This page was not yet optimized for use on mobile devices.
Red Hat Enterprise Linux 8 Kernel Cryptographic API
Certificate #4804
Webpage information ?
Security policy ?
Symmetric Algorithms
AES, AES-, CAST, HMAC, CMACHash functions
SHA-1, SHA-256, SHA-512, SHA512, SHA-3, SHA3-224, SHA3-256, SHA3-384, SHA3-512, PBKDF2Schemes
MACProtocols
IKEv2, IPsecRandomness
DRBG, RNG, RBGBlock cipher modes
ECB, CBC, CTR, CFB, GCM, CCM, XTSSecurity level
Level 1Side-channel analysis
Fault InductionStandards
FIPS 140-3, FIPS PUB 140-3, FIPS 198-1, FIPS186-4, FIPS 186-4, FIPS 180-4, FIPS 202, FIPS 186-5, SP 800-38A, SP 800-38C, SP 800-38B, SP 800-38D, SP 800-38E, SP 800-90A, PKCS#1, RFC 4106, RFC 7296File metadata
| Creation date | D:20240916170426Z00'00' |
|---|---|
| Modification date | D:20240916170426Z00'00' |
| Pages | 66 |
| Producer | macOS Version 14.6.1 (Build 23G93) Quartz PDFContext |
Heuristics ?
No heuristics are available for this certificate.
References ?
No references are available for this certificate.
Updates ?
-
14.10.2024 The certificate data changed.
Certificate changed
The web extraction data was updated.
- The certificate_pdf_url property was set to
https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/September 2024_011024_0217.pdf.
- The certificate_pdf_url property was set to
-
01.10.2024 The certificate was first processed.
New certificate
A new FIPS 140 certificate with the product name was processed.
Raw data
{
"_type": "sec_certs.sample.fips.FIPSCertificate",
"cert_id": 4804,
"dgst": "dcbff8f66de95d7c",
"heuristics": {
"_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
"algorithms": {
"_type": "Set",
"elements": [
"SHA2-224A3664",
"HMAC-SHA2-384A3664",
"SHA3-224A3649",
"AES-CTRA3657",
"AES-GCMA3659",
"AES-XTS Testing Revision 2.0A3657",
"HMAC-SHA2-256A3664",
"AES-CFB128A3660",
"AES-CBC-CS3A3661",
"Counter DRBGA3659",
"SHA-1A3664",
"Hash DRBGA3664",
"HMAC-SHA2-224A3664",
"AES-CBCA3657",
"AES-ECBA3659",
"AES-CMACA3657",
"AES-CCMA3657",
"HMAC-SHA-1A3664",
"HMAC-SHA3-224A3649",
"SHA2-256A3664",
"SHA3-512A3649",
"SHA2-384A3664",
"RSA SigVer (FIPS186-4)A3664",
"SHA3-384A3649",
"HMAC-SHA3-512A3649",
"HMAC-SHA3-384A3649",
"HMAC DRBGA3664",
"AES-GMACA3657",
"HMAC-SHA2-512A3664",
"SHA2-512A3664",
"HMAC-SHA3-256A3649",
"SHA3-256A3649"
]
},
"cpe_matches": null,
"direct_transitive_cves": null,
"extracted_versions": {
"_type": "Set",
"elements": [
"8"
]
},
"indirect_transitive_cves": null,
"module_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"module_prunned_references": {
"_type": "Set",
"elements": []
},
"policy_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"policy_prunned_references": {
"_type": "Set",
"elements": []
},
"related_cves": null,
"verified_cpe_matches": null
},
"pdf_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
"keywords": {
"asymmetric_crypto": {},
"certification_process": {},
"cipher_mode": {
"CBC": {
"CBC": 1
},
"CCM": {
"CCM": 2
},
"CFB": {
"CFB": 1
},
"CTR": {
"CTR": 1
},
"ECB": {
"ECB": 1
},
"GCM": {
"GCM": 15
},
"XTS": {
"XTS": 11
}
},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {},
"crypto_protocol": {
"IKE": {
"IKEv2": 1
},
"IPsec": {
"IPsec": 7
}
},
"crypto_scheme": {
"MAC": {
"MAC": 11
}
},
"device_model": {},
"ecc_curve": {},
"eval_facility": {
"atsec": {
"atsec": 68
}
},
"fips_cert_id": {},
"fips_certlike": {
"Certlike": {
"HMAC- SHA-1": 4,
"HMAC-SHA-1": 36,
"PKCS#1": 10,
"SHA- 256": 5,
"SHA- 512": 2,
"SHA-1": 20,
"SHA-256": 27,
"SHA-3": 6,
"SHA-512": 1,
"SHA2-224": 18,
"SHA2-256": 18,
"SHA2-384": 18,
"SHA2-512": 20,
"SHA3-224": 5,
"SHA3-256": 4,
"SHA3-384": 5,
"SHA3-512": 4,
"SHA512": 12
}
},
"fips_security_level": {
"Level": {
"Level 1": 3
}
},
"hash_function": {
"PBKDF": {
"PBKDF2": 2
},
"SHA": {
"SHA1": {
"SHA-1": 20
},
"SHA2": {
"SHA-256": 27,
"SHA-512": 1,
"SHA512": 12
},
"SHA3": {
"SHA-3": 6,
"SHA3-224": 5,
"SHA3-256": 4,
"SHA3-384": 5,
"SHA3-512": 4
}
}
},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {
"PRNG": {
"DRBG": 164
},
"RNG": {
"RBG": 2,
"RNG": 1
}
},
"side_channel_analysis": {
"FI": {
"Fault Induction": 2
}
},
"standard_id": {
"FIPS": {
"FIPS 140-3": 6,
"FIPS 180-4": 21,
"FIPS 186-4": 7,
"FIPS 186-5": 2,
"FIPS 198-1": 25,
"FIPS 202": 5,
"FIPS PUB 140-3": 2,
"FIPS186-4": 18
},
"NIST": {
"SP 800-38A": 20,
"SP 800-38B": 3,
"SP 800-38C": 3,
"SP 800-38D": 12,
"SP 800-38E": 5,
"SP 800-90A": 33
},
"PKCS": {
"PKCS#1": 5
},
"RFC": {
"RFC 4106": 2,
"RFC 7296": 1
}
},
"symmetric_crypto": {
"AES_competition": {
"AES": {
"AES": 67,
"AES-": 1
},
"CAST": {
"CAST": 235
}
},
"constructions": {
"MAC": {
"CMAC": 2,
"HMAC": 66
}
}
},
"tee_name": {},
"tls_cipher_suite": {},
"vendor": {},
"vulnerability": {}
},
"policy_metadata": {
"/CreationDate": "D:20240916170426Z00\u002700\u0027",
"/ModDate": "D:20240916170426Z00\u002700\u0027",
"/Producer": "macOS Version 14.6.1 (Build 23G93) Quartz PDFContext",
"pdf_file_size_bytes": 780022,
"pdf_hyperlinks": {
"_type": "Set",
"elements": [
"https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.180-4.pdf",
"https://csrc.nist.gov/publications/nistpubs/800-38E/nist-sp-800-38E.pdf",
"https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-4.pdf",
"https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-5.pdf",
"https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/security_hardening/assembly_installing-the-system-in-fips-mode_security-hardening#proc_installing-the-system-with-fips-mode-enabled_assembly_installing-the-system-in-fips-mode",
"https://csrc.nist.gov/Projects/cryptographic-module-validation-program/fips-140-3-ig-announcements",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-90Ar1.pdf",
"https://www.ietf.org/rfc/rfc3447.txt",
"https://csrc.nist.gov/publications/fips/fips198-1/FIPS-198-1_final.pdf",
"http://www.atsec.com/",
"https://csrc.nist.gov/publications/nistpubs/800-38B/SP_800-38B.pdf",
"https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.202.pdf",
"https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/security_hardening/using-the-system-wide-cryptographic-policies_security-hardening#switching-the-system-to-fips-mode_using-the-system-wide-cryptographic-policies",
"https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.140-3.pdf",
"https://csrc.nist.gov/publications/nistpubs/800-38a/sp800-38a.pdf",
"https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38c.pdf"
]
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 66
}
},
"state": {
"_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
"module_download_ok": true,
"module_extract_ok": true,
"policy_convert_garbage": false,
"policy_convert_ok": true,
"policy_download_ok": true,
"policy_extract_ok": true,
"policy_pdf_hash": "a3a024cd507caff290d6842b45ede5d0af0c9d42067af0f336f8d6270b52d3f2",
"policy_txt_hash": "db87fb98f765e1f5a21f822512ae6992a453bdcd94a8e47d84298abd5aff590e"
},
"web_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
"caveat": "Interim validation. When operated in approved mode. When installed, initialized and configured as specified in section 11 of the Security Policy. The module generates random strings whose strengths are modified by available entropy.",
"certificate_pdf_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/September 2024_011024_0217.pdf",
"date_sunset": "2026-09-18",
"description": "The Red Hat Enterprise Linux 8 Kernel Cryptographic API provides a C language API for use by other (kernel space and user space) processes that require cryptographic functionality",
"embodiment": "Multi-Chip Stand Alone",
"exceptions": [
"Physical security: N/A",
"Non-invasive security: N/A",
"Mitigation of other attacks: N/A",
"Documentation requirements: N/A",
"Cryptographic module security policy: N/A"
],
"fw_versions": null,
"historical_reason": null,
"hw_versions": null,
"level": 1,
"mentioned_certs": {},
"module_name": "Red Hat Enterprise Linux 8 Kernel Cryptographic API",
"module_type": "Software",
"revoked_link": null,
"revoked_reason": null,
"standard": "FIPS 140-3",
"status": "active",
"sw_versions": "4.18.0-372.52.1.el8_6; libkcapi 1.2.0-2.el8",
"tested_conf": [
"Red Hat Enterprise Linux 8 running on Dell PowerEdge R440 with Intel Xeon Silver 4216 with PAA",
"Red Hat Enterprise Linux 8 running on Dell PowerEdge R440 with Intel Xeon Silver 4216 without PAA"
],
"validation_history": [
{
"_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
"date": "2024-09-19",
"lab": "ATSEC INFORMATION SECURITY CORP",
"validation_type": "Initial"
}
],
"vendor": "Red Hat(R), Inc.",
"vendor_url": "http://www.redhat.com"
}
}