Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Cryptographic Module Validation Program CMVP

Certificate #4755

Details

Module Name
IBM® Crypto for C
Standard
FIPS 140-3
Status
Active
Sunset Date
8/8/2026
Overall Level
1
Caveat
Interim validation. When operated in the approved mode. When installed, initialized and configured as specified in sections 11.1 and 11.2 of the Security Policy
Security Level Exceptions
  • Physical security: N/A
  • Non-invasive security: N/A
  • Mitigation of other attacks: N/A
  • Documentation requirements: N/A
  • Cryptographic module security policy: N/A
Module Type
Software
Embodiment
Multi-Chip Stand Alone
Description
The IBM Crypto for C version 8.8.1.0 (ICC) cryptographic module is implemented in the C programming language. It is packaged as dynamic (shared) libraries usable by applications written in a language that supports C language linking conventions (e.g. C, C++, Java, Assembler, etc.) for use on commercially available operating systems. The ICC allows these applications to access cryptographic functions using an Application Programming Interface (API) provided through an ICC import library and based on the API defined by the OpenSSL group.
Tested Configuration(s)
  • IBM AIX 7.2 64-bit (Big Endian) on IBM PowerVM 3.1 running on IBM Power System S914 (9009-41A) with IBM POWER9 with PAA
  • IBM AIX 7.2 64-bit (Big Endian) on IBM PowerVM 3.1 running on IBM Power System S914 (9009-41A) with IBM POWER9 without PAA
  • IBM z/OS 2.3 on IBM z/VM 7.2 running on IBM z15 (8561 T01) with IBM z15 with PAI
  • IBM z/OS 2.3 on IBM z/VM 7.2 running on IBM z15 (8561 T01) with IBM z15 without PAI
  • Microsoft Windows Server 2019 64-bit on Lenovo ThinkSystem SR630 with Intel Xeon® Gold 5217 with PAA
  • Microsoft Windows Server 2019 64-bit on Lenovo ThinkSystem SR630 with Intel Xeon® Gold 5217 without PAA
  • Red Hat Linux Enterprise Server 7.9 64-bit (Big Endian) on IBM PowerVM 3.1 running on IBM Power System S914 (9009-41A) with IBM POWER9 with PAA
  • Red Hat Linux Enterprise Server 7.9 64-bit (Big Endian) on IBM PowerVM 3.1 running on IBM Power System S914 (9009-41A) with IBM POWER9 without PAA
  • Red Hat Linux Enterprise Server 8.4 64-bit (Little Endian) on IBM PowerVM 3.1 running on IBM Power System S914 (9009-41A) with IBM POWER9 with PAA
  • Red Hat Linux Enterprise Server 8.4 64-bit (Little Endian) on IBM PowerVM 3.1 running on IBM Power System S914 (9009-41A) with IBM POWER9 without PAA
  • Red Hat Linux Enterprise Server 8.4 64-bit (Little Endian) on Lenovo ThinkSystem SR630 with Intel Xeon® Gold 5217 with PAA
  • Red Hat Linux Enterprise Server 8.4 64-bit (Little Endian) on Lenovo ThinkSystem SR630 with Intel Xeon® Gold 5217 without PAA
  • zLinux Red Hat Linux Enterprise Server 8.6 64-bit (Big Endian) on IBM z/VM 7.2 running on IBM z15 (8561 T01) with IBM z15 with PAI
  • zLinux Red Hat Linux Enterprise Server 8.6 64-bit (Big Endian) on IBM z/VM 7.2 running on IBM z15 (8561 T01) with IBM z15 without PAI
Approved Algorithms
AES-CBC
AES-CBC
AES-CCM
AES-CCM
AES-CFB1
AES-CFB1
AES-CFB128
AES-CFB128
AES-CFB8
AES-CFB8
AES-CMAC
AES-CMAC
AES-CTR
AES-CTR
AES-ECB
AES-ECB
AES-GCM
AES-GCM
AES-KW
AES-KW
AES-KWP
AES-KWP
AES-OFB
AES-OFB
AES-XTS Testing Revision 2.0
AES-XTS Testing Revision 2.0
Counter DRBG
Counter DRBG
DSA SigVer (FIPS186-4)
DSA SigVer (FIPS186-4)
ECDSA KeyGen (FIPS186-4)
ECDSA KeyGen (FIPS186-4)
ECDSA KeyVer (FIPS186-4)
ECDSA KeyVer (FIPS186-4)
ECDSA SigGen (FIPS186-4)
ECDSA SigGen (FIPS186-4)
ECDSA SigVer (FIPS186-4)
ECDSA SigVer (FIPS186-4)
Hash DRBG
Hash DRBG
HMAC DRBG
HMAC DRBG
HMAC-SHA2-224
HMAC-SHA2-224
HMAC-SHA2-256
HMAC-SHA2-256
HMAC-SHA2-384
HMAC-SHA2-384
HMAC-SHA2-512
HMAC-SHA2-512
HMAC-SHA3-224
HMAC-SHA3-224
HMAC-SHA3-256
HMAC-SHA3-256
HMAC-SHA3-384
HMAC-SHA3-384
HMAC-SHA3-512
HMAC-SHA3-512
KAS-ECC-SSC Sp800-56Ar3
KAS-ECC-SSC Sp800-56Ar3
KAS-FFC-SSC Sp800-56Ar3
KAS-FFC-SSC Sp800-56Ar3
KDA HKDF Sp800-56Cr1
KDA HKDF Sp800-56Cr1
PBKDF
PBKDF
RSA KeyGen (FIPS186-4)
RSA KeyGen (FIPS186-4)
RSA SigGen (FIPS186-4)
RSA SigGen (FIPS186-4)
RSA SigVer (FIPS186-4)
RSA SigVer (FIPS186-4)
Safe Primes Key Generation
Safe Primes Key Generation
SHA2-224
SHA2-224
SHA2-256
SHA2-256
SHA2-384
SHA2-384
SHA2-512
SHA2-512
SHA3-224
SHA3-224
SHA3-256
SHA3-256
SHA3-384
SHA3-384
SHA3-512
SHA3-512
Software Versions
8.8.1.0

Vendor

IBM Corporation
1 Corporate Court
Bundall, QLD 4217
Australia

John Peck
johnpeck@us.ibm.com
Phone: 512-286-7959

Validation History

Date Type Lab
8/9/2024 Initial ATSEC INFORMATION SECURITY CORP