Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Cryptographic Module Validation Program CMVP

Certificate #4490

Details

Module Name
AWS OpenSSL FIPS Provider
Standard
FIPS 140-2
Status
Active
Sunset Date
9/21/2026
Overall Level
1
Caveat
When operated in FIPS mode. No assurance of the minimum strength of generated keys.
Security Level Exceptions
  • Physical Security: N/A
  • Design Assurance: Level 3
Module Type
Software
Embodiment
Multi-Chip Stand Alone
Description
The AWS OpenSSL FIPS Provider module is a software library providing a C-language application program interface (API) for use by applications that require cryptographic functionality.
Tested Configuration(s)
  • Amazon Linux 2 running on AWS EC2 c5 instance with Intel Xeon Platinum 8275CL (Cascade Lake) with PAA
  • Amazon Linux 2 running on AWS EC2 c6g instance with AWS Graviton 3 with PAA
  • Amazon Linux 2 running on AWS EC2 c7g instance with AWS Graviton 2 with PAA
  • Amazon Linux 2023 running on AWS EC2 c5 instance with Intel Xeon Platinum 8275CL (Cascade Lake) with PAA
  • Amazon Linux 2023 running on AWS EC2 c6g instance with AWS Graviton 3 with PAA
  • Amazon Linux 2023 running on AWS EC2 c7g instance with AWS Graviton 2 with PAA
  • Debian 11.5 running on Dell Inspiron 7591 with Intel i7(x86) with PAA
  • Debian 11.5 running on Dell Inspiron 7591 with Intel i7(x86) without PAA
  • FreeBSD 13.1 running on Dell Inspiron 7591 with Intel i7(x64) with PAA
  • FreeBSD 13.1 running on Dell Inspiron 7591 with Intel i7(x64) without PAA
  • macOS 11.5.2 running on Apple i7 Mac Mini with Intel i7(x64) with PAA
  • macOS 11.5.2 running on Apple i7 Mac Mini with Intel i7(x64) without PAA
  • Ubuntu Linux 22.04.1 LTS running on Dell Inspiron 7591 with Intel i7(x64) with PAA
  • Ubuntu Linux 22.04.1 LTS running on Dell Inspiron 7591 with Intel i7(x64) without PAA
  • Windows 10 running on Dell Inspiron 7591 with Intel i7(x64) with PAA (single-user mode)
  • Windows 10 running on Dell Inspiron 7591 with Intel i7(x64) without PAA
Approved Algorithms
AES Certs. #A3500 and #A3607
CKG vendor affirmed
CVL Certs. #A3500 and #A3607
DRBG Certs. #A3500 and #A3607
DSA Certs. #A3500 and #A3607
ECDSA Certs. #A3500 and #A3607
HMAC Certs. #A3500 and #A3607
KAS-RSA-SSC Certs. #A3500 and #A3607
KAS-SSC Certs. #A3500 and #A3607
KBKDF Certs. #A3500 and #A3607
KDA Certs. #A3500 and #A3607
KMAC Certs. #A3500 and #A3607
KTS AES Certs. #A3500 and #A3607; key establishment methodology provides between 128 and 256 bits of encryption strength
KTS AES Certs. #A3500 and #A3607 and AES Certs. #A3500 and #A3607; key establishment methodology provides between 128 and 256 bits of encryption strength
KTS AES Certs. #A3500 and #A3607 and HMAC Certs. #A3500 and #A3607; key establishment methodology provides between 128 and 256 bits of encryption strength
KTS Triple-DES Certs. #A3500 and #A3607 and HMAC Certs. #A3500 and #A3607; key establishment methodology provides 112 bits of encryption strength
KTS-RSA Certs. #A3500 and #A3607; key establishment methodology provides between 112 and 192 bits of encryption strength
PBKDF Certs. #A3500 and #A3607
RSA Certs. #A3500 and #A3607
SHA-3 Certs. #A3500 and #A3607
SHS Certs. #A3500 and #A3607
Triple-DES Certs. #A3500 and #A3607
Software Versions
3.0.8

Vendor

Amazon Web Services, Inc.
410 Terry Ave N, Ste 1200
Seattle, WA 98109-5210
USA

AWS Crypto Team
aws-fips-external@amazon.com

Validation History

Date Type Lab
4/26/2023 Initial ACUMEN SECURITY, LLC
7/26/2023 Update ACUMEN SECURITY, LLC