This page was not yet optimized for use on mobile devices.

Comparing certificates Experimental feature

You are comparing two certificates. By default, only differing attributes are shown. Use the button below to show/hide all attributes.

Showing only differing attributes.

	Red Hat Enterprise Linux OpenSSH Server Cryptographic Module	Red Hat Enterprise Linux OpenSSH Server Cryptographic Module
cert_id	2630	3063
dgst	75ca28395bfc9ad1	7e9025938042a87f
heuristics/algorithms	CVL#700, CVL#702, CVL#701	AES#5212, DRBG#1579, SHS#3843, RSA#2544, CVL#1298, DRBG#1981, HMAC#3445, ECDSA#1151, ECDSA#1148, DRBG#1593, DRBG#1567, HMAC#3109, AES#4664, AES#4699, SHS#4194, HMAC#3451, SHS#3821, CVL#1687, HMAC#3091, DRBG#1596, HMAC#3453, SHS#4202, CVL#1320, RSA#2789, ECDSA#1150, AES#4698, AES#5203, CVL#1689, CVL#1318, DRBG#1975, AES#5209, CVL#1718, AES#4666, SHS#3807, Triple-DES#2641, DRBG#1979, Triple-DES#2471, ECDSA#1350, SHS#3844, DRBG#1984, SHS#4199, HMAC#3446, CVL#1693, AES#5205, SHS#3842, RSA#2787, DRBG#1578, RSA#2792, SHS#4198, Triple-DES#2483, SHS#3845, HMAC#3090, AES#4644, HMAC#3449, SHS#4195, SHS#3824, AES#4667, AES#4697, SHS#3823, CVL#1312, AES#5207, RSA#2547, SHS#4207, DRBG#1595, HMAC#3112, DRBG#1976, HMAC#3447, HMAC#3107, HMAC#3452, SHS#4200, AES#4700, ECDSA#1144, DRBG#1980, HMAC#3110, Triple-DES#2639, SHS#3847, DRBG#1982, DRBG#1993, DRBG#1977, DRBG#1598, HMAC#3454, DRBG#1983, DRBG#1576, RSA#2786, HMAC#3459, HMAC#3450, AES#4695, HMAC#3108, AES#5208, SHS#4197, SHS#4193, ECDSA#1348, Triple-DES#2638, SHS#3846, AES#4696, Triple-DES#2642, Triple-DES#2481, DRBG#1594, Triple-DES#2484, SHS#4201, ECDSA#1353, DRBG#1597, CVL#1700, HMAC#3088, AES#5227, AES#5211, ECDSA#1347, RSA#2546, CVL#1361, HMAC#3111, AES#5204, AES#5210, HMAC#3076, RSA#2535
heuristics/cpe_matches	{}	{}
heuristics/direct_transitive_cves	{}	{}
heuristics/extracted_versions	-	-
heuristics/indirect_transitive_cves	{}	{}
heuristics/module_processed_references/directly_referenced_by	{}	{}
heuristics/module_processed_references/directly_referencing	2441	3016
heuristics/module_processed_references/indirectly_referenced_by	{}	{}
heuristics/module_processed_references/indirectly_referencing	2441	3016
heuristics/module_prunned_references	2441	3016
heuristics/policy_processed_references/directly_referenced_by	{}	{}
heuristics/policy_processed_references/directly_referencing	2441	3016
heuristics/policy_processed_references/indirectly_referenced_by	{}	{}
heuristics/policy_processed_references/indirectly_referencing	1401, 1398, 1402, 1397, 1399, 1403, 1409, 1405, 1404, 2441, 1406, 1400	3016
heuristics/policy_prunned_references	2441	3016
heuristics/related_cves	{}	{}
heuristics/verified_cpe_matches	{}	{}
pdf_data/keywords/fips_cert_id	Cert: #2441: 3 #700: 2 #701: 2 #702: 2	Cert: #1144: 1 #1148: 1 #1150: 1 #1151: 1 #1298: 4 #1312: 4 #1318: 4 #1320: 4 #1347: 1 #1348: 1 #1350: 1 #1353: 1 #1361: 3 #1567: 1 #1576: 1 #1578: 1 #1579: 1 #1593: 1 #1594: 1 #1595: 1 #1596: 1 #1597: 1 #1598: 1 #1687: 4 #1689: 4 #1693: 4 #1700: 4 #1718: 3 #1975: 1 #1976: 1 #1977: 1 #1979: 1 #1980: 1 #1981: 1 #1982: 1 #1983: 1 #1984: 1 #1993: 1 #2471: 1 #2481: 1 #2483: 1 #2484: 1 #2535: 1 #2544: 1 #2546: 1 #2547: 1 #2638: 1 #2639: 1 #2641: 1 #2642: 1 #2786: 1 #2787: 1 #2789: 1 #2792: 1 #3016: 3 #3076: 1 #3088: 1 #3090: 1 #3091: 1 #3107: 1 #3108: 1 #3109: 1 #3110: 1 #3111: 1 #3112: 1 #3445: 1 #3446: 1 #3447: 1 #3449: 1 #3450: 1 #3451: 1 #3452: 1 #3453: 1 #3454: 1 #3459: 1 #3807: 1 #3821: 1 #3823: 1 #3824: 1 #3842: 1 #3843: 1 #3844: 1 #3845: 1 #3846: 1 #3847: 1 #4193: 1 #4194: 1 #4195: 1 #4197: 1 #4198: 1 #4199: 1 #4200: 1 #4201: 1 #4202: 1 #4207: 1 #4644: 1 #4664: 1 #4666: 1 #4667: 1 #4695: 1 #4696: 1 #4697: 1 #4698: 1 #4699: 1 #4700: 1 #5203: 1 #5204: 1 #5205: 1 #5207: 1 #5208: 1 #5209: 1 #5210: 1 #5211: 1 #5212: 1 #5227: 1
pdf_data/keywords/fips_security_level	Level: Level 1: 5	Level: Level 1: 5
pdf_data/keywords/fips_certlike	Certlike: HMAC-SHA-256: 20 PKCS#1: 2	Certlike: #1320 CVL: 2 #1700 DRBG: 1 #2642 HMAC: 1 #3459 SHA: 1 #4207 RSA: 1 AES 128/192/25: 1 Cert. #1361 CVL: 1 HMAC-SHA-256: 20 PKCS#1: 2
pdf_data/keywords/vendor
pdf_data/keywords/eval_facility	atsec: atsec: 23	atsec: atsec: 24
pdf_data/keywords/symmetric_crypto	AES_competition: AES: AES: 5 DES: 3DES: TDEA: 1 TDES: 1 DES: DES: 2 constructions: MAC: CMAC: 2 HMAC: 8 HMAC-SHA-256: 10	AES_competition: AES: AES: 6 DES: 3DES: TDEA: 1 TDES: 1 Triple-DES: 2 DES: DES: 2 constructions: MAC: CMAC: 2 HMAC: 10 HMAC-SHA-256: 10
pdf_data/keywords/asymmetric_crypto	ECC: ECC: ECC: 1 ECDSA: ECDSA: 2 FF: DH: Diffie-Hellman: 2 DSA: DSA: 5	ECC: ECC: ECC: 1 ECDSA: ECDSA: 3 FF: DSA: DSA: 6
pdf_data/keywords/pq_crypto
pdf_data/keywords/hash_function
pdf_data/keywords/crypto_scheme	KA: Key Agreement: 1 MAC: MAC: 1	KA: Key Agreement: 1 MAC: MAC: 1
pdf_data/keywords/crypto_protocol	SSH: SSH: 15	SSH: SSH: 17
pdf_data/keywords/randomness	PRNG: DRBG: 1 RNG: RNG: 1	PRNG: DRBG: 4 RNG: RNG: 1
pdf_data/keywords/cipher_mode	CBC: CBC: 1 CCM: CCM: 2 CFB: CFB: 1 CTR: CTR: 1 ECB: ECB: 1 GCM: GCM: 2 OFB: OFB: 1 XTS: XTS: 2	CBC: CBC: 3 CCM: CCM: 2 CFB: CFB: 1 CTR: CTR: 2 ECB: ECB: 1 GCM: GCM: 2 OFB: OFB: 1 XTS: XTS: 1
pdf_data/keywords/ecc_curve		NIST: P-256: 2 P-384: 2 P-521: 4
pdf_data/keywords/crypto_engine
pdf_data/keywords/tls_cipher_suite
pdf_data/keywords/crypto_library	OpenSSL: OpenSSL: 17	OpenSSL: OpenSSL: 22
pdf_data/keywords/vulnerability
pdf_data/keywords/side_channel_analysis
pdf_data/keywords/device_model
pdf_data/keywords/tee_name
pdf_data/keywords/os_name
pdf_data/keywords/cplc_data
pdf_data/keywords/ic_data_group
pdf_data/keywords/standard_id	FIPS: FIPS 140-2: 11 FIPS PUB 140-2: 1 FIPS180-4: 1 FIPS186-4: 1 FIPS197: 1 FIPS198-1: 1 NIST: SP 800-135: 8 PKCS: PKCS#1: 1 RFC: RFC3394: 1 RFC5649: 1	FIPS: FIPS 140-2: 11 FIPS PUB 140-2: 1 FIPS180-4: 1 FIPS186-4: 1 FIPS197: 1 FIPS198-1: 1 NIST: SP 800-135: 9 SP 800-56A: 2 PKCS: PKCS#1: 1 RFC: RFC3394: 1 RFC5649: 1
pdf_data/keywords/javacard_version
pdf_data/keywords/javacard_api_const
pdf_data/keywords/javacard_packages
pdf_data/keywords/certification_process
pdf_data/policy_metadata	/Author: Alejandro Fabio Masino /CreationDate: D:20160613102953-05'00' /Creator: Writer /Keywords: FIPS 140-2 /Producer: LibreOffice 5.1 /Title: FIPS 140-2 Non-Proprietary Security Policy pdf_file_size_bytes: 223870 pdf_hyperlinks: mailto:[email protected], mailto:[email protected], http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/1401val2015.htm#2441, http://www.atsec.com/, mailto:[email protected], mailto:[email protected] pdf_is_encrypted: False pdf_number_of_pages: 21	/Author: Alejandro Fabio Masino /CreationDate: D:20180220082652-06'00' /Creator: Writer /Keywords: FIPS 140-2 /Producer: LibreOffice 5.4 /Title: FIPS 140-2 Non-Proprietary Security Policy pdf_file_size_bytes: 227821 pdf_hyperlinks: mailto:[email protected], mailto:[email protected], http://www.atsec.com/, mailto:[email protected], mailto:[email protected] pdf_is_encrypted: False pdf_number_of_pages: 22
state/module_download_ok	True	True
state/module_extract_ok	True	True
state/policy_convert_garbage	False	False
state/policy_convert_ok	True	True
state/policy_download_ok	True	True
state/policy_extract_ok	True	True
state/policy_pdf_hash	Different	Different
state/policy_txt_hash	Different	Different
web_data/caveat	When operated in FIPS mode with module Red Hat Enterprise Linux 7.1 OpenSSL Module validated to FIPS 140-2 under Cert. #2441 operating in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy	When operated in FIPS Mode with module Red Hat Enterprise Linux OpenSSL Module validated to FIPS 140-2 under Cert. #3016 operating in FIPS mode
web_data/certificate_pdf_url	https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/FIPS140ConsolidatedCertMay2016.pdf	https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/FIPS140ConsolidatedCertNov2017.pdf
web_data/date_sunset
web_data/description	The OpenSSH Server cryptographic module provides the server-side component for an SSH protocol version 2 protected communication channel. OpenSSH is the standard SSH implementation and shipped with RHEL 7.1. Its cryptographic mechanisms use the OpenSSL library in FIPS 140-2 mode.	The OpenSSH Server cryptographic module provides the server-side component for an SSH protocol version 2 protected communication channel. OpenSSH is the standard SSH implementation and shipped with RHEL 7. Its cryptographic mechanisms use the OpenSSL library in FIPS 140-2 mode.
web_data/embodiment	Multi-Chip Stand Alone	Multi-Chip Stand Alone
web_data/exceptions	Physical Security: N/A, Mitigation of Other Attacks: N/A	Physical Security: N/A, Mitigation of Other Attacks: N/A
web_data/fw_versions	[]	[]
web_data/historical_reason	Moved to historical list due to sunsetting	SP 800-56Arev3 transition
web_data/hw_versions	[]	[]
web_data/level	1	1
web_data/mentioned_certs	2441: 1	3016: 1
web_data/module_name	Red Hat Enterprise Linux OpenSSH Server Cryptographic Module	Red Hat Enterprise Linux OpenSSH Server Cryptographic Module
web_data/module_type	Software	Software
web_data/revoked_link	None	None
web_data/revoked_reason	None	None
web_data/standard	FIPS 140-2	FIPS 140-2
web_data/status	historical	historical
web_data/sw_versions	4.0	5.0 [1] , 6.0 [2]
web_data/tested_conf	Red Hat Enterprise Linux 7.1 running on IBM Power8 Little Endian 8286-41A, Red Hat Enterprise Linux 7.1 running on IBM z13 with CP Assist for Cryptographic Functions (single-user mode), Red Hat Enterprise Linux 7.1 running on ProLiant DL380p Gen8 with PAA, Red Hat Enterprise Linux 7.1 running on ProLiant DL380p Gen8 without PAA	Red Hat Enterprise Linux 7.4 running on Dell PowerEdge R630 with PAA [1], Red Hat Enterprise Linux 7.4 running on Dell PowerEdge R630 without PAA [1], Red Hat Enterprise Linux 7.5 running on Dell PowerEdge R630 with PAA [2], Red Hat Enterprise Linux 7.5 running on Dell PowerEdge R630 without PAA [2] (single-user mode)
web_data/validation_history	date: 02.05.2016 lab: ATSEC INFORMATION SECURITY CORP validation_type: Initial date: 17.06.2016 lab: ATSEC INFORMATION SECURITY CORP validation_type: Update	date: 14.11.2017 lab: ATSEC INFORMATION SECURITY CORP validation_type: Initial date: 15.06.2018 lab: ATSEC INFORMATION SECURITY CORP validation_type: Update
web_data/vendor	Red Hat®, Inc.	Red Hat®, Inc.
web_data/vendor_url	http://www.redhat.com	http://www.redhat.com