Cryptographic Module Validation Program CMVP

Certificate #3505


Module Name
RSA BSAFEĀ® Crypto-J JSAFE and JCE Software Module
FIPS 140-2
Sunset Date
Validation Dates
Overall Level
When operated in FIPS Mode. No assurance of the minimum strength of generated keys
Security Level Exceptions
  • Roles, Services, and Authentication: Level 2
  • Physical Security: N/A
  • Design Assurance: Level 3
Module Type
Multi-Chip Stand Alone
RSA BSAFE Crypto-J security software is designed to help protect sensitive data as it is stored using strong encryption techniques to provide a persistent level of protection. It supports a wide range of industry standard encryption algorithms offering Java developers the flexibility to choose the option most appropriate to meet their requirements.
Tested Configuration(s)
  • Google Dalvik(tm) JRE 6.0 on Google(tm) Android(tm) 4.1.2 ARMv7 (32-bit) running on Google Nexus 7(tm) (Wi-Fi, 2012) [1][2]
  • OpenJDK 8.0 on CentOS 6.7 (64-bit) running on a Dell(TM) PowerEdge(TM) [1][2]
  • Oracle JRE 7 on Oracle Linux 5.6 (x86-64) running on a Dell XPS 8700 with an Intel Core i7 [3]
  • Oracle JRE 8 on Oracle Linux 6.10 for Oracle Key Vault 18.1 (x86-64) running on a Dell OptiPlex 7040M with an Intel Core i5 [3]
  • Oracle JRE 8 on Oracle Linux 6.9 (x86-64) running on a Dell OptiPlex 5060 SFF with an Intel Core i7 [3]
  • Oracle JRE 8 on Oracle Linux 7.3 (x86-64) running on a Dell OptiPlex 5060 SFF with an Intel Core i7 [3]
  • Oracle JRE 8 on Oracle Linux 7.6 (x86-64) running on a Dell Latitude 5590 with an Intel Core i7 [3] (single-user mode)
  • Oracle(R) JRE 8.0 on Microsoft(R) Windows 8.1 (64-bit) running on an HP ENVY 15 [1][2]
FIPS Algorithms
AES Certs. #3263 and #C805
CVL Certs. #471, #1024 and #C805
DRBG Certs. #722 and #C805
DSA Certs. #932 and #C805
ECDSA Certs. #619 and #C805
HMAC Certs. #2062 and #C805
KTS AES Certs. #3263 and #C805; key establishment methodology provides between 128 and 256 bits of encryption strength
PBKDF vendor affirmed
RSA Certs. #1663 and #C805
SHS Certs. #2701 and #C805
Triple-DES Certs. #1852 and #C805
Allowed Algorithms
MD5; RSA (key wrapping; key establishment methodology provides 112 or 128 bits of encryption strength)
Software Versions
6.2 [1], [2] and [3]


174 Middlesex Turnpike
Bedford, MA 01730

FIPS Program
Phone: +1 781-515-5025
Francois Lamoureux
Phone: +1 781-515-5025


NVLAP Code: 200427-0