Module Name
Red Hat Enterprise Linux 6.2 OpenSSL Cryptographic Module
Historical Reason
RNG SP800-131A Revision 1 Transition
Caveat
When operated in FIPS mode and when obtained, installed, and initialized as specified in Section 9.1 of the provided Security Policy. The Security Policy specifies the precise RPM file containing this module. The integrity of the RPM is automatically verified during the installation and the Crypto officer shall not install the module if the RPM tool indicates an integrity error. Any deviation from the specified verification, installation and initialization procedures will result in a non FIPS 140-2 compliant module. The module generates cryptographic keys whose strengths are modified by available entropy
Embodiment
Multi-chip standalone
Description
The OpenSSL FIPS Runtime Module is a general purpose cryptographic library designed to provide FIPS 140-2 validated cryptographic functionality for use with the high level API of the OpenSSL library version 1.0.0-20.el6 delivered with RHEL 6.2.
Tested Configuration(s)
- Red Hat Enterprise Linux 6.2 (single-user mode)
Approved Algorithms
AES |
Certs. #1887, #1888, #1889, #1893, #1894 and #1895 |
DSA |
Certs. #592, #593, #597 and #598 |
HMAC |
Certs. #1129, #1130, #1134 and #1135 |
RNG |
Certs. #989, #990, #994 and #995 |
RSA |
Certs. #964, #965, #969 and #970 |
SHS |
Certs. #1658, #1659, #1663 and #1664 |
Triple-DES |
Certs. #1226, #1227, #1231 and #1232 |
Other Algorithms
Diffie-Hellman (key agreement; key establishment methodology provides between 112 and 160 bits of encryption strength; non-compliant less than 112 bits of encryption strength); RSA (key wrapping; key establishment methodology provides between 112 and 160 bits of encryption strength; non-compliant less than 112 bits of encryption strength); MD5