Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Cryptographic Module Validation Program CMVP

Certificate #4781

Details

Module Name
CryptoComply 140-3 FIPS Provider
Standard
FIPS 140-3
Status
Active
Sunset Date
8/26/2026
Overall Level
1
Caveat
Interim validation. When installed, initialized and configured as specified in Section 11.1 of the Security Policy. No assurance of the minimum strength of generated SSPs (e.g., keys) and random strings. No assurance of minimum security of SSPs (e.g., keys, bit strings) that are externally loaded, or of SSPs established with externally loaded SSPs
Security Level Exceptions
  • Physical security: N/A
  • Non-invasive security: N/A
  • Documentation requirements: N/A
  • Cryptographic module security policy: N/A
Module Type
Software
Embodiment
Multi-Chip Stand Alone
Description
CryptoComply 140-3 FIPS Provider is a standards-based “Drop-in Compliance™” cryptographic engine. The module delivers core cryptographic functions to applications such as servers, personal computers, mobile devices, and appliances. The module features robust algorithm support, including CNSA algorithms. The module delivers cryptographic services to host applications through a C language Application Programming Interface (API).
Tested Configuration(s)
  • AlmaLinux 9 running on a Dell PowerEdge R830 with an Intel Xeon E5-4667v4 with PAA
  • AlmaLinux 9 running on a Dell PowerEdge R830 with an Intel Xeon E5-4667v4 without PAA
  • Android 13 running on a Google Pixel 7 with a Google Tensor G2
  • Debian 11 running on a Dell PowerEdge R830 with an Intel Xeon E5-4667v4 with PAA
  • Debian 11 running on a Dell PowerEdge R830 with an Intel Xeon E5-4667v4 without PAA
  • FreeBSD 13 running on a Dell PowerEdge R830 with an Intel Xeon E5-4667v4 with PAA
  • FreeBSD 13 running on a Dell PowerEdge R830 with an Intel Xeon E5-4667v4 without PAA
  • iOS 16 running on an iPhone 13 Mini with an Apple A15 Bionic without PAA
  • iPadOS 16 running on an iPad Air (2022) with an Apple M1 without No
  • macOS 13 (Ventura) running on a Mac Mini M2 with an Apple M2
  • Oracle Solaris 11.4 running on a Dell PowerEdge R830 with an Intel Xeon E5-4667v4 with PAA
  • Oracle Solaris 11.4 running on a Dell PowerEdge R830 with an Intel Xeon E5-4667v4 without PAA
  • Red Hat Enterprise Linux 9 running on a Dell PowerEdge R830 with an Intel Xeon E5-4667v4 with PAA
  • Red Hat Enterprise Linux 9 running on a Dell PowerEdge R830 with an Intel Xeon E5-4667v4 without PAA
  • Rocky Linux 9 running on a Dell PowerEdge R830 with an Intel Xeon E5-4667v4 with PAA
  • Rocky Linux 9 running on a Dell PowerEdge R830 with an Intel Xeon E5-4667v4 without PAA
  • SUSE Linux Enterprise Server 15 running on a Dell PowerEdge R830 with an Intel Xeon E5-4667v4 with PAA
  • SUSE Linux Enterprise Server 15 running on a Dell PowerEdge R830 with an Intel Xeon E5-4667v4 without PAA
  • Ubuntu 22.04 running on a Dell PowerEdge R830 with an Intel Xeon E5-4667v4 with PAA
  • Ubuntu 22.04 running on a Dell PowerEdge R830 with an Intel Xeon E5-4667v4 without PAA
  • Windows 10 running on a Dell PowerEdge R830 with an Intel Xeon E5-4667v4 with PAA
  • Windows 10 running on a Dell PowerEdge R830 with an Intel Xeon E5-4667v4 without PAA
  • Windows 11 running on a Dell PowerEdge R830 with an Intel Xeon E5-4667v4 with PAA
  • Windows 11 running on a Dell PowerEdge R830 with an Intel Xeon E5-4667v4 without PAA
  • Windows Server 2019 running on a Dell PowerEdge R830 with an Intel Xeon E5-4667v4 with PAA
  • Windows Server 2019 running on a Dell PowerEdge R830 with an Intel Xeon E5-4667v4 without PAA
  • Windows Server 2022 running on a Dell PowerEdge R830 with an Intel Xeon E5-4667v4 with PAA
  • Windows Server 2022 running on a Dell PowerEdge R830 with an Intel Xeon E5-4667v4 without PAA
Approved Algorithms
AES-CBC
AES-CBC
AES-CBC-CS1
AES-CBC-CS1
AES-CBC-CS2
AES-CBC-CS2
AES-CBC-CS3
AES-CBC-CS3
AES-CCM
AES-CCM
AES-CFB1
AES-CFB1
AES-CFB128
AES-CFB128
AES-CFB8
AES-CFB8
AES-CMAC
AES-CMAC
AES-CTR
AES-CTR
AES-ECB
AES-ECB
AES-GCM
AES-GCM
AES-GCM
AES-GCM
AES-GMAC
AES-GMAC
AES-GMAC
AES-GMAC
AES-KW
AES-KW
AES-KWP
AES-KWP
AES-OFB
AES-OFB
AES-XTS Testing Revision 2.0
AES-XTS Testing Revision 2.0
Counter DRBG
Counter DRBG
DSA KeyGen (FIPS186-4)
DSA KeyGen (FIPS186-4)
DSA PQGGen (FIPS186-4)
DSA PQGGen (FIPS186-4)
DSA PQGVer (FIPS186-4)
DSA PQGVer (FIPS186-4)
DSA SigVer (FIPS186-4)
DSA SigVer (FIPS186-4)
ECDSA KeyGen (FIPS186-4)
ECDSA KeyGen (FIPS186-4)
ECDSA KeyVer (FIPS186-4)
ECDSA KeyVer (FIPS186-4)
ECDSA SigGen (FIPS186-4)
ECDSA SigVer (FIPS186-4)
ECDSA SigVer (FIPS186-4)
ECDSA SigVer (FIPS186-4)
EDDSA KeyGen
EDDSA KeyGen
EDDSA KeyVer
EDDSA KeyVer
EDDSA SigGen
EDDSA SigGen
EDDSA SigGen
EDDSA SigVer
Hash DRBG
Hash DRBG
HMAC DRBG
HMAC DRBG
HMAC-SHA-1
HMAC-SHA-1
HMAC-SHA2-224
HMAC-SHA2-224
HMAC-SHA2-256
HMAC-SHA2-256
HMAC-SHA2-384
HMAC-SHA2-384
HMAC-SHA2-512
HMAC-SHA2-512
HMAC-SHA2-512/224
HMAC-SHA2-512/224
HMAC-SHA2-512/256
HMAC-SHA2-512/256
HMAC-SHA3-224
HMAC-SHA3-224
HMAC-SHA3-256
HMAC-SHA3-256
HMAC-SHA3-384
HMAC-SHA3-384
HMAC-SHA3-512
HMAC-SHA3-512
KAS-ECC-SSC Sp800-56Ar3
KAS-ECC-SSC Sp800-56Ar3
KAS-FFC-SSC Sp800-56Ar3
KAS-FFC-SSC Sp800-56Ar3
KAS-IFC-SSC
KAS-IFC-SSC
KDA HKDF SP800-56Cr2
KDA HKDF SP800-56Cr2
KDA OneStep SP800-56Cr2
KDA OneStep SP800-56Cr2
KDA TwoStep SP800-56Cr2
KDA TwoStep SP800-56Cr2
KDF ANS 9.42
KDF ANS 9.42
KDF ANS 9.63
KDF ANS 9.63
KDF KMAC Sp800-108r1
KDF KMAC Sp800-108r1
KDF SP800-108
KDF SP800-108
KDF SSH
KDF SSH
KMAC-128
KMAC-128
KMAC-256
KMAC-256
KTS-IFC
KTS-IFC
PBKDF
PBKDF
RSA KeyGen (FIPS186-4)
RSA KeyGen (FIPS186-4)
RSA SigGen (FIPS186-4)
RSA SigGen (FIPS186-4)
RSA SigVer (FIPS186-4)
RSA SigVer (FIPS186-4)
Safe Primes Key Generation
Safe Primes Key Generation
Safe Primes Key Verification
Safe Primes Key Verification
SHA-1
SHA-1
SHA2-224
SHA2-224
SHA2-256
SHA2-256
SHA2-384
SHA2-384
SHA2-512
SHA2-512
SHA2-512/224
SHA2-512/224
SHA2-512/256
SHA2-512/256
SHA3-224
SHA3-224
SHA3-256
SHA3-256
SHA3-384
SHA3-384
SHA3-512
SHA3-512
SHAKE-128
SHAKE-128
SHAKE-256
SHAKE-256
TDES-CBC
TDES-CBC
TDES-ECB
TDES-ECB
TLS v1.2 KDF RFC7627
TLS v1.2 KDF RFC7627
TLS v1.3 KDF
TLS v1.3 KDF
Allowed Algorithms
EC Diffie-Hellman with non-NIST recommended curves (Provides 112, 128, 160, 192, or 256 bits of encryption strength. Per IGs D.F and C.A.; Shared secret computation using non-NIST curves: brainpoolP224r1, brainpoolP256r1, brainpoolP320r1, brainpoolP384r1, brainpoolP512r1, with strengths 112 bits, 128 bits, 160 bits, 192 bits, and 256 bits);ECDSA with non-NIST recommended curves (Provides 112, 128, 160, 192, or 256 bits of encryption strength. Per IG C.A.; Key pair generation, digital signature generation, digital signature verification using non-NIST curves: brainpoolP224r1, brainpoolP256r1, brainpoolP320r1, brainpoolP384r1, brainpoolP512r1, with strengths 112 bits, 128 bits, 160 bits, 192 bits, and 256 bits)
Software Versions
3.0.0-FIPS 140-3, 3.0.1-FIPS 140-3

Vendor

SafeLogic Inc.
530 Lytton Ave, Suite 200
Palo Alto, CA 94301
USA

SafeLogic Inside Sales
sales@safelogic.com
Phone: 844-436-2797

Validation History

Date Type Lab
8/27/2024 Initial LEIDOS CSTL