Power Up Selftests: Difference between revisions

From MozillaWiki
Jump to navigation Jump to search
 
(12 intermediate revisions by 5 users not shown)
Line 1: Line 1:
The module can perform the following self-tests:
=Power-Up Self-Tests=
 
The module can perform the following power-up self-tests:


=Power-Up Selftests=
==Cryptographic algorithm tests==
==Cryptographic algorithm tests==
A known-answer test is conducted for all cryptographic functions (e.g., encryption, decryption, authentication and random number generation) of each Approved cryptographic algorithm implemented by the cryptographic module:
A known-answer test is conducted for all cryptographic functions (e.g., encryption, decryption, authentication, and random number generation) of each Approved cryptographic algorithm implemented by the cryptographic module. (See the [http://mxr.mozilla.org/security/source/security/nss/lib/softoken/fipstest.c power-up self-tests source code].)


{| border="1" cellpadding="2"
{| border="1" cellpadding="2"
Line 50: Line 51:
Single-Round Known Answer Hashing
Single-Round Known Answer Hashing
|-
|-
| HMAC-SHA-1||
| HMAC-SHA-1, HMAC-SHA-256, HMAC-SHA-384, HMAC-SHA-512||
Single-Round Known Answer HMAC
Single-Round Known Answer HMAC
|-
| HMAC-SHA-256, HMAC-SHA-384, HMAC-SHA-512||
Single-Round Known Answer
|-
|-
| RSA||
| RSA||
Line 69: Line 67:
|-
|-
| RNG||
| RNG||
NIST SP 800-90 Hash_Drbg Known Answer Test<br>
NIST SP 800-90 Invalid input checks<br>
NIST SP 800-90 Automatic reseed checks<br>
[Collectively NIST SP 800-90 DRBG Health Checks]
|-
|-
| ECDSA||
| ECDSA - NIST Curve P-256 (the Extended ECC version of the module also tests Curve K-283)||
Single-Round Known Answer Signature<br>
Single-Round Known Answer Signature<br>
Single-Round Known Answer Verification
Single-Round Known Answer Verification
|-
(see the [http://www.mozilla.org/projects/security/pki/nss/fips/nss-source/mozilla/security/nss/lib/softoken/fipstest.c.html power-up self-tests source code]).<div class=note>'''Note:''' Cryptographic algorithms whose outputs vary for a given set of inputs (DSA and ECDSA) are tested using a known-answer test. The message digest algorithms have independent known-answer tests.</div>
|}
|}


==Software integrity test==
<div class=note>'''Note:''' Cryptographic algorithms whose outputs vary for a given set of inputs (DSA and ECDSA) are tested using a known-answer test. The message digest algorithms have independent known-answer tests.</div>
 
==Random number generator test==
 
See the known-answer test for RNG above.


=Conditional self-tests=
==Software/firmware integrity test==
* Pair-wise consistency test (for public and private keys)
An integrity check is performed on the libraries that contain the NSS cryptographic module. If the check fails, the module immediately enters the Error state.
* Continous random number generator test


These tests are mandatory for the FIPS 140-2 mode of
==Critical functions test==
operation.
No other critical functions tests are performed on power-up.

Latest revision as of 19:35, 16 November 2011

Power-Up Self-Tests

The module can perform the following power-up self-tests:

Cryptographic algorithm tests

A known-answer test is conducted for all cryptographic functions (e.g., encryption, decryption, authentication, and random number generation) of each Approved cryptographic algorithm implemented by the cryptographic module. (See the power-up self-tests source code.)

Algorithm

Tests

RC2

RC2-ECB Single-Round Known Answer Encryption
RC2-ECB Single-Round Known Answer Decryption
RC2-CBC Single-Round Known Answer Encryption
RC2-CBC Single-Round Known Answer Decryption

RC4

Single-Round Known Answer Encryption
Single-Round Known Answer Decryption

DES

DES-ECB Single-Round Known Answer Encryption
DES-ECB Single-Round Known Answer Decryption
DES-CBC Single-Round Known Answer Encryption
DES-CBC Single-Round Known Answer Decryption

Triple DES

DES3-ECB Single-Round Known Answer Encryption
DES3-ECB Single-Round Known Answer Decryption
DES3-CBC Single-Round Known Answer Encryption
DES3-CBC Single-Round Known Answer Decryption

AES-128, AES-192, AES-256

AES-ECB Single-Round Known Answer Encryption
AES-ECB Single-Round Known Answer Decryption
AES-CBC Single-Round Known Answer Encryption
AES-CBC Single-Round Known Answer Decryption

MD2

Single-Round Known Answer Hashing

MD5

Single-Round Known Answer Hashing

SHA-1, SHA-256, SHA-384, SHA-512

Single-Round Known Answer Hashing

HMAC-SHA-1, HMAC-SHA-256, HMAC-SHA-384, HMAC-SHA-512

Single-Round Known Answer HMAC

RSA

Single-Round Known Answer Encryption
Single-Round Known Answer Decryption
Single-Round Known Answer Signature Test SHA-1
Single-Round Known Answer Signature Test SHA-256
Single-Round Known Answer Signature Test SHA-384
Single-Round Known Answer Signature Test SHA-512

DSA

Single-Round Known Answer Signature
Single-Round Known Answer Verification

RNG

NIST SP 800-90 Hash_Drbg Known Answer Test
NIST SP 800-90 Invalid input checks
NIST SP 800-90 Automatic reseed checks
[Collectively NIST SP 800-90 DRBG Health Checks]

ECDSA - NIST Curve P-256 (the Extended ECC version of the module also tests Curve K-283)

Single-Round Known Answer Signature
Single-Round Known Answer Verification

Note: Cryptographic algorithms whose outputs vary for a given set of inputs (DSA and ECDSA) are tested using a known-answer test. The message digest algorithms have independent known-answer tests.

Random number generator test

See the known-answer test for RNG above.

Software/firmware integrity test

An integrity check is performed on the libraries that contain the NSS cryptographic module. If the check fails, the module immediately enters the Error state.

Critical functions test

No other critical functions tests are performed on power-up.

Retrieved from "https://wiki.allizom.org/index.php?title=Power_Up_Selftests&oldid=370331"