Module Name
Oracle Linux OpenSSL Cryptographic Module
Historical Reason
Moved to historical list due to sunsetting
Transitional Note
Pending SP 800-56Arev3 transition revalidation
Caveat
When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy
Security Level Exceptions
- Physical Security: N/A
- Design Assurance: Level 3
Embodiment
Multi-Chip Stand Alone
Description
Oracle Linux OpenSSL Cryptographic Module is a software module supporting FIPS 140-2 approved cryptographic algorithms for general use by vendors.
Tested Configuration(s)
- Oracle Linux 6.9 64 bit running on Oracle Server X6-2 with PAA[1]
- Oracle Linux 6.9 64 bit running on Oracle Server X6-2 without PAA[1]
- Oracle Linux 6.9 64 bit running on Oracle Server X7-2 with PAA[1]
- Oracle Linux 6.9 64 bit running on Oracle Server X7-2 without PAA[1]
- Oracle Linux 7.3 64 bit running on Oracle Server X6-2 with PAA[2]
- Oracle Linux 7.3 64 bit running on Oracle Server X6-2 without PAA[2]
- Oracle Linux 7.3 64 bit running on Oracle Server X7-2 with PAA[2]
- Oracle Linux 7.3 64 bit running on Oracle Server X7-2 without PAA[2] (single-user mode)
Approved Algorithms
AES |
Certs. #4533, #4534, #4535, #4536, #4537, #4538, #5344, #5351, #5352, #5353, #5370 and #5396 |
CVL |
Certs. #1215, #1216, #1217, #1218, #1816, #1817, #1837 and #1838 |
DRBG |
Certs. #1490, #1491, #1492, #1493, #1494, #1495, #2064, #2070, #2071, #2079, #2091 and #2108 |
DSA |
Certs. #1208, #1209, #1383 and #1388 |
ECDSA |
Certs. #1104, #1105, #1409 and #1417 |
HMAC |
Cert. #2991, #2992, #2993, #2994, #2995, #2996, #3541, #3548, #3549, #3550, #3558 and #3573 |
KTS |
AES Certs. #4533, #4534, #4535, #4536, #4537, #4538, #5344, #5351, #5352, #5353, #5370 and #5396; key establishment methodology provides between 128 and 256 bits of encryption strength |
RSA |
Cert. #2468, #2469, #2864 and #2873 |
SHS |
Certs. #3714, #3715, #3716, #3717, #3718, #3719, #4295, #4302, #4303, #4304, #4312 and #4329 |
Triple-DES |
Certs. #2414, #2415, #2707 and #2710 |
Allowed Algorithms
Diffie-Hellman (CVL Certs. #1216, #1217, #1816 and #1837, key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength); EC Diffie-Hellman (CVL Certs. #1216, #1217, #1816 and #1837, key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength); MD5; NDRNG; RSA (Key wrapping; key establishment methodology provides between 112 and 256 bits of encryption strength)
Software Versions
R6-1.0.0[1] and R7-2.0.0[2]