NSSCryptoModuleSpec/Section 9: Self Tests: Difference between revisions

Jump to navigation Jump to search

NSSCryptoModuleSpec/Section 9: Self Tests (view source)

Revision as of 16:40, 21 September 2005

967 bytes added ,  21 September 2005
m
no edit summary
mNo edit summary
mNo edit summary
Line 140: Line 140:
'''All self tests shall use a known answer'''.  
'''All self tests shall use a known answer'''.  
|| [http://wiki.mozilla.org/VE_09#VE.09.13.01 VE.09.13.01 ] ||
|| [http://wiki.mozilla.org/VE_09#VE.09.13.01 VE.09.13.01 ] ||
a known answer is shall be conducted for
A known answer shall be conducted for
all cryptographic functions (e.g., encryption,  
all cryptographic functions (e.g., encryption,  
decryption, authentication and random  
decryption, authentication and random  
number generation) of each Approved  
number generation) of each Approved  
Line 163: Line 163:
'''specify the method used to compare the  
'''specify the method used to compare the  
calculated output with the known answer.'''
calculated output with the known answer.'''
|| [http://wiki.mozilla.org/VE_09#VE.09.17.01 VE.09.17.01 ] ||  
||  
[http://wiki.mozilla.org/VE_09#VE.09.17.01 VE.09.17.01 ]  
||  


PORT_Memcmp is used to compare the computed  
PORT_Memcmp is used to compare the computed  
Line 173: Line 175:
||
||
|-
|-
| || [http://wiki.mozilla.org/VE_09#VE.09.17.02 VE.09.17.02 ] || ||
|
'''Error State''' when two outputs are
not equal.
||  
[http://wiki.mozilla.org/VE_09#VE.09.17.02 VE.09.17.02 ]  
||  
'''CKR_DEVICE_ERROR''' is returned when the two outputs
are not equal.
||
|-
|-
| || [http://wiki.mozilla.org/VE_09#VE.09.18.01 VE.09.18.01 ] || ||
|  
|-
'''Self-Test discription''' for
| || [http://wiki.mozilla.org/VE_09#VE.09.18.02 VE.09.18.02 ] || ||
all tests implemented.
|-
||  
| || [http://wiki.mozilla.org/VE_09#VE.09.19.01 VE.09.19.01 ] || ||
[http://wiki.mozilla.org/VE_09#VE.09.18.01 VE.09.18.01 ]  
|-
[http://wiki.mozilla.org/VE_09#VE.09.18.02 VE.09.18.02 ]  
| || [http://wiki.mozilla.org/VE_09#VE.09.19.02 VE.09.19.02 ] || ||
[http://wiki.mozilla.org/VE_09#VE.09.19.01 VE.09.19.01 ]  
|-
[http://wiki.mozilla.org/VE_09#VE.09.19.02 VE.09.19.02 ]  
| || [http://wiki.mozilla.org/VE_09#VE.09.20.01 VE.09.20.01 ] || ||
[http://wiki.mozilla.org/VE_09#VE.09.20.01 VE.09.20.01 ]
||
[http://www.mozilla.org/projects/security/pki/nss/fips/nss-source/mozilla/security/nss/lib/softoken/fipstest.c.html 
Power up Self Test Code]
 
[[Power up SelfTest Design]]
 
No operator call backs have been implemented
at any point within the power-up self tests. These
tests are mandatory for the FIPS-140-2 mode of
operation.
|-
|-
| || [http://wiki.mozilla.org/VE_09#VE.09.20.02 VE.09.20.02 ] || (N/A) ||
| || [http://wiki.mozilla.org/VE_09#VE.09.20.02 VE.09.20.02 ] || (N/A) ||
Line 213: Line 233:
| || [http://wiki.mozilla.org/VE_09#VE.09.40.02 VE.09.40.02 ] || (N/A) ||
| || [http://wiki.mozilla.org/VE_09#VE.09.40.02 VE.09.40.02 ] || (N/A) ||
|-
|-
| || [http://wiki.mozilla.org/VE_09#VE.09.42.01 VE.09.42.01 ] || ||
|  
|-
'''Random number generator''' is implemented, document
| || [http://wiki.mozilla.org/VE_09#VE.09.43.01 VE.09.43.01 ] || ||
the continuous RNG test performed
||  
[http://wiki.mozilla.org/VE_09#VE.09.42.01 VE.09.42.01 ]  
[http://wiki.mozilla.org/VE_09#VE.09.43.01 VE.09.43.01 ]  
||  
[http://www.mozilla.org/projects/security/pki/nss/fips/nss-source/mozilla/security/nss/lib/freebl/prng_fips1861.c.dep.html#alg_fips186_1_x3_1 Continuous Pseudo-Random Number Self-Tests ]
In this code reference, if the SHA-1 hash matches
the previous SHA-1 hash (the odds are 2^160), then
the error code SECFailure is returned. This will
propogate up to calling functions to put the cryptographic
module in critical error state.
||
|-
|-
| || [http://wiki.mozilla.org/VE_09#VE.09.45.01 VE.09.45.01 ] || (N/A) ||
| || [http://wiki.mozilla.org/VE_09#VE.09.45.01 VE.09.45.01 ] || (N/A) ||
Glen
219

edits

Retrieved from "https://wiki.allizom.org/Special:MobileDiff/12104"

Navigation menu