Search FIPS 140-2/3 validated cryptographic modules by vendor, algorithm, or security level to verify compliance and find suitable implementations.
MIT
164,020 tools. Last updated 2026-05-30 22:02
"OpenSSL" matching MCP tools:
- Encode, decode, encrypt, or decrypt data using cryptography tools like OpenSSL, Base64, and XXD for security testing operations.
- [pqc_signature] 使用 ML-DSA 私钥对消息签名(FIPS 204)。 【双模式】sign_mode 支持 RAW(默认)和 EXTERNAL_MU 两种模式。 - RAW 模式:直接签名原始消息(liboqs,最大 256 字节) - EXTERNAL_MU 模式:先计算 mu = SHAKE-256(tr||M', 64),再通过 OpenSSL 3.5+ mu 模式签名(最大 2048 字节),与 AWS KMS ML-DSA EXTERNAL_MU 语义等价 【消息长度策略】 - RAW:最大 256 字节,空消息合法 - EXTERNAL_MU:最大 2048 字节,空消息合法 - > 256 且 <= 2048 字节:使用 EXTERNAL_MU - > 2048 字节:拒绝 【算法】algorithm 支持 ML-DSA-44 / ML-DSA-65(默认)/ ML-DSA-87。 【参数】 - private_key_in_hex:ml_dsa_keygen 返回的私钥 hex - public_key_spki_in_hex:EXTERNAL_MU 模式必填,ml_dsa_keygen 返回的公钥 hex(SPKI DER) - message_in_hex:待签消息 hex - context_in_hex:可选上下文 hex(最大 255 字节) - sign_mode:RAW 或 EXTERNAL_MU(默认 RAW) 【输出】signature_in_hex、signature_in_base64、algorithm、message_bytes、signature_bytes。Connector
- [pqc_signature] 使用 ML-DSA 公钥验证签名(FIPS 204)。 【双模式】sign_mode 支持 RAW(默认)和 EXTERNAL_MU 两种模式,必须与签名时使用的模式一致。 - RAW 模式:直接验证原始消息签名(liboqs,最大 256 字节,空消息合法) - EXTERNAL_MU 模式:先计算 mu,再通过 OpenSSL 3.5+ mu 模式验签,可验证 AWS KMS EXTERNAL_MU 签名(最大 2048 字节,空消息合法) 【算法】algorithm 支持 ML-DSA-44 / ML-DSA-65(默认)/ ML-DSA-87。 【参数】 - public_key_spki_in_hex:公钥 hex(SPKI DER 或裸公钥均可),并校验 OID/长度与 algorithm 一致 - message_in_hex:原始消息 hex,空字符串表示空消息 - signature_in_hex:签名 hex - context_in_hex:签名时使用的 context(必须一致) - sign_mode:RAW 或 EXTERNAL_MU(默认 RAW) 【输出】verified(bool,True=验签通过)、algorithm、message_bytes。Connector
- Look up CVE vulnerability data for enterprise security teams, DevSecOps and SOC analysts. Supports two modes: exact CVE ID lookup (e.g. 'CVE-2024-3094') or keyword search by product/vendor (e.g. 'openssl', 'Apache Tomcat'). Cross-references four authoritative keyless sources: NVD NIST (official CVE database, CVSS v3 scores, affected CPEs), CISA KEV (Known Exploited Vulnerabilities catalog — exploit_in_wild flag), EPSS FIRST (exploit probability 0-1), GitHub Security Advisories (ecosystem-specific: npm/pypi/maven). Returns structured vulnerability records with CVSS v3 scores, affected product version ranges, CWE weakness classification, references and exploitation status. Signals engine produces P0/P1/P2 alerts: P0=CVSS>=9 + active exploitation, P1=CVSS>=7 or EPSS>=70%, P2=CWE pattern clusters. Relevant for EU NIS2 and DORA supply chain risk obligations. Optional env: NVD_API_KEY (raises NVD rate-limit 5→50 req/30s), GITHUB_TOKEN (raises GHSA GraphQL rate-limit). Cache TTL 6h. SLA <=25s p95.Connector
- Look up CVE vulnerability data for enterprise security teams, DevSecOps and SOC analysts. Supports two modes: exact CVE ID lookup (e.g. 'CVE-2024-3094') or keyword search by product/vendor (e.g. 'openssl', 'Apache Tomcat'). Cross-references four authoritative keyless sources: NVD NIST (official CVE database, CVSS v3 scores, affected CPEs), CISA KEV (Known Exploited Vulnerabilities catalog — exploit_in_wild flag), EPSS FIRST (exploit probability 0-1), GitHub Security Advisories (ecosystem-specific: npm/pypi/maven). Returns structured vulnerability records with CVSS v3 scores, affected product version ranges, CWE weakness classification, references and exploitation status. Signals engine produces P0/P1/P2 alerts: P0=CVSS>=9 + active exploitation, P1=CVSS>=7 or EPSS>=70%, P2=CWE pattern clusters. Relevant for EU NIS2 and DORA supply chain risk obligations. Optional env: NVD_API_KEY (raises NVD rate-limit 5→50 req/30s), GITHUB_TOKEN (raises GHSA GraphQL rate-limit). Cache TTL 6h. SLA <=25s p95.Connector