This page was not yet optimized for use on mobile devices.
Hewlett Packard Enterprise OpenSSL Cryptographic Module on Red Hat Enterprise Linux
Certificate #4473
Webpage information ?
Document information ?
Security policy
Symmetric Algorithms
AES, AES-128, AES-256, AES128, AES256, CAST, CAST5, RC2, RC4, RC5, DES, Triple-DES, TDES, TDEA, ChaCha20, Poly1305, IDEA, Blowfish, Camellia, ARIA, SEED, HMAC, HMAC-SHA-256, HMAC-SHA-384, HMAC-SHA-512, HMAC-SHA-224, CMACAsymmetric Algorithms
ECDSA, ECC, Diffie-Hellman, DH, DSAHash functions
SHA-1, SHA-224, SHA-384, SHA-512, SHA-256, SHA384, SHA-3, SHA3-224, SHA3-256, SHA3-384, SHA3-512, BLAKE2, MD4, MD5, RIPEMD, PBKDFSchemes
MAC, Key Exchange, Key Agreement, Key agreementProtocols
SSH, TLS, TLS v1.0, TLS 1.3, TLSv1.2, TLSv1.3, IKE, IKEv2Randomness
PRNG, DRBG, RNGLibraries
OpenSSLElliptic Curves
P-256, P-521, P-224, P-384, P-192Block cipher modes
ECB, CBC, CTR, CFB, OFB, GCM, CCM, XTSTrusted Execution Environments
SSCSecurity level
Level 1, level 1Side-channel analysis
timing attacksStandards
FIPS 140-2, FIPS 197, FIPS 186-4, FIPS 180-4, FIPS 202, FIPS 198-1, FIPS186-4, SP 800-38D, SP 800-38A, SP 800-38C, SP 800-38E, SP 800-38F, SP 800-38B, SP 800-67, SP 800-90A, SP 800-135, SP 800-132, SP 800-90B, SP 800-57, NIST SP 800-67, NIST SP 800-38B, NIST SP 800-38C, NIST SP 800-38D, NIST SP 800-38E, NIST SP 800-56A, NIST SP 800-90A, PKCS#1, RFC7919, RFC3526, RFC5288File metadata
| Title: | FIPS 140-2 Non-proprietary Security Policy |
|---|---|
| Subject: | Red Hat Enterprise Linux 7.7 OpenSSL Module |
| Author: | Alejandro Fabio Masino |
| Creation date: | D:20230224141923-06'00' |
| Pages: | 37 |
| Creator: | Writer |
| Producer: | LibreOffice 7.2 |
References
Heuristics ?
No heuristics are available for this certificate.
References ?
No references are available for this certificate.
Updates ?
-
18.05.2023 The certificate was first processed.
New certificate
A new FIPS 140 certificate with the product name was processed.
Raw data
{
"_type": "sec_certs.sample.fips.FIPSCertificate",
"cert_id": 4473,
"dgst": "aa8e22a09ff2af4e",
"heuristics": {
"_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
"algorithms": {
"_type": "Set",
"elements": [
"Triple-DES#A1116",
"ECDSA#A1135",
"KTS#A1133",
"PBKDF#A1133",
"DRBG#A1119",
"SHA-3#A1127",
"KAS#A1135",
"PBKDF#A1127",
"AES#A1124",
"AES#A1121",
"KTS#A1135",
"SHS#A1133",
"DSA#A1135",
"ECDSA#A1133",
"SHS#A1134",
"SHS#A1135",
"AES#A1119",
"DSA#A1133",
"PBKDF#A1136",
"AES#A1139",
"SHA-3#A1126",
"KAS#A1134",
"HMAC#A1127",
"AES#A1137",
"AES#A1138",
"AES#A1131",
"CVL#A1121",
"KTS#A1136",
"CVL#A1134",
"DSA#A1134",
"CVL#A1133",
"ECDSA#A1134",
"AES#A1118",
"KAS-SSC#A1135",
"HMAC#A1134",
"RSA#A1135",
"KTS#A1116",
"AES#A1123",
"RSA#A1133",
"HMAC#A1136",
"CVL#A1123",
"RSA#A1136",
"DRBG#A1117",
"AES#A1141",
"KAS-SSC#A1134",
"HMAC#A1133",
"PBKDF#A1126",
"SHS#A1136",
"DRBG#A1118",
"SHA-3#A1125",
"AES#A1117",
"PBKDF#A1125",
"AES#A1130",
"CVL#A1136",
"Triple-DES#A1124",
"KAS#A1144",
"AES#A1122",
"ECDSA#A1136",
"CVL#A1124",
"HMAC#A1126",
"KTS#A1134",
"HMAC#A1125",
"KAS#A1133",
"CVL#A1122",
"DSA#A1136",
"HMAC#A1135",
"Triple-DES#A1122",
"PBKDF#A1134",
"RSA#A1134",
"KAS-SSC#A1133",
"Triple-DES#A1123",
"KAS-SSC#A1136",
"Triple-DES#A1121",
"KDA#A1120",
"KBKDF#A1143",
"AES#A1132",
"AES#A1140",
"CVL#A1135",
"KAS#A1136",
"PBKDF#A1135",
"AES#A1142",
"KAS-SSC#A1144"
]
},
"cpe_matches": null,
"direct_transitive_cves": null,
"extracted_versions": {
"_type": "Set",
"elements": [
"-"
]
},
"indirect_transitive_cves": null,
"module_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"module_prunned_references": {
"_type": "Set",
"elements": []
},
"policy_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": {
"_type": "Set",
"elements": [
"4271"
]
},
"indirectly_referenced_by": null,
"indirectly_referencing": {
"_type": "Set",
"elements": [
"4271"
]
}
},
"policy_prunned_references": {
"_type": "Set",
"elements": [
"4271"
]
},
"related_cves": null,
"verified_cpe_matches": null
},
"pdf_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
"keywords": {
"asymmetric_crypto": {
"ECC": {
"ECC": {
"ECC": 1
},
"ECDSA": {
"ECDSA": 27
}
},
"FF": {
"DH": {
"DH": 3,
"Diffie-Hellman": 53
},
"DSA": {
"DSA": 28
}
}
},
"certification_process": {},
"cipher_mode": {
"CBC": {
"CBC": 7
},
"CCM": {
"CCM": 6
},
"CFB": {
"CFB": 1
},
"CTR": {
"CTR": 1
},
"ECB": {
"ECB": 5
},
"GCM": {
"GCM": 10
},
"OFB": {
"OFB": 3
},
"XTS": {
"XTS": 3
}
},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {
"OpenSSL": {
"OpenSSL": 57
}
},
"crypto_protocol": {
"IKE": {
"IKE": 2,
"IKEv2": 1
},
"SSH": {
"SSH": 3
},
"TLS": {
"TLS": {
"TLS": 31,
"TLS 1.3": 1,
"TLS v1.0": 1,
"TLSv1.2": 1,
"TLSv1.3": 1
}
}
},
"crypto_scheme": {
"KA": {
"Key Agreement": 3,
"Key agreement": 5
},
"KEX": {
"Key Exchange": 1
},
"MAC": {
"MAC": 3
}
},
"device_model": {},
"ecc_curve": {
"NIST": {
"P-192": 4,
"P-224": 8,
"P-256": 8,
"P-384": 6,
"P-521": 8
}
},
"eval_facility": {},
"fips_cert_id": {
"Cert": {
"#4271": 1
}
},
"fips_certlike": {
"Certlike": {
"AES (128": 1,
"AES-128": 2,
"AES-256": 1,
"AES128": 1,
"AES256": 1,
"HMAC SHA-256": 2,
"HMAC- SHA-1": 1,
"HMAC- SHA-224": 1,
"HMAC-SHA-1": 4,
"HMAC-SHA-224": 2,
"HMAC-SHA-256": 10,
"HMAC-SHA-384": 6,
"HMAC-SHA-512": 4,
"PKCS#1": 8,
"SHA-1": 10,
"SHA-224": 5,
"SHA-256": 18,
"SHA-3": 1,
"SHA-384": 4,
"SHA-512": 7,
"SHA2-256": 1,
"SHA3- 256": 1,
"SHA3-224": 2,
"SHA3-256": 2,
"SHA3-384": 2,
"SHA3-512": 4,
"SHA384": 1
}
},
"fips_security_level": {
"Level": {
"Level 1": 2,
"level 1": 5
}
},
"hash_function": {
"BLAKE": {
"BLAKE2": 1
},
"MD": {
"MD4": {
"MD4": 1
},
"MD5": {
"MD5": 2
}
},
"PBKDF": {
"PBKDF": 14
},
"RIPEMD": {
"RIPEMD": 1
},
"SHA": {
"SHA1": {
"SHA-1": 10
},
"SHA2": {
"SHA-224": 7,
"SHA-256": 17,
"SHA-384": 3,
"SHA-512": 7,
"SHA384": 1
},
"SHA3": {
"SHA-3": 2,
"SHA3-224": 2,
"SHA3-256": 2,
"SHA3-384": 2,
"SHA3-512": 4
}
}
},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {
"PRNG": {
"DRBG": 22,
"PRNG": 1
},
"RNG": {
"RNG": 2
}
},
"side_channel_analysis": {
"SCA": {
"timing attacks": 1
}
},
"standard_id": {
"FIPS": {
"FIPS 140-2": 49,
"FIPS 180-4": 2,
"FIPS 186-4": 8,
"FIPS 197": 4,
"FIPS 198-1": 2,
"FIPS 202": 1,
"FIPS186-4": 2
},
"NIST": {
"NIST SP 800-38B": 1,
"NIST SP 800-38C": 1,
"NIST SP 800-38D": 1,
"NIST SP 800-38E": 1,
"NIST SP 800-56A": 1,
"NIST SP 800-67": 1,
"NIST SP 800-90A": 1,
"SP 800-132": 2,
"SP 800-135": 3,
"SP 800-38A": 2,
"SP 800-38B": 2,
"SP 800-38C": 1,
"SP 800-38D": 1,
"SP 800-38E": 2,
"SP 800-38F": 1,
"SP 800-57": 1,
"SP 800-67": 2,
"SP 800-90A": 7,
"SP 800-90B": 1
},
"PKCS": {
"PKCS#1": 4
},
"RFC": {
"RFC3526": 3,
"RFC5288": 1,
"RFC7919": 4
}
},
"symmetric_crypto": {
"AES_competition": {
"AES": {
"AES": 37,
"AES-128": 2,
"AES-256": 1,
"AES128": 1,
"AES256": 1
},
"CAST": {
"CAST": 1,
"CAST5": 1
},
"RC": {
"RC2": 1,
"RC4": 1,
"RC5": 1
}
},
"DES": {
"3DES": {
"TDEA": 1,
"TDES": 1,
"Triple-DES": 21
},
"DES": {
"DES": 2
}
},
"constructions": {
"MAC": {
"CMAC": 9,
"HMAC": 23,
"HMAC-SHA-224": 1,
"HMAC-SHA-256": 5,
"HMAC-SHA-384": 3,
"HMAC-SHA-512": 2
}
},
"djb": {
"ChaCha": {
"ChaCha20": 2
},
"Poly": {
"Poly1305": 1
}
},
"miscellaneous": {
"ARIA": {
"ARIA": 1
},
"Blowfish": {
"Blowfish": 1
},
"Camellia": {
"Camellia": 1
},
"IDEA": {
"IDEA": 1
},
"SEED": {
"SEED": 1
}
}
},
"tee_name": {
"IBM": {
"SSC": 3
}
},
"tls_cipher_suite": {},
"vendor": {},
"vulnerability": {}
},
"policy_metadata": {
"/Author": "Alejandro Fabio Masino",
"/CreationDate": "D:20230224141923-06\u002700\u0027",
"/Creator": "Writer",
"/Producer": "LibreOffice 7.2",
"/Subject": "Red Hat Enterprise Linux 7.7 OpenSSL Module",
"/Title": "FIPS 140-2 Non-proprietary Security Policy",
"pdf_file_size_bytes": 347749,
"pdf_hyperlinks": {
"_type": "Set",
"elements": [
"https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.198-1.pdf",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-56Ar3.pdf",
"http://webstore.ansi.org/FindStandards.aspx?Action=displaydept\u0026DeptID=80\u0026Acro=X9\u0026DpName=X9,%20Inc.",
"https://csrc.nist.gov/CSRC/media/Projects/Cryptographic-Module-Validation-Program/documents/fips140-2/FIPS1402IG.pdf",
"https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38d.pdf",
"https://csrc.nist.gov/CSRC/media/Projects/Cryptographic-Module-Validation-Program/documents/fips140-2/FIPS1402DTR.pdf",
"https://csrc.nist.gov/projects/cryptographic-module-validation-program/standards",
"https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.180-4.pdf",
"mailto:smb@ulysses.att.com",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-90Ar1.pdf",
"https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.197.pdf",
"http://webstore.ansi.org/RecordDetail.aspx?sku=ANSI+X9.52%3A1998",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-38b.pdf",
"https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-4.pdf",
"https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38c.pdf",
"https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38e.pdf"
]
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 37
}
},
"state": {
"_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
"module_download_ok": true,
"module_extract_ok": true,
"policy_convert_garbage": false,
"policy_convert_ok": true,
"policy_download_ok": true,
"policy_extract_ok": true,
"policy_pdf_hash": "0c7addd96cadb5f5dc4062d3b46412478f6c3a2372401bd151e6f605a60d12c2",
"policy_txt_hash": "8d37f62e88fcad00ea16eb393413a32c2f08fcd89ad231e39dff1c3e00e78a0a"
},
"web_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
"caveat": "When operated in FIPS mode and installed, initialized and configured as specified in Section 9.1 of the Security Policy. The module generates cryptographic keys whose strengths are modified by available entropy.",
"certificate_pdf_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/April 2023_010523_0646.pdf",
"date_sunset": "2026-09-21",
"description": "The OpenSSL FIPS Runtime Module is a general purpose cryptographic library designed to provide FIPS 140-2 validated cryptographic functionality for use with the high level API of the OpenSSL library.",
"embodiment": "Multi-Chip Stand Alone",
"exceptions": [
"Physical Security: N/A"
],
"fw_versions": null,
"historical_reason": null,
"hw_versions": null,
"level": 1,
"mentioned_certs": {},
"module_name": "Hewlett Packard Enterprise OpenSSL Cryptographic Module on Red Hat Enterprise Linux",
"module_type": "Software",
"revoked_link": null,
"revoked_reason": null,
"standard": "FIPS 140-2",
"status": "active",
"sw_versions": "rhel8.20210325",
"tested_conf": [
"Red Hat Enterprise Linux 8 running on Dell PowerEdge R440 with an Intel(R) Xeon(R) Silver 4216 with PAA",
"Red Hat Enterprise Linux 8 running on Dell PowerEdge R440 with an Intel(R) Xeon(R) Silver 4216 without PAA (single-user mode)"
],
"validation_history": [
{
"_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
"date": "2023-04-14",
"lab": "ATSEC INFORMATION SECURITY CORP",
"validation_type": "Initial"
}
],
"vendor": "Aruba, a Hewlett Packard Enterprise Company",
"vendor_url": "http://www.arubanetworks.com/"
}
}