Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

Cryptographic Module Validation Program

Certificate #2408

Details

Module Name
Apple OS X CoreCrypto Module, v5.0
Standard
FIPS 140-2
Status
Active
Sunset Date
7/21/2020
Validation Dates
7/22/2015
Overall Level
1
Caveat
When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy
Security Level Exceptions
  • Physical Security: N/A
Module Type
Software
Embodiment
Multi-chip standalone
Description
The Apple OS X CoreCrypto Module is a software cryptographic module running on a multi-chip standalone mobile device and provides services intended to protect data in transit and at rest.
Tested Configuration(s)
  • OS X 10.10 running on iMac with i7 CPU with PAA
  • OS X 10.10 running on iMac with i7 CPU without PAA
  • OS X 10.10 running on Mac mini with i5 CPU with PAA
  • OS X 10.10 running on Mac mini with i5 CPU without PAA
  • OS X 10.10 running on MacBook with Core M CPU with PAA
  • OS X 10.10 running on MacBook with Core M CPU without PAA (single-user mode)
  • OS X 10.10 running on MacPro with Xeon CPU with PAA
  • OS X 10.10 running on MacPro with Xeon CPU without PAA
FIPS Algorithms
AES Certs. #3042, #3043, #3044, #3045, #3046, #3047, #3048, #3049, #3051, #3052, #3053, #3054, #3055, #3056, #3057, #3058, #3059, #3060, #3061, #3062, #3063, #3064, #3065, #3121, #3257, #3259, #3260, #3261, #3262, #3266, #3386, #3387, #3388, #3389, #3390, #3391, #3392, #3393, #3394 and #3395
DRBG Certs. #586, #587, #588, #589, #590, #591, #592, #593, #594, #595, #596, #597, #716, #718, #719, #720, #721, #725, #807, #808, #809, #810, #811 and #812
ECDSA Certs. #614, #615, #616, #617, #618, #622, #674 and #675
HMAC Certs. #1919, #1920, #1921, #1922, #1923, #1924, #1925, #1926, #1969, #1970, #1971, #1972, #1973, #1974, #1975, #1976, #1977, #1978, #2056, #2058, #2059, #2060, #2061, #2065, #2160, #2161, #2162, #2163, #2164, #2165, #2166 and #2167
PBKDF vendor affirmed
RSA Certs. #1658, #1659, #1660, #1661, #1662, #1666, #1738 and #1739
SHS Certs. #2535, #2536, #2537, #2538, #2539, #2540, #2541, #2542, #2588, #2589, #2590, #2591, #2592, #2593, #2594, #2595, #2596, #2597, #2695, #2697, #2698, #2699, #2700, #2704, #2805,# 2806, #2807, #2808, #2809, #2810, #2811 and #2812
Triple-DES Certs. #1847, #1848, #1849, #1850, #1851, #1855, #1922 and #1923
Other Algorithms
AES (non-compliant); AES-CMAC (non-compliant); RSA (key wrapping; key establishment methodology provides between 112 and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); RSA (non-compliant); ECDSA (non-compliant); Diffie-Hellman (key agreement; key establishment methodology provides between 112 and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); EC Diffie-Hellman (key agreement; key establishment methodology provides 128 or 160 bits of encryption strength); Integrated Encryption Scheme on elliptic curves; DES; TDES (non-compliant); MD2; MD4; MD5; CAST5; RIPEMD; Blowfish; RC2; RC4; HMAC-DRBG (non-compliant); Hash-DRBG (non-compliant); OMAC (One-Key CBC MAC); KBKDF (non-compliant); ed25519; RFC6637 KDF; ANSI X9.63 KDF
Software Versions
5.0

Vendor

Apple Inc.
1 Infinite Loop
Cupertino, CA 95041
USA

Shawn Geddis
geddis@apple.com
Phone: (669) 227-3579
Fax: (866) 315-1954

Lab

atsec
NVLAP Code: 200658-0