Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

Cryptographic Module Validation Program

Certificate #3514

Details

Module Name
BC-FJA (Bouncy Castle FIPS Java API)
Standard
FIPS 140-2
Status
Active
Sunset Date
8/22/2024
Validation Dates
8/23/2019
Overall Level
1
Caveat
When installed, initialized and configured as specified in the Security Policy Section 8 and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy
Security Level Exceptions
  • Physical Security: N/A
Module Type
Software
Embodiment
Multi-Chip Stand Alone
Description
The Bouncy Castle FIPS Java API is a comprehensive suite of FIPS Approved algorithms implemented in pure Java. All key sizes and modes have been implemented to allow flexibility and efficiency, and additional algorithms are available in non-approved operation as well.
Tested Configuration(s)
  • Vmware Photon OS 2.0 with JDK 11 on Vmware ESXi 6.7 running on Dell PowerEdge R830 with Intel Xeon E5 (single-user mode)
  • Vmware Photon OS 2.0 with JDK 7 on Vmware ESXi 6.7 running on Dell PowerEdge R830 with Intel Xeon E5
  • Vmware Photon OS 2.0 with JDK 8 on Vmware ESXi 6.7 running on Dell PowerEdge R830 with Intel Xeon E5
FIPS Algorithms
AES Cert. #C467
CKG vendor affirmed
CVL Cert. #C467
DRBG Cert. #C467
DSA Cert. #C467
ECDSA Cert. #C467
HMAC Cert. #C467
KAS Cert. #C467
KAS SP 800-56Arev2 with CVL Cert. #C467, vendor affirmed
KBKDF Cert. #C467
KTS AES Cert. #C467; key establishment methodology provides between 128 and 256 bits of encryption strength
KTS vendor affirmed
KTS Triple-DES Cert. #C467; key establishment methodology provides 112 bits of encryption strength
PBKDF vendor affirmed
RSA Cert. #C467
SHA3 Cert. #C467
SHA-3-Customized SHA-3 Cert. #C467, vendor affirmed
SHS Cert. #C467
TDES Cert. #C467
Allowed Algorithms
Diffie-Hellman (CVL Cert. #C467, key agreement; key establishment methodology provides 112 bits or 128 bits of encryption strength); EC Diffie-Hellman (CVL Cert. #C467, key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength); NDRNG; MD5; RSA (CVL Cert. #C467, key wrapping; key establishment methodology provides between 150 and 256 bits of encryption strength)
Software Versions
1.0.2

Vendor

Legion of the Bouncy Castle Inc.
85 The Crescent
Ascot Vale, Victoria 3032
Australia

David Hook
dgh@bouncycastle.org
Phone: +61438170390
Jon Eaves
jon@bouncycastle.org
Phone: +61417502969

Lab

ACUMEN SECURITY, LLC
NVLAP Code: 201029-0