Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Cryptographic Module Validation Program CMVP

Certificate #3335

Details

Module Name
Oracle OpenSSL FIPS Object Module
Standard
FIPS 140-2
Status
Historical
 Historical Reason
Moved to historical list due to sunsetting
Overall Level
1
Caveat
When operated in FIPS mode. No assurance of the minimum strength of generated keys.
Security Level Exceptions
  • Roles, Services, and Authentication: Level 2
  • Physical Security: N/A
  • Design Assurance: Level 3
  • Mitigation of Other Attacks: N/A
Module Type
Software
Embodiment
Multi-Chip Stand Alone
Description
Oracle OpenSSL FIPS Object Module is a software library providing a C language application program interface (API) for use by processes that require cryptographic services. It is implemented in products such as Oracle Solaris 11, Oracle Integrated Lights Out Manager (ILOM), and Oracle ZFS Storage Appliance.
Tested Configuration(s)
  • Oracle ILOM OS v5.1 running on AST2600 Server Management Processor with Oracle ILOM SP v6 (ARM v7) without PAA
  • Oracle® ILOM OS v3.0 running on Emulex Pilot-4 Orion mainboard with Oracle® ILOM SP v2 (ARM v5) without PAA
  • Oracle® ILOM OS v3.0 running on Oracle X5-2 server with Oracle® ILOM SP v3 (ARM v7) with PAA
  • Oracle® ILOM OS v3.0 running on Oracle X5-2 server with Oracle® ILOM SP v3 (ARM v7) without PAA
  • Oracle® ILOM OS v4.0 running on AST2400 Server Management Processor with Oracle® ILOM SP v4 (ARM v9) without PAA
  • Oracle® ILOM OS v5.0 running on AST2520 Server Management Processor with Oracle® ILOM SP v5 (ARM v11) without PAA
  • Oracle® Linux 7.6 64 bit running on Oracle® X7-2 Server with AMD® EPYC® 7551 with PAA
  • Oracle® Linux 7.6 64 bit running on Oracle® X7-2 Server with AMD® EPYC® 7551 without PAA
  • Oracle® Linux 7.6 64 bit running on Oracle® X7-2 Server with Intel® Xeon® Silver 4114 with PAA
  • Oracle® Linux 7.6 64 bit running on Oracle® X7-2 Server with Intel® Xeon® Silver 4114 without PAA
  • Oracle® Linux 7.8 64 bit running on Marvell MIPS III 64-bit (T73) without PAA
  • Oracle® Linux 7.8 64 bit running on Marvell ThunderX2 (ARM 8.1) without PAA
  • Oracle® Solaris 11.4 running on Oracle S7-2L with an Oracle® SPARC S7 without PAA
  • Oracle® Solaris 11.4 running on Oracle S7-2L with Oracle® SPARC S7 with PAA
  • Oracle® Solaris 11.4 running on Oracle X5-2 server with Intel Xeon E5-2600 with PAA
  • Oracle® Solaris 11.4 running on Oracle X5-2 server with Intel Xeon E5-2600 without PAA
  • Oracle® Solaris 11.4 running on Oracle® SPARC T8 server with SPARC M8 with PAA
  • Oracle® Solaris 11.4 running on Oracle® SPARC T8 server with SPARC M8 without PAA
  • Oracle® Solaris 11.4 running on Oracle® X8-2 server with Intel Xeon Gold 5200 series with PAA
  • Oracle® Solaris 11.4 running on Oracle® X8-2 server with Intel Xeon Gold 5200 series without PAA
  • Oracle® ZFS Storage OS 8.8 running on Oracle® ZFS Storage ZS5-2 with Intel Xeon E5 with PAA
  • Oracle® ZFS Storage OS 8.8 running on Oracle® ZFS Storage ZS5-2 with Intel Xeon E5 without PAA
  • Oracle® ZFS Storage OS 8.8 running on Oracle® ZFS Storage ZS5-4 with Intel Xeon E7
  • Oracle® ZFS Storage OS 8.8 running on Oracle® ZFS Storage ZS5-4 with Intel Xeon E7 without PAA
  • Windows Server 2019 on VMWare ESXi 6.0 running on Oracle Server E2-2C with AMD® EPYC® 7742 with PAA
  • Windows Server 2019 on VMWare ESXi 6.0 running on Oracle Server E2-2C with AMD® EPYC® 7742 without PAA
  • Windows Server 2019 on VMWare ESXi 6.0 running on Oracle Server E2-2C with Intel® Xeon® CPU ES-2695 v4 with PAA
  • Windows Server 2019 on VMWare ESXi 6.0 running on Oracle Server E2-2C with Intel® Xeon® CPU ES-2695 v4 without PAA (single-user mode)
Approved Algorithms
AES Certs. #A861, #A2511, #A2514, #C1651 and #5445
CKG vendor affirmed
DRBG Certs. #A861, #A2511, #A2514, #C1651 and #2129
DSA Certs. #A861, #A2511, #A2514, #1400 and #C1651
ECDSA Certs. #A861, #A2511, #A2514, #C1651 and #1449
HMAC Certs. #A861, #A2511, #A2514, #C1651 and #3603
KAS-SSC vendor affirmed
RSA Certs. #A861, #A2511, #A2514, #C1651 and #2921
SHS Certs. #A861, #A2511, #A2514, #C1651 and #4364
Triple-DES Certs. #A861, #A2511, #A2514, #C1651 and #2735
Allowed Algorithms
RSA (key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength)
Software Versions
OpenSSL_2.0.13_OracleFIPS_1.0; OpenSSL_2.0.13_OracleFIPS_1.1; OpenSSL_2.0.13_OracleFIPS_1.2

Vendor

Oracle Corporation
500 Oracle Parkway
Redwood Shores, CA 94065
USA

Oracle Security Evaluations
Seceval_us@oracle.com

Validation History

Date Type Lab
12/3/2018 Initial ACUMEN SECURITY, LLC
7/18/2019 Update ACUMEN SECURITY, LLC
4/29/2020 Update ACUMEN SECURITY, LLC
10/23/2020 Update ACUMEN SECURITY, LLC
3/2/2021 Update ACUMEN SECURITY, LLC
5/17/2021 Update ACUMEN SECURITY, LLC
8/3/2021 Update ACUMEN SECURITY, LLC
7/29/2022 Update ACUMEN SECURITY, LLC