Caveat
When operated in FIPS mode. No assurance of the minimum strength of generated keys.
Security Level Exceptions
- Physical Security: N/A
- Mitigation of Other Attacks: N/A
Embodiment
Multi-Chip Stand Alone
Description
A software library that contains cryptographic functionality to serve BoringSSL and other user-space applications.
Tested Configuration(s)
- Debian Linux 5.10.40 (Rodete) running on HPE Z620 with Intel Xeon E5-2680 with PAA
- Debian Linux 5.10.40 (Rodete) running on HPE Z620 with Intel Xeon E5-2680 without PAA
- Google prodimage with Linux 4.15.0 running on Ampere Altra SoC with ARM Neoverse N1 with PAA
- Google prodimage with Linux 4.15.0 running on Ampere Altra SoC with ARM Neoverse N1 without PAA (single-user mode)
- Google prodimage with Linux 4.15.0 running on Google Arcadia-Rome with AMD Rome with PAA
- Google prodimage with Linux 4.15.0 running on Google Arcadia-Rome with AMD Rome without PAA
Approved Algorithms
| AES |
Cert. #A1657 |
| CVL |
Cert. #A1657 |
| DRBG |
Cert. #A1657 |
| ECDSA |
Cert. #A1657 |
| HMAC |
Cert. #A1657 |
| KAS |
KAS-SSC Cert. #A1657, CVL Cert. #A1657 |
| KAS-SSC |
Cert. #A1657 |
| KTS |
AES Cert #A1657; key establishment methodology provides between 128 and 256 bits of encryption strength |
| RSA |
Cert. #A1657 |
| SHS |
Cert. #A1657 |
| Triple-DES |
Cert. #A1657 |
Allowed Algorithms
MD5; RSA (key wrapping; key establishment methodology provides between 112 and 256 bits of encryption strength)
Software Versions
853ca1ea1168dff08011e5d42d94609cc0ca2e27
