Reference Guide

6 Secure Operation of Cert-J

RSA BSAFE Cert-J 6.2.4 Security Policy

Secure Operation of Cert-J

Please refer to “Secure Operation of the Module” in the RSA BSAFE Crypto-J JSAFE

and JCE Software Module Security Policy documents for detailed information about

how to operate the Cryptographic Module securely and he security levels, and the

RSA BSAFE Crypto-J FIPS Compliance Guide for a definition of the FIPS 140-2

modes.

The default initial mode of Cert-J is

FIPS140_MODE. The initial mode can be

configured through the use of the c

om.rsa.cryptoj.fips140initialmode

property. The recognized values are:

•

FIPS140_MODE

•

FIPS140_SSL_MODE

The default initial security level of Cert-J is Level 1. The initial security level can be

configured through the use of the

com.rsa.cryptoj.fips140auth property.

The recognized values are:

•

LEVEL1 for Security Level 1

•

LEVEL2 for Security Level 2.

For further detail, see the Introduction To Cert-J -> System and Security

Properties section of the RSA BSAFE Cert-J Developers Guide.

The mode of instances of the Cert-J library can be set by passing in

FIPS140Mode

classes into the constructors of

com.rsa.certj.CertJ. In this way, Cert-J can be

run in multiple modes simultaneously.

Acronyms

This table lists the definitions for the acronyms used in Cert-J.

Acronym Definition

API Application Programming Interface.

CO Crypto Officer, a security system user role.

FIPS Federal Information Processing Standards.

JCE Java Cryptography Extension.

KAT Known Answer Test.