Component Validation List

Last Update: 10/31/2014

NOTICE: The SP800-131A Transitions: Recommendation for Transitioning the Use of Cryptographic Algorithms and Key Lengths goes into effect January 1, 2014. Key lengths (modulus and curve sizes) providing less than 112 bits of security strength are no longer approved to generate digital signatures. Therefore, the modulus size 1024 and the curve sizes P-192, K-163 and B-163 have been removed. The SP800-131A document also disallows the use of SHA-1 with Digital Signature Generation beginning January 1, 2014. All of the non-compliant features of the Components validation have been moved to a Historical Components Validation List for reference.

A note and link to the Historical validation list have been added to validations containing non-compliant features that have been moved to the Historical Validation List. This note is displayed in red print. If a complete validation has become non-compliant, the complete validation entry is displayed in red to signify it is now non-compliant and therefore revoked.

Overview

This page provides technical information pertaining to the testing of individual components of FIPS approved and NIST recommended cryptographic algorithms. These components are validated as conforming to the specifications in the associated publication. The testing that is performed on the component is described in the associated validation system (VS) document. The testing is handled by NVLAP- accredited Cryptographic And Security Testing (CST) Laboratories.

The implementations below consist of software, firmware, hardware, and any combination thereof. The National Institute of Standards and Technology (NIST) has made every attempt to provide complete and accurate information about the components described in this document. However, due to the possibility of changes made within individual companies, NIST cannot guarantee that this document reflects the current status of each component. It is the responsibility of the vendor to notify NIST of any necessary changes to its entry in the following list.

In addition to a general description of each component implementation, this list mentions the features that were tested as conforming to the appropriate publication. These features are described in the specific legend for each individual component and are listed below for each validation. Select the legend below for detail on the testing of that component.

Legends for Description Field for the Following Component

This list is ordered in reverse numerical order, by validation number. Thus, the more recent validations are located closer to the top of the list. The column after the Validation Date column contains information indicating what modes and features for these modes has been successfully tested.

Validated Component Implementations

Validation
No.
Component
Validated
Associated
Publication
Vendor Implementation Operational Environment Val.
Date
Description/Notes
373
Section 5.5, TPM
SP800-135
Nuvoton Technology Corporation
No. 4, Creation Rd. III
Hsinchu Science Park, n/a 300
Taiwan, R.O.C.

-Rachel Menda-Shabat
TEL: +972-9-9702000
FAX: +972-9-9702001

-Leonid Azriel
TEL: +972-9-9702000
FAX: +972-9-9702001

Nuvoton NPCT6xx TPM 1.2

Part # FB5C85D
N/A 10/31/2014 TPM SHA1 Val#2554 HMAC_SHA1 Val#1938

"Nuvoton TPM (Trusted Platform Module), a TCG 1.2 compliant security processor with embedded firmware"

372
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
OpenSSL Software Foundation, Inc.
1829 Mount Ephraim Road
Adamstown, MD 27101
USA

-Steve Marquess
TEL: 877-673-6775

OpenSSL FIPS Object Module

Version 2.0.9
Apple A7 (ARMv8) with NEON w/ Apple iOS 7.1 64-bit; Apple A7 (ARMv8) without NEON w/ Apple iOS 7.1 64-bit 10/31/2014 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"The OpenSSL FIPS Object Module is a full featured general purpose cryptographic library that is distributed in source code form under an open source license. It can be downloaded from www.openssl.org/source/."

371
Section 4.2,
TLS
SP800-135
Red Hat
100 East Davie Street
Raleigh, NC 27601
USA

-Ann-Marie Rubin

Red Hat NSS Softoken (64 bit)

Version 3.14.3-17.el6
Intel x86 w/ Red Hat Enterprise Linux 6.6 10/31/2014 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 ) ) SHA Val#2552 HMAC Val#1936

"User space library providing general cryptographic services used by the NSS cryptographic library. The module was tested with 64bit word size on IBM hardware."

370
Section 4.2,
TLS
SP800-135
Red Hat
100 East Davie Street
Raleigh, NC 27601
USA

-Ann-Marie Rubin

Red Hat NSS Softoken (32 bit)

Version 3.14.3-17.el6
Intel x86 w/ Red Hat Enterprise Linux 6.6 10/31/2014 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 ) ) SHA Val#2551 HMAC Val#1935

"User space library providing general cryptographic services used by the NSS cryptographic library. The module was tested with 64bit word size on IBM hardware."

369
Section 4.2,
TLS
SP800-135
Red Hat
100 East Davie Street
Raleigh, NC 27601
USA

-Ann-Marie Rubin

Red Hat NSS Softoken (64 bit)

Version 3.14.3-17.el6
Intel x86 w/ Red Hat Enterprise Linux 6.6 10/31/2014 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 ) ) SHA Val#2550 HMAC Val#1934

"User space library providing general cryptographic services used by the NSS cryptographic library. The module was tested with 64bit word size on HP hardware."

368
Section 4.2,
TLS
SP800-135
Red Hat
100 East Davie Street
Raleigh, NC 27601
USA

-Ann-Marie Rubin

Red Hat NSS Softoken (32 bit)

Version 3.14.3-17.el6
Intel x86 w/ Red Hat Enterprise Linux 6.6 10/31/2014 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 ) ) SHA Val#2549 HMAC Val#1933

"User space library providing general cryptographic services used by the NSS cryptographic library. The module was tested with 64bit word size on HP hardware."

367
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Certicom Corp.
4701 Tahoe Blvd, Building A
Mississauga, ON L4W 0B5
Canada

-Randy Tsang
TEL: 1-289-261-4189
FAX: 1-905-507-4230

-Ian Laidlaw
TEL: 1-289-261-4277
FAX: 1-905-507-4230

Security Builder® FIPS Core

Version 6.0.2.1
Intel Core i7-2720QM w/ AES-NI w/ Windows 7 Enterprise 64-bit; ARMv7 w/ Windows Phone 8.0; ARMv7 w/ Android 4.4.2; Intel Atom CPU Z2460 w/ Android 4.0.4; ARMv7 w/ iOS version 6.1.4 10/16/2014 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571

"Security Builder® FIPS Core provides application developers with cryptographics tools to easily integrate encryption, digital signatures and other security mechanisms into C-based apps for FIPS 140-2 and Suite B security. It can also be used with Certicom''s PKI, IPSec SSL and DRM modules."

366
Section 5.7.1.2: ECC CDH Primitive
LG Electronics Inc.
20 Yoido-dong
Youngdungpo-gu
Seoul, n/a 152-721
Republic of Korea

-Joonwoong Kim
TEL: 82 10 2207 1919
FAX: 82 2 6950 2080

OpenSSL Cryptographic Library

Version 1.0.1e
Qualcomm Snapdragon 800 w/ Android 4.4.2 10/16/2014 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"General-purpose cryptographic services available for Android used by LG devices to provide secured services to applications via the OpenSSL FIPS Object Module, which is a full featured general purpose cryptographic library."

365
Section 4.2,
TLS
SP800-135
Doremi Labs
1020 Chestnut Street
Burbank, CA 91506
USA

-Jean-Philippe Viollet
TEL: (818)562-1101
FAX: (818)562-1109

-Camille Rizko
TEL: (818)562-1101
FAX: (818)562-1109

Power PC TLS KDF

Version 1.4 (Firmware)
Part # PPC405EX-SSD600T
Power PC 9/26/2014 TLS( TLS1.0/1.1 ) SHA Val#2500 HMAC Val#1896

"An Implementation of TLS KDF used in Doremi Labs'' Media Blocks"

364
Section 4.1.1,
IKEv1
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Hewlett-Packard Company
153 Taylor Street
Littleton, MA 01460
USA

-Bob Pittman
TEL: 1-978-264-5211
FAX: 1-978-264-5522

HP Comware

Version ComwareV7.1-R1005 (Firmware)
Broadcom XLP316, 1.2GHz, MIPS 9/19/2014 IKEv1( AUTH( DSA , PSK ) ) ( 2048 (SHA 1 , 256 ) ) SHA Val#2510 HMAC Val#1895
TLS( TLS1.0/1.1 ) SHA Val#2510 HMAC Val#1895
SSH (SHA 1 ) SHA Val#2510
SNMP SHA1 Val#2510

"Comware cryptographic library is a software library that provides cryptographic functions within HP devices."

363
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

Brocade FIPS Crypto Library

Version v7.2.1_hil (Firmware)
AMCC PPC 440EPX 9/12/2014 Curves tested: P-256   P-384   P-521

"Brocade cryptographic library is used in Brocade FOS based switches to implement the cryptographic related modules."

362
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

Brocade ICX 7450

Version BRCD-IP-CRYPTO-VER-2.0 (Firmware)
Dual-core ARM Cortex A9 1Ghz 9/12/2014 TLS( TLS1.0/1.1 ) SHA Val#2505 HMAC Val#1890
SSH (SHA 1 ) SHA Val#2505

"The Brocade Cryptographic library used in Brocade IP products implements crypto operations in software. Brocade ICX7450 switches deliver enterprise-class stackable switching at an entry-level price."

361
Section 5.2, SSH
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-8000
FAX: 408-333-8101

Brocade Vyatta Network OS OpenSSL Cryptographic Module

Version 1.0
Intel Xeon Processor E5-2680 v2 (25 M Cache, 2.80 GHz) w/ Brocade Vyatta Network OS 9/12/2014 SSH (SHA 1 , 224 , 256 , 384 , 512 ) SHA Val#2503

"Built for Network Functions Virtualixation (NFV), Brocade Vyatta 5650 and 5630 vRouters are the first virtual routers capable of providing advance routing in software without sacrificing the reliability and performance of hardware networking solutions."

360
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-8000
FAX: 408-333-8101

Brocade Vyatta Network OS OpenSSL Cryptographic Module

Version 1.0
Intel Xeon Processor E5-2680 v2 (25 M Cache, 2.80 GHz) w/ Brocade Vyatta Network OS 9/12/2014 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"Built for Network Functions Virtualixation (NFV), Brocade Vyatta 5650 and 5630 vRouters are the first virtual routers capable of providing advance routing in software without sacrificing the reliability and performance of hardware networking solutions."

359
Section 4.2,
TLS
SP800-135
ChaseSun Information Security Technology Development (Bejing)., Ltd.
North Building 13
Xindacheng Plaza
197# Guangzhou Road
Yuexiu District, Guangzhou 510075
China

-Peng Sun
TEL: +86-20-22387717
FAX: +86-20-22387717

CS100 Module Crypto Library

Version 1.0.0 (Firmware)
Freescale MCIMX53 9/12/2014 TLS( TLS1.0/1.1 ) SHA Val#2501 HMAC Val#1886

"CS100 Module Crypto Library implements the cryptographic algorithms such as AES, HMAC, SHA and RNG. The library provides cryptogrpahic finctionality to CS100 module."

358 N/A N/A N/A N/A N/A 9/12/2014 N/A
357
Section 4.1.1,
IKEv1
Section 4.2,
TLS
SP800-135
Ciena Corporation
7035 Ridge Road
Hanover, MD 21076
USA

-Patrick Scully
TEL: 613-670-3207

Ciena 6500 Packet-Optical Platform 4x10G Cryptography Engine

Version 1.10 (Firmware)
Xilinx XC7Z045 8/29/2014 IKEv1( AUTH( PKE ) ) ( 224 (SHA 1 , 256 ) ) ( 384 (SHA 1 , 256 ) ) ( 2048 (SHA 1 , 256 ) ) SHA Val#2493 HMAC Val#1880
TLS( TLS1.2 (SHA 256 , 512 ) ) SHA Val#2493 HMAC Val#1880

"The Ciena 6500 Packet-Optical Platform 4x10G Encryption OTR offers an integrated transport encryption solution providing a protocol-agnostic wirespeed encryption service for use in small to large enterprises or datacenters and also offered through service providers as a differentiated managed service."

356
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Exar Corporation
48720 Kato Road
Fremont, CA 94538
USA

-Larry Hu
TEL: 510-668-7145
FAX: 510-668-7028

-Bin Wu
TEL: 86-13777873933
FAX: 86-571-88156615

Exar XR92xx series die

Part # XR9240
N/A 8/28/2014 RSASP1: (Mod2048: PKCS1.5 )

"The XR92xx provides hardware acceleration of compression, encryption and authentication algorithms including gzip/zlib/Deflate, LZS/eLZS, AES, 3DES, RC4, SHA, HMAC, GMAC and public key algorithms such as DSA, DH, RSA, ECDSA, ECDH and is designed to optimize SSL/IPsec/SRTP packet processing."

355
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
McAfee, Inc.
2821 Mission College Blvd.
Santa Clara, CA 95054
USA

-Klaus Majewski
TEL: +358-40-824-7908

-Jorma Levomäki
TEL: +358-9-476711

McAfee NGFW Cryptographic Library Module (320)

Version 2.0
Intel Atom Processor D525 w/ GNU / Linux (Debian) 6.0 -based distribution 8/28/2014 Curves tested: P-224   P-256   P-384   P-521

"McAfee NGFW Cryptographic Library is a software module that provides cryptographic services required by the McAfee NGFW product."

354
All of SP800-56A EXCEPT KDF
SP800-56A
McAfee, Inc.
2821 Mission College Blvd.
Santa Clara, CA 95054
USA

-Klaus Majewski
TEL: +358-40-824-7908

-Jorma Levomäki
TEL: +358-9-476711

McAfee NGFW Cryptographic Library Module (320)

Version 2.0
Intel Atom Processor D525 w/ GNU / Linux (Debian) 6.0 -based distribution 8/28/2014 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: Full Validation )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB DSA Val#883 SHS Val#2487 DRBG Val#556
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 ECDSA Val#542 SHS Val#2487 DRBG Val#556

"McAfee NGFW Cryptographic Library is a software module that provides cryptographic services required by the McAfee NGFW product."

353
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
McAfee, Inc.
2821 Mission College Blvd.
Santa Clara, CA 95054
USA

-Klaus Majewski
TEL: +358-40-824-7908

-Jorma Levomäki
TEL: +358-9-476711

McAfee NGFW Cryptographic Library (1035)

Version 2.0
Intel Celeron Processor 725c with AES-NI w/ GNU / Linux (Debian) 6.0 -based distribution 8/28/2014 Curves tested: P-224   P-256   P-384   P-521

"McAfee NGFW Cryptographic Library is a software module that provides cryptographic services required by the McAfee NGFW product."

352
All of SP800-56A EXCEPT KDF
SP800-56A
McAfee, Inc.
2821 Mission College Blvd.
Santa Clara, CA 95054
USA

-Klaus Majewski
TEL: +358-40-824-7908

-Jorma Levomäki
TEL: +358-9-476711

McAfee NGFW Cryptographic Library (1035)

Version 2.0
Intel Celeron Processor 725c with AES-NI w/ GNU / Linux (Debian) 6.0 -based distribution 8/28/2014 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: Full Validation )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC DSA Val#882 SHS Val#2486 DRBG Val#555
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 ECDSA Val#541 SHS Val#2486 DRBG Val#555

"McAfee NGFW Cryptographic Library is a software module that provides cryptographic services required by the McAfee NGFW product."

351
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
McAfee, Inc.
2821 Mission College Blvd.
Santa Clara, CA 95054
USA

-Klaus Majewski
TEL: +358-40-824-7908

-Jorma Levomäki
TEL: +358-9-476711

McAfee NGFW Cryptographic Library Module (1065)

Version 2.0
Intel Core i3-2115c with AES-NI w/ GNU / Linux (Debian) 6.0 -based distribution 8/28/2014 Curves tested: P-224   P-256   P-384   P-521

"McAfee NGFW Cryptographic Library is a software module that provides cryptographic services required by the McAfee NGFW product."

350
All of SP800-56A EXCEPT KDF
SP800-56A
McAfee, Inc.
2821 Mission College Blvd.
Santa Clara, CA 95054
USA

-Klaus Majewski
TEL: +358-40-824-7908

-Jorma Levomäki
TEL: +358-9-476711

McAfee NGFW Cryptographic Library Module (1065)

Version 2.0
Intel Core i3-2115c with AES-NI w/ GNU / Linux (Debian) 6.0 -based distribution 8/28/2014 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: Full Validation )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC DSA Val#881 SHS Val#2485 DRBG Val#554
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 ECDSA Val#540 SHS Val#2485 DRBG Val#554

"McAfee NGFW Cryptographic Library is a software module that provides cryptographic services required by the McAfee NGFW product."

349
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
McAfee, Inc.
2821 Mission College Blvd.
Santa Clara, CA 95054
USA

-Klaus Majewski
TEL: +358-40-824-7908

-Jorma Levomäki
TEL: +358-9-476711

McAfee NGFW Cryptographic Library Module (1402)

Version 2.0
Intel Xeon Processor E5-1650v2 with AES-NI w/ GNU / Linux (Debian) 6.0 -based distribution 8/28/2014 Curves tested: P-224   P-256   P-384   P-521

"McAfee NGFW Cryptographic Library is a software module that provides cryptographic services required by the McAfee NGFW product."

348
All of SP800-56A EXCEPT KDF
SP800-56A
McAfee, Inc.
2821 Mission College Blvd.
Santa Clara, CA 95054
USA

-Klaus Majewski
TEL: +358-40-824-7908

-Jorma Levomäki
TEL: +358-9-476711

McAfee NGFW Cryptographic Library Module (1402)

Version 2.0
Intel Xeon Processor E5-1650v2 with AES-NI w/ GNU / Linux (Debian) 6.0 -based distribution 8/28/2014 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: Full Validation )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC DSA Val#880 SHS Val#2484 DRBG Val#553
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 ECDSA Val#539 SHS Val#2484 DRBG Val#553

"McAfee NGFW Cryptographic Library is a software module that provides cryptographic services required by the McAfee NGFW product."

347
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
McAfee, Inc.
2821 Mission College Blvd.
Santa Clara, CA 95054
USA

-Klaus Majewski
TEL: +358-40-824-7908

-Jorma Levomäki
TEL: +358-9-476711

McAfee NGFW Cryptographic Library Module (3202)

Version 2.0
Intel Xeon Processor E5-2660 with AES-NI w/ GNU / Linux (Debian) 6.0 -based distribution 8/28/2014 Curves tested: P-224   P-256   P-384   P-521

"McAfee NGFW Cryptographic Library is a software module that provides cryptographic services required by the McAfee NGFW product."

346
All of SP800-56A EXCEPT KDF
SP800-56A
McAfee, Inc.
2821 Mission College Blvd.
Santa Clara, CA 95054
USA

-Klaus Majewski
TEL: +358-40-824-7908

-Jorma Levomäki
TEL: +358-9-476711

McAfee NGFW Cryptographic Library Module (3202)

Version 2.0
Intel Xeon Processor E5-2660 with AES-NI w/ GNU / Linux (Debian) 6.0 -based distribution 8/28/2014 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: Full Validation )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC DSA Val#879 SHS Val#2483 DRBG Val#552
ECC:
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 ECDSA Val#538 SHS Val#2483 DRBG Val#552

"McAfee NGFW Cryptographic Library is a software module that provides cryptographic services required by the McAfee NGFW product."

345
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
McAfee, Inc.
2821 Mission College Blvd.
Santa Clara, CA 95054
USA

-Klaus Majewski
TEL: +358-40-824-7908

-Jorma Levomäki
TEL: +358-9-476711

McAfee NGFW Cryptographic Library Module (3206)

Version 2.0
Intel Xeon Processor E5-2680 with AES-NI w/ GNU / Linux (Debian) 6.0 -based distribution 8/28/2014 Curves tested: P-224   P-256   P-384   P-521

"McAfee NGFW Cryptographic Library is a software module that provides cryptographic services required by the McAfee NGFW product."

344
All of SP800-56A EXCEPT KDF
SP800-56A
McAfee, Inc.
2821 Mission College Blvd.
Santa Clara, CA 95054
USA

-Klaus Majewski
TEL: +358-40-824-7908

-Jorma Levomäki
TEL: +358-9-476711

McAfee NGFW Cryptographic Library Module (3206)

Version 2.0
Intel Xeon Processor E5-2680 with AES-NI w/ GNU / Linux (Debian) 6.0 -based distribution 8/28/2014 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: Full Validation )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC DSA Val#878 SHS Val#2482 DRBG Val#550
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 ECDSA Val#537 SHS Val#2482 DRBG Val#550

"McAfee NGFW Cryptographic Library is a software module that provides cryptographic services required by the McAfee NGFW product."

343
Section 4.1.1,
IKEv1
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Hewlett-Packard Company
153 Taylor Street
Littleton, MA 01460
USA

-Bob Pittman
TEL: 1-978-264-5211
FAX: 1-978-264-5522

HP Comware

Version Comware V7.1-R2311 (Firmware)
RMI(Netlogic) XLS408, 1.2GHz, MIPS 8/28/2014 IKEv1( AUTH( DSA , PSK ) ) ( 2048 (SHA 1 , 256 ) ) SHA Val#2481 HMAC Val#1868
TLS( TLS1.0/1.1 ) SHA Val#2481 HMAC Val#1868
SSH (SHA 1 ) SHA Val#2481
SNMP SHA1 Val#2481

"Comware cryptographic library is a software library that provides cryptographic functions within HP devices."

342
Section 4.1.1,
IKEv1
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Hewlett-Packard Company
153 Taylor Street
Littleton, MA 01460
USA

-Bob Pittman
TEL: 1-978-264-5211
FAX: 1-978-264-5522

HP Comware

Version Comware V7.1-R2111 (Firmware)
Broadcom XLP316, 1.2GHz, MIPS 8/28/2014 IKEv1( AUTH( DSA , PSK ) ) ( 2048 (SHA 1 , 256 ) ) SHA Val#2480 HMAC Val#1867
TLS( TLS1.0/1.1 ) SHA Val#2480 HMAC Val#1867
SSH (SHA 1 ) SHA Val#2480
SNMP SHA1 Val#2480

"Comware cryptographic library is a software library that provides cryptographic functions within HP devices."

341
Section 4.1.1,
IKEv1
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Hewlett-Packard Company
153 Taylor Street
Littleton, MA 01460
USA

-Bob Pittman
TEL: 1-978-264-5211
FAX: 1-978-264-5522

HP Comware

Version Comware V7.1-R2406 (Firmware)
Freescale P2020, 1.2GHz, PowerPC 8/28/2014 IKEv1( AUTH( DSA , PSK ) ) ( 2048 (SHA 1 , 256 ) ) SHA Val#2479 HMAC Val#1866
TLS( TLS1.0/1.1 ) SHA Val#2479 HMAC Val#1866
SSH (SHA 1 ) SHA Val#2479
SNMP SHA1 Val#2479

"Comware cryptographic library is a software library that provides cryptographic functions within HP devices."

340
Section 4.1.1,
IKEv1
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Hewlett-Packard Company
153 Taylor Street
Littleton, MA 01460
USA

-Bob Pittman
TEL: 1-978-264-5211
FAX: 1-978-264-5522

HP Comware

Version Comware V7.1-R7328 (Firmware)
Freescale MPC8548, 1.0GHz, PowerPC 8/28/2014 IKEv1( AUTH( DSA , PSK ) ) ( 2048 (SHA 1 , 256 ) ) SHA Val#2478 HMAC Val#1865
TLS( TLS1.0/1.1 ) SHA Val#2478 HMAC Val#1865
SSH (SHA 1 ) SHA Val#2478
SNMP SHA1 Val#2478

"Comware cryptographic library is a software library that provides cryptographic functions within HP devices."

339
Section 4.1.1,
IKEv1
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Hewlett-Packard Company
153 Taylor Street
Littleton, MA 01460
USA

-Bob Pittman
TEL: 1-978-264-5211
FAX: 1-978-264-5522

HP Comware with Hardware Accelerators

Version 5.2.109 (Firmware)
P1020, 880MHz, PowerPC; XLP432, 1.4GHz, MIPS; XLR732, 950Mhz, MIPS; XLS208, 750Mhz, MIPS 8/28/2014 IKEv1( AUTH( DSA , PSK ) ) ( 2048 (SHA 1 , 256 ) ) SHA Val#2476 HMAC Val#1864
TLS( TLS1.0/1.1 ) SHA Val#2476 HMAC Val#1864
SSH (SHA 1 ) SHA Val#2476
SNMP SHA1 Val#2476

"Comware cryptographic library is a software library that provides cryptographic functions within HP devices."

338
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

Brocade FIPS Crypto Library

Version NOS 5.0.0 (Firmware)
E 500 mc 8/28/2014 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#2473 HMAC Val#1861
SSH (SHA 1 , 224 , 256 , 384 , 512 ) SHA Val#2473

"Brocade cryptographic library is used in Brocade NOS based switches to implement the cryptographic related modules."

337
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

Brocade FIPS Crypto Library

Version NOS 5.0.0 (Firmware)
E 500 mc 8/28/2014 Curves tested: P-256   P-384   P-521

"Brocade cryptographic library is used in Brocade NOS based switches to implement the cryptographic related modules."

336 Oberthur Technologies
402 rue d’Estienne d’Orves
Colombes, n/a 92700
France

-GOYET Christophe
TEL: +1 703 322 8951

-BOUKYOUD Saïd
TEL: +33 1 78 14 72 58
FAX: +33 1 78 14 70 20

RSA on Cosmo V8

Version 07888.8 with 07846.9 (Firmware)
Part # 0F
ID-One PIV-C on Cosmo V8 ;  N/A 8/11/2014

"ID-One Cosmo V8 is a dual interface (ISO 7816 & ISO 14443) smartcard hardware platform compliant with Javacard 3.0.1 and GlobalPlatform 2.2.1 chip which supports RSA (including RSA-CRT) encrypt/decrypt and digital signature generation /verification with keys from 64 to 2048-bit by step of 32-bit."

335
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Microsemi Corporation
One Enterprise
Aliso Viejo, CA 92656
USA

-Richard Newell
TEL: +1 (408) 643-6146

Microsemi SoC Cryptographic Module Mark II

Version 1.1 (Firmware)
Mentor Graphics Questa Simulator 10.1c 8/11/2014 Curves tested: P-384

"The Microsemi SoC Cryptographic Module provides custom hardware/firmware acceleration of the standard cryptographic algorithms used in Microsemi FPGAs and SoC FPGAs like Igloo®2 and SmartFusion®2. They are used to securely configure the devices, and are also made available to the FPGA user via an internal bus interface for use in end applications."

334
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Pitney Bowes, Inc.
37 Executive Drive
Danbury, CT 06810
USA

-Dave Riley
TEL: 203-796-3208

libkas

Version 01.01.000A (Firmware)
Part # MAX32590 Rev B4
n/a 8/11/2014 Curves tested: P-256

"Pitney Bowes X4 HSM Cryptographic Module"

333
Section 4.2,
TLS
SP800-135
Digicine Oristar Technology Development (Beijing) Co., Ltd.
No.1 Di Sheng West Street, BDA
Da Xing District
Beijing, 100176
China

-Mr. Xiao, Liquin
TEL: +86-010-8712 9372
FAX: +86-010-87127010

-Dr. Sun, Xiaobin
TEL: +86-010-8712 9111
FAX: +86-010-87127010

Oristar IMB TLSKDF Core-S

Version 1.0.0 (Firmware)
RENESAS SH-4A 8/11/2014 TLS( TLS1.0/1.1 ) SHA Val#2470 HMAC Val#1859

"Oristar IMB TLSKDF Core-S is the firmware module for digital cinema system."

332
Section 4.2,
TLS
SP800-135
Blue Coat Systems, Inc.
420 N. Mary Avenue
Sunnyvale, California 94085-4121
USA

-Diana Robinson
TEL: +1 (845) 454-6397

-Tammy Green
TEL: +1 (801) 999-2973

Blue Coat SGOS TLS Library

Version 3.1.5 (Firmware)
Intel Xeon E5-2418L; Intel Xeon E5-2430; Intel Xeon E5-2658 8/11/2014 TLS( TLS1.0/1.1 ) SHA Val#2467 HMAC Val#1857

"The Blue Coat SGOS TLS Library provides the necessary SSL/TLS protocol support to a proprietary operating system (SGOS 6.5.2) developed specifically for use in Blue Coat''s ProxySG appliance line. ."

331
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
OpenSSL Software Foundation, Inc.
1829 Mount Ephraim Road
Adamstown, MD 27101
USA

-Steve Marquess
TEL: 877-673-6775

OpenSSL FIPS Object Module

Version 2.0.8
Xeon E5-2430L (x86) without AES-NI w/ FreeBSD 10.0; Xeon E5-2430L (x86) with AES-NI w/ FreeBSD 10.0; Intel Xeon E5440 (x86) 32-bit without AES-NI w/ FreeBSD 8.4; Intel Xeon E3-1220 (x86) without AES-NI w/ VMware Horizon Workspace 2.1 under vSphere; Intel Xeon E3-1220 (x86) with AES-NI w/ VMware Horizon Workspace 2.1 under vSphere; Freescale i.MX25 (ARMv4) w/ QNX 6.5 8/11/2014 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"The OpenSSL FIPS Object Module is a full featured general purpose cryptographic library that is distributed in source code form under an open source license. It can be downloaded from www.openssl.org/source/."

09/22/14: Added new tested information;
10/29/14: Added new tested information;

330
Section 4.1.1,
IKEv1
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Hewlett-Packard Company
153 Taylor Street
Littleton, MA 01460
USA

-Bob Pittman
TEL: 1-978-264-5211
FAX: 1-978-264-5522

HP Comware

Version Version 7.1.R0106 (Firmware)
Freescale P1021, 800Mhz, PowerPC; Cavium 6130, 1Ghz, MIPS; Cavium 6635, 1.3 Ghz, MIPS; Cavium 6218, 1Ghz, MIPS; Cavium 6740, 1Ghz, MIPS; Cavium 6760, 1Ghz, MIPS; Cavium 6880, 1.2Ghz, MIPS 7/31/2014 IKEv1( AUTH( DSA , PSK ) ) ( 2048 (SHA 1 ) ) SHA Val#2463 HMAC Val#1854
TLS( TLS1.0/1.1 ) SHA Val#2463 HMAC Val#1854
SSH (SHA 1 ) SHA Val#2463
SNMP SHA1 Val#2463

"Comware cryptographic library is a software library that provides cryptographic functions within HP devices."

329
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
Section 4.2,
TLS
SP800-135
Fortinet Inc.
899 Kifer Road
Sunnyvale, CA 94086
USA

-Alan Kaye
TEL: 613-225-9381
FAX: 613-225-2951

FortiClient FCCrypt Cryptolibrary v5.0

Version 5.0
Intel Core 2 Duo w/ Windows 7 Enterprise ;  N/A 7/31/2014 IKEv1( AUTH( DSA , PKE , PSK ) ) ( 2048 (SHA 1 , 256 ) ) ( 8192 (SHA 1 , 256 ) ) SHA Val#2451 HMAC Val#1842
IKEv2( ( 2048 (SHA 1 , 256 ) ) ( 8192 (SHA 1 , 256 ) ) SHA Val#2451 HMAC Val#1842
TLS( TLS1.0/1.1 ) SHA Val#2451 HMAC Val#1842

"The FCCrypt library provides the following services for the FortiClient 5.0: HMAC, SHA-1, SHA-256, AES CBC, AES ECB, 3DES, RSA and NIST 800-90A RBG."

328
Section 4.2,
TLS
SP800-135
Blue Coat Systems, Inc.
420 N. Mary Avenue
Sunnyvale, California 94085-4121
USA

-Diana Robinson
TEL: +1 (845) 454-6397

-Tammy Green
TEL: +1 (801) 999-2973

Blue Coat SG VA TLS Library

Version 3.1.4
Intel Xeon w/ VMware ESXi v5.1 with SGOS v6.5.2 7/18/2014 TLS( TLS1.0/1.1 ) SHA Val#2307 HMAC Val#1716

"The Blue Coat SG VA TLS Library provides the necessary SSL/TLS key derivation functionality to a proprietary operating system (SGOS 6.5.2) developed specifically for use in Blue Coat''s Secure Web Gateway virtual appliance ."

327
Signature Generation of hash sized messages
FIPS186-4 ECDSA
Atmel Corporation
1150 E. Cheyenne Mountain Blvd
Colorado Springs, CO 80906
USA

-Jim Hallman
TEL: (919) 846-3391

ATECC108A

Version 0x1003 (Firmware)
Cadence NC Verilog hardware simulator 7/18/2014 ECDSA SigGen Component: CURVES( P-256 K-283 B-283 )

"Atmel CryptoAuthentication: Secure authentication and product validation device."

326
Section 4.1.1,
IKEv1
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Aruba Networks, Inc.
1344 Crossman Ave
Sunnyvale, CA 94089
USA

-Jon Green
TEL: 408-227-4500
FAX: 408-227-4550

-Steve Weingart
TEL: 1-830-580-1544

ArubaOS OpenSSL Module

Version ArubaOS 6.4 (Firmware)
Broadcom XLP208; Freescale QorIQ P1020 7/10/2014 IKEv1( AUTH( DSA , PSK ) ) ( 2048 (SHA 1 , 256 , 384 ) ) SHA Val#2440 HMAC Val#1835
TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#2440 HMAC Val#1835
SSH (SHA 1 ) SHA Val#2440
SNMP SHA1 Val#2440

"The Aruba MOVE Architecture forms the core network infrastructure for supporting mobile and wireless computing devices. The system enables enterprise-scale 802.11 wireless LANs (Wi-Fi), secure remote VPNs, and mobility-optimized wired networks."

325
Section 4.2,
TLS
SP800-135
Palo Alto Networks
4301 Great America Parkway
Santa Clara, California 95054
USA

-Richard Bishop
TEL: 408-753-4000
FAX: 408-753-4001

-Jake Bajic
TEL: 408-753-3901
FAX: 408-753-4001

Palo Alto Networks Crypto Module (PA-200, PA-500, PA-2000 Series, PA-3000 Series, PA-4000 Series, PA-5000 and PA-7050 Series Firewalls and M100/Panorama)

Version PAN-OS 6.0/Panorama 6.0 (Firmware)
Cavium Octeon MIPS64 7/10/2014 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 ) ) SHA Val#2439 HMAC Val#1832

"The Palo Alto Networks Crypto Module provides the cryptographic functionality for a variety of platforms i.e. the PA-200, PA-500, PA-2000, PA-3000, PA-4000, PA-5000 and PA-7050 firewalls and M100/Panorama. The firewalls provide network security by enabling enterprises to see/control applications, users, and content."

324
Section 4.1.1,
IKEv1
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Palo Alto Networks
4301 Great America Parkway
Santa Clara, California 95054
USA

-Richard Bishop
TEL: 408-753-4000
FAX: 408-753-4001

-Jake Bajic
TEL: 408-753-3901
FAX: 408-753-4001

Palo Alto Networks Crypto Module (PA-200, PA-500, PA-2000 Series, PA-3000 Series, PA-4000 Series, PA-5000 and PA-7050 Series Firewalls and M100/Panorama)

Version PAN-OS 6.0/Panorama 6.0 (Firmware)
Cavium Octeon MIPS64; Intel Multi Core Xeon; Intel Celeron P4505; Intel Core I7 7/10/2014 IKEv1( AUTH( PSK ) ) ( 224 (SHA 256 , 384 , 512 ) ) SHA Val#2439 HMAC Val#1832
TLS( TLS1.0/1.1 ) SHA Val#2439 HMAC Val#1832
SSH (SHA 1 ) SHA Val#2439
SNMP SHA1 Val#2439

"The Palo Alto Networks Crypto Module provides the cryptographic functionality for a variety of platforms i.e. the PA-200, PA-500, PA-2000, PA-3000, PA-4000, PA-5000 and PA-7050 firewalls and M100/Panorama. The firewalls provide network security by enabling enterprises to see/control applications, users, and content."

323
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
Section 4.2,
TLS
SP800-135
Microsoft Corporation
One Microsoft Way
Redmond, WA 98052-6399
USA

-Tim Myers
TEL: 800-Microsoft

Microsoft Windows 8.1, Microsoft Windows Server 2012 R2, Microsoft Windows Storage Server 2012 R2, Microsoft Windows RT 8.1, Microsoft Surface with Windows RT 8.1, Microsoft Surface Pro with Windows 8.1, Microsoft Surface 2, Microsoft Surface Pro 2, Microsoft Windows Phone 8.1, Microsoft Windows Embedded 8.1 Industry BCryptPrimitives and NCryptSSLp

Version 6.3.9600
Intel Pentium without AES-NI w/ Microsoft Windows 8.1 Enterprise (x86); Intel Pentium without AES-NI w/ Microsoft Windows Embedded 8.1 Industry Enterprise x86; Intel Pentium without AES-NI w/ Microsoft Windows 8.1 Enterprise (x64); Intel Pentium without AES-NI w/ Microsoft Windows Embedded 8.1 Industry Enterprise (x64); Intel Pentium without AES-NI w/ Microsoft Windows Server 2012 R2 (x64); Intel Pentium without AES-NI w/ Microsoft Windows Storage Server 2012 R2 (x64); AMD Athlon 64 X2 without AES-NI w/ Microsoft Windows 8.1 Enterprise (x86); AMD Athlon 64 X2 without AES-NI w/ Microsoft Windows Embedded 8.1 Industry Enterprise x86; AMD Athlon 64 X2 without AES-NI w/ Microsoft Windows 8.1 Enterprise (x64); AMD Athlon 64 X2without AES-NI w/ Microsoft Windows Embedded 8.1 Industry Enterprise (x64); AMD Athlon 64 X2 without AES-NI w/ Microsoft Windows Server 2012 R2 (x64); AMD Athlon 64 X2 without AES-NI w/ Microsoft Windows Storage Server 2012 R2 (x64); Intel Core i7 without AES-NI or PCLMULQDQ or SSSE3 w/ Microsoft Windows 8.1 Enterprise (x86); Intel Core i7 without AES-NI or PCLMULQDQ or SSSE3 w/ Microsoft Windows Embedded 8.1 Industry Enterprise x86; Intel Core i7 without AES-NIor PCLMULQDQ or SSSE3 w/ Microsoft Windows Embedded 8.1 Industry Enterprise (x64); Intel Core i7 without AES-NI or PCLMULQDQ or SSSE3 w/ Microsoft Windows Server 2012 R2 (x64); Intel Core i7 without AES-NI or PCLMULQDQ or SSSE3 w/ Microsoft Windows Storage Server 2012 R2 (x64); AMD A4 without AES-NI or PCLMULQDQ or SSSE3 w/ Microsoft Windows 8.1 Enterprise (x86); AMD A4 without AES-NI or PCLMULQDQ or SSSE3 w/ Microsoft Windows Embedded 8.1 Industry Enterprise x86; AMD A4 without AES-NI or PCLMULQDQ or SSSE3 w/ Microsoft Windows 8.1 Enterprise (x64); AMD A4 without AES-NI or PCLMULQDQ or SSSE3 w/ Microsoft Windows Embedded 8.1 Industry Enterprise (x64); AMD A4 without AES-NI or PCLMULQDQ or SSSE3 w/ Microsoft Windows Server 2012 R2 (x64); Intel Core i5 with AES-NI w/ Microsoft Windows 8.1 Enterprise (x64); Intel Core i5 with AES-NI w/ Microsoft Surface Pro with Windows 8.1 Pro; Intel Core i5 with AES-NI w/ Microsoft Surface Pro 2 with Windows 8.1 Pro; NVIDIA Tegra 3 Quad Core w/ Microsoft Windows 8.1 RT; NVIDIA Tegra 3 Quad-Core w/ Microsoft Windows 8.1 RT; Qualcomm Snapdragon S4 w/ Microsoft Windows 8.1 RT; NVIDIA Tegra 4 Quad Core w/ Microsoft Windows 8.1 RT; Qualcomm Snapdragon S4 w/ Microsoft Windows 8.1 RT; Qualcomm Snapdragon 400 w/ Microsoft Windows 8.1 RT; Qualcomm Snapdragon 800 w/ Microsoft Windows 8.1 RT; Intel Core i3 without AES-NI and with PCLMULQDQ and SSSE3 w/ Microsoft Windows 8.1 Enterprise (x64); Intel Core i3 without AES-NI and with PCLMULQDQ and SSSE3 w/ Microsoft Windows Embedded 8.1 Industry Enterprise (x64); Intel Core i3 without AES-NI and with PCLMULQDQ and SSSE3 w/ Microsoft Windows Server 2012 R2 (x64); Intel Core i3 without AES-NI and with PCLMULQDQ and SSSE3 w/ Microsoft Windows Storage Server 2012 R2 (x64); Intel Core i7 with AES-NI and PCLMULQDQ and SSSE3 w/ Microsoft Windows 8.1 Enterprise (x64); Intel Core i7 with AES-NI and PCLMULQDQ and SSSE3 w/ Microsoft Windows Embedded 8.1 Industry Enterprise (x64); Intel Core i7 with AES-NI and PCLMULQDQ and SSSE3 w/ Microsoft Windows Server 2012 R2 (x64); Intel Core i7 with AES-NI and PCLMULQDQ and SSSE3 w/ Microsoft Windows Storage Server 2012 R2 (x64); AMD A4 with AES-NI and PCLMULQDQ and SSSE3 w/ Microsoft Windows 8.1 Enterprise (x64); AMD A4 with AES-NI and PCLMULQDQ and SSSE3 w/ Microsoft Windows Embedded 8.1 Industry Enterprise (x64); AMD A4 with AES-NI and PCLMULQDQ and SSSE3 w/ Microsoft Windows Server 2012 R2 (x64); AMD A4 with AES-NI and PCLMULQDQ and SSSE3 w/ Microsoft Windows Storage Server 2012 R2 (x64) 7/10/2014 IKEv1( AUTH( DSA , PKE , PSK ) ) ( 2048 (SHA 256 ) ) ( 256 (SHA 256 ) ) ( 384 (SHA 384 ) ) SHA Val#2373 HMAC Val#1773
IKEv2( ( 2048 (SHA 256 ) ) ( 256 (SHA 256 ) ) ( 384 (SHA 384 ) ) SHA Val#2373 HMAC Val#1773
TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#2373 HMAC Val#1773

"The Microsoft Windows Cryptographic Primitives Library provides IKEv1, IKEv2, and TLS Key Derivation Function (KDF) primitives."

322
Section 4.1.1,
IKEv1
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134
USA

-Global Certification Team

OSSL

Version Openssl-0.9.8g-8.0.0 (Firmware)
Cavium 56XX 7/10/2014 IKEv1( ( 2048 (SHA 1 ) ) SHA Val#1229 HMAC Val#786
TLS( TLS1.0/1.1 ) SHA Val#1229 HMAC Val#786
SSH (SHA 1 ) SHA Val#1229
SNMP SHA1 Val#1229

"Cisco WLAN Controllers provide centralized control, management and scalability for small, medium and large-scale Government WLAN networks using APs joined over secure DTLS connection and support IEEE 802.11i security standard with WPA2 to enable a Secure Wireless Architecture."

10/14/2014: Added KDF 800-135 IKEv1 KDF and SNMP KDF and updated implementation description.

321
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

Brocade FIPS Crpyto Library

Version FOS 7.3.0 (Firmware)
PPC 440GPX and PPC 8548 7/10/2014 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#2436 HMAC Val#1829
SSH (SHA 1 , 224 , 256 , 384 , 512 ) SHA Val#2436

"Brocade Cryptographic Library is used in Brocade FOS based switches to implement the cryptographic related modules."

320
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

Brocade FIPS Crpyto Library

Version FOS 7.3.0 (Firmware)
PPC 440GPX and PPC 8548 7/10/2014 Curves tested: P-256   P-384   P-521

"Brocade Cryptographic Library is used in Brocade FOS based switches to implement the cryptographic related modules."

319
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris marks
TEL: 408-333-0480
FAX: 408-333-8101

Brocade FIPS Crypto Library

Version FOS 7.3.0 (Firmware)
E 500 mc 7/10/2014 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#2435 HMAC Val#1828
SSH (SHA 1 , 224 , 256 , 384 , 512 ) SHA Val#2435

"Brocade cryptographic library is used in Brocade FOS based switches to implement the cryptographic related modules."

318
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris marks
TEL: 408-333-0480
FAX: 408-333-8101

Brocade FIPS Crypto Library

Version FOS 7.3.0 (Firmware)
E 500 mc 7/10/2014 Curves tested: P-256   P-384   P-521

"Brocade cryptographic library is used in Brocade FOS based switches to implement the cryptographic related modules."

317
Section 4.2,
TLS
SP800-135
Cisco Systems, Inc.
170 W. Tasman Drive
San Jose, CA 95134
USA

-Global Certification Team

ONS Encryption Card Firmware Algorithms

Version 1.2 (Firmware)
Freescale P1010 7/10/2014 TLS( TLS1.0/1.1 ) SHA Val#2428 HMAC Val#1821

"Firmware algorithm implementations for the ONS encryption card."

316
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Cisco Systems, Inc.
170 W. Tasman Drive
San Jose, CA 95134
USA

-Global Certification Team

ONS Controller Card Firmware Algorithms

Version 1.2 (Firmware)
Freescale MPC8568E 7/10/2014 TLS( TLS1.0/1.1 ) SHA Val#2427 HMAC Val#1820
SSH (SHA 1 , 256 ) SHA Val#2427

"Firmware algorithm implementations for the ONS controller cards."

315
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
SP800-135
Motorola Solutions, Inc.
6480 Via Del Oro
San Jose, CA 95119
USA

-Ashot Andreasyan
TEL: 408-826-3203
FAX: 408-538-2883

IKEv1 KDF IKEv2 KDF

Version 16.6.0.80 (Firmware)
FreeScale MPC-8568E; FreeScale MPC-7457 7/10/2014 IKEv1( AUTH( PSK ) ) ( 2048 (SHA 1 ) ) SHA Val#2057 HMAC Val#1486
IKEv2( ( 2048 (SHA 1 ) ) SHA Val#2057 HMAC Val#1486

"IKEv1 and IKEv2 Key Derivation Functions are used to derive shared secret keys between peers for the S6000 and GGM8000 network devices."

314
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
SP800-135
Aruba Networks, Inc.
1344 Crossman Ave
Sunnyvale, CA 94089
USA

-Jon Green
TEL: 408-227-4500
FAX: 408-227-4550

-Steve Weingart
TEL: 210-516-5736

ArubaOS Crypto Module

Version ArubaOS 6.4 (Firmware)
Broadcom XLP208; Freescale QorIQ P1020 7/10/2014 IKEv1( AUTH( DSA , PSK ) ) ( 256 (SHA 256 , 384 ) ) ( 384 (SHA 256 , 384 ) ) ( 2048 (SHA 256 , 384 ) ) SHA Val#2425 HMAC Val#1818
IKEv2( ( 2048 (SHA 256 , 384 ) ) SHA Val#2425 HMAC Val#1818

"The Aruba MOVE Architecture forms the core network infrastructure for supporting mobile and wireless computing devices. The system enables enterprise-scale 802.11 wireless LANs (Wi-Fi), secure remote VPNs, and mobility-optimized wired networks."

313
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Aruba Networks, Inc.
1344 Crossman Ave
Sunnyvale, CA 94089
USA

-Jon Green
TEL: 408-227-4500
FAX: 408-227-4550

-Steve Weingart
TEL: 210-516-5736

ArubaOS Crypto Module

Version ArubaOS 6.4 (Firmware)
Broadcom XLP208; Freescale QorIQ P1020 7/10/2014 RSASP1: (Mod2048: PKCS1.5 )

"The Aruba MOVE Architecture forms the core network infrastructure for supporting mobile and wireless computing devices. The system enables enterprise-scale 802.11 wireless LANs (Wi-Fi), secure remote VPNs, and mobility-optimized wired networks."

312
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

Brocade FIPS Crypto Library

Version FOS 7.3.0 (Firmware)
AMCC PPC 440EPX 6/27/2014 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#2417 HMAC Val#1814
SSH (SHA 1 , 224 , 256 , 384 , 512 ) SHA Val#2417

"Brocade Cryptographic library is used in Brocade FOS based switches to implement the cryptographic related modules."

311
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

Brocade FIPS Crypto Library

Version FOS 7.3.0 (Firmware)
AMCC PPC 440EPX 6/27/2014 Curves tested: P-256   P-384   P-521

"Brocade Cryptographic library is used in Brocade FOS based switches to implement the cryptographic related modules."

310
Section 4.2,
TLS
SP800-135
Neopost Technologies, S.A.
113 Rue Jean Marin Naudin
BAGNEUX, 92220
France

-Nathalie TORTELLIER
TEL: 33 01 45 36 30 72
FAX: 33 01 45 36 30 10

Neopost PSD

Version A0038114A (Firmware)
Part # A0014227B
n/a 6/27/2014 TLS( TLS1.2 (SHA 256 ) ) SHA Val#2416 HMAC Val#1813

"Neopost Postal Secure Device (PSD) for low to high range of franking machines"

309
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Symantec Corporation
350 Ellis Street
Mountain View, CA 94043
USA

-Bill Zhao
TEL: 650-527-0683

PSymantec PGP Cryptographic Engine

Version 4.3
sVirtualized vSphere 5.1 / ESXi 5.1 hypervisor w/ Windows Server 2012 R2 x64 6/27/2014 Curves tested: P-256   P-384   P-521

"The Symantec PGP Cryptographic Engine is a FIPS 140-2 validated software only cryptographic module. The module implements the cryptographic functions for Symantec Encryption products, including the Symantec Drive Encryption, Symantec Desktop Email, Symantec File Share Encryption, Symantec Encryption Desktop, and Symantec Gateway Email."

308
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Symantec Corporation
350 Ellis Street
Mountain View, CA 94043
USA

-Bill Zhao
TEL: 650-527-0683

Symantec PGP Cryptographic Engine

Version 4.3
Virtualized vSphere 5.1 / ESXi 5.1 hypervisor w/ Windows 8.1 update 1 x64 6/27/2014 Curves tested: P-256   P-384   P-521

"The Symantec PGP Cryptographic Engine is a FIPS 140-2 validated software only cryptographic module. The module implements the cryptographic functions for Symantec Encryption products, including the Symantec Drive Encryption, Symantec Desktop Email, Symantec File Share Encryption, Symantec Encryption Desktop, and Symantec Gateway Email."

307
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Symantec Corporation
350 Ellis Street
Mountain View, CA 94043
USA

-Bill Zhao
TEL: 650-527-0683

Symantec PGP Cryptographic Engine

Version 4.3
Dell Precision M6400 Intel Core 2 Duo w/ Linux 64-bit RHEL 6.2 6/27/2014 Curves tested: P-256   P-384   P-521

"The Symantec PGP Cryptographic Engine is a FIPS 140-2 validated software only cryptographic module. The module implements the cryptographic functions for Symantec Encryption products, including the Symantec Drive Encryption, Symantec Desktop Email, Symantec File Share Encryption, Symantec Encryption Desktop, and Symantec Gateway Email."

306
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Symantec Corporation
350 Ellis Street
Mountain View, CA 94043
USA

-David Finkelstein
TEL: 650-527-0714

Symantec PGP Cryptographic Engine

Version 4.3
Dell Precision M6400 Intel Core 2 Duo w/ Windows 7 32 bit 6/27/2014 Curves tested: P-256   P-384   P-521

"The Symantec PGP Cryptographic Engine is a FIPS 140-2 validated software only cryptographic module. The module implements the cryptographic functions for Symantec Encryption products, including the Symantec Drive Encryption, Symantec Desktop Email, Symantec File Share Encryption, Symantec Encryption Desktop, and Symantec Gateway Email."

305
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Symantec Corporation
350 Ellis Street
Mountain View, CA 94043
USA

-David Finkelstein
TEL: 650-527-0714

Symantec PGP Cryptographic Engine

Version 4.3
Dell Precision M6400 Intel Core 2 i7 w/ Windows 7 32 bit with AESNI 6/27/2014 Curves tested: P-256   P-384   P-521

"The Symantec PGP Cryptographic Engine is a FIPS 140-2 validated software only cryptographic module. The module implements the cryptographic functions for Symantec Encryption products, including the Symantec Drive Encryption, Symantec Desktop Email, Symantec File Share Encryption, Symantec Encryption Desktop, and Symantec Gateway Email. It include"

304
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Symantec Corporation
350 Ellis Street
Mountain View, CA 94043
USA

-David Finkelstein
TEL: 650-527-0714

Symantec PGP Cryptographic Engine

Version 4.3
Dell Precision M6400 Intel Core i7 w/ Windows 7 64 bit with AESNI 6/27/2014 Curves tested: P-256   P-384   P-521

"The Symantec PGP Cryptographic Engine is a FIPS 140-2 validated software only cryptographic module. The module implements the cryptographic functions for Symantec Encryption products, including the Symantec Drive Encryption, Symantec Desktop Email, Symantec File Share Encryption, Symantec Encryption Desktop, and Symantec Gateway Email. "

303
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Symantec Corporation
350 Ellis Street
Mountain View, CA 94043
USA

-David Finkelstein
TEL: 650-527-0714

Symantec PGP Cryptographic Engine

Version 4.3
Dell Precision M6400 Intel Core i7 w/ Linux 32 bit RHEL 6.2 with AESNI 6/27/2014 Curves tested: P-256   P-384   P-521

"The Symantec PGP Cryptographic Engine is a FIPS 140-2 validated software only cryptographic module. The module implements the cryptographic functions for Symantec Encryption products, including the Symantec Drive Encryption, Symantec Desktop Email, Symantec File Share Encryption, Symantec Encryption Desktop, and Symantec Gateway Email. "

302
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Symantec Corporation
350 Ellis Street
Mountain View, CA 94043
USA

-David Finkelstein
TEL: 650-527-0714

Symantec PGP Cryptographic Engine

Version 4.3
Mac OS X 10.7 with AESNI w/ Apple MacBook Pro Intel Core i7 6/27/2014 Curves tested: P-256   P-384   P-521

"The Symantec PGP Cryptographic Engine is a FIPS 140-2 validated software only cryptographic module. The module implements the cryptographic functions for Symantec Encryption products, including the Symantec Drive Encryption, Symantec Desktop Email, Symantec File Share Encryption, Symantec Encryption Desktop, and Symantec Gateway Email."

301
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Fortinet, Inc.
1090 Kifer Road
Sunnyvale, CA 94086-5301
USA

-Alan Kaye
TEL: 613-225-9381 x7416
FAX: 613-225-9951

Fortinet FortiOS SSL Cryptographic Library

Version 5.0 GA Patch 7 (Firmware)
Intel Xeon 6/27/2014 IKEv1( AUTH( DSA , PKE , PSK ) ) ( 224 (SHA 1 , 256 ) ) ( 8192 (SHA 1 , 256 ) ) SHA Val#2404 HMAC Val#1801
IKEv2( ( 224 (SHA 1 , 256 ) ) ( 8192 (SHA 1 , 256 ) ) SHA Val#2404 HMAC Val#1801
TLS( TLS1.2 (SHA 256 ) ) SHA Val#2404 HMAC Val#1801
SSH (SHA 1 , 256 ) SHA Val#2404

"This document focuses on the software implementation of the Fortinet FortiOS SSL Cryptographic Library 5.0 GA Patch 7."

07/10/14: Updated implementation information;

300 RSA, The Security Division of EMC
174 Middlesex Turnpike
Bedford, MA 01730
USA

-Sandy Carielli
TEL: 781-515-7510

RSA BSAFE Crypto-C Micro Edition (ME)

Version 4.1
Intel x86 with AES-NI w/ Windows Server 2003 Enterprise R2 (/MD); Intel x86 without AES-NI w/ Windows Server 2003 Enterprise R2 (/MD); Intel x86 with AES-NI w/ Windows Server 2008 Enterprise SP2 (/MD); Intel x86 without AES-NI w/ Windows Server 2008 Enterprise SP2 (/MD); Intel x86 with AES-NI w/ Windows 7 Enterprise SP1 (/MD); Intel x86 without AES-NI w/ Windows 7 Enterprise SP1 (/MD); Intel x64 with AES-NI w/ Windows Server 2003 Enterprise R2 (/MD); Intel x64 without AES-NI w/ Windows Server 2003 Enterprise R2 (/MD); Intel x64 with AES-NI w/ Windows Server 2008 Enterprise R2 (/MD); Intel x64 without AES-NI w/ Windows Server 2008 Enterprise R2 (/MD); Intel x64 with AES-NI w/ Windows 7 Enterprise SP1 (/MD); Intel x64 without AES-NI w/ Windows 7 Enterprise SP1 (/MD); Itanium2 w/ Windows Server 2003 Enterprise R2; Itanium2 w/ Windows Server 2008 Enterprise R2; Intel x86 with AES-NI w/ Windows Server 2003 Enterprise R2 on ESX 5.1 (/MT); Intel x86 without AES-NI w/ Windows Server 2003 Enterprise R2 (/MT); Intel x86 with AES-NI w/ Windows Server 2008 Enterprise SP2 (/MT); Intel x86 without AES-NI w/ Windows Server 2008 Enterprise SP2 (/MT); Intel x86 with AES-NI w/ Windows 7 Enterprise SP1 (/MT); Intel x86 without AES-NI w/ Windows 7 Enterprise SP1 (/MT); Intel x64 with AES-NI w/ Windows Server 2003 Enterprise R2 (/MT); Intel x64 without AES-NI w/ Windows Server 2003 Enterprise R2 (/MT); Intel x64 with AES-NI w/ Windows Server 2008 Enterprise R2 (/MT); Intel x64 without AES-NI w/ Windows Server 2008 Enterprise R2 (/MT); Intel x64 with AES-NI w/ Windows 7 Enterprise SP1 (/MT); Intel x64 with AES-NI w/ Windows Server 2012 R2 Standard (/MT); Intel x64 without AES-NI w/ Windows Server 2012 R2 Standard (/MT); Intel x64 with AES-NI w/ Windows 8.1 Enterprise (/MT); Intel x64 without AES-NI w/ Windows 8.1 Enterprise (/MT); Itanium2 64-bit w/ Windows Server 2003 Enterprise R2; Itanium2 64-bit w/ Windows Server 2008 Enterprise R2; Intel x86 with AES-NI w/ Red Hat Enterprise Linux 5.5 on ESX 4.0; Intel x86 without AES-NI w/ Red Hat Enterprise Linux 5.5 on ESX 4.0; Intel x64 with AES-NI w/ Red Hat Enterprise Linux 5.5 on ESX 4.0; Intel x64 without AES-NI w/ Red Hat Enterprise Linux 5.5 on ESX 4.0; Intel x86 without AES-NI w/ Red Hat Enterprise Linux 6.1 on ESXi 4.1; Intel x86 with AES-NI w/ SUSE Linux Enterprise Server 11 on ESX 4.0; Intel x86 without AES-NI w/ SUSE Linux Enterprise Server11 on ESX 4.0; Intel x64 with AES-NI w/ Red Hat Enterprise Linux 6.1 ESXi 4.1; Intel x64 without AES-NI w/ Red Hat Enterprise Linux 6.1 on ESXi 4.1; Intel x64 with AES-NI w/ SUSE Linux Enterprise Server 11 on ESXi 4.1; Intel x64 without AES-NI w/ SUSE Linux Enterprise Server 11 on ESXi 4.1; Itanium2 64-bit w/ Red Hat Enterprise Linux 5.5; PPC 32-bit w/ Red Hat Enterprise Linux 5.3; PPC 32-bit w/ SUSE Linux Enterprise Server 11; PPC 64-bit w/ Red Hat Enterprise Linux 5.3; PPC 64-bit w/ SUSE Linux Enterprise Server 11; Intel x64 with AES-NI w/ FreeBSD 8.3 on ESXi 5.0; Intel x64 without AES-NI w/ FreeBSD 8.3 on ESXi 5.0; Intel x64 with AES-NI w/ Mac OS X 10.8; Intel x64 without AES-NI w/ Mac OS X 10.8; SPARC v8 w/ Solaris 10; SPARC v8+ w/ Solaris 11; SPARC v9 (T2) w/ Solaris 11; SPARC v9 (T4) with T4 accelerator w/ Solaris 11; SPARC v9 (T4) without T4 accelerator w/ Solaris 11; Intel x86 with AES-NI w/ Solaris 10 on ESXi 4.1; Intel x86 without AES-NI w/ Solaris 10 on ESXi 4.1; Intel x64 with AES-NI w/ Solaris 10; Intel x64 without AES-NI w/ Solaris 10; PA-RISC 2.0 32-bit w/ HPUX 11.31; PA-RISC 2.0W 64-bit w/ HPUX 11.31; Itanium2 32-bit w/ HPUX 11.31; Itanium2 64-bit w/ HPUX 11.31; PowerPC 32-bit w/ AIX 6.1 on Virtual I/O Server 2.2.2.1; PowerPC 64-bit w/ AIX 6.1 on Virtual I/O Server 2.2.2.1; PowerPC 32-bit w/ AIX 7.1 on Virtual I/O Server 2.2.2.1; PowerPC 64-bit w/ AIX 7.1 on Virtual I/O Server 2.2.2.1; IBM z196 31/32-bit w/ Red Hat Enterprise Linux 5.8 on z/VM 6.2; IBM z196 64-bit w/ Red Hat Enterprise Linux 5.8 on z/VM 6.2; ARMv7 w/ Ubuntu 12.04 LTS; ARMv7 w/ Fedora Core 17; Intel x86 w/ Android 4.0.3; ARMv7 w/ Android 2.3.6; ARMv7 w/ Android 4.1.2; ARMv7 w/ iOS 7.1; ARMv7s w/ iOS 7.1; PPC 604 w/ VxWorks 6.4; PPC 604 w/ VxWorks 6.7; ARMv4 w/ VxWorks 6.8 6/27/2014

"RSA BSAFE® Crypto-C ME software is designed to help protect sensitive data as it is stored using strong encryption techniques to provide a persistent level of protection. The software supports a wide range of industry standard encryption algorithms offering developers the flexibility to choose the appropriate option to meet their requirements."

299
Signature Generation of hash sized messages
FIPS186-4 ECDSA
RSA, The Security Division of EMC
174 Middlesex Turnpike
Bedford, MA 01730
USA

-Sandy Carielli
TEL: 781-515-7510

RSA BSAFE Crypto-C Micro Edition (ME)

Version 4.1
Intel x86 with AES-NI w/ Windows Server 2003 Enterprise R2 (/MD); Intel x86 without AES-NI w/ Windows Server 2003 Enterprise R2 (/MD); Intel x86 with AES-NI w/ Windows Server 2008 Enterprise SP2 (/MD); Intel x86 without AES-NI w/ Windows Server 2008 Enterprise SP2 (/MD); Intel x86 with AES-NI w/ Windows 7 Enterprise SP1 (/MD); Intel x86 without AES-NI w/ Windows 7 Enterprise SP1 (/MD); Intel x64 with AES-NI w/ Windows Server 2003 Enterprise R2 (/MD); Intel x64 without AES-NI w/ Windows Server 2003 Enterprise R2 (/MD); Intel x64 with AES-NI w/ Windows Server 2008 Enterprise R2 (/MD); Intel x64 without AES-NI w/ Windows Server 2008 Enterprise R2 (/MD); Intel x64 with AES-NI w/ Windows 7 Enterprise SP1 (/MD); Intel x64 without AES-NI w/ Windows 7 Enterprise SP1 (/MD); Itanium2 w/ Windows Server 2003 Enterprise R2; Itanium2 w/ Windows Server 2008 Enterprise R2; Intel x86 with AES-NI w/ Windows Server 2003 Enterprise R2 on ESX 5.1 (/MT); Intel x86 without AES-NI w/ Windows Server 2003 Enterprise R2 (/MT); Intel x86 with AES-NI w/ Windows Server 2008 Enterprise SP2 (/MT); Intel x86 without AES-NI w/ Windows Server 2008 Enterprise SP2 (/MT); Intel x86 with AES-NI w/ Windows 7 Enterprise SP1 (/MT); Intel x86 without AES-NI w/ Windows 7 Enterprise SP1 (/MT); Intel x64 with AES-NI w/ Windows Server 2003 Enterprise R2 (/MT); Intel x64 without AES-NI w/ Windows Server 2003 Enterprise R2 (/MT); Intel x64 with AES-NI w/ Windows Server 2008 Enterprise R2 (/MT); Intel x64 without AES-NI w/ Windows Server 2008 Enterprise R2 (/MT); Intel x64 with AES-NI w/ Windows 7 Enterprise SP1 (/MT); Intel x64 without AES-NI w/ Windows 7 Enterprise SP1 (/MT); Intel x64 with AES-NI w/ Windows Server 2012 R2 Standard (/MT); Intel x64 without AES-NI w/ Windows Server 2012 R2 Standard (/MT); Intel x64 with AES-NI w/ Windows 8.1 Enterprise (/MT); Intel x64 without AES-NI w/ Windows 8.1 Enterprise (/MT); Itanium2 64-bit w/ Windows Server 2003 Enterprise R2; Itanium2 64-bit w/ Windows Server 2008 Enterprise R2; Intel x86 with AES-NI w/ Red Hat Enterprise Linux 5.5 on ESX 4.0; Intel x86 without AES-NI w/ Red Hat Enterprise Linux 5.5 on ESX 4.0; Intel x64 with AES-NI w/ Red Hat Enterprise Linux 5.5 on ESX 4.0; Intel x64 without AES-NI w/ Red Hat Enterprise Linux 5.5 on ESX 4.0; Intel x86 without AES-NI w/ Red Hat Enterprise Linux 6.1 on ESXi 4.1; Intel x86 with AES-NI w/ SUSE Linux Enterprise Server 11 on ESX 4.0; Intel x86 without AES-NI w/ SUSE Linux Enterprise Server11 on ESX 4.0; Intel x64 with AES-NI w/ Red Hat Enterprise Linux 6.1 ESXi 4.1; Intel x64 without AES-NI w/ Red Hat Enterprise Linux 6.1 on ESXi 4.1; Intel x64 with AES-NI w/ SUSE Linux Enterprise Server 11 on ESXi 4.1; Intel x64 without AES-NI w/ SUSE Linux Enterprise Server 11 on ESXi 4.1; Itanium2 64-bit w/ Red Hat Enterprise Linux 5.5; PPC 32-bit w/ Red Hat Enterprise Linux 5.3; PPC 32-bit w/ SUSE Linux Enterprise Server 11; PPC 64-bit w/ Red Hat Enterprise Linux 5.3; PPC 64-bit w/ SUSE Linux Enterprise Server 11; Intel x64 with AES-NI w/ FreeBSD 8.3 on ESXi 5.0; Intel x64 without AES-NI w/ FreeBSD 8.3 on ESXi 5.0; Intel x64 with AES-NI w/ Mac OS X 10.8; Intel x64 without AES-NI w/ Mac OS X 10.8; SPARC v8 w/ Solaris 10; SPARC v8+ w/ Solaris 11; SPARC v9 (T2) w/ Solaris 11; SPARC v9 (T4) with T4 accelerator w/ Solaris 11; SPARC v9 (T4) without T4 accelerator w/ Solaris 11; Intel x86 with AES-NI w/ Solaris 10 on ESXi 4.1; Intel x86 without AES-NI w/ Solaris 10 on ESXi 4.1; Intel x64 with AES-NI w/ Solaris 10; Intel x64 without AES-NI w/ Solaris 10; PA-RISC 2.0 32-bit w/ HPUX 11.31; PA-RISC 2.0W 64-bit w/ HPUX 11.31; Itanium2 32-bit w/ HPUX 11.31; Itanium2 64-bit w/ HPUX 11.31; PowerPC 32-bit w/ AIX 6.1 on Virtual I/O Server 2.2.2.1; PowerPC 64-bit w/ AIX 6.1 on Virtual I/O Server 2.2.2.1; PowerPC 32-bit w/ AIX 7.1 on Virtual I/O Server 2.2.2.1; PowerPC 64-bit w/ AIX 7.1 on Virtual I/O Server 2.2.2.1; IBM z196 31/32-bit w/ Red Hat Enterprise Linux 5.8 on z/VM 6.2; IBM z196 64-bit w/ Red Hat Enterprise Linux 5.8 on z/VM 6.2; ARMv7 w/ Ubuntu 12.04 LTS; ARMv7 w/ Fedora Core 17; Intel x86 w/ Android 4.0.3; ARMv7 w/ Android 2.3.6; ARMv7 w/ Android 4.1.2; ARMv7 w/ iOS 7.1; ARMv7s w/ iOS 7.1; PPC 604 w/ VxWorks 6.4; PPC 604 w/ VxWorks 6.7; ARMv4 w/ VxWorks 6.8 6/27/2014 ECDSA SigGen Component: CURVES( P-224 P-256 P-384 P-521 K-233 K-283 K-409 K-571 B-233 B-283 B-409 B-571 )

"RSA BSAFE® Crypto-C ME software is designed to help protect sensitive data as it is stored using strong encryption techniques to provide a persistent level of protection. The software supports a wide range of industry standard encryption algorithms offering developers the flexibility to choose the appropriate option to meet their requirements."

298
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
RSA, The Security Division of EMC
174 Middlesex Turnpike
Bedford, MA 01730
USA

-Sandy Carielli
TEL: 781-515-7510

RSA BSAFE Crypto-C Micro Edition (ME)

Version 4.1
Intel x86 with AES-NI w/ Windows Server 2003 Enterprise R2 (/MD); Intel x86 without AES-NI w/ Windows Server 2003 Enterprise R2 (/MD); Intel x86 with AES-NI w/ Windows Server 2008 Enterprise SP2 (/MD); Intel x86 without AES-NI w/ Windows Server 2008 Enterprise SP2 (/MD); Intel x86 with AES-NI w/ Windows 7 Enterprise SP1 (/MD); Intel x86 without AES-NI w/ Windows 7 Enterprise SP1 (/MD); Intel x64 with AES-NI w/ Windows Server 2003 Enterprise R2 (/MD); Intel x64 without AES-NI w/ Windows Server 2003 Enterprise R2 (/MD); Intel x64 with AES-NI w/ Windows Server 2008 Enterprise R2 (/MD); Intel x64 without AES-NI w/ Windows Server 2008 Enterprise R2 (/MD); Intel x64 with AES-NI w/ Windows 7 Enterprise SP1 (/MD); Intel x64 without AES-NI w/ Windows 7 Enterprise SP1 (/MD); Itanium2 w/ Windows Server 2003 Enterprise R2; Itanium2 w/ Windows Server 2008 Enterprise R2; Intel x86 with AES-NI w/ Windows Server 2003 Enterprise R2 on ESX 5.1 (/MT); Intel x86 without AES-NI w/ Windows Server 2003 Enterprise R2 (/MT); Intel x86 with AES-NI w/ Windows Server 2008 Enterprise SP2 (/MT); Intel x86 without AES-NI w/ Windows Server 2008 Enterprise SP2 (/MT); Intel x86 with AES-NI w/ Windows 7 Enterprise SP1 (/MT); Intel x86 without AES-NI w/ Windows 7 Enterprise SP1 (/MT); Intel x64 with AES-NI w/ Windows Server 2003 Enterprise R2 (/MT); Intel x64 without AES-NI w/ Windows Server 2003 Enterprise R2 (/MT); Intel x64 with AES-NI w/ Windows Server 2008 Enterprise R2 (/MT); Intel x64 without AES-NI w/ Windows Server 2008 Enterprise R2 (/MT); Intel x64 with AES-NI w/ Windows 7 Enterprise SP1 (/MT); Intel x64 without AES-NI w/ Windows 7 Enterprise SP1 (/MT); Intel x64 with AES-NI w/ Windows Server 2012 R2 Standard (/MT); Intel x64 without AES-NI w/ Windows Server 2012 R2 Standard (/MT); Intel x64 with AES-NI w/ Windows 8.1 Enterprise (/MT); Intel x64 without AES-NI w/ Windows 8.1 Enterprise (/MT); Itanium2 64-bit w/ Windows Server 2003 Enterprise R2; Itanium2 64-bit w/ Windows Server 2008 Enterprise R2; Intel x86 with AES-NI w/ Red Hat Enterprise Linux 5.5 on ESX 4.0; Intel x86 without AES-NI w/ Red Hat Enterprise Linux 5.5 on ESX 4.0; Intel x64 with AES-NI w/ Red Hat Enterprise Linux 5.5 on ESX 4.0; Intel x64 without AES-NI w/ Red Hat Enterprise Linux 5.5 on ESX 4.0; Intel x86 without AES-NI w/ Red Hat Enterprise Linux 6.1 on ESXi 4.1; Intel x86 with AES-NI w/ SUSE Linux Enterprise Server 11 on ESX 4.0; Intel x86 without AES-NI w/ SUSE Linux Enterprise Server11 on ESX 4.0; Intel x64 with AES-NI w/ Red Hat Enterprise Linux 6.1 ESXi 4.1; Intel x64 without AES-NI w/ Red Hat Enterprise Linux 6.1 on ESXi 4.1; Intel x64 with AES-NI w/ SUSE Linux Enterprise Server 11 on ESXi 4.1; Intel x64 without AES-NI w/ SUSE Linux Enterprise Server 11 on ESXi 4.1; Itanium2 64-bit w/ Red Hat Enterprise Linux 5.5; PPC 32-bit w/ Red Hat Enterprise Linux 5.3; PPC 32-bit w/ SUSE Linux Enterprise Server 11; PPC 64-bit w/ Red Hat Enterprise Linux 5.3; PPC 64-bit w/ SUSE Linux Enterprise Server 11; Intel x64 with AES-NI w/ FreeBSD 8.3 on ESXi 5.0; Intel x64 without AES-NI w/ FreeBSD 8.3 on ESXi 5.0; Intel x64 with AES-NI w/ Mac OS X 10.8; Intel x64 without AES-NI w/ Mac OS X 10.8; SPARC v8 w/ Solaris 10; SPARC v8+ w/ Solaris 11; SPARC v9 (T2) w/ Solaris 11; SPARC v9 (T4) with T4 accelerator w/ Solaris 11; SPARC v9 (T4) without T4 accelerator w/ Solaris 11; Intel x86 with AES-NI w/ Solaris 10 on ESXi 4.1; Intel x86 without AES-NI w/ Solaris 10 on ESXi 4.1; Intel x64 with AES-NI w/ Solaris 10; Intel x64 without AES-NI w/ Solaris 10; PA-RISC 2.0 32-bit w/ HPUX 11.31; PA-RISC 2.0W 64-bit w/ HPUX 11.31; Itanium2 32-bit w/ HPUX 11.31; Itanium2 64-bit w/ HPUX 11.31; PowerPC 32-bit w/ AIX 6.1 on Virtual I/O Server 2.2.2.1; PowerPC 64-bit w/ AIX 6.1 on Virtual I/O Server 2.2.2.1; PowerPC 32-bit w/ AIX 7.1 on Virtual I/O Server 2.2.2.1; PowerPC 64-bit w/ AIX 7.1 on Virtual I/O Server 2.2.2.1; IBM z196 31/32-bit w/ Red Hat Enterprise Linux 5.8 on z/VM 6.2; IBM z196 64-bit w/ Red Hat Enterprise Linux 5.8 on z/VM 6.2; ARMv7 w/ Ubuntu 12.04 LTS; ARMv7 w/ Fedora Core 17; Intel x86 w/ Android 4.0.3; ARMv7 w/ Android 2.3.6; ARMv7 w/ Android 4.1.2; ARMv7 w/ iOS 7.1; ARMv7s w/ iOS 7.1; PPC 604 w/ VxWorks 6.4; PPC 604 w/ VxWorks 6.7; ARMv4 w/ VxWorks 6.8 6/27/2014 RSASP1: (Mod2048: PKCS1.5 PKCSPSS )

"RSA BSAFE® Crypto-C ME software is designed to help protect sensitive data as it is stored using strong encryption techniques to provide a persistent level of protection. The software supports a wide range of industry standard encryption algorithms offering developers the flexibility to choose the appropriate option to meet their requirements."

297
Section 4.2,
TLS
Section 5.1,
ANS X9.63-2001
SP800-135
RSA, The Security Division of EMC
174 Middlesex Turnpike
Bedford, MA 01730
USA

-Sandy Carielli
TEL: 781-515-7510

RSA BSAFE Crypto-C Micro Edition (ME)

Version 4.1
Intel x86 with AES-NI w/ Windows Server 2003 Enterprise R2 (/MD); Intel x86 without AES-NI w/ Windows Server 2003 Enterprise R2 (/MD); Intel x86 with AES-NI w/ Windows Server 2008 Enterprise SP2 (/MD); Intel x86 without AES-NI w/ Windows Server 2008 Enterprise SP2 (/MD); Intel x86 with AES-NI w/ Windows 7 Enterprise SP1 (/MD); Intel x86 without AES-NI w/ Windows 7 Enterprise SP1 (/MD); Intel x64 with AES-NI w/ Windows Server 2003 Enterprise R2 (/MD); Intel x64 without AES-NI w/ Windows Server 2003 Enterprise R2 (/MD); Intel x64 with AES-NI w/ Windows Server 2008 Enterprise R2 (/MD); Intel x64 without AES-NI w/ Windows Server 2008 Enterprise R2 (/MD); Intel x64 with AES-NI w/ Windows 7 Enterprise SP1 (/MD); Intel x64 without AES-NI w/ Windows 7 Enterprise SP1 (/MD); Itanium2 w/ Windows Server 2003 Enterprise R2; Itanium2 w/ Windows Server 2008 Enterprise R2; Intel x86 with AES-NI w/ Windows Server 2003 Enterprise R2 on ESX 5.1 (/MT); Intel x86 without AES-NI w/ Windows Server 2003 Enterprise R2 (/MT); Intel x86 with AES-NI w/ Windows Server 2008 Enterprise SP2 (/MT); Intel x86 without AES-NI w/ Windows Server 2008 Enterprise SP2 (/MT); Intel x86 with AES-NI w/ Windows 7 Enterprise SP1 (/MT); Intel x86 without AES-NI w/ Windows 7 Enterprise SP1 (/MT); Intel x64 with AES-NI w/ Windows Server 2003 Enterprise R2 (/MT); Intel x64 without AES-NI w/ Windows Server 2003 Enterprise R2 (/MT); Intel x64 with AES-NI w/ Windows Server 2008 Enterprise R2 (/MT); Intel x64 without AES-NI w/ Windows Server 2008 Enterprise R2 (/MT); Intel x64 with AES-NI w/ Windows 7 Enterprise SP1 (/MT); Intel x64 without AES-NI w/ Windows 7 Enterprise SP1 (/MT); Intel x64 with AES-NI w/ Windows Server 2012 R2 Standard (/MT); Intel x64 without AES-NI w/ Windows Server 2012 R2 Standard (/MT); Intel x64 with AES-NI w/ Windows 8.1 Enterprise (/MT); Intel x64 without AES-NI w/ Windows 8.1 Enterprise (/MT); Itanium2 64-bit w/ Windows Server 2003 Enterprise R2; Itanium2 64-bit w/ Windows Server 2008 Enterprise R2; Intel x86 with AES-NI w/ Red Hat Enterprise Linux 5.5 on ESX 4.0; Intel x86 without AES-NI w/ Red Hat Enterprise Linux 5.5 on ESX 4.0; Intel x64 with AES-NI w/ Red Hat Enterprise Linux 5.5 on ESX 4.0; Intel x64 without AES-NI w/ Red Hat Enterprise Linux 5.5 on ESX 4.0; Intel x86 without AES-NI w/ Red Hat Enterprise Linux 6.1 on ESXi 4.1; Intel x86 with AES-NI w/ SUSE Linux Enterprise Server 11 on ESX 4.0; Intel x86 without AES-NI w/ SUSE Linux Enterprise Server11 on ESX 4.0; Intel x64 with AES-NI w/ Red Hat Enterprise Linux 6.1 ESXi 4.1; Intel x64 without AES-NI w/ Red Hat Enterprise Linux 6.1 on ESXi 4.1; Intel x64 with AES-NI w/ SUSE Linux Enterprise Server 11 on ESXi 4.1; Intel x64 without AES-NI w/ SUSE Linux Enterprise Server 11 on ESXi 4.1; Itanium2 64-bit w/ Red Hat Enterprise Linux 5.5; PPC 32-bit w/ Red Hat Enterprise Linux 5.3; PPC 32-bit w/ SUSE Linux Enterprise Server 11; PPC 64-bit w/ Red Hat Enterprise Linux 5.3; PPC 64-bit w/ SUSE Linux Enterprise Server 11; Intel x64 with AES-NI w/ FreeBSD 8.3 on ESXi 5.0; Intel x64 without AES-NI w/ FreeBSD 8.3 on ESXi 5.0; Intel x64 with AES-NI w/ Mac OS X 10.8; Intel x64 without AES-NI w/ Mac OS X 10.8; SPARC v8 w/ Solaris 10; SPARC v8+ w/ Solaris 11; SPARC v9 (T2) w/ Solaris 11; SPARC v9 (T4) with T4 accelerator w/ Solaris 11; SPARC v9 (T4) without T4 accelerator w/ Solaris 11; Intel x86 with AES-NI w/ Solaris 10 on ESXi 4.1; Intel x86 without AES-NI w/ Solaris 10 on ESXi 4.1; Intel x64 with AES-NI w/ Solaris 10; Intel x64 without AES-NI w/ Solaris 10; PA-RISC 2.0 32-bit w/ HPUX 11.31; PA-RISC 2.0W 64-bit w/ HPUX 11.31; Itanium2 32-bit w/ HPUX 11.31; Itanium2 64-bit w/ HPUX 11.31; PowerPC 32-bit w/ AIX 6.1 on Virtual I/O Server 2.2.2.1; PowerPC 64-bit w/ AIX 6.1 on Virtual I/O Server 2.2.2.1; PowerPC 32-bit w/ AIX 7.1 on Virtual I/O Server 2.2.2.1; PowerPC 64-bit w/ AIX 7.1 on Virtual I/O Server 2.2.2.1; IBM z196 31/32-bit w/ Red Hat Enterprise Linux 5.8 on z/VM 6.2; IBM z196 64-bit w/ Red Hat Enterprise Linux 5.8 on z/VM 6.2; ARMv7 w/ Ubuntu 12.04 LTS; ARMv7 w/ Fedora Core 17; Intel x86 w/ Android 4.0.3; ARMv7 w/ Android 2.3.6; ARMv7 w/ Android 4.1.2; ARMv7 w/ iOS 7.1; ARMv7s w/ iOS 7.1; PPC 604 w/ VxWorks 6.4; PPC 604 w/ VxWorks 6.7; ARMv4 w/ VxWorks 6.8 6/27/2014 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#2402 HMAC Val#1799
ANSX963_2001 (SHS 224 , 256 , 384 , 512 ) SHA Val#2402

"RSA BSAFE® Crypto-C ME software is designed to help protect sensitive data as it is stored using strong encryption techniques to provide a persistent level of protection. The software supports a wide range of industry standard encryption algorithms offering developers the flexibility to choose the appropriate option to meet their requirements."

296
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
RSA, The Security Division of EMC
174 Middlesex Turnpike
Bedford, MA 01730
USA

-Sandy Carielli
TEL: 781-515-7510

RSA BSAFE Crypto-C Micro Edition (ME)

Version 4.1
Intel x86 with AES-NI w/ Windows Server 2003 Enterprise R2 (/MD); Intel x86 without AES-NI w/ Windows Server 2003 Enterprise R2 (/MD); Intel x86 with AES-NI w/ Windows Server 2008 Enterprise SP2 (/MD); Intel x86 without AES-NI w/ Windows Server 2008 Enterprise SP2 (/MD); Intel x86 with AES-NI w/ Windows 7 Enterprise SP1 (/MD); Intel x86 without AES-NI w/ Windows 7 Enterprise SP1 (/MD); Intel x64 with AES-NI w/ Windows Server 2003 Enterprise R2 (/MD); Intel x64 without AES-NI w/ Windows Server 2003 Enterprise R2 (/MD); Intel x64 with AES-NI w/ Windows Server 2008 Enterprise R2 (/MD); Intel x64 without AES-NI w/ Windows Server 2008 Enterprise R2 (/MD); Intel x64 with AES-NI w/ Windows 7 Enterprise SP1 (/MD); Intel x64 without AES-NI w/ Windows 7 Enterprise SP1 (/MD); Itanium2 w/ Windows Server 2003 Enterprise R2; Itanium2 w/ Windows Server 2008 Enterprise R2; Intel x86 with AES-NI w/ Windows Server 2003 Enterprise R2 on ESX 5.1 (/MT); Intel x86 without AES-NI w/ Windows Server 2003 Enterprise R2 (/MT); Intel x86 with AES-NI w/ Windows Server 2008 Enterprise SP2 (/MT); Intel x86 without AES-NI w/ Windows Server 2008 Enterprise SP2 (/MT); Intel x86 with AES-NI w/ Windows 7 Enterprise SP1 (/MT); Intel x86 without AES-NI w/ Windows 7 Enterprise SP1 (/MT); Intel x64 with AES-NI w/ Windows Server 2003 Enterprise R2 (/MT); Intel x64 without AES-NI w/ Windows Server 2003 Enterprise R2 (/MT); Intel x64 with AES-NI w/ Windows Server 2008 Enterprise R2 (/MT); Intel x64 without AES-NI w/ Windows Server 2008 Enterprise R2 (/MT); Intel x64 with AES-NI w/ Windows 7 Enterprise SP1 (/MT); Intel x64 without AES-NI w/ Windows 7 Enterprise SP1 (/MT); Intel x64 with AES-NI w/ Windows Server 2012 R2 Standard (/MT); Intel x64 without AES-NI w/ Windows Server 2012 R2 Standard (/MT); Intel x64 with AES-NI w/ Windows 8.1 Enterprise (/MT); Intel x64 without AES-NI w/ Windows 8.1 Enterprise (/MT); Itanium2 64-bit w/ Windows Server 2003 Enterprise R2; Itanium2 64-bit w/ Windows Server 2008 Enterprise R2; Intel x86 with AES-NI w/ Red Hat Enterprise Linux 5.5 on ESX 4.0; Intel x86 without AES-NI w/ Red Hat Enterprise Linux 5.5 on ESX 4.0; Intel x64 with AES-NI w/ Red Hat Enterprise Linux 5.5 on ESX 4.0; Intel x64 without AES-NI w/ Red Hat Enterprise Linux 5.5 on ESX 4.0; Intel x86 without AES-NI w/ Red Hat Enterprise Linux 6.1 on ESXi 4.1; Intel x86 with AES-NI w/ SUSE Linux Enterprise Server 11 on ESX 4.0; Intel x86 without AES-NI w/ SUSE Linux Enterprise Server11 on ESX 4.0; Intel x64 with AES-NI w/ Red Hat Enterprise Linux 6.1 ESXi 4.1; Intel x64 without AES-NI w/ Red Hat Enterprise Linux 6.1 on ESXi 4.1; Intel x64 with AES-NI w/ SUSE Linux Enterprise Server 11 on ESXi 4.1; Intel x64 without AES-NI w/ SUSE Linux Enterprise Server 11 on ESXi 4.1; Itanium2 64-bit w/ Red Hat Enterprise Linux 5.5; PPC 32-bit w/ Red Hat Enterprise Linux 5.3; PPC 32-bit w/ SUSE Linux Enterprise Server 11; PPC 64-bit w/ Red Hat Enterprise Linux 5.3; PPC 64-bit w/ SUSE Linux Enterprise Server 11; Intel x64 with AES-NI w/ FreeBSD 8.3 on ESXi 5.0; Intel x64 without AES-NI w/ FreeBSD 8.3 on ESXi 5.0; Intel x64 with AES-NI w/ Mac OS X 10.8; Intel x64 without AES-NI w/ Mac OS X 10.8; SPARC v8 w/ Solaris 10; SPARC v8+ w/ Solaris 11; SPARC v9 (T2) w/ Solaris 11; SPARC v9 (T4) with T4 accelerator w/ Solaris 11; SPARC v9 (T4) without T4 accelerator w/ Solaris 11; Intel x86 with AES-NI w/ Solaris 10 on ESXi 4.1; Intel x86 without AES-NI w/ Solaris 10 on ESXi 4.1; Intel x64 with AES-NI w/ Solaris 10; Intel x64 without AES-NI w/ Solaris 10; PA-RISC 2.0 32-bit w/ HPUX 11.31; PA-RISC 2.0W 64-bit w/ HPUX 11.31; Itanium2 32-bit w/ HPUX 11.31; Itanium2 64-bit w/ HPUX 11.31; PowerPC 32-bit w/ AIX 6.1 on Virtual I/O Server 2.2.2.1; PowerPC 64-bit w/ AIX 6.1 on Virtual I/O Server 2.2.2.1; PowerPC 32-bit w/ AIX 7.1 on Virtual I/O Server 2.2.2.1; PowerPC 64-bit w/ AIX 7.1 on Virtual I/O Server 2.2.2.1; IBM z196 31/32-bit w/ Red Hat Enterprise Linux 5.8 on z/VM 6.2; IBM z196 64-bit w/ Red Hat Enterprise Linux 5.8 on z/VM 6.2; ARMv7 w/ Ubuntu 12.04 LTS; ARMv7 w/ Fedora Core 17; Intel x86 w/ Android 4.0.3; ARMv7 w/ Android 2.3.6; ARMv7 w/ Android 4.1.2; ARMv7 w/ iOS 7.1; ARMv7s w/ iOS 7.1; PPC 604 w/ VxWorks 6.4; PPC 604 w/ VxWorks 6.7; ARMv4 w/ VxWorks 6.8 6/27/2014 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"RSA BSAFE® Crypto-C ME software is designed to help protect sensitive data as it is stored using strong encryption techniques to provide a persistent level of protection. The software supports a wide range of industry standard encryption algorithms offering developers the flexibility to choose the appropriate option to meet their requirements."

295
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Engage Communication, Inc.
9565 Soquel Drive
Suite 201
Aptos, CA 95003
USA

-Gian-Carlo Bava
TEL: 831-688-1021 ext 106

-Shaun Tomaszewski
TEL: 831-688-1021 ext 104

BlackVault Crypto-OSS

Version 2.0.5 (Firmware)
ARM926EJ-S 6/27/2014 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"The Engage Communication BlackVault cryptographic library provides a FIPS 140-2 approved Application Programming Interface (API) to the BlackVault Hardware Security Module (HSM). The library is based on OpenSSL FIPS version 2.0.5."

294
Section 4.2,
TLS
SP800-135
Engage Communication, Inc.
9565 Soquel Drive
Suite 201
Aptos, CA 95003
USA

-Gian-Carlo Bava
TEL: 831-688-1021 ext 106

-Shaun Tomaszewski
TEL: 831-688-1021 ext 104

BlackVault Crypto-OSS-TLS

Version 1.0.1g (Firmware)
ARM926EJ-S 6/27/2014 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#2327 HMAC Val#1732

"The Engage Communication BlackVault cryptographic library provides a FIPS 140-2 approved Application Programming Interface (API) to the BlackVault Hardware Security Module (HSM). The KDF function is based on OpenSSL version 1.0.1g."

293
Section 4.2,
TLS
SP800-135
Software House, a Brand of Tyco International
6 Technology Park Drive
Westford, MA 01886
USA

-Lou Mikitarian
TEL: 1-978-577-4125

-Rick Focke
TEL: 1-978-577-4266

iSTAR Cryptographic Engine

Version 2.1
ARM v7 i.MX6Q w/ Ubuntu Linux 12.04.2 6/27/2014 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#2400 HMAC Val#1797

"The iSTAR Cryptographic Engine provides cryptographic services used for securing data and communications for the iSTAR Edge and iSTAR Ultra Door Controllers."

292
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Software House, a Brand of Tyco International
6 Technology Park Drive
Westford, MA 01886
USA

-Lou Mikitarian
TEL: 1-978-577-4125

-Rick Focke
TEL: 1-978-577-4266

iSTAR Cryptographic Engine

Version 2.1
ARM v7 i.MX6Q w/ Ubuntu Linux 12.04.2; Atmel 9260 w/ Windows CE v5.0 6/27/2014 Curves tested: B-571

"The iSTAR Cryptographic Engine provides cryptographic services used for securing data and communications for the iSTAR Edge and iSTAR Ultra Door Controllers."

291
Section 4.1.1,
IKEv1
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Hewlett-Packard Company
153 Taylor Street
Littleton, MA 01460
USA

-Bob Pittman
TEL: 1-978-264-5211
FAX: 1-978-264-5522

HP Comware

Version 5.2.105 (Firmware)
RMI (Netlogic) XLS208 MIPS; RMI (Netlogic) XLS408 MIPS 6/27/2014 IKEv1( AUTH( DSA , PSK ) ) ( 2048 (SHA 1 ) ) SHA Val#2398 HMAC Val#1795
TLS( TLS1.0/1.1 ) SHA Val#2398 HMAC Val#1795
SSH (SHA 1 ) SHA Val#2398
SNMP SHA1 Val#2398

"Comware cryptographic library is a software library that provides cryptographic functions within HP devices."

290
Section 4.1.1,
IKEv1
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Hewlett-Packard Company
153 Taylor Street
Littleton, MA 01460
USA

-Bob Pittman
TEL: 1-978-264-5211
FAX: 1-978-264-5522

HP Comware

Version 5.2.99 (Firmware)
Freescale P2020 6/27/2014 IKEv1( AUTH( DSA , PSK ) ) ( 2048 (SHA 1 ) ) SHA Val#2397 HMAC Val#1794
TLS( TLS1.0/1.1 ) SHA Val#2397 HMAC Val#1794
SSH (SHA 1 ) SHA Val#2397
SNMP SHA1 Val#2397

"Comware cryptographic library is a software library that provides cryptographic functions within HP devices."

289
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Microsoft Corporation
One Microsoft Way
Redmond, WA 98052-6399
USA

-Tim Myers
TEL: 800-Microsoft

Microsoft Windows 8.1, Microsoft Windows Server 2012 R2, Microsoft Windows Storage Server 2012 R2, Microsoft Windows RT 8.1, Microsoft Surface with Windows RT 8.1, Microsoft Surface Pro with Windows 8.1, Microsoft Surface 2, Microsoft Surface Pro 2, Microsoft Windows Phone 8.1, Microsoft Windows Embedded 8.1 Industry MsBignum Cryptographic Implementations

Version 6.3.9600
NVIDIA Tegra 3 Quad-Core w/ Windows RT 8.1 (ARMv7 Thumb-2); Qualcomm Snapdragon S4 w/ Windows Phone 8.1 (ARMv7 Thumb-2); Qualcomm Snapdragon 400 w/ Windows Phone 8.1 (ARMv7 Thumb-2); Qualcomm Snapdragon 800 w/ Windows Phone 8.1 (ARMv7 Thumb-2); Qualcomm Snapdragon S4 w/ Windows RT 8.1 (ARMv7 Thumb-2); NVIDIA Tegra 3 Quad-Core w/ Microsoft Surface w/ Windows RT 8.1 (ARMv7 Thumb-2); Intel Core i3 without AES-NI and with PCLMULQDQ and SSSE3 w/ Windows 8.1 Enterprise (x64); Intel Core i7 with AES-NI and PCLMULQDQ and SSSE3 w/ Windows 8.1 Enterprise (x64); AMD A4 without AES-NI or PCLMULQDQ or SSSE3 w/ Windows 8.1 Enterprise (x86); AMD Athlon 64 X2 without AES-NI w/ Windows 8.1 Enterprise (x86); Intel Core i7 without AES-NI or PCLMULQDQ or SSSE3 w/ Windows 8.1 Enterprise (x86); Intel Pentium without AES-NI w/ Windows 8.1 Enterprise (x86); AMD A4 with AES-NI and PCLMULQDQ and SSSE3 w/ Windows 8.1 Enterprise (x64); AMD A4 with AES-NI and PCLMULQDQ and SSSE3 w/ Windows Embedded 8.1 Industry Enterprise (x64); Intel Core i3 without AES-NI and with PCLMULQDQ and SSSE3 w/ Windows Embedded 8.1 Industry Enterprise (x64); Intel Core i7 with AES-NI and PCLMULQDQ and SSSE3 w/ Windows Embedded 8.1 Industry Enterprise (x64); AMD A4 without AES-NI or PCLMULQDQ or SSSE3 w/ Windows Embedded 8.1 Industry Enterprise (x86); AMD Athlon 64 X2 without AES-NI w/ Windows Embedded 8.1 Industry Enterprise (x86); Intel Core i7 without AES-NI or PCLMULQDQ or SSSE3 w/ Windows Embedded 8.1 Industry Enterprise (x86); Intel Pentium without AES-NI w/ Windows Embedded 8.1 Industry Enterprise (x86); AMD Athlon 64 X2 without AES-NI w/ Windows 8.1 Enterprise (x64); Intel Pentium without AES-NI w/ Windows 8.1 Enterprise (x64); AMD A4 with AES-NI and PCLMULQDQ and SSSE3 w/ Windows Server 2012 R2 (x64); Intel Core i3 without AES-NI and with PCLMULQDQ and SSSE3 w/ Windows Server 2012 R2 (x64); Intel Core i7 with AES-NI and PCLMULQDQ and SSSE3 w/ Windows Server 2012 R2 (x64); AMD A4 without AES-NI or PCLMULQDQ or SSSE3 w/ Windows 8.1 Enterprise (x64); AMD A4 without AES-NI or PCLMULQDQ or SSSE3 w/ Windows Embedded 8.1 Industry Enterprise (x64); Intel Core i7 without AES-NI or PCLMULQDQ or SSSE3 w/ Windows Embedded 8.1 Industry Enterprise (x64); Intel Pentium without AES-NI w/ Windows Embedded 8.1 Industry Enterprise (x64); AMD A4 with AES-NI and PCLMULQDQ and SSSE3 w/ Windows Storage Server 2012 R2 (x64); Intel Core i7 with AES-NI and PCLMULQDQ and SSSE3 w/ Windows Storage Server 2012 R2 (x64); Intel Core i3 without AES-NI and with PCLMULQDQ and SSSE3 w/ Windows Storage Server 2012 R2 (x64); AMD Athlon 64 X2 without AES-NI w/ Windows Server 2012 R2 (x64); Intel Core i7 without AES-NI or PCLMULQDQ or SSSE3 w/ Windows Server 2012 R2 (x64); Intel Pentium without AES-NI w/ Windows Server 2012 R2 (x64); AMD A4 without AES-NI or PCLMULQDQ or SSSE3 w/ Windows Server 2012 R2 (x64); AMD A4 without AES-NI or PCLMULQDQ or SSSE3 w/ Windows Storage Server 2012 R2 (x64); Intel Core i7 without AES-NI or PCLMULQDQ or SSSE3 w/ Windows Storage Server 2012 R2 (x64); Intel Pentium without AES-NI w/ Windows Storage Server 2012 R2 (x64); Intel Core i5 with AES-NI and PCLMULQDQ and SSSE3 w/ Microsoft Surface Pro 2 w/ Windows 8.1 Enterprise (x64); Intel Core i5 with AES-NI and PCLMULQDQ and SSSE3 w/ Microsoft Surface Pro w/ Windows 8.1 Pro (x64); Intel Core i5 with AES-NI and PCLMULQDQ and SSSE3 w/ Microsoft Surface Pro 2 w/ Windows 8.1 Pro (x64); NVIDIA Tegra 4 Quad-Core w/ Microsoft Surface 2 w/ Windows RT 8.1 (ARMv7 Thumb-2) 6/6/2014 RSASP1: (Mod2048: PKCS1.5 )

"The Microsoft Windows MSBignum Library algorithm implementation provides DSA, ECDSA, and RSA support to other Microsoft libraries and cryptographic modules."

288
Signature Generation of hash sized messages
FIPS186-4 ECDSA
Microsoft Corporation
One Microsoft Way
Redmond, WA 98052-6399
USA

-Tim Myers
TEL: 800-Microsoft

Microsoft Windows 8.1, Microsoft Windows Server 2012 R2, Microsoft Windows Storage Server 2012 R2, Microsoft Windows RT 8.1, Microsoft Surface with Windows RT 8.1, Microsoft Surface Pro with Windows 8.1, Microsoft Surface 2, Microsoft Surface Pro 2, Microsoft Windows Phone 8.1, Microsoft Windows Embedded 8.1 Industry MsBignum Cryptographic Implementations

Version 6.3.9600
NVIDIA Tegra 3 Quad-Core w/ Windows RT 8.1 (ARMv7 Thumb-2); Qualcomm Snapdragon S4 w/ Windows Phone 8.1 (ARMv7 Thumb-2); Qualcomm Snapdragon 400 w/ Windows Phone 8.1 (ARMv7 Thumb-2); Qualcomm Snapdragon 800 w/ Windows Phone 8.1 (ARMv7 Thumb-2); Qualcomm Snapdragon S4 w/ Windows RT 8.1 (ARMv7 Thumb-2); NVIDIA Tegra 3 Quad-Core w/ Microsoft Surface w/ Windows RT 8.1 (ARMv7 Thumb-2); Intel Core i3 without AES-NI and with PCLMULQDQ and SSSE3 w/ Windows 8.1 Enterprise (x64); Intel Core i7 with AES-NI and PCLMULQDQ and SSSE3 w/ Windows 8.1 Enterprise (x64); AMD A4 without AES-NI or PCLMULQDQ or SSSE3 w/ Windows 8.1 Enterprise (x86); AMD Athlon 64 X2 without AES-NI w/ Windows 8.1 Enterprise (x86); Intel Core i7 without AES-NI or PCLMULQDQ or SSSE3 w/ Windows 8.1 Enterprise (x86); Intel Pentium without AES-NI w/ Windows 8.1 Enterprise (x86); AMD A4 with AES-NI and PCLMULQDQ and SSSE3 w/ Windows 8.1 Enterprise (x64); AMD A4 with AES-NI and PCLMULQDQ and SSSE3 w/ Windows Embedded 8.1 Industry Enterprise (x64); Intel Core i3 without AES-NI and with PCLMULQDQ and SSSE3 w/ Windows Embedded 8.1 Industry Enterprise (x64); Intel Core i7 with AES-NI and PCLMULQDQ and SSSE3 w/ Windows Embedded 8.1 Industry Enterprise (x64); AMD A4 without AES-NI or PCLMULQDQ or SSSE3 w/ Windows Embedded 8.1 Industry Enterprise (x86); AMD Athlon 64 X2 without AES-NI w/ Windows Embedded 8.1 Industry Enterprise (x86); Intel Core i7 without AES-NI or PCLMULQDQ or SSSE3 w/ Windows Embedded 8.1 Industry Enterprise (x86); Intel Pentium without AES-NI w/ Windows Embedded 8.1 Industry Enterprise (x86); AMD Athlon 64 X2 without AES-NI w/ Windows 8.1 Enterprise (x64); Intel Pentium without AES-NI w/ Windows 8.1 Enterprise (x64); AMD A4 with AES-NI and PCLMULQDQ and SSSE3 w/ Windows Server 2012 R2 (x64); Intel Core i3 without AES-NI and with PCLMULQDQ and SSSE3 w/ Windows Server 2012 R2 (x64); Intel Core i7 with AES-NI and PCLMULQDQ and SSSE3 w/ Windows Server 2012 R2 (x64); AMD A4 without AES-NI or PCLMULQDQ or SSSE3 w/ Windows 8.1 Enterprise (x64); AMD A4 without AES-NI or PCLMULQDQ or SSSE3 w/ Windows Embedded 8.1 Industry Enterprise (x64); Intel Core i7 without AES-NI or PCLMULQDQ or SSSE3 w/ Windows Embedded 8.1 Industry Enterprise (x64); Intel Pentium without AES-NI w/ Windows Embedded 8.1 Industry Enterprise (x64); AMD A4 with AES-NI and PCLMULQDQ and SSSE3 w/ Windows Storage Server 2012 R2 (x64); Intel Core i7 with AES-NI and PCLMULQDQ and SSSE3 w/ Windows Storage Server 2012 R2 (x64); Intel Core i3 without AES-NI and with PCLMULQDQ and SSSE3 w/ Windows Storage Server 2012 R2 (x64); AMD Athlon 64 X2 without AES-NI w/ Windows Server 2012 R2 (x64); Intel Core i7 without AES-NI or PCLMULQDQ or SSSE3 w/ Windows Server 2012 R2 (x64); Intel Pentium without AES-NI w/ Windows Server 2012 R2 (x64); AMD A4 without AES-NI or PCLMULQDQ or SSSE3 w/ Windows Server 2012 R2 (x64); AMD A4 without AES-NI or PCLMULQDQ or SSSE3 w/ Windows Storage Server 2012 R2 (x64); Intel Core i7 without AES-NI or PCLMULQDQ or SSSE3 w/ Windows Storage Server 2012 R2 (x64); Intel Pentium without AES-NI w/ Windows Storage Server 2012 R2 (x64); Intel Core i5 with AES-NI and PCLMULQDQ and SSSE3 w/ Microsoft Surface Pro 2 w/ Windows 8.1 Enterprise (x64); Intel Core i5 with AES-NI and PCLMULQDQ and SSSE3 w/ Microsoft Surface Pro w/ Windows 8.1 Pro (x64); Intel Core i5 with AES-NI and PCLMULQDQ and SSSE3 w/ Microsoft Surface Pro 2 w/ Windows 8.1 Pro (x64); NVIDIA Tegra 4 Quad-Core w/ Microsoft Surface 2 w/ Windows RT 8.1 (ARMv7 Thumb-2); AMD Athlon 64 X2 without AES-NI w/ Windows Embedded 8.1 Industry Enterprise (x64); AMD Athlon 64 X2 without AES-NI w/ Windows Storage Server 2012 R2 (x64) 6/6/2014 ECDSA SigGen Component: CURVES( P-256 P-384 P-521 )

"The Microsoft Windows MSBignum Library algorithm implementation provides DSA, ECDSA, and RSA support to other Microsoft libraries and cryptographic modules."

07/10/2014: Added new tested information;

287
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Cisco Systems, Inc.
170 W Tasman Drive
San Jose, CA 95134
USA

-Global Certification Team

Openssl-fips-1.2

Version 1.2
Intel Xeon w/ Windriver Linux (2.6.99.99 kernel) 5/30/2014 TLS( TLS1.0/1.1 ) SHA Val#2275 HMAC Val#1689
SSH (SHA 1 ) SHA Val#2275
SNMP SHA1 Val#2275

"The openssl crypto library is used on the Nexus7K supervisor to implement crypto operations in software."

286
Section 4.2,
TLS
SP800-135
Accellion, Inc.
1804 Embarcadero Road
Suite 200
Palo Alto, Ca 94303
USA

-Prateek Jain
TEL: 65-62445670
FAX: 65-62445678

OpenSSL Library

Version 1.0.1g
Intel Xeon QuadCore w/ CentOS 6.4 on VMware ESXi 5.1.0 5/30/2014 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 ) ) SHA Val#2392 HMAC Val#1790

"Accellion Kiteworks Cryptographic Module is a key component of Accellion''s Kiteworks product that enables enterprises to securely share and transfer files. Extensive tracking and reporting tools allow compliance with SOX, HIPAA, FDA and GLB regulations while providing enterprise grade security and ease of use."

285
Section 4.2,
TLS
SP800-135
Ultra Electronics 3eTI
9715 Key West Avenue, Suite 500
Rockville, MD 20850
USA

-Harinder Sood
TEL: 301-944-1325
FAX: 301-670-6989

-Chris Guo
TEL: 301-944-1294
FAX: 301-670-6989

3eTI OpenSSL Algorithm Implementation

Version 1.0.1-a (Firmware)
MPC8378E 5/30/2014 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#1801 HMAC Val#303

"Algorithms listed are used to provide encryption and authentication services within 3eTI networking products."

284
Section 4.2,
TLS
SP800-135
Freescale Semiconductor, Inc.
7700 West Parmer Lane
Austin, TX 78729
USA

-Geoffrey Waters
TEL: 512-996-5815
FAX: 512-996-7866

-Tom Tkacik
TEL: 480-814-3299
FAX: 480-814-3660

DMPR 20222141

Version CAVP_DMPR_20222141_P5040R1 (Firmware)
Chronologic VCS simulator, vcs D-2010.06-04 5/30/2014 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#2109 HMAC Val#1533

"Freescale's cryptographic boundary for DSA, ECDSA and RSA includes the following CHAs plus Descriptor Controller: DECO 2.0, MDHA 2.2, PKHA-SD64 2.1, RNG4 4.1. Freescale's DMPR 20222141 is included in multiple QorIQ Integrated Communications Processors and co-processors, including: P5040, P5021, T4240r1, T4160r1, and B4860."

283
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Freescale Semiconductor, Inc.
7700 West Parmer Lane
Austin, TX 78729
USA

-Geoffrey Waters
TEL: 512-996-5815
FAX: 512-996-7866

-Tom Tkacik
TEL: 480-814-3299
FAX: 480-814-3660

DMPR 20222141

Version CAVP_DMPR_20222141_P5040R1 (Firmware)
Chronologic VCS simulator, vcs D-2010.06-04 5/30/2014 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"Freescale's cryptographic boundary for DSA, ECDSA and RSA includes the following CHAs plus Descriptor Controller: DECO 2.0, MDHA 2.2, PKHA-SD64 2.1, RNG4 4.1. Freescale's DMPR 20222141 is included in multiple QorIQ Integrated Communications Processors and co-processors, including: P5040, P5021, T4240r1, T4160r1, and B4860."

282
Section 4.1.2,
IKEv2
Section 4.2,
TLS
SP800-135
Freescale Semiconductor, Inc.
7700 West Parmer Lane
Austin, TX 78729
USA

-Geoffrey Waters
TEL: 512-996-5815
FAX: 512-996-7866

-Tom Tkacik
TEL: 480-814-3299
FAX: 480-814-3660

DMPR 30232242

Version CAVP_DMPR_30232242_T2080R1 (Firmware)
Chronologic VCS simulator, vcs D-2010.06-04 5/30/2014 IKEv2( ( 224 (SHA 1 , 256 , 384 , 512 ) ) ( 4096 (SHA 1 , 256 , 384 , 512 ) ) ( 384 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#2110 HMAC Val#1534
TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#2110 HMAC Val#1534

"Freescale's cryptographic boundary for DSA, ECDSA and RSA includes the following CHAs plus Descriptor Controller: DECO 3.0, MDHA 2.3, PKHA-SD64 2.2, RNG4 4.2. Freescale's DMPR 30232242 is included in the QorIQ Integrated Communications Processor; T2080."

281
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Freescale Semiconductor, Inc.
7700 West Parmer Lane
Austin, TX 78729
USA

-Geoffrey Waters
TEL: 512-996-5815
FAX: 512-996-7866

-Tom Tkacik
TEL: 480-814-3299
FAX: 480-814-3660

DMPR 30232242

Version CAVP_DMPR_30232242_T2080R1 (Firmware)
Chronologic VCS simulator, vcs D-2010.06-04 5/30/2014 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"Freescale's cryptographic boundary for DSA, ECDSA and RSA includes the following CHAs plus Descriptor Controller: DECO 3.0, MDHA 2.3, PKHA-SD64 2.2, RNG4 4.2. Freescale's DMPR 30232242 is included in the QorIQ Integrated Communications Processor; T2080."

280
Section 4.1.2,
IKEv2
Section 4.2,
TLS
SP800-135
Freescale Semiconductor, Inc.
7700 West Parmer Lane
Austin, TX 78729
USA

-Geoffrey Waters
TEL: 512-996-5815
FAX: 512-996-7866

-Tom Tkacik
TEL: 480-814-3299
FAX: 480-814-3660

DMPR 30231242

Version CAVP_DMPR_30231242_T1040R1 (Firmware)
Chronologic VCS simulator, vcs D-2010.06-04 5/30/2014 IKEv2( ( 224 (SHA 1 , 256 , 384 , 512 ) ) ( 4096 (SHA 1 , 256 , 384 , 512 ) ) ( 384 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#2110 HMAC Val#1534
TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#2110 HMAC Val#1534

"Freescale's cryptographic boundary for DSA, ECDSA, RSA, KAS and ASKDF includes the following CHAs plus Descriptor Controller: DECO 3.0, MDHA 2.3, PKHA-SD32 1.2, RNG4 4.2. Freescale's DHSA 30231242 is included in the QorIQ Integrated Communications Processor: T1040."

279
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Freescale Semiconductor, Inc.
7700 West Parmer Lane
Austin, TX 78729
USA

-Geoffrey Waters
TEL: 512-996-5815
FAX: 512-996-7866

-Tom Tkacik
TEL: 480-814-3299
FAX: 480-814-3660

DMPR 30231242

Version CAVP_DMPR_30231242_T1040R1 (Firmware)
Chronologic VCS simulator, vcs D-2010.06-04 5/30/2014 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"Freescale's cryptographic boundary for DSA, ECDSA, RSA, KAS and ASKDF includes the following CHAs plus Descriptor Controller: DECO 3.0, MDHA 2.3, PKHA-SD32 1.2, RNG4 4.2. Freescale's DHSA 30231242 is included in the QorIQ Integrated Communications Processor: T1040."

278
Section 4.1.2,
IKEv2
Section 4.2,
TLS
SP800-135
Freescale Semiconductor, Inc.
7700 West Parmer Lane
Austin, TX 78729
USA

-Geoffrey Waters
TEL: 512-996-5815
FAX: 512-996-7866

-Tom Tkacik
TEL: 480-814-3299
FAX: 480-814-3660

DMPR 30233242

Version CAVP_DMPR_30233242_C290R1 (Firmware)
Chronologic VCS simulator, vcs D-2010.06-04 5/30/2014 IKEv2( ( 224 (SHA 1 , 256 , 384 , 512 ) ) ( 384 (SHA 1 , 256 , 384 , 512 ) ) ( 384 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#2110 HMAC Val#1534
TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#2110 HMAC Val#1534

"Freescale's cryptographic boundary for DSA, ECDSA and RSA includes the following CHAs plus Descriptor Controller: DECO 3.0, MDHA 2.3, PKHA-SD128 3.2, RNG4 4.2. Freescale's DMPR 30233242 is included in multiple QorIQ Integrated Communications Processors and co-processors, including: C291, C292, C293, T4240r2, and T4160r2."

277
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Freescale Semiconductor, Inc.
7700 West Parmer Lane
Austin, TX 78729
USA

-Geoffrey Waters
TEL: 512-996-5815
FAX: 512-996-7866

-Tom Tkacik
TEL: 480-814-3299
FAX: 480-814-3660

DMPR 30233242

Version CAVP_DMPR_30233242_C290R1 (Firmware)
Chronologic VCS simulator, vcs D-2010.06-04 5/30/2014 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"Freescale's cryptographic boundary for DSA, ECDSA and RSA includes the following CHAs plus Descriptor Controller: DECO 3.0, MDHA 2.3, PKHA-SD128 3.2, RNG4 4.2. Freescale's DMPR 30233242 is included in multiple QorIQ Integrated Communications Processors and co-processors, including: C291, C292, C293, T4240r2, and T4160r2."

276
Section 4.2,
TLS
SP800-135
Freescale Semiconductor, Inc.
7700 West Parmer Lane
Austin, TX 78729
USA

-Geoffrey Waters
TEL: 512-996-5815
FAX: 512-996-7866

-Tom Tkacik
TEL: 480-814-3299
FAX: 480-814-3660

DMPR 13221121

Version CAVP_DMPR_13221121_P4080R3 (Firmware)
Chronologic VCS simulator, vcs D-2010.06-04 5/30/2014 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#2109 HMAC Val#1533

"Freescale's cryptographic boundary for DSA, ECDSA, RSA, KAS and ASKDF includes the following CHAs plus Descriptor Controller: DECO 1.3, MDHA 2.2, PKHA-SD32 1.1, RNGB 2.1. Freescale's DHSA 13221121 is included in the QorIQ Integrated Communications Processor: P4080r3."

275
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Freescale Semiconductor, Inc.
7700 West Parmer Lane
Austin, TX 78729
USA

-Geoffrey Waters
TEL: 512-996-5815
FAX: 512-996-7866

-Tom Tkacik
TEL: 480-814-3299
FAX: 480-814-3660

DMPR 13221121

Version CAVP_DMPR_13221121_P4080R3 (Firmware)
Chronologic VCS simulator, vcs D-2010.06-04 5/30/2014 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"Freescale's cryptographic boundary for DSA, ECDSA, RSA, KAS and ASKDF includes the following CHAs plus Descriptor Controller: DECO 1.3, MDHA 2.2, PKHA-SD32 1.1, RNGB 2.1. Freescale's DHSA 13221121 is included in the QorIQ Integrated Communications Processor: P4080r3."

274
Section 4.2,
TLS
SP800-135
Freescale Semiconductor, Inc.
7700 West Parmer Lane
Austin, TX 78729
USA

-Geoffrey Waters
TEL: 512-996-5815
FAX: 512-996-7866

-Tom Tkacik
TEL: 480-814-3299
FAX: 480-814-3660

DMPR 12211040

Version CAVP_DMPR_12211040_PSC9131R1 (Firmware)
Chronologic VCS simulator, vcs D-2010.06-04 5/30/2014 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#2108 HMAC Val#1532

"Freescale's cryptographic boundary for DSA, ECDSA, RSA, KAS and ASKDF includes the following CHAs plus Descriptor Controller: DECO 1.2, MDHA 2.1, PKHA-SD32 1.0, RNGB 4.0. Freescale's DHSA 12211040 is included in the QorIQ Integrated Communications Processors: PSC9131 and PSC9132."

273
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Freescale Semiconductor, Inc.
7700 West Parmer Lane
Austin, TX 78729
USA

-Geoffrey Waters
TEL: 512-996-5815
FAX: 512-996-7866

-Tom Tkacik
TEL: 480-814-3299
FAX: 480-814-3660

DMPR 12211040

Version CAVP_DMPR_12211040_PSC9131R1 (Firmware)
Chronologic VCS simulator, vcs D-2010.06-04 5/30/2014 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"Freescale's cryptographic boundary for DSA, ECDSA, RSA, KAS and ASKDF includes the following CHAs plus Descriptor Controller: DECO 1.2, MDHA 2.1, PKHA-SD32 1.0, RNGB 4.0. Freescale's DHSA 12211040 is included in the QorIQ Integrated Communications Processors: PSC9131 and PSC9132."

272
Section 4.2,
TLS
SP800-135
Freescale Semiconductor, Inc.
7700 West Parmer Lane
Austin, TX 78729
USA

-Geoffrey Waters
TEL: 512-996-5815
FAX: 512-996-7866

-Tom Tkacik
TEL: 480-814-3299
FAX: 480-814-3660

DMPR 11200121

Version CAVP_DMPR_11200121_P5020R1 (Firmware)
Chronologic VCS simulator, vcs D-2010.06-04 5/30/2014 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#1446 HMAC Val#967

"Freescale's cryptographic boundary for DSA, ECDSA, RSA, KAS and ASKDF includes the following CHAs plus Descriptor Controller: DECO 1.1, MDHA 2.0, PKHA-XT0.1, RNGB 2.1. Freescale's DHSA 11200121 is included in multiple QorIQ Integrated Communications Processors, including: P3041, P2041, P2040, P5020, P5010, and P1010."

271
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Freescale Semiconductor, Inc.
7700 West Parmer Lane
Austin, TX 78729
USA

-Geoffrey Waters
TEL: 512-996-5815
FAX: 512-996-7866

-Tom Tkacik
TEL: 480-814-3299
FAX: 480-814-3660

DMPR 11200121

Version CAVP_DMPR_11200121_P5020R1 (Firmware)
Chronologic VCS simulator, vcs D-2010.06-04 5/30/2014 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"Freescale's cryptographic boundary for DSA, ECDSA, RSA, KAS and ASKDF includes the following CHAs plus Descriptor Controller: DECO 1.1, MDHA 2.0, PKHA-XT0.1, RNGB 2.1. Freescale's DHSA 11200121 is included in multiple QorIQ Integrated Communications Processors, including: P3041, P2041, P2040, P5020, P5010, and P1010."

269
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
INSIDE Secure
Arteparc Bachasson, Bât A
Rue de la carrière de Bachasson, CS70025
Meyreuil, Bouches-du-Rhône 13590
France

-Bob Oerlemans
TEL: +31 736-581-900
FAX: +31 736-581-999

VaultIP

Part # 1.1
N/A 5/23/2014 Curves tested: P-224   P-256   P-384   P-521

"VaultIP is a Silicon IP Security Module which includes a complete set of high- and low-level cryptographic functions. It offers key management and crypto functions needed for platform and application security such as Content Protection and Mobile Payment, and can be used stand-alone or as a ''Root of Trust'' to support a TEE-based platform."

268
Section 4.2,
TLS
SP800-135
Accellion, Inc.
1804 Embarcadero Road
Suite 200
Palo Alto, Ca 94303
USA

-Prateek Jain
TEL: 65-62445670
FAX: 65-62445678

TLS Library

Version 1.0.1c1
Dual Xeon QuadCore w/ Red Hat Enterprise Linux 5 5/23/2014 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 ) ) SHA Val#2385 HMAC Val#1783

"Accellion Cryptographic Module is a key component of Accellion''s secure collaboration solution that enables enterprises to securely share and transfer files. Extensive tracking and reporting tools allow compliance with SOX, HIPAA, FDA and GLB regulations while providing enterprise grade security and ease of use."

267
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Aruba Networks, Inc.
1344 Crossman Ave
Sunnyvale, CA 94089
USA

-Jon Green
TEL: 408-227-4500
FAX: 408-227-4550

libancrypto.a

Version 1.0.0
Intel Core i5 w/ Mac OS X 10.8; Apple A6 w/ Apple iOS 7 5/23/2014 RSASP1: (Mod2048: PKCS1.5 )

"The Aruba Common Cryptographic Module (CCM) is a software crypto library that powers a variety of Aruba’s networking and security products. The module does not implement any protocols directly, but provides cryptographic primitives and functions that software developers build upon to implement various security protocols."

266
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Aruba Networks, Inc.
1344 Crossman Ave
Sunnyvale, CA 94089
USA

-Jon Green
TEL: 408-227-4500
FAX: 408-227-4550

libancrypto.so

Version 1.0.0
Intel Core i5 w/ Red Hat Enterprise Linux 6 32-bit; ARMv7 w/ Android 4 5/23/2014 RSASP1: (Mod2048: PKCS1.5 )

"The Aruba Common Cryptographic Module (CCM) is a software crypto library that powers a variety of Aruba’s networking and security products. The module does not implement any protocols directly, but provides cryptographic primitives and functions that software developers build upon to implement various security protocols."

265
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Aruba Networks, Inc.
1344 Crossman Ave
Sunnyvale, CA 94089
USA

-Jon Green
TEL: 408-227-4500
FAX: 408-227-4550

ancrypto.dll

Version 1.0.0
Intel Core i5 w/ Windows 7 32-bit User Mode; Intel Core i5 w/ Windows 7 64-bit User Mode 5/23/2014 RSASP1: (Mod2048: PKCS1.5 )

"The Aruba Common Cryptographic Module (CCM) is a software crypto library that powers a variety of Aruba’s networking and security products. The module does not implement any protocols directly, but provides cryptographic primitives and functions that software developers build upon to implement various security protocols."

06/11/14: Added new tested information;

264
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Fortinet, Inc.
1090 Kifer Road
Sunnyvale, CA 94086-5301
USA

-Alan Kaye
TEL: 613-225-9381 x7416
FAX: 613-225-9951

Fortinet FortiMail SSL Cryptographic Library

Version 5.0 (Firmware)
Intel Xeon 5/9/2014 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#2382 HMAC Val#1781
SSH (SHA 1 , 256 ) SHA Val#2382

"This focuses on the firmware implementation of the Fortinet FortiMail SSL Cryptographic Library v5.0 running on Intel x86 compatible processors."

10/29/14: Added new tested information;

263
Section 5.4, SNMP
SP800-135
Motorola Solutions, Inc.
1301 East Algonquin Road
Schaumburg, IL 60196
USA

-Tom Nguyen
TEL: (847) 576-2352
FAX: (847) 576-6150

-Rachel Michelson
TEL: (847) 219-6292
FAX: (847) 576-6150

MOTOROLA_IPCRYPTR2_SNMPv3_KDF

Version R06.01.00 (Firmware)
Atmel AT58U97 PIKE v2 5/9/2014 SNMP SHA1 Val#1292

"SNMP v3 key derivation from a password and Engine ID, based on SHA-1"

262
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
SP800-135
Motorola Solutions, Inc.
1301 East Algonquin Road
Schaumburg, IL 60196
USA

-Tom Nguyen
TEL: (847) 576-2352
FAX: (847) 576-6150

-Rachel Michelson
TEL: (847) 219-6292
FAX: (847) 576-6150

MOTOROLA_IPCRYPTR2_IKEv2_KDF

Version R06.01.00 (Firmware)
Atmel AT58U97 PIKE v2 5/9/2014 IKEv1( SHA Val#1292 HMAC Val#1780
IKEv2( ( 384 (SHA 384 ) ) SHA Val#1292 HMAC Val#1780

"Suite B IKE v2 KDF per http://www.nsa.gov/ia/_files/SuiteB_Implementer_G-113808.pdf section 8.1"

261
All of SP800-56A EXCEPT KDF
SP800-56A
INSIDE Secure
Eerikinkatu 28
Helsinki, n/a 00180
Finland

-Serge Haumont
TEL: +358 40 5808548

-Marko Nippula
TEL: +358 40 762 9394

SafeZone FIPS Cryptographic Module

Version 1.0.3A
ARMv7, 2.3 GHz w/ Android 4.4 5/9/2014 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC Static: (KARole: Initiator / Responder ) FB FC DSA Val#854 SHS Val#2378 DRBG Val#493
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG Partial Validation )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 StaticUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 ECDSA Val#497 SHS Val#2378 DRBG Val#493

"SafeZone FIPS Cryptographic Module is a FIPS 140-2 Security Level 1 validated software cryptographic module from INSIDE Secure. The module is a toolkit which provides the most commonly needed cryptographic primitives for a large variety of applications, including but not limited to, primitives for DAR, DRM, TLS, and VPN on mobile devices."

260
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
OpenSSL Software Foundation, Inc.
1829 Mount Ephraim Road
Adamstown, MD 27101
USA

-Steve Marquess
TEL: 877-673-6775

OpenSSL FIPS Object Module

Version 2.0.7
Freescale e500v2 (PPC) w/ Linux 2.6; Intel Core i7-3612QE (x86) without AES-NI w/ AcanOS 1.0; Intel Core i7-3612QE (x86) with AES-NI w/ AcanOS 1.0; Feroceon 88FR131 (ARMv5) w/ AcanOS 1.0; Intel Xeon E5440 (x86) without AES-NI w/ FreeBSD 8.4; Xeon E5-2430L (x86) without AES-NI w/ FreeBSD 9.1; Xeon E5-2430L (x86) with AES-NI w/ FreeBSD 9.1; Xeon E5645 (x86) without AES-NI w/ ArbOS 5.3; ASPEED AST-Series (ARMv5) w/ Linux ORACLESP 2.6; Emulex PILOT3 (ARMv5) w/ Linux ORACLESP 2.6; Xeon E5645 (x86) with AES-NI w/ ArbOS 5.3 ;  Xeon E5-2430L (x86) without AES-NI w/ FreeBSD 9.2; Xeon E5-2430L (x86) with AES-NI w/ FreeBSD 9.2 5/9/2014 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"The OpenSSL FIPS Object Module is a full featured general purpose cryptographic library that is distributed in source code form under an open source license. It can be downloaded from www.openssl.org/source/."

05/14/14: Added new tested information;
07/03/14: Added new tested information;
07/178/14: Added new tested information;
07/31/14: Updated implementation information;

259
All of SP800-56A EXCEPT KDF
SP800-56A
United States Special Operations Command (USSOCOM)
7701 Tampa Point Boulevard
MacDill Air Force Base, Florida 33621-5323
USA

-William W. Burnham
TEL: (813) 826-2282

Suite B Cryptographic Algorithms

Version 1.0
Intel Xeon E5530; Qualcomm Snapdragon S2 MSM8655 8/16/2013 ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation   Key Regeneration )
SCHEMES: FullUnified: (KARole: Initiator ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 ECDSA Val#448 SHS Val#2187 DRBG Val#132 HMAC Val#1610
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#259.

"KEYW, in coordination with the United States Special Operations Command (USSOCOM), has developed a Suite B-compliant, standards based, AES/GCM-256 layer of encrypted communications between a BlackBerry Enterprise Server (BES) and a BlackBerry Mobile Set (MS) with Elliptic Curve (EC) key exchange used to negotiate symmetric keys."

07/25/14: Updated implementation information;

258
Section 5.2, SSH
SP800-135
Xirrus, Inc.
2101 Corporate Center Drive
Thousand Oaks, CA 91320
USA

-Mike de la Garrigue
TEL: 805-262-1655
FAX: 805-262-1601

AOS SSH Module

Version 6.0 (Firmware)
Cavium Octeon CN6000 series; ;  Cavium Octeon CN5000 series 5/2/2014 SSH (SHA 256 ) SHA Val#2374

"Xirrus AOS SSH implementation."

08/13/14: Added new tested information;

257
Section 4.2,
TLS
SP800-135
Xirrus, Inc.
2101 Corporate Center Drive
Thousand Oaks, CA 91320
USA

-Mike de la Garrigue
TEL: 805-262-1655
FAX: 805-262-1601

AOS Crypto Module

Version 6.0 (Firmware)
Cavium Octeon CN6000 series; Cavium Octeon CN5000 series 5/2/2014 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 ) ) SHA Val#2374 HMAC Val#1774

"Xirrus AOS crypto library implementation."

08/07/14: Added new tested information;

256
Section 5.4, SNMP
SP800-135
Alcatel-Lucent
600 - 700 Mountain Avenue
Murray Hill, NJ 07974
USA

-Yik-Ming Ho
TEL: +1 908 582 5301

Alcatel-Lucent PSS32/16 Crypto-SNMP Engine

Version 16.1-libengine-264
MPC8555 w/ Linux 2.6.10 4/25/2014 SNMP SHA1 Val#2371

"The Alcatel-Lucent PSS32/16 Crypto-SNMP Engine offers an integrated AES256 encryption of control/status information for providing an equivalent level of security for the control link as is provided for the transmission links using the Alcatel-Lucent Crypto-OTU2 Engine."

255
Section 5.4, SNMP
SP800-135
Alcatel-Lucent
600 - 700 Mountain Avenue
Murray Hill, NJ 07974
USA

-Yik-Ming Ho
TEL: +1 908 582 5301

Alcatel-Lucent PSS4 Crypto-SNMP Engine

Version 16.1-libengine-264
MPC8347 w/ Linux 2.6.10 4/25/2014 SNMP SHA1 Val#2370

"The Alcatel-Lucent PSS4 Crypto-SNMP Engine offers an integrated AES256 encryption of control/status information for providing an equivalent level of security for the control link as is provided for the transmission links using the Alcatel-Lucent Crypto-OTU2 Engine."

254
Signature Generation of hash sized messages
FIPS186-4 ECDSA
Pitney Bowes, Inc.
37 Executive Drive
Danbury, CT 06810
USA

-Dave Riley
TEL: 203-796-3208

libecdsa

Version 01.01.0009 (Firmware)
Part # MAX32590 Rev B4
N/A 4/9/2014 ECDSA SigGen Component: CURVES( P-256 )

"Pitney Bowes X4 HSM Cryptographic Module"

253
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
Section 4.2,
TLS
Section 5.2, SSH
Section 5.3, SRTP
Section 5.4, SNMP
SP800-135
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134
USA

-Global Certification Team

IOS Common Cryptographic Module (IC2M) Algorithm Module

Version 2.0 (Firmware)
AMCC PowerPC 405EX; Cavium CN5020; Cavium CN5220; Cavium CN5230; Freescale 8752E; Freescale SC8548H; Intel Xeon; MPC8358E; MPC8572C; PowerPC 405 3/31/2014 IKEv1( AUTH( DSA , PSK ) ) ( 2048 (SHA 1 , 256 ) ) SHA Val#2361 HMAC Val#1764
IKEv2( ( 2048 (SHA 1 , 256 ) ) SHA Val#2361 HMAC Val#1764
TLS( TLS1.0/1.1 ) SHA Val#2361 HMAC Val#1764
SSH (SHA 1 ) SHA Val#2361
SRTP (AES 128 , 192 , 256 ) AES Val#2817
SNMP SHA1 Val#2361

"IOS Common Crypto Module"

252
All of SP800-56A EXCEPT KDF
SP800-56A
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134
USA

-Global Certification Team

IOS Common Cryptographic Module (IC2M) Algorithm Module

Version 2.0 (Firmware)
AMCC PowerPC 405EX; Cavium CN5020; Cavium CN5220; Cavium CN5230; Freescale 8752E; Freescale SC8548H; Intel Xeon; MPC8358E; MPC8572C; PowerPC 405 3/31/2014 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: Partial Validation )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FC SHS Val#2361 DRBG Val#481
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: Full Validation Partial Validation )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 ECDSA Val#493 SHS Val#2361 DRBG Val#481

"IOS Common Crypto Module"

251
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Aruba Networks, Inc.
1344 Crossman Ave
Sunnyvale, CA 94089
USA

-Jon Green
TEL: 408-227-4500
FAX: 408-227-4550

ArubaOS Crypto Module

Version ArubaOS 6.3 (Firmware)
Broadcom XLS204; Broadcom XLS408; Broadcom XLR508; Broadcom XLR516; Broadcom XLR532; Broadcom XLR732; Broadcom XLP416; Broadcom XLP432; Qualcomm Atheros AR7242; Qualcomm Atheros AR7161; Qualcomm Atheros QCA9550; Cavium CN5010; Marvell 88F6560; Qualcomm Atheros QCA9344; Freescale QorIQ P1020 3/31/2014 RSASP1: (Mod2048: PKCS1.5 )

"The Aruba MOVE Architecture forms the core network infrastructure for supporting mobile and wireless computing devices. The system enables enterprise-scale 802.11 wireless LANs (Wi-Fi), secure remote VPNs, and mobility-optimized wired networks."

250
Section 5.5, TPM
SP800-135
Atmel Corporation
2325 Orchard Parkway
San Jose, CA 95131
US

-Jim Hallman
TEL: (919) 846-3391

-Todd Slack
TEL: (719) 540-3021

AT97SC3205

Part # AT97SC3205
N/A 3/21/2014 TPM SHA1 Val#2354 HMAC_SHA1 Val#1757

"The AT97SC3205 is a single chip cryptographic module used for cryptographic key generation, key storage and key management as well as generation and secure storage for digital certificates."

04/03/14: Updated vendor information;

249
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Symantec Corporation
350 Ellis Street
Mountain View, CA 94043
USA

-David Finkelstein
TEL: 650-527-0714

Symantec PGP Cryptographic Engine

Version 4.3
Dell Precision M6400 Intel Core i7 w/ Linux 64 bit RHEL with AESNI 3/21/2014 Curves tested: P-256   P-384   P-521

"The Symantec PGP Cryptographic Engine is a FIPS 140-2 validated software only cryptographic module. The module implements the cryptographic functions for Symantec Encryption products, including the Symantec Drive Encryption, Symantec Desktop Email, Symantec File Share Encryption, Symantec Encryption Desktop, and Symantec Gateway Email. It includ"

248
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Symantec Corporation
350 Ellis Street
Mountain View, CA 94043
USA

-Bill Zhao
TEL: 650-527-0683

Symantec PGP Cryptographic Engine

Version 4.3
Dell Precision M6400 Intel Core 2 Duo w/ Windows 7 64 bit 3/7/2014 Curves tested: P-256   P-384   P-521

"The Symantec PGP Cryptographic Engine is a FIPS 140-2 validated software only cryptographic module. The module implements the cryptographic functions for Symantec Encryption products, including the Symantec Drive Encryption, Symantec Desktop Email, Symantec File Share Encryption, Symantec Encryption Desktop, and Symantec Gateway Email."

247
Section 5.1,
ANS X9.63-2001
SP800-135
Senetas Corporation Ltd. and SafeNet Inc.
Level 1, 11 Queens Road
Melbourne, Victoria 3004
Australia

-John Weston
TEL: +61 3 9868 4555
FAX: +61 3 9821 4899

-Chris Brych
TEL: +1 613 221 5081
FAX: +1 613 723 5079

CN1000 and CN3000 Series Common Crypto Library

Version 4.4 (Firmware)
Freescale MPC8280 3/7/2014 ANSX963_2001 SHA Val#2350

"The CN1000 and CN3000 Series Common Crypto Library Module provides FIPS 140-2 approved cryptographic algorithms for the CN1000 and CN3000 Series Encryptors. Based upon OpenSSL the Library provides an Application Programming Interface (API) to support security relevant services."

246
Section 4.2,
TLS
SP800-135
Dell SonicWALL
2001 Logic Drive
San Jose, CA 95124
USA

-Gary Tomlinson
TEL: (408) 962-6756
FAX: (408) 745-9300

-Usha Sanagala
TEL: (408) 962-6248
FAX: (408) 745-9300

OpenSSL

Version 1.0.1e (Firmware)
Intel Core 2 Duo; Intel Celeron; Intel Xeon Nehalem with AES-NI 2/28/2014 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 ) ) SHA Val#2349 HMAC Val#1753

"OpenSSL 1.0.1e implementation with minor patches."

245
Section 5.2, SSH
SP800-135
Dell SonicWALL
2001 Logic Drive
San Jose, CA 95124
USA

-Gary Tomlinson
TEL: (408) 962-6756
FAX: (408) 745-9300

-Usha Sanagala
TEL: (408) 962-6248
FAX: (408) 745.9300

OpenSSH

Version 6.4p1 (Firmware)
Intel Core 2 Duo; Intel Celeron; Intel Xeon Nehalem with AES-NI 2/28/2014 SSH (SHA 1 , 256 ) SHA Val#2349

"SSH may generate keys of any size. Default is 2048. Open source version slightly modified to read our CSPs and completely disable DSA key generation."

244
Section 4.2,
TLS
SP800-135
Dell SonicWALL
2001 Logic Drive
San Jose, CA 95124
USA

-Gary Tomlinson
TEL: (408) 962-6756
FAX: (408) 745-9300

-Usha Sanagala
TEL: (408) 962-6248
FAX: (408) 745-9300

ojdk

Version 1.7.0_147 (Firmware)
Intel Core 2 Duo; Intel Celeron; Intel Xeon Nehalem with AES-NI 2/28/2014 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 ) ) SHA Val#2348 HMAC Val#1752

"Using existing Debian Stable Open JDK binaries."

243
Section 5.4, SNMP
SP800-135
Senetas Corporation Ltd. and SafeNet Inc.
Level 1, 11 Queens Road
Melbourne, Victoria 3004
Australia

-John Weston
TEL: +61 3 9868 4555
FAX: +61 3 9821 4899

-Chris Brych
TEL: +1 613 221 5081
FAX: +1 613 723 5079

CN4010 and CN6010 Series Common Crypto Library

Version 2.4 (Firmware)
ARM Cortex A9 2/28/2014 SNMP SHA1 Val#2346

"The CN4010 and CN6010 Series Common Crypto Library Module provides FIPS 140-2 approved cryptographic algorithms for the CN4010 and CN6010 Series Encryptors. Based upon OpenSSL the Library provides an Application Programming Interface (API) to support security relevant services."

242
Section 5.4, SNMP
SP800-135
Senetas Corporation Ltd. and SafeNet Inc.
Level 1, 11 Queens Road
Melbourne, Victoria 3004
Australia

-John Weston
TEL: +61 3 9868 4555
FAX: +61 3 9821 4899

-Chris Brych
TEL: +1 613 221 5081
FAX: +1 613 723 5079

CN6000 Series Common Crypto Library

Version 2.4 (Firmware)
Intel ATOM 2/28/2014 SNMP SHA1 Val#2345

"The CN6000 Series Common Crypto Library Module provides FIPS 140-2 approved cryptographic algorithms for CN6000 Series Encryptors. Based upon OpenSSL the Common Crypto Library provides an Application Programming Interface (API) to support security relevant services."

241
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Symantec Corporation
350 Ellis Street
Mountain View, CA 94043
USA

-David Finkelstein
TEL: 650-527-0714

Symantec PGP Cryptographic Engine

Version 4.3
Dell Precision M6400 Intel Core 2 Duo w/ Linux 32-bit RHEL 6.2 2/28/2014 Curves tested: P-256   P-384   P-521

"The Symantec PGP Cryptographic Engine is a FIPS 140-2 validated software only cryptographic module. The module implements the cryptographic functions for Symantec Encryption products, including the Symantec Drive Encryption, Symantec Desktop Email, Symantec File Share Encryption, Symantec Encryption Desktop, and Symantec Gateway Email. It includes"

240
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Symantec Corporation
350 Ellis Street
Mountain View, CA 94043
USA

-David Finkelstein
TEL: 650-527-0714

Symantec PGP Cryptographic Engine

Version 4.3
Apple MacBook Pro Intel Core 2 Duo w/ Mac OS X 10.7 2/28/2014 Curves tested: P-256   P-384   P-521

"The Symantec PGP Cryptographic Engine is a FIPS 140-2 validated software only cryptographic module. The module implements the cryptographic functions for Symantec Encryption products, including the Symantec Drive Encryption, Symantec Desktop Email, Symantec File Share Encryption, Symantec Encryption Desktop, and Symantec Gateway Email. It includes"

239
Section 5.2, SSH
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-8000
FAX: 408-333-8101

Brocade Vyatta Network OS Open SSL Cryptographic Module

Version 1.0
Intel (R) Xeon (R) Processor E5-2680 v2 (25M Cache, 2.80 Ghz w/ Brocade Vyatta Network OS 2/28/2014 SSH (SHA 256 ) SHA Val#2341

"Built for Network Functions Virtualization (NFV), Brocade (R) Vyatta (R) 5650 and 5630 vRouters are the first virtual routers capable of providing advanced routing in software without sacrificing the relaibility and performance of hardware networking solutions."

238
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-8000
FAX: 408-333-8101

Brocade Vyatta Network OS Open SSL Cryptographic Module

Version 1.0
Intel (R) Xeon (R) Processor E5-2680 v2 (25M Cache, 2.80 Ghz w/ Brocade Vyatta Network OS 2/28/2014 Curves tested: P-256   P-384   P-521

"Built for Network Functions Virtualization (NFV), Brocade (R) Vyatta (R) 5650 and 5630 vRouters are the first virtual routers capable of providing advanced routing in software without sacrificing the relaibility and performance of hardware networking solutions."

237
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134
USA

-Global Certification Team

IOS

Version 1.0
Intel Atom D2500 w/ CentOS Linux 6.4 2/21/2014 IKEv1( AUTH( DSA , PKE , PSK ) ) ( 2048 ) SHA Val#2340 HMAC Val#1744
IKEv2( ( 2048 (SHA 1 , 256 ) ) SHA Val#2340 HMAC Val#1744
TLS( TLS1.0/1.1 ) SHA Val#2340 HMAC Val#1744
SSH (SHA 1 ) SHA Val#2340
SNMP SHA1 Val#2340

"IOS software cryptographic implementations used within Cisco devices to provide cryptographic functions."

236
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134
USA

-Global Certification Team

IOS

Version 1.0 (Firmware)
Freescale MPC8358E; Freescale MPC8548E 2/21/2014 IKEv1( AUTH( DSA , PSK ) ) ( 2048 (SHA 1 , 256 ) ) SHA Val#2339 HMAC Val#1743
IKEv2( ( 2048 (SHA 1 , 256 ) ) SHA Val#2339 HMAC Val#1743
TLS( TLS1.0/1.1 ) SHA Val#2339 HMAC Val#1743
SSH (SHA 1 ) SHA Val#2339
SNMP SHA1 Val#2339

"IOS software cryptographic implementations used within Cisco devices to provide cryptographic functions."

235
Signature Generation of hash sized messages
FIPS186-4 ECDSA
GoldKey Security Corporation
26900 E. Pink Hill Rd
Independence, MO 64057
USA

-GoldKey Sales & Customer Service
TEL: (816) 220-3000

-Jon Thomas
TEL: 567-270-3830

GoldKey Cryptographic Algorithms

Version 7.13 (Firmware)
Arca2S 2/21/2013 ECDSA SigGen Component: CURVES( P-256 P-384 )

"Cryptographic algorithm implementation for GoldKey Products"

03/18/13: Updated implementation information;
03/27/13: Updated implementation information;
10/25/13: Updated implementation information;
07/23/14: Updated implementation informaiton;

234
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
GoldKey Security Corporation
26900 E. Pink Hill Rd
Independence, MO 64057
USA

-GoldKey Sales & Customer Service
TEL: (816) 220-3000

-Jon Thomas
TEL: 567-270-3830

GoldKey Cryptographic Algorithms

Version 7.13 (Firmware)
Arca2S 2/21/2013 RSASP1: (Mod2048: PKCS1.5 )

"Cryptographic algorithm implementation for GoldKey Products"

03/18/13: Updated implementation information;
03/27/13: Updated implementation information;
10/25/13: Updated implementation information;
07/23/14: Updated implementation informaiton;

233
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Fortinet, Inc.
1090 Kifer Road
Sunnyvale, CA 94086-5301
USA

-Alan Kaye
TEL: 613-225-9381 x7416
FAX: 613-225-2951

Fortinet FortiOS SSL Cryptographic Library

Version 5.0 GA Patch 6 (Firmware)
ARM v5 Compatible; Intel Atom; Intel Celeron; Intel i3-540 Dual Core; Intel i5-750 Quad Core; Intel Xeon 2/21/2014 IKEv1( AUTH( DSA , PKE , PSK ) ) ( 224 (SHA 1 , 256 ) ) ( 8192 (SHA 1 , 256 ) ) SHA Val#2333 HMAC Val#1738
IKEv2( ( 8192 (SHA 1 , 256 ) ) ( 8192 (SHA 1 , 256 ) ) SHA Val#2333 HMAC Val#1738
TLS( TLS1.2 (SHA 256 ) ) SHA Val#2333 HMAC Val#1738
SSH (SHA 1 , 256 ) SHA Val#2333

"This document focuses on the software implementation of the Fortinet FortiOS SSL Cryptographic Library 5.0 GA Patch 6"

232
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Aruba Networks, Inc.
1344 Crossman Ave
Sunnyvale, CA 94089
USA

-Jon Green
TEL: 408-227-4500
FAX: 408-227-4550

ArubaOS OpenSSL Module

Version ArubaOS 6.3 (Firmware)
Qualcomm Atheros AR7161; Qualcomm Atheros AR7242; Cavium CN5010; Marvell 88F6560; Qualcomm Atheros QCA9344; Qualcomm Atheros QCA9550; Broadcom XLP416; Broadcom XLP432; Broadcom XLR732; Broadcom XLR508; Broadcom XLR516; Broadcom XLR532; Broadcom XLS204; Broadcom XLS408; Freescale QorIQ P1020; 2/14/2014 RSASP1: (Mod2048: PKCS1.5 )

"The Aruba MOVE Architecture forms the core network infrastructure for supporting mobile and wireless computing devices. The system enables enterprise-scale 802.11 wireless LANs (Wi-Fi), secure remote VPNs, and mobility-optimized wired networks.."

231
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
Section 4.2,
TLS
Section 5.2, SSH
Section 5.3, SRTP
Section 5.4, SNMP
SP800-135
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134
USA

-Global Certification Team

IOS Algorithms

Version 1.0 (Firmware)
Cavium CN5200; Intel 82576; Freescale MPC8572E; Freescale MPC8358E; Freescale P1021 2/7/2014 IKEv1( AUTH( PSK ) ) ( 2048 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#2182 HMAC Val#1606
IKEv2( ( 2048 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#2182 HMAC Val#1606
TLS( TLS1.0/1.1 ) SHA Val#2182 HMAC Val#1606
SSH (SHA 1 ) SHA Val#2182
SRTP (AES 128 ) AES Val#2620
SNMP SHA1 Val#2182

"IOS Firmware cryptographic implementations used within Cisco devices to provide cryptographic functions."

230
Section 4.2,
TLS
SP800-135
Oracle America, Inc.
500 Oracle Parkway
Redwood City, CA 94065
United States

-Linda Gallops
TEL: 704-972-5018
FAX: 704-321-9273

T10000D TLS1.0 Implementation

Version 2.2 (Firmware)
Altera NIOS II 2/7/2014 TLS( TLS1.0/1.1 ) SHA Val#2325 HMAC Val#1730

"The Oracle StorageTek T10000D Tape Drive blends the highest capacity, performance, reliability, and data security to support demanding, 24/7 data center operations. It delivers the world''s fastest write speeds to a native 8.5 TB of magnetic tape storagel; making it ideal for data center operations with growing data volume."

229
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Sagem Orga
Heinz-Nixdorf-Ring 1
Paderborn, 33106
Germany

-Swantje Missfeldt
TEL: +49 52 51 88 90

J-IDMark 64 Open RSA CRT with SHA-1 and SHA-256

Version J-IDMark 64 Open 01016221 (Firmware)
AT58803-H-AA 11/8/2006 RSASP1: (Mod2048: PKCS1.5 )

"An implementation of the RSA CRT with SHA-1 and SHA-256 algorithm for use in the J-IDMark 64 Open smart card cryptographic module."

02/04/14: Originally verified as SigGen - RSA #180;

228
Section 4.2,
TLS
SP800-135
Hewlett–Packard Development Company, L.P.
3000 Hanover Street
Palo Alto, CA 94304
USA

-Mihai Damian
TEL: 1-650-236-5870

-Sameer Popli
TEL: 1-650-236-5874

HP NSVLE C API Library

Version 0.3
Intel(R) Xeon(R) E5-2658 w/ Debian Linux HPTE Version 5.0.0 1/24/2014 TLS( TLS1.0/1.1 ) SHA Val#2047 HMAC Val#1477

"Hewlett-Packard''s NonStop platform is used in complex computing environments, where business-critical applications need 24 x 7 availability, extreme scalability, and fault-tolerance. NonStop plays an important role in major industries and markets, including finance, healthcare, telecommunications, manufacturing, retail, and government."

227
Section 4.1.1,
IKEv1
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Palo Alto Networks
4301 Great America Parkway
Santa Clara, California 95054
USA

-Jake Bajic
TEL: (408) 753-3901
FAX: (408) 753-4001

-Lee Klarich
TEL: (408) 753-4000
FAX: (408) 753-4001

Palo Alto Networks Crypto Module (PA-200, PA-500, PA-2000 Series, PA-3000 Series, PA-4000 Series, and PA-5000 Series Firewalls and M100/Panorama)

Version PAN-OS 5.0/Panorama 5.1 (Firmware)
Cavium Octeon MIPS64; Intel Multi Core Xeon; Intel Celeron P4505 1/24/2014 IKEv1( AUTH( PSK ) ) ( 2048 (SHA 256 , 384 , 512 ) ) SHA Val#2298 HMAC Val#1707
TLS( TLS1.0/1.1 ) SHA Val#2298 HMAC Val#1707
SSH (SHA 1 ) SHA Val#2298
SNMP SHA1 Val#2298

"The Palo Alto Networks Crypto Module provides the cryptographic functionality for a variety of platforms i.e., the PA-200, PA-500, PA-2000, PA-3000, PA-4000 and PA-5000 firewalls and M100 Centralized Management. The firewalls provide network security by enabling enterprises to see/control applications, users, and content."

226
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
SonicWALL, Inc.
2001 Logic Drive
San Jose, CA 95124
USA

-Usha Sanagala
TEL: 408-962-6248
FAX: 408-745-9300

SonicOS 6.2 for NSA and SM

Version 6.2 (Firmware)
Cavium Octeon Plus 66XX; Cavium Octeon Plus 68XX 1/24/2014 TLS( TLS1.0/1.1 ) SHA Val#2322 HMAC Val#1727
SSH (SHA 1 ) SHA Val#2322
SNMP SHA1 Val#2322

"The Dell SonicWALL family of firewalls tightly integrates intrusion prevention, malware protection, Application Intelligence and Control with real-time Visualization. Dell SonicWALL Reassembly-Free Deep Packet Inspection engine scans 100% of traffic and massively scales to meet needs of the most high-performance networks."

225
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Giesecke & Devrient
45925 Horseshoe Drive
Dulles, VA 20166
USA

-Michael Poitner
TEL: 650-312-1241
FAX: 605-312-8129

-Jatin Deshpande
TEL: 650-312-8047
FAX: 650-312-8129

Sm@rtCafé Expert 3.2

Version CPDYxJCRSEFI-025CD144V503 (Firmware)
NXP P5CD144 3/18/2008 RSASP1: (Mod2048: PKCS1.5 )

"Sm@rtCafé Expert 3.2 is a Java Card 2.2.1 and Global Platform v2.1.1 compliant smart card module supporting contact and contactless interfaces. Its support includes RSA up to 2048 bits with key generation, Hash algorithms (including SHA256), SEED, AES, DSA, OAEP Padding and Triple-DES."

01/22/14: Originally verified as SigGen - RSA #351;

224
Signature Generation of hash sized messages
FIPS186-4 ECDSA
Gemalto
Avenue du Jujubier
Z.I Athelia IV
La Ciotat, 13705
France

-Arnaud Lotigier
TEL: +33-4-42-36-60-74
FAX: +33-4-42-36-55-45

TOP DL V2

Version #11-M1005011+Softmask V02 (Firmware)
Part # A1023378
Infineon SLE66CLX1280PE w/ TOP DL V2 smart Card 5/12/2010 ECDSA SigGen Component: CURVES( P-224 P-256 P-384 P-521 K-233 K-283 K-409 K-571 B-233 B-283 B-409 B-571 )
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#224.

"This module is based on a Java Card platform (TOP DL V2) with 128K EEPROM memory available. The Cryptographic Module provides dual interfaces (i.e. contact and contact-less) where the same security level is achieved."

01/15/14: Originally verified as SigGen and SigVer - ECDSA#172;

223
Signature Generation of hash sized messages
FIPS186-4 ECDSA
NXP Semiconductors
Mikronweg 1
Gratkorn, 8101
Austria

-Markus Moesenbacher
TEL: +43 3124 299 652
FAX: +43 3124 299 270

NXP ECDSA Component

Version ECDSA_CL_V2.7 (Firmware)
Part # NXP P5CD081 Family
NXP P5CD081 Family 8/18/2011 ECDSA SigGen Component: CURVES( P-256 )

"Single Chip Module with NXP Secure Smart Card Controller of P5CD081 Family and NXP Java Card and GlobalPlatform OS JCOP 2.4.2 R0. P5CD081 Family comprises: P5CD145 V0A, P5CC145 V0A, P5CN145 V0A, P5CD128 V0A, P5CC128 V0A, P5CD081 V1A, P5CC081 V1A, P5CN081 V1A, P5CD051 V1A, P5CD041 V1A, P5CD021 V1A and P5CD016 V1A."

01/15/14: Originally verified as SigGen - ECDSA#237;

222
Signature Generation of hash sized messages
FIPS186-4 ECDSA
Athena Smartcard Inc.
20380 Town Center Lane, Suite 240
Cupertino, CA 95014
USA

-Ian Simmons
TEL: (408) 865-0112
FAX: (408) 865-0333

Athena OS755 ECDSA2 Component

Version A1.0 (Firmware)
Part # Inside Secure AT90SC
Inside Secure AT90SC w/ OS755 6/16/2011 ECDSA SigGen Component: CURVES( P-224 P-256 P-384 P-521 )
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#222.

"Athena OS755 is a GlobalPlatform Java Card smart card operating system implementing AES, TDES, DRBG, SHA-1/SHA-2, RSA, SP 800-56A, KAS ( ECC CDH Primitive only) and ECDSA2."

01/15/14: Originally verified as SigGen and SigVer - ECDSA#214;

221
Signature Generation of hash sized messages
FIPS186-4 ECDSA
Oberthur Technologies
4250 Pleasant Valley Road
Chantilly, VA 20151
USA

-Christophe Goyet
TEL: 703-263-0100
FAX: 703-263-0503

ECDSA for ID-One Cosmo v7 A

Version 0801 (Firmware)
Part # C3
ID-One Cosmo v7.0 A 2/5/2009 ECDSA SigGen Component: CURVES( P-224 P-256 P-384 P-521 K-233 K-283 K-409 K-571 B-233 B-283 B-409 B-571 )
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#221.

"The ID-One Cosmo Smart Card Platform is a single chip multi-application cryptographic module that offers a highly secure architecture together with enhanced cryptographic services. The tested algorithm implementation applies to the following hardware part number: BF, CO, C3, CF, with firmware version 0801."

01/15/14: Originally verified as SigGen and SigVer - ECDSA#120;

220
Signature Generation of hash sized messages
FIPS186-4 ECDSA
Oberthur Technologies
4250 Pleasant Valley Road
Chantilly, VA 20151
USA

-Christophe Goyet
TEL: 703-263-0100
FAX: 703-263-0503

ECDSA for ID-One Cosmo v7 N

Version FC10 (Firmware)
Part # B0
ID-One Cosmo v7.0 N 1/16/2014 ECDSA SigGen Component: CURVES( P-224 P-256 P-384 P-521 K-233 K-283 K-409 K-571 B-233 B-283 B-409 B-571 )
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#220.

"The ID-One Cosmo Smart Card Platform is a single chip multi-application that offers a highly secure architecture together with enhanced cryptographic services. The tested algorithm implementation applies to the following hardware part number: B0, BA, C8, CA, CB, C4, C7, C9, B7, CD, C6, with firmware version FC10."

01/15/14: Originally verified as SigGen and SigVer - ECDSA#94;

219
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
NXP Semiconductors
Mikronweg 1
Gratkorn, 8101
Austria

-Markus Moesenbacher
TEL: +43 3124 299 652
FAX: +43 3124 299 270

NXP RSA CRT Component

Version RSA_CRT_JCOP_242_R0 (Firmware)
Part # NXP P5CD081 Family
NXP P5CD081 Family 8/18/2011 RSASP1: (Mod2048: PKCS1.5 )

"Single Chip Module with NXP Secure Smart Card Controller of P5CD081 Family and NXP Java Card and GlobalPlatform OS JCOP 2.4.2 R0. P5CD081 Family comprises: P5CD145 V0A, P5CC145 V0A, P5CN145 V0A, P5CD128 V0A, P5CC128 V0A, P5CD081 V1A, P5CC081 V1A, P5CN081 V1A, P5CD051 V1A, P5CD041 V1A, P5CD021 V1A and P5CD016 V1A."

01/15/14: Originally verified as SigGen - RSA #885;

218
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Athena Smartcard Inc.
20380 Town Center Lane, Suite 240
Cupertino, CA 95014
USA

-Ian Simmons
TEL: (408) 865-0112
FAX: (408) 865-0333

Athena OS755 RSA Component

Version A1.0 (Firmware)
Part # Inside Secure AT90SC
Inside Secure AT90SC w/ OS755 6/16/2011 RSASP1: (Mod2048: PKCS1.5 PKCSPSS )

"Athena OS755 is a Global Platform Java Card operating systems implementing AES, TDES, DRBG, SHA-1/SHA-2, RSA, SP 800-56A KAS (ECC CDH Primitive only) and ECDSA2."

01/15/14: Originally verified as SigGen - RSA #824;

217
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Gemalto
Avenue du Jujubier
Z.I Athelia IV
La Ciotat, 13705
France

-Arnaud Lotigier
TEL: +33-4-42-36-60-74
FAX: +33-4-42-36-55-45

TOP DL V2

Version #11-M1005011+Softmask V02 (Firmware)
Part # A1023378
Infineon SLE66CLX1280PE w/ TOP DL V2 smart Card 5/12/2010 RSASP1: (Mod2048: PKCS1.5 )

"This module is based on a Java Card platform (TOP DL V2) with 128K EEPROM memory available. The Cryptographic Module provides dual interfaces (i.e. contact and contact-less) where the same security level is achieved."

01/15/14: Originally verified as SigGen - RSA #664;

216
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Oberthur Technologies
4250 Pleasant Valley Road
Chantilly, VA 20151
USA

-Christophe Goyet
TEL: 703-263-0100
FAX: 703-263-0503

RSA for ID-One Cosmo v7 A

Version 0801 (Firmware)
Part # C3
ID-One Cosmo v7.0 A 2/5/2009 RSASP1: (Mod2048: PKCS1.5 PKCSPSS )

"The ID-One Cosmo Smart Card Platform is a single chip multi-application cryptographic module that offers a highly secure architecture together with enhanced cryptographic services. The tested algorithm implementation applies to the following hardware part number: BF, CO, C3, CF, with firmware version 0801."

01/15/14: Originally verified as SigGen - RSA #471;

215
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Oberthur Technologies
4250 Pleasant Valley Road
Chantilly, VA 20151
USA

-Christophe Goyet
TEL: 703-263-0100
FAX: 703-263-0503

RSA for ID-One Cosmo v7 N

Version FC10 (Firmware)
Part # B0
ID-One Cosmo v7.0 N 8/8/2008 RSASP1: (Mod2048: PKCS1.5 PKCSPSS )

"The ID-One Cosmo Smart Card Platform is a single chip multi-application that offers a highly secure architecture together with enhanced cryptographic services. The tested algorithm implementation applies to the following hardware part number: B0, BA, C8, CA, CB, C4, C7, C9, B7, CD, C6, with firmware version FC10."

01/15/14: Originally verified as SigGen - RSA #403;

214
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Gemalto
Arboretum Plaza II
9442 Captial of Texas Highway North
Suite 400
Austin, TX 78759
USA

-Vincent Prothon
TEL: 512-257-3810
FAX: 512-257-3881

Gemalto GX4-FIPS

Version GX4-FIPS EI08 (Firmware)
NXP P5CD144 5/13/2008 RSASP1: (Mod2048: PKCS1.5 )

"This module is based on a Java platform (GemCombiXpresso R4) with 144K EEPROM memory and on the SafesITe FIPS201 applet loaded on the Java Card platform. The Cryptographic Module provides dual interfaces (i.e. contact and contact-less) where the same security level is achieved. Module Ref# A1005963 - Card Ref# M1002255."

01/15/14: Originally verified as SigGen - RSA #372;

213
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Giesecke & Devrient
45925 Horseshoe Drive
Dulles, VA 20166
USA

-Michael Poitner
TEL: 650-312-1241
FAX: 605-312-8129

-Jatin Deshpande
TEL: 650-312-8047
FAX: 650-312-8129

Sm@rtCafé Expert 3.2

Version CPDIxJCRSEFI-025CD080V402 (Firmware)
NXP P5CD080 3/18/2008 RSASP1: (Mod2048: PKCS1.5 )

"Sm@rtCafé Expert 3.2 is a Java Card 2.2.1 and Global Platform v2.1.1 compliant smart card module supporting contact and contactless interfaces. Its support includes RSA up to 2048 bits with key generation, Hash algorithms (including SHA256), SEED, AES, DSA, OAEP Padding and Triple-DES."

01/15/14: Originally verified as SigGen - RSA #350;

212
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Oberthur Card Systems
4250 Pleasant Valley Road
Chantilly, VA 20151
USA

-Christophe Goyet
TEL: 703-263-0100
FAX: 703-263-0503

RSA for ID-One Cosmo 128 v5

Version ID-One Cosmo Version F310 (Firmware)
Part # B0
ID-One Cosmo 128 v5.5 11/6/2007 RSASP1: (Mod2048: PKCS1.5 PKCSPSS )

"The ID-One Cosmo Smart Card Platform is a single chip multi-application cryptographic module that offers a highly secure architecture together with cryptographic services such as 3DES (128,192), AES (128,192,256), RSA (1024,1536,2048) with onboard key generation, SHA (1,224,256,384,521), ECDSA (GFP,192,224,256,384) Elliptic Curve Diffie-Hellman."

01/15/14: Originally verified as SigGen - RSA #304;

211
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Keycorp Limited
Level 5, Keycorp Tower
799 Pacific Highway
Chatswood NSW
Sydney, Austrailia 2067
Australia

-Graeme Bradford
TEL: 703-635-7723
FAX: 703-635-7724

Keycorp MULTOS I4F 80K with MULTOS PIV Card Application

Version 1.0 (Firmware)
Infineon SLE66CLX800PEM crypto controller 11/6/2007 RSASP1: (Mod2048: PKCS1.5 )

"The Keycorp MULTOS I4F 80K Smart Card with MULTOS PIV Card Application can be employed in a wide range of solutions. The smart card provides a highly portable, secure token for enhancing the security of network access and ensuring secure electronic communications. Combined with the PIV Card Application it provides enhanced I&A functionality."

01/15/14: Originally verified as SigGen - RSA #303;

210
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Athena Smartcard Inc.
20380 Town Center Lane, Suite 240
Cupertino, CA 95014
USA

-Ian Simmons
TEL: 408-865-0112
FAX: 408-865-0333

Athena IDProtect Duo

Version 0107.7099.0105 (Firmware)
Part # AT90SC12872RCFT Rev M
Atmel AT90SC12872RCFT 10/15/2007 RSASP1: (Mod2048: PKCS1.5 )

"IDProtect is a cryptographic module based on the Athena OS755 Java Card smart card operating system. IDProtect is compliant with the latest Java Card 2.2.2 and Global Platform 2.1.1 specifications and FIPS 140-2 Level 3 (Level 4 Physical Security). IDProtect supports FIPS approved RNG, TDES, AES, SHA-1, SHA-256, and RSA up to 2048 bits."

01/15/14: Originally verified as SigGen - RSA #296;

209
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Athena Smartcard Inc.
20380 Town Center Lane, Suite 240
Cupertino, CA 95014
USA

-Ian Simmons
TEL: (408) 865-0112
FAX: (408) 865-0333

Athena IDProtect XL

Version 010A.7204.0004 (Firmware)
Part # AT90SC144144CT
Atmel AT90SC144144CT 9/27/2007 RSASP1: (Mod2048: PKCS1.5 )

"IDProtect is a cryptographic module based on the Athena OS755 Java Card 2.2.2 and GlobalPlatform2. 1.1 specifications and F IPS 140-2 Level 3 (Level 4 for physical security).IDProtect supports F IPS approved Random Number Generator, TDES,A ES, SHA-I, SHA-256, and RSA up to 2048 bits including on board key generation."

01/15/14: Originally verified as SigGen - RSA #292

208
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
CardLogix
16 Hughes, Suite 100
Irvine, CA 92618
USA

-Ken Indorf
TEL: 949-380-1312
FAX: 949-380-1428

CardLogix Credentsys-J

Version 07.0107.04 (Firmware)
Part # AT90SC12872RCFT Rev. J
Atmel AT90SC12872RCFT 7/2/2007 RSASP1: (Mod2048: PKCS1.5 )

"CREDENTSYS-J is a secure smart card that is designed for National ID systems and multi-use enterprise security environments. The CREDENTSYS-J card is based on Java Card tm 2.2.1 and Global Platform 2.1.1 architectures and is readily deployable into existing or new PKI environments. CREDENTSYS cards offer a combination of high performance and cost"

01/15/14: Originally verified as SigGen - RSA #272;

207
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Sagem Orga
Heinz-Nixdorf-Ring 1
Paderborn, 33106
Germany

-Swantje Missfeldt
TEL: +49 52 51 88 90

J-IDMark 64 Open RSA with SHA-1 and SHA-256

Version J-IDMark 64 Open 01016221 (Firmware)
AT58803-H-AA 11/8/2006 RSASP1: (Mod2048: PKCS1.5 )

"An implementation of teh RSA with SHA-1 and SHA-256 algorithm for use in the J-IDMark 64 Open smart card cryptographic module."

01/15/14: Originally verified as SigGen – RSA #179;

206
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
SafeNet, Inc.
4690 Millennium Drive
Belcamp, MD 21017
USA

-Hazem Hassan
TEL: (952)223-3139

-Wayne Whitlock
TEL: (443)327-1489

SCCOS Crypto library

Version 3.0 (Firmware)
Philips P5CT072 Secure Triple Interface Smart Card Controller 10/25/2006 RSASP1: (Mod2048: PKCS1.5 )

"SCCOS is a state-of-the-art operating system that offers wide range of authentication services together with the highest levels of security. It offers powerful implementaions for public and secret key encryption supporting RSA, DSA, Diffie-Hellman, SHA-1, Triple-DES, and AES."

01/15/14: Originally verified as SigGen - RSA#174;

205
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Gemplus
Avenue du Pic de Bertagne
GEMENOS Cedex, BP100 13881
FRANCE

-Thierry Deffontaines
TEL: +33 (0)4 42 36 60 17

GemCombiXpresso R4 (GCX4) Cryptographic Library

Version GCX4 - FIPS IE07 (Firmaware)
Proprietary 1/30/2006 RSASP1: (Mod2048: PKCS1.5 )

"This implementation is dedicated to provide the crypto algorithm on the GemCombiXpresso R4 Java card product through the Java Card API. It provides Random Number generation, 3DES and RSA up to 2048 bits key length as well as X9.31 RSA On Board Key generation up to 2048 bits long."

204
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Oberthur Card Systems
4250 Pleasant Valley Road
Chantilly, VA 20151
USA

-Christophe Goyet
TEL: (703)263-0100
FAX: (703)263-7134

ID-One Cosmo 64 RSA

Version E303 (Firmware)
Part # 77
JavaCard 2.2 Runtime Environment 1/3/2005 RSASP1: (Mod2048: PKCS1.5 PKCSPSS )

"The ID-One Cosmo 64 RSA JavaCard Chip Platform is a single chip multi application cryptographic module for smart cards specifically designed for identity and government market needs. The module offers a highly secure architecture together with cryptographic services such as Triple-DES (using double and triple length DES keys) encryption and decryption in both ECB and CBC with ISO/IEC 9797 automatic padding (methods 1 and 2), TDES Message Authentication Code generation and verification using automatic padding methods from ISO/IEC 9797 (methods 1, 2, and 2 with MAC algorithm3), AES encryption and decryption in both ECB and CBC modes, AES Message Authentication Code generation and verification, RSA key generation up to 2048 bit key length with strong prime numbers (ANSI X9.31), RSA encryption and decryption using PKCS#1 and PKCS#1-OAEP automatic padding, RSA signature and verification using PKCS#1, PKCS#1-PSS, and ISO/IEC 9796 methods, as well as digest computation using SHA-1 and MD5 algorithms."

01/15/14: Oringinally verified as SigGen - RSA#43;

203
Section 4.2,
TLS
SP800-135
Cambium Networks
3800 Golf Road, Suite 360
Rolling Meadows, IL 60008
USA

-Mark Thomas
TEL: +44 1364 655500
FAX: +44 1364 654625

PTP700 TLS KDF

Version PTP700-TLS-KDF-01-00 (Firmware)
TI TMS320C6657 1/10/2014 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 ) ) SHA Val#2323 HMAC Val#1728

"TLS key derivation function"

202
Section 5.4, SNMP
SP800-135
Cambium Networks
3800 Golf Road, Suite 360
Rolling Meadows, IL 60008
USA

-Mark Thomas
TEL: +44 1364 655500
FAX: +44 1364 654625

PTP700 SNMP KDF

Version PTP700-SNMP-KDF-01-00 (Firmware)
TI TMS320C6657 1/10/2014 SNMP SHA1 Val#2323

"SNMP key derivation function"

201
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Freescale Semiconductor, Inc.
7700 West Parmer Lane
Austin, TX 78729
USA

-Geoffrey Waters
TEL: 512-996-5815
FAX: 512-996-7866

-Tom Tkacik
TEL: 480-814-3299
FAX: 480-814-3660

DMPR 30233242

Version CAVP_DMPR_30233242_C290R1 (Firmware)
Chronologic VCS simulator, vcs D-2010.06-04 12/20/2013 RSASP1: (Mod2048: PKCS1.5 )

"Freescale's cryptographic boundary for DSA, ECDSA and RSA includes the following CHAs plus Descriptor Controller: DECO 3.0, MDHA 2.3, PKHA-SD128 3.2, RNG4 4.2. Freescale's DMPR 30233242 is included in multiple QorIQ Integrated Communications Processors and co-processors, including: C291, C292, C293, T4240r2, and T4160r2."

200
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Freescale Semiconductor, Inc.
7700 West Parmer Lane
Austin, TX 78729
USA

-Geoffrey Waters
TEL: 512-996-5815
FAX: 512-996-7866

-Tom Tkacik
TEL: 480-814-3299
FAX: 480-814-3660

DMPR 30232242

Version CAVP_DMPR_30232242_T2080R1 (Firmware)
Chronologic VCS simulator, vcs D-2010.06-04 12/20/2013 RSASP1: (Mod2048: PKCS1.5 )

"Freescale's cryptographic boundary for DSA, ECDSA, RSA, KAS and ASKDF includes the following CHAs plus Descriptor Controller: DECO 3.0, MDHA 2.3, PKHA-SD64 2.2, RNG4 4.2. Freescale's DHSA 30232242 is included in the QorIQ Integrated Communications Processor: T2080."

199
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Freescale Semiconductor, Inc.
7700 West Parmer Lane
Austin, TX 78729
USA

-Geoffrey Waters
TEL: 512-996-5815
FAX: 512-996-7866

-Tom Tkacik
TEL: 480-814-3299
FAX: 480-814-3660

DMPR 30231242

Version CAVP_DMPR_30231242_T1040R1 (Firmware)
Chronologic VCS simulator, vcs D-2010.06-04 12/20/2013 RSASP1: (Mod2048: PKCS1.5 )

"Freescale's cryptographic boundary for DSA, ECDSA, RSA, KAS and ASKDF includes the following CHAs plus Descriptor Controller: DECO 3.0, MDHA 2.3, PKHA-SD32 1.2, RNG4 4.2. Freescale's DHSA 30231242 is included in the QorIQ Integrated Communications Processor: T1040."

198
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Freescale Semiconductor, Inc.
7700 West Parmer Lane
Austin, TX 78729
USA

-Geoffrey Waters
TEL: 512-996-5815
FAX: 512-996-7866

-Tom Tkacik
TEL: 480-814-3299
FAX: 480-814-3660

DMPR 20222141

Version CAVP_DMPR_20222141_P5040R1 (Firmware)
Chronologic VCS simulator, vcs D-2010.06-04 12/20/2013 RSASP1: (Mod2048: PKCS1.5 )

"Freescale's cryptographic boundary for DSA, ECDSA, RSA, KAS and ASKDF includes the following CHAs plus Descriptor Controller: DECO 2.0, MDHA 2.2, PKHA-SD64 2.1, RNG4 4.1. DHSA 20222141 is included in multiple QorIQ Integrated Communications Processors and co-processors, including: P5040, P5021, T4240r1, T4160r1, and B4860."

197
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Freescale Semiconductor, Inc.
7700 West Parmer Lane
Austin, TX 78729
USA

-Geoffrey Waters
TEL: 512-996-5815
FAX: 512-996-7866

-Tom Tkacik
TEL: 480-814-3299
FAX: 480-814-3660

DMPR 13221121

Version CAVP_DMPR_13221121_P4080R3 (Firmware)
Chronologic VCS simulator, vcs D-2010.06-04 12/20/2013 RSASP1: (Mod2048: PKCS1.5 )

"Freescale's cryptographic boundary for DSA, ECDSA, RSA, KAS and ASKDF includes the following CHAs plus Descriptor Controller: DECO 1.3, MDHA 2.2, PKHA-SD32 1.1, RNGB 2.1. Freescale's DHSA 13221121 is included in the QorIQ Integrated Communications Processor: P4080r3."

196
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Freescale Semiconductor, Inc.
7700 West Parmer Lane
Austin, TX 78729
USA

-Geoffrey Waters
TEL: 512-996-5815
FAX: 512-996-7866

-Tom Tkacik
TEL: 480-814-3299
FAX: 480-814-3660

DMPR 12211040

Version CAVP_DMPR_12211040_PSC9131R1 (Firmware)
Chronologic VCS simulator, vcs D-2010.06-04 12/20/2013 RSASP1: (Mod2048: PKCS1.5 )

"Freescale's cryptographic boundary for DSA, ECDSA, RSA, KAS and ASKDF includes the following CHAs plus Descriptor Controller: DECO 1.2, MDHA 2.1, PKHA-SD32 1.0, RNGB 4.0. Freescale's DHSA 12211040 is included in the QorIQ Integrated Communications Processors: PSC9131 and PSC9132."

195
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Freescale Semiconductor, Inc.
7700 West Parmer Lane
Austin, TX 78729
USA

-Geoffrey Waters
TEL: 512-996-5815
FAX: 512-996-7866

-Tom Tkacik
TEL: 480-814-3299
FAX: 480-814-3660

DMPR 11200121

Version CAVP_DMPR_11200121_P5020R1 (Firmware)
Chronologic VCS simulator, vcs D-2010.06-04 12/20/2013 RSASP1: (Mod2048: PKCS1.5 )

"Freescale's cryptographic boundary for DSA, ECDSA, RSA, KAS and ASKDF includes the following CHAs plus Descriptor Controller: DECO 1.1, MDHA 2.0, PKHA-XT0.1, RNGB 2.1. Freescale's DHSA 11200121 is included in multiple QorIQ Integrated Communications Processors, including: P3041, P2041, P2040, P5020, P5010, and P1010."

194
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
IBM Corporation
1 New Orchard Road
Armonk, NY 10504
USA

-Smita Dutta
TEL: 301-803-2540

Cryptographic Security Kernel (CSK)

Version 2.0 (Firmware)
Intel Xeon 12/31/2013 TLS( TLS1.0/1.1 ) SHA Val#2160 HMAC Val#1581
SSH (SHA 1 , 256 , 512 ) SHA Val#2160

"IBM® Security QRadar® SIEM consolidates log source event data from thousands of devices endpoints and applications distributed throughout a network. The IBM Security QRadar SIEM provides a secure platform that meets FIPS 140-2 Level 2 requirements while allowing organizations to meet current and emerging compliance mandates."

193
Section 4.1.1,
IKEv1
SP800-135
Motorola Solutions, Inc.
6480 Via Del Oro
San Jose, CA 95119
USA

-Udayan Borkar
TEL: 408-528-2361
FAX: 408-528-2903

-Colin Cooper
TEL: 408-528-2871
FAX: 408-528-2903

Quicksec

Version 3.0 (Firmware)
Broadcom XLR v4.0 12/31/2013 IKEv1( ( 1024 (SHA 1 ) ) ( 185 (SHA 1 ) ) ( 2048 (SHA 1 ) ) SHA Val#2326 HMAC Val#1731

"Quicksec is a third party source code, which provides IPsec and IKE v1 cryptographic services."

02/10/14: Updated implementation information;

192
Section 5.2, SSH
SP800-135
Motorola Solutions, Inc.
6480 Via Del Oro
San Jose, CA 95119
USA

-Udayan Borkar
TEL: 408-528-2361
FAX: 408-528-2903

-Colin Cooper
TEL: 408-528-2871
FAX: 408-528-2903

Openssh

Version 4.7p1 (Firmware)
Broadcom XLR v4.0 12/31/2013 SSH (SHA 1 , 256 ) SHA Val#2321

"OpenSSH is a third party open source code, which provides secure remote session management services."

191
Section 4.2,
TLS
SP800-135
Motorola Solutions, Inc.
6480 Via Del Oro
San Jose, CA 95119
USA

-Udayan Borkar
TEL: 408-528-2361
FAX: 408-528-2903

-Colin Cooper
TEL: 408-528-2871
FAX: 408-528-2903

Openssl-fips

Version 1.1.1 (Firmware)
Broadcom XLR v4.0 12/31/2013 TLS( TLS1.0/1.1 ) SHA Val#2321 HMAC Val#1726

"OpenSSL is a third party open source code, which provides cryptographic services to user space daemons. The device uses openssl-fips-1.1.1 version. RFS7000 userspace daemons (RADIUS, ntp, openssh, net-snmp, mapsh, etc) using openssl crypto services call fips_mode_set() from their respective initialization functions."

190
Section 5.4, SNMP
SP800-135
Motorola Solutions, Inc.
6480 Via Del Oro
San Jose, CA 95119
USA

-Udayan Borkar
TEL: 408-528-2361
FAX: 408-528-2903

-Colin Cooper
TEL: 408-528-2871
FAX: 408-528-2903

net-snmp

Version 5.3.0.1 (Firmware)
Broadcom XLR v4.0 12/31/2013 SNMP SHA1 Val#2320

"Net-SNMP is a third party open source code, which implements SNMPv3 protocol in order to retrieve or update information remotely."

189
Section 5.2, SSH
SP800-135
Motorola Solutions, Inc.
6480 Via Del Oro
San Jose, CA 95119
USA

-Udayan Borkar
TEL: 408-528-2361
FAX: 408-528-2903

-Colin Cooper
TEL: 408-528-2871
FAX: 408-528-2903

Openssh

Version 4.7p1 (Firmware)
Cavium Octeon Plus CN5000 Family 12/31/2013 SSH (SHA 256 ) SHA Val#2320

"OpenSSH is a third party open source code, which provides secure remote session management services."

188
Section 5.4, SNMP
SP800-135
Motorola Solutions, Inc.
6480 Via Del Oro
San Jose, CA 95119
USA

-Udayan Borkar
TEL: 408-528-2361
FAX: 408-528-2903

-Colin Cooper
TEL: 408-528-2871
FAX: 408-528-2903

net-snmp

Version 5.0.9 (Firmware)
Cavium Octeon Plus CN5000 Family 12/31/2013 SNMP SHA1 Val#2320

"Net-SNMP is a third party open source code, which implements SNMPv3 protocol in order to retrieve or update information remotely."

187
Section 4.1.1,
IKEv1
SP800-135
Motorola Solutions, Inc.
6480 Via Del Oro
San Jose, CA 95119
USA

-Udayan Borkar
TEL: 408-528-2361
FAX: 408-528-2903

-Colin Cooper
TEL: 408-528-2871
FAX: 408-528-2903

iGateway

Version 1.9 (Firmware)
Cavium Octeon Plus CN5000 Family; Cavium Octeon Plus CN5000 Family 12/31/2013 IKEv1( AUTH( PSK ) ) ( 1024 Null (SHA 1 ) ) SHA Val#2320 HMAC Val#1725

"iGateway is a third party source code, which provides IPsec and IKE v1 cryptographic services."

05/06/14: Added new tested information;

186
Section 4.2,
TLS
SP800-135
Motorola Solutions, Inc.
6480 Via Del Oro
San Jose, CA 95119
USA

-Udayan Borkar
TEL: 408-528-2361
FAX: 408-528-2903

-Colin Cooper
TEL: 408-528-2871
FAX: 408-528-2903

Openssl-fips

Version 1.2 (Firmware)
Cavium Octeon Plus CN5000 Family 12/31/2013 TLS( TLS1.0/1.1 ) SHA Val#2320 HMAC Val#1725

"OpenSSL is a third party open source code, which provides cryptographic services to user space daemons. The device uses openssl-fips-1.2 version. AP7131N userspace daemons (RADIUS, ntp, openssh, net-snmp, etc) using openssl crypto services call fips_mode_set() from their respective initialization functions."

185
Signature Generation of hash sized messages
FIPS186-4 ECDSA
Green Hills Software
30 W Sola Street
Santa Barbara, CA 93101
USA

-David Sequino
TEL: 206-310-6795
FAX: 978-383-0560

-Douglas Kovach
TEL: 727-781-4909
FAX: 727-781-2915

INTEGRITY Security Services Embedded Cryptographic Toolkit ECDSA

Version 2.0.415
ARM Cortex A9 w/ Green Hills Software INTEGRITY Multivisor v4 for ARM 12/31/2013 ECDSA SigGen Component: CURVES( P-256 P-384 P-521 )

"Green Hills Software ISS ECT is a standards-based crypto toolkit providing a flexible framework to integrate encryption, digital signatures and other security mechanisms into a wide range of applications. ISS ECT is designed to support multiple cryptographic providers with a single common API, easily targeted to a variety of Operating Systems. "

184
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Utimaco Safeware AG
Germanusstraße 4
Aachen, 52080
Germany

-Dr. Gesa Ott
TEL: ++49 241-1696-200
FAX: ++49 241-1696-199

-Dieter Bong
TEL: ++49 241-1696-200
FAX: ++49 241-1696-199

CryptoServer Se ECDSA

Version ecdsa1.1.2.0_eca1.1.3.0 (Firmware)
Texas Instruments TMS320C6416T 12/20/2013 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#184.

"ECDSA Component implements all ECDSA key sizes and curves to allow flexibility and efficiency."

183
Section 4.2,
TLS
SP800-135
Blue Coat Systems, Inc.
420 N. Mary Avenue
Sunnyvale, California 94085-4121
USA

-Diana Robinson
TEL: +1 (845) 454-6397

-Tammy Green
TEL: +1 (801) 999-2973

Blue Coat SG VA TLS Library

Version 1.0
Intel Xeon w/ VMware ESXi v5.1 with SGOS v6.5.2 12/20/2013 TLS( TLS1.0/1.1 ) SHA Val#2307 HMAC Val#1716

"The Blue Coat SG VA TLS Library provides the necessary SSL/TLS key derivation functionality to a proprietary operating system (SGOS 6.5.2) developed specifically for use in Blue Coat''s Secure Web Gateway virtual appliance ."

182
Section 5.2, SSH
SP800-135
Blue Coat Systems, Inc.
420 N. Mary Avenue
Sunnyvale, California 94085-4121
USA

-Diana Robinson
TEL: +1 (845) 454-6397

-Tammy Green
TEL: +1 (801) 999-2973

Blue Coat SG VA SSH Library

Version 1.0
Intel Xeon w/ VMware ESXi v5.1 with SGOS v6.5.2 12/20/2013 SSH (SHA 1 ) SHA Val#2307

"The Blue Coat SG VA SSH Library provides the necessary SSH key derivation functionality to a proprietary operating system (SGOS 6.5.2) developed specifically for use in Blue Coat''s Secure Web Gateway virtual appliance ."

181
Section 5.2, SSH
SP800-135
Blue Coat Systems, Inc.
420 N. Mary Avenue
Sunnyvale, California 94085-4121
USA

-Diana Robinson
TEL: +1 (845) 454-6397

-Tammy Green
TEL: +1 (801) 999-2973

Blue Coat SGOS SSH Library

Version 1.0 (Firmware)
Intel Xeon E5-2418L; Intel Xeon E5-2430; Intel Xeon E5-2658 12/20/2013 SSH (SHA 1 ) SHA Val#2292

"The Blue Coat SGOS SSH Library v1.0 provides the necessary SSH protocol support to a proprietary operating system (SGOS 6.5.2) developed specifically for use in Blue Coat''s ProxySG appliance line."

180
Section 4.2,
TLS
SP800-135
Blue Coat Systems, Inc.
420 N. Mary Avenue
Sunnyvale, California 94085-4121
USA

-Diana Robinson
TEL: +1 (845) 454-6397

-Tammy Green
TEL: +1 (801) 999-2973

Blue Coat SGOS TLS Library

Version 1.0 (Firmware)
Intel Xeon E5-2418L; Intel Xeon E5-2430; Intel Xeon E5-2658 12/20/2013 TLS( TLS1.0/1.1 ) SHA Val#2292 HMAC Val#1701

"The Blue Coat SGOS TLS Library provides the necessary SSL/TLS protocol support to a proprietary operating system (SGOS 6.5.2) developed specifically for use in Blue Coat''s ProxySG appliance line. ."

178
Section 4.2,
TLS
SP800-135
Barco N.V.
Noordlan 5
Kuurne, , 8520
Belgium

-Jean-Paul Schafer
TEL: +32 4 267 69 22
FAX: +32 4 267 69 99

SM

Version 0.1.6533
Part # bg140778
Freescale Q or IQ P2040 Power-PC w/ Linux 3.0.48-rt70.2-svn5965 12/18/2013 TLS( TLS1.0/1.1 ) SHA Val#2295 HMAC Val#1704

"Implementation on a Freescale Power_PC, using the OpenSSL Library"

177
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Giesecke & Devrient GmbH
Prinzregentenstraße 159
München, n/a 81677
Germany

-Katharina Wallhäußer
TEL: +49 89 4119-1397
FAX: +49 89 4119-2819

ECC SLE78

Version 1.2 (Firmware)
Part # SLE78CLFX4000 (M7892)
SLE78CLFX4000P(M) / M7892 family 12/18/2013 Curves tested: P-224   P-256   P-384   P-521

"Sm@rtCafé Expert 7.0 C1 is a Java Card 3 Platform Classic Edition compliant to GlobalPlatform CS V2.2.1 and GP V2.2 Amd D."

176
Section 4.2,
TLS
SP800-135
Tripwire, Inc.
101 SW Main St. Suite 1500
Portland, OR 97204
USA

-Brian R. Cox
TEL: 503-276-7500
FAX: 503-276-7643

Tripwire Cryptographic Module

Version 2.0.0
Oracle Java 1.6 w/ Microsoft Windows Server 2008 R2 12/13/2013 TLS( TLS1.0/1.1 ) SHA Val#2283 HMAC Val#1697

"Provides an AES implementation for Tripwire products."

175
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

Brocade MLXe MR2

Version BRCD-IP-CRYPTO-VER-3.0 (Firmware)
Freescale MPC 7448, RISC, 1700 MHz; 12/13/2013 TLS( TLS1.0/1.1 ) SHA Val#2282 HMAC Val#1696
SSH (SHA 1 ) SHA Val#2282

"The Brocade cryptographic library used in Brocade IP products implements crypto operations in software. The Brocade MLXe Series and Brocade NetIron® CER 2000 Series Ethernet Routers, Brocade NetIron CES 2000 Series Ethernet Switches provide industry-leading wire-speed port capacity without compromising the performance of advanced capabilities such as IPv6, MPLS, and MPLS Virtual Private Networks (VPNs)."

02/18/14: Update vendor information;

174
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-8101
FAX: 408-333-8101

Brocade MLXe MR

Version BRCD-IP-CRYPTO-VER-3.0 (Firmware)
Freescale MPC 7447A, RISC, 1000MHz 12/13/2013 TLS( TLS1.0/1.1 ) SHA Val#2281 HMAC Val#1695
SSH (SHA 1 ) SHA Val#2281

"The Brocade cryptographic library used in Brocade IP products implements crypto operations in software. The Brocade MLXe Series and Brocade NetIron® CER 2000 Series Ethernet Routers, Brocade NetIron CES 2000 Series Ethernet Switches provide industry-leading wire-speed port capacity without compromising the performance of advanced capabilities such as IPv6, MPLS, and MPLS Virtual Private Networks (VPNs)."

173
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

Brocade NetIron CES and CER 2000 Series

Version BRCD-IP-CRYPTO-VER-3.0 (Firmware)
Freescale MPC 8544, Power QUICC III, 800 MHz 12/13/2013 TLS( TLS1.0/1.1 ) SHA Val#2280 HMAC Val#1694
SSH (SHA 1 ) SHA Val#2280

"The Brocade cryptographic library used in Brocade IP products implements crypto operations in software. The Brocade MLXe Series and Brocade NetIron® CER 2000 Series Ethernet Routers, Brocade NetIron CES 2000 Series Ethernet Switches provide industry-leading wire-speed port capacity without compromising the performance of advanced capabilities such as IPv6, MPLS, and MPLS Virtual Private Networks (VPNs)."

172
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
McAfee, Inc.
2340 Energy Park Drive
St. Paul, MN 55108
USA

-Mark Hanson
TEL: 651-628-1633
FAX: 651-628-2701

McAfee Firewall Enterprise 64-bit Cryptographic Engine (Virtual)

Version 8.3.2
Intel Xeon w/ VMware ESXi v5.0 with SecureOS 8.3 12/13/2013 IKEv1( ( 1024 (SHA 1 , 256 , 384 , 512 ) ) ( 185 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#2279 HMAC Val#1693
IKEv2( ( 1024 (SHA 1 , 256 , 384 , 512 ) ) ( 185 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#2279 HMAC Val#1693
TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#2279 HMAC Val#1693
SSH (SHA 1 , 256 , 384 , 512 ) SHA Val#2279
SNMP SHA1 Val#2279

"The McAfee Firewall Enterprise 64-bit Cryptographic Engine (Virtual) is a software library that provides cryptographic services for applications on virtual deployments of the McAfee Firewall Enterprise Appliance."

171
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
McAfee, Inc.
2340 Energy Park Drive
St. Paul, MN 55108
USA

-Mark Hanson
TEL: 651-628-1633
FAX: 651-628-2701

McAfee Firewall Enterprise 64-bit Cryptographic Engine

Version 8.3.2 (Firmware)
Intel Atom; Intel Core; Intel Pentium; Intel Xeon 12/13/2013 IKEv1( AUTH( DSA , PKE , PSK ) ) ( 1024 (SHA 1 , 256 , 384 , 512 ) ) ( 185 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#2278 HMAC Val#1692
IKEv2( ( 1024 (SHA 1 , 256 , 384 , 512 ) ) ( 185 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#2278 HMAC Val#1692
TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#2278 HMAC Val#1692
SSH (SHA 1 , 256 , 384 , 512 ) SHA Val#2278
SNMP SHA1 Val#2278

"The McAfee Firewall Enterprise 64-bit Cryptographic Engine is a firmware library that provides cryptographic services for applications across several versions of the McAfee Firewall Enterprise Appliances."

170
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
McAfee, Inc.
2340 Energy Park Drive
St. Paul, MN 55108
USA

-Mark Hanson
TEL: 651-628-1633
FAX: 651-628-2701

McAfee Firewall Enterprise 32-bit Cryptographic Engine (Virtual)

Version 8.3.2
Intel Xeon w/ VMware ESXi v5.0 with SecureOS 8.3 12/13/2013 IKEv1( AUTH( DSA , PKE , PSK ) ) ( 1024 (SHA 1 , 256 , 384 , 512 ) ) ( 185 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#2277 HMAC Val#1691
IKEv2( ( 1024 (SHA 1 , 256 , 384 , 512 ) ) ( 185 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#2277 HMAC Val#1691
TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#2277 HMAC Val#1691
SSH (SHA 1 , 256 , 384 , 512 ) SHA Val#2277
SNMP SHA1 Val#2277

"The McAfee Firewall Enterprise 32-bit Cryptographic Engine (Virtual) is a software library that provides cryptographic services for applications on virtual deployments of the McAfee Firewall Enterprise Appliance."

169
Section 4.1.2,
IKEv2
SP800-135
Ultra Electronics 3eTI
9715 Key West Avenue, Suite 500
Rockville, MD 20850
USA

-Chris Guo
TEL: 301-944-1294
FAX: 301-670-6779

-Harinder Sood
TEL: 301-944-1325
FAX: 301-670-6779

3eTI OpenSSL Algorithm Implementation

Version 1.0.1-a (Firmware)
MPC8378E 12/13/2013 IKEv2( ( 1024 (SHA 1 , 256 , 384 , 512 ) ) ( 1536 (SHA 1 , 256 , 384 , 512 ) ) ( 2048 (SHA 256 , 384 , 512 ) ) SHA Val#1801 HMAC Val#1253

"Algorithms listed are used to provide encryption and authentication services within 3eTI networking products."

12/18/13: Updated implementation information;

168
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
McAfee, Inc.
2340 Energy Park Drive
St. Paul, MN 55108
USA

-Mark Hanson
TEL: 651-628-1633
FAX: 651-628-2701

McAfee Firewall Enterprise 32-bit Cryptographic Engine

Version 8.3.2 (Firmware)
Intel Atom; Intel Core i3; Intel Pentium; Intel Xeon 12/13/2013 IKEv1( AUTH( DSA , PKE , PSK ) ) ( 1024 (SHA 1 , 256 , 384 , 512 ) ) ( 185 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#2276 HMAC Val#1690
IKEv2( ( 1024 (SHA 1 , 256 , 384 , 512 ) ) ( 185 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#2276 HMAC Val#1690
TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#2276 HMAC Val#1690
SSH (SHA 1 , 256 , 384 , 512 ) SHA Val#2276
SNMP SHA1 Val#2276

"The McAfee Firewall Enterprise 32-bit Cryptographic Engine is a firmware library that provides cryptographic services for applications across several versions of the McAfee Firewall Enterprise Appliances."

167
Section 4.2,
TLS
SP800-135
Cavium, Inc.
2315 N.First Street
San Jose, CA 95131
USA

-Tasha Castañeda
TEL: 408 943-7380

Nitrox III TLS KDF

Version Nitrox III TLS KDF, 89547 (Firmware)
Part # Nitrox III Series Die 1.1
Cavium Nitrox III Series 12/13/2013 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#1780 HMAC Val#1233

"NITROX III chips implement SHA1/SHA2, 3DES/AES256 CBC, ModMul/ModEx/RSA, GCM and CTR modes, and SP800-90A DRBG. Perf: 5 to 30 Gbps encrypt/hash; 35K to 200K RSA 1024b ops/sec; 6K to 35K RSA 2048b ops/sec. NITROX III microcode also implements protocol-specific acceleration for IPSec and SSL."

166
Section 4.2,
TLS
SP800-135
Cavium, Inc.
2315 N.First Street
San Jose, CA 95131
USA

-Tasha Castañeda
TEL: 408 943-7380

Nitrox Px TLS KDF

Version Nitrox Px TLS KDF, 1.85 (Firmware)
Part # Nitrox Px Series Die, 1.2
Cavium Nitrox Px Series 12/13/2013 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#801 SHA Val#1379 HMAC Val#443 HMAC Val#1677

"NITROX PX implements algorithms in hardware in each of several identical processor cores: SHA and MD5 hash/HMAC, 3 DES/AES256 encryption, and ModMul/ModEx/RSA pkcs 1 v15. IPSec, SSL, and WLAN protocols are aslo accelerated. Performance ranges available: 500Mbps to 2.5 Gbps encryption and/or hash; 4K to 17K RSA ops/sec; 6K to 25K DH ops/sec."

01/30/14: Updated implementation information;

165
Section 4.2,
TLS
SP800-135
DragonWave, Inc.
600-411 Legget Drive
Ottawa, ON K2K3C9
Canada

-Justin Wintour
TEL: (613) 599-9991

-Ingrid Mag
TEL: (613) 599-9991

Dragonwave Secure Cryptographic Module for Horizon Quantum

Version 1.3 (Firmware)
Freescale MPC8313 12/13/2013 TLS( TLS1.0/1.1 ) SHA Val#2274 HMAC Val#1688

"The DragonWave Secure Cryptographic Module firmware implementation provides peer-to-peer TLS communications for the management path established between two Quantum radio links."

164
Section 4.2,
TLS
SP800-135
DragonWave, Inc.
600-411 Legget Drive
Ottawa, ON K2K3C9
Canada

-Justin Wintour
TEL: (613) 599-9991

-Ingrid Mag
TEL: (613) 599-9991

Dragonwave Secure Cryptographic Module for Horizon Compact+

Version 1.2.5 (Firmware)
Freescale MPC8313 12/13/2013 TLS( TLS1.0/1.1 ) SHA Val#2273 HMAC Val#1687

"The DragonWave Secure Cryptographic Module firmware implementation provides peer-to-peer TLS communications for the management path established between two Compact+ radio links."

163
Section 4.1.1,
IKEv1
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
WatchGuard Technologies, Inc.
505 Fifth Avenue South, Suite 500
Seattle, Washington 98104
USA

-Peter Eng
TEL: 206 613-6608
FAX: 206 613-0888

XTM Cryptographic Module

Version 11.6.5 (Firmware)
Intel E3 12/6/2013 IKEv1( AUTH( DSA , PSK ) ) ( 1024 (SHA 1 ) ) SHA Val#2033 HMAC Val#1464
TLS( TLS1.0/1.1 ) SHA Val#2033 HMAC Val#1464
SSH (SHA 1 ) SHA Val#2033
SNMP SHA1 Val#2033

"WatchGuard XTM security appliances are designed to protect organizations from various security and productivity threats, including viruses, network attacks, intrusion attempts, Trojan horses, harmful or counterproductive URLs, spam, and more, while also providing secure Virtual Private Network (VPN) connections among workplaces and remote users."

162
Section 4.1.1,
IKEv1
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Hewlett-Packard Company
153 Taylor Street
Littleton, MA 01460
USA

-Bob Pittman
TEL: 1-978-264-5211
FAX: 1-978-264-5522

HP Comware

Version 5.2 (Firmware)
P1020, 800 Mhz, PowerPC; XLP432, 1.4 Ghz, MIPS; XLR 732, 950 Mhz, MIPS; XLS208, 750 Mhz, MIPS 11/29/2013 IKEv1( AUTH( DSA , PSK ) ) ( 1024 (SHA 1 ) ) SHA Val#2266 HMAC Val#1680
TLS( TLS1.0/1.1 ) SHA Val#2266 HMAC Val#1680
SSH (SHA 1 ) SHA Val#2266
SNMP SHA1 Val#2266

"Comware cryptographic library is a software library that provides cryptographic functions within HP devices."

161
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

Brocade FCX 624/648 and ICX 6610 Series

Version BRCD-IP-Crypto-Ver-3.0 (Firmware)
Freescale MPC8544E, 800 MHz 11/29/2013 TLS( TLS1.0/1.1 ) SHA Val#2265 HMAC Val#1679
SSH (SHA 1 ) SHA Val#2265

"The Brocade cryptographic library used in Brocade IP products implements crypto operations in software. The Brocade ICX6610 delivers wire-speed, non-blocking performance across all ports to support latency-sensitive. The Brocade FCX Series offers a comprehensive line of switches with specific models optimized for campus and data center deployment."

160
Section 4.2,
TLS
SP800-135
Sony Corporation
1-7-1 Konan
Minato-ku, Tokyo 108-0075
Japan

-Hirotaka Kondo
TEL: +81 50 3140 9888
FAX: +81 50 3809 1421

-Shigeki Yamamoto
TEL: +81 50 3140 9131
FAX: +81 50 3809 1421

Sony IMB TLSKDF Core-S

Version 1.0.1 (Firmware)
RENESAS SH-4A 11/29/2013 TLS( TLS1.0/1.1 ) SHA Val#1364 HMAC Val#902

"Sony IMB TLSKDF Core-S is the firmware module for digital cinema system."

159
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

Brocade ICX 6450 and ICX 6450-C12 Series

Version BRCD-IP-Crypto-Ver-3.0 (Firmware)
ARM ARMv5TE, 800 MHz 11/22/2013 TLS( TLS1.0/1.1 )
SSH (SHA 1 )

"The Brocade cryptographic library used in Brocade IP products implements crypto operations in software. Brocade ICX6450 switches deliver enterprise-class stackable switching at an entry-level price."

158
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

Brocade FIPS Crypto Library

Version v7.2.0 (Firmware)
Power PC 8548 and 440GX 11/22/2013 TLS( TLS1.0/1.1 ) SHA Val#749 HMAC Val#933
SSH (SHA 1 , 256 ) SHA Val#749

"The Brocade cryptographic library used in Brocade Fabric OS products implements crypto operations in software."

157
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

Brocade FIPS Crypto Library

Version v7.2.0 (Firmware)
AMCC PPC440EPX 11/22/2013 TLS( TLS1.0/1.1 ) SHA Val#1408 HMAC Val#934
SSH (SHA 1 ) SHA Val#1408

"The Brocade cryptographic library used in Brocade Fabric OS products implements crypto operations in software."

156
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

Brocade SX800/SX1600 Series

Version BRCD-IP-Crypto-Ver-3.0 (Firmware)
Freescale P3041E, 1.5 GHz 11/22/2013 TLS( TLS1.0/1.1 ) SHA Val#2259 HMAC Val#1675
SSH (SHA 1 ) SHA Val#2259

"The Brocade cryptographic library used in Brocade IP products implements crypto operations in software. The FastIron SX Series extends control from the network edge to the core with intelligent network services, such as Quality of Service (QoS) and provides a scalable, secure, low-latency, and fault-tolerant IP services solution for 1GbE and 10 GbE enterprise deployments."

155
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

Brocade ICX 7750

Version BRCD-IP-Crypto-Ver-3.0 (Firmware)
Freescale P2041, 1.5GHz 11/22/2013 TLS( TLS1.0/1.1 ) SHA Val#2258 HMAC Val#1674
SSH (SHA 1 ) SHA Val#2258

"The Brocade cryptographic library used in Brocade IP products implements crypto operations in software. The Brocade ICX 7750 is an Ethernet switch for campus LAN aggregation and classic Ethernet data center Top of Rack (ToR) environments."

154
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

Brocade ICX 6650

Version BRCD-IP-Crypto-Ver-3.0 (Firmware)
Freescale MPC8544E, 800 MHz 11/22/2013 TLS( TLS1.0/1.1 ) SHA Val#2257 HMAC Val#1673
SSH (SHA 1 ) SHA Val#2257

"The Brocade cryptographic library used in Brocade IP products implements crypto operations in software. The Brocade ICX 6650 is an Ethernet switch for campus LAN aggregation and classic Ethernet data center Top of Rack (ToR) environments."

153
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134
USA

-Global Certification Team

CiscoSSL FIPS Object Module (Assembler)

Version 4.1
ARM Cortex-A9 w/ Android 4.0; Intel Xeon w/ Windows 7; Freescale PowerPC-e500 w/ Linux 2.6; Intel Xeon with AES-NI w/ Windows 7; Cavium Octeon MIPS64 w/ Linux 2.6; Intel Xeon w/ Linux 2.6; Intel Xeon with AES-NI w/ Linux 2.6 11/22/2013 Curves tested: P-256   P-384   P-521
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#153.

"The Cisco FIPS Object Module is a software library that provides cryptographic services to a vast array of Cisco''s networking and collaboration products."

152
Section 4.1.1,
IKEv1
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Aruba Networks, Inc.
1344 Crossman Ave
Sunnyvale, CA 94089
USA

-Jon Green
TEL: 408-227-4500
FAX: 408-227-4550

ArubaOS OpenSSL Module

Version ArubaOS 6.3 (Firmware)
Qualcomm Atheros AR7161; Qualcomm Atheros AR7242; Cavium CN5010; Marvell 88F6560; Qualcomm Atheros QCA9344; Qualcomm Atheros QCA9550; Broadcom XLP416; Broadcom XLP432; Broadcom XLR732; Broadcom XLR508; Broadcom XLR516; Broadcom XLR532; Broadcom XLS204; Broadcom XLS408; Freescale QorIQ P1020 11/22/2013 IKEv1( AUTH( DSA , PSK ) ) ( 1024 (SHA 1 , 256 , 384 ) ) ( 2048 (SHA 256 , 384 ) ) SHA Val#2249 HMAC Val#1666
TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#2249 HMAC Val#1666
SSH (SHA 1 ) SHA Val#2249
SNMP SHA1 Val#2249

"The Aruba MOVE Architecture forms the core network infrastructure for supporting mobile and wireless computing devices. The system enables enterprise-scale 802.11 wireless LANs (Wi-Fi), secure remote VPNs, and mobility-optimized wired networks.."

151
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134
USA

-Global Certification Team

CiscoSSL FIPS Object Module

Version 4.1
Cavium Octeon MIPS64 w/ Linux 2.6; Intel Xeon w/ FreeBSD 9.0 11/22/2013 Curves tested: P-256   P-384   P-521
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#151.

"The Cisco FIPS Object Module is a software library that provides cryptographic services to a vast array of Cisco''s networking and collaboration products."

150
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
SP800-135
Aruba Networks, Inc.
1344 Crossman Ave
Sunnyvale, CA 94089
USA

-Jon Green
TEL: 408-227-4500
FAX: 408-227-4550

ArubaOS Crypto Module

Version ArubaOS 6.3 (Firmware)
Broadcom XLS204; Broadcom XLS408; Broadcom XLR508; Broadcom XLR516; Broadcom XLR532; Broadcom XLR732; Broadcom XLP416; Broadcom XLP432; Qualcomm Atheros AR7242; Qualcomm Atheros AR7161; Qualcomm Atheros QCA9550; Cavium CN5010; Marvell 88F6560; Qualcomm Atheros QCA9344; Freescale QorIQ P1020 11/15/2013 IKEv1( AUTH( DSA , PSK ) ) ( 1024 (SHA 1 , 256 , 384 ) ) ( 2048 (SHA 256 , 384 ) ) SHA Val#2246 HMAC Val#1663
IKEv2( ( 1024 (SHA 1 , 256 , 384 ) ) ( 2048 (SHA 256 , 384 ) ) SHA Val#2246 HMAC Val#1663

"The Aruba MOVE Architecture forms the core network infrastructure for supporting mobile and wireless computing devices. The system enables enterprise-scale 802.11 wireless LANs (Wi-Fi), secure remote VPNs, and mobility-optimized wired networks."

149
Section 4.1.1,
IKEv1
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Hewlett-Packard Company
153 Taylor Street
Littleton, MA 01460
USA

-Bob Pittman
TEL: 1-978-264-5211
FAX: 1-978-264-5522

HP Comware

Version 5.2 (Firmware)
Freescale MPC8314, 333MHZ, PowerPC; Freescale P2020, 1.0GHz, PowerPC; Freescale P4080, 1.5GHZ, PowerPC; Broadcom XLR732, 1.0GHz, MIPS 11/15/2013 IKEv1( SHA Val#2245 HMAC Val#1662
TLS( TLS1.0/1.1 ) SHA Val#2245 HMAC Val#1662
SSH (SHA 1 ) SHA Val#2245
SNMP SHA1 Val#2245

"Comware cryptographic library is a software library that provides cryptographic functions within HP devices."

148
All of SP800-56A EXCEPT KDF
SP800-56A
Allegro Software Development Corporation
1740 Massachusetts Avenue
Boxborough, MA 01719
USA

-Alan Presser
TEL: +1 (978) 264-6600

Allegro Cryptographic Engine

Version 1.1.8
Intel Core 2 Duo E8400 w/ Windows 7 Ultimate (64-bit) 11/8/2013 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC DSA Val#810 SHS Val#2243 DRBG Val#430 AES Val#2671 AES Val#2671 HMAC Val#1661
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 ECDSA Val#465 SHS Val#2243 DRBG Val#430 AES Val#2671 AES Val#2671 HMAC Val#1661
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#148.

"The Allegro Cryptographic Engine (ACE) is a cryptographic library module for embedded computing systems. ACE provides software implementations of algorithms for calculations of message digests, digital signature creation and verification, bulk encryption and decryption, key generation and key exchange."

147
Section 4.1.1,
IKEv1
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Hewlett-Packard Company
153 Taylor Street
Littleton, MA 01460
USA

-Bob Pittman
TEL: 1-978-264-5211
FAX: 1-978-264-5522

HP Comware

Version 5.2 (Firmware)
Freescale P2020, 1000MHz, PowerPC 11/8/2013 IKEv1( AUTH( DSA , PSK ) ) SHA Val#2242 HMAC Val#1660
TLS( TLS1.0/1.1 ) SHA Val#2242 HMAC Val#1660
SSH (SHA 1 ) SHA Val#2242
SNMP SHA1 Val#2242

"Comware cryptographic library is a software library that provides cryptographic functions within HP devices."

146
Section 4.1.1,
IKEv1
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Hewlett-Packard Company
153 Taylor Street
Littleton, MA 01460
USA

-n/a

HP Comware

Version 7.1
MPC8544 w/ Comware V7.1; XLS408 w/ Comware V7.1 11/8/2013 IKEv1( AUTH( DSA , PSK ) ) ( 1024 (SHA 1 ) ) SHA Val#2238 HMAC Val#1656
TLS( TLS1.0/1.1 ) SHA Val#2238 HMAC Val#1656
SSH (SHA 1 ) SHA Val#2238
SNMP SHA1 Val#2238

"Comware cryptographic library is a software library that provides cryptographic functions within HP devices."

145
Section 4.1.1,
IKEv1
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
HP
153 Taylor Street
Littleton, MA 01460
USA

-Boby Joseph
TEL: 978-264-5379
FAX: 978-254-5522

HP Comware

Version 5.2
Broadcom BCM5836, 264MHz, MIPS w/ ComwareV5.2; Freescale MPC8349, 533MHZ, PowerPC w/ ComwareV5.2; Freescale MPC8544,667MHz,PowerPC w/ ComwareV5.2; Broadcom BCM112x, 600MHZ, MIPS w/ ComwareV5.2; RMI (Netlogic) XLS408,1GHz,MIPS w/ ComwareV5.2 11/8/2013 IKEv1( AUTH( DSA , PSK ) ) ( 1024 (SHA 1 ) ) SHA Val#2070 HMAC Val#1499
TLS( TLS1.0/1.1 ) SHA Val#2070 HMAC Val#1499
SSH (SHA 1 ) SHA Val#2070
SNMP SHA1 Val#2070

"Comware cryptographic library is a software library that provides cryptographic functions within HP devices."

144
Section 4.2,
TLS
SP800-135
A10 Networks, Inc.
3 West Plumeria Drive
San Jose, CA 95134
USA

-John Chiong
TEL: +1 408 325-8668

A10 Networks Data Plane TLS KDF FIPS Library CNN3550

Version 1.0 (Firmware)
Part # CNN3550
CNN3550 10/25/2013 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#2013 HMAC Val#1444

"The AX Series Advanced Traffic Manager is designed to meet the growing demands of Web sites, carriers and enterprises. The AX offers intelligent Layer 4-7 application processing capabilities with industry-leading performance and scalability to meet critical business requirements at competitive prices."

12/20/13: Updated implementation information;

143
Section 4.2,
TLS
SP800-135
A10 Networks, Inc.
3 West Plumeria Drive
San Jose, CA 95134
USA

-John Chiong
TEL: +1 408 325-8668

A10 Networks Data Plane TLS KDF FIPS Library CNN3530

Version 1.0 (Firmware)
Part # CNN3530
CNN3530 10/25/2013 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#2236 HMAC Val#1654

"The AX Series Advanced Traffic Manager is designed to meet the growing demands of Web sites, carriers and enterprises. The AX offers intelligent Layer 4-7 application processing capabilities with industry-leading performance and scalability to meet critical business requirements at competitive prices."

12/20/13: Updated implementation information;

142
Section 4.2,
TLS
SP800-135
A10 Networks, Inc.
3 West Plumeria Drive
San Jose, CA 95134
USA

-John Chiong
TEL: +1 408 325-8668

A10 Networks Data Plane TLS KDF FIPS Library CNN3510

Version 1.0 (Firmware)
Part # CNN3510
CNN3510 10/25/2013 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#2235 HMAC Val#1653

"The AX Series Advanced Traffic Manager is designed to meet the growing demands of Web sites, carriers and enterprises. The AX offers intelligent Layer 4-7 application processing capabilities with industry-leading performance and scalability to meet critical business requirements at competitive prices."

12/20/13: Updated implementation information;

141
Section 4.2,
TLS
SP800-135
A10 Networks, Inc.
3 West Plumeria Drive
San Jose, CA 95134
USA

-John Chiong
TEL: +1 408 325-8668

A10 Networks Data Plane TLS KDF FIPS Library CN1620

Version 1.0 (Firmware)
Part # CN 1620
CN1620 10/25/2013 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#1525 HMAC Val#1017

"The AX Series Advanced Traffic Manager is designed to meet the growing demands of Web sites, carriers and enterprises. The AX offers intelligent Layer 4-7 application processing capabilities with industry-leading performance and scalability to meet critical business requirements at competitive prices."

12/20/13: Updated impelementation information;

140
Section 4.2,
TLS
SP800-135
A10 Networks, Inc.
3 West Plumeria Drive
San Jose, CA 95134
USA

-John Chiong
TEL: +1 408 325-8668

A10 Networks Data Plane TLS KDF FIPS Library CN1615

Version 1.0 (Firmware)
Part # CN1615
CN1615 10/25/2013 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#1524 HMAC Val#1016

"The AX Series Advanced Traffic Manager is designed to meet the growing demands of Web sites, carriers and enterprises. The AX offers intelligent Layer 4-7 application processing capabilities with industry-leading performance and scalability to meet critical business requirements at competitive prices."

12/20/13: Updated impelementation information;

139
Section 4.2,
TLS
SP800-135
A10 Networks, Inc.
3 West Plumeria Drive
San Jose, CA 95134
USA

-John Chiong
TEL: +1 408 325-8668

A10 Networks Data Plane TLS KDF FIPS Library CN1610

Version 1.0 (Firmware)
Part # CN1610
CN1610 10/25/2013 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#2234 HMAC Val#1652

"The AX Series Advanced Traffic Manager is designed to meet the growing demands of Web sites, carriers and enterprises. The AX offers intelligent Layer 4-7 application processing capabilities with industry-leading performance and scalability to meet critical business requirements at competitive prices."

12/20/13: Updated implementation information;

138
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

FCX 624_648_ICX6610

Version BRCD-IP-CRYPTO-VER-2.0 (Firmware)
Freescale 8544E 10/25/2013 TLS( TLS1.0/1.1 ) SHA Val#2227 HMAC Val#1645
SSH (SHA 1 ) SHA Val#2227

"The Brocade cryptographic library used in Brocade IP products implements crypto operations in software. The Brocade ICx 6610 delivers wire-speed, non-blocking performance across all ports to support latency-sensitivity. The Brocade FCX Series offfers a comprehensive line of switches with specific models optimized for campus and data center deployments. "

11/08/13: Updated implementation information;

137
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

Brocade ICX 6450 and ICX 6450-C12 Series

Version BRCD-IP-CRYPTO-VER-2.0 (Firmware)
ARMv5TE, 800 MHz 10/25/2013 TLS( TLS1.0/1.1 ) SHA Val#2226 HMAC Val#1644
SSH (SHA 1 ) SHA Val#2226

"The Brocade cryptographic library used in Brocade IP products implements crypto operations in software. Brocade ICX6450 switches deliver enterprise-class stackable switching at an entry-level price."

136
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

Brocade SX800/SX1600 Series

Version BRCD-IP-CRYPTO-VER-2.0 (Firmware)
Freescale P3041E, 1.5 GHz 10/25/2013 TLS( TLS1.0/1.1 ) SHA Val#2225 HMAC Val#1643
SSH (SHA 1 ) SHA Val#2225

"The Brocade cryptographic library used in Brocade IP products implements crypto operations in software. The FastIron SX Series extends control from the network edge to the core with intelligent network services, such as Quality of Service (QoS) and provides a scalable, secure, low-latency and fault-tolerant IP services solution for 1 GbE and 10 GbE enterprise deployments."

135
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

FIPS 140-2 Certification for Brocade ICX 6650

Version BRC-IP-CRYPTO-VER-2.0 (Firmware)
Freescale MPC8544E, 800 MHz 10/25/2013 TLS( TLS1.0/1.1 ) SHA Val#2224 HMAC Val#1642
SSH (SHA 1 ) SHA Val#2224

"The Brocade ICX 6500 Switch is a compact Ethernet switch that delivers industry-leading 10/40 GbE density."

134
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-8101
FAX: 408-333-8101

FIPS 140-2 Certification for Brocade MLXe and CER 2000 Series

Version BRCD-IP-CRYPTO-VER-2.0-0131131200 (Firmware)
Freescale MPC 7447A, RISC, 1000MHz 10/25/2013 TLS( TLS1.0/1.1 ) SHA Val#2221 HMAC Val#1639
SSH (SHA 1 ) SHA Val#2221

"The Brocade cryptographic library used in Brocade IP products implements crypto operations in software. The Brocade MLX Series and NetIron CER 2000 Series provide industry-leading wire-speed port capacity without compromising the performance of advanced capabilities such as IPv6, MPLS and MPLS Virtual Private Networks (VPNs)."

11/08/13: Updated implementation information;

133
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

FIPS 140-2 Certification for Brocade MLXe and CER 2000 Series

Version BRCD-IP-CRYPTO_VER-2.0 (Firmware)
Freescale MPC8544, PowerQUICC III, 800 MHz 10/25/2013 TLS( TLS1.0/1.1 ) SHA Val#2223 HMAC Val#1641
SSH (SHA 1 ) SHA Val#2223

"The Brocade cryptographic library used in Brocade IP products implements crypto operations in software. The Brocade MLX Series and NetIron CER 2000 Series provide industry-leading wire-speed port capacity without compromising the performance of advanced capabilities such as IPv6, MPLS and MPLS Virtual Private Networks (VPNs). "

132
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

FIPS 140-2 Certification for Brocade MLXe and CER 2000 Series

Version BRCD-IP-CRYPTO-VER-2.0 (Firmware)
Freescale MPC7448, RISC, 1700 MHz 10/25/2013 TLS( TLS1.0/1.1 ) SHA Val#2222 HMAC Val#1640
SSH (SHA 1 ) SHA Val#2222

"The Brocade cryptographic library used in Brocade IP products implements crypto operations in software. The Brocade MLX Series and NetIron CER 2000 Series provide industry-leading wire-speed port capacity without compromising the performance of advanced capabilities such as IPv6, MPLS and MPLS Virtual Private Networks (VPNs)."

131
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

Brocade FIPS Crypto Library

Version NOS 4.0.1 (Firmware)
Part # Freescale e500mc
Freescale e500mc 10/25/2013 TLS( TLS1.0/1.1 ) SHA Val#1966 HMAC Val#933
SSH (SHA 1 , 256 ) SHA Val#1966

"The Brocade cryptographic library used in Brocade Network OS products implements crypto operations in software."

130
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

Brocade FIPS Crypto Library

Version NOS 4.0.1 (Firmware)
Part # Freescale e500mc
Freescale e500mc 10/25/2013 TLS( TLS1.0/1.1 ) SHA Val#1966 HMAC Val#933
SSH (SHA 1 , 256 ) SHA Val#1966

"The Brocade cryptographic library used in Brocade Network OS products implements crypto operations in software."

129
Section 4.2,
TLS
Section 5.4, SNMP
SP800-135
McAfee, Inc.
2340 Energy Park Drive
St. Paul, MN 55108
USA

-Mark Hanson
TEL: 651-628-1633
FAX: 651-628-2701

McAfee Firewall Enterprise 64-Bit Protocol Engine (Virtual)

Version 8.3
Intel Xeon w/ SecureOS running on Crossbeam XOS v9.9.0 10/25/2013 TLS( TLS1.0/1.1 ) SHA Val#1991 HMAC Val#1421
SNMP SHA1 Val#1991

"The McAfee Firewall Enterprise 64-Bit Protocol Engine (Virtual) provides implementations of secure communications protocols. This engine supports various applications running on virtual deployments of McAfee''s Firewall Enterprise appliance."

128
Section 4.2,
TLS
Section 5.4, SNMP
SP800-135
McAfee, Inc.
2340 Energy Park Drive
St. Paul, MN 55108
USA

-Mark Hanson
TEL: 651-628-1633
FAX: 651-628-2701

McAfee Firewall Enterprise 64-Bit Protocol Engine

Version 8.3 (Firmware)
Intel Xeon 10/25/2013 TLS( TLS1.0/1.1 ) SHA Val#1990 HMAC Val#1420
SNMP SHA1 Val#1990

"The McAfee Firewall Enterprise 64-Bit Protocol Engine provides implementations of secure communications protocols. This engine supports various applications running on McAfee''s Firewall Enterprise appliance."

127
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
McAfee, Inc.
2340 Energy Park Drive
St. Paul, MN 55108
USA

-Mark Hanson
TEL: 651-628-1633
FAX: 651-628-2701

McAfee Firewall Enterprise 32-Bit Protocol Engine (Virtual)

Version 8.3
Intel Xeon w/ SecureOS running on Crossbeam XOS v9.9.0 10/25/2013 IKEv1( AUTH( DSA , PKE , PSK ) ) ( 1024 (SHA 1 , 256 , 384 , 512 ) ) ( 2048 (SHA 256 , 384 , 512 ) ) SHA Val#1989 HMAC Val#1419
IKEv2( ( 1024 (SHA 1 , 256 , 384 , 512 ) ) ( 2048 (SHA 256 , 384 , 512 ) ) SHA Val#1989 HMAC Val#1419
TLS( TLS1.0/1.1 ) SHA Val#1989 HMAC Val#1419
SSH (SHA 1 , 256 , 384 , 512 ) SHA Val#1989

"The McAfee Firewall Enterprise 32-Bit Protocol Engine (Virtual) provides implementations of secure communications protocols. This engine supports various applications running on virtual deployments of McAfee''s Firewall Enterprise appliance."

126
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
McAfee, Inc.
2340 Energy Park Drive
St. Paul, MN 55108
USA

-Mark Hanson
TEL: 651-628-1633
FAX: 651-628-2701

McAfee Firewall Enterprise 32-Bit Protocol Engine

Version 8.3 (Firmware)
Intel Xeon 10/25/2013 IKEv1( AUTH( DSA , PKE , PSK ) ) ( 1024 (SHA 1 , 256 , 384 , 512 ) ) ( 2048 (SHA 256 , 384 , 512 ) ) SHA Val#1988 HMAC Val#1418
IKEv2( ( 1024 (SHA 1 , 256 , 384 , 512 ) ) ( 2048 (SHA 256 , 384 , 512 ) ) SHA Val#1988 HMAC Val#1418
TLS( TLS1.0/1.1 ) SHA Val#1988 HMAC Val#1418
SSH (SHA 1 , 256 , 384 , 512 ) SHA Val#1988

"The McAfee Firewall Enterprise 32-Bit Protocol Engine provides implementations for secure communications protocols. This engine supports various applications running on McAfee''s Firewall Enterprise appliance."

125
Section 5.3, SRTP
SP800-135
Sonus Networks
4 Technology Park Drive
Westford, MA 01886
USA

-Sandeep Kaushik
TEL: 1-855-GO-SONUS
FAX: 978-614-8101

-Nui Chan
TEL: 1-855-GO-SONUS
FAX: 978-614-8101

Sonus Cryptographic Media Processor

Version 1 (Firmware)
Cavium OCTEON Plus CN5860 10/25/2013 SRTP (AES 128 ) AES Val#2644

"Sonus Session Border Controller FIPS-validated cryptographic media module"

124
Section 5.7.1.2: ECC CDH Primitive
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-56A

SP800-135
Sonus Networks
4 Technology Park Drive
Westford, MA 01886
USA

-Sandeep Kaushik
TEL: 1-855-GO-SONUS
FAX: 978-614-8101

-Nui Chan
TEL: 1-855-GO-SONUS
FAX: 978-614-8101

Sonus Cryptographic Library

Version 1
Intel Nehalem w/ Sonus Debian Linux 02.00.02-A026 10/25/2013 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571
TLS( TLS1.2 (SHA 256 ) ) SHA Val#2217 HMAC Val#1635
SSH (SHA 1 , 224 , 256 , 384 , 512 ) SHA Val#2217
SNMP SHA1 Val#2217
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#124.

"Sonus Session Border Controller FIPS-validated cryptographic software module"

123
Section 4.2,
TLS
SP800-135
Blue Coat Systems, Inc.
420 N. Mary Avenue
Sunnyvale, California 94085-4121
USA

-Diana Robinson
TEL: 866-302-2628

Blue Coat SSL Visibility Appliance SV2800

Version 0.9.8
Intel E5620 Quad Core w/ Linux x86_64 10/25/2013 TLS( TLS1.0/1.1 ) SHA Val#2215 HMAC Val#1634

"The SSL Visibility Appliance is designed to detect SSL traffic and then under policy control to "inspect" the traffic. Inspection involves decrypting and re-encrypting the traffic to gain access to the clear text then passing this data to one or more associated security appliance(s) that need to see decrypted traffic."

122
Section 5.4, SNMP
SP800-135
Motorola Solutions, Inc.
6480 Via Del Oro
San Jose, CA 95119
USA

-Ashot Andreasyan
TEL: 408-826-3203
FAX: 408-528-2883

SNMP

Version 5.3.0.1 (Firmware)
Free Scale MPC-7457; Free Scale MPC-8568E 10/25/2013 SNMP SHA1 Val#2057

"SNMP Key Derivation function is used to derive shared secret keys for SNMP Common Agent in S6000 and GGM8000 network devices."

121
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134
USA

-Global Certification Team

CiscoSSL FIPS Object Module (Assembler)

Version 4.0
ARM Cortex-A9 w/ Android 4.0; Intel Xeon w/ Windows 7; Freescale PowerPC-e500 w/ Linux 2.6; Freescale PowerPC-e500 w/ Linux 2.6; Intel Xeon with AES-NI w/ Windows 7; Cavium Octeon MIPS64 w/ Linux 2.6; Intel Xeon w/ Linux 2.6; Intel Xeon with AES-NI w/ Linux 2.6 10/1/2013 Curves tested: P-224   P-256   P-384   P-521
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#121.

"The Cisco FIPS Object Module is a software library that provides cryptographic services to a vast array of Cisco''s networking and collaboration products."

120
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134
USA

-Global Certification Team

CiscoSSL FIPS Object Module

Version 4.0
Cavium Octeon MIPS64 w/ Linux 2.6; Intel Xeon w/ FreeBSD 9.0 10/1/2013 Curves tested: P-256   P-384   P-521
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#120.

"The Cisco FIPS Object Module is a software library that provides cryptographic services to a vast array of Cisco''s networking and collaboration products."

119
Section 5.2, SSH
SP800-135
A10 Networks, Inc.
3 West Plumeria Drive
San Jose, CA 95134
USA

-John Chiong
TEL: +1 408 325-8668

A10 Networks SSH KDF FIPS Library

Version 1.0.0 (Firmware)
Intel Xeon E5-2690; Intel Xeon E3-1230; Intel Xeon E3-1270 10/1/2013 SSH (SHA 1 ) SHA Val#1480

"The AX Series Advanced Traffic Manager is designed to meet the growing demands of Web sites, carriers and enterprises. The AX offers intelligent Layer 4-7 application processing capabilities with industry-leading performance and scalability to meet critical business requirements at competitive prices."

10/25/13: Added new tested information;

118
Section 5.4, SNMP
SP800-135
A10 Networks, Inc.
3 West Plumeria Drive
San Jose, CA 95134
USA

-John Chiong
TEL: +1 408 325-8668

A10 Networks SNMP KDF FIPS Library

Version 1.0.0 (Firmware)
Intel Xeon E5-2690; Intel Xeon E3-1230; Intel Xeon E3-1270 10/1/2013 SNMP SHA1 Val#1480

"The AX Series Advanced Traffic Manager is designed to meet the growing demands of Web sites, carriers and enterprises. The AX offers intelligent Layer 4-7 application processing capabilities with industry-leading performance and scalability to meet critical business requirements at competitive prices."

10/25/13: Added new tested information;

117
Section 4.2,
TLS
SP800-135
A10 Networks, Inc.
3 West Plumeria Drive
San Jose, CA 95134
USA

-John Chiong
TEL: +1 408 325-8668

A10 Crypto Library

Version 1.0.0 (Firmware)
Intel Xeon E5-2690;Intel Xeon E3-1230; Intel Xeon E3-1270 10/1/2013 TLS( TLS1.0/1.1 ) SHA Val#1519 HMAC Val#1011

"The AX Series Advanced Traffic Manager is designed to meet the growing demands of Web sites, carriers and enterprises. The AX offers intelligent Layer 4-7 application processing capabilities with industry-leading performance and scalability to meet critical business requirements at competitive prices."

10/25/13: Added new tested information;

116
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
BlackBerry
295 Phillip Street
Waterloo, ON N2L3W8
Canada

-Security Certifications Team
TEL: 519-888-7465x72921
FAX: 905-507-4230

BlackBerry Cryptographic Algorithm Library

Version 6.1
Intel Xeon X5650 w/ CentOS 5.5 Linux 32-bit; Intel Xeon X5650 w/ CentOS 5.5 Linux 64-bit; Intel Xeon X5650 w/ Windows XP 32-bit; Intel Xeon X5650 w/ Windows XP 64-bit; ARMv7 w/ QNX Neutrino 8.0 9/30/2013 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#116.

"The BlackBerry Cryptographic Algorithm Library is a suite of cryptographic algorithms that provides advanced cryptographic functionality to systems running BlackBerry 10 OS and components of BlackBerry Enterprise Service 10."

115
Section 4.2,
TLS
SP800-135
Sony Corporation
1-7-1 Konan
Minato-ku, Tokyo 108-0075
Japan

-Hirotaka Kondo
TEL: +81 50 3140 9888
FAX: +81 50 3809 1422

Sony IMB TLSKDF Core-S

Version 1.0.0 (Firmware)
Renesas SH-4A w/ Linux kernel 2.6 9/27/2013 TLS( TLS1.0/1.1 ) SHA Val#1364 HMAC Val#902

"Sony IMB TLSKDF Core-S is the firmware module for digital cinema system."

114
Section 5.4, SNMP
SP800-135
Senetas Corporation Ltd. and SafeNet Inc.
Level 1, 11 Queens Road
Melbourne, Victoria 3004
Australia

-John Weston
TEL: +61 3 9868 4555
FAX: +61 3 9821 4899

-Chris Brych
TEL: +1 613 221 5081
FAX: +1 613 723 5079

CS Series Common Crypto Library

Version 0.98 (Firmware)
AMD Geode LX800; Intel Core 2 Duo LGA775 9/27/2013 SNMP SHA1 Val#2176

"The CS Series Common Crypto Library Module provides FIPS 140-2 approved cryptographic algorithms for the CS10 and CS100 Encryptors. Based upon OpenSSL the Library provides an Application Programming Interface (API) to support security relevant services. "

09/30/13: Updated vendor information;

113
Section 5.4, SNMP
SP800-135
Senetas Corporation Ltd. and SafeNet Inc.
Level 1, 11 Queens Road
Melbourne, Victoria 3004
Australia

-John Weston
TEL: +61 3 9868 4555
FAX: +61 3 9821 4899

-Chris Brych
TEL: +1 613 221 5081
FAX: +1 613 723 5079

CN6000 Series Common Crypto Library

Version 0.98 (Firmware)
Intel ATOM 9/27/2013 SNMP

"The CN6000 Series Common Crypto Library Module provides FIPS 140-2 approved cryptographic algorithms for CN6000 Series Encryptors. Based upon OpenSSL the Common Crypto Library provides an Application Programming Interface (API) to support security relevant services."

09/30/13: Updated vendor information;

112
Section 5.4, SNMP
SP800-135
Senetas Corporation Ltd. and SafeNet Inc.
Level 1, 11 Queens Road
Melbourne, Victoria 3004
Australia

-John Weston
TEL: +61 3 9868 4555
FAX: +61 3 9821 4899

-Chris Brych
TEL: +1 613 221 5081
FAX: +1 613 723 5079

CN1000 and CN3000 Series Common Crypto Library

Version 0.98 (Firmware)
Freescale MPC8280 9/27/2013 SNMP SHA1 Val#2178

"The CN1000 and CN3000 Series Common Crypto Library Module provides FIPS 140-2 approved cryptographic algorithms for the CN1000 and CN3000 Series Encryptors. Based upon OpenSSL the Library provides an Application Programming Interface (API) to support security relevant services. "

09/30/13: Updated vendor information;

111
All of SP800-56A EXCEPT KDF
SP800-56A
Entrust, Inc.
One Lincoln Centre
5400 LBJ Freeway
Suite 1340
Dallas, TX 75240
USA

-Greg Wetmore
TEL: 613-270-2773
FAX: 613-270-3400

-Mark Joynes
TEL: 613-270-3134
FAX: 613-270-3400

Entrust Authority™ Security Kernel

Version 8.1Sp1 R2
Intel Core 2 Duo E8400 w/ Microsoft Windows Server 2008 R2 Enterprise Edition 9/27/2013 ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: DPV KPG Full Validation )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 OnePassDH: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 StaticUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 ECDSA Val#454 SHS Val#2206 RNG Val#1244 DRBG Val#405
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#111.

"The Security Kernel is a C++ implementation of cryptographic functions accessible by an object-oriented API. Depending on configuration, the algorithms may be implemented in software, hardware or both. The industry standard Cryptoki API from PKCS #11, is used as the interface to hardware-based cryptographic modules."

110
Section 4.2,
TLS
SP800-135
IBM
z/VM Design and Development
1701 North Street
Building 250-2
Endicott, NY 13760
U.S.

-Brian W. Hugenbruch
TEL: 607-429-3660

IBM z/VM 6.3 System SSL

Version 6.3 plus APAR PM95516
Part # 5741-A08
System z10 Enterprise Class processor w/ IBM z/VM V6.3 9/27/2013 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#2203 HMAC Val#1624

"z/VM System SSL provides cryptographic functions which allows z/VM to protect data using the SSL/TLS protocols. z/VM System SSL also enables administrators to create and manage X.509 V3 certificates and keys within key database files."

109
Section 5.4, SNMP
SP800-135
Motorola Solutions, Inc.
6480 Via Del Oro
San Jose, CA 95119
USA

-Udayan Borkar
TEL: 408-528-2361
FAX: 408-528-2903

-Colin Cooper
TEL: 408-528-2871
FAX: 408-528-2903

net-snmp

Version 5.3.0.1 (Firmware)
RMI XLR V0.4 9/27/2013 SNMP SHA1 Val#2201

"net-snmp is a third party source package. Keys are derived as per SP 800-135, Section 5.4."

108
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
SP800-135
Motorola Solutions, Inc.
6480 Via Del Oro
San Jose, CA 95119
USA

-Udayan Borkar
TEL: 408-528-2361
FAX: 408-528-2903

-Colin Cooper
TEL: 408-528-2871
FAX: 408-528-2903

Strongswan

Version 4.5 (Firmware)
RMI XLR V0.4 9/27/2013 IKEv1( AUTH( DSA , PSK ) ) ( 1024 (SHA 1 ) ) SHA Val#2201 HMAC Val#1623
IKEv2( ( 1024 (SHA 1 ) ) SHA Val#2201 HMAC Val#1623

"Strongswan is a third party source package. Keys are derived as per SP 800-135, Section 4.1.1 and Section 4.1.2."

107
Section 5.2, SSH
SP800-135
Motorola Solutions, Inc.
6480 Via Del Oro
San Jose, CA 95119
USA

-Udayan Borkar
TEL: 408-528-2361
FAX: 408-528-2903

-Colin Cooper
TEL: 408-528-2871
FAX: 408-528-2903

OpenSSH

Version 4.7 (Firmware)
RMI XLR V0.4 9/27/2013 SSH (SHA 1 , 256 ) SHA Val#2201

"OpenSSH is a third party open source package. Keys are derived as per SP 800-135, Section 5.2."

106
Section 4.2,
TLS
SP800-135
Motorola Solutions, Inc.
6480 Via Del Oro
San Jose, CA 95119
USA

-Udayan Borkar
TEL: 408-528-2361
FAX: 408-528-2903

-Colin Cooper
TEL: 408-528-2871
FAX: 408-528-2903

OpenSSL

Version 1.2.3 (Firmware)
RMI XLR V0.4 9/27/2013 TLS( TLS1.0/1.1 ) SHA Val#2201 HMAC Val#1623

"OpenSSL is a third party open source package which provides cryptographic services to userspace daemons. Version is openssl-fips-1.2.3. Userspace daemons (like RADIUS, openssh) use openssl crypto services. fips_mode_set() is invoked from respective daemon initialization functions."

105
All of SP800-56A EXCEPT KDF
SP800-56A
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134
USA

-Global Certification Team

IOS Common Cryptographic Module (IC2M) within Cat4K

Version Rel 1 (1.0.0) (Firmware)
Freescale MPC8572E 9/11/2013 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: Full Validation   Partial Validation   Key Regeneration )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FC SHS Val#2200 DRBG Val#403 AES Val#2624
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: Partial Validation Key Regeneration )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 ECDSA Val#452 SHS Val#2200 DRBG Val#403

"IOS Common Cryptographic Module within cat4k"

104
Section 4.2,
TLS
SP800-135
AFORE Solutions Inc.
2680 Queensview Drive
Unit 150
Ottawa, ON K2B 8J9
Canada

-Tim Bramble
TEL: 613-224-5995 ext 232
FAX: 613-224-5410

-Hans Johnsen
TEL: 613-224-5995 ext 257
FAX: 613-224-5410

CloudLink Crypto Module

Version 1.0
Intel Xeon E5-2420 w/ Linux Ubuntu 12.04 with VMWare ESXi 5.1.0 8/30/2013 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#2146 HMAC Val#1566

"The CloudLink Cryptographic Module is a general purpose cryptographic library which provides cryptographic services for all CloudLink application modules."

02/21/14: Updated implementation information;

103
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
McAfee, Inc.
2821 Mission College Blvd.
Santa Clara, CA 95054
USA

-Mark Hanson
TEL: +1 651 628 1633
FAX: +1 651 628 2706

McAfee Linux OpenSSL

Version 1.01
Xeon w/ MLOS v2.2 running on VMware ESXi 4.1; Xeon w/ MLOS v2.2 running on VMware ESXi 5.0 8/30/2013 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#2105 HMAC Val#1529
SSH (SHA 1 , 224 , 256 , 384 , 512 ) SHA Val#2105
SNMP SHA1 Val#2105

"McAfee Linux cryptographic modules provide cryptographic services for McAfee Linux and security appliance products built upon this platform. McAfee Linux is an operating system built with a focus on the needs of security appliances."

102
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
McAfee, Inc.
2821 Mission College Blvd.
Santa Clara, CA 95054
USA

-Mark Hanson
TEL: +1 651 628 1633
FAX: +1 651 628 2706

McAfee Linux OpenSSL

Version 1.01 (Firmware)
Celeron; Intel Core i3; Xeon 8/30/2013 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#2104 HMAC Val#1528
SSH (SHA 1 , 224 , 256 , 384 , 512 ) SHA Val#2104
SNMP SHA1 Val#2104

"McAfee Linux cryptographic modules provide cryptographic services for McAfee Linux and security appliance products built upon this platform. McAfee Linux is an operating system built with a focus on the needs of security appliances."

101
Section 5.4, SNMP
SP800-135
SafeNet, Inc.
4690 Millennium Drive
Belcamp, MD 21017
USA

-Stan Mesceda
TEL: 443-327-1582

-Chris Brych
TEL: 613-221-5081
FAX: 613-723-5079

SxE Cryptographic Library

Version 4.3 (Firmware)
Motorola Freescale MPC8280 (PPC32) 8/30/2013 SNMP

"The SxE Cryptographic Library provides cryptographic algorithms for the SxE family of products. Based on OpenSSL, the SxE Cryptographic Library exposes an Application Programming Interface (API) to support software based security relevant services within SafeNet''''s SxE product line."

100
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Harris Corporation
1680 University Avenue
Rochester, NY 14610
USA

-Robert Magnant
TEL: 585-242-3785
FAX: 585-241-8459

-Elias Theodorou
TEL: 585-242-3785
FAX: 585-241-8459

RF-7800W OU47x, OU49x, OU50x

Version 2.00 (Firmware)
Broadcom XLS108 8/29/2013 TLS( TLS1.0/1.1 ) SHA Val#2190 HMAC Val#1614
SSH (SHA 1 , 256 ) SHA Val#2190
SNMP SHA1 Val#2190

"This is a firmware library that provides the cryptographic functions used on Harris'' industry leading reliable, secure and high performance Broadband Ethernet Radio (BER) products: RF-7800W-OU50x, -OU47x, -OU49x."

99
Section 5.2, SSH
SP800-135
Motorola Solutions, Inc.
6480 Via Del Oro
San Jose, CA 95119
USA

-Ashot Andreasyan
TEL: 408-826-3203
FAX: 408-528-2883

Open SSH

Version 4.5.1 (Firmware)
Free Scale MPC-7457; Free Scale MPC-8568E 8/16/2013 SSH (SHA 1 ) SHA Val#2057

"SSH Key Derivation function is used to derive IVs and keys for encryption algorithms in GGM8000 and s6000 transport gateways."

08/27/13: Updated implementation information;

98
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
United States Special Operations Command (USSOCOM)
7701 Tampa Point Boulevard
MacDill Air Force Base, Florida 33621-5323
USA

-William W. Burnham
TEL: (813) 826-2282

Suite B Cryptographic Algorithms

Version 1.0
Intel Xeon E5530; Qualcomm Snapdragon S2 MSM8655 8/16/2013 Curves tested: P-224   P-256   P-384   P-521
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#98.

"KEYW, in coordination with the United States Special Operations Command (USSOCOM), has developed a Suite B-compliant, standards based, AES/GCM-256 layer of encrypted communications between a BlackBerry Enterprise Server (BES) and a BlackBerry Mobile Set (MS) with Elliptic Curve (EC) key exchange used to negotiate symmetric keys."

07/25/14: Updated implementation information;

97
Section 4.2,
TLS
SP800-135
Chrisite Digital Systems Canada, Inc.
809 Wellington Street North
Kitchener, ON N2G4Y7
CANADA

-Kevin Draper
TEL: 519-741-3741
FAX: 519-744-3912

Christie IMB Cryptographic Implementation -SM

Version SM_LIBSSL:101.3.0-3697 (Firmware)
Xilinx Spartan 6 (XCSLX45) 8/16/2013 TLS( TLS1.0/1.1 ) SHA Val#1788 HMAC Val#1241

"Christie Integrated Media Block"

96
Section 4.2,
TLS
SP800-135
Neopost Technologies, S.A.
113 Rue Jean Marin Naudin
BAGNEUX, 92220
France

-Nathalie TORTELLIER
TEL: 33 01 45 36 30 72
FAX: 33 01 45 36 30 10

Neopost PSD

Version 2.1.1 (Firmware)
Part # 4150859LB
Toshiba TMPR3912AU 8/16/2013 TLS( TLS1.0/1.1 ) SHA Val#629 HMAC Val#300

"Neopost Postal Secure Device"

95
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134
USA

-Global Certification Team

CiscoSSL FIPS Object Module (Assembler)

Version 2.1
ARMv7 w/ Android 4.0; PowerPC, Freescale's PowerQUICC III Processor Family w/ Linux 2.6 7/22/2013 Curves tested: P-256   P-384   P-521
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#95.

"The Cisco FIPS Object Module is a software library that provides cryptographic services to a vast array of Cisco''s networking and collaboration products."

94
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
whiteCryption Corporation
920 Stewart Drive
Suite #100
Sunnyvale, CA 94085
USA

-Alex Bessonov
TEL: 408-616-1647

whiteCryption SKB - RsaSigning2048

Version 4.6.0
Nvidia Tegra 4 w/ Android 4.2 5/24/2013 RSASP1: (Mod2048: PKCS1.5 )

"whiteCryption Secure Key Box (SKB) is a C/C++ library that provides cryptographic algorithms. SKB''s unique white-box implementation is specifically designed to hide and protect cryptographic keys at all times. It allows safe deployment in insecure environments."

93
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Certicom Corp.
4701 Tahoe Blvd.
Building A
Missisauga, ON L4W 0B5
Canada

-Certicom Sales
TEL: 1-905-507-4220
FAX: 1-905-507-4230

-Ian Laidlaw
TEL: 1-289-261-4277
FAX: 1-905-507-4230

Security Builder® FIPS Core

Version 6.1
Intel x86 (Xeon X5650) w/ CentOS Linux 32-bit; Intel x64 (Xeon X5650) w/ CentOS Linux 64-bit; Intel x86 (Xeon X5650) w/ Windows XP 32-bit; Intel x64 (Xeon X5650) w/ Windows XP 64-bit; ARMv7 w/ QNX Neutrino 8.0 7/15/2013 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#93.

"Security Builder® FIPS Core provides application developers with cryptographic tools to easily integrate encryption, digital signatures and other security mechanisms into C-based apps for FIPS 140-2 and Suite B security. It can also be used with Certicom''s PKI, IPSec and SSL modules."

92
Section 4.2,
TLS
SP800-135
Neopost Technologies, S.A.
113 Rue Jean Marin Naudin
BAGNEUX, 92220
France

-Nathalie Tortellier
TEL: +33 01 45 36 30 72
FAX: +33 01 45 36 30 10

Neopost PSD

Version A0018320A (Firmware)
Part # A0014227B
NXP LPC 3220 32-bit ARM microcontroller 7/5/2013 TLS( TLS1.0/1.1 ) SHA Val#2162 HMAC Val#1538

"Neopost Postal Secure Device (PSD) for low to high range of franking machines"

91
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Juniper Networks
1194 N. Mathilda Ave.
Sunnyvale, CA 94089
USA

-Robert Smith
TEL: 408-933-6866

Juniper Networks Pulse Cryptographic Module

Version 1.0
Intel Pentium E2160 (x86) w/ IVE OS 1.1; Intel Xeon E5530 (x86) w/ IVE OS 1.1 on VMware ESX; Intel Xeon x5670 (x86) with AES-NI w/ IVE OS 1.1 on VMware ESXi; Intel Core i5-2430M (x86) 64-bit with AES-NI w/ Microsoft Windows 7; Intel Core i5-2430M (x86) 32-bit with AES-NI w/ Microsoft Windows 7; Intel Core i7-3615QM (x86) with AES-NI w/ OS X 10.8; Intel Xeon x5670 (x86) w/ IVE OS 1.1 on VMware ESXi; Intel Core i7-3615QM (x86) w/ OS X 10.8 7/5/2013 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#91.

"The Juniper Networks Pulse Cryptographic Module provides secure cryptographic services. It enables dynamic SSL VPN, NAC, mobile security, online meetings and collaboration, and application acceleration while removing the complexities of device type and security state, location, identity, and adherence to policies."

90
All of SP800-56A EXCEPT KDF
SP800-56A
Thales E-Security Ltd
Jupiter House
Station Road
Cambridge, CB5 8JJ
UK

-Thales Certification Team
TEL: +44 1223 723600
FAX: +44 1223 723601

-Thales Sales
TEL: 888 744 4976

nShield Algorithm Library

Version 2.51.10 (Firmware)
Panther-I 820x Series Die 6/28/2013 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC OneFlow: (KARole: Initiator / Responder ) FB FC Static: (KARole: Initiator / Responder ) FB FC DSA Val#777
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 OnePassDH: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 StaticUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 ECDSA Val#181 SHS Val#1844 DRBG Val#232
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#90.

"The nShield algorithm library provides cryptographic functionality for Thales''s nShield Hardware Security Modules"

89
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
BlackBerry
295 Phillip Street
Waterloo, ON N2L3W8
Canada

-Eric Jen
TEL: +1 561-289-0214

BlackBerry Algorithm Library for Secure Work Space

Version 1.0
Intel Xeon 3430 w/ Ubuntu 12.04; Intel Xeon 3430 w/ Ubuntu 12.04 on ESXi 5.1; AMD Opteron 275 w/ Ubuntu 12.04; AMD Opteron 275 w/ Ubuntu 12.04 on ESXi 5.1; ARMv7-based A5 processor w/ iOS 5.0; ARM v7s -- Apple A6 w/ iOS 6.0; ARMv7-based Qualcomm Snapdragon processor w/ Android v4.1 6/28/2013 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#89.

"The BlackBerry Algorithm Library for Secure Work Space provides a suite of cryptographic services utilized by the BlackBerry Cryptographic Library for the BlackBerry Secure Work Space (BBSWS). BBSWS provides the secure operation and management of iOS and Android devices when used in conjunction with BlackBerry® mobile device management solutions."

88
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
OpenPeak, Inc.
1750 Clint Moore Road
Boca Raton, FL 33487
USA

-Eric Jen
TEL: +1 561-893-7881

-Howard A. Kwon
TEL: +1 561 893 7930
FAX: +1 561 208 8026

OpenPeak Cryptographic Security Module

Version 1.0.1
Intel Xeon 3430 w/ Ubuntu 12.04; Intel Xeon 3430 w/ Ubuntu 12.04 on ESXi 5.1; AMD Opteron 275 w/ Ubuntu 12.04; AMD Opteron 275 w/ Ubuntu 12.04 on ESXi 5.1; ARM v7 -- Apple A5 w/ iOS 5.0; ARMv7-based A6 processor w/ iOS 6.0; IARMv7-based Qualcomm Snapdragon processor w/ Android v4.1 6/20/2013 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#88.

"The OpenPeak Cryptographic Security Library provides advanced cryptographic functionalities for the OpenPeak Cryptographic Security Module (OCSM). The OCSM provides a secure encrypted container for enterprise-managed applications, content and data to enable a highly secure mobile workspace."

87
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Ultra Electronics 3eTI
9715 Key West Avenue, Suite 500
Rockville, MD 20850
USA

-Chris Guo
TEL: 301-944-1294
FAX: 301-670-6779

-Harinder Sood
TEL: 301-944-1325
FAX: 301-670-6779

3eTI OpenSSL Algorithm Implementation

Version 1.0.1-a (Firmware)
MPC8378E 6/7/2013 Curves tested: P-256   P-384   P-521

"Algorithms listed are used to provide encryption and authentication services within 3eTI networking products."

86
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
SonicWALL, Inc.
2001 Logic Drive
San Jose, CA 95124
USA

-Usha Sanagala
TEL: 408-962-6248
FAX: 408-745-9300

SonicOS 5.9.0 for NSA and TZ Series

Version 5.9.0 (Firmware)
Cavium Octeon Plus CN50XX; Cavium Octeon Plus CN56XX; Cavium Octeon Plus CN58XX 5/31/2013 IKEv1( AUTH( DSA , PSK ) ) ( 1024 (SHA 256 , 384 , 512 ) ) ( 2048 (SHA 256 , 384 , 512 ) ) SHA Val#1765 HMAC Val#1219
IKEv2( ( 1024 (SHA 256 , 384 , 512 ) ) ( 2048 (SHA 256 , 384 , 512 ) ) SHA Val#1765 HMAC Val#1219
TLS( TLS1.0/1.1 ) SHA Val#1765 HMAC Val#1219
SSH (SHA 1 ) SHA Val#1765
SNMP SHA1 Val#1765

"SonicWALL® Next-Generation Firewalls deliver superior gateway protection, inspection for SSL encrypted sessions, granular application intelligence and control. With SonicWALL Firewalls, IT can visualize applications running across a network-- allocating bandwidth for what''s essential and limiting or blocking what''s not."

85
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
OpenSSL Software Foundation, Inc.
1829 Mount Ephraim Road
Adamstown, MD 27101
USA

-Steve Marquess
TEL: 877-673-6775

OpenSSL FIPS Object Module

Version 2.0.5
Freescale i.MX27 926ejs (ARMv5TEJ) w/ eCos 3; Freescale i.MX25 (ARMv4) w/ QNX 6.4; Apple A6X Soc (ARMv7s) w/ iOS 6.1; Intel Xeon E3-1220 w/ VMware Horizon Workspace 1.5 under vSphere; Intel Xeon E3-1220 w/ AES-NI w/ VMware Horizon Workspace 1.5 under vSphere; AM335x Cortex-A8 (ARMv7) w/ Ubuntu 13.04; ARM926 (ARMv5TEJ) w/ Linux 3.8; AM335x Cortex-A8 (ARMv7) with NEON w/ Ubuntu 13.04; Intel Xeon E5-2430L (x86) without AES-NI w/ Linux 3.4 64-bit under Citrix XenServer; Intel Xeon E5-2430L (x86) with AES-NI w/ Linux 3.4 64-bit under Citrix XenServer; Intel Xeon E5-2430L (x86) without AES-NI w/ Linux 3.4 64-bit on under VMware ESX; Intel Xeon E5-2430L (x86) with AES-NI w/ Linux 3.4 64-bit under VMware ESX; Intel Xeon E5-2430L (x86) without AES-NI w/ Linux 3.4 64-bit under Microsoft Hyper-V; Intel Xeon E5-2430L (x86) with AES-NI w/ Linux 3.4 64-bit under Microsoft Hyper-V; Apple A5 / ARM Cortex-A9 (ARMv7) without NEON w/ iOS 6.0; Apple A5 / ARM Cortex-A9 (ARMv7) with NEON w/ iOS 6.0; Intel Xeon E5-2430L (x86) with AES-NI w/ PexOS 1.0 on x86 under vSphere; Intel Xeon E5-2430L (x86) without AES-NI w/ PexOS 1.0 on x86 under vSphere 5/31/2013 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#85.

"The OpenSSL FIPS Object Module is a full featured general purpose cryptographic library that is distributed in source code form under an open source license. It can be downloaded from www.openssl.org/source/."

08/06/13: Updated implementation information;
08/13/13: Added new tested information;
10/25/13: Added new tested information;
11/14/13: Added new tested information;
11/29/13: Updated implementation information;

84
Signature Generation of hash sized messages
FIPS186-4 ECDSA
whiteCryption Corporation
920 Stewart Drive
Suite #100
Sunnyvale, CA 94085
USA

-Alex Bessonov
TEL: 408-616-1647

whiteCryption SKB - Ecdsa521Component

Version 4.6.0
Nvidia Tegra 4 w/ Android 4.2 5/31/2013 ECDSA SigGen Component: CURVES( P-384 P-521 )

"whiteCryption Secure Key Box (SKB) is a C/C++ library that provides cryptographic algorithms. SKB''s unique white-box implementation is specifically designed to hide and protect cryptographic keys at all times. It allows safe deployment in insecure environments."

83
Signature Generation of hash sized messages
FIPS186-4 ECDSA
whiteCryption Corporation
920 Stewart Drive
Suite #100
Sunnyvale, CA 94085
USA

-Alex Bessonov
TEL: 408-616-1647

whiteCryption SKB - Ecdsa256Component

Version 4.6.0
Nvidia Tegra 4 w/ Android 4.2 5/31/2013 ECDSA SigGen Component: CURVES( P-224 P-256 )
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#83.

"whiteCryption Secure Key Box (SKB) is a C/C++ library that provides cryptographic algorithms. SKB''s unique white-box implementation is specifically designed to hide and protect cryptographic keys at all times. It allows safe deployment in insecure environments."

82
Section 4.2,
TLS
SP800-135
Oracle America, Inc.
500 Oracle Parkway
Redwood City, CA 94065
United States

-Linda Gallops
TEL: 704-972-5018
FAX: 704-321-9273

T10000C TLS

Version 2.1 (Firmware)
ARM 962EJS 5/31/2013 TLS( )

"The Oracle StorageTek T10000C Tape Drive blends the highest capacity, performance, reliability, and data security to support demanding, 24/7 data center operations. It delivers the world’s fastest write speeds to a native 5 TB of magnetic tape storage; making it ideal for data center operations with growing data volume."

81
Section 5.2, SSH
SP800-135
Juniper Networks, Inc
1194 N. Mathilda Ave
Sunnyvale, CA 94089
USA

-Sharath Sridhar
TEL: +91 80 30538736
FAX: +91 80 30538824

OpenSSL

Version Junos 12.1R6.6 (Firmware)
ARM v5, Marvell's Feroceon processor Family; PowerPC, Freescale's PowerQUICC III Processor Family 5/24/2013 SSH (SHA 1 , 256 , 384 , 512 ) SHA Val#2094

"Comprehensive, scalable switching solutions specifically designed to meet the needs of both enterprises and service providers. All of our switches - modular and fixed platforms - run on one common operating system- Junos."

80
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
whiteCryption Corporation
920 Stewart Drive
Suite #100
Sunnyvale, CA 94085
USA

-Alex Bessonov
TEL: 408-616-1647

whiteCryption SKB - Ecdh521

Version 4.6.0
Nvidia Tegra 4 w/ Android 4.2 5/24/2013 Curves tested: P-384   P-521

"whiteCryption Secure Key Box (SKB) is a C/C++ library that provides cryptographic algorithms. SKB''s unique white-box implementation is specifically designed to hide and protect cryptographic keys at all times. It allows safe deployment in insecure environments."

79
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
whiteCryption Corporation
920 Stewart Drive
Suite #100
Sunnyvale, CA 94085
USA

-Alex Bessonov
TEL: 408-616-1647

whiteCryption SKB - Ecdh256

Version 4.6.0
Nvidia Tegra 4 w/ Android 4.2 5/24/2013 Curves tested: P-224   P-256
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#79.

"whiteCryption Secure Key Box (SKB) is a C/C++ library that provides cryptographic algorithms. SKB''s unique white-box implementation is specifically designed to hide and protect cryptographic keys at all times. It allows safe deployment in insecure environments."

78
Section 4.2,
TLS
SP800-135
McAfee, Inc.
2821 Mission College Blvd.
Santa Clara, CA 95054
USA

-James Reardon
TEL: 651-628-5346

NSM - RSA BSAFE Crypto-J

Version 6.1.0.0.2
Intel Core 2 Quad (Intel 64 instruction set) w/ Microsoft Windows Server 2008 R2 5/24/2013 TLS( TLS1.0/1.1 ) SHA Val#2083 HMAC Val#1513

"McAfee Network Security Manager (NSM) is the management console for McAfee Network Security Platform IPS. The NSM gives admins control and real-time data, so that they can manage, configure, and monitor NSP. The NSM Application Crypto Module provides cryptographic services for the Network Security Manager application."

77
Section 4.2,
TLS
SP800-135
McAfee, Inc.
2821 Mission College Blvd.
Santa Clara, CA 95054
USA

-James Reardon
TEL: 651-628-5346

NSM OpenSSL

Version 1.6
Intel Core 2 Quad (Intel 64 instruction set) w/ Microsoft Windows Server 2008 R2 5/24/2013 TLS( TLS1.0/1.1 ) SHA Val#2082 HMAC Val#1512

"McAfee Network Security Manager (NSM) is the management console for McAfee Network Security Platform IPS. The NSM gives admins control and real-time data, so that they can manage, configure, and monitor NSP. The NSM Secure UI Crypto Module provides cryptography for serving the NSM console through a TLS session."

76
Section 4.2,
TLS
SP800-135
Axway Inc.
2600 Bridge Parkway Suite 201
Redwood City, California 94065
USA

-Prabhakar Mangam
TEL: 650-801-3157
FAX: 650-801-3101

-Anubhav Soni
TEL: 650-801-3217
FAX: 650-801-3101

Axway Security Kernel

Version 3.0
Intel Xeon E5-2620 w/ Microsoft Windows 2012 64bit; Intel Xeon E5-2620 w/ RHEL 6.3 64bit; Sun UltraSparc T1 w/ Solaris 10 64bit; 5/24/2013 TLS( TLS1.0/1.1 ) SHA Val#2080 HMAC Val#1510

"Axway Validation Authority Suite - a collection of products that provide flexible and robust OCSP/SCVP certificate validation solution for standard and custom desktop and server applications, supporting established security standards and technologies. These products may be used together or integrated with existing solutions."

75
Section 4.1.1,
IKEv1
Section 4.2,
TLS
SP800-135
Juniper Networks, Inc
1194 N. Mathilda Ave
Sunnyvale, CA 94089
USA

-Sharath Sridhar
TEL: +91 80 30538736
FAX: +91 80 30538824

SSH_IPSEC

Version Junos 12.1R6.6 (Firmware)
PowerPC, Freescale's PowerQUICC III Processor Family; ARM v5, Marvell's Feroceon processor Family 5/24/2013 IKEv1( AUTH( DSA , PKE , PSK ) ) ( 1024 (SHA 1 , 256 ) ) ( 2048 (SHA 256 ) ) SHA Val#2077 HMAC Val#1505
TLS( ) SHA Val#2077 HMAC Val#1505

"Comprehensive, scalable switching solutions specifically designed to meet the needs of both enterprises and service providers. All of our switches - modular and fixed platforms - run on one common operating system- Junos."

06/10/13: Updated implementation information;

74
Section 4.1.1,
IKEv1
SP800-135
Juniper Networks, Inc
1194 N. Mathilda Ave
Sunnyvale, CA 94089
USA

-Sharath Sridhar
TEL: +91 80 30538736
FAX: +91 80 30538824

QuickSec

Version Junos 12.1R6.6 (Firmware)
PowerPC, Freescale's PowerQUICC III Processor Family; ARM v5, Marvell's Feroceon processor Family 5/24/2013 IKEv1( AUTH( DSA , PKE , PSK ) ) ( 1024 (SHA 1 , 256 ) ) ( 2048 (SHA 256 ) ) SHA Val#2076 HMAC Val#1504

"Comprehensive, scalable switching solutions specifically designed to meet the needs of both enterprises and service providers. All of our switches - modular and fixed platforms - run on one common operating system- Junos."

06/10/13: Updated implementation information;

73
Section 4.2,
TLS
SP800-135
Aviat Networks
5200 Great America Parkway
Santa Clara, California 95054
USA

-Ruth French
TEL: +44 1698 717200

Secure Management

Version 7.7 (Firmware)
Motorola MPC866 5/10/2013 TLS( TLS1.0/1.1 ) SHA Val#2075 HMAC Val#1503

"Eclipse Intelligent Node Unit (INUe). The module provides data security by encrypting the payload traffic on the microwave link between up to three radios. It also provides the Strong Encryption Suite for secure module management and uses AES encryption to secure SNMP v3 management traffic."

72
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Samsung Electronics Co., Ltd
R4 416, Maetan 3-dong, Yeongtong-gu
Suwon-si, Gyeonggi-do 443-742
Korea

-Kyung-Hee Lee
TEL: +82-10-9397-1589

Samsung OpenSSL Cryptographic Module

Version SecOpenSSL2.0.3
ARMv7 w/ Android Jelly Bean 4.2 5/10/2013 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#72.

"General purpose cryptographic services available for Android used by Samsung devices to provide secure cryptography. Salt length 0, 1 and 2 has been tested for RSASSA-PSS."

01/16/14: Updated implementation information;

71
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
OpenSSL Software Foundation, Inc.
1829 Mount Ephraim Road
Adamstown, MD 27101
USA

-Steve Marquess
TEL: 877-673-6775

OpenSSL FIPS Object Module

Version 2.0.4
MIPS 24Kc w/ OpenWRT 2.6 4/30/2013 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#71.

"The OpenSSL FIPS Object Module is a full featured general purpose cryptographic library that is distributed in source code form under an open source license. It can be downloaded from www.openssl.org/source/."

70
Section 4.1.1,
IKEv1
SP800-135
Lexmark International, Inc.
740 West New Circle Road
Lexington, KY 40550
USA

-Graydon Dodson
TEL: (859) 232-6483

Crypto Module (user)

Version 2.10
Marvell 88PA6170C1 (ARMv7 dual core) w/ Lexmark Linux v3.0.0 4/23/2013 IKEv1( ( 1024 (SHA 256 , 512 ) ) ( 2048 (SHA 256 , 512 ) ) SHA Val#2049 HMAC Val#1479

"The Crypto Module (user/kernel) provides cryptographic services to the firmware in Lexmark products."

69
Section 5.4, SNMP
SP800-135
Motorola Solutions, Inc.
6480 Via Del Oro
San Jose, CA 95119
USA

-Udayan Borkar
TEL: 408-528-2361
FAX: 408-528-2903

-Colin Cooper
TEL: 408-528-2871
FAX: 408-528-2903

net-snmp

Version 5.3.0.1 (Firmware)
Cavium Octeon Plus CN5000 Family 4/12/2013 SNMP SHA1 Val#2048

"net-snmp"

68
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
SP800-135
Motorola Solutions, Inc.
6480 Via Del Oro
San Jose, CA 95119
USA

-Udayan Borkar
TEL: 408-528-2361
FAX: 408-528-2903

-Colin Cooper
TEL: 408-528-2871
FAX: 408-528-2903

Strongswan

Version 4.5 (Firmware)
Cavium Octeon Plus CN5000 Family 4/12/2013 IKEv1( AUTH( DSA , PSK ) ) ( 1024 (SHA 1 ) ) SHA Val#2048 HMAC Val#1478
IKEv2( ( 1024 (SHA 1 ) ) SHA Val#2048 HMAC Val#1478

"Strongswan"

67
Section 5.2, SSH
SP800-135
Motorola Solutions, Inc.
6480 Via Del Oro
San Jose, CA 95119
USA

-Udayan Borkar
TEL: 408-528-2361
FAX: 408-528-2903

-Colin Cooper
TEL: 408-528-2871
FAX: 408-528-2903

Openssh

Version 4.7 (Firmware)
Cavium Octeon Plus CN5000 Family 4/12/2013 SSH (SHA 1 , 256 ) SHA Val#2048

"Openssh"

66
Section 4.2,
TLS
SP800-135
Motorola Solutions, Inc.
6480 Via Del Oro
San Jose, CA 95119
USA

-Udayan Borkar
TEL: 408-528-2361
FAX: 408-528-2903

-Colin Cooper
TEL: 408-528-2871
FAX: 408-528-2903

OpenSSL

Version 1.2.3 (Firmware)
Cavium Octeon Plus CN5000 Family 4/12/2013 TLS( TLS1.0/1.1 ) SHA Val#2048 HMAC Val#1478

"OpenSSL is a third party open source code, which provides cryptographic services to user space daemons. The device uses openssl-fips-1.2.3 version. Wing5 userspace daemons (RADIUS, ntp, openssh, rim, net-snmp, mapsh, etc) using openssl crypto services call fips_mode_set() from their respective initialization functions."

65
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Riverbed Technology, Inc.
199 Fremont Street
San Francisco, CA 94105
USA

-Joe Tomasello
TEL: 415-344-5756

-Andy Pang
TEL: 415-247-7341

Riverbed Cryptographic Security Module

Version 1.0
Intel Xeon (x86-64) w/ RiOS 8.0 32-bit; Intel Xeon (x86-64) w/ RiOS 8.0 64-bit; Intel Xeon E3-1220v2 (x86_64) w/ RiOS 8.0 64-bit running on VMware ESXi 5.1; Intel Xeon E3-1220v2 (x86_64) w/ AES-NI w/ RiOS 8.0 64-bit running on VMware ESXi 5.1; Intel Xeon E3-1220v2 (x86_64) w/ Stingray OS 4.0 running on VMware ESXi 5.1; Intel Xeon E3-1220v2 (x86_64) w/ AES-NI w/ Stingray OS 4.0 running on VMware ESXi 5.1; Intel Xeon E31220 (x86_64) w/ AES-NI w/ RiOS 8.0 64-bit; AMD Opteron 4122 (x86_64) w/ Granite OS 2.0; Intel Xeon E31220 (x86_64) w/ Granite OS 2.0 on VMware ESXi 5.1; Intel Xeon E31220 (x86_64) w /AES-NI w/ Granite OS 2.0 on VMware ESXi 5.1; Intel Xeon E5620 w/ Whitewater OS 3.0; Intel Xeon E5620 with AES-NI w/ Whit; ewater OS 3.0; Intel Xeon E31220 (x86) w/ Whitewater OS 3.0 under VMware ESXi 5.1; Intel Xeon E31220 (x86) with AES-NI w/ Whitewater OS 3.0 under VMware ESXi 5.1; AMD Opteron 2376 w/ Interceptor OS 4.5 ;  Intel Xeon E31220 w/ RiOS 8.6 32-bit; Intel Xeon E31220 w/ RiOS 8.6 64-bit; Intel Xeon E5-2430L w/ RiOS 8.6 64-bit under VMware ESXi 5.1; Intel Xeon E5-2430L with AES-NI w/ RiOS 8.6 64-bit under VMware ESXi 5.1; Intel Xeon E31220 with AES-NI w/ RiOS 8.6 64-bit; Intel Xeon w/ Steelhead Mobile Controller 4.6; Intel Xeon with AES-NI w/ Steelhead Mobile Controller 4.6; Intel Xeon E5-2430L w/ Steelhead Mobile Controller 4.6 under VMware ESXi 5.1; Intel Xeon E5-2430L with AES-NI w/ Steelhead Mobile Controller 4.6 under VMware ESXi 5.1 4/12/2013 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"The Riverbed Cryptographic Security Module provides the cryptographic functionality for a variety of Riverbed''s platforms including Steelhead and Granite appliances. These network appliances deliver a scalable Wide Area Data Services (WDS) solution, transparently and securely optimizing performance across an enterprise network"

08/28/13: Added new tested information;
12/13/13: Added new tested information;
09/10/14: Added new tested information;
09/17/14: Added new tested information;

64
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Cummings Engineering Consultants, Inc.
145 S. 79th St., Suite 26
Chandler, AZ 85226
USA

-Darren Cummings
TEL: 480-809-6024

Cummings Engineering's Secure Mobility Suite B Crypto Module

Version 1.1
ARM Cortex A8 (ARMv7) w/ Apple iOS 5.0; Intel Core i7-3615QM w/ Apple OS X 10.7 4/5/2013 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#64.

"The cryptographic module used by the Cummings Engineering suite of products which allow for efficient and effective deployment of robust secure communications capability on commercial off the shelf (COTS) devices, such as Smartphones and Tablets, as well as speciality communications devices."

63
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
CoCo Communications
800 5th Ave
Seattle, WA 98104
USA

-David Weidenkopf
TEL: 206-812-5783

CoCo OpenSSL Algorithms for Intel x86

Version 2.1
x86 32bit w/ Vyatta 6.4 4/5/2013 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#63.

"The CoCo OpenSSL Crypto Module is an OpenSSL cryptographic library that provides cryptographic services to its calling applications."

03/31/14: Updated implementation information;

62
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
CoCo Communications
800 5th Ave
Seattle, WA 98104
USA

-David Weidenkopf
TEL: 206-812-5783

CoCo OpenSSL Algorithms for AMD Geode

Version 2.1
AMD Geode 32bit w/ Red Hat Enterprise Linux 6 4/5/2013 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#62.

"The CoCo OpenSSL Crypto Module is an OpenSSL cryptographic library that provides cryptographic services to its calling applications."

04/30/13: Updated implementation information;
03/31/14: Updated implementation information;

61
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Toshiba Corporation Social Infrastructure Systems Company
1, Komukai, Toshiba-cho, Saiwai-ku
Kawasaki, Kanagawa 212-8583
Japan

-Hiroki Fukuoka
TEL: +81-44-549-8323

TSBIC CryptoLib

Version 1.0.0
Intel Core i7 w/ Windows 7 Professional 32-bit 3/29/2013 Curves tested: P-224   P-256   P-384   P-521
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#61.

"TSBIC CryptoLib is a general-purpose library which ensures high security to the applications requiring standard cryptographic algorithms."

60
Section 4.2,
TLS
SP800-135
ChaseSun Information Security Technology Development (Bejing)., Ltd.
Building B, Shumazhuangyuan
No. 1 Disheng West Street, BDA
Beijing, 100176
P.R. China

-Peng Sun
TEL: +86 10 87129374
FAX: +86 10 87129374

DCI Audio/Video Decoder Card Crypto Library

Version 1.0 (Firmware)
Marvell 88AP303 3/29/2013 TLS( TLS1.0/1.1 ) SHA Val#1550 HMAC Val#1037

"DCI Audio/Video Decoder Card Crypto Library implements the cryptographic algorithms such as AES, HMAC, RSA, SHA and RNG. The Library provides cryptographic functionality to DCI Audio/Video Decoder Card."

59
Section 5.5, TPM
SP800-135
Nuvoton Technology Corporation
No. 4, Creation Rd. III
Hsinchu Science Park, n/a 300
Taiwan, R.O.C.

-Rachel Menda-Shabat
TEL: +972-9-9702000
FAX: +972-9-9702001

-Leonid Azriel
TEL: +972-9-9702000
FAX: +972-9-9702001

Nuvoton NPCT4xx/NPCT5xx TPM 1.2

Part # FD5C37
N/A 3/15/2013 TPM SHA1 Val#2028 HMAC_SHA1 Val#1460

"Nuvoton TPM (Trusted Platform Module), a TCG 1.2 compliant security processor with embedded firmware"

58
Section 5.2, SSH
SP800-135
McAfee, Inc.
2821 Mission College Blvd.
Santa Clara, CA 95054
USA

-Sakthi Subramanian
TEL: 408-346-3249
FAX: 408-346-3463

McAfee OpenSSH Library

Version 5.8 (Firmware)
RMI MIPSXLR w/ Linux/MIPS 3/15/2013 SSH (SHA 1 ) SHA Val#871

"The McAfee Network Security portfolio of purpose-built appliances delivers cost-effective, comprehensive and proactive network and system security with multi-gigabit performance for locations from branch offices to the network core."

57
Section 4.2,
TLS
SP800-135
McAfee, Inc.
2821 Mission College Blvd.
Santa Clara, CA 95054
USA

-Sakthi Subramanian
TEL: 408-346-3249
FAX: 408-346-3463

McAfee Crypto Library

Version 1.1.2.1 (Firmware)
RMI MIPSXLR w/ Linux/MIPS 3/15/2013 TLS( TLS1.0/1.1 ) SHA Val#871 HMAC Val#971

"The McAfee Network Security portfolio of purpose-built appliances delivers cost-effective, comprehensive and proactive network and system security with multi-gigabit performance for locations from branch offices to the network core."

56
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Samsung Electronics Co., Ltd
R4 416, Maetan 3-dong, Yeongtong-gu
Suwon-si, Gyeonggi-do 443-742
Korea

-Ross Choi
TEL: 972-761-7628

-Kyung-Hee Lee
TEL: +82-10-6640-8499

Samsung OpenSSL Cryptographic Module

Version SecOpenSSL2.0.3
ARMv7 w/ Android Jelly Bean 4.1 3/8/2013 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#56.

"General purpose cryptographic services available for Android used by Samsung devices to provide secure cryptography. Salt length 0, 1 and 2 has been tested for RSASSA-PSS."

01/16/14: Updated implementation information;

55
Section 4.2,
TLS
SP800-135
Accellion, Inc.
1804 Embarcadero Road
Suite 200
Palo Alto, Ca 94303
USA

-Prateek Jain
TEL: 65-62445670
FAX: 65-62445678

TLS Library

Version 1.0.1c
Dual Xeon QuadCore w/ Red Hat Enterprise Linux 5 2/26/2013 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 ) ) SHA Val#2003 HMAC Val#1457

"Accellion Cryptographic Module is a key component of Accellion''s secure collaboration solution that enables enterprises to securely share and transfer files. Extensive tracking and reporting tools allow compliance with SOX, HIPAA, FDA and GLB regulations while providing enterprise grade security and ease of use"

06/28/13: Updated implementation information;

54
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
GoldKey Security Corporation
26900 E. Pink Hill Rd
Independence, MO 64057
USA

-GoldKey Sales & Customer Service
TEL: (816) 220-3000

-Jon Thomas
TEL: 567-270-3830

GoldKey Cryptographic Algorithms

Version 7.13 (Firmware)
Arca2S 2/21/2013 Curves tested: P-256   P-384

"Cryptographic algorithm implementation for GoldKey Products"

03/18/13: Updated implementation information;
03/27/13: Updated implementation information;
10/25/13: Updated implementation information;
07/23/14: Updated implementation informaiton;

53
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
OpenSSL Software Foundation, Inc.
1829 Mount Ephraim Road
Adamstown, MD 27101
USA

-Steve Marquess
TEL: 877-673-6775

OpenSSL FIPS Object Module

Version 2.0.3
Freescale i.MX53xA (ARMv7) with NEON w/ Windows Embedded Compact 7; Freescale i.MX53xD (ARMv7) with NEON w/ Windows Embedded Compact 7; Qualcomm Snapdragon APQ8060 (ARMv7) with NEON w/ Android 4.0 2/19/2013 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#53.

"The OpenSSL FIPS Object Module is a full featured general purpose cryptographic library that is distributed in source code form under an open source license. It can be downloaded from www.openssl.org/source/."

02/21/13: Added new tested information;
02/26/13: Updated implementation information;
04/10/13: Added new tested information;
04/24/13: Updated implementation information;

52
Section 4.2,
TLS
SP800-135
Ultra Stereo Labs, Inc.
181 Bonetti Drive
San Luis Obispo, CA 93401-7397
USA

-Larry McCrigler
TEL: 805-549-0161
FAX: 805-549-0163

IMS1200 KDF

Version OpenSSL 0.9.8m (Firmware)
AMC PPC 460 GT 2/19/2013 TLS( TLS1.0/1.1 ) SHA Val#1320 HMAC Val#856

"IMS-1200"

51
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Kony, Inc.
7380 West Sand Lake Rd. #390
Orlando, FL 32819
USA

-Matthew Terry
TEL: 407-730-5669
FAX: 407-404-3738

Kony Cryptographic Library

Version 2.0
Qualcomm QSD 8250 (ARMv7) w/ Android 2.2; Qualcomm QSD 8250 (ARMv7) with NEON w/ Android 2.2; TI OMAP 3621 (ARMv7) w/ Android 3.0; TI OMAP 3621 (ARMv7) with NEON w/ Android 3.0; TI DM3730 (ARMv7) w/ Android 4.0; TI DM3730 (ARMv7) with NEON w/ Android 4.0; ARM Cortex-A8 (ARMv7) with NEON w/ Apple iOS 5.0; ARMv7 Cortex-A8 (ARMv7) with NEON w/ Apple iOS 6.0; ARM Cortex-A8 (ARMv7) without NEON w/ Apple iOS 5.0; ARM Cortex-A8 (ARMv7) without NEON w/ Apple iOS 6.0 2/19/2013 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#51.

"The Kony Cryptographic Library v2.0 is a full featured cryptographic module used in Kony mobile and multi-channel application platforms and the KonyOne Platform."

08/09/13: Added new tested information;
08/27/13: Updated implementation information;
08/30/13: Updated vendor information;

50
All of SP800-56A EXCEPT KDF
SP800-56A
Allegro Software Development Corporation
1740 Massachusetts Avenue
Boxborough, MA 01719
USA

-Larry LaCasse
TEL: +1 (978) 264-6600

Allegro Cryptographic Engine

Version 1.1
Intel Core 2 Duo w/ Windows 7 Ultimate (64-bit) 1/18/2013 FFC: SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC DSA Val#728 SHS Val#1997 DRBG Val#286
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 ECDSA Val#379 SHS Val#1997 DRBG Val#286
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#50.

"The Allegro Cryptographic Engine (ACE) is a cryptographic library module for embedded computing systems. ACE provides software implementations of algorithms for calculations of message digests, digital signature creation and verification, bulk encryption and decryption, key generation and key exchange"

49
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
OpenSSL Software Foundation, Inc.
1829 Mount Ephraim Road
Adamstown, MD 27101
USA

-Steve Marquess
TEL: 877-673-6775

OpenSSL FIPS Object Module

Version 2.0.2
TI DM3730 (ARMv7) w/ Android 4.1; TI DM3730 (ARMv7) with NEON w/ Android 4.1; Nvidia Tegra 3 (ARMv7) w/ Android 4.2; Nvidia Tegra 3 (ARMv7) with NEON w/ Android 4.2 1/18/2013 Curves tested: P-224   P-256   P-384   P-521
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#49.

"The OpenSSL FIPS Object Module is a full featured general purpose cryptographic library that is distributed in source code form under an open source license. It can be downloaded from www.openssl.org/source/."

02/06/13: Updated implementation information;

48
Section 5.2, SSH
SP800-135
Uplogix, Inc.
7600 B North Capital of Texas Highway
Suite 220
Austin, TX 78731
USA

-Martta Howard
TEL: 512-857-7043
FAX: 512-857-7002

Uplogix SSH Client

Version 1.4.3 (Firmware)
AMD Geode LX; Intel Celeron D; Intel Atom E6xx 12/21/2012 SSH (SHA 1 ) SHA Val#1976

"Uplogix Local Managers use an SSH client to connect to other Uplogix Local Managers or to copy files with SCP. See http://www.uplogix.com."

47
Section 5.2, SSH
SP800-135
Uplogix, Inc.
7600 B North Capital of Texas Highway
Suite 220
Austin, TX 78731
USA

-Martta Howard
TEL: 512-857-7043
FAX: 512-857-7002

Uplogix SSH Server

Version 1.4.3 (Firmware)
Intel Atom E6xx; AMD Geode LX; Intel Celeron D 12/21/2012 SSH (SHA 1 ) SHA Val#1976

"A user''s primary interaction with an Uplogix Local Manager is via its SSH commandline interface. See http://www.uplogix.com/."

46
Section 4.2,
TLS
SP800-135
Uplogix, Inc.
7600 B North Capital of Texas Highway
Suite 220
Austin, TX 78731
USA

-Martta Howard
TEL: 512-857-7043
FAX: 512-857-7002

NSS

Version 3.12.11 (Firmware)
AMD Geode LX; Intel Atom E6xx; Intel Celeron D 12/21/2012 TLS( TLS1.0/1.1 ) SHA Val#1976 HMAC Val#1409

"Uplogix Local Managers utilize Mozilla''s Network Security Services for general purpose cryptographic functionality. NSS provides the algorithms necessary to secure Uplogix'' SSH and TLS implementations. See http://www.uplogix.com"

45
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
SafeNet, Inc.
4690 Millennium Drive
Belcamp, MD 21017
USA

-Chris Brych
TEL: 613-221-5081
FAX: 613-723-5079

SafeNet Software Cryptographic Library

Version 1.0
Intel Xeon E3-1220v2 w/ AES-NI w/ Windows Server 2008R2 64-bit; Intel Xeon E3-1220v2 w/ Windows Server 2008 64-bit; Intel Core i5-2430M w/ AES-NI w/ Windows 7 64-bit; Intel Core i5-2430M w/ Windows 7 32-bit; Intel Xeon E3-1220v2 w/ AES-NI w/ NetBSD 4.1 32-bit on VMware ESX; ARMv7 w/ NEON w/ Android 4.0; Intel Xeon E3-1220v2 w/ AES-NI w/ RHEL 6.2 64-bit; Intel Xeon 3050 w/ CentOS 5.6 32-bit 12/7/2012 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#45.

"The SafeNet Software Cryptographic Library is SafeNet’s cryptographic service provider that provides extended high performance cryptographic services for SafeNet''s broad range of Data Protection products."

44
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
SafeLogic Inc
530 Lytton Ave, Ste 200
Palo Alto, CA 94301
USA

-SafeLogic Inside Sales

CryptoComply Server Engine

Version 2.1
Intel i7 w/ CentOS 6.3; Intel i7 w/ Mac OS X 10.8; Intel i7 w/ RHEL 6.3; Intel i7 w/ SUSE Linux Enterprise 11 SP2; Intel i7 w/ Windows 2008 R2; PowerPC P2020 w/ CentOS 6.3; 11/21/2012 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#44.

"CryptoComply | Server is a standards-based "Drop-in Compliance" solution for servers and appliances. The module features robust algorithm support, including Suite B algorithm compliance. CryptoComply offloads secure key management, data integrity, data at rest encryption, and secure communications to a trusted implementation."

01/16/14: Added new tested information;

43
All of SP800-56A EXCEPT KDF
SP800-56A
Allegro Software Development Corporation
1740 Massachusetts Avenue
Boxborough, MA 01719
USA

-Larry LaCasse
TEL: +1 (978) 264-6600

Allegro Cryptographic Engine

Version 1.1
Dell Optiplex 775, Intel Core 2 Duo w/ Windows 7 Ultimate 11/15/2012 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC DSA Val#708 SHS Val#1952 DRBG Val#279
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 ECDSA Val#367 SHS Val#1952 DRBG Val#179 AES Val#2271 AES Val#2271 HMAC Val#1390
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#43.

"The Allegro Cryptographic Engine (ACE) is a cryptographic library module for embedded computing systems. ACE provides software implementations of algorithms for calculations of message digests, digital signature creation and verification, bulk encryption and decryption, key generation and key exchange."

42
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Panzura, Inc.
22 Great Oaks Blvd #150
San Jose, CA 95119
USA

-Rich Weber
TEL: (408) 578-8888

Panzura Cryptographic Module

Version 4.2
Intel Xeon E5620 (x86) with AES-NI w/ Panzura Cloud Controller 8.0; Intel Xeon E5620 (x86) with AES-NI w/ Panzura Cloud Controller 8.0 on VMware ESX; Intel Xeon E5620 (x86) w/ Panzura Cloud Controller 8.0 on VMware ESX 11/15/2012 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#42.

"The Panzura Cyrptographic Module provides validated cryptographic services for multiple Panzura products."

41
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Gemalto
Avenue du Jujubier
Z.I Athelia IV
La Ciotat, 13705
France

-Florence Defrance
TEL: +33 442366734
FAX: +33 442365792

-Arnaud Lotigier
TEL: +33 442366074
FAX: +33 442365545

IDCore 30 Cryptographic Library

Version 1.6 (Firmware)
Part # IFX SLE78 (M7892 & M7820) chip family
Infineon SLE78 (M7892 & M7820) chip family. 10/23/2012 Curves tested: P-224   P-256   P-384   P-521
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#41.

"The IDCore 30 Cryptographic Library v1.6 operates on the Infineon SLE78 (M7892 & M7820) chip family, targeting Javacard 2.2.2, GP 2.1.1 & GP 2.2 Amdt D compliant modules. The library implements TDEA, AES, AES-CMAC, SHA1-224-256-384-512, RSA, RSA CRT, ECDSA, ECC CDH and ANSI X9.31 RNG algorithms."

10/31/12: Updated implementation information;

40
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134
USA

-Global Certification Team

CiscoSSL FIPS Object Module

Version 2.0
Intel Core i5-650 with AES-NI (x64) w/ Microsoft Windows 7; Intel Core i5-2520M with AES-NI (x64) w/ Mac OS X 10.7; Intel Xeon E5504 (x64) w/ FreeBSD 9.0; Intel Xeon E5649 with AES-NI (x64) w/ Linux 2.6; Cavium CN5230 (MIPS) (x64) w/ Linux 2.6; Snapdragon S3 APQ8060 (ARM) w/ Android 4.0; Freescale 8548 (PowerPC) w/ Linux 2.6; Apple A5X (ARM) w/ Apple iOS 5.1; ARMv7 w/ Android 4.0; PowerPC, Freescale's PowerQUICC III Processor Family w/ Linux 2.6 10/17/2012 Curves tested: P-256   P-384   P-521
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#40.

"The Cisco FIPS Object Module is a software library that provides cryptographic services to a vast array of Cisco's networking and collaboration products."

07/03/13: Added new tested information;

39
Section 4.2,
TLS
SP800-135
RSA, the Security Division of EMC
Level 11, 345 Queen Street
Brisbane, Queensland 4000
Australia

-Stefan Pingel
TEL: +61-730325211
FAX: +61-730325299

-Peter Robinson
TEL: +61-730325253
FAX: +61-730325299

RSA BSAFE® Crypto-J JSAFE and JCE Software Module

Version 6.1 and 6.1.1.0.1
AMD Athlon 64 X2 Dual-Core Processor 3800+ w/ Microsoft Windows 7 (64-bit) with Sun JRE 7.0; Intel T7300 Core 2 Duo w/ Android 2.2 ARM (32-bit) JRE 6.0 10/17/2012 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#1938 HMAC Val#1378

"RSA BSAFE Crypto-J security software is designed to help protect sensitive data as it is stored using strong encryption techniques to provide a persistent level of protection. It supports a wide range of industry standard encryption algorithms offering Java developers the flexibility to choose the option most appropriate to meet their requirements."

11/22/13: Updated implementation information;
07/10/14: Updated implementation information;

38
Section 5.7.1.2: ECC CDH Primitive

All of SP800-56A EXCEPT KDF
SP800-56A

SP800-56A
Stonesoft Corporation
Itälahdenkatu 22A
Helsinki, FI-00210
Finland

-Klaus Majewski
TEL: +358-9-476711

-Jorma Levomäki
TEL: +358-9-476711

Stonesoft Cryptographic Library

Version 1.1
Intel X3450 w/ GNU / Linux (Debian) 6.0 10/5/2012 Curves tested: P-224   P-256   P-384   P-521
FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: Full Validation )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC DSA Val#695 SHS Val#1930 DRBG Val#267
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 ECDSA Val#350 SHS Val#1930 DRBG Val#267
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#38.

"Stonesoft Cryptographic Library is a software module that provides cryptographic services for Stonesoft network security products."

09/25/13: Updated implementation information;

37
Section 5.7.1.2: ECC CDH Primitive

All of SP800-56A EXCEPT KDF
SP800-56A

SP800-56A
Stonesoft Corporation
Itälahdenkatu 22A
Helsinki, FI-00210
Finland

-Klaus Majewski
TEL: +358-9-476711

-Jorma Levomäki
TEL: +358-9-476711

Stonesoft Cryptographic Library

Version 1.1
Intel Atom 425 w/ GNU / Linux (Debian) 6.0 10/5/2012 Curves tested: P-224   P-256   P-384   P-521
FFC: SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC DSA Val#694 SHS Val#1929 DRBG Val#266
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 ECDSA Val#349 SHS Val#1929 DRBG Val#266
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#37.

"Stonesoft Cryptographic Library is a software module that provides cryptographic services for Stonesoft network security products."

09/20/13: Updated implementation information;

36
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
OpenSSL Software Foundation, Inc.
1829 Mount Ephraim Road
Adamstown, MD 27101
USA

-Steve Marquess
TEL: 877-673-6775

OpenSSL FIPS Object Module

Version 2.0.2
PowerPC-e500 w/ NetBSD 5.1; Intel Xeon 5500 (x86-64) w/ NetBSD 5.1; Intel Xeon E3-1220v2 (x86) w/ RHEL 6 32-bit under vSphere; Intel Xeon E3-1220v2 (x86) w/ Windows 2008 32-bit under vSphere; Intel Xeon E3-1220v2 (x86) w/ RHEL 6 64-bit under vSphere; Intel Xeon E3-1220v2 (x86) w/ Windows 2008 64-bit under vSphere; Intel Core i5-2430M (x86) w/ Windows 7 64-bit with AES-NI; ARM Cortex A8 (ARMv7) with NEON w/ Apple iOS 5.0; Qualcomm MSM8X60 (ARMv7) with NEON w/ VMware Horizon Mobile 1.3 under VMware; Intel Core i7-3615QM w/ Apple OS X 10.7 10/5/2012 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-571
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#36.

"The OpenSSL FIPS Object Module is a full featured general purpose cryptographic library that is distributed in source code form under an open source license. It can be downloaded from www.openssl.org/source/."

12/31/12: Added new tested information;
02/21/13: Added new tested information;
03/11/13: Updated implementation information;

35
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
McAfee, Inc.
2821 Mission College Blvd.
Santa Clara, CA 95054
USA

-Andy Nissen
TEL: 651-628-5385
FAX: 651-628-2706

-James Reardon
TEL: 651-628-5346
FAX: 651-628-2706

McAfee SIEM 64-bit Cryptographic Engine

Version 1.0
VMware ESXi 5.0 on Intel Xeon w/ Nitro OS 9.1 10/5/2012 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#35.

"The McAfee SIEM 64-bit Cryptographic Engine v1.0 provides the necessary services to support the cryptographic features and functions of McAfee''s line of SIEM products including Nitro IPS."

34
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
McAfee, Inc.
2821 Mission College Blvd.
Santa Clara, CA 95054
USA

-Andy Nissen
TEL: 651-628-5385
FAX: 651-628-2706

-James Reardon
TEL: 651-628-5346
FAX: 651-628-2706

McAfee SIEM 64-bit Cryptographic Engine

Version 1.0
Intel Xeon w/ Nitro OS 9.1 10/5/2012 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#34.

"The McAfee SIEM 64-bit Cryptographic Engine v1.0 provides the necessary services to support the cryptographic features and functions of McAfee''s line of SIEM products including Nitro IPS."

33
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
McAfee, Inc.
2821 Mission College Blvd.
Santa Clara, CA 95054
USA

-Andy Nissen
TEL: 651-628-5385
FAX: 651-628-2706

-James Reardon
TEL: 651-628-5346
FAX: 651-628-2706

McAfee SIEM 32-bit Cryptographic Engine

Version 1.0
Intel Xeon w/ Nitro OS 9.1 10/5/2012 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#33.

"The McAfee SIEM 32-bit Cryptographic Engine v1.0 provides the necessary services to support the cryptographic features and functions of McAfee''s line of SIEM products including Nitro IPS."

32
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
McAfee, Inc.
2821 Mission College Blvd.
Santa Clara, CA 95054
USA

-Andy Nissen
TEL: 651-628-5385
FAX: 651-628-2706

-James Reardon
TEL: 651-628-5346
FAX: 651-628-2706

McAfee SIEM 32-bit Cryptographic Engine

Version 1.0
VMware ESXi 5.0 on Intel Xeon w/ Nitro OS 9.1 10/5/2012 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#32.

"The McAfee SIEM 32-bit Cryptographic Engine v1.0 provides the necessary services to support the cryptographic features and functions of McAfee''s line of SIEM products including Nitro IPS."

31
Section 4.2,
TLS
SP800-135
Hewlett-Packard
Longdown Avenue
Stoke Gifford, Bristol BS34 8QZ
United Kingdom

-Laura Loredo
TEL: +44 117 312 9341

OpenSSL

Version OpenSSL 1.0.1c/FIPS 2.0/CN22745 (Firmware)
ARM966E 8/27/2012 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#1898 HMAC Val#1342

"The Hewlett Packard LTO-6 Tape Drive is a multi-chip standalone module composed of hardware and firmware components, providing cryptographic services to a host."

09/07/12: Updated implementation information;

30
All of SP800-56A EXCEPT KDF
SP800-56A
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134
USA

-Global Certification Team

IOS Common Cryptographic Module (IC2M)

Version Rel 1 (Firmware)
PMC RM5261A MIPS 350MHz; Intel Woodcrest 2.13GHz; Power-PC 405 250MHz 7/30/2012 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG   Partial Validation   Key Regeneration )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FC SHS Val#1858 DRBG Val#237
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG Partial Validation Key Regeneration )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 ECDSA Val#322 SHS Val#1858 DRBG Val#237

"IOS Common Cryptographic Module (IC2M) firmaware version Rel 1 covers Rel 1(1.0.0), Rel 1(1.0.1) and Rel 1(1.0.2)"

12/07/12: Updated implementation information;
04/23/13: Updated implementation information;

29
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
SafeLogic Inc
530 Lytton Ave, Ste 200
Palo Alto, CA 94301
USA

-SafeLogic Inside Sales

CryptoComply Mobile Engine for iOS

Version 2.1
A5X w/ iOS 5.1; A5X w/ iOS 6; A5X w/ iOS 7 7/18/2012 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#29.

"CryptoComply | Mobile is a standards-based “Drop-in Compliance” solution for mobile devices. The module features robust algorithm support, including Suite B algorithm compliance. CryptoComply offloads functions for secure key management, data integrity, data at rest encryption, and secure communications."

10/31/12: Added new tested information;
11/14/12: Updated vendor information;
09/25/13: Added new tested information;

28
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
SafeLogic Inc
530 Lytton Ave, Ste 200
Palo Alto, CA 94301
USA

-SafeLogic Inside Sales

CryptoComply Mobile Engine for Android

Version 2.1
ARM Cortex-A9 w/ Android Version 4.0 7/18/2012 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#28.

"CryptoComply | Mobile is a standards-based “Drop-in Compliance” solution for mobile devices. The module features robust algorithm support, including Suite B algorithm compliance. CryptoComply offloads functions for secure key management, data integrity, data at rest encryption, and secure communications."

11/14/12: Updated vendor information;

27
All of SP800-56A EXCEPT KDF
SP800-56A
Thales E-Security Ltd
Jupiter House
Station Road
Cambridge, CB5 8JJ
UK

-Thales Certification Team
TEL: +44 1223 723600
FAX: +44 1223 723601

-Thales Sales
TEL: 888 744 4976

nShield Algorithm Library

Version 2.51.10 (Firmware)
Freescale PowerPC 7/13/2012 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC OneFlow: (KARole: Initiator / Responder ) FB FC Static: (KARole: Initiator / Responder ) FB FC DSA Val#664 SHS Val#1844 DRBG Val#232
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 OnePassDH: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 StaticUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 ECDSA Val#318 SHS Val#1844 DRBG Val#232
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#27.

"The nShield algorithm library provides cryptographic functionality for Thales''s nShield Hardware Security Modules"

12/17/12: Updated implementation information;

26
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
NXP Semiconductors
Mikronweg 1
Gratkorn, 8101
Austria

-Markus Moesenbacher
TEL: +43 3124 299 652
FAX: +43 3124 299 270

NXP ECC CDH Component

Version ECDH_CL_V2.7 (Firmware)
Part # NXP P5CD081 Family
NXP P5CD081 Family 7/13/2012 Curves tested: P-224   P-256
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#26.

"Single Chip Module with NXP Secure Smart Card Controller of P5CD081 Family and NXP Java Card and GP OS JCOP 2.4.2 R2. P5CD081 Family means: P5CD145V0A, P5CC145V0A, P5CN145V0A, P5CD128V0A, P5CC128V0A, P5CD081V1A, P5CC081V1A, P5CN081V1A, P5CD051V1A, P5CD041V1A, P5CD021V1A, P5CD016 V1A, P5CD145V0B, P5CC145V0B, P5CD081V1D."

25
Section 5.1,
ANS X9.63-2001
SP800-135
3S Group Incorporated
125 Church Street, N.E., Suite 204
Vienna, VA 22180
USA

-Satpal S. Sahni
TEL: 703-281-5015
FAX: 703-281-7816

3SGX

Version 1.0 (Firmware)
Cavium Octeon 7/5/2012 ANSX963_2001 (SHS 1 , 224 , 256 , 384 , 512 ) SHA Val#1784

"3SGX is a high performance PCIe cryptograhic module that provides complete cryptographic support to large numbers of users or applications simultaneously. 3SGX is the core of 3S Group''s hardare security appliances, ideal for enterprise key management, virtualization and cloud server solutions that demand high throughput."

24
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
OpenSSL Software Foundation, Inc.
1829 Mount Ephraim Road
Adamstown, MD 27101
USA

-Steve Marquess
TEL: 877-673-6775

OpenSSL FIPS Object Module

Version 2.0.1
ARMv7 w/ Apple iOS 5.1; ARMv5TEJ w/ Microsoft Windows CE 6.0 R2; ARMv7 w/ Microsoft Windows CE 5.0 6/29/2012 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#24.

"The OpenSSL FIPS Object Module is a full featured general purpose cryptographic library that is distributed in source code form under an open source license. It can be downloaded from www.openssl.org/source/."

23
All of SP800-56A EXCEPT KDF
SP800-56A
Hewlett-Packard Company
19091 Pruneridge Ave., MS 4441
Cupertino, CA 95014
USA

-Theresa Conejero
TEL: 408-447-2964
FAX: 408-447-5525

HP ESKM KAS

Version 5.0.0 (Firmware)
Intel Xeon E5-2640 6/25/2012 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FC DSA Val#653 SHS Val#1802 DRBG Val#207

"HP Enterprise Secure Key Manager (ESKM) provides key generation, retrieval, and management for encryption devices and solutions. ESKM is a hardened security appliance with secure access control, administration, and logging. ESKM supports high availability with automatic multi-site clustering, replication, and failover."

22
Section 4.2,
TLS

All of SP800-56A EXCEPT KDF
SP800-56A

SP800-135
Ultra Electronics 3eTI
9715 Key West Avenue, Suite 500
Rockville, MD 20850
USA

-Harinder Sood
TEL: 301-944-1325
FAX: 301-670-6989

-Chris Guo
TEL: 301-944-1294
FAX: 301-670-6989

3eTI OpenSSL Algorithm Implementation

Version 1.0.1-a (Firmware)
MPC8378E 6/20/2012 FFC: SCHEMES: Ephem: (KARole: Initiator / Responder ) FC DSA Val#653 SHS Val#1802 DRBG Val#207
TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) )

"Algorithms listed are used to provide encryption and authentication services within 3eTI networking products."

21
All of SP800-56A EXCEPT KDF
SP800-56A
AuthenTec Inc.
Boxtelseweg 26A
Vught, 5261 NE
The Netherlands

-Bob Oerlemans
TEL: +31 73 6581 900

SafeZone FIPS Cryptographic Module

Version 1.0.3
ARMv7 w/ Android 4.0; ARMv7 w/ Android 2.3; ARMv7 w/ Linux (kernel 2.6) 6/5/2012 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC Static: (KARole: Initiator / Responder ) FB FC DSA Val#648 SHS Val#1787 DRBG Val#203
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: Partial Validation )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 StaticUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 ECDSA Val#299 SHS Val#1787 DRBG Val#203
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#21.

"SafeZone FIPS Cryptographic Module is a FIPS 140-2 Security Level 1 validated software cryptographic module from AuthenTec Inc. The module is a toolkit which provides the most commonly needed cryptographic primitives for a large variety of applications, including but not limited to, primitives needed for DAR, DRM, TLS, and VPN on mobile devices."

20
Section 5.7.1.2: ECC CDH Primitive

All of SP800-56A EXCEPT KDF
SP800-56A

SP800-56A
Pitney Bowes, Inc.
37 Executive Drive
Danbury, CT 06810
USA

-Dave Riley
TEL: 203-796-3208

appKas

Version 02000007 (Firmware)
ARM 7 TDMI 4/9/2012 Curves tested: P-256
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG Partial Validation )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EC: P-256 ECDSA Val#286 SHS Val#1733 DRBG Val#181

"The Pitney Bowes Cygnus X-3 Hardware Security Module (HSM) employs strong cryptographic and physical security techniques for the protection of funds in Pitney Bowes Postage systems."

19
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Certicom Corp.
4701 Tahoe Blvd.
Building A
Missisauga, ON L4W 0B5
Canada

-Certicom Sales
TEL: 905-507-4220
FAX: 905-507-4230

-Kris Orr
TEL: 289-261-4104
FAX: 905-507-4230

Security Builder FIPS Core

Version 6.0.2
64-bit Intel Core i5-2300 w/ Red Hat Linux 5.6; 64-bit Intel Core i5-2300 w/ Windows 7 3/26/2012 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#19.

"Security Builder FIPS Core provides application developers with cryptographics tools to easily integrate encryption, digital signatures and other security mechanisms into C-based apps for FIPS 140-2 and Suite B security. It can also be used with Certicom''s PKI, IPSec SSL and DRM modules."

18
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Gemalto
Avenue du Jujubier
Z.I Athelia IV
La Ciotat, 13705
France

-Arnaud Lotigier
TEL: +33-4-42-36-60-74
FAX: +33-4-42-36-55-45

TOP V2

Version Version #11-M1005011+Softmask V04 (Firmware) (Firmware)
Infineon SLE66CLX1280PE 3/21/2012 Curves tested: P-224   P-256   P-384   P-521
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#18.

"This module is based on a Java Card platform (TOP DL V2) with 128K EEPROM memory available. The Cryptographic Module provides dual interfaces (i.e. contact and contact-less) where the same security level is achieved."

17
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Gemalto
Avenue du Jujubier
Z.I Athelia IV
La Ciotat, 13705
France

-Michael Bruyere
TEL: +33-4-42-36-61-65
FAX: +33-4-42-36-57-92

-Anthony Vella
TEL: +33-4-42-36-61-38
FAX: +33-4-42-36-52-36

MultiApp V2.1 Platform Cryptographic Library

Version 1.2 (Firmware)
Part # NXP P5Cx081 Family
NXP P5Cx081 Family 2/29/2012 Curves tested: P-224   P-256   P-384   P-521
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#17.

"MultiApp V2.1 is a highly secured smartcard platform conformant to the Javacard 2.2.2 and GP 2.1.1 standards, designed to operate on the NXP P5Cx081 family, inclusive of NXP P5CC081 and P5CC145 integrated circuits. Its cryptographic library implements TDEA, AES, SHA, RSA, RSA CRT, ECDSA, ECC CDH and RNG ANSX9.31 algorithms."

16
All of SP800-56A EXCEPT KDF
SP800-56A
Entrust, Inc.
One Lincoln Centre
5400 LBJ Freeway
Suite 1340
Dallas, TX 75240
USA

-Entrust Sales
TEL: 888-690-2424

Entrust Authority™ Java Toolkit

Version 8.0
Intel Core 2 Duo E8400 w/ Microsoft Windows Server 2008 R2 with Oracle J2RE 6; Intel Core 2 Duo E8400 w/ Microsoft Windows Server 2008 R2 with Oracle J2RE 7 2/21/2012 ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: DPV KPG Partial Validation )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 OnePassDH: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 StaticUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 ECDSA Val#277 SHS Val#1700 DRBG Val#170
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#16.

"The Java toolkit is an implementation of cryptographic functions accessible by an object-oriented API. Depending on configuration, the algorithms may be implemented in software, hardware, or both. The industry standard Cryptopki API from PKCS #11, is used as the interface to hardware-based cryptographic modules."

15
All of SP800-56A EXCEPT KDF
SP800-56A
Entrust, Inc.
One Lincoln Centre
5400 LBJ Freeway
Suite 1340
Dallas, TX 75240
USA

-Entrust Sales
TEL: 888-690-2424

Entrust Authority™ Security Kernel

Version 8.1sp1
Intel Core 2 Duo E8400 w/ Windows Server 2008 R2 Enterprise Edition 1/19/2012 ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: DPV KPG Partial Validation )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 OnePassDH: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 StaticUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 ECDSA Val#275 SHS Val#1689 RNG Val#1011 DRBG Val#167
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#15.

"The Security Kernel is a C++ implementation of cryptographic functions accessible by an object-oriented API. Depending on configuration, the algorithms may be implemented in software, hardware or both. The industry standard Cryptoki API from PKCS #11, is used as the interface to hardware-based cryptographic modules."

14
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Catbird Networks, Inc.
1800 Green Hills Road, Suite 113
Scotts Valley, CA 95066
USA

-Michael Berman
TEL: 831-440-8152

Catbird vSecurity Crypto Module v1.0

Version v1.0
Intel Core i5 with AES-NI w/ CentOS 6.0 1/19/2012 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#14.

"The cryptographic module used by Catbird''s comprehensive security and compliance solutions for virtualized data centers."

01/25/12: Updated implementation information;

13
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Cummings Engineering Consultants, Inc.
145 S. 79th St., Suite 26
Chandler, AZ 85226
USA

-Darren Cummings
TEL: 480-809-6024

Cummings Engineering's Secure Mobility Suite B Crypto Module v1.0

Version v1.0
TI OMAP 3 w/ Linux 3.0.4; Intel Pentium T4200 w/ Android 2.2; Qualcomm QSD 8250 w/ Android 2.2; Intel Pentium T4200 w/ Ubuntu 10.04; Intel Celeron (64 bit mode) w/ Microsoft Windows 7; Intel Core i5 (with AES-NI) w/ Android 2.2; Intel Core i5 (with AES-NI) (64 bit mode) w/ Microsoft Windows 7; Intel Core i5 (with AES-NI) w/ Fedora 14 1/26/2012 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#13.

"The cryptographic module used by the Cummings Engineering suite of products which allow for efficient and effective deployment of robust secure communications capability on commercial off the shelf (COTS) devices, such as Smartphones and Tablets, as well as speciality communications devices."

02/01/12: Added new tested information;

12
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
OpenSSL Software Foundation, Inc.
1829 Mount Ephraim Road
Adamstown, MD 27101
USA

-Steve Marquess
TEL: 877-673-6774
FAX: 301-874-4893

OpenSSL FIPS Object Module

Version 2.0
Intel Itanium 2 (64 bit mode) w/ HP-UX 11i; Intel Itanium 2 (32 bit mode) w/ HP-UX 11i; Freescale PowerPC32-e300 w/ Linux 2.6.33; TI OMAP 3530 (ARMv7) w/ Android 2.2; Intel Pentium (R) T4200 w/ Ubuntu 10.04; ARM Limited ARM922T (ARMv4) w/ uCLinux 0.9.29; Intel Core i5 with AES-NI (64 bit mode) w/ Fedora 14; Intel Core i5 with AES-NI (32 bit mode) w/ Ubuntu 10.04; Intel Celeron (32 bit mode) w/ Microsoft Windows 7; TI TNETV1050 w/ VxWorks 6.8; PowerPC e300c3 w/ Linux 2.6.27; Intel Pentium T4200 (64 bit mode) w/ Cascade Server 6.10; Intel Pentium T4200 (32 bit mode) w/ Cascade Server 6.10; Intel Pentium 4 (64 bit mode) w/ Microsoft Windows 7; TI AM3703CBP w/ Linux 2.6.32; Broadcom BCM11107 (ARMv6) w/ Linux 2.6; TI TMS320DM6446 (ARMv7) w/ Linux 2.6; Intel Xeon 5675 (x86) with AES-NI (32 bit mode) w/ Oracle Solaris 11; Intel Xeon 5675 (x86) (64 bit mode) w/ Oracle Solaris 11; Intel Pentium T4200 (x86) (32 bit mode) w/ Ubuntu 10.04; Intel Xeon 5675 (x86) (32 bit mode) w/ Oracle Solaris 11; Intel Xeon 5675 (x86) with AES-NI (64 bit mode) w/ Oracle Solaris 11; Intel Pentium T4200 (x86) (64 bit mode) w/ Ubuntu 10.04; SPARC-T3 (SPARCv9) (32 bit mode) w/ Oracle Solaris 10; SPARC-T3 (SPARCv9) (64 bit mode) w/ Oracle Solaris 10; Intel Xeon 5675 (x86) (64 bit mode) w/ Oracle Linux 5; Intel Xeon 5675 with AES-NI (64 bit mode) w/ Oracle Linux 5; Intel Xeon 5675 (64-bit mode) w/ Oracle Linux 6; Intel Xeon 5675 with AES-NI (64-bit mode) w/ Oracle Linux 6; SPARC-T3 (SPARCv9) (32-bit mode) w/ Oracle Solaris 11; SPARC-T3 (SPARCv9) (64-bit mode) w/ Oracle Solaris 11; Freescale PowerPC-e500 w/ Linux 2.6; TI C64x+ w/ DSP Media Framework 1.4 12/29/2011 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#12.

"The OpenSSL FIPS Object Module is a full featured general purpose cryptographic library that is distributed in source code form under an open source license. It can be downloaded from www.openssl.org/source/."

01/26/12: Added new tested information;
01/30/12: Added new tested information;
02/27/12: Added new tested information;
03/20/12: Added new tested information;
04/02/12: Updated implementation information;
04/24/12: Updated implementation information;
05/31/12: Added new tested information;
06/29/12: Updated implementation informaton;

11
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
SafeNet, Inc.
20 Colonnade Road
Suite 200
Ottawa, ON K2E 7M6
Canada

-Chris Brych
TEL: 613 221 5081
FAX: 613 723 5079

-Laurie Smith
TEL: 613 221 5026
FAX: 613 723 5079

Luna K5 Cryptographic Library

Version 4.8.7 (Firmware)
StrongARM II 80219 12/16/2011 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#11.

"The Luna K5 Cryptographic Library provides a broad suite of high-performance cryptographic operations. All cryptographic algorithms are implemented within the module''s firmware and associated co-processor."

10
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
OpenSSL Software Foundation, Inc.
1829 Mount Ephraim Road
Adamstown, MD 27101
USA

-Steve Marquess
TEL: 877-673-6775

OpenSSL FIPS Object Module

Version 2.0
ARMv7 (HTC Desire) w/ Android 2.2; Qualcomm QSD 8250 (Dell Streak; ARMv7) w/ Android 2.2; NVIDIA Tegra 250 T20 (Motorola Xoom, ARMv7) w/ Android 3.0; NVIDIA Tegra 250 T20 (ARMv7) w/ Android 4.0; TI OMAP 3 (ARMv7) with NEON w/ Android 4.0 11/29/2011 Curves tested: P-224   P-256   P-384   P-521
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#10.

"The OpenSSL FIPS Object Module is a full featured general purpose cryptographic library that is distributed in source code form under an open source license. It can be downloaded from www.openssl.org/source/."

12/14/11: Updated implementation information;
12/22/11: Added new tested information;
04/26/12: Added new tested information;
06/08/12: Updated implementation information;
07/02/12: Added new tested information;

9
All of SP800-56A EXCEPT KDF
SP800-56A
IBM Corporation
2455 South Road
Poughkeepsie, New York 12601-5400
USA

-William Penny
TEL: 1-845-435-3010

-Jim Sweeny
TEL: 1-845-435-7453

IBM z/OS(r) Cryptographic Services ICSF PKCS #11

Version OA36882
Part # 5694-A01
IBM zEnterprise 196 (z196) w/ IBM z/OS® V1.13 11/9/2011 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC OneFlow: (KARole: Initiator / Responder ) FB FC Static: (KARole: Initiator / Responder ) FB FC DSA Val#584 SHS Val#1641 DRBG Val#151
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: )
SCHEMES: OnePassDH: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 StaticUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 ECDSA Val#261 SHS Val#1641 DRBG Val#151
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#9.

"ICSF is a software element of z/OS that works with hardware cryptographic features and the Security Server (RACF) to provide secure, high-speed cryptographic services in the z/OS environment. ICSF, which runs as a started task, provides the application programming interfaces by which applications request the cryptographic services."

11/15/11: Update implementation information;
02/07/12: Updated implementation information;

8
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Athena Smartcard Inc.
20380 Town Center Lane, Suite 240
Cupertino, CA 95014
USA

-Ian Simmons
TEL: (408) 865-0112
FAX: (408) 865-0333

Athena OS755 KAS Component

Version S1.0 (Firmware)
Part # STMicroelectronics ST23
STMicroelectronics ST23 10/13/2011 Curves tested: P-224   P-256   P-384   P-521
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#8.

"Athena OS755 is a GlobalPlatform Java Card smart card operating system implementing AES, TDES, DRBG, SHA-1/SHA-2, RSA, SP 800-56A KAS (ECC CDH Primitive only) and ECDSA2."

7
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Certicom Corp.
4701 Tahoe Blvd.
Building A
Missisauga, ON L4W 0B5
Canada

-Certicom Sales
TEL: 905-507-4220
FAX: 905.507.4230

-Kris Orr
TEL: 289.261.4104
FAX: 905.507.4230

Security Builder FIPS Core

Version 6.0
64-bit Intel Core i5-2300 w/ RedHat Linux 5.6; 32-bit Intel Core i7 w/ RedHat Linux 5.6; 32-bit Intel Pentium III w/ QNX 6.5; ARM Cortex A9 MPCore w/ QNX 6.6; Intel Core 2 Duo w/ Mac OS X 10.5; 32-bit Intel Core i5-2300 w/ Windows 7 9/20/2011 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#7.

"Security Builder FIPS Core provides application developers with cryptographics tools to easily integrate encryption, digital signatures and other security mechanisms into C-based apps for FIPS 140-2 and Suite B security. It can also be used with Certicom''s PKI, IPSec SSL and DRM modules."

10/01/11: Update implementation information;
01/19/12: Added new tested information;

6
All of SP800-56A EXCEPT KDF
SP800-56A
Thales E-Security Ltd
Jupiter House
Station Road
Cambridge, CB5 8JJ
UK

-Marcus Streets
TEL: +44 1223 723600
FAX: +44 1223 723601

-Mark Wooding
TEL: +44 1223 723600
FAX: +44 1223 723601

MiniHSM Algorithm Library

Version 2.50.17 (Firmware)
Freescale DragonBall MXL 8/30/2011 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPV   KPG   Full Validation   Partial Validation )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC OneFlow: (KARole: Initiator / Responder ) FB FC Static: (KARole: Initiator / Responder ) FB FC DSA Val#553 SHS Val#1554 DRBG Val#120
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: DPV KPG Full Validation Partial Validation )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 EE: P-521 OnePassDH: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 StaticUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 ECDSA Val#238 SHS Val#1554 DRBG Val#120
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#6.

"The MiniHSM Algorithm Library provides cryptographic functionality for the MiniHSM series of Thales hardware security modules."

5
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
NXP Semiconductors
Mikronweg 1
Gratkorn, 8101
Austria

-Markus Moesenbacher
TEL: +43 3124 299 652
FAX: +43 3124 299 270

NXP ECC CDH Component

Version ECDH_CL_V2.7 (Firmware)
Part # NXP P5CD081 Family
NXP P5CD081 Family 8/18/2011 Curves tested: P-256

"Single Chip Module with NXP Secure Smart Card Controller of P5CD081 Family and NXP Java Card and GlobalPlatform OS JCOP 2.4.2 R0. P5CD081 Family comprises: P5CD145 V0A, P5CC145 V0A, P5CN145 V0A, P5CD128 V0A, P5CC128 V0A, P5CD081 V1A, P5CC081 V1A, P5CN081 V1A, P5CD051 V1A, P5CD041 V1A, P5CD021 V1A and P5CD016 V1A."

4
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Oberthur Technologies
4250 Pleasant Valley Rd.
Chantilly, VA 21051
USA

-Christophe Goyet
TEL: (703) 263-0100
FAX: (703) 263-0503

ECDH for ID-One Cosmo v7-a

Version 0801 (Firmware)
Part # BF
ID-One PIV (Type B) with op codes 071621 & 071891 6/22/2011 Curves tested: P-224   P-256   P-384

"This algorithm is implemented in the new ID-One Cosmo v7 smart card platform and used to provide ECDH Key Management services to the FIPS 201 validated ID-One PIV cards from Oberthur."

3
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Oberthur Technologies
4250 Pleasant Valley Rd.
Chantilly, VA 21051
USA

-Christophe Goyet
TEL: (703) 263-0100
FAX: (703) 263-0503

ECDH for ID-One Cosmo v7-n

Version FC10 (Firmware)
Part # B0
ID-One PIV (Type A) with op code 071964 6/22/2011 Curves tested: P-224   P-256   P-384

"This algorithm is implemented in the new ID-One Cosmo v7 smart card platform and used to provide ECDH Key Management services to the FIPS 201 validated ID-One PIV cards from Oberthur."

2
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Athena Smartcard Inc.
20380 Town Center Lane, Suite 240
Cupertino, CA 95014
USA

-Ian Simmons
TEL: (408) 865-0112
FAX: (408) 865-0333

Athena OS755 KAS Component

Version A1.0 (Firmware)
Part # Inside Secure AT90SC
Inside Secure AT90SC w/ OS755 6/16/2011 Curves tested: P-224   P-256   P-384   P-521
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#2.

"Athena OS755 is a GlobalPlatform Java Card smart card operating system implementing AES, TDES, DRBG, SHA-1/SHA-2, RSA, SP 800-56A KAS (ECC CDH Primitive only) and ECDSA2."

1
Section 5.7.1.2: ECC CDH Primitive

All of SP800-56A EXCEPT KDF
SP800-56A
Thales E-Security Ltd
Jupiter House
Station Road
Cambridge, CB5 8JJ
UK

-Marcus Streets
TEL: +44 1223 723600
FAX: +44 1223 723601

-Mark Wooding
TEL: +44 1223 723600
FAX: +44 1223 723601

nShield Algorithm Library

Version 2.50.16 (Firmware)
Motorola PowerPC 5/12/2011 Curves tested: P-224
FFC: (ASSURANCES < 5.5.2: #1 , #2 , #3 > < 5.6.2.1: #1 , #3 > < 5.6.2.2: #1 > < 5.6.2.3: #1 > < 5.6.3.1: #1 , #2 > ) SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC OneFlow: (KARole: Initiator / Responder ) FB FC Static: (KARole: Initiator / Responder ) FB FC DSA Val#487 SHS Val#1398 DRBG Val#72
ECC: ( ASSURANCES < 5.5.2: #1 , #2 , #3 > < 5.6.2.1: #1 , #3 > < 5.6.2.1: #1 > < 5.6.2.3: #1 #3 > )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 OnePassDH: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 StaticUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 ECDSA Val#192 SHS Val#1398 DRBG Val#72
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#1.

"The nShield algorithm library provides cryptographic functionality for Thales''s nShield Hardware Security Modules"


Need Assistance?

Computer Security Division
National Institute of Standards and Technology