Module Name
CBL-Mariner OpenSSL Cryptographic Module
Caveat
When operated in FIPS mode and installed, initialized and configured as specified in Sections 1 and 8 of the Security Policy. The module generates cryptographic keys whose strengths are modified by available entropy
Security Level Exceptions
Embodiment
Multi-Chip Stand Alone
Description
Microsoft CBL-Mariner OpenSSL Cryptographic Module is a general-purpose, software cryptographic module that implements FIPS 140-2 approved cryptographic algorithms.
Tested Configuration(s)
- CBL-Mariner 2.0 on Azure Host Hypervisor running on an Azure Compute C2030 Server with an Intel® Xeon® Platinum 8272CL with PAA
- CBL-Mariner 2.0 on Azure Host Hypervisor running on an Azure Compute C2030 Server with an Intel® Xeon® Platinum 8272CL without PAA (single-user mode)
- CBL-Mariner 2.0 running on an Azure Compute C2030 Server with an Intel® Xeon® Platinum 8272CL with PAA
- CBL-Mariner 2.0 running on an Azure Compute C2030 Server with an Intel® Xeon® Platinum 8272CL without PAA
Approved Algorithms
| AES |
Cert. #A2665 |
| CVL |
Cert. #A2665 |
| DRBG |
Cert. #A2665 |
| DSA |
Cert. #A2665 |
| ECDSA |
Cert. #A2665 |
| ENT |
NP |
| HMAC |
Cert. #A2665 |
| KAS |
KAS-SSC Cert. #A2665, CVL Cert. #A2665 |
| KAS |
KAS-SSC Cert. #A2665, KDA Cert. #A2665 |
| KAS-SSC |
Cert. #A2665 |
| KDA |
Cert. #A2665 |
| KTS |
AES Cert. #A2665; key establishment methodology provides between 128 and 256 bits of encryption strength |
| KTS |
AES Cert. #A2665 and HMAC Cert. #A2665; key establishment methodology provides between 128 and 256 bits of encryption strength |
| KTS |
Triple-DES Cert. #A2665 and HMAC Cert. #A2665; key establishment methodology provides 112 bits of encryption strength |
| PBKDF |
Cert. #A2665 |
| RSA |
Cert. #A2665 |
| SHA-3 |
Cert. #A2665 |
| SHS |
Cert. #A2665 |
| Triple-DES |
Cert. #A2665 |
