Reference Guide
Crypto-C ME Cryptographic Toolkit 21
RSA BSAFE Crypto-C Micro Edition 4.1.4 Security Policy Level 1
with Level 2 Roles, Services and Authentication
1.4.4 Key Access
An authorized operator of the module has access to all key data created during
Crypto-C ME operation.
Note: The Crypto User and Crypto Officer roles have equal and complete
access to all keys.
The following table lists the different services provided by the toolkit with the type of
access to keys or CSPs.
Table 3 Key and CSP Access
Service Type Key or CSP Type of Access
Asymmetric
encryption and decryption
Asymmetric keys (RSA) Read/Execute
Symmetric
encryption and decryption
Symmetric keys (AES, Triple-DES) Read/Execute
Digital signature and
verification
Asymmetric keys (DSA, ECC, and RSA) Read/Execute
Message digest None N/A
MAC HMAC keys Read/Execute
Random number generation CTR DRBG entropy, IV, key, and init_seed
HMAC DRBG entropy, IV, key, and init_seed
Read/Write/Execute
Key derivation Secret Key Read/Execute
Write
Key generation Symmetric keys (AES, Triple-DES)
Asymmetric keys (DSA, RSA, DH, and ECC)
MAC keys (HMAC)
Write
Key assurance Asymmetric keys (DSA, RSA, DH and ECC) Read
Key establishment
primitives
Asymmetric keys (RSA, DH, ECC) Read/Execute
Role-based authentication
token
PIN Read/Write
Self-test
(Crypto Officer service)
Hardcoded DSA key Read/Execute
Show status None N/A
Zeroization All Read/Write