Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Cryptographic Module Validation Program CMVP

Project Links

Overview FAQs News & Updates Publications

Certificate #5244

Details

Module Name

BoringCrypto

Standard

FIPS 140-3

Status

Active

Sunset Date

4/17/2031

Overall Level

Caveat

When operated in approved mode. No assurance of the minimum strength of generated SSPs (e.g., keys). No assurance of minimum security of SSPs (e.g., keys, bit strings) that are externally loaded, or of SSPs established with externally loaded SSPs.

Security Level Exceptions

Physical security: N/A
Non-invasive security: N/A
Mitigation of other attacks: N/A

Module Type

Software

Embodiment

MultiChipStand

Description

A software library that contains cryptographic functionality to serve BoringSSL and other user-space applications.

Vendor

Google, LLC
1600 Amphitheatre Parkway
Mountain View, CA 94043
USA

Adam Langley
[email protected]
Phone: 650-253-0000
Fax:

Related Files

Security Policy
Consolidated Certificate

Validation History

Date	Type	Lab
4/18/2026	Initial	DEKRA Cybersecurity Certification Laboratory