Module Name
Red Hat Enterprise Linux GnuTLS Cryptographic Module
Historical Reason
Moved to historical list due to sunsetting
Caveat
When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy
Security Level Exceptions
Embodiment
Multi-Chip Stand Alone
Description
GnuTLS is a secure communications library implementing the SSH, TLS, and DTLS protocols. It provides a simple C language application programming interface to access the secure communications protocols as well as APIs to parse and write X.509, PCKS#12, and other required structures which is shipped with Red Hat Enterprise Linux 7.1.
Tested Configuration(s)
- Red Hat Enterprise Linux 7.1 running on HP ProLiant DL380p Gen8 with PAA
- Red Hat Enterprise Linux 7.1 running on HP ProLiant DL380p Gen8 without PAA
- Red Hat Enterprise Linux 7.1 running on IBM Power System S814 (single-user mode)
- Red Hat Enterprise Linux 7.1 running on IBM z13
Approved Algorithms
AES |
Certs. #3613, #3614, #3615, #3616, #3617, #3618 and #3619 |
CVL |
Certs. #632, #633, #634, #635, #636, #637, #638, #639, #640 and #641 |
DRBG |
Certs. #943, #944, #945, #946, #947, #948 and #949 |
DSA |
Certs. #1008, #1009, #1010, #1011 and #1012 |
ECDSA |
Certs. #745, #746, #747, #748 and #749 |
HMAC |
Certs. #2320, #2321, #2322, #2323 and #2324 |
RSA |
Certs. #1860, #1861, #1862, #1863 and #1864 |
SHS |
Certs. #2986, #2987, #2988, #2989 and #2990 |
Triple-DES |
Certs. #2013, #2014, #2015, #2016 and #2017 |
Other Algorithms
Diffie-Hellman (CVL Certs. #632, #634, #636, #638 and #640, key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength; non-compliant less than 112 bits of encryption strength); EC Diffie-Hellman (CVL Certs. #632, #634, #636, #638 and #640, key agreement; key establishment methodology provides between 128 and 256 bits of encryption strength); RSA (key wrapping; key establishment methodology provides between 112 and 256 bits of encryption strength; non-compliant less than 112 bits of encryption strength); Blowfish; Camellia; CAST128; DES; GOST Hash; MD2; MD4; MD5; PBKDFv2 (RFC2898); PRNG; RC2; RC4; RIPEMD160; Salsa20; Serpent; SHA-3 (non-compliant); Twofish; UMAC