Module Name
Oracle Solaris Userland Cryptographic Framework with SPARC T4 and SPARC T5
Historical Reason
RNG SP800-131A Revision 1 Transition
Caveat
When installed, initialized and configured as specified in the Security Policy and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy
Security Level Exceptions
- Mitigation of Other Attacks: N/A
Module Type
Software-Hybrid
Embodiment
Multi-chip standalone
Description
The Oracle Solaris OS utilizes two cryptographic modules; one in the Userland space and the second in the Kernel space. The OS uses the Oracle Solaris Userland Cryptographic Framework module for cryptographic functionality for any applications running in user space. It exposes PKCS#11 APIs, uCrypto APIs, and libmd public interfaces to provide cryptography to any application designed to utilize them. The module includes the SPARC T4 and SPARC T5 processor special instruction sets for hardware-accelerated cryptography.
Tested Configuration(s)
- Oracle Solaris 11.1 running on a SPARC T4-1 Server
- Oracle Solaris 11.1 running on a SPARC T5-2 Server (single-user mode)
Other Algorithms
AES-XCBC-MAC (non-compliant); SHA-512/224 (non-compliant); SHA-512/256 (non-compliant); MD4; MD5; RC4; DES; Blowfish; RSA (key wrapping; key establishment methodology provides between 112 and 192 bits of encryption strength; non-compliant less than 112 bits of encryption strength); Diffie-Hellman (key agreement; key establishment methodology provides between 112 and 192 bits of encryption strength; non-compliant less than 112 bits of encryption strength); EC Diffie-Hellman (key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength; non-compliant less than 112 bits of encryption strength)
Hardware Versions
527-1437-01 and 7043165
Software Versions
1.0 and 1.1