canmove, Confirmed users
937
edits
NSSCryptoModuleSpec/Section 9: Self Tests: Difference between revisions
NSSCryptoModuleSpec/Section 9: Self Tests (view source)
Revision as of 21:42, 1 August 2006
, 1 August 2006no edit summary
No edit summary |
No edit summary |
||
| Line 50: | Line 50: | ||
|- | |- | ||
| | | | ||
'''List of | '''List of power-up & conditional self-tests | ||
performed by the module''' | performed by the module''' | ||
|| | || | ||
[http://wiki.mozilla.org/VE_09#VE.09.07.01 VE.09.07.01 ] | [http://wiki.mozilla.org/VE_09#VE.09.07.01 VE.09.07.01 ] | ||
|| | || | ||
The module can perform the following self-tests: | |||
* Power-up self-tests | |||
** Cryptographic algorithm tests (known-answer tests): RC2, RC4, DES, Triple DES, AES-128, AES-192, AES-256, MD2, MD5, SHA-1, SHA-256, SHA-384, SHA-512, HMAC-SHA-1, HMAC-SHA-256, HMAC-SHA-384, HMAC-SHA-512, RSA, DSA, RNG, and ECDSA ([http://www.mozilla.org/projects/security/pki/nss/fips/nss-source/mozilla/security/nss/lib/softoken/fipstest.c.html source code]). Note that the message digest algorithms have independent known-answer tests. | |||
** Software integrity test | |||
* Conditional self-tests | |||
** Pair-wise consistency test (for public and private keys) | |||
** Continous random number generator test | |||
No operator callbacks have been implemented | |||
at any point within the power-up self-tests. These | |||
tests are mandatory for the FIPS 140-2 mode of | |||
No operator | |||
at any point within the power-up self tests. These | |||
tests are mandatory for the FIPS | |||
operation. | operation. | ||
|| Draft | || Draft | ||