Aruba AP-203R, AP-203RP, and AP-303H Wireless Access Points

Certificate #4623

Webpage information ?

Status active
Validation dates 03.10.2023
Sunset date 19-12-2024
Standard FIPS 140-2
Security level 2
Type Hardware
Embodiment Multi-Chip Stand Alone
Caveat When operated in FIPS mode. When installed, initialized and configured as specified in Section 13 of the Security Policy. The tamper evident labels installed as indicated in the security policy
Exceptions
  • Mitigation of Other Attacks: N/A
Description Aruba's 802.11ac Wi-Fi access points operate at gigabit speeds, offering extreme performance for mobile devices. In FIPS 140-2 mode, Aruba APs in conjunction with a Mobility Controller support the IEEE 802.11i/WPA2 client standard along with optional Suite B cryptography. Aruba APs also support wireless intrusion detection/prevention services and wireless mesh topologies.
Version (Hardware) [AP-203R-USF1 (HPE SKU JY715A), AP-203R-RWF1 (HPE SKU JY713A), AP-203RP-USF1 (HPE SKU JY723A), AP-203RP-RWF1 (HPE SKU JY721A), AP-303H-USF1 (HPE SKU JY681A) and AP-303H-RWF1 (HPE SKU JY679A)] with FIPS Kit 4011570-01 (HPE SKU JY894A)
Version (Firmware) ArubaOS 8.10.0.2-FIPS
Vendor Aruba, a Hewlett Packard Enterprise company
References

This certificate's webpage directly references 0 certificates, transitively this expands into 0 certificates.

Security policy ?

Symmetric Algorithms
AES, RC4, DES, Triple-DES, HMAC, HMAC-SHA-256, HMAC-SHA-384, HMAC-SHA-512
Asymmetric Algorithms
RSA 2048, ECDSA, ECC, DH, Diffie-Hellman, DSA
Hash functions
SHA-1, SHA1, SHA-256, SHA-384, SHA-512, MD5
Schemes
Key Exchange, Key Agreement
Protocols
SSH, TLS, IKE, IKEv1, IKEv2, IPsec, VPN
Randomness
DRBG
Libraries
OpenSSL
Elliptic Curves
P-256, P-384
Block cipher modes
ECB, CBC, CTR, GCM, CCM

Security level
Level 2, Level 1, level 2

Standards
FIPS 140-2, FIPS 197, FIPS 186-4, FIPS 198-1, FIPS 186-2, FIPS 180-4, FIPS 140, SP 800-38A, SP 800-133, SP 800-135, SP 800-90A, SP 800-108, SP 800-67, SP 800-38F, SP 800-56A, SP 800-56C, SP 800-38D, SP 800-38C, PKCS1, PKCS#1

File metadata

Title Microsoft Word - ArubaOS8.10-AP-203R-203RP-303H-3B-Security-Policy.doc
Author huntzh
Creation date D:20230614155352-04'00'
Modification date D:20230614155352-04'00'
Pages 46
Producer Microsoft: Print To PDF

References

Outgoing
  • 2481 - historical - Luna® PCI-e Cryptographic Module
  • 2017 - historical - AP 71xx Series Wireless Access Points - AP 7131N, AP 7131N-GR, AP 7161, AP 7181
Incoming
  • 2471 - historical - SUSE Linux Enterprise Server 12 - OpenSSH Server Module
  • 2472 - historical - SUSE Linux Enterprise Server 12 - OpenSSH Client Module
  • 2484 - historical - SUSE Linux Enterprise Server 12 - StrongSwan Cryptographic Module

Heuristics ?

No heuristics are available for this certificate.

References ?

Updates ?

  • 06.11.2023 The certificate data changed.
    Certificate changed

    The web extraction data was updated.

    • The certificate_pdf_url property was set to https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/October 2023_011123_0711.pdf.
  • 01.11.2023 The certificate was first processed.
    New certificate

    A new FIPS 140 certificate with the product name was processed.

Raw data

{
  "_type": "sec_certs.sample.fips.FIPSCertificate",
  "cert_id": 4623,
  "dgst": "12269c796b58fb51",
  "heuristics": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
    "algorithms": {
      "_type": "Set",
      "elements": [
        "KDA#A2690",
        "DSA#A2689",
        "RSA#A2689",
        "SHS#A2690",
        "CVL#A2690",
        "KAS-SSC#A2690",
        "AES#A2689",
        "KAS#A2690",
        "KAS-SSC#A2689",
        "AES#A2690",
        "ECDSA#A2689",
        "SHS#A2688",
        "RSA#A2690",
        "HMAC#A2689",
        "CVL#A2689",
        "DRBG#A2690",
        "AES#5412",
        "SHS#A2689",
        "KTS#A2690",
        "ECDSA#A2690",
        "DSA#A2690",
        "HMAC#A2690",
        "RSA#A2688",
        "KBKDF#A2690"
      ]
    },
    "cpe_matches": null,
    "direct_transitive_cves": null,
    "extracted_versions": {
      "_type": "Set",
      "elements": [
        "8.10.0.2"
      ]
    },
    "indirect_transitive_cves": null,
    "module_processed_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": null,
      "indirectly_referenced_by": null,
      "indirectly_referencing": null
    },
    "module_prunned_references": {
      "_type": "Set",
      "elements": []
    },
    "policy_processed_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": {
        "_type": "Set",
        "elements": [
          "2471",
          "2472",
          "2484"
        ]
      },
      "directly_referencing": {
        "_type": "Set",
        "elements": [
          "2481",
          "2017"
        ]
      },
      "indirectly_referenced_by": {
        "_type": "Set",
        "elements": [
          "3099",
          "2471",
          "2549",
          "2472",
          "2484"
        ]
      },
      "indirectly_referencing": {
        "_type": "Set",
        "elements": [
          "2481",
          "2017"
        ]
      }
    },
    "policy_prunned_references": {
      "_type": "Set",
      "elements": [
        "2481",
        "2017"
      ]
    },
    "related_cves": null,
    "verified_cpe_matches": null
  },
  "pdf_data": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
    "keywords": {
      "asymmetric_crypto": {
        "ECC": {
          "ECC": {
            "ECC": 2
          },
          "ECDSA": {
            "ECDSA": 21
          }
        },
        "FF": {
          "DH": {
            "DH": 2,
            "Diffie-Hellman": 19
          },
          "DSA": {
            "DSA": 5
          }
        },
        "RSA": {
          "RSA 2048": 1
        }
      },
      "certification_process": {},
      "cipher_mode": {
        "CBC": {
          "CBC": 5
        },
        "CCM": {
          "CCM": 1
        },
        "CTR": {
          "CTR": 3
        },
        "ECB": {
          "ECB": 2
        },
        "GCM": {
          "GCM": 3
        }
      },
      "cplc_data": {},
      "crypto_engine": {},
      "crypto_library": {
        "OpenSSL": {
          "OpenSSL": 8
        }
      },
      "crypto_protocol": {
        "IKE": {
          "IKE": 16,
          "IKEv1": 23,
          "IKEv2": 16
        },
        "IPsec": {
          "IPsec": 1
        },
        "SSH": {
          "SSH": 2
        },
        "TLS": {
          "TLS": {
            "TLS": 1
          }
        },
        "VPN": {
          "VPN": 1
        }
      },
      "crypto_scheme": {
        "KA": {
          "Key Agreement": 5
        },
        "KEX": {
          "Key Exchange": 1
        }
      },
      "device_model": {},
      "ecc_curve": {
        "NIST": {
          "P-256": 22,
          "P-384": 18
        }
      },
      "eval_facility": {},
      "fips_cert_id": {
        "Cert": {
          "#2017": 1,
          "#2481": 1
        }
      },
      "fips_certlike": {
        "Certlike": {
          "AES CTR 256": 1,
          "AES-CBC15": 1,
          "AES-CBC7": 1,
          "AES-CBC8": 1,
          "AES-GCM14": 1,
          "DRBG4": 1,
          "HMAC (384": 1,
          "HMAC-SHA-1": 19,
          "HMAC-SHA-1 (160": 1,
          "HMAC-SHA-256": 14,
          "HMAC-SHA-384": 14,
          "HMAC-SHA-512": 10,
          "HMAC-SHA-512 128": 4,
          "HMAC-SHA-51211": 2,
          "HMAC-SHA-51216": 2,
          "HMAC-SHA1": 4,
          "PKCS#1": 2,
          "PKCS1": 8,
          "RSA 2048": 1,
          "RSA PKCS#1": 2,
          "SHA- 1": 1,
          "SHA- 512": 5,
          "SHA- 51212": 1,
          "SHA-1": 13,
          "SHA-256": 11,
          "SHA-384": 6,
          "SHA-384384": 1,
          "SHA-512": 1,
          "SHA1": 2,
          "SHA2-256": 10,
          "SHA2-384": 3,
          "SHA2-512": 1
        }
      },
      "fips_security_level": {
        "Level": {
          "Level 1": 1,
          "Level 2": 57,
          "level 2": 1
        }
      },
      "hash_function": {
        "MD": {
          "MD5": {
            "MD5": 3
          }
        },
        "SHA": {
          "SHA1": {
            "SHA-1": 13,
            "SHA1": 2
          },
          "SHA2": {
            "SHA-256": 11,
            "SHA-384": 6,
            "SHA-512": 1
          }
        }
      },
      "ic_data_group": {},
      "javacard_api_const": {},
      "javacard_packages": {},
      "javacard_version": {},
      "os_name": {},
      "pq_crypto": {},
      "randomness": {
        "PRNG": {
          "DRBG": 24
        }
      },
      "side_channel_analysis": {},
      "standard_id": {
        "FIPS": {
          "FIPS 140": 1,
          "FIPS 140-2": 79,
          "FIPS 180-4": 3,
          "FIPS 186-2": 2,
          "FIPS 186-4": 11,
          "FIPS 197": 3,
          "FIPS 198-1": 2
        },
        "NIST": {
          "SP 800-108": 1,
          "SP 800-133": 1,
          "SP 800-135": 4,
          "SP 800-38A": 3,
          "SP 800-38C": 1,
          "SP 800-38D": 1,
          "SP 800-38F": 4,
          "SP 800-56A": 9,
          "SP 800-56C": 3,
          "SP 800-67": 2,
          "SP 800-90A": 2
        },
        "PKCS": {
          "PKCS#1": 2,
          "PKCS1": 4
        }
      },
      "symmetric_crypto": {
        "AES_competition": {
          "AES": {
            "AES": 16
          },
          "RC": {
            "RC4": 2
          }
        },
        "DES": {
          "3DES": {
            "Triple-DES": 8
          },
          "DES": {
            "DES": 3
          }
        },
        "constructions": {
          "MAC": {
            "HMAC": 10,
            "HMAC-SHA-256": 7,
            "HMAC-SHA-384": 7,
            "HMAC-SHA-512": 7
          }
        }
      },
      "tee_name": {},
      "tls_cipher_suite": {},
      "vendor": {},
      "vulnerability": {}
    },
    "policy_metadata": {
      "/Author": "huntzh",
      "/CreationDate": "D:20230614155352-04\u002700\u0027",
      "/ModDate": "D:20230614155352-04\u002700\u0027",
      "/Producer": "Microsoft: Print To PDF",
      "/Title": "Microsoft Word - ArubaOS8.10-AP-203R-203RP-303H-3B-Security-Policy.doc",
      "pdf_file_size_bytes": 2348372,
      "pdf_hyperlinks": {
        "_type": "Set",
        "elements": []
      },
      "pdf_is_encrypted": false,
      "pdf_number_of_pages": 46
    }
  },
  "state": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
    "module_download_ok": true,
    "module_extract_ok": true,
    "policy_convert_garbage": false,
    "policy_convert_ok": true,
    "policy_download_ok": true,
    "policy_extract_ok": true,
    "policy_pdf_hash": "8513cd2c8fbab178a089a405a0094a82f4e40f8496f4ade3b1f01306c9249395",
    "policy_txt_hash": "6bd719a37150b5bd85f0bce9649d417fad53d4d17bff29f585024028b800050a"
  },
  "web_data": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
    "caveat": "When operated in FIPS mode. When installed, initialized and configured as specified in Section 13 of the Security Policy. The tamper evident labels installed as indicated in the security policy",
    "certificate_pdf_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/October 2023_011123_0711.pdf",
    "date_sunset": "2024-12-19",
    "description": "Aruba\u0027s 802.11ac Wi-Fi access points operate at gigabit speeds, offering extreme performance for mobile devices. In FIPS 140-2 mode, Aruba APs in conjunction with a Mobility Controller support the IEEE 802.11i/WPA2 client standard along with optional Suite B cryptography. Aruba APs also support wireless intrusion detection/prevention services and wireless mesh topologies.",
    "embodiment": "Multi-Chip Stand Alone",
    "exceptions": [
      "Mitigation of Other Attacks: N/A"
    ],
    "fw_versions": "ArubaOS 8.10.0.2-FIPS",
    "historical_reason": null,
    "hw_versions": "[AP-203R-USF1 (HPE SKU JY715A), AP-203R-RWF1 (HPE SKU JY713A), AP-203RP-USF1 (HPE SKU JY723A), AP-203RP-RWF1 (HPE SKU JY721A), AP-303H-USF1 (HPE SKU JY681A) and AP-303H-RWF1 (HPE SKU JY679A)] with FIPS Kit 4011570-01 (HPE SKU JY894A)",
    "level": 2,
    "mentioned_certs": {},
    "module_name": "Aruba AP-203R, AP-203RP, and AP-303H Wireless Access Points",
    "module_type": "Hardware",
    "revoked_link": null,
    "revoked_reason": null,
    "standard": "FIPS 140-2",
    "status": "active",
    "sw_versions": null,
    "tested_conf": null,
    "validation_history": [
      {
        "_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
        "date": "2023-10-03",
        "lab": "LEIDOS CSTL",
        "validation_type": "Initial"
      }
    ],
    "vendor": "Aruba, a Hewlett Packard Enterprise company",
    "vendor_url": "http://www.arubanetworks.com"
  }
}