A cryptographic module is a set of hardware, software, or firmware that implements security functions. ESXi uses several FIPS 140-2 validated cryptographic modules.

The following table shows the set of FIPS 140-2 validated cryptographic modules in use by ESXi.

Table 1. FIPS Modules
Cryptographic Module Security Policy Version Algorithms (CAVP) Cryptographic Module Validation Program
Vmkernel Cryptographic Module 1.0 AES, SHS, DRBG, HMAC (C 1172) Certificate #3073
Vmkernel Cryptographic Module Loader Not applicable HMAC, SHS (C 1171) Certificate #3073
Vmkernel DRBG Cryptographic Module Not applicable AES, DRBG (C 499) NA
VMware OpenSSL FIPS Object Module 2.0.20-vmw DRBG, AES, SHS, HMAC, DSA, RSA, ECDSA, KAS-FFC, KAS-ECC (C 470) Certificate #3550 and #3857