Dell BSAFE™ Crypto Module for C 3.0 Release Advisory

Initially announced on December 7th, 2022

Announcement

Dell BSAFE Crypto Module for C is the latest software development kit (SDK) for C developer, from the BSAFE product family, that enable the use of FIPS 140-validated cryptography in the products they develop.

The following describes the major changes from the previous version:

• The cryptographic algorithm self test (CAST), previously run for all FIPS 140-3 approved algorithms when the module is loaded, is now run for each algorithm on first use only.
• Support added for Elliptic Curve (EC) key generation, key validation, ECDH key exchange and ECDSA signing and verification.
• Support added for Diffie-Hellman (DH) key generation, key validation and key exchange.
  • Support includes standard FFHDE and MODP named DH parameters, in accordance with RFC 7919, RFC 3526 and RFC 7296.
• Support added for DSA key generation and validation, and DSA signing and verification.
• Support added for DSA parameter generation
• Support added for the following AES cipher modes:
  • AES CFB 64 bit mode, added as a non-FIPS compliant algorithm.
  • AES CBC-CS3 Ciphertext Stealing padding mode, added as a FIPS 140-3 validated mode.
  • AES CFB 128 bit mode, added as FIPS 140-3 validated algorithm.
  • AES OFB 128 bit mode, added as FIPS 140-3 validated algorithm.
• Support added for SHA-3 digests.
• Support added for the variable length digest algorithms SHAKE-128 and SHAKE-256.
• HMAC support is extended to allow HMAC with SHA2-224, SHA2-512/224 and SHA2-512/256, as well as all SHA3 forms.
• Support added for the CMAC with AES and GMAC with AES algorithm.
• Support added for the following key derivation functions:
  • HMAC-Based Extract-and-Expand Key Derivation Function (HKDF)
  • One-Step KDF KDF as defined by SP 800-56C Rev. 1
  • SSH KDF as defined by SP 800-135 Rev.1
  • TLS Pseudo Random Function (PRF) KDF, for both TLS v1.0/v1.1 and TLS v1.2
  • X9.63 KDF as described in ANSI X9.63.
• Support added for multiple Digest and MAC update/final calls.
• Provision of an identifier, BCM_ALG_DRBG_DEFAULT, to point to the system default DRBG algorithm.
• Support added for wrapping and unwrapping keys using asymmetric RSA keys with either PKCS #1 or OAEP padding.
• Support added for wrapping and unwrapping content encryption keys using CMS PasswordRecipientInfo format as defined by RFC 3211.
• Support added for importing and exporting PublicKeyInfo and PrivateKeyInfo formated RSA keys.
• Support added for Cryptographic plug-ins, to enable the use of new algorithms via a plugin architecture.

The following describes the changes from the previous version:

• HMAC APIs added to support SHA2-224, SHA2-512/224 and SHA2-512/256 FIPS 140-3 validated algorithms.
• Export of sensitive key data from the module in plaintext is restricted to keys marked as exportable
• BCM_verify_RSA_PSS() updated to verify the PSS salt length. For more details, see the Migration Guide section of the Dell BSAFE Crypto Module for C Developers Guide.
• The default format for importing and exporting RSA keys has changed from PKCS #1 to PublicKeyInfo and PrivateKeyInfo.

BSAFE Crypto Module for C, version 3.0, has been submitted for FIPS 140-3 validation in December 2022. To view the current status of the submission, see FIPS 140 status of BSAFE cryptographic modules

For more information and downloads, see How To Request a Dell BSAFE product download