Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

Cryptographic Algorithm Validation Program

Description
Linux kernel crypto API implementation providing cryptographic services to software components executing as part of the Linux kernel.
Version
2.0
Type
SOFTWARE
Vendor
Canonical Ltd.
5th Floor, Blue Fin Building, 110 Southwark Street
London SE1 0SU
United Kingdom
Contacts
Joy Latten
joy.latten@canonical.com
Joe McManus
joe.mcmanus@canonical.com

Validations

Number
Date
Operating Environments
Algorithm Capabilities
C1220
10/9/2019
  • Ubuntu 16.04 on Intel(R) Xeon(R) E5
    • processor
      • manufacturer: Intel
    • software
  • AES-CBC
    • Direction: Decrypt, Encrypt
    • Key Length: 128, 192, 256
  • AES-CCM
    • Key Length: 128, 192, 256
    • Tag Length: 32, 48, 64, 80, 96, 112, 128
    • IV Length: 56, 64, 72, 80, 88, 96, 104
    • Payload Length: 0-256
    • AAD Length: 0-524288
    Prerequisites:
  • AES-CMAC
      • Capabilities:
        • Direction: Generation
        • Key Length: 128
        • MAC: 64, 128
        • Message Length: 0, 128, 136, 256, 264, 524288
      • Capabilities:
        • Direction: Generation
        • Key Length: 192
        • MAC: 64, 128
        • Message Length: 0, 128, 136, 256, 264, 524288
      • Capabilities:
        • Direction: Generation
        • Key Length: 256
        • MAC: 64, 128
        • Message Length: 0, 128, 136, 256, 264, 524288
      • Capabilities:
        • Direction: Verification
        • Key Length: 128
        • MAC: 64, 128
        • Message Length: 0, 128, 136, 256, 264, 524288
      • Capabilities:
        • Direction: Verification
        • Key Length: 192
        • MAC: 64, 128
        • Message Length: 0, 128, 136, 256, 264, 524288
      • Capabilities:
        • Direction: Verification
        • Key Length: 256
        • MAC: 64, 128
        • Message Length: 0, 128, 136, 256, 264, 524288
  • AES-CTR
    • Direction: Encrypt
    • Key Length: 128, 192, 256
  • AES-ECB
    • Direction: Decrypt, Encrypt
    • Key Length: 128, 192, 256
  • AES-GCM
    • Direction: Decrypt, Encrypt
    • IV Generation: External
    • Key Length: 128, 192, 256
    • Tag Length: 32, 64, 96, 104, 112, 120, 128
    • IV Length: 96
    • Payload Length: 120, 128, 248, 256
    • AAD Length: 0, 120, 128, 248, 256
  • AES-GMAC
    • Direction: Decrypt, Encrypt
    • IV Generation: External
    • Key Length: 128, 192, 256
    • Tag Length: 32, 64, 96, 104, 112, 120, 128
    • IV Length: 96
    • AAD Length: 0, 120, 128, 248, 256
  • AES-KW
    • Direction: Decrypt, Encrypt
    • Cipher: Cipher
    • Key Length: 128, 192, 256
    • Payload Length: 128, 192, 256, 320, 4096
    Prerequisites:
  • AES-XTS
    • Direction: Decrypt, Encrypt
    • Key Length: 128
    • Payload Length: 128, 256, 65536
    • Tweak Mode: Hex
  • AES-XTS
    • Direction: Decrypt, Encrypt
    • Key Length: 256
    • Payload Length: 128, 256, 65536
    • Tweak Mode: Hex
  • Counter DRBG
    • Prediction Resistance: Yes, No
    • Supports Reseed
      • Capabilities:
        • Mode: AES-128
        • Derivation Function Enabled: Yes
        • Additional Input: 0-128
        • Entropy Input: 128
        • Nonce: 64
        • Personalization String Length: 0-128
        • Returned Bits: 512
      • Capabilities:
        • Mode: AES-192
        • Derivation Function Enabled: Yes
        • Additional Input: 0-256
        • Entropy Input: 192
        • Nonce: 128
        • Personalization String Length: 0-256
        • Returned Bits: 512
      • Capabilities:
        • Mode: AES-256
        • Derivation Function Enabled: Yes
        • Additional Input: 0-256
        • Entropy Input: 256
        • Nonce: 128
        • Personalization String Length: 0-256
        • Returned Bits: 512
    Prerequisites:
  • TDES-CBC
    • Direction: Decrypt, Encrypt
    • Keying Option: 1
  • TDES-CMAC
      • Capabilities:
        • Direction: Generation
        • Keying Option: 1
        • MAC: 32, 64
        • Message Length: 0, 64, 72, 128, 136, 524288
      • Capabilities:
        • Direction: Verification
        • Keying Option: 1
        • MAC: 32, 64
        • Message Length: 0, 64, 72, 128, 136, 524288
  • TDES-CTR
    • Direction: Encrypt
  • TDES-ECB
    • Direction: Decrypt, Encrypt
    • Keying Option: 1