8
Crypto-J Cryptographic Toolkit
RSA BSAFE Crypto-J 4.1 Security Policy
2.4 Roles and Services
Crypto-J meets all FIPS140-2 Level 1 requirements for Roles and Services,
implementing both a Crypto Officer role and a Crypto User role. As allowed by FIPS
140-2, Crypto-J does not require user identification or authentication for these roles.
The API for control of Crypto-J is through the com.rsa.jsafe.crypto.CryptoJ
class. The API is duplicated in the class com.rsa.jsafe.CryptoJ class
2.4.1 Crypto Officer Role
An operator can assume the Crypto Officer role by invoking the
com.rsa.jsafe.crypto.CryptoJ.setRole() method with the
CryptoJ.CRYPTO_OFFICER_ROLE argument.
The power-up self-tests can be re-executed explicitly after the toolkit has been loaded
using CryptoJ.runSelfTests.
The Crypto Officer can start the power-up self-tests manually at the command prompt
by navigating to the directory containing the appropriate .jar file, and typing:
Alternatively, the Crypto Officer can start the power-up self-tests programmatically:
Note:
When Crypto-J is loaded and configured for FIPS140-2 use, the
power-up self tests run automatically. If the CryptoJ.runSelfTests method is
invoked after the toolkit is loaded, all power-up tests will be re-executed.
2.4.2 Crypto User Role
The Crypto User role is the default operating role. An operator can explicitly assume
the Crypto User role by invoking the
com.rsa.jsafe.crypto.CryptoJ.setRole() method with the
CryptoJ.USER_ROLE argument.
The Crypto-J API, its functions and capabilities are documented in the RSA BSAFE
Crypto-J 4.1 Developer's Guide.
java -cp cryptojFIPS.jar com.rsa.jsafe.crypto.CryptoJ -testAll
com.rsa.jsafe.crypto.CryptoJ.runSelfTests();