This page was not yet optimized for use on mobile
devices.
Dell BSAFE™ Crypto Module for C
Certificate #4967
Webpage information
Security policy
Symmetric Algorithms
AES, AES-128, AES-192, AES-256, CAST, DES, 3DES, Triple-DES, TDEA, HMAC, CMAC, CBC-MACAsymmetric Algorithms
ECDH, ECDSA, ECC, Diffie-Hellman, DH, DSAHash functions
SHA-1, SHA1, SHA2, SHA-2, SHA3-224, SHA3-256, SHA3-384, SHA3-512, SHA3, SHA-3, MD4, MD5, PBKDF2Schemes
MAC, Key Agreement, Key agreementProtocols
SSH, TLS, TLS v1.2, TLS v1.3, TLSv1.2Randomness
PRNG, DRBG, RNGElliptic Curves
P-224, P-256, P-384, P-521, P-192, K-233, K-283, K-409, K-571, B-233, B-283, B-409, B-571, B-163, K-163Block cipher modes
ECB, CBC, CTR, CFB, OFB, GCM, CCM, XTSTrusted Execution Environments
PSPVendor
MicrosoftSecurity level
Level 1Side-channel analysis
timing attacks, Timing AttacksCertification process
out of scope, variables containing SSP data on the stack or heap should be zeroized after use or before going out of scope. 11.2.2 Random Number Generation Operations Using the CTR DRBG with AES-256 is recommended as it isStandards
FIPS 140-3, FIPS 186-4, FIPS 186-2, FIPS 180-4, FIPS 202, FIPS 198-1, SP 800-38A, SP 800-38C, SP 800-38D, SP 800-38E, SP 800-38F, SP 800-56B, SP 800-56A, SP 800-132, SP 800-108, SP 800-135, SP 800-90A, SP 800-38B, SP 800-56C, SP 800-133, SP 800-90B, SP 800-131A, SP 800-57, SP 800-107, SP 800-52, PKCS #1, RFC 7627, RFC 5246, RFC 8446, RFC 5288, RFC 2246, ISO/IEC 24759File metadata
| Title | Dell BSAFE™ Crypto Module for C 3.0.1 Security Policy |
|---|---|
| Keywords | BSAFE Crypto Module for C, BSAFE, fips, security policy, level 1 |
| Author | Dell Australia Pty Limited |
| Creation date | D:20100527131853Z |
| Modification date | D:20250213070646+10'00' |
| Pages | 53 |
| Creator | FrameMaker 17.0.5 |
| Producer | Adobe PDF Library 17.0 |
Heuristics
No heuristics are available for this certificate.
References
No references are available for this certificate.
Updates Feed
-
The certificate data changed.
-
The certificate data changed.
-
The certificate was first processed.
Raw data
{
"_type": "sec_certs.sample.fips.FIPSCertificate",
"cert_id": 4967,
"dgst": "e560f3c5ee3df5df",
"heuristics": {
"_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
"algorithms": {
"_type": "Set",
"elements": [
"HMAC-SHA2-224A2308",
"ECDSA SigVer (FIPS186-4)A2308",
"HMAC-SHA3-512A2308",
"DSA PQGVer (FIPS186-4)A2308",
"SHA3-384A2308",
"RSA SigGen (FIPS186-4)A2308",
"AES-OFBA2308",
"HMAC-SHA3-256A2308",
"SHA2-384A2308",
"SHA3-512A2308",
"SHA-1A2308",
"DSA SigVer (FIPS186-4)A2308",
"KDA OneStep Sp800-56Cr1A2308",
"AES-CBC-CS3A2308",
"AES-CBCA2308",
"AES-GCMA2308",
"AES-ECBA2308",
"SHAKE-256A2308",
"KDF SSHA2308",
"KDF TLSA2308",
"RSA Decryption PrimitiveA2308",
"ECDSA KeyVer (FIPS186-4)A2308",
"AES-GMACA2308",
"SHA2-512/256A2308",
"KDA HKDF Sp800-56Cr1A2308",
"RSA SigVer (FIPS186-2)A2308",
"AES-CTRA2308",
"ECDSA KeyGen (FIPS186-4)A2308",
"HMAC-SHA-1A2308",
"DSA SigGen (FIPS186-4)A2308",
"AES-XTS Testing Revision 2.0A2308",
"TLS v1.3 KDFA2308",
"HMAC-SHA2-512/224A2308",
"HMAC-SHA2-384A2308",
"HMAC-SHA2-512A2308",
"AES-KWPA2308",
"Safe Primes Key VerificationA2308",
"HMAC-SHA2-512/256A2308",
"HMAC-SHA3-384A2308",
"KAS-ECC-SSC Sp800-56Ar3A2308",
"KAS-IFC-SSCA2308",
"KDF SP800-108A2308",
"PBKDFA2308",
"AES-KWA2308",
"KDF ANS 9.63A2308",
"Safe Primes Key GenerationA2308",
"HMAC DRBGA2308",
"SHA2-512/224A2308",
"RSA KeyGen (FIPS186-4)A2308",
"AES-CFB128A2308",
"SHAKE-128A2308",
"AES-CCMA2308",
"AES-CMACA2308",
"HMAC-SHA3-224A2308",
"SHA2-256A2308",
"SHA2-224A2308",
"DSA KeyGen (FIPS186-4)A2308",
"KAS-FFC-SSC Sp800-56Ar3A2308",
"Counter DRBGA2308",
"SHA2-512A2308",
"SHA3-224A2308",
"TLS v1.2 KDF RFC7627A2308",
"DSA PQGGen (FIPS186-4)A2308",
"HMAC-SHA2-256A2308",
"ECDSA SigGen (FIPS186-4)A2308",
"RSA Signature PrimitiveA2308",
"SHA3-256A2308",
"RSA SigVer (FIPS186-4)A2308"
]
},
"cpe_matches": null,
"direct_transitive_cves": null,
"extracted_versions": {
"_type": "Set",
"elements": [
"-"
]
},
"indirect_transitive_cves": null,
"module_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"module_prunned_references": {
"_type": "Set",
"elements": []
},
"policy_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"policy_prunned_references": {
"_type": "Set",
"elements": []
},
"related_cves": null,
"verified_cpe_matches": null
},
"pdf_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
"keywords": {
"asymmetric_crypto": {
"ECC": {
"ECC": {
"ECC": 16
},
"ECDH": {
"ECDH": 5
},
"ECDSA": {
"ECDSA": 10
}
},
"FF": {
"DH": {
"DH": 18,
"Diffie-Hellman": 9
},
"DSA": {
"DSA": 37
}
}
},
"certification_process": {
"OutOfScope": {
"out of scope": 1,
"variables containing SSP data on the stack or heap should be zeroized after use or before going out of scope. 11.2.2 Random Number Generation Operations Using the CTR DRBG with AES-256 is recommended as it is": 1
}
},
"cipher_mode": {
"CBC": {
"CBC": 6
},
"CCM": {
"CCM": 2
},
"CFB": {
"CFB": 8
},
"CTR": {
"CTR": 16
},
"ECB": {
"ECB": 5
},
"GCM": {
"GCM": 6
},
"OFB": {
"OFB": 5
},
"XTS": {
"XTS": 5
}
},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {},
"crypto_protocol": {
"SSH": {
"SSH": 5
},
"TLS": {
"TLS": {
"TLS": 11,
"TLS v1.2": 8,
"TLS v1.3": 5,
"TLSv1.2": 2
}
}
},
"crypto_scheme": {
"KA": {
"Key Agreement": 3,
"Key agreement": 1
},
"MAC": {
"MAC": 33
}
},
"device_model": {},
"ecc_curve": {
"NIST": {
"B-163": 1,
"B-233": 5,
"B-283": 5,
"B-409": 5,
"B-571": 5,
"K-163": 1,
"K-233": 6,
"K-283": 5,
"K-409": 5,
"K-571": 5,
"P-192": 2,
"P-224": 14,
"P-256": 10,
"P-384": 10,
"P-521": 10
}
},
"eval_facility": {},
"fips_cert_id": {
"Cert": {
"#1": 7
}
},
"fips_certlike": {
"Certlike": {
"AES (128": 1,
"AES 128, 192": 1,
"AES-128": 1,
"AES-128 128": 1,
"AES-128 3072": 1,
"AES-192": 1,
"AES-192 192": 1,
"AES-192 7680": 1,
"AES-256": 4,
"AES-2561": 1,
"AES-CTR 128": 1,
"DES3": 4,
"DES31": 1,
"DRBG12": 1,
"HMAC13": 2,
"PKCS #1": 6,
"RSA PKCS #1": 4,
"RSA-PKCS #1": 2,
"SHA-1": 19,
"SHA-1 112": 1,
"SHA-2": 3,
"SHA-3": 1,
"SHA1": 1,
"SHA2": 2,
"SHA2-224": 16,
"SHA2-256": 24,
"SHA2-384": 19,
"SHA2-512": 18,
"SHA2-512 128": 2,
"SHA2-512 256": 2,
"SHA3": 6,
"SHA3-224": 10,
"SHA3-22410": 2,
"SHA3-256": 10,
"SHA3-25610": 2,
"SHA3-384": 9,
"SHA3-38410": 2,
"SHA3-512": 6,
"SHA3-512 128": 4,
"SHA3-51210": 2
}
},
"fips_security_level": {
"Level": {
"Level 1": 10
}
},
"hash_function": {
"MD": {
"MD4": {
"MD4": 1
},
"MD5": {
"MD5": 3
}
},
"PBKDF": {
"PBKDF2": 9
},
"SHA": {
"SHA1": {
"SHA-1": 20,
"SHA1": 1
},
"SHA2": {
"SHA-2": 3,
"SHA2": 2
},
"SHA3": {
"SHA-3": 1,
"SHA3": 6,
"SHA3-224": 10,
"SHA3-256": 10,
"SHA3-384": 10,
"SHA3-512": 11
}
}
},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {
"PRNG": {
"DRBG": 75,
"PRNG": 1
},
"RNG": {
"RNG": 2
}
},
"side_channel_analysis": {
"SCA": {
"Timing Attacks": 1,
"timing attacks": 2
}
},
"standard_id": {
"FIPS": {
"FIPS 140-3": 28,
"FIPS 180-4": 1,
"FIPS 186-2": 2,
"FIPS 186-4": 12,
"FIPS 198-1": 2,
"FIPS 202": 1
},
"ISO": {
"ISO/IEC 24759": 2
},
"NIST": {
"SP 800-107": 1,
"SP 800-108": 1,
"SP 800-131A": 1,
"SP 800-132": 3,
"SP 800-133": 8,
"SP 800-135": 6,
"SP 800-38A": 1,
"SP 800-38B": 1,
"SP 800-38C": 1,
"SP 800-38D": 2,
"SP 800-38E": 1,
"SP 800-38F": 1,
"SP 800-52": 1,
"SP 800-56A": 10,
"SP 800-56B": 4,
"SP 800-56C": 3,
"SP 800-57": 7,
"SP 800-90A": 4,
"SP 800-90B": 10
},
"PKCS": {
"PKCS #1": 5
},
"RFC": {
"RFC 2246": 1,
"RFC 5246": 2,
"RFC 5288": 2,
"RFC 7627": 1,
"RFC 8446": 1
}
},
"symmetric_crypto": {
"AES_competition": {
"AES": {
"AES": 50,
"AES-128": 3,
"AES-192": 3,
"AES-256": 4
},
"CAST": {
"CAST": 6
}
},
"DES": {
"3DES": {
"3DES": 1,
"TDEA": 1,
"Triple-DES": 2
},
"DES": {
"DES": 5
}
},
"constructions": {
"MAC": {
"CBC-MAC": 1,
"CMAC": 6,
"HMAC": 36
}
}
},
"tee_name": {
"AMD": {
"PSP": 6
}
},
"tls_cipher_suite": {},
"vendor": {
"Microsoft": {
"Microsoft": 15
}
},
"vulnerability": {}
},
"policy_metadata": {
"/Author": "Dell Australia Pty Limited",
"/CreationDate": "D:20100527131853Z",
"/Creator": "FrameMaker 17.0.5",
"/Keywords": "BSAFE Crypto Module for C, BSAFE, fips, security policy, level 1",
"/ModDate": "D:20250213070646+10\u002700\u0027",
"/Producer": "Adobe PDF Library 17.0",
"/Title": "Dell BSAFE\u2122 Crypto Module for C 3.0.1 Security Policy",
"/Trapped": "/False",
"pdf_file_size_bytes": 464808,
"pdf_hyperlinks": {
"_type": "Set",
"elements": [
"http://csrc.nist.gov/index.html",
"https://www.rambus.com/timing-attacks-on-implementations-of-diffie-hellman-rsa-dss-and-other-systems/",
"http://archiv.infsec.ethz.ch/education/fs08/secsem/bleichenbacher98.pdf",
"https://link.springer.com/content/pdf/10.1007/s001450010016.pdf",
"https://www.dell.com/support",
"https://csrc.nist.gov/projects/cryptographic-module-validation-program/validated-modules/search/all",
"http://csrc.nist.gov/publications/nistpubs/800-132/nist-sp800-132.pdf",
"https://ink.library.smu.edu.sg/sis_research/3723/",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-57pt1r5.pdf",
"https://csrc.nist.gov/publications/detail/sp/800-56a/rev-3/final"
]
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 53
}
},
"state": {
"_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
"module_download_ok": true,
"module_extract_ok": true,
"policy_convert_ok": true,
"policy_download_ok": true,
"policy_extract_ok": true,
"policy_json_hash": null,
"policy_pdf_hash": "45564fd548f04a3e903b5d4bae5c1c10cff2efd24acc2401b2eee70405c3963d",
"policy_txt_hash": "c7154bb37e1ca3a9646265e49f118670bbf6b349d2e640d186a860dc4daee491"
},
"web_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
"caveat": "Interim validation. When operated in approved mode. When installed, initialized and configured as specified in Section 11 of the Security Policy",
"certificate_pdf_url": null,
"date_sunset": "2027-02-18",
"description": "Dell BSAFE\u2122 Crypto Module for C software library is designed for developers to incorporate FIPS 140-3 approved cryptography into C-based products. BSAFE\u2122 Crypto Module security software helps protect sensitive data as it is stored, using strong encryption techniques that ease integration with existing data models. Using the capabilities of BSAFE\u2122 Crypto Module software in applications helps provide a persistent level of protection for data, lessening the risk of internal, as well as external, compromise.",
"embodiment": "Multi-Chip Stand Alone",
"exceptions": [
"Physical security: N/A",
"Non-invasive security: N/A"
],
"fw_versions": null,
"historical_reason": null,
"hw_versions": null,
"level": 1,
"mentioned_certs": {},
"module_name": "Dell BSAFE\u2122 Crypto Module for C",
"module_type": "Software",
"revoked_link": null,
"revoked_reason": null,
"standard": "FIPS 140-3",
"status": "active",
"sw_versions": "3.0.1",
"tested_conf": [
"Dell PowerMaxOS 10 running on a PowerMax storage array compute node with an Intel Xeon Gold 5218 with PAA",
"Dell PowerMaxOS 10 running on a PowerMax storage array compute node with an Intel Xeon Gold 5218 without PAA",
"Dell PowerMaxOS 10 running on a PowerMax storage array compute node with an Intel Xeon Gold 6240L with PAA",
"Dell PowerMaxOS 10 running on a PowerMax storage array compute node with an Intel Xeon Gold 6240L without PAA",
"Dell PowerMaxOS 10 running on a PowerMax storage array compute node with an Intel Xeon Gold 6254 with PAA",
"Dell PowerMaxOS 10 running on a PowerMax storage array compute node with an Intel Xeon Gold 6254 without PAA",
"Dell PowerMaxOS 10 running on a PowerMax storage array compute node with an Intel Xeon Platinum 8280L with PAA",
"Dell PowerMaxOS 10 running on a PowerMax storage array compute node with an Intel Xeon Platinum 8280L without PAA",
"Microsoft Windows 10 Enterprise x86_64 (64-bit) (VS2017) on VMware ESXi 6.7.0 running on a Dell PowerEdge R640 with an Intel Xeon Gold 6136 with PAA",
"Microsoft Windows 10 Enterprise x86_64 (64-bit) (VS2017) on VMware ESXi 6.7.0 running on a Dell PowerEdge R640 with an Intel Xeon Gold 6136 without PAA",
"Microsoft Windows 10 Enterprise x86_64 (64-bit) (VS2019) on VMware ESXi 6.7.0 running on a Dell PowerEdge R640 with an Intel Xeon Gold 6136 with PAA",
"Microsoft Windows 10 Enterprise x86_64 (64-bit) (VS2019) on VMware ESXi 6.7.0 running on a Dell PowerEdge R640 with an Intel Xeon Gold 6136 without PAA",
"Microsoft Windows 11 on VMware ESXi 7.0.2 running on a Dell PowerEdge R630 with an Intel Xeon E5-2620 v4 with PAA",
"Microsoft Windows 11 on VMware ESXi 7.0.2 running on a Dell PowerEdge R630 with an Intel Xeon E5-2620 v4 without PAA",
"Microsoft Windows Server 2019 x86_64 (64-bit) (VS2017) on VMware ESXi 6.7.0 running on a Dell PowerEdge R640 with an Intel Xeon Gold 6246 with PAA",
"Microsoft Windows Server 2019 x86_64 (64-bit) (VS2017) on VMware ESXi 6.7.0 running on a Dell PowerEdge R640 with an Intel Xeon Gold 6246 without PAA",
"Microsoft Windows Server 2019 x86_64 (64-bit) (VS2017) on VMware ESXi 6.7.0 running on a Dell PowerEdge R7425 with an AMD EPYC 7451 with PAA",
"Microsoft Windows Server 2019 x86_64 (64-bit) (VS2017) on VMware ESXi 6.7.0 running on a Dell PowerEdge R7425 with an AMD EPYC 7451 without PAA",
"Microsoft Windows Server 2019 x86_64 (64-bit) (VS2019) on VMware ESXi 6.7.0 running on a Dell PowerEdge R640 with an Intel Xeon Gold 6246 with PAA",
"Microsoft Windows Server 2019 x86_64 (64-bit) (VS2019) on VMware ESXi 6.7.0 running on a Dell PowerEdge R640 with an Intel Xeon Gold 6246 without PAA",
"Microsoft Windows Server 2019 x86_64 (64-bit) (VS2019) on VMware ESXi 6.7.0 running on a Dell PowerEdge R7425 with an AMD EPYC 7451 with PAA",
"Microsoft Windows Server 2019 x86_64 (64-bit) (VS2019) on VMware ESXi 6.7.0 running on a Dell PowerEdge R7425 with an AMD EPYC 7451 without PAA",
"Red Hat Enterprise Linux 7.9 x86 (32-bit) on VMware ESXi 6.7.0 running on a Dell PowerEdge R640 with an Intel Xeon Gold 6136 with PAA",
"Red Hat Enterprise Linux 7.9 x86 (32-bit) on VMware ESXi 6.7.0 running on a Dell PowerEdge R640 with an Intel Xeon Gold 6136 without PAA",
"Red Hat Enterprise Linux 7.9 x86_64 (64-bit) on VMware ESXi 6.7.0 running on a Dell PowerEdge R640 with an Intel Xeon Gold 6136 with PAA",
"Red Hat Enterprise Linux 7.9 x86_64 (64-bit) on VMware ESXi 6.7.0 running on a Dell PowerEdge R640 with an Intel Xeon Gold 6136 without PAA",
"Red Hat Enterprise Linux 8.5 x86 (32-bit) on VMware ESXi 6.7.0 running on a Dell PowerEdge R640 with an Intel Xeon Gold 6136 with PAA",
"Red Hat Enterprise Linux 8.5 x86 (32-bit) on VMware ESXi 6.7.0 running on a Dell PowerEdge R640 with an Intel Xeon Gold 6136 without PAA",
"Red Hat Enterprise Linux 8.5 x86_64 (64-bit) on VMware ESXi 6.7.0 running on a Dell PowerEdge R640 with an Intel Xeon Gold 6136 with PAA",
"Red Hat Enterprise Linux 8.5 x86_64 (64-bit) on VMware ESXi 6.7.0 running on a Dell PowerEdge R640 with an Intel Xeon Gold 6136 without PAA",
"SUSE Linux Enterprise Server 12 SP5 x86 (32-bit) on VMware ESXi 6.7.0 running on a Dell PowerEdge R640 with an Intel Xeon Gold 6136 with PAA",
"SUSE Linux Enterprise Server 12 SP5 x86 (32-bit) on VMware ESXi 6.7.0 running on a Dell PowerEdge R640 with an Intel Xeon Gold 6136 without PAA",
"SUSE Linux Enterprise Server 12 SP5 x86_64 (64-bit) on VMware ESXi 6.7.0 running on a Dell PowerEdge R640 with an Intel Xeon Gold 6136 with PAA",
"SUSE Linux Enterprise Server 12 SP5 x86_64 (64-bit) on VMware ESXi 6.7.0 running on a Dell PowerEdge R640 with an Intel Xeon Gold 6136 without PAA",
"SUSE Linux Enterprise Server 15 SP3 x86 (32-bit) on VMware ESXi 6.7.0 running on a Dell PowerEdge R640 with an Intel Xeon Gold 6246 with PAA",
"SUSE Linux Enterprise Server 15 SP3 x86 (32-bit) on VMware ESXi 6.7.0 running on a Dell PowerEdge R640 with an Intel Xeon Gold 6246 without PAA",
"SUSE Linux Enterprise Server 15 SP3 x86_64 (64-bit) on VMware ESXi 6.7.0 running on a Dell PowerEdge R640 with an Intel Xeon Gold 6246 with PAA",
"SUSE Linux Enterprise Server 15 SP3 x86_64 (64-bit) on VMware ESXi 6.7.0 running on a Dell PowerEdge R640 with an Intel Xeon Gold 6246 without PAA",
"SUSE Linux Enterprise Server 15 SP3 x86_64 (64-bit) on VMware ESXi 6.7.0 running on a Dell PowerEdge R7425 with an AMD EPYC 7451 with PAA",
"SUSE Linux Enterprise Server 15 SP3 x86_64 (64-bit) on VMware ESXi 6.7.0 running on a Dell PowerEdge R7425 with an AMD EPYC 7451 without PAA"
],
"validation_history": [
{
"_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
"date": "2025-02-19",
"lab": "Leidos Accredited Testing \u0026 Evaluation (AT\u0026E) Lab",
"validation_type": "Initial"
}
],
"vendor": "Dell Australia Pty Limited, BSAFE Product Team",
"vendor_url": "http://www.dell.com "
}
}