| Standard | FIPS 140-3 |
|---|---|
| Overall level | 1 |
| Module type | Software |
| Embodiment | Multi-Chip Stand Alone |
| Status | Active |
| Sunset date | 12/1/2030 |
| Caveat | When operated in approved mode. No assurance of minimum security of SSPs (e.g., keys, bit strings) that are externally loaded, or of SSPs established with externally loaded SSPs. |
| Vendor | Apple Inc. |
flowchart LR
%% Deterministic review-risk graph for Apple corecrypto Module v14.1 [Apple silicon, Kernel, Software, SL1]
%% Review prompts and evidence gaps, NOT vulnerability findings.
subgraph CMVP["CMVP-disclosed clues"]
C2["[low] Firmware update / recovery<br/>/ rollback (referenced in<br/>text)<br/><i>Recovery<br/>update</i>"]
C3["[low] Self-test / status surface<br/>(referenced in text)<br/><i>Self-Test<br/>UnAuth<br/>Status output</i>"]
C5["[low] Protocol / secure-channel<br/>references (may be KDF<br/>names, not a live channel)<br/><i>IKEV<br/>IPSEC<br/>HTTPS</i>"]
C6["[low] Operating system / runtime<br/>referenced (boundary<br/>membership not asserted)<br/><i>operating system<br/>kernel<br/>application</i>"]
end
subgraph Inference["Derived inference"]
I2["Possible only, trusted<br/>code is reachable through<br/>update and recovery paths."]
I3["Possible only, some<br/>services may process input<br/>before, or without,<br/>operator authentication."]
I5["Possible only, a protocol<br/>is referenced, but whether<br/>it is a live channel or<br/>only a KDF/algorithm name<br/>is unconfirmed."]
I6["Possible only, a<br/>runtime/OS is referenced,<br/>but its membership in the<br/>cryptographic boundary is<br/>not established."]
end
subgraph Risk["Reviewer question"]
R2["Are update images<br/>authenticated before<br/>parsing, and are<br/>downgrade/rollback paths<br/>constrained?"]
R3["Can unauthenticated<br/>services leak state,<br/>consume resources, or<br/>transition security state?"]
R5["If a live TLS/SSH/IKE<br/>channel exists, could<br/>library CVEs apply, or is<br/>this only a<br/>KDF/documentation name?"]
R6["If the OS/runtime is<br/>in-boundary, could its<br/>CVEs be hidden by<br/>firmware-only versioning?"]
end
subgraph Evidence["Evidence needed to close"]
E2["confirm the disclosure<br/>itself (keyword hit,<br/>context unverified) ·<br/>update image format ·<br/>signature-before-parse<br/>proof · anti-rollback /<br/>downgrade policy"]
E3["confirm the disclosure<br/>itself (keyword hit,<br/>context unverified) ·<br/>pre-auth reachability<br/>matrix · rate limits and<br/>output redaction ·<br/>abuse-case tests"]
E5["confirm the disclosure<br/>itself (keyword hit,<br/>context unverified) ·<br/>library identity and<br/>version ·<br/>certificate-validation<br/>behaviour · protocol-CVE<br/>disposition"]
E6["confirm the disclosure<br/>itself (keyword hit,<br/>context unverified) ·<br/>runtime identity and<br/>config · kernel/runtime<br/>hardening profile ·<br/>patch/backport manifest"]
end
C2 --> I2 --> R2 --> E2
C3 --> I3 --> R3 --> E3
C5 --> I5 --> R5 --> E5
C6 --> I6 --> R6 --> E6
classDef clue fill:#eef3f9,stroke:#6f7f91,color:#1f3a5f;
classDef infer fill:#fff7e6,stroke:#b98500,color:#6b4e00;
classDef risk fill:#fbe9e9,stroke:#b02a2a,color:#7a1f1f;
classDef evidence fill:#e6f4ea,stroke:#1e7d34,color:#14532d;
class C2,C3,C5,C6 clue;
class I2,I3,I5,I6 infer;
class R2,R3,R5,R6 risk;
class E2,E3,E5,E6 evidence;flowchart LR
%% Deterministic clue tier for Apple corecrypto Module v14.1 [Apple silicon, Kernel, Software, SL1]
%% confidence: high = structured record field; medium = structured but soft; low (dashed) = bare keyword hit, context unverified
subgraph CMVP["CMVP-disclosed clues (deterministic)"]
C2["[low] Firmware update / recovery / rollback (referenced in text)<br/><i>Recovery<br/>update</i><br/>src: text:keyword"]
C3["[low] Self-test / status surface (referenced in text)<br/><i>Self-Test<br/>UnAuth<br/>Status output</i><br/>src: text:keyword"]
C5["[low] Protocol / secure-channel references (may be KDF names, not a live channel)<br/><i>IKEV<br/>IPSEC<br/>HTTPS</i><br/>src: text:keyword"]
C6["[low] Operating system / runtime referenced (boundary membership not asserted)<br/><i>operating system<br/>kernel<br/>application</i><br/>src: text:keyword"]
end
classDef clueHigh fill:#eef3f9,stroke:#2f6fb0,stroke-width:2px,color:#1f3a5f;
classDef clueMedium fill:#eef3f9,stroke:#6f7f91,color:#1f3a5f;
classDef clueLow fill:#f7f7f7,stroke:#999,stroke-dasharray:4 4,color:#444;
class C2,C3,C5,C6 clueLow;Apple Inc. Apple corecrypto Module v14.1 [Apple silicon, Kernel, Software, SL1] Prepared for: Apple Inc. One Apple Park Way Cupertino, CA 95014 Prepared by: atsec information security corporation
Austin, TX 78759 www.atsec.com
| # | Section | Page |
|---|
This document may be reproduced and distributed only in its original entirely without revision.
| Item | Page |
|---|---|
| Table 1: Security Levels | 6 |
| Table 2: Tested Module Identification – Software, Firmware, Hybrid (Executable Code Sets) | 8 |
| Table 3: Tested Operational Environments - Software, Firmware, Hybrid | 8 |
| Table 4: Modes List and Description | 9 |
| Table 5: Approved Algorithms | 10 |
| Table 6: Vendor-Affirmed Algorithms | 10 |
| Table 7: Non-Approved, Not Allowed Algorithms | 11 |
| Table 8: Security Function Implementations | 13 |
| Table 9: Entropy Certificates | 14 |
| Table 10: Entropy Sources | 14 |
| Table 11: Ports and Interfaces | 16 |
| Table 12: Roles | 17 |
| Table 13: Approved Services | 20 |
| Table 14: Non-Approved Services | 20 |
| Table 15: Storage Areas | 26 |
| Table 16: SSP Input-Output Methods | 26 |
| Table 17: SSP Zeroization Methods | 26 |
| Table 18: SSP Table 1 | 27 |
| Table 19: SSP Table 2 | 28 |
| Table 20: Pre-Operational Self-Tests | 29 |
| Table 21: Conditional Self-Tests | 30 |
| Table 22: Pre-Operational Periodic Information | 30 |
| Table 23: Conditional Periodic Information | 31 |
| Table 24: Error States | 32 |
| Figure 1: Block Diagram | 8 |
Trademarks Apple’s trademarks applicable to this document are listed in https://www.apple.com/legal/intellectual-property/trademark/appletmlist.html. Other company, product, and service names may be trademarks or service marks of others. This document may be reproduced and distributed only in its original entirely without revision.
This document is the non-proprietary FIPS 140-3 Security Policy for Apple corecrypto Module v14.1 [Apple silicon, Kernel, Software, SL1] cryptographic module. It contains the security rules under which the module must operate and describes how this module meets the requirements as specified in FIPS PUB 140-3 (Federal Information Processing Standards Publication 140-3) for a Security Level 1 module. This document provides all tables and diagrams (when applicable) required by NIST SP 800140Br1.
Section Title Security Level
1 General 1
2 Cryptographic module specification 1
3 Cryptographic module interfaces 1
4 Roles, services, and authentication 1
5 Software/Firmware security 1
6 Operational environment 1
7 Physical security N/A
8 Non-invasive security N/A
9 Sensitive security parameter management 1
10 Self-tests 1
11 Life-cycle assurance 1
12 Mitigation of other attacks N/A
Overall Level 1 Table 1: Security Levels This document may be reproduced and distributed only in its original entirely without revision.
Purpose and Use: The Apple corecrypto Module v14.1 [Apple silicon, Kernel, Software, SL1] cryptographic module (hereafter referred to as “the module”) provides implementations of lowlevel cryptographic primitives to the visionOS’s kernels Security Framework and Common Crypto. The module provides services intended to protect data in transit and at rest. The module is optimized for library use within the visionOS kernel space and does not contain any terminating assertions or exceptions. It is implemented as a visionOS dynamically loadable library. The library is loaded into the visionOS kernel and its cryptographic functions are made available to visionOS kernel services only. Any internal error detected by the module is returned to the caller with an appropriate return code. The calling visionOS kernel service must examine the return code and act accordingly. The module communicates any error status synchronously through the use of its documented return codes, thus indicating the module’s status. Caller-induced or internal errors do not reveal any sensitive material to callers. Module Type: Software Module Embodiment: MultiChipStand Cryptographic Boundary: The module cryptographic boundary is delineated by the dotted green rectangle in the Figure 1 where the Kernel Extension (KEXT) is a bundle that performs low-level tasks. KEXTs run in kernel space, which gives them elevated privileges and the ability to perform tasks that user-space apps can’t. Tested Operational Environment’s Physical Perimeter (TOEPP): The physical perimeter is represented by the most exterior black line in the block diagram Figure 1. The module executes within the kernel space of the computing platforms and operating systems listed in the Tested Operational Environments Table section 2.2. This document may be reproduced and distributed only in its original entirely without revision.
Tested Module Identification
Vendor-Affirmed Operational Environments - Software, Firmware, Hybrid: N/A for this module.
None for this module.
Modes List and Description: Mode Description Type Status Indicator Name Approved Approved mode of operation is entered Approved return a '1' from fips_allowed_mode() for mode when the module utilizes the services block cipher functions and fips_allowed() for that use the security functions listed in all other services to indicate the executed the Approved Algorithms Table and cryptographic algorithm was approved the Vendor Affirmed Algorithms Table. Non- Non-Approved mode of operation is Non- return any non-zero value from Approved entered when the module utilizes non- Approved fips_allowed_mode() for block cipher mode approved security functions in the functions and fips_allowed() for all other Table Non-Approved Algorithms Not services to indicate the executed Allowed in the Approved Mode of cryptographic algorithm was non- approved Operation. Table 4: Modes List and Description
The Module has an Approved and non-Approved mode of operation. The Approved mode of Operation is assumed automatically without any specific configuration. If the device starts up successfully then the module has passed all self-tests and is operating in the Approved mode. Any calls to the non-Approved security functions listed in the Non-Approved Services Table will cause the module to assume the non-Approved mode of operation.
Approved Algorithms: Algorithm CAVP Cert Properties Reference AES-CBC A5413 - SP 800-38A AES-CBC A5414 - SP 800-38A AES-CCM A5416 - SP 800-38C AES-CFB128 A5413 - SP 800-38A AES-CFB128 A5414 - SP 800-38A AES-CFB8 A5414 - SP 800-38A AES-CTR A5414 - SP 800-38A This document may be reproduced and distributed only in its original entirely without revision.
Algorithm CAVP Cert Properties Reference AES-CTR A5416 - SP 800-38A AES-ECB A5413 - SP 800-38A AES-ECB A5414 - SP 800-38A AES-ECB A5416 - SP 800-38A AES-GCM A5416 - SP 800-38D AES-KW A5414 - SP 800-38F AES-OFB A5413 - SP 800-38A AES-OFB A5414 - SP 800-38A AES-XTS Testing Revision 2.0 A5413 - SP 800-38E Counter DRBG A5414 - SP 800-90A Rev. 1 Counter DRBG A5416 - SP 800-90A Rev. 1 ECDSA KeyGen (FIPS186-4) A5369 - FIPS 186-4 ECDSA KeyVer (FIPS186-4) A5369 - FIPS 186-4 ECDSA SigGen (FIPS186-4) A5369 - FIPS 186-4 ECDSA SigVer (FIPS186-4) A5369 - FIPS 186-4 HMAC-SHA-1 A5369 - FIPS 198-1 HMAC-SHA2-224 A5369 - FIPS 198-1 HMAC-SHA2-256 A5369 - FIPS 198-1 HMAC-SHA2-256 A5417 - FIPS 198-1 HMAC-SHA2-384 A5369 - FIPS 198-1 HMAC-SHA2-384 A5415 - FIPS 198-1 HMAC-SHA2-512 A5369 - FIPS 198-1 HMAC-SHA2-512 A5415 - FIPS 198-1 HMAC-SHA2-512/256 A5369 - FIPS 198-1 HMAC-SHA2-512/256 A5415 - FIPS 198-1 RSA SigGen (FIPS186-4) A5369 - FIPS 186-4 RSA SigVer (FIPS186-4) A5369 - FIPS 186-4 SHA-1 A5369 - FIPS 180-4 SHA2-224 A5369 - FIPS 180-4 SHA2-256 A5369 - FIPS 180-4 SHA2-256 A5417 - FIPS 180-4 SHA2-384 A5369 - FIPS 180-4 SHA2-384 A5415 - FIPS 180-4 SHA2-512 A5369 - FIPS 180-4 SHA2-512 A5415 - FIPS 180-4 SHA2-512/256 A5369 - FIPS 180-4 SHA2-512/256 A5415 - FIPS 180-4 Table 5: Approved Algorithms The FIPS 186-4 CAVP tests in the listed ACVP certificates above are mathematically identical to the FIPS 186-5 CAVP tests. Per FIPS 140-3 C.K Additional Comments 2, the module claims compliance with FIPS 186-5 tests. Vendor-Affirmed Algorithms: Name Properties Implementation Reference Asymmetric (CKG) N/A SP 800-133Rev2 section 4 example 1 Table 6: Vendor-Affirmed Algorithms Non-Approved, Allowed Algorithms: This document may be reproduced and distributed only in its original entirely without revision.
N/A for this module. Non-Approved, Allowed Algorithms with No Security Claimed: N/A for this module. Non-Approved, Not Allowed Algorithms: Name Use and Function ANSI X9.63 KDF Hash based Key Derivation Function Blowfish Encryption / Decryption CAST5 Encryption / Decryption DES Encryption / Decryption ECDSA PKG: Curve P-192; PKV: Curve P-192; Signature Generation: Curve P192; Signature Verification: Curve P-192 ECDSA KeyGen Key Pair Generation for compact point representation of points EdDSA Key Generation, Signature Generation, Signature Verification with Ed25519 HKDF [SP800-56Crev2] Key Derivation Function Integrated Encryption Scheme on Encryption / Decryption elliptic curves (ECIES) MD2 Message Digest MD4 Message Digest OMAC (One-Key CBC MAC) MAC generation /verification RC2 Encryption / Decryption RC4 Encryption / Decryption RIPEMD Message Digest RSA SigGen PKCS#1 v1.5 and PSS; Signature Generation using key sizes less than 2048-bits RSA SigVer Signature Verification using key sizes less than1024 RSA Key Wrapping OAEP, PKCS#1 v1.5 and -PSS schemes Triple-DES [SP 800-67r2] Encryption / Decryption MD5 Message Digest RFC 6637 Key Derivation Key Derivation Function Table 7: Non-Approved, Not Allowed Algorithms
Name Type Description Properties Algorithms Symmetric BC-UnAuth Symmetric AES-CBC:Key AES-CBC: (A5413, Encryption and BC-Auth Encryption and Length: 128, 192, A5414) Decryption Decryption 256 AES-CCM: (A5416) AES-CCM:Key AES-CFB128: Length: 128, 192, (A5413, A5414)
AES-CFB128:Key AES-CTR: (A5414, Length: 128, 192, A5416)
AES-CFB8:Key A5414, A5416) Length: 128, 192, AES-GCM: (A5416)
AES-CTR:Key A5414) Length: 128, 192, AES-XTS Testing This document may be reproduced and distributed only in its original entirely without revision.
Name Type Description Properties Algorithms
AES-ECB:Key (A5413) Length: 128, 192, AES-GCM:Key Length: 128, 192, AES-OFB:Key Length: 128, 192, AES-XTS:Key Length: 128, 256 Key Wrapping and KTS-Wrap Key Wrapping and AES-KW:Key AES-KW: (A5414) Unwrapping BC-Auth Unwrapping Length: 128, 192, Random Number DRBG Random Number Counter Counter DRBG: Generation Generation DRBG:AES-128, (A5414, A5416) AES-256; Derivation Function Enabled; No Prediction Resistance; Key size: 128, 256 bits Keyed Hash MAC Keyed Hash HMAC-SHA-1:Key HMAC-SHA2-256: Size: 128 - 262144 (A5417, A5369) bits; Key Strength: HMAC-SHA2-384:
HMAC-SHA2- HMAC-SHA2-512: 224:Key Size: 224 - (A5415, A5369)
Strength: 224 bits 512/256: (A5415, HMAC-SHA2- A5369) 256:Key Size: 256 - HMAC-SHA-1:
Strength: 256 bits HMAC-SHA2-224: HMAC-SHA2- (A5369) 384:Key Size: 384 -
Strength: 384 bits HMAC-SHA2512:Key Size: 512 -
Strength: 512 bits HMAC-SHA2512/256:Key Size:
Key Strength: 256 bits Asymmetric Key AsymKeyPair- Asymmetric Key ECDSA KeyGen ECDSA KeyGen Generation KeyGen Generation (FIPS186-4):Key (FIPS186-4): CKG Size(Curve): P-224, (A5369) P-256, P-384, P- Asymmetric (CKG): 521; Key Strength: () from 112 to 256 bits Asymmetric Key AsymKeyPair- Asymmetric Key ECDSA KeyVer ECDSA KeyVer Validation KeyVer Validation (FIPS186-4):Key (FIPS186-4): Size(Curve): P-224, (A5369) P-256, P-384, P521; Key Strength: from 112 to 256 bits This document may be reproduced and distributed only in its original entirely without revision.
Name Type Description Properties Algorithms Digital Signature DigSig-SigGen Digital Signature ECDSA SigGen ECDSA SigGen Generation Generation (FIPS186-4):Key (FIPS186-4): Size(Curve): P-224, (A5369) P-256, P-384, P- RSA SigGen 521; Key Strength: (FIPS186-4): from 112 to 256 bits (A5369) RSA SigGen (FIPS186-4):Key Size: 2048, 3072,
Strength: from 112 to 150 bits Digital Signature DigSig-SigVer Digital Signature ECDSA SigVer ECDSA SigVer Verification Verification (FIPS186-4):Key (FIPS186-4): Size(Curve): P-224, (A5369) P-256, P-384, P- RSA SigVer 521; Key Strength: (FIPS186-4): from 112 to 256 bits (A5369) RSA SigVer (FIPS186-4):Key Size: 1024, 2048, 3072, 4096 bits; Key Strength: from 80 to
Digital Signature DigSig-SigVer Digital Signature ECDSA SigVer ECDSA SigVer Verification (Legacy) Verification using (FIPS186-4):Key (FIPS186-4): SHA1 Size(Curve): P-224, (A5369) P-256, P-384, P- RSA SigVer 521; Key Strength: (FIPS186-4): from 112 to 256 bits (A5369) RSA SigVer (FIPS186-4):Key Size: 1024, 2048, 3072, 4096 bits; Key Strength: from 80 to
Message Digest SHA Message Digest SHA-1:N/A SHA2-384: (A5415, SHA2-224:N/A A5369) SHA2-256:N/A SHA2-512: (A5415, SHA2-384:N/A A5369) SHA2-512:N/A SHA2-512/256: SHA2-512/256:N/A (A5415, A5369) SHA2-256: (A5417, A5369) SHA-1: (A5369) SHA2-224: (A5369) Table 8: Security Function Implementations
AES-GCM AES-GCM IV is constructed in compliance with IG C.H scenario 1 (IPsec-v3). This document may be reproduced and distributed only in its original entirely without revision.
The GCM IV generation follows RFC 4106 and shall only be used for the IPsec protocol version 3. When the IV in RFC 4106 exhausts the maximum number of possible values for a given security association, either party to the security association that encounters this condition triggers a rekeying with IKEv2 to establish a new encryption key for the security association. The module uses RFC 7296 compliant IKEv2 to establish the shared secret SKEYSEED from which the AESGCM encryption keys are derived. In compliance with IG C.H section 3, if the module’s power is lost and then restored, the key used for the AES GCM encryption/decryption shall be re-distributed. This condition is not enforced by the module. AES-XTS AES-XTS mode is only approved for hardware storage applications. The length of the AES-XTS data unit does not exceed 220 blocks. The module checks explicitly that Key_1 ≠ Key_2 before using the keys in the XTS-Algorithm to process data with them compliant with IG C.I. SHA-1: Digital signature generation using SHA-1 is non-approved and not allowed in approved services. Digital signature verification using SHA-1 is considered approved (“Legacy”). HMAC using SHA-1 is approved. The SHA-1 algorithm, as implemented by the module, will be non-approved for all purposes except signature verification, starting January 1, 2031. Note: Algorithms designated as “Legacy” can only be used on data that was generated prior to the Legacy Date specified in FIPS 140-3 IG C.M.
Cert Vendor Number Name E113 apple Table 9: Entropy Certificates Name Type Operational Environment Sample Entropy Conditioning Size per Component Sample Apple corecrypto Physical See Tested Operational 256 bit 256 bit SHA-256 [ACVP physical entropy Environment Table in section cert. #C1223] source 2.2 Table 10: Entropy Sources This document may be reproduced and distributed only in its original entirely without revision.
Entropy source(s): The random bits used to seed and reseed the module’s approved DRBG comes from a physical entropy source residing within the TOEPP. The entropy source includes a vetted conditioning component in the form of a SHA-256. The min-entropy rate at the output of the entropy source (h_out for the output of the conditioning component per Section 3.1.5 of SP 800-90B) is 256 bits per 256-bit output. The entropy source follows IG 9.3.A scenario 1.(b) i.e., the module is a software module and the entropy sources reside outside of the cryptographic boundary but inside the module’s TOEPP. DRBG(s): The module implements an SP 800-90ARev1 approved deterministic random bit generator (DRBG) in the form of a CTR_DRBG using AES-256 with derivation function and without prediction resistance. The module performs DRBG health tests according to SP800-90ARev1 section 11.3. DRBG Output: The output of CTR_DRBG provides up to 256-bits of security strength.
The module implements asymmetric key generation compliant to SP800-133r2 Section 4 examples 1 and is listed as a vendor affirmed algorithm per FIPS 140_3 IG D.H. The seed material used to generate the asymmetric key pairs is provided directly output from the module’s CTR_DRBG. The module does not implement symmetric key generation.
The module does not implement key establishment.
No parts of the IPSec, other than those mentioned above, have been tested by the CAVP and CMVP. This document may be reproduced and distributed only in its original entirely without revision.
Physical Logical Data That Passes Port Interface(s) N/A Data Input Data inputs/outputs are provided in the variables passed in the C language Kernel Data Output Interfaces (KPIs) and callable service invocations, generally through caller-supplied buffers N/A Control Control inputs which control the mode of the module are provided through dedicated Input parameters. N/A Status Status output is provided in return codes and through messages. Documentation for Output each KPI lists possible return codes. A complete list of all return codes returned by the C language KPIs within the module is provided in the header files and the KPI documentation. Messages are also documented in the KPI documentation. Table 11: Ports and Interfaces The module does not implement a Control Output Logical Interface. This document may be reproduced and distributed only in its original entirely without revision.
N/A for this module. FIPS 140-3 does not require an authentication mechanism for level 1 modules. Therefore, the module does not support an authentication mechanism for Crypto Officer. The Crypto Officer role is authorized to access all services provided by the module (see Table - Approved Services and Table - Non-Approved Services).
Name Type Operator Type Authentication Methods Crypto Officer Role Crypto Officer None Table 12: Roles
The abbreviations of the access rights to SSPs have the following interpretation: G = Generate: The module generates or derives the SSP. R = Read: The SSP is read from the module (e.g., the SSP is output). W = Write: The SSP is updated, imported, or written to the module. E = Execute: The module uses the SSP in performing a cryptographic operation. Z = Zeroise: The module zeroises the SSP. N/A = The service does not access any SSP during its operation Name Description Indicator Inputs Outputs Security SSP Functions Access AES Execute AES- 0 plaintext ciphertext Symmetric Crypto Encryption/Decryption mode encrypt or data and key data / Encryption Officer decrypt / ciphertext plaintext and - AES operation data and key data Decryption key: W,E AES Key Wrapping / Execute AES- 0 key wrapping wrapped key Key Crypto Key Unwrapping key wrapping or key, / unwrapped Wrapping Officer unwrapping unwrapped key and - AES operation key / Unwrapping keyWrapped wrapping key, AES key: W,E key wrapping key Secure Hash Generate a 0 message digest Message Crypto Generation digest for the Digest Officer requested algorithm This document may be reproduced and distributed only in its original entirely without revision.
Name Description Indicator Inputs Outputs Security SSP Functions Access Message Generate a MAC 0 message, MAC Keyed Hash Crypto Authentication digest using the MAC key, Officer Generation requested SHA MAC - HMAC algorithm algorithm key: W,E Message Verify a MAC 0 MAC, pass/fail Keyed Hash Crypto Authentication Code digest message, Officer Verification MAC key, - HMAC MAC key: W,E algorithm RSA signature Sign a message 0 SigGen: SigGen: Digital Crypto generation and with a specified private key, computed Signature Officer verification RSA private key. message, signature; Generation - RSA key Verify the hash SigVer: Digital pair: W,E signature of a function; pass/fail Signature message with a SigVer: result of Verification specified RSA public key, digital Digital public key. digital signature Signature signature, verification Verification message, (Legacy) hash function ECDSA signature Sign a message 0 SigGen: SigGen: Digital Crypto generation and with a specified private key, computed Signature Officer verification ECDSA private message, signature; Generation - ECDSA key Verify the hash SigVer: Digital key pair: signature of a function; pass/fail Signature W,E message with a SigVer: result of Verification specified public key, digital Digital ECDSA public digital signature Signature key signature, verification Verification message, (Legacy) hash function Random Number Generate 0 length of random bit- Random Crypto Generation random number generated string Number Officer number Generation - Entropy input string: E - DRBG seed, internal state V value, and key: G,W,E ECDSA key pair Generate a 0 curve size key pair Asymmetric Crypto generation and keypair for a Key Officer validation requested elliptic Generation - DRBG curve and Asymmetric seed, validity Key internal Validation state V value, and key: W,E - ECDSA key pair: G,R This document may be reproduced and distributed only in its original entirely without revision.
Name Description Indicator Inputs Outputs Security SSP Functions Access Self-test execute CASTs 0 power pass/fail Symmetric Crypto results Encryption Officer and Decryption Key Wrapping and Unwrapping Random Number Generation Keyed Hash Asymmetric Key Generation Asymmetric Key Validation Digital Signature Generation Digital Signature Verification Digital Signature Verification (Legacy) Message Digest Show Status Return the N/A N/A Status None Crypto module status output Officer Show version/module Return Module N/A N/A Module None Crypto info Base Name and information Officer Module Version Number Zeroization SSPs are 0 N/A N/A None Crypto zeroised when Officer the system is - AES powered down, key: Z when all - AES resources of keysymmetric wrapping crypto function key: Z context, all - HMAC resources of key: Z hash context, all - ECDSA resources of key pair: asymmetric Z crypto function - RSA key context are pair: Z released. - Entropy input string: Z - DRBG seed, internal state V This document may be reproduced and distributed only in its original entirely without revision.
Name Description Indicator Inputs Outputs Security SSP Functions Access value, and key: Z Table 13: Approved Services
Name Description Algorithms Role Triple-DES encryption / decryption Execute Triple-DES mode encrypt Triple-DES [SP 800-67r2] CO or decrypt operation. RSA Key Encapsulation The CAST does not perform the full RSA Key Wrapping CO KTS, only the raw RSA encrypt/decrypt. RSA Signature Generation Sign a message with a non- RSA SigGen CO approved RSA private key size RSA Signature Verification Verify the signature of a message RSA SigVer CO with a non-approved RSA public key size ECDSA key-pair generation, ECDSA For curve P-192 ECDSA CO signature generation, ECDSA signature verification ECDSA Key Pair Generation for For compact point representation of ECDSA KeyGen CO compact point representation of points points EdDSA Key Generation, Signature Ed25519 EdDSA CO Generation, Signature Verification ECIES Elliptic Curve encrypt/ decrypt Integrated Encryption CO Scheme on elliptic curves (ECIES) ANSI X9.63 Key Derivation SHA-1 hash-based ANSI X9.63 KDF CO SP800-56Crev2 Key Derivation SHA-256 hash-based HKDF [SP800-56Crev2] CO (HKDF) OMAC Message Authentication Code One-Key CBC-MAC using 128-bit OMAC (One-Key CBC CO Generation key MAC) OMAC Message Authentication Code One-Key CBC-MAC using 128-bit OMAC (One-Key CBC CO Verification key MAC) Message digest generation Message digest generation using MD2 CO non-approved algorithms MD4 RIPEMD MD5 Symmetric encryption / decryption Symmetric encryption / decryption Blowfish CO using non-approved algorithms CAST5 DES RC2 RC4 RFC 6637 KDF SHA-256, SHA-512, AES-128, RFC 6637 Key Derivation CO AES-256 Table 14: Non-Approved Services
The module does not support the loading of external software/firmware. This document may be reproduced and distributed only in its original entirely without revision.
This document may be reproduced and distributed only in its original entirely without revision.
A software integrity test is performed on the runtime image of the module. The HMAC-SHA256 implemented in the module is used as the approved algorithm for the integrity test. If the test fails, the module enters an error state where no cryptographic services are provided, and data output is prohibited i.e. the module is not operational.
The module’s integrity test can be performed on demand by power-cycling the computing platform. Integrity test on demand is performed as part of the Pre-Operational Self-Tests, automatically executed at power-on. This document may be reproduced and distributed only in its original entirely without revision.
Type of Operational Environment: Modifiable
The module is supplied as part of visionOS, a commercially available general-purpose operating system executing on the computing platforms specified in section 2.2. This document may be reproduced and distributed only in its original entirely without revision.
The FIPS 140-3 physical security requirements do not apply to the Apple corecrypto Module v14.1 [Apple silicon, Kernel, Software, SL1] since it is a software module. This document may be reproduced and distributed only in its original entirely without revision.
Per IG 12.A, until the requirements of NIST SP 800-140F are defined, non-invasive mechanisms fall under ISO/IEC 19790:2012 Section 7.12 Mitigation of other attacks. The requirements of this area are not applicable to the module. This document may be reproduced and distributed only in its original entirely without revision.
Storage Description Persistence Area Type Name RAM Temporary storage for SSPs used by the module as part of service execution. The Dynamic module does not perform persistent storage of SSPs Table 15: Storage Areas
Name From To Format Distribution Entry SFI or Type Type Type Algorithm KPI input Operator calling Cryptographic Plaintext Manual Electronic parameters application (TOEPP) module KPI output Cryptographic Operator calling Plaintext Manual Electronic parameters module application (TOEPP) Table 16: SSP Input-Output Methods
Zeroization Description Rationale Operator Method Initiation Wipe and Free Zeroizes the SSPs Memory occupied by SSPs is overwritten with By calling the memory block contained within the cipher zeroes and then it is released, which renders cipher related allocated handle. the SSP values irretrievable. The completion zeroization API of the zeroization routine indicates that the zeroization procedure succeeded. Module Reset De-allocates the volatile Volatile memory used by the module is By unloading memory used to store overwritten within nanoseconds when power and reloading SSPs is removed. the module Intermediate Intermediate keygen Intermediate keygen values are zeroized N/A value values are zeroized before before the module returns from the key zeroization the module returns from generation function. the key generation function. Table 17: SSP Zeroization Methods
Name Description Size - Type - Generated Established Used By Strength Category By By AES key AES key 128 to 256 Symmetric - Symmetric bits - 128 to CSP Encryption
Decryption This document may be reproduced and distributed only in its original entirely without revision.
Name Description Size - Type - Generated Established Used By Strength Category By By AES key- AES KW 128 to 256 symmetric - Key Wrapping wrapping bits - 128 to CSP and key 256 bits Unwrapping HMAC key HMAC key 128 to 256 - MAC - CSP Keyed Hash
ECDSA key ECDSA key pair P-224, P- Asymmetric - Asymmetric Asymmetric pair (including 256, P-384, CSP Key Key Validation intermediate P-521 - 112 Generation Digital keygen values) to 256 bits Signature Generation Digital Signature Verification Digital Signature Verification (Legacy) RSA key RSA key pair 2048 - 4096 Asymmetric - Digital pair (including - 112 to 150 CSP Signature intermediate bits Generation keygen values) Digital Signature Verification Digital Signature Verification (Legacy) Entropy Entropy input 256 bits - Entropy input Random input string string 256 bits string - CSP Number Generation DRBG seed, DRBG input 256 bits - DRBG - CSP Random Random internal state parameters 256 bits Number Number V value, and Generation Generation key Table 18: SSP Table 1 Name Input - Storage Storage Zeroization Related SSPs Output Duration AES key KPI input RAM:Plaintext From service Wipe and Free parameters invocation to memory block service allocated completion Module Reset AES key- KPI input RAM:Plaintext From service Wipe and Free wrapping key parameters invocation to memory block service allocated completion Module Reset HMAC key KPI input RAM:Plaintext From service Wipe and Free parameters invocation to memory block service allocated completion Module Reset ECDSA key KPI input RAM:Plaintext From service Wipe and Free DRBG seed, internal state pair parameters invocation to memory block V value, and key:Used KPI output service allocated With parameters completion Module Reset Intermediate This document may be reproduced and distributed only in its original entirely without revision.
Name Input - Storage Storage Zeroization Related SSPs Output Duration value zeroization RSA key pair KPI input RAM:Plaintext From service Wipe and Free DRBG seed, internal state parameters invocation to memory block V value, and key (IG D.L service allocated compliant):Derived From completion Module Reset Intermediate value zeroization Entropy input RAM:Plaintext Storage Module Reset DRBG seed, internal state string duration during V value, and key:Used the usage of With the CSP DRBG seed, Storage Module Reset Entropy input string:Used internal state duration during With V value, and the usage of key the CSP Table 19: SSP Table 2 This document may be reproduced and distributed only in its original entirely without revision.
While the module is executing the self-tests, services are not available, and input and output are inhibited.
The module performs a pre-operational software integrity automatically when the module is loaded into memory (i.e., at power on) before the module transitions to the operational state. A software integrity test is performed on the runtime image of the module with HMAC-SHA256 used to perform the approved integrity technique. Prior to using HMAC-SHA-256, a Conditional Cryptographic Algorithm Self-Tests (CAST) is performed. Algorithm or Test Test Method Test Indicator Details Test Properties Type HMAC- 112-bit key Message SW/FW Module The HMAC-SHA2-256 value SHA2-256 Authentication Integrity successful calculated at runtime is compared (A3687) execution with the HMAC-SHA2-256 value stored in the module, computed at compilation time. Table 20: Pre-Operational Self-Tests
Algorithm or Test Properties Test Test Indicator Details Conditions Test Method Type AES-GCM 128-bit key, KAT CAST Module Symmetric Test runs at (A5416) encrypt becomes operation power-on before operational the integrity test Counter DRBG 128-bit key KAT CAST Module Compliant with Test runs at (A5414) becomes SP 800-90Ar1 power-on before operational the integrity test Counter DRBG 128-bit key KAT CAST Module Compliant with Test runs at (A5416) becomes SP 800-90Ar1 power-on before operational the integrity test HMAC-SHA2- SHA2-256 KAT CAST Module Message Test runs at
256 (A5417) becomes authentication power-on before
operational the integrity test HMAC-SHA2- SHA2-256 KAT CAST Module Message Test runs at
256 (A5369) becomes authentication power-on before
operational the integrity test HMAC-SHA-1 SHA-1 KAT CAST Module Message Test runs at (A5369) becomes authentication power-on before operational the integrity test HMAC-SHA2- SHA2-512 KAT CAST Module Message Test runs at
512 (A5415) becomes authentication power-on before
operational the integrity test HMAC-SHA2- SHA2-512 KAT CAST Module Message Test runs at
512 (A5369) becomes authentication power-on before
operational the integrity test This document may be reproduced and distributed only in its original entirely without revision.
Algorithm or Test Properties Test Test Indicator Details Conditions Test Method Type RSA SigGen PKCS#1 v1.5 KAT CAST Module Digital signature Test runs at (FIPS186-4) with 2048 bit key becomes generation power-on before (A5369) and SHA2-256 operational the integrity test RSA SigVer PKCS#1 v1.5 KAT CAST Module Digital signature Test runs at (FIPS186-4) with 2048 bit key becomes verification power-on before (A5369) and SHA2-256 operational the integrity test ECDSA PCT with SHA2- PCT PCT Successful Signature Key pair KeyGen 256 key pair generation & generation (FIPS186-4) generation verification (A5369) ECDSA SigGen P-224 with SHA- KAT CAST Module Digital signature Test runs at (FIPS186-4) 224 becomes generation power-on before (A5369) operational the integrity test ECDSA SigVer P-224 with SHA- KAT CAST Module Digital signature Test runs at (FIPS186-4) 224 becomes verification power-on before (A5369) operational the integrity test AES-CBC 128-bit key KAT CAST Module Symmetric Test runs at (A5413) encrypt becomes operation power-on before operational the integrity test AES-CBC 128-bit key KAT CAST Module Symmetric Test runs at (A5414) encrypt becomes operation power-on before operational the integrity test AES-ECB 128-bit key KAT CAST Module Symmetric Test runs at (A5413) decrypt becomes operation power-on before operational the integrity test AES-ECB 128-bit key KAT CAST Module Symmetric Test runs at (A5414) decrypt becomes operation power-on before operational the integrity test AES-ECB 128-bit key KAT CAST Module Symmetric Test runs at (A5416) decrypt becomes operation power-on before operational the integrity test AES-XTS 128-bit key KAT CAST Module Symmetric Test runs at Testing decrypt becomes operation power-on before Revision 2.0 operational the integrity test (A5413) HMAC-SHA2- SHA2-512/256 KAT CAST Module Message Test runs at 512/256 becomes authentication power-on before (A5415) operational the integrity test HMAC-SHA2- SHA2-512/256 KAT CAST Module Message Test runs at 512/256 becomes authentication power-on before (A5369) operational the integrity test Table 21: Conditional Self-Tests
Algorithm or Test Test Method Test Type Period Periodic Method HMAC-SHA2-256 Message SW/FW Integrity Whenever module is Upon every power (A3687) Authentication powered on on Table 22: Pre-Operational Periodic Information Algorithm or Test Test Method Test Type Period Periodic Method AES-GCM (A5416) KAT CAST On Demand Manually This document may be reproduced and distributed only in its original entirely without revision.
Algorithm or Test Test Method Test Type Period Periodic Method Counter DRBG KAT CAST On Demand Manually (A5414) Counter DRBG KAT CAST On Demand Manually (A5416) HMAC-SHA2-256 KAT CAST On Demand Manually (A5417) HMAC-SHA2-256 KAT CAST On Demand Manually (A5369) HMAC-SHA-1 KAT CAST On Demand Manually (A5369) HMAC-SHA2-512 KAT CAST On Demand Manually (A5415) HMAC-SHA2-512 KAT CAST On Demand Manually (A5369) RSA SigGen KAT CAST On Demand Manually (FIPS186-4) (A5369) RSA SigVer KAT CAST On Demand Manually (FIPS186-4) (A5369) ECDSA KeyGen PCT PCT On Demand Manually (FIPS186-4) (A5369) ECDSA SigGen KAT CAST On Demand Manually (FIPS186-4) (A5369) ECDSA SigVer KAT CAST On Demand Manually (FIPS186-4) (A5369) AES-CBC (A5413) KAT CAST On Demand Manually AES-CBC (A5414) KAT CAST On Demand Manually AES-ECB (A5413) KAT CAST On Demand Manually AES-ECB (A5414) KAT CAST On Demand Manually AES-ECB (A5416) KAT CAST On Demand Manually AES-XTS Testing KAT CAST On Demand Manually Revision 2.0 (A5413) HMAC-SHA2- KAT CAST On Demand Manually 512/256 (A5415) HMAC-SHA2- KAT CAST On Demand Manually 512/256 (A5369) Table 23: Conditional Periodic Information
Name Description Conditions Recovery Indicator Method Error
Name Description Conditions Recovery Indicator Method invoked Conditional Conditional the preCAST did not PCT failure operational match the known software value or 3) The integrity test signature failed to and the generate/verify Conditional successfully in the CASTs. Conditional PCT. No cryptographic services are provided, and data output is prohibited Table 24: Error States
The module permits operators to initiate the pre-operational or conditional self-tests on demand for periodic testing of the module by rebooting the system (i.e., power-cycling). This document may be reproduced and distributed only in its original entirely without revision.
Startup Procedures: The module is built into visionOS defined in section 2 and delivered/ installed with the respective visionOS. There is no standalone delivery of the module as a software library. Installation Process and Authentication Mechanisms: The vendor’s internal development process guarantees that the correct version of module goes with its intended visionOS version. For additional assurance, the module is digitally signed by vendor, and it is verified during the integration into Host visionOS. This digital signature-based integrity protection during the delivery/integration process is not to be confused with the HMAC-256 based integrity check performed by the module itself as part of its pre-operational self- tests.
The Approved mode of operation is configured in the system by default and can only be transitioned into the non-Approved mode by calling one of the non-Approved services listed in Table - Non-Approved Services. If the device starts up successfully, then the module has passed all self-tests and is operating in the Approved mode. Apple Platform Certifications guide and Apple Platform Security guide are provided by Apple which offers IT System Administrators with the necessary technical information to ensure FIPS 140-3 Compliance of the deployed systems. This guide walks the reader through the system’s assertion of cryptographic module integrity and the steps necessary if module integrity requires remediation.
No non-administrator guidance.
The Crypto Officer shall consider the following requirements and restrictions when using the module.
The module secure sanitization is accomplished by first powering the module down, which will zeroize all SSPs within volatile memory. Following the power-down, an uninstall by way of system wipe or system update will zeroize the corecrypto-1638.100.62 binary file listed in Table 2. This document may be reproduced and distributed only in its original entirely without revision.
The module does not claim mitigation of other attacks. This document may be reproduced and distributed only in its original entirely without revision.