Manualshelf

Reference Guide

ManualsBrandsDell ManualsBSAFEBSAFE SSL-J
1234567
SSL-J Helper Functions 5
RSA BSAFE SSL-J 6.2.6 Security Policy
When Crypto-J is loaded, the power-up self-tests are automatically run. Once the
integrity check is passed, it will not run again unless the Cryptographic Module is
unloaded and then reloaded.
After the initial load of the Cryptographic Module, an on-demand call to the self-tests
results only in the performance of the known answer tests and pair-wise consistency
checks.
Crypto User Role
By default, an operator is in the Crypto User role. However, an operator can explicitly
assume the Crypto User role by invoking the
com.rsa.jsafe.crypto.CryptoJ.setRole() method with the argument
USER_ROLE.
The following services from the Crypto-J JsafeJCE API are available to the Crypto
User role:
com.rsa.jsafe.crypto.CryptoJ.setRole
com.rsa.jsafe.crypto.CryptoJ.getRole
com.rsa.jsafe.crypto.CryptoJ.setMode*
com.rsa.jsafe.crypto.CryptoJ.getMode
com.rsa.jsafe.crypto.CryptoJ.getState
com.rsa.jsafe.crypto.CryptoJ.selfTestPassed.
* The setMode method should only be used to switch to a non-FIPS 140-2 mode.
For more information on each function, please refer to the RSA BSAFE SSL-J
Developers Guide.
FIPS 140-2 Security Level 2 Operation
SSL-J meets all FIPS 140-2 Security Level 2 validation requirements through
Crypto-J. Role Based Authentication is used for the CO and Crypto User roles.
For FIPS140-2 Security Level 2 operations, a PIN, and optionally a reference to the
Cryptographic Module configuration file, must be provided to the SSL-J APIs through
the following constructors of the com.rsa.certj.CertJ class:
com.rsa.certj.CertJ(FIPS140Mode, FIPS140Role, byte[])
com.rsa.certj.CertJ(FIPS140Mode, FIPS140Role, byte[], File)
com.rsa.certj.CertJ(Provider[], FIPS140Mode, FIPS140Role, byte[])
com.rsa.certj.CertJ(Provider[], FIPS140Mode, FIPS140Role, byte[], File)
PINs and the Cryptographic Module configuration file must be initialized through
methods of the
com.rsa.jsafe.CryptoJ class.
See the
RSA BSAFE Crypto-J JSAFE and JCE Software Module Security Policy Level 2
for further details.