Manualshelf

Reference Guide

ManualsBrandsDell ManualsBSAFEBSAFE Crypto-J
21222324252627282930
Secure Operation of the Module 29
RSA BSAFE Crypto-J JSAFE and JCE Software Module 6.2.5 Security Policy Level 1
with Level 2 Roles, Services and Authentication
2 Secure Operation of the Module
The following guidance must be followed in order to operate the module in a
FIPS 140-2 mode of operation, in conformance with FIPS 140-2 requirements.
Note: The module operates as a Validated Cryptographic Module only when
the rules for secure operation are followed.
2.1 Module Configuration
To operate the module in compliance with FIPS 140-2 Level 1 with Level 2 Roles,
Services and Authentication requirements, the module must be loaded using the
following method:
com.rsa.crypto.jcm.ModuleLoader.load()
The ModuleLoader.load() method extracts arguments from the
com.rsa.cryptoj.common.module.JavaModuleProperties class, which is
created using the
com.rsa.cryptoj.common.module.CryptoJModulePropertiesFactory class.
The following arguments are extracted:
The module jar file.
The security level, specified as the constant
ModuleConfig.LEVEL_2.
This should have a value of 2.
An optional
SelfTestEventListener to use for logging power-up
self-test events.
An optional
java.util.concurrent.ExecutorService used for
running the power-up self-tests.
An optional
File for reading and writing the status of the algorithm
power-up self-tests.
Using the specified
securityLevel ensures that the module is loaded for use in
compliance with FIPS 140-2 for Level 2 Roles, Services and Authentication.
Once the load method has been successfully called for the first time, the module PINs
must be initialized using the
initFIPS140RolePINs method in the
ModuleConfig class. Please refer to the relevant API Javadoc for alternative
overloaded options which can be supplied to this method, such as PIN validity period
and Cryptographic Module Configuration File location.
Once the PINs have been initialized, the module is operational.