Upload
others
View
10
Download
0
Embed Size (px)
Citation preview
DocumentVersion1.2 ©OracleCorporation
ThisdocumentmaybereproducedwholeandintactincludingtheCopyrightnotice.
FIPS140-2Non-ProprietarySecurityPolicy
OracleLinuxUnbreakableEnterpriseKernel(UEK)CryptographicModule
FIPS140-2Level1Validation
SoftwareVersions:R6-1.0.0andR7-2.0.0
Date:December7th2018
OracleLinuxUnbreakableEnterpriseKernelCryptographicModuleSecurityPolicy i
Title:OracleLinuxUnbreakableEnterpriseKernelCryptographicModuleSecurityPolicyDate:December7th,2018Author:atsecinformationsecuritycorporationContributingAuthors:
OracleLinuxEngineeringOracleSecurityEvaluations–GlobalProductSecurityOracleCorporationWorldHeadquarters500OracleParkwayRedwoodShores,CA94065U.S.A.WorldwideInquiries:Phone:+1.650.506.7000Fax:+1.650.506.7200oracle.com
Copyright©2018,Oracleand/oritsaffiliates.Allrightsreserved.Thisdocumentisprovidedforinformationpurposesonlyandthecontentshereofaresubjecttochangewithoutnotice.Thisdocumentisnotwarrantedtobeerror-free,norsubjecttoanyotherwarrantiesorconditions,whetherexpressedorallyorimpliedinlaw,includingimpliedwarrantiesandconditionsofmerchantabilityorfitnessforaparticularpurpose.Oraclespecificallydisclaimanyliabilitywithrespecttothisdocumentandnocontractualobligationsareformedeitherdirectlyorindirectlybythisdocument.Thisdocumentmayreproducedordistributedwholeandintactincludingthiscopyrightnotice.
OracleandJavaareregisteredtrademarksofOracleand/oritsaffiliates.Othernamesmaybetrademarksoftheirrespectiveowners.
OracleLinuxUnbreakableEnterpriseKernelCryptographicModuleSecurityPolicy iii
TABLEOFCONTENTSSection Title Page
1. Introduction......................................................................................................................................................11.1 Overview.............................................................................................................................................................11.2 DocumentOrganization......................................................................................................................................12. OracleLinuxUnbreakableEnterpriseKernelCryptographicModule..................................................................22.1 FunctionalOverview............................................................................................................................................22.2 FIPS140-2ValidationScope................................................................................................................................23. CryptographicModuleSpecification..................................................................................................................33.1 DefinitionoftheCryptographicModule.............................................................................................................33.2 DefinitionofthePhysicalCryptographicBoundary............................................................................................43.3 ModesofOperation............................................................................................................................................53.4 ApprovedorAllowedSecurityFunctions............................................................................................................53.5 Non-ApprovedbutAllowedSecurityFunctions..................................................................................................93.6 Non-ApprovedSecurityFunctions......................................................................................................................94. ModulePortsandInterfaces...........................................................................................................................105. PhysicalSecurity.............................................................................................................................................116. OperationalEnvironment................................................................................................................................126.1 TestedEnvironments........................................................................................................................................126.2 VendorAffirmedEnvironments........................................................................................................................126.3 VendorAffirmedEnvironments........................................................................................................................187. Roles,ServicesandAuthentication..................................................................................................................197.1 Roles..................................................................................................................................................................197.2 FIPSApprovedOperatorServicesandDescriptions..........................................................................................197.3 Non-FIPSApprovedServicesandDescriptions.................................................................................................207.4 OperatorAuthentication...................................................................................................................................208. KeyandCSPManagement...............................................................................................................................218.1 RandomNumberGeneration............................................................................................................................218.2 KeyEntry/Output..............................................................................................................................................228.3 Key/CSPStorage................................................................................................................................................228.4 Key/CSPZeroization..........................................................................................................................................229. Self-Tests........................................................................................................................................................239.1 Power-UpSelf-Tests..........................................................................................................................................239.1.1 IntegrityTests....................................................................................................................................................239.2 ConditionalSelf-Tests........................................................................................................................................2410.Crypto-OfficerandUserGuidance...................................................................................................................2510.1 Crypto-OfficerGuidance...................................................................................................................................2510.1.1 SecureInstallationandStartup.........................................................................................................................2510.1.2 FIPS140-2andAESNISupport..........................................................................................................................2610.2 UserGuidance...................................................................................................................................................2610.2.1 AES-XTSUsage...................................................................................................................................................2610.2.2 AES-GCMUsage.................................................................................................................................................2710.2.3 Triple-DESUsage...............................................................................................................................................2710.3 HandlingSelf-TestErrors...................................................................................................................................27
OracleLinuxUnbreakableEnterpriseKernelCryptographicModuleSecurityPolicy iii
11.MitigationofOtherAttacks.............................................................................................................................28Acronyms,TermsandAbbreviations.....................................................................................................................29References............................................................................................................................................................30
OracleLinuxUnbreakableEnterpriseKernelCryptographicModuleSecurityPolicy iii
ListofTablesTable1:FIPS140-2SecurityRequirements.............................................................................................................2Table2:FIPSApprovedorAllowedSecurityFunctions............................................................................................9Table3:Non-ApprovedDisallowedFunctions.........................................................................................................9Table4:Non-ApprovedDisallowedFunctions.........................................................................................................9Table5:MappingofFIPS140LogicalInterfacestoLogicalPorts...........................................................................10Table6:TestedOperatingEnvironment................................................................................................................12Table7:VendorAffirmedOperatingEnvironment................................................................................................17Table8:FIPSApprovedOperatorServicesandDescriptions..................................................................................19Table9:Non-FIPSApprovedOperatorServicesandDescriptions...........................................................................20Table10:CSPTable...............................................................................................................................................21Table11:Power-OnSelf-Tests..............................................................................................................................23Table12:ConditionalSelf-Tests............................................................................................................................24Table13:Acronyms..............................................................................................................................................29Table14:References............................................................................................................................................30ListofFiguresFigure1:OracleLinuxUEKLogicalCryptographicBoundary......................................................................................................4Figure2:OracleLinuxUEKHardwareBlockDiagram.................................................................................................................4
OracleLinuxUnbreakableEnterpriseKernelCryptographicModuleSecurityPolicy Page1of30
1. Introduction1.1 Overview
TheUnbreakableEnterpriseKernel(UEK),includedaspartofOracleLinux,providesthelatestopensourceinnovations,keyoptimizationsandsecurityforenterprisecloudworkloads.ThisLinuxkernelpowersOracleCloudandOracleEngineeredSystemssuchasOracleExadataDatabaseMachine.OracletestsUEKintensivelywithdemandingOracleworkloads,andrecommendsUEKforOracledeploymentsandallotherenterprisedeployments.OraclecontributestoupstreamLinuxkerneldevelopmentwithenhancementsthatbenefitOracleDatabase,middleware,applicationsandhardware,aswellasourbroadpartnerecosystem.TheseenhancementsaredistributedtocustomersthroughUEKforOracleLinux.ByselectivelyintegratingthelatestopensourceLinuxcapabilitiesintoUEKwhilestillprovidingapplicationbinarycompatibilitywiththeRedHatCompatibleKernel,Oraclemakesiteasytorunthemostdemandingcloudandenterpriseworkloadswithoutcompromisingstabilityandsecurity.Wetestallouron-premisessoftware,andrunOracleCloudonUEK,ensuringyoucanachievethehighestscalabilityandperformancewithyourcurrentworkloadsandthoseofthefuture.ThisdocumentistheSecurityPolicyfortheOracleLinuxUnbreakableEnterpriseKernel(UEK)CryptographicModulebyOracleCorporation.OracleLinuxUEKCryptographicModuleisalsoreferredtoas“theModuleorModule”.ThisSecurityPolicyspecifiesthesecurityrulesunderwhichthemoduleshalloperatetomeettherequirementsofFIPS140-2Level1.ItalsodescribeshowtheOracleLinuxUEKCryptographicModulefunctionsinordertomeettheFIPSrequirements,andtheactionsthatoperatorsmusttaketomaintainthesecurityofthemodule.
ThisSecurityPolicydescribesthefeaturesanddesignoftheOracleLinuxUEKCryptographicModuleusingtheterminologycontainedintheFIPS140-2specification.FIPS140-2,SecurityRequirementsforCryptographicModulespecifiesthesecurityrequirementsthatwillbesatisfiedbyacryptographicmoduleutilizedwithinasecuritysystemprotectingsensitivebutunclassifiedinformation.TheNIST/CSECryptographicModuleValidationProgram(CMVP)validatescryptographicmoduletoFIPS140-2.ValidatedproductsareacceptedbytheFederalagenciesofboththeUSAandCanadafortheprotectionofsensitiveordesignatedinformation.
1.2 DocumentOrganization
The Security Policy document is one document in a FIPS 140-2 Submission Package. In addition to thisdocument,theSubmissionPackagecontains:
• OracleLinuxUnbreakableEnterpriseKernel(UEK)CryptographicModuleNon-ProprietarySecurityPolicy• Othersupportingdocumentationasadditionalreferences
WiththeexceptionofthisNon-ProprietarySecurityPolicy,theFIPS140-2ValidationDocumentationisproprietarytoOracleandisreleasableonlyunderappropriatenon-disclosureagreements.Foraccesstothesedocuments,pleasecontactOracle.
OracleLinuxUnbreakableEnterpriseKernelCryptographicModuleSecurityPolicy Page2of30
2. OracleLinuxUnbreakableEnterpriseKernelCryptographicModule
2.1 FunctionalOverviewTheOracleLinuxUnbreakableEnterpriseKernelCryptographicModuleisasoftwareonlycryptographicmodulethatprovidesgeneral-purposecryptographicservicestotheremainderoftheLinuxkernel.TheOracleLinuxUEKCryptographicModuleissoftwareonly,securitylevel1cryptographicmodule,runningonamulti-chipstandaloneplatform.
2.2 FIPS140-2ValidationScopeThefollowingtableshowsthesecuritylevelforeachoftheelevensectionsofthevalidation.SeeTable1below.
SecurityRequirementsSection Level
CryptographicModuleSpecification 1CryptographicModulePortsandInterfaces 1RolesandServicesandAuthentication 1FiniteStateMachineModel 1PhysicalSecurity N/AOperationalEnvironment 1CryptographicKeyManagement 1EMI/EMC 1Self-Tests 1DesignAssurance 3MitigationofOtherAttacks N/A
Table1:FIPS140-2SecurityRequirements
OracleLinuxUnbreakableEnterpriseKernelCryptographicModuleSecurityPolicy Page3of30
3. CryptographicModuleSpecification
3.1 DefinitionoftheCryptographicModule
TheOracleLinuxUEKCryptographicModuleisasoftware-onlymulti-chipstandalonemoduleasdefinedbytherequirementswithinFIPSPUB140-2.ThelogicalcryptographicboundaryofthemoduleconsistsofbinaryfilesandtheirintegritycheckHMACfiles,whicharedeliveredthroughtheOraclePublicYumPackageManager(RPM)aslistedbelow:
ThelistofcomponentsrequiredforthemoduleversionR7-2.0.0runningonOracleLinux7.3tooperatearedefinedbelow:• OracleLinuxUnbreakableEnterpriseKernelCryptographicModulewiththeversionoftheRPMfilekernel-uek-
4.1.12-124.16.4.el7uek.• TheconfigurationoftheFIPSmodeisprovidedbythedracut-fipsanddracut-fips-aesnipackagewiththe
versionoftheRPMfileof033-535.0.2.el7.x86_64.• TheboundmoduleOracleLinuxNSSCryptographicLibrarywithFIPS140-2Certificate#3143(hereafter
referredtoasthe“NSSboundmodule”or“NSSmodule”)• ThecontentsofthehmaccalcRPMpackageversion0.9.13-4.el7.x86_64ThelistofcomponentsrequiredforthemoduleversionR6-1.0.0runningonOracleLinux6.9tooperatearedefinedbelow:• OracleLinuxUnbreakableEnterpriseKernelCryptographicModulewiththeversionoftheRPMfilekernel-uek-
4.1.12-124.16.4.el6uek.• TheconfigurationoftheFIPSmodeisprovidedbythedracut-fipspackagewiththeversionoftheRPMfileof
004-409.0.8.el6_8.2.x86_64.• TheboundmoduleOracleLinuxNSSCryptographicLibrarywithFIPS140-2Certificate#3111(hereafter
referredtoasthe“NSSboundmodule”or“NSSmodule”)• ThecontentsofthehmaccalcRPMpackageversion0.9.12-2.el6.x86_64TheOracleLinuxUEKRPMpackageoftheModuleincludesthebinaryfiles,integritycheckHMACfilesandManPages.Thefilescomprisingthemodulearethefollowing:• kernelloadablecomponents/lib/modules/$(uname-r)/kernel/crypto/*.ko• kernelloadablecomponents/lib/modules/$(uname-r)/kernel/arch/x86/crypto/*.ko• statickernelbinary/boot/vmlinuz-$(uname-r)• statickernelbinaryHMACfile/boot/.vmlinuz-$(uname-r).hmac• sha512hmacbinaryfileforperformingtheintegritychecks/usr/bin/sha512hmac• sha512hmacbinaryHMACfile:/usr/lib64/hmaccalc/sha512hmac.hmacTheNSSboundmoduleprovidestheHMAC-SHA-512algorithmusedbythesha512hmacbinaryfiletoverifytheintegrityofboththesha512hmacfileandthevmlinuz(statickernelbinary).
OracleLinuxUnbreakableEnterpriseKernelCryptographicModuleSecurityPolicy Page4of30
Figure1showsthelogicalblockdiagramofthemoduleexecutinginmemoryonthehostsystem.Thedottedlineindicatesthelogicalboundaryofthemodule.
Figure1:OracleLinuxUEKLogicalCryptographicBoundary
3.2 DefinitionofthePhysicalCryptographicBoundaryThephysicalcryptographicboundaryisdefinedasthehardenclosureofthehostsystemonwhichitruns.Seethedottedlineinfigure2below.NocomponentsareexcludedfromtherequirementsofFIPSPUB140-2.
Figure2:OracleLinuxUEKHardwareBlockDiagram
OracleLinuxUnbreakableEnterpriseKernelCryptographicModuleSecurityPolicy Page5of30
3.3 ModesofOperation
Themodulesupportstwomodesofoperation:theFIPSapprovedandnon-approvedmodes.Section10.1.1describestheSecureInstallationandStartuptocorrectlyinstallandconfigurethemodule.ThemoduleturnstoFIPSapprovedmodeaftercorrectinitialization,successfulcompletionofpower-onself-tests.Invokinganon-Approvedalgorithmoranon-ApprovedkeysizewithanApprovedalgorithmaslistedinTable4willresultinthemoduleimplicitlyenteringthenon-FIPSmodeofoperation.TheapprovedservicesavailableinFIPSmodecanbefoundinsection7.2Table8.Thenon-approvedservicesnotavailableinFIPSmodecanbefoundinsection7.3. 3.4 ApprovedorAllowedSecurityFunctionsTheOracleLinuxUEKCryptographicModulecontainsthefollowingFIPSApprovedAlgorithms:
ApprovedorAllowedSecurityFunctions Certificate
SymmetricAlgorithms OL7.3 OL6.9
AES (aesasm):CBC,ECB(e/d;128,192,256);CTR(ext.only;128,192,256)CCM(KS:128,192,256)(Assoc.DataLenRange:0-0,2^16)(PayloadLengthRange:0-32(IVLength(s):56,64,72,80,88,96,104(bits)(TagLength(s):32,48,64,80,96,112,128(bits)GCM(KS:AES_128,AES_192,AES_256)(d)TagLength(s):128120112104966432)PTLengthsTested:(0,120,128,248,256);AADLengthstested:0,120,128,248,256);96BitIV_SupportedGMAC_SupportedXTS((KS:XTS_128,XTS_256)((e/d)(f))
54005621
56145631
aesasm_iiv:CBC,ECB(e/d;128,192,256);CTR(ext.only;128,192,256)GCM(KS:AES_128,AES_192,AES_256)TagLength(s):1289664)IVGenerated:(Internally(usingSection8.2.1));PTLengthsTested:(120,128,248,256);AADLengthstested:(64,96);96BitIV_Supported
54235622
56155632
aesni:CBC,ECB(e/d;128,192,256);CTR(ext.only;128,192,256)CCM(KS:AES_128,AES_192,AES_256)(d)TagLength(s):32,48,64,80,96,112,128)IVLength(56,64,72,80,88,96,104)PTLengthsTested:(0-32);AADLengthstested:(0-65536);GCM(KS:AES_128,AES_192,AES_256)(d)TagLength(s):32,64,96,104,112,120,128)
54025627
56305635
OracleLinuxUnbreakableEnterpriseKernelCryptographicModuleSecurityPolicy Page6of30
ApprovedorAllowedSecurityFunctions Certificate
PTLengthsTested:(0,120,128,248,25);AADLengthstested:(0,120,128,248,256);96BitIV_SupportedXTS((KS:XTS_128,XTS_256);((e/d)(f))
aesni_iivCBC,ECB(e/d;128,192,256);CTR(ext.only;128,192,256)
54255628
56295638
aesni_blkasm:CBC,ECB(e/d;128,192,256);CTR(ext.only;128,192,256)GCM(KS:AES_128,AES_192,AES_256)(d)TagLength(s):64,96,128)PTLengthsTested:(120,128,248,256);AADLengthstested:(64,96);96BitIV_SupportedXTS((KS:XTS_128,XTS_256);((e/d)(f))
54035626
56205636
aesni_blkasm_iiv:CBC,ECB(e/d;128,192,256);CTR(ext.only;128,192,256)GCM(KS:AES_128,AES_192,AES_256)TagLength(s):1289664)IVGenerated:(Internally(usingSection8.2.1));PTLengthsTested:(120,128,248,256);AADLengthstested:(64,96);96BitIV_Supported
53985625
56195637
aesgenCBC,ECB(e/d;128,192,256);CTR(ext.only;128,192,256)CCM(KS:AES_128,AES_192,AES_256)(e/d)TagLength(s):32,48,64,80,96,112,128)IVLength(56,64,72,80,88,96,104)PTLengthsTested:(0-32);AADLengthstested:(0-65536);GCM(KS:AES_128,AES_192,AES_256)(d)TagLength(s):32,64,96,104,112,120,128)PTLengthsTested:(0,120,128,248,256);AADLengthstested:(0,120,128,248,256);96BitIV_SupportedXTS((KS:XTS_128,XTS_256);((e/d)(f))
54015624
56175634
aesgen_iiv:CBC,ECB(e/d;128,192,256);CTR(extonly;128,192,256)GCM(KS:AES_128,AES_192,AES_256)TagLength(s):1289664)IVGenerated:(Internally(usingSection8.2.1));PTLengthsTested:(120,128,248,256);AADLengthstested:(64,96);
54245623
56185633
OracleLinuxUnbreakableEnterpriseKernelCryptographicModuleSecurityPolicy Page7of30
ApprovedorAllowedSecurityFunctions Certificate
96BitIV_Supported
TripleDES CImplementationTCBC,TECB(KO1e/d);CTR(extonly)
27282828
28262830
BLKASMImplementationTCBC,TECB(KO1e/d);CTR(extonly)
27212829
28272831
SecureHashStandard(SHS)
SHS GenericCImplementation:SHA-1(BYTE-only)SHA-224(BYTE-only)SHA-256(BYTE-only)SHA-384(BYTE-only)SHA-512(BYTE-only)
43364516
45134520
shaavx:SHA-1(BYTE-only)SHA-224(BYTE-only)SHA-256(BYTE-only)SHA-384(BYTE-only)SHA-512(BYTE-only)
43304514
45104518
shaavx2:SHA-1(BYTE-only)SHA-224(BYTE-only)SHA-256(BYTE-only)SHA-384(BYTE-only)SHA-512(BYTE-only)
43314515
45114519
shassse3:SHA-1(BYTE-only)SHA-224(BYTE-only)SHA-256(BYTE-only)SHA-384(BYTE-only)SHA-512(BYTE-only)
43374517
45124521
DataAuthenticationCode
HMAC GenericCImplementation:HMAC-SHA1(KeySizeRangesTested:KS<BSKS=BSKS>BS)HMAC-SHA224(KeySizeRangesTested:KS<BSKS=BSKS>BS)HMAC-SHA256(KeySizeRangesTested:KS<BSKS=BSKS>BS)HMAC-SHA384(KeySizeRangesTested:KS<BSKS=BSKS>BS)HMAC-SHA512(KeySizeRangesTested:KS<BSKS=BSKS>BS)
35773750
37473754
shaavx:HMAC-SHA1(KeySizeRangesTested:KS<BSKS=BSKS>BS)HMAC-SHA224(KeySizeRangesTested:KS<BSKS=BSKS>BS)HMAC-SHA256(KeySizeRangesTested:KS<BSKS=BSKS>BS)HMAC-SHA384(KeySizeRangesTested:KS<BSKS=BSKS>BS)HMAC-SHA512(KeySizeRangesTested:KS<BSKS=BSKS>BS)
35743748
37443752
shaavx2:HMAC-SHA1(KeySizeRangesTested:KS<BSKS=BSKS>BS)HMAC-SHA224(KeySizeRangesTested:KS<BSKS=BSKS>BS)HMAC-SHA256(KeySizeRangesTested:KS<BSKS=BSKS>BS)
35753749
37453753
OracleLinuxUnbreakableEnterpriseKernelCryptographicModuleSecurityPolicy Page8of30
ApprovedorAllowedSecurityFunctions Certificate
HMAC-SHA384(KeySizeRangesTested:KS<BSKS=BSKS>BS)HMAC-SHA512(KeySizeRangesTested:KS<BSKS=BSKS>BS)
shassse3:HMAC-SHA1(KeySizeRangesTested:KS<BSKS=BSKS>BS)HMAC-SHA224(KeySizeRangesTested:KS<BSKS=BSKS>BS)HMAC-SHA256(KeySizeRangesTested:KS<BSKS=BSKS>BS)HMAC-SHA384(KeySizeRangesTested:KS<BSKS=BSKS>BS)HMAC-SHA512(KeySizeRangesTested:KS<BSKS=BSKS>BS)
35783751
37463755
AsymmetricAlgorithms
RSA shagen:FIPS186-4:ALG[RSASSA-PKCS1_V1_5]SIG(Ver)(2048SHA(1,224,256,384,512))(3072SHA(1,224,256,384,512))
28883027
30243031
shaavx:FIPS186-4:ALG[RSASSA-PKCS1_V1_5]SIG(Ver)(2048SHA(1,224,256,384,512))(3072SHA(1,224,256,384,512))
28863025
30213029
shaavx2:FIPS186-4:ALG[RSASSA-PKCS1_V1_5]SIG(Ver)(2048SHA(1,224,256,384,512))(3072SHA(1,224,256,384,512))
28873026
30223030
shassse3:FIPS186-4:ALG[RSASSA-PKCS1_V1_5]SIG(Ver)(2048SHA(1,224,256,384,512))(3072SHA(1,224,256,384,512))
28893028
30233032
RandomNumberGeneration
DRBG CTRDRBG:aesasm:CTR_DRBG:[PredictionResistanceTested:EnabledandNotEnabled;BlockCipher_Use_df:(AES-128,AES-192,AES-256)
20992260
22542268
aesni:CTR_DRBG:[PredictionResistanceTested:EnabledandNotEnabled;BlockCipher_Use_df:(AES-128,AES-192,AES-256)
21012262
22672270
aesgen:CTR_DRBG:[PredictionResistanceTested:EnabledandNotEnabled;BlockCipher_Use_df:(AES-128,AES-192,AES-256)
21002261
22552269
HashDRBGandHMACDRBG:shagen:Hash_BasedDRBG:[PredictionResistanceTested:EnabledandNotEnabled(SHA-1,SHA-256,SHA-384,SHA-512)HMAC_BasedDRBG:[PredictionResistanceTested:EnabledandNotEnabled(SHA-1,SHA-256,SHA-384,SHA-512)
20972265
22592273
Shaavx2:Hash_BasedDRBG:[PredictionResistanceTested:EnabledandNotEnabled(SHA-1,SHA-256,SHA-384,SHA-512)HMAC_BasedDRBG:[PredictionResistanceTested:EnabledandNot
20922264
22572272
OracleLinuxUnbreakableEnterpriseKernelCryptographicModuleSecurityPolicy Page9of30
ApprovedorAllowedSecurityFunctions Certificate
Enabled(SHA-1,SHA-256,SHA-384,SHA-512)
shassse3:Hash_BasedDRBG:[PredictionResistanceTested:EnabledandNotEnabled(SHA-1,SHA-256,SHA-384,SHA-512)HMAC_BasedDRBG:[PredictionResistanceTested:EnabledandNotEnabled(SHA-1,SHA-256,SHA-384,SHA-512)
20932266
22582274
shaavx:Hash_BasedDRBG:[PredictionResistanceTested:EnabledandNotEnabled(SHA-1,SHA-256,SHA-384,SHA-512)HMAC_BasedDRBG:[PredictionResistanceTested:EnabledandNotEnabled(SHA-1,SHA-256,SHA-384,SHA-512)
20982263
22562271
AlgorithmusedfromtheBoundNSSmodule HMAC HMAC-SHA512(KeySizeRangesTested:KS<BSKS=BSKS>BS) 3077
376731843628
Table2:FIPSApprovedorAllowedSecurityFunctions
3.5 Non-ApprovedbutAllowedSecurityFunctionsThefollowingalgorithmisconsiderednon-ApprovedbutallowedtobeusedinaFIPS-approvedmode:
Algorithm Usage
NDRNGfromLinuxRNG UsedforseedingNISTSP800-90ADRBG
Table3:Non-ApprovedDisallowedFunctions
3.6 Non-ApprovedSecurityFunctionsThefollowingalgorithmsareconsiderednon-ApprovedandmaynotbeusedinaFIPS-approvedmodeofoperation.Theservicesassociatedwiththesealgorithmsarespecifiedinsection7.3.
Algorithm Usage
AES-XTS(192bit) Encrypt/DecryptAESGCM EncryptionwithexternalIVorusingaesniimplementationDES Encrypt/DecryptSHA-1(multiple-buffer) MessageDigestANSIX9.31RNG RandomNumberGenerationJitterRNG Non-DeterministicRandomNumberGeneration
Table4:Non-ApprovedDisallowedFunctions
OracleLinuxUnbreakableEnterpriseKernelCryptographicModuleSecurityPolicy Page10of30
4. ModulePortsandInterfaces
Themoduleinterfacescanbecategorizedasfollows:
• DataInputInterface• DataOutputInterface• ControlInputinterface• StatusOutputInterfaceThemodulecanbeaccessedbyutilizingtheAPIitexposes.Tablebelow,showsthemappingofportsandinterfacesasperFIPS140-2Standard.
FIPS140Interface ModuleInterfacesDataInput APIinputparametersDataOutput APIoutputparametersControlInput APIfunctioncalls,kernelcommandline
StatusOutput APIreturncodes,kernellogs
Table5:MappingofFIPS140LogicalInterfacestoLogicalPorts
OracleLinuxUnbreakableEnterpriseKernelCryptographicModuleSecurityPolicy Page11of30
5. PhysicalSecurityTheModuleiscomprisedofsoftwareonlyandthusdoesnotclaimanyphysicalsecurity.
OracleLinuxUnbreakableEnterpriseKernelCryptographicModuleSecurityPolicy Page12of30
6. OperationalEnvironment
6.1 TestedEnvironments
ThemoduleoperatesinamodifiableoperationalenvironmentperFIPS140-2level1specifications.TheModulewastestedonthefollowingenvironmentswithandwithoutPAAi.e.AES-NI:
ModuleVersion OperatingEnvironment Processor Hardware
R7-2.0.0 OracleLinux7.364bit Intel(R)Xeon(R)E5-2699v4 OracleServerX6-2R6-1.0.0 OracleLinux6.964bit Intel(R)Xeon(R)E5-2699v4 OracleServerX6-2R7-2.0.0 OracleLinux7.364bit Intel(R)Xeon(R)Silver4114 OracleServerX7-2R6-1.0.0 OracleLinux6.964bit Intel(R)Xeon(R)Silver4114 OracleServerX7-2
Table6:TestedOperatingEnvironment
6.2 VendorAffirmedEnvironments
ThefollowingplatformshavenotbeentestedaspartoftheFIPS140-2level1certificationhoweverOracle“vendoraffirms”thattheseplatformsareequivalenttothetestedandvalidatedplatforms.Additionally,Oracleaffirmsthatthemodulewillfunctionthesamewayandprovidethesamesecurityservicesonanyofthesystemslistedbelow.
OperatingEnvironment Processor Hardware
OracleLinux7.364-bit Intel®Xeon®E5-2600/E5-2600v2 CiscoUCSB200M3OracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®E5-2600v3&v4 CiscoUCSB200M4OracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®ScalableProcessors CiscoUCSB200M5OracleLinux7.364-bit Intel®Xeon®E5-2400/E5-2400v2 CiscoUCSB22M3OracleLinux7.364-bit Intel®Xeon®E7-2800/E7-8800 CiscoUCSB230M2OracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®E7-2800/E7-8800v3 CiscoUCSB260M4OracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®E5-4600/E5-4600v2 CiscoUCSB420M3OracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®E5-4600v3&v4 CiscoUCSB420M4OracleLinux7.364-bit Intel®Xeon®E7-2800/E7-8800 CiscoUCSB440M2OracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®E7-2800v2/E7-4800
v2/E7-8800v2/E7-4800v3/E7-8800v3
CiscoUCSB460M4
OracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®ScalableProcessors CiscoUCSB480M5OracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®E5-2400/E5-2400v2 CiscoUCSC22M3OracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®E5-2600/E5-2600v2 CiscoUCSC220M3OracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®E5-2600v3&v4 CiscoUCSC220M4OracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®ScalableProcessors CiscoUCSC220M5OracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®E5-2400/E5-2400v2 CiscoUCSC24M3OracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®E5-2600/E5-2600v2 CiscoUCSC240M3OracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®E5-2600v3&v4 CiscoUCSC240M4OracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®ScalableProcessors CiscoUCSC240M5OracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®E7-2800v2/E7-4800v2,
v3&v4/E7-8800v2&v4CiscoUCSC460M4
OracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®ScalableProcessors CiscoUCSC480M5
OracleLinuxUnbreakableEnterpriseKernelCryptographicModuleSecurityPolicy Page13of30
OperatingEnvironment Processor HardwareOracleLinux7.364-bit Intel®Xeon®D-1500 CiscoUCSE1120D-M3/K9OracleLinux7.364-bit Intel®Xeon®D-1500 CiscoUCSE180D-M3/K9OracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®E5-2600v3 DellPowerEdgeFC630OracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®E5-4600v3 DellPowerEdgeFC830OracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®E5-2600v3 DellPowerEdgeM630BladeOracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®E5-4600v4 DellPowerEdgeM830BladeOracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®E5-2600v3 DellPowerEdgeR630OracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®E5-2600v3 DellPowerEdgeR730OracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®E5-2600v3 DellPowerEdgeR730xdOracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®E7-4800v4 DellPowerEdgeR930OracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®E5-2600v3 DellPowerEdgeT630OracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®E7-4800v2/E7-8800v2 FujitsuPRIMEQUEST2400EOracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®E7-8800v3 FujitsuPRIMEQUEST2400E2OracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®E7-8800v4 FujitsuPRIMEQUEST2400E3OracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®E7-4800v2 FujitsuPRIMEQUEST2400LOracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®E7-8800v3 FujitsuPRIMEQUEST2400L2OracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®E7-8800v4 FujitsuPRIMEQUEST2400L3OracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®E7-4800v2 FujitsuPRIMEQUEST2400SOracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®E7-4800v2 FujitsuPRIMEQUEST2400SLiteOracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®E7-8800v3 FujitsuPRIMEQUEST2400S2OracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®E7-8800v3 FujitsuPRIMEQUEST2400S2LiteOracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®E7-8800v4 FujitsuPRIMEQUEST2400S3OracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®E7-8800v4 FujitsuPRIMEQUEST2400S3LiteOracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®E7-8800v2 FujitsuPRIMEQUEST2800BOracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®E7-8800v3 FujitsuPRIMEQUEST2800B2OracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®E7-8800v4 FujitsuPRIMEQUEST2800B3OracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®E7-8800v2 FujitsuPRIMEQUEST2800EOracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®E7-8800v3 FujitsuPRIMEQUEST2800E2OracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®E7-8800v4 FujitsuPRIMEQUEST2800E3OracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®E7-8800v2 FujitsuPRIMEQUEST2800LOracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®E7-8800v3 FujitsuPRIMEQUEST2800L2OracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®E7-8800v4 FujitsuPRIMEQEST2800L3OracleLinux7.364-bit Intel®Xeon®ScalableProcessors FujitsuPRIMEQUEST3800BOracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®E5-2600v3 FujitsuPRIMERGYBX2580M1OracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®E5-2600v4 FujitsuPRIMERGYBX2580M2OracleLinux6.964-bit Intel®Xeon®ScalableProcessors FujitsuPRIMERGYCX2560M4OracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®E5-2600v3 FujitsuPRIMERGYRX2530M1OracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®E5-2600v4 FujitsuPRIMERGYRX2530M2OracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®ScalableProcessors FujitsuPRIMERGYRX2530M4OracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®E5-2600v3 FujitsuPRIMEGYRX2540M1OracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®E5-2600v4 FujitsuPRIMERGYRX2540M2OracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®ScalableProcessors FujitsuPRIMERGYRX2540M4OracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®E7-4800v2/E7-8800v2 FujitsuPRIMERGYRX4770M1
OracleLinuxUnbreakableEnterpriseKernelCryptographicModuleSecurityPolicy Page14of30
OperatingEnvironment Processor HardwareOracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®E7-4800v3/E7-8800v3 FujitsuPRIMERGYRX4770M2OracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®E7-4800v4/E7-8800v4 FujitsuPRIMERGYRX4770M3OracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®ScalableProcessors FujitsuPRIMERGYRX4770M4OracleLinux6.964-bit Intel®Xeon®E5-2600v3 HitachiBladeSymphonyBS2500
HC0A1OracleLinux6.964-bit Intel®Xeon®E5-2600v4 HitachiBladeSymphonyBS2500
HE0A2OracleLinux6.964-bit Intel®Xeon®E7-4800v3/E7-8800v3 HitachiBladeSymphonyBS2500
HE0E2OracleLinux6.964-bit Intel®Xeon®E5-2600v3 HitachiBladeSymphonyBS500
BS520HB3OracleLinux6.964-bit Intel®Xeon®E7-4800v3/E7-8800v3 HitachiBladeSymphonyBS500
BS520XB2OracleLinux6.964-bit Intel®Xeon®E5-2600v3 HitachiComputeBlade2500
CB520HB3OracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®E5-2600v4 HitachiComputeBlade2500
CB520HB4OracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®E7-8800v2 HitachiComputeBlade2500
CB520XB2OracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®E7-8800v3 HitachiComputeBlade2500
CB520XB3OracleLinux6.964-bit Intel®Xeon®E5-2600v3 HitachiComputeBlade500
CB520HB3OracleLinux7.364-bit Intel®Xeon®E5-2600v4 HitachiComputeBlade500
CB520HB4OracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®E7-8800v2 HitachiComputeBlade500
CB520XB2OracleLinux6.964-bit Intel®Xeon®E5-2600v4 HitachiHA8000RS210AN2OracleLinux6.964-bit Intel®Xeon®E5-2600v4 HitachiHA8000RS220AN2OracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®E5-2600v4 HitachiQuantaGridD51B-2UOracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®E5-2600v3&v4 HitachiQuantaPlexT41S-2UOracleLinux7.364-bit Intel®Xeon®ScalableProcessors HitachiVantaraHitachiAdvanced
ServerDS120OracleLinux7.364-bit Intel®Xeon®ScalableProcessors HitachiVantaraHitachiAdvanced
ServerDS220OracleLinux7.364-bit Intel®Xeon®ScalableProcessors HitachiVantaraHitachiAdvanced
ServerDS240OracleLinux7.364-bit Intel®Xeon®E7-4800v4/E7-8800v4 HPEIntegrityMC990XOracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®E5-2600v2 HPEProLiantBL460cGen8OracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®E5-2600v3 HPEProLiantBL460cGen9OracleLinux6.964-bit AMDOpteron6300-series HPEProLiantBL465cGen8OracleLinux6.964-bit Intel®Xeon®E5-4600v2 HPEProLiantBL660cGen8OracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®E5-4600v3 HPEProLiantBL660cGen9OracleLinux6.964-bit Intel®Xeon®E5-2600v3&v4 HPEProLiantDL120Gen9OracleLinux7.364-bit Intel®Xeon®E5-2600v3&v4 HPEProLiantDL160Gen9OracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®E5-2600v3&v4 HPEProLiantDL180Gen9OracleLinux6.964-bitandOracleLinux7.364-bit Intel®Pentium®G2120&Intel®
Xeon®E3-1200v2HPEProLiantDL320eGen8
OracleLinuxUnbreakableEnterpriseKernelCryptographicModuleSecurityPolicy Page15of30
OperatingEnvironment Processor HardwareOracleLinux6.964-bitandOracleLinux7.364-bit Intel®Pentium®G3200-series/G3420,
Corei3-4100-series/Intel®Xeon®E3-12v3
HPEProLiantDL320eGen8v2
OracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®E5-2600v3&v4 HPEProLiantDL360Gen9OracleLinux6.964-bit Intel®Xeon®Scalable
8100/6100/5100/4100/3100Processors
HPEProLiantDL360Gen10
OracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®E5-2400/E5-2400v2 HPEProLiantDL360eGen8OracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®E5-2600v3&v4 HPEProLiantDL360pGen8OracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®E5-2600v3&v4 HPEProLiantDL380Gen9OracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®E5-2400/E5-2400v2 HPEProLiantDL380eGen8OracleLinux6.964-bit Intel®Xeon®E5-2600/E5-2600v2 HPEProLiantDL380pGen8OracleLinux6.964-bit Intel®Xeon®Scalable
8100/6100/5100/4100/3100Processors
HPEProLiantDL380Gen10
OracleLinux7.364-bit Intel®Xeon®E5-4600/E5-4600v2 HPEProLiantDL560Gen8OracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®E5-4600v3&v4 HPEProLiantDL560Gen9OracleLinux6.964-bit Intel®Xeon®Scalable8170
ProcessorsHPEProLiantDL560Gen10
OracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®E7-4800v2/E7-8800v2 HPEProLiantDL580Gen8OracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®E7-4800v3/E7-8800v3 HPEProLiantDL580Gen9OracleLinux6.964-bit Intel®Xeon®X7560,X6550,E6540,
E7520HPEProLiantDL980G7
OracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®E5-2600v3&v4 HPEProLiantML350Gen9OracleLinux6.964-bit Intel®Xeon®E5-2600v3 HPEProLiantXL450Gen9(Apollo
4500)OracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®E5-2600v4 HPESynergy480Gen9Compute
ModuleOracleLinux6.964-bit Intel®Xeon®Scalable
8100/6100/5100/4100/3100Processors
HPESynergy480Gen10ComputeModule
OracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®E7-4800v4/E7-8800v4 HPESynergy620Gen9ComputeModule
OracleLinux6.964-bit Intel®Xeon®Scalable8100/6100/5100Processors
HPESynergy660Gen10ComputeModule
OracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®E7-4800v4/E7-8800v4 HPESynergy680Gen9ComputeModule
OracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®ScalableProcessors HuaweiFusionServer1288HV5OracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®ScalableProcessors HuaweiFusionServer2288HV5OracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®ScalableProcessors HuaweiFusionServerCH121V5OracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®ScalableProcessors HuaweiFusionServerCH121LV5OracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®ScalableProcessors HuaweiFusionServerCH242V5OracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®E5-2600v3&v4 HuaweiFusionServerRH2288HV3OracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®ScalableProcessors HuaweiFusionServerXH321V5OracleLinux7.364-bit Intel®Xeon®E5-2600v3&v4 InspurYingxinNF5170M4
OracleLinuxUnbreakableEnterpriseKernelCryptographicModuleSecurityPolicy Page16of30
OperatingEnvironment Processor HardwareOracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®E5-2600v3 InspurYingxinNF5180M4OracleLinux6.964-bit Intel®Xeon®ScalableProcessors InspurYingxinNF5180M5OracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®E5-2600v3&v4 InspurYingxinNF5240M4OracleLinux6.964-bit Intel®Xeon®E5-2600v2 InspurYingxinNF5270M3OracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®E5-2600v3&v4 InspurYingxinNF5270M4OracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®E5-2600v3&v4 InspurYingxinNF5280M4OracleLinux6.964-bit Intel®Xeon®ScalableProcessors InspurYingxinNF5280M5OracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®E5-2600v3&v4 InspurYingxinNF5460M4OracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®E7-4800v3&v4/E7-
8800v3&v4InspurYingxinNX8480M4
OracleLinux6.964-bit Intel®Xeon®E5-2600v4 LenovoSystemx3650M5OracleLinux6.964-bit Intel®Xeon®E7-4800v4/E7-8800v4 LenovoSystemx3850X6OracleLinux7.364-bit Intel®Xeon®Scalable
8100/6100/5100/4100/3100Processors
LenovoThinkSystemSD530
OracleLinux7.364-bit Intel®Xeon®Scalable8100/6100/5100/4100/3100Processors
LenovoThinkSystemSN550
OracleLinux7.364-bit Intel®Xeon®Scalable8100/6100/5100Processors
LenovoThinkSystemSN850
OracleLinux7.364-bit Intel®Xeon®Scalable8100/6100/5100Processors
LenovoThinkSystemSR850
OracleLinux7.364-bit Intel®Xeon®Scalable8100/6100/5100Processors
LenovoThinkSystemSR860
OracleLinux7.364-bit Intel®Xeon®Scalable8100/6100/5100Processors
LenovoThinkSystemSR950
OracleLinux7.364-bit Intel®Xeon®E7-4800v4/E7-8800v4 NECExpress5800/A1040dOracleLinux7.364-bit Intel®Xeon®E7-4800v4/E7-8800v4 NECExpress5800/A2010dOracleLinux7.364-bit Intel®Xeon®E7-4800v4/E7-8800v4 NECExpress5800/A2020dOracleLinux7.364-bit Intel®Xeon®E7-4800v4/E7-8800v4 NECExpress5800/A2040dOracleLinux6.964-bit Intel®Xeon®E5-4800v4/E7-8800v4 NECExpress5800/R120g-1MOracleLinux6.964-bit Intel®Xeon®E5-2600v4 NECExpress5800/R120g-2MOracleLinux7.364-bit Intel®Xeon®E7-4800v4/E7-8800v4 NECNX7700x/A4010M-4OracleLinux7.364-bit Intel®Xeon®E7-4800v4/E7-8800v4 NECNX7700x/A4012L-1OracleLinux7.364-bit Intel®Xeon®E7-8800/4800v4 NECNX7700x/A4012L-1D OracleLinux7.364-bit Intel®Xeon®E7-4800v4/E7-8800v4 NECNX7700x/A4012L-2OracleLinux7.364-bit Intel®Xeon®E7-8800/4800v4 NECNX7700x/A4012L-2DOracleLinux7.364-bit Intel®Xeon®E7-4800v3/E7-8800v3 NECNX7700x/A4012M-4OracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®E5-2600v3 OracleNetraServerX5-2OracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®E5-2600v3 OracleServerX5-2OracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®E5-2600v3 OracleServerX5-2LOracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®E7-8800v3 OracleServerX5-4OracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®E7-8800v3 OracleServerX5-8OracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®E5-2600v4 OracleServerX6-2
OracleLinuxUnbreakableEnterpriseKernelCryptographicModuleSecurityPolicy Page17of30
OperatingEnvironment Processor HardwareOracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®E5-2600v4 OracleServerX6-2LOracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®E5-2600v4 OracleServerX6-2MOracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®Scalable
8100/6100/4100ProcessorsOracleServerX7-2
OracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®Scalable8100/6100/4100Processors
OracleServerX7-2L
OracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®Scalable8100/6100Processors
OracleServerX7-8
OracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®x7500-series OracleSunFireX4470OracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®x7500-series OracleSunFireX4800OracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®E7-8800 OracleSunServerX2-8OracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®E7-4800 OracleSunServerX2-4OracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®E5-2600 OracleSunServerX3-2OracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®E5-2600 OracleSunServerX3-2LOracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®E5-2600v2 OracleSunServerX4-2OracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®E5-2600v2 OracleSunServerX4-2LOracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®E7-8800v2 OracleSunServerX4-4OracleLinux6.964-bitandOracleLinux7.364-bit Intel®Xeon®E7-8800v2 OracleSunServerX4-8OracleLinux7.364-bit Intel®Xeon®E7-8800v3&v4 SGIUV300RLOracleLinux7.364-bit Intel®Xeon®E7-4800v4/E7-8800v3
&v4SGIUV300
OracleLinux7.364-bit AMDOpteron™6000 SugonA840-G10OracleLinux7.364-bit Intel®Xeon®E5-2600v3&v4 SugonCB50-G20OracleLinux7.364-bit AMDOpteron™6000 SugonCB85-G10OracleLinux7.364-bit Intel®Xeon®E5-2600v3&v4 SugonCB85-G10OracleLinux7.364-bit Intel®Xeon®E7-4800v2 SugonCB80-G20OracleLinux7.364-bit IntelXeonE7-8800/4800-v3Series SugonCB80-G25OracleLinux7.364-bit AMDOpteron™6300 SugonCB85-G10OracleLinux7.364-bit Intel®Xeon®6100,5100,4100,3100 SugonI420-G30OracleLinux7.364-bit Intel®Xeon®E5-2600v3 SugonI610-G20OracleLinux7.364-bit Intel®Xeon®E5-2600v3 SugonI620-G20OracleLinux7.364-bit Intel®Xeon®8100 SugonI620-G30OracleLinux7.364-bit Intel®Xeon®E7-4800v3&v4 SugonI840-G20OracleLinux7.364-bit Intel®Xeon®E7-4800v2 SugonI840-G25OracleLinux7.364-bit Intel®Xeon®E7-4800v2&v3/E7-
8800v2&v3SugonI980-G20
OracleLinux7.364-bit Intel®Xeon®E5-2600v3&v4 SugonTC4600TOracleLinux7.364-bit Intel®Xeon®E5-2600v3&v4 SupermicroSuperServerSYS-
6018U-TR4T+
Table7:VendorAffirmedOperatingEnvironmentCMVPmakesnostatementastothecorrectoperationofthemoduleorthesecuritystrengthsofthegeneratedkeyswhensoportedifthespecificoperationalenvironmentisnotlistedonthevalidationcertificate.
OracleLinuxUnbreakableEnterpriseKernelCryptographicModuleSecurityPolicy Page18of30
6.3 VendorAffirmedEnvironmentsTheoperatingsystemisrestrictedtoasingleoperator(concurrentoperatorsareexplicitlyexcluded).Theapplicationthatrequestcryptographicservicesisthesingleuserofthemodule,evenwhentheapplicationisservingmultipleclients.InFIPSApprovedmode,theptrace(2)systemcall,thedebugger(gdb(1)),andstrace(1)shallbenotused.
OracleLinuxUnbreakableEnterpriseKernelCryptographicModuleSecurityPolicy Page19of29
7. Roles,ServicesandAuthentication7.1 Roles
Therolesareimplicitlyassumedbytheentityaccessingthemoduleservices.Themodulesupportsthefollowingroles:• UserRole:performssymmetricencryption/decryption,keyedhash,messagedigest,randomnumbergeneration,showstatus,zeroization.• CryptoOfficerRole:performsthemoduleinstallationandconfiguration,module'sinitialization,self-tests.
7.2 FIPSApprovedOperatorServicesandDescriptions
ThebelowtableprovidesafulldescriptionofFIPSApprovedservicesprovidedbythemoduleandtherolesallowedtoinvokeeachservice.
U CO ServiceName ServiceDescription KeysandCSP(s) AccessType(s)X Symmetric
Encryption/DecryptionEncryptsordecryptsablockofdatausing3-KeyTriple-DESorAESinFIPSmode
AESor3-KeyTriple-DESKey
R,W,X
X KeyedHash(HMAC) SignandorauthenticatedatausingHMAC-SHA HMACKey R,W,XX Hash(SHS) Hashablockofdata. None N/AX RandomNumberGeneration GeneraterandomnumbersbasedontheNISTSP800-90A
StandardEntropyinputstringandseed
R,W,X
X AuthenticatedEncryption Encrypt-then-MACcipher(authenc)usedforIPsec AESkey,HMACkey R,W,XX ShowStatus Showstatusofthemodulestateviaverbosemode,exitcodes
andkernellogs(dmesg)None N/A
X Self-Test Initiateondemandpower-onself-testsbyrestartingthedevicewhichwillalsocleartheRAMmemory.
None N/A
X Zeroize Zeroizeallcriticalsecurityparameterswhenfreeingthecipherhandler
AllkeysandCSP’s Z
X ModuleInitialization InitializethemoduleintotheFIPSApprovedMode None N/A X InstallationandConfiguration Installandconfigurethemodule. None N/AX Errordetectioncode1 Errordetectioncodeusingcrc32c,crct10dif None N/AX Datacompression1 Performsdatacompressionusingdeflate,lz4,lz4hc,lzo,zlib None N/AR–Read,W–Write,X–Execute,Z–Zeroize
Table8:FIPSApprovedOperatorServicesandDescriptions1Thealgorithmsusedinthisservicedonotprovidecryptographicattribute.
OracleLinuxUnbreakableEnterpriseKernelCryptographicModuleSecurityPolicy Page20of29
7.3 Non-FIPSApprovedServicesandDescriptions
Thefollowingtableliststhenon-Approvedservicesavailableinnon-FIPSmode.U CO ServiceName ServiceDescription Keys AccessType(s)X Symmetric
Encryption/DecryptionEncryptsordecryptsusingnon-Approvedalgorithms AES-XTS(192-bitkey),DES,AES
GCMencryptionwithexternalIVoraesniimplementation
R,W,X
X RandomNumberGeneration
GenerationofrandomnumbersusingtheANSIX9.31PRNGorJitterRNG.
None N/A
X MessageDigest HashingusinghashfunctionsfromSHA-1mb None N/AX KeyedHash HMACKeys<112bits. HMACkeys<112bits. R,W,X
R–Read,W–Write,X–Execute,Z–Zeroize
Table9:Non-FIPSApprovedOperatorServicesandDescriptions
7.4 OperatorAuthentication
ThemoduleisaLevel1software-onlycryptographicmoduleanddoesnotimplementauthentication.Theroleisimplicitlyassumedbasedontheservicerequested.
OracleLinuxUnbreakableEnterpriseKernelCryptographicModuleSecurityPolicy Page21of30
8. KeyandCSPManagementThefollowingkeys,cryptographickeycomponentsandothercriticalsecurityparametersarecontainedinthemodule.
CSPName Generation Entry/Output Storage Zeroization
AESKeys(128,192,256bits) N/A TheKeyispassedintothemoduleviaAPIinputparameter
kernelmemory Memoryisautomaticallyoverwrittenbyzeroeswhenfreeingthecipherhandler
Triple-DESKeys(192bits) N/A TheKeyispassedintothemoduleviaAPIinputparameter
kernelmemory Memoryisautomaticallyoverwrittenbyzeroeswhenfreeingthecipherhandler
DRBGEntropyInputString ObtainedfromNDRNG N/A kernelmemory Memoryisautomaticallyoverwrittenbyzeroeswhenfreeingthecipherhandler
DRBGinternalstate(V,keyandCvalues
DerivedfromEntropyinputasdefinedinNISTSP800-90A
N/A kernelmemory Memoryisautomaticallyoverwrittenbyzeroeswhenfreeingthecipherhandler
HMACKey(≥112bits) N/A TheKeyispassedintothemoduleviaAPIinputparameter
kernelmemory Automaticallyzeroizedwhenfreeingthecipherhandle
Table10:CSPTable
8.1 RandomNumberGeneration
ThemoduleemploystheDeterministicRandomBitGenerator(DRBG)basedon[SP800-90A]fortherandomnumbergeneration.TheDRBGsupportstheHash_DRBG,HMAC_DRBGandCTR_DRBGmechanisms.TheDRBGisinitializedduringmoduleinitialization.ThemoduleloadsbydefaulttheDRBGusingHMACDRBGwithSHA-512withoutpredictionresistance.ToseedtheDRBG,themoduleusesaNon-DeterministicRandomNumberGenerator(NDRNG)astheentropysource.TheNDRNGisprovidedbytheLinuxRNGusinggetrandom()systemcall.TheNDRNGprovidesatleast130bitsofentropytotheDRBGduringinitialization(seed)andreseeding(reseed).ThemoduleperformscontinuousrandomnumbergeneratortestontheoutputofNDRNGtoensurethatconsecutiverandomnumbersdonotrepeat,andperformsDRBGhealthtestsasdefinedinsection11.3of[SP800-90A].ThemoduledoesnotprovideanykeygenerationserviceorperformkeygenerationforanyofitsApprovedalgorithms.KeysarepassedinfromcallingapplicationviaAPIparameters.CAVEAT:Themodulegeneratesrandomstringswhosestrengthsaremodifiedbyavailableentropy.
OracleLinuxUnbreakableEnterpriseKernelCryptographicModuleSecurityPolicy Page22of30
8.2 KeyEntry/OutputThekeysareprovidedtothemoduleviaAPIinputparametersinplaintextform.Thekeysarenottransmittedbeyondthephysicalboundary.Themoduledoesnotsupportmanualkeyentry.
8.3 Key/CSPStorageSymmetrickeysandHAMCkeysareprovidedtothemodulebythecallingprocess,andaredestroyedwhenreleasedbytheappropriateAPIfunctioncalls.Themoduledoesnotperformpersistentstorageofkeys.TheRSApublickeyusedforsignatureverificationisstoredaspartofthemoduleandreliesontheoperatingsystemforitsprotection..
8.4 Key/CSPZeroizationTheapplicationthatusesthemoduleisresponsibleforappropriatedestructionandzeroizationofthekeymaterial.Themoduleprovidesfunctionsforkeyallocationanddestruction.WhenacallingkernelcomponentscallstheappropriateAPIfunctionthatoperationoverwritesmemorywith0’sandthenfreesthatmemory.
OracleLinuxUnbreakableEnterpriseKernelCryptographicModuleSecurityPolicy
Page23of30
9. Self-TestsFIPS140-2requiresthattheModuleperformself-teststoensuretheintegrityoftheModuleandthecorrectness
ofthecryptographicfunctionalityatstartup.Inaddition,themoduleperformsconditionaltestforNDRNG.On
successfulcompletionofthepower-uptests,themoduleisoperationalandthecryptoservicesareavailable.A
failureofanyoftheself-testspanicstheModuleandnocryptooperationsarepossible.Theonlyrecoveryisto
rebootthemodule.Seesection10.3fordetails.
9.1 Power-UpSelf-TestsThemoduleperformspower-upself-testsatmoduleinitializationwithoutoperatorintervention.Whilethe
moduleisperformingthepower-uptests,servicesarenotavailableandinputoroutputisnotpossible.Theon-
demandpowerupself-testscanbeperformedbypowercyclingtheModuleorbyrebootingtheoperating
system.Thetablebelowsummarizesthepower-onself-testsperformedbythemodule.Iftheknownanswer
doesnotmatchthetestfails.ThedifferentimplementationsofthesamealgorithmslistedinTable2aretested
separatelybyperformingtheknown-answertestsusingthesametestvectors.
Algorithm Test
AES KAT,encryptionanddecryptionaretestedseparatelyforthemodesECB,CBC,CTR,
XTS,GCM,CCM
Triple-DES KAT,encryptionanddecryptionaretestedseparatelyforthemodesECB,CBC,CTR
SP800-90ACTR_DRBG KAT
SP800-90AHash_DRBG KAT
SP800-90AHMAC_DRBG KAT
HMAC (SHA-1,SHA-256,SHA-512)KAT
ModuleIntegritytest Performedbysha512hmacapplicationwithHMAC-SHA-512providedbyNSS
RSASignatureVerification2
Partoftheintegritytest(consideredasaKAT)
Table11:Power-OnSelf-Tests
9.1.1 IntegrityTests
Theintegrityofthestatickernelbinaryisperformedbysha512hmacapplicationusingHMAC-SHA-512.Atrun
time,themoduleinvokesthesha512hmacutilitytocalculatetheHMACvalueofthestatickernelbinaryfile
andthencomparesitwiththepre-storedHMACfilein/boot/.vmlinuz-$(uname-r).hmac.
Thesha512hmacapplicationperformsitsownintegritycheckbycalculatingtheHMACvalueofitsbinaryand
comparingittotheHMACvaluestoredinsha512hmac.hmac.TheHMAC-SHA-512algorithmisprovidedbythe
boundNSSmoduleandisKATtestedbeforetheNSSmodulemakesitselfavailabletothesha512hmac
application.
TheOracleLinuxUEKloadablecomponents(*.koreferencedinsection3.1)loadedintotheLinuxkernelduring
boottimearecheckedwiththeRSAsignatureverificationimplementationoftheLinuxkerneltoconfirmtheir
integrity.
2
TheRSAsignatureverificationisonlyusedaspartofintegritytestandisnotavailableasaservicefromthemodule.
OracleLinuxUnbreakableEnterpriseKernelCryptographicModuleSecurityPolicy
Page24of30
IftheHMACvaluesdonotmatchortheRSAsignatureverificationfailsthekernelpanicsindicatingerrorstate.
9.2 ConditionalSelf-TestsThemoduleperformsconditionaltestsonthecryptographicalgorithmsshowninthefollowingtable:
Algorithm TestNDRNG Themoduleperformsconditionalself-testsontheoutputofNDRNG.
Table12:ConditionalSelf-Tests
OracleLinuxUnbreakableEnterpriseKernelCryptographicModuleSecurityPolicy
Page25of30
10. Crypto-OfficerandUserGuidanceThissectionprovidesguidancefortheCryptographicOfficerandtheUsertomaintainproperuseofthemodule
perFIPS140-2requirements.
10.1 Crypto-OfficerGuidance
TooperatetheUEKmodule,theoperatingsystemmustberestrictedtoasingleoperatormodeofoperation.
(Thisshouldnotbeconfusedwithsingleusermodewhichisrunlevel1onOracleLinux.Thisreferstoprocesses
havingaccesstothesamecryptographicinstancewhichOracleLinuxensurescannothappenbythememory
managementhardware.)
10.1.1 SecureInstallationandStartup
CryptoOfficersusetheInstallationinstructionstoinstalltheModuleintheirenvironment.Theversionofthe
RPMcontainingtheFIPSvalidatedmoduleisstatedinsection3.1above.
TheRPMpackageoftheModulecanbeinstalledbystandardtoolsrecommendedfortheinstallationofOracle
packagesonanOracleLinuxsystem(forexample,yum,RPM,andtheRHNremotemanagementtool).The
integrityoftheRPMisautomaticallyverifiedduringtheinstallationoftheModuleandtheCryptoOfficershallnot
installtheRPMfileiftheOracleLinuxYumServerindicatesanintegrityerror.TheRPMfileslistedinsection3are
signedbyOracleandduringinstallation;Yumperformssignatureverificationwhichensuresassecuredeliveryof
thecryptographicmodule.IftheRPMpackagesaredownloadedmanually,thentheCOshouldrun‘rpm–K<rpm-
file-name>’commandafterimportingthebuilder’sGPGkeytoverifythepackagesignature.Inaddition,theCO
canalsoverifythehashoftheRPMpackagetoconfirmaproperdownload.
ToconfiguretheoperatingenvironmenttosupportFIPSperformthefollowingsteps:
1. Installthedracut-fipspackage:#yuminstalldracut-fips
2. RecreatetheINITRAMFSimage:
#dracut-f
Afterregeneratingtheinitramfs,theCryptoOfficerhastoappendthefollowingstringtothekernelcommandline
bychangingthesettinginthebootloader:
fips=1
If/bootor/boot/efiresidesonaseparatepartition,thekernelparameterboot=<partitionof/bootor/boot/efi>
mustbesupplied.Thepartitioncanbeidentifiedwiththecommand"df/boot"or"df/boot/efi"respectively.For
example:
$df/boot
Filesystem 1K-blocks Used Available Use Mountedon
/dev/sda1 233191 30454 190296 14% /boot
Thepartitionof/bootislocatedon/dev/sda1inthisexample.Therefore,thefollowingstringneedstobe
appendedtothekernelcommandline:
boot=/dev/sda1
Reboottoapplythesesettings.
OracleLinuxUnbreakableEnterpriseKernelCryptographicModuleSecurityPolicy
Page26of30
10.1.2 FIPS140-2andAESNISupport
AccordingtotheUEKFIPS140-2SecurityPolicy,theUEKmodulesupportstheAES-NIIntelprocessorinstruction
setasanapprovedcipher.TheAES-NIinstructionsetisusedbytheModule.
IncaseyouconfiguredafulldiskencryptionusingAESXTSmode,youmayusetheAES-NIsupportforahigherperformancecomparedtothesoftware-onlyimplementation.
ToutilizetheAES-NIsupport,thementionedModulemustbeloadedduringboottimebyinstallingaplugin.
Beforeyouinstalltheplugin,youMUSTverifythatyourprocessorofferstheAES-NIinstructionsetbycalling
thefollowingcommand:
cat/proc/cpuinfo|grepaes
Ifthecommandreturnsalistofproperties,includingthe“aes”string,yourCPUprovidestheAES-NIinstruction
set.Ifthecommandreturnsnothing,AES-NIisnotsupported.
YouMUSTNOTinstallthefollowingpluginifyourCPUdoesnotsupportAES-NIbecausethekernelwillpanic
duringboot.
ThesupportfortheAES-NIinstructionsetduringboottimeisenabledbyinstallingthefollowingplugin(make
surethattheversionofthepluginRPMmatchestheversionoftheinstalledRPMs!):
#installthedracut-fips-aesnipackage
yuminstalldracut-fips-aesni-*
#recreatetheinitramfsimage
dracut–f
Thechangescomeintoeffectduringthenextreboot.
10.2 UserGuidance
CTRandRFC3686modemustonlybeusedforIPsec.Itmustnotbeusedotherwise.
TherearethreeimplementationsofAES:aes-generic,aesni-intel,andaes-asmonx86_64machines.The
additionalspecificimplementationsofAESforthex86architecturearedisallowedandnotavailableonthetest
platforms.
WhenusingtheModule,theusershallutilizetheOracleLinuxUEKprovidedmemoryallocationmechanisms.In
addition,theusershallnotusethefunctioncopy_to_user()onanyportionofthedatastructuresusedto
communicatewiththeOracleLinuxUEK.
OnlythecryptographicmechanismsprovidedwiththeOracleLinuxUEKareconsideredforuse.TheNSSbound
module,althoughused,isonlyconsideredtosupporttheintegrityverificationandisnotintendedforgeneral-
purposeusewithrespecttothisModule.
10.2.1 AES-XTSUsage
TheXTSmodemustonlybeusedforthediskencryptionfunctionalityofferedbydm-crypt.
OracleLinuxUnbreakableEnterpriseKernelCryptographicModuleSecurityPolicy
Page27of30
10.2.2 AES-GCMUsage
TheGCMwithinternalIVgenerationinFIPSmodeisincompliancewithRFC4106andshallonlybeusedin
conjunctionwiththeIPsecstackofthekerneltobecompliantwithIGA.5.AnyotherusageofGCMwillbe
considerednon-Approved.Incasethemodule'spowerislostandthenrestored,thekeyusedfortheAESGCM
shallberedistributed.
10.2.3 Triple-DESUsageAccordingtoIGA.13,thesameTriple-DESkeyshallnotbeusedtoencryptmorethan2^1664-bitblocksofdata.
10.3 HandlingSelf-TestErrors
TheModuletransitiontoerrorstatewhenanyofself-testorconditionaltestfails.Inerrorstate,thekernelisin
panicstateandtheoperatingsystemwillnotload.Assuch,theoutputisinhibitedandnocryptooperationsare
availableintheerrorstate.Inordertorecoverfromtheerror,themoduleneedstorebooted.Ifthefailure
continues,themoduleneedstobereinstalled.
Thekerneldumpsself-testsuccessandfailuremessagesintothekernelmessageringbuffer.Postboot,the
messagesaremovedto/var/log/messages.Usedmesgtoreadthecontentsofthekernelringbuffer.Theformat
oftheringbuffer(dmesg)outputis:alg:self-testsfor%s(%s)passed
Typicalmessagesaresimilarto"alg:self-testsforhmac(sha1-generic)(hmac(sha1))passed"foreachalgorithm
type.
OracleLinuxUnbreakableEnterpriseKernelCryptographicModuleSecurityPolicy
Page28of30
11. MitigationofOtherAttacks
Themoduledoesnotclaimtomitigateagainstanyattacks.
OracleLinuxUnbreakableEnterpriseKernelCryptographicModuleSecurityPolicy
Page29of30
Acronyms,TermsandAbbreviations
Term DefinitionAES AdvancedEncryptionStandard
CAVP CryptographicAlgorithmValidationProgram
CMVP CryptographicModuleValidationProgram
CSE CommunicationsSecurityEstablishment
CSP CriticalSecurityParameter
DH Diffie-Hellman
DHE Diffie-HellmanEphemeral
DRBG DeterministicRandomBitGenerator
ECDH EllipticCurveDiffie-Hellman
ECDSA EllipticCurveDigitalSignatureAlgorithm
EDC ErrorDetectionCode
HMAC (Keyed)HashMessageAuthenticationCode
IKE InternetKeyExchange
KAT KnownAnswerTest
KDF KeyDerivationFunction
NIST NationalInstituteofStandardsandTechnology
PAA ProcessorAlgorithmAcceleration
PBKDF PasswordBasedKeyDerivationFunction
POST PowerOnSelfTest
PR PredictionResistance
PSS ProbabilisticSignatureScheme
PUB Publication
SHA SecureHashAlgorithm
Table13:Acronyms
OracleLinuxUnbreakableEnterpriseKernelCryptographicModuleSecurityPolicy
Page30of30
References
TheFIPS140-2standard,andinformationontheCMVP,canbefoundat
http://csrc.nist.gov/groups/STM/cmvp/index.html.Moreinformationdescribingthemodulecanbefoundonthe
Oraclewebsiteathttps://www.oracle.com/technetwork/server-storage/linux/technologies/uek-overview-
2043074.html
ThisSecurityPolicycontainsnon-proprietaryinformation.AllotherdocumentationsubmittedforFIPS140-2
conformancetestingandvalidationis“Oracle-Proprietary”andisreleasableonlyunderappropriatenon-
disclosureagreements.
Document Author TitleFIPSPUB140-2 NIST FIPSPUB140-2:SecurityRequirementsforCryptographicModules
FIPSIG NIST ImplementationGuidanceforFIPSPUB140-2andtheCryptographic
ModuleValidationProgram
FIPSPUB140-2
AnnexA
NIST FIPS140-2AnnexA:ApprovedSecurityFunctions
FIPSPUB140-2
AnnexB
NIST FIPS140-2AnnexB:ApprovedProtectionProfiles
FIPSPUB140-2
AnnexC
NIST FIPS140-2AnnexC:ApprovedRandomNumberGenerators
FIPSPUB140-2
AnnexD
NIST FIPS140-2AnnexD:ApprovedKeyEstablishmentTechniques
DTRforFIPSPUB
140-2
NIST DerivedTestRequirements(DTR)forFIPSPUB140-2,Security
RequirementsforCryptographicModules
NISTSP800-67 NIST RecommendationfortheTripleDataEncryptionAlgorithmTDEABlock
Cypher
FIPSPUB197 NIST AdvancedEncryptionStandard
FIPSPUB198-1 NIST TheKeyedHashMessageAuthenticationCode(HMAC)
FIPSPUB186-4 NIST DigitalSignatureStandard(DSS)
FIPSPUB180-4 NIST SecureHashStandard(SHS)
NISTSP800-131A NIST RecommendationfortheTransitioningofCryptographicAlgorithmsand
KeySizes
PKCS#1 RSALaboratories PKCS#1v2.1:RSACryptographicStandard
Table14:References