This page was not yet optimized for use on mobile devices.
Red Hat Enterprise Linux 9 - OpenSSL FIPS Provider
Certificate #4857
Webpage information ?
Security policy ?
Symmetric Algorithms
AES, AES-128, AES-192, AES-256, CAST, HMAC, CMACAsymmetric Algorithms
RSA-PSS, RSA-OAEP, ECDH, ECDSA, ECC, DH, Diffie-HellmanHash functions
SHA-1, SHA-224, SHA-256, SHA-384, SHA-512, SHA-3, SHA3-224, SHA3-256, SHA3-512, SHA3-384, SHAKE128, SHAKE256, PBKDF2Schemes
MAC, Key Exchange, Key AgreementProtocols
SSH, TLS 1.2, TLS 1.3, TLS, IKERandomness
DRBGLibraries
OpenSSLElliptic Curves
P-224, P-256, P-384, P-521Block cipher modes
ECB, CBC, CTR, CFB, OFB, GCM, CCM, XTSTrusted Execution Environments
PSP, SSCSecurity level
Level 1, level 1Standards
FIPS 140-3, FIPS PUB 140-3, FIPS 180-4, FIPS 202, FIPS 197, FIPS 186-5, FIPS 186-4, FIPS 198-1, SP 800-132, SP 800-38A, SP 800-38C, SP 800-38F, SP 800-38E, SP 800-38B, SP 800-38D, SP 800-90B, PKCS#1, RFC 8446, RFC 3526, RFC 7919, RFC 5288, RFC8446, ISO/IEC 24759File metadata
| Creation date | D:20241025211526Z00'00' |
|---|---|
| Modification date | D:20241025211526Z00'00' |
| Pages | 46 |
| Producer | macOS Version 14.4 (Build 23E214) Quartz PDFContext |
Heuristics ?
No heuristics are available for this certificate.
References ?
No references are available for this certificate.
Updates ?
-
12.11.2024 The certificate was first processed.
New certificate
A new FIPS 140 certificate with the product name was processed.
Raw data
{
"_type": "sec_certs.sample.fips.FIPSCertificate",
"cert_id": 4857,
"dgst": "f1ef71e794551289",
"heuristics": {
"_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
"algorithms": {
"_type": "Set",
"elements": [
"AES-CBC-CS2A4811",
"KDA OneStep SP800-56Cr2A4844",
"SHA2-512/256A4826",
"HMAC-SHA2-224A4826",
"KTS-IFCA4826",
"HMAC-SHA3-512A4814",
"RSA SigGen (FIPS186-5)A4826",
"AES-CCMA4811",
"KDF SSHA4841",
"Safe Primes Key VerificationA4845",
"AES-CFB8A4811",
"AES-CBC-CS3A4811",
"ECDSA SigGen (FIPS186-5)A4826",
"SHA2-384A4826",
"SHA2-256A4826",
"HMAC-SHA2-512A4826",
"Safe Primes Key GenerationA4845",
"SHAKE-128A4814",
"AES-CBC-CS1A4811",
"KDA HKDF Sp800-56Cr1A4807",
"AES-CMACA4811",
"AES-OFBA4811",
"RSA KeyGen (FIPS186-5)A4826",
"TLS v1.3 KDFA4807",
"AES-GCMA4822",
"SHA-1A4826",
"TLS v1.2 KDF RFC7627A4826",
"HMAC-SHA2-512/224A4826",
"HMAC-SHA3-256A4814",
"SHA3-256A4814",
"AES-CTRA4811",
"SHA3-384A4814",
"KDF SP800-108A4843",
"SHAKE-256A4814",
"KAS-IFC-SSCA4826",
"KAS-FFC-SSC Sp800-56Ar3A4845",
"AES-XTS Testing Revision 2.0A4811",
"AES-GMACA4822",
"PBKDFA4826",
"RSA SigVer (FIPS186-5)A4826",
"ECDSA SigVer (FIPS186-5)A4826",
"HMAC-SHA2-384A4826",
"Hash DRBGA4808",
"SHA2-512A4826",
"ECDSA KeyVer (FIPS186-5)A4826",
"AES-KWPA4811",
"HMAC-SHA3-384A4814",
"KDF ANS 9.63A4826",
"Counter DRBGA4808",
"AES-ECBA4841",
"SHA2-224A4826",
"AES-KWA4811",
"SHA3-512A4814",
"SHA2-512/224A4826",
"HMAC-SHA2-512/256A4826",
"HMAC-SHA-1A4826",
"HMAC-SHA3-224A4814",
"SHA3-224A4814",
"KDF ANS 9.42A4826",
"KAS-ECC-SSC Sp800-56Ar3A4826",
"HMAC-SHA2-256A4826",
"HMAC DRBGA4808",
"AES-CBCA4811",
"AES-CFB128A4811",
"AES-CFB1A4811",
"RSA SigVer (FIPS186-4)A4826",
"ECDSA KeyGen (FIPS186-5)A4826"
]
},
"cpe_matches": null,
"direct_transitive_cves": null,
"extracted_versions": {
"_type": "Set",
"elements": [
"9"
]
},
"indirect_transitive_cves": null,
"module_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"module_prunned_references": {
"_type": "Set",
"elements": []
},
"policy_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"policy_prunned_references": {
"_type": "Set",
"elements": []
},
"related_cves": null,
"verified_cpe_matches": null
},
"pdf_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
"keywords": {
"asymmetric_crypto": {
"ECC": {
"ECC": {
"ECC": 2
},
"ECDH": {
"ECDH": 23
},
"ECDSA": {
"ECDSA": 17
}
},
"FF": {
"DH": {
"DH": 42,
"Diffie-Hellman": 10
}
},
"RSA": {
"RSA-OAEP": 2,
"RSA-PSS": 2
}
},
"certification_process": {},
"cipher_mode": {
"CBC": {
"CBC": 4
},
"CCM": {
"CCM": 4
},
"CFB": {
"CFB": 1
},
"CTR": {
"CTR": 3
},
"ECB": {
"ECB": 5
},
"GCM": {
"GCM": 21
},
"OFB": {
"OFB": 3
},
"XTS": {
"XTS": 11
}
},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {
"OpenSSL": {
"OpenSSL": 54
}
},
"crypto_protocol": {
"IKE": {
"IKE": 5
},
"SSH": {
"SSH": 28
},
"TLS": {
"TLS": {
"TLS": 10,
"TLS 1.2": 29,
"TLS 1.3": 31
}
}
},
"crypto_scheme": {
"KA": {
"Key Agreement": 4
},
"KEX": {
"Key Exchange": 2
},
"MAC": {
"MAC": 5
}
},
"device_model": {},
"ecc_curve": {
"NIST": {
"P-224": 12,
"P-256": 14,
"P-384": 10,
"P-521": 10
}
},
"eval_facility": {
"atsec": {
"atsec": 49
}
},
"fips_cert_id": {},
"fips_certlike": {
"Certlike": {
"AES-128": 4,
"AES-192": 2,
"AES-256": 4,
"HMAC SHA- 256": 1,
"HMAC SHA-1": 2,
"HMAC SHA-224": 1,
"HMAC SHA-256": 6,
"HMAC SHA-384": 1,
"HMAC SHA-512": 1,
"HMAC SHA-512/224": 1,
"HMAC SHA-512/256": 1,
"PKCS#1": 14,
"RSA PKCS#1": 2,
"RSA2": 1,
"SHA- 224": 2,
"SHA- 256": 4,
"SHA- 384": 5,
"SHA- 512": 3,
"SHA-1": 23,
"SHA-224": 19,
"SHA-256": 33,
"SHA-3": 9,
"SHA-384": 12,
"SHA-512": 19,
"SHA3- 224": 1,
"SHA3- 256": 3,
"SHA3- 384": 9,
"SHA3- 512": 2,
"SHA3-224": 13,
"SHA3-256": 13,
"SHA3-384": 5,
"SHA3-512": 12
}
},
"fips_security_level": {
"Level": {
"Level 1": 2,
"level 1": 1
}
},
"hash_function": {
"PBKDF": {
"PBKDF2": 19
},
"SHA": {
"SHA1": {
"SHA-1": 23
},
"SHA2": {
"SHA-224": 19,
"SHA-256": 33,
"SHA-384": 12,
"SHA-512": 19
},
"SHA3": {
"SHA-3": 9,
"SHA3-224": 13,
"SHA3-256": 13,
"SHA3-384": 5,
"SHA3-512": 12
}
},
"SHAKE": {
"SHAKE128": 10,
"SHAKE256": 10
}
},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {
"PRNG": {
"DRBG": 26
}
},
"side_channel_analysis": {},
"standard_id": {
"FIPS": {
"FIPS 140-3": 62,
"FIPS 180-4": 2,
"FIPS 186-4": 3,
"FIPS 186-5": 13,
"FIPS 197": 8,
"FIPS 198-1": 1,
"FIPS 202": 3,
"FIPS PUB 140-3": 2
},
"ISO": {
"ISO/IEC 24759": 2
},
"NIST": {
"SP 800-132": 8,
"SP 800-38A": 4,
"SP 800-38B": 2,
"SP 800-38C": 2,
"SP 800-38D": 4,
"SP 800-38E": 2,
"SP 800-38F": 2,
"SP 800-90B": 2
},
"PKCS": {
"PKCS#1": 8
},
"RFC": {
"RFC 3526": 3,
"RFC 5288": 2,
"RFC 7919": 3,
"RFC 8446": 2,
"RFC8446": 2
}
},
"symmetric_crypto": {
"AES_competition": {
"AES": {
"AES": 51,
"AES-128": 4,
"AES-192": 2,
"AES-256": 4
},
"CAST": {
"CAST": 3
}
},
"constructions": {
"MAC": {
"CMAC": 6,
"HMAC": 31
}
}
},
"tee_name": {
"AMD": {
"PSP": 3
},
"IBM": {
"SSC": 2
}
},
"tls_cipher_suite": {},
"vendor": {},
"vulnerability": {}
},
"policy_metadata": {
"/CreationDate": "D:20241025211526Z00\u002700\u0027",
"/ModDate": "D:20241025211526Z00\u002700\u0027",
"/Producer": "macOS Version 14.4 (Build 23E214) Quartz PDFContext",
"pdf_file_size_bytes": 747256,
"pdf_hyperlinks": {
"_type": "Set",
"elements": [
"http://www.atsec.com/",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-90Ar1.pdf",
"https://webstore.ansi.org/standards/ascx9/ansix9632001",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-90B.pdf",
"https://www.ietf.org/rfc/rfc3526.txt",
"https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38a-add.pdf",
"https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38c.pdf",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-56Ar3.pdf",
"https://www.ietf.org/rfc/rfc7919.txt",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-38F.pdf",
"https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.140-3.pdf",
"https://www.ietf.org/rfc/rfc8446.txt",
"https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/security_hardening/assembly_installing-the-system-in-fips-mode_security-hardening#proc_installing-the-system-with-fips-mode-enabled_assembly_installing-the-system-in-fips-mode",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-56Br2.pdf",
"https://webstore.ansi.org/standards/ascx9/ansix9422001",
"https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-4.pdf",
"https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.202.pdf",
"https://csrc.nist.gov/publications/nistpubs/800-38B/SP_800-38B.pdf",
"https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.180-4.pdf",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-131Ar2.pdf",
"https://csrc.nist.gov/publications/nistpubs/800-132/nist-sp800-132.pdf",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-56Cr2.pdf",
"https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-5.pdf",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-52r2.pdf",
"https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/security_hardening/using-the-system-wide-cryptographic-policies_security-hardening#switching-the-system-to-fips-mode_using-the-system-wide-cryptographic-policies",
"https://csrc.nist.gov/Projects/cryptographic-module-validation-program/fips-140-3-ig-announcements",
"https://csrc.nist.gov/publications/nistpubs/800-38D/SP-800-38D.pdf",
"https://csrc.nist.gov/publications/nistpubs/800-38E/nist-sp-800-38E.pdf",
"https://csrc.nist.gov/publications/fips/fips197/fips-197.pdf",
"https://csrc.nist.gov/publications/nistpubs/800-38a/sp800-38a.pdf",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-108r1.pdf",
"https://www.ietf.org/rfc/rfc5288.txt",
"https://csrc.nist.gov/publications/fips/fips198-1/FIPS-198-1_final.pdf",
"https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-135r1.pdf",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-133r2.pdf",
"https://www.ietf.org/rfc/rfc3447.txt"
]
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 46
}
},
"state": {
"_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
"module_download_ok": true,
"module_extract_ok": true,
"policy_convert_garbage": false,
"policy_convert_ok": true,
"policy_download_ok": true,
"policy_extract_ok": true,
"policy_pdf_hash": "d57c2a9ddc2cb25e5cdf47b021463d2b3a4226052f3fd8be9603d28ab0f67594",
"policy_txt_hash": "57efb073b4a6848e11ddc6d1dff7cd09f513cd4f4d9eeeb7b24ca279b1b1e4b5"
},
"web_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
"caveat": "Interim validation. When operated in approved mode. When installed, initialized and configured as specified in Section 11.2 of the Security Policy. The module generates SSPs (e.g., keys) whose strengths are modified by available entropy.",
"certificate_pdf_url": null,
"date_sunset": "2026-10-28",
"description": "The Red Hat Enterprise Linux 9 - OpenSSL FIPS Provider provides a C language application program interface (API) for use by other applications that require cryptographic functionality.",
"embodiment": "Multi-Chip Stand Alone",
"exceptions": [
"Physical security: N/A",
"Non-invasive security: N/A",
"Documentation requirements: N/A",
"Cryptographic module security policy: N/A"
],
"fw_versions": null,
"historical_reason": null,
"hw_versions": null,
"level": 1,
"mentioned_certs": {},
"module_name": "Red Hat Enterprise Linux 9 - OpenSSL FIPS Provider",
"module_type": "Software",
"revoked_link": null,
"revoked_reason": null,
"standard": "FIPS 140-3",
"status": "active",
"sw_versions": "3.0.7-395c1a240fbfffd8",
"tested_conf": [
"Red Hat Enterprise Linux 9 running on Dell PowerEdge R440 with Intel(R) Xeon(R) Silver 4216 with PAA",
"Red Hat Enterprise Linux 9 running on Dell PowerEdge R440 with Intel(R) Xeon(R) Silver 4216 without PAA"
],
"validation_history": [
{
"_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
"date": "2024-10-29",
"lab": "ATSEC INFORMATION SECURITY CORP",
"validation_type": "Initial"
}
],
"vendor": "Red Hat(R), Inc.",
"vendor_url": "http://www.redhat.com"
}
}