This page was not yet optimized for use on mobile devices.
Red Hat Enterprise Linux 9 - OpenSSL FIPS Provider
Certificate #4857
Webpage information ?
Security policy ?
Symmetric Algorithms
AES, AES-128, AES-192, AES-256, CAST, HMAC, CMACAsymmetric Algorithms
RSA-PSS, RSA-OAEP, ECDH, ECDSA, ECC, DH, Diffie-HellmanHash functions
SHA-1, SHA-224, SHA-256, SHA-384, SHA-512, SHA-3, SHA3-224, SHA3-256, SHA3-512, SHA3-384, SHAKE128, SHAKE256, PBKDF2Schemes
MAC, Key Exchange, Key AgreementProtocols
SSH, TLS 1.2, TLS 1.3, TLS, IKERandomness
DRBGLibraries
OpenSSLElliptic Curves
P-224, P-256, P-384, P-521Block cipher modes
ECB, CBC, CTR, CFB, OFB, GCM, CCM, XTSTrusted Execution Environments
PSP, SSCSecurity level
Level 1, level 1Standards
FIPS 140-3, FIPS PUB 140-3, FIPS 180-4, FIPS 202, FIPS 197, FIPS 186-5, FIPS 186-4, FIPS 198-1, SP 800-132, SP 800-38A, SP 800-38C, SP 800-38F, SP 800-38E, SP 800-38B, SP 800-38D, SP 800-90B, PKCS#1, RFC 8446, RFC 3526, RFC 7919, RFC 5288, RFC8446, ISO/IEC 24759File metadata
| Creation date | D:20241025211526Z00'00' |
|---|---|
| Modification date | D:20241025211526Z00'00' |
| Pages | 46 |
| Producer | macOS Version 14.4 (Build 23E214) Quartz PDFContext |
Heuristics ?
No heuristics are available for this certificate.
References ?
No references are available for this certificate.
Updates ?
-
24.02.2025 The certificate data changed.
Certificate changed
The web extraction data was updated.
- The exceptions property was updated.
-
12.11.2024 The certificate was first processed.
New certificate
A new FIPS 140 certificate with the product name Red Hat Enterprise Linux 9 - OpenSSL FIPS Provider was processed.
Raw data
{
"_type": "sec_certs.sample.fips.FIPSCertificate",
"cert_id": 4857,
"dgst": "f1ef71e794551289",
"heuristics": {
"_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
"algorithms": {
"_type": "Set",
"elements": [
"KDF ANS 9.63A4826",
"AES-OFBA4811",
"AES-CBCA4811",
"KDA OneStep SP800-56Cr2A4844",
"AES-CBC-CS1A4811",
"ECDSA SigVer (FIPS186-5)A4826",
"RSA SigGen (FIPS186-5)A4826",
"SHA2-384A4826",
"AES-XTS Testing Revision 2.0A4811",
"HMAC-SHA3-256A4814",
"AES-CFB1A4811",
"HMAC-SHA2-256A4826",
"ECDSA KeyVer (FIPS186-5)A4826",
"HMAC-SHA3-224A4814",
"HMAC-SHA2-224A4826",
"TLS v1.2 KDF RFC7627A4826",
"SHAKE-128A4814",
"PBKDFA4826",
"ECDSA KeyGen (FIPS186-5)A4826",
"KDF ANS 9.42A4826",
"SHA3-384A4814",
"KAS-ECC-SSC Sp800-56Ar3A4826",
"SHA2-512/224A4826",
"HMAC-SHA3-512A4814",
"AES-CBC-CS3A4811",
"AES-CMACA4811",
"KTS-IFCA4826",
"HMAC-SHA3-384A4814",
"RSA SigVer (FIPS186-4)A4826",
"SHA2-512/256A4826",
"Counter DRBGA4808",
"HMAC DRBGA4808",
"AES-CFB128A4811",
"SHA2-256A4826",
"HMAC-SHA2-512A4826",
"Safe Primes Key GenerationA4845",
"AES-CTRA4811",
"KDF SP800-108A4843",
"AES-KWA4811",
"Safe Primes Key VerificationA4845",
"SHA2-224A4826",
"HMAC-SHA2-512/224A4826",
"AES-ECBA4841",
"KDF SSHA4841",
"KDA HKDF Sp800-56Cr1A4807",
"AES-GCMA4822",
"AES-CFB8A4811",
"SHA2-512A4826",
"HMAC-SHA-1A4826",
"AES-CCMA4811",
"Hash DRBGA4808",
"SHA3-224A4814",
"HMAC-SHA2-512/256A4826",
"RSA KeyGen (FIPS186-5)A4826",
"RSA SigVer (FIPS186-5)A4826",
"SHA3-512A4814",
"AES-KWPA4811",
"TLS v1.3 KDFA4807",
"KAS-IFC-SSCA4826",
"SHA3-256A4814",
"AES-CBC-CS2A4811",
"AES-GMACA4822",
"SHAKE-256A4814",
"ECDSA SigGen (FIPS186-5)A4826",
"HMAC-SHA2-384A4826",
"KAS-FFC-SSC Sp800-56Ar3A4845",
"SHA-1A4826"
]
},
"cpe_matches": null,
"direct_transitive_cves": null,
"extracted_versions": {
"_type": "Set",
"elements": [
"9"
]
},
"indirect_transitive_cves": null,
"module_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"module_prunned_references": {
"_type": "Set",
"elements": []
},
"policy_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"policy_prunned_references": {
"_type": "Set",
"elements": []
},
"related_cves": null,
"verified_cpe_matches": null
},
"pdf_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
"keywords": {
"asymmetric_crypto": {
"ECC": {
"ECC": {
"ECC": 2
},
"ECDH": {
"ECDH": 23
},
"ECDSA": {
"ECDSA": 17
}
},
"FF": {
"DH": {
"DH": 42,
"Diffie-Hellman": 10
}
},
"RSA": {
"RSA-OAEP": 2,
"RSA-PSS": 2
}
},
"certification_process": {},
"cipher_mode": {
"CBC": {
"CBC": 4
},
"CCM": {
"CCM": 4
},
"CFB": {
"CFB": 1
},
"CTR": {
"CTR": 3
},
"ECB": {
"ECB": 5
},
"GCM": {
"GCM": 21
},
"OFB": {
"OFB": 3
},
"XTS": {
"XTS": 11
}
},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {
"OpenSSL": {
"OpenSSL": 54
}
},
"crypto_protocol": {
"IKE": {
"IKE": 5
},
"SSH": {
"SSH": 28
},
"TLS": {
"TLS": {
"TLS": 10,
"TLS 1.2": 29,
"TLS 1.3": 31
}
}
},
"crypto_scheme": {
"KA": {
"Key Agreement": 4
},
"KEX": {
"Key Exchange": 2
},
"MAC": {
"MAC": 5
}
},
"device_model": {},
"ecc_curve": {
"NIST": {
"P-224": 12,
"P-256": 14,
"P-384": 10,
"P-521": 10
}
},
"eval_facility": {
"atsec": {
"atsec": 49
}
},
"fips_cert_id": {},
"fips_certlike": {
"Certlike": {
"AES-128": 4,
"AES-192": 2,
"AES-256": 4,
"HMAC SHA- 256": 1,
"HMAC SHA-1": 2,
"HMAC SHA-224": 1,
"HMAC SHA-256": 6,
"HMAC SHA-384": 1,
"HMAC SHA-512": 1,
"HMAC SHA-512/224": 1,
"HMAC SHA-512/256": 1,
"PKCS#1": 14,
"RSA PKCS#1": 2,
"RSA2": 1,
"SHA- 224": 2,
"SHA- 256": 4,
"SHA- 384": 5,
"SHA- 512": 3,
"SHA-1": 23,
"SHA-224": 19,
"SHA-256": 33,
"SHA-3": 9,
"SHA-384": 12,
"SHA-512": 19,
"SHA3- 224": 1,
"SHA3- 256": 3,
"SHA3- 384": 9,
"SHA3- 512": 2,
"SHA3-224": 13,
"SHA3-256": 13,
"SHA3-384": 5,
"SHA3-512": 12
}
},
"fips_security_level": {
"Level": {
"Level 1": 2,
"level 1": 1
}
},
"hash_function": {
"PBKDF": {
"PBKDF2": 19
},
"SHA": {
"SHA1": {
"SHA-1": 23
},
"SHA2": {
"SHA-224": 19,
"SHA-256": 33,
"SHA-384": 12,
"SHA-512": 19
},
"SHA3": {
"SHA-3": 9,
"SHA3-224": 13,
"SHA3-256": 13,
"SHA3-384": 5,
"SHA3-512": 12
}
},
"SHAKE": {
"SHAKE128": 10,
"SHAKE256": 10
}
},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {
"PRNG": {
"DRBG": 26
}
},
"side_channel_analysis": {},
"standard_id": {
"FIPS": {
"FIPS 140-3": 62,
"FIPS 180-4": 2,
"FIPS 186-4": 3,
"FIPS 186-5": 13,
"FIPS 197": 8,
"FIPS 198-1": 1,
"FIPS 202": 3,
"FIPS PUB 140-3": 2
},
"ISO": {
"ISO/IEC 24759": 2
},
"NIST": {
"SP 800-132": 8,
"SP 800-38A": 4,
"SP 800-38B": 2,
"SP 800-38C": 2,
"SP 800-38D": 4,
"SP 800-38E": 2,
"SP 800-38F": 2,
"SP 800-90B": 2
},
"PKCS": {
"PKCS#1": 8
},
"RFC": {
"RFC 3526": 3,
"RFC 5288": 2,
"RFC 7919": 3,
"RFC 8446": 2,
"RFC8446": 2
}
},
"symmetric_crypto": {
"AES_competition": {
"AES": {
"AES": 51,
"AES-128": 4,
"AES-192": 2,
"AES-256": 4
},
"CAST": {
"CAST": 3
}
},
"constructions": {
"MAC": {
"CMAC": 6,
"HMAC": 31
}
}
},
"tee_name": {
"AMD": {
"PSP": 3
},
"IBM": {
"SSC": 2
}
},
"tls_cipher_suite": {},
"vendor": {},
"vulnerability": {}
},
"policy_metadata": {
"/CreationDate": "D:20241025211526Z00\u002700\u0027",
"/ModDate": "D:20241025211526Z00\u002700\u0027",
"/Producer": "macOS Version 14.4 (Build 23E214) Quartz PDFContext",
"pdf_file_size_bytes": 747256,
"pdf_hyperlinks": {
"_type": "Set",
"elements": [
"https://csrc.nist.gov/publications/nistpubs/800-132/nist-sp800-132.pdf",
"https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38a-add.pdf",
"https://webstore.ansi.org/standards/ascx9/ansix9632001",
"http://www.atsec.com/",
"https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.180-4.pdf",
"https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-4.pdf",
"https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/security_hardening/using-the-system-wide-cryptographic-policies_security-hardening#switching-the-system-to-fips-mode_using-the-system-wide-cryptographic-policies",
"https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.202.pdf",
"https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/security_hardening/assembly_installing-the-system-in-fips-mode_security-hardening#proc_installing-the-system-with-fips-mode-enabled_assembly_installing-the-system-in-fips-mode",
"https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38c.pdf",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-108r1.pdf",
"https://csrc.nist.gov/Projects/cryptographic-module-validation-program/fips-140-3-ig-announcements",
"https://csrc.nist.gov/publications/nistpubs/800-38D/SP-800-38D.pdf",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-90Ar1.pdf",
"https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.140-3.pdf",
"https://csrc.nist.gov/publications/fips/fips198-1/FIPS-198-1_final.pdf",
"https://webstore.ansi.org/standards/ascx9/ansix9422001",
"https://csrc.nist.gov/publications/nistpubs/800-38E/nist-sp-800-38E.pdf",
"https://www.ietf.org/rfc/rfc3526.txt",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-133r2.pdf",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-56Br2.pdf",
"https://csrc.nist.gov/publications/nistpubs/800-38a/sp800-38a.pdf",
"https://www.ietf.org/rfc/rfc8446.txt",
"https://www.ietf.org/rfc/rfc3447.txt",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-56Cr2.pdf",
"https://www.ietf.org/rfc/rfc5288.txt",
"https://www.ietf.org/rfc/rfc7919.txt",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-38F.pdf",
"https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-5.pdf",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-90B.pdf",
"https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-135r1.pdf",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-131Ar2.pdf",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-52r2.pdf",
"https://csrc.nist.gov/publications/fips/fips197/fips-197.pdf",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-56Ar3.pdf",
"https://csrc.nist.gov/publications/nistpubs/800-38B/SP_800-38B.pdf"
]
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 46
}
},
"state": {
"_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
"module_download_ok": true,
"module_extract_ok": true,
"policy_convert_garbage": false,
"policy_convert_ok": true,
"policy_download_ok": true,
"policy_extract_ok": true,
"policy_pdf_hash": "d57c2a9ddc2cb25e5cdf47b021463d2b3a4226052f3fd8be9603d28ab0f67594",
"policy_txt_hash": "57efb073b4a6848e11ddc6d1dff7cd09f513cd4f4d9eeeb7b24ca279b1b1e4b5"
},
"web_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
"caveat": "Interim validation. When operated in approved mode. When installed, initialized and configured as specified in Section 11.2 of the Security Policy. The module generates SSPs (e.g., keys) whose strengths are modified by available entropy.",
"certificate_pdf_url": null,
"date_sunset": "2026-10-28",
"description": "The Red Hat Enterprise Linux 9 - OpenSSL FIPS Provider provides a C language application program interface (API) for use by other applications that require cryptographic functionality.",
"embodiment": "Multi-Chip Stand Alone",
"exceptions": [
"Physical security: N/A",
"Non-invasive security: N/A"
],
"fw_versions": null,
"historical_reason": null,
"hw_versions": null,
"level": 1,
"mentioned_certs": {},
"module_name": "Red Hat Enterprise Linux 9 - OpenSSL FIPS Provider",
"module_type": "Software",
"revoked_link": null,
"revoked_reason": null,
"standard": "FIPS 140-3",
"status": "active",
"sw_versions": "3.0.7-395c1a240fbfffd8",
"tested_conf": [
"Red Hat Enterprise Linux 9 running on Dell PowerEdge R440 with Intel(R) Xeon(R) Silver 4216 with PAA",
"Red Hat Enterprise Linux 9 running on Dell PowerEdge R440 with Intel(R) Xeon(R) Silver 4216 without PAA"
],
"validation_history": [
{
"_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
"date": "2024-10-29",
"lab": "ATSEC INFORMATION SECURITY CORP",
"validation_type": "Initial"
}
],
"vendor": "Red Hat(R), Inc.",
"vendor_url": "http://www.redhat.com"
}
}