Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

Cryptographic Module Validation Program

Certificate #2969

Details

Module Name
McAfee OpenSSL FIPS Object Module
Standard
FIPS 140-2
Status
Active
Sunset Date
7/24/2022
Validation Dates
7/25/2017
11/16/2017
Overall Level
1
Caveat
When operated in FIPS mode. When built, installed, protected and initialized as assumed by the Crypto Officer role and as specified in the provided Security Policy. Appendix A of the provided Security Policy specifies the actual distribution tar file containing the source code of this module. There shall be no additions, deletions or alterations to the tar file contents as used during module build. The distribution tar file shall be verified as specified in Appendix A of the provided Security Policy. Installation and protection shall be completed as specified in Appendix A of the provided Security Policy. Initialization shall be invoked as per Section 4 of the provided Security Policy. Any deviation from specified verification, protection, installation and initialization procedures will result in a non FIPS 140-2 compliant module. The module generates cryptographic keys whose strengths are modified by available entropy. No assurance of the minimum strength of generated keys.
Security Level Exceptions
  • Roles, Services, and Authentication: Level 2
  • Physical Security: N/A
  • Design Assurance: Level 3
  • Mitigation of Other Attacks: N/A
Module Type
Software
Embodiment
Multi-Chip Stand Alone
Description
The McAfee OpenSSL FIPS module provides cryptographic services for McAfee products.
Tested Configuration(s)
  • Linux 3.10 on VMware ESXi 5.5 running on Intel Xeon (gcc Compiler Version 4.8.5) (single-user mode)
FIPS Algorithms
AES Cert. #4511
CVL Cert. #1197
DRBG Cert. #1474
DSA Cert. #1201
ECDSA Cert. #1097
HMAC Cert. #2980
RSA Cert. #2459
SHS Cert. #3699
Triple-DES Cert. #2408
Allowed Algorithms
EC Diffie-Hellman (CVL Cert. #1197, key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength); RSA (key wrapping; key establishment methodology provides between 112 and 270 bits of encryption strength)
Software Versions
1.0.1

Vendor

McAfee LLC
2200 Mission College Blvd.
Santa Clara, CA 95054
USA

Mark Hanson
mark_hanson@mcafee.com
Phone: 972.963.7326

Lab

ACUMEN SECURITY, LLC
NVLAP Code: 201029-0