Cryptographic Algorithm Validation Program CAVP

Description
Amazon Linux 2 libgcrypt Crypto Module is a general purpose cryptographic library designed to provide FIPS 140-2 validated cryptographic functionality for the applications running on Amazon Linux 2.
Version
1.0
Type
SOFTWARE
Vendor
Amazon Web Services, Inc.
1918 8th Ave
Seattle, WA 98101
USA
Contacts
Samartha Chandrashekar
amazon-linux-fips-external@amazon.com
Raghuram Kota
amazon-linux-fips-external@amazon.com

Validations

Number
Date
Operating Environments
Algorithm Capabilities
C693
5/8/2019
  • Amazon Linux 2 on Intel (R) Xeon (R) E5-2686
    • software
    • processor
      • manufacturer: Intel
  • AES-CBC
    • Direction: Decrypt, Encrypt
    • Key Length: 128, 192, 256
  • AES-CFB128
    • Direction: Decrypt, Encrypt
    • Key Length: 128, 192, 256
  • AES-CTR
    • Direction: Encrypt
    • Key Length: 128, 192, 256
  • AES-ECB
    • Direction: Decrypt, Encrypt
    • Key Length: 128, 192, 256
  • AES-OFB
    • Direction: Decrypt, Encrypt
    • Key Length: 128, 192, 256
  • Counter DRBG
    • Prediction Resistance: Yes
    • Supports Reseed
      • Capabilities:
        • Mode: AES-128
        • Derivation Function Enabled: Yes
        • Additional Input: 0-128
        • Entropy Input: 128
        • Nonce: 64
        • Personalization String Length: 0-128
        • Returned Bits: 512
      • Capabilities:
        • Mode: AES-192
        • Derivation Function Enabled: Yes
        • Additional Input: 0-256
        • Entropy Input: 192
        • Nonce: 128
        • Personalization String Length: 0-256
        • Returned Bits: 512
      • Capabilities:
        • Mode: AES-256
        • Derivation Function Enabled: Yes
        • Additional Input: 0-256
        • Entropy Input: 256
        • Nonce: 128
        • Personalization String Length: 0-256
        • Returned Bits: 512
    Prerequisites:
  • DSA KeyGen (186-4)
      • Capabilities:
        • L: 2048
        • N: 224
      • Capabilities:
        • L: 2048
        • N: 256
      • Capabilities:
        • L: 3072
        • N: 256
    Prerequisites:
  • DSA PQGGen (186-4)
      • Capabilities:
        • P/Q Generation Methods: Probable
        • G Generation Methods: Unverifiable
        • L: 2048
        • N: 224
        • Hash Algorithm: SHA2-224
      • Capabilities:
        • P/Q Generation Methods: Probable
        • G Generation Methods: Unverifiable
        • L: 2048
        • N: 256
        • Hash Algorithm: SHA2-256
      • Capabilities:
        • P/Q Generation Methods: Probable
        • G Generation Methods: Unverifiable
        • L: 3072
        • N: 256
        • Hash Algorithm: SHA2-256
    Prerequisites:
  • DSA SigGen (186-4)
      • Capabilities:
        • L: 2048
        • N: 224
        • Hash Algorithm: SHA2-224
      • Capabilities:
        • L: 2048
        • N: 256
        • Hash Algorithm: SHA2-224, SHA2-256
      • Capabilities:
        • L: 3072
        • N: 256
        • Hash Algorithm: SHA2-224, SHA2-256
    Prerequisites:
  • DSA SigVer (186-4)
      • Capabilities:
        • L: 1024
        • N: 160
        • Hash Algorithm: SHA-1
      • Capabilities:
        • L: 2048
        • N: 224
        • Hash Algorithm: SHA-1, SHA2-224
      • Capabilities:
        • L: 2048
        • N: 256
        • Hash Algorithm: SHA-1, SHA2-224, SHA2-256
      • Capabilities:
        • L: 3072
        • N: 256
        • Hash Algorithm: SHA-1, SHA2-224, SHA2-256
    Prerequisites:
  • Hash DRBG
    • Prediction Resistance: Yes, No
    • Supports Reseed
      • Capabilities:
        • Mode: SHA-1
        • Entropy Input: 128
        • Nonce: 64
        • Personalization String Length: 0-128
        • Additional Input: 0-128
        • Returned Bits: 640
      • Capabilities:
        • Mode: SHA2-256
        • Entropy Input: 256
        • Nonce: 128
        • Personalization String Length: 0-256
        • Additional Input: 0-256
        • Returned Bits: 1024
      • Capabilities:
        • Mode: SHA2-384
        • Entropy Input: 256
        • Nonce: 128
        • Personalization String Length: 0-256
        • Additional Input: 0-256
        • Returned Bits: 1536
      • Capabilities:
        • Mode: SHA2-512
        • Entropy Input: 256
        • Nonce: 128
        • Personalization String Length: 0-256
        • Additional Input: 0-256
        • Returned Bits: 2048
    Prerequisites:
  • HMAC DRBG
    • Prediction Resistance: Yes, No
    • Supports Reseed
      • Capabilities:
        • Mode: SHA-1
        • Entropy Input: 128
        • Nonce: 64
        • Personalization String Length: 0-128
        • Additional Input: 0-128
        • Returned Bits: 640
      • Capabilities:
        • Mode: SHA2-256
        • Entropy Input: 256
        • Nonce: 128
        • Personalization String Length: 0-256
        • Additional Input: 0-256
        • Returned Bits: 1024
      • Capabilities:
        • Mode: SHA2-384
        • Entropy Input: 256
        • Nonce: 128
        • Personalization String Length: 0-256
        • Additional Input: 0-256
        • Returned Bits: 1536
      • Capabilities:
        • Mode: SHA2-512
        • Entropy Input: 256
        • Nonce: 128
        • Personalization String Length: 0-256
        • Additional Input: 0-256
        • Returned Bits: 2048
    Prerequisites:
  • HMAC-SHA-1
    • MAC: 160
    • Key sizes < block size
    • Key size = block size
    • Key sizes > block size
    Prerequisites:
  • HMAC-SHA2-224
    • MAC: 224
    • Key sizes < block size
    • Key size = block size
    • Key sizes > block size
    Prerequisites:
  • HMAC-SHA2-256
    • MAC: 256
    • Key sizes < block size
    • Key size = block size
    • Key sizes > block size
    Prerequisites:
  • HMAC-SHA2-384
    • MAC: 384
    • Key sizes < block size
    • Key sizes > block size
    • Key size = block size
    Prerequisites:
  • HMAC-SHA2-512
    • MAC: 512
    • Key sizes < block size
    • Key size = block size
    • Key sizes > block size
    Prerequisites:
  • RSA KeyGen (186-4)
      • Capabilities:
        • Key Generation Mode: B.3.3
          • Properties:
            • Modulo: 2048
            • Primality Tests: C.3
          • Properties:
            • Modulo: 3072
            • Primality Tests: C.3
    • Info Generated By Server
    • Public Exponent Mode: Random
    • Private Key Format: Standard
    Prerequisites:
  • RSA SigGen (186-4)
      • Capabilities:
        • Signature Type: PKCS 1.5
          • Properties:
            • Modulo: 2048
              • Hash Pair:
                • Hash Algorithm: SHA2-224
              • Hash Pair:
                • Hash Algorithm: SHA2-256
              • Hash Pair:
                • Hash Algorithm: SHA2-384
              • Hash Pair:
                • Hash Algorithm: SHA2-512
          • Properties:
            • Modulo: 3072
              • Hash Pair:
                • Hash Algorithm: SHA2-224
              • Hash Pair:
                • Hash Algorithm: SHA2-256
              • Hash Pair:
                • Hash Algorithm: SHA2-384
              • Hash Pair:
                • Hash Algorithm: SHA2-512
      • Capabilities:
        • Signature Type: PKCSPSS
          • Properties:
            • Modulo: 2048
              • Hash Pair:
                • Hash Algorithm: SHA2-224
                • Salt Length: 160
              • Hash Pair:
                • Hash Algorithm: SHA2-256
                • Salt Length: 160
              • Hash Pair:
                • Hash Algorithm: SHA2-384
                • Salt Length: 160
              • Hash Pair:
                • Hash Algorithm: SHA2-512
                • Salt Length: 160
          • Properties:
            • Modulo: 3072
              • Hash Pair:
                • Hash Algorithm: SHA2-224
                • Salt Length: 160
              • Hash Pair:
                • Hash Algorithm: SHA2-256
                • Salt Length: 160
              • Hash Pair:
                • Hash Algorithm: SHA2-384
                • Salt Length: 160
              • Hash Pair:
                • Hash Algorithm: SHA2-512
                • Salt Length: 160
    Prerequisites:
  • RSA SigVer (186-4)
      • Capabilities:
        • Signature Type: PKCS 1.5
          • Properties:
            • Modulo: 1024
              • Hash Pair:
                • Hash Algorithm: SHA-1
              • Hash Pair:
                • Hash Algorithm: SHA2-224
              • Hash Pair:
                • Hash Algorithm: SHA2-256
              • Hash Pair:
                • Hash Algorithm: SHA2-384
              • Hash Pair:
                • Hash Algorithm: SHA2-512
          • Properties:
            • Modulo: 2048
              • Hash Pair:
                • Hash Algorithm: SHA-1
              • Hash Pair:
                • Hash Algorithm: SHA2-224
              • Hash Pair:
                • Hash Algorithm: SHA2-256
              • Hash Pair:
                • Hash Algorithm: SHA2-384
              • Hash Pair:
                • Hash Algorithm: SHA2-512
          • Properties:
            • Modulo: 3072
              • Hash Pair:
                • Hash Algorithm: SHA-1
              • Hash Pair:
                • Hash Algorithm: SHA2-224
              • Hash Pair:
                • Hash Algorithm: SHA2-256
              • Hash Pair:
                • Hash Algorithm: SHA2-384
              • Hash Pair:
                • Hash Algorithm: SHA2-512
      • Capabilities:
        • Signature Type: PKCSPSS
          • Properties:
            • Modulo: 1024
              • Hash Pair:
                • Hash Algorithm: SHA-1
                • Salt Length: 160
              • Hash Pair:
                • Hash Algorithm: SHA2-224
                • Salt Length: 160
              • Hash Pair:
                • Hash Algorithm: SHA2-256
                • Salt Length: 160
              • Hash Pair:
                • Hash Algorithm: SHA2-384
                • Salt Length: 160
              • Hash Pair:
                • Hash Algorithm: SHA2-512
                • Salt Length: 160
          • Properties:
            • Modulo: 2048
              • Hash Pair:
                • Hash Algorithm: SHA-1
                • Salt Length: 160
              • Hash Pair:
                • Hash Algorithm: SHA2-224
                • Salt Length: 160
              • Hash Pair:
                • Hash Algorithm: SHA2-256
                • Salt Length: 160
              • Hash Pair:
                • Hash Algorithm: SHA2-384
                • Salt Length: 160
              • Hash Pair:
                • Hash Algorithm: SHA2-512
                • Salt Length: 160
          • Properties:
            • Modulo: 3072
              • Hash Pair:
                • Hash Algorithm: SHA-1
                • Salt Length: 160
              • Hash Pair:
                • Hash Algorithm: SHA2-224
                • Salt Length: 160
              • Hash Pair:
                • Hash Algorithm: SHA2-256
                • Salt Length: 160
              • Hash Pair:
                • Hash Algorithm: SHA2-384
                • Salt Length: 160
              • Hash Pair:
                • Hash Algorithm: SHA2-512
                • Salt Length: 160
    • Public Exponent Mode: Random
    Prerequisites:
  • SHA-1
    • Message Length: 0-51200 Increment 8
  • SHA-224
    • Message Length: 0-51200 Increment 8
  • SHA-256
    • Message Length: 0-51200 Increment 8
  • SHA-384
    • Message Length: 0-102400 Increment 8
  • SHA-512
    • Message Length: 0-102400 Increment 8
  • TDES-CBC
    • Direction: Decrypt, Encrypt
    • Keying Option: 1
  • TDES-CFB64
    • Direction: Decrypt, Encrypt
    • Keying Option: 1
  • TDES-CTR
    • Direction: Encrypt
  • TDES-ECB
    • Direction: Decrypt, Encrypt
    • Keying Option: 1
  • TDES-OFB
    • Direction: Decrypt, Encrypt
    • Keying Option: 1
Created October 05, 2016, Updated June 22, 2020