Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

    Projects Cryptographic Module Validation Program Validated Modules Search

Cryptographic Module Validation Program CMVP

Certificate #4028

Details

Module Name
VMware's BoringCrypto Module
Standard
FIPS 140-2
Status
Active
Sunset Date
7/12/2025
Overall Level
1
Caveat
When installed, initialized and configured as specified in Section 3.1 of the Security Policy and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy
Security Level Exceptions
  • Physical Security: N/A
  • Mitigation of Other Attacks: N/A
Module Type
Software
Embodiment
Multi-Chip Stand Alone
Description
VMware’s BoringCrypto Module is a software library that implements and provides FIPS 140-2 Approved cryptographic functionalities to various VMware products and services.
Tested Configuration(s)
  • Amazon Linux 2 on ESXi 7.0 running on Dell PowerEdge R740 with Intel® Xeon Gold 6230R with AES-NI
  • Amazon Linux 2 on ESXi 7.0 running on Dell PowerEdge R740 with Intel® Xeon Gold 6230R without AES-NI
  • Photon OS 2.0 on ESXi 7.0 running on Dell PowerEdge R740 with Intel® Xeon Gold 6230R with AES-NI
  • Photon OS 2.0 on ESXi 7.0 running on Dell PowerEdge R740 with Intel® Xeon Gold 6230R without AES-NI
  • Photon OS 3.0 on ESXi 7.0 running on Dell PowerEdge R740 with Intel® Xeon Gold 6126R with AES-NI
  • Photon OS 3.0 on ESXi 7.0 running on Dell PowerEdge R740 with Intel® Xeon Gold 6126R without AES-Ni
  • Photon OS 3.0 on ESXi 7.0 running on Dell PowerEdge R740 with Intel® Xeon Gold 6230R with AES-NI
  • Photon OS 3.0 on ESXi 7.0 running on Dell PowerEdge R740 with Intel® Xeon Gold 6230R without AES-NI
  • Photon OS 3.0 on ESXi 8.0 running on Dell PowerEdge R650 with Intel® Xeon Gold 6330 with AES-NI
  • Photon OS 3.0 on ESXi 8.0 running on Dell PowerEdge R650 with Intel® Xeon Gold 6330 without AES-NI
  • Photon OS 4.0 on ESXi 7.0 running on Dell PowerEdge R740 with Intel® Xeon Gold 6230R with AES-NI
  • Photon OS 4.0 on ESXi 7.0 running on Dell PowerEdge R740 with Intel® Xeon Gold 6230R without AES-NI
  • Photon OS 4.0 on ESXi 8.0 running on Dell PowerEdge R650 with Intel® Xeon Gold 6330 with AES-NI
  • Photon OS 4.0 on ESXi 8.0 running on Dell PowerEdge R650 with Intel® Xeon Gold 6330 without AES-NI
  • Red Hat Enterprise Linux 7.9 on ESXi 7.0 running on Dell PowerEdge R740 with Intel® Xeon Gold 6230R with AES-NI
  • Red Hat Enterprise Linux 7.9 on ESXi 7.0 running on Dell PowerEdge R740 with Intel® Xeon Gold 6230R without AES-NI
  • Red Hat Enterprise Linux 8.2 on ESXi 7.0 running on Dell PowerEdge R740 with Intel® Xeon Gold 6230R with AES-NI
  • Red Hat Enterprise Linux 8.2 on ESXi 7.0 running on Dell PowerEdge R740 with Intel® Xeon Gold 6230R without AES-NI
  • Ubuntu 18.04 on ESXi 7.0 running on Dell PowerEdge R740 with Intel® Xeon Gold 6230R with AES-NI
  • Ubuntu 18.04 on ESXi 7.0 running on Dell PowerEdge R740 with Intel® Xeon Gold 6230R without AES-NI
  • Ubuntu 20.04 on ESXi 7.0 running on Dell PowerEdge R740 with Intel® Xeon Gold 6230R with AES-NI
  • Ubuntu 20.04 on ESXi 7.0 running on Dell PowerEdge R740 with Intel® Xeon Gold 6230R without AES-NI
  • Ubuntu 20.04 on ESXi 8.0 running on Dell PowerEdge R650 with Intel® Xeon Gold 6330 with AES-NI
  • Ubuntu 20.04 on ESXi 8.0 running on Dell PowerEdge R650 with Intel® Xeon Gold 6330 without AES-NI
  • Ubuntu 20.04 running on Dell PowerEdge R740 with Intel® Core i5 with AES-NI
  • Ubuntu 20.04 running on Dell PowerEdge R740 with Intel® Core i5 without AES-NI (single-user mode)
  • Within ESXi 7.0 (as a host) running on Dell PowerEdge R740 with Intel® Xeon Gold 6126R with AES-NI
  • Within ESXi 7.0 (as a host) running on Dell PowerEdge R740 with Intel® Xeon Gold 6126R without AES-NI
  • Within ESXi 7.0 (as a host) running on Dell PowerEdge R740 with Intel® Xeon Gold 6230R with AES-NI
  • Within ESXi 7.0 (as a host) running on Dell PowerEdge R740 with Intel® Xeon Gold 6230R without AES-NI
  • Within ESXi 8.0 (as a host) running on Dell PowerEdge R650 with Intel® Xeon Gold 6330 with AES-NI
Approved Algorithms
AES Cert. #A1231
CKG vendor affirmed
CVL Cert. #A1231
DRBG Cert. #A1231
ECDSA Cert. #A1231
HMAC Cert. #A1231
KAS-SSC vendor affirmed
KTS AES Cert. #A1231; key establishment methodology provides between 128 and 256 bits of encryption strength
RSA Cert. #A1231
SHS Cert. #A1231
Triple-DES Cert. #A1231
Allowed Algorithms
MD5; NDRNG; RSA (key wrapping; key establishment methodology provides between 112 and 256 bits of encryption strength)
Software Versions
3.0

Vendor

VMware, Inc.
3401 Hillview Ave
Palo Alto, CA 94304
USA

Manoj Maskara
mmaskara@vmware.com
Phone: 650-427-1000
Fax: 650-475-5001
 Sunil Kumar Yadav
ysunilkumar@vmware.com

Related Files

Security Policy
Consolidated Certificate

Validation History

Date Type Lab
9/13/2021 Initial ACUMEN SECURITY, LLC
3/27/2023 Update ACUMEN SECURITY, LLC