| Standard | FIPS 140-3 |
|---|---|
| Overall level | 1 |
| Module type | Software |
| Embodiment | Multi-Chip Stand Alone |
| Status | Active |
| Sunset date | 1/26/2027 |
| Caveat | Interim validation. When operated in approved mode. No assurance of minimum security of SSPs (e.g., keys, bit strings) that are externally loaded, or of SSPs established with externally loaded SSPs. |
| Vendor | Apple, Inc. |
flowchart LR
%% Deterministic review-risk graph for Apple corecrypto Module v12 [Intel, User, Software]
%% Review prompts and evidence gaps, NOT vulnerability findings.
subgraph CMVP["CMVP-disclosed clues"]
C3["[low] Self-test / status surface<br/>(referenced in text)<br/><i>Status output<br/>Self-test<br/>Show Status</i>"]
C5["[low] Protocol / secure-channel<br/>references (may be KDF<br/>names, not a live channel)<br/><i>TLS<br/>IPSEC<br/>HTTPS</i>"]
C6["[low] Operating system / runtime<br/>referenced (boundary<br/>membership not asserted)<br/><i>operating system<br/>application</i>"]
end
subgraph Inference["Derived inference"]
I3["Possible only, some<br/>services may process input<br/>before, or without,<br/>operator authentication."]
I5["Possible only, a protocol<br/>is referenced, but whether<br/>it is a live channel or<br/>only a KDF/algorithm name<br/>is unconfirmed."]
I6["Possible only, a<br/>runtime/OS is referenced,<br/>but its membership in the<br/>cryptographic boundary is<br/>not established."]
end
subgraph Risk["Reviewer question"]
R3["Can unauthenticated<br/>services leak state,<br/>consume resources, or<br/>transition security state?"]
R5["If a live TLS/SSH/IKE<br/>channel exists, could<br/>library CVEs apply, or is<br/>this only a<br/>KDF/documentation name?"]
R6["If the OS/runtime is<br/>in-boundary, could its<br/>CVEs be hidden by<br/>firmware-only versioning?"]
end
subgraph Evidence["Evidence needed to close"]
E3["confirm the disclosure<br/>itself (keyword hit,<br/>context unverified) ·<br/>pre-auth reachability<br/>matrix · rate limits and<br/>output redaction ·<br/>abuse-case tests"]
E5["confirm the disclosure<br/>itself (keyword hit,<br/>context unverified) ·<br/>library identity and<br/>version ·<br/>certificate-validation<br/>behaviour · protocol-CVE<br/>disposition"]
E6["confirm the disclosure<br/>itself (keyword hit,<br/>context unverified) ·<br/>runtime identity and<br/>config · kernel/runtime<br/>hardening profile ·<br/>patch/backport manifest"]
end
C3 --> I3 --> R3 --> E3
C5 --> I5 --> R5 --> E5
C6 --> I6 --> R6 --> E6
classDef clue fill:#eef3f9,stroke:#6f7f91,color:#1f3a5f;
classDef infer fill:#fff7e6,stroke:#b98500,color:#6b4e00;
classDef risk fill:#fbe9e9,stroke:#b02a2a,color:#7a1f1f;
classDef evidence fill:#e6f4ea,stroke:#1e7d34,color:#14532d;
class C3,C5,C6 clue;
class I3,I5,I6 infer;
class R3,R5,R6 risk;
class E3,E5,E6 evidence;flowchart LR
%% Deterministic clue tier for Apple corecrypto Module v12 [Intel, User, Software]
%% confidence: high = structured record field; medium = structured but soft; low (dashed) = bare keyword hit, context unverified
subgraph CMVP["CMVP-disclosed clues (deterministic)"]
C3["[low] Self-test / status surface (referenced in text)<br/><i>Status output<br/>Self-test<br/>Show Status</i><br/>src: text:keyword"]
C5["[low] Protocol / secure-channel references (may be KDF names, not a live channel)<br/><i>TLS<br/>IPSEC<br/>HTTPS</i><br/>src: text:keyword"]
C6["[low] Operating system / runtime referenced (boundary membership not asserted)<br/><i>operating system<br/>application</i><br/>src: text:keyword"]
end
classDef clueHigh fill:#eef3f9,stroke:#2f6fb0,stroke-width:2px,color:#1f3a5f;
classDef clueMedium fill:#eef3f9,stroke:#6f7f91,color:#1f3a5f;
classDef clueLow fill:#f7f7f7,stroke:#999,stroke-dasharray:4 4,color:#444;
class C3,C5,C6 clueLow;Apple Inc. Apple corecrypto Module v12 [Intel, User, Software] Document version: 1.0 January 15, 2025 Prepared by: www.acumensecurity.net This document may be reproduced and distributed only in its original entirely without revision
| # | Section | Page |
|---|
1. General Trademarks Apple’s trademarks applicable to this document are listed in https://www.apple.com/legal/intellectualproperty/trademark/appletmlist.html. Other company, product, and service names may be trademarks or service marks of others. This document is the non-proprietary FIPS 140-3 Security Policy for the Apple, Inc. corecrypto Module v12 [Intel, User, Software] cryptographic module. It contains the security rules under which the module must operate and describes how this module meets the requirements as specified in FIPS PUB 140-3 (Federal Information Processing Standards Publication 140-3) for an Overall Security Level 1 module. This document provides all tables and diagrams (when applicable) required by NIST SP 800-140B. The column names of the tables follow the template tables provided in NIST SP 800-140B. Table 1 describes the individual security areas of FIPS 140-3, as well as the Security Levels of those individual areas. This document may be reproduced and distributed only in its original entirely without revision
ISO/IEC 24759 Section 6. Security FIPS 140-3 Section Title [Number Level Below]
12 Mitigation of Other Attacks Not Applicable
Table 1
1 MacBook Air AES-NI
macOS Monterey Intel i5 (Amber
2 MacBook Air N/A
3 macOS Monterey iMac AES-NI
Lake) macOS Monterey Intel i5 (Comet
4 iMac N/A
5 MacBook Air Intel i7 (Ice Lake) AES-NI
6 MacBook Air Intel i7 (Ice Lake) N/A
macOS Monterey Intel i7 (Coffee
7 MacBook Pro AES-NI
macOS Monterey Intel i7 (Coffee
8 MacBook Pro N/A
macOS Monterey Intel i7 (Comet
9 iMac AES-NI
macOS Monterey Intel i7 (Comet
10 iMac N/A
macOS Monterey Intel i9 (Coffee
11 MacBook Pro AES-NI
macOS Monterey Intel i9 (Coffee
12 MacBook Pro N/A
13 iMac Pro Xeon W Sky Lake AES-NI
14 iMac Pro Xeon W Sky Lake N/A
macOS Monterey Xeon W Cascade
15 Mac Pro AES-NI
macOS Monterey Xeon W Cascade
16 Mac Pro N/A
Table 2
In addition to the platforms listed in Table 2, Apple Inc. has also tested the module on the following platforms and claims vendor affirmation on them (the processor and year per platform have also been specified): # Operating Hardware Platform System
1 macOS Monterey MacBook Pro i5 (Ice Lake) 2020
2 MacBook Pro i5 (Coffee Lake) 2020, 2019, 2018
3 macOS Monterey MacBook Pro i7 (Amber Lake) 2019, 2018
4 macOS Monterey MacBook Pro i7 (Coffee Lake) 2020, 2019, 2018
5 macOS Monterey MacBook Pro i7 (Ice Lake) 2020
6 macOS Monterey MacBook Pro i9 (Coffee Lake) 2019, 2018
7 macOS Monterey MacBook Air i5 (Ice Lake) 2020
8 macOS Monterey MacBook Air i7 (Ice Lake) 2020
9 macOS Monterey MacBook Air i5 (Amber Lake) 2019, 2018
10 macOS Monterey MacBook Air i7 (Amber Lake) 2018
11 macOS Monterey Mac mini i5 (Coffee Lake) 2018
12 macOS Monterey Mac mini i7 (Coffee Lake) 2018
13 macOS Monterey iMac i5 (Comet Lake) 2020
14 macOS Monterey iMac i7 (Comet Lake) 2020
15 macOS Monterey iMac i9 (Comet Lake) 2020
16 macOS Monterey iMac i5 (Coffee Lake) 2019
17 macOS Monterey iMac i7 (Coffee Lake) 2019
18 macOS Monterey iMac i9 (Coffee Lake) 2019
Table 3
certificate. The physical perimeter of the module which is also the Tested Operational Environment’s Physical Perimeter (TOEPP), is the physical perimeter of the macOS device that contains the module. Consequently, the embodiment of the module is a multi-chip standalone cryptographic module. (Figure 1) below depicts the following information:
is in the Approved mode of operation when the module utilizes the services that use the security functions listed in the table below. The module supports an Approved mode and a non-Approved mode of operation. The module does not support a degraded operation. The Approved mode of operation is configured in the system by default and can only be transitioned into the non-Approved mode by calling one of the non-Approved services listed in Table 10 - NonApproved Services. If the device starts up successfully, then the module has passed all self-tests and is operating in the Approved mode. Description / Algorithm and Key Size(s) / CAVP Cert Mode/Method Use / Function Standard Key Strength(s) #A2821 (vng_asm) #A2820 (c_ltc) AES-128, #A2815 CTR_DRBG AES-256 Random Number 128, 256 bits (c_asm) [SP800-90Ar1] Derivation Function Generation #A2814 (c- Enabled aesni) #A2822 (vng_aesni) #A2820 (c_ltc) SHA-1,
#A2817 SHA-224, greater (c_avx2) HMAC_DRBG SHA-256, Random Number #A2816 [SP800-90Ar1] SHA-384, Generation (c_avx) SHA-512 #A2818 (c_ssse3) Key Generation #A2820 Key Generation 2048, 3072, (c_ltc) (ANSI X9.31), 4096 #A2817 Signature Signature (c_avx2) Digital Signature RSA Generation Generation and Asymmetric [FIPS 186-4] Modulus: #A2816 Key Generation (PKCS#1 v1.5) and 2048 (SHA-1 (c_avx) (PKCS PSS) (legacy), SHA2#A2818 Signature 224, SHA2-256, (c_ssse3) Verification SHA2-284, This document may be reproduced and distributed only in its original entirely without revision
Description / Algorithm and Key Size(s) / CAVP Cert Mode/Method Use / Function Standard Key Strength(s) SHA2-512), (PKCS#1 v1.5) and 3072 (SHA-1 (PKCS PSS) (legacy), SHA2224, SHA2-256, SHA2-284, SHA2-512),
(legacy), SHA2224, SHA2-256, SHA2-284, SHA2-512) Signature Verification Modulus: 1024 (SHA-1 (legacy), SHA2-224, SHA2-256, SHA2-284),
(legacy), SHA2224, SHA2-256, SHA2-284, SHA2-512),
(legacy), SHA2224, SHA2-256, SHA2-284, SHA2-512),
(legacy), SHA2224, SHA2-256, SHA2-284, SHA2-512) #A2820 Key Pair Key Pair Generation (c_ltc) Generation (PKG) #A2817 (PKG): ECDSA Public Key (c_avx2) P-224, P-256, P- Digital Signature ANSI Validation (PKV) #A2816 384, P-521 and Asymmetric X9.62 Signature (c_avx) Key Generation [FIPS 186-4] Generation #A2818 Public Key Signature (c_ssse3) Validation Verification (PKV): This document may be reproduced and distributed only in its original entirely without revision
Description / Algorithm and Key Size(s) / CAVP Cert Mode/Method Use / Function Standard Key Strength(s) P-224, P-256, P384, P-521 Signature Generation: P-224, P-256, P384, P-521 SHA2-224, SHA2-256, SHA2-384, SHA2-512 Signature Verification: P-224, P-256, P384, P-521 SHA-1 (legacy), SHA2-224, SHA2-256, SHA2-384, SHA2-512 #A2820 (c_ltc) #A2818 SHA-1, (c_ssse3) SHA-224, #A2823 SHS SHA-256, N/A Message Digest (vng_Intel) [FIPS 180-4] SHA-384, #A2817 SHA-512, (c_avx2) SHA-512/256 #A2816 (except A2823) (c_avx) Key Length: CBC, CCM, CFB128, 128, 192, 256 #A2820 CFB8, CMAC, CTR, AES CMAC :128 (c_ltc) ECB, GCM, KW, [FIPS 197] XTS (128 and OFB, XTS [SP 800-38 A] 256-bits key Symmetric Encryption [SP 800-38 C] size only) and Decryption [SP 800-38 D] CBC, CCM, CFB128, Key Length: #A2815 [SP 800-38 E] CFB8, CTR, ECB, 128, 192, 256 #A2814 [SP 800-38 F] GCM, KW, OFB, XTS (128 and (c_aesni) XTS 256-bits key size only) This document may be reproduced and distributed only in its original entirely without revision
Description / Algorithm and Key Size(s) / CAVP Cert Mode/Method Use / Function Standard Key Strength(s) #A2821 CCM, CTR, ECB, #A2822 GCM Key Length: A2819 CBC 128, 192, 256 (c_glad) #A2812 Key Length: (asm_aesni) 128, 192, 256 #A2813 CBC, ECB, XTS XTS (128 and (asm_x86) 256-bits key size only) #A2823 (vng_Intel) #A2817 SHA-1, (c_avx2) SHA-224, HMAC #A2816 SHA-256, 112 bits or [FIPS Keyed Hash (c_avx) SHA-384, greater 198] #A2820 SHA-512 (c_ltc) SHA-512/256 #A2818 (except A2823) (c_ssse3) Domain Parameter Generation Methods: Scheme: dhEphem: Key Agreement #A2820 MODP-2048, KAS-FFC-SSC KAS Role: initiator, Scheme
Description / Algorithm and Key Size(s) / CAVP Cert Mode/Method Use / Function Standard Key Strength(s) KDF Mode: Counter and Feedback MAC Mode: HMAC- Supported SHA-1, Lengths: 8-4096 HMAC-SHA2-224, Increment 8 #A2820 (c_ltc HMAC-SHA2) KBKDF 256, HMAC-SHA2- Fixed Data #A2817 [SP800-108] 384, HMAC-SHA2- Order: Before (c_avx2) Key Derivation
A2816 (c_avx) Data #A2818 CMAC-AES128, (c_ssse3) CMAC-AES192, Counter Length: CMAC-AES256 32 (only #A2820) Password length: 8- 128 bytes Increment #A2820 (c_ltc Salt Length: ) HMAC with: 128-4096 #A2817 SHA-1, SHA-224, Increment 8 (c_avx2) PBKDF SHA-256, Iteration Count: Key Derivation #A2816 [SP800-132] SHA-384, 10-1000 (c_avx) SHA-512 Increment 1 #A2818 (c_ssse3) Key Generation for Safe Prime #A2820 (c_ltc Safe Primes Key Diffie-Hellman Groups: MODP- Key Generation ) generation (KAS-FFC-SSC) 2048, MODPThis document may be reproduced and distributed only in its original entirely without revision
Description / Algorithm and Key Size(s) / CAVP Cert Mode/Method Use / Function Standard Key Strength(s) 3072, MODP4096, MODP-6144, MODP8192 2048, 4096, KAS-1 6144, 8192-bit SP 800-56Arev3. KAS-FFC-SSC key providing Key Agreement
521-bit key KAS-2 SP 800-56Arev3. providing 112, Key Agreement
The table below list non-Approved but Allowed security functions with no security claimed: Algorithm Caveat Use / Function Message Digest (used as part of the TLS key establishment scheme MD5 no security claimed only), Digest Size: 128-bit Table 5
Key Pair Generation for compact point representation of points Key Pair Generation for compact point representation of points Integrated Encryption Scheme on elliptic Encryption / Decryption curves (ECIES) Blowfish Encryption / Decryption OMAC (One-Key CBC MAC) MAC generation Triple-DES [SP 800-67] CBC, CTR, CFB64, ECB, CFB8, OFB Table 6
3. Cryptographic Module Interfaces As a software-only module, the module does not have physical ports. For the purpose of the FIPS 140-
3 validation, the physical ports are interpreted to be the physical ports of the hardware platform on
which it runs. The logical interfaces are the application program interface (API) through which applications request services and the Operating System calls that the module invokes. The underlying logical interfaces of the module are the C language User Interfaces (APIs). In detail these interfaces are described in (Table 7): Logical interface Data that passes over port/interface Data inputs are provided in the variables passed in Data input interface the API and callable service invocations, generally through caller-supplied buffers Data outputs are provided in the variables passed Data output interface in the API and callable service invocations, generally through caller-supplied buffers Control inputs which control the mode of the Control input interface module are provided through dedicated parameters. Status output is provided in return codes and through messages. Documentation for each API lists possible return codes. A complete list of all Status output interface return codes returned by the C language APIs within the module is provided in the header files and the API documentation. Messages are also documented in the API documentation. Table 7
capability is not supported by the module. This document may be reproduced and distributed only in its original entirely without revision
4. Roles, Services, and Authentication The module supports a single instance of one authorized role: The Crypto Officer. No support is provided for multiple concurrent operators or a Maintenance Operator. Role Service Input Output Input for Encryption: key Output for Encryption: AES Encryption / and plain text cipher text Decryption (Perform approved security Input for Decryption: Output for Decryption: plain functions) key and cipher text text AES Key Wrapping key encryption key and (Perform approved wrapped key key to be wrapped security functions) Secure Hash Generation (Perform approved Message Hash value security functions) HMAC generation (Perform approved HMAC key and message keyed Hash value security functions) RSA signature Input for SigGen: RSA Output SigGen: signature generation and private key and message verification Output for Sigver: True or (Perform approved Input for SigVer: RSA False security functions) public key and signature ECDSA signature Input for SigGen: ECDSA Output for SigGen: Crypto Officer (CO) generation and private key and message signature verification (Perform approved Input for SigVer: ECDSA Output for SigVer: security functions) public key and signature True or False Random number generation Entropy input string, Random numbers (Perform approved nonce security functions) PBKDF (Perform approved password derived key security functions) KBKDF (Perform approved key derivation key Derived key security functions) ECDSA (key pair generation) generated private and random numbers (Perform approved public key pair security functions) RSA (key pair generated private and random prime numbers generation) public key pair This document may be reproduced and distributed only in its original entirely without revision
Role Service Input Output (Perform approved security functions) Safe primes key generation generated private and key size (Perform approved public key pair security functions) Diffie-Hellman Key Shared Secret domain parameter, Computation received public key and shared secret (Perform approved possessed private key security functions) EC Diffie-Hellman Shared Secret domain parameter, Computation received public key and shared secret (Perform approved possessed private key security functions) Release all resources of symmetric crypto handler of symmetric zeroised and released function context crypto function context memory space (Perform zeroisation) Release all resources of hash context handler of hash context released memory space (Perform zeroisation) Release of all resources of Diffie-Hellman context for Diffie- handler of (EC) zeroised and released Hellman and EC Diffie- DiffieHellman context memory space Hellman (Perform zeroisation) Release of all resources of key derivation handler of key derivation zeroised and released function context function context memory space (Perform zeroisation) Release of all resources of asymmetric crypto handler of asymmetric zeroised and released function context crypto function context memory space (Perform zeroisation) Self-test power Pass/Fail status (Perform self-tests) Show Status API invocation Operational/Error status Show Module Info API invocation Module Base Name + (Show module’s Module Version Number versioning information) Table 8
FIPS 140-3 does not require an authentication mechanism for level 1 modules. Therefore, the module does not implement an authentication mechanism for Crypto Officer. The Crypto Officer role is authorized to access all services provided by the module (see Table 9 - Approved Services and Table
The module implements a dedicated API function to indicate if a requested service utilizes an approved security function. For services listed in Table 9 - Approved Services, the indicator function returns
Access rights Approved Keys and/or to Services Description Security Roles Indicator SSPs Keys Functions and/or SSPs Symmetric CO Encryption and Decryption AES-CBC (#A2820, #A2815, #A2814, A2819, #A2812, #A2813) AES-ECB (#A2820, #A2815, #A2814, #A2812, #A2813, #A2821, #A2822) Input for AES-CCM Encryption: key (#A2820, and plain text #A2815, #A2814, Output for AES #A2821, #A2822) Encryption: Encryption / cipher text Decryption AES-GCM Input for AES key W, E 1 (Perform (#A2820, Decryption: key approved #A2815, #A2814, and cipher text security #A2821, #A2822) Output for functions) Decryption: AESplain text CFB128(#A2820, #A2815, #A2814) AESCFB8(#A2820, #A2815, #A2814) AES-OFB (#A2820, #A2815, #A2814) AES-CTR (#A2820, #A2815, #A2814, #A2821, #A2822) This document may be reproduced and distributed only in its original entirely without revision
Access rights Approved Keys and/or to Services Description Security Roles Indicator SSPs Keys Functions and/or SSPs AES-XTS (#A2820, #A2815, #A2814, #A2812, #A2813) CMAC (#A2820) AES Key Input: CO Wrapping key encryption Key Wrapping AES key, key (Perform key and key to 1 KW (#A2820, to be wrapped, W, R, E approved be wrapped #A2815, #A2814) wrapped key security Output: wrapped functions) key This document may be reproduced and distributed only in its original entirely without revision
Access rights Approved Keys and/or to Services Description Security Roles Indicator SSPs Keys Functions and/or SSPs Message Digest CO SHA-1, SHA-224, SHA-256, Secure Hash SHA-384, Generation SHA-512, Input: message (Perform SHA-512/256 Output: Hash none N/A 1 approved (except for value security A2823) functions) (#A2820, #A2818 #A2823, #A2817, #A2816) Keyed Hash CO SHA-1, SHA-224, SHA-256, SHA-384, HMAC Input: HMAC key SHA-512, generation and message SHA-512/256 (Perform HMAC key W, E 1 Output: keyed (except for approved Hash value A2823) security functions) (#A2820, #A2823, #A2818 #A2817, #A2816) CO Input for Digital Signature SigGen: Generation RSA private key (PKCS#1 v1.5) RSA and message and (PKCS PSS) signature RSA Key Pair Output: Signature generation (including signature Verification and intermediate W, E 1 (PKCS#1 v1.5) verification keygen Input for SigVer: and (PKCS PSS) (Perform values) RSA public key approved and signature (#A2820, security Output: True or #A2817, #A2816, functions) False #A2818) This document may be reproduced and distributed only in its original entirely without revision
Access rights Approved Keys and/or to Services Description Security Roles Indicator SSPs Keys Functions and/or SSPs CO Digital Signature Input for Generation: PECDSA SigGen: 224, P-256, Psignature ECDSA private 384, P-521 ECDSA Key generation key and message Signature Pair and Output: Verification: P- (including verification signature W, E 1 224, P-256, P- intermediate (Perform Input for SigVer: 384, P-521 keygen approved ECDSA public key values) security and signature (#A2820, functions) Output: True or #A2817, #A2816, False #A2818) Random number CO generation CTR_DRBG (AES-128, AES256) Entropy Input Random Input: Entropy #A2820, #A2821, String, Seed, number input string, #A2815, #A2814, DRBG V and generation nonce #A2822 DRBG Key, G, R, (Perform 1 Output: Random random W, E, Z approved numbers (DRBG numbers security Output) (DRBG functions) Output) HMAC_DRBG (SHA-1, SHA2224, SHA2-256, SHA2-384, SHA2512) This document may be reproduced and distributed only in its original entirely without revision
Access rights Approved Keys and/or to Services Description Security Roles Indicator SSPs Keys Functions and/or SSPs #A2820, #A2817, #A2816, #A2818 #A2820, #A2817, #A2816, #A2818 CKG Key Derivation CO PBKDF HMAC with: PBKDF PBKDF SHA-1, SHA-224, Derived Keys (Perform Input: password SHA-256, SHA(including G, R, approved Output: derived 384, SHA-512 1 password W, E security key hash), PBKDF functions) #A2820, #A2817, Password #A2816, #A2818 CKG Key Derivation CO KDF Mode: Counter and Feedback MAC Mode: HMACSHA-1, HMACKBKDF Input: key SHA2-224, HMAC- KBKDF Key (Perform derivation key SHA2- 256, Derivation G, R, approved 1 Output: derived HMAC-SHA2-384, Key, KBKDF W, E security key HMAC-SHA2-512 Derived Key functions) Supported Lengths: 8-4096 Increment 8 Fixed Data Order: Before Fixed Data Counter Length:
This document may be reproduced and distributed only in its original entirely without revision
Access rights Approved Keys and/or to Services Description Security Roles Indicator SSPs Keys Functions and/or SSPs Counter AESCMAC based (for A2820 only) #A2820, #A2817, #A2816, #A2818 CKG CO Key Pair Generation ECDSA (key (PKG): P-224, PInput: random ECDSA Key pair 256, P-384, P-521 numbers Pair generation) Public Key Output: (including (Perform Validation (PKV): G, R, E 1 generated intermediate approved P-224, P-256, Pprivate and keygen security 384, P-521 public key pair values) functions) #A2820, #A2817, #A2816, #A2818 CKG Asymmetric Key CO RSA (key Input: random Generation pair RSA Key Pair prime numbers generation) (including Output: Modulus 2048, (Perform intermediate G, R, E 1 generated 3072, 4096 approved keygen private and #A2820, #A2817, security values) public key pair #A2816, #A2818 functions) CKG Input: domain CO Diffieparameter, Hellman Key DH Key Pair received public Shared KAS-FFC-SSC (including key and G, R, Secret intermediate 1 possessed W, E Computation #A2820 keygen private key (Perform values) Output: shared approved secret This document may be reproduced and distributed only in its original entirely without revision
Access rights Approved Keys and/or to Services Description Security Roles Indicator SSPs Keys Functions and/or SSPs security functions) EC Diffie- CO Input: domain Hellman parameter, ECC CDH Key Shared received public Pair Secret KAS-ECC-SSC key and (including G, R, Computation 1 possessed intermediate W, E (Perform #A2820 private key keygen approved Output: shared values) security secret functions) Safe primes key CO Input: key size pair generation DH Key Pair Safe primes Output: (including key generated #A2820 intermediate G, R, E 1 generation private and CKG keygen public key pair values) Release all CO resources of Input: handler of symmetric symmetric crypto crypto function context N/A AES key Z 1 function Output: zeroised context and released (Perform memory space zeroisation) Release all CO resources of Input: handler of hash hash context N/A HMAC key Z 1 context Output: released (Perform memory space zeroisation) DH Key Pair CO Release of Input: handler of (including all resources (EC) Diffie- intermediate of DiffieHellman context keygen Hellman N/A Z 1 Output: zeroised values), ECC context for and released CDH Key Pair Diffiememory space (including Hellman and intermediate This document may be reproduced and distributed only in its original entirely without revision
Access rights Approved Keys and/or to Services Description Security Roles Indicator SSPs Keys Functions and/or SSPs EC Diffie- keygen Hellman values), DH (Perform Shared Secret, zeroisation) ECC CDH Shared Secret Release of KBKDF Key CO all resources Input: handler of Derivation of key key derivation Key, PBKDF derivation function context Password, N/A Z 1 function Output: zeroised KBKDF context and released Derived Key (Perform memory space and PBKDF zeroisation) Derived Key Release of CO all resources Input: handler of of asymmetric asymmetric crypto function RSA/EC/DH crypto context N/A Z 1 keys function Output: zeroised context and released (Perform memory space zeroisation) AES-CCM CO (#A2820, #A2815, #A2814, #A2821, #A2822) AES-GCM (#A2820, #A2815, #A2814, #A2821, #A2822) Self-test Input: power (Perform Output: Pass/Fail All SSPs E 1 AES-XTS Self-tests) status (#A2820, #A2815, #A2814, #A2812, #A2813) AES-CBC (#A2820, #A2815, #A2814, A9819, #A2812, #A2813) This document may be reproduced and distributed only in its original entirely without revision
Access rights Approved Keys and/or to Services Description Security Roles Indicator SSPs Keys Functions and/or SSPs AES-ECB (#A2820, #A2815, #A2814, #A2812, #A2813, #A2821, #A2822) HMAC_DRBG (#A2820, #A2817, #A2816, #A2818) CTR_DRBG, #A2820, #A2821, #A2815, #A2814, #A2822 HMAC (#A2820, #A2818 #A2823, #A2817, #A2816) RSA Signature Generation (#A2820, #A2817, #A2816, #A2818) RSA Signature Verification (#A2820, #A2817, #A2816, #A2818) ECDSA Signature Generation (#A2820, #A2817, #A2816, #A2818) This document may be reproduced and distributed only in its original entirely without revision
Access rights Approved Keys and/or to Services Description Security Roles Indicator SSPs Keys Functions and/or SSPs ECDSA Signature Verification (#A2820, #A2817, #A2816, #A2818) DH and ECDH Z computation (#A2820) PBKDF (#A2820, #A2817, #A2816, #A2818) KBKDF (#A2820, #A2817, #A2816, #A2818) Input: API CO invocation Status Show Status Output: N/A None N/A returned Operational/Error status Show CO Module Info Input: API Versioning (Show invocation N/A None N/A information module’s Output: Module returned versioning Base Name information) Table 9
Algorithms Service Description Role Indicator Accessed Triple-DES Module does not meet encryption / FIPS 140-3 IG C.G decryption because it does not have a control over the number of blocks to be encrypted under the Crypto same Triple-DES key. Officer (CO) Triple-DES 0 Input for Encryption: key and plain text Output for Encryption: cipher text Input for Decryption: key and cipher text Output for Decryption: plain text They are non-approved encryption algorithms. Input for Encryption: key and plain text Output for Blowfish, Crypto (other) symmetric Encryption: cipher text 0 CAST5, DES, Officer (CO) encryption / Input for Decryption: key ECIES, RC2, decryption and cipher text Output RC4 for Decryption: plain text The CAST does not perform the full KTS, only the raw RSA encrypt/decrypt RSA Crypto RSA Key Wrapping 0 Input: encrypt/decrypt Officer (CO) RSA public key and key to be wrapped Output: wrapped key This document may be reproduced and distributed only in its original entirely without revision
Algorithms Service Description Role Indicator Accessed ANSI X9.31 Key Pair Generation Key Size < 2048 RSA Signature PKCS#1 v1.5 and PSS RSA KeyGen Generation/Signature Crypto Signature Generation Key RSA SigGen RSA 0 Verification/Key-pair Officer (CO) Size < 2048 SigVer Generation PKCS#1 v1.5 and PSS Signature Verification Key Size < 1024 ECDSA PKG, PKV, ECDSA PKG, Crypto Signature ECDSA keys with curve PKV, Officer (CO) 0 Generation/Signature P-192 Verification SigGen/SigVer Ed25519 Ed25519 Key KeyGen Crypto Generation, Signature Ed25519 Officer (CO) 256-bit key 0 Generation/Signature SigGen Verification Ed25519 SigVer ANSI X9.63 Key Crypto SHA-1 hash-based SHA-1 0 Derivation Officer (CO) SP800-56Cr1 Key Crypto SHA-256 hash-based SHA-256 0 Derivation (HKDF) Officer (CO) SHA-256, SHARFC6637 Key Crypto SHA hash based 512, AES-128, 0 Derivation Officer (CO) AES-256 OMAC Message Authentication Code One-Key CBC MAC using Crypto OMAC 0 Generation and 128-bit key Officer (CO) Verification Crypto Message digest Input: message MD2, MD4, 0 Officer (CO) verification RIPEMD Output: message digest KAS-FFC-SSC using key Crypto Diffie-Hellman KAS-FFC-SSC 0 sizes < 2048 Officer (CO) KAS-ECC-SSC using Crypto EC Diffie-Hellman KAS-ECC-SSC 0 curves < P-224 Officer (CO) Input: peer public key, Ed25519 Key Crypto own private key Output: Ed25519 0 Agreement Officer (CO) shared secret Encrypt: Input: peer Integrated Integrated Encryption Crypto public key, plaintext Encryption 0 Scheme on elliptic Officer (CO) Output: public key, Scheme on This document may be reproduced and distributed only in its original entirely without revision
Algorithms Service Description Role Indicator Accessed curves (ECIES) ciphertext (with elliptic curves Encryption/Decryption authentication tag) (ECIES) Decrypt: Input: authentication tag, ciphertext, own private key Output: plaintext message or error Table 10
5. Software/Firmware Security Integrity Techniques The Apple corecrypto Module v12 [Intel, User, Software] is in the form of binary executable code. A software integrity test is performed on the runtime image of the module. The HMAC-SHA2-256 implemented in the module is used as an approved algorithm for the integrity test. If the test fails, the module enters an error state where no cryptographic services are provided and data output is prohibited i.e. the module is not operational. The Software Integrity Key (HMAC-SHA2-256 with 256 bits of security strength), a non-SSP, is stored in the module binary computed during build. On-Demand Integrity Test The integrity test is also performed as part of the Pre-Operational Self-Tests. It is automatically executed at power-on. It can also be invoked by powering-off and reloading the module to meet the on-demand request for integrity test. In addition, the module provides the Self-Test service to perform self-tests, including integrity test and algorithm tests, on demand. Software Loading The module does not support loading of any additional software. This document may be reproduced and distributed only in its original entirely without revision
7. Physical Security The FIPS 140-3 physical security requirements do not apply to the Apple corecrypto Module v12 [Intel, User, Software] since it is a software module. This document may be reproduced and distributed only in its original entirely without revision
8. Non-invasive Security Currently, the non-invasive security is not required by FIPS 140-3 (see NIST SP 800-140F). The requirements of this area are not applicable to the module. This document may be reproduced and distributed only in its original entirely without revision
9. Sensitive Security Parameter Management The following table summarizes the keys and Sensitive Security Parameters (SSPs) that are used by the cryptographic services implemented in the module: Security Import Use Key/SSP Stren Function Generat Establish Storag Zeroisat and Name/T /Expor gth and Cert. ion ment e ion related ype t Number keys Symmetric Encryption and Decryption AES-CBC (#A2820, #A2815, #A2814, A9819, #A2812, #A2813) AES-ECB (#A2820, #A2815, Automati Size: N/A: #A2814, c 128, The #A2812, zeroisatio 192, Import module #A2813, n when Symmet
#A2821, structure ric Export not AES Key #A2822) is Encrypti N/A to N/A provide (CSP) AES-CCM deallocat on and Strengt calling persist (#A2820, ed or Decrypti h: applicati ent #A2815, when the on 128, on keys/S #A2814, system is 192, SPs #A2821, powered
#A2822) down AES-GCM (#A2820, #A2815, #A2814, #A2821, #A2822) AESCFB128(#A2 820, #A2815, #A2814) AESCFB8(#A282 This document may be reproduced and distributed only in its original entirely without revision
Security Import Use Key/SSP Stren Function Generat Establish Storag Zeroisat and Name/T /Expor gth and Cert. ion ment e ion related ype t Number keys 0, #A2815, #A2814) AES-OFB (#A2820, #A2815, #A2814) AES-CTR (#A2820, #A2815, #A2814, #A2821, #A2822) AES-XTS (#A2820, #A2815, #A2814, #A2812, #A2813) CMAC (#A2820) HMAC Min: generation
bits SHA2-224, SHA2-256, SHA2-384, SHA2-512 Keyed HMAC SHA2- N/A Hash Key (CSP) 512/256 #A2820, #A2818 #A2823, #A2817, #A2816 ECDSA The key ECDSA Keygen pairs are Digital Key Pair Curves generate N/A Signatu (CSP) : #A2820, d re P-224, #A2817, conforma This document may be reproduced and distributed only in its original entirely without revision
Security Import Use Key/SSP Stren Function Generat Establish Storag Zeroisat and Name/T /Expor gth and Cert. ion ment e ion related ype t Number keys P-256, #A2816, nt to P-384, #A2818 SP800P-521 133r2 CKG (CKG) using Strengt FIPS186h: 4 Key 112, Generati 128, on 192, method,
random value used in the key generatio Modulu n is RSA Keygen generate s: 2048, d using #A2820, SP8003072, Digital #A2817, 90Ar1 RSA Key 4096 N/A Signatu #A2816, DRBG Pair (CSP) Strengt re #A2818 h: 112, CKG 128, Obtained Import CTR_DRBG N/A Random from the from Entropy (AES-128, ENT Input 256 AES-256) String bits #A2820, OS; Number (CSP) #A2821, #A2815, No Generat #A2814, Export ion #A2822 HMAC_DRB Derived G (SHA-1, from SHA-224, entropy Seed 256 SHA-256, input (CSP) bits SHA-384, string as N/A SHA-512) defined #A2820, by SP #A2817, 80090Ar1 This document may be reproduced and distributed only in its original entirely without revision
Security Import Use Key/SSP Stren Function Generat Establish Storag Zeroisat and Name/T /Expor gth and Cert. ion ment e ion related ype t Number keys #A2816, #A2818 Automati N/A: c The zeroisatio module Generate n when does d structure not DRBG V Internally is Generat N/A N/A provide (CSP) using the deallocat ion persist approved ed or ent DRBG when the keys/S system is SPs powered storage down Automati N/A: c The zeroisatio module Generate n when does d structure
256 not Generat
DRBG Internally is bits N/A N/A provide ion Key (CSP) using the deallocat persist approved ed or ent DRBG when the keys/S system is SPs powered storage down CTR_DRBG (AES-128, Automati N/A: AES-256) c The #A2820, zeroisatio module #A2821, Generate n when does #A2815, d structure DRBG not #A2814, Internally is Generat Output N/A N/A provide #A2822 using the deallocat ion (CSP) HMAC_DRBG persist approved ed or (SHA-1, SHA- ent DRBG when the 224, SHA- keys/S system is 256, SHA- SPs powered 384, SHA- storage down 512) #A2820, This document may be reproduced and distributed only in its original entirely without revision
Security Import Use Key/SSP Stren Function Generat Establish Storag Zeroisat and Name/T /Expor gth and Cert. ion ment e ion related ype t Number keys #A2817, #A2816, #A2818 CKG Internally Key Min: No generate N/A Derivati PBKDF 112 Import; PBKDF d via on Derived bits #A2820, SP800Keys #A2817, 132 (including Export #A2816, PBKDF password to #A2818 key hash) calling CKG derivatio (CSP) applicati n on algorithm PBKDF importe PBKDF N/A N/A N/A #A2820, d #A2817, Key Password #A2816, from Derivati (CSP) #A2818 calling on applicati on, No Export KBKDF KBKDF Key Key Derivation Min: importe Derivatio KDF Mode: N/A N/A
n Key Counter and (CSP) Feedback MAC Mode: Internally HMAC-SHA- generate 1, HMAC- d via No SHA2-224, SP800Import; KBKDF Min: HMAC- 108 Export Derived 112 SHA2- 256, KBKDF Key to N/A Key bits HMAC- key Derivati calling (CSP) SHA2-384, derivatio on applicati HMAC- n algorithm on SHA2-512 #A2820, #A2817, This document may be reproduced and distributed only in its original entirely without revision
Security Import Use Key/SSP Stren Function Generat Establish Storag Zeroisat and Name/T /Expor gth and Cert. ion ment e ion related ype t Number keys #A2816, #A2818 KBKDF CMAC based (for A2820 only) CKG Generate d using Import Safefrom prime DH Key calling groups Pair applicati N/A MODP (CSP) on, groups No belongin Export KAS-FFC- g KASSSC to (RFC
2048 SSC
#A2820 3526) FFC CKG Computed No using Import; DH SP800Export Shared 56Ar3 DH N/A to Secret shared calling (CSP) secret applicati computatio on n This document may be reproduced and distributed only in its original entirely without revision
Security Import Use Key/SSP Stren Function Generat Establish Storag Zeroisat and Name/T /Expor gth and Cert. ion ment e ion related ype t Number keys Generate d using FIPS Curves 186-4 : Key P-224, Generati P-256, on P-384, method, Import P-521 KAS-ECC- and the from ECC CDH random KASSSC calling N/A Key SSC #A2820 value applicati Pair (CSP) used in ECC Strengt CKG on, h: key No 112, generatio Export 128, n is 192, generate
SP80090Ar1 DRBG Curves : P-224, Internally P-256, generate No P-384, d via Import; ECC CDH P-521 SP800KAS-ECC- Export KASShared 56Ar3 SSC to N/A SSC Secret ECC CDH #A2820 calling ECC (CSP) Strengt shared applicati h: secret on 112, computat 128, io n 192, Table 11
using AES-256 with derivation function and without prediction resistance. The random numbers used for key generation are all generated by CTR_DRBG in this module. Per section 10.2.1.1 of [SP 800-90Ar1], the internal state of CTR_DRBG is the value V, Key and a reseed counter. The module also employs a HMAC_DRBG for random number generation. The HMAC_DRBG is only used at the early boot time of macOS User for memory randomization. The output of HMAC_DRBG is not used for key generation. Per section 10.1.2.1 of [SP 800-90Ar1], the internal state of HMAC_DRBG is the value V, Key and a reseed counter. The deterministic random bit generators are seeded by read_random. The read_random is the User Space interface that extracts random bits from the entropy pool. The output of entropy pool provides 256-bits of entropy to seed and reseed SP800-90B DRBG during initialization (seed) and reseeding (reseed). Minimum number of bits Entropy sources Details of entropy NISP SP800-90B compliant ENT (P) The seed is provided by an 256-bits per 256-bit output sample SP 800-90B compliant ESV Cert. #E14 entropy source Table 12
6.2.3 [SP800-133r2] (vendor affirmed), compliant with [FIPS186-4], and using DRBG compliant with
[SP800-90Ar1]. A seed (i.e., the random value) used in asymmetric key pair generation is a direct output from [SP800-90Ar1] CTR_DRBG. The key generation service for RSA, Diffie-Hellman, and EC key pairs as well as the [SP 800-90Ar1] DRBG have been ACVT tested with algorithm certificates found in Table 4. Keys/SSPs Establishment The module provides the following key/SSP establishment services in the Approved mode:
4.1 of [SP800-133r2] as indirect generation from DRBG. The derived keys may only be used in
storage applications. • KBKDF Key Derivation o The KBKDF is compliant to [SP800-108]. The module implements both Counter and Feedback modes with HMAC-SHA-1, HMAC-SHA2-224, HMAC-SHA2-256, HMAC-SHA2-384, or HMACSHA2-512 as the PRF. Keys/SSPs Import/Export All keys and SSPs that are entered from, or output to module, are entered from or output to the invoking application running on the same device. Keys/SSPs entered into the module are electronically entered in plain text form. Keys/SSPs are output from the module in plain text form if required by the calling application. The module allows the output of plaintext CSPs (i.e., EC/DH/RSA Key Pairs). To prevent inadvertent output of sensitive information, the module performs the following two independent internal actions:
The module protects all keys/SSPs through the memory separation and protection mechanisms provided by the operating system. No process other than the module itself can access the keys/SSPs in its process’ memory. Keys/SSPs Zeroization Keys and SSPs are zeroised when the appropriate context object is destroyed or when the system is powered down. Input and output interfaces are inhibited while zeroisation is performed. This document may be reproduced and distributed only in its original entirely without revision
10. Self-tests The module performs pre-operational self-tests automatically when the module is loaded into memory; the pre- operational self-tests triggered at power-on ensure that the module is not corrupted and that the cryptographic algorithms work as expected. FIPS 140-3 only requires that software/firmware integrity test(s) and the requisite cryptographic algorithm(s) be tested during power-up, but the Apple corecrypto Module v12 [Intel, User, Software] runs all Cryptographic Algorithm Tests (CASTs) during power-up as well. The following tests are performed each time the Apple corecrypto Module v12 [Intel, User, Software] starts. If any of the following tests fails the device (tested platform) fails to startup. To invoke the self-tests (pre-operational and CASTs) on demand (and periodically), the user may reboot the system. While the module is executing the self-tests, services are not available and input and output are inhibited. The self-tests are implemented for the following algorithms:
RSA 2048 bits SHA2-256 Signature Generation KAT RSA 2048 bits SHA2-256 Verify KAT ECDSA P-224 SHA2-224 Sig Gen KAT ECDSA P-224 SHA2-224 Sig Ver KAT KAS-FFC-SSC KAT KAS-ECC-SSC KAT PBKDF KAT KBKDF counter KAT NIST SP 800-90B Repetitive Count Test (RCT) NIST SP 800-90B Adaptive Proportion Test (APT)
prohibited. The only method to clear the error state is to power cycle the device. The module will only enter into the operational state after successfully passing the preoperational software integrity test and the Conditional CASTs. The module returns the “FAILED: fipspost_post_integrity” error indicator in case of a software integrity test failure, “FAILED: <algorithm>” in case of a CAST failure. Public Material
11. Life-cycle Assurance Delivery and Operation The module is built into macOS Monterey 12 and delivered with macOS. There is no standalone delivery of the module as a software library. The vendor’s internal development process guarantees that the correct version of module goes with its intended macOS version. For additional assurance, the module is digitally signed by vendor and it is verified during the integration into macOS. This digital signature-based integrity protection during the delivery/integration process is not to be confused with the HMAC-SHA2-256 based integrity check performed by the module itself as its pre-operational self-test. No additional maintenance requirements apply. Crypto Officer Guidance The Approved mode of operation is configured in the system by default and can only be transitioned into the non-Approved mode by calling one of the non-Approved services listed in Table 10 - Non-Approved Services. If the device starts up successfully, then the module has passed all self-tests and is operating in the Approved mode. A Crypto Officer Role Guide is provided by Apple which offers IT System Administrators with the necessary technical information to ensure FIPS 140-3 Compliance of macOS Monterey 12 systems. This guide walks the reader through the system’s assertion of cryptographic module integrity and the steps necessary if module integrity requires remediation. A link to the Guide can be found on the Product security, validations, and guidance page. Public Material
12. Mitigation of Other Attacks The module does not claim mitigation of other attacks. Public Material