Module Name
Nutanix Cryptographic Module for BoringSSL
Validation Dates
10/01/2019;11/14/2019;05/26/2020
Caveat
The module generates cryptographic keys whose strengths are modified by available entropy.
Security Level Exceptions
- Physical Security: N/A
- Mitigation of Other Attacks: N/A
Embodiment
Multi-Chip Stand Alone
Description
The Nutanix Cryptographic Module for BoringSSL is a suite of FIPS Approved algorithms used for TLS and other cryptographic functions.
Tested Configuration(s)
- CentOS 7.5 running on Nutanix NX-3360-G6 and Intel Xeon 4116 with PAA (clang Compiler Version 6.0.1)
- CentOS 7.5 running on Nutanix NX-3360-G6 and Intel Xeon 4116 without PAA (clang Compiler Version 6.0.1)
- Debian Linux 4.9.0 running on Intel Xeon E5-2680 with PAA (clang Compiler Version 6.0.1)
- Debian Linux 4.9.0 running on Intel Xeon E5-2680 without PAA (clang Compiler Version 6.0.1)
- Ubuntu Linux 18.04 running on POWER9 with PAA (clang Compiler Version 6.0.1) (single-user mode)
- Ubuntu Linux 18.04 running on POWER9 without PAA (clang Compiler Version 6.0.1)
Allowed Algorithms
EC Diffie-Hellman (CVL Certs. #2033, #2035 and #C1256; key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength); MD5; NDRNG; RSA (key wrapping; key establishment methodology provides between 112 and 256 bits of encryption strength)
Software Versions
66005f41fbc3529ffe8d007708756720529da20d
) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)
