U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Computer Security Resource Center

Computer Security Resource Center

    Projects Cryptographic Module Validation Program Validated Modules Search

Cryptographic Module Validation Program CMVP

Certificate #3585

Details

Module Name
BC-FJA (Bouncy Castle FIPS Java API)
Standard
FIPS 140-2
Status
Active
Sunset Date
10/11/2021
Validation Dates
12/17/2019
Overall Level
1
Caveat
When operated in FIPS mode. No assurance of the minimum strength of generated keys
Security Level Exceptions
  • Physical Security: N/A
  • Mitigation of Other Attacks: N/A
Module Type
Software
Embodiment
Multi-Chip Stand Alone
Description
The Bouncy Castle FIPS Java API is a comprehensive suite of FIPS Approved algorithms implemented in pure Java. All key sizes and modes have been implemented to allow flexibility and efficiency, and additional algorithms are available in non-approved operation as well.
Tested Configuration(s)
  • Centos 6.4 with on Java SE Runtime Environment v8 (1.8.0) on vSphere 6 running on a Cisco UCSB-B200-M4 Blade with an Intel® Xeon® E5
  • Solaris 11 with on Java SE Runtime Environment v7 (1.7.0) on vSphere 6 running on a Cisco UCSB-B200-M4 Blade with an Intel® Xeon® E5
  • Ubuntu 14.04 LTS on Java SE Runtime Environment v8 (1.8.0) on VMWare ESXi 6.0 running on Simplivity OmniCube with an Intel® Xeon® E5 (single-user mode)
FIPS Algorithms
AES Cert. #3756
CVL Certs. #704, #705 and #706
DRBG Cert. #1031
DSA Cert. #1043
ECDSA Cert. #804
HMAC Cert. #2458
KAS Cert. #73
KAS SP 800-56Arev2, vendor affirmed
KBKDF Cert. #78
KTS vendor affirmed
KTS AES Cert. #3756; key establishment methodology provides between 128 and 256 bits of encryption strength
KTS Triple-DES Cert. #2090; key establishment methodology provides 112 bits of encryption strength
PBKDF vendor affirmed
RSA Cert. #1932
SHA-3 Cert. #3
SHS Cert. #3126
Triple-DES Cert. #2090
Allowed Algorithms
Diffie-Hellman (CVL Cert. #704, key agreement; key establishment methodology provides 112 bits of encryption strength); MD5; RSA (key wrapping; key establishment methodology provides 112 or 128 bits of encryption strength)
Software Versions
1.0.0

Vendor

Legion of the Bouncy Castle Inc.
85 The Crescent
Ascot Vale, Victoria 3032
Australia

David Hook
dgh@bouncycastle.org
Phone: +61438170390
 Jon Eaves
jon@bouncycastle.org
Phone: +61417502969

Related Files

Security Policy
Consolidated Certificate

Lab

ACUMEN SECURITY, LLC
NVLAP Code: 201029-0