Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

Cryptographic Module Validation Program

Certificate #2832

Details

Module Name
Apple macOS CoreCrypto Module, v7.0
Standard
FIPS 140-2
Status
Active
Sunset Date
2/1/2022
Validation Dates
2/2/2017
Overall Level
1
Caveat
When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy
Security Level Exceptions
  • Physical Security: N/A
Module Type
Software
Embodiment
Multi-Chip Stand Alone
Description
The Apple macOS CoreCrypto Module is a software cryptographic module running on a multi-chip standalone mobile device and provides services intended to protect data in transit and at rest.
Tested Configuration(s)
  • macOS Sierra v10.12.2 running on Mac mini with i5 CPU with PAA
  • macOS Sierra v10.12.2 running on Mac mini with i5 CPU without PAA
  • macOS Sierra v10.12.2 running on MacBook Pro with i7 CPU with PAA
  • macOS Sierra v10.12.2 running on MacBook Pro with i7 CPU without PAA
  • macOS Sierra v10.12.2 running on MacBook with Core M CPU with PAA
  • macOS Sierra v10.12.2 running on MacBook with Core M CPU without PAA (single-user mode)
  • macOS Sierra v10.12.2 running on MacPro with Xeon CPU with PAA
  • macOS Sierra v10.12.2 running on MacPro with Xeon CPU without PAA
FIPS Algorithms
AES Certs. #4191, #4192, #4193, #4194, #4195, #4196, #4197, #4198, #4207, #4208, #4209, #4210, #4211, #4212, #4213, #4214, #4215, #4216, #4217, #4218, #4219, #4220, #4221, #4222, #4223, #4224, #4225, #4226, #4227, #4228, #4229, #4230, #4270, #4271, #4272, #4273, #4274, #4275, #4276 and #4277
CVL Certs. #972, #973, #974, #975, #976, #977, #978 and #979
DRBG Certs. #1291, #1292, #1293, #1294, #1295, #1296, #1297, #1298, #1299, #1300, #1301, #1302, #1303, #1304, #1305, #1306, #1307, #1308, #1309, #1310, #1311, #1312, #1313 and #1314
ECDSA Certs. #968, #969, #970, #971, #972, #973, #974 and #975
HMAC Certs. #2746, #2747, #2748, #2749, #2750, #2751, #2752, #2753, #2754, #2755, #2756, #2757, #2758, #2759, #2760, #2761, #2762, #2763, #2764, #2765, #2766, #2767, #2768, #2769, #2796, #2797, #2798, #2799, #2800, #2801 and #2809
KTS AES Certs. #4215, #4216, #4217, #4218, #4219, #4220, #4221, #4222, #4223, #4224, #4225, #4226, #4227, #4228, #4229, #4230, #4270, #4271, #4272, #4273, #4274, #4275, #4276 and #4277; key establishment methodology provides between 128 and 160 bits of encryption strength
KTS vendor affirmed
PBKDF vendor affirmed
RSA Certs. #2275, #2276, #2277, #2278, #2279, #2280, #2281 and #2282
SHS Certs. #3444, #3445, #3446, #3447, #3448, #3449, #3450, #3451, #3452, #3453, #3454, #3455, #3456, #3457, #3458, #3459, #3460, #3461, #3462, #3463, #3464, #3465, #3466, #3467, #3497, #3498, #3499, #3500, #3501, #3502 and #3510
Triple-DES Certs. #2283, #2284, #2285, #2286, #2287, #2288, #2289 and #2290
Other Algorithms
Diffie-Hellman (key agreement; key establishment methodology provides 112 or 128 bits of encryption strength; non-compliant less than 112 bits of encryption strength); EC Diffie-Hellman (key agreement; key establishment methodology provides 128 or 160 bits of encryption strength); NDRNG; RSA (key wrapping; key establishment methodology provides 112 or 128 bits of encryption strength; non-compliant less than 112 bits of encryption strength); AES (non-compliant); ANSI X9.63 KDF; Blowfish; CAST5; DES; ECDSA (non-compliant); Ed25519; Hash_DRBG (non-compliant); Integrated Encryption Scheme on elliptic curves; KBKDF (non-compliant); MD2; MD4; MD5; OMAC (One-Key CBC MAC); RC2; RC4; RFC6637 KDF; RIPEMD; RSA (non-compliant); SP800-56C KDF (non-compliant); Triple-DES (non-compliant)
Software Versions
7.0

Vendor

Apple Inc.
1 Infinite Loop
Cupertino, CA 95014
USA

Shawn Geddis
geddis@apple.com
Phone: 669-227-3579
Fax: 866-315-1954

Lab

ATSEC INFORMATION SECURITY CORPORATION
NVLAP Code: 200658-0