All modules
CMVP Validated Module · FIPS 140-3 Security Policy

Apple corecrypto Module v12 [Intel, Kernel, Software]

Certificate#4956StandardFIPS 140-3Level1TypeSoftwareEmbodimentMulti-Chip Stand AloneStatusActiveVendorApple, Inc.
Medium review priority  ·  no TCB surface named  ·  last validated 18 months ago. How this is derived →

Certificate

StandardFIPS 140-3
Overall level1
Module typeSoftware
EmbodimentMulti-Chip Stand Alone
StatusActive
Sunset date1/29/2027
CaveatInterim validation. When operated in approved mode. No assurance of minimum security of SSPs (e.g., keys, bit strings) that are externally loaded, or of SSPs established with externally loaded SSPs.
VendorApple, Inc.

Approved Algorithms (103)

AlgorithmACVP Cert
AES-CBCA2850
AES-CBCA2851
AES-CBCA2852
AES-CBCA2853
AES-CCMA2858
AES-CCMA2859
AES-CFB128A2852
AES-CFB128A2853
AES-CFB8A2852
AES-CFB8A2853
AES-CTRA2852
AES-CTRA2853
AES-CTRA2858
AES-CTRA2859
AES-ECBA2850
AES-ECBA2851
AES-ECBA2852
AES-ECBA2853
AES-ECBA2858
AES-ECBA2859
AES-GCMA2858
AES-GCMA2859
AES-KWA2852
AES-KWA2853
AES-OFBA2852
AES-OFBA2853
AES-XTS Testing Revision 2.0A2850
AES-XTS Testing Revision 2.0A2851
Counter DRBGA2852
Counter DRBGA2853
Counter DRBGA2858
Counter DRBGA2859
ECDSA KeyGen (FIPS186-4)A2854
ECDSA KeyGen (FIPS186-4)A2855
ECDSA KeyGen (FIPS186-4)A2856
ECDSA KeyVer (FIPS186-4)A2854
ECDSA KeyVer (FIPS186-4)A2855
ECDSA KeyVer (FIPS186-4)A2856
ECDSA SigGen (FIPS186-4)A2854
ECDSA SigGen (FIPS186-4)A2855
ECDSA SigGen (FIPS186-4)A2856
ECDSA SigVer (FIPS186-4)A2854
ECDSA SigVer (FIPS186-4)A2855
ECDSA SigVer (FIPS186-4)A2856
HMAC DRBGA2854
HMAC DRBGA2855
HMAC DRBGA2856
HMAC-SHA-1A2854
HMAC-SHA-1A2855
HMAC-SHA-1A2856
HMAC-SHA-1A2860
HMAC-SHA2-224A2854
HMAC-SHA2-224A2855
HMAC-SHA2-224A2856
HMAC-SHA2-224A2860
HMAC-SHA2-256A2854
HMAC-SHA2-256A2855
HMAC-SHA2-256A2856
HMAC-SHA2-256A2860
HMAC-SHA2-384A2854
HMAC-SHA2-384A2855
HMAC-SHA2-384A2856
HMAC-SHA2-384A2860
HMAC-SHA2-512A2854
HMAC-SHA2-512A2855
HMAC-SHA2-512A2856
HMAC-SHA2-512A2860
HMAC-SHA2-512/256A2854
HMAC-SHA2-512/256A2855
HMAC-SHA2-512/256A2856
KDF SP800-108A2856
RSA KeyGen (FIPS186-4)A2854
RSA KeyGen (FIPS186-4)A2855
RSA KeyGen (FIPS186-4)A2856
RSA SigGen (FIPS186-4)A2854
RSA SigGen (FIPS186-4)A2855
RSA SigGen (FIPS186-4)A2856
RSA SigVer (FIPS186-4)A2854
RSA SigVer (FIPS186-4)A2855
RSA SigVer (FIPS186-4)A2856
SHA-1A2854
SHA-1A2855
SHA-1A2856
SHA-1A2860
SHA2-224A2854
SHA2-224A2855
SHA2-224A2856
SHA2-224A2860
SHA2-256A2854
SHA2-256A2855
SHA2-256A2856
SHA2-256A2860
SHA2-384A2854
SHA2-384A2855
SHA2-384A2856
SHA2-384A2860
SHA2-512A2854
SHA2-512A2855
SHA2-512A2856
SHA2-512A2860
SHA2-512/256A2854
SHA2-512/256A2855
SHA2-512/256A2856

Derived Review-Risk Graph (review prompts, not findings)

flowchart LR
  %% Deterministic review-risk graph for Apple corecrypto Module v12 [Intel, Kernel, Software]
  %% Review prompts and evidence gaps, NOT vulnerability findings.
  subgraph CMVP["CMVP-disclosed clues"]
    C3["[low] Self-test / status surface<br/>(referenced in text)<br/><i>Status output<br/>Self-test<br/>Show Status</i>"]
    C5["[low] Protocol / secure-channel<br/>references (may be KDF<br/>names, not a live channel)<br/><i>TLS<br/>IPSEC<br/>HTTPS</i>"]
    C6["[low] Operating system / runtime<br/>referenced (boundary<br/>membership not asserted)<br/><i>operating system<br/>kernel<br/>application</i>"]
  end
  subgraph Inference["Derived inference"]
    I3["Possible only, some<br/>services may process input<br/>before, or without,<br/>operator authentication."]
    I5["Possible only, a protocol<br/>is referenced, but whether<br/>it is a live channel or<br/>only a KDF/algorithm name<br/>is unconfirmed."]
    I6["Possible only, a<br/>runtime/OS is referenced,<br/>but its membership in the<br/>cryptographic boundary is<br/>not established."]
  end
  subgraph Risk["Reviewer question"]
    R3["Can unauthenticated<br/>services leak state,<br/>consume resources, or<br/>transition security state?"]
    R5["If a live TLS/SSH/IKE<br/>channel exists, could<br/>library CVEs apply, or is<br/>this only a<br/>KDF/documentation name?"]
    R6["If the OS/runtime is<br/>in-boundary, could its<br/>CVEs be hidden by<br/>firmware-only versioning?"]
  end
  subgraph Evidence["Evidence needed to close"]
    E3["confirm the disclosure<br/>itself (keyword hit,<br/>context unverified) ·<br/>pre-auth reachability<br/>matrix · rate limits and<br/>output redaction ·<br/>abuse-case tests"]
    E5["confirm the disclosure<br/>itself (keyword hit,<br/>context unverified) ·<br/>library identity and<br/>version ·<br/>certificate-validation<br/>behaviour · protocol-CVE<br/>disposition"]
    E6["confirm the disclosure<br/>itself (keyword hit,<br/>context unverified) ·<br/>runtime identity and<br/>config · kernel/runtime<br/>hardening profile ·<br/>patch/backport manifest"]
  end
  C3 --> I3 --> R3 --> E3
  C5 --> I5 --> R5 --> E5
  C6 --> I6 --> R6 --> E6
  classDef clue fill:#eef3f9,stroke:#6f7f91,color:#1f3a5f;
  classDef infer fill:#fff7e6,stroke:#b98500,color:#6b4e00;
  classDef risk fill:#fbe9e9,stroke:#b02a2a,color:#7a1f1f;
  classDef evidence fill:#e6f4ea,stroke:#1e7d34,color:#14532d;
  class C3,C5,C6 clue;
  class I3,I5,I6 infer;
  class R3,R5,R6 risk;
  class E3,E5,E6 evidence;
Underlying clues
flowchart LR
  %% Deterministic clue tier for Apple corecrypto Module v12 [Intel, Kernel, Software]
  %% confidence: high = structured record field; medium = structured but soft; low (dashed) = bare keyword hit, context unverified
  subgraph CMVP["CMVP-disclosed clues (deterministic)"]
    C3["[low] Self-test / status surface (referenced in text)<br/><i>Status output<br/>Self-test<br/>Show Status</i><br/>src: text:keyword"]
    C5["[low] Protocol / secure-channel references (may be KDF names, not a live channel)<br/><i>TLS<br/>IPSEC<br/>HTTPS</i><br/>src: text:keyword"]
    C6["[low] Operating system / runtime referenced (boundary membership not asserted)<br/><i>operating system<br/>kernel<br/>application</i><br/>src: text:keyword"]
  end
  classDef clueHigh fill:#eef3f9,stroke:#2f6fb0,stroke-width:2px,color:#1f3a5f;
  classDef clueMedium fill:#eef3f9,stroke:#6f7f91,color:#1f3a5f;
  classDef clueLow fill:#f7f7f7,stroke:#999,stroke-dasharray:4 4,color:#444;
  class C3,C5,C6 clueLow;

Security Policy, page by page

Page 1

Apple Inc. Apple corecrypto Module v12 [Intel, Kernel, Software] Document Version: 1.0 January 15, 2025 Prepared by: www.acumensecurity.net This document may be reproduced and distributed only in its original entirely without revision.

Page 2
Table of Contents
#SectionPage
Page 3
  1. General Trademarks Apple’s trademarks applicable to this document are listed in https://www.apple.com/legal/intellectualproperty/trademark/appletmlist.html. Other company, product, and service names may be trademarks or service marks of others. This document is the non-proprietary FIPS 140-3 Security Policy for the Apple Inc. Apple corecrypto Module v12 [Intel, Kernel, Software] cryptographic module. It contains the security rules under which the module must operate and describes how this module meets the requirements as specified in FIPS PUB 140-3 (Federal Information Processing Standards Publication 140-3) for an Overall Security Level 1 module. This document provides all tables and diagrams (when applicable) required by NIST SP 800-140B. The column names of the tables follow the template tables provided in NIST SP 800-140B. Table 1 describes the individual security areas of FIPS 140-3, as well as the Security Levels of those individual areas. ISO/IEC 24759 FIPS 140-3 Section Title Security Section
  2. Level [Number Below]
1 General 1
2 Cryptographic Module Specification 1
3 Cryptographic Module Interfaces 1
4 Roles, Services, and Authentication 1
5 Software/Firmware Security 1
6 Operational Environment 1
7 Physical Security Not Applicable

8 Non-invasive Security Not Applicable

9 Sensitive Security Parameter 1
10 Self-tests 1
11 Life-cycle Assurance 1

12 Mitigation of Other Attacks Not Applicable

Table 1

Page 4
  1. Cryptographic Module Specification The Apple corecrypto Module v12 [Intel, Kernel, Software] cryptographic module (hereafter referred to as “the module”) is a software module running on a multi-chip standalone general-purpose computing platform. The version of module is 12, written as v12. The module provides implementations of low-level cryptographic primitives to the Host OS’s (macOS Monterey
  2. Security Framework and Common Crypto. The module has been tested by Acumen Security, LLC. CST lab on the following platforms with and withoutAES-NI: # Operating Hardware Processor PAA/Acceleration System Platform

1 macOS Monterey MacBook Air Intel i5 (Amber AES-NI

12 Lake)

2 macOS Monterey MacBook Air Intel i5 (Amber N/A

12 Lake)

3 iMac Intel i5 (Comet AES-NI

4 macOS Monterey iMac Intel i5 (Comet N/A

12 Lake)

5 macOS Monterey MacBook Air Intel i7 (Ice Lake) AES-NI

6 macOS Monterey MacBook Air Intel i7 (Ice Lake) N/A

7 macOS Monterey MacBook Pro Intel i7 (Coffee AES-NI

12 Lake)

8 macOS Monterey MacBook Pro Intel i7 (Coffee N/A

12 Lake)

9 macOS Monterey iMac Intel i7 (Comet AES-NI

12 Lake)

10 macOS Monterey iMac Intel i7 (Comet N/A

12 Lake)

11 macOS Monterey MacBook Pro Intel i9 (Coffee AES-NI

12 Lake)

12 macOS Monterey MacBook Pro Intel i9 (Coffee N/A

12 Lake)

13 macOS Monterey iMac Pro Xeon W Sky Lake AES-NI

14 macOS Monterey iMac Pro Xeon W Sky Lake N/A

15 macOS Monterey Mac Pro Xeon W Cascade AES-NI

12 Lake

16 macOS Monterey Mac Pro Xeon W Cascade N/A

12 Lake

Table 2

Page 5

In addition to the platforms listed in Table 2, Apple Inc. has also tested the module on the following platforms and claims vendor affirmation on them (the processor and year per platform have also been specified): # Operating Hardware Platform System

1 macOS Monterey MacBook Pro i5 (Ice Lake) 2020

2 MacBook Pro i5 (Coffee Lake) 2020, 2019, 2018

3 macOS Monterey MacBook Pro i7 (Amber Lake) 2019, 2018

4 macOS Monterey MacBook Pro i7 (Coffee Lake) 2020, 2019, 2018

5 macOS Monterey MacBook Pro i7 (Ice Lake) 2020

6 macOS Monterey MacBook Pro i9 (Coffee Lake) 2019, 2018

7 macOS Monterey MacBook Air i5 (Ice Lake) 2020

8 macOS Monterey MacBook Air i7 (Ice Lake) 2020

9 macOS Monterey MacBook Air i5 (Amber Lake) 2019, 2018

10 macOS Monterey MacBook Air i7 (Amber Lake) 2018

11 macOS Monterey Mac mini i5 (Coffee Lake) 2018

12 macOS Monterey Mac mini i7 (Coffee Lake) 2018

13 macOS Monterey iMac i5 (Comet Lake) 2020

14 macOS Monterey iMac i7 (Comet Lake) 2020

15 macOS Monterey iMac i9 (Comet Lake) 2020

16 macOS Monterey iMac i5 (Coffee Lake) 2019

17 macOS Monterey iMac i7 (Coffee Lake) 2019

18 macOS Monterey iMac i9 (Coffee Lake) 2019

Table 3

Page 6

The physical perimeter of the module which is also the Tested Operational Environment’s Physical Perimeter (TOEPP) is the physical perimeter of the macOS device that contains the module. Consequently, the embodiment of the module is a multi-chip standalone cryptographic module. (Figure 1) below depicts the following information:

Page 7

is in the Approved mode of operation when the module utilizes the services that use the security functions listed in the table below. The module supports an Approved mode and a non-Approved mode of operation. The module does not support a degraded operation. The Approved mode of operation is configured in the system by default and can only be transitioned into the non-Approved mode by calling one of the non-Approved services listed in Table 10 - Non-Approved Services. If the device starts up successfully, then the module has passed all self-tests and is operating in the Approved mode. Algorithm Description / Key Use / CAVP Cert and Mode/Method Size(s) / Key Function Standard Strength(s) A2858 (vng_asm) AES-128, A2853 (c_asm) CTR_DRBG Random AES-256 Key Length: 128, [SP800- Number Derivation 256 A2852 (c-aesni) 90Ar1] Generation Function Enabled A2859 (vng_aesni) SHA-1, A2855 (c_avx2) SHA2-224, A2854 (c_avx) HMAC_DRBG SHA2-256, Random Key Length: 112 [SP800- SHA2-384, Number bits or greater 90Ar1] SHA2-512 Generation A2856 (c_ssse3) No Prediction Resistance CBC CFB128 A2852 (c-aesni) CFB8 Symmetric Key Length: 128, CTR Encryption AES 192, 256 A2853 (c_asm) ECB and KW Decryption OFB Key Length: 128, A2850 192, 256 Symmetric CBC, (asm_aesni) XTS (128 and 256- Encryption AES ECB, A2851 bits key size and XTS (asm_x86) only) Decryption A2858 ECB, Symmetric (vng_asm) CCM, Key Length: 128, Encryption AES A2859 CTR, 192, 256 and (vng_aesni) GCM Decryption A2855 (c_avx2) Modulus: 2048, RSA Digital A2854 (c_avx) Key Generation 3072, 4096 [FIPS 186-4] Signature A2856 (c_ssse3) (ANSI X9.31) This document may be reproduced and distributed only in its original entirely without revision.

Page 8

Algorithm Description / Key Use / CAVP Cert and Mode/Method Size(s) / Key Function Standard Strength(s)

2048 (SHA2-224, and

SHA2-256, SHA2- Asymmetric Signature 284, SHA2-512), Key Generation 3072 (SHA2-224, Generation SHA2-256, SHA2(PKCS#1 v1.5) 284, SHA2-512), and (PKCS PSS) 4096 (SHA2-224, SHA2-256, SHA2284, SHA2-512) Modulus: 1024 (SHA-1 (legacy), SHA2-224, SHA2256, SHA2-284),

2048 (SHA-1

Signature (legacy), SHA2-224, Verification SHA2-256, SHA2284, SHA2-512), (PKCS#1 v1.5) 3072 (SHA-1 and (legacy), SHA2-224, (PKCS PSS) SHA2-256, SHA2284, SHA2-512),

4096 (SHA-1

(legacy), SHA2-224, SHA2-256, SHA2284, SHA2-512) Key Pair Generation (PKG): P-224, P-256, P384, P-512 Digital Public Key ECDSA Signature A2855 (c_avx2) Validation (PKV): ANSI SHA-1 (verification and A2854 (c_avx) X9.62 only, legacy), SHA2- Asymmetric A2856 (c_ssse3) Signature [FIPS 186-4] 224, SHA2-256, Key Generation SHA2-384, SHA2- Generation Signature Verification A2856 (c_ssse3) SHA-1, A2860(vng_Intel) SHS Message SHA2-224, N/A A2855 (c_avx2) [FIPS 180-4] Digest SHA2-256, A2854 (c_avx) SHA2-384, This document may be reproduced and distributed only in its original entirely without revision.

Page 9

Algorithm Description / Key Use / CAVP Cert and Mode/Method Size(s) / Key Function Standard Strength(s) SHA2-512, SHA2-512/256 (except for A2860) SHA-1, SHA2-224, A2860 SHA2-256, 112 bits or greater (vng_Intel) HMAC SHA2-384, A2855 (c_avx2) [FIPS Keyed Hash SHA2-512 A2854 (c_avx) 198] SHA2-512/256 A2856 (c_ssse3) (except for A2860) KDF Mode: Counter and Feedback Supported Lengths: 8-4096 MAC Mode: Increment 8 HMAC-SHA-1, KBKDF HMAC-SHA2- Key A2856 (c_ssse3) [SP800- Fixed Data Order: 224, HMAC- Derivation 108] Before Fixed SHA2Data 256, HMACSHA2-384, Counter Length: 32 HMAC-SHA2-512 RSA Key Generation (ANSI X9.31), Modulus: 2048, Cryptographic Sections 4, 5.1, 3072, 4096 KeyGeneration Key Vendor Affirmed 6.2.2 and 6.2.3 (CKG) Generation per SP800-132r2 ECDSA Key Pair [SP800-133r2] Generation (PKG): P-224, P-256, P384, P-521 SP 800-38D KTS 128, 192, and 256- bit and SP 800AES-KW/A2852 keys providing 128, Key 38F; key AES KW AES-KW/A2853 192, or 256 bits of Wrapping wrapping per encryption strength IG D.G Table 4

Page 10

The table below list non-Approved but Allowed security functions with no security claimed: Algorithm Caveat Use / Function MD5 no security claimed Message Digest (used as part of the TLS key establishment scheme only), Digest Size: 128-bit Table 5

Page 11

ECDSA Key Pair Generation for compact point representation of points Integrated Encryption Scheme on elliptic Encryption / Decryption curves (ECIES) Blowfish Encryption / Decryption OMAC (One-Key CBC MAC) MAC generation Triple-DES (ECB, CBC) Encryption / Decryption Note The module itself does not enforce the limit of 216 encryptions with the same TripleDES key, as required by FIPS 140-3 IG C.G. Table 6

Page 12

3. Cryptographic Module Interfaces

Page 13

The module does not support a control output interface. The module is optimized for library use within the macOS kernel space and does not contain any terminating assertions or exceptions. It is implemented as a macOS dynamically loadable library. The dynamically loadable library is loaded into the macOS kernel and its cryptographic functions are made available to macOS kernel services only. Any internal error detected by the module is reflected back to the caller with an appropriate return code. The calling macOS kernel service must examine the return code and act accordingly. The module communicates any error status synchronously through the use of its documented return codes, thus indicating the module’s status. It is the responsibility of the caller to handle exceptional conditions in a FIPS 140-3 appropriate manner. Caller-induced or internal errors do not reveal any sensitive material to callers. Cryptographic bypass capability is not supported by the module. This document may be reproduced and distributed only in its original entirely without revision.

Page 14

4. Roles, Services, and Authentication The module supports a single instance of one authorized role: The Crypto Officer. No support is provided for multiple concurrent operators or a Maintenance Operator. Role Service Input Output Crypto Officer (CO) AES Encryption / Input for Encryption: Output for Decryption key and plain text Encryption: cipher (Perform approved text security functions) Input for Decryption: key and cipher text Output for Decryption: plain tex AES Key Wrapping key encryption key wrapped key (Perform approved and key to be security functions) wrapped Secure Hash Message Hash value Generation (Perform approved security functions) HMAC generation HMAC key and keyed Hash value (Perform approved message security functions) RSA signature Input for SigGen: Output SigGen: generation and RSA private key and signature verification message (Perform approved Output for Sigver: security functions) Input for SigVer: RSA True or False public key and signature ECDSA signature Input for SigGen: Output for SigGen: generation and ECDSA private key signature verification and message (Perform approved Output for SigVer: security functions) Input for SigVer: True or False ECDSA public key and signature Random number Entropy input string, Random numbers generation nonce (Perform approved security functions) KBKDF key derivation key Derived key (Perform approved security functions) ECDSA (key pair random numbers generated private generation) and public key pair This document may be reproduced and distributed only in its original entirely without revision.

Page 15

Role Service Input Output (Perform approved security functions) RSA (key pair random prime generated private generation) numbers and public key pair (Perform approved security functions) Release all resources handler of symmetric zeroised and released of symmetric crypto crypto function memory space function context context (Perform zeroisation) Release all resources handler of hash zeroised and released of hash context context memory space (Perform zeroisation) Release of all handler of key zeroised and released resources of key derivation memory space derivation function context (Perform zeroisation) Release of all handler of zeroised and released resources of asymmetric crypto memory space asymmetric crypto function context function context (Perform zeroisation) Self-test power Pass/Fail status (Perform self-tests) Show Status KPI invocation Operational/Error status Show Module Info KPI invocation Module Base Name + (Show module’s Module Version versioning Number information) Table 8

10 - Non-Approved Services below).

The module implements a dedicated KPI function to indicate if a requested service utilizes an approved security function. For services listed in Table 9 - Approved Services, the indicator function returns

  1. For services listed in Table 10 - Non-Approved Services, the indicator function returns
  2. The table below lists all approved services that can be used in the approved mode of operation. The abbreviations of the access rights to keys and SSPs have the following interpretation: This document may be reproduced and distributed only in its original entirely without revision.
Page 16

Service Description Approved Keys Roles Access Indicator Security and/or rights Functions and SSP’s to certs Keys and/or SSP’s AES Input for Symmetric AES key Crypto W, E 1 Encryption / Encryption: Encryption and Officer Decryption key and plain Decryption (CO) (Perform text Output for approved Encryption: AES-CBC security cipher text (#A2852, functions) Input for #A2853, Decryption: #A2850, key and cipher #A2851) text Output for Decryption: AES-ECB plain text (#A2852, #A2853, #A2850, #A2851, #A2858, #A2859) AES-CFB128 (#A2852, #A2853) AES-CFB8 (#A2852, #A2853) AES-OFB (#A2852, #A2853) AES-CTR (#A2852, #A2853, #A2858, #A2859) AES-XTS (#A2850, #A2851) AES-GCM (#A2858, #A2859) This document may be reproduced and distributed only in its original entirely without revision.

Page 17

AES-CCM (#A2858, #A2859) AES Key Input: key Key Wrapping AES key, key Crypto W, E, R 1 Wrapping encryption key KW to be Officer (Perform and key to be (#A2852, wrapped, (CO) approved wrapped #A2853) wrapped key security Output: functions) wrapped key Secure Input: Message Digest none Crypto N/A 1 Hash message Officer Generation Output: Hash SHA-1, (CO) (Perform value SHA2-224, approved SHA2-256, security SHA2-384, functions) SHA2-512, SHA2-512/256 (except for A2860) (#A2856, #A2860, #A2855, #A2854) HMAC Input: HMAC Keyed Hash HMAC key Crypto W, E 1 generation key and Officer (Perform message SHA-1, (CO) approved Output: keyed SHA2-224, security Hash value SHA2-256, functions) SHA2-384, SHA2-512 SHA2-512/256 (except for A2860) (#A2855, #A2856, #A2854, #A2860) RSA Input for SigGen, RSA key pair Crypto W, E 1 signature SigGen: RSA SigVer (including Officer generation private key intermediate (CO) and and message Signature keygen verification Output: Generation values) signature Modulus: 2048, This document may be reproduced and distributed only in its original entirely without revision.

Page 18

(Perform Input for 3072, 4096 approved SigVer: RSA Signature security public key and Verification functions) signature Modulus: 1024, Output: True 2048, 3072, or False 4096 (#A2855, #A2856, #A2854) ECDSA Input for SigGen, ECDSA key Crypto W,E 1 signature SigGen: SigVer pair Officer generation ECDSA private (including (CO) and key and P-224, P-256, P- intermediate verification message 384, P-512 keygen (Perform Output: values) approved signature (#A2855, security Input for #A2856, functions) SigVer: ECDSA #A2854) public key and signature Output: True or False Random Input: Entropy Random number Entropy Input Crypto G, R, 1 number input string, generation String, Seed, Officer W, E generation nonce Output: CTR_DRBG DRBG V and (CO) (Perform Random (#A2853, DRBG Key, approved numbers #A2852, random security #A2858, numbers functions) #A2859) (DRBG Output) HMAC_DRBG (#A2855, #A2854, #A2856) CKG KBKDF Input: key Key Derivation KBKDF key Crypto W, G, 1 (Perform derivation key derivation Officer R, E approved Output: KDF Mode: key, KBKDF (CO) security derived key Counter and derived key functions) Feedback MAC Mode: HMAC-SHA-1, HMAC-SHA2224, HMACThis document may be reproduced and distributed only in its original entirely without revision.

Page 19

SHA2- 256, HMAC-SHA2384, HMACSHA2-512 (#A2856) CKG ECDSA (key Input: random KeyGen ECDSA Key Crypto W, G, 1 pair numbers pair Officer R, E generation) Output: Key Generation (including (CO) (Perform generated Modulus: 2048, intermediate approved private and 3072, 4096 keygen security public key pair values) functions) (#A2855, #A2856, #A2854) CKG RSA (key Input: random KeyGen RSA Key Pair Crypto W, G, 1 pair prime numbers (including Officer R, E generation) Output: Key Generation intermediate (CO) (Perform generated Modulus: 2048, keygen approved private and 3072, 4096 values) security public key pair functions) (#A2855, #A2856, #A2854) CKG Release all Input: handler N/A AES Key Crypto Z 1 resources of of symmetric Officer symmetric crypto function (CO) crypto context function Output: context zeroised and (Perform released zeroisation) memory space Release all Input: handler N/A HMAC key Crypto Z 1 resources of of hash Officer hash context (CO) context Output: (Perform released zeroisation) memory space Release of Input: handler N/A KBKDF key Crypto Z 1 all of key derivation Officer resources of derivation key, KBKDF (CO) key function derived key This document may be reproduced and distributed only in its original entirely without revision.

Page 20

derivation context function Output: context zeroised and (Perform released zeroisation) memory space Release of Input: handler N/A RSA/EC/DH Crypto Z 1 all of asymmetric keys Officer resources of crypto function (CO) asymmetric context crypto Output: function zeroised and context released (Perform memory space zeroisation) Self-test Input: power AES-CBC All SSPs Crypto E 1 (Perform Output: (#A2852, Officer self-tests) Pass/Fail #A2853, (CO) status #A2850, #A2851); AES-CCM (#A2858, #A2859); AES-GCM (#A2858, #A2859); AES-XTS (#A2850, #A2851); AES-ECB (#A2852, #A2853, #A2850, #A2851, #A2858, #A2859); AES-KW (#A2852, #A2853); CTR_DRBG (#A2858, #A2853, #A2852, #A2859); This document may be reproduced and distributed only in its original entirely without revision.

Page 21

HMAC_DRBG (#A2855, #A2854, #A2856); HMAC (#A2860, #A2855, #A2854, #A2856); RSA Signature Generation (#A2855, # A2854, #A2856); RSA Signature Verification (#A2855, # A2854, #A2856); ECDSA Signature Generation (#A2855, # A2854, #A2856); ECDSA Signature Verification (#A2855, # A2854, #A2856); KBKDF (#A2856); SHA2-384 (#A2856 #A2860 #A2855 #A2854) Show Input: KPI N/A None Crypto N/A Status Status invocation Officer returned Output: (CO) This document may be reproduced and distributed only in its original entirely without revision.

Page 22

Operational/Er ror status Show Input: KPI N/A None Crypto N/A Versioning Module Info invocation Officer informatio (Show Output: (CO) n returned module’s Module Base versioning Name + information) Module Version Number Table 9

Page 23

Service Description Algorithms Accessed Role Indicator Encryption : cipher text Input for Decryption : key an decipher text Output for Decryption : plain text RSA Key Wrapping The CAST does not RSA encrypt/decrypt Crypto 0 perform the full Officer KTS, only the raw (CO) RSA encrypt/decrypt. Input: RSA public key and key to be wrapped Output: wrapped key RSA Signature ANSI X9.31 Key RSA KeyGen, SigGen, Crypto 0 Generation/Signature Pair Generation SigVer Officer Verification/Key-pair Key Size < 2048 (CO) Generation PKCS#1 v1.5 and PSS Signature Generation Key Size < 2048 PKCS#1 v1.5 and PSS Signature Verification key size < 1024 ECDSA PKG, PKV, ECDSA keys with ECDSA PKG, PKV, Crypto 0 Signature curve P-192 SigGen/SigVer Officer Generation/Signature (CO) Verification Ed25519 Key 256-bit key Ed25519 KeyGen Crypto 0 Generation, Signature Ed25519 SigGen Officer Generation/Signature Ed25519 SigVer (CO) Verification ANSI X9.63 Key SHA-1 hash-based SHA-1 Crypto 0 Derivation Officer (CO) SP800-56Cr1 Key SHA2-256 hash- SHA2-256 Crypto 0 Derivation (HKDF) based Officer (CO) RFC6637 Key SHA hash based SHA2-256, SHA2-512, Crypto 0 Derivation AES-128, AES-256 Officer (CO) OMAC Message One-Key CBC MAC OMAC Crypto 0 Authentication Code using 128-bit key Officer Generation and (CO) Verification This document may be reproduced and distributed only in its original entirely without revision.

Page 24

Service Description Algorithms Accessed Role Indicator Message digest Input: message MD2, MD4, RIPEMD Crypto 0 generation Output: message Officer digest (CO) Ed25519 Key Ed25519 Crypto 0 Agreement Officer Input: peer public (CO) key, own private key Output: shared secret Integrated Encryption Encrypt: ECIES Crypto 0 Scheme on elliptic Input: peer public Officer curves (ECIES) key, plaintext (CO) Encryption/Decryption Output: public key, ciphertext (with authentication tag) Decrypt: Input: authentication tag, ciphertext, own private key Output: plaintext message or error Table 10

Page 25

5. Software/Firmware Security Integrity Techniques The Apple corecrypto Module v12 [Intel, Kernel, Software] is in the form of binary executable code. A software integrity test is performed on the runtime image of the module. The HMAC-SHA2-256 implemented in the module is used as an approved algorithm for the integrity test. If the test fails, the module enters an error state where no cryptographic services are provided, and data output is prohibited i.e. the module is not operational. The Software Integrity Key (HMAC-SHA2-256 with 256 bits of security strength), a non-SSP, is stored in the module binary computed during build. On-Demand Integrity Test The integrity test is also performed as part of the Pre-Operational Self-Tests. It is automatically executed at power-on. It can also be invoked by powering-off and reloading the module to meet the on-demand request for integrity test. In addition, the module provides the Self-Test service to perform self-tests, including integrity test and algorithm tests, on demand. Software Loading The module does not support loading of any additional software. This document may be reproduced and distributed only in its original entirely without revision.

Page 26
  1. Operational Environment Applicability The Apple corecrypto Module v12 [Intel, Kernel, Software] operates in a modifiable operational environment per FIPS 140-3 level 1 specifications. The module is supplied as part of macOS Monterey 12, a commercially available general-purpose operating system executing on the hardware specified in section
  2. Policy The operating system is restricted to a single operator (single-user mode; i.e. concurrent operators are explicitly excluded). When the operating system loads the module into memory, it invokes the Self-Test functionality, which in turn runs the mandatory self-tests. This document may be reproduced and distributed only in its original entirely without revision.
Page 27

7. Physical Security The ISO/IEC 19790 physical security requirements do not apply to the Apple corecrypto Module v12 [Intel, Kernel, Software] since it is a software module. This document may be reproduced and distributed only in its original entirely without revision.

Page 28

8. Non-invasive Security Currently, the non-invasive security is not required by FIPS 140-3 (see NIST SP 800-140F). The requirements of this area are not applicable to the module. This document may be reproduced and distributed only in its original entirely without revision.

Page 29

9. Sensitive Security Parameter Management The following table summarizes the keys and Sensitive Security Parameters (SSPs) that are used by the cryptographic services implemented in the module: Key/SSP Strengt Security Gener- Impor Establis Storage Zero- Use & Name/ h Function ation t h- isation related Type and Cert. /Expor ment keys Number t AES Key Size: AES N/A Import N/A N/A: The Automati Symmetr CSP 128, Encryption from module c ic 192, 256 / and does not zeroisati Encryptio Decryption Export provide on when n and Strength: to persisten structure Decrypti 128, CBC calling t is on 192, 256 (#A2850, applicat keys/SSP deallocat #A2851) ion s storage ed or ECB when the (#A2850, system is #A2851, powered #A2858, down #A2859) XTS (#A2850, #A2851), CCM (#A2858, #A2859), CTR (#A2852, #A2853, #A2858, #A2859) KW #A2850 HMAC Min: 112 HMAC N/A Import N/A N/A: The Automati Keyed Key bits generation from module c Hash CSP SHA-1, and does not zeroisati SHA2- Export provide on when 224, to persisten structure SHA2-256, calling t is SHA2-384, applicat keys/SSP deallocat SHA2-512 ion s storage ed or SHA2- when the 512/256 system is #A2860 This document may be reproduced and distributed only in its original entirely without revision.

Page 30

Key/SSP Strengt Security Gener- Impor Establis Storage Zero- Use & Name/ h Function ation t h- isation related Type and Cert. /Expor ment keys Number t #A2855 powered #A2854 down #A2856 ECDSA Curves: ECDSA The key Import N/A N/A: The Automati Digital Key Pair P-224, KeyGen pairs are from module c signature CSP P-256, generated and does not zeroisati P-384, #A2855 conforman Export provide on when P-521 #A2854 t to to persisten structure #A2856 SP800- calling t is Strength: 133r2 applicat keys/SSP deallocat 112, CKG (CKG) ion s storage ed or 128, using when the 192, FIPS186-4 Interme system is

256 Key dia te powered

Generatio keygen down n method, values and the are not random output. RSA Key Modulus: RSA value used Import N/A N/A: The Automati Digital Pair CSP 2048, KeyGen in the key from module c Signatur 3072, generation and does not zeroisati e

4096 #A2855 is Export provide on when

#A2854 generated to persisten structure Strength: #A2856 using calling t is 112, SP800- applicat keys/SSP deallocat 128, CKG 90Ar1 ion s storage ed or

152 DRBG when the

Interme system is dia te powered keygen down values are not output. Entropy 256 bits ENT (P) Obtained Import N/A N/A: The Automati Random Input from the from module c Number String ENT OS; does not zeroisati Generati CSP No provide on when on Export persisten structure t is keys/SSP deallocat s storage ed or when the system is This document may be reproduced and distributed only in its original entirely without revision.

Page 31

Key/SSP Strengt Security Gener- Impor Establis Storage Zero- Use & Name/ h Function ation t h- isation related Type and Cert. /Expor ment keys Number t powered down Seed 256 bits CTR_DRB Derived N/A N/A N/A: The Automati Random CSP G from module c Number #A2853 entropy does not zeroisati Generati #A2852 input provide on when on #A2858 string as persisten structure #A2859 defined by t is SP800- keys/SSP deallocat HMAC_DR 90Ar1 s storage ed or BG when the #A2855 system is #A2854 powered #A2856 down DRBG 256 bits CTR_DRB Generated N/A N/A N/A: The Automati Random Output G internally module c Number CSP #A2853 using the does not zeroisati Generati #A2852 approved provide on when on #A2858 DRBG persisten structure #A2859 t is keys/SSP deallocat HMAC_DR s storage ed or BG when the #A2855 system is #A2854 powered #A2856 down CKG DRBG 256 bits CTR_DRB Generated N/A N/A N/A: The Automati Random Key CSP G internally module c Number #A2853 using the does not zeroisati Generati #A2852 approved provide on when on #A2858 DRBG persisten structure #A2859 t is keys/SSP deallocat HMAC_DR s storage ed or BG when the #A2855 system is #A2854 powered #A2856 down This document may be reproduced and distributed only in its original entirely without revision.

Page 32

Key/SSP Strengt Security Gener- Impor Establis Storage Zero- Use & Name/ h Function ation t h- isation related Type and Cert. /Expor ment keys Number t DRBG V 256 bits CTR_DRB Generated N/A N/A N/A: The Automati Random CSP G internally module c Number #A2853 using the does not zeroisati Generati #A2852 approved provide on when on #A2858 DRBG persisten structure #A2859 t is keys/SSP deallocat HMAC_DR s storage ed or BG when the #A2855 system is #A2854 powered #A2856 down KBKDF Min: 112 KBKDF N/A Import N/A N/A: The Automati Key Key bits Key ed from module c Derivatio Derivatio Derivation calling does not zeroisati n n Key applicat provide on when CSP KDF ion, persisten structure Mode: No t is Counter Export keys/SSP deallocat and s storage ed or Feedback when the system is MAC powered Mode: down HMACSHA-1, HMACSHA2-224, HMACSHA2256, HMACSHA2-384, HMACSHA2-512 #A2856 KBKDF Min: 112 SP800-108 Internally No N/A N/A: The Automati Key Derived bits KDF generated Import; module c Derivatio Key CSP #A2856 via SP800- Export does not zeroisati n

108 to provide on when

CKG KBKDF key calling persisten structure derivation applicat t is algorithm ion keys/SSP deallocat s storage ed or This document may be reproduced and distributed only in its original entirely without revision.

Page 33

Key/SSP Strengt Security Gener- Impor Establis Storage Zero- Use & Name/ h Function ation t h- isation related Type and Cert. /Expor ment keys Number t when the system is powered down Table 11

Page 34

Keys/SSPs Establishment The module provides the following key/SSP establishment services in the Approved mode: • AES-Key Wrapping The module implements a Key Transport Scheme (KTS) using AES-KW compliant to [SP80038F]. The SSP establishment methodology provides between 128 and 256 bits of encryption strength. • KBKDF Key Derivation The KBKDF is compliant to [SP800-108]. The module implements both Counter and Feedback modes with HMAC-SHA-1, HMAC-SHA2-224, HMAC-SHA2-256, HMAC-SHA2-384, or HMACSHA2-512 as the PRF. Keys/SSPs Import/Export All keys and SSPs that are entered from, or output to module, are entered from or output to the invoking application running on the same device. Keys/SSPs entered into the module are electronically entered in plain text form. Keys/SSPs are output from the module in plain text form if required by the calling application. The module allows the output of plaintext CSPs (i.e., EC/RSA Key Pairs). To prevent inadvertent output of sensitive information, the module performs the following two independent internal actions:

  1. The module will internally request the random number generation service to obtain the random numbers and verify that the service completed without errors.
  2. Once the keys are generated the module will perform the pairwise consistency test and verify that the test is completed without errors. Only after successful completion of both actions, are the generated CSPs output via the KPI output parameter in plaintext. Keys/SSPs Storage The Apple corecrypto Module v12 [Intel, Kernel, Software] stores ephemeral keys/SSPs in memory only. They are received for use or generated by the module only at the command of the calling application. The module does not provide persistent keys/SSPs storage. The module protects all keys/SSPs through the memory separation and protection mechanisms provided by the operating system. No process other than the module itself can access the keys/SSPs in its process’ memory. Public Material – May be reproduced only in its original entirety (without revision).
Page 35

Keys/SSPs Zeroization Keys and SSPs are zeroised when the appropriate context object is destroyed or when the system is powered down. Input and output interfaces are inhibited while zeroisation is performed. Public Material

Page 36

10. Self-tests The module performs pre-operational self-tests automatically when the module is loaded into memory; the pre- operational self-tests triggered at power-on ensure that the module is not corrupted and that the cryptographic algorithms work as expected. The ISO/IEC 19790 only requires that software/firmware integrity test(s) and the requisite cryptographic algorithm(s) be tested during power-up, but the Apple corecrypto Module v12 [Intel, Kernel, Software] runs all Cryptographic Algorithm Tests (CASTs) during power-up as well. The following tests are performed each time the Apple corecrypto Module v12 [Intel, Kernel, Software] starts. If any of the following tests fails the device (tested platform) fails to startup. To invoke the self-tests (pre-operational integrity test as well as CASTs) on demand (and periodically), the user may reboot the system. While the module is executing the self-tests, services are not available and input and output are inhibited. The self-tests are implemented for the following algorithms:

Page 37

 ECDSA P-224 SHA2-224 Sig Gen KAT  ECDSA P-224 SHA2-224 Sig Ver KAT  KBKDF counter KAT  NIST SP 800-90B Repetitive Count Test (RCT)  NIST SP 800-90B Adaptive Proportion Test (APT)

Page 38

prohibited. The only method to clear the error state is to power cycle the device. The module will only enter into the operational state after successfully passing the preoperational software integrity test and the Conditional CASTs. The module returns the “FAILED: fipspost_post_integrity” error indicator in case of a software integrity test failure, “FAILED: <algorithm>” in case of a CAST failure. Public Material

Page 39

11. Life-cycle Assurance Delivery and Operation The module is built into macOS Monterey 12 and delivered with macOS. There is no standalone delivery of the module as a software library. The vendor’s internal development process guarantees that the correct version of module goes with its intended macOS version. For additional assurance, the module is digitally signed by vendor and it is verified during the integration into macOS. This digital signature-based integrity protection during the delivery/integration process is not to be confused with the HMAC-SHA2-256 based integrity check performed by the module itself as its pre-operational self-test. No additional maintenance requirements apply. Crypto Officer Guidance The Approved mode of operation is configured in the system by default and can only be transitioned into the non-Approved mode by calling one of the non-Approved services listed in Table 10 - Non-Approved Services. If the device starts up successfully, then the module has passed all self-tests and is operating in the Approved mode. A Crypto Officer Role Guide is provided by Apple which offers IT System Administrators with the necessary technical information to ensure FIPS 140-3 Compliance of macOS Monterey 12 systems. This guide walks the reader through the system’s assertion of cryptographic module integrity and the steps necessary if module integrity requires remediation. A link to the Guide can be found on the Product security, validations, and guidance page. Public Material

Page 40

12. Mitigation of Other Attacks The module does not claim mitigation of other attacks. Public Material