This page was not yet optimized for use on mobile devices.
Red Hat Enterprise Linux 9 Kernel Cryptographic API
Certificate #4796
Webpage information ?
Security policy ?
Symmetric Algorithms
AES-128, AES-192, AES-256, AES, AES-, CAST, HMAC, CMACHash functions
SHA-1, SHA-512, SHA-256, SHA512, SHA3-224, SHA3-256, SHA3-384, SHA3-512, SHA-3, PBKDF2Schemes
MACProtocols
IKEv2, IPsecRandomness
DRBG, RNG, RBGBlock cipher modes
ECB, CBC, CTR, CFB, GCM, CCM, XTSSecurity level
Level 1Side-channel analysis
Fault InductionStandards
FIPS 140-3, FIPS PUB 140-3, FIPS 198-1, FIPS 186-4, FIPS 180-4, FIPS 202, FIPS186-4, FIPS 186-5, SP 800-38A, SP 800-38C, SP 800-38B, SP 800-38D, SP 800-38E, SP 800-90A, PKCS 1, PKCS#1, RFC 4106, RFC 7296File metadata
| Title | 140sp-new |
|---|---|
| Author | Dick Sikkema |
| Creation date | D:20240903161045Z00'00' |
| Modification date | D:20240903161045Z00'00' |
| Pages | 103 |
| Creator | Word |
| Producer | macOS Version 12.7.6 (Build 21H1320) Quartz PDFContext |
Heuristics ?
No heuristics are available for this certificate.
References ?
No references are available for this certificate.
Updates ?
-
16.09.2024 The certificate was first processed.
New certificate
A new FIPS 140 certificate with the product name was processed.
Raw data
{
"_type": "sec_certs.sample.fips.FIPSCertificate",
"cert_id": 4796,
"dgst": "ae46bd6ed6ba612b",
"heuristics": {
"_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
"algorithms": {
"_type": "Set",
"elements": [
"HMAC-SHA3-512A3728",
"AES-GCMA3724",
"HMAC DRBGA3724",
"SHA3-512A3728",
"AES-GMACA3722",
"HMAC-SHA2-256A3722",
"HMAC-SHA3-384A3728",
"SHA3-256A3728",
"AES-CFB128A3725",
"Hash DRBGA3724",
"SHA-1A3722",
"SHA3-384A3728",
"SHA2-224A3722",
"HMAC-SHA2-512A3722",
"AES-OFBA3726",
"AES-XTS Testing Revision 2.0A4549",
"SHA3-224A3728",
"SHA2-512A3722",
"AES-CTRA4549",
"AES-CCMA3722",
"HMAC-SHA3-224A3728",
"HMAC-SHA2-384A3722",
"SHA2-384A3722",
"Counter DRBGA3724",
"RSA SigVer (FIPS186-4)A3722",
"AES-CBC-CS3A3727",
"AES-ECBA3724",
"AES-CBCA4549",
"HMAC-SHA2-224A3722",
"SHA2-256A3722",
"AES-CMACA3722",
"HMAC-SHA3-256A3728",
"HMAC-SHA-1A3722"
]
},
"cpe_matches": null,
"direct_transitive_cves": null,
"extracted_versions": {
"_type": "Set",
"elements": [
"9"
]
},
"indirect_transitive_cves": null,
"module_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"module_prunned_references": {
"_type": "Set",
"elements": []
},
"policy_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"policy_prunned_references": {
"_type": "Set",
"elements": []
},
"related_cves": null,
"verified_cpe_matches": null
},
"pdf_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
"keywords": {
"asymmetric_crypto": {},
"certification_process": {},
"cipher_mode": {
"CBC": {
"CBC": 1
},
"CCM": {
"CCM": 2
},
"CFB": {
"CFB": 1
},
"CTR": {
"CTR": 1
},
"ECB": {
"ECB": 1
},
"GCM": {
"GCM": 14
},
"XTS": {
"XTS": 10
}
},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {},
"crypto_protocol": {
"IKE": {
"IKEv2": 1
},
"IPsec": {
"IPsec": 7
}
},
"crypto_scheme": {
"MAC": {
"MAC": 11
}
},
"device_model": {},
"ecc_curve": {},
"eval_facility": {
"atsec": {
"atsec": 105
}
},
"fips_cert_id": {},
"fips_certlike": {
"Certlike": {
"- PKCS 1": 5,
"AES-128": 15,
"AES-192": 15,
"AES-256": 15,
"HMAC- SHA-1": 5,
"HMAC-SHA- 256": 34,
"HMAC-SHA- 512": 2,
"HMAC-SHA-1": 38,
"PKCS 1": 5,
"PKCS#1": 10,
"SHA- 256": 6,
"SHA-1": 66,
"SHA-256": 18,
"SHA-3": 5,
"SHA-512": 1,
"SHA2- 256": 2,
"SHA2-224": 28,
"SHA2-256": 62,
"SHA2-384": 54,
"SHA2-512": 65,
"SHA3-224": 11,
"SHA3-256": 12,
"SHA3-384": 11,
"SHA3-512": 12,
"SHA512": 17
}
},
"fips_security_level": {
"Level": {
"Level 1": 2
}
},
"hash_function": {
"PBKDF": {
"PBKDF2": 2
},
"SHA": {
"SHA1": {
"SHA-1": 67
},
"SHA2": {
"SHA-256": 18,
"SHA-512": 1,
"SHA512": 17
},
"SHA3": {
"SHA-3": 5,
"SHA3-224": 12,
"SHA3-256": 11,
"SHA3-384": 12,
"SHA3-512": 11
}
}
},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {
"PRNG": {
"DRBG": 256
},
"RNG": {
"RBG": 2,
"RNG": 1
}
},
"side_channel_analysis": {
"FI": {
"Fault Induction": 2
}
},
"standard_id": {
"FIPS": {
"FIPS 140-3": 6,
"FIPS 180-4": 26,
"FIPS 186-4": 8,
"FIPS 186-5": 2,
"FIPS 198-1": 34,
"FIPS 202": 9,
"FIPS PUB 140-3": 2,
"FIPS186-4": 12
},
"NIST": {
"SP 800-38A": 37,
"SP 800-38B": 5,
"SP 800-38C": 5,
"SP 800-38D": 20,
"SP 800-38E": 8,
"SP 800-90A": 49
},
"PKCS": {
"PKCS 1": 5,
"PKCS#1": 5
},
"RFC": {
"RFC 4106": 2,
"RFC 7296": 1
}
},
"symmetric_crypto": {
"AES_competition": {
"AES": {
"AES": 65,
"AES-": 6,
"AES-128": 15,
"AES-192": 15,
"AES-256": 15
},
"CAST": {
"CAST": 505
}
},
"constructions": {
"MAC": {
"CMAC": 2,
"HMAC": 85
}
}
},
"tee_name": {},
"tls_cipher_suite": {},
"vendor": {},
"vulnerability": {}
},
"policy_metadata": {
"/Author": "Dick Sikkema",
"/CreationDate": "D:20240903161045Z00\u002700\u0027",
"/Creator": "Word",
"/ModDate": "D:20240903161045Z00\u002700\u0027",
"/Producer": "macOS Version 12.7.6 (Build 21H1320) Quartz PDFContext",
"/Title": "140sp-new",
"pdf_file_size_bytes": 1106591,
"pdf_hyperlinks": {
"_type": "Set",
"elements": []
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 103
}
},
"state": {
"_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
"module_download_ok": true,
"module_extract_ok": true,
"policy_convert_garbage": false,
"policy_convert_ok": true,
"policy_download_ok": true,
"policy_extract_ok": true,
"policy_pdf_hash": "c471d6ef4d3ac49345248e3f403ab540a5b2d49c19a7ca60be11699e50ab830a",
"policy_txt_hash": "83be0208c3554804a35507841b0c9cfaeca44ecf37f4d794e7df84c73e968d12"
},
"web_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
"caveat": "Interim validation. When operated in approved mode. When installed, initialized and configured as specified in section 11 of the Security Policy. The module generates random strings whose strengths are modified by available entropy.",
"certificate_pdf_url": null,
"date_sunset": "2026-09-10",
"description": "The Red Hat Enterprise Linux 9 Kernel Cryptographic API provides a C language API for use by other (kernel space and user space) processes that require cryptographic functionality",
"embodiment": "Multi-Chip Stand Alone",
"exceptions": [
"Physical security: N/A",
"Non-invasive security: N/A",
"Mitigation of other attacks: N/A",
"Documentation requirements: N/A",
"Cryptographic module security policy: N/A"
],
"fw_versions": null,
"historical_reason": null,
"hw_versions": null,
"level": 1,
"mentioned_certs": {},
"module_name": "Red Hat Enterprise Linux 9 Kernel Cryptographic API",
"module_type": "Software",
"revoked_link": null,
"revoked_reason": null,
"standard": "FIPS 140-3",
"status": "active",
"sw_versions": "5.14.0-70.53.1.el9_0; 1.3.1-3.el9",
"tested_conf": [
"Red Hat Enterprise Linux 9 on IBM z16 3931-A01 with IBM z16 with PAI",
"Red Hat Enterprise Linux 9 on IBM z16 3931-A01 with IBM z16 without PAI",
"Red Hat Enterprise Linux 9 running on Dell PowerEdge R440 with Intel Xeon Silver 4216 with PAA",
"Red Hat Enterprise Linux 9 running on Dell PowerEdge R440 with Intel Xeon Silver 4216 without PAA",
"Red Hat Enterprise Linux 9 with PowerVM FW1040.00 with VIOS 3.1.3.00 running on IBM 9080-HEX with IBM POWER10 without PAA"
],
"validation_history": [
{
"_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
"date": "2024-09-11",
"lab": "ATSEC INFORMATION SECURITY CORP",
"validation_type": "Initial"
}
],
"vendor": "Red Hat(R), Inc.",
"vendor_url": "http://www.redhat.com"
}
}