Sid Spry wrote:
"I'd suggest avoiding doing native code work on Android."
Kevin W. Wall wrote:
"I'm pretty sure that Bouncy Castle is the default Java Cryptography Extension (JCE) used on Android platform."
Thanks for your input Sid, Kevin.
I had thought that the team I'm helping leaned towards OpenSSL, because as their desktop product used it, but they are open to a Java crypto library on Android. I agree, C on Android is not a first choice...
So yes, Bouncy Castle is included with Android. As the Wikipedia link from Sid says, to avoid name clashes when installing a FIPS 140-2 build, there is a build called Stripy Castle. But one can't just drop that in and inherit the official validation of Bouncy Castle on the platforms/configurations listed in its certificate/security-policy. FIPS 140 has the concepts of Vendor Affirmed, and User Affirmed, for various different configurations, and they entail various subtleties. I'll have to dig in further, sigh. I would have thought that some vendor would make a FIPS 140-2 module for Android. You'd think that there'd be a market.