This page was not yet optimized for use on mobile
devices.
SUSE Linux Enterprise Server 12 - StrongSwan Cryptographic Module
Certificate #2484
Webpage information
Security policy
Symmetric Algorithms
AES-, AES, DES, Triple-DES, TDES, TDEA, Camellia, HMAC, CMACAsymmetric Algorithms
ECDSA, Diffie-Hellman, DSAHash functions
SHA-1, SHA-224, SHA-384, SHA-256, SHA256Schemes
MAC, Key Agreement, Key agreementProtocols
SSH, IKEv2, IKEv1, IKE, IPsecRandomness
DRBG, RNGLibraries
OpenSSLElliptic Curves
P-384, P-256, P-521Block cipher modes
ECB, CBC, CTR, CFB, OFB, GCM, CCM, XEX, XTSSecurity level
level 1, Level 1Certification process
out of scope, Persistently stored secret and private keys are out of scope, but may be zeroized using a FIPS140-2 approved mechanism to clear data on hard disks, are assumed to be identities of the host). Persistently stored secret and private keys are out of scope, but may be zeroized using a FIPS140-2 approved mechanism to clear data on hard disks. 7.3 KeyStandards
FIPS 140-2, FIPS140-2, FIPS 186-4, FIPS180-4, FIPS186-4, FIPS197, FIPS198-1, SP 800-90A, SP 800-56A, SP 800-135, PKCS#1, x.509File metadata
| Title | Microsoft Word - SUSE-Strongswan-SP2-v2.0.docx |
|---|---|
| Creation date | D:20180319191056Z00'00' |
| Modification date | D:20180319191056Z00'00' |
| Pages | 26 |
| Creator | Word |
| Producer | Mac OS X 10.12.6 Quartz PDFContext |
References
Outgoing- 4588 - historical - SafeZone FIPS Cryptographic Module
- 2435 - historical - SUSE Linux Enterprise Server 12 - OpenSSL Module
- 2439 - historical - NPCT6XX TPM 1.2
- 4594 - historical - Ubuntu 18.04 IBM-GT Kernel Crypto API Cryptographic Module
- 675 - historical - nShield F3 Ultrasign PCI, nShield F3 Ultrasign 32 PCI, nCipher F3 PCI for NetHSM, payShield Ultra PCI, payShield Ultra PCI for NetHSM, nShield F3 PCI, payShield PCI, nShield F3 PCI and nShield lite
- 4595 - historical - VMware's IKE Crypto Module
- 2648 - historical - NetApp Cryptographic Security Module
- 1537 - historical - Brocade Mobility RFS7000 Controller
- 586 - historical - Subscriber Encryption Module (SEM)
- 2015 - historical - Apple OS X CoreCrypto Module, v4.0
- 1536 - historical - Astro Subscriber Motorola Advanced Crypto Engine (MACE)
- 2505 - historical - Cisco FIPS Object Module
- 4647 - active - Qualcomm® Crypto Engine Core
- 4623 - historical - Aruba AP-203R, AP-203RP, and AP-303H Wireless Access Points
- 3789 - historical - Cisco ASA Cryptographic Module
- 3197 - historical - Cryptographic Primitives Library
- 3768 - historical - REDCOM OpenSSL Cryptographic Module
- 4646 - active - RSA BSAFE® Crypto-J JSAFE and JCE Software Module 6.2.5
- 2646 - historical - Samsung Flash Memory Protector V1.1
- 1538 - historical - Datacryptor® 100M Ethernet
- 2014 - historical - Atmel Trusted Platform Module
- 674 - historical - nShield F3 Ultrasign PCI, nShield F3 Ultrasign 32 PCI, nCipher F3 PCI for NetHSM, payShield Ultra PCI, payShield Ultra PCI for NetHSM, nShield F3 PCI, payShield PCI, nShield F3 PCI and nShield lite
- 4622 - active - NPCT7xx TPM 2.0 rev 1.38
- 3038 - historical - SUSE Linux Enterprise Server OpenSSL Module
- 3042 - historical - Datacryptor® 100M Ethernet
- 1127 - historical - CryptoStor Tape SC702R
- 3770 - historical - Qualcomm® Trusted Execution Environment Software Cryptographic Library
- 2645 - historical - RF-7800W Broadband Ethernet Radio
- 3045 - historical - None
- 3198 - historical - MultiApp V4.0 Platform
- 3199 - historical - FortiGate-3700D/3815D
- 4645 - active - RSA BSAFE® Crypto-J JSAFE and JCE Software Module 6.2.5
- 3771 - historical - LifeCare PCA™ Infusion Pump
- 3788 - historical - NITROXIII CNN35XX-NFBE HSM Family
- 2016 - historical - Apple OS X CoreCrypto Kernel Module, v4.0
- 3769 - historical - PTP 820C, PTP 820C-HP, PTP 820C 2E2SX, PTP 820S, PTP 820N, PTP 820A, PTP 820G, and PTP 820GX
- 1628 - historical - XM Crypto Module
- 3044 - historical - None
- 3043 - historical - CA Technologies C-Security Kernel
- 676 - historical - Cisco Catalyst 6506, 6509, 6506(E), 6509(E), 7606 and 7609 Routers With VPN Services Module
- 1823 - historical - Cisco Telepresence C40, C60, and C90 Codecs
- 3059 - historical - Atalla Cryptographic Subsystem (ACS)
- 2549 - historical - SUSE Linux Enterprise Server 12 - Kernel Crypto API Cryptographic Module
Heuristics
No heuristics are available for this certificate.
References
Loading...
Updates Feed
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate was first processed.
Raw data
{
"_type": "sec_certs.sample.fips.FIPSCertificate",
"cert_id": 2484,
"dgst": "a2b00e8a452d83bf",
"heuristics": {
"_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
"algorithms": {
"_type": "Set",
"elements": [
"CVL#1539",
"CVL#486",
"CVL#1541"
]
},
"cpe_matches": null,
"direct_transitive_cves": null,
"extracted_versions": {
"_type": "Set",
"elements": [
"12"
]
},
"indirect_transitive_cves": null,
"module_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": {
"_type": "Set",
"elements": [
"2549"
]
},
"directly_referencing": {
"_type": "Set",
"elements": [
"2435",
"3038"
]
},
"indirectly_referenced_by": {
"_type": "Set",
"elements": [
"2549"
]
},
"indirectly_referencing": {
"_type": "Set",
"elements": [
"2435",
"3038"
]
}
},
"module_prunned_references": {
"_type": "Set",
"elements": [
"2435",
"3038"
]
},
"policy_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": {
"_type": "Set",
"elements": [
"2549"
]
},
"directly_referencing": {
"_type": "Set",
"elements": [
"4646",
"3788",
"1628",
"4623",
"2015",
"3199",
"675",
"2645",
"4647",
"2648",
"674",
"3771",
"3789",
"3769",
"3044",
"2646",
"3045",
"2439",
"2016",
"3197",
"1537",
"1127",
"2435",
"3770",
"3042",
"586",
"3198",
"3059",
"4588",
"1823",
"2014",
"1538",
"4595",
"4645",
"3038",
"676",
"1536",
"3768",
"4594",
"2505",
"3043",
"4622"
]
},
"indirectly_referenced_by": {
"_type": "Set",
"elements": [
"3099",
"2549"
]
},
"indirectly_referencing": {
"_type": "Set",
"elements": [
"4646",
"3788",
"1628",
"4623",
"2015",
"3199",
"675",
"2645",
"3090",
"3480",
"4647",
"2648",
"2507",
"2017",
"674",
"3771",
"3789",
"3195",
"3194",
"3769",
"3044",
"2646",
"3091",
"3045",
"3651",
"3196",
"2439",
"2016",
"3197",
"1537",
"1127",
"3089",
"2435",
"3770",
"3042",
"586",
"3644",
"3198",
"3096",
"3114",
"3059",
"4588",
"1823",
"2014",
"3615",
"1538",
"4595",
"4645",
"3038",
"2481",
"676",
"1930",
"1536",
"3768",
"4594",
"2505",
"3043",
"4622"
]
}
},
"policy_prunned_references": {
"_type": "Set",
"elements": [
"4646",
"3788",
"1628",
"4623",
"2015",
"3199",
"675",
"2645",
"4647",
"2648",
"674",
"3789",
"3771",
"3769",
"3045",
"3768",
"2439",
"2016",
"3043",
"3197",
"1537",
"1127",
"2435",
"3770",
"3042",
"586",
"3198",
"3059",
"4588",
"1823",
"2014",
"1538",
"3038",
"4645",
"4595",
"676",
"1536",
"2646",
"4594",
"2505",
"3044",
"4622"
]
},
"related_cves": null,
"verified_cpe_matches": null
},
"pdf_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
"keywords": {
"asymmetric_crypto": {
"ECC": {
"ECDSA": {
"ECDSA": 7
}
},
"FF": {
"DH": {
"Diffie-Hellman": 9
},
"DSA": {
"DSA": 1
}
}
},
"certification_process": {
"OutOfScope": {
" Persistently stored secret and private keys are out of scope, but may be zeroized using a FIPS140-2 approved mechanism to clear data on hard disks": 1,
"are assumed to be identities of the host). Persistently stored secret and private keys are out of scope, but may be zeroized using a FIPS140-2 approved mechanism to clear data on hard disks. 7.3 Key": 1,
"out of scope": 1
}
},
"cipher_mode": {
"CBC": {
"CBC": 3
},
"CCM": {
"CCM": 3
},
"CFB": {
"CFB": 1
},
"CTR": {
"CTR": 2
},
"ECB": {
"ECB": 1
},
"GCM": {
"GCM": 3
},
"OFB": {
"OFB": 1
},
"XEX": {
"XEX": 1
},
"XTS": {
"XTS": 2
}
},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {
"OpenSSL": {
"OpenSSL": 38
}
},
"crypto_protocol": {
"IKE": {
"IKE": 5,
"IKEv1": 1,
"IKEv2": 17
},
"IPsec": {
"IPsec": 1
},
"SSH": {
"SSH": 1
}
},
"crypto_scheme": {
"KA": {
"Key Agreement": 2,
"Key agreement": 1
},
"MAC": {
"MAC": 1
}
},
"device_model": {},
"ecc_curve": {
"NIST": {
"P-256": 2,
"P-384": 4,
"P-521": 2
}
},
"eval_facility": {
"atsec": {
"atsec": 28
}
},
"fips_cert_id": {
"Cert": {
"#1127": 1,
"#1263": 2,
"#1536": 1,
"#1537": 1,
"#1538": 1,
"#1539": 2,
"#1541": 1,
"#1628": 1,
"#1823": 1,
"#2014": 1,
"#2015": 1,
"#2016": 1,
"#2435": 5,
"#2439": 1,
"#2455": 1,
"#2505": 1,
"#2645": 1,
"#2646": 1,
"#2648": 1,
"#3038": 4,
"#3042": 1,
"#3043": 1,
"#3044": 1,
"#3045": 1,
"#3059": 1,
"#3060": 1,
"#3197": 2,
"#3198": 2,
"#3199": 2,
"#3768": 1,
"#3769": 1,
"#3770": 1,
"#3771": 1,
"#3788": 1,
"#3789": 1,
"#431": 2,
"#4588": 2,
"#4594": 2,
"#4595": 2,
"#4622": 2,
"#4623": 2,
"#4645": 2,
"#4646": 2,
"#4647": 2,
"#486": 1,
"#586": 1,
"#674": 1,
"#675": 1,
"#676": 1
}
},
"fips_certlike": {
"Certlike": {
"#1263 RSA": 1,
"#2455 AES": 1,
"#3060 AES": 1,
"Cert. #431 CVL": 2,
"Cert. #486 CVL": 1,
"HMAC SHA-256": 6,
"HMAC- SHA256": 1,
"HMAC-SHA- 384": 2,
"HMAC-SHA-1": 2,
"HMAC-SHA256": 12,
"PKCS#1": 2,
"SHA-1": 1,
"SHA-256": 7,
"SHA-512": 1,
"SHA256": 1
}
},
"fips_security_level": {
"Level": {
"Level 1": 2,
"level 1": 4
}
},
"hash_function": {
"SHA": {
"SHA1": {
"SHA-1": 1
},
"SHA2": {
"SHA-224": 1,
"SHA-256": 6,
"SHA-384": 1,
"SHA256": 1
}
}
},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {
"PRNG": {
"DRBG": 15
},
"RNG": {
"RNG": 1
}
},
"side_channel_analysis": {},
"standard_id": {
"FIPS": {
"FIPS 140-2": 45,
"FIPS 186-4": 2,
"FIPS140-2": 3,
"FIPS180-4": 1,
"FIPS186-4": 1,
"FIPS197": 1,
"FIPS198-1": 1
},
"NIST": {
"SP 800-135": 3,
"SP 800-56A": 2,
"SP 800-90A": 5
},
"PKCS": {
"PKCS#1": 1
},
"X509": {
"x.509": 1
}
},
"symmetric_crypto": {
"AES_competition": {
"AES": {
"AES": 11,
"AES-": 2
}
},
"DES": {
"3DES": {
"TDEA": 1,
"TDES": 1,
"Triple-DES": 4
},
"DES": {
"DES": 4
}
},
"constructions": {
"MAC": {
"CMAC": 3,
"HMAC": 14
}
},
"miscellaneous": {
"Camellia": {
"Camellia": 2
}
}
},
"tee_name": {},
"tls_cipher_suite": {},
"vendor": {},
"vulnerability": {}
},
"policy_metadata": {
"/AAPL:Keywords": "[]",
"/CreationDate": "D:20180319191056Z00\u002700\u0027",
"/Creator": "Word",
"/Keywords": "",
"/ModDate": "D:20180319191056Z00\u002700\u0027",
"/Producer": "Mac OS X 10.12.6 Quartz PDFContext",
"/Title": "Microsoft Word - SUSE-Strongswan-SP2-v2.0.docx",
"pdf_file_size_bytes": 567942,
"pdf_hyperlinks": {
"_type": "Set",
"elements": []
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 26
}
},
"state": {
"_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
"module_download_ok": true,
"module_extract_ok": true,
"policy_convert_ok": true,
"policy_download_ok": true,
"policy_extract_ok": true,
"policy_json_hash": null,
"policy_pdf_hash": "1c2cfa907b2476ba2e123f12766f72f003f96fc9ab58c89cd848fda25e1d7ea9",
"policy_txt_hash": "800164db04b89f85d1b590b1166391948c341a621606242586aac41e4511a45f"
},
"web_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
"caveat": "When operated in FIPS mode with module SUSE Linux Enterprise Server 12 - OpenSSL Module validated to FIPS 140-2 under Cert. #2435 [1] or with SUSE Linux Enterprise Server OpenSSL Module validated to FIPS 140-2 under Cert. #3038 [2] operating in FIPS mode",
"certificate_pdf_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/FIPS140ConsolidatedCertDec2015.pdf",
"date_sunset": null,
"description": "SUSE StrongSwan is a complete Ipsec implementation for Linux kernel.",
"embodiment": "Multi-Chip Stand Alone",
"exceptions": [
"Physical Security: N/A",
"Mitigation of Other Attacks: N/A"
],
"fw_versions": null,
"historical_reason": "Moved to historical list due to sunsetting",
"hw_versions": null,
"level": 1,
"mentioned_certs": {
"2435": 1,
"3038": 1
},
"module_name": "SUSE Linux Enterprise Server 12 - StrongSwan Cryptographic Module",
"module_type": "Software",
"revoked_link": null,
"revoked_reason": null,
"standard": "FIPS 140-2",
"status": "historical",
"sw_versions": "1.0 [1] and 2.0 [2]",
"tested_conf": [
"SUSE Linux Enterprise Server 12 running on HP ProLiant DL320e Gen8 with AES-NI[1]",
"SUSE Linux Enterprise Server 12 running on HP ProLiant DL320e Gen8 without AES-NI[1]",
"SUSE Linux Enterprise Server 12 SP2 running on FUJITSU Server PRIMERGY CX2570 M2 inside a CX400 M1 enclosure with AES-NI[2]",
"SUSE Linux Enterprise Server 12 SP2 running on FUJITSU Server PRIMERGY CX2570 M2 inside a CX400 M1 enclosure without AES-NI[2]",
"SUSE Linux Enterprise Server 12 SP2 running on IBM z13[2] (single-user mode)"
],
"validation_history": [
{
"_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
"date": "2015-12-14",
"lab": "atsec information security corporation",
"validation_type": "Initial"
},
{
"_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
"date": "2018-03-26",
"lab": "atsec information security corporation",
"validation_type": "Update"
}
],
"vendor": "SUSE, LLC",
"vendor_url": "http://www.suse.com"
}
}