Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Cryptographic Module Validation Program CMVP

Certificate #4774

Details

Module Name
Red Hat Enterprise Linux 9 NSS Cryptographic Module
Standard
FIPS 140-3
Status
Active
Sunset Date
8/20/2026
Overall Level
1
Caveat
Interim validation. When operated in approved mode and installed, initialized and configured as specified in section 11 of the Security Policy. The module generates SSPs (e.g., keys) whose strengths are modified by available entropy.
Security Level Exceptions
  • Physical security: N/A
  • Non-invasive security: N/A
  • Documentation requirements: N/A
  • Cryptographic module security policy: N/A
Module Type
Software
Embodiment
Multi-Chip Stand Alone
Description
Network Security Services (NSS) is a set of open source C libraries designed to support cross-platform development of security-enabled applications. NSS implements major Internet security standards. NSS is available free of charge under a variety of open source compatible licenses. See http://www.mozilla.org/projects/security/pki/nss/.
Tested Configuration(s)
  • Red Hat Enterprise Linux 9 on IBM 9080 HEX with IBM POWER10 with PAA
  • Red Hat Enterprise Linux 9 on IBM 9080 HEX with IBM POWER10 without PAA
  • Red Hat Enterprise Linux 9 on IBM z16 3931-A01 with IBM z16 with PAI
  • Red Hat Enterprise Linux 9 on IBM z16 3931-A01 with IBM z16 without PAI
  • Red Hat Enterprise Linux 9 running on Dell PowerEdge R440 with Intel(R) Xeon(R) Silver 4216 with PAA
  • Red Hat Enterprise Linux 9 running on Dell PowerEdge R440 with Intel(R) Xeon(R) Silver 4216 without PAA
Approved Algorithms
AES-CBC
AES-CBC
AES-CBC-CS1
AES-CMAC
AES-CTR
AES-CTR
AES-ECB
AES-ECB
AES-GCM
AES-GCM
AES-GCM
AES-GCM
AES-GCM
AES-GCM
AES-KW
AES-KW
AES-KWP
AES-KWP
DSA SigVer (FIPS186-4)
ECDSA KeyGen (FIPS186-4)
ECDSA SigGen (FIPS186-4)
ECDSA SigVer (FIPS186-4)
Hash DRBG
HMAC-SHA2-224
HMAC-SHA2-256
HMAC-SHA2-384
HMAC-SHA2-512
KAS-ECC-SSC Sp800-56Ar3
KAS-FFC-SSC Sp800-56Ar3
KDA HKDF Sp800-56Cr1
KDF IKEv2
KDF SP800-108
KDF TLS
PBKDF
RSA KeyGen (FIPS186-4)
RSA SigGen (FIPS186-4)
RSA SigVer (FIPS186-2)
RSA SigVer (FIPS186-4)
Safe Primes Key Generation
SHA2-224
SHA2-256
SHA2-384
SHA2-512
TLS v1.2 KDF RFC7627
Software Versions
4.34.0-a20cd33fbbe14357

Vendor

Red Hat(R), Inc.
100 East Davie Street
Raleigh, NC 27601
USA

Jaroslav Reznik
fips140@redhat.com
Phone: 000-000-0000

Validation History

Date Type Lab
8/21/2024 Initial ATSEC INFORMATION SECURITY CORP