VMware, Inc. 3401 Hillview Ave Palo Alto, CA 94304, USA Tel: 877-486-9273 Email: [email protected] http://www. vmware.com VMware's BC-FJA (Bouncy Castle FIPS Java API) Software Version: 1.0.2.1 FIPS 140-2 Non-Proprietary Security Policy FIPS Security Level: 1 Document Version: 0.1 Security Policy, Version 0.1 VMware's BC-FJA (Bouncy Castle FIPS Java API) TABLE OF CONTENTS 1 INTRODUCTION ......................................................................................................................................... 4 1.1 Purpose......................................................................................................................................................... 4 1.2 Reference ..................................................................................................................................................... 4 2 VMware’s BC-FJA (Bouncy Castle FIPS Java API) Module ............................................................................ 5 2.1 Introduction .................................................................................................................................................. 5 2.1.1 VMware's BC-FJA (Bouncy Castle FIPS Java API) ...................................................................................... 5 2.2 Module Specification .................................................................................................................................... 5 2.2.1 Physical Cryptographic Boundary ............................................................................................................ 6 2.2.2 Logical Cryptographic Boundary .............................................................................................................. 7 2.2.3 Modes of Operation ................................................................................................................................. 7 2.2.4 Module Configuration .............................................................................................................................. 8 2.3 Roles, Authentication and Services .............................................................................................................. 9 2.3.1 Assumption of Roles ................................................................................................................................ 9 2.3.2 Services .................................................................................................................................................... 9 2.4 Physical Security ......................................................................................................................................... 12 2.5 Operational Environment ........................................................................................................................... 12 2.5.1 Use of External RNG ............................................................................................................................... 14 2.6 Cryptographic Key Management ............................................................................................................... 14 2.6.1 Critical Security Parameters ................................................................................................................... 19 2.6.2 Public Keys ............................................................................................................................................. 21 2.7 Self-Tests .................................................................................................................................................... 21 2.8 Mitigation of Other Attacks Policy ............................................................................................................. 23 3 Secure Operation ...................................................................................................................................... 24 3.1 Basic Enforcement ...................................................................................................................................... 24 3.2 Additional Enforcement with a Java SecurityManager .............................................................................. 24 3.3 Basic Guidance ........................................................................................................................................... 24 3.4 Enforcement and Guidance for GCM IVs .................................................................................................... 25 3.5 Enforcement and Guidance for use of the Approved PBKDF ...................................................................... 25 3.6 Rules for setting the N and the S String in cSHAKE ..................................................................................... 25 3.7 Guidance for the use of DRBGs and Configuring the JVM's Entropy Source .............................................. 26 4 References and Acronyms ......................................................................................................................... 27 April 20, 2021 Page 2 of 30 © 2021 VMware, Inc. This document may be freely reproduced and distributed whole and intact including this copyright notice. Security Policy, Version 0.1 VMware's BC-FJA (Bouncy Castle FIPS Java API) LIST OF FIGURES Figure 1 – Hardware Block Diagram ......................................................................................................... 6 Figure 2 – Module’s Logical Cryptographic Boundary ........................................................................... 7 LIST OF TABLES Table 1 – Security Level Per FIPS 140-2 Section ........................................................................................ 5 Table 2 – FIPS 140-2 Logical Interfaces ....................................................................................................... 7 Table 3 – Available Java Permissions .......................................................................................................... 8 Table 4 – Roles Description .......................................................................................................................... 9 Table 5 – Services ........................................................................................................................................ 9 Table 6 – CSP Access Rights within Services ............................................................................................ 11 Table 7 – Tested Configuration ................................................................................................................... 12 Table 8 – Approved and CAVP Validated Cryptographic Functions .......................................................... 15 Table 9 – Approved Cryptographic Functions Tested with Vendor Affirmation .......................................... 17 Table 10 – Non-Approved but Allowed Cryptographic Functions ............................................................... 18 Table 11 – Non-Approved Cryptographic Functions for use in non-FIPS mode only ................................. 18 Table 12 – Critical Security Parameters (CSPs) ......................................................................................... 20 Table 13 – Public Keys ............................................................................................................................... 21 Table 14 – Power Up Self-tests .................................................................................................................. 22 Table 15 – Conditional Self-tests ................................................................................................................ 23 Table 16 – References ................................................................................................................................ 27 Table 17 – Acronyms .................................................................................................................................. 28 April 20, 2021 Page 3 of 30 © 2021 VMware, Inc. This document may be freely reproduced and distributed whole and intact including this copyright notice. Security Policy, Version 0.1 VMware's BC-FJA (Bouncy Castle FIPS Java API) 1 INTRODUCTION 1.1 Purpose This is a non-proprietary Cryptographic Module Security Policy for the VMware's BC-FJA (Bouncy Castle FIPS Java API) Module from VMware, Inc. This Security Policy describes how the VMware's BC-FJA (Bouncy Castle FIPS Java API) Module meets the security requirements of Federal Information Processing Standards (FIPS) Publication 140-2, which details the U.S. and Canadian Government requirements for cryptographic modules. More information about the FIPS 140-2 standard and validation program is available on the National Institute of Standards and Technology (NIST) and the Canadian Centre for Cyber Security (CCCS), a branch of the Communications Security Establishment (CSE), Cryptographic Module Validation Program (CMVP) website at https://csrc.nist.gov/projects/cryptographic-module-validation- program. This document also describes how to run the module in a secure FIPS-Approved mode of operation. The VMware's BC-FJA (Bouncy Castle FIPS Java API) Module is also referred to in this document as “BC-FJA Module”, or “the module”. 1.2 Reference This document deals only with operations and capabilities of the composite module in the technical terms of a FIPS 140-2 cryptographic module security policy. More information is available on the module from the following sources: