Cryptographic Module Validation Program

Cryptographic Module Validation Program CMVP

Certificate #1701

Historical - The referenced cryptographic module should not be included by Federal Agencies in new procurements. Agencies may make a risk determination on whether to continue using this module based on their own assessment of where and how it is used.

Details

Module Name

Apple FIPS Cryptographic Module

Standard

FIPS 140-2

Status

Historical

Historical Reason

RNG SP800-131A Revision 1 Transition

Overall Level

Caveat

When operated in FIPS mode

Module Type

Software

Embodiment

Multi-chip standalone

Description

Apple's OS X Lion (v10.7) security services are now built on a newer 'Next Generation Cryptography' platform and does not use the CDSA/CSP module previously validated. Apple is re-validating the same CDSA/CSP module under OS X Lion to provide validation solely for third-party applications.

Tested Configuration(s)

Mac OS X 10.7.0 (single-user mode)

Approved Algorithms

AES	Cert. #1872
DSA	Cert. #585
ECDSA	Cert. #262
HMAC	Cert. #1116
RNG	Cert. #981
RSA	Cert. #952
SHS	Cert. #1645
Triple-DES	Cert. #1216

Other Algorithms

ASC; Blowfish; CAST; DES; RC2; RC4; RC5; FEE; MD2; MD5; HMAC-MD5; Diffie-Hellman (key agreement; key establishment methodology provides 112 bits of encryption strength; non-compliant less than 112 bits of encryption strength); EC Diffie-Hellman (key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength; non-compliant less than 112 bits of encryption strength); RSA (key wrapping; key establishment methodology provides between 112 and 128 bits of encryption strength; non-compliant less than 112 bits of encryption strength); RSA (non-compliant key generation)

Software Versions

1.1

Vendor

Apple Inc.
11921 Freedom Drive
Reston, VA 20190
USA

Shawn Geddis
geddis@apple.com
Phone: 703-264-5103

Related Files

Security Policy
Consolidated Certificate

Validation History

Date	Type	Lab
3/30/2012	Initial	CYGNACOM SOLUTIONS INC