SSH is not a protocol that can be certified under FIPS. However SSH uses many cryptographic algorithms that do come under FIPS, for example AES symmetric encryption or RSA assymetric encryption.
Our APIs use the cryptographic services of the Java Cryptography Extension (JCE) which comprises part of the Java Runtime. This mechanism allows different JCE providers to be used and there are JCEs available that have been FIPS certified. Thus its possible to install a FIPS certified JCE module to ensure that the cryptographic algorithms used by our API are FIPS compliant.
Our Maverick Legacy APIs have specific inbuilt support for the BouncyCastle FIPS JCE which is available from https://www.bouncycastle.org/fips_faq.html
FIPS certified JCEs are also available from RSA, IBM and other vendors. Please note that we do not support using the Sun PKCS11 JCE Provider with NSS FIPS certified libraries.
