This page describes the algorithms supported by Fortanix-Data-Security-Manager (DSM) in strict FIPS 140-2 Level 3 mode.
For more information on Fortanix DSM cryptographic policies, refer to User's Guide: Cryptographic Policy.
Crypto | Primitive Type | Algorithm | Mode/Method | Key Size/Curve | Import/export key format (Private/Public) | Use |
---|---|---|---|---|---|---|
Symmetric | Block cipher | AES | ECB, CBC, CBC (no padding), CFB, CTR, GCM, CCM, OFB, KW, KWP, FF1, CMAC | 128, 192, or 256 bits | raw | Data Encryption/Decryption, Key, Wrapping/Unwrapping, MAC, Key Generation, Key Derivation, and Tokenization |
Cryptographic hash functions | SHA-2 | SHA-224, SHA-256, SHA-384, SHA-512 | HMAC key length: between 112 and 8192 bits | (HMAC) raw | Message Digest, MAC, Key Generation | |
SHA-3 | SHA3-224, SHA3-256, SHA3-384, SHA3-512 |
|
| Message Digest and Key Generation | ||
Asymmetric | Elliptic Curve | ECDSA | standard¹ | NIST P-224, NIST P-256, NIST P-384, NIST P-521 | PKCS#8 DER/SubjectPublicKeyInfo DER (RFC5480/RFC5915) | Digital Signature sign/verify and Key Generation |
RSA | RSA | PKCS#1 v1.5⁵, OAEP⁶, PSS⁶ | Between 2048 and 8192 bits | PKCS#8 DER/SubjectPublicKeyInfo DER (RFC5208/RFC5280) |
¹ - With hash algorithms: SHA-1, RIPEMD-160, SHA-224, SHA-256, SHA-384, SHA-512, SHA3-224, SHA3-256, SHA3-384, SHA3-512, Blake2b* (256, 384, 512), Blake2s-256*
⁵ - With hash algorithms (sign/verify): SHA-1, RIPEMD-160, SHA-224, SHA-256, SHA-384, SHA-512, SSL3*
⁶ - Supported mask generation functions: MGF1 with SHA-1, RIPEMD-160, SHA-224, SHA-256, SHA-384, SHA-512. The MGF hash function must be the same as the data hash function..
* - Hash algorithms not listed as a supported “Cryptographic hash function” on this page can only be used in signature generation/verification with prehashed data.
Additional restrictions in FIPS mode are as follows:
Item | Restrictions |
AES |
|
ECDSA |
|
RSA |
|
Sign and Verify Operations |
|
HMAC |
|