I'm developing a Java project that needs to use a FIPS 140-2 validated module for crypto signatures. I'm leaning towards using the OpenSSL FIPS Object Module. After browsing around the webs, I couldn't开发者_开发技巧 find anything that implemented a Java bindings for OpenSSL in the Java Cryptography Architecture. I was wondering if anyone could point me to such a library, or an alternative approach to using OpenSSL in Java for crypto signatures.
Better use IBM FIPS compatible (140-2 level 1) JCE module which comes with IBM JRE. http://publib.boulder.ibm.com/infocenter/realtime/v1r0/topic/com.ibm.rt.doc.10/security/jcefips/ibmjcefips.html
http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140crt/140crt1081.pdf
I know this is an old question but I hoped this might help others. Bouncy Castle provides a FIPS 140-2 Validated JCA provider.
https://www.bouncycastle.org/fips/UserGuide-20151229.pdf
精彩评论