Power Up Selftests: Difference between revisions

No edit summary
 
(14 intermediate revisions by 5 users not shown)
Line 1: Line 1:
The module can perform the following self-tests:
=Power-Up Self-Tests=


=Power-Up Selftests=
The module can perform the following power-up self-tests:
* Cryptographic algorithm tests
 
A known-answer test is conducted for all cryptographic functions (e.g., encryption, decryption, authentication and random number generation) of each Approved cryptographic algorithm implemented by the cryptographic module:
==Cryptographic algorithm tests==
A known-answer test is conducted for all cryptographic functions (e.g., encryption, decryption, authentication, and random number generation) of each Approved cryptographic algorithm implemented by the cryptographic module. (See the [http://mxr.mozilla.org/security/source/security/nss/lib/softoken/fipstest.c power-up self-tests source code].)


{| border="1" cellpadding="2"
{| border="1" cellpadding="2"
Line 11: Line 12:
Algorithm
Algorithm
!
!
Comment
Tests
|-
|-
| RC2||
| RC2||
RC2-ECB Single-Round Known Answer Encryption<br>
RC2-ECB Single-Round Known Answer Decryption<br>
RC2-CBC Single-Round Known Answer Encryption<br>
RC2-CBC Single-Round Known Answer Decryption
|-
|-
| RC4||
| RC4||
Single-Round Known Answer Encryption<br>
Single-Round Known Answer Decryption
|-
|-
| DES||
| DES||
DES-ECB Single-Round Known Answer Encryption<br>
DES-ECB Single-Round Known Answer Decryption<br>
DES-CBC Single-Round Known Answer Encryption<br>
DES-CBC Single-Round Known Answer Decryption
|-
|-
| Triple DES||
| Triple DES||
DES3-ECB Single-Round Known Answer Encryption<br>
DES3-ECB Single-Round Known Answer Decryption<br>
DES3-CBC Single-Round Known Answer Encryption<br>
DES3-CBC Single-Round Known Answer Decryption
|-
|-
| AES-128||
| AES-128, AES-192, AES-256||
|-
AES-ECB Single-Round Known Answer Encryption<br>
| AES-192||
AES-ECB Single-Round Known Answer Decryption<br>
|-
AES-CBC Single-Round Known Answer Encryption<br>
| AES-256||
AES-CBC Single-Round Known Answer Decryption
|-
|-
| MD2||
| MD2||
Single-Round Known Answer Hashing
|-
|-
| MD5||
| MD5||
Single-Round Known Answer Hashing
|-
|-
| SHA-1||
| SHA-1, SHA-256, SHA-384, SHA-512||
|-
Single-Round Known Answer Hashing
| SHA-256||
|-
| SHA-384||
|-
| SHA-512||
|-
| HMAC-SHA-1||
|-
| HMAC-SHA-256||
|-
| HMAC-SHA-384||
|-
|-
| HMAC-SHA-512||
| HMAC-SHA-1, HMAC-SHA-256, HMAC-SHA-384, HMAC-SHA-512||
Single-Round Known Answer HMAC
|-
|-
| RSA||
| RSA||
Single-Round Known Answer Encryption<br>
Single-Round Known Answer Decryption<br>
Single-Round Known Answer Signature Test SHA-1<br>
Single-Round Known Answer Signature Test SHA-256<br>
Single-Round Known Answer Signature Test SHA-384<br>
Single-Round Known Answer Signature Test SHA-512<br>
|-
|-
| DSA||
| DSA||
Single-Round Known Answer Signature<br>
Single-Round Known Answer Verification
|-
|-
| RNG||
| RNG||
NIST SP 800-90 Hash_Drbg Known Answer Test<br>
NIST SP 800-90 Invalid input checks<br>
NIST SP 800-90 Automatic reseed checks<br>
[Collectively NIST SP 800-90 DRBG Health Checks]
|-
|-
| ECDSA||
| ECDSA - NIST Curve P-256 (the Extended ECC version of the module also tests Curve K-283)||
|-
Single-Round Known Answer Signature<br>
(see the [http://www.mozilla.org/projects/security/pki/nss/fips/nss-source/mozilla/security/nss/lib/softoken/fipstest.c.html power-up self-tests source code]).<div class=note>'''Note:''' Cryptographic algorithms whose outputs vary for a given set of inputs (DSA and ECDSA) are tested using a known-answer test. The message digest algorithms have independent known-answer tests.</div>
Single-Round Known Answer Verification
|}
|}


* Software integrity test
<div class=note>'''Note:''' Cryptographic algorithms whose outputs vary for a given set of inputs (DSA and ECDSA) are tested using a known-answer test. The message digest algorithms have independent known-answer tests.</div>
 
==Random number generator test==
 
See the known-answer test for RNG above.


=Conditional self-tests=
==Software/firmware integrity test==
* Pair-wise consistency test (for public and private keys)
An integrity check is performed on the libraries that contain the NSS cryptographic module. If the check fails, the module immediately enters the Error state.
* Continous random number generator test


These tests are mandatory for the FIPS 140-2 mode of
==Critical functions test==
operation.
No other critical functions tests are performed on power-up.
439

edits