Component Validation List

Last Update: 9/1/2017

NOTICE: The SP800-131A Revision 1 Transitions: Recommendation for Transitioning the Use of Cryptographic Algorithms and Key Lengths goes into effect January 1, 2014. Key lengths (modulus and curve sizes) providing less than 112 bits of security strength are no longer approved to generate digital signatures. Therefore, the modulus size 1024 and the curve sizes P-192, K-163 and B-163 have been removed. The SP800-131A document also disallows the use of SHA-1 with Digital Signature Generation beginning January 1, 2014. All of the non-compliant features of the Components validation have been moved to a Historical Components Validation List for reference.

A note and link to the Historical validation list have been added to validations containing non-compliant features that have been moved to the Historical Validation List. This note is displayed in red print. If a complete validation has become non-compliant, the complete validation entry is displayed in red to signify it is now non-compliant and therefore revoked.

Overview

This page provides technical information pertaining to the testing of individual components of FIPS approved and NIST recommended cryptographic algorithms. These components are validated as conforming to the specifications in the associated publication. The testing that is performed on the component is described in the associated validation system (VS) document. The testing is handled by NVLAP- accredited Cryptographic And Security Testing (CST) Laboratories.

The implementations below consist of software, firmware, hardware, and any combination thereof. The National Institute of Standards and Technology (NIST) has made every attempt to provide complete and accurate information about the components described in this document. However, due to the possibility of changes made within individual companies, NIST cannot guarantee that this document reflects the current status of each component. It is the responsibility of the vendor to notify NIST of any necessary changes to its entry in the following list.

In addition to a general description of each component implementation, this list mentions the features that were tested as conforming to the appropriate publication. These features are described in the specific legend for each individual component and are listed below for each validation. Select the legend below for detail on the testing of that component.

Legends for Description Field for the Following Component

This list is ordered in reverse numerical order, by validation number. Thus, the more recent validations are located closer to the top of the list. The column after the Validation Date column contains information indicating what modes and features for these modes has been successfully tested.

Validated Component Implementations

Validation
No.
Component
Validated
Associated
Publication
Vendor Implementation Operational Environment Val.
Date
Description/Notes
1405
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
VMware, Inc.
3401 Hillview Ave
Palo Alto, CA 94303
USA

-Manoj Maskara
TEL: 650-427-1000
FAX: 650-475-5001

-Michael McKay
TEL: 650-427-3615
FAX: 650-475-5001

VMware BC-FJA (Bouncy Castle FIPS Java API)

Version 1.0.0
Intel Xeon E5 w/ Windows Server 2012 R2 with JRE 1.8 on ESXi 6.5 9/1/2017 RSASP1: (Mod2048: PKCS1.5 )

"The VMware BC-FJA (Bouncy Castle FIPS Java API) is a software cryptographic module that provides cryptographic functions and services to various VMware applications via a well-defined Java-language application programming interface (API)."

1404
Signature Generation of hash sized messages
FIPS186-4 ECDSA
VMware, Inc.
3401 Hillview Ave
Palo Alto, CA 94303
USA

-Manoj Maskara
TEL: 650-427-1000
FAX: 650-475-5001

-Michael McKay
TEL: 650-427-3615
FAX: 650-475-5001

VMware BC-FJA (Bouncy Castle FIPS Java API)

Version 1.0.0
Intel Xeon E5 w/ Windows Server 2012 R2 with JRE 1.8 on ESXi 6.5 9/1/2017 ECDSA SigGen Component: CURVES( P-224 P-256 P-384 P-521 K-233 K-283 K-409 K-571 B-233 B-283 B-409 B-571 )

"The VMware BC-FJA (Bouncy Castle FIPS Java API) is a software cryptographic module that provides cryptographic functions and services to various VMware applications via a well-defined Java-language application programming interface (API)."

1403
Section 4.1.2,
IKEv2
Section 4.2,
TLS
Section 5.1,
ANS X9.63-2001
Section 5.2, SSH
Section 5.3, SRTP
SP800-135
VMware, Inc.
3401 Hillview Ave
Palo Alto, CA 94303
USA

-Manoj Maskara
TEL: 650-427-1000
FAX: 650-475-5001

-Michael McKay
TEL: 650-427-3615
FAX: 650-475-5001

VMware BC-FJA (Bouncy Castle FIPS Java API)

Version 1.0.0
Intel Xeon E5 w/ Windows Server 2012 R2 with JRE 1.8 on ESXi 6.5 9/1/2017 IKEv2( ( 224 (SHA 1 , 224 , 256 , 384 , 512 ) ) ( 8192 (SHA 1 , 224 , 256 , 384 , 512 ) ) ( 2048 (SHA 1 , 224 , 256 , 384 , 512 ) ) SHA Val#3902 HMAC Val#3171
TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#3902 HMAC Val#3171
ANSX963_2001 (SHS 224 , 256 , 384 , 512 ) SHA Val#3902
SSH (SHA 1 , 224 , 256 , 384 , 512 ) SHA Val#3902
SRTP (AES 128 , 192 , 256 ) AES Val#4760

"The VMware BC-FJA (Bouncy Castle FIPS Java API) is a software cryptographic module that provides cryptographic functions and services to various VMware applications via a well-defined Java-language application programming interface (API)."

1402
RSADP Primitive
FIPS186-4 RSA; RSADP
Legion of the Bouncy Castle Inc.
85 The Crescent
Ascot Vale, Victoria 3032
Australia

-David Hook
TEL: +61438170390

-Jon Eaves
TEL: +61417502969

Bouncy Castle FIPS Java API

Version 1.0.1
Intel Xeon Processor X5670 w/ Java SE Runtime Environment 7 on Red Hat Enterprise Linux 7.3 on VMware ESXi 5.5; Intel Xeon Processor X5670 w/ Java SE Runtime Environment 8 on Red Hat Enterprise Linux 7.3 on VMware ESXi 5.5 9/1/2017 RSADP: (Mod2048)

"The Bouncy Castle FIPS Java API is a comprehensive suite of FIPS Approved algorithms implemented in pure Java. All key sizes and modes have been implemented to allow flexibility and efficiency, and additional algorithms are available in non-approved operation as well."

1401
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Legion of the Bouncy Castle Inc.
85 The Crescent
Ascot Vale, Victoria 3032
Australia

-David Hook
TEL: +61438170390

-Jon Eaves
TEL: +61417502969

Bouncy Castle FIPS Java API

Version 1.0.1
Intel Xeon Processor X5670 w/ Java SE Runtime Environment 7 on Red Hat Enterprise Linux 7.3 on VMware ESXi 5.5; Intel Xeon Processor X5670 w/ Java SE Runtime Environment 8 on Red Hat Enterprise Linux 7.3 on VMware ESXi 5.5 9/1/2017 RSASP1: (Mod2048: PKCS1.5 )

"The Bouncy Castle FIPS Java API is a comprehensive suite of FIPS Approved algorithms implemented in pure Java. All key sizes and modes have been implemented to allow flexibility and efficiency, and additional algorithms are available in non-approved operation as well."

1400
Signature Generation of hash sized messages
FIPS186-4 ECDSA
Legion of the Bouncy Castle Inc.
85 The Crescent
Ascot Vale, Victoria 3032
Australia

-David Hook
TEL: +61438170390

-Jon Eaves
TEL: +61417502969

Bouncy Castle FIPS Java API

Version 1.0.1
Intel Xeon Processor X5670 w/ Java SE Runtime Environment 7 on Red Hat Enterprise Linux 7.3 on VMware ESXi 5.5; Intel Xeon Processor X5670 w/ Java SE Runtime Environment 8 on Red Hat Enterprise Linux 7.3 on VMware ESXi 5.5 9/1/2017 ECDSA SigGen Component: CURVES( P-224 P-256 P-384 P-521 K-233 K-283 K-409 K-571 B-233 B-283 B-409 B-571 )

"The Bouncy Castle FIPS Java API is a comprehensive suite of FIPS Approved algorithms implemented in pure Java. All key sizes and modes have been implemented to allow flexibility and efficiency, and additional algorithms are available in non-approved operation as well."

1399
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Legion of the Bouncy Castle Inc.
85 The Crescent
Ascot Vale, Victoria 3032
Australia

-David Hook
TEL: +61438170390

-Jon Eaves
TEL: +61417502969

Bouncy Castle FIPS Java API

Version 1.0.1
Intel Xeon Processor X5670 w/ Java SE Runtime Environment 7 on Red Hat Enterprise Linux 7.3 on VMware ESXi 5.5; Intel Xeon Processor X5670 w/ Java SE Runtime Environment 8 on Red Hat Enterprise Linux 7.3 on VMware ESXi 5.5 9/1/2017 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"The Bouncy Castle FIPS Java API is a comprehensive suite of FIPS Approved algorithms implemented in pure Java. All key sizes and modes have been implemented to allow flexibility and efficiency, and additional algorithms are available in non-approved operation as well."

1398
Section 4.1.2,
IKEv2
Section 4.2,
TLS
Section 5.1,
ANS X9.63-2001
Section 5.2, SSH
Section 5.3, SRTP
SP800-135
Legion of the Bouncy Castle Inc.
85 The Crescent
Ascot Vale, Victoria 3032
Australia

-David Hook
TEL: +61438170390

-Jon Eaves
TEL: +61417502969

Bouncy Castle FIPS Java API

Version 1.0.1
Intel Xeon Processor X5670 w/ Java SE Runtime Environment 7 on Red Hat Enterprise Linux 7.3 on VMware ESXi 5.5; Intel Xeon Processor X5670 w/ Java SE Runtime Environment 8 on Red Hat Enterprise Linux 7.3 on VMware ESXi 5.5 9/1/2017 IKEv2( ( 224 (SHA 1 , 224 , 256 , 384 , 512 ) ) ( 8192 (SHA 1 , 224 , 256 , 384 , 512 ) ) ( 384 (SHA 1 , 224 , 256 , 384 , 512 ) ) SHA Val#3901 HMAC Val#3170
TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#3901 HMAC Val#3170
ANSX963_2001 (SHS 224 , 256 , 384 , 512 ) SHA Val#3901
SSH (SHA 1 , 224 , 256 , 384 , 512 ) SHA Val#3901
SRTP (AES 128 , 192 , 256 ) AES Val#4759

"The Bouncy Castle FIPS Java API is a comprehensive suite of FIPS Approved algorithms implemented in pure Java. All key sizes and modes have been implemented to allow flexibility and efficiency, and additional algorithms are available in non-approved operation as well."

1397
Section 4.2,
TLS
SP800-135
IBM Corporation
2455 South Road
Poughkeepsie, New York 12601-5400
USA

-John Monti
TEL: 845-435-4164

IBM z/OS(R) Cryptographic Services System SSL - 64bit

Version OA52653
z13 w/ IBM z/OS(R) v2.2 9/1/2017 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#3900 HMAC Val#3169

"z/OS(TM) System SSL provides a rich set of C based applcation programming interfaces that allow applications to protect data using the SSL/TLS protocols and through PKCS#7 cryptographic messages. z/OS System SSL also enables applications to create and manage X.509 V3 certificates and keys within key database files and PKCS#11 tokens."

1396
Section 4.2,
TLS
SP800-135
IBM Corporation
2455 South Road
Poughkeepsie, New York 12601-5400
USA

-John Monti
TEL: 845-435-4164

IBM z/OS(R) Cryptographic Services System SSL - 31bit

Version OA52653
z13 w/ IBM z/OS(R) v2.2 9/1/2017 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#3899 HMAC Val#3168

"z/OS(TM) System SSL provides a rich set of C based applcation programming interfaces that allow applications to protect data using the SSL/TLS protocols and through PKCS#7 cryptographic messages. z/OS System SSL also enables applications to create and manage X.509 V3 certificates and keys within key database files and PKCS#11 tokens."

1395
RSADP Primitive
FIPS186-4 RSA; RSADP
Yubico
420 Florence St, Ste 200
Palo Alto, CA 94301
USA

-Jerrod Chong

-Jakob Ehrensvard

Yubico HW/FW RSA

Version 4.4.0 with CL70 1.03.006 (Firmware)
Part # SLE78CLUFX3000PH
Infineon SLE78V2 9/1/2017 RSADP: (Mod2048)

"This module contains two parts: 1) RSA core HW/FW implementation using Infineon CL70 crypto library; 2) High-level FW implementation for key generation, encryption and decryption primitives"

1394
RSADP Primitive
FIPS186-4 RSA; RSADP
Software Diversified Services
1322 81st Ave NE
Minneapolis, MN 55432
USA

-Tim Full

SDS Cryptographic Module

Version 1.0
Intel i7 w/ Windows Server 2012 R2; Intel i7 w/ Windows Server 2016; Intel i7 w/ RedHat 6.9; Intel i7 w/ RedHat 7.4; POWER8 w/ AIX 6.1; POWER8 w/ AIX 7.2; 9/1/2017 RSADP: (Mod2048)

"Software only Cryptographic Module supports Elliptic Curve, KAS, AES, TDES, DSA, RSA, HMAC and SHA-2."

1393
All of SP800-56A EXCEPT KDF
SP800-56A
Software Diversified Services
1322 81st Ave NE
Minneapolis, MN 55432
USA

-Tim Full

SDS Cryptographic Module

Version 1.0
Intel i7 with AES-NI w/ Windows Server 2012 R2; Intel i7 with AES-NI w/ Windows Server 2016; Intel i7 with AES-NI w/ RedHat 6.9; Intel i7 with AES-NI w/ RedHat 7.4; POWER8 w/ AIX 6.1; POWER8 w/ AIX 7.2; 9/1/2017 ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: DPV KPG Partial Validation )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 ECDSA Val#1190 SHS Val#3898 DRBG Val#1635

"Software only Cryptographic Module supports Elliptic Curve, KAS, AES, TDES, DSA, RSA, HMAC and SHA-2."

1392
Signature Generation of hash sized messages
FIPS186-4 ECDSA
Gemalto
20 Colonnade Road, Suite 200
Ottawa, ON K2E7M6
Canada

-Security and Certifications Team

Luna K7 Accelerated Cryptographic Library

Version 7.0.1 (Firmware)
PowerPC 476 9/1/2017 ECDSA SigGen Component: CURVES( P-224 P-256 P-384 P-521 K-233 K-283 K-409 K-571 B-233 B-283 B-409 B-571 )

"Luna K7 Accelerated Cryptographic Library"

1391
Section 5.2, SSH
SP800-135
Juniper Networks, Inc.
1133 Innovation Way
Sunnyvale, CA 94089
USA

-Pradeepa M R

-Vann (Vanna) Nguyen
TEL: 408-745-2000

JUNOS FIPS Version 15.1X49-D100-OpenSSH-vSRX

Version 15.1X49-D100
Intel Xeon E5 w/ JUNOS FIPS Ver. 15.1X49-D100 on VMware ESXi v5.5 9/1/2017 SSH (SHA 1 , 256 , 384 ) SHA Val#3865

"The vSRX Virtual Firewall delivers a complete virtual firewall solution, including advanced security, robust networking, and automated virtual machine life cycle management capabilities for service providers and enterprises. vSRX empowers security professionals to deploy and scale firewall protection in highly dynamic environments."

1390
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Alcatel-Lucent Enterprise
26801 West Agoura Road
Calabasas, CA 93021
USA

-Eric Tolliver
TEL: 818-878-4623

-Vadivel Poonathan
TEL: 818-878-4601

Alcatel-Lucent Enterprise AOS OmniSwitch OS6450

Version AOS 6.7.1.R04
Integrated ARMv5 core w/ AOS 6.7.1.R04 9/1/2017 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 ) ) SHA Val#3522 HMAC Val#2820
SSH (SHA 1 , 256 ) SHA Val#3522

"ALE AOS cryptographic module supports the Alcatel-Lucent Enterprise OmniSwitch. The testing applies to Common Criteria mode."

1389
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Alcatel-Lucent Enterprise
26801 West Agoura Road
Calabasas, CA 93021
USA

-Eric Tolliver
TEL: 818-878-4623

-Vadivel Poonathan
TEL: 818-878-4601

Alcatel-Lucent Enterprise AOS OmniSwitch OS6350

Version AOS 6.7.1.R04
Integrated ARMv7 core w/ AOS 6.7.1.R04 9/1/2017 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 ) ) SHA Val#3575 HMAC Val#2879
SSH (SHA 1 , 256 ) SHA Val#3575

"ALE AOS cryptographic module supports the Alcatel-Lucent Enterprise OmniSwitch. The testing applies to Common Criteria mode."

1388
Section 5.7.1.2: ECC CDH Primitive

All of SP800-56A EXCEPT KDF
SP800-56A

SP800-56A
Monkton, Inc
2236 Central Ave
Tysons, VA 22182
USA

-Harold E. Smith III
TEL: 571-527-6680

OpenSSL

Version 1.0.2L
Apple A10X w/ iOS 10.3.2; Apple A10 Fusion w/ iOS 10.3.2 8/25/2017 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 EE: P-521 ECDSA Val#1186 SHS Val#3894 DRBG Val#1632

"Monkton leverages OpenSSL 1.0.2L to provide the cryptographic implementation for FIPS leveraging their FIPS module. Monkton''s Rebar utilizes OpenSSL to provide the features necessary to integrate DAR and DIT."

1387
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
128 Technology
200 Summit Drive
Burlington, MA 01803
USA

-Patrick Melampy

-Prashant Kumar

128 Technology Cryptographic Module

Version 2.1
Intel x86_64 w/ CentOS 7.3 8/25/2017 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"The 128 Technology Cryptographic Module Provides cryptographic services for the 128T Networking Platform."

1386
Section 5.1,
ANS X9.63-2001
SP800-135
ARM Ltd
110 Fulbourn Road
Cambridge, CB1 9NJ
United Kingdom

-Leo Dorrendorf
TEL: +972-52-6818594
FAX: +972-73-2558808

-Udi Maor
TEL: +972-54-4205101
FAX: +972-73-2558808

ARM TrustZone Cryptocell 712 TEE

Version sw-cc715tee-1.1.0.48 (Firmware)
Part # CC 712 TEE
ARM TrustZone-Enabled Series A CPU 8/25/2017 ANSX963_2001 (SHS 224 , 256 , 384 , 512 ) SHA Val#3892

"ARM TrustZone CryptoCell is a security engine with root of trust and cryptographic accelerator capabilities. It is provided to customers as Silicon IP and accompanying firmware. The customer integrates the silicon into the host CPU hardware, and uses the firmware to drive the silicon and provide high-level functions."

1385
Section 5.7.1.2: ECC CDH Primitive

All of SP800-56A EXCEPT KDF
SP800-56A

SP800-56A
ARM Ltd
110 Fulbourn Road
Cambridge, CB1 9NJ
United Kingdom

-Leo Dorrendorf
TEL: +972-52-6818594
FAX: +972-73-2558808

-Udi Maor
TEL: +972-54-4205101
FAX: +972-73-2558808

ARM TrustZone Cryptocell 712 TEE

Version sw-cc715tee-1.1.0.48 (Firmware)
Part # CC 712 TEE
ARM TrustZone-Enabled Series A CPU 8/25/2017 Curves tested: P-224   P-256   P-384   P-521
FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation   Partial Validation )
SCHEMES: Hybrid1: (KARole: Initiator / Responder ) FB FC Ephem: (KARole: Initiator / Responder ) FB FC Hybrid1Flow: (KARole: Initiator / Responder ) FB FC OneFlow: (KARole: Initiator / Responder ) FB FC Static: (KARole: Initiator / Responder ) FB FC SHS Val#3892 DRBG Val#1630

"ARM TrustZone CryptoCell is a security engine with root of trust and cryptographic accelerator capabilities. It is provided to customers as Silicon IP and accompanying firmware. The customer integrates the silicon into the host CPU hardware, and uses the firmware to drive the silicon and provide high-level functions."

1384
Section 5.4, SNMP
SP800-135
Ixia
26601 W. Agoura Road
Calabasas, California 91302
USA

-Tom Casella
TEL: 703-288-0184

NTO SNMP Library

Version 1.9.3c_4.5 (Firmware)
Intel i7 3555LE 8/25/2017 SNMP SHA1 Val#3365

"The NTO SNMP Library contains the key derivation function (KDF) for SNMPv3 privacy and authentication protocols."

1383
Section 4.2,
TLS
SP800-135
Ixia
26601 W. Agoura Road
Calabasas, California 91302
USA

-Tom Casella
TEL: 703-288-0184

NTO Crypto Library

Version 1.0.1-1 (Firmware)
Intel i7 3555LE 8/25/2017 TLS( TLS1.2 (SHA 256 ) ) SHA Val#3891 HMAC Val#3162

"The NTO Crypto Library performs all cryptographic functionality for the NTO 7303 and Vision ONE appliances, including asymmetric key generation, symmetric encryption, hashing, digital signatures, and provides TLSv1.2 protocols and SNMPv3 privacy and authentication protocols."

1382
Section 5.5, TPM
SP800-135
Nuvoton Technology Corporation
No. 4, Creation Rd. III
Hsinchu Science Park, n/a 300
Taiwan, R.O.C.

-Yossi Talmi
TEL: +972-9-9702364
FAX: +972-9-9702001

-Oren Tanami
TEL: +972-9-9702390
FAX: +972-9-9702001

Nuvoton NPCT7xx TPM 2.0 Cryptographic Engine

Part # LAG019
N/A 8/25/2017 TPM SHA1 Val#3890 HMAC_SHA1 Val#3161

"Nuvoton NPCT7xx TPM (Trusted Platform Module), security processor with embedded firmware compliant with TPM Family 2.0, level 0, revision 1.38"

1381
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Nuvoton Technology Corporation
No. 4, Creation Rd. III
Hsinchu Science Park, n/a 300
Taiwan, R.O.C.

-Yossi Talmi
TEL: +972-9-9702364
FAX: +972-9-9702001

-Oren Tanami
TEL: +972-9-9702390
FAX: +972-9-9702001

Nuvoton NPCT7xx TPM 2.0 Cryptographic Engine

Part # LAG019
N/A 8/25/2017 Curves tested: P-256   P-384

"Nuvoton NPCT7xx TPM (Trusted Platform Module), security processor with embedded firmware compliant with TPM Family 2.0, level 0, revision 1.38"

1380
Section 4.2,
TLS
Section 5.2, SSH
Section 5.3, SRTP
Section 5.4, SNMP
SP800-135
Sonus Networks, Inc.
4 Technology Park Drive
Westford, MAS 01886
USA

-Keith Conger
TEL: 978-614-8115

-Adam Elshama
TEL: 978-614-8327

Sonus SBC Software Edition Session Border Controller

Version 5.1.2
Intel Xeon w/ Closed Proprietary OS Based on Debian Linux 8/25/2017 TLS( TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#3586 HMAC Val#3501
SSH (SHA 1 , 224 , 256 , 384 , 512 ) SHA Val#3586
SRTP (AES 128 , 192 ) AES Val#4686
SNMP SHA1 Val#3586

"Sonus’ Session Border Controller Software Edition (SWe) is a software-only SBC architected to enable and secure real-time communications in multiple virtual environments. It features the same code base, resiliency, media transcoding, and security technology found in Sonus’ hardware-based SBC 5000 or 7000 series."

1379
Section 4.2,
TLS
SP800-135
Red Hat, Inc.
100 E. Davie Street
Raleigh, NC 27601
USA

-Jaroslav Reznik

Red Hat NSS Softoken (64 bit)

Version 5.0
Intel(R) Xeon(R) E5-2640 v3 w/ Red Hat Enterprise Linux 7.4 8/25/2017 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#3885 HMAC Val#3157

"User space library providing general cryptographic services used by the NSS cryptographic library. The module was tested with 64bit word size."

1378
Section 4.2,
TLS
SP800-135
Red Hat, Inc.
100 E. Davie Street
Raleigh, NC 27601
USA

-Jaroslav Reznik

Red Hat NSS Softoken (32 bit)

Version 5.0
Intel(R) Xeon(R) E5-2640 v3 w/ Red Hat Enterprise Linux 7.4 8/25/2017 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#3884 HMAC Val#3156

"User space library providing general cryptographic services used by the NSS cryptographic library. The module was tested with 32 bit word size."

1377
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
IBM(R) Corporation
Seabank Centre
12 - 14 Marine Parade
Southport, QLD 4215
Australia

-Peter Waltenberg
TEL: +61 7 5552 4016
FAX: +61 7 5571 0420

ICC Algorithmic Core without PAAs

Version 8.6.0.0
Intel(R) Xeon(R) Processor E5 Family w/ Red Hat Linux Enterprise Server 7.3 64-bit 8/25/2017 Curves tested: P-224   P-256   P-384   P-521

"ICC is a C language implementation of cryptographic functions based on the cryptographic library provided by the OpenSSL project. This enables IBM products to use an open source solution for cryptography and a FIPS 140-2 certified cryptographic provider."

1376
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
IBM(R) Corporation
Seabank Centre
12 - 14 Marine Parade
Southport, QLD 4215
Australia

-Peter Waltenberg
TEL: +61 7 5552 4016
FAX: +61 7 5571 0420

ICC Algorithmic Core without PAAs

Version 8.6.0.0
SPARC T4 w/ Solaris(R) 11 64-bit 8/25/2017 Curves tested: P-224   P-256   P-384   P-521

"ICC is a C language implementation of cryptographic functions based on the cryptographic library provided by the OpenSSL project. This enables IBM products to use an open source solution for cryptography and a FIPS 140-2 certified cryptographic provider."

1375
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
IBM(R) Corporation
Seabank Centre
12 - 14 Marine Parade
Southport, QLD 4215
Australia

-Peter Waltenberg
TEL: +61 7 5552 4016
FAX: +61 7 5571 0420

ICC Algorithmic Core with PAAs

Version 8.6.0.0
SPARC T4 w/ Solaris(R) 11 64-bit 8/25/2017 Curves tested: P-224   P-256   P-384   P-521

"ICC is a C language implementation of cryptographic functions based on the cryptographic library provided by the OpenSSL project. This enables IBM products to use an open source solution for cryptography and a FIPS 140-2 certified cryptographic provider."

1374
Section 5.7.1.2: ECC CDH Primitive
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
IBM Corporation
1 New Orchard Road
Armonk, NY 10504
USA

-Peter Szczepankiewicz
TEL: 757-689-0507
FAX: 757-689-0507

-Rory Bray
TEL: 506-449-7810
FAX: 506-449-7810

libcrypto/openssl

Version 1.0.1e
Intel(R) Xeon(R) CPU E5-2650 w/ Red Hat Enterprise Linux Server release 6.7 (Santiago) 8/25/2017 Curves tested: B-571
TLS( TLS1.0/1.1   TLS1.2 (SHA 256 ) ) SHA Val#3880 HMAC Val#3167
SSH (SHA 1 , 256 , 512 ) SHA Val#3880

"Main crypto provider for all standard QRadar functionality"

1373
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
IBM(R) Corporation
Seabank Centre
12 - 14 Marine Parade
Southport, QLD 4215
Australia

-Peter Waltenberg
TEL: +61 7 5552 4016
FAX: +61 7 5571 0420

ICC Algorithmic Core with PAAs

Version 8.6.0.0
Intel(R) Xeon(R) Processor E5 Family w/ Red Hat Linux Enterprise Server 7.3 64-bit 8/25/2017 Curves tested: P-224   P-256   P-384   P-521

"ICC is a C language implementation of cryptographic functions based on the cryptographic library provided by the OpenSSL project. This enables IBM products to use an open source solution for cryptography and a FIPS 140-2 certified cryptographic provider."

1372
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
IBM(R) Corporation
Seabank Centre
12 - 14 Marine Parade
Southport, QLD 4215
Australia

-Peter Waltenberg
TEL: +61 7 5552 4016
FAX: +61 7 5571 0420

ICC Algorithmic Core without PAAs

Version 8.6.0.0
Intel(R) Xeon(R) Processor E5 Family w/ Microsoft Windows Server 2012R2(R) 64-bit 8/25/2017 Curves tested: P-224   P-256   P-384   P-521

"ICC is a C language implementation of cryptographic functions based on the cryptographic library provided by the OpenSSL project. This enables IBM products to use an open source solution for cryptography and a FIPS 140-2 certified cryptographic provider."

1371
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
IBM(R) Corporation
Seabank Centre
12 - 14 Marine Parade
Southport, QLD 4215
Australia

-Peter Waltenberg
TEL: +61 7 5552 4016
FAX: +61 7 5571 0420

ICC Algorithmic Core with PAAs

Version 8.6.0.0
Intel(R) Xeon(R) Processor E5 Family w/ Microsoft Windows Server 2012R2(R) 64-bit 8/25/2017 Curves tested: P-224   P-256   P-384   P-521

"ICC is a C language implementation of cryptographic functions based on the cryptographic library provided by the OpenSSL project. This enables IBM products to use an open source solution for cryptography and a FIPS 140-2 certified cryptographic provider."

1370
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
IBM(R) Corporation
Seabank Centre
12 - 14 Marine Parade
Southport, QLD 4215
Australia

-Peter Waltenberg
TEL: +61 7 5552 4016
FAX: +61 7 5571 0420

ICC Algorithmic Core without PAAs

Version 8.6.0.0
Intel(R) Xeon(R) Processor E5 Family w/ IBM MESA 8.1 on VMWare v6.0.0 8/25/2017 Curves tested: P-224   P-256   P-384   P-521

"ICC is a C language implementation of cryptographic functions based on the cryptographic library provided by the OpenSSL project. This enables IBM products to use an open source solution for cryptography and a FIPS 140-2 certified cryptographic provider."

1369
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
IBM(R) Corporation
Seabank Centre
12 - 14 Marine Parade
Southport, QLD 4215
Australia

-Peter Waltenberg
TEL: +61 7 5552 4016
FAX: +61 7 5571 0420

ICC Algorithmic Core with PAAs

Version 8.6.0.0
Intel(R) Xeon(R) Processor E5 Family w/ IBM MESA 8.1 on VMWare v6.0.0 8/25/2017 Curves tested: P-224   P-256   P-384   P-521

"ICC is a C language implementation of cryptographic functions based on the cryptographic library provided by the OpenSSL project. This enables IBM products to use an open source solution for cryptography and a FIPS 140-2 certified cryptographic provider."

1368


All of SP800-56A EXCEPT KDF
SP800-56A

SP800-135
IBM Corporation
1 New Orchard Road
Armonk, NY 10504
USA

-Peter Szczepankiewicz
TEL: 757-689-0507
FAX: 757-689-0507

-Rory Bray
TEL: 506-449-7810
FAX: 506-449-7810

libcrypto/openssl

Version 1.0.1e
Intel(R) Xeon(R) CPU E5-2650 w/ Red Hat Enterprise Linux Server release 6.7 (Santiago) 8/25/2017 FFC: SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC DSA Val#1267 SHS Val#3880 DRBG Val#1621

"Main crypto provider for all standard QRadar functionality"

1367
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
IBM(R) Corporation
Seabank Centre
12 - 14 Marine Parade
Southport, QLD 4215
Australia

-Peter Waltenberg
TEL: +61 7 5552 4016
FAX: +61 7 5571 0420

ICC Algorithmic Core with PAAs

Version 8.6.0.0
Intel(R) Xeon(R) Processor E5 Family w/ IBM MESA 8.1 on IBM XGS 7100 8/18/2017 Curves tested: P-224   P-256   P-384   P-521

"ICC is a C language implementation of cryptographic functions based on the cryptographic library provided by the OpenSSL project. This enables IBM products to use an open source solution for cryptography and a FIPS 140-2 certified cryptographic provider."

1366
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
IBM(R) Corporation
Seabank Centre
12 - 14 Marine Parade
Southport, QLD 4215
Australia

-Peter Waltenberg
TEL: +61 7 5552 4016
FAX: +61 7 5571 0420

ICC Algorithmic Core with PAAs

Version 8.6.0.0
Intel(R) Xeon(R) Processor E5 Family w/ IBM MESA 8.1 on IBM XGS 5200 8/18/2017 Curves tested: P-224   P-256   P-384   P-521

"ICC is a C language implementation of cryptographic functions based on the cryptographic library provided by the OpenSSL project. This enables IBM products to use an open source solution for cryptography and a FIPS 140-2 certified cryptographic provider."

1365
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
IBM(R) Corporation
Seabank Centre
12 - 14 Marine Parade
Southport, QLD 4215
Australia

-Peter Waltenberg
TEL: +61 7 5552 4016
FAX: +61 7 5571 0420

ICC Algorithmic Core with PAAs

Version 8.6.0.0
Intel Core i7 w/ IBM MESA 8.1 on IBM XGS 5100 8/18/2017 Curves tested: P-224   P-256   P-384   P-521

"ICC is a C language implementation of cryptographic functions based on the cryptographic library provided by the OpenSSL project. This enables IBM products to use an open source solution for cryptography and a FIPS 140-2 certified cryptographic provider."

1364
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
IBM(R) Corporation
Seabank Centre
12 - 14 Marine Parade
Southport, QLD 4215
Australia

-Peter Waltenberg
TEL: +61 7 5552 4016
FAX: +61 7 5571 0420

ICC Algorithmic Core with PAAs

Version 8.6.0.0
Intel Core i3 w/ IBM MESA 8.1 on IBM XGS 4100 8/18/2017 Curves tested: P-224   P-256   P-384   P-521

"ICC is a C language implementation of cryptographic functions based on the cryptographic library provided by the OpenSSL project. This enables IBM products to use an open source solution for cryptography and a FIPS 140-2 certified cryptographic provider."

1363
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
IBM(R) Corporation
Seabank Centre
12 - 14 Marine Parade
Southport, QLD 4215
Australia

-Peter Waltenberg
TEL: +61 7 5552 4016
FAX: +61 7 5571 0420

ICC Algorithmic Core with PAAs

Version 8.6.0.0
Intel Pentium (R) B915C w/ IBM MESA 8.1 on IBM XGS 3100 8/18/2017 Curves tested: P-224   P-256   P-384   P-521

"ICC is a C language implementation of cryptographic functions based on the cryptographic library provided by the OpenSSL project. This enables IBM products to use an open source solution for cryptography and a FIPS 140-2 certified cryptographic provider."

1362
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
SP800-135
Juniper Networks, Inc.
1133 Innovation Way
Sunnyvale, CA 94089
USA

-Pradeepa M R

-Vann (Vanna) Nguyen
TEL: 408-745-2000

JUNOS FIPS Version 15.1X49-D100- Quicksec

Version 15.1X49-D100
Intel Xeon E5 w/ JUNOS FIPS Ver. 15.1X49-D100 on VMware ESXi v5.5 8/18/2017 IKEv1( AUTH( DSA , PSK ) ) ( 256 (SHA 256 , 384 ) ) ( 2048 (SHA 256 , 384 ) ) ( 384 (SHA 256 , 384 ) ) SHA Val#3864 HMAC Val#3136
IKEv2( ( 256 (SHA 256 , 384 ) ) ( 2048 (SHA 256 , 384 ) ) ( 384 (SHA 256 , 384 ) ) SHA Val#3864 HMAC Val#3136

"The vSRX Virtual Firewall delivers a complete virtual firewall solution, including advanced security, robust networking, and automated virtual machine life cycle management capabilities for service providers and enterprises. vSRX empowers security professionals to deploy and scale firewall protection in highly dynamic environments."

1361
Section 5.2, SSH
SP800-135
Red Hat, Inc.
100 E. Davie Street
Raleigh, NC 27601
USA

-Jaroslav Reznik

OpenSSH Server/Client

Version 5.0
Intel(R) Xeon(R) CPU E5-2640 v3 w/ Red Hat Enterprise Linux 7.4 8/18/2017 SSH (SHA 1 , 256 , 384 , 512 ) SHA Val#3807 SHA Val#3821 SHA Val#3823

"SP 800-135 KDF for Intel x86_64 bit"

The prerequisites for this certificate are: SHA #3807, SHA #3821, SHA #3823, SHA #3824, SHA #3842, SHA #3843, SHA #3844, SHA #3845, SHA #3846, SHA #3847, HMAC #3076, HMAC #3088, HMAC #3090, HMAC #3091, HMAC #3107, HMAC #3108, HMAC #3109, HMAC #3110, HMAC #3111 and HMAC #3112

1360
Signature Generation of hash sized messages
FIPS186-4 ECDSA
Yubico
420 Florence St, Ste 200
Palo Alto, CA 94301
USA

-Jerrod Chong

-Jakob Ehrensvard

Yubico HW/FW ECC

Version 4.4.0 with CL70 1.03.006 (Firmware)
Part # SLE78CLUFX3000PH
Infineon SLE78V2 8/18/2017 ECDSA SigGen Component: CURVES( P-256 P-384 P-521 )

"This module contains three parts: 1) ECC core hardware/firmware implementation via Infineon CL70 crypto library; 2) High-level firmware implementation for key generation and ECDSA signature generation; 3) ECC curve domain parameters"

1359
Section 4.2,
TLS
SP800-135
SUSE, LLC
10 Canal Park, Suite 200
Cambridge, MA 02141
USA

-Andreas Stieger
TEL: +49 911 74053 384

-Thomas Biege
TEL: +49 911 74053 500

SUSE OpenSSL using assembler implementation of AES, SHA and GHASH

Version 3.0
z13 w/ SUSE Linux Enterprise Server 12 SP2 8/18/2017 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#3788 HMAC Val#3059

"This test covers assembler implementation of AES, SHA and GHASH."

1358
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Yubico
420 Florence St, Ste 200
Palo Alto, CA 94301
USA

-Jerrod Chong

-Jakob Ehrensvard

Yubico HW/FW RSA

Version 4.4.0 with CL70 1.03.006 (Firmware)
Part # SLE78CLUFX3000PH
Infineon SLE78V2 8/18/2017 RSASP1: (Mod2048: PKCS1.5 )

"This module contains two parts: 1) RSA core HW/FW implementation using Infineon CL70 crypto library; 2) High-level FW implementation for key generation, encryption and decryption primitives"

1357
All of SP800-56A EXCEPT KDF
SP800-56A
Ultra Electronics 3eTI
9715 Key West Avenue
Suite 500
Rockville, MD 20850
USA

-Harinder Sood
TEL: 301-944-1325
FAX: 301-670-6779

-Chris Guo
TEL: 301-944-1294
FAX: 301-670-6779

3eTI OpenSSL Algorithm Implementation

Version 2.0 (Firmware)
MPC8378E 8/11/2017 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC DSA Val#1255 SHS Val#1801 DRBG Val#822
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 EE: P-521 ECDSA Val#415 SHS Val#1801 DRBG Val#822

"Algorithms listed are used to provide encryption and authentication services within 3eTI networking products."

1356
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Yubico
420 Florence St, Ste 200
Palo Alto, CA 94301
USA

-Jerrod Chong

-Jakob Ehrensvard

Yubico HW/FW ECC

Version 4.4.0 with CL70 1.03.006 (Firmware)
Part # SLE78CLUFX3000PH
Infineon SLE78V2 8/11/2017 Curves tested: P-256   P-384   P-521

"This module contains three parts: 1) ECC core hardware/firmware implementation via Infineon CL70 crypto library; 2) High-level firmware implementation for key generation and ECDSA signature generation; 3) ECC curve domain parameters"

1355
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
SP800-135
Juniper Networks, Inc.
1133 Innovation Way
Sunnyvale, CA 94089
USA

-Pradeepa M R

-Vann (Vanna) Nguyen
TEL: 408-745-2000

JUNOS FIPS Version 15.1X49-D100-QuickSec

Version 15.1X49-D100 (Firmware)
Intel Xeon E5 8/11/2017 IKEv1( AUTH( DSA , PSK ) ) ( 256 (SHA 256 , 384 ) ) ( 2048 (SHA 256 , 384 ) ) ( 384 (SHA 256 , 384 ) ) SHA Val#3857 HMAC Val#3129
IKEv2( ( 256 (SHA 256 , 384 ) ) ( 2048 (SHA 256 , 384 ) ) ( 384 (SHA 256 , 384 ) ) SHA Val#3857 HMAC Val#3129

"The SRX4100/4200 Services Gateway is a next-generation firewall and security services gateway offering outstanding protection, performance, scalability, availability, and security service integration. With best in class networking and security in a single platform, these best suited for enterprise data centers, campuses, and regional headquarters."

1354
Section 5.5, TPM
SP800-135
ST Microelectronics (Protonworld)
Green Square Building B, Lambroekstraat 5
Diegem/Machelen, n/a B-1831
Belgium

-Olivier COLLART
TEL: +32 272 450 77
FAX: +32 272 451 43

-Fabien ARRIVE
TEL: +33 223 470 633
FAX: +33 223 470 400

ST33TPHF2ESPI

Part # ST33HTPH2E28AHB4
N/A 8/11/2017 TPM SHA1 Val#3539 HMAC_SHA1 Val#3120

"ST Microelectronics Trusted Platform Module is a hardware cryptographic module which implements advanced cryptographic algorithms, including symmetric and asymmetric cryptography, as well as key generation and random number generation as defined by the Trusted Computing Group (TCG) version 1.2 and version 2.0 specifications."

1353
Section 5.5, TPM
SP800-135
ST Microelectronics (Protonworld)
Green Square Building B, Lambroekstraat 5
Diegem/Machelen, n/a B-1831
Belgium

-Olivier COLLART
TEL: +32 272 450 77
FAX: +32 272 451 43

-Fabien ARRIVE
TEL: +33 223 470 633
FAX: +33 223 470 400

ST33TPHF2EI2C

Part # ST33HTPH2E28AHB8
N/A 8/11/2017 TPM SHA1 Val#3539 HMAC_SHA1 Val#3118

"ST Microelectronics Trusted Platform Module is a hardware cryptographic module which implements advanced cryptographic algorithms, including symmetric and asymmetric cryptography, as well as key generation and random number generation as defined by the Trusted Computing Group (TCG) version 1.2 and version 2.0 specifications."

1352
All of SP800-56A EXCEPT KDF
SP800-56A
Apple Inc.
1 Infinite Loop
Cupertino, CA 95014
USA

-Shawn Geddis
TEL: (669) 227-3579

Apple iOS CoreCrypto Module (Generic)

Version 7.0
Apple A10 w/ iOS 10 8/11/2017 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC DSA Val#1252 SHS Val#3428 DRBG Val#1283

"Cryptographic library offering various cryptographic mechanisms to Apple frameworks. The testing applies to user space and generic, non-optimized software."

1351
All of SP800-56A EXCEPT KDF
SP800-56A
Apple Inc.
1 Infinite Loop
Cupertino, CA 95014
USA

-Shawn Geddis
TEL: (669) 227-3579

Apple iOS CoreCrypto Module (Generic)

Version 7.0
Apple A9X w/ iOS 10 8/11/2017 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC DSA Val#1251 SHS Val#3425 DRBG Val#1280

"Cryptographic library offering various cryptographic mechanisms to Apple frameworks. The testing applies to user space and generic, non-optimized software."

1350
All of SP800-56A EXCEPT KDF
SP800-56A
Apple Inc.
1 Infinite Loop
Cupertino, CA 95014
USA

-Shawn Geddis
TEL: (669) 227-3579

Apple iOS CoreCrypto Module (Generic)

Version 7.0
Apple A9 w/ iOS 10 8/11/2017 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC DSA Val#1250 SHS Val#3426 DRBG Val#1281

"Cryptographic library offering various cryptographic mechanisms to Apple frameworks. The testing applies to user space and generic, non-optimized software."

1349
All of SP800-56A EXCEPT KDF
SP800-56A
Apple Inc.
1 Infinite Loop
Cupertino, CA 95014
USA

-Shawn Geddis
TEL: (669) 227-3579

Apple iOS CoreCrypto Module (Generic)

Version 7.0
Apple A8X w/ iOS 10 8/11/2017 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC DSA Val#1249 SHS Val#3423 DRBG Val#1278

"Cryptographic library offering various cryptographic mechanisms to Apple frameworks. The testing applies to user space and generic, non-optimized software."

1348
All of SP800-56A EXCEPT KDF
SP800-56A
Apple Inc.
1 Infinite Loop
Cupertino, CA 95014
USA

-Shawn Geddis
TEL: (669) 227-3579

Apple iOS CoreCrypto Module (Generic)

Version 7.0
Apple A8 w/ iOS 10 8/11/2017 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC DSA Val#1248 SHS Val#3422 DRBG Val#1277

"Cryptographic library offering various cryptographic mechanisms to Apple frameworks. The testing applies to user space and generic, non-optimized software."

1347
All of SP800-56A EXCEPT KDF
SP800-56A
Apple Inc.
1 Infinite Loop
Cupertino, CA 95014
USA

-Shawn Geddis
TEL: (669) 227-3579

Apple iOS CoreCrypto Module (Generic)

Version 7.0
Apple A7 w/ iOS 10 8/11/2017 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC DSA Val#1247 SHS Val#3421 DRBG Val#1276

"Cryptographic library offering various cryptographic mechanisms to Apple frameworks. The testing applies to user space and generic, non-optimized software."

1346
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Trend Micro Inc.
11305 Alterra Parkway
Austin, TX 78758
USA

-Paul Tucker
TEL: 512-633-7945

TippingPoint Crypto Core OpenSSL

Version 2.0.13
Intel Core i3 without PAA w/ Linux Yocto 4.4; Intel Xeon with PAA w/ Linux Yocto 4.4; Intel Xeon without PAA w/ Linux Yocto 4.4 on VMware ESXi 6.5 8/11/2017 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"The TippingPoint Crypto Core OpenSSL is a software library which provides FIPS 140-2 approved cryptographic algorithms and services for TippingPoint security products."

1345
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
SafeLogic Inc.
530 Lytton Ave
Suite 200
Palo Alto, CA 94301
USA

-SafeLogic Inside Sales
TEL: (844) 436-2797

CryptoComply Java Engine

Version 3.0.1
Intel® Xeon® X5670 w/ OpenJDK 1.7 on CentOS 6 on HP ProLiant DL360 G7 Server 8/11/2017 RSASP1: (Mod2048: PKCS1.5 )

"CryptoComply Java is a comprehensive suite of FIPS Approved algorithms implemented in pure Java."

1344
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
SafeLogic Inc.
530 Lytton Ave
Suite 200
Palo Alto, CA 94301
USA

-SafeLogic Inside Sales
TEL: (844) 436-2797

CryptoComply Java Engine

Version 3.0.1
Intel® Xeon® X5670 w/ OpenJDK 1.7 on CentOS 6 on HP ProLiant DL360 G7 Server 8/11/2017 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"CryptoComply Java is a comprehensive suite of FIPS Approved algorithms implemented in pure Java."

1343
Signature Generation of hash sized messages
FIPS186-4 ECDSA
SafeLogic Inc.
530 Lytton Ave
Suite 200
Palo Alto, CA 94301
USA

-SafeLogic Inside Sales
TEL: (844) 436-2797

CryptoComply Java Engine

Version 3.0.1
Intel® Xeon® X5670 w/ OpenJDK 1.7 on CentOS 6 on HP ProLiant DL360 G7 Server 8/11/2017 ECDSA SigGen Component: CURVES( P-224 P-256 P-384 P-521 K-233 K-283 K-409 K-571 B-233 B-283 B-409 B-571 )

"CryptoComply Java is a comprehensive suite of FIPS Approved algorithms implemented in pure Java."

1342
Section 4.1.2,
IKEv2
Section 4.2,
TLS
Section 5.1,
ANS X9.63-2001
Section 5.2, SSH
Section 5.3, SRTP
SP800-135
SafeLogic Inc.
530 Lytton Ave
Suite 200
Palo Alto, CA 94301
USA

-SafeLogic Inside Sales
TEL: (844) 436-2797

CryptoComply Java Engine

Version 3.0.1
Intel® Xeon® X5670 w/ OpenJDK 1.7 on CentOS 6 on HP ProLiant DL360 G7 Server 8/11/2017 IKEv2( ( 224 (SHA 1 , 224 , 256 , 384 , 512 ) ) ( 8192 (SHA 1 , 224 , 256 , 384 , 512 ) ) ( 384 (SHA 1 , 224 , 256 , 384 , 512 ) ) SHA Val#3849 HMAC Val#3114
TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#3849 HMAC Val#3114
ANSX963_2001 (SHS 224 , 256 , 384 , 512 ) SHA Val#3849
SSH (SHA 1 , 224 , 256 , 384 , 512 ) SHA Val#3849
SRTP (AES 128 , 192 , 256 ) AES Val#4702

"CryptoComply Java is a comprehensive suite of FIPS Approved algorithms implemented in pure Java."

1341
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
SP800-135
Oracle Corporation
500 Oracle Parkway
Redwood Shores, CA 94065
USA

-Linda Gallops
TEL: +1 704.972.5018
FAX: +1 980.355.5399

-Chris Brych
TEL: +1 613.216.3078

Oracle Linux 7 Libreswan

Version R7-2.0.0
Intel® Xeon® E5-2699 v4 w/ Oracle Linux 7.3 64 bit 8/11/2017 IKEv1( AUTH( DSA , PSK ) ) ( 224 (SHA 1 , 256 , 384 , 512 ) ) ( 8192 (SHA 1 , 256 , 384 , 512 ) ) ( 2048 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#3808 HMAC Val#3077
IKEv2( ( 224 (SHA 1 , 256 , 384 , 512 ) ) ( 8192 (SHA 1 , 256 , 384 , 512 ) ) ( 2048 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#3808 HMAC Val#3077

"Oracle Linux 7 Libreswan Cryptographic Module is a framework for providing cryptographic services to other network entities implementing the IKEv1 and IKEv2 protocols."

1340
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Allwinner Technology Co.,Ltd
No.9 Technology Road 2, High-Tech Zone
Zhuhai, Guangdong 519085
China

-Qing Zhang
TEL: +86-756-3818333
FAX: +86-756-3818358

-Wei Guo
TEL: +86-756-3818333
FAX: +86-756-3818358

Crypto Engine

Part # V2.0
N/A 8/11/2017 RSASP1: (Mod2048: PKCS1.5 )

"Crypto engine is implemented with Veilog HDL. It provides cryptographic functions."

1339
Section 4.2,
TLS
SP800-135
Red Hat, Inc.
100 E. Davie Street
Raleigh, NC 27601
USA

-Jaroslav Reznik

OpenSSL (no AVX2/AVX/AESNI, x86_64, 64-bit library)

Version 5.0
Intel x86 64 bits w/ Red Hat Enterprise Linux 7.4 8/11/2017 TLS( TLS1.0/1.1 ) SHA Val#3845 HMAC Val#3110

"The OpenSSL FIPS Runtime Module is a general purpose cryptographic library designed to provide FIPS 140-2 validated cryptographic functionality for use with the high level API of the OpenSSL library."

1338
Section 4.2,
TLS
SP800-135
Red Hat, Inc.
100 E. Davie Street
Raleigh, NC 27601
USA

-Jaroslav Reznik

OpenSSL (no AVX2/AVX/AESNI, x86_64, 32-bit library)

Version 5.0
Intel x86 64 bits w/ Red Hat Enterprise Linux 7.4 8/11/2017 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#3844 HMAC Val#3109

"The OpenSSL FIPS Runtime Module is a general purpose cryptographic library designed to provide FIPS 140-2 validated cryptographic functionality for use with the high level API of the OpenSSL library."

1337
Section 5.7.1.2: ECC CDH Primitive

All of SP800-56A EXCEPT KDF
SP800-56A

SP800-56A
LG Electronics, Inc.
20 Yoido-dong
Youngdungpo-gu
Seoul, n/a 152-721
Republic of Korea

-Jongseong Kim
TEL: 82-10-4535-0110
FAX: 82-2-6950-2080

LG BoringSSL

Version 2.0
Snapdragon 835 (MSM8998) w/ Android 7.1.2 8/11/2017 Curves tested: P-224   P-256   P-384   P-521
FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: Ephem: (KARole: Initiator ) FB FC DSA Val#1243 SHS Val#3841 DRBG Val#1592
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: EphemUnified: (KARole: Initiator ) EC: P-256 ED: P-384 EE: P-521 ECDSA Val#1159 SHS Val#3841 DRBG Val#1592

"General-purpose cryptographic services available for Android used by LG devices to provide secured services to applications via the LG BoringSSL module, which is a full featured general purpose cryptographic library."

1336
Section 4.2,
TLS
SP800-135
NetBrain Technologies, Inc
15 Network Drive 2nd Floor
Burlington, Massachusetts 01803
United States

-Michael Passanisi
TEL: 781-221-7199 (x2055)
FAX: +1 (781) 998-5800

-Boyang Zhang
TEL: 781-221-7199 (x2059)

NetBrain OpenSSL Cryptographic Module

Version 1.0
Intel Xeon E3 family w/ Windows Server 2012 R2 Standard 8/11/2017 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#3840 HMAC Val#3105

"The NetBrain OpenSSL Cryptographic Module is a C library of cryptographic functions which provides cryptographic services to applications via easy-to-use API. It can be dynamically linked into applications for the use of general-purpose FIPS 140-2 validated cryptography."

1335
All of SP800-56A EXCEPT KDF
SP800-56A
NetBrain Technologies, Inc
15 Network Drive 2nd Floor
Burlington, Massachusetts 01803
United States

-Michael Passanisi
TEL: 781-221-7199 (x2055)
FAX: +1 (781) 998-5800

-Boyang Zhang
TEL: 781-221-7199 (x2059)

NetBrain OpenSSL Cryptographic Module

Version 1.0
Intel Xeon E3 family w/ Windows Server 2012 R2 Standard 8/11/2017 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation   Key Regeneration )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC DSA Val#1242 SHS Val#3840 DRBG Val#1591
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Partial Validation   Key Regeneration )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 EE: P-521 ECDSA Val#1158 SHS Val#3840 DRBG Val#1591

"The NetBrain OpenSSL Cryptographic Module is a C library of cryptographic functions which provides cryptographic services to applications via easy-to-use API. It can be dynamically linked into applications for the use of general-purpose FIPS 140-2 validated cryptography."

1334
RSADP Primitive
FIPS186-4 RSA; RSADP
Taisys Technologies Co. Ltd.
7F., No.56, Lane 321
Yangguang St., Neihu Dist.
Taipei, Taipei 11491
Taiwan (R.O.C.)

-Joe Wang
TEL: +886-2-26270927x6699
FAX: +886-2-26270619

-Kent Horng
TEL: +886-2-26562185 #206
FAX: +886-2-26579657

TAISYS JUISE-S2

Part # ST33G1M2
N/A 8/11/2017 RSADP: (Mod2048)

"The TAISYS JUISE-S2 is a contact/contactless module that provides security services targeted at mobile devices in a single Integrated Circuit Chip. The module is implemented upon Sun Java Card ™ 3.0.4 Classic Edition specifications and is also compliant with GlobalPlatform Card Specification - Version 2.2.1 with SCP03."

1333
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Taisys Technologies Co. Ltd.
7F., No.56, Lane 321
Yangguang St., Neihu Dist.
Taipei, Taipei 11491
Taiwan (R.O.C.)

-Joe Wang
TEL: +886-2-26270927x6699
FAX: +886-2-26270619

-Kent Horng
TEL: +886-2-26562185 #206
FAX: +886-2-26579657

TAISYS JUISE-S2

Part # ST33G1M2
N/A 8/11/2017 RSASP1: (Mod2048: PKCS1.5 )

"The TAISYS JUISE-S2 is a contact/contactless module that provides security services targeted at mobile devices in a single Integrated Circuit Chip. The module is implemented upon Sun Java Card ™ 3.0.4 Classic Edition specifications and is also compliant with GlobalPlatform Card Specification - Version 2.2.1 with SCP03."

1332
Signature Generation of hash sized messages
FIPS186-4 ECDSA
Taisys Technologies Co. Ltd.
7F., No.56, Lane 321
Yangguang St., Neihu Dist.
Taipei, Taipei 11491
Taiwan (R.O.C.)

-Joe Wang
TEL: +886-2-26270927x6699
FAX: +886-2-26270619

-Kent Horng
TEL: +886-2-26562185 #206
FAX: +886-2-26579657

TAISYS JUISE-S2

Part # ST33G1M2
N/A 8/11/2017 ECDSA SigGen Component: CURVES( P-224 P-256 P-384 P-521 )

"The TAISYS JUISE-S2 is a contact/contactless module that provides security services targeted at mobile devices in a single Integrated Circuit Chip. The module is implemented upon Sun Java Card ™ 3.0.4 Classic Edition specifications and is also compliant with GlobalPlatform Card Specification - Version 2.2.1 with SCP03."

1331
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Taisys Technologies Co. Ltd.
7F., No.56, Lane 321
Yangguang St., Neihu Dist.
Taipei, Taipei 11491
Taiwan (R.O.C.)

-Joe Wang
TEL: +886-2-26270927x6699
FAX: +886-2-26270619

-Kent Horng
TEL: +886-2-26562185 #206
FAX: +886-2-26579657

TAISYS JUISE-S2

Part # ST33G1M2
N/A 8/11/2017 Curves tested: P-224   P-256   P-384   P-521

"The TAISYS JUISE-S2 is a contact/contactless module that provides security services targeted at mobile devices in a single Integrated Circuit Chip. The module is implemented upon Sun Java Card ™ 3.0.4 Classic Edition specifications and is also compliant with GlobalPlatform Card Specification - Version 2.2.1 with SCP03."

1330
All of SP800-56A EXCEPT KDF
SP800-56A
Fortinet Inc.
1090 Kifer Road
Sunnyvale, CA 94086-5301
USA

-Alan Kaye
TEL: 613-225-9381 x7416
FAX: 613-225-9951

Fortinet FortiWeb SSL Cryptographic Library

Version 5.6 (Firmware)
Intel Xeon E5 v3 8/11/2017 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: Partial Validation )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC SHS Val#3673 DRBG Val#1434

"This document focuses on the firmware implementation of the Fortinet FortiWeb SSL Cryptographic Library v5.6 running on Intel x86 compatible processors."

1329
Signature Generation of hash sized messages
FIPS186-4 ECDSA
Fortinet Inc.
1090 Kifer Road
Sunnyvale, CA 94086-5301
USA

-Alan Kaye
TEL: 613-225-9381 x87416
FAX: 613-225-9951

Fortinet FortiOS FIPS Cryptographic Library

Version 5.4 (Firmware)
ARM v5 Compatible (SoC2); ARM v7 Compatible (SoC3); Intel Celeron; Intel Xeon E5; Intel i3 Series; Intel i5 Series; Intel i7 Series 8/11/2017 ECDSA SigGen Component: CURVES( P-256 P-384 P-521 )

"This document focuses on the firmware implementation of the Fortinet FortiOS FIPS Cryptographic Library v5.4 running on Intel x86 compatible processors."

1328
RSADP Primitive
FIPS186-4 RSA; RSADP
BiObex, LLC
11501 Sunset Hills Rd
Suite 200
Reston, VA 22190
USA

-Arthur Joyce
TEL: 571-313-0969

SAFE-Key device

Version 1.1.0.0 (Firmware)
STM32F415 8/11/2017 RSADP: (Mod2048)

"The SAFE-Key device is a USB-based hardware token; its primary purpose is two-factor authentication. The device supports three modalities: web-based two-factor authentication, two-factor authentication for protected file decryption and two-factor authentication for digital signature generation."

1327
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Sonus Networks, Inc.
4 Technology Park Drive
Westford, MAS 01886
USA

-Keith Conger
TEL: 978-614-8115

-Adam Elshama
TEL: 978-614-8327

Sonus Cryptographic Library version 3.0

Version 5.1.2
Intel Xeon w/ Closed Proprietary OS Base on Debian Linux 8/11/2017 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"Sonus’ Session Border Controller Software Edition (SWe) is a software-only SBC architected to enable and secure real-time communications in multiple virtual environments. It features the same code base, resiliency, media transcoding, and security technology found in Sonus’ hardware-based SBC 5000 or 7000 series."

1326
Section 4.1.2,
IKEv2
Section 4.2,
TLS
Section 5.2, SSH
Section 5.3, SRTP
Section 5.4, SNMP
SP800-135
Cisco Systems, Inc
170 W Tasman Dr
San Jose, CA 95134
USA

-Clint Winebrenner
TEL: 919.392.6250

CiscoSSL FIPS Object Module

Version 6.0 (Firmware)
Intel Xeon on VMware ESXi 5.5 8/4/2017 IKEv2( ( 2048 (SHA 1 ) ) SHA Val#3831 HMAC Val#3096
TLS( TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#3831 HMAC Val#3096
SSH (SHA 1 , 224 , 256 , 384 , 512 ) SHA Val#3831
SRTP (AES 128 , 192 , 256 ) AES Val#4680
SNMP SHA1 Val#3831

"The Cisco FIPS Object Module (FOM) is a firmware library that provides cryptographic services to a vast array of Cisco''s networking and collaboration products."

1325
All of SP800-56A EXCEPT KDF
SP800-56A
Cisco Systems, Inc
170 W Tasman Dr
San Jose, CA 95134
USA

-Clint Winebrenner
TEL: 919.392.6250

CiscoSSL FIPS Object Module

Version 6.0 (Firmware)
Intel Xeon on VMware ESXi 5.5 8/4/2017 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC DSA Val#1241 SHS Val#3831 DRBG Val#1583
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 EE: P-521 ECDSA Val#1155 SHS Val#3831 DRBG Val#1583

"The Cisco FIPS Object Module (FOM) is a firmware library that provides cryptographic services to a vast array of Cisco''s networking and collaboration products."

1324
Section 4.1.2,
IKEv2
Section 4.2,
TLS
Section 5.2, SSH
Section 5.3, SRTP
Section 5.4, SNMP
SP800-135
Cisco Systems, Inc
170 W Tasman Dr
San Jose, CA 95134
USA

-Clint Winebrenner
TEL: 919.392.6250

CiscoSSL FIPS Object Module

Version 6.0 (Firmware)
Intel Xeon 8/4/2017 IKEv2( ( 2048 (SHA 1 ) ) SHA Val#3830 HMAC Val#3095
TLS( TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#3830 HMAC Val#3095
SSH (SHA 1 , 224 , 256 , 384 , 512 ) SHA Val#3830
SRTP (AES 128 , 192 , 256 ) AES Val#4676
SNMP SHA1 Val#3830

"The Cisco FIPS Object Module (FOM) is a firmware library that provides cryptographic services to a vast array of Cisco''s networking and collaboration products."

1323
All of SP800-56A EXCEPT KDF
SP800-56A
Cisco Systems, Inc
170 W Tasman Dr
San Jose, CA 95134
USA

-Clint Winebrenner
TEL: 919.392.6250

CiscoSSL FIPS Object Module

Version 6.0 (Firmware)
Intel Xeon 8/4/2017 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: Hybrid1Flow: FB FC DSA Val#1240 SHS Val#3830 DRBG Val#1581
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 EE: P-521 ECDSA Val#1154 SHS Val#3830 DRBG Val#1581

"The Cisco FIPS Object Module (FOM) is a firmware library that provides cryptographic services to a vast array of Cisco''s networking and collaboration products."

1322
All of SP800-56A EXCEPT KDF
SP800-56A
IBM Corporation
2455 South Road
Poughkeepsie, New York 12601-5400
USA

-John Monti
TEL: 845-435-4164

IBM z/OS(R) Cryptographic Services ICSF PKCS #11 with CEX5A

Version OA52336
IBM z13 w/ IBM z/OS(R) v2.2 8/4/2017 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: Partial Validation )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC OneFlow: (KARole: Initiator / Responder ) FB FC Static: (KARole: Initiator / Responder ) FB FC DSA Val#1216 SHS Val#3761 DRBG Val#1530
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: Partial Validation )
SCHEMES: FullUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 OnePassDH: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: EE: P-521 StaticUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 ECDSA Val#1123 SHS Val#3761 DRBG Val#1530

"ICSF is a software element of z/OS that works with hardware cryptographic features and the Security Server (RACF) to provide secure, high-speed cryptographic services in the z/OS environment. ICSF, which runs as a started task, provides the application programming interfaces by which applications request the cryptographic services."

1321
Section 4.2,
TLS
SP800-135
Red Hat, Inc.
100 E. Davie Street
Raleigh, NC 27601
USA

-Jaroslav Reznik

OpenSSL (no AVX2, x86_64, 32-bit library)

Version 5.0
Intel x86 64 bits w/ Red Hat Enterprise Linux 7.4 8/4/2017 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#3824 HMAC Val#3091

"The OpenSSL FIPS Runtime Module is a general purpose cryptographic library designed to provide FIPS 140-2 validated cryptographic functionality for use with the high level API of the OpenSSL library."

1320
All of SP800-56A EXCEPT KDF
SP800-56A
Red Hat, Inc.
100 E. Davie Street
Raleigh, NC 27601
USA

-Jaroslav Reznik

OpenSSL (no AVX2, x86_64, 32-bit library)

Version 5.0
Intel x86 64 bits w/ Red Hat Enterprise Linux 7.4 8/4/2017 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation   Key Regeneration )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC DSA Val#1238 SHS Val#3824 DRBG Val#1579
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation   Key Regeneration )
SCHEMES: FullUnified: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 EE: P-521 ECDSA Val#1151 SHS Val#3824 DRBG Val#1579

"The OpenSSL FIPS Runtime Module is a general purpose cryptographic library designed to provide FIPS 140-2 validated cryptographic functionality for use with the high level API of the OpenSSL library."

1319
Section 4.2,
TLS
SP800-135
Red Hat, Inc.
100 E. Davie Street
Raleigh, NC 27601
USA

-Jaroslav Reznik

OpenSSL (no AVX2, x86_64, 64-bit library)

Version 5.0
Intel x86 64 bits w/ Red Hat Enterprise Linux 7.4 8/4/2017 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#3823 HMAC Val#3090

"The OpenSSL FIPS Runtime Module is a general purpose cryptographic library designed to provide FIPS 140-2 validated cryptographic functionality for use with the high level API of the OpenSSL library."

1318
All of SP800-56A EXCEPT KDF
SP800-56A
Red Hat, Inc.
100 E. Davie Street
Raleigh, NC 27601
USA

-Jaroslav Reznik

OpenSSL (no AVX2, x86_64, 64-bit library)

Version 5.0
Intel x86 64 bits w/ Red Hat Enterprise Linux 7.4 8/4/2017 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: Partial Validation )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC DSA Val#1237 SHS Val#3823 DRBG Val#1578
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: Partial Validation )
SCHEMES: FullUnified: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 EE: P-521 ECDSA Val#1150 SHS Val#3823 DRBG Val#1578

"The OpenSSL FIPS Runtime Module is a general purpose cryptographic library designed to provide FIPS 140-2 validated cryptographic functionality for use with the high level API of the OpenSSL library."

1317
Signature Generation of hash sized messages
FIPS186-4 ECDSA
RSA, The Security Division of EMC
174 Middlesex Turnpike
Bedford, MA 01730
USA

-Rohit Mathur
TEL: +61730325220

RSA BSAFE Crypto-C Micro Edition

Version 4.1.3.2
ARMv7 (64-bit) w/ Timesys Linux 4.2.8 8/4/2017 ECDSA SigGen Component: CURVES( P-224 P-256 P-384 P-521 K-233 K-283 K-409 K-571 B-233 B-283 B-409 B-571 )

"RSA BSAFE® Crypto-C ME software is designed to help protect sensitive data as it is stored using strong encryption techniques to provide a persistent level of protection. The software supports a wide range of industry standard encryption algorithms offering developers the flexibility to choose the appropriate option to meet their requirements."

1316
RSADP Primitive
FIPS186-4 RSA; RSADP
RSA, The Security Division of EMC
174 Middlesex Turnpike
Bedford, MA 01730
USA

-Rohit Mathur
TEL: +61730325220

RSA BSAFE Crypto-C Micro Edition

Version 4.1.3.2
ARMv7 (64-bit) w/ Timesys Linux 4.2.8 8/4/2017 RSADP: (Mod2048)

"RSA BSAFE® Crypto-C ME software is designed to help protect sensitive data as it is stored using strong encryption techniques to provide a persistent level of protection. The software supports a wide range of industry standard encryption algorithms offering developers the flexibility to choose the appropriate option to meet their requirements."

1315
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
RSA, The Security Division of EMC
174 Middlesex Turnpike
Bedford, MA 01730
USA

-Rohit Mathur
TEL: +61730325220

RSA BSAFE Crypto-C Micro Edition

Version 4.1.3.2
ARMv7 (64-bit) w/ Timesys Linux 4.2.8 8/4/2017 RSASP1: (Mod2048: PKCS1.5 )

"RSA BSAFE® Crypto-C ME software is designed to help protect sensitive data as it is stored using strong encryption techniques to provide a persistent level of protection. The software supports a wide range of industry standard encryption algorithms offering developers the flexibility to choose the appropriate option to meet their requirements."

1314
Section 4.2,
TLS
Section 5.1,
ANS X9.63-2001
SP800-135
RSA, The Security Division of EMC
174 Middlesex Turnpike
Bedford, MA 01730
USA

-Rohit Mathur
TEL: +61730325220

RSA BSAFE Crypto-C Micro Edition

Version 4.1.3.2
ARMv7 (64-bit) w/ Timesys Linux 4.2.8 8/4/2017 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#3822 HMAC Val#3089
ANSX963_2001 (SHS 224 , 256 , 384 , 512 ) SHA Val#3822

"RSA BSAFE® Crypto-C ME software is designed to help protect sensitive data as it is stored using strong encryption techniques to provide a persistent level of protection. The software supports a wide range of industry standard encryption algorithms offering developers the flexibility to choose the appropriate option to meet their requirements."

1313
Section 4.2,
TLS
SP800-135
Red Hat, Inc.
100 E. Davie Street
Raleigh, NC 27601
USA

-Jaroslav Reznik

OpenSSL (Full CPU set, x86_64, 32-bit library)

Version 5.0
Intel x86 64 bits w/ Red Hat Enterprise Linux 7.4 8/4/2017 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#3821 HMAC Val#3088

"The OpenSSL FIPS Runtime Module is a general purpose cryptographic library designed to provide FIPS 140-2 validated cryptographic functionality for use with the high level API of the OpenSSL library."

1312
All of SP800-56A EXCEPT KDF
SP800-56A
Red Hat, Inc.
100 E. Davie Street
Raleigh, NC 27601
USA

-Jaroslav Reznik

OpenSSL (Full CPU set, x86_64, 32-bit library)

Version 5.0
Intel x86 64 bits w/ Red Hat Enterprise Linux 7.4 8/4/2017 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: Partial Validation )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC DSA Val#1235 SHS Val#3821 DRBG Val#1576
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: Full Validation )
SCHEMES: FullUnified: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 EE: P-521 ECDSA Val#1148 SHS Val#3821 DRBG Val#1576

"The OpenSSL FIPS Runtime Module is a general purpose cryptographic library designed to provide FIPS 140-2 validated cryptographic functionality for use with the high level API of the OpenSSL library."

1311
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
RSA, The Security Division of EMC
174 Middlesex Turnpike
Bedford, MA 01730
USA

-Rohit Mathur
TEL: +61730325220

RSA BSAFE Crypto-C Micro Edition

Version 4.1.3.2
ARMv7 (64-bit) w/ Timesys Linux 4.2.8 8/4/2017 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"RSA BSAFE® Crypto-C ME software is designed to help protect sensitive data as it is stored using strong encryption techniques to provide a persistent level of protection. The software supports a wide range of industry standard encryption algorithms offering developers the flexibility to choose the appropriate option to meet their requirements."

1310
Section 4.2,
TLS
SP800-135
Red Hat, Inc.
100 E. Davie Street
Raleigh, NC 27601
USA

-Jaroslav Reznik

GnuTLS_x86_64_C

Version 5.0
Intel x86 (64-bit) w/ Red Hat Enterprise Linux 7.4 8/4/2017 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#3818 HMAC Val#3087

"GnuTLS supported by Nettle is a secure communications library implementing the SSL, TLS and DTLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure ommunications protocols as well as APIs to parse and write X.509, PKCS #12, OpenPGP and other required structures."

1309
All of SP800-56A EXCEPT KDF
SP800-56A
Red Hat, Inc.
100 E. Davie Street
Raleigh, NC 27601
USA

-Jaroslav Reznik

GnuTLS_x86_64_C

Version 5.0
Intel x86 (64-bit) w/ Red Hat Enterprise Linux 7.4 8/4/2017 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation   Key Regeneration )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC DSA Val#1234 SHS Val#3818 DRBG Val#1575
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation   Key Regeneration )
SCHEMES: FullUnified: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 EE: P-521 ECDSA Val#1147 SHS Val#3818 DRBG Val#1575

"GnuTLS supported by Nettle is a secure communications library implementing the SSL, TLS and DTLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure ommunications protocols as well as APIs to parse and write X.509, PKCS #12, OpenPGP and other required structures."

1308
Section 4.2,
TLS
SP800-135
Red Hat, Inc.
100 E. Davie Street
Raleigh, NC 27601
USA

-Jaroslav Reznik

GnuTLS_x86_C

Version 5.0
Intel x86 (32-bit) w/ Red Hat Enterprise Linux 7.4 8/4/2017 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#3817 HMAC Val#3086

"GnuTLS supported by Nettle is a secure communications library implementing the SSL, TLS and DTLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure ommunications protocols as well as APIs to parse and write X.509, PKCS #12, OpenPGP and other required structures."

1307
All of SP800-56A EXCEPT KDF
SP800-56A
Red Hat, Inc.
100 E. Davie Street
Raleigh, NC 27601
USA

-Jaroslav Reznik

GnuTLS_x86_C

Version 5.0
Intel x86 (32-bit) w/ Red Hat Enterprise Linux 7.4 8/4/2017 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation   Key Regeneration )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC DSA Val#1233 SHS Val#3817 DRBG Val#1574
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation   Key Regeneration )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 EE: P-521 ECDSA Val#1146 SHS Val#3817 DRBG Val#1574

"GnuTLS supported by Nettle is a secure communications library implementing the SSL, TLS and DTLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure ommunications protocols as well as APIs to parse and write X.509, PKCS #12, OpenPGP and other required structures."

1306
Section 5.2, SSH
SP800-135
Nokia
600 March Rd
Ottawa, Ontario K2K 2E6
Canada

-Hooman Bidgoli
TEL: +1 613 784 5351

-Peter Merriman
TEL: +1 613 784 3045

Nokia 7705 SAR OS Non Datapath Cryptographic Library

Version 2 (Firmware)
Cavium Octeon Plus 8/4/2017 SSH (SHA 1 ) SHA Val#3816

"The Nokia 7705 SAR OS Non Datapath Cryptographic Library is used on the Nokia 77705 Service Aggrigation Router"

1305
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
Section 5.2, SSH
SP800-135
Nokia
600 March Rd
Ottawa, Ontario K2K 2E6
Canada

-Hooman Bidgoli
TEL: +1 613 784 5351

-Peter Merriman
TEL: +1 613 784 3045

Nokia 7705 SAR OS Cryptographic Library

Version 2 (Firmware)
Cavium Octeon Plus 8/4/2017 IKEv1( AUTH( PSK ) ) ( 2048 (SHA 1 , 256 , 384 , 512 ) ) ( 3072 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#3815 HMAC Val#3084
IKEv2( ( 2048 (SHA 1 , 256 , 384 , 512 ) ) ( 3072 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#3815 HMAC Val#3084
SSH (SHA 1 ) SHA Val#3815

"The Nokia 7705 SAR OS Cryptographic Library is used on the Nokia 77705 Service Aggrigation Router"

1304
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
Section 5.2, SSH
SP800-135
Nokia
600 March Rd.
Ottawa, Ontario k0A 2Z0
Canada

-Hooman Bidgoli
TEL: +1 613 784 5351

-Peter Merriman
TEL: +1 613 784 3045

Nokia 7705 SAR OS Cryptographic Library

Version 2 (Firmware)
Cavium Octeon II 8/4/2017 IKEv1( AUTH( PSK ) ) ( 2048 (SHA 1 , 256 , 384 , 512 ) ) ( 3072 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#3814 HMAC Val#3083
IKEv2( ( 2048 (SHA 1 , 256 , 384 , 512 ) ) ( 3072 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#3814 HMAC Val#3083
SSH (SHA 1 ) SHA Val#3814

"The Nokia 7705 SAR OS Cryptographic Library is used on the Nokia 77705 Service Aggrigation Router"

1302
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
HID Global
6623 Dumbarton Circle
Fremont, CA 94555
USA

-Jean-Luc Azou
TEL: 510-574-1738
FAX: 510-574-0100

-Béatrice SALAUN
TEL: + 33 1 42 04 84 56

RSASP1_OT

Version Version 07888.8 with 07846.9 (Firmware) (Firmware)
Part # Part # 0F
Oberthur Cosmo V8 8/4/2017 RSASP1: (Mod2048: PKCS1.5 )

"The RSA signature primitive provided by the Cosmo V8 platform via Javacard API."

1301
Section 4.2,
TLS
SP800-135
Oracle Corporation
500 Oracle Parkway
Redwood Shores, CA 94065
USA

-Linda Gallops
TEL: +1 704.972.5018
FAX: +1 980.355.5399

-Chris Brych
TEL: +1 613.216.3078

Oracle Linux 7 NSS without AES-NI

Version R7-2.0.0
Intel Xeon E5-2699 v4 w/ Oracle Linux 7.3 64 bit 8/4/2017 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) )

"Oracle Linux 7 NSS Cryptographic Module is a set of libraries designed to support cross-platform development of security-enabled applications."

1300
All of SP800-56A EXCEPT KDF
SP800-56A
Oracle Corporation
500 Oracle Parkway
Redwood Shores, CA 94065
USA

-Linda Gallops
TEL: +1 704.972.5018
FAX: +1 980.355.5399

-Chris Brych
TEL: +1 613.216.3078

Oracle Linux 7 NSS without AES-NI

Version R7-2.0.0
Intel Xeon E5-2699 v4 w/ Oracle Linux 7.3 64 bit 8/4/2017 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG   Partial Validation )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC DSA Val#1229 SHS Val#3808 DRBG Val#1568
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG Partial Validation )
SCHEMES: FullUnified: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 EE: P-521 ECDSA Val#1145 SHS Val#3808 DRBG Val#1568

"Oracle Linux 7 NSS Cryptographic Module is a set of libraries designed to support cross-platform development of security-enabled applications."

1299
Section 4.2,
TLS
SP800-135
Red Hat, Inc.
100 E. Davie Street
Raleigh, NC 27601
USA

-Jaroslav Reznik

OpenSSL (Full CPU set, x86_64, 64-bit library)

Version 5.0
Intel x86 64 bits w/ Red Hat Enterprise Linux 7.4 8/4/2017 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#3807 HMAC Val#3076

"The OpenSSL FIPS Runtime Module is a general purpose cryptographic library designed to provide FIPS 140-2 validated cryptographic functionality for use with the high level API of the OpenSSL library."

1298
All of SP800-56A EXCEPT KDF
SP800-56A
Red Hat, Inc.
100 E. Davie Street
Raleigh, NC 27601
USA

-Jaroslav Reznik

OpenSSL (Full CPU set, x86_64, 64-bit library)

Version 5.0
Intel x86 64 bits w/ Red Hat Enterprise Linux 7.4 8/4/2017 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: Partial Validation )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC DSA Val#1228 SHS Val#3807 DRBG Val#1567
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: Partial Validation )
SCHEMES: FullUnified: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 EE: P-521 ECDSA Val#1144 SHS Val#3807 DRBG Val#1567

"The OpenSSL FIPS Runtime Module is a general purpose cryptographic library designed to provide FIPS 140-2 validated cryptographic functionality for use with the high level API of the OpenSSL library."

1297
SP800-135
DocuSign, Inc.
221 Main St.
Suite 1000
San Francisco, CA 94105
USA

-Ezer Farhi
TEL: +972-39279529
FAX: +972-39230864

-Moshe Harel
TEL: +972-39279578
FAX: +972-39230864

PrivateServer-OpenSSL

Version 5.02 (Firmware)
Intel Xeon Quad-Core 8/4/2017

"PrivateServer performs sensitive cryptographic operations internally in a tamper-proof, high performance device. PrivateServer is configured as a network server or as a cryptographic backend to a host."

08/31/17: Updated implementation information;

1296
Signature Generation of hash sized messages
FIPS186-4 ECDSA
DocuSign, Inc.
221 Main St.
Suite 1000
San Francisco, CA 94105
USA

-Ezer Farhi
TEL: 972-39279529
FAX: 972-39230864

-Moshe Harel
TEL: 972-3-9279578
FAX: 972-3-9230864

PrivateServer

Version 5.02 (Firmware)
Intel Xeon Quad-Core 8/4/2017 ECDSA SigGen Component: CURVES( P-256 P-384 P-521 )

"PrivateServer performs sensitive cryptographic operations internally in a tamper-proof, high performance device. PrivateServer is configured as a network server or as a cryptographic backend to a host."

08/31/17: Updated implementation information;

1295
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Trusted Concepts
205 Van Buren St
Suite 440
Herndon, VA 20170
USA

-Chris Greenlee
TEL: 202.680.3718

TrustedKeep Encryption Module

Version 1.8.3
Intel Core i7 w/PAA w/ CentOS 7.3; Intel Core i7 w/o PAA w/ CentOS 7.3 8/4/2017 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"TrustedKeep is a secure object storage and sharing solution."

1294
RSADP Primitive
FIPS186-4 RSA; RSADP
Security First Corp.
29811 Santa Margarita Parkway
Suite 600
Rancho Santa Margarita, CA 92688
USA

-Rick Orsini
TEL: 949-585-7525
FAX: 949-858-7092

Secure Parser Library

Version 4.7.1.10
Intel Atom x5 on GETAC MX50 w/ Android 5.1.1 8/4/2017 RSADP: (Mod2048)

"The Secure Parser Library is a suite of general security routines using FIPS Approved algorithms for its cryptography. An AES key size of 256 bits and equivalent key sizes for all other algorithms are supported by the library"

1293
Section 5.2, SSH
SP800-135
Juniper Networks, Inc.
1133 Innovation Way
Sunnyvale, CA 94089
USA

-Pradeepa M R

-Vann (Vanna) Nguyen
TEL: 408-745-2000

JUNOS FIPS Version 15.1X49-D100-OpenSSH

Version 15.1X49-D100 (Firmware)
Intel Xeon E5 8/4/2017 SSH (SHA 1 , 256 , 512 ) SHA Val#3797

"The SRX4100/4200 Services Gateway is a next-generation firewall and security services gateway offering outstanding protection, performance, scalability, availability, and security service integration. With best in class networking and security in a single platform, these best suited for enterprise data centers, campuses, and regional headquarters."

1292
Section 5.2, SSH
SP800-135
Juniper Networks, Inc.
1133 Innovation Way
Sunnyvale, CA 94089
USA

-Pradeepa M R

-Vann (Vanna) Nguyen
TEL: 408-745-2000

JUNOS FIPS Version 15.1X49-D100-OpenSSH

Version 15.1X49-D100 (Firmware)
Intel Xeon E3 8/4/2017 SSH (SHA 1 , 256 , 384 ) SHA Val#3796

"The SRX1500 Services Gateway is a next-generation firewall and security services gateway offering outstanding protection, performance, scalability, availability, and security service integration. With best in class networking and security in a single platform, SRX1500 best suited for enterprise data centers, campuses, and regional headquarters."

1291
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
SP800-135
Juniper Networks, Inc.
1133 Innovation Way
Sunnyvale, CA 94089
USA

-Pradeepa M R

-Vann (Vanna) Nguyen
TEL: 408-745-2000

JUNOS FIPS Version 15.1X49-D100-QuickSec

Version 15.1X49-D100 (Firmware)
Intel Xeon E3 8/4/2017 IKEv1( AUTH( DSA , PSK ) ) ( 256 (SHA 256 , 384 ) ) ( 2048 (SHA 256 , 384 ) ) ( 384 (SHA 256 , 384 ) ) SHA Val#3798 HMAC Val#3067
IKEv2( ( 256 (SHA 256 , 384 ) ) ( 2048 (SHA 256 , 384 ) ) ( 384 (SHA 256 , 384 ) ) SHA Val#3798 HMAC Val#3067

"The SRX1500 Services Gateway is a next-generation firewall and security services gateway offering outstanding protection, performance, scalability, availability, and security service integration. With best in class networking and security in a single platform, SRX1500 best suited for enterprise data centers, campuses, and regional headquarters."

1290
Signature Generation of hash sized messages
FIPS186-4 ECDSA
Google Inc.
1600 Amphitheatre Parkway
Mountain View, CA 94043
USA

-Titan Key FIPS officer

Titan Key

Part # 1.0
N/A 7/28/2017 ECDSA SigGen Component: CURVES( P-256 )

"Implemented with Google’s "Titan" secure microcontroller and custom firmware, the Titan Key is a FIPS-compliant Universal 2nd Factor (U2F) authenticator and hardware root of trust."

1289
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Oracle Corporation
500 Oracle Parkway
Redwood Shores, CA 94065
USA

-Petra Manche
TEL: +44 1189 245470

-Chris Brych
TEL: +1 613.216.3078

Oracle ILOM OpenSSL FIPS Object Module

Version 2.0.10
Oracle ILOM SP v3 (ARM 7) without PAA w/ Oracle ILOM OS v3.0; Oracle ILOM SP v3 (ARM 7) with PAA w/ Oracle ILOM OS v3.0 7/28/2017 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"Oracle ILOM OpenSSL FIPS Object Module is a software library providing a C language application program interface (API) for use by other processes that require cryptographic functionality and is classified by FIPS 1402 as a software module, multichip standalone module embodiment."

1288
Signature Generation of hash sized messages
FIPS186-4 ECDSA
Fortinet Inc.
1090 Kifer Road
Sunnyvale, CA 94086-5301
USA

-Alan Kaye
TEL: 613-225-9381 x87416
FAX: 613-225-9951

Fortinet FortiOS SSL Cryptographic Library

Version 5.4 (Firmware)
ARM v5 Compatible (SoC2); ARM v7 Compatible (SoC3); Intel Celeron; Intel Xeon E5; Intel i3; Intel i5; Intel i7 7/28/2017 ECDSA SigGen Component: CURVES( P-256 P-384 P-521 )

"This document focuses on the firmware implementation of the Fortinet FortiOS SSL Cryptographic Library v5.4 running on Intel x86 compatible processors."

1287
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Fortinet Inc.
1090 Kifer Road
Sunnyvale, CA 94086-5301
USA

-Alan Kaye
TEL: 613-225-9381 x87416
FAX: 613-225-9951

Fortinet FortiOS SSL Cryptographic Library

Version 5.4 (Firmware)
ARM v5 Compatible (SoC2); ARM v7 Compatible (SoC3); Intel Celeron; Intel Xeon E5; Intel i3; Intel i5; Intel i7 7/28/2017 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 ) ) SHA Val#3792 HMAC Val#3063
SSH (SHA 1 , 256 ) SHA Val#3792

"This document focuses on the firmware implementation of the Fortinet FortiOS SSL Cryptographic Library v5.4 running on Intel x86 compatible processors."

1286
All of SP800-56A EXCEPT KDF
SP800-56A
Fortinet Inc.
1090 Kifer Road
Sunnyvale, CA 94086-5301
USA

-Alan Kaye
TEL: 613-225-9381 x87416
FAX: 613-225-9951

Fortinet FortiOS SSL Cryptographic Library

Version 5.4 (Firmware)
ARM v5 Compatible (SoC2); ARM v7 Compatible (SoC3); Intel Celeron; Intel Xeon E5; Intel i3; Intel i5; Intel i7 7/28/2017 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: Partial Validation )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC SHS Val#3792 DRBG Val#1543
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: Partial Validation )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 EE: P-521 SHS Val#3792 DRBG Val#1543

"This document focuses on the firmware implementation of the Fortinet FortiOS SSL Cryptographic Library v5.4 running on Intel x86 compatible processors."

1285
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Microsoft Corporation
One Microsoft Way
Redmond, WA 98052-6399
USA

-Mike Grimm
TEL: 800-Microsoft

Windows 10 Creators Update (version 1703) Pro, Enterprise, Education Virtual TPM Implementations

Version 10.0.15063
Intel Core i5 with AES-NI and without SHA Extensions w/ Microsoft Surface Laptop w/ Windows 10 Pro Creators Update (x64); Intel Core i5 with AES-NI and without SHA Extensions w/ Microsoft Surface Laptop w/ Windows 10 Enterprise Creators Update (x64); Intel Core m3 with AES-NI and without SHA Extensions w/ Microsoft Surface Pro w/ Windows 10 Education Creators Update (x64); Intel Core m3 with AES-NI and without SHA Extensions w/ Microsoft Surface Pro w/ Windows 10 Pro Creators Update (x64); Intel Core m3 with AES-NI and without SHA Extensions w/ Microsoft Surface Pro w/ Windows 10 Enterprise Creators Update (x64); Intel Core i7 with AES-NI and without SHA Extensions w/ Microsoft Surface Book w/ Windows 10 Enterprise Creators Update (x64); Intel Core i5 with AES-NI and without SHA Extensions w/ Microsoft Surface Pro 4 w/ Windows 10 Enterprise Creators Update (x64); Intel Core i7 with AES-NI and without SHA Extensions w/ Microsoft Surface Pro 3 w/ Windows 10 Pro Creators Update (x64); Intel Core i7 with AES-NI and without SHA Extensions w/ Microsoft Surface Studio w/ Windows 10 Enterprise Creators Update (x64); Intel Core i5 with AES-NI and without SHA Extensions w/ Windows 10 Pro Creators Update on Hyper-V on Windows Server 2016 (x64); Intel Core i5 with AES-NI and without SHA Extensions w/ Dell Latitude 5285 w/ Windows 10 Pro Creators Update (x64); Intel Xeon with AES-NI and without SHA Extensions w/ Dell Precision Tower 5810MT w/ Windows 10 Pro Creators Update (x64); Intel Xeon with AES-NI and without SHA Extensions w/ Dell PowerEdge R630 Server w/ Windows 10 Pro Creators Update (x64); AMD A4 with AES-NI and without SHA Extensions w/ HP Compaq Pro 6305 w/ Windows 10 Pro Creators Update (x64); Intel Core i7 with AES-NI and without SHA Extensions w/ HP Pro x2 612 G2 Detachable PC with LTE w/ Windows 10 Enterprise Creators Update (x64); Intel Pentium with AES-NI and SHA Extensions w/ HP Slimline Desktop w/ Windows 10 Pro Creators Update (x64); Intel Core i5 with AES-NI and without SHA Extensions w/ Panasonic Toughbook w/ Windows 10 Pro Creators Update (x64); 7/28/2017 RSASP1: (Mod2048: PKCS1.5 )

"The Microsoft Windows Virtual TPM implementations provide cryptography algorithms to support the Virtual TPM functionality for Hyper-V"

1284
Signature Generation of hash sized messages
FIPS186-4 ECDSA
Microsoft Corporation
One Microsoft Way
Redmond, WA 98052-6399
USA

-Mike Grimm
TEL: 800-Microsoft

Windows 10 Creators Update (version 1703) Home, Pro, Enterprise, Education, Windows 10 S, Windows 10 Mobile MsBignum Cryptographic Implementations

Version 10.0.15063
Intel Core i5 with AES-NI and without SHA Extensions w/ Microsoft Surface Laptop w/ Windows 10 Pro Creators Update (x64); Intel Core i5 with AES-NI and without SHA Extensions w/ Microsoft Surface Laptop w/ Windows 10 Enterprise Creators Update (x64); Intel Core m3 with AES-NI and without SHA Extensions w/ Microsoft Surface Pro w/ Windows 10 Education Creators Update (x64); Intel Core i5 with AES-NI and without SHA Extensions w/ Microsoft Surface Laptop w/ Windows 10 S Creators Update (x64); Intel Core m3 with AES-NI and without SHA Extensions w/ Microsoft Surface Pro w/ Windows 10 Pro Creators Update (x64); Intel Core m3 with AES-NI and without SHA Extensions w/ Microsoft Surface Pro w/ Windows 10 Enterprise Creators Update (x64); Intel Core i7 with AES-NI and without SHA Extensions w/ Microsoft Surface Book w/ Windows 10 Enterprise Creators Update (x64); Intel Core i5 with AES-NI and without SHA Extensions w/ Microsoft Surface Pro 4 w/ Windows 10 Enterprise Creators Update (x64); Intel Core i7 with AES-NI and without SHA Extensions w/ Microsoft Surface Pro 3 w/ Windows 10 Pro Creators Update (x64); Intel Atom x7 with AES-NI and without SHA Extensions w/ Microsoft Surface 3 w/ Windows 10 Enterprise Creators Update (x64); Intel Atom x7 with AES-NI and without SHA Extensions w/ Microsoft Surface 3 with LTE w/ Windows 10 Pro Creators Update (x64); Intel Core i7 with AES-NI and without SHA Extensions w/ Microsoft Surface Studio w/ Windows 10 Enterprise Creators Update (x64); Intel Core i5 with AES-NI and without SHA Extensions w/ Microsoft Surface Hub w/ Windows 10 Creators Update (x64); Intel Core i5 with AES-NI and without SHA Extensions w/ Windows 10 Pro Creators Update on Hyper-V on Windows Server 2016 (x64); Qualcomm Snapdragon 808 (A57, A53) w/ Microsoft Lumia 950 w/ Windows 10 Mobile Creators Update (ARMv7); Qualcomm Snapdragon 810 (A57, A53) w/ Microsoft Lumia 950 XL w/ Windows 10 Mobile Creators Update (ARMv7); Qualcomm Snapdragon 212 (A7) w/ Microsoft Lumia 650 w/ Windows 10 Mobile Creators Update (ARMv7); Intel Core i5 with AES-NI and without SHA Extensions w/ Dell Latitude 5285 w/ Windows 10 Pro Creators Update (x64); Intel Core i3 without AES-NI and SHA Extensions w/ Dell Inspiron 660s w/ Windows 10 Creators Update (x86); Intel Xeon with AES-NI and without SHA Extensions w/ Dell Precision Tower 5810MT w/ Windows 10 Pro Creators Update (x64); Intel Xeon with AES-NI and without SHA Extensions w/ Dell PowerEdge R630 Server w/ Windows 10 Pro Creators Update (x64); Qualcomm Snapdragon 820 (Kryo) w/ HP Elite x3 w/ Windows 10 Mobile Creators Update (ARMv7); AMD A4 with AES-NI and without SHA Extensions w/ HP Compaq Pro 6305 w/ Windows 10 Pro Creators Update (x64); Intel Core i7 with AES-NI and without SHA Extensions w/ HP Pro x2 612 G2 Detachable PC with LTE w/ Windows 10 Enterprise Creators Update (x64); 7/28/2017 ECDSA SigGen Component: CURVES( P-256 P-384 P-521 )

"The Microsoft Windows MsBignum Library algorithm implementation provides ECDSA and RSA support to other Microsoft libraries and cryptographic modules."

1283
RSADP Primitive
FIPS186-4 RSA; RSADP
Microsoft Corporation
One Microsoft Way
Redmond, WA 98052-6399
USA

-Mike Grimm
TEL: 800-Microsoft

Windows 10 Creators Update (version 1703) Home, Pro, Enterprise, Education, Windows 10 S, Windows 10 Mobile MsBignum Cryptographic Implementations

Version 10.0.15063
Intel Core i5 with AES-NI and without SHA Extensions w/ Microsoft Surface Laptop w/ Windows 10 Pro Creators Update (x64); Intel Core i5 with AES-NI and without SHA Extensions w/ Microsoft Surface Laptop w/ Windows 10 Enterprise Creators Update (x64); Intel Core m3 with AES-NI and without SHA Extensions w/ Microsoft Surface Pro w/ Windows 10 Education Creators Update (x64); Intel Core i5 with AES-NI and without SHA Extensions w/ Microsoft Surface Laptop w/ Windows 10 S Creators Update (x64); Intel Core m3 with AES-NI and without SHA Extensions w/ Microsoft Surface Pro w/ Windows 10 Pro Creators Update (x64); Intel Core m3 with AES-NI and without SHA Extensions w/ Microsoft Surface Pro w/ Windows 10 Enterprise Creators Update (x64); Intel Core i7 with AES-NI and without SHA Extensions w/ Microsoft Surface Book w/ Windows 10 Enterprise Creators Update (x64); Intel Core i5 with AES-NI and without SHA Extensions w/ Microsoft Surface Pro 4 w/ Windows 10 Enterprise Creators Update (x64); Intel Core i7 with AES-NI and without SHA Extensions w/ Microsoft Surface Pro 3 w/ Windows 10 Pro Creators Update (x64); Intel Atom x7 with AES-NI and without SHA Extensions w/ Microsoft Surface 3 w/ Windows 10 Enterprise Creators Update (x64); Intel Atom x7 with AES-NI and without SHA Extensions w/ Microsoft Surface 3 with LTE w/ Windows 10 Pro Creators Update (x64); Intel Core i7 with AES-NI and without SHA Extensions w/ Microsoft Surface Studio w/ Windows 10 Enterprise Creators Update (x64); Intel Core i5 with AES-NI and without SHA Extensions w/ Microsoft Surface Hub w/ Windows 10 Creators Update (x64); Intel Core i5 with AES-NI and without SHA Extensions w/ Windows 10 Pro Creators Update on Hyper-V on Windows Server 2016 (x64); Qualcomm Snapdragon 808 (A57, A53) w/ Microsoft Lumia 950 w/ Windows 10 Mobile Creators Update (ARMv7); Qualcomm Snapdragon 810 (A57, A53) w/ Microsoft Lumia 950 XL w/ Windows 10 Mobile Creators Update (ARMv7); Qualcomm Snapdragon 212 (A7) w/ Microsoft Lumia 650 w/ Windows 10 Mobile Creators Update (ARMv7); Intel Core i5 with AES-NI and without SHA Extensions w/ Dell Latitude 5285 w/ Windows 10 Pro Creators Update (x64); Intel Core i3 without AES-NI and SHA Extensions w/ Dell Inspiron 660s w/ Windows 10 Creators Update (x86); Intel Xeon with AES-NI and without SHA Extensions w/ Dell Precision Tower 5810MT w/ Windows 10 Pro Creators Update (x64); Intel Xeon with AES-NI and without SHA Extensions w/ Dell PowerEdge R630 Server w/ Windows 10 Pro Creators Update (x64); Qualcomm Snapdragon 820 (Kryo) w/ HP Elite x3 w/ Windows 10 Mobile Creators Update (ARMv7); AMD A4 with AES-NI and without SHA Extensions w/ HP Compaq Pro 6305 w/ Windows 10 Pro Creators Update (x64); Intel Core i7 with AES-NI and without SHA Extensions w/ HP Pro x2 612 G2 Detachable PC with LTE w/ Windows 10 Enterprise Creators Update (x64); 7/28/2017 RSADP: (Mod2048)

"The Microsoft Windows MsBignum Library algorithm implementation provides ECDSA and RSA support to other Microsoft libraries and cryptographic modules."

1282
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Microsoft Corporation
One Microsoft Way
Redmond, WA 98052-6399
USA

-Mike Grimm
TEL: 800-Microsoft

Windows 10 Creators Update (version 1703) Home, Pro, Enterprise, Education, Windows 10 S, Windows 10 Mobile MsBignum Cryptographic Implementations

Version 10.0.15063
Intel Core i5 with AES-NI and without SHA Extensions w/ Microsoft Surface Laptop w/ Windows 10 Pro Creators Update (x64); Intel Core i5 with AES-NI and without SHA Extensions w/ Microsoft Surface Laptop w/ Windows 10 Enterprise Creators Update (x64); Intel Core m3 with AES-NI and without SHA Extensions w/ Microsoft Surface Pro w/ Windows 10 Education Creators Update (x64); Intel Core i5 with AES-NI and without SHA Extensions w/ Microsoft Surface Laptop w/ Windows 10 S Creators Update (x64); Intel Core m3 with AES-NI and without SHA Extensions w/ Microsoft Surface Pro w/ Windows 10 Pro Creators Update (x64); Intel Core m3 with AES-NI and without SHA Extensions w/ Microsoft Surface Pro w/ Windows 10 Enterprise Creators Update (x64); Intel Core i7 with AES-NI and without SHA Extensions w/ Microsoft Surface Book w/ Windows 10 Enterprise Creators Update (x64); Intel Core i5 with AES-NI and without SHA Extensions w/ Microsoft Surface Pro 4 w/ Windows 10 Enterprise Creators Update (x64); Intel Core i7 with AES-NI and without SHA Extensions w/ Microsoft Surface Pro 3 w/ Windows 10 Pro Creators Update (x64); Intel Atom x7 with AES-NI and without SHA Extensions w/ Microsoft Surface 3 w/ Windows 10 Enterprise Creators Update (x64); Intel Atom x7 with AES-NI and without SHA Extensions w/ Microsoft Surface 3 with LTE w/ Windows 10 Pro Creators Update (x64); Intel Core i7 with AES-NI and without SHA Extensions w/ Microsoft Surface Studio w/ Windows 10 Enterprise Creators Update (x64); Intel Core i5 with AES-NI and without SHA Extensions w/ Microsoft Surface Hub w/ Windows 10 Creators Update (x64); Intel Core i5 with AES-NI and without SHA Extensions w/ Windows 10 Pro Creators Update on Hyper-V on Windows Server 2016 (x64); Qualcomm Snapdragon 808 (A57, A53) w/ Microsoft Lumia 950 w/ Windows 10 Mobile Creators Update (ARMv7); Qualcomm Snapdragon 810 (A57, A53) w/ Microsoft Lumia 950 XL w/ Windows 10 Mobile Creators Update (ARMv7); Qualcomm Snapdragon 212 (A7) w/ Microsoft Lumia 650 w/ Windows 10 Mobile Creators Update (ARMv7); Intel Core i5 with AES-NI and without SHA Extensions w/ Dell Latitude 5285 w/ Windows 10 Pro Creators Update (x64); Intel Core i3 without AES-NI and SHA Extensions w/ Dell Inspiron 660s w/ Windows 10 Creators Update (x86); Intel Xeon with AES-NI and without SHA Extensions w/ Dell Precision Tower 5810MT w/ Windows 10 Pro Creators Update (x64); Intel Xeon with AES-NI and without SHA Extensions w/ Dell PowerEdge R630 Server w/ Windows 10 Pro Creators Update (x64); Qualcomm Snapdragon 820 (Kryo) w/ HP Elite x3 w/ Windows 10 Mobile Creators Update (ARMv7); AMD A4 with AES-NI and without SHA Extensions w/ HP Compaq Pro 6305 w/ Windows 10 Pro Creators Update (x64); Intel Core i7 with AES-NI and without SHA Extensions w/ HP Pro x2 612 G2 Detachable PC with LTE w/ Windows 10 Enterprise Creators Update (x64); Intel Pentium with AES-NI and SHA Extensions w/ HP Slimline Desktop w/ Windows 10 Pro Creators Update (x64); Intel Core i5 with AES-NI and without SHA Extensions w/ Panasonic Toughbook w/ Windows 10 Pro Creators Update (x64) 7/28/2017 RSASP1: (Mod2048: PKCS1.5 )

"The Microsoft Windows MsBignum Library algorithm implementation provides ECDSA and RSA support to other Microsoft libraries and cryptographic modules."

1281
RSADP Primitive
FIPS186-4 RSA; RSADP
Microsoft Corporation
One Microsoft Way
Redmond, WA 98052-6399
USA

-Mike Grimm
TEL: 800-Microsoft

Windows 10 Creators Update (version 1703) Home, Pro, Enterprise, Education, Windows 10 S, Windows 10 Mobile SymCrypt Cryptographic Implementations

Version 10.0.15063
Intel Core i5 with AES-NI and without SHA Extensions w/ Microsoft Surface Laptop w/ Windows 10 Pro Creators Update (x64); Intel Core i5 with AES-NI and without SHA Extensions w/ Microsoft Surface Laptop w/ Windows 10 Enterprise Creators Update (x64); Intel Core m3 with AES-NI and without SHA Extensions w/ Microsoft Surface Pro w/ Windows 10 Education Creators Update (x64); Intel Core i5 with AES-NI and without SHA Extensions w/ Microsoft Surface Laptop w/ Windows 10 S Creators Update (x64); Intel Core m3 with AES-NI and without SHA Extensions w/ Microsoft Surface Pro w/ Windows 10 Pro Creators Update (x64); Intel Core m3 with AES-NI and without SHA Extensions w/ Microsoft Surface Pro w/ Windows 10 Enterprise Creators Update (x64); Intel Core i7 with AES-NI and without SHA Extensions w/ Microsoft Surface Book w/ Windows 10 Enterprise Creators Update (x64); Intel Core i5 with AES-NI and without SHA Extensions w/ Microsoft Surface Pro 4 w/ Windows 10 Enterprise Creators Update (x64); Intel Core i7 with AES-NI and without SHA Extensions w/ Microsoft Surface Pro 3 w/ Windows 10 Pro Creators Update (x64); Intel Atom x7 with AES-NI and without SHA Extensions w/ Microsoft Surface 3 w/ Windows 10 Enterprise Creators Update (x64); Intel Atom x7 with AES-NI and without SHA Extensions w/ Microsoft Surface 3 with LTE w/ Windows 10 Pro Creators Update (x64); Intel Core i7 with AES-NI and without SHA Extensions w/ Microsoft Surface Studio w/ Windows 10 Enterprise Creators Update (x64); Intel Core i5 with AES-NI and without SHA Extensions w/ Microsoft Surface Hub w/ Windows 10 Creators Update (x64); Intel Core i5 with AES-NI and without SHA Extensions w/ Windows 10 Pro Creators Update on Hyper-V on Windows Server 2016 (x64); Qualcomm Snapdragon 808 (A57, A53) w/ Microsoft Lumia 950 w/ Windows 10 Mobile Creators Update (ARMv7); Qualcomm Snapdragon 810 (A57, A53) w/ Microsoft Lumia 950 XL w/ Windows 10 Mobile Creators Update (ARMv7); Qualcomm Snapdragon 212 (A7) w/ Microsoft Lumia 650 w/ Windows 10 Mobile Creators Update (ARMv7); Intel Core i5 with AES-NI and without SHA Extensions w/ Dell Latitude 5285 w/ Windows 10 Pro Creators Update (x64); Intel Core i3 without AES-NI and SHA Extensions w/ Dell Inspiron 660s w/ Windows 10 Creators Update (x86); Intel Xeon with AES-NI and without SHA Extensions w/ Dell Precision Tower 5810MT w/ Windows 10 Pro Creators Update (x64); Intel Xeon with AES-NI and without SHA Extensions w/ Dell PowerEdge R630 Server w/ Windows 10 Pro Creators Update (x64); Qualcomm Snapdragon 820 (Kryo) w/ HP Elite x3 w/ Windows 10 Mobile Creators Update (ARMv7); AMD A4 with AES-NI and without SHA Extensions w/ HP Compaq Pro 6305 w/ Windows 10 Pro Creators Update (x64); Intel Core i7 with AES-NI and without SHA Extensions w/ HP Pro x2 612 G2 Detachable PC with LTE w/ Windows 10 Enterprise Creators Update (x64); Intel Pentium with AES-NI and SHA Extensions w/ HP Slimline Desktop w/ Windows 10 Pro Creators Update (x64); Intel Core i5 with AES-NI and without SHA Extensions w/ Panasonic Toughbook w/ Windows 10 Pro Creators Update (x64) 7/21/2017 RSADP: (Mod2048)

"The Microsoft Windows Next Generation Cryptographic algorithm implementation provides enhanced support for AES, DRBG, DSA, ECDSA, RSA, HMAC, KAS, KDF, SHS (SHA), and Triple-DES. All implementations are packaged into a library used by Microsoft and other third-party applications."

1280
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Microsoft Corporation
One Microsoft Way
Redmond, WA 98052-6399
USA

-Mike Grimm
TEL: 800-Microsoft

Windows 10 Creators Update (version 1703) Home, Pro, Enterprise, Education, Windows 10 S, Windows 10 Mobile SymCrypt Cryptographic Implementations

Version 10.0.15063
Intel Core i5 with AES-NI and without SHA Extensions w/ Microsoft Surface Laptop w/ Windows 10 Pro Creators Update (x64); Intel Core i5 with AES-NI and without SHA Extensions w/ Microsoft Surface Laptop w/ Windows 10 Enterprise Creators Update (x64); Intel Core m3 with AES-NI and without SHA Extensions w/ Microsoft Surface Pro w/ Windows 10 Education Creators Update (x64); Intel Core i5 with AES-NI and without SHA Extensions w/ Microsoft Surface Laptop w/ Windows 10 S Creators Update (x64); Intel Core m3 with AES-NI and without SHA Extensions w/ Microsoft Surface Pro w/ Windows 10 Pro Creators Update (x64); Intel Core m3 with AES-NI and without SHA Extensions w/ Microsoft Surface Pro w/ Windows 10 Enterprise Creators Update (x64); Intel Core i7 with AES-NI and without SHA Extensions w/ Microsoft Surface Book w/ Windows 10 Enterprise Creators Update (x64); Intel Core i5 with AES-NI and without SHA Extensions w/ Microsoft Surface Pro 4 w/ Windows 10 Enterprise Creators Update (x64); Intel Core i7 with AES-NI and without SHA Extensions w/ Microsoft Surface Pro 3 w/ Windows 10 Pro Creators Update (x64); Intel Atom x7 with AES-NI and without SHA Extensions w/ Microsoft Surface 3 w/ Windows 10 Enterprise Creators Update (x64); Intel Atom x7 with AES-NI and without SHA Extensions w/ Microsoft Surface 3 with LTE w/ Windows 10 Pro Creators Update (x64); Intel Core i7 with AES-NI and without SHA Extensions w/ Microsoft Surface Studio w/ Windows 10 Enterprise Creators Update (x64); Intel Core i5 with AES-NI and without SHA Extensions w/ Microsoft Surface Hub w/ Windows 10 Creators Update (x64); Intel Core i5 with AES-NI and without SHA Extensions w/ Windows 10 Pro Creators Update on Hyper-V on Windows Server 2016 (x64); Qualcomm Snapdragon 808 (A57, A53) w/ Microsoft Lumia 950 w/ Windows 10 Mobile Creators Update (ARMv7); Qualcomm Snapdragon 810 (A57, A53) w/ Microsoft Lumia 950 XL w/ Windows 10 Mobile Creators Update (ARMv7); Qualcomm Snapdragon 212 (A7) w/ Microsoft Lumia 650 w/ Windows 10 Mobile Creators Update (ARMv7); Intel Core i5 with AES-NI and without SHA Extensions w/ Dell Latitude 5285 w/ Windows 10 Pro Creators Update (x64); Intel Core i3 without AES-NI and SHA Extensions w/ Dell Inspiron 660s w/ Windows 10 Creators Update (x86); Intel Xeon with AES-NI and without SHA Extensions w/ Dell Precision Tower 5810MT w/ Windows 10 Pro Creators Update (x64); Intel Xeon with AES-NI and without SHA Extensions w/ Dell PowerEdge R630 Server w/ Windows 10 Pro Creators Update (x64); Qualcomm Snapdragon 820 (Kryo) w/ HP Elite x3 w/ Windows 10 Mobile Creators Update (ARMv7); AMD A4 with AES-NI and without SHA Extensions w/ HP Compaq Pro 6305 w/ Windows 10 Pro Creators Update (x64); Intel Core i7 with AES-NI and without SHA Extensions w/ HP Pro x2 612 G2 Detachable PC with LTE w/ Windows 10 Enterprise Creators Update (x64); Intel Pentium with AES-NI and SHA Extensions w/ HP Slimline Desktop w/ Windows 10 Pro Creators Update (x64); Intel Core i5 with AES-NI and without SHA Extensions w/ Panasonic Toughbook w/ Windows 10 Pro Creators Update (x64) 7/21/2017 RSASP1: (Mod2048: PKCS1.5 )

"The Microsoft Windows Next Generation Cryptographic algorithm implementation provides enhanced support for AES, DRBG, DSA, ECDSA, RSA, HMAC, KAS, KDF, SHS (SHA), and Triple-DES. All implementations are packaged into a library used by Microsoft and other third-party applications."

1279
Signature Generation of hash sized messages
FIPS186-4 ECDSA
Microsoft Corporation
One Microsoft Way
Redmond, WA 98052-6399
USA

-Mike Grimm
TEL: 800-Microsoft

Windows 10 Creators Update (version 1703) Home, Pro, Enterprise, Education, Windows 10 S, Windows 10 Mobile SymCrypt Cryptographic Implementations

Version 10.0.15063
Intel Core i5 with AES-NI and without SHA Extensions w/ Microsoft Surface Laptop w/ Windows 10 Pro Creators Update (x64); Intel Core i5 with AES-NI and without SHA Extensions w/ Microsoft Surface Laptop w/ Windows 10 Enterprise Creators Update (x64); Intel Core m3 with AES-NI and without SHA Extensions w/ Microsoft Surface Pro w/ Windows 10 Education Creators Update (x64); Intel Core i5 with AES-NI and without SHA Extensions w/ Microsoft Surface Laptop w/ Windows 10 S Creators Update (x64); Intel Core m3 with AES-NI and without SHA Extensions w/ Microsoft Surface Pro w/ Windows 10 Pro Creators Update (x64); Intel Core m3 with AES-NI and without SHA Extensions w/ Microsoft Surface Pro w/ Windows 10 Enterprise Creators Update (x64); Intel Core i7 with AES-NI and without SHA Extensions w/ Microsoft Surface Book w/ Windows 10 Enterprise Creators Update (x64); Intel Core i5 with AES-NI and without SHA Extensions w/ Microsoft Surface Pro 4 w/ Windows 10 Enterprise Creators Update (x64); Intel Core i7 with AES-NI and without SHA Extensions w/ Microsoft Surface Pro 3 w/ Windows 10 Pro Creators Update (x64); Intel Atom x7 with AES-NI and without SHA Extensions w/ Microsoft Surface 3 w/ Windows 10 Enterprise Creators Update (x64); Intel Atom x7 with AES-NI and without SHA Extensions w/ Microsoft Surface 3 with LTE w/ Windows 10 Pro Creators Update (x64); Intel Core i7 with AES-NI and without SHA Extensions w/ Microsoft Surface Studio w/ Windows 10 Enterprise Creators Update (x64); Intel Core i5 with AES-NI and without SHA Extensions w/ Microsoft Surface Hub w/ Windows 10 Creators Update (x64); Intel Core i5 with AES-NI and without SHA Extensions w/ Windows 10 Pro Creators Update on Hyper-V on Windows Server 2016 (x64); Qualcomm Snapdragon 808 (A57, A53) w/ Microsoft Lumia 950 w/ Windows 10 Mobile Creators Update (ARMv7); Qualcomm Snapdragon 810 (A57, A53) w/ Microsoft Lumia 950 XL w/ Windows 10 Mobile Creators Update (ARMv7); Qualcomm Snapdragon 212 (A7) w/ Microsoft Lumia 650 w/ Windows 10 Mobile Creators Update (ARMv7); Intel Core i5 with AES-NI and without SHA Extensions w/ Dell Latitude 5285 w/ Windows 10 Pro Creators Update (x64); Intel Core i3 without AES-NI and SHA Extensions w/ Dell Inspiron 660s w/ Windows 10 Creators Update (x86); Intel Xeon with AES-NI and without SHA Extensions w/ Dell Precision Tower 5810MT w/ Windows 10 Pro Creators Update (x64); Intel Xeon with AES-NI and without SHA Extensions w/ Dell PowerEdge R630 Server w/ Windows 10 Pro Creators Update (x64); Qualcomm Snapdragon 820 (Kryo) w/ HP Elite x3 w/ Windows 10 Mobile Creators Update (ARMv7); AMD A4 with AES-NI and without SHA Extensions w/ HP Compaq Pro 6305 w/ Windows 10 Pro Creators Update (x64); Intel Core i7 with AES-NI and without SHA Extensions w/ HP Pro x2 612 G2 Detachable PC with LTE w/ Windows 10 Enterprise Creators Update (x64); Intel Pentium with AES-NI and SHA Extensions w/ HP Slimline Desktop w/ Windows 10 Pro Creators Update (x64); Intel Core i5 with AES-NI and without SHA Extensions w/ Panasonic Toughbook w/ Windows 10 Pro Creators Update (x64) 7/21/2017 ECDSA SigGen Component: CURVES( P-256 P-384 P-521 )

"The Microsoft Windows Next Generation Cryptographic algorithm implementation provides enhanced support for AES, DRBG, DSA, ECDSA, RSA, HMAC, KAS, KDF, SHS (SHA), and Triple-DES. All implementations are packaged into a library used by Microsoft and other third-party applications."

1278
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
Section 4.2,
TLS
SP800-135
Microsoft Corporation
One Microsoft Way
Redmond, WA 98052-6399
USA

-Mike Grimm
TEL: 800-Microsoft

Windows 10 Creators Update (version 1703) Home, Pro, Enterprise, Education, Windows 10 S, Windows 10 Mobile SymCrypt Cryptographic Implementations

Version 10.0.15063
Intel Core i5 with AES-NI and without SHA Extensions w/ Microsoft Surface Laptop w/ Windows 10 Pro Creators Update (x64); Intel Core i5 with AES-NI and without SHA Extensions w/ Microsoft Surface Laptop w/ Windows 10 Enterprise Creators Update (x64); Intel Core m3 with AES-NI and without SHA Extensions w/ Microsoft Surface Pro w/ Windows 10 Education Creators Update (x64); Intel Core i5 with AES-NI and without SHA Extensions w/ Microsoft Surface Laptop w/ Windows 10 S Creators Update (x64); Intel Core m3 with AES-NI and without SHA Extensions w/ Microsoft Surface Pro w/ Windows 10 Pro Creators Update (x64); Intel Core m3 with AES-NI and without SHA Extensions w/ Microsoft Surface Pro w/ Windows 10 Enterprise Creators Update (x64); Intel Core i7 with AES-NI and without SHA Extensions w/ Microsoft Surface Book w/ Windows 10 Enterprise Creators Update (x64); Intel Core i5 with AES-NI and without SHA Extensions w/ Microsoft Surface Pro 4 w/ Windows 10 Enterprise Creators Update (x64); Intel Core i7 with AES-NI and without SHA Extensions w/ Microsoft Surface Pro 3 w/ Windows 10 Pro Creators Update (x64); Intel Atom x7 with AES-NI and without SHA Extensions w/ Microsoft Surface 3 w/ Windows 10 Enterprise Creators Update (x64); Intel Atom x7 with AES-NI and without SHA Extensions w/ Microsoft Surface 3 with LTE w/ Windows 10 Pro Creators Update (x64); Intel Core i7 with AES-NI and without SHA Extensions w/ Microsoft Surface Studio w/ Windows 10 Enterprise Creators Update (x64); Intel Core i5 with AES-NI and without SHA Extensions w/ Microsoft Surface Hub w/ Windows 10 Creators Update (x64); Intel Core i5 with AES-NI and without SHA Extensions w/ Windows 10 Pro Creators Update on Hyper-V on Windows Server 2016 (x64); Qualcomm Snapdragon 808 (A57, A53) w/ Microsoft Lumia 950 w/ Windows 10 Mobile Creators Update (ARMv7); Qualcomm Snapdragon 810 (A57, A53) w/ Microsoft Lumia 950 XL w/ Windows 10 Mobile Creators Update (ARMv7); Qualcomm Snapdragon 212 (A7) w/ Microsoft Lumia 650 w/ Windows 10 Mobile Creators Update (ARMv7); Intel Core i5 with AES-NI and without SHA Extensions w/ Dell Latitude 5285 w/ Windows 10 Pro Creators Update (x64); Intel Core i3 without AES-NI and SHA Extensions w/ Dell Inspiron 660s w/ Windows 10 Creators Update (x86); Intel Xeon with AES-NI and without SHA Extensions w/ Dell Precision Tower 5810MT w/ Windows 10 Pro Creators Update (x64); Intel Xeon with AES-NI and without SHA Extensions w/ Dell PowerEdge R630 Server w/ Windows 10 Pro Creators Update (x64); Qualcomm Snapdragon 820 (Kryo) w/ HP Elite x3 w/ Windows 10 Mobile Creators Update (ARMv7); AMD A4 with AES-NI and without SHA Extensions w/ HP Compaq Pro 6305 w/ Windows 10 Pro Creators Update (x64); Intel Core i7 with AES-NI and without SHA Extensions w/ HP Pro x2 612 G2 Detachable PC with LTE w/ Windows 10 Enterprise Creators Update (x64); Intel Pentium with AES-NI and SHA Extensions w/ HP Slimline Desktop w/ Windows 10 Pro Creators Update (x64); Intel Core i5 with AES-NI and without SHA Extensions w/ Panasonic Toughbook w/ Windows 10 Pro Creators Update (x64) 7/21/2017 IKEv1( AUTH( DSA , PKE , PSK ) ) ( 2048 (SHA 256 ) ) ( 256 (SHA 256 ) ) ( 384 (SHA 384 ) ) SHA Val#3790 HMAC Val#3061
IKEv2( ( 2048 (SHA 256 ) ) ( 256 (SHA 256 ) ) ( 384 (SHA 384 ) ) SHA Val#3790 HMAC Val#3061
TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#3790 HMAC Val#3061

"The Microsoft Windows Next Generation Cryptographic algorithm implementation provides enhanced support for AES, DRBG, DSA, ECDSA, RSA, HMAC, KAS, KDF, SHS (SHA), and Triple-DES. All implementations are packaged into a library used by Microsoft and other third-party applications."

1277
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Hewlett-Packard Development Company, L.P.
11445 Compaq Center Dr. W
Houston, TX 77070
USA

-Timothy McDonough

Hewlett Packard Enterprise SSL Crypto Module Engine

Version 2.1
ARM i.MX6 w/ Linux 3.0.35 7/21/2017 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"Hewlett Packard Enterprise SSL crypto module engine is part of the FIPS validated OpenSSL cryptographic provider for Hewlett Packard Enterprise components. The module features robust algorithm support including CNSA algorithms. The module provides services for secure communications, secure key management, data integrity and data encryption."

1276
Section 5.7.1.2: ECC CDH Primitive

All of SP800-56A EXCEPT KDF
SP800-56A

SP800-56A
SUSE, LLC
10 Canal Park, Suite 200
Cambridge, MA 02141
USA

-Andreas Stieger
TEL: +49 911 74053 384

-Thomas Biege
TEL: +49 911 74053 500

SUSE OpenSSL using assembler implementation of AES, SHA and GHASH

Version 3.0
z13 w/ SUSE Linux Enterprise Server 12 SP2 7/21/2017 Curves tested: P-224   P-256   P-384   P-521
FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation   Key Regeneration )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC DSA Val#1221 SHS Val#3788 DRBG Val#1552
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation   Partial Validation   Key Regeneration )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 ECDSA Val#1131 SHS Val#3788 DRBG Val#1552

"This test covers assembler implementation of AES, SHA and GHASH."

1275
All of SP800-56A EXCEPT KDF
SP800-56A
Fortinet Inc.
1090 Kifer Road
Sunnyvale, CA 94086-5301
USA

-Alan Kaye
TEL: 613-225-9381 x7416
FAX: 613-225-9951

Fortinet FortiWeb SSL Cryptographic Library

Version 5.5 (Firmware)
Intel Xeon E5 series 7/21/2017 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: Partial Validation )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC

"This document focuses on the firmware implementation of the Fortinet FortiWeb SSL Cryptographic Library v5.5 running on Intel x86 compatible processors."

1274
Section 5.2, SSH
SP800-135
McAfee, Inc.
2821 Mission College Blvd.
Santa Clara, CA 95054
USA

-Mark Hanson
TEL: 972-963-7326

McAfee NSP NS SSH Lib

Version 6.4_8.1.17.30 (Firmware)
Intel Xeon E5 Family 7/21/2017 SSH (SHA 1 , 256 , 512 ) SHA Val#3783

"Cryptographic services for the McAfee NSP Intrusion Prevention appliances"

1273
Section 4.2,
TLS
SP800-135
McAfee, Inc.
2821 Mission College Blvd.
Santa Clara, CA 95054
USA

-Mark Hanson
TEL: 972-963-7326

McAfee NSP NS Crypto Lib

Version 2.0.5_8.1.17.30 (Firmware)
Intel Xeon E5 Family; Intel Atom C Family 7/21/2017 TLS( TLS1.2 (SHA 256 ) ) SHA Val#3783 HMAC Val#3055

"Cryptographic services for the McAfee NSP Intrusion Prevention appliances"

1272
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
SP800-135
Fortinet Inc.
1090 Kifer Road
Sunnyvale, CA 94086-5301
USA

-Alan Kaye
TEL: 613-225-9381 x87416
FAX: 613-225-9951

Fortinet FortiOS FIPS Cryptographic Library

Version 5.4 (Firmware)
ARM v5 Compatible (SoC2); ARM v7 Compatible (SoC3); Intel Celeron; Intel Xeon E5; Intel i3 Series; Intel i5 Series; Intel i7 Series 7/14/2017 IKEv1( AUTH( DSA , PKE , PSK ) ) ( 2048 (SHA 1 , 256 , 384 , 512 ) ) ( 3072 (SHA 1 , 256 , 384 , 512 ) ) ( 8192 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#3777 HMAC Val#3050
IKEv2( ( 224 (SHA 1 , 256 , 384 , 512 ) ) ( 8192 (SHA 1 , 256 , 384 , 512 ) ) ( 2048 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#3777 HMAC Val#3050

"This document focuses on the firmware implementation of the Fortinet FortiOS FIPS Cryptographic Library v5.4 running on Intel x86 compatible processors."

1271
All of SP800-56A EXCEPT KDF
SP800-56A
Fortinet Inc.
1090 Kifer Road
Sunnyvale, CA 94086-5301
USA

-Alan Kaye
TEL: 613-225-9381 x87416
FAX: 613-225-9951

Fortinet FortiOS FIPS Cryptographic Library

Version 5.4 (Firmware)
ARM v5 Compatible (SoC2); ARM v7 Compatible (SoC3); Intel Celeron; Intel Xeon E5; Intel i3 Series; Intel i5 Series; Intel i7 Series 7/14/2017 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: Partial Validation )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC SHS Val#3777 DRBG Val#1543

"This document focuses on the firmware implementation of the Fortinet FortiOS FIPS Cryptographic Library v5.4 running on Intel x86 compatible processors."

1270
All of SP800-56A EXCEPT KDF
SP800-56A
Pulse Secure LLC
2700 Zanker Road Suite 200
San Jose, CA 95134
USA

-Yvonne Sang
TEL: 510-303-3804

Pulse Secure Cryptographic Module ECDH

Version 2.0
MAG2600, Intel Atom, N270, 1.6GHz w/ IVE OS 2.0 (32-bit); MAG4610, SM160, Intel Core 2 Duo E2160 1.8 GHz w/ IVE OS 2.0 (64-bit); MAG6610, SM360, Intel Core-2 Quad Q9400 2.66GHz w/ IVE OS 2.0 (64-bit); PSA300, PSA3000, Intel Celeron Processor J1900 2.42GHz w/ IVE OS 2.0 (64-bit); PSA5000, Intel PENTIUM G3420 2C/2T 3.2G w/ IVE OS 2.0 (64-bit); PSA7000f, PSA7000c, Intel Xeon E3-1275v3(x86) w/ IVE OS 2.0 (64-bit); Dell Power Edge R430/R530, Intel Xeon E5-2620 v4 2.1GHz w/ IVE OS 2.0 (64-bit) 7/14/2017 ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: DPV )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 EE: P-521 ECDSA Val#1026 SHS Val#3577 DRBG Val#1384

"The Pulse Secure Cryptographic Module provides secure cryptographic services. It enables dynamic SSL VPN, NAC, mobile security, online meetings and collaboration, and application acceleration while removing the complexities of device type and security state, location, identity, and adherence to policies."

1269
Section 4.1.1,
IKEv1
Section 5.2, SSH
SP800-135
Oracle Communications
100 Crosby Drive
Bedford, MA 01730
USA

-Madhu Mathiyalagan
TEL: (781) 578-7514

-Chris Brych
TEL: (613) 216-3078

Oracle Acme Packet Mocana Cryptographic Library

Version ECz 7.5.0
Intel Xeon E5-2600 V3 w/ Oracle Linux 7 on VMware ESXi 6.0 7/14/2017 IKEv1( AUTH( PSK ) ) ( 2048 (SHA 1 , 256 ) ) SHA Val#3775 HMAC Val#3049
SSH (SHA 1 , 256 ) SHA Val#3775

"The Acme Packet Virtual Machine Edition (VME) is a software only implementation of the Oracle Acme Packet Session Border Controller that provides the critical controls for delivering trusted, real-time communications - voice, video, and application data sessions - across Internet Protocol (IP) network borders."

1268
Section 5.4, SNMP
SP800-135
Symantec Corporation
350 Ellis Street
Mountain View, CA 94043
USA

-Ian Hall
TEL: 703-598-6876

-Diana Robinson
TEL: 845-454-6397

SG VA SNMP Library

Version 5.7.2_1
Intel Xeon E5 Broadwell on VMWare ESXi v6.0 w/ SGOS 6.7 7/14/2017 SNMP SHA1 Val#3772

"The SG VA SNMP Library provides the necessary SNMP protocol support developed specifically for use in the Secure Web Gateway appliance line."

1267
Section 5.2, SSH
SP800-135
Symantec Corporation
350 Ellis Street
Mountain View, CA 94043
USA

-Ian Hall
TEL: 703-598-6876

-Diana Robinson
TEL: 845-454-6397

SG VA SSH Library

Version 7.2_2
Intel Xeon E5 Broadwell on VMWare ESXi v6.0 w/ SGOS 6.7 7/14/2017 SSH (SHA 1 , 256 , 384 , 512 ) SHA Val#3772

"The SG VA SSH Library provides the necessary SSH key derivation functionality developed specifically for use in the Secure Web Gateway appliance line."

1266
All of SP800-56A EXCEPT KDF
SP800-56A
Symantec Corporation
350 Ellis Street
Mountain View, CA 94043
USA

-Ian Hall
TEL: 703-598-6876

-Diana Robinson
TEL: 845-454-6397

SG VA Cryptograpchic Library

Version 4.1.1
Intel Xeon E5 Broadwell on VMWare ESXi v6.0 w/ SGOS 6.7 7/14/2017 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: Full Validation )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC SHS Val#3772 DRBG Val#1541
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: Partial Validation )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 EE: P-521 SHS Val#3772 DRBG Val#1541

"The SG VA Crypto Library provides the necessary cryptographic services developed specifically for use in the Secure Web Gateway appliance line."

1265
Section 4.2,
TLS
SP800-135
Symantec Corporation
350 Ellis Street
Mountain View, CA 94043
USA

-Ian Hall
TEL: 703-598-6876

-Diana Robinson
TEL: 845-454-6397

SG VA TLS Library

Version 4.1.1
Intel Xeon E5 Broadwell on VMWare ESXi v6.0 w/ SGOS 6.7 7/14/2017 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#3772 HMAC Val#3046

"The SG VA TLS Library provides the necessary SSL/TLS protocol support developed specifically for use in the Secure Web Gateway appliance line."

1264
Section 4.2,
TLS
SP800-135
SUSE, LLC
10 Canal Park, Suite 200
Cambridge, MA 02141
USA

-Andreas Stieger
TEL: +49 911 74053 384

-Thomas Biege
TEL: +49 911 74053 500

SUSE OpenSSL using SHA assembler

Version 3.0
Intel Xeon E5 family w/ SUSE Linux Enterprise Server 12 SP2 7/14/2017 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#3771 HMAC Val#3045

"This test covers generic assembler implementation of SHA."

1263
Section 5.7.1.2: ECC CDH Primitive

All of SP800-56A EXCEPT KDF
SP800-56A

SP800-56A
SUSE, LLC
10 Canal Park, Suite 200
Cambridge, MA 02141
USA

-Andreas Stieger
TEL: +49 911 74053 384

-Thomas Biege
TEL: +49 911 74053 500

SUSE OpenSSL using SHA assembler

Version 3.0
Intel Xeon E5 family w/ SUSE Linux Enterprise Server 12 SP2 7/14/2017 Curves tested: P-224   P-256   P-384   P-521
FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation   Key Regeneration )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC DSA Val#1220 SHS Val#3771 DRBG Val#1539
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation   Partial Validation   Key Regeneration )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 ECDSA Val#1127 SHS Val#3771 DRBG Val#1539

"This test covers generic assembler implementation of SHA."

1262
Section 5.7.1.2: ECC CDH Primitive

All of SP800-56A EXCEPT KDF
SP800-56A

SP800-56A
Forcepoint LLC
10900-A Stonelake Blvd
Ste. 350
Austin, TX 78759
USA

-Klaus Majewski
TEL: 1-858-320-8000

-Jorma Levomäki
TEL: 1-858-320-8000

Forcepoint NGFW Cryptographic Library Module (3305)

Version 2.0
Intel Xeon E5 w/ GNU / Linux (Debian) 9.0 -based distribution 7/14/2017 Curves tested: P-224   P-256   P-384   P-521
FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: Full Validation )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC DSA Val#1219 SHS Val#3767 DRBG Val#1534
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 ECDSA Val#1126 SHS Val#3767 DRBG Val#1534

"Forcepoint NGFW Cryptographic Library is a software module that provides cryptographic services required by the Forcepoint NGFW product."

1261
Section 5.7.1.2: ECC CDH Primitive

All of SP800-56A EXCEPT KDF
SP800-56A

SP800-56A
Forcepoint LLC
10900-A Stonelake Blvd
Ste. 350
Austin, TX 78759
USA

-Klaus Majewski
TEL: 1-858-320-8000

-Jorma Levomäki
TEL: 1-858-320-8000

Forcepoint NGFW Cryptographic Library Module (2105)

Version 2.0
Intel Xeon D w/ GNU / Linux (Debian) 9.0 -based distribution 7/14/2017 Curves tested: P-224   P-256   P-384   P-521
FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: Full Validation )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC DSA Val#1218 SHS Val#3766 DRBG Val#1533
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 ECDSA Val#1125 SHS Val#3766 DRBG Val#1533

"Forcepoint NGFW Cryptographic Library is a software module that provides cryptographic services required by the Forcepoint NGFW product."

1260
Section 5.7.1.2: ECC CDH Primitive

All of SP800-56A EXCEPT KDF
SP800-56A

SP800-56A
Forcepoint LLC
10900-A Stonelake Blvd
Ste. 350
Austin, TX 78759
USA

-Klaus Majewski
TEL: 1-858-320-8000

-Jorma Levomäki
TEL: 1-858-320-8000

Forcepoint NGFW Cryptographic Library Module (325)

Version 2.0
Intel Atom C w/ GNU / Linux (Debian) 9.0 -based distribution 7/14/2017 Curves tested: P-224   P-256   P-384   P-521
FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: Full Validation )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC DSA Val#1217 SHS Val#3765 DRBG Val#1532
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 ECDSA Val#1124 SHS Val#3765 DRBG Val#1532

"Forcepoint NGFW Cryptographic Library is a software module that provides cryptographic services required by the Forcepoint NGFW product."

1259
All of SP800-56A EXCEPT KDF
SP800-56A
IBM Corporation
2455 South Road
Poughkeepsie, New York 12601-5400
USA

-John Monti
TEL: 845-435-4164

IBM z/OS(R) Cryptographic Services ICSF PKCS #11

Version OA52336
IBM z13 w/ IBM z/OS(R) v2.2 7/8/2017 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: Partial Validation )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC MQV1: (KARole: Initiator / Responder ) FB FC Static: (KARole: Initiator / Responder ) FB FC DSA Val#1216 SHS Val#3761 DRBG Val#1530
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: Partial Validation )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 OnePassDH: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 StaticUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 ECDSA Val#1123 SHS Val#3761 DRBG Val#1530
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#1259.

"ICSF is a software element of z/OS that works with hardware cryptographic features and the Security Server (RACF) to provide secure, high-speed cryptographic services in the z/OS environment. ICSF, which runs as a started task, provides the application programming interfaces by which applications request the cryptographic services."

1258
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
Section 4.2,
TLS
Section 5.2, SSH
Section 5.3, SRTP
Section 5.4, SNMP
SP800-135
Cisco Systems, Inc
170 W Tasman Drive
San Jose, California 95134
USA

-Clint Winebrenner
TEL: 919.392.6250

IOS Common Cryptographic Module (IC2M)

Version Rel5 (Firmware)
MIPS64; Intel Atom; Intel Xeon on ESXi 5.5; PPC405; PPCe500; PPCe5500; Intel Core i3; Intel Pentium; Intel Xeon; PPC465 7/8/2017 IKEv1( AUTH( DSA , PSK ) ) ( 2048 (SHA 1 , 256 ) ) SHA Val#3760 HMAC Val#3034
IKEv2( ( 2048 (SHA 1 , 256 ) ) SHA Val#3760 HMAC Val#3034
TLS( TLS1.0/1.1 ) SHA Val#3760 HMAC Val#3034
SSH (SHA 1 ) SHA Val#3760
SRTP (AES 128 , 192 , 256 ) AES Val#4583
SNMP SHA1 Val#3760

"The IC2M module provides the FIPS validated cryptographic algorithms for services requiring those algorithms. The module does not implement any protocols directly. Instead, it provides the cryptographic primitives and functions to allow IOS to implement those various protocols."

1257
All of SP800-56A EXCEPT KDF
SP800-56A
Cisco Systems, Inc
170 W Tasman Drive
San Jose, California 95134
USA

-Clint Winebrenner
TEL: 919.392.6250

IOS Common Cryptographic Module (IC2M)

Version Rel5 (Firmware)
MIPS64; Intel Atom; Intel Xeon on ESXi 5.5; PPC405; PPCe500; PPCe5500; Intel Core i3; Intel Pentium; Intel Xeon; PPC465 7/8/2017 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: Partial Validation )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FC SHS Val#3760 DRBG Val#1529
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: Full Validation Partial Validation )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 ECDSA Val#1122 DRBG Val#1529

"The IC2M module provides the FIPS validated cryptographic algorithms for services requiring those algorithms. The module does not implement any protocols directly. Instead, it provides the cryptographic primitives and functions to allow IOS to implement those various protocols."

08/09/17: Added new tested information;

1256
Section 5.2, SSH
SP800-135
L3 Communications Canada / Targa Systems Division
2081 Merivale Road
Ottawa, ON K2G1G9
Canada

-Dave Saunders
TEL: 613-727-9876
FAX: 613-727-1705

Series 4 Gen 3 DTU

Version 1.0.0-32004093 (Firmware)
Freescale P1022 6/30/2017 SSH (SHA 1 , 256 , 384 , 512 ) SHA Val#3755

"Network Attached Storage device with removable storage."

1255
Section 4.2,
TLS
Section 5.3, SRTP
Section 5.4, SNMP
SP800-135
Oracle Communications
100 Crosby Drive
Bedford, MA 01730
USA

-Madhu Mathiyalagan
TEL: (781) 578-7514

-Chris Brych
TEL: (613) 216-3078

Oracle Acme Packet OpenSSL Cryptographic Library

Version ECz 7.5.0
Intel Xeon E5-2600 V3 w/ Oracle Linux 7 on VMware ESXi 6.0 6/30/2017 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#3754 HMAC Val#3028
SRTP (AES 128 ) AES Val#4577
SNMP SHA1 Val#3754

"The Acme Packet Virtual Machine Edition (VME) is a software only implementation of the Oracle Acme Packet Session Border Controller that provides the critical controls for delivering trusted, real-time communications - voice, video, and application data sessions - across Internet Protocol (IP) network borders."

1254
Section 5.2, SSH
SP800-135
Oracle Corporation
500 Oracle Parkway
Redwood Shores, CA 94065
USA

-Linda Gallops
TEL: +1 704.972.5018
FAX: +1 980.355.5399

-Chris Brych
TEL: +1 613.216.3078

Oracle Linux 6 OpenSSH Server & Client

Version R6-1.0.0
Intel® Xeon® E5-2699 v4 w/ Oracle Linux 6.9 64 bit 6/30/2017 SSH (SHA 256 , 384 , 512 ) SHA Val#3718 SHA Val#3714 SHA Val#3716

"Oracle Linux OpenSSH Cryptographic Module is a software module which supplies cryptographic support for the SSH protocol"

1253
Section 5.2, SSH
SP800-135
Oracle Corporation
500 Oracle Parkway
Redwood Shores, CA 94065
USA

-Linda Gallops
TEL: +1 704.972.5018
FAX: +1 980.355.5399

-Chris Brych
TEL: +1 613.216.3078

Oracle Linux 7 OpenSSH Server & Client

Version R7-2.0.0
Intel® Xeon® E5-2699 v4 w/ Oracle Linux 7.3 64 bit 6/30/2017 SSH (SHA 1 , 256 , 384 , 512 ) SHA Val#3719 SHA Val#3715 SHA Val#3717

"Oracle Linux OpenSSH Cryptographic Module is a software module that supplies cryptographic support for the SSH protocol."

1252
Section 5.7.1.2: ECC CDH Primitive

All of SP800-56A EXCEPT KDF
SP800-56A

SP800-56A
F5 Networks
401 Elliott Avenue West
Seattle, WA 98119
USA

-Maryrita Steinhour
TEL: 206-272-7351

-John Hughes
TEL: 206-272-6038

Crypto for BIG-IP with AES and SHA assembler

Version 12.1.2 HF1
Intel E5-2658 v2 w/ BIG-IP 12.1.2 HF1 6/23/2017 Curves tested: P-256   P-384
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG Partial Validation )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 ECDSA Val#1120 SHS Val#3753 DRBG Val#1523

"Cryptographic library running on vCMP offering various cryptographic mechanisms to BigIP product."

1251
Section 5.7.1.2: ECC CDH Primitive

All of SP800-56A EXCEPT KDF
SP800-56A

SP800-56A
F5 Networks
401 Elliott Avenue West
Seattle, WA 98119
USA

-Maryrita Steinhour
TEL: 206-272-7351

-John Hughes
TEL: 206-272-6038

Crypto for BIG-IP with AES and SHA assembler

Version 12.1.2 HF1
Intel E5-2658 v3 w/ BIG-IP 12.1.2 HF1 6/23/2017 Curves tested: P-256   P-384
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG Partial Validation )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 ECDSA Val#1119 SHS Val#3750 DRBG Val#1520

"Cryptographic library offering various cryptographic mechanisms to BigIP product."

1250
Section 5.7.1.2: ECC CDH Primitive

All of SP800-56A EXCEPT KDF
SP800-56A

SP800-56A
F5 Networks
401 Elliott Avenue West
Seattle, WA 98119
USA

-Maryrita Steinhour
TEL: 206-272-7351

-John Hughes
TEL: 206-272-6038

Crypto for BIG-IP with AES and SHA assembler

Version 12.1.2 HF1
Intel E5-2658 v2 w/ BIG-IP 12.1.2 HF1 6/23/2017 Curves tested: P-256   P-384
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG Partial Validation )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 ECDSA Val#1118 SHS Val#3749 DRBG Val#1519

"Cryptographic library offering various cryptographic mechanisms to BigIP product."

1249
Section 5.7.1.2: ECC CDH Primitive

All of SP800-56A EXCEPT KDF
SP800-56A

SP800-56A
F5 Networks
401 Elliott Avenue West
Seattle, WA 98119
USA

-Maryrita Steinhour
TEL: 206-272-7351

-John Hughes
TEL: 206-272-6038

Crypto for BIG-IP with AES and SHA assembler

Version 12.1.2 HF1
Intel E5-2658 v2 w/ BIG-IP 12.1.2 HF1 6/23/2017 Curves tested: P-256   P-384
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG Partial Validation )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 ECDSA Val#1117 SHS Val#3747 DRBG Val#1517

"Cryptographic library offering various cryptographic mechanisms to BigIP product."

1248
Section 5.7.1.2: ECC CDH Primitive

All of SP800-56A EXCEPT KDF
SP800-56A

SP800-56A
F5 Networks
401 Elliott Avenue West
Seattle, WA 98119
USA

-Maryrita Steinhour
TEL: 206-272-7351

-John Hughes
TEL: 206-272-6038

Crypto for BIG-IP with AES and SHA assembler

Version 12.1.2 HF1
Intel E5-1650 v4 w/ BIG-IP 12.1.2 HF1 6/23/2017 Curves tested: P-256   P-384
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG Partial Validation )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 ECDSA Val#1116 SHS Val#3745 DRBG Val#1515

"Cryptographic library offering various cryptographic mechanisms to BigIP product."

1247
Section 5.7.1.2: ECC CDH Primitive

All of SP800-56A EXCEPT KDF
SP800-56A

SP800-56A
F5 Networks
401 Elliott Avenue West
Seattle, WA 98119
USA

-Maryrita Steinhour
TEL: 206-272-7351

-John Hughes
TEL: 206-272-6038

Crypto for BIG-IP with AES and SHA assembler

Version 12.1.2 HF1
Intel E5-1630 v4 w/ BIG-IP 12.1.2 HF1 6/23/2017 Curves tested: P-256   P-384
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG Partial Validation )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 ECDSA Val#1115 SHS Val#3743 DRBG Val#1115

"Cryptographic library offering various cryptographic mechanisms to BigIP product."

1246
Section 4.2,
TLS
SP800-135
Futurex
864 Old Boerne Road
Bulverde, TX 78163
USA

-Futurex Security Certifications
TEL: 830-980-9782

OpenSSL

Version 6.2.0.0 (Firmware)
TI AM3352 6/23/2017 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#3741 HMAC Val#3015

"The Crypto Library includes HMAC, CMAC, SP 800-90 DRBG, ECDSA, SHA, RSA, ECC, KDF, GCM, AES, and TDES algorithms for use in the Futurex cryptographic module."

1245
Section 4.1.2,
IKEv2
Section 4.2,
TLS
Section 5.2, SSH
Section 5.3, SRTP
Section 5.4, SNMP
SP800-135
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134
USA

-Kelvin Desplanque
TEL: 6137887216

CiscoSSL FIPS Object Module

Version 6.0 (Firmware)
Intel Xeon 6/23/2017 IKEv2( ( 2048 (SHA 1 ) ) SHA Val#3739 HMAC Val#3013
TLS( TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#3739 HMAC Val#3013
SSH (SHA 1 , 224 , 256 , 384 , 512 ) SHA Val#3739
SRTP (AES 128 , 192 , 256 ) AES Val#4561
SNMP SHA1 Val#3739

"The Cisco FIPS Object Module (FOM) is firmware that provides cryptographic services to a vast array of Cisco''s networking and collaboration products."

1244
All of SP800-56A EXCEPT KDF
SP800-56A
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134
USA

-Kelvin Desplanque
TEL: 6137887216

CiscoSSL FIPS Object Module

Version 6.0 (Firmware)
Intel Xeon 6/23/2017 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC DSA Val#1213 SHS Val#3739 DRBG Val#1509
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 EE: P-521 ECDSA Val#1113 SHS Val#3739 DRBG Val#1509

"The Cisco FIPS Object Module (FOM) is firmware that provides cryptographic services to a vast array of Cisco''s networking and collaboration products."

1240
Signature Generation of hash sized messages
FIPS186-4 ECDSA
Google Inc.
1600 Amphitheatre Parkway
Mountain View, CA 94043
USA

-Adam Langley

BoringCrypto

Version 24e5886c0edfc409c8083d10f9f1120111efd6f5
POWER9 w/ Ubuntu Linux 17.04; POWER8 w/ Ubuntu Linux 17.04; Intel Xeon E5 w/ Ubuntu Linux 16.04; Intel Xeon E5 without PAA w/ Ubuntu Linux 14.04 LTS; POWER8 without PAA w/ Ubuntu Linux 15.04 6/21/2017 ECDSA SigGen Component: CURVES( P-224 P-256 P-384 P-521 )

"A software library that contains cryptographic functionality to serve BoringSSL and other user-space applications."

07/11/17: Added new tested information;

1239
Section 5.4, SNMP
SP800-135
Symantec Corporation
305 Ellis Street
Mountain View, CA 94043
USA

-Ian Hall
TEL: 703-598-6876

-Diana Robinson
TEL: 845-454-6397

ASG SNMP Library

Version 5.7.2_1
Intel Xeon E5 Ivy Bridge w/ ASG 6.7; Intel Xeon E5 Sandy Bridge w/ SGOS 6.7; Intel Xeon E5 Ivy Bridge w/ SGOS 6.7; Intel Xeon E5 Broadwell w/ SGOS 6.7 6/21/2017 SNMP SHA1 Val#3730

"The SGOS SNMP Library provides the necessary SNMP protocol support developed specifically for use in the ProxySG, Reverse Proxy, and ASG."

08/09/17: Updated implementation and vendor information;

1238
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Senetas Corporation Ltd, distributed by Gemalto NV (SafeNet)
312 Kings Way
South Melbourne, Victoria 3025
Australia

-John Weston
TEL: +61 3 9868 4555
FAX: +61 3 9821 4899

CN9000 Series Common Crypto Library

Version 3.0.1 (Firmware)
ARM Cortex A9 6/21/2017 TLS( TLS1.0/1.1 ) SHA Val#3734 HMAC Val#3010
SSH (SHA 1 , 256 , 384 , 512 ) SHA Val#3734
SNMP SHA1 Val#3734

"The CN9000 Series Common Crypto Library Module provides FIPS 140-2 approved cryptographic algorithms for CN9000 Series Encryptors. Based upon OpenSSL the Common Crypto Library provides an Application Programming Interface (API) to support security relevant services."

1237
Section 4.2,
TLS
SP800-135
Symantec Corporation
305 Ellis Street
Mountain View, CA 94043
USA

-Ian Hall
TEL: 703-598-6876

-Diana Robinson
TEL: 845-454-6397

SGOS TLS Library

Version 4.1.1
Intel Xeon E5 Ivy Bridge w/ ASG 6.7; Intel Xeon E5 Sandy Bridge w/ SGOS 6.7; Intel Xeon E5 Sandy Bridge w/ SGOS 6.7; Intel Xeon E5 Sandy Bridge w/ SGOS 6.7 6/21/2017 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#3730 HMAC Val#3006

"The SGOS TLS Library provides the necessary SSL/TLS protocol support developed specifically for use in the ProxySG, Reverse Proxy, and ASG."

08/09/17: Updated implementation and vendor information;

1236
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Senetas Corporation Ltd, distributed by Gemalto NV (SafeNet)
312 Kings Way
South Melbourne, Victoria 3025
Australia

-John Weston
TEL: +61 3 9868 4555
FAX: +61 3 9821 4899

CN6000 Series Common Crypto Library

Version 3.0.1 (Firmware)
Intel ATOM 6/21/2017 TLS( TLS1.0/1.1 ) SHA Val#3733 HMAC Val#3009
SSH (SHA 1 , 256 , 384 , 512 ) SHA Val#3733
SNMP SHA1 Val#3733

"The CN6000 Series Common Crypto Library Module provides FIPS 140-2 approved cryptographic algorithms for CN6000 Series Encryptors. Based upon OpenSSL the Common Crypto Library provides an Application Programming Interface (API) to support security relevant services."

1235
Section 5.4, SNMP
SP800-135
Symantec Corporation
384 Santa Trinita Ave
Sunnyvale, California 94085
USA

-Ian Hall
TEL: 703-598-6876

-Diana Robinson
TEL: 845-454-6397

SGOS SNMP Library

Version 5.7.2_1
Intel Xeon E5 Sandy Bridge w/ SGOS 6.7; Intel Xeon E5 Ivy Bridge w/ SGOS 6.7 6/21/2017 SNMP SHA1 Val#3732

"The SGOS SNMP Library provides the necessary SNMP protocol support to a proprietary operating system (SGOS 6.7) developed specifically for use in the ProxySG and Reverse Proxy appliance lines."

1234
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Senetas Corporation Ltd, distributed by Gemalto NV (SafeNet) and ID Quantique SA
312 Kings Way
South Melbourne, Victoria 3205
Australia

-John Weston
TEL: +61 3 9868 4555
FAX: +61 3 9821 4899

CN8000 Series Common Crypto Library

Version 3.0.1 (Firmware)
Intel Xeon 6/21/2017 TLS( TLS1.0/1.1 ) SHA Val#3732 HMAC Val#3008
SSH (SHA 1 , 256 , 384 , 512 ) SHA Val#3732
SNMP SHA1 Val#3732

"The CN8000 Series Common Crypto Library Module provides FIPS 140-2 approved cryptographic algorithms for CN8000 Series Encryptors. Based upon OpenSSL the Common Crypto Library provides an Application Programming Interface (API) to support security relevant services."

1233
Section 5.2, SSH
SP800-135
Symantec Corporation
305 Ellis Street
Mountain View, CA 94043
USA

-Ian Hall
TEL: 703-598-6876

-Diana Robinson
TEL: 845-454-6397

SGOS SSH Library

Version 7.2_2
Intel Xeon E5 Ivy Bridge w/ ASG 6.7; Intel Xeon E5 Sandy Bridge w/ SGOS 6.7; Intel Xeon E5 Ivy Bridge w/ SGOS 6.7; Intel Xeon E5 Broadwell w/ SGOS 6.7 6/21/2017 SSH (SHA 1 , 256 , 384 , 512 ) SHA Val#3730

"The SGOS SSH Library provides the necessary SSH key derivation functionality developed specifically for use in the ProxySG, Reverse Proxy, and ASG."

08/09/17: Updated implementation and vendor information;

1232
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Senetas Corporation Ltd, distributed by Gemalto NV (SafeNet)
312 Kings Way
South Melbourne, Victoria 3025
Australia

-John Weston
TEL: +61 3 9868 4555
FAX: +61 3 9821 4899

CN4010, CN4020, CN6010 and CN6140 Series Common Crypto Library

Version 3.0.1 (Firmware)
ARM Cortex A9 6/21/2017 TLS( TLS1.0/1.1 ) SHA Val#3731 HMAC Val#3007
SSH (SHA 1 , 256 , 384 , 512 ) SHA Val#3731
SNMP SHA1 Val#3731

"The CN4010, CN4020, CN6010 and CN6140 Series Common Crypto Library Module provides FIPS 140-2 approved cryptographic algorithms for CN4010, CN4020, CN6010 and CN6140 Series Encryptors. Based upon OpenSSL the Common Crypto Library provides an Application Programming Interface (API) to support security relevant services."

1231
All of SP800-56A EXCEPT KDF
SP800-56A
Symantec Corporation
305 Ellis Street
Mountain View, CA 94043
USA

-Ian Hall
TEL: 703-598-6876

-Diana Robinson
TEL: 845-454-6397

SGOS Cryptographic Library

Version 4.1.1
Intel Xeon E5 Ivy Bridge w/ ASG 6.7; Intel Xeon E5 Sandy Bridge w/ SGOS 6.7; Intel Xeon E5 Ivy Bridge w/ SGOS 6.7; Intel Xeon E5 Broadwell w/ SGOS 6.7 6/21/2017 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: Full Validation )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC SHS Val#3730 DRBG Val#1502
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: Partial Validation )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 EE: P-521 SHS Val#3730 DRBG Val#1502

"The SGOS Crypto Library provides the necessary cryptographic services to a proprietary operating system (SGOS 6.7) developed specifically for use in the ProxySG, Reverse Proxy and ASG."

07/07/17: Added new tested information;
08/09/17: Updated implementation and vendor information;

1230
Section 5.2, SSH
SP800-135
Attivo Networks, Inc.
47697 Westinghouse Drive, Suite 201
Fremont, CA 94539
USA

-Satya Das
TEL: 510 623-1000

Attivo Cryptographic Module

Version 1.0 (Firmware)
Intel(R) Xeon(R) CPU E5-2620 v2 @ 2.10GHz with AES-NI;Intel(R) Xeon(R) CPU E5-2630 v3 @ 2.4GHz with AES-NI 6/16/2017 SSH (SHA 1 , 256 , 512 ) SHA Val#3403

"Attivo Networks is an award winning provider of inside-the-network threat detection, attack analysis and forensics. "

1229
Section 4.2,
TLS
SP800-135
Attivo Networks, Inc.
47697 Westinghouse Drive, Suite 201
Fremont, CA 94539
USA

-Satya Das
TEL: 510 623-1000

Attivo Cryptographic Module

Version 1.0 (Firmware)
Intel(R) Xeon(R) CPU E5-2620 v2 @ 2.10GHz with AES-NI; Intel® Xeon® CPU E5-2630 v3 @ 2.4GHz with AES-NI 6/16/2017 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#3403 HMAC Val#2706

"Attivo Networks is an award winning provider of inside-the-network threat detection, attack analysis and forensics."

1228
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Attivo Networks, Inc.
47697 Westinghouse Drive, Suite 201
Fremont, CA 94539
USA

-Satya Das
TEL: 510 623-1000

Attivo Cryptographic Provider

Version 1.0 (Firmware)
Intel(R) Xeon(R) CPU E5-2620 v2 @ 2.10GHz; Intel(R) Xeon(R) CPU E5-2630 v3 @ 2.4GHz 6/16/2017 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#3638 HMAC Val#2933
SSH (SHA 1 , 224 , 256 , 384 , 512 ) SHA Val#3638

"Attivo Networks is an award winning provider of inside-the-network threat detection, attack analysis and forensics."

07/18/17: Added new tested information;

1227
RSADP Primitive
FIPS186-4 RSA; RSADP
Bivio Networks, Inc.
4457 Willow Road, Suite 240
Pleasanton, CA 94588
USA

-Raj Srinivasan
TEL: (925) 924-8608
FAX: (925) 924-8650

OpenSSL

Version 1.0.1e-51
Intel(R) Atom(TM) CPU C2558 @ 2.40GHz w/ RHEL 7.1 on KVM 2.0.0 on Ubuntu 14.04 LTS 6/16/2017 RSADP: (Mod2048)

"OpenSSL is an open source module that provides two libraries: a crypto module, and a TLS/SSL module that depends on the crypto module. It implements comprehensive suite of FIPS approved algorithms, with all key sizes and modes, of which this product uses a subset."

08/03/17: Updated implementation information;

1226
Section 5.2, SSH
SP800-135
Bivio Networks, Inc.
4457 Willow Road, Suite 240
Pleasanton, CA 94588
USA

-Raj Srinivasan
TEL: (925) 924-8608
FAX: (925) 924-8650

OpenSSL

Version 1.0.1e-51
Intel(R) Atom(TM) CPU C2558 @ 2.40GHz w/ RHEL 7.1 on KVM 2.0.0 on Ubuntu 14.04 LTS 6/16/2017 SSH (SHA 1 ) SHA Val#3727

"OpenSSL is an open source module that provides two libraries: a crypto module, and a TLS/SSL module that depends on the crypto module. It implements comprehensive suite of FIPS approved algorithms, with all key sizes and modes, of which this product uses a subset."

08/03/17: Updated implementation information;

1225
Section 5.7.1.2: ECC CDH Primitive

All of SP800-56A EXCEPT KDF
SP800-56A

SP800-56A
Bivio Networks, Inc.
4457 Willow Road, Suite 240
Pleasanton, CA 94588
USA

-Raj Srinivasan
TEL: (925) 924-8608
FAX: (925) 924-8650

OpenSSL

Version 1.0.1e-51
Intel® Atom™ CPU C2558 @ 2.40GHz w/ RHEL 7.1 on KVM 2.0.0 on Ubuntu 14.04 LTS 6/16/2017 Curves tested: P-256
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   KPG   Partial Validation )
SCHEMES: EphemUnified: (KARole: Initiator ) EC: P-256 ECDSA Val#1107 SHS Val#3727 DRBG Val#1500 HMAC Val#3003

"OpenSSL is an open source module that provides two libraries: a crypto module, and a TLS/SSL module that depends on the crypto module. It implements comprehensive suite of FIPS approved algorithms, with all key sizes and modes, of which this product uses a subset."

08/03/17: Updated implementation information;

1224
Section 4.1.1,
IKEv1
Section 5.2, SSH
SP800-135
Oracle Communications
100 Crosby Drive
Bedford, MA 01730
USA

-Madhu Mathiyalagan
TEL: (781) 578-7514

-Chris Brych
TEL: (613) 216-3078

Oracle Acme Packet Mocana Cryptographic Library

Version ECz 7.5.0 (Firmware)
Intel Atom C2358; Intel Xeon D-1548 (Intel Broadwell-DE) 6/16/2017 IKEv1( AUTH( PSK ) ) ( 2048 (SHA 1 , 256 ) ) SHA Val#3726 HMAC Val#3002
SSH (SHA 1 , 256 ) SHA Val#3726

"The Acme Packet 1100 and 3900 feature Oracle''s purpose-built hardware design that is tightly integrated with a hardened version of Oracle Linux, to provide the critical controls for delivering trusted, real-time communications - voice, video, and application data sessions - across Internet Protocol (IP) network borders."

1223
Section 4.2,
TLS
Section 5.3, SRTP
Section 5.4, SNMP
SP800-135
Oracle Communications
100 Crosby Drive
Bedford, MA 01730
USA

-Madhu Mathiyalagan
TEL: (781) 578-7514

-Chris Brych
TEL: (613) 216-3078

Oracle Acme Packet OpenSSL Cryptographic Library

Version ECz 7.5.0 (Firmware)
Intel Atom C2358; Intel Xeon D-1548 (Intel Broadwell-DE) 6/16/2017 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#3725 HMAC Val#3001
SRTP (AES 128 ) AES Val#4547
SNMP SHA1 Val#3725

"The Acme Packet 1100 and 3900 feature Oracle''s purpose-built hardware design that is tightly integrated with a hardened version of Oracle Linux, to provide the critical controls for delivering trusted, real-time communications - voice, video, and application data sessions - across Internet Protocol (IP) network borders."

1222
Section 4.2,
TLS
SP800-135
DocuSign
221 Main St.
Suite 1000
San Francisco, CA 94105
USA

-Ezer Farhi
TEL: 972-3-9279529

DocuSign-SA-TLS

Version 8.4 (Firmware)
Intel® Xeon Quad-Core 6/16/2017 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 ) ) SHA Val#3724 HMAC Val#3000

"DocuSign is a digital signature appliance that is connected to the organizational network and manages all signature keys and certificates of organization''s end-users. End-users will connect securely to DocuSign from their PC for the purpose of signing documents and data."

1221
Section 5.2, SSH
SP800-135
GE MDS, LLC
175 Science Parkway
Rochester, NY 14620
USA

-Aaron Wright
TEL: 585-242-8354
FAX: 585-241-5590

-Alex Charissis
TEL: 585-242-8402
FAX: 585-241-5590

Libssh2

Version 1.8.0 (Firmware)
Freescale IMX 6 (ARM) 6/16/2017 SSH (SHA 1 , 256 ) SHA Val#3720

"Algorithms used to perform SSH."

1220
Section 4.2,
TLS
SP800-135
GE MDS, LLC
175 Science Parkway
Rochester, NY 14620
USA

-Aaron Wright
TEL: 585-242-8354
FAX: 585-241-5590

-Alex Charissis
TEL: 585-242-8402
FAX: 585-241-5590

Mocana DSF

Version 5.5 (Firmware)
Freescale IMX 6 (ARM) 6/16/2017 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 ) ) SHA Val#3721 HMAC Val#2998

"Cryptographic algorithm API and self-test routines implemented by Mocana, Inc."

1219
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
GE MDS, LLC
175 Science Parkway
Rochester, NY 14620
USA

-Aaron Wright
TEL: 585-242-8354
FAX: 585-241-5590

-Alex Charissis
TEL: 585-242-8402
FAX: 585-241-5590

OpenSSL

Version Fips-2.0.12 (Firmware)
Freescale IMX 6 (ARM) 6/16/2017 IKEv1( AUTH( DSA , PSK ) ) ( 224 (SHA 1 , 256 , 384 , 512 ) ) ( 8192 (SHA 1 , 256 , 384 , 512 ) ) ( 2048 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#3720 HMAC Val#2997
IKEv2( ( 224 (SHA 1 , 256 , 384 , 512 ) ) ( 8192 (SHA 1 , 256 , 384 , 512 ) ) ( 2048 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#3720 HMAC Val#2997
TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#3720 HMAC Val#2997
SSH (SHA 1 , 256 , 512 ) SHA Val#3720
SNMP SHA1 Val#3720

"Open source Secure Sockets Layer cryptographic API and associated self-test routines."

1218
Section 4.2,
TLS
SP800-135
Oracle Corporation
500 Oracle Parkway
Redwood Shores, CA 94065
USA

-Linda Gallops
TEL: +1 704.972.5018
FAX: +1 980.355.5399

-Chris Brych
TEL: +1 613.216.3078

Oracle Linux OpenSSL with AESNI, SHA1 AVX, SHA2 ASM

Version R7-2.0.0
Intel® Xeon® E5-2699 v4 w/ Oracle Linux 7.3 64 bit 6/16/2017 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#3719 HMAC Val#2996

"Oracle Linux OpenSSL Cryptographic Module is a software module supporting FIPS 140-2-approved cryptographic algorithms for general use by vendors."

1217
All of SP800-56A EXCEPT KDF
SP800-56A
Oracle Corporation
500 Oracle Parkway
Redwood Shores, CA 94065
USA

-Linda Gallops
TEL: +1 704.972.5018
FAX: +1 980.355.5399

-Chris Brych
TEL: +1 613.216.3078

Oracle Linux OpenSSL with AESNI, SHA1 AVX, SHA2 ASM

Version R7-2.0.0
Intel® Xeon® E5-2699 v4 w/ Oracle Linux 7.3 64 bit 6/16/2017 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Key Regeneration )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC DSA Val#1209 SHS Val#3719 DRBG Val#1495
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation   Key Regeneration )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 ECDSA Val#1105 SHS Val#3719 DRBG Val#1495

"Oracle Linux OpenSSL Cryptographic Module is a software module supporting FIPS 140-2-approved cryptographic algorithms for general use by vendors."

1216
All of SP800-56A EXCEPT KDF
SP800-56A
Oracle Corporation
500 Oracle Parkway
Redwood Shores, CA 94065
USA

-Linda Gallops
TEL: +1 704.972.5018
FAX: +1 980.355.5399

-Chris Brych
TEL: +1 613.216.3078

Oracle Linux OpenSSL with AESNI, SHA1 AVX, SHA2 ASM

Version R6-1.0.0
Intel® Xeon® E5-2699 v4 w/ Oracle Linux 6.9 64 bit 6/16/2017 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation   Key Regeneration )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC DSA Val#1208 SHS Val#3718 DRBG Val#1494
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation   Key Regeneration )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 ECDSA Val#1104 SHS Val#3718 DRBG Val#1494

"Oracle Linux OpenSSL Cryptographic Module is a software module supporting FIPS 140-2-approved cryptographic algorithms for general use by vendors."

1215
Section 4.2,
TLS
SP800-135
Oracle Corporation
500 Oracle Parkway
Redwood Shores, CA 94065
USA

-Linda Gallops
TEL: +1 704.972.5018
FAX: +1 980.355.5399

-Chris Brych
TEL: +1 613.216.3078

Oracle Linux OpenSSL with AESNI, SHA1 AVX, SHA2 ASM

Version R6-1.0.0
Intel® Xeon® E5-2699 v4 w/ Oracle Linux 6.9 64 bit 6/16/2017 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#3718 HMAC Val#2995

"Oracle Linux OpenSSL Cryptographic Module is a software module supporting FIPS 140-2-approved cryptographic algorithms for general use by vendors."

1214
Signature Generation of hash sized messages
FIPS186-4 ECDSA
Palo Alto Networks
4301 Great America Parkway
Santa Clara, California 95054
USA

-Richard Bishop
TEL: 408-753-4000

-Jake Bajic
TEL: 408-753-3901

Palo Alto Networks Crypto Module (PA-200, PA-220, PA-500, PA-800, PA-3000, PA-5000, PA-5200 and PA-7000 Series Firewalls, WF-500 and Panorama M-100/M-500)

Version 8.0 (Firmware)
Cavium Octeon MIPS64; Cavium MIPS64; Intel Multi Core Xeon; Intel Celeron; Intel i7 6/9/2017 ECDSA SigGen Component: CURVES( P-256 P-384 P-521 )

"The Palo Alto Networks Crypto Module provides the cryptographic functionality for a variety of platforms i.e. the PA-200, PA-220, PA-500, PA-800, PA-3000, PA-5000, PA-5200 and PA-7000 series firewalls, WF-500 and Panorama M-100/M-500."

1213
RSADP Primitive
FIPS186-4 RSA; RSADP
Palo Alto Networks
4301 Great America Parkway
Santa Clara, California 95054
USA

-Richard Bishop
TEL: 408-753-4000

-Jake Bajic
TEL: 408-753-3901

Palo Alto Networks Crypto Module (PA-200, PA-220, PA-500, PA-800, PA-3000, PA-5000, PA-5200 and PA-7000 Series Firewalls, WF-500 and Panorama M-100/M-500)

Version 8.0 (Firmware)
Cavium Octeon MIPS64; Cavium MIPS64; Intel Multi Core Xeon; Intel Celeron; Intel i7 6/9/2017 RSADP: (Mod2048)

"The Palo Alto Networks Crypto Module provides the cryptographic functionality for a variety of platforms i.e. the PA-200, PA-220, PA-500, PA-800, PA-3000, PA-5000, PA-5200 and PA-7000 series firewalls, WF-500 and Panorama M-100/M-500."

1212
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Palo Alto Networks
4301 Great America Parkway
Santa Clara, California 95054
USA

-Richard Bishop
TEL: 408-753-4000

-Jake Bajic
TEL: 408-753-3901

Palo Alto Networks Crypto Module (PA-200, PA-220, PA-500, PA-800, PA-3000, PA-5000, PA-5200 and PA-7000 Series Firewalls, WF-500 and Panorama M-100/M-500)

Version 8.0 (Firmware)
Cavium Octeon MIPS64; Cavium MIPS64; Intel Multi Core Xeon; Intel Celeron; Intel i7 6/9/2017 IKEv1( AUTH( DSA , PSK ) ) ( 256 (SHA 256 , 384 , 512 ) ) ( 2048 (SHA 256 , 384 , 512 ) ) ( 384 (SHA 256 , 384 , 512 ) ) SHA Val#3713 HMAC Val#2990
IKEv2( ( 256 (SHA 256 , 384 , 512 ) ) ( 2048 (SHA 1 , 256 , 384 , 512 ) ) ( 384 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#3713 HMAC Val#2990
TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#3713 HMAC Val#2990
SSH (SHA 1 , 256 , 384 , 512 ) SHA Val#3713
SNMP SHA1 Val#3713

"The Palo Alto Networks Crypto Module provides the cryptographic functionality for a variety of platforms i.e. the PA-200, PA-220, PA-500, PA-800, PA-3000, PA-5000, PA-5200 and PA-7000 series firewalls, WF-500 and Panorama M-100/M-500."

09/01/17: Added new tested information;

1211
Section 5.7.1.2: ECC CDH Primitive

All of SP800-56A EXCEPT KDF
SP800-56A
Palo Alto Networks
4301 Great America Parkway
Santa Clara, California 95054
USA

-Richard Bishop
TEL: 408-753-4000

-Jake Bajic
TEL: 408-753-3901

Palo Alto Networks Crypto Module (PA-200, PA-220, PA-500, PA-800, PA-3000, PA-5000, PA-5200 and PA-7000 Series Firewalls, WF-500 and Panorama M-100/M-500)

Version 8.0 (Firmware)
Cavium Octeon MIPS64; Cavium MIPS64; Intel Multi Core Xeon; Intel Celeron; Intel i7 6/9/2017 Curves tested: P-256   P-384   P-521
FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC DSA Val#1207 SHS Val#3713 DRBG Val#1489
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 EE: P-521 ECDSA Val#1103 SHS Val#3713 DRBG Val#1489

"The Palo Alto Networks Crypto Module provides the cryptographic functionality for a variety of platforms i.e. the PA-200, PA-220, PA-500, PA-800, PA-3000, PA-5000, PA-5200 and PA-7000 series firewalls, WF-500 and Panorama M-100/M-500."

1210
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Aruba, a Hewlett Packard Enterprise company
3333 Scott Blvd
Santa Clara, CA 95054
USA

-Steve Weingart
TEL: 512-319-2480

Aruba Instant Crypto Module

Version ArubaInstant 6.5.1.0-4.3.1 (Firmware)
Freescale QorIQ P1010 800MHz; Freescale QorIQ P1020 800MHz; Qualcomm QCA9344 500MHz 6/9/2017 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#3254 HMAC Val#2569
SSH (SHA 1 , 256 , 384 , 512 ) SHA Val#3254

"Aruba Instant cryptographic module provided by Aruba RAP-108/109 and AP-214/215/224/225/274/275/277 hardware."

1209
Signature Generation of hash sized messages
FIPS186-4 ECDSA
Amazon Web Services, Inc.
410 Terry Ave N
Ste 1200
Seattle, WA 98109-5210
USA

-Kelvin Yiu

-Ken Beer

AWS Key Management Service Cryptographic Algorithm Library

Version 1.0.0 (Firmware)
Intel Xeon E5-2640v4 6/9/2017 ECDSA SigGen Component: CURVES( P-224 P-256 P-384 P-521 K-233 K-283 K-409 K-571 B-233 B-283 B-409 B-571 )

"The AWS Key Management Service Cryptographic Algorithm Library provides cryptographic functionality for the AWS Key Management Service Hardware Security Module."

07/12/17: Udpated vendor information;

1208
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Amazon Web Services, Inc.
410 Terry Ave N
Ste 1200
Seattle, WA 98109-5210
USA

-Kelvin Yiu

-Ken Beer

AWS Key Management Service Cryptographic Algorithm Library

Version 1.0.0 (Firmware)
Intel Xeon E5-2640v4 6/9/2017 RSASP1: (Mod2048: PKCS1.5 )

"The AWS Key Management Service Cryptographic Algorithm Library provides cryptographic functionality for the AWS Key Management Service Hardware Security Module."

07/12/17: Udpated vendor information;

1207
Section 4.1.2,
IKEv2
Section 4.2,
TLS
Section 5.1,
ANS X9.63-2001
Section 5.2, SSH
Section 5.3, SRTP
SP800-135
Amazon Web Services, Inc.
410 Terry Ave N
Ste 1200
Seattle, WA 98109-5210
USA

-Kelvin Yiu

-Ken Beer

AWS Key Management Service Cryptographic Algorithm Library

Version 1.0.0 (Firmware)
Intel Xeon E5-2640v4 6/9/2017 IKEv2( ( 224 (SHA 1 , 224 , 256 , 384 , 512 ) ) ( 8192 (SHA 1 , 224 , 256 , 384 , 512 ) ) ( 384 (SHA 1 , 224 , 256 , 384 , 512 ) ) SHA Val#3708 HMAC Val#2987
TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#3708 HMAC Val#2987
ANSX963_2001 (SHS 224 , 256 , 384 , 512 ) SHA Val#3708
SSH (SHA 1 , 224 , 256 , 384 , 512 ) SHA Val#3708
SRTP AES Val#4527

"The AWS Key Management Service Cryptographic Algorithm Library provides cryptographic functionality for the AWS Key Management Service Hardware Security Module."

07/12/17: Updated vendor information;

1206
Signature Generation of hash sized messages
FIPS186-4 ECDSA
Palo Alto Networks
4301 Great America Parkway
Santa Clara, California 95054
USA

-Richard Bishop
TEL: 408-753-4000

-Jake Bajic
TEL: 408-753-3901

Palo Alto Networks Crypto Module (PA VM-series)

Version 8.0
Intel Multi Core Xeon w/ VMware ESXi 5.5; Intel Multi Core Xeon w/ Centos 7.2 - KVM; Intel Multi Core Xeon w/ Hyper-V 2012 r2; Intel Multi Core Xeon w/ AWS EC2; Intel Multi Core Xeon w/ Azure 6/2/2017 ECDSA SigGen Component: CURVES( P-256 P-384 P-521 )

"The Palo Alto Networks Crypto Module provides the cryptographic functionality for a variety of Palo Alto Networks VM-series platforms. The firewalls provide network security by enabling enterprises to see/control applications, users, and content."

06/14/17: Updated implementation information;

1205
RSADP Primitive
FIPS186-4 RSA; RSADP
Palo Alto Networks
4301 Great America Parkway
Santa Clara, California 95054
USA

-Richard Bishop
TEL: 408-753-4000

-Jake Bajic
TEL: 408-753-3901

Palo Alto Networks Crypto Module (PA VM-series)

Version 8.0
Intel Multi Core Xeon w/ VMware ESXi 5.5; Intel Multi Core Xeon w/ Centos 7.2 - KVM; Intel Multi Core Xeon w/ Hyper-V 2012 r2; Intel Multi Core Xeon w/ AWS EC2; Intel Multi Core Xeon w/ Azure 6/2/2017 RSADP: (Mod2048)

"The Palo Alto Networks Crypto Module provides the cryptographic functionality for a variety of Palo Alto Networks VM-series platforms. The firewalls provide network security by enabling enterprises to see/control applications, users, and content."

06/14/17: Updated implementation information;

1204
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Palo Alto Networks
4301 Great America Parkway
Santa Clara, California 95054
USA

-Richard Bishop
TEL: 408-753-4000

-Jake Bajic
TEL: 408-753-3901

Palo Alto Networks Crypto Module (PA VM-series)

Version 8.0
Intel Multi Core Xeon w/ VMware ESXi 5.5; Intel Multi Core Xeon w/ Centos 7.2 - KVM; Intel Multi Core Xeon w/ Hyper-V 2012 r2; Intel Multi Core Xeon w/ AWS EC2; Intel Multi Core Xeon w/ Azure 6/2/2017 IKEv1( AUTH( DSA , PSK ) ) ( 256 (SHA 256 , 384 , 512 ) ) ( 2048 (SHA 256 , 384 , 512 ) ) ( 384 (SHA 256 , 384 , 512 ) ) SHA Val#3707 HMAC Val#2986
IKEv2( ( 256 (SHA 256 , 384 , 512 ) ) ( 2048 (SHA 1 , 256 , 384 , 512 ) ) ( 384 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#3707 HMAC Val#2986
TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#3707 HMAC Val#2986
SSH (SHA 1 , 256 , 384 , 512 ) SHA Val#3707
SNMP SHA1 Val#3707

"The Palo Alto Networks Crypto Module provides the cryptographic functionality for a variety of Palo Alto Networks VM-series platforms. The firewalls provide network security by enabling enterprises to see/control applications, users, and content."

06/14/17: Updated implementation information;
09/01/17: Added new tested information;

1203
Section 5.7.1.2: ECC CDH Primitive

All of SP800-56A EXCEPT KDF
SP800-56A

SP800-56A
Palo Alto Networks
4301 Great America Parkway
Santa Clara, California 95054
USA

-Richard Bishop
TEL: 408-753-4000

-Jake Bajic
TEL: 408-753-3901

Palo Alto Networks Crypto Module (PA VM-series)

Version 8.0
Intel Multi Core Xeon w/ VMware ESXi 5.5; Intel Multi Core Xeon w/ Centos 7.2 - KVM; Intel Multi Core Xeon w/ Hyper-V 2012 r2; Intel Multi Core Xeon w/ AWS EC2; Intel Multi Core Xeon w/ Azure 6/2/2017 Curves tested: P-256   P-384   P-521
FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC DSA Val#1205 SHS Val#3707 DRBG Val#1486
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 EE: P-521 ECDSA Val#1101 SHS Val#3707 DRBG Val#1486

"The Palo Alto Networks Crypto Module provides the cryptographic functionality for a variety of Palo Alto Networks VM-series platforms. The firewalls provide network security by enabling enterprises to see/control applications, users, and content."

06/14/17: Updated implementation information;

1202
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Hewlett Packard Enterprise Company
3000 Hanover Street
Palo Alto, CA 94304
USA

-Luis Luciani
TEL: 281-518-6762

-Edward Newman
TEL: 281-514-2713

iLO SSL Firmware Crypto Library

Version iLO 5 v1.11 (Firmware)
Cortex A9 6/2/2017 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#3706 HMAC Val#2985
SSH (SHA 1 , 384 ) SHA Val#3706

"HPE Integrated Lights-Out (iLO) management built into HPE Proliant servers is an autonomous management subsystem embedded directly on the server. iLO monitors each server’s overall "health", reports issues, and provides a means for setup and managing of power and thermal settings."

1201
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Hewlett Packard Enterprise Company
3000 Hanover Street
Palo Alto, CA 94304
USA

-Luis Luciani
TEL: 281-518-6762

-Edward Newman
TEL: 281-514-2713

iLO SSL Firmware Crypto Library

Version iLO 5 v1.11 (Firmware)
Cortex A9 6/2/2017 Curves tested: P-256   P-384

"HPE Integrated Lights-Out (iLO) management built into HPE Proliant servers is an autonomous management subsystem embedded directly on the server. iLO monitors each server’s overall "health", reports issues, and provides a means for setup and managing of power and thermal settings."

1200
Section 5.1,
ANS X9.63-2001
SP800-135
Engage Communication, Inc.
9565 Soquel Drive
Suite 201
Aptos, CA 95003
USA

-Gian-Carlo Bava
TEL: 831-688-1021 ext 106

-Shaun Tomaszewski
TEL: 831-688-1021 ext 104

BlackVault Crypto-KDF-X9.63

Version 1.0 (Firmware)
ARM926EJ-S 5/26/2017 ANSX963_2001 (SHS 224 , 256 , 384 , 512 ) SHA Val#2327

"The Engage Communication BlackVault Hardware Security Module (HSM)."

1199
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Symantec Corporation
350 Ellis Street
Mountain View, CA 94043
USA

-Jordan Saxonberg
TEL: 424-750-7052
FAX: 424-750-8107

Symantec SymSSLf Cryptographic Module

Version 1.0.1
Part # Intel Xeon
Intel Xeon with AES-NI w/ Windows 7 SP1 5/19/2017 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"Symantec SymSSLf Cryptographic Module is a Windows software library that provides FIPS 140-2 validated cryptographic algorithm support to Symantec products."

1198
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Symantec Corporation
350 Ellis Street
Mountain View, CA 94043
USA

-Jordan Saxonberg
TEL: 424-750-7052
FAX: 424-750-8107

Symantec SymSSLf Cryptographic Module

Version 1.0.1
Part # Intel Xeon
Intel Xeon without AES-NI w/ Windows 7 SP1 5/19/2017 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"Symantec SymSSLf Cryptographic Module is a Windows software library that provides FIPS 140-2 validated cryptographic algorithm support to Symantec products."

06/21/17: Updated implementation information;
07/18/17: Updated implementation information;
08/11/17: Updated implementation information;

1197
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Intel Corporation
2200 Mission College Blvd.
Santa Clara, California 95054
USA

-Mark Hanson
TEL: 972.963.7326

McAfee OpenSSL FIPS Object Module

Version 1.0.0
Intel Xeon w/ Linux 3.10 on VMware ESXi 5.5 5/19/2017 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"The McAfee OpenSSL FIPS Object Module provides cryptographic services for Intel Security products."

1196
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Guardtime
5151 California Ave.
Suite 210
Irvine, CA 92617
USA

-Christian Bravo
TEL: 310-227-6558

Guardtime Cryptographic Support Library (CSL) Direct

Version 1.0.0 (Firmware)
T4240r2 QorIQ, 12 Dual Cores 64-bit Power Architecture, 1667 MHz with SEC; T4240r2 QorIQ, 12 Dual Cores 64-bit Power Architecture, 1667 MHz without SEC 5/12/2017 Curves tested: P-256   P-384   P-521

"Cryptographic library for Guardtime products."

1195
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Flonidan A/S
Islandsvej 29
Horsens, Denmark DK-8700
Denmark

-Tonny Frederiksen
TEL: +45 75 61 88 88

-Kenneth Sørensen
TEL: +45 75 61 88 88

Flonidan Smart Meter mbedTLS Module

Version 2.4.0 (Firmware)
ARM Cortex 5/12/2017 Curves tested: P-256

"Crypto module used in Flonidan smart meters"

1194
All of SP800-56A EXCEPT KDF
SP800-56A
NIKSUN, Inc.
457 N. Harrison St.
3rd Floor
Princeton, NJ 08540
USA

-Darryle Merlette

NIKOS FIPS Object Module

Version 2.0.14
Intel Xeon E5-2680 v2 w/ FreeBSD 9.3 5/12/2017 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC DSA Val#853 SHS Val#2368 DRBG Val#485

"The NIKOS FIPS Object Module is a software library that provides cryptographic services to a vast array of NIKSUN''s networking products. "

05/23/17: Updated vendor information;

1193
RSADP Primitive
FIPS186-4 RSA; RSADP
Giesecke & Devrient GmbH
Prinzregentenstraße 159
München, n/a 81677
Germany

-Helmut Scherzer
TEL: +49 89 4119 2084
FAX: +49 89 4119 2819

-Robert Hockauf
TEL: +49 89 4119 2847
FAX: +49 89 4119 2819

RSA SLE78

Version 1.5 (Firmware)
Part # SLE78CLFX4000 (M7892)
SLE78CLFX4000P(M) / M7892 family 5/5/2017 RSADP: (Mod2048)

"Implementation of the RSA library for Infineon Sle77 / Sle78 using the Crypto@2304T coprocessor."

1192
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Giesecke & Devrient GmbH
Prinzregentenstraße 159
München, n/a 81677
Germany

-Helmut Scherzer
TEL: +49 89 4119 2084
FAX: +49 89 4119 2819

-Robert Hockauf
TEL: +49 89 4119 2847
FAX: +49 89 4119 2819

RSA SLE78

Version 1.5 (Firmware)
Part # SLE78CLFX4000 (M7892)
SLE78CLFX4000P(M) / M7892 family 5/5/2017 RSASP1: (Mod2048: PKCS1.5 )

"Implementation of the RSA library for Infineon Sle77 / Sle78 using the Crypto@2304T coprocessor."

1191
All of SP800-56A EXCEPT KDF
SP800-56A
Cog Systems / HTC
Level 1
277 King Street
Newton
Sydney, NSW 2042
Australia

-Daniel Potts
TEL: +1 855 662 7234

D4Secure Boring/OpenSSL FIPS Module

Version FIPS Module 2.0.14
Snapdragon 617 (MSM8952) w/ Android 6.0.1 - HTC Software Version 1.57.617.52 5/5/2017 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC DSA Val#1200 SHS Val#3686 DRBG Val#1456
ECC:
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 EE: P-521 ECDSA Val#1093 SHS Val#3686 DRBG Val#1456

"The D4Secure Boring/OpenSSL FIPS Module is an implementation of the FIPS Object Module, FIPS canister in Android."

05/23/17: Updated implementation information;

1190
Signature Generation of hash sized messages
FIPS186-4 ECDSA
Attivo Networks, Inc.
47697 Westinghouse Drive, Suite 201
Fremont, CA 94539
USA

-Satya Das
TEL: 510 623-1000

Attivo Cryptographic Provider

Version 1.0
Intel(R) Xeon(R) CPU E5-2620 v2 @2.10GHz w/ Open JDK 1.8 on CentOS 6.5 Intel 64-bit on ESXi 5.5.0 5/5/2017 ECDSA SigGen Component: CURVES( P-224 P-256 P-384 P-521 K-233 K-283 K-409 K-571 B-233 B-283 B-409 B-571 )

"Attivo Networks is an award winning provider of inside-the-network threat detection, attack analysis and forensics."

06/16/17: Updated implementation information;

1189
All of SP800-56A EXCEPT KDF
SP800-56A
Cisco Systems
170 West Tasman Dr.
San Jose, California 95134
USA

-Nick
TEL: 703.484.7032

Cisco KAS Module

Version 6.0 (Firmware)
Cavium Octeon MIPS64 w/ Linux 2.6 4/21/2017 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC DSA Val#961 SHS Val#2817 DRBG Val#817
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 EE: P-521 ECDSA Val#678 SHS Val#2817 DRBG Val#817

"The CiscoSSL KAS Module provides ECC and FFC key agreement support to a vast array of Cisco''''s networking and collaboration products."

1188
All of SP800-56A EXCEPT KDF
SP800-56A
Cisco Systems, Inc.
170 West Tasman Dr.
San Jose, CA 95134
USA

-Global Certification Team

FX-OS

Version 2.0 (Firmware)
Intel Xeon E3-11XX 4/21/2017 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FC DSA Val#1199 SHS Val#3546 DRBG Val#1368
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 EE: P-521 ECDSA Val#1015 SHS Val#3546 DRBG Val#1368

"Cisco Firepower eXtensible Operating System (FX-OS) version 2.0, a next-generation network and content security solutions."

1187
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
ALE (Alcatel Lucent Enterprise)
26801 Agoura Road
Calabasas, CA 91301
USA

-Eric Tolliver
TEL: 818-878-4623

-Vadivel Poonathan
TEL: 818-878-4601

Alcatel-Lucent Enterprise AOS OmniSwitch OS9900

Version AOS 8.3.1.R01
Intel Atom C2518 w/ AOS 8.3.1.R01 4/21/2017 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#3526 HMAC Val#2824
SSH (SHA 1 , 256 , 512 ) SHA Val#3526

"ALE AOS cryptographic module supports the Alcatel-Lucent Enterprise OmniSwitch. The testing applies to Common Criteria mode."

1186
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
ALE (Alcatel Lucent Enterprise)
26801 Agoura Road
Calabasas, CA 91301
USA

-Eric Tolliver
TEL: 818-878-4623

-Vadivel Poonathan
TEL: 818-878-4601

Alcatel-Lucent Enterprise AOS OmniSwitch OS6900

Version AOS 8.3.1.R01
PowerPC P2040 w/ AOS 8.3.1.R01 4/21/2017 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#3525 HMAC Val#2823
SSH (SHA 1 , 256 , 512 ) SHA Val#3525

"ALE AOS cryptographic module supports the Alcatel-Lucent Enterprise OmniSwitch. The testing applies to Common Criteria mode."

1185
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
ALE (Alcatel Lucent Enterprise)
26801 Agoura Road
Calabasas, CA 91301
USA

-Eric Tolliver
TEL: 818-878-4623

-Vadivel Poonathan
TEL: 818-878-4601

Alcatel-Lucent Enterprise AOS OmniSwitch OS6900

Version AOS 8.3.1.R01
Freescale PowerPC MPC8572 w/ AOS 8.3.1.R01 4/21/2017 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#3524 HMAC Val#2822
SSH (SHA 1 , 256 , 512 ) SHA Val#3524

"ALE AOS cryptographic module supports the Alcatel-Lucent Enterprise OmniSwitch. The testing applies to Common Criteria mode."

1184
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
ALE (Alcatel Lucent Enterprise)
26801 Agoura Road
Calabasas, CA 91301
USA

-Eric Tolliver
TEL: 818-878-4623

-Vadivel Poonathan
TEL: 818-878-4601

Alcatel-Lucent Enterprise AOS OmniSwitch OS6860

Version AOS 8.3.1.R01
Cortex ARM 9 w/ AOS 8.3.1.R01 4/21/2017 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#3523 HMAC Val#2821
SSH (SHA 1 , 256 , 512 ) SHA Val#3523

"ALE AOS cryptographic module supports the Alcatel-Lucent Enterprise OmniSwitch. The testing applies to Common Criteria mode."

1183
All of SP800-56A EXCEPT KDF
SP800-56A
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134
USA

-Global Certification Team

FMC FOM

Version 6.0 (Firmware)
Intel Atom; Intel Pentium; Intel Xeon 4/21/2017 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FC DSA Val#1197 SHS Val#3512 DRBG Val#1337
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 EE: P-521 ECDSA Val#995 SHS Val#3512 DRBG Val#1337

"A fault-tolerant, purpose-built network appliance that provides a centralized management console and database repository for your Firepower System deployment. FMC has a range of device management, event storage, host monitoring and user monitoring capabilities."

1182
All of SP800-56A EXCEPT KDF
SP800-56A
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134
USA

-Global Certification Team

FMC FOM Virtual

Version 6.0
Intel Xeon E-Series w/ ESXi 5.5 4/21/2017 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FC DSA Val#1196 SHS Val#3637 DRBG Val#1425
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 EE: P-521 ECDSA Val#1063 SHS Val#3637 DRBG Val#1425

"A fault-tolerant, purpose-built network appliance that provides a centralized management console and database repository for your Firepower System deployment. FMC has a range of device management, event storage, host monitoring and user monitoring capabilities."

1181
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
OpenSSL Validation Services, Inc.
1829 Mount Ephraim Road
Adamstown, MD 21710
USA

-Steve Marquess
TEL: 301-874-2571

OpenSSL FIPS Object Module

Version 2.0.16
Cavium Octeon II (MIPS) w/ ExtremeXOS-Linux 3.18; Intel Atom C2558 (x86) with AES-NI w/ ExtremeXOS-Linux 3.18 32-bit; Intel Atom C2558 (x86) without AES-NI w/ ExtremeXOS-Linux 3.18 32-bit 4/21/2017 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"The OpenSSL FIPS Object Module is a full featured general purpose cryptographic library that is distributed in source code form under an open source license. It can be downloaded from www.openssl.org/source/."

08/11/17: Added new tested information;

1180
Signature Generation of hash sized messages
FIPS186-4 ECDSA
Trustonic
20 Station Road
Cambridge, n/a CB1 2JD
UK

-Alec Edgington
TEL: +44 1223 347864

-Mark Wooding
TEL: +44 1223 3478534

TRICX

Version 1.0
ARM Cortex-A53 without PAA w/ Trustonic Kinibi 400A; ARM Cortex-A53 with PAA w/ Trustonic Kinibi 400A 4/21/2017 ECDSA SigGen Component: CURVES( P-224 P-256 P-384 P-521 )

"TRICX is a static library providing an extensive suite of FIPS-approved cryptographic algorithms and supporting a range of key sizes and modes."

1179
Section 5.7.1.2: ECC CDH Primitive

All of SP800-56A EXCEPT KDF
SP800-56A

SP800-56A
Axway Inc.
6811 E Mayo Blvd.
Ste. 400
Phoenix, AZ 85054
USA

-Katrin Rosenke
TEL: 480-627-1800
FAX: 480-627-1801

-Kartik Krishnan
TEL: 480-627-2649
FAX: 480-627-1801

Axway Security Kernel

Version 3.0.2
Intel® Xeon® E5-2620 w/ Microsoft Windows 2012 64-bit; Intel® Xeon® E5-2620 w/ RHEL 6.3 64-bit; Sun UltraSparc T1 w/ Solaris 64-bit 4/14/2017 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: Partial Validation )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EC: P-256   K-283   B-283 ECDSA Val#1089 SHS Val#3678 DRBG Val#1449

"Axway Validation Authority Suite: a collection of products that provide flexible and robust OCSP/SCVP certificate validation for standard and custom desktop and server applications, supporting established security standards and technologies. These products may be used together or integrated with existing solutions."

1178
Signature Generation of hash sized messages
FIPS186-4 ECDSA
Axway Inc.
6811 E Mayo Blvd.
Ste. 400
Phoenix, AZ 85054
USA

-Katrin Rosenke
TEL: 480-627-1800
FAX: 480-627-1801

-Kartik Krishnan
TEL: 480-627-2649
FAX: 480-627-1801

Axway Security Kernel

Version 3.0.2
Intel® Xeon® E5-2620 w/ Microsoft Windows 2012 64-bit; Intel® Xeon® E5-2620 w/ RHEL 6.3 64-bit; Sun UltraSparc T1 w/ Solaris 64-bit 4/14/2017 ECDSA SigGen Component: CURVES( P-224 P-256 P-384 )

"Axway Validation Authority Suite: a collection of products that provide flexible and robust OCSP/SCVP certificate validation for standard and custom desktop and server applications, supporting established security standards and technologies. These products may be used together or integrated with existing solutions."

1177
Section 4.2,
TLS
SP800-135
Axway Inc.
6811 E Mayo Blvd.
Ste. 400
Phoenix, AZ 85054
USA

-Katrin Rosenke
TEL: 480-627-1800
FAX: 480-627-1801

-Kartik Krishnan
TEL: 480-627-2649
FAX: 480-627-1801

Axway Security Kernel

Version 3.0.2
Intel® Xeon® E5-2620 w/ Microsoft Windows 2012 64-bit; Intel® Xeon® E5-2620 w/ RHEL 6.3 64-bit; Sun UltraSparc T1 w/ Solaris 64-bit 4/14/2017 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#3678 HMAC Val#2964

"Axway Validation Authority Suite: a collection of products that provide flexible and robust OCSP/SCVP certificate validation for standard and custom desktop and server applications, supporting established security standards and technologies. These products may be used together or integrated with existing solutions."

1176
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Silver Spring Networks
230 W Tasman Drive
San Jose, CA 95134
USA

-Jeff Ebert
TEL: 16697704000
FAX: 18667760015

Silver Spring Networks Endpoint Security Module

Version 82136+98519 (Firmware)
Part # 130-0117-01.ESM
ESM instruction manager processor embedded in SSN ARNIE SoC 4/14/2017 Curves tested: P-256   P-384

"Silver Spring Networks Endpoint Security Module provides acceleration and off-load of standard cryptographic algorithms and secure network protocols, key storage and generation, bootloader and firmware verification, and encrypted data storage. It is included in the SoC designed for SSN''s Gen5 endpoint and infrastructure products."

1175
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Silver Spring Networks
230 W Tasman Drive
San Jose, CA 95134
USA

-Jeff Ebert
TEL: 16697704000
FAX: 18667760015

Silver Spring Networks Endpoint Security Module

Version 82136+98519 (Firmware)
Part # 130-0117-01.ESM
ESM instruction manager processor embedded in SSN ARNIE SoC 4/14/2017 RSASP1: (Mod2048: PKCS1.5 )

"Silver Spring Networks Endpoint Security Module provides acceleration and off-load of standard cryptographic algorithms and secure network protocols, key storage and generation, bootloader and firmware verification, and encrypted data storage. It is included in the SoC designed for SSN''s Gen5 endpoint and infrastructure products."

1174
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
Section 4.2,
TLS
Section 5.1,
ANS X9.63-2001
SP800-135
Silver Spring Networks
230 W Tasman Drive
San Jose, CA 95134
USA

-Jeff Ebert
TEL: 16697704000
FAX: 18667760015

Silver Spring Networks Endpoint Security Module

Version 82136+98519 (Firmware)
Part # 130-0117-01.ESM
ESM instruction manager processor embedded in SSN ARNIE SoC 4/14/2017 IKEv1( AUTH( DSA , PSK ) ) ( 256 (SHA 256 ) ) ( 384 (SHA 256 ) ) ( 2048 (SHA 256 ) ) SHA Val#3677 HMAC Val#2963
IKEv2( ( 256 (SHA 256 ) ) ( 384 (SHA 256 ) ) ( 2048 (SHA 256 ) ) SHA Val#3677 HMAC Val#2963
TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#3677 HMAC Val#2963
ANSX963_2001 (SHS 256 , 384 , 512 ) SHA Val#3677

"Silver Spring Networks Endpoint Security Module provides acceleration and off-load of standard cryptographic algorithms and secure network protocols, key storage and generation, bootloader and firmware verification, and encrypted data storage. It is included in the SoC designed for SSN''s Gen5 endpoint and infrastructure products."

1173
All of SP800-56A EXCEPT KDF
SP800-56A
Klas Telecom
1101 30th Street NW, Suite 500
Washington, DC 20007
USA

-Cathal Daly
TEL: 0035315250008

-Frank Murray

Klas OpenSSL FIPS Object Module 2.0.9

Version 2.0.9
Marvell Armv5te Feroceon rev 0 (v5l) w/ Linux 2.6.31.8 (32 bit) 4/14/2017 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG   Full Validation   Key Regeneration )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC DSA Val#1193 SHS Val#3400 DRBG Val#1250
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG Full Validation Key Regeneration )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 EE: P-521 ECDSA Val#946 SHS Val#340 DRBG Val#1250

"Algorithms taken from OpenSSL FIPS Module v2.0.9"

1172
RSADP Primitive
FIPS186-4 RSA; RSADP
Gemalto
525 avenue du Pic de Bertagne
CS 12023
Gemenos, n/a 13881
France

-Security and Certifications Team

-Sylvain Lhostis
TEL: +33 (0)4 42 36 60 62

MultiAppIDV4.0 Cryptographic library

Version 4.0 (Firmware)
Part # Infineon SLE78 M7892 chip family
Infineon SLE78 M7892 chip family 4/14/2017 RSADP: (Mod2048)

"MultiAppIDV4.0 is a highly secured smartcard platform compliant with the Javacard 3.0.4, GP 2.2.1, Amdt D standards, designed to operate with the Infineon SLE78 M7892 chips. It supports: TDES, AES, AES-CMAC, SHA1-224-256-384-512, RSA, RSA CRT, ECDSA, ECC CDH, KDF SP800-108 & DRBG SP800-90A algorithms."

1171
RSADP Primitive
FIPS186-4 RSA; RSADP
Gemalto
525 avenue du Pic de Bertagne
CS 12023
Gemenos, n/a 13881
France

-Security and Certifications Team

-Sylvain Lhostis
TEL: +33 (0)4 42 36 60 62

MultiAppIDV4.0 Cryptographic library

Version 4.0 (Firmware)
Part # Infineon SLE78 M7892 chip family
Infineon SLE78 M7892 chip family 4/14/2017 RSADP: (Mod2048)

"MultiAppIDV4.0 is a highly secured smartcard platform compliant with the Javacard 3.0.4, GP 2.2.1, Amdt D standards, designed to operate with the Infineon SLE78 M7892 chips. It supports: TDES, AES, AES-CMAC, SHA1-224-256-384-512, RSA, RSA CRT, ECDSA, ECC CDH, KDF SP800-108 & DRBG SP800-90A algorithms."

1170
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
A10 Networks, Inc.
3 West Plumeria Drive
San Jose, CA 95134
USA

-John Chiong
TEL: +1 408 325-8668

A10 Networks SSL FIPS Library

Version 2.0.0 (Firmware)
Intel Xeon E3-1275v2 with AES-NI; Intel Xeon E5-1650v3 with AES-NI; Intel Xeon E5-2697v2 with AES-NI; Intel Xeon E5-2697v4 with AES-NI 4/7/2017 TLS( TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#3674 HMAC Val#2961
SSH (SHA 1 , 224 , 256 , 384 , 512 ) SHA Val#3674
SNMP SHA1 Val#3674

"The Thunder Application Delivery Controller is designed to meet the growing demands of Web sites, carriers and enterprises. The Thunder offers intelligent Layer 4-7 application processing capabilities with performance and scalability to meet critical business requirements."

1169
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Fortinet Inc.
1090 Kifer Road
Sunnyvale, CA 94086-5301
USA

-Alan Kaye
TEL: 613-225-9381 x7416
FAX: 613-225-9951

Fortinet FortiWeb SSL Cryptographic Library

Version 5.5 (Firmware)
Intel Xeon E5 series 4/7/2017 TLS( TLS1.0/1.1 ) SHA Val#3673 HMAC Val#2960
SSH (SHA 1 , 256 ) SHA Val#3673

"This document focuses on the firmware implementation of the Fortinet FortiWeb SSL Cryptographic Library v5.5 running on Intel x86 compatible processors."

1168
All of SP800-56A EXCEPT KDF
SP800-56A
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134
USA

-Nick Goble
TEL: 703.484.7032

CiscoSSL FIPS Object Module

Version 4.1
Intel Xeon w/ ADE-OS 2.4 4/7/2017 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FC DSA Val#1192 SHS Val#3672 DRBG Val#1446

"The Cisco FIPS Object Module is a software library that provides cryptographic services to a vast array of"

1167
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Gemalto
525 avenue du Pic de Bertagne
CS 12023
Gemenos, n/a 13881
France

-Security and Certifications Team

-Sylvain Lhostis
TEL: +33 (0)4 42 36 60 62

MultiAppIDV4.0 Cryptographic library

Version 4.0 (Firmware)
Part # Infineon SLE78 M7892 chip family
Infineon SLE78 M7892 chip family 4/7/2017 RSASP1: (Mod2048: PKCS1.5 )

"MultiAppIDV4.0 is a highly secured smartcard platform compliant with the Javacard 3.0.4, GP 2.2.1, Amdt D standards, designed to operate with the Infineon SLE78 M7892 chips. It supports: TDES, AES, AES-CMAC, SHA1-224-256-384-512, RSA, RSA CRT, ECDSA, ECC CDH, KDF SP800-108 & DRBG SP800-90A algorithms."

1166
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Gemalto
525 avenue du Pic de Bertagne
CS 12023
Gemenos, n/a 13881
France

-Security and Certifications Team

-Sylvain Lhostis
TEL: +33 (0)4 42 36 60 62

MultiAppIDV4.0 Cryptographic library

Version 4.0 (Firmware)
Part # Infineon SLE78 M7892 chip family
Infineon SLE78 M7892 chip family 4/7/2017 RSASP1: (Mod2048: PKCS1.5 )

"MultiAppIDV4.0 is a highly secured smartcard platform compliant with the Javacard 3.0.4, GP 2.2.1, Amdt D standards, designed to operate with the Infineon SLE78 M7892 chips. It supports: TDES, AES, AES-CMAC, SHA1-224-256-384-512, RSA, RSA CRT, ECDSA, ECC CDH, KDF SP800-108 & DRBG SP800-90A algorithms."

1165
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Gemalto
525 avenue du Pic de Bertagne
CS 12023
Gemenos, n/a 13881
France

-Security and Certifications Team

-Sylvain Lhostis
TEL: +33 (0)4 42 36 60 62

MultiAppIDV4.0 Cryptographic library

Version 4.0 (Firmware)
Part # Infineon SLE78 M7892 chip family
Infineon SLE78 M7892 chip family 4/7/2017 Curves tested: P-224   P-256   P-384   P-521

"MultiAppIDV4.0 is a highly secured smartcard platform compliant with the Javacard 3.0.4, GP 2.2.1, Amdt D standards, designed to operate with the Infineon SLE78 M7892 chips. It supports: TDES, AES, AES-CMAC, SHA1-224-256-384-512, RSA, RSA CRT, ECDSA, ECC CDH, KDF SP800-108 & DRBG SP800-90A algorithms."

1164
Signature Generation of hash sized messages
FIPS186-4 ECDSA
Persistent Systems LLC
303 Fifth Ave
Suite 207
New York, NY 10016
USA

-Helson Maria
TEL: 212-561-5895

-Dr. David Holmer
TEL: 212-561-5895

Wave Relay® Cryptographic Library

Version 2.0 (Firmware)
NXP i.MX 6 4/7/2017 ECDSA SigGen Component: CURVES( P-224 P-256 P-384 P-521 K-233 K-283 K-409 K-571 B-233 B-283 B-409 B-571 )

"The Wave Relay® Mobile Ad Hoc Network (MANET) is a peer-to-peer wireless networking solution that allows a distributed group of mobile users to communicate continuously without fixed infrastructure. The Wave Relay® Cryptographic Library provides module integrity assurance and management security."

1163
Section 4.2,
TLS
SP800-135
Persistent Systems LLC
303 Fifth Ave
Suite 207
New York, NY 10016
USA

-Helson Maria
TEL: 212-561-5895

-Dr. David Holmer
TEL: 212-561-5895

Wave Relay® Cryptographic Library

Version 2.0 (Firmware)
NXP i.MX 6 4/7/2017 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#3667 HMAC Val#2956

"The Wave Relay® Mobile Ad Hoc Network (MANET) is a peer-to-peer wireless networking solution that allows a distributed group of mobile users to communicate continuously without fixed infrastructure. The Wave Relay® Cryptographic Library provides module integrity assurance and management security."

1162
RSADP Primitive
FIPS186-4 RSA; RSADP
Persistent Systems LLC
303 Fifth Ave
Suite 207
New York, NY 10016
USA

-Helson Maria
TEL: 212-561-5895

-Dr. David Holmer
TEL: 212-561-5895

Wave Relay® Cryptographic Library

Version 2.0 (Firmware)
NXP i.MX 6 4/7/2017 RSADP: (Mod2048)

"The Wave Relay® Mobile Ad Hoc Network (MANET) is a peer-to-peer wireless networking solution that allows a distributed group of mobile users to communicate continuously without fixed infrastructure. The Wave Relay® Cryptographic Library provides module integrity assurance and management security."

1161
Section 5.7.1.2: ECC CDH Primitive

All of SP800-56A EXCEPT KDF
SP800-56A

SP800-56A
Persistent Systems LLC
303 Fifth Ave
Suite 207
New York, NY 10016
USA

-Helson Maria
TEL: 212-561-5895

-Dr. David Holmer
TEL: 212-561-5895

Wave Relay® Cryptographic Library

Version 2.0 (Firmware)
NXP i.MX 6 4/7/2017 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571
ECC:
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 EE: P-521 ECDSA Val#1085 SHS Val#3667 DRBG Val#1443

"The Wave Relay® Mobile Ad Hoc Network (MANET) is a peer-to-peer wireless networking solution that allows a distributed group of mobile users to communicate continuously without fixed infrastructure. The Wave Relay® Cryptographic Library provides module integrity assurance and management security."

1160
Section 4.1.2,
IKEv2
SP800-135
Canonical Ltd.
5th Floor, Blue Fin Building, 110 Southwark Street
London, n/a SE1 0SU
United Kingdom

-Joy Latten

-Andrew Cloke

Strongswan using SHA from CPACF

Version 1.0
z13 w/ Ubuntu 16.04 4/7/2017 IKEv2( ( 224 (SHA 1 , 256 , 384 , 512 ) ) ( 8192 (SHA 1 , 256 , 384 , 512 ) ) ( 2048 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#3596 HMAC Val#2898

"This test covers the SP800-135 IKEv2 KDF testing using SHA from CPACF."

1159
Section 4.1.2,
IKEv2
SP800-135
Canonical Ltd.
5th Floor, Blue Fin Building, 110 Southwark Street
London, n/a SE1 0SU
United Kingdom

-Joy Latten

-Andrew Cloke

Strongswan using SHA assembler

Version 1.0
z13 w/ Ubuntu 16.04 4/7/2017 IKEv2( ( 224 (SHA 1 , 256 , 384 , 512 ) ) ( 8192 (SHA 1 , 256 , 384 , 512 ) ) ( 2048 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#3595 HMAC Val#2897

"This test covers the SP800-135 IKEv2 KDF testing using SHA assembler."

1158
Section 4.1.2,
IKEv2
SP800-135
Canonical Ltd.
5th Floor, Blue Fin Building, 110 Southwark Street
London, n/a SE1 0SU
United Kingdom

-Joy Latten

-Andrew Cloke

Strongswan using SSSE3 for SHA

Version 1.0
Intel(R) Xeon(R) CPU E5-2620v3 w/ Ubuntu 16.04 4/7/2017 IKEv2( ( 224 (SHA 1 , 256 ) ) ( 8192 (SHA 1 , 256 ) ) ( 2048 (SHA 1 , 256 ) ) SHA Val#3598 HMAC Val#2900

"This test covers the SP800-135 IKEv2 KDF testing using SSSE3 for SHA."

1157
Section 4.1.2,
IKEv2
SP800-135
Canonical Ltd.
5th Floor, Blue Fin Building, 110 Southwark Street
London, n/a SE1 0SU
United Kingdom

-Joy Latten

-Andrew Cloke

Strongswan using AVX2 for SHA

Version 1.0
Intel(R) Xeon(R) CPU E5-2620v3 w/ Ubuntu 16.04 4/7/2017 IKEv2( ( 224 (SHA 1 , 256 , 384 , 512 ) ) ( 8192 (SHA 1 , 256 , 384 , 512 ) ) ( 2048 (SHA 1 , 256 , 384 ) ) SHA Val#3597 HMAC Val#2899

"This test covers the SP800-135 IKEv2 KDF testing using AVX2 for SHA."

1156
Section 4.1.2,
IKEv2
SP800-135
Canonical Ltd.
5th Floor, Blue Fin Building, 110 Southwark Street
London, n/a SE1 0SU
United Kingdom

-Joy Latten

-Andrew Cloke

Strongswan using SHA assembler

Version 1.0
Intel(R) Xeon(R) CPU E5-2620v3 w/ Ubuntu 16.04 4/7/2017 IKEv2( ( 224 (SHA 1 , 256 , 384 , 512 ) ) ( 8192 (SHA 1 , 256 , 384 , 512 ) ) ( 2048 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#3599 HMAC Val#2901

"This test covers the SP800-135 IKEv2 KDF testing using SHA assembler."

1155
Section 4.1.2,
IKEv2
SP800-135
Canonical Ltd.
5th Floor, Blue Fin Building, 110 Southwark Street
London, n/a SE1 0SU
United Kingdom

-Joy Latten

-Andrew Cloke

Strongswan using Power ISA v.2.07 for SHA

Version 1.0
POWER8 w/ Ubuntu 16.04 4/7/2017 IKEv2( ( 224 (SHA 256 , 384 , 512 ) ) ( 8192 (SHA 256 , 384 , 512 ) ) ( 2048 (SHA 256 , 384 , 512 ) ) SHA Val#3594 HMAC Val#2896

"This test covers the SP800-135 IKEv2 KDF testing using Power ISA v.2.07 for SHA."

1154
Section 4.1.2,
IKEv2
SP800-135
Canonical Ltd.
5th Floor, Blue Fin Building, 110 Southwark Street
London, n/a SE1 0SU
United Kingdom

-Joy Latten

-Andrew Cloke

Strongswan using SHA assembler

Version 1.0
POWER8 w/ Ubuntu 16.04 4/7/2017 IKEv2( ( 224 (SHA 1 , 256 , 384 , 512 ) ) ( 8192 (SHA 1 , 256 , 384 , 512 ) ) ( 2048 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#3593 HMAC Val#2895

"This test covers the SP800-135 IKEv2 KDF testing using SHA assembler."

1153
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
HUAWEI TECHNOLOGIES Co. Ltd.
Yuhuatai District
101 Software Avenue
HANGZHOU, ZHEJIANG 310000
CHINA

-Yang Ze
TEL: 86 15919432118

-Bai Wenxin
TEL: 86 18969126628

VPP

Version V300R003C26SPC101B130 (Firmware)
Cavium CN7015; Cavium CN6645; Cavium CN6880; Freescale SC411912C; Freescale MPC8572E 3/31/2017 Curves tested: P-256   P-384   P-521

"VPP Cryptographic Library provides FIPS approved Cryptographic functions to consuming applications via an Application Programming Interface (API)"

1152
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
HUAWEI TECHNOLOGIES Co. Ltd.
Yuhuatai District
101 Software Avenue
HANGZHOU, ZHEJIANG 310000
CHINA

-Yang Ze
TEL: 86 15919432118

-Bai Wenxin
TEL: 86 18969126628

VPP

Version V300R003C26SPC101B130 (Firmware)
Cavium CN7015; Cavium CN6645; Cavium CN6880; Freescale SC411912C; Freescale MPC8572E 3/31/2017 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#3664 HMAC Val#2954
SSH (SHA 1 ) SHA Val#3664
SNMP SHA1 Val#3664

"VPP Cryptographic Library provides FIPS approved Cryptographic functions to consuming applications via an Application Programming Interface (API)"

1151
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
HUAWEI TECHNOLOGIES Co. Ltd.
Yuhuatai District
101 Software Avenue
HANGZHOU, ZHEJIANG 310000
CHINA

-Yang Ze
TEL: 86 15919432118

-Bai Wenxin
TEL: 86 18969126628

Openssl

Version 1.0.2h (Firmware)
Freescale SC411912C; Freescale MPC8572E 3/31/2017 Curves tested: P-256   P-384   P-521

"Openssl Cryptographic Library provides FIPS approved Cryptographic functions to consuming applications via an Application Programming Interface (API)"

1150
Section 4.2,
TLS
SP800-135
HUAWEI TECHNOLOGIES Co. Ltd.
Yuhuatai District
101 Software Avenue
HANGZHOU, ZHEJIANG 310000
CHINA

-Yang Ze
TEL: 86 15919432118

-Bai Wenxin
TEL: 86 18969126628

Openssl

Version 1.0.2h (Firmware)
Freescale SC411912C; Freescale MPC8572E 3/31/2017 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#3663 HMAC Val#2953

"Openssl Cryptographic Library provides FIPS approved Cryptographic functions to consuming applications via an Application Programming Interface (API)"

1149
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
HUAWEI TECHNOLOGIES Co. Ltd.
Yuhuatai District
101 Software Avenue
HANGZHOU, ZHEJIANG 310000
CHINA

-Yang Ze
TEL: 86 15919432118

-Bai Wenxin
TEL: 86 18969126628

Openssl

Version 1.0.2h (Firmware)
Cavium CN7015; Cavium CN6645; Cavium CN6880; Cavium CN7809 3/31/2017 Curves tested: P-256   P-384   P-521

"Openssl Cryptographic Library provides FIPS approved Cryptographic functions to consuming applications via an Application Programming Interface (API)"

1148
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
SP800-135
HUAWEI TECHNOLOGIES Co. Ltd.
Yuhuatai District
101 Software Avenue
HANGZHOU, ZHEJIANG 310000
CHINA

-Yang Ze
TEL: 86 15919432118

-Bai Wenxin
TEL: 86 18969126628

Openssl

Version 1.0.2h (Firmware)
Cavium CN7015; Cavium CN6645; Cavium CN6880; Cavium CN7809 3/31/2017 IKEv1( AUTH( DSA , PSK ) ) ( 2048 (SHA 1 , 256 , 384 , 512 ) ) ( 2048 (SHA 1 , 256 , 384 , 512 ) ) ( 2048 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#3662 HMAC Val#2952
IKEv2( ( 2048 (SHA 1 , 256 , 384 , 512 ) ) ( 2048 (SHA 1 , 256 , 384 , 512 ) ) ( 2048 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#3662 HMAC Val#2952

"Openssl Cryptographic Library provides FIPS approved Cryptographic functions to consuming applications via an Application Programming Interface (API)"

1147
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
SP800-135
Ciena Corporation
7035 Ridge Road
Hanover, MD 21076
USA

-Patrick Scully
TEL: 613-670-3207

Ciena Waveserver

Version 1.4 (Firmware)
Xilinx XC7Z030 3/31/2017 IKEv1( AUTH( PKE ) ) ( 224 (SHA 1 , 256 ) ) ( 384 (SHA 1 , 256 ) ) ( 2048 (SHA 1 , 256 ) ) SHA Val#3660 HMAC Val#2951
IKEv2( ( 224 (SHA 1 , 256 , 384 ) ) ( 384 (SHA 1 , 256 , 384 ) ) ( 2048 (SHA 1 , 256 , 384 ) ) SHA Val#3660 HMAC Val#2951

"The Ciena Waveserver Platform offers an integrated transport encryption solution for 10GE, 40GE and 100GE clients and provides up to 400Gb/s wirespeed encryption service for data center interconnect (DCI) applications."

1146
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
INTEGRITY Security Services (ISS)
7585 Irvine Center Driver
Suite 250
Irvine, California 91618
USA

-David Sequino
TEL: 206-310-6795
FAX: 978-383-0560

-Douglas Kovach
TEL: 727-781-4909
FAX: 727-781-2915

Crestron Control Engine

Version 3.0 (Firmware)
iMX53 3/31/2017 RSASP1: (Mod2048: PKCS1.5 )

"Porting of the ISS Embedded Cryptographic Toolkit (ECT) to the Crestron Control Engine."

1145
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
INTEGRITY Security Services (ISS)
7585 Irvine Center Driver
Suite 250
Irvine, California 91618
USA

-David Sequino
TEL: 206-310-6795
FAX: 978-383-0560

-Douglas Kovach
TEL: 727-781-4909
FAX: 727-781-2915

Crestron Control Engine

Version 3.0 (Firmware)
iMX53 3/31/2017 Curves tested: P-224   P-256   P-384   P-521

"Porting of the ISS Embedded Cryptographic Toolkit (ECT) to the Crestron Control Engine."

1144
Section 5.7.1.2: ECC CDH Primitive

All of SP800-56A EXCEPT KDF
SP800-56A

SP800-56A
F5 Networks
401 Elliott Avenue West
Seattle, WA 98119
USA

-Maryrita Steinhour
TEL: 206-272-7351

-John Hughes
TEL: 206-272-6038

Cryptographic Module for BIG-IP with AES and SHA assembler

Version 12.1.2 HF1
Intel Xeon X5650 w/ BIG-IP 12.1.2 HF1 3/31/2017 Curves tested: P-256   P-384
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG Partial Validation )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 ECDSA Val#1076 SHS Val#3656 DRBG Val#1436

"Cryptographic library offering various cryptographic mechanisms to BigIP Virtual Edition"

1143
RSADP Primitive
FIPS186-4 RSA; RSADP
Samsung Electronics Co., Ltd,
416 Maetan-3dong, Yeongtong-gu
Suwon-si, Gyeonggi-do 443-742
South Korea

-Jung Ha Paik
TEL: +82-10-8861-0858

Samsung BoringSSL Cryptographic Module

Version v1.1
Samsung Electronics Exynos8895 w/ Android 7.0; Qualcomm MSM8998 w/ Android 7.0; Samsung Electronics Exynos7570 w/ Android 7.0; Qualcomm MSM8917 w/ Android 7.0; Qualcomm MSM8996 w/ Android 7.0; Samsung Electronics Exynos8890 w/ Android 7.0; Samsung Electronics Exynos7420 w/ Android 7.0; Samsung Electronics Exynos7870 w/ Android 7.1 3/31/2017 RSADP: (Mod2048)

"The Samsung BoringSSL Cryptographic Module is a general purpose cryptographic module to provide user-mode applications with security services."

08/10/17: Added new tested information;

1142
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Samsung Electronics Co., Ltd,
416 Maetan-3dong, Yeongtong-gu
Suwon-si, Gyeonggi-do 443-742
South Korea

-Jung Ha Paik
TEL: +82-10-8861-0858

Samsung BoringSSL Cryptographic Module

Version v1.1
Samsung Electronics Exynos8895 w/ Android 7.0; Qualcomm MSM8998 w/ Android 7.0; Samsung Electronics Exynos7570 w/ Android 7.0; Qualcomm MSM8917 w/ Android 7.0; Qualcomm MSM8996 w/ Android 7.0; Samsung Electronics Exynos8890 w/ Android 7.0; Samsung Electronics Exynos7420 w/ Android 7.0; Samsung Electronics Exynos7870 w/ Android 7.1 3/31/2017 Curves tested: P-224   P-256   P-384   P-521

"The Samsung BoringSSL Cryptographic Module is a general purpose cryptographic module to provide user-mode applications with security services."

08/10/17: Added new tested information;

1141
All of SP800-56A EXCEPT KDF
SP800-56A
Samsung Electronics Co., Ltd,
416 Maetan-3dong, Yeongtong-gu
Suwon-si, Gyeonggi-do 443-742
South Korea

-Jung Ha Paik
TEL: +82-10-8861-0858

Samsung BoringSSL Cryptographic Module

Version v1.1
Samsung Electronics Exynos8895 w/ Android 7.0; Qualcomm MSM8998 w/ Android 7.0; Samsung Electronics Exynos7570 w/ Android 7.0; Qualcomm MSM8917 w/ Android 7.0; Qualcomm MSM8996 w/ Android 7.0; Samsung Electronics Exynos8890 w/ Android 7.0; Samsung Electronics Exynos7420 w/ Android 7.0; Samsung Electronics Exynos7870 w/ Android 7.1 3/31/2017 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: Ephem: (KARole: Initiator ) FB FC DSA Val#1189 SHS Val#3650 DRBG Val#1431
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: EphemUnified: (KARole: Initiator ) EC: P-256 ED: P-384 EE: P-521 ECDSA Val#1074 SHS Val#3650 DRBG Val#1431

"The Samsung BoringSSL Cryptographic Module is a general purpose cryptographic module to provide user-mode applications with security services."

04/21/17: Added new tested information;
08/10/17: Added new tested information;

1140
Section 4.1.1,
IKEv1
Section 4.2,
TLS
SP800-135
Microsoft Corporation
One Microsoft Way
Redmond, WA 98052-6399
USA

-Gokul Karthik Balaswamy
TEL: 425-706-8583
FAX: 425-708-0107

-Christine Ahonen
TEL: 425-706-8675
FAX: 425-936-7329

Windows Embedded Compact Cryptographic Primitives Library (bcrypt.dll)

Version 7.00.2872
Texas Instruments EVM3530 w/ Windows Embedded Compact 7 (ARMv7); Samsung S3C6410 w/ Windows Embedded Compact 7 (ARMv6); NXP i.MX27 w/ Windows Embedded Compact 7 (ARMv5); Sigma Designs SMP8654 w/ Windows Embedded Compact 7 (MIPS II); Sigma Designs SMP8654 w/ Windows Embedded Compact 7 (MIPS II w/ FP) 3/31/2017 IKEv1( AUTH( DSA , PKE , PSK ) ) ( 2048 (SHA 256 ) ) ( 256 (SHA 256 ) ) ( 384 ) SHA Val#3649 HMAC Val#2943
TLS( TLS1.0/1.1 ) SHA Val#3649 HMAC Val#2943

"The cryptographic module BCRYPT.DLL encapuslates several different cryptographic algorithms in an easy-to-use module, accessible via the Microsoft CNG (Cryptography Next Generation) API. It permits the use of general-purpose FIPS 140-2 compliant cryptography in Windows Embedded Compact components and applications, through its documented interfaces."

1139
Section 4.1.1,
IKEv1
Section 4.2,
TLS
SP800-135
Microsoft Corporation
One Microsoft Way
Redmond, WA 98052-6399
USA

-Gokul Karthik Balaswamy
TEL: 425-706-8583
FAX: 425-708-0107

-Christine Ahonen
TEL: 425-706-8675
FAX: 425-936-7329

Windows Embedded Compact Cryptographic Primitives Library (bcrypt.dll)

Version 8.00.6246
Texas Instruments EVM3730 w/ Windows Embedded Compact 2013 (ARMv7); MSTI PDX-600 w/ Windows Embedded Compact 2013 (x86) 3/24/2017 IKEv1( AUTH( DSA , PKE , PSK ) ) ( 2048 (SHA 256 ) ) ( 256 (SHA 256 ) ) ( 384 (SHA 384 ) ) SHA Val#3648 HMAC Val#2942
TLS( TLS1.0/1.1 ) SHA Val#3648 HMAC Val#2942

"The cryptographic module BCRYPT.DLL encapuslates several different cryptographic algorithms in an easy-to-use module, accessible via the Microsoft CNG (Cryptography Next Generation) API. It permits the use of general-purpose FIPS 140-2 compliant cryptography in Windows Embedded Compact components and applications, through its documented interfaces."

1138
Signature Generation of hash sized messages
FIPS186-4 ECDSA
Pitney Bowes, Inc.
37 Executive Drive
Danbury, CT 06810
USA

-Dave Riley
TEL: 203-796-3208

libecdsa

Version 01.01.000A (Firmware)
Part # MAX32590 Rev B4
n/a 3/24/2017 ECDSA SigGen Component: CURVES( P-256 )

"Pitney Bowes X4 HSM Cryptographic Module"

1137
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
IBM Corporation
222 South Riverside Plaza
Ste 1700
Chicago, IL 60606
USA

-Mark Seaborn
TEL: +1 312 423 6640x2354

-Jasopn Resch

Cleversafe FIPS Cryptographic Module

Version 1.1
Intel Xeon without AES-NI w/ ClevOS 3.8.2.19-FIPS-EDITION; Intel Xeon with AES-NI w/ ClevOS 3.8.2.19-FIPS-EDITION 3/24/2017 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"The Cleversafe® FIPS Object Module is a full featured general purpose cryptographic library that is distributed as a component of Cleversafe''''s ClevOS(TM) FIPS Edition, the underlying technology for dsNet® Appliances."

1136
All of SP800-56A EXCEPT KDF
SP800-56A
Cisco Systems
170 West Tasman Dr.
San Jose, California 95134
USA

-Clint Winebrenner
TEL: 919.392.6520

CiscoSSL KAS Module

Version 4.1 (Firmware)
Intel Xeon 3/24/2017 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC DSA Val#812 SHS Val#2247 DRBG Val#431

"This CiscoSSL KAS Module provides ECC and/or FFC key agreement support to a vast array of Cisco''s networking and collaboration products."

1135
All of SP800-56A EXCEPT KDF
SP800-56A
Cisco Systems, Inc.
170 West Tasman Dr.
San Jose, CA 95134
USA

-Global Certification Team

Adaptive Security Appliance (ASA) OS

Version 9.6
Intel Xeon E-Series w/ ESXi 5.5 3/10/2017 ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 EE: P-521 ECDSA Val#1027 SHS Val#3579 DRBG Val#1386

"The Cisco ASAv delivers robust user and application policy enforcement, multi-vector attack protection, and secure connectivity services in cost-effective, easy-to-deploy solutions. The ASAv provide comprehensive security, performance, and reliability for network environment."

04/05/17: Updated implementation information;

1134
All of SP800-56A EXCEPT KDF
SP800-56A
Cisco Systems
170 West Tasman Dr.
San Jose, California 95134
USA

-Clint Winebrenner
TEL: 919.392.6520

Cisco SSL KAS Module

Version 6.0 (Firmware)
Intel Atom C25XX; Intel Pentium/Core i3; Intel Xeon 3/10/2017 FFC: SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC SHS Val#3486 DRBG Val#1328
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 EE: P-521 ECDSA Val#989 SHS Val#3486 DRBG Val#1328

"The CiscoSSL KAS Module provides ECC and FFC key agreement support to a vast array of Cisco''s networking and collaboration products."

1133
Section 4.2,
TLS
SP800-135
Dolby Laboratories, Inc.
1275 Market Street
San Francisco, CA 94103
USA

-Jean-Philippe Viollet
TEL: (818) 524 2956

x86 Processor TLS KDF

Version 1.4 (Firmware)
Part # FH8065501516702
x86 Processor 3/10/2017 TLS( TLS1.0/1.1 ) SHA Val#3639 HMAC Val#2934

"An implementation of TLS KDF used in Dolby Media Blocks"

04/27/17: Updated vendor information;

1132
All of SP800-56A EXCEPT KDF
SP800-56A
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134
USA

-Clint Winebrenner
TEL: 919.392.6520

CiscoSSL FOM

Version 6.0
Apple A8 w/ iOS 9.3 3/6/2017 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC DSA Val#961 SHS Val#3470 DRBG Val#1316
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 EE: P-521 ECDSA Val#378 SHS Val#3470 DRBG Val#1316

"The Cisco FIPS Object Module is a software library that provides cryptographic services to a vast array of Cisco''s networking and collaboration products."

3/15/17: Correction to info - change firmware to software

1131
Signature Generation of hash sized messages
FIPS186-4 ECDSA
Attivo Networks, Inc.
47697 Westinghouse Drive, Suite 201
Fremont, CA 94539
USA

-Satya Das
TEL: 510 623-1000

Attivo Cryptographic Provider

Version 1.0 (Firmware)
Intel(R) Xeon(R) CPU E5-2620 v2 @ 2.10GHz; Intel(R) Xeon(R) CPU E5-2630 v3 @ 2.4GHz 3/6/2017 ECDSA SigGen Component: CURVES( P-224 P-256 P-384 P-521 K-233 K-283 K-409 K-571 B-233 B-283 B-409 B-571 )

"Attivo Networks is an award winning provider of inside-the-network threat detection, attack analysis and forensics."

1130
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Attivo Networks, Inc.
47697 Westinghouse Drive, Suite 201
Fremont, CA 94539
USA

-Satya Das
TEL: 510 623-1000

Attivo Cryptographic Provider

Version 1.0 (Firmware)
Intel(R) Xeon(R) CPU E5-2620 v2 @ 2.10GHz; Intel(R) Xeon(R) CPU E5-2630 v3 @ 2.4GHz 3/6/2017 RSASP1: (Mod2048: PKCS1.5 )

"Attivo Networks is an award winning provider of inside-the-network threat detection, attack analysis and forensics."

1129
Section 4.1.2,
IKEv2
Section 4.2,
TLS
Section 5.1,
ANS X9.63-2001
Section 5.2, SSH
Section 5.3, SRTP
SP800-135
Attivo Networks, Inc.
47697 Westinghouse Drive, Suite 201
Fremont, CA 94539
USA

-Satya Das
TEL: 510 623-1000

Attivo Cryptographic Provider

Version 1.0 (Firmware)
Intel® Xeon® CPU E5-2620 v2 @ 2.10GHz; Intel® Xeon® CPU E5-2630 v3 @ 2.4GHz 3/6/2017 IKEv2( ( 224 (SHA 1 , 224 , 256 , 384 , 512 ) ) ( 8192 (SHA 1 , 224 , 256 , 384 , 512 ) ) ( 2048 (SHA 1 , 224 , 256 , 384 , 512 ) ) SHA Val#3638 HMAC Val#2933
TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#3638 HMAC Val#2933
ANSX963_2001 (SHS 224 , 256 , 384 , 512 ) SHA Val#3638
SSH (SHA 1 , 224 , 256 , 384 , 512 ) SHA Val#3638
SRTP (AES 128 , 192 , 256 ) AES Val#4417

"Attivo Networks is an award winning provider of inside-the-network threat detection, attack analysis and forensics."

1128
Signature Generation of hash sized messages
FIPS186-4 ECDSA
Elster
Timisoara Airport Park, DJ 691 km 8+775 m, Comuna Giarmata
udetul Timis, Romania 307210
Romania

-VLADIMIR DIATLOV
TEL: +40 374 475 828
FAX: +40 256 493 737

SMETS2 AS302P

Version 1.1 (Firmware)
ARM 32-bit Cortex-M3 3/6/2017 ECDSA SigGen Component: CURVES( P-256 )

"The algorithms are implemented in an Electricity smart meter, for deployment in the UK Smart Metering Implementation Programme."

1127
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
NXP Semiconductors
6501 William Cannon Drive West
Austin, TX 78735
USA

-Geoffrey Waters
TEL: 512-895-2069

-Tom Tkacik
TEL: 480-814-3299

DMPR 40301443

Version CAVP_DMPR_40301443 (Firmware)
Cadence IES 15.10.009 Verilog simulator 3/6/2017 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"NXP's DMPR 40301443 is included in multiple QorIQ and Layerscape processors including: LS1023A, LS1026A, LS1043A, LS1046A, LS1048A, and LS1088A. It implements public key algorithms, including DSA, ECDSA, RSA, and key derivation functions."

1126
Section 4.1.2,
IKEv2
Section 4.2,
TLS
SP800-135
NXP Semiconductors
6501 William Cannon Drive West
Austin, TX 78735
USA

-Geoffrey Waters
TEL: 512-895-2069

-Tom Tkacik
TEL: 480-814-3299

DMPR 40301443

Version CAVP_DMPR_40301443 (Firmware)
Cadence IES 15.10.009 Verilog simulator 3/6/2017 IKEv2( ( 224 (SHA 1 , 256 , 384 , 512 ) ) ( 4096 (SHA 1 , 256 , 384 , 512 ) ) ( 384 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#2110 HMAC Val#1534
TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#2110 HMAC Val#1534

"NXP's DMPR 40301443 is included in multiple QorIQ and Layerscape processors including: LS1023A, LS1026A, LS1043A, LS1046A, LS1048A, and LS1088A. It implements public key algorithms, including DSA, ECDSA, RSA, and key derivation functions."

1125
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
NXP Semiconductors
6501 William Cannon Drive West
Austin, TX 78735
USA

-Geoffrey Waters
TEL: 512-895-2069

-Tom Tkacik
TEL: 480-814-3299

DMPR 40251443

Version CAVP_DMPR_40251443 (Firmware)
Cadence IES 15.10.009 Verilog simulator 3/6/2017 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"NXP's DMPR 40251443 is included in multiple QorIQ and Layerscape processors including: LS1012A. It implements public key algorithms, including DSA, ECDSA, RSA, and key derivation functions."

1124
Section 4.1.2,
IKEv2
Section 4.2,
TLS
SP800-135
NXP Semiconductors
6501 William Cannon Drive West
Austin, TX 78735
USA

-Geoffrey Waters
TEL: 512-895-2069

-Tom Tkacik
TEL: 480-814-3299

DMPR 40251443

Version CAVP_DMPR_40251443 (Firmware)
Cadence IES 15.10.009 Verilog simulator 3/6/2017 IKEv2( ( 224 (SHA 1 , 256 , 384 , 512 ) ) ( 4096 (SHA 1 , 256 , 384 , 512 ) ) ( 384 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#2110 HMAC Val#1534
TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#2110 HMAC Val#1534

"NXP's DMPR 40251443 is included in multiple QorIQ and Layerscape processors including: LS1012A. It implements public key algorithms, including DSA, ECDSA, RSA, and key derivation functions."

1123
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
NXP Semiconductors
6501 William Cannon Drive West
Austin, TX 78735
USA

-Geoffrey Waters
TEL: 512-895-2069

-Tom Tkacik
TEL: 480-814-3299

DMPR 40241443

Version CAVP_DMPR_40241443 (Firmware)
Cadence IES 15.10.009 Verilog simulator 3/6/2017 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"NXP's DMPR 40241443 is included in multiple QorIQ and Layerscape processors including: T1013, T1014, T1023 and T1024. It implements public key algorithms, including DSA, ECDSA, RSA, and key derivation functions."

1122
Section 4.1.2,
IKEv2
Section 4.2,
TLS
SP800-135
NXP Semiconductors
6501 William Cannon Drive West
Austin, TX 78735
USA

-Geoffrey Waters
TEL: 512-895-2069

-Tom Tkacik
TEL: 480-814-3299

DMPR 40241443

Version CAVP_DMPR_40241443 (Firmware)
Cadence IES 15.10.009 Verilog simulator 3/6/2017 IKEv2( ( 224 (SHA 1 , 256 , 384 , 512 ) ) ( 4096 (SHA 1 , 256 , 384 , 512 ) ) ( 384 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#3187 HMAC Val#2511
TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#3187 HMAC Val#2511

"NXP's DMPR 40241443 is included in multiple QorIQ and Layerscape processors including: T1013, T1014, T1023 and T1024. It implements public key algorithms, including DSA, ECDSA, RSA, and key derivation functions."

1121
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
NXP Semiconductors
6501 William Cannon Drive West
Austin, TX 78735
USA

-Geoffrey Waters
TEL: 512-895-2069

-Tom Tkacik
TEL: 480-814-3299

DMPR 40303443

Version CAVP_DMPR_40303443 (Firmware)
Cadence IES 15.10.009 Verilog simulator 3/6/2017 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"NXP's DMPR 40303443 is included in multiple QorIQ and Layerscape processors including: LS2044A, LS2045A, LS2048A, LS2084A, LS2085A and LS2088A. It implements public key algorithms, including DSA, ECDSA, RSA, and key derivation functions."

1120
Section 4.1.2,
IKEv2
Section 4.2,
TLS
SP800-135
NXP Semiconductors
6501 William Cannon Drive West
Austin, TX 78735
USA

-Geoffrey Waters
TEL: 512-895-2069

-Tom Tkacik
TEL: 480-814-3299

DMPR 40303443

Version CAVP_DMPR_40303443 (Firmware)
Cadence IES 15.10.009 Verilog simulator 3/6/2017 IKEv2( ( 224 (SHA 1 , 256 , 384 , 512 ) ) ( 4096 (SHA 1 , 256 , 384 , 512 ) ) ( 384 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#2110 HMAC Val#1534
TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#2110 HMAC Val#1534

"NXP's DMPR 40303443 is included in multiple QorIQ and Layerscape processors including: LS2044A, LS2045A, LS2048A, LS2084A, LS2085A and LS2088A. It implements public key algorithms, including DSA, ECDSA, RSA, and key derivation functions."

1119
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
NXP Semiconductors
6501 William Cannon Drive West
Austin, TX 78735
USA

-Geoffrey Waters
TEL: 512-895-2069

-Tom Tkacik
TEL: 480-814-3299

DMPR 31231342

Version CAVP_DMPR_31231342 (Firmware)
Cadence IES 15.10.009 Verilog simulator 3/6/2017 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"NXP's DMPR 31231342 is included in multiple QorIQ and Layerscape processors including: LS1020A, LS1021A and LS1022A. It implements public key algorithms, including DSA, ECDSA, RSA, and key derivation functions."

1118
Section 4.1.2,
IKEv2
Section 4.2,
TLS
SP800-135
NXP Semiconductors
6501 William Cannon Drive West
Austin, TX 78735
USA

-Geoffrey Waters
TEL: 512-895-2069

-Tom Tkacik
TEL: 480-814-3299

DMPR 31231342

Version CAVP_DMPR_31231342 (Firmware)
Cadence IES 15.10.009 Verilog simulator 3/6/2017 IKEv2( ( 224 (SHA 1 , 256 , 384 , 512 ) ) ( 4096 (SHA 1 , 256 , 384 , 512 ) ) ( 384 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#2110 HMAC Val#1534
TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#2110 HMAC Val#1534

"NXP's DMPR 31231342 is included in multiple QorIQ and Layerscape processors including: LS1020A, LS1021A and LS1022A. It implements public key algorithms, including DSA, ECDSA, RSA, and key derivation functions."

1117
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134
USA

-Global Certification Team

FMC FOM Virtual

Version 6.0
Intel Xeon E5 w/ ESXi 5.5; Intel Xeon Eseries w/ ESXi 5.5 3/6/2017 TLS( TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#3637 HMAC Val#2932
SSH (SHA 1 , 256 , 384 , 512 ) SHA Val#3637
SNMP SHA1 Val#3637

"A fault-tolerant, purpose-built network appliance that provides a centralized management console and database repository for your Firepower System deployment. FMC has a range of device management, event storage, host monitoring and user monitoring capabilities."

04/20/17: Added new tested information;

1116
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134
USA

-Global Certification Team

CiscoSSL FIPS Object Module

Version 6.0 (Firmware)
Cavium CN52xx; Intel Xeon X5650; Intel Xeon E5-2609 v3; Intel Xeon E5-2680 v3; Marvell A390 3/6/2017 Curves tested: P-256   P-384   P-521

"The Cisco FIPS Object Module is a software library that provides cryptographic services to a vast array of Cisco''s networking and collaboration products."

1115
Section 4.1.2,
IKEv2
Section 4.2,
TLS
Section 5.2, SSH
Section 5.3, SRTP
Section 5.4, SNMP
SP800-135
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134
USA

-Global Certification Team

CiscoSSL FIPS Object Module

Version 6.0 (Firmware)
Cavium CN52xx; Intel Xeon X5650; Intel Xeon E5-2609 v3; Intel Xeon E5-2680 v3; Marvell A390 3/6/2017 IKEv2( ( 224 (SHA 1 ) ) SHA Val#3635 HMAC Val#2931
TLS( TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#3635 HMAC Val#2931
SSH (SHA 1 , 224 , 256 , 384 , 512 ) SHA Val#3635
SRTP (AES 128 , 192 , 256 ) AES Val#4409
SNMP SHA1 Val#3635

"The Cisco FIPS Object Module is a software library that provides cryptographic services to a vast array of Cisco''s networking and collaboration products."

1114
Section 5.2, SSH
SP800-135
HUAWEI TECHNOLOGIES Co. Ltd.
328# XINGHU Avenue
SUZHOU, JIANGSU 215000
CHINA

-Yang Ze
TEL: 8615919432118

-Ji Xiang
TEL: 8615261806635

Huawei FIPS Cryptographic Library (HFCL) for WLAN

Version V300R003C22SPC806 (Firmware)
Qualcomm IPQ8068; Qualcomm QCA9550 series; Qualcomm IPQ40X8; Qualcomm QCA9531; Freescale P1025; Cavium CN6130; Cavium CN6335 3/6/2017 SSH (SHA 1 ) SHA Val#3634

"Huawei FIPS Cryptographic Library (HFCL) provides FIPS approved Cryptographic functions to consuming applications via an Application Programming Interface (API)"

1113
All of SP800-56A EXCEPT KDF
SP800-56A
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134
USA

-Clint Winebrenner
TEL: 1 919 392 6520

CiscoSSL FIPS Object Module

Version 11.7
Snapdragon 820 w/ Android version 6 2/28/2017 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC DSA Val#1177
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 EE: P-521 ECDSA Val#1059

"tbd"

1112
All of SP800-56A EXCEPT KDF
SP800-56A
Cisco Systems, Inc.
170 West Tasman Dr.
San Jose, CA 95134
USA

-Nick Goble
TEL: 703.484.7032

Cisco KAS Module

Version 6.0 (Firmware)
Intel Xeon, Intel Xeon w/ ESXi 5.5 2/28/2017 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC DSA Val#961 SHS Val#2817 DRBG Val#817
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 EE: P-521 ECDSA Val#678 SHS Val#2817 DRBG Val#817

"The CiscoSSL KAS Module provides ECC and FFC key agreement support to a vast array of Cisco''s networking and collaboration products."

1111
All of SP800-56A EXCEPT KDF
SP800-56A
Thales e-Security Inc.
900 South Pine Island Road
Suite 710
Plantation, FL 33324
USA

-sales@thalesesec.com
TEL: 888-744-4976

nShield X Algorithm Library - Cryptographic Accelerator

Part # ICG00169-00-01
N/A 2/28/2017 ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG Partial Validation )
SCHEMES: FullMQV: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 ECDSA Val#776 SHS Val#3082 DRBG Val#985

"The nShield algorithm X library provides cryptographic functionality for Thales nShield Hardware Security Modules."

04/07/17: Updated impelementation information;
05/05/17: Updated impelementation information;
05/05/17: Updated impelementation information;

1110
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Forcepoint LLC
10900-A Stonelake Blvd
Ste. 350
Austin, TX 78759
USA

-Matt Sturm
TEL: 858-320-9444

-Matthew Noland
TEL: 512-644-1214

Forcepoint C Cryptographic Module

Version 2.0.5
Forcepoint V10000 G4 Appliance on Intel Xeon E5-2620v3 w/ CentOS 7.2 2/28/2017 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"Forcepoint produces a family of web, e-mail and data security solutions that can be deployed on pre-configured, security hardened hardware or as customer installable software. The Forcepoint C Crypto Module provides support for cryptographic and secure communications services for these solutions."

1109
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Symantec Corporation
384 Santa Trinita Ave
Sunnyvale, California 94085
USA

-Ian Hall
TEL: 703-598-6876

-Diana Robinson
TEL: 845-454-6397

Security Analytics Crypto Library v7.2

Version 7.2
Intel® Xeon® Processor IvyBridge (E5-2680 v2 and E5-2609v2) w/ Fedora Core 10 2/28/2017 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#3619 HMAC Val#2917
SSH (SHA 1 , 224 , 256 , 384 , 512 ) SHA Val#3619

"The Security Analytics Crypto Library v7.2 provides the necessary cryptographic services for the Security Analytics software developed specifically for use in the Security Analytics Central Manager (CM) and Forensic Appliances (FA)."

1108
All of SP800-56A EXCEPT KDF
SP800-56A
Symantec Corporation
384 Santa Trinita Ave
Sunnyvale, California 94085
USA

-Ian Hall
TEL: 703-598-6876

-Diana Robinson
TEL: 845-454-6397

Security Analytics Crypto Library v7.2

Version 7.2
Intel® Xeon® Processor IvyBridge (E5-2680 v2 and E5-2609v2) w/ Fedora Core 10 2/28/2017 FFC: SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC SHS Val#3619 DRBG Val#1413
ECC:
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 EE: P-521 SHS Val#3619 DRBG Val#1413

"The Security Analytics Crypto Library v7.2 provides the necessary cryptographic services for the Security Analytics software developed specifically for use in the Security Analytics Central Manager (CM) and Forensic Appliances (FA)."

1107
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
HUAWEI TECHNOLOGIES Co., Ltd.
Yuhuatai District
101 Software Avenue
NANJING, JIANGSU 210000
CHINA

-Yang Ze
TEL: 8615919432118

-Liu Pinping
TEL: 8615850529039

Huawei FIPS Cryptographic Library (HFCL) for Switches

Version V300R003C22SPC805 (Firmware)
Cavium CN5020; BROADCOM 56340/56342; MARVELL 98DX3333/98DX3336; FREESCALE P2041; FREESCALE SC411231C; MARVELL 98DX3245/98DX3246/98DX3247 2/28/2017 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 ) ) SHA Val#3627 HMAC Val#2924
SSH (SHA 1 , 256 , 384 , 512 ) SHA Val#3627
SNMP SHA1 Val#3627

"Huawei FIPS Cryptographic Library (HFCL) provides FIPS approved Cryptographic functions to consuming applications via an Application Programming Interface (API)"

03/31/17: Updated implementation information;

1106
Section 5.7.1.2: ECC CDH Primitive

All of SP800-56A EXCEPT KDF
SP800-56A

SP800-56A
Citrix Systems, Inc.
851 Cypress Creek Road
Fort Lauderdale, FL 33309
USA

-Ben Tucker
TEL: 954-267-3094

-Jonathan Andersen
TEL: 954-940-7737

Citrix FIPS Cryptographic Module - SP800-56A

Version 1.0
ARM v8-A with NEON extensions and AES/SHA Acceleration w/ iOS 10 64-bit; ARM v7-A with NEON extensions w/ Android 5; Intel Core i7 [4th Generation] with AES-NI w/ Windows 10 32-bit; ARM v7-A with NEON extensions w/ Android 6; ARM v8-A with NEON extensions and AES/SHA Acceleration w/ Android 6; Intel Core i7 [6th Generation] with AES-NI w/ Windows 10 64-bit; ARM v8-A w/ Windows 10 Mobile 32-bit; Intel Xeon 56xx series with AES-NI w/ Linux 3.16 under XenServer 6, 64-bit; Intel Xeon 56xx series with AES-NI w/ Linux 3.16 under ESXi 5, 64-bit; Intel Xeon 56xx series with AES-NI w/ Linux 3.16 under Hyper-V on Windows Server 2012 R2, 64-bit; Intel Xeon E5-26xx v2 series with AES-NI w/ Free BSD 8.4 32-bit; Intel Xeon E5-26xx v2 series with AES-NI w/ Free BSD 8.4 64-bit; Intel Core i7 [6th Generation] with AES-NI w/ Linux 3.13 64-bit; ARM v7-A with NEON extensions w/ Android 4.4; ARM v7-A with NEON extensions w/ Android 7; ARM v8-A with NEON extensions and AES/SHA Acceleration w/ Android 7; Intel Core i7 with AES-NI w/ Mac OS X 10.12 64-bit; ARM v8-A with NEON extensions w/ ViewSonic Thin OS ;  Intel Xeon E55xx Series w/ Linux 3.13 under XenServer 6 2/28/2017 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571
FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation   Partial Validation )
SCHEMES: OneFlow: (KARole: Initiator / Responder ) FB FC DSA Val#1174 SHS Val#3626 DRBG Val#1417
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation   Partial Validation )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 EE: P-521 ECDSA Val#1056 SHS Val#3626 DRBG Val#1417 HMAC Val#2923

"Citrix FIPS Cryptographic Module provides cryptographic services for various Citrix products."

03/24/17: Updated vendor information;
06/27/17: Added new tested information;

1105
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Citrix Systems, Inc.
851 Cypress Creek Road
Fort Lauderdale, FL 33309
USA

-Ben Tucker
TEL: 954-267-3094

-Jonathan Andersen
TEL: 954-940-7737

Citrix FIPS Cryptographic Module - RSASP1

Version 1.0
ARM v8-A with NEON extensions and AES/SHA Acceleration w/ iOS 10 64-bit; ARM v7-A with NEON extensions w/ Android 5; Intel Core i7 [4th Generation] with AES-NI w/ Windows 10 32-bit; ARM v7-A with NEON extensions w/ Android 6; ARM v8-A with NEON extensions and AES/SHA Acceleration w/ Android 6; Intel Core i7 [6th Generation] with AES-NI w/ Windows 10 64-bit; ARM v8-A w/ Windows 10 Mobile 32-bit; Intel Xeon 56xx series with AES-NI w/ Linux 3.16 under XenServer 6, 64-bit; Intel Xeon 56xx series with AES-NI w/ Linux 3.16 under ESXi 5, 64-bit; Intel Xeon 56xx series with AES-NI w/ Linux 3.16 under Hyper-V on Windows Server 2012 R2, 64-bit; Intel Xeon E5-26xx v2 series with AES-NI w/ Free BSD 8.4 32-bit; Intel Xeon E5-26xx v2 series with AES-NI w/ Free BSD 8.4 64-bit; Intel Core i7 [6th Generation] with AES-NI w/ Linux 3.13 64-bit; ARM v7-A with NEON extensions w/ Android 4.4; ARM v7-A with NEON extensions w/ Android 7; ARM v8-A with NEON extensions and AES/SHA Acceleration w/ Android 7; Intel Core i7 with AES-NI w/ Mac OS X 10.12 64-bit; ARM v8-A with NEON extensions w/ ViewSonic Thin OS ;  Intel Xeon E55xx Series w/ Linux 3.13 under XenServer 6 2/28/2017 RSASP1: (Mod2048: PKCS1.5 )

"Citrix FIPS Cryptographic Module provides cryptographic services for various Citrix products."

03/24/17: Updated vendor information;
06/27/17: Added new tested information;

1104
RSADP Primitive
FIPS186-4 RSA; RSADP
Citrix Systems, Inc.
851 Cypress Creek Road
Fort Lauderdale, FL 33309
USA

-Ben Tucker
TEL: 954-267-3094

-Jonathan Andersen
TEL: 954-940-7737

Citrix FIPS Cryptographic Module - RSADP

Version 1.0
ARM v8-A with NEON extensions and AES/SHA Acceleration w/ iOS 10 64-bit; ARM v7-A with NEON extensions w/ Android 5; Intel Core i7 [4th Generation] with AES-NI w/ Windows 10 32-bit; ARM v7-A with NEON extensions w/ Android 6; ARM v8-A with NEON extensions and AES/SHA Acceleration w/ Android 6; Intel Core i7 [6th Generation] with AES-NI w/ Windows 10 64-bit; ARM v8-A w/ Windows 10 Mobile 32-bit; Intel Xeon 56xx series with AES-NI w/ Linux 3.16 under XenServer 6, 64-bit; Intel Xeon 56xx series with AES-NI w/ Linux 3.16 under ESXi 5, 64-bit; Intel Xeon 56xx series with AES-NI w/ Linux 3.16 under Hyper-V on Windows Server 2012 R2, 64-bit; Intel Xeon E5-26xx v2 series with AES-NI w/ Free BSD 8.4 32-bit; Intel Xeon E5-26xx v2 series with AES-NI w/ Free BSD 8.4 64-bit; Intel Core i7 [6th Generation] with AES-NI w/ Linux 3.13 64-bit; ARM v7-A with NEON extensions w/ Android 4.4; ARM v7-A with NEON extensions w/ Android 7; ARM v8-A with NEON extensions and AES/SHA Acceleration w/ Android 7; Intel Core i7 with AES-NI w/ Mac OS X 10.12 64-bit; ARM v8-A with NEON extensions w/ ViewSonic Thin OS ;  Intel Xeon E55xx Series w/ Linux 3.13 under XenServer 6 2/28/2017 RSADP: (Mod2048)

"Citrix FIPS Cryptographic Module provides cryptographic services for various Citrix products."

03/24/17: Updated vendor information;
06/27/17: Added new tested information;

1103
Section 4.2,
TLS
SP800-135
Citrix Systems, Inc.
851 Cypress Creek Road
Fort Lauderdale, FL 33309
USA

-Ben Tucker
TEL: 954-267-3094

-Jonathan Andersen
TEL: 954-940-7737

Citrix FIPS Cryptographic Module - TLS-KDF

Version 1.0
ARM v8-A with NEON extensions and AES/SHA Acceleration w/ iOS 10 64-bit; ARM v7-A with NEON extensions w/ Android 5; Intel Core i7 [4th Generation] with AES-NI w/ Windows 10 32-bit; ARM v7-A with NEON extensions w/ Android 6; ARM v8-A with NEON extensions and AES/SHA Acceleration w/ Android 6; Intel Core i7 [6th Generation] with AES-NI w/ Windows 10 64-bit; ARM v8-A w/ Windows 10 Mobile 32-bit; Intel Xeon 56xx series with AES-NI w/ Linux 3.16 under XenServer 6, 64-bit; Intel Xeon 56xx series with AES-NI w/ Linux 3.16 under ESXi 5, 64-bit; Intel Xeon 56xx series with AES-NI w/ Linux 3.16 under Hyper-V on Windows Server 2012 R2, 64-bit; Intel Xeon E5-26xx v2 series with AES-NI w/ Free BSD 8.4 32-bit; Intel Xeon E5-26xx v2 series with AES-NI w/ Free BSD 8.4 64-bit; Intel Core i7 [6th Generation] with AES-NI w/ Linux 3.13 64-bit; ARM v7-A with NEON extensions w/ Android 4.4; ARM v7-A with NEON extensions w/ Android 7; ARM v8-A with NEON extensions and AES/SHA Acceleration w/ Android 7; Intel Core i7 with AES-NI w/ Mac OS X 10.12 64-bit; ARM v8-A with NEON extensions w/ ViewSonic Thin OS ;  Intel Xeon E55xx Series w/ Linux 3.13 under XenServer 6 2/28/2017 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#3626 HMAC Val#2923

"Citrix FIPS Cryptographic Module provides cryptographic services for various Citrix products."

03/24/17: Updated vendor information;
06/27/17: Added new tested information;

1102
Section 5.2, SSH
SP800-135
Citrix Systems, Inc.
851 Cypress Creek Road
Fort Lauderdale, FL 33309
USA

-Ben Tucker
TEL: 954-267-3094

-Jonathan Andersen
TEL: 954-940-7737

Citrix FIPS Cryptographic Module - SSH-KDF

Version 1.0
ARM v8-A with NEON extensions and AES/SHA Acceleration w/ iOS 10 64-bit; ARM v7-A with NEON extensions w/ Android 5; Intel Core i7 [4th Generation] with AES-NI w/ Windows 10 32-bit; ARM v7-A with NEON extensions w/ Android 6; ARM v8-A with NEON extensions and AES/SHA Acceleration w/ Android 6; Intel Core i7 [6th Generation] with AES-NI w/ Windows 10 64-bit; ARM v8-A w/ Windows 10 Mobile 32-bit; Intel Xeon 56xx series with AES-NI w/ Linux 3.16 under XenServer 6, 64-bit; Intel Xeon 56xx series with AES-NI w/ Linux 3.16 under ESXi 5, 64-bit; Intel Xeon 56xx series with AES-NI w/ Linux 3.16 under Hyper-V on Windows Server 2012 R2, 64-bit; Intel Xeon E5-26xx v2 series with AES-NI w/ Free BSD 8.4 32-bit; Intel Xeon E5-26xx v2 series with AES-NI w/ Free BSD 8.4 64-bit; Intel Core i7 [6th Generation] with AES-NI w/ Linux 3.13 64-bit; ARM v7-A with NEON extensions w/ Android 4.4; ARM v7-A with NEON extensions w/ Android 7; ARM v8-A with NEON extensions and AES/SHA Acceleration w/ Android 7; Intel Core i7 with AES-NI w/ Mac OS X 10.12 64-bit; ARM v8-A with NEON extensions w/ ViewSonic Thin OS ;  Intel Xeon E55xx Series w/ Linux 3.13 under XenServer 6 2/28/2017 SSH (SHA 1 , 224 , 256 , 384 , 512 ) SHA Val#3626

"Citrix FIPS Cryptographic Module provides cryptographic services for various Citrix products."

03/24/17: Updated vendor information;
06/27/17: Added new tested information;

1101
Section 5.1,
ANS X9.63-2001
SP800-135
Citrix Systems, Inc.
851 Cypress Creek Road
Fort Lauderdale, FL 33309
USA

-Ben Tucker
TEL: 954-267-3094

-Jonathan Andersen
TEL: 954-940-7737

Citrix FIPS Cryptographic Module - ANSI X9.63 KDF

Version 1.0
ARM v8-A with NEON extensions and AES/SHA Acceleration w/ iOS 10 64-bit; ARM v7-A with NEON extensions w/ Android 5; Intel Core i7 [4th Generation] with AES-NI w/ Windows 10 32-bit; ARM v7-A with NEON extensions w/ Android 6; ARM v8-A with NEON extensions and AES/SHA Acceleration w/ Android 6; Intel Core i7 [6th Generation] with AES-NI w/ Windows 10 64-bit; ARM v8-A w/ Windows 10 Mobile 32-bit; Intel Xeon 56xx series with AES-NI w/ Linux 3.16 under XenServer 6, 64-bit; Intel Xeon 56xx series with AES-NI w/ Linux 3.16 under ESXi 5, 64-bit; Intel Xeon 56xx series with AES-NI w/ Linux 3.16 under Hyper-V on Windows Server 2012 R2, 64-bit; Intel Xeon E5-26xx v2 series with AES-NI w/ Free BSD 8.4 32-bit; Intel Xeon E5-26xx v2 series with AES-NI w/ Free BSD 8.4 64-bit; Intel Core i7 [6th Generation] with AES-NI w/ Linux 3.13 64-bit; ARM v7-A with NEON extensions w/ Android 4.4; ARM v7-A with NEON extensions w/ Android 7; ARM v8-A with NEON extensions and AES/SHA Acceleration w/ Android 7; Intel Core i7 with AES-NI w/ Mac OS X 10.12 64-bit; ARM v8-A with NEON extensions w/ ViewSonic Thin OS ;  Intel Xeon E55xx Series w/ Linux 3.13 under XenServer 6 2/28/2017 ANSX963_2001 (SHS 224 , 256 , 384 , 512 ) SHA Val#3626

"Citrix FIPS Cryptographic Module provides cryptographic services for various Citrix products."

03/24/17: Updated vendor information;
06/27/17: Added new tested information;

1100
Signature Generation of hash sized messages
FIPS186-4 ECDSA
Information Security Corp
1011 Lake St. Suite 425
Oak Park, IL 60118
USA

-Jonathan Schulze-Hewett
TEL: 708-445-1704
FAX: 708-445-9705

-Michael Markowitz
TEL: 708-445-1704
FAX: 708-445-9705

ISC Cryptographic Development Kit (CDK)

Version 8.0
Intel Core i7 with AES-NI w/ Windows Server 2012 R2 (64-bit) 2/10/2017 ECDSA SigGen Component: CURVES( P-256 P-384 P-521 )

"The ISC Cryptographic Development Kit (CDK) is a software development toolkit providing a comprehensive set of cryptographic primitives for use in any application. It includes RSA, DSA/Diffie-Hellman and elliptic curve algorithms, as well as a wide range of symmetric ciphers and hash functions."

1099
RSADP Primitive
FIPS186-4 RSA; RSADP
Information Security Corp
1011 Lake St. Suite 425
Oak Park, IL 60118
USA

-Jonathan Schulze-Hewett
TEL: 708-445-1704
FAX: 708-445-9705

-Michael Markowitz
TEL: 708-445-1704
FAX: 708-445-9705

ISC Cryptographic Development Kit (CDK)

Version 8.0
Intel Core i7 with AES-NI w/ Windows Server 2012 R2 (64-bit) 2/10/2017 RSADP: (Mod2048)

"The ISC Cryptographic Development Kit (CDK) is a software development toolkit providing a comprehensive set of cryptographic primitives for use in any application. It includes RSA, DSA/Diffie-Hellman and elliptic curve algorithms, as well as a wide range of symmetric ciphers and hash functions."

1098
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Information Security Corp
1011 Lake St. Suite 425
Oak Park, IL 60118
USA

-Jonathan Schulze-Hewett
TEL: 708-445-1704
FAX: 708-445-9705

-Michael Markowitz
TEL: 708-445-1704
FAX: 708-445-9705

ISC Cryptographic Development Kit (CDK)

Version 8.0
Intel Core i7 with AES-NI w/ Windows Server 2012 R2 (64-bit) 2/10/2017 Curves tested: P-256   P-384   P-521

"The ISC Cryptographic Development Kit (CDK) is a software development toolkit providing a comprehensive set of cryptographic primitives for use in any application. It includes RSA, DSA/Diffie-Hellman and elliptic curve algorithms, as well as a wide range of symmetric ciphers and hash functions."

1097
Section 5.1,
ANS X9.63-2001
SP800-135
Information Security Corp
1011 Lake St. Suite 425
Oak Park, IL 60118
USA

-Jonathan Schulze-Hewett
TEL: 708-445-1704
FAX: 708-445-9705

-Michael Markowitz
TEL: 708-445-1704
FAX: 708-445-9705

ISC Cryptographic Development Kit (CDK)

Version 8.0
Intel Core i7 with AES-NI w/ Windows Server 2012 R2 (64-bit) 2/10/2017 ANSX963_2001 (SHS 256 , 384 , 512 ) SHA Val#3625

"The ISC Cryptographic Development Kit (CDK) is a software development toolkit providing a comprehensive set of cryptographic primitives for use in any application. It includes RSA, DSA/Diffie-Hellman and elliptic curve algorithms, as well as a wide range of symmetric ciphers and hash functions."

1096
Section 5.2, SSH
SP800-135
Juniper Networks, Inc.
1133 Innovation Way
Sunnyvale, CA 94089
USA

-Pradeepa M R

-Vann (Vanna) Nguyen
TEL: 408-745-2000

JUNOS FIPS Version 15.1X49- OpenSSH

Version 15.1X49-D75 (Firmware)
Intel Xeon (C5518) 2/10/2017 SSH (SHA 1 , 256 , 384 ) SHA Val#3624

"Juniper Networks SRX Series Services Gateways provide the essential capabilities necessary to connect, secure, and manage enterprise and service provider networks, from the smallest sites to the largest headquarters and data centers."

1095
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
SP800-135
Juniper Networks, Inc.
1133 Innovation Way
Sunnyvale, CA 94089
USA

-Pradeepa M R

-Vann (Vanna) Nguyen
TEL: 408-745-2000

JUNOS FIPS Version 15.1X49- Authentec

Version 15.1X49-D75 (Firmware)
Broadcom XLP832 2/10/2017 IKEv1( AUTH( DSA , PSK ) ) ( 256 (SHA 256 , 384 ) ) ( 2048 (SHA 256 , 384 ) ) ( 384 (SHA 256 , 384 ) ) SHA Val#3621 HMAC Val#2919
IKEv2( ( 256 (SHA 256 , 384 ) ) ( 2048 (SHA 256 , 384 ) ) ( 384 (SHA 256 , 384 ) ) SHA Val#3621 HMAC Val#2919

"Juniper Networks SRX Series Services Gateways provide the essential capabilities necessary to connect, secure, and manage enterprise and service provider networks, from the smallest sites to the largest headquarters and data centers."

1094
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
OpenSSL Validation Services, Inc.
1829 Mount Ephraim Road
Adamstown, MD 21710
USA

-Steve Marquess
TEL: 301-874-2571

OpenSSL FIPS Object Module

Version 2.0.15
TI c64 w/ SurfWare 7.2 2/10/2017 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"The OpenSSL FIPS Object Module is a full featured general purpose cryptographic library that is distributed in source code form under an open source license. It can be downloaded from www.openssl.org/source/."

1093
RSADP Primitive
FIPS186-4 RSA; RSADP
Samsung Electronics Co., Ltd.
416, Maetan 3-Dong Youngton Gu
Suwon, Gyeonggi 152-848
South Korea

-Brian Wood
TEL: +1-973-440-9125

-Jung Ha Paik
TEL: +82-10-8861-0858

Samsung SCrypto Library

Version 2.0
Samsung Electronics Exynos8895 w/ Kinibi 400A (32-bit); Qualcomm MSM8998 w/ QSEE 4.0 (32-bit); Qualcomm MSM8998 w/ QSEE 4.0 (64-bit); Samsung Electronics Exynos7870 w/ Kinibi 310 (32-bit) 2/10/2017 RSADP: (Mod2048)

"Provide general purpose cryptographic services to TrustZone applications on the mobile platform for the protection of data in transit."

03/02/17: Added new tested information;
08/11/17: Added new tested information;

1092
Section 5.7.1.2: ECC CDH Primitive

All of SP800-56A EXCEPT KDF
SP800-56A

SP800-56A
Samsung Electronics Co., Ltd.
416, Maetan 3-Dong Youngton Gu
Suwon, Gyeonggi 152-848
South Korea

-Brian Wood
TEL: +1-973-440-9125

-Jung Ha Paik
TEL: +82-10-8861-0858

Samsung SCrypto Library

Version 2.0
Samsung Electronics Exynos8895 w/ Kinibi 400A (32-bit); Qualcomm MSM8998 w/ QSEE 4.0 (32-bit); Qualcomm MSM8998 w/ QSEE 4.0 (64-bit); Samsung Electronics Exynos7870 w/ Kinibi 310 (32-bit) 2/10/2017 Curves tested: P-224   P-256   P-384   P-521
FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: Ephem: (KARole: Initiator ) FB FC DSA Val#1169 SHS Val#3618 DRBG Val#1412
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: EphemUnified: (KARole: Initiator ) EC: P-256 ED: P-384 EE: P-521 ECDSA Val#1049 SHS Val#3618 DRBG Val#1412

"Provide general purpose cryptographic services to TrustZone applications on the mobile platform for the protection of data in transit."

03/02/17: Added new tested information;
06/22/17: Added new tested information;
08/11/17: Added new tested information;

1091
Section 5.2, SSH
SP800-135
Canonical Ltd.
5th Floor, Blue Fin Building, 110 Southwark Street
London, n/a SE1 0SU
United Kingdom

-Joy Latten

-Andrew Cloke

OpenSSH using SHA from CPACF

Version 1.0
z13 w/ Ubuntu 16.04 2/10/2017 SSH (SHA 1 , 256 , 384 , 512 ) SHA Val#3596

"This test covers KDF using SHA from CPACF"

1090
Section 5.2, SSH
SP800-135
Canonical Ltd.
5th Floor, Blue Fin Building, 110 Southwark Street
London, n/a SE1 0SU
United Kingdom

-Joy Latten

-Andrew Cloke

OpenSSH using SHA assembler

Version 1.0
z13 w/ Ubuntu 16.04 2/10/2017 SSH (SHA 1 , 256 , 384 , 512 ) SHA Val#3595

"This test covers KDF using SHA assembler"

1089
Section 5.2, SSH
SP800-135
Canonical Ltd.
5th Floor, Blue Fin Building, 110 Southwark Street
London, n/a SE1 0SU
United Kingdom

-Joy Latten

-Andrew Cloke

OpenSSH using SSSE3 for SHA

Version 1.0
Intel(R) Xeon(R) CPU E5-2620v3 w/ Ubuntu 16.04 2/10/2017 SSH (SHA 1 , 256 ) SHA Val#3598

"The test covers KDF using SSSE3 for SHA"

1088
Section 5.2, SSH
SP800-135
Canonical Ltd.
5th Floor, Blue Fin Building, 110 Southwark Street
London, n/a SE1 0SU
United Kingdom

-Joy Latten

-Andrew Cloke

OpenSSH using AVX2 for SHA

Version 1.0
Intel(R) Xeon(R) CPU E5-2620v3 w/ Ubuntu 16.04 2/10/2017 SSH (SHA 1 , 256 , 384 , 512 ) SHA Val#3597

"The test covers KDF using AVX2 for SHA"

1087
Section 5.2, SSH
SP800-135
Canonical Ltd.
5th Floor, Blue Fin Building, 110 Southwark Street
London, n/a SE1 0SU
United Kingdom

-Joy Latten

-Andrew Cloke

OpenSSH using SHA assembler

Version 1.0
Intel(R) Xeon(R) CPU E5-2620v3 w/ Ubuntu 16.04 2/10/2017 SSH (SHA 1 , 256 , 384 , 512 ) SHA Val#3599

"The test covers KDF using SHA assembler"

1086
Section 5.2, SSH
SP800-135
Canonical Ltd.
5th Floor, Blue Fin Building, 110 Southwark Street
London, n/a SE1 0SU
United Kingdom

-Joy Latten

-Andrew Cloke

OpenSSH using Power ISA v.2.07 for SHA

Version 1.0
POWER8 w/ Ubuntu 16.04 2/10/2017 SSH (SHA 256 , 384 , 512 ) SHA Val#3594

"This test covers KDF using Power ISA v.2.07 for SHA"

1085
Section 5.2, SSH
SP800-135
Canonical Ltd.
5th Floor, Blue Fin Building, 110 Southwark Street
London, n/a SE1 0SU
United Kingdom

-Joy Latten

-Andrew Cloke

OpenSSH using SHA assembler

Version 1.0
POWER8 w/ Ubuntu 16.04 2/10/2017 SSH (SHA 1 , 256 , 384 , 512 ) SHA Val#3593

"This test covers KDF using SHA assembler"

1084
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Comtech EF Data Corporation
2114 West 7th Street
Tempe, Arizona 85281
USA

-Kasra Akhavan-Toyserkani
TEL: (240) 243-1837
FAX: (240) 243-1853

-Parag Patel
TEL: (240) 243-1876
FAX: (240) 243-1853

TRANSEC Cryptographic Engine

Version 2.2.4 (Firmware)
AMCC PowerPC 440EP 2/10/2017 TLS( TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#3359 HMAC Val#2663
SSH (SHA 1 ) SHA Val#3359

"The Comtech EF Data FIPS Security Module features an FPGA to perform bulk encryption/decryption for Ethernet data traffic via Comtech Satellite Modems, as well as firmware to provide the cryptographic functions needed to act as a endpoint for TLS management and control traffic."

1083
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
NXP Semiconductors
Stresemannallee 101
Hamburg, Hamburg 22529
Germany

-Dr. Almar Kaid
TEL: + 49 (40) 5613 5123
FAX: + 49 (40) 5613 62773

P73N2M0 Crypto Library

Version 1.0.8
Part # p73n2m0b0.200
NXP p73n2m0 w/ n/a 2/10/2017 RSASP1: (Mod2048: PKCS1.5 )

"The NXP Crypto Library on the p73n2m0 HW-platform is a Cryptographic Library to be included in an operating system. It implements various algorithms protected against Side Channel and Fault Attacks at EAL 6+."

1082
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
NXP Semiconductors
Stresemannallee 101
Hamburg, Hamburg 22529
Germany

-Dr. Almar Kaid
TEL: + 49 (40) 5613 5123
FAX: + 49 (40) 5613 62773

P73N2M0 Crypto Library

Version 1.0.8
Part # p73n2m0b0.200
NXP p73n2m0 w/ n/a 2/10/2017 Curves tested: P-224   P-256   P-384   P-521

"The NXP Crypto Library on the p73n2m0 HW-platform is a Cryptographic Library to be included in an operating system. It implements various algorithms protected against Side Channel and Fault Attacks at EAL 6+."

1081
RSADP Primitive
FIPS186-4 RSA; RSADP
BiObex, LLC
11501 Sunset Hills Rd
Suite 200
Reston, VA 22190
USA

-Arthur Joyce
TEL: 571-313-0969

SAFE-Key device

Version 1.0.0.6 (Firmware)
STM32F415 2/10/2017 RSADP: (Mod2048)

"The SAFE-Key device is a USB-based hardware token; its primary purpose is two-factor authentication. The device supports three modalities: web-based two-factor authentication, two-factor authentication for protected file decryption and two-factor authentication for digital signature generation."

1080
Section 4.2,
TLS
Section 5.1,
ANS X9.63-2001
Section 5.3, SRTP
SP800-135
Secusmart GmbH
Heinrichstrasse 155
Düsseldorf, NRW 40239
Germany

-Thomas Schetelig
TEL: +49211447399701

-Markus Hauenstein
TEL: +49211447399157

SecuSUITE Client OpenSSL FIPS Object Module

Version 2.0.12
Samsung Exynos 8890 w/ Android 6.0.1; Apple A8 w/ iOS 9.3.5; Qualcomm MSM8960 w/ BlackBerry OS 10.3.3; Qualcomm MSM8974 w/ BlackBerry OS 10.3.3 2/3/2017 TLS( TLS1.2 (SHA 256 , 384 ) ) SHA Val#3610 HMAC Val#2910
ANSX963_2001 (SHS 256 ) SHA Val#3610
SRTP (AES 128 ) AES Val#4382

"SecuSUITE Client OpenSSL FIPS Object Module"

1079
All of SP800-56A EXCEPT KDF
SP800-56A
Secusmart GmbH
Heinrichstrasse 155
Düsseldorf, NRW 40239
Germany

-Thomas Schetelig
TEL: +49211447399701

-Markus Hauenstein
TEL: +49211447399157

SecuSUITE Client OpenSSL FIPS Object Module

Version 2.0.12
Samsung Exynos 8890 w/ Android 6.0.1; Apple A8 w/ iOS 9.3.5; Qualcomm MSM8960 w/ BlackBerry OS 10.3.3; Qualcomm MSM8974 w/ BlackBerry OS 10.3.3 2/3/2017 ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: EphemUnified: (KARole: Responder ) EC: P-256 ED: P-384 ECDSA Val#1046 SHS Val#3610 DRBG Val#1408

"SecuSUITE Client OpenSSL FIPS Object Module"

1078
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Secusmart GmbH
Heinrichstrasse 155
Düsseldorf, NRW 40239
Germany

-Thomas Schetelig
TEL: +49211447399701

-Markus Hauenstein
TEL: +49211447399157

secuSUITE SIP Server OpenSSL FIPS Object Module

Version 2.0.12
Intel Xeon E5-2620v3 CPU w/ Linux/CentOS v7 2/3/2017 TLS( TLS1.2 (SHA 256 ) ) SHA Val#3609 HMAC Val#2909
SSH (SHA 256 ) SHA Val#3609

"secuSUITE SIP Server OpenSSL FIPS Object Module"

1077
All of SP800-56A EXCEPT KDF
SP800-56A
Secusmart GmbH
Heinrichstrasse 155
Düsseldorf, NRW 40239
Germany

-Thomas Schetelig
TEL: +49211447399701

-Markus Hauenstein
TEL: +49211447399157

secuSUITE SIP Server OpenSSL FIPS Object Module

Version 2.0.12
Intel Xeon E5-2620v3 CPU w/ Linux/CentOS v7 2/3/2017 ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: EphemUnified: (KARole: Initiator ) EC: P-256 ED: P-384 ECDSA Val#1045 SHS Val#3609 DRBG Val#1407

"secuSUITE SIP Server OpenSSL FIPS Object Module"

1076 N/A
N/A
N/A, N/A
N/A

-N/A
TEL: N/A
FAX: N/A

-N/A
TEL: N/A
FAX: N/A

N/A

Version N/A
Part # N/A
N/A 2/3/2017

"N/A"

1075
All of SP800-56A EXCEPT KDF
SP800-56A
Aclara
Polígono. Ugaldeguren, 3 - Parcela P-27-4
Zamudio, Bizkaia 48170
Spain

-Oscar Lopez

SGM1400

Version 4.0.26 (Firmware)
n/a 2/3/2017 ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: StaticUnified: (KARole: Initiator / Responder ) EC: P-256 ECDSA Val#1019 SHS Val#3551 DRBG Val#1373

"Crypto algorithms as required per GBCS 0.9 spec."

1074
Section 4.2,
TLS
SP800-135
Allegro Software Development Corporation
1740 Massachusetts Avenue
Boxborough, MA 01719
USA

-Alan Presser
TEL: (978) 264-6600

Allegro Cryptographic Engine

Version 6.2
Intel Core i7 without AES-NI w/ Windows 10 Professional; Intel Core i7 with AES-NI w/ Windows 10 Professional; Intel Core i7 without AES-NI w/ Linux Mint 18; Intel Core i7 with AES-NI w/ Linux Mint 18 1/27/2017 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#3390 HMAC Val#2692

"The Allegro Cryptographic Engine (ACE) is a cryptographic library module for embedded computing systems. ACE provides software implementations of algorithms for calculations of message digests, digital signature creation and verification, bulk encryption and decryption, key generation and key exchange."

06/16/17: Updated implementation information;

1072
Section 4.2,
TLS
SP800-135
Hewlett Packard Enterprise Company
3000 Hanover Street
Palo Alto, CA 94304
USA

-Zhenyi Huang

HP NSVLE C API Library

Version 0.4
Intel(R) Xeon(R) E5-2640v3 w/ Debian Linux HPTE Version 7.9.1 1/27/2017 TLS( TLS1.0/1.1 ) SHA Val#3601 HMAC Val#2903

"Hewlett Packard's NonStop platform is used in complex computing environments, where business-critical applications need 24 x 7 availability, extreme scalability, and fault-tolerance. NonStop plays an important role in major industries and markets, including finance, healthcare, telecommunications, manufacturing, retail, and government."

03/03/17: Updated implementation information;

1071
Section 5.2, SSH
SP800-135
Juniper Networks, Inc.
1133 Innovation Way
Sunnyvale, CA 94089
USA

-Vann (Vanna) Nguyen
TEL: 408-745-2000

-Pradeepa M R

Junos FIPS Version Junos 15.1 X49 - OpenSSL

Version 15.1X49-D60
CN7020; CN7130; CN6335 1/27/2017 SSH (SHA 1 , 256 , 384 ) SHA Val#3600

"Juniper Networks SRX Series Services Gateways provide the essential capabilities necessary to connect, secure, and manage enterprise and service provider networks, from the smallest sites to the largest headquarters and data centers."

1070
Section 4.2,
TLS
SP800-135
Canonical Ltd.
5th Floor, Blue Fin Building, 110 Southwark Street
London, n/a SE1 0SU
United Kingdom

-Joy Latten

-Andrew Cloke

OpenSSL using SHA assembler

Version 1.0
Intel® Xeon® CPU E5-2620v3 w/ Ubuntu 16.04 1/27/2017 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#3599 HMAC Val#2901

"The test covers assembler of SHA for OpenSSL."

1069
Section 5.7.1.2: ECC CDH Primitive

All of SP800-56A EXCEPT KDF
SP800-56A

SP800-56A
Canonical Ltd.
5th Floor, Blue Fin Building, 110 Southwark Street
London, n/a SE1 0SU
United Kingdom

-Joy Latten

-Andrew Cloke

OpenSSL using SHA assembler

Version 1.0
Intel(R) Xeon(R) CPU E5-2620v3 w/ Ubuntu 16.04 1/27/2017 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571
FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation   Key Regeneration )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC DSA Val#1162 SHS Val#3599 DRBG Val#1397
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation   Partial Validation   Key Regeneration )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 ECDSA Val#1037 SHS Val#3599 DRBG Val#1397

"The test covers assembler of SHA for OpenSSL."

02/08/17: Updated implementation information;

1068
Section 4.2,
TLS

All of SP800-56A EXCEPT KDF
SP800-56A

SP800-135
Canonical Ltd.
5th Floor, Blue Fin Building, 110 Southwark Street
London, n/a SE1 0SU
United Kingdom

-Joy Latten

-Andrew Cloke

OpenSSL using SSSE3 for SHA

Version 1.0
Intel(R) Xeon(R) CPU E5-2620v3 w/ Ubuntu 16.04 1/27/2017 ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation   Partial Validation   Key Regeneration )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ECDSA Val#1036 SHS Val#3598 DRBG Val#1396
TLS( TLS1.0/1.1   TLS1.2 (SHA 256 ) ) SHA Val#3598 HMAC Val#2900

"The test covers the SHA using SSSE3 for OpenSSL."

02/08/17: Updated implementation information;

1067
Section 5.7.1.2: ECC CDH Primitive

All of SP800-56A EXCEPT KDF
SP800-56A

SP800-56A
Canonical Ltd.
5th Floor, Blue Fin Building, 110 Southwark Street
London, n/a SE1 0SU
United Kingdom

-Joy Latten

-Andrew Cloke

OpenSSL using SSSE3 for SHA

Version 1.0
Intel(R) Xeon(R) CPU E5-2620v3 w/ Ubuntu 16.04 1/27/2017 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571
FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation   Key Regeneration )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC DSA Val#1161 SHS Val#3598 DRBG Val#1396

"The test covers the SHA using SSSE3 for OpenSSL."

02/08/17: Updated implementation information;

1066
Section 4.2,
TLS
SP800-135
Canonical Ltd.
5th Floor, Blue Fin Building, 110 Southwark Street
London, n/a SE1 0SU
United Kingdom

-Joy Latten

-Andrew Cloke

OpenSSL using AVX2 for SHA

Version 1.0
Intel(R) Xeon(R) CPU E5-2620v3 w/ Ubuntu 16.04 1/27/2017 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#3597 HMAC Val#2899

"The test covers SHA using AVX2 for OpenSSL"

02/08/17: Updated implementation information;

1065
Section 5.7.1.2: ECC CDH Primitive

All of SP800-56A EXCEPT KDF
SP800-56A

SP800-56A
Canonical Ltd.
5th Floor, Blue Fin Building, 110 Southwark Street
London, n/a SE1 0SU
United Kingdom

-Joy Latten

-Andrew Cloke

OpenSSL using AVX2 for SHA

Version 1.0
Intel(R) Xeon(R) CPU E5-2620v3 w/ Ubuntu 16.04 1/27/2017 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571
FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation   Key Regeneration )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC DSA Val#1160 SHS Val#3597 DRBG Val#1395
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation   Partial Validation   Key Regeneration )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 ECDSA Val#1035 SHS Val#3597 DRBG Val#1395

"The test covers SHA using AVX2 for OpenSSL"

02/08/17: Updated implementation information;

1064
Section 4.2,
TLS
SP800-135
Canonical Ltd.
5th Floor, Blue Fin Building, 110 Southwark Street
London, n/a SE1 0SU
United Kingdom

-Joy Latten

-Andrew Cloke

OpenSSL using AES, SHA, GHASH and multiplication from CPACF

Version 1.0
z13 w/ Ubuntu 16.04 1/27/2017 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#3596 HMAC Val#2898

"The test covers the AES, SHA, GHASH and multiplication from CPACF for OpenSSL."

1063
Section 5.7.1.2: ECC CDH Primitive

All of SP800-56A EXCEPT KDF
SP800-56A

SP800-56A
Canonical Ltd.
5th Floor, Blue Fin Building, 110 Southwark Street
London, n/a SE1 0SU
United Kingdom

-Joy Latten

-Andrew Cloke

OpenSSL using AES, SHA, GHASH and multiplication from CPACF

Version 1.0
z13 w/ Ubuntu 16.04 1/27/2017 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation   Partial Validation   Key Regeneration )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 ECDSA Val#1034 SHS Val#3596 DRBG Val#1393

"The test covers the AES, SHA, GHASH and multiplication from CPACF for OpenSSL."

1062
All of SP800-56A EXCEPT KDF
SP800-56A
Canonical Ltd.
5th Floor, Blue Fin Building, 110 Southwark Street
London, n/a SE1 0SU
United Kingdom

-Joy Latten

-Andrew Cloke

OpenSSL using AES, SHA, GHASH and multiplication from CPACF

Version 1.0
z13 w/ Ubuntu 16.04 1/27/2017 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation   Key Regeneration )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC DSA Val#1159 SHS Val#3596 DRBG Val#1393

"The test covers the AES, SHA, GHASH and multiplication from CPACF for OpenSSL."

1061
Section 4.2,
TLS
SP800-135
Canonical Ltd.
5th Floor, Blue Fin Building, 110 Southwark Street
London, n/a SE1 0SU
United Kingdom

-Joy Latten

-Andrew Cloke

OpenSSL using AES, SHA, GHASH and multiplication assemblers

Version 1.0
z13 w/ Ubuntu 16.04 1/27/2017 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#3595 HMAC Val#2897

"The test covers the assembler implementation of AES, SHA, GHASH and multiplication."

1060
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Canonical Ltd.
5th Floor, Blue Fin Building, 110 Southwark Street
London, n/a SE1 0SU
United Kingdom

-Joy Latten

-Andrew Cloke

OpenSSL using AES, SHA, GHASH and multiplication assemblers

Version 1.0
z13 w/ Ubuntu 16.04 1/27/2017 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"The test covers the assembler implementation of AES, SHA, GHASH and multiplication."

1059
All of SP800-56A EXCEPT KDF
SP800-56A
Canonical Ltd.
5th Floor, Blue Fin Building, 110 Southwark Street
London, n/a SE1 0SU
United Kingdom

-Joy Latten

-Andrew Cloke

OpenSSL using AES, SHA, GHASH and multiplication assemblers

Version 1.0
z13 w/ Ubuntu 16.04 1/27/2017 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation   Key Regeneration )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC DSA Val#1158 SHS Val#3595 DRBG Val#1392
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation   Partial Validation   Key Regeneration )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 ECDSA Val#1033 SHS Val#3595 DRBG Val#1392

"The test covers the assembler implementation of AES, SHA, GHASH and multiplication."

1058
Section 4.2,
TLS
SP800-135
Canonical Ltd.
5th Floor, Blue Fin Building, 110 Southwark Street
London, n/a SE1 0SU
United Kingdom

-Joy Latten

-Andrew Cloke

OpenSSL using support from Power ISA 2.07 for AES and SHA

Version 1.0
Power8 w/ Ubuntu 16.04 1/27/2017 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#3594 HMAC Val#2896

"The test covers the using support from Power ISA 2.07 for AES and SHA for OpenSSL."

1057
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Canonical Ltd.
5th Floor, Blue Fin Building, 110 Southwark Street
London, n/a SE1 0SU
United Kingdom

-Joy Latten

-Andrew Cloke

OpenSSL using support from Power ISA 2.07 for AES and SHA

Version 1.0
Power8 w/ Ubuntu 16.04 1/27/2017 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"The test covers the using support from Power ISA 2.07 for AES and SHA for OpenSSL."

1056
All of SP800-56A EXCEPT KDF
SP800-56A
Canonical Ltd.
5th Floor, Blue Fin Building, 110 Southwark Street
London, n/a SE1 0SU
United Kingdom

-Joy Latten

-Andrew Cloke

OpenSSL using support from Power ISA 2.07 for AES and SHA

Version 1.0
Power8 w/ Ubuntu 16.04 1/27/2017 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation   Key Regeneration )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC DSA Val#1157 SHS Val#3594 DRBG Val#1391
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation   Partial Validation   Key Regeneration )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 ECDSA Val#1032 SHS Val#3594 DRBG Val#1391

"The test covers the using support from Power ISA 2.07 for AES and SHA for OpenSSL."

1055
Section 4.2,
TLS
SP800-135
Canonical Ltd.
5th Floor, Blue Fin Building, 110 Southwark Street
London, n/a SE1 0SU
United Kingdom

-Joy Latten

-Andrew Cloke

OpenSSL using assembler for AES and SHA

Version 1.0
Power8 w/ Ubuntu 16.04 1/27/2017 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#3593 HMAC Val#2895

"The test covers the assembler implementation of AES and SHA"

1054
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Canonical Ltd.
5th Floor, Blue Fin Building, 110 Southwark Street
London, n/a SE1 0SU
United Kingdom

-Joy Latten

-Andrew Cloke

OpenSSL using assembler for AES and SHA

Version 1.0
Power8 w/ Ubuntu 16.04 1/27/2017 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"The test covers the assembler implementation of AES and SHA"

1053
All of SP800-56A EXCEPT KDF
SP800-56A
Canonical Ltd.
5th Floor, Blue Fin Building, 110 Southwark Street
London, n/a SE1 0SU
United Kingdom

-Joy Latten

-Andrew Cloke

OpenSSL using assembler for AES and SHA

Version 1.0
Power8 w/ Ubuntu 16.04 1/27/2017 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation   Key Regeneration )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC DSA Val#1156 SHS Val#3593 DRBG Val#1390
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation   Partial Validation   Key Regeneration )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 ECDSA Val#1031 SHS Val#3593 DRBG Val#1390

"The test covers the assembler implementation of AES and SHA"

1052
All of SP800-56A EXCEPT KDF
SP800-56A
Getac Technology Corporation
5F., Building A, No. 209, Sec. 1, Nangang Rd., Nangang Dist.
Taipei City, n/a 11568
Taiwan

-Yu-Shian Chen
TEL: +886-2-27857888 Ext. 5675
FAX: +886-2-27865656

-Jeff Lin
TEL: +886-2-27857888 Ext. 5346
FAX: +886-2-27865656

Getac OpenSSL Cryptographic Library

Version 1.0.1k
Intel Atom w/ Android 5.1.1 1/27/2017 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: Ephem: (KARole: Initiator ) FB FC DSA Val#1155 SHS Val#3590 DRBG Val#1389
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: EphemUnified: (KARole: Initiator ) EC: P-256 ED: P-384 ECDSA Val#1030 SHS Val#3590 DRBG Val#1389

"Getac OpenSSL Cryptographic Library provides a variety of cryptographic services via OpenSSL FIPS module for Getac products."

1051
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
SP800-135
Juniper Networks, Inc.
1133 Innovation Way
Sunnyvale, CA 94089
USA

-Vann (Vanna) Nguyen
TEL: 408-745-2000

-Pradeepa M R

Junos FIPS Version Junos 15.1 X49 - Authentec

Version 15.1 X49-D60 (Firmware)
Cavium Octeon III (CN7020); Cavium Octeon III (CN7130); Cavium Octeon II (CN6335) 1/19/2017 IKEv1( AUTH( DSA , PSK ) ) ( 256 (SHA 1 , 256 , 384 ) ) ( 2048 (SHA 1 , 256 , 384 ) ) ( 384 (SHA 1 , 256 , 384 ) ) SHA Val#3582 HMAC Val#2885
IKEv2( ( 256 (SHA 1 , 256 , 384 ) ) ( 2048 (SHA 1 , 256 , 384 ) ) ( 384 (SHA 1 , 256 , 384 ) ) SHA Val#3582 HMAC Val#2885

"Juniper Networks SRX Series Services Gateways provide the essential capabilities necessary to connect, secure, and manage enterprise and service provider networks, from the smallest sites to the largest headquarters and data centers."

02/09/17: Updated implementation information;
03/05/17: Added new tested information;

1050
Section 4.1.2,
IKEv2
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Hamid Sobouti
TEL: 408-333-4150
FAX: 408-333-8101

Brocade Cryptographic Library used in the interface module

Version BRCD-LP-CRYPTO-VER-1.0 (Firmware)
Freescale 1199 MHz Power PC processor P2010E 1/19/2017 IKEv2( ( 224 (SHA 256 , 384 ) ) ( 384 (SHA 256 , 384 ) ) ( 2048 (SHA 256 , 384 ) ) SHA Val#934 HMAC Val#2883

"Brocade cryptographic library used in the IPSec module implements crypto operations in the hardware and in software. The Brocade MLXe series provides industry leading wire-speed port capacity without comprimising the preformance of advanced capabilities such as IPSec, IKEv2, IPv6, MPLS and MPLS Virtual Private Networks (VPNs)."

1049
All of SP800-56A EXCEPT KDF
SP800-56A
Oceus Networks, Inc.
1895 Preston White Drive
Suite 300
Reston, Virginia 20191
USA

-Sharman Palos
TEL: 214-778-6360
FAX: 214-778-6341

-Chris Hill
TEL: 214-778-6386
FAX: 214-778-6341

Oceus Networks VPN Client

Version 2.0
Exynos 7420 w/ Android 6.0; Qualcomm MSM8996 w/ Android 6.0 1/19/2017 FFC: SCHEMES: Ephem: (KARole: Initiator ) FB FC DSA Val#1153 SHS Val#2313 DRBG Val#460
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: EphemUnified: (KARole: Initiator ) EC: P-256 ED: P-384 EE: P-521 ECDSA Val#1028 SHS Val#2313

"Oceus Networks, Inc., a trusted CSfC Integrator, has built the Oceus Networks VPN (Oceus VPN Client) as a complete, full-featured solution that allows Android OEMs to easily integrate VPN functionality into mobile devices that need to establish encrypted tunnels of communication."

1048
Section 4.1.2,
IKEv2
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Cisco Systems, Inc.
170 West Tasman Dr.
San Jose, CA 95134
USA

-Global Certification Team

Adaptive Security Appliance (ASA) OS

Version 9.6
Intel Xeon E5 w/ ESXi 5.5; Intel Xeon Eseries w/ ESXi 5.5 1/19/2017 IKEv2( ( 2048 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#3579 HMAC Val#2882
TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#3579 HMAC Val#2882
SSH (SHA 1 ) SHA Val#3579

"The Cisco ASAv delivers robust user and application policy enforcement, multi-vector attack protection, and secure connectivity services in cost-effective, easy-to-deploy solutions. The ASAv provide comprehensive security, performance, and reliability for network environment."

03/31/17: Updated implementation information;

1047
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Dell, Inc
5450 Great America Parkway
Santa Clara, CA 95054
US

-Srihari Mandava

Dell OpenSSL Cryptographic Library

Version 2.4
ARM Cortex A9 w/ Dell Networking Operating System 9.11(0.0); FreeScale PowerPC e500 w/ Dell Networking Operating System 9.11(0.0); Intel Atom C2000 w/ Dell Networking Operating System 9.11(0.0) 1/13/2017 TLS( TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#3556 HMAC Val#2853
SSH (SHA 1 , 224 , 256 , 384 , 512 ) SHA Val#3556

"Dell OpenSSL Cryptographic Library v2.4 provides a variety of cryptographic services used by Dell''s Data Center hardened Dell Networking OS management and routing features."

1046
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Pulse Secure LLC
2700 Zanker Road Suite 200
San Jose, CA 95134
USA

-Vikki Yin Wei
TEL: +1-844-807-8573
FAX: +1-408-503-7452

-Yvonne Sang
TEL: +1-844-807-8573
FAX: +1-408-503-7452

Pulse Secure Cryptographic Module ECC CDH

Version 2.0
MAG2600 Intel Atom, N270, 1.6GHz w/ IVE OS 2.0 (32-bit); MAG4610, SM160 Intel Core 2 Duo E2160 1.8Ghz w/ IVE OS 2.0 (64-bit); MAG6610, SM360 Intel Core-2 Quad Q9400 2.66GHz w/ IVE OS 2.0 (64-bit); PSA300, PSA3000 Intel Celeron Processor J1900 2.42 GHz w/ IVE OS 2.0 (64-bit); PSA5000 Intel PENTIUM G3420 2C/2T 3.2G w/ IVE OS 2.0 (64-bit); PSA7000f, PSA7000c Intel Xeon E3-1275v3(x86) w/ IVE OS 2.0 (64-bit); Dell Power Edge R430/R530, Intel Xeon E5-2620 v4 2.1GHz w/ IVE OS 2.0 (64-bit); PSA7000f, PSA7000c Intel Xeon E3-1275v3(x86) w/ Pulse One version 2.0 (64-bit) 1/13/2017 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"The Pulse Secure Cryptographic Module provides secure cryptographic services. It enables dynamic SSL VPN, NAC, mobile security, online meetings and collaboration, and application acceleration while removing the complexities of device type and security state, location, identity, and adherence to policies."

02/09/17: Updated implementation information;

1045
RSADP Primitive
FIPS186-4 RSA; RSADP
ST Microelectronics (Protonworld)
Green Square Building B, Lambroekstraat 5
Diegem/Machelen, n/a B-1831
Belgium

-Olivier COLLART
TEL: +32 272 450 77
FAX: +32 272 451 43

-Fabien ARRIVE
TEL: +33 223 470 633
FAX: +33 223 470 400

ST33TPHF2ESPI

Part # ST33HTPH2E28AAF1
N/A 1/13/2017 RSADP: (Mod2048)

"ST Microelectronics Trusted Platform Module is a hardware cryptographic module which implements advanced cryptographic algorithms, including symmetric and asymmetric cryptography, as well as key generation and random number generation as defined by the Trusted Computing Group (TCG) version 1.2 and version 2.0 specifications."

1044
Section 5.5, TPM
SP800-135
ST Microelectronics (Protonworld)
Green Square Building B, Lambroekstraat 5
Diegem/Machelen, n/a B-1831
Belgium

-Olivier COLLART
TEL: +32 272 450 77
FAX: +32 272 451 43

-Fabien ARRIVE
TEL: +33 223 470 633
FAX: +33 223 470 400

ST33TPHF2ESPI

Version 49.00 (Firmware)
SecureCore SC300 1/13/2017 TPM SHA1 Val#3539 HMAC_SHA1 Val#2870

"ST Microelectronics Trusted Platform Module is a hardware cryptographic module which implements advanced cryptographic algorithms, including symmetric and asymmetric cryptography, as well as key generation and random number generation as defined by the Trusted Computing Group (TCG) version 1.2 and version 2.0 specifications."

1043
RSADP Primitive
FIPS186-4 RSA; RSADP
ST Microelectronics (Protonworld)
Green Square Building B, Lambroekstraat 5
Diegem/Machelen, n/a B-1831
Belgium

-Olivier COLLART
TEL: +32 272 450 77
FAX: +32 272 451 43

-Fabien ARRIVE
TEL: +33 223 470 633
FAX: +33 223 470 400

ST33TPHF2EI2C

Part # ST33HTPH2E28AHA8
N/A 1/13/2017 RSADP: (Mod2048)

"ST Microelectronics Trusted Platform Module is a hardware cryptographic module which implements advanced cryptographic algorithms, including symmetric and asymmetric cryptography, as well as key generation and random number generation as defined by the Trusted Computing Group (TCG) version 1.2 and version 2.0 specifications."

1041
RSADP Primitive
FIPS186-4 RSA; RSADP
ST Microelectronics (Protonworld)
Green Square Building B, Lambroekstraat 5
Diegem/Machelen, n/a B-1831
Belgium

-Olivier COLLART
TEL: +32 272 450 77
FAX: +32 272 451 43

-Fabien ARRIVE
TEL: +33 223 470 633
FAX: +33 223 470 400

ST33TPHF20SPI

Part # ST33HTPH2028AAF3
N/A 1/13/2017 RSADP: (Mod2048)

"ST Microelectronics Trusted Platform Module is a hardware cryptographic module which implements advanced cryptographic algorithms, including symmetric and asymmetric cryptography, as well as key generation and random number generation as defined by the Trusted Computing Group (TCG) version 2.0 specification."

08/08/17: Updated implementation information;

1040
RSADP Primitive
FIPS186-4 RSA; RSADP
ST Microelectronics (Protonworld)
Green Square Building B, Lambroekstraat 5
Diegem/Machelen, n/a B-1831
Belgium

-Olivier COLLART
TEL: +32 272 450 77
FAX: +32 272 451 43

-Fabien ARRIVE
TEL: +33 223 470 633
FAX: +33 223 470 400

ST33TPHF20I2C

Part # ST33HTPH2E28AHA9
N/A 1/13/2017 RSADP: (Mod2048)

"ST Microelectronics Trusted Platform Module is a hardware cryptographic module which implements advanced cryptographic algorithms, including symmetric and asymmetric cryptography, as well as key generation and random number generation as defined by the Trusted Computing Group (TCG) version 2.0 specification."

1039
Signature Generation of hash sized messages
FIPS186-4 ECDSA
DocuSign, Inc.
221 Main St.
Suite 1000
San Francisco, CA 94105
USA

-Ezer Farhi
TEL: 972-3-9279529
FAX: 972-3-9230864

-Moshe Harel
TEL: 972-3-9279578
FAX: 972-3-9230864

PrivateServer

Version 5.0.0 (Firmware)
Part # 5.0
Intel® E3-1268LV3 Quad-Core 1/13/2017 ECDSA SigGen Component: CURVES( P-256 P-384 P-521 )

"PrivateServer performs sensitive cryptographic operations internally in a tamper-proof, high performance device. PrivateServer is configured as a network server or as a cryptographic backend to a host."

1038
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
LG Electronics, Inc.
20 Yoido-dong
Youngdungpo-gu
Seoul, n/a 152-721
Republic of Korea

-Jongseong Kim
TEL: 82-10-4535-0110
FAX: 82-2-6950-2080

LG BoringSSL

Version 1.0
Snapdragon 821 (8996 Pro) w/ Android 7.0 1/13/2017 Curves tested: P-224   P-256   P-384   P-521

"General-purpose cryptographic services available for Android used by LG devices to provide secured services to applications via the LG BoringSSL module, which is a full featured general purpose cryptographic library."

1037
All of SP800-56A EXCEPT KDF
SP800-56A
LG Electronics, Inc.
20 Yoido-dong
Youngdungpo-gu
Seoul, n/a 152-721
Republic of Korea

-Jongseong Kim
TEL: 82-10-4535-0110
FAX: 82-2-6950-2080

LG BoringSSL

Version 1.0
Snapdragon 821 (8996 Pro) w/ Android 7.0 1/13/2017 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: Ephem: (KARole: Initiator ) FB FC DSA Val#1151 SHS Val#3572 DRBG Val#1381
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: EphemUnified: (KARole: Initiator ) EC: P-256 ED: P-384 EE: P-521 ECDSA Val#1024 SHS Val#3572 DRBG Val#1381

"General-purpose cryptographic services available for Android used by LG devices to provide secured services to applications via the LG BoringSSL module, which is a full featured general purpose cryptographic library."

04/12/17: Added new tested information;

1036
Section 4.1.2,
IKEv2
Section 5.2, SSH
SP800-135
HUAWEI TECHNOLOGIES Co., Ltd.
Yuhuatai District
101 Software Avenue
NANJING, JIANGSU 210000
CHINA

-Yang Ze
TEL: 8615919432118

-yinhuilin
TEL: 8618952017596

HFCL

Version V300R003C22SPC805 (Firmware)
Cavium CN6120; Cavium CN6130; Cavium CN5650; Cavium CN6880; Freescale p1025 1/6/2017 IKEv2( ( 2048 (SHA 1 , 256 , 384 , 512 ) ) ( 2048 (SHA 1 , 256 , 384 , 512 ) ) ( 2048 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#3565 HMAC Val#2861
SSH (SHA 1 ) SHA Val#3565

"Huawei FIPS Cryptographic Library (HFCL) provides FIPS approved Cryptographic functions to Huawei products via an Application Programming Interface (API)."

1035
RSADP Primitive
FIPS186-4 RSA; RSADP
Infineon Technologies AG
Alter Postweg 101
Augsburg, BY 86159
Germany

-Roland Ebrecht
TEL: +49-821-25851-68
FAX: +49-821-25851-40

-Thomas Hoffmann
TEL: +49-821-25851-24
FAX: +49-821-25851-40

Trusted Platform Module 2.0 SLB 9670

Version 7.80 (Firmware)
Part # SLB 9670
Infineon SLB 9670 security controller IC 12/23/2016 RSADP: (Mod2048)

"Infineon Trusted Platform Module 2.0 SLB9670 is an implementation according to the TPM Main Specification Version 2.0 Revision 01.16 Errata Version 1.4 by Trusted Computing Group."

1034
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Infineon Technologies AG
Alter Postweg 101
Augsburg, BY 86159
Germany

-Roland Ebrecht
TEL: +49-821-25851-68
FAX: +49-821-25851-40

-Thomas Hoffmann
TEL: +49-821-25851-24
FAX: +49-821-25851-40

Trusted Platform Module 2.0 SLB 9670

Version 7.80 (Firmware)
Part # SLB 9670
Infineon SLB 9670 security controller IC 12/23/2016 RSASP1: (Mod2048: PKCS1.5 )

"Infineon Trusted Platform Module 2.0 SLB9670 is an implementation according to the TPM Main Specification Version 2.0 Revision 01.16 Errata Version 1.4 by Trusted Computing Group."

1033
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Infineon Technologies AG
Alter Postweg 101
Augsburg, BY 86159
Germany

-Roland Ebrecht
TEL: +49-821-25851-68
FAX: +49-821-25851-40

-Thomas Hoffmann
TEL: +49-821-25851-24
FAX: +49-821-25851-40

Trusted Platform Module 2.0 SLB 9670

Version 7.80 (Firmware)
Part # SLB 9670
Infineon SLB 9670 security controller IC 12/23/2016 Curves tested: P-256

"Infineon Trusted Platform Module 2.0 SLB9670 is an implementation according to the TPM Main Specification Version 2.0 Revision 01.16 Errata Version 1.4 by Trusted Computing Group."

1032
RSADP Primitive
FIPS186-4 RSA; RSADP
Infineon Technologies AG
Alter Postweg 101
Augsburg, BY 86159
Germany

-Roland Ebrecht
TEL: +49-821-25851-68
FAX: +49-821-25851-40

-Thomas Hoffmann
TEL: +49-821-25851-24
FAX: +49-821-25851-40

Trusted Platform Module 2.0 SLB 9660, SLB 9665

Version 5.80 (Firmware)
Part # SLB 9660/9665
Infineon SLB 9660 or SLB 9665 security controller IC 12/23/2016 RSADP: (Mod2048)

"Infineon Trusted Platform Module 2.0 SLB 9660/ SLB 9665 is an implementation according to the TPM Main Specification Version 2.0 Revision 01.16 Errata Version 1.4 by Trusted Computing Group."

1031
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Infineon Technologies AG
Alter Postweg 101
Augsburg, BY 86159
Germany

-Roland Ebrecht
TEL: +49-821-25851-68
FAX: +49-821-25851-40

-Thomas Hoffmann
TEL: +49-821-25851-24
FAX: +49-821-25851-40

Trusted Platform Module 2.0 SLB 9660, SLB 9665

Version 5.80 (Firmware)
Part # SLB 9660/9665
Infineon SLB 9660 or SLB 9665 security controller IC 12/23/2016 RSASP1: (Mod2048: PKCS1.5 )

"Infineon Trusted Platform Module 2.0 SLB 9660/ SLB 9665 is an implementation according to the TPM Main Specification Version 2.0 Revision 01.16 Errata Version 1.4 by Trusted Computing Group."

1030
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Infineon Technologies AG
Alter Postweg 101
Augsburg, BY 86159
Germany

-Roland Ebrecht
TEL: +49-821-25851-68
FAX: +49-821-25851-40

-Thomas Hoffmann
TEL: +49-821-25851-24
FAX: +49-821-25851-40

Trusted Platform Module 2.0 SLB 9660, SLB 9665

Version 5.80 (Firmware)
Part # SLB 9660/9665
Infineon SLB 9660 or SLB 9665 security controller IC 12/23/2016 Curves tested: P-256

"Infineon Trusted Platform Module 2.0 SLB 9660/ SLB 9665 is an implementation according to the TPM Main Specification Version 2.0 Revision 01.16 Errata Version 1.4 by Trusted Computing Group."

1029
Section 4.1.2,
IKEv2
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Hamid Sobouti
TEL: 408-333-4150
FAX: 408-333-8101

Brocade Cryptographic Library used in the interface module

Version BRCD-LP-CRYPTO-VER-1.0a (Firmware)
Freescale 1199 MHz Power PC processor P2010E 12/23/2016 IKEv2( ( 224 (SHA 256 , 384 ) ) ( 384 (SHA 256 , 384 ) ) ( 2048 (SHA 256 , 384 ) ) SHA Val#934 HMAC Val#2848

"Brocade cryptographic library used in the IPSec module implements crypto operations in the hardware and in software. The Brocade MLXe series provides industry leading wire-speed port capacity without comprimising the preformance of advanced capabilities such as IPSec, IKEv2, IPv6, MPLS and MLPS Virtual Private Networks (VPNs)."

03/06/17: Updated implementation information;
05/19/17: Updated implementation information;
05/23/17: Updated implementation information;

1028
Section 4.1.2,
IKEv2
SP800-135
Fatpipe, Inc.
4455 S 700 E STE 100
Salt Lake City, UT 84107
USA

-Matt Gwyther
TEL: 801-281-3434
FAX: 801-281-0317

MPVPN

Version 9-1-2-fips
Intel(R) Xeon(R) CPU E3-1220 v5 @ 3.00GHz w/o AES-NI w/ LFS (Linux from scratch) 1.1.0 x86 64 Pure64 12/23/2016 IKEv2( ( 2048 (SHA 256 ) ) ( 2048 (SHA 256 ) ) SHA Val#3549 HMAC Val#2846

"Fatpipe MPVPN(R), a patented router clustering device, is an essential part of Disaster Recovery and Business Continuity Planning for Virtual Private Network (VPN) connectivity. It is integrated with several User Space cryptographic algorithms and other security mechanisms."

07/11/17: Updated implementation information;

1027
All of SP800-56A EXCEPT KDF
SP800-56A
Fatpipe, Inc.
4455 S 700 E STE 100
Salt Lake City, UT 84107
USA

-Matt Gwyther
TEL: 801-281-3434
FAX: 801-281-0317

MPVPN

Version 9-1-2-fips
Intel(R) Xeon(R) CPU E3-1220 v5 @ 3.00GHz w/o AES-NI w/ LFS (Linux from scratch) 1.1.0 x86 64 Pure64 12/23/2016 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FC DSA Val#1149 SHS Val#3549 DRBG Val#1372

"Fatpipe MPVPN®, a patented router clustering device, is an essential part of Disaster Recovery and Business Continuity Planning for Virtual Private Network (VPN) connectivity. It is integrated with several User Space cryptographic algorithms and other security mechanisms."

07/11/17: Updated implementation information;

1026
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Intel Corporation
2200 Mission College Blvd.
Santa Clara, California 95054
USA

-Mark Hanson
TEL: 972.963.7326

McAfee OpenSSL FIPS Object Module

Version 1.0.0
Intel Xeon w/ Linux 3.10 on VMware ESXi 5.5 12/23/2016 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"The McAfee OpenSSL FIPS Object Module provides cryptographic services for Intel Security products."

1025
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Certicom Corp.
4701 Tahoe Blvd, Building A, 5th Floor
Missisauga, ON L4W 0B5
Canada

-Certicom Sales
TEL: 1-905-507-4220
FAX: 1-905-507-4230

-Certicom Support
TEL: 1-905-507-4220
FAX: 1-905-508-4230

Security Builder FIPS Core

Version 5.6.2
Qualcomm Snapdragon 801 w/ BlackBerry 10; Qualcomm Snapdragon S4 w/ BlackBerry 10; Qualcomm Snapdragon S4 Pro w/ BlackBerry 10 12/23/2016 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571

"Security Builder® FIPS Core provides application developers with cryptographic tools to easily integrate encryption, digital signatures and other security mechanisms into C-based applications for FIPS 140-2 and Suite B security. It can also be used with Certicom''s PKI, IPSec, SSL and DRM modules."

1024
All of SP800-56A EXCEPT KDF
SP800-56A
RSA, The Security Division of EMC
174 Middlesex Turnpike
Bedford, MA 01730
USA

-Sandy Carielli
TEL: 781-515-7510

RSA BSAFE® Crypto-J JSAFE and JCE Software Module

Version 6.2
Intel Core i7 w/ Windows 8.1 (64-bit); NVIDIA Tegra 3 w/ Android 4.1.2; Intel Xeon w/ CentOS 6.7 ;  Intel Xeon w/ CentOS 6.7 12/23/2016 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC DSA Val#932 SHS Val#2701 DRBG Val#722
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 ECDSA Val#619 SHS Val#2701 DRBG Val#722

"RSA BSAFE Crypto-J security software is designed to help protect sensitive data as it is stored using strong encryption techniques to provide a persistent level of protection. It supports a wide range of industry standard encryption algorithms offering Java developers the flexibility to choose the option most appropriate to meet their requirements"

1023
Section 4.1.2,
IKEv2
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Cisco Systems, Inc.
170 West Tasman Dr.
San Jose, CA 95134
USA

-Global Certification Team

FX-OS

Version 2.0 (Firmware)
Intel Xeon E3-11XX 12/23/2016 IKEv2( ( 2048 (SHA 1 ) ) SHA Val#3546 HMAC Val#2843
TLS( TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#3546 HMAC Val#2843
SSH (SHA 1 , 224 , 256 , 384 , 512 ) SHA Val#3546
SNMP SHA1 Val#3546

"Cisco Firepower eXtensible Operating System (FX-OS) version 2.0, a next-generation network and content security solutions."

1022
Signature Generation of hash sized messages
FIPS186-4 ECDSA
Distech Controls, Inc.
4205 Place de Java
Brossard, QC J4Y 0C4
Canada

-Dominic Gagnon
TEL: 450-444-9898 Ext.231
FAX: 450-444-0770

-François Gervais
TEL: 450-444-9898 Ext.263
FAX: 450-444-0770

Distech Java Cryptographic Library

Version 1.0 (Firmware)
AM335x Cortex-A8 (ARMv7) /w NEON 12/23/2016 ECDSA SigGen Component: CURVES( P-224 P-256 P-384 P-521 K-233 K-283 K-409 K-571 B-233 B-283 B-409 B-571 )

"The Distech Java Cryptographic Library is a general purpose cryptographic library used by Distech Controls products including the Eclypse series of controllers."

1021
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Distech Controls, Inc.
4205 Place de Java
Brossard, QC J4Y 0C4
Canada

-Dominic Gagnon
TEL: 450-444-9898 Ext.231
FAX: 450-444-0770

-François Gervais
TEL: 450-444-9898 Ext.263
FAX: 450-444-0770

Distech Java Cryptographic Library

Version 1.0 (Firmware)
AM335x Cortex-A8 (ARMv7) /w NEON 12/23/2016 RSASP1: (Mod2048: PKCS1.5 )

"The Distech Java Cryptographic Library is a general purpose cryptographic library used by Distech Controls products including the Eclypse series of controllers."

1020
Section 4.1.2,
IKEv2
Section 4.2,
TLS
Section 5.1,
ANS X9.63-2001
Section 5.2, SSH
Section 5.3, SRTP
SP800-135
Distech Controls, Inc.
4205 Place de Java
Brossard, QC J4Y 0C4
Canada

-Dominic Gagnon
TEL: 450-444-9898 Ext.231
FAX: 450-444-0770

-François Gervais
TEL: 450-444-9898 Ext.263
FAX: 450-444-0770

Distech Java Cryptographic Library

Version 1.0 (Firmware)
AM335x Cortex-A8 (ARMv7) /w NEON 12/23/2016 IKEv2( ( 224 (SHA 1 , 224 , 256 , 384 , 512 ) ) ( 8192 (SHA 1 , 224 , 256 , 384 , 512 ) ) ( 2048 (SHA 1 , 224 , 256 , 384 , 512 ) ) SHA Val#3545 HMAC Val#2842
TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#3545 HMAC Val#2842
ANSX963_2001 (SHS 224 , 256 , 384 , 512 ) SHA Val#3545
SSH (SHA 1 , 224 , 256 , 384 , 512 ) SHA Val#3545
SRTP (AES 128 , 192 , 256 ) AES Val#4306

"The Distech Java Cryptographic Library is a general purpose cryptographic library used by Distech Controls products including the Eclypse series of controllers."

1019
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Hewlett Packard Enterprise
8000 Foothills Blvd
Roseville, CA 95747
USA

-Susan Scotten
TEL: 916-785-8742

Aruba 2920 switch

Version WB.16.02.0015 (Firmware)
TriCore ARM11 processor 12/23/2016 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 512 ) ) SHA Val#3544 HMAC Val#2841
SSH (SHA 1 , 256 ) SHA Val#3544
SNMP SHA1 Val#3544

"Aruba 2920 switch"

1018
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Hewlett Packard Enterprise
8000 Foothills Blvd
Roseville, CA 95747
USA

-Susan Scotten
TEL: 916-785-8742

Aruba 5400r switch

Version KB.16.02.0015 (Firmware)
P2020 12/23/2016 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 512 ) ) SHA Val#3543 HMAC Val#2840
SSH (SHA 1 ) SHA Val#3543
SNMP SHA1 Val#3543

"Aruba 5400r switch"

1017
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Senetas Corporation Ltd, distributed by Gemalto NV (SafeNet)
312 Kings Way
South Melbourne, Victoria 3025
Australia

-John Weston
TEL: +61 3 9868 4555
FAX: +61 3 9821 4899

CN4010, CN4020, CN6010 and CN6140 Series Common Crypto Library

Version 3.0.0 (Firmware)
ARM Cortex A9 12/23/2016 TLS( TLS1.0/1.1 ) SHA Val#3542 HMAC Val#2839
SSH (SHA 1 , 256 , 384 , 512 ) SHA Val#3542
SNMP SHA1 Val#3542

"The CN4010, CN4020, CN6010 and CN6140 Series Common Crypto Library Module provides FIPS 140-2 approved cryptographic algorithms for CN4010, CN4020, CN6010 and CN6140 Series Encryptors. Based upon OpenSSL the Common Crypto Library provides an Application Programming Interface (API) to support security relevant services."

1016
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Senetas Corporation Ltd, distributed by Gemalto NV (SafeNet) and ID Quantique SA
312 Kings Way
South Melbourne, Victoria 3205
Australia

-John Weston
TEL: +61 3 9868 4555
FAX: +61 3 9821 4899

CN8000 Series Common Crypto Library

Version 3.0.0 (Firmware)
Intel Xeon 12/23/2016 TLS( TLS1.0/1.1 ) SHA Val#3541 HMAC Val#2838
SSH (SHA 1 , 256 , 384 , 512 ) SHA Val#3541
SNMP SHA1 Val#3541

"The CN8000 Series Common Crypto Library Module provides FIPS 140-2 approved cryptographic algorithms for CN8000 Series Encryptors. Based upon OpenSSL the Common Crypto Library provides an Application Programming Interface (API) to support security relevant services."

1015
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Senetas Corporation Ltd, distributed by Gemalto NV (SafeNet)
312 Kings Way
South Melbourne, Victoria 3025
Australia

-John Weston
TEL: +61 3 9868 4555
FAX: +61 3 9821 4899

CN6000 Series Common Crypto Library

Version 3.0.0 (Firmware)
Intel ATOM 12/23/2016 TLS( TLS1.0/1.1 ) SHA Val#3540 HMAC Val#2837
SSH (SHA 1 , 256 , 384 , 512 ) SHA Val#3540
SNMP SHA1 Val#3540

"The CN6000 Series Common Crypto Library Module provides FIPS 140-2 approved cryptographic algorithms for CN6000 Series Encryptors. Based upon OpenSSL the Common Crypto Library provides an Application Programming Interface (API) to support security relevant services."

1014
Signature Generation of hash sized messages
FIPS186-4 ECDSA
Feitian Technologies Co., Ltd
Floor 17, Tower B, Huizhi Mansion
No.9 Xueqing Road
Haidian, Beijing 100085
China

-PENG Jie
TEL: +8610 62304466-419
FAX: +8610 62304477

-WenSheng Ju
TEL: +8610 62304466-527
FAX: +8610 62304477

Asymmetric algorithm

Part # Crypto@2304T/V2
N/A 12/23/2016 ECDSA SigGen Component: CURVES( P-256 )

"The Crypto@2304T coprocessor is used for RSA and ECDSA processing."

1013
Signature Generation of hash sized messages
FIPS186-4 ECDSA
Arista Networks Inc.
5453 Great America Pkwy
Santa Clara, CA 95054
USA

-Richard Whitney
TEL: 703-627-6092
FAX: 408-538-8920

Arista EOS Crypto Module

Version v1.0
AMD Athlon NEO X2 w/ EOS v4; Intel Sandy Bridge EN w/ EOS v4; Intel Broadwell-DE w/ EOS v4; AMD G Series: eKabini w/ EOS v4 12/23/2016 ECDSA SigGen Component: CURVES( P-256 P-384 P-521 )

"The Arista EOS Crypto Module library implements a variety of FIPS approved algorithms to ensure that data can be transported, encrypted, and hashed in a secure manner."

1012
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Arista Networks Inc.
5453 Great America Pkwy
Santa Clara, CA 95054
USA

-Richard Whitney
TEL: 703-627-6092
FAX: 408-538-8920

Arista EOS Crypto Module

Version v1.0
AMD Athlon NEO X2 w/ EOS v4; Intel Sandy Bridge EN w/ EOS v4; Intel Broadwell-DE w/ EOS v4; AMD G Series: eKabini w/ EOS v4; AMD G Series: Steppe Eagle w/ EOS v4 12/23/2016 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#3516 HMAC Val#2816
SSH (SHA 1 , 224 , 256 , 384 , 512 ) SHA Val#3516

"The Arista EOS Crypto Module library implements a variety of FIPS approved algorithms to ensure that data can be transported, encrypted, and hashed in a secure manner."

1011
Section 5.1,
ANS X9.63-2001
SP800-135
Renesas Electronics Corporation
5-20-1 Jousuihon-cho
Kodaira-shi, Tokyo 187-8588
Japan

-Kazuhiko Fukushima
TEL: +81-42-312-6470
FAX: +81-42-328-4374

Trusted System for R-Car_W2H

Version 1.0 (Firmware)
R-Car W2H 12/16/2016 ANSX963_2001 (SHS 256 ) SHA Val#3239

""Trusted System for R-Car_W2H" provides cryptographic functions. This firmware works by using the HW security module "U11IP15001E0" implemented on "R-Car W2H"."

1010
All of SP800-56A EXCEPT KDF
SP800-56A
Apple Inc.
1 Infinite Loop
Cupertino, CA 95014
USA

-Shawn Geddis
TEL: (669)227-3579
FAX: (866)315-1954

Apple iOS CoreCrypto Module (Generic)

Version 7.0
Apple A732 w/ iOS 10 12/16/2016 ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: OnePassDH: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 ECDSA Val#997 SHS Val#3514 DRBG Val#1339 HMAC Val#2813

"Cryptographic library offering various cryptographic mechanisms to Apple frameworks. The testing applies to user space and generic, non-optimized software."

1009 N/A N/A N/A N/A N/A 12/16/2016 N/A
1008
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134
USA

-Global Certification Team

FMC FOM

Version 6.0 (Firmware)
Intel Xeon E3 series;Intel Xeon E5 2600 series; Intel Xeon E5600 series ;  Intel Atom C25XX; Intel Pentium/Core i3; Intel Xeon 5xxx; Intel Xeon 34xx; Intel Atom D2xxx; Intel Pentium B9xx 12/16/2016 TLS( TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#3512 HMAC Val#2811
SSH (SHA 1 , 256 , 384 , 512 ) SHA Val#3512
SNMP SHA1 Val#3512

"A fault-tolerant, purpose-built network appliance that provides a centralized management console and database repository for your Firepower System deployment. FMC has a range of device management, event storage, host monitoring and user monitoring capabilities."

02/09/17: Updated implementation information;
03/31/17: Updated implementation information;
08/03/17: Updated implementation information;

1007
All of SP800-56A EXCEPT KDF
SP800-56A
Mocana Corporation
20 California Street
San Francisco, CA 94111
USA

-Srinivas Kumar
TEL: 1-415-617-0055
FAX: 1-415-617-0056

Mocana Cryptographic Library

Version 6.4.1f
Intel Atom E3800 w/ Wind River Linux 6.0 12/16/2016 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   KPG )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC DSA Val#1140 SHS Val#3511 DRBG Val#1336 HMAC Val#2810
ECC:
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 ECDSA Val#994 SHS Val#3511 DRBG Val#1336 HMAC Val#2810

"The Mocana Cryptographic Module is the engine of Mocana''s Device Security Framework - a software framework that secures all aspects of a system. The Device Security Framework helps applications and device designers reduce development costs and dramatically enhance cryptographic performance. For details see www.mocana.com"

1006
Section 4.2,
TLS
SP800-135
Barco n.v.
Beneluxpark 21
Kortrijk, n/a 8500
Belgium

-Jean-Paul Schafer
TEL: +32 4 267 69 22
FAX: +32 4 267 69 99

SM

Version 1.01 (Firmware)
Part # BG140778
Freescale QorIQ P2040 Power-PC 12/16/2016 TLS( TLS1.0/1.1 ) SHA Val#3491 HMAC Val#2790

"Embedded software implementation using the OpenSSL library."

1005
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
VMware, Inc.
3401 Hillview Ave
Palo Alto, CA 94303
USA

-Eric Betts
TEL: 408-891-0590

-Michael McKay
TEL: 408-891-0590

VMware Java JCE (Java Cryptographic Extension) Module

Version BC FIPS 1.0.0
Intel Xeon E5 w/ NSX Controller 6.3.0 OS with Java JRE 1.7 running on VMware vSphere Hypervisor (ESXi) 6.0; Intel Xeon E5 w/ NSX Edge 6.3.0 OS with Java JRE 1.7 running on VMware vSphere Hypervisor (ESXi) 6.0; Intel Xeon E5 w/ NSX Manager 6.3.0 OS with Java JRE 1.7 running on VMware vSphere Hypervisor (ESXi) 6.0 12/16/2016 RSASP1: (Mod2048: PKCS1.5 )

"The VMware Java JCE (Java Cryptographic Extension) Module (VMware JCE Module) is a software cryptographic module containing a set of cryptographic functions."

1004
Signature Generation of hash sized messages
FIPS186-4 ECDSA
VMware, Inc.
3401 Hillview Ave
Palo Alto, CA 94303
USA

-Eric Betts
TEL: 408-891-0590

-Michael McKay
TEL: 408-891-0590

VMware Java JCE (Java Cryptographic Extension) Module

Version BC FIPS 1.0.0
Intel Xeon E5 w/ NSX Controller 6.3.0 OS with Java JRE 1.7 running on VMware vSphere Hypervisor (ESXi) 6.0; Intel Xeon E5 w/ NSX Edge 6.3.0 OS with Java JRE 1.7 running on VMware vSphere Hypervisor (ESXi) 6.0; Intel Xeon E5 w/ NSX Manager 6.3.0 OS with Java JRE 1.7 running on VMware vSphere Hypervisor (ESXi) 6.0 12/16/2016 ECDSA SigGen Component: CURVES( P-224 P-256 P-384 P-521 K-233 K-283 K-409 K-571 B-233 B-283 B-409 B-571 )

"The VMware Java JCE (Java Cryptographic Extension) Module (VMware JCE Module) is a software cryptographic module containing a set of cryptographic functions."

1003
Section 4.1.2,
IKEv2
Section 4.2,
TLS
Section 5.1,
ANS X9.63-2001
Section 5.2, SSH
Section 5.3, SRTP
SP800-135
VMware, Inc.
3401 Hillview Ave
Palo Alto, CA 94303
USA

-Eric Betts
TEL: 408-891-0590

-Michael McKay
TEL: 408-891-0590

VMware Java JCE (Java Cryptographic Extension) Module

Version BC FIPS 1.0.0
Intel Xeon E5 w/ NSX Controller 6.3.0 OS with Java JRE 1.7 running on VMware vSphere Hypervisor (ESXi) 6.0; Intel Xeon E5 w/ NSX Edge 6.3.0 OS with Java JRE 1.7 running on VMware vSphere Hypervisor (ESXi) 6.0; Intel Xeon E5 w/ NSX Manager 6.3.0 OS with Java JRE 1.7 running on VMware vSphere Hypervisor (ESXi) 6.0 12/16/2016 IKEv2( ( 224 (SHA 1 , 224 , 256 , 384 , 512 ) ) ( 8192 (SHA 1 , 224 , 256 , 384 , 512 ) ) ( 2048 (SHA 1 , 224 , 256 , 384 , 512 ) ) SHA Val#3490 HMAC Val#2788
TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#3490 HMAC Val#2788
ANSX963_2001 (SHS 224 , 256 , 384 , 512 ) SHA Val#3490
SSH (SHA 1 , 224 , 256 , 384 , 512 ) SHA Val#3490
SRTP (AES 128 , 192 , 256 ) AES Val#4252

"The VMware Java JCE (Java Cryptographic Extension) Module (VMware JCE Module) is a software cryptographic module containing a set of cryptographic functions."

1002
Section 4.1.2,
IKEv2
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Cisco Systems, Inc.
170 West Tasman Dr.
San Jose, CA 95134
USA

-Global Certification Team

Adaptive Security Appliance (ASA) OS

Version 9.6 (Firmware)
Intel Aton C25xx; Intel Pentium/Core i3; Intel Xeon 34xx; Intel Xeon 5xxx; Intel Xeon E5-26xx 12/16/2016 IKEv2( ( 2048 (SHA 256 , 384 , 512 ) ) SHA Val#3486 HMAC Val#2787
TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#3486 HMAC Val#2787
SSH (SHA 1 ) SHA Val#3486

"The Cisco ASA Security Appliance Series delivers robust user and application policy enforcement, multi-vector attack protection, and secure connectivity services in cost-effective, easy-to-deploy solutions. The ASA 5500 Series Adaptive Security Appliances provide comprehensive security, performance, and reliability for network environment."

12/23/16: Updated implementation information;
01/06/17: Added new tested information;

1001
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480

Brocade FIPS Crypto Library

Version FOS 8.1.0 (Firmware)
MPC8548 12/9/2016 Curves tested: P-256   P-384

"Brocade Cryptographic Library is used in Brocade FOS-based switches to implement the cryptographic-related modules."

08/03/17: Updated implementation information;

1000
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480

Brocade FIPS Crypto Library

Version FOS 8.1.0 (Firmware)
MPC8548 12/9/2016 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 ) ) SHA Val#3484 HMAC Val#2785
SSH (SHA 1 , 224 , 256 , 384 , 512 ) SHA Val#3484
SNMP SHA1 Val#3484

"Brocade Cryptographic Library is used in Brocade FOS-based switches to implement the cryptographic-related modules."

999
All of SP800-56A EXCEPT KDF
SP800-56A
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480

Brocade FIPS Crypto Library

Version FOS 8.1.0 (Firmware)
MPC8548 12/9/2016 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FC DSA Val#1137 SHS Val#3484 DRBG Val#1326
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 ECDSA Val#987 SHS Val#3484 DRBG Val#1326

"Brocade Cryptographic Library is used in Brocade FOS-based switches to implement the cryptographic-related modules."

08/03/17: Updated implementation information;

998
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480

Brocade FIPS Crypto Library

Version FOS 8.1.0 (Firmware)
PPC440EPX 12/9/2016 Curves tested: P-256   P-384

"Brocade Cryptographic Library is used in Brocade FOS-based switches to implement the cryptographic-related modules."

08/09/17: Updated implementation information;

997
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480

Brocade FIPS Crypto Library

Version FOS 8.1.0 (Firmware)
PPC440EPX 12/9/2016 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 ) ) SHA Val#3483 HMAC Val#2784
SSH (SHA 1 , 224 , 256 , 384 , 512 ) SHA Val#3483
SNMP SHA1 Val#3483

"Brocade Cryptographic Library is used in Brocade FOS-based switches to implement the cryptographic-related modules."

996
All of SP800-56A EXCEPT KDF
SP800-56A
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480

Brocade FIPS Crypto Library

Version FOS 8.1.0 (Firmware)
PPC440EPX 12/9/2016 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FC DSA Val#1324 SHS Val#3483 DRBG Val#1325
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 ECDSA Val#986 SHS Val#3483 DRBG Val#1325

"Brocade Cryptographic Library is used in Brocade FOS-based switches to implement the cryptographic-related modules."

08/03/17: Updated implementation information;

995
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480

Brocade FIPS Crypto Library

Version FOS 8.1.0 (Firmware)
T1022 12/9/2016 Curves tested: P-256   P-384

"Brocade Cryptographic Library is used in Brocade FOS-based switches to implement the cryptographic-related modules."

08/03/17: Updated implementation information;

994
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480

Brocade FIPS Crypto Library

Version FOS 8.1.0 (Firmware)
T1022 12/9/2016 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 ) ) SHA Val#3481 HMAC Val#2782
SSH (SHA 1 , 224 , 256 , 384 , 512 ) SHA Val#3481
SNMP SHA1 Val#3481

"Brocade Cryptographic Library is used in Brocade FOS-based switches to implement the cryptographic-related modules."

993
All of SP800-56A EXCEPT KDF
SP800-56A
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480

Brocade FIPS Crypto Library

Version FOS 8.1.0 (Firmware)
T1022 12/9/2016 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FC DSA Val#1134 SHS Val#3481 DRBG Val#1323
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 ECDSA Val#984 SHS Val#3481 DRBG Val#1323

"Brocade Cryptographic Library is used in Brocade FOS-based switches to implement the cryptographic-related modules."

06/13/17: Updated implementation information;
07/11/17: Updated implementation information;
08/03/17: Updated implementation information;

992
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480

Brocade FIPS Crypto Library

Version FOS 8.1.0 (Firmware)
P4080 12/9/2016 Curves tested: P-256   P-384

"Brocade Cryptographic Library is used in Brocade FOS-based switches to implement the cryptographic-related modules."

08/03/17: Updated implementation information;

991
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480

Brocade FIPS Crypto Library

Version FOS 8.1.0 (Firmware)
P4080 12/9/2016 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 ) ) SHA Val#3480 HMAC Val#2781
SSH (SHA 1 , 224 , 256 , 384 , 512 ) SHA Val#3480
SNMP SHA1 Val#3480

"Brocade Cryptographic Library is used in Brocade FOS-based switches to implement the cryptographic-related modules."

990
All of SP800-56A EXCEPT KDF
SP800-56A
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480

Brocade FIPS Crypto Library

Version FOS 8.1.0 (Firmware)
P4080 12/9/2016 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FC DSA Val#1133 SHS Val#3480 DRBG Val#1322
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 ECDSA Val#983 SHS Val#3480 DRBG Val#1322

"Brocade Cryptographic Library is used in Brocade FOS-based switches to implement the cryptographic-related modules."

08/03/17: Updated implementation information;

989
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480

Brocade FIPS Crypto Library

Version FOS 8.1.0 (Firmware)
P3041 12/9/2016 Curves tested: P-256   P-384

"Brocade Cryptographic Library is used in Brocade FOS-based switches to implement the cryptographic-related modules."

08/03/17: Updated implementation information;

988
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480

Brocade FIPS Crypto Library

Version FOS 8.1.0 (Firmware)
P3041 12/9/2016 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 ) ) SHA Val#3479 HMAC Val#2780
SSH (SHA 1 , 224 , 256 , 384 , 512 ) SHA Val#3479
SNMP SHA1 Val#3479

"Brocade Cryptographic Library is used in Brocade FOS-based switches to implement the cryptographic-related modules."

987
All of SP800-56A EXCEPT KDF
SP800-56A
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480

Brocade FIPS Crypto Library

Version FOS 8.1.0 (Firmware)
P3041 12/9/2016 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FC DSA Val#1132 SHS Val#3479 DRBG Val#1321
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 ECDSA Val#982 SHS Val#3479 DRBG Val#1321

"Brocade Cryptographic Library is used in Brocade FOS-based switches to implement the cryptographic-related modules."

08/03/17: Updated implementation information;

986
Section 4.1.2,
IKEv2
Section 4.2,
TLS
Section 5.2, SSH
Section 5.3, SRTP
Section 5.4, SNMP
SP800-135
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134
USA

-Clint Winebrenner
TEL: 1 919 392 6520

CiscoSSL FIPS Object Module

Version 11.7
Snapdragon 820 w/ Android version 6 12/9/2016 IKEv2( ( 2048 (SHA 1 ) ) SHA Val#3478 HMAC Val#2779
TLS( TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#3478 HMAC Val#2779
SSH (SHA 1 , 224 , 256 , 384 , 512 ) SHA Val#3478
SRTP (AES 128 , 192 , 256 ) AES Val#4240
SNMP SHA1 Val#3478

"tbd"

985
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Distech Controls, Inc.
4205 Place de Java
Brossard, QC J4Y 0C4
Canada

-Dominic Gagnon
TEL: 450-444-9898 Ext.231
FAX: 450-444-0770

-François Gervais
TEL: 450-444-9898 Ext.263
FAX: 450-444-0770

Distech SSL Cryptographic Library

Version 1.0 (Firmware)
AM335x Cortex-A8 (ARMv7) /w NEON 12/9/2016 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"The Distech SSL Cryptographic Library is a general purpose cryptographic library used by Distech Controls products including the Eclypse series of controllers."

984
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134
USA

-Global Certification Team

CiscoSSL FIPS Object Module (Assembler)

Version 6.2
Cavium Octeon MIPS64 w/ Linux 2.6; Cavium Octeon MIPS64 w/ Linux 3.10 12/9/2016 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"The Cisco FIPS Object Module is a software library that provides cryptographic services to a vast array of Cisco''''s networking and collaboration products."

983
Section 4.1.2,
IKEv2
Section 4.2,
TLS
Section 5.2, SSH
Section 5.3, SRTP
Section 5.4, SNMP
SP800-135
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134
USA

-Global Certification Team

CiscoSSL FIPS Object Module (Assembler)

Version 6.2
Cavium Octeon MIPS64 w/ Linux 2.6; Cavium Octeon MIPS64 w/ Linux 3.10 12/9/2016 IKEv2( ( 2048 (SHA 1 ) ) SHA Val#3471 HMAC Val#2772
TLS( TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#3471 HMAC Val#2772
SSH (SHA 1 , 224 , 256 , 384 , 512 ) SHA Val#3471
SRTP (AES 128 , 192 , 256 ) AES Val#4234
SNMP SHA1 Val#3471

"The Cisco FIPS Object Module is a software library that provides cryptographic services to a vast array of Cisco''''s networking and collaboration products."

982
Section 4.1.2,
IKEv2
Section 4.2,
TLS
Section 5.2, SSH
Section 5.3, SRTP
Section 5.4, SNMP
SP800-135
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134
USA

-Global Certification Team

CiscoSSL FIPS Object Module

Version 6.2
ARMv8 w/ Android 3.10; ARMv8 w / Apple iOS 9; Intel Xeon w/ FreeBSD 10.3; Intel Core i5 without AES-Ni w/ Windows 10; Intel Core i5 with AES-Ni w/ Windows 10; Cavium Octeon MIPS64 w/ Linux 2.6; Intel Core i5 without AES-Ni w/ Linux 3.10; Intel Core i5 with AES-Ni w/ Linux 3.10 12/9/2016 IKEv2( ( 2048 (SHA 1 ) ) SHA Val#3470 HMAC Val#2771
TLS( TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#3470 HMAC Val#2771
SSH (SHA 1 , 224 , 256 , 384 , 512 ) SHA Val#3470
SRTP (AES 128 , 192 , 256 ) AES Val#4233
SNMP SHA1 Val#3470

"The Cisco FIPS Object Module is a software library that provides cryptographic services to a vast array of Cisco''''s networking and collaboration products."

981
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134
USA

-Global Certification Team

CiscoSSL FIPS Object Module

Version 6.2
ARMv8 w/ Android 3.10; ARMv8 w / Apple iOS 9; Intel Xeon w/ FreeBSD 10.3; Intel Core i5 without AES-Ni w/ Windows 10; Intel Core i5 with AES-Ni w/ Windows 10; Cavium Octeon MIPS64 w/ Linux 2.6; Intel Core i5 without AES-Ni w/ Linux 3.10; Intel Core i5 with AES-Ni w/ Linux 3.10 12/9/2016 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"The Cisco FIPS Object Module is a software library that provides cryptographic services to a vast array of Cisco''''s networking and collaboration products."

980
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
Section 4.2,
TLS
SP800-135
Ciena Corporation
7035 Ridge Road
Hanover, MD 21076
USA

-Patrick Scully
TEL: 613-670-3207

Ciena 6500 Flex3 WaveLogic 3e OCLD Cryptography Engine

Version 2.01 (Firmware)
Xilinx XC7Z020 12/9/2016 IKEv1( AUTH( PKE ) ) ( 224 (SHA 1 , 256 ) ) ( 384 (SHA 1 , 256 ) ) ( 2048 (SHA 1 , 256 ) ) SHA Val#3469 HMAC Val#2770
IKEv2( ( 224 (SHA 1 , 256 , 384 ) ) ( 384 (SHA 256 , 384 ) ) ( 2048 (SHA 1 , 256 , 384 ) ) SHA Val#3469 HMAC Val#2770
TLS( TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#3469 HMAC Val#2770

"The Ciena 6500 Packet-Optical Platform Flex3 WaveLogic 3e OCLD Encryption Module offers an integrated transport encryption solution providing protocol-agnostic 100Gb/s or 200Gb/s wirespeed encryption service for enterprises, datacenters, government and also offered through service providers as differentiated managed service."

979
All of SP800-56A EXCEPT KDF
SP800-56A
Apple Inc.
1 Infinite Loop
Cupertino, CA 95014
USA

-Shawn Geddis
TEL: (669)227-3579
FAX: (866)315-1954

Apple OSX CoreCrypto Module (Generic)

Version 7.0
Intel Xeon 32 bit w/ MacOS Sierra 12/9/2016 ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: OnePassDH: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 ECDSA Val#975 SHS Val#3467 DRBG Val#1306

"Cryptographic library offering various cryptographic mechanisms to Apple frameworks. The testing applies to user space and generic, non-optimized software."

978
All of SP800-56A EXCEPT KDF
SP800-56A
Apple Inc.
1 Infinite Loop
Cupertino, CA 95014
USA

-Shawn Geddis
TEL: (669)227-3579
FAX: (866)315-1954

Apple OSX CoreCrypto Module (Generic)

Version 7.0
Intel Xeon w/ MacOS Sierra 12/9/2016 ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: OnePassDH: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 ECDSA Val#974 SHS Val#3466 DRBG Val#1305

"Cryptographic library offering various cryptographic mechanisms to Apple frameworks. The testing applies to user space and generic, non-optimized software."

977
All of SP800-56A EXCEPT KDF
SP800-56A
Apple Inc.
1 Infinite Loop
Cupertino, CA 95014
USA

-Shawn Geddis
TEL: (669)227-3579
FAX: (866)315-1954

Apple OSX CoreCrypto Module (Generic)

Version 7.0
Intel i7 32 bit w/ MacOS Sierra 12/9/2016 ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: OnePassDH: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 ECDSA Val#973 SHS Val#3465 DRBG Val#1304

"Cryptographic library offering various cryptographic mechanisms to Apple frameworks. The testing applies to user space and generic, non-optimized software."

976
All of SP800-56A EXCEPT KDF
SP800-56A
Apple Inc.
1 Infinite Loop
Cupertino, CA 95014
USA

-Shawn Geddis
TEL: (669)227-3579
FAX: (866)315-1954

Apple OSX CoreCrypto Module (Generic)

Version 7.0
Intel i5 32 bit w/ MacOS Sierra 12/9/2016 ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: OnePassDH: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 ECDSA Val#972 SHS Val#3464 DRBG Val#1303

"Cryptographic library offering various cryptographic mechanisms to Apple frameworks. The testing applies to user space and generic, non-optimized software."

975
All of SP800-56A EXCEPT KDF
SP800-56A
Apple Inc.
1 Infinite Loop
Cupertino, CA 95014
USA

-Shawn Geddis
TEL: (669)227-3579
FAX: (866)315-1954

Apple OSX CoreCrypto Module (Generic)

Version 7.0
Intel i7 w/ MacOS Sierra 12/9/2016 ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: OnePassDH: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 ECDSA Val#971 SHS Val#3463 DRBG Val#1302

"Cryptographic library offering various cryptographic mechanisms to Apple frameworks. The testing applies to user space and generic, non-optimized software."

974
All of SP800-56A EXCEPT KDF
SP800-56A
Apple Inc.
1 Infinite Loop
Cupertino, CA 95014
USA

-Shawn Geddis
TEL: (669)227-3579
FAX: (866)315-1954

Apple OSX CoreCrypto Module (Generic)

Version 7.0
Intel i5 w/ MacOS Sierra 12/9/2016 ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: OnePassDH: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 ECDSA Val#970 SHS Val#3462 DRBG Val#1301

"Cryptographic library offering various cryptographic mechanisms to Apple frameworks. The testing applies to user space and generic, non-optimized software."

973
All of SP800-56A EXCEPT KDF
SP800-56A
Apple Inc.
1 Infinite Loop
Cupertino, CA 95014
USA

-Shawn Geddis
TEL: (669)227-3579
FAX: (866)315-1954

Apple OSX CoreCrypto Module (Generic)

Version 7.0
Intel Core M 32 bit w/ MacOS Sierra 12/9/2016 ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: OnePassDH: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 ECDSA Val#969 SHS Val#3461 DRBG Val#1300

"Cryptographic library offering various cryptographic mechanisms to Apple frameworks. The testing applies to user space and generic, non-optimized software."

972
All of SP800-56A EXCEPT KDF
SP800-56A
Apple Inc.
1 Infinite Loop
Cupertino, CA 95014
USA

-Shawn Geddis
TEL: (669)227-3579
FAX: (866)315-1954

Apple OSX CoreCrypto Module (Generic)

Version 7.0
Intel Core M w/ MacOS Sierra 12/9/2016 ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: OnePassDH: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 ECDSA Val#968 SHS Val#3460 DRBG Val#1299

"Cryptographic library offering various cryptographic mechanisms to Apple frameworks. The testing applies to user space and generic, non-optimized software."

971
All of SP800-56A EXCEPT KDF
SP800-56A
Mocana Corporation
20 California Street
San Francisco, CA 94111
USA

-Srinivas Kumar
TEL: 415-617-0055
FAX: 415-617-0056

Mocana Cryptographic Library

Version 6.4.1f
Freescale P2020 w/ Mentor Graphics Linux 4.0 12/2/2016 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   KPG )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC DSA Val#1115 SHS Val#3375 DRBG Val#1232 HMAC Val#2679
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   KPG )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 ECDSA Val#928 SHS Val#3375 DRBG Val#1232 HMAC Val#2679

"The Mocana Cryptographic Module is the engine of Mocana''s Device Security Framework - a software framework that secures all aspects of a system. The Device Security Framework helps applications and device designers reduce development costs and dramatically enhance cryptographic performance. For details see www.mocana.com."

970
Section 4.2,
TLS
SP800-135
Aviat Networks
5200 Great America Parkway
Santa Clara, California 95054
USA

-Ruth French
TEL: +44 1698 717200

Secure Management

Version 7.7 (Firmware)
Motorola MPC866 12/2/2016 TLS( TLS1.2 (SHA 256 ) ) SHA Val#3328 HMAC Val#2634

"Eclipse Intelligent Node Unit (INUe). The module provides data security by encrypting the payload traffic on the microwave link between up to three radios. It also provides the Strong Encryption Suite for secure module management and uses AES encryption to secure SNMP v3 management traffic."

969
All of SP800-56A EXCEPT KDF
SP800-56A
Apple Inc.
1 Infinite Loop
Cupertino, CA 95014
USA

-Shawn Geddis
TEL: (669)227-3579
FAX: (866)315-1954

Apple iOS CoreCrypto Module (Generic)

Version 7.0
Apple A10 32bit w/ iOS 10 12/2/2016 ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: OnePassDH: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 ECDSA Val#967 SHS Val#3443 DRBG Val#1286 HMAC Val#2745

"Cryptographic library offering various cryptographic mechanisms to Apple frameworks. The testing applies to user space and generic, non-optimized software."

968
All of SP800-56A EXCEPT KDF
SP800-56A
Apple Inc.
1 Infinite Loop
Cupertino, CA 95014
USA

-Shawn Geddis
TEL: (669)227-3579
FAX: (866)315-1954

Apple iOS CoreCrypto Module (Generic)

Version 7.0
Apple A832 w/ iOS 10 12/2/2016 ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: OnePassDH: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 ECDSA Val#966 SHS Val#3430 DRBG Val#1285 HMAC Val#2732

"Cryptographic library offering various cryptographic mechanisms to Apple frameworks. The testing applies to user space and generic, non-optimized software."

967
All of SP800-56A EXCEPT KDF
SP800-56A
Apple Inc.
1 Infinite Loop
Cupertino, CA 95014
USA

-Shawn Geddis
TEL: (669)227-3579
FAX: (866)315-1954

Apple iOS CoreCrypto Module (Generic)

Version 7.0
Apple A932 w/ iOS 10 12/2/2016 ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: OnePassDH: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 ECDSA Val#965 SHS Val#3429 DRBG Val#1284 HMAC Val#2731

"Cryptographic library offering various cryptographic mechanisms to Apple frameworks. The testing applies to user space and generic, non-optimized software."

966
All of SP800-56A EXCEPT KDF
SP800-56A
Apple Inc.
1 Infinite Loop
Cupertino, CA 95014
USA

-Shawn Geddis
TEL: (669)227-3579
FAX: (866)315-1954

Apple iOS CoreCrypto Module (Generic)

Version 7.0
Apple A10 w/ iOS 10 12/2/2016 ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: OnePassDH: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 ECDSA Val#964 SHS Val#3428 DRBG Val#1283 HMAC Val#2730

"Cryptographic library offering various cryptographic mechanisms to Apple frameworks. The testing applies to user space and generic, non-optimized software."

965
All of SP800-56A EXCEPT KDF
SP800-56A
Apple Inc.
1 Infinite Loop
Cupertino, CA 95014
USA

-Shawn Geddis
TEL: (669)227-3579
FAX: (866)315-1954

Apple iOS CoreCrypto Module (Generic)

Version 7.0
Apple A9X32 w/ iOS 10 12/2/2016 ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: OnePassDH: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 ECDSA Val#963 SHS Val#3427 DRBG Val#1282 HMAC Val#2729

"Cryptographic library offering various cryptographic mechanisms to Apple frameworks. The testing applies to user space and generic, non-optimized software."

964
All of SP800-56A EXCEPT KDF
SP800-56A
Apple Inc.
1 Infinite Loop
Cupertino, CA 95014
USA

-Shawn Geddis
TEL: (669)227-3579
FAX: (866)315-1954

Apple iOS CoreCrypto Module (Generic)

Version 7.0
Apple A9 w/ iOS 10 12/2/2016 ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: OnePassDH: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 ECDSA Val#962 SHS Val#3426 DRBG Val#1279 HMAC Val#2728

"Cryptographic library offering various cryptographic mechanisms to Apple frameworks. The testing applies to user space and generic, non-optimized software."

963
All of SP800-56A EXCEPT KDF
SP800-56A
Apple Inc.
1 Infinite Loop
Cupertino, CA 95014
USA

-Shawn Geddis
TEL: (669)227-3579
FAX: (866)315-1954

Apple iOS CoreCrypto Module (Generic)

Version 7.0
Apple A9X w/ iOS 10 12/2/2016 ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: OnePassDH: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 ECDSA Val#961 SHS Val#3425 DRBG Val#1280 HMAC Val#2726

"Cryptographic library offering various cryptographic mechanisms to Apple frameworks. The testing applies to user space and generic, non-optimized software."

962
All of SP800-56A EXCEPT KDF
SP800-56A
Apple Inc.
1 Infinite Loop
Cupertino, CA 95014
USA

-Shawn Geddis
TEL: (669)227-3579
FAX: (866)315-1954

Apple iOS CoreCrypto Module (Generic)

Version 7.0
Apple A8X32 w/ iOS 10 12/2/2016 ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: OnePassDH: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 ECDSA Val#960 SHS Val#3424 DRBG Val#1279 HMAC Val#2726

"Cryptographic library offering various cryptographic mechanisms to Apple frameworks. The testing applies to user space and generic, non-optimized software."

961
All of SP800-56A EXCEPT KDF
SP800-56A
Apple Inc.
1 Infinite Loop
Cupertino, CA 95014
USA

-Shawn Geddis
TEL: (669)227-3579
FAX: (866)315-1954

Apple iOS CoreCrypto Module (Generic)

Version 7.0
Apple A8X w/ iOS 10 12/2/2016 ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: OnePassDH: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 ECDSA Val#959 SHS Val#3423 DRBG Val#1278 HMAC Val#2725

"Cryptographic library offering various cryptographic mechanisms to Apple frameworks. The testing applies to user space and generic, non-optimized software."

960
All of SP800-56A EXCEPT KDF
SP800-56A
Apple Inc.
1 Infinite Loop
Cupertino, CA 95014
USA

-Shawn Geddis
TEL: (669)227-3579
FAX: (866)315-1954

Apple iOS CoreCrypto Module (Generic)

Version 7.0
Apple A8 w/ iOS 10 12/2/2016 ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: OnePassDH: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 ECDSA Val#958 SHS Val#3422 DRBG Val#1277 HMAC Val#2724

"Cryptographic library offering various cryptographic mechanisms to Apple frameworks. The testing applies to user space and generic, non-optimized software."

959
All of SP800-56A EXCEPT KDF
SP800-56A
Apple Inc.
1 Infinite Loop
Cupertino, CA 95014
USA

-Shawn Geddis
TEL: (669)227-3579
FAX: (866)315-1954

Apple iOS CoreCrypto Module (Generic)

Version 7.0
Apple A7 w/ iOS 10 12/2/2016 ECC:
SCHEMES: OnePassDH: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 ECDSA Val#957 SHS Val#3421 DRBG Val#1276 HMAC Val#2723

"Cryptographic library offering various cryptographic mechanisms to Apple frameworks. The testing applies to user space and generic, non-optimized software."

958
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Hypori, Inc.
9211 Waterford Centre Blvd
Suite 100
Austin, TX 78758
USA

-Evan Watkins
TEL: 512-646-1040

Hypori FIPS Object Module for OpenSSL

Version 2.0.10
Intel Xeon w/ Android 4 (ARMv7 w/ Houdini) on ESXi 6; Intel Xeon w/ Android 4 (x86_64) on ESXi 6 12/2/2016 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"Re-brand of OpenSSL Version 2.0.10 running in Hypori Virtual Device"

957
Signature Generation of hash sized messages
FIPS186-4 ECDSA
VMware, Inc.
3401 Hillview Ave
Palo Alto, CA 94303
USA

-Eric Betts
TEL: 408-891-0590

-Michael McKay
TEL: 408-891-0590

VMware Java JCE (Java Cryptographic Extension) Module

Version BC FIPS 1.0.0
Intel Xeon E5 w/ NSX Controller 6.3.0 OS with Java JRE 1.7 running on VMware vSphere Hypervisor (ESXi) 6.0; Intel Xeon E5 w/ NSX Edge 6.3.0 OS with Java JRE 1.7 running on VMware vSphere Hypervisor (ESXi) 6.0; Intel Xeon E5 w/ NSX Manager 6.3.0 OS with Java JRE 1.7 running on Vmware vSphere Hypervisor (ESXi) 6.0 12/2/2016 ECDSA SigGen Component: CURVES( P-224 P-256 P-384 P-521 K-233 K-283 K-409 K-571 B-233 B-283 B-409 B-571 )

"The VMware Java JCE (Java Cryptographic Extension) Module (VMware JCE Module) is a software cryptographic module containing a set of cryptographic functions."

956
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
VMware, Inc.
3401 Hillview Ave
Palo Alto, CA 94303
USA

-Eric Betts
TEL: 408-891-0590

-Michael McKay
TEL: 408-891-0590

VMware Java JCE (Java Cryptographic Extension) Module

Version BC FIPS 1.0.0
Intel Xeon E5 w/ NSX Controller 6.3.0 OS with Java JRE 1.7 running on VMware vSphere Hypervisor (ESXi) 6.0; Intel Xeon E5 w/ NSX Edge 6.3.0 OS with Java JRE 1.7 running on VMware vSphere Hypervisor (ESXi) 6.0; Intel Xeon E5 w/ NSX Manager 6.3.0 OS with Java JRE 1.7 running on Vmware vSphere Hypervisor (ESXi) 6.0 12/2/2016 RSASP1: (Mod2048: PKCS1.5 )

"The VMware Java JCE (Java Cryptographic Extension) Module (VMware JCE Module) is a software cryptographic module containing a set of cryptographic functions."

955
Section 4.1.2,
IKEv2
Section 4.2,
TLS
Section 5.1,
ANS X9.63-2001
Section 5.2, SSH
Section 5.3, SRTP
SP800-135
VMware, Inc.
3401 Hillview Ave
Palo Alto, CA 94303
USA

-Eric Betts
TEL: 408-891-0590

-Michael McKay
TEL: 408-891-0590

VMware Java JCE (Java Cryptographic Extension) Module

Version BC FIPS 1.0.0
Intel Xeon E5 w/ NSX Controller 6.3.0 OS with Java JRE 1.7 running on VMware vSphere Hypervisor (ESXi) 6.0; Intel Xeon E5 w/ NSX Edge 6.3.0 OS with Java JRE 1.7 running on VMware vSphere Hypervisor (ESXi) 6.0; Intel Xeon E5 w/ NSX Manager 6.3.0 OS with Java JRE 1.7 running on Vmware vSphere Hypervisor (ESXi) 6.0 12/2/2016 IKEv2( ( 224 (SHA 1 , 224 , 256 , 384 , 512 ) ) ( 8192 (SHA 1 , 224 , 256 , 384 , 512 ) ) ( 2048 (SHA 1 , 224 , 256 , 384 , 512 ) ) SHA Val#3417 HMAC Val#2721
TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#3417 HMAC Val#2721
ANSX963_2001 (SHS 224 , 256 , 384 , 512 ) SHA Val#3417
SSH (SHA 1 , 224 , 256 , 384 , 512 ) SHA Val#3417
SRTP (AES 128 , 192 , 256 ) AES Val#4153

"The VMware Java JCE (Java Cryptographic Extension) Module (VMware JCE Module) is a software cryptographic module containing a set of cryptographic functions."

954
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Oberthur Technologies
402 rue d'Estienne d'Orves
Colombes, N/A 92700
France

-GOYET Christophe
TEL: +1 703 322 8951
FAX: N/C

-BOUKYOUD Saïd
TEL: +33 1 78 14 72 58
FAX: +33 1 78 14 70 20

RSASP1 on Cosmo V8.1

Version 07888.16 (Firmware)
Part # HW = ‘30’ with FW = ‘5F01’ and HW = '40' with FW = '6001'
ID-One PIV-C on Cosmo V8.1 11/25/2016 RSASP1: (Mod2048: PKCS1.5 )

"ID-One Cosmo V8.1 is a dual interface (ISO 7816 & ISO 14443) smartcard chip compliant with Javacard 3.0.4 and GlobalPlatform 2.2.1 chip which supports RSA (including RSA-CRT) encrypt/decrypt and digital signature generation /verification with keys from 64 to 4096-bit by step of 32-bit."

953
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Oberthur Technologies
402 rue d'Estienne d'Orves
Colombes, N/A 92700
France

-GOYET Christophe
TEL: +1 703 322 8951
FAX: N/C

-BOUKYOUD Saïd
TEL: +33 1 78 14 72 58
FAX: +33 1 78 14 70 20

ECC CDH on Cosmo V8.1

Version 07837.15 (Firmware)
Part # HW = ‘30’ with FW = ‘5F01’ and HW = ‘40’ with FW = ‘6001’
ID-One PIV on Cosmo V8.1 11/25/2016 Curves tested: P-224   P-256   P-384   P-521

"ID-One Cosmo V8.1 is a dual interface (ISO 7816 & ISO 14443) smartcard chip compliant with Javacard 3.0.4 and GlobalPlatform 2.2.1 chip which support ECC CDH both for in module key establishment and for primitive only as required by PIV."

952
RSADP Primitive
FIPS186-4 RSA; RSADP
Security First Corp.
29811 Santa Margarita Parkway
Suite 600
Rancho Santa Margarita, CA 92688
USA

-Rick Orsini
TEL: 949-858-7525
FAX: 949-858-7092

Secure Parser Library

Version 4.7.1.0
Intel Core I7-3770 with AES-NI w/ Microsoft Windows Server 2008 R2 64-bit; Intel Core I7-3770 with AES-NI disabled w/ Microsoft Windows Server 2008 R2 64-bit; Intel Core I7-3770 with AES-NI w/ Microsoft Windows Server 2012 R2 64-bit; Intel Core I7-3770 with AES-NI disabled w/ Microsoft Windows Server 2012 R2 64-bit; Intel Core I7-3770 with AES-NI w/ Red Hat Enterprise Linux 6 64-bit; Intel Core I7-3770 with AES-NI disabled w/ Red Hat Enterprise Linux 6 64-bit; Intel Core I7-3770 with AES-NI w/ Red Hat Enterprise Linux 7 64-bit; Intel Core I7-3770 with AES-NI disabled w/ Red Hat Enterprise Linux 7 64-bit; Intel Core I5-6300U with AES-NI w/ Microsoft Windows 10 64-bit; Intel Core I5-6300U with AES-NI disabled w/ Microsoft Windows 10 64-bit; Intel Core I7-3770 with AES-NI w/ Microsoft Windows 7 64-bit; Intel Core I7-3770 with AES-NI disabled w/ Microsoft Windows 7 64-bit; Intel Core I7-3770 with AES-NI w/ Microsoft Windows 8 64-bit; Intel Core I7-3770 with AES-NI disabled w/ Microsoft Windows 8 64-bit; QUALCOMM Snapdragon 801 w/ Android 5.0 11/18/2016 RSADP: (Mod2048)

"The Secure Parser Library is a suite of general security routines using FIPS Approved algorithms for its cryptography. An AES key size of 256 bits and equivalent key sizes for all other algorithms are supported by the library."

12/07/16: Updated implementation information;
12/14/16: Updated implementation information;

951
Signature Generation of hash sized messages
FIPS186-4 ECDSA
Security First Corp.
29811 Santa Margarita Parkway
Suite 600
Rancho Santa Margarita, CA 92688
USA

-Rick Orsini
TEL: 949-858-7525
FAX: 949-858-7092

Secure Parser Library

Version 4.7.1.0
Intel Core I7-3770 with AES-NI w/ Microsoft Windows Server 2008 R2 64-bit; Intel Core I7-3770 with AES-NI disabled w/ Microsoft Windows Server 2008 R2 64-bit; Intel Core I7-3770 with AES-NI w/ Microsoft Windows Server 2012 R2 64-bit; Intel Core I7-3770 with AES-NI disabled w/ Microsoft Windows Server 2012 R2 64-bit; Intel Core I7-3770 with AES-NI w/ Red Hat Enterprise Linux 6 64-bit; Intel Core I7-3770 with AES-NI disabled w/ Red Hat Enterprise Linux 6 64-bit; Intel Core I7-3770 with AES-NI w/ Red Hat Enterprise Linux 7 64-bit; Intel Core I7-3770 with AES-NI disabled w/ Red Hat Enterprise Linux 7 64-bit; Intel Core I5-6300U with AES-NI w/ Microsoft Windows 10 64-bit; Intel Core I5-6300U with AES-NI disabled w/ Microsoft Windows 10 64-bit; Intel Core I7-3770 with AES-NI w/ Microsoft Windows 7 64-bit; Intel Core I7-3770 with AES-NI disabled w/ Microsoft Windows 7 64-bit; Intel Core I7-3770 with AES-NI w/ Microsoft Windows 8 64-bit; Intel Core I7-3770 with AES-NI disabled w/ Microsoft Windows 8 64-bit; QUALCOMM Snapdragon 801 w/ Android 5.0 11/18/2016 ECDSA SigGen Component: CURVES( P-521 )

"The Secure Parser Library is a suite of general security routines using FIPS Approved algorithms for its cryptography. An AES key size of 256 bits and equivalent key sizes for all other algorithms are supported by the library."

12/07/16: Updated implementation information;
12/14/16: Updated implementation information;

950
Section 4.1.2,
IKEv2
SP800-135
Fatpipe, Inc.
4455 S 700 E STE 100
Salt Lake City, UT 84107
USA

-Matt Gwyther
TEL: (801)281-3434
FAX: (801)281-0317

MPVPN

Version 9-1-2-fips
Intel Xeon Quad Core E3-1270v2 @ 3.50GHz w/o AES-NI w/ LFS (Linux from scratch) 1.1.0 x86 64 Pure64 11/18/2016 IKEv2( ( 2048 (SHA 256 ) ) ( 2045 (SHA 256 ) ) ( 2048 (SHA 256 ) ) SHA Val#3413 HMAC Val#1256

"FatPipe MPVPN®, a patented router clustering device, is an essential part of Disaster Recovery and Business Continuity Planning for Virtual Private Network (VPN) connectivity. It is integrated with several User Space cryptographic algorithms and other security mechanisms."

949
All of SP800-56A EXCEPT KDF
SP800-56A
Fatpipe, Inc.
4455 S 700 E STE 100
Salt Lake City, UT 84107
USA

-Matt Gwyther
TEL: (801)281-3434
FAX: (801)281-0317

MPVPN

Version 9-1-2-fips
Intel Xeon Quad Core E3-1270v2 @ 3.50GHz w/o AES-NI w/ LFS (Linux from scratch) 1.1.0 x86 64 Pure64 11/18/2016 FFC: SCHEMES: Ephem: (KARole: Initiator / Responder ) FC DSA Val#1126 SHS Val#3413 DRBG Val#1256

"FatPipe MPVPN®, a patented router clustering device, is an essential part of Disaster Recovery and Business Continuity Planning for Virtual Private Network (VPN) connectivity. It is integrated with several User Space cryptographic algorithms and other security mechanisms."

948
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Barracuda Networks
3175 Winchester Road
Campbell, CA 95008
USA

-Andrea Cannon
TEL: 703-743-9068

Barracuda Cryptographic Software Module

Version 1.0.1.8
Intel Xeon with AES-NI w/ Barracuda NextGen Firewall and Control OS 7 under Microsoft Windows 2012 (64-bit) Hyper-V; Intel Xeon without AES-NI w/ Barracuda NextGen Firewall and Control OS 7 under Microsoft Windows 2012 (64-bit) Hyper-V 11/18/2016 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"x"

947
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
OpenSSL Validation Services, Inc.
1829 Mount Ephraim Road
Adamstown, MD 21710
USA

-Steve Marquess
TEL: 301-874-2571

OpenSSL FIPS Object Module

Version 2.0.14
Cavium Octeon II (MIPS) w/ ExtremeXOS-Linux 3.1 11/10/2016 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"The OpenSSL FIPS Object Module is a full featured general purpose cryptographic library that is distributed in source code form under an open source license. It can be downloaded from www.openssl.org/source/."

946
Section 4.2,
TLS
SP800-135
Automation Solutions, Inc.
16055 Space Center Blvd.
Suite 450
Houston, TX 77062
USA

-Ken Brucker

-Michael McCarty

AutoSolSSL Algorithms

Version 1.0.2d-fips9 Jul 2015 (Firmware)
ARMv7 Processor [412fc085] revision 5 (ARMv7) 11/10/2016 TLS( TLS1.2 (SHA 256 , 384 ) ) SHA Val#3410 HMAC Val#2713

"AutoSolSSL is a hardened cryptographic library embedded in AutoSol''s TLS VPN router and terminal server the CryptoMod. AutoSolSSL is also used in AutoSol''s advanced polling engine AutoSol Communication Manager."

945
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Aruba, a Hewlett Packard Enterprise company
1344 Crossman Avenue
Sunnyvale, CA 94089
USA

-Steve Weingart
TEL: 512-318-2480

ArubaOS Crypto Module

Version ArubaOS 6.5.1 (Firmware)
Freescale IPQ8064 11/4/2016 RSASP1: (Mod2048: PKCS1.5 )

"The Aruba MOVE Architecture forms the core network infrastructure for supporting mobile and wireless computing devices. The system enables enterprise-scale 802.11 wireless LANs (Wi-Fi), secure remote VPNs, and mobility-optimized wired networks."

944
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
SP800-135
Aruba, a Hewlett Packard Enterprise company
1344 Crossman Avenue
Sunnyvale, CA 94089
USA

-Steve Weingart
TEL: 512-318-2480

ArubaOS Crypto Module

Version ArubaOS 6.5.1 (Firmware)
Freescale IPQ8068 11/4/2016 IKEv1( AUTH( DSA , PSK ) ) ( 2048 (SHA 384 ) ) ( 256 (SHA 256 , 384 ) ) ( 384 (SHA 256 , 384 ) ) SHA Val#3408 HMAC Val#2711
IKEv2( ( 2048 (SHA 384 ) ) ( 256 ) ( 384 (SHA 256 , 384 ) ) SHA Val#3408 HMAC Val#2711

"The Aruba MOVE Architecture forms the core network infrastructure for supporting mobile and wireless computing devices. The system enables enterprise-scale 802.11 wireless LANs (Wi-Fi), secure remote VPNs, and mobility-optimized wired networks."

01/31/07: Updated implementation information;

943
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
VMware, Inc.
3401 Hillview Ave
Palo Alto, CA 94303
USA

-Eric Betts
TEL: +1 (650) 427-1902

-Manoj Maskara
TEL: +1 (650) 427-3478

VMware OpenSSL FIPS Object Module

Version 2.0.9
Intel Core I without AES-NI w/ Windows 8.1 on ESXi 6.0; Intel Core I without AES-NI w/ Windows 7 SP1 on ESXi 6.0; Intel Core I with AES-NI w/ Windows 7 SP1 on ESXi 6.0; Intel Core I without AES-NI w/ Windows 10 on ESXi 6.0; Intel Core I with AES-NI w/ Windows 10 on ESXi 6.0; Intel Core I with AES-NI w/ Windows 8.1 on ESXi 6.0; Intel Xeon with AES-NI w/ Windows 2012 64 bit on ESXi 6.0; Intel Xeon with AES-NI w/ Windows 2012 R2 on ESXi 6.0; Intel Xeon without AES-NI w/ Windows 2012 on ESXi 6.0; Intel Xeon without AES-NI w/ Windows 2012 R2 on ESXi 6.0; Intel Xeon without AES-NI w/ VMware NSX Controller OS 12.04 on ESXi 6.0; Intel Xeon with AES-NI w/ VMware NSX Controller OS 12.04 on ESXi 6.0; Intel Xeon without AES-NI w/ VMware NSX Edge OS 3.14 on ESXi 6.0; Intel Xeon with AES-NI w/ VMware NSX Edge OS 3.14 on ESXi 6.0; Intel Xeon with AES-NI w/ VMware NSX Manager OS 3.17 on ESXi 6.0; Intel Xeon without AES-NI w/ VMware NSX Manager OS 3.17 on ESXi 6.0; Intel Xeon with AES-NI w/ SLES 11 SP3 on ESXi 6.0; Intel Xeon without AES-NI w/ SLES 11 SP3 on ESXi 6.0; Intel Xeon without AES-NI w/ Windows 2012 64 bit on ESXi 6.0; Intel Xeon without AES-NI w/ Photon OS 1.0 on ESXi 6; Intel Xeon with AES-NI w/ Photon OS 1.0 on ESXi 6 ;  Intel Xeon with AES-NI w/ Windows 2016 64 bit on ESXi 6.0; Intel Xeon without AES-NI w/ Windows 2016 64 bit on ESXi 6.0; Intel Xeon with AES-NI w/ Windows 2016 64 bit on ESXi 6.5; Intel Xeon without AES-NI w/ Windows 2016 64 bit on ESXi 6.5; Intel Xeon with AES-NI w/ VMware NSX Controller OS 16.04 on ESXi 6.5; Intel Xeon without AES-NI w/ VMware NSX Controller OS 16.04 on ESXi 6.5; Intel Xeon with AES-NI w/ VMware NSX Edge OS 4.4 on ESXi 6.5; Intel Xeon without AES-NI w/ VMware NSX Edge OS 4.4 on ESXi 6.5; Intel Xeon with AES-NI w/ Photon OS 1.0 on ESXi 6.5; Intel Xeon without AES-NI w/ Photon OS 1.0 on ESXi 6.5; Intel Xeon with AES-NI w/ Photon OS 2.0 on ESXi 6.0; Intel Xeon without AES-NI w/ Photon OS 2.0 on ESXi 6.0; Intel Xeon with AES-NI w/ Photon OS 2.0 on ESXi 6.5; Intel Xeon without AES-NI w/ Photon OS 2.0 on ESXi 6.5; Intel Xeon with AES-NI w/ Ubuntu 14.04 64 bit on ESXi 6.0; Intel Xeon without AES-NI w/ Ubuntu 14.04 64 bit on ESXi 6.0; Intel Xeon with AES-NI w/ Ubuntu 14.04 64 bit on ESXi 6.5; Intel Xeon without AES-NI w/ Ubuntu 14.04 64 bit on ESXi 6.5; Intel Xeon with AES-NI w/ Ubuntu 16.04 64 bit on ESXi 6.0; Intel Xeon with AES-NI w/ Ubuntu 16.04 64 bit on ESXi 6.0; 11/4/2016 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"The VMware OpenSSL FIPS Object Module is a versatile software library that implements FIPS 140-2 Approved cryptographic services for VMware products and platforms."

01/12/17: Updated implementation information;
06/29/17: Added new tested information;
07/14/17: Added new tested information;

942
Section 5.2, SSH
SP800-135
Juniper Networks, Inc.
1133 Innovation Way
Sunnyvale, CA 94089
USA

-Seyed Safakish
TEL: 408-745-2000

-Shivakumar Muttur
TEL: +91 8061211850

OpenSSL Crypto Lib

Version 15.1X53-D55 (Firmware)
ARM Cortex A9 11/4/2016 SSH (SHA 256 , 384 , 512 ) SHA Val#3405

"Comprehensive, scalable and secure switching & routing solutions specifically designed to meet the needs of campus, enterprises and service providers. All of our switches & routers - core, Multiservice edge and edge Ethernet - run on one common operating system- Junos."

941
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Attivo Networks, Inc.
47697 Westinghouse Drive, Suite 201
Fremont, CA 94539
USA

-Satya Das
TEL: 510 623-1000

Attivo Cryptographic Module

Version 1.0 (Firmware)
Intel(R) Xeon(R) CPU E5-2620 v2 @ 2.10GHz with AES-NI, Intel(R) Xeon(R) CPU E5-2630 v3 @ 2.4GHz with AES-NI 10/28/2016 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"Attivo Networks is an award winning provider of inside-the-network threat detection, attack analysis and forensics."

04/04/17: Updated implementation information;

940
Section 4.2,
TLS
SP800-135
MikroM GmbH
Darwinstrasse 17
Berlin, Berlin 10589
Germany

-Holger Krahn
TEL: +49 30 398839 0
FAX: +49 30 398839 29

-Michael Hagemeister
TEL: +49 30 398839 0
FAX: +49 30 398839 29

OpenSSL Crypto Library

Version fips-2.0.12, 1.0.2h20651 (Firmware)
Freescale MCIMX515DJM8C 10/28/2016 TLS( TLS1.0/1.1 ) SHA Val#3399 HMAC Val#2702

"MVC201 - Digital Cinema Image Media Block for integration into a TI Series 2 DLP Cinema projector."

939
Section 4.1.2,
IKEv2
Section 4.2,
TLS
Section 5.2, SSH
Section 5.3, SRTP
Section 5.4, SNMP
SP800-135
Cisco Systems, Inc.
170 W. Tasman Drive
San Jose, CA 95134
USA

-Certification Team

Cisco_SSL_Implementation-1

Version 1.0
Apple A8 w/ iOS 9.3 10/28/2016 IKEv2( ( 2048 (SHA 1 ) ) SHA Val#3398 HMAC Val#2701
TLS( TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#3398 HMAC Val#2701
SSH (SHA 1 , 224 , 256 , 384 , 512 ) SHA Val#3398
SRTP (AES 128 ) AES Val#4128
SNMP SHA1 Val#3398

"TBD"

12/07/16: Updated implementation information;

938
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
General Dynamics Mission Systems
150 Rustcraft Road
Dedham, MA 02026
USA

-Certification Director
TEL: 770-689-2040
FAX: 781-455-5555

Fortress KAS Implementation

Version 2.0 (Firmware)
Broadcom XLS Processor; RMI Alchemy MIPS Processor 10/28/2016 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#2891 HMAC Val#2238
SSH (SHA 1 , 256 ) SHA Val#2891

"The Fortress KAS Implementation suite works in unison to provide security to your wireless and wired networks."

12/13/16: Updated implementation information;

937
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
SP800-135
General Dynamics Mission Systems
150 Rustcraft Road
Dedham, MA 02026
USA

-Certification Director
TEL: 770-689-2040
FAX: 781-455-5555

Fortress KAS Implementation

Version 2.0 (Firmware)
Broadcom XLS Processor; RMI Alchemy MIPS Processor 10/28/2016 IKEv1( AUTH( DSA , PSK ) ) ( 256 (SHA 1 , 256 , 384 , 512 ) ) ( 384 (SHA 1 , 256 , 384 , 512 ) ) ( 2048 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#1357 HMAC Val#889
IKEv2( ( 256 (SHA 1 , 256 , 384 , 512 ) ) ( 384 (SHA 1 , 256 , 384 , 512 ) ) ( 2048 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#1357 HMAC Val#889

"The Fortress KAS Implementation suite works in unison to provide security to your wireless and wired networks."

12/13/16: Updated implementation information;

936
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Axway Inc.
26 rue des Pavillons
Puteaux Cedex, France 92807
France

-Niall Tierney

Axway OpenSSL

Version 1.0
Intel Xeon w/ RHEL 6.6 on VMWare ESX 5.5; Intel Xeon w/ RHEL 6.6; Intel Xeon w/ Windows 2012R2 64bit on VMWare ESX 5.5; Intel Xeon w/ Windows 2012R2 64bit 10/21/2016 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"Axway OpenSSL module for the Axway API product suite based on the OpenSSL FIPS Obect Module 2.0.10."

935
Section 4.2,
TLS
SP800-135
IBM Corporation
2455 South Road
Poughkeepsie, New York 12601-5400
USA

-John Monti
TEL: jmonti@us.ibm.com

IBM z/OS(R) Cryptographic Services System SSL - 64bit with CPACF for SHA

Version OA50589
IBM z13 w/ IBM z/OS(R) v2.1 10/21/2016 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#3196 HMAC Val#2698

"z/OS(R) System SSL provides a rich set of C based applcation programming interfaces that allow applications to protect data using the SSL/TLS protocols and through PKCS#7 cryptographic messages. z/OS System SSL also enables applications to create and manage X.509 V3 certificates and keys within key database files and PKCS#11 tokens."

934
Section 4.2,
TLS
SP800-135
IBM Corporation
2455 South Road
Poughkeepsie, New York 12601-5400
USA

-John Monti
TEL: jmonti@us.ibm.com

IBM z/OS(R) Cryptographic Services System SSL - 31bit with CPACF for SHA

Version OA50589
IBM z13 w/ IBM z/OS(R) v2.1 10/21/2016 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) HMAC Val#2697

"z/OS(R) System SSL provides a rich set of C based applcation programming interfaces that allow applications to protect data using the SSL/TLS protocols and through PKCS#7 cryptographic messages. z/OS System SSL also enables applications to create and manage X.509 V3 certificates and keys within key database files and PKCS#11 tokens."

10/21/16: Updated vendor information;

933
Section 5.7.1.2: ECC CDH Primitive

All of SP800-56A EXCEPT KDF
SP800-56A

SP800-56A
LG Electronics, Inc.
20 Yoido-dong
Youngdungpo-gu
Seoul, n/a 152-721
Republic of Korea

-Jongseong Kim
TEL: 82-10-4535-0110
FAX: 82-2-6950-2080

LG OpenSSL FIPS Object Module

Version 2.0.12
Qualcomm Snapdragon 800-series w/ Android 7.0 10/21/2016 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 EE: P-521 ECDSA Val#984 SHS Val#3481 DRBG Val#1323

"General-purpose cryptographic services available for Android used by LG devices to provide secured services to applications via the OpenSSL FIPS Object Module, which is a full featured general purpose cryptographic library."

932
All of SP800-56A EXCEPT KDF
SP800-56A
LG Electronics, Inc.
20 Yoido-dong
Youngdungpo-gu
Seoul, n/a 152-721
Republic of Korea

-Jongseong Kim
TEL: 82-10-4535-0110
FAX: 82-2-6950-2080

LG OpenSSL FIPS Object Module

Version 2.0.12
Qualcomm Snapdragon 800-series w/ Android 7.0 10/21/2016 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: Ephem: (KARole: Initiator ) FB FC DSA Val#1118 SHS Val#3394 DRBG Val#1245
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: EphemUnified: (KARole: Initiator ) EC: P-256 ED: P-384 ECDSA Val#940 SHS Val#3394 DRBG Val#1245

"General-purpose cryptographic services available for Android used by LG devices to provide secured services to applications via the OpenSSL FIPS Object Module, which is a full featured general purpose cryptographic library."

931
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Symantec Corporation
350 Ellis Street
Mountain View, CA 94043
USA

-Thomas Anderson
TEL: 415-738-2725

-David Laliberte
TEL: 415-829-5120

Scanner Cipher Engine

Version 2.0
Intel Xeon w/ CentOS 6 10/14/2016 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"The Symantec Scanner Cipher Engine is designed to provide FIPS140-2 algorithm support for the Symantec Scanner Cryptographic Module. This module supports Symantec applications by providing validated and approved cryptographic services"

02/07/17: Updated implementation information;

930
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Arxan Technologies
650 California St
San Francisco, CA 94108
USA

-Sam Kerr
TEL: 301-968-4290
FAX: 415-247-0910

-Andrei Alexandru
TEL: 301-968-4290
FAX: 415-247-0910

Arxan Cryptographic Key & Data Protection KAS Component

Version 1.0
Quad-core, 1200 MHz, ARM Cortex-A7 w/ Android KitKat 4.4.1 10/14/2016 Curves tested: P-256

"Arxan Cryptographic Key & Data Protection, a state-of-the-art Whitebox Cryptography, transforms crypto keys and data so neither can be discovered while at rest or at runtime. It supports KAS algorithm in whitebox form to protect sensitive keys and data in hostile or untrusted operational environments."

929
Signature Generation of hash sized messages
FIPS186-4 ECDSA
Green Hills Software
7585 Irvine Center Drive
Suite 250
Irvine, CA 92618
USA

-David Sequino
TEL: 206-310-6795
FAX: 978-383-0560

-Douglas Kovach
TEL: 727-781-4909
FAX: 727-781-2915

INTEGRITY Security Services High Assurance Embedded Cryptographic Toolkit - ECDSA

Version 3.0
Gateway 5100 (Ventana) i.mx6 (ARM Cortex-A9) w/ OpenWRT/Linaro 10/14/2016 ECDSA SigGen Component: CURVES( P-256 P-384 P-521 )

"ISS ECT is a standards-based cryptographic toolkit providing a flexible framework to integrate encryption, digital signatures and other security mechanisms into a wide range of applications. It is designed to support multiple cryptographic providers with a single common API, easily targeted to a variety of Operating Systems."

928
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Senetas Corporation Ltd, distributed by Gemalto NV (SafeNet)
312 Kings Way
South Melbourne, Victoria 3025
Australia

-John Weston
TEL: +61 3 9868 4555
FAX: +61 3 9821 4899

CN9000 Series Common Crypto Library

Version 3.0.0 (Firmware)
ARM Cortex A9 10/14/2016 TLS( TLS1.0/1.1 ) SHA Val#3391 HMAC Val#2693
SSH (SHA 1 , 256 , 384 , 512 ) SHA Val#3391
SNMP SHA1 Val#3391

"The CN9000 Series Common Crypto Library Module provides FIPS 140-2 approved cryptographic algorithms for CN9000 Series Encryptors. Based upon OpenSSL the Common Crypto Library provides an Application Programming Interface (API) to support security relevant services."

927
All of SP800-56A EXCEPT KDF
SP800-56A
Allegro Software Development Corporation
1740 Massachusetts Avenue
Boxborough, MA 01719
USA

-Alan Presser
TEL: (978) 264-6600

Allegro Cryptographic Engine

Version 6.2
Intel Core i7 without AES-NI w/ Windows 10 Professional; Intel Core i7 with AES-NI w/ Windows 10 Professional; Intel Core i7 without AES-NI w/ Linux Mint 18; Intel Core i7 with AES-NI w/ Linux Mint 18 10/14/2016 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC DSA Val#1116 SHS Val#3390 DRBG Val#1241
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 ECDSA Val#936 SHS Val#3390 DRBG Val#1241

"The Allegro Cryptographic Engine (ACE) is a cryptographic library module for embedded computing systems. ACE provides software implementations of algorithms for calculations of message digests, digital signature creation and verification, bulk encryption and decryption, key generation and key exchange."

06/16/17: Updated implementation information;

926
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
SP800-135
Juniper Networks, Inc.
1133 Innovation Way
Sunnyvale, CA 94089
USA

-Seyed Safakish
TEL: 408-745-2000

-Van Nguyen
TEL: 408-745-2000

JUNOS FIPS Version 12.3X48 - Authentec

Version 12.3X48-D30 (Firmware)
Cavium Octeon Plus (CN5000 Family); Cavium Octeon II (CN6000 Family); Broadcom XLR (XLR732); Broadcom XLP (XLP832) 10/14/2016 IKEv1( AUTH( DSA , PSK ) ) ( 256 (SHA 1 , 256 , 384 ) ) ( 2048 (SHA 1 , 256 , 384 ) ) SHA Val#3342 HMAC Val#2647
IKEv2( ( 256 (SHA 1 , 256 , 384 ) ) ( 2048 (SHA 1 , 256 , 384 ) ) ( 384 (SHA 1 , 256 ) ) SHA Val#3342 HMAC Val#2647

"Juniper Networks SRX Series Services Gateways provide the essential capabilities necessary to connect, secure, and manage enterprise and service provider networks, from the smallest sites to the largest headquarters and data centers."

925
Section 4.2,
TLS
SP800-135
Futurex
864 Old Boerne Road
Bulverde, TX 78163
USA

-Futurex Security Certifications
TEL: 830-980-9782

OpenSSL

Version 6.2.0.0 (Firmware)
Intel i7-620UE 10/6/2016 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#3387 HMAC Val#2689

"The Crypto Library includes CMAC, DRBG, GCM, KDF TLS, KDF CMAC, and KWP algorithms for use in the Futurex cryptographic module."

924
Section 4.1.2,
IKEv2
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

Brocade FIPS Crypto Library

Version FOS 8.1 (Firmware)
CN6880 10/6/2016 IKEv2( ( 384 (SHA 384 ) ) ( 2048 (SHA 512 ) ) SHA Val#3386 HMAC Val#2688

"Brocade Cryptographic Library is used in Brocade FOS-based switches to implement the cryptographic-related modules."

923
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

Brocade FIPS Crypto Library

Version FOS 8.1 (Firmware)
CN6880 10/6/2016 Curves tested: P-384

"Brocade Cryptographic Library is used in Brocade FOS-based switches to implement the cryptographic-related modules."

08/09/17: Updated implementation information;

922
Signature Generation of hash sized messages
FIPS186-4 ECDSA
Microsoft Corporation
One Microsoft Way
Redmond, WA 98052-6399
USA

-Tim Myers
TEL: 800-Microsoft

Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, Surface Pro 3 and Surface 3 w/ Windows 10 Anniversary Update; Microsoft Lumia 950 and Lumia 650 w/ Windows 10 Mobile Anniversary Update MsBignum Cryptographic Implementations

Version 10.0.14393
Intel Core i7 with AES-NI and PCLMULQDQ and SSSE 3 w/Microsoft Surface Pro 3 w/ Windows 10 Enterprise Anniversary Update (x64); Intel Core i7 with AES-NI and PCLMULQDQ and SSSE 3 w/Microsoft Surface Pro 3 w/ Windows 10 Pro Anniversary Update (x64); Intel Core i5 with AES-NI and PCLMULQDQ and SSSE 3 w/Microsoft Surface Pro 4 w/ Windows 10 Enterprise Anniversary Update (x64); Intel Core i5 with AES-NI and PCLMULQDQ and SSSE 3 w/Microsoft Surface Pro 4 w/ Windows 10 Pro Anniversary Update (x64); Intel Core i7 with AES-NI and PCLMULQDQ and SSSE 3 w/Microsoft Surface Book w/ Windows 10 Enterprise Anniversary Update (x64); Intel Core i7 with AES-NI and PCLMULQDQ and SSSE 3 w/Microsoft Surface Book w/ Windows 10 Pro Anniversary Update (x64); Intel Atom x7 with AES-NI and PCLMULQDQ and SSSE 3 w/Microsoft Surface 3 w/ Windows 10 Anniversary Update (x64); Intel Xeon with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows 10 Enterprise Anniversary Update (x64); Intel Xeon with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows 10 Pro Anniversary Update (x64); AMD A4 with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows 10 Enterprise Anniversary Update (x64); AMD A4 with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows Server 2016 Standard (x64); Intel Core i3 without AES-NI or PCLMULQDQ or SSSE 3 w/ Windows 10 Enterprise Anniversary Update (x86); Intel Core i3 without AES-NI or PCLMULQDQ or SSSE 3 w/ Windows 10 Pro Anniversary Update (x86); Intel Core i3 without AES-NI or PCLMULQDQ or SSSE 3 w/ Windows 10 Anniversary Update (x86); Intel Core i7 with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows 10 Anniversary Update (x64); Intel Xeon with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows Server 2016 Standard (x64); Intel Xeon with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows Server 2016 Datacenter (x64); Intel Xeon with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows Storage Server 2016 (x64); Qualcomm Snapdragon 808 (A57, A53) w/Microsoft Lumia 950 w/ Windows 10 Mobile Anniversary Update (ARMSv7) ;  Intel Xeon with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows 10 Enterprise LTSB Anniversary Update (x64); Intel Core i3 without AES-NI or PCLMULQDQ or SSSE 3 w/ Windows 10 Enterprise LTSB Anniversary Update (x86); Intel Core i7 with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows 10 Enterprise LTSB Anniversary Update (x64); Qualcomm Snapdragon 820 (Kryo) w/ Windows 10 Mobile Anniversary Update (ARMv7); Qualcomm Snapdragon 212 (A7) w/ Microsoft Lumia 650 w/ Windows 10 Mobile Anniversary Update (ARMv7) 9/23/2016 ECDSA SigGen Component: CURVES( P-256 P-384 P-521 )

"The Microsoft Windows MSBignum Library algorithm implementation provides DSA, ECDSA, and RSA support to other Microsoft libraries and cryptographic modules."

12/23/16: Added new tested information;
01/05/17: Added new tested information;

921
RSADP Primitive
FIPS186-4 RSA; RSADP
Oberthur Technologies
402 rue d'Estienne d'Orves
Colombes, N/A 92700
France

-GOYET Christophe
TEL: +1 703 322 8951

-BOUKYOUD Saïd
TEL: +33 1 78 14 72 58
FAX: +33 1 78 14 70 20

RSADP on Cosmo V8.1

Version 07888.16 (Firmware)
Part # HW = ‘30’ with FW = ‘5F01’ and HW = ‘40’ with FW = ‘6001’
ID-One PIV on Cosmo V8.1 9/23/2016 RSADP: (Mod2048)

"ID-One Cosmo V8.1 is a dual interface (ISO 7816 & ISO 14443) smartcard hardware platform compliant with Javacard 3.0.4 and GlobalPlatform 2.2.1 which supports RSA (including RSA-CRT) encrypt/decrypt and digital signature generation /verification with keys from 64 to 2048-bit by step of 32-bit."

11/17/16: Updated implementation information;

920
All of SP800-56A EXCEPT KDF
SP800-56A
Check Point Software Technologies
5 Ha'solelim Street
Tel Aviv, 67897
Israel

-Malcolm Levy
TEL: +972-37534561

Check Point Cryptographic Library

Version 1.0 (Firmware)
Intel® Xeon® 9/23/2016 ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG Full Validation Partial Validation )
SCHEMES: FullMQV: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 EE: P-521 ECDSA Val#685 SHS Val#2824 DRBG Val#823

"Cryptographic library for Check Point Next Generation Security Appliances"

919
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Symantec Corporation
384 Santa Trinita Ave
Sunnyvale, CA 94085
USA

-Diana Robinson
TEL: 845-454-6397

-Ian Hall
TEL: 703-598-6876

SSL Visibility Appliance Crypto Library

Version 1.0.4 (Firmware)
Intel E3-1225 V3 Quad Core; Intel E5-2618L V3 Octa Core; Intel E5-2640 V3 Octa Core; Intel E5620 Quad Core; Intel E5645 Hex Core; Intel X3450 Quad Core 9/23/2016 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#3378 HMAC Val#2682
SSH (SHA 1 , 224 , 256 , 384 , 512 ) SHA Val#3378
SNMP SHA1 Val#3378

"The SSL Visibility Appliance decrypts multiple streams of SSL content to provide IDS/IPS, logging, forensics, and data loss prevention. This preserves complete network traffic histories necessary for compliance/threat analysis and enables SSL inspection capabilities that close the security loophole created by SSL."

918
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Sony Mobile Communications Inc.
Mobilvagen 4
Lund, 221 88
Sweden

-Nenad Pavlovic
TEL: +46 (0)10 80 00000

Xperia BoringSSL Cryptographic Module (820)

Version 1.0.0
Qualcomm Snapdragon 820 (MSM8996) w/ Android 6.0.1 9/23/2016 Curves tested: P-224   P-256   P-384   P-521

"The Xperia BoringSSL Cryptographic Module provides user-mode applications with security services."

12/19/16: Updated vendor information;

917
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Sony Mobile Communications Inc.
Mobilvagen 4
Lund, 221 88
Sweden

-Nenad Pavlovic
TEL: +46 (0)10 80 00000

Xperia BoringSSL Cryptographic Module (650)

Version 1.0.0
Qualcomm Snapdragon 650 (MSM8976) w/ Android 6.0.1 9/23/2016 Curves tested: P-224   P-256   P-384   P-521

"The Xperia BoringSSL Cryptographic Module provides user-mode applications with security services."

12/19/16: Updated vendor information;

916
Signature Generation of hash sized messages
FIPS186-4 ECDSA
Mocana Corporation
20 California Street
San Francisco, CA 94111
USA

-Srinivas Kumar
TEL: 1-415-617-0055
FAX: 1-415-617-0056

Mocana Cryptographic Library

Version 6.4.1f
Freescale P2020 w/ Mentor Graphics Linux 4.0 9/16/2016 ECDSA SigGen Component: CURVES( P-224 P-256 P-384 P-521 )

"The Mocana Cryptographic Module is the engine of Mocana''s Device Security Framework - a software framework that secures all aspects of a system. The Device Security Framework helps applications and device designers reduce development costs and dramatically enhance cryptographic performance. For details see www.mocana.com."

915
Section 5.2, SSH
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Hamid Sobouti
TEL: 408-333-4150
FAX: 408-333-8101

Brocade MLXe MR2

Version BRCD-IP-CRYPTO-VER-3.0 (Firmware)
Freescale MPC 7448, RISC, 1700 MHz 9/16/2016 SSH (SHA 256 ) SHA Val#2282

"Brocade cryptographic library used in Brocade IP products implements crypto operations in software. The Brocade MLXe Series and Brocade NetIron® CER 2000 Series Ethernet Routers, Brocade NetIron CES 2000 Series Ethernet Switches provide industry-leading wire-speed port capacity without compromising the performance of advanced capabilities such as IPv6, MPLS, and MPLS Virtual Private Networks (VPNs)."

914
Section 5.2, SSH
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Hamid Sobouti
TEL: 408-333-4150
FAX: 408-333-8101

Brocade NetIron CES and CER 2000 Series

Version BRCD-IP-CRYPTO-VER-3.0 (Firmware)
Freescale MPC 8544, Power QUICC III, 800 MHz 9/16/2016 SSH (SHA 256 ) SHA Val#2280

"Brocade cryptographic library used in Brocade IP products implements crypto operations in software. The Brocade MLXe Series and Brocade NetIron® CER 2000 Series Ethernet Routers, Brocade NetIron CES 2000 Series Ethernet Switches provide industry-leading wire-speed port capacity without compromising the performance of advanced capabilities such as IPv6, MPLS, and MPLS Virtual Private Networks (VPNs)."

913
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Xirrus, Inc.
2101 Corporate Center Drive
Thousand Oaks, CA 91320
USA

-Mike de la Garrigue
TEL: 805-262-1655
FAX: 805-262-1601

AOS Crypto Module

Version 7.0 (Firmware)
Cavium Octeon CN5000 series; Cavium Octeon CN6000 series; Cavium Octeon CN7000 series 9/23/2016 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 ) ) SHA Val#3381 HMAC Val#2684
SSH (SHA 256 ) SHA Val#3381

"Xirrus AOS crypto library implementation."

912
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Hewlett Packard Enterprise
153 Taylor Street
Littleton, MA 01460
USA

-Bob Pittman
TEL: 1-508-467-0284
FAX: 1-978-264-5522

HPE Comware Firmware

Version Comware Crypto 7.1.1.1.1.55 (Firmware)
ARM Cortex-A9 1GHz; Broadcom XLS408, 1.2GHz, MIPS; Freescale MPC P5040, 1.8 GHz, PowerPC; Freescale MPC8548, 1.5 GHz, PowerPC 9/16/2016 IKEv1( AUTH( DSA , PSK ) ) ( 2048 (SHA 1 , 224 , 256 , 384 , 512 ) ) ( 256 (SHA 1 , 224 , 256 , 384 , 512 ) ) ( 384 (SHA 1 , 224 , 256 , 384 , 512 ) ) SHA Val#3369 HMAC Val#2673
IKEv2( ( 2048 (SHA 1 , 224 , 256 , 384 , 512 ) ) ( 256 (SHA 1 , 224 , 256 , 384 , 512 ) ) ( 384 (SHA 1 , 224 , 256 , 384 , 512 ) ) SHA Val#3369 HMAC Val#2673
TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#3369 HMAC Val#2673
SSH (SHA 1 , 224 , 256 , 384 , 512 ) SHA Val#3369
SNMP SHA1 Val#3369

"Comware cryptographic library is a software library that provides cryptographic functions within HPE network devices."

911
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Hewlett Packard Enterprise
153 Taylor Street
Littleton, MA 01460
USA

-Bob Pittman
TEL: 1-508-467-0284
FAX: 1-978-264-5522

HPE Comware Firmware

Version Comware Crypto 7.1.1.1.1.55 (Firmware)
ARM Cortex-A9 1GHz; Broadcom XLS408, 1.2GHz, MIPS; Freescale MPC P5040, 1.8 GHz, PowerPC; Freescale MPC8548, 1.5 GHz, PowerPC 9/16/2016 Curves tested: P-224   P-256   P-384   P-521

"Comware cryptographic library is a software library that provides cryptographic functions within HPE network devices."

910
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Hewlett Packard Enterprise
153 Taylor Street
Littleton, MA 01460
USA

-Bob Pittman
TEL: 1-508-467-0284
FAX: 1-978-264-5522

HPE Comware Firmware

Version Comware Crypto 7.1.1.1.1.53 (Firmware)
ARM Cortex-A9 1GHz * 2; Broadcom XLP108, 1.0GHz, MIPS; Broadcom XLP316, 1.2GHz, MIPS 9/16/2016 IKEv1( AUTH( DSA , PSK ) ) ( 2048 (SHA 1 , 224 , 256 , 384 , 512 ) ) ( 256 (SHA 1 , 224 , 256 , 384 , 512 ) ) ( 384 (SHA 1 , 224 , 256 , 384 , 512 ) ) SHA Val#3368 HMAC Val#2672
IKEv2( ( 2048 (SHA 1 , 224 , 256 , 384 , 512 ) ) ( 256 (SHA 1 , 224 , 256 , 384 , 512 ) ) ( 384 (SHA 1 , 224 , 256 , 384 , 512 ) ) SHA Val#3368 HMAC Val#2672
TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#3368 HMAC Val#2672
SSH (SHA 1 , 224 , 256 , 384 , 512 ) SHA Val#3368
SNMP SHA1 Val#3368

"Comware cryptographic library is a software library that provides cryptographic functions within HPE network devices."

909
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Hewlett Packard Enterprise
153 Taylor Street
Littleton, MA 01460
USA

-Bob Pittman
TEL: 1-508-467-0284
FAX: 1-978-264-5522

HPE Comware Firmware

Version Comware Crypto 7.1.1.1.1.53 (Firmware)
ARM Cortex-A9 1GHz * 2; Broadcom XLP108, 1.0GHz, MIPS; Broadcom XLP316, 1.2GHz, MIPS 9/16/2016 Curves tested: P-224   P-256   P-384   P-521

"Comware cryptographic library is a software library that provides cryptographic functions within HPE network devices."

908
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Hewlett Packard Enterprise
153 Taylor Street
Littleton, MA 01460
USA

-Bob Pittman
TEL: 1-508-467-0284
FAX: 1-978-264-5522

HPE Comware Firmware

Version Comware Crypto 7.1.1.1.1.52 (Firmware)
Cavium CN6130, 1Ghz, MIPS; Cavium CN6218, 1Ghz, MIPS; Cavium CN6635, 1.3Ghz, MIPS; Freescale P1016, 667Mhz, PowerPC; Freescale P1021, 800Mhz, PowerPC 9/16/2016 IKEv1( AUTH( DSA , PSK ) ) ( 2048 (SHA 1 , 224 , 256 , 384 , 512 ) ) ( 256 (SHA 1 , 224 , 256 , 384 , 512 ) ) ( 384 (SHA 1 , 224 , 256 , 384 , 512 ) ) SHA Val#3367 HMAC Val#2671
IKEv2( ( 2048 (SHA 1 , 224 , 256 , 384 , 512 ) ) ( 256 (SHA 1 , 224 , 256 , 384 , 512 ) ) ( 384 (SHA 1 , 224 , 256 , 384 , 512 ) ) SHA Val#3367 HMAC Val#2671
TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#3367 HMAC Val#2671
SSH (SHA 1 , 224 , 256 , 384 , 512 ) SHA Val#3367
SNMP SHA1 Val#3367

"Comware cryptographic library is a software library that provides cryptographic functions within HPE network devices."

907
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Hewlett Packard Enterprise
153 Taylor Street
Littleton, MA 01460
USA

-Bob Pittman
TEL: 1-508-467-0284
FAX: 1-978-264-5522

HPE Comware Firmware

Version Comware Crypto 7.1.1.1.1.52 (Firmware)
Cavium CN6130, 1Ghz, MIPS; Cavium CN6218, 1Ghz, MIPS; Cavium CN6635, 1.3Ghz, MIPS; Freescale P1016, 667Mhz, PowerPC; Freescale P1021, 800Mhz, PowerPC 9/16/2016 Curves tested: P-224   P-256   P-384   P-521

"Comware cryptographic library is a software library that provides cryptographic functions within HPE network devices."

906
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Hewlett Packard Enterprise
153 Taylor Street
Littleton, MA 01460
USA

-Bob Pittman
TEL: 1-508-467-0284
FAX: 1-978-264-5522

HPE Comware Firmware

Version Comware Crypto 7.1.1.1.1.50 (Firmware)
Broadcom XLP108AQ, 1GHz, MIPS; Broadcom XLP316, 1.2GHz, MIPS; Broadcom XLS208, Cortex-A9, 1GHz 9/16/2016 IKEv1( AUTH( DSA , PSK ) ) ( 2048 (SHA 1 , 224 , 256 , 384 , 512 ) ) ( 256 (SHA 1 , 224 , 256 , 384 , 512 ) ) ( 384 (SHA 1 , 224 , 256 , 384 , 512 ) ) SHA Val#3366 HMAC Val#2670
IKEv2( ( 2048 (SHA 1 , 224 , 256 , 384 , 512 ) ) ( 256 (SHA 1 , 224 , 256 , 384 , 512 ) ) ( 384 (SHA 1 , 224 , 256 , 384 , 512 ) ) SHA Val#3366 HMAC Val#2670
TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#3366 HMAC Val#2670
SSH (SHA 1 , 224 , 256 , 384 , 512 ) SHA Val#3366
SNMP SHA1 Val#3366

"Comware cryptographic library is a software library that provides cryptographic functions within HPE network devices."

905
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Hewlett Packard Enterprise
153 Taylor Street
Littleton, MA 01460
USA

-Bob Pittman
TEL: 1-508-467-0284
FAX: 1-978-264-5522

HPE Comware Firmware

Version Comware Crypto 7.1.1.1.1.50 (Firmware)
Broadcom XLP108AQ, 1GHz, MIPS; Broadcom XLP316, 1.2GHz, MIPS; Broadcom XLS208, Cortex-A9, 1GHz 9/16/2016 Curves tested: P-224   P-256   P-384   P-521

"Comware cryptographic library is a software library that provides cryptographic functions within HPE network devices."

904
Section 4.2,
TLS
Section 5.4, SNMP
SP800-135
Ixia
26601 W. Agoura Road
Calabasas, California 91302
USA

-Tom Casella
TEL: 703-288-0184

NTO Crypto Library

Version 1.0.1-0 (Firmware)
Intel i7 3555LE 9/16/2016 TLS( TLS1.2 (SHA 256 ) ) SHA Val#3365 HMAC Val#2669
SNMP SHA1 Val#3365

"The NTO Crypto library performs all cryptographic functionality for the NTO 7303 and Vision ONE appliances, including asymmetric key generation, symmetric encryption, hashing, and digital signatures, and provides the SNMPv3 and TLSv1.2 protocols."

903
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Centrify Corporation
3300 Tannery Way
Santa Clara, California 95054
USA

-Kitty Shih
TEL: 669-444-5238

Centrify Cryptographic Library

Version 2.0
PowerPC Power 7 w/ AIX 7.2 (32-bit); MacBook Pro Intel Core i7 w/ Mac OS 10.11.5; Intel Xeon x86_64 w/ RHEL 7.2; PowerPC Power 7 w/ AIX 7.2 (64-bit) 9/16/2016 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"Centrify Cryptographic Library version 2.0 is a general purpose cryptographic library that provides cryptographic services for Centrify products."

01/17/17: Updated implementation information and added new tested information;

902
Section 4.2,
TLS
SP800-135
IBM Corporation
2455 South Road
Poughkeepsie, New York 12601-5400
USA

-John Monti
TEL: 845-435-4164

IBM z/OS(R) Cryptographic Services System SSL - 64bit

Version OA50589
IBM z13 w/ IBM z/OS(R) v2.1 9/16/2016 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#3362 HMAC Val#2666

"z/OS® System SSL provides a rich set of C based applcation programming interfaces that allow applications to protect data using the SSL/TLS protocols and through PKCS#7 cryptographic messages. z/OS System SSL also enables applications to create and manage X.509 V3 certificates and keys within key database files and PKCS#11 tokens."

901
Section 4.2,
TLS
SP800-135
IBM Corporation
2455 South Road
Poughkeepsie, New York 12601-5400
USA

-John Monti
TEL: 845-435-4164

IBM z/OS(R) Cryptographic Services System SSL - 31bit

Version OA50589
IBM z13 w/ IBM z/OS(R) v2.1 9/16/2016 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#3361 HMAC Val#2665

"z/OS® System SSL provides a rich set of C based applcation programming interfaces that allow applications to protect data using the SSL/TLS protocols and through PKCS#7 cryptographic messages. z/OS System SSL also enables applications to create and manage X.509 V3 certificates and keys within key database files and PKCS#11 tokens."

900
Section 5.4, SNMP
SP800-135
Microwave Networks Inc.
4000 Greenbriar Dr.
Stafford, TX 77477
USA

-Ben Lee
TEL: 281-263-6569
FAX: 281-263-6400

-Angelos Liveris
TEL: 281-263-6701

SW,LIBRARY,MX,FIPS SECURITY FUNCTION (4600314-00A)

Version 0.A (Firmware)
Freescale PowerQUICC MPC875ZT66 9/9/2016 SNMP SHA1 Val#3360

"The Security Function Library includes AES, DSA, HMAC, SHA, and SNMP-KDF algorithms for use in the Application Code firmware component of the Microwave Networks Inc cryptographic module."

899
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Comtech EF Data Corporation
2114 West 7th Street
Tempe, Arizona 85281
USA

-Kasra Akhavan-Toyserkani
TEL: (240)243-1837
FAX: (240)243-1853

-Parag Patel
TEL: (240)243-1876
FAX: (240)243-1853

TRANSEC Cryptographic Engine

Version 2.2.4 (Firmware)
AMCC PowerPC 440EP 9/9/2016 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"The Comtech EF Data FIPS Security Module features an FPGA to perform bulk encryption/decryption for Ethernet data traffic via Comtech Satellite Modems, as well as firmware to provide the cryptographic functions needed to act as a endpoint for TLS management and control traffic."

898
All of SP800-56A EXCEPT KDF
SP800-56A
Kyocera Corporation
9520 Towne Centre Drive
Suite 200
San Diego, CA 92121
USA

-n/a

DuraForce PRO OpenSSL Library

Version OpenSSL 1.0.2f
Qualcomm MSM8952 w/ Android 6.0.1 9/9/2016 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC SHS Val#3358 DRBG Val#1224
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: EphemUnified: (KARole: Initiator ) EC: P-256 ED: P-384 ECDSA Val#921 SHS Val#3358 DRBG Val#1224

"DuraForce PRO OpenSSL 1.0.2f"

897
RSADP Primitive
FIPS186-4 RSA; RSADP
Kyocera Corporation
9520 Towne Centre Drive
Suite 200
San Diego, CA 92121
USA

-n/a

DuraForce PRO OpenSSL Library

Version OpenSSL 1.0.2f
Qualcomm MSM8952 w/ Android 6.0.1 9/9/2016 RSADP: (Mod2048)

"DuraForce PRO OpenSSL 1.0.2f"

896
Section 4.2,
TLS
SP800-135
Kyocera Corporation
9520 Towne Centre Drive
Suite 200
San Diego, CA 92121
USA

-n/a

DuraForce PRO OpenSSL Library

Version OpenSSL 1.0.2f
Qualcomm MSM8952 w/ Android 6.0.1 9/9/2016 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#3358 HMAC Val#2662

"DuraForce PRO OpenSSL 1.0.2f"

895
RSADP Primitive
FIPS186-4 RSA; RSADP
Microsoft Corporation
One Microsoft Way
Redmond, WA 98052-6399
USA

-Tim Myers
TEL: 800-Microsoft

Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4 and Surface Pro 3 w/ Windows 10 Anniversary Update Virtual TPM Implementations

Version 10.0.14393
Intel Core i7 with AES-NI and PCLMULQDQ and SSSE 3 w/ Microsoft Surface Pro 3 w/ Windows 10 Enterprise Anniversary Update (x64); Intel Core i7 with AES-NI and PCLMULQDQ and SSSE 3 w/ Microsoft Surface Pro 3 w/ Windows 10 Pro Anniversary Update (x64); Intel Core i5 with AES-NI and PCLMULQDQ and SSSE 3 w/ Microsoft Surface Pro 4 w/ Windows 10 Enterprise Anniversary Update (x64); Intel Core i5 with AES-NI and PCLMULQDQ and SSSE 3 w/ Microsoft Surface Pro 4 w/ Windows 10 Pro Anniversary Update (x64); Intel Core i7 with AES-NI and PCLMULQDQ and SSSE 3 w/ Microsoft Surface Book w/ Windows 10 Enterprise Anniversary Update (x64); Intel Core i7 with AES-NI and PCLMULQDQ and SSSE 3 w/ Microsoft Surface Book w/ Windows 10 Pro Anniversary Update (x64); Intel Xeon with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows 10 Enterprise Anniversary Update (x64); Intel Xeon with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows 10 Pro Anniversary Update (x64); AMD A4 with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows 10 Enterprise Anniversary Update (x64); AMD A4 with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows Server 2016 Standard (x64); Intel Xeon with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows Server 2016 Standard (x64); Intel Xeon with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows Server 2016 Datacenter (x64); Intel Xeon with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows Storage Server 2016 (x64) ;  Intel Xeon with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows 10 Enterprise LTSB Anniversary Update (x64); Intel Core i7 with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows 10 Enterprise LTSB Anniversary Update (x64) 9/9/2016 RSADP: (Mod2048)

"The Microsoft Windows Virtual TPM implementations provide cryptography algorithms to support the Virtual TPM functionality for Hyper-V"

09/28/16: Added new tested information;

894
Signature Generation of hash sized messages
FIPS186-4 ECDSA
Microsoft Corporation
One Microsoft Way
Redmond, WA 98052-6399
USA

-Tim Myers
TEL: 800-Microsoft

Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4 and Surface Pro 3 w/ Windows 10 Anniversary Update Virtual TPM Implementations

Version 10.0.14393
Intel Core i7 with AES-NI and PCLMULQDQ and SSSE 3 w/ Microsoft Surface Pro 3 w/ Windows 10 Enterprise Anniversary Update (x64); Intel Core i7 with AES-NI and PCLMULQDQ and SSSE 3 w/ Microsoft Surface Pro 3 w/ Windows 10 Pro Anniversary Update (x64); Intel Core i5 with AES-NI and PCLMULQDQ and SSSE 3 w/ Microsoft Surface Pro 4 w/ Windows 10 Enterprise Anniversary Update (x64); Intel Core i5 with AES-NI and PCLMULQDQ and SSSE 3 w/ Microsoft Surface Pro 4 w/ Windows 10 Pro Anniversary Update (x64); Intel Core i7 with AES-NI and PCLMULQDQ and SSSE 3 w/ Microsoft Surface Book w/ Windows 10 Enterprise Anniversary Update (x64); Intel Core i7 with AES-NI and PCLMULQDQ and SSSE 3 w/ Microsoft Surface Book w/ Windows 10 Pro Anniversary Update (x64); Intel Xeon with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows 10 Enterprise Anniversary Update (x64); Intel Xeon with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows 10 Pro Anniversary Update (x64); AMD A4 with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows 10 Enterprise Anniversary Update (x64); AMD A4 with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows Server 2016 Standard (x64); Intel Xeon with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows Server 2016 Standard (x64); Intel Xeon with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows Server 2016 Datacenter (x64); Intel Xeon with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows Storage Server 2016 (x64) ;  Intel Xeon with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows 10 Enterprise LTSB Anniversary Update (x64); Intel Core i7 with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows 10 Enterprise LTSB Anniversary Update (x64) 9/9/2016 ECDSA SigGen Component: CURVES( P-256 P-384 )

"The Microsoft Windows Virtual TPM implementations provide cryptography algorithms to support the Virtual TPM functionality for Hyper-V"

09/28/16: Added new tested information;

893
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Microsoft Corporation
One Microsoft Way
Redmond, WA 98052-6399
USA

-Tim Myers
TEL: 800-Microsoft

Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4 and Surface Pro 3 w/ Windows 10 Anniversary Update Virtual TPM Implementations

Version 10.0.14393
Intel Core i7 with AES-NI and PCLMULQDQ and SSSE 3 w/ Microsoft Surface Pro 3 w/ Windows 10 Enterprise Anniversary Update (x64); Intel Core i7 with AES-NI and PCLMULQDQ and SSSE 3 w/ Microsoft Surface Pro 3 w/ Windows 10 Pro Anniversary Update (x64); Intel Core i5 with AES-NI and PCLMULQDQ and SSSE 3 w/ Microsoft Surface Pro 4 w/ Windows 10 Enterprise Anniversary Update (x64); Intel Core i5 with AES-NI and PCLMULQDQ and SSSE 3 w/ Microsoft Surface Pro 4 w/ Windows 10 Pro Anniversary Update (x64); Intel Core i7 with AES-NI and PCLMULQDQ and SSSE 3 w/ Microsoft Surface Book w/ Windows 10 Enterprise Anniversary Update (x64); Intel Core i7 with AES-NI and PCLMULQDQ and SSSE 3 w/ Microsoft Surface Book w/ Windows 10 Pro Anniversary Update (x64); Intel Xeon with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows 10 Enterprise Anniversary Update (x64); Intel Xeon with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows 10 Pro Anniversary Update (x64); AMD A4 with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows 10 Enterprise Anniversary Update (x64); AMD A4 with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows Server 2016 Standard (x64); Intel Xeon with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows Server 2016 Standard (x64); Intel Xeon with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows Server 2016 Datacenter (x64); Intel Xeon with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows Storage Server 2016 (x64) ;  Intel Xeon with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows 10 Enterprise LTSB Anniversary Update (x64); Intel Core i7 with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows 10 Enterprise LTSB Anniversary Update (x64) 9/9/2016 RSASP1: (Mod2048: PKCS1.5 )

"The Microsoft Windows Virtual TPM implementations provide cryptography algorithms to support the Virtual TPM functionality for Hyper-V"

09/28/16: Added new tested information;

892
Section 4.2,
TLS
SP800-135
Fortinet Inc.
899 Kifer Road
Sunnyvale, CA 94086
USA

-Kerrie Newton
TEL: 613-225-9381
FAX: 613-225-9951

-Alan Kaye
TEL: 613-225-9381 x87416
FAX: 613-225-9951

Fortinet FortiAP OS FIPS Cryptographic Library

Version 5.2 (Firmware)
FreeScale P1010 9/9/2016 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 ) ) SHA Val#3356 HMAC Val#2660

"This document focuses on the firmware implementation of the Fortinet FortiAP OS FIPS Cryptographic Library v5.2 running on Pwer PC compatible processors."

891
Section 4.2,
TLS
SP800-135
Fortinet Inc.
899 Kifer Road
Sunnyvale, CA 94086
USA

-Kerrie Newton
TEL: 613-225-9381
FAX: 613-225-9951

-Alan Kaye
TEL: 613-225-9381 x87416
FAX: 613-225-9951

Fortinet FortiAP WiFi Chipset Library

Part # FAP-320C
N/A 9/9/2016 TLS( TLS1.0/1.1 ) SHA Val#3355 HMAC Val#2659

"This document focuses on the firmware implementation of the Fortinet FortiAP WiFi Chipset Cryptographic Library v5.2 running on PowerPC compatible processors."

890
Signature Generation of hash sized messages
FIPS186-4 ECDSA
Security First Corp.
29811 Santa Margarita Parkway
Suite 600
Rancho Santa Margarita, CA 92688
USA

-Rick Orsini
TEL: 949-858-7525
FAX: 949-858-7092

Secure Parser Library

Version 4.7.1.0
Qualcomm Snapdragon 801 w/ Android 5.1; Qualcomm Snapdragon 801 w/ Android 6.0; Samsung Exynos 7420 w/ Android 5.1; Samsung Exynos 7420 w/ Android 6.0; Qualcomm MSM8996 Snapdragon 820 w/ Android 6.0 9/9/2016 ECDSA SigGen Component: CURVES( P-521 )

"The Secure Parser Library is a suite of general security routines using FIPS Approved algorithms for its cryptography. An AES key size of 256 bits and equivalent key sizes for all other algorithms are supported by the library."

889
RSADP Primitive
FIPS186-4 RSA; RSADP
Security First Corp.
29811 Santa Margarita Parkway
Suite 600
Rancho Santa Margarita, CA 92688
USA

-Rick Orsini
TEL: 949-858-7525
FAX: 949-858-7092

Secure Parser Library

Version 4.7.1.0
Qualcomm Snapdragon 801 w/ Android 5.1; Qualcomm Snapdragon 801 w/ Android 6.0; Samsung Exynos 7420 w/ Android 5.1; Samsung Exynos 7420 w/ Android 6.0; Qualcomm MSM8996 Snapdragon 820 w/ Android 6.0 9/9/2016 RSADP: (Mod2048)

"The Secure Parser Library is a suite of general security routines using FIPS Approved algorithms for its cryptography. An AES key size of 256 bits and equivalent key sizes for all other algorithms are supported by the library."

888
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Microsoft Corporation
One Microsoft Way
Redmond, WA 98052-6399
USA

-Tim Myers
TEL: 800-Microsoft

Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, Surface Pro 3 and Surface 3 w/ Windows 10 Anniversary Update; Microsoft Lumia 950 and Lumia 650 w/ Windows 10 Mobile Anniversary Update MsBignum Cryptographic Implementations

Version 10.0.14393
Intel Core i7 with AES-NI and PCLMULQDQ and SSSE 3 w/Microsoft Surface Pro 3 w/ Windows 10 Enterprise Anniversary Update (x64); Intel Core i7 with AES-NI and PCLMULQDQ and SSSE 3 w/Microsoft Surface Pro 3 w/ Windows 10 Pro Anniversary Update (x64); Intel Core i5 with AES-NI and PCLMULQDQ and SSSE 3 w/Microsoft Surface Pro 4 w/ Windows 10 Enterprise Anniversary Update (x64); Intel Core i5 with AES-NI and PCLMULQDQ and SSSE 3 w/Microsoft Surface Pro 4 w/ Windows 10 Pro Anniversary Update (x64); Intel Core i7 with AES-NI and PCLMULQDQ and SSSE 3 w/Microsoft Surface Book w/ Windows 10 Enterprise Anniversary Update (x64); Intel Core i7 with AES-NI and PCLMULQDQ and SSSE 3 w/Microsoft Surface Book w/ Windows 10 Pro Anniversary Update (x64); Intel Atom x7 with AES-NI and PCLMULQDQ and SSSE 3 w/Microsoft Surface 3 w/ Windows 10 Anniversary Update (x64); Intel Xeon with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows 10 Enterprise Anniversary Update (x64); Intel Xeon with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows 10 Pro Anniversary Update (x64); AMD A4 with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows 10 Enterprise Anniversary Update (x64); AMD A4 with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows Server 2016 Standard (x64); Intel Core i3 without AES-NI or PCLMULQDQ or SSSE 3 w/ Windows 10 Enterprise Anniversary Update (x86); Intel Core i3 without AES-NI or PCLMULQDQ or SSSE 3 w/ Windows 10 Pro Anniversary Update (x86); Intel Core i3 without AES-NI or PCLMULQDQ or SSSE 3 w/ Windows 10 Anniversary Update (x86); Intel Core i7 with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows 10 Anniversary Update (x64); Intel Xeon with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows Server 2016 Standard (x64); Intel Xeon with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows Server 2016 Datacenter (x64); Intel Xeon with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows Storage Server 2016 (x64); Qualcomm Snapdragon 808 (A57, A53) w/Microsoft Lumia 950 w/ Windows 10 Mobile Anniversary Update (ARMv7) ;  Intel Xeon with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows 10 Enterprise LTSB Anniversary Update (x64); Intel Core i3 without AES-NI or PCLMULQDQ or SSSE 3 w/ Windows 10 Enterprise LTSB Anniversary Update (x86); Intel Core i7 with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows 10 Enterprise LTSB Anniversary Update (x64); Qualcomm Snapdragon 820 (Kryo) w/ Windows 10 Mobile Anniversary Update (ARMv7); Qualcomm Snapdragon 212 (A7) w/ Microsoft Lumia 650 w/ Windows 10 Mobile Anniversary Update (ARMv7) 8/24/2016 RSASP1: (Mod2048: PKCS1.5 PKCSPSS )

"The Microsoft Windows MSBignum Library algorithm implementation provides DSA, ECDSA, and RSA support to other Microsoft libraries and cryptographic modules."

09/23/16: Added new tested information;
12/23/16: Added new tested information;
01/05/17: Added new tested information;

887
RSADP Primitive
FIPS186-4 RSA; RSADP
Microsoft Corporation
One Microsoft Way
Redmond, WA 98052-6399
USA

-Tim Myers
TEL: 800-Microsoft

Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, Surface Pro 3 and Surface 3 w/ Windows 10 Anniversary Update; Microsoft Lumia 950 and Lumia 650 w/ Windows 10 Mobile Anniversary Update Cryptography Next Generation (CNG) Implementations

Version 10.0.14393
Intel Core i7 with AES-NI and PCLMULQDQ and SSSE 3 w/Microsoft Surface Pro 3 w/ Windows 10 Enterprise Anniversary Update (x64); Intel Core i7 with AES-NI and PCLMULQDQ and SSSE 3 w/Microsoft Surface Pro 3 w/ Windows 10 Pro Anniversary Update (x64); Intel Core i5 with AES-NI and PCLMULQDQ and SSSE 3 w/Microsoft Surface Pro 4 w/ Windows 10 Enterprise Anniversary Update (x64); Intel Core i5 with AES-NI and PCLMULQDQ and SSSE 3 w/Microsoft Surface Pro 4 w/ Windows 10 Pro Anniversary Update (x64); Intel Core i7 with AES-NI and PCLMULQDQ and SSSE 3 w/Microsoft Surface Book w/ Windows 10 Enterprise Anniversary Update (x64); Intel Core i7 with AES-NI and PCLMULQDQ and SSSE 3 w/Microsoft Surface Book w/ Windows 10 Pro Anniversary Update (x64); Intel Atom x7 with AES-NI and PCLMULQDQ and SSSE 3 w/Microsoft Surface 3 w/ Windows 10 Anniversary Update (x64); Intel Xeon with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows 10 Enterprise Anniversary Update (x64); Intel Xeon with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows 10 Pro Anniversary Update (x64); AMD A4 with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows 10 Enterprise Anniversary Update (x64); AMD A4 with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows Server 2016 Standard (x64); Intel Core i3 without AES-NI or PCLMULQDQ or SSSE 3 w/ Windows 10 Enterprise Anniversary Update (x86); Intel Core i3 without AES-NI or PCLMULQDQ or SSSE 3 w/ Windows 10 Pro Anniversary Update (x86); Intel Core i3 without AES-NI or PCLMULQDQ or SSSE 3 w/ Windows 10 Anniversary Update (x86); Intel Core i7 with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows 10 Anniversary Update (x64); Intel Xeon with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows Server 2016 Standard (x64); Intel Xeon with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows Server 2016 Datacenter (x64); Intel Xeon with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows Storage Server 2016 (x64); Qualcomm Snapdragon 808 (A57, A53) w/Microsoft Lumia 950 w/ Windows 10 Mobile Anniversary Update (ARMv7) ;  Intel Xeon with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows 10 Enterprise LTSB Anniversary Update (x64); Intel Core i3 without AES-NI or PCLMULQDQ or SSSE 3 w/ Windows 10 Enterprise LTSB Anniversary Update (x86); Intel Core i7 with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows 10 Enterprise LTSB Anniversary Update (x64); Qualcomm Snapdragon 820 (Kryo) w/ Windows 10 Mobile Anniversary Update (ARMv7); Qualcomm Snapdragon 212 (A7) w/ Microsoft Lumia 650 w/ Windows 10 Mobile Anniversary Update (ARMv7) 8/24/2016 RSADP: (Mod2048)

"The Microsoft Windows Kernel Mode Cryptographic Primitives Library -- Cryptography Next Generation (CNG) -- is a general purpose, software-based, cryptographic module which provides FIPS 140-2 Level 1 cryptography."

09/22/16: Added new tested information;
12/23/16: Added new tested information;
01/05/17: Added new tested information;

886
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
Section 4.2,
TLS
SP800-135
Microsoft Corporation
One Microsoft Way
Redmond, WA 98052-6399
USA

-Tim Myers
TEL: 800-Microsoft

Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, Surface Pro 3 and Surface 3 w/ Windows 10 Anniversary Update; Microsoft Lumia 950 and Lumia 650 w/ Windows 10 Mobile Anniversary Update BcryptPrimitives and NCryptSSLp

Version 10.0.14393
Intel Core i7 with AES-NI and PCLMULQDQ and SSSE 3 w/Microsoft Surface Pro 3 w/ Windows 10 Enterprise Anniversary Update (x64); Intel Core i7 with AES-NI and PCLMULQDQ and SSSE 3 w/Microsoft Surface Pro 3 w/ Windows 10 Pro Anniversary Update (x64); Intel Core i5 with AES-NI and PCLMULQDQ and SSSE 3 w/Microsoft Surface Pro 4 w/ Windows 10 Enterprise Anniversary Update (x64); Intel Core i5 with AES-NI and PCLMULQDQ and SSSE 3 w/Microsoft Surface Pro 4 w/ Windows 10 Pro Anniversary Update (x64); Intel Core i7 with AES-NI and PCLMULQDQ and SSSE 3 w/Microsoft Surface Book w/ Windows 10 Enterprise Anniversary Update (x64); Intel Core i7 with AES-NI and PCLMULQDQ and SSSE 3 w/Microsoft Surface Book w/ Windows 10 Pro Anniversary Update (x64); Intel Atom x7 with AES-NI and PCLMULQDQ and SSSE 3 w/Microsoft Surface 3 w/ Windows 10 Anniversary Update (x64); Intel Xeon with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows 10 Enterprise Anniversary Update (x64); Intel Xeon with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows 10 Pro Anniversary Update (x64); AMD A4 with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows 10 Enterprise Anniversary Update (x64); AMD A4 with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows Server 2016 Standard (x64); Intel Core i3 without AES-NI or PCLMULQDQ or SSSE 3 w/ Windows 10 Enterprise Anniversary Update (x86); Intel Core i3 without AES-NI or PCLMULQDQ or SSSE 3 w/ Windows 10 Pro Anniversary Update (x86); Intel Core i3 without AES-NI or PCLMULQDQ or SSSE 3 w/ Windows 10 Anniversary Update (x86); Intel Core i7 with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows 10 Anniversary Update (x64); Intel Xeon with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows Server 2016 Standard (x64); Intel Xeon with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows Server 2016 Datacenter (x64); Intel Xeon with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows Storage Server 2016 (x64); Qualcomm Snapdragon 808 (A57, A53) w/Microsoft Lumia 950 w/ Windows 10 Mobile Anniversary Update (ARMSv7) ;  Intel Xeon with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows 10 Enterprise LTSB Anniversary Update (x64); Intel Core i3 without AES-NI or PCLMULQDQ or SSSE 3 w/ Windows 10 Enterprise LTSB Anniversary Update (x86); Intel Core i7 with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows 10 Enterprise LTSB Anniversary Update (x64); Qualcomm Snapdragon 820 (Kryo) w/ Windows 10 Mobile Anniversary Update (ARMv7); Qualcomm Snapdragon 212 (A7) w/ Microsoft Lumia 950 w/ Windows 10 Mobile Anniversary Update (ARMv7) 8/24/2016 IKEv1( AUTH( DSA , PKE , PSK ) ) ( 2048 (SHA 256 ) ) ( 256 (SHA 256 ) ) ( 384 (SHA 384 ) ) SHA Val#3347 HMAC Val#2651
IKEv2( ( 2048 (SHA 256 ) ) ( 256 (SHA 256 ) ) ( 384 (SHA 384 ) ) SHA Val#3347 HMAC Val#2651
TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#3347 HMAC Val#2651

"The Microsoft Windows Cryptographic Primitives Library provides IKEv1, IKEv2, and TLS Key Derivation Function (KDF) primitives."

09/22/16: Added new tested information;
12/23/16: Added new tested information;
01/05/17: Added new tested information;
01/11/17: Updated implementation information;

885
RSADP Primitive
FIPS186-4 RSA; RSADP
Enova Technology Corporation
1st Floor, #11, Research & Development
2nd Road Science Park
Hsin-Chu, Taiwan 30076
Republic of China

-Butz Huang
TEL: 886-3-5772767#24
FAX: 886-3-5772770

-Chung-Yen Chiu
TEL: 886-3-5772767
FAX: 886-3-5772770

X-Wall MX+ Cryptographic Library

Part # xF and xN
N/A 8/24/2016 RSADP: (Mod2048)

"The X-Wall MX+ is a SATA-to-SATA realtime single chip cryptographic module capable of encrypting entire disk (or SSD) with SATA Gen3 (6Gbps)/Gen2 (3 Gbps)/Gen1 (1.5Gbps) performance. It includes RSA2048 Key Generation/Signature/Verification, HASH-DRBG RNG, HMAC, CMAC, SHA256 and AES CBC/XTS/ECB symmetric ciphers."

05/12/17: Updated implementation information;

884
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Enova Technology Corporation
1st Floor, #11, Research & Development
2nd Road Science Park
Hsin-Chu, Taiwan 30076
Republic of China

-Butz Huang
TEL: 886-3-5772767#24
FAX: 886-3-5772770

-Chung-Yen Chiu
TEL: 886-3-5772767
FAX: 886-3-5772770

X-Wall MX+ Cryptographic Library

Part # xF and xN
N/A 8/24/2016 RSASP1: (Mod2048: PKCS1.5 PKCSPSS )

"The X-Wall MX+ is a SATA-to-SATA realtime single chip cryptographic module capable of encrypting entire disk (or SSD) with SATA Gen3 (6Gbps)/Gen2 (3 Gbps)/Gen1 (1.5Gbps) performance. It includes RSA2048 Key Generation/Signature/Verification, HASH-DRBG RNG, HMAC, CMAC, SHA256 and AES CBC/XTS/ECB symmetric ciphers."

05/12/17: Updated implementation information;

883
All of SP800-56A EXCEPT KDF
SP800-56A
IBM Corporation
2455 South Road
Poughkeepsie, New York 12601-5400
USA

-John Monti
TEL: 845-435-4164

IBM z/OS(R) Cryptographic Services ICSF PKCS #11

Version OA50113
IBM z13 w/ IBM z/OS(R) v2.1 8/24/2016 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   KPG )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC OneFlow: (KARole: Initiator / Responder ) FB FC Static: (KARole: Initiator / Responder ) FB FC DSA Val#1092 SHS Val#3327 DRBG Val#1206
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   KPG )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 OnePassDH: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 StaticUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 ECDSA Val#901 SHS Val#3327 DRBG Val#1206

"ICSF is a software element of z/OS that works with hardware cryptographic features and the Security Server (RACF) to provide secure, high-speed cryptographic services in the z/OS environment. ICSF, which runs as a started task, provides the application programming interfaces by which applications request the cryptographic services."

882
All of SP800-56A EXCEPT KDF
SP800-56A
IBM Corporation
2455 South Road
Poughkeepsie, New York 12601-5400
USA

-John Monti
TEL: 845-435-4164

IBM z/OS(R) Cryptographic Services ICSF PKCS #11 with CEX5A

Version OA50113
IBM z13 w/ IBM z/OS(R) v2.1 8/24/2016 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   KPG )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC OneFlow: (KARole: Initiator / Responder ) FB FC Static: (KARole: Initiator / Responder ) FB FC DSA Val#1092 SHS Val#3327 DRBG Val#1206

"ICSF is a software element of z/OS that works with hardware cryptographic features and the Security Server (RACF) to provide secure, high-speed cryptographic services in the z/OS environment. ICSF, which runs as a started task, provides the application programming interfaces by which applications request the cryptographic services."

09/07/16: Updated implementation information;

881
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
SP800-135
Lexmark International, Inc.
740 West New Circle Road
Lexington, KY 40550
USA

-Graydon Dodson
TEL: +1 859 232-6483

Crypto Module (user)

Version 3.1
Marvell MV78460-B0 w/ Lexmark Linux v4; Marvell 88PA6270C0 w/ Lexmark Linux v4 8/24/2016 IKEv1( AUTH( DSA , PKE ) ) ( 224 (SHA 512 ) ) SHA Val#3345 HMAC Val#2650
IKEv2( ( 224 (SHA 256 , 512 ) ) SHA Val#3345 HMAC Val#2650

"Lexmark Crypto Module (user)"

880
Section 5.2, SSH
SP800-135
Juniper Networks, Inc.
1133 Innovation Way
Sunnyvale, CA 94089
USA

-Van Nguyen
TEL: 408-936-2247

-Jaz Lin
TEL: 408-936-4318

JUNOS FIPS Version 12.3X48 - OpenSSH

Version 12.3X48-D30 (Firmware)
Cavium Octeon Plus (CN5000 Family); Cavium Octeon II (CN6000 Family); Motorola PowerQUICC III (e500); Intel Celeron M; Intel Xeon C5518 8/12/2016 SSH (SHA 1 , 256 , 384 ) SHA Val#3343

"Juniper Networks SRX Series Services Gateways provide the essential capabilities necessary to connect, secure, and manage enterprise and service provider networks, from the smallest sites to the largest headquarters and data centers."

11/17/16: Updated implementation information;

879
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Attivo Networks, Inc.
47697 Westinghouse Drive, Suite 201
Fremont, CA 94539
USA

-Satya Das
TEL: 510 623-1000

Attivo Cryptographic Provider

Version 1.0
Intel(R) Xeon(R) CPU E5-2620 v2 @2.10GHz w/ Open JDK 1.8 on CentOS 6.5 Intel 64-bit on ESXi 5.5.0 8/12/2016 RSASP1: (Mod2048: PKCS1.5 )

"Attivo Networks is an award winning provider of inside-the-network threat detection, attack analysis and forensics."

06/19/17: Updated implementation information;

878
Section 4.1.2,
IKEv2
Section 4.2,
TLS
Section 5.1,
ANS X9.63-2001
Section 5.2, SSH
Section 5.3, SRTP
SP800-135
Attivo Networks, Inc.
47697 Westinghouse Drive, Suite 201
Fremont, CA 94539
USA

-Satya Das
TEL: 510 623-1000

Attivo Cryptographic Provider

Version 1.0
Intel(R) Xeon(R) CPU E5-2620 v2 @2.10GHz w/ Open JDK 1.8 on CentOS 6.5 Intel 64-bit on ESXi 5.5.0 8/12/2016 IKEv2( ( 224 (SHA 1 , 224 , 256 , 384 , 512 ) ) ( 8192 (SHA 1 , 224 , 256 , 384 , 512 ) ) ( 2048 (SHA 224 , 256 , 384 , 512 ) ) SHA Val#3339 HMAC Val#2644
TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#3339 HMAC Val#2644
ANSX963_2001 (SHS 224 , 256 , 384 , 512 ) SHA Val#3339
SSH (SHA 1 , 224 , 256 , 384 , 512 ) SHA Val#3339
SRTP (AES 128 , 192 , 256 ) AES Val#4049

"Attivo Networks is an award winning provider of inside-the-network threat detection, attack analysis and forensics."

06/16/17: Updated implementation information;

877
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
Section 4.2,
TLS
Section 5.2, SSH
Section 5.3, SRTP
Section 5.4, SNMP
SP800-135
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134
USA

-Global Certification Team

IOS Common Cryptographic Module (IC2M) within Cat4K

Version Rel 1 (1.0.0) (Firmware)
Freescale MPC8572E 8/12/2016 IKEv1( AUTH( DSA , PSK ) ) ( 224 (SHA 1 , 256 ) ) SHA Val#2200 HMAC Val#1622
IKEv2( ( 224 (SHA 1 , 256 ) ) SHA Val#2200 HMAC Val#1622
TLS( TLS1.0/1.1 ) SHA Val#2200 HMAC Val#1622
SSH (SHA 1 ) SHA Val#2200
SRTP (AES 128 , 192 , 256 ) AES Val#2624
SNMP SHA1 Val#2200

"IOS Common Cryptographic Module within cat4k"

876
RSADP Primitive
FIPS186-4 RSA; RSADP
Siemens Canada Ltd.
300 Applewood Crescent
Concord, Ontario L4K 5C7
Canada

-Robert Stagg
TEL: (301) 834-7799

RUGGEDCOM ROS (Rugged Operating System) for RUGGEDCOM Ethernet Switches

Version 4.2.1.F (Firmware)
Freescale PowerPC MPC8308 8/4/2016 RSADP: (Mod2048)

"The RUGGEDCOM Ethernet Switches is designed specifically to withstand harsh environmental conditions including temperature and humidity extremes, shock, vibration, and electromagnetic interference. The ruggedized switches, equipped with RUGGEDCOM ROS, provide Ethernet switching capabilities for customer networks in virtually any environment."

875
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Legion of the Bouncy Castle Inc.
85 The Crescent
Ascot Vale, Victoria 3032
Australia

-David Hook
TEL: +61438170390

-Jon Eaves
TEL: +61417502969

Bouncy Castle FIPS .NET API

Version 1.0.1
Intel Core i7 (6th Gen) w/ Windows 10 Enterprise (64 bit); Intel Core i5 (5th Gen) w/ Windows 8.1 Professional 32 bit; Intel Core i5 (5th Gen) w/ Windows 7 SP1 32 bit; Intel Atom w/ Windows 10 Professional 64 bit; 8/4/2016 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"The Bouncy Castle FIPS .NET API is a comprehensive suite of FIPS Approved algorithms implemented in pure C#. All key sizes and modes have been implemented to allow flexibility and efficiency, and additional algorithms, including some post-quantum ones, are available in non-approved operation as well."

08/16/16: Adding OE

874
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Palo Alto Networks
4301 Great America Parkway
Santa Clara, California 95054
USA

-Richard Bishop
TEL: 408 753 4000

-Jake Bajic
TEL: 408 753 3901

Palo Alto Networks Crypto Module (PA-200, PA-500, PA-2000, PA-3000, PA-4000, PA-5000 and PA-7000 Firewalls, WF-500 and Panorama M-100/M-500)

Version (PAN-OS, Wildfire) 7.1 / (Panorama) 7.1 (Firmware)
Cavium Octeon MIPS64;Intel Multi Core Xeon;Intel Celeron;Intel I7 8/4/2016 Curves tested: P-256   P-384

"The Palo Alto Networks Crypto Module provides the cryptographic functionality for a variety of platforms i.e. the PA-200, PA-500, PA-2000, PA-3000, PA-4000, PA-5000 and PA-7000 firewalls, WF-500 and Panorama M-100/M-500."

873
Signature Generation of hash sized messages
FIPS186-4 ECDSA
Palo Alto Networks
4301 Great America Parkway
Santa Clara, California 95054
USA

-Richard Bishop
TEL: 408 753 4000

-Jake Bajic
TEL: 408 753 3901

Palo Alto Networks Crypto Module (PA-200, PA-500, PA-2000, PA-3000, PA-4000, PA-5000 and PA-7000 Firewalls, WF-500 and Panorama M-100/M-500)

Version (PAN-OS, Wildfire) 7.1 / (Panorama) 7.1 (Firmware)
Cavium Octeon MIPS64;Intel Multi Core Xeon;Intel Celeron;Intel I7 8/4/2016 ECDSA SigGen Component: CURVES( P-256 P-384 P-521 )

"The Palo Alto Networks Crypto Module provides the cryptographic functionality for a variety of platforms i.e. the PA-200, PA-500, PA-2000, PA-3000, PA-4000, PA-5000 and PA-7000 firewalls, WF-500 and Panorama M-100/M-500."

872
Section 4.2,
TLS
SP800-135
Dell SonicWALL
5455 Great America Parkway
Santa Clara, CA 95054
USA

-Gary Tomlinson
TEL: 1-408-962-6756
FAX: 1-408-745-9300

-Usha Sanagala
TEL: 1-408-962-6248
FAX: 1-408-745-9300

ojdk

Version 1.8.0-jdk8u60-b01 (Firmware)
Intel Xeon Haswell with AES-NI; Intel Core 2 Duo; Intel Celeron; Intel Xeon Westmere with AES-NI 7/31/2016 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 ) ) SHA Val#3334 HMAC Val#2640

"Using existing Debian Stable Open JDK binaries."

10/18/16: Updated implementation information;

871
Section 5.2, SSH
SP800-135
Dell SonicWALL
5455 Great America Parkway
Santa Clara, CA 95054
USA

-Gary Tomlinson
TEL: 408-962-6756
FAX: 408-745-9300

-Usha Sanagala
TEL: 1-408-962-6248
FAX: 1-408-745-9300

OpenSSH

Version 6.2p2 (Firmware)
Intel Xeon Haswell with AES-NI; Intel Core 2 Duo; Intel Celeron; Intel Xeon Westmere with AES-NI 7/31/2016 SSH (SHA 1 , 256 ) SHA Val#3335

"SSH may generate keys of any size. Default is 2048. Open source version slightly modified to read our CSPs."

10/18/16: Updated implementation information;

870
Section 4.2,
TLS
SP800-135
Dell SonicWALL
5455 Great America Parkway
Santa Clara, CA 95054
USA

-Gary Tomlinson
TEL: 1-408-962-6756
FAX: 1-408-745-9300

-Usha Sanagala
TEL: 1-408-962-6248
FAX: 1-408-745-9300

OpenSSL

Version 1.0.2h (Firmware)
Intel Xeon Haswell with AES-NI; Intel Core 2 Duo; Intel Celeron; Intel Xeon Westmere with AES-NI 7/31/2016 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 ) ) SHA Val#3335 HMAC Val#2641

"OpenSSL 1.0.2h implementation with minor patches."

10/18/16: Updated implementation information;

869
Section 5.4, SNMP
SP800-135
Dell SonicWALL
5455 Great America Parkway
Santa Clara, CA 95054
USA

-Gary Tomlinson
TEL: 1-408-962-6756
FAX: 1-408-745-9300

-Usha Sanagala
TEL: 1-408-962-6248
FAX: 1-408-745-9300

Net-SNMP

Version 5.6.1 (Firmware)
Intel Xeon Haswell with AES-NI; Intel Core 2 Duo; Intel Celeron; Intel Xeon Westmere with AES-NI 7/31/2016 SNMP SHA1 Val#3335

"Net-snmp-5.6.1 with minor patches."

10/18/16: Updated implementation information;

867
Section 4.2,
TLS
SP800-135
Oracle America, Inc.
500 Oracle Parkway
Redwood City, CA 94065
United States

-Linda Gallops
TEL: 704-972-5018
FAX: 704-321-9273

T10000D TLS Crypto Library

Version 2.3 (Firmware)
Altera NIOS II 7/31/2016 TLS( TLS1.0/1.1 ) SHA Val#3331 HMAC Val#2637

"Oracle’s StorageTek T10000D Tape Drive blends the highest capacity, performance, reliability, and data security to support demanding, 24/7 data center operations. The T10000D delivers fast write speeds (252MB /sec) to a native 8.5 TB of magnetic tape storage; making it ideal for data center operations with growing data volume."

866
Section 5.2, SSH
SP800-135
Oracle America, Inc.
500 Oracle Parkway
Redwood City, CA 94065
United States

-Linda Gallops
TEL: 704-972-5018
FAX: 704-321-9273

T10000D Firmware Crypto Library

Version 2.3 (Firmware)
Altera NIOS II 7/31/2016 SSH (SHA 1 ) SHA Val#3330

"Oracle’s StorageTek T10000D Tape Drive blends the highest capacity, performance, reliability, and data security to support demanding, 24/7 data center operations. The T10000D delivers fast write speeds (252MB /sec) to a native 8.5 TB of magnetic tape storage; making it ideal for data center operations with growing data volume"

865
RSADP Primitive
FIPS186-4 RSA; RSADP
Engage Communication, Inc.
9565 Soquel Drive
Suite 201
Aptos, CA 95003
USA

-Gian-Carlo Bava
TEL: 831 688-1021 ext 106
FAX: N/ A

-Shaun Tomaszewski
TEL: 831 688-1021 ext 104
FAX: N/ A

BlackVault Crypto-OSS

Version 2.0.5 (Firmware)
ARM926EJ-S 7/31/2016 RSADP: (Mod2048)

"The Engage Communication BlackVault cryptographic library provides a FIPS 140-2 approved Application Programming Interface (API) to the BlackVault Hardware Security Module (HSM). The library is based on OpenSSL FIPS version 2.0.5."

864
Section 4.2,
TLS
SP800-135
Engage Communication, Inc.
9565 Soquel Drive
Suite 201
Aptos, CA 95003
USA

-Gian-Carlo Bava
TEL: 831 688-1021 ext 106
FAX: N/ A

-Shaun Tomaszewski
TEL: 831 688-1021 ext 104
FAX: N/ A

BlackVault Crypto-OSS-TLS

Version 1.0.1s (Firmware)
ARM926EJ-S 7/31/2016 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#2327 HMAC Val#1732

"The Engage Communication BlackVault cryptographic library provides a FIPS 140-2 approved Application Programming Interface (API) to the BlackVault Hardware Security Module (HSM). The KDF function is based on OpenSSL version 1.0.1s."

863
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Siemens Canada Ltd.
300 Applewood Crescent
Concord, Ontario L4K 5C7
Canada

-Robert Stagg
TEL: (301) 834-7799

RUGGEDCOM ROS (Rugged Operating System) for RUGGEDCOM Ethernet Switches and RUGGEDCOM Serial Device Server

Version 4.2.1.F (Firmware)
Freescale ColdFire MCF5272 7/31/2016 Curves tested: P-521

"The RUGGEDCOM Switches and Server are designed specifically to withstand harsh environmental conditions including temperature and humidity extremes, shock, vibration, and electromagnetic interference. The ruggedized switches and server, similarly equipped with RUGGEDCOM ROS, provides Ethernet to serial conversion for customer networks."

862
RSADP Primitive
FIPS186-4 RSA; RSADP
Siemens Canada Ltd.
300 Applewood Crescent
Concord, Ontario L4K 5C7
Canada

-Robert Stagg
TEL: (301) 834-7799

RUGGEDCOM ROS (Rugged Operating System) for RUGGEDCOM Ethernet Switches and RUGGEDCOM Serial Device Server

Version 4.2.1.F (Firmware)
Freescale ColdFire MCF5272 7/31/2016 RSADP: (Mod2048)

"The RUGGEDCOM Switches and Server are designed specifically to withstand harsh environmental conditions including temperature and humidity extremes, shock, vibration, and electromagnetic interference. The ruggedized switches and server, similarly equipped with RUGGEDCOM ROS, provides Ethernet to serial conversion for customer networks."

861
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Siemens Canada Ltd.
300 Applewood Crescent
Concord, Ontario L4K 5C7
Canada

-Robert Stagg
TEL: (301) 834-7799

RUGGEDCOM ROS (Rugged Operating System) for RUGGEDCOM Ethernet Switches and RUGGEDCOM Serial Device Server

Version 4.2.1.F (Firmware)
Freescale ColdFire MCF5272 7/31/2016 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#3329 HMAC Val#2635
SSH (SHA 1 ) SHA Val#3329

"The RUGGEDCOM Switches and Server are designed specifically to withstand harsh environmental conditions including temperature and humidity extremes, shock, vibration, and electromagnetic interference. The ruggedized switches and server, similarly equipped with RUGGEDCOM ROS, provides Ethernet to serial conversion for customer networks."

860
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Aviat Networks
5200 Great America Parkway
Santa Clara, California 95054
USA

-Ruth French
TEL: +44 1698 717200

Secure Management

Version 7.7 (Firmware)
Motorola MPC866 7/31/2016 Curves tested: P-256

"Eclipse Intelligent Node Unit (INUe). The module provides data security by encrypting the payload traffic on the microwave link between up to three radios. It also provides the Strong Encryption Suite for secure module management and uses AES encryption to secure SNMP v3 management traffic."

859
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Siemens Canada Ltd.
300 Applewood Crescent
Concord, Ontario L4K 5C7
Canada

-Robert Stagg
TEL: (301) 834-7799

RUGGEDCOM ROS (Rugged Operating System) for RUGGEDCOM Ethernet Switches

Version 4.2.1.F (Firmware)
Freescale PowerPC MPC8308 7/31/2016 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#3336
SSH (SHA 1 ) SHA Val#3336

"The RUGGEDCOM Ethernet Switches is designed specifically to withstand harsh environmental conditions including temperature and humidity extremes, shock, vibration, and electromagnetic interference. The ruggedized switches, equipped with RUGGEDCOM ROS, provide Ethernet switching capabilities for customer networks in virtually any environment."

858
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Siemens Canada Ltd.
300 Applewood Crescent
Concord, Ontario L4K 5C7
Canada

-Robert Stagg
TEL: (301) 834-7799

RUGGEDCOM ROS (Rugged Operating System) for RUGGEDCOM Ethernet Switches

Version 4.2.1.F (Firmware)
Freescale PowerPC MPC8308 7/31/2016 Curves tested: P-521

"The RUGGEDCOM Ethernet Switches is designed specifically to withstand harsh environmental conditions including temperature and humidity extremes, shock, vibration, and electromagnetic interference. The ruggedized switches, equipped with RUGGEDCOM ROS, provide Ethernet switching capabilities for customer networks in virtually any environment."

857
Section 4.2,
TLS
SP800-135
DocuSign, Inc.
221 Main St.
Suite 1000
San Francisco, CA 94105
USA

-Ezer Farhi
TEL: 972-3-9279529
FAX: 972-3-9230864

-Moshe Harel
TEL: 972-3-9279578
FAX: 972-3-9230864

PrivateServer-OpenSSL

Version 5.0.0 (Firmware)
Part # 5.0
Intel® E3-1268LV3 Quad-Core 7/31/2016 TLS( TLS1.2 (SHA 256 ) )

"PrivateServer performs sensitive cryptographic operations internally in a tamper-proof, high performance device. PrivateServer is configured as a network server or as a cryptographic backend to a host"

856
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Utimaco IS GmbH
Germanusstraße 4
Aachen, n/a 52080
Germany

-Dr. Gesa Ott
TEL: 49 241-1696-200
FAX: 49 241-1696-199

-Dieter Bong
TEL: 49 241-1696-200
FAX: 49 241-1696-199

CryptoServer Se2 ECDSA

Version ecdsa1.1.8.7_eca1.1.7.6 (Firmware)
Part # Texas Instruments TMS320C6416T
Texas Instruments TMS320C6416T 7/31/2016 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"ECDSA Component implements all ECDSA key sizes and curves to allow flexibility and efficiency."

855
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Utimaco IS GmbH
Germanusstraße 4
Aachen, n/a 52080
Germany

-Dr. Gesa Ott
TEL: 49 241-1696-200
FAX: 49 241-1696-199

-Dieter Bong
TEL: 49 241-1696-200
FAX: 49 241-1696-199

CryptoServer Se2 ECDSA with Accelerator (Exar DX8204)

Version ecdsa1.1.8.7_eca1.1.7.6_hce2.2.2.1_exar2.1.1.4 (Firmware)
Part # Texas Instruments TMS320C6416T_EXAR DX8204
Texas Instruments TMS320C6416T + EXAR DX8204 7/31/2016 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"ECDSA Component implements all ECDSA key sizes and curves to allow flexibility and efficiency. Accelerator chip is used to increase performance."

854
Section 5.1,
ANS X9.63-2001
SP800-135
Information Security Corp
1011 Lake St. Suite 425
Oak Park, IL 60118
USA

-Jonathan Schulze-Hewett
TEL: 708-445-1704
FAX: 708-445-9705

-Michael Markowitz
TEL: 708-445-1704
FAX: 708-445-9705

ISC Cryptographic Development Kit (CDK)

Version 8.0
AMD A8-3850 without AES-NI w/ Windows 10 (64-bit) 7/31/2016 ANSX963_2001 (SHS 224 , 256 , 384 , 512 ) SHA Val#3307

"The ISC Cryptographic Development Kit (CDK) is a software development toolkit providing a comprehensive set of cryptographic primitives for use in any application. It includes RSA, DSA/Diffie-Hellman and elliptic curve algorithms, as well as a wide range of symmetric ciphers and hash functions."

853
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Information Security Corp
1011 Lake St. Suite 425
Oak Park, IL 60118
USA

-Jonathan Schulze-Hewett
TEL: 708-445-1704
FAX: 708-445-9705

-Michael Markowitz
TEL: 708-445-1704
FAX: 708-445-9705

ISC Cryptographic Development Kit (CDK)

Version 8.0
AMD A8-3850 without AES-NI w/ Windows 10 (64-bit); Intel Core i7 with AES-NI w/ CentOS 6.7 (64-bit);Intel Core i7 with AES-NI w/ Windows 10 (64-bit); 7/31/2016 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"The ISC Cryptographic Development Kit (CDK) is a software development toolkit providing a comprehensive set of cryptographic primitives for use in any application. It includes RSA, DSA/Diffie-Hellman and elliptic curve algorithms, as well as a wide range of symmetric ciphers and hash functions."

852
All of SP800-56A EXCEPT KDF
SP800-56A
Seagate Technology, LLC.
1280 Disc Drive
Shakopee, Minnesota 55379
US

-David R Kaiser, PMP
TEL: 952-402-2356
FAX: 952-402-1273

800-56A KAS in Firmware

Version 2.0 (Firmware)
ARM Cortex-R Family 7/31/2016 FFC: SCHEMES: Ephem: (KARole: Initiator / Responder ) FB SHS Val#3304 DRBG Val#1146

"800-56A Key Agreement Scheme (Finite Field Cryptography) based implementation in Seagate''s Self-Encrypting Drives (SEDs)."

851
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Fortinet Inc.
899 Kifer Road
Sunnyvale, CA 94086
USA

-Alan Kaye
TEL: 613-225-9381 x87416
FAX: 613-225-9951

Fortinet FortiGate-VM SSL Cryptographic Library v5.2

Version 5.2.7
Intel Xeon E5 w/ FortiGate-VM running on VMware 64bit, ESXi 5.5 7/31/2016 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 ) ) SHA Val#3318 HMAC Val#2624
SSH (SHA 1 ) SHA Val#3318

"This document focuses on the software implementation of the Fortinet FortiGate-VM SSL Cryptographic Library v5.2 running on Intel x86 compatible processors."

850
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
SP800-135
Fortinet Inc.
899 Kifer Road
Sunnyvale, CA 94086
USA

-Alan Kaye
TEL: 613-225-9381 x87416
FAX: 613-225-9951

Fortinet FortiGate-VM FIPS Cryptographic Library v5.2

Version 5.2.7
Intel Xeon E5 w/ FortiGate-VM running on Vmware 64bit, ESXi 5.5 7/31/2016 IKEv1( AUTH( DSA , PKE , PSK ) ) ( 224 (SHA 1 , 256 , 384 , 512 ) ) ( 8192 (SHA 1 , 256 , 384 , 512 ) ) ( 2048 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#3317 HMAC Val#2623
IKEv2( ( 224 (SHA 1 , 256 , 384 , 512 ) ) ( 8192 (SHA 1 , 256 , 384 , 512 ) ) ( 2048 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#3317 HMAC Val#2623

"This document focuses on the software implementation of the Fortinet FortiGate-VM FIPS Cryptographic Library v5.2 running on Intel x86 compatible processors."

11/22/16: Updated implementation information;

849
All of SP800-56A EXCEPT KDF
SP800-56A
Palo Alto Networks
4301 Great America Parkway
Santa Clara, California 95054
USA

-Richard Bishop
TEL: 408 753 4000

-Jake Bajic
TEL: 408 753 3901

Palo Alto Networks Crypto Module (PA-200, PA-500, PA-2000, PA-3000, PA-4000, PA-5000 and PA-7000 Firewalls, WF-500 and Panorama M-100/M-500)

Version (PAN-OS, Wildfire) 7.1 / (Panorama) 7.1 (Firmware)
Cavium Octeon MIPS64;Intel Multi Core Xeon;Intel Celeron;Intel I7 7/31/2016 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC DSA Val#1089 SHS Val#3316 DRBG Val#1198
ECC:
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 ECDSA Val#896 SHS Val#3316 DRBG Val#1198 HMAC Val#2622

"The Palo Alto Networks Crypto Module provides the cryptographic functionality for a variety of platforms i.e. the PA-200, PA-500, PA-2000, PA-3000, PA-4000, PA-5000 and PA-7000 firewalls, WF-500 and Panorama M-100/M-500."

848
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Palo Alto Networks
4301 Great America Parkway
Santa Clara, California 95054
USA

-Richard Bishop
TEL: 408 753 4000

-Jake Bajic
TEL: 408 753 3901

Palo Alto Networks Crypto Module (PA-200, PA-500, PA-2000, PA-3000, PA-4000, PA-5000 and PA-7000 Firewalls, WF-500 and Panorama M-100/M-500)

Version (PAN-OS, Wildfire) 7.1 / (Panorama) 7.1 (Firmware)
Cavium Octeon MIPS64;Intel Multi Core Xeon;Intel Celeron;Intel I7 7/31/2016 IKEv1( ( 256 (SHA 256 , 384 , 512 ) ) ( 2048 (SHA 256 , 384 , 512 ) ) ( 384 (SHA 256 , 384 , 512 ) ) SHA Val#3316
IKEv2( ( 256 (SHA 256 , 384 , 512 ) ) ( 2048 (SHA 1 , 256 , 384 , 512 ) ) ( 384 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#3316
TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#3316
SSH (SHA 1 ) SHA Val#3316
SNMP SHA1 Val#3316

"The Palo Alto Networks Crypto Module provides the cryptographic functionality for a variety of platforms i.e. the PA-200, PA-500, PA-2000, PA-3000, PA-4000, PA-5000 and PA-7000 firewalls, WF-500 and Panorama M-100/M-500."

847
Section 5.7.1.2: ECC CDH Primitive
Cavium, Inc.
2315 N 1st Street
San Jose, CA 95131
USA

-Tejinder Singh
TEL: 408-943-7403
FAX: 408-577-1992

-Phanikumar Kancharla
TEL: 408-943-7496

Nitrox Px

Part # Nitrox Px v1.2
N/A 7/31/2016 Curves tested: P-224   P-256   P-384   P-521

"The NITROX XL 1600-NFBE HSM adapter family delivers the world’s fastest FIPS 140-2 Level 3 Hardware Security Module (HSM) with PCIe Gen 2.0. The NITROX XL family of adapters offers up to 9,000 RSA 2k operations per second and 5 Gbps of bulk crypto."

846
Signature Generation of hash sized messages
FIPS186-4 ECDSA
Palo Alto Networks
4401 Great America Parkway
Santa Clara, California 95054
USA

-Richard Bishop
TEL: 408 753 4000

-Jake Bajic
TEL: 408 753 3901

Palo Alto Networks Crypto Module (PA VM-series)

Version 7.1 (PAN-OS)
Intel Multi Core Xeon w/ Citrix XenServer 6.1.0;Intel Multi Core Xeon w/ VMware ESXi 5.5;Intel Multi Core Xeon w/ CentOS 6.5 - KVM 7/31/2016 ECDSA SigGen Component: CURVES( P-256 P-384 P-521 )

"The Palo Alto Networks Crypto Module provides the cryptographic functionality for a variety of Palo Alto Networks VM-series platforms. The firewalls provide network security by enabling enterprises to see/control applications, users, and content."

845
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Palo Alto Networks
4401 Great America Parkway
Santa Clara, California 95054
USA

-Richard Bishop
TEL: 408 753 4000

-Jake Bajic
TEL: 408 753 3901

Palo Alto Networks Crypto Module (PA VM-series)

Version 7.1 (PAN-OS)
Intel Multi Core Xeon w/ Citrix XenServer 6.1.0;Intel Multi Core Xeon w/ VMware ESXi 5.5;Intel Multi Core Xeon w/ CentOS 6.5 - KVM 7/31/2016 Curves tested: P-256   P-384

"The Palo Alto Networks Crypto Module provides the cryptographic functionality for a variety of Palo Alto Networks VM-series platforms. The firewalls provide network security by enabling enterprises to see/control applications, users, and content."

844
All of SP800-56A EXCEPT KDF
SP800-56A
Palo Alto Networks
4401 Great America Parkway
Santa Clara, California 95054
USA

-Richard Bishop
TEL: 408 753 4000

-Jake Bajic
TEL: 408 753 3901

Palo Alto Networks Crypto Module (PA VM-series)

Version 7.1 (PAN-OS)
Intel Multi Core Xeon w/ Citrix XenServer 6.1.0; Intel Multi Core Xeon w/ VMware ESXi 5.5;Intel Multi Core Xeon w/ CentOS 6.5 - KVM 7/31/2016 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC DSA Val#1088 SHS Val#3315 DRBG Val#1197
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 ECDSA Val#895 SHS Val#3315 DRBG Val#1197

"The Palo Alto Networks Crypto Module provides the cryptographic functionality for a variety of Palo Alto Networks VM-series platforms. The firewalls provide network security by enabling enterprises to see/control applications, users, and content."

843
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Palo Alto Networks
4401 Great America Parkway
Santa Clara, California 95054
USA

-Richard Bishop
TEL: 408 753 4000

-Jake Bajic
TEL: 408 753 3901

Palo Alto Networks Crypto Module (PA VM-series)

Version 7.1 (PAN-OS)
Intel Multi Core Xeon w/ Citrix XenServer 6.1.0; Intel Multi Core Xeon w/ VMware ESXi 5.5;Intel Multi Core Xeon w/ CentOS 6.5 - KVM 7/31/2016 IKEv1( AUTH( PSK ) ) ( 256 (SHA 256 , 384 , 512 ) ) ( 2048 (SHA 256 , 384 , 512 ) ) ( 384 (SHA 256 , 384 , 512 ) ) SHA Val#3315 HMAC Val#2621
IKEv2( ( 256 (SHA 256 , 384 , 512 ) ) ( 2048 (SHA 1 , 256 , 384 , 512 ) ) ( 384 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#3315 HMAC Val#2621
TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#3315 HMAC Val#2621
SSH (SHA 1 ) SHA Val#3315
SNMP SHA1 Val#3315

"The Palo Alto Networks Crypto Module provides the cryptographic functionality for a variety of Palo Alto Networks VM-series platforms. The firewalls provide network security by enabling enterprises to see/control applications, users, and content."

842
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Hewlett Packard Enterprise
1160 Enterprise Way
Sunnyvale, CA 94089
USA

-Ashot Andreasyan
TEL: 1-650-265-5423
FAX: 1-650-265-5528

-Harjit Dhillon
TEL: 1-916-501-1426

ESKM OpenSSL

Version 7.0.0_OpenSSL_1.0 (Firmware)
Intel Xeon E5-2600 Family 7/31/2016 Curves tested: P-256   P-384

"Enterprise Secure Key Manager (ESKM) provides key generation, retrieval, and management for encryption devices and solutions. ESKM is a hardened security appliance with secure access control, administration, and logging. ESKM supports high availability with automatic multi-site clustering, replication, and failover."

841
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
Section 4.2,
TLS
Section 5.2, SSH
Section 5.3, SRTP
Section 5.4, SNMP
SP800-135
Cisco Systems, Inc.
170 W Tasman Drive
San Jose, CA 95134
USA

-Cisco Certification Team

IOS Common Cryptographic Module (IC2M) Algorithm Module

Version 2.0 (Firmware)
Freescale P5040 7/31/2016 IKEv1( AUTH( DSA , PSK ) ) ( 2048 (SHA 1 , 256 ) ) SHA Val#3314 HMAC Val#2620
IKEv2( ( 2048 (SHA 1 , 256 ) ) SHA Val#3314 HMAC Val#2620
TLS( TLS1.0/1.1 ) SHA Val#3314 HMAC Val#2620
SSH (SHA 1 ) SHA Val#3314
SRTP (AES 128 , 192 , 256 ) AES Val#4018
SNMP SHA1 Val#3314

"IOS Common Crypto Module"

840
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Cambium Networks
3800 Golf Road
Suite 360
Rolling Meadows, IL 60008
USA

-Allen Yu
TEL: 18476403650
FAX: 18474396343

Management Security Algorithms for Cambium PTP 820

Version 1.0 (Firmware)
EZChip MIPS34Kc 7/31/2016 TLS( TLS1.2 (SHA 256 ) ) SHA Val#3313 HMAC Val#2619
SSH (SHA 1 , 256 ) SHA Val#3313
SNMP SHA1 Val#3313

"Algorithms for managing Cambium PTP 820 platforms"

839
Signature Generation of hash sized messages
FIPS186-4 ECDSA
Legion of the Bouncy Castle Inc.
85 The Crescent
Ascot Vale, Victoria 3032
Australia

-David Hook
TEL: +61438170390

-Jon Eaves
TEL: +61417502969

Bouncy Castle FIPS .NET API

Version 1.0.1
Intel Core i7 (6th Gen) w/ Windows 10 Enterprise (64 bit); Intel Core i5 (5th Gen) w/ Windows 8.1 Professional 32 bit; Intel Core i5 (5th Gen) w/ Windows 7 SP1 32 bit; Intel Atom w/ Windows 10 Professional 64 bit; 7/7/2016 ECDSA SigGen Component: CURVES( P-224 P-256 P-384 P-521 K-233 K-283 K-409 K-571 B-233 B-283 B-409 B-571 )

"The Bouncy Castle FIPS .NET API is a comprehensive suite of FIPS Approved algorithms implemented in pure C#. All key sizes and modes have been implemented to allow flexibility and efficiency, and additional algorithms, including some post-quantum ones, are available in non-approved operation as well."

08/16/16: Adding OE

838
RSADP Primitive
FIPS186-4 RSA; RSADP
Legion of the Bouncy Castle Inc.
85 The Crescent
Ascot Vale, Victoria 3032
Australia

-David Hook
TEL: +61438170390

-Jon Eaves
TEL: +61417502969

Bouncy Castle FIPS .NET API

Version 1.0.1
Intel Core i7 (6th Gen) w/ Windows 10 Enterprise (64 bit); Intel Core i5 (5th Gen) w/ Windows 8.1 Professional 32 bit; Intel Core i5 (5th Gen) w/ Windows 7 SP1 32 bit; Intel Atom w/ Windows 10 Professional 64 bit; 7/7/2016 RSADP: (Mod2048)

"The Bouncy Castle FIPS .NET API is a comprehensive suite of FIPS Approved algorithms implemented in pure C#. All key sizes and modes have been implemented to allow flexibility and efficiency, and additional algorithms, including some post-quantum ones, are available in non-approved operation as well."

08/16/16: Adding OE

837
Section 4.2,
TLS
Section 5.1,
ANS X9.63-2001
SP800-135
Legion of the Bouncy Castle Inc.
85 The Crescent
Ascot Vale, Victoria 3032
Australia

-David Hook
TEL: +61438170390

-Jon Eaves
TEL: +61417502969

Bouncy Castle FIPS .NET API

Version 1.0.1
Intel Core i7 (6th Gen) w/ Windows 10 Enterprise (64 bit); Intel Core i5 (5th Gen) w/ Windows 8.1 Professional 32 bit; Intel Core i5 (5th Gen) w/ Windows 7 SP1 32 bit; Intel Atom w/ Windows 10 Professional 64 bit; 7/7/2016 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#3312 HMAC Val#2618
ANSX963_2001 (SHS 224 , 256 , 384 , 512 ) SHA Val#3312

"The Bouncy Castle FIPS .NET API is a comprehensive suite of FIPS Approved algorithms implemented in pure C#. All key sizes and modes have been implemented to allow flexibility and efficiency, and additional algorithms, including some post-quantum ones, are available in non-approved operation as well."

08/16/16: Adding OE

836
RSADP Primitive
FIPS186-4 RSA; RSADP
Enova Technology Corporation
1st Floor, #11, Research & Development
2nd Road Science Park
Hsin-Chu, Taiwan 30076
Republic of China

-Butz Huang
TEL: 886-3-5772767#24
FAX: 886-3-5772770

-Chung-Yen Chiu
TEL: 886-3-5772767
FAX: 886-3-5772770

X-Wall MX+ Cryptographic Library

Part # xF and xN
N/A 7/7/2016 RSADP: (Mod2048)

"The X-Wall MX+ is a SATA-to-SATA realtime single chip cryptographic module capable of encrypting entire disk (or SSD) with SATA Gen3 (6Gbps)/Gen2 (3 Gbps)/Gen1 (1.5Gbps) performance. It includes RSA2048 Key Generation/Signature/Verification, HASH-DRBG RNG, HMAC, CMAC, SHA256 and AES CBC/XTS/ECB symmetric ciphers."

05/12/17: Updated implementation information;

835
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Nokia
600 March Rd.
Ottawa, Ontario k0A 2Z0
Canada

-Carl Rajsic
TEL: 1 613 784 6218

-Alfred Nothaft
TEL: 1 972 477 5087

Nokia 7x50 SR OS Cryptographic Library

Version 2.0 (Firmware)
Cavium Octeon 7/7/2016 TLS( TLS1.2 (SHA 256 ) ) SHA Val#3309 HMAC Val#2616
SSH (SHA 1 ) SHA Val#3309

"The Nokia 7x50 SR OS Cryptographic Library is used on the Nokia 7x50 Service Router products."

834
RSADP Primitive
FIPS186-4 RSA; RSADP
Gemalto
Avenue du Jujubier
Z.I Athelia IV
La Ciotat, 13705
France

-Frederic GARNIER
TEL: +33 442364368
FAX: +33 442366953

-Carlos Romero-liceras
TEL: +33 442365666
FAX: +33 442365545

Cryptographic library for TOP DL V2.1

Version FM Version 2.1 (Firmware)
Part # NXP P60
NXP SmartMX2 P60 chip family 7/7/2016 RSADP: (Mod2048)

"TOP DL V2.1 is a highly secured smartcard platform compliant with the Javacard 2.2.2, GP 2.1.1 & GP 2.2 Amdt D standards, designed to operate with the NXP P60xx chip. It supports: TDES, AES, AES-CMAC, SHA1-224-256-384-512, RSA, RSA CRT, ECDSA, ECC CDH, KDF SP800-108 & DRBG SP800-90A algorithms."

833
Signature Generation of hash sized messages
FIPS186-4 ECDSA
Chunghwa Telecom Co., Ltd. Telecommunication Laboratories
No.99, Dianyan Rd.
Yang-Mei, Taoyuan 326
Taiwan, ROC

-Yeou-Fuh Kuan
TEL: +886-3-424-4333
FAX: +886-3-424-4129

-Char-Shin Miou
TEL: +886-3-424-4381
FAX: +886-3-424-4129

HiKey Cryptographic Library

Version 3.7 (Firmware)
Renesas RS-4 series 6/21/2016 ECDSA SigGen Component: CURVES( P-224 P-256 P-384 )

"HiKey Cryptographic Library supports SHA-1, SHA-256, SHA-384, SHA-512, Hash-DRBG, 3DES-3Key-MAC, 3DES-3Key encrypt/decrypt, ECDSA(p-224/256/384), RSA 2048 encrypt/decrypt (including RSA-CRT), RSA signature generation /verification(including RSA-CRT) and APDU command/response encryption and MAC."

832
Signature Generation of hash sized messages
FIPS186-4 ECDSA
Information Security Corp
1011 Lake St. Suite 425
Oak Park, IL 60118
USA

-Jonathan Schulze-Hewett
TEL: 708-445-1704
FAX: 708-445-9705

-Michael Markowitz
TEL: 708-445-1704
FAX: 708-445-9705

ISC Cryptographic Development Kit (CDK)

Version 8.0
Intel Core i7 with AES-NI w/ CentOS 6.7 (64-bit); Intel Core i7 with AES-NI w/ Windows 10 (64-bit); AMD A8-3850 without AES-NI w/ Windows 10 (64-bit) 6/21/2016 ECDSA SigGen Component: CURVES( P-224 P-256 P-384 P-521 K-233 K-283 K-409 K-571 B-233 B-283 B-409 B-571 )

"The ISC Cryptographic Development Kit (CDK) is a software development toolkit providing a comprehensive set of cryptographic primitives for use in any application. It includes RSA, DSA/Diffie-Hellman and elliptic curve algorithms, as well as a wide range of symmetric ciphers and hash functions."

831
RSADP Primitive
FIPS186-4 RSA; RSADP
Information Security Corp
1011 Lake St. Suite 425
Oak Park, IL 60118
USA

-Jonathan Schulze-Hewett
TEL: 708-445-1704
FAX: 708-445-9705

-Michael Markowitz
TEL: 708-445-1704
FAX: 708-445-9705

ISC Cryptographic Development Kit (CDK)

Version 8.0
Intel Core i7 with AES-NI w/ CentOS 6.7 (64-bit); Intel Core i7 with AES-NI w/ Windows 10 (64-bit); AMD A8-3850 without AES-NI w/ Windows 10 (64-bit) 6/21/2016 RSADP: (Mod2048)

"The ISC Cryptographic Development Kit (CDK) is a software development toolkit providing a comprehensive set of cryptographic primitives for use in any application. It includes RSA, DSA/Diffie-Hellman and elliptic curve algorithms, as well as a wide range of symmetric ciphers and hash functions."

830
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
Section 4.2,
TLS
Section 5.2, SSH
Section 5.3, SRTP
Section 5.4, SNMP
SP800-135
Cisco Systems, Inc.
170 W. Tasman Drive
San Jose, CA 95134
USA

-Global Certification Team

IOS Common Cryptographic Module Virtual (IC2Mv) Algorithm Module

Version RelV 1.0
Intel Atom w/ IOS XE 3.16 on ESXi 5; Intel Xeon w/ IOS XE 3.16 on ESXi 5 6/21/2016 IKEv1( AUTH( DSA ) ) ( 2048 (SHA 1 , 256 ) ) SHA Val#3293 HMAC Val#2604
IKEv2( ( 2048 (SHA 1 , 256 ) ) SHA Val#3293 HMAC Val#2604
TLS( TLS1.0/1.1 ) SHA Val#3293 HMAC Val#2604
SSH (SHA 1 ) SHA Val#3293
SRTP (AES 128 , 192 , 256 ) AES Val#3989
SNMP SHA1 Val#3293

"IOS Common Crypto Module for Virtual use"

09/30/16: Updated implementation information;

829
Section 5.5, TPM
SP800-135
ST Microelectronics (Protonworld)
Green Square Building B, Lambroekstraat 5
Diegem/Machelen, n/a B-1831
Belgium

-Olivier COLLART
TEL: +32 272 450 77
FAX: +32 272 451 43

-Xavier BOUSSIN
TEL: +33 223 470 695
FAX: +33 223 470 400

ST33TPHF2ESPI

Version 47.08 (Firmware)
SecureCore SC300 6/21/2016 TPM SHA1 Val#3306 HMAC_SHA1 Val#2614

"ST Microelectronics Trusted Platform Module is a hardware cryptographic module which implements advanced cryptographic algorithms, including symmetric and asymmetric cryptography, as well as key generation and random number generation as defined by the Trusted Computing Group (TCG) version 1.2 specification."

828
Section 4.2,
TLS
SP800-135
Seagate Technology, LLC.
1280 Disc Drive
Shakopee, Minnesota 55379
US

-David R Kaiser, PMP
TEL: 952-402-2356
FAX: 952-402-1273

800-135 KDF in Firmware

Version 2.0 (Firmware)
ARM Cortex-R Family 6/21/2016 TLS( TLS1.2 (SHA 256 , 384 ) ) SHA Val#3304 HMAC Val#2613

"800-135 KDF Implementation in Seagate''s Self-Encrypting Drives (SEDs)."

827 N/A N/A N/A N/A N/A 6/21/2016 N/A
826
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Aruba, a Hewlett Packard Enterprise company
1344 Crossman Avenue
Sunnyvale, CA 94089
USA

-Steve Weingart
TEL: 512-318-2480

Aruba OpenSSL Library

Version ArubaOS 6.5.1 (Firmware)
Freescale IPQ8068 6/21/2016 IKEv1( AUTH( DSA , PSK ) ) ( 2048 (SHA 256 , 384 ) ) SHA Val#3300 HMAC Val#2610
IKEv2( ( 2048 (SHA 256 , 384 ) ) SHA Val#3300 HMAC Val#2610
TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#3300 HMAC Val#2610
SSH (SHA 1 ) SHA Val#3300
SNMP SHA1 Val#3300

"The Aruba MOVE Architecture forms the core network infrastructure for supporting mobile and wireless computing devices. The system enables enterprise-scale 802.11 wireless LANs (Wi-Fi), secure remote VPNs, and mobility-optimized wired networks."

01/31/17: Updated implementation information;

825
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Aruba, a Hewlett Packard Enterprise company
1344 Crossman Avenue
Sunnyvale, CA 94089
USA

-Steve Weingart
TEL: 512-318-2480

Aruba OpenSSL Library

Version ArubaOS 6.5.1 (Firmware)
Freescale IPQ8068 6/21/2016 RSASP1: (Mod2048: PKCS1.5 )

"The Aruba MOVE Architecture forms the core network infrastructure for supporting mobile and wireless computing devices. The system enables enterprise-scale 802.11 wireless LANs (Wi-Fi), secure remote VPNs, and mobility-optimized wired networks."

01/31/17: Updated implementation information;

824
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
NXP Semiconductors
411 E. Plumeria Drive
San Jose, CA 95134
USA

-Sylvain Bonfardin
TEL: 408-564-2354

-Ron Burnett
TEL: +44(0)1316037380

NXP JCOP3 KAS Component For P60-2 (JCOP3_P60D145_SID_002)

Version 0503.0101.0207 (Firmware)
Part # P60D145
P6022y VB (NXP P60-2) 6/21/2016 Curves tested: P-224   P-256   P-384   P-521

"NXP JCOP3 is a Global Platform Java Card smart card operating system implementing SP 800-56A."

823
Section 5.4, SNMP
SP800-135
Hewlett Packard Enterprise
1160 Enterprise Way
Sunnyvale, CA 94089
USA

-Harjit Dhillon
TEL: 1916-501-1426

-Ashot Andreasyan
TEL: 1650-265-5423
FAX: 1650-265-5528

ESKM Net_SNMP

Version 7.0.0_SNMP_1.0 (Firmware)
Intel Xeon E5-2600 Family 6/21/2016 SNMP SHA1 Val#3297

"Enterprise Secure Key Manager (ESKM) provides key generation, retrieval, and management for encryption devices and solutions. ESKM is a hardened security appliance with secure access control, administration, and logging. ESKM supports high availability with automatic multi-site clustering, replication, and failover."

822
Section 5.2, SSH
SP800-135
Hewlett Packard Enterprise
1160 Enterprise Way
Sunnyvale, CA 94089
USA

-Harjit Dhillon
TEL: 1916-501-1426

-Ashot Andreasyan
TEL: 1650-265-5423
FAX: 1650-265-5528

ESKM OpenSSH

Version 7.0.0_OpenSSH_1.0 (Firmware)
Intel Xeon E5-2600 Family 6/21/2016 SSH (SHA 1 ) SHA Val#3297

"Enterprise Secure Key Manager (ESKM) provides key generation, retrieval, and management for encryption devices and solutions. ESKM is a hardened security appliance with secure access control, administration, and logging. ESKM supports high availability with automatic multi-site clustering, replication, and failover."

821
RSADP Primitive
FIPS186-4 RSA; RSADP
Hewlett Packard Enterprise
1160 Enterprise Way
Sunnyvale, CA 94089
USA

-Harjit Dhillon
TEL: 1916-501-1426

-Ashot Andreasyan
TEL: 1650-265-5423
FAX: 1650-265-5528

ESKM OpenSSL

Version 7.0.0_OpenSSL_1.0 (Firmware)
Intel Xeon E5-2600 Family 6/21/2016 RSADP: (Mod2048)

"Enterprise Secure Key Manager (ESKM) provides key generation, retrieval, and management for encryption devices and solutions. ESKM is a hardened security appliance with secure access control, administration, and logging. ESKM supports high availability with automatic multi-site clustering, replication, and failover."

820
Section 4.2,
TLS
SP800-135
Hewlett Packard Enterprise
1160 Enterprise Way
Sunnyvale, CA 94089
USA

-Harjit Dhillon
TEL: 1916-501-1426

-Ashot Andreasyan
TEL: 1650-265-5423
FAX: 1650-265-5528

ESKM OpenSSL

Version 7.0.0_OpenSSL_1.0 (Firmware)
Intel Xeon E5-2600 Family 6/21/2016 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#3297 HMAC Val#2609

"Enterprise Secure Key Manager (ESKM) provides key generation, retrieval, and management for encryption devices and solutions. ESKM is a hardened security appliance with secure access control, administration, and logging. ESKM supports high availability with automatic multi-site clustering, replication, and failover."

819
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
SP800-135
Motorola Solutions, Inc.
1301 East Algonquin Road
Schaumburg, IL 60196
USA

-Tomasz Chmiel
TEL: +48 12 29 79 000
FAX: +48 12 29 79 001

-Tomasz Rypina
TEL: +48 12 29 79 000
FAX: +48 12 29 79 001

IKEv1/IKEv2-KDF

Version 16.9.0.36 (Firmware)
Freescale MPC-8568E; Freescale MPC-7457 6/21/2016 IKEv1( AUTH( DSA , PSK ) ) ( 256 (SHA 1 , 256 , 384 ) ) ( 2048 (SHA 1 , 256 , 384 ) ) ( 384 (SHA 256 , 384 ) ) SHA Val#3295 HMAC Val#2606
IKEv2( ( 2048 (SHA 1 ) ) ( 2048 (SHA 1 ) ) SHA Val#3295 HMAC Val#2606

"IKEv1/IKEv2 Key Derivation functions are used to derive keying material for IKE in S6000 and GGM8000 network devices."

818
Section 5.4, SNMP
SP800-135
Motorola Solutions, Inc.
1301 East Algonquin Road
Schaumburg, IL 60196
USA

-Tomasz Chmiel
TEL: +48 12 29 79 000
FAX: +48 12 29 79 001

-Tomasz Rypina
TEL: +48 12 29 79 000
FAX: +48 12 29 79 001

Net-SNMP

Version 5.3.0.1 (Firmware)
Freescale MPC-8568E; Freescale MPC-7457 6/21/2016 SNMP SHA1 Val#3295

"SNMP Key Derivation function is used to derive shared secret key for SNMP agent in S6000 and GGM8000 network devices."

817
Section 5.2, SSH
SP800-135
Motorola Solutions, Inc.
1301 East Algonquin Road
Schaumburg, IL 60196
USA

-Tomasz Chmiel
TEL: +48 12 29 79 000
FAX: +48 12 29 79 001

-Tomasz Rypina
TEL: +48 12 29 79 000
FAX: +48 12 29 79 001

OpenSSH

Version 6.7p1 (Firmware)
Freescale MPC-8568E; Freescale MPC-7457 6/21/2016 SSH (SHA 1 , 256 , 384 ) SHA Val#3295

"OpenSSH - SSH Key Derivation function and HMAC-SHA-1 are used to derive keying material for SSH and provide authentication function in SSH in S6000 and GGM8000 network devices."

816
All of SP800-56A EXCEPT KDF
SP800-56A
Motorola Solutions, Inc.
1301 East Algonquin Road
Schaumburg, IL 60196
USA

-Tomasz Chmiel
TEL: +48 12 29 79 000
FAX: +48 12 29 79 001

-Tomasz Rypina
TEL: +48 12 29 79 000
FAX: +48 12 29 79 001

OpenSSL

Version 1.0.1p (Firmware)
Freescale MPC-8568E; Freescale MPC-7457 6/21/2016 ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG Full Validation )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 ECDSA Val#887 SHS Val#3295

"OpenSSL is used to provide the encryption function for S6000 and GGM8000 network devices."

815
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Gemalto
Avenue du Jujubier
Z.I Athelia IV
La Ciotat, 13705
France

-Frederic GARNIER
TEL: +33 442364368
FAX: +33 442366953

-Carlos Romero-liceras
TEL: +33 442365666
FAX: +33 442365545

Cryptographic library for TOP DL V2.1

Version FM Version 2.1 (Firmware)
Part # NXP P60
NXP SmartMX2 P60 chip family 6/17/2016 RSASP1: (Mod2048: PKCS1.5 )

"TOP DL V2.1 is a highly secured smartcard platform compliant with the Javacard 2.2.2, GP 2.1.1 & GP 2.2 Amdt D standards, designed to operate with the NXP P60xx chip. It supports: TDES, AES, AES-CMAC, SHA1-224-256-384-512, RSA, RSA CRT, ECDSA, ECC CDH, KDF SP800-108 & DRBG SP800-90A algorithms."

814
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
OpenSSL Validation Services, Inc.
1829 Mount Ephraim Road
Adamstown, MD 21710
USA

-Steve Marquess
TEL: 301-874-2571

OpenSSL FIPS Object Module

Version 2.0.13
Power8 (PPC) w/ AIX 7.1 32-bit; Power8 (PPC) w/ AIX 7.1 64-bit; Power8 (PPC) with PAA w/ AIX 7.1 32-bit; Power8 (PPC) with PAA w/ AIX 7.1 64-bit; Power8 (PPC) with PAA w/ AIX 7.1 64-bit; Power8 (PPC) w/ AIX 7.2 32-bit; Power8 (PPC) with PAA w/ AIX 7.2 32-bit; Power8 (PPC) w/ AIX 7.2 64-bit; Power8 (PPC) with PAA w/ AIX 7.2 64-bit; Power7 (PPC) w/ AIX 7.2 32-bit; Power7 (PPC) w/ AIX 7.2 64-bit 6/17/2016 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"The OpenSSL FIPS Object Module is a full featured general purpose cryptographic library that is distributed in source code form under an open source license. It can be downloaded from www.openssl.org/source/."

813
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
Section 4.2,
TLS
Section 5.2, SSH
Section 5.3, SRTP
Section 5.4, SNMP
SP800-135
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134
USA

-Global Certification Team

IOS Common Cryptographic Module (IC2M) Algorithm Module

Version 2.0 (Firmware)
APM86392 6/10/2016 IKEv1( AUTH( DSA , PSK ) ) ( 224 (SHA 1 , 256 ) ) SHA Val#3289 HMAC Val#2600
IKEv2( ( 224 (SHA 1 , 256 ) ) SHA Val#3289 HMAC Val#2600
TLS( TLS1.0/1.1 ) SHA Val#3289 HMAC Val#2600
SSH (SHA 1 ) SHA Val#3289
SRTP (AES 128 , 192 , 256 ) AES Val#3984
SNMP SHA1 Val#3289

"IOS Common Crypto Module"

812
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Attivo Networks, Inc.
47697 Westinghouse Drive, Suite 201
Fremont, CA 94539
USA

-Satya Das
TEL: 510 623-1000

Attivo Cryptographic Module

Version 1.0
Intel Core i5 1.4GHz with AES-NI w/ Mac OS X El Capitan 10.11.3; Intel(R) Xeon(R) CPU E5-2620 v2 @ 2.10GHz with AES-NI w/ CentOS 6.5 on VMware ESXi 6.0.0; Intel(R) Xeon(R) CPU E5-2620 v2 @ 2.10GHz with AES-NI w/ CentOS 6.5 on CentOS 6.5 - KVM; Intel(R) Xeon(R) CPU E5-2620 v2 @ 2.10GHz with AES-NI w/ Ubuntu 12.04 LTS on VMware ESXi 6.0.0; Intel(R) Xeon(R) CPU E5-2620 v2 @ 2.10GHz with AES-NI w/ Windows Server 2008 SP2 (32 bit) on CentOS 6.5 - KVM; Intel(R) Xeon(R) CPU E5-2620 v2 @ 2.10GHz with AES-NI w/ Ubuntu 12.04 LTS on CentOS 6.5 - KVM; Intel(R) Xeon(R) CPU E5-2620 0 @ 2.00GHz with AES-NI w/ Windows Server 2008 SP2 32-bit on VMware ESXi 6.0.0; Intel(R) Xeon(R) CPU E5-2620 v2 @ 2.10GHz with AES-NI w/ Windows 7 Professional 64-bit on VMware ESXi 6.0.0; Intel(R) Xeon(R) CPU E5-2620 v2 @ 2.10GHz with AES-NI w/ Windows 7 Professional 64-bit on CentOS 6.5 - KVM 6/10/2016 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"Attivo Networks is an award winning provider of inside-the-network threat detection, attack analysis and forensics."

7/2016:Added Oes

811
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Hewlett Packard Enterprise
153 Taylor Street
Littleton, MA 01460
USA

-Bob Pittman
TEL: 508.467.0284

Aruba 2920 switch

Version WB_15_18_0011 (Firmware)
TriCore ARM11 processor 6/3/2016 TLS( TLS1.0/1.1   TLS1.2 (SHA 512 ) ) SHA Val#3287 HMAC Val#2598
SSH (SHA 1 ) SHA Val#3287

"Aruba 2920 switch"

09/09/16: Updated implementation information;

810
RSADP Primitive
FIPS186-4 RSA; RSADP
IP Cores, Inc.
3731 Middlefield Road
Palo Alto, CA 94303
USA

-Dmitri Varsanofiev
TEL: (650) 815-7996

RSA5-2048-32-3

Version 1.2 (Firmware)
Aldec Riviera-PRO 2015.10 6/3/2016 RSADP: (Mod2048)

"The RSA5 core is an exponentiation accelerator for the Rivest-Shamir-Adelman (RSA) calculations. This compact core targets mid-range performance (tens and hundreds private key expoentiations per second). Lower- and higher-performing cores are available, see the descriptions at http://www.ipcores.com/rsa_ip_core.htm. "

809
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Samsung Electronics Co., Ltd.
416 Maetan 3-Dong Youngtong Gu
Suwon, Gyeonggi 152-848
South Korea

-Jung Ha Paik
TEL: +82-10-8861-0858

Samsung SCrypto

Version 1.0
Samsung Electronics Exynos 5433 w/ MOBICORE Tbase 300; Qualcom APQ8084 w/ QSEE 2.0 5/27/2016 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"Provide general purpose cryptographic services to TrustZone applications on the mobile platform for the protection of data in transit."

808
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Senetas Corporation Ltd, distributed by Gemalto NV (SafeNet)
312 Kings Way
South Melbourne, Victoria 3025
Australia

-John Weston
TEL: +61 3 9868 4555
FAX: +61 3 9821 4899

CN6000 Series Common Crypto Library

Version 2.7.1 (Firmware)
Intel ATOM 5/27/2016 TLS( TLS1.0/1.1 ) SHA Val#3283 HMAC Val#2596
SSH (SHA 1 , 256 , 384 , 512 ) SHA Val#3283
SNMP SHA1 Val#3283

"The CN6000 Series Common Crypto Library Module provides FIPS 140-2 approved cryptographic algorithms for CN6000 Series Encryptors. Based upon OpenSSL the Common Crypto Library provides an Application Programming Interface (API) to support security relevant services."

07/07/16: Updated vendor information;

807
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Senetas Corporation Ltd, distributed by Gemalto NV (SafeNet)
312 Kings Way
South Melbourne, Victoria 3025
Australia

-John Weston
TEL: +61 3 9868 4555
FAX: +61 3 9821 4899

CN4010, CN4020 and CN6010 Series Common Crypto Library

Version 2.7.1 (Firmware)
ARM Cortex A9 5/27/2016 TLS( TLS1.0/1.1 ) SHA Val#3282 HMAC Val#2595
SSH (SHA 1 , 256 , 384 , 512 ) SHA Val#3282
SNMP SHA1 Val#3282

"The CN4010, CN4020 and CN6010 Series Common Crypto Library Module provides FIPS 140-2 approved cryptographic algorithms for the CN4010, CN4020 and CN6010 Series Encryptors. Based upon OpenSSL the Library provides an Application Programming Interface (API) to support security relevant services."

07/06/16: Updated vendor information;

806
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Senetas Corporation Ltd, distributed by Gemalto NV (SafeNet)
312 Kings Way
South Melbourne, Victoria 3025
Australia

-John Weston
TEL: +61 3 9868 4555
FAX: +61 3 9821 4899

CN8000 Series Common Crypto Library

Version 2.7.1 (Firmware)
Intel Xeon 5/27/2016 TLS( TLS1.0/1.1 ) SHA Val#3281 HMAC Val#2594
SSH (SHA 1 , 256 , 384 , 512 ) SHA Val#3281
SNMP SHA1 Val#3281

"The CN8000 Series Common Crypto Library Module provides FIPS 140-2 approved cryptographic algorithms for CN8000 Series Encryptors. Based upon OpenSSL the Common Crypto Library provides an Application Programming Interface (API) to support security relevant services."

07/07/16: Updated vendor information;

805
All of SP800-56A EXCEPT KDF
SP800-56A
MobileIron
415 East Middlefield Road
Mountain View, CA 94043
USA

-Brian Mansfield
TEL: 415-596-4677

MobileIron RSA Crypto-J

Version 6.1 and 6.1.1.0.1
x86-64 w/ CentOS 6.7 with Sun JRE 5/27/2016 FFC: SCHEMES: Ephem: (KARole: Initiator ) FB FC DSA Val#701 SHS Val#1938 DRBG Val#273
ECC:
SCHEMES: EphemUnified: (KARole: Initiator ) EC: P-256 ED: P-384 ECDSA Val#357 SHS Val#1938 DRBG Val#273

"General purpose cryptographic services available for Android used by the Mobile@Work client to provide secure cryptography"

804
RSADP Primitive
FIPS186-4 RSA; RSADP
SafeNet/Gemalto
35 Efal St., Kiryat Arye, P.O. Box 3968
Petach Tikva, n/a 4951132
Israel

-Danny Tabak
TEL: +972 3 9871309
FAX: +972-(0)3-978-1010

-Chanan Lavi
TEL: +972 3 9871254
FAX: +972-(0)3-978-1010

eToken Applet 1.8

Version FW Version 1.2 (Firmware)
Part # IFX SLE78CFX3000PH
Infineon SLE78 chip family. 5/27/2016 RSADP: (Mod2048)

"eToken Applet 1.8 is a PKI Java Card applet designed to operate above Java Card API 2.2.2."

803
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
SafeNet/Gemalto
35 Efal St., Kiryat Arye, P.O. Box 3968
Petach Tikva, n/a 4951132
Israel

-Danny Tabak
TEL: +972 3 9871309
FAX: +972-(0)3-978-1010

-Chanan Lavi
TEL: +972 3 9871254
FAX: +972-(0)3-978-1010

eToken Applet 1.8

Version FW Version 1.2 (Firmware)
Part # IFX SLE78CFX3000PH
Infineon SLE78 chip family. 5/27/2016 RSASP1: (Mod2048: PKCS1.5 )

"eToken Applet 1.8 is a PKI Java Card applet designed to operate above Java Card API 2.2.2."

802
All of SP800-56A EXCEPT KDF
SP800-56A
Samsung Electronics Co., Ltd
R4 416, Maetan 3-dong, Yeongtong-gu
Suwon-si, Gyeonggi-do 443-742
Korea

-Jung Ha Paik
TEL: +82-10-8861-0858

Samsung BoringSSL Cryptographic Module

Version v1.0
MSM8996 w/ Android 6.0.1; EXYNOS8890 w/ Android 6.0.1; EXYNOS7420 w/ Android 6.0.1; APQ8084 w/ Android 6.0.1; EXYNOS5433 w/ Android 6.0.1; EXYNOS3475 w/ Android 6.0.1; MSM8916 w/ Android 6.0.1 5/20/2016 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: Ephem: (KARole: Initiator ) FB FC DSA Val#1071 SHS Val#3227 DRBG Val#1132
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: EphemUnified: (KARole: Initiator ) EC: P-256 ED: P-384 ECDSA Val#857 SHS Val#3227 DRBG Val#1132

"The Samsung BoringSSL Cryptographic Module is a general purpose cryptographic module to provide user-mode applications with security services."

09/22/16: Added new tested information;

801
All of SP800-56A EXCEPT KDF
SP800-56A
MobileIron
415 East Middlefield Road
Mountain View, CA 94043
USA

-Brian Mansfield
TEL: 415-596-4677

MobileIron Mobile@Work client for Android

Version OpenSSL 1.0.2d,FIPS 2.0.9
Samsung Galaxy Note 4 - SM-N910A w/ Android 5.1; Samsung S4 - SGH-I337 w/ Android 4.4.4; Samsung S5 - SM-G900H w/ Android 4.4.2; Samsung Galaxy Note 3 - SM-N900 w/ Android 4.4.2; Samsung S6 - SM-G920A w/ Android 5.0.2 5/20/2016 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: Ephem: (KARole: Initiator ) FB FC DSA Val#1082 SHS Val#3040 DRBG Val#950
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: EphemUnified: (KARole: Initiator ) EC: P-256 ED: P-384 ECDSA Val#750 SHS Val#3040 DRBG Val#950

""General purpose cryptographic services available for Android used by the Mobile@Work client to provide secure cryptography"

800
All of SP800-56A EXCEPT KDF
SP800-56A
Huawei Device(Dongguan) Co., Ltd.
B2-5 of Nanfang Factory
No.2 of Xincheng Rd
Songshan Lake Science & Technology Industrial Zone
Dongguan, Guangdong 523808
China

-Tailiang Hong
TEL: 86-755-36376922

-Blue Lee
TEL: 86-755-28976679

Huawei OpenSSL

Version OpenSSL 1.0.1h
HiSilicon K3V3+ w/ Android 5.0 5/20/2016 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: Ephem: (KARole: Initiator ) FB FC DSA Val#1069 SHS Val#2933 DRBG Val#909
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: EphemUnified: (KARole: Initiator ) EC: P-256 ED: P-384 ECDSA Val#725 SHS Val#2933 DRBG Val#909

"General purpose cryptographic module available for Android used by Huawei devices. A variety of cryptographic services are provided, including AES, RSA, SHA, HMAC, CMAC, ECDSA, CTR_DRBG, etc."

799
Signature Generation of hash sized messages
FIPS186-4 ECDSA
Intel Corporation
2200 Mission College Blvd.
Santa Clara, California 95054
USA

-Steve F. Taylor
TEL: 202-361-7778

-Kevin Fiftal
TEL: 860-326-6293

CSE

Part # 3.0
N/A 5/20/2016 ECDSA SigGen Component: CURVES( P-256 )

"The CSE provides the cryptographic functions within the Intel(R) vPro(TM) ME for applications executing in the ME."

798
Signature Generation of hash sized messages
FIPS186-4 ECDSA
Intel Corporation
2200 Mission College Blvd.
Santa Clara, California 95054
USA

-Steve F. Taylor
TEL: 202-361-7778

-Kevin Fiftal
TEL: 860-326-6293

CSME Crypto Driver

Version 1.0 (Firmware)
embedded IA-32 5/20/2016 ECDSA SigGen Component: CURVES( P-256 )

"The CSME Crypto Driver provides the cryptographic functions within the Intel(R) vPro(TM) ME for applications executing in the ME."

797
All of SP800-56A EXCEPT KDF
SP800-56A
LG Electronics, Inc.
20 Yoido-dong
Youngdungpo-gu
Seoul, n/a 152-721
Republic of Korea

-Jongseong Kim
TEL: 82-10-2207-1919
FAX: 82-2-6950-2080

-Adam Wick
TEL: 503-808-7216
FAX: 503-350-0833

LG OpenSSL

Version 1.0.1h
Qualcomm Snapdragon 800-series w/ Android 6.0.1 5/13/2016 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: Ephem: (KARole: Initiator ) FB FC DSA Val#1075 SHS Val#3255 DRBG Val#1150
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 ECDSA Val#865 SHS Val#3255 DRBG Val#1150

"General-purpose cryptographic services available for Android used by LG devices to provide secured services to applications via the OpenSSL FIPS Object Module, which is a full featured general purpose cryptographic library."

796
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Cohesity, Inc.
451 El Camino Real
Suite 235
Santa Clara, CA 95050
USA

-Vivek Agarwal
TEL: +1 (415) 690-7805

Cohesity OpenSSL FIPS Object Module

Version 1.0.1
Intel x86_64 w/ CentOS 7 5/13/2016 Curves tested: P-224   P-256   P-384   P-521

"The Cohesity OpenSSL FIPS Object Module is a general purpose cryptographic module compiled from the source code for the OpenSSL FIPS Object Module 2.0.12. It is incorporated into the family of Cohesity storage appliances."

795
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
SP800-135
Fortinet Inc.
899 Kifer Road
Sunnyvale, CA 94086
USA

-Alan Kaye
TEL: 613-225-9381 x87416
FAX: 613-225-9951

Fortinet FortiOS FIPS Cryptographic Library v5.2

Version 5.2.7 (Firmware)
ARM v5 Compatible (SoC2); Intel Atom; Intel E3 v3; Intel Xeon E5 v2; Intel Xeon E5 v3; Intel Celeron G540; Intel i3 (3rd Gen) 5/13/2016 IKEv1( AUTH( DSA , PKE , PSK ) ) ( 224 (SHA 1 , 256 , 384 , 512 ) ) ( 8192 (SHA 1 , 256 , 384 , 512 ) ) ( 2048 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#3268 HMAC Val#2582
IKEv2( ( 224 (SHA 1 , 256 , 384 , 512 ) ) ( 8192 (SHA 1 , 256 , 384 , 512 ) ) ( 2048 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#3268 HMAC Val#2582

"This document focuses on the firmware implementation of the Fortinet FortiOS FIPS Cryptographic Library v5.2 running on Intel x86 compatible processors."

794
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Fortinet Inc.
899 Kifer Road
Sunnyvale, CA 94086
USA

-Alan Kaye
TEL: 613-225-9381 x87416
FAX: 613-225-9951

Fortinet FortiOS SSL Cryptographic Library v5.2

Version 5.2.7 (Firmware)
ARM v5 Compatible (SoC2); Intel Atom; Intel Xeon E3 v3; Intel Xeon E5 v2; Intel Xeon E5 v3; Intel Celeron G540; Intel i3 (3rd Gen) 5/13/2016 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 ) ) SHA Val#3267 HMAC Val#2581
SSH (SHA 1 ) SHA Val#3267

"This document focuses on the firmware implementation of the Fortinet FortiOS SSL Cryptographic Library v5.2 running on Intel x86 compatible processors."

09/22/16: Updated implementation information;

793
Section 4.1.1,
IKEv1
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
WatchGuard Technologies, Inc.
505 Fifth Avenue South, Suite 500
Seattle, Washington 98104
USA

-Peter Eng
TEL: 206 613-6608
FAX: 206 613-0888

Firebox Cryptographic Module

Version 11.11.2 (Firmware)
Freescale P1010; Freescale P1011; Freescale P1020; Freescale T1042; Freescale T2081; Intel Atom C2758; Intel Celeron G1820; Intel Pentium G3420; Intel Xeon E3; Intel Xeon E5 5/6/2016 IKEv1( AUTH( DSA , PSK ) ) ( 256 (SHA 1 , 256 , 384 , 512 ) ) ( 3072 (SHA 1 , 256 , 384 , 512 ) ) ( 2048 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#3266 HMAC Val#2580
TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#3266 HMAC Val#2580
SSH (SHA 1 ) SHA Val#3266
SNMP SHA1 Val#3266

"WatchGuard Firebox security appliances are designed to protect organizations from various security and productivity threats, including viruses, network attacks, intrusion attempts, Trojan horses, harmful or counterproductive URLs, spam, and more, while also providing secure Virtual Private Network (VPN) connections among workplaces and remote users"

10/28/16: Added new tested information;

792
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
SP800-135
Juniper Networks, Inc.
1133 Innovation Way
Sunnyvale, CA 94089
USA

-Balachandra Shanabhag
TEL: +91 8061219144

Quicksec - Control Plane

Version 14.2X4-D10 (Firmware)
Intel® Xeon® LC5518 4/29/2016 IKEv1( AUTH( DSA , PSK ) ) ( 256 (SHA 1 , 256 , 384 ) ) ( 2048 (SHA 1 , 256 , 384 ) ) ( 384 (SHA 1 , 256 , 384 ) ) SHA Val#3264 HMAC Val#2578
IKEv2( ( 256 (SHA 1 , 256 , 384 ) ) ( 2048 (SHA 1 , 256 , 384 ) ) ( 384 (SHA 1 , 256 , 384 ) ) SHA Val#3264 HMAC Val#2578

"The MX 3D Universal Edge Routers deliver high performance, reliability, and scale to enable a cost-effective solution. Key features include support for a wide range of L2/L3 VPN services and advanced broadband network gateway functions, along with integrated routing, switching and security services."

791
Section 5.2, SSH
SP800-135
Juniper Networks, Inc.
1133 Innovation Way
Sunnyvale, CA 94089
USA

-Balachandra Shanabhag
TEL: +91 8061219144

OpenSSH

Version 14.2X4-D10 (Firmware)
Intel® Xeon® LC5518 4/29/2016 SSH (SHA 256 , 384 , 512 ) SHA Val#3262

"The MX 3D Universal Edge Routers deliver high performance, reliability, and scale to enable a cost-effective solution. Key features include support for a wide range of L2/L3 VPN services and advanced broadband network gateway functions, along with integrated routing, switching and security services."

790
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Microsemi Corporation
One Enterprise
Aliso Viejo, CA 92656
USA

-Richard Newell
TEL: +1 (408) 643-6146

Athena™ TeraFire® EXP-F5200ASR MPU with PKX-5200

Version 1.0 (Firmware)
Mentor Graphics ModelSim SE v6.1h 4/29/2016 Curves tested: P-384

"The Athena™ TeraFire® EXP-F5200ASR embedded cryptography microprocessor with PKX5200 firmware provides DPA-resistant acceleration of the standard cryptographic algorithms used in selected Microsemi products such as PolarFire™ FPGAs. The algorithms are used to provide cryptographic design security, including securely configuring the devices."

789
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Certicom Corp.
4701 Tahoe Blvd, Building A
5th Floor
Mississauga, Ontario L4W 0B5
Canada

-Certicom Support
TEL: 1-905-507-4220
FAX: 1-905-507-4230

-Certicom Sales
TEL: 1-905-507-4220
FAX: 1-905-507-4230

Security Builder® FIPS Core

Version 6.0.3
Intel Core i7-3615QM w/ Mac OS X El Captian 10.11.4 4/22/2016 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571

"Security Builder® FIPS Core provides application developers with cryptographics tools to easily integrate encryption, digital signatures and other security mechanisms into C-based apps for FIPS 140-2 and Suite B security. It can also be used with Certicom''s PKI, IPSec and SSL modules."

788
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
LG Electronics, Inc.
20 Yoido-dong
Youngdungpo-gu
Seoul, n/a 152-721
Republic of Korea

-Jongseong Kim
TEL: 82-10-4535-0110
FAX: 82-2-6950-2080

-Adam Wick
TEL: 503-808-7216
FAX: 503-350-0833

LG OpenSSL

Version 1.0.1h
Qualcomm Snapdragon 800-series w/ Android 6.0.1 4/22/2016 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"General-purpose cryptographic services available for Android used by LG devices to provide secured services to applications via the OpenSSL FIPS Object Module, which is a full featured general purpose cryptographic library."

05/20/16: Updated vendor information;

787
Section 4.2,
TLS
SP800-135
DocuSign, Inc.
221 Main St.
Suite 1000
San Francisco, CA 94105
USA

-Ezer Farhi
TEL: 972-3-9279529

CoSign-HW8FW8-CKIT

Version 5.0.4 (Firmware)
Intel® Xeon Quad-Core 4/15/2016 TLS( TLS1.0/1.1 ) SHA Val#3249 HMAC Val#2564

"CoSign is a digital signature appliance that is connected to the organizational network and manages all signature keys and certificates of organization''''''''s end-users. End-users will connect securely to CoSign from their PC for the purpose of signing documents and data."

786
Section 4.2,
TLS
SP800-135
DocuSign, Inc.
221 Main St.
Suite 1000
San Francisco, CA 94105
USA

-Ezer Farhi
TEL: 972-3-9279529

CoSign-HW7FW8-CKIT

Version 5.0.4 (Firmware)
Intel® Pentium Dual-Core 4/15/2016 TLS( TLS1.0/1.1 ) SHA Val#3248 HMAC Val#2563

"CoSign is a digital signature appliance that is connected to the organizational network and manages all signature keys and certificates of organization''''''''s end-users. End-users will connect securely to CoSign from their PC for the purpose of signing documents and data."

785
Section 4.2,
TLS
SP800-135
GDC Technology (USA) LLC
1016 West Magnolia Boulevard
Burbank, California 91506
USA

-Pranay Kumar
TEL: (852) 2507 9565
FAX: (852) 2579 1131

-ChernYue Kwok
TEL: (852) 2507 9552
FAX: (852) 2579 1131

Crypto Library

Version 2.0.11 (Firmware)
Freescale QorIQ 4/15/2016 TLS( TLS1.0/1.1 ) SHA Val#3247 HMAC Val#2560

"A digital cinema standalone integrated media block that is compliant with DCI specifications and SMPTE digital cinema standards. The supported features include JPEG2000 decoding, AES decryption, key management, and logging."

784
RSADP Primitive
FIPS186-4 RSA; RSADP
Samsung Electronics Co., Ltd
R4 416, Maetan 3-dong, Yeongtong-gu
Suwon-si, Gyeonggi-do 443-742
Korea

-Jung Ha Paik
TEL: +82-10-8861-0858

Samsung BoringSSL Cryptographic Module

Version v1.0
MSM8996 w/ Android 6.0.1; EXYNOS8890 w/ Android 6.0.1; EXYNOS7420 w/ Android 6.0.1; APQ8084 w/ Android 6.0.1; EXYNOS5433 w/ Android 6.0.1; EXYNOS3475 w/ Android 6.0.1; MSM8916 w/ Android 6.0.1 4/15/2016 RSADP: (Mod2048)

"The Samsung BoringSSL Cryptographic Module is a general purpose cryptographic module to provide user-mode applications with security services."

05/20/16: Updated implementation information;
09/22/16: Added new tested information;

783
Section 4.1.1,
IKEv1
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Palo Alto Networks
4401 Great America Parkway
Santa Clara, California 95054
USA

-Amir Shahhosseini
TEL: 408-753-4000
FAX: 408-753-4001

-Jake Bajic
TEL: 408-753-3901
FAX: 408-753-4001

Palo Alto Networks Crypto Module with DRBG (PA-200, PA-500, PA-2000 Series, PA-3000 Series, PA-4000 Series, PA-5000 and PA-7050 Series Firewalls)

Version PAN-OS 6.0-DRBG (Firmware)
Intel Celeron P4505; Intel Core I7; Intel Multi Core Xeon 4/8/2016 IKEv1( AUTH( PSK ) ) ( 2048 (SHA 256 , 384 , 512 ) ) SHA Val#3242 HMAC Val#2555
TLS( TLS1.0/1.1 ) SHA Val#3242 HMAC Val#2555
SSH (SHA 1 ) SHA Val#3242
SNMP SHA1 Val#3242

"The Palo Alto Networks Crypto Module provides the cryptographic functionality for a variety of platforms i.e. the PA-200, PA-500, PA-2000, PA-3000, PA-4000, PA-5000 and PA-7050 firewalls. The firewalls provide network security by enabling enterprises to see/control applications, users, and content."

05/09/16: Updated implementation information;

782
Section 4.1.1,
IKEv1
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Palo Alto Networks
4401 Great America Parkway
Santa Clara, California 95054
USA

-Amir Shahhosseini
TEL: 408-753-4000
FAX: 408-753-4001

-Jake Bajic
TEL: 408-753-3901
FAX: 408-753-4001

Palo Alto Networks Crypto Module with DRBG (PA-200, PA-500, PA-2000 Series, PA-3000 Series, PA-4000 Series, PA-5000 and PA-7050 Series Firewalls)

Version PAN-OS 6.0-DRBG (Firmware)
Cavium Octeon MIPS64 4/8/2016 IKEv1( AUTH( PSK ) ) ( 2048 (SHA 256 , 384 , 512 ) ) SHA Val#3241 HMAC Val#2554
TLS( TLS1.0/1.1   TLS1.2 (SHA 256 ) ) SHA Val#3241 HMAC Val#2554
SSH (SHA 1 ) SHA Val#3241
SNMP SHA1 Val#3241

"The Palo Alto Networks Crypto Module provides the cryptographic functionality for a variety of platforms i.e. the PA-200, PA-500, PA-2000, PA-3000, PA-4000, PA-5000 and PA-7050 firewalls. The firewalls provide network security by enabling enterprises to see/control applications, users, and content."

05/09/16: Updated implementation information;
05/20/16: Updated implementation information;

781
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Hospira Inc.
275 N. Field Drive
Lake Forest, IL 60045
USA

-Chaitanya Srinivasamurthy
TEL: 001-224-212-5715
FAX: 001-224-212-7910

-Slawomir Ciapala
TEL: 001-224-212-5545
FAX: 001-224-212-7910

Hospira CE3.x OpenSSL Cryptographic Module

Version 2.0.9
i.MX53 Arm Cortex-A8 w/ Android 2.3.7 4/8/2016 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"Hospira OpenSSL FIPS Object Module 2.0.9 is used within various Hospira Infusion Pumps for providing secure communication between Infusion pumps and external server."

780
Section 4.2,
TLS
SP800-135
Prometheus Security Group Global, Inc.
3019 Alvin Devane Blvd
Building 4, Suite #450
Austin, TX 78741
USA

-Jeremy Freeze-Skret
TEL: 512-247-3700
FAX: 512-519-4054

-Mark Thomas
TEL: 503-647-7762
FAX: 512-519-4054

Talon-OpenSSL

Version 1.0.2d and 2.0.9 (Firmware)
Freescale IMX6Q Arm Cortex A9 4/1/2016 TLS( TLS1.0/1.1 ) SHA Val#3234 HMAC Val#2549

"Used for core cryptography functions of the module other than the optional hard drive encryption."

779
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Intel Corporation
2200 Mission College Blvd
Santa Clara, CA 95054
USA

-Steve F. Taylor
TEL: 202-361-7778

-Kevin Fiftal
TEL: 860-326-6293

CSME Crypto Driver

Version 1.0 (Firmware)
embedded IA-32 4/1/2016 Curves tested: P-256

"The CSME Crypto Driver provides the cryptographic functions within the Intel(R) vPro(TM) ME for applications executing in the ME."

778
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Allied Telesis
27 Nazareth Ave
Christchurch, Canterbury 8024
New Zealand

-Andrew Riddell
TEL: +64 29 377 3777
FAX: +64 3 339 3001

-Mofassir Ul Haque
TEL: +64 27 777 1854
FAX: +64 3 339 3001

AW+ OpenSSL FIPS Object Module Version 2.0.10

Version Openssl-fips-2.0.10 (Firmware)
Freescale PowerPC P2040 3/31/2016 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"AW+ OpenSSL FIPS Object Module is a software library which provides cryptographic support for secure communication and protection of information. The cryptographic services provided by the library include Symmetric Encryption and Decryption, Digital Signature, Cryptographic Hashing and Keyed-Hash Message Authentication."

777
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Samsung Electronics Co., Ltd
R4 416, Maetan 3-dong, Yeongtong-gu
Suwon-si, Gyeonggi-do 443-742
Korea

-Jung Ha Paik
TEL: +82-10-8861-0858

Samsung BoringSSL Cryptographic Module

Version v1.0
MSM8996 w/ Android 6.0.1; EXYNOS8890 w/ Android 6.0.1; EXYNOS7420 w/ Android 6.0.1; APQ8084 w/ Android 6.0.1; EXYNOS5433 w/ Android 6.0.1; EXYNOS3475 w/ Android 6.0.1; MSM8916 w/ Android 6.0.1 3/31/2016 Curves tested: P-224   P-256   P-384   P-521

"The Samsung BoringSSL Cryptographic Module is a general purpose cryptographic module to provide user-mode applications with security services."

04/12/16: Updated implmentation information and added new tested information;
05/20/16: Updated implementation information;
09/22/16: Added new tested information;

776
Signature Generation of hash sized messages
FIPS186-4 ECDSA
Legion of the Bouncy Castle Inc.
85 The Crescent
Ascot Vale, Victoria 3032
Australia

-David Hook
TEL: +61438170390

-Jon Eaves
TEL: +61417502969

Bouncy Castle FIPS .NET API

Version 1.0.0
Intel Core i7 (6th Gen) w/ Windows 10 Enterprise 64 bit; Intel Atom w/ Windows 10 Professional 64 bit; Intel Core i5 (5th Gen) w/ Windows 8.1 Professional 32 bit; Intel Core i5 (5th Gen) w/ Windows 7 SP1 32 bit 3/25/2016 ECDSA SigGen Component: CURVES( P-224 P-256 P-384 P-521 K-233 K-283 K-409 K-571 B-233 B-283 B-409 B-571 )

"The Bouncy Castle FIPS .NET API is a comprehensive suite of FIPS Approved algorithms implemented in pure C#. All key sizes and modes have been implemented to allow flexibility and efficiency, and additional algorithms, including some post-quantum ones, are available in non-approved operation as well."

775
Section 4.2,
TLS
Section 5.1,
ANS X9.63-2001
SP800-135
Legion of the Bouncy Castle Inc.
85 The Crescent
Ascot Vale, Victoria 3032
Australia

-David Hook
TEL: +61438170390

-Jon Eaves
TEL: +61417502969

Bouncy Castle FIPS .NET API

Version 1.0.0
Intel Core i7 (6th Gen) w/ Windows 10 Enterprise 64 bit; Intel Atom w/ Windows 10 Professional 64 bit; Intel Core i5 (5th Gen) w/ Windows 8.1 Professional 32 bit; Intel Core i5 (5th Gen) w/ Windows 7 SP1 32 bit 3/25/2016 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#3226 HMAC Val#2544
ANSX963_2001 (SHS 224 , 256 , 384 , 512 ) SHA Val#3226

"The Bouncy Castle FIPS .NET API is a comprehensive suite of FIPS Approved algorithms implemented in pure C#. All key sizes and modes have been implemented to allow flexibility and efficiency, and additional algorithms, including some post-quantum ones, are available in non-approved operation as well."

774
RSADP Primitive
FIPS186-4 RSA; RSADP
Legion of the Bouncy Castle Inc.
85 The Crescent
Ascot Vale, Victoria 3032
Australia

-David Hook
TEL: +61438170390

-Jon Eaves
TEL: +61417502969

Bouncy Castle FIPS .NET API

Version 1.0.0
Intel Core i7 (6th Gen) w/ Windows 10 Enterprise 64 bit; Intel Atom w/ Windows 10 Professional 64 bit; Intel Core i5 (5th Gen) w/ Windows 8.1 Professional 32 bit; Intel Core i5 (5th Gen) w/ Windows 7 SP1 32 bit 3/25/2016 RSADP: (Mod2048)

"The Bouncy Castle FIPS .NET API is a comprehensive suite of FIPS Approved algorithms implemented in pure C#. All key sizes and modes have been implemented to allow flexibility and efficiency, and additional algorithms, including some post-quantum ones, are available in non-approved operation as well."

773
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Legion of the Bouncy Castle Inc.
85 The Crescent
Ascot Vale, Victoria 3032
Australia

-David Hook
TEL: +61438170390

-Jon Eaves
TEL: +61417502969

Bouncy Castle FIPS .NET API

Version 1.0.0
Intel Core i7 (6th Gen) w/ Windows 10 Enterprise 64 bit; Intel Atom w/ Windows 10 Professional 64 bit; Intel Core i5 (5th Gen) w/ Windows 8.1 Professional 32 bit; Intel Core i5 (5th Gen) w/ Windows 7 SP1 32 bit 3/25/2016 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"The Bouncy Castle FIPS .NET API is a comprehensive suite of FIPS Approved algorithms implemented in pure C#. All key sizes and modes have been implemented to allow flexibility and efficiency, and additional algorithms, including some post-quantum ones, are available in non-approved operation as well."

772
Section 4.1.2,
IKEv2
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Cisco Systems, Inc.
170 West Tasman Dr.
San Jose, CA 95134
USA

-Global Certification Team

Adaptive Security Appliance Virtual (ASAv)

Version 9.4
Intel Xeon w/ ESXi 3/25/2016 IKEv2( ( 2048 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#3223 HMAC Val#2540
TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#3223 HMAC Val#2540
SSH (SHA 1 ) SHA Val#3223
SNMP SHA1 Val#3223

"The Cisco ASAv delivers robust user and application policy enforcement, multi-vector attack protection, and secure connectivity services in cost-effective, easy-to-deploy solutions. The ASAv provide comprehensive security, performance, and reliability for network environment."

771
Section 5.7.1.2: ECC CDH Primitive

All of SP800-56A EXCEPT KDF
SP800-56A

SP800-56A
IBM Corporation
11400 Burnet Road
Austin, TX 78758
USA

-Tom Benjamin
TEL: 512-286-5319
FAX: 512-973-4763

-Karthik Ramamoorthy
TEL: 512-286-8135
FAX: 512-973-4763

IBM JCE FIPS Module on Linux on z Systems with CPACF

Version 1.8
z13 w/ RHEL Server release 7.2 for IBM z Systems 3/18/2016 Curves tested: P-224   P-256   P-384   P-521
FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   KPG )
SCHEMES: Hybrid1: (KARole: Initiator / Responder ) FB FC Ephem: (KARole: Initiator / Responder ) FB FC Static: (KARole: Initiator / Responder ) FB FC DSA Val#1068 SHS Val#3222 DRBG Val#1125
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG Partial Validation )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 StaticUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 ECDSA Val#853 SHS Val#3222 DRBG Val#1125

"The IBM Java JCE (Java Cryptographic Extension) FIPS provider (IBMJCEFIPS) for multi-platforms is a scalable, multipurpose cryptographic module that supports many FIPS approved cryptographic operations. This gives Java applications access to the FIPS algorithms via the standard JCE framework."

770
Section 4.2,
TLS
SP800-135
IBM Corporation
11400 Burnet Road
Austin, TX 78758
USA

-Tom Benjamin
TEL: 512-286-5319
FAX: 512-973-4763

-Karthik Ramamoorthy
TEL: 512-286-8135
FAX: 512-973-4763

IBM JCE FIPS Module on Linux on z Systems with CPACF

Version 1.8
z13 w/ RHEL Server release 7.2 for IBM z Systems 3/18/2016 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#3222 HMAC Val#2539

"The IBM Java JCE (Java Cryptographic Extension) FIPS provider (IBMJCEFIPS) for multi-platforms is a scalable, multipurpose cryptographic module that supports many FIPS approved cryptographic operations. This gives Java applications access to the FIPS algorithms via the standard JCE framework."

769
Section 5.7.1.2: ECC CDH Primitive

All of SP800-56A EXCEPT KDF
SP800-56A

SP800-56A
IBM Corporation
11400 Burnet Road
Austin, TX 78758
USA

-Tom Benjamin
TEL: 512-286-5319
FAX: 512-973-4763

-Karthik Ramamoorthy
TEL: 512-286-8135
FAX: 512-973-4763

IBM JCE FIPS Module on zOS with CPACF

Version 1.8
z13 w/ z/OS version 2 release 2 3/18/2016 Curves tested: P-224   P-256   P-384   P-521
FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   KPG )
SCHEMES: Hybrid1: (KARole: Initiator / Responder ) FB FC Ephem: (KARole: Initiator / Responder ) FB FC Static: (KARole: Initiator / Responder ) FB FC DSA Val#1067 SHS Val#3221 DRBG Val#1124
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG Partial Validation )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 StaticUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 ECDSA Val#852 SHS Val#3221 DRBG Val#1124

"The IBM Java JCE (Java Cryptographic Extension) FIPS provider (IBMJCEFIPS) for multi-platforms is a scalable, multipurpose cryptographic module that supports many FIPS approved cryptographic operations. This gives Java applications access to the FIPS algorithms via the standard JCE framework."

768
Section 4.2,
TLS
SP800-135
IBM Corporation
11400 Burnet Road
Austin, TX 78758
USA

-Tom Benjamin
TEL: 512-286-5319
FAX: 512-973-4763

-Karthik Ramamoorthy
TEL: 512-286-8135
FAX: 512-973-4763

IBM JCE FIPS Module on zOS with CPACF

Version 1.8
z13 w/ z/OS version 2 release 2 3/18/2016 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#3221 HMAC Val#2538

"The IBM Java JCE (Java Cryptographic Extension) FIPS provider (IBMJCEFIPS) for multi-platforms is a scalable, multipurpose cryptographic module that supports many FIPS approved cryptographic operations. This gives Java applications access to the FIPS algorithms via the standard JCE framework."

767
Section 5.7.1.2: ECC CDH Primitive

All of SP800-56A EXCEPT KDF
SP800-56A

SP800-56A
IBM Corporation
11400 Burnet Road
Austin, TX 78758
USA

-Tom Benjamin
TEL: 512-286-5319
FAX: 512-973-4763

-Karthik Ramamoorthy
TEL: 512-286-8135
FAX: 512-973-4763

IBM JCE FIPS Module on xLinux with AES-NI

Version 1.8
Intel Xeon E5 V3 family w/ Red Hat Enterprise Linux Server release 7.1 3/18/2016 Curves tested: P-224   P-256   P-384   P-521
FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   KPG )
SCHEMES: Hybrid1: (KARole: Initiator / Responder ) FB FC Ephem: (KARole: Initiator / Responder ) FB FC Static: (KARole: Initiator / Responder ) FB FC DSA Val#1066 SHS Val#3220 DRBG Val#1123
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG Partial Validation )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 StaticUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 ECDSA Val#851 SHS Val#3220 DRBG Val#1123

"The IBM Java JCE (Java Cryptographic Extension) FIPS provider (IBMJCEFIPS) for multi-platforms is a scalable, multipurpose cryptographic module that supports many FIPS approved cryptographic operations. This gives Java applications access to the FIPS algorithms via the standard JCE framework."

766
Section 4.2,
TLS
SP800-135
IBM Corporation
11400 Burnet Road
Austin, TX 78758
USA

-Tom Benjamin
TEL: 512-286-5319
FAX: 512-973-4763

-Karthik Ramamoorthy
TEL: 512-286-8135
FAX: 512-973-4763

IBM JCE FIPS Module on xLinux with AES-NI

Version 1.8
Intel Xeon E5 V3 family w/ Red Hat Enterprise Linux Server release 7.1 3/18/2016 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#3220 HMAC Val#2537

"The IBM Java JCE (Java Cryptographic Extension) FIPS provider (IBMJCEFIPS) for multi-platforms is a scalable, multipurpose cryptographic module that supports many FIPS approved cryptographic operations. This gives Java applications access to the FIPS algorithms via the standard JCE framework."

765
Section 5.7.1.2: ECC CDH Primitive

All of SP800-56A EXCEPT KDF
SP800-56A

SP800-56A
IBM Corporation
11400 Burnet Road
Austin, TX 78758
USA

-Tom Benjamin
TEL: 512-286-5319
FAX: 512-973-4763

-Karthik Ramamoorthy
TEL: 512-286-8135
FAX: 512-973-4763

IBM JCE FIPS Module on Windows 2012 with AES-NI

Version 1.8
Intel Xeon E5 V3 family w/ Windows Server 2012 release 2 3/18/2016 Curves tested: P-224   P-256   P-384   P-521
FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   KPG )
SCHEMES: Hybrid1: (KARole: Initiator / Responder ) FB FC Ephem: (KARole: Initiator / Responder ) FB FC Static: (KARole: Initiator / Responder ) FB FC DSA Val#1065 SHS Val#3219 DRBG Val#1122
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG Partial Validation )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 StaticUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 ECDSA Val#850 SHS Val#3219 DRBG Val#1122

"The IBM Java JCE (Java Cryptographic Extension) FIPS provider (IBMJCEFIPS) for multi-platforms is a scalable, multipurpose cryptographic module that supports many FIPS approved cryptographic operations. This gives Java applications access to the FIPS algorithms via the standard JCE framework."

764
Section 4.2,
TLS
SP800-135
IBM Corporation
11400 Burnet Road
Austin, TX 78758
USA

-Tom Benjamin
TEL: 512-286-5319
FAX: 512-973-4763

-Karthik Ramamoorthy
TEL: 512-286-8135
FAX: 512-973-4763

IBM JCE FIPS Module on Windows 2012 with AES-NI

Version 1.8
Intel Xeon E5 V3 family w/ Windows Server 2012 release 2 3/18/2016 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#3219 HMAC Val#2536

"The IBM Java JCE (Java Cryptographic Extension) FIPS provider (IBMJCEFIPS) for multi-platforms is a scalable, multipurpose cryptographic module that supports many FIPS approved cryptographic operations. This gives Java applications access to the FIPS algorithms via the standard JCE framework."

763
Section 5.7.1.2: ECC CDH Primitive

All of SP800-56A EXCEPT KDF
SP800-56A

SP800-56A
IBM Corporation
11400 Burnet Road
Austin, TX 78758
USA

-Tom Benjamin
TEL: 512-286-5319
FAX: 512-973-4763

-Karthik Ramamoorthy
TEL: 512-286-8135
FAX: 512-973-4763

IBM JCE FIPS Module on Windows 7

Version 1.8
Intel Core i7 vPro 4770 w/ Windows 7 64-bit 3/18/2016 Curves tested: P-224   P-256   P-384   P-521
FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   KPG )
SCHEMES: Hybrid1: (KARole: Initiator / Responder ) FB FC Ephem: (KARole: Initiator / Responder ) FB FC Static: (KARole: Initiator / Responder ) FB FC DSA Val#1064 SHS Val#3218 DRBG Val#1121
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG Partial Validation )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 StaticUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 ECDSA Val#849 SHS Val#3218 DRBG Val#1121

"The IBM Java JCE (Java Cryptographic Extension) FIPS provider (IBMJCEFIPS) for multi-platforms is a scalable, multipurpose cryptographic module that supports many FIPS approved cryptographic operations. This gives Java applications access to the FIPS algorithms via the standard JCE framework."

762
Section 4.2,
TLS
SP800-135
IBM Corporation
11400 Burnet Road
Austin, TX 78758
USA

-Tom Benjamin
TEL: 512-286-5319
FAX: 512-973-4763

-Karthik Ramamoorthy
TEL: 512-286-8135
FAX: 512-973-4763

IBM JCE FIPS Module on Windows 7

Version 1.8
Intel Core i7 vPro 4770 w/ Windows 7 64-bit 3/18/2016 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#3218 HMAC Val#2535

"The IBM Java JCE (Java Cryptographic Extension) FIPS provider (IBMJCEFIPS) for multi-platforms is a scalable, multipurpose cryptographic module that supports many FIPS approved cryptographic operations. This gives Java applications access to the FIPS algorithms via the standard JCE framework."

761
Section 5.7.1.2: ECC CDH Primitive

All of SP800-56A EXCEPT KDF
SP800-56A

SP800-56A
IBM Corporation
11400 Burnet Road
Austin, TX 78758
USA

-Tom Benjamin
TEL: 512-286-5319
FAX: 512-973-4763

-Karthik Ramamoorthy
TEL: 512-286-8135
FAX: 512-973-4763

IBM JCE FIPS Module on Linux PowerPC with vcipher and vshasigma

Version 1.8
POWER 8 w/ Red Hat Enterprise Linux Server release 7.1 3/18/2016 Curves tested: P-224   P-256   P-384   P-521
FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   KPG )
SCHEMES: Hybrid1: (KARole: Initiator / Responder ) FB FC Ephem: (KARole: Initiator / Responder ) FB FC Static: (KARole: Initiator / Responder ) FB FC DSA Val#1063 SHS Val#3217 DRBG Val#1120
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG Partial Validation )
SCHEMES: FullUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 StaticUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 ECDSA Val#848 SHS Val#3217 DRBG Val#1120

"The IBM Java JCE (Java Cryptographic Extension) FIPS provider (IBMJCEFIPS) for multi-platforms is a scalable, multipurpose cryptographic module that supports many FIPS approved cryptographic operations. This gives Java applications access to the FIPS algorithms via the standard JCE framework."

760
Section 4.2,
TLS
SP800-135
IBM Corporation
11400 Burnet Road
Austin, TX 78758
USA

-Tom Benjamin
TEL: 512-286-5319
FAX: 512-973-4763

-Karthik Ramamoorthy
TEL: 512-286-8135
FAX: 512-973-4763

IBM JCE FIPS Module on Linux PowerPC with vcipher and vshasigma

Version 1.8
POWER 8 w/ Red Hat Enterprise Linux Server release 7.1 3/18/2016 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#3217 HMAC Val#2534

"The IBM Java JCE (Java Cryptographic Extension) FIPS provider (IBMJCEFIPS) for multi-platforms is a scalable, multipurpose cryptographic module that supports many FIPS approved cryptographic operations. This gives Java applications access to the FIPS algorithms via the standard JCE framework."

759
Section 5.7.1.2: ECC CDH Primitive

All of SP800-56A EXCEPT KDF
SP800-56A

SP800-56A
IBM Corporation
11400 Burnet Road
Austin, TX 78758
USA

-Tom Benjamin
TEL: 512-286-5319
FAX: 512-973-4763

-Karthik Ramamoorthy
TEL: 512-286-8135
FAX: 512-973-4763

IBM JCE FIPS Module on AIX PowerPC with vcipher and vshasigma

Version 1.8
POWER 8 w/ AIX 7 3/18/2016 Curves tested: P-224   P-256   P-384   P-521
FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   KPG )
SCHEMES: Hybrid1: (KARole: Initiator / Responder ) FB FC Ephem: (KARole: Initiator / Responder ) FB FC Static: (KARole: Initiator / Responder ) FB FC DSA Val#1062 SHS Val#3216 DRBG Val#1119
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG Partial Validation )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 StaticUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 ECDSA Val#847 SHS Val#3216 DRBG Val#1119

"The IBM Java JCE (Java Cryptographic Extension) FIPS provider (IBMJCEFIPS) for multi-platforms is a scalable, multipurpose cryptographic module that supports many FIPS approved cryptographic operations. This gives Java applications access to the FIPS algorithms via the standard JCE framework."

758
Section 4.2,
TLS
SP800-135
IBM Corporation
11400 Burnet Road
Austin, TX 78758
USA

-Tom Benjamin
TEL: 512-286-5319
FAX: 512-973-4763

-Karthik Ramamoorthy
TEL: 512-286-8135
FAX: 512-973-4763

IBM JCE FIPS Module on AIX PowerPC with vcipher and vshasigma

Version 1.8
POWER 8 w/ AIX 7 3/18/2016 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#3216 HMAC Val#2533

"The IBM Java JCE (Java Cryptographic Extension) FIPS provider (IBMJCEFIPS) for multi-platforms is a scalable, multipurpose cryptographic module that supports many FIPS approved cryptographic operations. This gives Java applications access to the FIPS algorithms via the standard JCE framework."

757
Section 4.2,
TLS
SP800-135
iboss Cybersecurity
4110 Campus Point Court
San Diego, CA 92121
USA

-Peter Martini
TEL: 858-568-7051
FAX: 858-225-6158

-Christopher Park
TEL: 858-568-7051
FAX: 858-225-6158

Firesphere OpenSSL

Version 8.2.0.0 (Firmware)
Intel Xeon E5-1650v2 with AES-NI; Intel Xeon 2x E5-2650 with AES-NI; 3/18/2016 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#3215 HMAC Val#2532

"FireSphere OpenSSL is a suite of FIPS approved algorithms. The following algorithms are supported: AES 128 and 256, SP800-90A CTR DRBG 128 and 256, RSA SIGVer 1024, 2048, and 3072, RSA SigGen 2048 and 3072, RSA KeyGen 2048 and 3072, SHA and HMAC-SHA 1, 224, 256, 384, and 512, and RSA key wrapping."

756
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
Section 4.2,
TLS
Section 5.4, SNMP
SP800-135
Dell Software, Inc.
5455 Great America Parkway
Santa Clara, CA 95054
USA

-Usha Sanagala
TEL: 408-962-6248
FAX: 408-745-9300

SonicOS 6.2.5 for TZ, SM and NSA

Version 6.2.5 (Firmware)
Cavium CN7020; Cavium CN7130; Cavium Octeon Plus CN66XX Family; Cavium Octeon Plus CN68XX Family 3/18/2016 IKEv1( AUTH( DSA , PSK ) ) ( 2048 (SHA 256 , 384 , 512 ) ) ( 2048 (SHA 256 , 384 , 512 ) ) SHA Val#3214 HMAC Val#2531
IKEv2( ( 2048 (SHA 256 , 384 , 512 ) ) ( 2048 (SHA 256 , 384 , 512 ) ) SHA Val#3214 HMAC Val#2531
TLS( TLS1.0/1.1 ) SHA Val#3214 HMAC Val#2531
SNMP SHA1 Val#3214

"The Dell SonicWALL family of firewalls tightly integrates intrusion prevention, malware protection, Application Intelligence and Control with real-time Visualization. Dell SonicWALL Reassembly-Free Deep Packet Inspection engine scans 100% of traffic and massively scales to meet needs of the most high-performance networks."

04/22/16: Added new tested information;
06/14/16: Updated implementation information;

755
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
HPE Data Security
20400 Stevens Creek Blv
Suite 500
Cupertino, CA 95014
USA

-Luther Martin
TEL: (408)886-3200
FAX: (408)886-3201

Voltage Cryptographic Module v.5.0

Version 5.0
CPUCPU Intel Xeon E5-2600 v2 w/o AES-NI, model NS7 X1 w/ HP NonStop TNS/X L15.08.00 - OSS 3/11/2016 Curves tested: P-224   P-256   P-384   P-521

"The Voltage Cryptographic Module provides the Validated algorithms used by the HP SecureMail, HP SecureFile and HP SecureData families of products."

04/12/16: Updated implementation information;

754
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
HPE Data Security
20400 Stevens Creek Blv
Suite 500
Cupertino, CA 95014
USA

-Luther Martin
TEL: (408)886-3200
FAX: (408)886-3201

Voltage Cryptographic Module v.5.0

Version 5.0
CPU Intel Xeon E5-2600 v2 w/o AES-NI, model NS7 X1 w/ HP NonStop TNS/X L15.08.00 - Guardian 3/11/2016 Curves tested: P-224   P-256   P-384   P-521

"The Voltage Cryptographic Module provides the Validated algorithms used by the HP SecureMail, HP SecureFile and HP SecureData families of products."

04/12/16: Updated implementation information;

753
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Samsung Electronics Co., Ltd.
416, Maetan 3-Dong Youngton Gu
Suwon, Gyeonggi 152-848
South Korea

-Abraham Joseph Kang
TEL: +1-408-324-3678
FAX: +1-408-324-3640

-Bumhan Kim
TEL: +82-10-4800-6711

Samsung SCrypto

Version 1.0
Qualcomm MSM8996 w/ QSEE 4.0 3/4/2016 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"Provide general purpose cryptographic services to TrustZone applications on the mobile platform for the protection of data in transit."

752
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Samsung Electronics Co., Ltd.
416, Maetan 3-Dong Youngton Gu
Suwon, Gyeonggi 152-848
South Korea

-Abraham Joseph Kang
TEL: +1-408-324-3678
FAX: +1-408-324-3640

-Bumhan Kim
TEL: +82-10-4800-6711

Samsung SCrypto

Version 1.0
Samsung Electronics Exynos 8890 w/ MOBICORE Tbase 310B 3/4/2016 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"Provide general purpose cryptographic services to TrustZone applications on the mobile platform for the protection of data in transit."

751
Section 4.2,
TLS
SP800-135
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134
USA

-Global Certification Team

ONS Encryption Card Firmware Algorithms

Version 10 (Firmware)
Freescale PowerPC e500 Core 3/4/2016 TLS( TLS1.0/1.1 ) SHA Val#3140 HMAC Val#2470

"Firmware algorithm implementation used within the Cisco Optical Networking Solution (ONS) and Network Convergence System (NCS) 2000 Series products."

750
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134
USA

-Global Certification Team

ONS Controller Card Firmware Algorithms

Version 10 (Firmware)
Freescale MPC8548E 3/4/2016 TLS( TLS1.0/1.1 ) SHA Val#3141 HMAC Val#2471
SSH (SHA 1 , 256 ) SHA Val#3141

"Firmware algorithm implementation used within the Cisco Optical Networking Solution (ONS) and Network Convergence System (NCS) 2000 Series products."

749
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Utimaco IS GmbH
Germanusstraße 4
Aachen, n/a 52080
Germany

-Dr. Gesa Ott
TEL: ++49 241-1696-200
FAX: ++49 241-1696-199

-Dieter Bong
TEL: ++49 241-1696-200
FAX: ++49 241-1696-199

CryptoServer Se ECDSA

Version ecdsa1.1.2.0_eca1.1.3.2 (Firmware)
Texas Instruments TMS320C6416T 3/4/2016 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"ECDSA Component implements all ECDSA key sizes and curves to allow flexibility and efficiency."

748
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
IBM Internet Security Systems
6303 Barfield Road
Atlanta, GA 30328
USA

-Ferrell Moultrie
TEL: 678-234-4069

-Sheena Leake
TEL: 404-238-5565

IBM MESA / Modular Extensible Security Architecture GSKit

Version 5.3.1
Intel Xeon E5530 (2x) w/ RHEL 6.3 Linux on VMware ESXi 5.5 2/26/2016 Curves tested: P-224   P-256   P-384   P-521

"IBM MESA (Modular Extensible Security Architecture) is an appliance framework hosting applications in a secure environment and providing all cryptographic or other security-relevant functions to the application. For example: IBM XGS-virtual is a specific application instance hosted in this fashion."

747
Section 5.4, SNMP
SP800-135
ViaSat, Inc.
6155 El Camino Real
Carlsbad, CA 92009
USA

-David Suksumrit
TEL: 760-476-2306
FAX: 760-929-3941

-Savitha Naik
TEL: 760-476-7416
FAX: 760-929-3941

NetSNMP KDF

Version 5.7.1 EBEM Patch 1 (Firmware)
IBM PowerPC 2/26/2016 SNMP SHA1 Val#3202

"SHA-1 based KDF used by NetSNMP"

746
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Acronis International GmbH
Rheinweg 9
8200 Schaffhausen, n/a n/a
Switzerland

-Oleg Mikhalsky
TEL: +7 (495) 648-14-27
FAX: +7 (495) 708-44-89

-Anton Enakiev
TEL: +7 (495) 648-14-27
FAX: +7 (495) 708-44-89

Acronis AnyData Cryptographic Library

Version 1.0
Intel Core i3-3217U without AES-NI w/ Windows 2008 R2 64bit; Intel Core i3-3217U without AES-NI w/ Windows 7 Ultimate 32bit; Intel Core i5-5300U with AES-NI w/ Windows 7 Ultimate 64bit; Intel Core i3-3217U without AES-NI w/ Red Hat Enterprise Linux 6.6; Intel Core i3-3217U without AES-NI w/ Red Hat Enterprise Linux 7.1; Intel Core i5-5300U with AES-NI w/ Acronis Virtual Appliance Linux 11.5 on vSphere 5.5; Intel Core i5-5300U with AES-NI w/ Windows 8.1 Pro 64bit; Intel Core i3-3217U without AES-NI w/ Windows 2012 R2 64bit 2/26/2016 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"Acronis AnyData Cryptographic Library (AACL) is a cryptographic software module used in various products Acronis."

745
Section 4.2,
TLS
SP800-135
Tanium, Inc.
2200 Powell St. 6th Floor
Emeryville, CA 94608
USA

-Jason Mealins
TEL: 4156448134
FAX: 5107040101

TaniumCryptoLibrary Module

Version 1.0.0.1
Intel Xeon w/ Microsoft Windows Server 2008 R2 (64 bit); Intel Xeon w/ Microsoft Windows Server 2012 (64-bit); Intel Xeon w/ Microsoft Windows 7 (32-bit); Intel Xeon w/ Microsoft Windows 7 (64 bit) 2/19/2016 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#3197 HMAC Val#2519

"The TaniumCryptoLibrary Module is an OpenSSL-based cryptographic module that provides cryptographic services to Tanium Inc. products."

02/26/16: Updated implementation information;

744
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Tanium, Inc.
2200 Powell St. 6th Floor
Emeryville, CA 94608
USA

-Jason Mealins
TEL: 4156448134
FAX: 5107040101

TaniumCryptoLibrary Module

Version 1.0.0.1
Intel Xeon w/ Microsoft Windows Server 2008 R2 (64 bit); Intel Xeon w/ Microsoft Windows Server 2012 (64-bit); Intel Xeon w/ Microsoft Windows 7 (32-bit); Intel Xeon w/ Microsoft Windows 7 (64 bit) 2/19/2016 Curves tested: P-521

"The TaniumCryptoLibrary Module is an OpenSSL-based cryptographic module that provides cryptographic services to Tanium Inc. products."

02/26/16: Updated implementation information;

743
Section 4.2,
TLS
SP800-135
APCON, Inc.
9255 SW Pioneer Ct.
Wilsonville, OR 97070
USA

-Tery Hodges
TEL: 971-224-2789
FAX: 503-682-4059

-Gerry Murphy
TEL: 503-682-4050
FAX: 503-682-4059

OpenSSL 1.02d - FIPS

Version Std. Library FIPS Module 2.0.9 (Firmware)
Freescale PowerQUICC® II Pro MPC8349 2/12/2016 TLS( TLS1.2 (SHA 256 , 384 ) ) SHA Val#3186 HMAC Val#2510

"OpenSSL is used to manage SSL certs. RSA firmware signing verification. Used to originate and terminate SSL tunnels."

742
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Ceragon Networks Ltd.
24 Raoul Wallenberg Street
Tel Aviv, 69719
Israel

-Stanislav Elenkrich
TEL: +972-3-5431-430

Management Security Algorithms

Version 1.0 (Firmware)
EZChip MIPS34Kc; Freescale P1012 2/12/2016 TLS( TLS1.2 (SHA 256 ) ) SHA Val#3185 HMAC Val#2509
SSH (SHA 1 , 256 ) SHA Val#3185
SNMP SHA1 Val#3185

"Algorithms for managing Ceragon IP-20 platforms"

741
Section 4.1.2,
IKEv2
SP800-135
Aruba, a Hewlett Packard Enterprise company
3333 Scott Blvd
Santa Clara, CA 95054
USA

-Steve Weingart
TEL: 512-319-2480

Aruba Instant VPN module

Version ArubaInstant 6.5.1.0-4.3.1 (Firmware)
Freescale QorIQ P1020 800MHz; 88F6560 500MHz; Freescale QorIQ P1010 800MHz; Qualcomm QCA9344 500MHz 2/5/2016 IKEv2( ( 2048 (SHA 1 , 256 , 384 , 512 ) ) ( 3072 (SHA 1 , 256 , 384 , 512 ) ) ( 4096 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#3182 HMAC Val#2507

"Aruba Instant VPN module for RAP-108/109 and AP-214/215/224/225/274/275/277 hardware."

05/17/16: Added new tested information;
03/02/17: Updated vendor information;

740
Signature Generation of hash sized messages
FIPS186-4 ECDSA
RSA, The Security Division of EMC
174 Middlesex Turnpike
Bedford, MA 01730
USA

-Rohit Mathur
TEL: +61730325220

RSA BSAFE Crypto-C Micro Edition

Version 4.1.0.1
ARMv7 (32-bit) w/ Linaro Linux 3.10.68 2/5/2016 ECDSA SigGen Component: CURVES( P-224 P-256 P-384 P-521 K-233 K-283 K-409 K-571 B-233 B-283 B-409 B-571 )

"RSA BSAFE® Crypto-C ME software is designed to help protect sensitive data as it is stored using strong encryption techniques to provide a persistent level of protection. The software supports a wide range of industry standard encryption algorithms offering developers the flexibility to choose the appropriate option to meet their requirements."

739
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Hewlett Packard Enterprise
153 Taylor Street
Littleton, MA 01460
USA

-Bob Pittman
TEL: 1-978-264-5211
FAX: 1-978-264-5522

HPE Comware

Version Comware Crypto 7.1.1.1.1.42 (Firmware)
ARM Cortex-A9 1GHz; ARM Cortex-A9 1GHz * 2; Broadcom XLP108AQ, 1.0Ghz, MIPS; Broadcom XLS408, 1.2Ghz, MIPS; Broadcom XLP108, 1.0GHz, MIPS; Broadcom XLP208, 1GHz, MIPS; Broadcom XLP316, 1.2GHz, MIPS; Freescale MPC P5040, 1.8 GHz, PowerPC; Freescale MPC8548, 1.5 GHz, PowerPC; Freescale P2020, 1.0GHz, PowerPC; Cavium CN6130, 1Ghz,MIPS; Cavium CN6218, 1Ghz,MIPS; Cavium CN6635, 1.3Ghz,MIPS; Freescale P1016, 667Mhz,PowerPC; Freescale P1021, 800Mhz,PowerPC 2/5/2016 IKEv1( AUTH( DSA , PSK ) ) ( 256 (SHA 1 , 224 , 256 , 384 , 512 ) ) ( 2048 (SHA 1 , 224 , 256 , 384 , 512 ) ) ( 384 (SHA 1 , 224 , 256 , 384 , 512 ) ) SHA Val#3177 HMAC Val#2503
IKEv2( ( 256 (SHA 1 , 224 , 256 , 384 , 512 ) ) ( 2048 (SHA 1 , 224 , 256 , 384 , 512 ) ) ( 384 (SHA 1 , 224 , 256 , 384 , 512 ) ) SHA Val#3177 HMAC Val#2503
TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#3177 HMAC Val#2503
SSH (SHA 1 , 224 , 256 , 384 , 512 ) SHA Val#3177
SNMP SHA1 Val#3177

"Comware cryptographic library is a software library that provides cryptographic functions within HP devices."

738
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Hewlett Packard Enterprise
153 Taylor Street
Littleton, MA 01460
USA

-Bob Pittman
TEL: 1-978-264-5211
FAX: 1-978-264-5522

HPE Comware

Version Comware Crypto 7.1.1.1.1.42 (Firmware)
ARM Cortex-A9 1GHz; ARM Cortex-A9 1GHz * 2; Broadcom XLP108AQ, 1.0Ghz, MIPS; Broadcom XLS408, 1.2Ghz, MIPS; Broadcom XLP108, 1.0GHz, MIPS; Broadcom XLP208, 1GHz, MIPS; Broadcom XLP316, 1.2GHz, MIPS; Freescale MPC P5040, 1.8 GHz, PowerPC; Freescale MPC8548, 1.5 GHz, PowerPC; Freescale P2020, 1.0GHz, PowerPC; Cavium CN6130, 1Ghz,MIPS; Cavium CN6218, 1Ghz,MIPS; Cavium CN6635, 1.3Ghz,MIPS; Freescale P1016, 667Mhz,PowerPC; Freescale P1021, 800Mhz,PowerPC 2/5/2016 Curves tested: P-224   P-256   P-384   P-521

"Comware cryptographic library is a software library that provides cryptographic functions within HP devices."

737
Section 4.1.1,
IKEv1
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Hewlett Packard Enterprise
153 Taylor Street
Littleton, MA 01460
USA

-Bob Pittman
TEL: 1-978-264-5211
FAX: 1-978-264-5522

HPE Comware

Version ComwareV7.1-R7103 (Firmware)
Freescale P2020,1.0GHz,PowerPC; Freescale P4080, 1.5GHz, PowerPC 2/5/2016 IKEv1( AUTH( DSA , PSK ) ) ( 2048 (SHA 1 ) ) SHA Val#3175
TLS( TLS1.0/1.1 ) SHA Val#3175
SSH (SHA 1 ) SHA Val#3175
SNMP SHA1 Val#3175

"Comware cryptographic library is a software library that provides cryptographic functions within HP devices."

736
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Intel Corporation
2200 Mission College Blvd.
Santa Clara, CA 95054-1549
USA

-James Reardon
TEL: (408) 765-8080

Intel OpenSSL FIPS Object Module

Version 2.0.5
Intel x86_64 w/ Linux 3.10; Intel x86_64 w/ Linux 3.10 on VMware ESXi 6.00 1/29/2016 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"1SUB version of OpenSSL FIPS Object Module."

735
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Intel Corporation
2200 Mission College Blvd.
Santa Clara, CA 95054-1549
USA

-James Reardon
TEL: (408) 765-8080

Intel OpenSSL FIPS Object Module

Version 2.0.8
Intel x86_64 w/ Linux 3.10; Intel x86_64 w/ Linux 3.10 on VMware ESXi 6.00; 1/29/2016 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"1SUB version of OpenSSL FIPS Object Module"

734
Section 4.1.2,
IKEv2
Section 4.2,
TLS
SP800-135
Aruba, a Hewlett Packard Enterprise company
1344 Crossman Avenue
Sunnyvale, CA 94089
USA

-Steve Weingart
TEL: 830-580-1544

ArubaOS Common Cryptographic Module

Version AOS_VMC_6.4.2.0-1.0-FIPS (Firmware)
Intel x86, i7 1/22/2016 IKEv2( ( 2048 (SHA 256 , 384 ) ) ( 256 (SHA 256 , 384 ) ) ( 384 (SHA 256 , 384 ) ) SHA Val#3167 HMAC Val#2949
TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#3167 HMAC Val#2949

"Linux on Intel"

01/05/17: Updated vendor information;

733
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
NetApp, Inc.
495 East Java Drive
Fourth Floor
Sunnyvale, CA 94089
USA

-Ajay Singh
TEL: 408-822-6000
FAX: 408-822-4501

Decru SW SHA1 Engine

Version 1.1 (Firmware)
Atmel "Secure uController" AT90SC144144C-AL 1/22/2016 RSASP1: (Mod2048: PKCS1.5 )

"Decru's Storage Encryption Processor (SEP) is the primary cryptographic and key management engine for the Decru LKM (Lifetime Key Management) appliance."

02/05/16: Updated vendor information;

732
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
HPE Data Security
20400 Stevens Creek Blv
Suite 500
Cupertino, CA 95014
USA

-Luther Martin
TEL: (408)886-3200
FAX: (408)886-3201

Voltage Cryptographic Module v.5.0

Version 5.0
CPU Intel Itanium 9300, model NB54000c w/ HP NonStop TNS/E J06.19.00 - Guardian; CPU Intel Xeon E5-2600 v2 with AES-NI, model NS7 X1 w/ HP NonStop TNS/X L15.08.00 – Guardian 1/22/2016 Curves tested: P-224   P-256   P-384   P-521

"The Voltage Cryptographic Module provides the Validated algorithms used by the HP SecureMail, HP SecureFile and HP SecureData families of products."

03/07/16: Updated implementation and vendor information;
04/12/16: Updated implmentation information;

731
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Certicom Corp.
4701 Tahoe Blvd, Building A
5th Floor
Mississauga, Ontario L4W 0B5
Canada

-Certicom Support
TEL: 1-905-507-4220
FAX: 1-905-507-4230

-Certicom Sales
TEL: 1-905-507-4220
FAX: 1-905-507-4230

Security Builder® FIPS Core

Version 6.0.3
Intel Core i7-3615QM w/ Mac OSX Yosemite 10.10.4 1/22/2016 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571

"Security Builder® FIPS Core provides application developers with cryptographics tools to easily integrate encryption, digital signatures and other security mechanisms into C-based apps for FIPS 140-2 and Suite B security. It can also be used with Certicom''s PKI, IPSec and SSL modules"

730
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Hewlett Packard Enterprise
153 Taylor Street
Littleton, MA 01460
USA

-Bob Pittman
TEL: 508.467.0284

Aruba 5400r switch

Version KB_15_18_0008 (Firmware)
P2020 1/22/2016 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 512 ) ) SHA Val#3162 HMAC Val#2489
SSH (SHA 1 ) SHA Val#3162

"Aruba 5400r switch"

729
All of SP800-56A EXCEPT KDF
SP800-56A
Apple Inc.
1 Infinite Loop
Cupertino, CA 95014
USA

-Shawn Geddis
TEL: (669)227-3579
FAX: (866)315-1954

Apple OSX CoreCrypto Module (Generic, Xeon 32bit)

Version 6.0
Intel Xeon w/ OSX 10.11 1/22/2016 ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: OnePassDH: (KARole: Initiator / Responder ) EC: P-256 ECDSA Val#827 SHS Val#3159 DRBG Val#1066 HMAC Val#2486

"Cryptographic library offering various cryptographic mechanisms to Apple frameworks. The testing applies to user space and generic, non-optimized software compiled for 32bit word size."

728
All of SP800-56A EXCEPT KDF
SP800-56A
Apple Inc.
1 Infinite Loop
Cupertino, CA 95014
USA

-Shawn Geddis
TEL: (669)227-3579
FAX: (866)315-1954

Apple OSX CoreCrypto Module (Generic, Xeon)

Version 6.0
Intel Xeon w/ OSX 10.11 1/22/2016 ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: OnePassDH: (KARole: Initiator / Responder ) EC: P-256 ECDSA Val#826 SHS Val#3158 DRBG Val#1065 HMAC Val#2485

"Cryptographic library offering various cryptographic mechanisms to Apple frameworks. The testing applies to user space and generic, non-optimized software."

727
All of SP800-56A EXCEPT KDF
SP800-56A
Apple Inc.
1 Infinite Loop
Cupertino, CA 95014
USA

-Shawn Geddis
TEL: (669)227-3579
FAX: (866)315-1954

Apple OSX CoreCrypto Module (Generic, i7 32bit)

Version 6.0
Intel i7 w/ OSX 10.11 1/22/2016 ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: OnePassDH: (KARole: Initiator / Responder ) EC: P-256 ECDSA Val#825 SHS Val#3157 DRBG Val#1064 HMAC Val#2484

"Cryptographic library offering various cryptographic mechanisms to Apple frameworks. The testing applies to user space and generic, non-optimized software compiled for 32bit word size."

726
All of SP800-56A EXCEPT KDF
SP800-56A
Apple Inc.
1 Infinite Loop
Cupertino, CA 95014
USA

-Shawn Geddis
TEL: (669)227-3579
FAX: (866)315-1954

Apple OSX CoreCrypto Module (Generic, i7)

Version 6.0
Intel i7 w/ OSX 10.11 1/22/2016 ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: OnePassDH: (KARole: Initiator / Responder ) EC: P-256 ECDSA Val#824 SHS Val#3156 DRBG Val#1063 HMAC Val#2483

"Cryptographic library offering various cryptographic mechanisms to Apple frameworks. The testing applies to user space and generic, non-optimized software."

725
All of SP800-56A EXCEPT KDF
SP800-56A
Apple Inc.
1 Infinite Loop
Cupertino, CA 95014
USA

-Shawn Geddis
TEL: (669)227-3579
FAX: (866)315-1954

Apple OSX CoreCrypto Module (Generic, i5 32bit)

Version 6.0
Intel i5 w/ OSX 10.11 1/22/2016 ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: OnePassDH: (KARole: Initiator / Responder ) EC: P-256 ECDSA Val#823 SHS Val#3155 DRBG Val#1062 HMAC Val#2482

"Cryptographic library offering various cryptographic mechanisms to Apple frameworks. The testing applies to user space and generic, non-optimized software compiled for 32bit word size."

724
All of SP800-56A EXCEPT KDF
SP800-56A
Apple Inc.
1 Infinite Loop
Cupertino, CA 95014
USA

-Shawn Geddis
TEL: (669)227-3579
FAX: (866)315-1954

Apple OSX CoreCrypto Module (Generic, Core M 32bit)

Version 6.0
Core M w/ OSX 10.11 1/22/2016 ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: OnePassDH: (KARole: Initiator / Responder ) EC: P-256 ECDSA Val#822 SHS Val#3154 DRBG Val#1061 HMAC Val#2481

"Cryptographic library offering various cryptographic mechanisms to Apple frameworks. The testing applies to user space and generic, non-optimized software compiled for 32bit word size."

723
All of SP800-56A EXCEPT KDF
SP800-56A
Apple Inc.
1 Infinite Loop
Cupertino, CA 95014
USA

-Shawn Geddis
TEL: (669)227-3579
FAX: (866)315-1954

Apple OSX CoreCrypto Module (Generic, i5)

Version 6.0
Intel i5 w/ OSX 10.11 1/22/2016 ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: OnePassDH: (KARole: Initiator / Responder ) EC: P-256 ECDSA Val#821 SHS Val#3153 DRBG Val#1060 HMAC Val#2480

"Cryptographic library offering various cryptographic mechanisms to Apple frameworks. The testing applies to user space and generic, non-optimized software."

722
All of SP800-56A EXCEPT KDF
SP800-56A
Apple Inc.
1 Infinite Loop
Cupertino, CA 95014
USA

-Shawn Geddis
TEL: (669)227-3579
FAX: (866)315-1954

Apple OSX CoreCrypto Module (Generic, Core M)

Version 6.0
Core M w/ OSX 10.11 1/22/2016 ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: OnePassDH: (KARole: Initiator / Responder ) EC: P-256 ECDSA Val#820 SHS Val#3152 DRBG Val#1059 HMAC Val#2479

"Cryptographic library offering various cryptographic mechanisms to Apple frameworks. The testing applies to user space and generic, non-optimized software."

721
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Athena SCS / NXP
16615 Lark Ave.
Suite 202
Los Gatos, CA 95032
USA

-Dr. Ron Burnett
TEL: +44 131 603 6320
FAX: +44 131 777 8150

Athena OS755 KAS Component For P60 (OS755_ePassport_P60D144)

Version 001 (Firmware)
Part # P60D144
NXP P60 1/22/2016 Curves tested: P-224   P-256   P-384   P-521

"SP 800-56A"

720
Signature Generation of hash sized messages
FIPS186-4 ECDSA
INTEGRITY Security Services
7585 Irvine Center Dr.
Suite 250
Irvine, CA 92618
USA

-David Sequino
TEL: 206-310-6795
FAX: 978-383-0560

-Douglas Kovach
TEL: 727-781-4909
FAX: 727-781-2915

INTEGRITY Security Services High Assurance Embedded Cryptographic Toolkit - ECDSA

Version 3.0
FreeRTOS 7.6 running on Cubic PU-4 (ST-Micro STM32F4xxx/ARM Cortex-M4) 1/15/2016 ECDSA SigGen Component: CURVES( P-256 P-384 P-521 )

"ISS ECT is a standards-based cryptographic toolkit providing a flexible framework to integrate encryption, digital signatures and other security mechanisms into a wide range of applications. It is designed to support multiple cryptographic providers with a single common API, easily targeted to a variety of Operating Systems."

719
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Gemalto
Avenue du Jujubier
Z.I Athelia IV
La Ciotat, 13705
France

-Florence DEFRANCE
TEL: +33 442366734
FAX: +33 442365792

-Arnaud LOTIGIER
TEL: +33 442366074
FAX: +33 442365545

IFX SLE78 Gemalto cryptographic library for IDCore 30 rev B

Version 1.2 (Firmware)
Part # IFX SLE78CFX3000PH
Infineon SLE78 chip family 1/15/2016 Curves tested: P-224   P-256   P-384   P-521

"IDCore 30 rev B is a highly secured smartcard platform compliant with Javacard 2.2.2, Global Platform 2.1.1 & 2.2 Amendment D standards, designed to operate with Infineon SLE78 chip family. The library implements TDEA, AES, AES-CMAC, SHA1-224-256-384-512, RSA, RSA CRT, ECDSA, ECC CDH, SP800-108 KDF and SP800-90A DRBG."

718
Section 4.1.1,
IKEv1
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Aruba, a Hewlett Packard Enterprise company
1344 Crossman Avenue
Sunnyvale, CA 94089
USA

-Steve Weingart
TEL: 512-319-2480

ArubaOS OpenSSL Module

Version AOS_VMC_6.4.2.0-3.0-FIPS (Firmware)
Intel x86, i7 1/15/2016 IKEv1( AUTH( DSA , PSK ) ) ( 2048 (SHA 1 , 256 , 384 ) ) SHA Val#3145 HMAC Val#2474
TLS( TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#3145 HMAC Val#2474
SSH (SHA 1 ) SHA Val#3145
SNMP SHA1 Val#3145

"Linux on Intel"

02/05/16: Updated vendor information;
01/05/17: Updated vendor and implementation information;

717
RSADP Primitive
FIPS186-4 RSA; RSADP
RSA, The Security Division of EMC
174 Middlesex Turnpike
Bedford, MA 01730
USA

-Rohit Mathur
TEL: +61730325220

RSA BSAFE Crypto-C Micro Edition

Version 4.1.0.1
ARMv7 (32-bit) w/ Linaro Linux 3.10.68 1/15/2016 RSADP: (Mod2048)

"RSA BSAFE® Crypto-C ME software is designed to help protect sensitive data as it is stored using strong encryption techniques to provide a persistent level of protection. The software supports a wide range of industry standard encryption algorithms offering developers the flexibility to choose the appropriate option to meet their requirements."

716
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
RSA, The Security Division of EMC
174 Middlesex Turnpike
Bedford, MA 01730
USA

-Rohit Mathur
TEL: +61730325220

RSA BSAFE Crypto-C Micro Edition

Version 4.1.0.1
ARMv7 (32-bit) w/ Linaro Linux 3.10.68 1/15/2016 RSASP1: (Mod2048: PKCS1.5 )

"RSA BSAFE® Crypto-C ME software is designed to help protect sensitive data as it is stored using strong encryption techniques to provide a persistent level of protection. The software supports a wide range of industry standard encryption algorithms offering developers the flexibility to choose the appropriate option to meet their requirements."

715
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
RSA, The Security Division of EMC
174 Middlesex Turnpike
Bedford, MA 01730
USA

-Rohit Mathur
TEL: +61730325220

RSA BSAFE Crypto-C Micro Edition

Version 4.1.0.1
ARMv7 (32-bit) w/ Linaro Linux 3.10.68 1/15/2016 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"RSA BSAFE® Crypto-C ME software is designed to help protect sensitive data as it is stored using strong encryption techniques to provide a persistent level of protection. The software supports a wide range of industry standard encryption algorithms offering developers the flexibility to choose the appropriate option to meet their requirements."

714
Section 4.2,
TLS
Section 5.1,
ANS X9.63-2001
SP800-135
RSA, The Security Division of EMC
174 Middlesex Turnpike
Bedford, MA 01730
USA

-Rohit Mathur
TEL: +61730325220

RSA BSAFE Crypto-C Micro Edition

Version 4.1.0.1
ARMv7 (32-bit) w/ Linaro Linux 3.10.68 1/15/2016 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#3137 HMAC Val#2467
ANSX963_2001 (SHS 224 , 256 , 384 , 512 ) SHA Val#3137

"RSA BSAFE® Crypto-C ME software is designed to help protect sensitive data as it is stored using strong encryption techniques to provide a persistent level of protection. The software supports a wide range of industry standard encryption algorithms offering developers the flexibility to choose the appropriate option to meet their requirements."

713
All of SP800-56A EXCEPT KDF
SP800-56A
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

Brocade Cryptographic Library used in the interface module

Version BRCD-LP-CRYPTO-VER-1.0a (Firmware)
Freescale 1/15/2016 ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 ECDSA Val#809 SHS Val#934 DRBG Val#684

"Brocade cryptographic library used in the IPSec module implements crypto operations in hardware and in software. The Brocade MLXe series provides industry leading wire-speed port capacity without compromising the performance of advanced capabilities such as IPSec, IKEv2, IPv6, MPLS, and MPLS Virtual Private Networks (VPNs)."

712
All of SP800-56A EXCEPT KDF
SP800-56A
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408330480

Brocade Cryptographic Library used in the interface module

Version BRCD-LP-CRYPTO-VER-1.0a (Firmware)
Freescale 1/15/2016 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: Full Validation )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FC SHS Val#934 DRBG Val#684

"Brocade cryptographic library used in the IPSec module implements crypto operations in hardware and in software. The Brocade MLXe series provides industry leading wire-speed port capacity without compromising the performance of advanced capabilities such as IPSec, IKEv2, IPv6, MPLS, and MPLS Virtual Private Networks (VPNs)."

711
Section 4.2,
TLS
SP800-135
ARX (Algorithmic Research)
10 Nevatim St
Petah-Tikva, Israel 49561
Israel

-Ezer Farhi
TEL: 972-3-9279529

CoSign REST-WS

Version 7.7 (Firmware)
Intel® Pentium Dual-Core 1/15/2016 TLS( TLS1.0/1.1 ) SHA Val#3136 HMAC Val#2466

"CoSign is a digital signature appliance that is connected to the organizational network and manages all signature keys and certificates of organization''''s end-users. End-users will connect securely to CoSign from their PC for the purpose of signing documents and data."

710
Section 5.2, SSH
SP800-135
AirTight® Networks
339 N. Bernardo Avenue
Suite 200
Mountain View, CA 94043
USA

-Hemant Chaskar
TEL: (650) 961-1111
FAX: (650) 961-1169

AirTight Sensor Cryptographic Engine

Version 7.2.FIPS.04 (Firmware)
Qualcomm AR9558 12/28/2015 SSH (SHA 1 ) SHA Val#3135

"Implementation performs wireless intrusion detection and prevention. It monitors radio channels to ensure conformance of wireless activity to security policy. It mitigates various types of wireless security violations such as rogue wireless networks, unauthorized wireless connections, network mis-configurations and DoS attacks."

709
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
HPE Data Security
20400 Stevens Creek Blv
Suite 500
Cupertino, CA 95014
USA

-Luther Martin
TEL: (408)886-3200
FAX: (408)886-3201

Voltage Cryptographic Module v.5.0

Version 5.0
CPU Intel Itanium 9300, model NB54000c w/ HP NonStop TNS/E J06.19.00 - OSS; CPU Intel Xeon E5-2600 v2 with AES-NI, model NS7 X1 w/ HP NonStop TNS/X L15.08.00 – OSS 12/18/2015 Curves tested: P-224   P-256   P-384   P-521

"The Voltage Cryptographic Module provides the Validated algorithms used by the HP SecureMail, HP SecureFile and HP SecureData families of products."

03/07/16: Updated implementation information;
04/12/16: Updated implementation information;

708
Section 4.2,
TLS
SP800-135
Seagate Technology, LLC.
380 Disc Drive
Longmont, CO 80503
USA

-Harshad S Thakar
TEL: 720 684 2580

800-135 KDF in Firmware

Version 1.0 (Firmware)
ARM Cortex-R Family 12/18/2015 TLS( TLS1.2 (SHA 256 , 384 ) ) SHA Val#1225 HMAC Val#1597

"800-135 KDF Implementation in Seagate''s Self-Encrypting Drives (SEDs)."

707
All of SP800-56A EXCEPT KDF
SP800-56A
Seagate Technology, LLC.
380 Disc Drive
Longmont, CO 80503
USA

-Harshad S Thakar
TEL: 720 684 2580

800-56A KAS FFC in Firmware

Version 1.0 (Firmware)
ARM Cortex-R Family 12/18/2015 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: Ephem: (KARole: Initiator ) FB SHS Val#1225 DRBG Val#62

"800-56A Key Agreement Scheme (Finite Field Cryptography) based implementation in Seagate''s Self-Encrypting Drives (SEDs)"

706
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Legion of the Bouncy Castle Inc.
85 The Crescent
Ascot Vale, Victoria 3032
Australia

-David Hook
TEL: +61438170390

-Jon Eaves
TEL: +61417502969

Bouncy Castle FIPS Java API

Version 1.0.0
Intel Xeon E5 v3 w/ Java SE Runtime Env 7 on Solaris 11 on vSphere 6; Intel Xeon E5 v3 w/ Java SE Runtime Env 8 on Centos 6.4 on vSphere 6; Intel Xeon ES-2697 V3 w/ Ubuntu 14.04 L TS on VMWare ESXi 6.0 12/18/2015 RSASP1: (Mod2048: PKCS1.5 )

"The Bouncy Castle FIPS Java API is a comprehensive suite of FIPS Approved algorithms implemented in pure Java. All key sizes and modes have been implemented to allow flexibility and efficiency, and additional algorithms are available in non-approved operation as well."

06/23/17: Added new tested information;
07/03/17: Added new tested information;
08/11/17: Updated implementation information;

705
Signature Generation of hash sized messages
FIPS186-4 ECDSA
Legion of the Bouncy Castle Inc.
85 The Crescent
Ascot Vale, Victoria 3032
Australia

-David Hook
TEL: +61438170390

-Jon Eaves
TEL: +61417502969

Bouncy Castle FIPS Java API

Version 1.0.0
Intel Xeon E5 v3 w/ Java SE Runtime Env 7 on Solaris 11 on vSphere 6; Intel Xeon E5 v3 w/ Java SE Runtime Env 8 on Centos 6.4 on vSphere 6; Intel Xeon ES-2697 V3 w/ Ubuntu 14.04 L TS on VMWare ESXi 6.0 12/18/2015 ECDSA SigGen Component: CURVES( P-224 P-256 P-384 P-521 K-233 K-283 K-409 K-571 B-233 B-283 B-409 B-571 )

"The Bouncy Castle FIPS Java API is a comprehensive suite of FIPS Approved algorithms implemented in pure Java. All key sizes and modes have been implemented to allow flexibility and efficiency, and additional algorithms are available in non-approved operation as well."

07/03/17: Added new tested information;
07/03/17: Added new tested information;

704
Section 4.1.2,
IKEv2
Section 4.2,
TLS
Section 5.1,
ANS X9.63-2001
Section 5.2, SSH
Section 5.3, SRTP
SP800-135
Legion of the Bouncy Castle Inc.
85 The Crescent
Ascot Vale, Victoria 3032
Australia

-David Hook
TEL: +61438170390

-Jon Eaves
TEL: +61417502969

Bouncy Castle FIPS Java API

Version 1.0.0
Intel Xeon E5 v3 w/ Java SE Runtime Env 7 on Solaris 11 on vSphere 6; Intel Xeon E5 v3 w/ Java SE Runtime Env 8 on Centos 6.4 on vSphere 6; Intel Xeon ES-26971 V3 w/ Ubuntu 14.04 L TS on VMWare ESXi 6.0 12/18/2015 IKEv2( ( 224 (SHA 1 , 224 , 256 , 384 , 512 ) ) ( 8192 (SHA 1 , 224 , 256 , 384 , 512 ) ) ( 384 (SHA 1 , 224 , 256 , 384 , 512 ) ) SHA Val#3126 HMAC Val#2458
TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#3126 HMAC Val#2458
ANSX963_2001 (SHS 224 , 256 , 384 , 512 ) SHA Val#3126
SSH (SHA 1 , 224 , 256 , 384 , 512 ) SHA Val#3126
SRTP (AES 128 , 192 , 256 ) AES Val#3756

"The Bouncy Castle FIPS Java API is a comprehensive suite of FIPS Approved algorithms implemented in pure Java. All key sizes and modes have been implemented to allow flexibility and efficiency, and additional algorithms are available in non-approved operation as well."

06/23/17: Added new tested information;
08/11/17: Updated implementation information;

703
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Huawei Device(Dongguan) Co., Ltd.
B2-5 of Nanfang Factory
No.2 of Xincheng Rd
Songshan Lake Science & Technology Industrial Zone
Dongguan, Guangdong 523808
China

-Tailiang Hong
TEL: 86-755-36376922

-Blue Lee
TEL: 86-755-28976679

Huawei OpenSSL

Version OpenSSL 1.0.1h
HiSilicon K3V3+ w/ Android 5.0 12/18/2015 Curves tested: P-256   P-384   P-521

"General purpose cryptographic module available for Android used by Huawei devices. A variety of cryptographic services are provided, including AES, RSA, SHA, HMAC, CMAC, ECDSA, CTR_DRBG, etc."

05/17/16: Updated vendor information and added new tested information;

702
Section 5.2, SSH
SP800-135
Red Hat, Inc.
100 E. Davie Street
Raleigh, NC 27601
USA

-Jaroslav Reznik

OpenSSH Server (KDF 800-135) for IBM/S390 64 bit

Version 4.0
IBM/S390 w/ Red Hat Enterprise Linux 7.1 12/18/2015 SSH (SHA 1 , 256 , 384 , 512 ) SHA Val#3069

"KDF for IBM/S390 64 bit"

701
Section 5.2, SSH
SP800-135
Red Hat, Inc.
100 E. Davie Street
Raleigh, NC 27601
USA

-Jaroslav Reznik

OpenSSH Server (KDF 800-135) for Intel x86 64 bit

Version 4.0
Intel x86 w/ Red Hat Enterprise Linux 7.1 12/18/2015 SSH (SHA 1 , 256 , 384 , 512 ) SHA Val#3061

"KDF for Intel x86 64 bit"

700
Section 5.2, SSH
SP800-135
Red Hat, Inc.
100 E. Davie Street
Raleigh, NC 27601
USA

-Jaroslav Reznik

OpenSSH Server (KDF 800-135) for IBM Power 8E 64 bit

Version 4.0
IBM Power 8E w/ Red Hat Enterprise Linux 7.1 12/18/2015 SSH (SHA 1 , 256 , 384 , 512 ) SHA Val#3059

"KDF for IBM Power 8E LE 64 bit"

699
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
OpenSSL Software Foundation, Inc.
1829 Mount Ephraim Road
Adamstown, MD 27101
USA

-Steve Marquess
TEL: 301-874-2571

OpenSSL FIPS Object Module

Version 2.0.12
Intel Atom E3845 (x86) without AES-NI optimizations w/ Linux 3.10 32-bit; Intel Atom E3845 (x86) with AES-NI optimizations w/ Linux 3.10 32-bit 1/22/2016 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"The OpenSSL FIPS Object Module is a full featured general purpose cryptographic library that is distributed in source code form under an open source license. It can be downloaded from www.openssl.org/source/."

08/04/15: Added new tested information;
09/04/15: Added new tested information;
10/22/15: Added new tested information;
10/30/15: Updated implementation information information;

698
All of SP800-56A EXCEPT KDF
SP800-56A
Apple Inc.
1 Infinite Loop
Cupertino, CA 95014
USA

-Shawn Geddis
TEL: (669)227-3579
FAX: (866)315-1954

Apple iOS CoreCrypto Module (Generic, A8 32bit)

Version 6.0
Apple A8 w/ iOS 9 12/18/2015 ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: OnePassDH: (KARole: Initiator / Responder ) EC: P-256 ECDSA Val#793 SHS Val#3113 DRBG Val#1019 HMAC Val#2444

"Cryptographic library offering various cryptographic mechanisms to Apple frameworks. The testing applies to user space and generic, non-optimized software compiled for 32bit word size."

697
Section 4.2,
TLS
SP800-135
ARX (Algorithmic Research)
10 Nevatim St
Petah-Tikva, Israel 49561
Israel

-Ezer Farhi
TEL: 972-3-9279529

CoSign CKIT

Version 5.0.4 (Firmware)
Intel® Pentium Dual-Core 12/18/2015 TLS( TLS1.0/1.1 ) SHA Val#3109 HMAC Val#2441

"CoSign is a digital signature appliance that is connected to the organizational network and manages all signature keys and certificates of organization''''s end-users. End-users will connect securely to CoSign from their PC for the purpose of signing documents and data."

696
All of SP800-56A EXCEPT KDF
SP800-56A
Thales e-Security Inc.
900 South Pine Island Road
Suite 710
Plantation, FL 33324
USA

-sales@thalesesec.com
TEL: 888-744-4976

nShield X Algorithm Library - Firmware SCA

Version 1.0 (Firmware)
Freescale PowerPC 12/18/2015 ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG Partial Validation )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 OnePassDH: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 StaticUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 ECDSA Val#790 SHS Val#3082 DRBG Val#985

"The nShield algorithm X library provides cryptographic functionality for Thales nShield Hardware Security Modules."

695
All of SP800-56A EXCEPT KDF
SP800-56A
Apple Inc.
1 Infinite Loop
Cupertino, CA 95014
USA

-Shawn Geddis
TEL: (669)227-3579
FAX: (866)315-1954

Apple iOS CoreCrypto Module (Generic, A9X 32bit)

Version 6.0
Apple A9X w/ iOS 9 12/18/2015 ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: OnePassDH: (KARole: Initiator / Responder ) EC: P-256 ECDSA Val#789 SHS Val#3108 DRBG Val#1016 HMAC Val#2440

"Cryptographic library offering various cryptographic mechanisms to Apple frameworks. The testing applies to user space and generic, non-optimized software compiled for 32bit word size."

694
All of SP800-56A EXCEPT KDF
SP800-56A
Apple Inc.
1 Infinite Loop
Cupertino, CA 95014
USA

-Shawn Geddis
TEL: (669)227-3579
FAX: (866)315-1954

Apple iOS CoreCrypto Module (Generic, A9X)

Version 6.0
Apple A9X w/ iOS 9 12/18/2015 ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: OnePassDH: (KARole: Initiator / Responder ) EC: P-256 ECDSA Val#788 SHS Val#3107 DRBG Val#1015 HMAC Val#2439

"Cryptographic library offering various cryptographic mechanisms to Apple frameworks. The testing applies to user space and generic, non-optimized software."

693
All of SP800-56A EXCEPT KDF
SP800-56A
Apple Inc.
1 Infinite Loop
Cupertino, CA 95014
USA

-Shawn Geddis
TEL: (669)227-3579
FAX: (866)315-1954

Apple iOS CoreCrypto Module (Generic, A9 32bit)

Version 6.0
Apple A9 w/ iOS 9 12/18/2015 ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: OnePassDH: (KARole: Initiator / Responder ) EC: P-256 ECDSA Val#787 SHS Val#3106 DRBG Val#1014 HMAC Val#2438

"Cryptographic library offering various cryptographic mechanisms to Apple frameworks. The testing applies to user space and generic, non-optimized software compiled for 32bit word size."

692
All of SP800-56A EXCEPT KDF
SP800-56A
Apple Inc.
1 Infinite Loop
Cupertino, CA 95014
USA

-Shawn Geddis
TEL: (669)227-3579
FAX: (866)315-1954

Apple iOS CoreCrypto Module (Generic, A9)

Version 6.0
Apple A9 w/ iOS 9 12/18/2015 ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: OnePassDH: (KARole: Initiator / Responder ) EC: P-256 ECDSA Val#786 SHS Val#3105 DRBG Val#1013 HMAC Val#2437

"Cryptographic library offering various cryptographic mechanisms to Apple frameworks. The testing applies to user space and generic, non-optimized software."

691
All of SP800-56A EXCEPT KDF
SP800-56A
Apple Inc.
1 Infinite Loop
Cupertino, CA 95014
USA

-Shawn Geddis
TEL: (669)227-3579
FAX: (866)315-1954

Apple iOS CoreCrypto Module (Generic, A8X 32bit)

Version 6.0
Apple A8X w/ iOS 9 12/18/2015 ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: OnePassDH: (KARole: Initiator / Responder ) EC: P-256 ECDSA Val#785 SHS Val#3104 DRBG Val#1012 HMAC Val#2436

"Cryptographic library offering various cryptographic mechanisms to Apple frameworks. The testing applies to user space and generic, non-optimized software compiled for 32bit word size."

690
All of SP800-56A EXCEPT KDF
SP800-56A
Apple Inc.
1 Infinite Loop
Cupertino, CA 95014
USA

-Shawn Geddis
TEL: (669)227-3579
FAX: (866)315-1954

Apple iOS CoreCrypto Module (Generic, A8X)

Version 6.0
Apple A8X w/ iOS 9 12/18/2015 ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: OnePassDH: (KARole: Initiator / Responder ) EC: P-256 ECDSA Val#784 SHS Val#3103 DRBG Val#1011 HMAC Val#2435

"Cryptographic library offering various cryptographic mechanisms to Apple frameworks. The testing applies to user space and generic, non-optimized software."

689
All of SP800-56A EXCEPT KDF
SP800-56A
Apple Inc.
1 Infinite Loop
Cupertino, CA 95014
USA

-Shawn Geddis
TEL: (669)227-3579
FAX: (866)315-1954

Apple iOS CoreCrypto Module (Generic, A8)

Version 6.0
Apple A8 w/ iOS 9 12/18/2015 ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: OnePassDH: (KARole: Initiator / Responder ) EC: P-256 ECDSA Val#783 SHS Val#3102 DRBG Val#1010 HMAC Val#2434

"Cryptographic library offering various cryptographic mechanisms to Apple frameworks. The testing applies to user space and generic, non-optimized software."

688
All of SP800-56A EXCEPT KDF
SP800-56A
Apple Inc.
1 Infinite Loop
Cupertino, CA 95014
USA

-Shawn Geddis
TEL: (669)227-3579
FAX: (866)315-1954

Apple iOS CoreCrypto Module (Generic, A7 32bit)

Version 6.0
Apple A7 w/ iOS 9 12/18/2015 ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: OnePassDH: (KARole: Initiator / Responder ) EC: P-256 ECDSA Val#782 SHS Val#3101 DRBG Val#1009 HMAC Val#2433

"Cryptographic library offering various cryptographic mechanisms to Apple frameworks. The testing applies to user space and generic, non-optimized software compiled for 32bit word size."

687
All of SP800-56A EXCEPT KDF
SP800-56A
Apple Inc.
1 Infinite Loop
Cupertino, CA 95014
USA

-Shawn Geddis
TEL: (669)227-3579
FAX: (866)315-1954

Apple iOS CoreCrypto Module (Generic, A7)

Version 6.0
Apple A7 w/ iOS 9 12/18/2015 ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: OnePassDH: (KARole: Initiator / Responder ) EC: P-256 ECDSA Val#781 SHS Val#3100 DRBG Val#1008 HMAC Val#2432

"Cryptographic library offering various cryptographic mechanisms to Apple frameworks. The testing applies to user space and generic, non-optimized software."

686
All of SP800-56A EXCEPT KDF
SP800-56A
Apple Inc.
1 Infinite Loop
Cupertino, CA 95014
USA

-Shawn Geddis
TEL: (669)227-3579
FAX: (866)315-1954

Apple iOS CoreCrypto Module (Generic, A6X)

Version 6.0
Apple A6X w/ iOS 9 12/18/2015 ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: OnePassDH: (KARole: Initiator / Responder ) EC: P-256 ECDSA Val#780 SHS Val#3099 DRBG Val#1007 HMAC Val#2431

"Cryptographic library offering various cryptographic mechanisms to Apple frameworks. The testing applies to user space and generic, non-optimized software."

685
All of SP800-56A EXCEPT KDF
SP800-56A
Apple Inc.
1 Infinite Loop
Cupertino, CA 95014
USA

-Shawn Geddis
TEL: (669)227-3579
FAX: (866)315-1954

Apple iOS CoreCrypto Module (Generic, A6)

Version 6.0
Apple A6 w/ iOS 9 12/18/2015 ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: OnePassDH: (KARole: Initiator / Responder ) EC: P-256 ECDSA Val#779 SHS Val#3098 DRBG Val#1006 HMAC Val#2430

"Cryptographic library offering various cryptographic mechanisms to Apple frameworks. The testing applies to user space and generic, non-optimized software."

684
All of SP800-56A EXCEPT KDF
SP800-56A
Apple Inc.
1 Infinite Loop
Cupertino, CA 95014
USA

-Shawn Geddis
TEL: (669)227-3579
FAX: (866)315-1954

Apple iOS CoreCrypto Module (Generic, A5X)

Version 6.0
Apple A5X w/ iOS 9 12/18/2015 ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: OnePassDH: (KARole: Initiator / Responder ) EC: P-256 ECDSA Val#778 SHS Val#3097 DRBG Val#1005 HMAC Val#2429

"Cryptographic library offering various cryptographic mechanisms to Apple frameworks. The testing applies to user space and generic, non-optimized software."

683
All of SP800-56A EXCEPT KDF
SP800-56A
Apple Inc.
1 Infinite Loop
Cupertino, CA 95014
USA

-Shawn Geddis
TEL: (669)227-3579
FAX: (866)315-1954

Apple iOS CoreCrypto Module (Generic, A5)

Version 6.0
Apple A5 w/ iOS 9 12/18/2015 ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: OnePassDH: (KARole: Initiator / Responder ) EC: P-256 ECDSA Val#777 SHS Val#3096 DRBG Val#1004 HMAC Val#2428

"Cryptographic library offering various cryptographic mechanisms to Apple frameworks. The testing applies to user space and generic, non-optimized software."

682
All of SP800-56A EXCEPT KDF
SP800-56A
Thales e-Security Inc.
900 South Pine Island Road
Suite 710
Plantation, FL 33324
USA

-sales@thalesesec.com
TEL: 888-744-4976

nShield X Algorithm Library - Cryptographic Accelerator

Part # ICG00169-00-01
N/A 12/11/2015 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG   Partial Validation )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC OneFlow: (KARole: Initiator / Responder ) FB FC Static: (KARole: Initiator / Responder ) FB FC DSA Val#1039 SHS Val#3082 DRBG Val#985
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG Partial Validation )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 OnePassDH: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 StaticUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 ECDSA Val#776 SHS Val#3082 DRBG Val#985

"The nShield algorithm X library provides cryptographic functionality for Thales nShield Hardware Security Modules."

03/31/17: Updated implementation information;
04/25/17: Updated implementation inforamtion;

681
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
SP800-135
Red Hat, Inc.
100 E. Davie Street
Raleigh, NC 27601
USA

-Jaroslav Reznik

Libreswan VPN implementation for Intel x86

Version 4.0
Intel x86 w/ Red Hat Enterprise Linux 7.1 12/11/2015 IKEv1( AUTH( DSA , PSK ) ) ( 224 (SHA 1 , 256 , 384 , 512 ) ) ( 8192 (SHA 1 , 256 , 384 , 512 ) ) ( 2048 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#2967 HMAC Val#2301
IKEv2( ( 224 (SHA 1 , 256 , 384 , 512 ) ) ( 8192 (SHA 1 , 256 , 384 , 512 ) ) ( 2048 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#2967 HMAC Val#2301

"Libreswan VPN implementation for Intel x86"

680
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
SP800-135
Red Hat, Inc.
100 E. Davie Street
Raleigh, NC 27601
USA

-aroslav Reznik

Libreswan VPN implementation for IBM/S390

Version 4.0
IBM/S390 w/ Red Hat Enterprise Linux 7.1 12/11/2015 IKEv1( AUTH( DSA , PSK ) ) ( 224 (SHA 1 , 256 , 384 , 512 ) ) ( 8192 (SHA 1 , 256 , 384 , 512 ) ) ( 2048 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#2971 HMAC Val#2305
IKEv2( ( 224 (SHA 1 , 256 , 384 , 512 ) ) ( 8192 (SHA 1 , 256 , 384 , 512 ) ) ( 2048 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#2971 HMAC Val#2305

"Libreswan VPN implementation for IBM/S390"

679
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
SP800-135
Red Hat, Inc.
100 E. Davie Street
Raleigh, NC 27601
USA

-Jaroslav Reznik

Libreswan VPN implementation for IBM Power 8E

Version 4.0
IBM Power 8E w/ Red Hat Enterprise Linux 7.1 12/11/2015 IKEv1( AUTH( DSA , PSK ) ) ( 224 (SHA 1 , 256 , 384 , 512 ) ) ( 8192 (SHA 1 , 256 , 384 , 512 ) ) ( 2048 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#2969 HMAC Val#2303
IKEv2( ( 224 (SHA 1 , 256 , 384 , 512 ) ) ( 8192 (SHA 1 , 256 , 384 , 512 ) ) ( 2048 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#2969 HMAC Val#2303

"Libreswan VPN implementation for IBM Power 8E"

678
Section 4.2,
TLS
SP800-135
Red Hat, Inc.
100 East Davie Street
Raleigh, NC 27601
USA

-Jaroslav Reznik

OpenSSL (C and assembler implementation with CPACF) 32 bit

Version 4.0
IBM/S390 w/ Red Hat Enterprise Linux 7.1 12/11/2015 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#3095 HMAC Val#2427

"User space library providing general cryptographic services which can be linked to from any program. The module was tested with 32bit word size."

677
All of SP800-56A EXCEPT KDF
SP800-56A
Red Hat, Inc.
100 East Davie Street
Raleigh, NC 27601
USA

-Jaroslav Reznik

OpenSSL (C and assembler implementation with CPACF) 32 bit

Version 4.0
IBM/S390 w/ Red Hat Enterprise Linux 7.1 12/11/2015 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation   Key Regeneration )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC DSA Val#1038 SHS Val#3095 RNG Val#1409 DRBG Val#1003
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation   Key Regeneration )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 EE: P-521 ECDSA Val#775 SHS Val#3095 RNG Val#1409 DRBG Val#1003

"User space library providing general cryptographic services which can be linked to from any program. The module was tested with 32bit word size."

676
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Siemens PLM Software
5800 Granite Parkway
Suite 600
Plano, TX 75024
USA

-Vikas Singh
TEL: 651-855-6176

Teamcenter Cryptographic Module

Version 3.0
AMD A4 w/ SUSE Linux 11.2 (x86_64); AMD A4 w/ Windows 7 SP1 (x86); AMD A4 w/ Windows 7 SP1 (x86_64); Intel Core i5 w/ Mac OS X 10.11 (x86_64) 12/11/2015 Curves tested: P-224   P-256   P-384   P-521

"Teamcenter powers innovation and productivity by connecting people and processes with knowledge. Teamcenter is the de facto standard for PLM deployment, providing solutions to drive business performance goals."

01/25/16: Updated implementation information;

675
Signature Generation of hash sized messages
FIPS186-4 ECDSA
SAP SE
Dietmar-Hopp-Allee 16
Walldorf, NRW 69190
Germany

-Stephan André
TEL: +49-6227-7-47474
FAX: +49-6227-78-55975

-Thomas Rothe
TEL: +49-6227-7-47474
FAX: +49-6227-78-55989

SAP CommonCryptoLib Crypto Kernel

Version 8.4.47.0
IBM POWER5 w/ AIX 5.2; IBM POWER7 w/ AIX 6.1 on hypervisor IBM PowerVM 2.2; HP 9000/800/rp3440 w/ HP-UX 11.11; Intel Itanium 2 w/ HP-UX 11.23; Intel Itanium 2 w/ HP-UX 11.31; APM X-Gene Mustang w/ Linux 3.12.0; Intel Itanium w/ Linux 2.6.32; IBM POWER7 w/ Linux 2.6.32 on hypervisor IBM PowerVM 2.2; IBM POWER8 with VCIPHER w/ Linux 3.0.101 on hypervisor IBM PowerVM 2.2; IBM S/390 (2817) w/ Linux 3.0.101 on hypervisor IBM z/VM 6.2.0; AMD Opteron w/ Linux 2.6.5; Intel Xeon with AES-NI w/ Linux 3.0.101 on hypervisor VMware ESXi 5.1.0; UltraSPARC-IIIi w/ SunOS 5.9; SPARC64-V w/ SunOS 5.10; Intel Xeon w/ SunOS 5.10; Intel Xeon w/ Windows Server 2008 SP2; Intel Xeon with AES-NI w/ Windows Server 2008 R2 SP1 on hypervisor VMware ESXi 5.1.0 12/11/2015 ECDSA SigGen Component: CURVES( P-224 P-256 P-384 P-521 )

"SAP CommonCryptoLib Crypto Kernel is a shared library, i.e. it consists of software only. SAP CommonCryptoLib Crypto Kernel provides an API in terms of C++ methods for key management and operation of cryptographic functions."

674
RSADP Primitive
FIPS186-4 RSA; RSADP
SAP SE
Dietmar-Hopp-Allee 16
Walldorf, NRW 69190
Germany

-Stephan André
TEL: +49-6227-7-47474
FAX: +49-6227-78-55975

-Thomas Rothe
TEL: +49-6227-7-47474
FAX: +49-6227-78-55989

SAP CommonCryptoLib Crypto Kernel

Version 8.4.47.0
IBM POWER5 w/ AIX 5.2; IBM POWER7 w/ AIX 6.1 on hypervisor IBM PowerVM 2.2; HP 9000/800/rp3440 w/ HP-UX 11.11; Intel Itanium 2 w/ HP-UX 11.23; Intel Itanium 2 w/ HP-UX 11.31; APM X-Gene Mustang w/ Linux 3.12.0; Intel Itanium w/ Linux 2.6.32; IBM POWER7 w/ Linux 2.6.32 on hypervisor IBM PowerVM 2.2; IBM POWER8 with VCIPHER w/ Linux 3.0.101 on hypervisor IBM PowerVM 2.2; IBM S/390 (2817) w/ Linux 3.0.101 on hypervisor IBM z/VM 6.2.0; AMD Opteron w/ Linux 2.6.5; Intel Xeon with AES-NI w/ Linux 3.0.101 on hypervisor VMware ESXi 5.1.0; UltraSPARC-IIIi w/ SunOS 5.9; SPARC64-V w/ SunOS 5.10; Intel Xeon w/ SunOS 5.10; Intel Xeon w/ Windows Server 2008 SP2; Intel Xeon with AES-NI w/ Windows Server 2008 R2 SP1 on hypervisor VMware ESXi 5.1.0 12/11/2015 RSADP: (Mod2048)

"SAP CommonCryptoLib Crypto Kernel is a shared library, i.e. it consists of software only. SAP CommonCryptoLib Crypto Kernel provides an API in terms of C++ methods for key management and operation of cryptographic functions."

673
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
SAP SE
Dietmar-Hopp-Allee 16
Walldorf, NRW 69190
Germany

-Stephan André
TEL: +49-6227-7-47474
FAX: +49-6227-78-55975

-Thomas Rothe
TEL: +49-6227-7-47474
FAX: +49-6227-78-55989

SAP CommonCryptoLib Crypto Kernel

Version 8.4.47.0
IBM POWER5 w/ AIX 5.2; IBM POWER7 w/ AIX 6.1 on hypervisor IBM PowerVM 2.2; HP 9000/800/rp3440 w/ HP-UX 11.11; Intel Itanium 2 w/ HP-UX 11.23; Intel Itanium 2 w/ HP-UX 11.31; APM X-Gene Mustang w/ Linux 3.12.0; Intel Itanium w/ Linux 2.6.32; IBM POWER7 w/ Linux 2.6.32 on hypervisor IBM PowerVM 2.2; IBM POWER8 with VCIPHER w/ Linux 3.0.101 on hypervisor IBM PowerVM 2.2; IBM S/390 (2817) w/ Linux 3.0.101 on hypervisor IBM z/VM 6.2.0; AMD Opteron w/ Linux 2.6.5; Intel Xeon with AES-NI w/ Linux 3.0.101 on hypervisor VMware ESXi 5.1.0; UltraSPARC-IIIi w/ SunOS 5.9; SPARC64-V w/ SunOS 5.10; Intel Xeon w/ SunOS 5.10; Intel Xeon w/ Windows Server 2008 SP2; Intel Xeon with AES-NI w/ Windows Server 2008 R2 SP1 on hypervisor VMware ESXi 5.1.0 12/11/2015 Curves tested: P-224   P-256   P-384   P-521

"SAP CommonCryptoLib Crypto Kernel is a shared library, i.e. it consists of software only. SAP CommonCryptoLib Crypto Kernel provides an API in terms of C++ methods for key management and operation of cryptographic functions."

672
Signature Generation of hash sized messages
FIPS186-4 ECDSA
SAP SE
Dietmar-Hopp-Allee 16
Walldorf, NRW 69190
Germany

-Stephan André
TEL: +49-6227-7-47474
FAX: +49-6227-78-55975

-Thomas Rothe
TEL: +49-6227-7-47474
FAX: +49-6227-78-55989

SAP CommonCryptoLib Crypto Kernel

Version 8.4.47.0
IBM POWER7 w/ AIX 6.1 on hypervisor IBM PowerVM 2.2; Intel Itanium 2 w/ HP-UX 11.31; IBM POWER7 w/ Linux 2.6.32 on hypervisor IBM PowerVM 2.2; AMD Opteron w/ Linux 2.6.32; Intel Xeon with AES-NI w/ Linux 3.0.101 on hypervisor VMware ESXi 5.1.0; SPARC64-V w/ SunOS 5.10; Intel Xeon w/ SunOS 5.10; Intel Xeon w/ Windows Server 2008 SP2; Intel Xeon with AES-NI w/ Windows Server 2008 R2 SP1 on hypervisor VMware ESXi 5.1.0 12/11/2015 ECDSA SigGen Component: CURVES( P-224 P-256 P-384 P-521 )

"SAP CommonCryptoLib Crypto Kernel is a shared library, i.e. it consists of software only. SAP CommonCryptoLib Crypto Kernel provides an API in terms of C++ methods for key management and operation of cryptographic functions."

671
RSADP Primitive
FIPS186-4 RSA; RSADP
SAP SE
Dietmar-Hopp-Allee 16
Walldorf, NRW 69190
Germany

-Stephan André
TEL: +49-6227-7-47474
FAX: +49-6227-78-55975

-Thomas Rothe
TEL: +49-6227-7-47474
FAX: +49-6227-78-55989

SAP CommonCryptoLib Crypto Kernel

Version 8.4.47.0
IBM POWER7 w/ AIX 6.1 on hypervisor IBM PowerVM 2.2; Intel Itanium 2 w/ HP-UX 11.31; IBM POWER7 w/ Linux 2.6.32 on hypervisor IBM PowerVM 2.2; AMD Opteron w/ Linux 2.6.32; Intel Xeon with AES-NI w/ Linux 3.0.101 on hypervisor VMware ESXi 5.1.0; SPARC64-V w/ SunOS 5.10; Intel Xeon w/ SunOS 5.10; Intel Xeon w/ Windows Server 2008 SP2; Intel Xeon with AES-NI w/ Windows Server 2008 R2 SP1 on hypervisor VMware ESXi 5.1.0 12/11/2015 RSADP: (Mod2048)

"SAP CommonCryptoLib Crypto Kernel is a shared library, i.e. it consists of software only. SAP CommonCryptoLib Crypto Kernel provides an API in terms of C++ methods for key management and operation of cryptographic functions."

670
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
SAP SE
Dietmar-Hopp-Allee 16
Walldorf, NRW 69190
Germany

-Stephan André
TEL: +49-6227-7-47474
FAX: +49-6227-78-55975

-Thomas Rothe
TEL: +49-6227-7-47474
FAX: +49-6227-78-55989

SAP CommonCryptoLib Crypto Kernel

Version 8.4.47.0
IBM POWER7 w/ AIX 6.1 on hypervisor IBM PowerVM 2.2; Intel Itanium 2 w/ HP-UX 11.31; IBM POWER7 w/ Linux 2.6.32 on hypervisor IBM PowerVM 2.2; AMD Opteron w/ Linux 2.6.32; Intel Xeon with AES-NI w/ Linux 3.0.101 on hypervisor VMware ESXi 5.1.0; SPARC64-V w/ SunOS 5.10; Intel Xeon w/ SunOS 5.10; Intel Xeon w/ Windows Server 2008 SP2; Intel Xeon with AES-NI w/ Windows Server 2008 R2 SP1 on hypervisor VMware ESXi 5.1.0 12/11/2015 Curves tested: P-224   P-256   P-384   P-521

"SAP CommonCryptoLib Crypto Kernel is a shared library, i.e. it consists of software only. SAP CommonCryptoLib Crypto Kernel provides an API in terms of C++ methods for key management and operation of cryptographic functions."

669
All of SP800-56A EXCEPT KDF
SP800-56A
Thales e-Security Inc.
900 South Pine Island Road
Suite 710
Plantation, FL 33324
USA

-sales@thalesesec.com
TEL: 888-744-4976

nShield X Algorithm Library - Firmware

Version 1.0 (Firmware)
Freescale PowerPC 12/11/2015 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG   Partial Validation )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC OneFlow: (KARole: Initiator / Responder ) FB FC Static: (KARole: Initiator / Responder ) FB FC DSA Val#1034 SHS Val#3082 DRBG Val#985
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG Partial Validation )
SCHEMES: FullMQV: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: EphemUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 OnePassDH: (KARole: Initiator ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 StaticUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 ECDSA Val#771 SHS Val#3082 DRBG Val#985

"The nShield algorithm X library provides cryptographic functionality for Thales nShield Hardware Security Modules."

01/26/17: Added new tested information;

668
Section 5.2, SSH
SP800-135
Juniper Networks, Inc.
1194 North Mathilda Avenue
Sunnyvale, CA 94089
USA

-Shivakumar Muttur
TEL: +91 8061211850

-Balachandra Shanabhag
TEL: +91 8061219144

OpenSSL Crypto Lib

Version 14.1X53-D30.3 (Firmware)
Part # na
Freescale e500mc PowerPC 12/4/2015 SSH (SHA 256 , 384 , 512 ) SHA Val#3073

"Comprehensive, scalable and secure switching & routing solutions specifically designed to meet the needs of campus, enterprises and service providers. All of our switches & routers - core, Multiservice edge and edge Ethernet - run on one common operating system- Junos."

667
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
Section 4.2,
TLS
SP800-135
Information Assurance Specialists, Inc.
900 Route 168
Suite C4
Turnersville, NJ 08012
USA

-William Morgan
TEL: 856-581-8033 x1006
FAX: 856-228-1265

-Keiron Tomasso
TEL: 856-581-8033 x1001
FAX: 856-228-1265

IAS Router IPSec

Version b6ae42e - 2015-09-09 (Firmware)
Intel Bay Trail with AES-NI 12/11/2015 IKEv1( AUTH( DSA , PSK ) ) ( 256 (SHA 256 , 384 , 512 ) ) ( 8192 (SHA 256 , 384 , 512 ) ) ( 2048 (SHA 256 , 384 , 512 ) ) SHA Val#2830 HMAC Val#2182
IKEv2( ( 256 (SHA 256 , 384 , 512 ) ) ( 8192 (SHA 256 , 384 , 512 ) ) ( 2048 (SHA 256 , 384 , 512 ) ) SHA Val#2830 HMAC Val#2182
TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#2830 HMAC Val#2182

"IAS Router IPSec is the IKE and ESP stack implementation."

666
Signature Generation of hash sized messages
FIPS186-4 ECDSA
Microsoft Corporation
One Microsoft Way
Redmond, WA 98052-6399
USA

-Tim Myers
TEL: 800-Microsoft

Microsoft Windows 10 November 2015 Update; Microsoft Surface Book, Surface Pro 4, Surface Pro 3, Surface 3, Surface Pro 2, and Surface Pro w/ Windows 10 November 2015 Update; Windows 10 Mobile for Microsoft Lumia 950 and Microsoft Lumia 635; Windows 10 for Microsoft Surface Hub 84” and Surface Hub 55” MsBignum Cryptographic Implementations

Version 10.0.10586
Intel x64 Processor with AES-NI w/ Microsoft Surface Pro w/ Windows 10 Enterprise November 2015 Update (x64); Intel Core i5 with AES-NI w/ Microsoft Surface Pro 2 w/ Windows 10 Enterprise November 2015 Update (x64); Intel Core i7 with AES-NI w/ Microsoft Surface Pro 3 w/ Windows 10 Enterprise November 2015 Update (x64); Intel x64 Processor with AES-NI w/ Microsoft Surface Pro w/ Windows 10 Pro November 2015 Update (x64); Intel Core i5 with AES-NI w/ Microsoft Surface Pro 2 w/ Windows 10 Pro November 2015 Update (x64); Intel Core i7 with AES-NI w/ Microsoft Surface Pro 3 w/ Windows 10 Pro November 2015 Update (x64); Intel Core i3 without AES-NI or PCLMULQDQ or SSSE 3 w/ Windows 10 Enterprise November 2015 Update (x86); Intel Core i3 without AES-NI or PCLMULQDQ or SSSE 3 w/ Windows 10 Pro November 2015 Update (x86); Intel Core i3 without AES-NI or PCLMULQDQ or SSSE 3 w/ Windows 10 November 2015 Update (x86); AMD A4 with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows 10 Enterprise November 2015 Update (x64); AMD A4 with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows 10 Pro November 2015 Update (x64); AMD A4 with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows 10 November 2015 Update (x64); Intel Core i7 with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows 10 November 2015 Update (x64); Intel Atom x7 with AES-NI and PCLMULQDQ and SSSE 3 w/ Microsoft Surface 3 w/ Windows 10 Enterprise November 2015 Update (x64) ;  Qualcomm Snapdragon 808 (A57, A53) w/ Microsoft Lumia 950 w/ Windows 10 Mobile; Qualcomm Snapdragon 400 (A7) w/ Microsoft Lumia 635 w/ Windows 10 Mobile; Intel Core i7 with AES-NI and PCLMULQDQ and SSSE 3 w/ Microsoft Surface Hub 84" w/ Windows 10 for Surface Hub (x64); Intel Core i5 with AES-NI w/ Microsoft Surface Hub 55" w/ Windows 10 for Surface Hub (x64); Intel Core i5 with AES-NI w/ Microsoft Surface Pro 4 w/ Windows 10 Enterprise November 2015 Update (x64); Intel Core i7 with AES-NI and PCLMULQDQ and SSSE 3 w/ Microsoft Surface Book w/ Windows 10 Enterprise November 2015 Update (x64); Intel Core i5 with AES-NI w/ Microsoft Surface Pro 4 w/ Windows 10 Pro November 2015 Update (x64); Intel Core i7 with AES-NI and PCLMULQDQ and SSSE 3 w/ Microsoft Surface Book w/ Windows 10 Pro November 2015 Update (x64); 12/4/2015 ECDSA SigGen Component: CURVES( P-256 P-384 P-521 )

"The Microsoft Windows MSBignum Library algorithm implementation provides DSA, ECDSA, and RSA support to other Microsoft libraries and cryptographic modules."

02/17/16: Added new tested information and updated implementation information;
06/16/16: Added new tested information;

665
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Microsoft Corporation
One Microsoft Way
Redmond, WA 98052-6399
USA

-Tim Myers
TEL: 800-Microsoft

Microsoft Windows 10 November 2015 Update; Microsoft Surface Book, Surface Pro 4, Surface Pro 3, Surface 3, Surface Pro 2, and Surface Pro w/ Windows 10 November 2015 Update; Windows 10 Mobile for Microsoft Lumia 950 and Microsoft Lumia 635; Windows 10 for Microsoft Surface Hub 84” and Surface Hub 55” MsBignum Cryptographic Implementations

Version 10.0.10586
Intel x64 Processor with AES-NI w/ Microsoft Surface Pro w/ Windows 10 Enterprise November 2015 Update (x64); Intel Core i5 with AES-NI w/ Microsoft Surface Pro 2 w/ Windows 10 Enterprise November 2015 Update (x64); Intel Core i7 with AES-NI w/ Microsoft Surface Pro 3 w/ Windows 10 Enterprise November 2015 Update (x64); Intel x64 Processor with AES-NI w/ Microsoft Surface Pro w/ Windows 10 Pro November 2015 Update (x64); Intel Core i5 with AES-NI w/ Microsoft Surface Pro 2 w/ Windows 10 Pro November 2015 Update (x64); Intel Core i7 with AES-NI w/ Microsoft Surface Pro 3 w/ Windows 10 Pro November 2015 Update (x64); Intel Core i3 without AES-NI or PCLMULQDQ or SSSE 3 w/ Windows 10 Enterprise November 2015 Update (x86); Intel Core i3 without AES-NI or PCLMULQDQ or SSSE 3 w/ Windows 10 Pro November 2015 Update (x86); Intel Core i3 without AES-NI or PCLMULQDQ or SSSE 3 w/ Windows 10 November 2015 Update (x86); AMD A4 with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows 10 Enterprise November 2015 Update (x64); AMD A4 with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows 10 Pro November 2015 Update (x64); AMD A4 with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows 10 November 2015 Update (x64); Intel Core i7 with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows 10 November 2015 Update (x64); Intel Atom x7 with AES-NI and PCLMULQDQ and SSSE 3 w/ Microsoft Surface 3 w/ Windows 10 Enterprise November 2015 Update (x64) ;  Qualcomm Snapdragon 808 (A57, A53) w/ Microsoft Lumia 950 w/ Windows 10 Mobile; Qualcomm Snapdragon 400 (A7) w/ Microsoft Lumia 635 w/ Windows 10 Mobile; Intel Core i7 with AES-NI and PCLMULQDQ and SSSE 3 w/ Microsoft Surface Hub 84" w/ Windows 10 for Surface Hub (x64); Intel Core i5 with AES-NI w/ Microsoft Surface Hub 55" w/ Windows 10 for Surface Hub (x64); Intel Core i5 with AES-NI w/ Microsoft Surface Pro 4 w/ Windows 10 Enterprise November 2015 Update (x64); Intel Core i7 with AES-NI and PCLMULQDQ and SSSE 3 w/ Microsoft Surface Book w/ Windows 10 Enterprise November 2015 Update (x64); Intel Core i5 with AES-NI w/ Microsoft Surface Pro 4 w/ Windows 10 Pro November 2015 Update (x64); Intel Core i7 with AES-NI and PCLMULQDQ and SSSE 3 w/ Microsoft Surface Book w/ Windows 10 Pro November 2015 Update (x64); 12/4/2015 RSASP1: (Mod2048: PKCS1.5 )

"The Microsoft Windows MSBignum Library algorithm implementation provides DSA, ECDSA, and RSA support to other Microsoft libraries and cryptographic modules."

02/17/16: Added new tested information and updated implementation information;
06/16/16: Added new tested information;

664
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
Section 4.2,
TLS
SP800-135
Microsoft Corporation
One Microsoft Way
Redmond, WA 98052-6399
USA

-Tim Myers
TEL: 800-Microsoft

Microsoft Windows 10 November 2015 Update; Microsoft Surface Book, Surface Pro 4, Surface Pro 3, Surface 3, Surface Pro 2, and Surface Pro w/ Windows 10 November 2015 Update; Windows 10 Mobile for Microsoft Lumia 950 and Microsoft Lumia 635; Windows 10 for Microsoft Surface Hub 84” and Surface Hub 55” BCryptPrimitives and NCryptSSLp

Version 10.0.10586
Intel x64 Processor with AES-NI w/ Microsoft Surface Pro w/ Windows 10 Enterprise November 2015 Update (x64); Intel Core i5 with AES-NI w/ Microsoft Surface Pro 2 w/ Windows 10 Enterprise November 2015 Update (x64); Intel Core i7 with AES-NI w/ Microsoft Surface Pro 3 w/ Windows 10 Enterprise November 2015 Update (x64); Intel x64 Processor with AES-NI w/ Microsoft Surface Pro w/ Windows 10 Pro November 2015 Update (x64); Intel Core i5 with AES-NI w/ Microsoft Surface Pro 2 w/ Windows 10 Pro November 2015 Update (x64); Intel Core i7 with AES-NI w/ Microsoft Surface Pro 3 w/ Windows 10 Pro November 2015 Update (x64); Intel Core i3 without AES-NI or PCLMULQDQ or SSSE 3 w/ Windows 10 Enterprise November 2015 Update (x86); Intel Core i3 without AES-NI or PCLMULQDQ or SSSE 3 w/ Windows 10 Pro November 2015 Update (x86); Intel Core i3 without AES-NI or PCLMULQDQ or SSSE 3 w/ Windows 10 November 2015 Update (x86); AMD A4 with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows 10 Enterprise November 2015 Update (x64); AMD A4 with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows 10 Pro November 2015 Update (x64); AMD A4 with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows 10 November 2015 Update (x64); Intel Core i7 with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows 10 November 2015 Update (x64); Intel Atom x7 with AES-NI and PCLMULQDQ and SSSE 3 w/ Microsoft Surface 3 w/ Windows 10 Enterprise November 2015 Update (x64) ;  Qualcomm Snapdragon 808 (A57, A53) w/ Microsoft Lumia 950 w/ Windows 10 Mobile; Qualcomm Snapdragon 400 (A7) w/ Microsoft Lumia 635 w/ Windows 10 Mobile; Intel Core i7 with AES-NI and PCLMULQDQ and SSSE 3 w/ Microsoft Surface Hub 84" w/ Windows 10 for Surface Hub (x64); Intel Core i5 with AES-NI w/ Microsoft Surface Hub 55" w/ Windows 10 for Surface Hub (x64); Intel Core i5 with AES-NI w/ Microsoft Surface Pro 4 w/ Windows 10 Enterprise November 2015 Update (x64); Intel Core i7 with AES-NI and PCLMULQDQ and SSSE 3 w/ Microsoft Surface Book w/ Windows 10 Enterprise November 2015 Update (x64); Intel Core i5 with AES-NI w/ Microsoft Surface Pro 4 w/ Windows 10 Pro November 2015 Update (x64); Intel Core i7 with AES-NI and PCLMULQDQ and SSSE 3 w/ Microsoft Surface Book w/ Windows 10 Pro November 2015 Update (x64) 12/4/2015 IKEv1( AUTH( DSA , PKE , PSK ) ) ( 2048 (SHA 256 ) ) ( 256 (SHA 256 ) ) ( 384 (SHA 384 ) ) SHA Val#3047 HMAC Val#2381
IKEv2( ( 2048 (SHA 256 ) ) ( 256 (SHA 256 ) ) ( 384 (SHA 384 ) ) SHA Val#3047 HMAC Val#2381
TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#3047 HMAC Val#2381

"The Microsoft Windows Cryptographic Primitives Library provides IKEv1, IKEv2, and TLS Key Derivation Function (KDF) primitives."

02/17/16: Added new tested information and updated implementation information;
06/15/16: Added new tested information;

663
RSADP Primitive
FIPS186-4 RSA; RSADP
Microsoft Corporation
One Microsoft Way
Redmond, WA 98052-6399
USA

-Tim Myers
TEL: 800-Microsoft

Microsoft Windows 10 November 2015 Update; Microsoft Surface Book, Surface Pro 4, Surface Pro 3, Surface 3, Surface Pro 2, and Surface Pro w/ Windows 10 November 2015 Update; Windows 10 Mobile for Microsoft Lumia 950 and Microsoft Lumia 635; Windows 10 for Microsoft Surface Hub 84” and Surface Hub 55” Cryptography Next Generation (CNG) Implementations

Version 10.0.10586
Intel x64 Processor with AES-NI w/ Microsoft Surface Pro w/ Windows 10 Enterprise November 2015 Update (x64); Intel Core i5 with AES-NI w/ Microsoft Surface Pro 2 w/ Windows 10 Enterprise November 2015 Update (x64); Intel Core i7 with AES-NI w/ Microsoft Surface Pro 3 w/ Windows 10 Enterprise November 2015 Update (x64); Intel x64 Processor with AES-NI w/ Microsoft Surface Pro w/ Windows 10 Pro November 2015 Update (x64); Intel Core i5 with AES-NI w/ Microsoft Surface Pro 2 w/ Windows 10 Pro November 2015 Update (x64); Intel Core i7 with AES-NI w/ Microsoft Surface Pro 3 w/ Windows 10 Pro November 2015 Update (x64); Intel Core i3 without AES-NI or PCLMULQDQ or SSSE 3 w/ Windows 10 Enterprise November 2015 Update (x86); Intel Core i3 without AES-NI or PCLMULQDQ or SSSE 3 w/ Windows 10 Pro November 2015 Update (x86); Intel Core i3 without AES-NI or PCLMULQDQ or SSSE 3 w/ Windows 10 November 2015 Update (x86); AMD A4 with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows 10 Enterprise November 2015 Update (x64); AMD A4 with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows 10 Pro November 2015 Update (x64); AMD A4 with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows 10 November 2015 Update (x64); Intel Core i7 with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows 10 November 2015 Update (x64); Intel Atom x7 with AES-NI and PCLMULQDQ and SSSE 3 w/ Microsoft Surface 3 w/ Windows 10 Enterprise November 2015 Update (x64) ; Qualcomm Snapdragon 808 (A57, A53) w/ Microsoft Lumia 950 w/ Windows 10 Mobile; Qualcomm Snapdragon 400 (A7) w/ Microsoft Lumia 635 w/ Windows 10 Mobile; ;  Intel Core i7 with AES-NI and PCLMULQDQ and SSSE 3 w/ Microsoft Surface Hub 84" w/ Windows 10 for Surface Hub (x64); Intel Core i5 with AES-NI w/ Microsoft Surface Hub 55" w/ Windows 10 for Surface Hub (x64); Intel Core i5 with AES-NI w/ Microsoft Surface Pro 4 w/ Windows 10 Enterprise November 2015 Update (x64); Intel Core i7 with AES-NI and PCLMULQDQ and SSSE 3 w/ Microsoft Surface Book w/ Windows 10 Enterprise November 2015 Update (x64); Intel Core i5 with AES-NI w/ Microsoft Surface Pro 4 w/ Windows 10 Pro November 2015 Update (x64); Intel Core i7 with AES-NI and PCLMULQDQ and SSSE 3 w/ Microsoft Surface Book w/ Windows 10 Pro November 2015 Update (x64) 12/4/2015 RSADP: (Mod2048)

"The Microsoft Windows Kernel Mode Cryptographic Primitives Library -- Cryptography Next Generation (CNG) -- is a general purpose, software-based, cryptographic module which provides FIPS 140-2 Level 1 cryptography."

02/17/16: Added new tested information and updated implementation information;
06/16/16: Added new tested information;

662
Section 4.2,
TLS
SP800-135
Red Hat, Inc.
100 East Davie Street
Raleigh, NC 27601
USA

-Jaroslav Reznik

OpenSSL (C and assembler implementation with CPACF) 64 bit

Version 4.0
IBM/S390 w/ Red Hat Enterprise Linux 7.1 12/4/2015 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#3069 HMAC Val#2401

"User space library providing general cryptographic services which can be linked to from any program. The module was tested with 64bit word size."

661
All of SP800-56A EXCEPT KDF
SP800-56A
Red Hat, Inc.
100 East Davie Street
Raleigh, NC 27601
USA

-Jaroslav Reznik

OpenSSL (C and assembler implementation with CPACF) 64 bit

Version 4.0
IBM/S390 w/ Red Hat Enterprise Linux 7.1 12/4/2015 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation   Key Regeneration )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC DSA Val#1023 SHS Val#3069 RNG Val#1406 DRBG Val#982
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation   Key Regeneration )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 EE: P-521 ECDSA Val#759 SHS Val#3069 RNG Val#1406 DRBG Val#982

"User space library providing general cryptographic services which can be linked to from any program. The module was tested with 64bit word size."

660
Section 5.2, SSH
SP800-135
Juniper Networks, Inc.
1133 Innovation Way
Sunnyvale, CA 94089
USA

-Mahesh Bommareddy
TEL: 408-936-5493

-Van Nguyen
TEL: 408-936-2247

JUNOS FIPS Version 12.1 X46 - OpenSSH

Version 12.1X46-D40.4 (Firmware)
Intel Celeron (1.3GH Celeron M); Cavium Octeon Plus (CN5000 Family); Cavium Octeon II (CN6000 Family); Motorola PowerQUICC III (e500) 12/4/2015 SSH (SHA 1 , 256 , 512 ) SHA Val#3068

"Juniper Networks SRX Series Services Gateways provide the essential capabilities necessary to connect, secure, and manage enterprise and service provider networks, from the smallest sites to the largest headquarters and data centers."

659
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
SP800-135
Juniper Networks, Inc.
1133 Innovation Way
Sunnyvale, CA 94089
USA

-Mahesh Bommareddy
TEL: 408-936-5493

-Van Nguyen
TEL: 408-936-2247

JUNOS FIPS Version 12.1 X46 - Authentec

Version 12.1X46-D40.4 (Firmware)
Intel Celeron (1.3GH Celeron M); Cavium Octeon Plus (CN5000 Family); Cavium Octeon II (CN6000 Family); Motorola PowerQUICC III (e500) 12/4/2015 IKEv1( AUTH( DSA , PSK ) ) ( 256 (SHA 1 , 256 , 384 ) ) ( 2048 (SHA 1 , 256 , 384 ) ) ( 384 (SHA 1 , 256 , 384 ) ) SHA Val#3074 HMAC Val#2406
IKEv2( ( 256 (SHA 1 , 256 , 384 ) ) ( 2048 (SHA 1 , 256 , 384 ) ) ( 384 (SHA 1 , 256 , 384 ) ) SHA Val#3074 HMAC Val#2406

"Juniper Networks SRX Series Services Gateways provide the essential capabilities necessary to connect, secure, and manage enterprise and service provider networks, from the smallest sites to the largest headquarters and data centers."

658
Section 4.2,
TLS
SP800-135
Red Hat, Inc.
100 East Davie Street
Raleigh, NC 27601
USA

-Jaroslav Reznik

OpenSSL (AES-NI and AVX+SSSE3 for SHA) 64 bit

Version 4.0
Intel x86 w/ Red Hat Enterprise Linux 7.1 11/27/2015 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#3061 HMAC Val#2394

"User space library providing general cryptographic services which can be linked to from any program. The module was tested with 64bit word size."

657
All of SP800-56A EXCEPT KDF
SP800-56A
Red Hat, Inc.
100 East Davie Street
Raleigh, NC 27601
USA

-Jaroslav Reznik

OpenSSL (AES-NI and AVX+SSSE3 for SHA) 64 bit

Version 4.0
Intel x86 w/ Red Hat Enterprise Linux 7.1 11/27/2015 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation   Key Regeneration )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC DSA Val#1016 SHS Val#3061 RNG Val#1404 DRBG Val#970
ECC:
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 EE: P-521 ECDSA Val#757 SHS Val#3061 RNG Val#1404 DRBG Val#970

"User space library providing general cryptographic services which can be linked to from any program. The module was tested with 64bit word size."

656
Section 4.2,
TLS
SP800-135
Red Hat, Inc.
100 East Davie Street
Raleigh, NC 27601
USA

-Jaroslav Reznik

OpenSSL (AES-NI and AVX+SSSE3 for SHA) 32 bit

Version 4.0
Intel x86 w/ Red Hat Enterprise Linux 7.1 11/27/2015 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#3060 HMAC Val#2393

"User space library providing general cryptographic services which can be linked to from any program. The module was tested with 32bit word size."

655
All of SP800-56A EXCEPT KDF
SP800-56A
Red Hat, Inc.
100 East Davie Street
Raleigh, NC 27601
USA

-Jaroslav Reznik

OpenSSL (AES-NI and AVX+SSSE3 for SHA) 32 bit

Version 4.0
Intel x86 w/ Red Hat Enterprise Linux 7.1 11/27/2015 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation   Key Regeneration )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC DSA Val#1015 SHS Val#3060 RNG Val#1403 DRBG Val#969
ECC:
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 EE: P-521 ECDSA Val#756 SHS Val#3060 RNG Val#1403 DRBG Val#969

"User space library providing general cryptographic services which can be linked to from any program. The module was tested with 32bit word size."

654
Section 4.2,
TLS
SP800-135
Red Hat, Inc.
100 East Davie Street
Raleigh, NC 27601
USA

-Jaroslav Reznik

OpenSSL (C and assembler impl. with AES acceleration and Altivec)

Version 4.0
IBM Power 8E w/ Red Hat Enterprise Linux 7.1 11/27/2015 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#3059 HMAC Val#2392

"User space library providing general cryptographic services which can be linked to from any program. The module was tested with 64bit word size."

653
All of SP800-56A EXCEPT KDF
SP800-56A
Red Hat, Inc.
100 East Davie Street
Raleigh, NC 27601
USA

-Jaroslav Reznik

OpenSSL (C and assembler impl. with AES acceleration and Altivec)

Version 4.0
IBM Power 8E w/ Red Hat Enterprise Linux 7.1 11/27/2015 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation   Key Regeneration )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC DSA Val#1014 SHS Val#3059 RNG Val#1402 DRBG Val#968
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation   Key Regeneration )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 EE: P-521 ECDSA Val#755 SHS Val#3059 RNG Val#1402 DRBG Val#968

"User space library providing general cryptographic services which can be linked to from any program. The module was tested with 64bit word size."

652
Section 4.2,
TLS
SP800-135
Red Hat, Inc.
100 East Davie Street
Raleigh, NC 27601
USA

-Jaroslav Reznik

OpenSSL (C and assembler implementation with CPACF) 32 bit

Version 4.0
IBM/S390 w/ Red Hat Enterprise Linux 7.1 11/27/2015 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#3054 HMAC Val#2387

"User space library providing general cryptographic services which can be linked to from any program. The module was tested with 32bit word size."

651
All of SP800-56A EXCEPT KDF
SP800-56A
Red Hat, Inc.
100 East Davie Street
Raleigh, NC 27601
USA

-Jaroslav Reznik

OpenSSL (C and assembler implementation with CPACF) 32 bit

Version 4.0
IBM/S390 w/ Red Hat Enterprise Linux 7.1 11/27/2015 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation   Key Regeneration )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC DSA Val#1013 SHS Val#3054 RNG Val#1400 DRBG Val#962
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation   Key Regeneration )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 EE: P-521 ECDSA Val#754 SHS Val#3054 RNG Val#1400 DRBG Val#962

"User space library providing general cryptographic services which can be linked to from any program. The module was tested with 32bit word size."

650
Section 4.1.1,
IKEv1
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Hewlett Packard Enterprise
153 Taylor Street
Littleton, MA 01460
USA

-Bob Pittman
TEL: 1-978-264-5211
FAX: 1-978-264-5522

HPE Comware

Version 5.2.1 (Firmware)
MPC8349, 553MHz, PowerPC; Broadcom XLS408, 1.2G Hz, MIPS 11/27/2015 IKEv1( AUTH( DSA , PSK ) ) ( 2048 (SHA 1 , 256 ) ) SHA Val#3050 HMAC Val#2383
TLS( TLS1.0/1.1 ) SHA Val#3050 HMAC Val#2383
SSH (SHA 1 ) SHA Val#3050
SNMP SHA1 Val#3050

"Comware cryptographic library is a software library that provides cryptographic functions within HP devices."

649
Section 4.2,
TLS
SP800-135
Dell Software, Inc.
5455 Great America Parkway
Santa Clara, CA 95054
USA

-Gary Tomlinson
TEL: 408-962-6756
FAX: 408-745-9300

-Usha Sanagala
TEL: 408-962-6248
FAX: 408-745-9300

OpenSSL

Version 1.0.1m (Firmware)
7200 (Intel Xeon Sandy Bridge with AES-NI); 6200 (Intel Haswell with AES-NI) 11/27/2015 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 ) ) SHA Val#3045 HMAC Val#2379

"OpenSSL 1.0.1m implementation with minor patches."

648
Section 4.2,
TLS
SP800-135
Dell Software, Inc.
5455 Great America Parkway
Santa Clara, CA 95054
USA

-Gary Tomlinson
TEL: 408-962-6756
FAX: 408-745-9300

-Usha Sanagala
TEL: 408-962-6248
FAX: 408-745-9300

ojdk

Version 1.7.0_147 (Firmware)
7200 (Intel Xeon Sandy Bridge with AES-NI); 6200 (Intel Haswell with AES-NI) 11/27/2015 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 ) ) SHA Val#3046 HMAC Val#2380

"Using existing Debian Stable Open JDK binaries."

647
Section 5.2, SSH
SP800-135
Dell Software, Inc.
5455 Great America Parkway
Santa Clara, CA 95054
USA

-Gary Tomlinson
TEL: 408-962-6756
FAX: 408-745-9300

-Usha Sanagala
TEL: 408-962-6248
FAX: 408-745-9300

OpenSSH

Version 6.2p2 (Firmware)
7200 (Intel Xeon Sandy Bridge with AES-NI); 6200 (Intel Haswell with AES-NI) 11/27/2015 SSH (SHA 1 , 256 ) SHA Val#3045

"SSH may generate keys of any size. Default is 2048. Open source version slightly modified to read our CSPs and completely disable DSA key generation."

646
Section 5.4, SNMP
SP800-135
Dell Software, Inc.
5455 Great America Parkway
Santa Clara, CA 95054
USA

-Gary Tomlinson
TEL: 408-962-6756
FAX: 408-745-9300

-Usha Sanagala
TEL: 408-962-6248
FAX: 408-745-9300

Net-SNMP

Version 5.6.1 (Firmware)
7200 (Intel Xeon Sandy Bridge with AES-NI); 6200 (Intel Haswell with AES-NI) 11/27/2015 SNMP SHA1 Val#3045

"Net-snmp-5.6.1 with minor patches."

645
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
Section 4.2,
TLS
Section 5.2, SSH
Section 5.3, SRTP
Section 5.4, SNMP
SP800-135
Cisco Systems, Inc.
170 West Tasman Dr.
San Jose, CA 95134
USA

-Global Certification Team

Cisco IC2M Algorithms

Version 2.0 (Firmware)
Freescale P102X Series 11/27/2015 IKEv1( AUTH( DSA , PSK ) ) ( 2048 (SHA 1 , 256 ) ) SHA Val#3043 HMAC Val#2377
IKEv2( ( 2048 (SHA 1 , 256 ) ) SHA Val#3043 HMAC Val#2377
TLS( TLS1.0/1.1 ) SHA Val#3043 HMAC Val#2377
SSH (SHA 1 ) SHA Val#3043
SRTP (AES 128 , 192 , 256 ) AES Val#3625
SNMP SHA1 Val#3043

"IOS Common Crypto Module"

03/07/16: Updated implementation information;

644
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Hewlett Packard Enterprise
14231 Tandem Boulevard
Austin, TX 78728
USA

-Paul Tucker
TEL: +1 512 432 2626
FAX: +1 512 432 2001

-Freddy A. Mercado
TEL: +1 512 432 2947
FAX: +1 512 432 2001

TippingPoint Intrusion Prevention System (IPS)

Version 3.8.2 (Firmware)
Broadcom XLR; Intel Jasper Forest Quad-core 11/27/2015 TLS( TLS1.0/1.1 ) SHA Val#3042 HMAC Val#2376
SSH (SHA 1 , 256 , 384 , 512 ) SHA Val#3042

"The TippingPoint IPS platform operates in-line in the network, blocking malicious and unwanted traffic, while allowing good traffic to pass unimpeded. The IPS provides cryptographic services to protect the management of the device."

12/10/15: Updated vendor information;

643
Section 4.2,
TLS
SP800-135
Vormetric, Inc.
2545 North 1st Street
San Jose, CA 95131
USA

-Oliver Galvez
TEL: (408) 433-6000
FAX: (408) 844-8637

-Peter Tsai
TEL: (408) 433-6000
FAX: (408) 844-8637

Vormetric Data Security Manager Virtual Appliance Module

Version 5.3.0
Intel Xeon w/ Centos 5.11 (64-bit) on VMware ESXi 5.5.0 11/27/2015 TLS( TLS1.2 (SHA 256 , 384 ) ) SHA Val#3041 HMAC Val#2375

"Vormetric Data Security Manager (Virtual Appliance) that creates, stores and manages security objects such as keys, certificates and access control policies for distributed encryption agents"

642
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
MobileIron
415 East Middlefield Road
Mountain View, CA 94043
USA

-Brian Mansfield
TEL: 415-596-4677

MobileIron Mobile@Work client for Android

Version OpenSSL 1.0.2d,FIPS 2.0.9
Samsung Galaxy Note 4 - SM-N910A w/ Android 5.1; Samsung S4 - SGH-I337 w/ Android 4.4.4; Samsung S5 - SM-G900H w/ Android 4.4.2; Samsung Galaxy Note 3 - SM-N900 w/ Android 4.4.2; Samsung S6 - SM-G920A w/ Android 5.0.2 11/27/2015 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

""General purpose cryptographic services available for Android used by the Mobile@Work client to provide secure cryptography"

641
Section 4.2,
TLS
SP800-135
Red Hat, Inc.
100 E. Davie Street
Raleigh, NC 27601
USA

-Jaroslav Reznik

GnuTLS-64-ssse3 for x86_64

Version 4.0
Intel Xeon x86 (64-bit) w/ Red Hat Enterprise Linux 7.1 11/27/2015 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#2990 HMAC Val#2324

"GnuTLS supported by Nettle is a secure communications library implementing the SSL, TLS and DTLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure ommunications protocols as well as APIs to parse and write X.509, PKCS #12, OpenPGP and other required structures."

10/14/16: Updated implementation information;

640
All of SP800-56A EXCEPT KDF
SP800-56A
Red Hat, Inc.
100 E. Davie Street
Raleigh, NC 27601
USA

-Jaroslav Reznik

GnuTLS-64-ssse3 for x86_64

Version 4.0
Intel Xeon x86 (64-bit) w/ Red Hat Enterprise Linux 7.1 11/27/2015 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation   Key Regeneration )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC DSA Val#1012 SHS Val#2990 DRBG Val#949
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation   Key Regeneration )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 EE: P-521 ECDSA Val#749 SHS Val#2990 DRBG Val#949

"GnuTLS supported by Nettle is a secure communications library implementing the SSL, TLS and DTLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure ommunications protocols as well as APIs to parse and write X.509, PKCS #12, OpenPGP and other required structures."

10/06/16: Updated implementation information;

639
Section 4.2,
TLS
SP800-135
Red Hat, Inc.
100 E. Davie Street
Raleigh, NC 27601
USA

-Jaroslav Reznik

GnuTLS-64-ssse3 for x86_32

Version 4.0
Intel Xeon x86 (32-bit) w/ Red Hat Enterprise Linux 7.1 11/27/2015 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#2989 HMAC Val#2323

"GnuTLS supported by Nettle is a secure communications library implementing the SSL, TLS and DTLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure ommunications protocols as well as APIs to parse and write X.509, PKCS #12, OpenPGP and other required structures."

10/14/16: Updated implementation information;

638
All of SP800-56A EXCEPT KDF
SP800-56A
Red Hat, Inc.
100 E. Davie Street
Raleigh, NC 27601
USA

-Jaroslav Reznik

GnuTLS-64-ssse3 for x86_32

Version 4.0
Intel Xeon x86 (32-bit) w/ Red Hat Enterprise Linux 7.1 11/27/2015 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation   Key Regeneration )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC DSA Val#1011 SHS Val#2989 DRBG Val#948
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation   Key Regeneration )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 EE: P-521 ECDSA Val#748 SHS Val#2989 DRBG Val#948

"GnuTLS supported by Nettle is a secure communications library implementing the SSL, TLS and DTLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure ommunications protocols as well as APIs to parse and write X.509, PKCS #12, OpenPGP and other required structures."

10/06/16: Updated implementation information;

637
Section 4.2,
TLS
SP800-135
Red Hat, Inc.
100 E. Davie Street
Raleigh, NC 27601
USA

-Jaroslav Reznik

GnuTLS-64 for s390x

Version 4.0
IBM/z13 w/ Red Hat Enterprise Linux 7.1 11/27/2015 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#2988 HMAC Val#2322

"GnuTLS supported by Nettle is a secure communications library implementing the SSL, TLS and DTLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure ommunications protocols as well as APIs to parse and write X.509, PKCS #12, OpenPGP and other required structures."

10/18/16: Updated implementation information;

636
All of SP800-56A EXCEPT KDF
SP800-56A
Red Hat, Inc.
100 E. Davie Street
Raleigh, NC 27601
USA

-Jaroslav Reznik

GnuTLS-64 for s390x

Version 4.0
IBM/z13 w/ Red Hat Enterprise Linux 7.1 11/27/2015 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation   Key Regeneration )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FC DSA Val#1010 SHS Val#2988 DRBG Val#945
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation   Key Regeneration )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 EE: P-521 ECDSA Val#747 SHS Val#2988 DRBG Val#945

"GnuTLS supported by Nettle is a secure communications library implementing the SSL, TLS and DTLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure ommunications protocols as well as APIs to parse and write X.509, PKCS #12, OpenPGP and other required structures."

10/18/16: Updated implementation information;

635
Section 4.2,
TLS
SP800-135
Red Hat, Inc.
100 E. Davie Street
Raleigh, NC 27601
USA

-Jaroslav Reznik

GnuTLS-64 for ppcle

Version 4.0
IBM Power 8E w/ Red Hat Enterprise Linux 7.1 11/27/2015 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#2987 HMAC Val#2321

"GnuTLS supported by Nettle is a secure communications library implementing the SSL, TLS and DTLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure ommunications protocols as well as APIs to parse and write X.509, PKCS #12, OpenPGP and other required structures."

634
All of SP800-56A EXCEPT KDF
SP800-56A
Red Hat, Inc.
100 E. Davie Street
Raleigh, NC 27601
USA

-Jaroslav Reznik

GnuTLS-64 for ppcle

Version 4.0
IBM Power 8E w/ Red Hat Enterprise Linux 7.1 11/27/2015 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation   Key Regeneration )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FC DSA Val#1009 SHS Val#2987 DRBG Val#944
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation   Key Regeneration )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 EE: P-521 ECDSA Val#746 SHS Val#2987 DRBG Val#944

"GnuTLS supported by Nettle is a secure communications library implementing the SSL, TLS and DTLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure ommunications protocols as well as APIs to parse and write X.509, PKCS #12, OpenPGP and other required structures."

633
Section 4.2,
TLS
SP800-135
Red Hat, Inc.
100 E. Davie Street
Raleigh, NC 27601
USA

-Jaroslav Reznik

GnuTLS-32 for s390x

Version 4.0
IBM/z13 w/ Red Hat Enterprise Linux 7.1 11/27/2015 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#2986 HMAC Val#2320

"GnuTLS supported by Nettle is a secure communications library implementing the SSL, TLS and DTLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure ommunications protocols as well as APIs to parse and write X.509, PKCS #12, OpenPGP and other required structures."

10/18/16: Updated implementation information;

632
All of SP800-56A EXCEPT KDF
SP800-56A
Red Hat, Inc.
100 E. Davie Street
Raleigh, NC 27601
USA

-Jaroslav Reznik

GnuTLS-32 for s390x

Version 4.0
IBM/z13 w/ Red Hat Enterprise Linux 7.1 11/27/2015 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation   Key Regeneration )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FC DSA Val#1008 SHS Val#2986 DRBG Val#943
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation   Key Regeneration )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 EE: P-521 ECDSA Val#745 SHS Val#2986 DRBG Val#943

"GnuTLS supported by Nettle is a secure communications library implementing the SSL, TLS and DTLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure ommunications protocols as well as APIs to parse and write X.509, PKCS #12, OpenPGP and other required structures."

10/18/16: Updated implementation information;

631
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Cleversafe, Inc.
222 South Riverside Plaza
Suite 1700
Chicago, Illinois 60606
US

-Mark Seaborn
TEL: (312) 423-6640

-Jason Resch
TEL: (312) 423-6640

Cleversafe FIPS Cryptographic Module

Version 1.1
Intel Xeon without AES-NI w/ ClevOS 3.8.0-FIPS-EDITION 11/27/2015 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"The Cleversafe® FIPS Object Module is a full featured general purpose cryptographic library that is distributed as a component of Cleversafe''s ClevOS™ FIPS Edition, the underlying technology for dsNet® Appliances."

12/04/15: Updated implementation information;

630
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Cleversafe, Inc.
222 South Riverside Plaza
Suite 1700
Chicago, Illinois 60606
US

-Mark Seaborn
TEL: 312.423.6640

-Jason Resch
TEL: (312) 423-6640

Cleversafe FIPS Cryptographic Module

Version 1.1
Intel Xeon with AES-NI w/ ClevOS 3.8.0-FIPS-EDITION 11/27/2015 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"The Cleversafe® FIPS Object Module is a full featured general purpose cryptographic library that is distributed as a component of Cleversafe''s ClevOS™ FIPS Edition, the underlying technology for dsNet® Appliances."

12/04/15: Updated implementation information;

629
Section 4.2,
TLS
SP800-135
Red Hat, Inc.
100 E. Davie Street
Raleigh, NC 27601
USA

-Jaroslav Reznik

Red Hat NSS Softoken (64 bit) s390x

Version 4.0
IBM/S390 w/ Red Hat Enterprise Linux 7.1 11/27/2015 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 ) ) SHA Val#2971 HMAC Val#2305

"User space library providing general cryptographic services used by the NSS cryptographic library. The module was tested with 64bit word size."

628
Section 4.2,
TLS
SP800-135
Red Hat, Inc.
100 E. Davie Street
Raleigh, NC 27601
USA

-Jaroslav Reznik

Red Hat NSS Softoken (64 bit) ppcle

Version 4.0
IBM Power 8E w/ Red Hat Enterprise Linux 7.1 11/27/2015 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 ) ) SHA Val#2969 HMAC Val#2303

"User space library providing general cryptographic services used by the NSS cryptographic library. The module was tested with 64bit word size."

627
Section 4.2,
TLS
SP800-135
Red Hat, Inc.
100 E. Davie Street
Raleigh, NC 27601
USA

-Jaroslav Reznik

Red Hat NSS Softoken (64 bit) x86_64

Version 4.0
Intel x86 w/ Red Hat Enterprise Linux 7.1 11/27/2015 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 ) ) SHA Val#2967 HMAC Val#2301

"User space library providing general cryptographic services used by the NSS cryptographic library. The module was tested with 64bit word size."

626
Section 4.2,
TLS
SP800-135
Red Hat, Inc.
100 E. Davie Street
Raleigh, NC 27601
USA

-Jaroslav Reznik

Red Hat NSS Softoken (32 bit) x86_64

Version 4.0
Intel x86 w/ Red Hat Enterprise Linux 7.1 11/27/2015 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 ) ) SHA Val#2966 HMAC Val#2300

"User space library providing general cryptographic services used by the NSS cryptographic library. The module was tested with 64bit word size."

625
Section 4.2,
TLS
SP800-135
Red Hat, Inc.
100 E. Davie Street
Raleigh, NC 27601
USA

-Jaroslav Reznik

Red Hat NSS Softoken (32 bit) s390x

Version 4.0
IBM/S390 w/ Red Hat Enterprise Linux 7.1 11/27/2015 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 ) ) SHA Val#2965 HMAC Val#2299

"User space library providing general cryptographic services used by the NSS cryptographic library. The module was tested with 64bit word size."

624
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
Section 4.2,
TLS
SP800-135
Ciena Corporation
7035 Ridge Road
Hanover, MD 21076
USA

-Patrick Scully
TEL: 613-670-3207

Ciena 6500 Flex3 WaveLogic 3e OCLD Cryptography Engine

Version 2.00 (Firmware)
Xilinx XC7Z020 11/27/2015 IKEv1( AUTH( PKE ) ) ( 224 (SHA 1 , 256 ) ) ( 384 (SHA 1 , 256 ) ) ( 2048 (SHA 1 , 256 ) ) SHA Val#2963 HMAC Val#2298
IKEv2( ( 224 (SHA 1 , 256 , 384 ) ) ( 384 (SHA 1 , 256 , 384 ) ) ( 2048 (SHA 1 , 256 , 384 ) ) SHA Val#2963 HMAC Val#2298
TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#2963 HMAC Val#2298

"The Ciena 6500 Packet-Optical Platform Flex3 WaveLogic 3e OCLD Encryption Module offers an integrated transport encryption solution providing protocol-agnostic 100Gb/s or 200Gb/s wirespeed encryption service for enterprises, datacenters, government and also offered through service providers as differentiated managed service."

623
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
Section 4.2,
TLS
SP800-135
Ciena Corporation
7035 Ridge Road
Hanover, MD 21076
USA

-Patrick Scully
TEL: 613-670-3207

Ciena 6500 Packet-Optical Platform 4x10G Cryptography Engine

Version 2.00 (Firmware)
Xilinx XC7Z045 11/27/2015 IKEv1( AUTH( PKE ) ) ( 224 (SHA 1 , 256 ) ) ( 384 (SHA 1 , 256 ) ) ( 2048 (SHA 1 , 256 ) ) SHA Val#2962 HMAC Val#2297
IKEv2( ( 224 (SHA 1 , 256 , 384 ) ) ( 384 (SHA 1 , 256 , 384 ) ) ( 2048 (SHA 1 , 256 , 384 ) ) SHA Val#2962 HMAC Val#2297
TLS( TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#2962 HMAC Val#2297

"The Ciena 6500 Packet-Optical Platform 4x10G Encryption OTR offers an integrated transport encryption solution providing a protocol-agnostic wirespeed encryption service for use in small to large enterprises or datacenters and also offered through service providers as a differentiated managed service."

622
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
RSA, The Security Division of EMC
174 Middlesex Turnpike
Bedford, MA 01730
USA

-Rohit Mathur
TEL: +61730325220

RSA BSAFE Crypto-C Micro Edition

Version 4.1.2
Intel x86 without AES-NI w/ Windows Server 2008 Enterprise (/MT) on vCenter SUSE 11; Intel x86 without AES-NI w/ Windows 7 Enterprise (/MT) on vCenter SUSE 11; Intel x86 with AES-NI w/ Windows Server 2008 Enterprise (/MT) on vCenter SUSE 11; Intel x86 with AES-NI w/ Windows 7 Enterprise (/MT) on vCenter SUSE 11; Intel x64 without AES-NI w/ Windows Server 2008 Enterprise R2 (/MD) on vCenter SUSE 11; Intel x64 without AES-NI w/ Windows 7 Enterprise (/MD) on vCenter SUSE 11; Intel x64 with AES-NI w/ Windows Server 2008 Enterprise R2 (/MD) on vCenter SUSE 11; Intel x64 with AES-NI w/ Windows 7 Enterprise (/MD) on vCenter SUSE 11; Intel x86 without AES-NI w/ Windows Server 2008 Enterprise (/MD) on vCenter SUSE 11; Intel x86 without AES-NI w/ Windows 7 Enterprise (/MD) on vCenter SUSE 11; Intel x86 with AES-NI w/ Windows Server 2008 Enterprise (/MD) on vCenter SUSE 11; Intel x86 with AES-NI w/ Windows 7 Enterprise (/MD) on vCenter SUSE 11; Intel x64 without AES-NI w/ Windows Server 2008 Enterprise (/MT) on vCenter SUSE 11; Intel x64 without AES-NI w/ Windows Server 2012 Standard R2 (/MT) on vCenter SUSE 11; Intel x64 without AES-NI w/ Windows 7 Enterprise (/MT) on vCenter SUSE 11; Intel x64 without AES-NI w/ Windows 8 Enterprise (/MT) on vCenter SUSE 11; Intel x64 with AES-NI w/ Windows Server 2008 Enterprise (/MT) on vCenter SUSE 11; Intel x64 with AES-NI w/ Windows Server 2012 Standard R2 (/MT) on vCenter SUSE 11; Intel x64 with AES-NI w/ Windows 7 Enterprise (/MT) on vCenter SUSE 11; Intel x64 with AES-NI w/ Windows 8 Enterprise (/MT) on vCenter SUSE 11; Intel x86 without AES-NI w/ Windows 8 Enterprise (/MT) on vCenter SUSE 11; Intel x86 without AES-NI w/ Windows 10 Enterprise (/MD) on vCenter SUSE 11; Intel x86 with AES-NI w/ Windows 8 Enterprise (/MT) on vCenter SUSE 11; Intel x86 with AES-NI w/ Windows 10 Enterprise (/MD) on vCenter SUSE 11; Intel x64 without AES-NI w/ Windows 8 Enterprise (/MT) on vCenter SUSE 11; Intel x64 without AES-NI w/ Windows 10 Enterprise (/MD) on vCenter SUSE 11; Intel x64 without AES-NI w/ Windows Server 2012 Standard R2 (/MD) on vCenter SUSE 11; Intel x64 with AES-NI w/ Windows 8 Enterprise (/MT) on vCenter SUSE 11; Intel x64 with AES-NI w/ Windows 10 Enterprise (/MD) on vCenter SUSE 11; Intel x64 with AES-NI w/ Windows Server 2012 Standard R2 (/MD) on vCenter SUSE 11; Itanium 2 w/ Windows Server 2008 Enterprise (/MD); Itanium 2 w/ Windows Server 2008 Enterprise (/MT); Intel x86 without AES-NI w/ Red Hat Enterprise Linux 5.11 on vCenter SUSE 11; Intel x86 with AES-NI w/ Red Hat Enterprise Linux 5.11 on vCenter SUSE 11; Intel x64 without AES-NI w/ Red Hat Enterprise Linux 5.11 on vCenter SUSE 11; Intel x64 with AES-NI w/ Red Hat Enterprise Linux 5.11 on vCenter SUSE 11; Intel x86 without AES-NI w/ Red Hat Enterprise Linux 6.7 on vCenter SUSE 11; Intel x86 without AES-NI w/ Red Hat Enterprise Linux 7.1 on vCenter SUSE 11; Intel x86 without AES-NI w/ SUSE Linux Enterprise Server 11 on vCenter SUSE 11; Intel x86 without AES-NI w/ SUSE Linux Enterprise Server 12 on vCenter SUSE 11; Intel x86 with AES-NI w/ Red Hat Enterprise Linux 6.7 on vCenter SUSE 11; Intel x86 with AES-NI w/ SUSE Linux Enterprise Server 11 on vCenter SUSE 11; Intel x86 with AES-NI w/ SUSE Linux Enterprise Server 12 on vCenter SUSE 11; Intel x64 without AES-NI w/ Red Hat Enterprise Linux 6.7 on vCenter SUSE 11; Intel x64 without AES-NI w/ Red Hat Enterprise Linux 7.1 on vCenter SUSE 11; Intel x64 without AES-NI w/ SUSE Linux Enterprise Server 11 on vCenter SUSE 11; Intel x64 without AES-NI w/ SUSE Linux Enterprise Server 12 on vCenter SUSE 11; Intel x64 with AES-NI w/ Red Hat Enterprise Linux 6.7 on vCenter SUSE 11; Intel x64 with AES-NI w/ Red Hat Enterprise Linux 7.1 on vCenter SUSE 11; Intel x64 with AES-NI w/ SUSE Linux Enterprise Server 11 on vCenter SUSE 11; Itanium 2 w/ Red Hat Enterprise Linux 5.11; PowerPC 32-bit w/ Red Hat Enterprise Linux 5.11 on PowerVM 2.2; PowerPC 32-bit w/ SUSE Linux Enterprise Server 11 on PowerVM 2.2; PowerPC 64-bit w/ Red Hat Enterprise Linux 5.11 on PowerVM 2.2; PowerPC 64-bit w/ SUSE Linux Enterprise Server 11 on PowerVM 2.2; Intel x64 without AES-NI w/ FreeBSD 10.2 on vCenter SUSE 11; Intel x64 with AES-NI w/ FreeBSD 10.2 on vCenter SUSE 11; Intel x64 without AES-NI w/ Mac OSX 10.10 on vCenter SUSE 11; Intel x64 with AES-NI w/ Mac OSX 10.10 on vCenter SUSE 11; SPARC v8 w/ Solaris 10; SPARC v8+ w/ Solaris 11; SPARC v9 (T2) w/ Solaris 11; SPARC v9 (T4) without T4 accelerator w/ Solaris 11; Intel x86 without AES-NI w/ Solaris 10 on vCenter SUSE 11; Intel x86 with AES-NI w/ Solaris 10 on vCenter SUSE 11; Intel x64 without AES-NI w/ Solaris 10 on vCenter SUSE 11; Intel x64 with AES-NI w/ Solaris 10 on vCenter SUSE 11; Itanium 2 32-bit w/ HPUX 11.31; Itanium 2 64-bit w/ HPUX 11.31; PA-RISC 2.0 32-bit w/ HPUX 11.31; PA-RISC 2.0W 64-bit w/ HPUX 11.31; PowerPC 32-bit w/ AIX 6.1 on PowerVM 2.2; PowerPC 64-bit w/ AIX 6.1 on PowerVM 2.2; PowerPC 32-bit w/ AIX 7.1 on PowerVM 2.2; PowerPC 64-bit w/ AIX 7.1 on PowerVM 2.2; IBM z196 31/32-bit w/ Red Hat Enterprise Linux 5.11 on z/VM 6.2; IBM z196 64-bit w/ Red Hat Enterprise Linux 5.11 on z/VM 6.2; ARMv7 w/ Fedora Core 20; ARMv7 w/ Ubuntu 12.04 LTS; ARMv8 w/ Fedora Core 22; Intel x86 w/ Android 4.1; ARMv7 w/ Android 4.4; ARMv7 w/ Android 5.1; ARMv8 w/ Android 5.1; PPC 604 w/ VxWorks 6.4; PPC 604 w/ VxWorks 6.7; ARMv4 w/ VxWorks 6.8; SPARC v9 (T4) with T4 accelerator w/ Solaris 11; Intel x64 w/ CentOS 6.6 ;  Intel Core i7 with AES-NI w/ CentOS 7.2; Intel Core i7 without AES-NI w/ CentOS 7.2 11/20/2015 RSASP1: (Mod2048: PKCS1.5 )

"RSA BSAFE® Crypto-C ME software is designed to help protect sensitive data as it is stored using strong encryption techniques to provide a persistent level of protection. The software supports a wide range of industry standard encryption algorithms offering developers the flexibility to choose the appropriate option to meet their requirements."

12/18/15: Added new tested information;
12/15/16: Added new tested information;

621
Signature Generation of hash sized messages
RSASP1 Signature Primitive
FIPS186-4 ECDSA

FIPS186-4 RSA; PKCS#1 v2.1
RSA, The Security Division of EMC
174 Middlesex Turnpike
Bedford, MA 01730
USA

-Rohit Mathur
TEL: +61730325220

RSA BSAFE Crypto-C Micro Edition

Version 4.1.2
Intel x86 without AES-NI w/ Windows Server 2008 Enterprise (/MT) on vCenter SUSE 11; Intel x86 without AES-NI w/ Windows 7 Enterprise (/MT) on vCenter SUSE 11; Intel x86 with AES-NI w/ Windows Server 2008 Enterprise (/MT) on vCenter SUSE 11; Intel x86 with AES-NI w/ Windows 7 Enterprise (/MT) on vCenter SUSE 11; Intel x64 without AES-NI w/ Windows Server 2008 Enterprise R2 (/MD) on vCenter SUSE 11; Intel x64 without AES-NI w/ Windows 7 Enterprise (/MD) on vCenter SUSE 11; Intel x64 with AES-NI w/ Windows Server 2008 Enterprise R2 (/MD) on vCenter SUSE 11; Intel x64 with AES-NI w/ Windows 7 Enterprise (/MD) on vCenter SUSE 11; Intel x86 without AES-NI w/ Windows Server 2008 Enterprise (/MD) on vCenter SUSE 11; Intel x86 without AES-NI w/ Windows 7 Enterprise (/MD) on vCenter SUSE 11; Intel x86 with AES-NI w/ Windows Server 2008 Enterprise (/MD) on vCenter SUSE 11; Intel x86 with AES-NI w/ Windows 7 Enterprise (/MD) on vCenter SUSE 11; Intel x64 without AES-NI w/ Windows Server 2008 Enterprise (/MT) on vCenter SUSE 11; Intel x64 without AES-NI w/ Windows Server 2012 Standard R2 (/MT) on vCenter SUSE 11; Intel x64 without AES-NI w/ Windows 7 Enterprise (/MT) on vCenter SUSE 11; Intel x64 without AES-NI w/ Windows 8 Enterprise (/MT) on vCenter SUSE 11; Intel x64 with AES-NI w/ Windows Server 2008 Enterprise (/MT) on vCenter SUSE 11; Intel x64 with AES-NI w/ Windows Server 2012 Standard R2 (/MT) on vCenter SUSE 11; Intel x64 with AES-NI w/ Windows 7 Enterprise (/MT) on vCenter SUSE 11; Intel x64 with AES-NI w/ Windows 8 Enterprise (/MT) on vCenter SUSE 11; Intel x86 without AES-NI w/ Windows 8 Enterprise (/MT) on vCenter SUSE 11; Intel x86 without AES-NI w/ Windows 10 Enterprise (/MD) on vCenter SUSE 11; Intel x86 with AES-NI w/ Windows 8 Enterprise (/MT) on vCenter SUSE 11; Intel x86 with AES-NI w/ Windows 10 Enterprise (/MD) on vCenter SUSE 11; Intel x64 without AES-NI w/ Windows 8 Enterprise (/MT) on vCenter SUSE 11; Intel x64 without AES-NI w/ Windows 10 Enterprise (/MD) on vCenter SUSE 11; Intel x64 without AES-NI w/ Windows Server 2012 Standard R2 (/MD) on vCenter SUSE 11; Intel x64 with AES-NI w/ Windows 8 Enterprise (/MT) on vCenter SUSE 11; Intel x64 with AES-NI w/ Windows 10 Enterprise (/MD) on vCenter SUSE 11; Intel x64 with AES-NI w/ Windows Server 2012 Standard R2 (/MD) on vCenter SUSE 11; Itanium 2 w/ Windows Server 2008 Enterprise (/MD); Itanium 2 w/ Windows Server 2008 Enterprise (/MT); Intel x86 without AES-NI w/ Red Hat Enterprise Linux 5.11 on vCenter SUSE 11; Intel x86 with AES-NI w/ Red Hat Enterprise Linux 5.11 on vCenter SUSE 11; Intel x64 without AES-NI w/ Red Hat Enterprise Linux 5.11 on vCenter SUSE 11; Intel x64 with AES-NI w/ Red Hat Enterprise Linux 5.11 on vCenter SUSE 11; Intel x86 without AES-NI w/ Red Hat Enterprise Linux 6.7 on vCenter SUSE 11; Intel x86 without AES-NI w/ Red Hat Enterprise Linux 7.1 on vCenter SUSE 11; Intel x86 without AES-NI w/ SUSE Linux Enterprise Server 11 on vCenter SUSE 11; Intel x86 without AES-NI w/ SUSE Linux Enterprise Server 12 on vCenter SUSE 11; Intel x86 with AES-NI w/ Red Hat Enterprise Linux 6.7 on vCenter SUSE 11; Intel x86 with AES-NI w/ SUSE Linux Enterprise Server 11 on vCenter SUSE 11; Intel x86 with AES-NI w/ SUSE Linux Enterprise Server 12 on vCenter SUSE 11; Intel x64 without AES-NI w/ Red Hat Enterprise Linux 6.7 on vCenter SUSE 11; Intel x64 without AES-NI w/ Red Hat Enterprise Linux 7.1 on vCenter SUSE 11; Intel x64 without AES-NI w/ SUSE Linux Enterprise Server 11 on vCenter SUSE 11; Intel x64 without AES-NI w/ SUSE Linux Enterprise Server 12 on vCenter SUSE 11; Intel x64 with AES-NI w/ Red Hat Enterprise Linux 6.7 on vCenter SUSE 11; Intel x64 with AES-NI w/ Red Hat Enterprise Linux 7.1 on vCenter SUSE 11; Intel x64 with AES-NI w/ SUSE Linux Enterprise Server 11 on vCenter SUSE 11; Itanium 2 w/ Red Hat Enterprise Linux 5.11; PowerPC 32-bit w/ Red Hat Enterprise Linux 5.11 on PowerVM 2.2; PowerPC 32-bit w/ SUSE Linux Enterprise Server 11 on PowerVM 2.2; PowerPC 64-bit w/ Red Hat Enterprise Linux 5.11 on PowerVM 2.2; PowerPC 64-bit w/ SUSE Linux Enterprise Server 11 on PowerVM 2.2; Intel x64 without AES-NI w/ FreeBSD 10.2 on vCenter SUSE 11; Intel x64 with AES-NI w/ FreeBSD 10.2 on vCenter SUSE 11; Intel x64 without AES-NI w/ Mac OSX 10.10 on vCenter SUSE 11; Intel x64 with AES-NI w/ Mac OSX 10.10 on vCenter SUSE 11; SPARC v8 w/ Solaris 10; SPARC v8+ w/ Solaris 11; SPARC v9 (T2) w/ Solaris 11; SPARC v9 (T4) without T4 accelerator w/ Solaris 11; Intel x86 without AES-NI w/ Solaris 10 on vCenter SUSE 11; Intel x86 with AES-NI w/ Solaris 10 on vCenter SUSE 11; Intel x64 without AES-NI w/ Solaris 10 on vCenter SUSE 11; Intel x64 with AES-NI w/ Solaris 10 on vCenter SUSE 11; Itanium 2 32-bit w/ HPUX 11.31; Itanium 2 64-bit w/ HPUX 11.31; PA-RISC 2.0 32-bit w/ HPUX 11.31; PA-RISC 2.0W 64-bit w/ HPUX 11.31; PowerPC 32-bit w/ AIX 6.1 on PowerVM 2.2; PowerPC 64-bit w/ AIX 6.1 on PowerVM 2.2; PowerPC 32-bit w/ AIX 7.1 on PowerVM 2.2; PowerPC 64-bit w/ AIX 7.1 on PowerVM 2.2; IBM z196 31/32-bit w/ Red Hat Enterprise Linux 5.11 on z/VM 6.2; IBM z196 64-bit w/ Red Hat Enterprise Linux 5.11 on z/VM 6.2; ARMv7 w/ Fedora Core 20; ARMv7 w/ Ubuntu 12.04 LTS; ARMv8 w/ Fedora Core 22; Intel x86 w/ Android 4.1; ARMv7 w/ Android 4.4; ARMv7 w/ Android 5.1; ARMv8 w/ Android 5.1; PPC 604 w/ VxWorks 6.4; PPC 604 w/ VxWorks 6.7; ARMv4 w/ VxWorks 6.8; SPARC v9 (T4) with T4 accelerator w/ Solaris 11; Intel x64 w/ CentOS 6.6 ;  Intel Core i7 with AES-NI w/ CentOS 7.2; Intel Core i7 without AES-NI w/ CentOS 7.2 11/20/2015 ECDSA SigGen Component: CURVES( P-224 P-256 P-384 P-521 K-233 K-283 K-409 K-571 B-233 B-283 B-409 B-571 )
RSASP1: (Mod2048: PKCS1.5 )

"RSA BSAFE® Crypto-C ME software is designed to help protect sensitive data as it is stored using strong encryption techniques to provide a persistent level of protection. The software supports a wide range of industry standard encryption algorithms offering developers the flexibility to choose the appropriate option to meet their requirements."

12/18/15: Added new tested information;

620
RSADP Primitive
FIPS186-4 RSA; RSADP
RSA, The Security Division of EMC
174 Middlesex Turnpike
Bedford, MA 01730
USA

-Rohit Mathur
TEL: +61730325220

RSA BSAFE Crypto-C Micro Edition

Version 4.1.2
Intel x86 without AES-NI w/ Windows Server 2008 Enterprise (/MT) on vCenter SUSE 11; Intel x86 without AES-NI w/ Windows 7 Enterprise (/MT) on vCenter SUSE 11; Intel x86 with AES-NI w/ Windows Server 2008 Enterprise (/MT) on vCenter SUSE 11; Intel x86 with AES-NI w/ Windows 7 Enterprise (/MT) on vCenter SUSE 11; Intel x64 without AES-NI w/ Windows Server 2008 Enterprise R2 (/MD) on vCenter SUSE 11; Intel x64 without AES-NI w/ Windows 7 Enterprise (/MD) on vCenter SUSE 11; Intel x64 with AES-NI w/ Windows Server 2008 Enterprise R2 (/MD) on vCenter SUSE 11; Intel x64 with AES-NI w/ Windows 7 Enterprise (/MD) on vCenter SUSE 11; Intel x86 without AES-NI w/ Windows Server 2008 Enterprise (/MD) on vCenter SUSE 11; Intel x86 without AES-NI w/ Windows 7 Enterprise (/MD) on vCenter SUSE 11; Intel x86 with AES-NI w/ Windows Server 2008 Enterprise (/MD) on vCenter SUSE 11; Intel x86 with AES-NI w/ Windows 7 Enterprise (/MD) on vCenter SUSE 11; Intel x64 without AES-NI w/ Windows Server 2008 Enterprise (/MT) on vCenter SUSE 11; Intel x64 without AES-NI w/ Windows Server 2012 Standard R2 (/MT) on vCenter SUSE 11; Intel x64 without AES-NI w/ Windows 7 Enterprise (/MT) on vCenter SUSE 11; Intel x64 without AES-NI w/ Windows 8 Enterprise (/MT) on vCenter SUSE 11; Intel x64 with AES-NI w/ Windows Server 2008 Enterprise (/MT) on vCenter SUSE 11; Intel x64 with AES-NI w/ Windows Server 2012 Standard R2 (/MT) on vCenter SUSE 11; Intel x64 with AES-NI w/ Windows 7 Enterprise (/MT) on vCenter SUSE 11; Intel x64 with AES-NI w/ Windows 8 Enterprise (/MT) on vCenter SUSE 11; Intel x86 without AES-NI w/ Windows 8 Enterprise (/MT) on vCenter SUSE 11; Intel x86 without AES-NI w/ Windows 10 Enterprise (/MD) on vCenter SUSE 11; Intel x86 with AES-NI w/ Windows 8 Enterprise (/MT) on vCenter SUSE 11; Intel x86 with AES-NI w/ Windows 10 Enterprise (/MD) on vCenter SUSE 11; Intel x64 without AES-NI w/ Windows 8 Enterprise (/MT) on vCenter SUSE 11; Intel x64 without AES-NI w/ Windows 10 Enterprise (/MD) on vCenter SUSE 11; Intel x64 without AES-NI w/ Windows Server 2012 Standard R2 (/MD) on vCenter SUSE 11; Intel x64 with AES-NI w/ Windows 8 Enterprise (/MT) on vCenter SUSE 11; Intel x64 with AES-NI w/ Windows 10 Enterprise (/MD) on vCenter SUSE 11; Intel x64 with AES-NI w/ Windows Server 2012 Standard R2 (/MD) on vCenter SUSE 11; Itanium 2 w/ Windows Server 2008 Enterprise (/MD); Itanium 2 w/ Windows Server 2008 Enterprise (/MT); Intel x86 without AES-NI w/ Red Hat Enterprise Linux 5.11 on vCenter SUSE 11; Intel x86 with AES-NI w/ Red Hat Enterprise Linux 5.11 on vCenter SUSE 11; Intel x64 without AES-NI w/ Red Hat Enterprise Linux 5.11 on vCenter SUSE 11; Intel x64 with AES-NI w/ Red Hat Enterprise Linux 5.11 on vCenter SUSE 11; Intel x86 without AES-NI w/ Red Hat Enterprise Linux 6.7 on vCenter SUSE 11; Intel x86 without AES-NI w/ Red Hat Enterprise Linux 7.1 on vCenter SUSE 11; Intel x86 without AES-NI w/ SUSE Linux Enterprise Server 11 on vCenter SUSE 11; Intel x86 without AES-NI w/ SUSE Linux Enterprise Server 12 on vCenter SUSE 11; Intel x86 with AES-NI w/ Red Hat Enterprise Linux 6.7 on vCenter SUSE 11; Intel x86 with AES-NI w/ SUSE Linux Enterprise Server 11 on vCenter SUSE 11; Intel x86 with AES-NI w/ SUSE Linux Enterprise Server 12 on vCenter SUSE 11; Intel x64 without AES-NI w/ Red Hat Enterprise Linux 6.7 on vCenter SUSE 11; Intel x64 without AES-NI w/ Red Hat Enterprise Linux 7.1 on vCenter SUSE 11; Intel x64 without AES-NI w/ SUSE Linux Enterprise Server 11 on vCenter SUSE 11; Intel x64 without AES-NI w/ SUSE Linux Enterprise Server 12 on vCenter SUSE 11; Intel x64 with AES-NI w/ Red Hat Enterprise Linux 6.7 on vCenter SUSE 11; Intel x64 with AES-NI w/ Red Hat Enterprise Linux 7.1 on vCenter SUSE 11; Intel x64 with AES-NI w/ SUSE Linux Enterprise Server 11 on vCenter SUSE 11; Itanium 2 w/ Red Hat Enterprise Linux 5.11; PowerPC 32-bit w/ Red Hat Enterprise Linux 5.11 on PowerVM 2.2; PowerPC 32-bit w/ SUSE Linux Enterprise Server 11 on PowerVM 2.2; PowerPC 64-bit w/ Red Hat Enterprise Linux 5.11 on PowerVM 2.2; PowerPC 64-bit w/ SUSE Linux Enterprise Server 11 on PowerVM 2.2; Intel x64 without AES-NI w/ FreeBSD 10.2 on vCenter SUSE 11; Intel x64 with AES-NI w/ FreeBSD 10.2 on vCenter SUSE 11; Intel x64 without AES-NI w/ Mac OSX 10.10 on vCenter SUSE 11; Intel x64 with AES-NI w/ Mac OSX 10.10 on vCenter SUSE 11; SPARC v8 w/ Solaris 10; SPARC v8+ w/ Solaris 11; SPARC v9 (T2) w/ Solaris 11; SPARC v9 (T4) without T4 accelerator w/ Solaris 11; Intel x86 without AES-NI w/ Solaris 10 on vCenter SUSE 11; Intel x86 with AES-NI w/ Solaris 10 on vCenter SUSE 11; Intel x64 without AES-NI w/ Solaris 10 on vCenter SUSE 11; Intel x64 with AES-NI w/ Solaris 10 on vCenter SUSE 11; Itanium 2 32-bit w/ HPUX 11.31; Itanium 2 64-bit w/ HPUX 11.31; PA-RISC 2.0 32-bit w/ HPUX 11.31; PA-RISC 2.0W 64-bit w/ HPUX 11.31; PowerPC 32-bit w/ AIX 6.1 on PowerVM 2.2; PowerPC 64-bit w/ AIX 6.1 on PowerVM 2.2; PowerPC 32-bit w/ AIX 7.1 on PowerVM 2.2; PowerPC 64-bit w/ AIX 7.1 on PowerVM 2.2; IBM z196 31/32-bit w/ Red Hat Enterprise Linux 5.11 on z/VM 6.2; IBM z196 64-bit w/ Red Hat Enterprise Linux 5.11 on z/VM 6.2; ARMv7 w/ Fedora Core 20; ARMv7 w/ Ubuntu 12.04 LTS; ARMv8 w/ Fedora Core 22; Intel x86 w/ Android 4.1; ARMv7 w/ Android 4.4; ARMv7 w/ Android 5.1; ARMv8 w/ Android 5.1; PPC 604 w/ VxWorks 6.4; PPC 604 w/ VxWorks 6.7; ARMv4 w/ VxWorks 6.8; SPARC v9 (T4) with T4 accelerator w/ Solaris 11; Intel x64 w/ CentOS 6.6 ;  Intel Core i7 with AES-NI w/ CentOS 7.2; Intel Core i7 without AES-NI w/ CentOS 7.2 11/20/2015 RSADP: (Mod2048)

"RSA BSAFE® Crypto-C ME software is designed to help protect sensitive data as it is stored using strong encryption techniques to provide a persistent level of protection. The software supports a wide range of industry standard encryption algorithms offering developers the flexibility to choose the appropriate option to meet their requirements."

12/18/15: Added new tested information;
12/15/16: Added new tested information;

619
Section 4.2,
TLS
Section 5.1,
ANS X9.63-2001
SP800-135
RSA, The Security Division of EMC
174 Middlesex Turnpike
Bedford, MA 01730
USA

-Rohit Mathur
TEL: +61730325220

RSA BSAFE Crypto-C Micro Edition

Version 4.1.2
Intel x86 without AES-NI w/ Windows Server 2008 Enterprise (/MT) on vCenter SUSE 11; Intel x86 without AES-NI w/ Windows 7 Enterprise (/MT) on vCenter SUSE 11; Intel x86 with AES-NI w/ Windows Server 2008 Enterprise (/MT) on vCenter SUSE 11; Intel x86 with AES-NI w/ Windows 7 Enterprise (/MT) on vCenter SUSE 11; Intel x64 without AES-NI w/ Windows Server 2008 Enterprise R2 (/MD) on vCenter SUSE 11; Intel x64 without AES-NI w/ Windows 7 Enterprise (/MD) on vCenter SUSE 11; Intel x64 with AES-NI w/ Windows Server 2008 Enterprise R2 (/MD) on vCenter SUSE 11; Intel x64 with AES-NI w/ Windows 7 Enterprise (/MD) on vCenter SUSE 11; Intel x86 without AES-NI w/ Windows Server 2008 Enterprise (/MD) on vCenter SUSE 11; Intel x86 without AES-NI w/ Windows 7 Enterprise (/MD) on vCenter SUSE 11; Intel x86 with AES-NI w/ Windows Server 2008 Enterprise (/MD) on vCenter SUSE 11; Intel x86 with AES-NI w/ Windows 7 Enterprise (/MD) on vCenter SUSE 11; Intel x64 without AES-NI w/ Windows Server 2008 Enterprise (/MT) on vCenter SUSE 11; Intel x64 without AES-NI w/ Windows Server 2012 Standard R2 (/MT) on vCenter SUSE 11; Intel x64 without AES-NI w/ Windows 7 Enterprise (/MT) on vCenter SUSE 11; Intel x64 without AES-NI w/ Windows 8 Enterprise (/MT) on vCenter SUSE 11; Intel x64 with AES-NI w/ Windows Server 2008 Enterprise (/MT) on vCenter SUSE 11; Intel x64 with AES-NI w/ Windows Server 2012 Standard R2 (/MT) on vCenter SUSE 11; Intel x64 with AES-NI w/ Windows 7 Enterprise (/MT) on vCenter SUSE 11; Intel x64 with AES-NI w/ Windows 8 Enterprise (/MT) on vCenter SUSE 11; Intel x86 without AES-NI w/ Windows 8 Enterprise (/MT) on vCenter SUSE 11; Intel x86 without AES-NI w/ Windows 10 Enterprise (/MD) on vCenter SUSE 11; Intel x86 with AES-NI w/ Windows 8 Enterprise (/MT) on vCenter SUSE 11; Intel x86 with AES-NI w/ Windows 10 Enterprise (/MD) on vCenter SUSE 11; Intel x64 without AES-NI w/ Windows 8 Enterprise (/MT) on vCenter SUSE 11; Intel x64 without AES-NI w/ Windows 10 Enterprise (/MD) on vCenter SUSE 11; Intel x64 without AES-NI w/ Windows Server 2012 Standard R2 (/MD) on vCenter SUSE 11; Intel x64 with AES-NI w/ Windows 8 Enterprise (/MT) on vCenter SUSE 11; Intel x64 with AES-NI w/ Windows 10 Enterprise (/MD) on vCenter SUSE 11; Intel x64 with AES-NI w/ Windows Server 2012 Standard R2 (/MD) on vCenter SUSE 11; Itanium 2 w/ Windows Server 2008 Enterprise (/MD); Itanium 2 w/ Windows Server 2008 Enterprise (/MT); Intel x86 without AES-NI w/ Red Hat Enterprise Linux 5.11 on vCenter SUSE 11; Intel x86 with AES-NI w/ Red Hat Enterprise Linux 5.11 on vCenter SUSE 11; Intel x64 without AES-NI w/ Red Hat Enterprise Linux 5.11 on vCenter SUSE 11; Intel x64 with AES-NI w/ Red Hat Enterprise Linux 5.11 on vCenter SUSE 11; Intel x86 without AES-NI w/ Red Hat Enterprise Linux 6.7 on vCenter SUSE 11; Intel x86 without AES-NI w/ Red Hat Enterprise Linux 7.1 on vCenter SUSE 11; Intel x86 without AES-NI w/ SUSE Linux Enterprise Server 11 on vCenter SUSE 11; Intel x86 without AES-NI w/ SUSE Linux Enterprise Server 12 on vCenter SUSE 11; Intel x86 with AES-NI w/ Red Hat Enterprise Linux 6.7 on vCenter SUSE 11; Intel x86 with AES-NI w/ SUSE Linux Enterprise Server 11 on vCenter SUSE 11; Intel x86 with AES-NI w/ SUSE Linux Enterprise Server 12 on vCenter SUSE 11; Intel x64 without AES-NI w/ Red Hat Enterprise Linux 6.7 on vCenter SUSE 11; Intel x64 without AES-NI w/ Red Hat Enterprise Linux 7.1 on vCenter SUSE 11; Intel x64 without AES-NI w/ SUSE Linux Enterprise Server 11 on vCenter SUSE 11; Intel x64 without AES-NI w/ SUSE Linux Enterprise Server 12 on vCenter SUSE 11; Intel x64 with AES-NI w/ Red Hat Enterprise Linux 6.7 on vCenter SUSE 11; Intel x64 with AES-NI w/ Red Hat Enterprise Linux 7.1 on vCenter SUSE 11; Intel x64 with AES-NI w/ SUSE Linux Enterprise Server 11 on vCenter SUSE 11; Itanium 2 w/ Red Hat Enterprise Linux 5.11; PowerPC 32-bit w/ Red Hat Enterprise Linux 5.11 on PowerVM 2.2; PowerPC 32-bit w/ SUSE Linux Enterprise Server 11 on PowerVM 2.2; PowerPC 64-bit w/ Red Hat Enterprise Linux 5.11 on PowerVM 2.2; PowerPC 64-bit w/ SUSE Linux Enterprise Server 11 on PowerVM 2.2; Intel x64 without AES-NI w/ FreeBSD 10.2 on vCenter SUSE 11; Intel x64 with AES-NI w/ FreeBSD 10.2 on vCenter SUSE 11; Intel x64 without AES-NI w/ Mac OSX 10.10 on vCenter SUSE 11; Intel x64 with AES-NI w/ Mac OSX 10.10 on vCenter SUSE 11; SPARC v8 w/ Solaris 10; SPARC v8+ w/ Solaris 11; SPARC v9 (T2) w/ Solaris 11; SPARC v9 (T4) without T4 accelerator w/ Solaris 11; Intel x86 without AES-NI w/ Solaris 10 on vCenter SUSE 11; Intel x86 with AES-NI w/ Solaris 10 on vCenter SUSE 11; Intel x64 without AES-NI w/ Solaris 10 on vCenter SUSE 11; Intel x64 with AES-NI w/ Solaris 10 on vCenter SUSE 11; Itanium 2 32-bit w/ HPUX 11.31; Itanium 2 64-bit w/ HPUX 11.31; PA-RISC 2.0 32-bit w/ HPUX 11.31; PA-RISC 2.0W 64-bit w/ HPUX 11.31; PowerPC 32-bit w/ AIX 6.1 on PowerVM 2.2; PowerPC 64-bit w/ AIX 6.1 on PowerVM 2.2; PowerPC 32-bit w/ AIX 7.1 on PowerVM 2.2; PowerPC 64-bit w/ AIX 7.1 on PowerVM 2.2; IBM z196 31/32-bit w/ Red Hat Enterprise Linux 5.11 on z/VM 6.2; IBM z196 64-bit w/ Red Hat Enterprise Linux 5.11 on z/VM 6.2; ARMv7 w/ Fedora Core 20; ARMv7 w/ Ubuntu 12.04 LTS; ARMv8 w/ Fedora Core 22; Intel x86 w/ Android 4.1; ARMv7 w/ Android 4.4; ARMv7 w/ Android 5.1; ARMv8 w/ Android 5.1; PPC 604 w/ VxWorks 6.4; PPC 604 w/ VxWorks 6.7; ARMv4 w/ VxWorks 6.8; SPARC v9 (T4) with T4 accelerator w/ Solaris 11; Intel x64 w/ CentOS 6.6 ;  Intel Core i7 with AES-NI w/ CentOS 7.2; Intel Core i7 without AES-NI w/ CentOS 7.2 11/20/2015 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#2958 HMAC Val#2293
ANSX963_2001 (SHS 224 , 256 , 384 , 512 ) SHA Val#2958

"RSA BSAFE® Crypto-C ME software is designed to help protect sensitive data as it is stored using strong encryption techniques to provide a persistent level of protection. The software supports a wide range of industry standard encryption algorithms offering developers the flexibility to choose the appropriate option to meet their requirements."

12/18/15: Added new tested information;
12/15/16: Added new tested information;

618
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
RSA, The Security Division of EMC
174 Middlesex Turnpike
Bedford, MA 01730
USA

-Rohit Mathur
TEL: +61730325220

RSA BSAFE Crypto-C Micro Edition

Version 4.1.2
Intel x86 without AES-NI w/ Windows Server 2008 Enterprise (/MT) on vCenter SUSE 11; Intel x86 without AES-NI w/ Windows 7 Enterprise (/MT) on vCenter SUSE 11; Intel x86 with AES-NI w/ Windows Server 2008 Enterprise (/MT) on vCenter SUSE 11; Intel x86 with AES-NI w/ Windows 7 Enterprise (/MT) on vCenter SUSE 11; Intel x64 without AES-NI w/ Windows Server 2008 Enterprise R2 (/MD) on vCenter SUSE 11; Intel x64 without AES-NI w/ Windows 7 Enterprise (/MD) on vCenter SUSE 11; Intel x64 with AES-NI w/ Windows Server 2008 Enterprise R2 (/MD) on vCenter SUSE 11; Intel x64 with AES-NI w/ Windows 7 Enterprise (/MD) on vCenter SUSE 11; Intel x86 without AES-NI w/ Windows Server 2008 Enterprise (/MD) on vCenter SUSE 11; Intel x86 without AES-NI w/ Windows 7 Enterprise (/MD) on vCenter SUSE 11; Intel x86 with AES-NI w/ Windows Server 2008 Enterprise (/MD) on vCenter SUSE 11; Intel x86 with AES-NI w/ Windows 7 Enterprise (/MD) on vCenter SUSE 11; Intel x64 without AES-NI w/ Windows Server 2008 Enterprise (/MT) on vCenter SUSE 11; Intel x64 without AES-NI w/ Windows Server 2012 Standard R2 (/MT) on vCenter SUSE 11; Intel x64 without AES-NI w/ Windows 7 Enterprise (/MT) on vCenter SUSE 11; Intel x64 without AES-NI w/ Windows 8 Enterprise (/MT) on vCenter SUSE 11; Intel x64 with AES-NI w/ Windows Server 2008 Enterprise (/MT) on vCenter SUSE 11; Intel x64 with AES-NI w/ Windows Server 2012 Standard R2 (/MT) on vCenter SUSE 11; Intel x64 with AES-NI w/ Windows 7 Enterprise (/MT) on vCenter SUSE 11; Intel x64 with AES-NI w/ Windows 8 Enterprise (/MT) on vCenter SUSE 11; Intel x86 without AES-NI w/ Windows 8 Enterprise (/MT) on vCenter SUSE 11; Intel x86 without AES-NI w/ Windows 10 Enterprise (/MD) on vCenter SUSE 11; Intel x86 with AES-NI w/ Windows 8 Enterprise (/MT) on vCenter SUSE 11; Intel x86 with AES-NI w/ Windows 10 Enterprise (/MD) on vCenter SUSE 11; Intel x64 without AES-NI w/ Windows 8 Enterprise (/MT) on vCenter SUSE 11; Intel x64 without AES-NI w/ Windows 10 Enterprise (/MD) on vCenter SUSE 11; Intel x64 without AES-NI w/ Windows Server 2012 Standard R2 (/MD) on vCenter SUSE 11; Intel x64 with AES-NI w/ Windows 8 Enterprise (/MT) on vCenter SUSE 11; Intel x64 with AES-NI w/ Windows 10 Enterprise (/MD) on vCenter SUSE 11; Intel x64 with AES-NI w/ Windows Server 2012 Standard R2 (/MD) on vCenter SUSE 11; Itanium 2 w/ Windows Server 2008 Enterprise (/MD); Itanium 2 w/ Windows Server 2008 Enterprise (/MT); Intel x86 without AES-NI w/ Red Hat Enterprise Linux 5.11 on vCenter SUSE 11; Intel x86 with AES-NI w/ Red Hat Enterprise Linux 5.11 on vCenter SUSE 11; Intel x64 without AES-NI w/ Red Hat Enterprise Linux 5.11 on vCenter SUSE 11; Intel x64 with AES-NI w/ Red Hat Enterprise Linux 5.11 on vCenter SUSE 11; Intel x86 without AES-NI w/ Red Hat Enterprise Linux 6.7 on vCenter SUSE 11; Intel x86 without AES-NI w/ Red Hat Enterprise Linux 7.1 on vCenter SUSE 11; Intel x86 without AES-NI w/ SUSE Linux Enterprise Server 11 on vCenter SUSE 11; Intel x86 without AES-NI w/ SUSE Linux Enterprise Server 12 on vCenter SUSE 11; Intel x86 with AES-NI w/ Red Hat Enterprise Linux 6.7 on vCenter SUSE 11; Intel x86 with AES-NI w/ SUSE Linux Enterprise Server 11 on vCenter SUSE 11; Intel x86 with AES-NI w/ SUSE Linux Enterprise Server 12 on vCenter SUSE 11; Intel x64 without AES-NI w/ Red Hat Enterprise Linux 6.7 on vCenter SUSE 11; Intel x64 without AES-NI w/ Red Hat Enterprise Linux 7.1 on vCenter SUSE 11; Intel x64 without AES-NI w/ SUSE Linux Enterprise Server 11 on vCenter SUSE 11; Intel x64 without AES-NI w/ SUSE Linux Enterprise Server 12 on vCenter SUSE 11; Intel x64 with AES-NI w/ Red Hat Enterprise Linux 6.7 on vCenter SUSE 11; Intel x64 with AES-NI w/ Red Hat Enterprise Linux 7.1 on vCenter SUSE 11; Intel x64 with AES-NI w/ SUSE Linux Enterprise Server 11 on vCenter SUSE 11; Itanium 2 w/ Red Hat Enterprise Linux 5.11; PowerPC 32-bit w/ Red Hat Enterprise Linux 5.11 on PowerVM 2.2; PowerPC 32-bit w/ SUSE Linux Enterprise Server 11 on PowerVM 2.2; PowerPC 64-bit w/ Red Hat Enterprise Linux 5.11 on PowerVM 2.2; PowerPC 64-bit w/ SUSE Linux Enterprise Server 11 on PowerVM 2.2; Intel x64 without AES-NI w/ FreeBSD 10.2 on vCenter SUSE 11; Intel x64 with AES-NI w/ FreeBSD 10.2 on vCenter SUSE 11; Intel x64 without AES-NI w/ Mac OSX 10.10 on vCenter SUSE 11; Intel x64 with AES-NI w/ Mac OSX 10.10 on vCenter SUSE 11; SPARC v8 w/ Solaris 10; SPARC v8+ w/ Solaris 11; SPARC v9 (T2) w/ Solaris 11; SPARC v9 (T4) without T4 accelerator w/ Solaris 11; Intel x86 without AES-NI w/ Solaris 10 on vCenter SUSE 11; Intel x86 with AES-NI w/ Solaris 10 on vCenter SUSE 11; Intel x64 without AES-NI w/ Solaris 10 on vCenter SUSE 11; Intel x64 with AES-NI w/ Solaris 10 on vCenter SUSE 11; Itanium 2 32-bit w/ HPUX 11.31; Itanium 2 64-bit w/ HPUX 11.31; PA-RISC 2.0 32-bit w/ HPUX 11.31; PA-RISC 2.0W 64-bit w/ HPUX 11.31; PowerPC 32-bit w/ AIX 6.1 on PowerVM 2.2; PowerPC 64-bit w/ AIX 6.1 on PowerVM 2.2; PowerPC 32-bit w/ AIX 7.1 on PowerVM 2.2; PowerPC 64-bit w/ AIX 7.1 on PowerVM 2.2; IBM z196 31/32-bit w/ Red Hat Enterprise Linux 5.11 on z/VM 6.2; IBM z196 64-bit w/ Red Hat Enterprise Linux 5.11 on z/VM 6.2; ARMv7 w/ Fedora Core 20; ARMv7 w/ Ubuntu 12.04 LTS; ARMv8 w/ Fedora Core 22; Intel x86 w/ Android 4.1; ARMv7 w/ Android 4.4; ARMv7 w/ Android 5.1; ARMv8 w/ Android 5.1; PPC 604 w/ VxWorks 6.4; PPC 604 w/ VxWorks 6.7; ARMv4 w/ VxWorks 6.8; SPARC v9 (T4) with T4 accelerator w/ Solaris 11; Intel x64 w/ CentOS 6.6 ;  Intel Core i7 with AES-NI w/ CentOS 7.2; Intel Core i7 without AES-NI w/ CentOS 7.2 11/20/2015 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"RSA BSAFE® Crypto-C ME software is designed to help protect sensitive data as it is stored using strong encryption techniques to provide a persistent level of protection. The software supports a wide range of industry standard encryption algorithms offering developers the flexibility to choose the appropriate option to meet their requirements."

12/18/15: Added new tested information;
12/15/16: Added new tested information;

617
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Fortinet Inc.
1090 Kifer Road
Sunnyvale, CA 94086-5301
USA

-Daniel Hayes
TEL: 613-225-9381 x7643
FAX: 613-225-9951

-Alan Kaye
TEL: 613-225-9381 x7416
FAX: 613-225-9951

Fortinet FortiAnalyzer SSL Cryptographic Library

Version 5.2.4 (Firmware)
Intel Celeron 11/20/2015 TLS( TLS1.0/1.1 ) SHA Val#2957 HMAC Val#2292
SSH (SHA 1 , 256 , 512 ) SHA Val#2957

"This document focuses on the software implementation of the Fortinet FortiAnalyzer SSL Cryptographic Library v5.0 running on Intel x86 compatible processors."

616
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Fortinet Inc.
1090 Kifer Road
Sunnyvale, CA 94086-5301
USA

-Daniel Hayes
TEL: 613-225-9381 x7643
FAX: 613-225-9951

-Alan Kaye
TEL: 613-225-9381 x7416
FAX: 613-225-9951

Fortinet FortiManager SSL Cryptographic Library

Version 5.2.4 (Firmware)
Intel Xeon E3; Intel Xeon E5 11/20/2015 TLS( TLS1.0/1.1 ) SHA Val#2956 HMAC Val#2291
SSH (SHA 1 , 256 , 512 ) SHA Val#2956

"This document focuses on the software implementation of the Fortinet FortiManager SSL Cryptographic Library v5.0 running on Intel x86 compatible processors."

615
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
NetApp, Inc.
495 East Java Drive
Fourth Floor
Sunnyvale, CA 94089
USA

-Mike Scanlin
TEL: 919.476.8578
FAX: 919.476.4272

NetApp Cryptographic Security Module Algorithm Implementations

Version 1.0
Intel Xeon with AES-NI (AVA 400 appliance) w/ AVOS v4.0.1; Intel Xeon with AES-NI (AVA 800 appliance) w/ AVOS v4.0.1; Intel Xeon with AES-NI (AVA VM ESXi5.5) w/ AVOS v4.0.1; Intel Xeon with AES-NI w/ Debian Linux 8.1; Intel Xeon without AES-NI w/ Debian Linux 8.1; Intel Xeon with AES-NI w/ FreeBSD 9.1; Intel Xeon without AES-NI w/ FreeBSD 9.1; Intel Xeon with AES-NI w/ Scientific Linux 6.1; Intel Xeon without AES-NI w/ Scientific Linux 6.1; Intel Xeon with AES-NI w/ SUSE Linux 11; Intel Xeon without AES-NI w/ SUSE Linux 11 11/20/2015 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"NCSM will be integrated into select NetApp operating systems and data management products for the purpose of providing FIPS 140-2 compliant management channel encryption."

614
Signature Generation of hash sized messages
FIPS186-4 ECDSA
Chunghwa Telecom Co., Ltd. Telecommunication Laboratories
No.99, Dianyan Rd.
Yang-Mei, Taoyuan 326
Taiwan, ROC

-Yeou-Fuh Kuan
TEL: +886-3-424-4333
FAX: +886-3-424-4129

-Char-Shin Miou
TEL: +886-3-424-4381
FAX: +886-3-424-4129

HiCOS Cryptographic Library

Version 3.7 (Firmware)
Renesas RS-4 series 11/9/2015 ECDSA SigGen Component: CURVES( P-224 P-256 P-384 )

"It supports SHA-1, SHA-256, SHA-384, SHA-512, Hash-DRBG, 3DES-3Key-MAC, 3DES-3Key encrypt/decrypt, ECDSA(p-224/256/384), RSA 2048 encrypt/decrypt (including RSA-CRT), RSA signature generation /verification(including RSA-CRT) and APDU command/response encryption and/or MAC."

613
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Utimaco IS GmbH
Germanusstraße 4
Aachen, n/a 52080
Germany

-Dr. Gesa Ott
TEL: +49 241-1696-200
FAX: +49 241-1696-199

-Dieter Bong
TEL: +49 241-1696-200
FAX: +49 241-1696-199

CryptoServer CSe ECDSA

Version ecdsa1.1.6.0_eca1.1.5.2 (Firmware)
Texas Instruments TMS320C6457 11/6/2015 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"ECDSA Component implements all ECDSA key sizes and curves to allow flexibility and efficiency."

612
Section 4.2,
TLS
SP800-135
Vormetric, Inc.
2545 North 1st Street
San Jose, CA 95131
USA

-Oliver Galvez
TEL: (408) 433-6000
FAX: (408) 844-8637

-Peter Tsai
TEL: (408) 433-6000
FAX: (408) 844-8637

Vormetric Data Security Manager Virtual Appliance Module

Version 5.3.0
Intel Xeon w/ Centos 5.11 (64-bit) on VMware ESXi 5.5.0 11/6/2015 TLS( TLS1.0/1.1 ) SHA Val#2949 HMAC Val#2287

"Vormetric Data Security Manager (Virtual Appliance) that creates, stores and manages security objects such as keys, certificates and access control policies for distributed encryption agents"

611
Section 4.1.1,
IKEv1
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Hewlett Packard Enterprise
153 Taylor Street
Littleton, MA 01460
USA

-Bob Pittman
TEL: 1-978-264-5211
FAX: 1-978-264-5522

HPE Comware

Version Comware V5.2-R2514 (Firmware)
Freescale P1010, 553M, PowerPC; Freescale P1016, 667M, PowerPC 11/6/2015 IKEv1( AUTH( DSA , PSK ) ) ( 2048 (SHA 1 ) ) SHA Val#2945 HMAC Val#2283
TLS( TLS1.0/1.1 ) SHA Val#2945 HMAC Val#2283
SSH (SHA 1 ) SHA Val#2945
SNMP SHA1 Val#2945

"Comware cryptographic library is a software library that provides cryptographic functions within HP devices."

610
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Century Longmai Technology Co. Ltd
3rd Floor, Gongkong Building
No. 1 Wangzhuang Rd
Haidian District
Beijing, N/A 100083
China

-Lemon Yang
TEL: 86 13810314817
FAX: 86 10 62313636

mToken CryptoID

Part # SCC-X
N/A 11/6/2015 Curves tested: P-256   P-521

"mToken CryptoID is designed based on a secure smartcard chip that utilizes the in-built mCOS to communicate with computer device via USB interface in a "plug and play" manner. It can realize various Public Key Infrastructure (PKI) applications including digital signature, online authentications, online transactions, software security, etc."

609
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Harris Corporation
1680 University Avenue
Rochester, NY 14610
USA

-Steven Ruggieri
TEL: 585-239-7806
FAX: 585-241-8159

-Suzanne Kwak
TEL: 585-242-4686
FAX: 585-241-8159

Harris Broadband Ethernet Radio GPP Cryptographic Library

Version 4.10a (Firmware)
Broadcom XLS108 11/6/2015 TLS( TLS1.0/1.1 ) SHA Val#2943 HMAC Val#2281
SSH (SHA 1 , 256 ) SHA Val#2943
SNMP SHA1 Val#2943

"This is a firmware library which executes on a general purpose processor to provide cryptographic functions for Harris'' industry leading reliable, secure, and high performance Broadband Ethernet Radio (BER) products: RF-7800-OU50x/-OU47x/-OU49x."

608
Section 4.2,
TLS
SP800-135
iboss Cybersecurity
9950 Summers Ridge Rd.
Suite 160
San Diego, CA 92131
USA

-Peter Martini
TEL: 858-568-7051
FAX: 858-225-6158

-Christopher Park
TEL: 858-568-7051
FAX: 858-225-6158

Firesphere OpenSSL

Version 7.1.0.0 (Firmware)
Intel Xeon E5-1650v2 with AES-NI; Intel Xeon 2x E5-2650 with AES-NI 10/23/2015 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#2932 HMAC Val#2273

"FireSphere OpenSSL is a suite of FIPS approved algorithms. The following algorithms are supported: AES 128 and 256, SP800-90A CTR DRBG 128 and 256, RSA SIGVer 1024, 2048, and 3072, RSA SigGen 2048 and 3072, RSA KeyGen 2048 and 3072, SHA and HMAC-SHA 1, 224, 256, 384, and 512, and RSA key wrapping."

607
Section 4.2,
TLS
SP800-135
iboss Cybersecurity
9950 Summers Ridge Rd.
Suite 160
San Diego, CA 92131
USA

-Peter Martini
TEL: 858-568-7051
FAX: 858-225-6158

-Christopher Park
TEL: 858-568-7051
FAX: 858-225-6158

Firesphere Java

Version 7.1.0.0 (Firmware)
Intel Xeon E5-1650v2 with AES-NI; Intel Xeon 2x E5-2650 with AES-NI 10/23/2015 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#2931 HMAC Val#2269

"FireSphere Java is a suite of FIPS approved algorithms. The following algorithms are supported: AES 128 and 256, RSA SIGVer 1024, 2048, and 3072, SHA and HMAC-SHA 1, 224, 256, 384, and 512, and RSA key wrapping."

606
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
iDirect Government
13921 Park Center Road, Suite 600
Herndon, VA 20171
USA

-Chris Gormont
TEL: 703-880-6257
FAX: 703-648-8088

-Tony Tran
TEL: 703-880-6243
FAX: 703-648-8088

Satellite Communication

Version 2.0 (Firmware)
Intel EWIXP465BAET 667 MHz 10/23/2015 TLS( TLS1.2 (SHA 256 , 512 ) ) SHA Val#2927 HMAC Val#2267
SSH (SHA 256 , 512 ) SHA Val#2927

"VT iDirect, Inc''s firmware cryptographic module, Secure Satelite Broadband Solution, provides all cryptographic operations for the management of iDirect''s Transmission Security (TRANSEC) feature. The cryptographic module supports key management algorithms that allow for each member of the network to receive and decrypt data."

02/26/16: Updated implementation information;

605
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
SP800-135
Motorola Solutions Systems Polska Sp. z o.o.
Czerwone Maki 82
Krakow, n/a 30-392
Poland

-Tomasz Chmiel
TEL: +48 12 29 79 000
FAX: +48 12 29 79 001

-Tomasz Rypina
TEL: +48 12 29 79 000
FAX: +48 12 29 79 001

IKEv1/IKEv2-KDF

Version 16.8.1.04 (Firmware)
Freescale MPC-7457; Freescale MPC-8568E 10/23/2015 IKEv1( AUTH( PSK ) ) ( 2048 (SHA 1 ) ) ( 2048 (SHA 1 ) ) SHA Val#2926
IKEv2( ( 2048 (SHA 1 ) ) ( 2048 (SHA 1 ) ) SHA Val#2926

"IKEv1/IKEv2 Key Derivation functions are used to derive keying material for IKE in S6000 and GGM8000 network devices."

604
Section 5.4, SNMP
SP800-135
Motorola Solutions Systems Polska Sp. z o.o.
Czerwone Maki 82
Krakow, n/a 30-392
Poland

-Tomasz Chmiel
TEL: +48 12 29 79 000
FAX: +48 12 29 79 001

-Tomasz Rypina
TEL: +48 12 29 79 000
FAX: +48 12 29 79 001

Net-SNMP

Version 5.3.0.1 (Firmware)
Freescale MPC-7457 10/23/2015 SNMP SHA1 Val#2926

"SNMP Key Derivation function is used to derive shared secret key for SNMP agent in S6000 and GGM8000 network devices."

603
Section 5.2, SSH
SP800-135
Motorola Solutions Systems Polska Sp. z o.o.
Czerwone Maki 82
Krakow, n/a 30-392
Poland

-Tomasz Chmiel
TEL: +48 12 29 79 000
FAX: +48 12 29 79 001

-Tomasz Rypina
TEL: +48 12 29 79 000
FAX: +48 12 29 79 001

OpenSSH

Version 6.7p1 (Firmware)
Freescale MPC-7457; Freescale MPC-8568E 10/23/2015 SSH (SHA 1 , 256 , 384 , 512 ) SHA Val#2926

"OpenSSH - SSH Key Derivation function and HMAC-SHA-1 are used to derive keying material for SSH and provide authentication function in SSH in S6000 and GGM8000 network devices."

602
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Wistron NeWeb Corporation
20 PARK AVE II HSINCHU SCIENCE PARK
HSINCHU, n/a 308
Taiwan

-Marcus Ting
TEL: (03) 666-7799 ext 33

UBC-TN6

Version 3.6.0
Processor : ARM w/ OS : Threadx 10/23/2015 Curves tested: P-256

"• use SHA-256, as specified in FIPS 180-4[1], as the Hash function;"

601
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 4083330480
FAX: 4083338101

Brocade FIPS Crypto Library

Version 6.0.2 (Firmware)
E500mc 10/16/2015 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 ) ) SHA Val#2924 HMAC Val#2264
SSH (SHA 1 , 224 , 256 , 384 , 512 ) SHA Val#2924
SNMP SHA1 Val#2924

"The Brocade cryptographic library used in Brocade IP products implements crypto operations in software. The Brocade stackable switch delivers the performance, flexibility, and scalability required for enterprise Gigabit Ethernet (GbE) access deployment. It offers market-leading stacking density with up to 12 switches per stack and combines chassis-"

600
Section 5.7.1.2: ECC CDH Primitive

All of SP800-56A EXCEPT KDF
SP800-56A

SP800-56A
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 4083330480
FAX: 4083338101

Brocade FIPS Crypto Library

Version 6.0.2 (Firmware)
E500mc 10/16/2015 Curves tested: P-256   P-384   P-521
FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FC SHS Val#2924 DRBG Val#901

"The Brocade cryptographic library used in Brocade IP products implements crypto operations in software. The Brocade stackable switch delivers the performance, flexibility, and scalability required for enterprise Gigabit Ethernet (GbE) access deployment. It offers market-leading stacking density with up to 12 switches per stack and combines chassis-"

599
Section 5.2, SSH
SP800-135
McAfee, Inc.
2821 Mission College Blvd.
Santa Clara, CA 95054
USA

-James Reardon
TEL: (651) 628-2700
FAX: (651) 628-2701

McAfee NSP NS SSH Lib

Version 6.4_8.1.17.14 (Firmware)
Intel Xeon E5 10/16/2015 SSH (SHA 1 , 256 , 512 ) SHA Val#2612

"Cryptographic services for the McAfee NSP Intrusion Prevention appliances"

03/30/16: Updated implementation information;

598
Section 5.2, SSH
SP800-135
McAfee, Inc.
2821 Mission College Blvd.
Santa Clara, CA 95054
USA

-James Reardon
TEL: (651) 628-2700
FAX: (651) 628-2701

McAfee NSP M SSH Lib

Version 6.4_8.1.15.11 (Firmware)
Broadcom XLR 10/16/2015 SSH (SHA 1 , 256 , 512 ) SHA Val#2610

"Cryptographic services for the McAfee NSP Intrusion Prevention appliances"

597
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Gemalto
Avenue du Jujubier
Z.I Athelia IV
La Ciotat, 13705
France

-Frederic GARNIER
TEL: +33 442364368
FAX: +33 442366953

-Carlos Romero-liceras
TEL: +33 442365666
FAX: +33 442365545

Cryptographic library for TOP DL V2.1

Version FM Version 2.1 (Firmware)
Part # NXP P60
NXP SmartMX2 P60 chip family 10/16/2015 Curves tested: P-224   P-256   P-384   P-521

"TOP DL V2.1 is a highly secured smartcard platform compliant with the Javacard 2.2.2, GP 2.1.1 & GP 2.2 Amdt D standards, designed to operate with the NXP P60xx chip. It supports: TDES, AES, AES-CMAC, SHA1-224-256-384-512, RSA, RSA CRT, ECDSA, ECC CDH, KDF SP800-108 & DRBG SP800-90A algorithms."

06/17/16: Updated vendor and implementation information;

596
Section 4.2,
TLS
SP800-135
Nuvoton Technology Corporation
No. 4, Creation Rd. III
Hsinchu Science Park, n/a 300
Taiwan, R.O.C.

-Yossi Talmi
TEL: +972-9-9702364
FAX: +972-9-9702001

-Oren Tanami
TEL: +972-9-9702390
FAX: +972-9-9702001

Nuvoton NPCT6xx TPM 2.0 Cryptographic Engine

Part # FB5C85E
N/A 10/9/2015 TLS( ) SHA Val#2920 HMAC Val#2263

"Nuvoton TPM (Trusted Platform Module), a TCG 2.0 compliant security processor with embedded firmware"

595
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Nuvoton Technology Corporation
No. 4, Creation Rd. III
Hsinchu Science Park, n/a 300
Taiwan, R.O.C.

-Yossi Talmi
TEL: +972-9-9702364
FAX: +972-9-9702001

-Oren Tanami
TEL: +972-9-9702390
FAX: +972-9-9702001

Nuvoton NPCT6xx TPM 2.0 Cryptographic Engine

Part # FB5C85E
N/A 10/9/2015 Curves tested: P-256

"Nuvoton TPM (Trusted Platform Module), a TCG 2.0 compliant security processor with embedded firmware"

594
Section 5.5, TPM
SP800-135
Nuvoton Technology Corporation
No. 4, Creation Rd. III
Hsinchu Science Park, n/a 300
Taiwan, R.O.C.

-Yossi Talmi
TEL: +972-9-9702364
FAX: +972-9-9702001

-Oren Tanami
TEL: +972-9-9702390
FAX: +972-9-9702001

Nuvoton NPCT6xx TPM 2.0 Cryptographic Engine

Part # FB5C85D
N/A 10/9/2015 TPM SHA1 Val#2919 HMAC_SHA1 Val#2262

"Nuvoton TPM (Trusted Platform Module), a TCG 2.0 compliant security processor with embedded firmware"

593
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Nuvoton Technology Corporation
No. 4, Creation Rd. III
Hsinchu Science Park, n/a 300
Taiwan, R.O.C.

-Yossi Talmi
TEL: +972-9-9702364
FAX: +972-9-9702001

-Oren Tanami
TEL: +972-9-9702390
FAX: +972-9-9702001

Nuvoton NPCT6xx TPM 2.0 Cryptographic Engine

Part # FB5C85D
N/A 10/9/2015 Curves tested: P-256

"Nuvoton TPM (Trusted Platform Module), a TCG 2.0 compliant security processor with embedded firmware"

592
Section 4.1.1,
IKEv1
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Hewlett Packard Enterprise
153 Taylor Street
Littleton, MA 01460
USA

-Bob Pittman
TEL: 1-978-264-5211
FAX: 1-978-264-5522

HPE Comware

Version Comware V5.2-R3303 (Firmware)
Freescale P2020, 1.0GHz, PowerPC; Freescale P4080, 1.5GHz, PowerPC 9/30/2015 IKEv1( AUTH( DSA , PSK ) ) ( 2048 (SHA 1 ) ) SHA Val#2918 HMAC Val#2261
TLS( TLS1.0/1.1 ) SHA Val#2918 HMAC Val#2261
SSH (SHA 1 ) SHA Val#2918
SNMP SHA1 Val#2918

"Comware cryptographic library is a software library that provides cryptographic functions within HP devices."

591
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Advanced Card Systems Ltd.
Units 2010-2013, 20/F Chevalier Commercial Centre
8 Wang Hoi Road Kowloon Bay
Hong Kong,

-Andrew Chan
TEL: +852-27967873
FAX: +852-27961286

ACOS5-64

Version 3.00 (Firmware)
ST23YL80 Version PU7 9/30/2015 RSASP1: (Mod2048: PKCS1.5 )

"ACOS5-64 is an advanced cryptographic module specifically designed for the Public Key Infrastructure (PKI)-based applications. With its powerful cryptographic capabilities, it enhances the security and performance of RSA public key cryptographic operations that are essential to the stringent requirements of high-level security applications."

590
Section 4.2,
TLS
SP800-135
Vormetric, Inc.
2545 North 1st Street
San Jose, CA 95131
USA

-Oliver Galvez
TEL: (408) 433-6000
FAX: (408) 844-8637

-Peter Tsai
TEL: (408) 433-6000
FAX: (408) 844-8637

Vormetric Data Security Server Module

Version 5.3.0 (Firmware)
Intel Xeon 9/30/2015 TLS( TLS1.0/1.1 ) SHA Val#2915 HMAC Val#2260

"Vormetric Data Security Manager that creates, stores and manages security objects such as keys, certificates and access control policies for distributed encryption agents"

589
Section 4.2,
TLS
SP800-135
Vormetric, Inc.
2545 North 1st Street
San Jose, CA 95131
USA

-Oliver Galvez
TEL: (408) 433-6000
FAX: (408) 844-8637

-Peter Tsai
TEL: (408) 433-6000
FAX: (408) 844-8637

Vormetric Data Security Server Module

Version 5.3.0 (Firmware)
Intel Xeon 9/30/2015 TLS( TLS1.2 (SHA 256 , 384 ) ) SHA Val#2887 HMAC Val#2234

"Vormetric Data Security Manager that creates, stores and manages security objects such as keys, certificates and access control policies for distributed encryption agents"

588
Section 4.2,
TLS
SP800-135
Hewlett-Packard
Longdown Avenue
Stoke Gifford, Bristol BS34 8QZ
United Kingdom

-Laura Loredo
TEL: +44 117 316 2462

-John Drew
TEL: +44 560 109 0356

OpenSSL

Version 1.0.1p (FIPS 2.0) (Firmware)
ARM966E 9/25/2015 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#2913 HMAC Val#2258

"AES ECB and CBC: 128/256 bits, encryption/decryption. CTR DRBG with Derivation Function. GCM: 128/256 bits, encryption/decryption. HMAC-SHA-1/224/256/384/512. SP 800-135 KDF - TLS 1.0, 1.1 and 1.2, with SHA-256 and SHA-384. RSA: FIPS 186-2 RSA; GenKey9.31; SigGenPKCS1.5; SigVerPKCS1.5; SigVerPSS. SHA-1/224/256/384/512."

587
Section 4.1.2,
IKEv2
SP800-135
B+B Smartworx
707 Dayton Road
PO Box 1040
Ottawa, IL 61350
USA

-Paul Conway
TEL: 1-800-346-3119
FAX: 815-433-5109

B+B Smartworx Libreswan Cryptographic Module

Version 1.0
ARM Cortex w/ Conel Linux 5 9/25/2015 IKEv2( ( 256 (SHA 1 , 256 , 384 , 512 ) ) ( 2048 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#2896 HMAC Val#2244

"The B+B Smartworx Libreswan Cryptographic Module is a firmware only cryptographic module that provides the IKE protocol version 1 and version 2 key agreement services required for IPSec."

586
Section 4.2,
TLS
SP800-135
Vocera Communications, Inc.
525 Race Street
San Jose, CA 95126
USA

-Ammath Keunemany
TEL: 4088824615
FAX: 4088825101

-Crispin Jacob
TEL: 918042654719

Vocera Cryptographic Module

Version 3.0
Texas Instruments OMAP-L138 w/ Vocera Embedded Linux v3.0 9/25/2015 TLS( TLS1.0/1.1 ) SHA Val#2912 HMAC Val#2257

"Vocera B3000n Badge is a wearable hands-free voice-controlled device that provides easy to use and instantaneous communication on a wireless LAN network. The Vocera Cryptographic Module, embedded in the B3000n Badge ensures protected communications using industry-standard secure wireless communication protocols."

585
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Harris Corporation
1680 University Avenue
Rochester, NY 14610
USA

-Steven Ruggieri
TEL: 585-239-7806
FAX: 585-241-8159

-Suzanne Kwak
TEL: 585-242-4686
FAX: 585-241-8159

Harris Broadband Ethernet Radio GPP Cryptographic Library

Version 4.10 (Firmware)
Broadcom XLS108 9/25/2015 TLS( TLS1.0/1.1 ) SHA Val#2911 HMAC Val#2256
SSH (SHA 1 , 256 ) SHA Val#2911
SNMP SHA1 Val#2911

"This is a firmware library which executes on a general purpose processor to provide cryptographic functions for Harris'' industry leading reliable, secure, and high performance Broadband Ethernet Radio (BER) products: RF-7800-OU50x/-OU47x/-OU49x."

584
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Infineon Technologies AG
Alter Postweg 101
Augsburg, BY 86159
Germany

-Roland Ebrecht
TEL: +49-821-25851-68
FAX: +49-821-25851-40

-Thomas Hoffmann
TEL: +49-821-25851-24
FAX: +49-821-25851-40

Trusted Platform Module 1.2 SLB 9670

Version 6.80.0113.02 (Firmware)
Part # SLB 9670
Infineon SLB 9670 security controller IC 9/18/2015 RSASP1: (Mod2048: PKCS1.5 )

"Infineon Trusted Platform Module 1.2 SLB 9670 is an implementation according to the TPM Main Specification Version 1.2 Revision 116 by Trusted Computing Group."

583
RSADP Primitive
FIPS186-4 RSA; RSADP
Infineon Technologies AG
Alter Postweg 101
Augsburg, BY 86159
Germany

-Roland Ebrecht
TEL: +49-821-25851-68
FAX: +49-821-25851-40

-Thomas Hoffmann
TEL: +49-821-25851-24
FAX: +49-821-25851-40

Trusted Platform Module 1.2 SLB 9670

Version 6.80.0113.02 (Firmware)
Part # SLB 9670
Infineon SLB 9670 security controller IC 9/18/2015 RSADP: (Mod2048)

"Infineon Trusted Platform Module 1.2 SLB 9670 is an implementation according to the TPM Main Specification Version 1.2 Revision 116 by Trusted Computing Group."

582
Section 5.5, TPM
SP800-135
Infineon Technologies AG
Alter Postweg 101
Augsburg, BY 86159
Germany

-Roland Ebrecht
TEL: +49-821-25851-68
FAX: +49-821-25851-40

-Thomas Hoffmann
TEL: +49-821-25851-24
FAX: +49-821-25851-40

Trusted Platform Module 1.2 SLB 9670

Version 6.80.0113.02 (Firmware)
Part # SLB 9670
Infineon SLB 9670 security controller IC 9/18/2015 TPM SHA1 Val#2906 HMAC_SHA1 Val#2252

"Infineon Trusted Platform Module 1.2 SLB 9670 is an implementation according to the TPM Main Specification Version 1.2 Revision 116 by Trusted Computing Group."

581
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Infineon Technologies AG
Alter Postweg 101
Augsburg, BY 86159
Germany

-Roland Ebrecht
TEL: +49-821-25851-68
FAX: +49-821-25851-40

-Thomas Hoffmann
TEL: +49-821-25851-24
FAX: +49-821-25851-40

Trusted Platform Module 1.2 SLB 9660, SLB 9665

Version 4.80.0411.02 (Firmware)
Part # SLB 9660/9665
Infineon SLB 9660 or SLB 9665 security controller IC 9/18/2015 RSASP1: (Mod2048: PKCS1.5 )

"Infineon Trusted Platform Module 1.2 SLB 9660/SLB 9665 is an implementation according to the TPM Main Specification Version 1.2 Revision 116 by Trusted Computing Group."

580
RSADP Primitive
FIPS186-4 RSA; RSADP
Infineon Technologies AG
Alter Postweg 101
Augsburg, BY 86159
Germany

-Roland Ebrecht
TEL: +49-821-25851-68
FAX: +49-821-25851-40

-Thomas Hoffmann
TEL: +49-821-25851-24
FAX: +49-821-25851-40

Trusted Platform Module 1.2 SLB 9660, SLB 9665

Version 4.80.0411.02 (Firmware)
Part # SLB 9660/9665
Infineon SLB 9660 or SLB 9665 security controller IC 9/18/2015 RSADP: (Mod2048)

"Infineon Trusted Platform Module 1.2 SLB 9660/SLB 9665 is an implementation according to the TPM Main Specification Version 1.2 Revision 116 by Trusted Computing Group."

579
Section 5.5, TPM
SP800-135
Infineon Technologies AG
Alter Postweg 101
Augsburg, BY 86159
Germany

-Roland Ebrecht
TEL: +49-821-25851-68
FAX: +49-821-25851-40

-Thomas Hoffmann
TEL: +49-821-25851-24
FAX: +49-821-25851-40

Trusted Platform Module 1.2 SLB 9660, SLB 9665

Version 4.80.0411.02 (Firmware)
Part # SLB 9660/9665
Infineon SLB 9660 or SLB 9665 security controller IC 9/18/2015 TPM SHA1 Val#2905 HMAC_SHA1 Val#2251

"Infineon Trusted Platform Module 1.2 SLB 9660/SLB 9665 is an implementation according to the TPM Main Specification Version 1.2 Revision 116 by Trusted Computing Group."

578
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Intel Corporation
2821 Mission College Blvd.
Santa Clara, CA 95054
USA

-Andy Nissen
TEL: 651-628-5385

McAfee Next Generation Firewall

Version 2.0.8
Intel i3 w/ Linux x86_64 9/11/2015 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"A cryptographic library compiled for Linux on Intel x86_64 compatible processors."

02/11/16: Updated implementation information;

577
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
IBM Corporation
80 Bishop Dr., Unit B
Fredericton, New Brunswick E3C 1B2
Canada

-Sandra Hernandez
TEL: (512) 286-5624

-Marie Fraser
TEL: +353 (21) 730-6043

IBM QCrypto Module

Version 1.0 (Firmware)
Intel XEON Ivy Bridge 9/11/2015 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 ) ) SHA Val#2894 HMAC Val#2242
SSH (SHA 1 , 256 , 512 ) SHA Val#2894

"The algorithms are implemented by OpenSSL version 1.0.1e provided by RedHat. Additional native bridges are implemented by IBM and allow all QRadar components to make cryptographic request to OpenSSL directly."

576
RSADP Primitive
FIPS186-4 RSA; RSADP
Microsoft Corporation
One Microsoft Way
Redmond, WA 98052-6399
USA

-Tim Myers
TEL: 800-Microsoft

Microsoft Windows 10, Microsoft Surface Pro 3 with Windows 10, Microsoft Surface 3 with Windows 10, Microsoft Surface Pro 2 with Windows 10, Microsoft Surface Pro with Windows 10 Cryptography Next Generation (CNG) Implementations

Version 10.0.10240
Intel Core i7 with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows 10 (x64); AMD A4 with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows 10 (x64); Intel Core i3 without AES-NI or PCLMULQDQ or SSSE 3 w/ Windows 10 (x86); AMD A4 with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows 10 Enterprise (x64); Intel x64 Processor with AES-NI w/ Microsoft Surface Pro w/ Windows 10 Enterprise (x64); Intel Core i5 with AES-NI w/ Microsoft Surface Pro 2 w/ Windows 10 Enterprise (x64); Intel Core i7 with AES-NI w/ Microsoft Surface Pro 3 w/ Windows 10 Enterprise (x64); Intel Core i3 without AES-NI or PCLMULQDQ or SSSE 3 w/ Windows 10 Enterprise (x86); AMD A4 with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows 10 Pro (x64); Intel x64 Processor with AES-NI w/ Microsoft Surface Pro w/ Windows 10 Pro (x64); Intel Core i5 with AES-NI w/ Microsoft Surface Pro 2 w/ Windows 10 Pro (x64); Intel Core i7 with AES-NI w/ Microsoft Surface Pro 3 w/ Windows 10 Pro (x64); Intel Core i3 without AES-NI or PCLMULQDQ or SSSE 3 w/ Windows 10 Pro (x86); Intel Atom x7 with AES-NI and PCLMULQDQ and SSSE 3 w/ Microsoft Surface 3 w/ Windows 10 Enterprise (x64) ;  Intel Core i7 with AES-NI and PCLMULQDQ and SSSE 3 w/ Intel Core i7 with AES-NI and PCLMULQDQ and SSSE 3; AMD A4 with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows 10 Enterprise LTSB (x64); Intel Core i3 without AES-NI or PCLMULQDQ or SSSE 3 w/ Windows 10 Enterprise LTSB (x86) 8/31/2015 RSADP: (Mod2048)

"The Microsoft Windows Kernel Mode Cryptographic Primitives Library -- Cryptography Next Generation (CNG) -- is a general purpose, software-based, cryptographic module which provides FIPS 140-2 Level 1 cryptography."

09/17/15: Updated implementation information;
11/10/15: Added new tested information;

575
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
Section 4.2,
TLS
SP800-135
Microsoft Corporation
One Microsoft Way
Redmond, WA 98052-6399
USA

-Tim Myers
TEL: 800-Microsoft

Microsoft Windows 10, Microsoft Surface Pro 3 with Windows 10, Microsoft Surface 3 with Windows 10, Microsoft Surface Pro 2 with Windows 10, Microsoft Surface Pro with Windows 10 BCryptPrimitives and NCryptSSLp

Version 10.0.10240
Intel Core i7 with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows 10 (x64); AMD A4 with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows 10 (x64); Intel Core i3 without AES-NI or PCLMULQDQ or SSSE 3 w/ Windows 10 (x86); AMD A4 with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows 10 Enterprise (x64); Intel x64 Processor with AES-NI w/ Microsoft Surface Pro w/ Windows 10 Enterprise (x64); Intel Core i5 with AES-NI w/ Microsoft Surface Pro 2 w/ Windows 10 Enterprise (x64); Intel Core i7 with AES-NI w/ Microsoft Surface Pro 3 w/ Windows 10 Enterprise (x64); Intel Core i3 without AES-NI or PCLMULQDQ or SSSE 3 w/ Windows 10 Enterprise (x86); AMD A4 with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows 10 Pro (x64); Intel x64 Processor with AES-NI w/ Microsoft Surface Pro w/ Windows 10 Pro (x64); Intel Core i5 with AES-NI w/ Microsoft Surface Pro 2 w/ Windows 10 Pro (x64); Intel Core i7 with AES-NI w/ Microsoft Surface Pro 3 w/ Windows 10 Pro (x64); Intel Core i3 without AES-NI or PCLMULQDQ or SSSE 3 w/ Windows 10 Pro (x86); Intel Atom x7 with AES-NI and PCLMULQDQ and SSSE 3 w/ Microsoft Surface 3 w/ Windows 10 Enterprise (x64) ;  Intel Core i7 with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows 10 Enterprise LTSB (x64); AMD A4 with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows 10 Enterprise LTSB (x64); Intel Core i3 without AES-NI or PCLMULQDQ or SSSE 3 w/ Windows 10 Enterprise LTSB (x86) 8/29/2015 IKEv1( AUTH( DSA , PKE , PSK ) ) ( 2048 (SHA 256 ) ) ( 256 (SHA 256 ) ) ( 384 (SHA 384 ) ) SHA Val#2886 HMAC Val#2233
IKEv2( ( 2048 (SHA 256 ) ) ( 256 (SHA 256 ) ) ( 384 (SHA 384 ) ) SHA Val#2886 HMAC Val#2233
TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#2886 HMAC Val#2233

"The Microsoft Windows Cryptographic Primitives Library provides IKEv1, IKEv2, and TLS Key Derivation Function (KDF) primitives."

09/17/15: Updated implementation information;
10/06/15: Added new tested information;

574
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Fortinet Inc.
1090 Kifer Road
Sunnyvale, CA 94086-5301
USA

-Alan Kaye
TEL: 613-225-9381 x7416
FAX: 613-225-9951

Fortinet FortiMail SSL Cryptographic Library

Version 5.2 (Firmware)
Intel Xeon 8/29/2015 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#2892 HMAC Val#2239
SSH (SHA 1 , 256 ) SHA Val#2892

"This focuses on the firmware implementation of the Fortinet FortiMail SSL Cryptographic Library v5.2 running on Intel x86 compatible processors."

573
Signature Generation of hash sized messages
FIPS186-4 ECDSA
General Dynamics Mission Systems
150 Rustcraft Road
Dedham, MA 02026
USA

-David Aylesworth
TEL: 781-400-6527

Fortress Cryptographic Implementation - SSL

Version 2.1 (Firmware)
RMI Alchemy MIPS Processor; Broadcom XLS Processor 8/18/2015 ECDSA SigGen Component: CURVES( P-256 P-384 )

"The Fortress Cryptographic Implementation suite works in unison to provide security to your wireless and wired networks."

572
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Microsoft Corporation
One Microsoft Way
Redmond, WA 98052-6399
USA

-Tim Myers
TEL: 800-Microsoft

Microsoft Windows 10, Microsoft Surface Pro 3 with Windows 10, Microsoft Surface 3 with Windows 10, Microsoft Surface Pro 2 with Windows 10, Microsoft Surface Pro with Windows 10 MsBignum Cryptographic Implementations

Version 10.0.10240
Intel Core i7 with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows 10 (x64);AMD A4 with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows 10 (x64); Intel Core i3 without AES-NI or PCLMULQDQ or SSSE 3 w/ Windows 10 (x86); AMD A4 with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows 10 Enterprise (x64); Intel x64 Processor with AES-NI w/ Microsoft Surface Pro w/ Windows 10 Enterprise (x64); Intel Core i5 with AES-NI w/ Microsoft Surface Pro 2 w/ Windows 10 Enterprise (x64); Intel Core i7 with AES-NI w/ Microsoft Surface Pro 3 w/ Windows 10 Enterprise (x64); Intel Core i3 without AES-NI or PCLMULQDQ or SSSE 3 w/ Windows 10 Enterprise (x86); AMD A4 with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows 10 Pro (x64); Intel x64 Processor with AES-NI w/ Microsoft Surface Pro w/ Windows 10 Pro (x64); Intel Core i5 with AES-NI w/ Microsoft Surface Pro 2 w/ Windows 10 Pro (x64); Intel Core i7 with AES-NI w/ Microsoft Surface Pro 3 w/ Windows 10 Pro (x64); Intel Core i3 without AES-NI or PCLMULQDQ or SSSE 3 w/ Windows 10 Pro (x86); Intel Atom x7 with AES-NI and PCLMULQDQ and SSSE 3 w/ Microsoft Surface 3 w/ Windows 10 Enterprise (x64) ;  Intel Core i7 with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows 10 Enterprise LTSB (x64); AMD A4 with AES-NI and PCLMULQDQ and SSSE 3 w/ Windows 10 Enterprise LTSB (x64); Intel Core i3 without AES-NI or PCLMULQDQ or SSSE 3 w/ Windows 10 Enterprise LTSB (x86) 8/18/2015 RSASP1: (Mod2048: PKCS1.5 )

"The Microsoft Windows MSBignum Library algorithm implementation provides DSA, ECDSA, and RSA support to other Microsoft libraries and cryptographic modules."

8/19/15: Added new tested information;
09/17/15: Updated implementation information; <10/09/15>: Added new tested information;

571
Signature Generation of hash sized messages
FIPS186-4 ECDSA
Palo Alto Networks
4401 Great America Parkway
Santa Clara, California 95054
USA

-Richard Bishop
TEL: 408-753-4000

-Jake Bajic
TEL: 408-753-3901

Palo Alto Networks Crypto Module (PA VM-series)

Version 7.0 (PAN-OS)
Intel Multi Core Xeon w/ PAN-OS v7.0 on VMware ESXi 5.5; Intel Multi Core Xeon w/ PAN-OS v7.0 on CentOS 6.5 - KVM; Intel Multi Core Xeon w/ PAN-OS v7.0 on Citrix XenServer 6.1.0 8/18/2015 ECDSA SigGen Component: CURVES( P-256 P-384 )

"The Palo Alto Networks Crypto Module provides the cryptographic functionality for a variety of Palo Alto Networks VM-series platforms. The firewalls provide network security by enabling enterprises to see/control applications, users, and content."

01/12/16: Updated implementation information;

570
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Palo Alto Networks
4401 Great America Parkway
Santa Clara, California 95054
USA

-Richard Bishop
TEL: 408-753-4000

-Jake Bajic
TEL: 408-753-3901

Palo Alto Networks Crypto Module (PA VM-series)

Version 7.0 (PAN-OS)
Intel Multi Core Xeon w/ PAN-OS v7.0 on VMware ESXi 5.5; Intel Multi Core Xeon w/ PAN-OS v7.0 on CentOS 6.5 - KVM; Intel Multi Core Xeon w/ PAN-OS v7.0 on Citrix XenServer 6.1.0 8/18/2015 IKEv1( AUTH( PSK ) ) ( 256 (SHA 256 , 384 , 512 ) ) ( 2048 (SHA 256 , 384 , 512 ) ) ( 384 (SHA 256 , 384 , 512 ) ) SHA Val#2888 HMAC Val#2235
IKEv2( ( 256 (SHA 256 , 384 , 512 ) ) ( 2048 (SHA 1 , 256 , 384 , 512 ) ) ( 384 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#2888 HMAC Val#2235
TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#2888 HMAC Val#2235
SSH (SHA 1 ) SHA Val#2888
SNMP SHA1 Val#2888

"The Palo Alto Networks Crypto Module provides the cryptographic functionality for a variety of Palo Alto Networks VM-series platforms. The firewalls provide network security by enabling enterprises to see/control applications, users, and content."

01/12/16: Updated implementation information;

569
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Palo Alto Networks
4401 Great America Parkway
Santa Clara, California 95054
USA

-Richard Bishop
TEL: 408-753-4000

-Jake Bajic
TEL: 408-753-3901

Palo Alto Networks Crypto Module (PA VM-series)

Version 7.0 (PAN-OS)
Intel Multi Core Xeon w/ PAN-OS v7.0 on VMware ESXi 5.5; Intel Multi Core Xeon w/ PAN-OS v7.0 on CentOS 6.5 - KVM; Intel Multi Core Xeon w/ PAN-OS v7.0 on Citrix XenServer 6.1.0 8/18/2015 Curves tested: P-256   P-384

"The Palo Alto Networks Crypto Module provides the cryptographic functionality for a variety of Palo Alto Networks VM-series platforms. The firewalls provide network security by enabling enterprises to see/control applications, users, and content."

01/12/16: Updated implementation information;

568
All of SP800-56A EXCEPT KDF
SP800-56A
Palo Alto Networks
4401 Great America Parkway
Santa Clara, California 95054
USA

-Richard Bishop
TEL: 408-753-4000

-Jake Bajic
TEL: 408-753-3901

Palo Alto Networks Crypto Module (PA VM-series)

Version 7.0 (PAN-OS)
Intel Multi Core Xeon w/ PAN-OS v7.0 on VMware ESXi 5.5; Intel Multi Core Xeon w/ PAN-OS v7.0 on CentOS 6.5 - KVM; Intel Multi Core Xeon w/ PAN-OS v7.0 on Citrix XenServer 6.1.0 8/18/2015 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC DSA Val#988 SHS Val#2888 DRBG Val#871
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EC: P-256 ECDSA Val#714 SHS Val#2888 DRBG Val#871

"The Palo Alto Networks Crypto Module provides the cryptographic functionality for a variety of Palo Alto Networks VM-series platforms. The firewalls provide network security by enabling enterprises to see/control applications, users, and content."

01/12/16: Updated implementation information;

567
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Palo Alto Networks
4401 Great America Parkway
Santa Clara, California 95054
USA

-Richard Bishop
TEL: 408-753-4000

-Jake Bajic
TEL: 408-753-3901

Palo Alto Networks Crypto Module (PA-200, PA-500, PA-2000, PA-3000, PA-4000, PA-5000 and PA-7000 firewalls, WF-500 and Panorama M-100/M-500)

Version 7.0 (PAN-OS, Wildfire)/7.1 (Panorama) (Firmware)
Cavium Octeon MIPS64; Intel Multi Core Xeon; Intel Celeron P4505; Intel i7 8/18/2015 Curves tested: P-256   P-384

"The Palo Alto Networks Crypto Module provides the cryptographic functionality for a variety of platforms i.e. the PA-200, PA-500, PA-2000, PA-3000, PA-4000, PA-5000 and PA-7000 firewalls, WF-500 and Panorama M-100/M-500."

566
Signature Generation of hash sized messages
FIPS186-4 ECDSA
Palo Alto Networks
4401 Great America Parkway
Santa Clara, California 95054
USA

-Richard Bishop
TEL: 408-753-4000

-Jake Bajic
TEL: 408-753-3901

Palo Alto Networks Crypto Module (PA-200, PA-500, PA-2000, PA-3000, PA-4000, PA-5000 and PA-7000 firewalls, WF-500 and Panorama M-100/M-500)

Version 7.0 (PAN-OS, Wildfire)/7.1 (Panorama) (Firmware)
Cavium Octeon MIPS64; Intel Multi Core Xeon; Intel Celeron P4505; Intel i7 8/14/2015 ECDSA SigGen Component: CURVES( P-256 P-384 )

"The Palo Alto Networks Crypto Module provides the cryptographic functionality for a variety of platforms i.e. the PA-200, PA-500, PA-2000, PA-3000, PA-4000, PA-5000 and PA-7000 firewalls, WF-500 and Panorama M-100/M-500."

565
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Palo Alto Networks
4401 Great America Parkway
Santa Clara, California 95054
USA

-Richard Bishop
TEL: 408-753-4000

-Jake Bajic
TEL: 408-753-3901

Palo Alto Networks Crypto Module (PA-200, PA-500, PA-2000, PA-3000, PA-4000, PA-5000 and PA-7000 firewalls, WF-500 and Panorama M-100/M-500)

Version 7.0 (PAN-OS, Wildfire)/7.1 (Panorama) (Firmware)
Cavium Octeon MIPS64; Intel Multi Core Xeon; Intel Celeron P4505; Intel i7 8/14/2015 IKEv1( AUTH( PSK ) ) ( 256 (SHA 256 , 384 , 512 ) ) ( 2048 (SHA 256 , 384 , 512 ) ) ( 384 (SHA 256 , 384 , 512 ) ) SHA Val#2870 HMAC Val#2220
IKEv2( ( 256 (SHA 256 , 384 , 512 ) ) ( 2048 (SHA 1 , 256 , 384 , 512 ) ) ( 384 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#2870 HMAC Val#2220
TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#2870 HMAC Val#2220
SSH (SHA 1 ) SHA Val#2870
SNMP SHA1 Val#2870

"The Palo Alto Networks Crypto Module provides the cryptographic functionality for a variety of platforms i.e. the PA-200, PA-500, PA-2000, PA-3000, PA-4000, PA-5000 and PA-7000 firewalls, WF-500 and Panorama M-100/M-500."

564
All of SP800-56A EXCEPT KDF
SP800-56A
Palo Alto Networks
4401 Great America Parkway
Santa Clara, California 95054
USA

-Richard Bishop
TEL: 408-753-4000

-Jake Bajic
TEL: 408-753-3901

Palo Alto Networks Crypto Module (PA-200, PA-500, PA-2000, PA-3000, PA-4000, PA-5000 and PA-7000 firewalls, WF-500 and Panorama M-100/M-500)

Version 7.0 (PAN-OS, Wildfire)/7.1 (Panorama) (Firmware)
Cavium Octeon MIPS64; Intel Multi Core Xeon; Intel Celeron P4505; Intel i7 8/14/2015 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC DSA Val#987 SHS Val#2870 DRBG Val#870
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EC: P-256 ECDSA Val#713 SHS Val#2870 DRBG Val#870

"The Palo Alto Networks Crypto Module provides the cryptographic functionality for a variety of platforms i.e. the PA-200, PA-500, PA-2000, PA-3000, PA-4000, PA-5000 and PA-7000 firewalls, WF-500 and Panorama M-100/M-500."

563
All of SP800-56A EXCEPT KDF
SP800-56A
Cavium, Inc.
2315 N. First Street
San Jose, CA 95131
USA

-Tejinder Singh
TEL: 408-943-7403
FAX: 408-577-1992

-Phanikumar Kancharla
TEL: 408-943-7496

Nitrox III FECC

Version 1.0.0 (Firmware)
Part # Nitrox III Series Die, v1.1
Cavium Nitrox III Series 8/14/2015 ECC:
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 ECDSA Val#589 SHS Val#2652 DRBG Val#680

"Nitrox III hardware acceleration for ECC primitives used for ECDH and ECDSA."

562
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Blue Coat Systems, Inc.
420 North Mary Avenue
Sunnyvale, California 94085-4121
USA

-Diana Robinson
TEL: 845-454-6397

-Nick Goble
TEL: 978-318-7544

Blue Coat SSL Visibility Appliance Crypto Library

Version 1.0.3
Intel X3450 Quad Core w/ Linux x86_64; Intel E5620 Quad Core w/ Linux x86_64; Intel E5645 Hex Core w/ Linux x86_64 8/14/2015 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#2885 HMAC Val#2230
SSH (SHA 1 , 224 , 256 , 384 , 512 ) SHA Val#2885
SNMP SHA1 Val#2885

"The Blue Coat SSL Visibility Appliance decrypts multiple streams of SSL content to provide IDS/IPS, logging, forensics, and data loss prevention. This preserves complete network traffic histories necessary for compliance/threat analysis and enables SSL inspection capabilities that close the security loophole created by SSL."

561
All of SP800-56A EXCEPT KDF
SP800-56A
Huawei Technologies Co., Ltd
Huawei Industrial Base, Bantian Longgang
Shenzhen, Guangdong 518129
China

-Li Wen
TEL: 0086-0755-28976679
FAX: 0086-0755-28976679

Huawei Radio Link Encryption (RLE)

Version 1.0 (Firmware)
n/a 8/14/2015 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG   Full Validation   Key Regeneration )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC DSA Val#986 SHS Val#2884 DRBG Val#865

"The module provides the functionality of cipher (AES-CCM) transceiver of radio data as security function."

560
Section 5.2, SSH
SP800-135
Alcatel-Lucent
600 March Road
Ottawa, Ontario K2K 2E6
Canada

-Carl Rajsic
TEL: +1 613 784 6218

-Alfred Nothaft
TEL: +1 972 477 5087

Alcatel Lucent 7x50 SR OS Cryptographic Library

Version 1.0 (Firmware)
Cavium Octeon 7/31/2015 SSH (SHA 1 ) SHA Val#2878

"The Alcatel-Lucent 7x50 SR OS Cryptographic Library is used on the Alcatel-Lucent 7x50 Service Router products."

07/06/16: Updated implementation information;

559
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Sonus Networks, Inc.
4 Technology Park Drive
Westford, MA 01886
USA

-Adam Elshama
TEL: 1-855-GO-SONUS
FAX: 978-614-8101

-Nui Chan
TEL: 1-855-GO-SONUS
FAX: 978-614-8101

Sonus Cryptographic Library

Version 2 (Firmware)
Intel Ivy Bridge 7/31/2015 TLS( TLS1.2 (SHA 256 ) ) SHA Val#2877 HMAC Val#2225
SSH (SHA 1 , 224 , 256 , 384 , 512 ) SHA Val#2877
SNMP SHA1 Val#2877

"Sonus Session Border Controller FIPS-validated cryptographic software module"

558
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Sonus Networks, Inc.
4 Technology Park Drive
Westford, MA 01886
USA

-Adam Elshama
TEL: 1-855-GO-SONUS
FAX: 978-614-8101

-Nui Chan
TEL: 1-855-GO-SONUS
FAX: 978-614-8101

Sonus Cryptographic Library

Version 2 (Firmware)
Intel Ivy Bridge 7/31/2015 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"Sonus Session Border Controller FIPS-validated cryptographic software module"

557
Section 5.3, SRTP
SP800-135
Sonus Networks, Inc.
4 Technology Park Drive
Westford, MA 01886
USA

-Adam Elshama
TEL: 1-855-GO-SONUS
FAX: 978-614-8101

-Nui Chan
TEL: 1-855-GO-SONUS
FAX: 978-614-8101

Sonus Cryptographic Media Processor

Version 2 (Firmware)
Cavium OCTEON II CN6880 7/31/2015 SRTP (AES 128 ) AES Val#3482

"Sonus Session Border Controller FIPS-validated cryptographic media module"

556
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Sonus Networks, Inc.
4 Technology Park Drive
Westford, MA 01886
USA

-Adam Elshama
TEL: 1-855-GO-SONUS
FAX: 978-614-8101

-Nui Chan
TEL: 1-855-GO-SONUS
FAX: 978-614-8101

Sonus Cryptographic Library

Version 2 (Firmware)
Intel Nehalem 7/31/2015 TLS( TLS1.2 (SHA 256 ) ) SHA Val#2875 HMAC Val#2223
SSH (SHA 1 , 224 , 256 , 384 , 512 ) SHA Val#2875
SNMP SHA1 Val#2875

"Sonus Session Border Controller FIPS-validated cryptographic software module"

555
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Sonus Networks, Inc.
4 Technology Park Drive
Westford, MA 01886
USA

-Adam Elshama
TEL: 1-855-GO-SONUS
FAX: 978-614-8101

-Nui Chan
TEL: 1-855-GO-SONUS
FAX: 978-614-8101

Sonus Cryptographic Library

Version 2 (Firmware)
Intel Nehalem 7/31/2015 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"Sonus Session Border Controller FIPS-validated cryptographic software module"

554
Section 5.3, SRTP
SP800-135
Sonus Networks, Inc.
4 Technology Park Drive
Westford, MA 01886
USA

-Adam Elshama
TEL: 1-855-GO-SONUS
FAX: 978-614-8101

-Nui Chan
TEL: 1-855-GO-SONUS
FAX: 978-614-8101

Sonus Cryptographic Media Processor

Version 2 (Firmware)
Cavium OCTEON Plus CN5860 7/31/2015 SRTP (AES 128 ) AES Val#3480

"Sonus Session Border Controller FIPS-validated cryptographic media module"

553 Huawei Technologies Co., Ltd
Huawei Industrial Base, Bantian Longgang
Shenzhen, Guangdong 518129
China

-Li Wen
TEL: 0086-0755-28976679
FAX: 0086-0755-28976679

Huawei Radio Link Encryption (RLE)

Version 1.0 (Firmware)
n/a 7/31/2015

"The module provides the functionality of encryption transceiver of radio data as security function."

552
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Huawei Technologies Co., Ltd
Huawei Industrial Base, Bantian Longgang
Shenzhen, Guangdong 518129
China

-Li Wen
TEL: 0086-0755-28976679
FAX: 0086-0755-28976679

Huawei FIPS Cryptographic Library (HFCL)

Version V300R003C22SPC804
DELL PowerEdge T110 II Intel Pentium w/ RHEL 5.3 evaluated at EAL4 7/31/2015 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"Huawei FIPS Cryptographic Library (HFCL) provides FIPS approved Cryptographic functions to consuming applications via an Application Programming Interface (API)"

04/12/16: Updated implementation information;

551
All of SP800-56A EXCEPT KDF
SP800-56A
Huawei Technologies Co., Ltd
Huawei Industrial Base, Bantian Longgang
Shenzhen, Guangdong 518129
China

-Li Wen
TEL: 0086-0755-28976679
FAX: 0086-0755-28976679

Huawei FIPS Cryptographic Library (HFCL)

Version V300R003C22SPC804
DELL PowerEdge T110 II Intel Pentium w/ RHEL 5.3 evaluated at EAL4 7/31/2015 ECC:
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 ECDSA Val#707 SHS Val#2872 DRBG Val#857

"Huawei FIPS Cryptographic Library (HFCL) provides FIPS approved Cryptographic functions to consuming applications via an Application Programming Interface (API)"

04/12/16: Updated implementation information;

549
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
CoCo Communications
800 5th Ave
Seattle, WA 98104
USA

-David Weidenkopf
TEL: 206-812-5783

CoCo OpenSSL Windows 7

Version 2.2
Intel i5 w/ Windows 7 64 bit 7/24/2015 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"The CoCo OpenSSL Crypto Module is an OpenSSL cryptographic library that provides cryptographic services to its calling applications."

548
All of SP800-56A EXCEPT KDF
SP800-56A
Apple Inc.
1 Infinite Loop
Cupertino, CA 95014
USA

-Shawn Geddis

Apple iOS CoreCrypto Module (Generic A8 32 bit)

Version 5.0
Apple A8 w/ iOS 8 7/24/2015 ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: OnePassDH: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 ECDSA Val#628 SHS Val#2710 DRBG Val#731 HMAC Val#2071

"Cryptographic library offering various cryptographic mechanisms to Apple frameworks. The testing applies to kernel space and generic, non-optimized software. Test applies to 32 bit word size."

547
All of SP800-56A EXCEPT KDF
SP800-56A
Apple Inc.
1 Infinite Loop
Cupertino, CA 95014
USA

-Shawn Geddis

Apple iOS CoreCrypto Module (Generic A7 32 bit)

Version 5.0
Apple A7 w/ iOS 8 7/24/2015 ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: OnePassDH: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 ECDSA Val#627 SHS Val#2709 DRBG Val#730 HMAC Val#2070

"Cryptographic library offering various cryptographic mechanisms to Apple frameworks. The testing applies to kernel space and generic, non-optimized software. Test applies to 32 bit word size."

546
All of SP800-56A EXCEPT KDF
SP800-56A
Apple Inc.
1 Infinite Loop
Cupertino, CA 95014
USA

-Shawn Geddis

Apple iOS CoreCrypto Module (Generic A8X)

Version 5.0
Apple A8X w/ iOS 8 7/24/2015 ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: OnePassDH: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 ECDSA Val#672 SHS Val#2797 DRBG Val#804 HMAC Val#2152

"Cryptographic library offering various cryptographic mechanisms to Apple frameworks. The testing applies to kernel space and generic, non-optimized software. Test applies to 64 bit word size."

545
All of SP800-56A EXCEPT KDF
SP800-56A
Apple Inc.
1 Infinite Loop
Cupertino, CA 95014
USA

-Shawn Geddis

Apple iOS CoreCrypto Module (Generic A8X 32 bit)

Version 5.0
Apple A8X w/ iOS 8 7/24/2015 ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: OnePassDH: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 ECDSA Val#670 SHS Val#2781 DRBG Val#802 HMAC Val#2137

"Cryptographic library offering various cryptographic mechanisms to Apple frameworks. The testing applies to kernel space and generic, non-optimized software. Test applies to 32 bit word size."

544
All of SP800-56A EXCEPT KDF
SP800-56A
Apple Inc.
1 Infinite Loop
Cupertino, CA 95014
USA

-Shawn Geddis

Apple iOS CoreCrypto Module (Generic A8)

Version 5.0
Apple A8 w/ iOS 8 7/24/2015 ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: OnePassDH: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 ECDSA Val#630 SHS Val#2712 DRBG Val#733 HMAC Val#2073

"Cryptographic library offering various cryptographic mechanisms to Apple frameworks. The testing applies to kernel space and generic, non-optimized software. Test applies to 64 bit word size."

543
All of SP800-56A EXCEPT KDF
SP800-56A
Apple Inc.
1 Infinite Loop
Cupertino, CA 95014
USA

-Shawn Geddis

Apple iOS CoreCrypto Module (Generic A7)

Version 5.0
Apple A7 w/ iOS 8 7/24/2015 ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: OnePassDH: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 ECDSA Val#629 SHS Val#2711 DRBG Val#732 HMAC Val#2072

"Cryptographic library offering various cryptographic mechanisms to Apple frameworks. The testing applies to kernel space and generic, non-optimized software. Test applies to 64 bit word size."

542
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Blue Coat Systems, Inc.
420 North Mary Avenue
Sunnyvale, California 94085-4121
USA

-Diana Robinson
TEL: 845-454-6397

-Nick Goble
TEL: 978-318-7544

Blue Coat SSL Visibility Appliance Crypto Library

Version 1.0.2
Intel X3450 Quad Core w/ Linux x86_64; Intel E5620 Quad Core w/ Linux x86_64; Intel E5645 Hex Core w/ Linux x86_64 7/24/2015 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#2868 HMAC Val#2218
SSH (SHA 1 , 224 , 256 , 384 , 512 ) SHA Val#2868
SNMP SHA1 Val#2868

"The Blue Coat SSL Visibility Appliance decrypts multiple streams of SSL content to provide IDS/IPS, logging, forensics, and data loss prevention. This preserves complete network traffic histories necessary for compliance/threat analysis and enables SSL inspection capabilities that close the security loophole created by SSL."

541
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Redline Communications, Inc.
302 Town Centre Blvd., 4th Floor
Markham, Ontario L3R OE8
Canada

-Andrew Spurgeon
TEL: 905-479-8344 x2471

-Weixiong Lin
TEL: 905-479-8344 x2372

RDL-3000 Management Cryptographic Suite

Version 3.1 (Firmware)
Cavium ECONA CNS3411 SoC 7/17/2015 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#2866 HMAC Val#2216
SSH (SHA 1 ) SHA Val#2866
SNMP SHA1 Val#2866

"Provides several cryptographically-secure management interfaces for use in the administration and operation of the RDL-3000 platform."

540 N/A N/A N/A N/A N/A 7/17/2015 N/A
539
Section 4.2,
TLS
SP800-135
Rajant Corporation
400 East King Street
Malvern, PA 19355
USA

-Martin Lamb
TEL: (484) 595-0233 x409

Firmware v11.4.0-FIPS

Version 11.4.0-FIPS (Firmware)
Part # ME4-2409
Cavium CNS3420 7/10/2015 TLS( TLS1.0/1.1   TLS1.2 (SHA 512 ) ) SHA Val#2845 HMAC Val#2194

"The BreadCrumb by Rajant Corporation is an 802.11 (Wi-Fi) and Ethernet compatible wireless mesh networking device that allows for rapid deployment of mobile wireless networks in a wide variety of environments. It is lightweight, capable of communicating via up to four different radio frequencies, and is designed to be completely mobile."

538
RSADP Primitive
FIPS186-4 RSA; RSADP
Rajant Corporation
400 East King Street
Malvern, PA 19355
USA

-Martin Lamb
TEL: (484) 595-0233 x409

Firmware v11.4.0-FIPS

Version 11.4.0-FIPS (Firmware)
Part # LX4-2495; LX4-2954
Intel XScale IXP435 7/10/2015 RSADP: (Mod2048)

"The BreadCrumb by Rajant Corporation is an 802.11 (Wi-Fi) and Ethernet compatible wireless mesh networking device that allows for rapid deployment of mobile wireless networks in a wide variety of environments. It is lightweight, capable of communicating via up to four different radio frequencies, and is designed to be completely mobile."

537
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Samsung
129
Samsung-ro
Yeongtong-gu
Suwon-si, Gyeonggi-do 443-742
South Korea

-Changsup Ahn
TEL: +82-10-3173-9021
FAX: +82-31-279-1219

-Jisoon Park
TEL: +82-10-4556-5007
FAX: +82-31-279-1219

CryptoCore_Tizen

Version 0.2.9
Part # NA
Samsung Hawk-MU w/ Tizen 2.3 7/10/2015 Curves tested: P-224   P-256   P-384   P-521

"A multipurpose cryptographic library which provides symmetric/asymmetric cipher, message digest, key agreement, PRNG and so on."

536
Section 4.2,
TLS
SP800-135
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134
USA

-Global Certification Team

IOS Common Cryptographic Module (IC2M) Algorithm Module

Version Version 2.0 (Firmware)
Freescale SC1018; Freescale SC1023; Atheros QCA9550 7/10/2015 TLS( TLS1.0/1.1 ) SHA Val#2441 HMAC Val#1836

"IOS Common Cryptographic Module"

535
Section 5.5, TPM
SP800-135
Nuvoton Technology Corporation
No. 4, Creation Rd. III
Hsinchu Science Park, n/a 300
Taiwan, R.O.C.

-Yossi Talmi
TEL: +972-9-9702364
FAX: +972-9-9702001

-Oren Tanami
TEL: +972-9-9702390
FAX: +972-9-9702001

Nuvoton NPCT6xx TPM 1.2 Cryptographic Engine

Part # FB5C85E
N/A 7/10/2015 TPM SHA1 Val#2863 HMAC_SHA1 Val#2213

"Nuvoton TPM (Trusted Platform Module), a TCG 1.2 compliant security processor with embedded firmware"

09/30/15: Updated implementation information;

534
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
OpenSSL Software Foundation, Inc.
1829 Mount Ephraim Road
Adamstown, MD 27101
USA

-Steve Marquess
TEL: 301-874-2571

OpenSSL FIPS Object Module

Version 2.0.11
Intel Core 2 Duo (x86) w/ VxWorks 6.7; IBM POWER 7 (PPC) w/ AIX 7.1 64-bit; IBM POWER 7 (PPC) w/ AIX 6.1 32-bit; IBM POWER 7 (PPC) w/ AIX 6.1 64-bit; IBM POWER 7 (PPC) w/ AIX 7.1 32-bit; Intel Xeon E5-2420 (x86) without AES-NI w/ DataGravity Discovery Series OS V2.0; Intel Xeon E5-2420 (x86) with AES-NI w/ DataGravity Discovery Series OS V2.0 ; IBM POWER 7 (PPC) with optimizations w/ AIX 6.1 32-bit; IBM POWER 7 (PPC) with optimizations w/ AIX 6.1 64-bit; Intel Xeon E5-2430L (x86) with AES-NI optimizations w/ Ubuntu 12.04; Intel Xeon E5-2430L (x86) without optimizations w/ Ubuntu 12.04; Intel Atom E3845 (x86) without AES-NI optimizations w/ Linux 3.10 32-bit; Intel Atom E3845 (x86) with AES-NI optimizations w/ Linux 3.10 32-bit 7/2/2015 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"The OpenSSL FIPS Object Module is a full featured general purpose cryptographic library that is distributed in source code form under an open source license. It can be downloaded from www.openssl.org/source/."

08/04/15: Added new tested information;
09/04/15: Added new tested information;
10/22/15: Added new tested information;
10/30/15: Updated implementation information information;

533
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP

All of SP800-56A EXCEPT KDF
SP800-56A

SP800-135
FireEye, Inc.
1440 McCarthy Boulevard
Milipitas, CA 90655
USA

-Peter Kim
TEL: 1-408-321-6300

FireEye Algorithms Implementation

Version 1.0 (Firmware)
Intel Xeon; AMD Opteron 7/2/2015 FFC: SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC SHS Val#2873
TLS( TLS1.0/1.1 ) SHA Val#2837 HMAC Val#2195
SSH (SHA 1 , 256 , 512 ) SHA Val#2837
SNMP SHA1 Val#2837

"The FireEye Algorithms Implementation provides cryptographic services for CMS and LMS appliances."

07/24/15: Updated vendor information;

532
All of SP800-56A EXCEPT KDF
SP800-56A
Thales e-Security Inc.
900 South Pine Island Road
Suite 710
Plantation, FL 33324
USA

-sales@thalesesec.com
TEL: 888-744-4976

nShield Algorithm Library

Version 2.61.2 (Firmware)
Freescale PowerPC 7/2/2015 ECC:
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 OnePassDH: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 StaticUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 ECDSA Val#695 SHS Val#2826 DRBG Val#825

"The nShield algorithm library provides cryptographic functionality for Thales nShield Hardware Security Modules"

08/20/2015: Added new tested information;
10/22/15: Updated implementation information;

531
RSADP Primitive
FIPS186-4 RSA; RSADP
Rajant Corporation
400 East King Street
Malvern, PA 19355
USA

-Martin Lamb
TEL: (484) 595-0233 x409

Firmware v11.4.0-FIPS

Version 11.4.0-FIPS (Firmware)
Part # ME4-2409
Cavium CNS3420 6/26/2015 RSADP: (Mod2048)

"The BreadCrumb by Rajant Corporation is an 802.11 (Wi-Fi) and Ethernet compatible wireless mesh networking device that allows for rapid deployment of mobile wireless networks in a wide variety of environments. It is lightweight, capable of communicating via up to four different radio frequencies, and is designed to be completely mobile."

530
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Samsung
129
Samsung-ro
Yeongtong-gu
Suwon-si, Gyeonggi-do 443-742
South Korea

-Changsup Ahn
TEL: +82-10-3173-9021
FAX: +82-31-279-1219

-Jisoon Park
TEL: +82-10-4556-5007
FAX: +82-31-279-1219

CryptoCore_Linux

Version 0.2.9
Part # NA
Intel Core i7 w/ Ubuntu 14.04 7/2/2015 Curves tested: P-224   P-256   P-384   P-521

"A multipurpose cryptographic library which provides symmetric/asymmetric cipher, message digest, key agreement, PRNG and so on."

529
Section 4.2,
TLS
SP800-135
Rajant Corporation
400 East King Street
Malvern, PA 19355
USA

-Martin Lamb
TEL: (484) 595-0233 x409

Firmware v11.4.0-FIPS

Version 11.4.0-FIPS (Firmware)
Part # LX4-2495; LX4-2954
Intel XScale IXP435 6/26/2015 TLS( TLS1.0/1.1   TLS1.2 (SHA 512 ) ) SHA Val#2844 HMAC Val#2193

"The BreadCrumb by Rajant Corporation is an 802.11 (Wi-Fi) and Ethernet compatible wireless mesh networking device that allows for rapid deployment of mobile wireless networks in a wide variety of environments. It is lightweight, capable of communicating via up to four different radio frequencies, and is designed to be completely mobile."

528
Section 5.1,
ANS X9.63-2001
SP800-135
Canon
One Canon Park
Melville, NY 11747
USA

-Jiuyuan Ge
TEL: 631-330-5774

Canon imageRunner Crypto Module for MEAP

Version 2.1.1
Intel Atom Processor D410 w/ MontaVista Linux 6/25/2015 ANSX963_2001 (SHS 224 , 256 , 384 , 512 ) SHA Val#2842

"Canon imageRUNNER Crypto Module for MEAP is a cryptographic module which protects stored and transmitted data using FIPS approved cryptographic algorithms."

527
Section 5.2, SSH
SP800-135
Red Hat, Inc.
100 East Davie Street
Raleigh, NC 27601
USA

-Ann Marie Rubin

OpenSSH Server (KDF 800-135) IBM

Version 5.3p1-104.el6_6.1
Intel x86 w/ Red Hat Enterprise Linux 6.6 6/25/2015 SSH (SHA 1 , 256 , 384 , 512 ) SHA Val#2568

"KDF for IBM"

526
Section 5.2, SSH
SP800-135
Red Hat, Inc.
100 East Davie Street
Raleigh, NC 27601
USA

-Ann Marie Rubin

OpenSSH Server (KDF 800-135) HP

Version 5.3p1-104.el6_6.1
Intel x86 w/ Red Hat Enterprise Linux 6.6 6/25/2015 SSH (SHA 1 , 256 , 384 , 512 ) SHA Val#2575

"KDF for HP"

525
Section 4.1.2,
IKEv2
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Cisco Systems, Inc.
170 West Tasman Dr.
San Jose, CA 95134
USA

-Global Certification Team

Adaptive Security Appliance (ASA) OS

Version 9.4 (Firmware)
Intel Atom; Intel Pentium; Intel Core i3; Intel Xeon 6/25/2015 IKEv2( ( 2048 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#2839 HMAC Val#2188
TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#2839 HMAC Val#2188
SSH (SHA 1 ) SHA Val#2839

"The Cisco ASA Security Appliance Series delivers robust user and application policy enforcement, multi-vector attack protection, and secure connectivity services in cost-effective, easy-to-deploy solutions. The ASA 5500 Series Adaptive Security Appliances provide comprehensive security, performance, and reliability for network environment."

524
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Information Assurance Specialists, Inc.
900 Route 168
Suite C4
Turnersville, NJ 08012
USA

-Nicholas Podolak
TEL: 856-581-8033

IAS Router FIPS

Version IASRouter-2015-06-10_23s36eb (Firmware)
Intel Bay Trail with AES-NI 6/11/2015 RSASP1: (Mod2048: PKCS1.5 PKCSPSS )

"IAS Router FIPS is a comprehensive suite of FIPS Approved algorithms. All key sizes and modes have been implemented to allow flexibility and efficiency."

523
Section 4.2,
TLS
SP800-135
Information Assurance Specialists, Inc.
900 Route 168
Suite C4
Turnersville, NJ 08012
USA

-William Morgan
TEL: 856-581-8033 Ext. 1006
FAX: 856-228-1265

-Keiron Tomasso
TEL: 856-581-8033 Ext. 1001
FAX: 856-228-1265

IAS Router FIPS

Version 7a55571 – 2015-05-07 (Firmware)
Intel Bay Trail with AES-NI 6/11/2015 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#2830 HMAC Val#2182

"IAS Router FIPS is a comprehensive suite of FIPS Approved algorithms. All key sizes and modes have been implemented to allow flexibility and efficiency."

12/09/15: Updated vendor and implementation information;

522
Section 5.2, SSH
SP800-135
Hewlett Packard Enterprise
1160 Enterprise Way
Sunnyvale, CA 94089
USA

-Harjit Dhillon
TEL: 916-501-1426

HP ESKM OpenSSH

Version 6.0.1 OpenSSH 1.1 (Firmware)
Intel Xeon E5-2600 Family 6/11/2015 SSH (SHA 1 ) SHA Val#2828

"HP Enterprise Secure Key Manager (ESKM) provides key generation, retrieval, and management for encryption devices and solutions. ESKM is a hardened security appliance with secure access control, administration, and logging. ESKM supports high availability with automatic multi-site clustering, replication, and failover."

521
RSADP Primitive
FIPS186-4 RSA; RSADP
Hewlett Packard Enterprise
1160 Enterprise Way
Sunnyvale, CA 94089
USA

-Harjit Dhillon
TEL: 916-501-1426

HP ESKM OpenSSL

Version 6.0.1 OpenSSL 1.1 (Firmware)
Intel Xeon E5-2600 Family 6/11/2015 RSADP: (Mod2048)

"HP Enterprise Secure Key Manager (ESKM) provides key generation, retrieval, and management for encryption devices and solutions. ESKM is a hardened security appliance with secure access control, administration, and logging. ESKM supports high availability with automatic multi-site clustering, replication, and failover."

520
Section 4.2,
TLS
SP800-135
Hewlett Packard Enterprise
1160 Enterprise Way
Sunnyvale, CA 94089
USA

-Harjit Dhillon
TEL: 916-501-1426

HP ESKM OpenSSL

Version 6.0.1 OpenSSL 1.1 (Firmware)
Intel Xeon E5-2600 Family 6/11/2015 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#2828 HMAC Val#2180

"HP Enterprise Secure Key Manager (ESKM) provides key generation, retrieval, and management for encryption devices and solutions. ESKM is a hardened security appliance with secure access control, administration, and logging. ESKM supports high availability with automatic multi-site clustering, replication, and failover."

519
Section 5.2, SSH
SP800-135
Hewlett Packard Enterprise
1160 Enterprise Way
Sunnyvale, CA 94089
USA

-Harjit Dhillon
TEL: 916-501-1426

HP ESKM OpenSSH

Version 6.0.0 OpenSSH 1.0 (Firmware)
Intel Xeon E5-2600 Family 6/11/2015 SSH (SHA 1 ) SHA Val#2827

"HP Enterprise Secure Key Manager (ESKM) provides key generation, retrieval, and management for encryption devices and solutions. ESKM is a hardened security appliance with secure access control, administration, and logging. ESKM supports high availability with automatic multi-site clustering, replication, and failover."

518
RSADP Primitive
FIPS186-4 RSA; RSADP
Hewlett Packard Enterprise
1160 Enterprise Way
Sunnyvale, CA 94089
USA

-Harjit Dhillon
TEL: 916-501-1426

HP ESKM OpenSSL

Version 6.0.0 OpenSSL 1.0 (Firmware)
Intel Xeon E5-2600 Family 6/11/2015 RSADP: (Mod2048)

"HP Enterprise Secure Key Manager (ESKM) provides key generation, retrieval, and management for encryption devices and solutions. ESKM is a hardened security appliance with secure access control, administration, and logging. ESKM supports high availability with automatic multi-site clustering, replication, and failover."

517
Section 4.2,
TLS
SP800-135
Hewlett Packard Enterprise
1160 Enterprise Way
Sunnyvale, CA 94089
USA

-Harjit Dhillon
TEL: 916-501-1426

HP ESKM OpenSSL

Version 6.0.0 OpenSSL 1.0 (Firmware)
Intel Xeon E5-2600 Family 6/11/2015 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#2827 HMAC Val#2179

"HP Enterprise Secure Key Manager (ESKM) provides key generation, retrieval, and management for encryption devices and solutions. ESKM is a hardened security appliance with secure access control, administration, and logging. ESKM supports high availability with automatic multi-site clustering, replication, and failover."

516
All of SP800-56A EXCEPT KDF
SP800-56A
Thales e-Security Inc.
900 South Pine Island Road
Suite 710
Plantation, FL 33324
USA

-sales@thalesesec.com
TEL: 888-744-4976

nShield Algorithm Library

Version 2.61.2 (Firmware)
Freescale PowerPC 6/5/2015 FFC: SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC OneFlow: (KARole: Initiator / Responder ) FB FC Static: (KARole: Initiator / Responder ) FB FC DSA Val#964 SHS Val#2826 DRBG Val#825

"The nShield algorithm library provides cryptographic functionality for Thales nShield Hardware Security Modules"

10/22/15: Updated implementation information;

515
All of SP800-56A EXCEPT KDF
SP800-56A
Thales e-Security Inc.
900 South Pine Island Road
Suite 710
Plantation, FL 33324
USA

-sales@thalesesec.com
TEL: 888-744-4976

MiniHSM Algorithm Library

Version 2.61.2 (Firmware)
Freescale DragonBall MXL 6/5/2015 FFC: SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC Hybrid1Flow: (KARole: Initiator / Responder ) FB FC Static: (KARole: Initiator / Responder ) FB FC DSA Val#963 SHS Val#2825 DRBG Val#824
ECC:
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 OnePassDH: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 StaticUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: ECDSA Val#686 SHS Val#2825 DRBG Val#824

"The MiniHSM Algorithm Library provides cryptographic functionality for the MiniHSM series of Thales hardware security modules."

10/22/15: Updated implementation information;

514
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
Section 4.2,
TLS
SP800-135
Check Point Software Technologies
5 Ha'solelim Street
Tel Aviv, 67897
Israel

-Malcolm Levy
TEL: +972-37534561

Check Point Cryptographic Library

Version 1.0 (Firmware)
Intel® Xeon® 6/5/2015 IKEv1( AUTH( DSA , PSK ) ) ( 2048 (SHA 1 , 256 , 384 ) ) ( 8192 (SHA 1 , 256 , 384 ) ) SHA Val#2824 HMAC Val#2176
IKEv2( ( 2048 (SHA 1 , 256 , 384 ) ) ( 8192 (SHA 1 , 256 , 384 ) ) SHA Val#2824 HMAC Val#2176
TLS( TLS1.0/1.1   TLS1.2 (SHA 256 ) ) SHA Val#2824 HMAC Val#2176

"Cryptographic library for Check Point Next Generation Security Appliances"

513
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Sage Microelectronics Corp
910 Campisi Way
Suite-2A
Campbell, CA 95008
USA

-Chris Tsu
TEL: 408-309-9118

-Larry Ko
TEL: 408-768-1378

RSA Library

Version 1.0 (Firmware)
Part # S261, Rev. A
Sagemicro S261 (Hardware IC CHIP) 6/5/2015 RSASP1: (Mod2048: PKCS1.5 )

"RSA Library implements RSA-1024 and RSA-2048. Supports Sig Gen and Ver specified in ANSI X9.31, PKCS1.5 and PSS."

512
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
HPE Data Security
20400 Stevens Creek Blv
Suite 500
Cupertino, CA 95014
USA

-Luther Martin
TEL: (408) 886 - 3200
FAX: (408) 886 - 3201

Voltage Cryptographic Module v.5.0

Version 5.0
CPU Intel(R) Core(TM) i7-2600 w/o AES-NI w/ Windows Server 2012 R2 5/29/2015 Curves tested: P-224   P-256   P-384   P-521

"The Voltage Cryptographic Module provides the validated algorithms used by the HP SecureMail, HP SecureFile, and HP SecureData families of products."

04/04/16: Updated vendor and implementation information;

511
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
HPE Data Security
20400 Stevens Creek Blv
Suite 500
Cupertino, CA 95014
USA

-Luther Martin
TEL: (408) 886 - 3200
FAX: (408) 886 - 3201

Voltage Cryptographic Module v.5.0

Version 5.0
CPU Intel(R) Core(TM) i7-2600 with AES-NI w/ Windows Server 2012 R2 5/29/2015 Curves tested: P-224   P-256   P-384   P-521

"The Voltage Cryptographic Module provides the validated algorithms used by the HP SecureMail, HP SecureFile, and HP SecureData families of products."

04/04/16: Updated vendor and implementation information;

510
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
HPE Data Security
20400 Stevens Creek Blv
Suite 500
Cupertino, CA 95014
USA

-Luther Martin
TEL: (408) 886 - 3200
FAX: (408) 886 - 3201

Voltage Cryptographic Module v.5.0

Version 5.0
CPU Intel(R) Core(TM) i7-3770 w/o AES-NI w/ CentOS Linux release 7.0.1406 5/29/2015 Curves tested: P-224   P-256   P-384   P-521

"The Voltage Cryptographic Module provides the validated algorithms used by the HP SecureMail, HP SecureFile, and HP SecureData families of products."

04/04/16: Updated vendor and implementation information;

509
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
HPE Data Security
20400 Stevens Creek Blv
Suite 500
Cupertino, CA 95014
USA

-Luther Martin
TEL: (408) 886 - 3200
FAX: (408) 886 - 3201

Voltage Cryptographic Module v.5.0

Version 5.0
CPU Intel(R) Core(TM) i7-3770 with AES-NI w/ CentOS Linux release 7.0.1406 5/29/2015 Curves tested: P-224   P-256   P-384   P-521

"The Voltage Cryptographic Module provides the validated algorithms used by the HP SecureMail, HP SecureFile, and HP SecureData families of products."

04/04/16: Updated vendor and implementation information;

508 N/A N/A N/A N/A N/A 5/29/2015 N/A
507
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134
USA

-Global Certification Team
TEL: d

CiscoSSL FIPS Object Module

Version 6.0
Cavium Octeon MIPS64 w/ Linux 2.6; Intel Xeon w/ FreeBSD 9.2 5/22/2015 Curves tested: P-256   P-384   P-521

"The Cisco FIPS Object Module is a software library that provides cryptographic services to a vast array of"

506
Section 4.1.2,
IKEv2
Section 4.2,
TLS
Section 5.2, SSH
Section 5.3, SRTP
Section 5.4, SNMP
SP800-135
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134
USA

-Global Certification Team
TEL: d

CiscoSSL FIPS Object Module

Version 6.0
Cavium Octeon MIPS64 w/ Linux 2.6; Intel Xeon w/ FreeBSD 9.2 5/22/2015 IKEv2( ( 224 (SHA 1 ) ) SHA Val#2818 HMAC Val#2173
TLS( TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#2818 HMAC Val#2173
SSH (SHA 1 , 224 , 256 , 384 , 512 ) SHA Val#2818
SRTP (AES 128 , 192 , 256 ) AES Val#3405
SNMP SHA1 Val#2818

"The Cisco FIPS Object Module is a software library that provides cryptographic services to a vast array of"

06/01/15: Added new tested information;

505
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134
USA

-Global Certification Team
TEL: d

CiscoSSL FIPS Object Module (Assembler)

Version 6.0
Intel Xeon w/ Linux 2.6; Cavium Octeon MIPS64 w/ Linux 2.6; ARMv7 w/ Android 4.4; Intel Core i7 w/ Windows 8.1; Intel Core i7 with AES-NI w/ Windows 8.1 ;  Intel Core i7 w/ Windows 10; Intel Core i7 with AES-NI w/ Windows 10 5/22/2015 Curves tested: P-256   P-384   P-521

"The Cisco FIPS Object Module is a software library that provides cryptographic services to a vast array of Cisco''s networking and collaboration products."

06/01/15: Updated implementation information;
Added new tested information;

504
Section 4.1.2,
IKEv2
Section 4.2,
TLS
Section 5.2, SSH
Section 5.3, SRTP
Section 5.4, SNMP
SP800-135
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134
USA

-Global Certification Team
TEL: d

CiscoSSL FIPS Object Module (Assembler)

Version 6.0
Intel Xeon w/ Linux 2.6; Cavium Octeon MIPS64 w/ Linux 2.6; ARMv7 w/ Android 4.4; Intel Core i7 w/ Windows 8.1; Intel Core i7 with AES-NI w/ Windows 8.1 ;  Intel Core i7 w/ Windows 10; Intel Core i7 with AES-NI w/ Windows 10 5/22/2015 IKEv2( ( 224 (SHA 1 ) ) SHA Val#2817 HMAC Val#2172
TLS( TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#2817 HMAC Val#2172
SSH (SHA 1 , 224 , 256 , 384 , 512 ) SHA Val#2817
SRTP (AES 128 , 192 , 256 ) AES Val#3404
SNMP SHA1 Val#2817

"The Cisco FIPS Object Module is a software library that provides cryptographic services to a vast array of Cisco''s networking and collaboration products."

06/01/15: Updated implementation information;
12/16/16: Added new tested information;

503
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Dell Software, Inc.
5455 Great America Parkway
Santa Clara, CA 95051
USA

-Usha Sanagala
TEL: 408-962-6248
FAX: 408-745-9300

SonicOS 6.2.1 for SM9800

Version 6.2.1 (Firmware)
Cavium Octeon II CN 6640-8core 5/22/2015 IKEv1( AUTH( DSA , PSK ) ) ( 2048 (SHA 256 , 384 , 512 ) ) SHA Val#2816 HMAC Val#2171
IKEv2( ( 2048 (SHA 256 , 384 , 512 ) ) SHA Val#2816 HMAC Val#2171
TLS( TLS1.0/1.1 ) SHA Val#2816 HMAC Val#2171
SSH (SHA 1 ) SHA Val#2816
SNMP SHA1 Val#2816

"The Dell(tm) SonicWALL(tm) SuperMassive(tm) Series is Dell''s next-generation firewall (NGFW) platform designed for large networks to deliver scalability, reliability and deep security at multi-gigabit speeds with near zero latency."

502
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Hewlett-Packard Development Company, L.P.
11445 Compaq Center Dr. W
Houston, TX 77070
USA

-Luis Luciani
TEL: 281-518-6762

iLO SSL Firmware Crypto Library

Version 2.11 (Firmware)
ARM-926 5/22/2015 TLS( TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#2814 HMAC Val#2169
SSH (SHA 1 ) SHA Val#2814

"The HP Integrated Lights-Out 4 (HP iLO 4) built into HP ProLiant Gen8 and Gen9 servers is an autonomous secure management component embedded directly on the server motherboard. iLO SSL Firmware Crypto Library provides the cryptographic operations required for secure communication and management."

501 N/A N/A N/A N/A N/A 5/15/2015 N/A
500
RSADP Primitive
FIPS186-4 RSA; RSADP
Security First Corp.
29811 Santa Margarita Parkway
Suite 600
Rancho Santa Margarita, CA 92688
USA

-Rick Orsini
TEL: 949-858-7525
FAX: 949-858-7092

Secure Parser Library

Version 4.7.1.0
Qualcomm Snapdragon 800 series (ARMv7) w/ Android 4.4; Qualcomm Snapdragon 800 series (ARMv7) w/ Android 5.0; Intel Core i5 (3rd Gen) with AES-NI disabled w/ Microsoft Windows 7 64-bit; Intel Core i5 (3rd Gen) with AES-NI w/ Microsoft Windows 7 64-bit; AMD E1 with AES-NI disabled w/ Microsoft Windows 8 64-bit; AMD E1 with AES-NI w/ Microsoft Windows 8 64-bit 5/15/2015 RSADP: (Mod2048)

"The Secure Parser Library is a suite of general security routines using FIPS Approved algorithms for its cryptography. An AES key size of 256 bits and equivalent key sizes for all other algorithms are supported by the library."

499
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
McAfee, Inc.
2821 Mission College Blvd.
Santa Clara, CA 95054
USA

-Andy Nissen
TEL: 651-770-6151

McAfee Advanced Threat Defense

Version 3.4.6
Intel x86_64 w/ Linux 3.10.45 5/15/2015 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"OpenSSL FIPS Object Module 2.0.5 running on Linux 3.10.45 on Intel x86_64 HW"

498
Section 4.2,
TLS
Section 5.2, SSH
Section 5.3, SRTP
Section 5.4, SNMP
SP800-135
Oracle Communications
100 Crosby Drive
Bedford, MA 01730
USA

-Nikhil Suares
TEL: 781-538-7568

-Madhu Mathiyalagan
TEL: 781-538-7514

Acme Packet Cryptographic Library

Version EC6.4.1M1 (Firmware)
Intel Core Duo T2500; Intel Celeron M 440; Intel Celeron M 440 5/15/2015 TLS( TLS1.0/1.1 ) SHA Val#2788 HMAC Val#2143
SSH (SHA 1 ) SHA Val#2788
SRTP (AES 128 )
SNMP SHA1 Val#2788

"The Acme Packet 3820 and 4500 are one rack unit (1U) platforms that feature Oracle’s purpose-built hardware design tightly integrated with Acme Packet OS, to provide the critical controls for delivering trusted, real-time communications - voice, video, and application data sessions - across Internet Protocol (IP) network borders"

497
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
LogRhythm
4780 Pearl East Circle
Boulder, CO 80301
USA

-Emily Dobson
TEL: 720-881-5348

LogRhythm OpenSSL

Version 6.3.4
Intel Xeon E5-2420 w/ Microsoft Windows Server 2008 R2 5/15/2015 Curves tested: P-224   P-256   P-384   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"This module provides support for secure communications over a network using the OpenSSL library."

496
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Nimble Storage Inc.
211 River Oaks Parkway
San Jose, CA 95134
USA

-Kent Peacock
TEL: +1-408-514-3452

Nimble Storage OpenSSL FIPS Object Module

Version 2.0.9
Intel E5-2403V2 with AES-NI w/ Linux 2.6; Intel E5-2450V2 with AES-NI w/ Linux 2.6; Intel E5-2470V2 with AES-NI w/ Linux 2.6 ;  Intel E5-2603V3 with AES-NI w/ Linux 2.6; Intel E5-2699V3 with AES-NI w/ Linux 2.6; Intel E5-2680V3 with AES-NI w/ Linux 2.6; Intel E5-2620V3 with AES-NI w/ Linux 2.6; 5/8/2015 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"The Nimble Storage OpenSSL FIPS Object Module is a general purpose cryptographic module compiled from the source code for the OpenSSL FIPS Object Module 2.0.9. It is incorporated into the family of Nimble Storage appliances."

05/16/16: Added new tested information;

495
Section 5.3, SRTP
SP800-135
Medtronic Care Management Services, LLC
7980 Century Blvd.
Chanhassen, MN 55317
USA

-Brian Golden
TEL: 888-243-8881

-Ben Lange
TEL: 888-243-8881

CC AM2

Version CC AM2 v1.0.1
Texas Instruments OMAP4430 2X ARM Cortex A9 MP Core w/ Android 4.0.4; Intel Xeon E5620 w/ Windows 2008 R2 x64 5/8/2015 SRTP (AES 256 ) AES Val#3349

"CC AM 2 supports the FIPS module CC FM TLS/SRTP 1.0 which facilitates secure communication with the SRTP protocol."

03/21/16: Updated vendor and implementation information;

494
Section 4.2,
TLS
SP800-135
Medtronic Care Management Services, LLC
7980 Century Blvd.
Chanhassen, MN 55317
USA

-Brian Golden
TEL: 888-243-8881

-Ben Lange
TEL: 888-243-8881

CC AM1

Version CC AM1 v1.0.2
Texas Instruments OMAP4430 2X ARM Cortex A9 MP Core w/ Android 4.0.4; Intel Xeon E5620 w/ Windows 2008 R2 x64 5/8/2015 TLS( TLS1.2 (SHA 256 ) ) SHA Val#2776 HMAC Val#2132

"CC AM 1 supports the FIPS module CC FM TLS/SRTP 1.0 which facilitates secure communication for the TLS and SRTP protocols."

03/21/16: Updated vendor and implementation information;

493
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
SP800-135
Information Assurance Specialists, Inc.
900 Route 168
Suite C4
Turnersville, NJ 08012
USA

-Nicholas Podolak
TEL: 856-581-8033

IAS Router IPSec

Version IASRouter-2015-06-10_23s36eb (Firmware)
Intel Bay Trail with AES-NI 6/11/2015 IKEv1( AUTH( DSA , PSK ) ) ( 256 (SHA 256 , 384 , 512 ) ) ( 8192 (SHA 256 , 384 , 512 ) ) ( 2048 (SHA 256 , 384 , 512 ) ) SHA Val#2830 HMAC Val#2182
IKEv2( ( 256 (SHA 256 , 384 , 512 ) ) ( 8192 (SHA 256 , 384 , 512 ) ) ( 2048 (SHA 256 , 384 , 512 ) ) SHA Val#2830 HMAC Val#2182

"IAS Router IPSec is the IKE and ESP stack implementation."

492
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Samsung Electronics Co., Ltd.
416, Maetan 3-Dong Youngton Gu
Suwon, Gyeonggi 152-848
South Korea

-Abraham Joseph Kang
TEL: +1-408-324-3678
FAX: +1-408-324-3640

-Bumhan Kim
TEL: +82-10-4800-6711

Samsung SCrypto

Version 1.0
Samsung Electronics Exynos 7420 w/ MOBICORE Tbase 302A 4/17/2015 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"Provide general purpose cryptographic services to TrustZone applications on the mobile platform for the protection of data in transit."

491
Section 5.4, SNMP
SP800-135
Senetas Corporation Ltd, distributed by Gemalto NV (SafeNet)
312 Kings Way
South Melbourne, Victoria 3025
Australia

-John Weston
TEL: +61 3 9868 4555
FAX: +61 3 9821 4899

CN6000 Series Common Crypto Library

Version 2.6.1 (Firmware)
Intel ATOM 4/17/2015 SNMP SHA1 Val#2772

"The CN6000 Series Common Crypto Library Module provides FIPS 140-2 approved cryptographic algorithms for CN6000 Series Encryptors. Based upon OpenSSL the Common Crypto Library provides an Application Programming Interface (API) to support security relevant services."

06/08/15: Updated implementation information;

490
Section 5.4, SNMP
SP800-135
Senetas Corporation Ltd, distributed by Gemalto NV (SafeNet)
312 Kings Way
South Melbourne, Victoria 3025
Australia

-John Weston
TEL: +61 3 9868 4555
FAX: +61 3 9821 4899

CN1000 and CN3000 Series Common Crypto Library

Version 4.6.1 (Firmware)
Freescale MPC8280 4/17/2015 SNMP SHA1 Val#2771

"The CN1000 and CN3000 Series Common Crypto Library Module provides FIPS 140-2 approved cryptographic algorithms for the CN1000 and CN3000 Series Encryptors. Based upon OpenSSL the Library provides an Application Programming Interface (API) to support security relevant services."

06/08/15: Updated implementation information;

489
Section 5.4, SNMP
SP800-135
Senetas Corporation Ltd, distributed by Gemalto NV (SafeNet)
312 Kings Way
South Melbourne, Victoria 3025
Australia

-John Weston
TEL: +61 3 9868 4555
FAX: +61 3 9821 4899

CN4010 and CN6010 Series Common Crypto Library

Version 2.6.1 (Firmware)
ARM Cortex A9 4/17/2015 SNMP SHA1 Val#2770

"The CN4010 and CN6010 Series Common Crypto Library Module provides FIPS 140-2 approved cryptographic algorithms for the CN4010 and CN6010 Series Encryptors. Based upon OpenSSL the Library provides an Application Programming Interface (API) to support security relevant services."

06/08/15: Updated implementation information;

488
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Hewlett-Packard Development Company, L.P.
11445 Compaq Center Dr. W
Houston, TX 77070
USA

-Julie Ritter
TEL: (281) 514-4087

HP BladeSystem c-Class Virtual Connect Library

Version 4.41 (Firmware)
Freescale MPC8347 Processor; Freescale MPC8535 Processor 4/17/2015 TLS( TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#2769 HMAC Val#2125
SSH (SHA 256 , 384 , 512 ) SHA Val#2769
SNMP SHA1 Val#2769

"The HP BladeSystem is a rack-mount enterprise-class computing infrastructure designed to maximize power while minimizing costs, saving up to 56% of the total cost of ownership compared to traditional infrastructures."

487
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Hewlett-Packard Development Company, L.P.
11445 Compaq Center Dr. W
Houston, TX 77070
USA

-Ramesh Narayanan
TEL: +91 80 338 65384

-Rituparna Mitra
TEL: +91 80 251 65735

HP BladeSystem Onboard Administrator Firmware

Version 4.40 (Firmware)
PowerPC 440EPX processor 4/17/2015 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#2767 HMAC Val#2124
SSH (SHA 1 , 224 , 256 , 384 , 512 ) SHA Val#2767
SNMP SHA1 Val#2767

"The module provides administrative control of HP BladeSystem c-Class enclosures. The cryptographic functions of the module provide security for administrative access via HTTPS and SSH, and to administrative commands for the BladeSystem enclosure."

486
Section 4.1.2,
IKEv2
SP800-135
SUSE, LLC
10 Canal Park, Suite 200
Cambridge, MA 02141
USA

-Thomas Biege
TEL: +49 911 74053 500

-Michael Hager
TEL: +49 911 74053 80

Strongswan Cryptographic Module

Version 1.0
Intel x86-64 w/ SUSE Linux Enterprise Server 12 4/17/2015 IKEv2( ( 224 (SHA 1 , 256 , 384 , 512 ) ) ( 8192 (SHA 1 , 256 , 384 , 512 ) ) ( 2048 (SHA 1 , 256 , 384 , 512 ) ) ( 2048 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#2646 HMAC Val#2015

"Strongswan is an open-source IPsec implementation for Linux kernel. The module supplies cryptographic support of the IKEv1 and IKEv2 protocols for the SUSE Linux Enterprise Server user space. This test covers the SP800-135 IKEv2 KDF testing."

485
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Sony Mobile Communications Inc.
1-8-15 Kohnan
Minato-ku, Tokyo 108-0075
Japan

-Takuya Nishibayashi
TEL: +81-3-5782-5285
FAX: +81-3-5782-5258

Xperia Cryptographic Module CVL Component

Version 1.0.0
Qualcomm Snapdragon 810 (ARMv8) with Cryptographic Instructions w/ Android 5.0; Qualcomm Snapdragon 810 (ARMv8) without Cryptographic Instructions w/ Android 5.0 4/17/2015 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"Xperia Cryptographic Module CVL Component provides cryptographic service for Android mobile device."

05/19/15: Updated implementation information; 08/15/16: Corrected K409 should have been selected

484
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
United States Special Operations Command (USSOCOM)
7701 Tampa Point Boulevard
MacDill Air Force Base, Florida 33621-5323
USA

-William W. Burnham
TEL: (813) 826-2282

Suite B Cryptographic Algorithms

Version 2.0
Qualcomm Snapdragon S2 w/ BlackBerry OS v7.1; Qualcomm Snapdragon S4 w/ BlackBerry OS v10.3; Intel Xeon w/ Microsoft Windows Server 2008 R2 (64-bit); Intel Xeon w/ Microsoft Windows Server 2012 R2 (64-bit); Qualcomm Snapdragon 801 w/ BlackBerry OS v10.3 4/10/2015 Curves tested: P-224   P-256   P-384   P-521

"KEYW, in coordination with the United States Special Operations Command (USSOCOM), has developed a Federal Information Processing Standard (FIPS) 140-2 certified, standards-based Suite B Cryptographic Algorithms library that provides an advanced layer of encrypted data-in-transit communications and data-at-rest encryption for the BlackBerry ecosystem."

07/20/15: Updated implementation information;

483
Section 5.2, SSH
SP800-135
SUSE, LLC
10 Canal Park, Suite 200
Cambridge, MA 02141
USA

-Thomas Biege
TEL: +49 911 74053 500

-Michael Hager
TEL: +49 911 74053 80

OpenSSH

Version 1.0
Intel x86-64 w/ SUSE Linux Enterprise Server 12 4/10/2015 SSH (SHA 256 , 384 , 512 ) SHA Val#2646

"OpenSSH is the standard SSH implementation. This test covers the SP800-135 SSH KDF testing for both OpenSSH client and server cryptographic modules."

482
Section 4.2,
TLS
SP800-135
Accellion, Inc.
1804 Embarcadero Road
Suite 200
Palo Alto, Ca 94303
USA

-Prateek Jain
TEL: 65-62445670
FAX: 65-62445678

OpenSSL Object Module

Version 1.0.1
Intel Xeon QuadCore w/ Red Hat Enterprise Linux 5 4/10/2015 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#2758 HMAC Val#2117

"Accellion Cryptographic Module is a key component of Accellion''s secure collaboration solution that enables enterprises to securely share and transfer files. Extensive tracking and reporting tools allow compliance with SOX, HIPAA, FDA and GLB regulations while providing enterprise grade security and ease of use."

481
All of SP800-56A EXCEPT KDF
SP800-56A
Accellion, Inc.
1804 Embarcadero Road
Suite 200
Palo Alto, Ca 94303
USA

-Prateek Jain
TEL: 65-62445670
FAX: 65-62445678

OpenSSL Object Module

Version 1.0.1
Intel Xeon QuadCore w/ Red Hat Enterprise Linux 5 4/10/2015 ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 ECDSA Val#655 SHS Val#2758 DRBG Val#772

"Accellion Cryptographic Module is a key component of Accellion''s secure collaboration solution that enables enterprises to securely share and transfer files. Extensive tracking and reporting tools allow compliance with SOX, HIPAA, FDA and GLB regulations while providing enterprise grade security and ease of use."

480
Section 4.2,
TLS
Section 5.2, SSH
Section 5.3, SRTP
Section 5.4, SNMP
SP800-135
Oracle Communications
100 Crosby Drive
Bedford, MA 01730
USA

-Nikhil Suares
TEL: (781) 538-7568

-Madhu Mathiyalagan
TEL: (781) 538-7514

Acme Packet Cryptographic Library

Version EC6.4.1 (Firmware)
Intel Core Duo T2500; Intel Celeron M 440; Intel Core Duo T9400 3/27/2015 TLS( TLS1.0/1.1 ) SHA Val#2748 HMAC Val#2107
SSH (SHA 1 ) SHA Val#2748
SRTP (AES 128 ) AES Val#928
SNMP SHA1 Val#2748

"The Acme Packet 3820 and 4500 are one rack unit (1U) platforms that feature Oracle’s purpose-built hardware design tightly integrated with Acme Packet OS, to provide the critical controls for delivering trusted, real-time communications - voice, video, and application data sessions - across Internet Protocol (IP) network borders."

479
RSADP Primitive
FIPS186-4 RSA; RSADP
Samsung Electronics Co., Ltd
R4 416, Maetan 3-dong, Yeongtong-gu
Suwon-si, Gyeonggi-do 443-742
Korea

-Brian Wood
TEL: 908-809-7939
FAX: 908-809-7974

Samsung OpenSSL - Galaxy S6

Version OpenSSL 1.0.1j
System LSI Exynos 7420 w/ Android 5.0.2 3/27/2015 RSADP: (Mod2048)

"General purpose cryptographic services available for Android used by Samsung devices to provide secure cryptography."

478
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Samsung Electronics Co., Ltd
R4 416, Maetan 3-dong, Yeongtong-gu
Suwon-si, Gyeonggi-do 443-742
Korea

-Brian Wood
TEL: 908-809-7939
FAX: 908-809-7974

Samsung OpenSSL - Galaxy S6

Version OpenSSL 1.0.1j
System LSI Exynos 7420 w/ Android 5.0.2 3/27/2015 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"General purpose cryptographic services available for Android used by Samsung devices to provide secure cryptography."

477
RSADP Primitive
FIPS186-4 RSA; RSADP
Samsung Electronics Co., Ltd
R4 416, Maetan 3-dong, Yeongtong-gu
Suwon-si, Gyeonggi-do 443-742
Korea

-Brian Wood
TEL: 908-809-7939
FAX: 908-809-7974

Samsung OpenSSL - Note 4

Version OpenSSL 1.0.1j
Qualcomm Snapdragon 805 w/ Android 5.0.1 3/27/2015 RSADP: (Mod2048)

"General purpose cryptographic services available for Android used by Samsung devices to provide secure cryptography."

476
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Samsung Electronics Co., Ltd
R4 416, Maetan 3-dong, Yeongtong-gu
Suwon-si, Gyeonggi-do 443-742
Korea

-Brian Wood
TEL: 908-809-7939
FAX: 908-809-7974

Samsung OpenSSL - Note 4

Version OpenSSL 1.0.1j
Qualcomm Snapdragon 805 w/ Android 5.0.1 3/27/2015 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"General purpose cryptographic services available for Android used by Samsung devices to provide secure cryptography."

475
Section 4.2,
TLS
SP800-135
Cavium, Inc.
2315 N. First Street
San Jose, CA 95131
USA

-Tasha Castaneda
TEL: 650-218-9914

-Steve Klinger
TEL: 408-943-7375

N3Like_FW

Version N3Like_v1.0 (Firmware)
Part # CN7010/CN7020/CN7120/CN7125/CN7130/CN7230/CN7240/CN7340/CN7350/CN7360; -AAP, -CP, -SCP options
Octeon III CN7000/CN7100 Series Die 3/27/2015 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#2737 HMAC Val#2095

"The Cavium OCTEON III family of Multi-Core MIPS64 processors has 1 to 48 cores per chip. They integrate next-generation networking I/Os with advanced security, storage, and application hardware acceleration, offering unprecedented throughput and programmability for Layer 2 through Layer 7 processing of intelligent networks."

09/08/16: Updated implementation information;

474
Section 4.2,
TLS
SP800-135
Redpine Signals, Inc.
2107 North First Street Suite #680
San Jose, CA 95131-2019
USA

-Mallik Reddy
TEL: +1 408 219 7868
FAX: +1 408 705 2019

RSICryptoLib

Version RSICryptoLib_1_0 (Firmware)
Part # Redpine ThreadArch
N/A 3/27/2015 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 ) ) SHA Val#2628 HMAC Val#2003

"Algorithm routines implemented in RSICryptoLib"

472
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
OpenSSL Software Foundation, Inc.
1829 Mount Ephraim Road
Adamstown, MD 27101
USA

-Steve Marquess
TEL: 877-673-6775

OpenSSL FIPS Object Module

Version 2.0.10
Apple A7 (ARMv8) 64-bit without NEON and Crypto Extensions w/ iOS 8.1; Apple A7 (ARMv8) 64-bit with NEON and Crypto Extensions w/ iOS 8.1; Freescale P2020 (PPC) w/ VxWorks 6.9; Apple A7 (ARMv8) with NEON w/ iOS 8.1 32-bit; Apple A7 (ARMv8) without NEON w/ iOS 8.1 32-bit; Qualcomm APQ8084 (ARMv7) without NEON w/ Android 5.0 32-bit; Qualcomm APQ8084 (ARMv7) with NEON w/ Android 5.0 32-bit; SAMSUNG Exynos7420 (ARMv8) without NEON and Crypto Extensions w/ Android 5.0 64-bit; SAMSUNG Exynos7420 (ARMv8) with NEON and Crypto Extensions w/ Android 5.0 64-bit ;  Intel Xeon E5-2430L (x86) with AES-NI optimizations w/ FreeBSD 10.2; Intel Xeon E5-2430L (x86) without AES-NI optimizations w/ FreeBSD 10.2; Freescale i.MX6 (ARMv7) w/ Yocto Linux 3.10; Freescale i.MX6 (ARMv7) with NEON w/ Yocto Linux 3.10; ARM926EJ-S (ARMv5) w/ Linux 4.4; PowerPC 440 (PPC) w/ Timesys 2.6; Marvell Feroceon 88FR131 (ARMv5TE) w/ uClinux-dist-5.0; Marvell Armada 370 (ARMv7) w/ uClinux-dist-5.0; ARM926EJS (ARMv5TEJ) w/ uClibc 0.9; Marvell PJ4 (ARMv7) w/ uClibc 0.9; ARM922T (ARMv4T) w/ uClibc 0.9; Intel Xeon E3-1231 (x86) without AES-NI w/ LMOS 7.2; Intel Xeon E3-1231 (x86) with AES-NI w/ LMOS 7.2; Intel Xeon E5-2430L without AES-NI w/ LMOS 7.2 under VMware ESXi 6.5; Intel Xeon E5-2430L with AES-NI w/ LMOS 7.2 under VMware ESXi 6.5; Marvell Mohawk (ARMv5TE) w/ Debian 7.9; Atmel ATSAMA5D35 (ARMv7) w/ Linux 3.16; Atmel ATSAM9G45 (ARMv5TEJ) w/ Linux 3.16; Intel Atom Z3735F (x86) w/ Android 4.4 32-bit; ARM Cortex A9 (ARMv7) without NEON w/ Linux 3.14; ARM Cortex A9 (ARMv7) with NEON w/ Linux 3.14 3/27/2015 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"The OpenSSL FIPS Object Module is a full featured general purpose cryptographic library that is distributed in source code form under an open source license. It can be downloaded from www.openssl.org/source/."

04/17/15: Added new tested information;
05/29/2015: Updated implementation information;
08/11/15: Updated implementation information;
03/11/16: Added new tested information;
11/18/16: Added new tested information;
12/30/16: Added new tested information;
02/24/17: Added new tested information;
03/06/17: Added new tested information;
0/07/17: Updated implementation information; 04/17/15: Added new tested information;
05/29/2015: Updated implementation information;
08/11/15: Updated implementation information;
03/11/16: Added new tested information;
11/18/16: Added new tested information;
12/30/16: Added new tested information;
02/24/17: Added new tested information;
03/06/17: Added new tested information;
0/07/17: Updated implementation information;
04/14/17: Added new tested information and updated implementation information;

471
Section 4.2,
TLS
SP800-135
RSA, The Security Division of EMC
174 Middlesex Turnpike
Bedford, MA 01730
USA

-Sandy Carielli
TEL: 781-515-7510

RSA BSAFE® Crypto-J JSAFE and JCE Software Module

Version 6.2
Intel Core i7 w/ Windows 8.1 (64-bit); NVIDIA Tegra 3 w/ Android 4.1.2 ;  Intel Xeon w/ CentOS 6.7 3/27/2015 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#2701 HMAC Val#2062

"RSA BSAFE Crypto-J security software is designed to help protect sensitive data as it is stored using strong encryption techniques to provide a persistent level of protection. It supports a wide range of industry standard encryption algorithms offering Java developers the flexibility to choose the option most appropriate to meet their requirements"

03/26/15: Added new tested information;
04/04/16: Added new tested information;

470
Section 5.2, SSH
SP800-135
Juniper Networks, Inc.
1194 North Mathilda Avenue
Sunnyvale, CA 94089
USA

-Balachandra Shanabhag
TEL: +91 8061214260

OpenSSL Crypto Lib

Version Junos 14.1R4 (Firmware)
Intel LC5500 and LC3500 Jasper Forest family; Intel L52xx Wolfdale family 3/20/2015 SSH (SHA 1 , 256 , 384 , 512 ) SHA Val#2736

"Comprehensive, scalable and secure switching & routing solutions specifically designed to meet the needs of campus, enterprises and service providers. All of our switches & routers - core, Multiservice edge and edge Ethernet - run on one common operating system- Junos."

03/27/15: Update implementation information;

469
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
SP800-135
Juniper Networks, Inc.
1194 North Mathilda Avenue
Sunnyvale, CA 94089
USA

-Balachandra Shanabhag
TEL: +91 8061214260

Authentec (Quicksec)

Version Junos 14.1R4 (Firmware)
Intel LC5500 and LC3500 Jasper Forest family; Intel L52xx Wolfdale family 3/20/2015 IKEv1( AUTH( DSA , PKE , PSK ) ) ( 2048 (SHA 256 ) ) ( 2048 (SHA 256 ) ) SHA Val#2733 HMAC Val#2091
IKEv2( ( 2048 (SHA 256 ) ) ( 2048 (SHA 256 ) ) SHA Val#2733 HMAC Val#2091

"Comprehensive, scalable and secure switching & routing solutions specifically designed to meet the needs of campus, enterprises and service providers. All of our switches & routers - core, Multiservice edge and edge Ethernet - run on one common operating system- Junos."

03/27/15: Updated implementation information;

468
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
LG Electronics, Inc.
20 Yoido-dong
Youngdungpo-gu
Seoul, n/a 152-721
Republic of Korea

-Jongseong Kim
TEL: 82-10-2207-1919
FAX: 82-2-6950-2080

-Adam Wick
TEL: 503-808-7216
FAX: 503-350-0833

LG OpenSSL

Version 2.0.8
Qualcomm Snapdragon 800-series (32-bit) w/ Android 5.0.1; Qualcomm Snapdragon 800-series (64-bit) w/ Android 5.0.1 3/20/2015 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"General-purpose cryptographic services available for Android used by LG devices to provide secured services to applications via the OpenSSL FIPS Object Module, which is a full featured general purpose cryptographic library."

06/25/15: Added new tested information;
05/31/16: Updated implementation information;

467
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
IBM® Corporation
Seabank Centre
12 - 14 Marine Parade
Southport, QLD 4215
Australia

-Peter Waltenberg
TEL: +61 7 5552 4016
FAX: +61 7 5571 0420

ICC Algorithmic Core on XGS 7100

Version 8.4.0.0
Intel E5-2658 v2 2.4 GHz w/ RHEL 6.3 Linux 3/20/2015 Curves tested: P-224   P-256   P-384   P-521

"ICC is a C language implementation of cryptographic functions based on the cryptographic library provided by the OpenSSL project. This enables IBM products to use an open source solution for cryptography and a FIPS 140-2 certified cryptographic provider."

466
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
IBM® Corporation
Seabank Centre
12 - 14 Marine Parade
Southport, QLD 4215
Australia

-Peter Waltenberg
TEL: +61 7 5552 4016
FAX: +61 7 5571 0420

ICC Algorithmic Core on XGS 5100

Version 8.4.0.0
Intel Core i7-2600 3.4 GHz w/ RHEL 6.3 Linux 3/20/2015 Curves tested: P-224   P-256   P-384   P-521

"ICC is a C language implementation of cryptographic functions based on the cryptographic library provided by the OpenSSL project. This enables IBM products to use an open source solution for cryptography and a FIPS 140-2 certified cryptographic provider."

465
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
IBM® Corporation
Seabank Centre
12 - 14 Marine Parade
Southport, QLD 4215
Australia

-Peter Waltenberg
TEL: +61 7 5552 4016
FAX: +61 7 5571 0420

ICC Algorithmic Core on XGS 4100

Version 8.4.0.0
Intel i3-2115C 2.0 GHz w/ RHEL 6.3 Linux 3/20/2015 Curves tested: P-224   P-256   P-384   P-521

"ICC is a C language implementation of cryptographic functions based on the cryptographic library provided by the OpenSSL project. This enables IBM products to use an open source solution for cryptography and a FIPS 140-2 certified cryptographic provider."

464
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Hewlett Packard Enterprise
14231 Tandem Boulevard
Austin, TX 78728
USA

-Kevin Pimm
TEL: (512) 432-2969

TippingPoint Crypto Core OpenSSL

Version 2.0.8
Intel Xeon E5-2620v3 w/ CentOS 5.6;Intel Xeon E5-2690v3 w/ CentOS 5.6 3/20/2015 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"This implementation represents a version of the FIPS certified Mozilla Network Security Services (NSS) compiled for CentOS 5.6."

12/17/15: Updated vendor and implementation information;

463
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
IBM® Corporation
Seabank Centre
12 - 14 Marine Parade
Southport, QLD 4215
Australia

-Peter Waltenberg
TEL: +61 7 5552 4016
FAX: +61 7 5571 0420

ICC Algorithmic Core on XGS 3100

Version 8.4.0.0
Intel Pentium B915C 1.5 GHz w/ RHEL 6.3 Linux 3/20/2015 Curves tested: P-224   P-256   P-384   P-521

"ICC is a C language implementation of cryptographic functions based on the cryptographic library provided by the OpenSSL project. This enables IBM products to use an open source solution for cryptography and a FIPS 140-2 certified cryptographic provider."

462
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
IBM® Corporation
Seabank Centre
12 - 14 Marine Parade
Southport, QLD 4215
Australia

-Peter Waltenberg
TEL: +61 7 5552 4016
FAX: +61 7 5571 0420

ICC Algorithmic Core on SP4001

Version 8.4.0.0
Intel Core i7-2600 3.4 GHz w/ Windows Server 2012 R2 64-bit 3/20/2015 Curves tested: P-224   P-256   P-384   P-521

"ICC is a C language implementation of cryptographic functions based on the cryptographic library provided by the OpenSSL project. This enables IBM products to use an open source solution for cryptography and a FIPS 140-2 certified cryptographic provider."

461
Section 5.2, SSH
SP800-135
Hewlett Packard Enterprise
1160 Enterprise Way
Sunnyvale, CA 94089
USA

-Indra Fitzgerald
TEL: 650-258-5477

HP ESKM OpenSSH

Version 6.0.0 (Firmware)
Intel Xeon E5-2600 Family 3/20/2015 SSH (SHA 1 ) SHA Val#2716

"HP Enterprise Secure Key Manager (ESKM) provides key generation, retrieval, and management for encryption devices and solutions. ESKM is a hardened security appliance with secure access control, administration, and logging. ESKM supports high availability with automatic multi-site clustering, replication, and failover."

460
Section 4.2,
TLS
SP800-135
Hewlett Packard Enterprise
1160 Enterprise Way
Sunnyvale, CA 94089
USA

-Indra Fitzgerald
TEL: 650-258-5477

HP ESKM OpenSSL

Version 6.0.0 (Firmware)
Intel Xeon E5-2600 Family 3/20/2015 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#2716 HMAC Val#2075

"HP Enterprise Secure Key Manager (ESKM) provides key generation, retrieval, and management for encryption devices and solutions. ESKM is a hardened security appliance with secure access control, administration, and logging. ESKM supports high availability with automatic multi-site clustering, replication, and failover."

459
RSADP Primitive
FIPS186-4 RSA; RSADP
Hewlett Packard Enterprise
1160 Enterprise Way
Sunnyvale, CA 94089
USA

-Indra Fitzgerald
TEL: 650-258-5477

HP ESKM OpenSSL

Version 6.0.0 (Firmware)
Intel Xeon E5-2600 Family 3/20/2015 RSADP: (Mod2048)

"HP Enterprise Secure Key Manager (ESKM) provides key generation, retrieval, and management for encryption devices and solutions. ESKM is a hardened security appliance with secure access control, administration, and logging. ESKM supports high availability with automatic multi-site clustering, replication, and failover."

458
Section 4.2,
TLS
SP800-135
Zoll Medical
269 Mill Rd.
Chemlsford, MA 01824
USA

-Navid Shaidani
TEL: 978-421-9843

-Bryan Newman
TEL: 978-421-9843

OpenSSL Fips Object Module

Version 2.0.7 (Firmware)
Part # *
Texas Instruments AM3703 Cortex A8 (ARM 7) 3/20/2015 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#2714 HMAC Val#2074

"OpenSSL Fips Object Module implements all necessary algorithms required for SSL communications."

10/20/15: Updated implementation information;

457
Section 4.1.1,
IKEv1
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Aruba Networks, Inc.
1344 Crossman Ave
Sunnyvale, CA 94089
USA

-Steve Weingart
TEL: +1 830 850 1544

ArubaOS OpenSSL Module

Version 6.4.3-FIPS (Firmware)
x86-64 3/13/2015 IKEv1( AUTH( DSA , PSK ) ) ( 2048 (SHA 1 , 256 , 384 ) ) SHA Val#2694 HMAC Val#2055
TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#2694 HMAC Val#2055
SSH (SHA 1 ) SHA Val#2694
SNMP SHA1 Val#2694

"The Aruba MOVE Architecture forms the core network infrastructure for supporting mobile and wireless computing devices. The system enables enterprise-scale 802.11 wireless LANs (Wi-Fi), secure remote VPNs, and mobility-optimized wired networks."

456
Section 4.1.2,
IKEv2
Section 4.2,
TLS
SP800-135
Aruba Networks, Inc.
1344 Crossman Ave
Sunnyvale, CA 94089
USA

-Steve Weingart
TEL: +1 830 850 1544

ArubaOS Common Cryptographic Module

Version 6.4.3-FIPS (Firmware)
x86-64 3/13/2015 IKEv2( ( 2048 (SHA 256 , 384 ) ) ( 256 (SHA 256 , 384 ) ) ( 384 (SHA 256 , 384 ) ) SHA Val#2693 HMAC Val#2054
TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#2693 HMAC Val#2054

"The Aruba MOVE Architecture forms the core network infrastructure for supporting mobile and wireless computing devices. The system enables enterprise-scale 802.11 wireless LANs (Wi-Fi), secure remote VPNs, and mobility-optimized wired networks."

455
Section 5.4, SNMP
SP800-135
ViaSat, Inc.
6155 El Camino Real
Carlsbad, CA 92009
USA

-David Suksumrit
TEL: 760-476-2306
FAX: 760-929-3941

-Savitha Naik
TEL: 760-476-7416
FAX: 760-929-3941

NetSNMP KDF

Version 5.7.1 (Firmware)
IBM Power PC 3/6/2015 SNMP SHA1 Val#2690

"SHA-1 based KDF used by NetSNMP."

454
Section 5.2, SSH
SP800-135
ViaSat, Inc.
6155 El Camino Real
Carlsbad, CA 92009
USA

-David Suksumrit
TEL: 760-476-2306
FAX: 760-929-3941

-Savitha Naik
TEL: 760-476-7416
FAX: 760-929-3941

OpenSSH KDF

Version 6.1p1 (Firmware)
IBM Power PC 3/6/2015 SSH (SHA 1 , 256 , 512 ) SHA Val#2690

"KDF implementation in OpenSSH."

453
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
IBM® Corporation
Seabank Centre
12 - 14 Marine Parade
Southport, QLD 4215
Australia

-Peter Waltenberg
TEL: +61 7 5552 4016
FAX: +61 7 5571 0420

ICC Algorithmic Core on Windows x86-64 for 64 bits

Version 8.4.1.0
Intel x86_64 w/ Microsoft Windows Server 2008 3/6/2015 Curves tested: P-224   P-256   P-384   P-521

"ICC is a C language implementation of cryptographic functions based on the cryptographic library provided by the OpenSSL project. This enables IBM products to use an open source solution for cryptography and a FIPS 140-2 certified cryptographic provider."

05/15/15: Updated implementation information;

452
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
IBM® Corporation
Seabank Centre
12 - 14 Marine Parade
Southport, QLD 4215
Australia

-Peter Waltenberg
TEL: +61 7 5552 4016
FAX: +61 7 5571 0420

ICC Algorithmic Core on Windows x86-64 for 32 bits

Version 8.4.1.0
Intel x86_64 w/ Microsoft Windows Server 2008 3/6/2015 Curves tested: P-224   P-256   P-384   P-521

"ICC is a C language implementation of cryptographic functions based on the cryptographic library provided by the OpenSSL project. This enables IBM products to use an open source solution for cryptography and a FIPS 140-2 certified cryptographic provider."

05/15/15: Updated implementation information;

451
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
IBM® Corporation
Seabank Centre
12 - 14 Marine Parade
Southport, QLD 4215
Australia

-Peter Waltenberg
TEL: +61 7 5552 4016
FAX: +61 7 5571 0420

ICC Algorithmic Core on Ubuntu PPC64 for 64 bits

Version 8.4.1.0
IBM Power8 w/ Ubuntu 14.04 LE 3/6/2015 Curves tested: P-224   P-256   P-384   P-521

"ICC is a C language implementation of cryptographic functions based on the cryptographic library provided by the OpenSSL project. This enables IBM products to use an open source solution for cryptography and a FIPS 140-2 certified cryptographic provider."

05/15/15: Updated implementation information;

450
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
IBM® Corporation
Seabank Centre
12 - 14 Marine Parade
Southport, QLD 4215
Australia

-Peter Waltenberg
TEL: +61 7 5552 4016
FAX: +61 7 5571 0420

ICC Algorithmic Core on Solaris Sparc for 64 bits

Version 8.4.1.0
Sparc T4 w/ Solaris 11 3/6/2015 Curves tested: P-224   P-256   P-384   P-521

"ICC is a C language implementation of cryptographic functions based on the cryptographic library provided by the OpenSSL project. This enables IBM products to use an open source solution for cryptography and a FIPS 140-2 certified cryptographic provider."

05/15/15: Updated implementation information;

449
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
IBM® Corporation
Seabank Centre
12 - 14 Marine Parade
Southport, QLD 4215
Australia

-Peter Waltenberg
TEL: +61 7 5552 4016
FAX: +61 7 5571 0420

ICC Algorithmic Core on Solaris Sparc for 32 bits

Version 8.4.1.0
Sparc T4 w/ Solaris 11 3/6/2015 Curves tested: P-224   P-256   P-384   P-521

"ICC is a C language implementation of cryptographic functions based on the cryptographic library provided by the OpenSSL project. This enables IBM products to use an open source solution for cryptography and a FIPS 140-2 certified cryptographic provider."

05/15/15: Updated implementation information;

448
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
IBM® Corporation
Seabank Centre
12 - 14 Marine Parade
Southport, QLD 4215
Australia

-Peter Waltenberg
TEL: +61 7 5552 4016
FAX: +61 7 5571 0420

ICC Algorithmic Core on SLES zSeries for 64 bits

Version 8.4.1.0
IBM zSeries s390x w/ SUSE Linux Enterprise Server 11 3/6/2015 Curves tested: P-224   P-256   P-384   P-521

"ICC is a C language implementation of cryptographic functions based on the cryptographic library provided by the OpenSSL project. This enables IBM products to use an open source solution for cryptography and a FIPS 140-2 certified cryptographic provider."

05/15/15: Updated implementation information;

447
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
IBM® Corporation
Seabank Centre
12 - 14 Marine Parade
Southport, QLD 4215
Australia

-Peter Waltenberg
TEL: +61 7 5552 4016
FAX: +61 7 5571 0420

ICC Algorithmic Core on SLES zSeries for 32 bits

Version 8.4.1.0
IBM zSeries s390x w/ SUSE Linux Enterprise Server 11 3/6/2015 Curves tested: P-224   P-256   P-384   P-521

"ICC is a C language implementation of cryptographic functions based on the cryptographic library provided by the OpenSSL project. This enables IBM products to use an open source solution for cryptography and a FIPS 140-2 certified cryptographic provider."

05/15/15: Updated implementation information;

446
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
IBM® Corporation
Seabank Centre
12 - 14 Marine Parade
Southport, QLD 4215
Australia

-Peter Waltenberg
TEL: +61 7 5552 4016
FAX: +61 7 5571 0420

ICC Algorithmic Core on RHEL x86-64 for 64 bits

Version 8.4.1.0
Intel x86_64 w/ Red Hat Linux Enterprise Server 7.0 3/6/2015 Curves tested: P-224   P-256   P-384   P-521

"ICC is a C language implementation of cryptographic functions based on the cryptographic library provided by the OpenSSL project. This enables IBM products to use an open source solution for cryptography and a FIPS 140-2 certified cryptographic provider."

05/08/15: Updated implementation information;

445
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
IBM® Corporation
Seabank Centre
12 - 14 Marine Parade
Southport, QLD 4215
Australia

-Peter Waltenberg
TEL: +61 7 5552 4016
FAX: +61 7 5571 0420

ICC Algorithmic Core on RHEL x86-64 for 32 bits

Version 8.4.1.0
Intel x86_64 w/ Red Hat Linux Enterprise Server 7.0 3/6/2015 Curves tested: P-224   P-256   P-384   P-521

"ICC is a C language implementation of cryptographic functions based on the cryptographic library provided by the OpenSSL project. This enables IBM products to use an open source solution for cryptography and a FIPS 140-2 certified cryptographic provider."

05/08/15: Updated implementation information;

444
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
IBM® Corporation
Seabank Centre
12 - 14 Marine Parade
Southport, QLD 4215
Australia

-Peter Waltenberg
TEL: +61 7 5552 4016
FAX: +61 7 5571 0420

ICC Algorithmic Core on RHEL PPC64 for 64 bits

Version 8.4.1.0
IBM Power8 w/ Red Hat Linux Enterprise Server 7.0 BE 3/6/2015 Curves tested: P-224   P-256   P-384   P-521

"ICC is a C language implementation of cryptographic functions based on the cryptographic library provided by the OpenSSL project. This enables IBM products to use an open source solution for cryptography and a FIPS 140-2 certified cryptographic provider."

05/08/15: Updated implementation information;

443
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
IBM® Corporation
Seabank Centre
12 - 14 Marine Parade
Southport, QLD 4215
Australia

-Peter Waltenberg
TEL: +61 7 5552 4016
FAX: +61 7 5571 0420

ICC Algorithmic Core on RHEL PPC64 for 32 bits

Version 8.4.1.0
IBM Power8 w/ Red Hat Linux Enterprise Server 7.0 BE 3/6/2015 Curves tested: P-224   P-256   P-384   P-521

"ICC is a C language implementation of cryptographic functions based on the cryptographic library provided by the OpenSSL project. This enables IBM products to use an open source solution for cryptography and a FIPS 140-2 certified cryptographic provider."

05/08/15: Updated implementation information;

442
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
IBM® Corporation
Seabank Centre
12 - 14 Marine Parade
Southport, QLD 4215
Australia

-Peter Waltenberg
TEL: +61 7 5552 4016
FAX: +61 7 5571 0420

ICC Algorithmic Core on AIX PPC64 for 64 bits

Version 8.4.1.0
IBM Power8 w/ IBM AIX 7.1 3/6/2015 Curves tested: P-224   P-256   P-384   P-521

"ICC is a C language implementation of cryptographic functions based on the cryptographic library provided by the OpenSSL project. This enables IBM products to use an open source solution for cryptography and a FIPS 140-2 certified cryptographic provider."

05/08/15: Updated implementation information;

441
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
IBM® Corporation
Seabank Centre
12 - 14 Marine Parade
Southport, QLD 4215
Australia

-Peter Waltenberg
TEL: +61 7 5552 4016
FAX: +61 7 5571 0420

ICC Algorithmic Core on AIX PPC64 for 32 bits

Version 8.4.1.0
IBM Power8 w/ IBM AIX 7.1 3/6/2015 Curves tested: P-224   P-256   P-384   P-521

"ICC is a C language implementation of cryptographic functions based on the cryptographic library provided by the OpenSSL project. This enables IBM products to use an open source solution for cryptography and a FIPS 140-2 certified cryptographic provider."

05/08/15: Updated implementation information;

440
Section 4.2,
TLS
SP800-135
Draeger Medical Systems, Inc.
6 Tech Drive
Andover, MA 01810
USA

-Michael Robinson
TEL: +1 978 379 8000
FAX: +1 978 379 8538

DRAEGER WCM9113 802.11ABGN VG2

Version VG2 (Firmware)
Part # MS32018
N/A 3/6/2015 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 ) ) SHA Val#2661 HMAC Val#2026

"Algorithm routines implemented in the DRAEGER WCM9113 802.11ABGN VG2"

03/26/15: Updated implementation information;

439
Section 4.2,
TLS
SP800-135
Axway Inc.
2600 Bridge Parkway Suite 201
Redwood City, California 94065
USA

-Tom Donahoe
TEL: 480-627-1800
FAX: 480-627-1801

-Paul Keane
TEL: 650-801-3176
FAX: 650-801-3101

Axway Security Kernel

Version 3.0.1
Intel Xeon E5-2620 w/ RHEL 6.3 64bit; Sun UltraSparc T1 w/ Solaris 10 64bit; Intel Xeon E5-2620 w/ Microsoft Windows 2012 64bit 2/27/2015 TLS( TLS1.0/1.1 ) SHA Val#2663 HMAC Val#2028

"Axway Validation Authority Suite - a collection of products that provide flexible and robust OCSP/SCVP certificate validation solution for standard and custom desktop and server applications, supporting established security standards and technologies. These products may be used together or integrated with existing solutions."

438
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Hewlett Packard Enterprise
14231 Tandem Boulevard
Austin, TX 78728
USA

-Paul Tucker
TEL: 512-432-2626
FAX: +1 512 432 2001

-Freddy A. Mercado
TEL: +1 512 432 2947
FAX: +1 512 432 2001

TippingPoint Intrusion Prevention System (IPS)

Version 3.8.0 (Firmware)
Intel Jasper Forest Quad-core; Broadcom XLR 2/27/2015 TLS( TLS1.0/1.1 ) SHA Val#2662 HMAC Val#2027
SSH (SHA 1 , 256 , 384 , 512 ) SHA Val#2662

"The TippingPoint IPS Platform operates in-line in the network, blocking malicious and unwanted traffic, while allowing good traffic to pass unimpeded. The IPS provides cryptographic services to protect the management of the device."

04/17/15: Updated implementation information;
12/10/15: Updated implementation and vendor information;

437
All of SP800-56A EXCEPT KDF
SP800-56A
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

Brocade Cryptographic Library used in the interface module

Version BRCD-LP-CRYPTO-VER-1.0 (Firmware)
Freescale 1199 MHz Power PC processor P2010E 2/27/2015 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: Full Validation )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FC SHS Val#934 DRBG Val#684
ECC:
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 ECDSA Val#593 SHS Val#934 DRBG Val#684

"Brocade cryptographic library used in the interface, module implements crypto operations in hardware and in software. The Brocade MLXe Series provides industry leading wire-speed port capacity without compromising the performance of advanced capabilities such as IPSec, IKEv2, IPv6, MPLS and MPLS Virtual Private Networks (VPNs)."

01/21/16: Updated implementation information;

436
Section 4.1.2,
IKEv2
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

Brocade Cryptographic Library used in the interface module

Version BRCD-LP-CRYPTO-VER-1.0 (Firmware)
Freescale 1199 MHz Power PC processor P2010E 2/27/2015 IKEv2( ( 224 (SHA 256 , 384 ) ) ( 384 (SHA 256 , 384 ) ) ( 2048 (SHA 256 , 384 ) ) SHA Val#934 HMAC Val#538

"Brocade cryptographic library used in the interface, module implements crypto operations in hardware and in software. The Brocade MLXe Series provides industry leading wire-speed port capacity without compromising the performance of advanced capabilities such as IPSec, IKEv2, IPv6, MPLS and MPLS Virtual Private Networks (VPNs)."

435
Section 4.2,
TLS
SP800-135
Accellion, Inc.
1804 Embarcadero Road
Suite 200
Palo Alto, Ca 94303
USA

-Prateek Jain
TEL: 65-62445670
FAX: 65-62445678

OpenSSL Object Module

Version 1.0.1
Intel Xeon QuadCore w/ CentOS 6.4 on VMware ESXi 5.1.0 2/20/2015 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#2659 HMAC Val#2025

"Accellion Kiteworks Cryptographic Module is a key component of Accellion''s Kiteworks product that enables enterprises to securely share and transfer files. Extensive tracking and reporting tools allow compliance with SOX, HIPAA, FDA and GLB regulations while providing enterprise grade security and ease of use."

434
All of SP800-56A EXCEPT KDF
SP800-56A
Accellion, Inc.
1804 Embarcadero Road
Suite 200
Palo Alto, Ca 94303
USA

-Prateek Jain
TEL: 65-62445670
FAX: 65-62445678

OpenSSL Object Module

Version 1.0.1
Intel Xeon QuadCore w/ CentOS 6.4 on VMware ESXi 5.1.0 2/20/2015 ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 ECDSA Val#592 SHS Val#2659 DRBG Val#683

"Accellion Kiteworks Cryptographic Module is a key component of Accellion''s Kiteworks product that enables enterprises to securely share and transfer files. Extensive tracking and reporting tools allow compliance with SOX, HIPAA, FDA and GLB regulations while providing enterprise grade security and ease of use."

433
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Samsung Electronics Co., Ltd.
416, Maetan 3-Dong Youngton Gu
Suwon, Gyeonggi 152-848
South Korea

-Abraham Joseph Kang
TEL: +1-408-324-3678
FAX: +1-408-324-3640

-Bumhan Kim
TEL: +82-10-4800-6711

Samsung SCrypto

Version 1.0
Qualcomm MSM8974 w/ QSEE 2.0 2/20/2015 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"Provide general purpose cryptographic services to TrustZone applications on the mobile platform for the protection of data in transit."

432
Section 4.1.1,
IKEv1
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Hewlett Packard Enterprise
153 Taylor Street
Littleton, MA 01460
USA

-Bob Pittman
TEL: 1-978-264-5211
FAX: 1-978-264-5522

HP Comware

Version ComwareV7.1-R2416 (Firmware)
Broadcom XLP108AQ 1GHz 2/20/2015 IKEv1( AUTH( DSA , PSK ) ) ( 2048 (SHA 1 , 256 ) ) SHA Val#2654 HMAC Val#2021
TLS( TLS1.0/1.1 ) SHA Val#2654 HMAC Val#2021
SSH (SHA 1 ) SHA Val#2654
SNMP SHA1 Val#2654

"Comware cryptographic library is a software library that provides cryptographic functions within HP devices."

431
All of SP800-56A EXCEPT KDF
SP800-56A
SUSE, LLC
10 Canal Park, Suite 200
Cambridge, MA 02141
USA

-Thomas Biege
TEL: +49 911 74053 500

-Michael Hager
TEL: +49 911 74053 80

OpenSSL (AES-NI and AVX+SSSE3 for SHA-1)

Version 2.0
Intel x86-64 w/ SUSE Linux Enterprise Server 12 2/13/2015 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation   Key Regeneration )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC DSA Val#915 SHS Val#2645 DRBG Val#674
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation   Key Regeneration )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 EE: P-521 ECDSA Val#586 SHS Val#2645 DRBG Val#674

"OpenSSL is an open-source library of various cryptographic algorithms written mainly in C. This test covers the AES-NI implementation of AES and AVX+SSSE3 assembler implementation of SHA-1 on Intel x86 64bit HP hardware."

430
Section 4.2,
TLS
SP800-135
SUSE, LLC
10 Canal Park, Suite 200
Cambridge, MA 02141
USA

-Thomas Biege
TEL: +49 911 74053 500

-Michael Hager
TEL: +49 911 74053 80

OpenSSL (AES-NI and AVX+SSSE3 for SHA-1)

Version 2.0
Intel x86-64 w/ SUSE Linux Enterprise Server 12 2/13/2015 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#2645 HMAC Val#2014

"OpenSSL is an open-source library of various cryptographic algorithms written mainly in C. This test covers the AES-NI implementation of AES and AVX+SSSE3 assembler implementation of SHA-1 on Intel x86 64bit HP hardware."

429
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Blue Coat Systems, Inc.
420 North Mary Avenue
Sunnyvale, California 94085-4121
USA

-Diana Robinson
TEL: 845-454-6397

-Nick Goble
TEL: 978-318-7544

Blue Coat SSL Visibility Appliance Crypto Library

Version 1.0.2
Intel X3450 Quad Core w/ Linux x86_64; Intel E5620 Quad Core w/ Linux x86_64; Intel E5645 Hex Core w/ Linux x86_64 2/6/2015 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#2642 HMAC Val#2013
SSH (SHA 1 , 224 , 256 , 384 , 512 ) SHA Val#2642
SNMP SHA1 Val#2642

"The Blue Coat SSL Visibility Appliance decrypts multiple streams of SSL content to provide IDS/IPS, logging, forensics, and data loss prevention. This preserves complete network traffic histories necessary for compliance/threat analysis and enables SSL inspection capabilities that close the security loophole created by SSL."

428
Section 4.2,
TLS
SP800-135
ARX (Algorithmic Research)
10 Nevatim St
Petah-Tikva, Israel 49561
Israel

-Ezer Farhi
TEL: 972-3-9279529

CoSign CKIT

Version 4.8.12 (Firmware)
Intel® Pentium Dual-Core 2/6/2015 TLS( TLS1.0/1.1 ) SHA Val#2639 HMAC Val#2012

"CoSign is a digital signature appliance that is connected to the organizational network and manages all signature keys and certificates of organization''''s end-users. End-users will connect securely to CoSign from their PC for the purpose of signing documents and data."

427
Section 4.2,
TLS
SP800-135
ARX (Algorithmic Research)
10 Nevatim St
Petah-Tikva, Israel 49561
Israel

-Ezer Farhi
TEL: 972-3-9279529

CoSign REST-WS

Version 0.9.8r (Firmware)
Intel® Pentium Dual-Core 1/30/2015 TLS( TLS1.0/1.1 ) SHA Val#2556 HMAC Val#2009

"CoSign is a digital signature appliance that is connected to the organizational network and manages all signature keys and certificates of organization''''s end-users. End-users will connect securely to CoSign from their PC for the purpose of signing documents and data."

02/12/15: Updated implementation information;

426
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Hewlett-Packard Development Company, L.P.
11445 Compaq Center Dr. W
Houston, TX 77070
USA

-Julie Ritter
TEL: (281) 514-4087

HP BladeSystem c-Class Virtual Connect Library

Version 1.0 (Firmware)
Freescale MPC8347 Processor; Freescale MPC8535 Processor 1/23/2015 TLS( TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#2634
SSH (SHA 256 , 384 , 512 ) SHA Val#2634

"The HP BladeSystem is a rack-mount enterprise-class computing infrastructure designed to maximize power while minimizing costs, saving up to 56% of the total cost of ownership compared to traditional infrastructures."

425
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Palo Alto Networks
4401 Great America Parkway
Santa Clara, California 95054
USA

-Richard Bishop
TEL: 408-753-4000

-Jake Bajic
TEL: 408-753-4000

Palo Alto Networks Crypto Module

Version 6.1 (Firmware)
Intel Multi Core Xeon 1/16/2015 TLS( TLS1.0/1.1 ) SHA Val#2632 HMAC Val#2006
SSH (SHA 1 ) SHA Val#2632
SNMP SHA1 Val#2632

"The Palo Alto Networks Crypto Module provides the cryptographic functionality for the Panorama M-100."

03/04/15: Updated implementation information;
03/06/15: Updated implemement information;

424
Section 4.2,
TLS
SP800-135
ARX (Algorithmic Research)
10 Nevatim St
Petah-Tikva, Israel 49561
Israel

-Ezer Farhi
TEL: 972-3-9279529

CoSign

Version 7.2 (Firmware)
Intel® Pentium Dual-Core 12/31/2014 TLS( TLS1.0/1.1 ) SHA Val#2548 HMAC Val#1932

"CoSign is a digital signature appliance that is connected to the organizational network and manages all signature keys and certificates of organization''s end-users. End-users will connect securely to CoSign from their PC for the purpose of signing documents and data."

423
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
SP800-135
Aruba Networks, Inc.
1344 Crossman Ave
Sunnyvale, CA 94089
USA

-Jon Green
TEL: 408-227-4500
FAX: 408-227-4550

-Steve Weingart
TEL: 210-516-5736

ArubaOS Crypto Module

Version ArubaOS 6.4.3-FIPS (Firmware)
Broadcom BCM53014 12/31/2014 IKEv1( AUTH( DSA , PSK ) ) ( 256 (SHA 256 , 384 ) ) ( 384 (SHA 256 , 384 ) ) ( 2048 ) SHA Val#2630 HMAC Val#2005
IKEv2( ( 2048 (SHA 256 , 384 ) ) SHA Val#2630 HMAC Val#2005

"The Aruba MOVE Architecture forms the core network infrastructure for supporting mobile and wireless computing devices. The system enables enterprise-scale 802.11 wireless LANs (Wi-Fi), secure remote VPNs, and mobility-optimized wired networks."

422
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Aruba Networks, Inc.
1344 Crossman Ave
Sunnyvale, CA 94089
USA

-Jon Green
TEL: 408-227-4500
FAX: 408-227-4550

-Steve Weingart
TEL: 210-516-5736

ArubaOS Crypto Module

Version ArubaOS 6.4.3-FIPS (Firmware)
Broadcom BCM53014 12/31/2014 RSASP1: (Mod2048: PKCS1.5 )

"The Aruba MOVE Architecture forms the core network infrastructure for supporting mobile and wireless computing devices. The system enables enterprise-scale 802.11 wireless LANs (Wi-Fi), secure remote VPNs, and mobility-optimized wired networks."

421
Section 4.1.1,
IKEv1
Section 4.2,
TLS
Section 5.4, SNMP
SP800-135
Aruba Networks, Inc.
1344 Crossman Ave
Sunnyvale, CA 94089
USA

-Jon Green
TEL: 408-227-4500
FAX: 408-227-4550

-Steve Weingart
TEL: 1-830-580-1544

ArubaOS OpenSSL Module

Version ArubaOS 6.4.3-FIPS (Firmware)
Broadcom BCM53014 12/31/2014 IKEv1( AUTH( DSA , PSK ) ) ( 2048 (SHA 1 , 256 , 384 ) ) SHA Val#2629 HMAC Val#2004
TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#2629 HMAC Val#2004
SNMP SHA1 Val#2629

"The Aruba MOVE Architecture forms the core network infrastructure for supporting mobile and wireless computing devices. The system enables enterprise-scale 802.11 wireless LANs (Wi-Fi), secure remote VPNs, and mobility-optimized wired networks."

420
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Aruba Networks, Inc.
1344 Crossman Ave
Sunnyvale, CA 94089
USA

-Jon Green
TEL: 408-227-4500
FAX: 408-227-4550

-Steve Weingart
TEL: 1-830-580-1544

ArubaOS OpenSSL Module

Version ArubaOS 6.4.3-FIPS (Firmware)
Broadcom BCM53014 12/31/2014 RSASP1: (Mod2048: PKCS1.5 )

"The Aruba MOVE Architecture forms the core network infrastructure for supporting mobile and wireless computing devices. The system enables enterprise-scale 802.11 wireless LANs (Wi-Fi), secure remote VPNs, and mobility-optimized wired networks."

419
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
SPYRUS, Inc.
1860 Hartog Drive
San Jose, CA 95131-2203
USA

-William Sandberg-Maitland
TEL: 613-298-3426

SPYCOS 3.0

Version 3.0 (Firmware)
Part # 742100004F
SPYCOS 3.0 12/24/2014 Curves tested: P-256   P-384   P-521

"SPYCOS 3.0 is a hardware cryptographic module that enables security critical capabilities such as user authentication, message privacy, integrity and secure storage in rugged, tamper-evident QFN and microSD form factors. The SPYCOS 3.0 Module communicates with a host computer via the standard USB interface."

418
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Fortinet Inc.
1090 Kifer Road
Sunnyvale, CA 94086-5301
USA

-Daniel Hayes
TEL: 613-225-9381 x7643
FAX: 613-225-9951

-Alan Kaye
TEL: 613-225-9381 x7416
FAX: 613-225-9951

Fortinet FortiAnalyzer SSL Cryptographic Library

Version 5.2.1 (Firmware)
Intel Celeron; Intel Xeon E5 12/24/2014 TLS( TLS1.0/1.1 ) SHA Val#2626 HMAC Val#2001
SSH (SHA 1 , 256 , 512 ) SHA Val#2626

"This document focuses on the software implementation of the Fortinet FortiAnalyzer SSL Cryptographic Library v5.0 running on Intel x86 compatible processors."

417
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Fortinet Inc.
1090 Kifer Road
Sunnyvale, CA 94086-5301
USA

-Daniel Hayes
TEL: 613-225-9381 x7643
FAX: 613-225-9951

-Alan Kaye
TEL: 613-225-9381 x7416
FAX: 613-225-9951

Fortinet FortiManager SSL Cryptographic Library

Version 5.2.1 (Firmware)
Intel Xeon E3; Intel Xeon E5 12/24/2014 TLS( TLS1.0/1.1 ) SHA Val#2625 HMAC Val#2000
SSH (SHA 1 , 256 , 512 ) SHA Val#2625

"This document focuses on the software implementation of the Fortinet FortiManager SSL Cryptographic Library v5.0 running on Intel x86 compatible processors."

416
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Fortinet Inc.
1090 Kifer Road
Sunnyvale, CA 94086-5301
USA

-Alan Kaye
TEL: 613-225-9381 x7416
FAX: 613-225-9951

-Daniel Hayes
TEL: 613-225-9381 x7643
FAX: 613-225-9951

Fortinet FortiOS SSL Cryptographic Library

Version 5.0.10 (Firmware)
ARM v5 Compatible; Intel Atom; Intel Celeron; Intel i3-540 Dual Core; Intel i5-750 Quad Core; Intel Xeon 12/24/2014 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 ) ) SHA Val#2624 HMAC Val#1999
SSH (SHA 1 ) SHA Val#2624

"This document focuses on the firmware implementation of the Fortinet FortiOS SSL Cryptographic Library v5.0 running on Intel x86 compatible processors."

415
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
SP800-135
Fortinet Inc.
1090 Kifer Road
Sunnyvale, CA 94086-5301
USA

-Alan Kaye
TEL: 613-225-9381 x7416
FAX: 613-225-9951

-Daniel Hayes
TEL: 613-225-9381 x7643
FAX: 613-225-9951

Fortinet FortiOS FIPS Cryptographic Library

Version 5.0.10 (Firmware)
ARM v5 Compatible; Intel Atom; Intel Celeron; Intel i3-540 Dual Core; Intel i5-750 Quad Core; Intel Xeon 12/19/2014 IKEv1( AUTH( DSA , PKE , PSK ) ) ( 224 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#2622 HMAC Val#1997
IKEv2( ( 224 (SHA 1 , 256 , 384 , 512 ) ) ( 8192 (SHA 1 , 256 , 384 , 512 ) ) ( 2048 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#2622 HMAC Val#1997

"This document focuses on the firmware implementation of the Fortinet FortiOS FIPS Cryptographic Library v5.0 running on Intel x86 compatible processors."

414
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Barracuda Networks
3175 Winchester Road
Campbell, CA 95008
USA

-Andrea Cannon
TEL: 703-743-9068

Barracuda Cryptographic Software Module

Version 1.0.1.8
Intel Xeon, Intel Xeon with AES-NI, AMD Opteron, AMD Opteron with AES-NI w/ Barracuda OS v2.3.4 12/19/2014 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"The Barracuda Cryptographic Software Module is a cryptographic software library that provides fundamental cryptographic functions for applications in Barracuda security products that use Barracuda OS v2.3.4 and require FIPS 140-2 approved cryptographic functions."

413
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

Brocade FIPS Crypto Library

Version 7.3.0a (Firmware)
E 500 mc 12/19/2014 Curves tested: P-256   P-384   P-521

"Brocade cryptographic library is used in Brocade FOS based switches to implement the cryptographic related modules"

412
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

Brocade FIPS Crypto Library

Version 7.3.0a (Firmware)
PCC 440GPX and PPC 8548 12/19/2014 Curves tested: P-256   P-384   P-521

"Brocade cryptographic library is used in Brocade FOS based switches to implement the cryptographic related modules"

411
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Samsung Electronics Co., Ltd.
416, Maetan 3-Dong Youngton Gu
Suwon, Gyeonggi 152-848
South Korea

-Abraham Joseph Kang
TEL: +1-408-324-3678
FAX: +1-408-324-3640

-Bumhan Kim
TEL: +82-10-4800-6711

Samsung SCrypto

Version 1.0
Samsung Electronics Exynos 5422 w/ MOBICORE Tbase 300 12/19/2014 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"Provide general purpose cryptographic services to TrustZone applications on the mobile platform for the protection of data in transit."

12/23/14: Updated implementation information;

410
Section 5.2, SSH
SP800-135
McAfee, Inc.
2821 Mission College Blvd.
Santa Clara, CA 95054
USA

-James Reardon
TEL: (651) 628-2700
FAX: (651) 628-2701

McAfee NSP NS SSH Lib

Version 6.4 (Firmware)
Intel Xeon E5 12/12/2014 SSH (SHA 1 , 256 , 512 ) SHA Val#2610

"Cryptographic services for the McAfee NSP Intrusion Prevention appliances"

409
Section 4.2,
TLS
SP800-135
McAfee, Inc.
2821 Mission College Blvd.
Santa Clara, CA 95054
USA

-James Reardon
TEL: (651) 628-2700
FAX: (651) 628-2701

McAfee NSP NS Crypto Lib

Version 2.0.5 (Firmware)
Intel Xeon E5 12/12/2014 TLS( TLS1.0/1.1 ) SHA Val#2612 HMAC Val#1989

"Cryptographic services for the McAfee NSP Intrusion Prevention appliances"

408
Section 5.2, SSH
SP800-135
McAfee, Inc.
2821 Mission College Blvd.
Santa Clara, CA 95054
USA

-James Reardon
TEL: (651) 628-2700
FAX: (651) 628-2701

McAfee NSP M SSH Lib

Version 6.4 (Firmware)
Broadcom XLR 12/12/2014 SSH (SHA 1 , 256 , 512 )

"Cryptographic services for the McAfee NSP Intrusion Prevention appliances"

407
Section 4.2,
TLS
SP800-135
McAfee, Inc.
2821 Mission College Blvd.
Santa Clara, CA 95054
USA

-James Reardon
TEL: (651) 628-2700
FAX: (651) 628-2701

McAfee NSP M Crypto Lib

Version 2.0.5 (Firmware)
Broadcom XLR 12/12/2014 TLS( TLS1.0/1.1 ) SHA Val#2610 HMAC Val#1988

"Cryptographic services for the McAfee NSP Intrusion Prevention appliances"

406
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Blue Coat Systems, Inc.
420 North Mary Avenue
Sunnyvale, California 94085-4121
USA

-Diana Robinson
TEL: 845-454-6397

-Nick Goble
TEL: 978-318-7544

Blue Coat SSL Visibility Appliance Crypto Library

Version 1.0.1
Intel X3450 Quad Core w/ Linux x86_64; Intel E5620 Quad Core w/ Linux x86_64; Intel E5645 Hex Core w/ Linux x86_64 12/12/2014 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) )
SSH (SHA 1 , 224 , 256 , 384 , 512 )
SNMP

"The Blue Coat SSL Visibility Appliance decrypts multiple streams of SSL content to provide IDS/IPS, logging, forensics, and data loss prevention. This preserves complete network traffic histories necessary for compliance/threat analysis and enables SSL inspection capabilities that close the security loophole created by SSL."

405
Section 4.1.1,
IKEv1
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Curtiss-Wright Controls Defense Solutions
333 Palladium Drive
Kanata, ON K2V 1A6
CANADA

-Aaron Frank
TEL: 613-599-9199 X5242

-Johan A Koppernaes
TEL: 613-599-9199 X5817

CWCDS Cryptographic Library

Version 2.1 (Firmware)
Freescale MPC8572E 12/12/2014 IKEv1( AUTH( DSA , PKE , PSK ) ) ( 2048 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#934 HMAC Val#538
TLS( TLS1.0/1.1 ) SHA Val#934 HMAC Val#538
SSH (SHA 1 ) SHA Val#934

"CWCDS Cryptographic Library provides crypto services to support IPSec/VPN and enhanced Ethernet network security and includes IKE, SSH, and TLS, using various cryptographic algorithms."

404
Section 5.4, SNMP
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

Brocade MLXe MR2

Version BRCD-IP-CRYPTO-VER-3.0 (Firmware)
Freescale MPC 7448, RISC, 1700 MHz 12/5/2014 SNMP SHA1 Val#2282

"Brocade cryptographic library used in Brocade IP products implements crypto operations in software. The Brocade MLXe Series provides industry leading wire-speed port capacity without compromising the performance of advanced capabilities such as IPv6, MPL, and MPLS Virtual Private Networks (VPN)."

403
Section 5.4, SNMP
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

Brocade NetIron CES and CER 2000 Series

Version BRCD-IP-CRYPTO-VER-3.0 (Firmware)
Freescale MPC 8544, Power QUICC III, 800 MHz 12/5/2014 SNMP SHA1 Val#2280

"Brocade cryptographic library used in Brocade IP products implements crypto operations in software. The Brocade NetIron CER 2000 Series Ethernet Routers, Brocade NetIron CES 2000 Series Ethernet Switches provide industry-leading wire-speed port capacity without compromising the performance of advanced capabilities such as IPv6, MPLS, and MPLS VPNa"

402
RSADP Primitive
FIPS186-4 RSA; RSADP
Security First Corp.
29811 Santa Margarita Parkway
Suite 600
Rancho Santa Margarita, CA 92688
USA

-Rick Orsini
TEL: 949-858-7525
FAX: 949-858-7092

Secure Parser Library

Version 4.7.0.29
Intel Core i5 on VMWare ESXi 4.1.0 w/ Microsoft Windows Server 2008 64-bit; Intel Core i7 on QEMU w/ Microsoft Windows Server 2012 64-bit; Intel Core i5 with AES-NI w/ Red Hat Enterprise Linux 6 64-bit; Intel Core i5 on QEMU w/ Suse Linux Enterprise Server 11 SP3 64-bit; IBM Power7 w/ AIX 7.1 64-bit; Intel Core i7 on QEMU with AES-NI, disabled w/ Windows 7 32-bit; Intel Core i7 on QEMU, AES-NI w/ Windows 7 32-bit; Intel Core i5 with AES-NI disabled w/ Windows 7 64-bit; Intel Core i5 with AES-NI w/ Windows 7 64-bit; AMD A4-500 with AES-NI disabled w/ Windows 8 64-bit; AMD A4-500 with AES-NI w/ Windows 8 64-bit; Intel Core i5 without AES-NI w/ Red Hat Enterprise Linux 6 64-bit ;  Qualcomm Snapdragon 801 (ARMv7-A) w/ Android 4.4; Intel Core i5 without AES-NI w/Mac OS X 10.9 64-bit; Apple A7 (ARMv8) w/ iOS7 12/5/2014 RSADP: (Mod2048)

"The Secure Parser Library is a suite of general security routines using FIPS Approved algorithms for its cryptography. An AES key size of 256 bits and equivalent key sizes for all other algorithms are supported by the library."

02/18/15: Added new tested information;
03/27/15: Added new tested information;
04/06/15: Updated implementation information;

401
Signature Generation of hash sized messages
FIPS186-4 ECDSA
Security First Corp.
29811 Santa Margarita Parkway
Suite 600
Rancho Santa Margarita, CA 92688
USA

-Rick Orsini
TEL: 949-858-7525
FAX: 949-858-7092

Secure Parser Library

Version 4.7.0.29
Intel Core i5 on VMWare ESXi 4.1.0 w/ Microsoft Windows Server 2008 64-bit; Intel Core i7 on QEMU w/ Microsoft Windows Server 2012 64-bit; Intel Core i5 with AES-NI w/ Red Hat Enterprise Linux 6 64-bit; Intel Core i5 on QEMU w/ Suse Linux Enterprise Server 11 SP3 64-bit; IBM Power7 w/ AIX 7.1 64-bit; Intel Core i7 on QEMU with AES-NI, disabled w/ Windows 7 32-bit; Intel Core i7 on QEMU, AES-NI w/ Windows 7 32-bit; Intel Core i5 with AES-NI disabled w/ Windows 7 64-bit; Intel Core i5 with AES-NI w/ Windows 7 64-bit; AMD A4-500 with AES-NI disabled w/ Windows 8 64-bit; AMD A4-500 with AES-NI w/ Windows 8 64-bit; Intel Core i5 without AES-NI w/ Red Hat Enterprise Linux 6 64-bit ;  Qualcomm Snapdragon 801 (ARMv7-A) w/ Android 4.4; Intel Core i5 without AES-NI w/Mac OS X 10.9 64-bit; Apple A7 (ARMv8) w/ iOS7 12/5/2014 ECDSA SigGen Component: CURVES( P-521 )

"The Secure Parser Library is a suite of general security routines using FIPS Approved algorithms for its cryptography. An AES key size of 256 bits and equivalent key sizes for all other algorithms are supported by the library."

02/18/15: Added new tested information;
03/27/15: Added new tested information;
04/06/15: Updated implementation information;

400
Section 5.4, SNMP
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

Brocade FastIron IP product Crypto Library

Version BRCD-IP-CRYPTO-VER-3.0 (Firmware)
Dual-core ARM Cortex A9 1Ghz 12/5/2014 SNMP SHA1 Val#2505

"This Brocade cryptographic library is used in Brocade FastIron based switches to implement the cryptographic related modules."

08/04/15: Updated implementation information;

399
Section 5.4, SNMP
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

Brocade ICX 7750

Version BRCD-IP-CRYPTO-VER-3.0 (Firmware)
Freescale P2041, 1.5GHz 12/5/2014 SNMP SHA1 Val#2258

"The Brocade cryptographic library used in Brocade IP products implements crypto operations in software. The Brocade ICX 7750 is an Ethernet switch for campus LAN aggregation and classic Ethernet data center Top of Rack (TOR) enviorment."

398
Section 5.4, SNMP
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

Brocade SX800/SX1600 Series

Version BRCD-IP-CRYPTO-VER-3.0 (Firmware)
Freescale P3041E, 1.5 GHz 12/5/2014 SNMP SHA1 Val#2259

"The Brocade cryptographic library used in Brocade IP products implements crypto operations in software. The FastIron SX Series extends control from the network edge to the core with intelligent network services, such as Quality of Service (QoS) and 1GbE and 10GbE enterprise deployments."

397
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
IBM Corporation
80 Bishop Dr., Unit B
Fredericton, New Brunswick E3C 1B2
Canada

-Peter Clark
TEL: (416) 478-0224

-Chris LeMesurier
TEL: (416) 478-0224

Cryptographic Security Kernel

Version 1.0
Intel Xeon w/ RHEL 6 12/5/2014 TLS( TLS1.0/1.1 ) SHA Val#2600 HMAC Val#1981
SSH (SHA 1 , 256 ) SHA Val#2600

"The IBM Cryptographic Security Kernel is a multi-algorithm library providing general-purpose cryptographic services. The module provides a single, FIPS-Approved API for cryptography allowing for centralized FIPS mode status, logging, and reporting."

396
Section 4.1.2,
IKEv2
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0408
FAX: 408-333-8101

Brocade FIPS Crypto Library

Version FOS 7.4.0 (Firmware)
CN6880 12/5/2014 IKEv2( ( 2048 (SHA 384 ) ) ( 2048 (SHA 512 ) ) SHA Val#2571 HMAC Val#1952

"Brocade cryptographic library is used in Brocade FOS based switches to implement the cryptographic related modules."

395
Section 4.2,
TLS
SP800-135
EROAD, Inc.
Level 3
260 Oteha Valley Road
Albany, North Shore 0632
Auckland, * *
New Zealand

-Bruce Wilson
TEL: +64 9 927 4700
FAX: +64 9 927 4701

The EROAD Cryptographic Library

Version 1.0 (Firmware)
Part # MK70FN1M0VMJ12
MK70FN1M0VMJ12 11/21/2014 TLS( TLS1.2 (SHA 256 ) ) SHA Val#2517 HMAC Val#1901

"The EROAD Cryptographic Module is the heart of EROAD''s advanced GNSS based transport technology. It is a secure, high performance, cryptographic processing engine and has been designed to meet FIPS-140-2 at Security Level 3. It is used within the EROAD product suite to provide trusted cryptographic security services."

394
Section 4.2,
TLS
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

Brocade NetIron CES and CER 2000 Series

Version BRCD-IP-CRYPTO-VER-3.0 (Firmware)
Freescale MPC 8544, Power QUICC III, 800 MHz 11/21/2014 TLS( TLS1.2 (SHA 256 ) ) SHA Val#2280 HMAC Val#1694

"Brocade cryptographic library used Brocade IP Products crypto operations in software. The Brocade NetIron CER 2000 Series Ethernet Routers, Brocade NetIron CES 2000 Series Ethernet Switches provide industry-leading wire-speed port capacity without compromising the performance of advanced capabilities such as IPv6, MPLS, and MPLS VPNs"

03/31/17: Updated implementation information;

393
Section 4.2,
TLS
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

Brocade MLXe MR2

Version BRCD-IP-CRYPTO-VER-3.0 (Firmware)
Freescale MPC 7448, RISC, 1700 MHz 11/21/2014 TLS( TLS1.2 (SHA 256 ) ) SHA Val#2282 HMAC Val#1696

"Brocade cryptographic library used in Brocade IP products implements crypto operations in software. The Brocade MLXe Series provide Industry-leading wire-speed port capacity without coparing the performance of advanced capabilities such as IPv6, MPLS, and MPLS Virtual Private Networks (VPNs)."

392
Section 4.2,
TLS
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

Brocade SX800/SX1600 Series

Version BRCD-IP-CRYPTO-VER-3.0 (Firmware)
Freescale P3041E, 1.5 GHz 11/21/2014 TLS( TLS1.2 (SHA 256 ) ) SHA Val#2259 HMAC Val#1675

"The Brocade cryptographic library used in Brocade IP products implements crypto operations in software."

391
Section 4.2,
TLS
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0484
FAX: 408-333-8101

Brocade ICX 7750

Version BRCD-IP-CRYPTO-VER-3.0 (Firmware)
Freescale P2041, 1.5GHz 11/21/2014 TLS( TLS1.2 (SHA 256 ) ) SHA Val#2258 HMAC Val#1674

"The Brocade cryptographic library used in Brocade IP products implements crypto operations in software. The Brocade ICX 7750 is an Ethernet switch for campus LAN aggregation and classic Ethernet data center Top of Rack(ToR) enviorments."

390
Section 4.2,
TLS
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

Brocade FastIron IP product Crypto Library

Version BRCD-IP-CRYPTO-VER-3.0 (Firmware)
Dual-core-ARM Cortex A9 1Ghz 11/21/2014 TLS( TLS1.2 (SHA 256 ) ) SHA Val#2505 HMAC Val#1890

"This Brocade cryptographic library is used in Brocade FastIron based switches to implement the cryptographic related modules."

08/04/15: Updated implementation information;

389
Section 4.2,
TLS
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

Brocade ICX 6450 and ICX 6450-C12 Series

Version BRCD-IP-CRYPTO-VER-3.0 (Firmware)
ARM ARMv5TE, 800 MHz 11/21/2014 TLS( TLS1.2 (SHA 256 ) ) SHA Val#2260 HMAC Val#1676

"The Brocade cryptographic library used in Brocade IP products implements crypto operations in software. Brocade ICX6450 switches deliver enterprise-class stackable switching at an entry-level price."

388
Section 4.2,
TLS
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

Brocade FCX 624/648 and ICX 6610 Series

Version BRCD-IP-CRYPTO-VER-3.0 (Firmware)
Freescale MPC8544E, 800 MHz 11/21/2014 TLS( TLS1.2 (SHA 256 ) ) SHA Val#2265 HMAC Val#1679

"The Brocade cryptographic library used in Brocade IP products implements crypto operations in software. The Brocade ICX6610 delivers wire-speed, nonblocking performance across all ports to support latency-sensitive performance. The Brocade FCX Series offers a comprehensive line of switches with specific models optimized for campus and data center deployment."

387
Section 5.4, SNMP
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

Brocade ICX 6450 and ICX 6450-C12 Series

Version BRCD-IP-CRYPTO-VER-3.0 (Firmware)
ARM ARMv5TE, 800 MHz 11/21/2014 SNMP SHA1 Val#2260

"The Brocade cryptographic library used in Brocade IP products implements crypto operations in software. Brocade ICX6450 switches deliver enterprise-class stackable switching at an entry-level price."

386
Section 5.4, SNMP
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

Brocade FCX 624/648 and ICX 6610 Series

Version BRCD-IP-CRYPTO-VER-3.0 (Firmware)
Freescale MPC8544E, 800 MHz 11/21/2014 SNMP SHA1 Val#2265

"The Brocade cryptographic library used in Brocade IP products implements crypto operations in software. The Brocade ICX6610 delivers wire-speed, nonblocking performance across all ports to support latency-sensitive performance. The Brocade FCX Series offers a comprehensive line of switches with specific models optimized for campus and data center deployment"

385
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
Section 4.2,
TLS
SP800-135
INSIDE Secure
Eerikinkatu 28
Helsinki, 00180
Finland

-Serge Haumont
TEL: +358 40 5808548

-Marko Nippula
TEL: +358 40 7629394

SafeZone FIPS Cryptographic Module

Version 1.1
Part # n
Intel Atom Z3740 with AES-NI w/ 64 bit library w/ Ubuntu Linux (kernel 3.13); Intel Atom Z2560 w/ 32 bit library w/ Android 4.2; Intel Atom Z3740 with AES-NI w/ 32 bit library w/ Ubuntu Linux (kernel 3.13); Intel Atom Z3740 without AES-NI w/ 64 bit library w/ Ubuntu Linux (kernel 3.13); ARMv6 w/ Raspbian Linux (kernel 3.10); ARMv7 w/ iOS 7.1; ARM64 with ARMv8 Crypto Extensions w/ iOS 7.1; iOS 7.1 w/ iOS 7.1; ARMv7-a w/ 11/21/2014 IKEv1( AUTH( DSA , PKE , PSK ) ) ( 256 (SHA 224 ) ) ( 384 (SHA 384 ) ) ( 2048 (SHA 1 ) ) SHA Val#2599 HMAC Val#1980
IKEv2( ( 256 (SHA 224 ) ) ( 384 (SHA 384 ) ) ( 2048 (SHA 1 ) ) SHA Val#2599 HMAC Val#1980
TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#2599 HMAC Val#1980

"SafeZone FIPS Cryptographic Module is a FIPS 140-2 Security Level 1 validated software cryptographic module from INSIDE Secure. This compact and portable module provides the most commonly needed cryptographic primitives for a large variety of applications, including but not limited to DAR, DRM, TLS, and VPN."

384
All of SP800-56A EXCEPT KDF
SP800-56A
INSIDE Secure
Eerikinkatu 28
Helsinki, 00180
Finland

-Serge Haumont
TEL: +358 40 5808548

-Marko Nippula
TEL: +358 40 7629394

SafeZone FIPS Cryptographic Module

Version 1.1
Part # n
Intel Atom Z3740 with AES-NI w/ 64 bit library w/ Ubuntu Linux (kernel 3.13); Intel Atom Z2560 w/ 32 bit library w/ Android 4.2; Intel Atom Z3740 with AES-NI w/ 32 bit library w/ Ubuntu Linux (kernel 3.13); Intel Atom Z3740 without AES-NI w/ 64 bit library w/ Ubuntu Linux (kernel 3.13); ARMv6 w/ Raspbian Linux (kernel 3.10); ARMv7 w/ iOS 7.1; ARM64 with ARMv8 Crypto Extensions w/ iOS 7.1; iOS 7.1 w/ iOS 7.1; ARMv7-a w/ 11/21/2014 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC Static: (KARole: Initiator / Responder ) FB FC DSA Val#905 SHS Val#2599 DRBG Val#634
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG Partial Validation )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 StaticUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 ECDSA Val#567 SHS Val#2599 DRBG Val#634

"SafeZone FIPS Cryptographic Module is a FIPS 140-2 Security Level 1 validated software cryptographic module from INSIDE Secure. This compact and portable module provides the most commonly needed cryptographic primitives for a large variety of applications, including but not limited to DAR, DRM, TLS, and VPN."

383
Section 5.2, SSH
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-8000
FAX: 408-333-8101

Brocade Vyatta Network OS OpenSSL Cryptographic module

Version 1.0
Intel Xeon CPU X5560 @ 2.80GHz w/ Brocade Vyatta Series 3500 Network OS 3.2.1R1 11/14/2014 SSH (SHA 1 , 224 , 256 , 384 , 512 ) SHA Val#2598

"Built for Network Functions Virtualixation (NFV), Brocade Vyatta 5650 and 5630 vRouters are the first virtual routers capable of providing advance routing in software without sacrificing the reliability and performance of hardware networking solutions."

12/09/14: Updated implementation information;

382
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-8000
FAX: 408-333-8101

Brocade Vyatta Network OS OpenSSL Cryptographic module

Version 1.0
Intel Xeon CPU X5560 @ 2.80GHz w/ Brocade Vyatta Series 3500 Network OS 3.2.1R1 11/14/2014 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"Built for Network Functions Virtualixation (NFV), Brocade Vyatta 5650 and 5630 vRouters are the first virtual routers capable of providing advance routing in software without sacrificing the reliability and performance of hardware networking solutions."

12/09/14: Updated implementation information;

381
Section 4.2,
TLS
SP800-135
Red Hat, Inc.
100 East Davie Street
Raleigh, NC 27601
USA

-Ann Marie Rubin

OpenSSL (AES-NI and AVX+SSSE3 for SHA) 64 bit

Version 1.0.1e-30.el6_6.5
Intel x86 w/ Red Hat Enterprise Linux 6.6 11/14/2014 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#2577 HMAC Val#1958

"User space library providing general cryptographic services which can be linked to from any program. The module was tested with 64bit word size."

03/19/15: Updated implementation information;

380
All of SP800-56A EXCEPT KDF
SP800-56A
Red Hat, Inc.
100 East Davie Street
Raleigh, NC 27601
USA

-Ann Marie Rubin

OpenSSL (AES-NI and AVX+SSSE3 for SHA) 64 bit

Version 1.0.1e-30.el6_6.5
Intel x86 w/ Red Hat Enterprise Linux 6.6 11/14/2014 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation   Key Regeneration )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FC DSA Val#903 SHS Val#2577 RNG Val#1329 DRBG Val#631
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   KPG   Full Validation   Key Regeneration )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 EE: P-521 ECDSA Val#564 SHS Val#2577 RNG Val#1329 DRBG Val#631

"User space library providing general cryptographic services which can be linked to from any program. The module was tested with 64bit word size."

03/19/15: Updated implementation information;

379
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
McAfee, Inc.
2821 Mission College Blvd.
Santa Clara, CA 95054
USA

-Mark Hanson
TEL: +1 651 628 1633
FAX: +1 651 628 2706

McAfee Linux OpenSSL

Version 1.0.1
Xeon E5540 w/ MLOS v2.2.3 running on VMware ESXi 5.0 hypervisor 11/7/2014 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#2573 HMAC Val#1954
SSH (SHA 1 , 224 , 256 , 384 , 512 ) SHA Val#2573
SNMP SHA1 Val#2573

"McAfee Linux cryptographic modules provide cryptographic services for McAfee Linux and security appliance products built upon this platform. McAfee Linux is an operating system built with a focus on the needs of security appliances."

378
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
McAfee, Inc.
2821 Mission College Blvd.
Santa Clara, CA 95054
USA

-Mark Hanson
TEL: +1 651 628 1633
FAX: +1 651 628 2706

McAfee Linux OpenSSL

Version 1.0.1 (Firmware)
Celeron; Core i3; Xeon E5540 11/7/2014 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#2572 HMAC Val#1953
SSH (SHA 1 , 224 , 256 , 384 , 512 ) SHA Val#2572
SNMP SHA1 Val#2572

"McAfee Linux cryptographic modules provide cryptographic services for McAfee Linux and security appliance products built upon this platform. McAfee Linux is an operating system built with a focus on the needs of security appliances."

377
All of SP800-56A EXCEPT KDF
SP800-56A
Red Hat, Inc.
100 East Davie Street
Raleigh, NC 27601
USA

-Ann Marie Rubin

OpenSSL (AES-NI and AVX+SSSE3 for SHA) 64 bit

Version 1.0.1e-30.el6_6.5
Intel x86 w/ Red Hat Enterprise Linux 6.6 11/7/2014 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation   Key Regeneration )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FC DSA Val#899 SHS Val#2570 RNG Val#1326 DRBG Val#626
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation   Key Regeneration )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 EE: P-521 ECDSA Val#562 SHS Val#2570 RNG Val#1326 DRBG Val#626

"User space library providing general cryptographic services which can be linked to from any program. The module was tested with 64bit word size."

03/19/15: Updated implementation information;

376
All of SP800-56A EXCEPT KDF
SP800-56A
Red Hat, Inc.
100 East Davie Street
Raleigh, NC 27601
USA

-Ann Marie Rubin

OpenSSL (AES-NI and AVX+SSSE3 for SHA)

Version 1.0.1e-30.el6_6.5
Intel x86 w/ Red Hat Enterprise Linux 6.6 11/7/2014 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation   Key Regeneration )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FC DSA Val#898 SHS Val#2569 RNG Val#1325 DRBG Val#625
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation   Key Regeneration )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 EE: P-521 ECDSA Val#561 SHS Val#2569 RNG Val#1325 DRBG Val#625

"User space library providing general cryptographic services which can be linked to from any program. The module was tested with 32bit word size."

03/19/15: Updated implementation information;

375
Section 4.2,
TLS
SP800-135
Red Hat, Inc.
100 East Davie Street
Raleigh, NC 27601
USA

-Ann Marie Rubin

OpenSSL (AES-NI and AVX+SSSE3 for SHA) 32 bit

Version 1.0.1e-30.el6_6.5
Intel x86 w/ Red Hat Enterprise Linux 6.6 11/7/2014 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#2565

"User space library providing general cryptographic services which can be linked to from any program. The module was tested with 32bit word size."

03/19/15: Updated implementation information;

374
All of SP800-56A EXCEPT KDF
SP800-56A
Red Hat, Inc.
100 East Davie Street
Raleigh, NC 27601
USA

-Ann Marie Rubin

OpenSSL (AES-NI and AVX+SSSE3 for SHA) 32 bit

Version 1.0.1e-30.el6_6.5
Intel x86 w/ Red Hat Enterprise Linux 6.6 11/7/2014 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation   Key Regeneration )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FC DSA Val#897 SHS Val#2547 RNG Val#1318 DRBG Val#614
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation   Key Regeneration )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 EE: P-521 ECDSA Val#560 SHS Val#2565 RNG Val#1318 DRBG Val#614

"User space library providing general cryptographic services which can be linked to from any program. The module was tested with 32bit word size."

03/19/15: Updated implementation information;

373
Section 5.5, TPM
SP800-135
Nuvoton Technology Corporation
No. 4, Creation Rd. III
Hsinchu Science Park, n/a 300
Taiwan, R.O.C.

-Yossi Talmi
TEL: 972-9-9702364
FAX: 972-9-9702001

-Oren Tanami
TEL: 972-9-9702390
FAX: 972-9-9702001

Nuvoton NPCT6xx TPM 1.2 Cryptographic Engine

Part # FB5C85D
N/A 10/31/2014 TPM SHA1 Val#2554 HMAC_SHA1 Val#1938

"Nuvoton TPM (Trusted Platform Module), a TCG 1.2 compliant security processor with embedded firmware"

11/17/14: Updated vendor and implementation information;

372
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
OpenSSL Software Foundation, Inc.
1829 Mount Ephraim Road
Adamstown, MD 27101
USA

-Steve Marquess
TEL: 877-673-6775

OpenSSL FIPS Object Module

Version 2.0.9
Apple A7 (ARMv8) with NEON w/ Apple iOS 7.1 64-bit; Apple A7 (ARMv8) without NEON w/ Apple iOS 7.1 64-bit ;  Arm920Tid (ARMv4) w/ TS-Linux 2.4 10/31/2014 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"The OpenSSL FIPS Object Module is a full featured general purpose cryptographic library that is distributed in source code form under an open source license. It can be downloaded from www.openssl.org/source/."

12/04/14: Added new tested information;

371
Section 4.2,
TLS
SP800-135
Red Hat, Inc.
100 East Davie Street
Raleigh, NC 27601
USA

-Ann-Marie Rubin

Red Hat NSS Softoken (64 bit)

Version 3.14.3-22
Intel x86 w/ Red Hat Enterprise Linux 6.6 10/31/2014 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 ) ) SHA Val#2552 HMAC Val#1936

"User space library providing general cryptographic services used by the NSS cryptographic library. The module was tested with 64bit word size on IBM hardware."

11/18/14: Updated implementation information;
12/16/14: Updated implementation information;
02/23/15: Update implementation information;

370
Section 4.2,
TLS
SP800-135
Red Hat, Inc.
100 East Davie Street
Raleigh, NC 27601
USA

-Ann-Marie Rubin

Red Hat NSS Softoken (32 bit)

Version 3.14.3-22
Intel x86 w/ Red Hat Enterprise Linux 6.6 10/31/2014 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 ) ) SHA Val#2551 HMAC Val#1935

"User space library providing general cryptographic services used by the NSS cryptographic library. The module was tested with 64bit word size on IBM hardware."

11/18/14: Updated implementation information;
12/16/14: Updated implementatioin information;
02/23/15: Update implementation information;

369
Section 4.2,
TLS
SP800-135
Red Hat, Inc.
100 East Davie Street
Raleigh, NC 27601
USA

-Ann-Marie Rubin

Red Hat NSS Softoken (64 bit)

Version 3.14.3-22
Intel x86 w/ Red Hat Enterprise Linux 6.6 10/31/2014 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 ) ) SHA Val#2550 HMAC Val#1934

"User space library providing general cryptographic services used by the NSS cryptographic library. The module was tested with 64bit word size on HP hardware."

11/17/14: Updated implementation information;
12/16/14: Updated implementation information;
02/23/15: Update implementation information;

368
Section 4.2,
TLS
SP800-135
Red Hat, Inc.
100 East Davie Street
Raleigh, NC 27601
USA

-Ann-Marie Rubin

Red Hat NSS Softoken (32 bit)

Version 3.14.3-22
Intel x86 w/ Red Hat Enterprise Linux 6.6 10/31/2014 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 ) ) SHA Val#2549 HMAC Val#1933

"User space library providing general cryptographic services used by the NSS cryptographic library. The module was tested with 64bit word size on HP hardware."

11/17/14: Update implementation information;
12/16/14: Updated implementation information;
02/23/15: Updated implementation information;

367
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Certicom Corp.
4701 Tahoe Blvd, Building A
5th Floor
Mississauga, Ontario L4W 0B5
Canada

-Certicom Support
TEL: 1-905-507-4220
FAX: 1-905-507-4230

-Certicom Sales
TEL: 1-905-507-4220
FAX: 1-905-507-4230

Security Builder® FIPS Core

Version 6.0.2.1
Intel Core i7-2720QM w/ AES-NI w/ Windows 7 Enterprise 64-bit; ARMv7 w/ Windows Phone 8.0; ARMv7 w/ Android 4.4.2; Intel Atom CPU Z2460 w/ Android 4.0.4; ARMv7 w/ iOS version 6.1.4 ;  ARMv8 w/ Android 5.0.1; ARMv7S w/ iOS 6.1.4; ARMv8 w/ iOS 8.0; Intel Xeon with AES-NI w/ Windows 7; Intel Xeon E5620 with AES-NI w/ CentOS Linux Release 7.1 64-bit; Intel Core i7-3615QM w/ Mac OS X Yosemite 10.10.4 10/16/2014 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571

"Security Builder® FIPS Core provides application developers with cryptographic tools to easily integrate encryption, digital signatures and other security mechanisms into C-based apps for FIPS 140-2 and Suite B security. It can also be used with Certicom''s PKI, IPSec SSL and IPSec and SSL modules."

04/13/15: Updated vendor and implementation information;
10/09/15: Added new tested information;

366
Section 5.7.1.2: ECC CDH Primitive
LG Electronics, Inc.
20 Yoido-dong
Youngdungpo-gu
Seoul, n/a 152-721
Republic of Korea

-Jongseong Kim
TEL: 82 10 2207 1919
FAX: 82 2 6950 2080

OpenSSL Cryptographic Library

Version 1.0.1e
Qualcomm Snapdragon 800 w/ Android 4.4.2 10/16/2014 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"General-purpose cryptographic services available for Android used by LG devices to provide secured services to applications via the OpenSSL FIPS Object Module, which is a full featured general purpose cryptographic library."

365
Section 4.2,
TLS
SP800-135
Doremi Labs
1020 Chestnut Street
Burbank, CA 91506
USA

-Jean-Philippe Viollet
TEL: (818)562-1101
FAX: (818)562-1109

-Camille Rizko
TEL: (818)562-1101
FAX: (818)562-1109

Power PC TLS KDF

Version 1.4 (Firmware)
Part # PPC405EX-SSD600T
Power PC 9/26/2014 TLS( TLS1.0/1.1 ) SHA Val#2500 HMAC Val#1897

"An Implementation of TLS KDF used in Doremi Labs'' Media Blocks"

11/25/14: Updated implementation information;

364
Section 4.1.1,
IKEv1
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Hewlett Packard Enterprise
153 Taylor Street
Littleton, MA 01460
USA

-Bob Pittman
TEL: 1-978-264-5211
FAX: 1-978-264-5522

HP Comware

Version ComwareV7.1-R1005 (Firmware)
Broadcom XLP316, 1.2GHz, MIPS 9/19/2014 IKEv1( AUTH( DSA , PSK ) ) ( 2048 (SHA 1 , 256 ) ) SHA Val#2510 HMAC Val#1895
TLS( TLS1.0/1.1 ) SHA Val#2510 HMAC Val#1895
SSH (SHA 1 ) SHA Val#2510
SNMP SHA1 Val#2510

"Comware cryptographic library is a software library that provides cryptographic functions within HP devices."

363
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

Brocade FIPS Crypto Library

Version v7.2.1_hil (Firmware)
AMCC PPC 440EPX 9/12/2014 Curves tested: P-256   P-384   P-521

"Brocade cryptographic library is used in Brocade FOS based switches to implement the cryptographic related modules."

362
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

Brocade FastIron IP product Crypto Library

Version BRCD-IP-CRYPTO-VER-3.0 (Firmware)
Dual-core ARM Cortex A9 1Ghz 9/12/2014 TLS( TLS1.0/1.1 ) SHA Val#2505 HMAC Val#1890
SSH (SHA 1 ) SHA Val#2505

"This Brocade cryptographic library is used in Brocade FastIron based switches to implement the cryptographic related modules."

08/04/15: Updated implementation information;

361
Section 5.2, SSH
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-8000
FAX: 408-333-8101

Brocade Vyatta Network OS OpenSSL Cryptographic Module

Version 1.0
Intel Xeon Processor E5-2680 v2 (25 M Cache, 2.80 GHz) w/ Brocade Vyatta Network OS 3.2.1R1 9/12/2014 SSH (SHA 1 , 224 , 256 , 384 , 512 ) SHA Val#2503

"Built for Network Functions Virtualixation (NFV), Brocade Vyatta 5650 and 5630 vRouters are the first virtual routers capable of providing advance routing in software without sacrificing the reliability and performance of hardware networking solutions."

12/09/14: Updated implementation information;

360
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-8000
FAX: 408-333-8101

Brocade Vyatta Network OS OpenSSL Cryptographic Module

Version 1.0
Intel Xeon Processor E5-2680 v2 (25 M Cache, 2.80 GHz) w/ Brocade Vyatta Network OS 3.2.1R1 9/12/2014 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"Built for Network Functions Virtualixation (NFV), Brocade Vyatta 5650 and 5630 vRouters are the first virtual routers capable of providing advance routing in software without sacrificing the reliability and performance of hardware networking solutions."

12/09/14: Updated implementation information;

359
Section 4.2,
TLS
SP800-135
ChaseSun Information Security Technology Development (Bejing)., Ltd.
North Building 13
Xindacheng Plaza
197# Guangzhou Road
Yuexiu District, Guangzhou 510075
China

-Peng Sun
TEL: +86-20-22387717
FAX: +86-20-22387717

CS100 Module Crypto Library

Version 1.0.0 (Firmware)
Freescale MCIMX53 9/12/2014 TLS( TLS1.0/1.1 ) SHA Val#2501 HMAC Val#1886

"CS100 Module Crypto Library implements the cryptographic algorithms such as AES, HMAC, SHA and RNG. The library provides cryptogrpahic finctionality to CS100 module."

358 N/A N/A N/A N/A N/A 9/12/2014 N/A
357
Section 4.1.1,
IKEv1
Section 4.2,
TLS
SP800-135
Ciena Corporation
7035 Ridge Road
Hanover, MD 21076
USA

-Patrick Scully
TEL: 613-670-3207

Ciena 6500 Packet-Optical Platform 4x10G Cryptography Engine

Version 1.10 (Firmware)
Xilinx XC7Z045 8/29/2014 IKEv1( AUTH( PKE ) ) ( 224 (SHA 1 , 256 ) ) ( 384 (SHA 1 , 256 ) ) ( 2048 (SHA 1 , 256 ) ) SHA Val#2493 HMAC Val#1880
TLS( TLS1.2 (SHA 256 , 512 ) ) SHA Val#2493 HMAC Val#1880

"The Ciena 6500 Packet-Optical Platform 4x10G Encryption OTR offers an integrated transport encryption solution providing a protocol-agnostic wirespeed encryption service for use in small to large enterprises or datacenters and also offered through service providers as a differentiated managed service."

356
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Exar Corporation
48720 Kato Road
Fremont, CA 94538
USA

-Larry Hu
TEL: 510-668-7145
FAX: 510-668-7028

-Bin Wu
TEL: 86-13777873933
FAX: 86-571-88156615

Exar XR92xx series die

Part # XR9240
N/A 8/28/2014 RSASP1: (Mod2048: PKCS1.5 )

"The XR92xx provides hardware acceleration of compression, encryption and authentication algorithms including gzip/zlib/Deflate, LZS/eLZS, AES, 3DES, RC4, SHA, HMAC, GMAC and public key algorithms such as DSA, DH, RSA, ECDSA, ECDH and is designed to optimize SSL/IPsec/SRTP packet processing."

355
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
McAfee, Inc.
2821 Mission College Blvd.
Santa Clara, CA 95054
USA

-Klaus Majewski
TEL: +358-40-824-7908

-Jorma Levomäki
TEL: +358-9-476711

McAfee NGFW Cryptographic Library Module (320)

Version 2.0
Intel Atom Processor D525 w/ GNU / Linux (Debian) 6.0 -based distribution 8/28/2014 Curves tested: P-224   P-256   P-384   P-521

"McAfee NGFW Cryptographic Library is a software module that provides cryptographic services required by the McAfee NGFW product."

354
All of SP800-56A EXCEPT KDF
SP800-56A
McAfee, Inc.
2821 Mission College Blvd.
Santa Clara, CA 95054
USA

-Klaus Majewski
TEL: +358-40-824-7908

-Jorma Levomäki
TEL: +358-9-476711

McAfee NGFW Cryptographic Library Module (320)

Version 2.0
Intel Atom Processor D525 w/ GNU / Linux (Debian) 6.0 -based distribution 8/28/2014 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: Full Validation )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB DSA Val#883 SHS Val#2487 DRBG Val#556
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 ECDSA Val#542 SHS Val#2487 DRBG Val#556

"McAfee NGFW Cryptographic Library is a software module that provides cryptographic services required by the McAfee NGFW product."

353
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
McAfee, Inc.
2821 Mission College Blvd.
Santa Clara, CA 95054
USA

-Klaus Majewski
TEL: +358-40-824-7908

-Jorma Levomäki
TEL: +358-9-476711

McAfee NGFW Cryptographic Library (1035)

Version 2.0
Intel Celeron Processor 725c with AES-NI w/ GNU / Linux (Debian) 6.0 -based distribution 8/28/2014 Curves tested: P-224   P-256   P-384   P-521

"McAfee NGFW Cryptographic Library is a software module that provides cryptographic services required by the McAfee NGFW product."

352
All of SP800-56A EXCEPT KDF
SP800-56A
McAfee, Inc.
2821 Mission College Blvd.
Santa Clara, CA 95054
USA

-Klaus Majewski
TEL: +358-40-824-7908

-Jorma Levomäki
TEL: +358-9-476711

McAfee NGFW Cryptographic Library (1035)

Version 2.0
Intel Celeron Processor 725c with AES-NI w/ GNU / Linux (Debian) 6.0 -based distribution 8/28/2014 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: Full Validation )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC DSA Val#882 SHS Val#2486 DRBG Val#555
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 ECDSA Val#541 SHS Val#2486 DRBG Val#555

"McAfee NGFW Cryptographic Library is a software module that provides cryptographic services required by the McAfee NGFW product."

351
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
McAfee, Inc.
2821 Mission College Blvd.
Santa Clara, CA 95054
USA

-Klaus Majewski
TEL: +358-40-824-7908

-Jorma Levomäki
TEL: +358-9-476711

McAfee NGFW Cryptographic Library Module (1065)

Version 2.0
Intel Core i3-2115c with AES-NI w/ GNU / Linux (Debian) 6.0 -based distribution 8/28/2014 Curves tested: P-224   P-256   P-384   P-521

"McAfee NGFW Cryptographic Library is a software module that provides cryptographic services required by the McAfee NGFW product."

350
All of SP800-56A EXCEPT KDF
SP800-56A
McAfee, Inc.
2821 Mission College Blvd.
Santa Clara, CA 95054
USA

-Klaus Majewski
TEL: +358-40-824-7908

-Jorma Levomäki
TEL: +358-9-476711

McAfee NGFW Cryptographic Library Module (1065)

Version 2.0
Intel Core i3-2115c with AES-NI w/ GNU / Linux (Debian) 6.0 -based distribution 8/28/2014 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: Full Validation )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC DSA Val#881 SHS Val#2485 DRBG Val#554
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 ECDSA Val#540 SHS Val#2485 DRBG Val#554

"McAfee NGFW Cryptographic Library is a software module that provides cryptographic services required by the McAfee NGFW product."

349
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
McAfee, Inc.
2821 Mission College Blvd.
Santa Clara, CA 95054
USA

-Klaus Majewski
TEL: +358-40-824-7908

-Jorma Levomäki
TEL: +358-9-476711

McAfee NGFW Cryptographic Library Module (1402)

Version 2.0
Intel Xeon Processor E5-1650v2 with AES-NI w/ GNU / Linux (Debian) 6.0 -based distribution 8/28/2014 Curves tested: P-224   P-256   P-384   P-521

"McAfee NGFW Cryptographic Library is a software module that provides cryptographic services required by the McAfee NGFW product."

348
All of SP800-56A EXCEPT KDF
SP800-56A
McAfee, Inc.
2821 Mission College Blvd.
Santa Clara, CA 95054
USA

-Klaus Majewski
TEL: +358-40-824-7908

-Jorma Levomäki
TEL: +358-9-476711

McAfee NGFW Cryptographic Library Module (1402)

Version 2.0
Intel Xeon Processor E5-1650v2 with AES-NI w/ GNU / Linux (Debian) 6.0 -based distribution 8/28/2014 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: Full Validation )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC DSA Val#880 SHS Val#2484 DRBG Val#553
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 ECDSA Val#539 SHS Val#2484 DRBG Val#553

"McAfee NGFW Cryptographic Library is a software module that provides cryptographic services required by the McAfee NGFW product."

347
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
McAfee, Inc.
2821 Mission College Blvd.
Santa Clara, CA 95054
USA

-Klaus Majewski
TEL: +358-40-824-7908

-Jorma Levomäki
TEL: +358-9-476711

McAfee NGFW Cryptographic Library Module (3202)

Version 2.0
Intel Xeon Processor E5-2660 with AES-NI w/ GNU / Linux (Debian) 6.0 -based distribution 8/28/2014 Curves tested: P-224   P-256   P-384   P-521

"McAfee NGFW Cryptographic Library is a software module that provides cryptographic services required by the McAfee NGFW product."

346
All of SP800-56A EXCEPT KDF
SP800-56A
McAfee, Inc.
2821 Mission College Blvd.
Santa Clara, CA 95054
USA

-Klaus Majewski
TEL: +358-40-824-7908

-Jorma Levomäki
TEL: +358-9-476711

McAfee NGFW Cryptographic Library Module (3202)

Version 2.0
Intel Xeon Processor E5-2660 with AES-NI w/ GNU / Linux (Debian) 6.0 -based distribution 8/28/2014 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: Full Validation )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC DSA Val#879 SHS Val#2483 DRBG Val#552
ECC:
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 ECDSA Val#538 SHS Val#2483 DRBG Val#552

"McAfee NGFW Cryptographic Library is a software module that provides cryptographic services required by the McAfee NGFW product."

345
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
McAfee, Inc.
2821 Mission College Blvd.
Santa Clara, CA 95054
USA

-Klaus Majewski
TEL: +358-40-824-7908

-Jorma Levomäki
TEL: +358-9-476711

McAfee NGFW Cryptographic Library Module (3206)

Version 2.0
Intel Xeon Processor E5-2680 with AES-NI w/ GNU / Linux (Debian) 6.0 -based distribution 8/28/2014 Curves tested: P-224   P-256   P-384   P-521

"McAfee NGFW Cryptographic Library is a software module that provides cryptographic services required by the McAfee NGFW product."

344
All of SP800-56A EXCEPT KDF
SP800-56A
McAfee, Inc.
2821 Mission College Blvd.
Santa Clara, CA 95054
USA

-Klaus Majewski
TEL: +358-40-824-7908

-Jorma Levomäki
TEL: +358-9-476711

McAfee NGFW Cryptographic Library Module (3206)

Version 2.0
Intel Xeon Processor E5-2680 with AES-NI w/ GNU / Linux (Debian) 6.0 -based distribution 8/28/2014 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: Full Validation )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC DSA Val#878 SHS Val#2482 DRBG Val#550
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 ECDSA Val#537 SHS Val#2482 DRBG Val#550

"McAfee NGFW Cryptographic Library is a software module that provides cryptographic services required by the McAfee NGFW product."

343
Section 4.1.1,
IKEv1
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Hewlett Packard Enterprise
153 Taylor Street
Littleton, MA 01460
USA

-Bob Pittman
TEL: 1-978-264-5211
FAX: 1-978-264-5522

HP Comware

Version Comware V7.1-R2311 (Firmware)
RMI(Netlogic) XLS408, 1.2GHz, MIPS 8/28/2014 IKEv1( AUTH( DSA , PSK ) ) ( 2048 (SHA 1 , 256 ) ) SHA Val#2481 HMAC Val#1868
TLS( TLS1.0/1.1 ) SHA Val#2481 HMAC Val#1868
SSH (SHA 1 ) SHA Val#2481
SNMP SHA1 Val#2481

"Comware cryptographic library is a software library that provides cryptographic functions within HP devices."

342
Section 4.1.1,
IKEv1
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Hewlett Packard Enterprise
153 Taylor Street
Littleton, MA 01460
USA

-Bob Pittman
TEL: 1-978-264-5211
FAX: 1-978-264-5522

HP Comware

Version Comware V7.1-R2111 (Firmware)
Broadcom XLP316, 1.2GHz, MIPS 8/28/2014 IKEv1( AUTH( DSA , PSK ) ) ( 2048 (SHA 1 , 256 ) ) SHA Val#2480 HMAC Val#1867
TLS( TLS1.0/1.1 ) SHA Val#2480 HMAC Val#1867
SSH (SHA 1 ) SHA Val#2480
SNMP SHA1 Val#2480

"Comware cryptographic library is a software library that provides cryptographic functions within HP devices."

341
Section 4.1.1,
IKEv1
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Hewlett Packard Enterprise
153 Taylor Street
Littleton, MA 01460
USA

-Bob Pittman
TEL: 1-978-264-5211
FAX: 1-978-264-5522

HP Comware

Version Comware V7.1-R2406 (Firmware)
Freescale P2020, 1.2GHz, PowerPC 8/28/2014 IKEv1( AUTH( DSA , PSK ) ) ( 2048 (SHA 1 , 256 ) ) SHA Val#2479 HMAC Val#1866
TLS( TLS1.0/1.1 ) SHA Val#2479 HMAC Val#1866
SSH (SHA 1 ) SHA Val#2479
SNMP SHA1 Val#2479

"Comware cryptographic library is a software library that provides cryptographic functions within HP devices."

340
Section 4.1.1,
IKEv1
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Hewlett Packard Enterprise
153 Taylor Street
Littleton, MA 01460
USA

-Bob Pittman
TEL: 1-978-264-5211
FAX: 1-978-264-5522

HP Comware

Version Comware V7.1-R7328 (Firmware)
Freescale MPC8548, 1.0GHz, PowerPC 8/28/2014 IKEv1( AUTH( DSA , PSK ) ) ( 2048 (SHA 1 , 256 ) ) SHA Val#2478 HMAC Val#1865
TLS( TLS1.0/1.1 ) SHA Val#2478 HMAC Val#1865
SSH (SHA 1 ) SHA Val#2478
SNMP SHA1 Val#2478

"Comware cryptographic library is a software library that provides cryptographic functions within HP devices."

339
Section 4.1.1,
IKEv1
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Hewlett Packard Enterprise
153 Taylor Street
Littleton, MA 01460
USA

-Bob Pittman
TEL: 1-978-264-5211
FAX: 1-978-264-5522

HP Comware with Hardware Accelerators

Version 5.2.109 (Firmware)
P1020, 880MHz, PowerPC; XLP432, 1.4GHz, MIPS; XLR732, 950Mhz, MIPS; XLS208, 750Mhz, MIPS 8/28/2014 IKEv1( AUTH( DSA , PSK ) ) ( 2048 (SHA 1 , 256 ) ) SHA Val#2476 HMAC Val#1864
TLS( TLS1.0/1.1 ) SHA Val#2476 HMAC Val#1864
SSH (SHA 1 ) SHA Val#2476
SNMP SHA1 Val#2476

"Comware cryptographic library is a software library that provides cryptographic functions within HP devices."

338
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

Brocade FIPS Crypto Library

Version NOS 5.0.0 (Firmware)
E 500 mc 8/28/2014 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#2473 HMAC Val#1861
SSH (SHA 1 , 224 , 256 , 384 , 512 ) SHA Val#2473

"Brocade cryptographic library is used in Brocade NOS based switches to implement the cryptographic related modules."

337
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

Brocade FIPS Crypto Library

Version NOS 5.0.0 (Firmware)
E 500 mc 8/28/2014 Curves tested: P-256   P-384   P-521

"Brocade cryptographic library is used in Brocade NOS based switches to implement the cryptographic related modules."

336
RSADP Primitive
FIPS186-4 RSA; RSADP
Oberthur Technologies
402 rue d'Estienne d'Orves
Colombes, N/A 92700
France

-GOYET Christophe
TEL: +1 703 322 8951

-BOUKYOUD Saïd
TEL: +33 1 78 14 72 58
FAX: +33 1 78 14 70 20

RSA on Cosmo V8

Version 07888.8 with 07846.9 (Firmware)
Part # 0F
ID-One PIV-C on Cosmo V8 ;  N/A 8/11/2014 RSADP: (Mod2048)

"ID-One Cosmo V8 is a dual interface (ISO 7816 & ISO 14443) smartcard hardware platform compliant with Javacard 3.0.1 and GlobalPlatform 2.2.1 chip which supports RSA (including RSA-CRT) encrypt/decrypt and digital signature generation /verification with keys from 64 to 2048-bit by step of 32-bit."

335
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Microsemi Corporation
One Enterprise
Aliso Viejo, CA 92656
USA

-Richard Newell
TEL: +1 (408) 643-6146

Microsemi SoC Cryptographic Module Mark II

Version 1.1 (Firmware)
Mentor Graphics Questa Simulator 10.1c 8/11/2014 Curves tested: P-384

"The Microsemi SoC Cryptographic Module provides custom hardware/firmware acceleration of the standard cryptographic algorithms used in Microsemi FPGAs and SoC FPGAs like Igloo®2 and SmartFusion®2. They are used to securely configure the devices, and are also made available to the FPGA user via an internal bus interface for use in end applications."

334
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Pitney Bowes, Inc.
37 Executive Drive
Danbury, CT 06810
USA

-Dave Riley
TEL: 203-796-3208

libkas

Version 01.01.000A (Firmware)
Part # MAX32590 Rev B4
n/a 8/11/2014 Curves tested: P-256

"Pitney Bowes X4 HSM Cryptographic Module"

333
Section 4.2,
TLS
SP800-135
Digicine Oristar Technology Development (Beijing) Co., Ltd.
No.1 Di Sheng West Street, BDA
Da Xing District
Beijing, 100176
China

-Mr. Xiao, Liquin
TEL: +86-010-8712 9372
FAX: +86-010-87127010

-Dr. Sun, Xiaobin
TEL: +86-010-8712 9111
FAX: +86-010-87127010

Oristar IMB TLSKDF Core-S

Version 1.0.0 (Firmware)
RENESAS SH-4A 8/11/2014 TLS( TLS1.0/1.1 ) SHA Val#2470 HMAC Val#1859

"Oristar IMB TLSKDF Core-S is the firmware module for digital cinema system."

332
Section 4.2,
TLS
SP800-135
Blue Coat Systems, Inc.
420 North Mary Avenue
Sunnyvale, California 94085-4121
USA

-Diana Robinson
TEL: +1 (845) 454-6397

-Tammy Green
TEL: +1 (801) 999-2973

Blue Coat SGOS TLS Library

Version 3.1.5 (Firmware)
Intel Xeon E5-2418L; Intel Xeon E5-2430; Intel Xeon E5-2658 8/11/2014 TLS( TLS1.0/1.1 ) SHA Val#2467 HMAC Val#1857

"The Blue Coat SGOS TLS Library provides the necessary SSL/TLS protocol support to a proprietary operating system (SGOS 6.5.2) developed specifically for use in Blue Coat''s ProxySG appliance line. ."

331
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
OpenSSL Software Foundation, Inc.
1829 Mount Ephraim Road
Adamstown, MD 27101
USA

-Steve Marquess
TEL: 877-673-6775

OpenSSL FIPS Object Module

Version 2.0.8
Xeon E5-2430L (x86) without AES-NI w/ FreeBSD 10.0; Xeon E5-2430L (x86) with AES-NI w/ FreeBSD 10.0; Intel Xeon E5440 (x86) 32-bit without AES-NI w/ FreeBSD 8.4; Intel Xeon E3-1220 (x86) without AES-NI w/ VMware Horizon Workspace 2.1 under vSphere; Intel Xeon E3-1220 (x86) with AES-NI w/ VMware Horizon Workspace 2.1 under vSphere; Freescale i.MX25 (ARMv4) w/ QNX 6.5 8/11/2014 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"The OpenSSL FIPS Object Module is a full featured general purpose cryptographic library that is distributed in source code form under an open source license. It can be downloaded from www.openssl.org/source/."

09/22/14: Added new tested information;
10/29/14: Added new tested information;

330
Section 4.1.1,
IKEv1
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Hewlett Packard Enterprise
153 Taylor Street
Littleton, MA 01460
USA

-Bob Pittman
TEL: 1-978-264-5211
FAX: 1-978-264-5522

HP Comware

Version Version 7.1.R0106 (Firmware)
Freescale P1021, 800Mhz, PowerPC; Cavium 6130, 1Ghz, MIPS; Cavium 6635, 1.3 Ghz, MIPS; Cavium 6218, 1Ghz, MIPS; Cavium 6740, 1Ghz, MIPS; Cavium 6760, 1Ghz, MIPS; Cavium 6880, 1.2Ghz, MIPS 7/31/2014 IKEv1( AUTH( DSA , PSK ) ) ( 2048 (SHA 1 ) ) SHA Val#2463 HMAC Val#1854
TLS( TLS1.0/1.1 ) SHA Val#2463 HMAC Val#1854
SSH (SHA 1 ) SHA Val#2463
SNMP SHA1 Val#2463

"Comware cryptographic library is a software library that provides cryptographic functions within HP devices."

329
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
Section 4.2,
TLS
SP800-135
Fortinet Inc.
899 Kifer Road
Sunnyvale, CA 94086
USA

-Alan Kaye
TEL: 613-225-9381
FAX: 613-225-2951

FortiClient FCCrypt Cryptolibrary v5.0

Version 5.0
Intel Core 2 Duo w/ Windows 7 Enterprise ;  N/A 7/31/2014 IKEv1( AUTH( DSA , PKE , PSK ) ) ( 2048 (SHA 1 , 256 ) ) ( 8192 (SHA 1 , 256 ) ) SHA Val#2451 HMAC Val#1842
IKEv2( ( 2048 (SHA 1 , 256 ) ) ( 8192 (SHA 1 , 256 ) ) SHA Val#2451 HMAC Val#1842
TLS( TLS1.0/1.1 ) SHA Val#2451 HMAC Val#1842

"The FCCrypt library provides the following services for the FortiClient 5.0: HMAC, SHA-1, SHA-256, AES CBC, AES ECB, 3DES, RSA and NIST 800-90A RBG."

328
Section 4.2,
TLS
SP800-135
Blue Coat Systems, Inc.
420 North Mary Avenue
Sunnyvale, California 94085-4121
USA

-Diana Robinson
TEL: +1 (845) 454-6397

-Tammy Green
TEL: +1 (801) 999-2973

Blue Coat SG VA TLS Library

Version 3.1.4
Intel Xeon w/ VMware ESXi v5.1 with SGOS v6.5.2 7/18/2014 TLS( TLS1.0/1.1 ) SHA Val#2307 HMAC Val#1716

"The Blue Coat SG VA TLS Library provides the necessary SSL/TLS key derivation functionality to a proprietary operating system (SGOS 6.5.2) developed specifically for use in Blue Coat''s Secure Web Gateway virtual appliance ."

327
Signature Generation of hash sized messages
FIPS186-4 ECDSA
Atmel Corporation
1150 E. Cheyenne Mountain Blvd
Colorado Springs, CO 80906
USA

-Jim Hallman
TEL: (919) 846-3391

ATECC108A

Version 0x1003 (Firmware)
Cadence NC Verilog hardware simulator 7/18/2014 ECDSA SigGen Component: CURVES( P-256 K-283 B-283 )

"Atmel CryptoAuthentication: Secure authentication and product validation device."

326
Section 4.1.1,
IKEv1
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Hewlett Packard Enterprise Company
1344 Crossman Ave
Sunnyvale, CA 94089
USA

-Steve Weingart
TEL: 512-319-2480
FAX: 408-227-4550

ArubaOS OpenSSL Module

Version ArubaOS 6.4 (Firmware)
Broadcom XLP Series; Freescale QorIQ P10XX Series 7/10/2014 IKEv1( AUTH( DSA , PSK ) ) ( 2048 (SHA 1 , 256 , 384 ) ) SHA Val#2440 HMAC Val#1835
TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#2440 HMAC Val#1835
SSH (SHA 1 ) SHA Val#2440
SNMP SHA1 Val#2440

"The Aruba MOVE Architecture forms the core network infrastructure for supporting mobile and wireless computing devices. The system enables enterprise-scale 802.11 wireless LANs (Wi-Fi), secure remote VPNs, and mobility-optimized wired networks. The Broadcom XLP Series includes Broadcom XLP 204, XLP 208, XLP 316, XLP 408, XLP 416 and XLP 432 processors; the Freescale QorIQ P10XX Series includes P1010 and P1020 processors."

12/04/14: Updated implementation information;
12/24/14: Updated implementation information;
08/18/15: Updated implementation information;
01/12/16: Updated vendor information;

325
Section 4.2,
TLS
SP800-135
Palo Alto Networks
4401 Great America Parkway
Santa Clara, California 95054
USA

-Richard Bishop
TEL: 408-753-4000
FAX: 408-753-4001

-Jake Bajic
TEL: 408-753-3901
FAX: 408-753-4001

Palo Alto Networks Crypto Module (PA-200, PA-500, PA-2000 Series, PA-3000 Series, PA-4000 Series, PA-5000 and PA-7050 Series Firewalls and M100/Panorama)

Version PAN-OS 6.0/Panorama 6.0 (Firmware)
Cavium Octeon MIPS64 7/10/2014 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 ) ) SHA Val#2439 HMAC Val#1832

"The Palo Alto Networks Crypto Module provides the cryptographic functionality for a variety of platforms i.e. the PA-200, PA-500, PA-2000, PA-3000, PA-4000, PA-5000 and PA-7050 firewalls and M100/Panorama. The firewalls provide network security by enabling enterprises to see/control applications, users, and content."

324
Section 4.1.1,
IKEv1
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Palo Alto Networks
4401 Great America Parkway
Santa Clara, California 95054
USA

-Richard Bishop
TEL: 408-753-4000
FAX: 408-753-4001

-Jake Bajic
TEL: 408-753-3901
FAX: 408-753-4001

Palo Alto Networks Crypto Module (PA-200, PA-500, PA-2000 Series, PA-3000 Series, PA-4000 Series, PA-5000 and PA-7050 Series Firewalls and M100/Panorama)

Version PAN-OS 6.0/Panorama 6.0 (Firmware)
Cavium Octeon MIPS64; Intel Multi Core Xeon; Intel Celeron P4505; Intel Core I7 7/10/2014 IKEv1( AUTH( PSK ) ) ( 224 (SHA 256 , 384 , 512 ) ) SHA Val#2439 HMAC Val#1832
TLS( TLS1.0/1.1 ) SHA Val#2439 HMAC Val#1832
SSH (SHA 1 ) SHA Val#2439
SNMP SHA1 Val#2439

"The Palo Alto Networks Crypto Module provides the cryptographic functionality for a variety of platforms i.e. the PA-200, PA-500, PA-2000, PA-3000, PA-4000, PA-5000 and PA-7050 firewalls and M100/Panorama. The firewalls provide network security by enabling enterprises to see/control applications, users, and content."

323
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
Section 4.2,
TLS
SP800-135
Microsoft Corporation
One Microsoft Way
Redmond, WA 98052-6399
USA

-Mike Grimm
TEL: 800-Microsoft

Microsoft Windows 8.1, Microsoft Windows Server 2012 R2, Microsoft Windows Storage Server 2012 R2, Microsoft Windows RT 8.1, Microsoft Surface with Windows RT 8.1, Microsoft Surface Pro with Windows 8.1, Microsoft Surface 2, Microsoft Surface Pro 2, Microsoft Surface Pro 3, Microsoft Windows Phone 8.1, Microsoft Windows Embedded 8.1 Industry and Microsoft StorSimple 8100 BCryptPrimitives and NCryptSSLp

Version 6.3.9600
Intel Pentium without AES-NI w/ Microsoft Windows 8.1 Enterprise (x86); Intel Pentium without AES-NI w/ Microsoft Windows Embedded 8.1 Industry Enterprise x86; Intel Pentium without AES-NI w/ Microsoft Windows 8.1 Enterprise (x64); Intel Pentium without AES-NI w/ Microsoft Windows Embedded 8.1 Industry Enterprise (x64); Intel Pentium without AES-NI w/ Microsoft Windows Server 2012 R2 (x64); Intel Pentium without AES-NI w/ Microsoft Windows Storage Server 2012 R2 (x64); AMD Athlon 64 X2 without AES-NI w/ Microsoft Windows 8.1 Enterprise (x86); AMD Athlon 64 X2 without AES-NI w/ Microsoft Windows Embedded 8.1 Industry Enterprise x86; AMD Athlon 64 X2 without AES-NI w/ Microsoft Windows 8.1 Enterprise (x64); AMD Athlon 64 X2without AES-NI w/ Microsoft Windows Embedded 8.1 Industry Enterprise (x64); AMD Athlon 64 X2 without AES-NI w/ Microsoft Windows Server 2012 R2 (x64); AMD Athlon 64 X2 without AES-NI w/ Microsoft Windows Storage Server 2012 R2 (x64); Intel Core i7 without AES-NI or PCLMULQDQ or SSSE3 w/ Microsoft Windows 8.1 Enterprise (x86); Intel Core i7 without AES-NI or PCLMULQDQ or SSSE3 w/ Microsoft Windows Embedded 8.1 Industry Enterprise x86; Intel Core i7 without AES-NIor PCLMULQDQ or SSSE3 w/ Microsoft Windows Embedded 8.1 Industry Enterprise (x64); Intel Core i7 without AES-NI or PCLMULQDQ or SSSE3 w/ Microsoft Windows Server 2012 R2 (x64); Intel Core i7 without AES-NI or PCLMULQDQ or SSSE3 w/ Microsoft Windows Storage Server 2012 R2 (x64); AMD A4 without AES-NI or PCLMULQDQ or SSSE3 w/ Microsoft Windows 8.1 Enterprise (x86); AMD A4 without AES-NI or PCLMULQDQ or SSSE3 w/ Microsoft Windows Embedded 8.1 Industry Enterprise x86; AMD A4 without AES-NI or PCLMULQDQ or SSSE3 w/ Microsoft Windows 8.1 Enterprise (x64); AMD A4 without AES-NI or PCLMULQDQ or SSSE3 w/ Microsoft Windows Embedded 8.1 Industry Enterprise (x64); AMD A4 without AES-NI or PCLMULQDQ or SSSE3 w/ Microsoft Windows Server 2012 R2 (x64); Intel Core i5 with AES-NI w/ Microsoft Windows 8.1 Enterprise (x64); Intel Core i5 with AES-NI w/ Microsoft Surface Pro with Windows 8.1 Pro; Intel Core i5 with AES-NI w/ Microsoft Surface Pro 2 with Windows 8.1 Pro; NVIDIA Tegra 3 Quad Core w/ Microsoft Windows 8.1 RT; NVIDIA Tegra 3 Quad-Core w/ Microsoft Windows 8.1 RT; Qualcomm Snapdragon S4 w/ Microsoft Windows 8.1 RT; NVIDIA Tegra 4 Quad Core w/ Microsoft Windows 8.1 RT; Qualcomm Snapdragon S4 w/ Microsoft Windows 8.1 RT; Qualcomm Snapdragon 400 w/ Microsoft Windows 8.1 RT; Qualcomm Snapdragon 800 w/ Microsoft Windows 8.1 RT; Intel Core i3 without AES-NI and with PCLMULQDQ and SSSE3 w/ Microsoft Windows 8.1 Enterprise (x64); Intel Core i3 without AES-NI and with PCLMULQDQ and SSSE3 w/ Microsoft Windows Embedded 8.1 Industry Enterprise (x64); Intel Core i3 without AES-NI and with PCLMULQDQ and SSSE3 w/ Microsoft Windows Server 2012 R2 (x64); Intel Core i3 without AES-NI and with PCLMULQDQ and SSSE3 w/ Microsoft Windows Storage Server 2012 R2 (x64); Intel Core i7 with AES-NI and PCLMULQDQ and SSSE3 w/ Microsoft Windows 8.1 Enterprise (x64); Intel Core i7 with AES-NI and PCLMULQDQ and SSSE3 w/ Microsoft Windows Embedded 8.1 Industry Enterprise (x64); Intel Core i7 with AES-NI and PCLMULQDQ and SSSE3 w/ Microsoft Windows Server 2012 R2 (x64); Intel Core i7 with AES-NI and PCLMULQDQ and SSSE3 w/ Microsoft Windows Storage Server 2012 R2 (x64); AMD A4 with AES-NI and PCLMULQDQ and SSSE3 w/ Microsoft Windows 8.1 Enterprise (x64); AMD A4 with AES-NI and PCLMULQDQ and SSSE3 w/ Microsoft Windows Embedded 8.1 Industry Enterprise (x64); AMD A4 with AES-NI and PCLMULQDQ and SSSE3 w/ Microsoft Windows Server 2012 R2 (x64); AMD A4 with AES-NI and PCLMULQDQ and SSSE3 w/ Microsoft Windows Storage Server 2012 R2 (x64) ;  Intel Xeon E5-2648L without AES-NI w/ Microsoft StorSimple 8100 w/ Microsoft Windows Server 2012 R2; Intel Xeon E5-2648L with AES-NI w/ Microsoft StorSimple 8100 w/ Microsoft Windows Server 2012 R2; Intel Core i7 with AES-NI and PCLMULQDQ and SSSE 3 w/ Microsoft Surface Pro 3 w/ Windows 8.1 Pro (x64); Intel Xeon with AES-NI w/ Azure StorSimple Virtual Array Windows Server 2012 R2 on Hyper-V 6 on Windows Server 2012 R2 (x64); Intel Core i7 with AES-NI w/ Azure StorSimple Virtual Array Windows Server 2012 R2 on VMware Workstation 12 on Windows Server 2012 R2 (x64) 7/10/2014 IKEv1( AUTH( DSA , PKE , PSK ) ) ( 2048 (SHA 256 ) ) ( 256 (SHA 256 ) ) ( 384 (SHA 384 ) ) SHA Val#2373 HMAC Val#1773
IKEv2( ( 2048 (SHA 256 ) ) ( 256 (SHA 256 ) ) ( 384 (SHA 384 ) ) SHA Val#2373 HMAC Val#1773
TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#2373 HMAC Val#1773

"The Microsoft Windows Cryptographic Primitives Library provides IKEv1, IKEv2, and TLS Key Derivation Function (KDF) primitives."

12/11/14: Added new tested information;
03/13/15: Added new tested information;
03/03/17: Added new tested information;

322
Section 4.1.1,
IKEv1
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134
USA

-Global Certification Team

OSSL

Version Openssl-0.9.8g-8.0.0 (Firmware)
Cavium 56XX 7/10/2014 IKEv1( ( 2048 (SHA 1 ) ) SHA Val#2437 HMAC Val#1830
TLS( TLS1.0/1.1 ) SHA Val#2437 HMAC Val#1830
SSH (SHA 1 ) SHA Val#2437
SNMP SHA1 Val#2437

"Cisco WLAN Controllers provide centralized control, management and scalability for small, medium and large-scale Government WLAN networks using APs joined over secure DTLS connection and support IEEE 802.11i security standard with WPA2 to enable a Secure Wireless Architecture."

10/14/2014: Added KDF 800-135 IKEv1 KDF and SNMP KDF and updated implementation description.
08/20/2015: Updated prerequisite numbers.

321
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Hamid Sobouti
TEL: 408-333-4150
FAX: 408-333-8101

Brocade FIPS Crpyto Library

Version FOS 7.3.0 (Firmware)
MPC8548 7/10/2014 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#2436 HMAC Val#1829
SSH (SHA 1 , 224 , 256 , 384 , 512 ) SHA Val#2436

"Brocade Cryptographic Library is used in Brocade FOS based switches to implement the cryptographic related modules."

12/02/16: Updated vendor information;
12/13/16: Updated implementation information;

320
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Hamid Sobouti
TEL: 408-333-4150
FAX: 408-333-8101

Brocade FIPS Crpyto Library

Version FOS 7.3.0 (Firmware)
MPC8548 7/10/2014 Curves tested: P-256   P-384   P-521

"Brocade Cryptographic Library is used in Brocade FOS based switches to implement the cryptographic related modules."

12/02/16: Updated vendor information;

319
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris marks
TEL: 408-333-0480
FAX: 408-333-8101

Brocade FIPS Crypto Library

Version FOS 7.3.0 (Firmware)
E 500 mc 7/10/2014 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#2435 HMAC Val#1828
SSH (SHA 1 , 224 , 256 , 384 , 512 ) SHA Val#2435

"Brocade cryptographic library is used in Brocade FOS based switches to implement the cryptographic related modules."

318
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris marks
TEL: 408-333-0480
FAX: 408-333-8101

Brocade FIPS Crypto Library

Version FOS 7.3.0 (Firmware)
E 500 mc 7/10/2014 Curves tested: P-256   P-384   P-521

"Brocade cryptographic library is used in Brocade FOS based switches to implement the cryptographic related modules."

317
Section 4.2,
TLS
SP800-135
Cisco Systems, Inc.
170 W. Tasman Drive
San Jose, CA 95134
USA

-Global Certification Team

ONS Encryption Card Firmware Algorithms

Version 1.2 (Firmware)
Freescale P1010 7/10/2014 TLS( TLS1.0/1.1 ) SHA Val#2428 HMAC Val#1821

"Firmware algorithm implementations for the ONS encryption card."

316
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Cisco Systems, Inc.
170 W. Tasman Drive
San Jose, CA 95134
USA

-Global Certification Team

ONS Controller Card Firmware Algorithms

Version 1.2 (Firmware)
Freescale MPC8568E 7/10/2014 TLS( TLS1.0/1.1 ) SHA Val#2427 HMAC Val#1820
SSH (SHA 1 , 256 ) SHA Val#2427

"Firmware algorithm implementations for the ONS controller cards."

315
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
SP800-135
Motorola Solutions, Inc.
6480 Via Del Oro
San Jose, CA 95119
USA

-Ashot Andreasyan
TEL: 408-826-3203
FAX: 408-538-2883

IKEv1 KDF IKEv2 KDF

Version 16.6.0.80 (Firmware)
FreeScale MPC-8568E; FreeScale MPC-7457 7/10/2014 IKEv1( AUTH( PSK ) ) ( 2048 (SHA 1 ) ) SHA Val#2057 HMAC Val#1486
IKEv2( ( 2048 (SHA 1 ) ) SHA Val#2057 HMAC Val#1486

"IKEv1 and IKEv2 Key Derivation Functions are used to derive shared secret keys between peers for the S6000 and GGM8000 network devices."

314
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
SP800-135
Aruba Networks, Inc.
1344 Crossman Ave
Sunnyvale, CA 94089
USA

-Jon Green
TEL: 408-227-4500
FAX: 408-227-4550

-Steve Weingart
TEL: 210-516-5736

ArubaOS Crypto Module

Version ArubaOS 6.4 (Firmware)
Broadcom XLP Series; Freescale QorIQ P1020 7/10/2014 IKEv1( AUTH( DSA , PSK ) ) ( 256 (SHA 256 , 384 ) ) ( 384 (SHA 256 , 384 ) ) ( 2048 (SHA 256 , 384 ) ) SHA Val#2425 HMAC Val#1818
IKEv2( ( 2048 (SHA 256 , 384 ) ) SHA Val#2425 HMAC Val#1818

"The Aruba MOVE Architecture forms the core network infrastructure for supporting mobile and wireless computing devices. The system enables enterprise-scale 802.11 wireless LANs (Wi-Fi), secure remote VPNs, and mobility-optimized wired networks."

12/04/14: Updated implementation information;

313
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Hewlett Packard Enterprise Company
1344 Crossman Ave
Sunnyvale, CA 94089
USA

-Steve Weingart
TEL: 512-319-2480
FAX: 408-227-4550

ArubaOS Crypto Module

Version ArubaOS 6.4 (Firmware)
Broadcom XLP Series; Freescale QorIQ P10XX Series 7/10/2014 RSASP1: (Mod2048: PKCS1.5 )

"The Aruba MOVE Architecture forms the core network infrastructure for supporting mobile and wireless computing devices. The system enables enterprise-scale 802.11 wireless LANs (Wi-Fi), secure remote VPNs, and mobility-optimized wired networks. The Broadcom XLP Series includes Broadcom XLP 204, XLP 208, XLP 316, XLP 408, XLP 416 and XLP 432 processors; the Freescale QorIQ P10XX Series includes P1010 and P1020 processors."

12/04/14: Updated implementation information;
12/24/14: Updated implmentation information;
08/18/15: Updated implementation information;
01/12/16: Updated vendor information;

312
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

Brocade FIPS Crypto Library

Version FOS 7.3.0 (Firmware)
AMCC PPC 440EPX 6/27/2014 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#2417 HMAC Val#1814
SSH (SHA 1 , 224 , 256 , 384 , 512 ) SHA Val#2417

"Brocade Cryptographic library is used in Brocade FOS based switches to implement the cryptographic related modules."

311
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

Brocade FIPS Crypto Library

Version FOS 7.3.0 (Firmware)
AMCC PPC 440EPX 6/27/2014 Curves tested: P-256   P-384   P-521

"Brocade Cryptographic library is used in Brocade FOS based switches to implement the cryptographic related modules."

310
Section 4.2,
TLS
SP800-135
Neopost Technologies, S.A.
113 Rue Jean Marin Naudin
BAGNEUX, 92220
France

-Nathalie TORTELLIER
TEL: 33 01 45 36 30 72
FAX: 33 01 45 36 30 10

Neopost PSD

Version A0038114A (Firmware)
Part # A0014227B
n/a 6/27/2014 TLS( TLS1.2 (SHA 256 ) ) SHA Val#2416 HMAC Val#1813

"Neopost Postal Secure Device (PSD) for low to high range of franking machines"

309
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Symantec Corporation
350 Ellis Street
Mountain View, CA 94043
USA

-Bill Zhao
TEL: 650-527-0683

PSymantec PGP Cryptographic Engine

Version 4.3
sVirtualized vSphere 5.1 / ESXi 5.1 hypervisor w/ Windows Server 2012 R2 x64 6/27/2014 Curves tested: P-256   P-384   P-521

"The Symantec PGP Cryptographic Engine is a FIPS 140-2 validated software only cryptographic module. The module implements the cryptographic functions for Symantec Encryption products, including the Symantec Drive Encryption, Symantec Desktop Email, Symantec File Share Encryption, Symantec Encryption Desktop, and Symantec Gateway Email."

308
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Symantec Corporation
350 Ellis Street
Mountain View, CA 94043
USA

-Bill Zhao
TEL: 650-527-0683

Symantec PGP Cryptographic Engine

Version 4.3
Virtualized vSphere 5.1 / ESXi 5.1 hypervisor w/ Windows 8.1 update 1 x64 6/27/2014 Curves tested: P-256   P-384   P-521

"The Symantec PGP Cryptographic Engine is a FIPS 140-2 validated software only cryptographic module. The module implements the cryptographic functions for Symantec Encryption products, including the Symantec Drive Encryption, Symantec Desktop Email, Symantec File Share Encryption, Symantec Encryption Desktop, and Symantec Gateway Email."

307
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Symantec Corporation
350 Ellis Street
Mountain View, CA 94043
USA

-Bill Zhao
TEL: 650-527-0683

Symantec PGP Cryptographic Engine

Version 4.3
Dell Precision M6400 Intel Core 2 Duo w/ Linux 64-bit RHEL 6.2 6/27/2014 Curves tested: P-256   P-384   P-521

"The Symantec PGP Cryptographic Engine is a FIPS 140-2 validated software only cryptographic module. The module implements the cryptographic functions for Symantec Encryption products, including the Symantec Drive Encryption, Symantec Desktop Email, Symantec File Share Encryption, Symantec Encryption Desktop, and Symantec Gateway Email."

306
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Symantec Corporation
350 Ellis Street
Mountain View, CA 94043
USA

-David Finkelstein
TEL: 650-527-0714

Symantec PGP Cryptographic Engine

Version 4.3
Dell Precision M6400 Intel Core 2 Duo w/ Windows 7 32 bit 6/27/2014 Curves tested: P-256   P-384   P-521

"The Symantec PGP Cryptographic Engine is a FIPS 140-2 validated software only cryptographic module. The module implements the cryptographic functions for Symantec Encryption products, including the Symantec Drive Encryption, Symantec Desktop Email, Symantec File Share Encryption, Symantec Encryption Desktop, and Symantec Gateway Email."

305
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Symantec Corporation
350 Ellis Street
Mountain View, CA 94043
USA

-David Finkelstein
TEL: 650-527-0714

Symantec PGP Cryptographic Engine

Version 4.3
Dell Precision M6400 Intel Core 2 i7 w/ Windows 7 32 bit with AESNI 6/27/2014 Curves tested: P-256   P-384   P-521

"The Symantec PGP Cryptographic Engine is a FIPS 140-2 validated software only cryptographic module. The module implements the cryptographic functions for Symantec Encryption products, including the Symantec Drive Encryption, Symantec Desktop Email, Symantec File Share Encryption, Symantec Encryption Desktop, and Symantec Gateway Email. It include"

304
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Symantec Corporation
350 Ellis Street
Mountain View, CA 94043
USA

-David Finkelstein
TEL: 650-527-0714

Symantec PGP Cryptographic Engine

Version 4.3
Dell Precision M6400 Intel Core i7 w/ Windows 7 64 bit with AESNI 6/27/2014 Curves tested: P-256   P-384   P-521

"The Symantec PGP Cryptographic Engine is a FIPS 140-2 validated software only cryptographic module. The module implements the cryptographic functions for Symantec Encryption products, including the Symantec Drive Encryption, Symantec Desktop Email, Symantec File Share Encryption, Symantec Encryption Desktop, and Symantec Gateway Email. "

303
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Symantec Corporation
350 Ellis Street
Mountain View, CA 94043
USA

-David Finkelstein
TEL: 650-527-0714

Symantec PGP Cryptographic Engine

Version 4.3
Dell Precision M6400 Intel Core i7 w/ Linux 32 bit RHEL 6.2 with AESNI 6/27/2014 Curves tested: P-256   P-384   P-521

"The Symantec PGP Cryptographic Engine is a FIPS 140-2 validated software only cryptographic module. The module implements the cryptographic functions for Symantec Encryption products, including the Symantec Drive Encryption, Symantec Desktop Email, Symantec File Share Encryption, Symantec Encryption Desktop, and Symantec Gateway Email. "

302
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Symantec Corporation
350 Ellis Street
Mountain View, CA 94043
USA

-David Finkelstein
TEL: 650-527-0714

Symantec PGP Cryptographic Engine

Version 4.3
Mac OS X 10.7 with AESNI w/ Apple MacBook Pro Intel Core i7 6/27/2014 Curves tested: P-256   P-384   P-521

"The Symantec PGP Cryptographic Engine is a FIPS 140-2 validated software only cryptographic module. The module implements the cryptographic functions for Symantec Encryption products, including the Symantec Drive Encryption, Symantec Desktop Email, Symantec File Share Encryption, Symantec Encryption Desktop, and Symantec Gateway Email."

301
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Fortinet Inc.
1090 Kifer Road
Sunnyvale, CA 94086-5301
USA

-Alan Kaye
TEL: 613-225-9381 x7416
FAX: 613-225-9951

Fortinet FortiOS SSL Cryptographic Library

Version 5.0 GA Patch 7 (Firmware)
Intel Xeon 6/27/2014 IKEv1( AUTH( DSA , PKE , PSK ) ) ( 224 (SHA 1 , 256 ) ) ( 8192 (SHA 1 , 256 ) ) SHA Val#2404 HMAC Val#1801
IKEv2( ( 224 (SHA 1 , 256 ) ) ( 8192 (SHA 1 , 256 ) ) SHA Val#2404 HMAC Val#1801
TLS( TLS1.2 (SHA 256 ) ) SHA Val#2404 HMAC Val#1801
SSH (SHA 1 , 256 ) SHA Val#2404

"This document focuses on the software implementation of the Fortinet FortiOS SSL Cryptographic Library 5.0 GA Patch 7."

07/10/14: Updated implementation information;

300
RSADP Primitive
FIPS186-4 RSA; RSADP
RSA, The Security Division of EMC
174 Middlesex Turnpike
Bedford, MA 01730
USA

-Sandy Carielli
TEL: 781-515-7510

RSA BSAFE Crypto-C Micro Edition (ME)

Version 4.1
Intel x86 with AES-NI w/ Windows Server 2003 Enterprise R2 (/MD); Intel x86 without AES-NI w/ Windows Server 2003 Enterprise R2 (/MD); Intel x86 with AES-NI w/ Windows Server 2008 Enterprise SP2 (/MD); Intel x86 without AES-NI w/ Windows Server 2008 Enterprise SP2 (/MD); Intel x86 with AES-NI w/ Windows 7 Enterprise SP1 (/MD); Intel x86 without AES-NI w/ Windows 7 Enterprise SP1 (/MD); Intel x64 with AES-NI w/ Windows Server 2003 Enterprise R2 (/MD); Intel x64 without AES-NI w/ Windows Server 2003 Enterprise R2 (/MD); Intel x64 with AES-NI w/ Windows Server 2008 Enterprise R2 (/MD); Intel x64 without AES-NI w/ Windows Server 2008 Enterprise R2 (/MD); Intel x64 with AES-NI w/ Windows 7 Enterprise SP1 (/MD); Intel x64 without AES-NI w/ Windows 7 Enterprise SP1 (/MD); Itanium2 w/ Windows Server 2003 Enterprise R2; Itanium2 w/ Windows Server 2008 Enterprise R2; Intel x86 with AES-NI w/ Windows Server 2003 Enterprise R2 on ESX 5.1 (/MT); Intel x86 without AES-NI w/ Windows Server 2003 Enterprise R2 (/MT); Intel x86 with AES-NI w/ Windows Server 2008 Enterprise SP2 (/MT); Intel x86 without AES-NI w/ Windows Server 2008 Enterprise SP2 (/MT); Intel x86 with AES-NI w/ Windows 7 Enterprise SP1 (/MT); Intel x86 without AES-NI w/ Windows 7 Enterprise SP1 (/MT); Intel x64 with AES-NI w/ Windows Server 2003 Enterprise R2 (/MT); Intel x64 without AES-NI w/ Windows Server 2003 Enterprise R2 (/MT); Intel x64 with AES-NI w/ Windows Server 2008 Enterprise R2 (/MT); Intel x64 without AES-NI w/ Windows Server 2008 Enterprise R2 (/MT); Intel x64 with AES-NI w/ Windows 7 Enterprise SP1 (/MT); Intel x64 with AES-NI w/ Windows Server 2012 R2 Standard (/MT); Intel x64 without AES-NI w/ Windows Server 2012 R2 Standard (/MT); Intel x64 with AES-NI w/ Windows 8.1 Enterprise (/MT); Intel x64 without AES-NI w/ Windows 8.1 Enterprise (/MT); Itanium2 64-bit w/ Windows Server 2003 Enterprise R2; Itanium2 64-bit w/ Windows Server 2008 Enterprise R2; Intel x86 with AES-NI w/ Red Hat Enterprise Linux 5.5 on ESX 4.0; Intel x86 without AES-NI w/ Red Hat Enterprise Linux 5.5 on ESX 4.0; Intel x64 with AES-NI w/ Red Hat Enterprise Linux 5.5 on ESX 4.0; Intel x64 without AES-NI w/ Red Hat Enterprise Linux 5.5 on ESX 4.0; Intel x86 without AES-NI w/ Red Hat Enterprise Linux 6.1 on ESXi 4.1; Intel x86 with AES-NI w/ SUSE Linux Enterprise Server 11 on ESX 4.0; Intel x86 without AES-NI w/ SUSE Linux Enterprise Server11 on ESX 4.0; Intel x64 with AES-NI w/ Red Hat Enterprise Linux 6.1 ESXi 4.1; Intel x64 without AES-NI w/ Red Hat Enterprise Linux 6.1 on ESXi 4.1; Intel x64 with AES-NI w/ SUSE Linux Enterprise Server 11 on ESXi 4.1; Intel x64 without AES-NI w/ SUSE Linux Enterprise Server 11 on ESXi 4.1; Itanium2 64-bit w/ Red Hat Enterprise Linux 5.5; PPC 32-bit w/ Red Hat Enterprise Linux 5.3; PPC 32-bit w/ SUSE Linux Enterprise Server 11; PPC 64-bit w/ Red Hat Enterprise Linux 5.3; PPC 64-bit w/ SUSE Linux Enterprise Server 11; Intel x64 with AES-NI w/ FreeBSD 8.3 on ESXi 5.0; Intel x64 without AES-NI w/ FreeBSD 8.3 on ESXi 5.0; Intel x64 with AES-NI w/ Mac OS X 10.8; Intel x64 without AES-NI w/ Mac OS X 10.8; SPARC v8 w/ Solaris 10; SPARC v8+ w/ Solaris 11; SPARC v9 (T2) w/ Solaris 11; SPARC v9 (T4) with T4 accelerator w/ Solaris 11; SPARC v9 (T4) without T4 accelerator w/ Solaris 11; Intel x86 with AES-NI w/ Solaris 10 on ESXi 4.1; Intel x86 without AES-NI w/ Solaris 10 on ESXi 4.1; Intel x64 with AES-NI w/ Solaris 10; Intel x64 without AES-NI w/ Solaris 10; PA-RISC 2.0 32-bit w/ HPUX 11.31; PA-RISC 2.0W 64-bit w/ HPUX 11.31; Itanium2 32-bit w/ HPUX 11.31; Itanium2 64-bit w/ HPUX 11.31; PowerPC 32-bit w/ AIX 6.1 on Virtual I/O Server 2.2.2.1; PowerPC 64-bit w/ AIX 6.1 on Virtual I/O Server 2.2.2.1; PowerPC 32-bit w/ AIX 7.1 on Virtual I/O Server 2.2.2.1; PowerPC 64-bit w/ AIX 7.1 on Virtual I/O Server 2.2.2.1; IBM z196 31/32-bit w/ Red Hat Enterprise Linux 5.8 on z/VM 6.2; IBM z196 64-bit w/ Red Hat Enterprise Linux 5.8 on z/VM 6.2; ARMv7 w/ Ubuntu 12.04 LTS; ARMv7 w/ Fedora Core 17; Intel x86 w/ Android 4.0.3; ARMv7 w/ Android 2.3.6; ARMv7 w/ Android 4.1.2; ARMv7 w/ iOS 7.1; ARMv7s w/ iOS 7.1; PPC 604 w/ VxWorks 6.4; PPC 604 w/ VxWorks 6.7; ARMv4 w/ VxWorks 6.8 6/27/2014 RSADP: (Mod2048)

"RSA BSAFE® Crypto-C ME software is designed to help protect sensitive data as it is stored using strong encryption techniques to provide a persistent level of protection. The software supports a wide range of industry standard encryption algorithms offering developers the flexibility to choose the appropriate option to meet their requirements."

299
Signature Generation of hash sized messages
FIPS186-4 ECDSA
RSA, The Security Division of EMC
174 Middlesex Turnpike
Bedford, MA 01730
USA

-Sandy Carielli
TEL: 781-515-7510

RSA BSAFE Crypto-C Micro Edition (ME)

Version 4.1
Intel x86 with AES-NI w/ Windows Server 2003 Enterprise R2 (/MD); Intel x86 without AES-NI w/ Windows Server 2003 Enterprise R2 (/MD); Intel x86 with AES-NI w/ Windows Server 2008 Enterprise SP2 (/MD); Intel x86 without AES-NI w/ Windows Server 2008 Enterprise SP2 (/MD); Intel x86 with AES-NI w/ Windows 7 Enterprise SP1 (/MD); Intel x86 without AES-NI w/ Windows 7 Enterprise SP1 (/MD); Intel x64 with AES-NI w/ Windows Server 2003 Enterprise R2 (/MD); Intel x64 without AES-NI w/ Windows Server 2003 Enterprise R2 (/MD); Intel x64 with AES-NI w/ Windows Server 2008 Enterprise R2 (/MD); Intel x64 without AES-NI w/ Windows Server 2008 Enterprise R2 (/MD); Intel x64 with AES-NI w/ Windows 7 Enterprise SP1 (/MD); Intel x64 without AES-NI w/ Windows 7 Enterprise SP1 (/MD); Itanium2 w/ Windows Server 2003 Enterprise R2; Itanium2 w/ Windows Server 2008 Enterprise R2; Intel x86 with AES-NI w/ Windows Server 2003 Enterprise R2 on ESX 5.1 (/MT); Intel x86 without AES-NI w/ Windows Server 2003 Enterprise R2 (/MT); Intel x86 with AES-NI w/ Windows Server 2008 Enterprise SP2 (/MT); Intel x86 without AES-NI w/ Windows Server 2008 Enterprise SP2 (/MT); Intel x86 with AES-NI w/ Windows 7 Enterprise SP1 (/MT); Intel x86 without AES-NI w/ Windows 7 Enterprise SP1 (/MT); Intel x64 with AES-NI w/ Windows Server 2003 Enterprise R2 (/MT); Intel x64 without AES-NI w/ Windows Server 2003 Enterprise R2 (/MT); Intel x64 with AES-NI w/ Windows Server 2008 Enterprise R2 (/MT); Intel x64 without AES-NI w/ Windows Server 2008 Enterprise R2 (/MT); Intel x64 with AES-NI w/ Windows 7 Enterprise SP1 (/MT); Intel x64 without AES-NI w/ Windows 7 Enterprise SP1 (/MT); Intel x64 with AES-NI w/ Windows Server 2012 R2 Standard (/MT); Intel x64 without AES-NI w/ Windows Server 2012 R2 Standard (/MT); Intel x64 with AES-NI w/ Windows 8.1 Enterprise (/MT); Intel x64 without AES-NI w/ Windows 8.1 Enterprise (/MT); Itanium2 64-bit w/ Windows Server 2003 Enterprise R2; Itanium2 64-bit w/ Windows Server 2008 Enterprise R2; Intel x86 with AES-NI w/ Red Hat Enterprise Linux 5.5 on ESX 4.0; Intel x86 without AES-NI w/ Red Hat Enterprise Linux 5.5 on ESX 4.0; Intel x64 with AES-NI w/ Red Hat Enterprise Linux 5.5 on ESX 4.0; Intel x64 without AES-NI w/ Red Hat Enterprise Linux 5.5 on ESX 4.0; Intel x86 without AES-NI w/ Red Hat Enterprise Linux 6.1 on ESXi 4.1; Intel x86 with AES-NI w/ SUSE Linux Enterprise Server 11 on ESX 4.0; Intel x86 without AES-NI w/ SUSE Linux Enterprise Server11 on ESX 4.0; Intel x64 with AES-NI w/ Red Hat Enterprise Linux 6.1 ESXi 4.1; Intel x64 without AES-NI w/ Red Hat Enterprise Linux 6.1 on ESXi 4.1; Intel x64 with AES-NI w/ SUSE Linux Enterprise Server 11 on ESXi 4.1; Intel x64 without AES-NI w/ SUSE Linux Enterprise Server 11 on ESXi 4.1; Itanium2 64-bit w/ Red Hat Enterprise Linux 5.5; PPC 32-bit w/ Red Hat Enterprise Linux 5.3; PPC 32-bit w/ SUSE Linux Enterprise Server 11; PPC 64-bit w/ Red Hat Enterprise Linux 5.3; PPC 64-bit w/ SUSE Linux Enterprise Server 11; Intel x64 with AES-NI w/ FreeBSD 8.3 on ESXi 5.0; Intel x64 without AES-NI w/ FreeBSD 8.3 on ESXi 5.0; Intel x64 with AES-NI w/ Mac OS X 10.8; Intel x64 without AES-NI w/ Mac OS X 10.8; SPARC v8 w/ Solaris 10; SPARC v8+ w/ Solaris 11; SPARC v9 (T2) w/ Solaris 11; SPARC v9 (T4) with T4 accelerator w/ Solaris 11; SPARC v9 (T4) without T4 accelerator w/ Solaris 11; Intel x86 with AES-NI w/ Solaris 10 on ESXi 4.1; Intel x86 without AES-NI w/ Solaris 10 on ESXi 4.1; Intel x64 with AES-NI w/ Solaris 10; Intel x64 without AES-NI w/ Solaris 10; PA-RISC 2.0 32-bit w/ HPUX 11.31; PA-RISC 2.0W 64-bit w/ HPUX 11.31; Itanium2 32-bit w/ HPUX 11.31; Itanium2 64-bit w/ HPUX 11.31; PowerPC 32-bit w/ AIX 6.1 on Virtual I/O Server 2.2.2.1; PowerPC 64-bit w/ AIX 6.1 on Virtual I/O Server 2.2.2.1; PowerPC 32-bit w/ AIX 7.1 on Virtual I/O Server 2.2.2.1; PowerPC 64-bit w/ AIX 7.1 on Virtual I/O Server 2.2.2.1; IBM z196 31/32-bit w/ Red Hat Enterprise Linux 5.8 on z/VM 6.2; IBM z196 64-bit w/ Red Hat Enterprise Linux 5.8 on z/VM 6.2; ARMv7 w/ Ubuntu 12.04 LTS; ARMv7 w/ Fedora Core 17; Intel x86 w/ Android 4.0.3; ARMv7 w/ Android 2.3.6; ARMv7 w/ Android 4.1.2; ARMv7 w/ iOS 7.1; ARMv7s w/ iOS 7.1; PPC 604 w/ VxWorks 6.4; PPC 604 w/ VxWorks 6.7; ARMv4 w/ VxWorks 6.8 6/27/2014 ECDSA SigGen Component: CURVES( P-224 P-256 P-384 P-521 K-233 K-283 K-409 K-571 B-233 B-283 B-409 B-571 )

"RSA BSAFE® Crypto-C ME software is designed to help protect sensitive data as it is stored using strong encryption techniques to provide a persistent level of protection. The software supports a wide range of industry standard encryption algorithms offering developers the flexibility to choose the appropriate option to meet their requirements."

298
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
RSA, The Security Division of EMC
174 Middlesex Turnpike
Bedford, MA 01730
USA

-Sandy Carielli
TEL: 781-515-7510

RSA BSAFE Crypto-C Micro Edition (ME)

Version 4.1
Intel x86 with AES-NI w/ Windows Server 2003 Enterprise R2 (/MD); Intel x86 without AES-NI w/ Windows Server 2003 Enterprise R2 (/MD); Intel x86 with AES-NI w/ Windows Server 2008 Enterprise SP2 (/MD); Intel x86 without AES-NI w/ Windows Server 2008 Enterprise SP2 (/MD); Intel x86 with AES-NI w/ Windows 7 Enterprise SP1 (/MD); Intel x86 without AES-NI w/ Windows 7 Enterprise SP1 (/MD); Intel x64 with AES-NI w/ Windows Server 2003 Enterprise R2 (/MD); Intel x64 without AES-NI w/ Windows Server 2003 Enterprise R2 (/MD); Intel x64 with AES-NI w/ Windows Server 2008 Enterprise R2 (/MD); Intel x64 without AES-NI w/ Windows Server 2008 Enterprise R2 (/MD); Intel x64 with AES-NI w/ Windows 7 Enterprise SP1 (/MD); Intel x64 without AES-NI w/ Windows 7 Enterprise SP1 (/MD); Itanium2 w/ Windows Server 2003 Enterprise R2; Itanium2 w/ Windows Server 2008 Enterprise R2; Intel x86 with AES-NI w/ Windows Server 2003 Enterprise R2 on ESX 5.1 (/MT); Intel x86 without AES-NI w/ Windows Server 2003 Enterprise R2 (/MT); Intel x86 with AES-NI w/ Windows Server 2008 Enterprise SP2 (/MT); Intel x86 without AES-NI w/ Windows Server 2008 Enterprise SP2 (/MT); Intel x86 with AES-NI w/ Windows 7 Enterprise SP1 (/MT); Intel x86 without AES-NI w/ Windows 7 Enterprise SP1 (/MT); Intel x64 with AES-NI w/ Windows Server 2003 Enterprise R2 (/MT); Intel x64 without AES-NI w/ Windows Server 2003 Enterprise R2 (/MT); Intel x64 with AES-NI w/ Windows Server 2008 Enterprise R2 (/MT); Intel x64 without AES-NI w/ Windows Server 2008 Enterprise R2 (/MT); Intel x64 with AES-NI w/ Windows 7 Enterprise SP1 (/MT); Intel x64 without AES-NI w/ Windows 7 Enterprise SP1 (/MT); Intel x64 with AES-NI w/ Windows Server 2012 R2 Standard (/MT); Intel x64 without AES-NI w/ Windows Server 2012 R2 Standard (/MT); Intel x64 with AES-NI w/ Windows 8.1 Enterprise (/MT); Intel x64 without AES-NI w/ Windows 8.1 Enterprise (/MT); Itanium2 64-bit w/ Windows Server 2003 Enterprise R2; Itanium2 64-bit w/ Windows Server 2008 Enterprise R2; Intel x86 with AES-NI w/ Red Hat Enterprise Linux 5.5 on ESX 4.0; Intel x86 without AES-NI w/ Red Hat Enterprise Linux 5.5 on ESX 4.0; Intel x64 with AES-NI w/ Red Hat Enterprise Linux 5.5 on ESX 4.0; Intel x64 without AES-NI w/ Red Hat Enterprise Linux 5.5 on ESX 4.0; Intel x86 without AES-NI w/ Red Hat Enterprise Linux 6.1 on ESXi 4.1; Intel x86 with AES-NI w/ SUSE Linux Enterprise Server 11 on ESX 4.0; Intel x86 without AES-NI w/ SUSE Linux Enterprise Server11 on ESX 4.0; Intel x64 with AES-NI w/ Red Hat Enterprise Linux 6.1 ESXi 4.1; Intel x64 without AES-NI w/ Red Hat Enterprise Linux 6.1 on ESXi 4.1; Intel x64 with AES-NI w/ SUSE Linux Enterprise Server 11 on ESXi 4.1; Intel x64 without AES-NI w/ SUSE Linux Enterprise Server 11 on ESXi 4.1; Itanium2 64-bit w/ Red Hat Enterprise Linux 5.5; PPC 32-bit w/ Red Hat Enterprise Linux 5.3; PPC 32-bit w/ SUSE Linux Enterprise Server 11; PPC 64-bit w/ Red Hat Enterprise Linux 5.3; PPC 64-bit w/ SUSE Linux Enterprise Server 11; Intel x64 with AES-NI w/ FreeBSD 8.3 on ESXi 5.0; Intel x64 without AES-NI w/ FreeBSD 8.3 on ESXi 5.0; Intel x64 with AES-NI w/ Mac OS X 10.8; Intel x64 without AES-NI w/ Mac OS X 10.8; SPARC v8 w/ Solaris 10; SPARC v8+ w/ Solaris 11; SPARC v9 (T2) w/ Solaris 11; SPARC v9 (T4) with T4 accelerator w/ Solaris 11; SPARC v9 (T4) without T4 accelerator w/ Solaris 11; Intel x86 with AES-NI w/ Solaris 10 on ESXi 4.1; Intel x86 without AES-NI w/ Solaris 10 on ESXi 4.1; Intel x64 with AES-NI w/ Solaris 10; Intel x64 without AES-NI w/ Solaris 10; PA-RISC 2.0 32-bit w/ HPUX 11.31; PA-RISC 2.0W 64-bit w/ HPUX 11.31; Itanium2 32-bit w/ HPUX 11.31; Itanium2 64-bit w/ HPUX 11.31; PowerPC 32-bit w/ AIX 6.1 on Virtual I/O Server 2.2.2.1; PowerPC 64-bit w/ AIX 6.1 on Virtual I/O Server 2.2.2.1; PowerPC 32-bit w/ AIX 7.1 on Virtual I/O Server 2.2.2.1; PowerPC 64-bit w/ AIX 7.1 on Virtual I/O Server 2.2.2.1; IBM z196 31/32-bit w/ Red Hat Enterprise Linux 5.8 on z/VM 6.2; IBM z196 64-bit w/ Red Hat Enterprise Linux 5.8 on z/VM 6.2; ARMv7 w/ Ubuntu 12.04 LTS; ARMv7 w/ Fedora Core 17; Intel x86 w/ Android 4.0.3; ARMv7 w/ Android 2.3.6; ARMv7 w/ Android 4.1.2; ARMv7 w/ iOS 7.1; ARMv7s w/ iOS 7.1; PPC 604 w/ VxWorks 6.4; PPC 604 w/ VxWorks 6.7; ARMv4 w/ VxWorks 6.8 6/27/2014 RSASP1: (Mod2048: PKCS1.5 PKCSPSS )

"RSA BSAFE® Crypto-C ME software is designed to help protect sensitive data as it is stored using strong encryption techniques to provide a persistent level of protection. The software supports a wide range of industry standard encryption algorithms offering developers the flexibility to choose the appropriate option to meet their requirements."

297
Section 4.2,
TLS
Section 5.1,
ANS X9.63-2001
SP800-135
RSA, The Security Division of EMC
174 Middlesex Turnpike
Bedford, MA 01730
USA

-Sandy Carielli
TEL: 781-515-7510

RSA BSAFE Crypto-C Micro Edition (ME)

Version 4.1
Intel x86 with AES-NI w/ Windows Server 2003 Enterprise R2 (/MD); Intel x86 without AES-NI w/ Windows Server 2003 Enterprise R2 (/MD); Intel x86 with AES-NI w/ Windows Server 2008 Enterprise SP2 (/MD); Intel x86 without AES-NI w/ Windows Server 2008 Enterprise SP2 (/MD); Intel x86 with AES-NI w/ Windows 7 Enterprise SP1 (/MD); Intel x86 without AES-NI w/ Windows 7 Enterprise SP1 (/MD); Intel x64 with AES-NI w/ Windows Server 2003 Enterprise R2 (/MD); Intel x64 without AES-NI w/ Windows Server 2003 Enterprise R2 (/MD); Intel x64 with AES-NI w/ Windows Server 2008 Enterprise R2 (/MD); Intel x64 without AES-NI w/ Windows Server 2008 Enterprise R2 (/MD); Intel x64 with AES-NI w/ Windows 7 Enterprise SP1 (/MD); Intel x64 without AES-NI w/ Windows 7 Enterprise SP1 (/MD); Itanium2 w/ Windows Server 2003 Enterprise R2; Itanium2 w/ Windows Server 2008 Enterprise R2; Intel x86 with AES-NI w/ Windows Server 2003 Enterprise R2 on ESX 5.1 (/MT); Intel x86 without AES-NI w/ Windows Server 2003 Enterprise R2 (/MT); Intel x86 with AES-NI w/ Windows Server 2008 Enterprise SP2 (/MT); Intel x86 without AES-NI w/ Windows Server 2008 Enterprise SP2 (/MT); Intel x86 with AES-NI w/ Windows 7 Enterprise SP1 (/MT); Intel x86 without AES-NI w/ Windows 7 Enterprise SP1 (/MT); Intel x64 with AES-NI w/ Windows Server 2003 Enterprise R2 (/MT); Intel x64 without AES-NI w/ Windows Server 2003 Enterprise R2 (/MT); Intel x64 with AES-NI w/ Windows Server 2008 Enterprise R2 (/MT); Intel x64 without AES-NI w/ Windows Server 2008 Enterprise R2 (/MT); Intel x64 with AES-NI w/ Windows 7 Enterprise SP1 (/MT); Intel x64 without AES-NI w/ Windows 7 Enterprise SP1 (/MT); Intel x64 with AES-NI w/ Windows Server 2012 R2 Standard (/MT); Intel x64 without AES-NI w/ Windows Server 2012 R2 Standard (/MT); Intel x64 with AES-NI w/ Windows 8.1 Enterprise (/MT); Intel x64 without AES-NI w/ Windows 8.1 Enterprise (/MT); Itanium2 64-bit w/ Windows Server 2003 Enterprise R2; Itanium2 64-bit w/ Windows Server 2008 Enterprise R2; Intel x86 with AES-NI w/ Red Hat Enterprise Linux 5.5 on ESX 4.0; Intel x86 without AES-NI w/ Red Hat Enterprise Linux 5.5 on ESX 4.0; Intel x64 with AES-NI w/ Red Hat Enterprise Linux 5.5 on ESX 4.0; Intel x64 without AES-NI w/ Red Hat Enterprise Linux 5.5 on ESX 4.0; Intel x86 without AES-NI w/ Red Hat Enterprise Linux 6.1 on ESXi 4.1; Intel x86 with AES-NI w/ SUSE Linux Enterprise Server 11 on ESX 4.0; Intel x86 without AES-NI w/ SUSE Linux Enterprise Server11 on ESX 4.0; Intel x64 with AES-NI w/ Red Hat Enterprise Linux 6.1 ESXi 4.1; Intel x64 without AES-NI w/ Red Hat Enterprise Linux 6.1 on ESXi 4.1; Intel x64 with AES-NI w/ SUSE Linux Enterprise Server 11 on ESXi 4.1; Intel x64 without AES-NI w/ SUSE Linux Enterprise Server 11 on ESXi 4.1; Itanium2 64-bit w/ Red Hat Enterprise Linux 5.5; PPC 32-bit w/ Red Hat Enterprise Linux 5.3; PPC 32-bit w/ SUSE Linux Enterprise Server 11; PPC 64-bit w/ Red Hat Enterprise Linux 5.3; PPC 64-bit w/ SUSE Linux Enterprise Server 11; Intel x64 with AES-NI w/ FreeBSD 8.3 on ESXi 5.0; Intel x64 without AES-NI w/ FreeBSD 8.3 on ESXi 5.0; Intel x64 with AES-NI w/ Mac OS X 10.8; Intel x64 without AES-NI w/ Mac OS X 10.8; SPARC v8 w/ Solaris 10; SPARC v8+ w/ Solaris 11; SPARC v9 (T2) w/ Solaris 11; SPARC v9 (T4) with T4 accelerator w/ Solaris 11; SPARC v9 (T4) without T4 accelerator w/ Solaris 11; Intel x86 with AES-NI w/ Solaris 10 on ESXi 4.1; Intel x86 without AES-NI w/ Solaris 10 on ESXi 4.1; Intel x64 with AES-NI w/ Solaris 10; Intel x64 without AES-NI w/ Solaris 10; PA-RISC 2.0 32-bit w/ HPUX 11.31; PA-RISC 2.0W 64-bit w/ HPUX 11.31; Itanium2 32-bit w/ HPUX 11.31; Itanium2 64-bit w/ HPUX 11.31; PowerPC 32-bit w/ AIX 6.1 on Virtual I/O Server 2.2.2.1; PowerPC 64-bit w/ AIX 6.1 on Virtual I/O Server 2.2.2.1; PowerPC 32-bit w/ AIX 7.1 on Virtual I/O Server 2.2.2.1; PowerPC 64-bit w/ AIX 7.1 on Virtual I/O Server 2.2.2.1; IBM z196 31/32-bit w/ Red Hat Enterprise Linux 5.8 on z/VM 6.2; IBM z196 64-bit w/ Red Hat Enterprise Linux 5.8 on z/VM 6.2; ARMv7 w/ Ubuntu 12.04 LTS; ARMv7 w/ Fedora Core 17; Intel x86 w/ Android 4.0.3; ARMv7 w/ Android 2.3.6; ARMv7 w/ Android 4.1.2; ARMv7 w/ iOS 7.1; ARMv7s w/ iOS 7.1; PPC 604 w/ VxWorks 6.4; PPC 604 w/ VxWorks 6.7; ARMv4 w/ VxWorks 6.8 6/27/2014 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#2402 HMAC Val#1799
ANSX963_2001 (SHS 224 , 256 , 384 , 512 ) SHA Val#2402

"RSA BSAFE® Crypto-C ME software is designed to help protect sensitive data as it is stored using strong encryption techniques to provide a persistent level of protection. The software supports a wide range of industry standard encryption algorithms offering developers the flexibility to choose the appropriate option to meet their requirements."

296
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
RSA, The Security Division of EMC
174 Middlesex Turnpike
Bedford, MA 01730
USA

-Sandy Carielli
TEL: 781-515-7510

RSA BSAFE Crypto-C Micro Edition (ME)

Version 4.1
Intel x86 with AES-NI w/ Windows Server 2003 Enterprise R2 (/MD); Intel x86 without AES-NI w/ Windows Server 2003 Enterprise R2 (/MD); Intel x86 with AES-NI w/ Windows Server 2008 Enterprise SP2 (/MD); Intel x86 without AES-NI w/ Windows Server 2008 Enterprise SP2 (/MD); Intel x86 with AES-NI w/ Windows 7 Enterprise SP1 (/MD); Intel x86 without AES-NI w/ Windows 7 Enterprise SP1 (/MD); Intel x64 with AES-NI w/ Windows Server 2003 Enterprise R2 (/MD); Intel x64 without AES-NI w/ Windows Server 2003 Enterprise R2 (/MD); Intel x64 with AES-NI w/ Windows Server 2008 Enterprise R2 (/MD); Intel x64 without AES-NI w/ Windows Server 2008 Enterprise R2 (/MD); Intel x64 with AES-NI w/ Windows 7 Enterprise SP1 (/MD); Intel x64 without AES-NI w/ Windows 7 Enterprise SP1 (/MD); Itanium2 w/ Windows Server 2003 Enterprise R2; Itanium2 w/ Windows Server 2008 Enterprise R2; Intel x86 with AES-NI w/ Windows Server 2003 Enterprise R2 on ESX 5.1 (/MT); Intel x86 without AES-NI w/ Windows Server 2003 Enterprise R2 (/MT); Intel x86 with AES-NI w/ Windows Server 2008 Enterprise SP2 (/MT); Intel x86 without AES-NI w/ Windows Server 2008 Enterprise SP2 (/MT); Intel x86 with AES-NI w/ Windows 7 Enterprise SP1 (/MT); Intel x86 without AES-NI w/ Windows 7 Enterprise SP1 (/MT); Intel x64 with AES-NI w/ Windows Server 2003 Enterprise R2 (/MT); Intel x64 without AES-NI w/ Windows Server 2003 Enterprise R2 (/MT); Intel x64 with AES-NI w/ Windows Server 2008 Enterprise R2 (/MT); Intel x64 without AES-NI w/ Windows Server 2008 Enterprise R2 (/MT); Intel x64 with AES-NI w/ Windows 7 Enterprise SP1 (/MT); Intel x64 without AES-NI w/ Windows 7 Enterprise SP1 (/MT); Intel x64 with AES-NI w/ Windows Server 2012 R2 Standard (/MT); Intel x64 without AES-NI w/ Windows Server 2012 R2 Standard (/MT); Intel x64 with AES-NI w/ Windows 8.1 Enterprise (/MT); Intel x64 without AES-NI w/ Windows 8.1 Enterprise (/MT); Itanium2 64-bit w/ Windows Server 2003 Enterprise R2; Itanium2 64-bit w/ Windows Server 2008 Enterprise R2; Intel x86 with AES-NI w/ Red Hat Enterprise Linux 5.5 on ESX 4.0; Intel x86 without AES-NI w/ Red Hat Enterprise Linux 5.5 on ESX 4.0; Intel x64 with AES-NI w/ Red Hat Enterprise Linux 5.5 on ESX 4.0; Intel x64 without AES-NI w/ Red Hat Enterprise Linux 5.5 on ESX 4.0; Intel x86 without AES-NI w/ Red Hat Enterprise Linux 6.1 on ESXi 4.1; Intel x86 with AES-NI w/ SUSE Linux Enterprise Server 11 on ESX 4.0; Intel x86 without AES-NI w/ SUSE Linux Enterprise Server11 on ESX 4.0; Intel x64 with AES-NI w/ Red Hat Enterprise Linux 6.1 ESXi 4.1; Intel x64 without AES-NI w/ Red Hat Enterprise Linux 6.1 on ESXi 4.1; Intel x64 with AES-NI w/ SUSE Linux Enterprise Server 11 on ESXi 4.1; Intel x64 without AES-NI w/ SUSE Linux Enterprise Server 11 on ESXi 4.1; Itanium2 64-bit w/ Red Hat Enterprise Linux 5.5; PPC 32-bit w/ Red Hat Enterprise Linux 5.3; PPC 32-bit w/ SUSE Linux Enterprise Server 11; PPC 64-bit w/ Red Hat Enterprise Linux 5.3; PPC 64-bit w/ SUSE Linux Enterprise Server 11; Intel x64 with AES-NI w/ FreeBSD 8.3 on ESXi 5.0; Intel x64 without AES-NI w/ FreeBSD 8.3 on ESXi 5.0; Intel x64 with AES-NI w/ Mac OS X 10.8; Intel x64 without AES-NI w/ Mac OS X 10.8; SPARC v8 w/ Solaris 10; SPARC v8+ w/ Solaris 11; SPARC v9 (T2) w/ Solaris 11; SPARC v9 (T4) with T4 accelerator w/ Solaris 11; SPARC v9 (T4) without T4 accelerator w/ Solaris 11; Intel x86 with AES-NI w/ Solaris 10 on ESXi 4.1; Intel x86 without AES-NI w/ Solaris 10 on ESXi 4.1; Intel x64 with AES-NI w/ Solaris 10; Intel x64 without AES-NI w/ Solaris 10; PA-RISC 2.0 32-bit w/ HPUX 11.31; PA-RISC 2.0W 64-bit w/ HPUX 11.31; Itanium2 32-bit w/ HPUX 11.31; Itanium2 64-bit w/ HPUX 11.31; PowerPC 32-bit w/ AIX 6.1 on Virtual I/O Server 2.2.2.1; PowerPC 64-bit w/ AIX 6.1 on Virtual I/O Server 2.2.2.1; PowerPC 32-bit w/ AIX 7.1 on Virtual I/O Server 2.2.2.1; PowerPC 64-bit w/ AIX 7.1 on Virtual I/O Server 2.2.2.1; IBM z196 31/32-bit w/ Red Hat Enterprise Linux 5.8 on z/VM 6.2; IBM z196 64-bit w/ Red Hat Enterprise Linux 5.8 on z/VM 6.2; ARMv7 w/ Ubuntu 12.04 LTS; ARMv7 w/ Fedora Core 17; Intel x86 w/ Android 4.0.3; ARMv7 w/ Android 2.3.6; ARMv7 w/ Android 4.1.2; ARMv7 w/ iOS 7.1; ARMv7s w/ iOS 7.1; PPC 604 w/ VxWorks 6.4; PPC 604 w/ VxWorks 6.7; ARMv4 w/ VxWorks 6.8 6/27/2014 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"RSA BSAFE® Crypto-C ME software is designed to help protect sensitive data as it is stored using strong encryption techniques to provide a persistent level of protection. The software supports a wide range of industry standard encryption algorithms offering developers the flexibility to choose the appropriate option to meet their requirements."

01/16/15: Added new tested information;

295
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Engage Communication, Inc.
9565 Soquel Drive
Suite 201
Aptos, CA 95003
USA

-Gian-Carlo Bava
TEL: 831-688-1021 ext 106

-Shaun Tomaszewski
TEL: 831-688-1021 ext 104

BlackVault Crypto-OSS

Version 2.0.5 (Firmware)
ARM926EJ-S 6/27/2014 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"The Engage Communication BlackVault cryptographic library provides a FIPS 140-2 approved Application Programming Interface (API) to the BlackVault Hardware Security Module (HSM). The library is based on OpenSSL FIPS version 2.0.5."

294
Section 4.2,
TLS
SP800-135
Engage Communication, Inc.
9565 Soquel Drive
Suite 201
Aptos, CA 95003
USA

-Gian-Carlo Bava
TEL: 831-688-1021 ext 106

-Shaun Tomaszewski
TEL: 831-688-1021 ext 104

BlackVault Crypto-OSS-TLS

Version 1.0.1g (Firmware)
ARM926EJ-S 6/27/2014 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#2327 HMAC Val#1732

"The Engage Communication BlackVault cryptographic library provides a FIPS 140-2 approved Application Programming Interface (API) to the BlackVault Hardware Security Module (HSM). The KDF function is based on OpenSSL version 1.0.1g."

293
Section 4.2,
TLS
SP800-135
Software House, a Brand of Tyco International
6 Technology Park Drive
Westford, MA 01886
USA

-Lou Mikitarian
TEL: 1-978-577-4125

-Rick Focke
TEL: 1-978-577-4266

iSTAR Cryptographic Engine

Version 2.1
ARM v7 i.MX6Q w/ Ubuntu Linux 12.04.2 6/27/2014 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#2400 HMAC Val#1797

"The iSTAR Cryptographic Engine provides cryptographic services used for securing data and communications for the iSTAR Edge and iSTAR Ultra Door Controllers."

292
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Software House, a Brand of Tyco International
6 Technology Park Drive
Westford, MA 01886
USA

-Lou Mikitarian
TEL: 1-978-577-4125

-Rick Focke
TEL: 1-978-577-4266

iSTAR Cryptographic Engine

Version 2.1
ARM v7 i.MX6Q w/ Ubuntu Linux 12.04.2; Atmel 9260 w/ Windows CE v5.0 6/27/2014 Curves tested: B-571

"The iSTAR Cryptographic Engine provides cryptographic services used for securing data and communications for the iSTAR Edge and iSTAR Ultra Door Controllers."

291
Section 4.1.1,
IKEv1
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Hewlett Packard Enterprise
153 Taylor Street
Littleton, MA 01460
USA

-Bob Pittman
TEL: 1-978-264-5211
FAX: 1-978-264-5522

HP Comware

Version 5.2.105 (Firmware)
RMI (Netlogic) XLS208 MIPS; RMI (Netlogic) XLS408 MIPS 6/27/2014 IKEv1( AUTH( DSA , PSK ) ) ( 2048 (SHA 1 ) ) SHA Val#2398 HMAC Val#1795
TLS( TLS1.0/1.1 ) SHA Val#2398 HMAC Val#1795
SSH (SHA 1 ) SHA Val#2398
SNMP SHA1 Val#2398

"Comware cryptographic library is a software library that provides cryptographic functions within HP devices."

290
Section 4.1.1,
IKEv1
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Hewlett Packard Enterprise
153 Taylor Street
Littleton, MA 01460
USA

-Bob Pittman
TEL: 1-978-264-5211
FAX: 1-978-264-5522

HP Comware

Version 5.2.99 (Firmware)
Freescale P2020 6/27/2014 IKEv1( AUTH( DSA , PSK ) ) ( 2048 (SHA 1 ) ) SHA Val#2397 HMAC Val#1794
TLS( TLS1.0/1.1 ) SHA Val#2397 HMAC Val#1794
SSH (SHA 1 ) SHA Val#2397
SNMP SHA1 Val#2397

"Comware cryptographic library is a software library that provides cryptographic functions within HP devices."

289
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Microsoft Corporation
One Microsoft Way
Redmond, WA 98052-6399
USA

-Tim Myers
TEL: 800-Microsoft

Microsoft Windows 8.1, Microsoft Windows Server 2012 R2, Microsoft Windows Storage Server 2012 R2, Microsoft Windows RT 8.1, Microsoft Surface with Windows RT 8.1, Microsoft Surface Pro with Windows 8.1, Microsoft Surface 2, Microsoft Surface Pro 2, Microsoft Surface Pro 3, Microsoft Windows Phone 8.1, Microsoft Windows Embedded 8.1 Industry MsBignum Cryptographic Implementations

Version 6.3.9600
NVIDIA Tegra 3 Quad-Core w/ Windows RT 8.1 (ARMv7 Thumb-2); Qualcomm Snapdragon S4 w/ Windows Phone 8.1 (ARMv7 Thumb-2); Qualcomm Snapdragon 400 w/ Windows Phone 8.1 (ARMv7 Thumb-2); Qualcomm Snapdragon 800 w/ Windows Phone 8.1 (ARMv7 Thumb-2); Qualcomm Snapdragon S4 w/ Windows RT 8.1 (ARMv7 Thumb-2); NVIDIA Tegra 3 Quad-Core w/ Microsoft Surface w/ Windows RT 8.1 (ARMv7 Thumb-2); Intel Core i3 without AES-NI and with PCLMULQDQ and SSSE3 w/ Windows 8.1 Enterprise (x64); Intel Core i7 with AES-NI and PCLMULQDQ and SSSE3 w/ Windows 8.1 Enterprise (x64); AMD A4 without AES-NI or PCLMULQDQ or SSSE3 w/ Windows 8.1 Enterprise (x86); AMD Athlon 64 X2 without AES-NI w/ Windows 8.1 Enterprise (x86); Intel Core i7 without AES-NI or PCLMULQDQ or SSSE3 w/ Windows 8.1 Enterprise (x86); Intel Pentium without AES-NI w/ Windows 8.1 Enterprise (x86); AMD A4 with AES-NI and PCLMULQDQ and SSSE3 w/ Windows 8.1 Enterprise (x64); AMD A4 with AES-NI and PCLMULQDQ and SSSE3 w/ Windows Embedded 8.1 Industry Enterprise (x64); Intel Core i3 without AES-NI and with PCLMULQDQ and SSSE3 w/ Windows Embedded 8.1 Industry Enterprise (x64); Intel Core i7 with AES-NI and PCLMULQDQ and SSSE3 w/ Windows Embedded 8.1 Industry Enterprise (x64); AMD A4 without AES-NI or PCLMULQDQ or SSSE3 w/ Windows Embedded 8.1 Industry Enterprise (x86); AMD Athlon 64 X2 without AES-NI w/ Windows Embedded 8.1 Industry Enterprise (x86); Intel Core i7 without AES-NI or PCLMULQDQ or SSSE3 w/ Windows Embedded 8.1 Industry Enterprise (x86); Intel Pentium without AES-NI w/ Windows Embedded 8.1 Industry Enterprise (x86); AMD Athlon 64 X2 without AES-NI w/ Windows 8.1 Enterprise (x64); Intel Pentium without AES-NI w/ Windows 8.1 Enterprise (x64); AMD A4 with AES-NI and PCLMULQDQ and SSSE3 w/ Windows Server 2012 R2 (x64); Intel Core i3 without AES-NI and with PCLMULQDQ and SSSE3 w/ Windows Server 2012 R2 (x64); Intel Core i7 with AES-NI and PCLMULQDQ and SSSE3 w/ Windows Server 2012 R2 (x64); AMD A4 without AES-NI or PCLMULQDQ or SSSE3 w/ Windows 8.1 Enterprise (x64); AMD A4 without AES-NI or PCLMULQDQ or SSSE3 w/ Windows Embedded 8.1 Industry Enterprise (x64); Intel Core i7 without AES-NI or PCLMULQDQ or SSSE3 w/ Windows Embedded 8.1 Industry Enterprise (x64); Intel Pentium without AES-NI w/ Windows Embedded 8.1 Industry Enterprise (x64); AMD A4 with AES-NI and PCLMULQDQ and SSSE3 w/ Windows Storage Server 2012 R2 (x64); Intel Core i7 with AES-NI and PCLMULQDQ and SSSE3 w/ Windows Storage Server 2012 R2 (x64); Intel Core i3 without AES-NI and with PCLMULQDQ and SSSE3 w/ Windows Storage Server 2012 R2 (x64); AMD Athlon 64 X2 without AES-NI w/ Windows Server 2012 R2 (x64); Intel Core i7 without AES-NI or PCLMULQDQ or SSSE3 w/ Windows Server 2012 R2 (x64); Intel Pentium without AES-NI w/ Windows Server 2012 R2 (x64); AMD A4 without AES-NI or PCLMULQDQ or SSSE3 w/ Windows Server 2012 R2 (x64); AMD A4 without AES-NI or PCLMULQDQ or SSSE3 w/ Windows Storage Server 2012 R2 (x64); Intel Core i7 without AES-NI or PCLMULQDQ or SSSE3 w/ Windows Storage Server 2012 R2 (x64); Intel Pentium without AES-NI w/ Windows Storage Server 2012 R2 (x64); Intel Core i5 with AES-NI and PCLMULQDQ and SSSE3 w/ Microsoft Surface Pro 2 w/ Windows 8.1 Enterprise (x64); Intel Core i5 with AES-NI and PCLMULQDQ and SSSE3 w/ Microsoft Surface Pro w/ Windows 8.1 Pro (x64); Intel Core i5 with AES-NI and PCLMULQDQ and SSSE3 w/ Microsoft Surface Pro 2 w/ Windows 8.1 Pro (x64); NVIDIA Tegra 4 Quad-Core w/ Microsoft Surface 2 w/ Windows RT 8.1 (ARMv7 Thumb-2) ;  Intel Core i7 with AES-NI and PCLMULQDQ and SSSE 3 w/ Microsoft Surface Pro 3 w/ Windows 8.1 Pro (x64); Intel Xeon with AES-NI w/ Azure StorSimple Virtual Array Windows Server 2012 R2 on Hyper-V 6 on Windows Server 2012 R2 (x64); Intel Core i7 with AES-NI w/ Azure StorSimple Virtual Array Windows Server 2012 R2 on VMware Workstation 12 on Windows Server 2012 R2 (x64) 6/6/2014 RSASP1: (Mod2048: PKCS1.5 )

"The Microsoft Windows MSBignum Library algorithm implementation provides DSA, ECDSA, and RSA support to other Microsoft libraries and cryptographic modules."

03/13/15: Added new tested information;
03/18/15: Updated implementation information;
03/03/17: Added new tested information;

288
Signature Generation of hash sized messages
FIPS186-4 ECDSA
Microsoft Corporation
One Microsoft Way
Redmond, WA 98052-6399
USA

-Mike Grimm
TEL: 800-Microsoft

Microsoft Windows 8.1, Microsoft Windows Server 2012 R2, Microsoft Windows Storage Server 2012 R2, Microsoft Windows RT 8.1, Microsoft Surface with Windows RT 8.1, Microsoft Surface Pro with Windows 8.1, Microsoft Surface 2, Microsoft Surface Pro 2, Microsoft Surface Pro 3, Microsoft Windows Phone 8.1, Microsoft Windows Embedded 8.1 Industry and Microsoft StorSimple 8100 MsBignum Cryptographic Implementations

Version 6.3.9600
NVIDIA Tegra 3 Quad-Core w/ Windows RT 8.1 (ARMv7 Thumb-2); Qualcomm Snapdragon S4 w/ Windows Phone 8.1 (ARMv7 Thumb-2); Qualcomm Snapdragon 400 w/ Windows Phone 8.1 (ARMv7 Thumb-2); Qualcomm Snapdragon 800 w/ Windows Phone 8.1 (ARMv7 Thumb-2); Qualcomm Snapdragon S4 w/ Windows RT 8.1 (ARMv7 Thumb-2); NVIDIA Tegra 3 Quad-Core w/ Microsoft Surface w/ Windows RT 8.1 (ARMv7 Thumb-2); Intel Core i3 without AES-NI and with PCLMULQDQ and SSSE3 w/ Windows 8.1 Enterprise (x64); Intel Core i7 with AES-NI and PCLMULQDQ and SSSE3 w/ Windows 8.1 Enterprise (x64); AMD A4 without AES-NI or PCLMULQDQ or SSSE3 w/ Windows 8.1 Enterprise (x86); AMD Athlon 64 X2 without AES-NI w/ Windows 8.1 Enterprise (x86); Intel Core i7 without AES-NI or PCLMULQDQ or SSSE3 w/ Windows 8.1 Enterprise (x86); Intel Pentium without AES-NI w/ Windows 8.1 Enterprise (x86); AMD A4 with AES-NI and PCLMULQDQ and SSSE3 w/ Windows 8.1 Enterprise (x64); AMD A4 with AES-NI and PCLMULQDQ and SSSE3 w/ Windows Embedded 8.1 Industry Enterprise (x64); Intel Core i3 without AES-NI and with PCLMULQDQ and SSSE3 w/ Windows Embedded 8.1 Industry Enterprise (x64); Intel Core i7 with AES-NI and PCLMULQDQ and SSSE3 w/ Windows Embedded 8.1 Industry Enterprise (x64); AMD A4 without AES-NI or PCLMULQDQ or SSSE3 w/ Windows Embedded 8.1 Industry Enterprise (x86); AMD Athlon 64 X2 without AES-NI w/ Windows Embedded 8.1 Industry Enterprise (x86); Intel Core i7 without AES-NI or PCLMULQDQ or SSSE3 w/ Windows Embedded 8.1 Industry Enterprise (x86); Intel Pentium without AES-NI w/ Windows Embedded 8.1 Industry Enterprise (x86); AMD Athlon 64 X2 without AES-NI w/ Windows 8.1 Enterprise (x64); Intel Pentium without AES-NI w/ Windows 8.1 Enterprise (x64); AMD A4 with AES-NI and PCLMULQDQ and SSSE3 w/ Windows Server 2012 R2 (x64); Intel Core i3 without AES-NI and with PCLMULQDQ and SSSE3 w/ Windows Server 2012 R2 (x64); Intel Core i7 with AES-NI and PCLMULQDQ and SSSE3 w/ Windows Server 2012 R2 (x64); AMD A4 without AES-NI or PCLMULQDQ or SSSE3 w/ Windows 8.1 Enterprise (x64); AMD A4 without AES-NI or PCLMULQDQ or SSSE3 w/ Windows Embedded 8.1 Industry Enterprise (x64); Intel Core i7 without AES-NI or PCLMULQDQ or SSSE3 w/ Windows Embedded 8.1 Industry Enterprise (x64); Intel Pentium without AES-NI w/ Windows Embedded 8.1 Industry Enterprise (x64); AMD A4 with AES-NI and PCLMULQDQ and SSSE3 w/ Windows Storage Server 2012 R2 (x64); Intel Core i7 with AES-NI and PCLMULQDQ and SSSE3 w/ Windows Storage Server 2012 R2 (x64); Intel Core i3 without AES-NI and with PCLMULQDQ and SSSE3 w/ Windows Storage Server 2012 R2 (x64); AMD Athlon 64 X2 without AES-NI w/ Windows Server 2012 R2 (x64); Intel Core i7 without AES-NI or PCLMULQDQ or SSSE3 w/ Windows Server 2012 R2 (x64); Intel Pentium without AES-NI w/ Windows Server 2012 R2 (x64); AMD A4 without AES-NI or PCLMULQDQ or SSSE3 w/ Windows Server 2012 R2 (x64); AMD A4 without AES-NI or PCLMULQDQ or SSSE3 w/ Windows Storage Server 2012 R2 (x64); Intel Core i7 without AES-NI or PCLMULQDQ or SSSE3 w/ Windows Storage Server 2012 R2 (x64); Intel Pentium without AES-NI w/ Windows Storage Server 2012 R2 (x64); Intel Core i5 with AES-NI and PCLMULQDQ and SSSE3 w/ Microsoft Surface Pro 2 w/ Windows 8.1 Enterprise (x64); Intel Core i5 with AES-NI and PCLMULQDQ and SSSE3 w/ Microsoft Surface Pro w/ Windows 8.1 Pro (x64); Intel Core i5 with AES-NI and PCLMULQDQ and SSSE3 w/ Microsoft Surface Pro 2 w/ Windows 8.1 Pro (x64); NVIDIA Tegra 4 Quad-Core w/ Microsoft Surface 2 w/ Windows RT 8.1 (ARMv7 Thumb-2); AMD Athlon 64 X2 without AES-NI w/ Windows Embedded 8.1 Industry Enterprise (x64); AMD Athlon 64 X2 without AES-NI w/ Windows Storage Server 2012 R2 (x64) ;  Intel Xeon E5-2648Lwithout AES-NI w/ Microsoft StorSimple 8100 w/ Microsoft Windows Server 2012 R2; Intel Xeon E5-2648Lwith AES-NI w/ Microsoft StorSimple 8100 w/ Microsoft Windows Server 2012 R2; Intel Core i7 with AES-NI and PCLMULQDQ and SSSE 3 w/ Microsoft Surface Pro 3 w/ Windows 8.1 Pro (x64); Intel Xeon with AES-NI w/ Azure StorSimple Virtual Array Windows Server 2012 R2 on Hyper-V 6 on Windows Server 2012 R2 (x64); Intel Core i7 with AES-NI w/ Azure StorSimple Virtual Array Windows Server 2012 R2 on Vmware Workstation 12 on Windows Server 2012 R2 (x64) 6/6/2014 ECDSA SigGen Component: CURVES( P-256 P-384 P-521 )

"The Microsoft Windows MSBignum Library algorithm implementation provides DSA, ECDSA, and RSA support to other Microsoft libraries and cryptographic modules."

07/10/2014: Added new tested information;
12/11/14: Added new tested information; 03/13/15: Added new tested information;;
03/18/15: Updated implementation information;
03/03/17: Added new tested information;

287
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Cisco Systems, Inc.
170 W Tasman Drive
San Jose, CA 95134
USA

-Global Certification Team

Openssl-fips-1.2

Version 1.2
Intel Xeon w/ Windriver Linux (2.6.99.99 kernel) 5/30/2014 TLS( TLS1.0/1.1 ) SHA Val#2275 HMAC Val#1689
SSH (SHA 1 ) SHA Val#2275
SNMP SHA1 Val#2275

"The openssl crypto library is used on the Nexus7K supervisor to implement crypto operations in software."

286
Section 4.2,
TLS
SP800-135
Accellion, Inc.
1804 Embarcadero Road
Suite 200
Palo Alto, Ca 94303
USA

-Prateek Jain
TEL: 65-62445670
FAX: 65-62445678

OpenSSL Library

Version 1.0.1g
Intel Xeon QuadCore w/ CentOS 6.4 on VMware ESXi 5.1.0 5/30/2014 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 ) ) SHA Val#2392 HMAC Val#1790

"Accellion Kiteworks Cryptographic Module is a key component of Accellion''s Kiteworks product that enables enterprises to securely share and transfer files. Extensive tracking and reporting tools allow compliance with SOX, HIPAA, FDA and GLB regulations while providing enterprise grade security and ease of use."

285
Section 4.2,
TLS
SP800-135
Ultra Electronics 3eTI
9715 Key West Avenue
Suite 500
Rockville, MD 20850
USA

-Harinder Sood
TEL: 301-944-1325
FAX: 301-670-6989

-Chris Guo
TEL: 301-944-1294
FAX: 301-670-6989

3eTI OpenSSL Algorithm Implementation

Version 2.0 (Firmware)
MPC8378E 5/30/2014 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#1801 HMAC Val#1253

"Algorithms listed are used to provide encryption and authentication services within 3eTI networking products."

05/18/16: Updated implementation information;

284
Section 4.2,
TLS
SP800-135
Freescale Semiconductor, Inc.
7700 West Parmer Lane
Austin, TX 78729
USA

-Geoffrey Waters
TEL: 512-996-5815
FAX: 512-996-7866

-Tom Tkacik
TEL: 480-814-3299
FAX: 480-814-3660

DMPR 20222141

Version CAVP_DMPR_20222141_P5040R1 (Firmware)
Chronologic VCS simulator, vcs D-2010.06-04 5/30/2014 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#2109 HMAC Val#1533

"Freescale's cryptographic boundary for DSA, ECDSA and RSA includes the following CHAs plus Descriptor Controller: DECO 2.0, MDHA 2.2, PKHA-SD64 2.1, RNG4 4.1. Freescale's DMPR 20222141 is included in multiple QorIQ Integrated Communications Processors and co-processors, including: P5040, P5021, T4240r1, T4160r1, and B4860."

283
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Freescale Semiconductor, Inc.
7700 West Parmer Lane
Austin, TX 78729
USA

-Geoffrey Waters
TEL: 512-996-5815
FAX: 512-996-7866

-Tom Tkacik
TEL: 480-814-3299
FAX: 480-814-3660

DMPR 20222141

Version CAVP_DMPR_20222141_P5040R1 (Firmware)
Chronologic VCS simulator, vcs D-2010.06-04 5/30/2014 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"Freescale's cryptographic boundary for DSA, ECDSA and RSA includes the following CHAs plus Descriptor Controller: DECO 2.0, MDHA 2.2, PKHA-SD64 2.1, RNG4 4.1. Freescale's DMPR 20222141 is included in multiple QorIQ Integrated Communications Processors and co-processors, including: P5040, P5021, T4240r1, T4160r1, and B4860."

282
Section 4.1.2,
IKEv2
Section 4.2,
TLS
SP800-135
Freescale Semiconductor, Inc.
7700 West Parmer Lane
Austin, TX 78729
USA

-Geoffrey Waters
TEL: 512-996-5815
FAX: 512-996-7866

-Tom Tkacik
TEL: 480-814-3299
FAX: 480-814-3660

DMPR 30232242

Version CAVP_DMPR_30232242_T2080R1 (Firmware)
Chronologic VCS simulator, vcs D-2010.06-04 5/30/2014 IKEv2( ( 224 (SHA 1 , 256 , 384 , 512 ) ) ( 4096 (SHA 1 , 256 , 384 , 512 ) ) ( 384 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#2110 HMAC Val#1534
TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#2110 HMAC Val#1534

"Freescale's cryptographic boundary for DSA, ECDSA and RSA includes the following CHAs plus Descriptor Controller: DECO 3.0, MDHA 2.3, PKHA-SD64 2.2, RNG4 4.2. Freescale's DMPR 30232242 is included in the QorIQ Integrated Communications Processor; T2080."

281
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Freescale Semiconductor, Inc.
7700 West Parmer Lane
Austin, TX 78729
USA

-Geoffrey Waters
TEL: 512-996-5815
FAX: 512-996-7866

-Tom Tkacik
TEL: 480-814-3299
FAX: 480-814-3660

DMPR 30232242

Version CAVP_DMPR_30232242_T2080R1 (Firmware)
Chronologic VCS simulator, vcs D-2010.06-04 5/30/2014 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"Freescale's cryptographic boundary for DSA, ECDSA and RSA includes the following CHAs plus Descriptor Controller: DECO 3.0, MDHA 2.3, PKHA-SD64 2.2, RNG4 4.2. Freescale's DMPR 30232242 is included in the QorIQ Integrated Communications Processor; T2080."

280
Section 4.1.2,
IKEv2
Section 4.2,
TLS
SP800-135
Freescale Semiconductor, Inc.
7700 West Parmer Lane
Austin, TX 78729
USA

-Geoffrey Waters
TEL: 512-996-5815
FAX: 512-996-7866

-Tom Tkacik
TEL: 480-814-3299
FAX: 480-814-3660

DMPR 30231242

Version CAVP_DMPR_30231242_T1040R1 (Firmware)
Chronologic VCS simulator, vcs D-2010.06-04 5/30/2014 IKEv2( ( 224 (SHA 1 , 256 , 384 , 512 ) ) ( 4096 (SHA 1 , 256 , 384 , 512 ) ) ( 384 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#2110 HMAC Val#1534
TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#2110 HMAC Val#1534

"Freescale's cryptographic boundary for DSA, ECDSA, RSA, KAS and ASKDF includes the following CHAs plus Descriptor Controller: DECO 3.0, MDHA 2.3, PKHA-SD32 1.2, RNG4 4.2. Freescale's DHSA 30231242 is included in the QorIQ Integrated Communications Processor: T1040."

279
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Freescale Semiconductor, Inc.
7700 West Parmer Lane
Austin, TX 78729
USA

-Geoffrey Waters
TEL: 512-996-5815
FAX: 512-996-7866

-Tom Tkacik
TEL: 480-814-3299
FAX: 480-814-3660

DMPR 30231242

Version CAVP_DMPR_30231242_T1040R1 (Firmware)
Chronologic VCS simulator, vcs D-2010.06-04 5/30/2014 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"Freescale's cryptographic boundary for DSA, ECDSA, RSA, KAS and ASKDF includes the following CHAs plus Descriptor Controller: DECO 3.0, MDHA 2.3, PKHA-SD32 1.2, RNG4 4.2. Freescale's DHSA 30231242 is included in the QorIQ Integrated Communications Processor: T1040."

278
Section 4.1.2,
IKEv2
Section 4.2,
TLS
SP800-135
Freescale Semiconductor, Inc.
7700 West Parmer Lane
Austin, TX 78729
USA

-Geoffrey Waters
TEL: 512-996-5815
FAX: 512-996-7866

-Tom Tkacik
TEL: 480-814-3299
FAX: 480-814-3660

DMPR 30233242

Version CAVP_DMPR_30233242_C290R1 (Firmware)
Chronologic VCS simulator, vcs D-2010.06-04 5/30/2014 IKEv2( ( 224 (SHA 1 , 256 , 384 , 512 ) ) ( 384 (SHA 1 , 256 , 384 , 512 ) ) ( 384 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#2110 HMAC Val#1534
TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#2110 HMAC Val#1534

"Freescale's cryptographic boundary for DSA, ECDSA and RSA includes the following CHAs plus Descriptor Controller: DECO 3.0, MDHA 2.3, PKHA-SD128 3.2, RNG4 4.2. Freescale's DMPR 30233242 is included in multiple QorIQ Integrated Communications Processors and co-processors, including: C291, C292, C293, T4240r2, and T4160r2."

277
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Freescale Semiconductor, Inc.
7700 West Parmer Lane
Austin, TX 78729
USA

-Geoffrey Waters
TEL: 512-996-5815
FAX: 512-996-7866

-Tom Tkacik
TEL: 480-814-3299
FAX: 480-814-3660

DMPR 30233242

Version CAVP_DMPR_30233242_C290R1 (Firmware)
Chronologic VCS simulator, vcs D-2010.06-04 5/30/2014 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"Freescale's cryptographic boundary for DSA, ECDSA and RSA includes the following CHAs plus Descriptor Controller: DECO 3.0, MDHA 2.3, PKHA-SD128 3.2, RNG4 4.2. Freescale's DMPR 30233242 is included in multiple QorIQ Integrated Communications Processors and co-processors, including: C291, C292, C293, T4240r2, and T4160r2."

276
Section 4.2,
TLS
SP800-135
Freescale Semiconductor, Inc.
7700 West Parmer Lane
Austin, TX 78729
USA

-Geoffrey Waters
TEL: 512-996-5815
FAX: 512-996-7866

-Tom Tkacik
TEL: 480-814-3299
FAX: 480-814-3660

DMPR 13221121

Version CAVP_DMPR_13221121_P4080R3 (Firmware)
Chronologic VCS simulator, vcs D-2010.06-04 5/30/2014 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#2109 HMAC Val#1533

"Freescale's cryptographic boundary for DSA, ECDSA, RSA, KAS and ASKDF includes the following CHAs plus Descriptor Controller: DECO 1.3, MDHA 2.2, PKHA-SD32 1.1, RNGB 2.1. Freescale's DHSA 13221121 is included in the QorIQ Integrated Communications Processor: P4080r3."

275
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Freescale Semiconductor, Inc.
7700 West Parmer Lane
Austin, TX 78729
USA

-Geoffrey Waters
TEL: 512-996-5815
FAX: 512-996-7866

-Tom Tkacik
TEL: 480-814-3299
FAX: 480-814-3660

DMPR 13221121

Version CAVP_DMPR_13221121_P4080R3 (Firmware)
Chronologic VCS simulator, vcs D-2010.06-04 5/30/2014 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"Freescale's cryptographic boundary for DSA, ECDSA, RSA, KAS and ASKDF includes the following CHAs plus Descriptor Controller: DECO 1.3, MDHA 2.2, PKHA-SD32 1.1, RNGB 2.1. Freescale's DHSA 13221121 is included in the QorIQ Integrated Communications Processor: P4080r3."

274
Section 4.2,
TLS
SP800-135
Freescale Semiconductor, Inc.
7700 West Parmer Lane
Austin, TX 78729
USA

-Geoffrey Waters
TEL: 512-996-5815
FAX: 512-996-7866

-Tom Tkacik
TEL: 480-814-3299
FAX: 480-814-3660

DMPR 12211040

Version CAVP_DMPR_12211040_PSC9131R1 (Firmware)
Chronologic VCS simulator, vcs D-2010.06-04 5/30/2014 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#2108 HMAC Val#1532

"Freescale's cryptographic boundary for DSA, ECDSA, RSA, KAS and ASKDF includes the following CHAs plus Descriptor Controller: DECO 1.2, MDHA 2.1, PKHA-SD32 1.0, RNGB 4.0. Freescale's DHSA 12211040 is included in the QorIQ Integrated Communications Processors: PSC9131 and PSC9132."

273
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Freescale Semiconductor, Inc.
7700 West Parmer Lane
Austin, TX 78729
USA

-Geoffrey Waters
TEL: 512-996-5815
FAX: 512-996-7866

-Tom Tkacik
TEL: 480-814-3299
FAX: 480-814-3660

DMPR 12211040

Version CAVP_DMPR_12211040_PSC9131R1 (Firmware)
Chronologic VCS simulator, vcs D-2010.06-04 5/30/2014 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"Freescale's cryptographic boundary for DSA, ECDSA, RSA, KAS and ASKDF includes the following CHAs plus Descriptor Controller: DECO 1.2, MDHA 2.1, PKHA-SD32 1.0, RNGB 4.0. Freescale's DHSA 12211040 is included in the QorIQ Integrated Communications Processors: PSC9131 and PSC9132."

272
Section 4.2,
TLS
SP800-135
Freescale Semiconductor, Inc.
7700 West Parmer Lane
Austin, TX 78729
USA

-Geoffrey Waters
TEL: 512-996-5815
FAX: 512-996-7866

-Tom Tkacik
TEL: 480-814-3299
FAX: 480-814-3660

DMPR 11200121

Version CAVP_DMPR_11200121_P5020R1 (Firmware)
Chronologic VCS simulator, vcs D-2010.06-04 5/30/2014 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#1446 HMAC Val#967

"Freescale's cryptographic boundary for DSA, ECDSA, RSA, KAS and ASKDF includes the following CHAs plus Descriptor Controller: DECO 1.1, MDHA 2.0, PKHA-XT0.1, RNGB 2.1. Freescale's DHSA 11200121 is included in multiple QorIQ Integrated Communications Processors, including: P3041, P2041, P2040, P5020, P5010, and P1010."

271
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Freescale Semiconductor, Inc.
7700 West Parmer Lane
Austin, TX 78729
USA

-Geoffrey Waters
TEL: 512-996-5815
FAX: 512-996-7866

-Tom Tkacik
TEL: 480-814-3299
FAX: 480-814-3660

DMPR 11200121

Version CAVP_DMPR_11200121_P5020R1 (Firmware)
Chronologic VCS simulator, vcs D-2010.06-04 5/30/2014 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"Freescale's cryptographic boundary for DSA, ECDSA, RSA, KAS and ASKDF includes the following CHAs plus Descriptor Controller: DECO 1.1, MDHA 2.0, PKHA-XT0.1, RNGB 2.1. Freescale's DHSA 11200121 is included in multiple QorIQ Integrated Communications Processors, including: P3041, P2041, P2040, P5020, P5010, and P1010."

269
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
INSIDE Secure
Arteparc Bachasson, Bât A
Rue de la carrière de Bachasson, CS70025
Meyreuil, Bouches-du-Rhône 13590
France

-Bob Oerlemans
TEL: +31 736-581-900
FAX: +31 736-581-999

VaultIP

Part # 1.1
N/A 5/23/2014 Curves tested: P-224   P-256   P-384   P-521

"VaultIP is a Silicon IP Security Module which includes a complete set of high- and low-level cryptographic functions. It offers key management and crypto functions needed for platform and application security such as Content Protection and Mobile Payment, and can be used stand-alone or as a ''Root of Trust'' to support a TEE-based platform."

268
Section 4.2,
TLS
SP800-135
Accellion, Inc.
1804 Embarcadero Road
Suite 200
Palo Alto, Ca 94303
USA

-Prateek Jain
TEL: 65-62445670
FAX: 65-62445678

TLS Library

Version 1.0.1c1
Dual Xeon QuadCore w/ Red Hat Enterprise Linux 5 5/23/2014 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 ) ) SHA Val#2385 HMAC Val#1783

"Accellion Cryptographic Module is a key component of Accellion''s secure collaboration solution that enables enterprises to securely share and transfer files. Extensive tracking and reporting tools allow compliance with SOX, HIPAA, FDA and GLB regulations while providing enterprise grade security and ease of use."

267
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Aruba Networks, Inc.
1344 Crossman Ave
Sunnyvale, CA 94089
USA

-Jon Green
TEL: 408-227-4500
FAX: 408-227-4550

libancrypto.a

Version 1.0.0
Intel Core i5 w/ Mac OS X 10.8; Apple A6 w/ Apple iOS 7 5/23/2014 RSASP1: (Mod2048: PKCS1.5 )

"The Aruba Common Cryptographic Module (CCM) is a software crypto library that powers a variety of Aruba’s networking and security products. The module does not implement any protocols directly, but provides cryptographic primitives and functions that software developers build upon to implement various security protocols."

266
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Aruba Networks, Inc.
1344 Crossman Ave
Sunnyvale, CA 94089
USA

-Jon Green
TEL: 408-227-4500
FAX: 408-227-4550

libancrypto.so

Version 1.0.0
Intel Core i5 w/ Red Hat Enterprise Linux 6 32-bit; ARMv7 w/ Android 4 5/23/2014 RSASP1: (Mod2048: PKCS1.5 )

"The Aruba Common Cryptographic Module (CCM) is a software crypto library that powers a variety of Aruba’s networking and security products. The module does not implement any protocols directly, but provides cryptographic primitives and functions that software developers build upon to implement various security protocols."

265
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Aruba Networks, Inc.
1344 Crossman Ave
Sunnyvale, CA 94089
USA

-Steve Weingart
TEL: 512-319-2480
FAX: 408-227-4550

ancrypto.dll

Version 1.0.0
Intel Core i5 w/ Windows 7 32-bit User Mode; Intel Core i5 w/ Windows 7 64-bit User Mode; ARM V7 w/ iOS9 5/23/2014 RSASP1: (Mod2048: PKCS1.5 )

"The Aruba Common Cryptographic Module (CCM) is a software crypto library that powers a variety of Aruba’s networking and security products. The module does not implement any protocols directly, but provides cryptographic primitives and functions that software developers build upon to implement various security protocols."

06/11/14: Added new tested information;
11/17/16: Added new tested information;

264
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Fortinet Inc.
1090 Kifer Road
Sunnyvale, CA 94086-5301
USA

-Alan Kaye
TEL: 613-225-9381 x7416
FAX: 613-225-9951

Fortinet FortiMail SSL Cryptographic Library

Version 5.0 (Firmware)
Intel Xeon 5/9/2014 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#2382 HMAC Val#1781
SSH (SHA 1 , 256 ) SHA Val#2382

"This focuses on the firmware implementation of the Fortinet FortiMail SSL Cryptographic Library v5.0 running on Intel x86 compatible processors."

10/29/14: Added new tested information;

263
Section 5.4, SNMP
SP800-135
Motorola Solutions, Inc.
1301 East Algonquin Road
Schaumburg, IL 60196
USA

-Tom Nguyen
TEL: (847) 576-2352
FAX: (847) 576-6150

-Rachel Michelson
TEL: (847) 219-6292
FAX: (847) 576-6150

MOTOROLA_IPCRYPTR2_SNMPv3_KDF

Version R06.01.00 (Firmware)
Atmel AT58U97 PIKE v2 5/9/2014 SNMP SHA1 Val#1292

"SNMP v3 key derivation from a password and Engine ID, based on SHA-1"

262
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
SP800-135
Motorola Solutions, Inc.
1301 East Algonquin Road
Schaumburg, IL 60196
USA

-Tom Nguyen
TEL: (847) 576-2352
FAX: (847) 576-6150

-Rachel Michelson
TEL: (847) 219-6292
FAX: (847) 576-6150

MOTOROLA_IPCRYPTR2_IKEv2_KDF

Version R06.01.00 (Firmware)
Atmel AT58U97 PIKE v2 5/9/2014 IKEv1( SHA Val#1292 HMAC Val#1780
IKEv2( ( 384 (SHA 384 ) ) SHA Val#1292 HMAC Val#1780

"Suite B IKE v2 KDF per http://www.nsa.gov/ia/_files/SuiteB_Implementer_G-113808.pdf section 8.1"

261
All of SP800-56A EXCEPT KDF
SP800-56A
INSIDE Secure
Eerikinkatu 28
Helsinki, 00180
Finland

-Serge Haumont
TEL: +358 40 5808548

-Marko Nippula
TEL: +358 40 762 9394

SafeZone FIPS Cryptographic Module

Version 1.0.3A
ARMv7, 2.3 GHz w/ Android 4.4 5/9/2014 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC Static: (KARole: Initiator / Responder ) FB FC DSA Val#854 SHS Val#2378 DRBG Val#493
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG Partial Validation )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 StaticUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 ECDSA Val#497 SHS Val#2378 DRBG Val#493

"SafeZone FIPS Cryptographic Module is a FIPS 140-2 Security Level 1 validated software cryptographic module from INSIDE Secure. The module is a toolkit which provides the most commonly needed cryptographic primitives for a large variety of applications, including but not limited to, primitives for DAR, DRM, TLS, and VPN on mobile devices."

260
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
OpenSSL Software Foundation, Inc.
1829 Mount Ephraim Road
Adamstown, MD 27101
USA

-Steve Marquess
TEL: 877-673-6775

OpenSSL FIPS Object Module

Version 2.0.7
Freescale e500v2 (PPC) w/ Linux 2.6; Intel Core i7-3612QE (x86) without AES-NI w/ AcanOS 1.0; Intel Core i7-3612QE (x86) with AES-NI w/ AcanOS 1.0; Feroceon 88FR131 (ARMv5) w/ AcanOS 1.0; Intel Xeon E5440 (x86) without AES-NI w/ FreeBSD 8.4; Xeon E5-2430L (x86) without AES-NI w/ FreeBSD 9.1; Xeon E5-2430L (x86) with AES-NI w/ FreeBSD 9.1; Xeon E5645 (x86) without AES-NI w/ ArbOS 5.3; ASPEED AST-Series (ARMv5) w/ Linux ORACLESP 2.6; Emulex PILOT3 (ARMv5) w/ Linux ORACLESP 2.6; Xeon E5645 (x86) with AES-NI w/ ArbOS 5.3 ;  Xeon E5-2430L (x86) without AES-NI w/ FreeBSD 9.2; Xeon E5-2430L (x86) with AES-NI w/ FreeBSD 9.2 5/9/2014 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"The OpenSSL FIPS Object Module is a full featured general purpose cryptographic library that is distributed in source code form under an open source license. It can be downloaded from www.openssl.org/source/."

05/14/14: Added new tested information;
07/03/14: Added new tested information;
07/178/14: Added new tested information;
07/31/14: Updated implementation information;

259
All of SP800-56A EXCEPT KDF
SP800-56A
United States Special Operations Command (USSOCOM)
7701 Tampa Point Boulevard
MacDill Air Force Base, Florida 33621-5323
USA

-William W. Burnham
TEL: (813) 826-2282

Suite B Cryptographic Algorithms

Version 1.0
Intel Xeon E5530; Qualcomm Snapdragon S2 MSM8655 8/16/2013 ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation   Key Regeneration )
SCHEMES: FullUnified: (KARole: Initiator ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 ECDSA Val#448 SHS Val#2187 DRBG Val#132 HMAC Val#1610
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#259.

"KEYW, in coordination with the United States Special Operations Command (USSOCOM), has developed a Suite B-compliant, standards based, AES/GCM-256 layer of encrypted communications between a BlackBerry Enterprise Server (BES) and a BlackBerry Mobile Set (MS) with Elliptic Curve (EC) key exchange used to negotiate symmetric keys."

07/25/14: Updated implementation information;

258
Section 5.2, SSH
SP800-135
Xirrus, Inc.
2101 Corporate Center Drive
Thousand Oaks, CA 91320
USA

-Mike de la Garrigue
TEL: 805-262-1655
FAX: 805-262-1601

AOS SSH Module

Version 6.0 (Firmware)
Cavium Octeon CN6000 series; ;  Cavium Octeon CN5000 series 5/2/2014 SSH (SHA 256 ) SHA Val#2374

"Xirrus AOS SSH implementation."

08/13/14: Added new tested information;

257
Section 4.2,
TLS
SP800-135
Xirrus, Inc.
2101 Corporate Center Drive
Thousand Oaks, CA 91320
USA

-Mike de la Garrigue
TEL: 805-262-1655
FAX: 805-262-1601

AOS Crypto Module

Version 6.0 (Firmware)
Cavium Octeon CN6000 series; Cavium Octeon CN5000 series 5/2/2014 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 ) ) SHA Val#2374 HMAC Val#1774

"Xirrus AOS crypto library implementation."

08/07/14: Added new tested information;

256
Section 5.4, SNMP
SP800-135
Alcatel-Lucent
600 - 700 Mountain Avenue
Murray Hill, NJ 07974
USA

-Yik-Ming Ho
TEL: +1 908 582 5301

Alcatel-Lucent PSS32/16 Crypto-SNMP Engine

Version 16.1-libengine-264
MPC8555 w/ Linux 2.6.10 4/25/2014 SNMP SHA1 Val#2371

"The Alcatel-Lucent PSS32/16 Crypto-SNMP Engine offers an integrated AES256 encryption of control/status information for providing an equivalent level of security for the control link as is provided for the transmission links using the Alcatel-Lucent Crypto-OTU2 Engine."

255
Section 5.4, SNMP
SP800-135
Alcatel-Lucent
600 - 700 Mountain Avenue
Murray Hill, NJ 07974
USA

-Yik-Ming Ho
TEL: +1 908 582 5301

Alcatel-Lucent PSS4 Crypto-SNMP Engine

Version 16.1-libengine-264
MPC8347 w/ Linux 2.6.10 4/25/2014 SNMP SHA1 Val#2370

"The Alcatel-Lucent PSS4 Crypto-SNMP Engine offers an integrated AES256 encryption of control/status information for providing an equivalent level of security for the control link as is provided for the transmission links using the Alcatel-Lucent Crypto-OTU2 Engine."

254
Signature Generation of hash sized messages
FIPS186-4 ECDSA
Pitney Bowes, Inc.
37 Executive Drive
Danbury, CT 06810
USA

-Dave Riley
TEL: 203-796-3208

libecdsa

Version 01.01.0009 (Firmware)
Part # MAX32590 Rev B4
N/A 4/9/2014 ECDSA SigGen Component: CURVES( P-256 )

"Pitney Bowes X4 HSM Cryptographic Module"

253
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
Section 4.2,
TLS
Section 5.2, SSH
Section 5.3, SRTP
Section 5.4, SNMP
SP800-135
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134
USA

-Global Certification Team

IOS Common Cryptographic Module (IC2M) Algorithm Module

Version 2.0 (Firmware)
AMCC PowerPC 405EX; Cavium CN5020; Cavium CN5220; Cavium CN5230; Freescale 8752E; Freescale SC8548H; Intel Xeon; MPC8358E; MPC8572C; PowerPC 405; Intel Atom C2000 3/31/2014 IKEv1( AUTH( DSA , PSK ) ) ( 2048 (SHA 1 , 256 ) ) SHA Val#2361 HMAC Val#1764
IKEv2( ( 2048 (SHA 1 , 256 ) ) SHA Val#2361 HMAC Val#1764
TLS( TLS1.0/1.1 ) SHA Val#2361 HMAC Val#1764
SSH (SHA 1 ) SHA Val#2361
SRTP (AES 128 , 192 , 256 ) AES Val#2817
SNMP SHA1 Val#2361

"IOS Common Crypto Module"

252
All of SP800-56A EXCEPT KDF
SP800-56A
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134
USA

-Global Certification Team

IOS Common Cryptographic Module (IC2M) Algorithm Module

Version 2.0 (Firmware)
AMCC PowerPC 405EX; Cavium CN5020; Cavium CN5220; Cavium CN5230; Freescale 8752E; Freescale SC8548H; Intel Xeon; MPC8358E; MPC8572C; PowerPC 405; Intel Atom C2000 3/31/2014 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: Partial Validation )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FC SHS Val#2361 DRBG Val#481
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: Full Validation Partial Validation )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 ECDSA Val#493 SHS Val#2361 DRBG Val#481

"IOS Common Crypto Module"

01/30/15: Added new tested information;

251
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Aruba Networks, Inc.
1344 Crossman Ave
Sunnyvale, CA 94089
USA

-Jon Green
TEL: 408-227-4500
FAX: 408-227-4550

ArubaOS Crypto Module

Version ArubaOS 6.3 (Firmware)
Broadcom XLS204; Broadcom XLS408; Broadcom XLR508; Broadcom XLR516; Broadcom XLR532; Broadcom XLR732; Broadcom XLP416; Broadcom XLP432; Qualcomm Atheros AR7242; Qualcomm Atheros AR7161; Qualcomm Atheros QCA9550; Cavium CN5010; Marvell 88F6560; Qualcomm Atheros QCA9344; Freescale QorIQ P1020 3/31/2014 RSASP1: (Mod2048: PKCS1.5 )

"The Aruba MOVE Architecture forms the core network infrastructure for supporting mobile and wireless computing devices. The system enables enterprise-scale 802.11 wireless LANs (Wi-Fi), secure remote VPNs, and mobility-optimized wired networks."

250
Section 5.5, TPM
SP800-135
Atmel Corporation
2325 Orchard Parkway
San Jose, CA 95131
US

-Jim Hallman
TEL: (919) 846-3391

-Todd Slack
TEL: (719) 540-3021

AT97SC3205

Part # AT97SC3205
N/A 3/21/2014 TPM SHA1 Val#2354 HMAC_SHA1 Val#1757

"The AT97SC3205 is a single chip cryptographic module used for cryptographic key generation, key storage and key management as well as generation and secure storage for digital certificates."

04/03/14: Updated vendor information;

249
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Symantec Corporation
350 Ellis Street
Mountain View, CA 94043
USA

-David Finkelstein
TEL: 650-527-0714

Symantec PGP Cryptographic Engine

Version 4.3
Dell Precision M6400 Intel Core i7 w/ Linux 64 bit RHEL with AESNI 3/21/2014 Curves tested: P-256   P-384   P-521

"The Symantec PGP Cryptographic Engine is a FIPS 140-2 validated software only cryptographic module. The module implements the cryptographic functions for Symantec Encryption products, including the Symantec Drive Encryption, Symantec Desktop Email, Symantec File Share Encryption, Symantec Encryption Desktop, and Symantec Gateway Email. It includ"

248
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Symantec Corporation
350 Ellis Street
Mountain View, CA 94043
USA

-Bill Zhao
TEL: 650-527-0683

Symantec PGP Cryptographic Engine

Version 4.3
Dell Precision M6400 Intel Core 2 Duo w/ Windows 7 64 bit 3/7/2014 Curves tested: P-256   P-384   P-521

"The Symantec PGP Cryptographic Engine is a FIPS 140-2 validated software only cryptographic module. The module implements the cryptographic functions for Symantec Encryption products, including the Symantec Drive Encryption, Symantec Desktop Email, Symantec File Share Encryption, Symantec Encryption Desktop, and Symantec Gateway Email."

247
Section 5.1,
ANS X9.63-2001
SP800-135
Senetas Corporation Ltd. and SafeNet Inc.
Level 1, 11 Queens Road
Melbourne, Victoria 3004
Australia

-John Weston
TEL: +61 3 9868 4555
FAX: +61 3 9821 4899

-Chris Brych
TEL: +1 613 221 5081
FAX: +1 613 723 5079

CN1000 and CN3000 Series Common Crypto Library

Version 4.4 (Firmware)
Freescale MPC8280 3/7/2014 ANSX963_2001 SHA Val#2350

"The CN1000 and CN3000 Series Common Crypto Library Module provides FIPS 140-2 approved cryptographic algorithms for the CN1000 and CN3000 Series Encryptors. Based upon OpenSSL the Library provides an Application Programming Interface (API) to support security relevant services."

246
Section 4.2,
TLS
SP800-135
Dell SonicWALL
2001 Logic Drive
San Jose, CA 95124
USA

-Gary Tomlinson
TEL: (408) 962-6756
FAX: (408) 745-9300

-Usha Sanagala
TEL: (408) 962-6248
FAX: (408) 745-9300

OpenSSL

Version 1.0.1e (Firmware)
Intel Core 2 Duo; Intel Celeron; Intel Xeon Nehalem with AES-NI 2/28/2014 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 ) ) SHA Val#2349 HMAC Val#1753

"OpenSSL 1.0.1e implementation with minor patches."

245
Section 5.2, SSH
SP800-135
Dell SonicWALL
2001 Logic Drive
San Jose, CA 95124
USA

-Gary Tomlinson
TEL: (408) 962-6756
FAX: (408) 745-9300

-Usha Sanagala
TEL: (408) 962-6248
FAX: (408) 745.9300

OpenSSH

Version 6.4p1 (Firmware)
Intel Core 2 Duo; Intel Celeron; Intel Xeon Nehalem with AES-NI 2/28/2014 SSH (SHA 1 , 256 ) SHA Val#2349

"SSH may generate keys of any size. Default is 2048. Open source version slightly modified to read our CSPs and completely disable DSA key generation."

244
Section 4.2,
TLS
SP800-135
Dell SonicWALL
2001 Logic Drive
San Jose, CA 95124
USA

-Gary Tomlinson
TEL: (408) 962-6756
FAX: (408) 745-9300

-Usha Sanagala
TEL: (408) 962-6248
FAX: (408) 745-9300

ojdk

Version 1.7.0_147 (Firmware)
Intel Core 2 Duo; Intel Celeron; Intel Xeon Nehalem with AES-NI 2/28/2014 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 ) ) SHA Val#2348 HMAC Val#1752

"Using existing Debian Stable Open JDK binaries."

243
Section 5.4, SNMP
SP800-135
Senetas Corporation Ltd. and SafeNet Inc.
Level 1, 11 Queens Road
Melbourne, Victoria 3004
Australia

-John Weston
TEL: +61 3 9868 4555
FAX: +61 3 9821 4899

-Chris Brych
TEL: +1 613 221 5081
FAX: +1 613 723 5079

CN4010 and CN6010 Series Common Crypto Library

Version 2.4 (Firmware)
ARM Cortex A9 2/28/2014 SNMP SHA1 Val#2346

"The CN4010 and CN6010 Series Common Crypto Library Module provides FIPS 140-2 approved cryptographic algorithms for the CN4010 and CN6010 Series Encryptors. Based upon OpenSSL the Library provides an Application Programming Interface (API) to support security relevant services."

242
Section 5.4, SNMP
SP800-135
Senetas Corporation Ltd. and SafeNet Inc.
Level 1, 11 Queens Road
Melbourne, Victoria 3004
Australia

-John Weston
TEL: +61 3 9868 4555
FAX: +61 3 9821 4899

-Chris Brych
TEL: +1 613 221 5081
FAX: +1 613 723 5079

CN6000 Series Common Crypto Library

Version 2.4 (Firmware)
Intel ATOM 2/28/2014 SNMP SHA1 Val#2345

"The CN6000 Series Common Crypto Library Module provides FIPS 140-2 approved cryptographic algorithms for CN6000 Series Encryptors. Based upon OpenSSL the Common Crypto Library provides an Application Programming Interface (API) to support security relevant services."

241
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Symantec Corporation
350 Ellis Street
Mountain View, CA 94043
USA

-David Finkelstein
TEL: 650-527-0714

Symantec PGP Cryptographic Engine

Version 4.3
Dell Precision M6400 Intel Core 2 Duo w/ Linux 32-bit RHEL 6.2 2/28/2014 Curves tested: P-256   P-384   P-521

"The Symantec PGP Cryptographic Engine is a FIPS 140-2 validated software only cryptographic module. The module implements the cryptographic functions for Symantec Encryption products, including the Symantec Drive Encryption, Symantec Desktop Email, Symantec File Share Encryption, Symantec Encryption Desktop, and Symantec Gateway Email. It includes"

240
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Symantec Corporation
350 Ellis Street
Mountain View, CA 94043
USA

-David Finkelstein
TEL: 650-527-0714

Symantec PGP Cryptographic Engine

Version 4.3
Apple MacBook Pro Intel Core 2 Duo w/ Mac OS X 10.7 2/28/2014 Curves tested: P-256   P-384   P-521

"The Symantec PGP Cryptographic Engine is a FIPS 140-2 validated software only cryptographic module. The module implements the cryptographic functions for Symantec Encryption products, including the Symantec Drive Encryption, Symantec Desktop Email, Symantec File Share Encryption, Symantec Encryption Desktop, and Symantec Gateway Email. It includes"

239
Section 5.2, SSH
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-8000
FAX: 408-333-8101

Brocade Vyatta Network OS Open SSL Cryptographic Module

Version 1.0
Intel (R) Xeon (R) Processor E5-2680 v2 (25M Cache, 2.80 Ghz w/ Brocade Vyatta Network OS 2/28/2014 SSH (SHA 256 ) SHA Val#2341

"Built for Network Functions Virtualization (NFV), Brocade (R) Vyatta (R) 5650 and 5630 vRouters are the first virtual routers capable of providing advanced routing in software without sacrificing the relaibility and performance of hardware networking solutions."

238
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-8000
FAX: 408-333-8101

Brocade Vyatta Network OS Open SSL Cryptographic Module

Version 1.0
Intel (R) Xeon (R) Processor E5-2680 v2 (25M Cache, 2.80 Ghz w/ Brocade Vyatta Network OS 2/28/2014 Curves tested: P-256   P-384   P-521

"Built for Network Functions Virtualization (NFV), Brocade (R) Vyatta (R) 5650 and 5630 vRouters are the first virtual routers capable of providing advanced routing in software without sacrificing the relaibility and performance of hardware networking solutions."

237
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134
USA

-Global Certification Team

IOS

Version 1.0
Intel Atom D2500 w/ CentOS Linux 6.4 2/21/2014 IKEv1( AUTH( DSA , PKE , PSK ) ) ( 2048 ) SHA Val#2340 HMAC Val#1744
IKEv2( ( 2048 (SHA 1 , 256 ) ) SHA Val#2340 HMAC Val#1744
TLS( TLS1.0/1.1 ) SHA Val#2340 HMAC Val#1744
SSH (SHA 1 ) SHA Val#2340
SNMP SHA1 Val#2340

"IOS software cryptographic implementations used within Cisco devices to provide cryptographic functions."

236
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134
USA

-Global Certification Team

IOS

Version 1.0 (Firmware)
Freescale MPC8358E; Freescale MPC8548E 2/21/2014 IKEv1( AUTH( DSA , PSK ) ) ( 2048 (SHA 1 , 256 ) ) SHA Val#2339 HMAC Val#1743
IKEv2( ( 2048 (SHA 1 , 256 ) ) SHA Val#2339 HMAC Val#1743
TLS( TLS1.0/1.1 ) SHA Val#2339 HMAC Val#1743
SSH (SHA 1 ) SHA Val#2339
SNMP SHA1 Val#2339

"IOS software cryptographic implementations used within Cisco devices to provide cryptographic functions."

235
Signature Generation of hash sized messages
FIPS186-4 ECDSA
GoldKey Security Corporation
26900 E. Pink Hill Rd
Independence, MO 64057
USA

-GoldKey Sales & Customer Service
TEL: (816) 220-3000

-Jon Thomas
TEL: 567-270-3830

GoldKey Cryptographic Algorithms

Version 7.13 (Firmware)
Arca2S 2/21/2013 ECDSA SigGen Component: CURVES( P-256 P-384 )

"Cryptographic algorithm implementation for GoldKey Products"

03/18/13: Updated implementation information;
03/27/13: Updated implementation information;
10/25/13: Updated implementation information;
07/23/14: Updated implementation informaiton;

234
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
GoldKey Security Corporation
26900 E. Pink Hill Rd
Independence, MO 64057
USA

-GoldKey Sales & Customer Service
TEL: (816) 220-3000

-Jon Thomas
TEL: 567-270-3830

GoldKey Cryptographic Algorithms

Version 7.13 (Firmware)
Arca2S 2/21/2013 RSASP1: (Mod2048: PKCS1.5 )

"Cryptographic algorithm implementation for GoldKey Products"

03/18/13: Updated implementation information;
03/27/13: Updated implementation information;
10/25/13: Updated implementation information;
07/23/14: Updated implementation informaiton;

233
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Fortinet Inc.
1090 Kifer Road
Sunnyvale, CA 94086-5301
USA

-Alan Kaye
TEL: 613-225-9381 x7416
FAX: 613-225-2951

Fortinet FortiOS SSL Cryptographic Library

Version 5.0 GA Patch 6 (Firmware)
ARM v5 Compatible; Intel Atom; Intel Celeron; Intel i3-540 Dual Core; Intel i5-750 Quad Core; Intel Xeon 2/21/2014 IKEv1( AUTH( DSA , PKE , PSK ) ) ( 224 (SHA 1 , 256 ) ) ( 8192 (SHA 1 , 256 ) ) SHA Val#2333 HMAC Val#1738
IKEv2( ( 8192 (SHA 1 , 256 ) ) ( 8192 (SHA 1 , 256 ) ) SHA Val#2333 HMAC Val#1738
TLS( TLS1.2 (SHA 256 ) ) SHA Val#2333 HMAC Val#1738
SSH (SHA 1 , 256 ) SHA Val#2333

"This document focuses on the software implementation of the Fortinet FortiOS SSL Cryptographic Library 5.0 GA Patch 6"

232
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Aruba Networks, Inc.
1344 Crossman Ave
Sunnyvale, CA 94089
USA

-Jon Green
TEL: 408-227-4500
FAX: 408-227-4550

ArubaOS OpenSSL Module

Version ArubaOS 6.3 (Firmware)
Qualcomm Atheros AR7161; Qualcomm Atheros AR7242; Cavium CN5010; Marvell 88F6560; Qualcomm Atheros QCA9344; Qualcomm Atheros QCA9550; Broadcom XLP416; Broadcom XLP432; Broadcom XLR732; Broadcom XLR508; Broadcom XLR516; Broadcom XLR532; Broadcom XLS204; Broadcom XLS408; Freescale QorIQ P1020; 2/14/2014 RSASP1: (Mod2048: PKCS1.5 )

"The Aruba MOVE Architecture forms the core network infrastructure for supporting mobile and wireless computing devices. The system enables enterprise-scale 802.11 wireless LANs (Wi-Fi), secure remote VPNs, and mobility-optimized wired networks.."

231
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
Section 4.2,
TLS
Section 5.2, SSH
Section 5.3, SRTP
Section 5.4, SNMP
SP800-135
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134
USA

-Global Certification Team

IOS Algorithms

Version 1.0 (Firmware)
Cavium CN5200; Intel 82576; Freescale MPC8572E; Freescale MPC8358E; Freescale P1021 2/7/2014 IKEv1( AUTH( PSK ) ) ( 2048 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#2182 HMAC Val#1606
IKEv2( ( 2048 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#2182 HMAC Val#1606
TLS( TLS1.0/1.1 ) SHA Val#2182 HMAC Val#1606
SSH (SHA 1 ) SHA Val#2182
SRTP (AES 128 ) AES Val#2620
SNMP SHA1 Val#2182

"IOS Firmware cryptographic implementations used within Cisco devices to provide cryptographic functions."

230
Section 4.2,
TLS
SP800-135
Oracle America, Inc.
500 Oracle Parkway
Redwood City, CA 94065
United States

-Linda Gallops
TEL: 704-972-5018
FAX: 704-321-9273

T10000D TLS1.0 Implementation

Version 2.2 (Firmware)
Altera NIOS II 2/7/2014 TLS( TLS1.0/1.1 ) SHA Val#2325 HMAC Val#1730

"The Oracle StorageTek T10000D Tape Drive blends the highest capacity, performance, reliability, and data security to support demanding, 24/7 data center operations. It delivers the world''s fastest write speeds to a native 8.5 TB of magnetic tape storagel; making it ideal for data center operations with growing data volume."

229
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Sagem Orga
Heinz-Nixdorf-Ring 1
Paderborn, 33106
Germany

-Swantje Missfeldt
TEL: +49 52 51 88 90

J-IDMark 64 Open RSA CRT with SHA-1 and SHA-256

Version J-IDMark 64 Open 01016221 (Firmware)
AT58803-H-AA 11/8/2006 RSASP1: (Mod2048: PKCS1.5 )

"An implementation of the RSA CRT with SHA-1 and SHA-256 algorithm for use in the J-IDMark 64 Open smart card cryptographic module."

02/04/14: Originally verified as SigGen - RSA #180;

228
Section 4.2,
TLS
SP800-135
Hewlett–Packard Development Company, L.P.
3000 Hanover Street
Palo Alto, CA 94304-1185
USA

-Mihai Damian
TEL: 1-650-236-5870

-Sameer Popli
TEL: 1-650-236-5874

HP NSVLE C API Library

Version 0.3
Intel(R) Xeon(R) E5-2658 w/ Debian Linux HPTE Version 5.0.0 1/24/2014 TLS( TLS1.0/1.1 ) SHA Val#2047 HMAC Val#1477

"Hewlett-Packard''s NonStop platform is used in complex computing environments, where business-critical applications need 24 x 7 availability, extreme scalability, and fault-tolerance. NonStop plays an important role in major industries and markets, including finance, healthcare, telecommunications, manufacturing, retail, and government."

227
Section 4.1.1,
IKEv1
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Palo Alto Networks
4401 Great America Parkway
Santa Clara, California 95054
USA

-Jake Bajic
TEL: (408) 753-3901
FAX: (408) 753-4001

-Lee Klarich
TEL: (408) 753-4000
FAX: (408) 753-4001

Palo Alto Networks Crypto Module (PA-200, PA-500, PA-2000 Series, PA-3000 Series, PA-4000 Series, and PA-5000 Series Firewalls and M100/Panorama)

Version PAN-OS 5.0/Panorama 5.1 (Firmware)
Cavium Octeon MIPS64; Intel Multi Core Xeon; Intel Celeron P4505 1/24/2014 IKEv1( AUTH( PSK ) ) ( 2048 (SHA 256 , 384 , 512 ) ) SHA Val#2298 HMAC Val#1707
TLS( TLS1.0/1.1 ) SHA Val#2298 HMAC Val#1707
SSH (SHA 1 ) SHA Val#2298
SNMP SHA1 Val#2298

"The Palo Alto Networks Crypto Module provides the cryptographic functionality for a variety of platforms i.e., the PA-200, PA-500, PA-2000, PA-3000, PA-4000 and PA-5000 firewalls and M100 Centralized Management. The firewalls provide network security by enabling enterprises to see/control applications, users, and content."

226
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
SonicWALL, Inc.
2001 Logic Drive
San Jose, CA 95124
USA

-Usha Sanagala
TEL: 408-962-6248
FAX: 408-745-9300

SonicOS 6.2 for NSA and SM

Version 6.2 (Firmware)
Cavium Octeon Plus 66XX; Cavium Octeon Plus 68XX 1/24/2014 IKEv1( AUTH( DSA , PSK ) ) ( 2048 (SHA 256 , 384 , 512 ) ) ( 2048 (SHA 256 , 384 , 512 ) ) SHA Val#2322 HMAC Val#1727
IKEv2( ( 2048 (SHA 256 , 384 , 512 ) ) ( 2048 (SHA 256 , 384 , 512 ) ) SHA Val#2322 HMAC Val#1727
TLS( TLS1.0/1.1 ) SHA Val#2322 HMAC Val#1727
SSH (SHA 1 ) SHA Val#2322
SNMP SHA1 Val#2322

"The Dell SonicWALL family of firewalls tightly integrates intrusion prevention, malware protection, Application Intelligence and Control with real-time Visualization. Dell SonicWALL Reassembly-Free Deep Packet Inspection engine scans 100% of traffic and massively scales to meet needs of the most high-performance networks."

01/14/15: Added test information;

225
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Giesecke & Devrient
45925 Horseshoe Drive
Dulles, VA 20166
USA

-Michael Poitner
TEL: 650-312-1241
FAX: 605-312-8129

-Jatin Deshpande
TEL: 650-312-8047
FAX: 650-312-8129

Sm@rtCafé Expert 3.2

Version CPDYxJCRSEFI-025CD144V503 (Firmware)
NXP P5CD144 3/18/2008 RSASP1: (Mod2048: PKCS1.5 )

"Sm@rtCafé Expert 3.2 is a Java Card 2.2.1 and Global Platform v2.1.1 compliant smart card module supporting contact and contactless interfaces. Its support includes RSA up to 2048 bits with key generation, Hash algorithms (including SHA256), SEED, AES, DSA, OAEP Padding and Triple-DES."

01/22/14: Originally verified as SigGen - RSA #351;

224
Signature Generation of hash sized messages
FIPS186-4 ECDSA
Gemalto
Avenue du Jujubier
Z.I Athelia IV
La Ciotat, 13705
France

-Arnaud Lotigier
TEL: +33-4-42-36-60-74
FAX: +33-4-42-36-55-45

TOP DL V2

Version #11-M1005011+Softmask V02 (Firmware)
Part # A1023378
Infineon SLE66CLX1280PE w/ TOP DL V2 smart Card 5/12/2010 ECDSA SigGen Component: CURVES( P-224 P-256 P-384 P-521 K-233 K-283 K-409 K-571 B-233 B-283 B-409 B-571 )
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#224.

"This module is based on a Java Card platform (TOP DL V2) with 128K EEPROM memory available. The Cryptographic Module provides dual interfaces (i.e. contact and contact-less) where the same security level is achieved."

01/15/14: Originally verified as SigGen and SigVer - ECDSA#172;

223
Signature Generation of hash sized messages
FIPS186-4 ECDSA
NXP Semiconductors
Mikronweg 1
Gratkorn, 8101
Austria

-Markus Moesenbacher
TEL: +43 3124 299 652
FAX: +43 3124 299 270

NXP ECDSA Component

Version ECDSA_CL_V2.7 (Firmware)
Part # NXP P5CD081 Family
NXP P5CD081 Family 8/18/2011 ECDSA SigGen Component: CURVES( P-256 )

"Single Chip Module with NXP Secure Smart Card Controller of P5CD081 Family and NXP Java Card and GlobalPlatform OS JCOP 2.4.2 R0. P5CD081 Family comprises: P5CD145 V0A, P5CC145 V0A, P5CN145 V0A, P5CD128 V0A, P5CC128 V0A, P5CD081 V1A, P5CC081 V1A, P5CN081 V1A, P5CD051 V1A, P5CD041 V1A, P5CD021 V1A and P5CD016 V1A."

01/15/14: Originally verified as SigGen - ECDSA#237;

222
Signature Generation of hash sized messages
FIPS186-4 ECDSA
Athena Smartcard Inc.
20380 Town Center Lane, Suite 240
Cupertino, CA 95014
USA

-Ian Simmons
TEL: (408) 865-0112
FAX: (408) 865-0333

Athena OS755 ECDSA2 Component

Version A1.0 (Firmware)
Part # Inside Secure AT90SC
Inside Secure AT90SC w/ OS755 6/16/2011 ECDSA SigGen Component: CURVES( P-224 P-256 P-384 P-521 )
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#222.

"Athena OS755 is a GlobalPlatform Java Card smart card operating system implementing AES, TDES, DRBG, SHA-1/SHA-2, RSA, SP 800-56A, KAS ( ECC CDH Primitive only) and ECDSA2."

01/15/14: Originally verified as SigGen and SigVer - ECDSA#214;

221
Signature Generation of hash sized messages
FIPS186-4 ECDSA
Oberthur Technologies
4250 Pleasant Valley Road
Chantilly, VA 20151
USA

-Christophe Goyet
TEL: 703-263-0100
FAX: 703-263-0503

ECDSA for ID-One Cosmo v7 A

Version 0801 (Firmware)
Part # C3
ID-One Cosmo v7.0 A 2/5/2009 ECDSA SigGen Component: CURVES( P-224 P-256 P-384 P-521 K-233 K-283 K-409 K-571 B-233 B-283 B-409 B-571 )
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#221.

"The ID-One Cosmo Smart Card Platform is a single chip multi-application cryptographic module that offers a highly secure architecture together with enhanced cryptographic services. The tested algorithm implementation applies to the following hardware part number: BF, CO, C3, CF, with firmware version 0801."

01/15/14: Originally verified as SigGen and SigVer - ECDSA#120;

220
Signature Generation of hash sized messages
FIPS186-4 ECDSA
Oberthur Technologies
4250 Pleasant Valley Road
Chantilly, VA 20151
USA

-Christophe Goyet
TEL: 703-263-0100
FAX: 703-263-0503

ECDSA for ID-One Cosmo v7 N

Version FC10 (Firmware)
Part # B0
ID-One Cosmo v7.0 N 1/16/2014 ECDSA SigGen Component: CURVES( P-224 P-256 P-384 P-521 K-233 K-283 K-409 K-571 B-233 B-283 B-409 B-571 )
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#220.

"The ID-One Cosmo Smart Card Platform is a single chip multi-application that offers a highly secure architecture together with enhanced cryptographic services. The tested algorithm implementation applies to the following hardware part number: B0, BA, C8, CA, CB, C4, C7, C9, B7, CD, C6, with firmware version FC10."

01/15/14: Originally verified as SigGen and SigVer - ECDSA#94;

219
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
NXP Semiconductors
Mikronweg 1
Gratkorn, 8101
Austria

-Markus Moesenbacher
TEL: +43 3124 299 652
FAX: +43 3124 299 270

NXP RSA CRT Component

Version RSA_CRT_JCOP_242_R0 (Firmware)
Part # NXP P5CD081 Family
NXP P5CD081 Family 8/18/2011 RSASP1: (Mod2048: PKCS1.5 )

"Single Chip Module with NXP Secure Smart Card Controller of P5CD081 Family and NXP Java Card and GlobalPlatform OS JCOP 2.4.2 R0. P5CD081 Family comprises: P5CD145 V0A, P5CC145 V0A, P5CN145 V0A, P5CD128 V0A, P5CC128 V0A, P5CD081 V1A, P5CC081 V1A, P5CN081 V1A, P5CD051 V1A, P5CD041 V1A, P5CD021 V1A and P5CD016 V1A."

01/15/14: Originally verified as SigGen - RSA #885;

218
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Athena Smartcard Inc.
20380 Town Center Lane, Suite 240
Cupertino, CA 95014
USA

-Ian Simmons
TEL: (408) 865-0112
FAX: (408) 865-0333

Athena OS755 RSA Component

Version A1.0 (Firmware)
Part # Inside Secure AT90SC
Inside Secure AT90SC w/ OS755 6/16/2011 RSASP1: (Mod2048: PKCS1.5 PKCSPSS )

"Athena OS755 is a Global Platform Java Card operating systems implementing AES, TDES, DRBG, SHA-1/SHA-2, RSA, SP 800-56A KAS (ECC CDH Primitive only) and ECDSA2."

01/15/14: Originally verified as SigGen - RSA #824;

217
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Gemalto
Avenue du Jujubier
Z.I Athelia IV
La Ciotat, 13705
France

-Arnaud Lotigier
TEL: +33-4-42-36-60-74
FAX: +33-4-42-36-55-45

TOP DL V2

Version #11-M1005011+Softmask V02 (Firmware)
Part # A1023378
Infineon SLE66CLX1280PE w/ TOP DL V2 smart Card 5/12/2010 RSASP1: (Mod2048: PKCS1.5 )

"This module is based on a Java Card platform (TOP DL V2) with 128K EEPROM memory available. The Cryptographic Module provides dual interfaces (i.e. contact and contact-less) where the same security level is achieved."

01/15/14: Originally verified as SigGen - RSA #664;

216
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Oberthur Technologies
4250 Pleasant Valley Road
Chantilly, VA 20151
USA

-Christophe Goyet
TEL: 703-263-0100
FAX: 703-263-0503

RSA for ID-One Cosmo v7 A

Version 0801 (Firmware)
Part # C3
ID-One Cosmo v7.0 A 2/5/2009 RSASP1: (Mod2048: PKCS1.5 PKCSPSS )

"The ID-One Cosmo Smart Card Platform is a single chip multi-application cryptographic module that offers a highly secure architecture together with enhanced cryptographic services. The tested algorithm implementation applies to the following hardware part number: BF, CO, C3, CF, with firmware version 0801."

01/15/14: Originally verified as SigGen - RSA #471;

215
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Oberthur Technologies
4250 Pleasant Valley Road
Chantilly, VA 20151
USA

-Christophe Goyet
TEL: 703-263-0100
FAX: 703-263-0503

RSA for ID-One Cosmo v7 N

Version FC10 (Firmware)
Part # B0
ID-One Cosmo v7.0 N 8/8/2008 RSASP1: (Mod2048: PKCS1.5 PKCSPSS )

"The ID-One Cosmo Smart Card Platform is a single chip multi-application that offers a highly secure architecture together with enhanced cryptographic services. The tested algorithm implementation applies to the following hardware part number: B0, BA, C8, CA, CB, C4, C7, C9, B7, CD, C6, with firmware version FC10."

01/15/14: Originally verified as SigGen - RSA #403;

214
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Gemalto
Arboretum Plaza II
9442 Captial of Texas Highway North
Suite 400
Austin, TX 78759
USA

-Vincent Prothon
TEL: 512-257-3810
FAX: 512-257-3881

Gemalto GX4-FIPS

Version GX4-FIPS EI08 (Firmware)
NXP P5CD144 5/13/2008 RSASP1: (Mod2048: PKCS1.5 )

"This module is based on a Java platform (GemCombiXpresso R4) with 144K EEPROM memory and on the SafesITe FIPS201 applet loaded on the Java Card platform. The Cryptographic Module provides dual interfaces (i.e. contact and contact-less) where the same security level is achieved. Module Ref# A1005963 - Card Ref# M1002255."

01/15/14: Originally verified as SigGen - RSA #372;

213
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Giesecke & Devrient
45925 Horseshoe Drive
Dulles, VA 20166
USA

-Michael Poitner
TEL: 650-312-1241
FAX: 605-312-8129

-Jatin Deshpande
TEL: 650-312-8047
FAX: 650-312-8129

Sm@rtCafé Expert 3.2

Version CPDIxJCRSEFI-025CD080V402 (Firmware)
NXP P5CD080 3/18/2008 RSASP1: (Mod2048: PKCS1.5 )

"Sm@rtCafé Expert 3.2 is a Java Card 2.2.1 and Global Platform v2.1.1 compliant smart card module supporting contact and contactless interfaces. Its support includes RSA up to 2048 bits with key generation, Hash algorithms (including SHA256), SEED, AES, DSA, OAEP Padding and Triple-DES."

01/15/14: Originally verified as SigGen - RSA #350;

212
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Oberthur Card Systems
4250 Pleasant Valley Road
Chantilly, VA 20151
USA

-Christophe Goyet
TEL: 703-263-0100
FAX: 703-263-0503

RSA for ID-One Cosmo 128 v5

Version ID-One Cosmo Version F310 (Firmware)
Part # B0
ID-One Cosmo 128 v5.5 11/6/2007 RSASP1: (Mod2048: PKCS1.5 PKCSPSS )

"The ID-One Cosmo Smart Card Platform is a single chip multi-application cryptographic module that offers a highly secure architecture together with cryptographic services such as 3DES (128,192), AES (128,192,256), RSA (1024,1536,2048) with onboard key generation, SHA (1,224,256,384,521), ECDSA (GFP,192,224,256,384) Elliptic Curve Diffie-Hellman."

01/15/14: Originally verified as SigGen - RSA #304;

211
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Keycorp Limited
Level 5, Keycorp Tower
799 Pacific Highway
Chatswood NSW
Sydney, Austrailia 2067
Australia

-Graeme Bradford
TEL: 703-635-7723
FAX: 703-635-7724

Keycorp MULTOS I4F 80K with MULTOS PIV Card Application

Version 1.0 (Firmware)
Infineon SLE66CLX800PEM crypto controller 11/6/2007 RSASP1: (Mod2048: PKCS1.5 )

"The Keycorp MULTOS I4F 80K Smart Card with MULTOS PIV Card Application can be employed in a wide range of solutions. The smart card provides a highly portable, secure token for enhancing the security of network access and ensuring secure electronic communications. Combined with the PIV Card Application it provides enhanced I&A functionality."

01/15/14: Originally verified as SigGen - RSA #303;

210
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Athena Smartcard Inc.
20380 Town Center Lane, Suite 240
Cupertino, CA 95014
USA

-Ian Simmons
TEL: 408-865-0112
FAX: 408-865-0333

Athena IDProtect Duo

Version 0107.7099.0105 (Firmware)
Part # AT90SC12872RCFT Rev M
Atmel AT90SC12872RCFT 10/15/2007 RSASP1: (Mod2048: PKCS1.5 )

"IDProtect is a cryptographic module based on the Athena OS755 Java Card smart card operating system. IDProtect is compliant with the latest Java Card 2.2.2 and Global Platform 2.1.1 specifications and FIPS 140-2 Level 3 (Level 4 Physical Security). IDProtect supports FIPS approved RNG, TDES, AES, SHA-1, SHA-256, and RSA up to 2048 bits."

01/15/14: Originally verified as SigGen - RSA #296;

209
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Athena Smartcard Inc.
20380 Town Center Lane, Suite 240
Cupertino, CA 95014
USA

-Ian Simmons
TEL: (408) 865-0112
FAX: (408) 865-0333

Athena IDProtect XL

Version 010A.7204.0004 (Firmware)
Part # AT90SC144144CT
Atmel AT90SC144144CT 9/27/2007 RSASP1: (Mod2048: PKCS1.5 )

"IDProtect is a cryptographic module based on the Athena OS755 Java Card 2.2.2 and GlobalPlatform2. 1.1 specifications and F IPS 140-2 Level 3 (Level 4 for physical security).IDProtect supports F IPS approved Random Number Generator, TDES,A ES, SHA-I, SHA-256, and RSA up to 2048 bits including on board key generation."

01/15/14: Originally verified as SigGen - RSA #292

208
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
CardLogix
16 Hughes, Suite 100
Irvine, CA 92618
USA

-Ken Indorf
TEL: 949-380-1312
FAX: 949-380-1428

CardLogix Credentsys-J

Version 07.0107.04 (Firmware)
Part # AT90SC12872RCFT Rev. J
Atmel AT90SC12872RCFT 7/2/2007 RSASP1: (Mod2048: PKCS1.5 )

"CREDENTSYS-J is a secure smart card that is designed for National ID systems and multi-use enterprise security environments. The CREDENTSYS-J card is based on Java Card tm 2.2.1 and Global Platform 2.1.1 architectures and is readily deployable into existing or new PKI environments. CREDENTSYS cards offer a combination of high performance and cost"

01/15/14: Originally verified as SigGen - RSA #272;

207
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Sagem Orga
Heinz-Nixdorf-Ring 1
Paderborn, 33106
Germany

-Swantje Missfeldt
TEL: +49 52 51 88 90

J-IDMark 64 Open RSA with SHA-1 and SHA-256

Version J-IDMark 64 Open 01016221 (Firmware)
AT58803-H-AA 11/8/2006 RSASP1: (Mod2048: PKCS1.5 )

"An implementation of teh RSA with SHA-1 and SHA-256 algorithm for use in the J-IDMark 64 Open smart card cryptographic module."

01/15/14: Originally verified as SigGen – RSA #179;

206
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
SafeNet, Inc.
4690 Millennium Drive
Belcamp, MD 21017
USA

-Hazem Hassan
TEL: (952)223-3139

-Wayne Whitlock
TEL: (443)327-1489

SCCOS Crypto library

Version 3.0 (Firmware)
Philips P5CT072 Secure Triple Interface Smart Card Controller 10/25/2006 RSASP1: (Mod2048: PKCS1.5 )

"SCCOS is a state-of-the-art operating system that offers wide range of authentication services together with the highest levels of security. It offers powerful implementaions for public and secret key encryption supporting RSA, DSA, Diffie-Hellman, SHA-1, Triple-DES, and AES."

01/15/14: Originally verified as SigGen - RSA#174;

205
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Gemplus
Avenue du Pic de Bertagne
GEMENOS Cedex, BP100 13881
FRANCE

-Thierry Deffontaines
TEL: +33 (0)4 42 36 60 17

GemCombiXpresso R4 (GCX4) Cryptographic Library

Version GCX4 - FIPS IE07 (Firmware)
Proprietary 1/30/2006 RSASP1: (Mod2048: PKCS1.5 )

"This implementation is dedicated to provide the crypto algorithm on the GemCombiXpresso R4 Java card product through the Java Card API. It provides Random Number generation, 3DES and RSA up to 2048 bits key length as well as X9.31 RSA On Board Key generation up to 2048 bits long."

204
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Oberthur Card Systems
4250 Pleasant Valley Road
Chantilly, VA 20151
USA

-Christophe Goyet
TEL: (703)263-0100
FAX: (703)263-7134

ID-One Cosmo 64 RSA

Version E303 (Firmware)
Part # 77
JavaCard 2.2 Runtime Environment 1/3/2005 RSASP1: (Mod2048: PKCS1.5 PKCSPSS )

"The ID-One Cosmo 64 RSA JavaCard Chip Platform is a single chip multi application cryptographic module for smart cards specifically designed for identity and government market needs. The module offers a highly secure architecture together with cryptographic services such as Triple-DES (using double and triple length DES keys) encryption and decryption in both ECB and CBC with ISO/IEC 9797 automatic padding (methods 1 and 2), TDES Message Authentication Code generation and verification using automatic padding methods from ISO/IEC 9797 (methods 1, 2, and 2 with MAC algorithm3), AES encryption and decryption in both ECB and CBC modes, AES Message Authentication Code generation and verification, RSA key generation up to 2048 bit key length with strong prime numbers (ANSI X9.31), RSA encryption and decryption using PKCS#1 and PKCS#1-OAEP automatic padding, RSA signature and verification using PKCS#1, PKCS#1-PSS, and ISO/IEC 9796 methods, as well as digest computation using SHA-1 and MD5 algorithms."

01/15/14: Oringinally verified as SigGen - RSA#43;

203
Section 4.2,
TLS
SP800-135
Cambium Networks
3800 Golf Road
Suite 360
Rolling Meadows, IL 60008
USA

-Mark Thomas
TEL: +44 1364 655500
FAX: +44 1364 654625

PTP700 TLS KDF

Version PTP700-TLS-KDF-01-00 (Firmware)
TI TMS320C6657 1/10/2014 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 ) ) SHA Val#2323 HMAC Val#1728

"TLS key derivation function"

202
Section 5.4, SNMP
SP800-135
Cambium Networks
3800 Golf Road
Suite 360
Rolling Meadows, IL 60008
USA

-Mark Thomas
TEL: +44 1364 655500
FAX: +44 1364 654625

PTP700 SNMP KDF

Version PTP700-SNMP-KDF-01-00 (Firmware)
TI TMS320C6657 1/10/2014 SNMP SHA1 Val#2323

"SNMP key derivation function"

201
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Freescale Semiconductor, Inc.
7700 West Parmer Lane
Austin, TX 78729
USA

-Geoffrey Waters
TEL: 512-996-5815
FAX: 512-996-7866

-Tom Tkacik
TEL: 480-814-3299
FAX: 480-814-3660

DMPR 30233242

Version CAVP_DMPR_30233242_C290R1 (Firmware)
Chronologic VCS simulator, vcs D-2010.06-04 12/20/2013 RSASP1: (Mod2048: PKCS1.5 )

"Freescale's cryptographic boundary for DSA, ECDSA and RSA includes the following CHAs plus Descriptor Controller: DECO 3.0, MDHA 2.3, PKHA-SD128 3.2, RNG4 4.2. Freescale's DMPR 30233242 is included in multiple QorIQ Integrated Communications Processors and co-processors, including: C291, C292, C293, T4240r2, and T4160r2."

200
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Freescale Semiconductor, Inc.
7700 West Parmer Lane
Austin, TX 78729
USA

-Geoffrey Waters
TEL: 512-996-5815
FAX: 512-996-7866

-Tom Tkacik
TEL: 480-814-3299
FAX: 480-814-3660

DMPR 30232242

Version CAVP_DMPR_30232242_T2080R1 (Firmware)
Chronologic VCS simulator, vcs D-2010.06-04 12/20/2013 RSASP1: (Mod2048: PKCS1.5 )

"Freescale's cryptographic boundary for DSA, ECDSA, RSA, KAS and ASKDF includes the following CHAs plus Descriptor Controller: DECO 3.0, MDHA 2.3, PKHA-SD64 2.2, RNG4 4.2. Freescale's DHSA 30232242 is included in the QorIQ Integrated Communications Processor: T2080."

199
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Freescale Semiconductor, Inc.
7700 West Parmer Lane
Austin, TX 78729
USA

-Geoffrey Waters
TEL: 512-996-5815
FAX: 512-996-7866

-Tom Tkacik
TEL: 480-814-3299
FAX: 480-814-3660

DMPR 30231242

Version CAVP_DMPR_30231242_T1040R1 (Firmware)
Chronologic VCS simulator, vcs D-2010.06-04 12/20/2013 RSASP1: (Mod2048: PKCS1.5 )

"Freescale's cryptographic boundary for DSA, ECDSA, RSA, KAS and ASKDF includes the following CHAs plus Descriptor Controller: DECO 3.0, MDHA 2.3, PKHA-SD32 1.2, RNG4 4.2. Freescale's DHSA 30231242 is included in the QorIQ Integrated Communications Processor: T1040."

198
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Freescale Semiconductor, Inc.
7700 West Parmer Lane
Austin, TX 78729
USA

-Geoffrey Waters
TEL: 512-996-5815
FAX: 512-996-7866

-Tom Tkacik
TEL: 480-814-3299
FAX: 480-814-3660

DMPR 20222141

Version CAVP_DMPR_20222141_P5040R1 (Firmware)
Chronologic VCS simulator, vcs D-2010.06-04 12/20/2013 RSASP1: (Mod2048: PKCS1.5 )

"Freescale's cryptographic boundary for DSA, ECDSA, RSA, KAS and ASKDF includes the following CHAs plus Descriptor Controller: DECO 2.0, MDHA 2.2, PKHA-SD64 2.1, RNG4 4.1. DHSA 20222141 is included in multiple QorIQ Integrated Communications Processors and co-processors, including: P5040, P5021, T4240r1, T4160r1, and B4860."

197
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Freescale Semiconductor, Inc.
7700 West Parmer Lane
Austin, TX 78729
USA

-Geoffrey Waters
TEL: 512-996-5815
FAX: 512-996-7866

-Tom Tkacik
TEL: 480-814-3299
FAX: 480-814-3660

DMPR 13221121

Version CAVP_DMPR_13221121_P4080R3 (Firmware)
Chronologic VCS simulator, vcs D-2010.06-04 12/20/2013 RSASP1: (Mod2048: PKCS1.5 )

"Freescale's cryptographic boundary for DSA, ECDSA, RSA, KAS and ASKDF includes the following CHAs plus Descriptor Controller: DECO 1.3, MDHA 2.2, PKHA-SD32 1.1, RNGB 2.1. Freescale's DHSA 13221121 is included in the QorIQ Integrated Communications Processor: P4080r3."

196
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Freescale Semiconductor, Inc.
7700 West Parmer Lane
Austin, TX 78729
USA

-Geoffrey Waters
TEL: 512-996-5815
FAX: 512-996-7866

-Tom Tkacik
TEL: 480-814-3299
FAX: 480-814-3660

DMPR 12211040

Version CAVP_DMPR_12211040_PSC9131R1 (Firmware)
Chronologic VCS simulator, vcs D-2010.06-04 12/20/2013 RSASP1: (Mod2048: PKCS1.5 )

"Freescale's cryptographic boundary for DSA, ECDSA, RSA, KAS and ASKDF includes the following CHAs plus Descriptor Controller: DECO 1.2, MDHA 2.1, PKHA-SD32 1.0, RNGB 4.0. Freescale's DHSA 12211040 is included in the QorIQ Integrated Communications Processors: PSC9131 and PSC9132."

195
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
Freescale Semiconductor, Inc.
7700 West Parmer Lane
Austin, TX 78729
USA

-Geoffrey Waters
TEL: 512-996-5815
FAX: 512-996-7866

-Tom Tkacik
TEL: 480-814-3299
FAX: 480-814-3660

DMPR 11200121

Version CAVP_DMPR_11200121_P5020R1 (Firmware)
Chronologic VCS simulator, vcs D-2010.06-04 12/20/2013 RSASP1: (Mod2048: PKCS1.5 )

"Freescale's cryptographic boundary for DSA, ECDSA, RSA, KAS and ASKDF includes the following CHAs plus Descriptor Controller: DECO 1.1, MDHA 2.0, PKHA-XT0.1, RNGB 2.1. Freescale's DHSA 11200121 is included in multiple QorIQ Integrated Communications Processors, including: P3041, P2041, P2040, P5020, P5010, and P1010."

194
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
IBM Corporation
1 New Orchard Road
Armonk, NY 10504
USA

-Smita Dutta
TEL: 301-803-2540

Cryptographic Security Kernel (CSK)

Version 2.0 (Firmware)
Intel Xeon 12/31/2013 TLS( TLS1.0/1.1 ) SHA Val#2160 HMAC Val#1581
SSH (SHA 1 , 256 , 512 ) SHA Val#2160

"IBM® Security QRadar® SIEM consolidates log source event data from thousands of devices endpoints and applications distributed throughout a network. The IBM Security QRadar SIEM provides a secure platform that meets FIPS 140-2 Level 2 requirements while allowing organizations to meet current and emerging compliance mandates."

193
Section 4.1.1,
IKEv1
SP800-135
Motorola Solutions, Inc.
6480 Via Del Oro
San Jose, CA 95119
USA

-Udayan Borkar
TEL: 408-528-2361
FAX: 408-528-2903

-Colin Cooper
TEL: 408-528-2871
FAX: 408-528-2903

Quicksec

Version 3.0 (Firmware)
Broadcom XLR v4.0 12/31/2013 IKEv1( ( 1024 (SHA 1 ) ) ( 185 (SHA 1 ) ) ( 2048 (SHA 1 ) ) SHA Val#2326 HMAC Val#1731

"Quicksec is a third party source code, which provides IPsec and IKE v1 cryptographic services."

02/10/14: Updated implementation information;

192
Section 5.2, SSH
SP800-135
Motorola Solutions, Inc.
6480 Via Del Oro
San Jose, CA 95119
USA

-Udayan Borkar
TEL: 408-528-2361
FAX: 408-528-2903

-Colin Cooper
TEL: 408-528-2871
FAX: 408-528-2903

Openssh

Version 4.7p1 (Firmware)
Broadcom XLR v4.0 12/31/2013 SSH (SHA 1 , 256 ) SHA Val#2321

"OpenSSH is a third party open source code, which provides secure remote session management services."

191
Section 4.2,
TLS
SP800-135
Motorola Solutions, Inc.
6480 Via Del Oro
San Jose, CA 95119
USA

-Udayan Borkar
TEL: 408-528-2361
FAX: 408-528-2903

-Colin Cooper
TEL: 408-528-2871
FAX: 408-528-2903

Openssl-fips

Version 1.1.1 (Firmware)
Broadcom XLR v4.0 12/31/2013 TLS( TLS1.0/1.1 ) SHA Val#2321 HMAC Val#1726

"OpenSSL is a third party open source code, which provides cryptographic services to user space daemons. The device uses openssl-fips-1.1.1 version. RFS7000 userspace daemons (RADIUS, ntp, openssh, net-snmp, mapsh, etc) using openssl crypto services call fips_mode_set() from their respective initialization functions."

190
Section 5.4, SNMP
SP800-135
Motorola Solutions, Inc.
6480 Via Del Oro
San Jose, CA 95119
USA

-Udayan Borkar
TEL: 408-528-2361
FAX: 408-528-2903

-Colin Cooper
TEL: 408-528-2871
FAX: 408-528-2903

net-snmp

Version 5.3.0.1 (Firmware)
Broadcom XLR v4.0 12/31/2013 SNMP SHA1 Val#2320

"Net-SNMP is a third party open source code, which implements SNMPv3 protocol in order to retrieve or update information remotely."

189
Section 5.2, SSH
SP800-135
Motorola Solutions, Inc.
6480 Via Del Oro
San Jose, CA 95119
USA

-Udayan Borkar
TEL: 408-528-2361
FAX: 408-528-2903

-Colin Cooper
TEL: 408-528-2871
FAX: 408-528-2903

Openssh

Version 4.7p1 (Firmware)
Cavium Octeon Plus CN5000 Family 12/31/2013 SSH (SHA 256 ) SHA Val#2320

"OpenSSH is a third party open source code, which provides secure remote session management services."

188
Section 5.4, SNMP
SP800-135
Motorola Solutions, Inc.
6480 Via Del Oro
San Jose, CA 95119
USA

-Udayan Borkar
TEL: 408-528-2361
FAX: 408-528-2903

-Colin Cooper
TEL: 408-528-2871
FAX: 408-528-2903

net-snmp

Version 5.0.9 (Firmware)
Cavium Octeon Plus CN5000 Family 12/31/2013 SNMP SHA1 Val#2320

"Net-SNMP is a third party open source code, which implements SNMPv3 protocol in order to retrieve or update information remotely."

187
Section 4.1.1,
IKEv1
SP800-135
Motorola Solutions, Inc.
6480 Via Del Oro
San Jose, CA 95119
USA

-Udayan Borkar
TEL: 408-528-2361
FAX: 408-528-2903

-Colin Cooper
TEL: 408-528-2871
FAX: 408-528-2903

iGateway

Version 1.9 (Firmware)
Cavium Octeon Plus CN5000 Family; Cavium Octeon Plus CN5000 Family 12/31/2013 IKEv1( AUTH( PSK ) ) ( 1024 Null (SHA 1 ) ) SHA Val#2320 HMAC Val#1725

"iGateway is a third party source code, which provides IPsec and IKE v1 cryptographic services."

05/06/14: Added new tested information;

186
Section 4.2,
TLS
SP800-135
Motorola Solutions, Inc.
6480 Via Del Oro
San Jose, CA 95119
USA

-Udayan Borkar
TEL: 408-528-2361
FAX: 408-528-2903

-Colin Cooper
TEL: 408-528-2871
FAX: 408-528-2903

Openssl-fips

Version 1.2 (Firmware)
Cavium Octeon Plus CN5000 Family 12/31/2013 TLS( TLS1.0/1.1 ) SHA Val#2320 HMAC Val#1725

"OpenSSL is a third party open source code, which provides cryptographic services to user space daemons. The device uses openssl-fips-1.2 version. AP7131N userspace daemons (RADIUS, ntp, openssh, net-snmp, etc) using openssl crypto services call fips_mode_set() from their respective initialization functions."

185
Signature Generation of hash sized messages
FIPS186-4 ECDSA
Green Hills Software
30 W Sola Street
Santa Barbara, CA 93101
USA

-David Sequino
TEL: 206-310-6795
FAX: 978-383-0560

-Douglas Kovach
TEL: 727-781-4909
FAX: 727-781-2915

INTEGRITY Security Services Embedded Cryptographic Toolkit ECDSA

Version 2.0.415
ARM Cortex A9 w/ Green Hills Software INTEGRITY Multivisor v4 for ARM 12/31/2013 ECDSA SigGen Component: CURVES( P-256 P-384 P-521 )

"Green Hills Software ISS ECT is a standards-based crypto toolkit providing a flexible framework to integrate encryption, digital signatures and other security mechanisms into a wide range of applications. ISS ECT is designed to support multiple cryptographic providers with a single common API, easily targeted to a variety of Operating Systems. "

184
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Utimaco Safeware AG
Germanusstraße 4
Aachen, 52080
Germany

-Dr. Gesa Ott
TEL: ++49 241-1696-200
FAX: ++49 241-1696-199

-Dieter Bong
TEL: ++49 241-1696-200
FAX: ++49 241-1696-199

CryptoServer Se ECDSA

Version ecdsa1.1.2.0_eca1.1.3.0 (Firmware)
Texas Instruments TMS320C6416T 12/20/2013 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#184.

"ECDSA Component implements all ECDSA key sizes and curves to allow flexibility and efficiency."

183
Section 4.2,
TLS
SP800-135
Blue Coat Systems, Inc.
420 North Mary Avenue
Sunnyvale, California 94085-4121
USA

-Diana Robinson
TEL: +1 (845) 454-6397

-Tammy Green
TEL: +1 (801) 999-2973

Blue Coat SG VA TLS Library

Version 1.0
Intel Xeon w/ VMware ESXi v5.1 with SGOS v6.5.2 12/20/2013 TLS( TLS1.0/1.1 ) SHA Val#2307 HMAC Val#1716

"The Blue Coat SG VA TLS Library provides the necessary SSL/TLS key derivation functionality to a proprietary operating system (SGOS 6.5.2) developed specifically for use in Blue Coat''s Secure Web Gateway virtual appliance ."

182
Section 5.2, SSH
SP800-135
Blue Coat Systems, Inc.
420 North Mary Avenue
Sunnyvale, California 94085-4121
USA

-Diana Robinson
TEL: +1 (845) 454-6397

-Tammy Green
TEL: +1 (801) 999-2973

Blue Coat SG VA SSH Library

Version 1.0
Intel Xeon w/ VMware ESXi v5.1 with SGOS v6.5.2 12/20/2013 SSH (SHA 1 ) SHA Val#2307

"The Blue Coat SG VA SSH Library provides the necessary SSH key derivation functionality to a proprietary operating system (SGOS 6.5.2) developed specifically for use in Blue Coat''s Secure Web Gateway virtual appliance ."

181
Section 5.2, SSH
SP800-135
Blue Coat Systems, Inc.
420 North Mary Avenue
Sunnyvale, California 94085-4121
USA

-Diana Robinson
TEL: +1 (845) 454-6397

-Tammy Green
TEL: +1 (801) 999-2973

Blue Coat SGOS SSH Library

Version 1.0 (Firmware)
Intel Xeon E5-2418L; Intel Xeon E5-2430; Intel Xeon E5-2658 12/20/2013 SSH (SHA 1 ) SHA Val#2292

"The Blue Coat SGOS SSH Library v1.0 provides the necessary SSH protocol support to a proprietary operating system (SGOS 6.5.2) developed specifically for use in Blue Coat''s ProxySG appliance line."

180
Section 4.2,
TLS
SP800-135
Blue Coat Systems, Inc.
420 North Mary Avenue
Sunnyvale, California 94085-4121
USA

-Diana Robinson
TEL: +1 (845) 454-6397

-Tammy Green
TEL: +1 (801) 999-2973

Blue Coat SGOS TLS Library

Version 1.0 (Firmware)
Intel Xeon E5-2418L; Intel Xeon E5-2430; Intel Xeon E5-2658 12/20/2013 TLS( TLS1.0/1.1 ) SHA Val#2292 HMAC Val#1701

"The Blue Coat SGOS TLS Library provides the necessary SSL/TLS protocol support to a proprietary operating system (SGOS 6.5.2) developed specifically for use in Blue Coat''s ProxySG appliance line. ."

178
Section 4.2,
TLS
SP800-135
Barco N.V.
Noordlan 5
Kuurne, , 8520
Belgium

-Jean-Paul Schafer
TEL: +32 4 267 69 22
FAX: +32 4 267 69 99

SM

Version 0.1.6533
Part # bg140778
Freescale Q or IQ P2040 Power-PC w/ Linux 3.0.48-rt70.2-svn5965 12/18/2013 TLS( TLS1.0/1.1 ) SHA Val#2295 HMAC Val#1704

"Implementation on a Freescale Power_PC, using the OpenSSL Library"

177
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Giesecke & Devrient GmbH
Prinzregentenstraße 159
München, n/a 81677
Germany

-Katharina Wallhäußer
TEL: +49 89 4119-1397
FAX: +49 89 4119-2819

ECC SLE78

Version 1.2 (Firmware)
Part # SLE78CLFX4000 (M7892)
SLE78CLFX4000P(M) / M7892 family 12/18/2013 Curves tested: P-224   P-256   P-384   P-521

"Sm@rtCafé Expert 7.0 C1 is a Java Card 3 Platform Classic Edition compliant to GlobalPlatform CS V2.2.1 and GP V2.2 Amd D."

176
Section 4.2,
TLS
SP800-135
Tripwire, Inc.
101 SW Main St. Suite 1500
Portland, OR 97204
USA

-Brian R. Cox
TEL: 503-276-7500
FAX: 503-276-7643

Tripwire Cryptographic Module

Version 2.0.0
Oracle Java 1.6 w/ Microsoft Windows Server 2008 R2 12/13/2013 TLS( TLS1.0/1.1 ) SHA Val#2283 HMAC Val#1697

"Provides an AES implementation for Tripwire products."

175
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

Brocade MLXe MR2

Version BRCD-IP-CRYPTO-VER-3.0 (Firmware)
Freescale MPC 7448, RISC, 1700 MHz; 12/13/2013 TLS( TLS1.0/1.1 ) SHA Val#2282 HMAC Val#1696
SSH (SHA 1 , 256 ) SHA Val#2282

"The Brocade cryptographic library used in Brocade IP products implements crypto operations in software. The Brocade MLXe Series and Brocade NetIron® CER 2000 Series Ethernet Routers, Brocade NetIron CES 2000 Series Ethernet Switches provide industry-leading wire-speed port capacity without compromising the performance of advanced capabilities such as IPv6, MPLS, and MPLS Virtual Private Networks (VPNs)."

02/18/14: Update vendor information;
10/06/16: Added new tested information;

174
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-8101
FAX: 408-333-8101

Brocade MLXe MR

Version BRCD-IP-CRYPTO-VER-3.0 (Firmware)
Freescale MPC 7447A, RISC, 1000MHz 12/13/2013 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 ) ) SHA Val#2281 HMAC Val#1695
SSH (SHA 1 , 256 ) SHA Val#2281

"The Brocade cryptographic library used in Brocade IP products implements crypto operations in software. The Brocade MLXe Series and Brocade NetIron® CER 2000 Series Ethernet Routers, Brocade NetIron CES 2000 Series Ethernet Switches provide industry-leading wire-speed port capacity without compromising the performance of advanced capabilities such as IPv6, MPLS, and MPLS Virtual Private Networks (VPNs)."

09/23/16: Update implementation information;

173
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

Brocade NetIron CES and CER 2000 Series

Version BRCD-IP-CRYPTO-VER-3.0 (Firmware)
Freescale MPC 8544, Power QUICC III, 800 MHz 12/13/2013 TLS( TLS1.0/1.1 ) SHA Val#2280 HMAC Val#1694
SSH (SHA 1 , 256 ) SHA Val#2280

"The Brocade cryptographic library used in Brocade IP products implements crypto operations in software. The Brocade MLXe Series and Brocade NetIron® CER 2000 Series Ethernet Routers, Brocade NetIron CES 2000 Series Ethernet Switches provide industry-leading wire-speed port capacity without compromising the performance of advanced capabilities such as IPv6, MPLS, and MPLS Virtual Private Networks (VPNs)."

10/06/16: Added new tested information;

172
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
McAfee, Inc.
2340 Energy Park Drive
St. Paul, MN 55108
USA

-Mark Hanson
TEL: 651-628-1633
FAX: 651-628-2701

McAfee Firewall Enterprise 64-bit Cryptographic Engine (Virtual)

Version 8.3.2
Intel Xeon w/ VMware ESXi v5.0 with SecureOS 8.3 12/13/2013 IKEv1( ( 1024 (SHA 1 , 256 , 384 , 512 ) ) ( 185 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#2279 HMAC Val#1693
IKEv2( ( 1024 (SHA 1 , 256 , 384 , 512 ) ) ( 185 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#2279 HMAC Val#1693
TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#2279 HMAC Val#1693
SSH (SHA 1 , 256 , 384 , 512 ) SHA Val#2279
SNMP SHA1 Val#2279

"The McAfee Firewall Enterprise 64-bit Cryptographic Engine (Virtual) is a software library that provides cryptographic services for applications on virtual deployments of the McAfee Firewall Enterprise Appliance."

171
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
McAfee, Inc.
2340 Energy Park Drive
St. Paul, MN 55108
USA

-Mark Hanson
TEL: 651-628-1633
FAX: 651-628-2701

McAfee Firewall Enterprise 64-bit Cryptographic Engine

Version 8.3.2 (Firmware)
Intel Atom; Intel Core; Intel Pentium; Intel Xeon 12/13/2013 IKEv1( AUTH( DSA , PKE , PSK ) ) ( 1024 (SHA 1 , 256 , 384 , 512 ) ) ( 185 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#2278 HMAC Val#1692
IKEv2( ( 1024 (SHA 1 , 256 , 384 , 512 ) ) ( 185 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#2278 HMAC Val#1692
TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#2278 HMAC Val#1692
SSH (SHA 1 , 256 , 384 , 512 ) SHA Val#2278
SNMP SHA1 Val#2278

"The McAfee Firewall Enterprise 64-bit Cryptographic Engine is a firmware library that provides cryptographic services for applications across several versions of the McAfee Firewall Enterprise Appliances."

170
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
McAfee, Inc.
2340 Energy Park Drive
St. Paul, MN 55108
USA

-Mark Hanson
TEL: 651-628-1633
FAX: 651-628-2701

McAfee Firewall Enterprise 32-bit Cryptographic Engine (Virtual)

Version 8.3.2
Intel Xeon w/ VMware ESXi v5.0 with SecureOS 8.3 12/13/2013 IKEv1( AUTH( DSA , PKE , PSK ) ) ( 1024 (SHA 1 , 256 , 384 , 512 ) ) ( 185 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#2277 HMAC Val#1691
IKEv2( ( 1024 (SHA 1 , 256 , 384 , 512 ) ) ( 185 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#2277 HMAC Val#1691
TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#2277 HMAC Val#1691
SSH (SHA 1 , 256 , 384 , 512 ) SHA Val#2277
SNMP SHA1 Val#2277

"The McAfee Firewall Enterprise 32-bit Cryptographic Engine (Virtual) is a software library that provides cryptographic services for applications on virtual deployments of the McAfee Firewall Enterprise Appliance."

169
Section 4.1.2,
IKEv2
SP800-135
Ultra Electronics 3eTI
9715 Key West Avenue
Suite 500
Rockville, MD 20850
USA

-Chris Guo
TEL: 301-944-1294
FAX: 301-670-6779

-Harinder Sood
TEL: 301-944-1325
FAX: 301-670-6779

3eTI OpenSSL Algorithm Implementation

Version 1.0.1-a (Firmware)
MPC8378E 12/13/2013 IKEv2( ( 1024 (SHA 1 , 256 , 384 , 512 ) ) ( 1536 (SHA 1 , 256 , 384 , 512 ) ) ( 2048 (SHA 256 , 384 , 512 ) ) SHA Val#1801 HMAC Val#1253

"Algorithms listed are used to provide encryption and authentication services within 3eTI networking products."

12/18/13: Updated implementation information;

168
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
McAfee, Inc.
2340 Energy Park Drive
St. Paul, MN 55108
USA

-Mark Hanson
TEL: 651-628-1633
FAX: 651-628-2701

McAfee Firewall Enterprise 32-bit Cryptographic Engine

Version 8.3.2 (Firmware)
Intel Atom; Intel Core i3; Intel Pentium; Intel Xeon 12/13/2013 IKEv1( AUTH( DSA , PKE , PSK ) ) ( 1024 (SHA 1 , 256 , 384 , 512 ) ) ( 185 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#2276 HMAC Val#1690
IKEv2( ( 1024 (SHA 1 , 256 , 384 , 512 ) ) ( 185 (SHA 1 , 256 , 384 , 512 ) ) SHA Val#2276 HMAC Val#1690
TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#2276 HMAC Val#1690
SSH (SHA 1 , 256 , 384 , 512 ) SHA Val#2276
SNMP SHA1 Val#2276

"The McAfee Firewall Enterprise 32-bit Cryptographic Engine is a firmware library that provides cryptographic services for applications across several versions of the McAfee Firewall Enterprise Appliances."

167
Section 4.2,
TLS
SP800-135
Cavium, Inc.
2315 N. First Street
San Jose, CA 95131
USA

-Tasha Castañeda
TEL: 408 943-7380

Nitrox III TLS KDF

Version Nitrox III TLS KDF, 89547 (Firmware)
Part # Nitrox III Series Die 1.1
Cavium Nitrox III Series 12/13/2013 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#1780 HMAC Val#1233

"NITROX III chips implement SHA1/SHA2, 3DES/AES256 CBC, ModMul/ModEx/RSA, GCM and CTR modes, and SP800-90A DRBG. Perf: 5 to 30 Gbps encrypt/hash; 35K to 200K RSA 1024b ops/sec; 6K to 35K RSA 2048b ops/sec. NITROX III microcode also implements protocol-specific acceleration for IPSec and SSL."

166
Section 4.2,
TLS
SP800-135
Cavium, Inc.
2315 N. First Street
San Jose, CA 95131
USA

-Tasha Castañeda
TEL: 408 943-7380

Nitrox Px TLS KDF

Version Nitrox Px TLS KDF, 1.85 (Firmware)
Part # Nitrox Px Series Die, 1.2
Cavium Nitrox Px Series 12/13/2013 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#801 SHA Val#1379 HMAC Val#443 HMAC Val#1677

"NITROX PX implements algorithms in hardware in each of several identical processor cores: SHA and MD5 hash/HMAC, 3 DES/AES256 encryption, and ModMul/ModEx/RSA pkcs 1 v15. IPSec, SSL, and WLAN protocols are aslo accelerated. Performance ranges available: 500Mbps to 2.5 Gbps encryption and/or hash; 4K to 17K RSA ops/sec; 6K to 25K DH ops/sec."

01/30/14: Updated implementation information;

165
Section 4.2,
TLS
SP800-135
DragonWave, Inc.
600-411 Legget Drive
Ottawa, ON K2K3C9
Canada

-Justin Wintour
TEL: (613) 599-9991

-Ingrid Mag
TEL: (613) 599-9991

Dragonwave Secure Cryptographic Module for Horizon Quantum

Version 1.3 (Firmware)
Freescale MPC8313 12/13/2013 TLS( TLS1.0/1.1 ) SHA Val#2274 HMAC Val#1688

"The DragonWave Secure Cryptographic Module firmware implementation provides peer-to-peer TLS communications for the management path established between two Quantum radio links."

164
Section 4.2,
TLS
SP800-135
DragonWave, Inc.
600-411 Legget Drive
Ottawa, ON K2K3C9
Canada

-Justin Wintour
TEL: (613) 599-9991

-Ingrid Mag
TEL: (613) 599-9991

Dragonwave Secure Cryptographic Module for Horizon Compact+

Version 1.2.5 (Firmware)
Freescale MPC8313 12/13/2013 TLS( TLS1.0/1.1 ) SHA Val#2273 HMAC Val#1687

"The DragonWave Secure Cryptographic Module firmware implementation provides peer-to-peer TLS communications for the management path established between two Compact+ radio links."

163
Section 4.1.1,
IKEv1
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
WatchGuard Technologies, Inc.
505 Fifth Avenue South, Suite 500
Seattle, Washington 98104
USA

-Peter Eng
TEL: 206 613-6608
FAX: 206 613-0888

XTM Cryptographic Module

Version 11.6.5 (Firmware)
Intel E3 12/6/2013 IKEv1( AUTH( DSA , PSK ) ) ( 1024 (SHA 1 ) ) SHA Val#2033 HMAC Val#1464
TLS( TLS1.0/1.1 ) SHA Val#2033 HMAC Val#1464
SSH (SHA 1 ) SHA Val#2033
SNMP SHA1 Val#2033

"WatchGuard XTM security appliances are designed to protect organizations from various security and productivity threats, including viruses, network attacks, intrusion attempts, Trojan horses, harmful or counterproductive URLs, spam, and more, while also providing secure Virtual Private Network (VPN) connections among workplaces and remote users."

162
Section 4.1.1,
IKEv1
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Hewlett Packard Enterprise
153 Taylor Street
Littleton, MA 01460
USA

-Bob Pittman
TEL: 1-978-264-5211
FAX: 1-978-264-5522

HP Comware

Version 5.2 (Firmware)
P1020, 800 Mhz, PowerPC; XLP432, 1.4 Ghz, MIPS; XLR 732, 950 Mhz, MIPS; XLS208, 750 Mhz, MIPS 11/29/2013 IKEv1( AUTH( DSA , PSK ) ) ( 1024 (SHA 1 ) ) SHA Val#2266 HMAC Val#1680
TLS( TLS1.0/1.1 ) SHA Val#2266 HMAC Val#1680
SSH (SHA 1 ) SHA Val#2266
SNMP SHA1 Val#2266

"Comware cryptographic library is a software library that provides cryptographic functions within HP devices."

161
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

Brocade FCX 624/648 and ICX 6610 Series

Version BRCD-IP-Crypto-Ver-3.0 (Firmware)
Freescale MPC8544E, 800 MHz 11/29/2013 TLS( TLS1.0/1.1 ) SHA Val#2265 HMAC Val#1679
SSH (SHA 1 ) SHA Val#2265

"The Brocade cryptographic library used in Brocade IP products implements crypto operations in software. The Brocade ICX6610 delivers wire-speed, non-blocking performance across all ports to support latency-sensitive. The Brocade FCX Series offers a comprehensive line of switches with specific models optimized for campus and data center deployment."

160
Section 4.2,
TLS
SP800-135
Sony Corporation
1-7-1 Konan
Minato-ku, Tokyo 108-0075
Japan

-Hirotaka Kondo
TEL: +81 50 3140 9888
FAX: +81 50 3809 1421

-Shigeki Yamamoto
TEL: +81 50 3140 9131
FAX: +81 50 3809 1421

Sony IMB TLSKDF Core-S

Version 1.0.1 (Firmware)
RENESAS SH-4A 11/29/2013 TLS( TLS1.0/1.1 ) SHA Val#1364 HMAC Val#902

"Sony IMB TLSKDF Core-S is the firmware module for digital cinema system."

159
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

Brocade ICX 6450 and ICX 6450-C12 Series

Version BRCD-IP-Crypto-Ver-3.0 (Firmware)
ARM ARMv5TE, 800 MHz 11/22/2013 TLS( TLS1.0/1.1 )
SSH (SHA 1 )

"The Brocade cryptographic library used in Brocade IP products implements crypto operations in software. Brocade ICX6450 switches deliver enterprise-class stackable switching at an entry-level price."

158
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

Brocade FIPS Crypto Library

Version v7.2.0 (Firmware)
Power PC 8548 and 440GX 11/22/2013 TLS( TLS1.0/1.1 ) SHA Val#749 HMAC Val#933
SSH (SHA 1 , 256 ) SHA Val#749

"The Brocade cryptographic library used in Brocade Fabric OS products implements crypto operations in software."

157
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

Brocade FIPS Crypto Library

Version v7.2.0 (Firmware)
AMCC PPC440EPX 11/22/2013 TLS( TLS1.0/1.1 ) SHA Val#1408 HMAC Val#934
SSH (SHA 1 ) SHA Val#1408

"The Brocade cryptographic library used in Brocade Fabric OS products implements crypto operations in software."

156
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

Brocade SX800/SX1600 Series

Version BRCD-IP-Crypto-Ver-3.0 (Firmware)
Freescale P3041E, 1.5 GHz 11/22/2013 TLS( TLS1.0/1.1 ) SHA Val#2259 HMAC Val#1675
SSH (SHA 1 ) SHA Val#2259

"The Brocade cryptographic library used in Brocade IP products implements crypto operations in software. The FastIron SX Series extends control from the network edge to the core with intelligent network services, such as Quality of Service (QoS) and provides a scalable, secure, low-latency, and fault-tolerant IP services solution for 1GbE and 10 GbE enterprise deployments."

155
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

Brocade ICX 7750

Version BRCD-IP-Crypto-Ver-3.0 (Firmware)
Freescale P2041, 1.5GHz 11/22/2013 TLS( TLS1.0/1.1 ) SHA Val#2258 HMAC Val#1674
SSH (SHA 1 ) SHA Val#2258

"The Brocade cryptographic library used in Brocade IP products implements crypto operations in software. The Brocade ICX 7750 is an Ethernet switch for campus LAN aggregation and classic Ethernet data center Top of Rack (ToR) environments."

154
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

Brocade ICX 6650

Version BRCD-IP-Crypto-Ver-3.0 (Firmware)
Freescale MPC8544E, 800 MHz 11/22/2013 TLS( TLS1.0/1.1 ) SHA Val#2257 HMAC Val#1673
SSH (SHA 1 ) SHA Val#2257

"The Brocade cryptographic library used in Brocade IP products implements crypto operations in software. The Brocade ICX 6650 is an Ethernet switch for campus LAN aggregation and classic Ethernet data center Top of Rack (ToR) environments."

153
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134
USA

-Global Certification Team

CiscoSSL FIPS Object Module (Assembler)

Version 4.1
ARM Cortex-A9 w/ Android 4.0; Intel Xeon w/ Windows 7; Freescale PowerPC-e500 w/ Linux 2.6; Intel Xeon with AES-NI w/ Windows 7; Cavium Octeon MIPS64 w/ Linux 2.6; Intel Xeon w/ Linux 2.6; Intel Xeon with AES-NI w/ Linux 2.6 11/22/2013 Curves tested: P-256   P-384   P-521
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#153.

"The Cisco FIPS Object Module is a software library that provides cryptographic services to a vast array of Cisco''s networking and collaboration products."

152
Section 4.1.1,
IKEv1
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Hewlett Packard Enterprise Company
1344 Crossman Ave
Sunnyvale, CA 94089
USA

-Steve Weingart
TEL: 512-319-2480
FAX: 408-227-4550

ArubaOS OpenSSL Module

Version ArubaOS 6.3 (Firmware)
Qualcomm Atheros AR7161; Qualcomm Atheros AR7242; Cavium CN5010; Marvell 88F6560; Qualcomm Atheros QCA9344; Qualcomm Atheros QCA9550; Broadcom XLP416; Broadcom XLP432; Broadcom XLR732; Broadcom XLR508; Broadcom XLR516; Broadcom XLR532; Broadcom XLS204; Broadcom XLS408; Freescale QorIQ P1020 11/22/2013 IKEv1( AUTH( DSA , PSK ) ) ( 1024 (SHA 1 , 256 , 384 ) ) ( 2048 (SHA 256 , 384 ) ) SHA Val#2249 HMAC Val#1666
TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#2249 HMAC Val#1666
SSH (SHA 1 ) SHA Val#2249
SNMP SHA1 Val#2249

"The Aruba MOVE Architecture forms the core network infrastructure for supporting mobile and wireless computing devices. The system enables enterprise-scale 802.11 wireless LANs (Wi-Fi), secure remote VPNs, and mobility-optimized wired networks.."

01/12/16: Updated vendor information;

151
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134
USA

-Global Certification Team

CiscoSSL FIPS Object Module

Version 4.1
Cavium Octeon MIPS64 w/ Linux 2.6; Intel Xeon w/ FreeBSD 9.0; Intel Xeon with AES-NI w/ Windows 8.1; Intel Xeon w/ Windows 8.1 11/22/2013 Curves tested: P-256   P-384   P-521
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#151.

"The Cisco FIPS Object Module is a software library that provides cryptographic services to a vast array of Cisco''s networking and collaboration products."

07/31/15: Added new tested information;

150
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
SP800-135
Hewlett Packard Enterprise Company
1344 Crossman Ave
Sunnyvale, CA 94089
USA

-Steve Weingart
TEL: 512-319-2480
FAX: 408-227-4550

ArubaOS Crypto Module

Version ArubaOS 6.3 (Firmware)
Broadcom XLS204; Broadcom XLS408; Broadcom XLR508; Broadcom XLR516; Broadcom XLR532; Broadcom XLR732; Broadcom XLP416; Broadcom XLP432; Qualcomm Atheros AR7242; Qualcomm Atheros AR7161; Qualcomm Atheros QCA9550; Cavium CN5010; Marvell 88F6560; Qualcomm Atheros QCA9344; Freescale QorIQ P1020 11/15/2013 IKEv1( AUTH( DSA , PSK ) ) ( 1024 (SHA 1 , 256 , 384 ) ) ( 2048 (SHA 256 , 384 ) ) SHA Val#2246 HMAC Val#1663
IKEv2( ( 1024 (SHA 1 , 256 , 384 ) ) ( 2048 (SHA 256 , 384 ) ) SHA Val#2246 HMAC Val#1663

"The Aruba MOVE Architecture forms the core network infrastructure for supporting mobile and wireless computing devices. The system enables enterprise-scale 802.11 wireless LANs (Wi-Fi), secure remote VPNs, and mobility-optimized wired networks."

01/12/16: Updated vendor information;

149
Section 4.1.1,
IKEv1
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Hewlett Packard Enterprise
153 Taylor Street
Littleton, MA 01460
USA

-Bob Pittman
TEL: 1-978-264-5211
FAX: 1-978-264-5522

HP Comware

Version 5.2 (Firmware)
Freescale MPC8314, 333MHZ, PowerPC; Freescale P2020, 1.0GHz, PowerPC; Freescale P4080, 1.5GHZ, PowerPC; Broadcom XLR732, 1.0GHz, MIPS 11/15/2013 IKEv1( SHA Val#2245 HMAC Val#1662
TLS( TLS1.0/1.1 ) SHA Val#2245 HMAC Val#1662
SSH (SHA 1 ) SHA Val#2245
SNMP SHA1 Val#2245

"Comware cryptographic library is a software library that provides cryptographic functions within HP devices."

148
All of SP800-56A EXCEPT KDF
SP800-56A
Allegro Software Development Corporation
1740 Massachusetts Avenue
Boxborough, MA 01719
USA

-Alan Presser
TEL: +1 (978) 264-6600

Allegro Cryptographic Engine

Version 1.1.8
Intel Core 2 Duo E8400 w/ Windows 7 Ultimate (64-bit) 11/8/2013 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC DSA Val#810 SHS Val#2243 DRBG Val#430 AES Val#2671 AES Val#2671 HMAC Val#1661
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 ECDSA Val#465 SHS Val#2243 DRBG Val#430 AES Val#2671 AES Val#2671 HMAC Val#1661
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#148.

"The Allegro Cryptographic Engine (ACE) is a cryptographic library module for embedded computing systems. ACE provides software implementations of algorithms for calculations of message digests, digital signature creation and verification, bulk encryption and decryption, key generation and key exchange."

147
Section 4.1.1,
IKEv1
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Hewlett Packard Enterprise
153 Taylor Street
Littleton, MA 01460
USA

-Bob Pittman
TEL: 1-978-264-5211
FAX: 1-978-264-5522

HP Comware

Version 5.2 (Firmware)
Freescale P2020, 1000MHz, PowerPC 11/8/2013 IKEv1( AUTH( DSA , PSK ) ) SHA Val#2242 HMAC Val#1660
TLS( TLS1.0/1.1 ) SHA Val#2242 HMAC Val#1660
SSH (SHA 1 ) SHA Val#2242
SNMP SHA1 Val#2242

"Comware cryptographic library is a software library that provides cryptographic functions within HP devices."

146
Section 4.1.1,
IKEv1
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Hewlett Packard Enterprise
153 Taylor Street
Littleton, MA 01460
USA

-n/a

HP Comware

Version 7.1
MPC8544 w/ Comware V7.1; XLS408 w/ Comware V7.1 11/8/2013 IKEv1( AUTH( DSA , PSK ) ) ( 1024 (SHA 1 ) ) SHA Val#2238 HMAC Val#1656
TLS( TLS1.0/1.1 ) SHA Val#2238 HMAC Val#1656
SSH (SHA 1 ) SHA Val#2238
SNMP SHA1 Val#2238

"Comware cryptographic library is a software library that provides cryptographic functions within HP devices."

145
Section 4.1.1,
IKEv1
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
HP
153 Taylor Street
Littleton, MA 01460
USA

-Boby Joseph
TEL: 978-264-5379
FAX: 978-254-5522

HP Comware

Version 5.2
Broadcom BCM5836, 264MHz, MIPS w/ ComwareV5.2; Freescale MPC8349, 533MHZ, PowerPC w/ ComwareV5.2; Freescale MPC8544,667MHz,PowerPC w/ ComwareV5.2; Broadcom BCM112x, 600MHZ, MIPS w/ ComwareV5.2; RMI (Netlogic) XLS408,1GHz,MIPS w/ ComwareV5.2 11/8/2013 IKEv1( AUTH( DSA , PSK ) ) ( 1024 (SHA 1 ) ) SHA Val#2070 HMAC Val#1499
TLS( TLS1.0/1.1 ) SHA Val#2070 HMAC Val#1499
SSH (SHA 1 ) SHA Val#2070
SNMP SHA1 Val#2070

"Comware cryptographic library is a software library that provides cryptographic functions within HP devices."

144
Section 4.2,
TLS
SP800-135
A10 Networks, Inc.
3 West Plumeria Drive
San Jose, CA 95134
USA

-John Chiong
TEL: +1 408 325-8668

A10 Networks Data Plane TLS KDF FIPS Library CNN3550

Version 1.0 (Firmware)
Part # CNN3550
CNN3550 10/25/2013 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#2013 HMAC Val#1444

"The AX Series Advanced Traffic Manager is designed to meet the growing demands of Web sites, carriers and enterprises. The AX offers intelligent Layer 4-7 application processing capabilities with industry-leading performance and scalability to meet critical business requirements at competitive prices."

12/20/13: Updated implementation information;

143
Section 4.2,
TLS
SP800-135
A10 Networks, Inc.
3 West Plumeria Drive
San Jose, CA 95134
USA

-John Chiong
TEL: +1 408 325-8668

A10 Networks Data Plane TLS KDF FIPS Library CNN3530

Version 1.0 (Firmware)
Part # CNN3530
CNN3530 10/25/2013 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#2236 HMAC Val#1654

"The AX Series Advanced Traffic Manager is designed to meet the growing demands of Web sites, carriers and enterprises. The AX offers intelligent Layer 4-7 application processing capabilities with industry-leading performance and scalability to meet critical business requirements at competitive prices."

12/20/13: Updated implementation information;

142
Section 4.2,
TLS
SP800-135
A10 Networks, Inc.
3 West Plumeria Drive
San Jose, CA 95134
USA

-John Chiong
TEL: +1 408 325-8668

A10 Networks Data Plane TLS KDF FIPS Library CNN3510

Version 1.0 (Firmware)
Part # CNN3510
CNN3510 10/25/2013 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#2235 HMAC Val#1653

"The AX Series Advanced Traffic Manager is designed to meet the growing demands of Web sites, carriers and enterprises. The AX offers intelligent Layer 4-7 application processing capabilities with industry-leading performance and scalability to meet critical business requirements at competitive prices."

12/20/13: Updated implementation information;

141
Section 4.2,
TLS
SP800-135
A10 Networks, Inc.
3 West Plumeria Drive
San Jose, CA 95134
USA

-John Chiong
TEL: +1 408 325-8668

A10 Networks Data Plane TLS KDF FIPS Library CN1620

Version 1.0 (Firmware)
Part # CN 1620
CN1620 10/25/2013 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#1525 HMAC Val#1017

"The AX Series Advanced Traffic Manager is designed to meet the growing demands of Web sites, carriers and enterprises. The AX offers intelligent Layer 4-7 application processing capabilities with industry-leading performance and scalability to meet critical business requirements at competitive prices."

12/20/13: Updated impelementation information;

140
Section 4.2,
TLS
SP800-135
A10 Networks, Inc.
3 West Plumeria Drive
San Jose, CA 95134
USA

-John Chiong
TEL: +1 408 325-8668

A10 Networks Data Plane TLS KDF FIPS Library CN1615

Version 1.0 (Firmware)
Part # CN1615
CN1615 10/25/2013 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#1524 HMAC Val#1016

"The AX Series Advanced Traffic Manager is designed to meet the growing demands of Web sites, carriers and enterprises. The AX offers intelligent Layer 4-7 application processing capabilities with industry-leading performance and scalability to meet critical business requirements at competitive prices."

12/20/13: Updated impelementation information;

139
Section 4.2,
TLS
SP800-135
A10 Networks, Inc.
3 West Plumeria Drive
San Jose, CA 95134
USA

-John Chiong
TEL: +1 408 325-8668

A10 Networks Data Plane TLS KDF FIPS Library CN1610

Version 1.0 (Firmware)
Part # CN1610
CN1610 10/25/2013 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#2234 HMAC Val#1652

"The AX Series Advanced Traffic Manager is designed to meet the growing demands of Web sites, carriers and enterprises. The AX offers intelligent Layer 4-7 application processing capabilities with industry-leading performance and scalability to meet critical business requirements at competitive prices."

12/20/13: Updated implementation information;

138
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

FCX 624_648_ICX6610

Version BRCD-IP-CRYPTO-VER-2.0 (Firmware)
Freescale 8544E 10/25/2013 TLS( TLS1.0/1.1 ) SHA Val#2227 HMAC Val#1645
SSH (SHA 1 ) SHA Val#2227

"The Brocade cryptographic library used in Brocade IP products implements crypto operations in software. The Brocade ICx 6610 delivers wire-speed, non-blocking performance across all ports to support latency-sensitivity. The Brocade FCX Series offfers a comprehensive line of switches with specific models optimized for campus and data center deployments. "

11/08/13: Updated implementation information;

137
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

Brocade ICX 6450 and ICX 6450-C12 Series

Version BRCD-IP-CRYPTO-VER-2.0 (Firmware)
ARMv5TE, 800 MHz 10/25/2013 TLS( TLS1.0/1.1 ) SHA Val#2226 HMAC Val#1644
SSH (SHA 1 ) SHA Val#2226

"The Brocade cryptographic library used in Brocade IP products implements crypto operations in software. Brocade ICX6450 switches deliver enterprise-class stackable switching at an entry-level price."

136
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

Brocade SX800/SX1600 Series

Version BRCD-IP-CRYPTO-VER-2.0 (Firmware)
Freescale P3041E, 1.5 GHz 10/25/2013 TLS( TLS1.0/1.1 ) SHA Val#2225 HMAC Val#1643
SSH (SHA 1 ) SHA Val#2225

"The Brocade cryptographic library used in Brocade IP products implements crypto operations in software. The FastIron SX Series extends control from the network edge to the core with intelligent network services, such as Quality of Service (QoS) and provides a scalable, secure, low-latency and fault-tolerant IP services solution for 1 GbE and 10 GbE enterprise deployments."

135
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

FIPS 140-2 Certification for Brocade ICX 6650

Version BRC-IP-CRYPTO-VER-2.0 (Firmware)
Freescale MPC8544E, 800 MHz 10/25/2013 TLS( TLS1.0/1.1 ) SHA Val#2224 HMAC Val#1642
SSH (SHA 1 ) SHA Val#2224

"The Brocade ICX 6500 Switch is a compact Ethernet switch that delivers industry-leading 10/40 GbE density."

134
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-8101
FAX: 408-333-8101

FIPS 140-2 Certification for Brocade MLXe and CER 2000 Series

Version BRCD-IP-CRYPTO-VER-2.0-0131131200 (Firmware)
Freescale MPC 7447A, RISC, 1000MHz 10/25/2013 TLS( TLS1.0/1.1 ) SHA Val#2221 HMAC Val#1639
SSH (SHA 1 ) SHA Val#2221

"The Brocade cryptographic library used in Brocade IP products implements crypto operations in software. The Brocade MLX Series and NetIron CER 2000 Series provide industry-leading wire-speed port capacity without compromising the performance of advanced capabilities such as IPv6, MPLS and MPLS Virtual Private Networks (VPNs)."

11/08/13: Updated implementation information;

133
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

FIPS 140-2 Certification for Brocade MLXe and CER 2000 Series

Version BRCD-IP-CRYPTO_VER-2.0 (Firmware)
Freescale MPC8544, PowerQUICC III, 800 MHz 10/25/2013 TLS( TLS1.0/1.1 ) SHA Val#2223 HMAC Val#1641
SSH (SHA 1 ) SHA Val#2223

"The Brocade cryptographic library used in Brocade IP products implements crypto operations in software. The Brocade MLX Series and NetIron CER 2000 Series provide industry-leading wire-speed port capacity without compromising the performance of advanced capabilities such as IPv6, MPLS and MPLS Virtual Private Networks (VPNs). "

132
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

FIPS 140-2 Certification for Brocade MLXe and CER 2000 Series

Version BRCD-IP-CRYPTO-VER-2.0 (Firmware)
Freescale MPC7448, RISC, 1700 MHz 10/25/2013 TLS( TLS1.0/1.1 ) SHA Val#2222 HMAC Val#1640
SSH (SHA 1 ) SHA Val#2222

"The Brocade cryptographic library used in Brocade IP products implements crypto operations in software. The Brocade MLX Series and NetIron CER 2000 Series provide industry-leading wire-speed port capacity without compromising the performance of advanced capabilities such as IPv6, MPLS and MPLS Virtual Private Networks (VPNs)."

131
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

Brocade FIPS Crypto Library

Version NOS 4.0.1 (Firmware)
Part # Freescale e500mc
Freescale e500mc 10/25/2013 TLS( TLS1.0/1.1 ) SHA Val#1966 HMAC Val#933
SSH (SHA 1 , 256 ) SHA Val#1966

"The Brocade cryptographic library used in Brocade Network OS products implements crypto operations in software."

130
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

Brocade FIPS Crypto Library

Version NOS 4.0.1 (Firmware)
Part # Freescale e500mc
Freescale e500mc 10/25/2013 TLS( TLS1.0/1.1 ) SHA Val#1966 HMAC Val#933
SSH (SHA 1 , 256 ) SHA Val#1966

"The Brocade cryptographic library used in Brocade Network OS products implements crypto operations in software."

129
Section 4.2,
TLS
Section 5.4, SNMP
SP800-135
McAfee, Inc.
2340 Energy Park Drive
St. Paul, MN 55108
USA

-Mark Hanson
TEL: 651-628-1633
FAX: 651-628-2701

McAfee Firewall Enterprise 64-Bit Protocol Engine (Virtual)

Version 8.3
Intel Xeon w/ SecureOS running on Crossbeam XOS v9.9.0 10/25/2013 TLS( TLS1.0/1.1 ) SHA Val#1991 HMAC Val#1421
SNMP SHA1 Val#1991

"The McAfee Firewall Enterprise 64-Bit Protocol Engine (Virtual) provides implementations of secure communications protocols. This engine supports various applications running on virtual deployments of McAfee''s Firewall Enterprise appliance."

128
Section 4.2,
TLS
Section 5.4, SNMP
SP800-135
McAfee, Inc.
2340 Energy Park Drive
St. Paul, MN 55108
USA

-Mark Hanson
TEL: 651-628-1633
FAX: 651-628-2701

McAfee Firewall Enterprise 64-Bit Protocol Engine

Version 8.3 (Firmware)
Intel Xeon 10/25/2013 TLS( TLS1.0/1.1 ) SHA Val#1990 HMAC Val#1420
SNMP SHA1 Val#1990

"The McAfee Firewall Enterprise 64-Bit Protocol Engine provides implementations of secure communications protocols. This engine supports various applications running on McAfee''s Firewall Enterprise appliance."

127
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
McAfee, Inc.
2340 Energy Park Drive
St. Paul, MN 55108
USA

-Mark Hanson
TEL: 651-628-1633
FAX: 651-628-2701

McAfee Firewall Enterprise 32-Bit Protocol Engine (Virtual)

Version 8.3
Intel Xeon w/ SecureOS running on Crossbeam XOS v9.9.0 10/25/2013 IKEv1( AUTH( DSA , PKE , PSK ) ) ( 1024 (SHA 1 , 256 , 384 , 512 ) ) ( 2048 (SHA 256 , 384 , 512 ) ) SHA Val#1989 HMAC Val#1419
IKEv2( ( 1024 (SHA 1 , 256 , 384 , 512 ) ) ( 2048 (SHA 256 , 384 , 512 ) ) SHA Val#1989 HMAC Val#1419
TLS( TLS1.0/1.1 ) SHA Val#1989 HMAC Val#1419
SSH (SHA 1 , 256 , 384 , 512 ) SHA Val#1989

"The McAfee Firewall Enterprise 32-Bit Protocol Engine (Virtual) provides implementations of secure communications protocols. This engine supports various applications running on virtual deployments of McAfee''s Firewall Enterprise appliance."

126
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
Section 4.2,
TLS
Section 5.2, SSH
SP800-135
McAfee, Inc.
2340 Energy Park Drive
St. Paul, MN 55108
USA

-Mark Hanson
TEL: 651-628-1633
FAX: 651-628-2701

McAfee Firewall Enterprise 32-Bit Protocol Engine

Version 8.3 (Firmware)
Intel Xeon 10/25/2013 IKEv1( AUTH( DSA , PKE , PSK ) ) ( 1024 (SHA 1 , 256 , 384 , 512 ) ) ( 2048 (SHA 256 , 384 , 512 ) ) SHA Val#1988 HMAC Val#1418
IKEv2( ( 1024 (SHA 1 , 256 , 384 , 512 ) ) ( 2048 (SHA 256 , 384 , 512 ) ) SHA Val#1988 HMAC Val#1418
TLS( TLS1.0/1.1 ) SHA Val#1988 HMAC Val#1418
SSH (SHA 1 , 256 , 384 , 512 ) SHA Val#1988

"The McAfee Firewall Enterprise 32-Bit Protocol Engine provides implementations for secure communications protocols. This engine supports various applications running on McAfee''s Firewall Enterprise appliance."

125
Section 5.3, SRTP
SP800-135
Sonus Networks, Inc.
4 Technology Park Drive
Westford, MA 01886
USA

-Sandeep Kaushik
TEL: 1-855-GO-SONUS
FAX: 978-614-8101

-Nui Chan
TEL: 1-855-GO-SONUS
FAX: 978-614-8101

Sonus Cryptographic Media Processor

Version 1 (Firmware)
Cavium OCTEON Plus CN5860 10/25/2013 SRTP (AES 128 ) AES Val#2644

"Sonus Session Border Controller FIPS-validated cryptographic media module"

124
Section 5.7.1.2: ECC CDH Primitive
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-56A

SP800-135
Sonus Networks, Inc.
4 Technology Park Drive
Westford, MA 01886
USA

-Sandeep Kaushik
TEL: 1-855-GO-SONUS
FAX: 978-614-8101

-Nui Chan
TEL: 1-855-GO-SONUS
FAX: 978-614-8101

Sonus Cryptographic Library

Version 1
Intel Nehalem w/ Sonus Debian Linux 02.00.02-A026 10/25/2013 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571
TLS( TLS1.2 (SHA 256 ) ) SHA Val#2217 HMAC Val#1635
SSH (SHA 1 , 224 , 256 , 384 , 512 ) SHA Val#2217
SNMP SHA1 Val#2217
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#124.

"Sonus Session Border Controller FIPS-validated cryptographic software module"

123
Section 4.2,
TLS
SP800-135
Blue Coat Systems, Inc.
420 North Mary Avenue
Sunnyvale, California 94085-4121
USA

-Diana Robinson
TEL: 866-302-2628

Blue Coat SSL Visibility Appliance SV2800

Version 0.9.8
Intel E5620 Quad Core w/ Linux x86_64 10/25/2013 TLS( TLS1.0/1.1 ) SHA Val#2215 HMAC Val#1634

"The SSL Visibility Appliance is designed to detect SSL traffic and then under policy control to "inspect" the traffic. Inspection involves decrypting and re-encrypting the traffic to gain access to the clear text then passing this data to one or more associated security appliance(s) that need to see decrypted traffic."

122
Section 5.4, SNMP
SP800-135
Motorola Solutions, Inc.
6480 Via Del Oro
San Jose, CA 95119
USA

-Ashot Andreasyan
TEL: 408-826-3203
FAX: 408-528-2883

SNMP

Version 5.3.0.1 (Firmware)
Free Scale MPC-7457; Free Scale MPC-8568E 10/25/2013 SNMP SHA1 Val#2057

"SNMP Key Derivation function is used to derive shared secret keys for SNMP Common Agent in S6000 and GGM8000 network devices."

121
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134
USA

-Global Certification Team

CiscoSSL FIPS Object Module (Assembler)

Version 4.0
ARM Cortex-A9 w/ Android 4.0; Intel Xeon w/ Windows 7; Freescale PowerPC-e500 w/ Linux 2.6; Freescale PowerPC-e500 w/ Linux 2.6; Intel Xeon with AES-NI w/ Windows 7; Cavium Octeon MIPS64 w/ Linux 2.6; Intel Xeon w/ Linux 2.6; Intel Xeon with AES-NI w/ Linux 2.6 10/1/2013 Curves tested: P-224   P-256   P-384   P-521
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#121.

"The Cisco FIPS Object Module is a software library that provides cryptographic services to a vast array of Cisco''s networking and collaboration products."

120
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134
USA

-Global Certification Team

CiscoSSL FIPS Object Module

Version 4.0
Cavium Octeon MIPS64 w/ Linux 2.6; Intel Xeon w/ FreeBSD 9.0 10/1/2013 Curves tested: P-256   P-384   P-521
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#120.

"The Cisco FIPS Object Module is a software library that provides cryptographic services to a vast array of Cisco''s networking and collaboration products."

119
Section 5.2, SSH
SP800-135
A10 Networks, Inc.
3 West Plumeria Drive
San Jose, CA 95134
USA

-John Chiong
TEL: +1 408 325-8668

A10 Networks SSH KDF FIPS Library

Version 1.0.0 (Firmware)
Intel Xeon E5-2690; Intel Xeon E3-1230; Intel Xeon E3-1270 ;  Intel Xeon E5-1650; Intel Xeon E5-2687; Intel Xeon E5-2697 10/1/2013 SSH (SHA 1 ) SHA Val#1480

"The AX Series Advanced Traffic Manager is designed to meet the growing demands of Web sites, carriers and enterprises. The AX offers intelligent Layer 4-7 application processing capabilities with industry-leading performance and scalability to meet critical business requirements at competitive prices."

10/25/13: Added new tested information;
03/16/15: Added new tested information;

118
Section 5.4, SNMP
SP800-135
A10 Networks, Inc.
3 West Plumeria Drive
San Jose, CA 95134
USA

-John Chiong
TEL: +1 408 325-8668

A10 Networks SNMP KDF FIPS Library

Version 1.0.0 (Firmware)
Intel Xeon E5-2690; Intel Xeon E3-1230; Intel Xeon E3-1270 ;  Intel Xeon E5-1650; Intel Xeon E5-2687; Intel Xeon E5-2697; 10/1/2013 SNMP SHA1 Val#1480

"The AX Series Advanced Traffic Manager is designed to meet the growing demands of Web sites, carriers and enterprises. The AX offers intelligent Layer 4-7 application processing capabilities with industry-leading performance and scalability to meet critical business requirements at competitive prices."

10/25/13: Added new tested information;
03/16/15: Added new tested information;

117
Section 4.2,
TLS
SP800-135
A10 Networks, Inc.
3 West Plumeria Drive
San Jose, CA 95134
USA

-John Chiong
TEL: +1 408 325-8668

A10 Crypto Library

Version 1.0.0 (Firmware)
Intel Xeon E5-2690;Intel Xeon E3-1230; Intel Xeon E3-1270 ;  Intel Xeon E5-2687 10/1/2013 TLS( TLS1.0/1.1 ) SHA Val#1519 HMAC Val#1011

"The AX Series Advanced Traffic Manager is designed to meet the growing demands of Web sites, carriers and enterprises. The AX offers intelligent Layer 4-7 application processing capabilities with industry-leading performance and scalability to meet critical business requirements at competitive prices."

10/25/13: Added new tested information;
03/18/15: Added new tested information;

116
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
BlackBerry
295 Phillip Street
Waterloo, ON N2L3W8
Canada

-Security Certifications Team
TEL: 519-888-7465x72921
FAX: 905-507-4230

BlackBerry Cryptographic Algorithm Library

Version 6.1
Intel Xeon X5650 w/ CentOS 5.5 Linux 32-bit; Intel Xeon X5650 w/ CentOS 5.5 Linux 64-bit; Intel Xeon X5650 w/ Windows XP 32-bit; Intel Xeon X5650 w/ Windows XP 64-bit; ARMv7 w/ QNX Neutrino 8.0 9/30/2013 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#116.

"The BlackBerry Cryptographic Algorithm Library is a suite of cryptographic algorithms that provides advanced cryptographic functionality to systems running BlackBerry 10 OS and components of BlackBerry Enterprise Service 10."

115
Section 4.2,
TLS
SP800-135
Sony Corporation
1-7-1 Konan
Minato-ku, Tokyo 108-0075
Japan

-Hirotaka Kondo
TEL: +81 50 3140 9888
FAX: +81 50 3809 1422

Sony IMB TLSKDF Core-S

Version 1.0.0 (Firmware)
Renesas SH-4A w/ Linux kernel 2.6 9/27/2013 TLS( TLS1.0/1.1 ) SHA Val#1364 HMAC Val#902

"Sony IMB TLSKDF Core-S is the firmware module for digital cinema system."

114
Section 5.4, SNMP
SP800-135
Senetas Corporation Ltd. and SafeNet Inc.
Level 1, 11 Queens Road
Melbourne, Victoria 3004
Australia

-John Weston
TEL: +61 3 9868 4555
FAX: +61 3 9821 4899

-Chris Brych
TEL: +1 613 221 5081
FAX: +1 613 723 5079

CS Series Common Crypto Library

Version 0.98 (Firmware)
AMD Geode LX800; Intel Core 2 Duo LGA775 9/27/2013 SNMP SHA1 Val#2176

"The CS Series Common Crypto Library Module provides FIPS 140-2 approved cryptographic algorithms for the CS10 and CS100 Encryptors. Based upon OpenSSL the Library provides an Application Programming Interface (API) to support security relevant services. "

09/30/13: Updated vendor information;

113
Section 5.4, SNMP
SP800-135
Senetas Corporation Ltd. and SafeNet Inc.
Level 1, 11 Queens Road
Melbourne, Victoria 3004
Australia

-John Weston
TEL: +61 3 9868 4555
FAX: +61 3 9821 4899

-Chris Brych
TEL: +1 613 221 5081
FAX: +1 613 723 5079

CN6000 Series Common Crypto Library

Version 0.98 (Firmware)
Intel ATOM 9/27/2013 SNMP

"The CN6000 Series Common Crypto Library Module provides FIPS 140-2 approved cryptographic algorithms for CN6000 Series Encryptors. Based upon OpenSSL the Common Crypto Library provides an Application Programming Interface (API) to support security relevant services."

09/30/13: Updated vendor information;

112
Section 5.4, SNMP
SP800-135
Senetas Corporation Ltd. and SafeNet Inc.
Level 1, 11 Queens Road
Melbourne, Victoria 3004
Australia

-John Weston
TEL: +61 3 9868 4555
FAX: +61 3 9821 4899

-Chris Brych
TEL: +1 613 221 5081
FAX: +1 613 723 5079

CN1000 and CN3000 Series Common Crypto Library

Version 0.98 (Firmware)
Freescale MPC8280 9/27/2013 SNMP SHA1 Val#2178

"The CN1000 and CN3000 Series Common Crypto Library Module provides FIPS 140-2 approved cryptographic algorithms for the CN1000 and CN3000 Series Encryptors. Based upon OpenSSL the Library provides an Application Programming Interface (API) to support security relevant services. "

09/30/13: Updated vendor information;

111
All of SP800-56A EXCEPT KDF
SP800-56A
Entrust, Inc.
One Lincoln Centre
5400 LBJ Freeway
Suite 1340
Dallas, TX 75240
USA

-Greg Wetmore
TEL: 613-270-2773
FAX: 613-270-3400

-Mark Joynes
TEL: 613-270-3134
FAX: 613-270-3400

Entrust Authority™ Security Kernel

Version 8.1Sp1 R2
Intel Core 2 Duo E8400 w/ Microsoft Windows Server 2008 R2 Enterprise Edition 9/27/2013 ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: DPV KPG Full Validation )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 OnePassDH: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 StaticUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 ECDSA Val#454 SHS Val#2206 RNG Val#1244 DRBG Val#405
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#111.

"The Security Kernel is a C++ implementation of cryptographic functions accessible by an object-oriented API. Depending on configuration, the algorithms may be implemented in software, hardware or both. The industry standard Cryptoki API from PKCS #11, is used as the interface to hardware-based cryptographic modules."

110
Section 4.2,
TLS
SP800-135
IBM
z/VM Design and Development
1701 North Street
Building 250-2
Endicott, NY 13760
U.S.

-Brian W. Hugenbruch
TEL: 607-429-3660

IBM z/VM 6.3 System SSL

Version 6.3 plus APAR PM95516
Part # 5741-A08
System z10 Enterprise Class processor w/ IBM z/VM V6.3 9/27/2013 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#2203 HMAC Val#1624

"z/VM System SSL provides cryptographic functions which allows z/VM to protect data using the SSL/TLS protocols. z/VM System SSL also enables administrators to create and manage X.509 V3 certificates and keys within key database files."

109
Section 5.4, SNMP
SP800-135
Motorola Solutions, Inc.
6480 Via Del Oro
San Jose, CA 95119
USA

-Udayan Borkar
TEL: 408-528-2361
FAX: 408-528-2903

-Colin Cooper
TEL: 408-528-2871
FAX: 408-528-2903

net-snmp

Version 5.3.0.1 (Firmware)
RMI XLR V0.4 9/27/2013 SNMP SHA1 Val#2201

"net-snmp is a third party source package. Keys are derived as per SP 800-135, Section 5.4."

108
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
SP800-135
Motorola Solutions, Inc.
6480 Via Del Oro
San Jose, CA 95119
USA

-Udayan Borkar
TEL: 408-528-2361
FAX: 408-528-2903

-Colin Cooper
TEL: 408-528-2871
FAX: 408-528-2903

Strongswan

Version 4.5 (Firmware)
RMI XLR V0.4 9/27/2013 IKEv1( AUTH( DSA , PSK ) ) ( 1024 (SHA 1 ) ) SHA Val#2201 HMAC Val#1623
IKEv2( ( 1024 (SHA 1 ) ) SHA Val#2201 HMAC Val#1623

"Strongswan is a third party source package. Keys are derived as per SP 800-135, Section 4.1.1 and Section 4.1.2."

107
Section 5.2, SSH
SP800-135
Motorola Solutions, Inc.
6480 Via Del Oro
San Jose, CA 95119
USA

-Udayan Borkar
TEL: 408-528-2361
FAX: 408-528-2903

-Colin Cooper
TEL: 408-528-2871
FAX: 408-528-2903

OpenSSH

Version 4.7 (Firmware)
RMI XLR V0.4 9/27/2013 SSH (SHA 1 , 256 ) SHA Val#2201

"OpenSSH is a third party open source package. Keys are derived as per SP 800-135, Section 5.2."

106
Section 4.2,
TLS
SP800-135
Motorola Solutions, Inc.
6480 Via Del Oro
San Jose, CA 95119
USA

-Udayan Borkar
TEL: 408-528-2361
FAX: 408-528-2903

-Colin Cooper
TEL: 408-528-2871
FAX: 408-528-2903

OpenSSL

Version 1.2.3 (Firmware)
RMI XLR V0.4 9/27/2013 TLS( TLS1.0/1.1 ) SHA Val#2201 HMAC Val#1623

"OpenSSL is a third party open source package which provides cryptographic services to userspace daemons. Version is openssl-fips-1.2.3. Userspace daemons (like RADIUS, openssh) use openssl crypto services. fips_mode_set() is invoked from respective daemon initialization functions."

105
All of SP800-56A EXCEPT KDF
SP800-56A
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134
USA

-Global Certification Team

IOS Common Cryptographic Module (IC2M) within Cat4K

Version Rel 1 (1.0.0) (Firmware)
Freescale MPC8572E 9/11/2013 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: Full Validation   Partial Validation   Key Regeneration )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FC SHS Val#2200 DRBG Val#403 AES Val#2624
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: Partial Validation Key Regeneration )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 ECDSA Val#452 SHS Val#2200 DRBG Val#403

"IOS Common Cryptographic Module within cat4k"

104
Section 4.2,
TLS
SP800-135
AFORE Solutions Inc.
2680 Queensview Drive
Unit 150
Ottawa, ON K2B 8J9
Canada

-Tim Bramble
TEL: 613-224-5995 ext 232
FAX: 613-224-5410

-Hans Johnsen
TEL: 613-224-5995 ext 257
FAX: 613-224-5410

CloudLink Crypto Module

Version 1.0
Intel Xeon E5-2420 w/ Linux Ubuntu 12.04 with VMWare ESXi 5.1.0 8/30/2013 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#2146 HMAC Val#1566

"The CloudLink Cryptographic Module is a general purpose cryptographic library which provides cryptographic services for all CloudLink application modules."

02/21/14: Updated implementation information;

103
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
McAfee, Inc.
2821 Mission College Blvd.
Santa Clara, CA 95054
USA

-Mark Hanson
TEL: +1 651 628 1633
FAX: +1 651 628 2706

McAfee Linux OpenSSL

Version 1.01
Xeon w/ MLOS v2.2 running on VMware ESXi 4.1; Xeon w/ MLOS v2.2 running on VMware ESXi 5.0 8/30/2013 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#2105 HMAC Val#1529
SSH (SHA 1 , 224 , 256 , 384 , 512 ) SHA Val#2105
SNMP SHA1 Val#2105

"McAfee Linux cryptographic modules provide cryptographic services for McAfee Linux and security appliance products built upon this platform. McAfee Linux is an operating system built with a focus on the needs of security appliances."

102
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
McAfee, Inc.
2821 Mission College Blvd.
Santa Clara, CA 95054
USA

-Mark Hanson
TEL: +1 651 628 1633
FAX: +1 651 628 2706

McAfee Linux OpenSSL

Version 1.01 (Firmware)
Celeron; Intel Core i3; Xeon 8/30/2013 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#2104 HMAC Val#1528
SSH (SHA 1 , 224 , 256 , 384 , 512 ) SHA Val#2104
SNMP SHA1 Val#2104

"McAfee Linux cryptographic modules provide cryptographic services for McAfee Linux and security appliance products built upon this platform. McAfee Linux is an operating system built with a focus on the needs of security appliances."

101
Section 5.4, SNMP
SP800-135
SafeNet, Inc.
4690 Millennium Drive
Belcamp, MD 21017
USA

-Stan Mesceda
TEL: 443-327-1582

-Chris Brych
TEL: 613-221-5081
FAX: 613-723-5079

SxE Cryptographic Library

Version 4.3 (Firmware)
Motorola Freescale MPC8280 (PPC32) 8/30/2013 SNMP

"The SxE Cryptographic Library provides cryptographic algorithms for the SxE family of products. Based on OpenSSL, the SxE Cryptographic Library exposes an Application Programming Interface (API) to support software based security relevant services within SafeNet''''s SxE product line."

100
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
Harris Corporation
1680 University Avenue
Rochester, NY 14610
USA

-Robert Magnant
TEL: 585-242-3785
FAX: 585-241-8459

-Elias Theodorou
TEL: 585-242-3785
FAX: 585-241-8459

RF-7800W OU47x, OU49x, OU50x

Version 2.00 (Firmware)
Broadcom XLS108 8/29/2013 TLS( TLS1.0/1.1 ) SHA Val#2190 HMAC Val#1614
SSH (SHA 1 , 256 ) SHA Val#2190
SNMP SHA1 Val#2190

"This is a firmware library that provides the cryptographic functions used on Harris'' industry leading reliable, secure and high performance Broadband Ethernet Radio (BER) products: RF-7800W-OU50x, -OU47x, -OU49x."

99
Section 5.2, SSH
SP800-135
Motorola Solutions, Inc.
6480 Via Del Oro
San Jose, CA 95119
USA

-Ashot Andreasyan
TEL: 408-826-3203
FAX: 408-528-2883

Open SSH

Version 4.5.1 (Firmware)
Free Scale MPC-7457; Free Scale MPC-8568E 8/16/2013 SSH (SHA 1 ) SHA Val#2057

"SSH Key Derivation function is used to derive IVs and keys for encryption algorithms in GGM8000 and s6000 transport gateways."

08/27/13: Updated implementation information;

98
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
United States Special Operations Command (USSOCOM)
7701 Tampa Point Boulevard
MacDill Air Force Base, Florida 33621-5323
USA

-William W. Burnham
TEL: (813) 826-2282

Suite B Cryptographic Algorithms

Version 1.0
Intel Xeon E5530; Qualcomm Snapdragon S2 MSM8655 8/16/2013 Curves tested: P-224   P-256   P-384   P-521
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#98.

"KEYW, in coordination with the United States Special Operations Command (USSOCOM), has developed a Suite B-compliant, standards based, AES/GCM-256 layer of encrypted communications between a BlackBerry Enterprise Server (BES) and a BlackBerry Mobile Set (MS) with Elliptic Curve (EC) key exchange used to negotiate symmetric keys."

07/25/14: Updated implementation information;

97
Section 4.2,
TLS
SP800-135
Christie Digital Systems Canada Inc.
809 Wellington Street North
Kitchener, ON N2G4Y7
CANADA

-Kevin Draper
TEL: 519-741-3741
FAX: 519-744-3912

Christie IMB Cryptographic Implementation -SM

Version SM_LIBSSL:101.3.0-3697 (Firmware)
Xilinx Spartan 6 (XCSLX45) 8/16/2013 TLS( TLS1.0/1.1 ) SHA Val#1788 HMAC Val#1241

"Christie Integrated Media Block"

96
Section 4.2,
TLS
SP800-135
Neopost Technologies, S.A.
113 Rue Jean Marin Naudin
BAGNEUX, 92220
France

-Nathalie TORTELLIER
TEL: 33 01 45 36 30 72
FAX: 33 01 45 36 30 10

Neopost PSD

Version 2.1.1 (Firmware)
Part # 4150859LB
Toshiba TMPR3912AU 8/16/2013 TLS( TLS1.0/1.1 ) SHA Val#629 HMAC Val#300

"Neopost Postal Secure Device"

95
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134
USA

-Global Certification Team

CiscoSSL FIPS Object Module (Assembler)

Version 2.1
ARMv7 w/ Android 4.0; PowerPC, Freescale's PowerQUICC III Processor Family w/ Linux 2.6 7/22/2013 Curves tested: P-256   P-384   P-521
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#95.

"The Cisco FIPS Object Module is a software library that provides cryptographic services to a vast array of Cisco''s networking and collaboration products."

94
RSASP1 Signature Primitive
FIPS186-4 RSA; PKCS#1 v2.1
whiteCryption Corporation
920 Stewart Drive
Suite #100
Sunnyvale, CA 94085
USA

-Alex Bessonov
TEL: 408-616-1647

whiteCryption SKB - RsaSigning2048

Version 4.6.0
Nvidia Tegra 4 w/ Android 4.2 5/24/2013 RSASP1: (Mod2048: PKCS1.5 )

"whiteCryption Secure Key Box (SKB) is a C/C++ library that provides cryptographic algorithms. SKB''s unique white-box implementation is specifically designed to hide and protect cryptographic keys at all times. It allows safe deployment in insecure environments."

93
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Certicom Corp.
4701 Tahoe Blvd, Building A, 5th Floor
Missisauga, ON L4W 0B5
Canada

-Certicom Sales
TEL: 1-905-507-4220
FAX: 1-905-507-4230

-Ian Laidlaw
TEL: 1-289-261-4277
FAX: 1-905-507-4230

Security Builder® FIPS Core

Version 6.1
Intel x86 (Xeon X5650) w/ CentOS Linux 32-bit; Intel x64 (Xeon X5650) w/ CentOS Linux 64-bit; Intel x86 (Xeon X5650) w/ Windows XP 32-bit; Intel x64 (Xeon X5650) w/ Windows XP 64-bit; ARMv7 w/ QNX Neutrino 8.0 7/15/2013 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#93.

"Security Builder® FIPS Core provides application developers with cryptographic tools to easily integrate encryption, digital signatures and other security mechanisms into C-based apps for FIPS 140-2 and Suite B security. It can also be used with Certicom''s PKI, IPSec and SSL modules."

92
Section 4.2,
TLS
SP800-135
Neopost Technologies, S.A.
113 Rue Jean Marin Naudin
BAGNEUX, 92220
France

-Nathalie Tortellier
TEL: +33 01 45 36 30 72
FAX: +33 01 45 36 30 10

Neopost PSD

Version A0018320A (Firmware)
Part # A0014227B
NXP LPC 3220 32-bit ARM microcontroller 7/5/2013 TLS( TLS1.0/1.1 ) SHA Val#2162 HMAC Val#1538

"Neopost Postal Secure Device (PSD) for low to high range of franking machines"

91
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Pulse Secure LLC
2700 Zanker Road Suite 200
San Jose, CA 95134
USA

-Yvonne Sang
TEL: 408-372-9600

Secure Pulse Cryptographic Module

Version 1.0
Intel Pentium E2160 (x86) w/ IVE OS 1.1; Intel Xeon E5530 (x86) w/ IVE OS 1.1 on VMware ESX; Intel Xeon x5670 (x86) with AES-NI w/ IVE OS 1.1 on VMware ESXi; Intel Core i5-2430M (x86) 64-bit with AES-NI w/ Microsoft Windows 7; Intel Core i5-2430M (x86) 32-bit with AES-NI w/ Microsoft Windows 7; Intel Core i7-3615QM (x86) with AES-NI w/ OS X 10.8; Intel Xeon x5670 (x86) w/ IVE OS 1.1 on VMware ESXi; Intel Core i7-3615QM (x86) w/ OS X 10.8 7/5/2013 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#91.

"The Secure Pulse Cryptographic Module provides secure cryptographic services. It enables dynamic SSL VPN, NAC, mobile security, online meetings and collaboration, and application acceleration while removing the complexities of device type and security state, location, identity, and adherence to policies."

01/26/15: Updated vendor information;

90
All of SP800-56A EXCEPT KDF
SP800-56A
Thales E-Security Ltd
Jupiter House
Station Road
Cambridge, CB5 8JJ
UK

-Thales Certification Team
TEL: +44 1223 723600
FAX: +44 1223 723601

-Thales Sales
TEL: 888 744 4976

nShield Algorithm Library

Version 2.51.10 (Firmware)
Panther-I 820x Series Die 6/28/2013 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC OneFlow: (KARole: Initiator / Responder ) FB FC Static: (KARole: Initiator / Responder ) FB FC DSA Val#777
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 OnePassDH: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 StaticUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 ECDSA Val#181 SHS Val#1844 DRBG Val#232
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#90.

"The nShield algorithm library provides cryptographic functionality for Thales''s nShield Hardware Security Modules"

89
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
BlackBerry
295 Phillip Street
Waterloo, ON N2L3W8
Canada

-Eric Jen
TEL: +1 561-289-0214

BlackBerry Algorithm Library for Secure Work Space

Version 1.0
Intel Xeon 3430 w/ Ubuntu 12.04; Intel Xeon 3430 w/ Ubuntu 12.04 on ESXi 5.1; AMD Opteron 275 w/ Ubuntu 12.04; AMD Opteron 275 w/ Ubuntu 12.04 on ESXi 5.1; ARMv7-based A5 processor w/ iOS 5.0; ARM v7s -- Apple A6 w/ iOS 6.0; ARMv7-based Qualcomm Snapdragon processor w/ Android v4.1 6/28/2013 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#89.

"The BlackBerry Algorithm Library for Secure Work Space provides a suite of cryptographic services utilized by the BlackBerry Cryptographic Library for the BlackBerry Secure Work Space (BBSWS). BBSWS provides the secure operation and management of iOS and Android devices when used in conjunction with BlackBerry® mobile device management solutions."

88
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
OpenPeak, Inc.
1750 Clint Moore Road
Boca Raton, FL 33487
USA

-Eric Jen
TEL: +1 561-893-7881

-Howard A. Kwon
TEL: +1 561 893 7930
FAX: +1 561 208 8026

OpenPeak Cryptographic Security Module

Version 1.0.1
Intel Xeon 3430 w/ Ubuntu 12.04; Intel Xeon 3430 w/ Ubuntu 12.04 on ESXi 5.1; AMD Opteron 275 w/ Ubuntu 12.04; AMD Opteron 275 w/ Ubuntu 12.04 on ESXi 5.1; ARM v7 -- Apple A5 w/ iOS 5.0; ARMv7-based A6 processor w/ iOS 6.0; IARMv7-based Qualcomm Snapdragon processor w/ Android v4.1 6/20/2013 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#88.

"The OpenPeak Cryptographic Security Library provides advanced cryptographic functionalities for the OpenPeak Cryptographic Security Module (OCSM). The OCSM provides a secure encrypted container for enterprise-managed applications, content and data to enable a highly secure mobile workspace."

87
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Ultra Electronics 3eTI
9715 Key West Avenue
Suite 500
Rockville, MD 20850
USA

-Chris Guo
TEL: 301-944-1294
FAX: 301-670-6779

-Harinder Sood
TEL: 301-944-1325
FAX: 301-670-6779

3eTI OpenSSL Algorithm Implementation

Version 2.0 (Firmware)
MPC8378E 6/7/2013 Curves tested: P-256   P-384   P-521

"Algorithms listed are used to provide encryption and authentication services within 3eTI networking products."

86
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
Section 4.2,
TLS
Section 5.2, SSH
Section 5.4, SNMP
SP800-135
SonicWALL, Inc.
2001 Logic Drive
San Jose, CA 95124
USA

-Usha Sanagala
TEL: 408-962-6248
FAX: 408-745-9300

SonicOS 5.9.0 for NSA and TZ Series

Version 5.9.0 (Firmware)
Cavium Octeon Plus CN50XX; Cavium Octeon Plus CN56XX; Cavium Octeon Plus CN58XX 5/31/2013 IKEv1( AUTH( DSA , PSK ) ) ( 1024 (SHA 256 , 384 , 512 ) ) ( 2048 (SHA 256 , 384 , 512 ) ) SHA Val#1765 HMAC Val#1219
IKEv2( ( 1024 (SHA 256 , 384 , 512 ) ) ( 2048 (SHA 256 , 384 , 512 ) ) SHA Val#1765 HMAC Val#1219
TLS( TLS1.0/1.1 ) SHA Val#1765 HMAC Val#1219
SSH (SHA 1 ) SHA Val#1765
SNMP SHA1 Val#1765

"SonicWALL® Next-Generation Firewalls deliver superior gateway protection, inspection for SSL encrypted sessions, granular application intelligence and control. With SonicWALL Firewalls, IT can visualize applications running across a network-- allocating bandwidth for what''s essential and limiting or blocking what''s not."

85
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
OpenSSL Software Foundation, Inc.
1829 Mount Ephraim Road
Adamstown, MD 27101
USA

-Steve Marquess
TEL: 877-673-6775

OpenSSL FIPS Object Module

Version 2.0.5
Freescale i.MX27 926ejs (ARMv5TEJ) w/ eCos 3; Freescale i.MX25 (ARMv4) w/ QNX 6.4; Apple A6X Soc (ARMv7s) w/ iOS 6.1; Intel Xeon E3-1220 w/ VMware Horizon Workspace 1.5 under vSphere; Intel Xeon E3-1220 w/ AES-NI w/ VMware Horizon Workspace 1.5 under vSphere; AM335x Cortex-A8 (ARMv7) w/ Ubuntu 13.04; ARM926 (ARMv5TEJ) w/ Linux 3.8; AM335x Cortex-A8 (ARMv7) with NEON w/ Ubuntu 13.04; Intel Xeon E5-2430L (x86) without AES-NI w/ Linux 3.4 64-bit under Citrix XenServer; Intel Xeon E5-2430L (x86) with AES-NI w/ Linux 3.4 64-bit under Citrix XenServer; Intel Xeon E5-2430L (x86) without AES-NI w/ Linux 3.4 64-bit on under VMware ESX; Intel Xeon E5-2430L (x86) with AES-NI w/ Linux 3.4 64-bit under VMware ESX; Intel Xeon E5-2430L (x86) without AES-NI w/ Linux 3.4 64-bit under Microsoft Hyper-V; Intel Xeon E5-2430L (x86) with AES-NI w/ Linux 3.4 64-bit under Microsoft Hyper-V; Apple A5 / ARM Cortex-A9 (ARMv7) without NEON w/ iOS 6.0; Apple A5 / ARM Cortex-A9 (ARMv7) with NEON w/ iOS 6.0; Intel Xeon E5-2430L (x86) with AES-NI w/ PexOS 1.0 on x86 under vSphere; Intel Xeon E5-2430L (x86) without AES-NI w/ PexOS 1.0 on x86 under vSphere 5/31/2013 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#85.

"The OpenSSL FIPS Object Module is a full featured general purpose cryptographic library that is distributed in source code form under an open source license. It can be downloaded from www.openssl.org/source/."

08/06/13: Updated implementation information;
08/13/13: Added new tested information;
10/25/13: Added new tested information;
11/14/13: Added new tested information;
11/29/13: Updated implementation information;

84
Signature Generation of hash sized messages
FIPS186-4 ECDSA
whiteCryption Corporation
920 Stewart Drive
Suite #100
Sunnyvale, CA 94085
USA

-Alex Bessonov
TEL: 408-616-1647

whiteCryption SKB - Ecdsa521Component

Version 4.6.0
Nvidia Tegra 4 w/ Android 4.2 5/31/2013 ECDSA SigGen Component: CURVES( P-384 P-521 )

"whiteCryption Secure Key Box (SKB) is a C/C++ library that provides cryptographic algorithms. SKB''s unique white-box implementation is specifically designed to hide and protect cryptographic keys at all times. It allows safe deployment in insecure environments."

83
Signature Generation of hash sized messages
FIPS186-4 ECDSA
whiteCryption Corporation
920 Stewart Drive
Suite #100
Sunnyvale, CA 94085
USA

-Alex Bessonov
TEL: 408-616-1647

whiteCryption SKB - Ecdsa256Component

Version 4.6.0
Nvidia Tegra 4 w/ Android 4.2 5/31/2013 ECDSA SigGen Component: CURVES( P-224 P-256 )
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#83.

"whiteCryption Secure Key Box (SKB) is a C/C++ library that provides cryptographic algorithms. SKB''s unique white-box implementation is specifically designed to hide and protect cryptographic keys at all times. It allows safe deployment in insecure environments."

82
Section 4.2,
TLS
SP800-135
Oracle America, Inc.
500 Oracle Parkway
Redwood City, CA 94065
United States

-Linda Gallops
TEL: 704-972-5018
FAX: 704-321-9273

T10000C TLS

Version 2.1 (Firmware)
ARM 962EJS 5/31/2013 TLS( )

"The Oracle StorageTek T10000C Tape Drive blends the highest capacity, performance, reliability, and data security to support demanding, 24/7 data center operations. It delivers the world’s fastest write speeds to a native 5 TB of magnetic tape storage; making it ideal for data center operations with growing data volume."

81
Section 5.2, SSH
SP800-135
Juniper Networks, Inc
1194 N. Mathilda Ave
Sunnyvale, CA 94089
USA

-Sharath Sridhar
TEL: +91 80 30538736
FAX: +91 80 30538824

OpenSSL

Version Junos 12.1R6.6 (Firmware)
ARM v5, Marvell's Feroceon processor Family; PowerPC, Freescale's PowerQUICC III Processor Family 5/24/2013 SSH (SHA 1 , 256 , 384 , 512 ) SHA Val#2094

"Comprehensive, scalable switching solutions specifically designed to meet the needs of both enterprises and service providers. All of our switches - modular and fixed platforms - run on one common operating system- Junos."

80
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
whiteCryption Corporation
920 Stewart Drive
Suite #100
Sunnyvale, CA 94085
USA

-Alex Bessonov
TEL: 408-616-1647

whiteCryption SKB - Ecdh521

Version 4.6.0
Nvidia Tegra 4 w/ Android 4.2 5/24/2013 Curves tested: P-384   P-521

"whiteCryption Secure Key Box (SKB) is a C/C++ library that provides cryptographic algorithms. SKB''s unique white-box implementation is specifically designed to hide and protect cryptographic keys at all times. It allows safe deployment in insecure environments."

79
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
whiteCryption Corporation
920 Stewart Drive
Suite #100
Sunnyvale, CA 94085
USA

-Alex Bessonov
TEL: 408-616-1647

whiteCryption SKB - Ecdh256

Version 4.6.0
Nvidia Tegra 4 w/ Android 4.2 5/24/2013 Curves tested: P-224   P-256
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#79.

"whiteCryption Secure Key Box (SKB) is a C/C++ library that provides cryptographic algorithms. SKB''s unique white-box implementation is specifically designed to hide and protect cryptographic keys at all times. It allows safe deployment in insecure environments."

78
Section 4.2,
TLS
SP800-135
McAfee, Inc.
2821 Mission College Blvd.
Santa Clara, CA 95054
USA

-James Reardon
TEL: 651-628-5346

NSM - RSA BSAFE Crypto-J

Version 6.1.0.0.2
Intel Core 2 Quad (Intel 64 instruction set) w/ Microsoft Windows Server 2008 R2 5/24/2013 TLS( TLS1.0/1.1 ) SHA Val#2083 HMAC Val#1513

"McAfee Network Security Manager (NSM) is the management console for McAfee Network Security Platform IPS. The NSM gives admins control and real-time data, so that they can manage, configure, and monitor NSP. The NSM Application Crypto Module provides cryptographic services for the Network Security Manager application."

77
Section 4.2,
TLS
SP800-135
McAfee, Inc.
2821 Mission College Blvd.
Santa Clara, CA 95054
USA

-James Reardon
TEL: 651-628-5346

NSM OpenSSL

Version 1.6
Intel Core 2 Quad (Intel 64 instruction set) w/ Microsoft Windows Server 2008 R2 5/24/2013 TLS( TLS1.0/1.1 ) SHA Val#2082 HMAC Val#1512

"McAfee Network Security Manager (NSM) is the management console for McAfee Network Security Platform IPS. The NSM gives admins control and real-time data, so that they can manage, configure, and monitor NSP. The NSM Secure UI Crypto Module provides cryptography for serving the NSM console through a TLS session."

76
Section 4.2,
TLS
SP800-135
Axway Inc.
2600 Bridge Parkway Suite 201
Redwood City, California 94065
USA

-Prabhakar Mangam
TEL: 650-801-3157
FAX: 650-801-3101

-Anubhav Soni
TEL: 650-801-3217
FAX: 650-801-3101

Axway Security Kernel

Version 3.0
Intel Xeon E5-2620 w/ Microsoft Windows 2012 64bit; Intel Xeon E5-2620 w/ RHEL 6.3 64bit; Sun UltraSparc T1 w/ Solaris 10 64bit; 5/24/2013 TLS( TLS1.0/1.1 ) SHA Val#2080 HMAC Val#1510

"Axway Validation Authority Suite - a collection of products that provide flexible and robust OCSP/SCVP certificate validation solution for standard and custom desktop and server applications, supporting established security standards and technologies. These products may be used together or integrated with existing solutions."

75
Section 4.1.1,
IKEv1
Section 4.2,
TLS
SP800-135
Juniper Networks, Inc
1194 N. Mathilda Ave
Sunnyvale, CA 94089
USA

-Sharath Sridhar
TEL: +91 80 30538736
FAX: +91 80 30538824

SSH_IPSEC

Version Junos 12.1R6.6 (Firmware)
PowerPC, Freescale's PowerQUICC III Processor Family; ARM v5, Marvell's Feroceon processor Family 5/24/2013 IKEv1( AUTH( DSA , PKE , PSK ) ) ( 1024 (SHA 1 , 256 ) ) ( 2048 (SHA 256 ) ) SHA Val#2077 HMAC Val#1505
TLS( ) SHA Val#2077 HMAC Val#1505

"Comprehensive, scalable switching solutions specifically designed to meet the needs of both enterprises and service providers. All of our switches - modular and fixed platforms - run on one common operating system- Junos."

06/10/13: Updated implementation information;

74
Section 4.1.1,
IKEv1
SP800-135
Juniper Networks, Inc
1194 N. Mathilda Ave
Sunnyvale, CA 94089
USA

-Sharath Sridhar
TEL: +91 80 30538736
FAX: +91 80 30538824

QuickSec

Version Junos 12.1R6.6 (Firmware)
PowerPC, Freescale's PowerQUICC III Processor Family; ARM v5, Marvell's Feroceon processor Family 5/24/2013 IKEv1( AUTH( DSA , PKE , PSK ) ) ( 1024 (SHA 1 , 256 ) ) ( 2048 (SHA 256 ) ) SHA Val#2076 HMAC Val#1504

"Comprehensive, scalable switching solutions specifically designed to meet the needs of both enterprises and service providers. All of our switches - modular and fixed platforms - run on one common operating system- Junos."

06/10/13: Updated implementation information;

73
Section 4.2,
TLS
SP800-135
Aviat Networks
5200 Great America Parkway
Santa Clara, California 95054
USA

-Ruth French
TEL: +44 1698 717200

Secure Management

Version 7.7 (Firmware)
Motorola MPC866 5/10/2013 TLS( TLS1.0/1.1 ) SHA Val#3328 HMAC Val#2634

"Eclipse Intelligent Node Unit (INUe). The module provides data security by encrypting the payload traffic on the microwave link between up to three radios. It also provides the Strong Encryption Suite for secure module management and uses AES encryption to secure SNMP v3 management traffic."

02/27/17: Updated implementation information;

72
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Samsung Electronics Co., Ltd
R4 416, Maetan 3-dong, Yeongtong-gu
Suwon-si, Gyeonggi-do 443-742
Korea

-Kyung-Hee Lee
TEL: +82-10-9397-1589

Samsung OpenSSL Cryptographic Module

Version SecOpenSSL2.0.3
ARMv7 w/ Android Jelly Bean 4.2 5/10/2013 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#72.

"General purpose cryptographic services available for Android used by Samsung devices to provide secure cryptography. Salt length 0, 1 and 2 has been tested for RSASSA-PSS."

01/16/14: Updated implementation information;

71
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
OpenSSL Software Foundation, Inc.
1829 Mount Ephraim Road
Adamstown, MD 27101
USA

-Steve Marquess
TEL: 877-673-6775

OpenSSL FIPS Object Module

Version 2.0.4
MIPS 24Kc w/ OpenWRT 2.6 4/30/2013 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#71.

"The OpenSSL FIPS Object Module is a full featured general purpose cryptographic library that is distributed in source code form under an open source license. It can be downloaded from www.openssl.org/source/."

70
Section 4.1.1,
IKEv1
SP800-135
Lexmark International, Inc.
740 West New Circle Road
Lexington, KY 40550
USA

-Graydon Dodson
TEL: (859) 232-6483

Crypto Module (user)

Version 2.10
Marvell 88PA6170C1 (ARMv7 dual core) w/ Lexmark Linux v3.0.0 4/23/2013 IKEv1( ( 1024 (SHA 256 , 512 ) ) ( 2048 (SHA 256 , 512 ) ) SHA Val#2049 HMAC Val#1479

"The Crypto Module (user/kernel) provides cryptographic services to the firmware in Lexmark products."

69
Section 5.4, SNMP
SP800-135
Motorola Solutions, Inc.
6480 Via Del Oro
San Jose, CA 95119
USA

-Udayan Borkar
TEL: 408-528-2361
FAX: 408-528-2903

-Colin Cooper
TEL: 408-528-2871
FAX: 408-528-2903

net-snmp

Version 5.3.0.1 (Firmware)
Cavium Octeon Plus CN5000 Family 4/12/2013 SNMP SHA1 Val#2048

"net-snmp"

68
Section 4.1.1,
IKEv1
Section 4.1.2,
IKEv2
SP800-135
Motorola Solutions, Inc.
6480 Via Del Oro
San Jose, CA 95119
USA

-Udayan Borkar
TEL: 408-528-2361
FAX: 408-528-2903

-Colin Cooper
TEL: 408-528-2871
FAX: 408-528-2903

Strongswan

Version 4.5 (Firmware)
Cavium Octeon Plus CN5000 Family 4/12/2013 IKEv1( AUTH( DSA , PSK ) ) ( 1024 (SHA 1 ) ) SHA Val#2048 HMAC Val#1478
IKEv2( ( 1024 (SHA 1 ) ) SHA Val#2048 HMAC Val#1478

"Strongswan"

67
Section 5.2, SSH
SP800-135
Motorola Solutions, Inc.
6480 Via Del Oro
San Jose, CA 95119
USA

-Udayan Borkar
TEL: 408-528-2361
FAX: 408-528-2903

-Colin Cooper
TEL: 408-528-2871
FAX: 408-528-2903

Openssh

Version 4.7 (Firmware)
Cavium Octeon Plus CN5000 Family 4/12/2013 SSH (SHA 1 , 256 ) SHA Val#2048

"Openssh"

66
Section 4.2,
TLS
SP800-135
Motorola Solutions, Inc.
6480 Via Del Oro
San Jose, CA 95119
USA

-Udayan Borkar
TEL: 408-528-2361
FAX: 408-528-2903

-Colin Cooper
TEL: 408-528-2871
FAX: 408-528-2903

OpenSSL

Version 1.2.3 (Firmware)
Cavium Octeon Plus CN5000 Family 4/12/2013 TLS( TLS1.0/1.1 ) SHA Val#2048 HMAC Val#1478

"OpenSSL is a third party open source code, which provides cryptographic services to user space daemons. The device uses openssl-fips-1.2.3 version. Wing5 userspace daemons (RADIUS, ntp, openssh, rim, net-snmp, mapsh, etc) using openssl crypto services call fips_mode_set() from their respective initialization functions."

65
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Riverbed Technology, Inc.
199 Fremont Street
San Francisco, CA 94105
USA

-Joe Tomasello
TEL: 415-344-5756

-Andy Pang
TEL: 415-247-7341

Riverbed Cryptographic Security Module

Version 1.0
Intel Xeon (x86-64) w/ RiOS 8.0 32-bit; Intel Xeon (x86-64) w/ RiOS 8.0 64-bit; Intel Xeon E3-1220v2 (x86_64) w/ RiOS 8.0 64-bit running on VMware ESXi 5.1; Intel Xeon E3-1220v2 (x86_64) w/ AES-NI w/ RiOS 8.0 64-bit running on VMware ESXi 5.1; Intel Xeon E3-1220v2 (x86_64) w/ Stingray OS 4.0 running on VMware ESXi 5.1; Intel Xeon E3-1220v2 (x86_64) w/ AES-NI w/ Stingray OS 4.0 running on VMware ESXi 5.1; Intel Xeon E31220 (x86_64) w/ AES-NI w/ RiOS 8.0 64-bit; AMD Opteron 4122 (x86_64) w/ Granite OS 2.0; Intel Xeon E31220 (x86_64) w/ Granite OS 2.0 on VMware ESXi 5.1; Intel Xeon E31220 (x86_64) w /AES-NI w/ Granite OS 2.0 on VMware ESXi 5.1; Intel Xeon E5620 w/ Whitewater OS 3.0; Intel Xeon E5620 with AES-NI w/ Whit; ewater OS 3.0; Intel Xeon E31220 (x86) w/ Whitewater OS 3.0 under VMware ESXi 5.1; Intel Xeon E31220 (x86) with AES-NI w/ Whitewater OS 3.0 under VMware ESXi 5.1; AMD Opteron 2376 w/ Interceptor OS 4.5 ;  Intel Xeon E31220 w/ RiOS 8.6 32-bit; Intel Xeon E31220 w/ RiOS 8.6 64-bit; Intel Xeon E5-2430L w/ RiOS 8.6 64-bit under VMware ESXi 5.1; Intel Xeon E5-2430L with AES-NI w/ RiOS 8.6 64-bit under VMware ESXi 5.1; Intel Xeon E31220 with AES-NI w/ RiOS 8.6 64-bit; Intel Xeon w/ Steelhead Mobile Controller 4.6; Intel Xeon with AES-NI w/ Steelhead Mobile Controller 4.6; Intel Xeon E5-2430L w/ Steelhead Mobile Controller 4.6 under VMware ESXi 5.1; Intel Xeon E5-2430L with AES-NI w/ Steelhead Mobile Controller 4.6 under VMware ESXi 5.1; Intel Xeon E5 w/ AES-NI w/ Riverbed SteelCentral AppResponse 11.2; Intel Xeon E5 w/ Riverbed SteelCentral AppResponse 11.2; Intel Xeon E5 w/ AES-NI w/ RiOS 9.2 x86 on VMware ESXi 5.5; Intel Xeon E5 w/ RiOS 9.2 x86 on VMware ESXi 5.5; Intel Xeon E5 w/ AES-NI w/ SteelCentral Controller for SteelHead Mobile 5.0 on VMware ESXi 5.5; Intel Xeon E5 w/ SteelCentral Controller for SteelHead Mobile 5.0 on VMware ESXi 5.5; Intel Xeon E5 w/ AES-NI w/ SteelFusion 4.3 on VMware ESXi 5.5; Intel Xeon E5 w/ SteelFusion 4.3 on VMware ESXi 5.5; Intel Xeon E3 w/ RiOS 9.2 x86 64-bit; Intel Xeon w/ AES-NI w/ SteelCentral Controller for SteelHead Mobile 5.0; Intel Xeon w/ SteelCentral Controller for SteelHead Mobile 5.0; Intel Xeon E5 w/ AES-NI w/Riverbed SteelCentral AppResponse 11.2 64-bit on VMware ESXi 5.5; ntel Xeon E5 w/Riverbed SteelCentral AppResponse 11.2 64-bit on VMware ESXi 5.5; AMD Opteron 4100 Series w/ AES encryption acceleration w/ SteelFusion 4.3; AMD Opteron 4100 Series w/ SteelFusion 4.3; Intel Xeon E5 w/ AES-NI w/ Riverbed License Manager 1.0 on VMware ESXi 5.5; Intel Xeon E5 w/ AES-NI w/ RiOS 9.2 x86 64bit under KVM 1.0; Intel Xeon E5 w/ Riverbed License Manager 1.0 on VMware ESXi 5.5; Intel Xeon E5 w/ RiOS 9.2 x86 64bit under KVM 1.0; Intel Xeon E3 w/ AES-NI w/ RiOS 9.2 x86 64-bit 4/12/2013 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571

"The Riverbed Cryptographic Security Module provides the cryptographic functionality for a variety of Riverbed''s platforms including Steelhead and Granite appliances. These network appliances deliver a scalable Wide Area Data Services (WDS) solution, transparently and securely optimizing performance across an enterprise network"

08/28/13: Added new tested information;
12/13/13: Added new tested information;
09/10/14: Added new tested information;
09/17/14: Added new tested information;
10/21/16: Added new tested information;
11/17/16: Updated implementation information;

64
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Cummings Engineering Consultants, Inc.
145 S. 79th St., Suite 26
Chandler, AZ 85226
USA

-Darren Cummings
TEL: 480-809-6024

Cummings Engineering's Secure Mobility Suite B Crypto Module

Version 1.1
ARM Cortex A8 (ARMv7) w/ Apple iOS 5.0; Intel Core i7-3615QM w/ Apple OS X 10.7 4/5/2013 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#64.

"The cryptographic module used by the Cummings Engineering suite of products which allow for efficient and effective deployment of robust secure communications capability on commercial off the shelf (COTS) devices, such as Smartphones and Tablets, as well as speciality communications devices."

63
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
CoCo Communications
800 5th Ave
Seattle, WA 98104
USA

-David Weidenkopf
TEL: 206-812-5783

CoCo OpenSSL Algorithms for Intel x86

Version 2.1
x86 32bit w/ Vyatta 6.4 4/5/2013 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#63.

"The CoCo OpenSSL Crypto Module is an OpenSSL cryptographic library that provides cryptographic services to its calling applications."

03/31/14: Updated implementation information;

62
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
CoCo Communications
800 5th Ave
Seattle, WA 98104
USA

-David Weidenkopf
TEL: 206-812-5783

CoCo OpenSSL Algorithms for AMD Geode

Version 2.1
AMD Geode 32bit w/ Red Hat Enterprise Linux 6 4/5/2013 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#62.

"The CoCo OpenSSL Crypto Module is an OpenSSL cryptographic library that provides cryptographic services to its calling applications."

04/30/13: Updated implementation information;
03/31/14: Updated implementation information;

61
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Toshiba Corporation Social Infrastructure Systems Company
1, Komukai, Toshiba-cho, Saiwai-ku
Kawasaki, Kanagawa 212-8583
Japan

-Hiroki Fukuoka
TEL: +81-44-549-8323

TSBIC CryptoLib

Version 1.0.0
Intel Core i7 w/ Windows 7 Professional 32-bit 3/29/2013 Curves tested: P-224   P-256   P-384   P-521
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#61.

"TSBIC CryptoLib is a general-purpose library which ensures high security to the applications requiring standard cryptographic algorithms."

60
Section 4.2,
TLS
SP800-135
ChaseSun Information Security Technology Development (Bejing)., Ltd.
Building B, Shumazhuangyuan
No. 1 Disheng West Street, BDA
Beijing, 100176
P.R. China

-Peng Sun
TEL: +86 10 87129374
FAX: +86 10 87129374

DCI Audio/Video Decoder Card Crypto Library

Version 1.0 (Firmware)
Marvell 88AP303 3/29/2013 TLS( TLS1.0/1.1 ) SHA Val#1550 HMAC Val#1037

"DCI Audio/Video Decoder Card Crypto Library implements the cryptographic algorithms such as AES, HMAC, RSA, SHA and RNG. The Library provides cryptographic functionality to DCI Audio/Video Decoder Card."

59
Section 5.5, TPM
SP800-135
Nuvoton Technology Corporation
No. 4, Creation Rd. III
Hsinchu Science Park, n/a 300
Taiwan, R.O.C.

-Rachel Menda-Shabat
TEL: +972-9-9702000
FAX: +972-9-9702001

-Leonid Azriel
TEL: +972-9-9702000
FAX: +972-9-9702001

Nuvoton NPCT4xx/NPCT5xx TPM 1.2

Part # FD5C37
N/A 3/15/2013 TPM SHA1 Val#2028 HMAC_SHA1 Val#1460

"Nuvoton TPM (Trusted Platform Module), a TCG 1.2 compliant security processor with embedded firmware"

58
Section 5.2, SSH
SP800-135
McAfee, Inc.
2821 Mission College Blvd.
Santa Clara, CA 95054
USA

-Sakthi Subramanian
TEL: 408-346-3249
FAX: 408-346-3463

McAfee OpenSSH Library

Version 5.8 (Firmware)
RMI MIPSXLR w/ Linux/MIPS 3/15/2013 SSH (SHA 1 ) SHA Val#871

"The McAfee Network Security portfolio of purpose-built appliances delivers cost-effective, comprehensive and proactive network and system security with multi-gigabit performance for locations from branch offices to the network core."

57
Section 4.2,
TLS
SP800-135
McAfee, Inc.
2821 Mission College Blvd.
Santa Clara, CA 95054
USA

-Sakthi Subramanian
TEL: 408-346-3249
FAX: 408-346-3463

McAfee Crypto Library

Version 1.1.2.1 (Firmware)
RMI MIPSXLR w/ Linux/MIPS 3/15/2013 TLS( TLS1.0/1.1 ) SHA Val#871 HMAC Val#971

"The McAfee Network Security portfolio of purpose-built appliances delivers cost-effective, comprehensive and proactive network and system security with multi-gigabit performance for locations from branch offices to the network core."

56
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Samsung Electronics Co., Ltd
R4 416, Maetan 3-dong, Yeongtong-gu
Suwon-si, Gyeonggi-do 443-742
Korea

-Ross Choi
TEL: 972-761-7628

-Kyung-Hee Lee
TEL: +82-10-6640-8499

Samsung OpenSSL Cryptographic Module

Version SecOpenSSL2.0.3
ARMv7 w/ Android Jelly Bean 4.1 3/8/2013 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#56.

"General purpose cryptographic services available for Android used by Samsung devices to provide secure cryptography. Salt length 0, 1 and 2 has been tested for RSASSA-PSS."

01/16/14: Updated implementation information;

55
Section 4.2,
TLS
SP800-135
Accellion, Inc.
1804 Embarcadero Road
Suite 200
Palo Alto, Ca 94303
USA

-Prateek Jain
TEL: 65-62445670
FAX: 65-62445678

TLS Library

Version 1.0.1c
Dual Xeon QuadCore w/ Red Hat Enterprise Linux 5 2/26/2013 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 ) ) SHA Val#2003 HMAC Val#1457

"Accellion Cryptographic Module is a key component of Accellion''s secure collaboration solution that enables enterprises to securely share and transfer files. Extensive tracking and reporting tools allow compliance with SOX, HIPAA, FDA and GLB regulations while providing enterprise grade security and ease of use"

06/28/13: Updated implementation information;

54
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
GoldKey Security Corporation
26900 E. Pink Hill Rd
Independence, MO 64057
USA

-GoldKey Sales & Customer Service
TEL: (816) 220-3000

-Jon Thomas
TEL: 567-270-3830

GoldKey Cryptographic Algorithms

Version 7.13 (Firmware)
Arca2S 2/21/2013 Curves tested: P-256   P-384

"Cryptographic algorithm implementation for GoldKey Products"

03/18/13: Updated implementation information;
03/27/13: Updated implementation information;
10/25/13: Updated implementation information;
07/23/14: Updated implementation informaiton;

53
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
OpenSSL Software Foundation, Inc.
1829 Mount Ephraim Road
Adamstown, MD 27101
USA

-Steve Marquess
TEL: 877-673-6775

OpenSSL FIPS Object Module

Version 2.0.3
Freescale i.MX53xA (ARMv7) with NEON w/ Windows Embedded Compact 7; Freescale i.MX53xD (ARMv7) with NEON w/ Windows Embedded Compact 7; Qualcomm Snapdragon APQ8060 (ARMv7) with NEON w/ Android 4.0 2/19/2013 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#53.

"The OpenSSL FIPS Object Module is a full featured general purpose cryptographic library that is distributed in source code form under an open source license. It can be downloaded from www.openssl.org/source/."

02/21/13: Added new tested information;
02/26/13: Updated implementation information;
04/10/13: Added new tested information;
04/24/13: Updated implementation information;

52
Section 4.2,
TLS
SP800-135
Ultra Stereo Labs, Inc.
181 Bonetti Drive
San Luis Obispo, CA 93401-7397
USA

-Larry McCrigler
TEL: 805-549-0161
FAX: 805-549-0163

IMS1200 KDF

Version OpenSSL 0.9.8m (Firmware)
AMC PPC 460 GT 2/19/2013 TLS( TLS1.0/1.1 ) SHA Val#1320 HMAC Val#856

"IMS-1200"

51
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Kony, Inc.
7380 West Sand Lake Rd. #390
Orlando, FL 32819
USA

-Matthew Terry
TEL: 407-730-5669
FAX: 407-404-3738

Kony Cryptographic Library

Version 2.0
Qualcomm QSD 8250 (ARMv7) w/ Android 2.2; Qualcomm QSD 8250 (ARMv7) with NEON w/ Android 2.2; TI OMAP 3621 (ARMv7) w/ Android 3.0; TI OMAP 3621 (ARMv7) with NEON w/ Android 3.0; TI DM3730 (ARMv7) w/ Android 4.0; TI DM3730 (ARMv7) with NEON w/ Android 4.0; ARM Cortex-A8 (ARMv7) with NEON w/ Apple iOS 5.0; ARMv7 Cortex-A8 (ARMv7) with NEON w/ Apple iOS 6.0; ARM Cortex-A8 (ARMv7) without NEON w/ Apple iOS 5.0; ARM Cortex-A8 (ARMv7) without NEON w/ Apple iOS 6.0 2/19/2013 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#51.

"The Kony Cryptographic Library v2.0 is a full featured cryptographic module used in Kony mobile and multi-channel application platforms and the KonyOne Platform."

08/09/13: Added new tested information;
08/27/13: Updated implementation information;
08/30/13: Updated vendor information;

50
All of SP800-56A EXCEPT KDF
SP800-56A
Allegro Software Development Corporation
1740 Massachusetts Avenue
Boxborough, MA 01719
USA

-Larry LaCasse
TEL: +1 (978) 264-6600

Allegro Cryptographic Engine

Version 1.1
Intel Core 2 Duo w/ Windows 7 Ultimate (64-bit) 1/18/2013 FFC: SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC DSA Val#728 SHS Val#1997 DRBG Val#286
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 ECDSA Val#379 SHS Val#1997 DRBG Val#286
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#50.

"The Allegro Cryptographic Engine (ACE) is a cryptographic library module for embedded computing systems. ACE provides software implementations of algorithms for calculations of message digests, digital signature creation and verification, bulk encryption and decryption, key generation and key exchange"

49
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
OpenSSL Software Foundation, Inc.
1829 Mount Ephraim Road
Adamstown, MD 27101
USA

-Steve Marquess
TEL: 877-673-6775

OpenSSL FIPS Object Module

Version 2.0.2
TI DM3730 (ARMv7) w/ Android 4.1; TI DM3730 (ARMv7) with NEON w/ Android 4.1; Nvidia Tegra 3 (ARMv7) w/ Android 4.2; Nvidia Tegra 3 (ARMv7) with NEON w/ Android 4.2 1/18/2013 Curves tested: P-224   P-256   P-384   P-521
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#49.

"The OpenSSL FIPS Object Module is a full featured general purpose cryptographic library that is distributed in source code form under an open source license. It can be downloaded from www.openssl.org/source/."

02/06/13: Updated implementation information;

48
Section 5.2, SSH
SP800-135
Uplogix, Inc.
7600 B North Capital of Texas Highway
Suite 220
Austin, TX 78731
USA

-Martta Howard
TEL: 512-857-7043
FAX: 512-857-7002

Uplogix SSH Client

Version 1.4.3 (Firmware)
AMD Geode LX; Intel Celeron D; Intel Atom E6xx 12/21/2012 SSH (SHA 1 ) SHA Val#1976

"Uplogix Local Managers use an SSH client to connect to other Uplogix Local Managers or to copy files with SCP. See http://www.uplogix.com."

47
Section 5.2, SSH
SP800-135
Uplogix, Inc.
7600 B North Capital of Texas Highway
Suite 220
Austin, TX 78731
USA

-Martta Howard
TEL: 512-857-7043
FAX: 512-857-7002

Uplogix SSH Server

Version 1.4.3 (Firmware)
Intel Atom E6xx; AMD Geode LX; Intel Celeron D 12/21/2012 SSH (SHA 1 ) SHA Val#1976

"A user''s primary interaction with an Uplogix Local Manager is via its SSH commandline interface. See http://www.uplogix.com/."

46
Section 4.2,
TLS
SP800-135
Uplogix, Inc.
7600 B North Capital of Texas Highway
Suite 220
Austin, TX 78731
USA

-Martta Howard
TEL: 512-857-7043
FAX: 512-857-7002

NSS

Version 3.12.11 (Firmware)
AMD Geode LX; Intel Atom E6xx; Intel Celeron D 12/21/2012 TLS( TLS1.0/1.1 ) SHA Val#1976 HMAC Val#1409

"Uplogix Local Managers utilize Mozilla''s Network Security Services for general purpose cryptographic functionality. NSS provides the algorithms necessary to secure Uplogix'' SSH and TLS implementations. See http://www.uplogix.com"

45
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
SafeNet, Inc.
4690 Millennium Drive
Belcamp, MD 21017
USA

-Chris Brych
TEL: 613-221-5081
FAX: 613-723-5079

SafeNet Software Cryptographic Library

Version 1.0
Intel Xeon E3-1220v2 w/ AES-NI w/ Windows Server 2008R2 64-bit; Intel Xeon E3-1220v2 w/ Windows Server 2008 64-bit; Intel Core i5-2430M w/ AES-NI w/ Windows 7 64-bit; Intel Core i5-2430M w/ Windows 7 32-bit; Intel Xeon E3-1220v2 w/ AES-NI w/ NetBSD 4.1 32-bit on VMware ESX; ARMv7 w/ NEON w/ Android 4.0; Intel Xeon E3-1220v2 w/ AES-NI w/ RHEL 6.2 64-bit; Intel Xeon 3050 w/ CentOS 5.6 32-bit 12/7/2012 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#45.

"The SafeNet Software Cryptographic Library is SafeNet’s cryptographic service provider that provides extended high performance cryptographic services for SafeNet''s broad range of Data Protection products."

44
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
SafeLogic Inc.
530 Lytton Ave
Suite 200
Palo Alto, CA 94301
USA

-SafeLogic Inside Sales

CryptoComply Server Engine

Version 2.1
Intel i7 w/ CentOS 6.3; Intel i7 w/ Mac OS X 10.8; Intel i7 w/ RHEL 6.3; Intel i7 w/ SUSE Linux Enterprise 11 SP2; Intel i7 w/ Windows 2008 R2; PowerPC P2020 w/ CentOS 6.3; 11/21/2012 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#44.

"CryptoComply | Server is a standards-based "Drop-in Compliance" solution for servers and appliances. The module features robust algorithm support, including Suite B algorithm compliance. CryptoComply offloads secure key management, data integrity, data at rest encryption, and secure communications to a trusted implementation."

01/16/14: Added new tested information;

43
All of SP800-56A EXCEPT KDF
SP800-56A
Allegro Software Development Corporation
1740 Massachusetts Avenue
Boxborough, MA 01719
USA

-Larry LaCasse
TEL: +1 (978) 264-6600

Allegro Cryptographic Engine

Version 1.1
Dell Optiplex 775, Intel Core 2 Duo w/ Windows 7 Ultimate 11/15/2012 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC DSA Val#708 SHS Val#1952 DRBG Val#279
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 ECDSA Val#367 SHS Val#1952 DRBG Val#179 AES Val#2271 AES Val#2271 HMAC Val#1390
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#43.

"The Allegro Cryptographic Engine (ACE) is a cryptographic library module for embedded computing systems. ACE provides software implementations of algorithms for calculations of message digests, digital signature creation and verification, bulk encryption and decryption, key generation and key exchange."

42
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Panzura, Inc.
22 Great Oaks Blvd #150
San Jose, CA 95119
USA

-Rich Weber
TEL: (408) 578-8888

Panzura Cryptographic Module

Version 4.2
Intel Xeon E5620 (x86) with AES-NI w/ Panzura Cloud Controller 8.0; Intel Xeon E5620 (x86) with AES-NI w/ Panzura Cloud Controller 8.0 on VMware ESX; Intel Xeon E5620 (x86) w/ Panzura Cloud Controller 8.0 on VMware ESX 11/15/2012 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#42.

"The Panzura Cyrptographic Module provides validated cryptographic services for multiple Panzura products."

41
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Gemalto
Avenue du Jujubier
Z.I Athelia IV
La Ciotat, 13705
France

-Florence Defrance
TEL: +33 442366734
FAX: +33 442365792

-Arnaud Lotigier
TEL: +33 442366074
FAX: +33 442365545

IDCore 30 Cryptographic Library

Version 1.6 (Firmware)
Part # IFX SLE78 (M7892 & M7820) chip family
Infineon SLE78 (M7892 & M7820) chip family. 10/23/2012 Curves tested: P-224   P-256   P-384   P-521
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#41.

"The IDCore 30 Cryptographic Library v1.6 operates on the Infineon SLE78 (M7892 & M7820) chip family, targeting Javacard 2.2.2, GP 2.1.1 & GP 2.2 Amdt D compliant modules. The library implements TDEA, AES, AES-CMAC, SHA1-224-256-384-512, RSA, RSA CRT, ECDSA, ECC CDH and ANSI X9.31 RNG algorithms."

10/31/12: Updated implementation information;

40
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134
USA

-Global Certification Team

CiscoSSL FIPS Object Module

Version 2.0
Intel Core i5-650 with AES-NI (x64) w/ Microsoft Windows 7; Intel Core i5-2520M with AES-NI (x64) w/ Mac OS X 10.7; Intel Xeon E5504 (x64) w/ FreeBSD 9.0; Intel Xeon E5649 with AES-NI (x64) w/ Linux 2.6; Cavium CN5230 (MIPS) (x64) w/ Linux 2.6; Snapdragon S3 APQ8060 (ARM) w/ Android 4.0; Freescale 8548 (PowerPC) w/ Linux 2.6; Apple A5X (ARM) w/ Apple iOS 5.1; ARMv7 w/ Android 4.0; PowerPC, Freescale's PowerQUICC III Processor Family w/ Linux 2.6 10/17/2012 Curves tested: P-256   P-384   P-521
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#40.

"The Cisco FIPS Object Module is a software library that provides cryptographic services to a vast array of Cisco's networking and collaboration products."

07/03/13: Added new tested information;

39
Section 4.2,
TLS
SP800-135
RSA, the Security Division of EMC
Level 11, 345 Queen Street
Brisbane, Queensland 4000
Australia

-Stefan Pingel
TEL: +61-730325211
FAX: +61-730325299

-Peter Robinson
TEL: +61-730325253
FAX: +61-730325299

RSA BSAFE® Crypto-J JSAFE and JCE Software Module

Version 6.1 and 6.1.1.0.1
AMD Athlon 64 X2 Dual-Core Processor 3800+ w/ Microsoft Windows 7 (64-bit) with Sun JRE 7.0; Intel T7300 Core 2 Duo w/ Android 2.2 ARM (32-bit) JRE 6.0 10/17/2012 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 , 512 ) ) SHA Val#1938 HMAC Val#1378

"RSA BSAFE Crypto-J security software is designed to help protect sensitive data as it is stored using strong encryption techniques to provide a persistent level of protection. It supports a wide range of industry standard encryption algorithms offering Java developers the flexibility to choose the option most appropriate to meet their requirements."

11/22/13: Updated implementation information;
07/10/14: Updated implementation information;

38
Section 5.7.1.2: ECC CDH Primitive

All of SP800-56A EXCEPT KDF
SP800-56A

SP800-56A
Stonesoft Corporation
Itälahdenkatu 22A
Helsinki, FI-00210
Finland

-Klaus Majewski
TEL: +358-9-476711

-Jorma Levomäki
TEL: +358-9-476711

Stonesoft Cryptographic Library

Version 1.1
Intel X3450 w/ GNU / Linux (Debian) 6.0 10/5/2012 Curves tested: P-224   P-256   P-384   P-521
FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: Full Validation )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC DSA Val#695 SHS Val#1930 DRBG Val#267
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 ECDSA Val#350 SHS Val#1930 DRBG Val#267
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#38.

"Stonesoft Cryptographic Library is a software module that provides cryptographic services for Stonesoft network security products."

09/25/13: Updated implementation information;

37
Section 5.7.1.2: ECC CDH Primitive

All of SP800-56A EXCEPT KDF
SP800-56A

SP800-56A
Stonesoft Corporation
Itälahdenkatu 22A
Helsinki, FI-00210
Finland

-Klaus Majewski
TEL: +358-9-476711

-Jorma Levomäki
TEL: +358-9-476711

Stonesoft Cryptographic Library

Version 1.1
Intel Atom 425 w/ GNU / Linux (Debian) 6.0 10/5/2012 Curves tested: P-224   P-256   P-384   P-521
FFC: SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC DSA Val#694 SHS Val#1929 DRBG Val#266
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 ECDSA Val#349 SHS Val#1929 DRBG Val#266
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#37.

"Stonesoft Cryptographic Library is a software module that provides cryptographic services for Stonesoft network security products."

09/20/13: Updated implementation information;

36
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
OpenSSL Software Foundation, Inc.
1829 Mount Ephraim Road
Adamstown, MD 27101
USA

-Steve Marquess
TEL: 877-673-6775

OpenSSL FIPS Object Module

Version 2.0.2
PowerPC-e500 w/ NetBSD 5.1; Intel Xeon 5500 (x86-64) w/ NetBSD 5.1; Intel Xeon E3-1220v2 (x86) w/ RHEL 6 32-bit under vSphere; Intel Xeon E3-1220v2 (x86) w/ Windows 2008 32-bit under vSphere; Intel Xeon E3-1220v2 (x86) w/ RHEL 6 64-bit under vSphere; Intel Xeon E3-1220v2 (x86) w/ Windows 2008 64-bit under vSphere; Intel Core i5-2430M (x86) w/ Windows 7 64-bit with AES-NI; ARM Cortex A8 (ARMv7) with NEON w/ Apple iOS 5.0; Qualcomm MSM8X60 (ARMv7) with NEON w/ VMware Horizon Mobile 1.3 under VMware; Intel Core i7-3615QM w/ Apple OS X 10.7 10/5/2012 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#36.

"The OpenSSL FIPS Object Module is a full featured general purpose cryptographic library that is distributed in source code form under an open source license. It can be downloaded from www.openssl.org/source/."

12/31/12: Added new tested information;
02/21/13: Added new tested information;
03/11/13: Updated implementation information;

35
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
McAfee, Inc.
2821 Mission College Blvd.
Santa Clara, CA 95054
USA

-Andy Nissen
TEL: 651-628-5385
FAX: 651-628-2706

-James Reardon
TEL: 651-628-5346
FAX: 651-628-2706

McAfee SIEM 64-bit Cryptographic Engine

Version 1.0
VMware ESXi 5.0 on Intel Xeon w/ Nitro OS 9.1 10/5/2012 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#35.

"The McAfee SIEM 64-bit Cryptographic Engine v1.0 provides the necessary services to support the cryptographic features and functions of McAfee''s line of SIEM products including Nitro IPS."

34
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
McAfee, Inc.
2821 Mission College Blvd.
Santa Clara, CA 95054
USA

-Andy Nissen
TEL: 651-628-5385
FAX: 651-628-2706

-James Reardon
TEL: 651-628-5346
FAX: 651-628-2706

McAfee SIEM 64-bit Cryptographic Engine

Version 1.0
Intel Xeon w/ Nitro OS 9.1 10/5/2012 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#34.

"The McAfee SIEM 64-bit Cryptographic Engine v1.0 provides the necessary services to support the cryptographic features and functions of McAfee''s line of SIEM products including Nitro IPS."

33
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
McAfee, Inc.
2821 Mission College Blvd.
Santa Clara, CA 95054
USA

-Andy Nissen
TEL: 651-628-5385
FAX: 651-628-2706

-James Reardon
TEL: 651-628-5346
FAX: 651-628-2706

McAfee SIEM 32-bit Cryptographic Engine

Version 1.0
Intel Xeon w/ Nitro OS 9.1 10/5/2012 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#33.

"The McAfee SIEM 32-bit Cryptographic Engine v1.0 provides the necessary services to support the cryptographic features and functions of McAfee''s line of SIEM products including Nitro IPS."

32
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
McAfee, Inc.
2821 Mission College Blvd.
Santa Clara, CA 95054
USA

-Andy Nissen
TEL: 651-628-5385
FAX: 651-628-2706

-James Reardon
TEL: 651-628-5346
FAX: 651-628-2706

McAfee SIEM 32-bit Cryptographic Engine

Version 1.0
VMware ESXi 5.0 on Intel Xeon w/ Nitro OS 9.1 10/5/2012 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#32.

"The McAfee SIEM 32-bit Cryptographic Engine v1.0 provides the necessary services to support the cryptographic features and functions of McAfee''s line of SIEM products including Nitro IPS."

31
Section 4.2,
TLS
SP800-135
Hewlett-Packard
Longdown Avenue
Stoke Gifford, Bristol BS34 8QZ
United Kingdom

-Laura Loredo
TEL: +44 117 312 9341

OpenSSL

Version OpenSSL 1.0.1c/FIPS 2.0/CN22745 (Firmware)
ARM966E 8/27/2012 TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) ) SHA Val#1898 HMAC Val#1342

"The Hewlett Packard LTO-6 Tape Drive is a multi-chip standalone module composed of hardware and firmware components, providing cryptographic services to a host."

09/07/12: Updated implementation information;

30
All of SP800-56A EXCEPT KDF
SP800-56A
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134
USA

-Global Certification Team

IOS Common Cryptographic Module (IC2M)

Version Rel 1 (Firmware)
PMC RM5261A MIPS 350MHz; Intel Woodcrest 2.13GHz; Power-PC 405 250MHz 7/30/2012 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG   Partial Validation   Key Regeneration )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FC SHS Val#1858 DRBG Val#237
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG Partial Validation Key Regeneration )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EC: P-256 ED: P-384 ECDSA Val#322 SHS Val#1858 DRBG Val#237

"IOS Common Cryptographic Module (IC2M) firmaware version Rel 1 covers Rel 1(1.0.0), Rel 1(1.0.1) and Rel 1(1.0.2)"

12/07/12: Updated implementation information;
04/23/13: Updated implementation information;

29
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
SafeLogic Inc.
530 Lytton Ave
Suite 200
Palo Alto, CA 94301
USA

-SafeLogic Inside Sales

CryptoComply Mobile Engine for iOS

Version 2.1
A5X w/ iOS 5.1; A5X w/ iOS 6; A5X w/ iOS 7 7/18/2012 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#29.

"CryptoComply | Mobile is a standards-based “Drop-in Compliance” solution for mobile devices. The module features robust algorithm support, including Suite B algorithm compliance. CryptoComply offloads functions for secure key management, data integrity, data at rest encryption, and secure communications."

10/31/12: Added new tested information;
11/14/12: Updated vendor information;
09/25/13: Added new tested information;

28
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
SafeLogic Inc.
530 Lytton Ave
Suite 200
Palo Alto, CA 94301
USA

-SafeLogic Inside Sales

CryptoComply Mobile Engine for Android

Version 2.1
ARM Cortex-A9 w/ Android Version 4.0 7/18/2012 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#28.

"CryptoComply | Mobile is a standards-based “Drop-in Compliance” solution for mobile devices. The module features robust algorithm support, including Suite B algorithm compliance. CryptoComply offloads functions for secure key management, data integrity, data at rest encryption, and secure communications."

11/14/12: Updated vendor information;

27
All of SP800-56A EXCEPT KDF
SP800-56A
Thales E-Security Ltd
Jupiter House
Station Road
Cambridge, CB5 8JJ
UK

-Thales Certification Team
TEL: +44 1223 723600
FAX: +44 1223 723601

-Thales Sales
TEL: 888 744 4976

nShield Algorithm Library

Version 2.51.10 (Firmware)
Freescale PowerPC 7/13/2012 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC OneFlow: (KARole: Initiator / Responder ) FB FC Static: (KARole: Initiator / Responder ) FB FC DSA Val#664 SHS Val#1844 DRBG Val#232
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 OnePassDH: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 StaticUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 ECDSA Val#318 SHS Val#1844 DRBG Val#232
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#27.

"The nShield algorithm library provides cryptographic functionality for Thales''s nShield Hardware Security Modules"

12/17/12: Updated implementation information;

26
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
NXP Semiconductors
Mikronweg 1
Gratkorn, 8101
Austria

-Markus Moesenbacher
TEL: +43 3124 299 652
FAX: +43 3124 299 270

NXP ECC CDH Component

Version ECDH_CL_V2.7 (Firmware)
Part # NXP P5CD081 Family
NXP P5CD081 Family 7/13/2012 Curves tested: P-224   P-256
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#26.

"Single Chip Module with NXP Secure Smart Card Controller of P5CD081 Family and NXP Java Card and GP OS JCOP 2.4.2 R2. P5CD081 Family means: P5CD145V0A, P5CC145V0A, P5CN145V0A, P5CD128V0A, P5CC128V0A, P5CD081V1A, P5CC081V1A, P5CN081V1A, P5CD051V1A, P5CD041V1A, P5CD021V1A, P5CD016 V1A, P5CD145V0B, P5CC145V0B, P5CD081V1D."

25
Section 5.1,
ANS X9.63-2001
SP800-135
3S Group Incorporated
125 Church Street, N.E., Suite 204
Vienna, VA 22180
USA

-Satpal S. Sahni
TEL: 703-281-5015
FAX: 703-281-7816

3SGX

Version 1.0 (Firmware)
Cavium Octeon 7/5/2012 ANSX963_2001 (SHS 1 , 224 , 256 , 384 , 512 ) SHA Val#1784

"3SGX is a high performance PCIe cryptograhic module that provides complete cryptographic support to large numbers of users or applications simultaneously. 3SGX is the core of 3S Group''s hardare security appliances, ideal for enterprise key management, virtualization and cloud server solutions that demand high throughput."

24
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
OpenSSL Software Foundation, Inc.
1829 Mount Ephraim Road
Adamstown, MD 27101
USA

-Steve Marquess
TEL: 877-673-6775

OpenSSL FIPS Object Module

Version 2.0.1
ARMv7 w/ Apple iOS 5.1; ARMv5TEJ w/ Microsoft Windows CE 6.0 R2; ARMv7 w/ Microsoft Windows CE 5.0 6/29/2012 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#24.

"The OpenSSL FIPS Object Module is a full featured general purpose cryptographic library that is distributed in source code form under an open source license. It can be downloaded from www.openssl.org/source/."

23
All of SP800-56A EXCEPT KDF
SP800-56A
Hewlett Packard Enterprise
19091 Pruneridge Ave., MS 4441
Cupertino, CA 95014
USA

-Theresa Conejero
TEL: 408-447-2964
FAX: 408-447-5525

HP ESKM KAS

Version 5.0.0 (Firmware)
Intel Xeon E5-2640 6/25/2012 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FC DSA Val#653 SHS Val#1802 DRBG Val#207

"HP Enterprise Secure Key Manager (ESKM) provides key generation, retrieval, and management for encryption devices and solutions. ESKM is a hardened security appliance with secure access control, administration, and logging. ESKM supports high availability with automatic multi-site clustering, replication, and failover."

22
Section 4.2,
TLS

All of SP800-56A EXCEPT KDF
SP800-56A

SP800-135
Ultra Electronics 3eTI
9715 Key West Avenue
Suite 500
Rockville, MD 20850
USA

-Harinder Sood
TEL: 301-944-1325
FAX: 301-670-6989

-Chris Guo
TEL: 301-944-1294
FAX: 301-670-6989

3eTI OpenSSL Algorithm Implementation

Version 2.0 (Firmware)
MPC8378E 6/20/2012 FFC: SCHEMES: Ephem: (KARole: Initiator / Responder ) FC DSA Val#653 SHS Val#1802 DRBG Val#207
TLS( TLS1.0/1.1   TLS1.2 (SHA 256 , 384 ) )

"Algorithms listed are used to provide encryption and authentication services within 3eTI networking products."

21
All of SP800-56A EXCEPT KDF
SP800-56A
AuthenTec Inc.
Boxtelseweg 26A
Vught, 5261 NE
The Netherlands

-Bob Oerlemans
TEL: +31 73 6581 900

SafeZone FIPS Cryptographic Module

Version 1.0.3
ARMv7 w/ Android 4.0; ARMv7 w/ Android 2.3; ARMv7 w/ Linux (kernel 2.6) 6/5/2012 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC Static: (KARole: Initiator / Responder ) FB FC DSA Val#648 SHS Val#1787 DRBG Val#203
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: Partial Validation )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 StaticUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 ECDSA Val#299 SHS Val#1787 DRBG Val#203
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#21.

"SafeZone FIPS Cryptographic Module is a FIPS 140-2 Security Level 1 validated software cryptographic module from AuthenTec Inc. The module is a toolkit which provides the most commonly needed cryptographic primitives for a large variety of applications, including but not limited to, primitives needed for DAR, DRM, TLS, and VPN on mobile devices."

20
Section 5.7.1.2: ECC CDH Primitive

All of SP800-56A EXCEPT KDF
SP800-56A

SP800-56A
Pitney Bowes, Inc.
37 Executive Drive
Danbury, CT 06810
USA

-Dave Riley
TEL: 203-796-3208

appKas

Version 02000007 (Firmware)
ARM 7 TDMI 4/9/2012 Curves tested: P-256
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: KPG Partial Validation )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EC: P-256 ECDSA Val#286 SHS Val#1733 DRBG Val#181

"The Pitney Bowes Cygnus X-3 Hardware Security Module (HSM) employs strong cryptographic and physical security techniques for the protection of funds in Pitney Bowes Postage systems."

19
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Certicom Corp.
4701 Tahoe Blvd, Building A, 5th Floor
Missisauga, ON L4W 0B5
Canada

-Certicom Sales
TEL: 905-507-4220
FAX: 905-507-4230

-Kris Orr
TEL: 289-261-4104
FAX: 905-507-4230

Security Builder FIPS Core

Version 6.0.2
64-bit Intel Core i5-2300 w/ Red Hat Linux 5.6; 64-bit Intel Core i5-2300 w/ Windows 7 3/26/2012 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#19.

"Security Builder FIPS Core provides application developers with cryptographics tools to easily integrate encryption, digital signatures and other security mechanisms into C-based apps for FIPS 140-2 and Suite B security. It can also be used with Certicom''s PKI, IPSec SSL and DRM modules."

18
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Gemalto
Avenue du Jujubier
Z.I Athelia IV
La Ciotat, 13705
France

-Arnaud Lotigier
TEL: +33-4-42-36-60-74
FAX: +33-4-42-36-55-45

TOP V2

Version Version #11-M1005011+Softmask V04 (Firmware)
Infineon SLE66CLX1280PE 3/21/2012 Curves tested: P-224   P-256   P-384   P-521
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#18.

"This module is based on a Java Card platform (TOP DL V2) with 128K EEPROM memory available. The Cryptographic Module provides dual interfaces (i.e. contact and contact-less) where the same security level is achieved."

17
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Gemalto
Avenue du Jujubier
Z.I Athelia IV
La Ciotat, 13705
France

-Michael Bruyere
TEL: +33-4-42-36-61-65
FAX: +33-4-42-36-57-92

-Anthony Vella
TEL: +33-4-42-36-61-38
FAX: +33-4-42-36-52-36

MultiApp V2.1 Platform Cryptographic Library

Version 1.2 (Firmware)
Part # NXP P5Cx081 Family
NXP P5Cx081 Family 2/29/2012 Curves tested: P-224   P-256   P-384   P-521
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#17.

"MultiApp V2.1 is a highly secured smartcard platform conformant to the Javacard 2.2.2 and GP 2.1.1 standards, designed to operate on the NXP P5Cx081 family, inclusive of NXP P5CC081 and P5CC145 integrated circuits. Its cryptographic library implements TDEA, AES, SHA, RSA, RSA CRT, ECDSA, ECC CDH and RNG ANSX9.31 algorithms."

16
All of SP800-56A EXCEPT KDF
SP800-56A
Entrust, Inc.
One Lincoln Centre
5400 LBJ Freeway
Suite 1340
Dallas, TX 75240
USA

-Entrust Sales
TEL: 888-690-2424

Entrust Authority™ Java Toolkit

Version 8.0
Intel Core 2 Duo E8400 w/ Microsoft Windows Server 2008 R2 with Oracle J2RE 6; Intel Core 2 Duo E8400 w/ Microsoft Windows Server 2008 R2 with Oracle J2RE 7 2/21/2012 ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: DPV KPG Partial Validation )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 OnePassDH: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 StaticUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 ECDSA Val#277 SHS Val#1700 DRBG Val#170
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#16.

"The Java toolkit is an implementation of cryptographic functions accessible by an object-oriented API. Depending on configuration, the algorithms may be implemented in software, hardware, or both. The industry standard Cryptopki API from PKCS #11, is used as the interface to hardware-based cryptographic modules."

15
All of SP800-56A EXCEPT KDF
SP800-56A
Entrust, Inc.
One Lincoln Centre
5400 LBJ Freeway
Suite 1340
Dallas, TX 75240
USA

-Entrust Sales
TEL: 888-690-2424

Entrust Authority™ Security Kernel

Version 8.1sp1
Intel Core 2 Duo E8400 w/ Windows Server 2008 R2 Enterprise Edition 1/19/2012 ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: DPV KPG Partial Validation )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 OnePassDH: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 StaticUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 ECDSA Val#275 SHS Val#1689 RNG Val#1011 DRBG Val#167
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#15.

"The Security Kernel is a C++ implementation of cryptographic functions accessible by an object-oriented API. Depending on configuration, the algorithms may be implemented in software, hardware or both. The industry standard Cryptoki API from PKCS #11, is used as the interface to hardware-based cryptographic modules."

14
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Catbird Networks, Inc.
1800 Green Hills Road, Suite 113
Scotts Valley, CA 95066
USA

-Michael Berman
TEL: 831-440-8152

Catbird vSecurity Crypto Module v1.0

Version v1.0
Intel Core i5 with AES-NI w/ CentOS 6.0 1/19/2012 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#14.

"The cryptographic module used by Catbird''s comprehensive security and compliance solutions for virtualized data centers."

01/25/12: Updated implementation information;

13
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Cummings Engineering Consultants, Inc.
145 S. 79th St., Suite 26
Chandler, AZ 85226
USA

-Darren Cummings
TEL: 480-809-6024

Cummings Engineering's Secure Mobility Suite B Crypto Module v1.0

Version v1.0
TI OMAP 3 w/ Linux 3.0.4; Intel Pentium T4200 w/ Android 2.2; Qualcomm QSD 8250 w/ Android 2.2; Intel Pentium T4200 w/ Ubuntu 10.04; Intel Celeron (64 bit mode) w/ Microsoft Windows 7; Intel Core i5 (with AES-NI) w/ Android 2.2; Intel Core i5 (with AES-NI) (64 bit mode) w/ Microsoft Windows 7; Intel Core i5 (with AES-NI) w/ Fedora 14 1/26/2012 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#13.

"The cryptographic module used by the Cummings Engineering suite of products which allow for efficient and effective deployment of robust secure communications capability on commercial off the shelf (COTS) devices, such as Smartphones and Tablets, as well as speciality communications devices."

02/01/12: Added new tested information;

12
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
OpenSSL Software Foundation, Inc.
1829 Mount Ephraim Road
Adamstown, MD 27101
USA

-Steve Marquess
TEL: 877-673-6774
FAX: 301-874-4893

OpenSSL FIPS Object Module

Version 2.0
Intel Itanium 2 (64 bit mode) w/ HP-UX 11i; Intel Itanium 2 (32 bit mode) w/ HP-UX 11i; Freescale PowerPC32-e300 w/ Linux 2.6.33; TI OMAP 3530 (ARMv7) w/ Android 2.2; Intel Pentium (R) T4200 w/ Ubuntu 10.04; ARM Limited ARM922T (ARMv4) w/ uCLinux 0.9.29; Intel Core i5 with AES-NI (64 bit mode) w/ Fedora 14; Intel Core i5 with AES-NI (32 bit mode) w/ Ubuntu 10.04; Intel Celeron (32 bit mode) w/ Microsoft Windows 7; TI TNETV1050 w/ VxWorks 6.8; PowerPC e300c3 w/ Linux 2.6.27; Intel Pentium T4200 (64 bit mode) w/ Cascade Server 6.10; Intel Pentium T4200 (32 bit mode) w/ Cascade Server 6.10; Intel Pentium 4 (64 bit mode) w/ Microsoft Windows 7; TI AM3703CBP w/ Linux 2.6.32; Broadcom BCM11107 (ARMv6) w/ Linux 2.6; TI TMS320DM6446 (ARMv7) w/ Linux 2.6; Intel Xeon 5675 (x86) with AES-NI (32 bit mode) w/ Oracle Solaris 11; Intel Xeon 5675 (x86) (64 bit mode) w/ Oracle Solaris 11; Intel Pentium T4200 (x86) (32 bit mode) w/ Ubuntu 10.04; Intel Xeon 5675 (x86) (32 bit mode) w/ Oracle Solaris 11; Intel Xeon 5675 (x86) with AES-NI (64 bit mode) w/ Oracle Solaris 11; Intel Pentium T4200 (x86) (64 bit mode) w/ Ubuntu 10.04; SPARC-T3 (SPARCv9) (32 bit mode) w/ Oracle Solaris 10; SPARC-T3 (SPARCv9) (64 bit mode) w/ Oracle Solaris 10; Intel Xeon 5675 (x86) (64 bit mode) w/ Oracle Linux 5; Intel Xeon 5675 with AES-NI (64 bit mode) w/ Oracle Linux 5; Intel Xeon 5675 (64-bit mode) w/ Oracle Linux 6; Intel Xeon 5675 with AES-NI (64-bit mode) w/ Oracle Linux 6; SPARC-T3 (SPARCv9) (32-bit mode) w/ Oracle Solaris 11; SPARC-T3 (SPARCv9) (64-bit mode) w/ Oracle Solaris 11; Freescale PowerPC-e500 w/ Linux 2.6; TI C64x+ w/ DSP Media Framework 1.4 12/29/2011 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#12.

"The OpenSSL FIPS Object Module is a full featured general purpose cryptographic library that is distributed in source code form under an open source license. It can be downloaded from www.openssl.org/source/."

01/26/12: Added new tested information;
01/30/12: Added new tested information;
02/27/12: Added new tested information;
03/20/12: Added new tested information;
04/02/12: Updated implementation information;
04/24/12: Updated implementation information;
05/31/12: Added new tested information;
06/29/12: Updated implementation informaton;

11
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
SafeNet, Inc.
20 Colonnade Road
Suite 200
Ottawa, ON K2E 7M6
Canada

-Chris Brych
TEL: 613 221 5081
FAX: 613 723 5079

-Laurie Smith
TEL: 613 221 5026
FAX: 613 723 5079

Luna K5 Cryptographic Library

Version 4.8.7 (Firmware)
StrongARM II 80219 12/16/2011 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571   B-233   B-283   B-409   B-571
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#11.

"The Luna K5 Cryptographic Library provides a broad suite of high-performance cryptographic operations. All cryptographic algorithms are implemented within the module''s firmware and associated co-processor."

10
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
OpenSSL Software Foundation, Inc.
1829 Mount Ephraim Road
Adamstown, MD 27101
USA

-Steve Marquess
TEL: 877-673-6775

OpenSSL FIPS Object Module

Version 2.0
ARMv7 (HTC Desire) w/ Android 2.2; Qualcomm QSD 8250 (Dell Streak; ARMv7) w/ Android 2.2; NVIDIA Tegra 250 T20 (Motorola Xoom, ARMv7) w/ Android 3.0; NVIDIA Tegra 250 T20 (ARMv7) w/ Android 4.0; TI OMAP 3 (ARMv7) with NEON w/ Android 4.0 11/29/2011 Curves tested: P-224   P-256   P-384   P-521
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#10.

"The OpenSSL FIPS Object Module is a full featured general purpose cryptographic library that is distributed in source code form under an open source license. It can be downloaded from www.openssl.org/source/."

12/14/11: Updated implementation information;
12/22/11: Added new tested information;
04/26/12: Added new tested information;
06/08/12: Updated implementation information;
07/02/12: Added new tested information;

9
All of SP800-56A EXCEPT KDF
SP800-56A
IBM Corporation
2455 South Road
Poughkeepsie, New York 12601-5400
USA

-William Penny
TEL: 1-845-435-3010

-Jim Sweeny
TEL: 1-845-435-7453

IBM z/OS(r) Cryptographic Services ICSF PKCS #11

Version OA36882
Part # 5694-A01
IBM zEnterprise 196 (z196) w/ IBM z/OS® V1.13 11/9/2011 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC OneFlow: (KARole: Initiator / Responder ) FB FC Static: (KARole: Initiator / Responder ) FB FC DSA Val#584 SHS Val#1641 DRBG Val#151
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: )
SCHEMES: OnePassDH: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 StaticUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 ECDSA Val#261 SHS Val#1641 DRBG Val#151
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#9.

"ICSF is a software element of z/OS that works with hardware cryptographic features and the Security Server (RACF) to provide secure, high-speed cryptographic services in the z/OS environment. ICSF, which runs as a started task, provides the application programming interfaces by which applications request the cryptographic services."

11/15/11: Update implementation information;
02/07/12: Updated implementation information;

8
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Athena Smartcard Inc.
20380 Town Center Lane, Suite 240
Cupertino, CA 95014
USA

-Ian Simmons
TEL: (408) 865-0112
FAX: (408) 865-0333

Athena OS755 KAS Component

Version S1.0 (Firmware)
Part # STMicroelectronics ST23
STMicroelectronics ST23 10/13/2011 Curves tested: P-224   P-256   P-384   P-521
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#8.

"Athena OS755 is a GlobalPlatform Java Card smart card operating system implementing AES, TDES, DRBG, SHA-1/SHA-2, RSA, SP 800-56A KAS (ECC CDH Primitive only) and ECDSA2."

7
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Certicom Corp.
4701 Tahoe Blvd, Building A, 5th Floor
Missisauga, ON L4W 0B5
Canada

-Certicom Sales
TEL: 905-507-4220
FAX: 905.507.4230

-Kris Orr
TEL: 289.261.4104
FAX: 905.507.4230

Security Builder FIPS Core

Version 6.0
64-bit Intel Core i5-2300 w/ RedHat Linux 5.6; 32-bit Intel Core i7 w/ RedHat Linux 5.6; 32-bit Intel Pentium III w/ QNX 6.5; ARM Cortex A9 MPCore w/ QNX 6.6; Intel Core 2 Duo w/ Mac OS X 10.5; 32-bit Intel Core i5-2300 w/ Windows 7 9/20/2011 Curves tested: P-224   P-256   P-384   P-521   K-233   K-283   K-409   K-571
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#7.

"Security Builder FIPS Core provides application developers with cryptographics tools to easily integrate encryption, digital signatures and other security mechanisms into C-based apps for FIPS 140-2 and Suite B security. It can also be used with Certicom''s PKI, IPSec SSL and DRM modules."

10/01/11: Update implementation information;
01/19/12: Added new tested information;

6
All of SP800-56A EXCEPT KDF
SP800-56A
Thales E-Security Ltd
Jupiter House
Station Road
Cambridge, CB5 8JJ
UK

-Marcus Streets
TEL: +44 1223 723600
FAX: +44 1223 723601

-Mark Wooding
TEL: +44 1223 723600
FAX: +44 1223 723601

MiniHSM Algorithm Library

Version 2.50.17 (Firmware)
Freescale DragonBall MXL 8/30/2011 FFC: (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPV   KPG   Full Validation   Partial Validation )
SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC OneFlow: (KARole: Initiator / Responder ) FB FC Static: (KARole: Initiator / Responder ) FB FC DSA Val#553 SHS Val#1554 DRBG Val#120
ECC: ( FUNCTIONS INCLUDED IN IMPLEMENTATION: DPV KPG Full Validation Partial Validation )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 EE: P-521 OnePassDH: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 StaticUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 ECDSA Val#238 SHS Val#1554 DRBG Val#120
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#6.

"The MiniHSM Algorithm Library provides cryptographic functionality for the MiniHSM series of Thales hardware security modules."

5
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
NXP Semiconductors
Mikronweg 1
Gratkorn, 8101
Austria

-Markus Moesenbacher
TEL: +43 3124 299 652
FAX: +43 3124 299 270

NXP ECC CDH Component

Version ECDH_CL_V2.7 (Firmware)
Part # NXP P5CD081 Family
NXP P5CD081 Family 8/18/2011 Curves tested: P-256

"Single Chip Module with NXP Secure Smart Card Controller of P5CD081 Family and NXP Java Card and GlobalPlatform OS JCOP 2.4.2 R0. P5CD081 Family comprises: P5CD145 V0A, P5CC145 V0A, P5CN145 V0A, P5CD128 V0A, P5CC128 V0A, P5CD081 V1A, P5CC081 V1A, P5CN081 V1A, P5CD051 V1A, P5CD041 V1A, P5CD021 V1A and P5CD016 V1A."

4
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Oberthur Technologies
4250 Pleasant Valley Rd.
Chantilly, VA 21051
USA

-Christophe Goyet
TEL: (703) 263-0100
FAX: (703) 263-0503

ECDH for ID-One Cosmo v7-a

Version 0801 (Firmware)
Part # BF
ID-One PIV (Type B) with op codes 071621 & 071891 6/22/2011 Curves tested: P-224   P-256   P-384

"This algorithm is implemented in the new ID-One Cosmo v7 smart card platform and used to provide ECDH Key Management services to the FIPS 201 validated ID-One PIV cards from Oberthur."

3
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Oberthur Technologies
4250 Pleasant Valley Rd.
Chantilly, VA 21051
USA

-Christophe Goyet
TEL: (703) 263-0100
FAX: (703) 263-0503

ECDH for ID-One Cosmo v7-n

Version FC10 (Firmware)
Part # B0
ID-One PIV (Type A) with op code 071964 6/22/2011 Curves tested: P-224   P-256   P-384

"This algorithm is implemented in the new ID-One Cosmo v7 smart card platform and used to provide ECDH Key Management services to the FIPS 201 validated ID-One PIV cards from Oberthur."

2
Section 5.7.1.2: ECC CDH Primitive
SP800-56A
Athena Smartcard Inc.
20380 Town Center Lane, Suite 240
Cupertino, CA 95014
USA

-Ian Simmons
TEL: (408) 865-0112
FAX: (408) 865-0333

Athena OS755 KAS Component

Version A1.0 (Firmware)
Part # Inside Secure AT90SC
Inside Secure AT90SC w/ OS755 6/16/2011 Curves tested: P-224   P-256   P-384   P-521
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#2.

"Athena OS755 is a GlobalPlatform Java Card smart card operating system implementing AES, TDES, DRBG, SHA-1/SHA-2, RSA, SP 800-56A KAS (ECC CDH Primitive only) and ECDSA2."

1
Section 5.7.1.2: ECC CDH Primitive

All of SP800-56A EXCEPT KDF
SP800-56A
Thales E-Security Ltd
Jupiter House
Station Road
Cambridge, CB5 8JJ
UK

-Marcus Streets
TEL: +44 1223 723600
FAX: +44 1223 723601

-Mark Wooding
TEL: +44 1223 723600
FAX: +44 1223 723601

nShield Algorithm Library

Version 2.50.16 (Firmware)
Motorola PowerPC 5/12/2011 Curves tested: P-224
FFC: (ASSURANCES < 5.5.2: #1 , #2 , #3 > < 5.6.2.1: #1 , #3 > < 5.6.2.2: #1 > < 5.6.2.3: #1 > < 5.6.3.1: #1 , #2 > ) SCHEMES: Ephem: (KARole: Initiator / Responder ) FB FC OneFlow: (KARole: Initiator / Responder ) FB FC Static: (KARole: Initiator / Responder ) FB FC DSA Val#487 SHS Val#1398 DRBG Val#72
ECC: ( ASSURANCES < 5.5.2: #1 , #2 , #3 > < 5.6.2.1: #1 , #3 > < 5.6.2.1: #1 > < 5.6.2.3: #1 #3 > )
SCHEMES: EphemUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 OnePassDH: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 StaticUnified: (KARole: Initiator / Responder ) EB: P-224 EC: P-256 ED: P-384 EE: P-521 ECDSA Val#192 SHS Val#1398 DRBG Val#72
Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See Historical Component List Val#1.

"The nShield algorithm library provides cryptographic functionality for Thales''s nShield Hardware Security Modules"

0 Arista Networks Inc.
5453 Great America Pkwy
Santa Clara, CA 95054
USA

-Richard Whitney
TEL: 703-627-6092
FAX: 408-538-8920

Arista EOS Crypto Module

Version v1.0
AMD Athlon NEO X2 w/ EOS v4; Intel Sandy Bridge EN w/ EOS v4; Intel Broadwell-DE w/ EOS v4; AMD G Series: eKabini w/ EOS v4; AMD G Series: Steppe Eagle w/ EOS v4 8/18/2017

"The Arista EOS Crypto Module library implements a variety of FIPS approved algorithms to ensure that data can be transported, encrypted, and hashed in a secure manner."


Need Assistance?

Computer Security Division
National Institute of Standards and Technology