This page was not yet optimized for use on mobile devices.
RSA BSAFE® Crypto-J JSAFE and JCE Software Module 6.2.5
This certificate has known related CVEs, which means that the
certified product might be vulnerable.
Certificate #4645
Webpage information ?
Security policy ?
Symmetric Algorithms
AES, RC2, RC5, RC4, DES, Triple-DES, 3DES, TDES, ChaCha20, ChaCha, Poly1305, HMAC, CMACAsymmetric Algorithms
RSA-CRT, ECDH, ECDSA, ECIES, ECC, Diffie-Hellman, DH, DSAHash functions
SHA-1, SHA1, SHA-224, SHA-384, SHA256, SHA-256, SHA-512, SHA224, SHA384, SHA512, SHA-2, SHA-3, SHA3-224, SHA3-384, SHA3-256, SHA3-512, SHAKE128, SHAKE256, MD5, RIPEMD160, scrypt, PBKDF2, PBKDFSchemes
MAC, Key Agreement, AEADProtocols
TLS, TLS 1.0, TLS 1.2Randomness
PRNG, DRBG, RNGElliptic Curves
P-224, P-256, P-384, P-521, B-233, B-283, B-409, B-571, K-233, K-283, K-409, K-571Block cipher modes
ECB, CBC, CTR, CFB, OFB, GCM, CCM, XTSVendor
MicrosoftSecurity level
Level 1, Level 3, Level 2Side-channel analysis
timing attacks, timing attackStandards
FIPS 140-2, FIPS PUB 140-2, FIPS 186-2, FIPS 198-1, FIPS 180-4, FIPS 202, FIPS 186-4, FIPS140-2, FIPS186, SP 800-38F, SP 800-90A, SP 800-56B, SP 800-56A, SP 800-56C, SP 800-108, SP 800-132, SP 800-135, SP 800-133, SP 800-38B, SP 800-38A, SP 800-38C, SP 800-38D, SP 800-38E, SP 800-52, SP 800-89, PKCS #5, PKCS #12, PKCS #1, RFC 5288, RFC 7539, RFC 2988File metadata
Title | Dell BSAFE Crypto-J JSAFE and JCE Software Module 6.2.5 Security Policy Level 1 |
---|---|
Keywords | "BSAFE Crypto-J, RSA BSAFE Crypto-J JSAFE and JCE Software Module, 6.2.5, fips security policy, level 1, operating environments " |
Author | Dell Inc. |
Creation date | D:20100527131853Z |
Modification date | D:20231212155949+11'00' |
Pages | 40 |
Creator | FrameMaker 16.0.5 |
Producer | Adobe PDF Library 16.0.7 |
References
IncomingHeuristics ?
CPE matches
Related CVEs
ID | Links | Severity | CVSS Score | Published on | ||
---|---|---|---|---|---|---|
Base | Exploitability | Impact | ||||
CVE-2016-0887 | MEDIUM | 5.9 | 3.6 | 12.04.2016 23:59 | ||
CVE-2016-8212 | HIGH | 7.5 | 3.6 | 03.02.2017 07:59 | ||
CVE-2016-8217 | LOW | 3.7 | 1.4 | 03.02.2017 07:59 | ||
CVE-2018-11070 | MEDIUM | 5.9 | 3.6 | 11.09.2018 19:29 | ||
CVE-2019-3738 | MEDIUM | 6.5 | 3.6 | 18.09.2019 23:15 | ||
CVE-2019-3739 | MEDIUM | 6.5 | 3.6 | 18.09.2019 23:15 | ||
CVE-2019-3740 | MEDIUM | 6.5 | 3.6 | 18.09.2019 23:15 | ||
CVE-2022-34381 | CRITICAL | 9.8 | 5.9 | 02.02.2024 16:15 |
Showing 5 out of 8.
References ?
Updates ?
-
14.10.2024 The certificate data changed.
Certificate changed
The computed heuristics were updated.
- The related_cves property was updated, with the
{'_type': 'Set', 'elements': ['CVE-2019-3740', 'CVE-2022-34381', 'CVE-2019-3738', 'CVE-2019-3739', 'CVE-2018-11070']}
values added.
- The related_cves property was updated, with the
-
01.10.2024 The certificate data changed.
Certificate changed
The computed heuristics were updated.
- The related_cves property was updated, with the
{'_type': 'Set', 'elements': ['CVE-2019-3738', 'CVE-2019-3740', 'CVE-2019-3739', 'CVE-2018-11070']}
values discarded.
- The related_cves property was updated, with the
-
02.01.2024 The certificate data changed.
Certificate changed
The web extraction data was updated.
- The validation_history property was updated, with the
[[1, {'_type': 'sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry', 'date': '2023-12-21', 'validation_type': 'Update', 'lab': 'GOSSAMER SECURITY SOLUTIONS INC'}]]
values inserted. - The vendor property was set to
Dell Australia Pty Limited, BSAFE Product Team
.
The PDF extraction data was updated.
- The policy_metadata property was updated, with the
{'pdf_file_size_bytes': 361949, '/Keywords': '"BSAFE Crypto-J, RSA BSAFE Crypto-J JSAFE and JCE Software Module, 6.2.5, fips security policy, level 1, operating environments "', '/ModDate': "D:20231212155949+11'00'", '/Title': 'Dell BSAFE Crypto-J JSAFE and JCE Software Module 6.2.5 Security Policy Level 1'}
data.
The state was updated.
- The policy_pdf_hash property was set to
75b90aaf34499e0309841b43610e35e37d310730ed2504ff91279aef45194baf
. - The policy_txt_hash property was set to
5d71d6106a34259b13cff7e9726f4e9a64a86ca57f6421048ffcb167c6283870
.
- The validation_history property was updated, with the
-
06.11.2023 The certificate data changed.
Certificate changed
The web extraction data was updated.
- The certificate_pdf_url property was set to
https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/October 2023_011123_0711.pdf
.
- The certificate_pdf_url property was set to
-
01.11.2023 The certificate was first processed.
New certificate
A new FIPS 140 certificate with the product name was processed.
Raw data
{
"_type": "sec_certs.sample.fips.FIPSCertificate",
"cert_id": 4645,
"dgst": "e25a5ef7ae33ee0e",
"heuristics": {
"_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
"algorithms": {
"_type": "Set",
"elements": [
"ECDSA#C662",
"DRBG#C662",
"DSA#C662",
"KTS#C662",
"HMAC#C662",
"RSA#C662",
"AES#C662",
"SHS#C662",
"CVL#C662",
"SHA-3#C662",
"KBKDF#C662"
]
},
"cpe_matches": {
"_type": "Set",
"elements": [
"cpe:2.3:a:dell:bsafe_crypto-j:6.2.5:*:*:*:*:*:*:*",
"cpe:2.3:a:dell:bsafe_crypto-j:6.2.5.1:*:*:*:*:*:*:*",
"cpe:2.3:a:dell:bsafe_crypto-j:6.2:*:*:*:*:*:*:*"
]
},
"direct_transitive_cves": null,
"extracted_versions": {
"_type": "Set",
"elements": [
"6.2.5"
]
},
"indirect_transitive_cves": null,
"module_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"module_prunned_references": {
"_type": "Set",
"elements": []
},
"policy_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": {
"_type": "Set",
"elements": [
"2472",
"2471",
"2484"
]
},
"directly_referencing": null,
"indirectly_referenced_by": {
"_type": "Set",
"elements": [
"2472",
"2484",
"2471",
"3099",
"2549"
]
},
"indirectly_referencing": null
},
"policy_prunned_references": {
"_type": "Set",
"elements": []
},
"related_cves": {
"_type": "Set",
"elements": [
"CVE-2016-8212",
"CVE-2016-0887",
"CVE-2019-3739",
"CVE-2016-8217",
"CVE-2022-34381",
"CVE-2018-11070",
"CVE-2019-3738",
"CVE-2019-3740"
]
},
"verified_cpe_matches": null
},
"pdf_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
"keywords": {
"asymmetric_crypto": {
"ECC": {
"ECC": {
"ECC": 3
},
"ECDH": {
"ECDH": 7
},
"ECDSA": {
"ECDSA": 17
},
"ECIES": {
"ECIES": 3
}
},
"FF": {
"DH": {
"DH": 7,
"Diffie-Hellman": 15
},
"DSA": {
"DSA": 26
}
},
"RSA": {
"RSA-CRT": 1
}
},
"certification_process": {},
"cipher_mode": {
"CBC": {
"CBC": 6
},
"CCM": {
"CCM": 2
},
"CFB": {
"CFB": 5
},
"CTR": {
"CTR": 14
},
"ECB": {
"ECB": 5
},
"GCM": {
"GCM": 4
},
"OFB": {
"OFB": 5
},
"XTS": {
"XTS": 3
}
},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {},
"crypto_protocol": {
"TLS": {
"TLS": {
"TLS": 18,
"TLS 1.0": 3,
"TLS 1.2": 1
}
}
},
"crypto_scheme": {
"AEAD": {
"AEAD": 3
},
"KA": {
"Key Agreement": 3
},
"MAC": {
"MAC": 10
}
},
"device_model": {},
"ecc_curve": {
"NIST": {
"B-233": 1,
"B-283": 1,
"B-409": 1,
"B-571": 1,
"K-233": 1,
"K-283": 1,
"K-409": 1,
"K-571": 1,
"P-224": 2,
"P-256": 2,
"P-384": 2,
"P-521": 2
}
},
"eval_facility": {},
"fips_cert_id": {
"Cert": {
"#1": 4,
"#12": 3,
"#5": 3
}
},
"fips_certlike": {
"Certlike": {
"Certificate 24 RSA": 1,
"DSA (2048": 1,
"HMAC SHA256": 1,
"HMAC-SHA1": 2,
"HMAC3": 2,
"PKCS #1": 8,
"PKCS #12": 6,
"PKCS #5": 6,
"SHA-1": 11,
"SHA-14": 1,
"SHA-2": 5,
"SHA-224": 6,
"SHA-256": 11,
"SHA-3": 4,
"SHA-384": 9,
"SHA-512": 11,
"SHA1": 1,
"SHA224": 1,
"SHA256": 3,
"SHA3-224": 3,
"SHA3-256": 2,
"SHA3-384": 3,
"SHA3-512": 3,
"SHA384": 2,
"SHA512": 2
}
},
"fips_security_level": {
"Level": {
"Level 1": 11,
"Level 2": 1,
"Level 3": 1
}
},
"hash_function": {
"MD": {
"MD5": {
"MD5": 5
}
},
"PBKDF": {
"PBKDF": 5,
"PBKDF2": 7
},
"RIPEMD": {
"RIPEMD160": 2
},
"SHA": {
"SHA1": {
"SHA-1": 11,
"SHA1": 1
},
"SHA2": {
"SHA-2": 5,
"SHA-224": 7,
"SHA-256": 10,
"SHA-384": 10,
"SHA-512": 10,
"SHA224": 1,
"SHA256": 3,
"SHA384": 2,
"SHA512": 2
},
"SHA3": {
"SHA-3": 4,
"SHA3-224": 3,
"SHA3-256": 2,
"SHA3-384": 3,
"SHA3-512": 3
}
},
"SHAKE": {
"SHAKE128": 2,
"SHAKE256": 2
},
"scrypt": {
"scrypt": 2
}
},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {
"com": {
"com.rsa.crypto": 4,
"com.rsa.crypto.jcm": 1,
"com.rsa.cryptoj.jcm": 2
},
"java": {
"java.util.concurrent": 1
}
},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {
"PRNG": {
"DRBG": 52,
"PRNG": 4
},
"RNG": {
"RNG": 3
}
},
"side_channel_analysis": {
"SCA": {
"timing attack": 1,
"timing attacks": 2
}
},
"standard_id": {
"FIPS": {
"FIPS 140-2": 76,
"FIPS 180-4": 2,
"FIPS 186-2": 4,
"FIPS 186-4": 11,
"FIPS 198-1": 3,
"FIPS 202": 1,
"FIPS PUB 140-2": 1,
"FIPS140-2": 1,
"FIPS186": 1
},
"NIST": {
"SP 800-108": 1,
"SP 800-132": 6,
"SP 800-133": 1,
"SP 800-135": 4,
"SP 800-38A": 1,
"SP 800-38B": 1,
"SP 800-38C": 1,
"SP 800-38D": 1,
"SP 800-38E": 1,
"SP 800-38F": 3,
"SP 800-52": 1,
"SP 800-56A": 2,
"SP 800-56B": 1,
"SP 800-56C": 3,
"SP 800-89": 2,
"SP 800-90A": 2
},
"PKCS": {
"PKCS #1": 4,
"PKCS #12": 3,
"PKCS #5": 3
},
"RFC": {
"RFC 2988": 2,
"RFC 5288": 2,
"RFC 7539": 3
}
},
"symmetric_crypto": {
"AES_competition": {
"AES": {
"AES": 27
},
"RC": {
"RC2": 3,
"RC4": 2,
"RC5": 4
}
},
"DES": {
"3DES": {
"3DES": 1,
"TDES": 1,
"Triple-DES": 10
},
"DES": {
"DES": 7
}
},
"constructions": {
"MAC": {
"CMAC": 8,
"HMAC": 26
}
},
"djb": {
"ChaCha": {
"ChaCha": 1,
"ChaCha20": 5
},
"Poly": {
"Poly1305": 5
}
}
},
"tee_name": {},
"tls_cipher_suite": {},
"vendor": {
"Microsoft": {
"Microsoft": 1
}
},
"vulnerability": {}
},
"policy_metadata": {
"/Author": "Dell Inc.",
"/CreationDate": "D:20100527131853Z",
"/Creator": "FrameMaker 16.0.5",
"/CreatorTool": "FrameMaker 16.0.5",
"/Keywords": "\"BSAFE Crypto-J, RSA BSAFE Crypto-J JSAFE and JCE Software Module, 6.2.5, fips security policy, level 1, operating environments \"",
"/ModDate": "D:20231212155949+11\u002700\u0027",
"/Producer": "Adobe PDF Library 16.0.7",
"/Title": "Dell BSAFE Crypto-J JSAFE and JCE Software Module 6.2.5 Security Policy Level 1",
"/Trapped": "/False",
"pdf_file_size_bytes": 361949,
"pdf_hyperlinks": {
"_type": "Set",
"elements": [
"https://eprint.iacr.org/2011/388",
"http://csrc.nist.gov/index.html",
"https://csrc.nist.gov/publications/nistpubs/800-89/SP-800-89_November2006.pdf",
"https://tools.ietf.org/html/rfc7539",
"https://www.dell.com/support",
"http://csrc.nist.gov/groups/STM/cmvp/documents/fips140-2/FIPS1402IG.pdf",
"http://csrc.nist.gov/publications/nistpubs/800-132/nist-sp800-132.pdf",
"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-56Cr1.pdf"
]
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 40
}
},
"state": {
"_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
"module_download_ok": true,
"module_extract_ok": true,
"policy_convert_garbage": false,
"policy_convert_ok": true,
"policy_download_ok": true,
"policy_extract_ok": true,
"policy_pdf_hash": "75b90aaf34499e0309841b43610e35e37d310730ed2504ff91279aef45194baf",
"policy_txt_hash": "5d71d6106a34259b13cff7e9726f4e9a64a86ca57f6421048ffcb167c6283870"
},
"web_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
"caveat": "When operated in FIPS mode. No assurance of the minimum strength of generated keys.",
"certificate_pdf_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/October 2023_011123_0711.pdf",
"date_sunset": "2026-02-16",
"description": "RSA BSAFE Crypto-J security software is designed to help protect sensitive data as it is stored using strong encryption techniques to provide a persistent level of protection. It supports a wide range of industry standard encryption algorithms offering Java developers the flexibility to choose the option most appropriate to meet their requirements.",
"embodiment": "Multi-Chip Stand Alone",
"exceptions": [
"Physical Security: N/A",
"Design Assurance: Level 3"
],
"fw_versions": null,
"historical_reason": null,
"hw_versions": null,
"level": 1,
"mentioned_certs": {},
"module_name": "RSA BSAFE\u00ae Crypto-J JSAFE and JCE Software Module 6.2.5",
"module_type": "Software",
"revoked_link": null,
"revoked_reason": null,
"standard": "FIPS 140-2",
"status": "active",
"sw_versions": "6.2.5",
"tested_conf": [
"OpenJDK 8.0 on CentOS 7.6 (64-bit) running on Dell(TM) PowerEdge(TM) R710 with an Intel Xeon(R) E5 processor (single-user mode)",
"Oracle(R) JRE 8.0 on Microsoft(R) Windows(R) Server 2016 (64-bit) running on Dell(TM) PowerEdge(TM) T130 with an Intel(R) Xeon(TM) E3 processor"
],
"validation_history": [
{
"_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
"date": "2023-10-25",
"lab": "GOSSAMER SECURITY SOLUTIONS INC",
"validation_type": "Initial"
},
{
"_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
"date": "2023-12-21",
"lab": "GOSSAMER SECURITY SOLUTIONS INC",
"validation_type": "Update"
}
],
"vendor": "Dell Australia Pty Limited, BSAFE Product Team",
"vendor_url": "http://www.dell.com"
}
}