Module Name
SUSE Linux Enterprise Server OpenSSL Module
Caveat
When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy
Security Level Exceptions
Embodiment
Multi-Chip Stand Alone
Description
OpenSSL is an open-source library of various cryptographic algorithms written mainly in C.
Tested Configuration(s)
- SUSE Linux Enterprise Server 12 SP2 running on FUJITSU Server PRIMERGY CX2570 M2 inside a CX400 M1 enclosure with PAA
- SUSE Linux Enterprise Server 12 SP2 running on FUJITSU Server PRIMERGY CX2570 M2 inside a CX400 M1 enclosure without PAA
- SUSE Linux Enterprise Server 12 SP2 running on IBM z13 with PAI
- SUSE Linux Enterprise Server 12 SP2 running on IBM z13 without PAI (single-user mode)
FIPS Algorithms
AES |
Certs. #4588, #4594, #4595, #4622, #4623, #4645, #4646 and #4647 |
CVL |
Certs. #1263, #1264, #1276 and #1359 |
DRBG |
Certs. #1531, #1535, #1536, #1537, #1538, #1539, #1540, #1552 and #1553 |
DSA |
Certs. #1220 and #1221 |
ECDSA |
Certs. #1127 and #1131 |
HMAC |
Certs. #3042, #3043, #3044, #3045, #3059 and #3060 |
KTS |
AES Certs. #4588, #4594, #4595, #4622 and #4623; key establishment methodology provides between 128 and 256 bits of encryption strength |
RSA |
Certs. #2505 and #2519 |
SHS |
Certs. #3768, #3769, #3770, #3771, #3788 and #3789 |
Triple-DES |
Certs. #2439 and #2455 |
Allowed Algorithms
Diffie-Hellman (CVL Certs. #1263 and #1276, key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength); EC Diffie-Hellman (CVL Cert. #1263 and #1276, key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength); RSA (key wrapping; key establishment methodology provides between 112 and 256 bits of encryption strength); MD5; NDRNG