Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

Cryptographic Module Validation Program

Certificate #1859

Details

Module Name
Red Hat Enterprise Linux 6.2 Openswan Cryptographic Module
Standard
FIPS 140-2
Status
Historical
 Historical Reason
Moved to historical list due to sunsetting
Validation Dates
12/3/2012
Overall Level
1
Caveat
When operated in FIPS mode and when obtained, installed, and initialized as assumed by the Crypto Officer role and specified in Section 9 of the provided Security Policy. This module contains the embedded Red Hat Enterprise Linux 6.2 OpenSSL Cryptographic Module validated to FIPS 140-2 under Cert. #1758 operating in FIPS mode and the Network Security Services (NSS) Cryptographic Module validated to FIPS 140-2 under Cert. #1837 operating in FIPS mode. Section 1 of the provided Security Policy specifies the precise RPM files containing this module. The integrity of the RPMs are verified during the installation and the Crypto officer shall not install the RPM files if the RPM tool indicates an integrity error. Any deviation from the specified verification, installation and initialization procedures will result in a non FIPS 140-2 compliant module. The module generates cryptographic keys whose strengths are modified by available entropy
Module Type
Software
Embodiment
Multi-chip standalone
Description
The Red Hat Enterprise Linux 6.2 OpenSwan Cryptographic Module is a software only cryptographic module that provides the IKE protocol version 1 and version 2 key agreement services required for IPSec.
Tested Configuration(s)
  • Red Hat Enterprise Linux 6.2 (single-user mode)
FIPS Algorithms
AES Certs. #1985 and 1986
DRBG Certs. #183 and #184
DSA Certs. #634 and #635
HMAC Certs. #1129, #1130, #1134, #1135, #1199 and #1200
RSA Cert. #979, vendor affirmed
SHS Certs. #1741 and #1742
Triple-DES Certs. #1289 and #1290
Other Algorithms
Diffie-Hellman (key agreement; key establishment methodology provides 112 bits of encryption strength; non-compliant less than 112 bits of encryption strength); RSA (key wrapping; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); RC2; RC4; DES; Seed; CAMELLIA; MD2; MD5
Software Versions
2.0

Vendor

Red Hat®, Inc.
314 Littleton Road
Raleigh, NC 27606
USA

Ann-Marie Rubin
arubin@redhat.com
Phone: 978-392-1000
Fax: 978-392-1001

Lab

atsec
NVLAP Code: 200658-0