Why the libreswan package is going through its own FIPS certification if all crypto used by libreswan is done with nss.

Solution Verified - Updated -

Issue

  • We see libreswan and NSS for RHEL 7.1 being referenced here

  • What crypto code (algorithms or protocols) is being evaluated as part of "Red Hat Enterprise Linux 7.1 Libreswan Cryptographic Module" ?

  • I searched all binaries in libreswan packaging and did 'ldd' on all of them in /usr/libexec/ipsec/* and I can't find any libraries referenced from the libreswan package.

  • What 'Cryptographic modules' are included in Libreswan that are not included in existing nss and nss-softokn/nss-softoknfreebl ?

Environment

  • Red Hat Enterprise Linux (RHEL) 7

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content