Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

Cryptographic Module Validation Program

Certificate #2888

Details

Module Name
Ubuntu OpenSSL Cryptographic Module
Standard
FIPS 140-2
Status
Active
Sunset Date
4/23/2022
Validation Dates
4/24/2017
6/6/2017
Overall Level
1
Caveat
When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy
Security Level Exceptions
  • Physical Security: N/A
Module Type
Software
Embodiment
Multi-Chip Stand Alone
Description
OpenSSL is an open-source library of various cryptographic algorithms written mainly in C.
Tested Configuration(s)
  • Ubuntu 16.04 LTS 64-bit Little Endian running on IBM Power System 8001-22C with PAA
  • Ubuntu 16.04 LTS 64-bit Little Endian running on IBM Power System 8001-22C without PAA
  • Ubuntu 16.04 LTS 64-bit Little Endian running on IBM Power System 8247-22L with PAA
  • Ubuntu 16.04 LTS 64-bit Little Endian running on IBM Power System 8247-22L without PAA
  • Ubuntu 16.04 LTS 64-bit Little Endian running on IBM Power System 8335-GTB with PAA
  • Ubuntu 16.04 LTS 64-bit Little Endian running on IBM Power System 8335-GTB without PAA
  • Ubuntu 16.04 LTS 64-bit running on IBM z13 with PAI
  • Ubuntu 16.04 LTS 64-bit running on IBM z13 without PAI (single-user mode)
  • Ubuntu 16.04 LTS 64-bit running on Supermicro SYS-5018R-WR with PAA
  • Ubuntu 16.04 LTS 64-bit running on Supermicro SYS-5018R-WR without PAA
FIPS Algorithms
AES Certs. #4354, #4355, #4356, #4357, #4358, #4359, #4360, #4361, #4370, #4371, #4372, #4373, #4374 and #4375
CVL Certs. #1055, #1058, #1061, #1064, #1066, #1068 and #1070
DRBG Certs. #1390, #1391, #1392, #1393, #1394, #1395, #1396 and #1397
DSA Certs. #1156, #1157, #1158, #1159, #1160, #1161 and #1162
ECDSA Certs. #1031, #1032, #1033, #1034, #1035, #1036 and #1037
HMAC Certs. #2895, #2896, #2897, #2898, #2899, #2900 and #2901
KTS AES Certs. #4354, #4357, #4358 and #4360; key establishment methodology provides between 128 and 256 bits of encryption strength
RSA Certs. #2351, #2352, #2353, #2354, #2355, #2356 and #2357
SHS Certs. #3593, #3594, #3595, #3596, #3597, #3598 and #3599
Triple-DES Certs. #2355, #2356 and #2357
Other Algorithms
Diffie-Hellman (CVL Certs. #1053, #1056, #1059, #1062, #1065, #1067 and #1069; key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength; non-compliant less than 112 bits of encryption strength); EC Diffie-Hellman (CVL Certs. #1053, #1054, #1056, #1057, #1059, #1060, #1063, #1065, #1067, #1068 and #1069; key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength); NDRNG; RSA (key wrapping; key establishment methodology provides between 112 and 256 bits of encryption strength; non-compliant less than 112 bits of encryption strength); AES (non-compliant); MD5; PRNG; RSA (non-compliant); SHA (non-compliant)
Software Versions
1.0

Vendor

Canonical Ltd.
5th floor, Blue Fin Building
110 Southwark Street
London SE1 0SU
United Kingdom

Joy Latten
joy.latten@canonical.com
Andrew Cloke
andrew.cloke@canonical.com

Lab

ATSEC INFORMATION SECURITY CORP
NVLAP Code: 200658-0