java 哪些 JCE 提供程序符合 FIPS 140-2?

声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow 原文地址: http://stackoverflow.com/questions/5046482/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me): StackOverFlow

提示:将鼠标放在中文语句上可以显示对应的英文。显示中英文
时间:2020-10-30 09:10:00  来源:igfitidea点击:

Which JCE providers are FIPS 140-2 compliant?

javacryptographyjcefips

提问by Rob H

What Java Cryptography Extension (JCE) providers are FIPS 140-2 compliant? More specifically, does the Sun/Oracle provider qualify?

哪些 Java 加密扩展 (JCE) 提供程序符合 FIPS 140-2?更具体地说,Sun/Oracle 提供商是否有资格?

采纳答案by Stephen C

According to this information on this page:

根据此页面上的信息:

  1. IBM and RSA have FIPS 140-2 validated JCE providers.
  2. Sun's JCE providers are not on the list of FIPS 140-2 validated modules.
  1. IBM 和 RSA 拥有经过 FIPS 140-2 验证的 JCE 提供程序。
  2. Sun 的 JCE 提供程序不在 FIPS 140-2 验证模块列表中。

However, Oracle do have a validated module called "Oracle Cryptographic Libraries for SSL". The description does not say this is a JCE provider ... but it might be.

但是,Oracle 确实有一个经过验证的模块,称为“用于 SSL 的 Oracle 加密库”。描述并没有说这是一个 JCE 提供者……但它可能是。

Also, Oracle don't appear to have any "modules in progress" for FIPS 140-2 validation.

此外,Oracle 似乎没有任何用于 FIPS 140-2 验证的“正在进行的模块”。

回答by Curtis P

According to this page, java 6 can be made FIPS 140 compliant via either NSS or SunJSSE.

根据此页面,可以通过 NSS 或 SunJSSE 使 Java 6 符合 FIPS 140。

回答by steinybot

Actually the Sun PKCS#11 Providerdoes look like it is FIPS 140-2 compliant. It is based on Network Security Services. I'm pretty sure that is what certificates 1278, 1279 and 1280 are on that NIST linkthat @stephen-c posted. The Oracle docsare a little vague regarding compliance but this is the best I have found so far.

实际上,Sun PKCS#11 Provider看起来确实符合 FIPS 140-2。它基于网络安全服务。我很确定这就是@stephen-c 发布的NIST 链接上的证书 1278、1279 和 1280 。在甲骨文的文档是一个有点含糊有关规定,但,这是到目前为止,我已经找到了最好的。