Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Cryptographic Module Validation Program CMVP

Certificate #4856

Details

Module Name
Chainguard OpenSSL 3.0 FIPS Provider Module
Standard
FIPS 140-2
Status
Active
Sunset Date
9/21/2026
Overall Level
1
Caveat
When operated in FIPS mode. No assurance of the minimum strength of generated keys.
Security Level Exceptions
  • Physical Security: N/A
  • Design Assurance: Level 3
Module Type
Software
Embodiment
Multi-Chip Stand Alone
Description
The Chainguard OpenSSL 3.0 FIPS Provider Module is a software library providing a C-language application program interface (API) for use by applications that require cryptographic functionality.
Tested Configuration(s)
  • Debian 11.5 running on Dell Inspiron 7591 with Intel i7 (x64) with PAA
  • Debian 11.5 running on Dell Inspiron 7591 with Intel i7 (x64) without PAA
  • FreeBSD 13.1 running on Dell Inspiron 7591 with Intel i7 (x64) with PAA
  • FreeBSD 13.1 running on Dell Inspiron 7591 with Intel i7 (x64) without PAA
  • macOS 11.5.2 running on Apple i7 Mac Mini with Intel i7 (x64) with PAA
  • macOS 11.5.2 running on Apple i7 Mac Mini with Intel i7 (x64) without PAA
  • macOS 11.5.2 running on Apple M1 Mac Mini with M1 with PAA
  • macOS 11.5.2 running on Apple M1 Mac Mini with M1 without PAA
  • Ubuntu Linux 22.04.1 LTS running on Dell Inspiron 7591 with Intel i7 (x64) with PAA
  • Ubuntu Linux 22.04.1 LTS running on Dell Inspiron 7591 with Intel i7 (x64) without PAA
  • Windows 10 running on Dell Inspiron 7591 with Intel i7 (x64) with PAA
  • Windows 10 running on Dell Inspiron 7591 with Intel i7 (x64) without PAA (single-user mode)
Approved Algorithms
AES Cert. #A4086
CKG vendor affirmed
CVL Cert. #A4086
DRBG Cert. #A4086
DSA Cert. #A4086
ECDSA Cert. #A4086
HMAC Cert. #A4086
KAS-RSA-SSC Cert. #A4086
KAS-SSC Cert. #A4086
KBKDF Cert. #A4086
KDA Cert. #A4086
KMAC Cert. #A4086
KTS AES Cert. #A4086; key establishment methodology provides between 128 and 256 bits of encryption strength
KTS AES Cert. #A4086 and AES Cert. #A4086; key establishment methodology provides between 128 and 256 bits of encryption strength
KTS AES Cert. #A4086 and HMAC Cert. #A4086; key establishment methodology provides between 128 and 256 bits of encryption strength
KTS Triple-DES Cert. #A4086 and HMAC Cert. #A4086; key establishment methodology provides 112 bits of encryption strength
KTS-RSA Cert. #A4086; key establishment methodology provides between 112 and 256 bits of encryption strength
PBKDF Cert. #A4086
RSA Cert. #A4086
SHA-3 Cert. #A4086
SHS Cert. #A4086
Triple-DES Cert. #A4086
Allowed Algorithms
N/A
Software Versions
3.0.9

Vendor

Chainguard, Inc.
810 7th Ave S
Kirkland, WA 98033
USA

Lindsey Krieger
fips-contact@chainguard.dev
Phone: 425-242-4836

Related Files

Validation History

Date Type Lab
10/29/2024 Initial ACUMEN SECURITY, LLC