Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

Cryptographic Algorithm Validation Program

Description
The Bouncy Castle FIPS Java API is a comprehensive suite of FIPS Approved algorithms implemented in pure Java. All key sizes and modes have been implemented to allow flexibility and efficiency, and additional algorithms are available in non-approved operation as well.
Version
1.0.1
Type
SOFTWARE
Vendor
Legion of the Bouncy Castle Inc.
85 The Crescent
Ascot Vale, Victoria 3032
Australia
Contacts
David Hook
dgh@bouncycastle.org
+61438170390
Jon Eaves
jon@bouncycastle.org
+61417502969

Validations

Number
Date
Operating Environments
Algorithm Capabilities
DRBG 1636
9/1/2017
  • Java SE Runtime Environment 7 on Red Hat Enterprise Linux 7.3 on VMware ESXi 5.5 on Intel Xeon Processor X5670
  • Java SE Runtime Environment 8 on Red Hat Enterprise Linux 7.3 on VMware ESXi 5.5 on Intel Xeon Processor X5670
  • Counter DRBG
      • Capabilities:
        • Mode: 3KeyTDEA
        • Derivation Function Enabled: Yes
      • Capabilities:
        • Mode: AES-128
        • Derivation Function Enabled: Yes
      • Capabilities:
        • Mode: AES-192
        • Derivation Function Enabled: Yes
      • Capabilities:
        • Mode: AES-256
        • Derivation Function Enabled: Yes
    • Prediction Resistance: Yes, No
    Prerequisites:
  • Hash DRBG
    • Prediction Resistance: Yes, No
      • Capabilities:
        • Mode: SHA-1
      • Capabilities:
        • Mode: SHA2-224
      • Capabilities:
        • Mode: SHA2-256
      • Capabilities:
        • Mode: SHA2-384
      • Capabilities:
        • Mode: SHA2-512/256
      • Capabilities:
        • Mode: SHA2-512
      • Capabilities:
        • Mode: SHA2-512/224
    Prerequisites:
  • HMAC DRBG
    • Prediction Resistance: Yes, No
      • Capabilities:
        • Mode: SHA-1
      • Capabilities:
        • Mode: SHA2-224
      • Capabilities:
        • Mode: SHA2-256
      • Capabilities:
        • Mode: SHA2-384
      • Capabilities:
        • Mode: SHA2-512
      • Capabilities:
        • Mode: SHA2-512/224
      • Capabilities:
        • Mode: SHA2-512/256
    Prerequisites:
  • PhotonOS 2.0 running on ESXi 6.7 with JRE 1.8 on Intel Xeon 6126
    • processor
      • manufacturer: Intel
    • software
  • Ubuntu 16.04 running on ESXi 6.7 with JRE 1.8 on Intel Xeon 6126
    • processor
      • manufacturer: Intel
    • software
  • Windows Server 2016 running on ESXi 6.7 with JRE 1.8 on Intel Xeon 6126
    • processor
      • manufacturer: Intel
    • software
  • Counter DRBG
    • Prediction Resistance: Yes, No
      • Capabilities:
        • Mode: AES-256
        • Personalization String Length: 0-256
        • Nonce: 128
        • Additional Input: 0-256
        • Entropy Input: 256
        • Returned Bits: 512
        • Derivation Function Enabled: Yes
      • Capabilities:
        • Entropy Input: 112
        • Nonce: 56
        • Mode: TDES
        • Additional Input: 0-112
        • Returned Bits: 256
        • Derivation Function Enabled: Yes
        • Personalization String Length: 0-112
      • Capabilities:
        • Mode: AES-128
        • Additional Input: 0-128
        • Personalization String Length: 0-128
        • Nonce: 64
        • Entropy Input: 128
        • Returned Bits: 512
        • Derivation Function Enabled: Yes
      • Capabilities:
        • Mode: AES-192
        • Personalization String Length: 0-256
        • Nonce: 128
        • Additional Input: 0-256
        • Entropy Input: 192
        • Returned Bits: 512
        • Derivation Function Enabled: Yes
    • Supports Reseed
    Prerequisites:
  • Hash DRBG
    • Prediction Resistance: Yes, No
      • Capabilities:
        • Mode: SHA-1
        • Personalization String Length: 0-128
        • Additional Input: 0-128
        • Nonce: 64
        • Entropy Input: 128
        • Returned Bits: 640
      • Capabilities:
        • Mode: SHA2-224
        • Personalization String Length: 0-192
        • Additional Input: 0-192
        • Nonce: 96
        • Entropy Input: 192
        • Returned Bits: 896
      • Capabilities:
        • Entropy Input: 256
        • Nonce: 128
        • Additional Input: 0-256
        • Mode: SHA2-256
        • Personalization String Length: 0-256
        • Returned Bits: 1024
      • Capabilities:
        • Entropy Input: 256
        • Nonce: 128
        • Additional Input: 0-256
        • Mode: SHA2-384
        • Personalization String Length: 0-256
        • Returned Bits: 1536
      • Capabilities:
        • Mode: SHA2-512
        • Entropy Input: 256
        • Nonce: 128
        • Additional Input: 0-256
        • Personalization String Length: 0-256
        • Returned Bits: 2048
      • Capabilities:
        • Personalization String Length: 0-192
        • Mode: SHA2-512/224
        • Additional Input: 0-192
        • Nonce: 96
        • Entropy Input: 192
        • Returned Bits: 896
      • Capabilities:
        • Entropy Input: 256
        • Nonce: 128
        • Additional Input: 0-256
        • Personalization String Length: 0-256
        • Mode: SHA2-512/256
        • Returned Bits: 1024
    • Supports Reseed
    Prerequisites:
  • HMAC DRBG
    • Prediction Resistance: Yes, No
    • Supports Reseed
      • Capabilities:
        • Entropy Input: 128
        • Additional Input: 0-128
        • Nonce: 64
        • Returned Bits: 640
        • Mode: SHA-1
        • Personalization String Length: 0-128
      • Capabilities:
        • Additional Input: 0-192
        • Entropy Input: 192
        • Returned Bits: 896
        • Mode: SHA2-224
        • Nonce: 96
        • Personalization String Length: 0-192
      • Capabilities:
        • Entropy Input: 256
        • Mode: SHA2-256
        • Personalization String Length: 0-256
        • Returned Bits: 1024
        • Nonce: 128
        • Additional Input: 0-256
      • Capabilities:
        • Entropy Input: 256
        • Personalization String Length: 0-256
        • Mode: SHA2-384
        • Returned Bits: 1536
        • Nonce: 128
        • Additional Input: 0-256
      • Capabilities:
        • Entropy Input: 256
        • Mode: SHA2-512
        • Personalization String Length: 0-256
        • Returned Bits: 2048
        • Nonce: 128
        • Additional Input: 0-256
      • Capabilities:
        • Mode: SHA2-512/224
        • Additional Input: 0-192
        • Entropy Input: 192
        • Nonce: 96
        • Personalization String Length: 0-192
        • Returned Bits: 896
      • Capabilities:
        • Entropy Input: 256
        • Personalization String Length: 0-256
        • Mode: SHA2-512/256
        • Nonce: 128
        • Returned Bits: 1024
        • Additional Input: 0-256
    Prerequisites:
  • Linux 3.10 on Intel Xeon E5-2697 v3
    • processor
      • manufacturer: Intel
    • software
  • Linux 3.10 on Intel Xeon Silver 4110
    • processor
      • manufacturer: Intel
    • software
  • Counter DRBG
    • Prediction Resistance: Yes, No
      • Capabilities:
        • Mode: AES-256
        • Personalization String Length: 0-256
        • Entropy Input: 256
        • Nonce: 128
        • Additional Input: 0-256
        • Returned Bits: 512
        • Derivation Function Enabled: Yes
      • Capabilities:
        • Additional Input: 0-112
        • Entropy Input: 112
        • Mode: TDES
        • Nonce: 56
        • Returned Bits: 256
        • Derivation Function Enabled: Yes
        • Personalization String Length: 0-112
      • Capabilities:
        • Nonce: 64
        • Additional Input: 0-128
        • Mode: AES-128
        • Personalization String Length: 0-128
        • Entropy Input: 128
        • Returned Bits: 512
        • Derivation Function Enabled: Yes
      • Capabilities:
        • Personalization String Length: 0-256
        • Mode: AES-192
        • Nonce: 128
        • Additional Input: 0-256
        • Entropy Input: 192
        • Returned Bits: 512
        • Derivation Function Enabled: Yes
    • Supports Reseed
    Prerequisites:
  • Hash DRBG
    • Prediction Resistance: Yes, No
      • Capabilities:
        • Nonce: 64
        • Mode: SHA-1
        • Personalization String Length: 0-128
        • Additional Input: 0-128
        • Entropy Input: 128
        • Returned Bits: 640
      • Capabilities:
        • Additional Input: 0-192
        • Mode: SHA2-224
        • Personalization String Length: 0-192
        • Nonce: 96
        • Entropy Input: 192
        • Returned Bits: 896
      • Capabilities:
        • Entropy Input: 256
        • Nonce: 128
        • Additional Input: 0-256
        • Mode: SHA2-256
        • Personalization String Length: 0-256
        • Returned Bits: 1024
      • Capabilities:
        • Entropy Input: 256
        • Nonce: 128
        • Additional Input: 0-256
        • Mode: SHA2-384
        • Personalization String Length: 0-256
        • Returned Bits: 1536
      • Capabilities:
        • Mode: SHA2-512
        • Entropy Input: 256
        • Nonce: 128
        • Additional Input: 0-256
        • Personalization String Length: 0-256
        • Returned Bits: 2048
      • Capabilities:
        • Mode: SHA2-512/224
        • Additional Input: 0-192
        • Personalization String Length: 0-192
        • Nonce: 96
        • Entropy Input: 192
        • Returned Bits: 896
      • Capabilities:
        • Entropy Input: 256
        • Nonce: 128
        • Additional Input: 0-256
        • Personalization String Length: 0-256
        • Mode: SHA2-512/256
        • Returned Bits: 1024
    • Supports Reseed
    Prerequisites:
  • HMAC DRBG
    • Prediction Resistance: Yes, No
    • Supports Reseed
      • Capabilities:
        • Entropy Input: 128
        • Additional Input: 0-128
        • Nonce: 64
        • Returned Bits: 640
        • Mode: SHA-1
        • Personalization String Length: 0-128
      • Capabilities:
        • Additional Input: 0-192
        • Mode: SHA2-224
        • Nonce: 96
        • Personalization String Length: 0-192
        • Entropy Input: 192
        • Returned Bits: 896
      • Capabilities:
        • Entropy Input: 256
        • Mode: SHA2-256
        • Personalization String Length: 0-256
        • Returned Bits: 1024
        • Nonce: 128
        • Additional Input: 0-256
      • Capabilities:
        • Entropy Input: 256
        • Personalization String Length: 0-256
        • Mode: SHA2-384
        • Returned Bits: 1536
        • Nonce: 128
        • Additional Input: 0-256
      • Capabilities:
        • Entropy Input: 256
        • Mode: SHA2-512
        • Personalization String Length: 0-256
        • Returned Bits: 2048
        • Nonce: 128
        • Additional Input: 0-256
      • Capabilities:
        • Additional Input: 0-192
        • Mode: SHA2-512/224
        • Nonce: 96
        • Personalization String Length: 0-192
        • Entropy Input: 192
        • Returned Bits: 896
      • Capabilities:
        • Mode: SHA2-512/256
        • Entropy Input: 256
        • Personalization String Length: 0-256
        • Nonce: 128
        • Additional Input: 0-256
        • Returned Bits: 1024
    Prerequisites:
  • Android Lollipop 5.1 on Qualcomm MSM8960 Pro
    • software
    • processor
      • manufacturer: Qualcomm
  • Android Marshmallow 6.0 on Qualcomm MSM8956
    • software
    • processor
      • manufacturer: Qualcomm
  • Android Oreo 8.1 on Qualcomm SDM660
    • software
    • processor
      • manufacturer: Qualcomm
  • Counter DRBG
    • Prediction Resistance: Yes, No
    • Supports Reseed
      • Capabilities:
        • Entropy Input: 256
        • Mode: AES-256
        • Personalization String Length: 0-256
        • Returned Bits: 512
        • Derivation Function Enabled: Yes
        • Nonce: 128
        • Additional Input: 0-256
      • Capabilities:
        • Mode: TDES
        • Entropy Input: 112
        • Returned Bits: 256
        • Derivation Function Enabled: Yes
        • Personalization String Length: 0-112
        • Additional Input: 0-112
        • Nonce: 56
      • Capabilities:
        • Mode: AES-128
        • Additional Input: 0-128
        • Entropy Input: 128
        • Returned Bits: 512
        • Derivation Function Enabled: Yes
        • Nonce: 64
        • Personalization String Length: 0-128
      • Capabilities:
        • Mode: AES-192
        • Personalization String Length: 0-256
        • Entropy Input: 192
        • Returned Bits: 512
        • Derivation Function Enabled: Yes
        • Nonce: 128
        • Additional Input: 0-256
    Prerequisites:
  • Hash DRBG
    • Supports Reseed
    • Prediction Resistance: Yes, No
      • Capabilities:
        • Mode: SHA-1
        • Personalization String Length: 0-128
        • Additional Input: 0-128
        • Entropy Input: 128
        • Returned Bits: 640
        • Nonce: 64
      • Capabilities:
        • Mode: SHA2-224
        • Personalization String Length: 0-192
        • Nonce: 96
        • Entropy Input: 192
        • Returned Bits: 896
        • Additional Input: 0-192
      • Capabilities:
        • Mode: SHA2-256
        • Personalization String Length: 0-256
        • Returned Bits: 1024
        • Entropy Input: 256
        • Nonce: 128
        • Additional Input: 0-256
      • Capabilities:
        • Mode: SHA2-384
        • Personalization String Length: 0-256
        • Returned Bits: 1536
        • Entropy Input: 256
        • Nonce: 128
        • Additional Input: 0-256
      • Capabilities:
        • Personalization String Length: 0-256
        • Returned Bits: 2048
        • Mode: SHA2-512
        • Entropy Input: 256
        • Nonce: 128
        • Additional Input: 0-256
      • Capabilities:
        • Personalization String Length: 0-192
        • Nonce: 96
        • Entropy Input: 192
        • Returned Bits: 896
        • Mode: SHA2-512/224
        • Additional Input: 0-192
      • Capabilities:
        • Personalization String Length: 0-256
        • Mode: SHA2-512/256
        • Returned Bits: 1024
        • Entropy Input: 256
        • Nonce: 128
        • Additional Input: 0-256
    Prerequisites:
  • HMAC DRBG
    • Supports Reseed
    • Prediction Resistance: Yes, No
      • Capabilities:
        • Nonce: 64
        • Mode: SHA-1
        • Personalization String Length: 0-128
        • Entropy Input: 128
        • Additional Input: 0-128
        • Returned Bits: 640
      • Capabilities:
        • Mode: SHA2-224
        • Nonce: 96
        • Personalization String Length: 0-192
        • Additional Input: 0-192
        • Entropy Input: 192
        • Returned Bits: 896
      • Capabilities:
        • Mode: SHA2-256
        • Personalization String Length: 0-256
        • Nonce: 128
        • Additional Input: 0-256
        • Entropy Input: 256
        • Returned Bits: 1024
      • Capabilities:
        • Personalization String Length: 0-256
        • Nonce: 128
        • Additional Input: 0-256
        • Entropy Input: 256
        • Mode: SHA2-384
        • Returned Bits: 1536
      • Capabilities:
        • Mode: SHA2-512
        • Personalization String Length: 0-256
        • Nonce: 128
        • Additional Input: 0-256
        • Entropy Input: 256
        • Returned Bits: 2048
      • Capabilities:
        • Nonce: 96
        • Personalization String Length: 0-192
        • Additional Input: 0-192
        • Mode: SHA2-512/224
        • Entropy Input: 192
        • Returned Bits: 896
      • Capabilities:
        • Personalization String Length: 0-256
        • Nonce: 128
        • Additional Input: 0-256
        • Entropy Input: 256
        • Mode: SHA2-512/256
        • Returned Bits: 1024
    Prerequisites: