All modules
CMVP Validated Module · FIPS 140-3 Security Policy

Apple corecrypto Module v13.0 [Intel, User, Software, SL1]

Certificate#4948StandardFIPS 140-3Level1TypeSoftwareEmbodimentMulti-Chip Stand AloneStatusHistoricalVendorApple Inc.
Medium review priority  ·  no TCB surface named  ·  last validated 18 months ago. How this is derived →

Certificate

StandardFIPS 140-3
Overall level1
Module typeSoftware
EmbodimentMulti-Chip Stand Alone
StatusHistorical
CaveatInterim validation. When operated in approved mode
VendorApple Inc.

Approved Algorithms (158)

AlgorithmACVP Cert
AES-CBCA3501
AES-CBCA3502
AES-CBCA3503
AES-CBCA3504
AES-CBCA3508
AES-CBCA3509
AES-CCMA3503
AES-CCMA3504
AES-CCMA3509
AES-CCMA3510
AES-CCMA3511
AES-CFB128A3503
AES-CFB128A3504
AES-CFB128A3509
AES-CFB8A3503
AES-CFB8A3504
AES-CFB8A3509
AES-CMACA3509
AES-CTRA3503
AES-CTRA3504
AES-CTRA3509
AES-CTRA3510
AES-CTRA3511
AES-ECBA3501
AES-ECBA3502
AES-ECBA3503
AES-ECBA3504
AES-ECBA3509
AES-ECBA3510
AES-ECBA3511
AES-GCMA3503
AES-GCMA3504
AES-GCMA3509
AES-GCMA3510
AES-GCMA3511
AES-KWA3503
AES-KWA3504
AES-KWA3509
AES-OFBA3503
AES-OFBA3504
AES-OFBA3509
AES-XTS Testing Revision 2.0A3501
AES-XTS Testing Revision 2.0A3502
AES-XTS Testing Revision 2.0A3503
AES-XTS Testing Revision 2.0A3504
AES-XTS Testing Revision 2.0A3509
Counter DRBGA3503
Counter DRBGA3504
Counter DRBGA3509
Counter DRBGA3510
Counter DRBGA3511
ECDSA KeyGen (FIPS186-4)A3505
ECDSA KeyGen (FIPS186-4)A3506
ECDSA KeyGen (FIPS186-4)A3507
ECDSA KeyGen (FIPS186-4)A3509
ECDSA KeyVer (FIPS186-4)A3505
ECDSA KeyVer (FIPS186-4)A3506
ECDSA KeyVer (FIPS186-4)A3507
ECDSA KeyVer (FIPS186-4)A3509
ECDSA SigGen (FIPS186-4)A3505
ECDSA SigGen (FIPS186-4)A3506
ECDSA SigGen (FIPS186-4)A3507
ECDSA SigGen (FIPS186-4)A3509
ECDSA SigVer (FIPS186-4)A3505
ECDSA SigVer (FIPS186-4)A3506
ECDSA SigVer (FIPS186-4)A3507
ECDSA SigVer (FIPS186-4)A3509
HMAC DRBGA3505
HMAC DRBGA3506
HMAC DRBGA3507
HMAC DRBGA3509
HMAC-SHA-1A3505
HMAC-SHA-1A3506
HMAC-SHA-1A3507
HMAC-SHA-1A3509
HMAC-SHA-1A3512
HMAC-SHA2-224A3505
HMAC-SHA2-224A3506
HMAC-SHA2-224A3507
HMAC-SHA2-224A3509
HMAC-SHA2-224A3512
HMAC-SHA2-256A3505
HMAC-SHA2-256A3506
HMAC-SHA2-256A3507
HMAC-SHA2-256A3509
HMAC-SHA2-256A3512
HMAC-SHA2-384A3505
HMAC-SHA2-384A3506
HMAC-SHA2-384A3507
HMAC-SHA2-384A3509
HMAC-SHA2-384A3512
HMAC-SHA2-512A3505
HMAC-SHA2-512A3506
HMAC-SHA2-512A3507
HMAC-SHA2-512A3509
HMAC-SHA2-512A3512
HMAC-SHA2-512/256A3505
HMAC-SHA2-512/256A3506
HMAC-SHA2-512/256A3507
HMAC-SHA2-512/256A3509
KAS-ECC-SSC Sp800-56Ar3A3509
KAS-FFC-SSC Sp800-56Ar3A3509
KDF SP800-108A3505
KDF SP800-108A3505
KDF SP800-108A3506
KDF SP800-108A3506
KDF SP800-108A3507
KDF SP800-108A3507
KDF SP800-108A3509
KDF SP800-108A3509
KDF SP800-108A3509
PBKDFA3505
PBKDFA3506
PBKDFA3507
PBKDFA3509
RSA KeyGen (FIPS186-4)A3505
RSA KeyGen (FIPS186-4)A3506
RSA KeyGen (FIPS186-4)A3507
RSA KeyGen (FIPS186-4)A3509
RSA SigGen (FIPS186-4)A3505
RSA SigGen (FIPS186-4)A3506
RSA SigGen (FIPS186-4)A3507
RSA SigGen (FIPS186-4)A3509
RSA SigVer (FIPS186-4)A3505
RSA SigVer (FIPS186-4)A3506
RSA SigVer (FIPS186-4)A3507
RSA SigVer (FIPS186-4)A3509
Safe Primes Key GenerationA3509
SHA-1A3505
SHA-1A3506
SHA-1A3507
SHA-1A3509
SHA-1A3512
SHA2-224A3505
SHA2-224A3506
SHA2-224A3507
SHA2-224A3509
SHA2-224A3512
SHA2-256A3505
SHA2-256A3506
SHA2-256A3507
SHA2-256A3509
SHA2-256A3512
SHA2-384A3505
SHA2-384A3506
SHA2-384A3507
SHA2-384A3509
SHA2-384A3512
SHA2-512A3505
SHA2-512A3506
SHA2-512A3507
SHA2-512A3509
SHA2-512A3512
SHA2-512/256A3505
SHA2-512/256A3506
SHA2-512/256A3507
SHA2-512/256A3509
TDES-ECBA3509

Derived Review-Risk Graph (review prompts, not findings)

flowchart LR
  %% Deterministic review-risk graph for Apple corecrypto Module v13.0 [Intel, User, Software, SL1]
  %% Review prompts and evidence gaps, NOT vulnerability findings.
  subgraph CMVP["CMVP-disclosed clues"]
    C2["[low] Firmware update / recovery<br/>/ rollback (referenced in<br/>text)<br/><i>Firmware Load</i>"]
    C3["[low] Self-test / status surface<br/>(referenced in text)<br/><i>Status Output<br/>Self-test<br/>Show status</i>"]
    C5["[low] Protocol / secure-channel<br/>references (may be KDF<br/>names, not a live channel)<br/><i>TLS<br/>IPSEC<br/>HTTPS</i>"]
    C6["[low] Operating system / runtime<br/>referenced (boundary<br/>membership not asserted)<br/><i>operating system<br/>kernel<br/>application</i>"]
  end
  subgraph Inference["Derived inference"]
    I2["Possible only, trusted<br/>code is reachable through<br/>update and recovery paths."]
    I3["Possible only, some<br/>services may process input<br/>before, or without,<br/>operator authentication."]
    I5["Possible only, a protocol<br/>is referenced, but whether<br/>it is a live channel or<br/>only a KDF/algorithm name<br/>is unconfirmed."]
    I6["Possible only, a<br/>runtime/OS is referenced,<br/>but its membership in the<br/>cryptographic boundary is<br/>not established."]
  end
  subgraph Risk["Reviewer question"]
    R2["Are update images<br/>authenticated before<br/>parsing, and are<br/>downgrade/rollback paths<br/>constrained?"]
    R3["Can unauthenticated<br/>services leak state,<br/>consume resources, or<br/>transition security state?"]
    R5["If a live TLS/SSH/IKE<br/>channel exists, could<br/>library CVEs apply, or is<br/>this only a<br/>KDF/documentation name?"]
    R6["If the OS/runtime is<br/>in-boundary, could its<br/>CVEs be hidden by<br/>firmware-only versioning?"]
  end
  subgraph Evidence["Evidence needed to close"]
    E2["confirm the disclosure<br/>itself (keyword hit,<br/>context unverified) ·<br/>update image format ·<br/>signature-before-parse<br/>proof · anti-rollback /<br/>downgrade policy"]
    E3["confirm the disclosure<br/>itself (keyword hit,<br/>context unverified) ·<br/>pre-auth reachability<br/>matrix · rate limits and<br/>output redaction ·<br/>abuse-case tests"]
    E5["confirm the disclosure<br/>itself (keyword hit,<br/>context unverified) ·<br/>library identity and<br/>version ·<br/>certificate-validation<br/>behaviour · protocol-CVE<br/>disposition"]
    E6["confirm the disclosure<br/>itself (keyword hit,<br/>context unverified) ·<br/>runtime identity and<br/>config · kernel/runtime<br/>hardening profile ·<br/>patch/backport manifest"]
  end
  C2 --> I2 --> R2 --> E2
  C3 --> I3 --> R3 --> E3
  C5 --> I5 --> R5 --> E5
  C6 --> I6 --> R6 --> E6
  classDef clue fill:#eef3f9,stroke:#6f7f91,color:#1f3a5f;
  classDef infer fill:#fff7e6,stroke:#b98500,color:#6b4e00;
  classDef risk fill:#fbe9e9,stroke:#b02a2a,color:#7a1f1f;
  classDef evidence fill:#e6f4ea,stroke:#1e7d34,color:#14532d;
  class C2,C3,C5,C6 clue;
  class I2,I3,I5,I6 infer;
  class R2,R3,R5,R6 risk;
  class E2,E3,E5,E6 evidence;
Underlying clues
flowchart LR
  %% Deterministic clue tier for Apple corecrypto Module v13.0 [Intel, User, Software, SL1]
  %% confidence: high = structured record field; medium = structured but soft; low (dashed) = bare keyword hit, context unverified
  subgraph CMVP["CMVP-disclosed clues (deterministic)"]
    C2["[low] Firmware update / recovery / rollback (referenced in text)<br/><i>Firmware Load</i><br/>src: text:keyword"]
    C3["[low] Self-test / status surface (referenced in text)<br/><i>Status Output<br/>Self-test<br/>Show status</i><br/>src: text:keyword"]
    C5["[low] Protocol / secure-channel references (may be KDF names, not a live channel)<br/><i>TLS<br/>IPSEC<br/>HTTPS</i><br/>src: text:keyword"]
    C6["[low] Operating system / runtime referenced (boundary membership not asserted)<br/><i>operating system<br/>kernel<br/>application</i><br/>src: text:keyword"]
  end
  classDef clueHigh fill:#eef3f9,stroke:#2f6fb0,stroke-width:2px,color:#1f3a5f;
  classDef clueMedium fill:#eef3f9,stroke:#6f7f91,color:#1f3a5f;
  classDef clueLow fill:#f7f7f7,stroke:#999,stroke-dasharray:4 4,color:#444;
  class C2,C3,C5,C6 clueLow;

Security Policy, page by page

Page 1

Apple Inc. Apple corecrypto Module v13.0 [Intel, User, Software, SL1] Document Version 2.0 January 2025 Prepared by: Lightship Security Inc. 1101-150 Isabella Street, Ottawa, ON, K1S 1V7 www.lightshipsec.com This document may be reproduced and distributed only in its original entirety without revision.

Page 2

Trademarks Apple's trademarks applicable to this document are listed in https://www.apple.com/legal/intellectualproperty/trademark/appletmlist.html. Other company, product, and service names may be trademarks or service marks of others. This document may be reproduced and distributed only in its original entirety without revision.

Page 3

Contents This document may be reproduced and distributed only in its original entirety without revision.

Page 4

Tables Table 5

Page 5

1. General This document is the non-proprietary FIPS 140-3 Security Policy for Apple corecrypto Module v13.0 [Intel, User, Software, SL1] cryptographic module. It contains the security rules under which the module must operate and describes how this module meets the requirements as specified in FIPS PUB 140-3 (Federal Information Processing Standards Publication 140-3) for a Security Level 1 module. This document provides all tables and diagrams (when applicable) required by NIST SP 800-140B. The column names of the tables follow the template tables provided in NIST SP 800-140B. Table 1 describes the individual security areas of FIPS 140-3, as well as the Security Levels of those individual areas. Section FIPS 140-3 Section Title Security Level

1 General 1

2 Cryptographic module specification 1

3 Cryptographic module interfaces 1

4 Roles, services, and authentication 1

5 Software/Firmware security 1

6 Operational environment 1

7 Physical security N/A

8 Non-invasive security N/A

9 Sensitive security parameter management 1

10 Self-tests 1

11 Life-cycle assurance 1

12 Mitigation of other attacks N/A

Table 1

Page 6

2. Cryptographic Module Specification The Apple corecrypto Module v13.0 [Intel, User, Software, SL1] cryptographic module (hereafter referred to as "the Module") is a software module running on a multi-chip standalone general-purpose computing platform. The version of module is 13 written as v13.0. The module provides implementations of low-level cryptographic primitives to the Host OS's (macOS Ventura v13) Security Framework and Common Crypto. The module has been tested by Lightship Security, Inc. CST lab on the following platforms with and without PAA: # Operating System Hardware Platform Processor PAA/Acceleration

1 macOS Ventura v13 MacBook Air (2022) Intel i5-8210Y (Amber Lake) PAA

2 macOS Ventura v13 MacBook Air (2022) Intel i7-1060NG7 (Ice Lake) PAA

3 macOS Ventura v13 MacBook Pro (2022) Intel i7-8700B (Coffee Lake) PAA

4 macOS Ventura v13 iMac (2022) Intel i7-10700K (Comet Lake) PAA

5 macOS Ventura v13 MacBook Pro (2022) Intel i9-9880H (Coffee Lake) PAA

6 macOS Ventura v13 iMac Pro (2022) Xeon W-2140B (SkyLake) PAA

7 macOS Ventura v13 Mac Pro (2022) Xeon W-3223 (Cascade Lake) PAA

8 macOS Ventura v13 Mac Pro (2022) Intel i5-8257U (Coffee Lake) PAA

9 macOS Ventura v13 MacBook Air (2022) Intel i5-8210Y (Amber Lake) No

10 macOS Ventura v13 MacBook Air (2022) Intel i7-1060NG7 (Ice Lake) No

11 macOS Ventura v13 MacBook Pro (2022) Intel i7-8700B (Coffee Lake) No

12 macOS Ventura v13 iMac (2022) Intel i7-10700K (Comet Lake) No

13 macOS Ventura v13 MacBook Pro (2022) Intel i9-9880H (Coffee Lake) No

14 macOS Ventura v13 iMac Pro (2022) Xeon W-2140B (SkyLake) No

15 macOS Ventura v13 Mac Pro (2022) Xeon W-3223 (Cascade Lake) No

16 macOS Ventura v13 Mac Pro (2022) Intel i5-8257U (Coffee Lake) No

Table 2

1 macOS Ventura v13 MacBook Pro - i5 (Ice Lake), 2021, 2020

2 macOS Ventura v13 MacBook Pro - i5 (Coffee Lake), 2021, 2020, 2019, 2018

3 macOS Ventura v13 MacBook Pro - i7 (Amber Lake), 2021, 2019, 2018

4 macOS Ventura v13 MacBook Pro - i7 (Coffee Lake), 2021, 2020, 2019, 2018

5 macOS Ventura v13 MacBook Pro - i7 (Ice Lake), 2021, 2020

6 macOS Ventura v13 MacBook Pro - i9 (Coffee Lake), 2021, 2019, 2018

7 macOS Ventura v13 MacBook Air - i5 (Ice Lake), 2021, 2020

8 macOS Ventura v13 MacBook Air - i7 (Ice Lake), 2021, 2020

9 macOS Ventura v13 MacBook Air - i5 (Amber Lake), 2021, 2019, 2018

10 macOS Ventura v13 MacBook Air - i7 (Amber Lake), 2021, 2018

11 macOS Ventura v13 Mac mini - i5 (Coffee Lake), 2021, 2018

This document may be reproduced and distributed only in its original entirety without revision.

Page 7

12 macOS Ventura v13 Mac mini - i7 (Coffee Lake), 2021, 2018

13 macOS Ventura v13 iMac - i5 (Comet Lake), 2021, 2020

14 macOS Ventura v13 iMac - i7 (Comet Lake), 2021, 2020

15 macOS Ventura v13 iMac - i9 (Comet Lake), 2021, 2020

16 macOS Ventura v13 iMac - i5 (Coffee Lake), 2021, 2019

17 macOS Ventura v13 iMac - i7 (Coffee Lake), 2021, 2019

18 macOS Ventura v13 iMac - i9 (Coffee Lake), 2021, 2019

19 macOS Ventura v13 iMac - i9 (Comet Lake), 2022

Table 3

Page 8

A3510 (vng_asm) A3511 (vng_aesni) A3503 (c_aesni) AES GCM 128, 192, 256 Authenticated encryption A3504 (c_asm) [FIPS 197] and decryption A3509 (c_ltc) [SP 800-38D] A3510 (vng_asm) A3511 (vng_aesni) A3503 (c_aesni) AES KW 128, 192, 256 Key wrapping A3504 (c_asm) [FIPS 197] A3509 (c_ltc) [SP 800-38F] A3503 (c_aesni) AES OFB 128, 192, 256 Symmetric encryption and A3504 (c_asm) [FIPS 197] decryption A3509 (c_ltc) [SP 800-38A] A3501 (asm_aesni) XTS-AES XTS 128, 256 Symmetric encryption and A3502 (asm_x86) [FIPS 197] decryption on storage A3503 (c_aesni) [SP 800-38E] devices A3504 (c_asm) A3509 (c_ltc) A3503 (c_aesni) CTR_DRBG AES-CTR Key Length/ Key Random Number A3504 (c_asm) [SP 800-90Ar1] Strength: 128, 256 Generation A3509 (c_ltc) Derivation Function A3510 (vng_asm) Enabled: Yes A3511 (vng_aesni) A3505 (c_avx) ECDSA KeyGen, KeyVer, SigGen, Curves: P-224, P-256, Digital signatures and A3506 (c_avx2) [FIPS 186-4] SigVer P-384, P-521 asymmetric key generation A3507 (c_sse3) Key Strength: from and verification A3509 (c_ltc) 112 to 256 Vendor Affirmed CKG Key Pair Generation (CKG) - Cryptographic key using method in Sections 4 generation and 5.1 in [SP 800-133r2] A3505 (c_avx) HMAC HMAC-SHA-1 112 bits or greater Message authentication A3506 (c_avx2) [FIPS 198-1] HMAC-SHA2-224 A3507 (c_sse3) HMAC-SHA2-256 A3509 (c_ltc) HMAC-SHA2-384 A3512 (vng_intel) HMAC-SHA2-512 A3505 (c_avx) HMAC HMAC-SHA2-512/256 512 Message authentication A3506 (c_avx2) [FIPS 198-1] A3509 (c_ltc) A3507 (c_sse3) A3505 (c_avx) HMAC_DRBG SHA-1 112 bits or greater Random Number A3506 (c_avx2) [SP 800-90Ar1] SHA2-224 Generation A3507 (c_sse3) SHA2-256 A3509 (c_ltc) SHA2-384 SHA2-512 A3509 (c_ltc) KAS-FFC-SSC Scheme: dhEphem Domain Parameter Shared Secret Computation [SP 800-56Ar3]1 KAS Role: initiator, Generation Methods: responder MODP-2048, MODP3072, MODP-4096, MODP-6144, MODP8192 Key Strength: from

112 to 200

A3509 (c_ltc) KAS-ECC-SSC Scheme: ephemeral Unified Domain Parameter Shared Secret Computation [SP 800-56Ar3]2 Generation Methods: The TLS and IPSec/IKE protocols have not been reviewed or tested by the CAVP and CMVP. The TLS and IPSec/IKE protocols have not been reviewed or tested by the CAVP and CMVP. This document may be reproduced and distributed only in its original entirety without revision.

Page 9

KAS Role: initiator, P-224, P-256, P-384, responder P-521 Key Strength: from

112 to 256

A3505 (c_avx) KBKDF Counter Supported Lengths: Key Derivation A3506 (c_avx2) [SP 800-108] Feedback 8-4096 Increment 8 A3507 (c_sse3) HMAC-SHA-1 Fixed Data Order: A3509 (c_ltc) HMAC-SHA2-224 Before Fixed Data HMAC-SHA2-256 Counter Length: 32 HMAC-SHA2-384 HMAC-SHA2-512 A3509 (c_ltc) KBKDF Counter Supported Lengths: Key Derivation [SP 800-108] CMAC-AES128 8-4096 Increment 8 CMAC-AES192 Fixed Data Order: CMAC-AES256 Before Fixed Data Counter Length: 8, 16, 24, 32 A3505 (c_avx) PBKDF HMAC with: SHA-1, SHA- Password length: 8- Key Derivation A3506 (c_avx2) [SP 800-132] 224, SHA-256, SHA-384, 128 bytes Increment A3507 (c_sse3) SHA-512 1 A3509 (c_ltc) Salt Length: 128-

4096 Increment 8
1000 Increment 1

A3509 (c_ltc) Safe Primes Key KeyGen for DH Safe Prime Groups: Key Generation Generation MODP-2048, MODP3072, MODP-4096, MODP-6144, MODP8192 Key Strength: from

112 to 200

A3505 (c_avx) RSA KeyGen (ANSI X9.31) KeyGen: 2048, 3072, Digital signatures and A3506 (c_avx2) [FIPS 186-4] SigGen (PKCS#1 v1.5) and 4096 asymmetric key generation A3507 (c_sse3) (PKCS PSS) SigGen: 2048, 3072, and verification A3509 (c_ltc) 4096 SigVer (PKCS#1 v1.5) and (PKCS PSS) SigVer: 1024 (legacy use), 2048, 3072, 4096 A3505 (c_avx) SHS SHA-1 160 Message digest A3506 (c_avx2) [FIPS 180-4] SHA2-224 224 A3507 (c_sse3) SHA2-256 256 A3509 (c_ltc) SHA2-384 384 A3512 (vng_intel) SHA2-512 512 A3505 (c_avx) SHS SHA2-512/256 512 Message digest A3506 (c_avx2) [FIPS 180-4] A3507 (c_sse3) A3509 (c_ltc) A3509 (c_ltc) Triple-DES ECB Keying Option: 1 Symmetric decryption Table 4

Page 10

Table 5

Page 11

The Apple corecrypto Module v13.0 [Inter, User, Software, SL1] executes within the user space of the computing platforms and operating systems listed in Table 2

Page 12

3. Cryptographic Module Interfaces As a software-only module, the module does not have physical ports. For the purpose of the FIPS 140-3 validation, the physical ports are interpreted to be the physical ports of the hardware platform on which it runs. The underlying logical interfaces of the module are the C language Application Programming Interfaces (APIs). In detail these interfaces are described in the table below. Physical port Logical interface Data that passes over port / interface N/A Data Input Data inputs are provided in the variables passed in the API and callable service invocations, generally through caller-supplied buffers. N/A Data Output Data outputs are provided in the variables passed in the API and callable service invocations, generally through caller-supplied buffers. N/A Control Input Control inputs which control the mode of the module are provided through dedicated parameters. N/A Control Output Not Applicable4 N/A Status Output Status output is provided in return codes and through messages. Documentation for each API lists possible return codes. A complete list of all return codes returned by the C language APIs within the module is provided in the header files and the API documentation. Messages are also documented in the API documentation. Table 7

Page 13

4. Roles, Service and Authentication The Module supports a single instance of one authorized role, designated as the Crypto-Officer. No support is provided for multiple concurrent operators or a Maintenance Operator The table below lists the services available to the Crypto Officer: Role Service Input Output Crypto-Officer (CO) Symmetric encryption AES Key Cipher text Plain text data Crypto-Officer (CO) Symmetric decryption AES Key Plain text Cipher text data Crypto-Officer (CO) Key wrapping Key-encryption-key Wrapped key Key to be wrapped Crypto-Officer (CO) Key unwrapping Key-encryption-key Unwrapped key Wrapped key Crypto-Officer (CO) Secure Hashing Message Message digest Crypto-Officer (CO) MD5 (non-approved but allowed for Message Message digest TLS 1.0/1.1) Hash Generation Crypto-Officer (CO) Message Authentication Code (MAC) Message, MAC key, MAC Message Authentication Code Generation algorithm Crypto-Officer (CO) Message Authentication Code (MAC) MAC, message, HMAC key, MAC pass/fail result Verification algorithm Crypto-Officer (CO) Generate asymmetric key pair Random numbers, domain Public/private key pair parameters Crypto-Officer (CO) Generate digital signature private key, message, hash Digital signature function Crypto-Officer (CO) Verify digital signature public key True or False Crypto-Officer (CO) Generate random number entropy, seed, V and key values random bit-string Crypto-Officer (CO) Shared Secret Computation Domain parameters Shared Secret Possessed key pair Imported public key Crypto-Officer (CO) Derive key via KBKDF Key Derivation Key Derived key Crypto-Officer (CO) Derive key via PBKDF Password Derived key Crypto-Officer (CO) Zeroise symmetric keys Handler of symmetric crypto Released memory space function context Crypto-Officer (CO) Zeroise asymmetric keys Handler of asymmetric crypto Released memory space function context Crypto-Officer (CO) Zeroise context for key agreement Handler of key agreement Released memory space shared secrets crypto function context Crypto-Officer (CO) Zeroise hash Handler of hash context Released memory space Crypto-Officer (CO) Self-test Instantiation Status Crypto-Officer (CO) Show status API invocation Operational / error status Crypto-Officer (CO) Show module info API invocation Module base name Module version This document may be reproduced and distributed only in its original entirety without revision.

Page 14

Table 8

4.1 Authentication

FIPS 140-3 does not require an authentication mechanism for level 1 modules. Therefore, the module does not implement an authentication mechanism for Crypto Officer. The Crypto Officer role is authorized to access all services provided by the module (see Table 9

4.2 Services

The module implements a dedicated API function to indicate if a requested service utilizes an approved security function. For services listed in Table 9 – Approved services, the indicator function returns

  1. For services listed in Table 10 – Non-approved services, the indicator function returns
  2. The table below lists all approved services that can be used in the approved mode of operation. The abbreviations of the access rights to keys and SSPs have the following interpretation: G - Generate: The module generates or derives the SSP. R - Read: The SSP is read from the module (e.g., the SSP is output). W - Write: The SSP is updated, imported, or written to the module. E - Execute: The module uses the SSP in performing a cryptographic operation. Z - Zeroise: The module zeroises the SSP. N/A - The service does not access any SSP during its operation Service Description Approved Keys and/or SSPs Roles Access rights Indicator Security to Keys Functions and/or SSPs ECDSA key pair Generate a ECDSA5 ECDSA key pair CO GR 1 generation public/private key CKG pair ECDSA signature Generate a digital ECDSA ECDSA private key CO RE 1 generation signature ECDSA signature Verify a digital ECDSA ECDSA public key CO RWE 1 verification signature Derive key via Derive keys KBKDF KBKDF Key CO WE 1 KBKDF derivation key KBKDF Derived key GRE Key wrapping Perform key wrapping AES-KW AES Key wrapping CO WE 1 key Key unwrapping Perform key AES-KW AES Key wrapping CO WE 1 unwrapping key Hashing Compute a message SHA-1 N/A CO N/A 1 digest SHA2-224 SHA2-256 SHA2-384 SHA2-512 SHA2-512/256 MD5 (non- Used in the context of Message Digest: N/A CO N/A 1 approved but TLS in conjunction MD5 allowed for TLS In accordance with Section 4 and 5.1 of NIST [SP 800-133r2] (CKG), the module uses its approved DRBG to generate random bits and seeds used to generate asymmetric keys. Each generated seed is an unmodified output from the DRBG. This document may be reproduced and distributed only in its original entirety without revision.
Page 15

1.0/1.1) Hash with the approved Generation algorithm SHA-1 Symmetric Encrypt plaintext data AES-CBC, AES-ECB, AES Key CO WE 1 encryption AES-CFB128, AESCFB8, AES-OFB, AES-CTR, AES-XTS, AES-GCM, AES-CCM Symmetric Decrypt ciphertext AES-CBC, AES-ECB, AES Key CO WE 1 decryption data AES-CFB128, AESCFB8, AES-OFB, AES-CTR, AES-XTS, AES-GCM, AES-CCM MAC Generation Compute a message HMAC HMAC key CO WE 1 authentication code MAC Verification Verify a message HMAC HMAC key CO WE 1 authentication code RSA key pair Generate a RSA6 RSA key pair CO GR 1 generation public/private key CKG pair RSA signature Generate a digital RSA RSA private key CO RE 1 generation signature RSA signature Verify a digital RSA RSA public key CO RWE 1 verification signature Random number Generate a random CTR_DRBG DRBG entropy input CO Input: WE 1 generation number DRBG seed Seed: GE DRBG 'V' value V: GE DRBG 'Key' value Key: GE Derive Key via Derive key from Key Derivation: PBKDF password CO WE 1 PBKDF password PBKDF PBKDF derived key GRE Safe primes key Generate a keypair for Key Pair Generation Asymmetric Diffie CO GRW 1 generation a requested 'safe' Hellman key pair domain parameter Diffie-Hellman generate a shared KAS-FFC-SSC Asymmetric keys CO GRWE 1 Shared Secret secret (DH key pair) and Computation shared secret EC Diffie-Hellman generate a shared KAS-ECC-SSC Asymmetric keys CO GRWE 1 Shared Secret secret (EC key pair) and Computation shared secret Zeroise Release all resources N/A AES Key CO Z 1 symmetric keys of symmetric crypto KBKDF Key function context derivation key KBKDF Derived key PBKDF password PBKDF derived key Zeroise hash Release all resources N/A HMAC key CO Z 1 of hash context Zeroise context Release of all N/A Asymmetric keys CO Z 1 for Diffie- resources of key (ECDH/DH) and Hellman and EC agreement crypto shared secret Diffie-Hellman function context Zeroise Release of all N/A RSA key pair CO Z 1 asymmetric keys resources of ECDSA key pair In accordance with Section 4 and 5.1 of NIST [SP 800-133r2] (CKG), the module uses its approved DRBG to generate random bits and seeds used to generate asymmetric keys. Each generated seed is an unmodified output from the DRBG. This document may be reproduced and distributed only in its original entirety without revision.

Page 16

asymmetric crypto function context Self-test Perform pre- N/A N/A CO N/A 1 operational and algorithm self-test Show status Return module status N/A N/A CO N/A N/A Show module Return module name N/A N/A CO N/A N/A info and versioning information Table 9

Page 17

ECDSA Signature ECDSA Signature Verification using curve P-192 ECDSA Signature CO 0 Verification Input: (P-192) public key and signature Verification Output: True or False ECDSA Key Pair Key Pair Generation for compact point ECDSA Key Generation CO 0 Generation for compact representation of points point representation of Input: key size points Output: generated private and public key pair Ed25519/X25519 Key Ed25519 Key Generation Ed25519 Key Generation CO 0 Generation Input: none X25519 Key Generation Output: generated Ed25519/Curve25519 private and public key pair Ed25519 Signature Ed25519 Signature Generation over Ed25519 Signature CO 0 Generation Curve25519 Generation Input: (Ed25519) private key and message Output: signature Ed25519 Signature EdDSA Signature Verification over Ed25519 Ed25519 Signature CO 0 Verification Input: (Ed25519) public key and signature Verification Output: True or False X25519 Key Agreement X25519 Key Agreement X25519 Key Agreement CO 0 Input: peer public key and own private key Output: shared secret ECIES Elliptic Curve encrypt/ decrypt ECIES Encrypt/Decrypt CO 0 Input for encryption: peer public key, plaintext Output for encryption: public key, ciphertext (with authentication tag) Input for decryption: authentication tag, ciphertext, own private key Output for decryption: plaintext message or error ANSI X9.63 Key SHA-1 hash-based SHA-1 CO 0 Derivation Input: key derivation key Output: derived key SP 800-56C Key SHA-256 hash-based SHA-256 CO 0 Derivation (HKDF) Input: key derivation key Output: derived key RFC6637 Key Derivation SHA hash based SHA-256, SHA-512, AES-128, CO 0 Input: key derivation key AES-256 Output: derived key OMAC Message One-Key CBC-MAC using 128-bit key OMAC CO 0 Authentication Code For Message Authentication Code Generation Generation and Input: message and key Verification Output: message authentication code (MAC) For Message Authentication Code Verification Input: message, key, and MAC Output: True or False Message digest Message digest generation using non-approved MD2, MD4, RIPEMD CO 0 generation algorithms Input: message Output: message digest (other) symmetric Symmetric encryption / decryption using non- Blowfish, CAST5, DES, RC2, CO 0 encryption / decryption approved algorithms RC4 Input for Encryption: key and plain text Output for Encryption: cipher text This document may be reproduced and distributed only in its original entirety without revision.

Page 18

Input for Decryption: key and cipher text Output for Decryption: plain text Table 10

Page 19
5.1 Integrity Techniques

The Apple corecrypto Module v13.0 [Intel, User, Software, SL1], which is made up of a single component, is provided in the form of binary executable code. A software integrity test is performed on the runtime image of the module. The HMAC-SHA2-256 implemented in the module is used as an approved algorithm for the integrity test. If the test fails, the module enters an error state where no cryptographic services are provided and data output is prohibited. In this state the module is not operational.

5.2 On-demand Integrity Test

Integrity tests are performed as part of the Pre-Operational Self-Tests. The software integrity test is automatically executed at power-on. It can also be invoked by self-test service or powering-off and reloading the module. This document may be reproduced and distributed only in its original entirety without revision.

Page 20
6.1 Applicability

The Apple corecrypto Module v13.0 [Intel, User, Software, SL1] operates in a modifiable operational environment per FIPS 140-3 level 1 specifications. The module is supplied as part of macOS, a commercially available general-purpose operating system executing on the computing platforms specified in section 2. This document may be reproduced and distributed only in its original entirety without revision.

Page 21

7. Physical Security The FIPS 140-3 physical security requirements do not apply to the Apple corecrypto Module v13.0 [Intel, User, Software, SL1] since it is a software module. This document may be reproduced and distributed only in its original entirety without revision.

Page 22

8. Non-invasive Security Currently, the ISO/IEC 19790:2012 non-invasive security area is not required by FIPS 140-3 (see NIST SP 800-140F). The requirements of this area are not applicable to the module. This document may be reproduced and distributed only in its original entirety without revision.

Page 23

9. Sensitive Security Parameter Management The following table summarizes the keys and Sensitive Security Parameters (SSPs) that are used by the cryptographic services implemented in the module: Key/SSP Strength Security Generati Import Establish- Storage Zeroisation Use & Name/ Function and on /Export ment related keys Type Cert. Number AES key 128 to AES (CBC, CCM, N/A Imported from N/A N/A. The Automatic Symmetric

256 bits CFB, CTR, ECB, calling module zeroisation Encryption and

GCM, OFB, XTS application does not when Decryption modes) provide structure is A3501 (asm_aesni) persistent deallocated or A3502 (asm_x86) No export keys/SSPs when the A3503 (c_aesni) storage. system is A3504 (c_asm) powered down A3508 (c_glad) A3509 (c_ltc) A3510 (vng_asm) A3511 (vng_aesni) AES Key 128 to 256 AES-KW N/A Imported from N/A Key Wrapping wrapping key bits A3503 (c_aesni) calling and A3504 (c_asm) application Unwrapping A3509 (c_ltc) (KTS) No export DH public key 112 to KAS-FFC-SSC The key Imported from N/A Key Agreement

200 bits A3509 (c_ltc) pairs are or exported to

generated calling conformant application to [SP 800DH private key 133r2] Exported to N/A Section 4 calling (CKG) using application. Safe-prime Intermediate groups keygen values MODP are not output groups belonging to (RFC 3526) DH shared 112 to Internally N/A Shared Secret secret 200 bits generated Computation using [SP 800-56Ar3] DH SSC EC DH public 112 to 256 KAS-ECC-SSC The key Imported from N/A Key Agreement key bits A3509 (c_ltc) pairs are or exported to generated calling conformant application to [SP 800EC DH private 133r2] Exported to N/A key Section 4 calling (CKG) using application. FIPS186-4 Intermediate Key keygen values Generation are not output method, and the random value used in the key generation is generated using [SP 800-90Ar1] DRBG ECC CDH 112 to 256 Internally N/A Shared secret shared secret bits generated computation via [SP 80056Ar3] ECC CDH shared This document may be reproduced and distributed only in its original entirety without revision.

Page 24

secret computatio n DRBG entropy 256 bits Random Number N/A Imported from N/A Random input Generation entropy source Number Generation DRBG seed, 256 bits CTR_DRBG Internally N/A N/A Random DRBG V, DRBG A3503 (c_aesni) generated Number key A3504 (c_asm) as defined Generation A3509 (c_ltc) by [SP 800A3510 (vng_asm) 90Ar1] A3511 (vng_aesni) ECDSA public 112

Page 25

800-90Ar1] DRBG PBKDF N/A PBKDF N/A Imported from N/A Key Derivation Password A3505 (c_avx) calling A3506 (c_avx2) application A3507 (c_sse3) A3509 (c_ltc) No export PBKDF derived Min: 112 PBKDF Generated No Import N/A Key Derivation key bits A3505 (c_avx) via [SP 800A3506 (c_avx2) 132] PBKDF A3507 (c_sse3) Export to A3509 (c_ltc) calling application Table 11

9.1 Random Number Generation

A NIST approved deterministic random bit generator based on a block cipher as specified in NIST [SP 80090Ar1] is used. The default Approved DRBG used for random number generation is a CTR_DRBG using AES-

256 with derivation function and without prediction resistance. The random numbers used for key

generation are all generated by CTR_DRBG in this module. Per section 10.2.1.1 of [SP 800-90Ar1], the internal state of CTR_DRBG is the value V and Key. The deterministic random bit generators are seeded by /dev/random. The /dev/random is the User Space interface that extracts random bits from the entropy pool. Two entropy sources (one non-physical entropy source and one physical entropy source) residing within the TOEPP provide the random bits. The output of entropy pool provides 256-bits of entropy to seed and reseed [SP 800-90Ar1] DRBG during initialization (seed) and reseeding (reseed). The module also employs a HMAC_DRBG for random number generation. The HMAC_DRBG is only used at the early boot time of macOS kernel for memory randomization. The output of HMAC_DRBG is not used for key generation. Per section 10.1.2.1 of [SP 800-90Ar1], the internal state of HMAC_DRBG is the value V, Key. For both Apple Entropy sources tested in the OEs listed in Table 2, the customer does not have the ability to modify the ES configuration settings (see details in Public Use Document referenced in 3 and 4). The module also performs DRBG health tests according to section 11.3 of [SP 800-90Ar1]. Entropy source Minimum number of Details bits of entropy ESV Cert #E14 (physical source) 256 The seed is provided by post-processed entropy data from ESV Cert #E110 (non-physical source) two entropy sources. The entropy sources are located within the physical perimeter of the module but outside the cryptographic boundary of the module. Table 12

9.2 Key / SSP Generation

The module generates Keys and SSPs in accordance with FIPS 140-3 IG D.H. The cryptographic module performs Cryptographic Key Generation (CKG) for asymmetric keys as per [SP 800-133r2] Section 4 (vendor affirmed), compliant with [FIPS186-4], and using DRBG compliant with [SP 800-90Ar1]. A seed (the random value) used in asymmetric key generation is obtained from [SP 800-90Ar1] DRBG. The key generation service for RSA, Diffie-Hellman and EC key pairs as well as the [SP 800-90Ar1] DRBG have been ACVT tested with algorithm certificates found in Table 4. This document may be reproduced and distributed only in its original entirety without revision.

Page 26

The module also implements the following key derivation functions:

9.3 Key / SSP Establishment

The module provides the following SSP establishment related services in the Approved mode:

9.4 Key / SSP Import/Export

All keys and SSPs that are entered from, or output to module, are entered from or output to the invoking application running on the same device. Keys/SSPs entered into the module are electronically entered in plain text form. Keys/SSPs are output from the module in plain text form if required by the calling application. The module allows the output of plaintext CSPs (for example: EC/DH/RSA Key Pairs). To prevent inadvertent output of sensitive information, the module performs the following two independent internal actions:

  1. The module will internally request the random number generation service to obtain the random numbers and verify that the service completed without errors.
  2. Once the keys are generated the module will perform the pairwise consistency test and verify that the test is completed without errors. Only after successful completion of both actions, are the generated CSPs output via the API output parameter in plaintext.
9.5 Key / SSP Storage

The Module stores keys/SSPs in volatile memory only. They are received for use or generated by the module only at the command of the calling application. The module does not provide persistent keys/SSPs storage. The module protects all keys/SSPs through the memory separation and protection mechanisms provided by the operating system. No process other than the module itself can access the keys/SSPs in its process memory. This document may be reproduced and distributed only in its original entirety without revision.

Page 27
9.6 Key / SSP Zeroisation

Keys and SSPs are zeroised when the appropriate context object is destroyed or when the system is powered down. Input and output interfaces are inhibited while zeroisation is performed. This document may be reproduced and distributed only in its original entirety without revision.

Page 28

10. Self-tests This section specifies the pre-operational and conditional self-tests performed by the module. The preoperational and conditional self-tests ensure that the module is not corrupted and that the cryptographic algorithms work as expected. The module does not implement a bypass mode nor security functions critical to the secure operation of the cryptographic module and thus, does not implement either a pre-operational bypass test or pre-operational critical functions test. While the module is executing the self-tests, services are not available and input and output are inhibited. If any pre-operational or conditional self-tests fail, the module reports an error message indicating the cause of the failure and enters the Error State (See section 10.3). The module permits operators to initiate the preoperational or conditional self-tests on demand for periodic testing of the module by rebooting the system (i.e., power-cycling).

10.1 Pre-operational Software Integrity Test

The module performs a pre-operational software integrity automatically when the module is loaded into memory (i.e., at power on) before the module transitions to the operational state. A software integrity test is performed on the runtime image of the Apple corecrypto Module v13.0 [Intel, User, Software, SL1] with HMAC-SHA2-256 used to perform the approved integrity technique. Prior to using HMAC-SHA2-256, Conditional Cryptographic Algorithm Self-Test (CAST) is performed. If the CAST on the HMAC-SHA2-256 is successful, the HMAC value of the runtime image is recalculated and compared with the stored HMAC value pre-computed at compilation time.

10.2 Conditional Self-Tests

Conditional self-tests are performed by a cryptographic module when the conditions specified for the following tests occur: Cryptographic Algorithm Self-Test, Pair-Wise Consistency Test. The module does not implement any functions requiring a Software/Firmware Load Test, Manual Entry Test, Conditional Bypass Test nor Conditional Critical Functions Test; therefore, these tests are not performed by the module. The following sub-sections describe the conditional tests supported by the Apple corecrypto Module v13.0 [Intel, User, Software, SL1]. 10.2.1. Conditional Cryptographic Algorithm Self-Tests In addition to the pre-operational software integrity test described in Section 10.1, the Apple corecrypto Module v13.0 [Intel, User, Software, SL1] also runs the Conditional Cryptographic Algorithm Self-Tests (CAST) for all cryptographic functions of each approved cryptographic algorithm implemented by the module during power-up as well. All CASTs are performed prior to the first operational use of the cryptographic algorithm. These tests are detailed in Table 13

Page 29

KAT and Health test per NIST [SP 800-90Ar1] Section 11.3 HMAC-SHA-1, HMAC-SHA-256, HMAC-SHA-512, AES- CAST (KAT) CMAC SHA-1, SHA-256, SHA-512 Covered by high level HMAC CAST RSA, 2048-bit modulus with SHA-256 Separate Signature generation/ verification CAST (KAT) are performed ECDSA, P-256 curve with SHA-256 Separate Signature generation/ verification CAST (KAT) are performed Diffie-Hellman “Z” computation CAST (KAT)) EC Diffie-Hellman “Z” computation CAST (KAT) PBKDF CAST (KAT) KBKDF (counter and feedback modes) CAST (KAT) Table 13

10.3 Error Handling

If any of the above-mentioned self-tests described in Sections 10.1, 10.2.1 or 10.2.2 fail, the module reports the cause of the error and enters an error state. In the Error State, no cryptographic services are provided, and data output is prohibited. The only method to recover from the error state is to power cycle the device which results in the module being reloaded into memory and reperforming the pre-operational software integrity test and the Conditional CASTs. The module will only enter into the operational state after successfully passing the preoperational software integrity test and the Conditional CASTs. The table below shows the different causes that lead to the Error State and the status indicators reported. Cause of Error Error indicator Failed Pre-operational Software print statement “FAILED: fipspost_post_integrity” to stdout Integrity Test Failed Conditional CAST print statement “FAILED:<event>” to stdout (<event> refers to any of the cryptographic functions listed in Table 13

Page 30
11.1 Delivery and Operation

The module is built into macOS Ventura v13 and delivered with the respective device. There is no standalone delivery of the module as a software library. The vendor's internal development process guarantees that the correct version of module goes with its intended macOS version. For additional assurance, the module is digitally signed by vendor and it is verified during the integration into macOS. This digital signature-based integrity protection during the delivery/integration process is not to be confused with the HMAC-SHA2-256 based integrity check performed by the module itself as part of its pre-operational self-tests.

11.2 Crypto Officer Guidance

The Approved mode of operation is configured in the system by default and can only be transitioned into the non-Approved mode by calling one of the non-Approved services listed in Table 10

Page 31

is met implicitly. The module does not retain any state when power is lost. As indicated in Table 11, column Storage, the module exclusively uses volatile storage. This means that AES-GCM key/IVs are not persistently stored during power off: therefore, there is no re-connection possible when the power is back on with re-generation of the key used for GCM. After restoration of the power, the user of the module (e.g., TLS, IKE) along with User application that implements the protocol, must perform a complete new key establishment operation using new random numbers (Entropy input string, DRBG seed, DRBG internal state V and Key, shared secret values that are not retained during power cycle, see table 11) with subsequent KDF operations to establish a new GCM key/IV pair on either side of the network communication channel. These protocols have not been reviewed or tested by the CAVP and CMVP.

Page 32

12. Mitigation of Attacks The module does not claim mitigation of other attacks. This document may be reproduced and distributed only in its original entirety without revision.

Page 33

Appendix A. Glossary and Abbreviations AES Advanced Encryption Standard AES-NI Advanced Encryption Standard New Instructions CAVP Cryptographic Algorithm Validation Program CAST Cryptographic Algorithm Self-Test CBC Cipher Block Chaining CCM Counter with Cipher Block Chaining-Message Authentication Code CFB Cipher Feedback CMAC Cipher-based Message Authentication Code CMVP Cryptographic Module Validation Program CSP Critical Security Parameter CTR Counter Mode DRBG Deterministic Random Bit Generator ECB Electronic Code Book ENT NIST SP 800-90B Compliant Entropy Source FFC Finite Field Cryptography FIPS Federal Information Processing Standards Publication GCM Galois Counter Mode HMAC Hash Message Authentication Code KAS Key Agreement Scheme KAT Known Answer Test KBKDF Key Based Key Derivation Function KDF Key Derivation Function KW AES Key Wrap MAC Message Authentication Code NIST National Institute of Science and Technology OAEP Optimal Asymmetric Encryption Padding OFB Output Feedback PAA Processor Algorithm Acceleration PBKDF Password Based Key Derivation Function PKG Key-Pair Generation PKV Public Key Validation PRF Pseudo-Random Function PSS Probabilistic Signature Scheme RSA Rivest, Shamir, Addleman SHA Secure Hash Algorithm SHS Secure Hash Standard SSC Shared Secret Computation TOEPP Tested Operational Environment Physical Perimeter XTS XEX Tweakable Block Ciphertext Stealing This document may be reproduced and distributed only in its original entirety without revision.

Page 34

Appendix B. References FIPS140-3 FIPS PUB 140-3 - Security Requirements for Cryptographic Modules March 2019 https://doi.org/10.6028/NIST.FIPS.140-3 SP 800-140x CMVP FIPS 140-3 Related Reference https://csrc.nist.gov/Projects/cryptographic-module-validation-program/fips-140-3standards FIPS140-3_IG Implementation Guidance for FIPS PUB 140-3 and the Cryptographic Module Validation Program https://csrc.nist.gov/Projects/cryptographic-module-validation-program/fips-140-3-igannouncements FIPS140-3_MM CMVP FIPS 140-3 Draft Management Manual https://csrc.nist.gov/csrc/media/Projects/cryptographic-module-validationprogram/documents/fips%20140-3/Draft%20FIPS-140-3CMVP%20Management%20Manual%20v1.2%20%5BDec%2023%202022%5D.pdf SP 800-140 FIPS 140-3 Derived Test Requirements (DTR) https://csrc.nist.gov/publications/detail/sp/800-140/final SP 800-140A CMVP Documentation Requirements https://csrc.nist.gov/publications/detail/sp/800-140a/final SP 800-140B CMVP Security Policy Requirements https://csrc.nist.gov/publications/detail/sp/800-140b/final SP 800-140C CMVP Approved Security Functions https://csrc.nist.gov/publications/detail/sp/800-140c/final SP 800-140D CMVP Approved Sensitive Security Parameter Generation and Establishment Methods https://csrc.nist.gov/publications/detail/sp/800-140d/final SP 800-140E CMVP Approved Authentication Mechanisms https://csrc.nist.gov/publications/detail/sp/800-140e/final SP 800-140F CMVP Approved Non-Invasive Attack Mitigation Test Metrics https://csrc.nist.gov/publications/detail/sp/800-140f/final FIPS180-4 Secure Hash Standard (SHS) March 2012 http://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.180-4.pdf This document may be reproduced and distributed only in its original entirety without revision.

Page 35

FIPS186-4 Digital Signature Standard (DSS) July 2013 http://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-4.pdf FIPS197 Advanced Encryption Standard November 2001 http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf FIPS198-1 The Keyed Hash Message Authentication Code (HMAC) July 2008 http://csrc.nist.gov/publications/fips/fips198-1/FIPS-198-1_final.pdf PKCS#1 Public Key Cryptography Standards (PKCS) #1: RSA Cryptography Specifications Version 2.1 February 2003 http://www.ietf.org/rfc/rfc3447.txt RFC3394 Advanced Encryption Standard (AES) Key Wrap Algorithm September 2002 http://www.ietf.org/rfc/rfc3394.txt RFC5649 Advanced Encryption Standard (AES) Key Wrap with Padding Algorithm September 2009 http://www.ietf.org/rfc/rfc5649.txt SP 800-38A NIST Special Publication 800-38A - Recommendation for Block Cipher Modes of Operation Methods and Techniques December 2001 http://csrc.nist.gov/publications/nistpubs/800-38a/sp800-38a.pdf SP 800-38C NIST Special Publication 800-38C - Recommendation for Block Cipher Modes of Operation: the CCM Mode for Authentication and Confidentiality May 2004 http://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38c.pdf SP 800-38D NIST Special Publication 800-38D - Recommendation for Block Cipher Modes of Operation: Galois/Counter Mode (GCM) and GMAC November 2007 http://csrc.nist.gov/publications/nistpubs/800-38D/SP-800-38D.pdf SP 800-38E NIST Special Publication 800-38E - Recommendation for Block Cipher Modes of Operation: The XTS AES Mode for Confidentiality on Storage Devices January 2010 http://csrc.nist.gov/publications/nistpubs/800-38E/nist-sp-800-38E.pdf SP 800-38F NIST Special Publication 800-38F - Recommendation for Block Cipher Modes of Operation: Methods for Key Wrapping December 2012 http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-38F.pdf This document may be reproduced and distributed only in its original entirety without revision.

Page 36

SP 800-56Cr2 Recommendation for Key-Derivation Methods in Key-Establishment Schemes August 2020 https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-56Cr2.pdf SP 800-57 NIST Special Publication 800-57 Part 1 Revision 5 - Recommendation for Key Management Part 1: General May 2020 https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-57pt1r5.pdf SP 800-67r1 NIST Special Publication 800-67 Revision 1 - Recommendation for the Triple Data Encryption Algorithm (TDEA) Block Cipher January 2012 http://csrc.nist.gov/publications/nistpubs/800-67-Rev1/SP-800-67-Rev1.pdf SP 800-90Ar1 NIST Special Publication 800-90A - Revision 1 - Recommendation for Random Number Generation Using Deterministic Random Bit Generators June 2015 http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-90Ar1.pdf SP 800-90B NIST Special Publication 800-90B - Recommendation for the Entropy Sources Used for Random Bit Generation January 2018 https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-90B.pdf SP 800-108 NIST Special Publication 800-108 - Recommendation for Key Derivation Using Pseudorandom Functions (Revised) October 2009 http://csrc.nist.gov/publications/nistpubs/800-108/sp800-108.pdf SP 800-131Ar2 NIST Special Publication 800-131A - Transitioning the Use of Cryptographic Algorithms and Key Lengths March 2019 https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-131Ar2.pdf SP 800-132 NIST Special Publication 800-132 - Recommendation for Password-Based Key Derivation - Part 1: Storage Applications December 2010 http://csrc.nist.gov/publications/nistpubs/800-132/nist-sp800-132.pdf SP 800-133r2 Recommendation for Cryptographic Key Generation June 2020 https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-133r2.pdf SP 800-135r1 NIST Special Publication 800-135 Revision 1 - Recommendation for Existing Application-Specific Key Derivation Functions December 2011 http://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-135r1.pdf This document may be reproduced and distributed only in its original entirety without revision.

Page 37

MACOS macOS Technical Overview https://developer.apple.com/macos/ SEC Apple Platform Security Guide https://support.apple.com/guide/security/welcome/web macOS Product security certifications for macOS https://support.apple.com/HT201159 This document may be reproduced and distributed only in its original entirety without revision.