Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

    Projects Cryptographic Module Validation Program Validated Modules Search

Cryptographic Module Validation Program CMVP

Certificate #4616

Details

Module Name
BC-FJA (Bouncy Castle FIPS Java API)
Standard
FIPS 140-2
Status
Active
Sunset Date
8/22/2024
Overall Level
1
Caveat
When installed, initialized and configured as specified in the Security Policy Section 8 and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy
Security Level Exceptions
  • Physical Security: N/A
Module Type
Software
Embodiment
Multi-Chip Stand Alone
Description
The Bouncy Castle FIPS Java API is a comprehensive suite of FIPS Approved algorithms implemented in pure Java. All key sizes and modes have been implemented to allow flexibility and efficiency, and additional algorithms are available in non-approved operation as well.
Tested Configuration(s)
  • VMware Photon OS 2.0 with JDK 11 on VMware ESXi 6.7 running on Dell PowerEdge R830 with Intel Xeon E5 [1, 2, 3]
  • VMware Photon OS 2.0 with JDK 7 on VMware ESXi 6.7 running on Dell PowerEdge R830 with Intel Xeon E5 [1, 2, 3]
  • VMware Photon OS 2.0 with JDK 8 on VMware ESXi 6.7 running on Dell PowerEdge R830 with Intel Xeon E5 [1, 2, 3]
  • VMware Photon OS 4.0 with JDK 11 on VMware ESXi 8.0 running on Dell PowerEdge R650 with Intel Xeon Gold 6330 [4]
  • VMware Photon OS 4.0 with JDK 17 on VMware ESXi 8.0 running on Dell PowerEdge R650 with Intel Xeon Gold 6330 [4]
  • VMware Photon OS 4.0 with JDK 7 on VMware ESXi 8.0 running on Dell PowerEdge R650 with Intel Xeon Gold 6330 [4]
  • VMware Photon OS 4.0 with JDK 8 on VMware ESXi 8.0 running on Dell PowerEdge R650 with Intel Xeon Gold 6330 [4] (single-user mode)
Approved Algorithms
AES Certs. #A1641, #A2113, #A3594 and #C2204
CKG vendor affirmed
CVL Certs. #A1641, #A2113, #A3594 and #C2204
DRBG Certs. #A1641, #A2113, #A3594 and #C2204
DSA Certs. #A1641, #A2113, #A3594 and #C2204
ECDSA Certs. #A1641, #A2113, #A3594 and #C2204
HMAC Certs. #A1641, #A2113, #A3594 and #C2204
KAS-SSC vendor affirmed
KBKDF Certs. #A1641, #A2113, #A3594 and #C2204
KTS AES Certs. #A1641, #A2113, #A3594 and #C2204; key establishment methodology provides between 128 and 256 bits of encryption strength
KTS Triple-DES Certs. #A1641, #A2113, #A3594 and #C2204; key establishment methodology provides 112 bits of encryption strength
PBKDF vendor affirmed
RSA Certs. #A1641, #A2113, #A3594 and #C2204
SHA-3 Certs. #A1641, #A2113, #A3594 and #C2204
SHA-3-Customized SHA-3 Certs. #A1641, #A2113, #A3594 and #C2204, vendor affirmed
SHS Certs. #A1641, #A2113, #A3594 and #C2204
Triple-DES Certs. #A1641, #A2113, #A3594 and #C2204
Allowed Algorithms
NDRNG
Software Versions
1.0.2.1 [1], 1.0.2.2 [2], 1.0.2.3 [3] and 1.0.2.4 [4]

Vendor

Legion of the Bouncy Castle Inc.
85 The Crescent
Ascot Vale, Victoria 3032
Australia

David Hook
dgh@bouncycastle.org
Phone: +61438170390
 Jon Eaves
jon@bouncycastle.org
Phone: +61417502969

Related Files

Security Policy
Consolidated Certificate

Validation History

Date Type Lab
9/27/2023 Initial ACUMEN SECURITY, LLC
10/10/2023 Update ACUMEN SECURITY, LLC