This page was not yet optimized for use on mobile
devices.
BC-FJA (Bouncy Castle FIPS Java API)
Certificate #4943
Webpage information
Security policy
Symmetric Algorithms
AES, AES-128, AES-192, AES-, Twofish, Serpent, CAST5, CAST, RC4, RC2, DES, Triple-DES, TDEA, TDES, ChaCha20, Poly1305, IDEA, Blowfish, Camellia, SEED, HMAC, HMAC-SHA-256, KMAC, CMAC, CBC-MACAsymmetric Algorithms
RSA-OAEP, ECDSA, EdDSA, ECC, Diffie-Hellman, DH, DSAPost-quantum Algorithms
LMSHash functions
SHA-1, SHA-224, SHA-256, SHA-512, SHA-384, SHA2, SHA3-224, SHA3-256, SHA3-384, SHA3-512, SHA-3, SHA3, SHAKE128, SHAKE256, MD5, RIPEMD128, RIPEMD160, RIPEMD320, RIPEMD256, RIPEMD, scrypt, PBKDF, PBKDF2Schemes
MAC, Key Agreement, AEADProtocols
SSH, SSHv2, TLS, TLS 1.2, TLSv1.2, TLS 1.3, IKEv2, PGPRandomness
PRNG, DRBG, RNG, RBGLibraries
OpenSSL, BouncyCastleElliptic Curves
P-224, P-256, P-384, P-521, K-233, K-409, K-571, B-233, B-283, B-571, K-283, B-409, Ed25519, Ed448Block cipher modes
ECB, CBC, CTR, CFB, OFB, GCM, CCMJavaCard API constants
X25519, X448Trusted Execution Environments
SEVendor
MicrosoftSecurity level
Level 1Side-channel analysis
timing attacks, timing attackStandards
FIPS 140-3, FIPS 197, FIPS 186-5, FIPS 198-1, FIPS 186-2, FIPS 180-4, FIPS 202, FIPS 186-3, FIPS PUB 140-3, SP 800-38A, SP 800-38C, SP 800-38B, SP 800-38D, SP 800-56C, SP 800-132, SP 800-108, SP 800-38F, SP 800-208, SP 800-185, SP 800-133, NIST SP 800-107, SP 800-90A, SP 800-90B, NIST SP 800-90C, SP 800-38G, SP 800-56A, SP 800-56B, SP 800-67, SP 800-89, SP 800-135, PKCS #1, PKCS1, PKCS#12, PKCS#5, PKCS#1, RFC 8708, RFC 7914, ISO/IEC 24759File metadata
| Creation date | D:20250718120651+10'00' |
|---|---|
| Pages | 58 |
| Creator | Writer |
| Producer | LibreOffice 7.3 |
Heuristics
No heuristics are available for this certificate.
References
No references are available for this certificate.
Updates Feed
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate was first processed.
Raw data
{
"_type": "sec_certs.sample.fips.FIPSCertificate",
"cert_id": 4943,
"dgst": "603153b43d01f9f0",
"heuristics": {
"_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
"algorithms": {
"_type": "Set",
"elements": [
"AES-CMACA4270",
"SHA2-512/256A4270",
"HMAC-SHA2-384A4270",
"DSA SigVer (FIPS186-4)A4270",
"AES-CFB8A4270",
"HMAC-SHA2-512A4270",
"DSA PQGVer (FIPS186-4)A4270",
"ECDSA SigGen (FIPS186-4)A4270",
"KDA HKDF SP800-56Cr2A4270",
"AES-KWPA4270",
"KTS-IFCA4270",
"Safe Primes Key VerificationA4270",
"SHA3-512A4270",
"SHA2-512A4270",
"cSHAKE-256A4270",
"AES-CBC-CS2A4270",
"AES-CBCA4270",
"KDA OneStep SP800-56Cr2A4270",
"SHA2-512/224A4270",
"KDF TLSA4270",
"LMS SigVerA4270",
"KDF SSHA4270",
"AES-CFB128A4270",
"Safe Primes Key GenerationA4270",
"EDDSA SigGenA4270",
"KMAC-256A4270",
"AES-GCMA4270",
"TLS v1.2 KDF RFC7627A4270",
"AES-CCMA4270",
"AES-ECBA4270",
"HMAC-SHA-1A4270",
"Hash DRBGA4270",
"ParallelHash-256A4270",
"KDF SP800-108A4270",
"ECDSA SigVer (FIPS186-4)A4270",
"HMAC-SHA2-512/256A4270",
"KMAC-128A4270",
"ECDSA KeyVer (FIPS186-4)A4270",
"DSA KeyGen (FIPS186-4)A4270",
"SHA3-224A4270",
"Counter DRBGA4270",
"KAS-FFC Sp800-56Ar3A4270",
"KDF ANS 9.63A4270",
"KDF SRTPA4270",
"SHA2-256A4270",
"AES-KWA4270",
"AES-CBC-CS3A4270",
"HMAC-SHA3-224A4270",
"AES-GMACA4270",
"PBKDFA4270",
"AES-CTRA4270",
"SHAKE-256A4270",
"KDF IKEv2A4270",
"SHA-1A4270",
"cSHAKE-128A4270",
"SHA3-384A4270",
"RSA SigVer (FIPS186-5)A4270",
"RSA SigGen (FIPS186-5)A4270",
"KAS-IFCA4270",
"SHAKE-128A4270",
"ECDSA KeyGen (FIPS186-4)A4270",
"AES-CBC-CS1A4270",
"SHA2-384A4270",
"TupleHash-128A4270",
"EDDSA KeyGenA4270",
"HMAC-SHA2-256A4270",
"HMAC-SHA3-256A4270",
"DSA SigGen (FIPS186-4)A4270",
"TupleHash-256A4270",
"KAS-ECC Sp800-56Ar3A4270",
"RSA KeyGen (FIPS186-5)A4270",
"ParallelHash-128A4270",
"KDA TwoStep SP800-56Cr2A4270",
"EDDSA SigVerA4270",
"HMAC-SHA3-384A4270",
"SHA2-224A4270",
"EDDSA KeyVerA4270",
"AES-FF1A4270",
"DSA PQGGen (FIPS186-4)A4270",
"HMAC DRBGA4270",
"AES-OFBA4270",
"HMAC-SHA3-512A4270",
"HMAC-SHA2-512/224A4270",
"HMAC-SHA2-224A4270",
"SHA3-256A4270"
]
},
"cpe_matches": null,
"direct_transitive_cves": null,
"extracted_versions": {
"_type": "Set",
"elements": [
"-"
]
},
"indirect_transitive_cves": null,
"module_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"module_prunned_references": {
"_type": "Set",
"elements": []
},
"policy_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"policy_prunned_references": {
"_type": "Set",
"elements": []
},
"related_cves": null,
"verified_cpe_matches": null
},
"pdf_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
"keywords": {
"asymmetric_crypto": {
"ECC": {
"ECC": {
"ECC": 2
},
"ECDSA": {
"ECDSA": 22
},
"EdDSA": {
"EdDSA": 28
}
},
"FF": {
"DH": {
"DH": 11,
"Diffie-Hellman": 7
},
"DSA": {
"DSA": 30
}
},
"RSA": {
"RSA-OAEP": 1
}
},
"certification_process": {},
"cipher_mode": {
"CBC": {
"CBC": 7
},
"CCM": {
"CCM": 5
},
"CFB": {
"CFB": 1
},
"CTR": {
"CTR": 10
},
"ECB": {
"ECB": 4
},
"GCM": {
"GCM": 18
},
"OFB": {
"OFB": 4
}
},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {
"BouncyCastle": {
"BouncyCastle": 2
},
"OpenSSL": {
"OpenSSL": 2
}
},
"crypto_protocol": {
"IKE": {
"IKEv2": 11
},
"PGP": {
"PGP": 1
},
"SSH": {
"SSH": 10,
"SSHv2": 1
},
"TLS": {
"TLS": {
"TLS": 26,
"TLS 1.2": 3,
"TLS 1.3": 1,
"TLSv1.2": 2
}
}
},
"crypto_scheme": {
"AEAD": {
"AEAD": 1
},
"KA": {
"Key Agreement": 9
},
"MAC": {
"MAC": 9
}
},
"device_model": {},
"ecc_curve": {
"Edwards": {
"Ed25519": 7,
"Ed448": 7
},
"NIST": {
"B-233": 3,
"B-283": 1,
"B-409": 1,
"B-571": 2,
"K-233": 2,
"K-283": 1,
"K-409": 2,
"K-571": 2,
"P-224": 4,
"P-256": 10,
"P-384": 2,
"P-521": 2
}
},
"eval_facility": {},
"fips_cert_id": {
"Cert": {
"#1": 3
}
},
"fips_certlike": {
"Certlike": {
"AES- 256": 1,
"AES-128": 1,
"AES-192": 1,
"AES-CTR 256": 1,
"AES-GCM Decrypt KAT (128": 1,
"AES-GCM Encrypt KAT (128": 1,
"DRBG18": 1,
"DRBG9": 1,
"DSA2": 1,
"HMAC 10": 2,
"HMAC SHA- 1": 1,
"HMAC SHA- 384": 2,
"HMAC SHA- 512": 1,
"HMAC SHA- 512/224": 1,
"HMAC SHA- 512/256": 1,
"HMAC SHA-1": 2,
"HMAC SHA-224": 3,
"HMAC SHA-256": 4,
"HMAC SHA-384": 1,
"HMAC SHA-512": 2,
"HMAC SHA-512/224": 2,
"HMAC SHA-512/256": 2,
"HMAC-SHA-256": 4,
"PKCS #1": 6,
"PKCS#1": 6,
"PKCS#12": 6,
"PKCS#5": 6,
"PKCS1": 6,
"SHA- 1": 1,
"SHA- 224": 2,
"SHA- 384": 2,
"SHA- 512": 1,
"SHA-1": 15,
"SHA-224": 6,
"SHA-256": 9,
"SHA-3": 7,
"SHA-384": 6,
"SHA-512": 7,
"SHA2": 2,
"SHA2- 224": 5,
"SHA2- 384": 5,
"SHA2-256": 11,
"SHA2-384": 2,
"SHA2-512": 8,
"SHA3": 1,
"SHA3- 224": 1,
"SHA3-224": 6,
"SHA3-256": 7,
"SHA3-384": 7,
"SHA3-512": 7
}
},
"fips_security_level": {
"Level": {
"Level 1": 5
}
},
"hash_function": {
"MD": {
"MD5": {
"MD5": 6
}
},
"PBKDF": {
"PBKDF": 22,
"PBKDF2": 2
},
"RIPEMD": {
"RIPEMD": 1,
"RIPEMD128": 2,
"RIPEMD160": 2,
"RIPEMD256": 1,
"RIPEMD320": 2
},
"SHA": {
"SHA1": {
"SHA-1": 15
},
"SHA2": {
"SHA-224": 6,
"SHA-256": 9,
"SHA-384": 6,
"SHA-512": 7,
"SHA2": 2
},
"SHA3": {
"SHA-3": 7,
"SHA3": 1,
"SHA3-224": 6,
"SHA3-256": 7,
"SHA3-384": 7,
"SHA3-512": 7
}
},
"SHAKE": {
"SHAKE128": 1,
"SHAKE256": 2
},
"scrypt": {
"scrypt": 1
}
},
"ic_data_group": {},
"javacard_api_const": {
"curves": {
"X25519": 2,
"X448": 2
}
},
"javacard_packages": {
"java": {
"java.security": 2
},
"org": {
"org.bouncycastle.crypto": 1,
"org.bouncycastle.entropy": 1,
"org.bouncycastle.fips": 2,
"org.bouncycastle.util": 1
}
},
"javacard_version": {},
"os_name": {},
"pq_crypto": {
"LMS": {
"LMS": 9
}
},
"randomness": {
"PRNG": {
"DRBG": 56,
"PRNG": 2
},
"RNG": {
"RBG": 2,
"RNG": 2
}
},
"side_channel_analysis": {
"SCA": {
"timing attack": 1,
"timing attacks": 1
}
},
"standard_id": {
"FIPS": {
"FIPS 140-3": 15,
"FIPS 180-4": 2,
"FIPS 186-2": 1,
"FIPS 186-3": 1,
"FIPS 186-5": 7,
"FIPS 197": 2,
"FIPS 198-1": 2,
"FIPS 202": 2,
"FIPS PUB 140-3": 1
},
"ISO": {
"ISO/IEC 24759": 2
},
"NIST": {
"NIST SP 800-107": 1,
"NIST SP 800-90C": 1,
"SP 800-108": 2,
"SP 800-132": 3,
"SP 800-133": 2,
"SP 800-135": 1,
"SP 800-185": 1,
"SP 800-208": 1,
"SP 800-38A": 2,
"SP 800-38B": 2,
"SP 800-38C": 2,
"SP 800-38D": 3,
"SP 800-38F": 2,
"SP 800-38G": 1,
"SP 800-56A": 1,
"SP 800-56B": 1,
"SP 800-56C": 3,
"SP 800-67": 1,
"SP 800-89": 1,
"SP 800-90A": 2,
"SP 800-90B": 2
},
"PKCS": {
"PKCS #1": 3,
"PKCS#1": 3,
"PKCS#12": 3,
"PKCS#5": 3,
"PKCS1": 3
},
"RFC": {
"RFC 7914": 1,
"RFC 8708": 1
}
},
"symmetric_crypto": {
"AES_competition": {
"AES": {
"AES": 40,
"AES-": 5,
"AES-128": 1,
"AES-192": 1
},
"CAST": {
"CAST": 3,
"CAST5": 1
},
"RC": {
"RC2": 1,
"RC4": 1
},
"Serpent": {
"Serpent": 1
},
"Twofish": {
"Twofish": 1
}
},
"DES": {
"3DES": {
"TDEA": 7,
"TDES": 1,
"Triple-DES": 7
},
"DES": {
"DES": 4
}
},
"constructions": {
"MAC": {
"CBC-MAC": 1,
"CMAC": 8,
"HMAC": 66,
"HMAC-SHA-256": 2,
"KMAC": 10
}
},
"djb": {
"ChaCha": {
"ChaCha20": 2
},
"Poly": {
"Poly1305": 2
}
},
"miscellaneous": {
"Blowfish": {
"Blowfish": 1
},
"Camellia": {
"Camellia": 1
},
"IDEA": {
"IDEA": 1
},
"SEED": {
"SEED": 1
}
}
},
"tee_name": {
"IBM": {
"SE": 95
}
},
"tls_cipher_suite": {},
"vendor": {
"Microsoft": {
"Microsoft": 12
}
},
"vulnerability": {}
},
"policy_metadata": {
"/CreationDate": "D:20250718120651+10\u002700\u0027",
"/Creator": "Writer",
"/Producer": "LibreOffice 7.3",
"pdf_file_size_bytes": 821378,
"pdf_hyperlinks": {
"_type": "Set",
"elements": [
"https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?product=16824",
"https://downloads.bouncycastle.org/fips-java/docs/BC-FJA-UserGuide-2.1.1.pdf",
"mailto:[email protected]",
"https://nvd.nist.gov/",
"https://www.bouncycastle.org/"
]
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 58
}
},
"state": {
"_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
"module_download_ok": true,
"module_extract_ok": true,
"policy_convert_ok": true,
"policy_download_ok": true,
"policy_extract_ok": true,
"policy_json_hash": null,
"policy_pdf_hash": "a426bb4996566d166085d0b833e43e01a67cd0ff33e6e3fd53d8700350cfb379",
"policy_txt_hash": "67aefd93b168fe5f270135760f1a4f25a6cf326816eea564fecf5a8bb0e28917"
},
"web_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
"caveat": "Interim Validation. When operated in approved mode. The module generates SSPs (e.g., keys) whose strengths are modified by available entropy",
"certificate_pdf_url": null,
"date_sunset": "2027-01-16",
"description": "The Bouncy Castle FIPS Java API is a comprehensive suite of FIPS Approved algorithms implemented in pure Java. All key sizes and modes have been implemented to allow flexibility and efficiency, and additional algorithms are available in non-approved operation as well.",
"embodiment": "Multi-Chip Stand Alone",
"exceptions": [
"Physical security: N/A",
"Non-invasive security: N/A"
],
"fw_versions": null,
"historical_reason": null,
"hw_versions": null,
"level": 1,
"mentioned_certs": {},
"module_name": "BC-FJA (Bouncy Castle FIPS Java API)",
"module_type": "Software",
"revoked_link": null,
"revoked_reason": null,
"standard": "FIPS 140-3",
"status": "active",
"sw_versions": "2.1.1",
"tested_conf": [
"Java SE Runtime Environment v8 (1.8) on Ubuntu 22.04 LTS running on an Intel NUC 11 Pro with an 11th Gen Intel Core i7 with PAA, Java SE Runtime Environment v8 (1.8) on Ubuntu 22.04 LTS running on an Intel NUC 11 Pro with an 11th Gen Intel Core i7 without PAA, Java SE Runtime Environment v11 (11) on Ubuntu 22.04 LTS running on an Intel NUC 11 Pro with an 11th Gen Intel Core i7 with PAA, Java SE Runtime Environment v11 (11) on Ubuntu 22.04 LTS running on an Intel NUC 11 Pro with an 11th Gen Intel Core i7 without PAA, Java SE Runtime Environment v17 (17) on Ubuntu 22.04 LTS running on an Intel NUC 11 Pro with an 11th Gen Intel Core i7 with PAA, Java SE Runtime Environment v17 (17) on Ubuntu 22.04 LTS running on an Intel NUC 11 Pro with an 11th Gen Intel Core i7 without PAA, Java SE Runtime Environment v21 (21) on Ubuntu 22.04 LTS running on an Intel NUC 11 Pro with an 11th Gen Intel Core i7 with PAA, Java SE Runtime Environment v21 (21) on Ubuntu 22.04 LTS running on an Intel NUC 11 Pro with an 11th Gen Intel Core i7 with PAA"
],
"validation_history": [
{
"_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
"date": "2025-01-17",
"lab": "Lightship Security, Inc.",
"validation_type": "Initial"
},
{
"_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
"date": "2025-11-14",
"lab": "Lightship Security, Inc.",
"validation_type": "Update"
}
],
"vendor": "Legion of the Bouncy Castle Inc.",
"vendor_url": "http://www.bouncycastle.org"
}
}