Home / FIPS 140 / d95936051b112558
Link Link by certificate ID Link by certificate name

SUSE Linux Enterprise Libica Cryptographic Module

Certificate #4822

Webpage information ?

Status active
Validation dates 07.10.2024
Sunset date 06-10-2026
Standard FIPS 140-3
Security level 1
Type Software-Hybrid
Embodiment Multi-Chip Stand Alone
Caveat Interim validation. When operated in approved mode with module SUSE Linux Enterprise OpenSSL Cryptographic Module validated to FIPS 140-3 under Cert. #4725 operating in approved mode. When installed, initialized and configured as specified in Section 11 of the Security Policy
Exceptions
  • Non-invasive security: N/A
  • Mitigation of other attacks: N/A
  • Documentation requirements: N/A
  • Cryptographic module security policy: N/A
Description The SUSE Linux Enterprise Server Libica Cryptographic Module is a software-hybrid module that provides general purpose cryptographic algorithms to applications running in the user space of the underlying operating system through a C language application program interface (API). The module is composed by a software library, which provides the API and a subset of the cryptographic algorithms, and the Central Processor Assist for Cryptographic Functions (CPACF), which is part of the z15 processor and provides cryptographic algorithms implemented in firmware and hardware.
Version (Hardware) IBM z15
Tested configurations
  • SUSE Linux Enterprise Server 15 SP4 running on IBM z/15 with FC3863 with z15 with PAI
Vendor SUSE, LLC
References

This certificate's webpage directly references 1 certificates, transitively this expands into 1 certificates.
Webpage

Security policy ?

Security target PDF TXT

Symmetric Algorithms
AES, AES-256, AES-, CAST, DES, HMAC, CMAC
Asymmetric Algorithms
ECDH, ECDSA, ECC, Diffie-Hellman
Hash functions
SHA-1, SHA-2, SHA-3, SHA3-224, SHA3-384, SHA3-512, SHA3-256
Schemes
MAC, Key Agreement
Protocols
SSL
Randomness
DRBG, RNG
Libraries
OpenSSL
Elliptic Curves
P-256, P-384, P-521, P-224
Block cipher modes
ECB, CBC, CTR, CFB, OFB, GCM, CCM, XTS

Security level
Level 1, level 1

Standards
FIPS 140-3, FIPS197, FIPS186-4, FIPS202, FIPS180-5, FIPS198-1, FIPS 186-4, FIPS140-3, FIPS PUB 140-3, FIPS180-4, SP 800-140B, SP 800-90B, PKCS#1, ISO/IEC 24759

File metadata

Title FIPS 140-3 Non-Proprietary Security Policy
Author Alejandro Fabio Masino
Creation date D:20241001163401-05'00'
Modification date D:20241001163401-05'00'
Pages 36
Creator Microsoft® Word for Microsoft 365
Producer Microsoft® Word for Microsoft 365

References

Outgoing
  • 4725 - active - SUSE Linux Enterprise OpenSSL Cryptographic Module

Heuristics ?

No heuristics are available for this certificate.

References ?

Updates ?

  • 08.10.2024 The certificate was first processed.
    New certificate

    A new FIPS 140 certificate with the product name was processed.

Raw data 

{
  "_type": "sec_certs.sample.fips.FIPSCertificate",
  "cert_id": 4822,
  "dgst": "d95936051b112558",
  "heuristics": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
    "algorithms": {
      "_type": "Set",
      "elements": [
        "ECDSA KeyGen (FIPS186-4)A3147",
        "SHA3-256A3378",
        "AES-ECBA3378",
        "SHA2-512A3378",
        "Counter DRBGA3150",
        "SHA2-224A3378",
        "SHA3-224A3378",
        "SHA2-384A3378",
        "AES-GCMA3378",
        "AES-OFBA3378",
        "SHA2-512/224A3378",
        "AES-CBC-CS3A3378",
        "AES-CBC-CS2A3378",
        "ECDSA SigGen (FIPS186-4)A3378",
        "AES-CMACA3378",
        "AES-XTS Testing Revision 2.0A3378",
        "AES-CTRA3378",
        "AES-CFB128A3378",
        "SHAKE-256A3378",
        "ECDSA SigVer (FIPS186-4)A3378",
        "AES-GMACA3378",
        "SHA3-512A3378",
        "AES-CBCA3378",
        "SHA2-256A3378",
        "SHAKE-128A3378",
        "SHA-1A3378",
        "HMAC-SHA2-256A3147",
        "SHA3-384A3378",
        "KAS-ECC-SSC Sp800-56Ar3A3378",
        "SHA2-512/256A3378",
        "AES-CBC-CS1A3378",
        "AES-CFB8A3378",
        "RSA KeyGen (FIPS186-4)A3147",
        "AES-CCMA3378"
      ]
    },
    "cpe_matches": null,
    "direct_transitive_cves": null,
    "extracted_versions": {
      "_type": "Set",
      "elements": [
        "-"
      ]
    },
    "indirect_transitive_cves": null,
    "module_processed_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": {
        "_type": "Set",
        "elements": [
          "4725"
        ]
      },
      "indirectly_referenced_by": null,
      "indirectly_referencing": {
        "_type": "Set",
        "elements": [
          "4725"
        ]
      }
    },
    "module_prunned_references": {
      "_type": "Set",
      "elements": [
        "4725"
      ]
    },
    "policy_processed_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": {
        "_type": "Set",
        "elements": [
          "4725"
        ]
      },
      "indirectly_referenced_by": null,
      "indirectly_referencing": {
        "_type": "Set",
        "elements": [
          "4725"
        ]
      }
    },
    "policy_prunned_references": {
      "_type": "Set",
      "elements": [
        "4725"
      ]
    },
    "related_cves": null,
    "verified_cpe_matches": null
  },
  "pdf_data": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
    "keywords": {
      "asymmetric_crypto": {
        "ECC": {
          "ECC": {
            "ECC": 5
          },
          "ECDH": {
            "ECDH": 4
          },
          "ECDSA": {
            "ECDSA": 35
          }
        },
        "FF": {
          "DH": {
            "Diffie-Hellman": 8
          }
        }
      },
      "certification_process": {},
      "cipher_mode": {
        "CBC": {
          "CBC": 4
        },
        "CCM": {
          "CCM": 4
        },
        "CFB": {
          "CFB": 2
        },
        "CTR": {
          "CTR": 3
        },
        "ECB": {
          "ECB": 3
        },
        "GCM": {
          "GCM": 12
        },
        "OFB": {
          "OFB": 3
        },
        "XTS": {
          "XTS": 9
        }
      },
      "cplc_data": {},
      "crypto_engine": {},
      "crypto_library": {
        "OpenSSL": {
          "OpenSSL": 32
        }
      },
      "crypto_protocol": {
        "TLS": {
          "SSL": {
            "SSL": 1
          }
        }
      },
      "crypto_scheme": {
        "KA": {
          "Key Agreement": 1
        },
        "MAC": {
          "MAC": 10
        }
      },
      "device_model": {},
      "ecc_curve": {
        "NIST": {
          "P-224": 2,
          "P-256": 14,
          "P-384": 10,
          "P-521": 10
        }
      },
      "eval_facility": {
        "atsec": {
          "atsec": 38
        }
      },
      "fips_cert_id": {
        "Cert": {
          "#4725": 1
        }
      },
      "fips_certlike": {
        "Certlike": {
          "AES key 128, 192": 1,
          "AES-256": 2,
          "PKCS#1": 2,
          "SHA- 1": 1,
          "SHA-1": 7,
          "SHA-2": 3,
          "SHA-3": 7,
          "SHA2- 224": 2,
          "SHA2- 256": 1,
          "SHA2- 384": 1,
          "SHA2-224": 3,
          "SHA2-256": 10,
          "SHA2-384": 4,
          "SHA2-512": 6,
          "SHA3- 256": 1,
          "SHA3-224": 3,
          "SHA3-256": 3,
          "SHA3-384": 3,
          "SHA3-512": 3
        }
      },
      "fips_security_level": {
        "Level": {
          "Level 1": 1,
          "level 1": 2
        }
      },
      "hash_function": {
        "SHA": {
          "SHA1": {
            "SHA-1": 7
          },
          "SHA2": {
            "SHA-2": 3
          },
          "SHA3": {
            "SHA-3": 7,
            "SHA3-224": 3,
            "SHA3-256": 3,
            "SHA3-384": 3,
            "SHA3-512": 3
          }
        }
      },
      "ic_data_group": {},
      "javacard_api_const": {},
      "javacard_packages": {},
      "javacard_version": {},
      "os_name": {},
      "pq_crypto": {},
      "randomness": {
        "PRNG": {
          "DRBG": 35
        },
        "RNG": {
          "RNG": 3
        }
      },
      "side_channel_analysis": {},
      "standard_id": {
        "FIPS": {
          "FIPS 140-3": 48,
          "FIPS 186-4": 4,
          "FIPS PUB 140-3": 1,
          "FIPS140-3": 1,
          "FIPS180-4": 1,
          "FIPS180-5": 2,
          "FIPS186-4": 5,
          "FIPS197": 9,
          "FIPS198-1": 2,
          "FIPS202": 2
        },
        "ISO": {
          "ISO/IEC 24759": 2
        },
        "NIST": {
          "SP 800-140B": 1,
          "SP 800-90B": 1
        },
        "PKCS": {
          "PKCS#1": 1
        }
      },
      "symmetric_crypto": {
        "AES_competition": {
          "AES": {
            "AES": 57,
            "AES-": 4,
            "AES-256": 2
          },
          "CAST": {
            "CAST": 1
          }
        },
        "DES": {
          "DES": {
            "DES": 1
          }
        },
        "constructions": {
          "MAC": {
            "CMAC": 7,
            "HMAC": 10
          }
        }
      },
      "tee_name": {},
      "tls_cipher_suite": {},
      "vendor": {},
      "vulnerability": {}
    },
    "policy_metadata": {
      "/Author": "Alejandro Fabio Masino",
      "/CreationDate": "D:20241001163401-05\u002700\u0027",
      "/Creator": "Microsoft\u00ae Word for Microsoft 365",
      "/ModDate": "D:20241001163401-05\u002700\u0027",
      "/Producer": "Microsoft\u00ae Word for Microsoft 365",
      "/Title": "FIPS 140-3 Non-Proprietary Security Policy",
      "pdf_file_size_bytes": 599910,
      "pdf_hyperlinks": {
        "_type": "Set",
        "elements": [
          "https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?validation=35987",
          "https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-90Ar1.pdf",
          "https://documentation.suse.com/sle-micro/5.3/single-html/SLE-Micro-security/#sec-fips-slemicro-install",
          "https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38a.pdf",
          "https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-131Ar2.pdf",
          "https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-140B.pdf",
          "https://csrc.nist.gov/publications/fips/fips198-1/FIPS-198-1_final.pdf",
          "https://csrc.nist.gov/projects/cryptographic-module-validation-program/entropy-validations/certificate/29",
          "https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38a-add.pdf",
          "https://csrc.nist.gov/csrc/media/Projects/cryptographic-module-validation-program/documents/fips%20140-3/FIPS-140-3-CMVP%20Management%20Manual.pdf",
          "https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-135r1.pdf",
          "https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?validation=35988",
          "https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-133r2.pdf",
          "https://csrc.nist.gov/publications/fips/fips197/fips-197.pdf",
          "https://www.ietf.org/rfc/rfc3447.txt",
          "https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-56Ar3.pdf",
          "https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-90B.pdf",
          "https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38c.pdf",
          "https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?validation=35757",
          "https://csrc.nist.gov/csrc/media/Projects/cryptographic-module-validation-program/documents/fips%20140-3/FIPS%20140-3%20IG.pdf",
          "https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?validation=35760",
          "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4725",
          "https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38d.pdf",
          "https://doi.org/10.6028/NIST.FIPS.140-3",
          "https://csrc.nist.gov/projects/cryptographic-module-validation-program/entropy-validations/certificate/28",
          "https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.180-4.pdf",
          "https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-4.pdf",
          "https://documentation.suse.com/smart/linux/html/concept-bci/index.html",
          "https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-38B.pdf",
          "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4725.pdf",
          "https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-57pt1r5.pdf",
          "https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.202.pdf",
          "https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38e.pdf"
        ]
      },
      "pdf_is_encrypted": false,
      "pdf_number_of_pages": 36
    }
  },
  "state": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
    "module_download_ok": true,
    "module_extract_ok": true,
    "policy_convert_garbage": false,
    "policy_convert_ok": true,
    "policy_download_ok": true,
    "policy_extract_ok": true,
    "policy_pdf_hash": "7d8bb02ff9a04ca4c5e7a15fc244c28d7ebb3bed886ff58970700e079c482662",
    "policy_txt_hash": "e0c9b4f7b94d9c5951e469b8e22e9a47dd855232ca0941947c83548cda938870"
  },
  "web_data": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
    "caveat": "Interim validation. When operated in approved mode with module SUSE Linux Enterprise OpenSSL Cryptographic Module validated to FIPS 140-3 under Cert. #4725 operating in approved mode. When installed, initialized and configured as specified in Section 11 of the Security Policy",
    "certificate_pdf_url": null,
    "date_sunset": "2026-10-06",
    "description": "The SUSE Linux Enterprise Server Libica Cryptographic Module is a software-hybrid module that provides general purpose cryptographic algorithms to applications running in the user space of the underlying operating system through a C language application program interface (API). The module is composed by a software library, which provides the API and a subset of the cryptographic algorithms, and the Central Processor Assist for Cryptographic Functions (CPACF), which is part of the z15 processor and provides cryptographic algorithms implemented in firmware and hardware.",
    "embodiment": "Multi-Chip Stand Alone",
    "exceptions": [
      "Non-invasive security: N/A",
      "Mitigation of other attacks: N/A",
      "Documentation requirements: N/A",
      "Cryptographic module security policy: N/A"
    ],
    "fw_versions": null,
    "historical_reason": null,
    "hw_versions": "IBM z15",
    "level": 1,
    "mentioned_certs": {
      "4725": 1
    },
    "module_name": "SUSE Linux Enterprise Libica Cryptographic Module",
    "module_type": "Software-Hybrid",
    "revoked_link": null,
    "revoked_reason": null,
    "standard": "FIPS 140-3",
    "status": "active",
    "sw_versions": "1.1",
    "tested_conf": [
      "SUSE Linux Enterprise Server 15 SP4 running on IBM z/15 with FC3863 with z15 with PAI"
    ],
    "validation_history": [
      {
        "_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
        "date": "2024-10-07",
        "lab": "ATSEC INFORMATION SECURITY CORP",
        "validation_type": "Initial"
      }
    ],
    "vendor": "SUSE, LLC",
    "vendor_url": "http://www.suse.com"
  }
}