This page was not yet optimized for use on mobile
devices.
Oracle Linux 8 OpenSSL Cryptographic Module
Known vulnerabilities detected
Our automated heuristics have identified vulnerabilities that may be associated with this certificate. See the CVEs section for details.Certificate #4215
Webpage information
Security policy
Symmetric Algorithms
AES, AES-128, AES-192, AES-256, CAST, CAST5, RC2, RC4, RC5, DES, Triple-DES, TDES, TDEA, ChaCha20, Poly1305, IDEA, Blowfish, Camellia, ARIA, SEED, HMAC, HMAC-SHA-224, HMAC-SHA-384, HMAC-SHA-512, HMAC-SHA-256, CMACAsymmetric Algorithms
ECDH, ECDSA, Diffie-Hellman, DH, DHE, DSAHash functions
SHA-1, SHA1, SHA-224, SHA-256, SHA-384, SHA-512, SHA2, SHA-3, SHA3-224, SHA3-256, SHA3-384, SHA3-512, SHA3, BLAKE2, MD4, MD5, RIPEMD, PBKDF, PBKDF2Schemes
MAC, Key Exchange, Key Agreement, Key agreement, AEADProtocols
SSH, SSHv2, TLS, TLS 1.2, TLS 1.3, TLS 1.0, TLS 1.1, TLSv1.2, TLSv1.3, IKE, IKEv2Randomness
PRNG, DRBG, RNGLibraries
OpenSSL, GnuTLS, NSSElliptic Curves
P-256, P-384, P-521, Curve P-224, P-192, curve P-192, P-224, NIST P-192Block cipher modes
ECB, CBC, CTR, OFB, GCM, CCM, XTSTrusted Execution Environments
SSCSecurity level
Level 1, level 1Side-channel analysis
timing attacksStandards
FIPS 140-2, FIPS 140, FIPS PUB 140-2, FIPS 186-4, FIPS186-4, FIPS PUB 197, FIPS PUB 198-1, FIPS PUB 186-4, FIPS PUB 180-4, SP 800-132, SP 800-108, SP 800-135, NIST SP 800-90B, NIST SP 800-90A, SP 800-90A, SP 800-90B, NIST SP 800-133, SP 800-57, SP 800-56C, SP 800-131A, SP 800-38E, SP 800-67, NIST SP 800-67, PKCS #5, PKCS #7, PKCS #11, PKCS #12, PKCS 1, PKCS#1, RFC7919, RFC3526, RFC 5288, RFC 5246, X.509File metadata
| Author | chris brych |
|---|---|
| Creation date | D:20220711184323+00'00' |
| Modification date | D:20220711184323+00'00' |
| Pages | 41 |
| Creator | Microsoft Word |
Heuristics
Automated inference - use with caution
All attributes shown in this section (e.g., links between certificates, products, vendors, and known CVEs) are generated by automated heuristics and have not been reviewed by humans. These methods can produce false positives or false negatives and should not be treated as definitive without independent verification. For details on our data sources and inference methods, see our methodology. If you believe any information here is inaccurate or harmful, please submit feedback.CPE matches
Related CVEs
| ID | Links | Severity | CVSS Score | Published on |
|---|---|---|---|---|
| Base score | ||||
| CVE-2021-2464 | HIGH | 7.2 | 24.09.2021 | |
| CVE-2021-3551 | HIGH | 7.8 | 16.02.2022 | |
| CVE-2022-21499 | MEDIUM | 4.6 | 09.06.2022 | |
| CVE-2022-21504 | LOW | 2.1 | 14.06.2022 | |
| CVE-2022-21505 | MEDIUM | 6.7 | 24.12.2024 | |
| CVE-2023-22024 | MEDIUM | 5.5 | 20.09.2023 | |
| CVE-2025-4598 | MEDIUM | 4.7 | 30.05.2025 | |
| CVE-2026-21991 | MEDIUM | 5.5 | 16.03.2026 | |
| CVE-2026-21996 | MEDIUM | 5.5 | 01.05.2026 | |
| CVE-2026-35233 | MEDIUM | 4.4 | 01.05.2026 |
Showing 5 out of 10.
References
No references are available for this certificate.
Updates Feed
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate was first processed.
Raw data
{
"_type": "sec_certs.sample.fips.FIPSCertificate",
"cert_id": 4215,
"dgst": "08f88745513481ca",
"heuristics": {
"_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
"algorithms": {
"_type": "Set",
"elements": [
"KAS-SSC#A1695",
"SHA-3#A1682",
"KTS#A1696",
"Triple-DES#A1680",
"AES#A2141",
"KAS-SSC#A1696",
"PBKDF#A1694",
"CVL#A2143",
"AES#A2146",
"AES#A1692",
"KAS#A1699",
"KTS-RSA#A1696",
"RSA#A1694",
"SHS#A1696",
"HMAC#A1683",
"HMAC#A1695",
"SHA-3#A1681",
"DRBG#A2142",
"KTS#A1694",
"KAS-SSC#A1694",
"KTS-RSA#A1694",
"Triple-DES#A1677",
"KAS#A1695",
"CVL#A1678",
"SHS#A1697",
"PBKDF#A1683",
"AES#A1678",
"PBKDF#A1697",
"AES#A1688",
"HMAC#A1681",
"KDA#A1676",
"SHS#A1695",
"Triple-DES#A1678",
"Triple-DES#A1679",
"AES#A1693",
"AES#A1674",
"AES#A1686",
"AES#A1680",
"DSA#A1697",
"PBKDF#A1682",
"DSA#A1696",
"KAS-SSC#A1697",
"SHS#A2140",
"AES#A1673",
"CVL#A1696",
"CVL#A1677",
"CVL#A1695",
"AES#A2144",
"DRBG#A1675",
"KTS#A2140",
"KTS#A1695",
"AES#A2139",
"HMAC#A1682",
"KTS-RSA#A1695",
"HMAC#A1696",
"ECDSA#A1683",
"RSA#A1697",
"ECDSA#A1696",
"Triple-DES#A1672",
"AES#A1689",
"CVL#A1680",
"DRBG#A1673",
"KAS#A1694",
"PBKDF#A1681",
"AES#A2142",
"AES#A1687",
"HMAC#A2140",
"PBKDF#A1696",
"KAS#A1696",
"CVL#A1697",
"CVL#A1694",
"KTS-RSA#A1697",
"PBKDF#A1695",
"SHA-3#A1683",
"KBKDF#A1698",
"KAS-SSC#A1699",
"HMAC#A1694",
"AES#A1690",
"KTS#A1697",
"ECDSA#A1695",
"RSA#A1696",
"AES#A1677",
"DRBG#A2141",
"AES#A1679",
"DRBG#A1674",
"CVL#A1679",
"AES#A1675",
"KAS#A1697",
"DRBG#A2139",
"SHS#A1694",
"ECDSA#A1694",
"HMAC#A1697",
"RSA#A1695",
"AES#A1691",
"DSA#A1694",
"KTS#A1672",
"AES#A2145",
"ECDSA#A1697",
"AES#A1685",
"DSA#A1695"
]
},
"cpe_matches": {
"_type": "Set",
"elements": [
"cpe:2.3:o:oracle:linux:8:-:*:*:*:*:*:*"
]
},
"direct_transitive_cves": null,
"extracted_versions": {
"_type": "Set",
"elements": [
"8"
]
},
"indirect_transitive_cves": null,
"module_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"module_prunned_references": {
"_type": "Set",
"elements": []
},
"policy_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"policy_prunned_references": {
"_type": "Set",
"elements": []
},
"related_cves": {
"_type": "Set",
"elements": [
"CVE-2022-21499",
"CVE-2022-21505",
"CVE-2026-21991",
"CVE-2021-3551",
"CVE-2026-21996",
"CVE-2022-21504",
"CVE-2025-4598",
"CVE-2021-2464",
"CVE-2026-35233",
"CVE-2023-22024"
]
},
"verified_cpe_matches": null
},
"pdf_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
"keywords": {
"asymmetric_crypto": {
"ECC": {
"ECDH": {
"ECDH": 3
},
"ECDSA": {
"ECDSA": 24
}
},
"FF": {
"DH": {
"DH": 1,
"DHE": 1,
"Diffie-Hellman": 34
},
"DSA": {
"DSA": 31
}
}
},
"certification_process": {},
"cipher_mode": {
"CBC": {
"CBC": 11
},
"CCM": {
"CCM": 8
},
"CTR": {
"CTR": 7
},
"ECB": {
"ECB": 18
},
"GCM": {
"GCM": 18
},
"OFB": {
"OFB": 7
},
"XTS": {
"XTS": 15
}
},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {
"GnuTLS": {
"GnuTLS": 1
},
"NSS": {
"NSS": 1
},
"OpenSSL": {
"OpenSSL": 67
}
},
"crypto_protocol": {
"IKE": {
"IKE": 3,
"IKEv2": 1
},
"SSH": {
"SSH": 7,
"SSHv2": 1
},
"TLS": {
"TLS": {
"TLS": 38,
"TLS 1.0": 4,
"TLS 1.1": 4,
"TLS 1.2": 6,
"TLS 1.3": 2,
"TLSv1.2": 1,
"TLSv1.3": 1
}
}
},
"crypto_scheme": {
"AEAD": {
"AEAD": 1
},
"KA": {
"Key Agreement": 5,
"Key agreement": 3
},
"KEX": {
"Key Exchange": 3
},
"MAC": {
"MAC": 4
}
},
"device_model": {},
"ecc_curve": {
"NIST": {
"Curve P-224": 4,
"NIST P-192": 1,
"P-192": 10,
"P-224": 6,
"P-256": 24,
"P-384": 20,
"P-521": 20,
"curve P-192": 3
}
},
"eval_facility": {},
"fips_cert_id": {
"Cert": {
"#1": 1,
"#11": 1,
"#12": 1,
"#5": 1,
"#7": 1
}
},
"fips_certlike": {
"Certlike": {
"AES-128": 10,
"AES-192": 10,
"AES-256": 10,
"HMAC-SHA (1": 4,
"HMAC-SHA (256": 1,
"HMAC-SHA- 256": 2,
"HMAC-SHA-1": 6,
"HMAC-SHA-224": 4,
"HMAC-SHA-256": 6,
"HMAC-SHA-384": 4,
"HMAC-SHA-512": 4,
"PKCS #11": 2,
"PKCS #12": 2,
"PKCS #5": 2,
"PKCS #7": 2,
"PKCS 1": 24,
"PKCS#1": 8,
"SHA (1": 5,
"SHA (256": 1,
"SHA- 224": 7,
"SHA- 384": 4,
"SHA-1": 34,
"SHA-224": 22,
"SHA-256": 56,
"SHA-3": 2,
"SHA-384": 41,
"SHA-512": 45,
"SHA1": 4,
"SHA2 256": 4,
"SHA2 384": 4,
"SHA2-224": 5,
"SHA2-256": 7,
"SHA2-384": 5,
"SHA2-512": 5,
"SHA3": 1,
"SHA3-224": 10,
"SHA3-256": 10,
"SHA3-384": 10,
"SHA3-512": 11
}
},
"fips_security_level": {
"Level": {
"Level 1": 2,
"level 1": 2
}
},
"hash_function": {
"BLAKE": {
"BLAKE2": 2
},
"MD": {
"MD4": {
"MD4": 2
},
"MD5": {
"MD5": 2
}
},
"PBKDF": {
"PBKDF": 13,
"PBKDF2": 2
},
"RIPEMD": {
"RIPEMD": 2
},
"SHA": {
"SHA1": {
"SHA-1": 34,
"SHA1": 4
},
"SHA2": {
"SHA-224": 22,
"SHA-256": 56,
"SHA-384": 41,
"SHA-512": 45,
"SHA2": 8
},
"SHA3": {
"SHA-3": 2,
"SHA3": 1,
"SHA3-224": 10,
"SHA3-256": 10,
"SHA3-384": 10,
"SHA3-512": 11
}
}
},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {
"PRNG": {
"DRBG": 31,
"PRNG": 1
},
"RNG": {
"RNG": 1
}
},
"side_channel_analysis": {
"SCA": {
"timing attacks": 1
}
},
"standard_id": {
"FIPS": {
"FIPS 140": 3,
"FIPS 140-2": 30,
"FIPS 186-4": 3,
"FIPS PUB 140-2": 11,
"FIPS PUB 180-4": 1,
"FIPS PUB 186-4": 1,
"FIPS PUB 197": 1,
"FIPS PUB 198-1": 1,
"FIPS186-4": 1
},
"NIST": {
"NIST SP 800-133": 1,
"NIST SP 800-67": 1,
"NIST SP 800-90A": 1,
"NIST SP 800-90B": 2,
"SP 800-108": 2,
"SP 800-131A": 1,
"SP 800-132": 6,
"SP 800-135": 4,
"SP 800-38E": 1,
"SP 800-56C": 1,
"SP 800-57": 1,
"SP 800-67": 2,
"SP 800-90A": 8,
"SP 800-90B": 1
},
"PKCS": {
"PKCS #11": 1,
"PKCS #12": 1,
"PKCS #5": 1,
"PKCS #7": 1,
"PKCS 1": 12,
"PKCS#1": 4
},
"RFC": {
"RFC 5246": 2,
"RFC 5288": 2,
"RFC3526": 3,
"RFC7919": 4
},
"X509": {
"X.509": 1
}
},
"symmetric_crypto": {
"AES_competition": {
"AES": {
"AES": 74,
"AES-128": 10,
"AES-192": 10,
"AES-256": 10
},
"CAST": {
"CAST": 2,
"CAST5": 2
},
"RC": {
"RC2": 2,
"RC4": 2,
"RC5": 2
}
},
"DES": {
"3DES": {
"TDEA": 1,
"TDES": 4,
"Triple-DES": 29
},
"DES": {
"DES": 4
}
},
"constructions": {
"MAC": {
"CMAC": 14,
"HMAC": 33,
"HMAC-SHA-224": 2,
"HMAC-SHA-256": 3,
"HMAC-SHA-384": 2,
"HMAC-SHA-512": 2
}
},
"djb": {
"ChaCha": {
"ChaCha20": 5
},
"Poly": {
"Poly1305": 3
}
},
"miscellaneous": {
"ARIA": {
"ARIA": 2
},
"Blowfish": {
"Blowfish": 2
},
"Camellia": {
"Camellia": 2
},
"IDEA": {
"IDEA": 2
},
"SEED": {
"SEED": 2
}
}
},
"tee_name": {
"IBM": {
"SSC": 1
}
},
"tls_cipher_suite": {},
"vendor": {},
"vulnerability": {}
},
"policy_metadata": {
"/Author": "chris brych",
"/CreationDate": "D:20220711184323+00\u002700\u0027",
"/Creator": "Microsoft Word",
"/ModDate": "D:20220711184323+00\u002700\u0027",
"pdf_file_size_bytes": 749504,
"pdf_hyperlinks": {
"_type": "Set",
"elements": [
"https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?product=14642",
"https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?product=14179",
"https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?product=14177",
"http://csrc.nist.gov/groups/STM/cmvp/index.html",
"https://yum.oracle.com/repo/OracleLinux/OL8/4/security/validation/aarch64/getPackage/openssl-libs-1.1.1g-15.el8_3.aarch64.rpm",
"https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?product=14637",
"https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?product=14178",
"https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?product=14202",
"https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?product=14636",
"https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?product=14189",
"https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?product=14195",
"https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?product=14193",
"http://www.oracle.com/",
"https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?product=14200",
"https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?product=14201",
"https://yum.oracle.com/repo/OracleLinux/OL8/4/security/validation/aarch64/getPackage/openssl-1.1.1g-15.el8_3.aarch64.rpm",
"https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?product=14176",
"http://yum.oracle.com/oracle-linux-7.html",
"https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?product=14640",
"https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?product=14197",
"https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?product=14641",
"https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?product=14194",
"https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?product=14180",
"https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?product=14184",
"https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?product=14182",
"https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?product=14192",
"https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?product=14639",
"https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?product=14181",
"https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?product=14188",
"https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?product=14183",
"https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?product=14190",
"https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?product=14643",
"https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?product=14638",
"https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?product=14185",
"https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?product=14187",
"https://www.oracle.com/linux/",
"https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?product=14198",
"https://yum.oracle.com/repo/OracleLinux/OL8/4/security/validation/x86_64/getPackage/openssl-libs-1.1.1g-15.el8_3.x86_64.rpm",
"https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?product=14199",
"https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?product=14186",
"https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?product=14191",
"https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?product=14196",
"https://yum.oracle.com/repo/OracleLinux/OL8/baseos/latest/x86_64/getPackage/openssl-libs-1.1.1g-15.el8_3.x86_64.rpm"
]
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 41
}
},
"state": {
"_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
"module_download_ok": true,
"module_extract_ok": true,
"policy_convert_ok": true,
"policy_download_ok": true,
"policy_extract_ok": true,
"policy_json_hash": null,
"policy_pdf_hash": "f8fd7006aaa89301781347f9621ec240eab8c4f3754ff47193cb8cfed5ddc2ff",
"policy_txt_hash": "66653942eb2868d5a84f6ef941d922d1645416e1363c0bc8e9ae2428e6eda728"
},
"web_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
"caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy",
"certificate_pdf_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/May 2022_010622_0641_signed.pdf",
"date_sunset": "2026-09-21",
"description": "Oracle Linux OpenSSL Cryptographic Module is a software module supporting FIPS 140-2 approved cryptographic algorithms for general use by vendors.",
"embodiment": "Multi-Chip Stand Alone",
"exceptions": [
"Physical Security: N/A",
"Design Assurance: Level 3"
],
"fw_versions": null,
"historical_reason": null,
"hw_versions": null,
"level": 1,
"mentioned_certs": {},
"module_name": "Oracle Linux 8 OpenSSL Cryptographic Module",
"module_type": "Software",
"revoked_link": null,
"revoked_reason": null,
"standard": "FIPS 140-2",
"status": "active",
"sw_versions": "R8-8.4.0",
"tested_conf": [
"Oracle Linux 8.4 64 bit running on Oracle Server A1-2C with Ampere(R) Altra(R) Neoverse-N1 with PAA",
"Oracle Linux 8.4 64 bit running on Oracle Server A1-2C with Ampere(R) Altra(R) Neoverse-N1 without PAA (single-user mode)",
"Oracle Linux 8.4 64 bit running on Oracle Server E1-2C with AMD EPYC(TM) 7551 with PAA",
"Oracle Linux 8.4 64 bit running on Oracle Server E1-2C with AMD EPYC(TM) 7551 without PAA",
"Oracle Linux 8.4 64 bit running on Oracle Server X7-2C with Intel(R) Xeon(R) Platinum 8167M with PAA",
"Oracle Linux 8.4 64 bit running on Oracle Server X7-2C with Intel(R) Xeon(R) Platinum 8167M without PAA"
],
"validation_history": [
{
"_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
"date": "2022-05-09",
"lab": "atsec information security corporation",
"validation_type": "Initial"
},
{
"_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
"date": "2022-07-15",
"lab": "atsec information security corporation",
"validation_type": "Update"
}
],
"vendor": "Oracle Corporation",
"vendor_url": "http://www.oracle.com"
}
}