Certificate 1386 - Red Hat Enterprise Linux 5 OpenSwan Cryptographic Module
intCertNum 1386
strVendorName Red Hat, Inc.
strURL http://www.redhat.com
strAddress1 314 Littleton Road
strAddress2
strAddress3
strCity Raleigh
strStateProv NC
strPostalCode 27606
strCountry 27606
strContact Irina Boverman
strEmail iboverma@redhat.com
strPhone 978 392 1000
strFax
strContact2 Karl Wirth
strEmail2 kwirth@redhat.com
strFax2
strPhone2 978 392 1000
intCertNum 1386
strModuleName Red Hat Enterprise Linux 5 OpenSwan Cryptographic Module
strPartNumber Software Version: 1.0
memModuleNotes When operated in FIPS mode. When obtained, installed, and initialized as assumed by the Crypto Officer role and specified in Section 9 of the provided Security Policy. This module contains the embedded modules Red Hat Enterprise Linux 5 OpenSSL Cryptographic Module validated to FIPS 140-2 under Cert. #1320 operating in FIPS mode and the Network Security Services (NSS) Cryptographic Module validated to FIPS 140-2 under Cert. #815 (Approved algorithms retested on listed operating environment) operating in FIPS mode. Section 1 of the provided Security Policy specifies the precise RPM files containing this module. The integrity of the RPMs is automatically verified during the installation and the Crypto officer shall not install the RPM files if the RPM tool indicates an integrity error. Any deviation from the specified verification, installation and initialization procedures will result in a non FIPS 140-2 compliant module.
str140Version 140-2
_sp_ Security Policy   [pdf][html][txt]
_cert_ Certificate   [pdf][txt]
strPURL
strModuleType Software
strValidationDate 08/12/2010
intOverallLevel 1
memIndividualLevelNotes -Operational Environment: Tested as meeting Level 1 with Red Hat Enterprise Linux 5.4 (single-user mode)
strFIPSAlgorithms Triple-DES (Cert. #943);
AES (Cert. #1368);
SHS (Cert. #1250);
RSA (Cert. #669);
RNG (Cert. #755);
DSA (Cert. #449);
HMAC (Certs. #661, #662 and #663)
strOtherAlgorithms Diffie-Hellman (key agreement: key establishment methodology provides 112 bits of encryption strength;
non-compliant less than 112 bits of encryption strength);
EC Diffie-Hellman (key agreement: key establishment methodology provides between 112 bits and 256 bits of encryption strength;
non-compliant less than 112 bits of encryption strength);
RSA (key wrapping;
key establishment methodology provides between 112 bits and 192 bits of encryption strength;
non-compliant less than 112 bits of encryption strength);
RC2;
RC4;
DES;
MD2;
MD5
strConfiguration Multi-chip standalone
memModuleDescription The Red Hat Enterprise Linux 5 OpenSwan Cryptographic Module is a software only cryptographic module that provides the IKE protocol version 1 and version 2 key agreement services required for IPSec.
intModuleCount 1
memAdditionalNotes 05/22/12: Modified certificate caveat
strFirstValidtionDate 08/12/10 00:00:00
strLabName atsec
strValidationYear 2010