| Standard | FIPS 140-3 |
|---|---|
| Overall level | 1 |
| Module type | Software |
| Embodiment | Multi-Chip Stand Alone |
| Status | Active |
| Sunset date | 9/10/2026 |
| Caveat | Interim validation. When operated in approved mode. When installed, initialized and configured as specified in section 11 of the Security Policy. The module generates random strings whose strengths are modified by available entropy. |
| Vendor | Red Hat(R), Inc. |
| Requirement area | Level |
|---|---|
| Cryptographic Module Specification | 2 |
| Cryptographic Module Interfaces | 3 |
| Roles, Services, and Authentication | 4 |
| Software/Firmware Security | 5 |
| Operational Environment | 6 |
| Physical Security | 7 |
| Non-Invasive Security | 8 |
| Self-Tests | 1 |
| Life-Cycle Assurance | 1 |
| Mitigation of Other Attacks | 1 |
flowchart LR
%% Deterministic review-risk graph for Red Hat Enterprise Linux 9 Kernel Cryptographic API
%% Review prompts and evidence gaps, NOT vulnerability findings.
subgraph CMVP["CMVP-disclosed clues"]
C2["[low] Firmware update / recovery<br/>/ rollback (referenced in<br/>text)<br/><i>Recovery</i>"]
C3["[high] Unauthenticated /<br/>self-test / status service<br/>surface<br/><i>Encryption with AES<br/>Decryption with AES<br/>Show status</i>"]
C5["[low] Protocol / secure-channel<br/>references (may be KDF<br/>names, not a live channel)<br/><i>IKEV<br/>IPSEC<br/>HTTPS</i>"]
C6["[low] Operating system / runtime<br/>referenced (boundary<br/>membership not asserted)<br/><i>operating system<br/>linux<br/>kernel</i>"]
end
subgraph Inference["Derived inference"]
I2["Possible only, trusted<br/>code is reachable through<br/>update and recovery paths."]
I3["Some services may process<br/>input before, or without,<br/>operator authentication."]
I5["Possible only, a protocol<br/>is referenced, but whether<br/>it is a live channel or<br/>only a KDF/algorithm name<br/>is unconfirmed."]
I6["Possible only, a<br/>runtime/OS is referenced,<br/>but its membership in the<br/>cryptographic boundary is<br/>not established."]
end
subgraph Risk["Reviewer question"]
R2["Are update images<br/>authenticated before<br/>parsing, and are<br/>downgrade/rollback paths<br/>constrained?"]
R3["Can unauthenticated<br/>services leak state,<br/>consume resources, or<br/>transition security state?"]
R5["If a live TLS/SSH/IKE<br/>channel exists, could<br/>library CVEs apply, or is<br/>this only a<br/>KDF/documentation name?"]
R6["If the OS/runtime is<br/>in-boundary, could its<br/>CVEs be hidden by<br/>firmware-only versioning?"]
end
subgraph Evidence["Evidence needed to close"]
E2["confirm the disclosure<br/>itself (keyword hit,<br/>context unverified) ·<br/>update image format ·<br/>signature-before-parse<br/>proof · anti-rollback /<br/>downgrade policy"]
E3["pre-auth reachability<br/>matrix · rate limits and<br/>output redaction ·<br/>abuse-case tests"]
E5["confirm the disclosure<br/>itself (keyword hit,<br/>context unverified) ·<br/>library identity and<br/>version ·<br/>certificate-validation<br/>behaviour · protocol-CVE<br/>disposition"]
E6["confirm the disclosure<br/>itself (keyword hit,<br/>context unverified) ·<br/>runtime identity and<br/>config · kernel/runtime<br/>hardening profile ·<br/>patch/backport manifest"]
end
C2 --> I2 --> R2 --> E2
C3 --> I3 --> R3 --> E3
C5 --> I5 --> R5 --> E5
C6 --> I6 --> R6 --> E6
classDef clue fill:#eef3f9,stroke:#6f7f91,color:#1f3a5f;
classDef infer fill:#fff7e6,stroke:#b98500,color:#6b4e00;
classDef risk fill:#fbe9e9,stroke:#b02a2a,color:#7a1f1f;
classDef evidence fill:#e6f4ea,stroke:#1e7d34,color:#14532d;
class C2,C3,C5,C6 clue;
class I2,I3,I5,I6 infer;
class R2,R3,R5,R6 risk;
class E2,E3,E5,E6 evidence;flowchart LR
%% Deterministic clue tier for Red Hat Enterprise Linux 9 Kernel Cryptographic API
%% confidence: high = structured record field; medium = structured but soft; low (dashed) = bare keyword hit, context unverified
subgraph CMVP["CMVP-disclosed clues (deterministic)"]
C2["[low] Firmware update / recovery / rollback (referenced in text)<br/><i>Recovery</i><br/>src: text:keyword"]
C3["[high] Unauthenticated / self-test / status service surface<br/><i>Encryption with AES<br/>Decryption with AES<br/>Show status</i><br/>src: securityPolicy.services"]
C5["[low] Protocol / secure-channel references (may be KDF names, not a live channel)<br/><i>IKEV<br/>IPSEC<br/>HTTPS</i><br/>src: text:keyword"]
C6["[low] Operating system / runtime referenced (boundary membership not asserted)<br/><i>operating system<br/>linux<br/>kernel</i><br/>src: text:keyword"]
end
classDef clueHigh fill:#eef3f9,stroke:#2f6fb0,stroke-width:2px,color:#1f3a5f;
classDef clueMedium fill:#eef3f9,stroke:#6f7f91,color:#1f3a5f;
classDef clueLow fill:#f7f7f7,stroke:#999,stroke-dasharray:4 4,color:#444;
class C2,C5,C6 clueLow;
class C3 clueHigh;Red Hat, Inc. Red Hat Enterprise Linux 9 Kernel Cryptographic API Document Version: 1.2 Last Modified: 09/03/2024 Prepared by: atsec information security corporation
Austin, TX 78759 www.atsec.com © 2024 Red Hat, Inc./ atsec information security corporation.
| # | Section | Page |
|---|---|---|
| 1 | General | 6 |
| 1.1 | Overview | 6 |
| 1.2 | Security Levels | 6 |
| 1.3 | Additional Information [O] | 6 |
| 2 | Cryptographic Module Specification | 7 |
| 2.1 | Description | 7 |
| 2.2 | Tested and Vendor Affirmed Module Version and Identification | 8 |
| 2.3 | Excluded Components | 9 |
| 2.4 | Modes of Operation | 9 |
| 2.5 | Algorithms | 10 |
| 2.6 | Security Function Implementations | 20 |
| 2.7 | Algorithm Specific Information | 28 |
| 2.8 | RBG and Entropy | 29 |
| 2.9 | Key Generation | 30 |
| 2.10 | Key Establishment | 30 |
| 2.11 | Industry Protocols | 30 |
| 2.12 | Additional Information [O] | 30 |
| 3 | Cryptographic Module Interfaces | 31 |
| 3.1 | Ports and Interfaces | 31 |
| 3.2 | Trusted Channel Specification [O] | 31 |
| 3.3 | Control Interface Not Inhibited [O] | 31 |
| 3.4 | Additional Information [O] | 31 |
| 4 | Roles, Services, and Authentication | 32 |
| 4.1 | Authentication Methods | 32 |
| 4.2 | Roles | 32 |
| 4.3 | Approved Services | 32 |
| 4.4 | Non-Approved Services | 37 |
| 4.5 | External Software/Firmware Loaded | 37 |
| 4.6 | Bypass Actions and Status [O] | 37 |
| 4.7 | Cryptographic Output Actions and Status [O] | 37 |
| 4.8 | Additional Information [O] | 37 |
| 5 | Software/Firmware Security | 38 |
| 5.1 | Integrity Techniques | 38 |
| 5.2 | Initiate on Demand | 38 |
| 5.3 | Open-Source Parameters [O] | 38 |
| 5.4 | Additional Information [O] | 38 |
| 6 | Operational Environment | 39 |
| 6.1 | Operational Environment Type and Requirements | 39 |
| 6.2 | Configuration Settings and Restrictions [O] | 39 |
| 6.3 | Additional Information [O] | 39 |
| 7 | Physical Security | 40 |
| 7.1 | Mechanisms and Actions Required | 40 |
| 7.2 | User Placed Tamper Seals [O] | 40 |
| 7.3 | Filler Panels [O] | 40 |
| 7.4 | Fault Induction Mitigation [O] | 40 |
| 7.5 | EFP/EFT Information [O] | 40 |
| 7.6 | Hardness Testing Temperature Ranges [O] | 40 |
| 7.7 | Additional Information [O] | 40 |
| 8 | Non-Invasive Security | 41 |
| 8.1 | Mitigation Techniques [O] | 41 |
| 8.2 | Effectiveness [O] | 41 |
| 8.3 | Additional Information [O] | 41 |
| 9 | Sensitive Security Parameters Management | 42 |
| 9.1 | Storage Areas | 42 |
| 9.2 | SSP Input-Output Methods | 42 |
| 9.3 | SSP Zeroization Methods | 42 |
| 9.4 | SSPs | 43 |
| 9.5 | Transitions [O] | 45 |
| 9.6 | Additional Information [O] | 45 |
| 10 | Self-Tests | 46 |
| 10.1 | Pre-Operational Self-Tests | 46 |
| 10.2 | Conditional Self-Tests | 46 |
| 10.3 | Periodic Self-Test Information | 86 |
| 10.4 | Error States | 96 |
| 10.5 | Operator Initiation of Self-Tests [O] | 97 |
| 10.6 | Additional Information [O] | 97 |
| 11 | Life-Cycle Assurance | 98 |
| 11.1 | Installation, Initialization, and Startup Procedures | 98 |
| 11.2 | Administrator Guidance | 98 |
| 11.3 | Non-Administrator Guidance | 98 |
| 11.4 | Design and Rules [O] | 98 |
| 11.5 | Maintenance Requirements [O] | 98 |
| 11.6 | End of Life [O] | 98 |
| 11.7 | Additional Information [O] | 99 |
| 12 | Mitigation of Other Attacks | 100 |
| 12.1 | Attack List [O] | 100 |
| 12.2 | Mitigation Effectiveness [O] | 100 |
| 12.3 | Guidance and Constraints [O] | 100 |
| 12.4 | Additional Information [O] | 100 |
© 2024 Red Hat, Inc./ atsec information security corporation.
© 2024 Red Hat, Inc./ atsec information security corporation.
| Item | Page |
|---|---|
| Table : Security Levels | 6 |
| Table : Tested Module Identification – Software, Firmware, Hybrid (Executable Code Sets) | 8 |
| Table : Tested Operational Environments - Software, Firmware, Hybrid | 9 |
| Table : Vendor-Affirmed Operational Environments - Software, Firmware, Hybrid | 9 |
| Table : Modes List and Description | 10 |
| Table : Approved Algorithms | 20 |
| Table : Non-Approved, Not Allowed Algorithms | 20 |
| Table : Security Function Implementations | 28 |
| Table : Entropy Certificates | 29 |
| Table : Entropy Sources | 30 |
| Table : Ports and Interfaces | 31 |
| Table : Roles | 32 |
| Table : Approved Services | 36 |
| Table : Non-Approved Services | 37 |
| Table : EFP/EFT Information | 40 |
| Table : Hardness Testing Temperatures | 40 |
| Table : Storage Areas | 42 |
| Table : SSP Input-Output Methods | 42 |
| Table : SSP Zeroization Methods | 43 |
| Table : SSP Table 1 | 44 |
| Table : SSP Table 2 | 45 |
| Table : Pre-Operational Self-Tests | 46 |
| Table : Conditional Self-Tests | 86 |
| Table : Pre-Operational Periodic Information | 86 |
| Table : Conditional Periodic Information | 96 |
| Table : Error States | 96 |
| Figure 1: Block Diagram | 8 |
| Name | ISO Section | Level |
|---|---|---|
| 1 | 1 | 1 |
| 2 | 2 | 1 |
| 3 | 3 | 1 |
| 4 | 4 | 1 |
| 5 | 5 | 1 |
| 6 | 6 | 1 |
| 7 | 7 | N/A |
| 8 | 8 | N/A |
| 9 | 9 | 1 |
| 10 | 10 | 1 |
| 11 | 11 | 1 |
| 12 | 12 | N/A |
This document is the non-proprietary FIPS 140-3 Security Policy for version 5.14.070.53.1.el9_0; libkcapi 1.3.1-3.el9 of the Red Hat Enterprise Linux 9 Kernel Cryptographic API module. It contains the security rules under which the module must operate and describes how this module meets the requirements as specified in FIPS PUB 140-3 (Federal Information Processing Standards Publication 140-3) for an overall Security Level 1 module. intact and including this notice. Other documentation is proprietary to their authors.
In preparing the Security Policy document, the laboratory formatted the vendor-supplied documentation for consolidation without altering the technical statements therein contained. The further refining of the Security Policy document was conducted iteratively throughout the conformance testing, wherein the Security Policy was submitted to the vendor, who would then edit, modify, and add technical contents. The vendor would also supply additional documentation, which the laboratory formatted into the existing Security Policy, and resubmitted to the vendor for their final editing.
Not applicable. © 2024 Red Hat, Inc./ atsec information security corporation.
Purpose and Use: The Red Hat Enterprise Linux 9 Kernel Cryptographic API (hereafter referred to as “the module”) provides a C language application program interface (API) for use by other (kernel space and user space) processes that require cryptographic functionality. The module operates on a general-purpose computer as part of the Linux kernel. Its cryptographic functionality can be accessed using the Linux Kernel Crypto API. Module Type: Software Module Embodiment: MultiChipStand Module Characteristics: Cryptographic Boundary: The cryptographic boundary of the module is defined as the kernel binary and the kernel crypto object files, the libkcapi library, and the sha512hmac binary, which is used to verify the integrity of the software components. In addition, the cryptographic boundary contains the .hmac files which store the expected integrity values for each of the software components. Tested Operational Environment’s Physical Perimeter (TOEPP) [O]: The TOEPP of the module is defined as the general-purpose computer on which the module is installed. © 2024 Red Hat, Inc./ atsec information security corporation.
| Name | Firmware Version | Features | Package | Integrity Test |
|---|---|---|---|---|
| /boot/vmlinuz-5.14.0-70.53.1.el9_0.x86_64; *.ko and *.ko.xz files in /usr/lib/modules/5.14.0- 70.53.1.el9_0.x86_64/kernel/crypto *.ko and *.ko.xz files in /usr/lib/modules/5.14.0- 70.53.1.el9_0.x86_64/kernel/arch/x86/crypto; /usr/lib64/libkcapi.so.1.3.1, /usr/bin/sha512hmac | 5.14.0- 70.53.1.el9_0; 1.3.1-3.el9 | N/A | /boot/vmlinuz-5.14.0-70.53.1.el9_0.x86_64; *.ko and *.ko.xz files in /usr/lib/modules/5.14.0- 70.53.1.el9_0.x86_64/kernel/crypto *.ko and *.ko.xz files in /usr/lib/modules/5.14.0- 70.53.1.el9_0.x86_64/kernel/arch/x86/crypto; /usr/lib64/libkcapi.so.1.3.1, /usr/bin/sha512hmac | HMAC-SHA- 512; RSA signature verification |
Tested Module Identification
| Name | Operating System | Hardware Platform | Software Version | Processor | Paa Pai | Hypervisor |
|---|---|---|---|---|---|---|
| Red Hat Enterprise Linux 9 | Red Hat Enterprise Linux 9 | Dell PowerEdge R440 | 5.14.0- 70.53.1.el9_0 1.3.1-3.el9 | Intel Xeon Silver 4216 | Yes | N/A |
| Red Hat Enterprise Linux 9 | Red Hat Enterprise Linux 9 | IBM z16 3931-A01 | 5.14.0- 70.53.1.el9_0 1.3.1-3.el9 | IBM z16 | Yes | N/A |
| Red Hat Enterprise Linux 9 | Red Hat Enterprise Linux 9 | Dell PowerEdge R440 | 5.14.0- 70.53.1.el9_0 1.3.1-3.el9 | Intel Xeon Silver 4216 | No | N/A |
| Red Hat Enterprise Linux 9 | Red Hat Enterprise Linux 9 | IBM z16 3931-A01 | 5.14.0- 70.53.1.el9_0 1.3.1-3.el9 | IBM z16 | No | N/A |
| Red Hat Enterprise Linux 9 | Red Hat Enterprise Linux 9 | IBM 9080- HEX | 5.14.0- 70.53.1.el9_0 1.3.1-3.el9 | IBM POWER10 | No | PowerVM FW1040.00 with VIOS 3.1.3.00 |
| Red Hat Enterprise Linux 9 | Red Hat Enterprise Linux 9 | Intel Xeon E5 |
| Name | Operating System | Hardware Platform | Software Version | Processor | Paa Pai | Hypervisor |
|---|---|---|---|---|---|---|
| Red Hat Enterprise Linux 9 | Red Hat Enterprise Linux 9 | Dell PowerEdge R440 | 5.14.0- 70.53.1.el9_0 1.3.1-3.el9 | Intel Xeon Silver 4216 | Yes | N/A |
| Red Hat Enterprise Linux 9 | Red Hat Enterprise Linux 9 | IBM z16 3931-A01 | 5.14.0- 70.53.1.el9_0 1.3.1-3.el9 | IBM z16 | Yes | N/A |
| Red Hat Enterprise Linux 9 | Red Hat Enterprise Linux 9 | Dell PowerEdge R440 | 5.14.0- 70.53.1.el9_0 1.3.1-3.el9 | Intel Xeon Silver 4216 | No | N/A |
| Red Hat Enterprise Linux 9 | Red Hat Enterprise Linux 9 | IBM z16 3931-A01 | 5.14.0- 70.53.1.el9_0 1.3.1-3.el9 | IBM z16 | No | N/A |
| Red Hat Enterprise Linux 9 | Red Hat Enterprise Linux 9 | IBM 9080- HEX | 5.14.0- 70.53.1.el9_0 1.3.1-3.el9 | IBM POWER10 | No | PowerVM FW1040.00 with VIOS 3.1.3.00 |
| Red Hat Enterprise Linux 9 | Red Hat Enterprise Linux 9 | Intel Xeon E5 |
N/A for this module. Tested Operational Environments - Software, Firmware, Hybrid: N/A 5.14.0Enterprise N/A 5.14.0Enterprise N/A 5.14.0Enterprise N/A 5.14.0Enterprise IBM 9080IBM 5.14.0Enterprise Table 3: Tested Operational Environments - Software, Firmware, Hybrid Vendor-Affirmed Operational Environments - Software, Firmware, Hybrid: Table 4: Vendor-Affirmed Operational Environments - Software, Firmware, Hybrid CMVP makes no statement as to the correct operation of the module or the security strengths of the generated keys when so ported if the specific operational environment is not listed on the validation certificate.
There are no components within the cryptographic boundary excluded from the FIPS 140-3 requirements.
Modes List and Description: © 2024 Red Hat, Inc./ atsec information security corporation.
| Name | Description | Indicator | Type |
|---|---|---|---|
| Non- approved mode | Automatically entered whenever a non-approved service is requested | Equivalent to the indicator of the requested service as defined in section 4.3 | Non- Approved |
| Name | CAVP Cert | Properties | Reference |
|---|---|---|---|
| AES-CBC | A3629 | Direction - Decrypt, Encrypt Key Length - 128, 192, 256 | SP 800-38A |
| AES-CCM | A3629 | Key Length - 128, 192, 256 | SP 800-38C |
| AES-CMAC | A3629 | Direction - Generation, Verification Key Length - 128, 192, 256 | SP 800-38B |
| AES-CTR | A3629 | Direction - Decrypt, Encrypt Key Length - 128, 192, 256 | SP 800-38A |
| AES-ECB | A3629 | Direction - Decrypt, Encrypt Key Length - 128, 192, 256 | SP 800-38A |
| AES-GCM | A3629 | Direction - Decrypt, Encrypt IV Generation - External IV Generation Mode - 8.2.1 Key Length - 128, 192, 256 | SP 800-38D |
| AES-GMAC | A3629 | Direction - Decrypt, Encrypt IV Generation - External IV Generation Mode - 8.2.1 Key Length - 128, 192, 256 | SP 800-38D |
| AES-XTS Testing Revision 2.0 | A3629 | Direction - Decrypt, Encrypt Key Length - 128, 256 | SP 800-38E |
| Counter DRBG | A3629 | Prediction Resistance - No, Yes Mode - AES-128, AES-192, AES-256 Derivation Function Enabled - Yes | SP 800-90A Rev. 1 |
| Hash DRBG | A3629 | Prediction Resistance - No, Yes Mode - SHA-1, SHA2-256, SHA2-384, SHA2-512 | SP 800-90A Rev. 1 |
| HMAC DRBG | A3629 | Prediction Resistance - No, Yes Mode - SHA-1, SHA2-256, SHA2-384, SHA2-512 | SP 800-90A Rev. 1 |
| HMAC-SHA-1 | A3629 | Key Length - Key Length: 112- 524288 Increment 8 | FIPS 198-1 |
| HMAC-SHA2-224 | A3629 | Key Length - Key Length: 112- 524288 Increment 8 | FIPS 198-1 |
| HMAC-SHA2-256 | A3629 | Key Length - Key Length: 112- 524288 Increment 8 | FIPS 198-1 |
| HMAC-SHA2-384 | A3629 | Key Length - Key Length: 112- 524288 Increment 8 | FIPS 198-1 |
| HMAC-SHA2-512 | A3629 | Key Length - Key Length: 112- 524288 Increment 8 | FIPS 198-1 |
| RSA SigVer (FIPS186- 4) | A3629 | Signature Type - PKCS 1.5 Modulo - 2048, 3072, 4096 | FIPS 186-4 |
| SHA-1 | A3629 | Message Length - Message Length: 0-65536 Increment 8 Large Message Sizes - 1, 2 | FIPS 180-4 |
| SHA2-224 | A3629 | Message Length - Message Length: 0-65536 Increment 8 Large Message Sizes - 1, 2 | FIPS 180-4 |
| SHA2-256 | A3629 | Message Length - Message Length: 0-65536 Increment 8 Large Message Sizes - 1, 2 | FIPS 180-4 |
| SHA2-384 | A3629 | Message Length - Message Length: 0-65536 Increment 8 Large Message Sizes - 1, 2 | FIPS 180-4 |
| SHA2-512 | A3629 | Message Length - Message Length: 0-65536 Increment 8 Large Message Sizes - 1, 2 | FIPS 180-4 |
| HMAC-SHA3-224 | A3630 | Key Length - Key Length: 112- 524288 Increment 8 | FIPS 198-1 |
| HMAC-SHA3-256 | A3630 | Key Length - Key Length: 112- 524288 Increment 8 | FIPS 198-1 |
| HMAC-SHA3-384 | A3630 | Key Length - Key Length: 112- 524288 Increment 8 | FIPS 198-1 |
| HMAC-SHA3-512 | A3630 | Key Length - Key Length: 112- 524288 Increment 8 | FIPS 198-1 |
| SHA3-224 | A3630 | Message Length - Message Length: 0-65536 Increment 8 Large Message Sizes - 1, 2 | FIPS 202 |
| SHA3-256 | A3630 | Message Length - Message Length: 0-65536 Increment 8 Large Message Sizes - 1, 2 | FIPS 202 |
| SHA3-384 | A3630 | Message Length - Message Length: 0-65536 Increment 8 Large Message Sizes - 1, 2 | FIPS 202 |
| SHA3-512 | A3630 | Message Length - Message Length: 0-65536 Increment 8 Large Message Sizes - 1, 2 | FIPS 202 |
| AES-CFB128 | A3631 | Direction - Decrypt, Encrypt Key Length - 128, 192, 256 | SP 800-38A |
| AES-OFB | A3632 | Direction - Decrypt, Encrypt Key Length - 128, 192, 256 | SP 800-38A |
| AES-CBC-CS3 | A3633 | Direction - decrypt, encrypt Key Length - 128, 192, 256 | SP 800-38A |
| AES-ECB | A3634 | Direction - Decrypt, Encrypt Key Length - 128, 192, 256 | SP 800-38A |
| AES-GCM | A3634 | Direction - Encrypt IV Generation - Internal IV Generation Mode - 8.2.1 Key Length - 128, 192, 256 | SP 800-38D |
| Counter DRBG | A3634 | Prediction Resistance - No, Yes Mode - AES-128, AES-192, AES-256 Derivation Function Enabled - Yes | SP 800-90A Rev. 1 |
| Hash DRBG | A3634 | Prediction Resistance - No, Yes Mode - SHA-1, SHA2-256, SHA2-384, SHA2-512 | SP 800-90A Rev. 1 |
| HMAC DRBG | A3634 | Prediction Resistance - No, Yes Mode - SHA-1, SHA2-256, SHA2-384, SHA2-512 | SP 800-90A Rev. 1 |
| AES-ECB | A3635 | Direction - Decrypt, Encrypt Key Length - 128, 192, 256 | SP 800-38A |
| AES-GCM | A3635 | Direction - Decrypt, Encrypt IV Generation - External IV Generation Mode - 8.2.1 Key Length - 128, 192, 256 | SP 800-38D |
| Counter DRBG | A3635 | Prediction Resistance - No, Yes Mode - AES-128, AES-192, AES-256 Derivation Function Enabled - Yes | SP 800-90A Rev. 1 |
| Hash DRBG | A3635 | Prediction Resistance - No, Yes Mode - SHA-1, SHA2-256, SHA2-384, SHA2-512 | SP 800-90A Rev. 1 |
| HMAC DRBG | A3635 | Prediction Resistance - No, Yes Mode - SHA-1, SHA2-256, SHA2-384, SHA2-512 | SP 800-90A Rev. 1 |
| AES-CBC | A3636 | Direction - Decrypt, Encrypt Key Length - 128, 192, 256 | SP 800-38A |
| AES-CTR | A3636 | Direction - Decrypt, Encrypt Key Length - 128, 192, 256 | SP 800-38A |
| AES-ECB | A3636 | Direction - Decrypt, Encrypt Key Length - 128, 192, 256 | SP 800-38A |
| AES-GCM | A3636 | Direction - Decrypt, Encrypt IV Generation - External IV Generation Mode - 8.2.1 Key Length - 128, 192, 256 | SP 800-38D |
| AES-XTS Testing Revision 2.0 | A3636 | Direction - Decrypt, Encrypt Key Length - 128, 256 | SP 800-38E |
| Counter DRBG | A3636 | Prediction Resistance - No, Yes Mode - AES-128, AES-192, AES-256 Derivation Function Enabled - Yes | SP 800-90A Rev. 1 |
| Hash DRBG | A3636 | Prediction Resistance - No, Yes Mode - SHA-1, SHA2-256, SHA2-384, SHA2-512 | SP 800-90A Rev. 1 |
| HMAC DRBG | A3636 | Prediction Resistance - No, Yes Mode - SHA-1, SHA2-256, SHA2-384, SHA2-512 | SP 800-90A Rev. 1 |
| AES-ECB | A3637 | Direction - Decrypt, Encrypt Key Length - 128, 192, 256 | SP 800-38A |
| AES-GCM | A3637 | Direction - Encrypt IV Generation - Internal IV Generation Mode - 8.2.1 Key Length - 128, 192, 256 | SP 800-38D |
| Counter DRBG | A3637 | Prediction Resistance - No, Yes Mode - AES-128, AES-192, AES-256 Derivation Function Enabled - Yes | SP 800-90A Rev. 1 |
| Hash DRBG | A3637 | Prediction Resistance - No, Yes Mode - SHA-1, SHA2-256, SHA2-384, SHA2-512 | SP 800-90A Rev. 1 |
| HMAC DRBG | A3637 | Prediction Resistance - No, Yes Mode - SHA-1, SHA2-256, SHA2-384, SHA2-512 | SP 800-90A Rev. 1 |
| AES-ECB | A3638 | Direction - Decrypt, Encrypt Key Length - 128, 192, 256 | SP 800-38A |
| AES-GCM | A3638 | Direction - Decrypt, Encrypt IV Generation - External IV Generation Mode - 8.2.1 Key Length - 128, 192, 256 | SP 800-38D |
| Counter DRBG | A3638 | Prediction Resistance - No, Yes Mode - AES-128, AES-192, AES-256 Derivation Function Enabled - Yes | SP 800-90A Rev. 1 |
| Hash DRBG | A3638 | Prediction Resistance - No, Yes Mode - SHA-1, SHA2-256, SHA2-384, SHA2-512 | SP 800-90A Rev. 1 |
| HMAC DRBG | A3638 | Prediction Resistance - No, Yes Mode - SHA-1, SHA2-256, SHA2-384, SHA2-512 | SP 800-90A Rev. 1 |
| AES-CBC | A3639 | Direction - Decrypt, Encrypt Key Length - 128, 192, 256 | SP 800-38A |
| AES-CCM | A3639 | Key Length - 128, 192, 256 | SP 800-38C |
| AES-CMAC | A3639 | Direction - Generation, Verification Key Length - 128, 192, 256 | SP 800-38B |
| AES-CTR | A3639 | Direction - Decrypt, Encrypt Key Length - 128, 192, 256 | SP 800-38A |
| AES-ECB | A3639 | Direction - Decrypt, Encrypt Key Length - 128, 192, 256 | SP 800-38A |
| AES-GCM | A3639 | Direction - Decrypt, Encrypt IV Generation - External IV Generation Mode - 8.2.1 Key Length - 128, 192, 256 | SP 800-38D |
| AES-GMAC | A3639 | Direction - Decrypt, Encrypt IV Generation - External IV Generation Mode - 8.2.1 Key Length - 128, 192, 256 | SP 800-38D |
| AES-XTS Testing Revision 2.0 | A3639 | Direction - Decrypt, Encrypt Key Length - 128, 256 | SP 800-38E |
| Counter DRBG | A3639 | Prediction Resistance - No, Yes Mode - AES-128, AES-192, AES-256 Derivation Function Enabled - Yes | SP 800-90A Rev. 1 |
| Hash DRBG | A3639 | Prediction Resistance - No, Yes Mode - SHA-1, SHA2-256, SHA2-384, SHA2-512 | SP 800-90A Rev. 1 |
| HMAC DRBG | A3639 | Prediction Resistance - No, Yes Mode - SHA-1, SHA2-256, SHA2-384, SHA2-512 | SP 800-90A Rev. 1 |
| AES-ECB | A3640 | Direction - Decrypt, Encrypt Key Length - 128, 192, 256 | SP 800-38A |
| AES-GCM | A3640 | Direction - Encrypt IV Generation - Internal IV Generation Mode - 8.2.1 Key Length - 128, 192, 256 | SP 800-38D |
| Counter DRBG | A3640 | Prediction Resistance - No, Yes Mode - AES-128, AES-192, AES-256 Derivation Function Enabled - Yes | SP 800-90A Rev. 1 |
| Hash DRBG | A3640 | Prediction Resistance - No, Yes Mode - SHA-1, SHA2-256, SHA2-384, SHA2-512 | SP 800-90A Rev. 1 |
| HMAC DRBG | A3640 | Prediction Resistance - No, Yes Mode - SHA-1, SHA2-256, SHA2-384, SHA2-512 | SP 800-90A Rev. 1 |
| AES-ECB | A3641 | Direction - Decrypt, Encrypt Key Length - 128, 192, 256 | SP 800-38A |
| AES-GCM | A3641 | Direction - Decrypt, Encrypt IV Generation - External IV Generation Mode - 8.2.1 Key Length - 128, 192, 256 | SP 800-38D |
| Counter DRBG | A3641 | Prediction Resistance - No, Yes Mode - AES-128, AES-192, AES-256 Derivation Function Enabled - Yes | SP 800-90A Rev. 1 |
| Hash DRBG | A3641 | Prediction Resistance - No, Yes Mode - SHA-1, SHA2-256, SHA2-384, SHA2-512 | SP 800-90A Rev. 1 |
| HMAC DRBG | A3641 | Prediction Resistance - No, Yes Mode - SHA-1, SHA2-256, SHA2-384, SHA2-512 | SP 800-90A Rev. 1 |
| AES-CFB128 | A3642 | Direction - Decrypt, Encrypt Key Length - 128, 192, 256 | SP 800-38A |
| AES-OFB | A3643 | Direction - Decrypt, Encrypt Key Length - 128, 192, 256 | SP 800-38A |
| AES-CBC-CS3 | A3644 | Direction - decrypt, encrypt Key Length - 128, 192, 256 | SP 800-38A |
| Hash DRBG | A3645 | Prediction Resistance - No, Yes Mode - SHA-1, SHA2-256, SHA2-384, SHA2-512 | SP 800-90A Rev. 1 |
| HMAC DRBG | A3645 | Prediction Resistance - No, Yes Mode - SHA-1, SHA2-256, SHA2-384, SHA2-512 | SP 800-90A Rev. 1 |
| HMAC-SHA-1 | A3645 | Key Length - Key Length: 112- 524288 Increment 8 | FIPS 198-1 |
| HMAC-SHA2-224 | A3645 | Key Length - Key Length: 112- 524288 Increment 8 | FIPS 198-1 |
| HMAC-SHA2-256 | A3645 | Key Length - Key Length: 112- 524288 Increment 8 | FIPS 198-1 |
| HMAC-SHA2-384 | A3645 | Key Length - Key Length: 112- 524288 Increment 8 | FIPS 198-1 |
| HMAC-SHA2-512 | A3645 | Key Length - Key Length: 112- 524288 Increment 8 | FIPS 198-1 |
| RSA SigVer (FIPS186- 4) | A3645 | Signature Type - PKCS 1.5 Modulo - 2048, 3072, 4096 | FIPS 186-4 |
| SHA-1 | A3645 | Message Length - Message Length: 0-65536 Increment 8 Large Message Sizes - 1, 2 | FIPS 180-4 |
| SHA2-224 | A3645 | Message Length - Message Length: 0-65536 Increment 8 Large Message Sizes - 1, 2 | FIPS 180-4 |
| SHA2-256 | A3645 | Message Length - Message Length: 0-65536 Increment 8 Large Message Sizes - 1, 2 | FIPS 180-4 |
| SHA2-384 | A3645 | Message Length - Message Length: 0-65536 Increment 8 Large Message Sizes - 1, 2 | FIPS 180-4 |
| SHA2-512 | A3645 | Message Length - Message Length: 0-65536 Increment 8 Large Message Sizes - 1, 2 | FIPS 180-4 |
| Hash DRBG | A3646 | Prediction Resistance - No, Yes Mode - SHA-1, SHA2-256, SHA2-384, SHA2-512 | SP 800-90A Rev. 1 |
| HMAC DRBG | A3646 | Prediction Resistance - No, Yes Mode - SHA-1, SHA2-256, SHA2-384, SHA2-512 | SP 800-90A Rev. 1 |
| HMAC-SHA-1 | A3646 | Key Length - Key Length: 112- 524288 Increment 8 | FIPS 198-1 |
| HMAC-SHA2-224 | A3646 | Key Length - Key Length: 112- 524288 Increment 8 | FIPS 198-1 |
| HMAC-SHA2-256 | A3646 | Key Length - Key Length: 112- 524288 Increment 8 | FIPS 198-1 |
| HMAC-SHA2-384 | A3646 | Key Length - Key Length: 112- 524288 Increment 8 | FIPS 198-1 |
| HMAC-SHA2-512 | A3646 | Key Length - Key Length: 112- 524288 Increment 8 | FIPS 198-1 |
| RSA SigVer (FIPS186- 4) | A3646 | Signature Type - PKCS 1.5 Modulo - 2048, 3072, 4096 | FIPS 186-4 |
| SHA-1 | A3646 | Message Length - Message Length: 0-65536 Increment 8 Large Message Sizes - 1, 2 | FIPS 180-4 |
| SHA2-224 | A3646 | Message Length - Message Length: 0-65536 Increment 8 Large Message Sizes - 1, 2 | FIPS 180-4 |
| SHA2-256 | A3646 | Message Length - Message Length: 0-65536 Increment 8 Large Message Sizes - 1, 2 | FIPS 180-4 |
| SHA2-384 | A3646 | Message Length - Message Length: 0-65536 Increment 8 Large Message Sizes - 1, 2 | FIPS 180-4 |
| SHA2-512 | A3646 | Message Length - Message Length: 0-65536 Increment 8 Large Message Sizes - 1, 2 | FIPS 180-4 |
| Hash DRBG | A3647 | Prediction Resistance - No, Yes Mode - SHA-1, SHA2-256, SHA2-384, SHA2-512 | SP 800-90A Rev. 1 |
| HMAC DRBG | A3647 | Prediction Resistance - No, Yes Mode - SHA-1, SHA2-256, SHA2-384, SHA2-512 | SP 800-90A Rev. 1 |
| HMAC-SHA-1 | A3647 | Key Length - Key Length: 112- 524288 Increment 8 | FIPS 198-1 |
| HMAC-SHA2-224 | A3647 | Key Length - Key Length: 112- 524288 Increment 8 | FIPS 198-1 |
| HMAC-SHA2-256 | A3647 | Key Length - Key Length: 112- 524288 Increment 8 | FIPS 198-1 |
| HMAC-SHA2-384 | A3647 | Key Length - Key Length: 112- 524288 Increment 8 | FIPS 198-1 |
| HMAC-SHA2-512 | A3647 | Key Length - Key Length: 112- 524288 Increment 8 | FIPS 198-1 |
| RSA SigVer (FIPS186- 4) | A3647 | Signature Type - PKCS 1.5 Modulo - 2048, 3072, 4096 | FIPS 186-4 |
| SHA-1 | A3647 | Message Length - Message Length: 0-65536 Increment 8 Large Message Sizes - 1, 2 | FIPS 180-4 |
| SHA2-224 | A3647 | Message Length - Message Length: 0-65536 Increment 8 Large Message Sizes - 1, 2 | FIPS 180-4 |
| SHA2-256 | A3647 | Message Length - Message Length: 0-65536 Increment 8 Large Message Sizes - 1, 2 | FIPS 180-4 |
| SHA2-384 | A3647 | Message Length - Message Length: 0-65536 Increment 8 Large Message Sizes - 1, 2 | FIPS 180-4 |
| SHA2-512 | A3647 | Message Length - Message Length: 0-65536 Increment 8 Large Message Sizes - 1, 2 | FIPS 180-4 |
| AES-CBC | A3719 | Direction - Decrypt, Encrypt Key Length - 128, 192, 256 | SP 800-38A |
| AES-CCM | A3719 | Key Length - 128, 192, 256 | SP 800-38C |
| AES-CMAC | A3719 | Direction - Generation, Verification Key Length - 128, 192, 256 | SP 800-38B |
| AES-CTR | A3719 | Direction - Decrypt, Encrypt Key Length - 128, 192, 256 | SP 800-38A |
| AES-ECB | A3719 | Direction - Decrypt, Encrypt Key Length - 128, 192, 256 | SP 800-38A |
| AES-GCM | A3719 | Direction - Decrypt, Encrypt IV Generation - External IV Generation Mode - 8.2.1 Key Length - 128, 192, 256 | SP 800-38D |
| AES-GMAC | A3719 | Direction - Decrypt, Encrypt IV Generation - External IV Generation Mode - 8.2.1 Key Length - 128, 192, 256 | SP 800-38D |
| AES-XTS Testing Revision 2.0 | A3719 | Direction - Decrypt, Encrypt Key Length - 128, 256 | SP 800-38E |
| Counter DRBG | A3719 | Prediction Resistance - No, Yes Mode - AES-128, AES-192, AES-256 Derivation Function Enabled - Yes | SP 800-90A Rev. 1 |
| AES-ECB | A3720 | Direction - Decrypt, Encrypt Key Length - 128, 192, 256 | SP 800-38A |
| AES-GCM | A3720 | Direction - Encrypt IV Generation - Internal IV Generation Mode - 8.2.1 Key Length - 128, 192, 256 | SP 800-38D |
| Counter DRBG | A3720 | Prediction Resistance - No, Yes Mode - AES-128, AES-192, AES-256 Derivation Function Enabled - Yes | SP 800-90A Rev. 1 |
| Hash DRBG | A3720 | Prediction Resistance - No, Yes Mode - SHA-1, SHA2-256, SHA2-512 | SP 800-90A Rev. 1 |
| HMAC DRBG | A3720 | Prediction Resistance - No, Yes Mode - SHA-1, SHA2-256, SHA2-512 | SP 800-90A Rev. 1 |
| AES-ECB | A3721 | Direction - Decrypt, Encrypt Key Length - 128, 192, 256 | SP 800-38A |
| AES-GCM | A3721 | Direction - Decrypt, Encrypt IV Generation - External IV Generation Mode - 8.2.1 Key Length - 128, 192, 256 | SP 800-38D |
| Counter DRBG | A3721 | Prediction Resistance - No, Yes Mode - AES-128, AES-192, AES-256 Derivation Function Enabled - Yes | SP 800-90A Rev. 1 |
| Hash DRBG | A3721 | Prediction Resistance - No, Yes Mode - SHA-1, SHA2-256, SHA2-512 | SP 800-90A Rev. 1 |
| HMAC DRBG | A3721 | Prediction Resistance - No, Yes Mode - SHA-1, SHA2-256, SHA2-512 | SP 800-90A Rev. 1 |
| AES-CBC | A3722 | Direction - Decrypt, Encrypt Key Length - 128, 192, 256 | SP 800-38A |
| AES-CCM | A3722 | Key Length - 128, 192, 256 | SP 800-38C |
| AES-CMAC | A3722 | Direction - Generation, Verification Key Length - 128, 192, 256 | SP 800-38B |
| AES-CTR | A3722 | Direction - Decrypt, Encrypt Key Length - 128, 192, 256 | SP 800-38A |
| AES-ECB | A3722 | Direction - Decrypt, Encrypt Key Length - 128, 192, 256 | SP 800-38A |
| AES-GCM | A3722 | Direction - Decrypt, Encrypt IV Generation - External IV Generation Mode - 8.2.1 Key Length - 128, 192, 256 | SP 800-38D |
| AES-GMAC | A3722 | Direction - Decrypt, Encrypt IV Generation - External IV Generation Mode - 8.2.1 Key Length - 128, 192, 256 | SP 800-38D |
| AES-XTS Testing Revision 2.0 | A3722 | Direction - Decrypt, Encrypt Key Length - 128, 256 | SP 800-38E |
| Counter DRBG | A3722 | Prediction Resistance - No, Yes Mode - AES-128, AES-192, AES-256 Derivation Function Enabled - Yes | SP 800-90A Rev. 1 |
| Hash DRBG | A3722 | Prediction Resistance - No, Yes Mode - SHA-1, SHA2-256, SHA2-512 | SP 800-90A Rev. 1 |
| HMAC DRBG | A3722 | Prediction Resistance - No, Yes Mode - SHA-1, SHA2-256, SHA2-512 | SP 800-90A Rev. 1 |
| HMAC-SHA-1 | A3722 | Key Length - Key Length: 112- 524288 Increment 8 | FIPS 198-1 |
| HMAC-SHA2-224 | A3722 | Key Length - Key Length: 112- 524288 Increment 8 | FIPS 198-1 |
| HMAC-SHA2-256 | A3722 | Key Length - Key Length: 112- 524288 Increment 8 | FIPS 198-1 |
| HMAC-SHA2-384 | A3722 | Key Length - Key Length: 112- 524288 Increment 8 | FIPS 198-1 |
| HMAC-SHA2-512 | A3722 | Key Length - Key Length: 112- 524288 Increment 8 | FIPS 198-1 |
| RSA SigVer (FIPS186- 4) | A3722 | Signature Type - PKCS 1.5 Modulo - 2048, 3072, 4096 | FIPS 186-4 |
| SHA-1 | A3722 | Message Length - Message Length: 0-65536 Increment 8 Large Message Sizes - 1, 2 | FIPS 180-4 |
| SHA2-224 | A3722 | Message Length - Message Length: 0-65536 Increment 8 Large Message Sizes - 1, 2 | FIPS 180-4 |
| SHA2-256 | A3722 | Message Length - Message Length: 0-65536 Increment 8 Large Message Sizes - 1, 2 | FIPS 180-4 |
| SHA2-384 | A3722 | Message Length - Message Length: 0-65536 Increment 8 Large Message Sizes - 1, 2 | FIPS 180-4 |
| SHA2-512 | A3722 | Message Length - Message Length: 0-65536 Increment 8 Large Message Sizes - 1, 2 | FIPS 180-4 |
| AES-ECB | A3723 | Direction - Decrypt, Encrypt Key Length - 128, 192, 256 | SP 800-38A |
| AES-GCM | A3723 | Direction - Encrypt IV Generation - Internal IV Generation Mode - 8.2.1 Key Length - 128, 192, 256 | SP 800-38D |
| Counter DRBG | A3723 | Prediction Resistance - No, Yes Mode - AES-128, AES-192, AES-256 Derivation Function Enabled - Yes | SP 800-90A Rev. 1 |
| Hash DRBG | A3723 | Prediction Resistance - No, Yes Mode - SHA-1, SHA2-256, SHA2-512 | SP 800-90A Rev. 1 |
| HMAC DRBG | A3723 | Prediction Resistance - No, Yes Mode - SHA-1, SHA2-256, SHA2-512 | SP 800-90A Rev. 1 |
| AES-ECB | A3724 | Direction - Decrypt, Encrypt Key Length - 128, 192, 256 | SP 800-38A |
| AES-GCM | A3724 | Direction - Decrypt, Encrypt IV Generation - External IV Generation Mode - 8.2.1 Key Length - 128, 192, 256 | SP 800-38D |
| Counter DRBG | A3724 | Prediction Resistance - No, Yes Mode - AES-128, AES-192, AES-256 Derivation Function Enabled - Yes | SP 800-90A Rev. 1 |
| Hash DRBG | A3724 | Prediction Resistance - No, Yes Mode - SHA-1, SHA2-256, SHA2-512 | SP 800-90A Rev. 1 |
| HMAC DRBG | A3724 | Prediction Resistance - No, Yes Mode - SHA-1, SHA2-256, SHA2-512 | SP 800-90A Rev. 1 |
| AES-CFB128 | A3725 | Direction - Decrypt, Encrypt Key Length - 128, 192, 256 | SP 800-38A |
| AES-OFB | A3726 | Direction - Decrypt, Encrypt Key Length - 128, 192, 256 | SP 800-38A |
| AES-CBC-CS3 | A3727 | Direction - decrypt, encrypt Key Length - 128, 192, 256 | SP 800-38A |
| HMAC-SHA3-224 | A3728 | Key Length - Key Length: 112- 524288 Increment 8 | FIPS 198-1 |
| HMAC-SHA3-256 | A3728 | Key Length - Key Length: 112- 524288 Increment 8 | FIPS 198-1 |
| HMAC-SHA3-384 | A3728 | Key Length - Key Length: 112- 524288 Increment 8 | FIPS 198-1 |
| HMAC-SHA3-512 | A3728 | Key Length - Key Length: 112- 524288 Increment 8 | FIPS 198-1 |
| SHA3-224 | A3728 | Message Length - Message Length: 0-65536 Increment 8 Large Message Sizes - 1, 2 | FIPS 202 |
| SHA3-256 | A3728 | Message Length - Message Length: 0-65536 Increment 8 Large Message Sizes - 1, 2 | FIPS 202 |
| SHA3-384 | A3728 | Message Length - Message Length: 0-65536 Increment 8 Large Message Sizes - 1, 2 | FIPS 202 |
| SHA3-512 | A3728 | Message Length - Message Length: 0-65536 Increment 8 Large Message Sizes - 1, 2 | FIPS 202 |
| AES-CBC | A4549 | Direction - Decrypt, Encrypt Key Length - 128, 192, 256 | SP 800-38A |
| AES-CTR | A4549 | Direction - Decrypt, Encrypt Key Length - 128, 192, 256 | SP 800-38A |
| AES-XTS Testing Revision 2.0 | A4549 | Direction - Decrypt, Encrypt Key Length - 128, 256 | SP 800-38E |
Nonapproved Table 5: Modes List and Description After passing all pre-operational self-tests and cryptographic algorithm self-tests executed on start-up, the module automatically transitions to the approved mode. No operator intervention is required to reach this point. Mode Change Instructions and Status [O]: The module automatically switches between the approved and non-approved modes depending on the services requested by the operator. The status indicator of the mode of The module does not implement a degraded mode of operation.
Approved Algorithms: © 2024 Red Hat, Inc./ atsec information security corporation.
© 2024 Red Hat, Inc./ atsec information security corporation.
© 2024 Red Hat, Inc./ atsec information security corporation.
© 2024 Red Hat, Inc./ atsec information security corporation.
© 2024 Red Hat, Inc./ atsec information security corporation.
© 2024 Red Hat, Inc./ atsec information security corporation.
© 2024 Red Hat, Inc./ atsec information security corporation.
© 2024 Red Hat, Inc./ atsec information security corporation.
© 2024 Red Hat, Inc./ atsec information security corporation.
© 2024 Red Hat, Inc./ atsec information security corporation.
| Name | Approved Functions |
|---|---|
| AES-GCM with external IV | Encryption |
| KBKDF (libkcapi) | Key derivation |
| HKDF (libkcapi) | Key derivation |
| PBKDF2 (libkcapi) | Password-based key derivation |
| RSA | Encryption primitive; Decryption primitive |
| RSA with PKCS#1 v1.5 padding | Signature generation (pre-hashed message); Signature verification (pre-hashed message) |
Table 6: Approved Algorithms Vendor-Affirmed Algorithms: N/A for this module. Non-Approved, Allowed Algorithms: N/A for this module. Non-Approved, Allowed Algorithms with No Security Claimed: N/A for this module. Non-Approved, Not Allowed Algorithms: Table 7: Non-Approved, Not Allowed Algorithms
© 2024 Red Hat, Inc./ atsec information security corporation.
| Name | Description | Approved Functions | Type | Properties |
|---|---|---|---|---|
| Encryption with AES | Encrypt a plaintext with AES | AES-CBC AES-CBC AES-CBC AES-CBC AES-CBC AES-CBC AES-CBC-CS3 AES-CBC-CS3 AES-CBC-CS3 AES-CFB128 AES-CFB128 AES-CFB128 AES-CTR AES-CTR AES-CTR AES-CTR AES-CTR AES-CTR AES-ECB AES-ECB AES-ECB AES-ECB AES-ECB AES-ECB AES-ECB AES-ECB AES-ECB AES-ECB AES-ECB AES-ECB AES-ECB AES-ECB AES-ECB AES-OFB AES-OFB AES-XTS Testing Revision 2.0 AES-XTS Testing Revision 2.0 AES-XTS Testing Revision 2.0 AES-XTS Testing Revision 2.0 AES-XTS Testing Revision 2.0 AES-XTS | BC-UnAuth | Key size(s):128, 192, 256 bits (XTS mode 128 and 256 bits only) |
| Decryption with AES | Decrypt a ciphertext with AES | AES-CBC AES-CBC AES-CBC AES-CBC AES-CBC AES-CBC AES-CBC-CS3 AES-CBC-CS3 AES-CBC-CS3 AES-CFB128 AES-CFB128 AES-CFB128 AES-CTR AES-CTR AES-CTR AES-CTR AES-CTR AES-CTR AES-ECB AES-ECB AES-ECB AES-ECB AES-ECB AES-ECB AES-ECB AES-ECB AES-ECB AES-ECB AES-ECB AES-ECB AES-ECB AES-ECB AES-ECB AES-OFB AES-OFB AES-OFB AES-XTS Testing Revision 2.0 AES-XTS Testing Revision 2.0 AES-XTS Testing Revision 2.0 AES-XTS Testing Revision 2.0 AES-XTS Testing Revision | BC-UnAuth | Key size(s):128, 192, 256 bits (XTS mode 128 and 256 bits only) |
| Hashing | Compute a message digest | SHA-1 SHA-1 SHA-1 SHA-1 SHA-1 SHA2-224 SHA2-224 SHA2-224 SHA2-224 SHA2-224 SHA2-256 SHA2-256 SHA2-256 SHA2-256 SHA2-256 SHA2-384 SHA2-384 SHA2-384 SHA2-384 SHA2-384 SHA2-512 SHA2-512 SHA2-512 SHA2-512 SHA2-512 SHA3-224 SHA3-224 SHA3-256 SHA3-256 SHA3-384 SHA3-384 SHA3-512 SHA3-512 | SHA | SHA-1 SHA2-224 SHA2-256 SHA2-384 SHA2-512 SHA3-224 SHA3-256 SHA3-384 SHA3-512 |
| Message authentication | Compute a MAC tag for authentication | AES-CMAC AES-CMAC AES-CMAC AES-CMAC AES-GMAC AES-GMAC AES-GMAC AES-GMAC HMAC-SHA-1 HMAC-SHA-1 HMAC-SHA-1 HMAC-SHA-1 HMAC-SHA-1 HMAC-SHA2- 224 | MAC | HMAC key size(s):112- 524288 bits (112-256 bits) AES key size(s):128, 192, 256 bits |
2.0 2.0 2.0 2.0 2.0 © 2024 Red Hat, Inc./ atsec information security corporation.
2.0 2.0 2.0 2.0 2.0 © 2024 Red Hat, Inc./ atsec information security corporation.
2.0 2.0 HMAC-SHA2224 © 2024 Red Hat, Inc./ atsec information security corporation.
HMAC-SHA2224 HMAC-SHA2224 HMAC-SHA2224 HMAC-SHA2224 HMAC-SHA2256 HMAC-SHA2256 HMAC-SHA2256 HMAC-SHA2256 HMAC-SHA2256 HMAC-SHA2384 HMAC-SHA2384 HMAC-SHA2384 HMAC-SHA2384 HMAC-SHA2384 HMAC-SHA2512 HMAC-SHA2512 HMAC-SHA2512 HMAC-SHA2512 HMAC-SHA2512 HMAC-SHA3224 HMAC-SHA3224 HMAC-SHA3256 HMAC-SHA3256 HMAC-SHA3384 HMAC-SHA3384 HMAC-SHA3512 © 2024 Red Hat, Inc./ atsec information security corporation.
| Name | Description | Approved Functions | Type | Properties |
|---|---|---|---|---|
| Random number generation with DRBGs | Generate random numbers from DRBGs | Counter DRBG Counter DRBG Counter DRBG Counter DRBG Counter DRBG Counter DRBG Counter DRBG Counter DRBG Counter DRBG Counter DRBG Counter DRBG Counter DRBG Counter DRBG Counter DRBG Counter DRBG HMAC DRBG HMAC DRBG HMAC DRBG HMAC DRBG HMAC DRBG HMAC DRBG HMAC DRBG HMAC DRBG HMAC DRBG HMAC DRBG HMAC DRBG HMAC DRBG HMAC DRBG HMAC DRBG HMAC DRBG HMAC DRBG HMAC DRBG Hash DRBG Hash DRBG Hash DRBG Hash DRBG Hash DRBG Hash DRBG Hash DRBG Hash DRBG Hash DRBG Hash DRBG Hash DRBG Hash DRBG Hash DRBG Hash DRBG Hash DRBG Hash DRBG Hash DRBG | DRBG | Counter DRBG: 128, 192, 256 bits HMAC DRBG: SHA-1, SHA2- 256, SHA2-384, SHA2-512 Hash DRBG: SHA-1, SHA2- 256, SHA2-384, SHA2-512 |
| Signature verification with RSA | Verify a signature with RSA | RSA SigVer (FIPS186-4) RSA SigVer (FIPS186-4) RSA SigVer (FIPS186-4) RSA SigVer (FIPS186-4) RSA SigVer (FIPS186-4) | DigSig-SigVer | Padding:PKCS#1 v1.5 Hashes:SHA-256 Key size(s):3072, 4096 bits |
| Authenticated encryption with AES | Encrypt and authenticate a plaintext with AES | AES-CCM AES-CCM AES-CCM AES-CCM AES-GCM AES-GCM AES-GCM AES-GCM AES-GCM AES-GCM AES-CBC AES-CBC AES-CBC AES-CBC AES-CBC AES-CBC AES-CTR AES-CTR AES-CTR AES-CTR AES-CTR AES-CTR HMAC-SHA-1 HMAC-SHA-1 HMAC-SHA-1 HMAC-SHA-1 HMAC-SHA-1 HMAC-SHA2- 256 HMAC-SHA2- 256 HMAC-SHA2- 256 HMAC-SHA2- 256 HMAC-SHA2- 256 HMAC-SHA2- 384 HMAC-SHA2- 384 HMAC-SHA2- | BC-Auth | Key size(s):128, 192, 256 bits |
| Authenticated decryption with AES | Decrypt and authenticate a ciphertext with AES | AES-CCM AES-CCM AES-CCM AES-CCM AES-GCM AES-GCM AES-GCM AES-GCM AES-GCM AES-GCM AES-GCM AES-GCM AES-GCM AES-CBC AES-CBC AES-CBC AES-CBC AES-CBC AES-CBC AES-CTR AES-CTR AES-CTR AES-CTR AES-CTR AES-CTR HMAC-SHA-1 HMAC-SHA-1 HMAC-SHA-1 HMAC-SHA-1 HMAC-SHA-1 HMAC-SHA2- 256 HMAC-SHA2- 256 HMAC-SHA2- 256 HMAC-SHA2- | BC-Auth | Key size(s):128, 192, 256 bits |
| Key wrapping | Key wrapping | AES-GCM AES-GCM AES-GCM AES-GCM AES-GCM AES-GCM | KTS-Wrap | Key size(s):128, 192, 256 bits |
| Key unwrapping | Key unwrapping | AES-GCM AES-GCM AES-GCM AES-GCM AES-GCM AES-GCM AES-GCM AES-GCM AES-GCM | KTS-Wrap | Key sizes(s):128, 192, 256 bits |
HMAC-SHA3512 © 2024 Red Hat, Inc./ atsec information security corporation.
HMAC-SHA2256 HMAC-SHA2256 HMAC-SHA2256 HMAC-SHA2256 HMAC-SHA2256 HMAC-SHA2384 HMAC-SHA2384 © 2024 Red Hat, Inc./ atsec information security corporation.
HMAC-SHA2384 HMAC-SHA2384 HMAC-SHA2512 HMAC-SHA2512 HMAC-SHA2512 HMAC-SHA2512 HMAC-SHA2512 HMAC-SHA2256 HMAC-SHA2256 HMAC-SHA2256 © 2024 Red Hat, Inc./ atsec information security corporation.
HMAC-SHA2256 HMAC-SHA2384 HMAC-SHA2384 HMAC-SHA2384 HMAC-SHA2384 HMAC-SHA2384 HMAC-SHA2512 HMAC-SHA2512 HMAC-SHA2512 HMAC-SHA2512 HMAC-SHA2512 Table 8: Security Function Implementations
Legacy use: Digital Signature Verification with SHA-1 is allowed for legacy use only. The Crypto Officer shall consider the following requirements and restrictions when using the module. © 2024 Red Hat, Inc./ atsec information security corporation.
| Cert | Vendor | ||
|---|---|---|---|
| Number | Name | ||
| E54 | Red Hat, Inc. |
For IPsec, the module offers the AES GCM implementation and uses the context of Scenario
1 of FIPS 140-3 IG C.H. The mechanism for IV generation is compliant with RFC 4106. IVs
generated using this mechanism may only be used in the context of AES GCM encryption within the IPsec protocol. The module does not implement IPsec. The module’s implementation of AES GCM is used together with an application that runs outside the module’s cryptographic boundary. This application must use RFC 7296 compliant IKEv2 to establish the shared secret SKEYSEED from which the AES GCM encryption keys are derived. The design of the IPsec protocol implicitly ensures that the counter (the nonce_explicit part of the IV) does not exhaust the maximum number of possible values for a given session key. In the event the module’s power is lost and restored, the consuming application must ensure that a new key for use with the AES GCM key encryption or decryption under this scenario shall be established. The module also provides a non-approved AES GCM encryption service which accepts arbitrary external IVs from the operator. This service can be requested by invoking the crypto_aead_encrypt API function with an AES GCM handle. When this is the case, the API will not set an approved service indicator, as described in section 4.3.
The length of a single data unit encrypted or decrypted with AES XTS shall not exceed 220 AES blocks, that is 16MB, of data per XTS instance. An XTS instance is defined in Section 4 of SP 800-38E. To meet the requirement stated in IG C.I, the module implements a check to ensure that the two AES keys used in AES XTS mode are not identical. The XTS mode shall only be used for the cryptographic protection of data on storage devices. It shall not be used for other purposes, such as the encryption of data in transit.
For RSA signature verification, the module supports modulus size 3072 and 4096 bits. The supported modulus size has been CAVP tested in compliance in IG C.F.
The module provides SHA-3 hash functions compliant with IG C.C. Every implementation of each SHA-3 function was tested and validated on all the module’s operating environments. SHAKE functions are not implemented. SHA-3 hash functions are also used as part of a higher-level algorithm for HMAC.
Table 9: Entropy Certificates © 2024 Red Hat, Inc./ atsec information security corporation.
| Name | Type | Strength | Operational Environment | Conditioning Component | |
|---|---|---|---|---|---|
| RHEL Kernel CPU Time Jitter RNG Entropy Source | Non- Physical | 64 bits | Red Hat Enterprise Linux 9 on Dell PowerEdge R440 | 59.62 bits | Linear-Feedback Shift Register (LFSR) |
NonPhysical Table 10: Entropy Sources The module implements three different Deterministic Random Bit Generator (DRBG) implementations based on SP 800-90Ar1: CTR_DRBG, Hash_DRBG, and HMAC_DRBG. Each of these DRBG implementations can be instantiated by the operator of the module. When instantiated, these DRBGs can be used to generate random numbers for external usage. Additionally, the module employs a specific HMAC-SHA2-512 DRBG implementation for internal purposes (e.g. to generate initialization vectors). This DRBG is initially seeded with
384 output bits from the entropy source (357 bits of entropy) and reseeded with 256 output
bits from the entropy source (238 bits of entropy).
The module does not provide key generation.
As permitted by IG D.G, the module provides key transport methods by using AES-GCM encryption mode in the context of IPsec protocol.
AES GCM with internal IV generation in the approved mode is compliant with RFC 4106 and shall only be used in conjunction with the IPsec protocol. No parts of this protocol, other than the AES GCM implementation, have been tested by the CAVP and CMVP.
Not applicable. © 2024 Red Hat, Inc./ atsec information security corporation.
| Name | Physical Port | Logical Interface | Data That Passes |
|---|---|---|---|
| As a software-only module, the module does not have physical ports. Physical ports are interpreted to be the physical ports of the hardware platform on which it runs. | As a software-only module, the module does not have physical ports. Physical ports are interpreted to be the physical ports of the hardware platform on which it runs. | Data Input | API data input parameters, AF_ALG type sockets |
| As a software-only module, the module does not have physical ports. Physical ports are interpreted to be the physical ports of the hardware platform on which it runs. | As a software-only module, the module does not have physical ports. Physical ports are interpreted to be the physical ports of the hardware platform on which it runs. | Data Output | API data output parameters, AF_ALG type sockets |
| As a software-only module, the module does not have physical ports. Physical ports are interpreted to be the physical ports of the hardware platform on which it runs. | As a software-only module, the module does not have physical ports. Physical ports are interpreted to be the physical ports of the hardware platform on which it runs. | Control Input | API function calls, API control input parameters, AF_ALG type sockets, kernel command line |
| As a software-only module, the module does not have physical ports. Physical Ports are interpreted to be the physical ports of the hardware platform on which it runs. | As a software-only module, the module does not have physical ports. Physical Ports are interpreted to be the physical ports of the hardware platform on which it runs. | Status Output | API return values, AF_ALG type sockets, kernel logs |
Table 11: Ports and Interfaces The logical interfaces are the APIs through which the applications request services. These logical interfaces are logically separated from each other by the API design, AF_ALG type socket that allows the applications running in the user space to request cryptographic services from the module.
The module does not implement a trusted channel.
Not applicable. © 2024 Red Hat, Inc./ atsec information security corporation.
| Name | Description | Role Access | Csps Accessed | Approved Functions | Indicator | Type | Input | Output | |
|---|---|---|---|---|---|---|---|---|---|
| Crypto Officer | CO | Role | None | ||||||
| Message digest | Compute a message digest | Crypt o Offic er | Hashing | crypto_shash_init returns 0 | Messag e | Digest value | |||
| Key wrapping | Wrap a key | Crypt o Offic er - AES key: W,E - HMA C key: W,E | Key wrapping | crypto_skcipher_set key returns 0; crypto_shash_init returns 0 | AES key, key to be wrappe d | wrapped key | |||
| Key unwrappin g | Unwrap a key | Crypt o Offic er - AES key: W,E - HMA C | Key unwrappin g | crypto_skcipher_set key returns 0; crypto_shash_init returns 0 | AES key, key to be unwrap ped | unwrapped key |
| Name | Description | Role Access | Csps Accessed | Approved Functions | Indicator | Type | Input | Output | |
|---|---|---|---|---|---|---|---|---|---|
| Crypto Officer | CO | Role | None | ||||||
| Message digest | Compute a message digest | Crypt o Offic er | Hashing | crypto_shash_init returns 0 | Messag e | Digest value | |||
| Key wrapping | Wrap a key | Crypt o Offic er - AES key: W,E - HMA C key: W,E | Key wrapping | crypto_skcipher_set key returns 0; crypto_shash_init returns 0 | AES key, key to be wrappe d | wrapped key | |||
| Key unwrappin g | Unwrap a key | Crypt o Offic er - AES key: W,E - HMA C | Key unwrappin g | crypto_skcipher_set key returns 0; crypto_shash_init returns 0 | AES key, key to be unwrap ped | unwrapped key | |||
| Encryption | Encrypt a plaintext | Crypt o Offic er - AES key: W,E | Encryption with AES | crypto_skcipher_set key returns 0 | AES key, plaintex t | Ciphertext | |||
| Decryptio n | Decrypt a ciphertext | Crypt o Offic er - AES key: W,E | Decryptio n with AES | crypto_skcipher_set key returns 0 | AES key, cipherte xt | Plaintext | |||
| Authentica ted encryption | Encrypt and authentic ate a plaintext | Crypt o Offic er - AES key: W,E | Authentic ated encryption with AES | For all except AES GCM: crypto_aead_setkey returns 0; For AES GCM: crypto_aead_get_fla gs(tfm) has the CRYPTO_TFM_ FIPS_COMPLIANCE flag set | AES key, plaintex t | Ciphertext, MAC tag | |||
| Authentica ted decryption | Encrypt and authentic ate a ciphertext | Crypt o Offic er - AES key: W,E | Authentic ated decryption with AES | For all except AES GCM: crypto_aead_setkey returns 0; For AES GCM: crypto_aead_get_fla gs(tfm) has the CRYPTO_TFM_ FIPS_COMPLIANCE flag set | AES key, cipherte xt, MAC tag | Plaintext or failure | |||
| Message authentica tion generatio n | Compute a MAC tag | Crypt o Offic er - AES key: W,E - HMA C key: W,E | Message authentica tion | crypto_shash_init returns 0 | AES: AES key, messag e; HMAC: HMAC key, messag e | MAC tag | |||
| Message authentica tion verificatio n | Compute a MAC tag | Crypt o Offic er - AES key: W,E - HMA C key: W,E | Message authentica tion | crypto_shash_init returns 0 | AES: AES key, messag e, MAC tag; HMAC: HMAC key, messag e, MAC tag | Success/Fa ilure | |||
| Random number generatio n | Generate random bytes | Crypt o Offic er - Entro py input: W,E - DRB G seed: G,E - DRB G Inter nal state (V, Key): G,W, E - DRB G Inter nal state (V, C): G,W, E | Random number generatio n with DRBGs | crypto_rng_get_byt es returns 0 | Output length | Random bytes | |||
| Error detection code | Compute an EDC (crc32, crct10dif) | Crypt o Offic er | None | None | Messag e | EDC | |||
| Compressi on | Compress data (deflate, lz4, lz4hc, lzo, zlibdeflat e, zstd) | Crypt o Offic er | None | None | Data | Compresse d data | |||
| Generic system call | Use the kernel to perform various non- cryptogra phic operation s | Crypt o Offic er | None | None | Identifie r, various argume nts | Various return values | |||
| Show version | Return the module name and version informatio n | Crypt o Offic er | None | None | N/A | Module name and version | |||
| Show status | Return the module status | Crypt o Offic er | None | None | N/A | Module status | |||
| Self-test | Perform the CASTs and integrity tests | Crypt o Offic er | Encryption with AES Decryptio n with AES Hashing Message authentica tion Random number generatio n with DRBGs Signature verificatio n with RSA Authentic ated encryption with AES Authentic ated | None | N/A | Pass/fail | |||
| Zeroizatio n | Zeroize all SSPs | Crypt o Offic er - AES key: Z - HMA C key: Z - Entro py input: Z - DRB G Inter nal state (V, Key): Z - DRB G Inter nal state (V, C): Z - DRB G seed: Z | None | None | Any SSP | N/A |
N/A for this module. The module does not implement authentication.
Table 12: Roles The module supports the Crypto Officer role only. This sole role is implicitly and always assumed by the operator of the module. No support is provided for multiple concurrent operators.
a g s e d g o
s W,E
n n s e
noncryptogra s n s o r,
n N/A s
| Name | Description | Roles | Approved Functions |
|---|---|---|---|
| AES GCM external IV encryption | Encrypt a plaintext using AES GCM with an external IV | CO | AES-GCM with external IV |
| Key derivation | Derive a key from a key- derivation key or a shared secret | CO | KBKDF (libkcapi) HKDF (libkcapi) |
| Password-based key derivation | Derive a key from a password | CO | PBKDF2 (libkcapi) |
| RSA encryption primitive | Compute the raw RSA encryption of a plaintext | CO | RSA |
| RSA decryption primitive | Compute the raw RSA decryption of a cipertext | CO | RSA |
| RSA signature generation (pre-hashed message) | Generate a digital signature for a pre-hashed message | CO | RSA with PKCS#1 v1.5 padding |
| RSA signature verification (pre-hashed message) | Verify a digital signature for a pre-hashed message | CO | RSA with PKCS#1 v1.5 padding |
Table 14: Non-Approved Services
The module does not load external software or firmware.
The module does not implement a bypass capability.
The module does not implement a self-initiated cryptographic output capability.
Not applicable. © 2024 Red Hat, Inc./ atsec information security corporation.
The Linux kernel binary is integrity tested using an HMAC-SHA2-512 calculation performed by the sha512hmac utility (which utilizes the module’s HMAC and SHA-512 implementations). An HMAC-SHA2-512 calculation is also performed on the sha512hmac utility and the libkcapi library to verify their integrity. The kernel crypto object files listed in section 2.2 are loaded on start-up by the module and verified using RSA signature verification with PKCS#1 v1.5 padding, SHA-256, and a 3072-bit key.
Integrity tests are performed as part of the pre-operational self-tests, which are executed when the module is initialized. The integrity tests can be invoked on demand by unloading and subsequently re-initializing the module, which will perform (among others) the software integrity tests.
Not applicable. © 2024 Red Hat, Inc./ atsec information security corporation.
Type of Operational Environment: Modifiable How Requirements are Satisfied [O]: The operating system provides process isolation and memory protection mechanisms that ensure appropriate separation for memory access among the processes on the system. Each process has control over its own data and uncontrolled access to the data of other processes is prevented.
The module shall be installed as stated in Section 11.1. Instrumentation tools like the ptrace system call, gdb and strace, as well as other tracing mechanisms offered by the Linux environment such as ftrace or systemtap, shall not be used in the operational environments. The use of any of these tools implies that the cryptographic module is running in a non-validated operational environment.
The Red Hat Enterprise Linux operating system is used as the basis of other products which include but are not limited to:
| Temp/Voltage Type | Temperature or Voltage | EFP | Result |
|---|---|---|---|
| or | |||
| EFT | |||
| LowTemperature | |||
| HighTemperature | |||
| LowVoltage | |||
| HighVoltage |
| Temperature | Temperature | |
|---|---|---|
| Type | ||
| LowTemperature | ||
| HighTemperature |
N/A for this module. The module is comprised of software only and therefore this section is not applicable.
Not applicable. Table 15: EFP/EFT Information Not applicable.
Table 16: Hardness Testing Temperatures Not applicable.
Not applicable. © 2024 Red Hat, Inc./ atsec information security corporation.
This module does not implement any non-invasive security mechanism and therefore this section is not applicable.
Not applicable. © 2024 Red Hat, Inc./ atsec information security corporation.
| Name | Type | Description |
|---|---|---|
| RAM | Dynamic | Temporary storage for SSPs used by the module as part of service execution |
| Name | Approved Functions | Type | From | To | Distributio n Type |
|---|---|---|---|---|---|
| API input parameters; AF_ALG_typ e sockets (input) | Electroni c | Plaintex t | Operator calling applicatio n (TOEPP) | Cryptographi c module | Manual |
| Zeroization | Description | Rationale | Operator Initiation | |
|---|---|---|---|---|
| Method | ||||
| Free cipher handle | Zeroizes the SSPs contained within the cipher handle | Memory occupied by SSPs is overwritten with zeroes, which renders the SSP values irretrievable. The completion of the zeroization routine indicates that the zeroization procedure succeeded. | By calling the appropriate zeroization functions: AES key: crypto_free_skcipher and crypto_free_aead; HMAC key: crypto_free_shash and crypto_free_ahash; Entropy input: crypto_free_rng; DRBG seed: crypto_free_rng; DRBG internal state (V, Key): crypto_free_rng; DRBG internal state (V, C): crypto_free_rng; | |
| Remove power from the module | De-allocates the volatile memory used to store SSPs | Volatile memory used by the module is overwritten within nanoseconds when power is removed. Module power off indicates that the zeroization procedure | By removing power |
Table 17: Storage Areas The module does not perform persistent storage of SSPs. The SSPs are temporarily stored in the RAM in plaintext form. SSPs are provided to the module by the calling process and are destroyed when released by the appropriate zeroization function calls.
t m c Table 18: SSP Input-Output Methods © 2024 Red Hat, Inc./ atsec information security corporation.
| Name | Type | Description | Strength | Generation | Storage | Zeroization | Use | Input | Size - Strengt h | |
|---|---|---|---|---|---|---|---|---|---|---|
| AES key | Symmetric Key - CSP | AES key used for encryption, decryption, and computing MAC tags. | 128, 192, 256 bits - 128, 192, 256 bits | Encryption with AES Decryption with AES Authenticate d encryption with AES Authenticate d decryption with AES Key wrapping Key unwrapping | ||||||
| HMAC key | Authenticatio n key - CSP | HMAC key. | 112- 524288 bits - 112-256 bits | Message authenticatio n | ||||||
| Entrop y input | Entropy input - CSP | Entropy input used to seed the DRBGs. Compliant with IG D.L. | 128-384 bits - 117-357 bits | Random number generation with DRBGs | ||||||
| DRBG seed | Seed - CSP | DRBG seed derived from entropy input. Compliant with IG D.L. | Counter DRBG: 128, 192, 256 bits; Hash DRBG: 128, 256 bits; HMAC | Random number generation with DRBGs | Random number generation with DRBGs | |||||
| n | n | Strengt | ||||||||
| DRBG Interna l state (V, Key) | Internal state - CSP | Internal state of Counter DRBG and HMAC DRBG instances. Compliant with IG D.L. | Counter DRBG: 128, 192, 256 bits; HMAC DRBG: 128, 256 bits - Counter DRBG: 128, 192, 256 bits; HMAC DRBG: 128, 256 bits | Random number generation with DRBGs | Random number generation with DRBGs | |||||
| DRBG Interna l state (V, C) | Internal state - CSP | Internal state of Hash DRBG instances. Compliant with IG D.L. | Hash DRBG: 128, 256 bits - Hash DRBG: 128, 256 bits | Random number generation with DRBGs | Random number generation with DRBGs | |||||
| AES key | RAM:Plaintext | Free cipher handle Remove | API input parameters; AF_ALG_type | Until cipher handle is freed or |
| Zeroization | Description | Rationale | Operator Initiation |
|---|---|---|---|
| Method | |||
| succeeded. The successful removal of power implicitly indicates that the zeroization is complete. |
Table 19: SSP Zeroization Methods All data output is inhibited during zeroization.
n h 112524288 n © 2024 Red Hat, Inc./ atsec information security corporation.
| Name | Type | Description | Strength | Generation | Storage | Zeroization | Use | Input | Size - Strengt h | |
|---|---|---|---|---|---|---|---|---|---|---|
| n | n | Strengt | ||||||||
| DRBG Interna l state (V, Key) | Internal state - CSP | Internal state of Counter DRBG and HMAC DRBG instances. Compliant with IG D.L. | Counter DRBG: 128, 192, 256 bits; HMAC DRBG: 128, 256 bits - Counter DRBG: 128, 192, 256 bits; HMAC DRBG: 128, 256 bits | Random number generation with DRBGs | Random number generation with DRBGs | |||||
| DRBG Interna l state (V, C) | Internal state - CSP | Internal state of Hash DRBG instances. Compliant with IG D.L. | Hash DRBG: 128, 256 bits - Hash DRBG: 128, 256 bits | Random number generation with DRBGs | Random number generation with DRBGs | |||||
| AES key | RAM:Plaintext | Free cipher handle Remove | API input parameters; AF_ALG_type | Until cipher handle is freed or |
n (V, (V, C) h Table 20: SSP Table 1 © 2024 Red Hat, Inc./ atsec information security corporation.
| Name | Storage | Zeroization | Input | Module powered off | |
|---|---|---|---|---|---|
| HMAC key | RAM:Plaintext | Free cipher handle Remove power from the module | API input parameters; AF_ALG_type sockets (input) | Until cipher handle is freed or module powered off | |
| Entropy input | RAM:Plaintext | Free cipher handle Remove power from the module | From generation until DRBG seed/reseed | DRBG seed:Derives | |
| DRBG seed | RAM:Plaintext | Free cipher handle Remove power from the module | While the DRBG is being instantiated | Entropy input:Derived From DRBG Internal state (V, Key):Derives DRBG Internal state (V, C):Derives | |
| DRBG Internal state (V, Key) | RAM:Plaintext | Free cipher handle Remove power from the module | From DRBG instantiation until DRBG termination | DRBG seed:Derived From | |
| DRBG Internal state (V, C) | RAM:Plaintext | Free cipher handle Remove power from the module | From DRBG instantiation until DRBG termination | DRBG seed:Derived From |
The SHA-1 algorithm as implemented by the module will be non-approved for all purposes, starting January 1, 2030. The RSA algorithm as implemented by the module conforms to FIPS 186-4, which has been superseded by FIPS 186-5. FIPS 186-4 will be withdrawn on February 3, 2024.
Not applicable. © 2024 Red Hat, Inc./ atsec information security corporation.
| Name | Algorithm Or Test | Test Method | Test Type | Details | Indicator | Conditions | |
|---|---|---|---|---|---|---|---|
| HMAC- SHA2-512 (A3647) | HMAC- SHA2-512 (A3647) | Message Authentication | SW/FW Integrity | Integrity test for vmlinuz, libkcapi components and sha512hmac binary | 128-bit key | Module becomes operational and services are available for use. | |
| RSA SigVer (FIPS186-4) (A3629) | RSA SigVer (FIPS186-4) (A3629) | Signature Verification | SW/FW Integrity | Integrity test for kernel object files | 3072-bit key with SHA- 256 | Module becomes operational and services are available for use. | |
| SHA-1 (A3629) | SHA-1 (A3629) | KAT | CAST | Message digest | 0-8184 bit messages | Module becomes operational and services are available for use. | Module initialization |
| SHA-1 (A3645) | SHA-1 (A3645) | KAT | CAST | Message digest | 0-8184 bit messages | Module becomes operational and services are available for use. | Module initialization |
| Name | Algorithm Or Test | Test Method | Test Type | Details | Indicator | Conditions | |
|---|---|---|---|---|---|---|---|
| HMAC- SHA2-512 (A3647) | HMAC- SHA2-512 (A3647) | Message Authentication | SW/FW Integrity | Integrity test for vmlinuz, libkcapi components and sha512hmac binary | 128-bit key | Module becomes operational and services are available for use. | |
| RSA SigVer (FIPS186-4) (A3629) | RSA SigVer (FIPS186-4) (A3629) | Signature Verification | SW/FW Integrity | Integrity test for kernel object files | 3072-bit key with SHA- 256 | Module becomes operational and services are available for use. | |
| SHA-1 (A3629) | SHA-1 (A3629) | KAT | CAST | Message digest | 0-8184 bit messages | Module becomes operational and services are available for use. | Module initialization |
| SHA-1 (A3645) | SHA-1 (A3645) | KAT | CAST | Message digest | 0-8184 bit messages | Module becomes operational and services are available for use. | Module initialization |
HMACSHA2-512 with SHA256 Table 22: Pre-Operational Self-Tests The pre-operational software integrity tests are performed automatically when the module is powered on, before the module transitions into the operational state. The algorithms used CASTs before the integrity test is performed. While the module is executing the self-tests, services are not available, and data output (via the data output interface) is inhibited until the pre-operational software integrity self-tests are successfully completed. The module transitions to the operational state only after the pre-operational self-tests are passed successfully.
© 2024 Red Hat, Inc./ atsec information security corporation.
| Name | Algorithm Or Test | Test Method | Test Type | Details | Indicator | Conditions | |
|---|---|---|---|---|---|---|---|
| SHA-1 (A3646) | SHA-1 (A3646) | KAT | CAST | Message digest | 0-8184 bit messages | Module becomes operational and services are available for use. | Module initialization |
| SHA-1 (A3647) | SHA-1 (A3647) | KAT | CAST | Message digest | 0-8184 bit messages | Module becomes operational and services are available for use. | Module initialization |
| SHA-1 (A3722) | SHA-1 (A3722) | KAT | CAST | Message digest | 0-8184 bit messages | Module becomes operational and services are available for use. | Module initialization |
| SHA2-224 (A3629) | SHA2-224 (A3629) | KAT | CAST | Message digest | 0-8184 bit messages | Module becomes operational and services are available for use. | Module initialization |
| SHA2-224 (A3645) | SHA2-224 (A3645) | KAT | CAST | Message digest | 0-8184 bit messages | Module becomes operational and services are available for use. | Module initialization |
| SHA2-224 (A3646) | SHA2-224 (A3646) | KAT | CAST | Message digest | 0-8184 bit messages | Module becomes operational and services are available for use. | Module initialization |
| SHA2-224 (A3647) | SHA2-224 (A3647) | KAT | CAST | Message digest | 0-8184 bit messages | Module becomes operational | Module initialization |
© 2024 Red Hat, Inc./ atsec information security corporation.
| Name | Role Access | Approved Functions | Type | Properties | Details | |
|---|---|---|---|---|---|---|
| Module becomes operational and services are available for use. | Module initialization | SHA2-224 (A3722) | CAST | 0-8184 bit messages | KAT | Message digest |
| Module becomes operational and services are available for use. | Module initialization | SHA2-256 (A3629) | CAST | 0-8184 bit messages | KAT | Message digest |
| Module becomes operational and services are available for use. | Module initialization | SHA2-256 (A3645) | CAST | 0-8184 bit messages | KAT | Message digest |
| Module becomes operational and services are available for use. | Module initialization | SHA2-256 (A3646) | CAST | 0-8184 bit messages | KAT | Message digest |
| Module becomes operational and services are available for use. | Module initialization | SHA2-256 (A3647) | CAST | 0-8184 bit messages | KAT | Message digest |
| Module becomes operational and services are | Module initialization | SHA2-256 (A3722) | CAST | 0-8184 bit messages | KAT | Message digest |
© 2024 Red Hat, Inc./ atsec information security corporation.
| Name | Algorithm Or Test | Test Method | Test Type | Details | Indicator available for use. | Conditions | |
|---|---|---|---|---|---|---|---|
| SHA2-384 (A3629) | SHA2-384 (A3629) | KAT | CAST | Message digest | 0-8184 bit messages | Module becomes operational and services are available for use. | Module initialization |
| SHA2-384 (A3645) | SHA2-384 (A3645) | KAT | CAST | Message digest | 0-8184 bit messages | Module becomes operational and services are available for use. | Module initialization |
| SHA2-384 (A3646) | SHA2-384 (A3646) | KAT | CAST | Message digest | 0-8184 bit messages | Module becomes operational and services are available for use. | Module initialization |
| SHA2-384 (A3647) | SHA2-384 (A3647) | KAT | CAST | Message digest | 0-8184 bit messages | Module becomes operational and services are available for use. | Module initialization |
| SHA2-384 (A3722) | SHA2-384 (A3722) | KAT | CAST | Message digest | 0-8184 bit messages | Module becomes operational and services are available for use. | Module initialization |
| SHA2-512 (A3629) | SHA2-512 (A3629) | KAT | CAST | Message digest | 0-8184 bit messages | Module becomes operational and services are available for use. | Module initialization |
| SHA2-512 (A3645) | SHA2-512 (A3645) | KAT | CAST | Message digest | 0-8184 bit messages | Module becomes operational and services are available for use. | Module initialization |
| SHA2-512 (A3646) | SHA2-512 (A3646) | KAT | CAST | Message digest | 0-8184 bit messages | Module becomes operational and services are available for use. | Module initialization |
| SHA2-512 (A3647) | SHA2-512 (A3647) | KAT | CAST | Message digest | 0-8184 bit messages | Module becomes operational and services are available for use. | Module initialization |
| SHA2-512 (A3722) | SHA2-512 (A3722) | KAT | CAST | Message digest | 0-8184 bit messages | Module becomes operational and services are available for use. | Module initialization |
| SHA3-224 (A3630) | SHA3-224 (A3630) | KAT | CAST | Message digest | 0-8184 bit messages | Module becomes operational and services are available for use. | Module initialization |
| SHA3-224 (A3728) | SHA3-224 (A3728) | KAT | CAST | Message digest | 0-8184 bit messages | Module becomes operational and services are available for use. | Module initialization |
| SHA3-256 (A3630) | SHA3-256 (A3630) | KAT | CAST | Message digest | 0-8184 bit messages | Module becomes operational | Module initialization |
© 2024 Red Hat, Inc./ atsec information security corporation.
© 2024 Red Hat, Inc./ atsec information security corporation.
| Name | Role Access | Approved Functions | Type | Properties | Details | |
|---|---|---|---|---|---|---|
| Module becomes operational and services are available for use. | Module initialization | SHA3-256 (A3728) | CAST | 0-8184 bit messages | KAT | Message digest |
| Module becomes operational and services are available for use. | Module initialization | SHA3-384 (A3630) | CAST | 0-8184 bit messages | KAT | Message digest |
| Module becomes operational and services are available for use. | Module initialization | SHA3-384 (A3728) | CAST | 0-8184 bit messages | KAT | Message digest |
| Module becomes operational and services are available for use. | Module initialization | SHA3-512 (A3630) | CAST | 0-8184 bit messages | KAT | Message digest |
| Module becomes operational and services are available for use. | Module initialization | SHA3-512 (A3728) | CAST | 0-8184 bit messages | KAT | Message digest |
| Module becomes operational and services are | Module initialization | AES-ECB (A3629) | CAST | Encrypt with 128, 192, 256 bit keys | KAT | Encryption, Decryption |
© 2024 Red Hat, Inc./ atsec information security corporation.
| Name | Algorithm Or Test | Test Method | Test Type | Details | Indicator available for use. | Conditions | |
|---|---|---|---|---|---|---|---|
| AES-ECB (A3634) | AES-ECB (A3634) | KAT | CAST | Encryption, Decryption | Encrypt with 128, 192, 256 bit keys | Module becomes operational and services are available for use. | Module initialization |
| AES-ECB (A3635) | AES-ECB (A3635) | KAT | CAST | Encryption, Decryption | Encrypt with 128, 192, 256 bit keys | Module becomes operational and services are available for use. | Module initialization |
| AES-ECB (A3636) | AES-ECB (A3636) | KAT | CAST | Encryption, Decryption | Encrypt with 128, 192, 256 bit keys | Module becomes operational and services are available for use. | Module initialization |
| AES-ECB (A3637) | AES-ECB (A3637) | KAT | CAST | Encryption, Decryption | Encrypt with 128, 192, 256 bit keys | Module becomes operational and services are available for use. | Module initialization |
| AES-ECB (A3638) | AES-ECB (A3638) | KAT | CAST | Encryption, Decryption | Encrypt with 128, 192, 256 bit keys | Module becomes operational and services are available for use. | Module initialization |
| AES-ECB (A3639) | AES-ECB (A3639) | KAT | CAST | Encryption, Decryption | Encrypt with 128, 192, 256 bit keys | Module becomes operational and services are available for use. | Module initialization |
| AES-ECB (A3640) | AES-ECB (A3640) | KAT | CAST | Encryption, Decryption | Encrypt with 128, 192, 256 bit keys | Module becomes operational and services are available for use. | Module initialization |
| AES-ECB (A3641) | AES-ECB (A3641) | KAT | CAST | Encryption, Decryption | Encrypt with 128, 192, 256 bit keys | Module becomes operational and services are available for use. | Module initialization |
| AES-ECB (A3719) | AES-ECB (A3719) | KAT | CAST | Encryption, Decryption | Encrypt with 128, 192, 256 bit keys | Module becomes operational and services are available for use. | Module initialization |
| AES-ECB (A3720) | AES-ECB (A3720) | KAT | CAST | Encryption, Decryption | Encrypt with 128, 192, 256 bit keys | Module becomes operational and services are available for use. | Module initialization |
| AES-ECB (A3721) | AES-ECB (A3721) | KAT | CAST | Encryption, Decryption | Encrypt with 128, 192, 256 bit keys | Module becomes operational and services are available for use. | Module initialization |
| AES-ECB (A3722) | AES-ECB (A3722) | KAT | CAST | Encryption, Decryption | Encrypt with 128, 192, 256 bit keys | Module becomes operational and services are available for use. | Module initialization |
| AES-ECB (A3723) | AES-ECB (A3723) | KAT | CAST | Encryption, Decryption | Encrypt with 128, 192, 256 bit keys | Module becomes operational | Module initialization |
© 2024 Red Hat, Inc./ atsec information security corporation.
© 2024 Red Hat, Inc./ atsec information security corporation.
| Name | Role Access | Approved Functions | Type | Properties | Details | |
|---|---|---|---|---|---|---|
| Module becomes operational and services are available for use. | Module initialization | AES-ECB (A3724) | CAST | Encrypt with 128, 192, 256 bit keys | KAT | Encryption, Decryption |
| Module becomes operational and services are available for use. | Module initialization | AES-ECB (A3629) | CAST | Decrypt with 128, 192, 256 bit keys | KAT | Encryption, Decryption |
| Module becomes operational and services are available for use. | Module initialization | AES-ECB (A3634) | CAST | Decrypt with 128, 192, 256 bit keys | KAT | Encryption, Decryption |
| Module becomes operational and services are available for use. | Module initialization | AES-ECB (A3635) | CAST | Decrypt with 128, 192, 256 bit keys | KAT | Encryption, Decryption |
| Module becomes operational and services are available for use. | Module initialization | AES-ECB (A3636) | CAST | Decrypt with 128, 192, 256 bit keys | KAT | Encryption, Decryption |
| Module becomes operational and services are | Module initialization | AES-ECB (A3637) | CAST | Decrypt with 128, 192, 256 bit keys | KAT | Encryption, Decryption |
© 2024 Red Hat, Inc./ atsec information security corporation.
| Name | Algorithm Or Test | Test Method | Test Type | Details | Indicator available for use. | Conditions | |
|---|---|---|---|---|---|---|---|
| AES-ECB (A3638) | AES-ECB (A3638) | KAT | CAST | Encryption, Decryption | Decrypt with 128, 192, 256 bit keys | Module becomes operational and services are available for use. | Module initialization |
| AES-ECB (A3639) | AES-ECB (A3639) | KAT | CAST | Encryption, Decryption | Decrypt with 128, 192, 256 bit keys | Module becomes operational and services are available for use. | Module initialization |
| AES-ECB (A3640) | AES-ECB (A3640) | KAT | CAST | Encryption, Decryption | Decrypt with 128, 192, 256 bit keys | Module becomes operational and services are available for use. | Module initialization |
| AES-ECB (A3641) | AES-ECB (A3641) | KAT | CAST | Encryption, Decryption | Decrypt with 128, 192, 256 bit keys | Module becomes operational and services are available for use. | Module initialization |
| AES-ECB (A3719) | AES-ECB (A3719) | KAT | CAST | Encryption, Decryption | Decrypt with 128, 192, 256 bit keys | Module becomes operational and services are available for use. | Module initialization |
| AES-ECB (A3720) | AES-ECB (A3720) | KAT | CAST | Encryption, Decryption | Decrypt with 128, 192, 256 bit keys | Module becomes operational and services are available for use. | Module initialization |
| AES-ECB (A3721) | AES-ECB (A3721) | KAT | CAST | Encryption, Decryption | Decrypt with 128, 192, 256 bit keys | Module becomes operational and services are available for use. | Module initialization |
| AES-ECB (A3722) | AES-ECB (A3722) | KAT | CAST | Encryption, Decryption | Decrypt with 128, 192, 256 bit keys | Module becomes operational and services are available for use. | Module initialization |
| AES-ECB (A3723) | AES-ECB (A3723) | KAT | CAST | Encryption, Decryption | Decrypt with 128, 192, 256 bit keys | Module becomes operational and services are available for use. | Module initialization |
| AES-ECB (A3724) | AES-ECB (A3724) | KAT | CAST | Encryption, Decryption | Decrypt with 128, 192, 256 bit keys | Module becomes operational and services are available for use. | Module initialization |
| AES-CBC (A3629) | AES-CBC (A3629) | KAT | CAST | Encryption, Decryption | Encrypt with 128, 192, 256 bit keys | Module becomes operational and services are available for use. | Module initialization |
| AES-CBC (A3636) | AES-CBC (A3636) | KAT | CAST | Encryption, Decryption | Encrypt with 128, 192, 256 bit keys | Module becomes operational and services are available for use. | Module initialization |
| AES-CBC (A3639) | AES-CBC (A3639) | KAT | CAST | Encryption, Decryption | Encrypt with 128, 192, 256 bit keys | Module becomes operational | Module initialization |
© 2024 Red Hat, Inc./ atsec information security corporation.
© 2024 Red Hat, Inc./ atsec information security corporation.
| Name | Role Access | Approved Functions | Type | Properties | Details | |
|---|---|---|---|---|---|---|
| Module becomes operational and services are available for use. | Module initialization | AES-CBC (A3719) | CAST | Encrypt with 128, 192, 256 bit keys | KAT | Encryption, Decryption |
| Module becomes operational and services are available for use. | Module initialization | AES-CBC (A3722) | CAST | Encrypt with 128, 192, 256 bit keys | KAT | Encryption, Decryption |
| Module becomes operational and services are available for use. | Module initialization | AES-CBC (A4549) | CAST | Encrypt with 128, 192, 256 bit keys | KAT | Encryption, Decryption |
| Module becomes operational and services are available for use. | Module initialization | AES-CBC (A3629) | CAST | Decrypt with 128, 192, 256 bit keys | KAT | Encryption, Decryption |
| Module becomes operational and services are available for use. | Module initialization | AES-CBC (A3636) | CAST | Decrypt with 128, 192, 256 bit keys | KAT | Encryption, Decryption |
| Module becomes operational and services are | Module initialization | AES-CBC (A3639) | CAST | Decrypt with 128, 192, 256 bit keys | KAT | Encryption, Decryption |
© 2024 Red Hat, Inc./ atsec information security corporation.
| Name | Algorithm Or Test | Test Method | Test Type | Details | Indicator available for use. | Conditions | |
|---|---|---|---|---|---|---|---|
| AES-CBC (A3719) | AES-CBC (A3719) | KAT | CAST | Encryption, Decryption | Decrypt with 128, 192, 256 bit keys | Module becomes operational and services are available for use. | Module initialization |
| AES-CBC (A3722) | AES-CBC (A3722) | KAT | CAST | Encryption, Decryption | Decrypt with 128, 192, 256 bit keys | Module becomes operational and services are available for use. | Module initialization |
| AES-CBC (A4549) | AES-CBC (A4549) | KAT | CAST | Encryption, Decryption | Decrypt with 128, 192, 256 bit keys | Module becomes operational and services are available for use. | Module initialization |
| AES-CBC- CS3 (A3633) | AES-CBC- CS3 (A3633) | KAT | CAST | Encryption, Decryption | Encrypt with 128 bit keys | Module becomes operational and services are available for use. | Module initialization |
| AES-CBC- CS3 (A3644) | AES-CBC- CS3 (A3644) | KAT | CAST | Encryption, Decryption | Encrypt with 128 bit keys | Module becomes operational and services are available for use. | Module initialization |
| AES-CBC- CS3 (A3727) | AES-CBC- CS3 (A3727) | KAT | CAST | Encryption, Decryption | Encrypt with 128 bit keys | Module becomes operational and services are available for use. | Module initialization |
| AES-CBC- CS3 (A3633) | AES-CBC- CS3 (A3633) | KAT | CAST | Encryption, Decryption | Decrypt with 128 bit keys | Module becomes operational and services are available for use. | Module initialization |
| AES-CBC- CS3 (A3644) | AES-CBC- CS3 (A3644) | KAT | CAST | Encryption, Decryption | Decrypt with 128 bit keys | Module becomes operational and services are available for use. | Module initialization |
| AES-CBC- CS3 (A3727) | AES-CBC- CS3 (A3727) | KAT | CAST | Encryption, Decryption | Decrypt with 128 bit keys | Module becomes operational and services are available for use. | Module initialization |
| AES-OFB (A3643) | AES-OFB (A3643) | KAT | CAST | Encryption, Decryption | 128 bit keys | Module becomes operational and services are available for use. | Module initialization |
| AES- CFB128 (A3631) | AES- CFB128 (A3631) | KAT | CAST | Encryption, Decryption | Encrypt with 128, 192, 256 bit keys | Module becomes operational and services are available for use. | Module initialization |
| AES- CFB128 (A3642) | AES- CFB128 (A3642) | KAT | CAST | Encryption, Decryption | Encrypt with 128, 192, 256 bit keys | Module becomes operational and services are available for use. | Module initialization |
| AES- CFB128 (A3725) | AES- CFB128 (A3725) | KAT | CAST | Encryption, Decryption | Encrypt with 128, 192, 256 bit keys | Module becomes operational | Module initialization |
AES-CBCCS3 AES-CBCCS3 AES-CBCCS3 © 2024 Red Hat, Inc./ atsec information security corporation.
AES-CBCCS3 AES-CBCCS3 AES-CBCCS3 AESCFB128 AESCFB128 AESCFB128 © 2024 Red Hat, Inc./ atsec information security corporation.
| Name | Role Access | Approved Functions | Type | Properties | Details | |
|---|---|---|---|---|---|---|
| Module becomes operational and services are available for use. | Module initialization | AES- CFB128 (A3631) | CAST | Decrypt with 128, 192, 256 bit keys | KAT | Encryption, Decryption |
| Module becomes operational and services are available for use. | Module initialization | AES- CFB128 (A3642) | CAST | Decrypt with 128, 192, 256 bit keys | KAT | Encryption, Decryption |
| Module becomes operational and services are available for use. | Module initialization | AES- CFB128 (A3725) | CAST | Decrypt with 128, 192, 256 bit keys | KAT | Encryption, Decryption |
| Module becomes operational and services are available for use. | Module initialization | AES-CTR (A3629) | CAST | Encrypt with 128, 192, 256 bit keys | KAT | Encryption, Decryption |
| Module becomes operational and services are available for use. | Module initialization | AES-CTR (A3636) | CAST | Encrypt with 128, 192, 256 bit keys | KAT | Encryption, Decryption |
| Module becomes operational and services are | Module initialization | AES-CTR (A3639) | CAST | Encrypt with 128, 192, 256 bit keys | KAT | Encryption, Decryption |
AESCFB128 AESCFB128 AESCFB128 © 2024 Red Hat, Inc./ atsec information security corporation.
| Name | Algorithm Or Test | Test Method | Test Type | Details | Indicator available for use. | Conditions | |
|---|---|---|---|---|---|---|---|
| AES-CTR (A3719) | AES-CTR (A3719) | KAT | CAST | Encryption, Decryption | Encrypt with 128, 192, 256 bit keys | Module becomes operational and services are available for use. | Module initialization |
| AES-CTR (A3722) | AES-CTR (A3722) | KAT | CAST | Encryption, Decryption | Encrypt with 128, 192, 256 bit keys | Module becomes operational and services are available for use. | Module initialization |
| AES-CTR (A4549) | AES-CTR (A4549) | KAT | CAST | Encryption, Decryption | Encrypt with 128, 192, 256 bit keys | Module becomes operational and services are available for use. | Module initialization |
| AES-CTR (A3629) | AES-CTR (A3629) | KAT | CAST | Encryption, Decryption | Decrypt with 128, 192, 256 bit keys | Module becomes operational and services are available for use. | Module initialization |
| AES-CTR (A3636) | AES-CTR (A3636) | KAT | CAST | Encryption, Decryption | Decrypt with 128, 192, 256 bit keys | Module becomes operational and services are available for use. | Module initialization |
| AES-CTR (A3639) | AES-CTR (A3639) | KAT | CAST | Encryption, Decryption | Decrypt with 128, 192, 256 bit keys | Module becomes operational and services are available for use. | Module initialization |
| AES-CTR (A3719) | AES-CTR (A3719) | KAT | CAST | Encryption, Decryption | Decrypt with 128, 192, 256 bit keys | Module becomes operational and services are available for use. | Module initialization |
| AES-CTR (A3722) | AES-CTR (A3722) | KAT | CAST | Encryption, Decryption | Decrypt with 128, 192, 256 bit keys | Module becomes operational and services are available for use. | Module initialization |
| AES-CTR (A4549) | AES-CTR (A4549) | KAT | CAST | Encryption, Decryption | Decrypt with 128, 192, 256 bit keys | Module becomes operational and services are available for use. | Module initialization |
| AES-CCM (A3629) | AES-CCM (A3629) | KAT | CAST | Encryption, Decryption | Encrypt with 128, 192, 256 bit keys; 128-bit IVs | Module becomes operational and services are available for use. | Module initialization |
| AES-CCM (A3639) | AES-CCM (A3639) | KAT | CAST | Encryption, Decryption | Encrypt with 128, 192, 256 bit keys; 128-bit IVs | Module becomes operational and services are available for use. | Module initialization |
| AES-CCM (A3719) | AES-CCM (A3719) | KAT | CAST | Encryption, Decryption | Encrypt with 128, 192, 256 bit keys; 128-bit IVs | Module becomes operational and services are available for use. | Module initialization |
| AES-CCM (A3722) | AES-CCM (A3722) | KAT | CAST | Encryption, Decryption | Encrypt with 128, 192, | Module becomes operational | Module initialization |
© 2024 Red Hat, Inc./ atsec information security corporation.
© 2024 Red Hat, Inc./ atsec information security corporation.
| Name | Role Access | Csps Accessed | Approved Functions | Type | Properties | Details |
|---|---|---|---|---|---|---|
| Module becomes operational and services are available for use. | Module initialization | Decrypt with 128, 192, 256 bit keys; 128-bit IVs | AES-CCM (A3629) | CAST | KAT | Encryption, Decryption |
| Module becomes operational and services are available for use. | Module initialization | Decrypt with 128, 192, 256 bit keys; 128-bit IVs | AES-CCM (A3639) | CAST | KAT | Encryption, Decryption |
| Module becomes operational and services are available for use. | Module initialization | Decrypt with 128, 192, 256 bit keys; 128-bit IVs | AES-CCM (A3719) | CAST | KAT | Encryption, Decryption |
| Module becomes operational and services are available for use. | Module initialization | Decrypt with 128, 192, 256 bit keys; 128-bit IVs | AES-CCM (A3722) | CAST | KAT | Encryption, Decryption |
| Module becomes operational and services are available for use. | Module initialization | Encrypt with 128, 192, 256 bit keys; Internal 96- bit IVs | AES-GCM (A3629) | CAST | KAT | Encryption, Decryption |
| Module becomes operational and services are | Module initialization | Encrypt with 128, 192, 256 bit keys; Internal 96- bit IVs | AES-GCM (A3634) | CAST | KAT | Encryption, Decryption |
© 2024 Red Hat, Inc./ atsec information security corporation.
| Name | Algorithm Or Test | Test Method | Test Type | Details | Indicator available for use. | Conditions | |
|---|---|---|---|---|---|---|---|
| AES-GCM (A3635) | AES-GCM (A3635) | KAT | CAST | Encryption, Decryption | Encrypt with 128, 192, 256 bit keys; Internal 96- bit IVs | Module becomes operational and services are available for use. | Module initialization |
| AES-GCM (A3636) | AES-GCM (A3636) | KAT | CAST | Encryption, Decryption | Encrypt with 128, 192, 256 bit keys; Internal 96- bit IVs | Module becomes operational and services are available for use. | Module initialization |
| AES-GCM (A3637) | AES-GCM (A3637) | KAT | CAST | Encryption, Decryption | Encrypt with 128, 192, 256 bit keys; Internal 96- bit IVs | Module becomes operational and services are available for use. | Module initialization |
| AES-GCM (A3638) | AES-GCM (A3638) | KAT | CAST | Encryption, Decryption | Encrypt with 128, 192, 256 bit keys; Internal 96- bit IVs | Module becomes operational and services are available for use. | Module initialization |
| AES-GCM (A3639) | AES-GCM (A3639) | KAT | CAST | Encryption, Decryption | Encrypt with 128, 192, 256 bit keys; Internal 96- bit IVs | Module becomes operational and services are available for use. | Module initialization |
| AES-GCM (A3640) | AES-GCM (A3640) | KAT | CAST | Encryption, Decryption | Encrypt with 128, 192, 256 bit keys; Internal 96- bit IVs | Module becomes operational and services are available for use. | Module initialization |
| AES-GCM (A3641) | AES-GCM (A3641) | KAT | CAST | Encryption, Decryption | Encrypt with 128, 192, 256 bit keys; Internal 96- bit IVs | Module becomes operational and services are available for use. | Module initialization |
| AES-GCM (A3719) | AES-GCM (A3719) | KAT | CAST | Encryption, Decryption | Encrypt with 128, 192, 256 bit keys; Internal 96- bit IVs | Module becomes operational and services are available for use. | Module initialization |
| AES-GCM (A3720) | AES-GCM (A3720) | KAT | CAST | Encryption, Decryption | Encrypt with 128, 192, 256 bit keys; Internal 96- bit IVs | Module becomes operational and services are available for use. | Module initialization |
| AES-GCM (A3721) | AES-GCM (A3721) | KAT | CAST | Encryption, Decryption | Encrypt with 128, 192, 256 bit keys; Internal 96- bit IVs | Module becomes operational and services are available for use. | Module initialization |
| AES-GCM (A3722) | AES-GCM (A3722) | KAT | CAST | Encryption, Decryption | Encrypt with 128, 192, 256 bit keys; Internal 96- bit IVs | Module becomes operational and services are available for use. | Module initialization |
| AES-GCM (A3723) | AES-GCM (A3723) | KAT | CAST | Encryption, Decryption | Encrypt with 128, 192, 256 bit keys; Internal 96- bit IVs | Module becomes operational and services are available for use. | Module initialization |
| AES-GCM (A3724) | AES-GCM (A3724) | KAT | CAST | Encryption, Decryption | Encrypt with 128, 192, 256 bit keys; | Module becomes operational | Module initialization |
© 2024 Red Hat, Inc./ atsec information security corporation.
© 2024 Red Hat, Inc./ atsec information security corporation.
| Name | Role Access | Approved Functions | Type | Properties | Details | |
|---|---|---|---|---|---|---|
| Module becomes operational and services are available for use. | Module initialization | AES-GCM (A3629) | CAST | Decrypt with 128, 192, 256 bit keys; external 96- bit IVs | KAT | Encryption, Decryption |
| Module becomes operational and services are available for use. | Module initialization | AES-GCM (A3634) | CAST | Decrypt with 128, 192, 256 bit keys; external 96- bit IVs | KAT | Encryption, Decryption |
| Module becomes operational and services are available for use. | Module initialization | AES-GCM (A3635) | CAST | Decrypt with 128, 192, 256 bit keys; external 96- bit IVs | KAT | Encryption, Decryption |
| Module becomes operational and services are available for use. | Module initialization | AES-GCM (A3636) | CAST | Decrypt with 128, 192, 256 bit keys; external 96- bit IVs | KAT | Encryption, Decryption |
| Module becomes operational and services are available for use. | Module initialization | AES-GCM (A3637) | CAST | Decrypt with 128, 192, 256 bit keys; external 96- bit IVs | KAT | Encryption, Decryption |
| Module becomes operational and services are | Module initialization | AES-GCM (A3638) | CAST | Decrypt with 128, 192, 256 bit keys; external 96- bit IVs | KAT | Encryption, Decryption |
© 2024 Red Hat, Inc./ atsec information security corporation.
| Name | Algorithm Or Test | Test Method | Test Type | Details | Indicator available for use. | Conditions | |
|---|---|---|---|---|---|---|---|
| AES-GCM (A3639) | AES-GCM (A3639) | KAT | CAST | Encryption, Decryption | Decrypt with 128, 192, 256 bit keys; external 96- bit IVs | Module becomes operational and services are available for use. | Module initialization |
| AES-GCM (A3640) | AES-GCM (A3640) | KAT | CAST | Encryption, Decryption | Decrypt with 128, 192, 256 bit keys; external 96- bit IVs | Module becomes operational and services are available for use. | Module initialization |
| AES-GCM (A3641) | AES-GCM (A3641) | KAT | CAST | Encryption, Decryption | Decrypt with 128, 192, 256 bit keys; external 96- bit IVs | Module becomes operational and services are available for use. | Module initialization |
| AES-GCM (A3719) | AES-GCM (A3719) | KAT | CAST | Encryption, Decryption | Decrypt with 128, 192, 256 bit keys; external 96- bit IVs | Module becomes operational and services are available for use. | Module initialization |
| AES-GCM (A3720) | AES-GCM (A3720) | KAT | CAST | Encryption, Decryption | Decrypt with 128, 192, 256 bit keys; external 96- bit IVs | Module becomes operational and services are available for use. | Module initialization |
| AES-GCM (A3721) | AES-GCM (A3721) | KAT | CAST | Encryption, Decryption | Decrypt with 128, 192, 256 bit keys; external 96- bit IVs | Module becomes operational and services are available for use. | Module initialization |
| AES-GCM (A3722) | AES-GCM (A3722) | KAT | CAST | Encryption, Decryption | Decrypt with 128, 192, 256 bit keys; external 96- bit IVs | Module becomes operational and services are available for use. | Module initialization |
| AES-GCM (A3723) | AES-GCM (A3723) | KAT | CAST | Encryption, Decryption | Decrypt with 128, 192, 256 bit keys; external 96- bit IVs | Module becomes operational and services are available for use. | Module initialization |
| AES-GCM (A3724) | AES-GCM (A3724) | KAT | CAST | Encryption, Decryption | Decrypt with 128, 192, 256 bit keys; external 96- bit IVs | Module becomes operational and services are available for use. | Module initialization |
| AES-CMAC (A3629) | AES-CMAC (A3629) | KAT | CAST | Message authentication | Encrypt with 128 and 256 bit keys | Module becomes operational and services are available for use. | Module initialization |
| AES-CMAC (A3639) | AES-CMAC (A3639) | KAT | CAST | Message authentication | Encrypt with 128 and 256 bit keys | Module becomes operational and services are available for use. | Module initialization |
| AES-CMAC (A3719) | AES-CMAC (A3719) | KAT | CAST | Message authentication | Encrypt with 128 and 256 bit keys | Module becomes operational and services are available for use. | Module initialization |
| AES-CMAC (A3722) | AES-CMAC (A3722) | KAT | CAST | Message authentication | Encrypt with 128 and 256 bit keys | Module becomes operational | Module initialization |
© 2024 Red Hat, Inc./ atsec information security corporation.
© 2024 Red Hat, Inc./ atsec information security corporation.
| Name | Role Access | Approved Functions | Type | Properties | Details | |
|---|---|---|---|---|---|---|
| Module becomes operational and services are available for use. | Module initialization | AES-CMAC (A3629) | CAST | Decrypt with 128 and 256 bit keys | KAT | Message authentication |
| Module becomes operational and services are available for use. | Module initialization | AES-CMAC (A3639) | CAST | Decrypt with 128 and 256 bit keys | KAT | Message authentication |
| Module becomes operational and services are available for use. | Module initialization | AES-CMAC (A3719) | CAST | Decrypt with 128 and 256 bit keys | KAT | Message authentication |
| Module becomes operational and services are available for use. | Module initialization | AES-CMAC (A3722) | CAST | Decrypt with 128 and 256 bit keys | KAT | Message authentication |
| Module becomes operational and services are available for use. | Module initialization | HMAC- SHA-1 (A3629) | CAST | SHA-1, 32-64 bit keys | KAT | Message authentication |
| Module becomes operational and services are | Module initialization | HMAC- SHA-1 (A3645) | CAST | SHA-1, 32-64 bit keys | KAT | Message authentication |
HMACSHA-1 HMACSHA-1 © 2024 Red Hat, Inc./ atsec information security corporation.
| Name | Algorithm Or Test | Test Method | Test Type | Details | Indicator available for use. | Conditions | |
|---|---|---|---|---|---|---|---|
| HMAC- SHA-1 (A3646) | HMAC- SHA-1 (A3646) | KAT | CAST | Message authentication | SHA-1, 32-64 bit keys | Module becomes operational and services are available for use. | Module initialization |
| HMAC- SHA-1 (A3647) | HMAC- SHA-1 (A3647) | KAT | CAST | Message authentication | SHA-1, 32-64 bit keys | Module becomes operational and services are available for use. | Module initialization |
| HMAC- SHA-1 (A3722) | HMAC- SHA-1 (A3722) | KAT | CAST | Message authentication | SHA-1, 32-64 bit keys | Module becomes operational and services are available for use. | Module initialization |
| HMAC- SHA2-224 (A3629) | HMAC- SHA2-224 (A3629) | KAT | CAST | Message authentication | SHA2-224, 32-1048 bit keys | Module becomes operational and services are available for use. | Module initialization |
| HMAC- SHA2-224 (A3645) | HMAC- SHA2-224 (A3645) | KAT | CAST | Message authentication | SHA2-224, 32-1048 bit keys | Module becomes operational and services are available for use. | Module initialization |
| HMAC- SHA2-224 (A3646) | HMAC- SHA2-224 (A3646) | KAT | CAST | Message authentication | SHA2-224, 32-1048 bit keys | Module becomes operational and services are available for use. | Module initialization |
| HMAC- SHA2-224 (A3647) | HMAC- SHA2-224 (A3647) | KAT | CAST | Message authentication | SHA2-224, 32-1048 bit keys | Module becomes operational and services are available for use. | Module initialization |
| HMAC- SHA2-224 (A3722) | HMAC- SHA2-224 (A3722) | KAT | CAST | Message authentication | SHA2-224, 32-1048 bit keys | Module becomes operational and services are available for use. | Module initialization |
| HMAC- SHA2-256 (A3629) | HMAC- SHA2-256 (A3629) | KAT | CAST | Message authentication | SHA2-256, 32-64 bit keys | Module becomes operational and services are available for use. | Module initialization |
| HMAC- SHA2-256 (A3645) | HMAC- SHA2-256 (A3645) | KAT | CAST | Message authentication | SHA2-256, 32-64 bit keys | Module becomes operational and services are available for use. | Module initialization |
| HMAC- SHA2-256 (A3646) | HMAC- SHA2-256 (A3646) | KAT | CAST | Message authentication | SHA2-256, 32-64 bit keys | Module becomes operational and services are available for use. | Module initialization |
| HMAC- SHA2-256 (A3647) | HMAC- SHA2-256 (A3647) | KAT | CAST | Message authentication | SHA2-256, 32-64 bit keys | Module becomes operational and services are available for use. | Module initialization |
| HMAC- SHA2-256 (A3722) | HMAC- SHA2-256 (A3722) | KAT | CAST | Message authentication | SHA2-256, 32-64 bit keys | Module becomes operational | Module initialization |
HMACSHA-1 HMACSHA-1 HMACSHA-1 HMACSHA2-224 HMACSHA2-224 HMACSHA2-224 © 2024 Red Hat, Inc./ atsec information security corporation.
HMACSHA2-224 HMACSHA2-224 HMACSHA2-256 HMACSHA2-256 HMACSHA2-256 HMACSHA2-256 HMACSHA2-256 © 2024 Red Hat, Inc./ atsec information security corporation.
| Name | Role Access | Approved Functions | Type | Properties | Details | |
|---|---|---|---|---|---|---|
| Module becomes operational and services are available for use. | Module initialization | HMAC- SHA2-384 (A3629) | CAST | SHA2-384, 32-1048 bit keys | KAT | Message authentication |
| Module becomes operational and services are available for use. | Module initialization | HMAC- SHA2-384 (A3645) | CAST | SHA2-384, 32-1048 bit keys | KAT | Message authentication |
| Module becomes operational and services are available for use. | Module initialization | HMAC- SHA2-384 (A3646) | CAST | SHA2-384, 32-1048 bit keys | KAT | Message authentication |
| Module becomes operational and services are available for use. | Module initialization | HMAC- SHA2-384 (A3647) | CAST | SHA2-384, 32-1048 bit keys | KAT | Message authentication |
| Module becomes operational and services are available for use. | Module initialization | HMAC- SHA2-384 (A3722) | CAST | SHA2-384, 32-1048 bit keys | KAT | Message authentication |
| Module becomes operational and services are | Module initialization. Before integrity test. | HMAC- SHA2-512 (A3629) | CAST | SHA2-512, 32-1048 bit keys | KAT | Message authentication |
HMACSHA2-384 HMACSHA2-384 HMACSHA2-384 HMACSHA2-384 HMACSHA2-384 HMACSHA2-512 © 2024 Red Hat, Inc./ atsec information security corporation.
| Name | Algorithm Or Test | Test Method | Test Type | Details | Indicator available for use. | Conditions | |
|---|---|---|---|---|---|---|---|
| HMAC- SHA2-512 (A3645) | HMAC- SHA2-512 (A3645) | KAT | CAST | Message authentication | SHA2-512, 32-1048 bit keys | Module becomes operational and services are available for use. | Module initialization. Before integrity test. |
| HMAC- SHA2-512 (A3646) | HMAC- SHA2-512 (A3646) | KAT | CAST | Message authentication | SHA2-512, 32-1048 bit keys | Module becomes operational and services are available for use. | Module initialization. Before integrity test. |
| HMAC- SHA2-512 (A3647) | HMAC- SHA2-512 (A3647) | KAT | CAST | Message authentication | SHA2-512, 32-1048 bit keys | Module becomes operational and services are available for use. | Module initialization. Before integrity test. |
| HMAC- SHA2-512 (A3722) | HMAC- SHA2-512 (A3722) | KAT | CAST | Message authentication | SHA2-512, 32-1048 bit keys | Module becomes operational and services are available for use. | Module initialization. Before integrity test. |
| HMAC- SHA3-224 (A3630) | HMAC- SHA3-224 (A3630) | KAT | CAST | Message authentication | SHA3-224, 32-1048 bit keys | Module becomes operational and services are available for use. | Module initialization |
| HMAC- SHA3-224 (A3728) | HMAC- SHA3-224 (A3728) | KAT | CAST | Message authentication | SHA3-224, 32-1048 bit keys | Module becomes operational and services are available for use. | Module initialization |
| HMAC- SHA3-256 (A3630) | HMAC- SHA3-256 (A3630) | KAT | CAST | Message authentication | SHA3-256, 32-1048 bit keys | Module becomes operational and services are available for use. | Module initialization |
| HMAC- SHA3-256 (A3728) | HMAC- SHA3-256 (A3728) | KAT | CAST | Message authentication | SHA3-256, 32-1048 bit keys | Module becomes operational and services are available for use. | Module initialization |
| HMAC- SHA3-384 (A3630) | HMAC- SHA3-384 (A3630) | KAT | CAST | Message authentication | SHA3-384, 32-1048 bit keys | Module becomes operational and services are available for use. | Module initialization |
| HMAC- SHA3-384 (A3728) | HMAC- SHA3-384 (A3728) | KAT | CAST | Message authentication | SHA3-384, 32-1048 bit keys | Module becomes operational and services are available for use. | Module initialization |
| HMAC- SHA3-512 (A3630) | HMAC- SHA3-512 (A3630) | KAT | CAST | Message authentication | SHA3-512, 32-1048 bit keys | Module becomes operational and services are available for use. | Module initialization |
| HMAC- SHA3-512 (A3728) | HMAC- SHA3-512 (A3728) | KAT | CAST | Message authentication | SHA3-512, 32-1048 bit keys | Module becomes operational and services are available for use. | Module initialization |
| Counter DRBG (A3629) | Counter DRBG (A3629) | KAT | CAST | Seed, Generate | 128, 192, 256 bit keys With/without | Module becomes operational | Module initialization |
HMACSHA2-512 HMACSHA2-512 HMACSHA2-512 HMACSHA2-512 HMACSHA3-224 HMACSHA3-224 © 2024 Red Hat, Inc./ atsec information security corporation.
HMACSHA3-256 HMACSHA3-256 HMACSHA3-384 HMACSHA3-384 HMACSHA3-512 HMACSHA3-512 © 2024 Red Hat, Inc./ atsec information security corporation.
| Name | Role Access | Approved Functions | Type | Properties | Details | |
|---|---|---|---|---|---|---|
| Module becomes operational and services are available for use. | Module initialization | Counter DRBG (A3634) | CAST | 128, 192, 256 bit keys With/without PR; Health test per section 11.3 of SP 800- 90Arev1 | KAT | Seed, Generate |
| Module becomes operational and services are available for use. | Module initialization | Counter DRBG (A3635) | CAST | 128, 192, 256 bit keys With/without PR; Health test per section 11.3 of SP 800- 90Arev1 | KAT | Seed, Generate |
| Module becomes operational and services are available for use. | Module initialization | Counter DRBG (A3636) | CAST | 128, 192, 256 bit keys With/without PR; Health test per section 11.3 of SP 800- 90Arev1 | KAT | Seed, Generate |
| Module becomes operational and services are available for use. | Module initialization | Counter DRBG (A3637) | CAST | 128, 192, 256 bit keys With/without PR; Health test per section 11.3 of SP 800- 90Arev1 | KAT | Seed, Generate |
| Module becomes operational and services are available for use. | Module initialization | Counter DRBG (A3638) | CAST | 128, 192, 256 bit keys With/without PR; Health test per section 11.3 of SP 800- 90Arev1 | KAT | Seed, Generate |
| Module becomes operational and services are | Module initialization | Counter DRBG (A3639) | CAST | 128, 192, 256 bit keys With/without PR; Health test per section 11.3 | KAT | Seed, Generate |
© 2024 Red Hat, Inc./ atsec information security corporation.
| Name | Algorithm Or Test | Test Method | Test Type | Details | Of SP 800- 90 Arev1 | Indicator available for use. | Conditions |
|---|---|---|---|---|---|---|---|
| Counter DRBG (A3640) | Counter DRBG (A3640) | KAT | CAST | Seed, Generate | 128, 192, 256 bit keys With/without PR; Health test per section 11.3 of SP 800- 90Arev1 | Module becomes operational and services are available for use. | Module initialization |
| Counter DRBG (A3641) | Counter DRBG (A3641) | KAT | CAST | Seed, Generate | 128, 192, 256 bit keys With/without PR; Health test per section 11.3 of SP 800- 90Arev1 | Module becomes operational and services are available for use. | Module initialization |
| Counter DRBG (A3719) | Counter DRBG (A3719) | KAT | CAST | Seed, Generate | 128, 192, 256 bit keys With/without PR; Health test per section 11.3 of SP 800- 90Arev1 | Module becomes operational and services are available for use. | Module initialization |
| Counter DRBG (A3720) | Counter DRBG (A3720) | KAT | CAST | Seed, Generate | 128, 192, 256 bit keys With/without PR; Health test per section 11.3 of SP 800- 90Arev1 | Module becomes operational and services are available for use. | Module initialization |
| Counter DRBG (A3721) | Counter DRBG (A3721) | KAT | CAST | Seed, Generate | 128, 192, 256 bit keys With/without PR; Health test per section 11.3 of SP 800- 90Arev1 | Module becomes operational and services are available for use. | Module initialization |
| Counter DRBG (A3722) | Counter DRBG (A3722) | KAT | CAST | Seed, Generate | 128, 192, 256 bit keys With/without PR; Health test per section 11.3 of SP 800- 90Arev1 | Module becomes operational and services are available for use. | Module initialization |
| Counter DRBG (A3723) | Counter DRBG (A3723) | KAT | CAST | Seed, Generate | 128, 192, 256 bit keys With/without PR; Health test per section 11.3 of SP 800- 90Arev1 | Module becomes operational and services are available for use. | Module initialization |
| Counter DRBG (A3724) | Counter DRBG (A3724) | KAT | CAST | Seed, Generate | 128, 192, 256 bit keys With/without PR; Health test per section 11.3 of SP 800- 90Arev1 | Module becomes operational and services are available for use. | Module initialization |
| Counter DRBG (A3629) | Counter DRBG (A3629) | KAT | CAST | Seed, Generate | 128, 192, 256 bit keys With/without PR; Health test per section 11.3 of SP 800- 90Arev1 | Module becomes operational and services are available for use. | Module initialization |
| Counter DRBG (A3634) | Counter DRBG (A3634) | KAT | CAST | Seed, Generate | 128, 192, 256 bit keys With/without PR; Health test per section 11.3 of SP 800- 90Arev1 | Module becomes operational and services are available for use. | Module initialization |
| Counter DRBG (A3635) | Counter DRBG (A3635) | KAT | CAST | Seed, Generate | 128, 192, 256 bit keys With/without PR; Health test per section 11.3 of SP 800- 90Arev1 | Module becomes operational and services are available for use. | Module initialization |
| Counter DRBG (A3636) | Counter DRBG (A3636) | KAT | CAST | Seed, Generate | 128, 192, 256 bit keys With/without PR; Health test per section 11.3 of SP 800- 90Arev1 | Module becomes operational and services are available for use. | Module initialization |
| Counter DRBG (A3637) | Counter DRBG (A3637) | KAT | CAST | Seed, Generate | 128, 192, 256 bit keys With/without | Module becomes operational | Module initialization |
© 2024 Red Hat, Inc./ atsec information security corporation.
© 2024 Red Hat, Inc./ atsec information security corporation.
| Name | Role Access | Approved Functions | Type | Properties | Details | |
|---|---|---|---|---|---|---|
| Module becomes operational and services are available for use. | Module initialization | Counter DRBG (A3638) | CAST | 128, 192, 256 bit keys With/without PR; Health test per section 11.3 of SP 800- 90Arev1 | KAT | Seed, Generate |
| Module becomes operational and services are available for use. | Module initialization | Counter DRBG (A3639) | CAST | 128, 192, 256 bit keys With/without PR; Health test per section 11.3 of SP 800- 90Arev1 | KAT | Seed, Generate |
| Module becomes operational and services are available for use. | Module initialization | Counter DRBG (A3640) | CAST | 128, 192, 256 bit keys With/without PR; Health test per section 11.3 of SP 800- 90Arev1 | KAT | Seed, Generate |
| Module becomes operational and services are available for use. | Module initialization | Counter DRBG (A3641) | CAST | 128, 192, 256 bit keys With/without PR; Health test per section 11.3 of SP 800- 90Arev1 | KAT | Seed, Generate |
| Module becomes operational and services are available for use. | Module initialization | Counter DRBG (A3719) | CAST | 128, 192, 256 bit keys With/without PR; Health test per section 11.3 of SP 800- 90Arev1 | KAT | Seed, Generate |
| Module becomes operational and services are | Module initialization | Counter DRBG (A3720) | CAST | 128, 192, 256 bit keys With/without PR; Health test per section 11.3 | KAT | Seed, Generate |
© 2024 Red Hat, Inc./ atsec information security corporation.
| Name | Algorithm Or Test | Test Method | Test Type | Details | Of SP 800- 90 Arev1 | Indicator available for use. | Conditions |
|---|---|---|---|---|---|---|---|
| Counter DRBG (A3721) | Counter DRBG (A3721) | KAT | CAST | Seed, Generate | 128, 192, 256 bit keys With/without PR; Health test per section 11.3 of SP 800- 90Arev1 | Module becomes operational and services are available for use. | Module initialization |
| Counter DRBG (A3722) | Counter DRBG (A3722) | KAT | CAST | Seed, Generate | 128, 192, 256 bit keys With/without PR; Health test per section 11.3 of SP 800- 90Arev1 | Module becomes operational and services are available for use. | Module initialization |
| Counter DRBG (A3723) | Counter DRBG (A3723) | KAT | CAST | Seed, Generate | 128, 192, 256 bit keys With/without PR; Health test per section 11.3 of SP 800- 90Arev1 | Module becomes operational and services are available for use. | Module initialization |
| Counter DRBG (A3724) | Counter DRBG (A3724) | KAT | CAST | Seed, Generate | 128, 192, 256 bit keys With/without PR; Health test per section 11.3 of SP 800- 90Arev1 | Module becomes operational and services are available for use. | Module initialization |
| Hash DRBG (A3629) | Hash DRBG (A3629) | KAT | CAST | Seed, Generate | SHA-256 With/without PR; Health test per section 11.3 of SP 800- 90Arev1 | Module becomes operational and services are available for use. | Module initialization |
| Hash DRBG (A3634) | Hash DRBG (A3634) | KAT | CAST | Seed, Generate | SHA-256 With/without PR; Health test per section 11.3 of SP 800- 90Arev1 | Module becomes operational and services are available for use. | Module initialization |
| Hash DRBG (A3635) | Hash DRBG (A3635) | KAT | CAST | Seed, Generate | SHA-256 With/without PR; Health test per section 11.3 of SP 800- 90Arev1 | Module becomes operational and services are available for use. | Module initialization |
| Hash DRBG (A3636) | Hash DRBG (A3636) | KAT | CAST | Seed, Generate | SHA-256 With/without PR; Health test per section 11.3 of SP 800- 90Arev1 | Module becomes operational and services are available for use. | Module initialization |
| Hash DRBG (A3637) | Hash DRBG (A3637) | KAT | CAST | Seed, Generate | SHA-256 With/without PR; Health test per section 11.3 of SP 800- 90Arev1 | Module becomes operational and services are available for use. | Module initialization |
| Hash DRBG (A3638) | Hash DRBG (A3638) | KAT | CAST | Seed, Generate | SHA-256 With/without PR; Health test per section 11.3 of SP 800- 90Arev1 | Module becomes operational and services are available for use. | Module initialization |
| Hash DRBG (A3639) | Hash DRBG (A3639) | KAT | CAST | Seed, Generate | SHA-256 With/without PR; Health test per section 11.3 of SP 800- 90Arev1 | Module becomes operational and services are available for use. | Module initialization |
| Hash DRBG (A3640) | Hash DRBG (A3640) | KAT | CAST | Seed, Generate | SHA-256 With/without PR; Health test per section 11.3 of SP 800- 90Arev1 | Module becomes operational and services are available for use. | Module initialization |
| Hash DRBG (A3641) | Hash DRBG (A3641) | KAT | CAST | Seed, Generate | SHA-256 With/without PR; Health | Module becomes operational | Module initialization |
© 2024 Red Hat, Inc./ atsec information security corporation.
© 2024 Red Hat, Inc./ atsec information security corporation.
| Name | Role Access | Approved Functions | Type | Properties | Details | |
|---|---|---|---|---|---|---|
| Module becomes operational and services are available for use. | Module initialization | Hash DRBG (A3645) | CAST | SHA-256 With/without PR; Health test per section 11.3 of SP 800- 90Arev1 | KAT | Seed, Generate |
| Module becomes operational and services are available for use. | Module initialization | Hash DRBG (A3646) | CAST | SHA-256 With/without PR; Health test per section 11.3 of SP 800- 90Arev1 | KAT | Seed, Generate |
| Module becomes operational and services are available for use. | Module initialization | Hash DRBG (A3647) | CAST | SHA-256 With/without PR; Health test per section 11.3 of SP 800- 90Arev1 | KAT | Seed, Generate |
| Module becomes operational and services are available for use. | Module initialization | Hash DRBG (A3720) | CAST | SHA-256 With/without PR; Health test per section 11.3 of SP 800- 90Arev1 | KAT | Seed, Generate |
| Module becomes operational and services are available for use. | Module initialization | Hash DRBG (A3721) | CAST | SHA-256 With/without PR; Health test per section 11.3 of SP 800- 90Arev1 | KAT | Seed, Generate |
| Module becomes operational and services are | Module initialization | Hash DRBG (A3722) | CAST | SHA-256 With/without PR; Health test per section 11.3 | KAT | Seed, Generate |
© 2024 Red Hat, Inc./ atsec information security corporation.
| Name | Algorithm Or Test | Test Method | Test Type | Details | Of SP 800- 90 Arev1 | Indicator available for use. | Conditions |
|---|---|---|---|---|---|---|---|
| Hash DRBG (A3723) | Hash DRBG (A3723) | KAT | CAST | Seed, Generate | SHA-256 With/without PR; Health test per section 11.3 of SP 800- 90Arev1 | Module becomes operational and services are available for use. | Module initialization |
| Hash DRBG (A3724) | Hash DRBG (A3724) | KAT | CAST | Seed, Generate | SHA-256 With/without PR; Health test per section 11.3 of SP 800- 90Arev1 | Module becomes operational and services are available for use. | Module initialization |
| HMAC DRBG (A3629) | HMAC DRBG (A3629) | KAT | CAST | Seed, Generate | HMAC-SHA- 256, SHA512 With/without PR; Health test per section 11.3 of SP 800- 90Arev1 | Module becomes operational and services are available for use. | Module initialization |
| HMAC DRBG (A3634) | HMAC DRBG (A3634) | KAT | CAST | Seed, Generate | HMAC-SHA- 256, SHA512 With/without PR; Health test per section 11.3 of SP 800- 90Arev1 | Module becomes operational and services are available for use. | Module initialization |
| HMAC DRBG (A3635) | HMAC DRBG (A3635) | KAT | CAST | Seed, Generate | HMAC-SHA- 256, SHA512 With/without PR; Health test per section 11.3 of SP 800- 90Arev1 | Module becomes operational and services are available for use. | Module initialization |
| HMAC DRBG (A3636) | HMAC DRBG (A3636) | KAT | CAST | Seed, Generate | HMAC-SHA- 256, SHA512 With/without PR; Health test per section 11.3 of SP 800- 90Arev1 | Module becomes operational and services are available for use. | Module initialization |
| HMAC DRBG (A3637) | HMAC DRBG (A3637) | KAT | CAST | Seed, Generate | HMAC-SHA- 256, SHA512 With/without PR; Health test per section 11.3 of SP 800- 90Arev1 | Module becomes operational and services are available for use. | Module initialization |
| HMAC DRBG (A3638) | HMAC DRBG (A3638) | KAT | CAST | Seed, Generate | HMAC-SHA- 256, SHA512 With/without PR; Health test per section 11.3 of SP 800- 90Arev1 | Module becomes operational and services are available for use. | Module initialization |
| HMAC DRBG (A3639) | HMAC DRBG (A3639) | KAT | CAST | Seed, Generate | HMAC-SHA- 256, SHA512 With/without PR; Health test per section 11.3 of SP 800- 90Arev1 | Module becomes operational and services are available for use. | Module initialization |
| HMAC DRBG (A3640) | HMAC DRBG (A3640) | KAT | CAST | Seed, Generate | HMAC-SHA- 256, SHA512 With/without PR; Health test per section 11.3 of SP 800- 90Arev1 | Module becomes operational and services are available for use. | Module initialization |
| HMAC DRBG (A3641) | HMAC DRBG (A3641) | KAT | CAST | Seed, Generate | HMAC-SHA- 256, SHA512 With/without PR; Health test per section 11.3 of SP 800- 90Arev1 | Module becomes operational and services are available for use. | Module initialization |
| HMAC DRBG (A3645) | HMAC DRBG (A3645) | KAT | CAST | Seed, Generate | HMAC-SHA- 256, SHA512 With/without PR; Health test per section 11.3 of SP 800- 90Arev1 | Module becomes operational and services are available for use. | Module initialization |
| HMAC DRBG (A3646) | HMAC DRBG (A3646) | KAT | CAST | Seed, Generate | HMAC-SHA- 256, SHA512 With/without | Module becomes operational | Module initialization |
© 2024 Red Hat, Inc./ atsec information security corporation.
© 2024 Red Hat, Inc./ atsec information security corporation.
| Name | Role Access | Approved Functions | Type | Properties | Details | |
|---|---|---|---|---|---|---|
| Module becomes operational and services are available for use. | Module initialization | HMAC DRBG (A3647) | CAST | HMAC-SHA- 256, SHA512 With/without PR; Health test per section 11.3 of SP 800- 90Arev1 | KAT | Seed, Generate |
| Module becomes operational and services are available for use. | Module initialization | HMAC DRBG (A3720) | CAST | HMAC-SHA- 256, SHA512 With/without PR; Health test per section 11.3 of SP 800- 90Arev1 | KAT | Seed, Generate |
| Module becomes operational and services are available for use. | Module initialization | HMAC DRBG (A3721) | CAST | HMAC-SHA- 256, SHA512 With/without PR; Health test per section 11.3 of SP 800- 90Arev1 | KAT | Seed, Generate |
| Module becomes operational and services are available for use. | Module initialization | HMAC DRBG (A3722) | CAST | HMAC-SHA- 256, SHA512 With/without PR; Health test per section 11.3 of SP 800- 90Arev1 | KAT | Seed, Generate |
| Module becomes operational and services are available for use. | Module initialization | HMAC DRBG (A3723) | CAST | HMAC-SHA- 256, SHA512 With/without PR; Health test per section 11.3 of SP 800- 90Arev1 | KAT | Seed, Generate |
| Module becomes operational and services are | Module initialization | HMAC DRBG (A3724) | CAST | HMAC-SHA- 256, SHA512 With/without PR; Health test per section 11.3 | KAT | Seed, Generate |
© 2024 Red Hat, Inc./ atsec information security corporation.
| Name | Algorithm Or Test | Test Method | Test Type | Period | Periodic Method | Details | Of SP 800- 90 Arev1 | Indicator available for use. | Conditions |
|---|---|---|---|---|---|---|---|---|---|
| RSA SigVer (FIPS186- 4) (A3629) | RSA SigVer (FIPS186- 4) (A3629) | KAT | CAST | Verify | 4096-bit key with SHA- 256 | Module becomes operational and services are available for use. | Module initialization. Before integrity test. | ||
| RSA SigVer (FIPS186- 4) (A3645) | RSA SigVer (FIPS186- 4) (A3645) | KAT | CAST | Verify | 4096-bit key with SHA- 256 | Module becomes operational and services are available for use. | Module initialization. Before integrity test. | ||
| RSA SigVer (FIPS186- 4) (A3646) | RSA SigVer (FIPS186- 4) (A3646) | KAT | CAST | Verify | 4096-bit key with SHA- 256 | Module becomes operational and services are available for use. | Module initialization. Before integrity test. | ||
| RSA SigVer (FIPS186- 4) (A3647) | RSA SigVer (FIPS186- 4) (A3647) | KAT | CAST | Verify | 4096-bit key with SHA- 256 | Module becomes operational and services are available for use. | Module initialization. Before integrity test. | ||
| RSA SigVer (FIPS186- 4) (A3722) | RSA SigVer (FIPS186- 4) (A3722) | KAT | CAST | Verify | 4096-bit key with SHA- 256 | Module becomes operational and services are available for use. | Module initialization. Before integrity test. | ||
| Entropy Source | Entropy Source | RCT | CAST | Entropy source start- up test | 1024 samples | Module becomes operational and services are available for use. | Entropy source initialization | ||
| Entropy Source | Entropy Source | APT | CAST | Entropy source start- up test | 1024 samples | Module becomes operational and services are available for use. | Entropy source initialization | ||
| Entropy Source | Entropy Source | RCT | CAST | Entropy source continuous test | Cutoff C = 61 | Entropy source is operational | Continuously | ||
| Entropy Source | Entropy Source | APT | CAST | Entropy source continuous test | Cutoff C = 355 | Entropy source is operational | Continuously | ||
| HMAC-SHA2- 512 (A3647) | HMAC-SHA2- 512 (A3647) | Message Authentication | SW/FW Integrity | On demand | Manually | ||||
| RSA SigVer (FIPS186-4) (A3629) | RSA SigVer (FIPS186-4) (A3629) | Signature Verification | SW/FW Integrity | On demand | Manually | ||||
| SHA-1 (A3629) | SHA-1 (A3629) | KAT | CAST | On demand | Manually | ||||
| SHA-1 (A3645) | SHA-1 (A3645) | KAT | CAST | On demand | Manually | ||||
| SHA-1 (A3646) | SHA-1 (A3646) | KAT | CAST | On demand | Manually | ||||
| SHA-1 (A3647) | SHA-1 (A3647) | KAT | CAST | On demand | Manually | ||||
| SHA-1 (A3722) | SHA-1 (A3722) | KAT | CAST | On demand | Manually | ||||
| SHA2-224 (A3629) | SHA2-224 (A3629) | KAT | CAST | On demand | Manually | ||||
| SHA2-224 (A3645) | SHA2-224 (A3645) | KAT | CAST | On demand | Manually | ||||
| SHA2-224 (A3646) | SHA2-224 (A3646) | KAT | CAST | On demand | Manually |
(FIPS1864) (A3629) with SHA256 (FIPS1864) (A3645) with SHA256 (FIPS1864) (A3646) with SHA256 (FIPS1864) (A3647) with SHA256 (FIPS1864) (A3722) with SHA256 © 2024 Red Hat, Inc./ atsec information security corporation.
| Name | Algorithm Or Test | Test Method | Test Type | Period | Periodic Method | Details | Of SP 800- 90 Arev1 | Indicator available for use. | Conditions |
|---|---|---|---|---|---|---|---|---|---|
| Entropy Source | Entropy Source | APT | CAST | Entropy source start- up test | 1024 samples | Module becomes operational and services are available for use. | Entropy source initialization | ||
| Entropy Source | Entropy Source | RCT | CAST | Entropy source continuous test | Cutoff C = 61 | Entropy source is operational | Continuously | ||
| Entropy Source | Entropy Source | APT | CAST | Entropy source continuous test | Cutoff C = 355 | Entropy source is operational | Continuously | ||
| HMAC-SHA2- 512 (A3647) | HMAC-SHA2- 512 (A3647) | Message Authentication | SW/FW Integrity | On demand | Manually | ||||
| RSA SigVer (FIPS186-4) (A3629) | RSA SigVer (FIPS186-4) (A3629) | Signature Verification | SW/FW Integrity | On demand | Manually | ||||
| SHA-1 (A3629) | SHA-1 (A3629) | KAT | CAST | On demand | Manually | ||||
| SHA-1 (A3645) | SHA-1 (A3645) | KAT | CAST | On demand | Manually | ||||
| SHA-1 (A3646) | SHA-1 (A3646) | KAT | CAST | On demand | Manually | ||||
| SHA-1 (A3647) | SHA-1 (A3647) | KAT | CAST | On demand | Manually | ||||
| SHA-1 (A3722) | SHA-1 (A3722) | KAT | CAST | On demand | Manually | ||||
| SHA2-224 (A3629) | SHA2-224 (A3629) | KAT | CAST | On demand | Manually | ||||
| SHA2-224 (A3645) | SHA2-224 (A3645) | KAT | CAST | On demand | Manually | ||||
| SHA2-224 (A3646) | SHA2-224 (A3646) | KAT | CAST | On demand | Manually | ||||
| SHA2-224 (A3647) | SHA2-224 (A3647) | KAT | CAST | On demand | Manually | ||||
| SHA2-224 (A3722) | SHA2-224 (A3722) | KAT | CAST | On demand | Manually | ||||
| SHA2-256 (A3629) | SHA2-256 (A3629) | KAT | CAST | On demand | Manually | ||||
| SHA2-256 (A3645) | SHA2-256 (A3645) | KAT | CAST | On demand | Manually | ||||
| SHA2-256 (A3646) | SHA2-256 (A3646) | KAT | CAST | On demand | Manually | ||||
| SHA2-256 (A3647) | SHA2-256 (A3647) | KAT | CAST | On demand | Manually | ||||
| SHA2-256 (A3722) | SHA2-256 (A3722) | KAT | CAST | On demand | Manually | ||||
| SHA2-384 (A3629) | SHA2-384 (A3629) | KAT | CAST | On demand | Manually | ||||
| SHA2-384 (A3645) | SHA2-384 (A3645) | KAT | CAST | On demand | Manually | ||||
| SHA2-384 (A3646) | SHA2-384 (A3646) | KAT | CAST | On demand | Manually | ||||
| SHA2-384 (A3647) | SHA2-384 (A3647) | KAT | CAST | On demand | Manually | ||||
| SHA2-384 (A3722) | SHA2-384 (A3722) | KAT | CAST | On demand | Manually | ||||
| SHA2-512 (A3629) | SHA2-512 (A3629) | KAT | CAST | On demand | Manually | ||||
| SHA2-512 (A3645) | SHA2-512 (A3645) | KAT | CAST | On demand | Manually | ||||
| SHA2-512 (A3646) | SHA2-512 (A3646) | KAT | CAST | On demand | Manually | ||||
| SHA2-512 (A3647) | SHA2-512 (A3647) | KAT | CAST | On demand | Manually | ||||
| SHA2-512 (A3722) | SHA2-512 (A3722) | KAT | CAST | On demand | Manually | ||||
| SHA3-224 (A3630) | SHA3-224 (A3630) | KAT | CAST | On demand | Manually | ||||
| SHA3-224 (A3728) | SHA3-224 (A3728) | KAT | CAST | On demand | Manually | ||||
| SHA3-256 (A3630) | SHA3-256 (A3630) | KAT | CAST | On demand | Manually | ||||
| SHA3-256 (A3728) | SHA3-256 (A3728) | KAT | CAST | On demand | Manually | ||||
| SHA3-384 (A3630) | SHA3-384 (A3630) | KAT | CAST | On demand | Manually | ||||
| SHA3-384 (A3728) | SHA3-384 (A3728) | KAT | CAST | On demand | Manually | ||||
| SHA3-512 (A3630) | SHA3-512 (A3630) | KAT | CAST | On demand | Manually | ||||
| SHA3-512 (A3728) | SHA3-512 (A3728) | KAT | CAST | On demand | Manually | ||||
| AES-ECB (A3629) | AES-ECB (A3629) | KAT | CAST | On demand | Manually | ||||
| AES-ECB (A3634) | AES-ECB (A3634) | KAT | CAST | On demand | Manually | ||||
| AES-ECB (A3635) | AES-ECB (A3635) | KAT | CAST | On demand | Manually | ||||
| AES-ECB (A3636) | AES-ECB (A3636) | KAT | CAST | On demand | Manually | ||||
| AES-ECB (A3637) | AES-ECB (A3637) | KAT | CAST | On demand | Manually | ||||
| AES-ECB (A3638) | AES-ECB (A3638) | KAT | CAST | On demand | Manually | ||||
| AES-ECB (A3639) | AES-ECB (A3639) | KAT | CAST | On demand | Manually | ||||
| AES-ECB (A3640) | AES-ECB (A3640) | KAT | CAST | On demand | Manually | ||||
| AES-ECB (A3641) | AES-ECB (A3641) | KAT | CAST | On demand | Manually | ||||
| AES-ECB (A3719) | AES-ECB (A3719) | KAT | CAST | On demand | Manually | ||||
| AES-ECB (A3720) | AES-ECB (A3720) | KAT | CAST | On demand | Manually | ||||
| AES-ECB (A3721) | AES-ECB (A3721) | KAT | CAST | On demand | Manually | ||||
| AES-ECB (A3722) | AES-ECB (A3722) | KAT | CAST | On demand | Manually | ||||
| AES-ECB (A3723) | AES-ECB (A3723) | KAT | CAST | On demand | Manually | ||||
| AES-ECB (A3724) | AES-ECB (A3724) | KAT | CAST | On demand | Manually | ||||
| AES-ECB (A3629) | AES-ECB (A3629) | KAT | CAST | On demand | Manually | ||||
| AES-ECB (A3634) | AES-ECB (A3634) | KAT | CAST | On demand | Manually | ||||
| AES-ECB (A3635) | AES-ECB (A3635) | KAT | CAST | On demand | Manually | ||||
| AES-ECB (A3636) | AES-ECB (A3636) | KAT | CAST | On demand | Manually | ||||
| AES-ECB (A3637) | AES-ECB (A3637) | KAT | CAST | On demand | Manually | ||||
| AES-ECB (A3638) | AES-ECB (A3638) | KAT | CAST | On demand | Manually | ||||
| AES-ECB (A3639) | AES-ECB (A3639) | KAT | CAST | On demand | Manually | ||||
| AES-ECB (A3640) | AES-ECB (A3640) | KAT | CAST | On demand | Manually | ||||
| AES-ECB (A3641) | AES-ECB (A3641) | KAT | CAST | On demand | Manually | ||||
| AES-ECB (A3719) | AES-ECB (A3719) | KAT | CAST | On demand | Manually | ||||
| AES-ECB (A3720) | AES-ECB (A3720) | KAT | CAST | On demand | Manually | ||||
| AES-ECB (A3721) | AES-ECB (A3721) | KAT | CAST | On demand | Manually | ||||
| AES-ECB (A3722) | AES-ECB (A3722) | KAT | CAST | On demand | Manually | ||||
| AES-ECB (A3723) | AES-ECB (A3723) | KAT | CAST | On demand | Manually | ||||
| AES-ECB (A3724) | AES-ECB (A3724) | KAT | CAST | On demand | Manually | ||||
| AES-CBC (A3629) | AES-CBC (A3629) | KAT | CAST | On demand | Manually | ||||
| AES-CBC (A3636) | AES-CBC (A3636) | KAT | CAST | On demand | Manually | ||||
| AES-CBC (A3639) | AES-CBC (A3639) | KAT | CAST | On demand | Manually | ||||
| AES-CBC (A3719) | AES-CBC (A3719) | KAT | CAST | On demand | Manually | ||||
| AES-CBC (A3722) | AES-CBC (A3722) | KAT | CAST | On demand | Manually | ||||
| AES-CBC (A4549) | AES-CBC (A4549) | KAT | CAST | On demand | Manually | ||||
| AES-CBC (A3629) | AES-CBC (A3629) | KAT | CAST | On demand | Manually | ||||
| AES-CBC (A3636) | AES-CBC (A3636) | KAT | CAST | On demand | Manually | ||||
| AES-CBC (A3639) | AES-CBC (A3639) | KAT | CAST | On demand | Manually | ||||
| AES-CBC (A3719) | AES-CBC (A3719) | KAT | CAST | On demand | Manually | ||||
| AES-CBC (A3722) | AES-CBC (A3722) | KAT | CAST | On demand | Manually | ||||
| AES-CBC (A4549) | AES-CBC (A4549) | KAT | CAST | On demand | Manually | ||||
| AES-CBC-CS3 (A3633) | AES-CBC-CS3 (A3633) | KAT | CAST | On demand | Manually | ||||
| AES-CBC-CS3 (A3644) | AES-CBC-CS3 (A3644) | KAT | CAST | On demand | Manually | ||||
| AES-CBC-CS3 (A3727) | AES-CBC-CS3 (A3727) | KAT | CAST | On demand | Manually | ||||
| AES-CBC-CS3 (A3633) | AES-CBC-CS3 (A3633) | KAT | CAST | On demand | Manually | ||||
| AES-CBC-CS3 (A3644) | AES-CBC-CS3 (A3644) | KAT | CAST | On demand | Manually | ||||
| AES-CBC-CS3 (A3727) | AES-CBC-CS3 (A3727) | KAT | CAST | On demand | Manually | ||||
| AES-OFB (A3643) | AES-OFB (A3643) | KAT | CAST | On demand | Manually | ||||
| AES-CFB128 (A3631) | AES-CFB128 (A3631) | KAT | CAST | On demand | Manually | ||||
| AES-CFB128 (A3642) | AES-CFB128 (A3642) | KAT | CAST | On demand | Manually | ||||
| AES-CFB128 (A3725) | AES-CFB128 (A3725) | KAT | CAST | On demand | Manually | ||||
| AES-CFB128 (A3631) | AES-CFB128 (A3631) | KAT | CAST | On demand | Manually | ||||
| AES-CFB128 (A3642) | AES-CFB128 (A3642) | KAT | CAST | On demand | Manually | ||||
| AES-CFB128 (A3725) | AES-CFB128 (A3725) | KAT | CAST | On demand | Manually | ||||
| AES-CTR (A3629) | AES-CTR (A3629) | KAT | CAST | On demand | Manually | ||||
| AES-CTR (A3636) | AES-CTR (A3636) | KAT | CAST | On demand | Manually | ||||
| AES-CTR (A3639) | AES-CTR (A3639) | KAT | CAST | On demand | Manually | ||||
| AES-CTR (A3719) | AES-CTR (A3719) | KAT | CAST | On demand | Manually | ||||
| AES-CTR (A3722) | AES-CTR (A3722) | KAT | CAST | On demand | Manually | ||||
| AES-CTR (A4549) | AES-CTR (A4549) | KAT | CAST | On demand | Manually | ||||
| AES-CTR (A3629) | AES-CTR (A3629) | KAT | CAST | On demand | Manually | ||||
| AES-CTR (A3636) | AES-CTR (A3636) | KAT | CAST | On demand | Manually | ||||
| AES-CTR (A3639) | AES-CTR (A3639) | KAT | CAST | On demand | Manually | ||||
| AES-CTR (A3719) | AES-CTR (A3719) | KAT | CAST | On demand | Manually | ||||
| AES-CTR (A3722) | AES-CTR (A3722) | KAT | CAST | On demand | Manually | ||||
| AES-CTR (A4549) | AES-CTR (A4549) | KAT | CAST | On demand | Manually | ||||
| AES-CCM (A3629) | AES-CCM (A3629) | KAT | CAST | On demand | Manually | ||||
| AES-CCM (A3639) | AES-CCM (A3639) | KAT | CAST | On demand | Manually | ||||
| AES-CCM (A3719) | AES-CCM (A3719) | KAT | CAST | On demand | Manually | ||||
| AES-CCM (A3722) | AES-CCM (A3722) | KAT | CAST | On demand | Manually | ||||
| AES-CCM (A3629) | AES-CCM (A3629) | KAT | CAST | On demand | Manually | ||||
| AES-CCM (A3639) | AES-CCM (A3639) | KAT | CAST | On demand | Manually | ||||
| AES-CCM (A3719) | AES-CCM (A3719) | KAT | CAST | On demand | Manually | ||||
| AES-CCM (A3722) | AES-CCM (A3722) | KAT | CAST | On demand | Manually | ||||
| AES-GCM (A3629) | AES-GCM (A3629) | KAT | CAST | On demand | Manually | ||||
| AES-GCM (A3634) | AES-GCM (A3634) | KAT | CAST | On demand | Manually | ||||
| AES-GCM (A3635) | AES-GCM (A3635) | KAT | CAST | On demand | Manually | ||||
| AES-GCM (A3636) | AES-GCM (A3636) | KAT | CAST | On demand | Manually | ||||
| AES-GCM (A3637) | AES-GCM (A3637) | KAT | CAST | On demand | Manually | ||||
| AES-GCM (A3638) | AES-GCM (A3638) | KAT | CAST | On demand | Manually | ||||
| AES-GCM (A3639) | AES-GCM (A3639) | KAT | CAST | On demand | Manually | ||||
| AES-GCM (A3640) | AES-GCM (A3640) | KAT | CAST | On demand | Manually | ||||
| AES-GCM (A3641) | AES-GCM (A3641) | KAT | CAST | On demand | Manually | ||||
| AES-GCM (A3719) | AES-GCM (A3719) | KAT | CAST | On demand | Manually | ||||
| AES-GCM (A3720) | AES-GCM (A3720) | KAT | CAST | On demand | Manually | ||||
| AES-GCM (A3721) | AES-GCM (A3721) | KAT | CAST | On demand | Manually | ||||
| AES-GCM (A3722) | AES-GCM (A3722) | KAT | CAST | On demand | Manually | ||||
| AES-GCM (A3723) | AES-GCM (A3723) | KAT | CAST | On demand | Manually | ||||
| AES-GCM (A3724) | AES-GCM (A3724) | KAT | CAST | On demand | Manually | ||||
| AES-GCM (A3629) | AES-GCM (A3629) | KAT | CAST | On demand | Manually | ||||
| AES-GCM (A3634) | AES-GCM (A3634) | KAT | CAST | On demand | Manually | ||||
| AES-GCM (A3635) | AES-GCM (A3635) | KAT | CAST | On demand | Manually | ||||
| AES-GCM (A3636) | AES-GCM (A3636) | KAT | CAST | On demand | Manually | ||||
| AES-GCM (A3637) | AES-GCM (A3637) | KAT | CAST | On demand | Manually | ||||
| AES-GCM (A3638) | AES-GCM (A3638) | KAT | CAST | On demand | Manually | ||||
| AES-GCM (A3639) | AES-GCM (A3639) | KAT | CAST | On demand | Manually | ||||
| AES-GCM (A3640) | AES-GCM (A3640) | KAT | CAST | On demand | Manually | ||||
| AES-GCM (A3641) | AES-GCM (A3641) | KAT | CAST | On demand | Manually | ||||
| AES-GCM (A3719) | AES-GCM (A3719) | KAT | CAST | On demand | Manually | ||||
| AES-GCM (A3720) | AES-GCM (A3720) | KAT | CAST | On demand | Manually | ||||
| AES-GCM (A3721) | AES-GCM (A3721) | KAT | CAST | On demand | Manually | ||||
| AES-GCM (A3722) | AES-GCM (A3722) | KAT | CAST | On demand | Manually | ||||
| AES-GCM (A3723) | AES-GCM (A3723) | KAT | CAST | On demand | Manually | ||||
| AES-GCM (A3724) | AES-GCM (A3724) | KAT | CAST | On demand | Manually | ||||
| AES-CMAC (A3629) | AES-CMAC (A3629) | KAT | CAST | On demand | Manually | ||||
| AES-CMAC (A3639) | AES-CMAC (A3639) | KAT | CAST | On demand | Manually | ||||
| AES-CMAC (A3719) | AES-CMAC (A3719) | KAT | CAST | On demand | Manually | ||||
| AES-CMAC (A3722) | AES-CMAC (A3722) | KAT | CAST | On demand | Manually | ||||
| AES-CMAC (A3629) | AES-CMAC (A3629) | KAT | CAST | On demand | Manually | ||||
| AES-CMAC (A3639) | AES-CMAC (A3639) | KAT | CAST | On demand | Manually | ||||
| AES-CMAC (A3719) | AES-CMAC (A3719) | KAT | CAST | On demand | Manually | ||||
| AES-CMAC (A3722) | AES-CMAC (A3722) | KAT | CAST | On demand | Manually | ||||
| HMAC-SHA-1 (A3629) | HMAC-SHA-1 (A3629) | KAT | CAST | On demand | Manually | ||||
| HMAC-SHA-1 (A3645) | HMAC-SHA-1 (A3645) | KAT | CAST | On demand | Manually | ||||
| HMAC-SHA-1 (A3646) | HMAC-SHA-1 (A3646) | KAT | CAST | On demand | Manually | ||||
| HMAC-SHA-1 (A3647) | HMAC-SHA-1 (A3647) | KAT | CAST | On demand | Manually | ||||
| HMAC-SHA-1 (A3722) | HMAC-SHA-1 (A3722) | KAT | CAST | On demand | Manually | ||||
| HMAC-SHA2- 224 (A3629) | HMAC-SHA2- 224 (A3629) | KAT | CAST | On demand | Manually | ||||
| HMAC-SHA2- 224 (A3645) | HMAC-SHA2- 224 (A3645) | KAT | CAST | On demand | Manually | ||||
| HMAC-SHA2- 224 (A3646) | HMAC-SHA2- 224 (A3646) | KAT | CAST | On demand | Manually | ||||
| HMAC-SHA2- 224 (A3647) | HMAC-SHA2- 224 (A3647) | KAT | CAST | On demand | Manually | ||||
| HMAC-SHA2- 224 (A3722) | HMAC-SHA2- 224 (A3722) | KAT | CAST | On demand | Manually | ||||
| HMAC-SHA2- 256 (A3629) | HMAC-SHA2- 256 (A3629) | KAT | CAST | On demand | Manually | ||||
| HMAC-SHA2- 256 (A3645) | HMAC-SHA2- 256 (A3645) | KAT | CAST | On demand | Manually | ||||
| HMAC-SHA2- 256 (A3646) | HMAC-SHA2- 256 (A3646) | KAT | CAST | On demand | Manually | ||||
| HMAC-SHA2- 256 (A3647) | HMAC-SHA2- 256 (A3647) | KAT | CAST | On demand | Manually | ||||
| HMAC-SHA2- 256 (A3722) | HMAC-SHA2- 256 (A3722) | KAT | CAST | On demand | Manually | ||||
| HMAC-SHA2- 384 (A3629) | HMAC-SHA2- 384 (A3629) | KAT | CAST | On demand | Manually | ||||
| HMAC-SHA2- 384 (A3645) | HMAC-SHA2- 384 (A3645) | KAT | CAST | On demand | Manually | ||||
| HMAC-SHA2- 384 (A3646) | HMAC-SHA2- 384 (A3646) | KAT | CAST | On demand | Manually | ||||
| HMAC-SHA2- 384 (A3647) | HMAC-SHA2- 384 (A3647) | KAT | CAST | On demand | Manually | ||||
| HMAC-SHA2- 384 (A3722) | HMAC-SHA2- 384 (A3722) | KAT | CAST | On demand | Manually | ||||
| HMAC-SHA2- 512 (A3629) | HMAC-SHA2- 512 (A3629) | KAT | CAST | On demand | Manually | ||||
| HMAC-SHA2- 512 (A3645) | HMAC-SHA2- 512 (A3645) | KAT | CAST | On demand | Manually | ||||
| HMAC-SHA2- 512 (A3646) | HMAC-SHA2- 512 (A3646) | KAT | CAST | On demand | Manually | ||||
| HMAC-SHA2- 512 (A3647) | HMAC-SHA2- 512 (A3647) | KAT | CAST | On demand | Manually | ||||
| HMAC-SHA2- 512 (A3722) | HMAC-SHA2- 512 (A3722) | KAT | CAST | On demand | Manually | ||||
| HMAC-SHA3- 224 (A3630) | HMAC-SHA3- 224 (A3630) | KAT | CAST | On demand | Manually | ||||
| HMAC-SHA3- 224 (A3728) | HMAC-SHA3- 224 (A3728) | KAT | CAST | On demand | Manually | ||||
| HMAC-SHA3- 256 (A3630) | HMAC-SHA3- 256 (A3630) | KAT | CAST | On demand | Manually | ||||
| HMAC-SHA3- 256 (A3728) | HMAC-SHA3- 256 (A3728) | KAT | CAST | On demand | Manually | ||||
| HMAC-SHA3- 384 (A3630) | HMAC-SHA3- 384 (A3630) | KAT | CAST | On demand | Manually | ||||
| HMAC-SHA3- 384 (A3728) | HMAC-SHA3- 384 (A3728) | KAT | CAST | On demand | Manually | ||||
| HMAC-SHA3- 512 (A3630) | HMAC-SHA3- 512 (A3630) | KAT | CAST | On demand | Manually | ||||
| HMAC-SHA3- 512 (A3728) | HMAC-SHA3- 512 (A3728) | KAT | CAST | On demand | Manually | ||||
| Counter DRBG (A3629) | Counter DRBG (A3629) | KAT | CAST | On demand | Manually | ||||
| Counter DRBG (A3634) | Counter DRBG (A3634) | KAT | CAST | On demand | Manually | ||||
| Counter DRBG (A3635) | Counter DRBG (A3635) | KAT | CAST | On demand | Manually | ||||
| Counter DRBG (A3636) | Counter DRBG (A3636) | KAT | CAST | On demand | Manually | ||||
| Counter DRBG (A3637) | Counter DRBG (A3637) | KAT | CAST | On demand | Manually | ||||
| Counter DRBG (A3638) | Counter DRBG (A3638) | KAT | CAST | On demand | Manually | ||||
| Counter DRBG (A3639) | Counter DRBG (A3639) | KAT | CAST | On demand | Manually | ||||
| Counter DRBG (A3640) | Counter DRBG (A3640) | KAT | CAST | On demand | Manually | ||||
| Counter DRBG (A3641) | Counter DRBG (A3641) | KAT | CAST | On demand | Manually | ||||
| Counter DRBG (A3719) | Counter DRBG (A3719) | KAT | CAST | On demand | Manually | ||||
| Counter DRBG (A3720) | Counter DRBG (A3720) | KAT | CAST | On demand | Manually | ||||
| Counter DRBG (A3721) | Counter DRBG (A3721) | KAT | CAST | On demand | Manually | ||||
| Counter DRBG (A3722) | Counter DRBG (A3722) | KAT | CAST | On demand | Manually | ||||
| Counter DRBG (A3723) | Counter DRBG (A3723) | KAT | CAST | On demand | Manually | ||||
| Counter DRBG (A3724) | Counter DRBG (A3724) | KAT | CAST | On demand | Manually | ||||
| Counter DRBG (A3629) | Counter DRBG (A3629) | KAT | CAST | On demand | Manually | ||||
| Counter DRBG (A3634) | Counter DRBG (A3634) | KAT | CAST | On demand | Manually | ||||
| Counter DRBG (A3635) | Counter DRBG (A3635) | KAT | CAST | On demand | Manually | ||||
| Counter DRBG (A3636) | Counter DRBG (A3636) | KAT | CAST | On demand | Manually | ||||
| Counter DRBG (A3637) | Counter DRBG (A3637) | KAT | CAST | On demand | Manually | ||||
| Counter DRBG (A3638) | Counter DRBG (A3638) | KAT | CAST | On demand | Manually | ||||
| Counter DRBG (A3639) | Counter DRBG (A3639) | KAT | CAST | On demand | Manually | ||||
| Counter DRBG (A3640) | Counter DRBG (A3640) | KAT | CAST | On demand | Manually | ||||
| Counter DRBG (A3641) | Counter DRBG (A3641) | KAT | CAST | On demand | Manually | ||||
| Counter DRBG (A3719) | Counter DRBG (A3719) | KAT | CAST | On demand | Manually | ||||
| Counter DRBG (A3720) | Counter DRBG (A3720) | KAT | CAST | On demand | Manually | ||||
| Counter DRBG (A3721) | Counter DRBG (A3721) | KAT | CAST | On demand | Manually | ||||
| Counter DRBG (A3722) | Counter DRBG (A3722) | KAT | CAST | On demand | Manually | ||||
| Counter DRBG (A3723) | Counter DRBG (A3723) | KAT | CAST | On demand | Manually | ||||
| Counter DRBG (A3724) | Counter DRBG (A3724) | KAT | CAST | On demand | Manually | ||||
| Hash DRBG (A3629) | Hash DRBG (A3629) | KAT | CAST | On demand | Manually | ||||
| Hash DRBG (A3634) | Hash DRBG (A3634) | KAT | CAST | On demand | Manually | ||||
| Hash DRBG (A3635) | Hash DRBG (A3635) | KAT | CAST | On demand | Manually | ||||
| Hash DRBG (A3636) | Hash DRBG (A3636) | KAT | CAST | On demand | Manually | ||||
| Hash DRBG (A3637) | Hash DRBG (A3637) | KAT | CAST | On demand | Manually | ||||
| Hash DRBG (A3638) | Hash DRBG (A3638) | KAT | CAST | On demand | Manually | ||||
| Hash DRBG (A3639) | Hash DRBG (A3639) | KAT | CAST | On demand | Manually | ||||
| Hash DRBG (A3640) | Hash DRBG (A3640) | KAT | CAST | On demand | Manually | ||||
| Hash DRBG (A3641) | Hash DRBG (A3641) | KAT | CAST | On demand | Manually | ||||
| Hash DRBG (A3645) | Hash DRBG (A3645) | KAT | CAST | On demand | Manually | ||||
| Hash DRBG (A3646) | Hash DRBG (A3646) | KAT | CAST | On demand | Manually | ||||
| Hash DRBG (A3647) | Hash DRBG (A3647) | KAT | CAST | On demand | Manually | ||||
| Hash DRBG (A3720) | Hash DRBG (A3720) | KAT | CAST | On demand | Manually | ||||
| Hash DRBG (A3721) | Hash DRBG (A3721) | KAT | CAST | On demand | Manually | ||||
| Hash DRBG (A3722) | Hash DRBG (A3722) | KAT | CAST | On demand | Manually | ||||
| Hash DRBG (A3723) | Hash DRBG (A3723) | KAT | CAST | On demand | Manually | ||||
| Hash DRBG (A3724) | Hash DRBG (A3724) | KAT | CAST | On demand | Manually | ||||
| HMAC DRBG (A3629) | HMAC DRBG (A3629) | KAT | CAST | On demand | Manually | ||||
| HMAC DRBG (A3634) | HMAC DRBG (A3634) | KAT | CAST | On demand | Manually | ||||
| HMAC DRBG (A3635) | HMAC DRBG (A3635) | KAT | CAST | On demand | Manually | ||||
| HMAC DRBG (A3636) | HMAC DRBG (A3636) | KAT | CAST | On demand | Manually | ||||
| HMAC DRBG (A3637) | HMAC DRBG (A3637) | KAT | CAST | On demand | Manually | ||||
| HMAC DRBG (A3638) | HMAC DRBG (A3638) | KAT | CAST | On demand | Manually | ||||
| HMAC DRBG (A3639) | HMAC DRBG (A3639) | KAT | CAST | On demand | Manually | ||||
| HMAC DRBG (A3640) | HMAC DRBG (A3640) | KAT | CAST | On demand | Manually | ||||
| HMAC DRBG (A3641) | HMAC DRBG (A3641) | KAT | CAST | On demand | Manually | ||||
| HMAC DRBG (A3645) | HMAC DRBG (A3645) | KAT | CAST | On demand | Manually | ||||
| HMAC DRBG (A3646) | HMAC DRBG (A3646) | KAT | CAST | On demand | Manually | ||||
| HMAC DRBG (A3647) | HMAC DRBG (A3647) | KAT | CAST | On demand | Manually | ||||
| HMAC DRBG (A3720) | HMAC DRBG (A3720) | KAT | CAST | On demand | Manually | ||||
| HMAC DRBG (A3721) | HMAC DRBG (A3721) | KAT | CAST | On demand | Manually | ||||
| HMAC DRBG (A3722) | HMAC DRBG (A3722) | KAT | CAST | On demand | Manually | ||||
| HMAC DRBG (A3723) | HMAC DRBG (A3723) | KAT | CAST | On demand | Manually | ||||
| HMAC DRBG (A3724) | HMAC DRBG (A3724) | KAT | CAST | On demand | Manually | ||||
| RSA SigVer (FIPS186-4) (A3629) | RSA SigVer (FIPS186-4) (A3629) | KAT | CAST | On demand | Manually | ||||
| RSA SigVer (FIPS186-4) (A3645) | RSA SigVer (FIPS186-4) (A3645) | KAT | CAST | On demand | Manually | ||||
| RSA SigVer (FIPS186-4) (A3646) | RSA SigVer (FIPS186-4) (A3646) | KAT | CAST | On demand | Manually | ||||
| RSA SigVer (FIPS186-4) (A3647) | RSA SigVer (FIPS186-4) (A3647) | KAT | CAST | On demand | Manually | ||||
| RSA SigVer (FIPS186-4) (A3722) | RSA SigVer (FIPS186-4) (A3722) | KAT | CAST | On demand | Manually | ||||
| Entropy Source | Entropy Source | RCT | CAST | On demand | Manually | ||||
| Entropy Source | Entropy Source | APT | CAST | On demand | Manually | ||||
| Entropy Source | Entropy Source | RCT | CAST | On demand | Manually | ||||
| Entropy Source | Entropy Source | APT | CAST | On demand | Manually |
Table 23: Conditional Self-Tests The module performs self-tests on all approved cryptographic algorithms as part of the approved services supported in the approved mode of operation, using the tests shown in the table above. Services are not available, and data output (via the data output interface) is inhibited during the conditional self-tests. If any of these tests fails, the module transitions to the Error State.
Table 24: Pre-Operational Periodic Information © 2024 Red Hat, Inc./ atsec information security corporation.
© 2024 Red Hat, Inc./ atsec information security corporation.
© 2024 Red Hat, Inc./ atsec information security corporation.
© 2024 Red Hat, Inc./ atsec information security corporation.
© 2024 Red Hat, Inc./ atsec information security corporation.
© 2024 Red Hat, Inc./ atsec information security corporation.
© 2024 Red Hat, Inc./ atsec information security corporation.
© 2024 Red Hat, Inc./ atsec information security corporation.
© 2024 Red Hat, Inc./ atsec information security corporation.
© 2024 Red Hat, Inc./ atsec information security corporation.
| Name | Description | Role Access | Indicator | |
|---|---|---|---|---|
| Error State | The Linux kernel immediately stops executing | Any self-test failure | Kernel Panic | Restart of the module |
Table 25: Conditional Periodic Information
Table 26: Error States © 2024 Red Hat, Inc./ atsec information security corporation.
In the Error State, the output interface is inhibited, and the module accepts no more inputs or requests (as the module is no longer running).
All self-tests, with the exception of the continuous health tests, can be invoked on demand by unloading and subsequently re-initializing the module.
Not applicable. © 2024 Red Hat, Inc./ atsec information security corporation.
The module is distributed as a part of the Red Hat Enterprise Linux 9 (RHEL 9) package in the form of the kernel-5.14.0-70.53.1.el9_0, libkcapi-1.3.1-3.el9, and libkcapi-hmaccalc1.3.1-3.el9 RPM packages. The module can achieve the approved mode by:
After installation of the kernel-5.14.0-70.53.1.el9_0, libkcapi-1.3.1-3.el9, and libkcapihmaccalc-1.3.1-3.el9 RPM packages, the Crypto Officer must execute the “cat /proc/sys/crypto/fips_name” command. The Crypto Officer must ensure that the proper name is listed in the output as follows: Red Hat Enterprise Linux 9 - Kernel Cryptographic API Then, the Crypto Officer must execute the “cat /proc/sys/crypto/fips_version” and “rpm -q libkcapi” commands. These commands must output the following (one line per output): 5.14.0-70.53.1.el9_0.x86_64 libkcapi-1.3.1-3.el9.x86_64
There is no non-administrator guidance.
Not applicable for this module.
There are no maintenance requirements.
© 2024 Red Hat, Inc./ atsec information security corporation.
As the module does not persistently store SSPs, secure sanitization of the module consists of unloading the module. This will zeroize all SSPs in volatile memory. Then, if desired, the kernel-5.14.0-70.53.1.el9_0, libkcapi-1.3.1-3.el9, and libkcapi-hmaccalc-1.3.1-3.el9 RPM packages can be uninstalled from the RHEL 9 system.
Not applicable. © 2024 Red Hat, Inc./ atsec information security corporation.
The module does not offer mitigation of other attacks and therefore this section is not applicable.
Not applicable. © 2024 Red Hat, Inc./ atsec information security corporation.
Appendix A. Glossary and Abbreviations AES API CAST CAVP CBC CCM CFB CMAC CMVP CTR DRBG ECB FIPS GCM GMAC HMAC IPsec KAT MAC NIST PKCS RSA SHA SSP XTS Advanced Encryption Standard Application Programming Interface Cryptographic Algorithm Self-Test Cryptographic Algorithm Validation Program Cipher Block Chaining Counter with Cipher Block Chaining-Message Authentication Code Cipher Feedback Cipher-based Message Authentication Code Cryptographic Module Validation Program Counter Deterministic Random Bit Generator Electronic Code Book Federal Information Processing Standards Galois Counter Mode Galois Counter Mode Message Authentication Code Keyed-Hash Message Authentication Code Internet Protocol Security Known Answer Test Message Authentication Code National Institute of Science and Technology Public-Key Cryptography Standards Rivest, Shamir, Addleman Secure Hash Algorithm Sensitive Security Parameter XEX-based Tweaked-codebook mode with cipher text Stealing © 2024 Red Hat, Inc./ atsec information security corporation.
Appendix B. References FIPS 140-3 FIPS PUB 140-3 - Security Requirements For Cryptographic Modules March 2019 https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.140-3.pdf FIPS 140-3 IG Implementation Guidance for FIPS PUB 140-3 and the Cryptographic Module Validation Program https://csrc.nist.gov/Projects/cryptographic-module-validation-program/fips140-3-ig-announcements FIPS 180-4 Secure Hash Standard (SHS) March 2012 https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.180-4.pdf FIPS 186-5 Digital Signature Standard (DSS) February 2023 https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-5.pdf FIPS 186-4 Digital Signature Standard (DSS) July 2013 https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-4.pdf FIPS 198-1 The Keyed Hash Message Authentication Code (HMAC) July 2008 https://csrc.nist.gov/publications/fips/fips198-1/FIPS-198-1_final.pdf FIPS 202 SHA-3 Standard: Permutation-Based Hash and Extendable-Output Functions August 2015 https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.202.pdf PKCS#1 Public Key Cryptography Standards (PKCS) #1: RSA Cryptography Specifications Version 2.1 February 2003 https://www.ietf.org/rfc/rfc3447.txt SP 800-38A Recommendation for Block Cipher Modes of Operation Methods and Techniques December 2001 https://csrc.nist.gov/publications/nistpubs/800-38a/sp800-38a.pdf SP 800-38B Recommendation for Block Cipher Modes of Operation: The CMAC Mode for Authentication May 2005 https://csrc.nist.gov/publications/nistpubs/800-38B/SP_800-38B.pdf SP 800-38C Recommendation for Block Cipher Modes of Operation: the CCM Mode for Authentication and Confidentiality May 2004 https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication80038c.pdf SP 800-38D Recommendation for Block Cipher Modes of Operation: Galois/Counter Mode (GCM) and GMAC November 2007 https://csrc.nist.gov/publications/nistpubs/800-38D/SP-800-38D.pdf © 2024 Red Hat, Inc./ atsec information security corporation.
SP 800-38E Recommendation for Block Cipher Modes of Operation: The XTS AES Mode for Confidentiality on Storage Devices January 2010 https://csrc.nist.gov/publications/nistpubs/800-38E/nist-sp-800-38E.pdf SP 800-90Ar1 Recommendation for Random Number Generation Using Deterministic Random Bit Generators June 2015 https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-90Ar1.pdf © 2024 Red Hat, Inc./ atsec information security corporation.