Module Name
Oracle Linux 7 GnuTLS Cryptographic Module
Historical Reason
SP 800-56Arev3 transition
Caveat
When operated in FIPS mode. When installed, initialized and configured as specified in Section 10 of the Security Policy. The module generates cryptographic keys whose strengths are modified by available entropy
Security Level Exceptions
- Physical Security: N/A
- Design Assurance: Level 3
Embodiment
Multi-Chip Stand Alone
Description
The Oracle Linux 7 GnuTLS Cryptographic Module is a set of libraries implementing general purpose cryptographic algorithms and network protocols.
Tested Configuration(s)
- Oracle Linux 7.6 64 bit running on an Oracle X7-2 Server with AMD® EPYC® 7551 without PAA (single user mode)
- Oracle Linux 7.6 64 bit running on Oracle Server X7-2 with a Intel(R) Xeon(R) Silver 4114 with PAA
- Oracle Linux 7.6 64 bit running on Oracle Server X7-2 with a Intel(R) Xeon(R) Silver 4114 without PAA Oracle Linux 7.6 64 bit running on an Oracle X7-2 Server with AMD® EPYC® 7551 with PAA
Approved Algorithms
|
|
AES |
Certs. #C929, #C1001, #C1018 and #C1019 |
CKG |
vendor affirmed |
CVL |
Cert. #C1018 |
DRBG |
Cert. #C1018 |
DSA |
Cert. #C1018 |
ECDSA |
Cert. #C1018 |
HMAC |
Cert. #C1018 |
KTS |
AES Certs. #C1001, #C1018 and #C1019; key establishment methodology provides 128 or 256 bits of encryption strength |
KTS |
AES Certs. #C1001, #C1018 and #C1019 and HMAC Cert. #C1018; key establishment methodology provides between 128 and 256 bits of encryption strength |
KTS |
Triple-DES Cert. #C1018 and HMAC Cert. #C1018; key establishment methodology provides 112 bits of encryption strength |
RSA |
Cert. #C1018 |
SHS |
Certs. #C1018 and #C1019 |
Triple-DES |
Cert. #C1018 |
Allowed Algorithms
Diffie-Hellman (CVL Cert. #C1018 with CVL Cert. #C1018, key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength); EC Diffie-Hellman (CVL Cert. #C1018 with CVL Cert. #C1018, key agreement; key establishment methodology provides between 128 and 256 bits of encryption strength); MD5; NDRNG; RSA (key wrapping; key establishment methodology provides between 112 and 256 bits of encryption strength);
Software Versions
R7-4.0.0