Microsoft Azure Linux Kernel Crypto API

Certificate #4277

Webpage information ?

Status active
Validation dates 15.08.2022 , 01.03.2024
Sunset date 21-09-2026
Standard FIPS 140-2
Security level 1
Type Software
Embodiment Multi-Chip Stand Alone
Caveat When operated in FIPS mode
Exceptions
  • Physical Security: N/A
  • Mitigation of Other Attacks: N/A
Description The Microsoft Azure Linux Kernel Crypto API Cryptographic Module is a general-purpose, software-based cryptographic module. The module provides general purpose cryptographic services that leverage FIPS 140-2-approved cryptographic algorithms. The module runs as part of the operating system kernel, provides cryptographic services to kernel applications through a C language Application Program Interface (API), and provides cryptographic services to user applications through an AF_ALG socket interface. The module is implemented as a set of shared libraries and binary files.
Tested configurations
  • Microsoft Azure Linux 1.0 on Azure Host Hypervisor running on an Azure Compute C2030 Server with an Intel Xeon Platinum 8272CL with PAA
  • Microsoft Azure Linux 1.0 on Azure Host Hypervisor running on an Azure Compute C2030 Server with an Intel Xeon Platinum 8272CL without PAA
  • Microsoft Azure Linux 1.0 running on an Azure Compute C2030 Server with an Intel Xeon Platinum 8272CL with PAA
  • Microsoft Azure Linux 1.0 running on an Azure Compute C2030 Server with an Intel Xeon Platinum 8272CL without PAA
  • Microsoft Azure Linux 2.0 on Azure Host Hypervisor running on an Azure Compute C2030 Server with an Intel Xeon Platinum 8272CL with PAA
  • Microsoft Azure Linux 2.0 on Azure Host Hypervisor running on an Azure Compute C2030 Server with an Intel Xeon Platinum 8272CL without PAA
  • Microsoft Azure Linux 2.0 running on an Azure Compute C2030 Server with an Intel Xeon Platinum 8272CL with PAA
  • Microsoft Azure Linux 2.0 running on an Azure Compute C2030 Server with an Intel Xeon Platinum 8272CL without PAA
Vendor Microsoft Corporation
References

This certificate's webpage directly references 0 certificates, transitively this expands into 0 certificates.

Security policy ?

Symmetric Algorithms
AES, AES-128, AES-192, AES-256, DES, Triple-DES, HMAC, HMAC-SHA-512, CMAC
Asymmetric Algorithms
ECDH, ECDSA
Hash functions
SHA-1, SHA1, SHA-256, SHA-384, SHA-512, SHA-224, SHA3-224, SHA3-256, SHA3-512, SHA3-384
Schemes
Key Agreement
Protocols
TLS, IPsec
Randomness
DRBG, RNG
Elliptic Curves
P-192, P-256
Block cipher modes
ECB, CBC, CTR, CFB, GCM, CCM, XTS

Vendor
Microsoft Corporation, Microsoft

Standards
FIPS 140, FIPS 140-2, FIPS 197, FIPS 180-4, FIPS 202, FIPS 198-1, FIPS 186-4, NIST SP 800-38B, SP 800-38C, NIST SP 800-38D, NIST SP 800-38E, NIST SP 800-38F, NIST SP 800-67, NIST SP 800-56A, NIST SP 800-90A, NIST SP 800-131A, NIST SP 800-90B, SP 800-90A, SP 800-90B, SP 800-38F, SP 800-57, SP 800-132, NIST SP 800-52, PKCS#1, RFC3686

File metadata

Creation date D:20231004134043-04'00'
Modification date D:20231004134043-04'00'
Pages 30

Heuristics ?

No heuristics are available for this certificate.

References ?

No references are available for this certificate.

Updates ?

  • 11.03.2024 The certificate data changed.
    Certificate changed

    The web extraction data was updated.

    • The module_name property was set to Microsoft Azure Linux Kernel Crypto API.
    • The validation_history property was updated, with the [[1, {'_type': 'sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry', 'date': '2024-03-01', 'validation_type': 'Update', 'lab': 'LEIDOS CSTL'}]] values inserted.
    • The description property was set to The Microsoft Azure Linux Kernel Crypto API Cryptographic Module is a general-purpose, software-based cryptographic module. The module provides general purpose cryptographic services that leverage FIPS 140-2-approved cryptographic algorithms. The module runs as part of the operating system kernel, provides cryptographic services to kernel applications through a C language Application Program Interface (API), and provides cryptographic services to user applications through an AF_ALG socket interface. The module is implemented as a set of shared libraries and binary files..
    • The tested_conf property was set to ['Microsoft Azure Linux 1.0 on Azure Host Hypervisor running on an Azure Compute C2030 Server with an Intel Xeon Platinum 8272CL with PAA', 'Microsoft Azure Linux 1.0 on Azure Host Hypervisor running on an Azure Compute C2030 Server with an Intel Xeon Platinum 8272CL without PAA', 'Microsoft Azure Linux 1.0 running on an Azure Compute C2030 Server with an Intel Xeon Platinum 8272CL with PAA', 'Microsoft Azure Linux 1.0 running on an Azure Compute C2030 Server with an Intel Xeon Platinum 8272CL without PAA', 'Microsoft Azure Linux 2.0 on Azure Host Hypervisor running on an Azure Compute C2030 Server with an Intel Xeon Platinum 8272CL with PAA', 'Microsoft Azure Linux 2.0 on Azure Host Hypervisor running on an Azure Compute C2030 Server with an Intel Xeon Platinum 8272CL without PAA', 'Microsoft Azure Linux 2.0 running on an Azure Compute C2030 Server with an Intel Xeon Platinum 8272CL with PAA', 'Microsoft Azure Linux 2.0 running on an Azure Compute C2030 Server with an Intel Xeon Platinum 8272CL without PAA'].
    • The sw_versions property was set to 1.0 and 2.0.

    The PDF extraction data was updated.

    • The keywords property was updated, with the {'fips_certlike': {'__update__': {'Certlike': {'__update__': {'SHA-1': 13, 'SHA2-256': 5, 'SHA3-256': 3}, '__delete__': ['SHA2- 256']}}}, 'vendor': {'__update__': {'Microsoft': {'__update__': {'Microsoft Corporation': 32, 'Microsoft': 10}}}}, 'symmetric_crypto': {'__update__': {'AES_competition': {'__update__': {'AES': {'__update__': {'AES': 31}}}}, 'DES': {'__update__': {'DES': {'__update__': {'DES': 4}}, '3DES': {'__update__': {'Triple-DES': 12}}}}, 'constructions': {'__update__': {'MAC': {'__update__': {'HMAC': 60, 'CMAC': 8}}}}}}, 'asymmetric_crypto': {'__update__': {'ECC': {'__update__': {'ECDSA': {'__update__': {'ECDSA': 4}}}}}}, 'hash_function': {'__update__': {'SHA': {'__update__': {'SHA1': {'__update__': {'SHA-1': 13}}, 'SHA3': {'__update__': {'SHA3-256': 3}}}}}}, 'cipher_mode': {'__update__': {'ECB': {'__update__': {'ECB': 10}}, 'CFB': {'__update__': {'CFB': 2}}, 'GCM': {'__update__': {'GCM': 10}}}}, 'ecc_curve': {'__update__': {'NIST': {'__update__': {'P-192': 8, 'P-256': 8}}}}, 'standard_id': {'__update__': {'NIST': {'__update__': {'NIST SP 800-131A': 2}}}}} data.
    • The policy_metadata property was updated, with the {'pdf_file_size_bytes': 658356, 'pdf_number_of_pages': 30, '/CreationDate': "D:20231004134043-04'00'", '/ModDate': "D:20231004134043-04'00'", 'pdf_hyperlinks': {'_type': 'Set', 'elements': ['https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-4.pdf', 'https://www.kernel.org/doc/html/latest/crypto/index.html', 'http://webstore.ansi.org/FindStandards.aspx?%20Action=displaydept&DeptID=80&Acro=X9&DpName=X9,%20Inc%20', 'https://csrc.nist.gov/publications/detail/sp/800-52/rev-2/final', 'https://csrc.nist.gov/publications/detail/sp/800-131a/rev-2/final', 'https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38e.pdf', 'https://csrc.nist.gov/publications/detail/sp/800-132/final', 'https://csrc.nist.gov/publications/detail/sp/800-90a/rev-1/final', 'https://csrc.nist.gov/publications/detail/sp/800-38f/final', 'https://csrc.nist.gov/projects/cryptographic-module-validationprogram/standards', 'https://docs.microsoft.com/en-us/windows/security/threat-protection/fips-140-validation', 'http://creativecommons.org/licenses/by-nd-nc/1.0/']}} data.

    The computed heuristics were updated.

    • The algorithms property was updated, with the {'_type': 'Set', 'elements': ['SHS#A3494', 'DRBG#A3494', 'RSA#A3494', 'AES#A3494', 'Triple-DES#A3494', 'KAS-SSC#A3494', 'HMAC#A3494', 'SHA-3#A3494', 'CVL#A3494', 'KTS#A3494']} values added.
    • The extracted_versions property was set to {'_type': 'Set', 'elements': ['-']}.

    The state was updated.

    • The policy_pdf_hash property was set to df81e68210c8044264b67f076f10b6d1f97cf7944d1d57d6279a1f95ce095e2f.
    • The policy_txt_hash property was set to 37ece4e7ec6b0be74187af96eedfc4c427ed7830e299b5bd9f80c1c71a66500f.
  • 09.02.2023 The certificate data changed.
    Certificate changed

    The cert_id was updated.

    • The new value is 4277.

    The web extraction data was updated.

    • The following values were inserted: {'validation_history': [{'_type': 'sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry', 'date': '2022-08-15', 'validation_type': 'Initial', 'lab': 'LEIDOS CSTL'}], 'vendor_url': 'http://www.microsoft.com', 'certificate_pdf_url': 'https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/August 2022_010922_0715_signed.pdf', 'hw_versions': None, 'fw_versions': None}.
    • The standard property was set to FIPS 140-2.
    • The status property was set to active.
    • The level property was set to 1.
    • The embodiment property was set to Multi-Chip Stand Alone.
    • The following properties were deleted: ['date_validation', 'algorithms', 'vendor_www', 'lab', 'lab_nvlap', 'security_policy_www', 'certificate_www', 'hw_version', 'fw_version', 'product_url'].

    The PDF extraction data was updated.

    • The following values were inserted: {'policy_metadata': {'pdf_file_size_bytes': 1847594, 'pdf_is_encrypted': False, 'pdf_number_of_pages': 27, '/CreationDate': "D:20220531091009-04'00'", '/ModDate': "D:20220808105433-04'00'", '/Producer': 'Microsoft: Print To PDF', 'pdf_hyperlinks': {'_type': 'Set', 'elements': []}}}.
    • The following properties were deleted: ['cert_id', 'algorithms', 'clean_cert_ids', 'st_metadata'].

    The computed heuristics were updated.

    • The following values were inserted: {'policy_prunned_references': {'_type': 'Set', 'elements': []}, 'module_prunned_references': {'_type': 'Set', 'elements': []}, 'policy_processed_references': {'_type': 'sec_certs.sample.certificate.References', 'directly_referenced_by': None, 'indirectly_referenced_by': None, 'directly_referencing': None, 'indirectly_referencing': None}, 'module_processed_references': {'_type': 'sec_certs.sample.certificate.References', 'directly_referenced_by': None, 'indirectly_referenced_by': None, 'directly_referencing': None, 'indirectly_referencing': None}, 'direct_transitive_cves': None, 'indirect_transitive_cves': None}.
    • The algorithms property was set to {'_type': 'Set', 'elements': ['AES#A1755', 'RSA#A1755', 'Triple-DES#A1755', 'HMAC#A1755', 'KTS#A1755', 'SHA-3#A1755', 'KAS-SSC#A1755', 'DRBG#A1755', 'SHS#A1755', 'CVL#A1755']}.
    • The following properties were deleted: ['keywords', 'unmatched_algs', 'clean_cert_ids', 'st_references', 'web_references'].

    The state was updated.

    • The following values were inserted: {'module_download_ok': True, 'policy_download_ok': True, 'policy_convert_garbage': False, 'policy_convert_ok': True, 'module_extract_ok': True, 'policy_extract_ok': True, 'policy_pdf_hash': '2b8fabfb19b695a1bfc5777f3961157fe00889c527842630b2090a96140d1bf5', 'policy_txt_hash': 'aab647e3a789b357ece8ddd963ad59cefa0a093fe6576f0769bb1ac178f3fed3'}.
    • The following properties were deleted: ['sp_path', 'html_path', 'tables_done', 'file_status', 'txt_state'].
  • 05.11.2022 The certificate data changed.
    Certificate changed

    The web extraction data was updated.

    • The algorithms property was set to {'_type': 'Set', 'elements': []}.

    The computed heuristics were updated.

    • The algorithms property was updated, with the {'_type': 'Set', 'elements': [{'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '#A1755', 'algorithm_type': 'SHA-3', 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '#A1755', 'algorithm_type': 'RSA', 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '#A1755', 'algorithm_type': 'CVL', 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '#A1755', 'algorithm_type': 'HMAC', 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '#A1755', 'algorithm_type': 'DRBG', 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '#A1755', 'algorithm_type': 'KAS-SSC', 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '#A1755', 'algorithm_type': 'Triple-DES', 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '#A1755', 'algorithm_type': 'KTS', 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '#A1755', 'algorithm_type': 'SHS', 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '#A1755', 'algorithm_type': 'AES', 'vendor': None, 'implementation': None, 'date': None}]} values discarded.
  • 25.10.2022 The certificate data changed.
    Certificate changed

    The PDF extraction data was updated.

    • The keywords property was updated, with the {'fips_cert_id': {}, 'fips_certlike': {'__update__': {'Certlike': {'__insert__': {'AES CMAC 192': 1}, '__update__': {'SHA-1': 11, 'SHA2-256': 3, 'SHA2-384': 4, 'SHA3-224': 4, 'SHA3-256': 4, 'SHA3-512': 4, 'SHA2- 512': 1, 'SHA3-384': 2, 'SHA-512': 12}, '__delete__': ['HMAC-SHA2', 'HMAC-SHA3', 'HMAC- SHA3', 'HMAC SHA3', 'RSA 2048', 'AES CMAC 192 and 256', 'DES, 168']}}}, 'eval_facility': {}, 'symmetric_crypto': {'__update__': {'AES_competition': {'__update__': {'AES': {'__update__': {'AES': 22}, '__delete__': ['AES-']}}}, 'DES': {'__update__': {'DES': {'__update__': {'DES': 2}}, '3DES': {'__update__': {'Triple-DES': 10}}}}, 'constructions': {'__update__': {'MAC': {'__update__': {'HMAC': 50}}}}}}, 'asymmetric_crypto': {'__update__': {'ECC': {'__delete__': ['ECC']}}, '__delete__': ['RSA', 'FF']}, 'hash_function': {'__update__': {'SHA': {'__update__': {'SHA1': {'__update__': {'SHA-1': 11}}, 'SHA2': {'__update__': {'SHA-512': 12}, '__delete__': ['SHA2', 'SHA-2']}, 'SHA3': {'__update__': {'SHA3-224': 4, 'SHA3-256': 4, 'SHA3-512': 4, 'SHA3-384': 2}, '__delete__': ['SHA3', 'SHA-3']}}}}}, 'crypto_scheme': {'__update__': {'KA': {'__delete__': ['KA']}}, '__delete__': ['MAC']}, 'randomness': {'__update__': {'PRNG': {'__update__': {'DRBG': 36}}, 'RNG': {'__update__': {'RNG': 3}, '__delete__': ['RBG']}}}, 'cipher_mode': {'__update__': {'ECB': {'__update__': {'ECB': 9}}, 'CBC': {'__update__': {'CBC': 7}}, 'CTR': {'__update__': {'CTR': 10}}, 'CFB': {'__update__': {'CFB': 1}}, 'GCM': {'__update__': {'GCM': 9}}, 'XTS': {'__update__': {'XTS': 6}}}}, 'ecc_curve': {'__update__': {'NIST': {'__update__': {'P-256': 6}}}}, 'tee_name': {}, 'standard_id': {'__update__': {'FIPS': {'__update__': {'FIPS 140-2': 9}}, 'NIST': {'NIST SP 800-38B': 2, 'SP 800-38C': 2, 'NIST SP 800-38D': 1, 'NIST SP 800-38E': 2, 'NIST SP 800-38F': 4, 'NIST SP 800-67': 1, 'NIST SP 800-56A': 2, 'NIST SP 800-90A': 4, 'NIST SP 800-90B': 1, 'SP 800-90A': 3, 'SP 800-90B': 3, 'SP 800-38F': 2, 'SP 800-57': 1, 'SP 800-132': 1, 'NIST SP 800-52': 1, 'NIST SP 800-131A': 1}, 'RFC': {'RFC3686': 3}}}} data.
    • The algorithms property was set to {'_type': 'Set', 'elements': [{'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '224', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '#1', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 128', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 192', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '5', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '192', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 800', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 4096', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 384', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '512', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '\n 800', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 2048', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 256', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': 'A3', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 256', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '1', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 168', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 0', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 128', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '384', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 224', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 3', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '90', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': 'a512', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 64', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 2', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 1', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '256', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 3072', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 112', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 512', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': 'c 168', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 2048', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}]}.

    The computed heuristics were updated.

    • The algorithms property was updated, with the {'_type': 'Set', 'elements': [{'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '224', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '#1', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 128', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 192', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '5', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '192', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 800', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 4096', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 384', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '512', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '\n 800', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 2048', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 256', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': 'A3', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 256', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '1', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 168', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 0', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 128', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '384', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 224', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 3', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '90', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': 'a512', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 64', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 2', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 1', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '256', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 3072', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 112', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 512', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': 'c 168', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 2048', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}]} values added.

    The state was updated.

    • The tables_done property was set to True.
  • 17.09.2022 The certificate data changed.
    Certificate changed

    The web extraction data was updated.

    • The certificate_www property was set to https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/August 2022_010922_0715_signed.pdf.
  • 03.09.2022 The certificate was first processed.
    New certificate

    A new FIPS 140 certificate with the product name was processed.

Raw data

{
  "_type": "sec_certs.sample.fips.FIPSCertificate",
  "cert_id": 4277,
  "dgst": "a62699c162816b54",
  "heuristics": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
    "algorithms": {
      "_type": "Set",
      "elements": [
        "SHS#A1755",
        "Triple-DES#A1755",
        "SHS#A3494",
        "CVL#A1755",
        "CVL#A3494",
        "AES#A1755",
        "HMAC#A1755",
        "DRBG#A3494",
        "RSA#A3494",
        "KTS#A1755",
        "HMAC#A3494",
        "Triple-DES#A3494",
        "KAS-SSC#A3494",
        "KTS#A3494",
        "AES#A3494",
        "KAS-SSC#A1755",
        "RSA#A1755",
        "DRBG#A1755",
        "SHA-3#A1755",
        "SHA-3#A3494"
      ]
    },
    "cpe_matches": null,
    "direct_transitive_cves": null,
    "extracted_versions": {
      "_type": "Set",
      "elements": [
        "-"
      ]
    },
    "indirect_transitive_cves": null,
    "module_processed_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": null,
      "indirectly_referenced_by": null,
      "indirectly_referencing": null
    },
    "module_prunned_references": {
      "_type": "Set",
      "elements": []
    },
    "policy_processed_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": null,
      "indirectly_referenced_by": null,
      "indirectly_referencing": null
    },
    "policy_prunned_references": {
      "_type": "Set",
      "elements": []
    },
    "related_cves": null,
    "verified_cpe_matches": null
  },
  "pdf_data": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
    "keywords": {
      "asymmetric_crypto": {
        "ECC": {
          "ECDH": {
            "ECDH": 1
          },
          "ECDSA": {
            "ECDSA": 4
          }
        }
      },
      "certification_process": {},
      "cipher_mode": {
        "CBC": {
          "CBC": 7
        },
        "CCM": {
          "CCM": 5
        },
        "CFB": {
          "CFB": 2
        },
        "CTR": {
          "CTR": 10
        },
        "ECB": {
          "ECB": 10
        },
        "GCM": {
          "GCM": 10
        },
        "XTS": {
          "XTS": 6
        }
      },
      "cplc_data": {},
      "crypto_engine": {},
      "crypto_library": {},
      "crypto_protocol": {
        "IPsec": {
          "IPsec": 2
        },
        "TLS": {
          "TLS": {
            "TLS": 1
          }
        }
      },
      "crypto_scheme": {
        "KA": {
          "Key Agreement": 2
        }
      },
      "device_model": {},
      "ecc_curve": {
        "NIST": {
          "P-192": 8,
          "P-256": 8
        }
      },
      "eval_facility": {},
      "fips_cert_id": {},
      "fips_certlike": {
        "Certlike": {
          "AES CMAC 192": 1,
          "AES-128": 5,
          "AES-192": 3,
          "AES-256": 6,
          "HMAC SHA- 224": 1,
          "HMAC SHA- 256": 1,
          "HMAC SHA- 384": 1,
          "HMAC SHA- 512": 1,
          "HMAC SHA-1": 4,
          "HMAC SHA-224": 1,
          "HMAC SHA-256": 3,
          "HMAC SHA-384": 3,
          "HMAC SHA-512": 6,
          "HMAC-SHA-1": 2,
          "HMAC-SHA-512": 2,
          "PKCS#1": 4,
          "RSA PKCS#1": 2,
          "SHA- 224": 1,
          "SHA- 256": 2,
          "SHA- 384": 1,
          "SHA- 512": 1,
          "SHA- 512 2048": 1,
          "SHA-1": 13,
          "SHA-224": 1,
          "SHA-256": 9,
          "SHA-384": 9,
          "SHA-512": 12,
          "SHA1": 2,
          "SHA2- 512": 1,
          "SHA2-256": 5,
          "SHA2-384": 4,
          "SHA2-512": 3,
          "SHA3- 256": 1,
          "SHA3- 384": 2,
          "SHA3-224": 4,
          "SHA3-256": 3,
          "SHA3-384": 2,
          "SHA3-512": 4
        }
      },
      "fips_security_level": {},
      "hash_function": {
        "SHA": {
          "SHA1": {
            "SHA-1": 13,
            "SHA1": 2
          },
          "SHA2": {
            "SHA-224": 1,
            "SHA-256": 9,
            "SHA-384": 9,
            "SHA-512": 12
          },
          "SHA3": {
            "SHA3-224": 4,
            "SHA3-256": 3,
            "SHA3-384": 2,
            "SHA3-512": 4
          }
        }
      },
      "ic_data_group": {},
      "javacard_api_const": {},
      "javacard_packages": {},
      "javacard_version": {},
      "os_name": {},
      "pq_crypto": {},
      "randomness": {
        "PRNG": {
          "DRBG": 36
        },
        "RNG": {
          "RNG": 3
        }
      },
      "side_channel_analysis": {},
      "standard_id": {
        "FIPS": {
          "FIPS 140": 2,
          "FIPS 140-2": 9,
          "FIPS 180-4": 1,
          "FIPS 186-4": 3,
          "FIPS 197": 1,
          "FIPS 198-1": 1,
          "FIPS 202": 1
        },
        "NIST": {
          "NIST SP 800-131A": 2,
          "NIST SP 800-38B": 2,
          "NIST SP 800-38D": 1,
          "NIST SP 800-38E": 2,
          "NIST SP 800-38F": 4,
          "NIST SP 800-52": 1,
          "NIST SP 800-56A": 2,
          "NIST SP 800-67": 1,
          "NIST SP 800-90A": 4,
          "NIST SP 800-90B": 1,
          "SP 800-132": 1,
          "SP 800-38C": 2,
          "SP 800-38F": 2,
          "SP 800-57": 1,
          "SP 800-90A": 3,
          "SP 800-90B": 3
        },
        "PKCS": {
          "PKCS#1": 3
        },
        "RFC": {
          "RFC3686": 3
        }
      },
      "symmetric_crypto": {
        "AES_competition": {
          "AES": {
            "AES": 31,
            "AES-128": 5,
            "AES-192": 3,
            "AES-256": 6
          }
        },
        "DES": {
          "3DES": {
            "Triple-DES": 12
          },
          "DES": {
            "DES": 4
          }
        },
        "constructions": {
          "MAC": {
            "CMAC": 8,
            "HMAC": 60,
            "HMAC-SHA-512": 1
          }
        }
      },
      "tee_name": {},
      "tls_cipher_suite": {},
      "vendor": {
        "Microsoft": {
          "Microsoft": 10,
          "Microsoft Corporation": 32
        }
      },
      "vulnerability": {}
    },
    "policy_metadata": {
      "/CreationDate": "D:20231004134043-04\u002700\u0027",
      "/MSIP_Label_c968a81f-7ed4-4faa-9408-9652e001dd96_ActionId": "0532fc76-2ee6-4a67-a38a-bf4204b9d836",
      "/MSIP_Label_c968a81f-7ed4-4faa-9408-9652e001dd96_ContentBits": "0",
      "/MSIP_Label_c968a81f-7ed4-4faa-9408-9652e001dd96_Enabled": "true",
      "/MSIP_Label_c968a81f-7ed4-4faa-9408-9652e001dd96_Method": "Privileged",
      "/MSIP_Label_c968a81f-7ed4-4faa-9408-9652e001dd96_Name": "Unrestricted",
      "/MSIP_Label_c968a81f-7ed4-4faa-9408-9652e001dd96_SetDate": "2023-05-30T16:27:58Z",
      "/MSIP_Label_c968a81f-7ed4-4faa-9408-9652e001dd96_SiteId": "b64da4ac-e800-4cfc-8931-e607f720a1b8",
      "/MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Application": "Microsoft Azure Information Protection",
      "/MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Enabled": "True",
      "/MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Extended_MSFT_Method": "Automatic",
      "/MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Name": "General",
      "/MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Owner": "[email protected]",
      "/MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SetDate": "2018-01-05T22:02:27.1067180Z",
      "/MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SiteId": "72f988bf-86f1-41af-91ab-2d7cd011db47",
      "/ModDate": "D:20231004134043-04\u002700\u0027",
      "pdf_file_size_bytes": 658356,
      "pdf_hyperlinks": {
        "_type": "Set",
        "elements": [
          "https://csrc.nist.gov/publications/detail/sp/800-38f/final",
          "https://csrc.nist.gov/publications/detail/sp/800-90a/rev-1/final",
          "https://docs.microsoft.com/en-us/windows/security/threat-protection/fips-140-validation",
          "https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38e.pdf",
          "https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-4.pdf",
          "http://webstore.ansi.org/FindStandards.aspx?%20Action=displaydept\u0026DeptID=80\u0026Acro=X9\u0026DpName=X9,%20Inc%20",
          "https://csrc.nist.gov/projects/cryptographic-module-validationprogram/standards",
          "https://csrc.nist.gov/publications/detail/sp/800-132/final",
          "http://creativecommons.org/licenses/by-nd-nc/1.0/",
          "https://csrc.nist.gov/publications/detail/sp/800-52/rev-2/final",
          "https://www.kernel.org/doc/html/latest/crypto/index.html",
          "https://csrc.nist.gov/publications/detail/sp/800-131a/rev-2/final"
        ]
      },
      "pdf_is_encrypted": false,
      "pdf_number_of_pages": 30
    }
  },
  "state": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
    "module_download_ok": true,
    "module_extract_ok": true,
    "policy_convert_garbage": false,
    "policy_convert_ok": true,
    "policy_download_ok": true,
    "policy_extract_ok": true,
    "policy_pdf_hash": "df81e68210c8044264b67f076f10b6d1f97cf7944d1d57d6279a1f95ce095e2f",
    "policy_txt_hash": "37ece4e7ec6b0be74187af96eedfc4c427ed7830e299b5bd9f80c1c71a66500f"
  },
  "web_data": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
    "caveat": "When operated in FIPS mode",
    "certificate_pdf_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/August 2022_010922_0715_signed.pdf",
    "date_sunset": "2026-09-21",
    "description": "The Microsoft Azure Linux Kernel Crypto API Cryptographic Module is a general-purpose, software-based cryptographic module. The module provides general purpose cryptographic services that leverage FIPS 140-2-approved cryptographic algorithms. The module runs as part of the operating system kernel, provides cryptographic services to kernel applications through a C language Application Program Interface (API), and provides cryptographic services to user applications through an AF_ALG socket interface. The module is implemented as a set of shared libraries and binary files.",
    "embodiment": "Multi-Chip Stand Alone",
    "exceptions": [
      "Physical Security: N/A",
      "Mitigation of Other Attacks: N/A"
    ],
    "fw_versions": null,
    "historical_reason": null,
    "hw_versions": null,
    "level": 1,
    "mentioned_certs": {},
    "module_name": "Microsoft Azure Linux Kernel Crypto API",
    "module_type": "Software",
    "revoked_link": null,
    "revoked_reason": null,
    "standard": "FIPS 140-2",
    "status": "active",
    "sw_versions": "1.0 and 2.0",
    "tested_conf": [
      "Microsoft Azure Linux 1.0 on Azure Host Hypervisor running on an Azure Compute C2030 Server with an Intel Xeon Platinum 8272CL with PAA",
      "Microsoft Azure Linux 1.0 on Azure Host Hypervisor running on an Azure Compute C2030 Server with an Intel Xeon Platinum 8272CL without PAA",
      "Microsoft Azure Linux 1.0 running on an Azure Compute C2030 Server with an Intel Xeon Platinum 8272CL with PAA",
      "Microsoft Azure Linux 1.0 running on an Azure Compute C2030 Server with an Intel Xeon Platinum 8272CL without PAA",
      "Microsoft Azure Linux 2.0 on Azure Host Hypervisor running on an Azure Compute C2030 Server with an Intel Xeon Platinum 8272CL with PAA",
      "Microsoft Azure Linux 2.0 on Azure Host Hypervisor running on an Azure Compute C2030 Server with an Intel Xeon Platinum 8272CL without PAA",
      "Microsoft Azure Linux 2.0 running on an Azure Compute C2030 Server with an Intel Xeon Platinum 8272CL with PAA",
      "Microsoft Azure Linux 2.0 running on an Azure Compute C2030 Server with an Intel Xeon Platinum 8272CL without PAA"
    ],
    "validation_history": [
      {
        "_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
        "date": "2022-08-15",
        "lab": "LEIDOS CSTL",
        "validation_type": "Initial"
      },
      {
        "_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
        "date": "2024-03-01",
        "lab": "LEIDOS CSTL",
        "validation_type": "Update"
      }
    ],
    "vendor": "Microsoft Corporation",
    "vendor_url": "http://www.microsoft.com"
  }
}