Scope fence – read before use
This is not a cryptographic audit and not a live CMVP scanner. It does not connect to the NIST Cryptographic Module Validation Program database, does not verify that a cert number is real, and does not inspect any actual cryptographic module or key material. It reads the rows you paste – module name, cert number, and declared validated standard – and applies one pinned fact: FIPS 140-2 (and earlier 140-1) validations move to the CMVP Historical list on the declared transition date below. Every finding is labeled asserted: it reflects what you told the tool, not an independent verification of your cryptographic estate. If a module is missing from your paste, or you declared its standard incorrectly, this tool cannot know that.
๐ All inputs are processed locally in your browser. No data is transmitted. Do not enter real personal data โ use synthetic or anonymised inputs only.
Step 1 · Paste Certificate Inventory (JSON array)
Each row: module_name, cert_number, standard ("140-1" / "140-2" / "140-3") – pasted, never fetched