Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Cryptographic Module Validation Program CMVP

Certificate #4428

Details

Module Name
Red Hat Enterprise Linux 8 GnuTLS Cryptographic Module
Standard
FIPS 140-2
Status
Active
Sunset Date
9/21/2026
Overall Level
1
Caveat
When operated in FIPS mode and installed, initialized and configured as specified in Section 9 and 10 of the Security Policy. The module generates cryptographic keys whose strengths are modified by available entropy.
Security Level Exceptions
  • Physical Security: N/A
Module Type
Software
Embodiment
Multi-Chip Stand Alone
Description
GnuTLS is a secure communications library implementing the TLS and DTLS protocols. It provides a simple C language application programming interface to access the secure communications protocols as well as APIs to parse and write X.509, PKCS#12, and other required structures which is shipped with Red Hat Enterprise Linux 8.
Tested Configuration(s)
  • Red Hat Enterprise Linux 8 running on an IBM System z15 with an IBM z15 with PAI
  • Red Hat Enterprise Linux 8 running on an IBM System z15 with an IBM z15 without PAI
  • Red Hat Enterprise Linux 8 running on Dell PowerEdge R440 with an Intel(R) Xeon(R) Silver 4216 with PAA
  • Red Hat Enterprise Linux 8 running on Dell PowerEdge R440 with an Intel(R) Xeon(R) Silver 4216 without PAA
  • Red Hat Enterprise Linux 8 with PowerVM FW1010.22 with VIOS 3.1.3.00 running on an IBM 9080-HEX with an IBM POWER10 (single-user mode)
  • Red Hat Enterprise Linux 8 with PowerVM FW950.00 with VIOS 3.1.2.00 running on an IBM 9009-42A with an IBM POWER9 with PAA
  • Red Hat Enterprise Linux 8 with PowerVM FW950.00 with VIOS 3.1.2.00 running on an IBM 9009-42A with an IBM POWER9 without PAA
Approved Algorithms
AES Certs. #A1804, #A1824, #A1825, #A1827, #A1828, #A1830, #A1831, #A1833, #A2891, #A3432 and #A3433
CKG vendor affirmed
CVL Cert. #A1830
DRBG Cert. #A1830
DSA Cert. #A1830
ECDSA Cert. #A1830
ENT NP
HMAC Certs. #A1825, #A1830 and #A3434
KAS KAS-SSC Cert. #A1830, CVL Cert. #A1830
KAS-SSC Cert. #A1830
KDA Cert. #A1829
KTS AES Certs. #A1824, #A1825, #A1830, #A2891, #A3432 and #A3433; key establishment methodology provides 128 or 256 bits of encryption strength
KTS AES Certs. #A1824, #A1825, #A1830, #A2891, #A3432 and #A3433 and HMAC Certs. #A1825, #A1830 and #A3434; key establishment methodology provides 128 or 256 bits of encryption strength
KTS Triple-DES Cert. #A1830 and HMAC Certs. #A1825, #A1830 and #A3434; key establishment methodology provides 112 bits of encryption strength
PBKDF Cert. #A1830
RSA Cert. #A1830
SHA-3 Certs. #A1826 and #A1832
SHS Certs. #A1825, #A1830 and #A3434
Triple-DES Cert. #A1830
Allowed Algorithms
MD5; RSA (key wrapping; key establishment methodology provides between 112 and 256 bits of encryption strength);
Software Versions
rhel8.20220830

Vendor

Red Hat®, Inc.
100 East Davie Street
Raleigh, NC 27601
USA

Jaroslav Reznik
fips140@redhat.com

Validation History

Date Type Lab
1/27/2023 Initial ATSEC INFORMATION SECURITY CORP
10/13/2023 Update ATSEC INFORMATION SECURITY CORP