This page was not yet optimized for use on mobile devices.

Microsoft Azure Linux Kernel Crypto API

Certificate #4277

Webpage information ?

Status	active
Validation dates	15.08.2022 , 01.03.2024
Sunset date	21-09-2026
Standard	FIPS 140-2
Security level	1
Type	Software
Embodiment	Multi-Chip Stand Alone
Caveat	When operated in FIPS mode
Exceptions	Physical Security: N/A Mitigation of Other Attacks: N/A
Description	The Microsoft Azure Linux Kernel Crypto API Cryptographic Module is a general-purpose, software-based cryptographic module. The module provides general purpose cryptographic services that leverage FIPS 140-2-approved cryptographic algorithms. The module runs as part of the operating system kernel, provides cryptographic services to kernel applications through a C language Application Program Interface (API), and provides cryptographic services to user applications through an AF_ALG socket interface. The module is implemented as a set of shared libraries and binary files.
Tested configurations	Microsoft Azure Linux 1.0 on Azure Host Hypervisor running on an Azure Compute C2030 Server with an Intel Xeon Platinum 8272CL with PAA Microsoft Azure Linux 1.0 on Azure Host Hypervisor running on an Azure Compute C2030 Server with an Intel Xeon Platinum 8272CL without PAA Microsoft Azure Linux 1.0 running on an Azure Compute C2030 Server with an Intel Xeon Platinum 8272CL with PAA Microsoft Azure Linux 1.0 running on an Azure Compute C2030 Server with an Intel Xeon Platinum 8272CL without PAA Microsoft Azure Linux 2.0 on Azure Host Hypervisor running on an Azure Compute C2030 Server with an Intel Xeon Platinum 8272CL with PAA Microsoft Azure Linux 2.0 on Azure Host Hypervisor running on an Azure Compute C2030 Server with an Intel Xeon Platinum 8272CL without PAA Microsoft Azure Linux 2.0 running on an Azure Compute C2030 Server with an Intel Xeon Platinum 8272CL with PAA Microsoft Azure Linux 2.0 running on an Azure Compute C2030 Server with an Intel Xeon Platinum 8272CL without PAA
Vendor	Microsoft Corporation
References	This certificate's webpage directly references 0 certificates, transitively this expands into 0 certificates.

Certificate

Webpage

Document information ?

Security policy

Security target PDF TXT

Symmetric Algorithms

AES, AES-128, AES-192, AES-256, DES, Triple-DES, HMAC, HMAC-SHA-512, CMAC

Asymmetric Algorithms

ECDH, ECDSA

Hash functions

SHA-1, SHA1, SHA-256, SHA-384, SHA-512, SHA-224, SHA3-224, SHA3-256, SHA3-512, SHA3-384

Schemes

Key Agreement

Protocols

TLS, IPsec

Randomness

DRBG, RNG

Elliptic Curves

P-192, P-256

Block cipher modes

ECB, CBC, CTR, CFB, GCM, CCM, XTS

Vendor

Microsoft Corporation, Microsoft

Standards

FIPS 140, FIPS 140-2, FIPS 197, FIPS 180-4, FIPS 202, FIPS 198-1, FIPS 186-4, NIST SP 800-38B, SP 800-38C, NIST SP 800-38D, NIST SP 800-38E, NIST SP 800-38F, NIST SP 800-67, NIST SP 800-56A, NIST SP 800-90A, NIST SP 800-131A, NIST SP 800-90B, SP 800-90A, SP 800-90B, SP 800-38F, SP 800-57, SP 800-132, NIST SP 800-52, PKCS#1, RFC3686

File metadata

Creation date:	D:20231004134043-04'00'
Modification date:	D:20231004134043-04'00'
Pages:	30

References

Heuristics ?

No heuristics are available for this certificate.

References ?

No references are available for this certificate.

Updates ?

11.03.2024 The certificate data changed.
Certificate changed

The web extraction data was updated.
- The module_name property was set to Microsoft Azure Linux Kernel Crypto API.
- The validation_history property was updated, with the [[1, {'_type': 'sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry', 'date': '2024-03-01', 'validation_type': 'Update', 'lab': 'LEIDOS CSTL'}]] values inserted.
- The description property was set to The Microsoft Azure Linux Kernel Crypto API Cryptographic Module is a general-purpose, software-based cryptographic module. The module provides general purpose cryptographic services that leverage FIPS 140-2-approved cryptographic algorithms. The module runs as part of the operating system kernel, provides cryptographic services to kernel applications through a C language Application Program Interface (API), and provides cryptographic services to user applications through an AF_ALG socket interface. The module is implemented as a set of shared libraries and binary files..
- The tested_conf property was set to ['Microsoft Azure Linux 1.0 on Azure Host Hypervisor running on an Azure Compute C2030 Server with an Intel Xeon Platinum 8272CL with PAA', 'Microsoft Azure Linux 1.0 on Azure Host Hypervisor running on an Azure Compute C2030 Server with an Intel Xeon Platinum 8272CL without PAA', 'Microsoft Azure Linux 1.0 running on an Azure Compute C2030 Server with an Intel Xeon Platinum 8272CL with PAA', 'Microsoft Azure Linux 1.0 running on an Azure Compute C2030 Server with an Intel Xeon Platinum 8272CL without PAA', 'Microsoft Azure Linux 2.0 on Azure Host Hypervisor running on an Azure Compute C2030 Server with an Intel Xeon Platinum 8272CL with PAA', 'Microsoft Azure Linux 2.0 on Azure Host Hypervisor running on an Azure Compute C2030 Server with an Intel Xeon Platinum 8272CL without PAA', 'Microsoft Azure Linux 2.0 running on an Azure Compute C2030 Server with an Intel Xeon Platinum 8272CL with PAA', 'Microsoft Azure Linux 2.0 running on an Azure Compute C2030 Server with an Intel Xeon Platinum 8272CL without PAA'].
- The sw_versions property was set to 1.0 and 2.0.
The PDF extraction data was updated.
- The keywords property was updated, with the {'fips_certlike': {'__update__': {'Certlike': {'__update__': {'SHA-1': 13, 'SHA2-256': 5, 'SHA3-256': 3}, '__delete__': ['SHA2- 256']}}}, 'vendor': {'__update__': {'Microsoft': {'__update__': {'Microsoft Corporation': 32, 'Microsoft': 10}}}}, 'symmetric_crypto': {'__update__': {'AES_competition': {'__update__': {'AES': {'__update__': {'AES': 31}}}}, 'DES': {'__update__': {'DES': {'__update__': {'DES': 4}}, '3DES': {'__update__': {'Triple-DES': 12}}}}, 'constructions': {'__update__': {'MAC': {'__update__': {'HMAC': 60, 'CMAC': 8}}}}}}, 'asymmetric_crypto': {'__update__': {'ECC': {'__update__': {'ECDSA': {'__update__': {'ECDSA': 4}}}}}}, 'hash_function': {'__update__': {'SHA': {'__update__': {'SHA1': {'__update__': {'SHA-1': 13}}, 'SHA3': {'__update__': {'SHA3-256': 3}}}}}}, 'cipher_mode': {'__update__': {'ECB': {'__update__': {'ECB': 10}}, 'CFB': {'__update__': {'CFB': 2}}, 'GCM': {'__update__': {'GCM': 10}}}}, 'ecc_curve': {'__update__': {'NIST': {'__update__': {'P-192': 8, 'P-256': 8}}}}, 'standard_id': {'__update__': {'NIST': {'__update__': {'NIST SP 800-131A': 2}}}}} data.
- The policy_metadata property was updated, with the {'pdf_file_size_bytes': 658356, 'pdf_number_of_pages': 30, '/CreationDate': "D:20231004134043-04'00'", '/ModDate': "D:20231004134043-04'00'", 'pdf_hyperlinks': {'_type': 'Set', 'elements': ['https://csrc.nist.gov/publications/detail/sp/800-38f/final', 'https://csrc.nist.gov/publications/detail/sp/800-131a/rev-2/final', 'https://docs.microsoft.com/en-us/windows/security/threat-protection/fips-140-validation', 'https://csrc.nist.gov/projects/cryptographic-module-validationprogram/standards', 'https://csrc.nist.gov/publications/detail/sp/800-132/final', 'https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38e.pdf', 'https://csrc.nist.gov/publications/detail/sp/800-90a/rev-1/final', 'https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-4.pdf', 'http://webstore.ansi.org/FindStandards.aspx?%20Action=displaydept&DeptID=80&Acro=X9&DpName=X9,%20Inc%20', 'https://csrc.nist.gov/publications/detail/sp/800-52/rev-2/final', 'http://creativecommons.org/licenses/by-nd-nc/1.0/', 'https://www.kernel.org/doc/html/latest/crypto/index.html']}} data.
The computed heuristics were updated.
- The algorithms property was updated, with the {'_type': 'Set', 'elements': ['AES#A3494', 'KAS-SSC#A3494', 'Triple-DES#A3494', 'SHS#A3494', 'CVL#A3494', 'DRBG#A3494', 'RSA#A3494', 'HMAC#A3494', 'SHA-3#A3494', 'KTS#A3494']} values added.
- The extracted_versions property was set to {'_type': 'Set', 'elements': ['-']}.
The state was updated.
- The policy_pdf_hash property was set to df81e68210c8044264b67f076f10b6d1f97cf7944d1d57d6279a1f95ce095e2f.
- The policy_txt_hash property was set to 37ece4e7ec6b0be74187af96eedfc4c427ed7830e299b5bd9f80c1c71a66500f.
09.02.2023 The certificate data changed.
Certificate changed

The cert_id was updated.
- The new value is 4277.
The web extraction data was updated.
- The following values were inserted: {'validation_history': [{'_type': 'sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry', 'date': '2022-08-15', 'validation_type': 'Initial', 'lab': 'LEIDOS CSTL'}], 'vendor_url': 'http://www.microsoft.com', 'certificate_pdf_url': 'https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/August 2022_010922_0715_signed.pdf', 'hw_versions': None, 'fw_versions': None}.
- The standard property was set to FIPS 140-2.
- The status property was set to active.
- The level property was set to 1.
- The embodiment property was set to Multi-Chip Stand Alone.
- The following properties were deleted: ['date_validation', 'algorithms', 'vendor_www', 'lab', 'lab_nvlap', 'security_policy_www', 'certificate_www', 'hw_version', 'fw_version', 'product_url'].
The PDF extraction data was updated.
- The following values were inserted: {'policy_metadata': {'pdf_file_size_bytes': 1847594, 'pdf_is_encrypted': False, 'pdf_number_of_pages': 27, '/CreationDate': "D:20220531091009-04'00'", '/ModDate': "D:20220808105433-04'00'", '/Producer': 'Microsoft: Print To PDF', 'pdf_hyperlinks': {'_type': 'Set', 'elements': []}}}.
- The following properties were deleted: ['cert_id', 'algorithms', 'clean_cert_ids', 'st_metadata'].
The computed heuristics were updated.
- The following values were inserted: {'policy_prunned_references': {'_type': 'Set', 'elements': []}, 'module_prunned_references': {'_type': 'Set', 'elements': []}, 'policy_processed_references': {'_type': 'sec_certs.sample.certificate.References', 'directly_referenced_by': None, 'indirectly_referenced_by': None, 'directly_referencing': None, 'indirectly_referencing': None}, 'module_processed_references': {'_type': 'sec_certs.sample.certificate.References', 'directly_referenced_by': None, 'indirectly_referenced_by': None, 'directly_referencing': None, 'indirectly_referencing': None}, 'direct_transitive_cves': None, 'indirect_transitive_cves': None}.
- The algorithms property was set to {'_type': 'Set', 'elements': ['RSA#A1755', 'CVL#A1755', 'DRBG#A1755', 'KTS#A1755', 'KAS-SSC#A1755', 'HMAC#A1755', 'SHA-3#A1755', 'AES#A1755', 'Triple-DES#A1755', 'SHS#A1755']}.
- The following properties were deleted: ['keywords', 'unmatched_algs', 'clean_cert_ids', 'st_references', 'web_references'].
The state was updated.
- The following values were inserted: {'module_download_ok': True, 'policy_download_ok': True, 'policy_convert_garbage': False, 'policy_convert_ok': True, 'module_extract_ok': True, 'policy_extract_ok': True, 'policy_pdf_hash': '2b8fabfb19b695a1bfc5777f3961157fe00889c527842630b2090a96140d1bf5', 'policy_txt_hash': 'aab647e3a789b357ece8ddd963ad59cefa0a093fe6576f0769bb1ac178f3fed3'}.
- The following properties were deleted: ['sp_path', 'html_path', 'tables_done', 'file_status', 'txt_state'].
05.11.2022 The certificate data changed.
Certificate changed

The web extraction data was updated.
- The algorithms property was set to {'_type': 'Set', 'elements': []}.
The computed heuristics were updated.
- The algorithms property was updated, with the {'_type': 'Set', 'elements': [{'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '#A1755', 'algorithm_type': 'AES', 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '#A1755', 'algorithm_type': 'DRBG', 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '#A1755', 'algorithm_type': 'RSA', 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '#A1755', 'algorithm_type': 'HMAC', 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '#A1755', 'algorithm_type': 'KAS-SSC', 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '#A1755', 'algorithm_type': 'SHA-3', 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '#A1755', 'algorithm_type': 'Triple-DES', 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '#A1755', 'algorithm_type': 'SHS', 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '#A1755', 'algorithm_type': 'KTS', 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '#A1755', 'algorithm_type': 'CVL', 'vendor': None, 'implementation': None, 'date': None}]} values discarded.
25.10.2022 The certificate data changed.
Certificate changed

The PDF extraction data was updated.
- The keywords property was updated, with the {'fips_cert_id': {}, 'fips_certlike': {'__update__': {'Certlike': {'__insert__': {'AES CMAC 192': 1}, '__update__': {'SHA-1': 11, 'SHA2-256': 3, 'SHA2-384': 4, 'SHA3-224': 4, 'SHA3-256': 4, 'SHA3-512': 4, 'SHA2- 512': 1, 'SHA3-384': 2, 'SHA-512': 12}, '__delete__': ['HMAC-SHA2', 'HMAC-SHA3', 'HMAC- SHA3', 'HMAC SHA3', 'RSA 2048', 'AES CMAC 192 and 256', 'DES, 168']}}}, 'eval_facility': {}, 'symmetric_crypto': {'__update__': {'AES_competition': {'__update__': {'AES': {'__update__': {'AES': 22}, '__delete__': ['AES-']}}}, 'DES': {'__update__': {'DES': {'__update__': {'DES': 2}}, '3DES': {'__update__': {'Triple-DES': 10}}}}, 'constructions': {'__update__': {'MAC': {'__update__': {'HMAC': 50}}}}}}, 'asymmetric_crypto': {'__update__': {'ECC': {'__delete__': ['ECC']}}, '__delete__': ['RSA', 'FF']}, 'hash_function': {'__update__': {'SHA': {'__update__': {'SHA1': {'__update__': {'SHA-1': 11}}, 'SHA2': {'__update__': {'SHA-512': 12}, '__delete__': ['SHA2', 'SHA-2']}, 'SHA3': {'__update__': {'SHA3-224': 4, 'SHA3-256': 4, 'SHA3-512': 4, 'SHA3-384': 2}, '__delete__': ['SHA3', 'SHA-3']}}}}}, 'crypto_scheme': {'__update__': {'KA': {'__delete__': ['KA']}}, '__delete__': ['MAC']}, 'randomness': {'__update__': {'PRNG': {'__update__': {'DRBG': 36}}, 'RNG': {'__update__': {'RNG': 3}, '__delete__': ['RBG']}}}, 'cipher_mode': {'__update__': {'ECB': {'__update__': {'ECB': 9}}, 'CBC': {'__update__': {'CBC': 7}}, 'CTR': {'__update__': {'CTR': 10}}, 'CFB': {'__update__': {'CFB': 1}}, 'GCM': {'__update__': {'GCM': 9}}, 'XTS': {'__update__': {'XTS': 6}}}}, 'ecc_curve': {'__update__': {'NIST': {'__update__': {'P-256': 6}}}}, 'tee_name': {}, 'standard_id': {'__update__': {'FIPS': {'__update__': {'FIPS 140-2': 9}}, 'NIST': {'NIST SP 800-38B': 2, 'SP 800-38C': 2, 'NIST SP 800-38D': 1, 'NIST SP 800-38E': 2, 'NIST SP 800-38F': 4, 'NIST SP 800-67': 1, 'NIST SP 800-56A': 2, 'NIST SP 800-90A': 4, 'NIST SP 800-90B': 1, 'SP 800-90A': 3, 'SP 800-90B': 3, 'SP 800-38F': 2, 'SP 800-57': 1, 'SP 800-132': 1, 'NIST SP 800-52': 1, 'NIST SP 800-131A': 1}, 'RFC': {'RFC3686': 3}}}} data.
- The algorithms property was set to {'_type': 'Set', 'elements': [{'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 800', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 2048', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 224', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '#1', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 3', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 384', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 112', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 1', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '90', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 128', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 256', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 192', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 128', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 2048', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 64', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '256', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 512', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': 'a512', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '192', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 2', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 4096', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': 'c 168', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '384', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '\n 800', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 256', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '512', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 3072', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '5', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 0', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '224', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 168', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': 'A3', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '1', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}]}.
The computed heuristics were updated.
- The algorithms property was updated, with the {'_type': 'Set', 'elements': [{'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 800', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 2048', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 224', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '#1', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 3', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 384', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 112', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 1', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '90', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 128', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 256', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 192', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 128', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 2048', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 64', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '256', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 512', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': 'a512', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '192', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 2', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 4096', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': 'c 168', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '384', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '\n 800', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 256', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '512', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 3072', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '5', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 0', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '224', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 168', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': 'A3', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '1', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}]} values added.
The state was updated.
- The tables_done property was set to True.
17.09.2022 The certificate data changed.
Certificate changed

The web extraction data was updated.
- The certificate_www property was set to https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/August 2022_010922_0715_signed.pdf.
03.09.2022 The certificate was first processed.

New certificate

A new FIPS 140 certificate with the product name was processed.

Raw data

{
  "_type": "sec_certs.sample.fips.FIPSCertificate",
  "cert_id": 4277,
  "dgst": "a62699c162816b54",
  "heuristics": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
    "algorithms": {
      "_type": "Set",
      "elements": [
        "SHS#A1755",
        "Triple-DES#A1755",
        "SHS#A3494",
        "CVL#A1755",
        "CVL#A3494",
        "AES#A1755",
        "HMAC#A1755",
        "DRBG#A3494",
        "RSA#A3494",
        "KTS#A1755",
        "HMAC#A3494",
        "Triple-DES#A3494",
        "KAS-SSC#A3494",
        "KTS#A3494",
        "AES#A3494",
        "KAS-SSC#A1755",
        "RSA#A1755",
        "DRBG#A1755",
        "SHA-3#A1755",
        "SHA-3#A3494"
      ]
    },
    "cpe_matches": null,
    "direct_transitive_cves": null,
    "extracted_versions": {
      "_type": "Set",
      "elements": [
        "-"
      ]
    },
    "indirect_transitive_cves": null,
    "module_processed_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": null,
      "indirectly_referenced_by": null,
      "indirectly_referencing": null
    },
    "module_prunned_references": {
      "_type": "Set",
      "elements": []
    },
    "policy_processed_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": null,
      "indirectly_referenced_by": null,
      "indirectly_referencing": null
    },
    "policy_prunned_references": {
      "_type": "Set",
      "elements": []
    },
    "related_cves": null,
    "verified_cpe_matches": null
  },
  "pdf_data": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
    "keywords": {
      "asymmetric_crypto": {
        "ECC": {
          "ECDH": {
            "ECDH": 1
          },
          "ECDSA": {
            "ECDSA": 4
          }
        }
      },
      "certification_process": {},
      "cipher_mode": {
        "CBC": {
          "CBC": 7
        },
        "CCM": {
          "CCM": 5
        },
        "CFB": {
          "CFB": 2
        },
        "CTR": {
          "CTR": 10
        },
        "ECB": {
          "ECB": 10
        },
        "GCM": {
          "GCM": 10
        },
        "XTS": {
          "XTS": 6
        }
      },
      "cplc_data": {},
      "crypto_engine": {},
      "crypto_library": {},
      "crypto_protocol": {
        "IPsec": {
          "IPsec": 2
        },
        "TLS": {
          "TLS": {
            "TLS": 1
          }
        }
      },
      "crypto_scheme": {
        "KA": {
          "Key Agreement": 2
        }
      },
      "device_model": {},
      "ecc_curve": {
        "NIST": {
          "P-192": 8,
          "P-256": 8
        }
      },
      "eval_facility": {},
      "fips_cert_id": {},
      "fips_certlike": {
        "Certlike": {
          "AES CMAC 192": 1,
          "AES-128": 5,
          "AES-192": 3,
          "AES-256": 6,
          "HMAC SHA- 224": 1,
          "HMAC SHA- 256": 1,
          "HMAC SHA- 384": 1,
          "HMAC SHA- 512": 1,
          "HMAC SHA-1": 4,
          "HMAC SHA-224": 1,
          "HMAC SHA-256": 3,
          "HMAC SHA-384": 3,
          "HMAC SHA-512": 6,
          "HMAC-SHA-1": 2,
          "HMAC-SHA-512": 2,
          "PKCS#1": 4,
          "RSA PKCS#1": 2,
          "SHA- 224": 1,
          "SHA- 256": 2,
          "SHA- 384": 1,
          "SHA- 512": 1,
          "SHA- 512 2048": 1,
          "SHA-1": 13,
          "SHA-224": 1,
          "SHA-256": 9,
          "SHA-384": 9,
          "SHA-512": 12,
          "SHA1": 2,
          "SHA2- 512": 1,
          "SHA2-256": 5,
          "SHA2-384": 4,
          "SHA2-512": 3,
          "SHA3- 256": 1,
          "SHA3- 384": 2,
          "SHA3-224": 4,
          "SHA3-256": 3,
          "SHA3-384": 2,
          "SHA3-512": 4
        }
      },
      "fips_security_level": {},
      "hash_function": {
        "SHA": {
          "SHA1": {
            "SHA-1": 13,
            "SHA1": 2
          },
          "SHA2": {
            "SHA-224": 1,
            "SHA-256": 9,
            "SHA-384": 9,
            "SHA-512": 12
          },
          "SHA3": {
            "SHA3-224": 4,
            "SHA3-256": 3,
            "SHA3-384": 2,
            "SHA3-512": 4
          }
        }
      },
      "ic_data_group": {},
      "javacard_api_const": {},
      "javacard_packages": {},
      "javacard_version": {},
      "os_name": {},
      "pq_crypto": {},
      "randomness": {
        "PRNG": {
          "DRBG": 36
        },
        "RNG": {
          "RNG": 3
        }
      },
      "side_channel_analysis": {},
      "standard_id": {
        "FIPS": {
          "FIPS 140": 2,
          "FIPS 140-2": 9,
          "FIPS 180-4": 1,
          "FIPS 186-4": 3,
          "FIPS 197": 1,
          "FIPS 198-1": 1,
          "FIPS 202": 1
        },
        "NIST": {
          "NIST SP 800-131A": 2,
          "NIST SP 800-38B": 2,
          "NIST SP 800-38D": 1,
          "NIST SP 800-38E": 2,
          "NIST SP 800-38F": 4,
          "NIST SP 800-52": 1,
          "NIST SP 800-56A": 2,
          "NIST SP 800-67": 1,
          "NIST SP 800-90A": 4,
          "NIST SP 800-90B": 1,
          "SP 800-132": 1,
          "SP 800-38C": 2,
          "SP 800-38F": 2,
          "SP 800-57": 1,
          "SP 800-90A": 3,
          "SP 800-90B": 3
        },
        "PKCS": {
          "PKCS#1": 3
        },
        "RFC": {
          "RFC3686": 3
        }
      },
      "symmetric_crypto": {
        "AES_competition": {
          "AES": {
            "AES": 31,
            "AES-128": 5,
            "AES-192": 3,
            "AES-256": 6
          }
        },
        "DES": {
          "3DES": {
            "Triple-DES": 12
          },
          "DES": {
            "DES": 4
          }
        },
        "constructions": {
          "MAC": {
            "CMAC": 8,
            "HMAC": 60,
            "HMAC-SHA-512": 1
          }
        }
      },
      "tee_name": {},
      "tls_cipher_suite": {},
      "vendor": {
        "Microsoft": {
          "Microsoft": 10,
          "Microsoft Corporation": 32
        }
      },
      "vulnerability": {}
    },
    "policy_metadata": {
      "/CreationDate": "D:20231004134043-04\u002700\u0027",
      "/MSIP_Label_c968a81f-7ed4-4faa-9408-9652e001dd96_ActionId": "0532fc76-2ee6-4a67-a38a-bf4204b9d836",
      "/MSIP_Label_c968a81f-7ed4-4faa-9408-9652e001dd96_ContentBits": "0",
      "/MSIP_Label_c968a81f-7ed4-4faa-9408-9652e001dd96_Enabled": "true",
      "/MSIP_Label_c968a81f-7ed4-4faa-9408-9652e001dd96_Method": "Privileged",
      "/MSIP_Label_c968a81f-7ed4-4faa-9408-9652e001dd96_Name": "Unrestricted",
      "/MSIP_Label_c968a81f-7ed4-4faa-9408-9652e001dd96_SetDate": "2023-05-30T16:27:58Z",
      "/MSIP_Label_c968a81f-7ed4-4faa-9408-9652e001dd96_SiteId": "b64da4ac-e800-4cfc-8931-e607f720a1b8",
      "/MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Application": "Microsoft Azure Information Protection",
      "/MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Enabled": "True",
      "/MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Extended_MSFT_Method": "Automatic",
      "/MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Name": "General",
      "/MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Owner": "mgrimm@microsoft.com",
      "/MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SetDate": "2018-01-05T22:02:27.1067180Z",
      "/MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SiteId": "72f988bf-86f1-41af-91ab-2d7cd011db47",
      "/ModDate": "D:20231004134043-04\u002700\u0027",
      "pdf_file_size_bytes": 658356,
      "pdf_hyperlinks": {
        "_type": "Set",
        "elements": [
          "https://csrc.nist.gov/publications/detail/sp/800-38f/final",
          "https://csrc.nist.gov/publications/detail/sp/800-90a/rev-1/final",
          "https://docs.microsoft.com/en-us/windows/security/threat-protection/fips-140-validation",
          "https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38e.pdf",
          "https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-4.pdf",
          "http://webstore.ansi.org/FindStandards.aspx?%20Action=displaydept\u0026DeptID=80\u0026Acro=X9\u0026DpName=X9,%20Inc%20",
          "https://csrc.nist.gov/projects/cryptographic-module-validationprogram/standards",
          "https://csrc.nist.gov/publications/detail/sp/800-132/final",
          "http://creativecommons.org/licenses/by-nd-nc/1.0/",
          "https://csrc.nist.gov/publications/detail/sp/800-52/rev-2/final",
          "https://www.kernel.org/doc/html/latest/crypto/index.html",
          "https://csrc.nist.gov/publications/detail/sp/800-131a/rev-2/final"
        ]
      },
      "pdf_is_encrypted": false,
      "pdf_number_of_pages": 30
    }
  },
  "state": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
    "module_download_ok": true,
    "module_extract_ok": true,
    "policy_convert_garbage": false,
    "policy_convert_ok": true,
    "policy_download_ok": true,
    "policy_extract_ok": true,
    "policy_pdf_hash": "df81e68210c8044264b67f076f10b6d1f97cf7944d1d57d6279a1f95ce095e2f",
    "policy_txt_hash": "37ece4e7ec6b0be74187af96eedfc4c427ed7830e299b5bd9f80c1c71a66500f"
  },
  "web_data": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
    "caveat": "When operated in FIPS mode",
    "certificate_pdf_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/August 2022_010922_0715_signed.pdf",
    "date_sunset": "2026-09-21",
    "description": "The Microsoft Azure Linux Kernel Crypto API Cryptographic Module is a general-purpose, software-based cryptographic module. The module provides general purpose cryptographic services that leverage FIPS 140-2-approved cryptographic algorithms. The module runs as part of the operating system kernel, provides cryptographic services to kernel applications through a C language Application Program Interface (API), and provides cryptographic services to user applications through an AF_ALG socket interface. The module is implemented as a set of shared libraries and binary files.",
    "embodiment": "Multi-Chip Stand Alone",
    "exceptions": [
      "Physical Security: N/A",
      "Mitigation of Other Attacks: N/A"
    ],
    "fw_versions": null,
    "historical_reason": null,
    "hw_versions": null,
    "level": 1,
    "mentioned_certs": {},
    "module_name": "Microsoft Azure Linux Kernel Crypto API",
    "module_type": "Software",
    "revoked_link": null,
    "revoked_reason": null,
    "standard": "FIPS 140-2",
    "status": "active",
    "sw_versions": "1.0 and 2.0",
    "tested_conf": [
      "Microsoft Azure Linux 1.0 on Azure Host Hypervisor running on an Azure Compute C2030 Server with an Intel Xeon Platinum 8272CL with PAA",
      "Microsoft Azure Linux 1.0 on Azure Host Hypervisor running on an Azure Compute C2030 Server with an Intel Xeon Platinum 8272CL without PAA",
      "Microsoft Azure Linux 1.0 running on an Azure Compute C2030 Server with an Intel Xeon Platinum 8272CL with PAA",
      "Microsoft Azure Linux 1.0 running on an Azure Compute C2030 Server with an Intel Xeon Platinum 8272CL without PAA",
      "Microsoft Azure Linux 2.0 on Azure Host Hypervisor running on an Azure Compute C2030 Server with an Intel Xeon Platinum 8272CL with PAA",
      "Microsoft Azure Linux 2.0 on Azure Host Hypervisor running on an Azure Compute C2030 Server with an Intel Xeon Platinum 8272CL without PAA",
      "Microsoft Azure Linux 2.0 running on an Azure Compute C2030 Server with an Intel Xeon Platinum 8272CL with PAA",
      "Microsoft Azure Linux 2.0 running on an Azure Compute C2030 Server with an Intel Xeon Platinum 8272CL without PAA"
    ],
    "validation_history": [
      {
        "_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
        "date": "2022-08-15",
        "lab": "LEIDOS CSTL",
        "validation_type": "Initial"
      },
      {
        "_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
        "date": "2024-03-01",
        "lab": "LEIDOS CSTL",
        "validation_type": "Update"
      }
    ],
    "vendor": "Microsoft Corporation",
    "vendor_url": "http://www.microsoft.com"
  }
}

Microsoft Azure Linux Kernel Crypto API

Certificate #4277

Webpage information ?

Document information ?

Security policy

Cryptography

Symmetric Algorithms

Asymmetric Algorithms

Hash functions

Schemes

Protocols

Randomness

Elliptic Curves

Block cipher modes

Device

Vendor

Other

Standards

File metadata

References

Heuristics ?

References ?

Updates ?

Certificate changed

Certificate changed

Certificate changed

Certificate changed

Certificate changed

New certificate

Raw data