Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Cryptographic Module Validation Program CMVP

Certificate #861


Module Name
Oracle Cryptographic Libraries for SSL
FIPS 140-2
 Historical Reason
RNG SP800-131A Revision 1 Transition
Overall Level
When operated in FIPS mode
Module Type
Multi-chip standalone
The Oracle Cryptographic Libraries for SSL 10g (10.1.5) is a generic module used by the Oracle Corporation in a variety of its application suites. The module is used to provide support to cryptography, authentication, PKCS and certificate management for applications like the Oracle database server (Server and Client), Oracle Applications Server, Oracle Internet Directory, Web Cache and Apache. It provides a rich set of functionality and uses PKCS wallet structures for managing identities and trustpoints.
Tested Configuration(s)
  • Sun Solaris 8.0 with Admin Suite 3.0.1 on Sun Ultra 60 Server
Approved Algorithms
AES Cert. #608
HMAC Cert. #314
RNG Cert. #347
RSA Cert. #281
SHS Cert. #657
Triple-DES Cert. #573
Other Algorithms
RC4; RSA-MD5 (PKCS#1); HMAC-MD5; RSA (PKCS#5); Diffie-Hellman (key agreement; key establishment methodology provides 80 bits of encryption strength; non-compliant); RSA (key wrapping; key establishment methodology provides between 112 and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength)
Software Versions
10g (


Oracle Corporation
500 Oracle Parkway
Redwood Shores, CA 94065

Shaun Lee
Phone: +44 1189 243860

Validation History

Date Type Lab
12/18/2007 Initial LogicaCMG