U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Cryptographic Module Validation Program CMVP

Certificate #4131

Details

Module Name
Juniper OpenSSL Cryptographic Module
Standard
FIPS 140-2
Status
Active
Sunset Date
9/21/2026
Overall Level
1
Caveat
When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy
Security Level Exceptions
  • Physical Security: N/A
Module Type
Software
Embodiment
Multi-Chip Stand Alone
Description
The Juniper OpenSSL Cryptographic Module is a set of software libraries implementing the Transport Layer Security (TLS) protocol v1.0, v1.1 and v1.2 and Datagram Transport Layer Security (DTLS) protocol v1.0 and v1.2, as well as general purpose cryptographic algorithms.
Tested Configuration(s)
  • Junos OS Evolved version 19.4R2 running on Juniper Networks Packet Transport Router Model PTX10003-80C with Intel Xeon E5-2628Lv4 with PAA
  • Junos OS Evolved version 19.4R2 running on Juniper Networks Packet Transport Router Model PTX10003-80C with Intel Xeon E5-2628Lv4 without PAA(single-user mode)
FIPS Algorithms
AES Certs. #A650, #A653 and #A2017
CVL Cert. #A650
DRBG Cert. #A650
DSA Cert. #A650
ECDSA Cert. #A650
HMAC Cert. #A650
KTS AES Certs. #A650 and #A2017; key establishment methodology provides between 128 and 256 bits of encryption strength
KTS AES Certs. #A650, #A653 and #A2017; key establishment methodology provides 128 or 256 bits of encryption strength
KTS AES Certs. #A650 and #A2017 and HMAC Cert. #A650; key establishment methodology provides 128 or 256 bits of encryption strength
KTS Triple-DES Cert. #A650 and HMAC Cert. #A650; key establishment methodology provides 112 bits of encryption strength
RSA Cert. #A650
SHS Certs. #A650 and #A2017
Triple-DES Cert. #A650
Allowed Algorithms
Diffie-Hellman (CVL Cert. #A650 with CVL Cert. #A650, key agreement; key establishment methodology provides between 112 and 219 bits of encryption strength); EC Diffie-Hellman (CVL Cert. #A650 with CVL Cert. #A650, key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength); MD5; NDRNG; RSA (key wrapping; key establishment methodology provides between 112 and 256 bits of encryption strength)
Software Versions
1.0

Vendor

Juniper Networks, Inc.
1133 Innovation Way
Sunnyvale, CA 94089
USA

Seth Ross
seth@juniper.net
Phone: +1-408-745-2000

Validation History

Date Type Lab
1/13/2022 Initial ATSEC INFORMATION SECURITY CORP