Cryptographic Module Validation Program

Cryptographic Module Validation Program CMVP

Module Name

Amazon Linux 2 GnuTLS Cryptographic Module

Standard

FIPS 140-2

Status

Active

Sunset Date

4/19/2025

Overall Level

Caveat

When operated in FIPS mode. When installed, initialized and configured as specified in Section 10.1 of the Security Policy.

Security Level Exceptions

Module Type

Software

Embodiment

Multi-Chip Stand Alone

Description

The Amazon Linux 2 GnuTLS Cryptographic Module implements general purpose cryptographic algorithms and network protocols.

Tested Configuration(s)

Amazon Linux 2 running on Amazon EC2 i3.metal with Intel Xeon E5 with PAA
Amazon Linux 2 running on Amazon EC2 i3.metal with Intel Xeon E5 without PAA (single-user mode)

Approved Algorithms

AES	Certs. #C789, #C790, #C791 and #C792
CVL	Cert. #C792
DRBG	Cert. #C792
DSA	Cert. #C792
ECDSA	Cert. #C792
HMAC	Cert. #C792
KTS	AES Certs. #C790, #C791 and #C792; key establishment methodology provides 128 or 256 bits of encryption strength
KTS	AES Certs. #C790, #C791 and #C792 and HMAC Cert. #C792; key establishment methodology provides between 128 and 256 bits of encryption strength
KTS	Triple-DES Cert. #C792 and HMAC Cert. #C792; key establishment methodology provides 112 bits of encryption strength
RSA	Cert. #C792
SHS	Certs. #C790 and #C792
Triple-DES	Cert. #C792

Allowed Algorithms

MD5; NDRNG; RSA (key wrapping; key establishment methodology provides between 112 and 256 bits of encryption strength)

Software Versions

1.0

Amazon Web Services, Inc.
1918 8th Ave.
Seattle, WA 98121
USA

Samartha Chandrashekar
amazon-linux-fips-external@amazon.com
Raghuram Kota
amazon-linux-fips-external@amazon.com

Date	Type	Lab
4/14/2023	Initial	ATSEC INFORMATION SECURITY CORP

Cryptographic Module Validation Program CMVP