This page was not yet optimized for use on mobile devices.
Red Hat Enterprise Linux 9 - OpenSSL FIPS Provider
Certificate #4857
Webpage information ?
Security policy ?
Symmetric Algorithms
AES, AES-128, AES-192, AES-256, CAST, HMAC, CMACAsymmetric Algorithms
RSA-PSS, RSA-OAEP, ECDH, ECDSA, ECC, DH, Diffie-HellmanHash functions
SHA-1, SHA-224, SHA-256, SHA-384, SHA-512, SHA-3, SHA3-224, SHA3-256, SHA3-512, SHA3-384, SHAKE128, SHAKE256, PBKDF2Schemes
MAC, Key Exchange, Key AgreementProtocols
SSH, TLS 1.2, TLS 1.3, TLS, IKERandomness
DRBGLibraries
OpenSSLElliptic Curves
P-224, P-256, P-384, P-521Block cipher modes
ECB, CBC, CTR, CFB, OFB, GCM, CCM, XTSTrusted Execution Environments
PSP, SSCSecurity level
Level 1, level 1Standards
FIPS 140-3, FIPS PUB 140-3, FIPS 180-4, FIPS 202, FIPS 197, FIPS 186-5, FIPS 186-4, FIPS 198-1, SP 800-132, SP 800-38A, SP 800-38C, SP 800-38F, SP 800-38E, SP 800-38B, SP 800-38D, SP 800-90B, PKCS#1, RFC 8446, RFC 3526, RFC 7919, RFC 5288, RFC8446, ISO/IEC 24759File metadata
| Creation date | D:20250228091319Z00'00' |
|---|---|
| Modification date | D:20250228091319Z00'00' |
| Pages | 47 |
| Producer | macOS Version 15.2 (Build 24C101) Quartz PDFContext |
Heuristics ?
No heuristics are available for this certificate.
References ?
No references are available for this certificate.
Updates ?
-
04.04.2025 The certificate data changed.
Certificate changed
The PDF extraction data was updated.
- The keywords property was updated, with the
{'eval_facility': {'__update__': {'atsec': {'__update__': {'atsec': 50}}}}, 'crypto_library': {'__update__': {'OpenSSL': {'__update__': {'OpenSSL': 55}}}}, 'standard_id': {'__update__': {'FIPS': {'__update__': {'FIPS 140-3': 63}}}}}data. - The policy_metadata property was updated, with the
{'pdf_file_size_bytes': 748578, 'pdf_number_of_pages': 47, '/Producer': 'macOS Version 15.2 (Build 24C101) Quartz PDFContext', '/CreationDate': "D:20250228091319Z00'00'", '/ModDate': "D:20250228091319Z00'00'"}data.
The state was updated.
- The policy_pdf_hash property was set to
f8813a1f9250a24ac7c95d5a1e0d81e720563f3849a51140340c77ac4118a571. - The policy_txt_hash property was set to
e6807cfa55ada41ff8f6156a93947d7d0c9135f8aa87e64cfad8095baf9530fb.
- The keywords property was updated, with the
-
24.02.2025 The certificate data changed.
Certificate changed
The web extraction data was updated.
- The exceptions property was updated.
-
12.11.2024 The certificate was first processed.
New certificate
A new FIPS 140 certificate with the product name Red Hat Enterprise Linux 9 - OpenSSL FIPS Provider was processed.
Raw data
{
"_type": "sec_certs.sample.fips.FIPSCertificate",
"cert_id": 4857,
"dgst": "f1ef71e794551289",
"heuristics": {
"_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
"algorithms": {
"_type": "Set",
"elements": [
"AES-CBC-CS2A4811",
"RSA SigVer (FIPS186-5)A4826",
"HMAC-SHA2-384A4826",
"TLS v1.3 KDFA4807",
"AES-OFBA4811",
"KDF ANS 9.42A4826",
"AES-CTRA4811",
"Hash DRBGA4808",
"KDF ANS 9.63A4826",
"AES-KWPA4811",
"HMAC-SHA2-512A4826",
"RSA KeyGen (FIPS186-5)A4826",
"AES-KWA4811",
"AES-CFB128A4811",
"KAS-FFC-SSC Sp800-56Ar3A4845",
"AES-CBC-CS3A4811",
"AES-GMACA4822",
"KDF SSHA4841",
"HMAC-SHA2-256A4826",
"KDA OneStep SP800-56Cr2A4844",
"AES-XTS Testing Revision 2.0A4811",
"AES-CBC-CS1A4811",
"RSA SigVer (FIPS186-4)A4826",
"Counter DRBGA4808",
"ECDSA SigGen (FIPS186-5)A4826",
"AES-CMACA4811",
"AES-CBCA4811",
"SHA2-256A4826",
"HMAC DRBGA4808",
"SHA3-512A4814",
"ECDSA KeyVer (FIPS186-5)A4826",
"RSA SigGen (FIPS186-5)A4826",
"SHA3-256A4814",
"AES-GCMA4822",
"Safe Primes Key GenerationA4845",
"SHA2-384A4826",
"HMAC-SHA3-256A4814",
"SHA2-512/224A4826",
"Safe Primes Key VerificationA4845",
"KAS-IFC-SSCA4826",
"AES-CFB1A4811",
"SHAKE-256A4814",
"SHA-1A4826",
"AES-CCMA4811",
"KTS-IFCA4826",
"SHA3-384A4814",
"HMAC-SHA3-512A4814",
"ECDSA KeyGen (FIPS186-5)A4826",
"KDA HKDF Sp800-56Cr1A4807",
"AES-ECBA4841",
"SHA2-512A4826",
"SHAKE-128A4814",
"HMAC-SHA3-384A4814",
"HMAC-SHA2-224A4826",
"KAS-ECC-SSC Sp800-56Ar3A4826",
"ECDSA SigVer (FIPS186-5)A4826",
"TLS v1.2 KDF RFC7627A4826",
"AES-CFB8A4811",
"SHA3-224A4814",
"KDF SP800-108A4843",
"HMAC-SHA2-512/256A4826",
"HMAC-SHA-1A4826",
"HMAC-SHA2-512/224A4826",
"SHA2-512/256A4826",
"SHA2-224A4826",
"PBKDFA4826",
"HMAC-SHA3-224A4814"
]
},
"cpe_matches": null,
"direct_transitive_cves": null,
"extracted_versions": {
"_type": "Set",
"elements": [
"9"
]
},
"indirect_transitive_cves": null,
"module_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"module_prunned_references": {
"_type": "Set",
"elements": []
},
"policy_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"policy_prunned_references": {
"_type": "Set",
"elements": []
},
"related_cves": null,
"verified_cpe_matches": null
},
"pdf_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
"keywords": {
"asymmetric_crypto": {
"ECC": {
"ECC": {
"ECC": 2
},
"ECDH": {
"ECDH": 23
},
"ECDSA": {
"ECDSA": 17
}
},
"FF": {
"DH": {
"DH": 42,
"Diffie-Hellman": 10
}
},
"RSA": {
"RSA-OAEP": 2,
"RSA-PSS": 2
}
},
"certification_process": {},
"cipher_mode": {
"CBC": {
"CBC": 4
},
"CCM": {
"CCM": 4
},
"CFB": {
"CFB": 1
},
"CTR": {
"CTR": 3
},
"ECB": {
"ECB": 5
},
"GCM": {
"GCM": 21
},
"OFB": {
"OFB": 3
},
"XTS": {
"XTS": 11
}
},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {
"OpenSSL": {
"OpenSSL": 55
}
},
"crypto_protocol": {
"IKE": {
"IKE": 5
},
"SSH": {
"SSH": 28
},
"TLS": {
"TLS": {
"TLS": 10,
"TLS 1.2": 29,
"TLS 1.3": 31
}
}
},
"crypto_scheme": {
"KA": {
"Key Agreement": 4
},
"KEX": {
"Key Exchange": 2
},
"MAC": {
"MAC": 5
}
},
"device_model": {},
"ecc_curve": {
"NIST": {
"P-224": 12,
"P-256": 14,
"P-384": 10,
"P-521": 10
}
},
"eval_facility": {
"atsec": {
"atsec": 50
}
},
"fips_cert_id": {},
"fips_certlike": {
"Certlike": {
"AES-128": 4,
"AES-192": 2,
"AES-256": 4,
"HMAC SHA- 256": 1,
"HMAC SHA-1": 2,
"HMAC SHA-224": 1,
"HMAC SHA-256": 6,
"HMAC SHA-384": 1,
"HMAC SHA-512": 1,
"HMAC SHA-512/224": 1,
"HMAC SHA-512/256": 1,
"PKCS#1": 14,
"RSA PKCS#1": 2,
"RSA2": 1,
"SHA- 224": 2,
"SHA- 256": 4,
"SHA- 384": 5,
"SHA- 512": 3,
"SHA-1": 23,
"SHA-224": 19,
"SHA-256": 33,
"SHA-3": 9,
"SHA-384": 12,
"SHA-512": 19,
"SHA3- 224": 1,
"SHA3- 256": 3,
"SHA3- 384": 9,
"SHA3- 512": 2,
"SHA3-224": 13,
"SHA3-256": 13,
"SHA3-384": 5,
"SHA3-512": 12
}
},
"fips_security_level": {
"Level": {
"Level 1": 2,
"level 1": 1
}
},
"hash_function": {
"PBKDF": {
"PBKDF2": 19
},
"SHA": {
"SHA1": {
"SHA-1": 23
},
"SHA2": {
"SHA-224": 19,
"SHA-256": 33,
"SHA-384": 12,
"SHA-512": 19
},
"SHA3": {
"SHA-3": 9,
"SHA3-224": 13,
"SHA3-256": 13,
"SHA3-384": 5,
"SHA3-512": 12
}
},
"SHAKE": {
"SHAKE128": 10,
"SHAKE256": 10
}
},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {
"PRNG": {
"DRBG": 26
}
},
"side_channel_analysis": {},
"standard_id": {
"FIPS": {
"FIPS 140-3": 63,
"FIPS 180-4": 2,
"FIPS 186-4": 3,
"FIPS 186-5": 13,
"FIPS 197": 8,
"FIPS 198-1": 1,
"FIPS 202": 3,
"FIPS PUB 140-3": 2
},
"ISO": {
"ISO/IEC 24759": 2
},
"NIST": {
"SP 800-132": 8,
"SP 800-38A": 4,
"SP 800-38B": 2,
"SP 800-38C": 2,
"SP 800-38D": 4,
"SP 800-38E": 2,
"SP 800-38F": 2,
"SP 800-90B": 2
},
"PKCS": {
"PKCS#1": 8
},
"RFC": {
"RFC 3526": 3,
"RFC 5288": 2,
"RFC 7919": 3,
"RFC 8446": 2,
"RFC8446": 2
}
},
"symmetric_crypto": {
"AES_competition": {
"AES": {
"AES": 51,
"AES-128": 4,
"AES-192": 2,
"AES-256": 4
},
"CAST": {
"CAST": 3
}
},
"constructions": {
"MAC": {
"CMAC": 6,
"HMAC": 31
}
}
},
"tee_name": {
"AMD": {
"PSP": 3
},
"IBM": {
"SSC": 2
}
},
"tls_cipher_suite": {},
"vendor": {},
"vulnerability": {}
},
"policy_metadata": {
"/CreationDate": "D:20250228091319Z00\u002700\u0027",
"/ModDate": "D:20250228091319Z00\u002700\u0027",
"/Producer": "macOS Version 15.2 (Build 24C101) Quartz PDFContext",
"pdf_file_size_bytes": 748578,
"pdf_hyperlinks": {
"_type": "Set",
"elements": [
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-56Br2.pdf",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-90B.pdf",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-52r2.pdf",
"https://www.ietf.org/rfc/rfc8446.txt",
"https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/security_hardening/assembly_installing-the-system-in-fips-mode_security-hardening#proc_installing-the-system-with-fips-mode-enabled_assembly_installing-the-system-in-fips-mode",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-56Cr2.pdf",
"https://csrc.nist.gov/publications/nistpubs/800-38B/SP_800-38B.pdf",
"https://www.ietf.org/rfc/rfc3526.txt",
"https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.140-3.pdf",
"https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.180-4.pdf",
"https://csrc.nist.gov/Projects/cryptographic-module-validation-program/fips-140-3-ig-announcements",
"https://www.ietf.org/rfc/rfc7919.txt",
"https://www.ietf.org/rfc/rfc5288.txt",
"https://csrc.nist.gov/publications/nistpubs/800-132/nist-sp800-132.pdf",
"https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38a-add.pdf",
"https://csrc.nist.gov/publications/nistpubs/800-38E/nist-sp-800-38E.pdf",
"https://webstore.ansi.org/standards/ascx9/ansix9632001",
"https://csrc.nist.gov/publications/fips/fips198-1/FIPS-198-1_final.pdf",
"https://csrc.nist.gov/publications/nistpubs/800-38D/SP-800-38D.pdf",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-90Ar1.pdf",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-108r1.pdf",
"https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/security_hardening/using-the-system-wide-cryptographic-policies_security-hardening#switching-the-system-to-fips-mode_using-the-system-wide-cryptographic-policies",
"https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38c.pdf",
"https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-4.pdf",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-133r2.pdf",
"https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-5.pdf",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-56Ar3.pdf",
"https://webstore.ansi.org/standards/ascx9/ansix9422001",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-38F.pdf",
"https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-135r1.pdf",
"https://csrc.nist.gov/publications/nistpubs/800-38a/sp800-38a.pdf",
"https://csrc.nist.gov/publications/fips/fips197/fips-197.pdf",
"https://www.ietf.org/rfc/rfc3447.txt",
"https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.202.pdf",
"http://www.atsec.com/",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-131Ar2.pdf"
]
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 47
}
},
"state": {
"_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
"module_download_ok": true,
"module_extract_ok": true,
"policy_convert_garbage": false,
"policy_convert_ok": true,
"policy_download_ok": true,
"policy_extract_ok": true,
"policy_pdf_hash": "f8813a1f9250a24ac7c95d5a1e0d81e720563f3849a51140340c77ac4118a571",
"policy_txt_hash": "e6807cfa55ada41ff8f6156a93947d7d0c9135f8aa87e64cfad8095baf9530fb"
},
"web_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
"caveat": "Interim validation. When operated in approved mode. When installed, initialized and configured as specified in Section 11.2 of the Security Policy. The module generates SSPs (e.g., keys) whose strengths are modified by available entropy.",
"certificate_pdf_url": null,
"date_sunset": "2026-10-28",
"description": "The Red Hat Enterprise Linux 9 - OpenSSL FIPS Provider provides a C language application program interface (API) for use by other applications that require cryptographic functionality.",
"embodiment": "Multi-Chip Stand Alone",
"exceptions": [
"Physical security: N/A",
"Non-invasive security: N/A"
],
"fw_versions": null,
"historical_reason": null,
"hw_versions": null,
"level": 1,
"mentioned_certs": {},
"module_name": "Red Hat Enterprise Linux 9 - OpenSSL FIPS Provider",
"module_type": "Software",
"revoked_link": null,
"revoked_reason": null,
"standard": "FIPS 140-3",
"status": "active",
"sw_versions": "3.0.7-395c1a240fbfffd8",
"tested_conf": [
"Red Hat Enterprise Linux 9 running on Dell PowerEdge R440 with Intel(R) Xeon(R) Silver 4216 with PAA",
"Red Hat Enterprise Linux 9 running on Dell PowerEdge R440 with Intel(R) Xeon(R) Silver 4216 without PAA"
],
"validation_history": [
{
"_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
"date": "2024-10-29",
"lab": "ATSEC INFORMATION SECURITY CORP",
"validation_type": "Initial"
}
],
"vendor": "Red Hat(R), Inc.",
"vendor_url": "http://www.redhat.com"
}
}