U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.

Https

We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

This is an archive
(replace .gov by .rip)

Cryptographic Module Validation Program CMVP

Certificate #3269

Details

Module Name
AIX FIPS Crypto Module for OpenSSL
Standard
FIPS 140-2
Status
Active
Sunset Date
1/29/2022
Validation Dates
08/28/2018;09/18/2018;09/23/2020
Overall Level
1
Caveat
When built, installed, protected and initialized as assumed by the Crypto Officer role and as specified in the provided Security Policy and operated in FIPS mode. Appendix A of the provided Security Policy specifies the actual distribution tar file containing the source code of this module. There shall be no additions, deletions or alterations to the tar file contents as used during module build. The distribution tar file shall be verified as specified in Appendix A of the provided Security Policy. Installation and protection shall be completed as specified in Appendix A of the provided Security Policy. Initialization shall be invoked as per Section 4 of the provided Security Policy. Any deviation from specified verification, protection, installation and initialization procedures will result in a non FIPS 140-2 compliant module. This validation entry is a non-security relevant modification to Cert. #3220.
Security Level Exceptions
  • Roles, Services, and Authentication: Level 2
  • Physical Security: N/A
  • Design Assurance: Level 3
  • Mitigation of Other Attacks: N/A
Module Type
Software
Embodiment
Multi-Chip Stand Alone
Description
The AIX FIPS Crypto Module for OpenSSL is based on the OpenSSL FIPS Object Module. The AIX FIPS Crypto Module for OpenSSL is supported on AIX for the Power 7, Power 8 and Power 9 platforms.
Tested Configuration(s)
  • AIX 6.1 32-bit running on IBM POWER 7 (PPC) with PAA (IBM XL C/C++ for AIX Compiler Version V10.1)
  • AIX 6.1 32-bit running on IBM POWER 7 (PPC) without PAA (IBM XL C/C++ for AIX Compiler Version V13.1)
  • AIX 6.1 64-bit running on IBM POWER 7 (PPC) with PAA (IBM XL C/C++ for AIX Compiler Version V10.1)
  • AIX 6.1 64-bit running on IBM POWER 7 (PPC) without PAA (IBM XL C/C++ for AIX Compiler Version V13.1)
  • AIX 7.1 32-bit running on IBM POWER 7 (PPC) without PAA (IBM XL C/C++ for AIX Compiler Version V13.1)
  • AIX 7.1 32-bit running on IBM Power8 (PPC) with PAA (IBM XL Compiler V13.1)
  • AIX 7.1 32-bit running on IBM Power8 (PPC) without PAA (IBM XL Compiler V13.1)
  • AIX 7.1 64-bit running on IBM POWER 7 (PPC) without PAA (IBM XL C/C++ for AIX Compiler Version V13.1)
  • AIX 7.1 64-bit running on IBM Power8 (PPC) with PAA (IBM XL Compiler V13.1)
  • AIX 7.1 64-bit running on IBM Power8 (PPC) without PAA (IBM XL Compiler V13.1)
  • AIX 7.2 32-bit running on IBM Power7 (PPC) without PAA (IBM XL Compiler V13.1)
  • AIX 7.2 32-bit running on IBM Power8 (PPC) with PAA (IBM XL Compiler V13.1)
  • AIX 7.2 32-bit running on IBM Power8 (PPC) without PAA (IBM XL Compiler V13.1)
  • AIX 7.2 32-bit running on IBM Power9 (PPC) with PAA (IBM XL Compiler V13.1)
  • AIX 7.2 32-bit running on IBM Power9 (PPC) without PAA (IBM XL Compiler V13.1)
  • AIX 7.2 64-bit running on IBM Power7 (PPC) without PAA (IBM XL Compiler V13.1)
  • AIX 7.2 64-bit running on IBM Power8 (PPC) with PAA (IBM XL Compiler V13.1)
  • AIX 7.2 64-bit running on IBM Power8 (PPC) without PAA (IBM XL Compiler V13.1)
  • AIX 7.2 64-bit running on IBM Power9 (PPC) with PAA (IBM XL Compiler V13.1)
  • AIX 7.2 64-bit running on IBM Power9 (PPC) without PAA (IBM XL Compiler V13.1) (single-user mode)
FIPS Algorithms
AES Certs. #3451, #3990,and #5649
CVL Certs. #534, #814 and #2045
DRBG Certs. #845, #1182 and #2280
DSA Certs. #970, #1085 and #1449
ECDSA Certs. #698, #886 and #1523
HMAC Certs. #2197, #2605 and #3763
RSA Certs. #1766, #2048# and #3039
SHS Certs. #2847, #3294 and #4530
Triple-DES Certs. #1942, #2190 and #2834
Allowed Algorithms
EC Diffie-Hellman (CVL Certs. #534, #814 and #2045, key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength); RSA (key wrapping; key establishment methodology provides between 112 and 256 bits of encryption strength)
Software Versions
2.0.9, 2.0.10, 2.0.11, 2.0.12, 2.0.13, 2.0.14, 2.0.15 or 2.0.16

Vendor

IBM Corporation
1701 North Street
Endicott, NY 13760
USA

AIX FIPS Security
aixfips@in.ibm.com
Phone: N/A
Fax: N/A
N/A
Phone: N/A
Fax: N/A

Lab

ACUMEN SECURITY, LLC
NVLAP Code: 201029-0