Manualshelf

Reference Guide

ManualsBrandsDell ManualsBSAFEBSAFE Cert-J
123456
4 Cert-J Helper Functions
RSA BSAFE Cert-J 6.2.4 Security Policy
Cert-J Helper Functions
Module Interfaces
As a multi-chip standalone module, the Cryptographic Module’s physical interfaces
consist of the keyboard, mouse, monitor, serial ports, network adapters, and so on.
However, the underlying logical interface to the Cryptographic Module is the API
documented in the Crypto-J Toolkit section of the RSA BSAFE Cert-J Developers
Guide. The Cryptographic Module provides Control Input through the API calls. Data
Input and Output are provided in the variables passed with API calls, and Status
Output is provided in the returns and error codes that are documented for each call.
Roles, Authentication and Services
The Cryptographic Module meets all FIPS140-2 Level 1 and Level 2 requirements for
Roles, Authentication and Services, implementing both a Crypto Officer role and a
Crypto User role. For FIPS 140-2 operation, the Cryptographic Module requires user
authentication for these roles. Only one role may be active at a time, and the
Cryptographic Module does not allow concurrent operators.
The APIs for controlling the Cryptographic Module are in the
CryptoJ class,
com.rsa.jsafe.crypto.CryptoJ.
The CertJ API has library instance context classes and contains classes for controlling
the FIPS 140-2 mode and role which can be applied to these library instance context
classes. The classes are:
Crypto-Officer Role
An operator can assume the Crypto Officer role by invoking the
com.rsa.jsafe.crypto.CryptoJ.setRole() method with the argument
com.rsa.jsafe.crypto.CryptoJ.CRYPTO_OFFICER_ROLE.
An operator in the Crypto Officer role can start the power-up self-tests on demand by
calling this method:
com.rsa.jsafe.crypto.CryptoJ.runSelfTests();
When Crypto-J is loaded, the power-up self-tests are automatically run. When the
integrity check is passed, it will not run again unless the Cryptographic Module is
unloaded and then reloaded.
Library Instance Context Class
com.rsa.certj.CertJ
FIPS 140 mode class
com.rsa.certj.FIPS140Mode
FIPS 140 role class
com.rsa.certj.FIPS140Role