Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

Cryptographic Algorithm Validation Program

Description
The Security Kernel is a C++ implementation of cryptographic functions accessible by an object-oriented API. Depending on configuration, the algorithms may be implemented in software, hardware, or both. The PKCS #11, is used as the interface to hardware-based cryptographic modules.
Version
1.0
Type
SOFTWARE
Vendor
Entrust Datacard Corporation
Two Lincoln Centre
5420 LBJ Freeway Suite 300
Dallas, TX 75240
USA
Contacts
Yuefei Lu
Yuefei.Lu@entrustdatacard.com
John Mahoney
John.Mahoney@entrustdatacard.com

Validations

Number
Date
Operating Environments
Algorithm Capabilities
C603
4/5/2019
  • Microsoft Windows Server 2016 Standard Edition on Intel Core i7-7700 (3.60GHz, 8 MB), 64-bit
    • processor
      • manufacturer: Intel
    • software
  • ECDSA KeyGen (186-4)
    • Curve: P-224, P-256, P-384, P-521
    • Secret Generation Mode: Extra Bits
    Prerequisites:
  • ECDSA KeyVer (186-4)
    • Curve: P-192, P-224, P-256, P-384, P-521
  • ECDSA SigGen (186-4)
      • Capabilities:
        • Curve: P-224
        • Hash Algorithm: SHA2-224, SHA2-256, SHA2-384, SHA2-512
      • Capabilities:
        • Curve: P-256
        • Hash Algorithm: SHA2-224, SHA2-256, SHA2-384, SHA2-512
      • Capabilities:
        • Curve: P-384
        • Hash Algorithm: SHA2-224, SHA2-256, SHA2-384, SHA2-512
      • Capabilities:
        • Curve: P-521
        • Hash Algorithm: SHA2-224, SHA2-256, SHA2-384, SHA2-512
    Prerequisites:
  • ECDSA SigVer (186-4)
      • Capabilities:
        • Curve: P-192
        • Hash Algorithm: SHA-1, SHA2-224, SHA2-256, SHA2-384, SHA2-512
      • Capabilities:
        • Curve: P-224
        • Hash Algorithm: SHA-1, SHA2-224, SHA2-256, SHA2-384, SHA2-512
      • Capabilities:
        • Curve: P-256
        • Hash Algorithm: SHA-1, SHA2-224, SHA2-256, SHA2-384, SHA2-512
      • Capabilities:
        • Curve: P-384
        • Hash Algorithm: SHA-1, SHA2-224, SHA2-256, SHA2-384, SHA2-512
      • Capabilities:
        • Curve: P-521
        • Hash Algorithm: SHA-1, SHA2-224, SHA2-256, SHA2-384, SHA2-512
    Prerequisites:
  • KAS-ECC Component
    • Function: Domain Parameter Validation, Full Public Key Validation, Key Pair Generation, Partial Public Key Validation
    • Scheme:
      • Ephemeral Unified:
        • KAS Role: Initiator, Responder
        • KDF without Key Confirmation:
          • Parameter Set:
            • EB:
              • Hash Algorithm: SHA2-224
              • Curve: P-224
            • EC:
              • Hash Algorithm: SHA2-256
              • Curve: P-256
            • ED:
              • Hash Algorithm: SHA2-384
              • Curve: P-384
            • EE:
              • Hash Algorithm: SHA2-512
              • Curve: P-521
      • One Pass DH:
        • KAS Role: Initiator, Responder
        • KDF without Key Confirmation:
          • Parameter Set:
            • EB:
              • Hash Algorithm: SHA2-224
              • Curve: P-224
            • EC:
              • Hash Algorithm: SHA2-256
              • Curve: P-256
            • ED:
              • Hash Algorithm: SHA2-384
              • Curve: P-384
            • EE:
              • Hash Algorithm: SHA2-512
              • Curve: P-521
      • Static Unified:
        • KAS Role: Initiator, Responder
        • KDF without Key Confirmation:
          • Parameter Set:
            • EB:
              • Hash Algorithm: SHA2-224
              • Curve: P-224
            • EC:
              • Hash Algorithm: SHA2-256
              • Curve: P-256
            • ED:
              • Hash Algorithm: SHA2-384
              • Curve: P-384
            • EE:
              • Hash Algorithm: SHA2-512
              • Curve: P-521
    Prerequisites: