Is The Azul Cryptography Extension Kit (CEK) FIPS-compliant?


Is the Zulu Cryptography Extension Kit (CEK) FIPS (Federal Information Processing Standard) 140-2 compliant.


The short answer is "No".

The long answer is the Zulu Cryptography Ext Kit (CEK) is only a collection of policy files and does not provide any encryption functionality by itself (from our website):

The Zulu® CEK download file does not contain any encryption functionality by itself. 
All encryption providers and functionality for each Java level is already provided
within Zulu®‘s regular JDK and JRE packages. You will need to have Zulu® installed to deploy and use the Zulu® CEK.

The enclosed README.txt also states:

Please note that the Zulu CEK contains no encryption functionality itself. 
All cryptography providers get installed with the base Zulu packaging.


Furthermore, CEK is no longer needed beginning in Jan 2018 builds (e.g. Zulu 8.27, 7.22, 6.19 and up, and Zing 18.x and up) since they now include the unlimited strength policy files.


FIPS compliance can be achieved by downloading and using Bouncy Castle.

Note: Azul may consider providing direct Bouncy Castle support in the future.  If interested, please contact an Azul representative.

--Last updated 2021-03-10 16:41:10--

Add Comment



Article is closed for comments.

Was this article helpful?
0 out of 0 found this helpful