Reference Guide
2 Introduction
RSA BSAFE Crypto-J 6.2.5 FIPS 140 Compliance Guide
Introduction
The Crypto-J toolkit provides two public APIs that can be called from an application:
• the Java Cryptography Extension (JCE) API which is an officially released
Standard Extension to the Java Platform
• the JSAFE API which is an RSA proprietary API.
Note: The JSAFE API is now deprecated. It is still available for backward
compatibility, and may be removed in a future release.
In Crypto-J, these APIs are outside of the cryptographic boundary and provide FIPS
140-2 validated cryptographic functionality to the calling application by configuring
and calling the FIPS 140-2 validated module, the Java Crypto Module (JCM).
The JCE framework is available for use by the application because the JCM runs on a
Java Virtual Machine (JVM) which provides services for the JCM.
Internally the Crypto-J public API layer adheres to the FIPS 140-2 secure operation
guidance as specified in the FIPS 140-2 Level 1 and Level 2 JCM security policy
documents, RSA BSAFE Crypto-J JSAFE and JCE Software Module Security Policy
Level 1 and RSA BSAFE Crypto-J JSAFE and JCE Software Module Security Policy
with Level 2 Roles, Services and Authentication.
J2SEApplication
Android
Application
J2EEContainer
JCE
Framework
Crypto‐J
PublicAPI
FIPS140‐2
JavaCrypto,
JCM
JsafeAPI
JCEAPI JCESPI
DataIn
StatusOut
DataOut
ControlIn
Crypto‐J
Application