| intCertNum |
1933 |
| strVendorName |
Red Hat, Inc. |
| strURL |
http://www.redhat.com |
| strAddress1 |
314 Littleton Road |
| strAddress2 |
|
| strAddress3 |
|
| strCity |
Westford |
| strStateProv |
MA |
| strPostalCode |
01886 |
| strCountry |
01886 |
| strContact |
Ann-Marie Rubin |
| strEmail |
arubin@redhat.com |
| strPhone |
978-392-1000 |
| strFax |
978-392-1001 |
| strContact2 |
|
| strEmail2 |
|
| strFax2 |
|
| strPhone2 |
|
| intCertNum |
1933 |
| strModuleName |
Red Hat Enterprise Linux 6.2 dm-crypt Cryptographic Module |
| strPartNumber |
Software Version: 2.0 |
| memModuleNotes |
When operated in FIPS mode with Red Hat Enterprise Linux 6.2 OpenSSL Cryptographic Module validated to FIPS 140-2 under Cert. #1758, Red Hat Enterprise Linux 6.2 Kernel Crypto API Cryptographic Module validated to FIPS 140-2 under Cert. #1901, Red Hat Enterprise Linux 6.2 Libgcrypt Cryptographic Module validated to FIPS 140-2 under Cert. #1757 and NSS Cryptographic Module validated to FIPS 140-2 under Cert. #1837, each module shall be obtained, installed, and initialized as specified in Section 9.1 of the provided Security Policy. Section 1 of the provided Security Policies specifies the precise RPM file containing each module. The integrity of the RPM is automatically verified during the installation and the Crypto officer shall not install the RPM file if the RPM tool indicates an integrity error. Any deviation from the specified verification, installation and initialization procedures will result in a non FIPS 140-2 compliant module |
| str140Version |
140-2 |
| _sp_ |
Security Policy [pdf][html][txt] |
| _cert_ |
Certificate [pdf] |
| strPURL |
|
| strModuleType |
Software |
| strValidationDate |
04/15/2013 |
| intOverallLevel |
1 |
| memIndividualLevelNotes |
;;-Operational Environment: Tested as meeting Level 1 with Red Hat Enterprise Linux 6.2 without PAA running on HP ProLiant DL585; Red Hat Enterprise Linux 6.2 with PAA running on IBM HS22; Red Hat Enterprise Linux 6.2 without PAA running on IBM HS22 (single-user mode) |
| strFIPSAlgorithms |
AES (Certs. #1968, #1969, #1970, #1971 and #1972);
Triple-DES (Certs. #1278 and #1279);
SHS (Certs. #1657, #1658, #1659, #1660, #1661, #1662, #1663, #1664, #1725, #1726, #1741 and #1742);
HMAC (Certs. #1128, #1129, #1130, #1131, #1132, #1133, #1134, #1135, #1199 and #1200);
RNG (Certs. #988, #991, #992 and #993);
DSA (Certs. #628, #629, #634 and #635);
PBKDF (vendor affirmed) |
| strOtherAlgorithms |
DES;
AES-CTR (non-compliant);
AES-XTS (non-compliant);
AES-CBC (non-compliant) |
| strConfiguration |
Multi-chip standalone |
| memModuleDescription |
Device-mapper is an infrastructure in the Linux kernel that provides a generic way to create virtual layers of block devices on top of real block devices. dm-crypt is a device-mapper target that provides transparent encryption of block devices using the Kernel Crypto API shipped with RHEL 6.2. The user can specify one of the symmetric ciphers, a key (of any allowed size), an IV generation mode which allows the user to create a new block device in /dev. Writes to this device will be encrypted and reads decrypted transparent to the user. |
| intModuleCount |
1 |
| memAdditionalNotes |
|
| strFirstValidtionDate |
04/15/13 00:00:00 |
| strLabName |
atsec |
| strValidationYear |
2013 |
|