Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Cryptographic Module Validation Program CMVP

Certificate #4735

Details

Module Name
BoringCrypto
Standard
FIPS 140-3
Status
Active
Sunset Date
7/22/2029
Overall Level
1
Caveat
No assurance of the minimum strength of generated SSPs (e.g., keys). When operated in approved mode.
Security Level Exceptions
  • Physical security: N/A
  • Non-invasive security: N/A
  • Mitigation of other attacks: N/A
  • Documentation requirements: N/A
  • Cryptographic module security policy: N/A
Module Type
Software
Embodiment
Multi-Chip Stand Alone
Description
A software library that contains cryptographic functionality to serve BoringSSL and other user-space applications.
Tested Configuration(s)
  • Android 13 running on Google Pixel 4a with Qualcomm Snapdragon 730 32-bit with PAA
  • Android 13 running on Google Pixel 4a with Qualcomm Snapdragon 730 32-bit without PAA
  • Android 13 running on Google Pixel 4a with Qualcomm Snapdragon 730 64-bit with PAA
  • Android 13 running on Google Pixel 4a with Qualcomm Snapdragon 730 64-bit without PAA
  • Android 13 running on Google Pixel 4XL with Qualcomm Snapdragon 855 32-bit with PAA
  • Android 13 running on Google Pixel 4XL with Qualcomm Snapdragon 855 32-bit without PAA
  • Android 13 running on Google Pixel 4XL with Qualcomm Snapdragon 855 64-bit with PAA
  • Android 13 running on Google Pixel 4XL with Qualcomm Snapdragon 855 64-bit without PAA
  • Android 13 running on Google Pixel 5a with Qualcomm Snapdragon 765 32-bit with PAA
  • Android 13 running on Google Pixel 5a with Qualcomm Snapdragon 765 32-bit without PAA
  • Android 13 running on Google Pixel 5a with Qualcomm Snapdragon 765 64-bit with PAA
  • Android 13 running on Google Pixel 5a with Qualcomm Snapdragon 765 64-bit without PAA
  • Android 13 running on Google Pixel 6 Pro with Google Tensor 32-bit with PAA
  • Android 13 running on Google Pixel 6 Pro with Google Tensor 32-bit without PAA
  • Android 13 running on Google Pixel 6 Pro with Google Tensor 64-bit with PAA
  • Android 13 running on Google Pixel 6 Pro with Google Tensor 64-bit without PAA
  • Android 13 running on Google Pixel 7 Pro with Google Tensor G2 32-bit with PAA
  • Android 13 running on Google Pixel 7 Pro with Google Tensor G2 32-bit without PAA
  • Android 13 running on Google Pixel 7 Pro with Google Tensor G2 64-bit with PAA
  • Android 13 running on Google Pixel 7 Pro with Google Tensor G2 64-bit without PAA
  • Debian Linux 5.17.11 (Rodete) running on n2d with AMD EPYC 7B12 with PAA
  • Debian Linux 5.17.11 (Rodete) running on n2d with AMD EPYC 7B12 without PAA
  • Google Prodimage with Linux 4.15.0 running on n1 with Intel Xeon E5 2696 v4 with PAA
  • Google Prodimage with Linux 4.15.0 running on n1 with Intel Xeon E5 2696 v4 without PAA
  • Google Prodimage with Linux 4.15.0 running on Tau t2a with Ampere Altra with PAA
  • Google Prodimage with Linux 4.15.0 running on Tau t2a with Ampere Altra without PAA
  • Google Prodimage with Linux 5.10.120 running on IN762 with PAA
  • Google Prodimage with Linux 5.10.120 running on IN762 without PAA
Approved Algorithms
AES-CBC
AES-CCM
AES-CTR
AES-ECB
AES-GCM
AES-KW
AES-KWP
Counter DRBG
ECDSA KeyGen (FIPS186-4)
ECDSA KeyVer (FIPS186-4)
ECDSA SigGen (FIPS186-4)
ECDSA SigVer (FIPS186-4)
HMAC-SHA-1
HMAC-SHA2-224
HMAC-SHA2-256
HMAC-SHA2-384
HMAC-SHA2-512
KAS-ECC-SSC Sp800-56Ar3
KDF TLS
RSA KeyGen (FIPS186-4)
RSA SigGen (FIPS186-4)
RSA SigVer (FIPS186-4)
SHA-1
SHA2-224
SHA2-256
SHA2-384
SHA2-512
SHA2-512/256
Software Versions
2022061300

Vendor

Google, LLC.
1600 Amphitheatre Parkway
Mountain View, CA 94043
USA

Adam Langley
fips-crypto-officer@google.com
Phone: 000-000-0000

Validation History

Date Type Lab
7/23/2024 Initial ACUMEN SECURITY, LLC