Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Cryptographic Module Validation Program CMVP

Certificate #4742

Details

Module Name
SUSE Linux Enterprise GnuTLS Cryptographic Module
Standard
FIPS 140-3
Status
Active
Sunset Date
7/25/2026
Overall Level
1
Caveat
Interim validation. When operated in approved mode. When installed, initialized and configured as specified in Section 11 of the Security Policy
Security Level Exceptions
  • Physical security: N/A
  • Non-invasive security: N/A
  • Mitigation of other attacks: N/A
  • Documentation requirements: N/A
  • Cryptographic module security policy: N/A
Module Type
Software
Embodiment
Multi-Chip Stand Alone
Description
GnuTLS is a secure communications library implementing the TLS protocol. It provides a simple C language application programming interface to access the secure communications protocols as well as APIs to parse and write X.509, PKCS#12, and other required structures which is shipped with SUSE Linux Enterprise.
Tested Configuration(s)
  • SUSE Linux Enterprise Server 15 SP4 on PowerVM (VIOS 3.1.4.00) running on IBM Power E1080 (9080-HEX) with Power10 with PAA
  • SUSE Linux Enterprise Server 15 SP4 on PowerVM (VIOS 3.1.4.00) running on IBM Power E1080 (9080-HEX) with Power10 without PAA
  • SUSE Linux Enterprise Server 15 SP4 running on GIGABYTE G242-P32-QZ with ARM Ampere(R) Altra(R) Q80-30 with PAA
  • SUSE Linux Enterprise Server 15 SP4 running on GIGABYTE G242-P32-QZ with ARM Ampere(R) Altra(R) Q80-30 without PAA
  • SUSE Linux Enterprise Server 15 SP4 running on GIGABYTE R181-Z90-00 with AMD EPYC(TM) 7371 with PAA
  • SUSE Linux Enterprise Server 15 SP4 running on GIGABYTE R181-Z90-00 with AMD EPYC(TM) 7371 without PAA
  • SUSE Linux Enterprise Server 15 SP4 running on IBM z/15 with z15 with PAI
  • SUSE Linux Enterprise Server 15 SP4 running on IBM z/15 with z15 without PAI
  • SUSE Linux Enterprise Server 15 SP4 running on Supermicro Super Server SYS-6019P-WTR with Intel(R) Xeon(R) Silver 4215R with PAA
  • SUSE Linux Enterprise Server 15 SP4 running on Supermicro Super Server SYS-6019P-WTR with Intel(R) Xeon(R) Silver 4215R without PAA
Approved Algorithms
AES-CBC
AES-CBC
AES-CBC
AES-CBC
AES-CBC
AES-CBC
AES-CBC
AES-CBC
AES-CBC
AES-CCM
AES-CCM
AES-CCM
AES-CCM
AES-CFB8
AES-CFB8
AES-CFB8
AES-CMAC
AES-CMAC
AES-CMAC
AES-CMAC
AES-CMAC
AES-GCM
AES-GCM
AES-GCM
AES-GCM
AES-GCM
AES-GCM
AES-GCM
AES-GCM
AES-GCM
AES-GMAC
AES-XTS Testing Revision 2.0
Counter DRBG
ECDSA KeyGen (FIPS186-4)
ECDSA KeyVer (FIPS186-4)
ECDSA SigGen (FIPS186-4)
ECDSA SigVer (FIPS186-4)
HMAC-SHA-1
HMAC-SHA-1
HMAC-SHA-1
HMAC-SHA-1
HMAC-SHA2-224
HMAC-SHA2-224
HMAC-SHA2-224
HMAC-SHA2-224
HMAC-SHA2-256
HMAC-SHA2-256
HMAC-SHA2-256
HMAC-SHA2-256
HMAC-SHA2-384
HMAC-SHA2-384
HMAC-SHA2-384
HMAC-SHA2-384
HMAC-SHA2-512
HMAC-SHA2-512
HMAC-SHA2-512
HMAC-SHA2-512
KAS-ECC-SSC Sp800-56Ar3
KAS-FFC-SSC Sp800-56Ar3
KDA HKDF Sp800-56Cr1
KDF TLS
PBKDF
RSA KeyGen (FIPS186-4)
RSA SigGen (FIPS186-4)
RSA SigVer (FIPS186-4)
Safe Primes Key Generation
SHA-1
SHA-1
SHA-1
SHA-1
SHA2-224
SHA2-224
SHA2-224
SHA2-224
SHA2-256
SHA2-256
SHA2-256
SHA2-256
SHA2-384
SHA2-384
SHA2-384
SHA2-384
SHA2-512
SHA2-512
SHA2-512
SHA2-512
SHA3-224
SHA3-224
SHA3-256
SHA3-256
SHA3-384
SHA3-384
SHA3-512
SHA3-512
TLS v1.2 KDF RFC7627
Software Versions
1.1

Vendor

SUSE, LLC
10 Canal Park, Suite 200
Cambridge, MA 02141
USA

Ivan Teblin
ivan.teblin@suse.com
Phone: 0-000-000-0000
Katia Rojas
sec-cert@suse.com

Validation History

Date Type Lab
7/26/2024 Initial ATSEC INFORMATION SECURITY CORP