Module Name
BC-FJA (Bouncy Castle FIPS Java API)
Historical Reason
Moved to historical list due to sunsetting
Caveat
When installed, initialized and configured as specified in the Security Policy Section 8 and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy
Security Level Exceptions
Embodiment
Multi-Chip Stand Alone
Description
The Bouncy Castle FIPS Java API is a comprehensive suite of FIPS Approved algorithms implemented in pure Java. All key sizes and modes have been implemented to allow flexibility and efficiency, and additional algorithms are available in non-approved operation as well.
Tested Configuration(s)
- VMware Photon OS 2.0 with JDK 11 on VMware ESXi 6.7 running on Dell PowerEdge R830 with Intel Xeon E5 [1, 2, 3]
- VMware Photon OS 2.0 with JDK 7 on VMware ESXi 6.7 running on Dell PowerEdge R830 with Intel Xeon E5 [1, 2, 3]
- VMware Photon OS 2.0 with JDK 8 on VMware ESXi 6.7 running on Dell PowerEdge R830 with Intel Xeon E5 [1, 2, 3]
- VMware Photon OS 4.0 with JDK 11 on VMware ESXi 8.0 running on Dell PowerEdge R650 with Intel Xeon Gold 6330 [4]
- VMware Photon OS 4.0 with JDK 17 on VMware ESXi 8.0 running on Dell PowerEdge R650 with Intel Xeon Gold 6330 [4]
- VMware Photon OS 4.0 with JDK 7 on VMware ESXi 8.0 running on Dell PowerEdge R650 with Intel Xeon Gold 6330 [4]
- VMware Photon OS 4.0 with JDK 8 on VMware ESXi 8.0 running on Dell PowerEdge R650 with Intel Xeon Gold 6330 [4] (single-user mode)
Approved Algorithms
AES |
Certs. #A1641, #A2113, #A3594 and #C2204 |
CKG |
vendor affirmed |
CVL |
Certs. #A1641, #A2113, #A3594 and #C2204 |
DRBG |
Certs. #A1641, #A2113, #A3594 and #C2204 |
DSA |
Certs. #A1641, #A2113, #A3594 and #C2204 |
ECDSA |
Certs. #A1641, #A2113, #A3594 and #C2204 |
HMAC |
Certs. #A1641, #A2113, #A3594 and #C2204 |
KAS-SSC |
vendor affirmed |
KBKDF |
Certs. #A1641, #A2113, #A3594 and #C2204 |
KTS |
AES Certs. #A1641, #A2113, #A3594 and #C2204; key establishment methodology provides between 128 and 256 bits of encryption strength |
KTS |
Triple-DES Certs. #A1641, #A2113, #A3594 and #C2204; key establishment methodology provides 112 bits of encryption strength |
PBKDF |
vendor affirmed |
RSA |
Certs. #A1641, #A2113, #A3594 and #C2204 |
SHA-3 |
Certs. #A1641, #A2113, #A3594 and #C2204 |
SHA-3-Customized |
SHA-3 Certs. #A1641, #A2113, #A3594 and #C2204, vendor affirmed |
SHS |
Certs. #A1641, #A2113, #A3594 and #C2204 |
Triple-DES |
Certs. #A1641, #A2113, #A3594 and #C2204 |
Software Versions
1.0.2.1 [1], 1.0.2.2 [2], 1.0.2.3 [3] and 1.0.2.4 [4]