U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Cryptographic Module Validation Program CMVP

Certificate #4046

Details

Module Name
Ubuntu 20.04 Strongswan Cryptographic Module
Standard
FIPS 140-2
Status
Active
Sunset Date
10/17/2026
Overall Level
1
Caveat
When operated in FIPS mode and installed, initialized and configured as specified in Section 9.1 of the Security Policy with module Ubuntu 20.04 OpenSSL Cryptographic Module validated to FIPS 140-2 under Cert. #3966 operating in FIPS mode and with module Ubuntu 20.04 Kernel Crypto API Cryptographic Module validated to FIPS140-2 under Cert. #3928 operating in FIPS mode
Security Level Exceptions
  • Physical Security: N/A
  • Mitigation of Other Attacks: N/A
Module Type
Software
Embodiment
Multi-Chip Stand Alone
Description
Ubuntu 20.04 Strongswan Cryptographic Module provides cryptographic services for the Internet Key Exchange (IKE) protocol in the Ubuntu Operating System user space.
Tested Configuration(s)
  • Ubuntu 20.04 LTS 64-bit running on Supermicro SYS-1019P-WTR with Intel Xeon Gold 6226 with PAA
  • Ubuntu 20.04 LTS 64-bit running on Supermicro SYS-1019P-WTR with Intel Xeon Gold 6226 without PAA (single-user mode)
FIPS Algorithms
AES Certs. #A522, #A523, #A524, #A526, #A527, #A528, #A533, #A534, #A535, #A536, #A537 and #A538
CVL Cert. #A660
DRBG Certs. #A522, #A523 and #A524
ECDSA Certs. #A529, #A530, #A531 and #A532
HMAC Certs. #A529, #A530, #A531, #A532, #A616, #A617, #A618, #A644, #A645 and #A646
KAS KAS-SSC Certs. #A529, #A530, #A531, #A532 and #A539, CVL Cert. #A660
KAS-SSC Certs. #A529, #A530, #A531, #A532 and #A539
RSA Certs. #A529, #A530, #A531 and #A532
SHS Certs. #A529, #A530, #A531, #A532, #A616, #A617, #A618, #A644, #A645 and #A646
Triple-DES Cert. #A525
Allowed Algorithms
NDRNG
Software Versions
3.0

Vendor

Canonical Ltd.
5th floor, Blue Fin Building
110 Southwark Street
London SE1 0SU
United Kingdom

Validation History

Date Type Lab
10/18/2021 Initial ATSEC INFORMATION SECURITY CORP