Component Validation List

Last Update: 7/21/2016

NOTICE: The SP800-131A Revision 1 Transitions: Recommendation for Transitioning the Use of Cryptographic Algorithms and Key Lengths goes into effect January 1, 2014. Key lengths (modulus and curve sizes) providing less than 112 bits of security strength are no longer approved to generate digital signatures. Therefore, the modulus size 1024 and the curve sizes P-192, K-163 and B-163 have been removed. The SP800-131A document also disallows the use of SHA-1 with Digital Signature Generation beginning January 1, 2014. All of the non-compliant features of the Components validation have been moved to a Historical Components Validation List for reference.

A note and link to the Historical validation list have been added to validations containing non-compliant features that have been moved to the Historical Validation List. This note is displayed in red print. If a complete validation has become non-compliant, the complete validation entry is displayed in red to signify it is now non-compliant and therefore revoked.

Overview

This page provides technical information pertaining to the testing of individual components of FIPS approved and NIST recommended cryptographic algorithms. These components are validated as conforming to the specifications in the associated publication. The testing that is performed on the component is described in the associated validation system (VS) document. The testing is handled by NVLAP- accredited Cryptographic And Security Testing (CST) Laboratories.

The implementations below consist of software, firmware, hardware, and any combination thereof. The National Institute of Standards and Technology (NIST) has made every attempt to provide complete and accurate information about the components described in this document. However, due to the possibility of changes made within individual companies, NIST cannot guarantee that this document reflects the current status of each component. It is the responsibility of the vendor to notify NIST of any necessary changes to its entry in the following list.

In addition to a general description of each component implementation, this list mentions the features that were tested as conforming to the appropriate publication. These features are described in the specific legend for each individual component and are listed below for each validation. Select the legend below for detail on the testing of that component.

Legends for Description Field for the Following Component

This list is ordered in reverse numerical order, by validation number. Thus, the more recent validations are located closer to the top of the list. The column after the Validation Date column contains information indicating what modes and features for these modes has been successfully tested.

Validated Component Implementations

Validation
No.
Component
Validated
Associated
Publication
Vendor Implementation Operational Environment Val.
Date
Description/Notes
839
Signature Generation of hash sized messages
FIPS186-4 ECDSA
Legion of the Bouncy Castle Inc.
85 The Crescent
Ascot Vale, Victoria 3032
Australia

-David Hook
TEL: +61438170390

-Jon Eaves
TEL: +61417502969

Bouncy Castle FIPS .NET API

Version 1.0.1
Intel Core i7 (6th Gen) w/ Windows 10 Enterprise (64 bit); Intel Core i5 (5th Gen) w/ Windows 8.1 Professional 32 bit; Intel Core i5 (5th Gen) w/ Windows 7 SP1 32 bit 7/7/2016 ECDSA SigGen Component: CURVES( P-224 P-256 P-384 P-521 K-233 K-283 K-409 K-571 B-233 B-283 B-409 B-571 )

"The Bouncy Castle FIPS .NET API is a comprehensive suite of FIPS Approved algorithms implemented in pure C#. All key sizes and modes have been implemented to allow flexibility and efficiency, and additional algorithms, including some post-quantum ones, are available in non-approved operation as well."

838
RSADP Primitive
FIPS186-4 RSA; RSADP
Legion of the Bouncy Castle Inc.
85 The Crescent
Ascot Vale, Victoria 3032
Australia

-David Hook
TEL: +61438170390

-Jon Eaves
TEL: +61417502969

Bouncy Castle FIPS .NET API

Version 1.0.1
Intel Core i7 (6th Gen) w/ Windows 10 Enterprise (64 bit); Intel Core i5 (5th Gen) w/ Windows 8.1 Professional 32 bit; Intel Core i5 (5th Gen) w/ Windows 7 SP1 32 bit 7/7/2016 RSADP: (Mod2048)

"The Bouncy Castle FIPS .NET API is a comprehensive suite of FIPS Approved algorithms implemented in pure C#. All key sizes and modes have been implemented to allow flexibility and efficiency, and additional algorithms, including some post-quantum ones, are available in non-approved operation as well."

837
Section 4.2,
TLS
Section 5.1,
ANS X9.63-2001
SP800-135
Legion of the Bouncy Castle Inc.
85 The Crescent
Ascot Vale, Victoria 3032
Australia

-David Hook
TEL: +61438170390

-Jon Eaves
TEL: +61417502969

Bouncy Castle FIPS .NET API

Version 1.0.1
Intel Core i7 (6th Gen) w/ Windows 10 Enterprise (64 bit); Intel Core i5 (5th Gen) w/ Windows 8.1 Professional 32 bit; Intel Core i5 (5th Gen) w/ Windows 7 SP1 32 bit 7/7/2016 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#3312 HMAC Val#2618
ANSX963_2001 (SHS 224 , 256 , 384 , 512 ) SHA Val#3312

"The Bouncy Castle FIPS .NET API is a comprehensive suite of FIPS Approved algorithms implemented in pure C#. All key sizes and modes have been implemented to allow flexibility and efficiency, and additional algorithms, including some post-quantum ones, are available in non-approved operation as well."

836
RSADP Primitive
FIPS186-4 RSA; RSADP
Enova Technology Corporation
1st Floor, #11, Research & Development
2nd Road Science Park
Hsin-Chu, Taiwan 30076
Republic of China

-Butz Huang
TEL: 886-3-5772767#24
FAX: 886-3-5772770

-Chung-Yen Chiu
TEL: 886-3-5772767
FAX: 886-3-5772770

X-Wall MX+ RSADP Implementation

Part # X-Wall MX+ rev1.0
N/A 7/7/2016 RSADP: (Mod2048)

"The X-Wall MX+ is a SATA-to-SATA realtime single chip cryptographic module capable of encrypting entire disk (or SSD) with SATA Gen3 (6Gbps)/Gen2 (3 Gbps)/Gen1 (1.5Gbps) performance. It includes RSA2048 Key Generation/Signature/Verification, HASH-DRBG RNG, HMAC, CMAC, SHA256 and AES CBC/XTS/ECB symmetric ciphers."

835
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Nokia
600 March Rd.
Ottawa, Ontario k0A 2Z0
Canada

-Carl Rajsic
TEL: 1 613 784 6218

-Alfred Nothaft
TEL: 1 972 477 5087

Nokia 7x50 SR OS Cryptographic Library

Version 2.0 (Firmware)
Cavium Octeon 7/7/2016 TLS( TLS1.2 (SHA 256 ) ) SHA Val#3309 HMAC Val#2616
SSH (SHA 1 ) SHA Val#3309

"The Nokia 7x50 SR OS Cryptographic Library is used on the Nokia 7x50 Service Router products."

834
RSADP Primitive
FIPS186-4 RSA; RSADP
Gemalto
Avenue du Jujubier
Z.I Athelia IV
La Ciotat, 13705
France

-Frederic GARNIER
TEL: +33 442364368
FAX: +33 442366953

-Carlos Romero-liceras
TEL: +33 442365666
FAX: +33 442365545

Cryptographic library for TOP DL V2.1

Version FM Version 2.1 (Firmware)
Part # NXP P60
NXP SmartMX2 P60 chip family 7/7/2016 RSADP: (Mod2048)

"TOP DL V2.1 is a highly secured smartcard platform compliant with the Javacard 2.2.2, GP 2.1.1 & GP 2.2 Amdt D standards, designed to operate with the NXP P60xx chip. It supports: TDES, AES, AES-CMAC, SHA1-224-256-384-512, RSA, RSA CRT, ECDSA, ECC CDH, KDF SP800-108 & DRBG SP800-90A algorithms."

833
Signature Generation of hash sized messages
FIPS186-4 ECDSA
Chunghwa Telecom Co., Ltd. Telecommunication Laboratories
No.99, Dianyan Rd.
Yang-Mei, Taoyuan 326
Taiwan, ROC

-Yeou-Fuh Kuan
TEL: +886-3-424-4333
FAX: +886-3-424-4129

-Char-Shin Miou
TEL: +886-3-424-4381
FAX: +886-3-424-4129

HiKey Cryptographic Library

Version 3.7 (Firmware)
Renesas RS-4 series 6/21/2016 ECDSA SigGen Component: CURVES( P-224 P-256 P-384 )

"HiKey Cryptographic Library supports SHA-1, SHA-256, SHA-384, SHA-512, Hash-DRBG, 3DES-3Key-MAC, 3DES-3Key encrypt/decrypt, ECDSA(p-224/256/384), RSA 2048 encrypt/decrypt (including RSA-CRT), RSA signature generation /verification(including RSA-CRT) and APDU command/response encryption and MAC."

832
Signature Generation of hash sized messages
FIPS186-4 ECDSA
Information Security Corp
1011 Lake St. Suite 425
Oak Park, IL 60118
USA

-Jonathan Schulze-Hewett
TEL: 708-445-1704
FAX: 708-445-9705

-Michael Markowitz
TEL: 708-445-1704
FAX: 708-445-9705

ISC Cryptographic Development Kit (CDK)

Version 8.0
Intel Core i7 with AES-NI w/ CentOS 6.7 (64-bit); Intel Core i7 with AES-NI w/ Windows 10 (64-bit); AMD A8-3850 without AES-NI w/ Windows 10 (64-bit) 6/21/2016 ECDSA SigGen Component: CURVES( P-224 P-256 P-384 P-521 K-233 K-283 K-409 K-571 B-233 B-283 B-409 B-571 )

"The ISC Cryptographic Development Kit (CDK) is a software development toolkit providing a comprehensive set of cryptographic primitives for use in any application. It includes RSA, DSA/Diffie-Hellman and elliptic curve algorithms, as well as a wide range of symmetric ciphers and hash functions."

831
RSADP Primitive
FIPS186-4 RSA; RSADP
Information Security Corp
1011 Lake St. Suite 425
Oak Park, IL 60118
USA

-Jonathan Schulze-Hewett
TEL: 708-445-1704
FAX: 708-445-9705

-Michael Markowitz
TEL: 708-445-1704
FAX: 708-445-9705

ISC Cryptographic Development Kit (CDK)

Version 8.0
Intel Core i7 with AES-NI w/ CentOS 6.7 (64-bit); Intel Core i7 with AES-NI w/ Windows 10 (64-bit); AMD A8-3850 without AES-NI w/ Windows 10 (64-bit) 6/21/2016 RSADP: (Mod2048)

"The ISC Cryptographic Development Kit (CDK) is a software development toolkit providing a comprehensive set of cryptographic primitives for use in any application. It includes RSA, DSA/Diffie-Hellman and elliptic curve algorithms, as well as a wide range of symmetric ciphers and hash functions."

830
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
Section 4.2,
TLS
Section 5.2, SSH
Section 5.3, SRTP
Section 5.4, SNMP
SP800-135
Cisco Systems, Inc.
170 W. Tasman Drive
San Jose, CA 95134
USA

-Global Certification Team

IOS Common Cryptographic Module Virtual (IC2Mv) Algorithm Module

Version RelV 1.0
Intel Atom w/ IOS XE 3.16; Intel Xeon w/ IOS XE 3.16 6/21/2016 IKEv1( AUTH( DSA ) ) ( 2048 (SHA 1 , 256 ) ) SHA Val#3293 HMAC Val#2604
IKEv2( ( 2048 (SHA 1 , 256 ) ) SHA Val#3293 HMAC Val#2604
TLS( TLS1.0/1.1 ) SHA Val#3293 HMAC Val#2604
SSH (SHA 1 ) SHA Val#3293
SRTP (AES 128 , 192 , 256 ) AES Val#3989
SNMP SHA1 Val#3293

"IOS Common Crypto Module for Virtual use"

829
Section 5.5, TPM
SP800-135
ST Microelectronics (Protonworld)
Green Square Building B, Lambroekstraat 5
Diegem/Machelen, n/a B-1831
Belgium

-Olivier COLLART
TEL: +32 272 450 77
FAX: +32 272 451 43

-Xavier BOUSSIN
TEL: +33 223 470 695
FAX: +33 223 470 400

ST33TPHF2ESPI

Version 47.08 (Firmware)
SecureCore SC300 6/21/2016 TPM SHA1 Val#3306 HMAC_SHA1 Val#2614

"ST Microelectronics Trusted Platform Module is a hardware cryptographic module which implements advanced cryptographic algorithms, including symmetric and asymmetric cryptography, as well as key generation and random number generation as defined by the Trusted Computing Group (TCG) version 1.2 specification."

828
Section 4.2,
TLS
SP800-135
Seagate Technology, LLC.
1280 Disc Drive
Shakopee, Minnesota 55379
US

-David R Kaiser, PMP
TEL: 952-402-2356
FAX: 952-402-1273

800-135 KDF in Firmware

Version 2.0 (Firmware)
ARM Cortex-R Family 6/21/2016 TLS( TLS1.2 (SHA 256 , 384 ) ) SHA Val#3304 HMAC Val#2613

"800-135 KDF Implementation in Seagate''s Self-Encrypting Drives (SEDs)."

827 N/A N/A N/A N/A N/A 6/21/2016 N/A
826
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Aruba, a Hewlett Packard Enterprise company
1344 Crossman Ave
Sunnyvale, CA 94089
USA

-Steve Weingart
TEL: 512-318-2480

Aruba OpenSSL Library

Version ArubaOS 6.5.1 (Firmware)
Freescale IPQ8064 6/21/2016 IKEv1( AUTH( DSA , PSK ) ) ( 2048 (SHA 256 , 384 ) ) SHA Val#3300 HMAC Val#2610
IKEv2( ( 2048 (SHA 256 , 384 ) ) SHA Val#3300 HMAC Val#2610
TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#3300 HMAC Val#2610
SSH (SHA 1 ) SHA Val#3300
SNMP SHA1 Val#3300

"The Aruba MOVE Architecture forms the core network infrastructure for supporting mobile and wireless computing devices. The system enables enterprise-scale 802.11 wireless LANs (Wi-Fi), secure remote VPNs, and mobility-optimized wired networks."

825
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Aruba, a Hewlett Packard Enterprise company
1344 Crossman Ave
Sunnyvale, CA 94089
USA

-Steve Weingart
TEL: 512-318-2480

Aruba OpenSSL Library

Version ArubaOS 6.5.1 (Firmware)
Freescale IPQ8064 6/21/2016 RSASP1: (Mod2048: PKCS1.5 )

"The Aruba MOVE Architecture forms the core network infrastructure for supporting mobile and wireless computing devices. The system enables enterprise-scale 802.11 wireless LANs (Wi-Fi), secure remote VPNs, and mobility-optimized wired networks."

824
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
NXP Semiconductors
411 E. Plumeria Drive
San Jose, CA 95134
USA

-Sylvain Bonfardin
TEL: 408-564-2354

-Ron Burnett
TEL: +44(0)1316037380

NXP JCOP3 KAS Component For P60-2 (JCOP3_P60D145_SID_002)

Version 0503.0101.0207 (Firmware)
Part # P60D145
P6022y VB (NXP P60-2) 6/21/2016 Curves tested: P-224   P-256   P-384   P-521

"NXP JCOP3 is a Global Platform Java Card smart card operating system implementing SP 800-56A."

823
Section 5.4, SNMP
SP800-135
Hewlett Packard Enterprise
1160 Enterprise Way
Sunnyvale, CA 94089
USA

-Harjit Dhillon
TEL: 1916-501-1426

-Ashot Andreasyan
TEL: 1650-265-5423
FAX: 1650-265-5528

ESKM Net_SNMP

Version 7.0.0_SNMP_1.0 (Firmware)
Intel Xeon E5-2600 Family 6/21/2016 SNMP SHA1 Val#3297

"Enterprise Secure Key Manager (ESKM) provides key generation, retrieval, and management for encryption devices and solutions. ESKM is a hardened security appliance with secure access control, administration, and logging. ESKM supports high availability with automatic multi-site clustering, replication, and failover."

822
Section 5.2, SSH
SP800-135
Hewlett Packard Enterprise
1160 Enterprise Way
Sunnyvale, CA 94089
USA

-Harjit Dhillon
TEL: 1916-501-1426

-Ashot Andreasyan
TEL: 1650-265-5423
FAX: 1650-265-5528

ESKM OpenSSH

Version 7.0.0_OpenSSH_1.0 (Firmware)
Intel Xeon E5-2600 Family 6/21/2016 SSH (SHA 1 ) SHA Val#3297

"Enterprise Secure Key Manager (ESKM) provides key generation, retrieval, and management for encryption devices and solutions. ESKM is a hardened security appliance with secure access control, administration, and logging. ESKM supports high availability with automatic multi-site clustering, replication, and failover."

821
RSADP Primitive
FIPS186-4 RSA; RSADP
Hewlett Packard Enterprise
1160 Enterprise Way
Sunnyvale, CA 94089
USA

-Harjit Dhillon
TEL: 1916-501-1426

-Ashot Andreasyan
TEL: 1650-265-5423
FAX: 1650-265-5528

ESKM OpenSSL

Version 7.0.0_OpenSSH_1.0 (Firmware)
Intel Xeon E5-2600 Family 6/21/2016 RSADP: (Mod2048)

"Enterprise Secure Key Manager (ESKM) provides key generation, retrieval, and management for encryption devices and solutions. ESKM is a hardened security appliance with secure access control, administration, and logging. ESKM supports high availability with automatic multi-site clustering, replication, and failover."

820
Section 4.2,
TLS
SP800-135
Hewlett Packard Enterprise
1160 Enterprise Way
Sunnyvale, CA 94089
USA

-Harjit Dhillon
TEL: 1916-501-1426

-Ashot Andreasyan
TEL: 1650-265-5423
FAX: 1650-265-5528

ESKM OpenSSL

Version 7.0.0_OpenSSH_1.0 (Firmware)
Intel Xeon E5-2600 Family 6/21/2016 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#3297 HMAC Val#2609

"Enterprise Secure Key Manager (ESKM) provides key generation, retrieval, and management for encryption devices and solutions. ESKM is a hardened security appliance with secure access control, administration, and logging. ESKM supports high availability with automatic multi-site clustering, replication, and failover."

819
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
SP800-135
Motorola Solutions, Inc.
1301 East Algonquin Road
Schaumburg, IL 60196
USA

-Tomasz Chmiel
TEL: +48 12 29 79 000
FAX: +48 12 29 79 001

-Tomasz Rypina
TEL: +48 12 29 79 000
FAX: +48 12 29 79 001

IKEv1/IKEv2-KDF

Version 16.9.0.36 (Firmware)
Freescale MPC-8568E; Freescale MPC-7457 6/21/2016 IKEv1( AUTH( DSA , PSK ) ) ( 256 (SHA 1 , 256 , 384 ) ) ( 2048 (SHA 1 , 256 , 384 ) ) ( 384 (SHA 256 , 384 ) ) SHA Val#3295 HMAC Val#2606
IKEv2( ( 2048 (SHA 1 ) ) ( 2048 (SHA 1 ) ) SHA Val#3295 HMAC Val#2606

"IKEv1/IKEv2 Key Derivation functions are used to derive keying material for IKE in S6000 and GGM8000 network devices."

818
Section 5.4, SNMP
SP800-135
Motorola Solutions, Inc.
1301 East Algonquin Road
Schaumburg, IL 60196
USA

-Tomasz Chmiel
TEL: +48 12 29 79 000
FAX: +48 12 29 79 001

-Tomasz Rypina
TEL: +48 12 29 79 000
FAX: +48 12 29 79 001

Net-SNMP

Version 5.3.0.1 (Firmware)
Freescale MPC-8568E; Freescale MPC-7457 6/21/2016 SNMP SHA1 Val#3295

"SNMP Key Derivation function is used to derive shared secret key for SNMP agent in S6000 and GGM8000 network devices."

817
Section 5.2, SSH
SP800-135
Motorola Solutions, Inc.
1301 East Algonquin Road
Schaumburg, IL 60196
USA

-Tomasz Chmiel
TEL: +48 12 29 79 000
FAX: +48 12 29 79 001

-Tomasz Rypina
TEL: +48 12 29 79 000
FAX: +48 12 29 79 001

OpenSSH

Version 6.7p1 (Firmware)
Freescale MPC-8568E; Freescale MPC-7457 6/21/2016 SSH (SHA 1 , 256 , 384 ) SHA Val#3295

"OpenSSH - SSH Key Derivation function and HMAC-SHA-1 are used to derive keying material for SSH and provide authentication function in SSH in S6000 and GGM8000 network devices."

816
All of SP800-56A EXCEPT KDF
SP800-56A
Motorola Solutions, Inc.
1301 East Algonquin Road
Schaumburg, IL 60196
USA

-Tomasz Chmiel
TEL: +48 12 29 79 000
FAX: +48 12 29 79 001

-Tomasz Rypina
TEL: +48 12 29 79 000
FAX: +48 12 29 79 001

OpenSSL

Version 1.0.1p (Firmware)
Freescale MPC-8568E; Freescale MPC-7457 6/21/2016 ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG Full Validation )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EC: P-256 ECDSA Val#887 SHS Val#3295

"OpenSSL is used to provide the encryption function for S6000 and GGM8000 network devices."

815
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Gemalto
Avenue du Jujubier
Z.I Athelia IV
La Ciotat, 13705
France

-Frederic GARNIER
TEL: +33 442364368
FAX: +33 442366953

-Carlos Romero-liceras
TEL: +33 442365666
FAX: +33 442365545

Cryptographic library for TOP DL V2.1

Version FM Version 2.1 (Firmware)
Part # NXP P60
NXP SmartMX2 P60 chip family 6/17/2016 RSASP1: (Mod2048: PKCS1.5 )

"TOP DL V2.1 is a highly secured smartcard platform compliant with the Javacard 2.2.2, GP 2.1.1 & GP 2.2 Amdt D standards, designed to operate with the NXP P60xx chip. It supports: TDES, AES, AES-CMAC, SHA1-224-256-384-512, RSA, RSA CRT, ECDSA, ECC CDH, KDF SP800-108 & DRBG SP800-90A algorithms."

814
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
OpenSSL Validation Services, Inc.
1829 Mount Ephraim Road
Adamstown, MD 21710
USA

-Steve Marquess
TEL: 301-874-2571

OpenSSL FIPS Object Module

Version 2.0.13
Power8 (PPC) w/ AIX 7.1 32-bit; Power8 (PPC) w/ AIX 7.1 64-bit; Power8 (PPC) with PAA w/ AIX 7.1 32-bit; Power8 (PPC) with PAA w/ AIX 7.1 64-bit; Power8 (PPC) with PAA w/ AIX 7.1 64-bit; Power8 (PPC) w/ AIX 7.2 32-bit; Power8 (PPC) with PAA w/ AIX 7.2 32-bit; Power8 (PPC) w/ AIX 7.2 64-bit; Power8 (PPC) with PAA w/ AIX 7.2 64-bit; Power7 (PPC) w/ AIX 7.2 32-bit; Power7 (PPC) w/ AIX 7.2 64-bit 6/17/2016 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"The OpenSSL FIPS Object Module is a full featured general purpose cryptographic library that is distributed in source code form under an open source license. It can be downloaded from www.openssl.org/source/."

813
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
Section 4.2,
TLS
Section 5.2, SSH
Section 5.3, SRTP
Section 5.4, SNMP
SP800-135
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134
USA

-Global Certification Team

IOS Common Cryptographic Module (IC2M) Algorithm Module

Version 2.0 (Firmware)
APM86392 6/10/2016 IKEv1( AUTH( DSA , PSK ) ) ( 224 (SHA 1 , 256 ) ) SHA Val#3289 HMAC Val#2600
IKEv2( ( 224 (SHA 1 , 256 ) ) SHA Val#3289 HMAC Val#2600
TLS( TLS1.0/1.1 ) SHA Val#3289 HMAC Val#2600
SSH (SHA 1 ) SHA Val#3289
SRTP (AES 128 , 192 , 256 ) AES Val#3984
SNMP SHA1 Val#3289

"IOS Common Crypto Module"

812
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Attivo Networks Inc.
47697 Westinghouse Drive, Suite 201
Fremont, CA 94539
USA

-Satya Das
TEL: 510 623-1000

Attivo Cryptographic Module

Version 1.0
Intel Core i5 1.4GHz with AES-NI w/ Mac OS X El Capitan 10.11.3; Intel(R) Xeon(R) CPU E5-2620 v2 @ 2.10GHz with AES-NI w/ CentOS 6.5 on VMware ESXi 6.0.0; Intel(R) Xeon(R) CPU E5-2620 v2 @ 2.10GHz with AES-NI w/ CentOS 6.5 on CentOS 6.5 - KVM; Intel(R) Xeon(R) CPU E5-2620 v2 @ 2.10GHz with AES-NI w/ Ubuntu 12.04 LTS on VMware ESXi 6.0.0; Intel(R) Xeon(R) CPU E5-2620 v2 @ 2.10GHz with AES-NI w/ Windows Server 2008 SP2 (32 bit) on CentOS 6.5 - KVM 6/10/2016 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"Attivo Networks is an award winning provider of inside-the-network threat detection, attack analysis and forensics."

811
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Hewlett Packard Enterprise
153 Taylor Street
Littleton, MA 01460
USA

-Bob Pittman
TEL: 508.467.0284

Aruba 2920 switch

Version KB_15_18_0011 (Firmware)
TriCore ARM11 processor 6/3/2016 TLS( TLS1.0/1.1   TLS1.2 (SHA 512 ) ) SHA Val#3287 HMAC Val#2598
SSH (SHA 1 ) SHA Val#3287

"Aruba 2920 switch"

810
RSADP Primitive
FIPS186-4 RSA; RSADP
IP Cores, Inc.
3731 Middlefield Road
Palo Alto, CA 94303
USA

-Dmitri Varsanofiev
TEL: (650) 815-7996

RSA5-2048-32-3

Version 1.2 (Firmware)
Aldec Riviera-PRO 2015.10 6/3/2016 RSADP: (Mod2048)

"The RSA5 core is an exponentiation accelerator for the Rivest-Shamir-Adelman (RSA) calculations. This compact core targets mid-range performance (tens and hundreds private key expoentiations per second). Lower- and higher-performing cores are available, see the descriptions at http://www.ipcores.com/rsa_ip_core.htm. "

809
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Samsung Electronics Co., Ltd
416 Maetan 3-Dong Youngtong Gu
Suwon, Gyeonggi 152-848
South Korea

-Jung Ha Paik
TEL: +82-10-8861-0858

Samsung SCrypto

Version 1.0
Samsung Electronics Exynos 5433 w/ MOBICORE Tbase 300; Qualcom APQ8084 w/ QSEE 2.0 5/27/2016 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"Provide general purpose cryptographic services to TrustZone applications on the mobile platform for the protection of data in transit."

808
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Senetas Corporation Ltd, distributed by Gemalto NV (SafeNet)
312 Kings Way
South Melbourne, Victoria 3025
Australia

-John Weston
TEL: +61 3 9868 4555
FAX: +61 3 9821 4899

CN6000 Series Common Crypto Library

Version 2.7.1 (Firmware)
Intel ATOM 5/27/2016 TLS( TLS1.0/1.1 ) SHA Val#3283 HMAC Val#2596
SSH (SHA 1 , 256 , 384 , 512 ) SHA Val#3283
SNMP SHA1 Val#3283

"The CN6000 Series Common Crypto Library Module provides FIPS 140-2 approved cryptographic algorithms for CN6000 Series Encryptors. Based upon OpenSSL the Common Crypto Library provides an Application Programming Interface (API) to support security relevant services."

07/07/16: Updated vendor information;

807
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Senetas Corporation Ltd, distributed by Gemalto NV (SafeNet)
312 Kings Way
South Melbourne, Victoria 3025
Australia

-John Weston
TEL: +61 3 9868 4555
FAX: +61 3 9821 4899

CN4010, CN4020 and CN6010 Series Common Crypto Library

Version 2.7.1 (Firmware)
ARM Cortex A9 5/27/2016 TLS( TLS1.0/1.1 ) SHA Val#3282 HMAC Val#2595
SSH (SHA 1 , 256 , 384 , 512 ) SHA Val#3282
SNMP SHA1 Val#3282

"The CN4010, CN4020 and CN6010 Series Common Crypto Library Module provides FIPS 140-2 approved cryptographic algorithms for the CN4010, CN4020 and CN6010 Series Encryptors. Based upon OpenSSL the Library provides an Application Programming Interface (API) to support security relevant services."

07/06/16: Updated vendor information;

806
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Senetas Corporation Ltd, distributed by Gemalto NV (SafeNet)
312 Kings Way
South Melbourne, Victoria 3025
Australia

-John Weston
TEL: +61 3 9868 4555
FAX: +61 3 9821 4899

CN8000 Series Common Crypto Library

Version 2.7.1 (Firmware)
Intel Xeon 5/27/2016 TLS( TLS1.0/1.1 ) SHA Val#3281 HMAC Val#2594
SSH (SHA 1 , 256 , 384 , 512 ) SHA Val#3281
SNMP SHA1 Val#3281

"The CN8000 Series Common Crypto Library Module provides FIPS 140-2 approved cryptographic algorithms for CN8000 Series Encryptors. Based upon OpenSSL the Common Crypto Library provides an Application Programming Interface (API) to support security relevant services."

07/07/16: Updated vendor information;

805
All of SP800-56A EXCEPT KDF
SP800-56A
MobileIron
415 East Middlefield Road
Mountain View, CA 94043
USA

-Brian Mansfield
TEL: 415-596-4677

MobileIron RSA Crypto-J

Version 6.1 and 6.1.1.0.1
x86-64 w/ CentOS 6.7 with Sun JRE 5/27/2016 FFC: SCHEMES: Ephem: (KARole: Initiator ) FB FC DSA Val#701 SHS Val#1938 DRBG Val#273
ECC:
SCHEMES: EphemUnified: (KARole: Initiator ) EC: P-256 ED: P-384 ECDSA Val#357 SHS Val#1938 DRBG Val#273

"General purpose cryptographic services available for Android used by the Mobile@Work client to provide secure cryptography"

804
RSADP Primitive
FIPS186-4 RSA; RSADP
SafeNet/Gemalto
35 Efal St., Kiryat Arye, P.O. Box 3968
Petach Tikva, n/a 4951132
Israel

-Danny Tabak
TEL: +972 3 9871309
FAX: +972-(0)3-978-1010

-Chanan Lavi
TEL: +972 3 9871254
FAX: +972-(0)3-978-1010

eToken Applet 1.8

Version FW Version 1.2 (Firmware)
Part # IFX SLE78CFX3009P
Infineon SLE78 chip family. 5/27/2016 RSADP: (Mod2048)

"eToken Applet 1.8 is a PKI Java Card applet designed to operate above Java Card API 2.2.2."

803
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
SafeNet/Gemalto
35 Efal St., Kiryat Arye, P.O. Box 3968
Petach Tikva, n/a 4951132
Israel

-Danny Tabak
TEL: +972 3 9871309
FAX: +972-(0)3-978-1010

-Chanan Lavi
TEL: +972 3 9871254
FAX: +972-(0)3-978-1010

eToken Applet 1.8

Version FW Version 1.2 (Firmware)
Part # IFX SLE78CFX3009P
Infineon SLE78 chip family. 5/27/2016 RSASP1: (Mod2048: PKCS1.5 )

"eToken Applet 1.8 is a PKI Java Card applet designed to operate above Java Card API 2.2.2."

802
All of SP800-56A EXCEPT KDF
SP800-56A
Samsung Electronics Co., Ltd
R4 416, Maetan 3-dong, Yeongtong-gu
Suwon-si, Gyeonggi-do 443-742
Korea

-Jung Ha Paik
TEL: +82-10-8861-0858

Samsung BoringSSL Cryptographic Module

Version v1.0
MSM8996 w/ Android 6.0.1; EXYNOS8890 w/ Android 6.0.1; EXYNOS7420 w/ Android 6.0.1; APQ8084 w/ Android 6.0.1; EXYNOS5433 w/ Android 6.0.1 5/20/2016 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: Ephem: (KARole: Initiator ) FB FC DSA Val#1071 SHS Val#3227 DRBG Val#1132
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: EphemUnified: (KARole: Initiator ) EC: P-256 ED: P-384 ECDSA Val#857 SHS Val#3227 DRBG Val#1132

"The Samsung BoringSSL Cryptographic Module is a general purpose cryptographic module to provide user-mode applications with security services."

801
All of SP800-56A EXCEPT KDF
SP800-56A
MobileIron
415 East Middlefield Road
Mountain View, CA 94043
USA

-Brian Mansfield
TEL: 415-596-4677

MobileIron Mobile@Work client for Android

Version OpenSSL 1.0.2d,FIPS 2.0.9
Samsung Galaxy Note 4 - SM-N910A w/ Android 5.1; Samsung S4 - SGH-I337 w/ Android 4.4.4; Samsung S5 - SM-G900H w/ Android 4.4.2; Samsung Galaxy Note 3 - SM-N900 w/ Android 4.4.2; Samsung S6 - SM-G920A w/ Android 5.0.2 5/20/2016 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: Ephem: (KARole: Initiator ) FB FC DSA Val#1082 SHS Val#3040 DRBG Val#950
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: EphemUnified: (KARole: Initiator ) EC: P-256 ED: P-384 ECDSA Val#750 SHS Val#3040 DRBG Val#950

""General purpose cryptographic services available for Android used by the Mobile@Work client to provide secure cryptography"

800
All of SP800-56A EXCEPT KDF
SP800-56A
Huawei Device(Dongguan) Co., Ltd.
B2-5 of Nanfang Factory
No.2 of Xincheng Rd
Songshan Lake Science & Technology Industrial Zone
Dongguan, Guangdong 523808
China

-Tailiang Hong
TEL: 86-755-36376922

-Blue Lee
TEL: 86-755-28976679

Huawei OpenSSL

Version OpenSSL 1.0.1h
HiSilicon K3V3+ w/ Android 5.0 5/20/2016 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: Ephem: (KARole: Initiator ) FB FC DSA Val#1069 SHS Val#2933 DRBG Val#909
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: EphemUnified: (KARole: Initiator ) EC: P-256 ED: P-384 ECDSA Val#725 SHS Val#2933 DRBG Val#909

"General purpose cryptographic module available for Android used by Huawei devices. A variety of cryptographic services are provided, including AES, RSA, SHA, HMAC, CMAC, ECDSA, CTR_DRBG, etc."

799
Signature Generation of hash sized messages
FIPS186-4 ECDSA
Intel Corporation
2200 Mission College Blvd.
Santa Clara, California 95054
USA

-Steve F. Taylor
TEL: 202-361-7778

-Kevin Fiftal
TEL: 860-326-6293

CSE

Part # 3.0
N/A 5/20/2016 ECDSA SigGen Component: CURVES( P-256 )

"The CSE provides the cryptographic functions within the Intel(R) vPro(TM) ME for applications executing in the ME."

798
Signature Generation of hash sized messages
FIPS186-4 ECDSA
Intel Corporation
2200 Mission College Blvd.
Santa Clara, California 95054
USA

-Steve F. Taylor
TEL: 202-361-7778

-Kevin Fiftal
TEL: 860-326-6293

CSME Crypto Driver

Version 1.0 (Firmware)
embedded IA-32 5/20/2016 ECDSA SigGen Component: CURVES( P-256 )

"The CSME Crypto Driver provides the cryptographic functions within the Intel(R) vPro(TM) ME for applications executing in the ME."

797
All of SP800-56A EXCEPT KDF
SP800-56A
LG Electronics, Inc.
20 Yoido-dong
Youngdungpo-gu
Seoul, n/a 152-721
Republic of Korea

-Jongseong Kim
TEL: 82-10-2207-1919
FAX: 82-2-6950-2080

-Adam Wick
TEL: 503-808-7216
FAX: 503-350-0833

LG OpenSSL

Version 1.0.1h
Qualcomm Snapdragon 800-series w/ Android 6.0.1 5/13/2016 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: Ephem: (KARole: Initiator ) FB FC DSA Val#1075 SHS Val#3255 DRBG Val#1150
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 ECDSA Val#865 SHS Val#3255 DRBG Val#1150

"General-purpose cryptographic services available for Android used by LG devices to provide secured services to applications via the OpenSSL FIPS Object Module, which is a full featured general purpose cryptographic library."

796
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Cohesity, Inc.
451 El Camino Real
Suite 235
Santa Clara, CA 95050
USA

-Vivek Agarwal
TEL: +1 (415) 690-7805

Cohesity OpenSSL FIPS Object Module

Version 1.0.1
Intel x86_64 w/ CentOS 7 5/13/2016 Curves tested: P-224   P-256   P-384   P-521

"The Cohesity OpenSSL FIPS Object Module is a general purpose cryptographic module compiled from the source code for the OpenSSL FIPS Object Module 2.0.12. It is incorporated into the family of Cohesity storage appliances."

795
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
SP800-135
Fortinet Inc.
899 Kifer Road
Sunnyvale, CA 94086
USA

-Alan Kaye
TEL: 613-225-9381 x87416
FAX: 613-225-9951

Fortinet FortiOS FIPS Cryptographic Library v5.2

Version 5.2.7 (Firmware)
ARM v5 Compatible (SoC2); Intel Atom; Intel E3 v3; Intel Xeon E5 v2; Intel Xeon E5 v3; Intel Celeron G540; Intel i3 (3rd Gen) 5/13/2016 IKEv1( AUTH( DSA , PKE , PSK ) ) ( 224 (SHA 1 , 256 , 384 , 512 ) ) ( 8192 (SHA 1 , 256 , 384 , 512 ) ) ( 2048 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#3268 HMAC Val#2582
IKEv2( ( 224 (SHA 1 , 256 , 384 , 512 ) ) ( 8192 (SHA 1 , 256 , 384 , 512 ) ) ( 2048 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#3268 HMAC Val#2582

"This document focuses on the firmware implementation of the Fortinet FortiOS FIPS Cryptographic Library v5.2 running on Intel x86 compatible processors."

794
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Fortinet Inc.
899 Kifer Road
Sunnyvale, CA 94086
USA

-Alan Kaye
TEL: 613-225-9381 x87416
FAX: 613-225-9951

Fortinet FortiOS SSL Cryptographic Library v5.2

Version 5.2.7 (Firmware)
ARM v5 Compatible (SoC2); Intel Atom; Intel Xeon E3 v3; Intel Xeon E5 v2; Intel Xeon E5 v3; Intel Celeron G540; Intel i3 (3rd Gen) 5/13/2016 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 ) ) SHA Val#3267 HMAC Val#2571
SSH (SHA 1 ) SHA Val#3267

"This document focuses on the firmware implementation of the Fortinet FortiOS SSL Cryptographic Library v5.2 running on Intel x86 compatible processors."

793
Section 4.1.1,
IKEv1
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
WatchGuard Technologies, Inc.
505 Fifth Avenue South, Suite 500
Seattle, Washington 98104
USA

-Peter Eng
TEL: 206 613-6608
FAX: 206 613-0888

Firebox Cryptographic Module

Version 11.11.2 (Firmware)
Freescale P1010; Freescale P1011; Freescale P1020; Freescale T1042; Freescale T2081; Intel Atom C2758; Intel Celeron G1820; Intel Pentium G3420; Intel Xeon E3; Intel Xeon E5 5/6/2016 IKEv1( AUTH( DSA , PSK ) ) ( 256 (SHA 1 , 256 , 384 , 512 ) ) ( 3072 (SHA 1 , 256 , 384 , 512 ) ) ( 2048 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#3266 HMAC Val#2580
TLS( TLS1.0/1.1 ) SHA Val#3266 HMAC Val#2580
SSH (SHA 1 ) SHA Val#3266
SNMP SHA1 Val#3266

"WatchGuard Firebox security appliances are designed to protect organizations from various security and productivity threats, including viruses, network attacks, intrusion attempts, Trojan horses, harmful or counterproductive URLs, spam, and more, while also providing secure Virtual Private Network (VPN) connections among workplaces and remote users"

792
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
SP800-135
Juniper Networks, Inc.
1133 Innovation Way
Sunnyvale, CA 94089
USA

-Balachandra Shanabhag
TEL: +91 8061219144

Quicksec - Control Plane

Version 14.2X4-D10 (Firmware)
Intel® Xeon® LC5518 4/29/2016 IKEv1( AUTH( DSA , PSK ) ) ( 256 (SHA 1 , 256 , 384 ) ) ( 2048 (SHA 1 , 256 , 384 ) ) ( 384 (SHA 1 , 256 , 384 ) ) SHA Val#3264 HMAC Val#2578
IKEv2( ( 256 (SHA 1 , 256 , 384 ) ) ( 2048 (SHA 1 , 256 , 384 ) ) ( 384 (SHA 1 , 256 , 384 ) ) SHA Val#3264 HMAC Val#2578

"The MX 3D Universal Edge Routers deliver high performance, reliability, and scale to enable a cost-effective solution. Key features include support for a wide range of L2/L3 VPN services and advanced broadband network gateway functions, along with integrated routing, switching and security services."

791
Section 5.2, SSH
SP800-135
Juniper Networks, Inc.
1133 Innovation Way
Sunnyvale, CA 94089
USA

-Balachandra Shanabhag
TEL: +91 8061219144

OpenSSH

Version 14.2X4-D10 (Firmware)
Intel® Xeon® LC5518 4/29/2016 SSH (SHA 256 , 384 , 512 ) SHA Val#3262

"The MX 3D Universal Edge Routers deliver high performance, reliability, and scale to enable a cost-effective solution. Key features include support for a wide range of L2/L3 VPN services and advanced broadband network gateway functions, along with integrated routing, switching and security services."

790
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Microsemi Corporation
One Enterprise Aliso Viejo
Camarillo, CA 92656
USA

-Stephen Bates
TEL: +1 (403) 609-1784

Athena™ TeraFire® EXP-F5200ASR MPU with PKX-5200

Version 1.0 (Firmware)
Mentor Graphics ModelSim SE v6.1h 4/29/2016 Curves tested: P-384

"The Athena™ TeraFire® EXP-F5200ASR macro provides acceleration of cryptographic algorithms."

789
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Certicom Corp.
4701 Tahoe Blvd, Building A
5th Floor
Mississauga, Ontario L4W 0B5
Canada

-Certicom Support
TEL: 1-905-507-4220
FAX: 1-905-507-4230

-Certicom Sales
TEL: 1-905-507-4220
FAX: 1-905-507-4230

Security Builder® FIPS Core

Version 6.0.3
Intel Core i7-3615QM w/ Mac OS X El Captian 10.11.4 4/22/2016 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571

"Security Builder® FIPS Core provides application developers with cryptographics tools to easily integrate encryption, digital signatures and other security mechanisms into C-based apps for FIPS 140-2 and Suite B security. It can also be used with Certicom''s PKI, IPSec and SSL modules."

788
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
LG Electronics, Inc.
20 Yoido-dong
Youngdungpo-gu
Seoul, n/a 152-721
Republic of Korea

-Jongseong Kim
TEL: 82-10-4535-0110
FAX: 82-2-6950-2080

-Adam Wick
TEL: 503-808-7216
FAX: 503-350-0833

LG OpenSSL

Version 1.0.1h
Qualcomm Snapdragon 800-series w/ Android 6.0.1 4/22/2016 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"General-purpose cryptographic services available for Android used by LG devices to provide secured services to applications via the OpenSSL FIPS Object Module, which is a full featured general purpose cryptographic library."

05/20/16: Updated vendor information;

787
Section 4.2,
TLS
SP800-135
ARX (Algorithmic Research)
10 Nevatim St
Petah-Tikva, Israel 49561
Israel

-Ezer Farhi
TEL: 972-3-9279529

CoSign-HW8FW8-CKIT

Version 5.0.4 (Firmware)
Intel® Xeon Quad-Core 4/15/2016 TLS( TLS1.0/1.1 ) SHA Val#3249 HMAC Val#2564

"CoSign is a digital signature appliance that is connected to the organizational network and manages all signature keys and certificates of organization''''''''s end-users. End-users will connect securely to CoSign from their PC for the purpose of signing documents and data."

786
Section 4.2,
TLS
SP800-135
ARX (Algorithmic Research)
10 Nevatim St
Petah-Tikva, Israel 49561
Israel

-Ezer Farhi
TEL: 972-3-9279529

CoSign-HW7FW8-CKIT

Version 5.0.4 (Firmware)
Intel® Pentium Dual-Core 4/15/2016 TLS( TLS1.0/1.1 ) SHA Val#3248 HMAC Val#2563

"CoSign is a digital signature appliance that is connected to the organizational network and manages all signature keys and certificates of organization''''''''s end-users. End-users will connect securely to CoSign from their PC for the purpose of signing documents and data."

785
Section 4.2,
TLS
SP800-135
GDC Technology (USA) LLC
1016 West Magnolia Boulevard
Burbank, California 91506
USA

-Pranay Kumar
TEL: (852) 2507 9565
FAX: (852) 2579 1131

-ChernYue Kwok
TEL: (852) 2507 9552
FAX: (852) 2579 1131

Crypto Library

Version 2.0.11 (Firmware)
Freescale QorIQ 4/15/2016 TLS( TLS1.0/1.1 ) SHA Val#3247 HMAC Val#2560

"A digital cinema standalone integrated media block that is compliant with DCI specifications and SMPTE digital cinema standards. The supported features include JPEG2000 decoding, AES decryption, key management, and logging."

784
RSADP Primitive
FIPS186-4 RSA; RSADP
Samsung Electronics Co., Ltd
R4 416, Maetan 3-dong, Yeongtong-gu
Suwon-si, Gyeonggi-do 443-742
Korea

-Jung Ha Paik
TEL: +82-10-8861-0858

Samsung BoringSSL Cryptographic Module

Version v1.0
MSM8996 w/ Android 6.0.1; EXYNOS8890 w/ Android 6.0.1; EXYNOS7420 w/ Android 6.0.1; APQ8084 w/ Android 6.0.1; EXYNOS5433 w/ Android 6.0.1 4/15/2016 RSADP: (Mod2048)

"The Samsung BoringSSL Cryptographic Module is a general purpose cryptographic module to provide user-mode applications with security services."

05/20/16: Updated implementation information;

783
Section 4.1.1,
IKEv1
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Palo Alto Networks
4401 Great America Parkway
Santa Clara, California 95054
USA

-Amir Shahhosseini
TEL: 408-753-4000
FAX: 408-753-4001

-Jake Bajic
TEL: 408-753-3901
FAX: 408-753-4001

Palo Alto Networks Crypto Module with DRBG (PA-200, PA-500, PA-2000 Series, PA-3000 Series, PA-4000 Series, PA-5000 and PA-7050 Series Firewalls)

Version PAN-OS 6.0-DRBG (Firmware)
Intel Celeron P4505; Intel Core I7; Intel Multi Core Xeon 4/8/2016 IKEv1( AUTH( PSK ) ) ( 2048 (SHA 256 , 384 , 512 ) ) SHA Val#3242 HMAC Val#2555
TLS( TLS1.0/1.1 ) SHA Val#3242 HMAC Val#2555
SSH (SHA 1 ) SHA Val#3242
SNMP SHA1 Val#3242

"The Palo Alto Networks Crypto Module provides the cryptographic functionality for a variety of platforms i.e. the PA-200, PA-500, PA-2000, PA-3000, PA-4000, PA-5000 and PA-7050 firewalls. The firewalls provide network security by enabling enterprises to see/control applications, users, and content."

05/09/16: Updated implementation information;

782
Section 4.1.1,
IKEv1
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Palo Alto Networks
4401 Great America Parkway
Santa Clara, California 95054
USA

-Amir Shahhosseini
TEL: 408-753-4000
FAX: 408-753-4001

-Jake Bajic
TEL: 408-753-3901
FAX: 408-753-4001

Palo Alto Networks Crypto Module with DRBG (PA-200, PA-500, PA-2000 Series, PA-3000 Series, PA-4000 Series, PA-5000 and PA-7050 Series Firewalls)

Version PAN-OS 6.0-DRBG (Firmware)
Cavium Octeon MIPS64 4/8/2016 IKEv1( AUTH( PSK ) ) ( 2048 (SHA 256 , 384 , 512 ) ) SHA Val#3241 HMAC Val#2554
TLS( TLS1.0/1.1   TLS1.2 (SHA 256 ) ) SHA Val#3241 HMAC Val#2554
SSH (SHA 1 ) SHA Val#3241
SNMP SHA1 Val#3241

"The Palo Alto Networks Crypto Module provides the cryptographic functionality for a variety of platforms i.e. the PA-200, PA-500, PA-2000, PA-3000, PA-4000, PA-5000 and PA-7050 firewalls. The firewalls provide network security by enabling enterprises to see/control applications, users, and content."

05/09/16: Updated implementation information;
05/20/16: Updated implementation information;

781
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Hospira Inc.
275 N. Field Drive
Lake Forest, IL 60045
USA

-Chaitanya Srinivasamurthy
TEL: 001-224-212-5715
FAX: 001-224-212-7910

-Slawomir Ciapala
TEL: 001-224-212-5545
FAX: 001-224-212-7910

Hospira CE3.x OpenSSL Cryptographic Module

Version 2.0.9
i.MX53 Arm Cortex-A8 w/ Android 2.3.7 4/8/2016 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"Hospira OpenSSL FIPS Object Module 2.0.9 is used within various Hospira Infusion Pumps for providing secure communication between Infusion pumps and external server."

780
Section 4.2,
TLS
SP800-135
Prometheus Security Group Global, Inc.
3019 Alvin Devane Blvd
Building 4, Suite #450
Austin, TX 78741
USA

-Jeremy Freeze-Skret
TEL: 512-247-3700
FAX: 512-519-4054

-Mark Thomas
TEL: 503-647-7762
FAX: 512-519-4054

Talon-OpenSSL

Version 1.0.2d and 2.0.9 (Firmware)
Freescale IMX6Q Arm Cortex A9 4/1/2016 TLS( TLS1.0/1.1 ) SHA Val#3234 HMAC Val#2549

"Used for core cryptography functions of the module other than the optional hard drive encryption."

779
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Intel Corporation
2200 Mission College Blvd
Santa Clara, CA 95054
USA

-Steve F. Taylor
TEL: 202-361-7778

-Kevin Fiftal
TEL: 860-326-6293

CSME Crypto Driver

Version 1.0 (Firmware)
embedded IA-32 4/1/2016 Curves tested: P-256

"The CSME Crypto Driver provides the cryptographic functions within the Intel(R) vPro(TM) ME for applications executing in the ME."

778
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Allied Telesis
27 Nazareth Ave
Christchurch, Canterbury 8024
New Zealand

-Andrew Riddell
TEL: +64 29 377 3777
FAX: +64 3 339 3001

-Mofassir Ul Haque
TEL: +64 27 777 1854
FAX: +64 3 339 3001

AW+ OpenSSL FIPS Object Module Version 2.0.10

Version Openssl-fips-2.0.10 (Firmware)
Freescale PowerPC P2040 3/31/2016 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"AW+ OpenSSL FIPS Object Module is a software library which provides cryptographic support for secure communication and protection of information. The cryptographic services provided by the library include Symmetric Encryption and Decryption, Digital Signature, Cryptographic Hashing and Keyed-Hash Message Authentication."

777
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Samsung Electronics Co., Ltd
R4 416, Maetan 3-dong, Yeongtong-gu
Suwon-si, Gyeonggi-do 443-742
Korea

-Jung Ha Paik
TEL: +82-10-8861-0858

Samsung BoringSSL Cryptographic Module

Version v1.0
MSM8996 w/ Android 6.0.1; EXYNOS8890 w/ Android 6.0.1; EXYNOS7420 w/ Android 6.0.1; APQ8084 w/ Android 6.0.1; EXYNOS5433 w/ Android 6.0.1 3/31/2016 Curves tested: P-224   P-256   P-384   P-521

"The Samsung BoringSSL Cryptographic Module is a general purpose cryptographic module to provide user-mode applications with security services."

04/12/16: Updated implmentation information and added new tested information;
05/20/16: Updated implementation information;

776
Signature Generation of hash sized messages
FIPS186-4 ECDSA
Legion of the Bouncy Castle Inc.
85 The Crescent
Ascot Vale, Victoria 3032
Australia

-David Hook
TEL: +61438170390

-Jon Eaves
TEL: +61417502969

Bouncy Castle FIPS .NET API

Version 1.0.0
Intel Core i7 (6th Gen) w/ Windows 10 Enterprise 64 bit; Intel Atom w/ Windows 10 Professional 64 bit; Intel Core i5 (5th Gen) w/ Windows 8.1 Professional 32 bit; Intel Core i5 (5th Gen) w/ Windows 7 SP1 32 bit 3/25/2016 ECDSA SigGen Component: CURVES( P-224 P-256 P-384 P-521 K-233 K-283 K-409 K-571 B-233 B-283 B-409 B-571 )

"The Bouncy Castle FIPS .NET API is a comprehensive suite of FIPS Approved algorithms implemented in pure C#. All key sizes and modes have been implemented to allow flexibility and efficiency, and additional algorithms, including some post-quantum ones, are available in non-approved operation as well."

775
Section 4.2,
TLS
Section 5.1,
ANS X9.63-2001
SP800-135
Legion of the Bouncy Castle Inc.
85 The Crescent
Ascot Vale, Victoria 3032
Australia

-David Hook
TEL: +61438170390

-Jon Eaves
TEL: +61417502969

Bouncy Castle FIPS .NET API

Version 1.0.0
Intel Core i7 (6th Gen) w/ Windows 10 Enterprise 64 bit; Intel Atom w/ Windows 10 Professional 64 bit; Intel Core i5 (5th Gen) w/ Windows 8.1 Professional 32 bit; Intel Core i5 (5th Gen) w/ Windows 7 SP1 32 bit 3/25/2016 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#3226 HMAC Val#2544
ANSX963_2001 (SHS 224 , 256 , 384 , 512 ) SHA Val#3226

"The Bouncy Castle FIPS .NET API is a comprehensive suite of FIPS Approved algorithms implemented in pure C#. All key sizes and modes have been implemented to allow flexibility and efficiency, and additional algorithms, including some post-quantum ones, are available in non-approved operation as well."

774
RSADP Primitive
FIPS186-4 RSA; RSADP
Legion of the Bouncy Castle Inc.
85 The Crescent
Ascot Vale, Victoria 3032
Australia

-David Hook
TEL: +61438170390

-Jon Eaves
TEL: +61417502969

Bouncy Castle FIPS .NET API

Version 1.0.0
Intel Core i7 (6th Gen) w/ Windows 10 Enterprise 64 bit; Intel Atom w/ Windows 10 Professional 64 bit; Intel Core i5 (5th Gen) w/ Windows 8.1 Professional 32 bit; Intel Core i5 (5th Gen) w/ Windows 7 SP1 32 bit 3/25/2016 RSADP: (Mod2048)

"The Bouncy Castle FIPS .NET API is a comprehensive suite of FIPS Approved algorithms implemented in pure C#. All key sizes and modes have been implemented to allow flexibility and efficiency, and additional algorithms, including some post-quantum ones, are available in non-approved operation as well."

773
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Legion of the Bouncy Castle Inc.
85 The Crescent
Ascot Vale, Victoria 3032
Australia

-David Hook
TEL: +61438170390

-Jon Eaves
TEL: +61417502969

Bouncy Castle FIPS .NET API

Version 1.0.0
Intel Core i7 (6th Gen) w/ Windows 10 Enterprise 64 bit; Intel Atom w/ Windows 10 Professional 64 bit; Intel Core i5 (5th Gen) w/ Windows 8.1 Professional 32 bit; Intel Core i5 (5th Gen) w/ Windows 7 SP1 32 bit 3/25/2016 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"The Bouncy Castle FIPS .NET API is a comprehensive suite of FIPS Approved algorithms implemented in pure C#. All key sizes and modes have been implemented to allow flexibility and efficiency, and additional algorithms, including some post-quantum ones, are available in non-approved operation as well."

772
Section 4.1.2,
IKEv2
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Cisco Systems, Inc.
170 West Tasman Dr.
San Jose, CA 95134
USA

-Global Certification Team

Adaptive Security Appliance Virtual (ASAv)

Version 9.4
Intel Xeon w/ ESXi 3/25/2016 IKEv2( ( 2048 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#3223 HMAC Val#2540
TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#3223 HMAC Val#2540
SSH (SHA 1 ) SHA Val#3223
SNMP SHA1 Val#3223

"The Cisco ASAv delivers robust user and application policy enforcement, multi-vector attack protection, and secure connectivity services in cost-effective, easy-to-deploy solutions. The ASAv provide comprehensive security, performance, and reliability for network environment."

771
Section 5.7.1.2: ECC CDH Primitive

All of SP800-56A EXCEPT KDF
SP800-56A

SP800-56A
IBM Corporation
11400 Burnet Road
Austin, TX 78758
USA

-Tom Benjamin
TEL: 512-286-5319
FAX: 512-973-4763

-Karthik Ramamoorthy
TEL: 512-286-8135
FAX: 512-973-4763

IBM JCE FIPS Module on Linux on z Systems with CPACF

Version 1.8
z13 w/ RHEL Server release 7.2 for IBM z Systems 3/18/2016 Curves tested: P-224   P-256   P-384   P-521
FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   KPG )
SCHEMES: Hybrid1: (KARole: Initiator / Responder ) FB FC Ephem: (KARole: Initiator / Responder ) FB FC Static: (KARole: Initiator / Responder ) FB FC DSA Val#1068 SHS Val#3222 DRBG Val#1125
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG Partial Validation )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 StaticUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 ECDSA Val#853 SHS Val#3222 DRBG Val#1125

"The IBM Java JCE (Java Cryptographic Extension) FIPS provider (IBMJCEFIPS) for multi-platforms is a scalable, multipurpose cryptographic module that supports many FIPS approved cryptographic operations. This gives Java applications access to the FIPS algorithms via the standard JCE framework."

770
Section 4.2,
TLS
SP800-135
IBM Corporation
11400 Burnet Road
Austin, TX 78758
USA

-Tom Benjamin
TEL: 512-286-5319
FAX: 512-973-4763

-Karthik Ramamoorthy
TEL: 512-286-8135
FAX: 512-973-4763

IBM JCE FIPS Module on Linux on z Systems with CPACF

Version 1.8
z13 w/ RHEL Server release 7.2 for IBM z Systems 3/18/2016 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#3222 HMAC Val#2539

"The IBM Java JCE (Java Cryptographic Extension) FIPS provider (IBMJCEFIPS) for multi-platforms is a scalable, multipurpose cryptographic module that supports many FIPS approved cryptographic operations. This gives Java applications access to the FIPS algorithms via the standard JCE framework."

769
Section 5.7.1.2: ECC CDH Primitive

All of SP800-56A EXCEPT KDF
SP800-56A

SP800-56A
IBM Corporation
11400 Burnet Road
Austin, TX 78758
USA

-Tom Benjamin
TEL: 512-286-5319
FAX: 512-973-4763

-Karthik Ramamoorthy
TEL: 512-286-8135
FAX: 512-973-4763

IBM JCE FIPS Module on zOS with CPACF

Version 1.8
z13 w/ z/OS version 2 release 2 3/18/2016 Curves tested: P-224   P-256   P-384   P-521
FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   KPG )
SCHEMES: Hybrid1: (KARole: Initiator / Responder ) FB FC Ephem: (KARole: Initiator / Responder ) FB FC Static: (KARole: Initiator / Responder ) FB FC DSA Val#1067 SHS Val#3221 DRBG Val#1124
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG Partial Validation )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 StaticUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 ECDSA Val#852 SHS Val#3221 DRBG Val#1124

"The IBM Java JCE (Java Cryptographic Extension) FIPS provider (IBMJCEFIPS) for multi-platforms is a scalable, multipurpose cryptographic module that supports many FIPS approved cryptographic operations. This gives Java applications access to the FIPS algorithms via the standard JCE framework."

768
Section 4.2,
TLS
SP800-135
IBM Corporation
11400 Burnet Road
Austin, TX 78758
USA

-Tom Benjamin
TEL: 512-286-5319
FAX: 512-973-4763

-Karthik Ramamoorthy
TEL: 512-286-8135
FAX: 512-973-4763

IBM JCE FIPS Module on zOS with CPACF

Version 1.8
z13 w/ z/OS version 2 release 2 3/18/2016 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#3221 HMAC Val#2538

"The IBM Java JCE (Java Cryptographic Extension) FIPS provider (IBMJCEFIPS) for multi-platforms is a scalable, multipurpose cryptographic module that supports many FIPS approved cryptographic operations. This gives Java applications access to the FIPS algorithms via the standard JCE framework."

767
Section 5.7.1.2: ECC CDH Primitive

All of SP800-56A EXCEPT KDF
SP800-56A

SP800-56A
IBM Corporation
11400 Burnet Road
Austin, TX 78758
USA

-Tom Benjamin
TEL: 512-286-5319
FAX: 512-973-4763

-Karthik Ramamoorthy
TEL: 512-286-8135
FAX: 512-973-4763

IBM JCE FIPS Module on xLinux with AES-NI

Version 1.8
Intel Xeon E5 V3 family w/ Red Hat Enterprise Linux Server release 7.1 3/18/2016 Curves tested: P-224   P-256   P-384   P-521
FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   KPG )
SCHEMES: Hybrid1: (KARole: Initiator / Responder ) FB FC Ephem: (KARole: Initiator / Responder ) FB FC Static: (KARole: Initiator / Responder ) FB FC DSA Val#1066 SHS Val#3220 DRBG Val#1123
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG Partial Validation )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 StaticUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 ECDSA Val#851 SHS Val#3220 DRBG Val#1123

"The IBM Java JCE (Java Cryptographic Extension) FIPS provider (IBMJCEFIPS) for multi-platforms is a scalable, multipurpose cryptographic module that supports many FIPS approved cryptographic operations. This gives Java applications access to the FIPS algorithms via the standard JCE framework."

766
Section 4.2,
TLS
SP800-135
IBM Corporation
11400 Burnet Road
Austin, TX 78758
USA

-Tom Benjamin
TEL: 512-286-5319
FAX: 512-973-4763

-Karthik Ramamoorthy
TEL: 512-286-8135
FAX: 512-973-4763

IBM JCE FIPS Module on xLinux with AES-NI

Version 1.8
Intel Xeon E5 V3 family w/ Red Hat Enterprise Linux Server release 7.1 3/18/2016 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#3220 HMAC Val#2537

"The IBM Java JCE (Java Cryptographic Extension) FIPS provider (IBMJCEFIPS) for multi-platforms is a scalable, multipurpose cryptographic module that supports many FIPS approved cryptographic operations. This gives Java applications access to the FIPS algorithms via the standard JCE framework."

765
Section 5.7.1.2: ECC CDH Primitive

All of SP800-56A EXCEPT KDF
SP800-56A

SP800-56A
IBM Corporation
11400 Burnet Road
Austin, TX 78758
USA

-Tom Benjamin
TEL: 512-286-5319
FAX: 512-973-4763

-Karthik Ramamoorthy
TEL: 512-286-8135
FAX: 512-973-4763

IBM JCE FIPS Module on Windows 2012 with AES-NI

Version 1.8
Intel Xeon E5 V3 family w/ Windows Server 2012 release 2 3/18/2016 Curves tested: P-224   P-256   P-384   P-521
FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   KPG )
SCHEMES: Hybrid1: (KARole: Initiator / Responder ) FB FC Ephem: (KARole: Initiator / Responder ) FB FC Static: (KARole: Initiator / Responder ) FB FC DSA Val#1065 SHS Val#3219 DRBG Val#1122
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG Partial Validation )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 StaticUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 ECDSA Val#850 SHS Val#3219 DRBG Val#1122

"The IBM Java JCE (Java Cryptographic Extension) FIPS provider (IBMJCEFIPS) for multi-platforms is a scalable, multipurpose cryptographic module that supports many FIPS approved cryptographic operations. This gives Java applications access to the FIPS algorithms via the standard JCE framework."

764
Section 4.2,
TLS
SP800-135
IBM Corporation
11400 Burnet Road
Austin, TX 78758
USA

-Tom Benjamin
TEL: 512-286-5319
FAX: 512-973-4763

-Karthik Ramamoorthy
TEL: 512-286-8135
FAX: 512-973-4763

IBM JCE FIPS Module on Windows 2012 with AES-NI

Version 1.8
Intel Xeon E5 V3 family w/ Windows Server 2012 release 2 3/18/2016 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#3219 HMAC Val#2536

"The IBM Java JCE (Java Cryptographic Extension) FIPS provider (IBMJCEFIPS) for multi-platforms is a scalable, multipurpose cryptographic module that supports many FIPS approved cryptographic operations. This gives Java applications access to the FIPS algorithms via the standard JCE framework."

763
Section 5.7.1.2: ECC CDH Primitive

All of SP800-56A EXCEPT KDF
SP800-56A

SP800-56A
IBM Corporation
11400 Burnet Road
Austin, TX 78758
USA

-Tom Benjamin
TEL: 512-286-5319
FAX: 512-973-4763

-Karthik Ramamoorthy
TEL: 512-286-8135
FAX: 512-973-4763

IBM JCE FIPS Module on Windows 7

Version 1.8
Intel Core i7 vPro 4770 w/ Windows 7 64-bit 3/18/2016 Curves tested: P-224   P-256   P-384   P-521
FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   KPG )
SCHEMES: Hybrid1: (KARole: Initiator / Responder ) FB FC Ephem: (KARole: Initiator / Responder ) FB FC Static: (KARole: Initiator / Responder ) FB FC DSA Val#1064 SHS Val#3218 DRBG Val#1121
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG Partial Validation )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 StaticUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 ECDSA Val#849 SHS Val#3218 DRBG Val#1121

"The IBM Java JCE (Java Cryptographic Extension) FIPS provider (IBMJCEFIPS) for multi-platforms is a scalable, multipurpose cryptographic module that supports many FIPS approved cryptographic operations. This gives Java applications access to the FIPS algorithms via the standard JCE framework."

762
Section 4.2,
TLS
SP800-135
IBM Corporation
11400 Burnet Road
Austin, TX 78758
USA

-Tom Benjamin
TEL: 512-286-5319
FAX: 512-973-4763

-Karthik Ramamoorthy
TEL: 512-286-8135
FAX: 512-973-4763

IBM JCE FIPS Module on Windows 7

Version 1.8
Intel Core i7 vPro 4770 w/ Windows 7 64-bit 3/18/2016 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#3218 HMAC Val#2535

"The IBM Java JCE (Java Cryptographic Extension) FIPS provider (IBMJCEFIPS) for multi-platforms is a scalable, multipurpose cryptographic module that supports many FIPS approved cryptographic operations. This gives Java applications access to the FIPS algorithms via the standard JCE framework."

761
Section 5.7.1.2: ECC CDH Primitive

All of SP800-56A EXCEPT KDF
SP800-56A

SP800-56A
IBM Corporation
11400 Burnet Road
Austin, TX 78758
USA

-Tom Benjamin
TEL: 512-286-5319
FAX: 512-973-4763

-Karthik Ramamoorthy
TEL: 512-286-8135
FAX: 512-973-4763

IBM JCE FIPS Module on Linux PowerPC with vcipher and vshasigma

Version 1.8
POWER 8 w/ Red Hat Enterprise Linux Server release 7.1 3/18/2016 Curves tested: P-224   P-256   P-384   P-521
FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   KPG )
SCHEMES: Hybrid1: (KARole: Initiator / Responder ) FB FC Ephem: (KARole: Initiator / Responder ) FB FC Static: (KARole: Initiator / Responder ) FB FC DSA Val#1063 SHS Val#3217 DRBG Val#1120
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG Partial Validation )
SCHEMES: FullUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 StaticUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 ECDSA Val#848 SHS Val#3217 DRBG Val#1120

"The IBM Java JCE (Java Cryptographic Extension) FIPS provider (IBMJCEFIPS) for multi-platforms is a scalable, multipurpose cryptographic module that supports many FIPS approved cryptographic operations. This gives Java applications access to the FIPS algorithms via the standard JCE framework."

760
Section 4.2,
TLS
SP800-135
IBM Corporation
11400 Burnet Road
Austin, TX 78758
USA

-Tom Benjamin
TEL: 512-286-5319
FAX: 512-973-4763

-Karthik Ramamoorthy
TEL: 512-286-8135
FAX: 512-973-4763

IBM JCE FIPS Module on Linux PowerPC with vcipher and vshasigma

Version 1.8
POWER 8 w/ Red Hat Enterprise Linux Server release 7.1 3/18/2016 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#3217 HMAC Val#2534

"The IBM Java JCE (Java Cryptographic Extension) FIPS provider (IBMJCEFIPS) for multi-platforms is a scalable, multipurpose cryptographic module that supports many FIPS approved cryptographic operations. This gives Java applications access to the FIPS algorithms via the standard JCE framework."

759
Section 5.7.1.2: ECC CDH Primitive

All of SP800-56A EXCEPT KDF
SP800-56A

SP800-56A
IBM Corporation
11400 Burnet Road
Austin, TX 78758
USA

-Tom Benjamin
TEL: 512-286-5319
FAX: 512-973-4763

-Karthik Ramamoorthy
TEL: 512-286-8135
FAX: 512-973-4763

IBM JCE FIPS Module on AIX PowerPC with vcipher and vshasigma

Version 1.8
POWER 8 w/ AIX 7 3/18/2016 Curves tested: P-224   P-256   P-384   P-521
FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   KPG )
SCHEMES: Hybrid1: (KARole: Initiator / Responder ) FB FC Ephem: (KARole: Initiator / Responder ) FB FC Static: (KARole: Initiator / Responder ) FB FC DSA Val#1062 SHS Val#3216 DRBG Val#1119
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG Partial Validation )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 StaticUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 ECDSA Val#847 SHS Val#3216 DRBG Val#1119

"The IBM Java JCE (Java Cryptographic Extension) FIPS provider (IBMJCEFIPS) for multi-platforms is a scalable, multipurpose cryptographic module that supports many FIPS approved cryptographic operations. This gives Java applications access to the FIPS algorithms via the standard JCE framework."

758
Section 4.2,
TLS
SP800-135
IBM Corporation
11400 Burnet Road
Austin, TX 78758
USA

-Tom Benjamin
TEL: 512-286-5319
FAX: 512-973-4763

-Karthik Ramamoorthy
TEL: 512-286-8135
FAX: 512-973-4763

IBM JCE FIPS Module on AIX PowerPC with vcipher and vshasigma

Version 1.8
POWER 8 w/ AIX 7 3/18/2016 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#3216 HMAC Val#2533

"The IBM Java JCE (Java Cryptographic Extension) FIPS provider (IBMJCEFIPS) for multi-platforms is a scalable, multipurpose cryptographic module that supports many FIPS approved cryptographic operations. This gives Java applications access to the FIPS algorithms via the standard JCE framework."

757
Section 4.2,
TLS
SP800-135
iboss Cybersecurity
4110 Campus Point Court
San Diego, CA 92121
USA

-Peter Martini
TEL: 858-568-7051
FAX: 858-225-6158

-Christopher Park
TEL: 858-568-7051
FAX: 858-225-6158

Firesphere OpenSSL

Version 8.2.0.0 (Firmware)
Intel Xeon E5-1650v2 with AES-NI; Intel Xeon 2x E5-2650 with AES-NI; 3/18/2016 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#3215 HMAC Val#2532

"FireSphere OpenSSL is a suite of FIPS approved algorithms. The following algorithms are supported: AES 128 and 256, SP800-90A CTR DRBG 128 and 256, RSA SIGVer 1024, 2048, and 3072, RSA SigGen 2048 and 3072, RSA KeyGen 2048 and 3072, SHA and HMAC-SHA 1, 224, 256, 384, and 512, and RSA key wrapping."

756
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
Section 4.2,
TLS
Section 5.4, SNMP
SP800-135
Dell Software, Inc.
5455 Great America Parkway
Santa Clara, CA 95054
USA

-Usha Sanagala
TEL: 408-962-6248
FAX: 408-745-9300

SonicOS 6.2.5 for TZ, SM and NSA

Version 6.2.5 (Firmware)
Cavium CN7020; Cavium CN7130; Cavium Octeon Plus CN66XX Family; Cavium Octeon Plus CN68XX Family 3/18/2016 IKEv1( AUTH( DSA , PSK ) ) ( 2048 (SHA 256 , 384 , 512 ) ) ( 2048 (SHA 256 , 384 , 512 ) ) SHA Val#3214 HMAC Val#2531
IKEv2( ( 2048 (SHA 256 , 384 , 512 ) ) ( 2048 (SHA 256 , 384 , 512 ) ) SHA Val#3214 HMAC Val#2531
TLS( TLS1.0/1.1 ) SHA Val#3214 HMAC Val#2531
SNMP SHA1 Val#3214

"The Dell SonicWALL family of firewalls tightly integrates intrusion prevention, malware protection, Application Intelligence and Control with real-time Visualization. Dell SonicWALL Reassembly-Free Deep Packet Inspection engine scans 100% of traffic and massively scales to meet needs of the most high-performance networks."

04/22/16: Added new tested information;
06/14/16: Updated implementation information;

755
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
HPE Data Security
20400 Stevens Creek Blv
Suite 500
Cupertino, CA 95014
USA

-Luther Martin
TEL: (408)886-3200
FAX: (408)886-3201

Voltage Cryptographic Module v.5.0

Version 5.0
CPUCPU Intel Xeon E5-2600 v2 w/o AES-NI, model NS7 X1 w/ HP NonStop TNS/X L15.08.00 - OSS 3/11/2016 Curves tested: P-224   P-256   P-384   P-521

"The Voltage Cryptographic Module provides the Validated algorithms used by the HP SecureMail, HP SecureFile and HP SecureData families of products."

04/12/16: Updated implementation information;

754
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
HPE Data Security
20400 Stevens Creek Blv
Suite 500
Cupertino, CA 95014
USA

-Luther Martin
TEL: (408)886-3200
FAX: (408)886-3201

Voltage Cryptographic Module v.5.0

Version 5.0
CPU Intel Xeon E5-2600 v2 w/o AES-NI, model NS7 X1 w/ HP NonStop TNS/X L15.08.00 - Guardian 3/11/2016 Curves tested: P-224   P-256   P-384   P-521

"The Voltage Cryptographic Module provides the Validated algorithms used by the HP SecureMail, HP SecureFile and HP SecureData families of products."

04/12/16: Updated implementation information;

753
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Samsung Electronics Co., Ltd.
416, Maetan 3-Dong Youngton Gu
Suwon, Gyeonggi 152-848
South Korea

-Abraham Joseph Kang
TEL: +1-408-324-3678
FAX: +1-408-324-3640

-Bumhan Kim
TEL: +82-10-4800-6711

Samsung SCrypto

Version 1.0
Qualcomm MSM8996 w/ QSEE 4.0 3/4/2016 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"Provide general purpose cryptographic services to TrustZone applications on the mobile platform for the protection of data in transit."

752
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Samsung Electronics Co., Ltd.
416, Maetan 3-Dong Youngton Gu
Suwon, Gyeonggi 152-848
South Korea

-Abraham Joseph Kang
TEL: +1-408-324-3678
FAX: +1-408-324-3640

-Bumhan Kim
TEL: +82-10-4800-6711

Samsung SCrypto

Version 1.0
Samsung Electronics Exynos 8890 w/ MOBICORE Tbase 310B 3/4/2016 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"Provide general purpose cryptographic services to TrustZone applications on the mobile platform for the protection of data in transit."

751
Section 4.2,
TLS
SP800-135
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134
USA

-Global Certification Team

ONS Encryption Card Firmware Algorithms

Version 10 (Firmware)
Freescale PowerPC e500 Core 3/4/2016 TLS( TLS1.0/1.1 ) SHA Val#3140 HMAC Val#2470

"Firmware algorithm implementation used within the Cisco Optical Networking Solution (ONS) and Network Convergence System (NCS) 2000 Series products."

750
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134
USA

-Global Certification Team

ONS Controller Card Firmware Algorithms

Version 10 (Firmware)
Freescale MPC8548E 3/4/2016 TLS( TLS1.0/1.1 ) SHA Val#3141 HMAC Val#2471
SSH (SHA 1 , 256 ) SHA Val#3141

"Firmware algorithm implementation used within the Cisco Optical Networking Solution (ONS) and Network Convergence System (NCS) 2000 Series products."

749
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Utimaco IS GmbH
Germanusstraße 4
Aachen, n/a 52080
Germany

-Dr. Gesa Ott
TEL: ++49 241-1696-200
FAX: ++49 241-1696-199

-Dieter Bong
TEL: ++49 241-1696-200
FAX: ++49 241-1696-199

CryptoServer Se ECDSA

Version ecdsa1.1.2.0_eca1.1.3.2 (Firmware)
Texas Instruments TMS320C6416T 3/4/2016 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"ECDSA Component implements all ECDSA key sizes and curves to allow flexibility and efficiency."

748
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
IBM Internet Security Systems
6303 Barfield Road
Atlanta, GA 30328
USA

-Ferrell Moultrie
TEL: 678-234-4069

-Sheena Leake
TEL: 404-238-5565

IBM MESA / Modular Extensible Security Architecture GSKit

Version 5.3.1
Intel Xeon E5530 (2x) w/ RHEL 6.3 Linux on VMware ESXi 5.5 2/26/2016 Curves tested: P-224   P-256   P-384   P-521

"IBM MESA (Modular Extensible Security Architecture) is an appliance framework hosting applications in a secure environment and providing all cryptographic or other security-relevant functions to the application. For example: IBM XGS-virtual is a specific application instance hosted in this fashion."

747
Section 5.4, SNMP
SP800-135
ViaSat, Inc.
6155 El Camino Real
Carlsbad, CA 92009
USA

-David Suksumrit
TEL: 760-476-2306
FAX: 760-929-3941

-Savitha Naik
TEL: 760-476-7416
FAX: 760-929-3941

NetSNMP KDF

Version 5.7.1 EBEM Patch 1 (Firmware)
IBM PowerPC 2/26/2016 SNMP SHA1 Val#3202

"SHA-1 based KDF used by NetSNMP"

746
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Acronis International GmbH
Rheinweg 9
8200 Schaffhausen, n/a n/a
Switzerland

-Oleg Mikhalsky
TEL: +7 (495) 648-14-27
FAX: +7 (495) 708-44-89

-Anton Enakiev
TEL: +7 (495) 648-14-27
FAX: +7 (495) 708-44-89

Acronis AnyData Cryptographic Library

Version 1.0
Intel Core i3-3217U without AES-NI w/ Windows 2008 R2 64bit; Intel Core i3-3217U without AES-NI w/ Windows 7 Ultimate 32bit; Intel Core i5-5300U with AES-NI w/ Windows 7 Ultimate 64bit; Intel Core i3-3217U without AES-NI w/ Red Hat Enterprise Linux 6.6; Intel Core i3-3217U without AES-NI w/ Red Hat Enterprise Linux 7.1; Intel Core i5-5300U with AES-NI w/ Acronis Virtual Appliance Linux 11.5 on vSphere 5.5; Intel Core i5-5300U with AES-NI w/ Windows 8.1 Pro 64bit; Intel Core i3-3217U without AES-NI w/ Windows 2012 R2 64bit 2/26/2016 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"Acronis AnyData Cryptographic Library (AACL) is a cryptographic software module used in various products Acronis."

745
Section 4.2,
TLS
SP800-135
Tanium, Inc.
2200 Powell St. 6th Floor
Emeryville, CA 94608
USA

-Jason Mealins
TEL: 4156448134
FAX: 5107040101

TaniumCryptoLibrary Module

Version 1.0.0.1
Intel Xeon w/ Microsoft Windows Server 2008 R2 (64 bit); Intel Xeon w/ Microsoft Windows Server 2012 (64-bit); Intel Xeon w/ Microsoft Windows 7 (32-bit); Intel Xeon w/ Microsoft Windows 7 (64 bit) 2/19/2016 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#3197 HMAC Val#2519

"The TaniumCryptoLibrary Module is an OpenSSL-based cryptographic module that provides cryptographic services to Tanium Inc. products."

02/26/16: Updated implementation information;

744
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Tanium, Inc.
2200 Powell St. 6th Floor
Emeryville, CA 94608
USA

-Jason Mealins
TEL: 4156448134
FAX: 5107040101

TaniumCryptoLibrary Module

Version 1.0.0.1
Intel Xeon w/ Microsoft Windows Server 2008 R2 (64 bit); Intel Xeon w/ Microsoft Windows Server 2012 (64-bit); Intel Xeon w/ Microsoft Windows 7 (32-bit); Intel Xeon w/ Microsoft Windows 7 (64 bit) 2/19/2016 Curves tested: P-521

"The TaniumCryptoLibrary Module is an OpenSSL-based cryptographic module that provides cryptographic services to Tanium Inc. products."

02/26/16: Updated implementation information;

743
Section 4.2,
TLS
SP800-135
APCON, Inc.
9255 SW Pioneer Ct.
Wilsonville, OR 97070
USA

-Tery Hodges
TEL: 971-224-2789
FAX: 503-682-4059

-Gerry Murphy
TEL: 503-682-4050
FAX: 503-682-4059

OpenSSL 1.02d - FIPS

Version Std. Library FIPS Module 2.0.9 (Firmware)
Freescale PowerQUICC® II Pro MPC8349 2/12/2016 TLS( TLS1.2 (SHA 256 , 384 ) ) SHA Val#3186 HMAC Val#2510

"OpenSSL is used to manage SSL certs. RSA firmware signing verification. Used to originate and terminate SSL tunnels."

742
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Ceragon Networks Ltd.
24 Raoul Wallenberg Street
Tel Aviv, 69719
Israel

-Stanislav Elenkrich
TEL: +972-3-5431-430

Management Security Algorithms

Version 1.0 (Firmware)
EZChip MIPS34Kc; Freescale P1012 2/12/2016 TLS( TLS1.2 (SHA 256 ) ) SHA Val#3185 HMAC Val#2509
SSH (SHA 1 , 256 ) SHA Val#3185
SNMP SHA1 Val#3185

"Algorithms for managing Ceragon IP-20 platforms"

741
Section 4.1.2,
IKEv2
SP800-135
Aruba, a Hewlett Packard Enterprise company
1344 Crossman Ave
Sunnyvale, CA 94089
USA

-Steve Weingart
TEL: 830-580-1544

Aruba Instant VPN module

Version Aruba Instant 4.2.2 (Firmware)
Freescale QorIQ P1020 800MHz; 88F6560 500MHz; Freescale QorIQ P1010 800MHz; Qualcomm QCA9344 500MHz 2/5/2016 IKEv2( ( 2048 (SHA 1 , 256 , 384 , 512 ) ) ( 3072 (SHA 1 , 256 , 384 , 512 ) ) ( 4096 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#3182 HMAC Val#2507

"Aruba Instant VPN module for Aruba AP-224/225 hardware."

05/17/16: Added new tested information;

740
Signature Generation of hash sized messages
FIPS186-4 ECDSA
RSA, The Security Division of EMC
174 Middlesex Turnpike
Bedford, MA 01730
USA

-Rohit Mathur
TEL: +61730325220

RSA BSAFE Crypto-C Micro Edition

Version 4.1.0.1
ARMv7 (32-bit) w/ Linaro Linux 3.10.68 2/5/2016 ECDSA SigGen Component: CURVES( P-224 P-256 P-384 P-521 K-233 K-283 K-409 K-571 B-233 B-283 B-409 B-571 )

"RSA BSAFE® Crypto-C ME software is designed to help protect sensitive data as it is stored using strong encryption techniques to provide a persistent level of protection. The software supports a wide range of industry standard encryption algorithms offering developers the flexibility to choose the appropriate option to meet their requirements."

739
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Hewlett Packard Enterprise
153 Taylor Street
Littleton, MA 01460
USA

-Bob Pittman
TEL: 1-978-264-5211
FAX: 1-978-264-5522

HPE Comware

Version Comware Crypto 7.1.1.1.1.42 (Firmware)
ARM Cortex-A9 1GHz; ARM Cortex-A9 1GHz * 2; Broadcom XLP108AQ, 1.0Ghz, MIPS; Broadcom XLS408, 1.2Ghz, MIPS; Broadcom XLP108, 1.0GHz, MIPS; Broadcom XLP208, 1GHz, MIPS; Broadcom XLP316, 1.2GHz, MIPS; Freescale MPC P5040, 1.8 GHz, PowerPC; Freescale MPC8548, 1.5 GHz, PowerPC; Freescale P2020, 1.0GHz, PowerPC; Cavium CN6130, 1Ghz,MIPS; Cavium CN6218, 1Ghz,MIPS; Cavium CN6635, 1.3Ghz,MIPS; Freescale P1016, 667Mhz,PowerPC; Freescale P1021, 800Mhz,PowerPC 2/5/2016 IKEv1( AUTH( DSA , PSK ) ) ( 256 (SHA 1 , 224 , 256 , 384 , 512 ) ) ( 2048 (SHA 1 , 224 , 256 , 384 , 512 ) ) ( 384 (SHA 1 , 224 , 256 , 384 , 512 ) ) SHA Val#3177 HMAC Val#2503
IKEv2( ( 256 (SHA 1 , 224 , 256 , 384 , 512 ) ) ( 2048 (SHA 1 , 224 , 256 , 384 , 512 ) ) ( 384 (SHA 1 , 224 , 256 , 384 , 512 ) ) SHA Val#3177 HMAC Val#2503
TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#3177 HMAC Val#2503
SSH (SHA 1 , 224 , 256 , 384 , 512 ) SHA Val#3177
SNMP SHA1 Val#3177

"Comware cryptographic library is a software library that provides cryptographic functions within HP devices."

738
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Hewlett Packard Enterprise
153 Taylor Street
Littleton, MA 01460
USA

-Bob Pittman
TEL: 1-978-264-5211
FAX: 1-978-264-5522

HPE Comware

Version Comware Crypto 7.1.1.1.1.42 (Firmware)
ARM Cortex-A9 1GHz; ARM Cortex-A9 1GHz * 2; Broadcom XLP108AQ, 1.0Ghz, MIPS; Broadcom XLS408, 1.2Ghz, MIPS; Broadcom XLP108, 1.0GHz, MIPS; Broadcom XLP208, 1GHz, MIPS; Broadcom XLP316, 1.2GHz, MIPS; Freescale MPC P5040, 1.8 GHz, PowerPC; Freescale MPC8548, 1.5 GHz, PowerPC; Freescale P2020, 1.0GHz, PowerPC; Cavium CN6130, 1Ghz,MIPS; Cavium CN6218, 1Ghz,MIPS; Cavium CN6635, 1.3Ghz,MIPS; Freescale P1016, 667Mhz,PowerPC; Freescale P1021, 800Mhz,PowerPC 2/5/2016 Curves tested: P-224   P-256   P-384   P-521

"Comware cryptographic library is a software library that provides cryptographic functions within HP devices."

737
Section 4.1.1,
IKEv1
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Hewlett Packard Enterprise
153 Taylor Street
Littleton, MA 01460
USA

-Bob Pittman
TEL: 1-978-264-5211
FAX: 1-978-264-5522

HPE Comware

Version ComwareV7.1-R7103 (Firmware)
Freescale P2020,1.0GHz,PowerPC; Freescale P4080, 1.5GHz, PowerPC 2/5/2016 IKEv1( AUTH( DSA , PSK ) ) ( 2048 (SHA 1 ) ) SHA Val#3175
TLS( TLS1.0/1.1 ) SHA Val#3175
SSH (SHA 1 ) SHA Val#3175
SNMP SHA1 Val#3175

"Comware cryptographic library is a software library that provides cryptographic functions within HP devices."

736
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Intel Corporation
2200 Mission College Blvd.
Santa Clara, CA 95054-1549
USA

-James Reardon
TEL: (408) 765-8080

Intel OpenSSL FIPS Object Module

Version 2.0.5
Intel x86_64 w/ Linux 3.10; Intel x86_64 w/ Linux 3.10 on VMware ESXi 6.00 1/29/2016 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"1SUB version of OpenSSL FIPS Object Module."

735
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Intel Corporation
2200 Mission College Blvd.
Santa Clara, CA 95054-1549
USA

-James Reardon
TEL: (408) 765-8080

Intel OpenSSL FIPS Object Module

Version 2.0.8
Intel x86_64 w/ Linux 3.10; Intel x86_64 w/ Linux 3.10 on VMware ESXi 6.00; 1/29/2016 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"1SUB version of OpenSSL FIPS Object Module"

734
Section 4.1.2,
IKEv2
Section 4.2,
TLS
SP800-135
Aruba Networks, Inc.
1344 Crossman Ave
Sunnyvale, CA 94089
USA

-Steve Weingart
TEL: 830-580-1544

ArubaOS Common Cryptographic Module

Version AOS_VMC_6.4.2.0-1.0-FIPS (Firmware)
Intel x86, i7 1/22/2016 IKEv2( ( 2048 (SHA 256 , 384 ) ) ( 256 (SHA 256 , 384 ) ) ( 384 (SHA 256 , 384 ) ) SHA Val#3167 HMAC Val#2949
TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#3167 HMAC Val#2949

"Linux on Intel"

733
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
NetApp, Inc.
495 East Java Drive
Fourth Floor
Sunnyvale, CA 94089
USA

-Ajay Singh
TEL: 408-822-6000
FAX: 408-822-4501

Decru SW SHA1 Engine

Version 1.1 (Firmware)
Atmel "Secure uController" AT90SC144144C-AL 1/22/2016 RSASP1: (Mod2048: PKCS1.5 )

"Decru's Storage Encryption Processor (SEP) is the primary cryptographic and key management engine for the Decru LKM (Lifetime Key Management) appliance."

02/05/16: Updated vendor information;

732
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
HPE Data Security
20400 Stevens Creek Blv
Suite 500
Cupertino, CA 95014
USA

-Luther Martin
TEL: (408)886-3200
FAX: (408)886-3201

Voltage Cryptographic Module v.5.0

Version 5.0
CPU Intel Itanium 9300, model NB54000c w/ HP NonStop TNS/E J06.19.00 - Guardian; CPU Intel Xeon E5-2600 v2 with AES-NI, model NS7 X1 w/ HP NonStop TNS/X L15.08.00 – Guardian 1/22/2016 Curves tested: P-224   P-256   P-384   P-521

"The Voltage Cryptographic Module provides the Validated algorithms used by the HP SecureMail, HP SecureFile and HP SecureData families of products."

03/07/16: Updated implementation and vendor information;
04/12/16: Updated implmentation information;

731
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Certicom Corp.
4701 Tahoe Blvd, Building A
5th Floor
Mississauga, Ontario L4W 0B5
Canada

-Certicom Support
TEL: 1-905-507-4220
FAX: 1-905-507-4230

-Certicom Sales
TEL: 1-905-507-4220
FAX: 1-905-507-4230

Security Builder® FIPS Core

Version 6.0.3
Intel Core i7-3615QM w/ Mac OSX Yosemite 10.10.4 1/22/2016 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571

"Security Builder® FIPS Core provides application developers with cryptographics tools to easily integrate encryption, digital signatures and other security mechanisms into C-based apps for FIPS 140-2 and Suite B security. It can also be used with Certicom''s PKI, IPSec and SSL modules"

730
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Hewlett Packard Enterprise
153 Taylor Street
Littleton, MA 01460
USA

-Bob Pittman
TEL: 508.467.0284

Aruba 5400r switch

Version KB_15_18_0008 (Firmware)
P2020 1/22/2016 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 512 ) ) SHA Val#3162 HMAC Val#2489
SSH (SHA 1 ) SHA Val#3162

"Aruba 5400r switch"

729
All of SP800-56A EXCEPT KDF
SP800-56A
Apple Inc.
1 Infinite Loop
Cupertino, CA 95014
USA

-Shawn Geddis
TEL: (669)227-3579
FAX: (866)315-1954

Apple OSX CoreCrypto Module (Generic, Xeon 32bit)

Version 6.0
Intel Xeon w/ OSX 10.11 1/22/2016 ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: OnePassDH: (KARole: Initiator / Responder ) EC: P-256 ECDSA Val#827 SHS Val#3159 DRBG Val#1066 HMAC Val#2486

"Cryptographic library offering various cryptographic mechanisms to Apple frameworks. The testing applies to user space and generic, non-optimized software compiled for 32bit word size."

728
All of SP800-56A EXCEPT KDF
SP800-56A
Apple Inc.
1 Infinite Loop
Cupertino, CA 95014
USA

-Shawn Geddis
TEL: (669)227-3579
FAX: (866)315-1954

Apple OSX CoreCrypto Module (Generic, Xeon)

Version 6.0
Intel Xeon w/ OSX 10.11 1/22/2016 ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: OnePassDH: (KARole: Initiator / Responder ) EC: P-256 ECDSA Val#826 SHS Val#3158 DRBG Val#1065 HMAC Val#2485

"Cryptographic library offering various cryptographic mechanisms to Apple frameworks. The testing applies to user space and generic, non-optimized software."

727
All of SP800-56A EXCEPT KDF
SP800-56A
Apple Inc.
1 Infinite Loop
Cupertino, CA 95014
USA

-Shawn Geddis
TEL: (669)227-3579
FAX: (866)315-1954

Apple OSX CoreCrypto Module (Generic, i7 32bit)

Version 6.0
Intel i7 w/ OSX 10.11 1/22/2016 ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: OnePassDH: (KARole: Initiator / Responder ) EC: P-256 ECDSA Val#825 SHS Val#3157 DRBG Val#1064 HMAC Val#2484

"Cryptographic library offering various cryptographic mechanisms to Apple frameworks. The testing applies to user space and generic, non-optimized software compiled for 32bit word size."

726
All of SP800-56A EXCEPT KDF
SP800-56A
Apple Inc.
1 Infinite Loop
Cupertino, CA 95014
USA

-Shawn Geddis
TEL: (669)227-3579
FAX: (866)315-1954

Apple OSX CoreCrypto Module (Generic, i7)

Version 6.0
Intel i7 w/ OSX 10.11 1/22/2016 ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: OnePassDH: (KARole: Initiator / Responder ) EC: P-256 ECDSA Val#824 SHS Val#3156 DRBG Val#1063 HMAC Val#2483

"Cryptographic library offering various cryptographic mechanisms to Apple frameworks. The testing applies to user space and generic, non-optimized software."

725
All of SP800-56A EXCEPT KDF
SP800-56A
Apple Inc.
1 Infinite Loop
Cupertino, CA 95014
USA

-Shawn Geddis
TEL: (669)227-3579
FAX: (866)315-1954

Apple OSX CoreCrypto Module (Generic, i5 32bit)

Version 6.0
Intel i5 w/ OSX 10.11 1/22/2016 ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: OnePassDH: (KARole: Initiator / Responder ) EC: P-256 ECDSA Val#823 SHS Val#3155 DRBG Val#1062 HMAC Val#2482

"Cryptographic library offering various cryptographic mechanisms to Apple frameworks. The testing applies to user space and generic, non-optimized software compiled for 32bit word size."

724
All of SP800-56A EXCEPT KDF
SP800-56A
Apple Inc.
1 Infinite Loop
Cupertino, CA 95014
USA

-Shawn Geddis
TEL: (669)227-3579
FAX: (866)315-1954

Apple OSX CoreCrypto Module (Generic, Core M 32bit)

Version 6.0
Core M w/ OSX 10.11 1/22/2016 ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: OnePassDH: (KARole: Initiator / Responder ) EC: P-256 ECDSA Val#822 SHS Val#3154 DRBG Val#1061 HMAC Val#2481

"Cryptographic library offering various cryptographic mechanisms to Apple frameworks. The testing applies to user space and generic, non-optimized software compiled for 32bit word size."

723
All of SP800-56A EXCEPT KDF
SP800-56A
Apple Inc.
1 Infinite Loop
Cupertino, CA 95014
USA

-Shawn Geddis
TEL: (669)227-3579
FAX: (866)315-1954

Apple OSX CoreCrypto Module (Generic, i5)

Version 6.0
Intel i5 w/ OSX 10.11 1/22/2016 ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: OnePassDH: (KARole: Initiator / Responder ) EC: P-256 ECDSA Val#821 SHS Val#3153 DRBG Val#1060 HMAC Val#2480

"Cryptographic library offering various cryptographic mechanisms to Apple frameworks. The testing applies to user space and generic, non-optimized software."

722
All of SP800-56A EXCEPT KDF
SP800-56A
Apple Inc.
1 Infinite Loop
Cupertino, CA 95014
USA

-Shawn Geddis
TEL: (669)227-3579
FAX: (866)315-1954

Apple OSX CoreCrypto Module (Generic, Core M)

Version 6.0
Core M w/ OSX 10.11 1/22/2016 ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: OnePassDH: (KARole: Initiator / Responder ) EC: P-256 ECDSA Val#820 SHS Val#3152 DRBG Val#1059 HMAC Val#2479

"Cryptographic library offering various cryptographic mechanisms to Apple frameworks. The testing applies to user space and generic, non-optimized software."

721
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Athena SCS / NXP
16615 Lark Ave.
Suite 202
Los Gatos, CA 95032
USA

-Dr. Ron Burnett
TEL: +44 131 603 6320
FAX: +44 131 777 8150

Athena OS755 KAS Component For P60 (OS755_ePassport_P60D144)

Version 001 (Firmware)
Part # P60D144
NXP P60 1/22/2016 Curves tested: P-224   P-256   P-384   P-521

"SP 800-56A"

720
Signature Generation of hash sized messages
FIPS186-4 ECDSA
Green Hills Software
7585 Irvine Center Dr.
Suite 250
Irvine, CA 92618
USA

-David Sequino
TEL: 206-310-6795
FAX: 978-383-0560

-Douglas Kovach
TEL: 727-781-4909
FAX: 727-781-2915

INTEGRITY Security Services High Assurance Embedded Cryptographic Toolkit - ECDSA

Version 3.0
ARM Cortex-M4 (ST-Micro STM32F4xxx) w/ FreeRTOS 1/15/2016 ECDSA SigGen Component: CURVES( P-256 P-384 P-521 )

"ISS ECT is a standards-based cryptographic toolkit providing a flexible framework to integrate encryption, digital signatures and other security mechanisms into a wide range of applications. It is designed to support multiple cryptographic providers with a single common API, easily targeted to a variety of Operating Systems."

719
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Gemalto
Avenue du Jujubier
Z.I Athelia IV
La Ciotat, 13705
France

-Florence DEFRANCE
TEL: +33 442366734
FAX: +33 442365792

-Arnaud LOTIGIER
TEL: +33 442366074
FAX: +33 442365545

IFX SLE78 Gemalto cryptographic library for IDCore 30 rev B

Version 1.2 (Firmware)
Part # IFX SLE78CFX3009P
Infineon SLE78 chip family 1/15/2016 Curves tested: P-224   P-256   P-384   P-521

"IDCore 30 rev B is a highly secured smartcard platform compliant with Javacard 2.2.2, Global Platform 2.1.1 & 2.2 Amendment D standards, designed to operate with Infineon SLE78 chip family. The library implements TDEA, AES, AES-CMAC, SHA1-224-256-384-512, RSA, RSA CRT, ECDSA, ECC CDH, SP800-108 KDF and SP800-90A DRBG."

718
Section 4.1.1,
IKEv1
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Aruba Networks, Inc.
1344 Crossman Ave
Sunnyvale, CA 94089
USA

-Steve Weingart
TEL: 512-319-2480

ArubaOS OpenSSL Module

Version AOS_VMC_6.4.2.0-1.0-FIPS (Firmware)
Intel x86, i7 1/15/2016 IKEv1( AUTH( DSA , PSK ) ) ( 2048 (SHA 1 , 256 , 384 ) ) SHA Val#3145 HMAC Val#2474
TLS( TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#3145 HMAC Val#2474
SSH (SHA 1 ) SHA Val#3145
SNMP SHA1 Val#3145

"Linux on Intel"

02/05/16: Updated vendor information;

717
RSADP Primitive
FIPS186-4 RSA; RSADP
RSA, The Security Division of EMC
174 Middlesex Turnpike
Bedford, MA 01730
USA

-Rohit Mathur
TEL: +61730325220

RSA BSAFE Crypto-C Micro Edition

Version 4.1.0.1
ARMv7 (32-bit) w/ Linaro Linux 3.10.68 1/15/2016 RSADP: (Mod2048)

"RSA BSAFE® Crypto-C ME software is designed to help protect sensitive data as it is stored using strong encryption techniques to provide a persistent level of protection. The software supports a wide range of industry standard encryption algorithms offering developers the flexibility to choose the appropriate option to meet their requirements."

716
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
RSA, The Security Division of EMC
174 Middlesex Turnpike
Bedford, MA 01730
USA

-Rohit Mathur
TEL: +61730325220

RSA BSAFE Crypto-C Micro Edition

Version 4.1.0.1
ARMv7 (32-bit) w/ Linaro Linux 3.10.68 1/15/2016 RSASP1: (Mod2048: PKCS1.5 )

"RSA BSAFE® Crypto-C ME software is designed to help protect sensitive data as it is stored using strong encryption techniques to provide a persistent level of protection. The software supports a wide range of industry standard encryption algorithms offering developers the flexibility to choose the appropriate option to meet their requirements."

715
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
RSA, The Security Division of EMC
174 Middlesex Turnpike
Bedford, MA 01730
USA

-Rohit Mathur
TEL: +61730325220

RSA BSAFE Crypto-C Micro Edition

Version 4.1.0.1
ARMv7 (32-bit) w/ Linaro Linux 3.10.68 1/15/2016 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"RSA BSAFE® Crypto-C ME software is designed to help protect sensitive data as it is stored using strong encryption techniques to provide a persistent level of protection. The software supports a wide range of industry standard encryption algorithms offering developers the flexibility to choose the appropriate option to meet their requirements."

714
Section 4.2,
TLS
Section 5.1,
ANS X9.63-2001
SP800-135
RSA, The Security Division of EMC
174 Middlesex Turnpike
Bedford, MA 01730
USA

-Rohit Mathur
TEL: +61730325220

RSA BSAFE Crypto-C Micro Edition

Version 4.1.0.1
ARMv7 (32-bit) w/ Linaro Linux 3.10.68 1/15/2016 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#3137 HMAC Val#2467
ANSX963_2001 (SHS 224 , 256 , 384 , 512 ) SHA Val#3137

"RSA BSAFE® Crypto-C ME software is designed to help protect sensitive data as it is stored using strong encryption techniques to provide a persistent level of protection. The software supports a wide range of industry standard encryption algorithms offering developers the flexibility to choose the appropriate option to meet their requirements."

713
All of SP800-56A EXCEPT KDF
SP800-56A
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

Brocade Cryptographic Library used in the interface module

Version BRCD-LP-CRYPTO-VER-1.0a (Firmware)
Freescale 1/15/2016 ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 ECDSA Val#809 SHS Val#934 DRBG Val#684

"Brocade cryptographic library used in the IPSec module implements crypto operations in hardware and in software. The Brocade MLXe series provides industry leading wire-speed port capacity without compromising the performance of advanced capabilities such as IPSec, IKEv2, IPv6, MPLS, and MPLS Virtual Private Networks (VPNs)."

712
All of SP800-56A EXCEPT KDF
SP800-56A
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408330480

Brocade Cryptographic Library used in the interface module

Version BRCD-LP-CRYPTO-VER-1.0a (Firmware)
Freescale 1/15/2016 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: Full Validation )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FC SHS Val#934 DRBG Val#684

"Brocade cryptographic library used in the IPSec module implements crypto operations in hardware and in software. The Brocade MLXe series provides industry leading wire-speed port capacity without compromising the performance of advanced capabilities such as IPSec, IKEv2, IPv6, MPLS, and MPLS Virtual Private Networks (VPNs)."

711
Section 4.2,
TLS
SP800-135
ARX (Algorithmic Research)
10 Nevatim St
Petah-Tikva, Israel 49561
Israel

-Ezer Farhi
TEL: 972-3-9279529

CoSign REST-WS

Version 7.7 (Firmware)
Intel® Pentium Dual-Core 1/15/2016 TLS( TLS1.0/1.1 ) SHA Val#3136 HMAC Val#2466

"CoSign is a digital signature appliance that is connected to the organizational network and manages all signature keys and certificates of organization''''s end-users. End-users will connect securely to CoSign from their PC for the purpose of signing documents and data."

710
Section 5.2, SSH
SP800-135
AirTight® Networks
339 N. Bernardo Avenue
Suite 200
Mountain View, CA 94043
USA

-Hemant Chaskar
TEL: (650) 961-1111
FAX: (650) 961-1169

AirTight Sensor Cryptographic Engine

Version 7.2.FIPS.04 (Firmware)
Qualcomm AR9558 12/28/2015 SSH (SHA 1 ) SHA Val#3135

"Implementation performs wireless intrusion detection and prevention. It monitors radio channels to ensure conformance of wireless activity to security policy. It mitigates various types of wireless security violations such as rogue wireless networks, unauthorized wireless connections, network mis-configurations and DoS attacks."

709
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
HPE Data Security
20400 Stevens Creek Blv
Suite 500
Cupertino, CA 95014
USA

-Luther Martin
TEL: (408)886-3200
FAX: (408)886-3201

Voltage Cryptographic Module v.5.0

Version 5.0
CPU Intel Itanium 9300, model NB54000c w/ HP NonStop TNS/E J06.19.00 - OSS; CPU Intel Xeon E5-2600 v2 with AES-NI, model NS7 X1 w/ HP NonStop TNS/X L15.08.00 – OSS 12/18/2015 Curves tested: P-224   P-256   P-384   P-521

"The Voltage Cryptographic Module provides the Validated algorithms used by the HP SecureMail, HP SecureFile and HP SecureData families of products."

03/07/16: Updated implementation information;
04/12/16: Updated implementation information;

708
Section 4.2,
TLS
SP800-135
Seagate Technology, LLC.
380 Disc Drive
Longmont, CO 80503
USA

-Harshad S Thakar
TEL: 720 684 2580

800-135 KDF in Firmware

Version 1.0 (Firmware)
ARM Cortex-R Family 12/18/2015 TLS( TLS1.2 (SHA 256 , 384 ) ) SHA Val#1225 HMAC Val#1597

"800-135 KDF Implementation in Seagate''s Self-Encrypting Drives (SEDs)."

707
All of SP800-56A EXCEPT KDF
SP800-56A
Seagate Technology, LLC.
380 Disc Drive
Longmont, CO 80503
USA

-Harshad S Thakar
TEL: 720 684 2580

800-56A KAS FFC in Firmware

Version 1.0 (Firmware)
ARM Cortex-R Family 12/18/2015 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: Ephem: (KARole: Initiator ) FB SHS Val#1225 DRBG Val#62

"800-56A Key Agreement Scheme (Finite Field Cryptography) based implementation in Seagate''s Self-Encrypting Drives (SEDs)"

706
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Legion of the Bouncy Castle Inc.
85 The Crescent
Ascot Vale, Victoria 3032
Australia

-David Hook
TEL: +61438170390

-Jon Eaves
TEL: +61417502969

Bouncy Castle FIPS Java API

Version 1.0.0
Intel Xeon E5 v3 w/ Java SE Runtime Env 7 on Solaris 11 on vSphere 6; Intel Xeon E5 v3 w/ Java SE Runtime Env 8 on Centos 6.4 on vSphere 6 12/18/2015 RSASP1: (Mod2048: PKCS1.5 )

"The Bouncy Castle FIPS Java API is a comprehensive suite of FIPS Approved algorithms implemented in pure Java. All key sizes and modes have been implemented to allow flexibility and efficiency, and additional algorithms are available in non-approved operation as well."

705
Signature Generation of hash sized messages
FIPS186-4 ECDSA
Legion of the Bouncy Castle Inc.
85 The Crescent
Ascot Vale, Victoria 3032
Australia

-David Hook
TEL: +61438170390

-Jon Eaves
TEL: +61417502969

Bouncy Castle FIPS Java API

Version 1.0.0
Intel Xeon E5 v3 w/ Java SE Runtime Env 7 on Solaris 11 on vSphere 6; Intel Xeon E5 v3 w/ Java SE Runtime Env 8 on Centos 6.4 on vSphere 6 12/18/2015 ECDSA SigGen Component: CURVES( P-224 P-256 P-384 P-521 K-233 K-283 K-409 K-571 B-233 B-283 B-409 B-571 )

"The Bouncy Castle FIPS Java API is a comprehensive suite of FIPS Approved algorithms implemented in pure Java. All key sizes and modes have been implemented to allow flexibility and efficiency, and additional algorithms are available in non-approved operation as well."

704
Section 4.1.2,
IKEv2
Section 4.2,
TLS
Section 5.1,
ANS X9.63-2001
Section 5.2, SSH
Section 5.3, SRTP
SP800-135
Legion of the Bouncy Castle Inc.
85 The Crescent
Ascot Vale, Victoria 3032
Australia

-David Hook
TEL: +61438170390

-Jon Eaves
TEL: +61417502969

Bouncy Castle FIPS Java API

Version 1.0.0
Intel Xeon E5 v3 w/ Java SE Runtime Env 7 on Solaris 11 on vSphere 6; Intel Xeon E5 v3 w/ Java SE Runtime Env 8 on Centos 6.4 on vSphere 6 12/18/2015 IKEv2( ( 224 (SHA 1 , 224 , 256 , 384 , 512 ) ) ( 8192 (SHA 1 , 224 , 256 , 384 , 512 ) ) ( 384 (SHA 1 , 224 , 256 , 384 , 512 ) ) SHA Val#3126 HMAC Val#2458
TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#3126 HMAC Val#2458
ANSX963_2001 (SHS 224 , 256 , 384 , 512 ) SHA Val#3126
SSH (SHA 1 , 224 , 256 , 384 , 512 ) SHA Val#3126
SRTP (AES 128 , 192 , 256 ) AES Val#3756

"The Bouncy Castle FIPS Java API is a comprehensive suite of FIPS Approved algorithms implemented in pure Java. All key sizes and modes have been implemented to allow flexibility and efficiency, and additional algorithms are available in non-approved operation as well."

703
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Huawei Device(Dongguan) Co., Ltd.
B2-5 of Nanfang Factory
No.2 of Xincheng Rd
Songshan Lake Science & Technology Industrial Zone
Dongguan, Guangdong 523808
China

-Tailiang Hong
TEL: 86-755-36376922

-Blue Lee
TEL: 86-755-28976679

Huawei OpenSSL

Version OpenSSL 1.0.1h
HiSilicon K3V3+ w/ Android 5.0 12/18/2015 Curves tested: P-256   P-384   P-521

"General purpose cryptographic module available for Android used by Huawei devices. A variety of cryptographic services are provided, including AES, RSA, SHA, HMAC, CMAC, ECDSA, CTR_DRBG, etc."

05/17/16: Updated vendor information and added new tested information;

702
Section 5.2, SSH
SP800-135
Red Hat, Inc.
100 E. Davie Street
Raleigh, NC 27601
USA

-Jaroslav Reznik

OpenSSH Server (KDF 800-135) for IBM/S390 64 bit

Version 4.0
IBM/S390 w/ Red Hat Enterprise Linux 7.1 12/18/2015 SSH (SHA 1 , 256 , 384 , 512 ) SHA Val#3069

"KDF for IBM/S390 64 bit"

701
Section 5.2, SSH
SP800-135
Red Hat, Inc.
100 E. Davie Street
Raleigh, NC 27601
USA

-Jaroslav Reznik

OpenSSH Server (KDF 800-135) for Intel x86 64 bit

Version 4.0
Intel x86 w/ Red Hat Enterprise Linux 7.1 12/18/2015 SSH (SHA 1 , 256 , 384 , 512 ) SHA Val#3061

"KDF for Intel x86 64 bit"

700
Section 5.2, SSH
SP800-135
Red Hat, Inc.
100 E. Davie Street
Raleigh, NC 27601
USA

-Jaroslav Reznik

OpenSSH Server (KDF 800-135) for IBM Power 8E 64 bit

Version 4.0
IBM Power 8E w/ Red Hat Enterprise Linux 7.1 12/18/2015 SSH (SHA 1 , 256 , 384 , 512 ) SHA Val#3059

"KDF for IBM Power 8E LE 64 bit"

699
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
OpenSSL Software Foundation, Inc.
1829 Mount Ephraim Road
Adamstown, MD 27101
USA

-Steve Marquess
TEL: 301-874-2571

OpenSSL FIPS Object Module

Version 2.0.12
Intel Atom E3845 (x86) without AES-NI optimizations w/ Linux 3.10 32-bit; Intel Atom E3845 (x86) with AES-NI optimizations w/ Linux 3.10 32-bit 1/22/2016 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"The OpenSSL FIPS Object Module is a full featured general purpose cryptographic library that is distributed in source code form under an open source license. It can be downloaded from www.openssl.org/source/."

08/04/15: Added new tested information;
09/04/15: Added new tested information;
10/22/15: Added new tested information;
10/30/15: Updated implementation information information;

698
All of SP800-56A EXCEPT KDF
SP800-56A
Apple Inc.
1 Infinite Loop
Cupertino, CA 95014
USA

-Shawn Geddis
TEL: (669)227-3579
FAX: (866)315-1954

Apple iOS CoreCrypto Module (Generic, A8 32bit)

Version 6.0
Apple A8 w/ iOS 9 12/18/2015 ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: OnePassDH: (KARole: Initiator / Responder ) EC: P-256 ECDSA Val#793 SHS Val#3113 DRBG Val#1019 HMAC Val#2444

"Cryptographic library offering various cryptographic mechanisms to Apple frameworks. The testing applies to user space and generic, non-optimized software compiled for 32bit word size."

697
Section 4.2,
TLS
SP800-135
ARX (Algorithmic Research)
10 Nevatim St
Petah-Tikva, Israel 49561
Israel

-Ezer Farhi
TEL: 972-3-9279529

CoSign CKIT

Version 5.0.4 (Firmware)
Intel® Pentium Dual-Core 12/18/2015 TLS( TLS1.0/1.1 ) SHA Val#3109 HMAC Val#2441

"CoSign is a digital signature appliance that is connected to the organizational network and manages all signature keys and certificates of organization''''s end-users. End-users will connect securely to CoSign from their PC for the purpose of signing documents and data."

696
All of SP800-56A EXCEPT KDF
SP800-56A
Thales e-Security Inc.
900 South Pine Island Road
Suite 710
Plantation, FL 33324
USA

-sales@thalesesec.com
TEL: 888-744-4976

nShield X Algorithm Library - Firmware SCA

Version 1.0 (Firmware)
Freescale PowerPC 12/18/2015 ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG Partial Validation )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 OnePassDH: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 StaticUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 ECDSA Val#790 SHS Val#3082 DRBG Val#985

"The nShield algorithm X library provides cryptographic functionality for Thales nShield Hardware Security Modules."

695
All of SP800-56A EXCEPT KDF
SP800-56A
Apple Inc.
1 Infinite Loop
Cupertino, CA 95014
USA

-Shawn Geddis
TEL: (669)227-3579
FAX: (866)315-1954

Apple iOS CoreCrypto Module (Generic, A9X 32bit)

Version 6.0
Apple A9X w/ iOS 9 12/18/2015 ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: OnePassDH: (KARole: Initiator / Responder ) EC: P-256 ECDSA Val#789 SHS Val#3108 DRBG Val#1016 HMAC Val#2440

"Cryptographic library offering various cryptographic mechanisms to Apple frameworks. The testing applies to user space and generic, non-optimized software compiled for 32bit word size."

694
All of SP800-56A EXCEPT KDF
SP800-56A
Apple Inc.
1 Infinite Loop
Cupertino, CA 95014
USA

-Shawn Geddis
TEL: (669)227-3579
FAX: (866)315-1954

Apple iOS CoreCrypto Module (Generic, A9X)

Version 6.0
Apple A9X w/ iOS 9 12/18/2015 ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: OnePassDH: (KARole: Initiator / Responder ) EC: P-256 ECDSA Val#788 SHS Val#3107 DRBG Val#1015 HMAC Val#2439

"Cryptographic library offering various cryptographic mechanisms to Apple frameworks. The testing applies to user space and generic, non-optimized software."

693
All of SP800-56A EXCEPT KDF
SP800-56A
Apple Inc.
1 Infinite Loop
Cupertino, CA 95014
USA

-Shawn Geddis
TEL: (669)227-3579
FAX: (866)315-1954

Apple iOS CoreCrypto Module (Generic, A9 32bit)

Version 6.0
Apple A9 w/ iOS 9 12/18/2015 ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: OnePassDH: (KARole: Initiator / Responder ) EC: P-256 ECDSA Val#787 SHS Val#3106 DRBG Val#1014 HMAC Val#2438

"Cryptographic library offering various cryptographic mechanisms to Apple frameworks. The testing applies to user space and generic, non-optimized software compiled for 32bit word size."

692
All of SP800-56A EXCEPT KDF
SP800-56A
Apple Inc.
1 Infinite Loop
Cupertino, CA 95014
USA

-Shawn Geddis
TEL: (669)227-3579
FAX: (866)315-1954

Apple iOS CoreCrypto Module (Generic, A9)

Version 6.0
Apple A9 w/ iOS 9 12/18/2015 ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: OnePassDH: (KARole: Initiator / Responder ) EC: P-256 ECDSA Val#786 SHS Val#3105 DRBG Val#1013 HMAC Val#2437

"Cryptographic library offering various cryptographic mechanisms to Apple frameworks. The testing applies to user space and generic, non-optimized software."

691
All of SP800-56A EXCEPT KDF
SP800-56A
Apple Inc.
1 Infinite Loop
Cupertino, CA 95014
USA

-Shawn Geddis
TEL: (669)227-3579
FAX: (866)315-1954

Apple iOS CoreCrypto Module (Generic, A8X 32bit)

Version 6.0
Apple A8X w/ iOS 9 12/18/2015 ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: OnePassDH: (KARole: Initiator / Responder ) EC: P-256 ECDSA Val#785 SHS Val#3104 DRBG Val#1012 HMAC Val#2436

"Cryptographic library offering various cryptographic mechanisms to Apple frameworks. The testing applies to user space and generic, non-optimized software compiled for 32bit word size."

690
All of SP800-56A EXCEPT KDF
SP800-56A
Apple Inc.
1 Infinite Loop
Cupertino, CA 95014
USA

-Shawn Geddis
TEL: (669)227-3579
FAX: (866)315-1954

Apple iOS CoreCrypto Module (Generic, A8X)

Version 6.0
Apple A8X w/ iOS 9 12/18/2015 ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: OnePassDH: (KARole: Initiator / Responder ) EC: P-256 ECDSA Val#784 SHS Val#3103 DRBG Val#1011 HMAC Val#2435

"Cryptographic library offering various cryptographic mechanisms to Apple frameworks. The testing applies to user space and generic, non-optimized software."

689
All of SP800-56A EXCEPT KDF
SP800-56A
Apple Inc.
1 Infinite Loop
Cupertino, CA 95014
USA

-Shawn Geddis
TEL: (669)227-3579
FAX: (866)315-1954

Apple iOS CoreCrypto Module (Generic, A8)

Version 6.0
Apple A8 w/ iOS 9 12/18/2015 ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: OnePassDH: (KARole: Initiator / Responder ) EC: P-256 ECDSA Val#783 SHS Val#3102 DRBG Val#1010 HMAC Val#2434

"Cryptographic library offering various cryptographic mechanisms to Apple frameworks. The testing applies to user space and generic, non-optimized software."

688
All of SP800-56A EXCEPT KDF
SP800-56A
Apple Inc.
1 Infinite Loop
Cupertino, CA 95014
USA

-Shawn Geddis
TEL: (669)227-3579
FAX: (866)315-1954

Apple iOS CoreCrypto Module (Generic, A7 32bit)

Version 6.0
Apple A7 w/ iOS 9 12/18/2015 ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: OnePassDH: (KARole: Initiator / Responder ) EC: P-256 ECDSA Val#782 SHS Val#3101 DRBG Val#1009 HMAC Val#2433

"Cryptographic library offering various cryptographic mechanisms to Apple frameworks. The testing applies to user space and generic, non-optimized software compiled for 32bit word size."

687
All of SP800-56A EXCEPT KDF
SP800-56A
Apple Inc.
1 Infinite Loop
Cupertino, CA 95014
USA

-Shawn Geddis
TEL: (669)227-3579
FAX: (866)315-1954

Apple iOS CoreCrypto Module (Generic, A7)

Version 6.0
Apple A7 w/ iOS 9 12/18/2015 ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: OnePassDH: (KARole: Initiator / Responder ) EC: P-256 ECDSA Val#781 SHS Val#3100 DRBG Val#1008 HMAC Val#2432

"Cryptographic library offering various cryptographic mechanisms to Apple frameworks. The testing applies to user space and generic, non-optimized software."

686
All of SP800-56A EXCEPT KDF
SP800-56A
Apple Inc.
1 Infinite Loop
Cupertino, CA 95014
USA

-Shawn Geddis
TEL: (669)227-3579
FAX: (866)315-1954

Apple iOS CoreCrypto Module (Generic, A6X)

Version 6.0
Apple A6X w/ iOS 9 12/18/2015 ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: OnePassDH: (KARole: Initiator / Responder ) EC: P-256 ECDSA Val#780 SHS Val#3099 DRBG Val#1007 HMAC Val#2431

"Cryptographic library offering various cryptographic mechanisms to Apple frameworks. The testing applies to user space and generic, non-optimized software."

685
All of SP800-56A EXCEPT KDF
SP800-56A
Apple Inc.
1 Infinite Loop
Cupertino, CA 95014
USA

-Shawn Geddis
TEL: (669)227-3579
FAX: (866)315-1954

Apple iOS CoreCrypto Module (Generic, A6)

Version 6.0
Apple A6 w/ iOS 9 12/18/2015 ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: OnePassDH: (KARole: Initiator / Responder ) EC: P-256 ECDSA Val#779 SHS Val#3098 DRBG Val#1006 HMAC Val#2430

"Cryptographic library offering various cryptographic mechanisms to Apple frameworks. The testing applies to user space and generic, non-optimized software."

684
All of SP800-56A EXCEPT KDF
SP800-56A
Apple Inc.
1 Infinite Loop
Cupertino, CA 95014
USA

-Shawn Geddis
TEL: (669)227-3579
FAX: (866)315-1954

Apple iOS CoreCrypto Module (Generic, A5X)

Version 6.0
Apple A5X w/ iOS 9 12/18/2015 ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: OnePassDH: (KARole: Initiator / Responder ) EC: P-256 ECDSA Val#778 SHS Val#3097 DRBG Val#1005 HMAC Val#2429

"Cryptographic library offering various cryptographic mechanisms to Apple frameworks. The testing applies to user space and generic, non-optimized software."

683
All of SP800-56A EXCEPT KDF
SP800-56A
Apple Inc.
1 Infinite Loop
Cupertino, CA 95014
USA

-Shawn Geddis
TEL: (669)227-3579
FAX: (866)315-1954

Apple iOS CoreCrypto Module (Generic, A5)

Version 6.0
Apple A5 w/ iOS 9 12/18/2015 ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: OnePassDH: (KARole: Initiator / Responder ) EC: P-256 ECDSA Val#777 SHS Val#3096 DRBG Val#1004 HMAC Val#2428

"Cryptographic library offering various cryptographic mechanisms to Apple frameworks. The testing applies to user space and generic, non-optimized software."

682
All of SP800-56A EXCEPT KDF
SP800-56A
Thales e-Security Inc.
900 South Pine Island Road
Suite 710
Plantation, FL 33324
USA

-sales@thalesesec.com
TEL: 888-744-4976

nShield X Algorithm Library - Cryptographic Accelerator

Part # ICG00169-00-01
N/A 12/11/2015 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG   Partial Validation )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC OneFlow: (KARole: Initiator / Responder ) FB FC Static: (KARole: Initiator / Responder ) FB FC DSA Val#1039 SHS Val#3082 DRBG Val#985
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG Partial Validation )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 OnePassDH: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 StaticUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 ECDSA Val#776 SHS Val#3082 DRBG Val#985

"The nShield algorithm X library provides cryptographic functionality for Thales nShield Hardware Security Modules."

681
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
SP800-135
Red Hat, Inc.
100 E. Davie Street
Raleigh, NC 27601
USA

-Jaroslav Reznik

Libreswan VPN implementation for Intel x86

Version 4.0
Intel x86 w/ Red Hat Enterprise Linux 7.1 12/11/2015 IKEv1( AUTH( DSA , PSK ) ) ( 224 (SHA 1 , 256 , 384 , 512 ) ) ( 8192 (SHA 1 , 256 , 384 , 512 ) ) ( 2048 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#2967 HMAC Val#2301
IKEv2( ( 224 (SHA 1 , 256 , 384 , 512 ) ) ( 8192 (SHA 1 , 256 , 384 , 512 ) ) ( 2048 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#2967 HMAC Val#2301

"Libreswan VPN implementation for Intel x86"

680
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
SP800-135
Red Hat, Inc.
100 E. Davie Street
Raleigh, NC 27601
USA

-aroslav Reznik

Libreswan VPN implementation for IBM/S390

Version 4.0
IBM/S390 w/ Red Hat Enterprise Linux 7.1 12/11/2015 IKEv1( AUTH( DSA , PSK ) ) ( 224 (SHA 1 , 256 , 384 , 512 ) ) ( 8192 (SHA 1 , 256 , 384 , 512 ) ) ( 2048 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#2971 HMAC Val#2305
IKEv2( ( 224 (SHA 1 , 256 , 384 , 512 ) ) ( 8192 (SHA 1 , 256 , 384 , 512 ) ) ( 2048 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#2971 HMAC Val#2305

"Libreswan VPN implementation for IBM/S390"

679
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
SP800-135
Red Hat, Inc.
100 E. Davie Street
Raleigh, NC 27601
USA

-Jaroslav Reznik

Libreswan VPN implementation for IBM Power 8E

Version 4.0
IBM Power 8E w/ Red Hat Enterprise Linux 7.1 12/11/2015 IKEv1( AUTH( DSA , PSK ) ) ( 224 (SHA 1 , 256 , 384 , 512 ) ) ( 8192 (SHA 1 , 256 , 384 , 512 ) ) ( 2048 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#2969 HMAC Val#2303
IKEv2( ( 224 (SHA 1 , 256 , 384 , 512 ) ) ( 8192 (SHA 1 , 256 , 384 , 512 ) ) ( 2048 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#2969 HMAC Val#2303

"Libreswan VPN implementation for IBM Power 8E"

678
Section 4.2,
TLS
SP800-135
Red Hat, Inc.
100 East Davie Street
Raleigh, NC 27601
USA

-Jaroslav Reznik

OpenSSL (C and assembler implementation with CPACF) 32 bit

Version 4.0
IBM/S390 w/ Red Hat Enterprise Linux 7.1 12/11/2015 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#3095 HMAC Val#2427

"User space library providing general cryptographic services which can be linked to from any program. The module was tested with 32bit word size."

677
All of SP800-56A EXCEPT KDF
SP800-56A
Red Hat, Inc.
100 East Davie Street
Raleigh, NC 27601
USA

-Jaroslav Reznik

OpenSSL (C and assembler implementation with CPACF) 32 bit

Version 4.0
IBM/S390 w/ Red Hat Enterprise Linux 7.1 12/11/2015 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation   Key Regeneration )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC DSA Val#1038 SHS Val#3095 RNG Val#1409 DRBG Val#1003
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation   Key Regeneration )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 EE: P-521 ECDSA Val#775 SHS Val#3095 RNG Val#1409 DRBG Val#1003

"User space library providing general cryptographic services which can be linked to from any program. The module was tested with 32bit word size."

676
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Siemens PLM Software
5800 Granite Parkway
Suite 600
Plano, TX 75024
USA

-Vikas Singh
TEL: 651-855-6176

Teamcenter Cryptographic Module

Version 3.0
AMD A4 w/ SUSE Linux 11.2 (x86_64); AMD A4 w/ Windows 7 SP1 (x86); AMD A4 w/ Windows 7 SP1 (x86_64); Intel Core i5 w/ Mac OS X 10.11 (x86_64) 12/11/2015 Curves tested: P-224   P-256   P-384   P-521

"Teamcenter powers innovation and productivity by connecting people and processes with knowledge. Teamcenter is the de facto standard for PLM deployment, providing solutions to drive business performance goals."

01/25/16: Updated implementation information;

675
Signature Generation of hash sized messages
FIPS186-4 ECDSA
SAP SE
Dietmar-Hopp-Allee 16
Walldorf, NRW 69190
Germany

-Stephan André
TEL: +49-6227-7-47474
FAX: +49-6227-78-55975

-Thomas Rothe
TEL: +49-6227-7-47474
FAX: +49-6227-78-55989

SAP CommonCryptoLib Crypto Kernel

Version 8.4.47.0
IBM POWER5 w/ AIX 5.2; IBM POWER7 w/ AIX 6.1 on hypervisor IBM PowerVM 2.2; HP 9000/800/rp3440 w/ HP-UX 11.11; Intel Itanium 2 w/ HP-UX 11.23; Intel Itanium 2 w/ HP-UX 11.31; APM X-Gene Mustang w/ Linux 3.12.0; Intel Itanium w/ Linux 2.6.32; IBM POWER7 w/ Linux 2.6.32 on hypervisor IBM PowerVM 2.2; IBM POWER8 with VCIPHER w/ Linux 3.0.101 on hypervisor IBM PowerVM 2.2; IBM S/390 (2817) w/ Linux 3.0.101 on hypervisor IBM z/VM 6.2.0; AMD Opteron w/ Linux 2.6.5; Intel Xeon with AES-NI w/ Linux 3.0.101 on hypervisor VMware ESXi 5.1.0; UltraSPARC-IIIi w/ SunOS 5.9; SPARC64-V w/ SunOS 5.10; Intel Xeon w/ SunOS 5.10; Intel Xeon w/ Windows Server 2008 SP2; Intel Xeon with AES-NI w/ Windows Server 2008 R2 SP1 on hypervisor VMware ESXi 5.1.0 12/11/2015 ECDSA SigGen Component: CURVES( P-224 P-256 P-384 P-521 )

"SAP CommonCryptoLib Crypto Kernel is a shared library, i.e. it consists of software only. SAP CommonCryptoLib Crypto Kernel provides an API in terms of C++ methods for key management and operation of cryptographic functions."

674
RSADP Primitive
FIPS186-4 RSA; RSADP
SAP SE
Dietmar-Hopp-Allee 16
Walldorf, NRW 69190
Germany

-Stephan André
TEL: +49-6227-7-47474
FAX: +49-6227-78-55975

-Thomas Rothe
TEL: +49-6227-7-47474
FAX: +49-6227-78-55989

SAP CommonCryptoLib Crypto Kernel

Version 8.4.47.0
IBM POWER5 w/ AIX 5.2; IBM POWER7 w/ AIX 6.1 on hypervisor IBM PowerVM 2.2; HP 9000/800/rp3440 w/ HP-UX 11.11; Intel Itanium 2 w/ HP-UX 11.23; Intel Itanium 2 w/ HP-UX 11.31; APM X-Gene Mustang w/ Linux 3.12.0; Intel Itanium w/ Linux 2.6.32; IBM POWER7 w/ Linux 2.6.32 on hypervisor IBM PowerVM 2.2; IBM POWER8 with VCIPHER w/ Linux 3.0.101 on hypervisor IBM PowerVM 2.2; IBM S/390 (2817) w/ Linux 3.0.101 on hypervisor IBM z/VM 6.2.0; AMD Opteron w/ Linux 2.6.5; Intel Xeon with AES-NI w/ Linux 3.0.101 on hypervisor VMware ESXi 5.1.0; UltraSPARC-IIIi w/ SunOS 5.9; SPARC64-V w/ SunOS 5.10; Intel Xeon w/ SunOS 5.10; Intel Xeon w/ Windows Server 2008 SP2; Intel Xeon with AES-NI w/ Windows Server 2008 R2 SP1 on hypervisor VMware ESXi 5.1.0 12/11/2015 RSADP: (Mod2048)

"SAP CommonCryptoLib Crypto Kernel is a shared library, i.e. it consists of software only. SAP CommonCryptoLib Crypto Kernel provides an API in terms of C++ methods for key management and operation of cryptographic functions."

673
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
SAP SE
Dietmar-Hopp-Allee 16
Walldorf, NRW 69190
Germany

-Stephan André
TEL: +49-6227-7-47474
FAX: +49-6227-78-55975

-Thomas Rothe
TEL: +49-6227-7-47474
FAX: +49-6227-78-55989

SAP CommonCryptoLib Crypto Kernel

Version 8.4.47.0
IBM POWER5 w/ AIX 5.2; IBM POWER7 w/ AIX 6.1 on hypervisor IBM PowerVM 2.2; HP 9000/800/rp3440 w/ HP-UX 11.11; Intel Itanium 2 w/ HP-UX 11.23; Intel Itanium 2 w/ HP-UX 11.31; APM X-Gene Mustang w/ Linux 3.12.0; Intel Itanium w/ Linux 2.6.32; IBM POWER7 w/ Linux 2.6.32 on hypervisor IBM PowerVM 2.2; IBM POWER8 with VCIPHER w/ Linux 3.0.101 on hypervisor IBM PowerVM 2.2; IBM S/390 (2817) w/ Linux 3.0.101 on hypervisor IBM z/VM 6.2.0; AMD Opteron w/ Linux 2.6.5; Intel Xeon with AES-NI w/ Linux 3.0.101 on hypervisor VMware ESXi 5.1.0; UltraSPARC-IIIi w/ SunOS 5.9; SPARC64-V w/ SunOS 5.10; Intel Xeon w/ SunOS 5.10; Intel Xeon w/ Windows Server 2008 SP2; Intel Xeon with AES-NI w/ Windows Server 2008 R2 SP1 on hypervisor VMware ESXi 5.1.0 12/11/2015 Curves tested: P-224   P-256   P-384   P-521

"SAP CommonCryptoLib Crypto Kernel is a shared library, i.e. it consists of software only. SAP CommonCryptoLib Crypto Kernel provides an API in terms of C++ methods for key management and operation of cryptographic functions."

672
Signature Generation of hash sized messages
FIPS186-4 ECDSA
SAP SE
Dietmar-Hopp-Allee 16
Walldorf, NRW 69190
Germany

-Stephan André
TEL: +49-6227-7-47474
FAX: +49-6227-78-55975

-Thomas Rothe
TEL: +49-6227-7-47474
FAX: +49-6227-78-55989

SAP CommonCryptoLib Crypto Kernel

Version 8.4.47.0
IBM POWER7 w/ AIX 6.1 on hypervisor IBM PowerVM 2.2; Intel Itanium 2 w/ HP-UX 11.31; IBM POWER7 w/ Linux 2.6.32 on hypervisor IBM PowerVM 2.2; AMD Opteron w/ Linux 2.6.32; Intel Xeon with AES-NI w/ Linux 3.0.101 on hypervisor VMware ESXi 5.1.0; SPARC64-V w/ SunOS 5.10; Intel Xeon w/ SunOS 5.10; Intel Xeon w/ Windows Server 2008 SP2; Intel Xeon with AES-NI w/ Windows Server 2008 R2 SP1 on hypervisor VMware ESXi 5.1.0 12/11/2015 ECDSA SigGen Component: CURVES( P-224 P-256 P-384 P-521 )

"SAP CommonCryptoLib Crypto Kernel is a shared library, i.e. it consists of software only. SAP CommonCryptoLib Crypto Kernel provides an API in terms of C++ methods for key management and operation of cryptographic functions."

671
RSADP Primitive
FIPS186-4 RSA; RSADP
SAP SE
Dietmar-Hopp-Allee 16
Walldorf, NRW 69190
Germany

-Stephan André
TEL: +49-6227-7-47474
FAX: +49-6227-78-55975

-Thomas Rothe
TEL: +49-6227-7-47474
FAX: +49-6227-78-55989

SAP CommonCryptoLib Crypto Kernel

Version 8.4.47.0
IBM POWER7 w/ AIX 6.1 on hypervisor IBM PowerVM 2.2; Intel Itanium 2 w/ HP-UX 11.31; IBM POWER7 w/ Linux 2.6.32 on hypervisor IBM PowerVM 2.2; AMD Opteron w/ Linux 2.6.32; Intel Xeon with AES-NI w/ Linux 3.0.101 on hypervisor VMware ESXi 5.1.0; SPARC64-V w/ SunOS 5.10; Intel Xeon w/ SunOS 5.10; Intel Xeon w/ Windows Server 2008 SP2; Intel Xeon with AES-NI w/ Windows Server 2008 R2 SP1 on hypervisor VMware ESXi 5.1.0 12/11/2015 RSADP: (Mod2048)

"SAP CommonCryptoLib Crypto Kernel is a shared library, i.e. it consists of software only. SAP CommonCryptoLib Crypto Kernel provides an API in terms of C++ methods for key management and operation of cryptographic functions."

670
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
SAP SE
Dietmar-Hopp-Allee 16
Walldorf, NRW 69190
Germany

-Stephan André
TEL: +49-6227-7-47474
FAX: +49-6227-78-55975

-Thomas Rothe
TEL: +49-6227-7-47474
FAX: +49-6227-78-55989

SAP CommonCryptoLib Crypto Kernel

Version 8.4.47.0
IBM POWER7 w/ AIX 6.1 on hypervisor IBM PowerVM 2.2; Intel Itanium 2 w/ HP-UX 11.31; IBM POWER7 w/ Linux 2.6.32 on hypervisor IBM PowerVM 2.2; AMD Opteron w/ Linux 2.6.32; Intel Xeon with AES-NI w/ Linux 3.0.101 on hypervisor VMware ESXi 5.1.0; SPARC64-V w/ SunOS 5.10; Intel Xeon w/ SunOS 5.10; Intel Xeon w/ Windows Server 2008 SP2; Intel Xeon with AES-NI w/ Windows Server 2008 R2 SP1 on hypervisor VMware ESXi 5.1.0 12/11/2015 Curves tested: P-224   P-256   P-384   P-521

"SAP CommonCryptoLib Crypto Kernel is a shared library, i.e. it consists of software only. SAP CommonCryptoLib Crypto Kernel provides an API in terms of C++ methods for key management and operation of cryptographic functions."

669
All of SP800-56A EXCEPT KDF
SP800-56A
Thales e-Security Inc.
900 South Pine Island Road
Suite 710
Plantation, FL 33324
USA

-sales@thalesesec.com
TEL: 888-744-4976

nShield X Algorithm Library - Firmware

Version 1.0 (Firmware)
Freescale PowerPC 12/11/2015 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG   Partial Validation )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC OneFlow: (KARole: Initiator / Responder ) FB FC Static: (KARole: Initiator / Responder ) FB FC DSA Val#1034 SHS Val#3082 DRBG Val#985
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG Partial Validation )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 OnePassDH: (KARole: Initiator ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 StaticUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 ECDSA Val#771 SHS Val#3082 DRBG Val#985

"The nShield algorithm X library provides cryptographic functionality for Thales nShield Hardware Security Modules."

668
Section 5.2, SSH
SP800-135
Juniper Networks, Inc.
1194 North Mathilda Avenue
Sunnyvale, CA 94089
USA

-Shivakumar Muttur
TEL: +91 8061211850

-Balachandra Shanabhag
TEL: +91 8061219144

OpenSSL Crypto Lib

Version 14.1X53-D30.3 (Firmware)
Part # na
Freescale e500mc PowerPC 12/4/2015 SSH (SHA 256 , 384 , 512 ) SHA Val#3073

"Comprehensive, scalable and secure switching & routing solutions specifically designed to meet the needs of campus, enterprises and service providers. All of our switches & routers - core, Multiservice edge and edge Ethernet - run on one common operating system- Junos."

667
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
Section 4.2,
TLS
SP800-135
Information Assurance Specialists, Inc.
900 Route 168
Suite C4
Turnersville, NJ 08012
USA

-William Morgan
TEL: 856-581-8033 x1006
FAX: 856-228-1265

-Keiron Tomasso
TEL: 856-581-8033 x1001
FAX: 856-228-1265

IAS Router IPSec

Version b6ae42e - 2015-09-09 (Firmware)
Intel Bay Trail with AES-NI 12/11/2015 IKEv1( AUTH( DSA , PSK ) ) ( 256 (SHA 256 , 384 , 512 ) ) ( 8192 (SHA 256 , 384 , 512 ) ) ( 2048 (SHA 256 , 384 , 512 ) ) SHA Val#2830 HMAC Val#2182
IKEv2( ( 256 (SHA 256 , 384 , 512 ) ) ( 8192 (SHA 256 , 384 , 512 ) ) ( 2048 (SHA 256 , 384 , 512 ) ) SHA Val#2830 HMAC Val#2182
TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#2830 HMAC Val#2182

"IAS Router IPSec is the IKE and ESP stack implementation."

666
Signature Generation of hash sized messages
FIPS186-4 ECDSA
Microsoft Corporation
One Microsoft Way
Redmond, WA 98052-6399
USA

-Tim Myers
TEL: 800-Microsoft

Microsoft Windows 10 November 2015 Update; Microsoft Surface Book, Surface Pro 4, Surface Pro 3, Surface 3, Surface Pro 2, and Surface Pro w/ Windows 10 November 2015 Update; Windows 10 Mobile for Microsoft Lumia 950 and Microsoft Lumia 635; Windows 10 for Microsoft Surface Hub 84” and Surface Hub 55” MsBignum Cryptographic Implementations

Version 10.0.10586
Intel x64 Processor with AES-NI w/ Microsoft Surface Pro w/ Windows 10 Enterprise November 2015 Update (x64); Intel Core i5 with AES-NI w/ Microsoft Surface Pro 2 w/ Windows 10 Enterprise November 2015 Update (x64); Intel Core i7 with AES-NI w/ Microsoft Surface Pro 3 w/ Windows 10 Enterprise November 2015 Update (x64); Intel x64 Processor with AES-NI w/ Microsoft Surface Pro w/ Windows 10 Pro November 2015 Update (x64); Intel Core i5 with AES-NI w/ Microsoft Surface Pro 2 w/ Windows 10 Pro November 2015 Update (x64); Intel Core i7 with AES-NI w/ Microsoft Surface Pro 3 w/ Windows 10 Pro November 2015 Update (x64); Intel Core i3 without AES-NI or PCLMULQDQ or SSSE 3 w/ Windows 10 Enterprise November 2015 Update (x86); Intel Core i3 without AES-NI or PCLMULQDQ or SSSE 3 w/ Windows 10 Pro November 2015 Update (x86); Intel Core i3 without AES-NI or PCLMULQDQ or SSSE 3 w/ Windows 10 November 2015 Update (x86); AMD A4 with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows 10 Enterprise November 2015 Update (x64); AMD A4 with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows 10 Pro November 2015 Update (x64); AMD A4 with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows 10 November 2015 Update (x64); Intel Core i7 with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows 10 November 2015 Update (x64); Intel Atom x7 with AES-NI and PCLMULQDQ and SSSE 3 w/ Microsoft Surface 3 w/ Windows 10 Enterprise November 2015 Update (x64) ;  Qualcomm Snapdragon 808 (A57, A53) w/ Microsoft Lumia 950 w/ Windows 10 Mobile; Qualcomm Snapdragon 400 (A7) w/ Microsoft Lumia 635 w/ Windows 10 Mobile; Intel Core i7 with AES-NI and PCLMULQDQ and SSSE 3 w/ Microsoft Surface Hub 84" w/ Windows 10 for Surface Hub (x64); Intel Core i5 with AES-NI w/ Microsoft Surface Hub 55" w/ Windows 10 for Surface Hub (x64); Intel Core i5 with AES-NI w/ Microsoft Surface Pro 4 w/ Windows 10 Enterprise November 2015 Update (x64); Intel Core i7 with AES-NI and PCLMULQDQ and SSSE 3 w/ Microsoft Surface Book w/ Windows 10 Enterprise November 2015 Update (x64); Intel Core i5 with AES-NI w/ Microsoft Surface Pro 4 w/ Windows 10 Pro November 2015 Update (x64); Intel Core i7 with AES-NI and PCLMULQDQ and SSSE 3 w/ Microsoft Surface Book w/ Windows 10 Pro November 2015 Update (x64); 12/4/2015 ECDSA SigGen Component: CURVES( P-256 P-384 P-521 )

"The Microsoft Windows MSBignum Library algorithm implementation provides DSA, ECDSA, and RSA support to other Microsoft libraries and cryptographic modules."

02/17/16: Added new tested information and updated implementation information;
06/16/16: Added new tested information;

665
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Microsoft Corporation
One Microsoft Way
Redmond, WA 98052-6399
USA

-Tim Myers
TEL: 800-Microsoft

Microsoft Windows 10 November 2015 Update; Microsoft Surface Book, Surface Pro 4, Surface Pro 3, Surface 3, Surface Pro 2, and Surface Pro w/ Windows 10 November 2015 Update; Windows 10 Mobile for Microsoft Lumia 950 and Microsoft Lumia 635; Windows 10 for Microsoft Surface Hub 84” and Surface Hub 55” MsBignum Cryptographic Implementations

Version 10.0.10586
Intel x64 Processor with AES-NI w/ Microsoft Surface Pro w/ Windows 10 Enterprise November 2015 Update (x64); Intel Core i5 with AES-NI w/ Microsoft Surface Pro 2 w/ Windows 10 Enterprise November 2015 Update (x64); Intel Core i7 with AES-NI w/ Microsoft Surface Pro 3 w/ Windows 10 Enterprise November 2015 Update (x64); Intel x64 Processor with AES-NI w/ Microsoft Surface Pro w/ Windows 10 Pro November 2015 Update (x64); Intel Core i5 with AES-NI w/ Microsoft Surface Pro 2 w/ Windows 10 Pro November 2015 Update (x64); Intel Core i7 with AES-NI w/ Microsoft Surface Pro 3 w/ Windows 10 Pro November 2015 Update (x64); Intel Core i3 without AES-NI or PCLMULQDQ or SSSE 3 w/ Windows 10 Enterprise November 2015 Update (x86); Intel Core i3 without AES-NI or PCLMULQDQ or SSSE 3 w/ Windows 10 Pro November 2015 Update (x86); Intel Core i3 without AES-NI or PCLMULQDQ or SSSE 3 w/ Windows 10 November 2015 Update (x86); AMD A4 with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows 10 Enterprise November 2015 Update (x64); AMD A4 with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows 10 Pro November 2015 Update (x64); AMD A4 with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows 10 November 2015 Update (x64); Intel Core i7 with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows 10 November 2015 Update (x64); Intel Atom x7 with AES-NI and PCLMULQDQ and SSSE 3 w/ Microsoft Surface 3 w/ Windows 10 Enterprise November 2015 Update (x64) ;  Qualcomm Snapdragon 808 (A57, A53) w/ Microsoft Lumia 950 w/ Windows 10 Mobile; Qualcomm Snapdragon 400 (A7) w/ Microsoft Lumia 635 w/ Windows 10 Mobile; Intel Core i7 with AES-NI and PCLMULQDQ and SSSE 3 w/ Microsoft Surface Hub 84" w/ Windows 10 for Surface Hub (x64); Intel Core i5 with AES-NI w/ Microsoft Surface Hub 55" w/ Windows 10 for Surface Hub (x64); Intel Core i5 with AES-NI w/ Microsoft Surface Pro 4 w/ Windows 10 Enterprise November 2015 Update (x64); Intel Core i7 with AES-NI and PCLMULQDQ and SSSE 3 w/ Microsoft Surface Book w/ Windows 10 Enterprise November 2015 Update (x64); Intel Core i5 with AES-NI w/ Microsoft Surface Pro 4 w/ Windows 10 Pro November 2015 Update (x64); Intel Core i7 with AES-NI and PCLMULQDQ and SSSE 3 w/ Microsoft Surface Book w/ Windows 10 Pro November 2015 Update (x64); 12/4/2015 RSASP1: (Mod2048: PKCS1.5 )

"The Microsoft Windows MSBignum Library algorithm implementation provides DSA, ECDSA, and RSA support to other Microsoft libraries and cryptographic modules."

02/17/16: Added new tested information and updated implementation information;
06/16/16: Added new tested information;

664
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
Section 4.2,
TLS
SP800-135
Microsoft Corporation
One Microsoft Way
Redmond, WA 98052-6399
USA

-Tim Myers
TEL: 800-Microsoft

Microsoft Windows 10 November 2015 Update; Microsoft Surface Book, Surface Pro 4, Surface Pro 3, Surface 3, Surface Pro 2, and Surface Pro w/ Windows 10 November 2015 Update; Windows 10 Mobile for Microsoft Lumia 950 and Microsoft Lumia 635; Windows 10 for Microsoft Surface Hub 84” and Surface Hub 55” BCryptPrimitives and NCryptSSLp

Version 10.0.10586
Intel x64 Processor with AES-NI w/ Microsoft Surface Pro w/ Windows 10 Enterprise November 2015 Update (x64); Intel Core i5 with AES-NI w/ Microsoft Surface Pro 2 w/ Windows 10 Enterprise November 2015 Update (x64); Intel Core i7 with AES-NI w/ Microsoft Surface Pro 3 w/ Windows 10 Enterprise November 2015 Update (x64); Intel x64 Processor with AES-NI w/ Microsoft Surface Pro w/ Windows 10 Pro November 2015 Update (x64); Intel Core i5 with AES-NI w/ Microsoft Surface Pro 2 w/ Windows 10 Pro November 2015 Update (x64); Intel Core i7 with AES-NI w/ Microsoft Surface Pro 3 w/ Windows 10 Pro November 2015 Update (x64); Intel Core i3 without AES-NI or PCLMULQDQ or SSSE 3 w/ Windows 10 Enterprise November 2015 Update (x86); Intel Core i3 without AES-NI or PCLMULQDQ or SSSE 3 w/ Windows 10 Pro November 2015 Update (x86); Intel Core i3 without AES-NI or PCLMULQDQ or SSSE 3 w/ Windows 10 November 2015 Update (x86); AMD A4 with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows 10 Enterprise November 2015 Update (x64); AMD A4 with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows 10 Pro November 2015 Update (x64); AMD A4 with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows 10 November 2015 Update (x64); Intel Core i7 with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows 10 November 2015 Update (x64); Intel Atom x7 with AES-NI and PCLMULQDQ and SSSE 3 w/ Microsoft Surface 3 w/ Windows 10 Enterprise November 2015 Update (x64) ;  Qualcomm Snapdragon 808 (A57, A53) w/ Microsoft Lumia 950 w/ Windows 10 Mobile; Qualcomm Snapdragon 400 (A7) w/ Microsoft Lumia 635 w/ Windows 10 Mobile; Intel Core i7 with AES-NI and PCLMULQDQ and SSSE 3 w/ Microsoft Surface Hub 84" w/ Windows 10 for Surface Hub (x64); Intel Core i5 with AES-NI w/ Microsoft Surface Hub 55" w/ Windows 10 for Surface Hub (x64); Intel Core i5 with AES-NI w/ Microsoft Surface Pro 4 w/ Windows 10 Enterprise November 2015 Update (x64); Intel Core i7 with AES-NI and PCLMULQDQ and SSSE 3 w/ Microsoft Surface Book w/ Windows 10 Enterprise November 2015 Update (x64); Intel Core i5 with AES-NI w/ Microsoft Surface Pro 4 w/ Windows 10 Pro November 2015 Update (x64); Intel Core i7 with AES-NI and PCLMULQDQ and SSSE 3 w/ Microsoft Surface Book w/ Windows 10 Pro November 2015 Update (x64) 12/4/2015 IKEv1( AUTH( DSA , PKE , PSK ) ) ( 2048 (SHA 256 ) ) ( 256 (SHA 256 ) ) ( 384 (SHA 384 ) ) SHA Val#3047 HMAC Val#2381
IKEv2( ( 2048 (SHA 256 ) ) ( 256 (SHA 256 ) ) ( 384 (SHA 384 ) ) SHA Val#3047 HMAC Val#2381
TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#3047 HMAC Val#2381

"The Microsoft Windows Cryptographic Primitives Library provides IKEv1, IKEv2, and TLS Key Derivation Function (KDF) primitives."

02/17/16: Added new tested information and updated implementation information;
06/15/16: Added new tested information;

663
RSADP Primitive
FIPS186-4 RSA; RSADP
Microsoft Corporation
One Microsoft Way
Redmond, WA 98052-6399
USA

-Tim Myers
TEL: 800-Microsoft

Microsoft Windows 10 November 2015 Update; Microsoft Surface Book, Surface Pro 4, Surface Pro 3, Surface 3, Surface Pro 2, and Surface Pro w/ Windows 10 November 2015 Update; Windows 10 Mobile for Microsoft Lumia 950 and Microsoft Lumia 635; Windows 10 for Microsoft Surface Hub 84” and Surface Hub 55” Cryptography Next Generation (CNG) Implementations

Version 10.0.10586
Intel x64 Processor with AES-NI w/ Microsoft Surface Pro w/ Windows 10 Enterprise November 2015 Update (x64); Intel Core i5 with AES-NI w/ Microsoft Surface Pro 2 w/ Windows 10 Enterprise November 2015 Update (x64); Intel Core i7 with AES-NI w/ Microsoft Surface Pro 3 w/ Windows 10 Enterprise November 2015 Update (x64); Intel x64 Processor with AES-NI w/ Microsoft Surface Pro w/ Windows 10 Pro November 2015 Update (x64); Intel Core i5 with AES-NI w/ Microsoft Surface Pro 2 w/ Windows 10 Pro November 2015 Update (x64); Intel Core i7 with AES-NI w/ Microsoft Surface Pro 3 w/ Windows 10 Pro November 2015 Update (x64); Intel Core i3 without AES-NI or PCLMULQDQ or SSSE 3 w/ Windows 10 Enterprise November 2015 Update (x86); Intel Core i3 without AES-NI or PCLMULQDQ or SSSE 3 w/ Windows 10 Pro November 2015 Update (x86); Intel Core i3 without AES-NI or PCLMULQDQ or SSSE 3 w/ Windows 10 November 2015 Update (x86); AMD A4 with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows 10 Enterprise November 2015 Update (x64); AMD A4 with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows 10 Pro November 2015 Update (x64); AMD A4 with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows 10 November 2015 Update (x64); Intel Core i7 with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows 10 November 2015 Update (x64); Intel Atom x7 with AES-NI and PCLMULQDQ and SSSE 3 w/ Microsoft Surface 3 w/ Windows 10 Enterprise November 2015 Update (x64) ; Qualcomm Snapdragon 808 (A57, A53) w/ Microsoft Lumia 950 w/ Windows 10 Mobile; Qualcomm Snapdragon 400 (A7) w/ Microsoft Lumia 635 w/ Windows 10 Mobile; ;  Intel Core i7 with AES-NI and PCLMULQDQ and SSSE 3 w/ Microsoft Surface Hub 84" w/ Windows 10 for Surface Hub (x64); Intel Core i5 with AES-NI w/ Microsoft Surface Hub 55" w/ Windows 10 for Surface Hub (x64); Intel Core i5 with AES-NI w/ Microsoft Surface Pro 4 w/ Windows 10 Enterprise November 2015 Update (x64); Intel Core i7 with AES-NI and PCLMULQDQ and SSSE 3 w/ Microsoft Surface Book w/ Windows 10 Enterprise November 2015 Update (x64); Intel Core i5 with AES-NI w/ Microsoft Surface Pro 4 w/ Windows 10 Pro November 2015 Update (x64); Intel Core i7 with AES-NI and PCLMULQDQ and SSSE 3 w/ Microsoft Surface Book w/ Windows 10 Pro November 2015 Update (x64) 12/4/2015 RSADP: (Mod2048)

"The Microsoft Windows Kernel Mode Cryptographic Primitives Library -- Cryptography Next Generation (CNG) -- is a general purpose, software-based, cryptographic module which provides FIPS 140-2 Level 1 cryptography."

02/17/16: Added new tested information and updated implementation information;
06/16/16: Added new tested information;

662
Section 4.2,
TLS
SP800-135
Red Hat, Inc.
100 East Davie Street
Raleigh, NC 27601
USA

-Jaroslav Reznik

OpenSSL (C and assembler implementation with CPACF) 64 bit

Version 4.0
IBM/S390 w/ Red Hat Enterprise Linux 7.1 12/4/2015 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#3069 HMAC Val#2401

"User space library providing general cryptographic services which can be linked to from any program. The module was tested with 64bit word size."

661
All of SP800-56A EXCEPT KDF
SP800-56A
Red Hat, Inc.
100 East Davie Street
Raleigh, NC 27601
USA

-Jaroslav Reznik

OpenSSL (C and assembler implementation with CPACF) 64 bit

Version 4.0
IBM/S390 w/ Red Hat Enterprise Linux 7.1 12/4/2015 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation   Key Regeneration )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC DSA Val#1023 SHS Val#3069 RNG Val#1406 DRBG Val#982
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation   Key Regeneration )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 EE: P-521 ECDSA Val#759 SHS Val#3069 RNG Val#1406 DRBG Val#982

"User space library providing general cryptographic services which can be linked to from any program. The module was tested with 64bit word size."

660
Section 5.2, SSH
SP800-135
Juniper Networks, Inc.
1133 Innovation Way
Sunnyvale, CA 94089
USA

-Mahesh Bommareddy
TEL: 408-936-5493

-Van Nguyen
TEL: 408-936-2247

JUNOS FIPS Version 12.1 X46 - OpenSSH

Version 12.1X46-D40.4 (Firmware)
Intel Celeron (1.3GH Celeron M); Cavium Octeon Plus (CN5000 Family); Cavium Octeon II (CN6000 Family); Motorola PowerQUICC III (e500) 12/4/2015 SSH (SHA 1 , 256 , 512 ) SHA Val#2780

"Juniper Networks SRX Series Services Gateways provide the essential capabilities necessary to connect, secure, and manage enterprise and service provider networks, from the smallest sites to the largest headquarters and data centers."

659
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
SP800-135
Juniper Networks, Inc.
1133 Innovation Way
Sunnyvale, CA 94089
USA

-Mahesh Bommareddy
TEL: 408-936-5493

-Van Nguyen
TEL: 408-936-2247

JUNOS FIPS Version 12.1 X46 - Authentec

Version 12.1X46-D40.4 (Firmware)
Intel Celeron (1.3GH Celeron M); Cavium Octeon Plus (CN5000 Family); Cavium Octeon II (CN6000 Family); Motorola PowerQUICC III (e500) 12/4/2015 IKEv1( AUTH( DSA , PSK ) ) ( 256 (SHA 1 , 256 , 384 ) ) ( 2048 (SHA 1 , 256 , 384 ) ) ( 384 (SHA 1 , 256 , 384 ) ) SHA Val#2815 HMAC Val#2170
IKEv2( ( 256 (SHA 1 , 256 , 384 ) ) ( 2048 (SHA 1 , 256 , 384 ) ) ( 384 (SHA 1 , 256 , 384 ) ) SHA Val#2815 HMAC Val#2170

"Juniper Networks SRX Series Services Gateways provide the essential capabilities necessary to connect, secure, and manage enterprise and service provider networks, from the smallest sites to the largest headquarters and data centers."

658
Section 4.2,
TLS
SP800-135
Red Hat, Inc.
100 East Davie Street
Raleigh, NC 27601
USA

-Jaroslav Reznik

OpenSSL (AES-NI and AVX+SSSE3 for SHA) 64 bit

Version 4.0
Intel x86 w/ Red Hat Enterprise Linux 7.1 11/27/2015 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#3061 HMAC Val#2394

"User space library providing general cryptographic services which can be linked to from any program. The module was tested with 64bit word size."

657
All of SP800-56A EXCEPT KDF
SP800-56A
Red Hat, Inc.
100 East Davie Street
Raleigh, NC 27601
USA

-Jaroslav Reznik

OpenSSL (AES-NI and AVX+SSSE3 for SHA) 64 bit

Version 4.0
Intel x86 w/ Red Hat Enterprise Linux 7.1 11/27/2015 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation   Key Regeneration )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC DSA Val#1016 SHS Val#3061 RNG Val#101404 DRBG Val#970
ECC:
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 EE: P-521 ECDSA Val#757 SHS Val#3061 RNG Val#1404 DRBG Val#970

"User space library providing general cryptographic services which can be linked to from any program. The module was tested with 64bit word size."

656
Section 4.2,
TLS
SP800-135
Red Hat, Inc.
100 East Davie Street
Raleigh, NC 27601
USA

-Jaroslav Reznik

OpenSSL (AES-NI and AVX+SSSE3 for SHA) 32 bit

Version 4.0
Intel x86 w/ Red Hat Enterprise Linux 7.1 11/27/2015 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#3060 HMAC Val#2393

"User space library providing general cryptographic services which can be linked to from any program. The module was tested with 32bit word size."

655
All of SP800-56A EXCEPT KDF
SP800-56A
Red Hat, Inc.
100 East Davie Street
Raleigh, NC 27601
USA

-Jaroslav Reznik

OpenSSL (AES-NI and AVX+SSSE3 for SHA) 32 bit

Version 4.0
Intel x86 w/ Red Hat Enterprise Linux 7.1 11/27/2015 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation   Key Regeneration )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC DSA Val#1015 SHS Val#3060 RNG Val#1403 DRBG Val#969
ECC:
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 EE: P-521 ECDSA Val#756 SHS Val#3060 RNG Val#1403 DRBG Val#969

"User space library providing general cryptographic services which can be linked to from any program. The module was tested with 32bit word size."

654
Section 4.2,
TLS
SP800-135
Red Hat, Inc.
100 East Davie Street
Raleigh, NC 27601
USA

-Jaroslav Reznik

OpenSSL (C and assembler impl. with AES acceleration and Altivec)

Version 4.0
IBM Power 8E w/ Red Hat Enterprise Linux 7.1 11/27/2015 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#3059 HMAC Val#2392

"User space library providing general cryptographic services which can be linked to from any program. The module was tested with 64bit word size."

653
All of SP800-56A EXCEPT KDF
SP800-56A
Red Hat, Inc.
100 East Davie Street
Raleigh, NC 27601
USA

-Jaroslav Reznik

OpenSSL (C and assembler impl. with AES acceleration and Altivec)

Version 4.0
IBM Power 8E w/ Red Hat Enterprise Linux 7.1 11/27/2015 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation   Key Regeneration )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC DSA Val#1014 SHS Val#3059 RNG Val#1402 DRBG Val#968
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation   Key Regeneration )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 EE: P-521 ECDSA Val#755 SHS Val#3059 RNG Val#1402 DRBG Val#968

"User space library providing general cryptographic services which can be linked to from any program. The module was tested with 64bit word size."

652
Section 4.2,
TLS
SP800-135
Red Hat, Inc.
100 East Davie Street
Raleigh, NC 27601
USA

-Jaroslav Reznik

OpenSSL (C and assembler implementation with CPACF) 32 bit

Version 4.0
IBM/S390 w/ Red Hat Enterprise Linux 7.1 11/27/2015 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#3054 HMAC Val#2387

"User space library providing general cryptographic services which can be linked to from any program. The module was tested with 32bit word size."

651
All of SP800-56A EXCEPT KDF
SP800-56A
Red Hat, Inc.
100 East Davie Street
Raleigh, NC 27601
USA

-Jaroslav Reznik

OpenSSL (C and assembler implementation with CPACF) 32 bit

Version 4.0
IBM/S390 w/ Red Hat Enterprise Linux 7.1 11/27/2015 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation   Key Regeneration )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC DSA Val#1013 SHS Val#3054 RNG Val#1400 DRBG Val#962
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation   Key Regeneration )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 EE: P-521 ECDSA Val#754 SHS Val#3054 RNG Val#1400 DRBG Val#962

"User space library providing general cryptographic services which can be linked to from any program. The module was tested with 32bit word size."

650
Section 4.1.1,
IKEv1
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Hewlett Packard Enterprise
153 Taylor Street
Littleton, MA 01460
USA

-Bob Pittman
TEL: 1-978-264-5211
FAX: 1-978-264-5522

HPE Comware

Version 5.2.1 (Firmware)
MPC8349, 553MHz, PowerPC; Broadcom XLS408, 1.2G Hz, MIPS 11/27/2015 IKEv1( AUTH( DSA , PSK ) ) ( 2048 (SHA 1 , 256 ) ) SHA Val#3050 HMAC Val#2383
TLS( TLS1.0/1.1 ) SHA Val#3050 HMAC Val#2383
SSH (SHA 1 ) SHA Val#3050
SNMP SHA1 Val#3050

"Comware cryptographic library is a software library that provides cryptographic functions within HP devices."

649
Section 4.2,
TLS
SP800-135
Dell Software, Inc.
5455 Great America Parkway
Santa Clara, CA 95054
USA

-Gary Tomlinson
TEL: 408-962-6756
FAX: 408-745-9300

-Usha Sanagala
TEL: 408-962-6248
FAX: 408-745-9300

OpenSSL

Version 1.0.1m (Firmware)
7200 (Intel Xeon Sandy Bridge with AES-NI); 6200 (Intel Haswell with AES-NI) 11/27/2015 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 ) ) SHA Val#3045 HMAC Val#2379

"OpenSSL 1.0.1m implementation with minor patches."

648
Section 4.2,
TLS
SP800-135
Dell Software, Inc.
5455 Great America Parkway
Santa Clara, CA 95054
USA

-Gary Tomlinson
TEL: 408-962-6756
FAX: 408-745-9300

-Usha Sanagala
TEL: 408-962-6248
FAX: 408-745-9300

ojdk

Version 1.7.0_147 (Firmware)
7200 (Intel Xeon Sandy Bridge with AES-NI); 6200 (Intel Haswell with AES-NI) 11/27/2015 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 ) ) SHA Val#3046 HMAC Val#2380

"Using existing Debian Stable Open JDK binaries."

647
Section 5.2, SSH
SP800-135
Dell Software, Inc.
5455 Great America Parkway
Santa Clara, CA 95054
USA

-Gary Tomlinson
TEL: 408-962-6756
FAX: 408-745-9300

-Usha Sanagala
TEL: 408-962-6248
FAX: 408-745-9300

OpenSSH

Version 6.2p2 (Firmware)
7200 (Intel Xeon Sandy Bridge with AES-NI); 6200 (Intel Haswell with AES-NI) 11/27/2015 SSH (SHA 1 , 256 ) SHA Val#3045

"SSH may generate keys of any size. Default is 2048. Open source version slightly modified to read our CSPs and completely disable DSA key generation."

646
Section 5.4, SNMP
SP800-135
Dell Software, Inc.
5455 Great America Parkway
Santa Clara, CA 95054
USA

-Gary Tomlinson
TEL: 408-962-6756
FAX: 408-745-9300

-Usha Sanagala
TEL: 408-962-6248
FAX: 408-745-9300

Net-SNMP

Version 5.6.1 (Firmware)
7200 (Intel Xeon Sandy Bridge with AES-NI); 6200 (Intel Haswell with AES-NI) 11/27/2015 SNMP SHA1 Val#3045

"Net-snmp-5.6.1 with minor patches."

645
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
Section 4.2,
TLS
Section 5.2, SSH
Section 5.3, SRTP
Section 5.4, SNMP
SP800-135
Cisco Systems, Inc.
170 West Tasman Dr.
San Jose, CA 95134
USA

-Global Certification Team

Cisco IC2M Algorithms

Version 2.0 (Firmware)
Freescale P102X Series 11/27/2015 IKEv1( AUTH( DSA , PSK ) ) ( 2048 (SHA 1 , 256 ) ) SHA Val#3043 HMAC Val#2377
IKEv2( ( 2048 (SHA 1 , 256 ) ) SHA Val#3043 HMAC Val#2377
TLS( TLS1.0/1.1 ) SHA Val#3043 HMAC Val#2377
SSH (SHA 1 ) SHA Val#3043
SRTP (AES 128 , 192 , 256 ) AES Val#3625
SNMP SHA1 Val#3043

"IOS Common Crypto Module"

03/07/16: Updated implementation information;

644
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Hewlett Packard Enterprise
14231 Tandem Boulevard
Austin, TX 78728
USA

-Paul Tucker
TEL: +1 512 432 2626
FAX: +1 512 432 2001

-Freddy A. Mercado
TEL: +1 512 432 2947
FAX: +1 512 432 2001

TippingPoint Intrusion Prevention System (IPS)

Version 3.8.2 (Firmware)
Broadcom XLR; Intel Jasper Forest Quad-core 11/27/2015 TLS( TLS1.0/1.1 ) SHA Val#3042 HMAC Val#2376
SSH (SHA 1 , 256 , 384 , 512 ) SHA Val#3042

"The TippingPoint IPS platform operates in-line in the network, blocking malicious and unwanted traffic, while allowing good traffic to pass unimpeded. The IPS provides cryptographic services to protect the management of the device."

12/10/15: Updated vendor information;

643
Section 4.2,
TLS
SP800-135
Vormetric, Inc.
2545 North 1st Street
San Jose, CA 95131
USA

-Oliver Galvez
TEL: (408) 433-6000
FAX: (408) 844-8637

-Peter Tsai
TEL: (408) 433-6000
FAX: (408) 844-8637

Vormetric Data Security Manager Virtual Appliance Module

Version 5.3.0 (Firmware)
Intel Xeon 11/27/2015 TLS( TLS1.2 (SHA 256 , 384 ) ) SHA Val#3041 HMAC Val#2375

"Vormetric Data Security Manager (Virtual Appliance) that creates, stores and manages security objects such as keys, certificates and access control policies for distributed encryption agents"

642
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
MobileIron
415 East Middlefield Road
Mountain View, CA 94043
USA

-Brian Mansfield
TEL: 415-596-4677

MobileIron Mobile@Work client for Android

Version OpenSSL 1.0.2d,FIPS 2.0.9
Samsung Galaxy Note 4 - SM-N910A w/ Android 5.1; Samsung S4 - SGH-I337 w/ Android 4.4.4; Samsung S5 - SM-G900H w/ Android 4.4.2; Samsung Galaxy Note 3 - SM-N900 w/ Android 4.4.2; Samsung S6 - SM-G920A w/ Android 5.0.2 11/27/2015 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

""General purpose cryptographic services available for Android used by the Mobile@Work client to provide secure cryptography"

641
Section 4.2,
TLS
SP800-135
Red Hat, Inc.
100 E. Davie Street
Raleigh, NC 27601
USA

-Jaroslav Reznik

GnuTLS-64-ssse3 for x86_64

Version 4.0
Intel x86 (64-bit) w/ Red Hat Enterprise Linux 7.1 11/27/2015 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#2990 HMAC Val#2324

"GnuTLS supported by Nettle is a secure communications library implementing the SSL, TLS and DTLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure ommunications protocols as well as APIs to parse and write X.509, PKCS #12, OpenPGP and other required structures."

640
All of SP800-56A EXCEPT KDF
SP800-56A
Red Hat, Inc.
100 E. Davie Street
Raleigh, NC 27601
USA

-Jaroslav Reznik

GnuTLS-64-ssse3 for x86_64

Version 4.0
Intel x86 (64-bit) w/ Red Hat Enterprise Linux 7.1 11/27/2015 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation   Key Regeneration )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC DSA Val#1012 SHS Val#2990 DRBG Val#949
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation   Key Regeneration )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 EE: ECDSA Val#749 SHS Val#2990 DRBG Val#949

"GnuTLS supported by Nettle is a secure communications library implementing the SSL, TLS and DTLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure ommunications protocols as well as APIs to parse and write X.509, PKCS #12, OpenPGP and other required structures."

639
Section 4.2,
TLS
SP800-135
Red Hat, Inc.
100 E. Davie Street
Raleigh, NC 27601
USA

-Jaroslav Reznik

GnuTLS-64-ssse3 for x86_32

Version 4.0
Intel x86 (32-bit) w/ Red Hat Enterprise Linux 7.1 11/27/2015 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#2989 HMAC Val#2323

"GnuTLS supported by Nettle is a secure communications library implementing the SSL, TLS and DTLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure ommunications protocols as well as APIs to parse and write X.509, PKCS #12, OpenPGP and other required structures."

638
All of SP800-56A EXCEPT KDF
SP800-56A
Red Hat, Inc.
100 E. Davie Street
Raleigh, NC 27601
USA

-Jaroslav Reznik

GnuTLS-64-ssse3 for x86_32

Version 4.0
Intel x86 (32-bit) w/ Red Hat Enterprise Linux 7.1 11/27/2015 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation   Key Regeneration )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC DSA Val#1011 SHS Val#2989 DRBG Val#948
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation   Key Regeneration )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 EE: P-521 ECDSA Val#748 SHS Val#2989 DRBG Val#948

"GnuTLS supported by Nettle is a secure communications library implementing the SSL, TLS and DTLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure ommunications protocols as well as APIs to parse and write X.509, PKCS #12, OpenPGP and other required structures."

637
Section 4.2,
TLS
SP800-135
Red Hat, Inc.
100 E. Davie Street
Raleigh, NC 27601
USA

-Jaroslav Reznik

GnuTLS-64 for s390x

Version 4.0
IBM/S390 w/ Red Hat Enterprise Linux 7.1 11/27/2015 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#2988 HMAC Val#2322

"GnuTLS supported by Nettle is a secure communications library implementing the SSL, TLS and DTLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure ommunications protocols as well as APIs to parse and write X.509, PKCS #12, OpenPGP and other required structures."

636
All of SP800-56A EXCEPT KDF
SP800-56A
Red Hat, Inc.
100 E. Davie Street
Raleigh, NC 27601
USA

-Jaroslav Reznik

GnuTLS-64 for s390x

Version 4.0
IBM/S390 w/ Red Hat Enterprise Linux 7.1 11/27/2015 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation   Key Regeneration )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FC DSA Val#1010 SHS Val#2988 DRBG Val#945
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation   Key Regeneration )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 EE: P-521 ECDSA Val#747 SHS Val#2988 DRBG Val#945

"GnuTLS supported by Nettle is a secure communications library implementing the SSL, TLS and DTLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure ommunications protocols as well as APIs to parse and write X.509, PKCS #12, OpenPGP and other required structures."

635
Section 4.2,
TLS
SP800-135
Red Hat, Inc.
100 E. Davie Street
Raleigh, NC 27601
USA

-Jaroslav Reznik

GnuTLS-64 for ppcle

Version 4.0
IBM Power 8E w/ Red Hat Enterprise Linux 7.1 11/27/2015 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#2987 HMAC Val#2321

"GnuTLS supported by Nettle is a secure communications library implementing the SSL, TLS and DTLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure ommunications protocols as well as APIs to parse and write X.509, PKCS #12, OpenPGP and other required structures."

634
All of SP800-56A EXCEPT KDF
SP800-56A
Red Hat, Inc.
100 E. Davie Street
Raleigh, NC 27601
USA

-Jaroslav Reznik

GnuTLS-64 for ppcle

Version 4.0
IBM Power 8E w/ Red Hat Enterprise Linux 7.1 11/27/2015 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation   Key Regeneration )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FC DSA Val#1009 SHS Val#2987 DRBG Val#944
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation   Key Regeneration )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 EE: P-521 ECDSA Val#746 SHS Val#2987 DRBG Val#944

"GnuTLS supported by Nettle is a secure communications library implementing the SSL, TLS and DTLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure ommunications protocols as well as APIs to parse and write X.509, PKCS #12, OpenPGP and other required structures."

633
Section 4.2,
TLS
SP800-135
Red Hat, Inc.
100 E. Davie Street
Raleigh, NC 27601
USA

-Jaroslav Reznik

GnuTLS-32 for s390x

Version 4.0
IBM/S390 w/ Red Hat Enterprise Linux 7.1 11/27/2015 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#2986 HMAC Val#2320

"GnuTLS supported by Nettle is a secure communications library implementing the SSL, TLS and DTLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure ommunications protocols as well as APIs to parse and write X.509, PKCS #12, OpenPGP and other required structures."

632
All of SP800-56A EXCEPT KDF
SP800-56A
Red Hat, Inc.
100 E. Davie Street
Raleigh, NC 27601
USA

-Jaroslav Reznik

GnuTLS-32 for s390x

Version 4.0
IBM/S390 w/ Red Hat Enterprise Linux 7.1 11/27/2015 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation   Key Regeneration )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FC DSA Val#1008 SHS Val#2986 DRBG Val#943
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation   Key Regeneration )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 EE: ECDSA Val#745 SHS Val#2986 DRBG Val#943

"GnuTLS supported by Nettle is a secure communications library implementing the SSL, TLS and DTLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure ommunications protocols as well as APIs to parse and write X.509, PKCS #12, OpenPGP and other required structures."

631
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Cleversafe, Inc.
222 South Riverside Plaza
Suite 1700
Chicago, Illinois 60606
US

-Mark Seaborn
TEL: (312) 423-6640

-Jason Resch
TEL: (312) 423-6640

Cleversafe FIPS Cryptographic Module

Version 1.1
Intel Xeon without AES-NI w/ ClevOS 3.8.0-FIPS-EDITION 11/27/2015 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"The Cleversafe® FIPS Object Module is a full featured general purpose cryptographic library that is distributed as a component of Cleversafe''s ClevOS™ FIPS Edition, the underlying technology for dsNet® Appliances."

12/04/15: Updated implementation information;

630
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Cleversafe, Inc.
222 South Riverside Plaza
Suite 1700
Chicago, Illinois 60606
US

-Mark Seaborn
TEL: 312.423.6640

-Jason Resch
TEL: (312) 423-6640

Cleversafe FIPS Cryptographic Module

Version 1.1
Intel Xeon with AES-NI w/ ClevOS 3.8.0-FIPS-EDITION 11/27/2015 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"The Cleversafe® FIPS Object Module is a full featured general purpose cryptographic library that is distributed as a component of Cleversafe''s ClevOS™ FIPS Edition, the underlying technology for dsNet® Appliances."

12/04/15: Updated implementation information;

629
Section 4.2,
TLS
SP800-135
Red Hat, Inc.
100 E. Davie Street
Raleigh, NC 27601
USA

-Jaroslav Reznik

Red Hat NSS Softoken (64 bit) s390x

Version 4.0
IBM/S390 w/ Red Hat Enterprise Linux 7.1 11/27/2015 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 ) ) SHA Val#2971 HMAC Val#2305

"User space library providing general cryptographic services used by the NSS cryptographic library. The module was tested with 64bit word size."

628
Section 4.2,
TLS
SP800-135
Red Hat, Inc.
100 E. Davie Street
Raleigh, NC 27601
USA

-Jaroslav Reznik

Red Hat NSS Softoken (64 bit) ppcle

Version 4.0
IBM Power 8E w/ Red Hat Enterprise Linux 7.1 11/27/2015 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 ) ) SHA Val#2969 HMAC Val#2303

"User space library providing general cryptographic services used by the NSS cryptographic library. The module was tested with 64bit word size."

627
Section 4.2,
TLS
SP800-135
Red Hat, Inc.
100 E. Davie Street
Raleigh, NC 27601
USA

-Jaroslav Reznik

Red Hat NSS Softoken (64 bit) x86_64

Version 4.0
Intel x86 w/ Red Hat Enterprise Linux 7.1 11/27/2015 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 ) ) SHA Val#2967 HMAC Val#2301

"User space library providing general cryptographic services used by the NSS cryptographic library. The module was tested with 64bit word size."

626
Section 4.2,
TLS
SP800-135
Red Hat, Inc.
100 E. Davie Street
Raleigh, NC 27601
USA

-Jaroslav Reznik

Red Hat NSS Softoken (32 bit) x86_64

Version 4.0
Intel x86 w/ Red Hat Enterprise Linux 7.1 11/27/2015 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 ) ) SHA Val#2966 HMAC Val#2300

"User space library providing general cryptographic services used by the NSS cryptographic library. The module was tested with 64bit word size."

625
Section 4.2,
TLS
SP800-135
Red Hat, Inc.
100 E. Davie Street
Raleigh, NC 27601
USA

-Jaroslav Reznik

Red Hat NSS Softoken (32 bit) s390x

Version 4.0
IBM/S390 w/ Red Hat Enterprise Linux 7.1 11/27/2015 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 ) ) SHA Val#2965 HMAC Val#2299

"User space library providing general cryptographic services used by the NSS cryptographic library. The module was tested with 64bit word size."

624
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
Section 4.2,
TLS
SP800-135
Ciena Corporation
7035 Ridge Road
Hanover, MD 21076
USA

-Patrick Scully
TEL: 613-670-3207

Ciena 6500 Flex3 WaveLogic 3e OCLD Cryptography Engine

Version 2.00 (Firmware)
Xilinx XC7Z020 11/27/2015 IKEv1( AUTH( PKE ) ) ( 224 (SHA 1 , 256 ) ) ( 384 (SHA 1 , 256 ) ) ( 2048 (SHA 1 , 256 ) ) SHA Val#2963 HMAC Val#2298
IKEv2( ( 224 (SHA 1 , 256 , 384 ) ) ( 384 (SHA 1 , 256 , 384 ) ) ( 2048 (SHA 1 , 256 , 384 ) ) SHA Val#2963 HMAC Val#2298
TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#2963 HMAC Val#2298

"The Ciena 6500 Packet-Optical Platform Flex3 WaveLogic 3e OCLD Encryption Module offers an integrated transport encryption solution providing protocol-agnostic 100Gb/s or 200Gb/s wirespeed encryption service for enterprises, datacenters, government and also offered through service providers as differentiated managed service."

623
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
Section 4.2,
TLS
SP800-135
Ciena Corporation
7035 Ridge Road
Hanover, MD 21076
USA

-Patrick Scully
TEL: 613-670-3207

Ciena 6500 Packet-Optical Platform 4x10G Cryptography Engine

Version 2.00 (Firmware)
Xilinx XC7Z045 11/27/2015 IKEv1( AUTH( PKE ) ) ( 224 (SHA 1 , 256 ) ) ( 384 (SHA 1 , 256 ) ) ( 2048 (SHA 1 , 256 ) ) SHA Val#2962 HMAC Val#2297
IKEv2( ( 224 (SHA 1 , 256 , 384 ) ) ( 384 (SHA 1 , 256 , 384 ) ) ( 2048 (SHA 1 , 256 , 384 ) ) SHA Val#2962 HMAC Val#2297
TLS( TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#2962 HMAC Val#2297

"The Ciena 6500 Packet-Optical Platform 4x10G Encryption OTR offers an integrated transport encryption solution providing a protocol-agnostic wirespeed encryption service for use in small to large enterprises or datacenters and also offered through service providers as a differentiated managed service."

622
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
RSA, The Security Division of EMC
174 Middlesex Turnpike
Bedford, MA 01730
USA

-Rohit Mathur
TEL: +61730325220

RSA BSAFE Crypto-C Micro Edition

Version 4.1.2
Intel x86 without AES-NI w/ Windows Server 2008 Enterprise (/MT) on vCenter SUSE 11; Intel x86 without AES-NI w/ Windows 7 Enterprise (/MT) on vCenter SUSE 11; Intel x86 with AES-NI w/ Windows Server 2008 Enterprise (/MT) on vCenter SUSE 11; Intel x86 with AES-NI w/ Windows 7 Enterprise (/MT) on vCenter SUSE 11; Intel x64 without AES-NI w/ Windows Server 2008 Enterprise R2 (/MD) on vCenter SUSE 11; Intel x64 without AES-NI w/ Windows 7 Enterprise (/MD) on vCenter SUSE 11; Intel x64 with AES-NI w/ Windows Server 2008 Enterprise R2 (/MD) on vCenter SUSE 11; Intel x64 with AES-NI w/ Windows 7 Enterprise (/MD) on vCenter SUSE 11; Intel x86 without AES-NI w/ Windows Server 2008 Enterprise (/MD) on vCenter SUSE 11; Intel x86 without AES-NI w/ Windows 7 Enterprise (/MD) on vCenter SUSE 11; Intel x86 with AES-NI w/ Windows Server 2008 Enterprise (/MD) on vCenter SUSE 11; Intel x86 with AES-NI w/ Windows 7 Enterprise (/MD) on vCenter SUSE 11; Intel x64 without AES-NI w/ Windows Server 2008 Enterprise (/MT) on vCenter SUSE 11; Intel x64 without AES-NI w/ Windows Server 2012 Standard R2 (/MT) on vCenter SUSE 11; Intel x64 without AES-NI w/ Windows 7 Enterprise (/MT) on vCenter SUSE 11; Intel x64 without AES-NI w/ Windows 8 Enterprise (/MT) on vCenter SUSE 11; Intel x64 with AES-NI w/ Windows Server 2008 Enterprise (/MT) on vCenter SUSE 11; Intel x64 with AES-NI w/ Windows Server 2012 Standard R2 (/MT) on vCenter SUSE 11; Intel x64 with AES-NI w/ Windows 7 Enterprise (/MT) on vCenter SUSE 11; Intel x64 with AES-NI w/ Windows 8 Enterprise (/MT) on vCenter SUSE 11; Intel x86 without AES-NI w/ Windows 8 Enterprise (/MT) on vCenter SUSE 11; Intel x86 without AES-NI w/ Windows 10 Enterprise (/MD) on vCenter SUSE 11; Intel x86 with AES-NI w/ Windows 8 Enterprise (/MT) on vCenter SUSE 11; Intel x86 with AES-NI w/ Windows 10 Enterprise (/MD) on vCenter SUSE 11; Intel x64 without AES-NI w/ Windows 8 Enterprise (/MT) on vCenter SUSE 11; Intel x64 without AES-NI w/ Windows 10 Enterprise (/MD) on vCenter SUSE 11; Intel x64 without AES-NI w/ Windows Server 2012 Standard R2 (/MD) on vCenter SUSE 11; Intel x64 with AES-NI w/ Windows 8 Enterprise (/MT) on vCenter SUSE 11; Intel x64 with AES-NI w/ Windows 10 Enterprise (/MD) on vCenter SUSE 11; Intel x64 with AES-NI w/ Windows Server 2012 Standard R2 (/MD) on vCenter SUSE 11; Itanium 2 w/ Windows Server 2008 Enterprise (/MD); Itanium 2 w/ Windows Server 2008 Enterprise (/MT); Intel x86 without AES-NI w/ Red Hat Enterprise Linux 5.11 on vCenter SUSE 11; Intel x86 with AES-NI w/ Red Hat Enterprise Linux 5.11 on vCenter SUSE 11; Intel x64 without AES-NI w/ Red Hat Enterprise Linux 5.11 on vCenter SUSE 11; Intel x64 with AES-NI w/ Red Hat Enterprise Linux 5.11 on vCenter SUSE 11; Intel x86 without AES-NI w/ Red Hat Enterprise Linux 6.7 on vCenter SUSE 11; Intel x86 without AES-NI w/ Red Hat Enterprise Linux 7.1 on vCenter SUSE 11; Intel x86 without AES-NI w/ SUSE Linux Enterprise Server 11 on vCenter SUSE 11; Intel x86 without AES-NI w/ SUSE Linux Enterprise Server 12 on vCenter SUSE 11; Intel x86 with AES-NI w/ Red Hat Enterprise Linux 6.7 on vCenter SUSE 11; Intel x86 with AES-NI w/ SUSE Linux Enterprise Server 11 on vCenter SUSE 11; Intel x86 with AES-NI w/ SUSE Linux Enterprise Server 12 on vCenter SUSE 11; Intel x64 without AES-NI w/ Red Hat Enterprise Linux 6.7 on vCenter SUSE 11; Intel x64 without AES-NI w/ Red Hat Enterprise Linux 7.1 on vCenter SUSE 11; Intel x64 without AES-NI w/ SUSE Linux Enterprise Server 11 on vCenter SUSE 11; Intel x64 without AES-NI w/ SUSE Linux Enterprise Server 12 on vCenter SUSE 11; Intel x64 with AES-NI w/ Red Hat Enterprise Linux 6.7 on vCenter SUSE 11; Intel x64 with AES-NI w/ Red Hat Enterprise Linux 7.1 on vCenter SUSE 11; Intel x64 with AES-NI w/ SUSE Linux Enterprise Server 11 on vCenter SUSE 11; Itanium 2 w/ Red Hat Enterprise Linux 5.11; PowerPC 32-bit w/ Red Hat Enterprise Linux 5.11 on PowerVM 2.2; PowerPC 32-bit w/ SUSE Linux Enterprise Server 11 on PowerVM 2.2; PowerPC 64-bit w/ Red Hat Enterprise Linux 5.11 on PowerVM 2.2; PowerPC 64-bit w/ SUSE Linux Enterprise Server 11 on PowerVM 2.2; Intel x64 without AES-NI w/ FreeBSD 10.2 on vCenter SUSE 11; Intel x64 with AES-NI w/ FreeBSD 10.2 on vCenter SUSE 11; Intel x64 without AES-NI w/ Mac OSX 10.10 on vCenter SUSE 11; Intel x64 with AES-NI w/ Mac OSX 10.10 on vCenter SUSE 11; SPARC v8 w/ Solaris 10; SPARC v8+ w/ Solaris 11; SPARC v9 (T2) w/ Solaris 11; SPARC v9 (T4) without T4 accelerator w/ Solaris 11; Intel x86 without AES-NI w/ Solaris 10 on vCenter SUSE 11; Intel x86 with AES-NI w/ Solaris 10 on vCenter SUSE 11; Intel x64 without AES-NI w/ Solaris 10 on vCenter SUSE 11; Intel x64 with AES-NI w/ Solaris 10 on vCenter SUSE 11; Itanium 2 32-bit w/ HPUX 11.31; Itanium 2 64-bit w/ HPUX 11.31; PA-RISC 2.0 32-bit w/ HPUX 11.31; PA-RISC 2.0W 64-bit w/ HPUX 11.31; PowerPC 32-bit w/ AIX 6.1 on PowerVM 2.2; PowerPC 64-bit w/ AIX 6.1 on PowerVM 2.2; PowerPC 32-bit w/ AIX 7.1 on PowerVM 2.2; PowerPC 64-bit w/ AIX 7.1 on PowerVM 2.2; IBM z196 31/32-bit w/ Red Hat Enterprise Linux 5.11 on z/VM 6.2; IBM z196 64-bit w/ Red Hat Enterprise Linux 5.11 on z/VM 6.2; ARMv7 w/ Fedora Core 20; ARMv7 w/ Ubuntu 12.04 LTS; ARMv8 w/ Fedora Core 22; Intel x86 w/ Android 4.1; ARMv7 w/ Android 4.4; ARMv7 w/ Android 5.1; ARMv8 w/ Android 5.1; PPC 604 w/ VxWorks 6.4; PPC 604 w/ VxWorks 6.7; ARMv4 w/ VxWorks 6.8; SPARC v9 (T4) with T4 accelerator w/ Solaris 11; Intel x64 w/ CentOS 6.6 11/20/2015 RSASP1: (Mod2048: PKCS1.5 )

"RSA BSAFE® Crypto-C ME software is designed to help protect sensitive data as it is stored using strong encryption techniques to provide a persistent level of protection. The software supports a wide range of industry standard encryption algorithms offering developers the flexibility to choose the appropriate option to meet their requirements."

12/18/15: Added new tested information;

621
Signature Generation of hash sized messages
RSASP1 Signature Primitive
FIPS186-4 ECDSA

FIPS186-4 RSA; PKCS#1 v2.1
RSA, The Security Division of EMC
174 Middlesex Turnpike
Bedford, MA 01730
USA

-Rohit Mathur
TEL: +61730325220

RSA BSAFE Crypto-C Micro Edition

Version 4.1.2
Intel x86 without AES-NI w/ Windows Server 2008 Enterprise (/MT) on vCenter SUSE 11; Intel x86 without AES-NI w/ Windows 7 Enterprise (/MT) on vCenter SUSE 11; Intel x86 with AES-NI w/ Windows Server 2008 Enterprise (/MT) on vCenter SUSE 11; Intel x86 with AES-NI w/ Windows 7 Enterprise (/MT) on vCenter SUSE 11; Intel x64 without AES-NI w/ Windows Server 2008 Enterprise R2 (/MD) on vCenter SUSE 11; Intel x64 without AES-NI w/ Windows 7 Enterprise (/MD) on vCenter SUSE 11; Intel x64 with AES-NI w/ Windows Server 2008 Enterprise R2 (/MD) on vCenter SUSE 11; Intel x64 with AES-NI w/ Windows 7 Enterprise (/MD) on vCenter SUSE 11; Intel x86 without AES-NI w/ Windows Server 2008 Enterprise (/MD) on vCenter SUSE 11; Intel x86 without AES-NI w/ Windows 7 Enterprise (/MD) on vCenter SUSE 11; Intel x86 with AES-NI w/ Windows Server 2008 Enterprise (/MD) on vCenter SUSE 11; Intel x86 with AES-NI w/ Windows 7 Enterprise (/MD) on vCenter SUSE 11; Intel x64 without AES-NI w/ Windows Server 2008 Enterprise (/MT) on vCenter SUSE 11; Intel x64 without AES-NI w/ Windows Server 2012 Standard R2 (/MT) on vCenter SUSE 11; Intel x64 without AES-NI w/ Windows 7 Enterprise (/MT) on vCenter SUSE 11; Intel x64 without AES-NI w/ Windows 8 Enterprise (/MT) on vCenter SUSE 11; Intel x64 with AES-NI w/ Windows Server 2008 Enterprise (/MT) on vCenter SUSE 11; Intel x64 with AES-NI w/ Windows Server 2012 Standard R2 (/MT) on vCenter SUSE 11; Intel x64 with AES-NI w/ Windows 7 Enterprise (/MT) on vCenter SUSE 11; Intel x64 with AES-NI w/ Windows 8 Enterprise (/MT) on vCenter SUSE 11; Intel x86 without AES-NI w/ Windows 8 Enterprise (/MT) on vCenter SUSE 11; Intel x86 without AES-NI w/ Windows 10 Enterprise (/MD) on vCenter SUSE 11; Intel x86 with AES-NI w/ Windows 8 Enterprise (/MT) on vCenter SUSE 11; Intel x86 with AES-NI w/ Windows 10 Enterprise (/MD) on vCenter SUSE 11; Intel x64 without AES-NI w/ Windows 8 Enterprise (/MT) on vCenter SUSE 11; Intel x64 without AES-NI w/ Windows 10 Enterprise (/MD) on vCenter SUSE 11; Intel x64 without AES-NI w/ Windows Server 2012 Standard R2 (/MD) on vCenter SUSE 11; Intel x64 with AES-NI w/ Windows 8 Enterprise (/MT) on vCenter SUSE 11; Intel x64 with AES-NI w/ Windows 10 Enterprise (/MD) on vCenter SUSE 11; Intel x64 with AES-NI w/ Windows Server 2012 Standard R2 (/MD) on vCenter SUSE 11; Itanium 2 w/ Windows Server 2008 Enterprise (/MD); Itanium 2 w/ Windows Server 2008 Enterprise (/MT); Intel x86 without AES-NI w/ Red Hat Enterprise Linux 5.11 on vCenter SUSE 11; Intel x86 with AES-NI w/ Red Hat Enterprise Linux 5.11 on vCenter SUSE 11; Intel x64 without AES-NI w/ Red Hat Enterprise Linux 5.11 on vCenter SUSE 11; Intel x64 with AES-NI w/ Red Hat Enterprise Linux 5.11 on vCenter SUSE 11; Intel x86 without AES-NI w/ Red Hat Enterprise Linux 6.7 on vCenter SUSE 11; Intel x86 without AES-NI w/ Red Hat Enterprise Linux 7.1 on vCenter SUSE 11; Intel x86 without AES-NI w/ SUSE Linux Enterprise Server 11 on vCenter SUSE 11; Intel x86 without AES-NI w/ SUSE Linux Enterprise Server 12 on vCenter SUSE 11; Intel x86 with AES-NI w/ Red Hat Enterprise Linux 6.7 on vCenter SUSE 11; Intel x86 with AES-NI w/ SUSE Linux Enterprise Server 11 on vCenter SUSE 11; Intel x86 with AES-NI w/ SUSE Linux Enterprise Server 12 on vCenter SUSE 11; Intel x64 without AES-NI w/ Red Hat Enterprise Linux 6.7 on vCenter SUSE 11; Intel x64 without AES-NI w/ Red Hat Enterprise Linux 7.1 on vCenter SUSE 11; Intel x64 without AES-NI w/ SUSE Linux Enterprise Server 11 on vCenter SUSE 11; Intel x64 without AES-NI w/ SUSE Linux Enterprise Server 12 on vCenter SUSE 11; Intel x64 with AES-NI w/ Red Hat Enterprise Linux 6.7 on vCenter SUSE 11; Intel x64 with AES-NI w/ Red Hat Enterprise Linux 7.1 on vCenter SUSE 11; Intel x64 with AES-NI w/ SUSE Linux Enterprise Server 11 on vCenter SUSE 11; Itanium 2 w/ Red Hat Enterprise Linux 5.11; PowerPC 32-bit w/ Red Hat Enterprise Linux 5.11 on PowerVM 2.2; PowerPC 32-bit w/ SUSE Linux Enterprise Server 11 on PowerVM 2.2; PowerPC 64-bit w/ Red Hat Enterprise Linux 5.11 on PowerVM 2.2; PowerPC 64-bit w/ SUSE Linux Enterprise Server 11 on PowerVM 2.2; Intel x64 without AES-NI w/ FreeBSD 10.2 on vCenter SUSE 11; Intel x64 with AES-NI w/ FreeBSD 10.2 on vCenter SUSE 11; Intel x64 without AES-NI w/ Mac OSX 10.10 on vCenter SUSE 11; Intel x64 with AES-NI w/ Mac OSX 10.10 on vCenter SUSE 11; SPARC v8 w/ Solaris 10; SPARC v8+ w/ Solaris 11; SPARC v9 (T2) w/ Solaris 11; SPARC v9 (T4) without T4 accelerator w/ Solaris 11; Intel x86 without AES-NI w/ Solaris 10 on vCenter SUSE 11; Intel x86 with AES-NI w/ Solaris 10 on vCenter SUSE 11; Intel x64 without AES-NI w/ Solaris 10 on vCenter SUSE 11; Intel x64 with AES-NI w/ Solaris 10 on vCenter SUSE 11; Itanium 2 32-bit w/ HPUX 11.31; Itanium 2 64-bit w/ HPUX 11.31; PA-RISC 2.0 32-bit w/ HPUX 11.31; PA-RISC 2.0W 64-bit w/ HPUX 11.31; PowerPC 32-bit w/ AIX 6.1 on PowerVM 2.2; PowerPC 64-bit w/ AIX 6.1 on PowerVM 2.2; PowerPC 32-bit w/ AIX 7.1 on PowerVM 2.2; PowerPC 64-bit w/ AIX 7.1 on PowerVM 2.2; IBM z196 31/32-bit w/ Red Hat Enterprise Linux 5.11 on z/VM 6.2; IBM z196 64-bit w/ Red Hat Enterprise Linux 5.11 on z/VM 6.2; ARMv7 w/ Fedora Core 20; ARMv7 w/ Ubuntu 12.04 LTS; ARMv8 w/ Fedora Core 22; Intel x86 w/ Android 4.1; ARMv7 w/ Android 4.4; ARMv7 w/ Android 5.1; ARMv8 w/ Android 5.1; PPC 604 w/ VxWorks 6.4; PPC 604 w/ VxWorks 6.7; ARMv4 w/ VxWorks 6.8; SPARC v9 (T4) with T4 accelerator w/ Solaris 11; Intel x64 w/ CentOS 6.6 11/20/2015 ECDSA SigGen Component: CURVES( P-224 P-256 P-384 P-521 K-233 K-283 K-409 K-571 B-233 B-283 B-409 B-571 )
RSASP1: (Mod2048: PKCS1.5 )

"RSA BSAFE® Crypto-C ME software is designed to help protect sensitive data as it is stored using strong encryption techniques to provide a persistent level of protection. The software supports a wide range of industry standard encryption algorithms offering developers the flexibility to choose the appropriate option to meet their requirements."

12/18/15: Added new tested information;

620
RSADP Primitive
FIPS186-4 RSA; RSADP
RSA, The Security Division of EMC
174 Middlesex Turnpike
Bedford, MA 01730
USA

-Rohit Mathur
TEL: +61730325220

RSA BSAFE Crypto-C Micro Edition

Version 4.1.2
Intel x86 without AES-NI w/ Windows Server 2008 Enterprise (/MT) on vCenter SUSE 11; Intel x86 without AES-NI w/ Windows 7 Enterprise (/MT) on vCenter SUSE 11; Intel x86 with AES-NI w/ Windows Server 2008 Enterprise (/MT) on vCenter SUSE 11; Intel x86 with AES-NI w/ Windows 7 Enterprise (/MT) on vCenter SUSE 11; Intel x64 without AES-NI w/ Windows Server 2008 Enterprise R2 (/MD) on vCenter SUSE 11; Intel x64 without AES-NI w/ Windows 7 Enterprise (/MD) on vCenter SUSE 11; Intel x64 with AES-NI w/ Windows Server 2008 Enterprise R2 (/MD) on vCenter SUSE 11; Intel x64 with AES-NI w/ Windows 7 Enterprise (/MD) on vCenter SUSE 11; Intel x86 without AES-NI w/ Windows Server 2008 Enterprise (/MD) on vCenter SUSE 11; Intel x86 without AES-NI w/ Windows 7 Enterprise (/MD) on vCenter SUSE 11; Intel x86 with AES-NI w/ Windows Server 2008 Enterprise (/MD) on vCenter SUSE 11; Intel x86 with AES-NI w/ Windows 7 Enterprise (/MD) on vCenter SUSE 11; Intel x64 without AES-NI w/ Windows Server 2008 Enterprise (/MT) on vCenter SUSE 11; Intel x64 without AES-NI w/ Windows Server 2012 Standard R2 (/MT) on vCenter SUSE 11; Intel x64 without AES-NI w/ Windows 7 Enterprise (/MT) on vCenter SUSE 11; Intel x64 without AES-NI w/ Windows 8 Enterprise (/MT) on vCenter SUSE 11; Intel x64 with AES-NI w/ Windows Server 2008 Enterprise (/MT) on vCenter SUSE 11; Intel x64 with AES-NI w/ Windows Server 2012 Standard R2 (/MT) on vCenter SUSE 11; Intel x64 with AES-NI w/ Windows 7 Enterprise (/MT) on vCenter SUSE 11; Intel x64 with AES-NI w/ Windows 8 Enterprise (/MT) on vCenter SUSE 11; Intel x86 without AES-NI w/ Windows 8 Enterprise (/MT) on vCenter SUSE 11; Intel x86 without AES-NI w/ Windows 10 Enterprise (/MD) on vCenter SUSE 11; Intel x86 with AES-NI w/ Windows 8 Enterprise (/MT) on vCenter SUSE 11; Intel x86 with AES-NI w/ Windows 10 Enterprise (/MD) on vCenter SUSE 11; Intel x64 without AES-NI w/ Windows 8 Enterprise (/MT) on vCenter SUSE 11; Intel x64 without AES-NI w/ Windows 10 Enterprise (/MD) on vCenter SUSE 11; Intel x64 without AES-NI w/ Windows Server 2012 Standard R2 (/MD) on vCenter SUSE 11; Intel x64 with AES-NI w/ Windows 8 Enterprise (/MT) on vCenter SUSE 11; Intel x64 with AES-NI w/ Windows 10 Enterprise (/MD) on vCenter SUSE 11; Intel x64 with AES-NI w/ Windows Server 2012 Standard R2 (/MD) on vCenter SUSE 11; Itanium 2 w/ Windows Server 2008 Enterprise (/MD); Itanium 2 w/ Windows Server 2008 Enterprise (/MT); Intel x86 without AES-NI w/ Red Hat Enterprise Linux 5.11 on vCenter SUSE 11; Intel x86 with AES-NI w/ Red Hat Enterprise Linux 5.11 on vCenter SUSE 11; Intel x64 without AES-NI w/ Red Hat Enterprise Linux 5.11 on vCenter SUSE 11; Intel x64 with AES-NI w/ Red Hat Enterprise Linux 5.11 on vCenter SUSE 11; Intel x86 without AES-NI w/ Red Hat Enterprise Linux 6.7 on vCenter SUSE 11; Intel x86 without AES-NI w/ Red Hat Enterprise Linux 7.1 on vCenter SUSE 11; Intel x86 without AES-NI w/ SUSE Linux Enterprise Server 11 on vCenter SUSE 11; Intel x86 without AES-NI w/ SUSE Linux Enterprise Server 12 on vCenter SUSE 11; Intel x86 with AES-NI w/ Red Hat Enterprise Linux 6.7 on vCenter SUSE 11; Intel x86 with AES-NI w/ SUSE Linux Enterprise Server 11 on vCenter SUSE 11; Intel x86 with AES-NI w/ SUSE Linux Enterprise Server 12 on vCenter SUSE 11; Intel x64 without AES-NI w/ Red Hat Enterprise Linux 6.7 on vCenter SUSE 11; Intel x64 without AES-NI w/ Red Hat Enterprise Linux 7.1 on vCenter SUSE 11; Intel x64 without AES-NI w/ SUSE Linux Enterprise Server 11 on vCenter SUSE 11; Intel x64 without AES-NI w/ SUSE Linux Enterprise Server 12 on vCenter SUSE 11; Intel x64 with AES-NI w/ Red Hat Enterprise Linux 6.7 on vCenter SUSE 11; Intel x64 with AES-NI w/ Red Hat Enterprise Linux 7.1 on vCenter SUSE 11; Intel x64 with AES-NI w/ SUSE Linux Enterprise Server 11 on vCenter SUSE 11; Itanium 2 w/ Red Hat Enterprise Linux 5.11; PowerPC 32-bit w/ Red Hat Enterprise Linux 5.11 on PowerVM 2.2; PowerPC 32-bit w/ SUSE Linux Enterprise Server 11 on PowerVM 2.2; PowerPC 64-bit w/ Red Hat Enterprise Linux 5.11 on PowerVM 2.2; PowerPC 64-bit w/ SUSE Linux Enterprise Server 11 on PowerVM 2.2; Intel x64 without AES-NI w/ FreeBSD 10.2 on vCenter SUSE 11; Intel x64 with AES-NI w/ FreeBSD 10.2 on vCenter SUSE 11; Intel x64 without AES-NI w/ Mac OSX 10.10 on vCenter SUSE 11; Intel x64 with AES-NI w/ Mac OSX 10.10 on vCenter SUSE 11; SPARC v8 w/ Solaris 10; SPARC v8+ w/ Solaris 11; SPARC v9 (T2) w/ Solaris 11; SPARC v9 (T4) without T4 accelerator w/ Solaris 11; Intel x86 without AES-NI w/ Solaris 10 on vCenter SUSE 11; Intel x86 with AES-NI w/ Solaris 10 on vCenter SUSE 11; Intel x64 without AES-NI w/ Solaris 10 on vCenter SUSE 11; Intel x64 with AES-NI w/ Solaris 10 on vCenter SUSE 11; Itanium 2 32-bit w/ HPUX 11.31; Itanium 2 64-bit w/ HPUX 11.31; PA-RISC 2.0 32-bit w/ HPUX 11.31; PA-RISC 2.0W 64-bit w/ HPUX 11.31; PowerPC 32-bit w/ AIX 6.1 on PowerVM 2.2; PowerPC 64-bit w/ AIX 6.1 on PowerVM 2.2; PowerPC 32-bit w/ AIX 7.1 on PowerVM 2.2; PowerPC 64-bit w/ AIX 7.1 on PowerVM 2.2; IBM z196 31/32-bit w/ Red Hat Enterprise Linux 5.11 on z/VM 6.2; IBM z196 64-bit w/ Red Hat Enterprise Linux 5.11 on z/VM 6.2; ARMv7 w/ Fedora Core 20; ARMv7 w/ Ubuntu 12.04 LTS; ARMv8 w/ Fedora Core 22; Intel x86 w/ Android 4.1; ARMv7 w/ Android 4.4; ARMv7 w/ Android 5.1; ARMv8 w/ Android 5.1; PPC 604 w/ VxWorks 6.4; PPC 604 w/ VxWorks 6.7; ARMv4 w/ VxWorks 6.8; SPARC v9 (T4) with T4 accelerator w/ Solaris 11; Intel x64 w/ CentOS 6.6 11/20/2015 RSADP: (Mod2048)

"RSA BSAFE® Crypto-C ME software is designed to help protect sensitive data as it is stored using strong encryption techniques to provide a persistent level of protection. The software supports a wide range of industry standard encryption algorithms offering developers the flexibility to choose the appropriate option to meet their requirements."

12/18/15: Added new tested information;

619
Section 4.2,
TLS
Section 5.1,
ANS X9.63-2001
SP800-135
RSA, The Security Division of EMC
174 Middlesex Turnpike
Bedford, MA 01730
USA

-Rohit Mathur
TEL: +61730325220

RSA BSAFE Crypto-C Micro Edition

Version 4.1.2
Intel x86 without AES-NI w/ Windows Server 2008 Enterprise (/MT) on vCenter SUSE 11; Intel x86 without AES-NI w/ Windows 7 Enterprise (/MT) on vCenter SUSE 11; Intel x86 with AES-NI w/ Windows Server 2008 Enterprise (/MT) on vCenter SUSE 11; Intel x86 with AES-NI w/ Windows 7 Enterprise (/MT) on vCenter SUSE 11; Intel x64 without AES-NI w/ Windows Server 2008 Enterprise R2 (/MD) on vCenter SUSE 11; Intel x64 without AES-NI w/ Windows 7 Enterprise (/MD) on vCenter SUSE 11; Intel x64 with AES-NI w/ Windows Server 2008 Enterprise R2 (/MD) on vCenter SUSE 11; Intel x64 with AES-NI w/ Windows 7 Enterprise (/MD) on vCenter SUSE 11; Intel x86 without AES-NI w/ Windows Server 2008 Enterprise (/MD) on vCenter SUSE 11; Intel x86 without AES-NI w/ Windows 7 Enterprise (/MD) on vCenter SUSE 11; Intel x86 with AES-NI w/ Windows Server 2008 Enterprise (/MD) on vCenter SUSE 11; Intel x86 with AES-NI w/ Windows 7 Enterprise (/MD) on vCenter SUSE 11; Intel x64 without AES-NI w/ Windows Server 2008 Enterprise (/MT) on vCenter SUSE 11; Intel x64 without AES-NI w/ Windows Server 2012 Standard R2 (/MT) on vCenter SUSE 11; Intel x64 without AES-NI w/ Windows 7 Enterprise (/MT) on vCenter SUSE 11; Intel x64 without AES-NI w/ Windows 8 Enterprise (/MT) on vCenter SUSE 11; Intel x64 with AES-NI w/ Windows Server 2008 Enterprise (/MT) on vCenter SUSE 11; Intel x64 with AES-NI w/ Windows Server 2012 Standard R2 (/MT) on vCenter SUSE 11; Intel x64 with AES-NI w/ Windows 7 Enterprise (/MT) on vCenter SUSE 11; Intel x64 with AES-NI w/ Windows 8 Enterprise (/MT) on vCenter SUSE 11; Intel x86 without AES-NI w/ Windows 8 Enterprise (/MT) on vCenter SUSE 11; Intel x86 without AES-NI w/ Windows 10 Enterprise (/MD) on vCenter SUSE 11; Intel x86 with AES-NI w/ Windows 8 Enterprise (/MT) on vCenter SUSE 11; Intel x86 with AES-NI w/ Windows 10 Enterprise (/MD) on vCenter SUSE 11; Intel x64 without AES-NI w/ Windows 8 Enterprise (/MT) on vCenter SUSE 11; Intel x64 without AES-NI w/ Windows 10 Enterprise (/MD) on vCenter SUSE 11; Intel x64 without AES-NI w/ Windows Server 2012 Standard R2 (/MD) on vCenter SUSE 11; Intel x64 with AES-NI w/ Windows 8 Enterprise (/MT) on vCenter SUSE 11; Intel x64 with AES-NI w/ Windows 10 Enterprise (/MD) on vCenter SUSE 11; Intel x64 with AES-NI w/ Windows Server 2012 Standard R2 (/MD) on vCenter SUSE 11; Itanium 2 w/ Windows Server 2008 Enterprise (/MD); Itanium 2 w/ Windows Server 2008 Enterprise (/MT); Intel x86 without AES-NI w/ Red Hat Enterprise Linux 5.11 on vCenter SUSE 11; Intel x86 with AES-NI w/ Red Hat Enterprise Linux 5.11 on vCenter SUSE 11; Intel x64 without AES-NI w/ Red Hat Enterprise Linux 5.11 on vCenter SUSE 11; Intel x64 with AES-NI w/ Red Hat Enterprise Linux 5.11 on vCenter SUSE 11; Intel x86 without AES-NI w/ Red Hat Enterprise Linux 6.7 on vCenter SUSE 11; Intel x86 without AES-NI w/ Red Hat Enterprise Linux 7.1 on vCenter SUSE 11; Intel x86 without AES-NI w/ SUSE Linux Enterprise Server 11 on vCenter SUSE 11; Intel x86 without AES-NI w/ SUSE Linux Enterprise Server 12 on vCenter SUSE 11; Intel x86 with AES-NI w/ Red Hat Enterprise Linux 6.7 on vCenter SUSE 11; Intel x86 with AES-NI w/ SUSE Linux Enterprise Server 11 on vCenter SUSE 11; Intel x86 with AES-NI w/ SUSE Linux Enterprise Server 12 on vCenter SUSE 11; Intel x64 without AES-NI w/ Red Hat Enterprise Linux 6.7 on vCenter SUSE 11; Intel x64 without AES-NI w/ Red Hat Enterprise Linux 7.1 on vCenter SUSE 11; Intel x64 without AES-NI w/ SUSE Linux Enterprise Server 11 on vCenter SUSE 11; Intel x64 without AES-NI w/ SUSE Linux Enterprise Server 12 on vCenter SUSE 11; Intel x64 with AES-NI w/ Red Hat Enterprise Linux 6.7 on vCenter SUSE 11; Intel x64 with AES-NI w/ Red Hat Enterprise Linux 7.1 on vCenter SUSE 11; Intel x64 with AES-NI w/ SUSE Linux Enterprise Server 11 on vCenter SUSE 11; Itanium 2 w/ Red Hat Enterprise Linux 5.11; PowerPC 32-bit w/ Red Hat Enterprise Linux 5.11 on PowerVM 2.2; PowerPC 32-bit w/ SUSE Linux Enterprise Server 11 on PowerVM 2.2; PowerPC 64-bit w/ Red Hat Enterprise Linux 5.11 on PowerVM 2.2; PowerPC 64-bit w/ SUSE Linux Enterprise Server 11 on PowerVM 2.2; Intel x64 without AES-NI w/ FreeBSD 10.2 on vCenter SUSE 11; Intel x64 with AES-NI w/ FreeBSD 10.2 on vCenter SUSE 11; Intel x64 without AES-NI w/ Mac OSX 10.10 on vCenter SUSE 11; Intel x64 with AES-NI w/ Mac OSX 10.10 on vCenter SUSE 11; SPARC v8 w/ Solaris 10; SPARC v8+ w/ Solaris 11; SPARC v9 (T2) w/ Solaris 11; SPARC v9 (T4) without T4 accelerator w/ Solaris 11; Intel x86 without AES-NI w/ Solaris 10 on vCenter SUSE 11; Intel x86 with AES-NI w/ Solaris 10 on vCenter SUSE 11; Intel x64 without AES-NI w/ Solaris 10 on vCenter SUSE 11; Intel x64 with AES-NI w/ Solaris 10 on vCenter SUSE 11; Itanium 2 32-bit w/ HPUX 11.31; Itanium 2 64-bit w/ HPUX 11.31; PA-RISC 2.0 32-bit w/ HPUX 11.31; PA-RISC 2.0W 64-bit w/ HPUX 11.31; PowerPC 32-bit w/ AIX 6.1 on PowerVM 2.2; PowerPC 64-bit w/ AIX 6.1 on PowerVM 2.2; PowerPC 32-bit w/ AIX 7.1 on PowerVM 2.2; PowerPC 64-bit w/ AIX 7.1 on PowerVM 2.2; IBM z196 31/32-bit w/ Red Hat Enterprise Linux 5.11 on z/VM 6.2; IBM z196 64-bit w/ Red Hat Enterprise Linux 5.11 on z/VM 6.2; ARMv7 w/ Fedora Core 20; ARMv7 w/ Ubuntu 12.04 LTS; ARMv8 w/ Fedora Core 22; Intel x86 w/ Android 4.1; ARMv7 w/ Android 4.4; ARMv7 w/ Android 5.1; ARMv8 w/ Android 5.1; PPC 604 w/ VxWorks 6.4; PPC 604 w/ VxWorks 6.7; ARMv4 w/ VxWorks 6.8; SPARC v9 (T4) with T4 accelerator w/ Solaris 11; Intel x64 w/ CentOS 6.6 11/20/2015 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#2958 HMAC Val#2293
ANSX963_2001 (SHS 224 , 256 , 384 , 512 ) SHA Val#2958

"RSA BSAFE® Crypto-C ME software is designed to help protect sensitive data as it is stored using strong encryption techniques to provide a persistent level of protection. The software supports a wide range of industry standard encryption algorithms offering developers the flexibility to choose the appropriate option to meet their requirements."

12/18/15: Added new tested information;

618
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
RSA, The Security Division of EMC
174 Middlesex Turnpike
Bedford, MA 01730
USA

-Rohit Mathur
TEL: +61730325220

RSA BSAFE Crypto-C Micro Edition

Version 4.1.2
Intel x86 without AES-NI w/ Windows Server 2008 Enterprise (/MT) on vCenter SUSE 11; Intel x86 without AES-NI w/ Windows 7 Enterprise (/MT) on vCenter SUSE 11; Intel x86 with AES-NI w/ Windows Server 2008 Enterprise (/MT) on vCenter SUSE 11; Intel x86 with AES-NI w/ Windows 7 Enterprise (/MT) on vCenter SUSE 11; Intel x64 without AES-NI w/ Windows Server 2008 Enterprise R2 (/MD) on vCenter SUSE 11; Intel x64 without AES-NI w/ Windows 7 Enterprise (/MD) on vCenter SUSE 11; Intel x64 with AES-NI w/ Windows Server 2008 Enterprise R2 (/MD) on vCenter SUSE 11; Intel x64 with AES-NI w/ Windows 7 Enterprise (/MD) on vCenter SUSE 11; Intel x86 without AES-NI w/ Windows Server 2008 Enterprise (/MD) on vCenter SUSE 11; Intel x86 without AES-NI w/ Windows 7 Enterprise (/MD) on vCenter SUSE 11; Intel x86 with AES-NI w/ Windows Server 2008 Enterprise (/MD) on vCenter SUSE 11; Intel x86 with AES-NI w/ Windows 7 Enterprise (/MD) on vCenter SUSE 11; Intel x64 without AES-NI w/ Windows Server 2008 Enterprise (/MT) on vCenter SUSE 11; Intel x64 without AES-NI w/ Windows Server 2012 Standard R2 (/MT) on vCenter SUSE 11; Intel x64 without AES-NI w/ Windows 7 Enterprise (/MT) on vCenter SUSE 11; Intel x64 without AES-NI w/ Windows 8 Enterprise (/MT) on vCenter SUSE 11; Intel x64 with AES-NI w/ Windows Server 2008 Enterprise (/MT) on vCenter SUSE 11; Intel x64 with AES-NI w/ Windows Server 2012 Standard R2 (/MT) on vCenter SUSE 11; Intel x64 with AES-NI w/ Windows 7 Enterprise (/MT) on vCenter SUSE 11; Intel x64 with AES-NI w/ Windows 8 Enterprise (/MT) on vCenter SUSE 11; Intel x86 without AES-NI w/ Windows 8 Enterprise (/MT) on vCenter SUSE 11; Intel x86 without AES-NI w/ Windows 10 Enterprise (/MD) on vCenter SUSE 11; Intel x86 with AES-NI w/ Windows 8 Enterprise (/MT) on vCenter SUSE 11; Intel x86 with AES-NI w/ Windows 10 Enterprise (/MD) on vCenter SUSE 11; Intel x64 without AES-NI w/ Windows 8 Enterprise (/MT) on vCenter SUSE 11; Intel x64 without AES-NI w/ Windows 10 Enterprise (/MD) on vCenter SUSE 11; Intel x64 without AES-NI w/ Windows Server 2012 Standard R2 (/MD) on vCenter SUSE 11; Intel x64 with AES-NI w/ Windows 8 Enterprise (/MT) on vCenter SUSE 11; Intel x64 with AES-NI w/ Windows 10 Enterprise (/MD) on vCenter SUSE 11; Intel x64 with AES-NI w/ Windows Server 2012 Standard R2 (/MD) on vCenter SUSE 11; Itanium 2 w/ Windows Server 2008 Enterprise (/MD); Itanium 2 w/ Windows Server 2008 Enterprise (/MT); Intel x86 without AES-NI w/ Red Hat Enterprise Linux 5.11 on vCenter SUSE 11; Intel x86 with AES-NI w/ Red Hat Enterprise Linux 5.11 on vCenter SUSE 11; Intel x64 without AES-NI w/ Red Hat Enterprise Linux 5.11 on vCenter SUSE 11; Intel x64 with AES-NI w/ Red Hat Enterprise Linux 5.11 on vCenter SUSE 11; Intel x86 without AES-NI w/ Red Hat Enterprise Linux 6.7 on vCenter SUSE 11; Intel x86 without AES-NI w/ Red Hat Enterprise Linux 7.1 on vCenter SUSE 11; Intel x86 without AES-NI w/ SUSE Linux Enterprise Server 11 on vCenter SUSE 11; Intel x86 without AES-NI w/ SUSE Linux Enterprise Server 12 on vCenter SUSE 11; Intel x86 with AES-NI w/ Red Hat Enterprise Linux 6.7 on vCenter SUSE 11; Intel x86 with AES-NI w/ SUSE Linux Enterprise Server 11 on vCenter SUSE 11; Intel x86 with AES-NI w/ SUSE Linux Enterprise Server 12 on vCenter SUSE 11; Intel x64 without AES-NI w/ Red Hat Enterprise Linux 6.7 on vCenter SUSE 11; Intel x64 without AES-NI w/ Red Hat Enterprise Linux 7.1 on vCenter SUSE 11; Intel x64 without AES-NI w/ SUSE Linux Enterprise Server 11 on vCenter SUSE 11; Intel x64 without AES-NI w/ SUSE Linux Enterprise Server 12 on vCenter SUSE 11; Intel x64 with AES-NI w/ Red Hat Enterprise Linux 6.7 on vCenter SUSE 11; Intel x64 with AES-NI w/ Red Hat Enterprise Linux 7.1 on vCenter SUSE 11; Intel x64 with AES-NI w/ SUSE Linux Enterprise Server 11 on vCenter SUSE 11; Itanium 2 w/ Red Hat Enterprise Linux 5.11; PowerPC 32-bit w/ Red Hat Enterprise Linux 5.11 on PowerVM 2.2; PowerPC 32-bit w/ SUSE Linux Enterprise Server 11 on PowerVM 2.2; PowerPC 64-bit w/ Red Hat Enterprise Linux 5.11 on PowerVM 2.2; PowerPC 64-bit w/ SUSE Linux Enterprise Server 11 on PowerVM 2.2; Intel x64 without AES-NI w/ FreeBSD 10.2 on vCenter SUSE 11; Intel x64 with AES-NI w/ FreeBSD 10.2 on vCenter SUSE 11; Intel x64 without AES-NI w/ Mac OSX 10.10 on vCenter SUSE 11; Intel x64 with AES-NI w/ Mac OSX 10.10 on vCenter SUSE 11; SPARC v8 w/ Solaris 10; SPARC v8+ w/ Solaris 11; SPARC v9 (T2) w/ Solaris 11; SPARC v9 (T4) without T4 accelerator w/ Solaris 11; Intel x86 without AES-NI w/ Solaris 10 on vCenter SUSE 11; Intel x86 with AES-NI w/ Solaris 10 on vCenter SUSE 11; Intel x64 without AES-NI w/ Solaris 10 on vCenter SUSE 11; Intel x64 with AES-NI w/ Solaris 10 on vCenter SUSE 11; Itanium 2 32-bit w/ HPUX 11.31; Itanium 2 64-bit w/ HPUX 11.31; PA-RISC 2.0 32-bit w/ HPUX 11.31; PA-RISC 2.0W 64-bit w/ HPUX 11.31; PowerPC 32-bit w/ AIX 6.1 on PowerVM 2.2; PowerPC 64-bit w/ AIX 6.1 on PowerVM 2.2; PowerPC 32-bit w/ AIX 7.1 on PowerVM 2.2; PowerPC 64-bit w/ AIX 7.1 on PowerVM 2.2; IBM z196 31/32-bit w/ Red Hat Enterprise Linux 5.11 on z/VM 6.2; IBM z196 64-bit w/ Red Hat Enterprise Linux 5.11 on z/VM 6.2; ARMv7 w/ Fedora Core 20; ARMv7 w/ Ubuntu 12.04 LTS; ARMv8 w/ Fedora Core 22; Intel x86 w/ Android 4.1; ARMv7 w/ Android 4.4; ARMv7 w/ Android 5.1; ARMv8 w/ Android 5.1; PPC 604 w/ VxWorks 6.4; PPC 604 w/ VxWorks 6.7; ARMv4 w/ VxWorks 6.8; SPARC v9 (T4) with T4 accelerator w/ Solaris 11; Intel x64 w/ CentOS 6.6 11/20/2015 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"RSA BSAFE® Crypto-C ME software is designed to help protect sensitive data as it is stored using strong encryption techniques to provide a persistent level of protection. The software supports a wide range of industry standard encryption algorithms offering developers the flexibility to choose the appropriate option to meet their requirements."

12/18/15: Added new tested information;

617
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Fortinet, Inc.
1090 Kifer Road
Sunnyvale, CA 94086-5301
USA

-Daniel Hayes
TEL: 613-225-9381 x7643
FAX: 613-225-9951

-Alan Kaye
TEL: 613-225-9381 x7416
FAX: 613-225-9951

Fortinet FortiAnalyzer SSL Cryptographic Library

Version 5.2.4 (Firmware)
Intel Celeron 11/20/2015 TLS( TLS1.0/1.1 ) SHA Val#2957 HMAC Val#2292
SSH (SHA 1 , 256 , 512 ) SHA Val#2957

"This document focuses on the software implementation of the Fortinet FortiAnalyzer SSL Cryptographic Library v5.0 running on Intel x86 compatible processors."

616
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Fortinet, Inc.
1090 Kifer Road
Sunnyvale, CA 94086-5301
USA

-Daniel Hayes
TEL: 613-225-9381 x7643
FAX: 613-225-9951

-Alan Kaye
TEL: 613-225-9381 x7416
FAX: 613-225-9951

Fortinet FortiManager SSL Cryptographic Library

Version 5.2.4 (Firmware)
Intel Xeon E3; Intel Xeon E5 11/20/2015 TLS( TLS1.0/1.1 ) SHA Val#2956 HMAC Val#2291
SSH (SHA 1 , 256 , 512 ) SHA Val#2956

"This document focuses on the software implementation of the Fortinet FortiManager SSL Cryptographic Library v5.0 running on Intel x86 compatible processors."

615
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
NetApp, Inc.
495 East Java Drive
Fourth Floor
Sunnyvale, CA 94089
USA

-Mike Scanlin
TEL: 919.476.8578
FAX: 919.476.4272

NetApp Cryptographic Security Module Algorithm Implementations

Version 1.0
Intel Xeon with AES-NI (AVA 400 appliance) w/ AVOS v4.0.1; Intel Xeon with AES-NI (AVA 800 appliance) w/ AVOS v4.0.1; Intel Xeon with AES-NI (AVA VM ESXi5.5) w/ AVOS v4.0.1; Intel Xeon with AES-NI w/ Debian Linux 8.1; Intel Xeon without AES-NI w/ Debian Linux 8.1; Intel Xeon with AES-NI w/ FreeBSD 9.1; Intel Xeon without AES-NI w/ FreeBSD 9.1; Intel Xeon with AES-NI w/ Scientific Linux 6.1; Intel Xeon without AES-NI w/ Scientific Linux 6.1; Intel Xeon with AES-NI w/ SUSE Linux 11; Intel Xeon without AES-NI w/ SUSE Linux 11 11/20/2015 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"NCSM will be integrated into select NetApp operating systems and data management products for the purpose of providing FIPS 140-2 compliant management channel encryption."

614
Signature Generation of hash sized messages
FIPS186-4 ECDSA
Chunghwa Telecom Co., Ltd. Telecommunication Laboratories
No.99, Dianyan Rd.
Yang-Mei, Taoyuan 326
Taiwan, ROC

-Yeou-Fuh Kuan
TEL: +886-3-424-4333
FAX: +886-3-424-4129

-Char-Shin Miou
TEL: +886-3-424-4381
FAX: +886-3-424-4129

HiCOS Cryptographic Library

Version 3.7 (Firmware)
Renesas RS-4 series 11/9/2015 ECDSA SigGen Component: CURVES( P-224 P-256 P-384 )

"It supports SHA-1, SHA-256, SHA-384, SHA-512, Hash-DRBG, 3DES-3Key-MAC, 3DES-3Key encrypt/decrypt, ECDSA(p-224/256/384), RSA 2048 encrypt/decrypt (including RSA-CRT), RSA signature generation /verification(including RSA-CRT) and APDU command/response encryption and/or MAC."

613
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Utimaco IS GmbH
Germanusstraße 4
Aachen, n/a 52080
Germany

-Dr. Gesa Ott
TEL: +49 241-1696-200
FAX: +49 241-1696-199

-Dieter Bong
TEL: +49 241-1696-200
FAX: +49 241-1696-199

CryptoServer CSe ECDSA

Version ecdsa1.1.6.0_eca1.1.5.2 (Firmware)
Texas Instruments TMS320C6457 11/6/2015 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"ECDSA Component implements all ECDSA key sizes and curves to allow flexibility and efficiency."

612
Section 4.2,
TLS
SP800-135
Vormetric, Inc.
2545 North 1st Street
San Jose, CA 95131
USA

-Oliver Galvez
TEL: (408) 433-6000
FAX: (408) 844-8637

-Peter Tsai
TEL: (408) 433-6000
FAX: (408) 844-8637

Vormetric Data Security Manager Virtual Appliance Module

Version 5.3.0 (Firmware)
Intel Xeon 11/6/2015 TLS( TLS1.0/1.1 ) SHA Val#2949 HMAC Val#2287

"Vormetric Data Security Manager (Virtual Appliance) that creates, stores and manages security objects such as keys, certificates and access control policies for distributed encryption agents"

611
Section 4.1.1,
IKEv1
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Hewlett Packard Enterprise
153 Taylor Street
Littleton, MA 01460
USA

-Bob Pittman
TEL: 1-978-264-5211
FAX: 1-978-264-5522

HPE Comware

Version Comware V5.2-R2514 (Firmware)
Freescale P1010, 553M, PowerPC; Freescale P1016, 667M, PowerPC 11/6/2015 IKEv1( AUTH( DSA , PSK ) ) ( 2048 (SHA 1 ) ) SHA Val#2945 HMAC Val#2283
TLS( TLS1.0/1.1 ) SHA Val#2945 HMAC Val#2283
SSH (SHA 1 ) SHA Val#2945
SNMP SHA1 Val#2945

"Comware cryptographic library is a software library that provides cryptographic functions within HP devices."

610
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Century Longmai Technology Co. Ltd
3rd Floor, Gongkong Building
No. 1 Wangzhuang Rd
Haidian District
Beijing, N/A 100083
China

-Lemon Yang
TEL: 86 13810314817
FAX: 86 10 62313636

mToken CryptoID

Part # SCC-X
N/A 11/6/2015 Curves tested: P-256   P-521

"mToken CryptoID is designed based on a secure smartcard chip that utilizes the in-built mCOS to communicate with computer device via USB interface in a "plug and play" manner. It can realize various Public Key Infrastructure (PKI) applications including digital signature, online authentications, online transactions, software security, etc."

609
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Harris Corporation
1680 University Avenue
Rochester, NY 14610
USA

-Steven Ruggieri
TEL: 585-239-7806
FAX: 585-241-8159

-Suzanne Kwak
TEL: 585-242-4686
FAX: 585-241-8159

Harris Broadband Ethernet Radio GPP Cryptographic Library

Version 4.10a (Firmware)
Broadcom XLS108 11/6/2015 TLS( TLS1.0/1.1 ) SHA Val#2943 HMAC Val#2281
SSH (SHA 1 , 256 ) SHA Val#2943
SNMP SHA1 Val#2943

"This is a firmware library which executes on a general purpose processor to provide cryptographic functions for Harris'' industry leading reliable, secure, and high performance Broadband Ethernet Radio (BER) products: RF-7800-OU50x/-OU47x/-OU49x."

608
Section 4.2,
TLS
SP800-135
iboss Cybersecurity
9950 Summers Ridge Rd.
Suite 160
San Diego, CA 92131
USA

-Peter Martini
TEL: 858-568-7051
FAX: 858-225-6158

-Christopher Park
TEL: 858-568-7051
FAX: 858-225-6158

Firesphere OpenSSL

Version 7.1.0.0 (Firmware)
Intel Xeon E5-1650v2 with AES-NI; Intel Xeon 2x E5-2650 with AES-NI 10/23/2015 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#2932 HMAC Val#2273

"FireSphere OpenSSL is a suite of FIPS approved algorithms. The following algorithms are supported: AES 128 and 256, SP800-90A CTR DRBG 128 and 256, RSA SIGVer 1024, 2048, and 3072, RSA SigGen 2048 and 3072, RSA KeyGen 2048 and 3072, SHA and HMAC-SHA 1, 224, 256, 384, and 512, and RSA key wrapping."

607
Section 4.2,
TLS
SP800-135
iboss Cybersecurity
9950 Summers Ridge Rd.
Suite 160
San Diego, CA 92131
USA

-Peter Martini
TEL: 858-568-7051
FAX: 858-225-6158

-Christopher Park
TEL: 858-568-7051
FAX: 858-225-6158

Firesphere Java

Version 7.1.0.0 (Firmware)
Intel Xeon E5-1650v2 with AES-NI; Intel Xeon 2x E5-2650 with AES-NI 10/23/2015 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#2931 HMAC Val#2269

"FireSphere Java is a suite of FIPS approved algorithms. The following algorithms are supported: AES 128 and 256, RSA SIGVer 1024, 2048, and 3072, SHA and HMAC-SHA 1, 224, 256, 384, and 512, and RSA key wrapping."

606
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
iDirect Government
13921 Park Center Road, Suite 600
Herndon, VA 20171
USA

-Chris Gormont
TEL: 703-880-6257
FAX: 703-648-8088

-Tony Tran
TEL: 703-880-6243
FAX: 703-648-8088

Satellite Communication

Version 2.0 (Firmware)
Intel EWIXP465BAET 667 MHz 10/23/2015 TLS( TLS1.2 (SHA 256 , 512 ) ) SHA Val#2927 HMAC Val#2267
SSH (SHA 256 , 512 ) SHA Val#2927

"VT iDirect, Inc''s firmware cryptographic module, Secure Satelite Broadband Solution, provides all cryptographic operations for the management of iDirect''s Transmission Security (TRANSEC) feature. The cryptographic module supports key management algorithms that allow for each member of the network to receive and decrypt data."

02/26/16: Updated implementation information;

605
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
SP800-135
Motorola Solutions Systems Polska Sp. z o.o.
Czerwone Maki 82
Krakow, n/a 30-392
Poland

-Tomasz Chmiel
TEL: +48 12 29 79 000
FAX: +48 12 29 79 001

-Tomasz Rypina
TEL: +48 12 29 79 000
FAX: +48 12 29 79 001

IKEv1/IKEv2-KDF

Version 16.8.1.04 (Firmware)
Freescale MPC-7457; Freescale MPC-8568E 10/23/2015 IKEv1( AUTH( PSK ) ) ( 2048 (SHA 1 ) ) ( 2048 (SHA 1 ) ) SHA Val#2926
IKEv2( ( 2048 (SHA 1 ) ) ( 2048 (SHA 1 ) ) SHA Val#2926

"IKEv1/IKEv2 Key Derivation functions are used to derive keying material for IKE in S6000 and GGM8000 network devices."

604
Section 5.4, SNMP
SP800-135
Motorola Solutions Systems Polska Sp. z o.o.
Czerwone Maki 82
Krakow, n/a 30-392
Poland

-Tomasz Chmiel
TEL: +48 12 29 79 000
FAX: +48 12 29 79 001

-Tomasz Rypina
TEL: +48 12 29 79 000
FAX: +48 12 29 79 001

Net-SNMP

Version 5.3.0.1 (Firmware)
Freescale MPC-7457 10/23/2015 SNMP SHA1 Val#2926

"SNMP Key Derivation function is used to derive shared secret key for SNMP agent in S6000 and GGM8000 network devices."

603
Section 5.2, SSH
SP800-135
Motorola Solutions Systems Polska Sp. z o.o.
Czerwone Maki 82
Krakow, n/a 30-392
Poland

-Tomasz Chmiel
TEL: +48 12 29 79 000
FAX: +48 12 29 79 001

-Tomasz Rypina
TEL: +48 12 29 79 000
FAX: +48 12 29 79 001

OpenSSH

Version 6.7p1 (Firmware)
Freescale MPC-7457; Freescale MPC-8568E 10/23/2015 SSH (SHA 1 , 256 , 384 , 512 ) SHA Val#2926

"OpenSSH - SSH Key Derivation function and HMAC-SHA-1 are used to derive keying material for SSH and provide authentication function in SSH in S6000 and GGM8000 network devices."

602
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Wistron NeWeb Corporation
20 PARK AVE II HSINCHU SCIENCE PARK
HSINCHU, n/a 308
Taiwan

-Marcus Ting
TEL: (03) 666-7799 ext 33

UBC-TN6

Version 3.6.0
Processor : ARM w/ OS : Threadx 10/23/2015 Curves tested: P-256

"• use SHA-256, as specified in FIPS 180-4[1], as the Hash function;"

601
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 4083330480
FAX: 4083338101

Brocade FIPS Crypto Library

Version 6.0.2 (Firmware)
E500mc 10/16/2015 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 ) ) SHA Val#2924 HMAC Val#2264
SSH (SHA 1 , 224 , 256 , 384 , 512 ) SHA Val#2924
SNMP SHA1 Val#2924

"The Brocade cryptographic library used in Brocade IP products implements crypto operations in software. The Brocade stackable switch delivers the performance, flexibility, and scalability required for enterprise Gigabit Ethernet (GbE) access deployment. It offers market-leading stacking density with up to 12 switches per stack and combines chassis-"

600
Section 5.7.1.2: ECC CDH Primitive

All of SP800-56A EXCEPT KDF
SP800-56A

SP800-56A
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 4083330480
FAX: 4083338101

Brocade FIPS Crypto Library

Version 6.0.2 (Firmware)
E500mc 10/16/2015 Curves tested: P-256   P-384   P-521
FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FC SHS Val#2924 DRBG Val#901

"The Brocade cryptographic library used in Brocade IP products implements crypto operations in software. The Brocade stackable switch delivers the performance, flexibility, and scalability required for enterprise Gigabit Ethernet (GbE) access deployment. It offers market-leading stacking density with up to 12 switches per stack and combines chassis-"

599
Section 5.2, SSH
SP800-135
McAfee, Inc.
2821 Mission College Blvd.
Santa Clara, CA 95054
USA

-James Reardon
TEL: (651) 628-2700
FAX: (651) 628-2701

McAfee NSP NS SSH Lib

Version 6.4_8.1.17.14 (Firmware)
Intel Xeon E5 10/16/2015 SSH (SHA 1 , 256 , 512 ) SHA Val#2612

"Cryptographic services for the McAfee NSP Intrusion Prevention appliances"

03/30/16: Updated implementation information;

598
Section 5.2, SSH
SP800-135
McAfee, Inc.
2821 Mission College Blvd.
Santa Clara, CA 95054
USA

-James Reardon
TEL: (651) 628-2700
FAX: (651) 628-2701

McAfee NSP M SSH Lib

Version 6.4_8.1.15.11 (Firmware)
Broadcom XLR 10/16/2015 SSH (SHA 1 , 256 , 512 ) SHA Val#2610

"Cryptographic services for the McAfee NSP Intrusion Prevention appliances"

597
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Gemalto
Avenue du Jujubier
Z.I Athelia IV
La Ciotat, 13705
France

-Frederic GARNIER
TEL: +33 442364368
FAX: +33 442366953

-Carlos Romero-liceras
TEL: +33 442365666
FAX: +33 442365545

Cryptographic library for TOP DL V2.1

Version FM Version 2.1 (Firmware)
Part # NXP P60
NXP SmartMX2 P60 chip family 10/16/2015 Curves tested: P-224   P-256   P-384   P-521

"TOP DL V2.1 is a highly secured smartcard platform compliant with the Javacard 2.2.2, GP 2.1.1 & GP 2.2 Amdt D standards, designed to operate with the NXP P60xx chip. It supports: TDES, AES, AES-CMAC, SHA1-224-256-384-512, RSA, RSA CRT, ECDSA, ECC CDH, KDF SP800-108 & DRBG SP800-90A algorithms."

06/17/16: Updated vendor and implementation information;

596
Section 4.2,
TLS
SP800-135
Nuvoton Technology Corporation
No. 4, Creation Rd. III
Hsinchu Science Park, n/a 300
Taiwan, R.O.C.

-Yossi Talmi
TEL: +972-9-9702364
FAX: +972-9-9702001

-Oren Tanami
TEL: +972-9-9702390
FAX: +972-9-9702001

Nuvoton NPCT6xx TPM 2.0 Cryptographic Engine

Part # FB5C85E
N/A 10/9/2015 TLS( ) SHA Val#2920 HMAC Val#2263

"Nuvoton TPM (Trusted Platform Module), a TCG 2.0 compliant security processor with embedded firmware"

595
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Nuvoton Technology Corporation
No. 4, Creation Rd. III
Hsinchu Science Park, n/a 300
Taiwan, R.O.C.

-Yossi Talmi
TEL: +972-9-9702364
FAX: +972-9-9702001

-Oren Tanami
TEL: +972-9-9702390
FAX: +972-9-9702001

Nuvoton NPCT6xx TPM 2.0 Cryptographic Engine

Part # FB5C85E
N/A 10/9/2015 Curves tested: P-256

"Nuvoton TPM (Trusted Platform Module), a TCG 2.0 compliant security processor with embedded firmware"

594
Section 5.5, TPM
SP800-135
Nuvoton Technology Corporation
No. 4, Creation Rd. III
Hsinchu Science Park, n/a 300
Taiwan, R.O.C.

-Yossi Talmi
TEL: +972-9-9702364
FAX: +972-9-9702001

-Oren Tanami
TEL: +972-9-9702390
FAX: +972-9-9702001

Nuvoton NPCT6xx TPM 2.0 Cryptographic Engine

Part # FB5C85D
N/A 10/9/2015 TPM SHA1 Val#2919 HMAC_SHA1 Val#2262

"Nuvoton TPM (Trusted Platform Module), a TCG 2.0 compliant security processor with embedded firmware"

593
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Nuvoton Technology Corporation
No. 4, Creation Rd. III
Hsinchu Science Park, n/a 300
Taiwan, R.O.C.

-Yossi Talmi
TEL: +972-9-9702364
FAX: +972-9-9702001

-Oren Tanami
TEL: +972-9-9702390
FAX: +972-9-9702001

Nuvoton NPCT6xx TPM 2.0 Cryptographic Engine

Part # FB5C85D
N/A 10/9/2015 Curves tested: P-256

"Nuvoton TPM (Trusted Platform Module), a TCG 2.0 compliant security processor with embedded firmware"

592
Section 4.1.1,
IKEv1
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Hewlett Packard Enterprise
153 Taylor Street
Littleton, MA 01460
USA

-Bob Pittman
TEL: 1-978-264-5211
FAX: 1-978-264-5522

HPE Comware

Version Comware V5.2-R3303 (Firmware)
Freescale P2020, 1.0GHz, PowerPC; Freescale P4080, 1.5GHz, PowerPC 9/30/2015 IKEv1( AUTH( DSA , PSK ) ) ( 2048 (SHA 1 ) ) SHA Val#2918 HMAC Val#2261
TLS( TLS1.0/1.1 ) SHA Val#2918 HMAC Val#2261
SSH (SHA 1 ) SHA Val#2918
SNMP SHA1 Val#2918

"Comware cryptographic library is a software library that provides cryptographic functions within HP devices."

591
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Advanced Card Systems Ltd.
Units 2010-2013, 20/F Chevalier Commercial Centre
8 Wang Hoi Road Kowloon Bay
Hong Kong,

-Andrew Chan
TEL: +852-27967873
FAX: +852-27961286

ACOS5-64

Version 3.00 (Firmware)
ST23YL80 Version PU7 9/30/2015 RSASP1: (Mod2048: PKCS1.5 )

"ACOS5-64 is an advanced cryptographic module specifically designed for the Public Key Infrastructure (PKI)-based applications. With its powerful cryptographic capabilities, it enhances the security and performance of RSA public key cryptographic operations that are essential to the stringent requirements of high-level security applications."

590
Section 4.2,
TLS
SP800-135
Vormetric, Inc.
2545 North 1st Street
San Jose, CA 95131
USA

-Oliver Galvez
TEL: (408) 433-6000
FAX: (408) 844-8637

-Peter Tsai
TEL: (408) 433-6000
FAX: (408) 844-8637

Vormetric Data Security Server Module

Version 5.3.0 (Firmware)
Intel Xeon 9/30/2015 TLS( TLS1.0/1.1 ) SHA Val#2915 HMAC Val#2260

"Vormetric Data Security Manager that creates, stores and manages security objects such as keys, certificates and access control policies for distributed encryption agents"

589
Section 4.2,
TLS
SP800-135
Vormetric, Inc.
2545 North 1st Street
San Jose, CA 95131
USA

-Oliver Galvez
TEL: (408) 433-6000
FAX: (408) 844-8637

-Peter Tsai
TEL: (408) 433-6000
FAX: (408) 844-8637

Vormetric Data Security Server Module

Version 5.3.0 (Firmware)
Intel Xeon 9/30/2015 TLS( TLS1.2 (SHA 256 , 384 ) ) SHA Val#2887 HMAC Val#2234

"Vormetric Data Security Manager that creates, stores and manages security objects such as keys, certificates and access control policies for distributed encryption agents"

588
Section 4.2,
TLS
SP800-135
Hewlett-Packard
Longdown Avenue
Stoke Gifford, Bristol BS34 8QZ
United Kingdom

-Laura Loredo
TEL: +44 117 316 2462

-John Drew
TEL: +44 560 109 0356

OpenSSL

Version 1.0.1p (FIPS 2.0) (Firmware)
ARM966E 9/25/2015 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#2913 HMAC Val#2258

"AES ECB and CBC: 128/256 bits, encryption/decryption. CTR DRBG with Derivation Function. GCM: 128/256 bits, encryption/decryption. HMAC-SHA-1/224/256/384/512. SP 800-135 KDF - TLS 1.0, 1.1 and 1.2, with SHA-256 and SHA-384. RSA: FIPS 186-2 RSA; GenKey9.31; SigGenPKCS1.5; SigVerPKCS1.5; SigVerPSS. SHA-1/224/256/384/512."

587
Section 4.1.2,
IKEv2
SP800-135
B+B Smartworx
707 Dayton Road
PO Box 1040
Ottawa, IL 61350
USA

-Paul Conway
TEL: 1-800-346-3119
FAX: 815-433-5109

B+B Smartworx Libreswan Cryptographic Module

Version 1.0
ARM Cortex w/ Conel Linux 5 9/25/2015 IKEv2( ( 256 (SHA 1 , 256 , 384 , 512 ) ) ( 2048 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#2896 HMAC Val#2244

"The B+B Smartworx Libreswan Cryptographic Module is a firmware only cryptographic module that provides the IKE protocol version 1 and version 2 key agreement services required for IPSec."

586
Section 4.2,
TLS
SP800-135
Vocera Communications, Inc.
525 Race Street
San Jose, CA 95126
USA

-Ammath Keunemany
TEL: 4088824615
FAX: 4088825101

-Crispin Jacob
TEL: 918042654719

Vocera Cryptographic Module

Version 3.0
Texas Instruments OMAP-L138 w/ Vocera Embedded Linux v3.0 9/25/2015 TLS( TLS1.0/1.1 ) SHA Val#2912 HMAC Val#2257

"Vocera B3000n Badge is a wearable hands-free voice-controlled device that provides easy to use and instantaneous communication on a wireless LAN network. The Vocera Cryptographic Module, embedded in the B3000n Badge ensures protected communications using industry-standard secure wireless communication protocols."

585
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Harris Corporation
1680 University Avenue
Rochester, NY 14610
USA

-Steven Ruggieri
TEL: 585-239-7806
FAX: 585-241-8159

-Suzanne Kwak
TEL: 585-242-4686
FAX: 585-241-8159

Harris Broadband Ethernet Radio GPP Cryptographic Library

Version 4.10 (Firmware)
Broadcom XLS108 9/25/2015 TLS( TLS1.0/1.1 ) SHA Val#2911 HMAC Val#2256
SSH (SHA 1 , 256 ) SHA Val#2911
SNMP SHA1 Val#2911

"This is a firmware library which executes on a general purpose processor to provide cryptographic functions for Harris'' industry leading reliable, secure, and high performance Broadband Ethernet Radio (BER) products: RF-7800-OU50x/-OU47x/-OU49x."

584
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Infineon Technologies AG
Alter Postweg 101
Augsburg, BY 86159
Germany

-Roland Ebrecht
TEL: +49-821-25851-68
FAX: +49-821-25851-40

-Thomas Hoffmann
TEL: +49-821-25851-24
FAX: +49-821-25851-40

Trusted Platform Module 1.2 SLB 9670

Version 6.80.0113.02 (Firmware)
Part # SLB 9670
Infineon SLB 9670 security controller IC 9/18/2015 RSASP1: (Mod2048: PKCS1.5 )

"Infineon Trusted Platform Module 1.2 SLB 9670 is an implementation according to the TPM Main Specification Version 1.2 Revision 116 by Trusted Computing Group."

583
RSADP Primitive
FIPS186-4 RSA; RSADP
Infineon Technologies AG
Alter Postweg 101
Augsburg, BY 86159
Germany

-Roland Ebrecht
TEL: +49-821-25851-68
FAX: +49-821-25851-40

-Thomas Hoffmann
TEL: +49-821-25851-24
FAX: +49-821-25851-40

Trusted Platform Module 1.2 SLB 9670

Version 6.80.0113.02 (Firmware)
Part # SLB 9670
Infineon SLB 9670 security controller IC 9/18/2015 RSADP: (Mod2048)

"Infineon Trusted Platform Module 1.2 SLB 9670 is an implementation according to the TPM Main Specification Version 1.2 Revision 116 by Trusted Computing Group."

582
Section 5.5, TPM
SP800-135
Infineon Technologies AG
Alter Postweg 101
Augsburg, BY 86159
Germany

-Roland Ebrecht
TEL: +49-821-25851-68
FAX: +49-821-25851-40

-Thomas Hoffmann
TEL: +49-821-25851-24
FAX: +49-821-25851-40

Trusted Platform Module 1.2 SLB 9670

Version 6.80.0113.02 (Firmware)
Part # SLB 9670
Infineon SLB 9670 security controller IC 9/18/2015 TPM SHA1 Val#2906 HMAC_SHA1 Val#2252

"Infineon Trusted Platform Module 1.2 SLB 9670 is an implementation according to the TPM Main Specification Version 1.2 Revision 116 by Trusted Computing Group."

581
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Infineon Technologies AG
Alter Postweg 101
Augsburg, BY 86159
Germany

-Roland Ebrecht
TEL: +49-821-25851-68
FAX: +49-821-25851-40

-Thomas Hoffmann
TEL: +49-821-25851-24
FAX: +49-821-25851-40

Trusted Platform Module 1.2 SLB 9660, SLB 9665

Version 4.80.0411.02 (Firmware)
Part # SLB 9660/9665
Infineon SLB 9660 or SLB 9665 security controller IC 9/18/2015 RSASP1: (Mod2048: PKCS1.5 )

"Infineon Trusted Platform Module 1.2 SLB 9660/SLB 9665 is an implementation according to the TPM Main Specification Version 1.2 Revision 116 by Trusted Computing Group."

580
RSADP Primitive
FIPS186-4 RSA; RSADP
Infineon Technologies AG
Alter Postweg 101
Augsburg, BY 86159
Germany

-Roland Ebrecht
TEL: +49-821-25851-68
FAX: +49-821-25851-40

-Thomas Hoffmann
TEL: +49-821-25851-24
FAX: +49-821-25851-40

Trusted Platform Module 1.2 SLB 9660, SLB 9665

Version 4.80.0411.02 (Firmware)
Part # SLB 9660/9665
Infineon SLB 9660 or SLB 9665 security controller IC 9/18/2015 RSADP: (Mod2048)

"Infineon Trusted Platform Module 1.2 SLB 9660/SLB 9665 is an implementation according to the TPM Main Specification Version 1.2 Revision 116 by Trusted Computing Group."

579
Section 5.5, TPM
SP800-135
Infineon Technologies AG
Alter Postweg 101
Augsburg, BY 86159
Germany

-Roland Ebrecht
TEL: +49-821-25851-68
FAX: +49-821-25851-40

-Thomas Hoffmann
TEL: +49-821-25851-24
FAX: +49-821-25851-40

Trusted Platform Module 1.2 SLB 9660, SLB 9665

Version 4.80.0411.02 (Firmware)
Part # SLB 9660/9665
Infineon SLB 9660 or SLB 9665 security controller IC 9/18/2015 TPM SHA1 Val#2905 HMAC_SHA1 Val#2251

"Infineon Trusted Platform Module 1.2 SLB 9660/SLB 9665 is an implementation according to the TPM Main Specification Version 1.2 Revision 116 by Trusted Computing Group."

578
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Intel Corporation
2821 Mission College Blvd.
Santa Clara, CA 95054
USA

-Andy Nissen
TEL: 651-628-5385

McAfee Next Generation Firewall

Version 2.0.8
Intel i3 w/ Linux x86_64 9/11/2015 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"A cryptographic library compiled for Linux on Intel x86_64 compatible processors."

02/11/16: Updated implementation information;

577
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
IBM Corporation
80 Bishop Dr., Unit B
Fredericton, New Brunswick E3C 1B2
Canada

-Sandra Hernandez
TEL: (512) 286-5624

-Marie Fraser
TEL: +353 (21) 730-6043

IBM QCrypto Module

Version 1.0 (Firmware)
Intel XEON Ivy Bridge 9/11/2015 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 ) ) SHA Val#2894 HMAC Val#2242
SSH (SHA 1 , 256 , 512 ) SHA Val#2894

"The algorithms are implemented by OpenSSL version 1.0.1e provided by RedHat. Additional native bridges are implemented by IBM and allow all QRadar components to make cryptographic request to OpenSSL directly."

576
RSADP Primitive
FIPS186-4 RSA; RSADP
Microsoft Corporation
One Microsoft Way
Redmond, WA 98052-6399
USA

-Tim Myers
TEL: 800-Microsoft

Microsoft Windows 10, Microsoft Surface Pro 3 with Windows 10, Microsoft Surface 3 with Windows 10, Microsoft Surface Pro 2 with Windows 10, Microsoft Surface Pro with Windows 10 Cryptography Next Generation (CNG) Implementations

Version 10.0.10240
Intel Core i7 with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows 10 (x64); AMD A4 with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows 10 (x64); Intel Core i3 without AES-NI or PCLMULQDQ or SSSE 3 w/ Windows 10 (x86); AMD A4 with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows 10 Enterprise (x64); Intel x64 Processor with AES-NI w/ Microsoft Surface Pro w/ Windows 10 Enterprise (x64); Intel Core i5 with AES-NI w/ Microsoft Surface Pro 2 w/ Windows 10 Enterprise (x64); Intel Core i7 with AES-NI w/ Microsoft Surface Pro 3 w/ Windows 10 Enterprise (x64); Intel Core i3 without AES-NI or PCLMULQDQ or SSSE 3 w/ Windows 10 Enterprise (x86); AMD A4 with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows 10 Pro (x64); Intel x64 Processor with AES-NI w/ Microsoft Surface Pro w/ Windows 10 Pro (x64); Intel Core i5 with AES-NI w/ Microsoft Surface Pro 2 w/ Windows 10 Pro (x64); Intel Core i7 with AES-NI w/ Microsoft Surface Pro 3 w/ Windows 10 Pro (x64); Intel Core i3 without AES-NI or PCLMULQDQ or SSSE 3 w/ Windows 10 Pro (x86); Intel Atom x7 with AES-NI and PCLMULQDQ and SSSE 3 w/ Microsoft Surface 3 w/ Windows 10 Enterprise (x64) ;  Intel Core i7 with AES-NI and PCLMULQDQ and SSSE 3 w/ Intel Core i7 with AES-NI and PCLMULQDQ and SSSE 3; AMD A4 with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows 10 Enterprise LTSB (x64); Intel Core i3 without AES-NI or PCLMULQDQ or SSSE 3 w/ Windows 10 Enterprise LTSB (x86) 8/31/2015 RSADP: (Mod2048)

"The Microsoft Windows Kernel Mode Cryptographic Primitives Library -- Cryptography Next Generation (CNG) -- is a general purpose, software-based, cryptographic module which provides FIPS 140-2 Level 1 cryptography."

09/17/15: Updated implementation information;
11/10/15: Added new tested information;

575
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
Section 4.2,
TLS
SP800-135
Microsoft Corporation
One Microsoft Way
Redmond, WA 98052-6399
USA

-Tim Myers
TEL: 800-Microsoft

Microsoft Windows 10, Microsoft Surface Pro 3 with Windows 10, Microsoft Surface 3 with Windows 10, Microsoft Surface Pro 2 with Windows 10, Microsoft Surface Pro with Windows 10 BCryptPrimitives and NCryptSSLp

Version 10.0.10240
Intel Core i7 with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows 10 (x64); AMD A4 with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows 10 (x64); Intel Core i3 without AES-NI or PCLMULQDQ or SSSE 3 w/ Windows 10 (x86); AMD A4 with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows 10 Enterprise (x64); Intel x64 Processor with AES-NI w/ Microsoft Surface Pro w/ Windows 10 Enterprise (x64); Intel Core i5 with AES-NI w/ Microsoft Surface Pro 2 w/ Windows 10 Enterprise (x64); Intel Core i7 with AES-NI w/ Microsoft Surface Pro 3 w/ Windows 10 Enterprise (x64); Intel Core i3 without AES-NI or PCLMULQDQ or SSSE 3 w/ Windows 10 Enterprise (x86); AMD A4 with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows 10 Pro (x64); Intel x64 Processor with AES-NI w/ Microsoft Surface Pro w/ Windows 10 Pro (x64); Intel Core i5 with AES-NI w/ Microsoft Surface Pro 2 w/ Windows 10 Pro (x64); Intel Core i7 with AES-NI w/ Microsoft Surface Pro 3 w/ Windows 10 Pro (x64); Intel Core i3 without AES-NI or PCLMULQDQ or SSSE 3 w/ Windows 10 Pro (x86); Intel Atom x7 with AES-NI and PCLMULQDQ and SSSE 3 w/ Microsoft Surface 3 w/ Windows 10 Enterprise (x64) ;  Intel Core i7 with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows 10 Enterprise LTSB (x64); AMD A4 with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows 10 Enterprise LTSB (x64); Intel Core i3 without AES-NI or PCLMULQDQ or SSSE 3 w/ Windows 10 Enterprise LTSB (x86) 8/29/2015 IKEv1( AUTH( DSA , PKE , PSK ) ) ( 2048 (SHA 256 ) ) ( 256 (SHA 256 ) ) ( 384 (SHA 384 ) ) SHA Val#2886 HMAC Val#2233
IKEv2( ( 2048 (SHA 256 ) ) ( 256 (SHA 256 ) ) ( 384 (SHA 384 ) ) SHA Val#2886 HMAC Val#2233
TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#2886 HMAC Val#2233

"The Microsoft Windows Cryptographic Primitives Library provides IKEv1, IKEv2, and TLS Key Derivation Function (KDF) primitives."

09/17/15: Updated implementation information;
10/06/15: Added new tested information;

574
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Fortinet, Inc.
1090 Kifer Road
Sunnyvale, CA 94086-5301
USA

-Alan Kaye
TEL: 613-225-9381 x7416
FAX: 613-225-9951

Fortinet FortiMail SSL Cryptographic Library

Version 5.2 (Firmware)
Intel Xeon 8/29/2015 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#2892 HMAC Val#2239
SSH (SHA 1 , 256 ) SHA Val#2892

"This focuses on the firmware implementation of the Fortinet FortiMail SSL Cryptographic Library v5.2 running on Intel x86 compatible processors."

573
Signature Generation of hash sized messages
FIPS186-4 ECDSA
General Dynamics C4 Systems
77 A Street
Needham, MA 02494
USA

-David Aylesworth
TEL: 781-400-6527

Fortress Cryptographic Implementation - SSL

Version 2.1 (Firmware)
RMI Alchemy MIPS Processor; Broadcom XLS Processor 8/18/2015 ECDSA SigGen Component: CURVES( P-256 P-384 )

"The Fortress Cryptographic Implementation suite works in unison to provide security to your wireless and wired networks."

572
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Microsoft Corporation
One Microsoft Way
Redmond, WA 98052-6399
USA

-Tim Myers
TEL: 800-Microsoft

Microsoft Windows 10, Microsoft Surface Pro 3 with Windows 10, Microsoft Surface 3 with Windows 10, Microsoft Surface Pro 2 with Windows 10, Microsoft Surface Pro with Windows 10 MsBignum Cryptographic Implementations

Version 10.0.10240
Intel Core i7 with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows 10 (x64);AMD A4 with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows 10 (x64); Intel Core i3 without AES-NI or PCLMULQDQ or SSSE 3 w/ Windows 10 (x86); AMD A4 with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows 10 Enterprise (x64); Intel x64 Processor with AES-NI w/ Microsoft Surface Pro w/ Windows 10 Enterprise (x64); Intel Core i5 with AES-NI w/ Microsoft Surface Pro 2 w/ Windows 10 Enterprise (x64); Intel Core i7 with AES-NI w/ Microsoft Surface Pro 3 w/ Windows 10 Enterprise (x64); Intel Core i3 without AES-NI or PCLMULQDQ or SSSE 3 w/ Windows 10 Enterprise (x86); AMD A4 with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows 10 Pro (x64); Intel x64 Processor with AES-NI w/ Microsoft Surface Pro w/ Windows 10 Pro (x64); Intel Core i5 with AES-NI w/ Microsoft Surface Pro 2 w/ Windows 10 Pro (x64); Intel Core i7 with AES-NI w/ Microsoft Surface Pro 3 w/ Windows 10 Pro (x64); Intel Core i3 without AES-NI or PCLMULQDQ or SSSE 3 w/ Windows 10 Pro (x86); Intel Atom x7 with AES-NI and PCLMULQDQ and SSSE 3 w/ Microsoft Surface 3 w/ Windows 10 Enterprise (x64) ;  Intel Core i7 with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows 10 Enterprise LTSB (x64); AMD A4 with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows 10 Enterprise LTSB (x64); Intel Core i3 without AES-NI or PCLMULQDQ or SSSE 3 w/ Windows 10 Enterprise LTSB (x86) 8/18/2015 RSASP1: (Mod2048: PKCS1.5 )

"The Microsoft Windows MSBignum Library algorithm implementation provides DSA, ECDSA, and RSA support to other Microsoft libraries and cryptographic modules."

8/19/15: Added new tested information;
09/17/15: Updated implementation information; <10/09/15>: Added new tested information;

571
Signature Generation of hash sized messages
FIPS186-4 ECDSA
Palo Alto Networks
4401 Great America Parkway
Santa Clara, California 95054
USA

-Richard Bishop
TEL: 408-753-4000

-Jake Bajic
TEL: 408-753-3901

Palo Alto Networks Crypto Module (PA VM-series)

Version 7.0 (PAN-OS)
Intel Multi Core Xeon w/ PAN-OS v7.0 on VMware ESXi 5.5; Intel Multi Core Xeon w/ PAN-OS v7.0 on CentOS 6.5 - KVM; Intel Multi Core Xeon w/ PAN-OS v7.0 on Citrix XenServer 6.1.0 8/18/2015 ECDSA SigGen Component: CURVES( P-256 P-384 )

"The Palo Alto Networks Crypto Module provides the cryptographic functionality for a variety of Palo Alto Networks VM-series platforms. The firewalls provide network security by enabling enterprises to see/control applications, users, and content."

01/12/16: Updated implementation information;

570
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Palo Alto Networks
4401 Great America Parkway
Santa Clara, California 95054
USA

-Richard Bishop
TEL: 408-753-4000

-Jake Bajic
TEL: 408-753-3901

Palo Alto Networks Crypto Module (PA VM-series)

Version 7.0 (PAN-OS)
Intel Multi Core Xeon w/ PAN-OS v7.0 on VMware ESXi 5.5; Intel Multi Core Xeon w/ PAN-OS v7.0 on CentOS 6.5 - KVM; Intel Multi Core Xeon w/ PAN-OS v7.0 on Citrix XenServer 6.1.0 8/18/2015 IKEv1( AUTH( PSK ) ) ( 256 (SHA 256 , 384 , 512 ) ) ( 2048 (SHA 256 , 384 , 512 ) ) ( 384 (SHA 256 , 384 , 512 ) ) SHA Val#2888 HMAC Val#2235
IKEv2( ( 256 (SHA 256 , 384 , 512 ) ) ( 2048 (SHA 1 , 256 , 384 , 512 ) ) ( 384 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#2888 HMAC Val#2235
TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#2888 HMAC Val#2235
SSH (SHA 1 ) SHA Val#2888
SNMP SHA1 Val#2888

"The Palo Alto Networks Crypto Module provides the cryptographic functionality for a variety of Palo Alto Networks VM-series platforms. The firewalls provide network security by enabling enterprises to see/control applications, users, and content."

01/12/16: Updated implementation information;

569
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Palo Alto Networks
4401 Great America Parkway
Santa Clara, California 95054
USA

-Richard Bishop
TEL: 408-753-4000

-Jake Bajic
TEL: 408-753-3901

Palo Alto Networks Crypto Module (PA VM-series)

Version 7.0 (PAN-OS)
Intel Multi Core Xeon w/ PAN-OS v7.0 on VMware ESXi 5.5; Intel Multi Core Xeon w/ PAN-OS v7.0 on CentOS 6.5 - KVM; Intel Multi Core Xeon w/ PAN-OS v7.0 on Citrix XenServer 6.1.0 8/18/2015 Curves tested: P-256   P-384

"The Palo Alto Networks Crypto Module provides the cryptographic functionality for a variety of Palo Alto Networks VM-series platforms. The firewalls provide network security by enabling enterprises to see/control applications, users, and content."

01/12/16: Updated implementation information;

568
All of SP800-56A EXCEPT KDF
SP800-56A
Palo Alto Networks
4401 Great America Parkway
Santa Clara, California 95054
USA

-Richard Bishop
TEL: 408-753-4000

-Jake Bajic
TEL: 408-753-3901

Palo Alto Networks Crypto Module (PA VM-series)

Version 7.0 (PAN-OS)
Intel Multi Core Xeon w/ PAN-OS v7.0 on VMware ESXi 5.5; Intel Multi Core Xeon w/ PAN-OS v7.0 on CentOS 6.5 - KVM; Intel Multi Core Xeon w/ PAN-OS v7.0 on Citrix XenServer 6.1.0 8/18/2015 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC DSA Val#988 SHS Val#2888 DRBG Val#871
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EC: P-256 ECDSA Val#714 SHS Val#2888 DRBG Val#871

"The Palo Alto Networks Crypto Module provides the cryptographic functionality for a variety of Palo Alto Networks VM-series platforms. The firewalls provide network security by enabling enterprises to see/control applications, users, and content."

01/12/16: Updated implementation information;

567
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Palo Alto Networks
4401 Great America Parkway
Santa Clara, California 95054
USA

-Richard Bishop
TEL: 408-753-4000

-Jake Bajic
TEL: 408-753-3901

Palo Alto Networks Crypto Module (PA-200, PA-500, PA-2000, PA-3000, PA-4000, PA-5000 and PA-7000 firewalls, WF-500 and Panorama M-100/M-500)

Version 7.0 (PAN-OS, Wildfire)/7.1 (Panorama) (Firmware)
Cavium Octeon MIPS64; Intel Multi Core Xeon; Intel Celeron P4505; Intel i7 8/18/2015 Curves tested: P-256   P-384

"The Palo Alto Networks Crypto Module provides the cryptographic functionality for a variety of platforms i.e. the PA-200, PA-500, PA-2000, PA-3000, PA-4000, PA-5000 and PA-7000 firewalls, WF-500 and Panorama M-100/M-500."

566
Signature Generation of hash sized messages
FIPS186-4 ECDSA
Palo Alto Networks
4401 Great America Parkway
Santa Clara, California 95054
USA

-Richard Bishop
TEL: 408-753-4000

-Jake Bajic
TEL: 408-753-3901

Palo Alto Networks Crypto Module (PA-200, PA-500, PA-2000, PA-3000, PA-4000, PA-5000 and PA-7000 firewalls, WF-500 and Panorama M-100/M-500)

Version 7.0 (PAN-OS, Wildfire)/7.1 (Panorama) (Firmware)
Cavium Octeon MIPS64; Intel Multi Core Xeon; Intel Celeron P4505; Intel i7 8/14/2015 ECDSA SigGen Component: CURVES( P-256 P-384 )

"The Palo Alto Networks Crypto Module provides the cryptographic functionality for a variety of platforms i.e. the PA-200, PA-500, PA-2000, PA-3000, PA-4000, PA-5000 and PA-7000 firewalls, WF-500 and Panorama M-100/M-500."

565
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Palo Alto Networks
4401 Great America Parkway
Santa Clara, California 95054
USA

-Richard Bishop
TEL: 408-753-4000

-Jake Bajic
TEL: 408-753-3901

Palo Alto Networks Crypto Module (PA-200, PA-500, PA-2000, PA-3000, PA-4000, PA-5000 and PA-7000 firewalls, WF-500 and Panorama M-100/M-500)

Version 7.0 (PAN-OS, Wildfire)/7.1 (Panorama) (Firmware)
Cavium Octeon MIPS64; Intel Multi Core Xeon; Intel Celeron P4505; Intel i7 8/14/2015 IKEv1( AUTH( PSK ) ) ( 256 (SHA 256 , 384 , 512 ) ) ( 2048 (SHA 256 , 384 , 512 ) ) ( 384 (SHA 256 , 384 , 512 ) ) SHA Val#2870 HMAC Val#2220
IKEv2( ( 256 (SHA 256 , 384 , 512 ) ) ( 2048 (SHA 1 , 256 , 384 , 512 ) ) ( 384 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#2870 HMAC Val#2220
TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#2870 HMAC Val#2220
SSH (SHA 1 ) SHA Val#2870
SNMP SHA1 Val#2870

"The Palo Alto Networks Crypto Module provides the cryptographic functionality for a variety of platforms i.e. the PA-200, PA-500, PA-2000, PA-3000, PA-4000, PA-5000 and PA-7000 firewalls, WF-500 and Panorama M-100/M-500."

564
All of SP800-56A EXCEPT KDF
SP800-56A
Palo Alto Networks
4401 Great America Parkway
Santa Clara, California 95054
USA

-Richard Bishop
TEL: 408-753-4000

-Jake Bajic
TEL: 408-753-3901

Palo Alto Networks Crypto Module (PA-200, PA-500, PA-2000, PA-3000, PA-4000, PA-5000 and PA-7000 firewalls, WF-500 and Panorama M-100/M-500)

Version 7.0 (PAN-OS, Wildfire)/7.1 (Panorama) (Firmware)
Cavium Octeon MIPS64; Intel Multi Core Xeon; Intel Celeron P4505; Intel i7 8/14/2015 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC DSA Val#987 SHS Val#2870 DRBG Val#870
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EC: P-256 ECDSA Val#713 SHS Val#2870 DRBG Val#870

"The Palo Alto Networks Crypto Module provides the cryptographic functionality for a variety of platforms i.e. the PA-200, PA-500, PA-2000, PA-3000, PA-4000, PA-5000 and PA-7000 firewalls, WF-500 and Panorama M-100/M-500."

563
All of SP800-56A EXCEPT KDF
SP800-56A
Cavium, Inc.
2315 N. First Street
San Jose, CA 95131
USA

-Tejinder Singh
TEL: 408-943-7403
FAX: 408-577-1992

-Phanikumar Kancharla
TEL: 408-943-7496

Nitrox III FECC

Version 1.0.0 (Firmware)
Part # Nitrox III Series Die, v1.1
Cavium Nitrox III Series 8/14/2015 ECC:
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 ECDSA Val#589 SHS Val#2652 DRBG Val#680

"Nitrox III hardware acceleration for ECC primitives used for ECDH and ECDSA."

562
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Blue Coat Systems, Inc.
420 North Mary Avenue
Sunnyvale, California 94085-4121
USA

-Diana Robinson
TEL: 845-454-6397

-Nick Goble
TEL: 978-318-7544

Blue Coat SSL Visibility Appliance Crypto Library

Version 1.0.3
Intel X3450 Quad Core w/ Linux x86_64; Intel E5620 Quad Core w/ Linux x86_64; Intel E5645 Hex Core w/ Linux x86_64 8/14/2015 SSH (SHA 1 , 224 , 256 , 384 , 512 ) SHA Val#2885
SNMP SHA1 Val#2885

"The Blue Coat SSL Visibility Appliance decrypts multiple streams of SSL content to provide IDS/IPS, logging, forensics, and data loss prevention. This preserves complete network traffic histories necessary for compliance/threat analysis and enables SSL inspection capabilities that close the security loophole created by SSL."

561
All of SP800-56A EXCEPT KDF
SP800-56A
Huawei Technologies Co., Ltd
Huawei Industrial Base, Bantian Longgang
Shenzhen, Guangdong 518129
China

-Li Wen
TEL: 0086-0755-28976679
FAX: 0086-0755-28976679

Huawei Radio Link Encryption (RLE)

Version 1.0 (Firmware)
n/a 8/14/2015 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG   Full Validation   Key Regeneration )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC DSA Val#986 SHS Val#2884 DRBG Val#865

"The module provides the functionality of cipher (AES-CCM) transceiver of radio data as security function."

560
Section 5.2, SSH
SP800-135
Alcatel-Lucent
600 March Road
Ottawa, Ontario K2K 2E6
Canada

-Carl Rajsic
TEL: +1 613 784 6218

-Alfred Nothaft
TEL: +1 972 477 5087

Alcatel Lucent 7x50 SR OS Cryptographic Library

Version 1.0 (Firmware)
Cavium Octeon 7/31/2015 SSH (SHA 1 ) SHA Val#2878

"The Alcatel-Lucent 7x50 SR OS Cryptographic Library is used on the Alcatel-Lucent 7x50 Service Router products."

07/06/16: Updated implementation information;

559
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Sonus Networks, Inc.
4 Technology Park Drive
Westford, MA 01886
USA

-Adam Elshama
TEL: 1-855-GO-SONUS
FAX: 978-614-8101

-Nui Chan
TEL: 1-855-GO-SONUS
FAX: 978-614-8101

Sonus Cryptographic Library

Version 2 (Firmware)
Intel Ivy Bridge 7/31/2015 TLS( TLS1.2 (SHA 256 ) ) SHA Val#2877 HMAC Val#2225
SSH (SHA 1 , 224 , 256 , 384 , 512 ) SHA Val#2877
SNMP SHA1 Val#2877

"Sonus Session Border Controller FIPS-validated cryptographic software module"

558
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Sonus Networks, Inc.
4 Technology Park Drive
Westford, MA 01886
USA

-Adam Elshama
TEL: 1-855-GO-SONUS
FAX: 978-614-8101

-Nui Chan
TEL: 1-855-GO-SONUS
FAX: 978-614-8101

Sonus Cryptographic Library

Version 2 (Firmware)
Intel Ivy Bridge 7/31/2015 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"Sonus Session Border Controller FIPS-validated cryptographic software module"

557
Section 5.3, SRTP
SP800-135
Sonus Networks, Inc.
4 Technology Park Drive
Westford, MA 01886
USA

-Adam Elshama
TEL: 1-855-GO-SONUS
FAX: 978-614-8101

-Nui Chan
TEL: 1-855-GO-SONUS
FAX: 978-614-8101

Sonus Cryptographic Media Processor

Version 2 (Firmware)
Cavium OCTEON II CN6880 7/31/2015 SRTP (AES 128 ) AES Val#3482

"Sonus Session Border Controller FIPS-validated cryptographic media module"

556
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Sonus Networks, Inc.
4 Technology Park Drive
Westford, MA 01886
USA

-Adam Elshama
TEL: 1-855-GO-SONUS
FAX: 978-614-8101

-Nui Chan
TEL: 1-855-GO-SONUS
FAX: 978-614-8101

Sonus Cryptographic Library

Version 2 (Firmware)
Intel Nehalem 7/31/2015 TLS( TLS1.2 (SHA 256 ) ) SHA Val#2875 HMAC Val#2223
SSH (SHA 1 , 224 , 256 , 384 , 512 ) SHA Val#2875
SNMP SHA1 Val#2875

"Sonus Session Border Controller FIPS-validated cryptographic software module"

555
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Sonus Networks, Inc.
4 Technology Park Drive
Westford, MA 01886
USA

-Adam Elshama
TEL: 1-855-GO-SONUS
FAX: 978-614-8101

-Nui Chan
TEL: 1-855-GO-SONUS
FAX: 978-614-8101

Sonus Cryptographic Library

Version 2 (Firmware)
Intel Nehalem 7/31/2015 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"Sonus Session Border Controller FIPS-validated cryptographic software module"

554
Section 5.3, SRTP
SP800-135
Sonus Networks, Inc.
4 Technology Park Drive
Westford, MA 01886
USA

-Adam Elshama
TEL: 1-855-GO-SONUS
FAX: 978-614-8101

-Nui Chan
TEL: 1-855-GO-SONUS
FAX: 978-614-8101

Sonus Cryptographic Media Processor

Version 2 (Firmware)
Cavium OCTEON Plus CN5860 7/31/2015 SRTP (AES 128 ) AES Val#3480

"Sonus Session Border Controller FIPS-validated cryptographic media module"

553 Huawei Technologies Co., Ltd
Huawei Industrial Base, Bantian Longgang
Shenzhen, Guangdong 518129
China

-Li Wen
TEL: 0086-0755-28976679
FAX: 0086-0755-28976679

Huawei Radio Link Encryption (RLE)

Version 1.0 (Firmware)
n/a 7/31/2015

"The module provides the functionality of encryption transceiver of radio data as security function."

552
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Huawei Technologies Co., Ltd
Huawei Industrial Base, Bantian Longgang
Shenzhen, Guangdong 518129
China

-Li Wen
TEL: 0086-0755-28976679
FAX: 0086-0755-28976679

Huawei FIPS Cryptographic Library (HFCL)

Version V300R003C22SPC804
DELL PowerEdge T110 II Intel Pentium w/ RHEL 5.3 evaluated at EAL4 7/31/2015 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"Huawei FIPS Cryptographic Library (HFCL) provides FIPS approved Cryptographic functions to consuming applications via an Application Programming Interface (API)"

04/12/16: Updated implementation information;

551
All of SP800-56A EXCEPT KDF
SP800-56A
Huawei Technologies Co., Ltd
Huawei Industrial Base, Bantian Longgang
Shenzhen, Guangdong 518129
China

-Li Wen
TEL: 0086-0755-28976679
FAX: 0086-0755-28976679

Huawei FIPS Cryptographic Library (HFCL)

Version V300R003C22SPC804
DELL PowerEdge T110 II Intel Pentium w/ RHEL 5.3 evaluated at EAL4 7/31/2015 ECC:
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 ECDSA Val#707 SHS Val#2872 DRBG Val#857

"Huawei FIPS Cryptographic Library (HFCL) provides FIPS approved Cryptographic functions to consuming applications via an Application Programming Interface (API)"

04/12/16: Updated implementation information;

549
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
CoCo Communications
800 5th Ave
Seattle, WA 98104
USA

-David Weidenkopf
TEL: 206-812-5783

CoCo OpenSSL Windows 7

Version 2.2
Intel i5 w/ Windows 7 64 bit 7/24/2015 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"The CoCo OpenSSL Crypto Module is an OpenSSL cryptographic library that provides cryptographic services to its calling applications."

548
All of SP800-56A EXCEPT KDF
SP800-56A
Apple Inc.
1 Infinite Loop
Cupertino, CA 95014
USA

-Shawn Geddis

Apple iOS CoreCrypto Module (Generic A8 32 bit)

Version 5.0
Apple A8 w/ iOS 8 7/24/2015 ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: OnePassDH: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 ECDSA Val#628 SHS Val#2710 DRBG Val#731 HMAC Val#2071

"Cryptographic library offering various cryptographic mechanisms to Apple frameworks. The testing applies to kernel space and generic, non-optimized software. Test applies to 32 bit word size."

547
All of SP800-56A EXCEPT KDF
SP800-56A
Apple Inc.
1 Infinite Loop
Cupertino, CA 95014
USA

-Shawn Geddis

Apple iOS CoreCrypto Module (Generic A7 32 bit)

Version 5.0
Apple A7 w/ iOS 8 7/24/2015 ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: OnePassDH: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 ECDSA Val#627 SHS Val#2709 DRBG Val#730 HMAC Val#2070

"Cryptographic library offering various cryptographic mechanisms to Apple frameworks. The testing applies to kernel space and generic, non-optimized software. Test applies to 32 bit word size."

546
All of SP800-56A EXCEPT KDF
SP800-56A
Apple Inc.
1 Infinite Loop
Cupertino, CA 95014
USA

-Shawn Geddis

Apple iOS CoreCrypto Module (Generic A8X)

Version 5.0
Apple A8X w/ iOS 8 7/24/2015 ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: OnePassDH: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 ECDSA Val#672 SHS Val#2797 DRBG Val#804 HMAC Val#2152

"Cryptographic library offering various cryptographic mechanisms to Apple frameworks. The testing applies to kernel space and generic, non-optimized software. Test applies to 64 bit word size."

545
All of SP800-56A EXCEPT KDF
SP800-56A
Apple Inc.
1 Infinite Loop
Cupertino, CA 95014
USA

-Shawn Geddis

Apple iOS CoreCrypto Module (Generic A8X 32 bit)

Version 5.0
Apple A8X w/ iOS 8 7/24/2015 ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: OnePassDH: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 ECDSA Val#670 SHS Val#2781 DRBG Val#802 HMAC Val#2137

"Cryptographic library offering various cryptographic mechanisms to Apple frameworks. The testing applies to kernel space and generic, non-optimized software. Test applies to 32 bit word size."

544
All of SP800-56A EXCEPT KDF
SP800-56A
Apple Inc.
1 Infinite Loop
Cupertino, CA 95014
USA

-Shawn Geddis

Apple iOS CoreCrypto Module (Generic A8)

Version 5.0
Apple A8 w/ iOS 8 7/24/2015 ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: OnePassDH: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 ECDSA Val#630 SHS Val#2712 DRBG Val#733 HMAC Val#2073

"Cryptographic library offering various cryptographic mechanisms to Apple frameworks. The testing applies to kernel space and generic, non-optimized software. Test applies to 64 bit word size."

543
All of SP800-56A EXCEPT KDF
SP800-56A
Apple Inc.
1 Infinite Loop
Cupertino, CA 95014
USA

-Shawn Geddis

Apple iOS CoreCrypto Module (Generic A7)

Version 5.0
Apple A7 w/ iOS 8 7/24/2015 ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: OnePassDH: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 ECDSA Val#629 SHS Val#2711 DRBG Val#732 HMAC Val#2072

"Cryptographic library offering various cryptographic mechanisms to Apple frameworks. The testing applies to kernel space and generic, non-optimized software. Test applies to 64 bit word size."

542
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Blue Coat Systems, Inc.
420 North Mary Avenue
Sunnyvale, California 94085-4121
USA

-Diana Robinson
TEL: 845-454-6397

-Nick Goble
TEL: 978-318-7544

Blue Coat SSL Visibility Appliance Crypto Library

Version 1.0.2
Intel X3450 Quad Core w/ Linux x86_64; Intel E5620 Quad Core w/ Linux x86_64; Intel E5645 Hex Core w/ Linux x86_64 7/24/2015 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#2868 HMAC Val#2218
SSH (SHA 1 , 224 , 256 , 384 , 512 ) SHA Val#2868
SNMP SHA1 Val#2868

"The Blue Coat SSL Visibility Appliance decrypts multiple streams of SSL content to provide IDS/IPS, logging, forensics, and data loss prevention. This preserves complete network traffic histories necessary for compliance/threat analysis and enables SSL inspection capabilities that close the security loophole created by SSL."

541
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Redline Communications, Inc.
302 Town Centre Blvd., 4th Floor
Markham, Ontario L3R OE8
Canada

-Andrew Spurgeon
TEL: 905-479-8344 x2471

-Weixiong Lin
TEL: 905-479-8344 x2372

RDL-3000 Management Cryptographic Suite

Version 3.1 (Firmware)
Cavium ECONA CNS3411 SoC 7/17/2015 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#2866 HMAC Val#2216
SSH (SHA 1 ) SHA Val#2866
SNMP SHA1 Val#2866

"Provides several cryptographically-secure management interfaces for use in the administration and operation of the RDL-3000 platform."

540 N/A N/A N/A N/A N/A 7/17/2015 N/A
539
Section 4.2,
TLS
SP800-135
Rajant Corporation
400 East King Street
Malvern, PA 19355
USA

-Martin Lamb
TEL: (484) 595-0233 x409

Firmware v11.4.0-FIPS

Version 11.4.0-FIPS (Firmware)
Part # ME4-2409
Cavium CNS3420 7/10/2015 TLS( TLS1.0/1.1   TLS1.2 (SHA 512 ) ) SHA Val#2845 HMAC Val#2194

"The BreadCrumb by Rajant Corporation is an 802.11 (Wi-Fi) and Ethernet compatible wireless mesh networking device that allows for rapid deployment of mobile wireless networks in a wide variety of environments. It is lightweight, capable of communicating via up to four different radio frequencies, and is designed to be completely mobile."

538
RSADP Primitive
FIPS186-4 RSA; RSADP
Rajant Corporation
400 East King Street
Malvern, PA 19355
USA

-Martin Lamb
TEL: (484) 595-0233 x409

Firmware v11.4.0-FIPS

Version 11.4.0-FIPS (Firmware)
Part # LX4-2495; LX4-2954
Intel XScale IXP435 7/10/2015 RSADP: (Mod2048)

"The BreadCrumb by Rajant Corporation is an 802.11 (Wi-Fi) and Ethernet compatible wireless mesh networking device that allows for rapid deployment of mobile wireless networks in a wide variety of environments. It is lightweight, capable of communicating via up to four different radio frequencies, and is designed to be completely mobile."

537
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Samsung
129
Samsung-ro
Yeongtong-gu
Suwon-si, Gyeonggi-do 443-742
South Korea

-Changsup Ahn
TEL: +82-10-3173-9021
FAX: +82-31-279-1219

-Jisoon Park
TEL: +82-10-4556-5007
FAX: +82-31-279-1219

CryptoCore_Tizen

Version 0.2.9
Part # NA
Samsung Hawk-MU w/ Tizen 2.3 7/10/2015 Curves tested: P-224   P-256   P-384   P-521

"A multipurpose cryptographic library which provides symmetric/asymmetric cipher, message digest, key agreement, PRNG and so on."

536
Section 4.2,
TLS
SP800-135
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134
USA

-Global Certification Team

IOS Common Cryptographic Module (IC2M) Algorithm Module

Version Version 2.0 (Firmware)
Freescale SC1018; Freescale SC1023; Atheros QCA9550 7/10/2015 TLS( TLS1.0/1.1 ) SHA Val#2441 HMAC Val#1836

"IOS Common Cryptographic Module"

535
Section 5.5, TPM
SP800-135
Nuvoton Technology Corporation
No. 4, Creation Rd. III
Hsinchu Science Park, n/a 300
Taiwan, R.O.C.

-Yossi Talmi
TEL: +972-9-9702364
FAX: +972-9-9702001

-Oren Tanami
TEL: +972-9-9702390
FAX: +972-9-9702001

Nuvoton NPCT6xx TPM 1.2 Cryptographic Engine

Part # FB5C85E
N/A 7/10/2015 TPM SHA1 Val#2863 HMAC_SHA1 Val#2213

"Nuvoton TPM (Trusted Platform Module), a TCG 1.2 compliant security processor with embedded firmware"

09/30/15: Updated implementation information;

534
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
OpenSSL Software Foundation, Inc.
1829 Mount Ephraim Road
Adamstown, MD 27101
USA

-Steve Marquess
TEL: 301-874-2571

OpenSSL FIPS Object Module

Version 2.0.11
Intel Core 2 Duo (x86) w/ VxWorks 6.7; IBM POWER 7 (PPC) w/ AIX 7.1 64-bit; IBM POWER 7 (PPC) w/ AIX 6.1 32-bit; IBM POWER 7 (PPC) w/ AIX 6.1 64-bit; IBM POWER 7 (PPC) w/ AIX 7.1 32-bit; Intel Xeon E5-2420 (x86) without AES-NI w/ DataGravity Discovery Series OS V2.0; Intel Xeon E5-2420 (x86) with AES-NI w/ DataGravity Discovery Series OS V2.0 ; IBM POWER 7 (PPC) with optimizations w/ AIX 6.1 32-bit; IBM POWER 7 (PPC) with optimizations w/ AIX 6.1 64-bit; Intel Xeon E5-2430L (x86) with AES-NI optimizations w/ Ubuntu 12.04; Intel Xeon E5-2430L (x86) without optimizations w/ Ubuntu 12.04; Intel Atom E3845 (x86) without AES-NI optimizations w/ Linux 3.10 32-bit; Intel Atom E3845 (x86) with AES-NI optimizations w/ Linux 3.10 32-bit 7/2/2015 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"The OpenSSL FIPS Object Module is a full featured general purpose cryptographic library that is distributed in source code form under an open source license. It can be downloaded from www.openssl.org/source/."

08/04/15: Added new tested information;
09/04/15: Added new tested information;
10/22/15: Added new tested information;
10/30/15: Updated implementation information information;

533
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP

All of SP800-56A EXCEPT KDF
SP800-56A

SP800-135
FireEye, Inc.
1440 McCarthy Boulevard
Milipitas, CA 90655
USA

-Peter Kim
TEL: 1-408-321-6300

FireEye Algorithms Implementation

Version 1.0 (Firmware)
Intel Xeon; AMD Opteron 7/2/2015 FFC: SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC SHS Val#2873
TLS( TLS1.0/1.1 ) SHA Val#2837 HMAC Val#2195
SSH (SHA 1 , 256 , 512 ) SHA Val#2837
SNMP SHA1 Val#2837

"The FireEye Algorithms Implementation provides cryptographic services for CMS and LMS appliances."

07/24/15: Updated vendor information;

532
All of SP800-56A EXCEPT KDF
SP800-56A
Thales e-Security Inc.
900 South Pine Island Road
Suite 710
Plantation, FL 33324
USA

-sales@thalesesec.com
TEL: 888-744-4976

nShield Algorithm Library

Version 2.61.2 (Firmware)
Freescale PowerPC 7/2/2015 ECC:
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 OnePassDH: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 StaticUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 ECDSA Val#695 SHS Val#2826 DRBG Val#825

"The nShield algorithm library provides cryptographic functionality for Thales nShield Hardware Security Modules"

08/20/2015: Added new tested information;
10/22/15: Updated implementation information;

531
RSADP Primitive
FIPS186-4 RSA; RSADP
Rajant Corporation
400 East King Street
Malvern, PA 19355
USA

-Martin Lamb
TEL: (484) 595-0233 x409

Firmware v11.4.0-FIPS

Version 11.4.0-FIPS (Firmware)
Part # ME4-2409
Cavium CNS3420 6/26/2015 RSADP: (Mod2048)

"The BreadCrumb by Rajant Corporation is an 802.11 (Wi-Fi) and Ethernet compatible wireless mesh networking device that allows for rapid deployment of mobile wireless networks in a wide variety of environments. It is lightweight, capable of communicating via up to four different radio frequencies, and is designed to be completely mobile."

530
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Samsung
129
Samsung-ro
Yeongtong-gu
Suwon-si, Gyeonggi-do 443-742
South Korea

-Changsup Ahn
TEL: +82-10-3173-9021
FAX: +82-31-279-1219

-Jisoon Park
TEL: +82-10-4556-5007
FAX: +82-31-279-1219

CryptoCore_Linux

Version 0.2.9
Part # NA
Intel Core i7 w/ Ubuntu 14.04 7/2/2015 Curves tested: P-224   P-256   P-384   P-521

"A multipurpose cryptographic library which provides symmetric/asymmetric cipher, message digest, key agreement, PRNG and so on."

529
Section 4.2,
TLS
SP800-135
Rajant Corporation
400 East King Street
Malvern, PA 19355
USA

-Martin Lamb
TEL: (484) 595-0233 x409

Firmware v11.4.0-FIPS

Version 11.4.0-FIPS (Firmware)
Part # LX4-2495; LX4-2954
Intel XScale IXP435 6/26/2015 TLS( TLS1.0/1.1   TLS1.2 (SHA 512 ) ) SHA Val#2844 HMAC Val#2193

"The BreadCrumb by Rajant Corporation is an 802.11 (Wi-Fi) and Ethernet compatible wireless mesh networking device that allows for rapid deployment of mobile wireless networks in a wide variety of environments. It is lightweight, capable of communicating via up to four different radio frequencies, and is designed to be completely mobile."

528
Section 5.1,
ANS X9.63-2001
SP800-135
Canon
One Canon Park
Melville, NY 11747
USA

-Jiuyuan Ge
TEL: 631-330-5774

Canon imageRunner Crypto Module for MEAP

Version 2.1.1
Intel Atom Processor D410 w/ MontaVista Linux 6/25/2015 ANSX963_2001 (SHS 224 , 256 , 384 , 512 ) SHA Val#2842

"Canon imageRUNNER Crypto Module for MEAP is a cryptographic module which protects stored and transmitted data using FIPS approved cryptographic algorithms."

527
Section 5.2, SSH
SP800-135
Red Hat, Inc.
100 East Davie Street
Raleigh, NC 27601
USA

-Ann Marie Rubin

OpenSSH Server (KDF 800-135) IBM

Version 5.3p1-104.el6_6.1
Intel x86 w/ Red Hat Enterprise Linux 6.6 6/25/2015 SSH (SHA 1 , 256 , 384 , 512 ) SHA Val#2568

"KDF for IBM"

526
Section 5.2, SSH
SP800-135
Red Hat, Inc.
100 East Davie Street
Raleigh, NC 27601
USA

-Ann Marie Rubin

OpenSSH Server (KDF 800-135) HP

Version 5.3p1-104.el6_6.1
Intel x86 w/ Red Hat Enterprise Linux 6.6 6/25/2015 SSH (SHA 1 , 256 , 384 , 512 ) SHA Val#2575

"KDF for HP"

525
Section 4.1.2,
IKEv2
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Cisco Systems, Inc.
170 West Tasman Dr.
San Jose, CA 95134
USA

-Global Certification Team

Adaptive Security Appliance (ASA) OS

Version 9.4 (Firmware)
Intel Atom; Intel Pentium; Intel Core i3; Intel Xeon 6/25/2015 IKEv2( ( 2048 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#2839 HMAC Val#2188
TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#2839 HMAC Val#2188
SSH (SHA 1 ) SHA Val#2839

"The Cisco ASA Security Appliance Series delivers robust user and application policy enforcement, multi-vector attack protection, and secure connectivity services in cost-effective, easy-to-deploy solutions. The ASA 5500 Series Adaptive Security Appliances provide comprehensive security, performance, and reliability for network environment."

524
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Information Assurance Specialists, Inc.
900 Route 168
Suite C4
Turnersville, NJ 08012
USA

-Nicholas Podolak
TEL: 856-581-8033

IAS Router FIPS

Version IASRouter-2015-06-10_23s36eb (Firmware)
Intel Bay Trail with AES-NI 6/11/2015 RSASP1: (Mod2048: PKCS1.5 PKCSPSS )

"IAS Router FIPS is a comprehensive suite of FIPS Approved algorithms. All key sizes and modes have been implemented to allow flexibility and efficiency."

523
Section 4.2,
TLS
SP800-135
Information Assurance Specialists, Inc.
900 Route 168
Suite C4
Turnersville, NJ 08012
USA

-William Morgan
TEL: 856-581-8033 Ext. 1006
FAX: 856-228-1265

-Keiron Tomasso
TEL: 856-581-8033 Ext. 1001
FAX: 856-228-1265

IAS Router FIPS

Version 7a55571 – 2015-05-07 (Firmware)
Intel Bay Trail with AES-NI 6/11/2015 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#2830 HMAC Val#2182

"IAS Router FIPS is a comprehensive suite of FIPS Approved algorithms. All key sizes and modes have been implemented to allow flexibility and efficiency."

12/09/15: Updated vendor and implementation information;

522
Section 5.2, SSH
SP800-135
Hewlett Packard Enterprise
1160 Enterprise Way
Sunnyvale, CA 94089
USA

-Harjit Dhillon
TEL: 916-501-1426

HP ESKM OpenSSH

Version 6.0.1 OpenSSH 1.1 (Firmware)
Intel Xeon E5-2600 Family 6/11/2015 SSH (SHA 1 ) SHA Val#2828

"HP Enterprise Secure Key Manager (ESKM) provides key generation, retrieval, and management for encryption devices and solutions. ESKM is a hardened security appliance with secure access control, administration, and logging. ESKM supports high availability with automatic multi-site clustering, replication, and failover."

521
RSADP Primitive
FIPS186-4 RSA; RSADP
Hewlett Packard Enterprise
1160 Enterprise Way
Sunnyvale, CA 94089
USA

-Harjit Dhillon
TEL: 916-501-1426

HP ESKM OpenSSL

Version 6.0.1 OpenSSL 1.1 (Firmware)
Intel Xeon E5-2600 Family 6/11/2015 RSADP: (Mod2048)

"HP Enterprise Secure Key Manager (ESKM) provides key generation, retrieval, and management for encryption devices and solutions. ESKM is a hardened security appliance with secure access control, administration, and logging. ESKM supports high availability with automatic multi-site clustering, replication, and failover."

520
Section 4.2,
TLS
SP800-135
Hewlett Packard Enterprise
1160 Enterprise Way
Sunnyvale, CA 94089
USA

-Harjit Dhillon
TEL: 916-501-1426

HP ESKM OpenSSL

Version 6.0.1 OpenSSL 1.1 (Firmware)
Intel Xeon E5-2600 Family 6/11/2015 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#2828 HMAC Val#2180

"HP Enterprise Secure Key Manager (ESKM) provides key generation, retrieval, and management for encryption devices and solutions. ESKM is a hardened security appliance with secure access control, administration, and logging. ESKM supports high availability with automatic multi-site clustering, replication, and failover."

519
Section 5.2, SSH
SP800-135
Hewlett Packard Enterprise
1160 Enterprise Way
Sunnyvale, CA 94089
USA

-Harjit Dhillon
TEL: 916-501-1426

HP ESKM OpenSSH

Version 6.0.0 OpenSSH 1.0 (Firmware)
Intel Xeon E5-2600 Family 6/11/2015 SSH (SHA 1 ) SHA Val#2827

"HP Enterprise Secure Key Manager (ESKM) provides key generation, retrieval, and management for encryption devices and solutions. ESKM is a hardened security appliance with secure access control, administration, and logging. ESKM supports high availability with automatic multi-site clustering, replication, and failover."

518
RSADP Primitive
FIPS186-4 RSA; RSADP
Hewlett Packard Enterprise
1160 Enterprise Way
Sunnyvale, CA 94089
USA

-Harjit Dhillon
TEL: 916-501-1426

HP ESKM OpenSSL

Version 6.0.0 OpenSSL 1.0 (Firmware)
Intel Xeon E5-2600 Family 6/11/2015 RSADP: (Mod2048)

"HP Enterprise Secure Key Manager (ESKM) provides key generation, retrieval, and management for encryption devices and solutions. ESKM is a hardened security appliance with secure access control, administration, and logging. ESKM supports high availability with automatic multi-site clustering, replication, and failover."

517
Section 4.2,
TLS
SP800-135
Hewlett Packard Enterprise
1160 Enterprise Way
Sunnyvale, CA 94089
USA

-Harjit Dhillon
TEL: 916-501-1426

HP ESKM OpenSSL

Version 6.0.0 OpenSSL 1.0 (Firmware)
Intel Xeon E5-2600 Family 6/11/2015 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#2827 HMAC Val#2179

"HP Enterprise Secure Key Manager (ESKM) provides key generation, retrieval, and management for encryption devices and solutions. ESKM is a hardened security appliance with secure access control, administration, and logging. ESKM supports high availability with automatic multi-site clustering, replication, and failover."

516
All of SP800-56A EXCEPT KDF
SP800-56A
Thales e-Security Inc.
900 South Pine Island Road
Suite 710
Plantation, FL 33324
USA

-sales@thalesesec.com
TEL: 888-744-4976

nShield Algorithm Library

Version 2.61.2 (Firmware)
Freescale PowerPC 6/5/2015 FFC: SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC OneFlow: (KARole: Initiator / Responder ) FB FC Static: (KARole: Initiator / Responder ) FB FC DSA Val#964 SHS Val#2826 DRBG Val#825

"The nShield algorithm library provides cryptographic functionality for Thales nShield Hardware Security Modules"

10/22/15: Updated implementation information;

515
All of SP800-56A EXCEPT KDF
SP800-56A
Thales e-Security Inc.
900 South Pine Island Road
Suite 710
Plantation, FL 33324
USA

-sales@thalesesec.com
TEL: 888-744-4976

MiniHSM Algorithm Library

Version 2.61.2 (Firmware)
Freescale DragonBall MXL 6/5/2015 FFC: SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC Hybrid1Flow: (KARole: Initiator / Responder ) FB FC Static: (KARole: Initiator / Responder ) FB FC DSA Val#963 SHS Val#2825 DRBG Val#824
ECC:
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 OnePassDH: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 StaticUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: ECDSA Val#686 SHS Val#2825 DRBG Val#824

"The MiniHSM Algorithm Library provides cryptographic functionality for the MiniHSM series of Thales hardware security modules."

10/22/15: Updated implementation information;

514
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
Section 4.2,
TLS
SP800-135
Check Point Software Technologies
5 Ha'solelim Street
Tel Aviv, 67897
Israel

-Malcolm Levy
TEL: +972-37534561

Check Point Cryptographic Library

Version 1.0 (Firmware)
Intel® Xeon® 6/5/2015 IKEv1( AUTH( DSA , PSK ) ) ( 2048 (SHA 1 , 256 , 384 ) ) ( 8192 (SHA 1 , 256 , 384 ) ) SHA Val#2824 HMAC Val#2176
IKEv2( ( 2048 (SHA 1 , 256 , 384 ) ) ( 8192 (SHA 1 , 256 , 384 ) ) SHA Val#2824 HMAC Val#2176
TLS( TLS1.0/1.1   TLS1.2 (SHA 256 ) ) SHA Val#2824 HMAC Val#2176

"Cryptographic library for Check Point Next Generation Security Appliances"

513
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Sage Microelectronics Corp
910 Campisi Way
Suite-2A
Campbell, CA 95008
USA

-Chris Tsu
TEL: 408-309-9118

-Larry Ko
TEL: 408-768-1378

RSA Library

Version 1.0 (Firmware)
Part # S261, Rev. A
Sagemicro S261 (Hardware IC CHIP) 6/5/2015 RSASP1: (Mod2048: PKCS1.5 )

"RSA Library implements RSA-1024 and RSA-2048. Supports Sig Gen and Ver specified in ANSI X9.31, PKCS1.5 and PSS."

512
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
HPE Data Security
20400 Stevens Creek Blv
Suite 500
Cupertino, CA 95014
USA

-Luther Martin
TEL: (408) 886 - 3200
FAX: (408) 886 - 3201

Voltage Cryptographic Module v.5.0

Version 5.0
CPU Intel(R) Core(TM) i7-2600 w/o AES-NI w/ Windows Server 2012 R2 5/29/2015 Curves tested: P-224   P-256   P-384   P-521

"The Voltage Cryptographic Module provides the validated algorithms used by the HP SecureMail, HP SecureFile, and HP SecureData families of products."

04/04/16: Updated vendor and implementation information;

511
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
HPE Data Security
20400 Stevens Creek Blv
Suite 500
Cupertino, CA 95014
USA

-Luther Martin
TEL: (408) 886 - 3200
FAX: (408) 886 - 3201

Voltage Cryptographic Module v.5.0

Version 5.0
CPU Intel(R) Core(TM) i7-2600 with AES-NI w/ Windows Server 2012 R2 5/29/2015 Curves tested: P-224   P-256   P-384   P-521

"The Voltage Cryptographic Module provides the validated algorithms used by the HP SecureMail, HP SecureFile, and HP SecureData families of products."

04/04/16: Updated vendor and implementation information;

510
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
HPE Data Security
20400 Stevens Creek Blv
Suite 500
Cupertino, CA 95014
USA

-Luther Martin
TEL: (408) 886 - 3200
FAX: (408) 886 - 3201

Voltage Cryptographic Module v.5.0

Version 5.0
CPU Intel(R) Core(TM) i7-3770 w/o AES-NI w/ CentOS Linux release 7.0.1406 5/29/2015 Curves tested: P-224   P-256   P-384   P-521

"The Voltage Cryptographic Module provides the validated algorithms used by the HP SecureMail, HP SecureFile, and HP SecureData families of products."

04/04/16: Updated vendor and implementation information;

509
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
HPE Data Security
20400 Stevens Creek Blv
Suite 500
Cupertino, CA 95014
USA

-Luther Martin
TEL: (408) 886 - 3200
FAX: (408) 886 - 3201

Voltage Cryptographic Module v.5.0

Version 5.0
CPU Intel(R) Core(TM) i7-3770 with AES-NI w/ CentOS Linux release 7.0.1406 5/29/2015 Curves tested: P-224   P-256   P-384   P-521

"The Voltage Cryptographic Module provides the validated algorithms used by the HP SecureMail, HP SecureFile, and HP SecureData families of products."

04/04/16: Updated vendor and implementation information;

508 N/A N/A N/A N/A N/A 5/29/2015 N/A
507
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134
USA

-Global Certification Team
TEL: d

CiscoSSL FIPS Object Module

Version 6.0
Cavium Octeon MIPS64 w/ Linux 2.6; Intel Xeon w/ FreeBSD 9.2 5/22/2015 Curves tested: P-256   P-384   P-521

"The Cisco FIPS Object Module is a software library that provides cryptographic services to a vast array of"

506
Section 4.1.2,
IKEv2
Section 4.2,
TLS
Section 5.2, SSH
Section 5.3, SRTP
Section 5.4, SNMP
SP800-135
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134
USA

-Global Certification Team
TEL: d

CiscoSSL FIPS Object Module

Version 6.0
Cavium Octeon MIPS64 w/ Linux 2.6; Intel Xeon w/ FreeBSD 9.2 5/22/2015 IKEv2( ( 224 (SHA 1 ) ) SHA Val#2818 HMAC Val#2173
TLS( TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#2818 HMAC Val#2173
SSH (SHA 1 , 224 , 256 , 384 , 512 ) SHA Val#2818
SRTP (AES 128 , 192 , 256 ) AES Val#3405
SNMP SHA1 Val#2818

"The Cisco FIPS Object Module is a software library that provides cryptographic services to a vast array of"

06/01/15: Added new tested information;

505
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134
USA

-Global Certification Team
TEL: d

CiscoSSL FIPS Object Module (Assembler)

Version 6.0
Intel Xeon w/ Linux 2.6; Cavium Octeon MIPS64 w/ Linux 2.6; ARMv7 w/ Android 4.4; Intel Core i7 w/ Windows 8.1; Intel Core i7 with AES-NI w/ Windows 8.1 5/22/2015 Curves tested: P-256   P-384   P-521

"The Cisco FIPS Object Module is a software library that provides cryptographic services to a vast array of Cisco''s networking and collaboration products."

06/01/15: Updated implementation information;

504
Section 4.1.2,
IKEv2
Section 4.2,
TLS
Section 5.2, SSH
Section 5.3, SRTP
Section 5.4, SNMP
SP800-135
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134
USA

-Global Certification Team
TEL: d

CiscoSSL FIPS Object Module (Assembler)

Version 6.0
Intel Xeon w/ Linux 2.6; Cavium Octeon MIPS64 w/ Linux 2.6; ARMv7 w/ Android 4.4; Intel Core i7 w/ Windows 8.1; Intel Core i7 with AES-NI w/ Windows 8.1 5/22/2015 IKEv2( ( 224 (SHA 1 ) ) SHA Val#2817 HMAC Val#2172
TLS( TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#2817 HMAC Val#2172
SSH (SHA 1 , 224 , 256 , 384 , 512 ) SHA Val#2817
SRTP (AES 128 , 192 , 256 ) AES Val#3404
SNMP SHA1 Val#2817

"The Cisco FIPS Object Module is a software library that provides cryptographic services to a vast array of Cisco''s networking and collaboration products."

06/01/15: Updated implementation information;

503
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Dell Software, Inc.
5455 Great America Parkway
Santa Clara, CA 95051
USA

-Usha Sanagala
TEL: 408-962-6248
FAX: 408-745-9300

SonicOS 6.2.1 for SM9800

Version 6.2.1 (Firmware)
Cavium Octeon II CN 6640-8core 5/22/2015 IKEv1( AUTH( DSA , PSK ) ) ( 2048 (SHA 256 , 384 , 512 ) ) SHA Val#2816 HMAC Val#2171
IKEv2( ( 2048 (SHA 256 , 384 , 512 ) ) SHA Val#2816 HMAC Val#2171
TLS( TLS1.0/1.1 ) SHA Val#2816 HMAC Val#2171
SSH (SHA 1 ) SHA Val#2816
SNMP SHA1 Val#2816

"The Dell(tm) SonicWALL(tm) SuperMassive(tm) Series is Dell''s next-generation firewall (NGFW) platform designed for large networks to deliver scalability, reliability and deep security at multi-gigabit speeds with near zero latency."

502
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Hewlett-Packard Development Company, L.P.
11445 Compaq Center Dr. W
Houston, TX 77070
USA

-Luis Luciani
TEL: 281-518-6762

iLO SSL Firmware Crypto Library

Version 2.11 (Firmware)
ARM-926 5/22/2015 TLS( TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#2814 HMAC Val#2169
SSH (SHA 1 ) SHA Val#2814

"The HP Integrated Lights-Out 4 (HP iLO 4) built into HP ProLiant Gen8 and Gen9 servers is an autonomous secure management component embedded directly on the server motherboard. iLO SSL Firmware Crypto Library provides the cryptographic operations required for secure communication and management."

501 N/A N/A N/A N/A N/A 5/15/2015 N/A
500
RSADP Primitive
FIPS186-4 RSA; RSADP
Security First Corporation
29811 Santa Margarita Parkway
Suite 600
Rancho Santa Margarita, CA 92688
USA

-Rick Orsini
TEL: 949-858-7525
FAX: 949-858-7092

Secure Parser Library

Version 4.7.1.0
Qualcomm Snapdragon 800 series (ARMv7) w/ Android 4.4; Qualcomm Snapdragon 800 series (ARMv7) w/ Android 5.0; Intel Core i5 (3rd Gen) with AES-NI disabled w/ Microsoft Windows 7 64-bit; Intel Core i5 (3rd Gen) with AES-NI w/ Microsoft Windows 7 64-bit; AMD E1 with AES-NI disabled w/ Microsoft Windows 8 64-bit; AMD E1 with AES-NI w/ Microsoft Windows 8 64-bit 5/15/2015 RSADP: (Mod2048)

"The Secure Parser Library is a suite of general security routines using FIPS Approved algorithms for its cryptography. An AES key size of 256 bits and equivalent key sizes for all other algorithms are supported by the library."

499
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
McAfee, Inc.
2821 Mission College Blvd.
Santa Clara, CA 95054
USA

-Andy Nissen
TEL: 651-770-6151

McAfee Advanced Threat Defense

Version 3.4.6
Intel x86_64 w/ Linux 3.10.45 5/15/2015 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"OpenSSL FIPS Object Module 2.0.5 running on Linux 3.10.45 on Intel x86_64 HW"

498
Section 4.2,
TLS
Section 5.2, SSH
Section 5.3, SRTP
Section 5.4, SNMP
SP800-135
Oracle Communications
100 Crosby Drive
Bedford, MA 01730
USA

-Nikhil Suares
TEL: 781-538-7568

-Madhu Mathiyalagan
TEL: 781-538-7514

Acme Packet Cryptographic Library

Version EC6.4.1M1 (Firmware)
Intel Core Duo T2500; Intel Celeron M 440; Intel Celeron M 440 5/15/2015 TLS( TLS1.0/1.1 ) SHA Val#2788 HMAC Val#2143
SSH (SHA 1 ) SHA Val#2788
SRTP (AES 128 )
SNMP SHA1 Val#2788

"The Acme Packet 3820 and 4500 are one rack unit (1U) platforms that feature Oracle’s purpose-built hardware design tightly integrated with Acme Packet OS, to provide the critical controls for delivering trusted, real-time communications - voice, video, and application data sessions - across Internet Protocol (IP) network borders"

497
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
LogRhythm
4780 Pearl East Circle
Boulder, CO 80301
USA

-Emily Dobson
TEL: 720-881-5348

LogRhythm OpenSSL

Version 6.3.4
Intel Xeon E5-2420 w/ Microsoft Windows Server 2008 R2 5/15/2015 Curves tested: P-224   P-256   P-384   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"This module provides support for secure communications over a network using the OpenSSL library."

496
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Nimble Storage Inc.
211 River Oaks Parkway
San Jose, CA 95134
USA

-Kent Peacock
TEL: +1-408-514-3452

Nimble Storage OpenSSL FIPS Object Module

Version 2.0.9
Intel E5-2403V2 with AES-NI w/ Linux 2.6; Intel E5-2450V2 with AES-NI w/ Linux 2.6; Intel E5-2470V2 with AES-NI w/ Linux 2.6 ;  Intel E5-2603V3 with AES-NI w/ Linux 2.6; Intel E5-2699V3 with AES-NI w/ Linux 2.6; Intel E5-2680V3 with AES-NI w/ Linux 2.6; Intel E5-2620V3 with AES-NI w/ Linux 2.6; 5/8/2015 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"The Nimble Storage OpenSSL FIPS Object Module is a general purpose cryptographic module compiled from the source code for the OpenSSL FIPS Object Module 2.0.9. It is incorporated into the family of Nimble Storage appliances."

05/16/16: Added new tested information;

495
Section 5.3, SRTP
SP800-135
Medtronic Care Management Services, LLC
7980 Century Blvd.
Chanhassen, MN 55317
USA

-Brian Golden
TEL: 888-243-8881

-Ben Lange
TEL: 888-243-8881

CC AM2

Version CC AM2 v1.0.1
Texas Instruments OMAP4430 2X ARM Cortex A9 MP Core w/ Android 4.0.4; Intel Xeon E5620 w/ Windows 2008 R2 x64 5/8/2015 SRTP (AES 256 ) AES Val#3349

"CC AM 2 supports the FIPS module CC FM TLS/SRTP 1.0 which facilitates secure communication with the SRTP protocol."

03/21/16: Updated vendor and implementation information;

494
Section 4.2,
TLS
SP800-135
Medtronic Care Management Services, LLC
7980 Century Blvd.
Chanhassen, MN 55317
USA

-Brian Golden
TEL: 888-243-8881

-Ben Lange
TEL: 888-243-8881

CC AM1

Version CC AM1 v1.0.2
Texas Instruments OMAP4430 2X ARM Cortex A9 MP Core w/ Android 4.0.4; Intel Xeon E5620 w/ Windows 2008 R2 x64 5/8/2015 TLS( TLS1.2 (SHA 256 ) ) SHA Val#2776 HMAC Val#2132

"CC AM 1 supports the FIPS module CC FM TLS/SRTP 1.0 which facilitates secure communication for the TLS and SRTP protocols."

03/21/16: Updated vendor and implementation information;

493
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
SP800-135
Information Assurance Specialists, Inc.
900 Route 168
Suite C4
Turnersville, NJ 08012
USA

-Nicholas Podolak
TEL: 856-581-8033

IAS Router IPSec

Version IASRouter-2015-06-10_23s36eb (Firmware)
Intel Bay Trail with AES-NI 6/11/2015 IKEv1( AUTH( DSA , PSK ) ) ( 256 (SHA 256 , 384 , 512 ) ) ( 8192 (SHA 256 , 384 , 512 ) ) ( 2048 (SHA 256 , 384 , 512 ) ) SHA Val#2830 HMAC Val#2182
IKEv2( ( 256 (SHA 256 , 384 , 512 ) ) ( 8192 (SHA 256 , 384 , 512 ) ) ( 2048 (SHA 256 , 384 , 512 ) ) SHA Val#2830 HMAC Val#2182

"IAS Router IPSec is the IKE and ESP stack implementation."

492
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Samsung Electronics Co., Ltd.
416, Maetan 3-Dong Youngton Gu
Suwon, Gyeonggi 152-848
South Korea

-Abraham Joseph Kang
TEL: +1-408-324-3678
FAX: +1-408-324-3640

-Bumhan Kim
TEL: +82-10-4800-6711

Samsung SCrypto

Version 1.0
Samsung Electronics Exynos 7420 w/ MOBICORE Tbase 302A 4/17/2015 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"Provide general purpose cryptographic services to TrustZone applications on the mobile platform for the protection of data in transit."

491
Section 5.4, SNMP
SP800-135
Senetas Corporation Ltd, distributed by Gemalto NV (SafeNet)
312 Kings Way
South Melbourne, Victoria 3025
Australia

-John Weston
TEL: +61 3 9868 4555
FAX: +61 3 9821 4899

CN6000 Series Common Crypto Library

Version 2.6.1 (Firmware)
Intel ATOM 4/17/2015 SNMP SHA1 Val#2772

"The CN6000 Series Common Crypto Library Module provides FIPS 140-2 approved cryptographic algorithms for CN6000 Series Encryptors. Based upon OpenSSL the Common Crypto Library provides an Application Programming Interface (API) to support security relevant services."

06/08/15: Updated implementation information;

490
Section 5.4, SNMP
SP800-135
Senetas Corporation Ltd, distributed by Gemalto NV (SafeNet)
312 Kings Way
South Melbourne, Victoria 3025
Australia

-John Weston
TEL: +61 3 9868 4555
FAX: +61 3 9821 4899

CN1000 and CN3000 Series Common Crypto Library

Version 4.6.1 (Firmware)
Freescale MPC8280 4/17/2015 SNMP SHA1 Val#2771

"The CN1000 and CN3000 Series Common Crypto Library Module provides FIPS 140-2 approved cryptographic algorithms for the CN1000 and CN3000 Series Encryptors. Based upon OpenSSL the Library provides an Application Programming Interface (API) to support security relevant services."

06/08/15: Updated implementation information;

489
Section 5.4, SNMP
SP800-135
Senetas Corporation Ltd, distributed by Gemalto NV (SafeNet)
312 Kings Way
South Melbourne, Victoria 3025
Australia

-John Weston
TEL: +61 3 9868 4555
FAX: +61 3 9821 4899

CN4010 and CN6010 Series Common Crypto Library

Version 2.6.1 (Firmware)
ARM Cortex A9 4/17/2015 SNMP SHA1 Val#2770

"The CN4010 and CN6010 Series Common Crypto Library Module provides FIPS 140-2 approved cryptographic algorithms for the CN4010 and CN6010 Series Encryptors. Based upon OpenSSL the Library provides an Application Programming Interface (API) to support security relevant services."

06/08/15: Updated implementation information;

488
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Hewlett-Packard Development Company, L.P.
11445 Compaq Center Dr. W
Houston, TX 77070
USA

-Julie Ritter
TEL: (281) 514-4087

HP BladeSystem c-Class Virtual Connect Library

Version 4.41 (Firmware)
Freescale MPC8347 Processor; Freescale MPC8535 Processor 4/17/2015 TLS( TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#2769 HMAC Val#2125
SSH (SHA 256 , 384 , 512 ) SHA Val#2769
SNMP SHA1 Val#2769

"The HP BladeSystem is a rack-mount enterprise-class computing infrastructure designed to maximize power while minimizing costs, saving up to 56% of the total cost of ownership compared to traditional infrastructures."

487
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Hewlett-Packard Development Company, L.P.
11445 Compaq Center Dr. W
Houston, TX 77070
USA

-Ramesh Narayanan
TEL: +91 80 338 65384

-Rituparna Mitra
TEL: +91 80 251 65735

HP BladeSystem Onboard Administrator Firmware

Version 4.40 (Firmware)
PowerPC 440EPX processor 4/17/2015 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#2767 HMAC Val#2124
SSH (SHA 1 , 224 , 256 , 384 , 512 ) SHA Val#2767
SNMP SHA1 Val#2767

"The module provides administrative control of HP BladeSystem c-Class enclosures. The cryptographic functions of the module provide security for administrative access via HTTPS and SSH, and to administrative commands for the BladeSystem enclosure."

486
Section 4.1.2,
IKEv2
SP800-135
SUSE, LLC
10 Canal Park, Suite 200
Cambridge, MA 02141
USA

-Thomas Biege
TEL: +49 911 74053 500

-Michael Hager
TEL: +49 911 74053 80

Strongswan Cryptographic Module

Version 1.0
Intel x86-64 w/ SUSE Linux Enterprise Server 12 4/17/2015 IKEv2( ( 224 (SHA 1 , 256 , 384 , 512 ) ) ( 8192 (SHA 1 , 256 , 384 , 512 ) ) ( 2048 (SHA 1 , 256 , 384 , 512 ) ) ( 2048 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#2646 HMAC Val#2015

"Strongswan is an open-source IPsec implementation for Linux kernel. The module supplies cryptographic support of the IKEv1 and IKEv2 protocols for the SUSE Linux Enterprise Server user space. This test covers the SP800-135 IKEv2 KDF testing."

485
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Sony Mobile Communications Inc.
1-8-15 Kohnan
Minato-ku, Tokyo 108-0075
Japan

-Takuya Nishibayashi
TEL: +81-3-5782-5285
FAX: +81-3-5782-5258

Xperia Cryptographic Module CVL Component

Version 1.0.0
Qualcomm Snapdragon 810 (ARMv8) with Cryptographic Instructions w/ Android 5.0; Qualcomm Snapdragon 810 (ARMv8) without Cryptographic Instructions w/ Android 5.0 4/17/2015 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-571   B-233   B-283   B-409   B-571

"Xperia Cryptographic Module CVL Component provides cryptographic service for Android mobile device."

05/19/15: Updated implementation information;

484
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
United States Special Operations Command (USSOCOM)
7701 Tampa Point Boulevard
MacDill Air Force Base, Florida 33621-5323
USA

-William W. Burnham
TEL: (813) 826-2282

Suite B Cryptographic Algorithms

Version 2.0
Qualcomm Snapdragon S2 w/ BlackBerry OS v7.1; Qualcomm Snapdragon S4 w/ BlackBerry OS v10.3; Intel Xeon w/ Microsoft Windows Server 2008 R2 (64-bit); Intel Xeon w/ Microsoft Windows Server 2012 R2 (64-bit); Qualcomm Snapdragon 801 w/ BlackBerry OS v10.3 4/10/2015 Curves tested: P-224   P-256   P-384   P-521

"KEYW, in coordination with the United States Special Operations Command (USSOCOM), has developed a Federal Information Processing Standard (FIPS) 140-2 certified, standards-based Suite B Cryptographic Algorithms library that provides an advanced layer of encrypted data-in-transit communications and data-at-rest encryption for the BlackBerry ecosystem."

07/20/15: Updated implementation information;

483
Section 5.2, SSH
SP800-135
SUSE, LLC
10 Canal Park, Suite 200
Cambridge, MA 02141
USA

-Thomas Biege
TEL: +49 911 74053 500

-Michael Hager
TEL: +49 911 74053 80

OpenSSH

Version 1.0
Intel x86-64 w/ SUSE Linux Enterprise Server 12 4/10/2015 SSH (SHA 256 , 384 , 512 ) SHA Val#2646

"OpenSSH is the standard SSH implementation. This test covers the SP800-135 SSH KDF testing for both OpenSSH client and server cryptographic modules."

482
Section 4.2,
TLS
SP800-135
Accellion, Inc.
1804 Embarcadero Road
Suite 200
Palo Alto, Ca 94303
USA

-Prateek Jain
TEL: 65-62445670
FAX: 65-62445678

OpenSSL Object Module

Version 1.0.1
Intel Xeon QuadCore w/ Red Hat Enterprise Linux 5 4/10/2015 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#2758 HMAC Val#2117

"Accellion Cryptographic Module is a key component of Accellion''s secure collaboration solution that enables enterprises to securely share and transfer files. Extensive tracking and reporting tools allow compliance with SOX, HIPAA, FDA and GLB regulations while providing enterprise grade security and ease of use."

481
All of SP800-56A EXCEPT KDF
SP800-56A
Accellion, Inc.
1804 Embarcadero Road
Suite 200
Palo Alto, Ca 94303
USA

-Prateek Jain
TEL: 65-62445670
FAX: 65-62445678

OpenSSL Object Module

Version 1.0.1
Intel Xeon QuadCore w/ Red Hat Enterprise Linux 5 4/10/2015 ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 ECDSA Val#655 SHS Val#2758 DRBG Val#772

"Accellion Cryptographic Module is a key component of Accellion''s secure collaboration solution that enables enterprises to securely share and transfer files. Extensive tracking and reporting tools allow compliance with SOX, HIPAA, FDA and GLB regulations while providing enterprise grade security and ease of use."

480
Section 4.2,
TLS
Section 5.2, SSH
Section 5.3, SRTP
Section 5.4, SNMP
SP800-135
Oracle Communications
100 Crosby Drive
Bedford, MA 01730
USA

-Nikhil Suares
TEL: (781) 538-7568

-Madhu Mathiyalagan
TEL: (781) 538-7514

Acme Packet Cryptographic Library

Version EC6.4.1 (Firmware)
Intel Core Duo T2500; Intel Celeron M 440; Intel Core Duo T9400 3/27/2015 TLS( TLS1.0/1.1 ) SHA Val#2748 HMAC Val#2107
SSH (SHA 1 ) SHA Val#2748
SRTP (AES 128 ) AES Val#928
SNMP SHA1 Val#2748

"The Acme Packet 3820 and 4500 are one rack unit (1U) platforms that feature Oracle’s purpose-built hardware design tightly integrated with Acme Packet OS, to provide the critical controls for delivering trusted, real-time communications - voice, video, and application data sessions - across Internet Protocol (IP) network borders."

479
RSADP Primitive
FIPS186-4 RSA; RSADP
Samsung Electronics Co., Ltd
R4 416, Maetan 3-dong, Yeongtong-gu
Suwon-si, Gyeonggi-do 443-742
Korea

-Brian Wood
TEL: 908-809-7939
FAX: 908-809-7974

Samsung OpenSSL - Galaxy S6

Version OpenSSL 1.0.1j
System LSI Exynos 7420 w/ Android 5.0.2 3/27/2015 RSADP: (Mod2048)

"General purpose cryptographic services available for Android used by Samsung devices to provide secure cryptography."

478
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Samsung Electronics Co., Ltd
R4 416, Maetan 3-dong, Yeongtong-gu
Suwon-si, Gyeonggi-do 443-742
Korea

-Brian Wood
TEL: 908-809-7939
FAX: 908-809-7974

Samsung OpenSSL - Galaxy S6

Version OpenSSL 1.0.1j
System LSI Exynos 7420 w/ Android 5.0.2 3/27/2015 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"General purpose cryptographic services available for Android used by Samsung devices to provide secure cryptography."

477
RSADP Primitive
FIPS186-4 RSA; RSADP
Samsung Electronics Co., Ltd
R4 416, Maetan 3-dong, Yeongtong-gu
Suwon-si, Gyeonggi-do 443-742
Korea

-Brian Wood
TEL: 908-809-7939
FAX: 908-809-7974

Samsung OpenSSL - Note 4

Version OpenSSL 1.0.1j
Qualcomm Snapdragon 805 w/ Android 5.0.1 3/27/2015 RSADP: (Mod2048)

"General purpose cryptographic services available for Android used by Samsung devices to provide secure cryptography."

476
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Samsung Electronics Co., Ltd
R4 416, Maetan 3-dong, Yeongtong-gu
Suwon-si, Gyeonggi-do 443-742
Korea

-Brian Wood
TEL: 908-809-7939
FAX: 908-809-7974

Samsung OpenSSL - Note 4

Version OpenSSL 1.0.1j
Qualcomm Snapdragon 805 w/ Android 5.0.1 3/27/2015 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"General purpose cryptographic services available for Android used by Samsung devices to provide secure cryptography."

475
Section 4.2,
TLS
SP800-135
Cavium, Inc.
2315 N. First Street
San Jose, CA 95131
USA

-Tasha Castaneda
TEL: 650-218-9914

-Steve Klinger
TEL: 408-943-7375

N3Like_FW

Version N3Like_v1.0 (Firmware)
Part # CN7010/CN7020/CN7120/CN7125/CN7130; -AAP, -CP, -SCP options
Octeon III CN7000/CN7100 Series Die 3/27/2015 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#2737 HMAC Val#2095

"The Cavium OCTEON III family of Multi-Core MIPS64 processors has 1 to 48 cores per chip. They integrate next-generation networking I/Os with advanced security, storage, and application hardware acceleration, offering unprecedented throughput and programmability for Layer 2 through Layer 7 processing of intelligent networks."

474
Section 4.2,
TLS
SP800-135
Redpine Signals, Inc.
2107 North First Street Suite #680
San Jose, CA 95131-2019
USA

-Mallik Reddy
TEL: +1 408 219 7868
FAX: +1 408 705 2019

RSICryptoLib

Version RSICryptoLib_1_0 (Firmware)
Part # Redpine ThreadArch
N/A 3/27/2015 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 ) ) SHA Val#2628 HMAC Val#2003

"Algorithm routines implemented in RSICryptoLib"

472
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
OpenSSL Software Foundation, Inc.
1829 Mount Ephraim Road
Adamstown, MD 27101
USA

-Steve Marquess
TEL: 877-673-6775

OpenSSL FIPS Object Module

Version 2.0.10
Apple A7 (ARMv8) 64-bit without NEON and Crypto Extensions w/ iOS 8.1; Apple A7 (ARMv8) 64-bit with NEON and Crypto Extensions w/ iOS 8.1; Freescale P2020 (PPC) w/ VxWorks 6.9; Apple A7 (ARMv8) with NEON w/ iOS 8.1 32-bit; Apple A7 (ARMv8) without NEON w/ iOS 8.1 32-bit; Qualcomm APQ8084 (ARMv7) without NEON w/ Android 5.0 32-bit; Qualcomm APQ8084 (ARMv7) with NEON w/ Android 5.0 32-bit; SAMSUNG Exynos7420 (ARMv8) without NEON and Crypto Extensions w/ Android 5.0 64-bit; SAMSUNG Exynos7420 (ARMv8) with NEON and Crypto Extensions w/ Android 5.0 64-bit ;  Intel Xeon E5-2430L (x86) with AES-NI optimizations w/ FreeBSD 10.2; Intel Xeon E5-2430L (x86) without AES-NI optimizations w/ FreeBSD 10.2; 3/27/2015 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"The OpenSSL FIPS Object Module is a full featured general purpose cryptographic library that is distributed in source code form under an open source license. It can be downloaded from www.openssl.org/source/."

04/17/15: Added new tested information;
05/29/2015: Updated implementation information;
08/11/15: Updated implementation information;
03/11/16: Added new tested information;

471
Section 4.2,
TLS
SP800-135
RSA, The Security Division of EMC
174 Middlesex Turnpike
Bedford, MA 01730
USA

-Sandy Carielli
TEL: 781-515-7510

RSA BSAFE® Crypto-J JSAFE and JCE Software Module

Version 6.2
Intel Core i7 w/ Windows 8.1 (64-bit); NVIDIA Tegra 3 w/ Android 4.1.2 ;  Intel Xeon w/ CentOS 6.7 3/27/2015 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#2701 HMAC Val#2062

"RSA BSAFE Crypto-J security software is designed to help protect sensitive data as it is stored using strong encryption techniques to provide a persistent level of protection. It supports a wide range of industry standard encryption algorithms offering Java developers the flexibility to choose the option most appropriate to meet their requirements"

03/26/15: Added new tested information;
04/04/16: Added new tested information;

470
Section 5.2, SSH
SP800-135
Juniper Networks, Inc.
1194 North Mathilda Avenue
Sunnyvale, CA 94089
USA

-Balachandra Shanabhag
TEL: +91 8061214260

OpenSSL Crypto Lib

Version Junos 14.1R4 (Firmware)
Intel LC5500 and LC3500 Jasper Forest family; Intel L52xx Wolfdale family 3/20/2015 SSH (SHA 1 , 256 , 384 , 512 ) SHA Val#2736

"Comprehensive, scalable and secure switching & routing solutions specifically designed to meet the needs of campus, enterprises and service providers. All of our switches & routers - core, Multiservice edge and edge Ethernet - run on one common operating system- Junos."

03/27/15: Update implementation information;

469
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
SP800-135
Juniper Networks, Inc.
1194 North Mathilda Avenue
Sunnyvale, CA 94089
USA

-Balachandra Shanabhag
TEL: +91 8061214260

Authentec (Quicksec)

Version Junos 14.1R4 (Firmware)
Intel LC5500 and LC3500 Jasper Forest family; Intel L52xx Wolfdale family 3/20/2015 IKEv1( AUTH( DSA , PKE , PSK ) ) ( 2048 (SHA 256 ) ) ( 2048 (SHA 256 ) ) SHA Val#2733 HMAC Val#2091
IKEv2( ( 2048 (SHA 256 ) ) ( 2048 (SHA 256 ) ) SHA Val#2733 HMAC Val#2091

"Comprehensive, scalable and secure switching & routing solutions specifically designed to meet the needs of campus, enterprises and service providers. All of our switches & routers - core, Multiservice edge and edge Ethernet - run on one common operating system- Junos."

03/27/15: Updated implementation information;

468
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
LG Electronics, Inc.
20 Yoido-dong
Youngdungpo-gu
Seoul, n/a 152-721
Republic of Korea

-Jongseong Kim
TEL: 82-10-2207-1919
FAX: 82-2-6950-2080

-Adam Wick
TEL: 503-808-7216
FAX: 503-350-0833

LG OpenSSL

Version 2.0.8
Qualcomm Snapdragon 800-series (32-bit) w/ Android 5.0.1; Qualcomm Snapdragon 800-series (64-bit) w/ Android 5.0.1 3/20/2015 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"General-purpose cryptographic services available for Android used by LG devices to provide secured services to applications via the OpenSSL FIPS Object Module, which is a full featured general purpose cryptographic library."

06/25/15: Added new tested information;
05/31/16: Updated implementation information;

467
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
IBM® Corporation
Seabank Centre
12 - 14 Marine Parade
Southport, QLD 4215
Australia

-Peter Waltenberg
TEL: +61 7 5552 4016
FAX: +61 7 5571 0420

ICC Algorithmic Core on XGS 7100

Version 8.4.0.0
Intel E5-2658 v2 2.4 GHz w/ RHEL 6.3 Linux 3/20/2015 Curves tested: P-224   P-256   P-384   P-521

"ICC is a C language implementation of cryptographic functions based on the cryptographic library provided by the OpenSSL project. This enables IBM products to use an open source solution for cryptography and a FIPS 140-2 certified cryptographic provider."

466
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
IBM® Corporation
Seabank Centre
12 - 14 Marine Parade
Southport, QLD 4215
Australia

-Peter Waltenberg
TEL: +61 7 5552 4016
FAX: +61 7 5571 0420

ICC Algorithmic Core on XGS 5100

Version 8.4.0.0
Intel Core i7-2600 3.4 GHz w/ RHEL 6.3 Linux 3/20/2015 Curves tested: P-224   P-256   P-384   P-521

"ICC is a C language implementation of cryptographic functions based on the cryptographic library provided by the OpenSSL project. This enables IBM products to use an open source solution for cryptography and a FIPS 140-2 certified cryptographic provider."

465
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
IBM® Corporation
Seabank Centre
12 - 14 Marine Parade
Southport, QLD 4215
Australia

-Peter Waltenberg
TEL: +61 7 5552 4016
FAX: +61 7 5571 0420

ICC Algorithmic Core on XGS 4100

Version 8.4.0.0
Intel i3-2115C 2.0 GHz w/ RHEL 6.3 Linux 3/20/2015 Curves tested: P-224   P-256   P-384   P-521

"ICC is a C language implementation of cryptographic functions based on the cryptographic library provided by the OpenSSL project. This enables IBM products to use an open source solution for cryptography and a FIPS 140-2 certified cryptographic provider."

464
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Hewlett Packard Enterprise
14231 Tandem Boulevard
Austin, TX 78728
USA

-Kevin Pimm
TEL: (512) 432-2969

TippingPoint Crypto Core OpenSSL

Version 2.0.8
Intel Xeon E5-2620v3 w/ CentOS 5.6;Intel Xeon E5-2690v3 w/ CentOS 5.6 3/20/2015 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"This implementation represents a version of the FIPS certified Mozilla Network Security Services (NSS) compiled for CentOS 5.6."

12/17/15: Updated vendor and implementation information;

463
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
IBM® Corporation
Seabank Centre
12 - 14 Marine Parade
Southport, QLD 4215
Australia

-Peter Waltenberg
TEL: +61 7 5552 4016
FAX: +61 7 5571 0420

ICC Algorithmic Core on XGS 3100

Version 8.4.0.0
Intel Pentium B915C 1.5 GHz w/ RHEL 6.3 Linux 3/20/2015 Curves tested: P-224   P-256   P-384   P-521

"ICC is a C language implementation of cryptographic functions based on the cryptographic library provided by the OpenSSL project. This enables IBM products to use an open source solution for cryptography and a FIPS 140-2 certified cryptographic provider."

462
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
IBM® Corporation
Seabank Centre
12 - 14 Marine Parade
Southport, QLD 4215
Australia

-Peter Waltenberg
TEL: +61 7 5552 4016
FAX: +61 7 5571 0420

ICC Algorithmic Core on SP4001

Version 8.4.0.0
Intel Core i7-2600 3.4 GHz w/ Windows Server 2012 R2 64-bit 3/20/2015 Curves tested: P-224   P-256   P-384   P-521

"ICC is a C language implementation of cryptographic functions based on the cryptographic library provided by the OpenSSL project. This enables IBM products to use an open source solution for cryptography and a FIPS 140-2 certified cryptographic provider."

461
Section 5.2, SSH
SP800-135
Hewlett Packard Enterprise
1160 Enterprise Way
Sunnyvale, CA 94089
USA

-Indra Fitzgerald
TEL: 650-258-5477

HP ESKM OpenSSH

Version 6.0.0 (Firmware)
Intel Xeon E5-2600 Family 3/20/2015 SSH (SHA 1 ) SHA Val#2716

"HP Enterprise Secure Key Manager (ESKM) provides key generation, retrieval, and management for encryption devices and solutions. ESKM is a hardened security appliance with secure access control, administration, and logging. ESKM supports high availability with automatic multi-site clustering, replication, and failover."

460
Section 4.2,
TLS
SP800-135
Hewlett Packard Enterprise
1160 Enterprise Way
Sunnyvale, CA 94089
USA

-Indra Fitzgerald
TEL: 650-258-5477

HP ESKM OpenSSL

Version 6.0.0 (Firmware)
Intel Xeon E5-2600 Family 3/20/2015 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#2716 HMAC Val#2075

"HP Enterprise Secure Key Manager (ESKM) provides key generation, retrieval, and management for encryption devices and solutions. ESKM is a hardened security appliance with secure access control, administration, and logging. ESKM supports high availability with automatic multi-site clustering, replication, and failover."

459
RSADP Primitive
FIPS186-4 RSA; RSADP
Hewlett Packard Enterprise
1160 Enterprise Way
Sunnyvale, CA 94089
USA

-Indra Fitzgerald
TEL: 650-258-5477

HP ESKM OpenSSL

Version 6.0.0 (Firmware)
Intel Xeon E5-2600 Family 3/20/2015 RSADP: (Mod2048)

"HP Enterprise Secure Key Manager (ESKM) provides key generation, retrieval, and management for encryption devices and solutions. ESKM is a hardened security appliance with secure access control, administration, and logging. ESKM supports high availability with automatic multi-site clustering, replication, and failover."

458
Section 4.2,
TLS
SP800-135
Zoll Medical
269 Mill Rd.
Chemlsford, MA 01824
USA

-Navid Shaidani
TEL: 978-421-9843

-Bryan Newman
TEL: 978-421-9843

OpenSSL Fips Object Module

Version 2.0.7 (Firmware)
Part # *
Texas Instruments AM3703 Cortex A8 (ARM 7) 3/20/2015 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#2714 HMAC Val#2074

"OpenSSL Fips Object Module implements all necessary algorithms required for SSL communications."

10/20/15: Updated implementation information;

457
Section 4.1.1,
IKEv1
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Aruba Networks, Inc.
1344 Crossman Ave
Sunnyvale, CA 94089
USA

-Steve Weingart
TEL: +1 830 850 1544

ArubaOS OpenSSL Module

Version 6.4.3-FIPS (Firmware)
x86-64 3/13/2015 IKEv1( AUTH( DSA , PSK ) ) ( 2048 (SHA 1 , 256 , 384 ) ) SHA Val#2694 HMAC Val#2055
TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#2694 HMAC Val#2055
SSH (SHA 1 ) SHA Val#2694
SNMP SHA1 Val#2694

"The Aruba MOVE Architecture forms the core network infrastructure for supporting mobile and wireless computing devices. The system enables enterprise-scale 802.11 wireless LANs (Wi-Fi), secure remote VPNs, and mobility-optimized wired networks."

456
Section 4.1.2,
IKEv2
Section 4.2,
TLS
SP800-135
Aruba Networks, Inc.
1344 Crossman Ave
Sunnyvale, CA 94089
USA

-Steve Weingart
TEL: +1 830 850 1544

ArubaOS Common Cryptographic Module

Version 6.4.3-FIPS (Firmware)
x86-64 3/13/2015 IKEv2( ( 2048 (SHA 256 , 384 ) ) ( 256 (SHA 256 , 384 ) ) ( 384 (SHA 256 , 384 ) ) SHA Val#2693 HMAC Val#2054
TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#2693 HMAC Val#2054

"The Aruba MOVE Architecture forms the core network infrastructure for supporting mobile and wireless computing devices. The system enables enterprise-scale 802.11 wireless LANs (Wi-Fi), secure remote VPNs, and mobility-optimized wired networks."

455
Section 5.4, SNMP
SP800-135
ViaSat, Inc.
6155 El Camino Real
Carlsbad, CA 92009
USA

-David Suksumrit
TEL: 760-476-2306
FAX: 760-929-3941

-Savitha Naik
TEL: 760-476-7416
FAX: 760-929-3941

NetSNMP KDF

Version 5.7.1 (Firmware)
IBM Power PC 3/6/2015 SNMP SHA1 Val#2690

"SHA-1 based KDF used by NetSNMP."

454
Section 5.2, SSH
SP800-135
ViaSat, Inc.
6155 El Camino Real
Carlsbad, CA 92009
USA

-David Suksumrit
TEL: 760-476-2306
FAX: 760-929-3941

-Savitha Naik
TEL: 760-476-7416
FAX: 760-929-3941

OpenSSH KDF

Version 6.1p1 (Firmware)
IBM Power PC 3/6/2015 SSH (SHA 1 , 256 , 512 ) SHA Val#2690

"KDF implementation in OpenSSH."

453
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
IBM® Corporation
Seabank Centre
12 - 14 Marine Parade
Southport, QLD 4215
Australia

-Peter Waltenberg
TEL: +61 7 5552 4016
FAX: +61 7 5571 0420

ICC Algorithmic Core on Windows x86-64 for 64 bits

Version 8.4.1.0
Intel x86_64 w/ Microsoft Windows Server 2008 3/6/2015 Curves tested: P-224   P-256   P-384   P-521

"ICC is a C language implementation of cryptographic functions based on the cryptographic library provided by the OpenSSL project. This enables IBM products to use an open source solution for cryptography and a FIPS 140-2 certified cryptographic provider."

05/15/15: Updated implementation information;

452
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
IBM® Corporation
Seabank Centre
12 - 14 Marine Parade
Southport, QLD 4215
Australia

-Peter Waltenberg
TEL: +61 7 5552 4016
FAX: +61 7 5571 0420

ICC Algorithmic Core on Windows x86-64 for 32 bits

Version 8.4.1.0
Intel x86_64 w/ Microsoft Windows Server 2008 3/6/2015 Curves tested: P-224   P-256   P-384   P-521

"ICC is a C language implementation of cryptographic functions based on the cryptographic library provided by the OpenSSL project. This enables IBM products to use an open source solution for cryptography and a FIPS 140-2 certified cryptographic provider."

05/15/15: Updated implementation information;

451
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
IBM® Corporation
Seabank Centre
12 - 14 Marine Parade
Southport, QLD 4215
Australia

-Peter Waltenberg
TEL: +61 7 5552 4016
FAX: +61 7 5571 0420

ICC Algorithmic Core on Ubuntu PPC64 for 64 bits

Version 8.4.1.0
IBM Power8 w/ Ubuntu 14.04 LE 3/6/2015 Curves tested: P-224   P-256   P-384   P-521

"ICC is a C language implementation of cryptographic functions based on the cryptographic library provided by the OpenSSL project. This enables IBM products to use an open source solution for cryptography and a FIPS 140-2 certified cryptographic provider."

05/15/15: Updated implementation information;

450
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
IBM® Corporation
Seabank Centre
12 - 14 Marine Parade
Southport, QLD 4215
Australia

-Peter Waltenberg
TEL: +61 7 5552 4016
FAX: +61 7 5571 0420

ICC Algorithmic Core on Solaris Sparc for 64 bits

Version 8.4.1.0
Sparc T4 w/ Solaris 11 3/6/2015 Curves tested: P-224   P-256   P-384   P-521

"ICC is a C language implementation of cryptographic functions based on the cryptographic library provided by the OpenSSL project. This enables IBM products to use an open source solution for cryptography and a FIPS 140-2 certified cryptographic provider."

05/15/15: Updated implementation information;

449
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
IBM® Corporation
Seabank Centre
12 - 14 Marine Parade
Southport, QLD 4215
Australia

-Peter Waltenberg
TEL: +61 7 5552 4016
FAX: +61 7 5571 0420

ICC Algorithmic Core on Solaris Sparc for 32 bits

Version 8.4.1.0
Sparc T4 w/ Solaris 11 3/6/2015 Curves tested: P-224   P-256   P-384   P-521

"ICC is a C language implementation of cryptographic functions based on the cryptographic library provided by the OpenSSL project. This enables IBM products to use an open source solution for cryptography and a FIPS 140-2 certified cryptographic provider."

05/15/15: Updated implementation information;

448
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
IBM® Corporation
Seabank Centre
12 - 14 Marine Parade
Southport, QLD 4215
Australia

-Peter Waltenberg
TEL: +61 7 5552 4016
FAX: +61 7 5571 0420

ICC Algorithmic Core on SLES zSeries for 64 bits

Version 8.4.1.0
IBM zSeries s390x w/ SUSE Linux Enterprise Server 11 3/6/2015 Curves tested: P-224   P-256   P-384   P-521

"ICC is a C language implementation of cryptographic functions based on the cryptographic library provided by the OpenSSL project. This enables IBM products to use an open source solution for cryptography and a FIPS 140-2 certified cryptographic provider."

05/15/15: Updated implementation information;

447
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
IBM® Corporation
Seabank Centre
12 - 14 Marine Parade
Southport, QLD 4215
Australia

-Peter Waltenberg
TEL: +61 7 5552 4016
FAX: +61 7 5571 0420

ICC Algorithmic Core on SLES zSeries for 32 bits

Version 8.4.1.0
IBM zSeries s390x w/ SUSE Linux Enterprise Server 11 3/6/2015 Curves tested: P-224   P-256   P-384   P-521

"ICC is a C language implementation of cryptographic functions based on the cryptographic library provided by the OpenSSL project. This enables IBM products to use an open source solution for cryptography and a FIPS 140-2 certified cryptographic provider."

05/15/15: Updated implementation information;

446
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
IBM® Corporation
Seabank Centre
12 - 14 Marine Parade
Southport, QLD 4215
Australia

-Peter Waltenberg
TEL: +61 7 5552 4016
FAX: +61 7 5571 0420

ICC Algorithmic Core on RHEL x86-64 for 64 bits

Version 8.4.1.0
Intel x86_64 w/ Red Hat Linux Enterprise Server 7.0 3/6/2015 Curves tested: P-224   P-256   P-384   P-521

"ICC is a C language implementation of cryptographic functions based on the cryptographic library provided by the OpenSSL project. This enables IBM products to use an open source solution for cryptography and a FIPS 140-2 certified cryptographic provider."

05/08/15: Updated implementation information;

445
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
IBM® Corporation
Seabank Centre
12 - 14 Marine Parade
Southport, QLD 4215
Australia

-Peter Waltenberg
TEL: +61 7 5552 4016
FAX: +61 7 5571 0420

ICC Algorithmic Core on RHEL x86-64 for 32 bits

Version 8.4.1.0
Intel x86_64 w/ Red Hat Linux Enterprise Server 7.0 3/6/2015 Curves tested: P-224   P-256   P-384   P-521

"ICC is a C language implementation of cryptographic functions based on the cryptographic library provided by the OpenSSL project. This enables IBM products to use an open source solution for cryptography and a FIPS 140-2 certified cryptographic provider."

05/08/15: Updated implementation information;

444
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
IBM® Corporation
Seabank Centre
12 - 14 Marine Parade
Southport, QLD 4215
Australia

-Peter Waltenberg
TEL: +61 7 5552 4016
FAX: +61 7 5571 0420

ICC Algorithmic Core on RHEL PPC64 for 64 bits

Version 8.4.1.0
IBM Power8 w/ Red Hat Linux Enterprise Server 7.0 BE 3/6/2015 Curves tested: P-224   P-256   P-384   P-521

"ICC is a C language implementation of cryptographic functions based on the cryptographic library provided by the OpenSSL project. This enables IBM products to use an open source solution for cryptography and a FIPS 140-2 certified cryptographic provider."

05/08/15: Updated implementation information;

443
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
IBM® Corporation
Seabank Centre
12 - 14 Marine Parade
Southport, QLD 4215
Australia

-Peter Waltenberg
TEL: +61 7 5552 4016
FAX: +61 7 5571 0420

ICC Algorithmic Core on RHEL PPC64 for 32 bits

Version 8.4.1.0
IBM Power8 w/ Red Hat Linux Enterprise Server 7.0 BE 3/6/2015 Curves tested: P-224   P-256   P-384   P-521

"ICC is a C language implementation of cryptographic functions based on the cryptographic library provided by the OpenSSL project. This enables IBM products to use an open source solution for cryptography and a FIPS 140-2 certified cryptographic provider."

05/08/15: Updated implementation information;

442
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
IBM® Corporation
Seabank Centre
12 - 14 Marine Parade
Southport, QLD 4215
Australia

-Peter Waltenberg
TEL: +61 7 5552 4016
FAX: +61 7 5571 0420

ICC Algorithmic Core on AIX PPC64 for 64 bits

Version 8.4.1.0
IBM Power8 w/ IBM AIX 7.1 3/6/2015 Curves tested: P-224   P-256   P-384   P-521

"ICC is a C language implementation of cryptographic functions based on the cryptographic library provided by the OpenSSL project. This enables IBM products to use an open source solution for cryptography and a FIPS 140-2 certified cryptographic provider."

05/08/15: Updated implementation information;

441
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
IBM® Corporation
Seabank Centre
12 - 14 Marine Parade
Southport, QLD 4215
Australia

-Peter Waltenberg
TEL: +61 7 5552 4016
FAX: +61 7 5571 0420

ICC Algorithmic Core on AIX PPC64 for 32 bits

Version 8.4.1.0
IBM Power8 w/ IBM AIX 7.1 3/6/2015 Curves tested: P-224   P-256   P-384   P-521

"ICC is a C language implementation of cryptographic functions based on the cryptographic library provided by the OpenSSL project. This enables IBM products to use an open source solution for cryptography and a FIPS 140-2 certified cryptographic provider."

05/08/15: Updated implementation information;

440
Section 4.2,
TLS
SP800-135
Draeger Medical Systems, Inc.
6 Tech Drive
Andover, MA 01810
USA

-Michael Robinson
TEL: +1 978 379 8000
FAX: +1 978 379 8538

DRAEGER WCM9113 802.11ABGN VG2

Version VG2 (Firmware)
Part # MS32018
N/A 3/6/2015 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 ) ) SHA Val#2661 HMAC Val#2026

"Algorithm routines implemented in the DRAEGER WCM9113 802.11ABGN VG2"

03/26/15: Updated implementation information;

439
Section 4.2,
TLS
SP800-135
Axway Inc.
2600 Bridge Parkway Suite 201
Redwood City, California 94065
USA

-Tom Donahoe
TEL: 480-627-1800
FAX: 480-627-1801

-Paul Keane
TEL: 650-801-3176
FAX: 650-801-3101

Axway Security Kernel

Version 3.0.1
Intel Xeon E5-2620 w/ RHEL 6.3 64bit; Sun UltraSparc T1 w/ Solaris 10 64bit; Intel Xeon E5-2620 w/ Microsoft Windows 2012 64bit 2/27/2015 TLS( TLS1.0/1.1 ) SHA Val#2663 HMAC Val#2028

"Axway Validation Authority Suite - a collection of products that provide flexible and robust OCSP/SCVP certificate validation solution for standard and custom desktop and server applications, supporting established security standards and technologies. These products may be used together or integrated with existing solutions."

438
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Hewlett Packard Enterprise
14231 Tandem Boulevard
Austin, TX 78728
USA

-Paul Tucker
TEL: 512-432-2626
FAX: +1 512 432 2001

-Freddy A. Mercado
TEL: +1 512 432 2947
FAX: +1 512 432 2001

TippingPoint Intrusion Prevention System (IPS)

Version 3.8.0 (Firmware)
Intel Jasper Forest Quad-core; Broadcom XLR 2/27/2015 TLS( TLS1.0/1.1 ) SHA Val#2662 HMAC Val#2027
SSH (SHA 1 , 256 , 384 , 512 ) SHA Val#2662

"The TippingPoint IPS Platform operates in-line in the network, blocking malicious and unwanted traffic, while allowing good traffic to pass unimpeded. The IPS provides cryptographic services to protect the management of the device."

04/17/15: Updated implementation information;
12/10/15: Updated implementation and vendor information;

437
All of SP800-56A EXCEPT KDF
SP800-56A
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

Brocade Cryptographic Library used in the interface module

Version BRCD-LP-CRYPTO-VER-1.0 (Firmware)
Freescale 1199 MHz Power PC processor P2010E 2/27/2015 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: Full Validation )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FC SHS Val#934 DRBG Val#684
ECC:
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 ECDSA Val#593 SHS Val#934 DRBG Val#684

"Brocade cryptographic library used in the interface, module implements crypto operations in hardware and in software. The Brocade MLXe Series provides industry leading wire-speed port capacity without compromising the performance of advanced capabilities such as IPSec, IKEv2, IPv6, MPLS and MPLS Virtual Private Networks (VPNs)."

01/21/16: Updated implementation information;

436
Section 4.1.2,
IKEv2
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

Brocade Cryptographic Library used in the interface module

Version BRCD-LP-CRYPTO-VER-1.0 (Firmware)
Freescale 1199 MHz Power PC processor P2010E 2/27/2015 IKEv2( ( 224 (SHA 256 , 384 ) ) ( 384 (SHA 256 , 384 ) ) ( 2048 (SHA 256 , 384 ) ) SHA Val#934 HMAC Val#538

"Brocade cryptographic library used in the interface, module implements crypto operations in hardware and in software. The Brocade MLXe Series provides industry leading wire-speed port capacity without compromising the performance of advanced capabilities such as IPSec, IKEv2, IPv6, MPLS and MPLS Virtual Private Networks (VPNs)."

435
Section 4.2,
TLS
SP800-135
Accellion, Inc.
1804 Embarcadero Road
Suite 200
Palo Alto, Ca 94303
USA

-Prateek Jain
TEL: 65-62445670
FAX: 65-62445678

OpenSSL Object Module

Version 1.0.1
Intel Xeon QuadCore w/ CentOS 6.4 on VMware ESXi 5.1.0 2/20/2015 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#2659 HMAC Val#2025

"Accellion Kiteworks Cryptographic Module is a key component of Accellion''s Kiteworks product that enables enterprises to securely share and transfer files. Extensive tracking and reporting tools allow compliance with SOX, HIPAA, FDA and GLB regulations while providing enterprise grade security and ease of use."

434
All of SP800-56A EXCEPT KDF
SP800-56A
Accellion, Inc.
1804 Embarcadero Road
Suite 200
Palo Alto, Ca 94303
USA

-Prateek Jain
TEL: 65-62445670
FAX: 65-62445678

OpenSSL Object Module

Version 1.0.1
Intel Xeon QuadCore w/ CentOS 6.4 on VMware ESXi 5.1.0 2/20/2015 ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 ECDSA Val#592 SHS Val#2659 DRBG Val#683

"Accellion Kiteworks Cryptographic Module is a key component of Accellion''s Kiteworks product that enables enterprises to securely share and transfer files. Extensive tracking and reporting tools allow compliance with SOX, HIPAA, FDA and GLB regulations while providing enterprise grade security and ease of use."

433
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Samsung Electronics Co., Ltd.
416, Maetan 3-Dong Youngton Gu
Suwon, Gyeonggi 152-848
South Korea

-Abraham Joseph Kang
TEL: +1-408-324-3678
FAX: +1-408-324-3640

-Bumhan Kim
TEL: +82-10-4800-6711

Samsung SCrypto

Version 1.0
Qualcomm MSM8974 w/ QSEE 2.0 2/20/2015 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"Provide general purpose cryptographic services to TrustZone applications on the mobile platform for the protection of data in transit."

432
Section 4.1.1,
IKEv1
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Hewlett Packard Enterprise
153 Taylor Street
Littleton, MA 01460
USA

-Bob Pittman
TEL: 1-978-264-5211
FAX: 1-978-264-5522

HP Comware

Version ComwareV7.1-R2416 (Firmware)
Broadcom XLP108AQ 1GHz 2/20/2015 IKEv1( AUTH( DSA , PSK ) ) ( 2048 (SHA 1 , 256 ) ) SHA Val#2654 HMAC Val#2021
TLS( TLS1.0/1.1 ) SHA Val#2654 HMAC Val#2021
SSH (SHA 1 ) SHA Val#2654
SNMP SHA1 Val#2654

"Comware cryptographic library is a software library that provides cryptographic functions within HP devices."

431
All of SP800-56A EXCEPT KDF
SP800-56A
SUSE, LLC
10 Canal Park, Suite 200
Cambridge, MA 02141
USA

-Thomas Biege
TEL: +49 911 74053 500

-Michael Hager
TEL: +49 911 74053 80

OpenSSL (AES-NI and AVX+SSSE3 for SHA-1)

Version 2.0
Intel x86-64 w/ SUSE Linux Enterprise Server 12 2/13/2015 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation   Key Regeneration )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC DSA Val#915 SHS Val#2645 DRBG Val#674
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation   Key Regeneration )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 EE: P-521 ECDSA Val#586 SHS Val#2645 DRBG Val#674

"OpenSSL is an open-source library of various cryptographic algorithms written mainly in C. This test covers the AES-NI implementation of AES and AVX+SSSE3 assembler implementation of SHA-1 on Intel x86 64bit HP hardware."

430
Section 4.2,
TLS
SP800-135
SUSE, LLC
10 Canal Park, Suite 200
Cambridge, MA 02141
USA

-Thomas Biege
TEL: +49 911 74053 500

-Michael Hager
TEL: +49 911 74053 80

OpenSSL (AES-NI and AVX+SSSE3 for SHA-1)

Version 2.0
Intel x86-64 w/ SUSE Linux Enterprise Server 12 2/13/2015 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#2645 HMAC Val#2014

"OpenSSL is an open-source library of various cryptographic algorithms written mainly in C. This test covers the AES-NI implementation of AES and AVX+SSSE3 assembler implementation of SHA-1 on Intel x86 64bit HP hardware."

429
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Blue Coat Systems, Inc.
420 North Mary Avenue
Sunnyvale, California 94085-4121
USA

-Diana Robinson
TEL: 845-454-6397

-Nick Goble
TEL: 978-318-7544

Blue Coat SSL Visibility Appliance Crypto Library

Version 1.0.2
Intel X3450 Quad Core w/ Linux x86_64; Intel E5620 Quad Core w/ Linux x86_64; Intel E5645 Hex Core w/ Linux x86_64 2/6/2015 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#2642 HMAC Val#2013
SSH (SHA 1 , 224 , 256 , 384 , 512 ) SHA Val#2642
SNMP SHA1 Val#2642

"The Blue Coat SSL Visibility Appliance decrypts multiple streams of SSL content to provide IDS/IPS, logging, forensics, and data loss prevention. This preserves complete network traffic histories necessary for compliance/threat analysis and enables SSL inspection capabilities that close the security loophole created by SSL."

428
Section 4.2,
TLS
SP800-135
ARX (Algorithmic Research)
10 Nevatim St
Petah-Tikva, Israel 49561
Israel

-Ezer Farhi
TEL: 972-3-9279529

CoSign CKIT

Version 4.8.12 (Firmware)
Intel® Pentium Dual-Core 2/6/2015 TLS( TLS1.0/1.1 ) SHA Val#2639 HMAC Val#2012

"CoSign is a digital signature appliance that is connected to the organizational network and manages all signature keys and certificates of organization''''s end-users. End-users will connect securely to CoSign from their PC for the purpose of signing documents and data."

427
Section 4.2,
TLS
SP800-135
ARX (Algorithmic Research)
10 Nevatim St
Petah-Tikva, Israel 49561
Israel

-Ezer Farhi
TEL: 972-3-9279529

CoSign REST-WS

Version 0.9.8r (Firmware)
Intel® Pentium Dual-Core 1/30/2015 TLS( TLS1.0/1.1 ) SHA Val#2556 HMAC Val#2009

"CoSign is a digital signature appliance that is connected to the organizational network and manages all signature keys and certificates of organization''''s end-users. End-users will connect securely to CoSign from their PC for the purpose of signing documents and data."

02/12/15: Updated implementation information;

426
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Hewlett-Packard Development Company, L.P.
11445 Compaq Center Dr. W
Houston, TX 77070
USA

-Julie Ritter
TEL: (281) 514-4087

HP BladeSystem c-Class Virtual Connect Library

Version 1.0 (Firmware)
Freescale MPC8347 Processor; Freescale MPC8535 Processor 1/23/2015 TLS( TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#2634
SSH (SHA 256 , 384 , 512 ) SHA Val#2634

"The HP BladeSystem is a rack-mount enterprise-class computing infrastructure designed to maximize power while minimizing costs, saving up to 56% of the total cost of ownership compared to traditional infrastructures."

425
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Palo Alto Networks
4401 Great America Parkway
Santa Clara, California 95054
USA

-Richard Bishop
TEL: 408-753-4000

-Jake Bajic
TEL: 408-753-4000

Palo Alto Networks Crypto Module

Version 6.1 (Firmware)
Intel Multi Core Xeon 1/16/2015 TLS( TLS1.0/1.1 ) SHA Val#2632 HMAC Val#2006
SSH (SHA 1 ) SHA Val#2632
SNMP SHA1 Val#2632

"The Palo Alto Networks Crypto Module provides the cryptographic functionality for the Panorama M-100."

03/04/15: Updated implementation information;
03/06/15: Updated implemement information;

424
Section 4.2,
TLS
SP800-135
ARX (Algorithmic Research)
10 Nevatim St
Petah-Tikva, Israel 49561
Israel

-Ezer Farhi
TEL: 972-3-9279529

CoSign

Version 7.2 (Firmware)
Intel® Pentium Dual-Core 12/31/2014 TLS( TLS1.0/1.1 ) SHA Val#2548 HMAC Val#1932

"CoSign is a digital signature appliance that is connected to the organizational network and manages all signature keys and certificates of organization''s end-users. End-users will connect securely to CoSign from their PC for the purpose of signing documents and data."

423
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
SP800-135
Aruba Networks, Inc.
1344 Crossman Ave
Sunnyvale, CA 94089
USA

-Jon Green
TEL: 408-227-4500
FAX: 408-227-4550

-Steve Weingart
TEL: 210-516-5736

ArubaOS Crypto Module

Version ArubaOS 6.4.3-FIPS (Firmware)
Broadcom BCM53014 12/31/2014 IKEv1( AUTH( DSA , PSK ) ) ( 256 (SHA 256 , 384 ) ) ( 384 (SHA 256 , 384 ) ) ( 2048 ) SHA Val#2630 HMAC Val#2005
IKEv2( ( 2048 (SHA 256 , 384 ) ) SHA Val#2630 HMAC Val#2005

"The Aruba MOVE Architecture forms the core network infrastructure for supporting mobile and wireless computing devices. The system enables enterprise-scale 802.11 wireless LANs (Wi-Fi), secure remote VPNs, and mobility-optimized wired networks."

422
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Aruba Networks, Inc.
1344 Crossman Ave
Sunnyvale, CA 94089
USA

-Jon Green
TEL: 408-227-4500
FAX: 408-227-4550

-Steve Weingart
TEL: 210-516-5736

ArubaOS Crypto Module

Version ArubaOS 6.4.3-FIPS (Firmware)
Broadcom BCM53014 12/31/2014 RSASP1: (Mod2048: PKCS1.5 )

"The Aruba MOVE Architecture forms the core network infrastructure for supporting mobile and wireless computing devices. The system enables enterprise-scale 802.11 wireless LANs (Wi-Fi), secure remote VPNs, and mobility-optimized wired networks."

421
Section 4.1.1,
IKEv1
Section 4.2,
TLS
Section 5.4, SNMP
SP800-135
Aruba Networks, Inc.
1344 Crossman Ave
Sunnyvale, CA 94089
USA

-Jon Green
TEL: 408-227-4500
FAX: 408-227-4550

-Steve Weingart
TEL: 1-830-580-1544

ArubaOS OpenSSL Module

Version ArubaOS 6.4.3-FIPS (Firmware)
Broadcom BCM53014 12/31/2014 IKEv1( AUTH( DSA , PSK ) ) ( 2048 (SHA 1 , 256 , 384 ) ) SHA Val#2629 HMAC Val#2004
TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#2629 HMAC Val#2004
SNMP SHA1 Val#2629

"The Aruba MOVE Architecture forms the core network infrastructure for supporting mobile and wireless computing devices. The system enables enterprise-scale 802.11 wireless LANs (Wi-Fi), secure remote VPNs, and mobility-optimized wired networks."

420
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Aruba Networks, Inc.
1344 Crossman Ave
Sunnyvale, CA 94089
USA

-Jon Green
TEL: 408-227-4500
FAX: 408-227-4550

-Steve Weingart
TEL: 1-830-580-1544

ArubaOS OpenSSL Module

Version ArubaOS 6.4.3-FIPS (Firmware)
Broadcom BCM53014 12/31/2014 RSASP1: (Mod2048: PKCS1.5 )

"The Aruba MOVE Architecture forms the core network infrastructure for supporting mobile and wireless computing devices. The system enables enterprise-scale 802.11 wireless LANs (Wi-Fi), secure remote VPNs, and mobility-optimized wired networks."

419
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
SPYRUS, Inc.
1860 Hartog Drive
San Jose, CA 95131-2203
USA

-William Sandberg-Maitland
TEL: 613-298-3426

SPYCOS 3.0

Version 3.0 (Firmware)
Part # 742100004F
SPYCOS 3.0 12/24/2014 Curves tested: P-256   P-384   P-521

"SPYCOS 3.0 is a hardware cryptographic module that enables security critical capabilities such as user authentication, message privacy, integrity and secure storage in rugged, tamper-evident QFN and microSD form factors. The SPYCOS 3.0 Module communicates with a host computer via the standard USB interface."

418
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Fortinet, Inc.
1090 Kifer Road
Sunnyvale, CA 94086-5301
USA

-Daniel Hayes
TEL: 613-225-9381 x7643
FAX: 613-225-9951

-Alan Kaye
TEL: 613-225-9381 x7416
FAX: 613-225-9951

Fortinet FortiAnalyzer SSL Cryptographic Library

Version 5.2.1 (Firmware)
Intel Celeron; Intel Xeon E5 12/24/2014 TLS( TLS1.0/1.1 ) SHA Val#2626 HMAC Val#2001
SSH (SHA 1 , 256 , 512 ) SHA Val#2626

"This document focuses on the software implementation of the Fortinet FortiAnalyzer SSL Cryptographic Library v5.0 running on Intel x86 compatible processors."

417
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Fortinet, Inc.
1090 Kifer Road
Sunnyvale, CA 94086-5301
USA

-Daniel Hayes
TEL: 613-225-9381 x7643
FAX: 613-225-9951

-Alan Kaye
TEL: 613-225-9381 x7416
FAX: 613-225-9951

Fortinet FortiManager SSL Cryptographic Library

Version 5.2.1 (Firmware)
Intel Xeon E3; Intel Xeon E5 12/24/2014 TLS( TLS1.0/1.1 ) SHA Val#2625 HMAC Val#2000
SSH (SHA 1 , 256 , 512 ) SHA Val#2625

"This document focuses on the software implementation of the Fortinet FortiManager SSL Cryptographic Library v5.0 running on Intel x86 compatible processors."

416
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Fortinet, Inc.
1090 Kifer Road
Sunnyvale, CA 94086-5301
USA

-Alan Kaye
TEL: 613-225-9381 x7416
FAX: 613-225-9951

-Daniel Hayes
TEL: 613-225-9381 x7643
FAX: 613-225-9951

Fortinet FortiOS SSL Cryptographic Library

Version 5.0.10 (Firmware)
ARM v5 Compatible; Intel Atom; Intel Celeron; Intel i3-540 Dual Core; Intel i5-750 Quad Core; Intel Xeon 12/24/2014 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 ) ) SHA Val#2624 HMAC Val#1999
SSH (SHA 1 ) SHA Val#2624

"This document focuses on the firmware implementation of the Fortinet FortiOS SSL Cryptographic Library v5.0 running on Intel x86 compatible processors."

415
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
SP800-135
Fortinet, Inc.
1090 Kifer Road
Sunnyvale, CA 94086-5301
USA

-Alan Kaye
TEL: 613-225-9381 x7416
FAX: 613-225-9951

-Daniel Hayes
TEL: 613-225-9381 x7643
FAX: 613-225-9951

Fortinet FortiOS FIPS Cryptographic Library

Version 5.0.10 (Firmware)
ARM v5 Compatible; Intel Atom; Intel Celeron; Intel i3-540 Dual Core; Intel i5-750 Quad Core; Intel Xeon 12/19/2014 IKEv1( AUTH( DSA , PKE , PSK ) ) ( 224 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#2622 HMAC Val#1997
IKEv2( ( 224 (SHA 1 , 256 , 384 , 512 ) ) ( 8192 (SHA 1 , 256 , 384 , 512 ) ) ( 2048 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#2622 HMAC Val#1997

"This document focuses on the firmware implementation of the Fortinet FortiOS FIPS Cryptographic Library v5.0 running on Intel x86 compatible processors."

414
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Barracuda Networks
3175 Winchester Road
Campbell, CA 95008
USA

-Andrea Cannon
TEL: 703-743-9068

Barracuda Cryptographic Software Module

Version 1.0.1.8
Intel Xeon, Intel Xeon with AES-NI, AMD Opteron, AMD Opteron with AES-NI w/ Barracuda OS v2.3.4 12/19/2014 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"The Barracuda Cryptographic Software Module is a cryptographic software library that provides fundamental cryptographic functions for applications in Barracuda security products that use Barracuda OS v2.3.4 and require FIPS 140-2 approved cryptographic functions."

413
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

Brocade FIPS Crypto Library

Version 7.3.0a (Firmware)
E 500 mc 12/19/2014 Curves tested: P-256   P-384   P-521

"Brocade cryptographic library is used in Brocade FOS based switches to implement the cryptographic related modules"

412
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

Brocade FIPS Crypto Library

Version 7.3.0a (Firmware)
PCC 440GPX and PPC 8548 12/19/2014 Curves tested: P-256   P-384   P-521

"Brocade cryptographic library is used in Brocade FOS based switches to implement the cryptographic related modules"

411
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Samsung Electronics Co., Ltd.
416, Maetan 3-Dong Youngton Gu
Suwon, Gyeonggi 152-848
South Korea

-Abraham Joseph Kang
TEL: +1-408-324-3678
FAX: +1-408-324-3640

-Bumhan Kim
TEL: +82-10-4800-6711

Samsung SCrypto

Version 1.0
Samsung Electronics Exynos 5422 w/ MOBICORE Tbase 300 12/19/2014 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"Provide general purpose cryptographic services to TrustZone applications on the mobile platform for the protection of data in transit."

12/23/14: Updated implementation information;

410
Section 5.2, SSH
SP800-135
McAfee, Inc.
2821 Mission College Blvd.
Santa Clara, CA 95054
USA

-James Reardon
TEL: (651) 628-2700
FAX: (651) 628-2701

McAfee NSP NS SSH Lib

Version 6.4 (Firmware)
Intel Xeon E5 12/12/2014 SSH (SHA 1 , 256 , 512 ) SHA Val#2610

"Cryptographic services for the McAfee NSP Intrusion Prevention appliances"

409
Section 4.2,
TLS
SP800-135
McAfee, Inc.
2821 Mission College Blvd.
Santa Clara, CA 95054
USA

-James Reardon
TEL: (651) 628-2700
FAX: (651) 628-2701

McAfee NSP NS Crypto Lib

Version 2.0.5 (Firmware)
Intel Xeon E5 12/12/2014 TLS( TLS1.0/1.1 ) SHA Val#2612 HMAC Val#1989

"Cryptographic services for the McAfee NSP Intrusion Prevention appliances"

408
Section 5.2, SSH
SP800-135
McAfee, Inc.
2821 Mission College Blvd.
Santa Clara, CA 95054
USA

-James Reardon
TEL: (651) 628-2700
FAX: (651) 628-2701

McAfee NSP M SSH Lib

Version 6.4 (Firmware)
Broadcom XLR 12/12/2014 SSH (SHA 1 , 256 , 512 )

"Cryptographic services for the McAfee NSP Intrusion Prevention appliances"

407
Section 4.2,
TLS
SP800-135
McAfee, Inc.
2821 Mission College Blvd.
Santa Clara, CA 95054
USA

-James Reardon
TEL: (651) 628-2700
FAX: (651) 628-2701

McAfee NSP M Crypto Lib

Version 2.0.5 (Firmware)
Broadcom XLR 12/12/2014 TLS( TLS1.0/1.1 ) SHA Val#2610 HMAC Val#1988

"Cryptographic services for the McAfee NSP Intrusion Prevention appliances"

406
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Blue Coat Systems, Inc.
420 North Mary Avenue
Sunnyvale, California 94085-4121
USA

-Diana Robinson
TEL: 845-454-6397

-Nick Goble
TEL: 978-318-7544

Blue Coat SSL Visibility Appliance Crypto Library

Version 1.0.1
Intel X3450 Quad Core w/ Linux x86_64; Intel E5620 Quad Core w/ Linux x86_64; Intel E5645 Hex Core w/ Linux x86_64 12/12/2014 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) )
SSH (SHA 1 , 224 , 256 , 384 , 512 )
SNMP

"The Blue Coat SSL Visibility Appliance decrypts multiple streams of SSL content to provide IDS/IPS, logging, forensics, and data loss prevention. This preserves complete network traffic histories necessary for compliance/threat analysis and enables SSL inspection capabilities that close the security loophole created by SSL."

405
Section 4.1.1,
IKEv1
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Curtiss-Wright Controls Defense Solutions
333 Palladium Drive
Kanata, ON K2V 1A6
CANADA

-Aaron Frank
TEL: 613-599-9199 X5242

-Johan A Koppernaes
TEL: 613-599-9199 X5817

CWCDS Cryptographic Library

Version 2.1 (Firmware)
Freescale MPC8572E 12/12/2014 IKEv1( AUTH( DSA , PKE , PSK ) ) ( 2048 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#934 HMAC Val#538
TLS( TLS1.0/1.1 ) SHA Val#934 HMAC Val#538
SSH (SHA 1 ) SHA Val#934

"CWCDS Cryptographic Library provides crypto services to support IPSec/VPN and enhanced Ethernet network security and includes IKE, SSH, and TLS, using various cryptographic algorithms."

404
Section 5.4, SNMP
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

Brocade MLXe MR2

Version BRCD-IP-CRYPTO-VER-3.0 (Firmware)
Freescale MPC 7448, RISC, 1700 MHz 12/5/2014 SNMP SHA1 Val#2282

"Brocade cryptographic library used in Brocade IP products implements crypto operations in software. The Brocade MLXe Series provides industry leading wire-speed port capacity without compromising the performance of advanced capabilities such as IPv6, MPL, and MPLS Virtual Private Networks (VPN)."

403
Section 5.4, SNMP
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

Brocade NetIron CES and CER 2000 Series

Version BRCD-IP-CRYPTO-VER-3.0 (Firmware)
Freescale MPC 8544, Power QUICC III, 800 MHz 12/5/2014 SNMP SHA1 Val#2280

"Brocade cryptographic library used in Brocade IP products implements crypto operations in software. The Brocade NetIron CER 2000 Series Ethernet Routers, Brocade NetIron CES 2000 Series Ethernet Switches provide industry-leading wire-speed port capacity without compromising the performance of advanced capabilities such as IPv6, MPLS, and MPLS VPNa"

402
RSADP Primitive
FIPS186-4 RSA; RSADP
Security First Corporation
29811 Santa Margarita Parkway
Suite 600
Rancho Santa Margarita, CA 92688
USA

-Rick Orsini
TEL: 949-858-7525
FAX: 949-858-7092

Secure Parser Library

Version 4.7.0.29
Intel Core i5 on VMWare ESXi 4.1.0 w/ Microsoft Windows Server 2008 64-bit; Intel Core i7 on QEMU w/ Microsoft Windows Server 2012 64-bit; Intel Core i5 with AES-NI w/ Red Hat Enterprise Linux 6 64-bit; Intel Core i5 on QEMU w/ Suse Linux Enterprise Server 11 SP3 64-bit; IBM Power7 w/ AIX 7.1 64-bit; Intel Core i7 on QEMU with AES-NI, disabled w/ Windows 7 32-bit; Intel Core i7 on QEMU, AES-NI w/ Windows 7 32-bit; Intel Core i5 with AES-NI disabled w/ Windows 7 64-bit; Intel Core i5 with AES-NI w/ Windows 7 64-bit; AMD A4-500 with AES-NI disabled w/ Windows 8 64-bit; AMD A4-500 with AES-NI w/ Windows 8 64-bit; Intel Core i5 without AES-NI w/ Red Hat Enterprise Linux 6 64-bit ;  Qualcomm Snapdragon 801 (ARMv7-A) w/ Android 4.4; Intel Core i5 without AES-NI w/Mac OS X 10.9 64-bit; Apple A7 (ARMv8) w/ iOS7 12/5/2014 RSADP: (Mod2048)

"The Secure Parser Library is a suite of general security routines using FIPS Approved algorithms for its cryptography. An AES key size of 256 bits and equivalent key sizes for all other algorithms are supported by the library."

02/18/15: Added new tested information;
03/27/15: Added new tested information;
04/06/15: Updated implementation information;

401
Signature Generation of hash sized messages
FIPS186-4 ECDSA
Security First Corporation
29811 Santa Margarita Parkway
Suite 600
Rancho Santa Margarita, CA 92688
USA

-Rick Orsini
TEL: 949-858-7525
FAX: 949-858-7092

Secure Parser Library

Version 4.7.0.29
Intel Core i5 on VMWare ESXi 4.1.0 w/ Microsoft Windows Server 2008 64-bit; Intel Core i7 on QEMU w/ Microsoft Windows Server 2012 64-bit; Intel Core i5 with AES-NI w/ Red Hat Enterprise Linux 6 64-bit; Intel Core i5 on QEMU w/ Suse Linux Enterprise Server 11 SP3 64-bit; IBM Power7 w/ AIX 7.1 64-bit; Intel Core i7 on QEMU with AES-NI, disabled w/ Windows 7 32-bit; Intel Core i7 on QEMU, AES-NI w/ Windows 7 32-bit; Intel Core i5 with AES-NI disabled w/ Windows 7 64-bit; Intel Core i5 with AES-NI w/ Windows 7 64-bit; AMD A4-500 with AES-NI disabled w/ Windows 8 64-bit; AMD A4-500 with AES-NI w/ Windows 8 64-bit; Intel Core i5 without AES-NI w/ Red Hat Enterprise Linux 6 64-bit ;  Qualcomm Snapdragon 801 (ARMv7-A) w/ Android 4.4; Intel Core i5 without AES-NI w/Mac OS X 10.9 64-bit; Apple A7 (ARMv8) w/ iOS7 12/5/2014 ECDSA SigGen Component: CURVES( P-521 )

"The Secure Parser Library is a suite of general security routines using FIPS Approved algorithms for its cryptography. An AES key size of 256 bits and equivalent key sizes for all other algorithms are supported by the library."

02/18/15: Added new tested information;
03/27/15: Added new tested information;
04/06/15: Updated implementation information;

400
Section 5.4, SNMP
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

Brocade FastIron IP product Crypto Library

Version BRCD-IP-CRYPTO-VER-3.0 (Firmware)
Dual-core ARM Cortex A9 1Ghz 12/5/2014 SNMP SHA1 Val#2505

"This Brocade cryptographic library is used in Brocade FastIron based switches to implement the cryptographic related modules."

08/04/15: Updated implementation information;

399
Section 5.4, SNMP
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

Brocade ICX 7750

Version BRCD-IP-CRYPTO-VER-3.0 (Firmware)
Freescale P2041, 1.5GHz 12/5/2014 SNMP SHA1 Val#2258

"The Brocade cryptographic library used in Brocade IP products implements crypto operations in software. The Brocade ICX 7750 is an Ethernet switch for campus LAN aggregation and classic Ethernet data center Top of Rack (TOR) enviorment."

398
Section 5.4, SNMP
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

Brocade SX800/SX1600 Series

Version BRCD-IP-CRYPTO-VER-3.0 (Firmware)
Freescale P3041E, 1.5 GHz 12/5/2014 SNMP SHA1 Val#2259

"The Brocade cryptographic library used in Brocade IP products implements crypto operations in software. The FastIron SX Series extends control from the network edge to the core with intelligent network services, such as Quality of Service (QoS) and 1GbE and 10GbE enterprise deployments."

397
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
IBM Corporation
80 Bishop Dr., Unit B
Fredericton, New Brunswick E3C 1B2
Canada

-Peter Clark
TEL: (416) 478-0224

-Chris LeMesurier
TEL: (416) 478-0224

Cryptographic Security Kernel

Version 1.0
Intel Xeon w/ RHEL 6 12/5/2014 TLS( TLS1.0/1.1 ) SHA Val#2600 HMAC Val#1981
SSH (SHA 1 , 256 ) SHA Val#2600

"The IBM Cryptographic Security Kernel is a multi-algorithm library providing general-purpose cryptographic services. The module provides a single, FIPS-Approved API for cryptography allowing for centralized FIPS mode status, logging, and reporting."

396
Section 4.1.2,
IKEv2
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0408
FAX: 408-333-8101

Brocade FIPS Crypto Library

Version FOS 7.4.0 (Firmware)
CN6880 12/5/2014 IKEv2( ( 2048 (SHA 384 ) ) ( 2048 (SHA 512 ) ) SHA Val#2571 HMAC Val#1952

"Brocade cryptographic library is used in Brocade FOS based switches to implement the cryptographic related modules."

395
Section 4.2,
TLS
SP800-135
EROAD, Inc.
Level 3
260 Oteha Valley Road
Albany, North Shore 0632
Auckland, * *
New Zealand

-Bruce Wilson
TEL: +64 9 927 4700
FAX: +64 9 927 4701

The EROAD Cryptographic Library

Version 1.0 (Firmware)
Part # MK70FN1M0VMJ12
MK70FN1M0VMJ12 11/21/2014 TLS( TLS1.2 (SHA 256 ) ) SHA Val#2517 HMAC Val#1901

"The EROAD Cryptographic Module is the heart of EROAD''s advanced GNSS based transport technology. It is a secure, high performance, cryptographic processing engine and has been designed to meet FIPS-140-2 at Security Level 3. It is used within the EROAD product suite to provide trusted cryptographic security services."

394
Section 4.2,
TLS
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

Brocade NetIron CES and CER 2000 Series

Version BRCD-IP-CRYPTO-VER-3.0 (Firmware)
Freescale MPC 8544, Power QUICC III, 800 MHz 11/21/2014 TLS( TLS1.2 (SHA 256 ) ) SHA Val#2282 HMAC Val#1696

"Brocade cryptographic librabry used Brocade IP Products crypto operations in software. The Brocade NetIron CER 2000 Series Ethernest Routers, Brocade NetIron CES 2000 Series Ethernest Switches provide industru-leading wire-speed port capacity without compromising the performance of advanced capabilities such as IPv6, MPLS, and MPLS VPNs"

393
Section 4.2,
TLS
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

Brocade MLXe MR2

Version BRCD-IP-CRYPTO-VER-3.0 (Firmware)
Freescale MPC 7448, RISC, 1700 MHz 11/21/2014 TLS( TLS1.2 (SHA 256 ) ) SHA Val#2282 HMAC Val#1696

"Brocade cryptographic library used in Brocade IP products implements crypto operations in software. The Brocade MLXe Series provide Industry-leading wire-speed port capacity without coparing the performance of advanced capabilities such as IPv6, MPLS, and MPLS Virtual Private Networks (VPNs)."

392
Section 4.2,
TLS
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

Brocade SX800/SX1600 Series

Version BRCD-IP-CRYPTO-VER-3.0 (Firmware)
Freescale P3041E, 1.5 GHz 11/21/2014 TLS( TLS1.2 (SHA 256 ) ) SHA Val#2259 HMAC Val#1675

"The Brocade cryptographic library used in Brocade IP products implements crypto operations in software."

391
Section 4.2,
TLS
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0484
FAX: 408-333-8101

Brocade ICX 7750

Version BRCD-IP-CRYPTO-VER-3.0 (Firmware)
Freescale P2041, 1.5GHz 11/21/2014 TLS( TLS1.2 (SHA 256 ) ) SHA Val#2258 HMAC Val#1674

"The Brocade cryptographic library used in Brocade IP products implements crypto operations in software. The Brocade ICX 7750 is an Ethernet switch for campus LAN aggregation and classic Ethernet data center Top of Rack(ToR) enviorments."

390
Section 4.2,
TLS
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

Brocade FastIron IP product Crypto Library

Version BRCD-IP-CRYPTO-VER-3.0 (Firmware)
Dual-core-ARM Cortex A9 1Ghz 11/21/2014 TLS( TLS1.2 (SHA 256 ) ) SHA Val#2505 HMAC Val#1890

"This Brocade cryptographic library is used in Brocade FastIron based switches to implement the cryptographic related modules."

08/04/15: Updated implementation information;

389
Section 4.2,
TLS
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

Brocade ICX 6450 and ICX 6450-C12 Series

Version BRCD-IP-CRYPTO-VER-3.0 (Firmware)
ARM ARMv5TE, 800 MHz 11/21/2014 TLS( TLS1.2 (SHA 256 ) ) SHA Val#2260 HMAC Val#1676

"The Brocade cryptographic library used in Brocade IP products implements crypto operations in software. Brocade ICX6450 switches deliver enterprise-class stackable switching at an entry-level price."

388
Section 4.2,
TLS
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

Brocade FCX 624/648 and ICX 6610 Series

Version BRCD-IP-CRYPTO-VER-3.0 (Firmware)
Freescale MPC8544E, 800 MHz 11/21/2014 TLS( TLS1.2 (SHA 256 ) ) SHA Val#2265 HMAC Val#1679

"The Brocade cryptographic library used in Brocade IP products implements crypto operations in software. The Brocade ICX6610 delivers wire-speed, nonblocking performance across all ports to support latency-sensitive performance. The Brocade FCX Series offers a comprehensive line of switches with specific models optimized for campus and data center deployment."

387
Section 5.4, SNMP
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

Brocade ICX 6450 and ICX 6450-C12 Series

Version BRCD-IP-CRYPTO-VER-3.0 (Firmware)
ARM ARMv5TE, 800 MHz 11/21/2014 SNMP SHA1 Val#2260

"The Brocade cryptographic library used in Brocade IP products implements crypto operations in software. Brocade ICX6450 switches deliver enterprise-class stackable switching at an entry-level price."

386
Section 5.4, SNMP
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

Brocade FCX 624/648 and ICX 6610 Series

Version BRCD-IP-CRYPTO-VER-3.0 (Firmware)
Freescale MPC8544E, 800 MHz 11/21/2014 SNMP SHA1 Val#2265

"The Brocade cryptographic library used in Brocade IP products implements crypto operations in software. The Brocade ICX6610 delivers wire-speed, nonblocking performance across all ports to support latency-sensitive performance. The Brocade FCX Series offers a comprehensive line of switches with specific models optimized for campus and data center deployment"

385
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
Section 4.2,
TLS
SP800-135
INSIDE Secure
Eerikinkatu 28
Helsinki, 00180
Finland

-Serge Haumont
TEL: +358 40 5808548

-Marko Nippula
TEL: +358 40 7629394

SafeZone FIPS Cryptographic Module

Version 1.1
Part # n
Intel Atom Z3740 with AES-NI w/ 64 bit library w/ Ubuntu Linux (kernel 3.13); Intel Atom Z2560 w/ 32 bit library w/ Android 4.2; Intel Atom Z3740 with AES-NI w/ 32 bit library w/ Ubuntu Linux (kernel 3.13); Intel Atom Z3740 without AES-NI w/ 64 bit library w/ Ubuntu Linux (kernel 3.13); ARMv6 w/ Raspbian Linux (kernel 3.10); ARMv7 w/ iOS 7.1; ARM64 with ARMv8 Crypto Extensions w/ iOS 7.1; iOS 7.1 w/ iOS 7.1; ARMv7-a w/ 11/21/2014 IKEv1( AUTH( DSA , PKE , PSK ) ) ( 256 (SHA 224 ) ) ( 384 (SHA 384 ) ) ( 2048 (SHA 1 ) ) SHA Val#2599 HMAC Val#1980
IKEv2( ( 256 (SHA 224 ) ) ( 384 (SHA 384 ) ) ( 2048 (SHA 1 ) ) SHA Val#2599 HMAC Val#1980
TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#2599 HMAC Val#1980

"SafeZone FIPS Cryptographic Module is a FIPS 140-2 Security Level 1 validated software cryptographic module from INSIDE Secure. This compact and portable module provides the most commonly needed cryptographic primitives for a large variety of applications, including but not limited to DAR, DRM, TLS, and VPN."

384
All of SP800-56A EXCEPT KDF
SP800-56A
INSIDE Secure
Eerikinkatu 28
Helsinki, 00180
Finland

-Serge Haumont
TEL: +358 40 5808548

-Marko Nippula
TEL: +358 40 7629394

SafeZone FIPS Cryptographic Module

Version 1.1
Part # n
Intel Atom Z3740 with AES-NI w/ 64 bit library w/ Ubuntu Linux (kernel 3.13); Intel Atom Z2560 w/ 32 bit library w/ Android 4.2; Intel Atom Z3740 with AES-NI w/ 32 bit library w/ Ubuntu Linux (kernel 3.13); Intel Atom Z3740 without AES-NI w/ 64 bit library w/ Ubuntu Linux (kernel 3.13); ARMv6 w/ Raspbian Linux (kernel 3.10); ARMv7 w/ iOS 7.1; ARM64 with ARMv8 Crypto Extensions w/ iOS 7.1; iOS 7.1 w/ iOS 7.1; ARMv7-a w/ 11/21/2014 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC Static: (KARole: Initiator / Responder ) FB FC DSA Val#905 SHS Val#2599 DRBG Val#634
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG Partial Validation )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 StaticUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 ECDSA Val#567 SHS Val#2599 DRBG Val#634

"SafeZone FIPS Cryptographic Module is a FIPS 140-2 Security Level 1 validated software cryptographic module from INSIDE Secure. This compact and portable module provides the most commonly needed cryptographic primitives for a large variety of applications, including but not limited to DAR, DRM, TLS, and VPN."

383
Section 5.2, SSH
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-8000
FAX: 408-333-8101

Brocade Vyatta Network OS OpenSSL Cryptographic module

Version 1.0
Intel Xeon CPU X5560 @ 2.80GHz w/ Brocade Vyatta Series 3500 Network OS 3.2.1R1 11/14/2014 SSH (SHA 1 , 224 , 256 , 384 , 512 ) SHA Val#2598

"Built for Network Functions Virtualixation (NFV), Brocade Vyatta 5650 and 5630 vRouters are the first virtual routers capable of providing advance routing in software without sacrificing the reliability and performance of hardware networking solutions."

12/09/14: Updated implementation information;

382
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-8000
FAX: 408-333-8101

Brocade Vyatta Network OS OpenSSL Cryptographic module

Version 1.0
Intel Xeon CPU X5560 @ 2.80GHz w/ Brocade Vyatta Series 3500 Network OS 3.2.1R1 11/14/2014 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"Built for Network Functions Virtualixation (NFV), Brocade Vyatta 5650 and 5630 vRouters are the first virtual routers capable of providing advance routing in software without sacrificing the reliability and performance of hardware networking solutions."

12/09/14: Updated implementation information;

381
Section 4.2,
TLS
SP800-135
Red Hat, Inc.
100 East Davie Street
Raleigh, NC 27601
USA

-Ann Marie Rubin

OpenSSL (AES-NI and AVX+SSSE3 for SHA) 64 bit

Version 1.0.1e-30.el6_6.5
Intel x86 w/ Red Hat Enterprise Linux 6.6 11/14/2014 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#2577 HMAC Val#1958

"User space library providing general cryptographic services which can be linked to from any program. The module was tested with 64bit word size."

03/19/15: Updated implementation information;

380
All of SP800-56A EXCEPT KDF
SP800-56A
Red Hat, Inc.
100 East Davie Street
Raleigh, NC 27601
USA

-Ann Marie Rubin

OpenSSL (AES-NI and AVX+SSSE3 for SHA) 64 bit

Version 1.0.1e-30.el6_6.5
Intel x86 w/ Red Hat Enterprise Linux 6.6 11/14/2014 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation   Key Regeneration )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FC DSA Val#903 SHS Val#2577 RNG Val#1329 DRBG Val#631
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   KPG   Full Validation   Key Regeneration )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 EE: P-521 ECDSA Val#564 SHS Val#2577 RNG Val#1329 DRBG Val#631

"User space library providing general cryptographic services which can be linked to from any program. The module was tested with 64bit word size."

03/19/15: Updated implementation information;

379
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
McAfee, Inc.
2821 Mission College Blvd.
Santa Clara, CA 95054
USA

-Mark Hanson
TEL: +1 651 628 1633
FAX: +1 651 628 2706

McAfee Linux OpenSSL

Version 1.0.1
Xeon E5540 w/ MLOS v2.2.3 running on VMware ESXi 5.0 hypervisor 11/7/2014 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#2573 HMAC Val#1954
SSH (SHA 1 , 224 , 256 , 384 , 512 ) SHA Val#2573
SNMP SHA1 Val#2573

"McAfee Linux cryptographic modules provide cryptographic services for McAfee Linux and security appliance products built upon this platform. McAfee Linux is an operating system built with a focus on the needs of security appliances."

378
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
McAfee, Inc.
2821 Mission College Blvd.
Santa Clara, CA 95054
USA

-Mark Hanson
TEL: +1 651 628 1633
FAX: +1 651 628 2706

McAfee Linux OpenSSL

Version 1.0.1 (Firmware)
Celeron; Core i3; Xeon E5540 11/7/2014 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#2572 HMAC Val#1953
SSH (SHA 1 , 224 , 256 , 384 , 512 ) SHA Val#2572
SNMP SHA1 Val#2572

"McAfee Linux cryptographic modules provide cryptographic services for McAfee Linux and security appliance products built upon this platform. McAfee Linux is an operating system built with a focus on the needs of security appliances."

377
All of SP800-56A EXCEPT KDF
SP800-56A
Red Hat, Inc.
100 East Davie Street
Raleigh, NC 27601
USA

-Ann Marie Rubin

OpenSSL (AES-NI and AVX+SSSE3 for SHA) 64 bit

Version 1.0.1e-30.el6_6.5
Intel x86 w/ Red Hat Enterprise Linux 6.6 11/7/2014 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation   Key Regeneration )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FC DSA Val#899 SHS Val#2570 RNG Val#1326 DRBG Val#626
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation   Key Regeneration )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 EE: P-521 ECDSA Val#562 SHS Val#2570 RNG Val#1326 DRBG Val#626

"User space library providing general cryptographic services which can be linked to from any program. The module was tested with 64bit word size."

03/19/15: Updated implementation information;

376
All of SP800-56A EXCEPT KDF
SP800-56A
Red Hat, Inc.
100 East Davie Street
Raleigh, NC 27601
USA

-Ann Marie Rubin

OpenSSL (AES-NI and AVX+SSSE3 for SHA)

Version 1.0.1e-30.el6_6.5
Intel x86 w/ Red Hat Enterprise Linux 6.6 11/7/2014 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation   Key Regeneration )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FC DSA Val#898 SHS Val#2569 RNG Val#1325 DRBG Val#625
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation   Key Regeneration )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 EE: P-521 ECDSA Val#561 SHS Val#2569 RNG Val#1325 DRBG Val#625

"User space library providing general cryptographic services which can be linked to from any program. The module was tested with 32bit word size."

03/19/15: Updated implementation information;

375
Section 4.2,
TLS
SP800-135
Red Hat, Inc.
100 East Davie Street
Raleigh, NC 27601
USA

-Ann Marie Rubin

OpenSSL (AES-NI and AVX+SSSE3 for SHA) 32 bit

Version 1.0.1e-30.el6_6.5
Intel x86 w/ Red Hat Enterprise Linux 6.6 11/7/2014 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#2565

"User space library providing general cryptographic services which can be linked to from any program. The module was tested with 32bit word size."

03/19/15: Updated implementation information;

374
All of SP800-56A EXCEPT KDF
SP800-56A
Red Hat, Inc.
100 East Davie Street
Raleigh, NC 27601
USA

-Ann Marie Rubin

OpenSSL (AES-NI and AVX+SSSE3 for SHA) 32 bit

Version 1.0.1e-30.el6_6.5
Intel x86 w/ Red Hat Enterprise Linux 6.6 11/7/2014 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation   Key Regeneration )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FC DSA Val#897 SHS Val#2547 RNG Val#1318 DRBG Val#614
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation   Key Regeneration )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 EE: P-521 ECDSA Val#560 SHS Val#2565 RNG Val#1318 DRBG Val#614

"User space library providing general cryptographic services which can be linked to from any program. The module was tested with 32bit word size."

03/19/15: Updated implementation information;

373
Section 5.5, TPM
SP800-135
Nuvoton Technology Corporation
No. 4, Creation Rd. III
Hsinchu Science Park, n/a 300
Taiwan, R.O.C.

-Yossi Talmi
TEL: 972-9-9702364
FAX: 972-9-9702001

-Oren Tanami
TEL: 972-9-9702390
FAX: 972-9-9702001

Nuvoton NPCT6xx TPM 1.2 Cryptographic Engine

Part # FB5C85D
N/A 10/31/2014 TPM SHA1 Val#2554 HMAC_SHA1 Val#1938

"Nuvoton TPM (Trusted Platform Module), a TCG 1.2 compliant security processor with embedded firmware"

11/17/14: Updated vendor and implementation information;

372
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
OpenSSL Software Foundation, Inc.
1829 Mount Ephraim Road
Adamstown, MD 27101
USA

-Steve Marquess
TEL: 877-673-6775

OpenSSL FIPS Object Module

Version 2.0.9
Apple A7 (ARMv8) with NEON w/ Apple iOS 7.1 64-bit; Apple A7 (ARMv8) without NEON w/ Apple iOS 7.1 64-bit ;  Arm920Tid (ARMv4) w/ TS-Linux 2.4 10/31/2014 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"The OpenSSL FIPS Object Module is a full featured general purpose cryptographic library that is distributed in source code form under an open source license. It can be downloaded from www.openssl.org/source/."

12/04/14: Added new tested information;

371
Section 4.2,
TLS
SP800-135
Red Hat, Inc.
100 East Davie Street
Raleigh, NC 27601
USA

-Ann-Marie Rubin

Red Hat NSS Softoken (64 bit)

Version 3.14.3-22
Intel x86 w/ Red Hat Enterprise Linux 6.6 10/31/2014 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 ) ) SHA Val#2552 HMAC Val#1936

"User space library providing general cryptographic services used by the NSS cryptographic library. The module was tested with 64bit word size on IBM hardware."

11/18/14: Updated implementation information;
12/16/14: Updated implementation information;
02/23/15: Update implementation information;

370
Section 4.2,
TLS
SP800-135
Red Hat, Inc.
100 East Davie Street
Raleigh, NC 27601
USA

-Ann-Marie Rubin

Red Hat NSS Softoken (32 bit)

Version 3.14.3-22
Intel x86 w/ Red Hat Enterprise Linux 6.6 10/31/2014 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 ) ) SHA Val#2551 HMAC Val#1935

"User space library providing general cryptographic services used by the NSS cryptographic library. The module was tested with 64bit word size on IBM hardware."

11/18/14: Updated implementation information;
12/16/14: Updated implementatioin information;
02/23/15: Update implementation information;

369
Section 4.2,
TLS
SP800-135
Red Hat, Inc.
100 East Davie Street
Raleigh, NC 27601
USA

-Ann-Marie Rubin

Red Hat NSS Softoken (64 bit)

Version 3.14.3-22
Intel x86 w/ Red Hat Enterprise Linux 6.6 10/31/2014 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 ) ) SHA Val#2550 HMAC Val#1934

"User space library providing general cryptographic services used by the NSS cryptographic library. The module was tested with 64bit word size on HP hardware."

11/17/14: Updated implementation information;
12/16/14: Updated implementation information;
02/23/15: Update implementation information;

368
Section 4.2,
TLS
SP800-135
Red Hat, Inc.
100 East Davie Street
Raleigh, NC 27601
USA

-Ann-Marie Rubin

Red Hat NSS Softoken (32 bit)

Version 3.14.3-22
Intel x86 w/ Red Hat Enterprise Linux 6.6 10/31/2014 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 ) ) SHA Val#2549 HMAC Val#1933

"User space library providing general cryptographic services used by the NSS cryptographic library. The module was tested with 64bit word size on HP hardware."

11/17/14: Update implementation information;
12/16/14: Updated implementation information;
02/23/15: Updated implementation information;

367
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Certicom Corp.
4701 Tahoe Blvd, Building A
5th Floor
Mississauga, Ontario L4W 0B5
Canada

-Certicom Support
TEL: 1-905-507-4220
FAX: 1-905-507-4230

-Certicom Sales
TEL: 1-905-507-4220
FAX: 1-905-507-4230

Security Builder® FIPS Core

Version 6.0.2.1
Intel Core i7-2720QM w/ AES-NI w/ Windows 7 Enterprise 64-bit; ARMv7 w/ Windows Phone 8.0; ARMv7 w/ Android 4.4.2; Intel Atom CPU Z2460 w/ Android 4.0.4; ARMv7 w/ iOS version 6.1.4 ;  ARMv8 w/ Android 5.0.1; ARMv7S w/ iOS 6.1.4; ARMv8 w/ iOS 8.0; Intel Xeon with AES-NI w/ Windows 7; Intel Xeon E5620 with AES-NI w/ CentOS Linux Release 7.1 64-bit; Intel Core i7-3615QM w/ Mac OS X Yosemite 10.10.4 10/16/2014 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571

"Security Builder® FIPS Core provides application developers with cryptographic tools to easily integrate encryption, digital signatures and other security mechanisms into C-based apps for FIPS 140-2 and Suite B security. It can also be used with Certicom''s PKI, IPSec SSL and IPSec and SSL modules."

04/13/15: Updated vendor and implementation information;
10/09/15: Added new tested information;

366
Section 5.7.1.2: ECC CDH Primitive
LG Electronics, Inc.
20 Yoido-dong
Youngdungpo-gu
Seoul, n/a 152-721
Republic of Korea

-Jongseong Kim
TEL: 82 10 2207 1919
FAX: 82 2 6950 2080

OpenSSL Cryptographic Library

Version 1.0.1e
Qualcomm Snapdragon 800 w/ Android 4.4.2 10/16/2014 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"General-purpose cryptographic services available for Android used by LG devices to provide secured services to applications via the OpenSSL FIPS Object Module, which is a full featured general purpose cryptographic library."

365
Section 4.2,
TLS
SP800-135
Doremi Labs
1020 Chestnut Street
Burbank, CA 91506
USA

-Jean-Philippe Viollet
TEL: (818)562-1101
FAX: (818)562-1109

-Camille Rizko
TEL: (818)562-1101
FAX: (818)562-1109

Power PC TLS KDF

Version 1.4 (Firmware)
Part # PPC405EX-SSD600T
Power PC 9/26/2014 TLS( TLS1.0/1.1 ) SHA Val#2500 HMAC Val#1897

"An Implementation of TLS KDF used in Doremi Labs'' Media Blocks"

11/25/14: Updated implementation information;

364
Section 4.1.1,
IKEv1
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Hewlett Packard Enterprise
153 Taylor Street
Littleton, MA 01460
USA

-Bob Pittman
TEL: 1-978-264-5211
FAX: 1-978-264-5522

HP Comware

Version ComwareV7.1-R1005 (Firmware)
Broadcom XLP316, 1.2GHz, MIPS 9/19/2014 IKEv1( AUTH( DSA , PSK ) ) ( 2048 (SHA 1 , 256 ) ) SHA Val#2510 HMAC Val#1895
TLS( TLS1.0/1.1 ) SHA Val#2510 HMAC Val#1895
SSH (SHA 1 ) SHA Val#2510
SNMP SHA1 Val#2510

"Comware cryptographic library is a software library that provides cryptographic functions within HP devices."

363
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

Brocade FIPS Crypto Library

Version v7.2.1_hil (Firmware)
AMCC PPC 440EPX 9/12/2014 Curves tested: P-256   P-384   P-521

"Brocade cryptographic library is used in Brocade FOS based switches to implement the cryptographic related modules."

362
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

Brocade FastIron IP product Crypto Library

Version BRCD-IP-CRYPTO-VER-3.0 (Firmware)
Dual-core ARM Cortex A9 1Ghz 9/12/2014 TLS( TLS1.0/1.1 ) SHA Val#2505 HMAC Val#1890
SSH (SHA 1 ) SHA Val#2505

"This Brocade cryptographic library is used in Brocade FastIron based switches to implement the cryptographic related modules."

08/04/15: Updated implementation information;

361
Section 5.2, SSH
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-8000
FAX: 408-333-8101

Brocade Vyatta Network OS OpenSSL Cryptographic Module

Version 1.0
Intel Xeon Processor E5-2680 v2 (25 M Cache, 2.80 GHz) w/ Brocade Vyatta Network OS 3.2.1R1 9/12/2014 SSH (SHA 1 , 224 , 256 , 384 , 512 ) SHA Val#2503

"Built for Network Functions Virtualixation (NFV), Brocade Vyatta 5650 and 5630 vRouters are the first virtual routers capable of providing advance routing in software without sacrificing the reliability and performance of hardware networking solutions."

12/09/14: Updated implementation information;

360
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-8000
FAX: 408-333-8101

Brocade Vyatta Network OS OpenSSL Cryptographic Module

Version 1.0
Intel Xeon Processor E5-2680 v2 (25 M Cache, 2.80 GHz) w/ Brocade Vyatta Network OS 3.2.1R1 9/12/2014 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"Built for Network Functions Virtualixation (NFV), Brocade Vyatta 5650 and 5630 vRouters are the first virtual routers capable of providing advance routing in software without sacrificing the reliability and performance of hardware networking solutions."

12/09/14: Updated implementation information;

359
Section 4.2,
TLS
SP800-135
ChaseSun Information Security Technology Development (Bejing)., Ltd.
North Building 13
Xindacheng Plaza
197# Guangzhou Road
Yuexiu District, Guangzhou 510075
China

-Peng Sun
TEL: +86-20-22387717
FAX: +86-20-22387717

CS100 Module Crypto Library

Version 1.0.0 (Firmware)
Freescale MCIMX53 9/12/2014 TLS( TLS1.0/1.1 ) SHA Val#2501 HMAC Val#1886

"CS100 Module Crypto Library implements the cryptographic algorithms such as AES, HMAC, SHA and RNG. The library provides cryptogrpahic finctionality to CS100 module."

358 N/A N/A N/A N/A N/A 9/12/2014 N/A
357
Section 4.1.1,
IKEv1
Section 4.2,
TLS
SP800-135
Ciena Corporation
7035 Ridge Road
Hanover, MD 21076
USA

-Patrick Scully
TEL: 613-670-3207

Ciena 6500 Packet-Optical Platform 4x10G Cryptography Engine

Version 1.10 (Firmware)
Xilinx XC7Z045 8/29/2014 IKEv1( AUTH( PKE ) ) ( 224 (SHA 1 , 256 ) ) ( 384 (SHA 1 , 256 ) ) ( 2048 (SHA 1 , 256 ) ) SHA Val#2493 HMAC Val#1880
TLS( TLS1.2 (SHA 256 , 512 ) ) SHA Val#2493 HMAC Val#1880

"The Ciena 6500 Packet-Optical Platform 4x10G Encryption OTR offers an integrated transport encryption solution providing a protocol-agnostic wirespeed encryption service for use in small to large enterprises or datacenters and also offered through service providers as a differentiated managed service."

356
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Exar Corporation
48720 Kato Road
Fremont, CA 94538
USA

-Larry Hu
TEL: 510-668-7145
FAX: 510-668-7028

-Bin Wu
TEL: 86-13777873933
FAX: 86-571-88156615

Exar XR92xx series die

Part # XR9240
N/A 8/28/2014 RSASP1: (Mod2048: PKCS1.5 )

"The XR92xx provides hardware acceleration of compression, encryption and authentication algorithms including gzip/zlib/Deflate, LZS/eLZS, AES, 3DES, RC4, SHA, HMAC, GMAC and public key algorithms such as DSA, DH, RSA, ECDSA, ECDH and is designed to optimize SSL/IPsec/SRTP packet processing."

355
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
McAfee, Inc.
2821 Mission College Blvd.
Santa Clara, CA 95054
USA

-Klaus Majewski
TEL: +358-40-824-7908

-Jorma Levomäki
TEL: +358-9-476711

McAfee NGFW Cryptographic Library Module (320)

Version 2.0
Intel Atom Processor D525 w/ GNU / Linux (Debian) 6.0 -based distribution 8/28/2014 Curves tested: P-224   P-256   P-384   P-521

"McAfee NGFW Cryptographic Library is a software module that provides cryptographic services required by the McAfee NGFW product."

354
All of SP800-56A EXCEPT KDF
SP800-56A
McAfee, Inc.
2821 Mission College Blvd.
Santa Clara, CA 95054
USA

-Klaus Majewski
TEL: +358-40-824-7908

-Jorma Levomäki
TEL: +358-9-476711

McAfee NGFW Cryptographic Library Module (320)

Version 2.0
Intel Atom Processor D525 w/ GNU / Linux (Debian) 6.0 -based distribution 8/28/2014 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: Full Validation )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB DSA Val#883 SHS Val#2487 DRBG Val#556
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 ECDSA Val#542 SHS Val#2487 DRBG Val#556

"McAfee NGFW Cryptographic Library is a software module that provides cryptographic services required by the McAfee NGFW product."

353
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
McAfee, Inc.
2821 Mission College Blvd.
Santa Clara, CA 95054
USA

-Klaus Majewski
TEL: +358-40-824-7908

-Jorma Levomäki
TEL: +358-9-476711

McAfee NGFW Cryptographic Library (1035)

Version 2.0
Intel Celeron Processor 725c with AES-NI w/ GNU / Linux (Debian) 6.0 -based distribution 8/28/2014 Curves tested: P-224   P-256   P-384   P-521

"McAfee NGFW Cryptographic Library is a software module that provides cryptographic services required by the McAfee NGFW product."

352
All of SP800-56A EXCEPT KDF
SP800-56A
McAfee, Inc.
2821 Mission College Blvd.
Santa Clara, CA 95054
USA

-Klaus Majewski
TEL: +358-40-824-7908

-Jorma Levomäki
TEL: +358-9-476711

McAfee NGFW Cryptographic Library (1035)

Version 2.0
Intel Celeron Processor 725c with AES-NI w/ GNU / Linux (Debian) 6.0 -based distribution 8/28/2014 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: Full Validation )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC DSA Val#882 SHS Val#2486 DRBG Val#555
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 ECDSA Val#541 SHS Val#2486 DRBG Val#555

"McAfee NGFW Cryptographic Library is a software module that provides cryptographic services required by the McAfee NGFW product."

351
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
McAfee, Inc.
2821 Mission College Blvd.
Santa Clara, CA 95054
USA

-Klaus Majewski
TEL: +358-40-824-7908

-Jorma Levomäki
TEL: +358-9-476711

McAfee NGFW Cryptographic Library Module (1065)

Version 2.0
Intel Core i3-2115c with AES-NI w/ GNU / Linux (Debian) 6.0 -based distribution 8/28/2014 Curves tested: P-224   P-256   P-384   P-521

"McAfee NGFW Cryptographic Library is a software module that provides cryptographic services required by the McAfee NGFW product."

350
All of SP800-56A EXCEPT KDF
SP800-56A
McAfee, Inc.
2821 Mission College Blvd.
Santa Clara, CA 95054
USA

-Klaus Majewski
TEL: +358-40-824-7908

-Jorma Levomäki
TEL: +358-9-476711

McAfee NGFW Cryptographic Library Module (1065)

Version 2.0
Intel Core i3-2115c with AES-NI w/ GNU / Linux (Debian) 6.0 -based distribution 8/28/2014 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: Full Validation )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC DSA Val#881 SHS Val#2485 DRBG Val#554
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 ECDSA Val#540 SHS Val#2485 DRBG Val#554

"McAfee NGFW Cryptographic Library is a software module that provides cryptographic services required by the McAfee NGFW product."

349
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
McAfee, Inc.
2821 Mission College Blvd.
Santa Clara, CA 95054
USA

-Klaus Majewski
TEL: +358-40-824-7908

-Jorma Levomäki
TEL: +358-9-476711

McAfee NGFW Cryptographic Library Module (1402)

Version 2.0
Intel Xeon Processor E5-1650v2 with AES-NI w/ GNU / Linux (Debian) 6.0 -based distribution 8/28/2014 Curves tested: P-224   P-256   P-384   P-521

"McAfee NGFW Cryptographic Library is a software module that provides cryptographic services required by the McAfee NGFW product."

348
All of SP800-56A EXCEPT KDF
SP800-56A
McAfee, Inc.
2821 Mission College Blvd.
Santa Clara, CA 95054
USA

-Klaus Majewski
TEL: +358-40-824-7908

-Jorma Levomäki
TEL: +358-9-476711

McAfee NGFW Cryptographic Library Module (1402)

Version 2.0
Intel Xeon Processor E5-1650v2 with AES-NI w/ GNU / Linux (Debian) 6.0 -based distribution 8/28/2014 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: Full Validation )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC DSA Val#880 SHS Val#2484 DRBG Val#553
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 ECDSA Val#539 SHS Val#2484 DRBG Val#553

"McAfee NGFW Cryptographic Library is a software module that provides cryptographic services required by the McAfee NGFW product."

347
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
McAfee, Inc.
2821 Mission College Blvd.
Santa Clara, CA 95054
USA

-Klaus Majewski
TEL: +358-40-824-7908

-Jorma Levomäki
TEL: +358-9-476711

McAfee NGFW Cryptographic Library Module (3202)

Version 2.0
Intel Xeon Processor E5-2660 with AES-NI w/ GNU / Linux (Debian) 6.0 -based distribution 8/28/2014 Curves tested: P-224   P-256   P-384   P-521

"McAfee NGFW Cryptographic Library is a software module that provides cryptographic services required by the McAfee NGFW product."

346
All of SP800-56A EXCEPT KDF
SP800-56A
McAfee, Inc.
2821 Mission College Blvd.
Santa Clara, CA 95054
USA

-Klaus Majewski
TEL: +358-40-824-7908

-Jorma Levomäki
TEL: +358-9-476711

McAfee NGFW Cryptographic Library Module (3202)

Version 2.0
Intel Xeon Processor E5-2660 with AES-NI w/ GNU / Linux (Debian) 6.0 -based distribution 8/28/2014 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: Full Validation )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC DSA Val#879 SHS Val#2483 DRBG Val#552
ECC:
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 ECDSA Val#538 SHS Val#2483 DRBG Val#552

"McAfee NGFW Cryptographic Library is a software module that provides cryptographic services required by the McAfee NGFW product."

345
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
McAfee, Inc.
2821 Mission College Blvd.
Santa Clara, CA 95054
USA

-Klaus Majewski
TEL: +358-40-824-7908

-Jorma Levomäki
TEL: +358-9-476711

McAfee NGFW Cryptographic Library Module (3206)

Version 2.0
Intel Xeon Processor E5-2680 with AES-NI w/ GNU / Linux (Debian) 6.0 -based distribution 8/28/2014 Curves tested: P-224   P-256   P-384   P-521

"McAfee NGFW Cryptographic Library is a software module that provides cryptographic services required by the McAfee NGFW product."

344
All of SP800-56A EXCEPT KDF
SP800-56A
McAfee, Inc.
2821 Mission College Blvd.
Santa Clara, CA 95054
USA

-Klaus Majewski
TEL: +358-40-824-7908

-Jorma Levomäki
TEL: +358-9-476711

McAfee NGFW Cryptographic Library Module (3206)

Version 2.0
Intel Xeon Processor E5-2680 with AES-NI w/ GNU / Linux (Debian) 6.0 -based distribution 8/28/2014 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: Full Validation )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC DSA Val#878 SHS Val#2482 DRBG Val#550
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 ECDSA Val#537 SHS Val#2482 DRBG Val#550

"McAfee NGFW Cryptographic Library is a software module that provides cryptographic services required by the McAfee NGFW product."

343
Section 4.1.1,
IKEv1
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Hewlett Packard Enterprise
153 Taylor Street
Littleton, MA 01460
USA

-Bob Pittman
TEL: 1-978-264-5211
FAX: 1-978-264-5522

HP Comware

Version Comware V7.1-R2311 (Firmware)
RMI(Netlogic) XLS408, 1.2GHz, MIPS 8/28/2014 IKEv1( AUTH( DSA , PSK ) ) ( 2048 (SHA 1 , 256 ) ) SHA Val#2481 HMAC Val#1868
TLS( TLS1.0/1.1 ) SHA Val#2481 HMAC Val#1868
SSH (SHA 1 ) SHA Val#2481
SNMP SHA1 Val#2481

"Comware cryptographic library is a software library that provides cryptographic functions within HP devices."

342
Section 4.1.1,
IKEv1
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Hewlett Packard Enterprise
153 Taylor Street
Littleton, MA 01460
USA

-Bob Pittman
TEL: 1-978-264-5211
FAX: 1-978-264-5522

HP Comware

Version Comware V7.1-R2111 (Firmware)
Broadcom XLP316, 1.2GHz, MIPS 8/28/2014 IKEv1( AUTH( DSA , PSK ) ) ( 2048 (SHA 1 , 256 ) ) SHA Val#2480 HMAC Val#1867
TLS( TLS1.0/1.1 ) SHA Val#2480 HMAC Val#1867
SSH (SHA 1 ) SHA Val#2480
SNMP SHA1 Val#2480

"Comware cryptographic library is a software library that provides cryptographic functions within HP devices."

341
Section 4.1.1,
IKEv1
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Hewlett Packard Enterprise
153 Taylor Street
Littleton, MA 01460
USA

-Bob Pittman
TEL: 1-978-264-5211
FAX: 1-978-264-5522

HP Comware

Version Comware V7.1-R2406 (Firmware)
Freescale P2020, 1.2GHz, PowerPC 8/28/2014 IKEv1( AUTH( DSA , PSK ) ) ( 2048 (SHA 1 , 256 ) ) SHA Val#2479 HMAC Val#1866
TLS( TLS1.0/1.1 ) SHA Val#2479 HMAC Val#1866
SSH (SHA 1 ) SHA Val#2479
SNMP SHA1 Val#2479

"Comware cryptographic library is a software library that provides cryptographic functions within HP devices."

340
Section 4.1.1,
IKEv1
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Hewlett Packard Enterprise
153 Taylor Street
Littleton, MA 01460
USA

-Bob Pittman
TEL: 1-978-264-5211
FAX: 1-978-264-5522

HP Comware

Version Comware V7.1-R7328 (Firmware)
Freescale MPC8548, 1.0GHz, PowerPC 8/28/2014 IKEv1( AUTH( DSA , PSK ) ) ( 2048 (SHA 1 , 256 ) ) SHA Val#2478 HMAC Val#1865
TLS( TLS1.0/1.1 ) SHA Val#2478 HMAC Val#1865
SSH (SHA 1 ) SHA Val#2478
SNMP SHA1 Val#2478

"Comware cryptographic library is a software library that provides cryptographic functions within HP devices."

339
Section 4.1.1,
IKEv1
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Hewlett Packard Enterprise
153 Taylor Street
Littleton, MA 01460
USA

-Bob Pittman
TEL: 1-978-264-5211
FAX: 1-978-264-5522

HP Comware with Hardware Accelerators

Version 5.2.109 (Firmware)
P1020, 880MHz, PowerPC; XLP432, 1.4GHz, MIPS; XLR732, 950Mhz, MIPS; XLS208, 750Mhz, MIPS 8/28/2014 IKEv1( AUTH( DSA , PSK ) ) ( 2048 (SHA 1 , 256 ) ) SHA Val#2476 HMAC Val#1864
TLS( TLS1.0/1.1 ) SHA Val#2476 HMAC Val#1864
SSH (SHA 1 ) SHA Val#2476
SNMP SHA1 Val#2476

"Comware cryptographic library is a software library that provides cryptographic functions within HP devices."

338
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

Brocade FIPS Crypto Library

Version NOS 5.0.0 (Firmware)
E 500 mc 8/28/2014 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#2473 HMAC Val#1861
SSH (SHA 1 , 224 , 256 , 384 , 512 ) SHA Val#2473

"Brocade cryptographic library is used in Brocade NOS based switches to implement the cryptographic related modules."

337
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

Brocade FIPS Crypto Library

Version NOS 5.0.0 (Firmware)
E 500 mc 8/28/2014 Curves tested: P-256   P-384   P-521

"Brocade cryptographic library is used in Brocade NOS based switches to implement the cryptographic related modules."

336
RSADP Primitive
FIPS186-4 RSA; RSADP
Oberthur Technologies
402 rue d’Estienne d’Orves
Colombes, n/a 92700
France

-GOYET Christophe
TEL: +1 703 322 8951

-BOUKYOUD Saïd
TEL: +33 1 78 14 72 58
FAX: +33 1 78 14 70 20

RSA on Cosmo V8

Version 07888.8 with 07846.9 (Firmware)
Part # 0F
ID-One PIV-C on Cosmo V8 ;  N/A 8/11/2014 RSADP: (Mod2048)

"ID-One Cosmo V8 is a dual interface (ISO 7816 & ISO 14443) smartcard hardware platform compliant with Javacard 3.0.1 and GlobalPlatform 2.2.1 chip which supports RSA (including RSA-CRT) encrypt/decrypt and digital signature generation /verification with keys from 64 to 2048-bit by step of 32-bit."

335
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Microsemi Corporation
One Enterprise Aliso Viejo
Camarillo, CA 92656
USA

-Richard Newell
TEL: +1 (408) 643-6146

Microsemi SoC Cryptographic Module Mark II

Version 1.1 (Firmware)
Mentor Graphics Questa Simulator 10.1c 8/11/2014 Curves tested: P-384

"The Microsemi SoC Cryptographic Module provides custom hardware/firmware acceleration of the standard cryptographic algorithms used in Microsemi FPGAs and SoC FPGAs like Igloo®2 and SmartFusion®2. They are used to securely configure the devices, and are also made available to the FPGA user via an internal bus interface for use in end applications."

334
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Pitney Bowes, Inc.
37 Executive Drive
Danbury, CT 06810
USA

-Dave Riley
TEL: 203-796-3208

libkas

Version 01.01.000A (Firmware)
Part # MAX32590 Rev B4
n/a 8/11/2014 Curves tested: P-256

"Pitney Bowes X4 HSM Cryptographic Module"

333
Section 4.2,
TLS
SP800-135
Digicine Oristar Technology Development (Beijing) Co., Ltd.
No.1 Di Sheng West Street, BDA
Da Xing District
Beijing, 100176
China

-Mr. Xiao, Liquin
TEL: +86-010-8712 9372
FAX: +86-010-87127010

-Dr. Sun, Xiaobin
TEL: +86-010-8712 9111
FAX: +86-010-87127010

Oristar IMB TLSKDF Core-S

Version 1.0.0 (Firmware)
RENESAS SH-4A 8/11/2014 TLS( TLS1.0/1.1 ) SHA Val#2470 HMAC Val#1859

"Oristar IMB TLSKDF Core-S is the firmware module for digital cinema system."

332
Section 4.2,
TLS
SP800-135
Blue Coat Systems, Inc.
420 North Mary Avenue
Sunnyvale, California 94085-4121
USA

-Diana Robinson
TEL: +1 (845) 454-6397

-Tammy Green
TEL: +1 (801) 999-2973

Blue Coat SGOS TLS Library

Version 3.1.5 (Firmware)
Intel Xeon E5-2418L; Intel Xeon E5-2430; Intel Xeon E5-2658 8/11/2014 TLS( TLS1.0/1.1 ) SHA Val#2467 HMAC Val#1857

"The Blue Coat SGOS TLS Library provides the necessary SSL/TLS protocol support to a proprietary operating system (SGOS 6.5.2) developed specifically for use in Blue Coat''s ProxySG appliance line. ."

331
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
OpenSSL Software Foundation, Inc.
1829 Mount Ephraim Road
Adamstown, MD 27101
USA

-Steve Marquess
TEL: 877-673-6775

OpenSSL FIPS Object Module

Version 2.0.8
Xeon E5-2430L (x86) without AES-NI w/ FreeBSD 10.0; Xeon E5-2430L (x86) with AES-NI w/ FreeBSD 10.0; Intel Xeon E5440 (x86) 32-bit without AES-NI w/ FreeBSD 8.4; Intel Xeon E3-1220 (x86) without AES-NI w/ VMware Horizon Workspace 2.1 under vSphere; Intel Xeon E3-1220 (x86) with AES-NI w/ VMware Horizon Workspace 2.1 under vSphere; Freescale i.MX25 (ARMv4) w/ QNX 6.5 8/11/2014 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"The OpenSSL FIPS Object Module is a full featured general purpose cryptographic library that is distributed in source code form under an open source license. It can be downloaded from www.openssl.org/source/."

09/22/14: Added new tested information;
10/29/14: Added new tested information;

330
Section 4.1.1,
IKEv1
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Hewlett Packard Enterprise
153 Taylor Street
Littleton, MA 01460
USA

-Bob Pittman
TEL: 1-978-264-5211
FAX: 1-978-264-5522

HP Comware

Version Version 7.1.R0106 (Firmware)
Freescale P1021, 800Mhz, PowerPC; Cavium 6130, 1Ghz, MIPS; Cavium 6635, 1.3 Ghz, MIPS; Cavium 6218, 1Ghz, MIPS; Cavium 6740, 1Ghz, MIPS; Cavium 6760, 1Ghz, MIPS; Cavium 6880, 1.2Ghz, MIPS 7/31/2014 IKEv1( AUTH( DSA , PSK ) ) ( 2048 (SHA 1 ) ) SHA Val#2463 HMAC Val#1854
TLS( TLS1.0/1.1 ) SHA Val#2463 HMAC Val#1854
SSH (SHA 1 ) SHA Val#2463
SNMP SHA1 Val#2463

"Comware cryptographic library is a software library that provides cryptographic functions within HP devices."

329
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
Section 4.2,
TLS
SP800-135
Fortinet Inc.
899 Kifer Road
Sunnyvale, CA 94086
USA

-Alan Kaye
TEL: 613-225-9381
FAX: 613-225-2951

FortiClient FCCrypt Cryptolibrary v5.0

Version 5.0
Intel Core 2 Duo w/ Windows 7 Enterprise ;  N/A 7/31/2014 IKEv1( AUTH( DSA , PKE , PSK ) ) ( 2048 (SHA 1 , 256 ) ) ( 8192 (SHA 1 , 256 ) ) SHA Val#2451 HMAC Val#1842
IKEv2( ( 2048 (SHA 1 , 256 ) ) ( 8192 (SHA 1 , 256 ) ) SHA Val#2451 HMAC Val#1842
TLS( TLS1.0/1.1 ) SHA Val#2451 HMAC Val#1842

"The FCCrypt library provides the following services for the FortiClient 5.0: HMAC, SHA-1, SHA-256, AES CBC, AES ECB, 3DES, RSA and NIST 800-90A RBG."

328
Section 4.2,
TLS
SP800-135
Blue Coat Systems, Inc.
420 North Mary Avenue
Sunnyvale, California 94085-4121
USA

-Diana Robinson
TEL: +1 (845) 454-6397

-Tammy Green
TEL: +1 (801) 999-2973

Blue Coat SG VA TLS Library

Version 3.1.4
Intel Xeon w/ VMware ESXi v5.1 with SGOS v6.5.2 7/18/2014 TLS( TLS1.0/1.1 ) SHA Val#2307 HMAC Val#1716

"The Blue Coat SG VA TLS Library provides the necessary SSL/TLS key derivation functionality to a proprietary operating system (SGOS 6.5.2) developed specifically for use in Blue Coat''s Secure Web Gateway virtual appliance ."

327
Signature Generation of hash sized messages
FIPS186-4 ECDSA
Atmel Corporation
1150 E. Cheyenne Mountain Blvd
Colorado Springs, CO 80906
USA

-Jim Hallman
TEL: (919) 846-3391

ATECC108A

Version 0x1003 (Firmware)
Cadence NC Verilog hardware simulator 7/18/2014 ECDSA SigGen Component: CURVES( P-256 K-283 B-283 )

"Atmel CryptoAuthentication: Secure authentication and product validation device."

326
Section 4.1.1,
IKEv1
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Hewlett Packard Enterprise Company
1344 Crossman Ave
Sunnyvale, CA 94089
USA

-Steve Weingart
TEL: 512-319-2480
FAX: 408-227-4550

ArubaOS OpenSSL Module

Version ArubaOS 6.4 (Firmware)
Broadcom XLP Series; Freescale QorIQ P10XX Series 7/10/2014 IKEv1( AUTH( DSA , PSK ) ) ( 2048 (SHA 1 , 256 , 384 ) ) SHA Val#2440 HMAC Val#1835
TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#2440 HMAC Val#1835
SSH (SHA 1 ) SHA Val#2440
SNMP SHA1 Val#2440

"The Aruba MOVE Architecture forms the core network infrastructure for supporting mobile and wireless computing devices. The system enables enterprise-scale 802.11 wireless LANs (Wi-Fi), secure remote VPNs, and mobility-optimized wired networks. The Broadcom XLP Series includes Broadcom XLP 204, XLP 208, XLP 316, XLP 408, XLP 416 and XLP 432 processors; the Freescale QorIQ P10XX Series includes P1010 and P1020 processors."

12/04/14: Updated implementation information;
12/24/14: Updated implementation information;
08/18/15: Updated implementation information;
01/12/16: Updated vendor information;

325
Section 4.2,
TLS
SP800-135
Palo Alto Networks
4401 Great America Parkway
Santa Clara, California 95054
USA

-Richard Bishop
TEL: 408-753-4000
FAX: 408-753-4001

-Jake Bajic
TEL: 408-753-3901
FAX: 408-753-4001

Palo Alto Networks Crypto Module (PA-200, PA-500, PA-2000 Series, PA-3000 Series, PA-4000 Series, PA-5000 and PA-7050 Series Firewalls and M100/Panorama)

Version PAN-OS 6.0/Panorama 6.0 (Firmware)
Cavium Octeon MIPS64 7/10/2014 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 ) ) SHA Val#2439 HMAC Val#1832

"The Palo Alto Networks Crypto Module provides the cryptographic functionality for a variety of platforms i.e. the PA-200, PA-500, PA-2000, PA-3000, PA-4000, PA-5000 and PA-7050 firewalls and M100/Panorama. The firewalls provide network security by enabling enterprises to see/control applications, users, and content."

324
Section 4.1.1,
IKEv1
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Palo Alto Networks
4401 Great America Parkway
Santa Clara, California 95054
USA

-Richard Bishop
TEL: 408-753-4000
FAX: 408-753-4001

-Jake Bajic
TEL: 408-753-3901
FAX: 408-753-4001

Palo Alto Networks Crypto Module (PA-200, PA-500, PA-2000 Series, PA-3000 Series, PA-4000 Series, PA-5000 and PA-7050 Series Firewalls and M100/Panorama)

Version PAN-OS 6.0/Panorama 6.0 (Firmware)
Cavium Octeon MIPS64; Intel Multi Core Xeon; Intel Celeron P4505; Intel Core I7 7/10/2014 IKEv1( AUTH( PSK ) ) ( 224 (SHA 256 , 384 , 512 ) ) SHA Val#2439 HMAC Val#1832
TLS( TLS1.0/1.1 ) SHA Val#2439 HMAC Val#1832
SSH (SHA 1 ) SHA Val#2439
SNMP SHA1 Val#2439

"The Palo Alto Networks Crypto Module provides the cryptographic functionality for a variety of platforms i.e. the PA-200, PA-500, PA-2000, PA-3000, PA-4000, PA-5000 and PA-7050 firewalls and M100/Panorama. The firewalls provide network security by enabling enterprises to see/control applications, users, and content."

323
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
Section 4.2,
TLS
SP800-135
Microsoft Corporation
One Microsoft Way
Redmond, WA 98052-6399
USA

-Tim Myers
TEL: 800-Microsoft

Microsoft Windows 8.1, Microsoft Windows Server 2012 R2, Microsoft Windows Storage Server 2012 R2, Microsoft Windows RT 8.1, Microsoft Surface with Windows RT 8.1, Microsoft Surface Pro with Windows 8.1, Microsoft Surface 2, Microsoft Surface Pro 2, Microsoft Surface Pro 3, Microsoft Windows Phone 8.1, Microsoft Windows Embedded 8.1 Industry and Microsoft StorSimple 8100 BCryptPrimitives and NCryptSSLp

Version 6.3.9600
Intel Pentium without AES-NI w/ Microsoft Windows 8.1 Enterprise (x86); Intel Pentium without AES-NI w/ Microsoft Windows Embedded 8.1 Industry Enterprise x86; Intel Pentium without AES-NI w/ Microsoft Windows 8.1 Enterprise (x64); Intel Pentium without AES-NI w/ Microsoft Windows Embedded 8.1 Industry Enterprise (x64); Intel Pentium without AES-NI w/ Microsoft Windows Server 2012 R2 (x64); Intel Pentium without AES-NI w/ Microsoft Windows Storage Server 2012 R2 (x64); AMD Athlon 64 X2 without AES-NI w/ Microsoft Windows 8.1 Enterprise (x86); AMD Athlon 64 X2 without AES-NI w/ Microsoft Windows Embedded 8.1 Industry Enterprise x86; AMD Athlon 64 X2 without AES-NI w/ Microsoft Windows 8.1 Enterprise (x64); AMD Athlon 64 X2without AES-NI w/ Microsoft Windows Embedded 8.1 Industry Enterprise (x64); AMD Athlon 64 X2 without AES-NI w/ Microsoft Windows Server 2012 R2 (x64); AMD Athlon 64 X2 without AES-NI w/ Microsoft Windows Storage Server 2012 R2 (x64); Intel Core i7 without AES-NI or PCLMULQDQ or SSSE3 w/ Microsoft Windows 8.1 Enterprise (x86); Intel Core i7 without AES-NI or PCLMULQDQ or SSSE3 w/ Microsoft Windows Embedded 8.1 Industry Enterprise x86; Intel Core i7 without AES-NIor PCLMULQDQ or SSSE3 w/ Microsoft Windows Embedded 8.1 Industry Enterprise (x64); Intel Core i7 without AES-NI or PCLMULQDQ or SSSE3 w/ Microsoft Windows Server 2012 R2 (x64); Intel Core i7 without AES-NI or PCLMULQDQ or SSSE3 w/ Microsoft Windows Storage Server 2012 R2 (x64); AMD A4 without AES-NI or PCLMULQDQ or SSSE3 w/ Microsoft Windows 8.1 Enterprise (x86); AMD A4 without AES-NI or PCLMULQDQ or SSSE3 w/ Microsoft Windows Embedded 8.1 Industry Enterprise x86; AMD A4 without AES-NI or PCLMULQDQ or SSSE3 w/ Microsoft Windows 8.1 Enterprise (x64); AMD A4 without AES-NI or PCLMULQDQ or SSSE3 w/ Microsoft Windows Embedded 8.1 Industry Enterprise (x64); AMD A4 without AES-NI or PCLMULQDQ or SSSE3 w/ Microsoft Windows Server 2012 R2 (x64); Intel Core i5 with AES-NI w/ Microsoft Windows 8.1 Enterprise (x64); Intel Core i5 with AES-NI w/ Microsoft Surface Pro with Windows 8.1 Pro; Intel Core i5 with AES-NI w/ Microsoft Surface Pro 2 with Windows 8.1 Pro; NVIDIA Tegra 3 Quad Core w/ Microsoft Windows 8.1 RT; NVIDIA Tegra 3 Quad-Core w/ Microsoft Windows 8.1 RT; Qualcomm Snapdragon S4 w/ Microsoft Windows 8.1 RT; NVIDIA Tegra 4 Quad Core w/ Microsoft Windows 8.1 RT; Qualcomm Snapdragon S4 w/ Microsoft Windows 8.1 RT; Qualcomm Snapdragon 400 w/ Microsoft Windows 8.1 RT; Qualcomm Snapdragon 800 w/ Microsoft Windows 8.1 RT; Intel Core i3 without AES-NI and with PCLMULQDQ and SSSE3 w/ Microsoft Windows 8.1 Enterprise (x64); Intel Core i3 without AES-NI and with PCLMULQDQ and SSSE3 w/ Microsoft Windows Embedded 8.1 Industry Enterprise (x64); Intel Core i3 without AES-NI and with PCLMULQDQ and SSSE3 w/ Microsoft Windows Server 2012 R2 (x64); Intel Core i3 without AES-NI and with PCLMULQDQ and SSSE3 w/ Microsoft Windows Storage Server 2012 R2 (x64); Intel Core i7 with AES-NI and PCLMULQDQ and SSSE3 w/ Microsoft Windows 8.1 Enterprise (x64); Intel Core i7 with AES-NI and PCLMULQDQ and SSSE3 w/ Microsoft Windows Embedded 8.1 Industry Enterprise (x64); Intel Core i7 with AES-NI and PCLMULQDQ and SSSE3 w/ Microsoft Windows Server 2012 R2 (x64); Intel Core i7 with AES-NI and PCLMULQDQ and SSSE3 w/ Microsoft Windows Storage Server 2012 R2 (x64); AMD A4 with AES-NI and PCLMULQDQ and SSSE3 w/ Microsoft Windows 8.1 Enterprise (x64); AMD A4 with AES-NI and PCLMULQDQ and SSSE3 w/ Microsoft Windows Embedded 8.1 Industry Enterprise (x64); AMD A4 with AES-NI and PCLMULQDQ and SSSE3 w/ Microsoft Windows Server 2012 R2 (x64); AMD A4 with AES-NI and PCLMULQDQ and SSSE3 w/ Microsoft Windows Storage Server 2012 R2 (x64) ;  Intel Xeon E5-2648L without AES-NI w/ Microsoft StorSimple 8100 w/ Microsoft Windows Server 2012 R2; Intel Xeon E5-2648L with AES-NI w/ Microsoft StorSimple 8100 w/ Microsoft Windows Server 2012 R2; Intel Core i7 with AES-NI and PCLMULQDQ and SSSE 3 w/ Microsoft Surface Pro 3 w/ Windows 8.1 Pro (x64) 7/10/2014 IKEv1( AUTH( DSA , PKE , PSK ) ) ( 2048 (SHA 256 ) ) ( 256 (SHA 256 ) ) ( 384 (SHA 384 ) ) SHA Val#2373 HMAC Val#1773
IKEv2( ( 2048 (SHA 256 ) ) ( 256 (SHA 256 ) ) ( 384 (SHA 384 ) ) SHA Val#2373 HMAC Val#1773
TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#2373 HMAC Val#1773

"The Microsoft Windows Cryptographic Primitives Library provides IKEv1, IKEv2, and TLS Key Derivation Function (KDF) primitives."

12/11/14: Added new tested information;
03/13/15: Added new tested information;

322
Section 4.1.1,
IKEv1
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134
USA

-Global Certification Team

OSSL

Version Openssl-0.9.8g-8.0.0 (Firmware)
Cavium 56XX 7/10/2014 IKEv1( ( 2048 (SHA 1 ) ) SHA Val#2437 HMAC Val#1830
TLS( TLS1.0/1.1 ) SHA Val#2437 HMAC Val#1830
SSH (SHA 1 ) SHA Val#2437
SNMP SHA1 Val#2437

"Cisco WLAN Controllers provide centralized control, management and scalability for small, medium and large-scale Government WLAN networks using APs joined over secure DTLS connection and support IEEE 802.11i security standard with WPA2 to enable a Secure Wireless Architecture."

10/14/2014: Added KDF 800-135 IKEv1 KDF and SNMP KDF and updated implementation description.
08/20/2015: Updated prerequisite numbers.

321
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

Brocade FIPS Crpyto Library

Version FOS 7.3.0 (Firmware)
PPC 440GPX and PPC 8548 7/10/2014 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#2436 HMAC Val#1829
SSH (SHA 1 , 224 , 256 , 384 , 512 ) SHA Val#2436

"Brocade Cryptographic Library is used in Brocade FOS based switches to implement the cryptographic related modules."

320
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

Brocade FIPS Crpyto Library

Version FOS 7.3.0 (Firmware)
PPC 440GPX and PPC 8548 7/10/2014 Curves tested: P-256   P-384   P-521

"Brocade Cryptographic Library is used in Brocade FOS based switches to implement the cryptographic related modules."

319
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris marks
TEL: 408-333-0480
FAX: 408-333-8101

Brocade FIPS Crypto Library

Version FOS 7.3.0 (Firmware)
E 500 mc 7/10/2014 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#2435 HMAC Val#1828
SSH (SHA 1 , 224 , 256 , 384 , 512 ) SHA Val#2435

"Brocade cryptographic library is used in Brocade FOS based switches to implement the cryptographic related modules."

318
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris marks
TEL: 408-333-0480
FAX: 408-333-8101

Brocade FIPS Crypto Library

Version FOS 7.3.0 (Firmware)
E 500 mc 7/10/2014 Curves tested: P-256   P-384   P-521

"Brocade cryptographic library is used in Brocade FOS based switches to implement the cryptographic related modules."

317
Section 4.2,
TLS
SP800-135
Cisco Systems, Inc.
170 W. Tasman Drive
San Jose, CA 95134
USA

-Global Certification Team

ONS Encryption Card Firmware Algorithms

Version 1.2 (Firmware)
Freescale P1010 7/10/2014 TLS( TLS1.0/1.1 ) SHA Val#2428 HMAC Val#1821

"Firmware algorithm implementations for the ONS encryption card."

316
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Cisco Systems, Inc.
170 W. Tasman Drive
San Jose, CA 95134
USA

-Global Certification Team

ONS Controller Card Firmware Algorithms

Version 1.2 (Firmware)
Freescale MPC8568E 7/10/2014 TLS( TLS1.0/1.1 ) SHA Val#2427 HMAC Val#1820
SSH (SHA 1 , 256 ) SHA Val#2427

"Firmware algorithm implementations for the ONS controller cards."

315
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
SP800-135
Motorola Solutions, Inc.
6480 Via Del Oro
San Jose, CA 95119
USA

-Ashot Andreasyan
TEL: 408-826-3203
FAX: 408-538-2883

IKEv1 KDF IKEv2 KDF

Version 16.6.0.80 (Firmware)
FreeScale MPC-8568E; FreeScale MPC-7457 7/10/2014 IKEv1( AUTH( PSK ) ) ( 2048 (SHA 1 ) ) SHA Val#2057 HMAC Val#1486
IKEv2( ( 2048 (SHA 1 ) ) SHA Val#2057 HMAC Val#1486

"IKEv1 and IKEv2 Key Derivation Functions are used to derive shared secret keys between peers for the S6000 and GGM8000 network devices."

314
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
SP800-135
Aruba Networks, Inc.
1344 Crossman Ave
Sunnyvale, CA 94089
USA

-Jon Green
TEL: 408-227-4500
FAX: 408-227-4550

-Steve Weingart
TEL: 210-516-5736

ArubaOS Crypto Module

Version ArubaOS 6.4 (Firmware)
Broadcom XLP Series; Freescale QorIQ P1020 7/10/2014 IKEv1( AUTH( DSA , PSK ) ) ( 256 (SHA 256 , 384 ) ) ( 384 (SHA 256 , 384 ) ) ( 2048 (SHA 256 , 384 ) ) SHA Val#2425 HMAC Val#1818
IKEv2( ( 2048 (SHA 256 , 384 ) ) SHA Val#2425 HMAC Val#1818

"The Aruba MOVE Architecture forms the core network infrastructure for supporting mobile and wireless computing devices. The system enables enterprise-scale 802.11 wireless LANs (Wi-Fi), secure remote VPNs, and mobility-optimized wired networks."

12/04/14: Updated implementation information;

313
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Hewlett Packard Enterprise Company
1344 Crossman Ave
Sunnyvale, CA 94089
USA

-Steve Weingart
TEL: 512-319-2480
FAX: 408-227-4550

ArubaOS Crypto Module

Version ArubaOS 6.4 (Firmware)
Broadcom XLP Series; Freescale QorIQ P10XX Series 7/10/2014 RSASP1: (Mod2048: PKCS1.5 )

"The Aruba MOVE Architecture forms the core network infrastructure for supporting mobile and wireless computing devices. The system enables enterprise-scale 802.11 wireless LANs (Wi-Fi), secure remote VPNs, and mobility-optimized wired networks. The Broadcom XLP Series includes Broadcom XLP 204, XLP 208, XLP 316, XLP 408, XLP 416 and XLP 432 processors; the Freescale QorIQ P10XX Series includes P1010 and P1020 processors."

12/04/14: Updated implementation information;
12/24/14: Updated implmentation information;
08/18/15: Updated implementation information;
01/12/16: Updated vendor information;

312
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

Brocade FIPS Crypto Library

Version FOS 7.3.0 (Firmware)
AMCC PPC 440EPX 6/27/2014 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#2417 HMAC Val#1814
SSH (SHA 1 , 224 , 256 , 384 , 512 ) SHA Val#2417

"Brocade Cryptographic library is used in Brocade FOS based switches to implement the cryptographic related modules."

311
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

Brocade FIPS Crypto Library

Version FOS 7.3.0 (Firmware)
AMCC PPC 440EPX 6/27/2014 Curves tested: P-256   P-384   P-521

"Brocade Cryptographic library is used in Brocade FOS based switches to implement the cryptographic related modules."

310
Section 4.2,
TLS
SP800-135
Neopost Technologies, S.A.
113 Rue Jean Marin Naudin
BAGNEUX, 92220
France

-Nathalie TORTELLIER
TEL: 33 01 45 36 30 72
FAX: 33 01 45 36 30 10

Neopost PSD

Version A0038114A (Firmware)
Part # A0014227B
n/a 6/27/2014 TLS( TLS1.2 (SHA 256 ) ) SHA Val#2416 HMAC Val#1813

"Neopost Postal Secure Device (PSD) for low to high range of franking machines"

309
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Symantec Corporation
350 Ellis Street
Mountain View, CA 94043
USA

-Bill Zhao
TEL: 650-527-0683

PSymantec PGP Cryptographic Engine

Version 4.3
sVirtualized vSphere 5.1 / ESXi 5.1 hypervisor w/ Windows Server 2012 R2 x64 6/27/2014 Curves tested: P-256   P-384   P-521

"The Symantec PGP Cryptographic Engine is a FIPS 140-2 validated software only cryptographic module. The module implements the cryptographic functions for Symantec Encryption products, including the Symantec Drive Encryption, Symantec Desktop Email, Symantec File Share Encryption, Symantec Encryption Desktop, and Symantec Gateway Email."

308
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Symantec Corporation
350 Ellis Street
Mountain View, CA 94043
USA

-Bill Zhao
TEL: 650-527-0683

Symantec PGP Cryptographic Engine

Version 4.3
Virtualized vSphere 5.1 / ESXi 5.1 hypervisor w/ Windows 8.1 update 1 x64 6/27/2014 Curves tested: P-256   P-384   P-521

"The Symantec PGP Cryptographic Engine is a FIPS 140-2 validated software only cryptographic module. The module implements the cryptographic functions for Symantec Encryption products, including the Symantec Drive Encryption, Symantec Desktop Email, Symantec File Share Encryption, Symantec Encryption Desktop, and Symantec Gateway Email."

307
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Symantec Corporation
350 Ellis Street
Mountain View, CA 94043
USA

-Bill Zhao
TEL: 650-527-0683

Symantec PGP Cryptographic Engine

Version 4.3
Dell Precision M6400 Intel Core 2 Duo w/ Linux 64-bit RHEL 6.2 6/27/2014 Curves tested: P-256   P-384   P-521

"The Symantec PGP Cryptographic Engine is a FIPS 140-2 validated software only cryptographic module. The module implements the cryptographic functions for Symantec Encryption products, including the Symantec Drive Encryption, Symantec Desktop Email, Symantec File Share Encryption, Symantec Encryption Desktop, and Symantec Gateway Email."

306
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Symantec Corporation
350 Ellis Street
Mountain View, CA 94043
USA

-David Finkelstein
TEL: 650-527-0714

Symantec PGP Cryptographic Engine

Version 4.3
Dell Precision M6400 Intel Core 2 Duo w/ Windows 7 32 bit 6/27/2014 Curves tested: P-256   P-384   P-521

"The Symantec PGP Cryptographic Engine is a FIPS 140-2 validated software only cryptographic module. The module implements the cryptographic functions for Symantec Encryption products, including the Symantec Drive Encryption, Symantec Desktop Email, Symantec File Share Encryption, Symantec Encryption Desktop, and Symantec Gateway Email."

305
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Symantec Corporation
350 Ellis Street
Mountain View, CA 94043
USA

-David Finkelstein
TEL: 650-527-0714

Symantec PGP Cryptographic Engine

Version 4.3
Dell Precision M6400 Intel Core 2 i7 w/ Windows 7 32 bit with AESNI 6/27/2014 Curves tested: P-256   P-384   P-521

"The Symantec PGP Cryptographic Engine is a FIPS 140-2 validated software only cryptographic module. The module implements the cryptographic functions for Symantec Encryption products, including the Symantec Drive Encryption, Symantec Desktop Email, Symantec File Share Encryption, Symantec Encryption Desktop, and Symantec Gateway Email. It include"

304
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Symantec Corporation
350 Ellis Street
Mountain View, CA 94043
USA

-David Finkelstein
TEL: 650-527-0714

Symantec PGP Cryptographic Engine

Version 4.3
Dell Precision M6400 Intel Core i7 w/ Windows 7 64 bit with AESNI 6/27/2014 Curves tested: P-256   P-384   P-521

"The Symantec PGP Cryptographic Engine is a FIPS 140-2 validated software only cryptographic module. The module implements the cryptographic functions for Symantec Encryption products, including the Symantec Drive Encryption, Symantec Desktop Email, Symantec File Share Encryption, Symantec Encryption Desktop, and Symantec Gateway Email. "

303
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Symantec Corporation
350 Ellis Street
Mountain View, CA 94043
USA

-David Finkelstein
TEL: 650-527-0714

Symantec PGP Cryptographic Engine

Version 4.3
Dell Precision M6400 Intel Core i7 w/ Linux 32 bit RHEL 6.2 with AESNI 6/27/2014 Curves tested: P-256   P-384   P-521

"The Symantec PGP Cryptographic Engine is a FIPS 140-2 validated software only cryptographic module. The module implements the cryptographic functions for Symantec Encryption products, including the Symantec Drive Encryption, Symantec Desktop Email, Symantec File Share Encryption, Symantec Encryption Desktop, and Symantec Gateway Email. "

302
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Symantec Corporation
350 Ellis Street
Mountain View, CA 94043
USA

-David Finkelstein
TEL: 650-527-0714

Symantec PGP Cryptographic Engine

Version 4.3
Mac OS X 10.7 with AESNI w/ Apple MacBook Pro Intel Core i7 6/27/2014 Curves tested: P-256   P-384   P-521

"The Symantec PGP Cryptographic Engine is a FIPS 140-2 validated software only cryptographic module. The module implements the cryptographic functions for Symantec Encryption products, including the Symantec Drive Encryption, Symantec Desktop Email, Symantec File Share Encryption, Symantec Encryption Desktop, and Symantec Gateway Email."

301
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Fortinet, Inc.
1090 Kifer Road
Sunnyvale, CA 94086-5301
USA

-Alan Kaye
TEL: 613-225-9381 x7416
FAX: 613-225-9951

Fortinet FortiOS SSL Cryptographic Library

Version 5.0 GA Patch 7 (Firmware)
Intel Xeon 6/27/2014 IKEv1( AUTH( DSA , PKE , PSK ) ) ( 224 (SHA 1 , 256 ) ) ( 8192 (SHA 1 , 256 ) ) SHA Val#2404 HMAC Val#1801
IKEv2( ( 224 (SHA 1 , 256 ) ) ( 8192 (SHA 1 , 256 ) ) SHA Val#2404 HMAC Val#1801
TLS( TLS1.2 (SHA 256 ) ) SHA Val#2404 HMAC Val#1801
SSH (SHA 1 , 256 ) SHA Val#2404

"This document focuses on the software implementation of the Fortinet FortiOS SSL Cryptographic Library 5.0 GA Patch 7."

07/10/14: Updated implementation information;

300
RSADP Primitive
FIPS186-4 RSA; RSADP
RSA, The Security Division of EMC
174 Middlesex Turnpike
Bedford, MA 01730
USA

-Sandy Carielli
TEL: 781-515-7510

RSA BSAFE Crypto-C Micro Edition (ME)

Version 4.1
Intel x86 with AES-NI w/ Windows Server 2003 Enterprise R2 (/MD); Intel x86 without AES-NI w/ Windows Server 2003 Enterprise R2 (/MD); Intel x86 with AES-NI w/ Windows Server 2008 Enterprise SP2 (/MD); Intel x86 without AES-NI w/ Windows Server 2008 Enterprise SP2 (/MD); Intel x86 with AES-NI w/ Windows 7 Enterprise SP1 (/MD); Intel x86 without AES-NI w/ Windows 7 Enterprise SP1 (/MD); Intel x64 with AES-NI w/ Windows Server 2003 Enterprise R2 (/MD); Intel x64 without AES-NI w/ Windows Server 2003 Enterprise R2 (/MD); Intel x64 with AES-NI w/ Windows Server 2008 Enterprise R2 (/MD); Intel x64 without AES-NI w/ Windows Server 2008 Enterprise R2 (/MD); Intel x64 with AES-NI w/ Windows 7 Enterprise SP1 (/MD); Intel x64 without AES-NI w/ Windows 7 Enterprise SP1 (/MD); Itanium2 w/ Windows Server 2003 Enterprise R2; Itanium2 w/ Windows Server 2008 Enterprise R2; Intel x86 with AES-NI w/ Windows Server 2003 Enterprise R2 on ESX 5.1 (/MT); Intel x86 without AES-NI w/ Windows Server 2003 Enterprise R2 (/MT); Intel x86 with AES-NI w/ Windows Server 2008 Enterprise SP2 (/MT); Intel x86 without AES-NI w/ Windows Server 2008 Enterprise SP2 (/MT); Intel x86 with AES-NI w/ Windows 7 Enterprise SP1 (/MT); Intel x86 without AES-NI w/ Windows 7 Enterprise SP1 (/MT); Intel x64 with AES-NI w/ Windows Server 2003 Enterprise R2 (/MT); Intel x64 without AES-NI w/ Windows Server 2003 Enterprise R2 (/MT); Intel x64 with AES-NI w/ Windows Server 2008 Enterprise R2 (/MT); Intel x64 without AES-NI w/ Windows Server 2008 Enterprise R2 (/MT); Intel x64 with AES-NI w/ Windows 7 Enterprise SP1 (/MT); Intel x64 with AES-NI w/ Windows Server 2012 R2 Standard (/MT); Intel x64 without AES-NI w/ Windows Server 2012 R2 Standard (/MT); Intel x64 with AES-NI w/ Windows 8.1 Enterprise (/MT); Intel x64 without AES-NI w/ Windows 8.1 Enterprise (/MT); Itanium2 64-bit w/ Windows Server 2003 Enterprise R2; Itanium2 64-bit w/ Windows Server 2008 Enterprise R2; Intel x86 with AES-NI w/ Red Hat Enterprise Linux 5.5 on ESX 4.0; Intel x86 without AES-NI w/ Red Hat Enterprise Linux 5.5 on ESX 4.0; Intel x64 with AES-NI w/ Red Hat Enterprise Linux 5.5 on ESX 4.0; Intel x64 without AES-NI w/ Red Hat Enterprise Linux 5.5 on ESX 4.0; Intel x86 without AES-NI w/ Red Hat Enterprise Linux 6.1 on ESXi 4.1; Intel x86 with AES-NI w/ SUSE Linux Enterprise Server 11 on ESX 4.0; Intel x86 without AES-NI w/ SUSE Linux Enterprise Server11 on ESX 4.0; Intel x64 with AES-NI w/ Red Hat Enterprise Linux 6.1 ESXi 4.1; Intel x64 without AES-NI w/ Red Hat Enterprise Linux 6.1 on ESXi 4.1; Intel x64 with AES-NI w/ SUSE Linux Enterprise Server 11 on ESXi 4.1; Intel x64 without AES-NI w/ SUSE Linux Enterprise Server 11 on ESXi 4.1; Itanium2 64-bit w/ Red Hat Enterprise Linux 5.5; PPC 32-bit w/ Red Hat Enterprise Linux 5.3; PPC 32-bit w/ SUSE Linux Enterprise Server 11; PPC 64-bit w/ Red Hat Enterprise Linux 5.3; PPC 64-bit w/ SUSE Linux Enterprise Server 11; Intel x64 with AES-NI w/ FreeBSD 8.3 on ESXi 5.0; Intel x64 without AES-NI w/ FreeBSD 8.3 on ESXi 5.0; Intel x64 with AES-NI w/ Mac OS X 10.8; Intel x64 without AES-NI w/ Mac OS X 10.8; SPARC v8 w/ Solaris 10; SPARC v8+ w/ Solaris 11; SPARC v9 (T2) w/ Solaris 11; SPARC v9 (T4) with T4 accelerator w/ Solaris 11; SPARC v9 (T4) without T4 accelerator w/ Solaris 11; Intel x86 with AES-NI w/ Solaris 10 on ESXi 4.1; Intel x86 without AES-NI w/ Solaris 10 on ESXi 4.1; Intel x64 with AES-NI w/ Solaris 10; Intel x64 without AES-NI w/ Solaris 10; PA-RISC 2.0 32-bit w/ HPUX 11.31; PA-RISC 2.0W 64-bit w/ HPUX 11.31; Itanium2 32-bit w/ HPUX 11.31; Itanium2 64-bit w/ HPUX 11.31; PowerPC 32-bit w/ AIX 6.1 on Virtual I/O Server 2.2.2.1; PowerPC 64-bit w/ AIX 6.1 on Virtual I/O Server 2.2.2.1; PowerPC 32-bit w/ AIX 7.1 on Virtual I/O Server 2.2.2.1; PowerPC 64-bit w/ AIX 7.1 on Virtual I/O Server 2.2.2.1; IBM z196 31/32-bit w/ Red Hat Enterprise Linux 5.8 on z/VM 6.2; IBM z196 64-bit w/ Red Hat Enterprise Linux 5.8 on z/VM 6.2; ARMv7 w/ Ubuntu 12.04 LTS; ARMv7 w/ Fedora Core 17; Intel x86 w/ Android 4.0.3; ARMv7 w/ Android 2.3.6; ARMv7 w/ Android 4.1.2; ARMv7 w/ iOS 7.1; ARMv7s w/ iOS 7.1; PPC 604 w/ VxWorks 6.4; PPC 604 w/ VxWorks 6.7; ARMv4 w/ VxWorks 6.8 6/27/2014 RSADP: (Mod2048)

"RSA BSAFE® Crypto-C ME software is designed to help protect sensitive data as it is stored using strong encryption techniques to provide a persistent level of protection. The software supports a wide range of industry standard encryption algorithms offering developers the flexibility to choose the appropriate option to meet their requirements."

299
Signature Generation of hash sized messages
FIPS186-4 ECDSA
RSA, The Security Division of EMC
174 Middlesex Turnpike
Bedford, MA 01730
USA

-Sandy Carielli
TEL: 781-515-7510

RSA BSAFE Crypto-C Micro Edition (ME)

Version 4.1
Intel x86 with AES-NI w/ Windows Server 2003 Enterprise R2 (/MD); Intel x86 without AES-NI w/ Windows Server 2003 Enterprise R2 (/MD); Intel x86 with AES-NI w/ Windows Server 2008 Enterprise SP2 (/MD); Intel x86 without AES-NI w/ Windows Server 2008 Enterprise SP2 (/MD); Intel x86 with AES-NI w/ Windows 7 Enterprise SP1 (/MD); Intel x86 without AES-NI w/ Windows 7 Enterprise SP1 (/MD); Intel x64 with AES-NI w/ Windows Server 2003 Enterprise R2 (/MD); Intel x64 without AES-NI w/ Windows Server 2003 Enterprise R2 (/MD); Intel x64 with AES-NI w/ Windows Server 2008 Enterprise R2 (/MD); Intel x64 without AES-NI w/ Windows Server 2008 Enterprise R2 (/MD); Intel x64 with AES-NI w/ Windows 7 Enterprise SP1 (/MD); Intel x64 without AES-NI w/ Windows 7 Enterprise SP1 (/MD); Itanium2 w/ Windows Server 2003 Enterprise R2; Itanium2 w/ Windows Server 2008 Enterprise R2; Intel x86 with AES-NI w/ Windows Server 2003 Enterprise R2 on ESX 5.1 (/MT); Intel x86 without AES-NI w/ Windows Server 2003 Enterprise R2 (/MT); Intel x86 with AES-NI w/ Windows Server 2008 Enterprise SP2 (/MT); Intel x86 without AES-NI w/ Windows Server 2008 Enterprise SP2 (/MT); Intel x86 with AES-NI w/ Windows 7 Enterprise SP1 (/MT); Intel x86 without AES-NI w/ Windows 7 Enterprise SP1 (/MT); Intel x64 with AES-NI w/ Windows Server 2003 Enterprise R2 (/MT); Intel x64 without AES-NI w/ Windows Server 2003 Enterprise R2 (/MT); Intel x64 with AES-NI w/ Windows Server 2008 Enterprise R2 (/MT); Intel x64 without AES-NI w/ Windows Server 2008 Enterprise R2 (/MT); Intel x64 with AES-NI w/ Windows 7 Enterprise SP1 (/MT); Intel x64 without AES-NI w/ Windows 7 Enterprise SP1 (/MT); Intel x64 with AES-NI w/ Windows Server 2012 R2 Standard (/MT); Intel x64 without AES-NI w/ Windows Server 2012 R2 Standard (/MT); Intel x64 with AES-NI w/ Windows 8.1 Enterprise (/MT); Intel x64 without AES-NI w/ Windows 8.1 Enterprise (/MT); Itanium2 64-bit w/ Windows Server 2003 Enterprise R2; Itanium2 64-bit w/ Windows Server 2008 Enterprise R2; Intel x86 with AES-NI w/ Red Hat Enterprise Linux 5.5 on ESX 4.0; Intel x86 without AES-NI w/ Red Hat Enterprise Linux 5.5 on ESX 4.0; Intel x64 with AES-NI w/ Red Hat Enterprise Linux 5.5 on ESX 4.0; Intel x64 without AES-NI w/ Red Hat Enterprise Linux 5.5 on ESX 4.0; Intel x86 without AES-NI w/ Red Hat Enterprise Linux 6.1 on ESXi 4.1; Intel x86 with AES-NI w/ SUSE Linux Enterprise Server 11 on ESX 4.0; Intel x86 without AES-NI w/ SUSE Linux Enterprise Server11 on ESX 4.0; Intel x64 with AES-NI w/ Red Hat Enterprise Linux 6.1 ESXi 4.1; Intel x64 without AES-NI w/ Red Hat Enterprise Linux 6.1 on ESXi 4.1; Intel x64 with AES-NI w/ SUSE Linux Enterprise Server 11 on ESXi 4.1; Intel x64 without AES-NI w/ SUSE Linux Enterprise Server 11 on ESXi 4.1; Itanium2 64-bit w/ Red Hat Enterprise Linux 5.5; PPC 32-bit w/ Red Hat Enterprise Linux 5.3; PPC 32-bit w/ SUSE Linux Enterprise Server 11; PPC 64-bit w/ Red Hat Enterprise Linux 5.3; PPC 64-bit w/ SUSE Linux Enterprise Server 11; Intel x64 with AES-NI w/ FreeBSD 8.3 on ESXi 5.0; Intel x64 without AES-NI w/ FreeBSD 8.3 on ESXi 5.0; Intel x64 with AES-NI w/ Mac OS X 10.8; Intel x64 without AES-NI w/ Mac OS X 10.8; SPARC v8 w/ Solaris 10; SPARC v8+ w/ Solaris 11; SPARC v9 (T2) w/ Solaris 11; SPARC v9 (T4) with T4 accelerator w/ Solaris 11; SPARC v9 (T4) without T4 accelerator w/ Solaris 11; Intel x86 with AES-NI w/ Solaris 10 on ESXi 4.1; Intel x86 without AES-NI w/ Solaris 10 on ESXi 4.1; Intel x64 with AES-NI w/ Solaris 10; Intel x64 without AES-NI w/ Solaris 10; PA-RISC 2.0 32-bit w/ HPUX 11.31; PA-RISC 2.0W 64-bit w/ HPUX 11.31; Itanium2 32-bit w/ HPUX 11.31; Itanium2 64-bit w/ HPUX 11.31; PowerPC 32-bit w/ AIX 6.1 on Virtual I/O Server 2.2.2.1; PowerPC 64-bit w/ AIX 6.1 on Virtual I/O Server 2.2.2.1; PowerPC 32-bit w/ AIX 7.1 on Virtual I/O Server 2.2.2.1; PowerPC 64-bit w/ AIX 7.1 on Virtual I/O Server 2.2.2.1; IBM z196 31/32-bit w/ Red Hat Enterprise Linux 5.8 on z/VM 6.2; IBM z196 64-bit w/ Red Hat Enterprise Linux 5.8 on z/VM 6.2; ARMv7 w/ Ubuntu 12.04 LTS; ARMv7 w/ Fedora Core 17; Intel x86 w/ Android 4.0.3; ARMv7 w/ Android 2.3.6; ARMv7 w/ Android 4.1.2; ARMv7 w/ iOS 7.1; ARMv7s w/ iOS 7.1; PPC 604 w/ VxWorks 6.4; PPC 604 w/ VxWorks 6.7; ARMv4 w/ VxWorks 6.8 6/27/2014 ECDSA SigGen Component: CURVES( P-224 P-256 P-384 P-521 K-233 K-283 K-409 K-571 B-233 B-283 B-409 B-571 )

"RSA BSAFE® Crypto-C ME software is designed to help protect sensitive data as it is stored using strong encryption techniques to provide a persistent level of protection. The software supports a wide range of industry standard encryption algorithms offering developers the flexibility to choose the appropriate option to meet their requirements."

298
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
RSA, The Security Division of EMC
174 Middlesex Turnpike
Bedford, MA 01730
USA

-Sandy Carielli
TEL: 781-515-7510

RSA BSAFE Crypto-C Micro Edition (ME)

Version 4.1
Intel x86 with AES-NI w/ Windows Server 2003 Enterprise R2 (/MD); Intel x86 without AES-NI w/ Windows Server 2003 Enterprise R2 (/MD); Intel x86 with AES-NI w/ Windows Server 2008 Enterprise SP2 (/MD); Intel x86 without AES-NI w/ Windows Server 2008 Enterprise SP2 (/MD); Intel x86 with AES-NI w/ Windows 7 Enterprise SP1 (/MD); Intel x86 without AES-NI w/ Windows 7 Enterprise SP1 (/MD); Intel x64 with AES-NI w/ Windows Server 2003 Enterprise R2 (/MD); Intel x64 without AES-NI w/ Windows Server 2003 Enterprise R2 (/MD); Intel x64 with AES-NI w/ Windows Server 2008 Enterprise R2 (/MD); Intel x64 without AES-NI w/ Windows Server 2008 Enterprise R2 (/MD); Intel x64 with AES-NI w/ Windows 7 Enterprise SP1 (/MD); Intel x64 without AES-NI w/ Windows 7 Enterprise SP1 (/MD); Itanium2 w/ Windows Server 2003 Enterprise R2; Itanium2 w/ Windows Server 2008 Enterprise R2; Intel x86 with AES-NI w/ Windows Server 2003 Enterprise R2 on ESX 5.1 (/MT); Intel x86 without AES-NI w/ Windows Server 2003 Enterprise R2 (/MT); Intel x86 with AES-NI w/ Windows Server 2008 Enterprise SP2 (/MT); Intel x86 without AES-NI w/ Windows Server 2008 Enterprise SP2 (/MT); Intel x86 with AES-NI w/ Windows 7 Enterprise SP1 (/MT); Intel x86 without AES-NI w/ Windows 7 Enterprise SP1 (/MT); Intel x64 with AES-NI w/ Windows Server 2003 Enterprise R2 (/MT); Intel x64 without AES-NI w/ Windows Server 2003 Enterprise R2 (/MT); Intel x64 with AES-NI w/ Windows Server 2008 Enterprise R2 (/MT); Intel x64 without AES-NI w/ Windows Server 2008 Enterprise R2 (/MT); Intel x64 with AES-NI w/ Windows 7 Enterprise SP1 (/MT); Intel x64 without AES-NI w/ Windows 7 Enterprise SP1 (/MT); Intel x64 with AES-NI w/ Windows Server 2012 R2 Standard (/MT); Intel x64 without AES-NI w/ Windows Server 2012 R2 Standard (/MT); Intel x64 with AES-NI w/ Windows 8.1 Enterprise (/MT); Intel x64 without AES-NI w/ Windows 8.1 Enterprise (/MT); Itanium2 64-bit w/ Windows Server 2003 Enterprise R2; Itanium2 64-bit w/ Windows Server 2008 Enterprise R2; Intel x86 with AES-NI w/ Red Hat Enterprise Linux 5.5 on ESX 4.0; Intel x86 without AES-NI w/ Red Hat Enterprise Linux 5.5 on ESX 4.0; Intel x64 with AES-NI w/ Red Hat Enterprise Linux 5.5 on ESX 4.0; Intel x64 without AES-NI w/ Red Hat Enterprise Linux 5.5 on ESX 4.0; Intel x86 without AES-NI w/ Red Hat Enterprise Linux 6.1 on ESXi 4.1; Intel x86 with AES-NI w/ SUSE Linux Enterprise Server 11 on ESX 4.0; Intel x86 without AES-NI w/ SUSE Linux Enterprise Server11 on ESX 4.0; Intel x64 with AES-NI w/ Red Hat Enterprise Linux 6.1 ESXi 4.1; Intel x64 without AES-NI w/ Red Hat Enterprise Linux 6.1 on ESXi 4.1; Intel x64 with AES-NI w/ SUSE Linux Enterprise Server 11 on ESXi 4.1; Intel x64 without AES-NI w/ SUSE Linux Enterprise Server 11 on ESXi 4.1; Itanium2 64-bit w/ Red Hat Enterprise Linux 5.5; PPC 32-bit w/ Red Hat Enterprise Linux 5.3; PPC 32-bit w/ SUSE Linux Enterprise Server 11; PPC 64-bit w/ Red Hat Enterprise Linux 5.3; PPC 64-bit w/ SUSE Linux Enterprise Server 11; Intel x64 with AES-NI w/ FreeBSD 8.3 on ESXi 5.0; Intel x64 without AES-NI w/ FreeBSD 8.3 on ESXi 5.0; Intel x64 with AES-NI w/ Mac OS X 10.8; Intel x64 without AES-NI w/ Mac OS X 10.8; SPARC v8 w/ Solaris 10; SPARC v8+ w/ Solaris 11; SPARC v9 (T2) w/ Solaris 11; SPARC v9 (T4) with T4 accelerator w/ Solaris 11; SPARC v9 (T4) without T4 accelerator w/ Solaris 11; Intel x86 with AES-NI w/ Solaris 10 on ESXi 4.1; Intel x86 without AES-NI w/ Solaris 10 on ESXi 4.1; Intel x64 with AES-NI w/ Solaris 10; Intel x64 without AES-NI w/ Solaris 10; PA-RISC 2.0 32-bit w/ HPUX 11.31; PA-RISC 2.0W 64-bit w/ HPUX 11.31; Itanium2 32-bit w/ HPUX 11.31; Itanium2 64-bit w/ HPUX 11.31; PowerPC 32-bit w/ AIX 6.1 on Virtual I/O Server 2.2.2.1; PowerPC 64-bit w/ AIX 6.1 on Virtual I/O Server 2.2.2.1; PowerPC 32-bit w/ AIX 7.1 on Virtual I/O Server 2.2.2.1; PowerPC 64-bit w/ AIX 7.1 on Virtual I/O Server 2.2.2.1; IBM z196 31/32-bit w/ Red Hat Enterprise Linux 5.8 on z/VM 6.2; IBM z196 64-bit w/ Red Hat Enterprise Linux 5.8 on z/VM 6.2; ARMv7 w/ Ubuntu 12.04 LTS; ARMv7 w/ Fedora Core 17; Intel x86 w/ Android 4.0.3; ARMv7 w/ Android 2.3.6; ARMv7 w/ Android 4.1.2; ARMv7 w/ iOS 7.1; ARMv7s w/ iOS 7.1; PPC 604 w/ VxWorks 6.4; PPC 604 w/ VxWorks 6.7; ARMv4 w/ VxWorks 6.8 6/27/2014 RSASP1: (Mod2048: PKCS1.5 PKCSPSS )

"RSA BSAFE® Crypto-C ME software is designed to help protect sensitive data as it is stored using strong encryption techniques to provide a persistent level of protection. The software supports a wide range of industry standard encryption algorithms offering developers the flexibility to choose the appropriate option to meet their requirements."

297
Section 4.2,
TLS
Section 5.1,
ANS X9.63-2001
SP800-135
RSA, The Security Division of EMC
174 Middlesex Turnpike
Bedford, MA 01730
USA

-Sandy Carielli
TEL: 781-515-7510

RSA BSAFE Crypto-C Micro Edition (ME)

Version 4.1
Intel x86 with AES-NI w/ Windows Server 2003 Enterprise R2 (/MD); Intel x86 without AES-NI w/ Windows Server 2003 Enterprise R2 (/MD); Intel x86 with AES-NI w/ Windows Server 2008 Enterprise SP2 (/MD); Intel x86 without AES-NI w/ Windows Server 2008 Enterprise SP2 (/MD); Intel x86 with AES-NI w/ Windows 7 Enterprise SP1 (/MD); Intel x86 without AES-NI w/ Windows 7 Enterprise SP1 (/MD); Intel x64 with AES-NI w/ Windows Server 2003 Enterprise R2 (/MD); Intel x64 without AES-NI w/ Windows Server 2003 Enterprise R2 (/MD); Intel x64 with AES-NI w/ Windows Server 2008 Enterprise R2 (/MD); Intel x64 without AES-NI w/ Windows Server 2008 Enterprise R2 (/MD); Intel x64 with AES-NI w/ Windows 7 Enterprise SP1 (/MD); Intel x64 without AES-NI w/ Windows 7 Enterprise SP1 (/MD); Itanium2 w/ Windows Server 2003 Enterprise R2; Itanium2 w/ Windows Server 2008 Enterprise R2; Intel x86 with AES-NI w/ Windows Server 2003 Enterprise R2 on ESX 5.1 (/MT); Intel x86 without AES-NI w/ Windows Server 2003 Enterprise R2 (/MT); Intel x86 with AES-NI w/ Windows Server 2008 Enterprise SP2 (/MT); Intel x86 without AES-NI w/ Windows Server 2008 Enterprise SP2 (/MT); Intel x86 with AES-NI w/ Windows 7 Enterprise SP1 (/MT); Intel x86 without AES-NI w/ Windows 7 Enterprise SP1 (/MT); Intel x64 with AES-NI w/ Windows Server 2003 Enterprise R2 (/MT); Intel x64 without AES-NI w/ Windows Server 2003 Enterprise R2 (/MT); Intel x64 with AES-NI w/ Windows Server 2008 Enterprise R2 (/MT); Intel x64 without AES-NI w/ Windows Server 2008 Enterprise R2 (/MT); Intel x64 with AES-NI w/ Windows 7 Enterprise SP1 (/MT); Intel x64 without AES-NI w/ Windows 7 Enterprise SP1 (/MT); Intel x64 with AES-NI w/ Windows Server 2012 R2 Standard (/MT); Intel x64 without AES-NI w/ Windows Server 2012 R2 Standard (/MT); Intel x64 with AES-NI w/ Windows 8.1 Enterprise (/MT); Intel x64 without AES-NI w/ Windows 8.1 Enterprise (/MT); Itanium2 64-bit w/ Windows Server 2003 Enterprise R2; Itanium2 64-bit w/ Windows Server 2008 Enterprise R2; Intel x86 with AES-NI w/ Red Hat Enterprise Linux 5.5 on ESX 4.0; Intel x86 without AES-NI w/ Red Hat Enterprise Linux 5.5 on ESX 4.0; Intel x64 with AES-NI w/ Red Hat Enterprise Linux 5.5 on ESX 4.0; Intel x64 without AES-NI w/ Red Hat Enterprise Linux 5.5 on ESX 4.0; Intel x86 without AES-NI w/ Red Hat Enterprise Linux 6.1 on ESXi 4.1; Intel x86 with AES-NI w/ SUSE Linux Enterprise Server 11 on ESX 4.0; Intel x86 without AES-NI w/ SUSE Linux Enterprise Server11 on ESX 4.0; Intel x64 with AES-NI w/ Red Hat Enterprise Linux 6.1 ESXi 4.1; Intel x64 without AES-NI w/ Red Hat Enterprise Linux 6.1 on ESXi 4.1; Intel x64 with AES-NI w/ SUSE Linux Enterprise Server 11 on ESXi 4.1; Intel x64 without AES-NI w/ SUSE Linux Enterprise Server 11 on ESXi 4.1; Itanium2 64-bit w/ Red Hat Enterprise Linux 5.5; PPC 32-bit w/ Red Hat Enterprise Linux 5.3; PPC 32-bit w/ SUSE Linux Enterprise Server 11; PPC 64-bit w/ Red Hat Enterprise Linux 5.3; PPC 64-bit w/ SUSE Linux Enterprise Server 11; Intel x64 with AES-NI w/ FreeBSD 8.3 on ESXi 5.0; Intel x64 without AES-NI w/ FreeBSD 8.3 on ESXi 5.0; Intel x64 with AES-NI w/ Mac OS X 10.8; Intel x64 without AES-NI w/ Mac OS X 10.8; SPARC v8 w/ Solaris 10; SPARC v8+ w/ Solaris 11; SPARC v9 (T2) w/ Solaris 11; SPARC v9 (T4) with T4 accelerator w/ Solaris 11; SPARC v9 (T4) without T4 accelerator w/ Solaris 11; Intel x86 with AES-NI w/ Solaris 10 on ESXi 4.1; Intel x86 without AES-NI w/ Solaris 10 on ESXi 4.1; Intel x64 with AES-NI w/ Solaris 10; Intel x64 without AES-NI w/ Solaris 10; PA-RISC 2.0 32-bit w/ HPUX 11.31; PA-RISC 2.0W 64-bit w/ HPUX 11.31; Itanium2 32-bit w/ HPUX 11.31; Itanium2 64-bit w/ HPUX 11.31; PowerPC 32-bit w/ AIX 6.1 on Virtual I/O Server 2.2.2.1; PowerPC 64-bit w/ AIX 6.1 on Virtual I/O Server 2.2.2.1; PowerPC 32-bit w/ AIX 7.1 on Virtual I/O Server 2.2.2.1; PowerPC 64-bit w/ AIX 7.1 on Virtual I/O Server 2.2.2.1; IBM z196 31/32-bit w/ Red Hat Enterprise Linux 5.8 on z/VM 6.2; IBM z196 64-bit w/ Red Hat Enterprise Linux 5.8 on z/VM 6.2; ARMv7 w/ Ubuntu 12.04 LTS; ARMv7 w/ Fedora Core 17; Intel x86 w/ Android 4.0.3; ARMv7 w/ Android 2.3.6; ARMv7 w/ Android 4.1.2; ARMv7 w/ iOS 7.1; ARMv7s w/ iOS 7.1; PPC 604 w/ VxWorks 6.4; PPC 604 w/ VxWorks 6.7; ARMv4 w/ VxWorks 6.8 6/27/2014 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#2402 HMAC Val#1799
ANSX963_2001 (SHS 224 , 256 , 384 , 512 ) SHA Val#2402

"RSA BSAFE® Crypto-C ME software is designed to help protect sensitive data as it is stored using strong encryption techniques to provide a persistent level of protection. The software supports a wide range of industry standard encryption algorithms offering developers the flexibility to choose the appropriate option to meet their requirements."

296
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
RSA, The Security Division of EMC
174 Middlesex Turnpike
Bedford, MA 01730
USA

-Sandy Carielli
TEL: 781-515-7510

RSA BSAFE Crypto-C Micro Edition (ME)

Version 4.1
Intel x86 with AES-NI w/ Windows Server 2003 Enterprise R2 (/MD); Intel x86 without AES-NI w/ Windows Server 2003 Enterprise R2 (/MD); Intel x86 with AES-NI w/ Windows Server 2008 Enterprise SP2 (/MD); Intel x86 without AES-NI w/ Windows Server 2008 Enterprise SP2 (/MD); Intel x86 with AES-NI w/ Windows 7 Enterprise SP1 (/MD); Intel x86 without AES-NI w/ Windows 7 Enterprise SP1 (/MD); Intel x64 with AES-NI w/ Windows Server 2003 Enterprise R2 (/MD); Intel x64 without AES-NI w/ Windows Server 2003 Enterprise R2 (/MD); Intel x64 with AES-NI w/ Windows Server 2008 Enterprise R2 (/MD); Intel x64 without AES-NI w/ Windows Server 2008 Enterprise R2 (/MD); Intel x64 with AES-NI w/ Windows 7 Enterprise SP1 (/MD); Intel x64 without AES-NI w/ Windows 7 Enterprise SP1 (/MD); Itanium2 w/ Windows Server 2003 Enterprise R2; Itanium2 w/ Windows Server 2008 Enterprise R2; Intel x86 with AES-NI w/ Windows Server 2003 Enterprise R2 on ESX 5.1 (/MT); Intel x86 without AES-NI w/ Windows Server 2003 Enterprise R2 (/MT); Intel x86 with AES-NI w/ Windows Server 2008 Enterprise SP2 (/MT); Intel x86 without AES-NI w/ Windows Server 2008 Enterprise SP2 (/MT); Intel x86 with AES-NI w/ Windows 7 Enterprise SP1 (/MT); Intel x86 without AES-NI w/ Windows 7 Enterprise SP1 (/MT); Intel x64 with AES-NI w/ Windows Server 2003 Enterprise R2 (/MT); Intel x64 without AES-NI w/ Windows Server 2003 Enterprise R2 (/MT); Intel x64 with AES-NI w/ Windows Server 2008 Enterprise R2 (/MT); Intel x64 without AES-NI w/ Windows Server 2008 Enterprise R2 (/MT); Intel x64 with AES-NI w/ Windows 7 Enterprise SP1 (/MT); Intel x64 without AES-NI w/ Windows 7 Enterprise SP1 (/MT); Intel x64 with AES-NI w/ Windows Server 2012 R2 Standard (/MT); Intel x64 without AES-NI w/ Windows Server 2012 R2 Standard (/MT); Intel x64 with AES-NI w/ Windows 8.1 Enterprise (/MT); Intel x64 without AES-NI w/ Windows 8.1 Enterprise (/MT); Itanium2 64-bit w/ Windows Server 2003 Enterprise R2; Itanium2 64-bit w/ Windows Server 2008 Enterprise R2; Intel x86 with AES-NI w/ Red Hat Enterprise Linux 5.5 on ESX 4.0; Intel x86 without AES-NI w/ Red Hat Enterprise Linux 5.5 on ESX 4.0; Intel x64 with AES-NI w/ Red Hat Enterprise Linux 5.5 on ESX 4.0; Intel x64 without AES-NI w/ Red Hat Enterprise Linux 5.5 on ESX 4.0; Intel x86 without AES-NI w/ Red Hat Enterprise Linux 6.1 on ESXi 4.1; Intel x86 with AES-NI w/ SUSE Linux Enterprise Server 11 on ESX 4.0; Intel x86 without AES-NI w/ SUSE Linux Enterprise Server11 on ESX 4.0; Intel x64 with AES-NI w/ Red Hat Enterprise Linux 6.1 ESXi 4.1; Intel x64 without AES-NI w/ Red Hat Enterprise Linux 6.1 on ESXi 4.1; Intel x64 with AES-NI w/ SUSE Linux Enterprise Server 11 on ESXi 4.1; Intel x64 without AES-NI w/ SUSE Linux Enterprise Server 11 on ESXi 4.1; Itanium2 64-bit w/ Red Hat Enterprise Linux 5.5; PPC 32-bit w/ Red Hat Enterprise Linux 5.3; PPC 32-bit w/ SUSE Linux Enterprise Server 11; PPC 64-bit w/ Red Hat Enterprise Linux 5.3; PPC 64-bit w/ SUSE Linux Enterprise Server 11; Intel x64 with AES-NI w/ FreeBSD 8.3 on ESXi 5.0; Intel x64 without AES-NI w/ FreeBSD 8.3 on ESXi 5.0; Intel x64 with AES-NI w/ Mac OS X 10.8; Intel x64 without AES-NI w/ Mac OS X 10.8; SPARC v8 w/ Solaris 10; SPARC v8+ w/ Solaris 11; SPARC v9 (T2) w/ Solaris 11; SPARC v9 (T4) with T4 accelerator w/ Solaris 11; SPARC v9 (T4) without T4 accelerator w/ Solaris 11; Intel x86 with AES-NI w/ Solaris 10 on ESXi 4.1; Intel x86 without AES-NI w/ Solaris 10 on ESXi 4.1; Intel x64 with AES-NI w/ Solaris 10; Intel x64 without AES-NI w/ Solaris 10; PA-RISC 2.0 32-bit w/ HPUX 11.31; PA-RISC 2.0W 64-bit w/ HPUX 11.31; Itanium2 32-bit w/ HPUX 11.31; Itanium2 64-bit w/ HPUX 11.31; PowerPC 32-bit w/ AIX 6.1 on Virtual I/O Server 2.2.2.1; PowerPC 64-bit w/ AIX 6.1 on Virtual I/O Server 2.2.2.1; PowerPC 32-bit w/ AIX 7.1 on Virtual I/O Server 2.2.2.1; PowerPC 64-bit w/ AIX 7.1 on Virtual I/O Server 2.2.2.1; IBM z196 31/32-bit w/ Red Hat Enterprise Linux 5.8 on z/VM 6.2; IBM z196 64-bit w/ Red Hat Enterprise Linux 5.8 on z/VM 6.2; ARMv7 w/ Ubuntu 12.04 LTS; ARMv7 w/ Fedora Core 17; Intel x86 w/ Android 4.0.3; ARMv7 w/ Android 2.3.6; ARMv7 w/ Android 4.1.2; ARMv7 w/ iOS 7.1; ARMv7s w/ iOS 7.1; PPC 604 w/ VxWorks 6.4; PPC 604 w/ VxWorks 6.7; ARMv4 w/ VxWorks 6.8 6/27/2014 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"RSA BSAFE® Crypto-C ME software is designed to help protect sensitive data as it is stored using strong encryption techniques to provide a persistent level of protection. The software supports a wide range of industry standard encryption algorithms offering developers the flexibility to choose the appropriate option to meet their requirements."

01/16/15: Added new tested information;

295
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Engage Communication, Inc.
9565 Soquel Drive
Suite 201
Aptos, CA 95003
USA

-Gian-Carlo Bava
TEL: 831-688-1021 ext 106

-Shaun Tomaszewski
TEL: 831-688-1021 ext 104

BlackVault Crypto-OSS

Version 2.0.5 (Firmware)
ARM926EJ-S 6/27/2014 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"The Engage Communication BlackVault cryptographic library provides a FIPS 140-2 approved Application Programming Interface (API) to the BlackVault Hardware Security Module (HSM). The library is based on OpenSSL FIPS version 2.0.5."

294
Section 4.2,
TLS
SP800-135
Engage Communication, Inc.
9565 Soquel Drive
Suite 201
Aptos, CA 95003
USA

-Gian-Carlo Bava
TEL: 831-688-1021 ext 106

-Shaun Tomaszewski
TEL: 831-688-1021 ext 104

BlackVault Crypto-OSS-TLS

Version 1.0.1g (Firmware)
ARM926EJ-S 6/27/2014 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#2327 HMAC Val#1732

"The Engage Communication BlackVault cryptographic library provides a FIPS 140-2 approved Application Programming Interface (API) to the BlackVault Hardware Security Module (HSM). The KDF function is based on OpenSSL version 1.0.1g."

293
Section 4.2,
TLS
SP800-135
Software House, a Brand of Tyco International
6 Technology Park Drive
Westford, MA 01886
USA

-Lou Mikitarian
TEL: 1-978-577-4125

-Rick Focke
TEL: 1-978-577-4266

iSTAR Cryptographic Engine

Version 2.1
ARM v7 i.MX6Q w/ Ubuntu Linux 12.04.2 6/27/2014 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#2400 HMAC Val#1797

"The iSTAR Cryptographic Engine provides cryptographic services used for securing data and communications for the iSTAR Edge and iSTAR Ultra Door Controllers."

292
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Software House, a Brand of Tyco International
6 Technology Park Drive
Westford, MA 01886
USA

-Lou Mikitarian
TEL: 1-978-577-4125

-Rick Focke
TEL: 1-978-577-4266

iSTAR Cryptographic Engine

Version 2.1
ARM v7 i.MX6Q w/ Ubuntu Linux 12.04.2; Atmel 9260 w/ Windows CE v5.0 6/27/2014 Curves tested: B-571

"The iSTAR Cryptographic Engine provides cryptographic services used for securing data and communications for the iSTAR Edge and iSTAR Ultra Door Controllers."

291
Section 4.1.1,
IKEv1
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Hewlett Packard Enterprise
153 Taylor Street
Littleton, MA 01460
USA

-Bob Pittman
TEL: 1-978-264-5211
FAX: 1-978-264-5522

HP Comware

Version 5.2.105 (Firmware)
RMI (Netlogic) XLS208 MIPS; RMI (Netlogic) XLS408 MIPS 6/27/2014 IKEv1( AUTH( DSA , PSK ) ) ( 2048 (SHA 1 ) ) SHA Val#2398 HMAC Val#1795
TLS( TLS1.0/1.1 ) SHA Val#2398 HMAC Val#1795
SSH (SHA 1 ) SHA Val#2398
SNMP SHA1 Val#2398

"Comware cryptographic library is a software library that provides cryptographic functions within HP devices."

290
Section 4.1.1,
IKEv1
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Hewlett Packard Enterprise
153 Taylor Street
Littleton, MA 01460
USA

-Bob Pittman
TEL: 1-978-264-5211
FAX: 1-978-264-5522

HP Comware

Version 5.2.99 (Firmware)
Freescale P2020 6/27/2014 IKEv1( AUTH( DSA , PSK ) ) ( 2048 (SHA 1 ) ) SHA Val#2397 HMAC Val#1794
TLS( TLS1.0/1.1 ) SHA Val#2397 HMAC Val#1794
SSH (SHA 1 ) SHA Val#2397
SNMP SHA1 Val#2397

"Comware cryptographic library is a software library that provides cryptographic functions within HP devices."

289
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Microsoft Corporation
One Microsoft Way
Redmond, WA 98052-6399
USA

-Tim Myers
TEL: 800-Microsoft

Microsoft Windows 8.1, Microsoft Windows Server 2012 R2, Microsoft Windows Storage Server 2012 R2, Microsoft Windows RT 8.1, Microsoft Surface with Windows RT 8.1, Microsoft Surface Pro with Windows 8.1, Microsoft Surface 2, Microsoft Surface Pro 2, Microsoft Surface Pro 3, Microsoft Windows Phone 8.1, Microsoft Windows Embedded 8.1 Industry MsBignum Cryptographic Implementations

Version 6.3.9600
NVIDIA Tegra 3 Quad-Core w/ Windows RT 8.1 (ARMv7 Thumb-2); Qualcomm Snapdragon S4 w/ Windows Phone 8.1 (ARMv7 Thumb-2); Qualcomm Snapdragon 400 w/ Windows Phone 8.1 (ARMv7 Thumb-2); Qualcomm Snapdragon 800 w/ Windows Phone 8.1 (ARMv7 Thumb-2); Qualcomm Snapdragon S4 w/ Windows RT 8.1 (ARMv7 Thumb-2); NVIDIA Tegra 3 Quad-Core w/ Microsoft Surface w/ Windows RT 8.1 (ARMv7 Thumb-2); Intel Core i3 without AES-NI and with PCLMULQDQ and SSSE3 w/ Windows 8.1 Enterprise (x64); Intel Core i7 with AES-NI and PCLMULQDQ and SSSE3 w/ Windows 8.1 Enterprise (x64); AMD A4 without AES-NI or PCLMULQDQ or SSSE3 w/ Windows 8.1 Enterprise (x86); AMD Athlon 64 X2 without AES-NI w/ Windows 8.1 Enterprise (x86); Intel Core i7 without AES-NI or PCLMULQDQ or SSSE3 w/ Windows 8.1 Enterprise (x86); Intel Pentium without AES-NI w/ Windows 8.1 Enterprise (x86); AMD A4 with AES-NI and PCLMULQDQ and SSSE3 w/ Windows 8.1 Enterprise (x64); AMD A4 with AES-NI and PCLMULQDQ and SSSE3 w/ Windows Embedded 8.1 Industry Enterprise (x64); Intel Core i3 without AES-NI and with PCLMULQDQ and SSSE3 w/ Windows Embedded 8.1 Industry Enterprise (x64); Intel Core i7 with AES-NI and PCLMULQDQ and SSSE3 w/ Windows Embedded 8.1 Industry Enterprise (x64); AMD A4 without AES-NI or PCLMULQDQ or SSSE3 w/ Windows Embedded 8.1 Industry Enterprise (x86); AMD Athlon 64 X2 without AES-NI w/ Windows Embedded 8.1 Industry Enterprise (x86); Intel Core i7 without AES-NI or PCLMULQDQ or SSSE3 w/ Windows Embedded 8.1 Industry Enterprise (x86); Intel Pentium without AES-NI w/ Windows Embedded 8.1 Industry Enterprise (x86); AMD Athlon 64 X2 without AES-NI w/ Windows 8.1 Enterprise (x64); Intel Pentium without AES-NI w/ Windows 8.1 Enterprise (x64); AMD A4 with AES-NI and PCLMULQDQ and SSSE3 w/ Windows Server 2012 R2 (x64); Intel Core i3 without AES-NI and with PCLMULQDQ and SSSE3 w/ Windows Server 2012 R2 (x64); Intel Core i7 with AES-NI and PCLMULQDQ and SSSE3 w/ Windows Server 2012 R2 (x64); AMD A4 without AES-NI or PCLMULQDQ or SSSE3 w/ Windows 8.1 Enterprise (x64); AMD A4 without AES-NI or PCLMULQDQ or SSSE3 w/ Windows Embedded 8.1 Industry Enterprise (x64); Intel Core i7 without AES-NI or PCLMULQDQ or SSSE3 w/ Windows Embedded 8.1 Industry Enterprise (x64); Intel Pentium without AES-NI w/ Windows Embedded 8.1 Industry Enterprise (x64); AMD A4 with AES-NI and PCLMULQDQ and SSSE3 w/ Windows Storage Server 2012 R2 (x64); Intel Core i7 with AES-NI and PCLMULQDQ and SSSE3 w/ Windows Storage Server 2012 R2 (x64); Intel Core i3 without AES-NI and with PCLMULQDQ and SSSE3 w/ Windows Storage Server 2012 R2 (x64); AMD Athlon 64 X2 without AES-NI w/ Windows Server 2012 R2 (x64); Intel Core i7 without AES-NI or PCLMULQDQ or SSSE3 w/ Windows Server 2012 R2 (x64); Intel Pentium without AES-NI w/ Windows Server 2012 R2 (x64); AMD A4 without AES-NI or PCLMULQDQ or SSSE3 w/ Windows Server 2012 R2 (x64); AMD A4 without AES-NI or PCLMULQDQ or SSSE3 w/ Windows Storage Server 2012 R2 (x64); Intel Core i7 without AES-NI or PCLMULQDQ or SSSE3 w/ Windows Storage Server 2012 R2 (x64); Intel Pentium without AES-NI w/ Windows Storage Server 2012 R2 (x64); Intel Core i5 with AES-NI and PCLMULQDQ and SSSE3 w/ Microsoft Surface Pro 2 w/ Windows 8.1 Enterprise (x64); Intel Core i5 with AES-NI and PCLMULQDQ and SSSE3 w/ Microsoft Surface Pro w/ Windows 8.1 Pro (x64); Intel Core i5 with AES-NI and PCLMULQDQ and SSSE3 w/ Microsoft Surface Pro 2 w/ Windows 8.1 Pro (x64); NVIDIA Tegra 4 Quad-Core w/ Microsoft Surface 2 w/ Windows RT 8.1 (ARMv7 Thumb-2) ;  Intel Core i7 with AES-NI and PCLMULQDQ and SSSE 3 w/ Microsoft Surface Pro 3 w/ Windows 8.1 Pro (x64) 6/6/2014 RSASP1: (Mod2048: PKCS1.5 )

"The Microsoft Windows MSBignum Library algorithm implementation provides DSA, ECDSA, and RSA support to other Microsoft libraries and cryptographic modules."

03/13/15: Added new tested information;
03/18/15: Updated implementation information;

288
Signature Generation of hash sized messages
FIPS186-4 ECDSA
Microsoft Corporation
One Microsoft Way
Redmond, WA 98052-6399
USA

-Tim Myers
TEL: 800-Microsoft

Microsoft Windows 8.1, Microsoft Windows Server 2012 R2, Microsoft Windows Storage Server 2012 R2, Microsoft Windows RT 8.1, Microsoft Surface with Windows RT 8.1, Microsoft Surface Pro with Windows 8.1, Microsoft Surface 2, Microsoft Surface Pro 2, Microsoft Surface Pro 3, Microsoft Windows Phone 8.1, Microsoft Windows Embedded 8.1 Industry and Microsoft StorSimple 8100 MsBignum Cryptographic Implementations

Version 6.3.9600
NVIDIA Tegra 3 Quad-Core w/ Windows RT 8.1 (ARMv7 Thumb-2); Qualcomm Snapdragon S4 w/ Windows Phone 8.1 (ARMv7 Thumb-2); Qualcomm Snapdragon 400 w/ Windows Phone 8.1 (ARMv7 Thumb-2); Qualcomm Snapdragon 800 w/ Windows Phone 8.1 (ARMv7 Thumb-2); Qualcomm Snapdragon S4 w/ Windows RT 8.1 (ARMv7 Thumb-2); NVIDIA Tegra 3 Quad-Core w/ Microsoft Surface w/ Windows RT 8.1 (ARMv7 Thumb-2); Intel Core i3 without AES-NI and with PCLMULQDQ and SSSE3 w/ Windows 8.1 Enterprise (x64); Intel Core i7 with AES-NI and PCLMULQDQ and SSSE3 w/ Windows 8.1 Enterprise (x64); AMD A4 without AES-NI or PCLMULQDQ or SSSE3 w/ Windows 8.1 Enterprise (x86); AMD Athlon 64 X2 without AES-NI w/ Windows 8.1 Enterprise (x86); Intel Core i7 without AES-NI or PCLMULQDQ or SSSE3 w/ Windows 8.1 Enterprise (x86); Intel Pentium without AES-NI w/ Windows 8.1 Enterprise (x86); AMD A4 with AES-NI and PCLMULQDQ and SSSE3 w/ Windows 8.1 Enterprise (x64); AMD A4 with AES-NI and PCLMULQDQ and SSSE3 w/ Windows Embedded 8.1 Industry Enterprise (x64); Intel Core i3 without AES-NI and with PCLMULQDQ and SSSE3 w/ Windows Embedded 8.1 Industry Enterprise (x64); Intel Core i7 with AES-NI and PCLMULQDQ and SSSE3 w/ Windows Embedded 8.1 Industry Enterprise (x64); AMD A4 without AES-NI or PCLMULQDQ or SSSE3 w/ Windows Embedded 8.1 Industry Enterprise (x86); AMD Athlon 64 X2 without AES-NI w/ Windows Embedded 8.1 Industry Enterprise (x86); Intel Core i7 without AES-NI or PCLMULQDQ or SSSE3 w/ Windows Embedded 8.1 Industry Enterprise (x86); Intel Pentium without AES-NI w/ Windows Embedded 8.1 Industry Enterprise (x86); AMD Athlon 64 X2 without AES-NI w/ Windows 8.1 Enterprise (x64); Intel Pentium without AES-NI w/ Windows 8.1 Enterprise (x64); AMD A4 with AES-NI and PCLMULQDQ and SSSE3 w/ Windows Server 2012 R2 (x64); Intel Core i3 without AES-NI and with PCLMULQDQ and SSSE3 w/ Windows Server 2012 R2 (x64); Intel Core i7 with AES-NI and PCLMULQDQ and SSSE3 w/ Windows Server 2012 R2 (x64); AMD A4 without AES-NI or PCLMULQDQ or SSSE3 w/ Windows 8.1 Enterprise (x64); AMD A4 without AES-NI or PCLMULQDQ or SSSE3 w/ Windows Embedded 8.1 Industry Enterprise (x64); Intel Core i7 without AES-NI or PCLMULQDQ or SSSE3 w/ Windows Embedded 8.1 Industry Enterprise (x64); Intel Pentium without AES-NI w/ Windows Embedded 8.1 Industry Enterprise (x64); AMD A4 with AES-NI and PCLMULQDQ and SSSE3 w/ Windows Storage Server 2012 R2 (x64); Intel Core i7 with AES-NI and PCLMULQDQ and SSSE3 w/ Windows Storage Server 2012 R2 (x64); Intel Core i3 without AES-NI and with PCLMULQDQ and SSSE3 w/ Windows Storage Server 2012 R2 (x64); AMD Athlon 64 X2 without AES-NI w/ Windows Server 2012 R2 (x64); Intel Core i7 without AES-NI or PCLMULQDQ or SSSE3 w/ Windows Server 2012 R2 (x64); Intel Pentium without AES-NI w/ Windows Server 2012 R2 (x64); AMD A4 without AES-NI or PCLMULQDQ or SSSE3 w/ Windows Server 2012 R2 (x64); AMD A4 without AES-NI or PCLMULQDQ or SSSE3 w/ Windows Storage Server 2012 R2 (x64); Intel Core i7 without AES-NI or PCLMULQDQ or SSSE3 w/ Windows Storage Server 2012 R2 (x64); Intel Pentium without AES-NI w/ Windows Storage Server 2012 R2 (x64); Intel Core i5 with AES-NI and PCLMULQDQ and SSSE3 w/ Microsoft Surface Pro 2 w/ Windows 8.1 Enterprise (x64); Intel Core i5 with AES-NI and PCLMULQDQ and SSSE3 w/ Microsoft Surface Pro w/ Windows 8.1 Pro (x64); Intel Core i5 with AES-NI and PCLMULQDQ and SSSE3 w/ Microsoft Surface Pro 2 w/ Windows 8.1 Pro (x64); NVIDIA Tegra 4 Quad-Core w/ Microsoft Surface 2 w/ Windows RT 8.1 (ARMv7 Thumb-2); AMD Athlon 64 X2 without AES-NI w/ Windows Embedded 8.1 Industry Enterprise (x64); AMD Athlon 64 X2 without AES-NI w/ Windows Storage Server 2012 R2 (x64) ;  Intel Xeon E5-2648Lwithout AES-NI w/ Microsoft StorSimple 8100 w/ Microsoft Windows Server 2012 R2; Intel Xeon E5-2648Lwith AES-NI w/ Microsoft StorSimple 8100 w/ Microsoft Windows Server 2012 R2; Intel Core i7 with AES-NI and PCLMULQDQ and SSSE 3 w/ Microsoft Surface Pro 3 w/ Windows 8.1 Pro (x64) 6/6/2014 ECDSA SigGen Component: CURVES( P-256 P-384 P-521 )

"The Microsoft Windows MSBignum Library algorithm implementation provides DSA, ECDSA, and RSA support to other Microsoft libraries and cryptographic modules."

07/10/2014: Added new tested information;
12/11/14: Added new tested information; 03/13/15: Added new tested information;;
03/18/15: Updated implementation information;

287
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Cisco Systems, Inc.
170 W Tasman Drive
San Jose, CA 95134
USA

-Global Certification Team

Openssl-fips-1.2

Version 1.2
Intel Xeon w/ Windriver Linux (2.6.99.99 kernel) 5/30/2014 TLS( TLS1.0/1.1 ) SHA Val#2275 HMAC Val#1689
SSH (SHA 1 ) SHA Val#2275
SNMP SHA1 Val#2275

"The openssl crypto library is used on the Nexus7K supervisor to implement crypto operations in software."

286
Section 4.2,
TLS
SP800-135
Accellion, Inc.
1804 Embarcadero Road
Suite 200
Palo Alto, Ca 94303
USA

-Prateek Jain
TEL: 65-62445670
FAX: 65-62445678

OpenSSL Library

Version 1.0.1g
Intel Xeon QuadCore w/ CentOS 6.4 on VMware ESXi 5.1.0 5/30/2014 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 ) ) SHA Val#2392 HMAC Val#1790

"Accellion Kiteworks Cryptographic Module is a key component of Accellion''s Kiteworks product that enables enterprises to securely share and transfer files. Extensive tracking and reporting tools allow compliance with SOX, HIPAA, FDA and GLB regulations while providing enterprise grade security and ease of use."

285
Section 4.2,
TLS
SP800-135
Ultra Electronics 3eTI
9715 Key West Avenue, Suite 500
Rockville, MD 20850
USA

-Harinder Sood
TEL: 301-944-1325
FAX: 301-670-6989

-Chris Guo
TEL: 301-944-1294
FAX: 301-670-6989

3eTI OpenSSL Algorithm Implementation

Version 1.0.1-a (Firmware)
MPC8378E 5/30/2014 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#1801 HMAC Val#1253

"Algorithms listed are used to provide encryption and authentication services within 3eTI networking products."

05/18/16: Updated implementation information;

284
Section 4.2,
TLS
SP800-135
Freescale Semiconductor, Inc.
7700 West Parmer Lane
Austin, TX 78729
USA

-Geoffrey Waters
TEL: 512-996-5815
FAX: 512-996-7866

-Tom Tkacik
TEL: 480-814-3299
FAX: 480-814-3660

DMPR 20222141

Version CAVP_DMPR_20222141_P5040R1 (Firmware)
Chronologic VCS simulator, vcs D-2010.06-04 5/30/2014 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#2109 HMAC Val#1533

"Freescale's cryptographic boundary for DSA, ECDSA and RSA includes the following CHAs plus Descriptor Controller: DECO 2.0, MDHA 2.2, PKHA-SD64 2.1, RNG4 4.1. Freescale's DMPR 20222141 is included in multiple QorIQ Integrated Communications Processors and co-processors, including: P5040, P5021, T4240r1, T4160r1, and B4860."

283
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Freescale Semiconductor, Inc.
7700 West Parmer Lane
Austin, TX 78729
USA

-Geoffrey Waters
TEL: 512-996-5815
FAX: 512-996-7866

-Tom Tkacik
TEL: 480-814-3299
FAX: 480-814-3660

DMPR 20222141

Version CAVP_DMPR_20222141_P5040R1 (Firmware)
Chronologic VCS simulator, vcs D-2010.06-04 5/30/2014 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"Freescale's cryptographic boundary for DSA, ECDSA and RSA includes the following CHAs plus Descriptor Controller: DECO 2.0, MDHA 2.2, PKHA-SD64 2.1, RNG4 4.1. Freescale's DMPR 20222141 is included in multiple QorIQ Integrated Communications Processors and co-processors, including: P5040, P5021, T4240r1, T4160r1, and B4860."

282
Section 4.1.2,
IKEv2
Section 4.2,
TLS
SP800-135
Freescale Semiconductor, Inc.
7700 West Parmer Lane
Austin, TX 78729
USA

-Geoffrey Waters
TEL: 512-996-5815
FAX: 512-996-7866

-Tom Tkacik
TEL: 480-814-3299
FAX: 480-814-3660

DMPR 30232242

Version CAVP_DMPR_30232242_T2080R1 (Firmware)
Chronologic VCS simulator, vcs D-2010.06-04 5/30/2014 IKEv2( ( 224 (SHA 1 , 256 , 384 , 512 ) ) ( 4096 (SHA 1 , 256 , 384 , 512 ) ) ( 384 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#2110 HMAC Val#1534
TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#2110 HMAC Val#1534

"Freescale's cryptographic boundary for DSA, ECDSA and RSA includes the following CHAs plus Descriptor Controller: DECO 3.0, MDHA 2.3, PKHA-SD64 2.2, RNG4 4.2. Freescale's DMPR 30232242 is included in the QorIQ Integrated Communications Processor; T2080."

281
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Freescale Semiconductor, Inc.
7700 West Parmer Lane
Austin, TX 78729
USA

-Geoffrey Waters
TEL: 512-996-5815
FAX: 512-996-7866

-Tom Tkacik
TEL: 480-814-3299
FAX: 480-814-3660

DMPR 30232242

Version CAVP_DMPR_30232242_T2080R1 (Firmware)
Chronologic VCS simulator, vcs D-2010.06-04 5/30/2014 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"Freescale's cryptographic boundary for DSA, ECDSA and RSA includes the following CHAs plus Descriptor Controller: DECO 3.0, MDHA 2.3, PKHA-SD64 2.2, RNG4 4.2. Freescale's DMPR 30232242 is included in the QorIQ Integrated Communications Processor; T2080."

280
Section 4.1.2,
IKEv2
Section 4.2,
TLS
SP800-135
Freescale Semiconductor, Inc.
7700 West Parmer Lane
Austin, TX 78729
USA

-Geoffrey Waters
TEL: 512-996-5815
FAX: 512-996-7866

-Tom Tkacik
TEL: 480-814-3299
FAX: 480-814-3660

DMPR 30231242

Version CAVP_DMPR_30231242_T1040R1 (Firmware)
Chronologic VCS simulator, vcs D-2010.06-04 5/30/2014 IKEv2( ( 224 (SHA 1 , 256 , 384 , 512 ) ) ( 4096 (SHA 1 , 256 , 384 , 512 ) ) ( 384 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#2110 HMAC Val#1534
TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#2110 HMAC Val#1534

"Freescale's cryptographic boundary for DSA, ECDSA, RSA, KAS and ASKDF includes the following CHAs plus Descriptor Controller: DECO 3.0, MDHA 2.3, PKHA-SD32 1.2, RNG4 4.2. Freescale's DHSA 30231242 is included in the QorIQ Integrated Communications Processor: T1040."

279
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Freescale Semiconductor, Inc.
7700 West Parmer Lane
Austin, TX 78729
USA

-Geoffrey Waters
TEL: 512-996-5815
FAX: 512-996-7866

-Tom Tkacik
TEL: 480-814-3299
FAX: 480-814-3660

DMPR 30231242

Version CAVP_DMPR_30231242_T1040R1 (Firmware)
Chronologic VCS simulator, vcs D-2010.06-04 5/30/2014 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"Freescale's cryptographic boundary for DSA, ECDSA, RSA, KAS and ASKDF includes the following CHAs plus Descriptor Controller: DECO 3.0, MDHA 2.3, PKHA-SD32 1.2, RNG4 4.2. Freescale's DHSA 30231242 is included in the QorIQ Integrated Communications Processor: T1040."

278
Section 4.1.2,
IKEv2
Section 4.2,
TLS
SP800-135
Freescale Semiconductor, Inc.
7700 West Parmer Lane
Austin, TX 78729
USA

-Geoffrey Waters
TEL: 512-996-5815
FAX: 512-996-7866

-Tom Tkacik
TEL: 480-814-3299
FAX: 480-814-3660

DMPR 30233242

Version CAVP_DMPR_30233242_C290R1 (Firmware)
Chronologic VCS simulator, vcs D-2010.06-04 5/30/2014 IKEv2( ( 224 (SHA 1 , 256 , 384 , 512 ) ) ( 384 (SHA 1 , 256 , 384 , 512 ) ) ( 384 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#2110 HMAC Val#1534
TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#2110 HMAC Val#1534

"Freescale's cryptographic boundary for DSA, ECDSA and RSA includes the following CHAs plus Descriptor Controller: DECO 3.0, MDHA 2.3, PKHA-SD128 3.2, RNG4 4.2. Freescale's DMPR 30233242 is included in multiple QorIQ Integrated Communications Processors and co-processors, including: C291, C292, C293, T4240r2, and T4160r2."

277
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Freescale Semiconductor, Inc.
7700 West Parmer Lane
Austin, TX 78729
USA

-Geoffrey Waters
TEL: 512-996-5815
FAX: 512-996-7866

-Tom Tkacik
TEL: 480-814-3299
FAX: 480-814-3660

DMPR 30233242

Version CAVP_DMPR_30233242_C290R1 (Firmware)
Chronologic VCS simulator, vcs D-2010.06-04 5/30/2014 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"Freescale's cryptographic boundary for DSA, ECDSA and RSA includes the following CHAs plus Descriptor Controller: DECO 3.0, MDHA 2.3, PKHA-SD128 3.2, RNG4 4.2. Freescale's DMPR 30233242 is included in multiple QorIQ Integrated Communications Processors and co-processors, including: C291, C292, C293, T4240r2, and T4160r2."

276
Section 4.2,
TLS
SP800-135
Freescale Semiconductor, Inc.
7700 West Parmer Lane
Austin, TX 78729
USA

-Geoffrey Waters
TEL: 512-996-5815
FAX: 512-996-7866

-Tom Tkacik
TEL: 480-814-3299
FAX: 480-814-3660

DMPR 13221121

Version CAVP_DMPR_13221121_P4080R3 (Firmware)
Chronologic VCS simulator, vcs D-2010.06-04 5/30/2014 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#2109 HMAC Val#1533

"Freescale's cryptographic boundary for DSA, ECDSA, RSA, KAS and ASKDF includes the following CHAs plus Descriptor Controller: DECO 1.3, MDHA 2.2, PKHA-SD32 1.1, RNGB 2.1. Freescale's DHSA 13221121 is included in the QorIQ Integrated Communications Processor: P4080r3."

275
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Freescale Semiconductor, Inc.
7700 West Parmer Lane
Austin, TX 78729
USA

-Geoffrey Waters
TEL: 512-996-5815
FAX: 512-996-7866

-Tom Tkacik
TEL: 480-814-3299
FAX: 480-814-3660

DMPR 13221121

Version CAVP_DMPR_13221121_P4080R3 (Firmware)
Chronologic VCS simulator, vcs D-2010.06-04 5/30/2014 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"Freescale's cryptographic boundary for DSA, ECDSA, RSA, KAS and ASKDF includes the following CHAs plus Descriptor Controller: DECO 1.3, MDHA 2.2, PKHA-SD32 1.1, RNGB 2.1. Freescale's DHSA 13221121 is included in the QorIQ Integrated Communications Processor: P4080r3."

274
Section 4.2,
TLS
SP800-135
Freescale Semiconductor, Inc.
7700 West Parmer Lane
Austin, TX 78729
USA

-Geoffrey Waters
TEL: 512-996-5815
FAX: 512-996-7866

-Tom Tkacik
TEL: 480-814-3299
FAX: 480-814-3660

DMPR 12211040

Version CAVP_DMPR_12211040_PSC9131R1 (Firmware)
Chronologic VCS simulator, vcs D-2010.06-04 5/30/2014 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#2108 HMAC Val#1532

"Freescale's cryptographic boundary for DSA, ECDSA, RSA, KAS and ASKDF includes the following CHAs plus Descriptor Controller: DECO 1.2, MDHA 2.1, PKHA-SD32 1.0, RNGB 4.0. Freescale's DHSA 12211040 is included in the QorIQ Integrated Communications Processors: PSC9131 and PSC9132."

273
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Freescale Semiconductor, Inc.
7700 West Parmer Lane
Austin, TX 78729
USA

-Geoffrey Waters
TEL: 512-996-5815
FAX: 512-996-7866

-Tom Tkacik
TEL: 480-814-3299
FAX: 480-814-3660

DMPR 12211040

Version CAVP_DMPR_12211040_PSC9131R1 (Firmware)
Chronologic VCS simulator, vcs D-2010.06-04 5/30/2014 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"Freescale's cryptographic boundary for DSA, ECDSA, RSA, KAS and ASKDF includes the following CHAs plus Descriptor Controller: DECO 1.2, MDHA 2.1, PKHA-SD32 1.0, RNGB 4.0. Freescale's DHSA 12211040 is included in the QorIQ Integrated Communications Processors: PSC9131 and PSC9132."

272
Section 4.2,
TLS
SP800-135
Freescale Semiconductor, Inc.
7700 West Parmer Lane
Austin, TX 78729
USA

-Geoffrey Waters
TEL: 512-996-5815
FAX: 512-996-7866

-Tom Tkacik
TEL: 480-814-3299
FAX: 480-814-3660

DMPR 11200121

Version CAVP_DMPR_11200121_P5020R1 (Firmware)
Chronologic VCS simulator, vcs D-2010.06-04 5/30/2014 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#1446 HMAC Val#967

"Freescale's cryptographic boundary for DSA, ECDSA, RSA, KAS and ASKDF includes the following CHAs plus Descriptor Controller: DECO 1.1, MDHA 2.0, PKHA-XT0.1, RNGB 2.1. Freescale's DHSA 11200121 is included in multiple QorIQ Integrated Communications Processors, including: P3041, P2041, P2040, P5020, P5010, and P1010."

271
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Freescale Semiconductor, Inc.
7700 West Parmer Lane
Austin, TX 78729
USA

-Geoffrey Waters
TEL: 512-996-5815
FAX: 512-996-7866

-Tom Tkacik
TEL: 480-814-3299
FAX: 480-814-3660

DMPR 11200121

Version CAVP_DMPR_11200121_P5020R1 (Firmware)
Chronologic VCS simulator, vcs D-2010.06-04 5/30/2014 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"Freescale's cryptographic boundary for DSA, ECDSA, RSA, KAS and ASKDF includes the following CHAs plus Descriptor Controller: DECO 1.1, MDHA 2.0, PKHA-XT0.1, RNGB 2.1. Freescale's DHSA 11200121 is included in multiple QorIQ Integrated Communications Processors, including: P3041, P2041, P2040, P5020, P5010, and P1010."

269
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
INSIDE Secure
Arteparc Bachasson, Bât A
Rue de la carrière de Bachasson, CS70025
Meyreuil, Bouches-du-Rhône 13590
France

-Bob Oerlemans
TEL: +31 736-581-900
FAX: +31 736-581-999

VaultIP

Part # 1.1
N/A 5/23/2014 Curves tested: P-224   P-256   P-384   P-521

"VaultIP is a Silicon IP Security Module which includes a complete set of high- and low-level cryptographic functions. It offers key management and crypto functions needed for platform and application security such as Content Protection and Mobile Payment, and can be used stand-alone or as a ''Root of Trust'' to support a TEE-based platform."

268
Section 4.2,
TLS
SP800-135
Accellion, Inc.
1804 Embarcadero Road
Suite 200
Palo Alto, Ca 94303
USA

-Prateek Jain
TEL: 65-62445670
FAX: 65-62445678

TLS Library

Version 1.0.1c1
Dual Xeon QuadCore w/ Red Hat Enterprise Linux 5 5/23/2014 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 ) ) SHA Val#2385 HMAC Val#1783

"Accellion Cryptographic Module is a key component of Accellion''s secure collaboration solution that enables enterprises to securely share and transfer files. Extensive tracking and reporting tools allow compliance with SOX, HIPAA, FDA and GLB regulations while providing enterprise grade security and ease of use."

267
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Aruba Networks, Inc.
1344 Crossman Ave
Sunnyvale, CA 94089
USA

-Jon Green
TEL: 408-227-4500
FAX: 408-227-4550

libancrypto.a

Version 1.0.0
Intel Core i5 w/ Mac OS X 10.8; Apple A6 w/ Apple iOS 7 5/23/2014 RSASP1: (Mod2048: PKCS1.5 )

"The Aruba Common Cryptographic Module (CCM) is a software crypto library that powers a variety of Aruba’s networking and security products. The module does not implement any protocols directly, but provides cryptographic primitives and functions that software developers build upon to implement various security protocols."

266
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Aruba Networks, Inc.
1344 Crossman Ave
Sunnyvale, CA 94089
USA

-Jon Green
TEL: 408-227-4500
FAX: 408-227-4550

libancrypto.so

Version 1.0.0
Intel Core i5 w/ Red Hat Enterprise Linux 6 32-bit; ARMv7 w/ Android 4 5/23/2014 RSASP1: (Mod2048: PKCS1.5 )

"The Aruba Common Cryptographic Module (CCM) is a software crypto library that powers a variety of Aruba’s networking and security products. The module does not implement any protocols directly, but provides cryptographic primitives and functions that software developers build upon to implement various security protocols."

265
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Aruba Networks, Inc.
1344 Crossman Ave
Sunnyvale, CA 94089
USA

-Jon Green
TEL: 408-227-4500
FAX: 408-227-4550

ancrypto.dll

Version 1.0.0
Intel Core i5 w/ Windows 7 32-bit User Mode; Intel Core i5 w/ Windows 7 64-bit User Mode 5/23/2014 RSASP1: (Mod2048: PKCS1.5 )

"The Aruba Common Cryptographic Module (CCM) is a software crypto library that powers a variety of Aruba’s networking and security products. The module does not implement any protocols directly, but provides cryptographic primitives and functions that software developers build upon to implement various security protocols."

06/11/14: Added new tested information;

264
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Fortinet, Inc.
1090 Kifer Road
Sunnyvale, CA 94086-5301
USA

-Alan Kaye
TEL: 613-225-9381 x7416
FAX: 613-225-9951

Fortinet FortiMail SSL Cryptographic Library

Version 5.0 (Firmware)
Intel Xeon 5/9/2014 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#2382 HMAC Val#1781
SSH (SHA 1 , 256 ) SHA Val#2382

"This focuses on the firmware implementation of the Fortinet FortiMail SSL Cryptographic Library v5.0 running on Intel x86 compatible processors."

10/29/14: Added new tested information;

263
Section 5.4, SNMP
SP800-135
Motorola Solutions, Inc.
1301 East Algonquin Road
Schaumburg, IL 60196
USA

-Tom Nguyen
TEL: (847) 576-2352
FAX: (847) 576-6150

-Rachel Michelson
TEL: (847) 219-6292
FAX: (847) 576-6150

MOTOROLA_IPCRYPTR2_SNMPv3_KDF

Version R06.01.00 (Firmware)
Atmel AT58U97 PIKE v2 5/9/2014 SNMP SHA1 Val#1292

"SNMP v3 key derivation from a password and Engine ID, based on SHA-1"

262
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
SP800-135
Motorola Solutions, Inc.
1301 East Algonquin Road
Schaumburg, IL 60196
USA

-Tom Nguyen
TEL: (847) 576-2352
FAX: (847) 576-6150

-Rachel Michelson
TEL: (847) 219-6292
FAX: (847) 576-6150

MOTOROLA_IPCRYPTR2_IKEv2_KDF

Version R06.01.00 (Firmware)
Atmel AT58U97 PIKE v2 5/9/2014 IKEv1( SHA Val#1292 HMAC Val#1780
IKEv2( ( 384 (SHA 384 ) ) SHA Val#1292 HMAC Val#1780

"Suite B IKE v2 KDF per http://www.nsa.gov/ia/_files/SuiteB_Implementer_G-113808.pdf section 8.1"

261
All of SP800-56A EXCEPT KDF
SP800-56A
INSIDE Secure
Eerikinkatu 28
Helsinki, 00180
Finland

-Serge Haumont
TEL: +358 40 5808548

-Marko Nippula
TEL: +358 40 762 9394

SafeZone FIPS Cryptographic Module

Version 1.0.3A
ARMv7, 2.3 GHz w/ Android 4.4 5/9/2014 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC Static: (KARole: Initiator / Responder ) FB FC DSA Val#854 SHS Val#2378 DRBG Val#493
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG Partial Validation )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 StaticUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 ECDSA Val#497 SHS Val#2378 DRBG Val#493

"SafeZone FIPS Cryptographic Module is a FIPS 140-2 Security Level 1 validated software cryptographic module from INSIDE Secure. The module is a toolkit which provides the most commonly needed cryptographic primitives for a large variety of applications, including but not limited to, primitives for DAR, DRM, TLS, and VPN on mobile devices."

260
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
OpenSSL Software Foundation, Inc.
1829 Mount Ephraim Road
Adamstown, MD 27101
USA

-Steve Marquess
TEL: 877-673-6775

OpenSSL FIPS Object Module

Version 2.0.7
Freescale e500v2 (PPC) w/ Linux 2.6; Intel Core i7-3612QE (x86) without AES-NI w/ AcanOS 1.0; Intel Core i7-3612QE (x86) with AES-NI w/ AcanOS 1.0; Feroceon 88FR131 (ARMv5) w/ AcanOS 1.0; Intel Xeon E5440 (x86) without AES-NI w/ FreeBSD 8.4; Xeon E5-2430L (x86) without AES-NI w/ FreeBSD 9.1; Xeon E5-2430L (x86) with AES-NI w/ FreeBSD 9.1; Xeon E5645 (x86) without AES-NI w/ ArbOS 5.3; ASPEED AST-Series (ARMv5) w/ Linux ORACLESP 2.6; Emulex PILOT3 (ARMv5) w/ Linux ORACLESP 2.6; Xeon E5645 (x86) with AES-NI w/ ArbOS 5.3 ;  Xeon E5-2430L (x86) without AES-NI w/ FreeBSD 9.2; Xeon E5-2430L (x86) with AES-NI w/ FreeBSD 9.2 5/9/2014 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"The OpenSSL FIPS Object Module is a full featured general purpose cryptographic library that is distributed in source code form under an open source license. It can be downloaded from www.openssl.org/source/."

05/14/14: Added new tested information;
07/03/14: Added new tested information;
07/178/14: Added new tested information;
07/31/14: Updated implementation information;

259
All of SP800-56A EXCEPT KDF
SP800-56A
United States Special Operations Command (USSOCOM)
7701 Tampa Point Boulevard
MacDill Air Force Base, Florida 33621-5323
USA

-William W. Burnham
TEL: (813) 826-2282

Suite B Cryptographic Algorithms

Version 1.0
Intel Xeon E5530; Qualcomm Snapdragon S2 MSM8655 8/16/2013 ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation   Key Regeneration )
SCHEMES: FullUnified: (KARole: Initiator ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 ECDSA Val#448 SHS Val#2187 DRBG Val#132 HMAC Val#1610
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#259.

"KEYW, in coordination with the United States Special Operations Command (USSOCOM), has developed a Suite B-compliant, standards based, AES/GCM-256 layer of encrypted communications between a BlackBerry Enterprise Server (BES) and a BlackBerry Mobile Set (MS) with Elliptic Curve (EC) key exchange used to negotiate symmetric keys."

07/25/14: Updated implementation information;

258
Section 5.2, SSH
SP800-135
Xirrus, Inc.
2101 Corporate Center Drive
Thousand Oaks, CA 91320
USA

-Mike de la Garrigue
TEL: 805-262-1655
FAX: 805-262-1601

AOS SSH Module

Version 6.0 (Firmware)
Cavium Octeon CN6000 series; ;  Cavium Octeon CN5000 series 5/2/2014 SSH (SHA 256 ) SHA Val#2374

"Xirrus AOS SSH implementation."

08/13/14: Added new tested information;

257
Section 4.2,
TLS
SP800-135
Xirrus, Inc.
2101 Corporate Center Drive
Thousand Oaks, CA 91320
USA

-Mike de la Garrigue
TEL: 805-262-1655
FAX: 805-262-1601

AOS Crypto Module

Version 6.0 (Firmware)
Cavium Octeon CN6000 series; Cavium Octeon CN5000 series 5/2/2014 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 ) ) SHA Val#2374 HMAC Val#1774

"Xirrus AOS crypto library implementation."

08/07/14: Added new tested information;

256
Section 5.4, SNMP
SP800-135
Alcatel-Lucent
600 - 700 Mountain Avenue
Murray Hill, NJ 07974
USA

-Yik-Ming Ho
TEL: +1 908 582 5301

Alcatel-Lucent PSS32/16 Crypto-SNMP Engine

Version 16.1-libengine-264
MPC8555 w/ Linux 2.6.10 4/25/2014 SNMP SHA1 Val#2371

"The Alcatel-Lucent PSS32/16 Crypto-SNMP Engine offers an integrated AES256 encryption of control/status information for providing an equivalent level of security for the control link as is provided for the transmission links using the Alcatel-Lucent Crypto-OTU2 Engine."

255
Section 5.4, SNMP
SP800-135
Alcatel-Lucent
600 - 700 Mountain Avenue
Murray Hill, NJ 07974
USA

-Yik-Ming Ho
TEL: +1 908 582 5301

Alcatel-Lucent PSS4 Crypto-SNMP Engine

Version 16.1-libengine-264
MPC8347 w/ Linux 2.6.10 4/25/2014 SNMP SHA1 Val#2370

"The Alcatel-Lucent PSS4 Crypto-SNMP Engine offers an integrated AES256 encryption of control/status information for providing an equivalent level of security for the control link as is provided for the transmission links using the Alcatel-Lucent Crypto-OTU2 Engine."

254
Signature Generation of hash sized messages
FIPS186-4 ECDSA
Pitney Bowes, Inc.
37 Executive Drive
Danbury, CT 06810
USA

-Dave Riley
TEL: 203-796-3208

libecdsa

Version 01.01.0009 (Firmware)
Part # MAX32590 Rev B4
N/A 4/9/2014 ECDSA SigGen Component: CURVES( P-256 )

"Pitney Bowes X4 HSM Cryptographic Module"

253
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
Section 4.2,
TLS
Section 5.2, SSH
Section 5.3, SRTP
Section 5.4, SNMP
SP800-135
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134
USA

-Global Certification Team

IOS Common Cryptographic Module (IC2M) Algorithm Module

Version 2.0 (Firmware)
AMCC PowerPC 405EX; Cavium CN5020; Cavium CN5220; Cavium CN5230; Freescale 8752E; Freescale SC8548H; Intel Xeon; MPC8358E; MPC8572C; PowerPC 405; Intel Atom C2000 3/31/2014 IKEv1( AUTH( DSA , PSK ) ) ( 2048 (SHA 1 , 256 ) ) SHA Val#2361 HMAC Val#1764
IKEv2( ( 2048 (SHA 1 , 256 ) ) SHA Val#2361 HMAC Val#1764
TLS( TLS1.0/1.1 ) SHA Val#2361 HMAC Val#1764
SSH (SHA 1 ) SHA Val#2361
SRTP (AES 128 , 192 , 256 ) AES Val#2817
SNMP SHA1 Val#2361

"IOS Common Crypto Module"

252
All of SP800-56A EXCEPT KDF
SP800-56A
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134
USA

-Global Certification Team

IOS Common Cryptographic Module (IC2M) Algorithm Module

Version 2.0 (Firmware)
AMCC PowerPC 405EX; Cavium CN5020; Cavium CN5220; Cavium CN5230; Freescale 8752E; Freescale SC8548H; Intel Xeon; MPC8358E; MPC8572C; PowerPC 405; Intel Atom C2000 3/31/2014 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: Partial Validation )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FC SHS Val#2361 DRBG Val#481
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: Full Validation Partial Validation )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 ECDSA Val#493 SHS Val#2361 DRBG Val#481

"IOS Common Crypto Module"

01/30/15: Added new tested information;

251
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Aruba Networks, Inc.
1344 Crossman Ave
Sunnyvale, CA 94089
USA

-Jon Green
TEL: 408-227-4500
FAX: 408-227-4550

ArubaOS Crypto Module

Version ArubaOS 6.3 (Firmware)
Broadcom XLS204; Broadcom XLS408; Broadcom XLR508; Broadcom XLR516; Broadcom XLR532; Broadcom XLR732; Broadcom XLP416; Broadcom XLP432; Qualcomm Atheros AR7242; Qualcomm Atheros AR7161; Qualcomm Atheros QCA9550; Cavium CN5010; Marvell 88F6560; Qualcomm Atheros QCA9344; Freescale QorIQ P1020 3/31/2014 RSASP1: (Mod2048: PKCS1.5 )

"The Aruba MOVE Architecture forms the core network infrastructure for supporting mobile and wireless computing devices. The system enables enterprise-scale 802.11 wireless LANs (Wi-Fi), secure remote VPNs, and mobility-optimized wired networks."

250
Section 5.5, TPM
SP800-135
Atmel Corporation
2325 Orchard Parkway
San Jose, CA 95131
US

-Jim Hallman
TEL: (919) 846-3391

-Todd Slack
TEL: (719) 540-3021

AT97SC3205

Part # AT97SC3205
N/A 3/21/2014 TPM SHA1 Val#2354 HMAC_SHA1 Val#1757

"The AT97SC3205 is a single chip cryptographic module used for cryptographic key generation, key storage and key management as well as generation and secure storage for digital certificates."

04/03/14: Updated vendor information;

249
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Symantec Corporation
350 Ellis Street
Mountain View, CA 94043
USA

-David Finkelstein
TEL: 650-527-0714

Symantec PGP Cryptographic Engine

Version 4.3
Dell Precision M6400 Intel Core i7 w/ Linux 64 bit RHEL with AESNI 3/21/2014 Curves tested: P-256   P-384   P-521

"The Symantec PGP Cryptographic Engine is a FIPS 140-2 validated software only cryptographic module. The module implements the cryptographic functions for Symantec Encryption products, including the Symantec Drive Encryption, Symantec Desktop Email, Symantec File Share Encryption, Symantec Encryption Desktop, and Symantec Gateway Email. It includ"

248
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Symantec Corporation
350 Ellis Street
Mountain View, CA 94043
USA

-Bill Zhao
TEL: 650-527-0683

Symantec PGP Cryptographic Engine

Version 4.3
Dell Precision M6400 Intel Core 2 Duo w/ Windows 7 64 bit 3/7/2014 Curves tested: P-256   P-384   P-521

"The Symantec PGP Cryptographic Engine is a FIPS 140-2 validated software only cryptographic module. The module implements the cryptographic functions for Symantec Encryption products, including the Symantec Drive Encryption, Symantec Desktop Email, Symantec File Share Encryption, Symantec Encryption Desktop, and Symantec Gateway Email."

247
Section 5.1,
ANS X9.63-2001
SP800-135
Senetas Corporation Ltd. and SafeNet Inc.
Level 1, 11 Queens Road
Melbourne, Victoria 3004
Australia

-John Weston
TEL: +61 3 9868 4555
FAX: +61 3 9821 4899

-Chris Brych
TEL: +1 613 221 5081
FAX: +1 613 723 5079

CN1000 and CN3000 Series Common Crypto Library

Version 4.4 (Firmware)
Freescale MPC8280 3/7/2014 ANSX963_2001 SHA Val#2350

"The CN1000 and CN3000 Series Common Crypto Library Module provides FIPS 140-2 approved cryptographic algorithms for the CN1000 and CN3000 Series Encryptors. Based upon OpenSSL the Library provides an Application Programming Interface (API) to support security relevant services."

246
Section 4.2,
TLS
SP800-135
Dell SonicWALL
2001 Logic Drive
San Jose, CA 95124
USA

-Gary Tomlinson
TEL: (408) 962-6756
FAX: (408) 745-9300

-Usha Sanagala
TEL: (408) 962-6248
FAX: (408) 745-9300

OpenSSL

Version 1.0.1e (Firmware)
Intel Core 2 Duo; Intel Celeron; Intel Xeon Nehalem with AES-NI 2/28/2014 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 ) ) SHA Val#2349 HMAC Val#1753

"OpenSSL 1.0.1e implementation with minor patches."

245
Section 5.2, SSH
SP800-135
Dell SonicWALL
2001 Logic Drive
San Jose, CA 95124
USA

-Gary Tomlinson
TEL: (408) 962-6756
FAX: (408) 745-9300

-Usha Sanagala
TEL: (408) 962-6248
FAX: (408) 745.9300

OpenSSH

Version 6.4p1 (Firmware)
Intel Core 2 Duo; Intel Celeron; Intel Xeon Nehalem with AES-NI 2/28/2014 SSH (SHA 1 , 256 ) SHA Val#2349

"SSH may generate keys of any size. Default is 2048. Open source version slightly modified to read our CSPs and completely disable DSA key generation."

244
Section 4.2,
TLS
SP800-135
Dell SonicWALL
2001 Logic Drive
San Jose, CA 95124
USA

-Gary Tomlinson
TEL: (408) 962-6756
FAX: (408) 745-9300

-Usha Sanagala
TEL: (408) 962-6248
FAX: (408) 745-9300

ojdk

Version 1.7.0_147 (Firmware)
Intel Core 2 Duo; Intel Celeron; Intel Xeon Nehalem with AES-NI 2/28/2014 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 ) ) SHA Val#2348 HMAC Val#1752

"Using existing Debian Stable Open JDK binaries."

243
Section 5.4, SNMP
SP800-135
Senetas Corporation Ltd. and SafeNet Inc.
Level 1, 11 Queens Road
Melbourne, Victoria 3004
Australia

-John Weston
TEL: +61 3 9868 4555
FAX: +61 3 9821 4899

-Chris Brych
TEL: +1 613 221 5081
FAX: +1 613 723 5079

CN4010 and CN6010 Series Common Crypto Library

Version 2.4 (Firmware)
ARM Cortex A9 2/28/2014 SNMP SHA1 Val#2346

"The CN4010 and CN6010 Series Common Crypto Library Module provides FIPS 140-2 approved cryptographic algorithms for the CN4010 and CN6010 Series Encryptors. Based upon OpenSSL the Library provides an Application Programming Interface (API) to support security relevant services."

242
Section 5.4, SNMP
SP800-135
Senetas Corporation Ltd. and SafeNet Inc.
Level 1, 11 Queens Road
Melbourne, Victoria 3004
Australia

-John Weston
TEL: +61 3 9868 4555
FAX: +61 3 9821 4899

-Chris Brych
TEL: +1 613 221 5081
FAX: +1 613 723 5079

CN6000 Series Common Crypto Library

Version 2.4 (Firmware)
Intel ATOM 2/28/2014 SNMP SHA1 Val#2345

"The CN6000 Series Common Crypto Library Module provides FIPS 140-2 approved cryptographic algorithms for CN6000 Series Encryptors. Based upon OpenSSL the Common Crypto Library provides an Application Programming Interface (API) to support security relevant services."

241
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Symantec Corporation
350 Ellis Street
Mountain View, CA 94043
USA

-David Finkelstein
TEL: 650-527-0714

Symantec PGP Cryptographic Engine

Version 4.3
Dell Precision M6400 Intel Core 2 Duo w/ Linux 32-bit RHEL 6.2 2/28/2014 Curves tested: P-256   P-384   P-521

"The Symantec PGP Cryptographic Engine is a FIPS 140-2 validated software only cryptographic module. The module implements the cryptographic functions for Symantec Encryption products, including the Symantec Drive Encryption, Symantec Desktop Email, Symantec File Share Encryption, Symantec Encryption Desktop, and Symantec Gateway Email. It includes"

240
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Symantec Corporation
350 Ellis Street
Mountain View, CA 94043
USA

-David Finkelstein
TEL: 650-527-0714

Symantec PGP Cryptographic Engine

Version 4.3
Apple MacBook Pro Intel Core 2 Duo w/ Mac OS X 10.7 2/28/2014 Curves tested: P-256   P-384   P-521

"The Symantec PGP Cryptographic Engine is a FIPS 140-2 validated software only cryptographic module. The module implements the cryptographic functions for Symantec Encryption products, including the Symantec Drive Encryption, Symantec Desktop Email, Symantec File Share Encryption, Symantec Encryption Desktop, and Symantec Gateway Email. It includes"

239
Section 5.2, SSH
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-8000
FAX: 408-333-8101

Brocade Vyatta Network OS Open SSL Cryptographic Module

Version 1.0
Intel (R) Xeon (R) Processor E5-2680 v2 (25M Cache, 2.80 Ghz w/ Brocade Vyatta Network OS 2/28/2014 SSH (SHA 256 ) SHA Val#2341

"Built for Network Functions Virtualization (NFV), Brocade (R) Vyatta (R) 5650 and 5630 vRouters are the first virtual routers capable of providing advanced routing in software without sacrificing the relaibility and performance of hardware networking solutions."

238
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-8000
FAX: 408-333-8101

Brocade Vyatta Network OS Open SSL Cryptographic Module

Version 1.0
Intel (R) Xeon (R) Processor E5-2680 v2 (25M Cache, 2.80 Ghz w/ Brocade Vyatta Network OS 2/28/2014 Curves tested: P-256   P-384   P-521

"Built for Network Functions Virtualization (NFV), Brocade (R) Vyatta (R) 5650 and 5630 vRouters are the first virtual routers capable of providing advanced routing in software without sacrificing the relaibility and performance of hardware networking solutions."

237
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134
USA

-Global Certification Team

IOS

Version 1.0
Intel Atom D2500 w/ CentOS Linux 6.4 2/21/2014 IKEv1( AUTH( DSA , PKE , PSK ) ) ( 2048 ) SHA Val#2340 HMAC Val#1744
IKEv2( ( 2048 (SHA 1 , 256 ) ) SHA Val#2340 HMAC Val#1744
TLS( TLS1.0/1.1 ) SHA Val#2340 HMAC Val#1744
SSH (SHA 1 ) SHA Val#2340
SNMP SHA1 Val#2340

"IOS software cryptographic implementations used within Cisco devices to provide cryptographic functions."

236
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134
USA

-Global Certification Team

IOS

Version 1.0 (Firmware)
Freescale MPC8358E; Freescale MPC8548E 2/21/2014 IKEv1( AUTH( DSA , PSK ) ) ( 2048 (SHA 1 , 256 ) ) SHA Val#2339 HMAC Val#1743
IKEv2( ( 2048 (SHA 1 , 256 ) ) SHA Val#2339 HMAC Val#1743
TLS( TLS1.0/1.1 ) SHA Val#2339 HMAC Val#1743
SSH (SHA 1 ) SHA Val#2339
SNMP SHA1 Val#2339

"IOS software cryptographic implementations used within Cisco devices to provide cryptographic functions."

235
Signature Generation of hash sized messages
FIPS186-4 ECDSA
GoldKey Security Corporation
26900 E. Pink Hill Rd
Independence, MO 64057
USA

-GoldKey Sales & Customer Service
TEL: (816) 220-3000

-Jon Thomas
TEL: 567-270-3830

GoldKey Cryptographic Algorithms

Version 7.13 (Firmware)
Arca2S 2/21/2013 ECDSA SigGen Component: CURVES( P-256 P-384 )

"Cryptographic algorithm implementation for GoldKey Products"

03/18/13: Updated implementation information;
03/27/13: Updated implementation information;
10/25/13: Updated implementation information;
07/23/14: Updated implementation informaiton;

234
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
GoldKey Security Corporation
26900 E. Pink Hill Rd
Independence, MO 64057
USA

-GoldKey Sales & Customer Service
TEL: (816) 220-3000

-Jon Thomas
TEL: 567-270-3830

GoldKey Cryptographic Algorithms

Version 7.13 (Firmware)
Arca2S 2/21/2013 RSASP1: (Mod2048: PKCS1.5 )

"Cryptographic algorithm implementation for GoldKey Products"

03/18/13: Updated implementation information;
03/27/13: Updated implementation information;
10/25/13: Updated implementation information;
07/23/14: Updated implementation informaiton;

233
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Fortinet, Inc.
1090 Kifer Road
Sunnyvale, CA 94086-5301
USA

-Alan Kaye
TEL: 613-225-9381 x7416
FAX: 613-225-2951

Fortinet FortiOS SSL Cryptographic Library

Version 5.0 GA Patch 6 (Firmware)
ARM v5 Compatible; Intel Atom; Intel Celeron; Intel i3-540 Dual Core; Intel i5-750 Quad Core; Intel Xeon 2/21/2014 IKEv1( AUTH( DSA , PKE , PSK ) ) ( 224 (SHA 1 , 256 ) ) ( 8192 (SHA 1 , 256 ) ) SHA Val#2333 HMAC Val#1738
IKEv2( ( 8192 (SHA 1 , 256 ) ) ( 8192 (SHA 1 , 256 ) ) SHA Val#2333 HMAC Val#1738
TLS( TLS1.2 (SHA 256 ) ) SHA Val#2333 HMAC Val#1738
SSH (SHA 1 , 256 ) SHA Val#2333

"This document focuses on the software implementation of the Fortinet FortiOS SSL Cryptographic Library 5.0 GA Patch 6"

232
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Aruba Networks, Inc.
1344 Crossman Ave
Sunnyvale, CA 94089
USA

-Jon Green
TEL: 408-227-4500
FAX: 408-227-4550

ArubaOS OpenSSL Module

Version ArubaOS 6.3 (Firmware)
Qualcomm Atheros AR7161; Qualcomm Atheros AR7242; Cavium CN5010; Marvell 88F6560; Qualcomm Atheros QCA9344; Qualcomm Atheros QCA9550; Broadcom XLP416; Broadcom XLP432; Broadcom XLR732; Broadcom XLR508; Broadcom XLR516; Broadcom XLR532; Broadcom XLS204; Broadcom XLS408; Freescale QorIQ P1020; 2/14/2014 RSASP1: (Mod2048: PKCS1.5 )

"The Aruba MOVE Architecture forms the core network infrastructure for supporting mobile and wireless computing devices. The system enables enterprise-scale 802.11 wireless LANs (Wi-Fi), secure remote VPNs, and mobility-optimized wired networks.."

231
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
Section 4.2,
TLS
Section 5.2, SSH
Section 5.3, SRTP
Section 5.4, SNMP
SP800-135
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134
USA

-Global Certification Team

IOS Algorithms

Version 1.0 (Firmware)
Cavium CN5200; Intel 82576; Freescale MPC8572E; Freescale MPC8358E; Freescale P1021 2/7/2014 IKEv1( AUTH( PSK ) ) ( 2048 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#2182 HMAC Val#1606
IKEv2( ( 2048 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#2182 HMAC Val#1606
TLS( TLS1.0/1.1 ) SHA Val#2182 HMAC Val#1606
SSH (SHA 1 ) SHA Val#2182
SRTP (AES 128 ) AES Val#2620
SNMP SHA1 Val#2182

"IOS Firmware cryptographic implementations used within Cisco devices to provide cryptographic functions."

230
Section 4.2,
TLS
SP800-135
Oracle America, Inc.
500 Oracle Parkway
Redwood City, CA 94065
United States

-Linda Gallops
TEL: 704-972-5018
FAX: 704-321-9273

T10000D TLS1.0 Implementation

Version 2.2 (Firmware)
Altera NIOS II 2/7/2014 TLS( TLS1.0/1.1 ) SHA Val#2325 HMAC Val#1730

"The Oracle StorageTek T10000D Tape Drive blends the highest capacity, performance, reliability, and data security to support demanding, 24/7 data center operations. It delivers the world''s fastest write speeds to a native 8.5 TB of magnetic tape storagel; making it ideal for data center operations with growing data volume."

229
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Sagem Orga
Heinz-Nixdorf-Ring 1
Paderborn, 33106
Germany

-Swantje Missfeldt
TEL: +49 52 51 88 90

J-IDMark 64 Open RSA CRT with SHA-1 and SHA-256

Version J-IDMark 64 Open 01016221 (Firmware)
AT58803-H-AA 11/8/2006 RSASP1: (Mod2048: PKCS1.5 )

"An implementation of the RSA CRT with SHA-1 and SHA-256 algorithm for use in the J-IDMark 64 Open smart card cryptographic module."

02/04/14: Originally verified as SigGen - RSA #180;

228
Section 4.2,
TLS
SP800-135
Hewlett–Packard Development Company, L.P.
3000 Hanover Street
Palo Alto, CA 94304-1185
USA

-Mihai Damian
TEL: 1-650-236-5870

-Sameer Popli
TEL: 1-650-236-5874

HP NSVLE C API Library

Version 0.3
Intel(R) Xeon(R) E5-2658 w/ Debian Linux HPTE Version 5.0.0 1/24/2014 TLS( TLS1.0/1.1 ) SHA Val#2047 HMAC Val#1477

"Hewlett-Packard''s NonStop platform is used in complex computing environments, where business-critical applications need 24 x 7 availability, extreme scalability, and fault-tolerance. NonStop plays an important role in major industries and markets, including finance, healthcare, telecommunications, manufacturing, retail, and government."

227
Section 4.1.1,
IKEv1
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Palo Alto Networks
4401 Great America Parkway
Santa Clara, California 95054
USA

-Jake Bajic
TEL: (408) 753-3901
FAX: (408) 753-4001

-Lee Klarich
TEL: (408) 753-4000
FAX: (408) 753-4001

Palo Alto Networks Crypto Module (PA-200, PA-500, PA-2000 Series, PA-3000 Series, PA-4000 Series, and PA-5000 Series Firewalls and M100/Panorama)

Version PAN-OS 5.0/Panorama 5.1 (Firmware)
Cavium Octeon MIPS64; Intel Multi Core Xeon; Intel Celeron P4505 1/24/2014 IKEv1( AUTH( PSK ) ) ( 2048 (SHA 256 , 384 , 512 ) ) SHA Val#2298 HMAC Val#1707
TLS( TLS1.0/1.1 ) SHA Val#2298 HMAC Val#1707
SSH (SHA 1 ) SHA Val#2298
SNMP SHA1 Val#2298

"The Palo Alto Networks Crypto Module provides the cryptographic functionality for a variety of platforms i.e., the PA-200, PA-500, PA-2000, PA-3000, PA-4000 and PA-5000 firewalls and M100 Centralized Management. The firewalls provide network security by enabling enterprises to see/control applications, users, and content."

226
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
SonicWALL, Inc.
2001 Logic Drive
San Jose, CA 95124
USA

-Usha Sanagala
TEL: 408-962-6248
FAX: 408-745-9300

SonicOS 6.2 for NSA and SM

Version 6.2 (Firmware)
Cavium Octeon Plus 66XX; Cavium Octeon Plus 68XX 1/24/2014 IKEv1( AUTH( DSA , PSK ) ) ( 2048 (SHA 256 , 384 , 512 ) ) ( 2048 (SHA 256 , 384 , 512 ) ) SHA Val#2322 HMAC Val#1727
IKEv2( ( 2048 (SHA 256 , 384 , 512 ) ) ( 2048 (SHA 256 , 384 , 512 ) ) SHA Val#2322 HMAC Val#1727
TLS( TLS1.0/1.1 ) SHA Val#2322 HMAC Val#1727
SSH (SHA 1 ) SHA Val#2322
SNMP SHA1 Val#2322

"The Dell SonicWALL family of firewalls tightly integrates intrusion prevention, malware protection, Application Intelligence and Control with real-time Visualization. Dell SonicWALL Reassembly-Free Deep Packet Inspection engine scans 100% of traffic and massively scales to meet needs of the most high-performance networks."

01/14/15: Added test information;

225
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Giesecke & Devrient
45925 Horseshoe Drive
Dulles, VA 20166
USA

-Michael Poitner
TEL: 650-312-1241
FAX: 605-312-8129

-Jatin Deshpande
TEL: 650-312-8047
FAX: 650-312-8129

Sm@rtCafé Expert 3.2

Version CPDYxJCRSEFI-025CD144V503 (Firmware)
NXP P5CD144 3/18/2008 RSASP1: (Mod2048: PKCS1.5 )

"Sm@rtCafé Expert 3.2 is a Java Card 2.2.1 and Global Platform v2.1.1 compliant smart card module supporting contact and contactless interfaces. Its support includes RSA up to 2048 bits with key generation, Hash algorithms (including SHA256), SEED, AES, DSA, OAEP Padding and Triple-DES."

01/22/14: Originally verified as SigGen - RSA #351;

224
Signature Generation of hash sized messages
FIPS186-4 ECDSA
Gemalto
Avenue du Jujubier
Z.I Athelia IV
La Ciotat, 13705
France

-Arnaud Lotigier
TEL: +33-4-42-36-60-74
FAX: +33-4-42-36-55-45

TOP DL V2

Version #11-M1005011+Softmask V02 (Firmware)
Part # A1023378
Infineon SLE66CLX1280PE w/ TOP DL V2 smart Card 5/12/2010 ECDSA SigGen Component: CURVES( P-224 P-256 P-384 P-521 K-233 K-283 K-409 K-571 B-233 B-283 B-409 B-571 )
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#224.

"This module is based on a Java Card platform (TOP DL V2) with 128K EEPROM memory available. The Cryptographic Module provides dual interfaces (i.e. contact and contact-less) where the same security level is achieved."

01/15/14: Originally verified as SigGen and SigVer - ECDSA#172;

223
Signature Generation of hash sized messages
FIPS186-4 ECDSA
NXP Semiconductors
Mikronweg 1
Gratkorn, 8101
Austria

-Markus Moesenbacher
TEL: +43 3124 299 652
FAX: +43 3124 299 270

NXP ECDSA Component

Version ECDSA_CL_V2.7 (Firmware)
Part # NXP P5CD081 Family
NXP P5CD081 Family 8/18/2011 ECDSA SigGen Component: CURVES( P-256 )

"Single Chip Module with NXP Secure Smart Card Controller of P5CD081 Family and NXP Java Card and GlobalPlatform OS JCOP 2.4.2 R0. P5CD081 Family comprises: P5CD145 V0A, P5CC145 V0A, P5CN145 V0A, P5CD128 V0A, P5CC128 V0A, P5CD081 V1A, P5CC081 V1A, P5CN081 V1A, P5CD051 V1A, P5CD041 V1A, P5CD021 V1A and P5CD016 V1A."

01/15/14: Originally verified as SigGen - ECDSA#237;

222
Signature Generation of hash sized messages
FIPS186-4 ECDSA
Athena Smartcard Inc.
20380 Town Center Lane, Suite 240
Cupertino, CA 95014
USA

-Ian Simmons
TEL: (408) 865-0112
FAX: (408) 865-0333

Athena OS755 ECDSA2 Component

Version A1.0 (Firmware)
Part # Inside Secure AT90SC
Inside Secure AT90SC w/ OS755 6/16/2011 ECDSA SigGen Component: CURVES( P-224 P-256 P-384 P-521 )
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#222.

"Athena OS755 is a GlobalPlatform Java Card smart card operating system implementing AES, TDES, DRBG, SHA-1/SHA-2, RSA, SP 800-56A, KAS ( ECC CDH Primitive only) and ECDSA2."

01/15/14: Originally verified as SigGen and SigVer - ECDSA#214;

221
Signature Generation of hash sized messages
FIPS186-4 ECDSA
Oberthur Technologies
4250 Pleasant Valley Road
Chantilly, VA 20151
USA

-Christophe Goyet
TEL: 703-263-0100
FAX: 703-263-0503

ECDSA for ID-One Cosmo v7 A

Version 0801 (Firmware)
Part # C3
ID-One Cosmo v7.0 A 2/5/2009 ECDSA SigGen Component: CURVES( P-224 P-256 P-384 P-521 K-233 K-283 K-409 K-571 B-233 B-283 B-409 B-571 )
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#221.

"The ID-One Cosmo Smart Card Platform is a single chip multi-application cryptographic module that offers a highly secure architecture together with enhanced cryptographic services. The tested algorithm implementation applies to the following hardware part number: BF, CO, C3, CF, with firmware version 0801."

01/15/14: Originally verified as SigGen and SigVer - ECDSA#120;

220
Signature Generation of hash sized messages
FIPS186-4 ECDSA
Oberthur Technologies
4250 Pleasant Valley Road
Chantilly, VA 20151
USA

-Christophe Goyet
TEL: 703-263-0100
FAX: 703-263-0503

ECDSA for ID-One Cosmo v7 N

Version FC10 (Firmware)
Part # B0
ID-One Cosmo v7.0 N 1/16/2014 ECDSA SigGen Component: CURVES( P-224 P-256 P-384 P-521 K-233 K-283 K-409 K-571 B-233 B-283 B-409 B-571 )
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#220.

"The ID-One Cosmo Smart Card Platform is a single chip multi-application that offers a highly secure architecture together with enhanced cryptographic services. The tested algorithm implementation applies to the following hardware part number: B0, BA, C8, CA, CB, C4, C7, C9, B7, CD, C6, with firmware version FC10."

01/15/14: Originally verified as SigGen and SigVer - ECDSA#94;

219
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
NXP Semiconductors
Mikronweg 1
Gratkorn, 8101
Austria

-Markus Moesenbacher
TEL: +43 3124 299 652
FAX: +43 3124 299 270

NXP RSA CRT Component

Version RSA_CRT_JCOP_242_R0 (Firmware)
Part # NXP P5CD081 Family
NXP P5CD081 Family 8/18/2011 RSASP1: (Mod2048: PKCS1.5 )

"Single Chip Module with NXP Secure Smart Card Controller of P5CD081 Family and NXP Java Card and GlobalPlatform OS JCOP 2.4.2 R0. P5CD081 Family comprises: P5CD145 V0A, P5CC145 V0A, P5CN145 V0A, P5CD128 V0A, P5CC128 V0A, P5CD081 V1A, P5CC081 V1A, P5CN081 V1A, P5CD051 V1A, P5CD041 V1A, P5CD021 V1A and P5CD016 V1A."

01/15/14: Originally verified as SigGen - RSA #885;

218
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Athena Smartcard Inc.
20380 Town Center Lane, Suite 240
Cupertino, CA 95014
USA

-Ian Simmons
TEL: (408) 865-0112
FAX: (408) 865-0333

Athena OS755 RSA Component

Version A1.0 (Firmware)
Part # Inside Secure AT90SC
Inside Secure AT90SC w/ OS755 6/16/2011 RSASP1: (Mod2048: PKCS1.5 PKCSPSS )

"Athena OS755 is a Global Platform Java Card operating systems implementing AES, TDES, DRBG, SHA-1/SHA-2, RSA, SP 800-56A KAS (ECC CDH Primitive only) and ECDSA2."

01/15/14: Originally verified as SigGen - RSA #824;

217
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Gemalto
Avenue du Jujubier
Z.I Athelia IV
La Ciotat, 13705
France

-Arnaud Lotigier
TEL: +33-4-42-36-60-74
FAX: +33-4-42-36-55-45

TOP DL V2

Version #11-M1005011+Softmask V02 (Firmware)
Part # A1023378
Infineon SLE66CLX1280PE w/ TOP DL V2 smart Card 5/12/2010 RSASP1: (Mod2048: PKCS1.5 )

"This module is based on a Java Card platform (TOP DL V2) with 128K EEPROM memory available. The Cryptographic Module provides dual interfaces (i.e. contact and contact-less) where the same security level is achieved."

01/15/14: Originally verified as SigGen - RSA #664;

216
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Oberthur Technologies
4250 Pleasant Valley Road
Chantilly, VA 20151
USA

-Christophe Goyet
TEL: 703-263-0100
FAX: 703-263-0503

RSA for ID-One Cosmo v7 A

Version 0801 (Firmware)
Part # C3
ID-One Cosmo v7.0 A 2/5/2009 RSASP1: (Mod2048: PKCS1.5 PKCSPSS )

"The ID-One Cosmo Smart Card Platform is a single chip multi-application cryptographic module that offers a highly secure architecture together with enhanced cryptographic services. The tested algorithm implementation applies to the following hardware part number: BF, CO, C3, CF, with firmware version 0801."

01/15/14: Originally verified as SigGen - RSA #471;

215
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Oberthur Technologies
4250 Pleasant Valley Road
Chantilly, VA 20151
USA

-Christophe Goyet
TEL: 703-263-0100
FAX: 703-263-0503

RSA for ID-One Cosmo v7 N

Version FC10 (Firmware)
Part # B0
ID-One Cosmo v7.0 N 8/8/2008 RSASP1: (Mod2048: PKCS1.5 PKCSPSS )

"The ID-One Cosmo Smart Card Platform is a single chip multi-application that offers a highly secure architecture together with enhanced cryptographic services. The tested algorithm implementation applies to the following hardware part number: B0, BA, C8, CA, CB, C4, C7, C9, B7, CD, C6, with firmware version FC10."

01/15/14: Originally verified as SigGen - RSA #403;

214
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Gemalto
Arboretum Plaza II
9442 Captial of Texas Highway North
Suite 400
Austin, TX 78759
USA

-Vincent Prothon
TEL: 512-257-3810
FAX: 512-257-3881

Gemalto GX4-FIPS

Version GX4-FIPS EI08 (Firmware)
NXP P5CD144 5/13/2008 RSASP1: (Mod2048: PKCS1.5 )

"This module is based on a Java platform (GemCombiXpresso R4) with 144K EEPROM memory and on the SafesITe FIPS201 applet loaded on the Java Card platform. The Cryptographic Module provides dual interfaces (i.e. contact and contact-less) where the same security level is achieved. Module Ref# A1005963 - Card Ref# M1002255."

01/15/14: Originally verified as SigGen - RSA #372;

213
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Giesecke & Devrient
45925 Horseshoe Drive
Dulles, VA 20166
USA

-Michael Poitner
TEL: 650-312-1241
FAX: 605-312-8129

-Jatin Deshpande
TEL: 650-312-8047
FAX: 650-312-8129

Sm@rtCafé Expert 3.2

Version CPDIxJCRSEFI-025CD080V402 (Firmware)
NXP P5CD080 3/18/2008 RSASP1: (Mod2048: PKCS1.5 )

"Sm@rtCafé Expert 3.2 is a Java Card 2.2.1 and Global Platform v2.1.1 compliant smart card module supporting contact and contactless interfaces. Its support includes RSA up to 2048 bits with key generation, Hash algorithms (including SHA256), SEED, AES, DSA, OAEP Padding and Triple-DES."

01/15/14: Originally verified as SigGen - RSA #350;

212
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Oberthur Card Systems
4250 Pleasant Valley Road
Chantilly, VA 20151
USA

-Christophe Goyet
TEL: 703-263-0100
FAX: 703-263-0503

RSA for ID-One Cosmo 128 v5

Version ID-One Cosmo Version F310 (Firmware)
Part # B0
ID-One Cosmo 128 v5.5 11/6/2007 RSASP1: (Mod2048: PKCS1.5 PKCSPSS )

"The ID-One Cosmo Smart Card Platform is a single chip multi-application cryptographic module that offers a highly secure architecture together with cryptographic services such as 3DES (128,192), AES (128,192,256), RSA (1024,1536,2048) with onboard key generation, SHA (1,224,256,384,521), ECDSA (GFP,192,224,256,384) Elliptic Curve Diffie-Hellman."

01/15/14: Originally verified as SigGen - RSA #304;

211
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Keycorp Limited
Level 5, Keycorp Tower
799 Pacific Highway
Chatswood NSW
Sydney, Austrailia 2067
Australia

-Graeme Bradford
TEL: 703-635-7723
FAX: 703-635-7724

Keycorp MULTOS I4F 80K with MULTOS PIV Card Application

Version 1.0 (Firmware)
Infineon SLE66CLX800PEM crypto controller 11/6/2007 RSASP1: (Mod2048: PKCS1.5 )

"The Keycorp MULTOS I4F 80K Smart Card with MULTOS PIV Card Application can be employed in a wide range of solutions. The smart card provides a highly portable, secure token for enhancing the security of network access and ensuring secure electronic communications. Combined with the PIV Card Application it provides enhanced I&A functionality."

01/15/14: Originally verified as SigGen - RSA #303;

210
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Athena Smartcard Inc.
20380 Town Center Lane, Suite 240
Cupertino, CA 95014
USA

-Ian Simmons
TEL: 408-865-0112
FAX: 408-865-0333

Athena IDProtect Duo

Version 0107.7099.0105 (Firmware)
Part # AT90SC12872RCFT Rev M
Atmel AT90SC12872RCFT 10/15/2007 RSASP1: (Mod2048: PKCS1.5 )

"IDProtect is a cryptographic module based on the Athena OS755 Java Card smart card operating system. IDProtect is compliant with the latest Java Card 2.2.2 and Global Platform 2.1.1 specifications and FIPS 140-2 Level 3 (Level 4 Physical Security). IDProtect supports FIPS approved RNG, TDES, AES, SHA-1, SHA-256, and RSA up to 2048 bits."

01/15/14: Originally verified as SigGen - RSA #296;

209
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Athena Smartcard Inc.
20380 Town Center Lane, Suite 240
Cupertino, CA 95014
USA

-Ian Simmons
TEL: (408) 865-0112
FAX: (408) 865-0333

Athena IDProtect XL

Version 010A.7204.0004 (Firmware)
Part # AT90SC144144CT
Atmel AT90SC144144CT 9/27/2007 RSASP1: (Mod2048: PKCS1.5 )

"IDProtect is a cryptographic module based on the Athena OS755 Java Card 2.2.2 and GlobalPlatform2. 1.1 specifications and F IPS 140-2 Level 3 (Level 4 for physical security).IDProtect supports F IPS approved Random Number Generator, TDES,A ES, SHA-I, SHA-256, and RSA up to 2048 bits including on board key generation."

01/15/14: Originally verified as SigGen - RSA #292

208
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
CardLogix
16 Hughes, Suite 100
Irvine, CA 92618
USA

-Ken Indorf
TEL: 949-380-1312
FAX: 949-380-1428

CardLogix Credentsys-J

Version 07.0107.04 (Firmware)
Part # AT90SC12872RCFT Rev. J
Atmel AT90SC12872RCFT 7/2/2007 RSASP1: (Mod2048: PKCS1.5 )

"CREDENTSYS-J is a secure smart card that is designed for National ID systems and multi-use enterprise security environments. The CREDENTSYS-J card is based on Java Card tm 2.2.1 and Global Platform 2.1.1 architectures and is readily deployable into existing or new PKI environments. CREDENTSYS cards offer a combination of high performance and cost"

01/15/14: Originally verified as SigGen - RSA #272;

207
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Sagem Orga
Heinz-Nixdorf-Ring 1
Paderborn, 33106
Germany

-Swantje Missfeldt
TEL: +49 52 51 88 90

J-IDMark 64 Open RSA with SHA-1 and SHA-256

Version J-IDMark 64 Open 01016221 (Firmware)
AT58803-H-AA 11/8/2006 RSASP1: (Mod2048: PKCS1.5 )

"An implementation of teh RSA with SHA-1 and SHA-256 algorithm for use in the J-IDMark 64 Open smart card cryptographic module."

01/15/14: Originally verified as SigGen – RSA #179;

206
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
SafeNet, Inc.
4690 Millennium Drive
Belcamp, MD 21017
USA

-Hazem Hassan
TEL: (952)223-3139

-Wayne Whitlock
TEL: (443)327-1489

SCCOS Crypto library

Version 3.0 (Firmware)
Philips P5CT072 Secure Triple Interface Smart Card Controller 10/25/2006 RSASP1: (Mod2048: PKCS1.5 )

"SCCOS is a state-of-the-art operating system that offers wide range of authentication services together with the highest levels of security. It offers powerful implementaions for public and secret key encryption supporting RSA, DSA, Diffie-Hellman, SHA-1, Triple-DES, and AES."

01/15/14: Originally verified as SigGen - RSA#174;

205
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Gemplus
Avenue du Pic de Bertagne
GEMENOS Cedex, BP100 13881
FRANCE

-Thierry Deffontaines
TEL: +33 (0)4 42 36 60 17

GemCombiXpresso R4 (GCX4) Cryptographic Library

Version GCX4 - FIPS IE07 (Firmaware)
Proprietary 1/30/2006 RSASP1: (Mod2048: PKCS1.5 )

"This implementation is dedicated to provide the crypto algorithm on the GemCombiXpresso R4 Java card product through the Java Card API. It provides Random Number generation, 3DES and RSA up to 2048 bits key length as well as X9.31 RSA On Board Key generation up to 2048 bits long."

204
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Oberthur Card Systems
4250 Pleasant Valley Road
Chantilly, VA 20151
USA

-Christophe Goyet
TEL: (703)263-0100
FAX: (703)263-7134

ID-One Cosmo 64 RSA

Version E303 (Firmware)
Part # 77
JavaCard 2.2 Runtime Environment 1/3/2005 RSASP1: (Mod2048: PKCS1.5 PKCSPSS )

"The ID-One Cosmo 64 RSA JavaCard Chip Platform is a single chip multi application cryptographic module for smart cards specifically designed for identity and government market needs. The module offers a highly secure architecture together with cryptographic services such as Triple-DES (using double and triple length DES keys) encryption and decryption in both ECB and CBC with ISO/IEC 9797 automatic padding (methods 1 and 2), TDES Message Authentication Code generation and verification using automatic padding methods from ISO/IEC 9797 (methods 1, 2, and 2 with MAC algorithm3), AES encryption and decryption in both ECB and CBC modes, AES Message Authentication Code generation and verification, RSA key generation up to 2048 bit key length with strong prime numbers (ANSI X9.31), RSA encryption and decryption using PKCS#1 and PKCS#1-OAEP automatic padding, RSA signature and verification using PKCS#1, PKCS#1-PSS, and ISO/IEC 9796 methods, as well as digest computation using SHA-1 and MD5 algorithms."

01/15/14: Oringinally verified as SigGen - RSA#43;

203
Section 4.2,
TLS
SP800-135
Cambium Networks
3800 Golf Road
Suite 360
Rolling Meadows, IL 60008
USA

-Mark Thomas
TEL: +44 1364 655500
FAX: +44 1364 654625

PTP700 TLS KDF

Version PTP700-TLS-KDF-01-00 (Firmware)
TI TMS320C6657 1/10/2014 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 ) ) SHA Val#2323 HMAC Val#1728

"TLS key derivation function"

202
Section 5.4, SNMP
SP800-135
Cambium Networks
3800 Golf Road
Suite 360
Rolling Meadows, IL 60008
USA

-Mark Thomas
TEL: +44 1364 655500
FAX: +44 1364 654625

PTP700 SNMP KDF

Version PTP700-SNMP-KDF-01-00 (Firmware)
TI TMS320C6657 1/10/2014 SNMP SHA1 Val#2323

"SNMP key derivation function"

201
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Freescale Semiconductor, Inc.
7700 West Parmer Lane
Austin, TX 78729
USA

-Geoffrey Waters
TEL: 512-996-5815
FAX: 512-996-7866

-Tom Tkacik
TEL: 480-814-3299
FAX: 480-814-3660

DMPR 30233242

Version CAVP_DMPR_30233242_C290R1 (Firmware)
Chronologic VCS simulator, vcs D-2010.06-04 12/20/2013 RSASP1: (Mod2048: PKCS1.5 )

"Freescale's cryptographic boundary for DSA, ECDSA and RSA includes the following CHAs plus Descriptor Controller: DECO 3.0, MDHA 2.3, PKHA-SD128 3.2, RNG4 4.2. Freescale's DMPR 30233242 is included in multiple QorIQ Integrated Communications Processors and co-processors, including: C291, C292, C293, T4240r2, and T4160r2."

200
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Freescale Semiconductor, Inc.
7700 West Parmer Lane
Austin, TX 78729
USA

-Geoffrey Waters
TEL: 512-996-5815
FAX: 512-996-7866

-Tom Tkacik
TEL: 480-814-3299
FAX: 480-814-3660

DMPR 30232242

Version CAVP_DMPR_30232242_T2080R1 (Firmware)
Chronologic VCS simulator, vcs D-2010.06-04 12/20/2013 RSASP1: (Mod2048: PKCS1.5 )

"Freescale's cryptographic boundary for DSA, ECDSA, RSA, KAS and ASKDF includes the following CHAs plus Descriptor Controller: DECO 3.0, MDHA 2.3, PKHA-SD64 2.2, RNG4 4.2. Freescale's DHSA 30232242 is included in the QorIQ Integrated Communications Processor: T2080."

199
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Freescale Semiconductor, Inc.
7700 West Parmer Lane
Austin, TX 78729
USA

-Geoffrey Waters
TEL: 512-996-5815
FAX: 512-996-7866

-Tom Tkacik
TEL: 480-814-3299
FAX: 480-814-3660

DMPR 30231242

Version CAVP_DMPR_30231242_T1040R1 (Firmware)
Chronologic VCS simulator, vcs D-2010.06-04 12/20/2013 RSASP1: (Mod2048: PKCS1.5 )

"Freescale's cryptographic boundary for DSA, ECDSA, RSA, KAS and ASKDF includes the following CHAs plus Descriptor Controller: DECO 3.0, MDHA 2.3, PKHA-SD32 1.2, RNG4 4.2. Freescale's DHSA 30231242 is included in the QorIQ Integrated Communications Processor: T1040."

198
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Freescale Semiconductor, Inc.
7700 West Parmer Lane
Austin, TX 78729
USA

-Geoffrey Waters
TEL: 512-996-5815
FAX: 512-996-7866

-Tom Tkacik
TEL: 480-814-3299
FAX: 480-814-3660

DMPR 20222141

Version CAVP_DMPR_20222141_P5040R1 (Firmware)
Chronologic VCS simulator, vcs D-2010.06-04 12/20/2013 RSASP1: (Mod2048: PKCS1.5 )

"Freescale's cryptographic boundary for DSA, ECDSA, RSA, KAS and ASKDF includes the following CHAs plus Descriptor Controller: DECO 2.0, MDHA 2.2, PKHA-SD64 2.1, RNG4 4.1. DHSA 20222141 is included in multiple QorIQ Integrated Communications Processors and co-processors, including: P5040, P5021, T4240r1, T4160r1, and B4860."

197
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Freescale Semiconductor, Inc.
7700 West Parmer Lane
Austin, TX 78729
USA

-Geoffrey Waters
TEL: 512-996-5815
FAX: 512-996-7866

-Tom Tkacik
TEL: 480-814-3299
FAX: 480-814-3660

DMPR 13221121

Version CAVP_DMPR_13221121_P4080R3 (Firmware)
Chronologic VCS simulator, vcs D-2010.06-04 12/20/2013 RSASP1: (Mod2048: PKCS1.5 )

"Freescale's cryptographic boundary for DSA, ECDSA, RSA, KAS and ASKDF includes the following CHAs plus Descriptor Controller: DECO 1.3, MDHA 2.2, PKHA-SD32 1.1, RNGB 2.1. Freescale's DHSA 13221121 is included in the QorIQ Integrated Communications Processor: P4080r3."

196
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Freescale Semiconductor, Inc.
7700 West Parmer Lane
Austin, TX 78729
USA

-Geoffrey Waters
TEL: 512-996-5815
FAX: 512-996-7866

-Tom Tkacik
TEL: 480-814-3299
FAX: 480-814-3660

DMPR 12211040

Version CAVP_DMPR_12211040_PSC9131R1 (Firmware)
Chronologic VCS simulator, vcs D-2010.06-04 12/20/2013 RSASP1: (Mod2048: PKCS1.5 )

"Freescale's cryptographic boundary for DSA, ECDSA, RSA, KAS and ASKDF includes the following CHAs plus Descriptor Controller: DECO 1.2, MDHA 2.1, PKHA-SD32 1.0, RNGB 4.0. Freescale's DHSA 12211040 is included in the QorIQ Integrated Communications Processors: PSC9131 and PSC9132."

195
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Freescale Semiconductor, Inc.
7700 West Parmer Lane
Austin, TX 78729
USA

-Geoffrey Waters
TEL: 512-996-5815
FAX: 512-996-7866

-Tom Tkacik
TEL: 480-814-3299
FAX: 480-814-3660

DMPR 11200121

Version CAVP_DMPR_11200121_P5020R1 (Firmware)
Chronologic VCS simulator, vcs D-2010.06-04 12/20/2013 RSASP1: (Mod2048: PKCS1.5 )

"Freescale's cryptographic boundary for DSA, ECDSA, RSA, KAS and ASKDF includes the following CHAs plus Descriptor Controller: DECO 1.1, MDHA 2.0, PKHA-XT0.1, RNGB 2.1. Freescale's DHSA 11200121 is included in multiple QorIQ Integrated Communications Processors, including: P3041, P2041, P2040, P5020, P5010, and P1010."

194
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
IBM Corporation
1 New Orchard Road
Armonk, NY 10504
USA

-Smita Dutta
TEL: 301-803-2540

Cryptographic Security Kernel (CSK)

Version 2.0 (Firmware)
Intel Xeon 12/31/2013 TLS( TLS1.0/1.1 ) SHA Val#2160 HMAC Val#1581
SSH (SHA 1 , 256 , 512 ) SHA Val#2160

"IBM® Security QRadar® SIEM consolidates log source event data from thousands of devices endpoints and applications distributed throughout a network. The IBM Security QRadar SIEM provides a secure platform that meets FIPS 140-2 Level 2 requirements while allowing organizations to meet current and emerging compliance mandates."

193
Section 4.1.1,
IKEv1
SP800-135
Motorola Solutions, Inc.
6480 Via Del Oro
San Jose, CA 95119
USA

-Udayan Borkar
TEL: 408-528-2361
FAX: 408-528-2903

-Colin Cooper
TEL: 408-528-2871
FAX: 408-528-2903

Quicksec

Version 3.0 (Firmware)
Broadcom XLR v4.0 12/31/2013 IKEv1( ( 1024 (SHA 1 ) ) ( 185 (SHA 1 ) ) ( 2048 (SHA 1 ) ) SHA Val#2326 HMAC Val#1731

"Quicksec is a third party source code, which provides IPsec and IKE v1 cryptographic services."

02/10/14: Updated implementation information;

192
Section 5.2, SSH
SP800-135
Motorola Solutions, Inc.
6480 Via Del Oro
San Jose, CA 95119
USA

-Udayan Borkar
TEL: 408-528-2361
FAX: 408-528-2903

-Colin Cooper
TEL: 408-528-2871
FAX: 408-528-2903

Openssh

Version 4.7p1 (Firmware)
Broadcom XLR v4.0 12/31/2013 SSH (SHA 1 , 256 ) SHA Val#2321

"OpenSSH is a third party open source code, which provides secure remote session management services."

191
Section 4.2,
TLS
SP800-135
Motorola Solutions, Inc.
6480 Via Del Oro
San Jose, CA 95119
USA

-Udayan Borkar
TEL: 408-528-2361
FAX: 408-528-2903

-Colin Cooper
TEL: 408-528-2871
FAX: 408-528-2903

Openssl-fips

Version 1.1.1 (Firmware)
Broadcom XLR v4.0 12/31/2013 TLS( TLS1.0/1.1 ) SHA Val#2321 HMAC Val#1726

"OpenSSL is a third party open source code, which provides cryptographic services to user space daemons. The device uses openssl-fips-1.1.1 version. RFS7000 userspace daemons (RADIUS, ntp, openssh, net-snmp, mapsh, etc) using openssl crypto services call fips_mode_set() from their respective initialization functions."

190
Section 5.4, SNMP
SP800-135
Motorola Solutions, Inc.
6480 Via Del Oro
San Jose, CA 95119
USA

-Udayan Borkar
TEL: 408-528-2361
FAX: 408-528-2903

-Colin Cooper
TEL: 408-528-2871
FAX: 408-528-2903

net-snmp

Version 5.3.0.1 (Firmware)
Broadcom XLR v4.0 12/31/2013 SNMP SHA1 Val#2320

"Net-SNMP is a third party open source code, which implements SNMPv3 protocol in order to retrieve or update information remotely."

189
Section 5.2, SSH
SP800-135
Motorola Solutions, Inc.
6480 Via Del Oro
San Jose, CA 95119
USA

-Udayan Borkar
TEL: 408-528-2361
FAX: 408-528-2903

-Colin Cooper
TEL: 408-528-2871
FAX: 408-528-2903

Openssh

Version 4.7p1 (Firmware)
Cavium Octeon Plus CN5000 Family 12/31/2013 SSH (SHA 256 ) SHA Val#2320

"OpenSSH is a third party open source code, which provides secure remote session management services."

188
Section 5.4, SNMP
SP800-135
Motorola Solutions, Inc.
6480 Via Del Oro
San Jose, CA 95119
USA

-Udayan Borkar
TEL: 408-528-2361
FAX: 408-528-2903

-Colin Cooper
TEL: 408-528-2871
FAX: 408-528-2903

net-snmp

Version 5.0.9 (Firmware)
Cavium Octeon Plus CN5000 Family 12/31/2013 SNMP SHA1 Val#2320

"Net-SNMP is a third party open source code, which implements SNMPv3 protocol in order to retrieve or update information remotely."

187
Section 4.1.1,
IKEv1
SP800-135
Motorola Solutions, Inc.
6480 Via Del Oro
San Jose, CA 95119
USA

-Udayan Borkar
TEL: 408-528-2361
FAX: 408-528-2903

-Colin Cooper
TEL: 408-528-2871
FAX: 408-528-2903

iGateway

Version 1.9 (Firmware)
Cavium Octeon Plus CN5000 Family; Cavium Octeon Plus CN5000 Family 12/31/2013 IKEv1( AUTH( PSK ) ) ( 1024 Null (SHA 1 ) ) SHA Val#2320 HMAC Val#1725

"iGateway is a third party source code, which provides IPsec and IKE v1 cryptographic services."

05/06/14: Added new tested information;

186
Section 4.2,
TLS
SP800-135
Motorola Solutions, Inc.
6480 Via Del Oro
San Jose, CA 95119
USA

-Udayan Borkar
TEL: 408-528-2361
FAX: 408-528-2903

-Colin Cooper
TEL: 408-528-2871
FAX: 408-528-2903

Openssl-fips

Version 1.2 (Firmware)
Cavium Octeon Plus CN5000 Family 12/31/2013 TLS( TLS1.0/1.1 ) SHA Val#2320 HMAC Val#1725

"OpenSSL is a third party open source code, which provides cryptographic services to user space daemons. The device uses openssl-fips-1.2 version. AP7131N userspace daemons (RADIUS, ntp, openssh, net-snmp, etc) using openssl crypto services call fips_mode_set() from their respective initialization functions."

185
Signature Generation of hash sized messages
FIPS186-4 ECDSA
Green Hills Software
30 W Sola Street
Santa Barbara, CA 93101
USA

-David Sequino
TEL: 206-310-6795
FAX: 978-383-0560

-Douglas Kovach
TEL: 727-781-4909
FAX: 727-781-2915

INTEGRITY Security Services Embedded Cryptographic Toolkit ECDSA

Version 2.0.415
ARM Cortex A9 w/ Green Hills Software INTEGRITY Multivisor v4 for ARM 12/31/2013 ECDSA SigGen Component: CURVES( P-256 P-384 P-521 )

"Green Hills Software ISS ECT is a standards-based crypto toolkit providing a flexible framework to integrate encryption, digital signatures and other security mechanisms into a wide range of applications. ISS ECT is designed to support multiple cryptographic providers with a single common API, easily targeted to a variety of Operating Systems. "

184
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Utimaco Safeware AG
Germanusstraße 4
Aachen, 52080
Germany

-Dr. Gesa Ott
TEL: ++49 241-1696-200
FAX: ++49 241-1696-199

-Dieter Bong
TEL: ++49 241-1696-200
FAX: ++49 241-1696-199

CryptoServer Se ECDSA

Version ecdsa1.1.2.0_eca1.1.3.0 (Firmware)
Texas Instruments TMS320C6416T 12/20/2013 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#184.

"ECDSA Component implements all ECDSA key sizes and curves to allow flexibility and efficiency."

183
Section 4.2,
TLS
SP800-135
Blue Coat Systems, Inc.
420 North Mary Avenue
Sunnyvale, California 94085-4121
USA

-Diana Robinson
TEL: +1 (845) 454-6397

-Tammy Green
TEL: +1 (801) 999-2973

Blue Coat SG VA TLS Library

Version 1.0
Intel Xeon w/ VMware ESXi v5.1 with SGOS v6.5.2 12/20/2013 TLS( TLS1.0/1.1 ) SHA Val#2307 HMAC Val#1716

"The Blue Coat SG VA TLS Library provides the necessary SSL/TLS key derivation functionality to a proprietary operating system (SGOS 6.5.2) developed specifically for use in Blue Coat''s Secure Web Gateway virtual appliance ."

182
Section 5.2, SSH
SP800-135
Blue Coat Systems, Inc.
420 North Mary Avenue
Sunnyvale, California 94085-4121
USA

-Diana Robinson
TEL: +1 (845) 454-6397

-Tammy Green
TEL: +1 (801) 999-2973

Blue Coat SG VA SSH Library

Version 1.0
Intel Xeon w/ VMware ESXi v5.1 with SGOS v6.5.2 12/20/2013 SSH (SHA 1 ) SHA Val#2307

"The Blue Coat SG VA SSH Library provides the necessary SSH key derivation functionality to a proprietary operating system (SGOS 6.5.2) developed specifically for use in Blue Coat''s Secure Web Gateway virtual appliance ."

181
Section 5.2, SSH
SP800-135
Blue Coat Systems, Inc.
420 North Mary Avenue
Sunnyvale, California 94085-4121
USA

-Diana Robinson
TEL: +1 (845) 454-6397

-Tammy Green
TEL: +1 (801) 999-2973

Blue Coat SGOS SSH Library

Version 1.0 (Firmware)
Intel Xeon E5-2418L; Intel Xeon E5-2430; Intel Xeon E5-2658 12/20/2013 SSH (SHA 1 ) SHA Val#2292

"The Blue Coat SGOS SSH Library v1.0 provides the necessary SSH protocol support to a proprietary operating system (SGOS 6.5.2) developed specifically for use in Blue Coat''s ProxySG appliance line."

180
Section 4.2,
TLS
SP800-135
Blue Coat Systems, Inc.
420 North Mary Avenue
Sunnyvale, California 94085-4121
USA

-Diana Robinson
TEL: +1 (845) 454-6397

-Tammy Green
TEL: +1 (801) 999-2973

Blue Coat SGOS TLS Library

Version 1.0 (Firmware)
Intel Xeon E5-2418L; Intel Xeon E5-2430; Intel Xeon E5-2658 12/20/2013 TLS( TLS1.0/1.1 ) SHA Val#2292 HMAC Val#1701

"The Blue Coat SGOS TLS Library provides the necessary SSL/TLS protocol support to a proprietary operating system (SGOS 6.5.2) developed specifically for use in Blue Coat''s ProxySG appliance line. ."

178
Section 4.2,
TLS
SP800-135
Barco N.V.
Noordlan 5
Kuurne, , 8520
Belgium

-Jean-Paul Schafer
TEL: +32 4 267 69 22
FAX: +32 4 267 69 99

SM

Version 0.1.6533
Part # bg140778
Freescale Q or IQ P2040 Power-PC w/ Linux 3.0.48-rt70.2-svn5965 12/18/2013 TLS( TLS1.0/1.1 ) SHA Val#2295 HMAC Val#1704

"Implementation on a Freescale Power_PC, using the OpenSSL Library"

177
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Giesecke & Devrient GmbH
Prinzregentenstraße 159
München, n/a 81677
Germany

-Katharina Wallhäußer
TEL: +49 89 4119-1397
FAX: +49 89 4119-2819

ECC SLE78

Version 1.2 (Firmware)
Part # SLE78CLFX4000 (M7892)
SLE78CLFX4000P(M) / M7892 family 12/18/2013 Curves tested: P-224   P-256   P-384   P-521

"Sm@rtCafé Expert 7.0 C1 is a Java Card 3 Platform Classic Edition compliant to GlobalPlatform CS V2.2.1 and GP V2.2 Amd D."

176
Section 4.2,
TLS
SP800-135
Tripwire, Inc.
101 SW Main St. Suite 1500
Portland, OR 97204
USA

-Brian R. Cox
TEL: 503-276-7500
FAX: 503-276-7643

Tripwire Cryptographic Module

Version 2.0.0
Oracle Java 1.6 w/ Microsoft Windows Server 2008 R2 12/13/2013 TLS( TLS1.0/1.1 ) SHA Val#2283 HMAC Val#1697

"Provides an AES implementation for Tripwire products."

175
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

Brocade MLXe MR2

Version BRCD-IP-CRYPTO-VER-3.0 (Firmware)
Freescale MPC 7448, RISC, 1700 MHz; 12/13/2013 TLS( TLS1.0/1.1 ) SHA Val#2282 HMAC Val#1696
SSH (SHA 1 ) SHA Val#2282

"The Brocade cryptographic library used in Brocade IP products implements crypto operations in software. The Brocade MLXe Series and Brocade NetIron® CER 2000 Series Ethernet Routers, Brocade NetIron CES 2000 Series Ethernet Switches provide industry-leading wire-speed port capacity without compromising the performance of advanced capabilities such as IPv6, MPLS, and MPLS Virtual Private Networks (VPNs)."

02/18/14: Update vendor information;

174
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-8101
FAX: 408-333-8101

Brocade MLXe MR

Version BRCD-IP-CRYPTO-VER-3.0 (Firmware)
Freescale MPC 7447A, RISC, 1000MHz 12/13/2013 TLS( TLS1.0/1.1 ) SHA Val#2281 HMAC Val#1695
SSH (SHA 1 ) SHA Val#2281

"The Brocade cryptographic library used in Brocade IP products implements crypto operations in software. The Brocade MLXe Series and Brocade NetIron® CER 2000 Series Ethernet Routers, Brocade NetIron CES 2000 Series Ethernet Switches provide industry-leading wire-speed port capacity without compromising the performance of advanced capabilities such as IPv6, MPLS, and MPLS Virtual Private Networks (VPNs)."

173
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

Brocade NetIron CES and CER 2000 Series

Version BRCD-IP-CRYPTO-VER-3.0 (Firmware)
Freescale MPC 8544, Power QUICC III, 800 MHz 12/13/2013 TLS( TLS1.0/1.1 ) SHA Val#2280 HMAC Val#1694
SSH (SHA 1 ) SHA Val#2280

"The Brocade cryptographic library used in Brocade IP products implements crypto operations in software. The Brocade MLXe Series and Brocade NetIron® CER 2000 Series Ethernet Routers, Brocade NetIron CES 2000 Series Ethernet Switches provide industry-leading wire-speed port capacity without compromising the performance of advanced capabilities such as IPv6, MPLS, and MPLS Virtual Private Networks (VPNs)."

172
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
McAfee, Inc.
2340 Energy Park Drive
St. Paul, MN 55108
USA

-Mark Hanson
TEL: 651-628-1633
FAX: 651-628-2701

McAfee Firewall Enterprise 64-bit Cryptographic Engine (Virtual)

Version 8.3.2
Intel Xeon w/ VMware ESXi v5.0 with SecureOS 8.3 12/13/2013 IKEv1( ( 1024 (SHA 1 , 256 , 384 , 512 ) ) ( 185 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#2279 HMAC Val#1693
IKEv2( ( 1024 (SHA 1 , 256 , 384 , 512 ) ) ( 185 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#2279 HMAC Val#1693
TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#2279 HMAC Val#1693
SSH (SHA 1 , 256 , 384 , 512 ) SHA Val#2279
SNMP SHA1 Val#2279

"The McAfee Firewall Enterprise 64-bit Cryptographic Engine (Virtual) is a software library that provides cryptographic services for applications on virtual deployments of the McAfee Firewall Enterprise Appliance."

171
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
McAfee, Inc.
2340 Energy Park Drive
St. Paul, MN 55108
USA

-Mark Hanson
TEL: 651-628-1633
FAX: 651-628-2701

McAfee Firewall Enterprise 64-bit Cryptographic Engine

Version 8.3.2 (Firmware)
Intel Atom; Intel Core; Intel Pentium; Intel Xeon 12/13/2013 IKEv1( AUTH( DSA , PKE , PSK ) ) ( 1024 (SHA 1 , 256 , 384 , 512 ) ) ( 185 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#2278 HMAC Val#1692
IKEv2( ( 1024 (SHA 1 , 256 , 384 , 512 ) ) ( 185 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#2278 HMAC Val#1692
TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#2278 HMAC Val#1692
SSH (SHA 1 , 256 , 384 , 512 ) SHA Val#2278
SNMP SHA1 Val#2278

"The McAfee Firewall Enterprise 64-bit Cryptographic Engine is a firmware library that provides cryptographic services for applications across several versions of the McAfee Firewall Enterprise Appliances."

170
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
McAfee, Inc.
2340 Energy Park Drive
St. Paul, MN 55108
USA

-Mark Hanson
TEL: 651-628-1633
FAX: 651-628-2701

McAfee Firewall Enterprise 32-bit Cryptographic Engine (Virtual)

Version 8.3.2
Intel Xeon w/ VMware ESXi v5.0 with SecureOS 8.3 12/13/2013 IKEv1( AUTH( DSA , PKE , PSK ) ) ( 1024 (SHA 1 , 256 , 384 , 512 ) ) ( 185 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#2277 HMAC Val#1691
IKEv2( ( 1024 (SHA 1 , 256 , 384 , 512 ) ) ( 185 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#2277 HMAC Val#1691
TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#2277 HMAC Val#1691
SSH (SHA 1 , 256 , 384 , 512 ) SHA Val#2277
SNMP SHA1 Val#2277

"The McAfee Firewall Enterprise 32-bit Cryptographic Engine (Virtual) is a software library that provides cryptographic services for applications on virtual deployments of the McAfee Firewall Enterprise Appliance."

169
Section 4.1.2,
IKEv2
SP800-135
Ultra Electronics 3eTI
9715 Key West Avenue, Suite 500
Rockville, MD 20850
USA

-Chris Guo
TEL: 301-944-1294
FAX: 301-670-6779

-Harinder Sood
TEL: 301-944-1325
FAX: 301-670-6779

3eTI OpenSSL Algorithm Implementation

Version 1.0.1-a (Firmware)
MPC8378E 12/13/2013 IKEv2( ( 1024 (SHA 1 , 256 , 384 , 512 ) ) ( 1536 (SHA 1 , 256 , 384 , 512 ) ) ( 2048 (SHA 256 , 384 , 512 ) ) SHA Val#1801 HMAC Val#1253

"Algorithms listed are used to provide encryption and authentication services within 3eTI networking products."

12/18/13: Updated implementation information;

168
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
McAfee, Inc.
2340 Energy Park Drive
St. Paul, MN 55108
USA

-Mark Hanson
TEL: 651-628-1633
FAX: 651-628-2701

McAfee Firewall Enterprise 32-bit Cryptographic Engine

Version 8.3.2 (Firmware)
Intel Atom; Intel Core i3; Intel Pentium; Intel Xeon 12/13/2013 IKEv1( AUTH( DSA , PKE , PSK ) ) ( 1024 (SHA 1 , 256 , 384 , 512 ) ) ( 185 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#2276 HMAC Val#1690
IKEv2( ( 1024 (SHA 1 , 256 , 384 , 512 ) ) ( 185 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#2276 HMAC Val#1690
TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#2276 HMAC Val#1690
SSH (SHA 1 , 256 , 384 , 512 ) SHA Val#2276
SNMP SHA1 Val#2276

"The McAfee Firewall Enterprise 32-bit Cryptographic Engine is a firmware library that provides cryptographic services for applications across several versions of the McAfee Firewall Enterprise Appliances."

167
Section 4.2,
TLS
SP800-135
Cavium, Inc.
2315 N. First Street
San Jose, CA 95131
USA

-Tasha Castañeda
TEL: 408 943-7380

Nitrox III TLS KDF

Version Nitrox III TLS KDF, 89547 (Firmware)
Part # Nitrox III Series Die 1.1
Cavium Nitrox III Series 12/13/2013 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#1780 HMAC Val#1233

"NITROX III chips implement SHA1/SHA2, 3DES/AES256 CBC, ModMul/ModEx/RSA, GCM and CTR modes, and SP800-90A DRBG. Perf: 5 to 30 Gbps encrypt/hash; 35K to 200K RSA 1024b ops/sec; 6K to 35K RSA 2048b ops/sec. NITROX III microcode also implements protocol-specific acceleration for IPSec and SSL."

166
Section 4.2,
TLS
SP800-135
Cavium, Inc.
2315 N. First Street
San Jose, CA 95131
USA

-Tasha Castañeda
TEL: 408 943-7380

Nitrox Px TLS KDF

Version Nitrox Px TLS KDF, 1.85 (Firmware)
Part # Nitrox Px Series Die, 1.2
Cavium Nitrox Px Series 12/13/2013 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#801 SHA Val#1379 HMAC Val#443 HMAC Val#1677

"NITROX PX implements algorithms in hardware in each of several identical processor cores: SHA and MD5 hash/HMAC, 3 DES/AES256 encryption, and ModMul/ModEx/RSA pkcs 1 v15. IPSec, SSL, and WLAN protocols are aslo accelerated. Performance ranges available: 500Mbps to 2.5 Gbps encryption and/or hash; 4K to 17K RSA ops/sec; 6K to 25K DH ops/sec."

01/30/14: Updated implementation information;

165
Section 4.2,
TLS
SP800-135
DragonWave, Inc.
600-411 Legget Drive
Ottawa, ON K2K3C9
Canada

-Justin Wintour
TEL: (613) 599-9991

-Ingrid Mag
TEL: (613) 599-9991

Dragonwave Secure Cryptographic Module for Horizon Quantum

Version 1.3 (Firmware)
Freescale MPC8313 12/13/2013 TLS( TLS1.0/1.1 ) SHA Val#2274 HMAC Val#1688

"The DragonWave Secure Cryptographic Module firmware implementation provides peer-to-peer TLS communications for the management path established between two Quantum radio links."

164
Section 4.2,
TLS
SP800-135
DragonWave, Inc.
600-411 Legget Drive
Ottawa, ON K2K3C9
Canada

-Justin Wintour
TEL: (613) 599-9991

-Ingrid Mag
TEL: (613) 599-9991

Dragonwave Secure Cryptographic Module for Horizon Compact+

Version 1.2.5 (Firmware)
Freescale MPC8313 12/13/2013 TLS( TLS1.0/1.1 ) SHA Val#2273 HMAC Val#1687

"The DragonWave Secure Cryptographic Module firmware implementation provides peer-to-peer TLS communications for the management path established between two Compact+ radio links."

163
Section 4.1.1,
IKEv1
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
WatchGuard Technologies, Inc.
505 Fifth Avenue South, Suite 500
Seattle, Washington 98104
USA

-Peter Eng
TEL: 206 613-6608
FAX: 206 613-0888

XTM Cryptographic Module

Version 11.6.5 (Firmware)
Intel E3 12/6/2013 IKEv1( AUTH( DSA , PSK ) ) ( 1024 (SHA 1 ) ) SHA Val#2033 HMAC Val#1464
TLS( TLS1.0/1.1 ) SHA Val#2033 HMAC Val#1464
SSH (SHA 1 ) SHA Val#2033
SNMP SHA1 Val#2033

"WatchGuard XTM security appliances are designed to protect organizations from various security and productivity threats, including viruses, network attacks, intrusion attempts, Trojan horses, harmful or counterproductive URLs, spam, and more, while also providing secure Virtual Private Network (VPN) connections among workplaces and remote users."

162
Section 4.1.1,
IKEv1
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Hewlett Packard Enterprise
153 Taylor Street
Littleton, MA 01460
USA

-Bob Pittman
TEL: 1-978-264-5211
FAX: 1-978-264-5522

HP Comware

Version 5.2 (Firmware)
P1020, 800 Mhz, PowerPC; XLP432, 1.4 Ghz, MIPS; XLR 732, 950 Mhz, MIPS; XLS208, 750 Mhz, MIPS 11/29/2013 IKEv1( AUTH( DSA , PSK ) ) ( 1024 (SHA 1 ) ) SHA Val#2266 HMAC Val#1680
TLS( TLS1.0/1.1 ) SHA Val#2266 HMAC Val#1680
SSH (SHA 1 ) SHA Val#2266
SNMP SHA1 Val#2266

"Comware cryptographic library is a software library that provides cryptographic functions within HP devices."

161
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

Brocade FCX 624/648 and ICX 6610 Series

Version BRCD-IP-Crypto-Ver-3.0 (Firmware)
Freescale MPC8544E, 800 MHz 11/29/2013 TLS( TLS1.0/1.1 ) SHA Val#2265 HMAC Val#1679
SSH (SHA 1 ) SHA Val#2265

"The Brocade cryptographic library used in Brocade IP products implements crypto operations in software. The Brocade ICX6610 delivers wire-speed, non-blocking performance across all ports to support latency-sensitive. The Brocade FCX Series offers a comprehensive line of switches with specific models optimized for campus and data center deployment."

160
Section 4.2,
TLS
SP800-135
Sony Corporation
1-7-1 Konan
Minato-ku, Tokyo 108-0075
Japan

-Hirotaka Kondo
TEL: +81 50 3140 9888
FAX: +81 50 3809 1421

-Shigeki Yamamoto
TEL: +81 50 3140 9131
FAX: +81 50 3809 1421

Sony IMB TLSKDF Core-S

Version 1.0.1 (Firmware)
RENESAS SH-4A 11/29/2013 TLS( TLS1.0/1.1 ) SHA Val#1364 HMAC Val#902

"Sony IMB TLSKDF Core-S is the firmware module for digital cinema system."

159
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

Brocade ICX 6450 and ICX 6450-C12 Series

Version BRCD-IP-Crypto-Ver-3.0 (Firmware)
ARM ARMv5TE, 800 MHz 11/22/2013 TLS( TLS1.0/1.1 )
SSH (SHA 1 )

"The Brocade cryptographic library used in Brocade IP products implements crypto operations in software. Brocade ICX6450 switches deliver enterprise-class stackable switching at an entry-level price."

158
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

Brocade FIPS Crypto Library

Version v7.2.0 (Firmware)
Power PC 8548 and 440GX 11/22/2013 TLS( TLS1.0/1.1 ) SHA Val#749 HMAC Val#933
SSH (SHA 1 , 256 ) SHA Val#749

"The Brocade cryptographic library used in Brocade Fabric OS products implements crypto operations in software."

157
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

Brocade FIPS Crypto Library

Version v7.2.0 (Firmware)
AMCC PPC440EPX 11/22/2013 TLS( TLS1.0/1.1 ) SHA Val#1408 HMAC Val#934
SSH (SHA 1 ) SHA Val#1408

"The Brocade cryptographic library used in Brocade Fabric OS products implements crypto operations in software."

156
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

Brocade SX800/SX1600 Series

Version BRCD-IP-Crypto-Ver-3.0 (Firmware)
Freescale P3041E, 1.5 GHz 11/22/2013 TLS( TLS1.0/1.1 ) SHA Val#2259 HMAC Val#1675
SSH (SHA 1 ) SHA Val#2259

"The Brocade cryptographic library used in Brocade IP products implements crypto operations in software. The FastIron SX Series extends control from the network edge to the core with intelligent network services, such as Quality of Service (QoS) and provides a scalable, secure, low-latency, and fault-tolerant IP services solution for 1GbE and 10 GbE enterprise deployments."

155
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

Brocade ICX 7750

Version BRCD-IP-Crypto-Ver-3.0 (Firmware)
Freescale P2041, 1.5GHz 11/22/2013 TLS( TLS1.0/1.1 ) SHA Val#2258 HMAC Val#1674
SSH (SHA 1 ) SHA Val#2258

"The Brocade cryptographic library used in Brocade IP products implements crypto operations in software. The Brocade ICX 7750 is an Ethernet switch for campus LAN aggregation and classic Ethernet data center Top of Rack (ToR) environments."

154
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

Brocade ICX 6650

Version BRCD-IP-Crypto-Ver-3.0 (Firmware)
Freescale MPC8544E, 800 MHz 11/22/2013 TLS( TLS1.0/1.1 ) SHA Val#2257 HMAC Val#1673
SSH (SHA 1 ) SHA Val#2257

"The Brocade cryptographic library used in Brocade IP products implements crypto operations in software. The Brocade ICX 6650 is an Ethernet switch for campus LAN aggregation and classic Ethernet data center Top of Rack (ToR) environments."

153
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134
USA

-Global Certification Team

CiscoSSL FIPS Object Module (Assembler)

Version 4.1
ARM Cortex-A9 w/ Android 4.0; Intel Xeon w/ Windows 7; Freescale PowerPC-e500 w/ Linux 2.6; Intel Xeon with AES-NI w/ Windows 7; Cavium Octeon MIPS64 w/ Linux 2.6; Intel Xeon w/ Linux 2.6; Intel Xeon with AES-NI w/ Linux 2.6 11/22/2013 Curves tested: P-256   P-384   P-521
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#153.

"The Cisco FIPS Object Module is a software library that provides cryptographic services to a vast array of Cisco''s networking and collaboration products."

152
Section 4.1.1,
IKEv1
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Hewlett Packard Enterprise Company
1344 Crossman Ave
Sunnyvale, CA 94089
USA

-Steve Weingart
TEL: 512-319-2480
FAX: 408-227-4550

ArubaOS OpenSSL Module

Version ArubaOS 6.3 (Firmware)
Qualcomm Atheros AR7161; Qualcomm Atheros AR7242; Cavium CN5010; Marvell 88F6560; Qualcomm Atheros QCA9344; Qualcomm Atheros QCA9550; Broadcom XLP416; Broadcom XLP432; Broadcom XLR732; Broadcom XLR508; Broadcom XLR516; Broadcom XLR532; Broadcom XLS204; Broadcom XLS408; Freescale QorIQ P1020 11/22/2013 IKEv1( AUTH( DSA , PSK ) ) ( 1024 (SHA 1 , 256 , 384 ) ) ( 2048 (SHA 256 , 384 ) ) SHA Val#2249 HMAC Val#1666
TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#2249 HMAC Val#1666
SSH (SHA 1 ) SHA Val#2249
SNMP SHA1 Val#2249

"The Aruba MOVE Architecture forms the core network infrastructure for supporting mobile and wireless computing devices. The system enables enterprise-scale 802.11 wireless LANs (Wi-Fi), secure remote VPNs, and mobility-optimized wired networks.."

01/12/16: Updated vendor information;

151
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134
USA

-Global Certification Team

CiscoSSL FIPS Object Module

Version 4.1
Cavium Octeon MIPS64 w/ Linux 2.6; Intel Xeon w/ FreeBSD 9.0; Intel Xeon with AES-NI w/ Windows 8.1; Intel Xeon w/ Windows 8.1 11/22/2013 Curves tested: P-256   P-384   P-521
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#151.

"The Cisco FIPS Object Module is a software library that provides cryptographic services to a vast array of Cisco''s networking and collaboration products."

07/31/15: Added new tested information;

150
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
SP800-135
Hewlett Packard Enterprise Company
1344 Crossman Ave
Sunnyvale, CA 94089
USA

-Steve Weingart
TEL: 512-319-2480
FAX: 408-227-4550

ArubaOS Crypto Module

Version ArubaOS 6.3 (Firmware)
Broadcom XLS204; Broadcom XLS408; Broadcom XLR508; Broadcom XLR516; Broadcom XLR532; Broadcom XLR732; Broadcom XLP416; Broadcom XLP432; Qualcomm Atheros AR7242; Qualcomm Atheros AR7161; Qualcomm Atheros QCA9550; Cavium CN5010; Marvell 88F6560; Qualcomm Atheros QCA9344; Freescale QorIQ P1020 11/15/2013 IKEv1( AUTH( DSA , PSK ) ) ( 1024 (SHA 1 , 256 , 384 ) ) ( 2048 (SHA 256 , 384 ) ) SHA Val#2246 HMAC Val#1663
IKEv2( ( 1024 (SHA 1 , 256 , 384 ) ) ( 2048 (SHA 256 , 384 ) ) SHA Val#2246 HMAC Val#1663

"The Aruba MOVE Architecture forms the core network infrastructure for supporting mobile and wireless computing devices. The system enables enterprise-scale 802.11 wireless LANs (Wi-Fi), secure remote VPNs, and mobility-optimized wired networks."

01/12/16: Updated vendor information;

149
Section 4.1.1,
IKEv1
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Hewlett Packard Enterprise
153 Taylor Street
Littleton, MA 01460
USA

-Bob Pittman
TEL: 1-978-264-5211
FAX: 1-978-264-5522

HP Comware

Version 5.2 (Firmware)
Freescale MPC8314, 333MHZ, PowerPC; Freescale P2020, 1.0GHz, PowerPC; Freescale P4080, 1.5GHZ, PowerPC; Broadcom XLR732, 1.0GHz, MIPS 11/15/2013 IKEv1( SHA Val#2245 HMAC Val#1662
TLS( TLS1.0/1.1 ) SHA Val#2245 HMAC Val#1662
SSH (SHA 1 ) SHA Val#2245
SNMP SHA1 Val#2245

"Comware cryptographic library is a software library that provides cryptographic functions within HP devices."

148
All of SP800-56A EXCEPT KDF
SP800-56A
Allegro Software Development Corporation
1740 Massachusetts Avenue
Boxborough, MA 01719
USA

-Alan Presser
TEL: +1 (978) 264-6600

Allegro Cryptographic Engine

Version 1.1.8
Intel Core 2 Duo E8400 w/ Windows 7 Ultimate (64-bit) 11/8/2013 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC DSA Val#810 SHS Val#2243 DRBG Val#430 AES Val#2671 AES Val#2671 HMAC Val#1661
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 ECDSA Val#465 SHS Val#2243 DRBG Val#430 AES Val#2671 AES Val#2671 HMAC Val#1661
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#148.

"The Allegro Cryptographic Engine (ACE) is a cryptographic library module for embedded computing systems. ACE provides software implementations of algorithms for calculations of message digests, digital signature creation and verification, bulk encryption and decryption, key generation and key exchange."

147
Section 4.1.1,
IKEv1
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Hewlett Packard Enterprise
153 Taylor Street
Littleton, MA 01460
USA

-Bob Pittman
TEL: 1-978-264-5211
FAX: 1-978-264-5522

HP Comware

Version 5.2 (Firmware)
Freescale P2020, 1000MHz, PowerPC 11/8/2013 IKEv1( AUTH( DSA , PSK ) ) SHA Val#2242 HMAC Val#1660
TLS( TLS1.0/1.1 ) SHA Val#2242 HMAC Val#1660
SSH (SHA 1 ) SHA Val#2242
SNMP SHA1 Val#2242

"Comware cryptographic library is a software library that provides cryptographic functions within HP devices."

146
Section 4.1.1,
IKEv1
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Hewlett Packard Enterprise
153 Taylor Street
Littleton, MA 01460
USA

-n/a

HP Comware

Version 7.1
MPC8544 w/ Comware V7.1; XLS408 w/ Comware V7.1 11/8/2013 IKEv1( AUTH( DSA , PSK ) ) ( 1024 (SHA 1 ) ) SHA Val#2238 HMAC Val#1656
TLS( TLS1.0/1.1 ) SHA Val#2238 HMAC Val#1656
SSH (SHA 1 ) SHA Val#2238
SNMP SHA1 Val#2238

"Comware cryptographic library is a software library that provides cryptographic functions within HP devices."

145
Section 4.1.1,
IKEv1
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
HP
153 Taylor Street
Littleton, MA 01460
USA

-Boby Joseph
TEL: 978-264-5379
FAX: 978-254-5522

HP Comware

Version 5.2
Broadcom BCM5836, 264MHz, MIPS w/ ComwareV5.2; Freescale MPC8349, 533MHZ, PowerPC w/ ComwareV5.2; Freescale MPC8544,667MHz,PowerPC w/ ComwareV5.2; Broadcom BCM112x, 600MHZ, MIPS w/ ComwareV5.2; RMI (Netlogic) XLS408,1GHz,MIPS w/ ComwareV5.2 11/8/2013 IKEv1( AUTH( DSA , PSK ) ) ( 1024 (SHA 1 ) ) SHA Val#2070 HMAC Val#1499
TLS( TLS1.0/1.1 ) SHA Val#2070 HMAC Val#1499
SSH (SHA 1 ) SHA Val#2070
SNMP SHA1 Val#2070

"Comware cryptographic library is a software library that provides cryptographic functions within HP devices."

144
Section 4.2,
TLS
SP800-135
A10 Networks, Inc.
3 West Plumeria Drive
San Jose, CA 95134
USA

-John Chiong
TEL: +1 408 325-8668

A10 Networks Data Plane TLS KDF FIPS Library CNN3550

Version 1.0 (Firmware)
Part # CNN3550
CNN3550 10/25/2013 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#2013 HMAC Val#1444

"The AX Series Advanced Traffic Manager is designed to meet the growing demands of Web sites, carriers and enterprises. The AX offers intelligent Layer 4-7 application processing capabilities with industry-leading performance and scalability to meet critical business requirements at competitive prices."

12/20/13: Updated implementation information;

143
Section 4.2,
TLS
SP800-135
A10 Networks, Inc.
3 West Plumeria Drive
San Jose, CA 95134
USA

-John Chiong
TEL: +1 408 325-8668

A10 Networks Data Plane TLS KDF FIPS Library CNN3530

Version 1.0 (Firmware)
Part # CNN3530
CNN3530 10/25/2013 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#2236 HMAC Val#1654

"The AX Series Advanced Traffic Manager is designed to meet the growing demands of Web sites, carriers and enterprises. The AX offers intelligent Layer 4-7 application processing capabilities with industry-leading performance and scalability to meet critical business requirements at competitive prices."

12/20/13: Updated implementation information;

142
Section 4.2,
TLS
SP800-135
A10 Networks, Inc.
3 West Plumeria Drive
San Jose, CA 95134
USA

-John Chiong
TEL: +1 408 325-8668

A10 Networks Data Plane TLS KDF FIPS Library CNN3510

Version 1.0 (Firmware)
Part # CNN3510
CNN3510 10/25/2013 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#2235 HMAC Val#1653

"The AX Series Advanced Traffic Manager is designed to meet the growing demands of Web sites, carriers and enterprises. The AX offers intelligent Layer 4-7 application processing capabilities with industry-leading performance and scalability to meet critical business requirements at competitive prices."

12/20/13: Updated implementation information;

141
Section 4.2,
TLS
SP800-135
A10 Networks, Inc.
3 West Plumeria Drive
San Jose, CA 95134
USA

-John Chiong
TEL: +1 408 325-8668

A10 Networks Data Plane TLS KDF FIPS Library CN1620

Version 1.0 (Firmware)
Part # CN 1620
CN1620 10/25/2013 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#1525 HMAC Val#1017

"The AX Series Advanced Traffic Manager is designed to meet the growing demands of Web sites, carriers and enterprises. The AX offers intelligent Layer 4-7 application processing capabilities with industry-leading performance and scalability to meet critical business requirements at competitive prices."

12/20/13: Updated impelementation information;

140
Section 4.2,
TLS
SP800-135
A10 Networks, Inc.
3 West Plumeria Drive
San Jose, CA 95134
USA

-John Chiong
TEL: +1 408 325-8668

A10 Networks Data Plane TLS KDF FIPS Library CN1615

Version 1.0 (Firmware)
Part # CN1615
CN1615 10/25/2013 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#1524 HMAC Val#1016

"The AX Series Advanced Traffic Manager is designed to meet the growing demands of Web sites, carriers and enterprises. The AX offers intelligent Layer 4-7 application processing capabilities with industry-leading performance and scalability to meet critical business requirements at competitive prices."

12/20/13: Updated impelementation information;

139
Section 4.2,
TLS
SP800-135
A10 Networks, Inc.
3 West Plumeria Drive
San Jose, CA 95134
USA

-John Chiong
TEL: +1 408 325-8668

A10 Networks Data Plane TLS KDF FIPS Library CN1610

Version 1.0 (Firmware)
Part # CN1610
CN1610 10/25/2013 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#2234 HMAC Val#1652

"The AX Series Advanced Traffic Manager is designed to meet the growing demands of Web sites, carriers and enterprises. The AX offers intelligent Layer 4-7 application processing capabilities with industry-leading performance and scalability to meet critical business requirements at competitive prices."

12/20/13: Updated implementation information;

138
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

FCX 624_648_ICX6610

Version BRCD-IP-CRYPTO-VER-2.0 (Firmware)
Freescale 8544E 10/25/2013 TLS( TLS1.0/1.1 ) SHA Val#2227 HMAC Val#1645
SSH (SHA 1 ) SHA Val#2227

"The Brocade cryptographic library used in Brocade IP products implements crypto operations in software. The Brocade ICx 6610 delivers wire-speed, non-blocking performance across all ports to support latency-sensitivity. The Brocade FCX Series offfers a comprehensive line of switches with specific models optimized for campus and data center deployments. "

11/08/13: Updated implementation information;

137
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

Brocade ICX 6450 and ICX 6450-C12 Series

Version BRCD-IP-CRYPTO-VER-2.0 (Firmware)
ARMv5TE, 800 MHz 10/25/2013 TLS( TLS1.0/1.1 ) SHA Val#2226 HMAC Val#1644
SSH (SHA 1 ) SHA Val#2226

"The Brocade cryptographic library used in Brocade IP products implements crypto operations in software. Brocade ICX6450 switches deliver enterprise-class stackable switching at an entry-level price."

136
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

Brocade SX800/SX1600 Series

Version BRCD-IP-CRYPTO-VER-2.0 (Firmware)
Freescale P3041E, 1.5 GHz 10/25/2013 TLS( TLS1.0/1.1 ) SHA Val#2225 HMAC Val#1643
SSH (SHA 1 ) SHA Val#2225

"The Brocade cryptographic library used in Brocade IP products implements crypto operations in software. The FastIron SX Series extends control from the network edge to the core with intelligent network services, such as Quality of Service (QoS) and provides a scalable, secure, low-latency and fault-tolerant IP services solution for 1 GbE and 10 GbE enterprise deployments."

135
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

FIPS 140-2 Certification for Brocade ICX 6650

Version BRC-IP-CRYPTO-VER-2.0 (Firmware)
Freescale MPC8544E, 800 MHz 10/25/2013 TLS( TLS1.0/1.1 ) SHA Val#2224 HMAC Val#1642
SSH (SHA 1 ) SHA Val#2224

"The Brocade ICX 6500 Switch is a compact Ethernet switch that delivers industry-leading 10/40 GbE density."

134
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-8101
FAX: 408-333-8101

FIPS 140-2 Certification for Brocade MLXe and CER 2000 Series

Version BRCD-IP-CRYPTO-VER-2.0-0131131200 (Firmware)
Freescale MPC 7447A, RISC, 1000MHz 10/25/2013 TLS( TLS1.0/1.1 ) SHA Val#2221 HMAC Val#1639
SSH (SHA 1 ) SHA Val#2221

"The Brocade cryptographic library used in Brocade IP products implements crypto operations in software. The Brocade MLX Series and NetIron CER 2000 Series provide industry-leading wire-speed port capacity without compromising the performance of advanced capabilities such as IPv6, MPLS and MPLS Virtual Private Networks (VPNs)."

11/08/13: Updated implementation information;

133
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

FIPS 140-2 Certification for Brocade MLXe and CER 2000 Series

Version BRCD-IP-CRYPTO_VER-2.0 (Firmware)
Freescale MPC8544, PowerQUICC III, 800 MHz 10/25/2013 TLS( TLS1.0/1.1 ) SHA Val#2223 HMAC Val#1641
SSH (SHA 1 ) SHA Val#2223

"The Brocade cryptographic library used in Brocade IP products implements crypto operations in software. The Brocade MLX Series and NetIron CER 2000 Series provide industry-leading wire-speed port capacity without compromising the performance of advanced capabilities such as IPv6, MPLS and MPLS Virtual Private Networks (VPNs). "

132
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

FIPS 140-2 Certification for Brocade MLXe and CER 2000 Series

Version BRCD-IP-CRYPTO-VER-2.0 (Firmware)
Freescale MPC7448, RISC, 1700 MHz 10/25/2013 TLS( TLS1.0/1.1 ) SHA Val#2222 HMAC Val#1640
SSH (SHA 1 ) SHA Val#2222

"The Brocade cryptographic library used in Brocade IP products implements crypto operations in software. The Brocade MLX Series and NetIron CER 2000 Series provide industry-leading wire-speed port capacity without compromising the performance of advanced capabilities such as IPv6, MPLS and MPLS Virtual Private Networks (VPNs)."

131
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

Brocade FIPS Crypto Library

Version NOS 4.0.1 (Firmware)
Part # Freescale e500mc
Freescale e500mc 10/25/2013 TLS( TLS1.0/1.1 ) SHA Val#1966 HMAC Val#933
SSH (SHA 1 , 256 ) SHA Val#1966

"The Brocade cryptographic library used in Brocade Network OS products implements crypto operations in software."

130
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

Brocade FIPS Crypto Library

Version NOS 4.0.1 (Firmware)
Part # Freescale e500mc
Freescale e500mc 10/25/2013 TLS( TLS1.0/1.1 ) SHA Val#1966 HMAC Val#933
SSH (SHA 1 , 256 ) SHA Val#1966

"The Brocade cryptographic library used in Brocade Network OS products implements crypto operations in software."

129
Section 4.2,
TLS
Section 5.4, SNMP
SP800-135
McAfee, Inc.
2340 Energy Park Drive
St. Paul, MN 55108
USA

-Mark Hanson
TEL: 651-628-1633
FAX: 651-628-2701

McAfee Firewall Enterprise 64-Bit Protocol Engine (Virtual)

Version 8.3
Intel Xeon w/ SecureOS running on Crossbeam XOS v9.9.0 10/25/2013 TLS( TLS1.0/1.1 ) SHA Val#1991 HMAC Val#1421
SNMP SHA1 Val#1991

"The McAfee Firewall Enterprise 64-Bit Protocol Engine (Virtual) provides implementations of secure communications protocols. This engine supports various applications running on virtual deployments of McAfee''s Firewall Enterprise appliance."

128
Section 4.2,
TLS
Section 5.4, SNMP
SP800-135
McAfee, Inc.
2340 Energy Park Drive
St. Paul, MN 55108
USA

-Mark Hanson
TEL: 651-628-1633
FAX: 651-628-2701

McAfee Firewall Enterprise 64-Bit Protocol Engine

Version 8.3 (Firmware)
Intel Xeon 10/25/2013 TLS( TLS1.0/1.1 ) SHA Val#1990 HMAC Val#1420
SNMP SHA1 Val#1990

"The McAfee Firewall Enterprise 64-Bit Protocol Engine provides implementations of secure communications protocols. This engine supports various applications running on McAfee''s Firewall Enterprise appliance."

127
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
McAfee, Inc.
2340 Energy Park Drive
St. Paul, MN 55108
USA

-Mark Hanson
TEL: 651-628-1633
FAX: 651-628-2701

McAfee Firewall Enterprise 32-Bit Protocol Engine (Virtual)

Version 8.3
Intel Xeon w/ SecureOS running on Crossbeam XOS v9.9.0 10/25/2013 IKEv1( AUTH( DSA , PKE , PSK ) ) ( 1024 (SHA 1 , 256 , 384 , 512 ) ) ( 2048 (SHA 256 , 384 , 512 ) ) SHA Val#1989 HMAC Val#1419
IKEv2( ( 1024 (SHA 1 , 256 , 384 , 512 ) ) ( 2048 (SHA 256 , 384 , 512 ) ) SHA Val#1989 HMAC Val#1419
TLS( TLS1.0/1.1 ) SHA Val#1989 HMAC Val#1419
SSH (SHA 1 , 256 , 384 , 512 ) SHA Val#1989

"The McAfee Firewall Enterprise 32-Bit Protocol Engine (Virtual) provides implementations of secure communications protocols. This engine supports various applications running on virtual deployments of McAfee''s Firewall Enterprise appliance."

126
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
McAfee, Inc.
2340 Energy Park Drive
St. Paul, MN 55108
USA

-Mark Hanson
TEL: 651-628-1633
FAX: 651-628-2701

McAfee Firewall Enterprise 32-Bit Protocol Engine

Version 8.3 (Firmware)
Intel Xeon 10/25/2013 IKEv1( AUTH( DSA , PKE , PSK ) ) ( 1024 (SHA 1 , 256 , 384 , 512 ) ) ( 2048 (SHA 256 , 384 , 512 ) ) SHA Val#1988 HMAC Val#1418
IKEv2( ( 1024 (SHA 1 , 256 , 384 , 512 ) ) ( 2048 (SHA 256 , 384 , 512 ) ) SHA Val#1988 HMAC Val#1418
TLS( TLS1.0/1.1 ) SHA Val#1988 HMAC Val#1418
SSH (SHA 1 , 256 , 384 , 512 ) SHA Val#1988

"The McAfee Firewall Enterprise 32-Bit Protocol Engine provides implementations for secure communications protocols. This engine supports various applications running on McAfee''s Firewall Enterprise appliance."

125
Section 5.3, SRTP
SP800-135
Sonus Networks, Inc.
4 Technology Park Drive
Westford, MA 01886
USA

-Sandeep Kaushik
TEL: 1-855-GO-SONUS
FAX: 978-614-8101

-Nui Chan
TEL: 1-855-GO-SONUS
FAX: 978-614-8101

Sonus Cryptographic Media Processor

Version 1 (Firmware)
Cavium OCTEON Plus CN5860 10/25/2013 SRTP (AES 128 ) AES Val#2644

"Sonus Session Border Controller FIPS-validated cryptographic media module"

124
Section 5.7.1.2: ECC CDH Primitive
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-56A

SP800-135
Sonus Networks, Inc.
4 Technology Park Drive
Westford, MA 01886
USA

-Sandeep Kaushik
TEL: 1-855-GO-SONUS
FAX: 978-614-8101

-Nui Chan
TEL: 1-855-GO-SONUS
FAX: 978-614-8101

Sonus Cryptographic Library

Version 1
Intel Nehalem w/ Sonus Debian Linux 02.00.02-A026 10/25/2013 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571
TLS( TLS1.2 (SHA 256 ) ) SHA Val#2217 HMAC Val#1635
SSH (SHA 1 , 224 , 256 , 384 , 512 ) SHA Val#2217
SNMP SHA1 Val#2217
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#124.

"Sonus Session Border Controller FIPS-validated cryptographic software module"

123
Section 4.2,
TLS
SP800-135
Blue Coat Systems, Inc.
420 North Mary Avenue
Sunnyvale, California 94085-4121
USA

-Diana Robinson
TEL: 866-302-2628

Blue Coat SSL Visibility Appliance SV2800

Version 0.9.8
Intel E5620 Quad Core w/ Linux x86_64 10/25/2013 TLS( TLS1.0/1.1 ) SHA Val#2215 HMAC Val#1634

"The SSL Visibility Appliance is designed to detect SSL traffic and then under policy control to "inspect" the traffic. Inspection involves decrypting and re-encrypting the traffic to gain access to the clear text then passing this data to one or more associated security appliance(s) that need to see decrypted traffic."

122
Section 5.4, SNMP
SP800-135
Motorola Solutions, Inc.
6480 Via Del Oro
San Jose, CA 95119
USA

-Ashot Andreasyan
TEL: 408-826-3203
FAX: 408-528-2883

SNMP

Version 5.3.0.1 (Firmware)
Free Scale MPC-7457; Free Scale MPC-8568E 10/25/2013 SNMP SHA1 Val#2057

"SNMP Key Derivation function is used to derive shared secret keys for SNMP Common Agent in S6000 and GGM8000 network devices."

121
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134
USA

-Global Certification Team

CiscoSSL FIPS Object Module (Assembler)

Version 4.0
ARM Cortex-A9 w/ Android 4.0; Intel Xeon w/ Windows 7; Freescale PowerPC-e500 w/ Linux 2.6; Freescale PowerPC-e500 w/ Linux 2.6; Intel Xeon with AES-NI w/ Windows 7; Cavium Octeon MIPS64 w/ Linux 2.6; Intel Xeon w/ Linux 2.6; Intel Xeon with AES-NI w/ Linux 2.6 10/1/2013 Curves tested: P-224   P-256   P-384   P-521
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#121.

"The Cisco FIPS Object Module is a software library that provides cryptographic services to a vast array of Cisco''s networking and collaboration products."

120
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134
USA

-Global Certification Team

CiscoSSL FIPS Object Module

Version 4.0
Cavium Octeon MIPS64 w/ Linux 2.6; Intel Xeon w/ FreeBSD 9.0 10/1/2013 Curves tested: P-256   P-384   P-521
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#120.

"The Cisco FIPS Object Module is a software library that provides cryptographic services to a vast array of Cisco''s networking and collaboration products."

119
Section 5.2, SSH
SP800-135
A10 Networks, Inc.
3 West Plumeria Drive
San Jose, CA 95134
USA

-John Chiong
TEL: +1 408 325-8668

A10 Networks SSH KDF FIPS Library

Version 1.0.0 (Firmware)
Intel Xeon E5-2690; Intel Xeon E3-1230; Intel Xeon E3-1270 ;  Intel Xeon E5-1650; Intel Xeon E5-2687; Intel Xeon E5-2697 10/1/2013 SSH (SHA 1 ) SHA Val#1480

"The AX Series Advanced Traffic Manager is designed to meet the growing demands of Web sites, carriers and enterprises. The AX offers intelligent Layer 4-7 application processing capabilities with industry-leading performance and scalability to meet critical business requirements at competitive prices."

10/25/13: Added new tested information;
03/16/15: Added new tested information;

118
Section 5.4, SNMP
SP800-135
A10 Networks, Inc.
3 West Plumeria Drive
San Jose, CA 95134
USA

-John Chiong
TEL: +1 408 325-8668

A10 Networks SNMP KDF FIPS Library

Version 1.0.0 (Firmware)
Intel Xeon E5-2690; Intel Xeon E3-1230; Intel Xeon E3-1270 ;  Intel Xeon E5-1650; Intel Xeon E5-2687; Intel Xeon E5-2697; 10/1/2013 SNMP SHA1 Val#1480

"The AX Series Advanced Traffic Manager is designed to meet the growing demands of Web sites, carriers and enterprises. The AX offers intelligent Layer 4-7 application processing capabilities with industry-leading performance and scalability to meet critical business requirements at competitive prices."

10/25/13: Added new tested information;
03/16/15: Added new tested information;

117
Section 4.2,
TLS
SP800-135
A10 Networks, Inc.
3 West Plumeria Drive
San Jose, CA 95134
USA

-John Chiong
TEL: +1 408 325-8668

A10 Crypto Library

Version 1.0.0 (Firmware)
Intel Xeon E5-2690;Intel Xeon E3-1230; Intel Xeon E3-1270 ;  Intel Xeon E5-2687 10/1/2013 TLS( TLS1.0/1.1 ) SHA Val#1519 HMAC Val#1011

"The AX Series Advanced Traffic Manager is designed to meet the growing demands of Web sites, carriers and enterprises. The AX offers intelligent Layer 4-7 application processing capabilities with industry-leading performance and scalability to meet critical business requirements at competitive prices."

10/25/13: Added new tested information;
03/18/15: Added new tested information;

116
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
BlackBerry
295 Phillip Street
Waterloo, ON N2L3W8
Canada

-Security Certifications Team
TEL: 519-888-7465x72921
FAX: 905-507-4230

BlackBerry Cryptographic Algorithm Library

Version 6.1
Intel Xeon X5650 w/ CentOS 5.5 Linux 32-bit; Intel Xeon X5650 w/ CentOS 5.5 Linux 64-bit; Intel Xeon X5650 w/ Windows XP 32-bit; Intel Xeon X5650 w/ Windows XP 64-bit; ARMv7 w/ QNX Neutrino 8.0 9/30/2013 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#116.

"The BlackBerry Cryptographic Algorithm Library is a suite of cryptographic algorithms that provides advanced cryptographic functionality to systems running BlackBerry 10 OS and components of BlackBerry Enterprise Service 10."

115
Section 4.2,
TLS
SP800-135
Sony Corporation
1-7-1 Konan
Minato-ku, Tokyo 108-0075
Japan

-Hirotaka Kondo
TEL: +81 50 3140 9888
FAX: +81 50 3809 1422

Sony IMB TLSKDF Core-S

Version 1.0.0 (Firmware)
Renesas SH-4A w/ Linux kernel 2.6 9/27/2013 TLS( TLS1.0/1.1 ) SHA Val#1364 HMAC Val#902

"Sony IMB TLSKDF Core-S is the firmware module for digital cinema system."

114
Section 5.4, SNMP
SP800-135
Senetas Corporation Ltd. and SafeNet Inc.
Level 1, 11 Queens Road
Melbourne, Victoria 3004
Australia

-John Weston
TEL: +61 3 9868 4555
FAX: +61 3 9821 4899

-Chris Brych
TEL: +1 613 221 5081
FAX: +1 613 723 5079

CS Series Common Crypto Library

Version 0.98 (Firmware)
AMD Geode LX800; Intel Core 2 Duo LGA775 9/27/2013 SNMP SHA1 Val#2176

"The CS Series Common Crypto Library Module provides FIPS 140-2 approved cryptographic algorithms for the CS10 and CS100 Encryptors. Based upon OpenSSL the Library provides an Application Programming Interface (API) to support security relevant services. "

09/30/13: Updated vendor information;

113
Section 5.4, SNMP
SP800-135
Senetas Corporation Ltd. and SafeNet Inc.
Level 1, 11 Queens Road
Melbourne, Victoria 3004
Australia

-John Weston
TEL: +61 3 9868 4555
FAX: +61 3 9821 4899

-Chris Brych
TEL: +1 613 221 5081
FAX: +1 613 723 5079

CN6000 Series Common Crypto Library

Version 0.98 (Firmware)
Intel ATOM 9/27/2013 SNMP

"The CN6000 Series Common Crypto Library Module provides FIPS 140-2 approved cryptographic algorithms for CN6000 Series Encryptors. Based upon OpenSSL the Common Crypto Library provides an Application Programming Interface (API) to support security relevant services."

09/30/13: Updated vendor information;

112
Section 5.4, SNMP
SP800-135
Senetas Corporation Ltd. and SafeNet Inc.
Level 1, 11 Queens Road
Melbourne, Victoria 3004
Australia

-John Weston
TEL: +61 3 9868 4555
FAX: +61 3 9821 4899

-Chris Brych
TEL: +1 613 221 5081
FAX: +1 613 723 5079

CN1000 and CN3000 Series Common Crypto Library

Version 0.98 (Firmware)
Freescale MPC8280 9/27/2013 SNMP SHA1 Val#2178

"The CN1000 and CN3000 Series Common Crypto Library Module provides FIPS 140-2 approved cryptographic algorithms for the CN1000 and CN3000 Series Encryptors. Based upon OpenSSL the Library provides an Application Programming Interface (API) to support security relevant services. "

09/30/13: Updated vendor information;

111
All of SP800-56A EXCEPT KDF
SP800-56A
Entrust, Inc.
One Lincoln Centre
5400 LBJ Freeway
Suite 1340
Dallas, TX 75240
USA

-Greg Wetmore
TEL: 613-270-2773
FAX: 613-270-3400

-Mark Joynes
TEL: 613-270-3134
FAX: 613-270-3400

Entrust Authority™ Security Kernel

Version 8.1Sp1 R2
Intel Core 2 Duo E8400 w/ Microsoft Windows Server 2008 R2 Enterprise Edition 9/27/2013 ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: DPV KPG Full Validation )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 OnePassDH: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 StaticUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 ECDSA Val#454 SHS Val#2206 RNG Val#1244 DRBG Val#405
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#111.

"The Security Kernel is a C++ implementation of cryptographic functions accessible by an object-oriented API. Depending on configuration, the algorithms may be implemented in software, hardware or both. The industry standard Cryptoki API from PKCS #11, is used as the interface to hardware-based cryptographic modules."

110
Section 4.2,
TLS
SP800-135
IBM
z/VM Design and Development
1701 North Street
Building 250-2
Endicott, NY 13760
U.S.

-Brian W. Hugenbruch
TEL: 607-429-3660

IBM z/VM 6.3 System SSL

Version 6.3 plus APAR PM95516
Part # 5741-A08
System z10 Enterprise Class processor w/ IBM z/VM V6.3 9/27/2013 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#2203 HMAC Val#1624

"z/VM System SSL provides cryptographic functions which allows z/VM to protect data using the SSL/TLS protocols. z/VM System SSL also enables administrators to create and manage X.509 V3 certificates and keys within key database files."

109
Section 5.4, SNMP
SP800-135
Motorola Solutions, Inc.
6480 Via Del Oro
San Jose, CA 95119
USA

-Udayan Borkar
TEL: 408-528-2361
FAX: 408-528-2903

-Colin Cooper
TEL: 408-528-2871
FAX: 408-528-2903

net-snmp

Version 5.3.0.1 (Firmware)
RMI XLR V0.4 9/27/2013 SNMP SHA1 Val#2201

"net-snmp is a third party source package. Keys are derived as per SP 800-135, Section 5.4."

108
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
SP800-135
Motorola Solutions, Inc.
6480 Via Del Oro
San Jose, CA 95119
USA

-Udayan Borkar
TEL: 408-528-2361
FAX: 408-528-2903

-Colin Cooper
TEL: 408-528-2871
FAX: 408-528-2903

Strongswan

Version 4.5 (Firmware)
RMI XLR V0.4 9/27/2013 IKEv1( AUTH( DSA , PSK ) ) ( 1024 (SHA 1 ) ) SHA Val#2201 HMAC Val#1623
IKEv2( ( 1024 (SHA 1 ) ) SHA Val#2201 HMAC Val#1623

"Strongswan is a third party source package. Keys are derived as per SP 800-135, Section 4.1.1 and Section 4.1.2."

107
Section 5.2, SSH
SP800-135
Motorola Solutions, Inc.
6480 Via Del Oro
San Jose, CA 95119
USA

-Udayan Borkar
TEL: 408-528-2361
FAX: 408-528-2903

-Colin Cooper
TEL: 408-528-2871
FAX: 408-528-2903

OpenSSH

Version 4.7 (Firmware)
RMI XLR V0.4 9/27/2013 SSH (SHA 1 , 256 ) SHA Val#2201

"OpenSSH is a third party open source package. Keys are derived as per SP 800-135, Section 5.2."

106
Section 4.2,
TLS
SP800-135
Motorola Solutions, Inc.
6480 Via Del Oro
San Jose, CA 95119
USA

-Udayan Borkar
TEL: 408-528-2361
FAX: 408-528-2903

-Colin Cooper
TEL: 408-528-2871
FAX: 408-528-2903

OpenSSL

Version 1.2.3 (Firmware)
RMI XLR V0.4 9/27/2013 TLS( TLS1.0/1.1 ) SHA Val#2201 HMAC Val#1623

"OpenSSL is a third party open source package which provides cryptographic services to userspace daemons. Version is openssl-fips-1.2.3. Userspace daemons (like RADIUS, openssh) use openssl crypto services. fips_mode_set() is invoked from respective daemon initialization functions."

105
All of SP800-56A EXCEPT KDF
SP800-56A
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134
USA

-Global Certification Team

IOS Common Cryptographic Module (IC2M) within Cat4K

Version Rel 1 (1.0.0) (Firmware)
Freescale MPC8572E 9/11/2013 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: Full Validation   Partial Validation   Key Regeneration )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FC SHS Val#2200 DRBG Val#403 AES Val#2624
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: Partial Validation Key Regeneration )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 ECDSA Val#452 SHS Val#2200 DRBG Val#403

"IOS Common Cryptographic Module within cat4k"

104
Section 4.2,
TLS
SP800-135
AFORE Solutions Inc.
2680 Queensview Drive
Unit 150
Ottawa, ON K2B 8J9
Canada

-Tim Bramble
TEL: 613-224-5995 ext 232
FAX: 613-224-5410

-Hans Johnsen
TEL: 613-224-5995 ext 257
FAX: 613-224-5410

CloudLink Crypto Module

Version 1.0
Intel Xeon E5-2420 w/ Linux Ubuntu 12.04 with VMWare ESXi 5.1.0 8/30/2013 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#2146 HMAC Val#1566

"The CloudLink Cryptographic Module is a general purpose cryptographic library which provides cryptographic services for all CloudLink application modules."

02/21/14: Updated implementation information;

103
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
McAfee, Inc.
2821 Mission College Blvd.
Santa Clara, CA 95054
USA

-Mark Hanson
TEL: +1 651 628 1633
FAX: +1 651 628 2706

McAfee Linux OpenSSL

Version 1.01
Xeon w/ MLOS v2.2 running on VMware ESXi 4.1; Xeon w/ MLOS v2.2 running on VMware ESXi 5.0 8/30/2013 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#2105 HMAC Val#1529
SSH (SHA 1 , 224 , 256 , 384 , 512 ) SHA Val#2105
SNMP SHA1 Val#2105

"McAfee Linux cryptographic modules provide cryptographic services for McAfee Linux and security appliance products built upon this platform. McAfee Linux is an operating system built with a focus on the needs of security appliances."

102
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
McAfee, Inc.
2821 Mission College Blvd.
Santa Clara, CA 95054
USA

-Mark Hanson
TEL: +1 651 628 1633
FAX: +1 651 628 2706

McAfee Linux OpenSSL

Version 1.01 (Firmware)
Celeron; Intel Core i3; Xeon 8/30/2013 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#2104 HMAC Val#1528
SSH (SHA 1 , 224 , 256 , 384 , 512 ) SHA Val#2104
SNMP SHA1 Val#2104

"McAfee Linux cryptographic modules provide cryptographic services for McAfee Linux and security appliance products built upon this platform. McAfee Linux is an operating system built with a focus on the needs of security appliances."

101
Section 5.4, SNMP
SP800-135
SafeNet, Inc.
4690 Millennium Drive
Belcamp, MD 21017
USA

-Stan Mesceda
TEL: 443-327-1582

-Chris Brych
TEL: 613-221-5081
FAX: 613-723-5079

SxE Cryptographic Library

Version 4.3 (Firmware)
Motorola Freescale MPC8280 (PPC32) 8/30/2013 SNMP

"The SxE Cryptographic Library provides cryptographic algorithms for the SxE family of products. Based on OpenSSL, the SxE Cryptographic Library exposes an Application Programming Interface (API) to support software based security relevant services within SafeNet''''s SxE product line."

100
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Harris Corporation
1680 University Avenue
Rochester, NY 14610
USA

-Robert Magnant
TEL: 585-242-3785
FAX: 585-241-8459

-Elias Theodorou
TEL: 585-242-3785
FAX: 585-241-8459

RF-7800W OU47x, OU49x, OU50x

Version 2.00 (Firmware)
Broadcom XLS108 8/29/2013 TLS( TLS1.0/1.1 ) SHA Val#2190 HMAC Val#1614
SSH (SHA 1 , 256 ) SHA Val#2190
SNMP SHA1 Val#2190

"This is a firmware library that provides the cryptographic functions used on Harris'' industry leading reliable, secure and high performance Broadband Ethernet Radio (BER) products: RF-7800W-OU50x, -OU47x, -OU49x."

99
Section 5.2, SSH
SP800-135
Motorola Solutions, Inc.
6480 Via Del Oro
San Jose, CA 95119
USA

-Ashot Andreasyan
TEL: 408-826-3203
FAX: 408-528-2883

Open SSH

Version 4.5.1 (Firmware)
Free Scale MPC-7457; Free Scale MPC-8568E 8/16/2013 SSH (SHA 1 ) SHA Val#2057

"SSH Key Derivation function is used to derive IVs and keys for encryption algorithms in GGM8000 and s6000 transport gateways."

08/27/13: Updated implementation information;

98
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
United States Special Operations Command (USSOCOM)
7701 Tampa Point Boulevard
MacDill Air Force Base, Florida 33621-5323
USA

-William W. Burnham
TEL: (813) 826-2282

Suite B Cryptographic Algorithms

Version 1.0
Intel Xeon E5530; Qualcomm Snapdragon S2 MSM8655 8/16/2013 Curves tested: P-224   P-256   P-384   P-521
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#98.

"KEYW, in coordination with the United States Special Operations Command (USSOCOM), has developed a Suite B-compliant, standards based, AES/GCM-256 layer of encrypted communications between a BlackBerry Enterprise Server (BES) and a BlackBerry Mobile Set (MS) with Elliptic Curve (EC) key exchange used to negotiate symmetric keys."

07/25/14: Updated implementation information;

97
Section 4.2,
TLS
SP800-135
Chrisite Digital Systems Canada, Inc.
809 Wellington Street North
Kitchener, ON N2G4Y7
CANADA

-Kevin Draper
TEL: 519-741-3741
FAX: 519-744-3912

Christie IMB Cryptographic Implementation -SM

Version SM_LIBSSL:101.3.0-3697 (Firmware)
Xilinx Spartan 6 (XCSLX45) 8/16/2013 TLS( TLS1.0/1.1 ) SHA Val#1788 HMAC Val#1241

"Christie Integrated Media Block"

96
Section 4.2,
TLS
SP800-135
Neopost Technologies, S.A.
113 Rue Jean Marin Naudin
BAGNEUX, 92220
France

-Nathalie TORTELLIER
TEL: 33 01 45 36 30 72
FAX: 33 01 45 36 30 10

Neopost PSD

Version 2.1.1 (Firmware)
Part # 4150859LB
Toshiba TMPR3912AU 8/16/2013 TLS( TLS1.0/1.1 ) SHA Val#629 HMAC Val#300

"Neopost Postal Secure Device"

95
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134
USA

-Global Certification Team

CiscoSSL FIPS Object Module (Assembler)

Version 2.1
ARMv7 w/ Android 4.0; PowerPC, Freescale's PowerQUICC III Processor Family w/ Linux 2.6 7/22/2013 Curves tested: P-256   P-384   P-521
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#95.

"The Cisco FIPS Object Module is a software library that provides cryptographic services to a vast array of Cisco''s networking and collaboration products."

94
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
whiteCryption Corporation
920 Stewart Drive
Suite #100
Sunnyvale, CA 94085
USA

-Alex Bessonov
TEL: 408-616-1647

whiteCryption SKB - RsaSigning2048

Version 4.6.0
Nvidia Tegra 4 w/ Android 4.2 5/24/2013 RSASP1: (Mod2048: PKCS1.5 )

"whiteCryption Secure Key Box (SKB) is a C/C++ library that provides cryptographic algorithms. SKB''s unique white-box implementation is specifically designed to hide and protect cryptographic keys at all times. It allows safe deployment in insecure environments."

93
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Certicom Corp.
4701 Tahoe Blvd.
Building A
Missisauga, ON L4W 0B5
Canada

-Certicom Sales
TEL: 1-905-507-4220
FAX: 1-905-507-4230

-Ian Laidlaw
TEL: 1-289-261-4277
FAX: 1-905-507-4230

Security Builder® FIPS Core

Version 6.1
Intel x86 (Xeon X5650) w/ CentOS Linux 32-bit; Intel x64 (Xeon X5650) w/ CentOS Linux 64-bit; Intel x86 (Xeon X5650) w/ Windows XP 32-bit; Intel x64 (Xeon X5650) w/ Windows XP 64-bit; ARMv7 w/ QNX Neutrino 8.0 7/15/2013 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#93.

"Security Builder® FIPS Core provides application developers with cryptographic tools to easily integrate encryption, digital signatures and other security mechanisms into C-based apps for FIPS 140-2 and Suite B security. It can also be used with Certicom''s PKI, IPSec and SSL modules."

92
Section 4.2,
TLS
SP800-135
Neopost Technologies, S.A.
113 Rue Jean Marin Naudin
BAGNEUX, 92220
France

-Nathalie Tortellier
TEL: +33 01 45 36 30 72
FAX: +33 01 45 36 30 10

Neopost PSD

Version A0018320A (Firmware)
Part # A0014227B
NXP LPC 3220 32-bit ARM microcontroller 7/5/2013 TLS( TLS1.0/1.1 ) SHA Val#2162 HMAC Val#1538

"Neopost Postal Secure Device (PSD) for low to high range of franking machines"

91
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Pulse Secure, LLC.
2700 Zanker Road, Suite 200
San Jose, CA 95134
USA

-Yvonne Sang
TEL: 408-372-9600

Secure Pulse Cryptographic Module

Version 1.0
Intel Pentium E2160 (x86) w/ IVE OS 1.1; Intel Xeon E5530 (x86) w/ IVE OS 1.1 on VMware ESX; Intel Xeon x5670 (x86) with AES-NI w/ IVE OS 1.1 on VMware ESXi; Intel Core i5-2430M (x86) 64-bit with AES-NI w/ Microsoft Windows 7; Intel Core i5-2430M (x86) 32-bit with AES-NI w/ Microsoft Windows 7; Intel Core i7-3615QM (x86) with AES-NI w/ OS X 10.8; Intel Xeon x5670 (x86) w/ IVE OS 1.1 on VMware ESXi; Intel Core i7-3615QM (x86) w/ OS X 10.8 7/5/2013 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#91.

"The Secure Pulse Cryptographic Module provides secure cryptographic services. It enables dynamic SSL VPN, NAC, mobile security, online meetings and collaboration, and application acceleration while removing the complexities of device type and security state, location, identity, and adherence to policies."

01/26/15: Updated vendor information;

90
All of SP800-56A EXCEPT KDF
SP800-56A
Thales E-Security Ltd
Jupiter House
Station Road
Cambridge, CB5 8JJ
UK

-Thales Certification Team
TEL: +44 1223 723600
FAX: +44 1223 723601

-Thales Sales
TEL: 888 744 4976

nShield Algorithm Library

Version 2.51.10 (Firmware)
Panther-I 820x Series Die 6/28/2013 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC OneFlow: (KARole: Initiator / Responder ) FB FC Static: (KARole: Initiator / Responder ) FB FC DSA Val#777
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 OnePassDH: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 StaticUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 ECDSA Val#181 SHS Val#1844 DRBG Val#232
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#90.

"The nShield algorithm library provides cryptographic functionality for Thales''s nShield Hardware Security Modules"

89
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
BlackBerry
295 Phillip Street
Waterloo, ON N2L3W8
Canada

-Eric Jen
TEL: +1 561-289-0214

BlackBerry Algorithm Library for Secure Work Space

Version 1.0
Intel Xeon 3430 w/ Ubuntu 12.04; Intel Xeon 3430 w/ Ubuntu 12.04 on ESXi 5.1; AMD Opteron 275 w/ Ubuntu 12.04; AMD Opteron 275 w/ Ubuntu 12.04 on ESXi 5.1; ARMv7-based A5 processor w/ iOS 5.0; ARM v7s -- Apple A6 w/ iOS 6.0; ARMv7-based Qualcomm Snapdragon processor w/ Android v4.1 6/28/2013 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#89.

"The BlackBerry Algorithm Library for Secure Work Space provides a suite of cryptographic services utilized by the BlackBerry Cryptographic Library for the BlackBerry Secure Work Space (BBSWS). BBSWS provides the secure operation and management of iOS and Android devices when used in conjunction with BlackBerry® mobile device management solutions."

88
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
OpenPeak, Inc.
1750 Clint Moore Road
Boca Raton, FL 33487
USA

-Eric Jen
TEL: +1 561-893-7881

-Howard A. Kwon
TEL: +1 561 893 7930
FAX: +1 561 208 8026

OpenPeak Cryptographic Security Module

Version 1.0.1
Intel Xeon 3430 w/ Ubuntu 12.04; Intel Xeon 3430 w/ Ubuntu 12.04 on ESXi 5.1; AMD Opteron 275 w/ Ubuntu 12.04; AMD Opteron 275 w/ Ubuntu 12.04 on ESXi 5.1; ARM v7 -- Apple A5 w/ iOS 5.0; ARMv7-based A6 processor w/ iOS 6.0; IARMv7-based Qualcomm Snapdragon processor w/ Android v4.1 6/20/2013 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#88.

"The OpenPeak Cryptographic Security Library provides advanced cryptographic functionalities for the OpenPeak Cryptographic Security Module (OCSM). The OCSM provides a secure encrypted container for enterprise-managed applications, content and data to enable a highly secure mobile workspace."

87
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Ultra Electronics 3eTI
9715 Key West Avenue, Suite 500
Rockville, MD 20850
USA

-Chris Guo
TEL: 301-944-1294
FAX: 301-670-6779

-Harinder Sood
TEL: 301-944-1325
FAX: 301-670-6779

3eTI OpenSSL Algorithm Implementation

Version 1.0.1-a (Firmware)
MPC8378E 6/7/2013 Curves tested: P-256   P-384   P-521

"Algorithms listed are used to provide encryption and authentication services within 3eTI networking products."

86
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
SonicWALL, Inc.
2001 Logic Drive
San Jose, CA 95124
USA

-Usha Sanagala
TEL: 408-962-6248
FAX: 408-745-9300

SonicOS 5.9.0 for NSA and TZ Series

Version 5.9.0 (Firmware)
Cavium Octeon Plus CN50XX; Cavium Octeon Plus CN56XX; Cavium Octeon Plus CN58XX 5/31/2013 IKEv1( AUTH( DSA , PSK ) ) ( 1024 (SHA 256 , 384 , 512 ) ) ( 2048 (SHA 256 , 384 , 512 ) ) SHA Val#1765 HMAC Val#1219
IKEv2( ( 1024 (SHA 256 , 384 , 512 ) ) ( 2048 (SHA 256 , 384 , 512 ) ) SHA Val#1765 HMAC Val#1219
TLS( TLS1.0/1.1 ) SHA Val#1765 HMAC Val#1219
SSH (SHA 1 ) SHA Val#1765
SNMP SHA1 Val#1765

"SonicWALL® Next-Generation Firewalls deliver superior gateway protection, inspection for SSL encrypted sessions, granular application intelligence and control. With SonicWALL Firewalls, IT can visualize applications running across a network-- allocating bandwidth for what''s essential and limiting or blocking what''s not."

85
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
OpenSSL Software Foundation, Inc.
1829 Mount Ephraim Road
Adamstown, MD 27101
USA

-Steve Marquess
TEL: 877-673-6775

OpenSSL FIPS Object Module

Version 2.0.5
Freescale i.MX27 926ejs (ARMv5TEJ) w/ eCos 3; Freescale i.MX25 (ARMv4) w/ QNX 6.4; Apple A6X Soc (ARMv7s) w/ iOS 6.1; Intel Xeon E3-1220 w/ VMware Horizon Workspace 1.5 under vSphere; Intel Xeon E3-1220 w/ AES-NI w/ VMware Horizon Workspace 1.5 under vSphere; AM335x Cortex-A8 (ARMv7) w/ Ubuntu 13.04; ARM926 (ARMv5TEJ) w/ Linux 3.8; AM335x Cortex-A8 (ARMv7) with NEON w/ Ubuntu 13.04; Intel Xeon E5-2430L (x86) without AES-NI w/ Linux 3.4 64-bit under Citrix XenServer; Intel Xeon E5-2430L (x86) with AES-NI w/ Linux 3.4 64-bit under Citrix XenServer; Intel Xeon E5-2430L (x86) without AES-NI w/ Linux 3.4 64-bit on under VMware ESX; Intel Xeon E5-2430L (x86) with AES-NI w/ Linux 3.4 64-bit under VMware ESX; Intel Xeon E5-2430L (x86) without AES-NI w/ Linux 3.4 64-bit under Microsoft Hyper-V; Intel Xeon E5-2430L (x86) with AES-NI w/ Linux 3.4 64-bit under Microsoft Hyper-V; Apple A5 / ARM Cortex-A9 (ARMv7) without NEON w/ iOS 6.0; Apple A5 / ARM Cortex-A9 (ARMv7) with NEON w/ iOS 6.0; Intel Xeon E5-2430L (x86) with AES-NI w/ PexOS 1.0 on x86 under vSphere; Intel Xeon E5-2430L (x86) without AES-NI w/ PexOS 1.0 on x86 under vSphere 5/31/2013 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#85.

"The OpenSSL FIPS Object Module is a full featured general purpose cryptographic library that is distributed in source code form under an open source license. It can be downloaded from www.openssl.org/source/."

08/06/13: Updated implementation information;
08/13/13: Added new tested information;
10/25/13: Added new tested information;
11/14/13: Added new tested information;
11/29/13: Updated implementation information;

84
Signature Generation of hash sized messages
FIPS186-4 ECDSA
whiteCryption Corporation
920 Stewart Drive
Suite #100
Sunnyvale, CA 94085
USA

-Alex Bessonov
TEL: 408-616-1647

whiteCryption SKB - Ecdsa521Component

Version 4.6.0
Nvidia Tegra 4 w/ Android 4.2 5/31/2013 ECDSA SigGen Component: CURVES( P-384 P-521 )

"whiteCryption Secure Key Box (SKB) is a C/C++ library that provides cryptographic algorithms. SKB''s unique white-box implementation is specifically designed to hide and protect cryptographic keys at all times. It allows safe deployment in insecure environments."

83
Signature Generation of hash sized messages
FIPS186-4 ECDSA
whiteCryption Corporation
920 Stewart Drive
Suite #100
Sunnyvale, CA 94085
USA

-Alex Bessonov
TEL: 408-616-1647

whiteCryption SKB - Ecdsa256Component

Version 4.6.0
Nvidia Tegra 4 w/ Android 4.2 5/31/2013 ECDSA SigGen Component: CURVES( P-224 P-256 )
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#83.

"whiteCryption Secure Key Box (SKB) is a C/C++ library that provides cryptographic algorithms. SKB''s unique white-box implementation is specifically designed to hide and protect cryptographic keys at all times. It allows safe deployment in insecure environments."

82
Section 4.2,
TLS
SP800-135
Oracle America, Inc.
500 Oracle Parkway
Redwood City, CA 94065
United States

-Linda Gallops
TEL: 704-972-5018
FAX: 704-321-9273

T10000C TLS

Version 2.1 (Firmware)
ARM 962EJS 5/31/2013 TLS( )

"The Oracle StorageTek T10000C Tape Drive blends the highest capacity, performance, reliability, and data security to support demanding, 24/7 data center operations. It delivers the world’s fastest write speeds to a native 5 TB of magnetic tape storage; making it ideal for data center operations with growing data volume."

81
Section 5.2, SSH
SP800-135
Juniper Networks, Inc
1194 N. Mathilda Ave
Sunnyvale, CA 94089
USA

-Sharath Sridhar
TEL: +91 80 30538736
FAX: +91 80 30538824

OpenSSL

Version Junos 12.1R6.6 (Firmware)
ARM v5, Marvell's Feroceon processor Family; PowerPC, Freescale's PowerQUICC III Processor Family 5/24/2013 SSH (SHA 1 , 256 , 384 , 512 ) SHA Val#2094

"Comprehensive, scalable switching solutions specifically designed to meet the needs of both enterprises and service providers. All of our switches - modular and fixed platforms - run on one common operating system- Junos."

80
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
whiteCryption Corporation
920 Stewart Drive
Suite #100
Sunnyvale, CA 94085
USA

-Alex Bessonov
TEL: 408-616-1647

whiteCryption SKB - Ecdh521

Version 4.6.0
Nvidia Tegra 4 w/ Android 4.2 5/24/2013 Curves tested: P-384   P-521

"whiteCryption Secure Key Box (SKB) is a C/C++ library that provides cryptographic algorithms. SKB''s unique white-box implementation is specifically designed to hide and protect cryptographic keys at all times. It allows safe deployment in insecure environments."

79
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
whiteCryption Corporation
920 Stewart Drive
Suite #100
Sunnyvale, CA 94085
USA

-Alex Bessonov
TEL: 408-616-1647

whiteCryption SKB - Ecdh256

Version 4.6.0
Nvidia Tegra 4 w/ Android 4.2 5/24/2013 Curves tested: P-224   P-256
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#79.

"whiteCryption Secure Key Box (SKB) is a C/C++ library that provides cryptographic algorithms. SKB''s unique white-box implementation is specifically designed to hide and protect cryptographic keys at all times. It allows safe deployment in insecure environments."

78
Section 4.2,
TLS
SP800-135
McAfee, Inc.
2821 Mission College Blvd.
Santa Clara, CA 95054
USA

-James Reardon
TEL: 651-628-5346

NSM - RSA BSAFE Crypto-J

Version 6.1.0.0.2
Intel Core 2 Quad (Intel 64 instruction set) w/ Microsoft Windows Server 2008 R2 5/24/2013 TLS( TLS1.0/1.1 ) SHA Val#2083 HMAC Val#1513

"McAfee Network Security Manager (NSM) is the management console for McAfee Network Security Platform IPS. The NSM gives admins control and real-time data, so that they can manage, configure, and monitor NSP. The NSM Application Crypto Module provides cryptographic services for the Network Security Manager application."

77
Section 4.2,
TLS
SP800-135
McAfee, Inc.
2821 Mission College Blvd.
Santa Clara, CA 95054
USA

-James Reardon
TEL: 651-628-5346

NSM OpenSSL

Version 1.6
Intel Core 2 Quad (Intel 64 instruction set) w/ Microsoft Windows Server 2008 R2 5/24/2013 TLS( TLS1.0/1.1 ) SHA Val#2082 HMAC Val#1512

"McAfee Network Security Manager (NSM) is the management console for McAfee Network Security Platform IPS. The NSM gives admins control and real-time data, so that they can manage, configure, and monitor NSP. The NSM Secure UI Crypto Module provides cryptography for serving the NSM console through a TLS session."

76
Section 4.2,
TLS
SP800-135
Axway Inc.
2600 Bridge Parkway Suite 201
Redwood City, California 94065
USA

-Prabhakar Mangam
TEL: 650-801-3157
FAX: 650-801-3101

-Anubhav Soni
TEL: 650-801-3217
FAX: 650-801-3101

Axway Security Kernel

Version 3.0
Intel Xeon E5-2620 w/ Microsoft Windows 2012 64bit; Intel Xeon E5-2620 w/ RHEL 6.3 64bit; Sun UltraSparc T1 w/ Solaris 10 64bit; 5/24/2013 TLS( TLS1.0/1.1 ) SHA Val#2080 HMAC Val#1510

"Axway Validation Authority Suite - a collection of products that provide flexible and robust OCSP/SCVP certificate validation solution for standard and custom desktop and server applications, supporting established security standards and technologies. These products may be used together or integrated with existing solutions."

75
Section 4.1.1,
IKEv1
Section 4.2,
TLS
SP800-135
Juniper Networks, Inc
1194 N. Mathilda Ave
Sunnyvale, CA 94089
USA

-Sharath Sridhar
TEL: +91 80 30538736
FAX: +91 80 30538824

SSH_IPSEC

Version Junos 12.1R6.6 (Firmware)
PowerPC, Freescale's PowerQUICC III Processor Family; ARM v5, Marvell's Feroceon processor Family 5/24/2013 IKEv1( AUTH( DSA , PKE , PSK ) ) ( 1024 (SHA 1 , 256 ) ) ( 2048 (SHA 256 ) ) SHA Val#2077 HMAC Val#1505
TLS( ) SHA Val#2077 HMAC Val#1505

"Comprehensive, scalable switching solutions specifically designed to meet the needs of both enterprises and service providers. All of our switches - modular and fixed platforms - run on one common operating system- Junos."

06/10/13: Updated implementation information;

74
Section 4.1.1,
IKEv1
SP800-135
Juniper Networks, Inc
1194 N. Mathilda Ave
Sunnyvale, CA 94089
USA

-Sharath Sridhar
TEL: +91 80 30538736
FAX: +91 80 30538824

QuickSec

Version Junos 12.1R6.6 (Firmware)
PowerPC, Freescale's PowerQUICC III Processor Family; ARM v5, Marvell's Feroceon processor Family 5/24/2013 IKEv1( AUTH( DSA , PKE , PSK ) ) ( 1024 (SHA 1 , 256 ) ) ( 2048 (SHA 256 ) ) SHA Val#2076 HMAC Val#1504

"Comprehensive, scalable switching solutions specifically designed to meet the needs of both enterprises and service providers. All of our switches - modular and fixed platforms - run on one common operating system- Junos."

06/10/13: Updated implementation information;

73
Section 4.2,
TLS
SP800-135
Aviat Networks
5200 Great America Parkway
Santa Clara, California 95054
USA

-Ruth French
TEL: +44 1698 717200

Secure Management

Version 7.7 (Firmware)
Motorola MPC866 5/10/2013 TLS( TLS1.0/1.1 ) SHA Val#2075 HMAC Val#1503

"Eclipse Intelligent Node Unit (INUe). The module provides data security by encrypting the payload traffic on the microwave link between up to three radios. It also provides the Strong Encryption Suite for secure module management and uses AES encryption to secure SNMP v3 management traffic."

72
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Samsung Electronics Co., Ltd
R4 416, Maetan 3-dong, Yeongtong-gu
Suwon-si, Gyeonggi-do 443-742
Korea

-Kyung-Hee Lee
TEL: +82-10-9397-1589

Samsung OpenSSL Cryptographic Module

Version SecOpenSSL2.0.3
ARMv7 w/ Android Jelly Bean 4.2 5/10/2013 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#72.

"General purpose cryptographic services available for Android used by Samsung devices to provide secure cryptography. Salt length 0, 1 and 2 has been tested for RSASSA-PSS."

01/16/14: Updated implementation information;

71
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
OpenSSL Software Foundation, Inc.
1829 Mount Ephraim Road
Adamstown, MD 27101
USA

-Steve Marquess
TEL: 877-673-6775

OpenSSL FIPS Object Module

Version 2.0.4
MIPS 24Kc w/ OpenWRT 2.6 4/30/2013 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#71.

"The OpenSSL FIPS Object Module is a full featured general purpose cryptographic library that is distributed in source code form under an open source license. It can be downloaded from www.openssl.org/source/."

70
Section 4.1.1,
IKEv1
SP800-135
Lexmark International, Inc.
740 West New Circle Road
Lexington, KY 40550
USA

-Graydon Dodson
TEL: (859) 232-6483

Crypto Module (user)

Version 2.10
Marvell 88PA6170C1 (ARMv7 dual core) w/ Lexmark Linux v3.0.0 4/23/2013 IKEv1( ( 1024 (SHA 256 , 512 ) ) ( 2048 (SHA 256 , 512 ) ) SHA Val#2049 HMAC Val#1479

"The Crypto Module (user/kernel) provides cryptographic services to the firmware in Lexmark products."

69
Section 5.4, SNMP
SP800-135
Motorola Solutions, Inc.
6480 Via Del Oro
San Jose, CA 95119
USA

-Udayan Borkar
TEL: 408-528-2361
FAX: 408-528-2903

-Colin Cooper
TEL: 408-528-2871
FAX: 408-528-2903

net-snmp

Version 5.3.0.1 (Firmware)
Cavium Octeon Plus CN5000 Family 4/12/2013 SNMP SHA1 Val#2048

"net-snmp"

68
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
SP800-135
Motorola Solutions, Inc.
6480 Via Del Oro
San Jose, CA 95119
USA

-Udayan Borkar
TEL: 408-528-2361
FAX: 408-528-2903

-Colin Cooper
TEL: 408-528-2871
FAX: 408-528-2903

Strongswan

Version 4.5 (Firmware)
Cavium Octeon Plus CN5000 Family 4/12/2013 IKEv1( AUTH( DSA , PSK ) ) ( 1024 (SHA 1 ) ) SHA Val#2048 HMAC Val#1478
IKEv2( ( 1024 (SHA 1 ) ) SHA Val#2048 HMAC Val#1478

"Strongswan"

67
Section 5.2, SSH
SP800-135
Motorola Solutions, Inc.
6480 Via Del Oro
San Jose, CA 95119
USA

-Udayan Borkar
TEL: 408-528-2361
FAX: 408-528-2903

-Colin Cooper
TEL: 408-528-2871
FAX: 408-528-2903

Openssh

Version 4.7 (Firmware)
Cavium Octeon Plus CN5000 Family 4/12/2013 SSH (SHA 1 , 256 ) SHA Val#2048

"Openssh"

66
Section 4.2,
TLS
SP800-135
Motorola Solutions, Inc.
6480 Via Del Oro
San Jose, CA 95119
USA

-Udayan Borkar
TEL: 408-528-2361
FAX: 408-528-2903

-Colin Cooper
TEL: 408-528-2871
FAX: 408-528-2903

OpenSSL

Version 1.2.3 (Firmware)
Cavium Octeon Plus CN5000 Family 4/12/2013 TLS( TLS1.0/1.1 ) SHA Val#2048 HMAC Val#1478

"OpenSSL is a third party open source code, which provides cryptographic services to user space daemons. The device uses openssl-fips-1.2.3 version. Wing5 userspace daemons (RADIUS, ntp, openssh, rim, net-snmp, mapsh, etc) using openssl crypto services call fips_mode_set() from their respective initialization functions."

65
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Riverbed Technology, Inc.
199 Fremont Street
San Francisco, CA 94105
USA

-Joe Tomasello
TEL: 415-344-5756

-Andy Pang
TEL: 415-247-7341

Riverbed Cryptographic Security Module

Version 1.0
Intel Xeon (x86-64) w/ RiOS 8.0 32-bit; Intel Xeon (x86-64) w/ RiOS 8.0 64-bit; Intel Xeon E3-1220v2 (x86_64) w/ RiOS 8.0 64-bit running on VMware ESXi 5.1; Intel Xeon E3-1220v2 (x86_64) w/ AES-NI w/ RiOS 8.0 64-bit running on VMware ESXi 5.1; Intel Xeon E3-1220v2 (x86_64) w/ Stingray OS 4.0 running on VMware ESXi 5.1; Intel Xeon E3-1220v2 (x86_64) w/ AES-NI w/ Stingray OS 4.0 running on VMware ESXi 5.1; Intel Xeon E31220 (x86_64) w/ AES-NI w/ RiOS 8.0 64-bit; AMD Opteron 4122 (x86_64) w/ Granite OS 2.0; Intel Xeon E31220 (x86_64) w/ Granite OS 2.0 on VMware ESXi 5.1; Intel Xeon E31220 (x86_64) w /AES-NI w/ Granite OS 2.0 on VMware ESXi 5.1; Intel Xeon E5620 w/ Whitewater OS 3.0; Intel Xeon E5620 with AES-NI w/ Whit; ewater OS 3.0; Intel Xeon E31220 (x86) w/ Whitewater OS 3.0 under VMware ESXi 5.1; Intel Xeon E31220 (x86) with AES-NI w/ Whitewater OS 3.0 under VMware ESXi 5.1; AMD Opteron 2376 w/ Interceptor OS 4.5 ;  Intel Xeon E31220 w/ RiOS 8.6 32-bit; Intel Xeon E31220 w/ RiOS 8.6 64-bit; Intel Xeon E5-2430L w/ RiOS 8.6 64-bit under VMware ESXi 5.1; Intel Xeon E5-2430L with AES-NI w/ RiOS 8.6 64-bit under VMware ESXi 5.1; Intel Xeon E31220 with AES-NI w/ RiOS 8.6 64-bit; Intel Xeon w/ Steelhead Mobile Controller 4.6; Intel Xeon with AES-NI w/ Steelhead Mobile Controller 4.6; Intel Xeon E5-2430L w/ Steelhead Mobile Controller 4.6 under VMware ESXi 5.1; Intel Xeon E5-2430L with AES-NI w/ Steelhead Mobile Controller 4.6 under VMware ESXi 5.1 4/12/2013 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"The Riverbed Cryptographic Security Module provides the cryptographic functionality for a variety of Riverbed''s platforms including Steelhead and Granite appliances. These network appliances deliver a scalable Wide Area Data Services (WDS) solution, transparently and securely optimizing performance across an enterprise network"

08/28/13: Added new tested information;
12/13/13: Added new tested information;
09/10/14: Added new tested information;
09/17/14: Added new tested information;

64
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Cummings Engineering Consultants, Inc.
145 S. 79th St., Suite 26
Chandler, AZ 85226
USA

-Darren Cummings
TEL: 480-809-6024

Cummings Engineering's Secure Mobility Suite B Crypto Module

Version 1.1
ARM Cortex A8 (ARMv7) w/ Apple iOS 5.0; Intel Core i7-3615QM w/ Apple OS X 10.7 4/5/2013 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#64.

"The cryptographic module used by the Cummings Engineering suite of products which allow for efficient and effective deployment of robust secure communications capability on commercial off the shelf (COTS) devices, such as Smartphones and Tablets, as well as speciality communications devices."

63
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
CoCo Communications
800 5th Ave
Seattle, WA 98104
USA

-David Weidenkopf
TEL: 206-812-5783

CoCo OpenSSL Algorithms for Intel x86

Version 2.1
x86 32bit w/ Vyatta 6.4 4/5/2013 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#63.

"The CoCo OpenSSL Crypto Module is an OpenSSL cryptographic library that provides cryptographic services to its calling applications."

03/31/14: Updated implementation information;

62
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
CoCo Communications
800 5th Ave
Seattle, WA 98104
USA

-David Weidenkopf
TEL: 206-812-5783

CoCo OpenSSL Algorithms for AMD Geode

Version 2.1
AMD Geode 32bit w/ Red Hat Enterprise Linux 6 4/5/2013 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#62.

"The CoCo OpenSSL Crypto Module is an OpenSSL cryptographic library that provides cryptographic services to its calling applications."

04/30/13: Updated implementation information;
03/31/14: Updated implementation information;

61
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Toshiba Corporation Social Infrastructure Systems Company
1, Komukai, Toshiba-cho, Saiwai-ku
Kawasaki, Kanagawa 212-8583
Japan

-Hiroki Fukuoka
TEL: +81-44-549-8323

TSBIC CryptoLib

Version 1.0.0
Intel Core i7 w/ Windows 7 Professional 32-bit 3/29/2013 Curves tested: P-224   P-256   P-384   P-521
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#61.

"TSBIC CryptoLib is a general-purpose library which ensures high security to the applications requiring standard cryptographic algorithms."

60
Section 4.2,
TLS
SP800-135
ChaseSun Information Security Technology Development (Bejing)., Ltd.
Building B, Shumazhuangyuan
No. 1 Disheng West Street, BDA
Beijing, 100176
P.R. China

-Peng Sun
TEL: +86 10 87129374
FAX: +86 10 87129374

DCI Audio/Video Decoder Card Crypto Library

Version 1.0 (Firmware)
Marvell 88AP303 3/29/2013 TLS( TLS1.0/1.1 ) SHA Val#1550 HMAC Val#1037

"DCI Audio/Video Decoder Card Crypto Library implements the cryptographic algorithms such as AES, HMAC, RSA, SHA and RNG. The Library provides cryptographic functionality to DCI Audio/Video Decoder Card."

59
Section 5.5, TPM
SP800-135
Nuvoton Technology Corporation
No. 4, Creation Rd. III
Hsinchu Science Park, n/a 300
Taiwan, R.O.C.

-Rachel Menda-Shabat
TEL: +972-9-9702000
FAX: +972-9-9702001

-Leonid Azriel
TEL: +972-9-9702000
FAX: +972-9-9702001

Nuvoton NPCT4xx/NPCT5xx TPM 1.2

Part # FD5C37
N/A 3/15/2013 TPM SHA1 Val#2028 HMAC_SHA1 Val#1460

"Nuvoton TPM (Trusted Platform Module), a TCG 1.2 compliant security processor with embedded firmware"

58
Section 5.2, SSH
SP800-135
McAfee, Inc.
2821 Mission College Blvd.
Santa Clara, CA 95054
USA

-Sakthi Subramanian
TEL: 408-346-3249
FAX: 408-346-3463

McAfee OpenSSH Library

Version 5.8 (Firmware)
RMI MIPSXLR w/ Linux/MIPS 3/15/2013 SSH (SHA 1 ) SHA Val#871

"The McAfee Network Security portfolio of purpose-built appliances delivers cost-effective, comprehensive and proactive network and system security with multi-gigabit performance for locations from branch offices to the network core."

57
Section 4.2,
TLS
SP800-135
McAfee, Inc.
2821 Mission College Blvd.
Santa Clara, CA 95054
USA

-Sakthi Subramanian
TEL: 408-346-3249
FAX: 408-346-3463

McAfee Crypto Library

Version 1.1.2.1 (Firmware)
RMI MIPSXLR w/ Linux/MIPS 3/15/2013 TLS( TLS1.0/1.1 ) SHA Val#871 HMAC Val#971

"The McAfee Network Security portfolio of purpose-built appliances delivers cost-effective, comprehensive and proactive network and system security with multi-gigabit performance for locations from branch offices to the network core."

56
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Samsung Electronics Co., Ltd
R4 416, Maetan 3-dong, Yeongtong-gu
Suwon-si, Gyeonggi-do 443-742
Korea

-Ross Choi
TEL: 972-761-7628

-Kyung-Hee Lee
TEL: +82-10-6640-8499

Samsung OpenSSL Cryptographic Module

Version SecOpenSSL2.0.3
ARMv7 w/ Android Jelly Bean 4.1 3/8/2013 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#56.

"General purpose cryptographic services available for Android used by Samsung devices to provide secure cryptography. Salt length 0, 1 and 2 has been tested for RSASSA-PSS."

01/16/14: Updated implementation information;

55
Section 4.2,
TLS
SP800-135
Accellion, Inc.
1804 Embarcadero Road
Suite 200
Palo Alto, Ca 94303
USA

-Prateek Jain
TEL: 65-62445670
FAX: 65-62445678

TLS Library

Version 1.0.1c
Dual Xeon QuadCore w/ Red Hat Enterprise Linux 5 2/26/2013 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 ) ) SHA Val#2003 HMAC Val#1457

"Accellion Cryptographic Module is a key component of Accellion''s secure collaboration solution that enables enterprises to securely share and transfer files. Extensive tracking and reporting tools allow compliance with SOX, HIPAA, FDA and GLB regulations while providing enterprise grade security and ease of use"

06/28/13: Updated implementation information;

54
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
GoldKey Security Corporation
26900 E. Pink Hill Rd
Independence, MO 64057
USA

-GoldKey Sales & Customer Service
TEL: (816) 220-3000

-Jon Thomas
TEL: 567-270-3830

GoldKey Cryptographic Algorithms

Version 7.13 (Firmware)
Arca2S 2/21/2013 Curves tested: P-256   P-384

"Cryptographic algorithm implementation for GoldKey Products"

03/18/13: Updated implementation information;
03/27/13: Updated implementation information;
10/25/13: Updated implementation information;
07/23/14: Updated implementation informaiton;

53
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
OpenSSL Software Foundation, Inc.
1829 Mount Ephraim Road
Adamstown, MD 27101
USA

-Steve Marquess
TEL: 877-673-6775

OpenSSL FIPS Object Module

Version 2.0.3
Freescale i.MX53xA (ARMv7) with NEON w/ Windows Embedded Compact 7; Freescale i.MX53xD (ARMv7) with NEON w/ Windows Embedded Compact 7; Qualcomm Snapdragon APQ8060 (ARMv7) with NEON w/ Android 4.0 2/19/2013 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#53.

"The OpenSSL FIPS Object Module is a full featured general purpose cryptographic library that is distributed in source code form under an open source license. It can be downloaded from www.openssl.org/source/."

02/21/13: Added new tested information;
02/26/13: Updated implementation information;
04/10/13: Added new tested information;
04/24/13: Updated implementation information;

52
Section 4.2,
TLS
SP800-135
Ultra Stereo Labs, Inc.
181 Bonetti Drive
San Luis Obispo, CA 93401-7397
USA

-Larry McCrigler
TEL: 805-549-0161
FAX: 805-549-0163

IMS1200 KDF

Version OpenSSL 0.9.8m (Firmware)
AMC PPC 460 GT 2/19/2013 TLS( TLS1.0/1.1 ) SHA Val#1320 HMAC Val#856

"IMS-1200"

51
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Kony, Inc.
7380 West Sand Lake Rd. #390
Orlando, FL 32819
USA

-Matthew Terry
TEL: 407-730-5669
FAX: 407-404-3738

Kony Cryptographic Library

Version 2.0
Qualcomm QSD 8250 (ARMv7) w/ Android 2.2; Qualcomm QSD 8250 (ARMv7) with NEON w/ Android 2.2; TI OMAP 3621 (ARMv7) w/ Android 3.0; TI OMAP 3621 (ARMv7) with NEON w/ Android 3.0; TI DM3730 (ARMv7) w/ Android 4.0; TI DM3730 (ARMv7) with NEON w/ Android 4.0; ARM Cortex-A8 (ARMv7) with NEON w/ Apple iOS 5.0; ARMv7 Cortex-A8 (ARMv7) with NEON w/ Apple iOS 6.0; ARM Cortex-A8 (ARMv7) without NEON w/ Apple iOS 5.0; ARM Cortex-A8 (ARMv7) without NEON w/ Apple iOS 6.0 2/19/2013 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#51.

"The Kony Cryptographic Library v2.0 is a full featured cryptographic module used in Kony mobile and multi-channel application platforms and the KonyOne Platform."

08/09/13: Added new tested information;
08/27/13: Updated implementation information;
08/30/13: Updated vendor information;

50
All of SP800-56A EXCEPT KDF
SP800-56A
Allegro Software Development Corporation
1740 Massachusetts Avenue
Boxborough, MA 01719
USA

-Larry LaCasse
TEL: +1 (978) 264-6600

Allegro Cryptographic Engine

Version 1.1
Intel Core 2 Duo w/ Windows 7 Ultimate (64-bit) 1/18/2013 FFC: SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC DSA Val#728 SHS Val#1997 DRBG Val#286
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 ECDSA Val#379 SHS Val#1997 DRBG Val#286
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#50.

"The Allegro Cryptographic Engine (ACE) is a cryptographic library module for embedded computing systems. ACE provides software implementations of algorithms for calculations of message digests, digital signature creation and verification, bulk encryption and decryption, key generation and key exchange"

49
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
OpenSSL Software Foundation, Inc.
1829 Mount Ephraim Road
Adamstown, MD 27101
USA

-Steve Marquess
TEL: 877-673-6775

OpenSSL FIPS Object Module

Version 2.0.2
TI DM3730 (ARMv7) w/ Android 4.1; TI DM3730 (ARMv7) with NEON w/ Android 4.1; Nvidia Tegra 3 (ARMv7) w/ Android 4.2; Nvidia Tegra 3 (ARMv7) with NEON w/ Android 4.2 1/18/2013 Curves tested: P-224