Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
ON THIS PAGE
 

Juniper OpenSSL Cryptographic Module Overview

Junos OS Evolved OpenSSL Cryptographic Module version 3.0 provides cryptographic primitive APIs for Junos OS Evolved user space. This module provides cryptographic services to applications that runs in the user space of Junos OS Evolved through C language Application Program Interface (API).

Cryptographic Boundary

The Cryptographic Logical Boundary for OpenSSL consists of all shared libraries and integrity check files used to perform integrity tests.

Supported Cryptographic Algorithms

You must use FIPS approved cryptographic algorithms in FIPS mode. Table 1 lists the approved cryptographic algorithms that you can use in FIPS mode.

Table 1: Cryptographic Algorithms

Cipher

Shared Secret/Diffie Hellman Key Generation

MAC

Keys

KDF

AES-128-CTR

ecdh-sha2-nistp256 (NIST P-256 ECDH)

hmac-sha2-256

RSA (2048 bit key sizes)

SSHKDF

AES-192-CTR

ecdh-sha2-nistp384 (NIST P-384 ECDH)

hmac-sha2-512

ECDSA P-256

AES-256-CTR

ecdh-sha2-nistp521 (NIST P-521 ECDH)

ECDSA P-384

dh-group14-sha1

ECDSA P-521

.