Reference Guide
The Cryptographic Module 25
RSA BSAFE Crypto-J JSAFE and JCE Software Module 6.2.5 Security Policy Level 1
The following lists all other available algorithms in the JCM that are not allowed for
FIPS 140-2 usage. These algorithms must not be used when operating the module in a
FIPS 140-2 compliant way.
• AES in BPS mode for FPE
• AES in CBC_CS1, CBC_CS2 or CBC_CS3 mode for CTS
• ChaCha20/Poly1305 AEAD cipher
• ChaCha20 cipher
• DES
• DESX
• ECIES
• FIPS 186-2 PRNG (Change Notice General)
• HMAC-MD5
• MD2
• MD5
1
• PKCS #5 KDF
• PKCS #12 KDF
• Poly1305 MAC
• RC2 block cipher
• RC4 stream cipher
• RC5 block cipher
• RSA Keypair Generation MultiPrime (2 or 3 primes)
• RSA X9.31, PKCS #1 V.1.5, RSASSA-PSS Signature Generation FIPS 186-2
(4096 bit key size)
• RIPEMD160
• scrypt
• Shamir Secret Sharing
• Triple-DES in CBC_CS1, CBC_CS2 or CBC_CS3 mode for CTS.
1
MD5 is allowed in FIPS mode only for use in TLS.