canmove, Confirmed users, Bureaucrats and Sysops emeriti
960
edits
NSSCryptoModuleSpec/Section 1: Cryptographic Module Specification: Difference between revisions
NSSCryptoModuleSpec/Section 1: Cryptographic Module Specification (view source)
Revision as of 12:01, 11 May 2015
, 11 May 2015GPHemsley moved page Section 1: Cryptographic Module Specification to NSSCryptoModuleSpec/Section 1: Cryptographic Module Specification without leaving a redirect: NSSCryptoModuleSpec page
mNo edit summary |
m (GPHemsley moved page Section 1: Cryptographic Module Specification to NSSCryptoModuleSpec/Section 1: Cryptographic Module Specification without leaving a redirect: NSSCryptoModuleSpec page) |
||
| (25 intermediate revisions by 4 users not shown) | |||
| Line 14: | Line 14: | ||
Status | Status | ||
|- | |- | ||
|'''Approved mode of | |'''Approved mode of operation''' || | ||
[http://wiki.mozilla.org/VE_01#VE.01.03.01 VE.01.03.01 ] <br> | [http://wiki.mozilla.org/VE_01#VE.01.03.01 VE.01.03.01 ] <br> | ||
[http://wiki.mozilla.org/VE_01#VE.01.03.02 VE.01.03.02 ] | [http://wiki.mozilla.org/VE_01#VE.01.03.02 VE.01.03.02 ] | ||
|| | || | ||
[http://wiki.mozilla.org/ | [http://www.mozilla.org/projects/security/pki/nss/fips/secpolicy.pdf Security Policy Rule 15] <br> | ||
[http://wiki.mozilla.org/FIPS_Module_Specification#Approved_Mode_of_Operation Approved Mode of Operation] | |||
|| Draft | || Draft | ||
|- | |- | ||
|'''Processor interfaces''' | |'''Processor interfaces''' | ||
| | | [http://wiki.mozilla.org/VE_01#VE.01.06.01 VE.01.06.01 ]<br> [http://wiki.mozilla.org/VE_01#VE.01.06.02 VE.01.06.02 ] | ||
| (N/A) NSS is a software cryptographic module that runs on a general purpose computer. || Draft | |||
|- | |- | ||
|'''Modules Components''' | |'''Modules Components''' | ||
| [http://wiki.mozilla.org/VE_01#VE.01.08.01 VE.01.08.01 ] <br> [http://wiki.mozilla.org/VE_01#VE.01.08.02 VE.01.08.02 ] | |||
| [http://wiki.mozilla.org/FIPS_Module_Specification#Module_Components Module Components]|| Draft | |||
|- | |- | ||
|'''Cryptographic Boundary'''|| | |'''Cryptographic Boundary'''|| | ||
[http://wiki.mozilla.org/VE_01#VE.01.08. | [http://wiki.mozilla.org/VE_01#VE.01.08.03 VE.01.08.03 ] <br> | ||
[http://wiki.mozilla.org/VE_01#VE.01.08. | [http://wiki.mozilla.org/VE_01#VE.01.08.04 VE.01.08.04 ] <br> | ||
| | [http://wiki.mozilla.org/VE_01#VE.01.08.05 VE.01.08.05 ] | ||
| [http://wiki.mozilla.org/FIPS_Module_Specification#The_Cryptographic_Boundary Cryptographic Boundary]|| Draft | |||
|- | |- | ||
| || [http://wiki.mozilla.org/VE_01#VE.01.08. | |'''Physical Description'''|| | ||
[http://wiki.mozilla.org/VE_01#VE.01.08.06 VE.01.08.06 ] <br> | |||
[http://wiki.mozilla.org/VE_01#VE.01.08.07 VE.01.08.07 ] | |||
| (N/A) a general purpose computer || Draft | |||
|- | |- | ||
| || [http://wiki.mozilla.org/VE_01#VE.01. | |'''Excluded Components'''|| | ||
[http://wiki.mozilla.org/VE_01#VE.01.09.01 VE.01.09.01 ] <br> | |||
[http://wiki.mozilla.org/VE_01#VE.01.09.02 VE.01.09.02 ] | |||
| [http://wiki.mozilla.org/FIPS_Module_Specification#Module_Components Module Components]|| Draft | |||
|- | |- | ||
| || [http://wiki.mozilla.org/VE_01#VE.01. | |'''Algorithm Certificates'''|| | ||
[http://wiki.mozilla.org/VE_01#VE.01.12.01 VE.01.12.01 ] <br> | |||
[http://wiki.mozilla.org/VE_01#VE.01.12.02 VE.01.12.02 ] | |||
| [http://wiki.mozilla.org/FIPS_Validation#Algorithms Approved Algorithms] | |||
Non-Approved algorithms may only be used in non-FIPS mode, unless an exception is noted: | |||
* MD2 | |||
* MD5: may be used in the TLS pseudo-random function (PRF) in FIPS mode | |||
* DES: may be used for interoperation with legacy systems in FIPS mode | |||
* RC2 | |||
* RC4 | |||
* Camellia | |||
* SEED | |||
* JPAKE | |||
* HKDF | |||
|| Draft | |||
|- | |- | ||
| || [http://wiki.mozilla.org/VE_01#VE.01. | |'''Hardware Diagrams'''|| | ||
[http://wiki.mozilla.org/VE_01#VE.01.13.01 VE.01.13.01 ] <br> | |||
[http://wiki.mozilla.org/VE_01#VE.01.13.02 VE.01.13.02 ] <br> | |||
[http://wiki.mozilla.org/VE_01#VE.01.13.03 VE.01.13.03 ] | |||
| [http://wiki.mozilla.org/FIPS_Module_Specification#Hardware_Diagram Hardware Diagram] || Draft | |||
|- | |- | ||
| || [http://wiki.mozilla.org/VE_01#VE.01. | |'''Block Diagram'''|| | ||
[http://wiki.mozilla.org/VE_01#VE.01.13.04 VE.01.13.04 ] | |||
| The physical cryptographic boundary of the NSS module surrounds all the components of the general purpose computer. The logical cryptographic boundary is shown in [http://wiki.mozilla.org/FIPS_Module_Specification#The_Cryptographic_Boundary Cryptographic Boundary] | |||
|| Draft | |||
|- | |- | ||
| || [http://wiki.mozilla.org/VE_01#VE.01. | |'''Design Specification'''|| | ||
[http://wiki.mozilla.org/VE_01#VE.01.14.01 VE.01.14.01 ] | |||
|The design of the software contained in the NSS module is specified in [http://wiki.mozilla.org/FIPS_Module_Specification#Design_Specification Design Specification] || Draft | |||
|- | |- | ||
| || [http://wiki.mozilla.org/VE_01#VE.01. | |'''Security Policy'''|| | ||
[http://wiki.mozilla.org/VE_01#VE.01.15.01 VE.01.15.01 ] <br> | |||
[http://wiki.mozilla.org/VE_01#VE.01.16.01 VE.01.16.01 ] | |||
| [http://wiki.mozilla.org/FIPS_Module_Specification#Security-Related_Information Security-Related Information] <br> [http://www.mozilla.org/projects/security/pki/nss/fips/secpolicy.pdf Security Policy] | |||
|| Draft | |||
|} | |} | ||
Return to: [[NSSCryptoModuleSpec]] | Return to: [[NSSCryptoModuleSpec]] | ||