MozillaWiki

Power Up Selftests: Difference between revisions

Page Discussion

Power Up Selftests (view source)

Revision as of 20:30, 3 August 2006

187 bytes added ,  3 August 2006
no edit summary
No edit summary
 
No edit summary
Line 1: Line 1:
The module can perform the following self-tests:
The module can perform the following self-tests:
* Power-up self-tests
 
** Cryptographic algorithm tests: A known-answer test is conducted for all cryptographic functions (e.g., encryption, decryption, authentication and random number generation) of each Approved cryptographic algorithm implemented by the cryptographic module: RC2, RC4, DES, Triple DES, AES-128, AES-192, AES-256, MD2, MD5, SHA-1, SHA-256, SHA-384, SHA-512, HMAC-SHA-1, HMAC-SHA-256, HMAC-SHA-384, HMAC-SHA-512, RSA, DSA, RNG, and ECDSA (see the [http://www.mozilla.org/projects/security/pki/nss/fips/nss-source/mozilla/security/nss/lib/softoken/fipstest.c.html power-up self-tests source code]).<div class=note>'''Note:''' Cryptographic algorithms whose outputs vary for a given set of inputs (DSA and ECDSA) are tested using a known-answer test. The message digest algorithms have independent known-answer tests.</div>
=Power-Up Selftests=
** Software integrity test
* Cryptographic algorithm tests
* Conditional self-tests
A known-answer test is conducted for all cryptographic functions (e.g., encryption, decryption, authentication and random number generation) of each Approved cryptographic algorithm implemented by the cryptographic module:
** Pair-wise consistency test (for public and private keys)
 
** Continous random number generator test
{| border="1" cellpadding="2"
|+
|-
!
Algorithm
!
Comment
|-
| RC2||
|-
| RC4||
|-
| DES||
|-
| Triple DES||
|-
| AES-128||
|-
| AES-192||
|-
| AES-256||
|-
| MD2||
|-
| MD5||
|-
| SHA-1||
|-
| SHA-256||
|-
| SHA-384||
|-
| SHA-512||
|-
| HMAC-SHA-1||
|-
| HMAC-SHA-256||
|-
| HMAC-SHA-384||
|-
| HMAC-SHA-512||
|-
| RSA||
|-
| DSA||
|-
| RNG||
|-
| ECDSA||
|-
(see the [http://www.mozilla.org/projects/security/pki/nss/fips/nss-source/mozilla/security/nss/lib/softoken/fipstest.c.html power-up self-tests source code]).<div class=note>'''Note:''' Cryptographic algorithms whose outputs vary for a given set of inputs (DSA and ECDSA) are tested using a known-answer test. The message digest algorithms have independent known-answer tests.</div>
|}
 
* Software integrity test
 
=Conditional self-tests=
* Pair-wise consistency test (for public and private keys)
* Continous random number generator test


These tests are mandatory for the FIPS 140-2 mode of
These tests are mandatory for the FIPS 140-2 mode of
operation.
operation.
Neil.williams
198

edits

Retrieved from "https://wiki.allizom.org/Special:MobileDiff/30613"