This page was not yet optimized for use on mobile
devices.
VMware's BC-FJA (Bouncy Castle FIPS Java API)
Certificate #4986
Webpage information
Security policy
Symmetric Algorithms
AES, AES-128, AES-192, AES-256, AES-, Twofish, Serpent, CAST5, CAST, RC4, RC2, DES, Triple-DES, TDEA, TDES, ChaCha20, Poly1305, IDEA, Blowfish, Camellia, SEED, HMAC, HMAC-SHA-256, KMAC, CMAC, CBC-MACAsymmetric Algorithms
RSA-OAEP, ECDSA, EdDSA, ECC, Diffie-Hellman, DH, DSAPost-quantum Algorithms
LMSHash functions
SHA-1, SHA-256, SHA-224, SHA-384, SHA-512, SHA2, SHA-2, SHA3-224, SHA3-256, SHA3-384, SHA3-512, SHA-3, SHA3, SHAKE128, SHAKE256, MD5, RIPEMD128, RIPEMD160, RIPEMD320, RIPEMD256, RIPEMD, PBKDF, PBKDF2Schemes
MAC, Key Agreement, AEADProtocols
SSH, SSHv2, TLS, TLS 1.2, TLSv1.2, TLS 1.0, TLS 1.1, IKEv2, PGPRandomness
PRNG, DRBG, RNG, RBGLibraries
OpenSSL, BouncyCastleElliptic Curves
P-256, P-384, P-521, P-224, K-233, K-283, K-409, B-233, B-283, B-571, K-571, B-409, Ed25519, Ed448Block cipher modes
ECB, CBC, CTR, CFB, OFB, GCM, CCMJavaCard API constants
X25519, X448Trusted Execution Environments
SSC, SEVendor
Broadcom Inc, MicrosoftSecurity level
Level 1Side-channel analysis
timing attacks, timing attackStandards
FIPS 140-3, FIPS 197, FIPS 186-4, FIPS 198-1, FIPS 186-2, FIPS 180-4, FIPS 202, FIPS 186-3, FIPS PUB 140-3, SP 800-38G, SP 800-38A, SP 800-38C, SP 800-38B, SP 800-38D, SP 800-56C, SP 800-132, SP 800-108, SP 800-38F, SP 800-185, NIST SP 800-107, SP 800-90B, NIST SP 800-90C, SP 800-89, SP 800-90A, PKCS #1, PKCS1, PKCS#12, PKCS#5, PKCS#1, RFC 8708, RFC 7914, ISO/IEC 24759File metadata
| Author | Madhur Walia |
|---|---|
| Creation date | D:20250411092158-04'00' |
| Modification date | D:20250411092158-04'00' |
| Pages | 53 |
| Creator | Microsoft® Word for Microsoft 365 |
| Producer | Microsoft® Word for Microsoft 365 |
Heuristics
No heuristics are available for this certificate.
References
No references are available for this certificate.
Updates Feed
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate was first processed.
Raw data
{
"_type": "sec_certs.sample.fips.FIPSCertificate",
"cert_id": 4986,
"dgst": "123578699359aa21",
"heuristics": {
"_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
"algorithms": {
"_type": "Set",
"elements": [
"DSA SigGen (FIPS186-4)A5205",
"DSA PQGVer (FIPS186-4)A5205",
"KDF ANS 9.63A5205",
"SHA2-256A5205",
"HMAC-SHA2-256A5205",
"AES-CTRA5205",
"AES-CMACA5205",
"AES-FF1A5205",
"RSA SigVer (FIPS186-2)A5205",
"SHA3-512A5205",
"SHA3-384A5205",
"Safe Primes Key GenerationA5205",
"ECDSA SigVer (FIPS186-4)A5205",
"KDA HKDF SP800-56Cr2A5205",
"ParallelHash-128A5205",
"HMAC DRBGA5205",
"SHA2-384A5205",
"AES-CCMA5205",
"AES-GCMA5205",
"AES-GMACA5205",
"cSHAKE-128A5205",
"HMAC-SHA2-224A5205",
"KMAC-128A5205",
"AES-ECBA5205",
"HMAC-SHA2-384A5205",
"Counter DRBGA5205",
"KAS-IFCA5205",
"HMAC-SHA3-224A5205",
"RSA SigVer (FIPS186-4)A5205",
"PBKDFA5205",
"KDF SRTPA5205",
"RSA SigGen (FIPS186-4)A5205",
"RSA KeyGen (FIPS186-4)A5205",
"SHA3-256A5205",
"SHAKE-128A5205",
"SHAKE-256A5205",
"DSA PQGGen (FIPS186-4)A5205",
"SHA2-512A5205",
"TupleHash-128A5205",
"RSA Signature PrimitiveA5205",
"AES-CFB8A5205",
"DSA SigVer (FIPS186-4)A5205",
"AES-CBC-CS2A5205",
"SHA3-224A5205",
"HMAC-SHA2-512/224A5205",
"KAS-FFC Sp800-56Ar3A5205",
"KAS-ECC Sp800-56Ar3A5205",
"HMAC-SHA3-512A5205",
"SHA2-512/224A5205",
"ECDSA KeyVer (FIPS186-4)A5205",
"KDF SNMPA5205",
"KMAC-256A5205",
"AES-CFB128A5205",
"ECDSA SigGen (FIPS186-4)A5205",
"AES-CBCA5205",
"AES-OFBA5205",
"DSA KeyGen (FIPS186-4)A5205",
"Safe Primes Key VerificationA5205",
"SHA2-224A5205",
"KDA TwoStep SP800-56Cr2A5205",
"AES-CBC-CS1A5205",
"KDA OneStep SP800-56Cr2A5205",
"HMAC-SHA-1A5205",
"HMAC-SHA2-512A5205",
"SHA2-512/256A5205",
"HMAC-SHA3-256A5205",
"ParallelHash-256A5205",
"SHA-1A5205",
"KDF TLSA5205",
"ECDSA KeyGen (FIPS186-4)A5205",
"KDF SSHA5205",
"HMAC-SHA3-384A5205",
"cSHAKE-256A5205",
"KDF SP800-108A5205",
"KDF IKEv2A5205",
"HMAC-SHA2-512/256A5205",
"AES-CBC-CS3A5205",
"AES-KWA5205",
"AES-KWPA5205",
"KTS-IFCA5205",
"Hash DRBGA5205",
"TupleHash-256A5205",
"RSA Decryption PrimitiveA5205"
]
},
"cpe_matches": null,
"direct_transitive_cves": null,
"extracted_versions": {
"_type": "Set",
"elements": [
"-"
]
},
"indirect_transitive_cves": null,
"module_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"module_prunned_references": {
"_type": "Set",
"elements": []
},
"policy_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"policy_prunned_references": {
"_type": "Set",
"elements": []
},
"related_cves": null,
"verified_cpe_matches": null
},
"pdf_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
"keywords": {
"asymmetric_crypto": {
"ECC": {
"ECC": {
"ECC": 2
},
"ECDSA": {
"ECDSA": 17
},
"EdDSA": {
"EdDSA": 2
}
},
"FF": {
"DH": {
"DH": 12,
"Diffie-Hellman": 7
},
"DSA": {
"DSA": 28
}
},
"RSA": {
"RSA-OAEP": 1
}
},
"certification_process": {},
"cipher_mode": {
"CBC": {
"CBC": 7
},
"CCM": {
"CCM": 5
},
"CFB": {
"CFB": 1
},
"CTR": {
"CTR": 7
},
"ECB": {
"ECB": 4
},
"GCM": {
"GCM": 18
},
"OFB": {
"OFB": 4
}
},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {
"BouncyCastle": {
"BouncyCastle": 1
},
"OpenSSL": {
"OpenSSL": 2
}
},
"crypto_protocol": {
"IKE": {
"IKEv2": 11
},
"PGP": {
"PGP": 1
},
"SSH": {
"SSH": 10,
"SSHv2": 1
},
"TLS": {
"TLS": {
"TLS": 25,
"TLS 1.0": 1,
"TLS 1.1": 1,
"TLS 1.2": 3,
"TLSv1.2": 2
}
}
},
"crypto_scheme": {
"AEAD": {
"AEAD": 1
},
"KA": {
"Key Agreement": 9
},
"MAC": {
"MAC": 9
}
},
"device_model": {},
"ecc_curve": {
"Edwards": {
"Ed25519": 2,
"Ed448": 2
},
"NIST": {
"B-233": 7,
"B-283": 1,
"B-409": 5,
"B-571": 6,
"K-233": 6,
"K-283": 1,
"K-409": 6,
"K-571": 1,
"P-224": 10,
"P-256": 12,
"P-384": 12,
"P-521": 4
}
},
"eval_facility": {},
"fips_cert_id": {
"Cert": {
"#1": 4
}
},
"fips_certlike": {
"Certlike": {
"AES-128": 1,
"AES-192": 1,
"AES-256": 1,
"AES-CTR 256": 1,
"AES-GCM Decrypt KAT (128": 1,
"AES-GCM Encrypt KAT (128": 1,
"DRBG16": 18,
"DRBG7": 1,
"DSA2": 1,
"HMAC 8": 2,
"HMAC SHA- 256": 1,
"HMAC SHA- 512": 2,
"HMAC SHA-1": 3,
"HMAC SHA-224": 3,
"HMAC SHA-256": 3,
"HMAC SHA-384": 3,
"HMAC SHA-512": 1,
"HMAC SHA-512/224": 3,
"HMAC SHA-512/256": 3,
"HMAC-SHA-256": 2,
"PAA 10": 1,
"PAA 11": 1,
"PAA 12": 1,
"PAA 2": 1,
"PAA 3": 1,
"PAA 4": 1,
"PAA 5": 1,
"PAA 6": 1,
"PAA 7": 1,
"PAA 8": 1,
"PKCS #1": 8,
"PKCS#1": 6,
"PKCS#12": 6,
"PKCS#5": 6,
"PKCS1": 8,
"SHA- 256": 3,
"SHA- 512": 2,
"SHA-1": 15,
"SHA-2": 1,
"SHA-224": 8,
"SHA-256": 7,
"SHA-3": 8,
"SHA-384": 8,
"SHA-512": 6,
"SHA2": 1,
"SHA2- 256": 1,
"SHA2- 384": 2,
"SHA2- 512": 3,
"SHA2-224": 5,
"SHA2-256": 7,
"SHA2-384": 4,
"SHA2-512": 4,
"SHA3": 1,
"SHA3- 224": 2,
"SHA3- 384": 2,
"SHA3- 512": 3,
"SHA3-224": 5,
"SHA3-256": 7,
"SHA3-384": 5,
"SHA3-512": 4
}
},
"fips_security_level": {
"Level": {
"Level 1": 5
}
},
"hash_function": {
"MD": {
"MD5": {
"MD5": 6
}
},
"PBKDF": {
"PBKDF": 21,
"PBKDF2": 2
},
"RIPEMD": {
"RIPEMD": 1,
"RIPEMD128": 2,
"RIPEMD160": 2,
"RIPEMD256": 1,
"RIPEMD320": 2
},
"SHA": {
"SHA1": {
"SHA-1": 15
},
"SHA2": {
"SHA-2": 1,
"SHA-224": 8,
"SHA-256": 7,
"SHA-384": 8,
"SHA-512": 6,
"SHA2": 1
},
"SHA3": {
"SHA-3": 8,
"SHA3": 1,
"SHA3-224": 5,
"SHA3-256": 7,
"SHA3-384": 5,
"SHA3-512": 4
}
},
"SHAKE": {
"SHAKE128": 1,
"SHAKE256": 2
}
},
"ic_data_group": {},
"javacard_api_const": {
"curves": {
"X25519": 2,
"X448": 2
}
},
"javacard_packages": {
"java": {
"java.security": 2
},
"org": {
"org.bouncycastle.crypto": 1,
"org.bouncycastle.entropy": 1,
"org.bouncycastle.fips": 2,
"org.bouncycastle.util": 1
}
},
"javacard_version": {},
"os_name": {},
"pq_crypto": {
"LMS": {
"LMS": 1
}
},
"randomness": {
"PRNG": {
"DRBG": 61,
"PRNG": 2
},
"RNG": {
"RBG": 2,
"RNG": 2
}
},
"side_channel_analysis": {
"SCA": {
"timing attack": 1,
"timing attacks": 1
}
},
"standard_id": {
"FIPS": {
"FIPS 140-3": 13,
"FIPS 180-4": 2,
"FIPS 186-2": 1,
"FIPS 186-3": 1,
"FIPS 186-4": 7,
"FIPS 197": 2,
"FIPS 198-1": 2,
"FIPS 202": 2,
"FIPS PUB 140-3": 1
},
"ISO": {
"ISO/IEC 24759": 2
},
"NIST": {
"NIST SP 800-107": 1,
"NIST SP 800-90C": 1,
"SP 800-108": 1,
"SP 800-132": 4,
"SP 800-185": 1,
"SP 800-38A": 2,
"SP 800-38B": 2,
"SP 800-38C": 2,
"SP 800-38D": 3,
"SP 800-38F": 2,
"SP 800-38G": 2,
"SP 800-56C": 2,
"SP 800-89": 1,
"SP 800-90A": 1,
"SP 800-90B": 4
},
"PKCS": {
"PKCS #1": 4,
"PKCS#1": 3,
"PKCS#12": 3,
"PKCS#5": 3,
"PKCS1": 4
},
"RFC": {
"RFC 7914": 1,
"RFC 8708": 2
}
},
"symmetric_crypto": {
"AES_competition": {
"AES": {
"AES": 48,
"AES-": 4,
"AES-128": 1,
"AES-192": 1,
"AES-256": 1
},
"CAST": {
"CAST": 3,
"CAST5": 1
},
"RC": {
"RC2": 1,
"RC4": 1
},
"Serpent": {
"Serpent": 1
},
"Twofish": {
"Twofish": 1
}
},
"DES": {
"3DES": {
"TDEA": 7,
"TDES": 1,
"Triple-DES": 7
},
"DES": {
"DES": 4
}
},
"constructions": {
"MAC": {
"CBC-MAC": 1,
"CMAC": 8,
"HMAC": 67,
"HMAC-SHA-256": 1,
"KMAC": 14
}
},
"djb": {
"ChaCha": {
"ChaCha20": 2
},
"Poly": {
"Poly1305": 2
}
},
"miscellaneous": {
"Blowfish": {
"Blowfish": 1
},
"Camellia": {
"Camellia": 1
},
"IDEA": {
"IDEA": 1
},
"SEED": {
"SEED": 1
}
}
},
"tee_name": {
"IBM": {
"SE": 87,
"SSC": 1
}
},
"tls_cipher_suite": {},
"vendor": {
"Broadcom": {
"Broadcom Inc": 55
},
"Microsoft": {
"Microsoft": 12
}
},
"vulnerability": {}
},
"policy_metadata": {
"/Author": "Madhur Walia",
"/CreationDate": "D:20250411092158-04\u002700\u0027",
"/Creator": "Microsoft\u00ae Word for Microsoft 365",
"/ModDate": "D:20250411092158-04\u002700\u0027",
"/Producer": "Microsoft\u00ae Word for Microsoft 365",
"pdf_file_size_bytes": 1042484,
"pdf_hyperlinks": {
"_type": "Set",
"elements": [
"mailto:[email protected]",
"http://www.broadcom.com/",
"https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?product=16951",
"https://nvd.nist.gov/",
"mailto:[email protected]",
"https://downloads.bouncycastle.org/fips-java/BC-FJA-UserGuide-2.0.0.pdf",
"https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?product=17878"
]
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 53
}
},
"state": {
"_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
"module_download_ok": true,
"module_extract_ok": true,
"policy_convert_ok": true,
"policy_download_ok": true,
"policy_extract_ok": true,
"policy_json_hash": null,
"policy_pdf_hash": "44fba79759845eb377e4c8acbebd24c9efecf283d3e15f91412b8a94d8d4c745",
"policy_txt_hash": "59346a2257e11ce8f51812eada5f32c87528cfa5fe3816a5a190efd4b9c94210"
},
"web_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
"caveat": "When operated in approved mode. No assurance of the minimum strength of generated SSPs (e.g., keys).",
"certificate_pdf_url": null,
"date_sunset": "2029-07-28",
"description": "VMware\u0027s BC-FJA is a comprehensive suite of FIPS Approved algorithms implemented in pure Java. All key sizes and modes have been implemented to allow flexibility and efficiency, and additional algorithms are available in non-approved operation as well.",
"embodiment": "Multi-Chip Stand Alone",
"exceptions": [
"Physical security: N/A",
"Non-invasive security: N/A"
],
"fw_versions": null,
"historical_reason": null,
"hw_versions": null,
"level": 1,
"mentioned_certs": {},
"module_name": "VMware\u0027s BC-FJA (Bouncy Castle FIPS Java API)",
"module_type": "Software",
"revoked_link": null,
"revoked_reason": null,
"standard": "FIPS 140-3",
"status": "active",
"sw_versions": "2.0.0",
"tested_conf": [
"Java SE Runtime Environment v11 with Photon OS 3.0 on VMWare ESXi 8.0 running on Dell PowerEdge R650 with Intel Xeon Gold 6330",
"Java SE Runtime Environment v11 with Photon OS 5.0 on VMWare ESXi 8.0 running on Dell PowerEdge R650 with Intel Xeon Gold 6330",
"Java SE Runtime Environment v11 with Ubuntu 22.04 on VMWare ESXi 8.0 running on Dell PowerEdge R650 with Intel Xeon Gold 6330",
"Java SE Runtime Environment v17 with Amazon Linux 2023 on VMWare ESXi 8.0 running on Dell PowerEdge R650 with Intel Xeon Gold 6330",
"Java SE Runtime Environment v17 with CentOS 9.0 on VMWare ESXi 8.0 running on Dell PowerEdge R650 with Intel Xeon Gold 6330",
"Java SE Runtime Environment v17 with Photon OS 5.0 on VMWare ESXi 8.0 running on Dell PowerEdge R650 with Intel Xeon Gold 6330",
"Java SE Runtime Environment v17 with Red Hat Enterprise Linux 9.3 on VMWare ESXi 8.0 running on Dell PowerEdge R650 with Intel Xeon Gold 6330",
"Java SE Runtime Environment v21 with Photon OS 4.0 on VMWare ESXi 8.0 running on Dell PowerEdge R650 with Intel Xeon Gold 6330",
"VMware Photon OS 4.0 with Java SE Runtime Environment v11 on VMware ESXi 8.0 running on Dell PowerEdge R650 with Intel Xeon Gold 6330",
"VMware Photon OS 4.0 with Java SE Runtime Environment v17 on VMware ESXi 8.0 running on Dell PowerEdge R650 with Intel Xeon Gold 6330",
"VMware Photon OS 4.0 with Java SE Runtime Environment v8 on VMware ESXi 8.0 running on Dell PowerEdge R650 with Intel Xeon Gold 6330",
"VMware Photon OS 5.0 with Java SE Runtime Environment v21 on VMware ESXi 8.0 running on Dell PowerEdge R650 with Intel Xeon Gold 6330"
],
"validation_history": [
{
"_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
"date": "2025-03-14",
"lab": "Lightship Security, Inc.",
"validation_type": "Initial"
},
{
"_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
"date": "2025-06-23",
"lab": "Lightship Security, Inc.",
"validation_type": "Update"
}
],
"vendor": "Broadcom Inc.",
"vendor_url": "http://www.broadcom.com"
}
}