Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

Cryptographic Algorithm Validation Program

Description
The Bouncy Castle FIPS Java API is a comprehensive suite of FIPS Approved algorithms implemented in pure Java. All key sizes and modes have been implemented to allow flexibility and efficiency, and additional algorithms are available in non-approved operation as well.
Version
1.0.0
Type
SOFTWARE
Vendor
Legion of the Bouncy Castle Inc.
85 The Crescent
Ascot Vale, Victoria 3032
Australia
Contacts
David Hook
dgh@bouncycastle.org
+61438170390
Jon Eaves
jon@bouncycastle.org
+61417502969

Validations

Number
Date
Operating Environments
Algorithm Capabilities
Component 705
12/18/2015
  • Java SE Runtime Env 7 on Solaris 11 on vSphere 6 on Intel Xeon E5 v3
  • Java SE Runtime Env 8 on Centos 6.4 on vSphere 6 on Intel Xeon E5 v3
  • Ubuntu 14.04 LTS on VMWare ESXi 6.0 on Intel Xeon E5-2697 V3
  • ECDSA SigGen (186-4)
    • Component
      • Capabilities:
        • Curve: B-233, B-283, B-409, B-571, K-233, K-283, K-409, K-571, P-224, P-256, P-384, P-521
        • Hash Algorithm: SHA-1, SHA2-224, SHA2-256, SHA2-384, SHA2-512
    Prerequisites:
DSA 1043
12/18/2015
  • Java SE Runtime Env 7 on Solaris 11 on vSphere 6 on Intel Xeon E5 v3
  • Java SE Runtime Env 8 on Centos 6.4 on vSphere 6 on Intel Xeon E5 v3
  • Ubuntu 14.04 LTS on VMWare ESXi 6.0 on Intel Xeon E5-2697 V3
  • DSA KeyGen (186-4)
      • Capabilities:
        • L: 2048
        • N: 224
      • Capabilities:
        • L: 2048
        • N: 256
      • Capabilities:
        • L: 3072
        • N: 256
    Prerequisites:
  • DSA PQGGen (186-4)
      • Capabilities:
        • L: 2048
        • N: 224
        • Hash Algorithm: SHA2-224, SHA2-256, SHA2-384, SHA2-512
      • Capabilities:
        • L: 2048
        • N: 256
        • Hash Algorithm: SHA2-256, SHA2-384, SHA2-512
      • Capabilities:
        • L: 3072
        • N: 256
        • Hash Algorithm: SHA2-256, SHA2-384, SHA2-512
    Prerequisites:
  • DSA PQGVer (186-4)
      • Capabilities:
        • L: 1024
        • N: 160
        • Hash Algorithm: SHA-1, SHA2-224, SHA2-256, SHA2-384, SHA2-512
      • Capabilities:
        • L: 2048
        • N: 224
        • Hash Algorithm: SHA2-224, SHA2-256, SHA2-384, SHA2-512
      • Capabilities:
        • L: 2048
        • N: 256
        • Hash Algorithm: SHA2-256, SHA2-384, SHA2-512
      • Capabilities:
        • L: 3072
        • N: 256
        • Hash Algorithm: SHA2-256, SHA2-384, SHA2-512
    Prerequisites:
  • DSA SigGen (186-4)
      • Capabilities:
        • L: 2048
        • N: 224
        • Hash Algorithm: SHA-1, SHA2-224, SHA2-256, SHA2-384, SHA2-512
      • Capabilities:
        • L: 2048
        • N: 256
        • Hash Algorithm: SHA-1, SHA2-224, SHA2-256, SHA2-384, SHA2-512
      • Capabilities:
        • L: 3072
        • N: 256
        • Hash Algorithm: SHA-1, SHA2-224, SHA2-256, SHA2-384, SHA2-512
    Prerequisites:
  • DSA SigVer (186-4)
      • Capabilities:
        • L: 1024
        • N: 160
        • Hash Algorithm: SHA-1, SHA2-224, SHA2-256, SHA2-384, SHA2-512
      • Capabilities:
        • L: 2048
        • N: 224
        • Hash Algorithm: SHA-1, SHA2-224, SHA2-256, SHA2-384, SHA2-512
      • Capabilities:
        • L: 2048
        • N: 256
        • Hash Algorithm: SHA-1, SHA2-224, SHA2-256, SHA2-384, SHA2-512
      • Capabilities:
        • L: 3072
        • N: 256
        • Hash Algorithm: SHA-1, SHA2-224, SHA2-256, SHA2-384, SHA2-512
    Prerequisites:
Component 704
12/18/2015
  • Java SE Runtime Env 7 on Solaris 11 on vSphere 6 on Intel Xeon E5 v3
  • Java SE Runtime Env 8 on Centos 6.4 on vSphere 6 on Intel Xeon E5 v3
  • Ubuntu 14.04 LTS on VMWare ESXi 6.0 on Intel Xeon E5-2697 V3
  • KDF ANS 9.63
    • Hash Algorithm: SHA2-224, SHA2-256, SHA2-384, SHA2-512
    Prerequisites:
  • KDF IKEv2
      • Capabilities:
        • Responder Nonce Length: 160-8192
        • Diffie-Hellman Shared Secret Length: 224
        • Hash Algorithm: SHA-1, SHA2-224, SHA2-256, SHA2-384, SHA2-512
      • Capabilities:
        • Responder Nonce Length: 160-8192
        • Diffie-Hellman Shared Secret Length: 8192
        • Hash Algorithm: SHA-1, SHA2-224, SHA2-256, SHA2-384, SHA2-512
      • Capabilities:
        • Responder Nonce Length: 160-8192
        • Diffie-Hellman Shared Secret Length: 384
        • Hash Algorithm: SHA-1, SHA2-224, SHA2-256, SHA2-384, SHA2-512
    Prerequisites:
  • KDF SRTP
    • AES Key Length: 128, 192, 256
    Prerequisites:
  • KDF SSH
    • Hash Algorithm: SHA-1, SHA2-224, SHA2-256, SHA2-384, SHA2-512
    Prerequisites:
  • KDF TLS
    • TLS Version: v1.0/1.1, v1.2
    • Hash Algorithm: SHA2-256, SHA2-384, SHA2-512
    Prerequisites:
Component 706
12/18/2015
  • Java SE Runtime Env 7 on Solaris 11 on vSphere 6 on Intel Xeon E5 v3
  • Java SE Runtime Env 8 on Centos 6.4 on vSphere 6 on Intel Xeon E5 v3
  • Ubuntu 14.04 LTS on VMWare ESXi 6.0 on Intel Xeon E5-2697 V3
HMAC 2458
12/18/2015
  • Java SE Runtime Env 7 on Solaris 11 on vSphere 6 on Intel Xeon E5 v3
  • Java SE Runtime Env 8 on Centos 6.4 on vSphere 6 on Intel Xeon E5 v3
  • Ubuntu 14.04 LTS on VMWare ESXi 6.0 on Intel Xeon E5-2697 V3
SHA-3 3
4/1/2016
  • Java SE Runtime Env 7 on Solaris 11 on vSphere 6 on Intel Xeon E5 v3
  • Java SE Runtime Env 8 on Centos 6.4 on vSphere 6 on Intel Xeon E5 v3
  • Ubuntu 14.04 LTS on VMWare ESXi 6.0 on Intel Xeon E5-2697 V3
KDF 78
1/15/2016
  • Java SE Runtime Env 7 on Solaris 11 on vSphere 6 on Intel Xeon E5 v3
  • Java SE Runtime Env 8 on Centos 6.4 on vSphere 6 on Intel Xeon E5 v3
  • Ubuntu 14.04 LTS on VMWare ESXi 6.0 on Intel Xeon E5-2697 V3
  • KDF SP800-108
      • Capabilities:
        • KDF Mode: Counter
        • SPs used to generate K: SP 800-56A, SP 800-56B, SP 800-90A
        • MAC Mode: CMAC-AES128, CMAC-AES192, CMAC-AES256, CMAC-TDES, HMAC-SHA-1, HMAC-SHA2-224, HMAC-SHA2-256, HMAC-SHA2-384, HMAC-SHA2-512
        • Fixed Data Order: After Fixed Data, Before Fixed Data, In the Middle of Fixed Data
        • Counter Length: 8, 16, 24, 32
      • Capabilities:
        • KDF Mode: Feedback
        • SPs used to generate K: SP 800-56A, SP 800-56B, SP 800-90A
        • MAC Mode: CMAC-AES128, CMAC-AES192, CMAC-AES256, CMAC-TDES, HMAC-SHA-1, HMAC-SHA2-224, HMAC-SHA2-256, HMAC-SHA2-384, HMAC-SHA2-512
        • Fixed Data Order: After Fixed Data, Before Fixed Data, Before Iteration Data
        • Counter Length: 8, 16, 24, 32
        • Supports Empty IV
      • Capabilities:
        • KDF Mode: Double Pipeline Iteration
        • SPs used to generate K: SP 800-56A, SP 800-56B, SP 800-90A
        • MAC Mode: CMAC-AES128, CMAC-AES192, CMAC-AES256, CMAC-TDES, HMAC-SHA-1, HMAC-SHA2-224, HMAC-SHA2-256, HMAC-SHA2-384, HMAC-SHA2-512
        • Fixed Data Order: After Fixed Data, Before Fixed Data, Before Iteration Data
        • Counter Length: 8, 16, 24, 32
    Prerequisites:
RSA 1932
12/18/2015
  • Java SE Runtime Env 7 on Solaris 11 on vSphere 6 on Intel Xeon E5 v3
  • Java SE Runtime Env 8 on Centos 6.4 on vSphere 6 on Intel Xeon E5 v3
  • Ubuntu 14.04 LTS on VMWare ESXi 6.0 on Intel Xeon E5-2697 V3
  • RSA KeyGen (186-4)
      • Capabilities:
        • Key Generation Mode: B.3.3
          • Properties:
            • Modulo: 2048
            • Primality Tests: C.3
          • Properties:
            • Modulo: 3072
            • Primality Tests: C.3
    • Public Exponent Mode: Random
    Prerequisites:
  • RSA SigGen (186-4)
      • Capabilities:
        • Signature Type: ANSI X9.31
          • Properties:
            • Modulo: 2048
              • Hash Pair:
                • Hash Algorithm: SHA2-224
              • Hash Pair:
                • Hash Algorithm: SHA2-256
              • Hash Pair:
                • Hash Algorithm: SHA2-384
              • Hash Pair:
                • Hash Algorithm: SHA2-512
              • Hash Pair:
                • Hash Algorithm: SHA2-512/224
              • Hash Pair:
                • Hash Algorithm: SHA2-512/256 (0x40)
          • Properties:
            • Modulo: 3072
              • Hash Pair:
                • Hash Algorithm: SHA2-224
              • Hash Pair:
                • Hash Algorithm: SHA2-256
              • Hash Pair:
                • Hash Algorithm: SHA2-384
              • Hash Pair:
                • Hash Algorithm: SHA2-512
              • Hash Pair:
                • Hash Algorithm: SHA2-512/224
              • Hash Pair:
                • Hash Algorithm: SHA2-512/256 (0x40)
      • Capabilities:
        • Signature Type: PKCS 1.5
          • Properties:
            • Modulo: 2048
              • Hash Pair:
                • Hash Algorithm: SHA2-224
              • Hash Pair:
                • Hash Algorithm: SHA2-256
              • Hash Pair:
                • Hash Algorithm: SHA2-384
              • Hash Pair:
                • Hash Algorithm: SHA2-512
              • Hash Pair:
                • Hash Algorithm: SHA2-512/224
              • Hash Pair:
                • Hash Algorithm: SHA2-512/256
          • Properties:
            • Modulo: 3072
              • Hash Pair:
                • Hash Algorithm: SHA2-224
              • Hash Pair:
                • Hash Algorithm: SHA2-256
              • Hash Pair:
                • Hash Algorithm: SHA2-384
              • Hash Pair:
                • Hash Algorithm: SHA2-512
              • Hash Pair:
                • Hash Algorithm: SHA2-512/224
              • Hash Pair:
                • Hash Algorithm: SHA2-512/256
      • Capabilities:
        • Signature Type: PKCSPSS
          • Properties:
            • Modulo: 2048
              • Hash Pair:
                • Hash Algorithm: SHA2-224
                • Salt Length: 0
              • Hash Pair:
                • Hash Algorithm: SHA2-256
                • Salt Length: 0
              • Hash Pair:
                • Hash Algorithm: SHA2-384
                • Salt Length: 0
              • Hash Pair:
                • Hash Algorithm: SHA2-512
                • Salt Length: 0
              • Hash Pair:
                • Hash Algorithm: SHA2-512/224
                • Salt Length: 0
              • Hash Pair:
                • Hash Algorithm: SHA2-512/256
                • Salt Length: 0
          • Properties:
            • Modulo: 3072
              • Hash Pair:
                • Hash Algorithm: SHA2-224
                • Salt Length: 0
              • Hash Pair:
                • Hash Algorithm: SHA2-256
                • Salt Length: 0
              • Hash Pair:
                • Hash Algorithm: SHA2-384
                • Salt Length: 0
              • Hash Pair:
                • Hash Algorithm: SHA2-512
                • Salt Length: 0
              • Hash Pair:
                • Hash Algorithm: SHA2-512/224
              • Hash Pair:
                • Hash Algorithm: SHA2-512/256
    Prerequisites:
  • RSA SigVer (186-2)
      • Capabilities:
        • Signature Type: ANSI X9.31
          • Properties:
            • Modulo: 1024
              • Hash Pair:
                • Hash Algorithm: SHA-1
              • Hash Pair:
                • Hash Algorithm: SHA2-256
              • Hash Pair:
                • Hash Algorithm: SHA2-384
              • Hash Pair:
                • Hash Algorithm: SHA2-512
          • Properties:
            • Modulo: 1536
              • Hash Pair:
                • Hash Algorithm: SHA-1
              • Hash Pair:
                • Hash Algorithm: SHA2-256
              • Hash Pair:
                • Hash Algorithm: SHA2-384
              • Hash Pair:
                • Hash Algorithm: SHA2-512
          • Properties:
            • Modulo: 2048
              • Hash Pair:
                • Hash Algorithm: SHA-1
              • Hash Pair:
                • Hash Algorithm: SHA2-256
              • Hash Pair:
                • Hash Algorithm: SHA2-384
              • Hash Pair:
                • Hash Algorithm: SHA2-512
          • Properties:
            • Modulo: 3072
              • Hash Pair:
                • Hash Algorithm: SHA-1
              • Hash Pair:
                • Hash Algorithm: SHA2-256
              • Hash Pair:
                • Hash Algorithm: SHA2-384
              • Hash Pair:
                • Hash Algorithm: SHA2-512
          • Properties:
            • Modulo: 4096
              • Hash Pair:
                • Hash Algorithm: SHA-1
              • Hash Pair:
                • Hash Algorithm: SHA2-256
              • Hash Pair:
                • Hash Algorithm: SHA2-384
              • Hash Pair:
                • Hash Algorithm: SHA2-512
      • Capabilities:
        • Signature Type: PKCS 1.5
          • Properties:
            • Modulo: 1024
              • Hash Pair:
                • Hash Algorithm: SHA-1
              • Hash Pair:
                • Hash Algorithm: SHA2-224
              • Hash Pair:
                • Hash Algorithm: SHA2-256
              • Hash Pair:
                • Hash Algorithm: SHA2-384
              • Hash Pair:
                • Hash Algorithm: SHA2-512
          • Properties:
            • Modulo: 1536
              • Hash Pair:
                • Hash Algorithm: SHA-1
              • Hash Pair:
                • Hash Algorithm: SHA2-224
              • Hash Pair:
                • Hash Algorithm: SHA2-256
              • Hash Pair:
                • Hash Algorithm: SHA2-384
              • Hash Pair:
                • Hash Algorithm: SHA2-512
          • Properties:
            • Modulo: 2048
              • Hash Pair:
                • Hash Algorithm: SHA-1
              • Hash Pair:
                • Hash Algorithm: SHA2-224
              • Hash Pair:
                • Hash Algorithm: SHA2-256
              • Hash Pair:
                • Hash Algorithm: SHA2-384
              • Hash Pair:
                • Hash Algorithm: SHA2-512
          • Properties:
            • Modulo: 3072
              • Hash Pair:
                • Hash Algorithm: SHA-1
              • Hash Pair:
                • Hash Algorithm: SHA2-224
              • Hash Pair:
                • Hash Algorithm: SHA2-256
              • Hash Pair:
                • Hash Algorithm: SHA2-384
              • Hash Pair:
                • Hash Algorithm: SHA2-512
          • Properties:
            • Modulo: 4096
              • Hash Pair:
                • Hash Algorithm: SHA-1
              • Hash Pair:
                • Hash Algorithm: SHA2-224
              • Hash Pair:
                • Hash Algorithm: SHA2-256
              • Hash Pair:
                • Hash Algorithm: SHA2-384
              • Hash Pair:
                • Hash Algorithm: SHA2-512
      • Capabilities:
        • Signature Type: PKCSPSS
          • Properties:
            • Modulo: 1024
              • Hash Pair:
                • Hash Algorithm: SHA-1
              • Hash Pair:
                • Hash Algorithm: SHA2-224
              • Hash Pair:
                • Hash Algorithm: SHA2-256
              • Hash Pair:
                • Hash Algorithm: SHA2-384
              • Hash Pair:
                • Hash Algorithm: SHA2-512
          • Properties:
            • Modulo: 1536
              • Hash Pair:
                • Hash Algorithm: SHA-1
              • Hash Pair:
                • Hash Algorithm: SHA2-224
              • Hash Pair:
                • Hash Algorithm: SHA2-256
              • Hash Pair:
                • Hash Algorithm: SHA2-384
              • Hash Pair:
                • Hash Algorithm: SHA2-512
          • Properties:
            • Modulo: 2048
              • Hash Pair:
                • Hash Algorithm: SHA-1
              • Hash Pair:
                • Hash Algorithm: SHA2-224
              • Hash Pair:
                • Hash Algorithm: SHA2-256
              • Hash Pair:
                • Hash Algorithm: SHA2-384
              • Hash Pair:
                • Hash Algorithm: SHA2-512
          • Properties:
            • Modulo: 3072
              • Hash Pair:
                • Hash Algorithm: SHA-1
              • Hash Pair:
                • Hash Algorithm: SHA2-224
              • Hash Pair:
                • Hash Algorithm: SHA2-256
              • Hash Pair:
                • Hash Algorithm: SHA2-384
              • Hash Pair:
                • Hash Algorithm: SHA2-512
          • Properties:
            • Modulo: 4096
              • Hash Pair:
                • Hash Algorithm: SHA-1
              • Hash Pair:
                • Hash Algorithm: SHA2-224
              • Hash Pair:
                • Hash Algorithm: SHA2-256
              • Hash Pair:
                • Hash Algorithm: SHA2-384
              • Hash Pair:
                • Hash Algorithm: SHA2-512
    Prerequisites:
  • RSA SigVer (186-4)
      • Capabilities:
        • Signature Type: ANSI X9.31
          • Properties:
            • Modulo: 1024
              • Hash Pair:
                • Hash Algorithm: SHA-1
              • Hash Pair:
                • Hash Algorithm: SHA2-224
              • Hash Pair:
                • Hash Algorithm: SHA2-256
              • Hash Pair:
                • Hash Algorithm: SHA2-384
              • Hash Pair:
                • Hash Algorithm: SHA2-512
              • Hash Pair:
                • Hash Algorithm: SHA2-512/224
              • Hash Pair:
                • Hash Algorithm: SHA2-512/256 (0x40)
          • Properties:
            • Modulo: 2048
              • Hash Pair:
                • Hash Algorithm: SHA-1
              • Hash Pair:
                • Hash Algorithm: SHA2-224
              • Hash Pair:
                • Hash Algorithm: SHA2-256
              • Hash Pair:
                • Hash Algorithm: SHA2-384
              • Hash Pair:
                • Hash Algorithm: SHA2-512
              • Hash Pair:
                • Hash Algorithm: SHA2-512/224
              • Hash Pair:
                • Hash Algorithm: SHA2-512/256 (0x40)
          • Properties:
            • Modulo: 3072
              • Hash Pair:
                • Hash Algorithm: SHA-1
              • Hash Pair:
                • Hash Algorithm: SHA2-224
              • Hash Pair:
                • Hash Algorithm: SHA2-256
              • Hash Pair:
                • Hash Algorithm: SHA2-384
              • Hash Pair:
                • Hash Algorithm: SHA2-512
              • Hash Pair:
                • Hash Algorithm: SHA2-512/224
              • Hash Pair:
                • Hash Algorithm: SHA2-512/256 (0x40)
      • Capabilities:
        • Signature Type: PKCS 1.5
          • Properties:
            • Modulo: 1024
              • Hash Pair:
                • Hash Algorithm: SHA-1
              • Hash Pair:
                • Hash Algorithm: SHA2-224
              • Hash Pair:
                • Hash Algorithm: SHA2-256
              • Hash Pair:
                • Hash Algorithm: SHA2-384
              • Hash Pair:
                • Hash Algorithm: SHA2-512
              • Hash Pair:
                • Hash Algorithm: SHA2-512/224
              • Hash Pair:
                • Hash Algorithm: SHA2-512/256
          • Properties:
            • Modulo: 2048
              • Hash Pair:
                • Hash Algorithm: SHA-1
              • Hash Pair:
                • Hash Algorithm: SHA2-224
              • Hash Pair:
                • Hash Algorithm: SHA2-256
              • Hash Pair:
                • Hash Algorithm: SHA2-384
              • Hash Pair:
                • Hash Algorithm: SHA2-512
              • Hash Pair:
                • Hash Algorithm: SHA2-512/224
              • Hash Pair:
                • Hash Algorithm: SHA2-512/256
          • Properties:
            • Modulo: 3072
              • Hash Pair:
                • Hash Algorithm: SHA-1
              • Hash Pair:
                • Hash Algorithm: SHA2-224
              • Hash Pair:
                • Hash Algorithm: SHA2-256
              • Hash Pair:
                • Hash Algorithm: SHA2-384
              • Hash Pair:
                • Hash Algorithm: SHA2-512
              • Hash Pair:
                • Hash Algorithm: SHA2-512/224
              • Hash Pair:
                • Hash Algorithm: SHA2-512/256
      • Capabilities:
        • Signature Type: PKCSPSS
          • Properties:
            • Modulo: 1024
              • Hash Pair:
                • Hash Algorithm: SHA-1
                • Salt Length: 0
              • Hash Pair:
                • Hash Algorithm: SHA2-224
                • Salt Length: 0
              • Hash Pair:
                • Hash Algorithm: SHA2-256
                • Salt Length: 0
              • Hash Pair:
                • Hash Algorithm: SHA2-384
                • Salt Length: 0
              • Hash Pair:
                • Hash Algorithm: SHA2-512
                • Salt Length: 0
              • Hash Pair:
                • Hash Algorithm: SHA2-512/224
                • Salt Length: 0
              • Hash Pair:
                • Hash Algorithm: SHA2-512/256
                • Salt Length: 0
          • Properties:
            • Modulo: 2048
              • Hash Pair:
                • Hash Algorithm: SHA-1
                • Salt Length: 0
              • Hash Pair:
                • Hash Algorithm: SHA2-224
                • Salt Length: 0
              • Hash Pair:
                • Hash Algorithm: SHA2-256
                • Salt Length: 0
              • Hash Pair:
                • Hash Algorithm: SHA2-384
                • Salt Length: 0
              • Hash Pair:
                • Hash Algorithm: SHA2-512
                • Salt Length: 0
              • Hash Pair:
                • Hash Algorithm: SHA2-512/224
                • Salt Length: 0
              • Hash Pair:
                • Hash Algorithm: SHA2-512/256
                • Salt Length: 0
          • Properties:
            • Modulo: 3072
              • Hash Pair:
                • Hash Algorithm: SHA-1
                • Salt Length: 0
              • Hash Pair:
                • Hash Algorithm: SHA2-224
                • Salt Length: 0
              • Hash Pair:
                • Hash Algorithm: SHA2-256
                • Salt Length: 0
              • Hash Pair:
                • Hash Algorithm: SHA2-384
                • Salt Length: 0
              • Hash Pair:
                • Hash Algorithm: SHA2-512
                • Salt Length: 0
              • Hash Pair:
                • Hash Algorithm: SHA2-512/224
                • Salt Length: 0
              • Hash Pair:
                • Hash Algorithm: SHA2-512/256
                • Salt Length: 0
    Prerequisites:
TDES 2090
12/18/2015
  • Java SE Runtime Env 7 on Solaris 11 on vSphere 6 on Intel Xeon E5 v3
  • Java SE Runtime Env 8 on Centos 6.4 on vSphere 6 on Intel Xeon E5 v3
  • Ubuntu 14.04 LTS on VMWare ESXi 6.0 on Intel Xeon E5-2697 V3
  • TDES-CBC
    • Direction: Decrypt, Encrypt
    • Keying Option: 1
  • TDES-CFB64
    • Direction: Decrypt, Encrypt
    • Keying Option: 1
  • TDES-CFB8
    • Direction: Decrypt, Encrypt
    • Keying Option: 1
  • TDES-CMAC
      • Capabilities:
        • Direction: Generation
        • Keying Option: 1
        • MAC: 8-64
        • Message Length: 0-524288
        • Block Size: Full, Partial
      • Capabilities:
        • Direction: Verification
        • Keying Option: 1
        • MAC: 8-64
        • Message Length: 0-524288
        • Block Size: Full, Partial
  • TDES-CTR
    • Counter Source: External
  • TDES-ECB
    • Direction: Decrypt, Encrypt
    • Keying Option: 1
  • TDES-KW
    • Direction: Decrypt, Encrypt
    • Cipher: Cipher, Inverse
    • Payload Length: 64, 96, 256, 416, 4096
  • TDES-OFB
    • Direction: Decrypt, Encrypt
    • Keying Option: 1
DRBG 1031
12/18/2015
  • Java SE Runtime Env 7 on Solaris 11 on vSphere 6 on Intel Xeon E5 v3
  • Java SE Runtime Env 8 on Centos 6.4 on vSphere 6 on Intel Xeon E5 v3
  • Ubuntu 14.04 LTS on VMWare ESXi 6.0 on Intel Xeon E5-2697 V3
  • Counter DRBG
    • Prediction Resistance: Yes, No
      • Capabilities:
        • Mode: 3KeyTDEA
        • Derivation Function Enabled: Yes
      • Capabilities:
        • Mode: AES-128
        • Derivation Function Enabled: Yes
      • Capabilities:
        • Mode: AES-192
        • Derivation Function Enabled: Yes
      • Capabilities:
        • Mode: AES-256
        • Derivation Function Enabled: Yes
    Prerequisites:
  • Hash DRBG
    • Prediction Resistance: Yes, No
      • Capabilities:
        • Mode: SHA-1
      • Capabilities:
        • Mode: SHA2-224
      • Capabilities:
        • Mode: SHA2-256
      • Capabilities:
        • Mode: SHA2-384
      • Capabilities:
        • Mode: SHA2-512
      • Capabilities:
        • Mode: SHA2-512/224
      • Capabilities:
        • Mode: SHA2-512/256
    Prerequisites:
  • HMAC DRBG
    • Prediction Resistance: Yes, No
      • Capabilities:
        • Mode: SHA-1
      • Capabilities:
        • Mode: SHA2-224
      • Capabilities:
        • Mode: SHA2-256
      • Capabilities:
        • Mode: SHA2-384
      • Capabilities:
        • Mode: SHA2-512
      • Capabilities:
        • Mode: SHA2-512/224
      • Capabilities:
        • Mode: SHA2-512/256
    Prerequisites:
KAS 73
12/18/2015
  • Java SE Runtime Env 7 on Solaris 11 on vSphere 6 on Intel Xeon E5 v3
  • Java SE Runtime Env 8 on Centos 6.4 on vSphere 6 on Intel Xeon E5 v3
  • Ubuntu 14.04 LTS on VMWare ESXi 6.0 on Intel Xeon E5-2697 V3
  • KAS-ECC
    • Scheme:
      • Ephemeral Unified:
        • KAS Role: Initiator, Responder
        • KDF without Key Confirmation:
          • Parameter Set:
            • EB:
              • Hash Algorithm: SHA2-224
              • Curve: P-224
              • MAC Option:
                • AES-CCM:
              • EC:
                • Hash Algorithm: SHA2-256
                • Curve: P-256
                • MAC Option:
                  • AES-CCM:
                • ED:
                  • Hash Algorithm: SHA2-384
                  • Curve: P-384
                  • MAC Option:
                    • HMAC:
                  • EE:
                    • Hash Algorithm: SHA2-512
                    • Curve: P-521
                    • MAC Option:
                      • HMAC:
              • Full MQV:
                • KAS Role: Initiator, Responder
                • KDF with Key Confirmation:
                  • Key Confirmation Option:
                    • Key Confirmation Role: Provider, Responder
                    • Key Confirmation Type: Bilateral, Unilateral
                  • Parameter Set:
                    • EB:
                      • Hash Algorithm: SHA2-224
                      • Curve: P-224
                      • MAC Option:
                        • AES-CCM:
                      • EC:
                        • Hash Algorithm: SHA2-256
                        • Curve: P-256
                        • MAC Option:
                          • AES-CCM:
                        • ED:
                          • Hash Algorithm: SHA2-384
                          • Curve: P-384
                          • MAC Option:
                            • HMAC:
                          • EE:
                            • Hash Algorithm: SHA2-512
                            • Curve: P-521
                            • MAC Option:
                              • HMAC:
                      • One Pass DH:
                        • KAS Role: Initiator, Responder
                        • KDF with Key Confirmation:
                          • Key Confirmation Option:
                            • Parameter Set:
                              • EB:
                                • Hash Algorithm: SHA2-224
                                • Curve: P-224
                                • MAC Option:
                                  • AES-CCM:
                                • EC:
                                  • Hash Algorithm: SHA2-256
                                  • Curve: P-256
                                  • MAC Option:
                                    • AES-CCM:
                                  • ED:
                                    • Hash Algorithm: SHA2-384
                                    • Curve: P-384
                                    • MAC Option:
                                      • HMAC:
                                    • EE:
                                      • Hash Algorithm: SHA2-512
                                      • Curve: P-521
                                      • MAC Option:
                                        • HMAC:
                                • One Pass MQV:
                                  • KAS Role: Initiator, Responder
                                  • KDF with Key Confirmation:
                                    • Key Confirmation Option:
                                      • Key Confirmation Role: Provider, Responder
                                      • Key Confirmation Type: Bilateral, Unilateral
                                    • Parameter Set:
                                      • EB:
                                        • Hash Algorithm: SHA2-224
                                        • Curve: P-224
                                        • MAC Option:
                                          • AES-CCM:
                                        • EC:
                                          • Hash Algorithm: SHA2-256
                                          • Curve: P-256
                                          • MAC Option:
                                            • AES-CCM:
                                          • ED:
                                            • Hash Algorithm: SHA2-384
                                            • Curve: P-384
                                            • MAC Option:
                                              • HMAC:
                                            • EE:
                                              • Hash Algorithm: SHA2-512
                                              • Curve: P-521
                                              • MAC Option:
                                                • HMAC:
                                        • Static Unified:
                                          • KAS Role: Initiator, Responder
                                          • KDF with Key Confirmation:
                                            • Key Confirmation Option:
                                              • Key Confirmation Role: Provider, Responder
                                              • Key Confirmation Type: Bilateral, Unilateral
                                            • Parameter Set:
                                              • EB:
                                                • Hash Algorithm: SHA2-224
                                                • Curve: P-224
                                                • MAC Option:
                                                  • AES-CCM:
                                                • EC:
                                                  • Hash Algorithm: SHA2-256
                                                  • Curve: P-256
                                                  • MAC Option:
                                                    • AES-CCM:
                                                  • ED:
                                                    • Hash Algorithm: SHA2-384
                                                    • Curve: P-384
                                                    • MAC Option:
                                                      • HMAC:
                                                    • EE:
                                                      • Hash Algorithm: SHA2-512
                                                      • Curve: P-521
                                                      • MAC Option:
                                                        • HMAC:
                                              Prerequisites:
                                            • KAS-FFC
                                              • Function: Domain Parameter Generation, Domain Parameter Validation, Full Public Key Validation, Key Pair Generation
                                              • Scheme:
                                                • dhEphem:
                                                  • KAS Role: Initiator, Responder
                                                  • KDF without Key Confirmation:
                                                    • Parameter Set:
                                                      • FB:
                                                        • Hash Algorithm: SHA2-224, SHA2-256, SHA2-384, SHA2-512
                                                        • MAC Option:
                                                          • AES-CCM:
                                                        • FC:
                                                          • Hash Algorithm: SHA2-256, SHA2-384, SHA2-512
                                                          • MAC Option:
                                                            • AES-CCM:
                                                    • dhStatic:
                                                      • KAS Role: Initiator, Responder
                                                      • KDF with Key Confirmation:
                                                        • Key Confirmation Option:
                                                          • Key Confirmation Role: Provider, Responder
                                                          • Key Confirmation Type: Bilateral, Unilateral
                                                        • Parameter Set:
                                                          • FB:
                                                            • Hash Algorithm: SHA2-224, SHA2-256, SHA2-384, SHA2-512
                                                            • MAC Option:
                                                              • AES-CCM:
                                                            • FC:
                                                              • Hash Algorithm: SHA2-256, SHA2-384, SHA2-512
                                                              • MAC Option:
                                                                • AES-CCM:
                                                        • MQV1:
                                                          • KAS Role: Initiator, Responder
                                                          • KDF with Key Confirmation:
                                                            • Key Confirmation Option:
                                                              • Key Confirmation Role: Provider, Responder
                                                              • Key Confirmation Type: Bilateral, Unilateral
                                                            • Parameter Set:
                                                              • FB:
                                                                • Hash Algorithm: SHA2-224, SHA2-256, SHA2-384, SHA2-512
                                                                • MAC Option:
                                                                  • AES-CCM:
                                                                • FC:
                                                                  • Hash Algorithm: SHA2-256, SHA2-384, SHA2-512
                                                                  • MAC Option:
                                                                    • AES-CCM:
                                                            • MQV2:
                                                              • KAS Role: Initiator, Responder
                                                              • KDF with Key Confirmation:
                                                                • Key Confirmation Option:
                                                                  • Key Confirmation Role: Provider
                                                                  • Key Confirmation Type: Bilateral, Unilateral
                                                                • Parameter Set:
                                                                  • FB:
                                                                    • Hash Algorithm: SHA2-224, SHA2-256, SHA2-384, SHA2-512
                                                                    • MAC Option:
                                                                      • AES-CCM:
                                                                    • FC:
                                                                      • Hash Algorithm: SHA2-256, SHA2-384, SHA2-512
                                                                      • MAC Option:
                                                                        • AES-CCM:
                                                            SHS 3126
                                                            12/18/2015
                                                            • Java SE Runtime Env 7 on Solaris 11 on vSphere 6 on Intel Xeon E5 v3
                                                            • Java SE Runtime Env 8 on Centos 6.4 on vSphere 6 on Intel Xeon E5 v3
                                                            • Ubuntu 14.04 LTS on VMWare ESXi 6.0 on Intel Xeon E5-2697 V3
                                                            • SHA-1
                                                              • Message Length: 0-51200 Increment 8
                                                            • SHA-224
                                                              • Message Length: 0-51200 Increment 8
                                                            • SHA-256
                                                              • Message Length: 0-51200 Increment 8
                                                            • SHA-384
                                                              • Message Length: 0-102400 Increment 8
                                                            • SHA-512
                                                              • Message Length: 0-102400 Increment 8
                                                            • SHA-512/224
                                                              • Message Length: 0-102400 Increment 8
                                                            • SHA-512/256
                                                              • Message Length: 0-102400 Increment 8
                                                            ECDSA 804
                                                            12/18/2015
                                                            • Java SE Runtime Env 7 on Solaris 11 on vSphere 6 on Intel Xeon E5 v3
                                                            • Java SE Runtime Env 8 on Centos 6.4 on vSphere 6 on Intel Xeon E5 v3
                                                            • Ubuntu 14.04 LTS on VMWare ESXi 6.0 on Intel Xeon E5-2697 V3
                                                            • ECDSA KeyGen (186-4)
                                                              • Curve: B-233, B-283, B-409, B-571, K-233, K-283, K-409, K-571, P-224, P-256, P-384, P-521
                                                              • Secret Generation Mode: Testing Candidates
                                                              Prerequisites:
                                                            • ECDSA KeyVer (186-4)
                                                              • Curve: B-163, B-233, B-283, B-409, B-571, K-163, K-233, K-283, K-409, K-571, P-192, P-224, P-256, P-384, P-521
                                                            • ECDSA SigGen (186-4)
                                                                • Capabilities:
                                                                  • Curve: B-233, B-283, B-409, B-571, K-233, K-283, K-409, K-571, P-224, P-256, P-384, P-521
                                                                  • Hash Algorithm: SHA-1, SHA2-224, SHA2-256, SHA2-384, SHA2-512, SHA2-512/224, SHA2-512/256
                                                              Prerequisites:
                                                            • ECDSA SigVer (186-4)
                                                                • Capabilities:
                                                                  • Curve: B-163, B-233, B-283, B-409, B-571, K-163, K-233, K-283, K-409, K-571, P-192, P-224, P-256, P-384, P-521
                                                                  • Hash Algorithm: SHA-1, SHA2-224, SHA2-256, SHA2-384, SHA2-512, SHA2-512/224, SHA2-512/256
                                                              Prerequisites:
                                                            AES 3756
                                                            12/18/2015
                                                            • Java SE Runtime Env 7 on Solaris 11 on vSphere 6 on Intel Xeon E5 v3
                                                            • Java SE Runtime Env 8 on Centos 6.4 on vSphere 6 on Intel Xeon E5 v3
                                                            • Ubuntu 14.04 LTS on VMWare ESXi 6.0 on Intel Xeon E5-2697 V3
                                                            • AES-CBC
                                                              • Direction: Decrypt, Encrypt
                                                              • Key Length: 128, 192, 256
                                                            • AES-CCM
                                                              • Key Length: 128, 192, 256
                                                              • Tag Length: 32, 48, 64, 80, 96, 112, 128
                                                              • IV Length: 56, 64, 72, 80, 88, 96, 104
                                                              • Payload Length: 0-256
                                                              • AAD Length: 0-524288
                                                            • AES-CFB128
                                                              • Direction: Decrypt, Encrypt
                                                              • Key Length: 128, 192, 256
                                                            • AES-CFB8
                                                              • Direction: Decrypt, Encrypt
                                                              • Key Length: 128, 192, 256
                                                            • AES-CMAC
                                                                • Capabilities:
                                                                  • Direction: Generation, Verification
                                                                  • Key Length: 128, 192, 256
                                                                  • MAC: 8-128
                                                                  • Message Length: 0-524288
                                                                  • Block Size: Full, Partial
                                                            • AES-CTR
                                                              • Key Length: 128, 192, 256
                                                              • Counter Source: External
                                                            • AES-ECB
                                                              • Direction: Decrypt, Encrypt
                                                              • Key Length: 128, 192, 256
                                                            • AES-GCM
                                                              • Direction: Decrypt, Encrypt
                                                              • IV Generation: External
                                                              • Key Length: 128, 192, 256
                                                              • Tag Length: 32, 64, 96, 104, 112, 120, 128
                                                              • IV Length: 96
                                                              • Payload Length: 128, 136, 256, 272
                                                              • AAD Length: 0, 128, 136, 272, 384
                                                            • AES-GMAC
                                                              • Direction: Decrypt, Encrypt
                                                              • IV Generation: External
                                                              • Key Length: 128, 192, 256
                                                              • Tag Length: 32, 64, 96, 104, 112, 120, 128
                                                              • IV Length: 96
                                                              • AAD Length: 0, 128, 136, 272, 384
                                                            • AES-KW
                                                              • Direction: Decrypt, Encrypt
                                                              • Cipher: Cipher, Inverse
                                                              • Key Length: 128, 192, 256
                                                              • Payload Length: 128, 192, 512, 1344, 4096
                                                            • AES-KWP
                                                              • Direction: Decrypt, Encrypt
                                                              • Cipher: Cipher, Inverse
                                                              • Key Length: 128, 192, 256
                                                              • Payload Length: 8, 128, 192, 448, 4096
                                                            • AES-OFB
                                                              • Direction: Decrypt, Encrypt
                                                              • Key Length: 128, 192, 256