U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.

Https

We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

Cryptographic Module Validation Program CMVP

Certificate #3956

Details

Module Name
Red Hat Enterprise Linux 8 GnuTLS Cryptographic Module
Standard
FIPS 140-2
Status
Historical
 Historical Reason
SP 800-56Arev3 transition - replaced by certificate #4272
Overall Level
1
Caveat
When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy.
Security Level Exceptions
  • Physical Security: N/A
Module Type
Software
Embodiment
Multi-Chip Stand Alone
Description
GnuTLS is a secure communications library implementing the TLS and DTLS protocols. It provides a simple C language application programming interface to access the secure communications protocols as well as APIs to parse and write X.509, PKCS#12, and other required structures which is shipped with Red Hat Enterprise Linux 8.
Tested Configuration(s)
  • Red Hat Enterprise Linux 8 running on Dell PowerEdge R430 with an Intel(R) Xeon(R) E5 with PAA
  • Red Hat Enterprise Linux 8 running on Dell PowerEdge R430 with an Intel(R) Xeon(R) E5 without PAA (single-user mode)
FIPS Algorithms
AES Certs. #A571, #A574, #A575, #A576, #A578, #A579 and #A652
CKG vendor affirmed
CVL Cert. #A574
DRBG Cert. #A574
DSA Cert. #A574
ECDSA Cert. #A574
HMAC Certs. #A574 and #A578
KTS AES Certs. #A574, #A578 and #A579; key establishment methodology provides 128 or 256 bits of encryption strength
KTS AES Certs. #A574, #A578 and #A579 and HMAC Certs. #A574 and #A578; key establishment methodology provides 128 or 256 bits of encryption strength
KTS Triple-DES Cert. #A574 and HMAC Certs. #A574 and #A578; key establishment methodology provides 112 bits of encryption strength
PBKDF vendor affirmed
RSA Cert. #A574
SHA-3 Certs. #A572 and #A577
SHS Certs. #A574 and #A578
Triple-DES Cert. #A574
Allowed Algorithms
Diffie-Hellman (Cert. #A574, key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength); EC Diffie-Hellman (Cert. #A574, key agreement; key establishment methodology provides between 128 and 256 bits of encryption strength); MD5; NDRNG; RSA (key wrapping; key establishment methodology provides between 112 and 256 bits of encryption strength);
Software Versions
rhel8.20191106

Vendor

Red Hat®, Inc.
100 East Davie Street
Raleigh, NC 27601
USA

Jaroslav Reznik
fips140@redhat.com

Validation History

Date Type Lab
6/17/2021 Initial ATSEC INFORMATION SECURITY CORP