Cryptographic Algorithm Validation Program CAVP

Description
The test covers the AES, SHA, GHASH and multiplication from CPACF for Ubuntu 18.04 OpenSSL.
Version
2.0
Type
SOFTWARE
Vendor
Canonical Ltd.
5th Floor, Blue Fin Building, 110 Southwark Street
London SE1 0SU
United Kingdom
Contacts
Joy Latten
joy.latten@canonical.com
Joe McManus
joe.mcmanus@canonical.com

Validations

Number
Date
Operating Environments
Algorithm Capabilities
C687
5/8/2019
  • Ubuntu 18.04 on IBM® z14
    • processor
    • software
  • AES-CBC
    • Direction: Decrypt, Encrypt
    • Key Length: 128, 192, 256
  • AES-CCM
    • Key Length: 128, 192, 256
    • Tag Length: 32, 48, 64, 80, 96, 112, 128
    • IV Length: 56, 64, 72, 80, 88, 96, 104
    • Payload Length: 0-256
    • AAD Length: 0-524288
    Prerequisites:
  • AES-CFB1
    • Direction: Decrypt, Encrypt
    • Key Length: 128, 192, 256
  • AES-CFB128
    • Direction: Decrypt, Encrypt
    • Key Length: 128, 192, 256
  • AES-CFB8
    • Direction: Decrypt, Encrypt
    • Key Length: 128, 192, 256
  • AES-CMAC
      • Capabilities:
        • Direction: Generation
        • Key Length: 128
        • MAC: 64, 128
        • Message Length: 0, 128, 184, 1608, 2048, 524288
      • Capabilities:
        • Direction: Generation
        • Key Length: 192
        • MAC: 64, 128
        • Message Length: 0, 128, 184, 1608, 2048, 524288
      • Capabilities:
        • Direction: Generation
        • Key Length: 256
        • MAC: 64, 128
        • Message Length: 0, 128, 184, 1608, 2048, 524288
      • Capabilities:
        • Direction: Verification
        • Key Length: 128
        • MAC: 64, 128
        • Message Length: 0, 128, 184, 1608, 2048, 524288
      • Capabilities:
        • Direction: Verification
        • Key Length: 192
        • MAC: 64, 128
        • Message Length: 0, 128, 184, 1608, 2048, 524288
      • Capabilities:
        • Direction: Verification
        • Key Length: 256
        • MAC: 64, 128
        • Message Length: 0, 128, 184, 1608, 2048, 524288
  • AES-CTR
    • Direction: Encrypt
    • Key Length: 128, 192, 256
  • AES-ECB
    • Direction: Decrypt, Encrypt
    • Key Length: 128, 192, 256
  • AES-GCM
    • Direction: Decrypt, Encrypt
    • IV Generation: Internal
    • IV Generation Mode: 8.2.1
    • Key Length: 128, 192, 256
    • Tag Length: 32, 64, 96, 104, 112, 120, 128
    • IV Length: 96, 1024
    • Payload Length: 160, 384, 800, 1024
    • AAD Length: 0, 160, 384, 800, 1024
  • AES-GMAC
    • Direction: Decrypt, Encrypt
    • IV Generation: Internal
    • IV Generation Mode: 8.2.1
    • Key Length: 128, 192, 256
    • Tag Length: 32, 64, 96, 104, 112, 120, 128
    • IV Length: 96, 1024
    • AAD Length: 0, 160, 384, 800, 1024
  • AES-KW
    • Direction: Decrypt, Encrypt
    • Cipher: Cipher, Inverse
    • Key Length: 128, 192, 256
    • Payload Length: 192, 256, 320, 512, 4032
    Prerequisites:
  • AES-OFB
    • Direction: Decrypt, Encrypt
    • Key Length: 128, 192, 256
  • AES-XTS
    • Direction: Decrypt, Encrypt
    • Key Length: 128
    • Payload Length: 128, 136, 200, 256, 65536
    • Tweak Mode: Hex
  • AES-XTS
    • Direction: Decrypt, Encrypt
    • Key Length: 256
    • Payload Length: 128, 136, 200, 256, 65536
    • Tweak Mode: Hex
  • Counter DRBG
    • Prediction Resistance: No
    • Supports Reseed
      • Capabilities:
        • Mode: AES-128
        • Derivation Function Enabled: Yes
        • Additional Input: 0-128
        • Entropy Input: 128
        • Nonce: 64
        • Personalization String Length: 0-128
        • Returned Bits: 512
      • Capabilities:
        • Mode: AES-192
        • Derivation Function Enabled: Yes
        • Additional Input: 0-256
        • Entropy Input: 192
        • Nonce: 128
        • Personalization String Length: 0-256
        • Returned Bits: 512
      • Capabilities:
        • Mode: AES-256
        • Derivation Function Enabled: Yes
        • Additional Input: 0-256
        • Entropy Input: 256
        • Nonce: 128
        • Personalization String Length: 0-256
        • Returned Bits: 512
      • Capabilities:
        • Mode: AES-128
        • Derivation Function Enabled: No
        • Additional Input: 0-256
        • Entropy Input: 256
        • Nonce: 0
        • Personalization String Length: 0-256
        • Returned Bits: 512
      • Capabilities:
        • Mode: AES-192
        • Derivation Function Enabled: No
        • Additional Input: 0-320
        • Entropy Input: 320
        • Nonce: 0
        • Personalization String Length: 0-320
        • Returned Bits: 512
      • Capabilities:
        • Mode: AES-256
        • Derivation Function Enabled: No
        • Additional Input: 0-384
        • Entropy Input: 384
        • Nonce: 0
        • Personalization String Length: 0-384
        • Returned Bits: 512
    Prerequisites:
  • DSA KeyGen (186-4)
      • Capabilities:
        • L: 2048
        • N: 224
      • Capabilities:
        • L: 2048
        • N: 256
      • Capabilities:
        • L: 3072
        • N: 256
    Prerequisites:
  • DSA PQGGen (186-4)
      • Capabilities:
        • P/Q Generation Methods: Probable
        • G Generation Methods: Unverifiable
        • L: 2048
        • N: 224
        • Hash Algorithm: SHA2-224, SHA2-256, SHA2-384, SHA2-512
      • Capabilities:
        • P/Q Generation Methods: Probable
        • G Generation Methods: Unverifiable
        • L: 2048
        • N: 256
        • Hash Algorithm: SHA2-256, SHA2-384, SHA2-512
      • Capabilities:
        • P/Q Generation Methods: Probable
        • G Generation Methods: Unverifiable
        • L: 3072
        • N: 256
        • Hash Algorithm: SHA2-256, SHA2-384, SHA2-512
    Prerequisites:
  • DSA PQGVer (186-4)
      • Capabilities:
        • P/Q Generation Methods: Probable
        • G Generation Methods: Unverifiable
        • L: 1024
        • N: 160
        • Hash Algorithm: SHA-1, SHA2-224, SHA2-256, SHA2-384, SHA2-512
      • Capabilities:
        • P/Q Generation Methods: Probable
        • G Generation Methods: Unverifiable
        • L: 2048
        • N: 224
        • Hash Algorithm: SHA2-224, SHA2-256, SHA2-384, SHA2-512
      • Capabilities:
        • P/Q Generation Methods: Probable
        • G Generation Methods: Unverifiable
        • L: 2048
        • N: 256
        • Hash Algorithm: SHA2-256, SHA2-384, SHA2-512
      • Capabilities:
        • P/Q Generation Methods: Probable
        • G Generation Methods: Unverifiable
        • L: 3072
        • N: 256
        • Hash Algorithm: SHA2-256, SHA2-384, SHA2-512
    Prerequisites:
  • DSA SigGen (186-4)
      • Capabilities:
        • L: 2048
        • N: 224
        • Hash Algorithm: SHA2-224, SHA2-256, SHA2-384, SHA2-512
      • Capabilities:
        • L: 2048
        • N: 256
        • Hash Algorithm: SHA2-224, SHA2-256, SHA2-384, SHA2-512
      • Capabilities:
        • L: 3072
        • N: 256
        • Hash Algorithm: SHA2-224, SHA2-256, SHA2-384, SHA2-512
    Prerequisites:
  • DSA SigVer (186-4)
      • Capabilities:
        • L: 1024
        • N: 160
        • Hash Algorithm: SHA-1, SHA2-224, SHA2-256, SHA2-384, SHA2-512
      • Capabilities:
        • L: 2048
        • N: 224
        • Hash Algorithm: SHA-1, SHA2-224, SHA2-256, SHA2-384, SHA2-512
      • Capabilities:
        • L: 2048
        • N: 256
        • Hash Algorithm: SHA-1, SHA2-224, SHA2-256, SHA2-384, SHA2-512
      • Capabilities:
        • L: 3072
        • N: 256
        • Hash Algorithm: SHA-1, SHA2-224, SHA2-256, SHA2-384, SHA2-512
    Prerequisites:
  • ECDSA KeyGen (186-4)
    • Curve: B-233, B-283, B-409, B-571, K-233, K-283, K-409, K-571, P-224, P-256, P-384, P-521
    • Secret Generation Mode: Testing Candidates
    Prerequisites:
  • ECDSA KeyVer (186-4)
    • Curve: B-163, B-233, B-283, B-409, B-571, K-163, K-233, K-283, K-409, K-571, P-192, P-224, P-256, P-384, P-521
  • ECDSA SigGen (186-4)
      • Capabilities:
        • Curve: P-224
        • Hash Algorithm: SHA2-224, SHA2-256, SHA2-384, SHA2-512
      • Capabilities:
        • Curve: P-256
        • Hash Algorithm: SHA2-224, SHA2-256, SHA2-384, SHA2-512
      • Capabilities:
        • Curve: P-384
        • Hash Algorithm: SHA2-224, SHA2-256, SHA2-384, SHA2-512
      • Capabilities:
        • Curve: P-521
        • Hash Algorithm: SHA2-224, SHA2-256, SHA2-384, SHA2-512
      • Capabilities:
        • Curve: K-233
        • Hash Algorithm: SHA2-224, SHA2-256, SHA2-384, SHA2-512
      • Capabilities:
        • Curve: K-283
        • Hash Algorithm: SHA2-224, SHA2-256, SHA2-384, SHA2-512
      • Capabilities:
        • Curve: K-409
        • Hash Algorithm: SHA2-224, SHA2-256, SHA2-384, SHA2-512
      • Capabilities:
        • Curve: K-571
        • Hash Algorithm: SHA2-224, SHA2-256, SHA2-384, SHA2-512
      • Capabilities:
        • Curve: B-233
        • Hash Algorithm: SHA2-224, SHA2-256, SHA2-384, SHA2-512
      • Capabilities:
        • Curve: B-283
        • Hash Algorithm: SHA2-224, SHA2-256, SHA2-384, SHA2-512
      • Capabilities:
        • Curve: B-409
        • Hash Algorithm: SHA2-224, SHA2-256, SHA2-384, SHA2-512
      • Capabilities:
        • Curve: B-571
        • Hash Algorithm: SHA2-224, SHA2-256, SHA2-384, SHA2-512
    Prerequisites:
  • ECDSA SigVer (186-4)
      • Capabilities:
        • Curve: P-192
        • Hash Algorithm: SHA-1, SHA2-224, SHA2-256, SHA2-384, SHA2-512
      • Capabilities:
        • Curve: P-224
        • Hash Algorithm: SHA-1, SHA2-224, SHA2-256, SHA2-384, SHA2-512
      • Capabilities:
        • Curve: P-256
        • Hash Algorithm: SHA-1, SHA2-224, SHA2-256, SHA2-384, SHA2-512
      • Capabilities:
        • Curve: P-384
        • Hash Algorithm: SHA-1, SHA2-224, SHA2-256, SHA2-384, SHA2-512
      • Capabilities:
        • Curve: P-521
        • Hash Algorithm: SHA-1, SHA2-224, SHA2-256, SHA2-384, SHA2-512
      • Capabilities:
        • Curve: K-163
        • Hash Algorithm: SHA-1, SHA2-224, SHA2-256, SHA2-384, SHA2-512
      • Capabilities:
        • Curve: K-233
        • Hash Algorithm: SHA-1, SHA2-224, SHA2-256, SHA2-384, SHA2-512
      • Capabilities:
        • Curve: K-283
        • Hash Algorithm: SHA-1, SHA2-224, SHA2-256, SHA2-384, SHA2-512
      • Capabilities:
        • Curve: K-409
        • Hash Algorithm: SHA-1, SHA2-224, SHA2-256, SHA2-384, SHA2-512
      • Capabilities:
        • Curve: K-571
        • Hash Algorithm: SHA-1, SHA2-224, SHA2-256, SHA2-384, SHA2-512
      • Capabilities:
        • Curve: B-163
        • Hash Algorithm: SHA-1, SHA2-224, SHA2-256, SHA2-384, SHA2-512
      • Capabilities:
        • Curve: B-233
        • Hash Algorithm: SHA-1, SHA2-224, SHA2-256, SHA2-384, SHA2-512
      • Capabilities:
        • Curve: B-283
        • Hash Algorithm: SHA-1, SHA2-224, SHA2-256, SHA2-384, SHA2-512
      • Capabilities:
        • Curve: B-409
        • Hash Algorithm: SHA-1, SHA2-224, SHA2-256, SHA2-384, SHA2-512
      • Capabilities:
        • Curve: B-571
        • Hash Algorithm: SHA-1, SHA2-224, SHA2-256, SHA2-384, SHA2-512
    Prerequisites:
  • HMAC-SHA-1
    • MAC: 160
    • Key sizes < block size
    • Key size = block size
    • Key sizes > block size
    Prerequisites:
  • HMAC-SHA2-224
    • MAC: 224
    • Key sizes < block size
    • Key size = block size
    • Key sizes > block size
    Prerequisites:
  • HMAC-SHA2-256
    • MAC: 256
    • Key sizes < block size
    • Key size = block size
    • Key sizes > block size
    Prerequisites:
  • HMAC-SHA2-384
    • MAC: 384
    • Key sizes < block size
    • Key sizes > block size
    • Key size = block size
    Prerequisites:
  • HMAC-SHA2-512
    • MAC: 512
    • Key sizes < block size
    • Key size = block size
    • Key sizes > block size
    Prerequisites:
  • HMAC-SHA3-224
    • MAC: 224
    • Key sizes < block size
    • Key size = block size
    • Key sizes > block size
  • HMAC-SHA3-256
    • MAC: 256
    • Key sizes < block size
    • Key size = block size
    • Key sizes > block size
  • HMAC-SHA3-384
    • MAC: 384
    • Key sizes < block size
    • Key size = block size
    • Key sizes > block size
  • HMAC-SHA3-512
    • MAC: 512
    • Key sizes < block size
    • Key size = block size
    • Key sizes > block size
  • KAS-ECC CDH-Component
    • Function: Domain Parameter Generation, Domain Parameter Validation, Full Public Key Validation, Key Pair Generation, Partial Public Key Validation, Public Key Regeneration
    • Curve: B-233, B-283, B-409, B-571, K-233, K-283, K-409, K-571, P-224, P-256, P-384, P-521
  • KAS-ECC Component
    • Function: Domain Parameter Generation, Domain Parameter Validation, Full Public Key Validation, Key Pair Generation, Partial Public Key Validation, Public Key Regeneration
    • Scheme:
      • Ephemeral Unified:
        • KAS Role: Initiator, Responder
        • Shared Secret Computation:
          • Parameter Set:
            • EB:
              • Hash Algorithm: SHA2-224
              • Curve: P-224
            • EC:
              • Hash Algorithm: SHA2-256
              • Curve: P-256
            • ED:
              • Hash Algorithm: SHA2-384
              • Curve: P-384
            • EE:
              • Hash Algorithm: SHA2-512
              • Curve: P-521
    Prerequisites:
  • KAS-FFC Component
    • Function: Domain Parameter Generation, Domain Parameter Validation, Full Public Key Validation, Key Pair Generation, Public Key Regeneration
    • Scheme:
      • dhEphem:
        • KAS Role: Initiator, Responder
        • Shared Secret Computation:
          • Parameter Set:
            • FB:
              • Hash Algorithm: SHA2-224
            • FC:
              • Hash Algorithm: SHA2-256
    Prerequisites:
  • KDF TLS
    • TLS Version: v1.0/1.1, v1.2
    • Hash Algorithm: SHA2-256, SHA2-384
    Prerequisites:
  • RSA KeyGen (186-4)
      • Capabilities:
        • Key Generation Mode: B.3.3
          • Properties:
            • Modulo: 2048
            • Primality Tests: C.2
          • Properties:
            • Modulo: 3072
            • Primality Tests: C.2
    • Info Generated By Server
    • Public Exponent Mode: Random
    • Private Key Format: Standard
    Prerequisites:
  • RSA SigGen (186-2)
      • Capabilities:
        • Signature Type: PKCS 1.5
        • Modulo: 4096
        • Hash Algorithm: SHA2-224, SHA2-256, SHA2-384, SHA2-512
      • Capabilities:
        • Signature Type: PKCSPSS
        • Modulo: 4096
        • Hash Algorithm: SHA2-224, SHA2-256, SHA2-384, SHA2-512
    Prerequisites:
  • RSA SigGen (186-4)
      • Capabilities:
        • Signature Type: ANSI X9.31
          • Properties:
            • Modulo: 2048
              • Hash Pair:
                • Hash Algorithm: SHA2-256
              • Hash Pair:
                • Hash Algorithm: SHA2-384
              • Hash Pair:
                • Hash Algorithm: SHA2-512
          • Properties:
            • Modulo: 3072
              • Hash Pair:
                • Hash Algorithm: SHA2-256
              • Hash Pair:
                • Hash Algorithm: SHA2-384
              • Hash Pair:
                • Hash Algorithm: SHA2-512
      • Capabilities:
        • Signature Type: PKCS 1.5
          • Properties:
            • Modulo: 2048
              • Hash Pair:
                • Hash Algorithm: SHA2-224
              • Hash Pair:
                • Hash Algorithm: SHA2-256
              • Hash Pair:
                • Hash Algorithm: SHA2-384
              • Hash Pair:
                • Hash Algorithm: SHA2-512
          • Properties:
            • Modulo: 3072
              • Hash Pair:
                • Hash Algorithm: SHA2-224
              • Hash Pair:
                • Hash Algorithm: SHA2-256
              • Hash Pair:
                • Hash Algorithm: SHA2-384
              • Hash Pair:
                • Hash Algorithm: SHA2-512
      • Capabilities:
        • Signature Type: PKCSPSS
          • Properties:
            • Modulo: 2048
              • Hash Pair:
                • Hash Algorithm: SHA2-224
                • Salt Length: 224
              • Hash Pair:
                • Hash Algorithm: SHA2-256
                • Salt Length: 256
              • Hash Pair:
                • Hash Algorithm: SHA2-384
                • Salt Length: 384
              • Hash Pair:
                • Hash Algorithm: SHA2-512
                • Salt Length: 512
          • Properties:
            • Modulo: 3072
              • Hash Pair:
                • Hash Algorithm: SHA2-224
                • Salt Length: 0
              • Hash Pair:
                • Hash Algorithm: SHA2-256
                • Salt Length: 0
              • Hash Pair:
                • Hash Algorithm: SHA2-384
                • Salt Length: 0
              • Hash Pair:
                • Hash Algorithm: SHA2-512
                • Salt Length: 0
    Prerequisites:
  • RSA SigVer (186-4)
      • Capabilities:
        • Signature Type: ANSI X9.31
          • Properties:
            • Modulo: 1024
              • Hash Pair:
                • Hash Algorithm: SHA-1
              • Hash Pair:
                • Hash Algorithm: SHA2-256
              • Hash Pair:
                • Hash Algorithm: SHA2-384
              • Hash Pair:
                • Hash Algorithm: SHA2-512
          • Properties:
            • Modulo: 2048
              • Hash Pair:
                • Hash Algorithm: SHA-1
              • Hash Pair:
                • Hash Algorithm: SHA2-256
              • Hash Pair:
                • Hash Algorithm: SHA2-384
              • Hash Pair:
                • Hash Algorithm: SHA2-512
          • Properties:
            • Modulo: 3072
              • Hash Pair:
                • Hash Algorithm: SHA-1
              • Hash Pair:
                • Hash Algorithm: SHA2-256
              • Hash Pair:
                • Hash Algorithm: SHA2-384
              • Hash Pair:
                • Hash Algorithm: SHA2-512
      • Capabilities:
        • Signature Type: PKCS 1.5
          • Properties:
            • Modulo: 1024
              • Hash Pair:
                • Hash Algorithm: SHA-1
              • Hash Pair:
                • Hash Algorithm: SHA2-224
              • Hash Pair:
                • Hash Algorithm: SHA2-256
              • Hash Pair:
                • Hash Algorithm: SHA2-384
              • Hash Pair:
                • Hash Algorithm: SHA2-512
          • Properties:
            • Modulo: 2048
              • Hash Pair:
                • Hash Algorithm: SHA-1
              • Hash Pair:
                • Hash Algorithm: SHA2-224
              • Hash Pair:
                • Hash Algorithm: SHA2-256
              • Hash Pair:
                • Hash Algorithm: SHA2-384
              • Hash Pair:
                • Hash Algorithm: SHA2-512
          • Properties:
            • Modulo: 3072
              • Hash Pair:
                • Hash Algorithm: SHA-1
              • Hash Pair:
                • Hash Algorithm: SHA2-224
              • Hash Pair:
                • Hash Algorithm: SHA2-256
              • Hash Pair:
                • Hash Algorithm: SHA2-384
              • Hash Pair:
                • Hash Algorithm: SHA2-512
      • Capabilities:
        • Signature Type: PKCSPSS
          • Properties:
            • Modulo: 1024
              • Hash Pair:
                • Hash Algorithm: SHA-1
                • Salt Length: 0
              • Hash Pair:
                • Hash Algorithm: SHA2-224
                • Salt Length: 0
              • Hash Pair:
                • Hash Algorithm: SHA2-256
                • Salt Length: 0
              • Hash Pair:
                • Hash Algorithm: SHA2-384
                • Salt Length: 0
              • Hash Pair:
                • Hash Algorithm: SHA2-512
                • Salt Length: 0
          • Properties:
            • Modulo: 2048
              • Hash Pair:
                • Hash Algorithm: SHA-1
                • Salt Length: 80
              • Hash Pair:
                • Hash Algorithm: SHA2-224
                • Salt Length: 112
              • Hash Pair:
                • Hash Algorithm: SHA2-256
                • Salt Length: 128
              • Hash Pair:
                • Hash Algorithm: SHA2-384
                • Salt Length: 192
              • Hash Pair:
                • Hash Algorithm: SHA2-512
                • Salt Length: 256
          • Properties:
            • Modulo: 3072
              • Hash Pair:
                • Hash Algorithm: SHA-1
                • Salt Length: 160
              • Hash Pair:
                • Hash Algorithm: SHA2-224
                • Salt Length: 224
              • Hash Pair:
                • Hash Algorithm: SHA2-256
                • Salt Length: 256
              • Hash Pair:
                • Hash Algorithm: SHA2-384
                • Salt Length: 384
              • Hash Pair:
                • Hash Algorithm: SHA2-512
                • Salt Length: 512
    • Public Exponent Mode: Random
    Prerequisites:
  • SHA-1
    • Message Length: 0-51200 Increment 8
  • SHA-224
    • Message Length: 0-51200 Increment 8
  • SHA-256
    • Message Length: 0-51200 Increment 8
  • SHA3-224
    • Supports Empty Message
  • SHA3-256
    • Supports Empty Message
  • SHA3-384
    • Supports Empty Message
  • SHA3-512
    • Supports Empty Message
  • SHA-384
    • Message Length: 0-102400 Increment 8
  • SHA-512
    • Message Length: 0-102400 Increment 8
  • SHAKE-128
    • Supports Empty Message
    • Output Length: 128-65536
  • SHAKE-256
    • Supports Empty Message
    • Output Length: 256-65536
Created October 05, 2016, Updated June 22, 2020