The SPARC T4 and SPARC T5 processors on the Oracle SPARC T-Series servers provide cryptographic acceleration in the hardware, as do Intel AES-NI processors. The Cryptographic Framework was awarded FIPS 140 certificates for its use on SPARC T4 and SPARC T5 processors. OpenSSL was tested on SPARC T3 and Intel AES-NI processors for its FIPS 140 validation, but its validated version does not include inline instructions to the hardware.
For best performance, consumers of FIPS 140 providers should use hardware-accelerated cryptography where possible. However, because the OpenSSL module in FIPS 140 mode does not include inline instructions to the hardware, you should configure the Apache Web Server to use the PKCS #11 library. SSH uses the OpenSSL builtin engine and cannot be so configured. For more information, see Cryptographic Optimizations in SPARC T-4 Systems in Managing Encryption and Certificates in Oracle Solaris 11.2 . For an example, see Example of Enabling Two Applications in FIPS 140 Mode on an Oracle Solaris System.