Reference Guide
14 Crypto-C ME Cryptographic Toolkit
RSA BSAFE Crypto-C Micro Edition 4.1 Security Policy
Level 1
2.3 Roles and Services
Crypto-C ME meets all FIPS 140-2 Level 1 requirements for roles and services,
implementing both a User (User) role and Crypto Officer (CO) role. As allowed by
FIPS 140-2, Crypto-C ME does not support user identification or authentication for
these roles. Only one role can be active at a time and Crypto-C ME does not allow
concurrent operators.
2.3.1 Crypto Officer Role
The Crypto Officer is responsible for installing and loading the cryptographic module.
After the module is installed and operational, an operator can assume the Crypto
Officer role by calling
R_PROV_FIPS140_assume_role() with
R_FIPS140_ROLE_OFFICER. An operator assuming the Crypto Officer role can call
any Crypto-C ME function. For a complete list of functions available to the Crypto
Officer, see “Services” on page 27.
2.3.2 Crypto User Role
An operator can assume the Crypto User role by calling
R_PROV_FIPS140_assume_role() with R_FIPS140_ROLE_USER.
An operator
assuming the Crypto User role can use the entire Crypto-C ME API except for
R_PROV_FIPS140_self_test_full()
, which is reserved for the Crypto Officer.
For a complete list of Crypto-C ME functions, see
“Services” on page 27
.