Cryptographic Components for Java
|
| RSA BSAFE CRYPTO-J |
Cryptographic Components for Java |
| JSAFE Javadoc | JCE Javadoc | Search |
It keeps the version number and enables FIPS-related self-testing on a FIPS-validated version of the toolkit.
CryptoJ has methods to allow the user run the FIPS-required power-up self-tests on demand and get their status, methods to set and query the user role, and methods to get and set the library to fips or non-fips mode. These methods are not available on a non-fips library.
The FIPS version of CryptoJ executes power-up self-tests automatically upon startup and conditional tests at runtime. Upon startup failure, the the toolkit enters a FAILED state preventing further operation.
See Overview of Crypto-J for background and reference material on using and understanding Crypto-J.
Copyright © RSA Security Inc., 1997-2005. All rights reserved.
Static Public Methods | |
| CryptoJ CryptoJ:: | getInstance () |
A factory method that gets a CryptoJ instance. | |
| SecureRandom CryptoJ:: | getSeeder () |
| Returns the global seed generator. More... | |
| final boolean CryptoJ:: | isFIPS140Compliant () |
| Indicates whether this toolkit is FIPS 140-2 compliant. More... | |
| int CryptoJ:: | getState () |
| Queries the toolkit execution state on a FIPS-validated toolkit. More... | |
| int CryptoJ:: | getMode () |
Returns the mode, either FIPS or NON-FIPS. More... | |
| void CryptoJ:: | setMode (int newMode) throws JSAFE_InvalidUseException |
| Sets the FIPS mode to newMode. More... | |
| int CryptoJ:: | getRole () |
| Returns the user role. More... | |
| void CryptoJ:: | setRole (int newRole) throws JSAFE_InvalidUseException |
Sets the user mode to newRole. More... | |
| boolean CryptoJ:: | selfTestPassed () |
| Retrieves the results of last execution of the power-up self-tests. More... | |
| synchronized boolean CryptoJ:: | runSelfTests () throws JSAFE_InvalidUseException |
| Runs the FIPS 140 required power-up self-tests on demand. More... | |
| void CryptoJ:: | fips186RandomClearQ (SecureRandom random) |
| Resets the prime Q to its default value. More... | |
| void CryptoJ:: | fips186RandomSetQ (SecureRandom random, byte[] qBytes) |
| Sets the prime Q to the given value. More... | |
| void CryptoJ:: | fips186RandomClearXKEY (SecureRandom random) |
| Clears the the interal state of the random. More... | |
| void CryptoJ:: | fips186RandomSetXKEY (SecureRandom random, byte[] XKEYBytes) |
| Sets the internal seed of the random to the given value. More... | |
| void CryptoJ:: | main (String[] args) |
| This method prints the version number on a non-FIPS toolkit and runs run any or all of the known answer tests used in power-up self-testing on a FIPS validated toolkit. | |
Static Public Attributes | |
| final String CryptoJ:: | CRYPTO_J_VERSION |
| The current version of Crypto-J. | |
| final int CryptoJ:: | NOT_INITIALIZED |
| Indicates that the toolkit has not been verified. | |
| final int CryptoJ:: | UNDER_SELF_TEST |
| Indicates that the toolkit is under self test. | |
| final int CryptoJ:: | OPERATIONAL |
| Indicates that the toolkit passed verification. | |
| final int CryptoJ:: | FAILED |
| Indicates that the toolkit failed verification; a powerup or a conditional self test has failed. | |
| final int CryptoJ:: | FIPS_MODE |
| Indicates that the toolkit is running in FIPS mode. | |
| final int CryptoJ:: | NON_FIPS_MODE |
| Indicates that the toolkit is running in non-FIPS mode. | |
| final int CryptoJ:: | FIPS_TESTING_MODE |
| Indicates that the toolkit is running in FIPS testing mode. | |
| final int CryptoJ:: | CRYPTO_OFFICER_ROLE |
| Denotes the Crypto Officer role. | |
| final int CryptoJ:: | USER_ROLE |
| Denotes the normal user role. | |
| byte [] CryptoJ:: | savedQBytes |
| saved Q bytes for testing a fips 186 random and acts as a flag. | |
| byte [] CryptoJ:: | savedXKEYBytes |
| saved XKEY bytes for testing a fips 186 random and acts as a flag. | |
|
|
Resets the prime Q to its default value.
This method is for use in
|
|
|
Clears the the interal state of the random.
This method is for use in the
|
|
||||||||||||
|
Sets the prime Q to the given value.
This method is for use in
|
|
||||||||||||
|
Sets the internal seed of the random to the given value.
This method is for use in
|
|
|
Returns the mode, either
|
|
|
Returns the user role. The user role is meaninful only on a FIPS-validated library.
|
|
|
Returns the global seed generator.
This method is a convenience for users that may need to rely on autoseeding. It allows access to the library's shared seed generation object. Crypto-J keeps a globaly shared
|
|
|
Queries the toolkit execution state on a FIPS-validated toolkit.
|
|
|
Indicates whether this toolkit is FIPS 140-2 compliant. If it is compliant, then methods to query and set the FIPS mode, the user role, and run the power-up tests are available; otherwise, these methods are not available.
There is no enforcement of algorithm selection in
|
|
|
Runs the FIPS 140 required power-up self-tests on demand. For use by the Crypto Officer with a FIPS-validated toolkit. These tests consist of the algorithm known answer tests plus pairwise consisency checks on DSA and RSA key pair generation.
|
|
|
Retrieves the results of last execution of the power-up self-tests. This method should be called on a FIPS-compliant library only.
|
|
|
Sets the FIPS mode to newMode. The paramater newMode must be one of
|
|
|
Sets the user mode to
|