BouncyCastle FIPS Restrictions

When using Bouncy Castle FIPS, the following restrictions exist:

  1. BouncyCastle FIPS cannot be used when IBM FIPS is enabled.

  2. BouncyCastle FIPS cannot be used on MFT versions prior to V8.2.

  3. BouncyCastle FIPS supports only keystores in a BCFKS format when stored on the file system.

  4. BouncyCastle FIPS does not support public or private key sizes less than 2048 bits.

  5. The following PGP protocols are not supported:
    • El Gamal, CAST5, MD2, MD5, RipeMD
  6. SSL/TLS ciphers are more limited.