Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Cryptographic Module Validation Program CMVP

Certificate #4746

Details

Module Name
Red Hat Enterprise Linux 9 OpenSSL FIPS Provider
Standard
FIPS 140-3
Status
Active
Sunset Date
7/30/2026
Overall Level
1
Caveat
Interim validation. When operated in approved mode. When installed, initialized and configured as specified in Section 11 of the Security Policy. The module generates SSPs (e.g., keys) whose strengths are modified by available entropy.
Security Level Exceptions
  • Physical security: N/A
  • Non-invasive security: N/A
  • Documentation requirements: N/A
  • Cryptographic module security policy: N/A
Module Type
Software
Embodiment
Multi-Chip Stand Alone
Description
The Red Hat Enterprise Linux 9 OpenSSL FIPS Provider provides a C language application program interface (API) for use by other applications that require cryptographic functionality.
Tested Configuration(s)
  • Red Hat Enterprise Linux 9 on IBM 9080 HEX with IBM POWER10 with PAA
  • Red Hat Enterprise Linux 9 on IBM 9080 HEX with IBM POWER10 without PAA
  • Red Hat Enterprise Linux 9 on IBM z16 3931-A01 with IBM z16 with PAI
  • Red Hat Enterprise Linux 9 on IBM z16 3931-A01 with IBM z16 without PAI
  • Red Hat Enterprise Linux 9 running on Dell PowerEdge R440 with Intel(R) Xeon(R) Silver 4216 with PAA
  • Red Hat Enterprise Linux 9 running on Dell PowerEdge R440 with Intel(R) Xeon(R) Silver 4216 without PAA
Approved Algorithms
AES-CBC
AES-CBC
AES-CBC
AES-CBC
AES-CBC
AES-CBC
AES-CBC-CS1
AES-CBC-CS1
AES-CBC-CS1
AES-CBC-CS1
AES-CBC-CS1
AES-CBC-CS1
AES-CBC-CS2
AES-CBC-CS2
AES-CBC-CS2
AES-CBC-CS2
AES-CBC-CS2
AES-CBC-CS2
AES-CBC-CS3
AES-CBC-CS3
AES-CBC-CS3
AES-CBC-CS3
AES-CBC-CS3
AES-CBC-CS3
AES-CCM
AES-CCM
AES-CCM
AES-CCM
AES-CCM
AES-CCM
AES-CFB1
AES-CFB1
AES-CFB1
AES-CFB1
AES-CFB1
AES-CFB1
AES-CFB128
AES-CFB128
AES-CFB128
AES-CFB128
AES-CFB128
AES-CFB128
AES-CFB8
AES-CFB8
AES-CFB8
AES-CFB8
AES-CFB8
AES-CFB8
AES-CMAC
AES-CMAC
AES-CMAC
AES-CMAC
AES-CMAC
AES-CMAC
AES-CTR
AES-CTR
AES-CTR
AES-CTR
AES-CTR
AES-CTR
AES-ECB
AES-ECB
AES-ECB
AES-ECB
AES-ECB
AES-ECB
AES-ECB
AES-ECB
AES-ECB
AES-ECB
AES-ECB
AES-ECB
AES-GCM
AES-GCM
AES-GCM
AES-GCM
AES-GCM
AES-GCM
AES-GCM
AES-GCM
AES-GCM
AES-GCM
AES-GCM
AES-GCM
AES-GCM
AES-GCM
AES-GMAC
AES-GMAC
AES-GMAC
AES-GMAC
AES-GMAC
AES-GMAC
AES-GMAC
AES-GMAC
AES-GMAC
AES-GMAC
AES-GMAC
AES-GMAC
AES-GMAC
AES-GMAC
AES-KW
AES-KW
AES-KW
AES-KW
AES-KW
AES-KW
AES-KWP
AES-KWP
AES-KWP
AES-KWP
AES-KWP
AES-KWP
AES-OFB
AES-OFB
AES-OFB
AES-OFB
AES-OFB
AES-OFB
AES-XTS Testing Revision 2.0
AES-XTS Testing Revision 2.0
AES-XTS Testing Revision 2.0
AES-XTS Testing Revision 2.0
AES-XTS Testing Revision 2.0
AES-XTS Testing Revision 2.0
Counter DRBG
ECDSA KeyGen (FIPS186-4)
ECDSA KeyGen (FIPS186-4)
ECDSA KeyGen (FIPS186-4)
ECDSA KeyGen (FIPS186-4)
ECDSA KeyGen (FIPS186-4)
ECDSA KeyGen (FIPS186-4)
ECDSA KeyVer (FIPS186-4)
ECDSA KeyVer (FIPS186-4)
ECDSA KeyVer (FIPS186-4)
ECDSA KeyVer (FIPS186-4)
ECDSA KeyVer (FIPS186-4)
ECDSA KeyVer (FIPS186-4)
ECDSA SigGen (FIPS186-4)
ECDSA SigGen (FIPS186-4)
ECDSA SigGen (FIPS186-4)
ECDSA SigGen (FIPS186-4)
ECDSA SigGen (FIPS186-4)
ECDSA SigGen (FIPS186-4)
ECDSA SigGen (FIPS186-4)
ECDSA SigGen (FIPS186-4)
ECDSA SigVer (FIPS186-4)
ECDSA SigVer (FIPS186-4)
ECDSA SigVer (FIPS186-4)
ECDSA SigVer (FIPS186-4)
ECDSA SigVer (FIPS186-4)
ECDSA SigVer (FIPS186-4)
ECDSA SigVer (FIPS186-4)
ECDSA SigVer (FIPS186-4)
Hash DRBG
HMAC DRBG
HMAC-SHA-1
HMAC-SHA-1
HMAC-SHA-1
HMAC-SHA-1
HMAC-SHA-1
HMAC-SHA-1
HMAC-SHA2-224
HMAC-SHA2-224
HMAC-SHA2-224
HMAC-SHA2-224
HMAC-SHA2-224
HMAC-SHA2-224
HMAC-SHA2-256
HMAC-SHA2-256
HMAC-SHA2-256
HMAC-SHA2-256
HMAC-SHA2-256
HMAC-SHA2-256
HMAC-SHA2-384
HMAC-SHA2-512
HMAC-SHA2-512
HMAC-SHA2-512
HMAC-SHA2-512
HMAC-SHA2-512
HMAC-SHA2-512
HMAC-SHA2-512/224
HMAC-SHA2-512/224
HMAC-SHA2-512/224
HMAC-SHA2-512/224
HMAC-SHA2-512/224
HMAC-SHA2-512/224
HMAC-SHA2-512/256
HMAC-SHA2-512/256
HMAC-SHA2-512/256
HMAC-SHA2-512/256
HMAC-SHA2-512/256
HMAC-SHA2-512/256
HMAC-SHA3-224
HMAC-SHA3-224
HMAC-SHA3-256
HMAC-SHA3-256
HMAC-SHA3-384
HMAC-SHA3-384
HMAC-SHA3-512
HMAC-SHA3-512
KAS-ECC-SSC Sp800-56Ar3
KAS-ECC-SSC Sp800-56Ar3
KAS-ECC-SSC Sp800-56Ar3
KAS-ECC-SSC Sp800-56Ar3
KAS-ECC-SSC Sp800-56Ar3
KAS-ECC-SSC Sp800-56Ar3
KAS-FFC-SSC Sp800-56Ar3
KDA HKDF Sp800-56Cr1
KDA OneStep SP800-56Cr2
KDF ANS 9.42
KDF ANS 9.42
KDF ANS 9.42
KDF ANS 9.42
KDF ANS 9.42
KDF ANS 9.42
KDF ANS 9.42
KDF ANS 9.42
KDF ANS 9.63
KDF ANS 9.63
KDF ANS 9.63
KDF ANS 9.63
KDF ANS 9.63
KDF ANS 9.63
KDF ANS 9.63
KDF ANS 9.63
KDF SP800-108
KDF SSH
KDF SSH
KDF SSH
KDF SSH
KDF SSH
KDF SSH
PBKDF
PBKDF
PBKDF
PBKDF
PBKDF
PBKDF
PBKDF
PBKDF
RSA KeyGen (FIPS186-4)
RSA KeyGen (FIPS186-4)
RSA KeyGen (FIPS186-4)
RSA KeyGen (FIPS186-4)
RSA KeyGen (FIPS186-4)
RSA KeyGen (FIPS186-4)
RSA SigGen (FIPS186-4)
RSA SigGen (FIPS186-4)
RSA SigGen (FIPS186-4)
RSA SigGen (FIPS186-4)
RSA SigGen (FIPS186-4)
RSA SigGen (FIPS186-4)
RSA SigVer (FIPS186-4)
RSA SigVer (FIPS186-4)
RSA SigVer (FIPS186-4)
RSA SigVer (FIPS186-4)
RSA SigVer (FIPS186-4)
RSA SigVer (FIPS186-4)
Safe Primes Key Generation
Safe Primes Key Verification
SHA-1
SHA-1
SHA-1
SHA-1
SHA-1
SHA-1
SHA2-224
SHA2-224
SHA2-224
SHA2-224
SHA2-224
SHA2-224
SHA2-256
SHA2-256
SHA2-256
SHA2-256
SHA2-256
SHA2-256
SHA2-384
SHA2-384
SHA2-384
SHA2-384
SHA2-384
SHA2-384
SHA2-512
SHA2-512
SHA2-512
SHA2-512
SHA2-512
SHA2-512
SHA2-512/224
SHA2-512/224
SHA2-512/224
SHA2-512/224
SHA2-512/224
SHA2-512/224
SHA2-512/256
SHA2-512/256
SHA2-512/256
SHA2-512/256
SHA2-512/256
SHA2-512/256
SHA3-224
SHA3-224
SHA3-256
SHA3-256
SHA3-384
SHA3-384
SHA3-512
SHA3-512
SHAKE-128
SHAKE-128
SHAKE-256
SHAKE-256
TLS v1.2 KDF RFC7627
TLS v1.2 KDF RFC7627
TLS v1.2 KDF RFC7627
TLS v1.2 KDF RFC7627
TLS v1.2 KDF RFC7627
TLS v1.2 KDF RFC7627
TLS v1.3 KDF
Software Versions
3.0.1-3f45e68ee408cd9c

Vendor

Red Hat®, Inc.
100 East Davie Street
Raleigh, NC 27601
USA

Jaroslav Reznik
fips140@redhat.com
Phone: 000-000-0000

Validation History

Date Type Lab
7/31/2024 Initial ATSEC INFORMATION SECURITY CORP