Module Name
Red Hat Enterprise Linux 8 GnuTLS Cryptographic Module
Caveat
When operated in FIPS mode and installed, initialized and configured as specified in Section 9 and 10 of the Security Policy. The module generates cryptographic keys whose strengths are modified by available entropy.
Security Level Exceptions
Embodiment
Multi-Chip Stand Alone
Description
GnuTLS is a secure communications library implementing the TLS and DTLS protocols. It provides a simple C language application programming interface to access the secure communications protocols as well as APIs to parse and write X.509, PKCS#12, and other required structures which is shipped with Red Hat Enterprise Linux 8.
Tested Configuration(s)
- Red Hat Enterprise Linux 8 running on an IBM System z15 with an IBM z15 with PAI
- Red Hat Enterprise Linux 8 running on an IBM System z15 with an IBM z15 without PAI
- Red Hat Enterprise Linux 8 running on Dell PowerEdge R440 with an Intel(R) Xeon(R) Silver 4216 with PAA
- Red Hat Enterprise Linux 8 running on Dell PowerEdge R440 with an Intel(R) Xeon(R) Silver 4216 without PAA
- Red Hat Enterprise Linux 8 with PowerVM FW1010.22 with VIOS 3.1.3.00 running on an IBM 9080-HEX with an IBM POWER10 (single-user mode)
- Red Hat Enterprise Linux 8 with PowerVM FW950.00 with VIOS 3.1.2.00 running on an IBM 9009-42A with an IBM POWER9 with PAA
- Red Hat Enterprise Linux 8 with PowerVM FW950.00 with VIOS 3.1.2.00 running on an IBM 9009-42A with an IBM POWER9 without PAA
Approved Algorithms
AES |
Certs. #A1804, #A1824, #A1825, #A1827, #A1828, #A1830, #A1831, #A1833, #A2891, #A3432 and #A3433 |
CKG |
vendor affirmed |
CVL |
Cert. #A1830 |
DRBG |
Cert. #A1830 |
DSA |
Cert. #A1830 |
ECDSA |
Cert. #A1830 |
ENT |
NP |
HMAC |
Certs. #A1825, #A1830 and #A3434 |
KAS |
KAS-SSC Cert. #A1830, CVL Cert. #A1830 |
KAS-SSC |
Cert. #A1830 |
KDA |
Cert. #A1829 |
KTS |
AES Certs. #A1824, #A1825, #A1830, #A2891, #A3432 and #A3433; key establishment methodology provides 128 or 256 bits of encryption strength |
KTS |
AES Certs. #A1824, #A1825, #A1830, #A2891, #A3432 and #A3433 and HMAC Certs. #A1825, #A1830 and #A3434; key establishment methodology provides 128 or 256 bits of encryption strength |
KTS |
Triple-DES Cert. #A1830 and HMAC Certs. #A1825, #A1830 and #A3434; key establishment methodology provides 112 bits of encryption strength |
PBKDF |
Cert. #A1830 |
RSA |
Cert. #A1830 |
SHA-3 |
Certs. #A1826 and #A1832 |
SHS |
Certs. #A1825, #A1830 and #A3434 |
Triple-DES |
Cert. #A1830 |
Allowed Algorithms
MD5; RSA (key wrapping; key establishment methodology provides between 112 and 256 bits of encryption strength);
Software Versions
rhel8.20240328