This page was not yet optimized for use on mobile devices.
Ubuntu 16.04 OpenSSL Cryptographic Module
Certificate #4589
Webpage information ?
Document information ?
Security policy
Symmetric Algorithms
AES, AES-128, AES-192, AES-256, AES-, DES, Triple-DES, TDES, TDEA, HMAC, HMAC-SHA-256, CMACAsymmetric Algorithms
ECDSA, ECC, Diffie-Hellman, DSAHash functions
SHA-1, SHA-224, SHA-256, SHA-384, SHA-512, MD5Schemes
MAC, Key Exchange, Key AgreementProtocols
SSH, SSLv2.0, SSL v3.0, TLS, TLS v1.0, TLSv1.2, TLSv1.0, DTLS, IKERandomness
PRNG, DRBG, RNGLibraries
OpenSSLElliptic Curves
P-224, P-256, P-384, P-521, P-192, K-283, K-409, K-571, B-233, B-283, B-409, B-571, K-163, K-233, B-163Block cipher modes
ECB, CBC, CTR, CFB, OFB, GCM, CCM, XTSTLS cipher suites
TLS_RSA_WITH_3DES_EDE_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_256_CBC_SHA256, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_256_GCM_SHA384, TLS_PSK_WITH_3DES_EDE_CBC_SHA, TLS_PSK_WITH_AES_128_CBC_SHA, TLS_PSK_WITH_AES_256_CBC_SHASecurity level
Level 1, level 1Side-channel analysis
Timing Attacks, timing attacks, Timing AttackStandards
FIPS 140-2, FIPS PUB 140-2, FIPS197, FIPS186-4, FIPS198-1, FIPS186-2, FIPS180-4, FIPS 198-1, FIPS 186-4, FIPS140-2, SP 800-57, PKCS#1, RFC2246, RFC4346, RFC5246, RFC5288, RFC4253, RFC7296, RFC3268, RFC5116, RFC6655, RFC4279, RFC5487, RFC4492, RFC5489, RFC7251File metadata
| Title: | Microsoft Word - UbuntuOpenSSL-SecurityPolicy.doc |
|---|---|
| Creation date: | D:20230905211647Z00'00' |
| Modification date: | D:20230905211647Z00'00' |
| Pages: | 43 |
| Creator: | Word |
| Producer: | macOS Version 13.3.1 (a) (Build 22E772610a) Quartz PDFContext |
References
Heuristics ?
No heuristics are available for this certificate.
References ?
No references are available for this certificate.
Updates ?
-
01.11.2023 The certificate data changed.
Certificate changed
The web extraction data was updated.
- The certificate_pdf_url property was set to
https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/September 2023_101023_1100 signed (2).pdf.
- The certificate_pdf_url property was set to
-
18.09.2023 The certificate was first processed.
New certificate
A new FIPS 140 certificate with the product name was processed.
Raw data
{
"_type": "sec_certs.sample.fips.FIPSCertificate",
"cert_id": 4589,
"dgst": "886b73d4b098e551",
"heuristics": {
"_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
"algorithms": {
"_type": "Set",
"elements": [
"RSA#C1304",
"CVL#C1305",
"Triple-DES#C1257",
"KTS#C1257",
"AES#C1260",
"DRBG#C1305",
"AES#C1265",
"KTS#C1304",
"DRBG#C1265",
"SHS#C1304",
"AES#C1259",
"ECDSA#C1304",
"AES#C1267",
"ECDSA#C1305",
"KTS#C1305",
"HMAC#C1305",
"CVL#C1304",
"AES#C1258",
"DSA#C1305",
"SHS#C1305",
"RSA#C1269",
"AES#C1270",
"AES#C1261",
"KTS#C1269",
"AES#C1264",
"RSA#C1305",
"ECDSA#C1269",
"AES#C1266",
"CVL#C1269",
"DSA#C1269",
"HMAC#C1269",
"SHS#C1269",
"DRBG#C1304",
"DSA#C1304",
"HMAC#C1304",
"DRBG#C1269"
]
},
"cpe_matches": null,
"direct_transitive_cves": null,
"extracted_versions": {
"_type": "Set",
"elements": [
"16.04"
]
},
"indirect_transitive_cves": null,
"module_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"module_prunned_references": {
"_type": "Set",
"elements": []
},
"policy_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"policy_prunned_references": {
"_type": "Set",
"elements": []
},
"related_cves": null,
"verified_cpe_matches": null
},
"pdf_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
"keywords": {
"asymmetric_crypto": {
"ECC": {
"ECC": {
"ECC": 3
},
"ECDSA": {
"ECDSA": 27
}
},
"FF": {
"DH": {
"Diffie-Hellman": 13
},
"DSA": {
"DSA": 33
}
}
},
"certification_process": {},
"cipher_mode": {
"CBC": {
"CBC": 9
},
"CCM": {
"CCM": 7
},
"CFB": {
"CFB": 1
},
"CTR": {
"CTR": 5
},
"ECB": {
"ECB": 9
},
"GCM": {
"GCM": 14
},
"OFB": {
"OFB": 5
},
"XTS": {
"XTS": 8
}
},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {
"OpenSSL": {
"OpenSSL": 48
}
},
"crypto_protocol": {
"IKE": {
"IKE": 1
},
"SSH": {
"SSH": 1
},
"TLS": {
"DTLS": {
"DTLS": 2
},
"SSL": {
"SSL v3.0": 1,
"SSLv2.0": 1
},
"TLS": {
"TLS": 59,
"TLS v1.0": 2,
"TLSv1.0": 1,
"TLSv1.2": 2
}
}
},
"crypto_scheme": {
"KA": {
"Key Agreement": 4
},
"KEX": {
"Key Exchange": 3
},
"MAC": {
"MAC": 8
}
},
"device_model": {},
"ecc_curve": {
"NIST": {
"B-163": 2,
"B-233": 2,
"B-283": 2,
"B-409": 2,
"B-571": 2,
"K-163": 2,
"K-233": 2,
"K-283": 2,
"K-409": 2,
"K-571": 2,
"P-192": 4,
"P-224": 6,
"P-256": 8,
"P-384": 6,
"P-521": 6
}
},
"eval_facility": {
"atsec": {
"atsec": 45
}
},
"fips_cert_id": {},
"fips_certlike": {
"Certlike": {
"AES-128": 1,
"AES-192": 1,
"AES-256": 2,
"HMAC SHA-1": 1,
"HMAC-SHA-256": 2,
"PKCS#1": 6,
"SHA 1": 1,
"SHA 224": 1,
"SHA 256": 1,
"SHA 384": 1,
"SHA 512": 1,
"SHA- 1": 1,
"SHA-1": 15,
"SHA-224": 15,
"SHA-256": 26,
"SHA-384": 14,
"SHA-512": 9,
"SHA-512 1024": 2,
"SHA-512 112": 1,
"SHA-512 2048": 2,
"SHA-512 4096": 1
}
},
"fips_security_level": {
"Level": {
"Level 1": 3,
"level 1": 2
}
},
"hash_function": {
"MD": {
"MD5": {
"MD5": 7
}
},
"SHA": {
"SHA1": {
"SHA-1": 15
},
"SHA2": {
"SHA-224": 15,
"SHA-256": 26,
"SHA-384": 14,
"SHA-512": 15
}
}
},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {
"PRNG": {
"DRBG": 30,
"PRNG": 2
},
"RNG": {
"RNG": 1
}
},
"side_channel_analysis": {
"SCA": {
"Timing Attack": 1,
"Timing Attacks": 2,
"timing attacks": 1
}
},
"standard_id": {
"FIPS": {
"FIPS 140-2": 53,
"FIPS 186-4": 1,
"FIPS 198-1": 2,
"FIPS PUB 140-2": 2,
"FIPS140-2": 1,
"FIPS180-4": 5,
"FIPS186-2": 1,
"FIPS186-4": 5,
"FIPS197": 2,
"FIPS198-1": 2
},
"NIST": {
"SP 800-57": 1
},
"PKCS": {
"PKCS#1": 3
},
"RFC": {
"RFC2246": 6,
"RFC3268": 3,
"RFC4253": 1,
"RFC4279": 7,
"RFC4346": 3,
"RFC4492": 1,
"RFC5116": 3,
"RFC5246": 6,
"RFC5288": 4,
"RFC5487": 9,
"RFC5489": 1,
"RFC6655": 7,
"RFC7251": 1,
"RFC7296": 1
}
},
"symmetric_crypto": {
"AES_competition": {
"AES": {
"AES": 66,
"AES-": 1,
"AES-128": 1,
"AES-192": 1,
"AES-256": 2
}
},
"DES": {
"3DES": {
"TDEA": 1,
"TDES": 2,
"Triple-DES": 34
},
"DES": {
"DES": 3
}
},
"constructions": {
"MAC": {
"CMAC": 10,
"HMAC": 29,
"HMAC-SHA-256": 1
}
}
},
"tee_name": {},
"tls_cipher_suite": {
"TLS": {
"TLS_PSK_WITH_3DES_EDE_CBC_SHA": 1,
"TLS_PSK_WITH_AES_128_CBC_SHA": 1,
"TLS_PSK_WITH_AES_256_CBC_SHA": 1,
"TLS_RSA_WITH_3DES_EDE_CBC_SHA": 1,
"TLS_RSA_WITH_AES_128_CBC_SHA": 1,
"TLS_RSA_WITH_AES_128_CBC_SHA256": 1,
"TLS_RSA_WITH_AES_128_GCM_SHA256": 1,
"TLS_RSA_WITH_AES_256_CBC_SHA": 1,
"TLS_RSA_WITH_AES_256_CBC_SHA256": 1,
"TLS_RSA_WITH_AES_256_GCM_SHA384": 1
}
},
"vendor": {},
"vulnerability": {}
},
"policy_metadata": {
"/CreationDate": "D:20230905211647Z00\u002700\u0027",
"/Creator": "Word",
"/ModDate": "D:20230905211647Z00\u002700\u0027",
"/Producer": "macOS Version 13.3.1 (a) (Build 22E772610a) Quartz PDFContext",
"/Title": "Microsoft Word - UbuntuOpenSSL-SecurityPolicy.doc",
"pdf_file_size_bytes": 824593,
"pdf_hyperlinks": {
"_type": "Set",
"elements": []
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 43
}
},
"state": {
"_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
"module_download_ok": true,
"module_extract_ok": true,
"policy_convert_garbage": false,
"policy_convert_ok": true,
"policy_download_ok": true,
"policy_extract_ok": true,
"policy_pdf_hash": "60825a51ff5c71e0ae1c82d5b4f8b98cb97173d2f2aac56eef66a90a9860a8cf",
"policy_txt_hash": "96099acc17b6884399fbe650c2f492f61ee5d5581666ae2eff7b9fbca73b21d6"
},
"web_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
"caveat": "When operated in FIPS mode and installed, initialized and configured as specified in Sections 9.1 of the Security Policy. The module generates cryptographic keys whose strengths are modified by available entropy",
"certificate_pdf_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/September 2023_101023_1100 signed (2).pdf",
"date_sunset": "2025-10-08",
"description": "OpenSSL is an open-source library of various cryptographic algorithms written mainly in C.",
"embodiment": "Multi-Chip Stand Alone",
"exceptions": [
"Physical Security: N/A"
],
"fw_versions": null,
"historical_reason": null,
"hw_versions": null,
"level": 1,
"mentioned_certs": {},
"module_name": "Ubuntu 16.04 OpenSSL Cryptographic Module",
"module_type": "Software",
"revoked_link": null,
"revoked_reason": null,
"standard": "FIPS 140-2",
"status": "active",
"sw_versions": "2.0",
"tested_conf": [
"Ubuntu 16.04 LTS 64-bit running on Supermicro SYS-5018R-WR with Intel Xeon E5 with PAA",
"Ubuntu 16.04 LTS 64-bit running on Supermicro SYS-5018R-WR with Intel Xeon E5 without PAA (single-user mode)"
],
"validation_history": [
{
"_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
"date": "2023-09-08",
"lab": "ATSEC INFORMATION SECURITY CORP",
"validation_type": "Initial"
}
],
"vendor": "Canonical Ltd.",
"vendor_url": "http://www.canonical.com"
}
}