3

I am currently upgrading an application that generates OpenPGP messages to be FIPS 140-2 compliant. Currently I generate PGP messages that use RSA/AES-256 encryption which are both approved algorithms using BouncyCastle and its OpenPGP provider. I am no longer able to use BouncyCastly since it is not FIPS 140-2 validates, so I am looking at the BSAFE library from RSA.

This library doesn't have the high-level abstraction to let you generate an OpenPGP message directly. Does anyone know of a library that can use an existing JCE provider (like my BSAFE library) capable of generating OpenPGP messages? I'd really like to avoid having to implement the OpenPGP spec myself, as that seems like it would be quite time consuming. Alternatively any suggestions for other ways to format my encrypted files?

Thanks in advance for any input!

Michael
  • 2,460
  • 3
  • 27
  • 47

3 Answers3

0

After much research it seems that there is no way to do this without implementing the OpenPGP format yourself. However the Cryptographic Message Syntax seems to be a suitable replacement.

Michael
  • 2,460
  • 3
  • 27
  • 47
  • I think this conclusion is wrong. Please see [my answer.](http://stackoverflow.com/questions/5994470/creating-openpgp-messages-in-java-using-fips-140-2-library/7421916#7421916) – erickson Sep 14 '11 at 19:33
0

There are major differences between S/MIME (Cryptographic Message Syntax) and OpenPGP.

http://mozilla-enigmail.org/forum/viewtopic.php?t=67

Mainly, S/MIME exchanges keys in terms of certificates (which must utilize a certificate authority, limited to 1024 bit, and expires after 1 year), while OpenPGP uses PGP keys (can be exchanged peer-to-peer, or utilize a free keyserver, or host your own keyserver).

Duke
  • 7,070
  • 3
  • 38
  • 28
  • Hierarchy of Trust vs Web of Trust http://www.gpg4win.org/doc/en/gpg4win-compendium_10.html – Duke Sep 14 '11 at 19:04
0

FIPS 140-2 doesn't apply to protocols like SSL, PGP, S/MIME, or SSH. Those are security protocols that use cryptographic algorithms like RSA and AES. (Commercial crypto vendors aren't likely to point out this distinction, however).

FIPS 140-2 lists approved algorithms. It also specifies testing criteria for "cryptographic modules" that implement these algorithms. But, it doesn't say anything about the application of these algorithms.

So, you can use BouncyCastle's PGP provider. Instead of installing Bouncy Castle as a crypto-provider, install your FIPS 140-2–certified implementation. Bouncy Castle's PGP will use the preferred crypto provider for its underlying cryptographic algorithms. You can use their S/MIME support in the same way.

erickson
  • 265,237
  • 58
  • 395
  • 493
  • Right I understand that in theory I could use the BouncyCastle PGP provider with another FIPS 140-2 provider and still be compliant. However when I tried doing that it didn't work as the BouncyCastle PGP provider was trying to call BouncyCastle specific classes that are in the bcprov JAR. If there is a way to make it work it wasn't immediately obvious to me. – Michael Sep 15 '11 at 15:03
  • @Michael - I see. We do have this working, but it's been a while since we've figured out all of the hiccups, so I don't remember what all of them were. I know that we don't have BC installed as a provider, but I'm not sure that the provider library is off the class path. – erickson Sep 15 '11 at 20:26