Reference Guide

Aruba 7200 Series Controllers FIPS 140-2 Level 2 Security Policy|17

The firmware supports the following cryptographic implementations.

 ArubaOS OpenSSL Module implements the following FIPS-approved algorithms:

 AES (Cert. #2680)

 CVL (Cert. #152)

 DRBG (Cert. #433)

 ECDSA (Cert. #469)

 HMAC (Cert. #1666)

 KBKDF (Cert. #16)

 RSA (Cert. #1379)

 SHS (Cert. #2249)

 Triple-DES (Cert. #1607)

Note:

o RSA (Cert. #1379; non-compliant with the functions from the CAVP Historical RSA List)

 FIPS186-2:

ALG[ANSIX9.31]: Key(gen)(MOD: 1024 PubKey Values: 65537)

ALG[RSASSA-PKCS1_V1_5]: SIG(gen): 1024, SHS: SHA-1/SHA-256/SHA-384/SHA-

512, 2048, SHS: SHA-1

o ECDSA (Cert. #469; non-compliant with the functions from the CAVP Historical ECDSA List)

 FIPS186-2:

SIG(gen): CURVES(P-256 P-384), SHS: SHA-1



 ArubaOS Crypto Module implementation supports the following FIPS Approved Algorithms:

o AES (Cert. #2677)

o CVL (Cert. #150)

o ECDSA (Cert. #466)

o HMAC (Cert. #1663)

o RNG (Cert. #1250)

o RSA (Cert. #1376)

o SHS (Cert. #2246)

o Triple-DES (Cert. #1605)

Note:

o RSA (Cert. #1376; non-compliant with the functions from the CAVP Historical RSA List)

 FIPS186-2:

ALG[ANSIX9.31]: Key(gen)(MOD: 1024 PubKey Values: 65537)

ALG[RSASSA-PKCS1_V1_5]: SIG(gen): 1024, SHS: SHA-1/SHA-256/SHA-384/SHA-

512, 2048, SHS: SHA-1

o ECDSA (Cert. #466; non-compliant with the functions from the CAVP Historical ECDSA List)

 FIPS186-2:

SIG(gen): CURVES(P-256 P-384), SHS: SHA-1

 ArubaOS UBOOT Bootloader implements the following FIPS-approved algorithms:

o RSA (Cert. #1380)