Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

Cryptographic Algorithm Validation Program

Description
The Nutanix Cryptographic Library for OpenSSL is a comprehensive suite of FIPS Approved algorithms used for TLS, SSH, and other cryptographic functions.
Version
1.0
Type
SOFTWARE
Vendor
Nutanix
1740 Technology Drive, Suite 150
San Jose, CA 95110
USA
Contacts
Matt Keller
fips@nutanix.com
Ashutosh Pangasa
fips@nutanix.com

Validations

Number
Date
Operating Environments
Algorithm Capabilities
Component 1994
7/20/2018
  • CentOS 7.4 on Intel E5-2620 w/PAA
  • KAS-ECC CDH-Component
    • Curve: P-256, P-384, P-521
  • KAS-ECC Component
    • Function: Domain Parameter Generation, Domain Parameter Validation, Full Public Key Validation, Key Pair Generation, Public Key Regeneration
    • Scheme:
      • Ephemeral Unified:
        • KAS Role: Initiator, Responder
        • Shared Secret Computation:
          • Parameter Set:
            • EC:
              • Hash Algorithm: SHA2-256
              • Curve: P-256
            • ED:
              • Hash Algorithm: SHA2-384
              • Curve: P-384
            • EE:
              • Hash Algorithm: SHA2-512
              • Curve: P-521
      • One Pass DH:
        • KAS Role: Initiator, Responder
        • Shared Secret Computation:
          • Parameter Set:
            • EC:
              • Hash Algorithm: SHA2-256
              • Curve: P-256
            • ED:
              • Hash Algorithm: SHA2-384
              • Curve: P-384
            • EE:
              • Hash Algorithm: SHA2-512
              • Curve: P-521
    Prerequisites:
  • KAS-FFC Component
    • Function: Domain Parameter Generation, Domain Parameter Validation, Full Public Key Validation, Key Pair Generation, Public Key Regeneration
    • Scheme:
      • dhEphem:
        • KAS Role: Initiator, Responder
        • Shared Secret Computation:
          • Parameter Set:
            • FB:
              • Hash Algorithm: SHA2-224
            • FC:
              • Hash Algorithm: SHA2-256
    Prerequisites:
  • CentOS 7.4 on Intel E5-2620 w/o PAA
    • software
    • processor
      • manufacturer: Intel
  • KAS-ECC CDH-Component
    • Function: Domain Parameter Generation, Domain Parameter Validation, Full Public Key Validation, Key Pair Generation, Public Key Regeneration
    • Curve: P-256, P-384, P-521
  • KAS-ECC Component
    • Function: Domain Parameter Generation, Domain Parameter Validation, Full Public Key Validation, Key Pair Generation, Public Key Regeneration
    • Scheme:
      • Ephemeral Unified:
        • KAS Role: Initiator, Responder
        • Shared Secret Computation:
          • Parameter Set:
            • EC:
              • Hash Algorithm: SHA2-256
              • Curve: P-256
            • ED:
              • Hash Algorithm: SHA2-384
              • Curve: P-384
            • EE:
              • Hash Algorithm: SHA2-512
              • Curve: P-521
      • One Pass DH:
        • KAS Role: Initiator, Responder
        • Shared Secret Computation:
          • Parameter Set:
            • EC:
              • Hash Algorithm: SHA2-256
              • Curve: P-256
            • ED:
              • Hash Algorithm: SHA2-384
              • Curve: P-384
            • EE:
              • Hash Algorithm: SHA2-512
              • Curve: P-521
    Prerequisites:
  • KAS-FFC Component
    • Function: Domain Parameter Generation, Domain Parameter Validation, Full Public Key Validation, Key Pair Generation, Public Key Regeneration
    • Scheme:
      • dhEphem:
        • KAS Role: Initiator, Responder
        • Shared Secret Computation:
          • Parameter Set:
            • FB:
              • Hash Algorithm: SHA2-224
            • FC:
              • Hash Algorithm: SHA2-256
    Prerequisites:
  • CentOS 7.5 on Intel Xeon Silver-4116 with PAA
    • software
    • processor
      • manufacturer: Intel
  • CentOS 7.5 on Intel Xeon Silver-4116 without PAA
    • software
    • processor
      • manufacturer: Intel
  • KAS-ECC CDH-Component
    • Function: Domain Parameter Generation, Domain Parameter Validation, Full Public Key Validation, Key Pair Generation, Public Key Regeneration
    • Curve: P-256, P-384, P-521
  • KAS-ECC Component
    • Function: Domain Parameter Generation, Domain Parameter Validation, Full Public Key Validation, Key Pair Generation, Public Key Regeneration
    • Scheme:
      • Ephemeral Unified:
        • KAS Role: Initiator, Responder
        • Shared Secret Computation:
          • Parameter Set:
            • EC:
              • Hash Algorithm: SHA2-256
              • Curve: P-256
            • ED:
              • Hash Algorithm: SHA2-384
              • Curve: P-384
            • EE:
              • Hash Algorithm: SHA2-512
              • Curve: P-521
      • One Pass DH:
        • KAS Role: Initiator, Responder
        • Shared Secret Computation:
          • Parameter Set:
            • EC:
              • Hash Algorithm: SHA2-256
              • Curve: P-256
            • ED:
              • Hash Algorithm: SHA2-384
              • Curve: P-384
            • EE:
              • Hash Algorithm: SHA2-512
              • Curve: P-521
    Prerequisites:
  • KAS-FFC Component
    • Function: Domain Parameter Generation, Domain Parameter Validation, Full Public Key Validation, Key Pair Generation, Public Key Regeneration
    • Scheme:
      • dhEphem:
        • KAS Role: Initiator, Responder
        • Shared Secret Computation:
          • Parameter Set:
            • FB:
              • Hash Algorithm: SHA2-224
            • FC:
              • Hash Algorithm: SHA2-256
    Prerequisites: