While testing my FIPS 140-2 compliance configuration, it appears that I am still able to access the unapproved MD5 algorithm. This leads me to believe that I have configured the BouncyCastle FIPS JCE provider incorrectly. The following code does not behave as I expect:
System.setProperty("org.bouncycastle.fips.approved_only", "true");
Security.insertProviderAt(new BouncyCastleFipsProvider(), 1);
System.out.println(CryptoServicesRegistrar.isInApprovedOnlyMode());
MessageDigest digest = MessageDigest.getInstance("MD5", "BCFIPS");
System.out.println(digest.getAlgorithm());
System.out.println(digest.getProvider());
Cipher.getInstance("DES", "BCFIPS");
And the output of that being:
true
MD5
BCFIPS version 1.000203
This code throws a NoSuchAlgorithmException when it tries to get the DES cipher just as I expect since it is not a FIPS 140-2 approved algorithm. If I remove the 'approved_only' property, the DES cipher instance is created successfully. However I would think that in approved only mode the MD5 MessageDigest should also fail. While it is a bit old (2015), page 6 of https://www.bouncycastle.org/fips/BCFipsDescription.pdf states that MD5 should not be available in approved mode, and more recently page 5 of https://csrc.nist.gov/csrc/media/publications/fips/140/2/final/documents/fips1402annexa.pdf does not list MD5 in its approved list of secure hash standards.
Additionally, other hashing algorithms from https://www.bouncycastle.org/fips/BCFipsDescription.pdf do not work in approved mode but are available in unapproved mode such as WHIRLPOOL. I haven't tested all of them but so far MD5 is the only unapproved algorithm that I can get to work in approved mode.
My question is: why am I able to create a MD5 MessageDigest in approved mode? Is there something wrong with how I'm implementing the BouncyCastle JCE?
