U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Cryptographic Module Validation Program CMVP

Certificate #3514

Details

Module Name
BC-FJA (Bouncy Castle FIPS Java API)
Standard
FIPS 140-2
Status
Active
Sunset Date
8/22/2024
Overall Level
1
Caveat
When installed, initialized and configured as specified in the Security Policy Section 8 and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy
Security Level Exceptions
  • Physical Security: N/A
Module Type
Software
Embodiment
Multi-Chip Stand Alone
Description
The Bouncy Castle FIPS Java API is a comprehensive suite of FIPS Approved algorithms implemented in pure Java. All key sizes and modes have been implemented to allow flexibility and efficiency, and additional algorithms are available in non-approved operation as well.
Tested Configuration(s)
  • VMware Photon OS 2.0 with JDK 11 on VMware ESXi 6.7 running on Dell PowerEdge R830 with Intel Xeon E5 (single-user mode)
  • VMware Photon OS 2.0 with JDK 7 on VMware ESXi 6.7 running on Dell PowerEdge R830 with Intel Xeon E5
  • VMware Photon OS 2.0 with JDK 8 on VMware ESXi 6.7 running on Dell PowerEdge R830 with Intel Xeon E5
FIPS Algorithms
AES Certs. #A1641, A2113 and #C2204
CKG vendor affirmed
CVL Certs. #A1641, A2113 and #C2204
DRBG Certs. #A1641, A2113 and #C2204
DSA Certs. #A1641, A2113 and #C2204
ECDSA Certs. #A1641, A2113 and #C2204
HMAC Certs. #A1641, A2113 and #C2204
KAS-SSC vendor affirmed
KBKDF Certs. #A1641, A2113 and #C2204
KTS AES Certs. #A1641, A2113 and #C2204; key establishment methodology provides between 128 and 256 bits of encryption strength
KTS vendor affirmed
KTS Triple-DES Certs. #A1641 and #C2204; key establishment methodology provides 112 bits of encryption strength
PBKDF vendor affirmed
RSA Certs. #A1641, A2113 and #C2204
SHA3 Certs. #A1641, A2113 and #C2204
SHA-3-Customized SHA-3 Certs. #A1641, A2113 and #C2204, vendor affirmed
SHS Certs. #A1641, A2113 and #C2204
TDES Certs. #A1641, A2113 and #C2204
Allowed Algorithms
NDRNG; MD5; RSA (CVL Certs. #A1641, A2113 and #C2204, key wrapping; key establishment methodology provides between 150 and 256 bits of encryption strength)
Software Versions
1.0.2.1, 1.0.2.2 and 1.0.2.3

Vendor

Legion of the Bouncy Castle Inc.
85 The Crescent
Ascot Vale, Victoria 3032
Australia

David Hook
dgh@bouncycastle.org
Phone: +61438170390
Jon Eaves
jon@bouncycastle.org
Phone: +61417502969

Validation History

Date Type Lab
8/23/2019 Initial ACUMEN SECURITY, LLC
4/18/2021 Update ACUMEN SECURITY, LLC
2/8/2022 Update ACUMEN SECURITY, LLC