Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Cryptographic Module Validation Program CMVP

Certificate #4202

Details

Module Name
IQVIA Java Crypto Module
Standard
FIPS 140-2
Status
Active
Sunset Date
9/21/2026
Overall Level
1
Caveat
When operated in FIPS mode. The output of the DRBG shall not be used to generate keys
Security Level Exceptions
  • Physical Security: N/A
  • Mitigation of Other Attacks: N/A
Module Type
Software
Embodiment
Multi-Chip Stand Alone
Description
The cryptographic module is a single Java Archive (JAR) binary, named DvSecurityAPI.jar, that provides cryptographic and secure communication services for other applications developed by IQVIA. In this document, those applications will be referred to as the calling application. The module is a standalone cryptographic library that can be called to provide encryption, decryption, hash generation and verification, certificate generation and verification, random bit generation, and message authentication functions.
Tested Configuration(s)
  • Microsoft Windows Server 2016 with JDK v1.8 running on a ProLiant BL460c Gen8 with Intel Xeon E5-2640 (single-user mode)
Approved Algorithms
AES Cert. #C2127
DRBG Cert. #C2127
HMAC Cert. #C2127
RSA Cert. #C2127
SHS Cert. #C2127
Allowed Algorithms
RSA (key wrapping; key establishment methodology provides 112 bits of encryption strength)
Software Versions
1.0

Vendor

IQVIA
2235 Sheppard Avenue East, Suite 1700
Toronto, Ontario M2J5B5
Canada

Toan Tran
toan.tran@iqvia.com
Phone: 703-992-1043
App Nucleus Support
appnucleussupport@iqvia.com
Phone: 416-756-2324

Validation History

Date Type Lab
4/22/2022 Initial LEIDOS CSTL