Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

Cryptographic Module Validation Program CMVP

Certificate #2077

Details

Module Name
Oracle Solaris Userland Cryptographic Framework
Standard
FIPS 140-2
Status
Historical
 Historical Reason
RNG SP800-131A Revision 1 Transition
Validation Dates
02/06/2014
Overall Level
1
Caveat
When installed, initialized and configured as specified in the Security Policy and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy.
Security Level Exceptions
  • Physical Security: N/A
  • Mitigation of Other Attacks: N/A
Module Type
Software
Embodiment
Multi-chip standalone
Description
The Oracle Solaris OS utilizes the Oracle Solaris Userland Cryptographic Framework module for cryptographic functionality for any applications running in user space. It exposes PKCS#11 APIs, uCrypto APIs, and libmd public interfaces to provide cryptography to any application designed to utilize them.
Tested Configuration(s)
  • Oracle Solaris 11.1 running on a M3000 Enterprise Server
  • Oracle Solaris 11.1 running on a Sun Server X3-2 with PAA
  • Oracle Solaris 11.1 running on a Sun Server X3-2 without PAA (single-user mode)
FIPS Algorithms
AES Certs. #2308 and #2569
DSA Certs. #726 and #785
ECDSA Certs. #373 and #443
HMAC Certs. #1422 and #1586
RNG Certs. #1150 and #1221
RSA Certs. #1191 and #1317
SHS Certs. #1992 and #2165
Triple-DES Certs. #1455 and #1556
Other Algorithms
AES-XCBC-MAC (non-compliant); SHA-512/224 (non-compliant); SHA-512/256 (non-compliant); MD4; MD5; RC4; DES; Blowfish; RSA (key wrapping; key establishment methodology provides between 112 and 192 bits of encryption strength; non-compliant less than 112 bits of encryption strength); Diffie-Hellman (key agreement; key establishment methodology provides between 112 and 192 bits of encryption strength; non-compliant less than 112 bits of encryption strength); EC Diffie-Hellman (key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength; non-compliant less than 112 bits of encryption strength)
Software Versions
1.0 and 1.1

Vendor

Oracle Corporation
500 Oracle Parkway
Redwood Shores, CA 94065
USA

Security Evaluations Manager
seceval_us@oracle.com
Phone: 781-442-0451

Lab

CGI
NVLAP Code: 200928-0