| Standard | FIPS 140-3 |
|---|---|
| Overall level | 1 |
| Module type | Firmware |
| Embodiment | Multi-Chip Stand Alone |
| Status | Active |
| Sunset date | 1/8/2027 |
| Caveat | Interim validation. When operated in Approved mode with module Aruba OpenSSL Module validated to FIPS 140-3 under Cert. #4929 operating in Approved mode. |
| Vendor | Hewlett Packard Enterprise |
| Algorithm | ACVP Cert |
|---|---|
| AES-CBC | A2689 |
| AES-CTR | A2689 |
| AES-GCM | A2689 |
| DSA KeyGen (FIPS186-4) | A2689 |
| DSA PQGGen (FIPS186-4) | A2689 |
| ECDSA KeyGen (FIPS186-4) | A2689 |
| ECDSA KeyVer (FIPS186-4) | A2689 |
| ECDSA SigGen (FIPS186-4) | A2689 |
| ECDSA SigVer (FIPS186-4) | A2689 |
| HMAC-SHA-1 | A2689 |
| HMAC-SHA2-256 | A2689 |
| HMAC-SHA2-384 | A2689 |
| HMAC-SHA2-512 | A2689 |
| KAS-ECC-SSC Sp800-56Ar3 | A2689 |
| KAS-FFC-SSC Sp800-56Ar3 | A2689 |
| KDF IKEv2 | A2689 |
| RSA KeyGen (FIPS186-4) | A2689 |
| RSA SigGen (FIPS186-4) | A2689 |
| RSA Signature Primitive | A2689 |
| RSA SigVer (FIPS186-2) | A2689 |
| RSA SigVer (FIPS186-4) | A2689 |
| SHA-1 | A2689 |
| SHA2-256 | A2689 |
| SHA2-384 | A2689 |
| SHA2-512 | A2689 |
| Requirement area | Level |
|---|---|
| Cryptographic Module Specification | 1 |
| Cryptographic Module Interfaces | 1 |
| Roles, Services, and Authentication | 1 |
| Software/Firmware Security | 1 |
| Operational Environment | 1 |
| Physical Security | 1 |
| Non-Invasive Security | N/A |
| Sensitive Security Parameter Management | 1 |
| Self-Tests | 1 |
| Life-Cycle Assurance | 1 |
| Mitigation of Other Attacks | N/A |
flowchart LR
%% Deterministic review-risk graph for Aruba Crypto Module
%% Review prompts and evidence gaps, NOT vulnerability findings.
subgraph CMVP["CMVP-disclosed clues"]
C1["[high] Firmware / bootloader<br/>versions disclosed<br/>(identity, not provenance)<br/><i>1.0</i>"]
C2["[low] Firmware update / recovery<br/>/ rollback (referenced in<br/>text)<br/><i>upgrade</i>"]
C3["[high] Unauthenticated /<br/>self-test / status service<br/>surface<br/><i>Self-Test triggered by Crypto Officer reboot</i>"]
C5["[low] Protocol / secure-channel<br/>references (may be KDF<br/>names, not a live channel)<br/><i>IKEV<br/>IPSEC<br/>HTTPS</i>"]
C6["[low] Operating system / runtime<br/>referenced (boundary<br/>membership not asserted)<br/><i>operating system<br/>linux<br/>application</i>"]
end
subgraph Inference["Derived inference"]
I1["Component identity is<br/>disclosed, but provenance<br/>and patch lineage are not."]
I2["Possible only, trusted<br/>code is reachable through<br/>update and recovery paths."]
I3["Some services may process<br/>input before, or without,<br/>operator authentication."]
I5["Possible only, a protocol<br/>is referenced, but whether<br/>it is a live channel or<br/>only a KDF/algorithm name<br/>is unconfirmed."]
I6["Possible only, a<br/>runtime/OS is referenced,<br/>but its membership in the<br/>cryptographic boundary is<br/>not established."]
end
subgraph Risk["Reviewer question"]
R1["Do the vendor version<br/>strings obscure the<br/>upstream baseline, fork<br/>lineage, or known-CVE<br/>exposure?"]
R2["Are update images<br/>authenticated before<br/>parsing, and are<br/>downgrade/rollback paths<br/>constrained?"]
R3["Can unauthenticated<br/>services leak state,<br/>consume resources, or<br/>transition security state?"]
R5["If a live TLS/SSH/IKE<br/>channel exists, could<br/>library CVEs apply, or is<br/>this only a<br/>KDF/documentation name?"]
R6["If the OS/runtime is<br/>in-boundary, could its<br/>CVEs be hidden by<br/>firmware-only versioning?"]
end
subgraph Evidence["Evidence needed to close"]
E1["SBOM / component baselines<br/>· patch and backport<br/>manifest · CVE disposition"]
E2["confirm the disclosure<br/>itself (keyword hit,<br/>context unverified) ·<br/>update image format ·<br/>signature-before-parse<br/>proof · anti-rollback /<br/>downgrade policy"]
E3["pre-auth reachability<br/>matrix · rate limits and<br/>output redaction ·<br/>abuse-case tests"]
E5["confirm the disclosure<br/>itself (keyword hit,<br/>context unverified) ·<br/>library identity and<br/>version ·<br/>certificate-validation<br/>behaviour · protocol-CVE<br/>disposition"]
E6["confirm the disclosure<br/>itself (keyword hit,<br/>context unverified) ·<br/>runtime identity and<br/>config · kernel/runtime<br/>hardening profile ·<br/>patch/backport manifest"]
end
C1 --> I1 --> R1 --> E1
C2 --> I2 --> R2 --> E2
C3 --> I3 --> R3 --> E3
C5 --> I5 --> R5 --> E5
C6 --> I6 --> R6 --> E6
classDef clue fill:#eef3f9,stroke:#6f7f91,color:#1f3a5f;
classDef infer fill:#fff7e6,stroke:#b98500,color:#6b4e00;
classDef risk fill:#fbe9e9,stroke:#b02a2a,color:#7a1f1f;
classDef evidence fill:#e6f4ea,stroke:#1e7d34,color:#14532d;
class C1,C2,C3,C5,C6 clue;
class I1,I2,I3,I5,I6 infer;
class R1,R2,R3,R5,R6 risk;
class E1,E2,E3,E5,E6 evidence;flowchart LR
%% Deterministic clue tier for Aruba Crypto Module
%% confidence: high = structured record field; medium = structured but soft; low (dashed) = bare keyword hit, context unverified
subgraph CMVP["CMVP-disclosed clues (deterministic)"]
C1["[high] Firmware / bootloader versions disclosed (identity, not provenance)<br/><i>1.0</i><br/>src: certificate.firmwareVersions"]
C2["[low] Firmware update / recovery / rollback (referenced in text)<br/><i>upgrade</i><br/>src: text:keyword"]
C3["[high] Unauthenticated / self-test / status service surface<br/><i>Self-Test triggered by Crypto Officer reboot</i><br/>src: securityPolicy.services"]
C5["[low] Protocol / secure-channel references (may be KDF names, not a live channel)<br/><i>IKEV<br/>IPSEC<br/>HTTPS</i><br/>src: text:keyword"]
C6["[low] Operating system / runtime referenced (boundary membership not asserted)<br/><i>operating system<br/>linux<br/>application</i><br/>src: text:keyword"]
end
classDef clueHigh fill:#eef3f9,stroke:#2f6fb0,stroke-width:2px,color:#1f3a5f;
classDef clueMedium fill:#eef3f9,stroke:#6f7f91,color:#1f3a5f;
classDef clueLow fill:#f7f7f7,stroke:#999,stroke-dasharray:4 4,color:#444;
class C1,C3 clueHigh;
class C2,C5,C6 clueLow;Non-Proprietary Aruba Crypto Module Firmware Version 1.0 FIPS 140-3 Level 1 Document Version 1.0 January 2025 1| Hewlett Packard Enterprise Aruba Crypto Module Firmware Version 1.0 FIPS 140-3 Level 1 Security Policy
Non-Proprietary © 2024 Hewlett Packard Enterprise Company. Hewlett Packard Enterprise Company trademarks include , HPE Networks®, HPE Wireless Networks®, HPE Networking, the registered HPE Networking the Mobile Edge Company logo, HPE Networking Mobility Management System®, Mobile Edge Architecture®, property of their respective owners. HPE Networking, is a Hewlett Packard Enterprise company. The resource assets in this firmware may include abbreviated and/or legacy terminology for HPE Networking products. See https://www.hpe.com/us/en/networking/ for current and complete HPE Networking product lines and names. Open Source Code Certain Hewlett Packard Enterprise Company products include Open Source software code developed by third parties, including software code subject to the GNU General Public License (GPL), GNU Lesser General Public License (LGPL), or other Open Source Licenses. The Open Source code used can be found at this site: https://myenterpriselicense.hpe.com/cwp-ui/software Legal Notice The use of Hewlett Packard Enterprise Company switching platforms and software or firmware, by all individuals or corporations, to terminate other vendors’ VPN client devices constitutes complete acceptance of liability by that individual or corporation for this action and indemnifies, in full, Hewlett Packard Enterprise Company, from vendors. https://www.hpe.com/us/en/networking/
Spring, TX, USA 77389 Phone: 1-888-342-2156 2| Hewlett Packard Enterprise Aruba Crypto Module Firmware Version 1.0 FIPS 140-3 Level 1 Security Policy
Non-Proprietary Contents 1.1 1.2 1.3 1.4 2.1 2.1.1 2.2 2.3 2.4 2.5 2.5.1 2.5.2 2.6 2.7 2.8 2.9 4.1 4.2 4.3 4.3.1 4.3.2 9.1 11.1 11.1.1 Setting Up the Hewlett Packard Enterprise Controller, Gateway, Conductor, or Controller-managed 11.2 11.2.1 11.2.2 11.2.3 11.2.4 11.3 Figures 3| Hewlett Packard Enterprise Aruba Crypto Module Firmware Version 1.0 FIPS 140-3 Level 1 Security Policy
| Version | Date | Description | |||
|---|---|---|---|---|---|
| 1.0 | November 2024 | Initial FIPS 140-3 release for Hewlett Packard Enterprise Aruba Crypto Module firmware version 1.0 used by ArubaOS firmware versions running on Hewlett Packard Enterprise hardware and virtual appliances |
Non-Proprietary Tables Preface notice. Products identified herein contain confidential commercial firmware. Valid license required. Document Revision History The following table lists the history of the revisions of this document by version number and date of revision. Table 1
This section describes:
This release supplement provides information regarding the Hewlett Packard Enterprise Aruba Crypto Module firmware version 1.0 FIPS 140-3 Level 1 validation from Hewlett Packard Enterprise (HPE). Throughout this document, references to HPE Networking are to the Hewlett Packard Enterprise division. The material in this supplement modifies the general Hewlett Packard Enterprise firmware documentation included with this product and should be kept with your Hewlett Packard Enterprise product documentation. This supplement primarily covers the non-proprietary Cryptographic Module Security Policy for the Hewlett Packard Enterprise Aruba Crypto Module firmware version 1.0. This security policy describes how the module meets the security requirements of FIPS 140-3 Level 1 and how to place and maintain the module in the secure Approved mode. This policy was prepared as part of the FIPS 1403 Level 1 validation of the product. FIPS 140-3 (Federal Information Processing Standards Publication 140-3, Security Requirements for Cryptographic Modules) details the U.S. Government requirements for cryptographic modules. FIPS 140-3 aligns with ISO/IEC 19790:2012(E) and includes modifications of the Annexes that are allowed to the Cryptographic Module Validation Program (CMVP), as a validation authority. The testing for these requirements will be in accordance with ISO/IEC 24759:2017(E), with the modifications, additions or deletions of vendor evidence and testing allowed as a validation authority under paragraph 5.2. More information about the FIPS 140-3 standard and validation program is available on the National Institute of Standards and Technology (NIST) website at: https://csrc.nist.gov/projects/cryptographic-module-validation-program In addition, in this document, the Hewlett Packard Enterprise Aruba Crypto Module is referred to as the module, the cryptographic module, and Aruba Crypto module.
More information is available from the following sources:
AES AP CAVP CBC CCCS CLI CMVP CO CPSec CSE CSP DF EAP ECO EMC EMI ESV FE GE GHz HMAC Hz IKE IPsec KAT KEK L2TP LAN LED NTP OCSP PCT PSP SFTP SHA SNMP SSP SPOE TEL TFTP TPM WLAN 6| Advanced Encryption Standard Access Point Cryptographic Algorithm Validation Program Cipher Block Chaining Canadian Centre for Cyber Security, a branch of CSE Command Line Interface Cryptographic Module Validation Program Crypto Officer Control Plane Security protected Communications Security Establishment Critical Security Parameter Derivation Function Extensible Authentication Protocol External Crypto Officer Electromagnetic Compatibility Electromagnetic Interference Entropy Source Validation Fast Ethernet Gigabit Ethernet Gigahertz Hashed Message Authentication Code Hertz Internet Key Exchange Internet Protocol security Known Answer Test Key Encryption Key Layer-2 Tunnelling Protocol Local Area Network Light Emitting Diode Network Time Protocol Online Certificate Status Protocol Pairwise Consistency Test Public Security Parameter Secure File Transfer Protocol Secure Hash Algorithm Simple Network Management Protocol Sensitive Security Parameter Serial & Power Over Ethernet Tamper-Evident Label Trivial File Transfer Protocol Trusted Platform Module Wireless Local Area Network Hewlett Packard Enterprise Aruba Crypto Module Firmware Version 1.0 FIPS 140-3 Level 1 Security Policy
| Name | ISO Section | Requirement | Level |
|---|---|---|---|
| 1 | 1 | General | 1 |
| 2 | 2 | Cryptographic Module Specification | 1 |
| 3 | 3 | Cryptographic Module Interfaces | 1 |
| 4 | 4 | Roles, Services, and Authentication | 1 |
| 5 | 5 | Software/Firmware Security | 1 |
| 6 | 6 | Operational Environment | 1 |
| 7 | 7 | Physical Security | 1 |
| 8 | 8 | Non-Invasive Security | N/A |
| 9 | 9 | Sensitive Security Parameter Management | 1 |
| 10 | 10 | Self-Tests | 1 |
| 11 | 11 | Life-Cycle Assurance | 1 |
| 12 | 12 | Mitigation of Other Attacks | N/A |
| Overall | Overall | Overall Security Rating of the Module | 1 |
The Hewlett Packard Enterprise Aruba Crypto Module is intended to meet overall FIPS 140-3 Level 1 requirements as shown in the following table. Table 2
Purpose and Use: The Hewlett Packard Enterprise Aruba Crypto Module version 1.0 (also referred to as ‘the module’) is a firmware type cryptographic module and was validated under FIPS 140-3 Level 1 requirements and meets the claims made in this document. ArubaOS is the operating system for Hewlett Packard Enterprise Mobility Conductors, Mobility Controllers/Gateways, and controller-managed Hewlett Packard Enterprise Access Points (APs). The Hewlett Packard Enterprise Aruba Crypto Module (firmware) is an Hewlett Packard Enterprise cryptographic module that provides cryptographic services for the ArubaOS operating system running on the Hewlett Packard Enterprise hardware-based equipment or Hewlett Packard Enterprise virtual appliances. The Hewlett Packard Enterprise Aruba Crypto Module uses the Hewlett Packard Enterprise Aruba OpenSSL Module as a bound module (also referred to as ‘the bound OpenSSL module’) to provide the underlying cryptographic algorithms necessary for the Random Number Generation (RNG) service. The Hewlett Packard Enterprise Aruba OpenSSL Module version 1.0 is a validated cryptographic module with CMVP certificate #4929. Both the Hewlett Packard Enterprise Aruba Crypto Module and Aruba OpenSSL Module were validated under and met FIPS 140-3 Level 1 requirements. Module Type: Firmware Module Embodiment: Multiple-chip Standalone
The Hewlett Packard Enterprise Aruba Crypto Module (firmware) is an Hewlett Packard Enterprise cryptographic module that provides cryptographic services for the ArubaOS operating system. The cryptographic boundary for the Hewlett Packard Enterprise Aruba Crypto Module is defined as the module component within the Linux-based User Space. The physical perimeter is the production-grade enclosure of the hardware chassis of the Hewlett Packard Enterprise hardware device or Hewlett Packard Enterprise virtual appliance host. The module is one of the components within the ArubaOS firmware package in electronic form and is installed automatically when a trusted and verified ArubaOS is booted on an Hewlett Packard Enterprise device. The Hewlett Packard Enterprise Aruba Crypto Module component includes the module shared library and the associated integrity check file (used for integrity tests):
| Name | Operating System | Hardware Platform | Processor | Paa Pai | # |
|---|---|---|---|---|---|
| 1 | ArubaOS 8.10 | 7220 Mobility Controller | Broadcom XLP432 (MIPS64) | None | 1 |
| 2 | ArubaOS 8.10 | 9012 Gateway | Intel Atom C3508 (Denverton) | None | 2 |
| 3 | ArubaOS 8.10 | AP-515 Wireless Access Point | Broadcom BCM (64-bit ARMv8) | None | 3 |
| 4 | ArubaOS 8.10 | AP-535 Wireless Access Point | Qualcomm IPQ (64-bit ARM Cortex A53) | None | 4 |
| 5 | ArubaOS 8.10 | AP-635 Wireless Access Point | Qualcomm IPQ (64-bit ARM Cortex A53) | None | 5 |
| 6 | ArubaOS 8.10 | AP-655 Wireless Access Point | Qualcomm IPQ (64-bit ARM Cortex A53) | None | 6 |
| 7 | ArubaOS 8.10 | MCR-HW-5K Mobility Conductor Hardware Appliance | Intel Xeon E5-2620v4 (Broadwell) | with PAA | 7 |
| 8 | ArubaOS 8.10 on VMWare ESXi 7.0 | MC-VA-50 Mobility Controller Virtual Appliance on HPE ProLiant ML110 Gen10 | Intel Xeon Silver 4210 (Cascade Lake) | with / without PAA | 8 |
| 1 | ArubaOS 8.10 and 8.13 | 70xx Mobility Controllers | 1 | ||
| 2 | ArubaOS 8.10 and 8.13 | 72xx Mobility Controllers | 2 | ||
| 3 | ArubaOS 8.10 and 8.13 | 90xx Gateways | 3 | ||
| 4 | ArubaOS 8.10 and 8.13 | 92xx Gateways | 4 | ||
| 5 | ArubaOS 8.10 and 8.13 | AP-51x and AP-57x Wireless Access Points | 5 | ||
| 6 | ArubaOS 8.10 and 8.13 | AP-50x and AP-56x Wireless Access Points | 6 | ||
| 7 | ArubaOS 8.10 and 8.13 | AP-53x, AP-55x, AP-58x, and AP-63x Wireless Access Points | 7 | ||
| 8 | ArubaOS 8.10 and 8.13 | MCR-HW-xxx Mobility Conductor Hardware Appliances | 8 | ||
| 9 | ArubaOS 8.10 and 8.13 on VMWare ESXi 7.0 | MC-VA-xxx Mobility Controller Virtual Appliances on HPE ProLiant ML110 Gen10 | 9 | ||
| 10 | ArubaOS 8.10 and 8.13 on VMWare ESXi 7.0 | MCR-VA-xxx Mobility Conductor Virtual Appliances on HPE ProLiant ML110 Gen10 | 10 | ||
| 11 | ArubaOS 8.10 and 8.13 on VMWare ESXi 7.0 | Virtual Appliances on HPE EdgeLine 20 | 11 | ||
| 12 | ArubaOS 8.10 and 8.13 on VMWare ESXi 7.0 | Virtual Appliances on PacStar PS451-1258 Series | 12 | ||
| 13 | ArubaOS 8.10 and 8.13 on VMWare ESXi 7.0 | Virtual Appliances on device running an equivalent Intel processor (Intel Atom, i5, i7, or Xeon) | 13 |
| Type | Versions | ‘show ver’ Output | |||
|---|---|---|---|---|---|
| Firmware | Aruba Crypto Module version 1.0 | Aruba Crypto Module 1.0 |
Hewlett Packard Enterprise Aruba Crypto Module version 1.0 was validated against FIPS 140-3 Level 1 requirements. The CMVP makes no claim as to the correct operation of the module or the security strengths of the generated keys when operating a version that is not listed on the validation certificate. Table 3
The module operates in a limited operational environment. The module runs on the ArubaOS operating system and related hardware or virtual platform and provides cryptographic services for the ArubaOS operating system. See the following tables of Tested Operational Environments and Vendor Affirmed Operational Environments for details. Table 4
Non-Proprietary Table 5
There are no excluded components for the module.
The Hewlett Packard Enterprise Aruba Crypto Module (firmware) is one of the Hewlett Packard Enterprise cryptographic modules that provide cryptographic services for the host ArubaOS operating system, and is installed automatically when a trusted and verified ArubaOS is booted on an Hewlett Packard Enterprise host
When the module starts up successfully, after passing all the Cryptographic Algorithm Self-Tests (CASTs) and Pre-Operational Self-Tests (POSTs), and following the guidance in section 11.1, Start-up Procedures, the module is operating in the Approved mode of operation, provided that the guidelines on services, algorithms, and key management found in this Security Policy are followed. Hewlett Packard Enterprise Aruba Crypto Module Firmware Version 1.0 FIPS 140-3 Level 1 Security Policy
When the module starts up but FIPS Settings are not enabled as per the guidance in section 11.1, Start-up Procedures, then the module is operating in non-Approved mode of operation. 11| Hewlett Packard Enterprise Aruba Crypto Module Firmware Version 1.0 FIPS 140-3 Level 1 Security Policy
| Name | CAVP Cert | Mode Method | Key Size | Use Function |
|---|---|---|---|---|
| AES [FIPS 197] [SP 800-38A] [SP 800-38D] | A2689 | CBC, CTR, GCM1 | 128, 192, 256 | Data Encryption/Decryption |
| CVL IKEv22 [SP 800-135 Rev1] | A2689 | IKEv2 | IKEv2: DH 2048-bit; SHA2-256, SHA2-384 | Key Derivation |
| DSA3 [FIPS 186-4] | A2689 | keyGen, pqgGen | L=2048, N=256, SHA2-256 | Key Generation, Domain Parameter Generation |
| ECDSA [FIPS 186-4] | A2689 | KeyGen, KeyVer, SigGen, SigVer | KeyGen: P-256, P-384 KeyVer: P-256, P-384 SigGen: P-256, P-384 with SHA2-256, SHA2-384, SHA2-512 SigVer: P-256, P-384 with SHA-1, SHA2-256, SHA2-384, SHA2-512 | Key Generation and Verification, Digital Signature Generation and Verification |
| HMAC [FIPS 198-1] | A2689 | HMAC-SHA-1, HMAC-SHA2-256, HMAC-SHA2-384 | (minimum 112 bits) | Message Authentication |
| KAS-SSC [SP 800-56A Rev3] | A2689 | FFC: dhEphem, ECC: Ephemeral Unified | FFC: FC with SHA2-256, MODP-2048 with SHA2-256 ECC: P-256 with SHA2-256, P-384 with SHA2-384 KAS Roles - initiator, responder | Key Agreement Scheme – Shared Secret Computation |
| RSA [FIPS 186-2] | A2689 | SigVer: SHA-14, SHA2-256, SHA2-384, SHA2-512 PKCS1 v1.5 | 1024 (for legacy SigVer only), 2048 | Digital Signature Verification |
The firmware in the Hewlett Packard Enterprise Aruba Crypto Module contains the following cryptographic algorithm implementations that will be used for the corresponding security services supported by the module in the Approved mode. Table 6
| Name | CAVP Cert | Mode Method | Key Size | Use Function | |
|---|---|---|---|---|---|
| RSA [FIPS 186-4] | A2689 | KeyGen, SigGen: SHA2-256, SHA2-384, SHA2-512 PKCS1 v1.5 SigVer: SHA-15, SHA2-256, SHA2-384, SHA2-512 PKCS1 v1.5 | Key Generation, Digital Signature Generation and Verification | KeyGen: 2048 SigGen: 2048 SigVer: 1024 (for legacy SigVer only), 2048 | |
| Safe Primes [SP 800-56A Rev3] | A2689 | KeyGen, KeyVer | Safe Primes Key Generation and Key Verification | Safe Prime Groups: MODP-2048 | |
| SHS [FIPS 180-4] | A2689 | SHA-1, SHA2-256, SHA2-384, SHA2-512 Byte Only | Message Digest | 160, 256, 384, 512 | |
| KTS [SP 800-38F] | AES A2689 | AES-GCM6 | Key Wrapping / Key Transport via IKE/IPSec | 128, 256 | |
| KTS [SP 800-38F] [FIPS 198-1] | AES A2689 HMAC A2689 | AES-CBC7 HMAC-SHA-1, HMAC-SHA2-256, HMAC-SHA2-384 | Key Wrapping / Key Transport via IKE/IPSec | 128, 192, 256 | |
| DRBG8 [SP 800-90A Rev1] | A2690 | AES CTR | 256 | Deterministic Random Bit Generation |
| Name | CAVP Cert | Mode Method | Key Size | Use Function | |
|---|---|---|---|---|---|
| RSA [FIPS 186-4] | A2689 | KeyGen, SigGen: SHA2-256, SHA2-384, SHA2-512 PKCS1 v1.5 SigVer: SHA-15, SHA2-256, SHA2-384, SHA2-512 PKCS1 v1.5 | Key Generation, Digital Signature Generation and Verification | KeyGen: 2048 SigGen: 2048 SigVer: 1024 (for legacy SigVer only), 2048 | |
| Safe Primes [SP 800-56A Rev3] | A2689 | KeyGen, KeyVer | Safe Primes Key Generation and Key Verification | Safe Prime Groups: MODP-2048 | |
| SHS [FIPS 180-4] | A2689 | SHA-1, SHA2-256, SHA2-384, SHA2-512 Byte Only | Message Digest | 160, 256, 384, 512 | |
| KTS [SP 800-38F] | AES A2689 | AES-GCM6 | Key Wrapping / Key Transport via IKE/IPSec | 128, 256 | |
| KTS [SP 800-38F] [FIPS 198-1] | AES A2689 HMAC A2689 | AES-CBC7 HMAC-SHA-1, HMAC-SHA2-256, HMAC-SHA2-384 | Key Wrapping / Key Transport via IKE/IPSec | 128, 192, 256 | |
| DRBG8 [SP 800-90A Rev1] | A2690 | AES CTR | 256 | Deterministic Random Bit Generation |
Non-Proprietary The Hewlett Packard Enterprise Aruba Crypto Module does not implement a random number generator. Instead, it uses the Random Number Generation (RNG) service provided by the bound Hewlett Packard Enterprise Aruba OpenSSL Module cryptographic module, which implements a Deterministic Random Bit Generator (DRBG) compliant to [SP800-90A]. Data input and output between the Hewlett Packard Enterprise Aruba Crypto Module and the bound OpenSSL module are via API parameters. Table 7 –Approved Algorithms Provided by the Bound OpenSSL Module AES-GCM is an authenticated encryption algorithm that is approved for use in key transport per FIPS 140-3 IG D.G. This key establishment methodology provides 128 or 256 bits of encryption strength. AES-CBC combined with HMAC is approved for use in key transport per FIPS 140-3 IG D.G. This key establishment methodology provides between 128 and 256 bits of encryption Refer to section 9.1, Non-Deterministic Random Number Generation Specification for details of the validated entropy source used by the RNG service provided by the bound OpenSSL module. 13| Hewlett Packard Enterprise Aruba Crypto Module Firmware Version 1.0 FIPS 140-3 Level 1 Security Policy
| Name | Use Function |
|---|---|
| DES | Used for older versions of WEP in non-Approved mode |
| HMAC-MD5 | Used for older versions of WEP in non-Approved mode |
| MD5 | Used for older versions of WEP in non-Approved mode |
| RC4 | Used for older versions of WEP in non-Approved mode |
| Null Encryption | Used for older versions of WEP in non-Approved mode |
| RSA | Non-compliant less than 112 bits, or when used with SHA-1 for signature generation, or when other than 2048-bit modulus sizes are used |
| Diffie-Hellman | key agreement; non-compliant less than 112 bits of encryption strength |
| EC Diffie-Hellman | key agreement; non-compliant less than 112 bits of encryption strength |
| ECDSA | non-compliant when using 186-2 signature generation |
| Triple-DES-CBC | As used in IKE/IPSec |
Operation The cryptographic module implements no non-Approved algorithms allowed for use in the Approved
Security Claimed The cryptographic module implements no non-Approved algorithms allowed in the Approved mode of operation with no security claimed.
The cryptographic module implements the following non-Approved algorithms that are not permitted for use in the Approved mode of operations. The module does not use any non-Approved algorithms implemented in the bound OpenSSL module. Table 8
| Name | Physical Port | Logical Interface | Data That Passes |
|---|---|---|---|
| N/A | N/A | Data Input | API input parameters for data (includes input data received from the bound OpenSSL module) |
| N/A | N/A | Data Output | API output parameters for data (includes output data sent to the bound OpenSSL module) |
| N/A | N/A | Control Input | API function calls |
| N/A | N/A | Status Output | API return codes, status information, error messages |
| N/A | N/A | Power | None |
| Role | Authentication Methods | Authentication Strength | |||
|---|---|---|---|---|---|
| Crypto Officer | N/A – Authentication not required for Level 1 | N/A | |||
| User | N/A – Authentication not required for Level 1 | N/A |
As a firmware module, the module interfaces are defined as Software or Firmware Module Interfaces (SFMI), and there are no physical ports. The logical interfaces are defined as the API of the cryptographic module. The interfaces are listed in the table below. All data output via data output interface is inhibited when the module is performing pre-operational tests or zeroization or when the module enters error state. Table 9
The following section lists the roles supported by the module, authentication mechanisms used by the module, and services (both security and non-security, Approved and non-Approved) available from the The Hewlett Packard Enterprise Aruba Crypto Module does not provide any identification or authentication methods of its own. The CO and the User roles are implicitly identified by the service requested.
The module supports two distinct operator roles: the Crypto Officer role and the User role. These roles are implicitly assumed by the operator of the module when performing a service. The module does not support multiple concurrent operators, a maintenance role, nor bypass capability. Table 10
| Name | Roles | Input | Output |
|---|---|---|---|
| Data encryption, decryption | User | Plaintext or ciphertext, key | Ciphertext or plaintext |
| Key derivation function | User | Shared secrets, inputs (IKEv2) | Derived keys |
| Digital signature | User | RSA or ECDSA public and private keys | RSA or ECDSA digital signature generated or verified |
| Message authentication | User | Message, HMAC key | Message authentication code |
| Key agreement | User | DH (FFC), ECDH key agreement primitives | Derived keys |
| Safe Primes key generation and verification | User | DH (FFC) domain parameters | DH (FFC) private key |
| Key pair generation | User | Key size or curve size | RSA, DSA (FFC), or ECDSA key pairs |
| Key wrapping / Key transport | User | AES key | Wrapped keys |
| Message digest | User | Message | Digest of the message |
| Status function | Crypto Officer | Commands and configuration data | Status of commands and configurations |
| Show Version | User | Command | Name and version of the module |
| Reboot Module | Crypto Officer | Command | Progress information |
| Self-Test triggered by Crypto Officer reboot | Crypto Officer | Module reboot | Progress information |
| Approved mode enable/disable | Crypto Officer | Command | Progress information |
Non-Proprietary The table below lists descriptions of the services available to the roles, with input and output. Table 11
| Name | Description | Roles | Csps Accessed | Approved Functions | Access | Indicator |
|---|---|---|---|---|---|---|
| Data encryption, decryption | Encrypt or decrypt data | User | [15] IKE Session Encryption Key [16] IPSec Session Encryption Key | AES-CBC AES-GCM (A2689) | W/E W/E | API return code for success |
| Key derivation function | Key derivation through SP800-135rev1-KDF (IKEv2-KDF), SP800- 108rev1-KDF (KBKDF) | User | [4] DH Shared Secret [7] ECDH Shared Secret [12] IKE Pre-Shared Key [13] SKEYSEED [14] IKE Session Authentication Key [15] IKE Session Encryption Key [16] IPSec Session Encryption Key [17] IPSec Session Authentication Key | KBKDF IKEv2-KDF (A2689) | W/E W/E W/E G/R G/R G/R G/R G/R | API return code for success |
| Digital signature | Generate or verify RSA or ECDSA digital signatures | User | [8] RSA Private Key [9] RSA Public Key [10] ECDSA Private Key [11] ECDSA Public Key | RSA SigGen RSA SigVer ECDSA SigGen ECDSA SigVer (A2689) | R/W/E R/W/E R/W/E R/W/E | API return code for success |
The module provides various services depending on role. These are described in the sections below. The meaning of the letters used to describe the ‘Access Rights to Keys and/or SSPs’ are:
See the tables below for descriptions of the services, Approved security functions, keys and/or SSPs available to the module’s roles. The Hewlett Packard Enterprise Aruba Crypto Module is one of the components within the ArubaOS firmware package that runs on the host device. ArubaOS includes CLI commands, some of which interact with the module via APIs. Successful completion of a security service (via API return code for success) when the module is in Approved mode (see section 11.1, Start-up Procedures) denotes use of approved security Note: The module does not implement a random number generator. Instead, it uses the Random Number Generation (RNG) service provided by the bound Hewlett Packard Enterprise Aruba OpenSSL Module cryptographic module, which implements a Deterministic Random Bit Generator (DRBG) compliant to [SP800-90A]. Data input and output between the Hewlett Packard Enterprise Aruba Crypto Module and the bound OpenSSL module are via API parameters. W/E W/E W/E W/E W/E G/R G/R G/R G/R G/R R/W/E R/W/E R/W/E R/W/E Hewlett Packard Enterprise Aruba Crypto Module Firmware Version 1.0 FIPS 140-3 Level 1 Security Policy
| Name | Use Function | |||||
|---|---|---|---|---|---|---|
| HMAC-SHA-1 HMAC-SHA2-256 HMAC-SHA2-384 HMAC-SHA2-512 (A2689) | Message authentication | Generate or verify data integrity with HMAC key | [14] IKE Session Authentication Key [17] IPSec Session Authentication Key | User | W/E W/E | API return code for success |
| KAS-ECC-SSC KAS-FFC-SSC (A2689) | Key agreement | Perform key agreement primitives on behalf of the calling process (does not establish keys into the module) | [2] DH Private Key [3] DH Public Key [4] DH Shared Secret [5] ECDH Private Key [6] ECDH Public Key [7] ECDH Shared Secret | User | W/E W/E G/R W/E W/E G/R | API return code for success |
| Safe Primes KeyGen Safe Primes KeyVer (A2689) | Safe Primes key generation and verification | Diffie-Hellman key generation and verification using safe primes | [2] DH Private Key [3] DH Public Key | User | G/R G/R | API return code for success |
| DSA/FFC keyGen DSA/FFC pqgGen Safe Primes KeyGen Safe Primes KeyVer ECDSA/ECC KeyGen ECDSA/ECC KeyVer RSA KeyGen RSA KeyVer (A2689) | Key pair generation | Generate RSA, FFC, or ECDSA key pairs | [1] Random Data Input [2] DH Private Key [3] DH Public Key [5] ECDH Private Key [6] ECDH Public Key [8] RSA Private Key [9] RSA Public Key [10] ECDSA Private Key [11] ECDSA Public Key | User | W/E G/R G/R G/R G/R G/R G/R G/R G/R | API return code for success |
| AES-GCM AES-CBC with HMAC (A2689) | Key wrapping / Key transport | AES key wrapping | [15] IKE Session Encryption Key [16] IPSec Session Encryption Key | User | W/E W/E | API return code for success |
| SHA-1 SHA2-256 SHA2-384 SHA2-512 (A2689) | Message digest | Generate a SHA-1 or SHA2 message digest | None | User | None | API return code for success |
| Name | Description | Roles | Csps Accessed | Approved Functions | Access | Indicator |
|---|---|---|---|---|---|---|
| Approved mode enable/disable | The Crypto Officer enables the Approved mode by following the procedures under section 11.1, Start-up Procedures, to ensure the Aruba host device is configured for Secure Operations. | Crypto Officer | None | None | None | API return code for success |
| Status Function | Crypto Officer may use ArubaOS CLI “show” commands on host to view logs and status. Please see ArubaOS CLI guide for details. | Crypto Officer | None | None | None | API return code for success |
Non-Proprietary W/E W/E W/E G/R W/E W/E G/R G/R G/R W/E G/R G/R G/R G/R G/R G/R G/R G/R W/E W/E W/E 18| Hewlett Packard Enterprise Aruba Crypto Module Firmware Version 1.0 FIPS 140-3 Level 1 Security Policy
| Name | Description | Roles | Approved Functions |
|---|---|---|---|
| IPSec/IKE using Triple-DES | IPSec/IKE key management using Triple-DES. This is a non-Approved service not available in the Approved mode. | User | Triple-DES |
| Use of non-Approved algorithms and/or sizes. | If the module has not been provisioned to operate in the Approved mode, then non-Approved algorithms and/or sizes are available for use – see above Table 8, Non-Approved Algorithms Not Allowed in the Approved Mode of Operation. This is a non-Approved service not available in the Approved mode. | User | Non-Approved algorithms and/or sizes |
| Name | Description | Roles | Approved Functions |
|---|---|---|---|
| IPSec/IKE using Triple-DES | IPSec/IKE key management using Triple-DES. This is a non-Approved service not available in the Approved mode. | User | Triple-DES |
| Use of non-Approved algorithms and/or sizes. | If the module has not been provisioned to operate in the Approved mode, then non-Approved algorithms and/or sizes are available for use – see above Table 8, Non-Approved Algorithms Not Allowed in the Approved Mode of Operation. This is a non-Approved service not available in the Approved mode. | User | Non-Approved algorithms and/or sizes |
Non-Proprietary Z 19| Hewlett Packard Enterprise Aruba Crypto Module Firmware Version 1.0 FIPS 140-3 Level 1 Security Policy
The Hewlett Packard Enterprise Aruba Crypto Module (firmware version 1.0) is an Hewlett Packard Enterprise cryptographic module that provides cryptographic services for the ArubaOS operating system. The module is one of the components within the ArubaOS firmware package in electronic form and is installed automatically when a trusted and verified ArubaOS firmware package signed by Hewlett Packard Enterprise is booted on an Hewlett Packard Enterprise host device. The module performs a firmware integrity test when powered on (refer to Self-Tests for details). All cryptographic algorithm self-tests are run at power-up, prior to the first operational use of the cryptographic algorithm. The firmware integrity test verifies the integrity of the module by comparing a calculated HMAC-SHA-1 value against the stored HMAC value. The operator can initiate the firmware integrity test on demand by rebooting the host. Rebooting also zeroizes all SSPs stored in SDRAM memory. All data output via the data output interface is inhibited until the firmware integrity test has completed successfully. If the firmware integrity test fails, the module enters the error state (while in this state, the module provides no functionality). The temporary values generated during the firmware integrity test are zeroized upon completion of the integrity test. After the ArubaOS firmware boot, the operator can determine the version of the loaded module through reviewing the log and by using the show version ArubaOS CLI command on the host (use the link in the section Full Documentation to refer to ArubaOS 8.10 Command-Line Interface Reference Guide and ArubaOS
The operational environment is limited. The control plane Operating System (OS) is Linux, a multi-threaded operating system that supports memory protection between processes. Access to the underlying Linux implementation is not provided directly. Only Hewlett Packard Enterprise provided interfaces are used. The Hewlett Packard Enterprise Aruba Crypto Module is one of the components within the ArubaOS firmware package which runs on the host device. ArubaOS includes Command Line Interface (CLI) commands, some of which interact with the module via APIs. The ArubaOS CLI and the module APIs are restricted command sets. These operating control mechanisms protect against unauthorized execution, unauthorized modification, and unauthorized reading of SSPs, control and status data. The module was tested on the platforms listed above in section 2.3, Table 4, Tested Operational Environments.
The Hewlett Packard Enterprise Aruba Crypto Module is a firmware type module and obtains its physical security from the host platform. As per FIPS 140-3 for multiple-chip standalone cryptographic modules at Security Level 1, the host platform consists of production-grade components within a production-grade enclosure. All of the platforms listed above in section 2.3 meet these requirements.
Since the module has not been purposely designed, built and publicly documented to include non-invasive mitigation techniques, the Non-Invasive Security requirements are not applicable. 20| Hewlett Packard Enterprise Aruba Crypto Module Firmware Version 1.0 FIPS 140-3 Level 1 Security Policy
| Name | Strength | Generation | Establishment | Storage | Zeroization | Use | Import Export | # | ||
|---|---|---|---|---|---|---|---|---|---|---|
| 1 | 512 bits | 64 bytes are retrieved by bound OpenSSL module DRBG on each call by any service that requires a random number. | N/A | Stored in SDRAM memory (plaintext). | Zeroized by rebooting the module. | Random data inputs for key generation. | Import: From bound OpenSSL module via API parameters. Export: N/A | 1 | Random Data Input – CSP [EVM] | SP800-90A Rev1 CTR_DRBG AES-256 Cert. #A2690 |
| 2 | 112 bits | Generated internally in compliance with Diffie- Hellman key agreement scheme by calling bound OpenSSL module Approved DRBG (Cert. #A2690) | N/A | Stored in SDRAM memory (plaintext). | Zeroized by rebooting the module. | Used during the IPSec handshake to establish the Diffie-Hellman Shared Secret. | Import: From calling application Export: To calling application | 2 | Diffie-Hellman Private Key – CSP | Diffie-Hellman Group 14 Cert. #A2689 |
| 3 | 112 bits | Generated internally in compliance with Diffie- Hellman key agreement scheme by calling bound OpenSSL module Approved DRBG (Cert. #A2690) | N/A | Stored in SDRAM memory (plaintext). | Zeroized by rebooting the module. | Used during the IPSec handshake to establish the Diffie-Hellman Shared Secret. | Import: From calling application Export: To calling application | 3 | Diffie-Hellman Public Key – PSP | Diffie-Hellman Group 14 Cert. #A2689 |
| 4 | 112 bits | N/A | Established during Diffie-Hellman Exchange. | Stored in SDRAM memory (plaintext). | Zeroized by rebooting the module. | Used for deriving IPSec/IKE cryptographic keys. | Import: N/A Export: To calling application | 4 | Diffie-Hellman Shared Secret – CSP | Diffie-Hellman Group 14 Cert. #A2689 |
| 5 | Curves: P-256 or P-384 | Generated internally by calling bound OpenSSL module Approved DRBG (Cert. #A2690) during EC Diffie-Hellman Exchange. | N/A | Stored in SDRAM memory (plaintext). | Zeroized by rebooting the module. | Used for establishing EC Diffie-Hellman Shared Secret. | Import: From calling application Export: To calling application | 5 | EC Diffie- Hellman Private Key – CSP | EC Diffie- Hellman Cert. #A2689 |
| 6 | Curves: P-256 or P-384 | Generated internally by calling bound OpenSSL module Approved DRBG (Cert. #A2690) during EC Diffie-Hellman Exchange. | N/A | Stored in SDRAM memory (plaintext). | Zeroized by rebooting the module. | Used for establishing EC Diffie-Hellman Shared Secret. | Import: From calling application Export: To calling application | 6 | EC Diffie- Hellman Public Key – PSP | EC Diffie- Hellman Cert. #A2689 |
| 7 | 128 or 192 bits | N/A | Established during EC Diffie-Hellman Exchange. | Stored in SDRAM memory (plaintext). | Zeroized by rebooting the module. | Used for deriving IPSec/IKE cryptographic keys. | Import: N/A Export: To calling application | 7 | EC Diffie- Hellman Shared Secret – CSP | EC Diffie- Hellman Cert. #A2689 |
| 8 | 128 bits | Generated by calling bound OpenSSL module Approved DRBG (Cert. #A2690), in compliance with FIPS 186-4 RSA key pair generation method. | N/A | Stored in host Flash memory (plaintext). | Zeroized by using ArubaOS command ‘wipe out flash’ on host. | Used for IKEv2 peers authentication. | Import: From calling application Export: To calling application | 8 | RSA Private Key – CSP | RSA Private Key Cert. #A2689 |
| 9 | 128 bits | Generated by calling bound OpenSSL module Approved DRBG (Cert. #A2690), in compliance with FIPS 186-4 RSA key pair generation method. | N/A | Stored in host Flash memory (plaintext). | Zeroized by using ArubaOS command ‘wipe out flash’ on host. | Used for IKEv2 peers authentication. | Import: From calling application Export: To calling application | 9 | RSA Public Key – PSP | RSA Public Key Cert. #A2689 |
| 10 | Curves: P-256 or P-384 | Generated by calling bound OpenSSL module Approved DRBG (Cert. #A2690), in compliance with FIPS 186-4 ECDSA key pair generation method. | N/A | Stored in host Flash memory (plaintext). | Zeroized by using ArubaOS command ‘wipe out flash’ on host. | Used for IKEv2 peers authentication. | Import: From calling application Export: To calling application | 10 | ECDSA Private Key – CSP | ECDSA SigGen Cert. #A2689 |
| 11 | Curves: P-256 or P-384 | Generated by calling bound OpenSSL module Approved DRBG (Cert. #A2690), in compliance with FIPS 186-4 ECDSA key pair generation method. | N/A | Stored in host Flash memory (plaintext). | Zeroized by using ArubaOS command ‘wipe out flash’ on host. | Used for IKEv2 peers authentication. | Import: From calling application Export: To calling application | 11 | ECDSA Public Key – PSP | ECDSA SigGen Cert. #A2689 |
| 12 | 8 - 64 ASCII or 64 HEX characters | N/A | N/A | Stored in host Flash memory (plaintext). | Zeroized by using ArubaOS command ‘wipe out flash’ on host or by overwriting with a new secret. | Used for IKEv2 peers authentication. | Import: From calling application Export: N/A | 12 | IKE Pre- Shared Key – CSP | N/A |
| 13 | 160 / 256 / 384 bits | Derived via key derivation function defined in SP800-135 Rev1 KDF (IKEv2). | N/A | Stored in SDRAM memory (plaintext). | Zeroized by rebooting the module. | A shared secret known only to IKEv2 peers. Used for deriving other keys in IKEv2 protocol. | Import: N/A Export: N/A | 13 | SKEYSEED – CSP | IKEv2 KDF Cert. #A2689 |
| 14 | 160 / 256 / 384 bits | Derived via key derivation function defined in SP800-135 Rev1 KDF (IKEv2). | N/A | Stored in SDRAM memory (plaintext). | Zeroized by rebooting the module. | The IKE session (IKE Phase I) authentication key. Used for IKEv2 payload integrity verification. | Import: N/A Export: To calling application | 14 | IKE Session Authentication Key – CSP | HMAC-SHA-1/ HMAC-SHA2- 256/384 Cert. #A2689 |
| 15 | 128 / 192 / 256 bits | Derived via key derivation function defined in SP800-135 Rev1 KDF (IKEv2). | N/A | Stored in SDRAM memory (plaintext). | Zeroized by rebooting the module. | The IKE session (IKE Phase I) encrypt key. Used for IKE payload protection. | Import: N/A Export: To calling application | 15 | IKE Session Encryption Key – CSP | AES (CBC) Cert. #A2689 |
| 16 | 128 / 192 / 256 bits 128 / 256 bits | Derived via key derivation function defined in SP800-135 Rev1 KDF (IKEv2). | N/A | Stored in SDRAM memory (plaintext). | Zeroized by rebooting the module. | The IPSec (IKE phase II) encryption key. Used for IPSec traffics protection. IPSec session encryption keys can also be used for the Double Encrypt feature. | Import: N/A Export: To calling application | 16 | IPSec Session Encryption Key – CSP | AES (CBC) and AES (GCM) Cert. #A2689 |
| 17 | 160 bits | Derived via key derivation function defined in SP800-135 Rev1 KDF (IKEv2). | N/A | Stored in SDRAM memory (plaintext). | Zeroized by rebooting the module. | The IPSec (IKE Phase II) authentication key. Used for IPSec traffics integrity verification. | Import: N/A Export: To calling application | 17 | IPSec Session Authentication Key – CSP | HMAC-SHA-1 Cert. #A2689 |
The following are the Sensitive Security Parameters (SSPs) used in the module. As specified in the Zeroization column of the following table, the majority service. The Hewlett Packard Enterprise Aruba Crypto Module is one of the components within the ArubaOS firmware package that runs on the host device, thus the module is rebooted when the host device is rebooted. ArubaOS includes CLI commands. As specified in the Zeroization column of the following table, there are a minority of SSPs/Keys used in the module that are stored in the host flash. The host flash can be zeroized implicitly by using the ArubaOS CLI command ‘wipe out flash’ on the host device. # N/A N/A 21| Hewlett Packard Enterprise Aruba Crypto Module Firmware Version 1.0 FIPS 140-3 Level 1 Security Policy
Non-Proprietary # EC DiffieHellman EC DiffieHellman EC DiffieHellman 22| EC DiffieHellman EC DiffieHellman N/A N/A N/A N/A EC DiffieHellman N/A Hewlett Packard Enterprise Aruba Crypto Module Firmware Version 1.0 FIPS 140-3 Level 1 Security Policy
Non-Proprietary # N/A N/A N/A N/A 23| Hewlett Packard Enterprise Aruba Crypto Module Firmware Version 1.0 FIPS 140-3 Level 1 Security Policy
Non-Proprietary # N/A 24| N/A N/A N/A N/A N/A Hewlett Packard Enterprise Aruba Crypto Module Firmware Version 1.0 FIPS 140-3 Level 1 Security Policy
Non-Proprietary # N/A N/A Notes:
| Name | Key Size | |
|---|---|---|
| Details | Minimum Number of Bits of Entropy | Entropy Sources |
| The module employs a SP800-90Arev1-compliant Deterministic Random Bit Generator (DRBG) using an AES-256 CTR_DRBG mechanism with Derivation Function (DF) for random number generation (Cert. #A2690). The employed DRBG uses a SP800-90B-compliant non-physical entropy source that uses CPU jitter provided by the operational environment as a noise source (Jitterentropy (JENT) with SHA-3 as the vetted conditioning component) which is within the module host’s physical boundary but outside of the module’s cryptographic boundary. The entropy source performs the SP800-90B Section 4.4 Approved Continuous Health Tests (RCT and APT). | Oversampling of 512 bits is performed to ensure that 256 bits of entropy is available to the DRBG. | Aruba CPU Jitter Entropy Source (see NIST Entropy Source Validation (ESV) program certificate E7) |
Non-Proprietary The module does not implement a random number generator. Instead, it uses the Random Number Generation (RNG) service provided by the bound Hewlett Packard Enterprise Aruba OpenSSL Module cryptographic module, which implements a Deterministic Random Bit Generator are specified in the table below. 26| Hewlett Packard Enterprise Aruba Crypto Module Firmware Version 1.0 FIPS 140-3 Level 1 Security Policy
| Name | Algorithm Or Test | Test Type | Details | Test Properties | |
|---|---|---|---|---|---|
| Firmware Integrity Test | Firmware Integrity Test | KAT | The Firmware Integrity Test verifies the integrity of the module by comparing a calculated HMAC-SHA-1 value against the stored HMAC value. The KAT for the HMAC- SHA-1 is executed before the Firmware Integrity Test. | HMAC-SHA-1 with 117-bit key | |
| AES CBC | AES CBC | KAT | Encrypt, Decrypt | AES-CBC-256 | Each run when module powered on, which is prior to the first operational use of the cryptographic algorithms |
| AES GCM | AES GCM | KAT | Encrypt, Decrypt | AES-GCM-256 | |
| ECDSA | ECDSA | KAT | Sign, Verify | P-256 | |
| HMAC | HMAC | KAT | HMAC-SHA-1, HMAC-SHA2-256, HMAC-SHA2-384, HMAC-SHA2-512 | ||
| KAS-SSC-ECC | KAS-SSC-ECC | KAT | Ephemeral Unified SP 800-56A Rev3 based | Primitive ‘Z’ computation with P-256 curve |
| Name | Algorithm Or Test | Test Type | Details | Test Properties | |
|---|---|---|---|---|---|
| Firmware Integrity Test | Firmware Integrity Test | KAT | The Firmware Integrity Test verifies the integrity of the module by comparing a calculated HMAC-SHA-1 value against the stored HMAC value. The KAT for the HMAC- SHA-1 is executed before the Firmware Integrity Test. | HMAC-SHA-1 with 117-bit key | |
| AES CBC | AES CBC | KAT | Encrypt, Decrypt | AES-CBC-256 | Each run when module powered on, which is prior to the first operational use of the cryptographic algorithms |
| AES GCM | AES GCM | KAT | Encrypt, Decrypt | AES-GCM-256 | |
| ECDSA | ECDSA | KAT | Sign, Verify | P-256 | |
| HMAC | HMAC | KAT | HMAC-SHA-1, HMAC-SHA2-256, HMAC-SHA2-384, HMAC-SHA2-512 | ||
| KAS-SSC-ECC | KAS-SSC-ECC | KAT | Ephemeral Unified SP 800-56A Rev3 based | Primitive ‘Z’ computation with P-256 curve | |
| KAS-SSC-FFC | KAS-SSC-FFC | KAT | dhEphem SP 800-56A Rev3 based | Shared secret computation, p=2048, q=256 | Each run when module powered on, which is prior to the first operational use of the cryptographic algorithms |
| KDF135 | KDF135 | KAT | SP 800-135 Rev1 based: IKEv2 | Key derivation | |
| RSA | RSA | KAT | Sign, Verify | 2048, PKCS#1-v1.5 | |
| SHS | SHS | KAT | SHA-1, SHA-256, SHA-384, SHA-512 | ||
| ECC key pairs | ECC key pairs | PCT | Sign, Verify | P-256, P-384 | Each run on key pair generation |
| FFC key pairs | FFC key pairs | PCT | SP800-56A Rev3 assurances as per SP 800-56A Rev3 Section 5.6.2.1.4 for PCT | DH key pair generation | |
| RSA key pairs | RSA key pairs | PCT | Sign, Verify | 2048, PKCS#1-v1.5 |
The Hewlett Packard Enterprise Aruba Crypto Module performs when powered on the Cryptographic Algorithm Self-Tests (CASTs) and PreOperational Self-Tests (POSTs. While the module is executing the cryptographic algorithm and pre-operational self-tests, services are not available, and input and output are inhibited. In addition, the module also performs Conditional self-tests. All cryptographic algorithm self-tests are run when the conditional self-tests are passed successfully, the module transitions to the operational state. When a cryptographic algorithm self-test or pre-operational self-test fails, or when a conditional self-test fails, the module enters the Critical Error state (while in this state, the module provides no functionality and inhibits data output), logs the error, and reboots automatically. The Hewlett Packard Enterprise Aruba Crypto Module performs the following Pre-Operational Self-Tests (POSTs): Table 17
Non-Proprietary Table 19
Non-Proprietary To see the results of the self-tests run by the module, use the ArubaOS CLI command on the host device: show log crypto all Upon successful completion of the power-up self-tests, the module displays results on the host device console: Completed FIPS Aruba Cryptographic KAT test successfully. In the event any self-test fails, the module will enter a Critical Error state (while in this state, the module provides no functionality and inhibits data output), logs the error, and reboots automatically. After a self-test failure, the module displays results on the host device console : KATs: FIPS Aruba Cryptographic KAT failure PCTs: FIPS Aruba Cryptographic asymmetric key KAT failure. FIPS POST: FAIL Rebooting… When the firmware integrity test fails at power-up, the module enters the Critical Error state, where the invalid host ArubaOS firmware file is deleted to clear the error. The host device will automatically reboot from the backup ArubaOS image on the secondary partition. The module displays on the host device console: FIPS Aruba Mocana Integrity test failure Aruba Crypto FIPS KAT test FAILED!! Restarting System. 29| Hewlett Packard Enterprise Aruba Crypto Module Firmware Version 1.0 FIPS 140-3 Level 1 Security Policy
The Hewlett Packard Enterprise Aruba Crypto Module is a firmware type module, and must run on an Hewlett Packard Enterprise hardware unit (e.g., Controller, Gateway, Conductor, or Access Point) or virtual appliance (e.g., VMWare ESXi or open source KVM hypervisor running on a hardware server unit (e.g., HPE ProLiant ML110 Gen10 or HPE EdgeLine 20)). ArubaOS is the operating system for Hewlett Packard Enterprise Mobility Conductors, Mobility Controllers/Gateways, and controller-managed Hewlett Packard Enterprise Access Points (APs). The Hewlett Packard Enterprise Aruba Crypto Module is one of the Hewlett Packard Enterprise cryptographic modules that provide cryptographic services for the host ArubaOS operating system running on the Hewlett Packard Enterprise hardware-based equipment or Hewlett Packard Enterprise virtual appliances.
The Hewlett Packard Enterprise Aruba Crypto Module is one of the components within the ArubaOS firmware package in electronic form and is installed automatically when a trusted and verified ArubaOS is booted on an Hewlett Packard Enterprise host device. ArubaOS firmware in electronic form is installed by Hewlett Packard Enterprise technical support personnel or downloaded from the HPE Networking Support Portal (NSP) by authenticated licensed customer personnel.
11.1.1 Setting Up the Hewlett Packard Enterprise Controller, Gateway, Conductor, or Controllermanaged Access Point (AP) and Running Hewlett Packard Enterprise Aruba Crypto Module
Automatically The Crypto Officer shall perform the following steps to set-up your Hewlett Packard Enterprise Controller, Gateway, Conductor, or controller-managed Access Point (AP) either as a host hardware unit or a virtual appliance:
Non-Proprietary b. Enable the Approved mode using the following ArubaOS CLI commands on the host: #configure terminal Enter Configuration commands, one per line. End with CNTL/Z (config) #fips enable (config) #exit #write memory Saving Configuration... Configuration Saved. c. To verify the Approved mode has been enabled, issue the ArubaOS CLI command on the host: show fips to see: FIPS Settings: Mode Enabled
Documentation for any Hewlett Packard Enterprise product can be found on the HPE Networking Support Portal (NSP). Filters can be used to limit the displayed results by Product(s), Product Series, Version(s), and File Category. For example,
The following Hewlett Packard Enterprise documents can be referenced to ensure that ArubaOS and the Hewlett Packard Enterprise hardware-based equipment or Hewlett Packard Enterprise virtual appliances that run ArubaOS are installed and operated correctly in the Approved mode:
The Crypto Officer must ensure that the module is kept in the Approved mode of operation. To keep the module in the Approved mode, abide by section 11.1, Start-up Procedures, section 2.9, Non-Approved Algorithms Not Allowed in the Approved Mode of Operation, and section 4.3.2, Non-Approved Services.
Not Applicable (N/A) 31| Hewlett Packard Enterprise Aruba Crypto Module Firmware Version 1.0 FIPS 140-3 Level 1 Security Policy
To determine if an Hewlett Packard Enterprise product is considered end of life, refer to the Hewlett Packard Enterprise end-of life information at https://networkingsupport.hpe.com/end-of-life. If an Hewlett Packard Enterprise product is deemed end-of-life, the CO should work with their Hewlett Packard Enterprise representative to determine the appropriate Hewlett Packard Enterprise product upgrade path to use a newer Approved version. For secure sanitization and zeroization of SSP values, follow the guidance in the Zeroization service entry above in Table 13, in section Approved Services to wipe out host flash and reboot the module. Since the module is a component of ArubaOS, if the module is deprecated, the module will be upgraded to a newer Approved validated version by loading and booting the newer validated version of ArubaOS with the help of an Hewlett Packard Enterprise-Certified Mobility Professional (ACMP).
The module has not been purposely designed, built and publicly documented to mitigate one or more specific attacks. The Mitigation of Other Attacks requirements are not applicable, per FIPS 140-3 IG 12.A. 32| Hewlett Packard Enterprise Aruba Crypto Module Firmware Version 1.0 FIPS 140-3 Level 1 Security Policy