000027083 - Using multiple FIPS 140 modes in the same application with the Crypto-J 4.0 JCE provider JsafeJCE

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000027083
Applies ToBSAFE/Crypto-J 4.0
Issue

Using multiple FIPS 140 modes in the same application with the Crypto-J 4.0 JCE provider JsafeJCE

Notes The CryptoJ master class's FIPS 140 mode methods setMode and getMode interact with the global FIPS 140 mode. When the default JsafeJCE constructor is used, the JCE provider uses the current global FIPS 140 mode when creating cryptographic objects.

Using the CryptoJ master class's FIPS 140 mode method getFIPS140Context() allows the current global FIPS 140 mode to be obtained. This context can then be modified. The modified context can then be used in the constructor of JsafeJCE. This allows all cryptographic objects created with the new JCE provider to use the specified FIPS 140 mode and role. This allows multiple FIPS 140 modes to be supported at once.

So, in the case in which you wanted to use multiple JCE providers in different FIPS modes, there would be a difference between the FIPS140Context and CryptoJ FIPS methods.

Legacy Article IDa42335

Attachments

    Outcomes