Module Name
Apple OS X CoreCrypto Module, v3.0
Historical Reason
Moved to historical list due to sunsetting
Caveat
When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy
Embodiment
Multi-chip standalone
Description
The Apple OS X CoreCrypto Module is a software cryptographic module running on a multi-chip standalone mobile device and provides services intended to protect data in transit and at rest.
Tested Configuration(s)
- OS X 10.8 running on iMac with i7 CPU with PAA
- OS X 10.8 running on iMac with i7 CPU without PAA (single-user mode)
- OS X 10.8 running on Mac mini with i5 CPU with PAA
- OS X 10.8 running on Mac mini with i5 CPU without PAA
Approved Algorithms
| AES |
Certs. #2088, #2089, #2090, #2091, #2092, #2093, #2094, #2095, #2103 and #2104 |
| DRBG |
Certs. #217, #218, #219, #220, #226 and #227 |
| ECDSA |
Certs. #312 and #313 |
| HMAC |
Certs. #1267, #1268, #1269, #1270, #1278 and #1279 |
| PBKDF |
vendor affirmed |
| RSA |
Certs. #1078 and #1079 |
| SHS |
Certs. #1816, #1817, #1818, #1819, #1827 and #1828 |
| Triple-DES |
Certs. #1339 and #1340 |
Other Algorithms
RSA (key wrapping; key establishment methodology provides between 112 and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); RSA (non-compliant); Diffie-Hellman (key agreement; key establishment methodology provides between 112 and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); EC Diffie-Hellman (key agreement; key establishment methodology provides 128 bits of encryption strength); ECDSA (P-192, P-224 and P-521; non-compliant); DES; MD2; MD4; MD5; CAST5; RIPEMD; Blowfish; BitGen1; BitGen2; BitGen3; RC2; RC4; OMAC (non-compliant)
