Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

Cryptographic Algorithm Validation Program

Description
This document focuses on the firmware implementation of the Fortinet FortiOS FIPS Cryptographic Library v5.6 running on Intel x86 compatible processors.
Version
5.6
Type
FIRMWARE
Vendor
Fortinet Inc.
1090 Kifer Road
Sunnyvale, CA 94086-5301
USA
Contacts
Alan Kaye
akaye@fortinet.com
613-225-9381 x87416
Fax: 613-225-9951

Validations

Number
Date
Operating Environments
Algorithm Capabilities
C468
2/25/2019
  • Arm v7
    • processor
      • manufacturer: ARM
  • Intel Celeron
    • processor
      • manufacturer: Intel
  • Intel i5 Series
    • processor
      • manufacturer: Intel
  • Intel i7 Series
    • processor
      • manufacturer: Intel
  • Intel Xeon E5
    • processor
      • manufacturer: Intel
  • AES-CBC
    • Direction: Decrypt, Encrypt
    • Key Length: 128, 192, 256
  • AES-GCM
    • Direction: Decrypt, Encrypt
    • IV Generation: External
    • Key Length: 128, 256
    • Tag Length: 128
    • IV Length: 64
    • Payload Length: 128, 1000, 6400, 8000
    • AAD Length: 0, 96, 128, 776, 2048
  • AES-GMAC
    • Direction: Decrypt, Encrypt
    • IV Generation: External
    • Key Length: 128, 256
    • Tag Length: 128
    • IV Length: 64
    • AAD Length: 0, 96, 128, 776, 2048
  • HMAC-SHA-1
    • MAC: 160
    • Key sizes < block size
    • Key size = block size
    • Key sizes > block size
    Prerequisites:
  • HMAC-SHA2-256
    • MAC: 256
    • Key sizes < block size
    • Key size = block size
    • Key sizes > block size
    Prerequisites:
  • HMAC-SHA2-384
    • MAC: 384
    • Key sizes < block size
    • Key sizes > block size
    • Key size = block size
    Prerequisites:
  • HMAC-SHA2-512
    • MAC: 512
    • Key sizes < block size
    • Key size = block size
    • Key sizes > block size
    Prerequisites:
  • KDF IKEv1
      • Capabilities:
        • Authentication Method: Digital Signature
        • Initiator Nonce Length: 64-2048
        • Responder Nonce Length: 64-2048
        • Diffie-Hellman Shared Secret Length: 2048
        • Hash Algorithm: SHA-1, SHA2-256, SHA2-384, SHA2-512
      • Capabilities:
        • Authentication Method: Digital Signature
        • Initiator Nonce Length: 64-2048
        • Responder Nonce Length: 64-2048
        • Diffie-Hellman Shared Secret Length: 3072
        • Hash Algorithm: SHA-1, SHA2-256, SHA2-384, SHA2-512
      • Capabilities:
        • Authentication Method: Digital Signature
        • Initiator Nonce Length: 64-2048
        • Responder Nonce Length: 64-2048
        • Diffie-Hellman Shared Secret Length: 8192
        • Hash Algorithm: SHA-1, SHA2-256, SHA2-384, SHA2-512
      • Capabilities:
        • Authentication Method: Public Key Encryption
        • Initiator Nonce Length: 64-2048
        • Responder Nonce Length: 64-2048
        • Diffie-Hellman Shared Secret Length: 2048
        • Hash Algorithm: SHA-1, SHA2-256, SHA2-384, SHA2-512
      • Capabilities:
        • Authentication Method: Public Key Encryption
        • Initiator Nonce Length: 64-2048
        • Responder Nonce Length: 64-2048
        • Diffie-Hellman Shared Secret Length: 3072
        • Hash Algorithm: SHA-1, SHA2-256, SHA2-384, SHA2-512
      • Capabilities:
        • Authentication Method: Public Key Encryption
        • Initiator Nonce Length: 64-2048
        • Responder Nonce Length: 64-2048
        • Diffie-Hellman Shared Secret Length: 8192
        • Hash Algorithm: SHA-1, SHA2-256, SHA2-384, SHA2-512
      • Capabilities:
        • Authentication Method: Pre-shared Key
        • Initiator Nonce Length: 64-2048
        • Responder Nonce Length: 64-2048
        • Preshared Key Length: 128-1016
        • Diffie-Hellman Shared Secret Length: 2048
        • Hash Algorithm: SHA-1, SHA2-256, SHA2-384, SHA2-512
      • Capabilities:
        • Authentication Method: Pre-shared Key
        • Initiator Nonce Length: 64-2048
        • Responder Nonce Length: 64-2048
        • Preshared Key Length: 128-1016
        • Diffie-Hellman Shared Secret Length: 3072
        • Hash Algorithm: SHA-1, SHA2-256, SHA2-384, SHA2-512
      • Capabilities:
        • Authentication Method: Pre-shared Key
        • Initiator Nonce Length: 64-2048
        • Responder Nonce Length: 64-2048
        • Preshared Key Length: 128-1016
        • Diffie-Hellman Shared Secret Length: 8192
        • Hash Algorithm: SHA-1, SHA2-256, SHA2-384, SHA2-512
    Prerequisites:
  • KDF IKEv2
      • Capabilities:
        • Initiator Nonce Length: 128-2048
        • Responder Nonce Length: 128-2048
        • Diffie-Hellman Shared Secret Length: 224
        • Derived Keying Material Length: 1056-3072
        • Hash Algorithm: SHA-1, SHA2-256, SHA2-384, SHA2-512
      • Capabilities:
        • Initiator Nonce Length: 128-2048
        • Responder Nonce Length: 128-2048
        • Diffie-Hellman Shared Secret Length: 8192
        • Derived Keying Material Length: 1056-3072
        • Hash Algorithm: SHA-1, SHA2-256, SHA2-384, SHA2-512
      • Capabilities:
        • Initiator Nonce Length: 128-2048
        • Responder Nonce Length: 128-2048
        • Diffie-Hellman Shared Secret Length: 2048
        • Derived Keying Material Length: 1056-3072
        • Hash Algorithm: SHA-1, SHA2-256, SHA2-384, SHA2-512
    Prerequisites:
  • SHA-1
    • Message Length: 0-51200 Increment 8
  • SHA-256
    • Message Length: 0-51200 Increment 8
  • SHA-384
    • Message Length: 0-102400 Increment 8
  • SHA-512
    • Message Length: 0-102400 Increment 8
  • Intel i3 Series
    • processor
      • manufacturer: Intel
  • Intel Xeon E3
    • processor
      • manufacturer: Intel
  • AES-CBC
    • Direction: Decrypt, Encrypt
    • Key Length: 128, 192, 256
  • AES-GCM
    • Direction: Decrypt, Encrypt
    • IV Generation: External
    • Key Length: 128, 256
    • Tag Length: 128
    • IV Length: 64
    • Payload Length: 128, 1000, 6400, 8000
    • AAD Length: 0, 96, 128, 776, 2048
  • AES-GMAC
    • Direction: Decrypt, Encrypt
    • IV Generation: External
    • Key Length: 128, 256
    • Tag Length: 128
    • IV Length: 64
    • AAD Length: 0, 96, 128, 776, 2048
  • ECDSA SigGen (186-4)
    • Component
      • Capabilities:
        • Curve: P-256
        • Hash Algorithm: SHA2-256, SHA2-384, SHA2-512
      • Capabilities:
        • Curve: P-384
        • Hash Algorithm: SHA2-256, SHA2-384, SHA2-512
      • Capabilities:
        • Curve: P-521
        • Hash Algorithm: SHA2-256, SHA2-384, SHA2-512
  • ECDSA SigGen (186-4)
      • Capabilities:
        • Curve: P-256
        • Hash Algorithm: SHA2-256, SHA2-384, SHA2-512
      • Capabilities:
        • Curve: P-384
        • Hash Algorithm: SHA2-256, SHA2-384, SHA2-512
      • Capabilities:
        • Curve: P-521
        • Hash Algorithm: SHA2-256, SHA2-384, SHA2-512
    Prerequisites:
  • ECDSA SigVer (186-4)
      • Capabilities:
        • Curve: P-256
        • Hash Algorithm: SHA2-256, SHA2-384, SHA2-512
      • Capabilities:
        • Curve: P-384
        • Hash Algorithm: SHA2-256, SHA2-384, SHA2-512
      • Capabilities:
        • Curve: P-521
        • Hash Algorithm: SHA2-256, SHA2-384, SHA2-512
    Prerequisites:
  • HMAC-SHA-1
    • MAC: 160
    • Key sizes < block size
    • Key size = block size
    • Key sizes > block size
    Prerequisites:
  • HMAC-SHA2-256
    • MAC: 256
    • Key sizes < block size
    • Key size = block size
    • Key sizes > block size
    Prerequisites:
  • HMAC-SHA2-384
    • MAC: 384
    • Key sizes < block size
    • Key sizes > block size
    • Key size = block size
    Prerequisites:
  • HMAC-SHA2-512
    • MAC: 512
    • Key sizes < block size
    • Key size = block size
    • Key sizes > block size
    Prerequisites:
  • KAS-FFC Component
    • Scheme:
      • dhEphem:
        • KAS Role: Initiator, Responder
        • KDF without Key Confirmation:
          • Parameter Set:
            • FB:
              • Hash Algorithm: SHA2-256
            • FC:
              • Hash Algorithm: SHA2-256
    Prerequisites:
  • KDF IKEv1
      • Capabilities:
        • Authentication Method: Digital Signature
        • Initiator Nonce Length: 64-2048
        • Responder Nonce Length: 64-2048
        • Diffie-Hellman Shared Secret Length: 2048
        • Hash Algorithm: SHA-1, SHA2-256, SHA2-384, SHA2-512
      • Capabilities:
        • Authentication Method: Digital Signature
        • Initiator Nonce Length: 64-2048
        • Responder Nonce Length: 64-2048
        • Diffie-Hellman Shared Secret Length: 3072
        • Hash Algorithm: SHA-1, SHA2-256, SHA2-384, SHA2-512
      • Capabilities:
        • Authentication Method: Digital Signature
        • Initiator Nonce Length: 64-2048
        • Responder Nonce Length: 64-2048
        • Diffie-Hellman Shared Secret Length: 8192
        • Hash Algorithm: SHA-1, SHA2-256, SHA2-384, SHA2-512
      • Capabilities:
        • Authentication Method: Public Key Encryption
        • Initiator Nonce Length: 64-2048
        • Responder Nonce Length: 64-2048
        • Diffie-Hellman Shared Secret Length: 2048
        • Hash Algorithm: SHA-1, SHA2-256, SHA2-384, SHA2-512
      • Capabilities:
        • Authentication Method: Public Key Encryption
        • Initiator Nonce Length: 64-2048
        • Responder Nonce Length: 64-2048
        • Diffie-Hellman Shared Secret Length: 3072
        • Hash Algorithm: SHA-1, SHA2-256, SHA2-384, SHA2-512
      • Capabilities:
        • Authentication Method: Public Key Encryption
        • Initiator Nonce Length: 64-2048
        • Responder Nonce Length: 64-2048
        • Diffie-Hellman Shared Secret Length: 8192
        • Hash Algorithm: SHA-1, SHA2-256, SHA2-384, SHA2-512
      • Capabilities:
        • Authentication Method: Pre-shared Key
        • Initiator Nonce Length: 64-2048
        • Responder Nonce Length: 64-2048
        • Preshared Key Length: 128-1016
        • Diffie-Hellman Shared Secret Length: 2048
        • Hash Algorithm: SHA-1, SHA2-256, SHA2-384, SHA2-512
      • Capabilities:
        • Authentication Method: Pre-shared Key
        • Initiator Nonce Length: 64-2048
        • Responder Nonce Length: 64-2048
        • Preshared Key Length: 128-1016
        • Diffie-Hellman Shared Secret Length: 3072
        • Hash Algorithm: SHA-1, SHA2-256, SHA2-384, SHA2-512
      • Capabilities:
        • Authentication Method: Pre-shared Key
        • Initiator Nonce Length: 64-2048
        • Responder Nonce Length: 64-2048
        • Preshared Key Length: 128-1016
        • Diffie-Hellman Shared Secret Length: 8192
        • Hash Algorithm: SHA-1, SHA2-256, SHA2-384, SHA2-512
    Prerequisites:
  • KDF IKEv2
      • Capabilities:
        • Initiator Nonce Length: 128-2048
        • Responder Nonce Length: 128-2048
        • Diffie-Hellman Shared Secret Length: 224
        • Derived Keying Material Length: 1056-3072
        • Hash Algorithm: SHA-1, SHA2-256, SHA2-384, SHA2-512
      • Capabilities:
        • Initiator Nonce Length: 128-2048
        • Responder Nonce Length: 128-2048
        • Diffie-Hellman Shared Secret Length: 8192
        • Derived Keying Material Length: 1056-3072
        • Hash Algorithm: SHA-1, SHA2-256, SHA2-384, SHA2-512
      • Capabilities:
        • Initiator Nonce Length: 128-2048
        • Responder Nonce Length: 128-2048
        • Diffie-Hellman Shared Secret Length: 2048
        • Derived Keying Material Length: 1056-3072
        • Hash Algorithm: SHA-1, SHA2-256, SHA2-384, SHA2-512
    Prerequisites:
  • SHA-1
    • Message Length: 0-51200 Increment 8
  • SHA-256
    • Message Length: 0-51200 Increment 8
  • SHA-384
    • Message Length: 0-102400 Increment 8
  • SHA-512
    • Message Length: 0-102400 Increment 8
  • Arm v7
    • processor
      • manufacturer: ARM
  • Intel Celeron
    • processor
      • manufacturer: Intel
  • Intel i5 Series
    • processor
      • manufacturer: Intel
  • Intel i7 Series
    • processor
      • manufacturer: Intel
  • Intel Xeon E5
    • processor
      • manufacturer: Intel
  • ECDSA SigGen (186-4)
    • Component
      • Capabilities:
        • Curve: P-256
        • Hash Algorithm: SHA2-256, SHA2-384, SHA2-512
      • Capabilities:
        • Curve: P-384
        • Hash Algorithm: SHA2-256, SHA2-384, SHA2-512
      • Capabilities:
        • Curve: P-521
        • Hash Algorithm: SHA2-256, SHA2-384, SHA2-512
  • ECDSA SigGen (186-4)
      • Capabilities:
        • Curve: P-256
        • Hash Algorithm: SHA2-256, SHA2-384, SHA2-512
      • Capabilities:
        • Curve: P-384
        • Hash Algorithm: SHA2-256, SHA2-384, SHA2-512
      • Capabilities:
        • Curve: P-521
        • Hash Algorithm: SHA2-256, SHA2-384, SHA2-512
    Prerequisites:
  • ECDSA SigVer (186-4)
      • Capabilities:
        • Curve: P-256
        • Hash Algorithm: SHA-1, SHA2-256, SHA2-384, SHA2-512
      • Capabilities:
        • Curve: P-384
        • Hash Algorithm: SHA-1, SHA2-256, SHA2-384, SHA2-512
      • Capabilities:
        • Curve: P-521
        • Hash Algorithm: SHA-1, SHA2-256, SHA2-384, SHA2-512
    Prerequisites:
  • KAS-FFC Component
    • Scheme:
      • dhEphem:
        • KAS Role: Initiator, Responder
        • KDF without Key Confirmation:
          • Parameter Set:
            • FB:
              • Hash Algorithm: SHA2-256
            • FC:
              • Hash Algorithm: SHA2-256
    Prerequisites: