HP UX Kernel Cryptographic Module (KCM) manual Overview, Supported configuration

1 Overview

The HP-UX Kernel Cryptographic Module ( HP-UX KCM ) is a common cryptographic library in HP-UX Kernel. It is a library of core cryptographic algorithms, which are used by HP-UX Kernel products.

HP-UX KCM implements FIPS 140-2 compliant algorithms for commonly used cryptographic operations such as data encryption/decryption, sign/verify, digest, HMAC, and random number generation.

HP-UX KCM is available in HP-UX Kernel as a dynamically loadable library with well-defined interfaces to invoke the crypto functions. This helps to bring modularity and standardization in the usage of crypto algorithms across the HP-UX Kernel products. HP-UX KCM is available on HP Integrity platform running HP-UX 11iv3.

HP-UX KCM is undergoing FIPS 140-2 Level 1 validation and is currently in NIST Review Pending state.

The interfaces supported by the library follows RSA Security Inc. PKCS#11 V.2.20 specification.

For more information on PKCS, see PKCS #11 v2.20: Cryptographic Token Interface Standard document.

NOTE: This link will take you outside the Hewlett-Packard (HP) Web site. HP does not control and is not responsible for information outside of HP.com.

Supported configuration

The supported configuration for HPUX-KCM is HP-UX 11i v3 for HP Integrity Servers.

Features provided in this release

This section discusses the new features available in the HP-UX KCM version 1.0.

The table below lists the FIPS 140-2 compliant algorithms, key lengths, modes, and operations implemented by HP-UX KCM 1.0.

HP-UX KCM also implements the following algorithms, which are required for supportability purposes even though they are not FIPS 140-2 compliant.

4Overview