Module Name
SUSE Linux Enterprise Server NSS Cryptographic Module
Caveat
When operated in FIPS mode
Security Level Exceptions
- Roles, Services, and Authentication: Level 2
- Physical Security: N/A
- Design Assurance: Level 2
Embodiment
Multi-Chip Stand Alone
Description
SUSE Network Security Services (NSS) is a set of libraries designed to support cross-platform development of security-enabled client and server applications.
Tested Configuration(s)
- SUSE Linux Enterprise Server 15 SP0 running on Dell EMC PowerEdge 640 with Intel Cascade Lake Xeon Gold 6234 with PAA
- SUSE Linux Enterprise Server 15 SP0 running on Dell EMC PowerEdge 640 with Intel Cascade Lake Xeon Gold 6234 without PAA
- SUSE Linux Enterprise Server 15 SP2 running on Dell EMC PowerEdge 640 with Intel Cascade Lake Xeon Gold 6234 with PAA
- SUSE Linux Enterprise Server 15 SP2 running on Dell EMC PowerEdge 640 with Intel Cascade Lake Xeon Gold 6234 without PAA
- SUSE Linux Enterprise Server 15 SP2 running on Gigabyte R181-T90 with Cavium ThunderX2 CN9975 ARMv8 without PAA (single-user mode)
- SUSE Linux Enterprise Server 15 SP2 running on IBM System Z/15 with IBM z15 without PAI
Approved Algorithms
| AES |
Certs. #A245, #A247, #A337, #A338, #A473, #A474, #A476 and #A477 |
| CKG |
vendor affirmed |
| CVL |
Certs. #A245, #A246, #A473 and #A475 |
| DRBG |
Certs. #A245 and #A473 |
| DSA |
Certs. #A245 and #A473 |
| ECDSA |
Certs. #A245 and #A473 |
| HMAC |
Certs. #A245 and #A473 |
| KAS-SSC |
Certs. #A681 and #A682 |
| KTS |
AES Certs. #A337, #A338, #A476 and #A477; key establishment methodology provides between 128 and 256 bits of encryption strength |
| PBKDF |
Certs. #A245 and #A473 |
| RSA |
Certs. #A245 and #A473 |
| SHS |
Certs. #A245 and #A473 |
| Triple-DES |
Certs. #A245 and #A473 |
Allowed Algorithms
NDRNG; RSA (key wrapping; key establishment methodology provides between 112 and 256 bits of encryption strength)
