This page was not yet optimized for use on mobile devices.
Kernel Cryptography Module for AlmaLinux 9
Certificate #4750
Webpage information ?
Security policy ?
Symmetric Algorithms
AES, AES-128, AES-192, AES-256, CAST, HMAC, CMACHash functions
SHA-1, SHA-224, SHA-256, SHA-384, SHA-512, SHA-3, SHA3-224, SHA3-256, SHA3-384, SHA3-512, PBKDF2Schemes
MACProtocols
IKEv2, IPsecRandomness
DRBG, RNGBlock cipher modes
ECB, CBC, CTR, CFB, OFB, GCM, CCM, XTSSecurity level
Level 1Standards
FIPS 140-3, FIPS 180-4, FIPS 202, FIPS 197, FIPS 198-1, FIPS 186-4, FIPS 186-5, FIPS PUB 140-3, SP 800-38A, SP 800-38D, SP 800-38B, SP 800-38C, SP 800-38E, PKCS#1, RFC 4106, RFC 7296, ISO/IEC 24759File metadata
| Title | FIPS 140-3 Non-Proprietary Security Policy |
|---|---|
| Author | Giulio Raponi |
| Creation date | D:20240801145657-05'00' |
| Modification date | D:20240801145657-05'00' |
| Pages | 33 |
| Creator | Microsoft® Word for Microsoft 365 |
| Producer | Microsoft® Word for Microsoft 365 |
Heuristics ?
No heuristics are available for this certificate.
References ?
No references are available for this certificate.
Updates ?
-
09.09.2024 The certificate data changed.
Certificate changed
The web extraction data was updated.
- The certificate_pdf_url property was set to
https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/August 2024_010924_0336.pdf.
- The certificate_pdf_url property was set to
-
03.08.2024 The certificate was first processed.
New certificate
A new FIPS 140 certificate with the product name was processed.
Raw data
{
"_type": "sec_certs.sample.fips.FIPSCertificate",
"cert_id": 4750,
"dgst": "a360748ed90aa02c",
"heuristics": {
"_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
"algorithms": {
"_type": "Set",
"elements": [
"AES-GMACA4041",
"AES-CTRA4041",
"AES-ECBA4043",
"SHA3-224A4026",
"AES-CFB128A4044",
"HMAC DRBGA4049",
"HMAC-SHA3-256A4026",
"AES-CBCA4041",
"HMAC-SHA2-256A4049",
"AES-XTS Testing Revision 2.0A4041",
"RSA SigVer (FIPS186-4)A4049",
"SHA3-512A4026",
"Hash DRBGA4049",
"SHA2-256A4049",
"AES-CMACA4041",
"HMAC-SHA3-224A4026",
"SHA2-384A4049",
"HMAC-SHA3-512A4026",
"SHA2-224A4049",
"AES-OFBA4045",
"HMAC-SHA2-512A4049",
"AES-CBC-CS3A4046",
"HMAC-SHA2-384A4049",
"HMAC-SHA3-384A4026",
"HMAC-SHA2-224A4049",
"SHA3-384A4026",
"Counter DRBGA4043",
"AES-GCMA4043",
"SHA2-512A4049",
"AES-CCMA4041",
"SHA3-256A4026"
]
},
"cpe_matches": null,
"direct_transitive_cves": null,
"extracted_versions": {
"_type": "Set",
"elements": [
"9"
]
},
"indirect_transitive_cves": null,
"module_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"module_prunned_references": {
"_type": "Set",
"elements": []
},
"policy_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"policy_prunned_references": {
"_type": "Set",
"elements": []
},
"related_cves": null,
"verified_cpe_matches": null
},
"pdf_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
"keywords": {
"asymmetric_crypto": {},
"certification_process": {},
"cipher_mode": {
"CBC": {
"CBC": 7
},
"CCM": {
"CCM": 6
},
"CFB": {
"CFB": 1
},
"CTR": {
"CTR": 6
},
"ECB": {
"ECB": 4
},
"GCM": {
"GCM": 24
},
"OFB": {
"OFB": 3
},
"XTS": {
"XTS": 12
}
},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {},
"crypto_protocol": {
"IKE": {
"IKEv2": 1
},
"IPsec": {
"IPsec": 7
}
},
"crypto_scheme": {
"MAC": {
"MAC": 6
}
},
"device_model": {},
"ecc_curve": {},
"eval_facility": {
"atsec": {
"atsec": 36
}
},
"fips_cert_id": {},
"fips_certlike": {
"Certlike": {
"AES-128": 1,
"AES-192": 1,
"AES-256": 1,
"PKCS#1": 12,
"RSA PKCS#1": 2,
"SHA- 256": 4,
"SHA- 512": 2,
"SHA-1": 4,
"SHA-224": 4,
"SHA-256": 8,
"SHA-3": 3,
"SHA-384": 3,
"SHA-512": 7,
"SHA2- 384": 1,
"SHA2-256": 1,
"SHA2-384": 2,
"SHA2-512": 3,
"SHA3- 224": 2,
"SHA3- 256": 2,
"SHA3- 384": 1,
"SHA3- 512": 1,
"SHA3- 512 32": 1,
"SHA3-224": 3,
"SHA3-256": 5,
"SHA3-384": 4,
"SHA3-512": 4
}
},
"fips_security_level": {
"Level": {
"Level 1": 2
}
},
"hash_function": {
"PBKDF": {
"PBKDF2": 3
},
"SHA": {
"SHA1": {
"SHA-1": 4
},
"SHA2": {
"SHA-224": 4,
"SHA-256": 8,
"SHA-384": 3,
"SHA-512": 7
},
"SHA3": {
"SHA-3": 3,
"SHA3-224": 4,
"SHA3-256": 5,
"SHA3-384": 4,
"SHA3-512": 4
}
}
},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {
"PRNG": {
"DRBG": 25
},
"RNG": {
"RNG": 4
}
},
"side_channel_analysis": {},
"standard_id": {
"FIPS": {
"FIPS 140-3": 41,
"FIPS 180-4": 2,
"FIPS 186-4": 4,
"FIPS 186-5": 1,
"FIPS 197": 7,
"FIPS 198-1": 2,
"FIPS 202": 2,
"FIPS PUB 140-3": 1
},
"ISO": {
"ISO/IEC 24759": 2
},
"NIST": {
"SP 800-38A": 3,
"SP 800-38B": 1,
"SP 800-38C": 1,
"SP 800-38D": 2,
"SP 800-38E": 1
},
"PKCS": {
"PKCS#1": 7
},
"RFC": {
"RFC 4106": 3,
"RFC 7296": 1
}
},
"symmetric_crypto": {
"AES_competition": {
"AES": {
"AES": 59,
"AES-128": 1,
"AES-192": 1,
"AES-256": 1
},
"CAST": {
"CAST": 2
}
},
"constructions": {
"MAC": {
"CMAC": 5,
"HMAC": 16
}
}
},
"tee_name": {},
"tls_cipher_suite": {},
"vendor": {},
"vulnerability": {}
},
"policy_metadata": {
"/Author": "Giulio Raponi",
"/CreationDate": "D:20240801145657-05\u002700\u0027",
"/Creator": "Microsoft\u00ae Word for Microsoft 365",
"/ModDate": "D:20240801145657-05\u002700\u0027",
"/Producer": "Microsoft\u00ae Word for Microsoft 365",
"/Title": "FIPS 140-3 Non-Proprietary Security Policy",
"pdf_file_size_bytes": 497392,
"pdf_hyperlinks": {
"_type": "Set",
"elements": [
"https://csrc.nist.gov/publications/fips/fips198-1/FIPS-198-1_final.pdf",
"https://csrc.nist.gov/publications/fips/fips197/fips-197.pdf",
"https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.180-4.pdf",
"https://csrc.nist.gov/publications/nistpubs/800-38a/sp800-38a.pdf",
"https://www.ietf.org/rfc/rfc3447.txt",
"https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.140-3.pdf",
"https://csrc.nist.gov/publications/nistpubs/800-38E/nist-sp-800-38E.pdf",
"https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.202.pdf",
"https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38a-add.pdf",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-90Ar1.pdf",
"https://datatracker.ietf.org/doc/html/rfc4106",
"http://www.atsec.com/",
"https://csrc.nist.gov/Projects/cryptographic-module-validation-program/fips-140-3-ig-announcements",
"https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38c.pdf",
"https://csrc.nist.gov/publications/nistpubs/800-38B/SP_800-38B.pdf",
"https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-4.pdf",
"http://www.tuxcare.com/"
]
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 33
}
},
"state": {
"_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
"module_download_ok": true,
"module_extract_ok": true,
"policy_convert_garbage": false,
"policy_convert_ok": true,
"policy_download_ok": true,
"policy_extract_ok": true,
"policy_pdf_hash": "228e1e1e0cae8f7a0651db400295b68855751b4c388b927afed63ac52289fa64",
"policy_txt_hash": "21402fe81407f79470b08b5c086fb308bab16d5250bc5e7620b6320415db4037"
},
"web_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
"caveat": "Interim validation. When operated in approved mode. When installed, initialized and configured as specified in Section 11 of the Security Policy.",
"certificate_pdf_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/August 2024_010924_0336.pdf",
"date_sunset": "2026-08-01",
"description": "The Linux kernel crypto API implementation provides cryptographic services to Linux kernel space software components and user space via the AF_ALG interface.",
"embodiment": "Multi-Chip Stand Alone",
"exceptions": [
"Physical security: N/A",
"Non-invasive security: N/A",
"Mitigation of other attacks: N/A",
"Documentation requirements: N/A",
"Cryptographic module security policy: N/A"
],
"fw_versions": null,
"historical_reason": null,
"hw_versions": null,
"level": 1,
"mentioned_certs": {},
"module_name": "Kernel Cryptography Module for AlmaLinux 9",
"module_type": "Software",
"revoked_link": null,
"revoked_reason": null,
"standard": "FIPS 140-3",
"status": "active",
"sw_versions": "kernel 5.14.0-284.11.1.el9_2.tuxcare.5 5.14.0-284.11.1.el9_2.tuxcare.6; libkcapi 1.3.1-3.el9",
"tested_conf": [
"AlmaLinux 9.2 running on Amazon Web Services (AWS) a1.metal with AWS Graviton with PAA",
"AlmaLinux 9.2 running on Amazon Web Services (AWS) a1.metal with AWS Graviton without PAA",
"AlmaLinux 9.2 running on Amazon Web Services (AWS) m5.metal with Intel Xeon Platinum 8259CL with PAA",
"AlmaLinux 9.2 running on Amazon Web Services (AWS) m5.metal with Intel Xeon Platinum 8259CL without PAA"
],
"validation_history": [
{
"_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
"date": "2024-08-02",
"lab": "ATSEC INFORMATION SECURITY CORP",
"validation_type": "Initial"
}
],
"vendor": "Cloudlinux Inc., TuxCare division",
"vendor_url": "http://www.tuxcare.com"
}
}