Module Name
Apple OS X CoreCrypto Module, v3.0
Historical Reason
Moved to historical list due to sunsetting
Validation Dates
06/14/2013
Caveat
When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy
Embodiment
Multi-chip standalone
Description
The Apple OS X CoreCrypto Module is a software cryptographic module running on a multi-chip standalone mobile device and provides services intended to protect data in transit and at rest.
Tested Configuration(s)
- OS X 10.8 running on iMac with i7 CPU with PAA
- OS X 10.8 running on iMac with i7 CPU without PAA (single-user mode)
- OS X 10.8 running on Mac mini with i5 CPU with PAA
- OS X 10.8 running on Mac mini with i5 CPU without PAA
FIPS Algorithms
AES |
Certs. #2088, #2089, #2090, #2091, #2092, #2093, #2094, #2095, #2103 and #2104 |
DRBG |
Certs. #217, #218, #219, #220, #226 and #227 |
ECDSA |
Certs. #312 and #313 |
HMAC |
Certs. #1267, #1268, #1269, #1270, #1278 and #1279 |
PBKDF |
vendor affirmed |
RSA |
Certs. #1078 and #1079 |
SHS |
Certs. #1816, #1817, #1818, #1819, #1827 and #1828 |
Triple-DES |
Certs. #1339 and #1340 |
Other Algorithms
RSA (key wrapping; key establishment methodology provides between 112 and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); RSA (non-compliant); Diffie-Hellman (key agreement; key establishment methodology provides between 112 and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); EC Diffie-Hellman (key agreement; key establishment methodology provides 128 bits of encryption strength); ECDSA (P-192, P-224 and P-521; non-compliant); DES; MD2; MD4; MD5; CAST5; RIPEMD; Blowfish; BitGen1; BitGen2; BitGen3; RC2; RC4; OMAC (non-compliant)