Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Cryptographic Module Validation Program CMVP

Certificate #4728

Details

Module Name
SUSE Linux Enterprise NSS Cryptographic Module
Standard
FIPS 140-3
Status
Active
Sunset Date
7/16/2026
Overall Level
1
Caveat
Interim validation. When operated in approved mode and installed, initialized and configured as specified in Section 11 of the Security Policy
Security Level Exceptions
  • Physical security: N/A
  • Non-invasive security: N/A
  • Documentation requirements: N/A
  • Cryptographic module security policy: N/A
Module Type
Software
Embodiment
Multi-Chip Stand Alone
Description
SUSE Network Security Services (NSS) is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Applications built with NSS can support TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509v3 certificates, and other security standards.
Tested Configuration(s)
  • SUSE Linux Enterprise Server 15 SP4 running on GIGABYTE G242-P32-QZ with ARM Ampere(R) Altra(R) Q80-30 processor with PAA
  • SUSE Linux Enterprise Server 15 SP4 running on GIGABYTE G242-P32-QZ with ARM Ampere(R) Altra(R) Q80-30 processor without PAA
  • SUSE Linux Enterprise Server 15 SP4 running on GIGABYTE R181-Z90-00 with AMD EPYC(TM) 7371 processor with PAA
  • SUSE Linux Enterprise Server 15 SP4 running on GIGABYTE R181-Z90-00 with AMD EPYC(TM) 7371 processor without PAA
  • SUSE Linux Enterprise Server 15 SP4 running on IBM z/15 with z15 processor with PAI
  • SUSE Linux Enterprise Server 15 SP4 running on IBM z/15 with z15 processor without PAI
  • SUSE Linux Enterprise Server 15 SP4 running on PowerVM (VIOS 3.1.4.00) running on IBM Power E1080 (9080-HEX) with Power10 processor with PAA
  • SUSE Linux Enterprise Server 15 SP4 running on PowerVM (VIOS 3.1.4.00) running on IBM Power E1080 (9080-HEX) with Power10 processor without PAA
  • SUSE Linux Enterprise Server 15 SP4 running on Supermicro Super Server SYS-6019P-WTR with Intel(R) Xeon(R) Silver 4215R processor with PAA
  • SUSE Linux Enterprise Server 15 SP4 running on Supermicro Super Server SYS-6019P-WTR with Intel(R) Xeon(R) Silver 4215R processor without PAA
Approved Algorithms
AES-CBC
AES-CBC
AES-CBC
AES-CBC-CS1
AES-CMAC
AES-CTR
AES-CTR
AES-ECB
AES-ECB
AES-ECB
AES-ECB
AES-ECB
AES-ECB
AES-ECB
AES-GCM
AES-GCM
AES-GCM
AES-GCM
AES-GCM
AES-GCM
AES-GCM
AES-KW
AES-KWP
DSA SigVer (FIPS186-4)
DSA SigVer (FIPS186-4)
DSA SigVer (FIPS186-4)
ECDSA KeyGen (FIPS186-4)
ECDSA KeyGen (FIPS186-4)
ECDSA KeyGen (FIPS186-4)
ECDSA KeyVer (FIPS186-4)
ECDSA KeyVer (FIPS186-4)
ECDSA KeyVer (FIPS186-4)
ECDSA SigGen (FIPS186-4)
ECDSA SigGen (FIPS186-4)
ECDSA SigGen (FIPS186-4)
ECDSA SigVer (FIPS186-4)
ECDSA SigVer (FIPS186-4)
ECDSA SigVer (FIPS186-4)
Hash DRBG
Hash DRBG
Hash DRBG
Hash DRBG
Hash DRBG
Hash DRBG
Hash DRBG
Hash DRBG
HMAC-SHA-1
HMAC-SHA-1
HMAC-SHA2-224
HMAC-SHA2-224
HMAC-SHA2-224
HMAC-SHA2-256
HMAC-SHA2-256
HMAC-SHA2-256
HMAC-SHA2-384
HMAC-SHA2-512
KAS-ECC-SSC Sp800-56Ar3
KAS-ECC-SSC Sp800-56Ar3
KAS-ECC-SSC Sp800-56Ar3
KAS-FFC-SSC Sp800-56Ar3
KAS-FFC-SSC Sp800-56Ar3
KAS-FFC-SSC Sp800-56Ar3
KDA HKDF Sp800-56Cr1
KDF IKEv1
KDF IKEv2
KDF SP800-108
KDF TLS
KDF TLS
KDF TLS
PBKDF
PBKDF
PBKDF
RSA KeyGen (FIPS186-4)
RSA KeyGen (FIPS186-4)
RSA KeyGen (FIPS186-4)
RSA SigGen (FIPS186-4)
RSA SigGen (FIPS186-4)
RSA SigGen (FIPS186-4)
RSA SigVer (FIPS186-4)
RSA SigVer (FIPS186-4)
RSA SigVer (FIPS186-4)
Safe Primes Key Generation
Safe Primes Key Generation
Safe Primes Key Generation
SHA-1
SHA-1
SHA2-224
SHA2-224
SHA2-224
SHA2-256
SHA2-256
SHA2-256
SHA2-384
SHA2-512
TLS v1.2 KDF RFC7627
TLS v1.2 KDF RFC7627
TLS v1.2 KDF RFC7627
Software Versions
3.1

Vendor

SUSE LLC
10 Canal Park, Suite 200
Cambridge, MA 02141
USA

Ivan Teblin
ivan.teblin@suse.com
Phone: 0-000-000-0000
Katia Rojas
sec-cert@suse.com

Validation History

Date Type Lab
7/17/2024 Initial ATSEC INFORMATION SECURITY CORP