Crypto-J Cryptographic Toolkit
15
RSA BSAFE Crypto-J 4.1 Security Policy
2.6 Cryptographic Algorithms
Crypto-J meets FIPS 140-2 requirements by implementing algorithm enforcement,
such that when operating in FIPS140_MODE, only FIPS 140-approved algorithms are
available for use.
The following table lists the FIPS 140-approved algorithms provided by Crypto-J,
when operating in FIPS140_MODE.
Table 4
Crypto-J FIPS-approved Algorithms
Algorithm
Validation Certificate
AES ECB, CBC, CFB (128), OFB (128),
CTR - [128, 192, 256 bit key sizes]
CCM, GCM
Certificate #1109
Triple-DES ECB, CBC, CFB (64bit) and OFB
(64 bit)
Certificate #806
Diffie-Hellman
Non-Approved (Allowed in FIPS mode)
DSA
Certificate #357
Dual EC DRBG (SP800-90)
Certificate #15
EC-Diffie-Hellman,
EC-Diffie-Hellman with Cofactor
Non-Approved (Allowed in FIPS mode)
EC-DSA, EC-DSA-SHA1
Certificate #130
FIPS 186-2 PRNG
(Change Notice 1-with and without the
mod q step)
Certificate #616
HMAC DRBG (SP800-90)
Certificate #15
HMAC-SHA1, SHA224, SHA256, SHA384,
SHA512
Certificate #621
RSA encrypt/decrypt
Non-Approved
(Allowed in FIPS mode for key transport)
RSA X9.31, PKCS #1 V.1.5, PKC S#1 V.2.1
(SHA256 - PSS)
Certificate #522
SHA-1
Certificate #1032
SHA-224, 256, 384, 512
Certificate #1032