Module Name
VAST Data FIPS Object Module for OpenSSL
Caveat
When operated in FIPS mode. No assurance of the minimum strength of generated keys.
Security Level Exceptions
- Roles, Services, and Authentication: Level 2
- Physical Security: N/A
- Design Assurance: Level 3
- Mitigation of Other Attacks: N/A
Embodiment
Multi-Chip Stand Alone
Description
The VAST Data FIPS Object Module for OpenSSL is a software library replacement for applications that use OpenSSL 1.0.2 and require FIPS 140-2 validated cryptography.
Tested Configuration(s)
- Android 10 running on Samsung Galaxy S9 with Qualcomm SDM845 with PAA
- Android 10 running on Samsung Galaxy S9 with Qualcomm SDM845 without PAA
- CentOS 6 running on HPE ProLiant DL60 Gen9 with Intel Xeon E5-2609 with PAA
- CentOS 6 running on HPE ProLiant DL60 Gen9 with Intel Xeon E5-2609 without PAA
- CentOS 7 running on HPE ProLiant DL60 Gen9 with Intel Xeon E5-2609 with PAA
- CentOS 7 running on HPE ProLiant DL60 Gen9 with Intel Xeon E5-2609 without PAA
- Fedora Linux 24 running on Samsung ARTIK 710 SOM with ARM Cortex-A53 with PAA
- Fedora Linux 24 running on Samsung ARTIK 710 SOM with ARM Cortex-A53 without PAA
- Ubuntu 18.04 LTS running on HPE ProLiant DL60 Gen9 with Intel Xeon E5-2609 with PAA
- Ubuntu 18.04 LTS running on HPE ProLiant DL60 Gen9 with Intel Xeon E5-2609 without PAA
- Windows Server 2019 running on HPE ProLiant DL60 Gen9 with Intel Xeon E5-2609 with PAA
- Windows Server 2019 running on HPE ProLiant DL60 Gen9 with Intel Xeon E5-2609 without PAA (single-user mode).
Approved Algorithms
AES |
Certs. #A952, #C904, #C1318 and #C1795 |
CKG |
vendor affirmed |
DRBG |
Certs. #A952, #C904, #C1318 and #C1795 |
DSA |
Certs. #A952, #C904, #C1318 and #C1795 |
ECDSA |
Certs. #A952, #C904, #C1318 and #C1795 |
HMAC |
Certs. #A952, #C904, #C1318 and #C1795 |
KAS-SSC |
vendor affirmed |
RSA |
Certs. #A952, #C904, #C1318 and #C1795 |
SHA |
Certs. #A952, #C904, #C1318 and #C1795 |
Triple-DES |
Certs. #A952, #C904, #C1318 and #C1795 |
Allowed Algorithms
RSA (key wrapping; key establishment methodology provides between 112 and 256 bits of encryption strength)