Aruba AP-504, AP-505, AP-514, AP-515, AP-534, AP-535 and AP-555 Wireless Access Points with ArubaOS FIPS Firmware

Certificate #4629

Webpage information ?

Status active
Validation dates 05.10.2023
Sunset date 23-02-2026
Standard FIPS 140-2
Security level 2
Type Hardware
Embodiment Multi-Chip Stand Alone
Caveat When operated in FIPS mode. When installed, initialized and configured as specified in Section 13 of the Security Policy. The tamper evident labels installed as indicated in the security policy
Exceptions
  • Mitigation of Other Attacks: N/A
Description The Aruba MOVE Architecture forms the core network infrastructure for supporting mobile and wireless computing devices. The system enables enterprise-scale 802.11 wireless LANs (Wi-Fi), secure remote VPNs, and mobility-optimized wired networks.
Version (Hardware) [AP-504-USF1 (HPE SKU R2H34A), AP-505-USF1 (HPE SKU R2H39A), AP-514-USF1 (HPE SKU Q9H68A), AP-515-USF1 (HPE SKU Q9H73A), AP-534-USF1 (HPE SKU JZ342A), AP-535-USF1 (HPE SKU JZ347A), AP-555-USF1 (HPE SKU JZ367A)] with FIPS Kit 4011570-01 (HPE SKU JY894A)
Version (Firmware) ArubaOS 8.10.0.2-FIPS
Vendor Aruba, a Hewlett Packard Enterprise company
References

This certificate's webpage directly references 0 certificates, transitively this expands into 0 certificates.

Security policy ?

Symmetric Algorithms
AES, RC4, DES, Triple-DES, HMAC, HMAC-SHA-512, HMAC-SHA-256, HMAC-SHA-384
Asymmetric Algorithms
RSA 2048, ECDSA, ECC, DH, Diffie-Hellman, DSA
Hash functions
SHA-1, SHA1, SHA-256, SHA-384, SHA-512, MD5
Schemes
Key Exchange, Key Agreement
Protocols
SSH, TLS, IKE, IKEv2, IKEv1, IPsec, VPN
Randomness
DRBG
Libraries
OpenSSL
Elliptic Curves
P-256, P-384
Block cipher modes
ECB, CBC, CTR, GCM

Security level
Level 2, Level 1, level 2

Standards
FIPS 140-2, FIPS 197, FIPS 186-4, FIPS 198-1, FIPS 186-2, FIPS 180-4, FIPS 140, SP 800-90A, SP 800-38A, SP 800-133, SP 800-135, SP 800-56A, SP 800-56C, SP 800-108, SP 800-67, SP 800-38D, SP 800-38F, PKCS1, PKCS#1, RFC 4106, RFC 7296

File metadata

Author Jon Green
Creation date D:20230914141800
Pages 56
Creator Leidos
Producer Leidos

Heuristics ?

No heuristics are available for this certificate.

References ?

No references are available for this certificate.

Updates ?

  • 06.11.2023 The certificate data changed.
    Certificate changed

    The web extraction data was updated.

    • The certificate_pdf_url property was set to https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/October 2023_011123_0711.pdf.
  • 01.11.2023 The certificate was first processed.
    New certificate

    A new FIPS 140 certificate with the product name was processed.

Raw data

{
  "_type": "sec_certs.sample.fips.FIPSCertificate",
  "cert_id": 4629,
  "dgst": "7cbd0054c41931bf",
  "heuristics": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
    "algorithms": {
      "_type": "Set",
      "elements": [
        "KDA#A2690",
        "DSA#A2689",
        "RSA#A2689",
        "SHS#A2690",
        "CVL#A2690",
        "KAS-SSC#A2690",
        "AES#A2689",
        "KTS#A2689",
        "KAS#A2690",
        "KAS-SSC#A2689",
        "AES#A2690",
        "ECDSA#A2689",
        "SHS#A2688",
        "RSA#A2690",
        "HMAC#A2689",
        "CVL#A2689",
        "DRBG#A2690",
        "SHS#A2689",
        "ECDSA#A2690",
        "DSA#A2690",
        "HMAC#A2690",
        "RSA#A2688",
        "KBKDF#A2690"
      ]
    },
    "cpe_matches": null,
    "direct_transitive_cves": null,
    "extracted_versions": {
      "_type": "Set",
      "elements": [
        "8.10.0.2"
      ]
    },
    "indirect_transitive_cves": null,
    "module_processed_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": null,
      "indirectly_referenced_by": null,
      "indirectly_referencing": null
    },
    "module_prunned_references": {
      "_type": "Set",
      "elements": []
    },
    "policy_processed_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": null,
      "indirectly_referenced_by": null,
      "indirectly_referencing": null
    },
    "policy_prunned_references": {
      "_type": "Set",
      "elements": []
    },
    "related_cves": null,
    "verified_cpe_matches": null
  },
  "pdf_data": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
    "keywords": {
      "asymmetric_crypto": {
        "ECC": {
          "ECC": {
            "ECC": 2
          },
          "ECDSA": {
            "ECDSA": 22
          }
        },
        "FF": {
          "DH": {
            "DH": 2,
            "Diffie-Hellman": 17
          },
          "DSA": {
            "DSA": 5
          }
        },
        "RSA": {
          "RSA 2048": 1
        }
      },
      "certification_process": {},
      "cipher_mode": {
        "CBC": {
          "CBC": 5
        },
        "CTR": {
          "CTR": 3
        },
        "ECB": {
          "ECB": 1
        },
        "GCM": {
          "GCM": 3
        }
      },
      "cplc_data": {},
      "crypto_engine": {},
      "crypto_library": {
        "OpenSSL": {
          "OpenSSL": 9
        }
      },
      "crypto_protocol": {
        "IKE": {
          "IKE": 14,
          "IKEv1": 4,
          "IKEv2": 29
        },
        "IPsec": {
          "IPsec": 1
        },
        "SSH": {
          "SSH": 2
        },
        "TLS": {
          "TLS": {
            "TLS": 1
          }
        },
        "VPN": {
          "VPN": 1
        }
      },
      "crypto_scheme": {
        "KA": {
          "Key Agreement": 5
        },
        "KEX": {
          "Key Exchange": 1
        }
      },
      "device_model": {},
      "ecc_curve": {
        "NIST": {
          "P-256": 20,
          "P-384": 18
        }
      },
      "eval_facility": {},
      "fips_cert_id": {},
      "fips_certlike": {
        "Certlike": {
          "AES CTR 256": 1,
          "AES-CBC10": 1,
          "AES-GCM9": 1,
          "DRBG4": 1,
          "HMAC-SHA-1": 11,
          "HMAC-SHA-1 (160": 1,
          "HMAC-SHA-1-96": 4,
          "HMAC-SHA-256": 2,
          "HMAC-SHA-384": 2,
          "HMAC-SHA-512": 6,
          "HMAC-SHA1": 8,
          "PKCS#1": 2,
          "PKCS1": 10,
          "RSA 2048": 1,
          "RSA PKCS#1": 2,
          "SHA- 1": 1,
          "SHA- 384384": 1,
          "SHA- 512": 1,
          "SHA- 5127": 1,
          "SHA-1": 13,
          "SHA-256": 8,
          "SHA-384": 3,
          "SHA-512": 2,
          "SHA1": 2,
          "SHA2- 256": 2,
          "SHA2-256": 9,
          "SHA2-384": 4,
          "SHA2-512": 1
        }
      },
      "fips_security_level": {
        "Level": {
          "Level 1": 1,
          "Level 2": 70,
          "level 2": 1
        }
      },
      "hash_function": {
        "MD": {
          "MD5": {
            "MD5": 3
          }
        },
        "SHA": {
          "SHA1": {
            "SHA-1": 13,
            "SHA1": 2
          },
          "SHA2": {
            "SHA-256": 8,
            "SHA-384": 3,
            "SHA-512": 2
          }
        }
      },
      "ic_data_group": {},
      "javacard_api_const": {},
      "javacard_packages": {},
      "javacard_version": {},
      "os_name": {},
      "pq_crypto": {},
      "randomness": {
        "PRNG": {
          "DRBG": 24
        }
      },
      "side_channel_analysis": {},
      "standard_id": {
        "FIPS": {
          "FIPS 140": 1,
          "FIPS 140-2": 90,
          "FIPS 180-4": 3,
          "FIPS 186-2": 2,
          "FIPS 186-4": 10,
          "FIPS 197": 2,
          "FIPS 198-1": 2
        },
        "NIST": {
          "SP 800-108": 1,
          "SP 800-133": 1,
          "SP 800-135": 4,
          "SP 800-38A": 2,
          "SP 800-38D": 1,
          "SP 800-38F": 2,
          "SP 800-56A": 9,
          "SP 800-56C": 3,
          "SP 800-67": 2,
          "SP 800-90A": 2
        },
        "PKCS": {
          "PKCS#1": 2,
          "PKCS1": 5
        },
        "RFC": {
          "RFC 4106": 1,
          "RFC 7296": 1
        }
      },
      "symmetric_crypto": {
        "AES_competition": {
          "AES": {
            "AES": 15
          },
          "RC": {
            "RC4": 2
          }
        },
        "DES": {
          "3DES": {
            "Triple-DES": 9
          },
          "DES": {
            "DES": 3
          }
        },
        "constructions": {
          "MAC": {
            "HMAC": 7,
            "HMAC-SHA-256": 1,
            "HMAC-SHA-384": 1,
            "HMAC-SHA-512": 3
          }
        }
      },
      "tee_name": {},
      "tls_cipher_suite": {},
      "vendor": {},
      "vulnerability": {}
    },
    "policy_metadata": {
      "/Author": "Jon Green",
      "/CreationDate": "D:20230914141800",
      "/Creator": "Leidos",
      "/Producer": "Leidos",
      "pdf_file_size_bytes": 904053,
      "pdf_hyperlinks": {
        "_type": "Set",
        "elements": [
          "http://www.arubanetworks.com",
          "https://urldefense.com/v3/__https:/csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?validation=35300__;!!NpxR!mIa2Bc3MOCQYgIqZdnlHt_SAAgkzoy56jN4Paqz-3DMgGvrFTfQ5aMilAprrIoQJ2UdBdcBEa-HBMFEYK_Ouo69k1U4WeZk$",
          "https://csrc.nist.gov/Projects/cryptographic-module-validation-program/Validated-Modules/Search",
          "https://csrc.nist.gov/projects/cryptographic-module-validation-program",
          "https://urldefense.com/v3/__https:/csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?validation=35299__;!!NpxR!mIa2Bc3MOCQYgIqZdnlHt_SAAgkzoy56jN4Paqz-3DMgGvrFTfQ5aMilAprrIoQJ2UdBdcBEa-HBMFEYK_Ouo69kl7dKpbY$",
          "https://urldefense.com/v3/__https:/csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?validation=35301__;!!NpxR!mIa2Bc3MOCQYgIqZdnlHt_SAAgkzoy56jN4Paqz-3DMgGvrFTfQ5aMilAprrIoQJ2UdBdcBEa-HBMFEYK_Ouo69kpUm2UDM$",
          "https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/Details?validation=31659",
          "https://asp.arubanetworks.com/downloads;fileTypes=DOCUMENT;products=Aruba%20Mobility%20Controllers%20%28AOS%29"
        ]
      },
      "pdf_is_encrypted": false,
      "pdf_number_of_pages": 56
    }
  },
  "state": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
    "module_download_ok": true,
    "module_extract_ok": true,
    "policy_convert_garbage": false,
    "policy_convert_ok": true,
    "policy_download_ok": true,
    "policy_extract_ok": true,
    "policy_pdf_hash": "7245087d552c3a7538b501352fa3f731e028665b5a7f29b29726fc56e0dd9d6d",
    "policy_txt_hash": "af31e39e52ec19402e2f613eb49f0ea0f9de74be70d2c09ed9a546df124dd443"
  },
  "web_data": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
    "caveat": "When operated in FIPS mode. When installed, initialized and configured as specified in Section 13 of the Security Policy. The tamper evident labels installed as indicated in the security policy",
    "certificate_pdf_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/October 2023_011123_0711.pdf",
    "date_sunset": "2026-02-23",
    "description": "The Aruba MOVE Architecture forms the core network infrastructure for supporting mobile and wireless computing devices. The system enables enterprise-scale 802.11 wireless LANs (Wi-Fi), secure remote VPNs, and mobility-optimized wired networks.",
    "embodiment": "Multi-Chip Stand Alone",
    "exceptions": [
      "Mitigation of Other Attacks: N/A"
    ],
    "fw_versions": "ArubaOS 8.10.0.2-FIPS",
    "historical_reason": null,
    "hw_versions": "[AP-504-USF1 (HPE SKU R2H34A), AP-505-USF1 (HPE SKU R2H39A), AP-514-USF1 (HPE SKU Q9H68A), AP-515-USF1 (HPE SKU Q9H73A), AP-534-USF1 (HPE SKU JZ342A), AP-535-USF1 (HPE SKU JZ347A), AP-555-USF1 (HPE SKU JZ367A)] with FIPS Kit 4011570-01 (HPE SKU JY894A)",
    "level": 2,
    "mentioned_certs": {},
    "module_name": "Aruba AP-504, AP-505, AP-514, AP-515, AP-534, AP-535 and AP-555 Wireless Access Points with ArubaOS FIPS Firmware",
    "module_type": "Hardware",
    "revoked_link": null,
    "revoked_reason": null,
    "standard": "FIPS 140-2",
    "status": "active",
    "sw_versions": null,
    "tested_conf": null,
    "validation_history": [
      {
        "_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
        "date": "2023-10-05",
        "lab": "LEIDOS CSTL",
        "validation_type": "Initial"
      }
    ],
    "vendor": "Aruba, a Hewlett Packard Enterprise company",
    "vendor_url": "http://www.arubanetworks.com"
  }
}