Home / Browse / JSch / Mail / Archive

JSch

Email Archive: jsch-users (read-only)

2002:	_Jan	_Feb	_Mar	_Apr	_May	_Jun	_Jul	_Aug	_Sep	_Oct (17)	_Nov (3)	_Dec (5)
2003:	_Jan (34)	_Feb (70)	_Mar (18)	_Apr (17)	_May (21)	_Jun (20)	_Jul (27)	_Aug (12)	_Sep (10)	_Oct (7)	_Nov (21)	_Dec (5)
2004:	_Jan (18)	_Feb (13)	_Mar (35)	_Apr (8)	_May (26)	_Jun (32)	_Jul (19)	_Aug (37)	_Sep (14)	_Oct (20)	_Nov (41)	_Dec (48)
2005:	_Jan (44)	_Feb (60)	_Mar (62)	_Apr (42)	_May (26)	_Jun (55)	_Jul (29)	_Aug (21)	_Sep (56)	_Oct (20)	_Nov (17)	_Dec (9)
2006:	_Jan (33)	_Feb (49)	_Mar (27)	_Apr (27)	_May (67)	_Jun (28)	_Jul (64)	_Aug (45)	_Sep (39)	_Oct (52)	_Nov (36)	_Dec (45)
2007:	_Jan (60)	_Feb (44)	_Mar (57)	_Apr (18)	_May (15)	_Jun (37)	_Jul (27)	_Aug (32)	_Sep (48)	_Oct (52)	_Nov (48)	_Dec (17)
2008:	_Jan (28)	_Feb (6)	_Mar (29)	_Apr (27)	_May (10)	_Jun (33)	_Jul (27)	_Aug (15)	_Sep (46)	_Oct (18)	_Nov (10)	_Dec (8)
2009:	_Jan (22)	_Feb (17)	_Mar (10)	_Apr (14)	_May (20)	_Jun (28)	_Jul (9)	_Aug (8)	_Sep (12)	_Oct (22)	_Nov (23)	_Dec (18)
2010:	_Jan (32)	_Feb (18)	_Mar (30)	_Apr (54)	_May (25)	_Jun (22)	_Jul (26)	_Aug (54)	_Sep (15)	_Oct (24)	_Nov (53)	_Dec (11)
2011:	_Jan (45)	_Feb (40)	_Mar (47)	_Apr (28)	_May (30)	_Jun (58)	_Jul (13)	_Aug (27)	_Sep (41)	_Oct (7)	_Nov (18)	_Dec (22)
2012:	_Jan (36)	_Feb (71)	_Mar (30)	_Apr (25)	_May (32)	_Jun (15)	_Jul (12)	_Aug (8)	_Sep (16)	_Oct (21)	_Nov (4)	_Dec
2013:	_Jan (9)	_Feb (6)	_Mar (27)	_Apr (16)	_May (12)	_Jun	_Jul	_Aug	_Sep	_Oct	_Nov	_Dec

Re: [JSch-users] Is Jsch FIPS 140-2 compliant?

From: Viet H. Phan <hoangvietphan@ya...> - 2009-06-16 04:28

Attachments: Message as HTML

Hi Atsuhiko and All,

I know that Jsch hasn't got FIPS 140-2 certified. I looked into the source code and found that it supports FIPS approved algorithms AES, Triple-DES, DSA, RSA, SHA-1, HMAC-SHA-1. I wonder whether my software that uses Jsch can pass a FIPS 140-2 validation testing by NIST.
Do you get any experience of this?
I look forward to hearing your inputs.

Thanks a lot,
Viet


--- On Tue, 6/16/09, Atsuhiko Yamanaka <ymnk@...> wrote:

From: Atsuhiko Yamanaka <ymnk@...>
Subject: Re: [JSch-users] Is Jsch FIPS 140-2 compliant?
To: hoangvietphan@...
Cc: jsch-users@...
Date: Tuesday, June 16, 2009, 8:48 AM

Hi,

   +-From: "Viet H. Phan" <hoangvietphan@...> --
   |_Date: Mon, 15 Jun 2009 02:32:28 -0700 (PDT) _____
   |
   |We have been using Jsch to do data transfer with a partner. 
   |Recently we have got a requirement of following FIPS 104-2 standard 
   |(http://csrc.nist.gov/publications/fips/fips140-2/fips1402.pdf). 
   |Could anyone tell me if Jsch is FIPS 140-2 compliant?

Unfortunately, it is not.


Sincerely,
--
Atsuhiko Yamanaka
JCraft,Inc.
1-14-20 HONCHO AOBA-KU,
SENDAI, MIYAGI 980-0014 Japan.
Tel +81-22-723-2150
    +1-415-578-3454
Skype callto://jcraft/

Re: [JSch-users] Is Jsch FIPS 140-2 compliant?

From: <ymnk@jc...> - 2009-06-16 05:18

Hi,

   +-From: "Viet H. Phan" <hoangvietphan@...> --
   |_Date: Mon, 15 Jun 2009 21:28:37 -0700 (PDT) _____
   |
   |I know that Jsch hasn't got FIPS 140-2 certified. I looked into 
   |the source code and found that it supports FIPS approved algorithms AES, 
   |Triple-DES, DSA, RSA, SHA-1, HMAC-SHA-1. I wonder whether my software 
   |that uses Jsch can pass a FIPS 140-2 validation testing by NIST.

JSch has depended on the JCE included in J2SE and 
the implementations of those algorithms have come from it.
Is Sun's J2SE FIPS 140-2 compliant?

   |Do you get any experience of this?

At least, we don't have any experiences of that. 


Sincerely,
--
Atsuhiko Yamanaka
JCraft,Inc.
1-14-20 HONCHO AOBA-KU,
SENDAI, MIYAGI 980-0014 Japan.
Tel +81-22-723-2150
    +1-415-578-3454
Skype callto://jcraft/