U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.

Https

We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

    Projects Cryptographic Module Validation Program Validated Modules Search

Cryptographic Module Validation Program CMVP

Certificate #4215

Details

Module Name
Oracle Linux 8 OpenSSL Cryptographic Module
Standard
FIPS 140-2
Status
Active
Sunset Date
9/21/2026
Overall Level
1
Caveat
When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy
Security Level Exceptions
  • Physical Security: N/A
  • Design Assurance: Level 3
Module Type
Software
Embodiment
Multi-Chip Stand Alone
Description
Oracle Linux OpenSSL Cryptographic Module is a software module supporting FIPS 140-2 approved cryptographic algorithms for general use by vendors.
Tested Configuration(s)
  • Oracle Linux 8.4 64 bit running on Oracle Server A1-2C with Ampere(R) Altra(R) Neoverse-N1 with PAA
  • Oracle Linux 8.4 64 bit running on Oracle Server A1-2C with Ampere(R) Altra(R) Neoverse-N1 without PAA (single-user mode)
  • Oracle Linux 8.4 64 bit running on Oracle Server E1-2C with AMD EPYC(TM) 7551 with PAA
  • Oracle Linux 8.4 64 bit running on Oracle Server E1-2C with AMD EPYC(TM) 7551 without PAA
  • Oracle Linux 8.4 64 bit running on Oracle Server X7-2C with Intel(R) Xeon(R) Platinum 8167M with PAA
  • Oracle Linux 8.4 64 bit running on Oracle Server X7-2C with Intel(R) Xeon(R) Platinum 8167M without PAA
FIPS Algorithms
AES Certs. #A1673, #A1674, #A1675, #A1677, #A1678, #A1679, #A1680, #A1685, #A1686, #A1687, #A1688, #A1689, #A1690, #A1691, #A1692, #A1693, #A2139, #A2141, #A2142, #A2144, #A2145 and #A2146
CVL Certs. #A1677, #A1678, #A1679, #A1680, #A1694, #A1695, #A1696, #A1697 and #A2143
DRBG Certs. #A1673, #A1674, #A1675, #A2139, #A2141 and #A2142
DSA Certs. #A1694, #A1695, #A1696 and #A1697
ECDSA Certs. #A1683, #A1694, #A1695, #A1696 and #A1697
ENT NP
HMAC Certs. #A1681, #A1682, #A1683, #A1694, #A1695, #A1696, #A1697 and #A2140
KAS KAS-SSC Certs. #A1694, #A1695, #A1696, #A1697 and #A1699, CVL Certs. #A1694, #A1695, #A1696 and #A1697
KAS-SSC Certs. #A1694, #A1695, #A1696, #A1697 and #A1699
KBKDF Cert. #A1698
KDA Cert. #A1676
KTS AES Certs. #A1673, #A1674, #A1675, #A1685, #A1686, #A1687, #A1688, #A1689, #A1690, #A1691, #A1692, #A1693, #A2139, #A2141, #A2142, #A2144, #A2145 and #A2146; key establishment methodology provides between 128 and 256 bits of encryption strength
KTS AES Certs. #A1673, #A1674, #A1675, #A2139, #A2141 and #A2142 and HMAC Certs. #A1694, #A1695, #A1696, #A1697 and #A2140; key establishment methodology provides 128 or 256 bits of encryption strength
KTS Triple-DES Cert. #A1672 and HMAC Certs. #A1694, #A1695, #A1696, #A1697 and #A2140; key establishment methodology provides 112 bits of encryption strength
KTS-RSA Certs. #A1694, #A1695, #A1696 and #A1697; key establishment methodology provides between 112 and 200 bits of encryption strength
PBKDF Certs. #A1681, #A1682, #A1683, #A1694, #A1695, #A1696 and #A1697
RSA Certs. #A1694, #A1695, #A1696 and #A1697
SHA-3 Certs. #A1681, #A1682 and #A1683
SHS Certs. #A1694, #A1695, #A1696, #A1697 and #A2140
Triple-DES Certs. #A1672, #A1677, #A1678, #A1679 and #A1680
Allowed Algorithms
RSA (key wrapping; key establishment methodology provides between 112 and 256 bits of encryption strength)
Software Versions
R8-8.4.0

Vendor

Oracle Corporation
2300 Oracle Way
Austin, TX 78741
USA

Security Evaluation team
seceval_us@oracle.com

Related Files

Security Policy
Consolidated Certificate

Validation History

Date Type Lab
5/9/2022 Initial ATSEC INFORMATION SECURITY CORP
7/15/2022 Update ATSEC INFORMATION SECURITY CORP