Module Name
Security Builder FIPS Java Module
Validation Dates
10/24/2016;10/08/2019;11/02/2020
Caveat
When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy
Security Level Exceptions
Embodiment
Multi-Chip Stand Alone
Description
The Security Builder FIPS Java Module is a standards-based cryptographic toolkit written in Java. It supports optimized Elliptic Curve Cryptography and provides application developers with sophisticated tools to flexibly integrate encryption, digital signatures and other security mechanisms into Java-based applications. The Security Builder FIPS Java Module is intended for use by developers who want government level security and can also be used in conjunction with other Certicom developer toolkits including Security Builder PKI and Security Builder SSL.
Tested Configuration(s)
- CentOS 7.0 with Java JRE 1.8.0 running on a Dell PowerEdge 2950 [2] (single-user mode)
- Red Hat Linux AS 5.5 32-bit [1]
- Red Hat Linux AS 5.5 64-bit [1]
- Solaris 10 64-bit [1]
- Sun Java Runtime Environments (JRE) 1.5.0 and 1.6.0 running on Solaris 10 32-bit [1]
- Windows 2008 Server 64-bit [1]
- Windows Vista 32-bit [1]
- Windows Vista 64-bit [1]
FIPS Algorithms
| AES |
Certs. #1411, #3465 and #3988 |
| DRBG |
Certs. #52, #852 and #1180 |
| DSA |
Certs. #455, #978 and #1084 |
| ECDSA |
Certs. #179, #702 and #884 |
| HMAC |
Certs. #832, #2210 and #2603 |
| KAS |
Certs. #8, #61, #62 and #83 |
| KAS |
SP 800-56B, vendor affirmed |
| RSA |
Certs. #687, #1776 and #2046 |
| SHS |
Certs. #1281, #2860 and #3292 |
| Triple-DES |
Certs. #964, #1954 and #2188 |
Other Algorithms
NDRNG; RSA (key wrapping; key establishment methodology provides between 112 and 256 bits of encryption strength; non-compliant less than 112 bits of encryption strength); ARC2; ARC4; DES; DESX; Diffie-Hellman (non-compliant); EC Diffie-Hellman (non-compliant); ECIES; ECMQV (non-compliant); ECQV; HMAC-MD5; MD2; MD5; RIPEMD; RNG
Software Versions
2.8, 2.8.7, 2.8.8 and 2.9
) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)
