Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

    Projects Cryptographic Module Validation Program Validated Modules Search

Cryptographic Module Validation Program CMVP

Certificate #4440

Details

Module Name
VirtruCrypto - FIPS JavaScript Module
Standard
FIPS 140-2
Status
Active
Sunset Date
9/21/2026
Overall Level
1
Caveat
The module generates cryptographic keys whose strengths are modified by available entropy. No assurance of minimum strength or security of keys
Security Level Exceptions
  • Physical Security: N/A
  • Mitigation of Other Attacks: N/A
Module Type
Software
Embodiment
Multi-Chip Stand Alone
Description
The VirtruCrypto module is a multi-chip standalone cryptographic module
Tested Configuration(s)
  • Windows 10 running on HP Z8 with Intel ® Xeon® Silver 4108 CPU without PAA (single-user mode)
Approved Algorithms
AES Cert. #A2602
CKG vendor affirmed
DRBG Cert. #A2602
ENT P
HMAC Cert. #A2602
RSA Cert. #A2602
SHS Cert. #A2602
Allowed Algorithms
RSA (key wrapping; key establishment methodology provides between 112 and 256 bits of encryption strength)
Software Versions
1.2.0

Vendor

Virtru Corporation
1130 Connecticut Ave NW #210
Washington, DC 20036
USA

Peter Nancarrow
security@virtru.com

Related Files

Security Policy
Consolidated Certificate

Validation History

Date Type Lab
2/21/2023 Initial EWA CANADA