
}
],
"vendor": "CTERA Networks Ltd.",
"vendor_url": "https://www.ctera.com"
}
}