000035636 - How can I easily manage RSA BSAFE FIPS and non-FIPS library files if my application will sometimes run in a FIPS 140-2 mode and sometimes in non-FIPS mode?

Document created by RSA Customer Support Employee on Mar 17, 2018
Version 1Show Document
  • View in full screen mode

Article Content

Article Number000035636
Applies ToRSA Product Set: BSAFE
 
IssueHow can I easily manage RSA BSAFE FIPS and non-FIPS library files if my application will sometimes run in a FIPS 140-2 mode and sometimes in non-FIPS mode?
ResolutionYou should never include both FIPS and non-FIPS libraries in your application. Using both sets of libraries together is not supported.

To allow your program to run in either a FIPS 140-2 mode, or non-FIPS mode, or to use multiple modes simultaneously, use only the FIPS library.

When using the FIPS library, a FIPS 140-2 mode called NON_FIPS140_MODE is available, that can be set to turn off FIPS.  As with all FIPS 140-2 modes,  NON_FIPS140_MODE can be set either in a configuration file, or programmatically, or both, depending on your requirements.

The non-FIPS library file should be used only if you will not use FIPS 140-2 with your application.  The non-FIPS library file does not do the FIPS 140-2 self-tests on first usage, at power-up.
NotesInformation about setting FIPS modes is in the Developer's Guide and the Install Guide for your RSA BSAFE product, and sample programs are also available.

Documentation is available in the doc sub-folder of your product package, and sample programs are in the sample folder.  Documentation and samples are also available for your product on RSA Link's RSA BSAFE Documentation and Downloads page.

Attachments

    Outcomes