This page was not yet optimized for use on mobile devices.

Red Hat Enterprise Linux 7 NSS Cryptographic Module

Known vulnerabilities detected

Our automated heuristics have identified vulnerabilities that may be associated with this certificate. See the CVEs section for details.

Certificate #4498

Webpage information

Status	active
Validation dates	02.05.2023
Sunset date	23-03-2026
Standard	FIPS 140-2
Security level	1
Type	Software
Embodiment	Multi-Chip Stand Alone
Caveat	When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy
Exceptions	Roles, Services, and Authentication: Level 2 Physical Security: N/A Design Assurance: Level 2
Description	Network Security Services (NSS) is a set of open source C libraries designed to support cross-platform development of security-enabled applications. NSS implements major Internet security standards. NSS is available free of charge under a variety of open source compatible licenses. See http://www.mozilla.org/projects/security/pki/nss/.
Tested configurations	Red Hat Enterprise Linux 7 running on Dell PowerEdge R630 with an Intel(R) Xeon(R) E5 with PAA Red Hat Enterprise Linux 7 running on Dell PowerEdge R630 with an Intel(R) Xeon(R) E5 without PAA (single-user mode)
Vendor	Red Hat®, Inc.
References	This certificate's webpage directly references 0 certificates, transitively this expands into 0 certificates.

Certificate

Webpage

Security policy

Security target PDF TXT

Symmetric Algorithms

AES, RC2, RC5, RC4, DES, Triple-DES, TDEA, Camellia, SEED, HMAC, HMAC-SHA-224, HMAC-SHA-256, HMAC-SHA-512

Asymmetric Algorithms

RSA 2048, RSA 1024, ECDSA, Diffie-Hellman, DSA

Hash functions

SHA-1, SHA-256, SHA-224, SHA-512, SHA-384, MD5, PBKDF, PBKDF1

Schemes

MAC, AEAD

Protocols

TLS, TLS v1.0, TLS v1.1, TLS v1.2, IKE

Randomness

DRBG

Libraries

NSS

Elliptic Curves

P-384, P-521, P-256

Block cipher modes

ECB, CBC, CTR, GCM

Security level

Level 1, level 1

Side-channel analysis

Timing attacks, Timing attack, timing attacks, Timing Attacks

Standards

FIPS 140-2, FIPS186-4, FIPS 197, FIPS 180-4, FIPS 198-1, FIPS 186-4, NIST SP 800-56B, SP 800-90A, NIST SP 800-38A, NIST SP 800-38D, NIST SP 800-38F, NIST SP 800-56A, NIST SP 800-67, NIST SP 800-90A, PKCS #11, PKCS#1

File metadata

Title	FIPS 140-2 Non-Proprietary Security Policy
Subject	Red Hat Enterprise Linux NSS Cryptographic Module
Author	Alejandro Fabio Masino
Creation date	D:20230320152219-05'00'
Pages	36
Creator	Writer
Producer	LibreOffice 7.3

Heuristics

Automated inference - use with caution

All attributes shown in this section (e.g., links between certificates, products, vendors, and known CVEs) are generated by automated heuristics and have not been reviewed by humans. These methods can produce false positives or false negatives and should not be treated as definitive without independent verification. For details on our data sources and inference methods, see our methodology. If you believe any information here is inaccurate or harmful, please submit feedback.

CPE matches

Related CVEs

ID	Links	Severity	CVSS Score			Published on
ID	Links	Severity	Base	Exploitability	Impact	Published on
CVE-1999-0037	C N	HIGH	7.5		6.4	21.05.1997
CVE-1999-0297	C N	HIGH	7.2		10.0	12.12.1996
CVE-1999-0798	C N	HIGH	10.0		10.0	04.12.1998
CVE-1999-0894	C N	HIGH	10.0		10.0	04.01.2000
CVE-1999-1288	C N	MEDIUM	4.6		6.4	19.11.1998
CVE-2000-0017	C N	HIGH	10.0		10.0	21.12.1999
CVE-2000-0701	C N	MEDIUM	4.6		6.4	20.10.2000
CVE-2000-1207	C N	HIGH	7.2		10.0	30.09.2000
CVE-2001-0690	C N	HIGH	7.5		6.4	20.09.2001
CVE-2001-0886	C N	MEDIUM	4.6		6.4	21.12.2001
CVE-2001-0889	C N	HIGH	7.5		6.4	19.12.2001
CVE-2007-3103	C N	MEDIUM	6.2		10.0	15.07.2007
CVE-2011-2767	C N	CRITICAL	9.8		5.9	26.08.2018
CVE-2015-5229	C N	HIGH	7.5		3.6	08.04.2016
CVE-2015-7833	C N	MEDIUM	4.9		6.9	19.10.2015
CVE-2015-7837	C N	MEDIUM	5.5		3.6	19.09.2017
CVE-2016-3616	C N	HIGH	8.8		5.9	13.02.2017
CVE-2016-7091	C N	MEDIUM	4.4		3.6	22.12.2016
CVE-2016-9675	C N	HIGH	7.8		5.9	22.12.2016
CVE-2017-1000253	C N	HIGH	7.8		5.9	05.10.2017
CVE-2017-15134	C N	HIGH	7.5		3.6	01.03.2018
CVE-2017-15710	C N	HIGH	7.5		3.6	26.03.2018
CVE-2017-15715	C N	HIGH	8.1		5.9	26.03.2018
CVE-2017-5645	C N	CRITICAL	9.8		5.9	17.04.2017
CVE-2018-1000199	C N	MEDIUM	5.5		3.6	24.05.2018
CVE-2018-1002200	C N	MEDIUM	5.5		3.6	25.07.2018
CVE-2018-10184	C N	HIGH	7.5		3.6	09.05.2018
CVE-2018-1079	C N	MEDIUM	6.5		3.6	12.04.2018
CVE-2018-1111	C N	HIGH	7.5		5.9	17.05.2018
CVE-2018-1124	C N	HIGH	7.8		5.9	23.05.2018
CVE-2018-11763	C N	MEDIUM	5.9		3.6	25.09.2018
CVE-2018-12372	C N	MEDIUM	6.5		3.6	18.10.2018
CVE-2018-12373	C N	MEDIUM	6.5		3.6	18.10.2018
CVE-2018-12374	C N	MEDIUM	4.3		1.4	18.10.2018
CVE-2018-1283	C N	MEDIUM	5.3		3.6	26.03.2018
CVE-2018-1301	C N	MEDIUM	5.9		3.6	26.03.2018
CVE-2018-14618	C N	CRITICAL	9.8		5.9	05.09.2018
CVE-2018-14645	C N	HIGH	7.5		3.6	21.09.2018
CVE-2018-16395	C N	CRITICAL	9.8		5.9	16.11.2018
CVE-2018-16396	C N	HIGH	8.1		5.9	16.11.2018
CVE-2018-16850	C N	CRITICAL	9.8		5.9	13.11.2018
CVE-2018-16866	C N	LOW	3.3		1.4	11.01.2019
CVE-2018-17456	C N	CRITICAL	9.8		5.9	06.10.2018
CVE-2018-18311	C N	CRITICAL	9.8		5.9	07.12.2018
CVE-2018-18312	C N	CRITICAL	9.8		5.9	05.12.2018
CVE-2018-18313	C N	CRITICAL	9.1		5.2	07.12.2018
CVE-2018-18314	C N	CRITICAL	9.8		5.9	07.12.2018
CVE-2018-20615	C N	HIGH	7.5		3.6	21.03.2019
CVE-2018-3760	C N	HIGH	7.5		3.6	26.06.2018
CVE-2018-6914	C N	HIGH	7.5		3.6	03.04.2018
CVE-2018-8777	C N	HIGH	7.5		3.6	03.04.2018
CVE-2018-8778	C N	HIGH	7.5		3.6	03.04.2018
CVE-2019-12384	C N	MEDIUM	5.9		3.6	24.06.2019
CVE-2019-14816	C N	HIGH	7.8		5.9	20.09.2019
CVE-2019-9636	C N	CRITICAL	9.8		5.9	08.03.2019
CVE-2021-3672	C N	MEDIUM	5.6		3.4	23.11.2021

Showing 5 out of 56.

References

No references are available for this certificate.

Updates Feed

08.09.2025

The certificate data changed.
Certificate changed

The web extraction data was updated.

The validation_history property was updated.
23.06.2025

The certificate data changed.
Certificate changed

The computed heuristics were updated.

The cpe_matches property was updated, with the {'_type': 'Set', 'elements': ['cpe:2.3:o:redhat:linux:7.2:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:linux:7.1:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:linux:7.0:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:linux:7.3:*:*:*:*:*:*:*']} values discarded.

The related_cves property was updated, with the {'_type': 'Set', 'elements': ['CVE-2002-1155', 'CVE-2016-3699', 'CVE-2001-0128', 'CVE-2002-1509', 'CVE-2002-0080', 'CVE-2004-1333', 'CVE-2005-0750', 'CVE-2003-0041', 'CVE-2001-1383', 'CVE-2004-0902', 'CVE-2001-0138', 'CVE-2003-0434', 'CVE-2001-1374', 'CVE-2002-0836', 'CVE-2000-0917', 'CVE-2001-0852', 'CVE-2001-1002', 'CVE-2001-0233', 'CVE-2001-0441', 'CVE-2001-0946', 'CVE-2002-0083', 'CVE-2001-0736', 'CVE-2002-1232', 'CVE-2004-1335', 'CVE-2002-1160', 'CVE-2000-0816', 'CVE-2001-0869', 'CVE-2004-0905', 'CVE-2004-0079', 'CVE-2002-0002', 'CVE-2001-0197', 'CVE-2004-1334', 'CVE-2001-0143', 'CVE-2004-0903', 'CVE-2000-1208', 'CVE-2000-1214', 'CVE-2003-0370', 'CVE-2004-0904', 'CVE-2000-0963', 'CVE-2004-1613', 'CVE-2001-0116', 'CVE-2003-0364', 'CVE-2001-1375', 'CVE-2001-0140', 'CVE-2002-0044', 'CVE-2003-0461', 'CVE-2001-0473', 'CVE-2001-1030', 'CVE-2003-0248', 'CVE-2002-0638', 'CVE-2001-0859', 'CVE-2000-1213', 'CVE-2003-0354', 'CVE-2004-1026', 'CVE-2002-0045', 'CVE-2001-0139', 'CVE-2001-0142', 'CVE-2001-0119', 'CVE-2003-0464', 'CVE-2001-0977', 'CVE-2004-0112', 'CVE-2001-0872', 'CVE-2003-0188', 'CVE-2001-0439', 'CVE-2001-0635', 'CVE-2001-0118', 'CVE-2003-0194', 'CVE-2001-0120', 'CVE-2000-1095', 'CVE-2003-0247', 'CVE-2001-1013', 'CVE-2004-0081', 'CVE-2004-1025', 'CVE-2001-0117', 'CVE-2001-0787', 'CVE-2001-0641']} values discarded.
14.10.2024

The certificate data changed.
Certificate changed

The computed heuristics were updated.

The cpe_matches property was updated, with the {'_type': 'Set', 'elements': ['cpe:2.3:o:redhat:enterprise_linux:7.9:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux:7.8:*:*:*:*:*:*:*']} values added.

The related_cves property was updated, with the {'_type': 'Set', 'elements': ['CVE-2002-1509', 'CVE-2003-0434', 'CVE-2001-1374', 'CVE-2004-1335', 'CVE-2002-1232', 'CVE-2001-0736', 'CVE-2001-0869', 'CVE-2001-0197', 'CVE-2004-1334', 'CVE-2001-0143', 'CVE-2000-0963', 'CVE-2004-1613', 'CVE-2003-0364', 'CVE-2003-0354', 'CVE-2001-0139', 'CVE-2001-0439', 'CVE-2019-9636', 'CVE-1999-0297', 'CVE-2002-0002', 'CVE-2004-0904', 'CVE-2004-1333', 'CVE-2001-0138', 'CVE-2001-0852', 'CVE-2000-0017', 'CVE-2001-0886', 'CVE-2004-0905', 'CVE-2018-16866', 'CVE-2000-1214', 'CVE-2019-12384', 'CVE-2002-0044', 'CVE-2003-0461', 'CVE-2001-1030', 'CVE-2001-0859', 'CVE-2000-1213', 'CVE-2000-1207', 'CVE-2018-1124', 'CVE-2001-0977', 'CVE-2018-1111', 'CVE-2018-11763', 'CVE-2018-17456', 'CVE-2000-1095', 'CVE-2000-0701', 'CVE-2001-0690', 'CVE-1999-0894', 'CVE-1999-0798', 'CVE-2007-3103', 'CVE-2002-1155', 'CVE-2018-20615', 'CVE-2001-0128', 'CVE-2003-0041', 'CVE-2018-18314', 'CVE-2018-18311', 'CVE-2000-0917', 'CVE-2001-1002', 'CVE-2001-0233', 'CVE-2001-0441', 'CVE-2002-1160', 'CVE-2000-1208', 'CVE-2003-0370', 'CVE-2001-1375', 'CVE-2002-0638', 'CVE-2001-0140', 'CVE-2003-0248', 'CVE-2001-0889', 'CVE-2019-14816', 'CVE-2001-0635', 'CVE-2001-0120', 'CVE-2003-0247', 'CVE-2011-2767', 'CVE-2002-0080', 'CVE-2001-1383', 'CVE-1999-1288', 'CVE-2002-0836', 'CVE-2018-1000199', 'CVE-2001-0946', 'CVE-2002-0083', 'CVE-2018-14618', 'CVE-2000-0816', 'CVE-2004-0079', 'CVE-2001-0116', 'CVE-2001-0473', 'CVE-2018-10184', 'CVE-1999-0037', 'CVE-2018-18313', 'CVE-2018-18312', 'CVE-2001-0142', 'CVE-2002-0045', 'CVE-2001-0119', 'CVE-2003-0464', 'CVE-2004-0112', 'CVE-2001-0872', 'CVE-2003-0188', 'CVE-2001-0118', 'CVE-2018-14645', 'CVE-2003-0194', 'CVE-2001-1013', 'CVE-2004-0081', 'CVE-2001-0117', 'CVE-2001-0787', 'CVE-2001-0641']} values added.
01.10.2024

The certificate data changed.
Certificate changed

The computed heuristics were updated.

The related_cves property was updated, with the {'_type': 'Set', 'elements': ['CVE-2002-1509', 'CVE-2003-0434', 'CVE-2001-1374', 'CVE-2001-0736', 'CVE-2002-1232', 'CVE-2004-1335', 'CVE-2001-0869', 'CVE-2001-0197', 'CVE-2004-1334', 'CVE-2001-0143', 'CVE-2000-0963', 'CVE-2004-1613', 'CVE-2003-0364', 'CVE-2003-0354', 'CVE-2001-0139', 'CVE-2001-0439', 'CVE-2019-9636', 'CVE-1999-0297', 'CVE-2002-0002', 'CVE-2004-0904', 'CVE-2004-1333', 'CVE-2001-0138', 'CVE-2001-0852', 'CVE-2000-0017', 'CVE-2001-0886', 'CVE-2004-0905', 'CVE-2018-16866', 'CVE-2000-1214', 'CVE-2019-12384', 'CVE-2002-0044', 'CVE-2003-0461', 'CVE-2001-1030', 'CVE-2000-1213', 'CVE-2001-0859', 'CVE-2000-1207', 'CVE-2018-1124', 'CVE-2001-0977', 'CVE-2018-1111', 'CVE-2018-11763', 'CVE-2018-17456', 'CVE-2000-1095', 'CVE-2000-0701', 'CVE-2001-0690', 'CVE-1999-0894', 'CVE-1999-0798', 'CVE-2007-3103', 'CVE-2002-1155', 'CVE-2018-20615', 'CVE-2001-0128', 'CVE-2018-18311', 'CVE-2000-0917', 'CVE-2001-1002', 'CVE-2001-0233', 'CVE-2001-0441', 'CVE-2002-1160', 'CVE-2000-1208', 'CVE-2003-0370', 'CVE-2001-1375', 'CVE-2002-0638', 'CVE-2001-0140', 'CVE-2003-0248', 'CVE-2001-0889', 'CVE-2001-0635', 'CVE-2001-0120', 'CVE-2003-0247', 'CVE-2011-2767', 'CVE-2004-0081', 'CVE-2002-0080', 'CVE-2001-1383', 'CVE-1999-1288', 'CVE-2002-0836', 'CVE-2018-1000199', 'CVE-2001-0946', 'CVE-2002-0083', 'CVE-2018-14618', 'CVE-2000-0816', 'CVE-2004-0079', 'CVE-2001-0116', 'CVE-2001-0473', 'CVE-2018-10184', 'CVE-2018-18313', 'CVE-1999-0037', 'CVE-2018-18312', 'CVE-2001-0142', 'CVE-2002-0045', 'CVE-2001-0119', 'CVE-2003-0464', 'CVE-2004-0112', 'CVE-2001-0872', 'CVE-2003-0188', 'CVE-2001-0118', 'CVE-2018-14645', 'CVE-2003-0194', 'CVE-2001-1013', 'CVE-2018-18314', 'CVE-2001-0117', 'CVE-2001-0787', 'CVE-2001-0641']} values discarded.
26.06.2023

The certificate data changed.
Certificate changed

The web extraction data was updated.

The certificate_pdf_url property was set to https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/May 2023_010623_0642.pdf.
18.05.2023

The certificate was first processed.

Raw data

{
  "_type": "sec_certs.sample.fips.FIPSCertificate",
  "cert_id": 4498,
  "dgst": "4c97149849c06376",
  "heuristics": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
    "algorithms": {
      "_type": "Set",
      "elements": [
        "CVL#C1387",
        "SHS#C1420",
        "HMAC#C1387",
        "ECDSA#C1387",
        "RSA#C1387",
        "AES#C1421",
        "ECDSA#C1420",
        "RSA#C1420",
        "AES#C1388",
        "DSA#C1387",
        "HMAC#C1420",
        "DRBG#C1420",
        "Triple-DES#C1387",
        "CVL#C1420",
        "DRBG#C1387",
        "DSA#C1420",
        "AES#C1420",
        "AES#C1387",
        "Triple-DES#C1420",
        "SHS#C1387"
      ]
    },
    "cpe_matches": {
      "_type": "Set",
      "elements": [
        "cpe:2.3:o:redhat:enterprise_linux:7.1:*:*:*:*:*:*:*",
        "cpe:2.3:o:redhat:enterprise_linux:7.5:*:*:*:*:*:*:*",
        "cpe:2.3:o:redhat:enterprise_linux:7.7:*:*:*:*:*:*:*",
        "cpe:2.3:o:redhat:enterprise_linux:7.9:*:*:*:*:*:*:*",
        "cpe:2.3:o:redhat:enterprise_linux:7.8:*:*:*:*:*:*:*",
        "cpe:2.3:o:redhat:enterprise_linux:7.6:*:*:*:*:*:*:*",
        "cpe:2.3:o:redhat:linux:7:*:*:*:*:*:*:*",
        "cpe:2.3:o:redhat:enterprise_linux:7.3:*:*:*:*:*:*:*",
        "cpe:2.3:o:redhat:enterprise_linux:7.4:*:*:*:*:*:*:*",
        "cpe:2.3:o:redhat:enterprise_linux:7.2:*:*:*:*:*:*:*"
      ]
    },
    "direct_transitive_cves": null,
    "extracted_versions": {
      "_type": "Set",
      "elements": [
        "7"
      ]
    },
    "indirect_transitive_cves": null,
    "module_processed_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": null,
      "indirectly_referenced_by": null,
      "indirectly_referencing": null
    },
    "module_prunned_references": {
      "_type": "Set",
      "elements": []
    },
    "policy_processed_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": null,
      "indirectly_referenced_by": null,
      "indirectly_referencing": null
    },
    "policy_prunned_references": {
      "_type": "Set",
      "elements": []
    },
    "related_cves": {
      "_type": "Set",
      "elements": [
        "CVE-2018-1124",
        "CVE-2018-16395",
        "CVE-2018-8778",
        "CVE-2018-6914",
        "CVE-2018-14618",
        "CVE-2018-1002200",
        "CVE-2000-0701",
        "CVE-2018-12373",
        "CVE-2015-7833",
        "CVE-2001-0886",
        "CVE-2017-15715",
        "CVE-2018-12372",
        "CVE-2017-15134",
        "CVE-2015-7837",
        "CVE-2018-3760",
        "CVE-2018-18314",
        "CVE-2001-0690",
        "CVE-1999-0894",
        "CVE-2018-11763",
        "CVE-2019-12384",
        "CVE-1999-0297",
        "CVE-1999-1288",
        "CVE-2017-5645",
        "CVE-2000-0017",
        "CVE-2018-12374",
        "CVE-2021-3672",
        "CVE-1999-0037",
        "CVE-2019-9636",
        "CVE-2018-16396",
        "CVE-2018-18313",
        "CVE-2018-1000199",
        "CVE-2018-16866",
        "CVE-2018-17456",
        "CVE-2018-1079",
        "CVE-2017-15710",
        "CVE-2018-1111",
        "CVE-2018-14645",
        "CVE-2007-3103",
        "CVE-1999-0798",
        "CVE-2018-18312",
        "CVE-2018-1283",
        "CVE-2018-16850",
        "CVE-2000-1207",
        "CVE-2016-9675",
        "CVE-2016-3616",
        "CVE-2011-2767",
        "CVE-2001-0889",
        "CVE-2015-5229",
        "CVE-2016-7091",
        "CVE-2018-10184",
        "CVE-2018-8777",
        "CVE-2018-1301",
        "CVE-2018-18311",
        "CVE-2018-20615",
        "CVE-2019-14816",
        "CVE-2017-1000253"
      ]
    },
    "verified_cpe_matches": null
  },
  "pdf_data": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
    "keywords": {
      "asymmetric_crypto": {
        "ECC": {
          "ECDSA": {
            "ECDSA": 15
          }
        },
        "FF": {
          "DH": {
            "Diffie-Hellman": 4
          },
          "DSA": {
            "DSA": 31
          }
        },
        "RSA": {
          "RSA 1024": 1,
          "RSA 2048": 4
        }
      },
      "certification_process": {},
      "cipher_mode": {
        "CBC": {
          "CBC": 5
        },
        "CTR": {
          "CTR": 3
        },
        "ECB": {
          "ECB": 5
        },
        "GCM": {
          "GCM": 5
        }
      },
      "cplc_data": {},
      "crypto_engine": {},
      "crypto_library": {
        "NSS": {
          "NSS": 48
        }
      },
      "crypto_protocol": {
        "IKE": {
          "IKE": 1
        },
        "TLS": {
          "TLS": {
            "TLS": 19,
            "TLS v1.0": 1,
            "TLS v1.1": 1,
            "TLS v1.2": 1
          }
        }
      },
      "crypto_scheme": {
        "AEAD": {
          "AEAD": 1
        },
        "MAC": {
          "MAC": 1
        }
      },
      "device_model": {},
      "ecc_curve": {
        "NIST": {
          "P-256": 2,
          "P-384": 6,
          "P-521": 8
        }
      },
      "eval_facility": {},
      "fips_cert_id": {
        "Cert": {
          "#11": 9
        }
      },
      "fips_certlike": {
        "Certlike": {
          "AES 128, 192 and 256": 2,
          "Certificate RSA": 1,
          "DSA 2048": 2,
          "HMAC-SHA- 384": 2,
          "HMAC-SHA-1": 2,
          "HMAC-SHA-224": 2,
          "HMAC-SHA-256": 2,
          "HMAC-SHA-512": 2,
          "PKCS #11": 16,
          "PKCS#1": 2,
          "RSA 1024": 1,
          "RSA 2048": 4,
          "RSA PKCS#1": 2,
          "SHA- 1": 4,
          "SHA- 224": 5,
          "SHA- 256": 2,
          "SHA- 384": 4,
          "SHA- 512": 1,
          "SHA-1": 7,
          "SHA-224": 9,
          "SHA-256": 16,
          "SHA-384": 8,
          "SHA-512": 11
        }
      },
      "fips_security_level": {
        "Level": {
          "Level 1": 2,
          "level 1": 1
        }
      },
      "hash_function": {
        "MD": {
          "MD5": {
            "MD5": 4
          }
        },
        "PBKDF": {
          "PBKDF": 11,
          "PBKDF1": 1
        },
        "SHA": {
          "SHA1": {
            "SHA-1": 7
          },
          "SHA2": {
            "SHA-224": 9,
            "SHA-256": 16,
            "SHA-384": 8,
            "SHA-512": 11
          }
        }
      },
      "ic_data_group": {},
      "javacard_api_const": {},
      "javacard_packages": {},
      "javacard_version": {},
      "os_name": {},
      "pq_crypto": {},
      "randomness": {
        "PRNG": {
          "DRBG": 20
        }
      },
      "side_channel_analysis": {
        "SCA": {
          "Timing Attacks": 2,
          "Timing attack": 1,
          "Timing attacks": 1,
          "timing attacks": 1
        }
      },
      "standard_id": {
        "FIPS": {
          "FIPS 140-2": 50,
          "FIPS 180-4": 1,
          "FIPS 186-4": 1,
          "FIPS 197": 1,
          "FIPS 198-1": 1,
          "FIPS186-4": 1
        },
        "NIST": {
          "NIST SP 800-38A": 1,
          "NIST SP 800-38D": 1,
          "NIST SP 800-38F": 1,
          "NIST SP 800-56A": 1,
          "NIST SP 800-56B": 1,
          "NIST SP 800-67": 1,
          "NIST SP 800-90A": 1,
          "SP 800-90A": 1
        },
        "PKCS": {
          "PKCS #11": 8,
          "PKCS#1": 2
        }
      },
      "symmetric_crypto": {
        "AES_competition": {
          "AES": {
            "AES": 17
          },
          "RC": {
            "RC2": 7,
            "RC4": 6,
            "RC5": 7
          }
        },
        "DES": {
          "3DES": {
            "TDEA": 1,
            "Triple-DES": 19
          },
          "DES": {
            "DES": 9
          }
        },
        "constructions": {
          "MAC": {
            "HMAC": 17,
            "HMAC-SHA-224": 1,
            "HMAC-SHA-256": 1,
            "HMAC-SHA-512": 1
          }
        },
        "miscellaneous": {
          "Camellia": {
            "Camellia": 7
          },
          "SEED": {
            "SEED": 7
          }
        }
      },
      "tee_name": {},
      "tls_cipher_suite": {},
      "vendor": {},
      "vulnerability": {}
    },
    "policy_metadata": {
      "/Author": "Alejandro Fabio Masino",
      "/CreationDate": "D:20230320152219-05\u002700\u0027",
      "/Creator": "Writer",
      "/Producer": "LibreOffice 7.3",
      "/Subject": "Red Hat Enterprise Linux NSS Cryptographic Module",
      "/Title": "FIPS 140-2 Non-Proprietary Security Policy",
      "pdf_file_size_bytes": 356911,
      "pdf_hyperlinks": {
        "_type": "Set",
        "elements": [
          "http://www.daemonology.net/papers/htt.pdf",
          "http://csrc.nist.gov/groups/STM/cmvp/standards.html",
          "http://csrc.nist.gov/publications/PubsFIPS.html",
          "http://crypto.stanford.edu/~dabo/abstracts/ssl-timing.html",
          "http://www.cryptography.com/timingattack/"
        ]
      },
      "pdf_is_encrypted": false,
      "pdf_number_of_pages": 36
    }
  },
  "state": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
    "module_download_ok": true,
    "module_extract_ok": true,
    "policy_convert_garbage": false,
    "policy_convert_ok": true,
    "policy_download_ok": true,
    "policy_extract_ok": true,
    "policy_pdf_hash": "d7ba4a8db695b5ded300a6a60f547207caaa3c4098b370dad8174736a55fb904",
    "policy_txt_hash": "9c3b3f196e8291df0823ada743e081b5ac37737ee246b6f306060d78925039e7"
  },
  "web_data": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
    "caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy",
    "certificate_pdf_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/May 2023_010623_0642.pdf",
    "date_sunset": "2026-03-23",
    "description": "Network Security Services (NSS) is a set of open source C libraries designed to support cross-platform development of security-enabled applications. NSS implements major Internet security standards. NSS is available free of charge under a variety of open source compatible licenses. See http://www.mozilla.org/projects/security/pki/nss/.",
    "embodiment": "Multi-Chip Stand Alone",
    "exceptions": [
      "Roles, Services, and Authentication: Level 2",
      "Physical Security: N/A",
      "Design Assurance: Level 2"
    ],
    "fw_versions": null,
    "historical_reason": null,
    "hw_versions": null,
    "level": 1,
    "mentioned_certs": {},
    "module_name": "Red Hat Enterprise Linux 7 NSS Cryptographic Module",
    "module_type": "Software",
    "revoked_link": null,
    "revoked_reason": null,
    "standard": "FIPS 140-2",
    "status": "active",
    "sw_versions": "rhel7.20190606",
    "tested_conf": [
      "Red Hat Enterprise Linux 7 running on Dell PowerEdge R630 with an Intel(R) Xeon(R) E5 with PAA",
      "Red Hat Enterprise Linux 7 running on Dell PowerEdge R630 with an Intel(R) Xeon(R) E5 without PAA (single-user mode)"
    ],
    "validation_history": [
      {
        "_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
        "date": "2023-05-02",
        "lab": "atsec information security corporation",
        "validation_type": "Initial"
      }
    ],
    "vendor": "Red Hat\u00ae, Inc.",
    "vendor_url": "http://www.redhat.com"
  }
}

Sections

Red Hat Enterprise Linux 7 NSS Cryptographic Module

Known vulnerabilities detected

Certificate #4498

Webpage information

Security policy

Symmetric Algorithms

Asymmetric Algorithms

Hash functions

Schemes

Protocols

Randomness

Libraries

Elliptic Curves

Block cipher modes

Security level

Side-channel analysis

Standards

File metadata

Heuristics

Automated inference - use with caution

CPE matches

Related CVEs

References

Updates Feed

Certificate changed

Certificate changed

Certificate changed

Certificate changed

Certificate changed

New certificate

Raw data

Sections

Red Hat Enterprise Linux 7 NSS Cryptographic Module

Known vulnerabilities detected

Certificate #4498

Webpage information

Security policy

Cryptography

Symmetric Algorithms

Asymmetric Algorithms

Hash functions

Schemes

Protocols

Randomness

Libraries

Elliptic Curves

Block cipher modes

Security

Security level

Side-channel analysis

Other

Standards

File metadata

Heuristics

Automated inference - use with caution

CPE matches

Related CVEs

References

Updates Feed

Raw data

Toggle raw data