Reference Guide
The Cryptographic Module 11
RSA BSAFE Crypto-J JSAFE and JCE Software Module 6.2.5 Security Policy Level 1
with Level 2 Roles, Services and Authentication
1.4.2 Crypto User Role
The Crypto User Role performs general security services, including cryptographic
operations and other approved security functions.
After installation and initialization, authentication is required to assume the Crypto
User Role. An operator can assume the Crypto User Role by constructing a
FIPS140Context object where the role is specified as
ModuleConfig.USER_ROLE. The FIPS140Context object can then be input to a
Service which is to be used by the Crypto User Role.
The Services section provides a list of services available to the Crypto User Role.
1.4.3 Services
The following table lists the services that must be used to install and initialize the
module. These services can be accessed un-authenticated by the Crypto Officer role.
The following table lists the services provided by the JCM which may be used by
un-authenticated operators after installation, in terms of the module interface. These
services do not affect the security of the module since they do not make any use of
cryptographic keys or Critical Security Parameters (CSPs).
The following table lists the Services only available to the Crypto Officer role
provided by the JCM in terms of the module interface.
Table 2 Crypto Officer Role Installation Services
Crypto Officer Role Installation Services
ModuleLoader.load ModuleConfig.initFIPS140PINs
Table 3 Un-Authenticated Services
Un-Authenticated Services
ModuleConfig.getEntropySource ModuleConfig.setEntropySource
ModuleConfig.initFIPS140RolePINs ModuleConfig.isFIPS140Compliant
ModuleConfig.getSecurityLevel ModuleConfig.getVersionDouble
ModuleConfig.getVersionString
Table 4 Services only available to the Crypto Officer Role
Services only Available to the Crypto Officer Role
ModuleConfig.resetFIPS140RolePIN ModuleConfig.setFIPS140RolePIN