Bouncy Castle FIPS Java API Examples

FIPS (Federal Information Processing Standards) are a set of standards for describing document processing and encryption algorithms. Any application involved in transmission of sensistive data in US government departments and agencies must adhere to FIPS 140-2 standards.

Bouncy Castle Provider Configuration

There are couple of different ways to configure Bouncy Castle FIPS Java provider:

JRE Security Changes

1. Place the bc-fips-1.0.0.jar in the jre/lib/ext folder.

2. Make the following changes to jre/lib/security/java.security file:

   1. Modify the line following line:

   security.provider.4=com.sun.net.ssl.internal.ssl.Provider

   to

   security.provider.4=com.sun.net.ssl.internal.ssl.Provider BCFIPS

   1. Add the following line:

   security.provider.11=org.bouncycastle.jcajce.provider.BouncyCastleFipsProvider

   11 is the priority number for the Bouncy Castle FIPS Java provider.

Please make sure to you use right numbering as they should be consecutive. Here is an example of list of providers in jre/lib/security/java.security file after the changes:

# List of providers and their preference orders (see above):
#
security.provider.1=sun.security.provider.Sun
security.provider.2=sun.security.rsa.SunRsaSign
security.provider.3=sun.security.ec.SunEC
#security.provider.4=com.sun.net.ssl.internal.ssl.Provider
security.provider.4=com.sun.net.ssl.internal.ssl.Provider BCFIPS
security.provider.5=com.sun.crypto.provider.SunJCE
security.provider.6=sun.security.jgss.SunProvider
security.provider.7=com.sun.security.sasl.Provider
security.provider.8=org.jcp.xml.dsig.internal.dom.XMLDSigRI
security.provider.9=sun.security.smartcardio.SunPCSC
security.provider.10=apple.security.AppleProvider
security.provider.11=org.bouncycastle.jcajce.provider.BouncyCastleFipsProvider

Once the provider is added, it can be referenced in your code using the provider name as BCFIPS.

Application Runtime

By adding the provider during the application execution:

import java.security.Security
import org.bouncycastle.jcajce.provider.BouncyCastleFipsProvider

Security.addProvider(new BouncyCastleFipsProvider())

In this project, the Bouncy Castle FIPS Java provider is added during runtime. No changes needed in your JRE.

Examples

Examples here relate to Bouncy Castle implementation of Java FIPS API.

These examples can found in The Bouncy Castle FIPS Java API in 100 Examples.

Random Numbers

Secured random is very important in cryptography as random values are used in key and IV generation.

• SecureRandomNumberExample.java contains examples of generating secure random numbers. (Example 1, 2, and 3)

Symmetric Key

BC FIPS API offers both approved mode symmetric ciphers, AES and TripleDES, and also a number of other symmetric ciphers such as ARC4, Blowfish, Camellia, CAST5, DES, GOST28147, IDEA, RC2, SEED, Serpent, SHACAL2, and Twofish.

Basic Modes and Padding

• KeyCreationExample.java contains examples related to creating symmetric keys. (Example 4 and 5)

• ECBModeEncryptionExample.java contains examples of encrypting and block cipher modes is unpadded. The input has to be aligned on the block boundaries of the cipher - in this case 128 bits. (Example 6)

• CBCModeEncryptionExample.java contains examples of encrypting and decrypting in CBC (Cipher Block Chaining) mode. Padding needs to be specified as the CBC mode is block aligned. CBC mode has an extra parameter, the initialization vector (IV), which is used with the mode to prevent any similarities in two plain texts from showing up in the encrypted results. Make sure the IV is reliably random or unique. (Example 7)

• CFBModeEncryptionExample.java contains examples of encrypting and decrypting in CFB (Cipher Feedback) mode. It is similar to CBC while using a streaming block mode. However, padding is no longer required as the cipher generates a stream of "noise" which is XOR'd with the data to be encrypted. (Example 8)

• CTRModeEncryptionExample.java contains examples of encrypting and decrypting in CTR (Counter) mode. It is a block streaming mode with more control than CFB (Cipher Feedback) mode. The IV (initialization vector) is broken up into two parts: a random nonce, and a counter. It differs from CFB mode in the way cipher stream is gernerated by encrypting the nonce and counter. The use of the nonce and counter means that the cipher stream can be generated in a random access fashion. (Example 9)

• CBCModeWithCTSEncryptionExample.java contains examples of encrypting and decrypting in CBC (Cipher Block Chaining) mode with CTS (Ciphertext Stealing). CTS is used in conjunction with CBC mode and can be used where there is at least 2 blocks of data. It requires no padding, as the “stealing” process allows it to produce a cipher text which is the same length as the plain text. The most popular one is CS3. (Example 10) Encountered the following exception while testing: javax.crypto.BadPaddingException: Error closing stream

Authenticated Modes

Unlike basic modes, authenticated modes (GCM, CCM) provides a cryptographic checksum that can be used to help validate a decryption.

These modes are also known as Authenticated Encryption with Associated Data (AEAD) modes since they provide ways to add extra clear text or associated data into the tag used for validation.

• GCMAuthModeEncryptionExample.java contains examples of encrypting and decrypting in authenticated GCM (Galois/Counter Mode) mode. It is based on CTR (Counter) mode and has its own hashing function. (Example 11)

Build

Execute the following command from the parent directory:

mvn clean install