Manualshelf

Reference Guide

ManualsBrandsDell ManualsBSAFEBSAFE Crypto-J
1234
How to Use Crypto-J in a FIPS 140-2 Compliant Way 3
RSA BSAFE Crypto-J 6.2.5 FIPS 140 Compliance Guide
How to Use Crypto-J in a FIPS 140-2 Compliant Way
Crypto-J does not enforce all aspects of the FIPS 140 mode of operation. The
operators must ensure they follow the guidelines in this document, and the Crypto-J
and Crypto-C Micro Edition Security Policy documents.
This section provides guidance to the toolkit user to ensure that Crypto-J is used in a
FIPS 140-2 compliant way. The guidance must be followed in order to operate
Crypto-J in a FIPS 140 mode of operation, in conformance with FIPS 140-2
requirements.
Crypto-J Configuration describes how to configure FIPS 140-2 components and
behavior in accordance with the application’s FIPS 140-2 requirements. The Crypto-J
public API layer passes these configuration choices to the JCM layer according to the
JCM security policies. By default, Crypto-J is configured to operate in FIPS 140-2
mode, at Security Level 1.
Crypto User Guidance on Algorithms in the Security Policy documents provides
algorithm-specific guidance. The requirements listed in those documents are not
enforced by the module and must be ensured by the module user.
Crypto User Guidance on Obtaining Assurances for Digital Signature Applications in
the Security Policy documents provides guidance on obtaining assurances for Digital
Signature Applications.
Mitigation of Other Attacks in the Security Policy documents provides information on
the blinding mode and the default blinding settings.
Crypto User Guidance on Key Generation and Entropy in the Security Policy
documents provides guidance on seeding and key generation, with the key sizes and
security strengths for each key size and the security strength required to initialize the
DRBG.
Key and Critical Data Zeroization provides general crypto user guidance.
For further details about how to use Crypto-J in a FIPS 140-2 compliant way, see the
Introduction To Crypto-J -> FIPS 140 Operation section of the RSA BSAFE
Crypto-J Developers Guide.
Note: See the RSA BSAFE Crypto-C Micro Edition Security Policy
documents for guidance on using the native C implementation in a
FIPS-compliant manner.