Module Name
SUSE Linux Enterprise Server GnuTLS Cryptographic Module
Caveat
When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy
Security Level Exceptions
- Physical Security: N/A
- Mitigation of Other Attacks: N/A
Embodiment
Multi-Chip Stand Alone
Description
GnuTLS is a secure communications library implementing the TLS protocol. It provides a simple C language application programming interface to access the secure communications protocols as well as APIs to parse and write X.509, PKCS#12, and other required structures which is shipped with SUSE Linux Enterprise Server.
Tested Configuration(s)
- (single-user mode)
- SUSE Linux Enterprise Server 15 SP2 running on Dell EMC PowerEdge 640 with Intel Cascade Lake Xeon Gold 6234 with PAA
- SUSE Linux Enterprise Server 15 SP2 running on Dell EMC PowerEdge 640 with Intel Cascade Lake Xeon Gold 6234 without PAA
- SUSE Linux Enterprise Server 15 SP2 running on Gigabyte R181-T90 with Cavium ThunderX2 CN9975 ARMv8 with PAA
- SUSE Linux Enterprise Server 15 SP2 running on Gigabyte R181-T90 with Cavium ThunderX2 CN9975 ARMv8 without PAA
- SUSE Linux Enterprise Server 15 SP2 running on IBM System Z/15 with IBM z15
Approved Algorithms
AES |
Certs. #A408, #A410, #A411, #A412, #A414, #A415, #A416 and #A417 |
CKG |
vendor affirmed |
CVL |
Cert. #A408 |
DRBG |
Cert. #A408 |
DSA |
Cert. #A408 |
ECDSA |
Cert. #A408 |
HMAC |
Certs. #A408, #A412 and #A417 |
KAS |
KAS-SSC Cert. #A766, CVL Cert. #A408 |
KTS |
AES Certs. #A408, #A411, #A412 and #A417; key establishment methodology provides 128 or 256 bits of encryption strength |
KTS |
AES Certs. #A408, #A411, #A412 and #A417 and HMAC Certs. #A408, #A412 and #A417; key establishment methodology provides 128 or 256 bits of encryption strength |
KTS |
Triple-DES Cert. #A408 and HMAC Certs. #A408, #A412 and #A417; key establishment methodology provides 112 bits of encryption strength |
PBKDF |
vendor affirmed |
RSA |
Cert. #A408 |
SHA-3 |
Certs. #A409 and #A413 |
SHS |
Certs. #A408, #A412 and #A417 |
Triple-DES |
Cert. #A408 |
Allowed Algorithms
MD5; NDRNG; RSA (key wrapping; key establishment methodology provides between 112 and 256 bits of encryption strength)