Module Name

SUSE Linux Enterprise Server OpenSSL Module

Standard

FIPS 140-2

Status

Active

Sunset Date

10/4/2022

Validation Dates

10/05/2017

Overall Level

1

Caveat

When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy

Security Level Exceptions

• Physical Security: N/A

Module Type

Software

Embodiment

Multi-Chip Stand Alone

Description

OpenSSL is an open-source library of various cryptographic algorithms written mainly in C.

Tested Configuration(s)

• SUSE Linux Enterprise Server 12 SP2 running on FUJITSU Server PRIMERGY CX2570 M2 inside a CX400 M1 enclosure with PAA
• SUSE Linux Enterprise Server 12 SP2 running on FUJITSU Server PRIMERGY CX2570 M2 inside a CX400 M1 enclosure without PAA
• SUSE Linux Enterprise Server 12 SP2 running on IBM z13 with PAI
• SUSE Linux Enterprise Server 12 SP2 running on IBM z13 without PAI (single-user mode)

FIPS Algorithms

AES	Certs. #4588, #4594, #4595, #4622, #4623, #4645, #4646 and #4647
CVL	Certs. #1263, #1264, #1276 and #1359
DRBG	Certs. #1531, #1535, #1536, #1537, #1538, #1539, #1540, #1552 and #1553
DSA	Certs. #1220 and #1221
ECDSA	Certs. #1127 and #1131
HMAC	Certs. #3042, #3043, #3044, #3045, #3059 and #3060
KTS	AES Certs. #4588, #4594, #4595, #4622 and #4623; key establishment methodology provides between 128 and 256 bits of encryption strength
RSA	Certs. #2505 and #2519
SHS	Certs. #3768, #3769, #3770, #3771, #3788 and #3789
Triple-DES	Certs. #2439 and #2455

Allowed Algorithms

Diffie-Hellman (CVL Certs. #1263 and #1276, key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength); EC Diffie-Hellman (CVL Cert. #1263 and #1276, key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength); RSA (key wrapping; key establishment methodology provides between 112 and 256 bits of encryption strength); MD5; NDRNG

Software Versions

3.0