Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

    Projects Cryptographic Module Validation Program Validated Modules Search

Cryptographic Module Validation Program CMVP

Certificate #3836

Details

Module Name
Rancher Kubernetes Cryptographic Library
Standard
FIPS 140-2
Status
Historical
 Historical Reason
SP 800-56Arev3 transition
Overall Level
1
Caveat
When installed, initialized and configured as specified in Section 9.1 of the Security Policy and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy.
Security Level Exceptions
  • Physical Security: N/A
  • Mitigation of Other Attacks: N/A
Module Type
Software
Embodiment
Multi-Chip Stand Alone
Description
A software library that contains cryptography to serve Rancher’s Kubernetes platform and its ecosystem of supported cloud-native tools written in the Go programming language.
Tested Configuration(s)
  • CentOS 7.8 running on Dell PowerEdge R440 with Intel® Xeon® Silver 4214R without PAA (clang 6.0.1)
  • CentOS 8.2 running on Dell PowerEdge R440 with Intel® Xeon® Silver 4214R with PAA (clang 6.0.1)
  • CentOS 8.2 running on Dell PowerEdge R440 with Intel® Xeon® Silver 4214R without PAA (clang 6.0.1)
  • Red Hat Enterprise Linux 7.8 running on Dell PowerEdge R440 with Intel® Xeon® Silver 4214R with PAA (clang 6.0.1)
  • Red Hat Enterprise Linux 7.8 running on Dell PowerEdge R440 with Intel® Xeon® Silver 4214R without PAA (clang 6.0.1)
  • Red Hat Enterprise Linux 8.2 running on Dell PowerEdge R440 with Intel® Xeon® Silver 4214R with PAA (clang 6.0.1)
  • Red Hat Enterprise Linux 8.2 running on Dell PowerEdge R440 with Intel® Xeon® Silver 4214R without PAA (clang 6.0.1) (single-user mode)
  • Tested as meeting level 1 with CentOS 7.8 running on Dell PowerEdge R440 with Intel® Xeon® Silver 4214R with PAA (clang 6.0.1)
Approved Algorithms
AES Cert. #A865
CKG vendor affirmed
CVL Cert. #A865
DRBG Cert. #A865
ECDSA Cert. #A865
HMAC Cert. #A865
KTS AES Cert. #A865; key establishment methodology provides 128 or 256 bits of encryption strength
RSA Cert. #A865
SHS Cert. #A865
Triple-DES Cert. #A865
Allowed Algorithms
EC Diffie-Hellman (CVL Cert. #A865 with Cert. #A865, key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength); MD5; NDRNG; RSA (key wrapping; key establishment methodology provides between 112 and 256 bits of encryption strength)
Software Versions
66005f41fbc3529ffe8d007708756720529da20d

Vendor

Rancher Labs
P.O. Box 1658
Mountain View, CA 94042
USA

Craig Jellick
 Brandon Gulla

Related Files

Security Policy
Consolidated Certificate

Validation History

Date Type Lab
3/3/2021 Initial ACUMEN SECURITY, LLC
3/30/2021 Update ACUMEN SECURITY, LLC