Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Cryptographic Module Validation Program CMVP

Certificate #4739

Details

Module Name
Oracle Linux 8 Unbreakable Enterprise Kernel (UEK7) Cryptographic Module and Oracle Linux 9 Unbreakable Enterprise Kernel (UEK7) Cryptographic Module
Standard
FIPS 140-3
Status
Active
Sunset Date
7/24/2026
Overall Level
1
Caveat
Interim validation. When operated in Approved mode. When installed, initialized and configured as specified in section 11 of the Security Policy.
Security Level Exceptions
  • Physical security: N/A
  • Non-invasive security: N/A
  • Mitigation of other attacks: N/A
  • Documentation requirements: N/A
  • Cryptographic module security policy: N/A
Module Type
Software
Embodiment
Multi-Chip Stand Alone
Description
Oracle Linux 8 Unbreakable Enterprise Kernel (UEK7) Cryptographic Module and Oracle Linux 9 Unbreakable Enterprise Kernel (UEK7) API provides a C language API for use by other (kernel space and user space) processes that require cryptographic functionality
Tested Configuration(s)
  • Oracle Linux 8 running on KVM on Oracle Linux 8 running on ORACLE SERVER A1-2c with Ampere(R) Altra(R) Q80-30 with PAA
  • Oracle Linux 8 running on KVM on Oracle Linux 8 running on ORACLE SERVER A1-2c with Ampere(R) Altra(R) Q80-30 without PAA
  • Oracle Linux 8 running on KVM on Oracle Linux 8 running on ORACLE SERVER E4-2c with AMD EPYC 7J13 with PAA
  • Oracle Linux 8 running on KVM on Oracle Linux 8 running on ORACLE SERVER E4-2c with AMD EPYC 7J13 without PAA
  • Oracle Linux 8 running on KVM on Oracle Linux 8 running on ORACLE SERVER X9-2c with Intel(R) Xeon(R) Platinum 8358 with PAA
  • Oracle Linux 8 running on KVM on Oracle Linux 8 running on ORACLE SERVER X9-2c with Intel(R) Xeon(R) Platinum 8358 without PAA
  • Oracle Linux 9 running on KVM on Oracle Linux 8 running on ORACLE SERVER A1-2c with Ampere(R) Altra(R) Q80-30 with PAA
  • Oracle Linux 9 running on KVM on Oracle Linux 8 running on ORACLE SERVER A1-2c with Ampere(R) Altra(R) Q80-30 without PAA
  • Oracle Linux 9 running on KVM on Oracle Linux 8 running on ORACLE SERVER E4-2c with AMD EPYC 7J13 with PAA
  • Oracle Linux 9 running on KVM on Oracle Linux 8 running on ORACLE SERVER E4-2c with AMD EPYC 7J13 without PAA
  • Oracle Linux 9 running on KVM on Oracle Linux 8 running on ORACLE SERVER X9-2c with Intel(R) Xeon(R) Platinum 8358 with PAA
  • Oracle Linux 9 running on KVM on Oracle Linux 8 running on ORACLE SERVER X9-2c with Intel(R) Xeon(R) Platinum 8358 without PAA
Approved Algorithms
AES-CBC
AES-CBC
AES-CBC
AES-CBC
AES-CBC
AES-CBC
AES-CBC
AES-CBC
AES-CBC
AES-CBC
AES-CBC
AES-CBC
AES-CBC
AES-CBC
AES-CBC-CS3
AES-CBC-CS3
AES-CBC-CS3
AES-CBC-CS3
AES-CBC-CS3
AES-CBC-CS3
AES-CBC-CS3
AES-CBC-CS3
AES-CBC-CS3
AES-CBC-CS3
AES-CCM
AES-CCM
AES-CCM
AES-CCM
AES-CCM
AES-CCM
AES-CCM
AES-CCM
AES-CCM
AES-CCM
AES-CFB128
AES-CFB128
AES-CFB128
AES-CFB128
AES-CFB128
AES-CFB128
AES-CFB128
AES-CFB128
AES-CMAC
AES-CMAC
AES-CMAC
AES-CMAC
AES-CMAC
AES-CMAC
AES-CMAC
AES-CMAC
AES-CMAC
AES-CMAC
AES-CTR
AES-CTR
AES-CTR
AES-CTR
AES-CTR
AES-CTR
AES-CTR
AES-CTR
AES-CTR
AES-CTR
AES-CTR
AES-CTR
AES-CTR
AES-CTR
AES-ECB
AES-ECB
AES-ECB
AES-ECB
AES-ECB
AES-ECB
AES-ECB
AES-ECB
AES-ECB
AES-ECB
AES-ECB
AES-ECB
AES-ECB
AES-ECB
AES-ECB
AES-ECB
AES-ECB
AES-ECB
AES-ECB
AES-ECB
AES-ECB
AES-ECB
AES-ECB
AES-ECB
AES-ECB
AES-ECB
AES-ECB
AES-ECB
AES-ECB
AES-ECB
AES-ECB
AES-ECB
AES-ECB
AES-ECB
AES-ECB
AES-ECB
AES-ECB
AES-ECB
AES-GCM
AES-GCM
AES-GCM
AES-GCM
AES-GCM
AES-GCM
AES-GCM
AES-GCM
AES-GCM
AES-GCM
AES-GCM
AES-GCM
AES-GCM
AES-GCM
AES-GCM
AES-GCM
AES-GCM
AES-GCM
AES-GCM
AES-GCM
AES-GCM
AES-GCM
AES-GCM
AES-GCM
AES-GCM
AES-GCM
AES-GCM
AES-GCM
AES-GCM
AES-GCM
AES-GMAC
AES-GMAC
AES-GMAC
AES-GMAC
AES-GMAC
AES-GMAC
AES-GMAC
AES-GMAC
AES-OFB
AES-OFB
AES-OFB
AES-OFB
AES-OFB
AES-OFB
AES-OFB
AES-OFB
AES-XTS Testing Revision 2.0
AES-XTS Testing Revision 2.0
AES-XTS Testing Revision 2.0
AES-XTS Testing Revision 2.0
AES-XTS Testing Revision 2.0
AES-XTS Testing Revision 2.0
AES-XTS Testing Revision 2.0
AES-XTS Testing Revision 2.0
AES-XTS Testing Revision 2.0
AES-XTS Testing Revision 2.0
AES-XTS Testing Revision 2.0
AES-XTS Testing Revision 2.0
AES-XTS Testing Revision 2.0
AES-XTS Testing Revision 2.0
Counter DRBG
Counter DRBG
Counter DRBG
Counter DRBG
Counter DRBG
Counter DRBG
Counter DRBG
Counter DRBG
Counter DRBG
Counter DRBG
Counter DRBG
Counter DRBG
Counter DRBG
Counter DRBG
Counter DRBG
Counter DRBG
Counter DRBG
Counter DRBG
Counter DRBG
Counter DRBG
Counter DRBG
Counter DRBG
Counter DRBG
Counter DRBG
Counter DRBG
Counter DRBG
Counter DRBG
Counter DRBG
Counter DRBG
Counter DRBG
Counter DRBG
Counter DRBG
Counter DRBG
Counter DRBG
ECDSA KeyGen (FIPS186-4)
ECDSA KeyGen (FIPS186-4)
Hash DRBG
Hash DRBG
Hash DRBG
Hash DRBG
Hash DRBG
Hash DRBG
Hash DRBG
Hash DRBG
Hash DRBG
Hash DRBG
Hash DRBG
Hash DRBG
Hash DRBG
Hash DRBG
Hash DRBG
Hash DRBG
Hash DRBG
Hash DRBG
Hash DRBG
Hash DRBG
Hash DRBG
Hash DRBG
Hash DRBG
Hash DRBG
Hash DRBG
Hash DRBG
Hash DRBG
Hash DRBG
Hash DRBG
Hash DRBG
Hash DRBG
Hash DRBG
Hash DRBG
Hash DRBG
Hash DRBG
Hash DRBG
Hash DRBG
Hash DRBG
HMAC DRBG
HMAC DRBG
HMAC DRBG
HMAC DRBG
HMAC DRBG
HMAC DRBG
HMAC DRBG
HMAC DRBG
HMAC DRBG
HMAC DRBG
HMAC DRBG
HMAC DRBG
HMAC DRBG
HMAC DRBG
HMAC DRBG
HMAC DRBG
HMAC DRBG
HMAC DRBG
HMAC DRBG
HMAC DRBG
HMAC DRBG
HMAC DRBG
HMAC DRBG
HMAC DRBG
HMAC DRBG
HMAC DRBG
HMAC DRBG
HMAC DRBG
HMAC DRBG
HMAC DRBG
HMAC DRBG
HMAC DRBG
HMAC DRBG
HMAC DRBG
HMAC DRBG
HMAC DRBG
HMAC DRBG
HMAC DRBG
HMAC-SHA-1
HMAC-SHA-1
HMAC-SHA-1
HMAC-SHA-1
HMAC-SHA-1
HMAC-SHA-1
HMAC-SHA-1
HMAC-SHA-1
HMAC-SHA-1
HMAC-SHA-1
HMAC-SHA-1
HMAC-SHA-1
HMAC-SHA-1
HMAC-SHA-1
HMAC-SHA-1
HMAC-SHA-1
HMAC-SHA2-224
HMAC-SHA2-224
HMAC-SHA2-224
HMAC-SHA2-224
HMAC-SHA2-224
HMAC-SHA2-224
HMAC-SHA2-224
HMAC-SHA2-224
HMAC-SHA2-224
HMAC-SHA2-224
HMAC-SHA2-224
HMAC-SHA2-224
HMAC-SHA2-224
HMAC-SHA2-224
HMAC-SHA2-224
HMAC-SHA2-224
HMAC-SHA2-224
HMAC-SHA2-224
HMAC-SHA2-224
HMAC-SHA2-224
HMAC-SHA2-256
HMAC-SHA2-256
HMAC-SHA2-256
HMAC-SHA2-256
HMAC-SHA2-256
HMAC-SHA2-256
HMAC-SHA2-256
HMAC-SHA2-256
HMAC-SHA2-256
HMAC-SHA2-256
HMAC-SHA2-256
HMAC-SHA2-256
HMAC-SHA2-256
HMAC-SHA2-256
HMAC-SHA2-256
HMAC-SHA2-256
HMAC-SHA2-256
HMAC-SHA2-256
HMAC-SHA2-256
HMAC-SHA2-256
HMAC-SHA2-384
HMAC-SHA2-384
HMAC-SHA2-384
HMAC-SHA2-384
HMAC-SHA2-384
HMAC-SHA2-384
HMAC-SHA2-384
HMAC-SHA2-384
HMAC-SHA2-384
HMAC-SHA2-384
HMAC-SHA2-384
HMAC-SHA2-384
HMAC-SHA2-384
HMAC-SHA2-384
HMAC-SHA2-384
HMAC-SHA2-384
HMAC-SHA2-512
HMAC-SHA2-512
HMAC-SHA2-512
HMAC-SHA2-512
HMAC-SHA2-512
HMAC-SHA2-512
HMAC-SHA2-512
HMAC-SHA2-512
HMAC-SHA2-512
HMAC-SHA2-512
HMAC-SHA2-512
HMAC-SHA2-512
HMAC-SHA2-512
HMAC-SHA2-512
HMAC-SHA2-512
HMAC-SHA2-512
HMAC-SHA3-224
HMAC-SHA3-224
HMAC-SHA3-256
HMAC-SHA3-256
HMAC-SHA3-384
HMAC-SHA3-384
HMAC-SHA3-512
HMAC-SHA3-512
KAS-ECC-SSC Sp800-56Ar3
KAS-ECC-SSC Sp800-56Ar3
KAS-FFC-SSC Sp800-56Ar3
KAS-FFC-SSC Sp800-56Ar3
RSA SigVer (FIPS186-4)
RSA SigVer (FIPS186-4)
RSA SigVer (FIPS186-4)
RSA SigVer (FIPS186-4)
RSA SigVer (FIPS186-4)
RSA SigVer (FIPS186-4)
RSA SigVer (FIPS186-4)
RSA SigVer (FIPS186-4)
Safe Primes Key Generation
Safe Primes Key Generation
SHA-1
SHA-1
SHA-1
SHA-1
SHA-1
SHA-1
SHA-1
SHA-1
SHA-1
SHA-1
SHA-1
SHA-1
SHA-1
SHA-1
SHA-1
SHA-1
SHA2-224
SHA2-224
SHA2-224
SHA2-224
SHA2-224
SHA2-224
SHA2-224
SHA2-224
SHA2-224
SHA2-224
SHA2-224
SHA2-224
SHA2-224
SHA2-224
SHA2-224
SHA2-224
SHA2-224
SHA2-224
SHA2-224
SHA2-224
SHA2-256
SHA2-256
SHA2-256
SHA2-256
SHA2-256
SHA2-256
SHA2-256
SHA2-256
SHA2-256
SHA2-256
SHA2-256
SHA2-256
SHA2-256
SHA2-256
SHA2-256
SHA2-256
SHA2-256
SHA2-256
SHA2-256
SHA2-256
SHA2-384
SHA2-384
SHA2-384
SHA2-384
SHA2-384
SHA2-384
SHA2-384
SHA2-384
SHA2-384
SHA2-384
SHA2-384
SHA2-384
SHA2-384
SHA2-384
SHA2-384
SHA2-384
SHA2-512
SHA2-512
SHA2-512
SHA2-512
SHA2-512
SHA2-512
SHA2-512
SHA2-512
SHA2-512
SHA2-512
SHA2-512
SHA2-512
SHA2-512
SHA2-512
SHA2-512
SHA2-512
SHA3-224
SHA3-224
SHA3-256
SHA3-256
SHA3-384
SHA3-384
SHA3-512
SHA3-512
Software Versions
kernel 5.15.0-101.103.2.1.el8uek and 5.15.0-101.103.2.1.el9uek; libkcapi 1.2.0-2.0.1.el8 and libkcapi-1.3.1-3.0.1.el9

Vendor

Oracle Corporation
2300 Oracle Way
Austin, TX 78741
USA

Security Evaluation team
seceval_us@oracle.com
Phone: 000-000-0000

Validation History

Date Type Lab
7/25/2024 Initial ATSEC INFORMATION SECURITY CORP