August 2019 Copyright © 2019 Dell Inc. or its subsidiaries. All rights reserved. 1
Release Notes
08.08.19
RSA BSAFE
®
Crypto-C Micro Edition 4.1.4
Release Notes
This document summarizes the features of RSA BSAFE Crypto-C Micro Edition 4.1.4
(Crypto-C ME). It outlines the changes, platform information, and resolved and
known issues.
For details of the Crypto-C ME End of Primary Support dates, see the Product Version
Life Cycle Web site at
https://community.rsa.com/docs/DOC-73366.
Contents:
New Features ................................................................................................... 2
Changes ............................................................................................................ 6
Deprecated Functionality ......................................................................... 8
Operating Environment Information .............................................................. 9
New Operating Environments ...............................................................15
Discontinued Operating Environments ................................................ 15
Linux Standard Base .............................................................................. 16
FIPS 140-2 Compliance ......................................................................... 16
Microsoft Visual C++ Redistributable Packages ................................. 17
Algorithms and Key Sizes ............................................................................. 18
FIPS 140-2-approved Algorithms ......................................................... 18
FIPS 140-2-allowed Algorithms ............................................................ 22
Non-FIPS 140-2-approved Algorithms ................................................. 23
Elliptic Curve Support ............................................................................. 24
FIPS 140-2 Operations ................................................................................. 25
Self Tests and Entropy ........................................................................... 25
FIPS 140-2 Providers ............................................................................. 25
Hardware Devices .......................................................................................... 26
Cryptographic Operations on Hardware .............................................. 27
Compatibility Identifiers .......................................................................... 28
Software Installation for Hardware Devices ........................................ 29
PKCS #11 Provider Configuration ........................................................ 29
Enhancements and Resolved Issues .......................................................... 30
Known Issues ................................................................................................. 33
Documentation ............................................................................................... 35
Support and Service ...................................................................................... 36
2 New Features
RSA BSAFE Crypto-C Micro Edition 4.1.4 Release Notes
New Features
This release of Crypto-C ME is designed to include the following new features:
• Asymmetric key assurance and validation functions,
R_PKEY_validate_init_PKEY() and R_CR_validate_key(), which
allow parameters and keys to be checked for specific security requirements. A
number of validation methods are available:
– SP 800-56A Rev 2 method for:
• FIPS 186-4 generated keys and parameters
• FIPS 186-2 generated keys and parameters
– Generic method which checks numeric properties of keys and parameters.
For more information see the Asymmetric Key Management > Asymmetric
Key Assurance and Validation section in the RSA BSAFE Crypto-C Micro
Edition Developers Guide.
• The FIPS 140-2 dynamic library files are no longer compatible with older
versions of Crypto-C ME. Applications must rebuild against this release of
Crypto-C ME. For more information see Binary Incompatibility with Previous
Versions of Crypto-C ME in the RSA BSAFE Crypto-C Micro Edition Migration
Guide.
• The FIPS 140-2 provider defaults to the FIPS 140-2 mode of operation. For more
information, see FIPS 140-2 Mode is the Default Mode in the RSA BSAFE
Crypto-C Micro Edition Migration Guide.
• Support for ARM
®
64 assembly optimizations, including hardware accelerated
AES, SHA-1 and SHA-256. These optimizations are automatically enabled on
supported hardware and can be disabled using
R_STATE_disable_cpu_features() with the ARMv8-specific options.
For more information see API Reference Information > Library State
Operations > Library State CPU Options > ARM64 (ARMv8 AArch64) CPU
Options section in the RSA BSAFE Crypto-C Micro Edition Developers Guide.
• The Elliptic Curve (EC) asymmetric key format conforms to RFC 5915. For more
information see Elliptic Curve Asymmetric Key Format in the RSA BSAFE
Crypto-C Micro Edition Migration Guide.
• Key wrap functionality to allow wrapping of symmetric or asymmetric key data
with either symmetric or asymmetric keys. Included are new:
–
Algorithm identifiers for key wrapping using a recipient's public key:
• R_CR_ID_KW_KEM_KWS
•
R_CR_ID_KW_RSA_OAEP
•
R_CR_ID_KW_RSA_OAEP_SHA1
•
R_CR_ID_KW_RSA_OAEP_SHA256
New Features 3
RSA BSAFE Crypto-C Micro Edition 4.1.4 Release Notes
– Algorithm subtypes to specify for the type of key to wrap with:
•
R_CR_SUB_SYMMETRIC_KEY
• R_CR_SUB_ASYMMETRIC_KEY
– Algorithm subtypes to specify for the type of key to be wrapped:
•
R_CR_SUB_WRAP_SKEY
•
R_CR_SUB_WRAP_PKEY
•
R_CR_SUB_WRAP_RAW
– Key wrapping and unwrapping initialization functions:
•
R_CR_keywrap_wrap_init_SKEY()
•
R_CR_keywrap_wrap_init_PKEY()
•
R_CR_keywrap_unwrap_init_SKEY()
•
R_CR_keywrap_unwrap_init_PKEY()
– Key wrapping and unwrapping functions:
•
R_CR_keywrap_wrap_SKEY()
•
R_CR_keywrap_wrap_PKEY()
•
R_CR_keywrap_unwrap_SKEY()
•
R_CR_keywrap_unwrap_PKEY()
• A Single-Step KDF implementation, as defined in SP 800-56A Rev 2, that uses a
message digest as the fundamental cryptographic function.
• An HMAC-based Extract-and-Expand Key Derivation Function (HKDF) as
described in
RFC 5869.
• New resources to provide Diffie-Hellman and Ephemeral Diffie-Hellman
parameters based on safe prime numbers, as outlined in SP 800-56A Rev 3.
• New SHA3 message digest algorithms:
– SHA3-224
– SHA3-256
– SHA3-384
– SHA3-512.
• New Message Authentication Code (MAC) algorithms using the SHA3 message
digest algorithms:
– HMAC SHA3-224
– HMAC SHA3-256
– HMAC SHA3-384
– HMAC SHA3-512.
4 New Features
RSA BSAFE Crypto-C Micro Edition 4.1.4 Release Notes
• New RSA asymmetric key encryption algorithms, using the SHA3 message digest
algorithms:
– RSA PKCS #1 Optimal Asymmetric Encryption Padding (OAEP) using
SHA3-224
– RSA PKCS #1 OAEP using SHA3-256
– RSA PKCS #1 OAEP using SHA3-384
– RSA PKCS #1 OAEP using SHA3-512.
• New RSA digital signature algorithms, using the SHA3 message digest
algorithms:
– RSA using SHA3-224
– RSA using SHA3-256
– RSA using SHA3-384
– RSA using SHA3-512
– RSA PKCS #1 Probabilistic Signature Scheme (PSS) using SHA3-224
– RSA PKCS #1 PSS using SHA3-256
– RSA PKCS #1 PSS using SHA3-384
– RSA PKCS #1 PSS using SHA3-512
– SHA3-224 and RSA PKCS #1 PSS using SHA3-224
– SHA3-256 and RSA PKCS #1 PSS using SHA3-256
– SHA3-384 and RSA PKCS #1 PSS using SHA3-384
– SHA3-512 and RSA PKCS #1 PSS using SHA3-512.
• New DSA digital signature algorithms, using the SHA3 message digest
algorithms:
– DSA using SHA3-224
– DSA using SHA3-256
– DSA using SHA3-384
– DSA using SHA3-512.
• New ECDSA digital signature algorithms, using the SHA3 message digest
algorithms:
– ECDSA using SHA3-224
– ECDSA using SHA3-256
– ECDSA using SHA3-384
– ECDSA using SHA3-512.
New Features 5
RSA BSAFE Crypto-C Micro Edition 4.1.4 Release Notes
• New HMAC Deterministic Random Bit Generator (HMAC DRBG) algorithms
using the SHA3 message digest algorithms:
– HMAC DRBG using SHA3-224
– HMAC DRBG using SHA3-256
– HMAC DRBG using SHA3-384
– HMAC DRBG using SHA3-512.
• Support added for Windows code signing FIPS dynamic libraries.
Previously, code signing the Windows FIPS dynamic libraries broke the FIPS
integrity check. Support has been added to allow Windows code signing without
affecting the integrity checking.
• The operating mode of the library context can now be retrieved using the
R_LIB_CTX_get_mode function.
For more information about any of the new functions and identifiers listed above, see
the RSA BSAFE Crypto-C Micro Edition Developers Guide.
6 Changes
RSA BSAFE Crypto-C Micro Edition 4.1.4 Release Notes
Changes
This release of Crypto-C ME is designed to include the following changes:
• Updated operating environment support.
For more information, see Operating Environment Information.
• Fixes for specific issues.
For more information, see Enhancements and Resolved Issues.
• The two separate signature files which were used for the FIPS 140-2 module
integrity check are embedded into the main FIPS 140-2 module shared library file.
• Initialization Vector (IV) generation for symmetric key encryption is updated for
compliance with the latest FIPS 140-2 implementation guidance (IG A.5). For
more information, see Symmetric Key Encryption > Automatic IV Generation
in the RSA BSAFE Crypto-C Micro Edition Developers Guide.
• Default Diffie-Hellman (DH) key exchange, key generation, and parameter
generation is now performed using approved methods outlined in SP 800-56A
instead of the IEEE P1363 specification.
The default key exchange and key generation implementations allows the use of
legacy parameters, which might not have the sub-prime value available.
• Elliptic curve cryptography (ECC) keys are generated using approved methods
outlined in SP 800-56A.
• Library files for systems running an Apple
®
OS X
®
, macOS
®
or iOS
®
operating
system are provided as “Fat Libraries” instead of separate static and dynamic files
for each CPU architecture.
• When generating keys using
R_SKEY_generate() for AES in XTS mode, it is
no longer possible to generate the same key data for
Key_1 and Key_2.
• Changes to RSA key generation:
– New default algorithm is FIPS 186-3 (formerly X9.31). X9.31 cannot be used
in FIPS mode, but is still available in the FIPS library.
– Minimum key size allowed for RSA FIPS 186-4 compliant key generation
(
R_CR_RSA_KEY_GENERATION_FIPS186_3 and
R_CR_RSA_KEY_GENERATION) is 2048 bits.
• The NIST testing tool for RSA signature generation and verification using
SHA-512/256 included an incorrect algorithm identifier.
RSA signature generation and verification and using SHA-512/256 is updated in
this release of Crypto-C ME to use the correct identifier. Signature verification is
also updated to include a test for the old identifier to ensure signatures generated
using previous versions of Crypto-C ME can still be verified. However, signatures
generated using this version of Crypto-C ME will not verify correctly on systems
using the old implementation.
Changes 7
RSA BSAFE Crypto-C Micro Edition 4.1.4 Release Notes
• Namespace changes to achieve greater consistency with the rest of the source
code.
Specifically, the
bio.h header file is renamed as r_bio.h. Migrate your
applications to use the
R_BIO_*() set of functions. The BIO_*() functions are
deprecated, but will be removed in a future release.
• The following functions, which were deprecated, are removed:
–
R_PKEY_signhash()
–
R_PKEY_verifyhash()
• Updated asymmetric key encryption implementation:
– Including an asymmetric key encryption resource,
R_PKEY_RES_DH,
R_PKEY_RES_DSA, or R_PKEY_RES_RSA, in the resource list for an
application provides only the resources for that specific asymmetric key type.
For example, including
R_PKEY_RES_RSA in the resource list for an
application provides only the resource for the
RSA key implementation.
Previously, including any asymmetric key encryption resource provided the
resources for all asymmetric key types.
– Applications loading the
ccme_asym resource shared library file must
include
R_PKEY_RES_DH_BASE in the resource list for the application.
Note: The file extension for ccme_asym resource shared library file
differs depending on the operating system.
• Improved asymmetric key (
R_PKEY) implementation, including remapping of
R_PKEY_TYPE_DSAPARAMS and R_PKEY_TYPE_ECCPARAMS to
R_PKEY_TYPE_DSA and R_PKEY_TYPE_ECC respectively.
• The
realloc callback, used when defining a custom memory allocator, takes an
additional parameter. This additional parameter represents the size of the
previously allocated buffer.
• The following algorithms are no longer FIPS 140-2 compliant:
– The FIPS 186-2 pseudo-random number generator (PRNG) algorithms
(
R_CR_ID_RANDOM_FIPS186 and R_CR_ID_RANDOM_FIPS186_MODQ)
– The two-key Triple-DES symmetric key algorithms, which are not approved
for encryption, but allowed for legacy decryption.
For more information, see Algorithms and Key Sizes and the Security Policy
documents.
• Changes to Linux
®
Standard Base (LSB) support:
– Support for LSB 3.x has been withdrawn. The following platforms have been
removed:
•
lsb30-x86-gcc3_4, lsb30-x64-gcc3_4, lsb30-ia64-gcc3_4.
– Support for LSB 4.0 Itanium2 platform has been added, to replace LSB 3.0
Itanium2.
• Apple iOS platforms are now built using Xcode 9.
8 Changes
RSA BSAFE Crypto-C Micro Edition 4.1.4 Release Notes
• Apple iOS platform no longer provides libraries for ARMv7S. If you were using
ARMv7S, update your build configurations to use ARMv7 libraries instead.
• An Installation Guide is no longer included in the documentation suite.
Installation instructions are now incorporated into the Get Started with
Crypto-C ME section of the RSA BSAFE Crypto-C Micro Edition Developers
Guide.
Deprecated Functionality
With this release of Crypto-C ME some elements of functionality are deprecated.
While these deprecated entities are still available and can still be used, RSA
recommends that alternatives be used. These deprecated entities will be removed in a
later release of the product.
ECC parameter generation support is deprecated and will be removed in a future
release. RSA recommends using the tested and secure named curve parameters, such
as
R_PKEY_EC_NAMED_CURVE_PRIME256V1.
For more information about these deprecated entities, including links to equivalent
functionality, see Deprecated List in the RSA BSAFE Crypto-C Micro Edition
Developers Guide.
Important: The National Institute for Standards and Technologies (NIST) has
published an Update to Current Use and Deprecation of TDEA, announcing
their intention to deprecate the 3-key variant of Triple-DES, and disallow it
for use in TLS and other protocols. NIST is developing a draft deprecation
timeline for the 3-key variant of TDEA including a sunset date, and
recommends migration to AES as soon as possible.
RSA recommends caution when using Triple-DES.
Operating Environment Information 9
RSA BSAFE Crypto-C Micro Edition 4.1.4 Release Notes
Operating Environment Information
The following table lists the operating environments Crypto-C ME is designed and
tested to support, on either physical or virtual hosts, at the time of release.
Note: Subsequent patches or hotfixes to this release of Crypto-C ME will be
tested on and support the latest operating system patch levels, unless
otherwise specified.
Table 1 Operating Environment Information
Operating System
CPU
Architecture
Compiler Version
FIPS
1
Package Name
Apple
iOS 12
2
ARM
®
v8 Xcode
®
9
VA ios10-multi-xcode9
iOS 11 ARMv8 Xcode 9 Yes ios10-multi-xcode9
x86_64 Xcode 9 No ios10-multi-xcode9
iOS 10 ARMv8 Xcode 9 VA ios10-multi-xcode9
ARMv7 Xcode 9 Yes ios10-multi-xcode9
x86_64 Xcode 9 No ios10-multi-xcode9
x86
macOS 10.13 x86_64 Xcode 7.3 Yes macosx-x64-xcode7
macOS 10.12 x86_64 Xcode 7.3 VA macosx-x64-xcode7
x86 Yes macosx-x86-xcode7
OS X 10.11 x86_64 Xcode 7.3 VA macosx-x64-xcode7
x86 macosx-x86-xcode7
Canonical
®
Ubuntu
®
16.04
Long Term
Support (LTS)
x86_64 LSB 4.0 and GCC 4.4 VA lsb40-x64-gcc4_4
x86 lsb40-x86-gcc4_4
ARMv7 GCC 4.8 hard float Yes linux-armv7l-gcc4_8
Ubuntu 14.04 LTS x86_64 LSB 4.0 and GCC 4.4 VA lsb40-x64-gcc4_4
x86 lsb40-x86-gcc4_4
CentOS™ Project
CentOS 7.6 x86_64 LSB 4.0 and GCC 4.4 VA lsb40-x64-gcc4_4
x86 lsb40-x86-gcc4_4
CentOS 6.10 x86_64 LSB 4.0 and GCC 4.4 VA lsb40-x64-gcc4_4
x86 lsb40-x86-gcc4_4
10 Operating Environment Information
RSA BSAFE Crypto-C Micro Edition 4.1.4 Release Notes
FreeBSD
®
Foundation
FreeBSD 11.2 x86_64 Clang 4.0 Yes freebsd-x64-clang40
Google
Android™ 8.0 ARMv8 Android NDK r10e
and GCC 4.9
Yes android-multi-ndkr10e
Android 7.1.1 ARMv8 Android NDK r10e
and GCC 4.9
VA android-multi-ndkr10e
Android 6.0 ARMv8 Android NDK r10e
and GCC 4.9
VA android-multi-ndkr10e
ARMv7 Yes
Android 5.1 ARMv8 Android NDK r10e
and c 4.9
VA android-multi-ndkr10e
ARMv7
x86 No
Android 4.4.4 ARMv7 Android NDK r10e
and c 4.9
VA android-multi-ndkr10e
HPE
HP-UX 11.31
PA-RISC 2.0W
3
HP C B.11.11.24 Yes hpux1131-pa2_0W-hp_c11
PA-RISC 2.0 hpux1131-pa2_0-hp_c11
Itanium
®
64-bit
HP C B3910B A.06.12
hpux1131-ia64-hp_cA_6_12
Itanium 32-bit
hpux1131-ia32-hp_cA_6_12
IBM
AIX
®
7.2 PowerPC
®
64-bit
XLC v11.1 Yes aix71-ppc64-ibm_c11_1
PowerPC 32-bit aix71-ppc-ibm_c11_1
AIX 7.1 PowerPC 64-bit XLC v11.1 VA aix71-ppc64-ibm_c11_1
PowerPC 32-bit aix71-ppc-ibm_c11_1
AIX 6.1 PowerPC 64-bit XLC v9.0 Yes aix61-ppc64-ibm_c9_0
PowerPC 32-bit aix61-ppc-ibm_c9_0
Micro Focus
®
SUSE
®
Linux
Enterprise Server
15
x86_64 LSB 4.0 and GCC 4.4 Yes lsb40-x64-gcc4_4
x86 LSB 4.0 and GCC 4.4 VA lsb40-x64-gcc4_4
PowerPC 64-bit GCC 4.8 VA
linux-ppc64l-gcc4_8
4
Table 1 Operating Environment Information (continued)
Operating System
CPU
Architecture
Compiler Version
FIPS
1
Package Name
Operating Environment Information 11
RSA BSAFE Crypto-C Micro Edition 4.1.4 Release Notes
Micro Focus (continued)
SUSE Linux
Enterprise Server
12 SP4
x86_64 LSB 4.0 and GCC 4.4 VA lsb40-x64-gcc4_4
x86 lsb40-x86-gcc4_4
PowerPC 64-bit GCC 4.8 Yes
linux-ppc64l-gcc4_8
4
ARMv8 GCC 4.8 linux-arm64l-gcc4_8
SUSE Linux
Enterprise Server
12 SP3
x86_64 LSB 4.0 and GCC 4.4 Yes lsb40-x64-gcc4_4
x86 lsb40-x86-gcc4_4
PowerPC 64-bit GCC 4.8 Yes
linux-ppc64l-gcc4_8
4
ARMv8 GCC 4.8 linux-arm64l-gcc4_8
SUSE Linux
Enterprise Server
11 SP4
x86_64 LSB 4.0 and GCC 4.4 VA lsb40-x64-gcc4_4
x86 lsb40-x86-gcc4_4
PowerPC 64-bit GCC 3.4 Yes
linux-ppc64b-gcc3_4
5
PowerPC 32-bit linux-ppc32b-gcc3_4
Itanium2 64-bit LSB 4.0 and GCC 4.4 Yes lsb40-ia64-gcc4_4
Microsoft
®
Windows
®
10
Enterprise
x86_64
Visual Studio
®
2017 (/MD
6
)
VA win-x64-vs2017
Visual Studio 2017 (/MT)
Visual Studio 2013 (/MD) VA win-x64-vs2013
Visual Studio 2013 (/MT) Yes
x86 Visual Studio 2017 (/MD) VA win-x86-vs2017
Visual Studio 2017 (/MT) Yes
Visual Studio 2013 (/MD) Yes win-x86-vs2013
Visual Studio 2013 (/MT) VA
Windows 8.1
Enterprise
x86_64 Visual Studio 2017 (/MD) VA win-x64-vs2017
Visual Studio 2017 (/MT)
Visual Studio 2013 (/MD) VA win-x64-vs2013
Visual Studio 2013 (/MT)
Visual Studio 2010 (/MD) VA win-x64-vs2010
Visual Studio 2010 (/MT)
Table 1 Operating Environment Information (continued)
Operating System
CPU
Architecture
Compiler Version
FIPS
1
Package Name
12 Operating Environment Information
RSA BSAFE Crypto-C Micro Edition 4.1.4 Release Notes
Microsoft (continued)
Windows 8.1
Enterprise
(continued)
x86 Visual Studio 2017 (/MD) VA win-x86-vs2017
Visual Studio 2017 (/MT)
Visual Studio 2013 (/MD) VA win-x86-vs2013
Visual Studio 2013 (/MT) Yes
Windows 7
Enterprise SP1
x86_64 Visual Studio 2017 (/MD) VA win-x64-vs2017
Visual Studio 2017 (/MT)
Visual Studio 2010 (/MD) VA win-x64-vs2010
Visual Studio 2010 (/MT)
Visual Studio 2005 (/MD) VA win-x64-vs2005
Visual Studio 2005 (/MT) Yes
x86 Visual Studio 2017 (/MD) VA win-x86-vs2017
Visual Studio 2017 (/MT)
Visual Studio 2010 (/MD) VA win-x64-vs2010
Visual Studio 2010 (/MT) Yes
Visual Studio 2005 (/MD) Yes win-x86-vs2005
Visual Studio 2005 (/MT) VA
Windows Server
®
2016
x86_64 Visual Studio 2017 (/MD) Yes win-x64-vs2017
Visual Studio 2017 (/MT) VA
Windows Server
2012 R2 Standard
x86_64 Visual Studio 2017 (/MD) VA win-x64-vs2017
Visual Studio 2017 (/MT) Yes
Visual Studio 2013 (/MD) Yes win-x64-vs2013
Visual Studio 2013 (/MT) VA
Visual Studio 2010 (/MD) Yes win-x64-vs2010
Visual Studio 2010 (/MT) VA
Windows Server
2012 Standard
x86_64 Visual Studio 2017 (/MD) VA win-x64-vs2017
Visual Studio 2017 (/MT)
Visual Studio 2013 (/MD) VA win-x64-vs2013
Visual Studio 2013 (/MT)
Visual Studio 2010 (/MD) VA win-x64-vs2010
Visual Studio 2010 (/MT)
Table 1 Operating Environment Information (continued)
Operating System
CPU
Architecture
Compiler Version
FIPS
1
Package Name
Operating Environment Information 13
RSA BSAFE Crypto-C Micro Edition 4.1.4 Release Notes
Microsoft (continued)
Windows Server
2008 Enterprise R2
SP1
x86_64 Visual Studio 2010 (/MT) Yes win-x64-vs2010
Visual Studio 2005 (/MD) Yes win-x64-vs2005
Visual Studio 2005 (/MT) VA
Windows Server
2008 Enterprise
SP2
x86_64 Visual Studio 2010 (/MD) VA win-x64-vs2010
Visual Studio 2010 (/MT)
Visual Studio 2005 (/MD) VA win-x64-vs2005
Visual Studio 2005 (/MT)
x86 Visual Studio 2005 (/MD) VA win-x86-vs2005
Visual Studio 2005 (/MT)
Itanium2 64-bit Visual Studio 2010 (/MD) VA win-ia64-vs2010
Visual Studio 2010 (/MT) Yes
Windows Server
2008 R2 SP1
x86_64 Visual Studio 2017 (/MD) VA win-x64-vs2017
Visual Studio 2017 (/MT)
Windows Server
2008 SP2
x86_64 Visual Studio 2017 (/MD) VA win-x64-vs2017
Visual Studio 2017 (/MT)
Oracle
®
Solaris
®
11.4
SPARC
®
v9-T4
Sun C 5.13 Yes sol-spv9-sun_c5_13
SPARC v8+ sol-spv8p-sun_c5_13
SPARC v8 Sun C 5.8 Yes sol-spv8-sun_c5_8
x86_64 Sun C 5.13 Yes sol-x64-sun_c5_13
Solaris 10
Update 11
SPARC v9-T4
Sun C 5.13 VA sol-spv9-sun_c5_13
SPARC v9-T2
SPARC v8+ sol-spv8p-sun_c5_13
SPARC v8 Sun C 5.8 VA sol-spv8-sun_c5_8
x86_64 Sun C 5.13 VA sol-x64-sun_c5_13
x86 Yes sol-x86-sun_c5_13
Red Hat
®
Enterprise Linux
7.6
x86_64 LSB 4.0 and GCC 4.4 VA lsb40-x64-gcc4_4
x86 lsb40-x86-gcc4_4
PowerPC 64-bit GCC 3.4 VA linux-ppc64b-gcc3_4
PowerPC 32-bit linux-ppc32b-gcc3_4
Table 1 Operating Environment Information (continued)
Operating System
CPU
Architecture
Compiler Version
FIPS
1
Package Name
14 Operating Environment Information
RSA BSAFE Crypto-C Micro Edition 4.1.4 Release Notes
Red Hat (continued)
Enterprise Linux
7.4
ARMv8 GCC 4.8 VA linux-arm64l-gcc4_8
Enterprise Linux
6.10
x86_64 LSB 4.0 and GCC 4.4 VA lsb40-x64-gcc4_4
x86 lsb40-x86-gcc4_4
Enterprise Linux
5.8
IBM S/390
®
x
64-bit
LSB 3.0 and GCC 4.3 Yes lsb30-s390x-gcc4_3
IBM S/390 31-bit lsb30-s390-gcc4_3
1
For more information, see FIPS 140-2 Compliance.
2
Apple iOS packages (that is, for ARMv7, ARMv7s, ARMv8, and the x86 and x86_64 simulators) are included in a single package.
3
Support for the PA-RISC CPU architecture is discontinued by HP. See Discontinued Operating Environments.
4
PowerPC little-endian platform.
5
PowerPC big-endian platform.
6
Multi-threaded dynamic linked runtime library (MD) and multi-threaded static linked runtime library (MT).
Table 1 Operating Environment Information (continued)
Operating System
CPU
Architecture
Compiler Version
FIPS
1
Package Name
Operating Environment Information 15
RSA BSAFE Crypto-C Micro Edition 4.1.4 Release Notes
New Operating Environments
This release of Crypto-C ME is designed to include support for new operating
environments:
• Apple:
– iOS 12 on ARMv8
– iOS 11 on ARMv8 and x86_64
– iOS 10 on ARMv8, ARMv7, x86_64, and x86
–
macOS 10.13 and 10.12 on x86_64 and x86
• Canonical Ubuntu 16.04 LTS on x86_64, x86, and ARMv7
• FreeBSD 11.2 on x86_64
• Google Android 7.x on ARMv8
• IBM AIX 7.2 on PowerPC 32-bit and 64-bit
• Micro Focus SUSE Linux Enterprise Server 12 SP4, on x86_64, x86, ARMv8 and
PowerPC 64-bit
• Micro Focus SUSE Linux Enterprise Server 12 SP3, on PowerPC 64-bit
• Microsoft Windows Server 2016 on x86_64.
Discontinued Operating Environments
This release of Crypto-C ME discontinues support for the following operating
environments:
• Apple iOS 8
• Canonical Ubuntu 12.04 LTS
• Fedora 20 and 22
• FreeBSD 10
• Micro Focus SUSE Linux Enterprise Server 10
• Microsoft Windows Server 2008 on Itanium, compiled using Visual Studio 2005
• Red Hat Enterprise Linux 5.11 and 5.11 SE.
Support for the HP-UX 11.31 on PA-RISC 2.0 (32-bit) and PA-RISC 2.0W (64-bit)
operating environments is discontinued by HP, but is retained by RSA for this release.
In the next release of Crypto-C ME, support for these operating environments is
discontinued.
For subsequent releases of Crypto-C ME going forward, where a vendor discontinues
mainstream support for an operating system and platform combination, RSA
discontinues support from the same date.
16 Operating Environment Information
RSA BSAFE Crypto-C Micro Edition 4.1.4 Release Notes
Note: Your RSA software license agreement might not grant you the right to
develop applications on all of the platforms listed above. Contact your RSA
sales representative for information on the development platforms covered by
your license agreement and platform/field of use restrictions.
Linux Standard Base
The goal of the LSB project is to deliver interoperability between applications and the
Linux operating system. The distributions of Crypto-C ME built using the LSB 3.0
and 4.0 Software Development Kits (SDKs) are designed to be compatible with Linux
operating systems that support LSB 3.0 and 4.0 on the CPU architectures listed in
Table 1, Operating Environment Information.
FIPS 140-2 Compliance
FIPS 140-2 (Federal Information Processing Standards Publication 140-2 - Security
Requirements for Cryptographic Modules) details the United States Government
requirements for cryptographic modules. For more information about the FIPS 140-2
standard and validation program, see the FIPS 140-2 page on the NIST Web site at
https://csrc.nist.gov/projects/cryptographic-module-validation-
program/standards.
Note: FIPS 140-2 validation for this release of Crypto-C ME is in progress.
To view the progress, see the
Module In Process List. When the validation
process is complete, certificate information will be updated in the RSA BSAFE
Crypto-C Micro Edition Security Policy documents.
In Table 1, the FIPS column indicates the operating environments tested for FIPS
140-2 compliance by an accredited FIPS 140-2 testing laboratory. These operating
environments are listed on the FIPS 140-2 certificate.
“VA” - Vendor affirmed - indicates the operating environment is not specifically listed
on the FIPS 140-2 certificate, but RSA affirms FIPS 140-2 compliance. Vendor
affirmation of compliance is defined in Section G.5, “Maintaining Validation
Compliance of Software or Firmware Cryptographic Modules” in Implementation
Guidance for FIPS PUB 140-2 and the Cryptographic Module Validation Program.
For the complete list of FIPS 140-2 tested and vendor affirmed operating
environments, and for detailed information about the Crypto-C ME FIPS 140-2
cryptographic module and the secure operation of Crypto-C ME, see the RSA BSAFE
Crypto-C Micro Edition Security Policy documents.
Note: As of February 2017, FIPS 140-2 module validations have a five year
life span from the date of the last validation. Unless modules are revalidated,
the module certificate is moved to the CMVP Historical Validations list.
Validations moved to the CMVP Historical Validations List have not been
revoked outright. The validation still exists, but applications using affected
modules are not to be included in new procurements by Federal Agencies.
Operating Environment Information 17
RSA BSAFE Crypto-C Micro Edition 4.1.4 Release Notes
Microsoft Visual C++ Redistributable Packages
For customers developing on a Microsoft Windows operating system, building
applications using the Crypto-C ME libraries is supported (depending on the operating
system) using Microsoft Visual Studio 2005, Visual Studio 2010, Visual Studio 2013,
or Visual Studio 2017.
To run Crypto-C ME applications on systems that do not have Visual Studio or
Visual C++ installed, a Visual C++ Redistributable Package is required to install
specific Visual C++ runtime components.
For customers using the Crypto-C ME libraries built using Visual Studio 2005, the
Redistributable Package is available for systems with an:
• x86 (32-bit) processor, at
www.microsoft.com/en-us/download/details.aspx?id=5638
• x86_64 (64-bit) processor, at
www.microsoft.com/en-us/download/details.aspx?id=18471
• Itanium (64-bit) processor, at
www.microsoft.com/en-us/download/details.aspx?id=13360.
For customers using the Crypto-C ME libraries built using Visual Studio 2010, the
Redistributable Package is available for systems with an:
• x86 (32-bit) processor, at
www.microsoft.com/en-us/download/details.aspx?id=5555
• x86_64 (64-bit) processor, at
www.microsoft.com/en-us/download/details.aspx?id=14632
• Itanium (64-bit) processor, at
www.microsoft.com/en-us/download/details.aspx?id=2054.
For customers using the Crypto-C ME libraries built using Visual Studio 2013, the
Redistributable Packages are available at
www.microsoft.com/en-us/download/details.aspx?id=40784.
For customers using the Crypto-C ME libraries built using Visual Studio 2017, the
Redistributable Packages are available at
go.microsoft.com/fwlink/?LinkId=746572.
18 Algorithms and Key Sizes
RSA BSAFE Crypto-C Micro Edition 4.1.4 Release Notes
Algorithms and Key Sizes
This section lists the FIPS 140-2-approved, FIPS 140-2-allowed, and non-FIPS
140-2-approved algorithms and key sizes for this release of Crypto-C ME.
Note: The list of FIPS 140-2-approved and allowed algorithms is subject to
change at any time according to the guidelines specified by NIST. It is the
customer’s responsibility to keep up to date with approved and non-approved
algorithms. For the latest information regarding FIPS 140-2, see the NIST
website.
FIPS 140-2-approved Algorithms
The following table lists the FIPS 140-2-approved algorithms for this release of
Crypto-C ME.
Table 2 Crypto-C ME FIPS 140-2-approved Algorithms
Algorithm
Type
Algorithm and approved parameter/modulus/key sizes Standard
Asymmetric
Cipher
RSADP (RSA decryption primitive) component
Modulus sizes: 2048 and 3072
1
bits
SP 800-58B
RSAEP (RSA encryption primitive) component
Modulus sizes: 2048 and 3072 bits
SP 800-58B
Asymmetric
Key
ECC
2
• Public Key Validation Curves:
B-233, B-283, B-409, B-571, K-233, K-283, K-409, K-571,
P-224, P-256, P-384, P-521
• Key Pair Generation Curves:
B-233, B-283, B-409, B-571, K-233, K-283, K-409, K-571,
P-224, P-256, P-384, P-521
FIPS 186-4
FIPS 186-4
FFC
3
• Domain Parameter Generation
L = 2048, N = 224; L = 2048, N = 256; L = 3072, N = 256
• Domain Parameter Validation
L = 1024, N = 160
• Domain Parameter Validation
L = 1024, N = 160; L = 2048, N = 224; L = 2048, N = 256;
L = 3072, N = 256
• Key Pair Generation
L = 2048, N = 224; L = 2048, N = 256; L = 3072, N = 256
• Key Pair Validation
L = 2048, N = 224;L = 2048, N = 256; L = 3072, N = 256
FIPS 186-4
FIPS 186-2
FIPS 186-4
FIPS 186-4
SP 800-56A
4
Algorithms and Key Sizes 19
RSA BSAFE Crypto-C Micro Edition 4.1.4 Release Notes
Asymmetric
Key
(continued)
RSA
• Key Generation, Modulus sizes: 2048, 3072 bits
• Key Validation, Modulus sizes: 2048, 3072 bits
FIPS 186-4
SP 800-56B
Digital
Signature
DSA
• Signature Generation
L = 2048, N = 224; L = 2048, N = 256; L = 3072, N = 256
• Signature Verification
L = 1024, N = 160; L = 2048, N = 224; L = 2048, N = 256;
L = 3072, N = 256
FIPS 186-4
FIPS 186-4
ECDSA
• Signature and Signature Component Generation Curves:
B-233, B-283, B-409, B-571, K-233, K-283, K-409, K-571,
P-224, P-256, P-384, P-521
• Signature Verification Curves:
B-163, B-233, B-283, B-409, B-571, K-163, K-233, K-283,
K-409, K-571, P-192, P-224, P-256, P-384, P-521
FIPS 186-4
FIPS 186-4
RSA
• Signature Generation Algorithms: X9.31, PKCS #1 V1.5,
RSASSA-PSS
Key (modulus) sizes: 2048, 3072 bits.
• Signature Verification Algorithms: X9.31, PKCS #1 V1.5,
RSASSA-PSS
Key (modulus) sizes: 2048, 3072 bits.
• Signature Verification Algorithms: X9.31, PKCS #1 V1.5,
RSASSA-PSS
Key (modulus) sizes: 1024, 1536, 2048, 3072, 4096 bits.
• RSASP1 (RSA signature primitive 1) component
Key (modulus) sizes: 2048, 3076
1
bits.
FIPS 186-4
FIPS 186-4
FIPS 186-2
FIPS 186-4
Key
Agreement
Primitives
ECC
• Primitive: CDH
• Curves: B-233, B-283, B-409, B-571, K-233, K-283,
K-409, K-571, P-224, P-256, P-384, P-521
SP 800-56A
4
FFC
• Primitive: DH
• Domain parameter-size sets: L=2048, N=224;
L=2048, N=256
SP 800-56A
4
Key
Agreement
Schemes
5
ECC
• Schemes: Full Unified Model, Ephemeral Unified Model,
One-Pass Unified Mode One-Pass Diffie-Hellman Model
and Static Unified Model
• Curves: P-224, P-256, P-384, P-521
SP 800-56A
4
Table 2 Crypto-C ME FIPS 140-2-approved Algorithms (continued)
Algorithm
Type
Algorithm and approved parameter/modulus/key sizes Standard
20 Algorithms and Key Sizes
RSA BSAFE Crypto-C Micro Edition 4.1.4 Release Notes
Key
Agreement
Schemes
(continued)
FFC
3
• Schemes: dhHybrid1, dhEphem, dhHybridOneFlow,
dhOneFlow and dhStatic
• Domain parameter-size sets: L=2048, N=224;
L=2048, N=256
SP 800-56A
4
Key
Derivation
Functions
(KDFs)
HMAC-based Extract-and Expand KDF (HKDF) SP 800-108
Password-based Key Derivation Function 2 (PBKDF2)
6
SP 800-132
Single-step concatenation KDF
SP 800-56A
4
TLS Pseudo-random Function (TLS PRF) - Component Test
Protocol:
• TLS 1.0/1.1
• TLS 1.2; SHA: SHA-256, SHA-384, SHA-512
SP 800-135
Rev. 1
X9.63 KDF - Component Test
• SHA: SHA-224, SHA-256, SHA-384, SHA-512
ANSI X9.63,
SP 800-135
Rev. 1
Key
Generation
Cryptographic Key Generation (CKG) SP 800-133
Key Transport
Schemes
KTS-OAEP, KTS-OAEP-Party_V-confirmation, KTS-KEM-KWS,
KTS-KEM-KWS-Party_V-confirmation.
Modulus sizes: 2048 and 3072-bit
SP 800-56B
Key Wrap AES in KW and KWP modes with 128, 192, and 256-bit key sizes SP 800-38F
RSA-OAEP and RSA-KEM-KWS
Modulus sizes: 2048 and 3072-bit.
SP 800-56B
MAC HMAC SHA-1:
• SHA-224, SHA-256, SHA-384, SHA-512, SHA-512/224,
SHA-512/256
FIPS 198-1
HMAC SHA-3:
• SHA3-224, SHA3-256, SHA3-384, SHA3-512
FIPS 198-1
Message
Digest
SHA:
• SHA-1 SHA-224, SHA-256, SHA-384, SHA-512, SHA-512/224,
SHA-512/256
FIPS 180-4
SHA-3:
• SHA3-224, SHA3-256, SHA3-384, SHA3-512
FIPS 202
Table 2 Crypto-C ME FIPS 140-2-approved Algorithms (continued)
Algorithm
Type
Algorithm and approved parameter/modulus/key sizes Standard
Page is loading ...
Page is loading ...
Page is loading ...
Page is loading ...
Page is loading ...
Page is loading ...
Page is loading ...
Page is loading ...
Page is loading ...
Page is loading ...
Page is loading ...
Page is loading ...
Page is loading ...
Page is loading ...
Page is loading ...
Page is loading ...
/
