A cryptographic module is a set of hardware, software, or firmware that implements security functions. ESXi uses several FIPS 140-2 validated cryptographic modules.
The following table shows the set of FIPS 140-2 validated cryptographic modules in use by ESXi.
| Cryptographic Module | Security Policy Version | Algorithms (CAVP) | Cryptographic Module Validation Program |
|---|---|---|---|
| Vmkernel Cryptographic Module | 1.0 | AES, SHS, DRBG, HMAC (C 1172) | Certificate #3073 |
| Vmkernel Cryptographic Module Loader | Not applicable | HMAC, SHS (C 1171) | Certificate #3073 |
| Vmkernel DRBG Cryptographic Module | Not applicable | AES, DRBG (C 499) | NA |
| VMware OpenSSL FIPS Object Module | 2.0.20-vmw | DRBG, AES, SHS, HMAC, DSA, RSA, ECDSA, KAS-FFC, KAS-ECC (C 470) | Certificate #3550 and #3857 |
