| Standard | FIPS 140-3 |
|---|---|
| Overall level | 1 |
| Module type | Software |
| Embodiment | Multi-Chip Stand Alone |
| Status | Active |
| Sunset date | 9/16/2030 |
| Caveat | When operated in approved mode. No assurance of minimum security of SSPs (e.g., keys, bit strings) that are externally loaded, or of SSPs established with externally loaded SSPs. |
| Vendor | Cloudlinux Inc., TuxCare division |
| Algorithm | ACVP Cert |
|---|---|
| AES-CBC | A5138 |
| AES-CCM | A5138 |
| AES-CFB128 | A5138 |
| AES-CFB8 | A5138 |
| AES-CMAC | A5138 |
| AES-CTR | A5138 |
| AES-ECB | A5138 |
| AES-KW | A5138 |
| AES-OFB | A5138 |
| AES-XTS Testing Revision 2.0 | A5138 |
| Counter DRBG | A5138 |
| ECDSA KeyGen (FIPS186-5) | A5138 |
| ECDSA KeyVer (FIPS186-5) | A5138 |
| ECDSA SigGen (FIPS186-5) | A5138 |
| ECDSA SigVer (FIPS186-5) | A5138 |
| Hash DRBG | A5138 |
| HMAC DRBG | A5138 |
| HMAC-SHA-1 | A5137 |
| HMAC-SHA2- 224 | A5138 |
| HMAC-SHA2- 256 | A5138 |
| HMAC-SHA2- 384 | A5138 |
| HMAC-SHA2- 512 | A5138 |
| HMAC-SHA2- 512/224 | A5138 |
| HMAC-SHA2- 512/256 | A5138 |
| HMAC-SHA3- 224 | A5140 |
| HMAC-SHA3- 256 | A5140 |
| HMAC-SHA3- 384 | A5140 |
| HMAC-SHA3- 512 | A5140 |
| PBKDF | A5138 |
| RSA KeyGen (FIPS186-5) | A5138 |
| RSA SigGen (FIPS186-5) | A5138 |
| RSA SigVer (FIPS186-2) | A5138 |
| RSA SigVer (FIPS186-4) | A5138 |
| RSA SigVer (FIPS186-5) | A5138 |
| SHA-1 | A5137 |
| SHA2-224 | A5138 |
| SHA2-256 | A5138 |
| SHA2-384 | A5138 |
| SHA2-512 | A5138 |
| SHA2-512/224 | A5138 |
| SHA2-512/256 | A5138 |
| SHA3-224 | A5140 |
| SHA3-256 | A5140 |
| SHA3-384 | A5140 |
| SHA3-512 | A5140 |
| SHAKE-128 | A5140 |
| SHAKE-256 | A5140 |
| Requirement area | Level |
|---|---|
| Cryptographic Module Specification | 2 |
| Cryptographic Module Interfaces | 3 |
| Roles, Services, and Authentication | 4 |
| Software/Firmware Security | 5 |
| Operational Environment | 6 |
| Self-Tests | 1 |
| Life-Cycle Assurance | 1 |
| Mitigation of Other Attacks | 1 |
flowchart LR
%% Deterministic review-risk graph for Libgcrypt cryptography module for AlmaLinux 9
%% Review prompts and evidence gaps, NOT vulnerability findings.
subgraph CMVP["CMVP-disclosed clues"]
C2["[low] Firmware update / recovery<br/>/ rollback (referenced in<br/>text)<br/><i>update<br/>Recovery</i>"]
C3["[high] Unauthenticated /<br/>self-test / status service<br/>surface<br/><i>Symmetric encryption and decryption<br/>Symmetric encryption and decryption with AES XTS…<br/>Show status</i>"]
C5["[low] Protocol / secure-channel<br/>references (may be KDF<br/>names, not a live channel)<br/><i>TLS<br/>HTTPS<br/>no library/version identified</i>"]
C6["[low] Operating system / runtime<br/>referenced (boundary<br/>membership not asserted)<br/><i>operating system<br/>linux<br/>kernel</i>"]
end
subgraph Inference["Derived inference"]
I2["Possible only, trusted<br/>code is reachable through<br/>update and recovery paths."]
I3["Some services may process<br/>input before, or without,<br/>operator authentication."]
I5["Possible only, a protocol<br/>is referenced, but whether<br/>it is a live channel or<br/>only a KDF/algorithm name<br/>is unconfirmed."]
I6["Possible only, a<br/>runtime/OS is referenced,<br/>but its membership in the<br/>cryptographic boundary is<br/>not established."]
end
subgraph Risk["Reviewer question"]
R2["Are update images<br/>authenticated before<br/>parsing, and are<br/>downgrade/rollback paths<br/>constrained?"]
R3["Can unauthenticated<br/>services leak state,<br/>consume resources, or<br/>transition security state?"]
R5["If a live TLS/SSH/IKE<br/>channel exists, could<br/>library CVEs apply, or is<br/>this only a<br/>KDF/documentation name?"]
R6["If the OS/runtime is<br/>in-boundary, could its<br/>CVEs be hidden by<br/>firmware-only versioning?"]
end
subgraph Evidence["Evidence needed to close"]
E2["confirm the disclosure<br/>itself (keyword hit,<br/>context unverified) ·<br/>update image format ·<br/>signature-before-parse<br/>proof · anti-rollback /<br/>downgrade policy"]
E3["pre-auth reachability<br/>matrix · rate limits and<br/>output redaction ·<br/>abuse-case tests"]
E5["confirm the disclosure<br/>itself (keyword hit,<br/>context unverified) ·<br/>library identity and<br/>version ·<br/>certificate-validation<br/>behaviour · protocol-CVE<br/>disposition"]
E6["confirm the disclosure<br/>itself (keyword hit,<br/>context unverified) ·<br/>runtime identity and<br/>config · kernel/runtime<br/>hardening profile ·<br/>patch/backport manifest"]
end
C2 --> I2 --> R2 --> E2
C3 --> I3 --> R3 --> E3
C5 --> I5 --> R5 --> E5
C6 --> I6 --> R6 --> E6
classDef clue fill:#eef3f9,stroke:#6f7f91,color:#1f3a5f;
classDef infer fill:#fff7e6,stroke:#b98500,color:#6b4e00;
classDef risk fill:#fbe9e9,stroke:#b02a2a,color:#7a1f1f;
classDef evidence fill:#e6f4ea,stroke:#1e7d34,color:#14532d;
class C2,C3,C5,C6 clue;
class I2,I3,I5,I6 infer;
class R2,R3,R5,R6 risk;
class E2,E3,E5,E6 evidence;flowchart LR
%% Deterministic clue tier for Libgcrypt cryptography module for AlmaLinux 9
%% confidence: high = structured record field; medium = structured but soft; low (dashed) = bare keyword hit, context unverified
subgraph CMVP["CMVP-disclosed clues (deterministic)"]
C2["[low] Firmware update / recovery / rollback (referenced in text)<br/><i>update<br/>Recovery</i><br/>src: text:keyword"]
C3["[high] Unauthenticated / self-test / status service surface<br/><i>Symmetric encryption and decryption<br/>Symmetric encryption and decryption with AES XTS…<br/>Show status</i><br/>src: securityPolicy.services"]
C5["[low] Protocol / secure-channel references (may be KDF names, not a live channel)<br/><i>TLS<br/>HTTPS<br/>no library/version identified</i><br/>src: text:keyword"]
C6["[low] Operating system / runtime referenced (boundary membership not asserted)<br/><i>operating system<br/>linux<br/>kernel</i><br/>src: text:keyword"]
end
classDef clueHigh fill:#eef3f9,stroke:#2f6fb0,stroke-width:2px,color:#1f3a5f;
classDef clueMedium fill:#eef3f9,stroke:#6f7f91,color:#1f3a5f;
classDef clueLow fill:#f7f7f7,stroke:#999,stroke-dasharray:4 4,color:#444;
class C2,C5,C6 clueLow;
class C3 clueHigh;Cloudlinux Inc., TuxCare division Libgcrypt cryptography module for AlmaLinux 9 Prepared by: atsec information security corporation
Libgcrypt cryptography module for AlmaLinux 9 Austin, TX 78759 Document version: 1.2 www.atsec.com Last update: 2026-13-04 © 2026 Cloudlinux Inc., TuxCare division, atsec information security.
Libgcrypt cryptography module for AlmaLinux 9 Table of Contents © 2026 Cloudlinux Inc., TuxCare division, atsec information security.
Libgcrypt cryptography module for AlmaLinux 9 © 2026 Cloudlinux Inc., TuxCare division, atsec information security.
Libgcrypt cryptography module for AlmaLinux 9 List of Tables List of Figures © 2026 Cloudlinux Inc., TuxCare division, atsec information security.
| Name | ISO Section | Requirement | Level |
|---|---|---|---|
| 1 | 1 | General | 1 |
| 2 | 2 | Cryptographic module specification | 1 |
| 3 | 3 | Cryptographic module interfaces | 1 |
| 4 | 4 | Roles, services, and authentication | 1 |
| 5 | 5 | Software/Firmware security | 1 |
| 6 | 6 | Operational environment | 1 |
| 7 | 7 | Physical security | N/A |
| 8 | 8 | Non-invasive security | N/A |
| 9 | 9 | Sensitive security parameter management | 1 |
| 10 | 10 | Self-tests | 1 |
| 11 | 11 | Life-cycle assurance | 1 |
| 12 | 12 | Mitigation of other attacks | 1 |
| Overall Level | Overall Level | 1 |
Libgcrypt cryptography module for AlmaLinux 9
This document is the non-proprietary FIPS 140-3 Security Policy for version 1.10.0-9a1db72d64086a2f of the Libgcrypt cryptography module for AlmaLinux 9. It contains the security rules under which the module must operate and describes how this module meets the requirements as specified in FIPS PUB 140-3 (Federal Information Processing Standards Publication 140-3) for an overall Security Level 1 module.
This Security Policy describes the features and design of the module named Libgcrypt cryptography module for AlmaLinux 9 using the terminology contained in the FIPS 140-3 specification. The FIPS 140-3 Security Requirements for Cryptographic Module specifies the security requirements that will be satisfied by a cryptographic module utilized within a security system protecting sensitive but unclassified information. The NIST/CCCS Cryptographic Module Validation Program (CMVP) validates cryptographic module to FIPS 140-3. Validated products are accepted by the Federal agencies of both the USA and Canada for the protection of sensitive or designated information. including this notice. Other documentation is proprietary to their authors. In preparing the Security Policy document, the laboratory formatted the vendor-supplied documentation for consolidation without altering the technical statements therein contained. The further refining of the Security Policy document was conducted iteratively throughout the conformance testing, wherein the Security Policy was submitted to the vendor, who would then edit, modify, and add technical contents. The vendor would also © 2026 Cloudlinux Inc., TuxCare division, atsec information security.
Libgcrypt cryptography module for AlmaLinux 9 supply additional documentation, which the laboratory formatted into the existing Security Policy, and resubmitted to the vendor for their final editing. © 2026 Cloudlinux Inc., TuxCare division, atsec information security.
Libgcrypt cryptography module for AlmaLinux 9
Purpose and Use: The Libgcrypt cryptography module for AlmaLinux 9 (hereafter referred to as “the module”) is a software library implementing general purpose cryptographic algorithms. The module provides cryptographic services to applications running in the user space of the underlying operating system through an application program interface (API). Module Type: Software Module Embodiment: Multi-Chip Standalone Cryptographic Boundary: The module consists of the shared library file (i.e. libgcrypt.so.20.4.0) which constitutes the cryptographic boundary. The block diagram in Figure 1 shows the cryptographic boundary of the module, its interfaces with the operational environment and the flow of information between the module and operator. Tested Operational Environment’s Physical Perimeter (TOEPP): The TOEPP is the general-purpose computer on which the module is installed. Figure 1: Block Diagram © 2026 Cloudlinux Inc., TuxCare division, atsec information security.
| Name | Operating System | Hardware Platform | Firmware Version | Software Version | Processor | Paa Pai | Hypervisor | Features | Package | Integrity Test |
|---|---|---|---|---|---|---|---|---|---|---|
| /usr/lib64/libgcrypt.so.20.4.0 | 1.10.0- 9a1db72d64086a2f | N/A | /usr/lib64/libgcrypt.so.20.4.0 | HMAC-SHA-256 | ||||||
| Almalinux 9.2 | Almalinux 9.2 | Amazon Web Services (AWS) m5.metal | 1.10.0- 9a1db72d64086a2f | Intel Xeon Platinum 8259CL | Yes | N/A | ||||
| Almalinux 9.2 | Almalinux 9.2 | Amazon Web Services (AWS) m5.metal | 1.10.0- 9a1db72d64086a2f | Intel Xeon Platinum 8259CL | No | N/A | ||||
| AlmaLinux OS 9.6 | AlmaLinux OS 9.6 | GIGABYTE E163- S30-AAG1 | 1.10.0- 9a1db72d64086a2f | Intel® Xeon® Gold 5512U | Yes | N/A | ||||
| AlmaLinux OS 9.6 | AlmaLinux OS 9.6 | GIGABYTE E163- S30-AAG1 | 1.10.0- 9a1db72d64086a2f | Intel® Xeon® Gold 5512U | No | N/A | ||||
| Rocky Linux 9.6 | Rocky Linux 9.6 | GIGABYTE E163-S30-AAG1 on Intel® Xeon® Gold 5512U |
| Name | Operating System | Hardware Platform | Firmware Version | Software Version | Processor | Paa Pai | Hypervisor | Features | Package | Integrity Test |
|---|---|---|---|---|---|---|---|---|---|---|
| /usr/lib64/libgcrypt.so.20.4.0 | 1.10.0- 9a1db72d64086a2f | N/A | /usr/lib64/libgcrypt.so.20.4.0 | HMAC-SHA-256 | ||||||
| Almalinux 9.2 | Almalinux 9.2 | Amazon Web Services (AWS) m5.metal | 1.10.0- 9a1db72d64086a2f | Intel Xeon Platinum 8259CL | Yes | N/A | ||||
| Almalinux 9.2 | Almalinux 9.2 | Amazon Web Services (AWS) m5.metal | 1.10.0- 9a1db72d64086a2f | Intel Xeon Platinum 8259CL | No | N/A | ||||
| AlmaLinux OS 9.6 | AlmaLinux OS 9.6 | GIGABYTE E163- S30-AAG1 | 1.10.0- 9a1db72d64086a2f | Intel® Xeon® Gold 5512U | Yes | N/A | ||||
| AlmaLinux OS 9.6 | AlmaLinux OS 9.6 | GIGABYTE E163- S30-AAG1 | 1.10.0- 9a1db72d64086a2f | Intel® Xeon® Gold 5512U | No | N/A | ||||
| Rocky Linux 9.6 | Rocky Linux 9.6 | GIGABYTE E163-S30-AAG1 on Intel® Xeon® Gold 5512U |
| Name | Operating System | Hardware Platform | Firmware Version | Software Version | Processor | Paa Pai | Hypervisor | Features | Package | Integrity Test |
|---|---|---|---|---|---|---|---|---|---|---|
| /usr/lib64/libgcrypt.so.20.4.0 | 1.10.0- 9a1db72d64086a2f | N/A | /usr/lib64/libgcrypt.so.20.4.0 | HMAC-SHA-256 | ||||||
| Almalinux 9.2 | Almalinux 9.2 | Amazon Web Services (AWS) m5.metal | 1.10.0- 9a1db72d64086a2f | Intel Xeon Platinum 8259CL | Yes | N/A | ||||
| Almalinux 9.2 | Almalinux 9.2 | Amazon Web Services (AWS) m5.metal | 1.10.0- 9a1db72d64086a2f | Intel Xeon Platinum 8259CL | No | N/A | ||||
| AlmaLinux OS 9.6 | AlmaLinux OS 9.6 | GIGABYTE E163- S30-AAG1 | 1.10.0- 9a1db72d64086a2f | Intel® Xeon® Gold 5512U | Yes | N/A | ||||
| AlmaLinux OS 9.6 | AlmaLinux OS 9.6 | GIGABYTE E163- S30-AAG1 | 1.10.0- 9a1db72d64086a2f | Intel® Xeon® Gold 5512U | No | N/A | ||||
| Rocky Linux 9.6 | Rocky Linux 9.6 | GIGABYTE E163-S30-AAG1 on Intel® Xeon® Gold 5512U |
Libgcrypt cryptography module for AlmaLinux 9
Tested Module Identification
The module does not claim any excluded components. © 2026 Cloudlinux Inc., TuxCare division, atsec information security.
| Name | Description | Indicator | Type |
|---|---|---|---|
| Non- approved Mode | Automatically entered whenever a non-approved service is requested. | The Non-Approved mode indicator maps to the non-approved service indicator which is non-zero return code | Non- Approved |
| Name | CAVP Cert | Properties | Reference |
|---|---|---|---|
| AES-CBC | A5138 | Direction - Decrypt, Encrypt Key Length - 128, 192, 256 | SP 800-38A |
| AES-CBC | A5139 | Direction - Decrypt, Encrypt Key Length - 128, 192, 256 | SP 800-38A |
| AES-CBC | A5141 | Direction - Decrypt, Encrypt Key Length - 128, 192, 256 | SP 800-38A |
| AES-CBC | A5142 | Direction - Decrypt, Encrypt Key Length - 128, 192, 256 | SP 800-38A |
| AES-CCM | A5138 | Key Length - 128, 192, 256 Tag Length - 112, 128, 32, 48, 64, 80, 96 IV Length - IV Length: 56, 64, 72, 80, 88, 96, 104 Payload Length - Payload Length: 0-256 Increment 8 AAD Length - AAD Length: 0-524288 Increment 8, AAD Length: 0, 256, 65536 | SP 800-38C |
| AES-CCM | A5139 | Key Length - 128, 192, 256 Tag Length - 112, 128, 32, 48, 64, 80, 96 IV Length - IV Length: 56, 64, 72, 80, 88, 96, 104 Payload Length - Payload Length: 0-256 Increment 8 AAD Length - AAD Length: 0-524288 Increment 8, AAD Length: 0, 256, 65536 | SP 800-38C |
| AES-CCM | A5141 | Key Length - 128, 192, 256 Tag Length - 112, 128, 32, 48, 64, 80, 96 IV Length - IV Length: 56, 64, 72, 80, 88, 96, 104 Payload Length - Payload Length: 0-256 Increment 8 AAD Length - AAD Length: 0-524288 Increment 8, AAD Length: 0, 256, 65536 | SP 800-38C |
| AES-CCM | A5142 | Key Length - 128, 192, 256 Tag Length - 112, 128, 32, 48, 64, 80, 96 IV Length - IV Length: 56, 64, 72, 80, 88, 96, 104 Payload Length - Payload Length: 0-256 Increment 8 AAD Length - AAD Length: 0-524288 Increment 8, AAD Length: 0, 256, 65536 | SP 800-38C |
| AES-CFB128 | A5138 | Direction - Decrypt, Encrypt Key Length - 128, 192, 256 | SP 800-38A |
| AES-CFB128 | A5139 | Direction - Decrypt, Encrypt Key Length - 128, 192, 256 | SP 800-38A |
| AES-CFB128 | A5141 | Direction - Decrypt, Encrypt Key Length - 128, 192, 256 | SP 800-38A |
| AES-CFB128 | A5142 | Direction - Decrypt, Encrypt Key Length - 128, 192, 256 | SP 800-38A |
| AES-CFB8 | A5138 | Direction - Decrypt, Encrypt Key Length - 128, 192, 256 | SP 800-38A |
| AES-CFB8 | A5139 | Direction - Decrypt, Encrypt Key Length - 128, 192, 256 | SP 800-38A |
| AES-CFB8 | A5141 | Direction - Decrypt, Encrypt Key Length - 128, 192, 256 | SP 800-38A |
| AES-CFB8 | A5142 | Direction - Decrypt, Encrypt Key Length - 128, 192, 256 | SP 800-38A |
| AES-CMAC | A5138 | Direction - Generation, Verification Key Length - 128, 192, 256 MAC Length - MAC Length: 128 Message Length - Message Length: 8-524288 Increment 8 | SP 800-38B |
| AES-CMAC | A5139 | Direction - Generation, Verification Key Length - 128, 192, 256 | SP 800-38B |
| AES-CMAC | A5141 | Direction - Generation, Verification Key Length - 128, 192, 256 MAC Length - MAC Length: 128 Message Length - Message Length: 8-524288 Increment 8 | SP 800-38B |
| AES-CMAC | A5142 | Direction - Generation, Verification Key Length - 128, 192, 256 MAC Length - MAC Length: 128 Message Length - Message Length: 8-524288 Increment 8 | SP 800-38B |
| AES-CTR | A5138 | Direction - Decrypt, Encrypt Key Length - 128, 192, 256 Payload Length - Payload Length: 8-128 Increment 8 Supports Counter larger than maximum value - No Incremental Counter - Yes Counter Tests Performed - Yes | SP 800-38A |
| AES-CTR | A5139 | Direction - Decrypt, Encrypt Key Length - 128, 192, 256 Payload Length - Payload Length: 8-128 Increment 8 Supports Counter larger than maximum value - No Incremental Counter - Yes Counter Tests Performed - Yes | SP 800-38A |
| AES-CTR | A5141 | Direction - Decrypt, Encrypt Key Length - 128, 192, 256 Payload Length - Payload Length: 8-128 Increment 8 Supports Counter larger than maximum value - No Incremental Counter - Yes Counter Tests Performed - Yes | SP 800-38A |
| AES-CTR | A5142 | Direction - Decrypt, Encrypt Key Length - 128, 192, 256 Payload Length - Payload Length: 8-128 Increment 8 Supports Counter larger than maximum value - No Incremental Counter - Yes Counter Tests Performed - Yes | SP 800-38A |
| AES-ECB | A5138 | Direction - Decrypt, Encrypt Key Length - 128, 192, 256 | SP 800-38A |
| AES-ECB | A5139 | Direction - Decrypt, Encrypt Key Length - 128, 192, 256 | SP 800-38A |
| AES-ECB | A5141 | Direction - Decrypt, Encrypt Key Length - 128, 192, 256 | SP 800-38A |
| AES-ECB | A5142 | Direction - Decrypt, Encrypt Key Length - 128, 192, 256 | SP 800-38A |
| AES-KW | A5138 | Direction - Decrypt, Encrypt Cipher - Cipher Key Length - 128, 192, 256 Payload Length - Payload Length: 128-4096 Increment 128 | SP 800-38F |
| AES-KW | A5139 | Direction - Decrypt, Encrypt Cipher - Cipher Key Length - 128, 192, 256 Payload Length - Payload Length: 128-4096 Increment 128 | SP 800-38F |
| AES-KW | A5141 | Direction - Decrypt, Encrypt Cipher - Cipher Key Length - 128, 192, 256 Payload Length - Payload Length: 128-4096 Increment 128 | SP 800-38F |
| AES-KW | A5142 | Direction - Decrypt, Encrypt Cipher - Cipher Key Length - 128, 192, 256 Payload Length - Payload Length: 128-4096 Increment 128 | SP 800-38F |
| AES-OFB | A5138 | Direction - Decrypt, Encrypt Key Length - 128, 192, 256 | SP 800-38A |
| AES-OFB | A5139 | Direction - Decrypt, Encrypt Key Length - 128, 192, 256 | SP 800-38A |
| AES-OFB | A5141 | Direction - Decrypt, Encrypt Key Length - 128, 192, 256 | SP 800-38A |
| AES-OFB | A5142 | Direction - Decrypt, Encrypt Key Length - 128, 192, 256 | SP 800-38A |
| AES-XTS Testing Revision 2.0 | A5138 | Direction - Decrypt, Encrypt Key Length - 128, 256 Payload Length - Payload Length: 128-65536 Increment 128, Payload Length: 128-65536 Increment 8 Tweak Mode - Hex Data Unit Length Matches Payload Length - Yes | SP 800-38E |
| AES-XTS Testing Revision 2.0 | A5139 | Direction - Decrypt, Encrypt Key Length - 128, 256 Payload Length - Payload Length: 128-65536 Increment 128, Payload Length: 128-65536 Increment 8 Tweak Mode - Hex Data Unit Length Matches Payload Length - Yes | SP 800-38E |
| AES-XTS Testing Revision 2.0 | A5141 | Direction - Decrypt, Encrypt Key Length - 128, 256 Payload Length - Payload Length: 128-65536 Increment 128, | SP 800-38E |
| AES-XTS Testing Revision 2.0 | A5142 | Direction - Decrypt, Encrypt Key Length - 128, 256 Payload Length - Payload Length: 128-65536 Increment 128, Payload Length: 128-65536 Increment 8 Tweak Mode - Hex Data Unit Length Matches Payload Length - Yes | SP 800-38E |
| Counter DRBG | A5138 | Prediction Resistance - No, Yes Supports Reseed - No Mode - AES-128, AES-192, AES-256 Derivation Function Enabled - Yes Additional Input - Additional Input: 0 Entropy Input - Entropy Input: 128, Entropy Input: 192, Entropy Input: 256 Nonce - Nonce: 128, Nonce: 64 Personalization String Length - Personalization String Length: 0 Returned Bits - 1024, 512 | SP 800-90A Rev. 1 |
| Counter DRBG | A5139 | Prediction Resistance - No, Yes Supports Reseed - No Mode - AES-128, AES-192, AES-256 Derivation Function Enabled - Yes Additional Input - Additional Input: 0 Entropy Input - Entropy Input: 128, Entropy Input: 192, Entropy Input: 256 Nonce - Nonce: 128, Nonce: 64 Personalization String Length - Personalization String Length: 0 Returned Bits - 1024, 512 | SP 800-90A Rev. 1 |
| Counter DRBG | A5141 | Prediction Resistance - No, Yes Supports Reseed - No Mode - AES-128, AES-192, AES-256 Derivation Function Enabled - Yes Additional Input - Additional Input: 0 Entropy Input - Entropy Input: 128, Entropy Input: 192, Entropy Input: 256 Nonce - Nonce: 128, Nonce: 64 Personalization String Length - Personalization String Length: 0 Returned Bits - 1024, 512 | SP 800-90A Rev. 1 |
| Counter DRBG | A5142 | Prediction Resistance - No, Yes Supports Reseed - No Mode - AES-128, AES-192, AES-256 Derivation Function Enabled - Yes Additional Input - Additional Input: 0 Entropy Input - Entropy Input: 128, Entropy Input: 192, Entropy Input: 256 Nonce - Nonce: 128, Nonce: 64 Personalization String Length - Personalization String Length: 0 Returned Bits - 1024, 512 | SP 800-90A Rev. 1 |
| ECDSA KeyGen (FIPS186-5) | A5138 | Curve - P-224, P-256, P-384, P-521 Secret Generation Mode - testing candidates | FIPS 186-5 |
| ECDSA KeyGen (FIPS186-5) | A5139 | Curve - P-224, P-256, P-384, P-521 Secret Generation Mode - testing candidates | FIPS 186-5 |
| ECDSA KeyGen (FIPS186-5) | A5140 | Curve - P-224, P-256, P-384, P-521 Secret Generation Mode - testing candidates | FIPS 186-5 |
| ECDSA KeyGen (FIPS186-5) | A5141 | Curve - P-224, P-256, P-384, P-521 Secret Generation Mode - testing candidates | FIPS 186-5 |
| ECDSA KeyGen (FIPS186-5) | A5142 | Curve - P-224, P-256, P-384, P-521 Secret Generation Mode - testing candidates | FIPS 186-5 |
| ECDSA KeyVer (FIPS186-5) | A5138 | Curve - P-224, P-256, P-384, P-521 | FIPS 186-5 |
| ECDSA KeyVer (FIPS186-5) | A5139 | Curve - P-224, P-256, P-384, P-521 | FIPS 186-5 |
| ECDSA KeyVer (FIPS186-5) | A5140 | Curve - P-224, P-256, P-384, P-521 | FIPS 186-5 |
| ECDSA KeyVer (FIPS186-5) | A5141 | Curve - P-224, P-256, P-384, P-521 | FIPS 186-5 |
| ECDSA KeyVer (FIPS186-5) | A5142 | Curve - P-224, P-256, P-384, P-521 | FIPS 186-5 |
| ECDSA SigGen (FIPS186-5) | A5138 | Curve - P-224, P-256, P-384, P-521 Hash Algorithm - SHA2-224, SHA2-256, SHA2-384, SHA2- 512, SHA2-512/224, SHA2-512/256, SHA3-224, SHA3-256, SHA3-384, SHA3-512 Component - No | FIPS 186-5 |
| ECDSA SigGen (FIPS186-5) | A5139 | Curve - P-224, P-256, P-384, P-521 Hash Algorithm - SHA2-224, SHA2-256, SHA2-384, SHA2- 512, SHA2-512/224, SHA2-512/256, SHA3-224, SHA3-256, | FIPS 186-5 |
| ECDSA SigGen (FIPS186-5) | A5140 | Curve - P-224, P-256, P-384, P-521 Hash Algorithm - SHA2-224, SHA2-256, SHA2-384, SHA2- 512, SHA2-512/224, SHA2-512/256, SHA3-224, SHA3-256, SHA3-384, SHA3-512 Component - No | FIPS 186-5 |
| ECDSA SigGen (FIPS186-5) | A5141 | Curve - P-224, P-256, P-384, P-521 Hash Algorithm - SHA2-224, SHA2-256, SHA2-384, SHA2- 512, SHA2-512/224, SHA2-512/256, SHA3-224, SHA3-256, SHA3-384, SHA3-512 Component - No | FIPS 186-5 |
| ECDSA SigGen (FIPS186-5) | A5142 | Curve - P-224, P-256, P-384, P-521 Hash Algorithm - SHA2-224, SHA2-256, SHA2-384, SHA2- 512, SHA2-512/224, SHA2-512/256, SHA3-224, SHA3-256, SHA3-384, SHA3-512 Component - No | FIPS 186-5 |
| ECDSA SigVer (FIPS186-5) | A5138 | Component - No Curve - P-224, P-256, P-384, P-521 Hash Algorithm - SHA2-224, SHA2-256, SHA2-384, SHA2- 512, SHA2-512/224, SHA2-512/256, SHA3-224, SHA3-256, SHA3-384, SHA3-512 | FIPS 186-5 |
| ECDSA SigVer (FIPS186-5) | A5139 | Component - No Curve - P-224, P-256, P-384, P-521 Hash Algorithm - SHA2-224, SHA2-256, SHA2-384, SHA2- 512, SHA2-512/224, SHA2-512/256, SHA3-224, SHA3-256, SHA3-384, SHA3-512 | FIPS 186-5 |
| ECDSA SigVer (FIPS186-5) | A5140 | Component - No Curve - P-224, P-256, P-384, P-521 Hash Algorithm - SHA2-224, SHA2-256, SHA2-384, SHA2- 512, SHA2-512/224, SHA2-512/256, SHA3-224, SHA3-256, SHA3-384, SHA3-512 | FIPS 186-5 |
| ECDSA SigVer (FIPS186-5) | A5141 | Component - No Curve - P-224, P-256, P-384, P-521 Hash Algorithm - SHA2-224, SHA2-256, SHA2-384, SHA2- 512, SHA2-512/224, SHA2-512/256, SHA3-224, SHA3-256, SHA3-384, SHA3-512 | FIPS 186-5 |
| ECDSA SigVer (FIPS186-5) | A5142 | Component - No Curve - P-224, P-256, P-384, P-521 Hash Algorithm - SHA2-224, SHA2-256, SHA2-384, SHA2- 512, SHA2-512/224, SHA2-512/256, SHA3-224, SHA3-256, SHA3-384, SHA3-512 | FIPS 186-5 |
| Hash DRBG | A5138 | Prediction Resistance - No, Yes Supports Reseed - No Mode - SHA-1, SHA2-256, SHA2-512 Entropy Input - Entropy Input: 160, Entropy Input: 256 Nonce - Nonce: 160, Nonce: 256 Personalization String Length - Personalization String Length: 0, 160, Personalization String Length: 0, 256 Additional Input - Additional Input: 0, 160, Additional Input: 0, 256 Returned Bits - 320, 512, 768 | SP 800-90A Rev. 1 |
| Hash DRBG | A5139 | Prediction Resistance - No, Yes Supports Reseed - No Mode - SHA-1, SHA2-256, SHA2-512 Entropy Input - Entropy Input: 160, Entropy Input: 256 Nonce - Nonce: 160, Nonce: 256 Personalization String Length - Personalization String Length: 0, 160, Personalization String Length: 0, 256 Additional Input - Additional Input: 0, 160, Additional Input: 0, 256 Returned Bits - 320, 512, 768 | SP 800-90A Rev. 1 |
| Hash DRBG | A5140 | Prediction Resistance - No, Yes Supports Reseed - No Mode - SHA-1, SHA2-256, SHA2-512 Entropy Input - Entropy Input: 160, Entropy Input: 256 Nonce - Nonce: 160, Nonce: 256 Personalization String Length - Personalization String Length: 0, 160, Personalization String Length: 0, 256 Additional Input - Additional Input: 0, 160, Additional Input: 0, 256 Returned Bits - 320, 512, 768 | SP 800-90A Rev. 1 |
| Hash DRBG | A5141 | Prediction Resistance - No, Yes Supports Reseed - No Mode - SHA-1, SHA2-256, SHA2-512 Entropy Input - Entropy Input: 160, Entropy Input: 256 Nonce - Nonce: 160, Nonce: 256 Personalization String Length - Personalization String Length: 0, 160, Personalization String Length: 0, 256 Additional Input - Additional Input: 0, 160, Additional Input: 0, 256 Returned Bits - 320, 512, 768 | SP 800-90A Rev. 1 |
| Hash DRBG | A5142 | Prediction Resistance - No, Yes Supports Reseed - No Mode - SHA-1, SHA2-256, SHA2-512 | SP 800-90A Rev. 1 |
| HMAC DRBG | A5138 | Prediction Resistance - No, Yes Supports Reseed - No Mode - SHA-1, SHA2-256, SHA2-512 Entropy Input - Entropy Input: 160, Entropy Input: 256 Nonce - Nonce: 160, Nonce: 256 Personalization String Length - Personalization String Length: 0, 160, Personalization String Length: 0, 256 Additional Input - Additional Input: 0, 160, Additional Input: 0, 256 Returned Bits - 320, 512, 768 | SP 800-90A Rev. 1 |
| HMAC DRBG | A5139 | Prediction Resistance - No, Yes Supports Reseed - No Mode - SHA-1, SHA2-256, SHA2-512 Entropy Input - Entropy Input: 160, Entropy Input: 256 Nonce - Nonce: 160, Nonce: 256 Personalization String Length - Personalization String Length: 0, 160, Personalization String Length: 0, 256 Additional Input - Additional Input: 0, 160, Additional Input: 0, 256 Returned Bits - 320, 512, 768 | SP 800-90A Rev. 1 |
| HMAC DRBG | A5140 | Prediction Resistance - No, Yes Supports Reseed - No Mode - SHA-1, SHA2-256, SHA2-512 Entropy Input - Entropy Input: 160, Entropy Input: 256 Nonce - Nonce: 160, Nonce: 256 Personalization String Length - Personalization String Length: 0, 160, Personalization String Length: 0, 256 Additional Input - Additional Input: 0, 160, Additional Input: 0, 256 Returned Bits - 320, 512, 768 | SP 800-90A Rev. 1 |
| HMAC DRBG | A5141 | Prediction Resistance - No, Yes Supports Reseed - No Mode - SHA-1, SHA2-256, SHA2-512 Entropy Input - Entropy Input: 160, Entropy Input: 256 Nonce - Nonce: 160, Nonce: 256 Personalization String Length - Personalization String | SP 800-90A Rev. 1 |
| HMAC DRBG | A5142 | Prediction Resistance - No, Yes Supports Reseed - No Mode - SHA-1, SHA2-256, SHA2-512 Entropy Input - Entropy Input: 160, Entropy Input: 256 Nonce - Nonce: 160, Nonce: 256 Personalization String Length - Personalization String Length: 0, 160, Personalization String Length: 0, 256 Additional Input - Additional Input: 0, 160, Additional Input: 0, 256 Returned Bits - 320, 512, 768 | SP 800-90A Rev. 1 |
| HMAC-SHA-1 | A5137 | MAC - MAC: 160 Key Length - Key Length: 112-524288 Increment 8 | FIPS 198-1 |
| HMAC-SHA-1 | A5138 | MAC - MAC: 160 Key Length - Key Length: 112-524288 Increment 8 | FIPS 198-1 |
| HMAC-SHA-1 | A5139 | MAC - MAC: 160 Key Length - Key Length: 112-524288 Increment 8 | FIPS 198-1 |
| HMAC-SHA-1 | A5140 | MAC - MAC: 160 Key Length - Key Length: 112-524288 Increment 8 | FIPS 198-1 |
| HMAC-SHA-1 | A5141 | MAC - MAC: 160 Key Length - Key Length: 112-524288 Increment 8 | FIPS 198-1 |
| HMAC-SHA-1 | A5142 | MAC - MAC: 160 Key Length - Key Length: 112-524288 Increment 8 | FIPS 198-1 |
| HMAC-SHA2- 224 | A5138 | MAC - MAC: 224 Key Length - Key Length: 112-524288 Increment 8 | FIPS 198-1 |
| HMAC-SHA2- 224 | A5139 | MAC - MAC: 224 Key Length - Key Length: 112-524288 Increment 8 | FIPS 198-1 |
| HMAC-SHA2- 224 | A5140 | MAC - MAC: 224 Key Length - Key Length: 112-524288 Increment 8 | FIPS 198-1 |
| HMAC-SHA2- 224 | A5141 | MAC - MAC: 224 Key Length - Key Length: 112-524288 Increment 8 | FIPS 198-1 |
| HMAC-SHA2- 224 | A5142 | MAC - MAC: 224 Key Length - Key Length: 112-524288 Increment 8 | FIPS 198-1 |
| HMAC-SHA2- 256 | A5138 | MAC - MAC: 256 Key Length - Key Length: 112-524288 Increment 8 | FIPS 198-1 |
| HMAC-SHA2- 256 | A5139 | MAC - MAC: 256 Key Length - Key Length: 112-524288 Increment 8 | FIPS 198-1 |
| HMAC-SHA2- 256 | A5140 | MAC - MAC: 256 Key Length - Key Length: 112-524288 Increment 8 | FIPS 198-1 |
| HMAC-SHA2- 256 | A5141 | MAC - MAC: 256 Key Length - Key Length: 112-524288 Increment 8 | FIPS 198-1 |
| HMAC-SHA2- 256 | A5142 | MAC - MAC: 256 Key Length - Key Length: 112-524288 Increment 8 | FIPS 198-1 |
| HMAC-SHA2- 384 | A5138 | MAC - MAC: 384 Key Length - Key Length: 112-524288 Increment 8 | FIPS 198-1 |
| HMAC-SHA2- 384 | A5139 | MAC - MAC: 384 Key Length - Key Length: 112-524288 Increment 8 | FIPS 198-1 |
| HMAC-SHA2- 384 | A5140 | MAC - MAC: 384 Key Length - Key Length: 112-524288 Increment 8 | FIPS 198-1 |
| HMAC-SHA2- 384 | A5141 | MAC - MAC: 384 Key Length - Key Length: 112-524288 Increment 8 | FIPS 198-1 |
| HMAC-SHA2- 384 | A5142 | MAC - MAC: 384 Key Length - Key Length: 112-524288 Increment 8 | FIPS 198-1 |
| HMAC-SHA2- 512 | A5138 | MAC - MAC: 512 Key Length - Key Length: 112-524288 Increment 8 | FIPS 198-1 |
| HMAC-SHA2- 512 | A5139 | MAC - MAC: 512 Key Length - Key Length: 112-524288 Increment 8 | FIPS 198-1 |
| HMAC-SHA2- 512 | A5140 | MAC - MAC: 512 Key Length - Key Length: 112-524288 Increment 8 | FIPS 198-1 |
| HMAC-SHA2- 512 | A5141 | MAC - MAC: 512 Key Length - Key Length: 112-524288 Increment 8 | FIPS 198-1 |
| HMAC-SHA2- 512 | A5142 | MAC - MAC: 512 Key Length - Key Length: 112-524288 Increment 8 | FIPS 198-1 |
| HMAC-SHA2- 512/224 | A5138 | MAC - MAC: 224 Key Length - Key Length: 112-524288 Increment 8 | FIPS 198-1 |
| HMAC-SHA2- 512/224 | A5139 | MAC - MAC: 224 Key Length - Key Length: 112-524288 Increment 8 | FIPS 198-1 |
| HMAC-SHA2- 512/224 | A5140 | MAC - MAC: 224 Key Length - Key Length: 112-524288 Increment 8 | FIPS 198-1 |
| HMAC-SHA2- 512/224 | A5141 | MAC - MAC: 224 Key Length - Key Length: 112-524288 Increment 8 | FIPS 198-1 |
| HMAC-SHA2- 512/224 | A5142 | MAC - MAC: 224 Key Length - Key Length: 112-524288 Increment 8 | FIPS 198-1 |
| HMAC-SHA2- 512/256 | A5138 | MAC - MAC: 256 Key Length - Key Length: 112-524288 Increment 8 | FIPS 198-1 |
| HMAC-SHA2- 512/256 | A5139 | MAC - MAC: 256 Key Length - Key Length: 112-524288 Increment 8 | FIPS 198-1 |
| HMAC-SHA2- 512/256 | A5140 | MAC - MAC: 256 Key Length - Key Length: 112-524288 Increment 8 | FIPS 198-1 |
| HMAC-SHA2- 512/256 | A5141 | MAC - MAC: 256 Key Length - Key Length: 112-524288 Increment 8 | FIPS 198-1 |
| HMAC-SHA2- 512/256 | A5142 | MAC - MAC: 256 Key Length - Key Length: 112-524288 Increment 8 | FIPS 198-1 |
| HMAC-SHA3- 224 | A5140 | MAC - MAC: 224 Key Length - Key Length: 112-524288 Increment 8 | FIPS 198-1 |
| HMAC-SHA3- 224 | A5141 | MAC - MAC: 224 Key Length - Key Length: 112-524288 Increment 8 | FIPS 198-1 |
| HMAC-SHA3- 224 | A5142 | MAC - MAC: 224 Key Length - Key Length: 112-524288 Increment 8 | FIPS 198-1 |
| HMAC-SHA3- 256 | A5140 | MAC - MAC: 256 Key Length - Key Length: 112-524288 Increment 8 | FIPS 198-1 |
| HMAC-SHA3- 256 | A5141 | MAC - MAC: 256 Key Length - Key Length: 112-524288 Increment 8 | FIPS 198-1 |
| HMAC-SHA3- 256 | A5142 | MAC - MAC: 256 Key Length - Key Length: 112-524288 Increment 8 | FIPS 198-1 |
| HMAC-SHA3- 384 | A5140 | MAC - MAC: 384 Key Length - Key Length: 112-524288 Increment 8 | FIPS 198-1 |
| HMAC-SHA3- 384 | A5141 | MAC - MAC: 384 Key Length - Key Length: 112-524288 Increment 8 | FIPS 198-1 |
| HMAC-SHA3- 384 | A5142 | MAC - MAC: 384 Key Length - Key Length: 112-524288 Increment 8 | FIPS 198-1 |
| HMAC-SHA3- 512 | A5140 | MAC - MAC: 512 Key Length - Key Length: 112-524288 Increment 8 | FIPS 198-1 |
| HMAC-SHA3- 512 | A5141 | MAC - MAC: 512 Key Length - Key Length: 112-524288 Increment 8 | FIPS 198-1 |
| HMAC-SHA3- 512 | A5142 | MAC - MAC: 512 Key Length - Key Length: 112-524288 Increment 8 | FIPS 198-1 |
| PBKDF | A5138 | Iteration Count - Iteration Count: 1000-10000000 Increment 1 HMAC Algorithm - SHA-1, SHA2-224, SHA2-256, SHA2- 384, SHA2-512, SHA2-512/224, SHA2-512/256, SHA3-224, SHA3-256, SHA3-384, SHA3-512 Password Length - Password Length: 8-128 Increment 1 | SP 800-132 |
| PBKDF | A5139 | Iteration Count - Iteration Count: 1000-10000000 Increment 1 HMAC Algorithm - SHA-1, SHA2-224, SHA2-256, SHA2- 384, SHA2-512, SHA2-512/224, SHA2-512/256, SHA3-224, SHA3-256, SHA3-384, SHA3-512 Password Length - Password Length: 8-128 Increment 1 Salt Length - Salt Length: 128-4096 Increment 8 Key Data Length - Key Data Length: 128-4096 Increment 8 | SP 800-132 |
| PBKDF | A5140 | Iteration Count - Iteration Count: 1000-10000000 Increment 1 HMAC Algorithm - SHA-1, SHA2-224, SHA2-256, SHA2- 384, SHA2-512, SHA2-512/224, SHA2-512/256, SHA3-224, SHA3-256, SHA3-384, SHA3-512 Password Length - Password Length: 8-128 Increment 1 Salt Length - Salt Length: 128-4096 Increment 8 Key Data Length - Key Data Length: 128-4096 Increment 8 | SP 800-132 |
| PBKDF | A5141 | Iteration Count - Iteration Count: 1000-10000000 Increment 1 HMAC Algorithm - SHA-1, SHA2-224, SHA2-256, SHA2- 384, SHA2-512, SHA2-512/224, SHA2-512/256, SHA3-224, SHA3-256, SHA3-384, SHA3-512 Password Length - Password Length: 8-128 Increment 1 Salt Length - Salt Length: 128-4096 Increment 8 Key Data Length - Key Data Length: 128-4096 Increment 8 | SP 800-132 |
| PBKDF | A5142 | Iteration Count - Iteration Count: 1000-10000000 Increment 1 HMAC Algorithm - SHA-1, SHA2-224, SHA2-256, SHA2- 384, SHA2-512, SHA2-512/224, SHA2-512/256, SHA3-224, SHA3-256, SHA3-384, SHA3-512 Password Length - Password Length: 8-128 Increment 1 Salt Length - Salt Length: 128-4096 Increment 8 Key Data Length - Key Data Length: 128-4096 Increment 8 | SP 800-132 |
| RSA KeyGen (FIPS186-5) | A5138 | Key Generation Mode - probable Modulo - 2048, 3072, 4096, 8192 p mod 8 - 0 Primality Tests - 2powSecStr q mod 8 - 0 Info Generated By Server - No Private Key Format - standard Public Exponent Mode - random | FIPS 186-5 |
| RSA KeyGen (FIPS186-5) | A5139 | Key Generation Mode - probable Modulo - 2048, 3072, 4096, 8192 p mod 8 - 0 Primality Tests - 2powSecStr q mod 8 - 0 Info Generated By Server - No Private Key Format - standard Public Exponent Mode - random | FIPS 186-5 |
| RSA KeyGen (FIPS186-5) | A5140 | Key Generation Mode - probable Modulo - 2048, 3072, 4096, 8192 p mod 8 - 0 Primality Tests - 2powSecStr q mod 8 - 0 Info Generated By Server - No Private Key Format - standard Public Exponent Mode - random | FIPS 186-5 |
| RSA KeyGen (FIPS186-5) | A5141 | Key Generation Mode - probable Modulo - 2048, 3072, 4096, 8192 p mod 8 - 0 Primality Tests - 2powSecStr q mod 8 - 0 Info Generated By Server - No Private Key Format - standard Public Exponent Mode - random | FIPS 186-5 |
| RSA KeyGen (FIPS186-5) | A5142 | Key Generation Mode - probable Modulo - 2048, 3072, 4096, 8192 p mod 8 - 0 Primality Tests - 2powSecStr q mod 8 - 0 Info Generated By Server - No Private Key Format - standard Public Exponent Mode - random | FIPS 186-5 |
| RSA SigGen (FIPS186-5) | A5138 | Hash Pair - Hash Algorithm - SHA2-512/256 Mask Function - mgf1 Modulo - 2048, 3072, 4096 Signature Type - pkcs1v1.5, pss | FIPS 186-5 |
| RSA SigGen (FIPS186-5) | A5139 | Hash Pair - Hash Algorithm - SHA2-512/256 Mask Function - mgf1 Modulo - 2048, 3072, 4096 Signature Type - pkcs1v1.5, pss | FIPS 186-5 |
| RSA SigGen (FIPS186-5) | A5140 | Hash Pair - Hash Algorithm - SHA2-512/256 Mask Function - mgf1 Modulo - 2048, 3072, 4096 Signature Type - pkcs1v1.5, pss | FIPS 186-5 |
| RSA SigGen (FIPS186-5) | A5141 | Hash Pair - Hash Algorithm - SHA2-512/256 Mask Function - mgf1 Modulo - 2048, 3072, 4096 Signature Type - pkcs1v1.5, pss | FIPS 186-5 |
| RSA SigGen (FIPS186-5) | A5142 | Hash Pair - Hash Algorithm - SHA2-512/256 Mask Function - mgf1 Modulo - 2048, 3072, 4096 Signature Type - pkcs1v1.5, pss | FIPS 186-5 |
| RSA SigVer (FIPS186-2) | A5138 | Public Exponent Mode - Fixed Fixed Public Exponent - 010001 Signature Type - PKCS 1.5, PKCSPSS Modulo - 1536 Hash Pair - Hash Algorithm - SHA2-224 Salt Length - 28 | FIPS 186-4 |
| RSA SigVer (FIPS186-2) | A5139 | Public Exponent Mode - Fixed Fixed Public Exponent - 010001 Signature Type - PKCS 1.5, PKCSPSS Modulo - 1536 Hash Pair - Hash Algorithm - SHA2-224 Salt Length - 28 | FIPS 186-4 |
| RSA SigVer (FIPS186-2) | A5140 | Public Exponent Mode - Fixed Fixed Public Exponent - 010001 Signature Type - PKCS 1.5, PKCSPSS Modulo - 1536 Hash Pair - Hash Algorithm - SHA2-224 Salt Length - 28 | FIPS 186-4 |
| RSA SigVer (FIPS186-2) | A5141 | Public Exponent Mode - Fixed Fixed Public Exponent - 010001 Signature Type - PKCS 1.5, PKCSPSS Modulo - 1536 Hash Pair - | FIPS 186-4 |
| RSA SigVer (FIPS186-2) | A5142 | Public Exponent Mode - Fixed Fixed Public Exponent - 010001 Signature Type - PKCS 1.5, PKCSPSS Modulo - 1536 Hash Pair - Hash Algorithm - SHA2-224 Salt Length - 28 | FIPS 186-4 |
| RSA SigVer (FIPS186-4) | A5138 | Signature Type - PKCS 1.5, PKCSPSS Modulo - 1024 Hash Pair - Hash Algorithm - SHA2-224 Salt Length - 28 Public Exponent Mode - Fixed Fixed Public Exponent - 010001 | FIPS 186-4 |
| RSA SigVer (FIPS186-4) | A5139 | Signature Type - PKCS 1.5, PKCSPSS Modulo - 1024 Hash Pair - Hash Algorithm - SHA2-224 Salt Length - 28 Public Exponent Mode - Fixed Fixed Public Exponent - 010001 | FIPS 186-4 |
| RSA SigVer (FIPS186-4) | A5140 | Signature Type - PKCS 1.5, PKCSPSS Modulo - 1024 Hash Pair - Hash Algorithm - SHA2-224 Salt Length - 28 Public Exponent Mode - Fixed Fixed Public Exponent - 010001 | FIPS 186-4 |
| RSA SigVer (FIPS186-4) | A5141 | Signature Type - PKCS 1.5, PKCSPSS Modulo - 1024 Hash Pair - Hash Algorithm - SHA2-224 Salt Length - 28 Public Exponent Mode - Fixed Fixed Public Exponent - 010001 | FIPS 186-4 |
| RSA SigVer (FIPS186-4) | A5142 | Signature Type - PKCS 1.5, PKCSPSS Modulo - 1024 Hash Pair - Hash Algorithm - SHA2-224 Salt Length - 28 | FIPS 186-4 |
| RSA SigVer (FIPS186-5) | A5138 | Hash Pair - Hash Algorithm - SHA2-512/256 Mask Function - mgf1 Modulo - 2048, 3072, 4096 Signature Type - pkcs1v1.5, pss Fixed Public Exponent - 010001 Public Exponent Mode - fixed | FIPS 186-5 |
| RSA SigVer (FIPS186-5) | A5139 | Hash Pair - Hash Algorithm - SHA2-512/256 Mask Function - mgf1 Modulo - 2048, 3072, 4096 Signature Type - pkcs1v1.5, pss Fixed Public Exponent - 010001 Public Exponent Mode - fixed | FIPS 186-5 |
| RSA SigVer (FIPS186-5) | A5140 | Hash Pair - Hash Algorithm - SHA2-512/256 Mask Function - mgf1 Modulo - 2048, 3072, 4096 Signature Type - pkcs1v1.5, pss Fixed Public Exponent - 010001 Public Exponent Mode - fixed | FIPS 186-5 |
| RSA SigVer (FIPS186-5) | A5141 | Hash Pair - Hash Algorithm - SHA2-512/256 Mask Function - mgf1 Modulo - 2048, 3072, 4096 Signature Type - pkcs1v1.5, pss Fixed Public Exponent - 010001 Public Exponent Mode - fixed | FIPS 186-5 |
| RSA SigVer (FIPS186-5) | A5142 | Hash Pair - Hash Algorithm - SHA2-512/256 Mask Function - mgf1 Modulo - 2048, 3072, 4096 Signature Type - pkcs1v1.5, pss Fixed Public Exponent - 010001 Public Exponent Mode - fixed | FIPS 186-5 |
| SHA-1 | A5137 | Message Length - Message Length: 0-65536 Increment 8 Large Message Sizes - 1, 2, 4, 8 | FIPS 180-4 |
| SHA-1 | A5138 | Message Length - Message Length: 0-65536 Increment 8 Large Message Sizes - 1, 2, 4, 8 | FIPS 180-4 |
| SHA-1 | A5139 | Message Length - Message Length: 0-65536 Increment 8 Large Message Sizes - 1, 2, 4, 8 | FIPS 180-4 |
| SHA-1 | A5140 | Message Length - Message Length: 0-65536 Increment 8 Large Message Sizes - 1, 2, 4, 8 | FIPS 180-4 |
| SHA-1 | A5141 | Message Length - Message Length: 0-65536 Increment 8 Large Message Sizes - 1, 2, 4, 8 | FIPS 180-4 |
| SHA-1 | A5142 | Message Length - Message Length: 0-65536 Increment 8 Large Message Sizes - 1, 2, 4, 8 | FIPS 180-4 |
| SHA2-224 | A5138 | Message Length - Message Length: 0-65536 Increment 8 Large Message Sizes - 1, 2, 4, 8 | FIPS 180-4 |
| SHA2-224 | A5139 | Message Length - Message Length: 0-65536 Increment 8 Large Message Sizes - 1, 2, 4, 8 | FIPS 180-4 |
| SHA2-224 | A5140 | Message Length - Message Length: 0-65536 Increment 8 Large Message Sizes - 1, 2, 4, 8 | FIPS 180-4 |
| SHA2-224 | A5141 | Message Length - Message Length: 0-65536 Increment 8 Large Message Sizes - 1, 2, 4, 8 | FIPS 180-4 |
| SHA2-224 | A5142 | Message Length - Message Length: 0-65536 Increment 8 Large Message Sizes - 1, 2, 4, 8 | FIPS 180-4 |
| SHA2-256 | A5138 | Message Length - Message Length: 0-65536 Increment 8 Large Message Sizes - 1, 2, 4, 8 | FIPS 180-4 |
| SHA2-256 | A5139 | Message Length - Message Length: 0-65536 Increment 8 Large Message Sizes - 1, 2, 4, 8 | FIPS 180-4 |
| SHA2-256 | A5140 | Message Length - Message Length: 0-65536 Increment 8 Large Message Sizes - 1, 2, 4, 8 | FIPS 180-4 |
| SHA2-256 | A5141 | Message Length - Message Length: 0-65536 Increment 8 Large Message Sizes - 1, 2, 4, 8 | FIPS 180-4 |
| SHA2-256 | A5142 | Message Length - Message Length: 0-65536 Increment 8 Large Message Sizes - 1, 2, 4, 8 | FIPS 180-4 |
| SHA2-384 | A5138 | Message Length - Message Length: 0-65536 Increment 8 Large Message Sizes - 1, 2, 4, 8 | FIPS 180-4 |
| SHA2-384 | A5139 | Message Length - Message Length: 0-65536 Increment 8 Large Message Sizes - 1, 2, 4, 8 | FIPS 180-4 |
| SHA2-384 | A5140 | Message Length - Message Length: 0-65536 Increment 8 Large Message Sizes - 1, 2, 4, 8 | FIPS 180-4 |
| SHA2-384 | A5141 | Message Length - Message Length: 0-65536 Increment 8 Large Message Sizes - 1, 2, 4, 8 | FIPS 180-4 |
| SHA2-384 | A5142 | Message Length - Message Length: 0-65536 Increment 8 Large Message Sizes - 1, 2, 4, 8 | FIPS 180-4 |
| SHA2-512 | A5138 | Message Length - Message Length: 0-65536 Increment 8 Large Message Sizes - 1, 2, 4, 8 | FIPS 180-4 |
| SHA2-512 | A5139 | Message Length - Message Length: 0-65536 Increment 8 Large Message Sizes - 1, 2, 4, 8 | FIPS 180-4 |
| SHA2-512 | A5140 | Message Length - Message Length: 0-65536 Increment 8 Large Message Sizes - 1, 2, 4, 8 | FIPS 180-4 |
| SHA2-512 | A5141 | Message Length - Message Length: 0-65536 Increment 8 Large Message Sizes - 1, 2, 4, 8 | FIPS 180-4 |
| SHA2-512 | A5142 | Message Length - Message Length: 0-65536 Increment 8 Large Message Sizes - 1, 2, 4, 8 | FIPS 180-4 |
| SHA2-512/224 | A5138 | Message Length - Message Length: 0-65536 Increment 8 Large Message Sizes - 1, 2, 4, 8 | FIPS 180-4 |
| SHA2-512/224 | A5139 | Message Length - Message Length: 0-65536 Increment 8 Large Message Sizes - 1, 2, 4, 8 | FIPS 180-4 |
| SHA2-512/224 | A5140 | Message Length - Message Length: 0-65536 Increment 8 Large Message Sizes - 1, 2, 4, 8 | FIPS 180-4 |
| SHA2-512/224 | A5141 | Message Length - Message Length: 0-65536 Increment 8 Large Message Sizes - 1, 2, 4, 8 | FIPS 180-4 |
| SHA2-512/224 | A5142 | Message Length - Message Length: 0-65536 Increment 8 Large Message Sizes - 1, 2, 4, 8 | FIPS 180-4 |
| SHA2-512/256 | A5138 | Message Length - Message Length: 0-65536 Increment 8 Large Message Sizes - 1, 2, 4, 8 | FIPS 180-4 |
| SHA2-512/256 | A5139 | Message Length - Message Length: 0-65536 Increment 8 Large Message Sizes - 1, 2, 4, 8 | FIPS 180-4 |
| SHA2-512/256 | A5140 | Message Length - Message Length: 0-65536 Increment 8 Large Message Sizes - 1, 2, 4, 8 | FIPS 180-4 |
| SHA2-512/256 | A5141 | Message Length - Message Length: 0-65536 Increment 8 Large Message Sizes - 1, 2, 4, 8 | FIPS 180-4 |
| SHA2-512/256 | A5142 | Message Length - Message Length: 0-65536 Increment 8 Large Message Sizes - 1, 2, 4, 8 | FIPS 180-4 |
| SHA3-224 | A5140 | Message Length - Message Length: 0-65536 Increment 8 Large Message Sizes - 1, 2, 4, 8 | FIPS 202 |
| SHA3-224 | A5141 | Message Length - Message Length: 0-65536 Increment 8 Large Message Sizes - 1, 2, 4, 8 | FIPS 202 |
| SHA3-224 | A5142 | Message Length - Message Length: 0-65536 Increment 8 Large Message Sizes - 1, 2, 4, 8 | FIPS 202 |
| SHA3-256 | A5140 | Message Length - Message Length: 0-65536 Increment 8 Large Message Sizes - 1, 2, 4, 8 | FIPS 202 |
| SHA3-256 | A5141 | Message Length - Message Length: 0-65536 Increment 8 Large Message Sizes - 1, 2, 4, 8 | FIPS 202 |
| SHA3-256 | A5142 | Message Length - Message Length: 0-65536 Increment 8 Large Message Sizes - 1, 2, 4, 8 | FIPS 202 |
| SHA3-384 | A5140 | Message Length - Message Length: 0-65536 Increment 8 Large Message Sizes - 1, 2, 4, 8 | FIPS 202 |
| SHA3-384 | A5141 | Message Length - Message Length: 0-65536 Increment 8 Large Message Sizes - 1, 2, 4, 8 | FIPS 202 |
| SHA3-384 | A5142 | Message Length - Message Length: 0-65536 Increment 8 Large Message Sizes - 1, 2, 4, 8 | FIPS 202 |
| SHA3-512 | A5140 | Message Length - Message Length: 0-65536 Increment 8 Large Message Sizes - 1, 2, 4, 8 | FIPS 202 |
| SHA3-512 | A5141 | Message Length - Message Length: 0-65536 Increment 8 Large Message Sizes - 1, 2, 4, 8 | FIPS 202 |
| SHA3-512 | A5142 | Message Length - Message Length: 0-65536 Increment 8 Large Message Sizes - 1, 2, 4, 8 | FIPS 202 |
| SHAKE-128 | A5140 | Supports Bit-Oriented Messages - No Supports Empty Message - Yes Supports Bit-Oriented Output - No Output Length - Output Length: 16-65536 Increment 8 | FIPS 202 |
| SHAKE-128 | A5141 | Supports Bit-Oriented Messages - No Supports Empty Message - Yes Supports Bit-Oriented Output - No Output Length - Output Length: 16-65536 Increment 8 | FIPS 202 |
| SHAKE-128 | A5142 | Supports Bit-Oriented Messages - No Supports Empty Message - Yes Supports Bit-Oriented Output - No Output Length - Output Length: 16-65536 Increment 8 | FIPS 202 |
| SHAKE-256 | A5140 | Supports Bit-Oriented Messages - No Supports Empty Message - Yes Supports Bit-Oriented Output - No Output Length - Output Length: 16-65536 Increment 8 | FIPS 202 |
| SHAKE-256 | A5141 | Supports Bit-Oriented Messages - No Supports Empty Message - Yes Supports Bit-Oriented Output - No Output Length - Output Length: 16-65536 Increment 8 | FIPS 202 |
| SHAKE-256 | A5142 | Supports Bit-Oriented Messages - No Supports Empty Message - Yes Supports Bit-Oriented Output - No Output Length - Output Length: 16-65536 Increment 8 | FIPS 202 |
Libgcrypt cryptography module for AlmaLinux 9
Modes List and Description: Table 5: Modes List and Description NonApproved Mode Change Instructions and Status: When the module starts up successfully, after passing all the pre-operational self-test and the cryptographic algorithms self-tests (CASTs), the module is operating in the approved mode of operation by default and can only be transitioned into the non-approved mode by calling one of the non-approved services listed in the NonApproved Services table. The module will transition back to approved mode when approved service is called. Section 4 provides details on the service indicator implemented by the module. The service indicator identifies The module does not implement a degraded mode of operation.
Approved Algorithms: © 2026 Cloudlinux Inc., TuxCare division, atsec information security.
Libgcrypt cryptography module for AlmaLinux 9 © 2026 Cloudlinux Inc., TuxCare division, atsec information security.
Libgcrypt cryptography module for AlmaLinux 9 © 2026 Cloudlinux Inc., TuxCare division, atsec information security.
Libgcrypt cryptography module for AlmaLinux 9 2.0 2.0 2.0 © 2026 Cloudlinux Inc., TuxCare division, atsec information security.
Libgcrypt cryptography module for AlmaLinux 9 2.0 © 2026 Cloudlinux Inc., TuxCare division, atsec information security.
Libgcrypt cryptography module for AlmaLinux 9 © 2026 Cloudlinux Inc., TuxCare division, atsec information security.
Libgcrypt cryptography module for AlmaLinux 9 © 2026 Cloudlinux Inc., TuxCare division, atsec information security.
Libgcrypt cryptography module for AlmaLinux 9 © 2026 Cloudlinux Inc., TuxCare division, atsec information security.
Libgcrypt cryptography module for AlmaLinux 9 © 2026 Cloudlinux Inc., TuxCare division, atsec information security.
Libgcrypt cryptography module for AlmaLinux 9 HMAC-SHA2224 HMAC-SHA2224 HMAC-SHA2224 HMAC-SHA2224 HMAC-SHA2224 HMAC-SHA2256 HMAC-SHA2256 © 2026 Cloudlinux Inc., TuxCare division, atsec information security.
Libgcrypt cryptography module for AlmaLinux 9 HMAC-SHA2256 HMAC-SHA2256 HMAC-SHA2256 HMAC-SHA2384 HMAC-SHA2384 HMAC-SHA2384 HMAC-SHA2384 HMAC-SHA2384 HMAC-SHA2512 HMAC-SHA2512 HMAC-SHA2512 HMAC-SHA2512 HMAC-SHA2512 © 2026 Cloudlinux Inc., TuxCare division, atsec information security.
Libgcrypt cryptography module for AlmaLinux 9 HMAC-SHA3224 HMAC-SHA3224 HMAC-SHA3224 HMAC-SHA3256 HMAC-SHA3256 HMAC-SHA3256 HMAC-SHA3384 HMAC-SHA3384 HMAC-SHA3384 HMAC-SHA3512 HMAC-SHA3512 HMAC-SHA3512 © 2026 Cloudlinux Inc., TuxCare division, atsec information security.
Libgcrypt cryptography module for AlmaLinux 9 © 2026 Cloudlinux Inc., TuxCare division, atsec information security.
Libgcrypt cryptography module for AlmaLinux 9 © 2026 Cloudlinux Inc., TuxCare division, atsec information security.
Libgcrypt cryptography module for AlmaLinux 9 © 2026 Cloudlinux Inc., TuxCare division, atsec information security.
Libgcrypt cryptography module for AlmaLinux 9 © 2026 Cloudlinux Inc., TuxCare division, atsec information security.
Libgcrypt cryptography module for AlmaLinux 9 © 2026 Cloudlinux Inc., TuxCare division, atsec information security.
Libgcrypt cryptography module for AlmaLinux 9 © 2026 Cloudlinux Inc., TuxCare division, atsec information security.
Libgcrypt cryptography module for AlmaLinux 9 © 2026 Cloudlinux Inc., TuxCare division, atsec information security.
Libgcrypt cryptography module for AlmaLinux 9 © 2026 Cloudlinux Inc., TuxCare division, atsec information security.
| Name | Description | Approved Functions | Type | Properties | ||
|---|---|---|---|---|---|---|
| Cryptographic Key Generation (CKG) | Key type:Asymmetric | N/A | SP 800-133r2, section 4, example 1 | |||
| MD5 | Message Digest | |||||
| ECDH | Shared Secret Computation | |||||
| AES-GCM, AES-GCM-SIV, AES-OCB, AES-EAX | Symmetric encryption; Symmetric decryption | |||||
| RSA | Signature generation/verification primitives; Encryption/decryption primitives | |||||
| RSA using public key flags not listed in section 4.6 | Key generation; Signature generation/verification | |||||
| ECDSA | Signature generation/verification primitives | |||||
| ECDSA using public key flags not listed in section 4.6 | Key generation; Signature generation/verification | |||||
| Symmetric encryption and decryption | Encryption, decryption using AES | AES-ECB: (A5138, A5139, A5141, A5142) AES-CBC: (A5138, A5139, A5141, | BC-UnAuth | Keys:128, 192, 256 bits with 128-256 of key strength |
| Name | Description | Approved Functions | Type | Properties | ||
|---|---|---|---|---|---|---|
| Cryptographic Key Generation (CKG) | Key type:Asymmetric | N/A | SP 800-133r2, section 4, example 1 | |||
| MD5 | Message Digest | |||||
| ECDH | Shared Secret Computation | |||||
| AES-GCM, AES-GCM-SIV, AES-OCB, AES-EAX | Symmetric encryption; Symmetric decryption | |||||
| RSA | Signature generation/verification primitives; Encryption/decryption primitives | |||||
| RSA using public key flags not listed in section 4.6 | Key generation; Signature generation/verification | |||||
| ECDSA | Signature generation/verification primitives | |||||
| ECDSA using public key flags not listed in section 4.6 | Key generation; Signature generation/verification | |||||
| Symmetric encryption and decryption | Encryption, decryption using AES | AES-ECB: (A5138, A5139, A5141, A5142) AES-CBC: (A5138, A5139, A5141, | BC-UnAuth | Keys:128, 192, 256 bits with 128-256 of key strength |
| Name | Description | Approved Functions | Type | Properties | ||
|---|---|---|---|---|---|---|
| Cryptographic Key Generation (CKG) | Key type:Asymmetric | N/A | SP 800-133r2, section 4, example 1 | |||
| MD5 | Message Digest | |||||
| ECDH | Shared Secret Computation | |||||
| AES-GCM, AES-GCM-SIV, AES-OCB, AES-EAX | Symmetric encryption; Symmetric decryption | |||||
| RSA | Signature generation/verification primitives; Encryption/decryption primitives | |||||
| RSA using public key flags not listed in section 4.6 | Key generation; Signature generation/verification | |||||
| ECDSA | Signature generation/verification primitives | |||||
| ECDSA using public key flags not listed in section 4.6 | Key generation; Signature generation/verification | |||||
| Symmetric encryption and decryption | Encryption, decryption using AES | AES-ECB: (A5138, A5139, A5141, A5142) AES-CBC: (A5138, A5139, A5141, | BC-UnAuth | Keys:128, 192, 256 bits with 128-256 of key strength | ||
| MAC generation and verification | Message authentication generation using AES CMAC | AES-CMAC: (A5138, A5139, A5141, A5142) | MAC | Keys:128, 192, 256 bits with 128, 192, 256 bits of strength | ||
| Authenticated symmetric encryption and decryption with AES CCM | Encryption, decryption using AES CCM | AES-CCM: (A5138, A5139, A5141, A5142) | BC-Auth | Keys:128, 192, 256 bits with 128, 192, 256 bits of strength | ||
| Symmetric encryption and decryption with AES XTS (for data storage) | Encryption, decryption using AES XTS (for data storage) | AES-XTS Testing Revision 2.0: (A5138, A5139, A5141, A5142) | BC-UnAuth | Keys:128, 256 bits with 128, 256 bits of strength | ||
| Random number generation | Random number generation using CTR_DRBG, Hash_DRBG, HMAC_DRBG | Counter DRBG: (A5138, A5139, A5141, A5142) Hash DRBG: (A5138, A5139, A5140, A5141, A5142) HMAC DRBG: (A5138, A5139, A5140, A5141, A5142) | DRBG | CTR_DRBG:AES-128, AES-192, AES-256 with DF, with/without PR Hash_DRBG:SHA-1, SHA-256, SHA-512 with/without PR HMAC_DRBG:SHA-1, SHA-256, SHA-512 with/without PR | ||
| Key pair generation with ECDSA | Key pair generation using ECDSA | ECDSA KeyGen (FIPS186-5): (A5138, A5139, A5140, A5141, A5142) Cryptographic Key | CKG | Curves:P-224, P-256, P-384, P-521 with 112, 128, 192, 256 bits of strength Method:B.4.2 Testing Candidates | ||
| Public key verification with ECDSA | Public key verification using ECDSA | ECDSA KeyVer (FIPS186-5): (A5138, A5139, A5140, A5141, A5142) | AsymKeyPair- KeyVer | Curves:P-224, P-256, P-384, P-521 with 112, 128, 192, 256 bits of strength | ||
| Digital signature generation with ECDSA | Digital signature generation using ECDSA | ECDSA SigGen (FIPS186-5): (A5138, A5139, A5140, A5141, A5142) | DigSig-SigGen | Curves:P-224, P-256, P-384, P-521 with 112, 128, 192, 256 bits of strength Hash:SHA2-224, SHA2- 256, SHA2- 384, SHA2-512, SHA2- 512/224, SHA2- 512/256, SHA3-224, SHA3-256, SHA3- 384, SHA3-512 | ||
| Digital signature verification with ECDSA | Digital signature verification using ECDSA | ECDSA SigVer (FIPS186-5): (A5138, A5139, A5140, A5141, A5142) | DigSig-SigVer | Curves:P-224, P-256, P-384, P-521 with 112, 128, 192, 256 bits of strength Hash:SHA2-224, SHA2- 256, SHA2- 384, SHA2-512, SHA2- 512/224, SHA2- 512/256, SHA3-224, SHA3-256, SHA3- 384, SHA3-512 | ||
| Message authentication code with HMAC | Message authentication code using HMAC | HMAC-SHA-1: (A5137, A5138, A5139, A5140, A5141, A5142) HMAC-SHA2- 224: (A5138, A5139, A5140, A5141, A5142) HMAC-SHA2- 256: (A5138, A5139, A5140, A5141, A5142) HMAC-SHA2- | MAC | Keys:112, 192, 256 bits with 112-256 bits of strength Hash:SHA-1, SHA- 224, SHA-256, SHA- 384, SHA-512, SHA- 512/224, SHA- 512/256, SHA3-224, SHA3- 256, SHA3- 384, SHA3-512 | ||
| Key derivation with PBKDF | Key derivation using PBKDF | PBKDF: (A5138, A5139, A5140, A5141, A5142) | PBKDF | Derived key::112 to 256 bits HMAC:SHA-1, SHA- 224, SHA-256, SHA- 384, SHA-512, SHA2- 512/224, SHA2- 512/256, SHA3-224, SHA3-256, SHA3- 384, SHA3-512 | ||
| Key wrapping with AES | Key wrapping with AES | AES-KW: (A5138, A5139, A5141, A5142) AES-CCM: (A5138, A5139, A5141, A5142) | KTS-Wrap | Keys:128, 192, 256 bits with 128-256 bits of strength Compliance:Compliant with IG D.G AES Mode:KW, CCM | ||
| Key unwrapping with AES | Key unwrapping with AES | AES-KW: (A5138, A5139, A5141, | KTS-Wrap | Keys:128, 192, 256 bits with 128-256 bits of |
Libgcrypt cryptography module for AlmaLinux 9 Table 6: Approved Algorithms The above table lists all approved cryptographic algorithms of the module, including specific key lengths employed for approved services, and implemented modes or methods of operation of the algorithms. Vendor-Affirmed Algorithms: Table 7: Vendor-Affirmed Algorithms N/A Non-Approved, Allowed Algorithms: N/A for this module. The module does not implement non-approved algorithms that are allowed in the approved mode of operation. Non-Approved, Allowed Algorithms with No Security Claimed: N/A for this module. The module does not implement non-approved algorithms that are allowed in the approved mode of operation with no security claimed. Non-Approved, Not Allowed Algorithms: Table 8: Non-Approved, Not Allowed Algorithms The table above lists all non-approved cryptographic algorithms of the module employed by the non-approved services.
© 2026 Cloudlinux Inc., TuxCare division, atsec information security.
Libgcrypt cryptography module for AlmaLinux 9 © 2026 Cloudlinux Inc., TuxCare division, atsec information security.
Libgcrypt cryptography module for AlmaLinux 9 AsymKeyPairKeyVer () © 2026 Cloudlinux Inc., TuxCare division, atsec information security.
Libgcrypt cryptography module for AlmaLinux 9 © 2026 Cloudlinux Inc., TuxCare division, atsec information security.
| Name | Description | Role Access | Approved Functions | Type |
|---|---|---|---|---|
| Key pair generation with RSA | Key pair generation using RSA | Keys:2048, 3072, 4096 with 112, 128, 149 bits of strength Method:B.3.3 Random Probable Primes | RSA KeyGen (FIPS186-5): (A5138, A5139, A5140, A5141, A5142) Cryptographic Key Generation (CKG): () Key type: Asymmetric | CKG |
| Digital signature generation with RSA | Digital signature generation using RSA | Padding:PKCS#1v1.5, PSS Hash:SHA-224, SHA- 256, SHA-384, SHA- 512, SHA2-512/224, SHA2-512/256, SHA3- 224, SHA3-256, SHA3-384, SHA3-512 Keys:2048, 3072, 4096 with 112, 128, 149 bits of strength | RSA SigGen (FIPS186-5): (A5138, A5139, A5140, A5141, A5142) | DigSig-SigGen |
| Digital signature verification with RSA | Digital signature verification using RSA | Padding:PKCS#1v1.5, PSS Hash:SHA-224, SHA- 256, SHA-384, SHA- 512, SHA2-512/224, SHA2-512/256, SHA3- 224, SHA3-256, SHA3-384, SHA3-512 Keys:2048, 3072, 4096 with 112, 128, 149 bits of strength | RSA SigVer (FIPS186-5): (A5138, A5139, A5140, A5141, A5142) | DigSig-SigVer |
| FIPS 186-4 Digital signature verification with RSA | FIPS 186-4 Digital signature verification using RSA | Padding:PKCS#1v1.5, PSS Hash:SHA-224, SHA- 256, SHA-384, SHA- 512, SHA2-512/224, SHA2-512/256 Keys:1024 with 80 bits of strength | RSA SigVer (FIPS186-4): (A5138, A5139, A5140, A5141, A5142) | DigSig-SigVer |
| FIPS 186-2 Digital signature verification with RSA | FIPS 186-2 Digital signature verification using RSA | Padding:PKCS#1v1.5, PSS Hash:SHA-224, SHA- 256, SHA-384, SHA- 512 Keys:1536 with 92 bits of strength Compliance:FIPS 186- 2 | RSA SigVer (FIPS186-2): (A5138, A5139, A5140, A5141, A5142) | DigSig-SigVer |
| Message digest with SHA-3 | Message digest with SHA-3 | SHA3-224: (A5140, A5141, A5142) SHA3-256: (A5140, A5141, A5142) SHA3-384: (A5140, A5141, A5142) SHA3-512: (A5140, A5141, A5142) SHAKE-128: (A5140, A5141, A5142) SHAKE-256: (A5140, A5141, A5142) | SHA | |
| Message digest with SHA-1 | Message digest using SHA-1 | SHA-1: (A5137, A5138, A5139, A5140, A5141, A5142) | SHA | |
| Message digest with SHA-2 | Message digest using SHA-2 | SHA2-224: (A5138, A5139, A5140, A5141, A5142) SHA2-256: (A5138, A5139, A5140, A5141, A5142) SHA2-384: (A5138, A5139, A5140, A5141, | SHA |
Libgcrypt cryptography module for AlmaLinux 9 () © 2026 Cloudlinux Inc., TuxCare division, atsec information security.
Libgcrypt cryptography module for AlmaLinux 9 © 2026 Cloudlinux Inc., TuxCare division, atsec information security.
Libgcrypt cryptography module for AlmaLinux 9 Table 9: Security Function Implementations
AES XTS The AES algorithm in XTS mode can be only used for the cryptographic protection of data on storage devices, as specified in [SP800-38E]. The length of a single data unit encrypted with the XTS-AES shall not exceed 2²⁰ AES blocks, that is 16MB of data. To meet the requirement stated in IG C.I, the module implements a check that ensures, before performing any cryptographic operation, that the two AES keys used in AES XTS mode are not identical. The AES-XTS mode shall only be used for the cryptographic protection of data on storage devices. The AESXTS shall not be used for other purposes, such as the encryption of data in transit. Key derivation using SP800-132 PBKDF The module provides password-based key derivation (PBKDF), compliant with SP800-132. The module supports option 1a from Section 5.4 of [SP800-132], in which the Master Key (MK) or a segment of it is used directly as the Data Protection Key (DPK). In accordance with [SP800-132] and FIPS 140-3 IG D.N, the following requirements shall be met.
| Name | Type | Strength | Operational Environment | Conditioning Component | |
|---|---|---|---|---|---|
| Userspace CPU Time Jitter RNG Entropy Source version 3.4.0 | Non- Physical | 256 bits | AlmaLinux 9.2 on Amazon Web Services (AWS) m5.metal on Intel Xeon Platinum 8259CL; AlmaLinux OS 9.6 on GIGABYTE E163- S30-AAG1 on Intel® Xeon® Gold 5512U | Full entropy | AlmaLinux 9.2: SHA3- 256 (A4026), HMAC- SHA2-512-DRBG (A4025); AlmaLinux OS 9.6: SHA3-256 (A7065), HMAC DRBG (A7090) |
| Cert | Vendor Name | |
|---|---|---|
| Number | ||
| E127 | Cloudlinux Inc., TuxCare division |
Libgcrypt cryptography module for AlmaLinux 9 10-8. Combined with the minimum iteration count as described below, this provides an acceptable trade-off between user experience and security against brute-force attacks. The calling application shall also observe the rest of the requirements and recommendations specified in [SP800-132]. SHA-1 Use SHA-1 is only approved when used in approved modes for message digest, HMAC, KDF (PBKDF), and DRBG. The use of SHA-1 for digital signature generation (e.g., ECDSA, RSA) or verification is non-approved.
Table 10: Entropy Certificates 3.4.0 NonPhysical Table 11: Entropy Sources The Module provides an SP800-90A-compliant Deterministic Random Bit Generator (DRBG) for creation of key components of asymmetric keys, and random number generation. The seeding (and automatic reseeding) of the DRBG is done with getrandom(). The DRBG supports the Hash_DRBG, HMAC_DRBG and CTR_DRBG mechanisms. The DRBG is initialized during module initialization; the module loads by default the DRBG using the HMAC_DRBG mechanism with SHA-256 and without prediction resistance. A different DRBG mechanism can be chosen by invoking the gcry_control(GCRYCTL_DRBG_REINIT) function. The module uses an [SP800-90B]-compliant entropy source specified in the above table. This entropy source is located within the module’s physical perimeter but outside of the module’s cryptographic boundary. The module obtains 384 bits to seed the DRBG, and 256 bits to reseed it. The module performs the DRBG health tests as defined in Section 11.3 of [SP800-90A].
The module provides the following key generation methods:
Libgcrypt cryptography module for AlmaLinux 9
The module provides the following key establishment methods:
The module does not implement industry protocols, therefore this section is not applicable. © 2026 Cloudlinux Inc., TuxCare division, atsec information security.
| Name | Physical Port | Logical Interface | Data That Passes |
|---|---|---|---|
| N/A | N/A | Data Input | API input parameters for data. |
| N/A | N/A | Data Output | API output parameters for data. |
| N/A | N/A | Control Input | API function calls, API input parameters for control input, /proc/sys/crypto/fips_enabled control file. |
| N/A | N/A | Status Output | API return codes, API output parameters for status output. |
Libgcrypt cryptography module for AlmaLinux 9
N/A N/A N/A Table 12: Ports and Interfaces N/A As a software-only module, the module does not have physical ports. The operator can only interact with the module through the API provided by the module. Thus, the physical ports are interpreted to be the physical ports of the hardware platform on which the module runs. All data output via data output interface is inhibited when the module is performing pre-operational test or zeroization or when the module enters error state. The module does not implement a control output interface. © 2026 Cloudlinux Inc., TuxCare division, atsec information security.
| Name | Description | Role Access | Csps Accessed | Approved Functions | Indicator | Type | Input | Output | |
|---|---|---|---|---|---|---|---|---|---|
| Crypto Officer | CO | Role | None | ||||||
| Symmetric encryption and decryption | Perform AES encryption and decryption | Cryp to Offic er - AES keys: W,E | Symm etric encryp tion and decryp tion Authe nticate d symme tric encryp tion and decryp tion with AES CCM Symm etric encryp tion and | gcry_control(GCRYCTL_FIPS_S ERVICE_INDICATOR_CIPHER, ...) returns GPG_ERR_NO_ERROR | AES key, IV, plaintext/ ciphertex t | Ciphertex t/plaintex t |
| Name | Description | Role Access | Csps Accessed | Approved Functions | Indicator | Type | Input | Output | |
|---|---|---|---|---|---|---|---|---|---|
| Crypto Officer | CO | Role | None | ||||||
| Symmetric encryption and decryption | Perform AES encryption and decryption | Cryp to Offic er - AES keys: W,E | Symm etric encryp tion and decryp tion Authe nticate d symme tric encryp tion and decryp tion with AES CCM Symm etric encryp tion and | gcry_control(GCRYCTL_FIPS_S ERVICE_INDICATOR_CIPHER, ...) returns GPG_ERR_NO_ERROR | AES key, IV, plaintext/ ciphertex t | Ciphertex t/plaintex t |
Libgcrypt cryptography module for AlmaLinux 9
The module does not support authentication.
Table 13: Roles The module supports the Crypto Officer role only. This sole role is implicitly and always assumed by the operator of the module.
t y t d W,E © 2026 Cloudlinux Inc., TuxCare division, atsec information security.
| Name | Description | Storage | Input | Output | Access | Indicator |
|---|---|---|---|---|---|---|
| Key Pair Generation with RSA | Generate a key pair | Key pair genera tion with RSA | Modulus bits | RSA public key, RSA private key | Cryp to Offic er - RSA Priva te Key: G,E - RSA Publi c Key: G,E | gcry_control(GCRYCTL_FIPS_S ERVICE_INDICATOR_PK_FLA GS, ...) returns GPG_ERR_NO_ERROR |
| Key Pair Generation with ECDSA | Generate a key pair | Key pair genera tion with ECDS A | Curve | ECDSA public key, ECDSA private key | Cryp to Offic er - ECD SA Priva te Key: G,E - ECD SA Publi c | gcry_control(GCRYCTL_FIPS_S ERVICE_INDICATOR_PK_FLA GS, ...) returns GPG_ERR_NO_ERROR |
Libgcrypt cryptography module for AlmaLinux 9 y ) G,E c G,E A G,E c © 2026 Cloudlinux Inc., TuxCare division, atsec information security.
| Name | Description | Csps Accessed | Approved Functions | Indicator | Input | Output | Securit y Functi ons |
|---|---|---|---|---|---|---|---|
| Digital signature generation with RSA | Generate a signature | Cryp to Offic er - RSA Priva te Key: W,E | Digital signatu re genera tion with RSA | gcry_control(GCRYCTL_FIPS_S ERVICE_INDICATOR_PK_FLA GS, ...) or gcry_control(GCRYCTL_FIPS_S ERVICE_INDICATOR_MD, ...) return GPG_ERR_NO_ERROR | RSA private key, message | Signature | |
| Digital signature generation with ECDSA | Generate a signature | Cryp to Offic er - ECD SA Priva te Key: W,E | Digital signatu re genera tion with ECDS A | gcry_control(GCRYCTL_FIPS_S ERVICE_INDICATOR_PK_FLA GS, ...) or gcry_control(GCRYCTL_FIPS_S ERVICE_INDICATOR_MD, ...) return GPG_ERR_NO_ERROR | ECDSA private key, message | Signature | |
| Digital signature verification with RSA | Verify a signature | Cryp to Offic er - RSA Publi c Key: W,E | Digital signatu re verific ation with RSA FIPS 186-4 Digital signatu re verific ation with RSA FIPS 186-2 | gcry_control(GCRYCTL_FIPS_S ERVICE_INDICATOR_PK_FLA GS, ...) or gcry_control(GCRYCTL_FIPS_S ERVICE_INDICATOR_MD, ...) return GPG_ERR_NO_ERROR | RSA public key, message, signature | Pass/fail | |
| Digital signature verification with ECDSA | Verify a signature | Cryp to Offic er - ECD SA Publi c Key: W,E | Digital signatu re verific ation with ECDS A | gcry_control(GCRYCTL_FIPS_S ERVICE_INDICATOR_PK_FLA GS, ...) or gcry_control(GCRYCTL_FIPS_S ERVICE_INDICATOR_MD, ...) return GPG_ERR_NO_ERROR | ECDSA public key, message, signature | Pass/fail | |
| Public key verification | Verify ECDSA public key | Cryp to Offic er - ECD SA Publi c Key: W,E | Public key verific ation with ECDS A | gcry_mpi_ec_curve_point() returns GPG_ERR_NO_ERROR | ECDSA public key | Pass/fail | |
| Random Number Generation with CTR_DRBG/ HMAC_DRB G | Generate random bitstrings from CTR_DRBG/ HMAC_DRB G | Cryp to Offic er - Entr opy Inpu t: W,E - DRB | Rando m numbe r genera tion | gcry_randomize(), gcry_random_bytes(), gcry_random_bytes_secure() return GPG_ERR_NO_ERROR | Output length | Random bytes | |
| Random Number Generation with Hash_DRBG | Generate random bitstrings from Hash_DRBG | Cryp to Offic er - Entr opy Inpu t: W,E - DRB G seed: G,E - DRB G inter nal state (V value , C value ): | Rando m numbe r genera tion | gcry_randomize(), gcry_random_bytes(), gcry_random_bytes_secure() return GPG_ERR_NO_ERROR | Output length | Random bytes | |
| Message digest | Compute SHA hashes | Cryp to Offic er | Messag e digest with SHA-3 Messag e digest with SHA-1 Messag e digest with SHA-2 | gcry_control(GCRYCTL_FIPS_S ERVICE_INDICATOR_MD, ...) returns GPG_ERR_NO_ERROR | Message | Digest value | |
| Message authenticatio n code (MAC) with HMAC | Compute HMAC | Cryp to Offic er - HM AC keys: W,E | Messag e authen ticatio n code with HMA C | gcry_control(GCRYCTL_FIPS_S ERVICE_INDICATOR_MAC, .. .) returns GPG_ERR_NO_ERROR | HMAC key | MAC tag | |
| Message authenticatio n code (MAC) with CMAC | Compute AES-based CMAC | Cryp to Offic er - AES keys: W,E | MAC genera tion and verific ation | gcry_control(GCRYCTL_FIPS_S ERVICE_INDICATOR_MAC, .. .) returns GPG_ERR_NO_ERROR | AES key | MAC tag | |
| Key wrapping and unwrapping | Perform AES-based key wrapping/un wrapping | Cryp to Offic er - AES | Key wrappi ng with AES Key unwra | gcry_control(GCRYCTL_FIPS_S ERVICE_INDICATOR_CIPHER, ...) returns GPG_ERR_NO_ERROR | AES key, any CSP/wra pped CSP | Wrapped CSP/Unw rapped CSP | |
| pping with AES | keys: W,E | pping with AES | |||||
| Key derivation | Perform key derivation | Cryp to Offic er - Pass word or passp hrase : W,E - Deri ved key: G | Key derivat ion with PBKD F | gcry_control(GCRYCTL_FIPS_ SERVICE_INDICATOR_KDF, ... ) returns GPG_ERR_NO_ERROR | Password , salt, iteration count | Derived key | |
| On-demand Integrity test | Perform on- demand integrity test | Cryp to Offic er | Messag e authen ticatio n code with HMA C | N/A | N/A | Pass/fail | |
| Show status | Show module status | Cryp to Offic er | None | N/A | N/A | Module status | |
| Self-tests | Perform self- tests | Cryp to Offic er | None | N/A | N/A | Pass/fail | |
| Show module name and version | Show module name and version | Cryp to Offic er | None | N/A | N/A | Module name and version informati on | |
| Symmetric encryption/decryption | AES encryption/decryption using non- approved AES modes | AES-GCM, AES-GCM- SIV, AES-OCB, AES- EAX | CO | ||||
| Message digest | Non-approved message digest | MD5 | CO | ||||
| Shared Secret Computation | ECDH Shared Secret Computation | ECDH | CO | ||||
| Key generation with RSA | Generate RSA key pairs using public key flags not listed in section 4.6. | RSA using public key flags not listed in section 4.6 | CO | ||||
| Key generation with ECDSA | Generate ECDSA key pairs using public key flags not listed in section 4.6. | ECDSA using public key flags not listed in section 4.6 | CO | ||||
| Digital signature generation/verification with RSA | Generate/verify a signature using RSA Signature generation/verification primitives | RSA | CO | ||||
| Digital signature generation/verification with ECDSA | Generate/verify a signature using ECDSA Signature generation/verification primitives | ECDSA | CO | ||||
| Asymmetric encryption/decryption | Perform encryption/decryption using RSA encryption/decryption primitives | RSA | CO |
Libgcrypt cryptography module for AlmaLinux 9 y G,E W,E A W,E c W,E © 2026 Cloudlinux Inc., TuxCare division, atsec information security.
Libgcrypt cryptography module for AlmaLinux 9 G G y A c W,E A c W,E m r t: W,E © 2026 Cloudlinux Inc., TuxCare division, atsec information security.
Libgcrypt cryptography module for AlmaLinux 9 y G G,E G (V , G,W, E m r t: W,E G G,E G (V ,C ): © 2026 Cloudlinux Inc., TuxCare division, atsec information security.
Libgcrypt cryptography module for AlmaLinux 9 y G,W, E e e e e C W,E W,E © 2026 Cloudlinux Inc., TuxCare division, atsec information security.
Libgcrypt cryptography module for AlmaLinux 9 Perform ondemand Perform selftests N/A N/A N/A N/A y W,E F : W,E G N/A e C N/A N/A N/A © 2026 Cloudlinux Inc., TuxCare division, atsec information security.
Libgcrypt cryptography module for AlmaLinux 9 N/A N/A y Table 14: Approved Services The table above lists the approved services. For each service, the table lists the associated cryptographic algorithm(s), the role to perform the service, the cryptographic keys or CSPs involved, and their access type(s). The following convention is used to specify access rights to a CSP: • G = Generate: The module generates or derives the SSP. • R = Read: The SSP is read from the module (e.g., the SSP is output). • W = Write: The SSP is updated, imported, or written to the module. • E = Execute: The module uses the SSP in performing a cryptographic operation. • Z = Zeroise: The module zeroises the SSP. • N/A: the calling application does not access any CSP or key during its operation. The details of the approved cryptographic algorithms including the CAVP certificate numbers can be found in the Approved Algorithm table. In order to check whether it utilizes an approved security function or not, the operator is responsible to invoke the gcry_control() API along with dedicated controls in the form of API input parameters. The module implements the following controls depending on the requested service:
1 The list of public key flags allowed in approved mode of operation is described in Section 4.6 Additional Information.
© 2026 Cloudlinux Inc., TuxCare division, atsec information security.
Libgcrypt cryptography module for AlmaLinux 9 For all approved services, GPG_ERR_NO_ERROR (i.e., “0”) return code indicates the service is approved. In case the above-mentioned controls are used in conjunction, the operator is responsible to check that all of the called functions return GPG_ERR_NO_ERROR (i.e., “0”). For all non-approved services, "non-zero" return code indicates the service is not approved. Table 15: Non-Approved Services The table above lists the non-approved services. For the services listed below, the module implements an additional service indicator in the form of a control named GCRYCTL_FIPS_SERVICE_INDICATOR_FUNCTION. The operator is responsible to invoke the gcry_control() API along with the following input parameters: GCRYCTL_FIPS_SERVICE_INDICATOR_FUNCTION control; the name of the API 2 representing the service.
The module does not have the capability of loading software or firmware from an external source.
Below are listed the approved public key flags for an input s-expression:
2 The list of APIs supported by the module can be found in the documentation included in the optional libgcrypt-devel package.
© 2026 Cloudlinux Inc., TuxCare division, atsec information security.
| curve | d | data | e | ecdsa | flags | sig-val |
|---|---|---|---|---|---|---|
| genkey | hash | n | nbits | pkcs1 | private-key | value |
| pss | public-key | q | r | raw | rsa | salt-length |
| rsa-use-e | s |
Libgcrypt cryptography module for AlmaLinux 9 d e n q r s © 2026 Cloudlinux Inc., TuxCare division, atsec information security.
Libgcrypt cryptography module for AlmaLinux 9
The integrity of the module is verified comparing the HMAC-SHA-256 value calculated at run time with the HMAC-SHA-256 value embedded in the module’s ELF header that was computed at build time for each software component of the module. If the HMAC values do not match, the test fails and the module enters the error state.
Integrity tests are performed as part of the Pre-Operational Self-Tests. The module provides the Self-Test service to perform self-tests on demand which includes the pre-operational tests (i.e., integrity test) and cryptographic algorithm self-tests (CASTs). This service can be invoked relying on the gcry_control(GCRYCTL_SELFTEST) API function call or by powering-off and reloading the module. During the execution of the on-demand self-tests, services are not available, and no data output or input is possible. In order to verify whether the self-tests have succeeded and the module is in the Operational state, the calling application may invoke the gcry_control(GCRYCTL_OPERATIONAL_P). The function will return TRUE if the module is in the operational state, FALSE if the module is in the Error state. © 2026 Cloudlinux Inc., TuxCare division, atsec information security.
Libgcrypt cryptography module for AlmaLinux 9
Type of Operational Environment: Modifiable How Requirements are Satisfied: The module should be compiled and installed as stated in section 11. The user should confirm that the module is installed correctly by running: 1. 2. fips-mode-setup --check command to verify that the system is operating in Approved mode check the output of the gcry_get_config() API, which should output Libgcrypt cryptography module for AlmaLinux 9 1.10.0-9a1db72d64086a2f The module does not support concurrent operators.
Instrumentation tools like the ptrace system call, gdb and strace, userspace live patching, as well as other tracing mechanisms offered by the Linux environment such as ftrace or systemtap, shall not be used in the operational environment. The use of any of these tools implies that the cryptographic module is running in a non-validated operational environment.
The module shall be installed as stated in Section 11. If properly installed, the operating system provides process isolation and memory protection mechanisms that ensure appropriate separation for memory access among the processes on the system. Each process has control over its own data and uncontrolled access to the data of other processes is prevented. © 2026 Cloudlinux Inc., TuxCare division, atsec information security.
Libgcrypt cryptography module for AlmaLinux 9
The module is comprised of software only and therefore this section is not applicable. © 2026 Cloudlinux Inc., TuxCare division, atsec information security.
Libgcrypt cryptography module for AlmaLinux 9
This module does not implement any non-invasive security mechanism, and therefore this Section is not applicable. © 2026 Cloudlinux Inc., TuxCare division, atsec information security.
| Name | Type | Description |
|---|---|---|
| RAM | Dynamic | Temporary storage for SSPs used by the module as part of service execution. The module does not perform persistent storage of SSPs |
| Name | Type | From | To | ||
|---|---|---|---|---|---|
| API input parameters (plaintext) | Plaintext | Calling application within TOEPP | Cryptographic module | Manual | Electronic |
| API output parameters (plaintext) | Plaintext | Cryptographic module | Calling application within TOEPP | Manual | Electronic |
| Zeroization | Description | Rationale | Operator Initiation | |
|---|---|---|---|---|
| Method | ||||
| Wipe and Free memory block allocated | Zeroizes the SSPs contained within the cipher handle. | Memory occupied by SSPs is overwritten with zeroes and then it is released, which renders the SSP values irretrievable. The completion of the zeroization routine indicates that the zeroization procedure succeeded. | By calling the cipher related zeroization API which are the following: gcry_free(), gcry_cipher_close(), gcry_mac_close(), gcry_sexp_release(), gcry_mpi_release(), gcry_ctx_release(), gcry_mpi_point_release(), gcry_ctrl(GCRYCTL_TE RM_SECMEM) |
Libgcrypt cryptography module for AlmaLinux 9
Table 16: Storage Areas appropriate zeroization function calls. Table 17: SSP Input-Output Methods form within the physical perimeter of the operational environment. This is allowed by [FIPS140-3_IG] 9.5.A, according to the “CM Software to/from App via TOEPP Path” entry on the Key Establishment Table. © 2026 Cloudlinux Inc., TuxCare division, atsec information security.
| Name | Type | Description | Strength | Use |
|---|---|---|---|---|
| AES keys | Symmetric key - CSP | AES key used for encryption, decryption, and computing MAC tags | AES-XTS: 128, 256; Other modes: 128, 192, 256 - AES-XTS: 128, 256; Other modes: 128, 192, 256 | Symmetric encryption and decryption MAC generation and verification Authenticated symmetric encryption and decryption with AES CCM Symmetric encryption and decryption with AES XTS (for data storage) |
| HMAC keys | Symmetric key - CSP | HMAC key used for | 112-256 bits - 112-256 bits | Message authentication |
| Zeroization | Description | Rationale | Operator Initiation | |
|---|---|---|---|---|
| Method | ||||
| Automatic | Automatically zeroized by the module when no longer needed | Memory occupied by SSPs is overwritten with zeroes, which renders the SSP values irretrievable. | N/A | |
| Module Reset | De-allocates the volatile memory used to store SSPs | Volatile memory used by the module is overwritten within nanoseconds when power is removed. | By unloading and reloading the module |
Libgcrypt cryptography module for AlmaLinux 9 N/A Table 18: SSP Zeroization Methods The memory occupied by SSPs is allocated by regular memory allocation operating system calls. The application that is acting as the CO is responsible for calling the appropriate zeroization functions provided in the module's API and listed in the above table. Calling gcry_free(), which will zeroize the SSPs and also invoke the corresponding API functions listed in the above table to zeroize SSPs. The zeroization functions overwrite the operating system call. In case of abnormal termination, or swap in/out of a physical memory page of a process, the keys in physical memory are overwritten by the Linux kernel before the physical memory is allocated to another process. The completion of a zeroization routine(s) will indicate that a zeroization procedure succeeded. © 2026 Cloudlinux Inc., TuxCare division, atsec information security.
| Name | Type | Description | Strength | Generation | Storage | Zeroization | Use | Input | Related SSPs | |
|---|---|---|---|---|---|---|---|---|---|---|
| RSA Private Key | Private key - CSP | Private key used for RSA signature generation | 2048, 3072, 4096 bits - 112, 128, 149 bits | Key pair generation with RSA | Digital signature generation with RSA | |||||
| RSA Public Key | Public key - PSP | Public key used for RSA signature verification | FIPS 186-5: 2048, 3072, 4096 bits bits; FIPS 186-4: 1024 bits; FIPS 186-2: 1536 bits - FIPS 186-5: 112, 128, 149 bits; FIPS 186-4: 80 bits; FIPS 186-2: 96 bits | Key pair generation with RSA | Digital signature verification with RSA FIPS 186-4 Digital signature verification with RSA FIPS 186-2 Digital signature verification with RSA | |||||
| ECDSA Private Key | Private key - CSP | Private key used for ECDSA signature generation | P-224, P-256, P- 384, P-521 - 112, 128, 192, 256 bits | Key pair generation with ECDSA | Public key verification with ECDSA Digital signature generation with ECDSA | |||||
| ECDSA Public Key | Public key - PSP | Public key used for ECDSA signature verification | P-224, P-256, P- 384, P-521 - 112, 128, 192, 256 bits | Key pair generation with ECDSA | Digital signature verification with ECDSA | |||||
| Password or passphrase | Password - CSP | Password used to derive symmetric keys | Minimum of 8 character - N/A | Key derivation with PBKDF | ||||||
| Derived key | Symmetric key - CSP | Symmetric key derived from a key derivation key, shared secret, or password | 112-4096 bits - 112-256 bits | Key derivation with PBKDF | ||||||
| Entropy Input | Entropy input - CSP | Entropy input used to seed the DRBG | 128-384 bits - 128-384 bits | Random number generation | ||||||
| DRBG internal state (V value, C value) | Internal state - CSP | Internal state of the Hash_DRBG | 880, 1776 bits - 128, 256 bits | Random number generation | Random number generation | |||||
| DRBG internal state (V value, Key) | Internal state - CSP | Internal state of the CTR_DRBG and HMAC_DRBG | CTR_DRBG: 256, 320, 384 bits; HMAC_DRBG: 320, 512, 1024 bits - CTR_DRBG: 128, 192, 256 bits; HMAC_DRBG: 128, 256 bits | Random number generation | Random number generation | |||||
| DRBG seed | Seed - CSP | DRBG seed derived from entropy input as defined in SP 800-90Ar1 | CTR_DRBG: 256, 320, 384 bits; HMAC_DBRG: 440, 888 bits; Hash_DRBG: 440, 888 bits - CTR_DRBG: 128, 192, 256 bits; HMAC_DRBG: 128, 256 bits; Hash_DRBG: 128, 256 bits | Random number generation | Random number generation | |||||
| AES keys | RAM:Plaintext | Wipe and Free memory block allocated Module Reset | API input parameters (plaintext) | From service invocation to service completion | ||||||
| HMAC keys | RAM:Plaintext | Wipe and Free memory block allocated Module Reset | API input parameters (plaintext) | From service invocation to service completion | ||||||
| RSA Private Key | RAM:Plaintext | Wipe and Free memory block | API input parameters | From service invocation to | RSA Public Key:Paired With |
Libgcrypt cryptography module for AlmaLinux 9 © 2026 Cloudlinux Inc., TuxCare division, atsec information security.
| Name | Type | Description | Strength | Generation | Storage | Zeroization | Use | Input | Related SSPs | |
|---|---|---|---|---|---|---|---|---|---|---|
| Entropy Input | Entropy input - CSP | Entropy input used to seed the DRBG | 128-384 bits - 128-384 bits | Random number generation | ||||||
| DRBG internal state (V value, C value) | Internal state - CSP | Internal state of the Hash_DRBG | 880, 1776 bits - 128, 256 bits | Random number generation | Random number generation | |||||
| DRBG internal state (V value, Key) | Internal state - CSP | Internal state of the CTR_DRBG and HMAC_DRBG | CTR_DRBG: 256, 320, 384 bits; HMAC_DRBG: 320, 512, 1024 bits - CTR_DRBG: 128, 192, 256 bits; HMAC_DRBG: 128, 256 bits | Random number generation | Random number generation | |||||
| DRBG seed | Seed - CSP | DRBG seed derived from entropy input as defined in SP 800-90Ar1 | CTR_DRBG: 256, 320, 384 bits; HMAC_DBRG: 440, 888 bits; Hash_DRBG: 440, 888 bits - CTR_DRBG: 128, 192, 256 bits; HMAC_DRBG: 128, 256 bits; Hash_DRBG: 128, 256 bits | Random number generation | Random number generation | |||||
| AES keys | RAM:Plaintext | Wipe and Free memory block allocated Module Reset | API input parameters (plaintext) | From service invocation to service completion | ||||||
| HMAC keys | RAM:Plaintext | Wipe and Free memory block allocated Module Reset | API input parameters (plaintext) | From service invocation to service completion | ||||||
| RSA Private Key | RAM:Plaintext | Wipe and Free memory block | API input parameters | From service invocation to | RSA Public Key:Paired With |
Libgcrypt cryptography module for AlmaLinux 9 Table 19: SSP Table 1 © 2026 Cloudlinux Inc., TuxCare division, atsec information security.
| Name | Generation | Storage | Zeroization | Output | Service completion |
|---|---|---|---|---|---|
| RSA Public Key | RSA Private Key:Paired With DRBG internal state (V value, C value):Generated from | RAM:Plaintext | Wipe and Free memory block allocated Module Reset | API input parameters (plaintext) API output parameters (plaintext) | From service invocation to service completion |
| ECDSA Private Key | ECDSA Public Key:Paired With DRBG internal state (V value, C value):Generated from | RAM:Plaintext | Wipe and Free memory block allocated Module Reset | API input parameters (plaintext) API output parameters (plaintext) | From service invocation to service completion |
| ECDSA Public Key | ECDSA Private Key:Paired With DRBG internal state (V value, C value):Generated from | RAM:Plaintext | Wipe and Free memory block allocated Module Reset | API input parameters (plaintext) API output parameters (plaintext) | From service invocation to service completion |
| Password or passphrase | Derived key:Derivation of | RAM:Plaintext | Wipe and Free memory block allocated Module Reset | API input parameters (plaintext) | From service invocation to service completion |
| Derived key | Password or passphrase:Derived From | RAM:Plaintext | Wipe and Free memory block allocated Module Reset | API output parameters (plaintext) | From service invocation to service completion |
| Entropy Input | DRBG seed:Derivation of | RAM:Plaintext | Automatic | From service invocation to service completion | |
| DRBG internal state (V value, C value) | DRBG seed:Generated from | RAM:Plaintext | Automatic | From service invocation to service completion | |
| DRBG internal state (V value, Key) | DRBG seed:Generated from | RAM:Plaintext | Automatic | From service invocation to service completion |
Libgcrypt cryptography module for AlmaLinux 9 © 2026 Cloudlinux Inc., TuxCare division, atsec information security.
| Name | Storage | Zeroization | Related SSPs | |
|---|---|---|---|---|
| DRBG seed | RAM:Plaintext | Automatic | From service invocation to service completion | Entropy Input:Derived From DRBG internal state (V value, C value):Generation of DRBG internal state (V value, Key):Generation of |
Libgcrypt cryptography module for AlmaLinux 9 Table 20: SSP Table 2 The tables above summarizes the Sensitive Security Parameters (SSPs) that are used by the cryptographic services implemented in the module.
The SHA-1 algorithm as implemented by the module will be non-approved for all purposes, starting January 1, 2030. © 2026 Cloudlinux Inc., TuxCare division, atsec information security.
| Name | Algorithm Or Test | Test Method | Test Type | Details | Indicator | Test Properties | Conditions | |
|---|---|---|---|---|---|---|---|---|
| HMAC- SHA2-256 (A5138) | HMAC- SHA2-256 (A5138) | Message authentication | SW/FW Integrity | Integrity test for /usr/lib64/libgcrypt.so.20.4.0 | 256-bit key | Module becomes operational and services are available for use | ||
| HMAC- SHA2-256 (A5139) | HMAC- SHA2-256 (A5139) | Message authentication | SW/FW Integrity | Integrity test for /usr/lib64/libgcrypt.so.20.4.0 | 256-bit key | Module becomes operational and services are available for use | ||
| HMAC- SHA2-256 (A5140) | HMAC- SHA2-256 (A5140) | Message authentication | SW/FW Integrity | Integrity test for /usr/lib64/libgcrypt.so.20.4.0 | 256-bit key | Module becomes operational and services are available for use | ||
| HMAC- SHA2-256 (A5141) | HMAC- SHA2-256 (A5141) | Message authentication | SW/FW Integrity | Integrity test for /usr/lib64/libgcrypt.so.20.4.0 | 256-bit key | Module becomes operational and services are available for use | ||
| HMAC- SHA2-256 (A5142) | HMAC- SHA2-256 (A5142) | Message authentication | SW/FW Integrity | Integrity test for /usr/lib64/libgcrypt.so.20.4.0 | 256-bit key | Module becomes operational and services are available for use | ||
| SHA-1 (A5137) | SHA-1 (A5137) | KAT | CAST | Message digest | Module is operational | N/A | Power up | |
| SHA-1 (A5138) | SHA-1 (A5138) | KAT | CAST | Message digest | Module is operational | N/A | Power up |
| Name | Algorithm Or Test | Test Method | Test Type | Period | Periodic Method | Details | Indicator | Test Properties | Conditions | |
|---|---|---|---|---|---|---|---|---|---|---|
| HMAC- SHA2-256 (A5138) | HMAC- SHA2-256 (A5138) | Message authentication | SW/FW Integrity | Integrity test for /usr/lib64/libgcrypt.so.20.4.0 | 256-bit key | Module becomes operational and services are available for use | ||||
| HMAC- SHA2-256 (A5139) | HMAC- SHA2-256 (A5139) | Message authentication | SW/FW Integrity | Integrity test for /usr/lib64/libgcrypt.so.20.4.0 | 256-bit key | Module becomes operational and services are available for use | ||||
| HMAC- SHA2-256 (A5140) | HMAC- SHA2-256 (A5140) | Message authentication | SW/FW Integrity | Integrity test for /usr/lib64/libgcrypt.so.20.4.0 | 256-bit key | Module becomes operational and services are available for use | ||||
| HMAC- SHA2-256 (A5141) | HMAC- SHA2-256 (A5141) | Message authentication | SW/FW Integrity | Integrity test for /usr/lib64/libgcrypt.so.20.4.0 | 256-bit key | Module becomes operational and services are available for use | ||||
| HMAC- SHA2-256 (A5142) | HMAC- SHA2-256 (A5142) | Message authentication | SW/FW Integrity | Integrity test for /usr/lib64/libgcrypt.so.20.4.0 | 256-bit key | Module becomes operational and services are available for use | ||||
| SHA-1 (A5137) | SHA-1 (A5137) | KAT | CAST | Message digest | Module is operational | N/A | Power up | |||
| SHA-1 (A5138) | SHA-1 (A5138) | KAT | CAST | Message digest | Module is operational | N/A | Power up | |||
| SHA-1 (A5139) | SHA-1 (A5139) | KAT | CAST | Message digest | Module is operational | N/A | Power up | |||
| SHA-1 (A5140) | SHA-1 (A5140) | KAT | CAST | Message digest | Module is operational | N/A | Power up | |||
| SHA-1 (A5141) | SHA-1 (A5141) | KAT | CAST | Message digest | Module is operational | N/A | Power up | |||
| SHA-1 (A5142) | SHA-1 (A5142) | KAT | CAST | Message digest | Module is operational | N/A | Power up | |||
| AES-ECB - Encrypt (A5138) | AES-ECB - Encrypt (A5138) | KAT | CAST | Encryption | Module is operational | 128, 192, 256-bit key | Power up | |||
| AES-ECB - Encrypt (A5139) | AES-ECB - Encrypt (A5139) | KAT | CAST | Encryption | Module is operational | 128, 192, 256-bit key | Power up | |||
| AES-ECB - Encrypt (A5141) | AES-ECB - Encrypt (A5141) | KAT | CAST | Encryption | Module is operational | 128, 192, 256-bit key | Power up | |||
| AES-ECB - Encrypt (A5142) | AES-ECB - Encrypt (A5142) | KAT | CAST | Encryption | Module is operational | 128, 192, 256-bit key | Power up | |||
| AES-ECB - Decrypt (A5138) | AES-ECB - Decrypt (A5138) | KAT | CAST | Decryption | Module is operational | 128, 192, 256-bit key | Power up | |||
| AES-ECB - Decrypt (A5139) | AES-ECB - Decrypt (A5139) | KAT | CAST | Decryption | Module is operational | 128, 192, 256-bit key | Power up | |||
| AES-ECB - Decrypt (A5141) | AES-ECB - Decrypt (A5141) | KAT | CAST | Decryption | Module is operational | 128, 192, 256-bit key | Power up | |||
| AES-ECB - Decrypt (A5142) | AES-ECB - Decrypt (A5142) | KAT | CAST | Decryption | Module is operational | 128, 192, 256-bit key | Power up | |||
| AES- CMAC (A5138) | AES- CMAC (A5138) | KAT | CAST | MAC generation | Module is operational | 128-bit key | Power up | |||
| AES- CMAC (A5139) | AES- CMAC (A5139) | KAT | CAST | MAC generation | Module is operational | 128-bit key | Power up | |||
| AES- CMAC (A5141) | AES- CMAC (A5141) | KAT | CAST | MAC generation | Module is operational | 128-bit key | Power up | |||
| AES- CMAC (A5142) | AES- CMAC (A5142) | KAT | CAST | MAC generation | Module is operational | 128-bit key | Power up | |||
| Counter DRBG (A5138) | Counter DRBG (A5138) | KAT | CAST | Instantiate Generate; Reseed Generate | Module is operational | AES with 128-bit key with DF, with and without PR | Power up | |||
| Counter DRBG (A5139) | Counter DRBG (A5139) | KAT | CAST | Instantiate Generate; Reseed Generate | Module is operational | AES with 128-bit key with DF, with and without PR | Power up | |||
| Counter DRBG (A5141) | Counter DRBG (A5141) | KAT | CAST | Instantiate Generate; Reseed Generate | Module is operational | AES with 128-bit key with DF, with and without PR | Power up | |||
| Counter DRBG (A5142) | Counter DRBG (A5142) | KAT | CAST | Instantiate Generate; Reseed Generate | Module is operational | AES with 128-bit key with DF, with and without PR | Power up | |||
| Hash DRBG (A5138) | Hash DRBG (A5138) | KAT | CAST | Instantiate Generate; Reseed Generate | Module is operation | SHA-1 without PR and SHA-256 with and without PR | Power up | |||
| Hash DRBG (A5139) | Hash DRBG (A5139) | KAT | CAST | Instantiate Generate; Reseed Generate | Module is operation | SHA-1 without PR and SHA-256 with and without PR | Power up | |||
| Hash DRBG (A5140) | Hash DRBG (A5140) | KAT | CAST | Instantiate Generate; Reseed Generate | Module is operation | SHA-1 without PR and SHA-256 with and without PR | Power up | |||
| Hash DRBG (A5141) | Hash DRBG (A5141) | KAT | CAST | Instantiate Generate; Reseed Generate | Module is operation | SHA-1 without PR and SHA-256 with and without PR | Power up | |||
| Hash DRBG (A5142) | Hash DRBG (A5142) | KAT | CAST | Instantiate Generate; | Module is operation | SHA-1 without PR and SHA-256 with and without PR | Power up | |||
| HMAC DRBG (A5138) | HMAC DRBG (A5138) | KAT | CAST | Instantiate Generate; Reseed Generate | Module is operational | SHA-256 with and without PR | Power up | |||
| HMAC DRBG (A5139) | HMAC DRBG (A5139) | KAT | CAST | Instantiate Generate; Reseed Generate | Module is operational | SHA-256 with and without PR | Power up | |||
| HMAC DRBG (A5140) | HMAC DRBG (A5140) | KAT | CAST | Instantiate Generate; Reseed Generate | Module is operational | SHA-256 with and without PR | Power up | |||
| HMAC DRBG (A5141) | HMAC DRBG (A5141) | KAT | CAST | Instantiate Generate; Reseed Generate | Module is operational | SHA-256 with and without PR | Power up | |||
| HMAC DRBG (A5142) | HMAC DRBG (A5142) | KAT | CAST | Instantiate Generate; Reseed Generate | Module is operational | SHA-256 with and without PR | Power up | |||
| ECDSA SigGen (FIPS186-5) (A5138) | ECDSA SigGen (FIPS186-5) (A5138) | KAT | CAST | Signature generation and verification | Module is operational | P-256 and SHA-256 | Power up | |||
| ECDSA SigGen (FIPS186-5) (A5139) | ECDSA SigGen (FIPS186-5) (A5139) | KAT | CAST | Signature generation and verification | Module is operational | P-256 and SHA-256 | Power up | |||
| ECDSA SigGen (FIPS186-5) (A5140) | ECDSA SigGen (FIPS186-5) (A5140) | KAT | CAST | Signature generation and verification | Module is operational | P-256 and SHA-256 | Power up | |||
| ECDSA SigGen (FIPS186-5) (A5141) | ECDSA SigGen (FIPS186-5) (A5141) | KAT | CAST | Signature generation and verification | Module is operational | P-256 and SHA-256 | Power up | |||
| ECDSA SigGen | ECDSA SigGen | KAT | CAST | Signature generation and verification | Module is operational | P-256 and SHA-256 | Power up | |||
| ECDSA SigVer (FIPS186-5) (A5138) | ECDSA SigVer (FIPS186-5) (A5138) | KAT | CAST | Signature verification | Module is operational | P-256 and SHA-256 | Power up | |||
| ECDSA SigVer (FIPS186-5) (A5139) | ECDSA SigVer (FIPS186-5) (A5139) | KAT | CAST | Signature verification | Module is operational | P-256 and SHA-256 | Power up | |||
| ECDSA SigVer (FIPS186-5) (A5140) | ECDSA SigVer (FIPS186-5) (A5140) | KAT | CAST | Signature verification | Module is operational | P-256 and SHA-256 | Power up | |||
| ECDSA SigVer (FIPS186-5) (A5141) | ECDSA SigVer (FIPS186-5) (A5141) | KAT | CAST | Signature verification | Module is operational | P-256 and SHA-256 | Power up | |||
| ECDSA SigVer (FIPS186-5) (A5142) | ECDSA SigVer (FIPS186-5) (A5142) | KAT | CAST | Signature verification | Module is operational | P-256 and SHA-256 | Power up | |||
| HMAC- SHA2-224 (A5138) | HMAC- SHA2-224 (A5138) | KAT | CAST | Message authentication | Module is operational | SHA2-224 | Power up | |||
| HMAC- SHA2-224 (A5139) | HMAC- SHA2-224 (A5139) | KAT | CAST | Message authentication | Module is operational | SHA2-224 | Power up | |||
| HMAC- SHA2-224 (A5140) | HMAC- SHA2-224 (A5140) | KAT | CAST | Message authentication | Module is operational | SHA2-224 | Power up | |||
| HMAC- SHA2-224 (A5141) | HMAC- SHA2-224 (A5141) | KAT | CAST | Message authentication | Module is operational | SHA2-224 | Power up | |||
| HMAC- SHA2-224 (A5142) | HMAC- SHA2-224 (A5142) | KAT | CAST | Message authentication | Module is operational | SHA2-224 | Power up | |||
| HMAC- SHA2-256 (A5138) | HMAC- SHA2-256 (A5138) | KAT | CAST | Message authentication | Module is operational | SHA2-256 | Power up | |||
| HMAC- SHA2-256 (A5139) | HMAC- SHA2-256 (A5139) | KAT | CAST | Message authentication | Module is operational | SHA2-256 | Power up | |||
| HMAC- SHA2-256 (A5140) | HMAC- SHA2-256 (A5140) | KAT | CAST | Message authentication | Module is operational | SHA2-256 | Power up | |||
| HMAC- SHA2-256 (A5141) | HMAC- SHA2-256 (A5141) | KAT | CAST | Message authentication | Module is operational | SHA2-256 | Power up | |||
| HMAC- SHA2-256 (A5142) | HMAC- SHA2-256 (A5142) | KAT | CAST | Message authentication | Module is operational | SHA2-256 | Power up | |||
| HMAC- SHA2-384 (A5138) | HMAC- SHA2-384 (A5138) | KAT | CAST | Message authentication | Module is operational | SHA2-384 | Power up | |||
| HMAC- SHA2-384 (A5139) | HMAC- SHA2-384 (A5139) | KAT | CAST | Message authentication | Module is operational | SHA2-384 | Power up | |||
| HMAC- SHA2-384 (A5140) | HMAC- SHA2-384 (A5140) | KAT | CAST | Message authentication | Module is operational | SHA2-384 | Power up | |||
| HMAC- SHA2-384 (A5141) | HMAC- SHA2-384 (A5141) | KAT | CAST | Message authentication | Module is operational | SHA2-384 | Power up | |||
| HMAC- SHA2-384 (A5142) | HMAC- SHA2-384 (A5142) | KAT | CAST | Message authentication | Module is operational | SHA2-384 | Power up | |||
| HMAC- SHA2-512 (A5138) | HMAC- SHA2-512 (A5138) | KAT | CAST | Message authentication | Module is operational | SHA2-512 | Power up | |||
| HMAC- SHA2-512 (A5139) | HMAC- SHA2-512 (A5139) | KAT | CAST | Message authentication | Module is operational | SHA2-512 | Power up | |||
| HMAC- SHA2-512 (A5140) | HMAC- SHA2-512 (A5140) | KAT | CAST | Message authentication | Module is operational | SHA2-512 | Power up | |||
| HMAC- SHA2-512 (A5141) | HMAC- SHA2-512 (A5141) | KAT | CAST | Message authentication | Module is operational | SHA2-512 | Power up | |||
| HMAC- SHA2-512 (A5142) | HMAC- SHA2-512 (A5142) | KAT | CAST | Message authentication | Module is operational | SHA2-512 | Power up | |||
| HMAC- SHA3-224 (A5140) | HMAC- SHA3-224 (A5140) | KAT | CAST | Message authentication | Module is operational | SHA3-224 | Power up | |||
| HMAC- SHA3-224 (A5141) | HMAC- SHA3-224 (A5141) | KAT | CAST | Message authentication | Module is operational | SHA3-224 | Power up | |||
| HMAC- SHA3-224 (A5142) | HMAC- SHA3-224 (A5142) | KAT | CAST | Message authentication | Module is operational | SHA3-224 | Power up | |||
| HMAC- SHA3-256 (A5140) | HMAC- SHA3-256 (A5140) | KAT | CAST | Message authentication | Module is operational | SHA3-256 | Power up | |||
| HMAC- SHA3-256 (A5141) | HMAC- SHA3-256 (A5141) | KAT | CAST | Message authentication | Module is operational | SHA3-256 | Power up | |||
| HMAC- SHA3-256 (A5142) | HMAC- SHA3-256 (A5142) | KAT | CAST | Message authentication | Module is operational | SHA3-256 | Power up | |||
| HMAC- SHA3-384 (A5140) | HMAC- SHA3-384 (A5140) | KAT | CAST | Message authentication | Module is operational | SHA3-384 | Power up | |||
| HMAC- SHA3-384 (A5141) | HMAC- SHA3-384 (A5141) | KAT | CAST | Message authentication | Module is operational | SHA3-384 | Power up | |||
| HMAC- SHA3-384 (A5142) | HMAC- SHA3-384 (A5142) | KAT | CAST | Message authentication | Module is operational | SHA3-384 | Power up | |||
| HMAC- SHA3-512 (A5140) | HMAC- SHA3-512 (A5140) | KAT | CAST | Message authentication | Module is operational | SHA3-512 | Power up | |||
| HMAC- SHA3-512 (A5141) | HMAC- SHA3-512 (A5141) | KAT | CAST | Message authentication | Module is operational | SHA3-512 | Power up | |||
| HMAC- SHA3-512 (A5142) | HMAC- SHA3-512 (A5142) | KAT | CAST | Message authentication | Module is operational | SHA3-512 | Power up | |||
| HMAC- SHA-1 (A5137) | HMAC- SHA-1 (A5137) | KAT | CAST | Message authentication | Module is operational | SHA-1 | Power up | |||
| HMAC- SHA-1 (A5138) | HMAC- SHA-1 (A5138) | KAT | CAST | Message authentication | Module is operational | SHA-1 | Power up | |||
| HMAC- SHA-1 (A5139) | HMAC- SHA-1 (A5139) | KAT | CAST | Message authentication | Module is operational | SHA-1 | Power up | |||
| HMAC- SHA-1 (A5140) | HMAC- SHA-1 (A5140) | KAT | CAST | Message authentication | Module is operational | SHA-1 | Power up | |||
| HMAC- SHA-1 (A5141) | HMAC- SHA-1 (A5141) | KAT | CAST | Message authentication | Module is operational | SHA-1 | Power up | |||
| HMAC- SHA-1 (A5142) | HMAC- SHA-1 (A5142) | KAT | CAST | Message authentication | Module is operational | SHA-1 | Power up | |||
| RSA SigGen (FIPS186-5) (A5138) | RSA SigGen (FIPS186-5) (A5138) | KAT | CAST | Signature generation | Module is operational | RSA PKCS#1 v1.5 with 2048-bit key using SHA-256 | Power up | |||
| RSA SigGen (FIPS186-5) (A5139) | RSA SigGen (FIPS186-5) (A5139) | KAT | CAST | Signature generation | Module is operational | RSA PKCS#1 v1.5 with 2048-bit key using SHA-256 | Power up | |||
| RSA SigGen (FIPS186-5) (A5140) | RSA SigGen (FIPS186-5) (A5140) | KAT | CAST | Signature generation | Module is operational | RSA PKCS#1 v1.5 with 2048-bit key using SHA-256 | Power up | |||
| RSA SigGen (FIPS186-5) (A5141) | RSA SigGen (FIPS186-5) (A5141) | KAT | CAST | Signature generation | Module is operational | RSA PKCS#1 v1.5 with 2048-bit key using SHA-256 | Power up | |||
| RSA SigGen (FIPS186-5) (A5142) | RSA SigGen (FIPS186-5) (A5142) | KAT | CAST | Signature generation | Module is operational | RSA PKCS#1 v1.5 with 2048-bit key using SHA-256 | Power up | |||
| RSA SigVer (FIPS186-5) (A5138) | RSA SigVer (FIPS186-5) (A5138) | KAT | CAST | Signature verification | Module is operational | RSA PKCS#1 v1.5 with 2048-bit key using SHA-256 | Power up | |||
| RSA SigVer (FIPS186-5) (A5139) | RSA SigVer (FIPS186-5) (A5139) | KAT | CAST | Signature verification | Module is operational | RSA PKCS#1 v1.5 with 2048-bit key using SHA-256 | Power up | |||
| RSA SigVer (FIPS186-5) (A5140) | RSA SigVer (FIPS186-5) (A5140) | KAT | CAST | Signature verification | Module is operational | RSA PKCS#1 v1.5 with 2048-bit key using SHA-256 | Power up | |||
| RSA SigVer (FIPS186-5) (A5141) | RSA SigVer (FIPS186-5) (A5141) | KAT | CAST | Signature verification | Module is operational | RSA PKCS#1 v1.5 with 2048-bit key using SHA-256 | Power up | |||
| RSA SigVer (FIPS186-5) (A5142) | RSA SigVer (FIPS186-5) (A5142) | KAT | CAST | Signature verification | Module is operational | RSA PKCS#1 v1.5 with 2048-bit key using SHA-256 | Power up | |||
| SHA2-224 (A5138) | SHA2-224 (A5138) | KAT | CAST | Message digest | Module is operational | N/A | Power up | |||
| SHA2-224 (A5139) | SHA2-224 (A5139) | KAT | CAST | Message digest | Module is operational | N/A | Power up | |||
| SHA2-224 (A5140) | SHA2-224 (A5140) | KAT | CAST | Message digest | Module is operational | N/A | Power up | |||
| SHA2-224 (A5141) | SHA2-224 (A5141) | KAT | CAST | Message digest | Module is operational | N/A | Power up | |||
| SHA2-224 (A5142) | SHA2-224 (A5142) | KAT | CAST | Message digest | Module is operational | N/A | Power up | |||
| SHA2-256 (A5138) | SHA2-256 (A5138) | KAT | CAST | Message digest | Module is operational | N/A | Power up | |||
| SHA2-256 (A5139) | SHA2-256 (A5139) | KAT | CAST | Message digest | Module is operational | N/A | Power up | |||
| SHA2-256 (A5140) | SHA2-256 (A5140) | KAT | CAST | Message digest | Module is operational | N/A | Power up | |||
| SHA2-256 (A5141) | SHA2-256 (A5141) | KAT | CAST | Message digest | Module is operational | N/A | Power up | |||
| SHA2-256 (A5142) | SHA2-256 (A5142) | KAT | CAST | Message digest | Module is operational | N/A | Power up | |||
| SHA2-384 (A5138) | SHA2-384 (A5138) | KAT | CAST | Message digest | Module is operational | N/A | Power up | |||
| SHA2-384 (A5139) | SHA2-384 (A5139) | KAT | CAST | Message digest | Module is operational | N/A | Power up | |||
| SHA2-384 (A5140) | SHA2-384 (A5140) | KAT | CAST | Message digest | Module is operational | N/A | Power up | |||
| SHA2-384 (A5141) | SHA2-384 (A5141) | KAT | CAST | Message digest | Module is operational | N/A | Power up | |||
| SHA2-384 (A5142) | SHA2-384 (A5142) | KAT | CAST | Message digest | Module is operational | N/A | Power up | |||
| SHA2-512 (A5138) | SHA2-512 (A5138) | KAT | CAST | Message digest | Module is operational | N/A | Power up | |||
| SHA2-512 (A5139) | SHA2-512 (A5139) | KAT | CAST | Message digest | Module is operational | N/A | Power up | |||
| SHA2-512 (A5140) | SHA2-512 (A5140) | KAT | CAST | Message digest | Module is operational | N/A | Power up | |||
| SHA2-512 (A5141) | SHA2-512 (A5141) | KAT | CAST | Message digest | Module is operational | N/A | Power up | |||
| SHA2-512 (A5142) | SHA2-512 (A5142) | KAT | CAST | Message digest | Module is operational | N/A | Power up | |||
| SHA3-224 (A5140) | SHA3-224 (A5140) | KAT | CAST | Message digest | Module is operational | N/A | Power up | |||
| SHA3-224 (A5141) | SHA3-224 (A5141) | KAT | CAST | Message digest | Module is operational | N/A | Power up | |||
| SHA3-224 (A5142) | SHA3-224 (A5142) | KAT | CAST | Message digest | Module is operational | N/A | Power up | |||
| SHA3-256 (A5140) | SHA3-256 (A5140) | KAT | CAST | Message digest | Module is operational | N/A | Power up | |||
| SHA3-256 (A5141) | SHA3-256 (A5141) | KAT | CAST | Message digest | Module is operational | N/A | Power up | |||
| SHA3-256 (A5142) | SHA3-256 (A5142) | KAT | CAST | Message digest | Module is operational | N/A | Power up | |||
| SHA3-384 (A5140) | SHA3-384 (A5140) | KAT | CAST | Message digest | Module is operational | N/A | Power up | |||
| SHA3-384 (A5141) | SHA3-384 (A5141) | KAT | CAST | Message digest | Module is operational | N/A | Power up | |||
| SHA3-384 (A5142) | SHA3-384 (A5142) | KAT | CAST | Message digest | Module is operational | N/A | Power up | |||
| SHA3-512 (A5140) | SHA3-512 (A5140) | KAT | CAST | Message digest | Module is operational | N/A | Power up | |||
| SHA3-512 (A5141) | SHA3-512 (A5141) | KAT | CAST | Message digest | Module is operational | N/A | Power up | |||
| SHA3-512 (A5142) | SHA3-512 (A5142) | KAT | CAST | Message digest | Module is operational | N/A | Power up | |||
| PBKDF (A5138) | PBKDF (A5138) | KAT | CAST | Key Derivation | Module is operational | SHA-1 password length 24 characters, master key length of 200 bits, iteration count of 4096, and salt length of 288 bits; SHA-256 password length 24 characters, master key length of 320 bits, iteration count of 4096, and salt length of 288 bits | Power up | |||
| PBKDF (A5139) | PBKDF (A5139) | KAT | CAST | Key Derivation | Module is operational | SHA-1 password length 24 characters, master key length of 200 bits, iteration count of 4096, and salt length of 288 bits; SHA-256 password length 24 characters, master key length of 320 bits, iteration count of 4096, and salt length of 288 bits | Power up | |||
| PBKDF (A5140) | PBKDF (A5140) | KAT | CAST | Key Derivation | Module is operational | SHA-1 password length 24 characters, master key length of 200 bits, iteration count of 4096, and salt length of 288 bits; SHA-256 password length 24 characters, master key length of 320 bits, iteration count of 4096, and salt length of 288 bits | Power up | |||
| PBKDF (A5141) | PBKDF (A5141) | KAT | CAST | Key Derivation | Module is operational | SHA-1 password length 24 characters, master key length of 200 bits, iteration count of 4096, and salt length of 288 bits; SHA-256 password length 24 characters, master key length of 320 bits, iteration | Power up | |||
| PBKDF (A5142) | PBKDF (A5142) | KAT | CAST | Key Derivation | Module is operational | SHA-1 password length 24 characters, master key length of 200 bits, iteration count of 4096, and salt length of 288 bits; SHA-256 password length 24 characters, master key length of 320 bits, iteration count of 4096, and salt length of 288 bits | Power up | |||
| ECDSA KeyGen (FIPS186-5) (A5138) | ECDSA KeyGen (FIPS186-5) (A5138) | Signature generation and verification | PCT | Sign and Verify | Module is operational | Respective Curve and SHA2-256 | Key generation | |||
| ECDSA KeyGen (FIPS186-5) (A5139) | ECDSA KeyGen (FIPS186-5) (A5139) | Signature generation and verification | PCT | Sign and Verify | Module is operational | Respective Curve and SHA2-256 | Key generation | |||
| ECDSA KeyGen (FIPS186-5) (A5140) | ECDSA KeyGen (FIPS186-5) (A5140) | Signature generation and verification | PCT | Sign and Verify | Module is operational | Respective Curve and SHA2-256 | Key generation | |||
| ECDSA KeyGen (FIPS186-5) (A5141) | ECDSA KeyGen (FIPS186-5) (A5141) | Signature generation and verification | PCT | Sign and Verify | Module is operational | Respective Curve and SHA2-256 | Key generation | |||
| ECDSA KeyGen (FIPS186-5) (A5142) | ECDSA KeyGen (FIPS186-5) (A5142) | Signature generation and verification | PCT | Sign and Verify | Module is operational | Respective Curve and SHA2-256 | Key generation | |||
| RSA KeyGen (FIPS186-5) (A5138) | RSA KeyGen (FIPS186-5) (A5138) | Signature generation and verification | PCT | Sign and Verify | Module is operational | SHA2-256 and respective keys | Key generation | |||
| RSA KeyGen (FIPS186-5) (A5139) | RSA KeyGen (FIPS186-5) (A5139) | Signature generation and verification | PCT | Sign and Verify | Module is operational | SHA2-256 and respective keys | Key generation | |||
| RSA KeyGen (FIPS186-5) (A5140) | RSA KeyGen (FIPS186-5) (A5140) | Signature generation and verification | PCT | Sign and Verify | Module is operational | SHA2-256 and respective keys | Key generation | |||
| RSA KeyGen (FIPS186-5) (A5141) | RSA KeyGen (FIPS186-5) (A5141) | Signature generation and verification | PCT | Sign and Verify | Module is operational | SHA2-256 and respective keys | Key generation | |||
| RSA KeyGen (FIPS186-5) (A5142) | RSA KeyGen (FIPS186-5) (A5142) | Signature generation and verification | PCT | Sign and Verify | Module is operational | SHA2-256 and respective keys | Key generation | |||
| HMAC-SHA2-256 (A5138) | HMAC-SHA2-256 (A5138) | Message authentication | SW/FW Integrity | On demand | Manually | |||||
| HMAC-SHA2-256 (A5139) | HMAC-SHA2-256 (A5139) | Message authentication | SW/FW Integrity | On demand | Manually | |||||
| HMAC-SHA2-256 (A5140) | HMAC-SHA2-256 (A5140) | Message authentication | SW/FW Integrity | On demand | Manually | |||||
| HMAC-SHA2-256 (A5141) | HMAC-SHA2-256 (A5141) | Message authentication | SW/FW Integrity | On demand | Manually | |||||
| HMAC-SHA2-256 (A5142) | HMAC-SHA2-256 (A5142) | Message authentication | SW/FW Integrity | On demand | Manually | |||||
| SHA-1 (A5137) | SHA-1 (A5137) | KAT | CAST | On demand | Manually | |||||
| SHA-1 (A5138) | SHA-1 (A5138) | KAT | CAST | On demand | Manually | |||||
| SHA-1 (A5139) | SHA-1 (A5139) | KAT | CAST | On demand | Manually | |||||
| SHA-1 (A5140) | SHA-1 (A5140) | KAT | CAST | On demand | Manually | |||||
| SHA-1 (A5141) | SHA-1 (A5141) | KAT | CAST | On demand | Manually | |||||
| SHA-1 (A5142) | SHA-1 (A5142) | KAT | CAST | On demand | Manually | |||||
| AES-ECB - Encrypt (A5138) | AES-ECB - Encrypt (A5138) | KAT | CAST | On demand | Manually | |||||
| AES-ECB - Encrypt (A5139) | AES-ECB - Encrypt (A5139) | KAT | CAST | On demand | Manually |
HMACSHA2-256 HMACSHA2-256 HMACSHA2-256 HMACSHA2-256 HMACSHA2-256 Table 21: Pre-Operational Self-Tests The module performs pre-operational self-tests automatically when the module is becoming available for the consuming application. Pre-operational self-tests ensure that the module is not corrupted. While the module is executing the pre-operational self-tests, services are not available, input and output are inhibited. The module is not available for use by the calling application until the pre-operational self-tests are completed successfully. After the pre-operational self-tests and the CASTs succeed, the module becomes operational. If any of the preoperational self-tests or any of the CASTs fail an error message is returned, and the module transitions to the error state.
N/A N/A © 2026 Cloudlinux Inc., TuxCare division, atsec information security.
Libgcrypt cryptography module for AlmaLinux 9 N/A N/A N/A N/A AESCMAC AESCMAC © 2026 Cloudlinux Inc., TuxCare division, atsec information security.
Libgcrypt cryptography module for AlmaLinux 9 AESCMAC AESCMAC © 2026 Cloudlinux Inc., TuxCare division, atsec information security.
Libgcrypt cryptography module for AlmaLinux 9 © 2026 Cloudlinux Inc., TuxCare division, atsec information security.
Libgcrypt cryptography module for AlmaLinux 9 HMACSHA2-224 HMACSHA2-224 HMACSHA2-224 HMACSHA2-224 HMACSHA2-224 HMACSHA2-256 © 2026 Cloudlinux Inc., TuxCare division, atsec information security.
Libgcrypt cryptography module for AlmaLinux 9 HMACSHA2-256 HMACSHA2-256 HMACSHA2-256 HMACSHA2-256 HMACSHA2-384 HMACSHA2-384 HMACSHA2-384 HMACSHA2-384 HMACSHA2-384 HMACSHA2-512 HMACSHA2-512 HMACSHA2-512 HMACSHA2-512 © 2026 Cloudlinux Inc., TuxCare division, atsec information security.
Libgcrypt cryptography module for AlmaLinux 9 HMACSHA2-512 HMACSHA3-224 HMACSHA3-224 HMACSHA3-224 HMACSHA3-256 HMACSHA3-256 HMACSHA3-256 HMACSHA3-384 HMACSHA3-384 HMACSHA3-384 HMACSHA3-512 HMACSHA3-512 HMACSHA3-512 © 2026 Cloudlinux Inc., TuxCare division, atsec information security.
Libgcrypt cryptography module for AlmaLinux 9 HMACSHA-1 HMACSHA-1 HMACSHA-1 HMACSHA-1 HMACSHA-1 HMACSHA-1 © 2026 Cloudlinux Inc., TuxCare division, atsec information security.
Libgcrypt cryptography module for AlmaLinux 9 N/A N/A N/A N/A N/A N/A N/A N/A N/A N/A N/A N/A N/A © 2026 Cloudlinux Inc., TuxCare division, atsec information security.
Libgcrypt cryptography module for AlmaLinux 9 N/A N/A N/A N/A N/A N/A N/A N/A N/A N/A N/A N/A N/A N/A N/A N/A N/A N/A N/A © 2026 Cloudlinux Inc., TuxCare division, atsec information security.
Libgcrypt cryptography module for AlmaLinux 9 © 2026 Cloudlinux Inc., TuxCare division, atsec information security.
Libgcrypt cryptography module for AlmaLinux 9 © 2026 Cloudlinux Inc., TuxCare division, atsec information security.
| Name | Algorithm Or Test | Test Method | Test Type | Period | Periodic Method | Details | Test Properties | Indicator | Conditions |
|---|---|---|---|---|---|---|---|---|---|
| RSA KeyGen (FIPS186-5) (A5140) | RSA KeyGen (FIPS186-5) (A5140) | Signature generation and verification | PCT | Sign and Verify | SHA2-256 and respective keys | Module is operational | Key generation | ||
| RSA KeyGen (FIPS186-5) (A5141) | RSA KeyGen (FIPS186-5) (A5141) | Signature generation and verification | PCT | Sign and Verify | SHA2-256 and respective keys | Module is operational | Key generation | ||
| RSA KeyGen (FIPS186-5) (A5142) | RSA KeyGen (FIPS186-5) (A5142) | Signature generation and verification | PCT | Sign and Verify | SHA2-256 and respective keys | Module is operational | Key generation | ||
| HMAC-SHA2-256 (A5138) | HMAC-SHA2-256 (A5138) | Message authentication | SW/FW Integrity | On demand | Manually | ||||
| HMAC-SHA2-256 (A5139) | HMAC-SHA2-256 (A5139) | Message authentication | SW/FW Integrity | On demand | Manually | ||||
| HMAC-SHA2-256 (A5140) | HMAC-SHA2-256 (A5140) | Message authentication | SW/FW Integrity | On demand | Manually | ||||
| HMAC-SHA2-256 (A5141) | HMAC-SHA2-256 (A5141) | Message authentication | SW/FW Integrity | On demand | Manually | ||||
| HMAC-SHA2-256 (A5142) | HMAC-SHA2-256 (A5142) | Message authentication | SW/FW Integrity | On demand | Manually | ||||
| SHA-1 (A5137) | SHA-1 (A5137) | KAT | CAST | On demand | Manually | ||||
| SHA-1 (A5138) | SHA-1 (A5138) | KAT | CAST | On demand | Manually | ||||
| SHA-1 (A5139) | SHA-1 (A5139) | KAT | CAST | On demand | Manually | ||||
| SHA-1 (A5140) | SHA-1 (A5140) | KAT | CAST | On demand | Manually | ||||
| SHA-1 (A5141) | SHA-1 (A5141) | KAT | CAST | On demand | Manually | ||||
| SHA-1 (A5142) | SHA-1 (A5142) | KAT | CAST | On demand | Manually | ||||
| AES-ECB - Encrypt (A5138) | AES-ECB - Encrypt (A5138) | KAT | CAST | On demand | Manually | ||||
| AES-ECB - Encrypt (A5139) | AES-ECB - Encrypt (A5139) | KAT | CAST | On demand | Manually | ||||
| AES-ECB - Encrypt (A5141) | AES-ECB - Encrypt (A5141) | KAT | CAST | On demand | Manually | ||||
| AES-ECB - Encrypt (A5142) | AES-ECB - Encrypt (A5142) | KAT | CAST | On demand | Manually | ||||
| AES-ECB - Decrypt (A5138) | AES-ECB - Decrypt (A5138) | KAT | CAST | On demand | Manually | ||||
| AES-ECB - Decrypt (A5139) | AES-ECB - Decrypt (A5139) | KAT | CAST | On demand | Manually | ||||
| AES-ECB - Decrypt (A5141) | AES-ECB - Decrypt (A5141) | KAT | CAST | On demand | Manually | ||||
| AES-ECB - Decrypt (A5142) | AES-ECB - Decrypt (A5142) | KAT | CAST | On demand | Manually | ||||
| AES-CMAC (A5138) | AES-CMAC (A5138) | KAT | CAST | On demand | Manually | ||||
| AES-CMAC (A5139) | AES-CMAC (A5139) | KAT | CAST | On demand | Manually | ||||
| AES-CMAC (A5141) | AES-CMAC (A5141) | KAT | CAST | On demand | Manually | ||||
| AES-CMAC (A5142) | AES-CMAC (A5142) | KAT | CAST | On demand | Manually | ||||
| Counter DRBG (A5138) | Counter DRBG (A5138) | KAT | CAST | On demand | Manually | ||||
| Counter DRBG (A5139) | Counter DRBG (A5139) | KAT | CAST | On demand | Manually | ||||
| Counter DRBG (A5141) | Counter DRBG (A5141) | KAT | CAST | On demand | Manually | ||||
| Counter DRBG (A5142) | Counter DRBG (A5142) | KAT | CAST | On demand | Manually | ||||
| Hash DRBG (A5138) | Hash DRBG (A5138) | KAT | CAST | On demand | Manually | ||||
| Hash DRBG (A5139) | Hash DRBG (A5139) | KAT | CAST | On demand | Manually | ||||
| Hash DRBG (A5140) | Hash DRBG (A5140) | KAT | CAST | On demand | Manually | ||||
| Hash DRBG (A5141) | Hash DRBG (A5141) | KAT | CAST | On demand | Manually | ||||
| Hash DRBG (A5142) | Hash DRBG (A5142) | KAT | CAST | On demand | Manually | ||||
| HMAC DRBG (A5138) | HMAC DRBG (A5138) | KAT | CAST | On demand | Manually | ||||
| HMAC DRBG (A5139) | HMAC DRBG (A5139) | KAT | CAST | On demand | Manually | ||||
| HMAC DRBG (A5140) | HMAC DRBG (A5140) | KAT | CAST | On demand | Manually | ||||
| HMAC DRBG (A5141) | HMAC DRBG (A5141) | KAT | CAST | On demand | Manually | ||||
| HMAC DRBG (A5142) | HMAC DRBG (A5142) | KAT | CAST | On demand | Manually | ||||
| ECDSA SigGen (FIPS186-5) (A5138) | ECDSA SigGen (FIPS186-5) (A5138) | KAT | CAST | On demand | Manually | ||||
| ECDSA SigGen (FIPS186-5) (A5139) | ECDSA SigGen (FIPS186-5) (A5139) | KAT | CAST | On demand | Manually | ||||
| ECDSA SigGen (FIPS186-5) (A5140) | ECDSA SigGen (FIPS186-5) (A5140) | KAT | CAST | On demand | Manually | ||||
| ECDSA SigGen (FIPS186-5) (A5141) | ECDSA SigGen (FIPS186-5) (A5141) | KAT | CAST | On demand | Manually | ||||
| ECDSA SigGen (FIPS186-5) (A5142) | ECDSA SigGen (FIPS186-5) (A5142) | KAT | CAST | On demand | Manually | ||||
| ECDSA SigVer (FIPS186-5) (A5138) | ECDSA SigVer (FIPS186-5) (A5138) | KAT | CAST | On demand | Manually | ||||
| ECDSA SigVer (FIPS186-5) (A5139) | ECDSA SigVer (FIPS186-5) (A5139) | KAT | CAST | On demand | Manually | ||||
| ECDSA SigVer (FIPS186-5) (A5140) | ECDSA SigVer (FIPS186-5) (A5140) | KAT | CAST | On demand | Manually | ||||
| ECDSA SigVer (FIPS186-5) (A5141) | ECDSA SigVer (FIPS186-5) (A5141) | KAT | CAST | On demand | Manually | ||||
| ECDSA SigVer (FIPS186-5) (A5142) | ECDSA SigVer (FIPS186-5) (A5142) | KAT | CAST | On demand | Manually | ||||
| HMAC-SHA2-224 (A5138) | HMAC-SHA2-224 (A5138) | KAT | CAST | On demand | Manually | ||||
| HMAC-SHA2-224 (A5139) | HMAC-SHA2-224 (A5139) | KAT | CAST | On demand | Manually | ||||
| HMAC-SHA2-224 (A5140) | HMAC-SHA2-224 (A5140) | KAT | CAST | On demand | Manually | ||||
| HMAC-SHA2-224 (A5141) | HMAC-SHA2-224 (A5141) | KAT | CAST | On demand | Manually | ||||
| HMAC-SHA2-224 (A5142) | HMAC-SHA2-224 (A5142) | KAT | CAST | On demand | Manually | ||||
| HMAC-SHA2-256 (A5138) | HMAC-SHA2-256 (A5138) | KAT | CAST | On demand | Manually | ||||
| HMAC-SHA2-256 (A5139) | HMAC-SHA2-256 (A5139) | KAT | CAST | On demand | Manually | ||||
| HMAC-SHA2-256 (A5140) | HMAC-SHA2-256 (A5140) | KAT | CAST | On demand | Manually | ||||
| HMAC-SHA2-256 (A5141) | HMAC-SHA2-256 (A5141) | KAT | CAST | On demand | Manually | ||||
| HMAC-SHA2-256 (A5142) | HMAC-SHA2-256 (A5142) | KAT | CAST | On demand | Manually | ||||
| HMAC-SHA2-384 (A5138) | HMAC-SHA2-384 (A5138) | KAT | CAST | On demand | Manually | ||||
| HMAC-SHA2-384 (A5139) | HMAC-SHA2-384 (A5139) | KAT | CAST | On demand | Manually | ||||
| HMAC-SHA2-384 (A5140) | HMAC-SHA2-384 (A5140) | KAT | CAST | On demand | Manually | ||||
| HMAC-SHA2-384 (A5141) | HMAC-SHA2-384 (A5141) | KAT | CAST | On demand | Manually | ||||
| HMAC-SHA2-384 (A5142) | HMAC-SHA2-384 (A5142) | KAT | CAST | On demand | Manually | ||||
| HMAC-SHA2-512 (A5138) | HMAC-SHA2-512 (A5138) | KAT | CAST | On demand | Manually | ||||
| HMAC-SHA2-512 (A5139) | HMAC-SHA2-512 (A5139) | KAT | CAST | On demand | Manually | ||||
| HMAC-SHA2-512 (A5140) | HMAC-SHA2-512 (A5140) | KAT | CAST | On demand | Manually | ||||
| HMAC-SHA2-512 (A5141) | HMAC-SHA2-512 (A5141) | KAT | CAST | On demand | Manually | ||||
| HMAC-SHA2-512 (A5142) | HMAC-SHA2-512 (A5142) | KAT | CAST | On demand | Manually | ||||
| HMAC-SHA3-224 (A5140) | HMAC-SHA3-224 (A5140) | KAT | CAST | On demand | Manually | ||||
| HMAC-SHA3-224 (A5141) | HMAC-SHA3-224 (A5141) | KAT | CAST | On demand | Manually | ||||
| HMAC-SHA3-224 (A5142) | HMAC-SHA3-224 (A5142) | KAT | CAST | On demand | Manually | ||||
| HMAC-SHA3-256 (A5140) | HMAC-SHA3-256 (A5140) | KAT | CAST | On demand | Manually | ||||
| HMAC-SHA3-256 (A5141) | HMAC-SHA3-256 (A5141) | KAT | CAST | On demand | Manually | ||||
| HMAC-SHA3-256 (A5142) | HMAC-SHA3-256 (A5142) | KAT | CAST | On demand | Manually | ||||
| HMAC-SHA3-384 (A5140) | HMAC-SHA3-384 (A5140) | KAT | CAST | On demand | Manually | ||||
| HMAC-SHA3-384 (A5141) | HMAC-SHA3-384 (A5141) | KAT | CAST | On demand | Manually | ||||
| HMAC-SHA3-384 (A5142) | HMAC-SHA3-384 (A5142) | KAT | CAST | On demand | Manually | ||||
| HMAC-SHA3-512 (A5140) | HMAC-SHA3-512 (A5140) | KAT | CAST | On demand | Manually | ||||
| HMAC-SHA3-512 (A5141) | HMAC-SHA3-512 (A5141) | KAT | CAST | On demand | Manually | ||||
| HMAC-SHA3-512 (A5142) | HMAC-SHA3-512 (A5142) | KAT | CAST | On demand | Manually | ||||
| HMAC-SHA-1 (A5137) | HMAC-SHA-1 (A5137) | KAT | CAST | On demand | Manually | ||||
| HMAC-SHA-1 (A5138) | HMAC-SHA-1 (A5138) | KAT | CAST | On demand | Manually | ||||
| HMAC-SHA-1 (A5139) | HMAC-SHA-1 (A5139) | KAT | CAST | On demand | Manually | ||||
| HMAC-SHA-1 (A5140) | HMAC-SHA-1 (A5140) | KAT | CAST | On demand | Manually | ||||
| HMAC-SHA-1 (A5141) | HMAC-SHA-1 (A5141) | KAT | CAST | On demand | Manually | ||||
| HMAC-SHA-1 (A5142) | HMAC-SHA-1 (A5142) | KAT | CAST | On demand | Manually | ||||
| RSA SigGen (FIPS186-5) (A5138) | RSA SigGen (FIPS186-5) (A5138) | KAT | CAST | On demand | Manually | ||||
| RSA SigGen (FIPS186-5) (A5139) | RSA SigGen (FIPS186-5) (A5139) | KAT | CAST | On demand | Manually | ||||
| RSA SigGen (FIPS186-5) (A5140) | RSA SigGen (FIPS186-5) (A5140) | KAT | CAST | On demand | Manually | ||||
| RSA SigGen (FIPS186-5) (A5141) | RSA SigGen (FIPS186-5) (A5141) | KAT | CAST | On demand | Manually | ||||
| RSA SigGen (FIPS186-5) (A5142) | RSA SigGen (FIPS186-5) (A5142) | KAT | CAST | On demand | Manually | ||||
| RSA SigVer (FIPS186-5) (A5138) | RSA SigVer (FIPS186-5) (A5138) | KAT | CAST | On demand | Manually | ||||
| RSA SigVer (FIPS186-5) (A5139) | RSA SigVer (FIPS186-5) (A5139) | KAT | CAST | On demand | Manually | ||||
| RSA SigVer (FIPS186-5) (A5140) | RSA SigVer (FIPS186-5) (A5140) | KAT | CAST | On demand | Manually | ||||
| RSA SigVer (FIPS186-5) (A5141) | RSA SigVer (FIPS186-5) (A5141) | KAT | CAST | On demand | Manually | ||||
| RSA SigVer (FIPS186-5) (A5142) | RSA SigVer (FIPS186-5) (A5142) | KAT | CAST | On demand | Manually | ||||
| SHA2-224 (A5138) | SHA2-224 (A5138) | KAT | CAST | On demand | Manually | ||||
| SHA2-224 (A5139) | SHA2-224 (A5139) | KAT | CAST | On demand | Manually | ||||
| SHA2-224 (A5140) | SHA2-224 (A5140) | KAT | CAST | On demand | Manually | ||||
| SHA2-224 (A5141) | SHA2-224 (A5141) | KAT | CAST | On demand | Manually | ||||
| SHA2-224 (A5142) | SHA2-224 (A5142) | KAT | CAST | On demand | Manually | ||||
| SHA2-256 (A5138) | SHA2-256 (A5138) | KAT | CAST | On demand | Manually | ||||
| SHA2-256 (A5139) | SHA2-256 (A5139) | KAT | CAST | On demand | Manually | ||||
| SHA2-256 (A5140) | SHA2-256 (A5140) | KAT | CAST | On demand | Manually | ||||
| SHA2-256 (A5141) | SHA2-256 (A5141) | KAT | CAST | On demand | Manually | ||||
| SHA2-256 (A5142) | SHA2-256 (A5142) | KAT | CAST | On demand | Manually | ||||
| SHA2-384 (A5138) | SHA2-384 (A5138) | KAT | CAST | On demand | Manually | ||||
| SHA2-384 (A5139) | SHA2-384 (A5139) | KAT | CAST | On demand | Manually | ||||
| SHA2-384 (A5140) | SHA2-384 (A5140) | KAT | CAST | On demand | Manually | ||||
| SHA2-384 (A5141) | SHA2-384 (A5141) | KAT | CAST | On demand | Manually | ||||
| SHA2-384 (A5142) | SHA2-384 (A5142) | KAT | CAST | On demand | Manually | ||||
| SHA2-512 (A5138) | SHA2-512 (A5138) | KAT | CAST | On demand | Manually | ||||
| SHA2-512 (A5139) | SHA2-512 (A5139) | KAT | CAST | On demand | Manually | ||||
| SHA2-512 (A5140) | SHA2-512 (A5140) | KAT | CAST | On demand | Manually | ||||
| SHA2-512 (A5141) | SHA2-512 (A5141) | KAT | CAST | On demand | Manually | ||||
| SHA2-512 (A5142) | SHA2-512 (A5142) | KAT | CAST | On demand | Manually | ||||
| SHA3-224 (A5140) | SHA3-224 (A5140) | KAT | CAST | On demand | Manually | ||||
| SHA3-224 (A5141) | SHA3-224 (A5141) | KAT | CAST | On demand | Manually | ||||
| SHA3-224 (A5142) | SHA3-224 (A5142) | KAT | CAST | On demand | Manually | ||||
| SHA3-256 (A5140) | SHA3-256 (A5140) | KAT | CAST | On demand | Manually | ||||
| SHA3-256 (A5141) | SHA3-256 (A5141) | KAT | CAST | On demand | Manually | ||||
| SHA3-256 (A5142) | SHA3-256 (A5142) | KAT | CAST | On demand | Manually | ||||
| SHA3-384 (A5140) | SHA3-384 (A5140) | KAT | CAST | On demand | Manually | ||||
| SHA3-384 (A5141) | SHA3-384 (A5141) | KAT | CAST | On demand | Manually | ||||
| SHA3-384 (A5142) | SHA3-384 (A5142) | KAT | CAST | On demand | Manually | ||||
| SHA3-512 (A5140) | SHA3-512 (A5140) | KAT | CAST | On demand | Manually | ||||
| SHA3-512 (A5141) | SHA3-512 (A5141) | KAT | CAST | On demand | Manually | ||||
| SHA3-512 (A5142) | SHA3-512 (A5142) | KAT | CAST | On demand | Manually | ||||
| PBKDF (A5138) | PBKDF (A5138) | KAT | CAST | On demand | Manually | ||||
| PBKDF (A5139) | PBKDF (A5139) | KAT | CAST | On demand | Manually | ||||
| PBKDF (A5140) | PBKDF (A5140) | KAT | CAST | On demand | Manually | ||||
| PBKDF (A5141) | PBKDF (A5141) | KAT | CAST | On demand | Manually | ||||
| PBKDF (A5142) | PBKDF (A5142) | KAT | CAST | On demand | Manually | ||||
| ECDSA KeyGen (FIPS186-5) (A5138) | ECDSA KeyGen (FIPS186-5) (A5138) | Signature generation and verification | PCT | On demand | Manually | ||||
| ECDSA KeyGen (FIPS186-5) (A5139) | ECDSA KeyGen (FIPS186-5) (A5139) | Signature generation and verification | PCT | On demand | Manually | ||||
| ECDSA KeyGen (FIPS186-5) (A5140) | ECDSA KeyGen (FIPS186-5) (A5140) | Signature generation and verification | PCT | On demand | Manually | ||||
| ECDSA KeyGen (FIPS186-5) (A5141) | ECDSA KeyGen (FIPS186-5) (A5141) | Signature generation and verification | PCT | On demand | Manually | ||||
| ECDSA KeyGen (FIPS186-5) (A5142) | ECDSA KeyGen (FIPS186-5) (A5142) | Signature generation and verification | PCT | On demand | Manually | ||||
| RSA KeyGen (FIPS186-5) (A5138) | RSA KeyGen (FIPS186-5) (A5138) | Signature generation and verification | PCT | On demand | Manually | ||||
| RSA KeyGen (FIPS186-5) (A5139) | RSA KeyGen (FIPS186-5) (A5139) | Signature generation and verification | PCT | On demand | Manually | ||||
| RSA KeyGen (FIPS186-5) (A5140) | RSA KeyGen (FIPS186-5) (A5140) | Signature generation and verification | PCT | On demand | Manually | ||||
| RSA KeyGen (FIPS186-5) (A5141) | RSA KeyGen (FIPS186-5) (A5141) | Signature generation and verification | PCT | On demand | Manually | ||||
| RSA KeyGen (FIPS186-5) (A5142) | RSA KeyGen (FIPS186-5) (A5142) | Signature generation and verification | PCT | On demand | Manually |
Libgcrypt cryptography module for AlmaLinux 9 Table 22: Conditional Self-Tests
Table 23: Pre-Operational Periodic Information © 2026 Cloudlinux Inc., TuxCare division, atsec information security.
Libgcrypt cryptography module for AlmaLinux 9 © 2026 Cloudlinux Inc., TuxCare division, atsec information security.
Libgcrypt cryptography module for AlmaLinux 9 © 2026 Cloudlinux Inc., TuxCare division, atsec information security.
Libgcrypt cryptography module for AlmaLinux 9 © 2026 Cloudlinux Inc., TuxCare division, atsec information security.
Libgcrypt cryptography module for AlmaLinux 9 © 2026 Cloudlinux Inc., TuxCare division, atsec information security.
Libgcrypt cryptography module for AlmaLinux 9 © 2026 Cloudlinux Inc., TuxCare division, atsec information security.
Libgcrypt cryptography module for AlmaLinux 9 © 2026 Cloudlinux Inc., TuxCare division, atsec information security.
| Name | Description | Role Access | Indicator | |
|---|---|---|---|---|
| Error State | The module will return an error code to indicate the error and will enter the Error state. Any further cryptographic operation is inhibited. | Failure of pre- operational tests or conditional tests. | An error message related to the cause of the failure (e.g. GPG_ERR_SELFTEST_FAILED). | The error can be recovered by a restart (i.e., powering off and powering on) of the module. |
| Fatal Error state | The module will abort and will not be available. | Random numbers are requested in the error state or cipher operations are requested on a deallocated handle. | The module is aborted | The error can be recovered by a restart (i.e., powering off and powering on) of the module. |
Libgcrypt cryptography module for AlmaLinux 9 Table 24: Conditional Periodic Information This information can be found in Section 5.2.
Table 25: Error States application can obtain the module state by calling the gcry_control(GCRYCTL_OPERATIONAL_P) API function. The function returns FALSE if the module is in the Error state, TRUE if the module is in the Operational state. © 2026 Cloudlinux Inc., TuxCare division, atsec information security.
Libgcrypt cryptography module for AlmaLinux 9 In the Error state, all data output is inhibited, and no cryptographic operation is allowed. The error can be recovered by a restart (i.e., powering off and powering on) of the module. If random numbers are requested while the module is in Error state, or if cipher operations are requested on a deallocated handle the module will transition to Fatal Error state, the module will abort and will not be available.
The software integrity tests and the CASTs can be invoked relying on the gcry_control(GCRYCTL_SELFTEST) API function call or by powering-off and reloading the module. The PCTs can be invoked on demand by requesting the Key Generation service. © 2026 Cloudlinux Inc., TuxCare division, atsec information security.
Libgcrypt cryptography module for AlmaLinux 9
The Crypto Officer can install the libgcrypt-1.10.0-11.el9_2.tuxcare.1 RPM package of the Module using standard tools recommended for the installation of RPM packages on an Almalinux system (for example, DNF or RPM). The integrity of the RPM package is automatically verified during the installation, and the Crypto Officer shall not install the RPM package if there is any integrity error. Before the RPM package of the module is installed, the Almalinux 9 system must operate in Approved mode. This can be achieved by:
All the functions, ports and logical interfaces described in this document are available to the Crypto Officer. The user must not call malloc/free to create/release space for keys, let libgcrypt manage space for keys, which will ensure that the key memory is overwritten before it is released. gcry_control(GCRYCTL_TERM_SECMEM) needs to be called before the process is terminated.
The module implements only the Crypto Officer. There are no requirements for non-administrator guidance.
For secure sanitization of the cryptographic module, the module must first to be powered off, which will zeroize all keys and CSPs in volatile memory. Then, for actual deprecation, the module shall be upgraded to a newer version that is FIPS 140-3 validated. The module does not possess persistent storage of SSPs, so further sanitization steps are not required. © 2026 Cloudlinux Inc., TuxCare division, atsec information security.
Libgcrypt cryptography module for AlmaLinux 9
RSA is vulnerable to timing attacks. In a setup where attackers can measure the time of RSA decryption or signature operations, blinding must be used to protect the RSA operation from that attack. By default, the module uses the following blinding technique: instead of using the RSA decryption directly, a blinded value y = x re mod n is decrypted and the unblinded value x' = y' r−1 mod n returned. The blinding value r is a random value with the size of the modulus n. © 2026 Cloudlinux Inc., TuxCare division, atsec information security.
Libgcrypt cryptography module for AlmaLinux 9 Appendix A. Glossary and Abbreviations AES CAVP CBC CMAC CMVP CSP CTR DRBG ECB FIPS GCM HMAC KAT KW MAC NIST PAA PAI PR PSP PSS RNG RSA SHA SSP XTS Advanced Encryption Standard Cryptographic Algorithm Validation Program Cipher Block Chaining Cipher-based Message Authentication Code Cryptographic Module Validation Program Critical Security Parameter Counter Mode Deterministic Random Bit Generator Electronic Code Book Federal Information Processing Standards Publication Galois Counter Mode Hash Message Authentication Code Known Answer Test AES Key Wrap Message Authentication Code National Institute of Science and Technology Processor Algorithm Acceleration Processor Algorithm Implementation Prediction Resistance Public Security Parameter Probabilistic Signature Scheme Random Number Generator Rivest, Shamir, Adleman Secure Hash Algorithm Sensitive Security Parameter XEX-based Tweaked-codebook mode with cipher text Stealing © 2026 Cloudlinux Inc., TuxCare division, atsec information security.
Libgcrypt cryptography module for AlmaLinux 9 Appendix B. References FIPS140-3 FIPS140-3_IG FIPS180-4 FIPS186-2 FIPS186-4 FIPS186-5 FIPS197 FIPS198-1 SP800-38A SP800-38B SP800-38D SP800-38E SP800-38F SP800-52rev2 FIPS PUB 140-3 - Security Requirements For Cryptographic Modules March 2019 https://doi.org/10.6028/NIST.FIPS.140-3 Implementation Guidance for FIPS PUB 140-3 and the Cryptographic Module Validation Program January 2024 https://csrc.nist.gov/csrc/media/Projects/cryptographic-module-validationprogram/documents/fips%20140-3/FIPS%20140-3%20IG.pdf Secure Hash Standard (SHS) March 2012 https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.180-4.pdf Digital Signature Standard (DSS) January 2000 https://csrc.nist.gov/files/pubs/fips/186-2/final/docs/fips186-2.pdf Digital Signature Standard (DSS) July 2013 https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-4.pdf Digital Signature Standard (DSS) February 2023 https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-5.pdf Advanced Encryption Standard November 2001 https://csrc.nist.gov/publications/fips/fips197/fips-197.pdf The Keyed Hash Message Authentication Code (HMAC) July 2008 https://csrc.nist.gov/publications/fips/fips198-1/FIPS-198-1_final.pdf NIST Special Publication 800-38A - Recommendation for Block Cipher Modes of Operation Methods and Techniques December 2001 https://csrc.nist.gov/publications/nistpubs/800-38a/sp800-38a.pdf NIST Special Publication 800-38B - Recommendation for Block Cipher Modes of Operation: The CMAC Mode for Authentication May 2005 https://csrc.nist.gov/publications/detail/sp/800-38b/final NIST Special Publication 800-38D - Recommendation for Block Cipher Modes of Operation: Galois/Counter Mode (GCM) and GMAC November 2007 https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38d.pdf NIST Special Publication 800-38E - Recommendation for Block Cipher Modes of Operation: The XTS AES Mode for Confidentiality on Storage Devices January 2010 https://csrc.nist.gov/publications/nistpubs/800-38E/nist-sp-800-38E.pdf NIST Special Publication 800-38F - Recommendation for Block Cipher Modes of Operation: Methods for Key Wrapping December 2012 https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-38F.pdf NIST Special Publication 800-52
Libgcrypt cryptography module for AlmaLinux 9 SP800-56Arev3 SP800-56Crev2 SP800-90Arev1 SP800-90B SP800-108rev1 SP800-132 SP800-133rev2 SP800-135rev1 SP800-140Br1 August 2019 https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-52r2.pdf NIST Special Publication 800-56A