Wickr FIPS Object Module for OpenSSL

Certificate #3608

Webpage information

Status historical
Historical reason Moved to historical list due to sunsetting
Validation dates 24.01.2020
Standard FIPS 140-2
Security level 1
Type Software
Embodiment Multi-Chip Stand Alone
Caveat When built, installed, protected and initialized as assumed by the Crypto Officer role and as specified in the provided Security Policy. Appendix A of the provided Security Policy specifies the actual distribution tar file containing the source code of this module. There shall be no additions, deletions or alterations to the tar file contents as used during module build. The distribution tar file shall be verified as specified in Appendix A of the provided Security Policy. Installation and protection shall be completed as specified in Appendix A of the provided Security Policy. Initialization shall be invoked as per Section 4 of the provided Security Policy. Any deviation from specified verification, protection, installation and initialization procedures will result in a non FIPS 140-2 compliant module. This validation entry is a non-security relevant modification to Cert. #2398. No assurance of the minimum strength of generated keys
Exceptions
  • Roles, Services, and Authentication: Level 2
  • Physical Security: N/A
  • Design Assurance: Level 3
  • Mitigation of Other Attacks: N/A
Description The Wickr FIPS Object Module for OpenSSL is a general purpose cryptographic module compiled from the source code for the OpenSSL FIPS Object Module 2.0.16.
Tested configurations
  • Android 9 running on a Samsung Galaxy S10 with a Qualcomm Snapdragon 855 (Kryo) with PAA
  • Android 9 running on a Samsung Galaxy S10 with a Qualcomm Snapdragon 855 (Kryo) without PAA
  • Apple iOS 13.1 running on an Apple iPhone X with an Apple A11 Bionic (Monsoon, Mistral) with PAA
  • Apple iOS 13.1 running on an Apple iPhone X with an Apple A11 Bionic (Monsoon, Mistral) without PAA
  • Apple macOS Mojave running on an Apple Macbook Pro A1502 with an Intel Core i5 with PAA
  • Apple macOS Mojave running on an Apple Macbook Pro A1502 with an Intel Core i5 without PAA
  • Microsoft Windows 10 April 2018 Update running on an IBM ThinkPad with an Intel Core i7 with PAA
  • Microsoft Windows 10 April 2018 Update running on an IBM ThinkPad with an Intel Core i7 without PAA (single-user mode)
  • Ubuntu 18.04 running on an IBM ThinkPad with an Intel Core i7 with PAA
  • Ubuntu 18.04 running on an IBM ThinkPad with an Intel Core i7 without PAA
Vendor Wickr Inc.
References

This certificate's webpage directly references 1 certificates, transitively this expands into 1 certificates.
Certificate
Webpage

Security policy

Security target PDF TXT

Symmetric Algorithms
AES, TDEA, Triple-DES, HMAC, CMAC
Asymmetric Algorithms
ECDSA, ECC, DH, DSA
Hash functions
SHA-1, SHA1, SHA-224, SHA224, SHA256, SHA384, SHA512, SHA-256, SHA-384, SHA-2
Schemes
Key Agreement, Key agreement
Randomness
DRBG, RNG
Libraries
OpenSSL
Elliptic Curves
P-224, P-521, P-192, P-256, P-384, K-409, B-233, B-409, K-163, K-283, K-571, B-283, B-571, K-256, K-521, B-256, B-163, K-233
Block cipher modes
ECB, CBC, CTR, CFB, OFB, GCM, CCM, XTS

Trusted Execution Environments
SE
Vendor
Qualcomm, Microsoft, Microsoft Corporation

Standards
FIPS 140-2, FIPS 180-4, FIPS 186-2, FIPS 186-4, FIPS 197, FIPS 198-1, FIPS 198, SP 800-38A, SP 800-38B, SP 800-38C, SP 800-38D, SP 800-38E, SP 800-56A, SP 800-56B, SP 800-57, SP 800-67, SP 800-89, SP 800-90A, SP 800-131A, PKCS#1

File metadata

Title Microsoft Word - 140spWickr-0.2.docx
Creation date D:20191112182653Z
Modification date D:20191220143247-05'00'
Pages 25
Creator Word
Producer macOS Version 10.14.6 (Build 18G1012) Quartz PDFContext

References

Outgoing
  • 2398 - historical - OpenSSL FIPS Object Module SE

Heuristics

No heuristics are available for this certificate.

References

Updates

  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate was first processed.

Raw data 

{
  "_type": "sec_certs.sample.fips.FIPSCertificate",
  "cert_id": 3608,
  "dgst": "86e83855c103c5ad",
  "heuristics": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
    "algorithms": {
      "_type": "Set",
      "elements": [
        "AES#C1359",
        "Triple-DES#C1359",
        "CVL#C1359",
        "ECDSA#C1359",
        "RSA#C1359",
        "SHS#C1359",
        "DRBG#C1359",
        "HMAC#C1359",
        "DSA#C1359"
      ]
    },
    "cpe_matches": null,
    "direct_transitive_cves": null,
    "extracted_versions": {
      "_type": "Set",
      "elements": [
        "-"
      ]
    },
    "indirect_transitive_cves": null,
    "module_processed_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": {
        "_type": "Set",
        "elements": [
          "2398"
        ]
      },
      "indirectly_referenced_by": null,
      "indirectly_referencing": {
        "_type": "Set",
        "elements": [
          "2398"
        ]
      }
    },
    "module_prunned_references": {
      "_type": "Set",
      "elements": [
        "2398"
      ]
    },
    "policy_processed_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": {
        "_type": "Set",
        "elements": [
          "2398"
        ]
      },
      "indirectly_referenced_by": null,
      "indirectly_referencing": {
        "_type": "Set",
        "elements": [
          "112",
          "2398"
        ]
      }
    },
    "policy_prunned_references": {
      "_type": "Set",
      "elements": [
        "2398"
      ]
    },
    "related_cves": null,
    "verified_cpe_matches": null
  },
  "pdf_data": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
    "keywords": {
      "asymmetric_crypto": {
        "ECC": {
          "ECC": {
            "ECC": 4
          },
          "ECDSA": {
            "ECDSA": 17
          }
        },
        "FF": {
          "DH": {
            "DH": 9
          },
          "DSA": {
            "DSA": 18
          }
        }
      },
      "certification_process": {},
      "cipher_mode": {
        "CBC": {
          "CBC": 4
        },
        "CCM": {
          "CCM": 4
        },
        "CFB": {
          "CFB": 4
        },
        "CTR": {
          "CTR": 3
        },
        "ECB": {
          "ECB": 4
        },
        "GCM": {
          "GCM": 5
        },
        "OFB": {
          "OFB": 2
        },
        "XTS": {
          "XTS": 4
        }
      },
      "cplc_data": {},
      "crypto_engine": {},
      "crypto_library": {
        "OpenSSL": {
          "OpenSSL": 36
        }
      },
      "crypto_protocol": {},
      "crypto_scheme": {
        "KA": {
          "Key Agreement": 2,
          "Key agreement": 2
        }
      },
      "device_model": {},
      "ecc_curve": {
        "NIST": {
          "B-163": 3,
          "B-233": 1,
          "B-256": 1,
          "B-283": 2,
          "B-409": 1,
          "B-571": 2,
          "K-163": 1,
          "K-233": 3,
          "K-256": 1,
          "K-283": 1,
          "K-409": 2,
          "K-521": 1,
          "K-571": 1,
          "P-192": 8,
          "P-224": 6,
          "P-256": 4,
          "P-384": 2,
          "P-521": 4
        }
      },
      "eval_facility": {},
      "fips_cert_id": {
        "Cert": {
          "#2398": 2
        }
      },
      "fips_certlike": {
        "Certlike": {
          "AES 128/ 192/256": 1,
          "AES 128/192/256": 2,
          "AES, 256": 1,
          "DRBG4": 1,
          "DSA (1024": 2,
          "HMAC SHA-1": 1,
          "HMAC- SHA-1": 2,
          "HMAC-SHA-1": 18,
          "HMAC-SHA1": 2,
          "PKCS#1": 2,
          "SHA( 224": 4,
          "SHA( 256": 2,
          "SHA- 1, 224": 2,
          "SHA- 224": 1,
          "SHA-1": 21,
          "SHA-1, 224": 16,
          "SHA-2": 3,
          "SHA-2 (224": 2,
          "SHA-224": 11,
          "SHA-256": 1,
          "SHA-384": 1,
          "SHA1": 1,
          "SHA224": 1,
          "SHA256": 3,
          "SHA384": 1,
          "SHA512": 2
        }
      },
      "fips_security_level": {},
      "hash_function": {
        "SHA": {
          "SHA1": {
            "SHA-1": 37,
            "SHA1": 1
          },
          "SHA2": {
            "SHA-2": 5,
            "SHA-224": 11,
            "SHA-256": 1,
            "SHA-384": 1,
            "SHA224": 1,
            "SHA256": 3,
            "SHA384": 1,
            "SHA512": 2
          }
        }
      },
      "ic_data_group": {},
      "javacard_api_const": {},
      "javacard_packages": {},
      "javacard_version": {},
      "os_name": {},
      "pq_crypto": {},
      "randomness": {
        "PRNG": {
          "DRBG": 18
        },
        "RNG": {
          "RNG": 8
        }
      },
      "side_channel_analysis": {},
      "standard_id": {
        "FIPS": {
          "FIPS 140-2": 36,
          "FIPS 180-4": 2,
          "FIPS 186-2": 8,
          "FIPS 186-4": 9,
          "FIPS 197": 2,
          "FIPS 198": 1,
          "FIPS 198-1": 1
        },
        "NIST": {
          "SP 800-131A": 2,
          "SP 800-38A": 2,
          "SP 800-38B": 2,
          "SP 800-38C": 2,
          "SP 800-38D": 2,
          "SP 800-38E": 2,
          "SP 800-56A": 4,
          "SP 800-56B": 1,
          "SP 800-57": 1,
          "SP 800-67": 2,
          "SP 800-89": 1,
          "SP 800-90A": 6
        },
        "PKCS": {
          "PKCS#1": 1
        }
      },
      "symmetric_crypto": {
        "AES_competition": {
          "AES": {
            "AES": 20
          }
        },
        "DES": {
          "3DES": {
            "TDEA": 1,
            "Triple-DES": 10
          }
        },
        "constructions": {
          "MAC": {
            "CMAC": 15,
            "HMAC": 8
          }
        }
      },
      "tee_name": {
        "IBM": {
          "SE": 1
        }
      },
      "tls_cipher_suite": {},
      "vendor": {
        "Microsoft": {
          "Microsoft": 1,
          "Microsoft Corporation": 1
        },
        "Qualcomm": {
          "Qualcomm": 2
        }
      },
      "vulnerability": {}
    },
    "policy_metadata": {
      "/AAPL:Keywords": "[]",
      "/CreationDate": "D:20191112182653Z",
      "/Creator": "Word",
      "/Keywords": "",
      "/ModDate": "D:20191220143247-05\u002700\u0027",
      "/Producer": "macOS Version 10.14.6 (Build 18G1012) Quartz PDFContext",
      "/Title": "Microsoft Word - 140spWickr-0.2.docx",
      "pdf_file_size_bytes": 3610634,
      "pdf_hyperlinks": {
        "_type": "Set",
        "elements": [
          "https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-56Ar3.pdf",
          "https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-4.pdf",
          "http://csrc.nist.gov/publications/fips/fips140-2/fips1402.pdf",
          "http://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-89.pdf",
          "https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38a.pdf",
          "http://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38e.pdf",
          "http://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.197.pdf",
          "http://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.180-4.pdf",
          "http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-90Ar1.pdf",
          "http://csrc.nist.gov/publications/nistpubs/800-38D/SP-800-38D.pdf",
          "http://csrc.nist.gov/publications/nistpubs/800-38C/SP800-38C_updated-July20_2007.pdf",
          "https://csrc.nist.gov/csrc/media/publications/fips/198/1/final/documents/fips-198-1_final.pdf",
          "https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-67r2.pdf",
          "https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-56Br2.pdf",
          "https://csrc.nist.gov/publications/detail/sp/800-131a/rev-2/final",
          "http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-57pt1r4.pdf",
          "https://csrc.nist.gov/CSRC/media/Publications/fips/186/2/archive/2000-01-27/documents/fips186-2.pdf"
        ]
      },
      "pdf_is_encrypted": false,
      "pdf_number_of_pages": 25
    }
  },
  "state": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
    "module_download_ok": true,
    "module_extract_ok": true,
    "policy_convert_ok": true,
    "policy_download_ok": true,
    "policy_extract_ok": true,
    "policy_json_hash": null,
    "policy_pdf_hash": "86d734faf1962db1f93024939fefd370a2a87c535092998e5ca849402e81c3e0",
    "policy_txt_hash": "70bf82dec76dca63a6eb221e809f8e4f14c6e2e087626512d72a560ba807d11e"
  },
  "web_data": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
    "caveat": "When built, installed, protected and initialized as assumed by the Crypto Officer role and as specified in the provided Security Policy. Appendix A of the provided Security Policy specifies the actual distribution tar file containing the source code of this module. There shall be no additions, deletions or alterations to the tar file contents as used during module build. The distribution tar file shall be verified as specified in Appendix A of the provided Security Policy. Installation and protection shall be completed as specified in Appendix A of the provided Security Policy. Initialization shall be invoked as per Section 4 of the provided Security Policy. Any deviation from specified verification, protection, installation and initialization procedures will result in a non FIPS 140-2 compliant module. This validation entry is a non-security relevant modification to Cert. #2398. No assurance of the minimum strength of generated keys",
    "certificate_pdf_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/Jan2020ConsolidatedCert.pdf",
    "date_sunset": null,
    "description": "The Wickr FIPS Object Module for OpenSSL is a general purpose cryptographic module compiled from the source code for the OpenSSL FIPS Object Module 2.0.16.",
    "embodiment": "Multi-Chip Stand Alone",
    "exceptions": [
      "Roles, Services, and Authentication: Level 2",
      "Physical Security: N/A",
      "Design Assurance: Level 3",
      "Mitigation of Other Attacks: N/A"
    ],
    "fw_versions": null,
    "historical_reason": "Moved to historical list due to sunsetting",
    "hw_versions": null,
    "level": 1,
    "mentioned_certs": {
      "2398": 1
    },
    "module_name": "Wickr FIPS Object Module for OpenSSL",
    "module_type": "Software",
    "revoked_link": null,
    "revoked_reason": null,
    "standard": "FIPS 140-2",
    "status": "historical",
    "sw_versions": "2.0.16",
    "tested_conf": [
      "Android 9 running on a Samsung Galaxy S10 with a Qualcomm Snapdragon 855 (Kryo) with PAA",
      "Android 9 running on a Samsung Galaxy S10 with a Qualcomm Snapdragon 855 (Kryo) without PAA",
      "Apple iOS 13.1 running on an Apple iPhone X with an Apple A11 Bionic (Monsoon, Mistral) with PAA",
      "Apple iOS 13.1 running on an Apple iPhone X with an Apple A11 Bionic (Monsoon, Mistral) without PAA",
      "Apple macOS Mojave running on an Apple Macbook Pro A1502 with an Intel Core i5 with PAA",
      "Apple macOS Mojave running on an Apple Macbook Pro A1502 with an Intel Core i5 without PAA",
      "Microsoft Windows 10 April 2018 Update running on an IBM ThinkPad with an Intel Core i7 with PAA",
      "Microsoft Windows 10 April 2018 Update running on an IBM ThinkPad with an Intel Core i7 without PAA (single-user mode)",
      "Ubuntu 18.04 running on an IBM ThinkPad with an Intel Core i7 with PAA",
      "Ubuntu 18.04 running on an IBM ThinkPad with an Intel Core i7 without PAA"
    ],
    "validation_history": [
      {
        "_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
        "date": "2020-01-24",
        "lab": "Leidos Accredited Testing \u0026 Evaluation (AT\u0026E) Lab",
        "validation_type": "Initial"
      }
    ],
    "vendor": "Wickr Inc.",
    "vendor_url": "http://wickr.com"
  }
}