Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

    Projects Cryptographic Module Validation Program Validated Modules Search

Cryptographic Module Validation Program CMVP

Certificate #2866

Details

Module Name
VMware Java JCE (Java Cryptographic Extension) Module
Standard
FIPS 140-2
Status
Historical
 Historical Reason
Moved to historical list due to sunsetting
Overall Level
1
Caveat
When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy. No assurance of the minimum strength of generated keys
Security Level Exceptions
  • Physical Security: N/A
Module Type
Software
Embodiment
Multi-Chip Stand Alone
Description
The VMware Java JCE (Java Cryptographic Extension) Module is a software cryptographic module based on the Legion of the Bouncy Castle Inc. FIPS Java API (BC-FJA) Module (SW Version 1.0.0). The module is a software library that provides cryptographic functions to various VMware applications via a well-defined Java-language application program interface (API).
Tested Configuration(s)
  • Java SE Runtime Environment 1.7.0 on NSX Controller 6.3.0 OS on Vmware vSphere Hypervisor (ESXi) 6.0 running on HPE ProLiant DL380 Gen8
  • Java SE Runtime Environment 1.7.0 on NSX Edge 6.3.0 OS on Vmware vSphere Hypervisor (ESXi) 6.0 running on HPE ProLiant DL380 Gen8
  • Java SE Runtime Environment 1.7.0 on NSX Manager 6.3.0 OS on Vmware vSphere Hypervisor (ESXi) 6.0 running on HPE ProLiant DL380 Gen8 (single-user mode)
Approved Algorithms
AES Cert. #4153
CVL Certs. #955, #956 and #957
DRBG Cert. #1261
DSA Cert. #1127
ECDSA Cert. #955
HMAC Cert. #2721
KAS Cert. #96
KAS SP 800-56Arev2, vendor affirmed
KBKDF Cert. #107
KTS vendor affirmed
KTS AES Cert. #4153; key establishment methodology provides between 128 and 256 bits of encryption strength
KTS Triple-DES Cert. #2269; key establishment methodology provides 112 bits of encryption strength
PBKDF vendor affirmed
RSA Cert. #2261
SHA-3 Cert. #10
SHS Cert. #3417
Triple-DES Cert. #2269
Other Algorithms
Diffie-Hellman (key agreement; key establishment methodology provides 112 bits of encryption strength; non-compliant less than 112 bits of encryption strength); MD5; RSA (key wrapping; key establishment methodology provides 112 or 128 bits of encryption strength; non-compliant less than 112 bits of encryption strength); ARC4 (RC4); Blowfish; Camellia; CAST5; DES; DSTU4145; ElGamal; GOST28147; GOST3410-1994; GOST3410-2001; GOST3411; HMAC-GOST3411; HMAC-MD5; HMAC-RIPEMD; HMAC-TIGER; HMAC-WHIRLPOOL; IDEA; KBKDF (non-compliant); PBKDF (non-compliant); RC2; RIPEMD; PRNG; RSA (non-compliant); SCrypt; SEED; Serpent; SipHash; SHACAL-2; TIGER; Twofish; WHIRLPOOL
Software Versions
2.0

Vendor

VMware, Inc.
3401 Hillview Ave
Palo Alto, CA 94304
USA

Eric Betts
betts@vmware.com
Phone: 1-650-427-1902

Related Files

Security Policy
Consolidated Certificate

Validation History

Date Type Lab
3/22/2017 Initial CGI Information Systems & Management Consultants Inc