Cryptographic Module Validation Program CMVP

Certificate #3636

Details

Module Name
Oracle Cloud Infrastructure Cryptographic Library for Kubernetes
Standard
FIPS 140-2
Status
Active
Sunset Date
11/1/2023
Validation Dates
03/23/2020
Overall Level
1
Caveat
When installed, initialized and configured as specified in Section 11.1 of the Security Policy and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy.
Security Level Exceptions
  • Physical Security: N/A
  • Mitigation of Other Attacks: N/A
Module Type
Software
Embodiment
Multi-Chip Stand Alone
Description
A Software cryptographic library that contains FIPS Approved cryptography to serve Kubernetes and the Google Go programing language and application ecosystem.
Tested Configuration(s)
  • Oracle Linux 7.7 running on Oracle Server X7-2 with AMD® EPYC® 7551 with PAA
  • Oracle Linux 7.7 running on Oracle Server X7-2 with AMD® EPYC® 7551 without PAA (single-user mode)
  • Oracle Linux 7.7 running on Oracle Server X7-2 with Intel® Xeon® Platinum 8167M with PAA
  • Oracle Linux 7.7 running on Oracle Server X7-2 with Intel® Xeon® Platinum 8167M without PAA
FIPS Algorithms
AES Cert. #C1456
CKG vendor affirmed
CVL Cert. #C1456
DRBG Cert. #C1456
ECDSA Cert. #C1456
HMAC Cert. #C1456
KTS AES Cert. #C1456; key establishment methodology provides between 128 and 256 bits of encryption strength
RSA Cert. #C1456
SHS Cert. #C1456
Triple-DES Cert. #C1456
Allowed Algorithms
EC Diffie-Hellman (CVL Cert. #C1456; key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength); MD5; NDRNG; RSA (key wrapping; key establishment methodology provides between 112 and 256 bits of encryption strength)
Software Versions
1.0

Vendor

Oracle Corporation
500 Oracle Parkway
Redwood Shores, CA 94065
USA

Chris Brych
chris.brych@oracle.com
Phone: 613-216-3078

Lab

ACUMEN SECURITY, LLC
NVLAP Code: 201029-0