Module Name
IBM Java JCE FIPS 140-2 Cryptographic Module
Historical Reason
Moved to historical list due to sunsetting
Caveat
When operated in FIPS mode
Security Level Exceptions
Embodiment
Multi-Chip Stand Alone
Description
The IBM Java JCE (Java Cryptographic Extension) FIPS provider (IBMJCEFIPS) for multi-platforms is a scalable, multipurpose cryptographic module that supports many FIPS approved cryptographic operations. This gives Java applications access to the FIPS algorithms via the standard JCE framework.
Tested Configuration(s)
- AIX 7 running on IBM 9119-MHE with PAA
- Red Hat Enterprise Linux Server release 7.1 running on IBM 9119-MHE with PAA
- Red Hat Enterprise Linux Server release 7.1 running on ThinkCentre M93P with PAA
- Windows 7 64-bit running on ThinkCentre M93P without PAA (single-user mode)
- Windows Server 2012 release 2 running on ThinkCentre M92P Tower Desktop with PAA
Approved Algorithms
AES |
Certs. #3904, #3905, #3906, #3907 and #3908 |
CVL |
Certs. #758, #759, #760, #761, #762, #763, #764, #765, #766 and #767 |
DRBG |
Certs. #1119, #1120, #1121, #1122 and #1123 |
DSA |
Certs. #1062, #1063, #1064, #1065 and #1066 |
ECDSA |
Certs. #847, #848, #849, #850 and #851 |
HMAC |
Certs. #2533, #2534, #2535, #2536 and #2537 |
KTS |
vendor affirmed |
RSA |
Certs. #1988, #1989, #1990, #1991 and #1992 |
SHS |
Certs. #3216, #3217, #3218, #3219 and #3220 |
Triple-DES |
Certs. #2140, #2141, #2142, #2143 and #2144 |
Other Algorithms
MD5; RSA (key wrapping; key establishment methodology provides 112 or 128 bits of encryption strength; non-compliant less than 112 bits of encryption strength); Diffie-Hellman (CVL Certs. #759, #761, #763, #765 and #767; key agreement; key establishment methodology provides 112 bits of encryption strength; non-compliant less than 112 bits of encryption strength); EC Diffie-Hellman (CVL Certs. #759, #761, #763, #765 and #767; key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength; non-compliant less than 112 bits of encryption strength); NDRNG