NSSCryptoModuleSpec/Section 9: Self Tests: Difference between revisions

m
no edit summary
No edit summary
mNo edit summary
Line 196: Line 196:
[http://wiki.mozilla.org/VE_09#VE.09.43.01 VE.09.43.01 ]  
[http://wiki.mozilla.org/VE_09#VE.09.43.01 VE.09.43.01 ]  
||  
||  
The module performs the continuous random number generator test on the Approved RNG. In the [http://www.mozilla.org/projects/security/pki/nss/fips/nss-source/mozilla/security/nss/lib/freebl/prng_fips1861.c.dep.html#alg_fips186_2_cn_1 alg_fips186_2_cn_1] function, if the 320-bit block <code>x_j</code> matches
There is only one random number generator (RNG) used in the NSS cryptographic module. The RNG is an Approved RNG, implementing Algorithm Hash_DRBG of [http://csrc.nist.gov/publications/nistpubs/800-90/SP800-90revised_March2007.pdf NIST SP 800-90].
the previous 320-bit block <code>rng->Xj</code> (the odds are 2^320), then
the status code <code>SECFailure</code> is returned. This will
propogate up to calling functions to put the cryptographic
module in the Error state. The first block is not used (see the [http://www.mozilla.org/projects/security/pki/nss/fips/nss-source/mozilla/security/nss/lib/freebl/prng_fips1861.c.dep.html#prng_RandomUpdate prng_RandomUpdate] function) but is saved for comparison with the next block.
|| Draft
|| Draft
|-
|-
219

edits