Install Guide
16 Binary Installation for Android
RSA BSAFE Cert-J 6.2.4 Installation Guide
b. Create the provider programmatically using the following Java code:
// Create a Provider object
Provider jsafeProvider = new com.rsa.jsafe.provider.JsafeJCE();
// Add the Crypto-J JsafeJCE Provider to the current
// list of providers available on the system.
Security.insertProviderAt (jsafeProvider, 1);
Note: Unlike standard java, Android doesn't support static
registration of JCE providers, therefore the provider must be loaded
dynamically.
7. If required, set the following properties to configure Cert-J for FIPS 140-2
compliant operation:
For FIPS 140-2 Level 2 Roles, Authentication and Services compliance, the
security properties listed in the following table must be added.
8. Cert-J uses
CTRDRBG128 as the default random algorithm where no other random
algorithm is specified.
Use the security property
com.rsa.crypto.default.random to change this
as required. The following are valid values for this security property:
Table 10 FIPS 140-2 Property Setting
Property Name Value
com.rsa.cryptoj.fips140initialmode
FIPS140_MODE
1
1
The fips140initialmode value can be any of FIPS140_MODE, FIPS140_SSL_MODE or
NON_FIPS140_MODE
.
com.rsa.cryptoj.native.fips140.path
path
2
2
This property is set when using a Native configuration only. The path and filename can be an absolute path.
Table 11 FIPS 140-2 Level 2 Property Settings
Property Name Value
com.rsa.cryptoj.fips140auth LEVEL2
com.rsa.cryptoj.configfile
1
1
This security property is optional. There are APIs to dynamically specify this property.
path and filename
2
2
The path and filename can be an absolute path or a path relative to the user.dir Java system property.
• CTRDRBG
• CTRDRBG128
• CTRDRBG192
• CTRDRBG256
• HASHDRBG
• HASHDRBG128
• HASHDRBG192
• HASHDRBG256
• HMACDRBG
• HMACDRBG128
• HMACDRBG192
• HMACDRBG256