Module Name
BC-FJA (Bouncy Castle FIPS Java API)
Validation Dates
12/17/2019
Caveat
When operated in FIPS mode. No assurance of the minimum strength of generated keys
Security Level Exceptions
- Physical Security: N/A
- Mitigation of Other Attacks: N/A
Embodiment
Multi-Chip Stand Alone
Description
The Bouncy Castle FIPS Java API is a comprehensive suite of FIPS Approved algorithms implemented in pure Java. All key sizes and modes have been implemented to allow flexibility and efficiency, and additional algorithms are available in non-approved operation as well.
Tested Configuration(s)
- Centos 6.4 with on Java SE Runtime Environment v8 (1.8.0) on vSphere 6 running on a Cisco UCSB-B200-M4 Blade with an Intel® Xeon® E5
- Solaris 11 with on Java SE Runtime Environment v7 (1.7.0) on vSphere 6 running on a Cisco UCSB-B200-M4 Blade with an Intel® Xeon® E5
- Ubuntu 14.04 LTS on Java SE Runtime Environment v8 (1.8.0) on VMWare ESXi 6.0 running on Simplivity OmniCube with an Intel® Xeon® E5 (single-user mode)
FIPS Algorithms
AES |
Cert. #3756 |
CVL |
Certs. #704, #705 and #706 |
DRBG |
Cert. #1031 |
DSA |
Cert. #1043 |
ECDSA |
Cert. #804 |
HMAC |
Cert. #2458 |
KAS |
Cert. #73 |
KAS |
SP 800-56Arev2, vendor affirmed |
KBKDF |
Cert. #78 |
KTS |
vendor affirmed |
KTS |
AES Cert. #3756; key establishment methodology provides between 128 and 256 bits of encryption strength |
KTS |
Triple-DES Cert. #2090; key establishment methodology provides 112 bits of encryption strength |
PBKDF |
vendor affirmed |
RSA |
Cert. #1932 |
SHA-3 |
Cert. #3 |
SHS |
Cert. #3126 |
Triple-DES |
Cert. #2090 |
Allowed Algorithms
Diffie-Hellman (CVL Cert. #704, key agreement; key establishment methodology provides 112 bits of encryption strength); MD5; RSA (key wrapping; key establishment methodology provides 112 or 128 bits of encryption strength)