canmove, Confirmed users
937
edits
NSSCryptoModuleSpec/Section 9: Self Tests: Difference between revisions
NSSCryptoModuleSpec/Section 9: Self Tests (view source)
Revision as of 01:46, 2 August 2006
, 2 August 2006no edit summary
No edit summary |
No edit summary |
||
| Line 61: | Line 61: | ||
The module can perform the following self-tests: | The module can perform the following self-tests: | ||
* Power-up self-tests | * Power-up self-tests | ||
** Cryptographic algorithm tests: A known-answer test is conducted for all cryptographic functions (e.g., encryption, decryption, authentication and random number generation) of each Approved cryptographic algorithm implemented by the cryptographic module: RC2, RC4, DES, Triple DES, AES-128, AES-192, AES-256, MD2, MD5, SHA-1, SHA-256, SHA-384, SHA-512, HMAC-SHA-1, HMAC-SHA-256, HMAC-SHA-384, HMAC-SHA-512, RSA, DSA, RNG, and ECDSA (see the [http://www.mozilla.org/projects/security/pki/nss/fips/nss-source/mozilla/security/nss/lib/softoken/fipstest.c.html power-up self-tests source code]). Note | ** Cryptographic algorithm tests: A known-answer test is conducted for all cryptographic functions (e.g., encryption, decryption, authentication and random number generation) of each Approved cryptographic algorithm implemented by the cryptographic module: RC2, RC4, DES, Triple DES, AES-128, AES-192, AES-256, MD2, MD5, SHA-1, SHA-256, SHA-384, SHA-512, HMAC-SHA-1, HMAC-SHA-256, HMAC-SHA-384, HMAC-SHA-512, RSA, DSA, RNG, and ECDSA (see the [http://www.mozilla.org/projects/security/pki/nss/fips/nss-source/mozilla/security/nss/lib/softoken/fipstest.c.html power-up self-tests source code]).<div class=note>'''Note:''' Cryptographic algorithms whose outputs vary for a given set of inputs (DSA and ECDSA) are tested using a known-answer test. The message digest algorithms have independent known-answer tests.</div> | ||
** Software integrity test | ** Software integrity test | ||
* Conditional self-tests | * Conditional self-tests | ||