Module Name
SUSE Linux Enterprise Server OpenSSL Module
Historical Reason
SP 800-56Arev3 transition
Caveat
When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy
Security Level Exceptions
Embodiment
Multi-Chip Stand Alone
Description
OpenSSL is an open-source library of various cryptographic algorithms written mainly in C.
Tested Configuration(s)
- SUSE Linux Enterprise Server 12 SP2 running on FUJITSU Server PRIMERGY CX2570 M2 inside a CX400 M1 enclosure with PAA
- SUSE Linux Enterprise Server 12 SP2 running on FUJITSU Server PRIMERGY CX2570 M2 inside a CX400 M1 enclosure without PAA
- SUSE Linux Enterprise Server 12 SP2 running on IBM z13 with PAI
- SUSE Linux Enterprise Server 12 SP2 running on IBM z13 without PAI (single-user mode)
Approved Algorithms
| AES |
Certs. #4588, #4594, #4595, #4622, #4623, #4645, #4646 and #4647 |
| CVL |
Certs. #1263, #1264, #1276 and #1359 |
| DRBG |
Certs. #1531, #1535, #1536, #1537, #1538, #1539, #1540, #1552 and #1553 |
| DSA |
Certs. #1220 and #1221 |
| ECDSA |
Certs. #1127 and #1131 |
| HMAC |
Certs. #3042, #3043, #3044, #3045, #3059 and #3060 |
| KTS |
AES Certs. #4588, #4594, #4595, #4622 and #4623; key establishment methodology provides between 128 and 256 bits of encryption strength |
| RSA |
Certs. #2505 and #2519 |
| SHS |
Certs. #3768, #3769, #3770, #3771, #3788 and #3789 |
| Triple-DES |
Certs. #2439 and #2455 |
Allowed Algorithms
Diffie-Hellman (CVL Certs. #1263 and #1276, key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength); EC Diffie-Hellman (CVL Cert. #1263 and #1276, key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength); RSA (key wrapping; key establishment methodology provides between 112 and 256 bits of encryption strength); MD5; NDRNG
