Module Name
RSA BSAFEĀ® Crypto-J JSAFE and JCE Software Module
Validation Dates
08/08/2019;03/02/2020
Caveat
When operated in FIPS Mode. No assurance of the minimum strength of generated keys
Security Level Exceptions
- Roles, Services, and Authentication: Level 2
- Physical Security: N/A
- Design Assurance: Level 3
Embodiment
Multi-Chip Stand Alone
Description
RSA BSAFE Crypto-J security software is designed to help protect sensitive data as it is stored using strong encryption techniques to provide a persistent level of protection. It supports a wide range of industry standard encryption algorithms offering Java developers the flexibility to choose the option most appropriate to meet their requirements.
Tested Configuration(s)
- Google Dalvik(tm) JRE 6.0 on Google(tm) Android(tm) 4.1.2 ARMv7 (32-bit) running on Google Nexus 7(tm) (Wi-Fi, 2012) [1][2]
- OpenJDK 8.0 on CentOS 6.7 (64-bit) running on a Dell(TM) PowerEdge(TM) [1][2]
- Oracle JRE 7 on Oracle Linux 5.6 (x86-64) running on a Dell XPS 8700 with an Intel Core i7 [3]
- Oracle JRE 8 on Oracle Linux 6.10 for Oracle Key Vault 18.1 (x86-64) running on a Dell OptiPlex 7040M with an Intel Core i5 [3]
- Oracle JRE 8 on Oracle Linux 6.9 (x86-64) running on a Dell OptiPlex 5060 SFF with an Intel Core i7 [3]
- Oracle JRE 8 on Oracle Linux 7.3 (x86-64) running on a Dell OptiPlex 5060 SFF with an Intel Core i7 [3]
- Oracle JRE 8 on Oracle Linux 7.6 (x86-64) running on a Dell Latitude 5590 with an Intel Core i7 [3] (single-user mode)
- Oracle(R) JRE 8.0 on Microsoft(R) Windows 8.1 (64-bit) running on an HP ENVY 15 [1][2]
FIPS Algorithms
AES |
Certs. #3263 and #C805 |
CVL |
Certs. #471, #1024 and #C805 |
DRBG |
Certs. #722 and #C805 |
DSA |
Certs. #932 and #C805 |
ECDSA |
Certs. #619 and #C805 |
HMAC |
Certs. #2062 and #C805 |
KTS |
AES Certs. #3263 and #C805; key establishment methodology provides between 128 and 256 bits of encryption strength |
PBKDF |
vendor affirmed |
RSA |
Certs. #1663 and #C805 |
SHS |
Certs. #2701 and #C805 |
Triple-DES |
Certs. #1852 and #C805 |
Allowed Algorithms
MD5; RSA (key wrapping; key establishment methodology provides 112 or 128 bits of encryption strength)
Software Versions
6.2 [1], 6.2.1.1 [2] and 6.2.1.2 [3]