Module Name
VMware's BoringCrypto Module
Caveat
When installed, initialized and configured as specified in Section 3.1 of the Security Policy and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy
Security Level Exceptions
- Physical Security: N/A
- Mitigation of Other Attacks: N/A
Embodiment
Multi-Chip Stand Alone
Description
VMware’s BoringCrypto Module is a software library that implements and provides FIPS 140-2 Approved cryptographic functionalities to various VMware products and services.
Tested Configuration(s)
- Amazon Linux 2 on ESXi 7.0 running on Dell PowerEdge R740 with Intel® Xeon Gold 6230R with AES-NI
- Amazon Linux 2 on ESXi 7.0 running on Dell PowerEdge R740 with Intel® Xeon Gold 6230R without AES-NI
- Photon OS 2.0 on ESXi 7.0 running on Dell PowerEdge R740 with Intel® Xeon Gold 6230R with AES-NI
- Photon OS 2.0 on ESXi 7.0 running on Dell PowerEdge R740 with Intel® Xeon Gold 6230R without AES-NI
- Photon OS 3.0 on ESXi 7.0 running on Dell PowerEdge R740 with Intel® Xeon Gold 6126R with AES-NI
- Photon OS 3.0 on ESXi 7.0 running on Dell PowerEdge R740 with Intel® Xeon Gold 6126R without AES-NI
- Photon OS 3.0 on ESXi 7.0 running on Dell PowerEdge R740 with Intel® Xeon Gold 6230R with AES-NI
- Photon OS 3.0 on ESXi 7.0 running on Dell PowerEdge R740 with Intel® Xeon Gold 6230R without AES-NI
- Photon OS 4.0 on ESXi 7.0 running on Dell PowerEdge R740 with Intel® Xeon Gold 6230R with AES-NI
- Photon OS 4.0 on ESXi 7.0 running on Dell PowerEdge R740 with Intel® Xeon Gold 6230R without AES-NI
- Red Hat Enterprise Linux 7.9 on ESXi 7.0 running on Dell PowerEdge R740 with Intel® Xeon Gold 6230R with AES-NI
- Red Hat Enterprise Linux 7.9 on ESXi 7.0 running on Dell PowerEdge R740 with Intel® Xeon Gold 6230R without AES-NI
- Red Hat Enterprise Linux 8.2 on ESXi 7.0 running on Dell PowerEdge R740 with Intel® Xeon Gold 6230R with AES-NI
- Red Hat Enterprise Linux 8.2 on ESXi 7.0 running on Dell PowerEdge R740 with Intel® Xeon Gold 6230R without AES-NI
- Ubuntu 18.04 on ESXi 7.0 running on Dell PowerEdge R740 with Intel® Xeon Gold 6230R with AES-NI
- Ubuntu 18.04 on ESXi 7.0 running on Dell PowerEdge R740 with Intel® Xeon Gold 6230R without AES-NI
- Ubuntu 20.04 on ESXi 7.0 running on Dell PowerEdge R740 with Intel® Xeon Gold 6230R with AES-NI
- Ubuntu 20.04 on ESXi 7.0 running on Dell PowerEdge R740 with Intel® Xeon Gold 6230R without AES-NI
- Ubuntu 20.04 running on Dell PowerEdge R740 with Intel® Core i5 with AES-NI
- Ubuntu 20.04 running on Dell PowerEdge R740 with Intel® Core i5 without AES-NI (single-user mode)
- Within ESXi 7.0 (as a host) running on Dell PowerEdge R740 with Intel® Xeon Gold 6126R with AES-NI
- Within ESXi 7.0 (as a host) running on Dell PowerEdge R740 with Intel® Xeon Gold 6126R without AES-NI
- Within ESXi 7.0 (as a host) running on Dell PowerEdge R740 with Intel® Xeon Gold 6230R with AES-NI
- Within ESXi 7.0 (as a host) running on Dell PowerEdge R740 with Intel® Xeon Gold 6230R without AES-NI
FIPS Algorithms
| AES |
Cert. #A1231 |
| CKG |
vendor affirmed |
| CVL |
Cert. #A1231 |
| DRBG |
Cert. #A1231 |
| ECDSA |
Cert. #A1231 |
| HMAC |
Cert. #A1231 |
| KAS-SSC |
vendor affirmed |
| KTS |
AES Cert. #A1231; key establishment methodology provides between 128 and 256 bits of encryption strength |
| RSA |
Cert. #A1231 |
| SHS |
Cert. #A1231 |
| Triple-DES |
Cert. #A1231 |
Allowed Algorithms
MD5; NDRNG; RSA (key wrapping; key establishment methodology provides between 112 and 256 bits of encryption strength)
) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)
