Power Up Selftests: Difference between revisions

From MozillaWiki
Jump to navigation Jump to search
No edit summary
 
No edit summary
Line 1: Line 1:
The module can perform the following self-tests:
The module can perform the following self-tests:
* Power-up self-tests
 
** Cryptographic algorithm tests: A known-answer test is conducted for all cryptographic functions (e.g., encryption, decryption, authentication and random number generation) of each Approved cryptographic algorithm implemented by the cryptographic module: RC2, RC4, DES, Triple DES, AES-128, AES-192, AES-256, MD2, MD5, SHA-1, SHA-256, SHA-384, SHA-512, HMAC-SHA-1, HMAC-SHA-256, HMAC-SHA-384, HMAC-SHA-512, RSA, DSA, RNG, and ECDSA (see the [http://www.mozilla.org/projects/security/pki/nss/fips/nss-source/mozilla/security/nss/lib/softoken/fipstest.c.html power-up self-tests source code]).<div class=note>'''Note:''' Cryptographic algorithms whose outputs vary for a given set of inputs (DSA and ECDSA) are tested using a known-answer test. The message digest algorithms have independent known-answer tests.</div>
=Power-Up Selftests=
** Software integrity test
* Cryptographic algorithm tests
* Conditional self-tests
A known-answer test is conducted for all cryptographic functions (e.g., encryption, decryption, authentication and random number generation) of each Approved cryptographic algorithm implemented by the cryptographic module:
** Pair-wise consistency test (for public and private keys)
 
** Continous random number generator test
{| border="1" cellpadding="2"
|+
|-
!
Algorithm
!
Comment
|-
| RC2||
|-
| RC4||
|-
| DES||
|-
| Triple DES||
|-
| AES-128||
|-
| AES-192||
|-
| AES-256||
|-
| MD2||
|-
| MD5||
|-
| SHA-1||
|-
| SHA-256||
|-
| SHA-384||
|-
| SHA-512||
|-
| HMAC-SHA-1||
|-
| HMAC-SHA-256||
|-
| HMAC-SHA-384||
|-
| HMAC-SHA-512||
|-
| RSA||
|-
| DSA||
|-
| RNG||
|-
| ECDSA||
|-
(see the [http://www.mozilla.org/projects/security/pki/nss/fips/nss-source/mozilla/security/nss/lib/softoken/fipstest.c.html power-up self-tests source code]).<div class=note>'''Note:''' Cryptographic algorithms whose outputs vary for a given set of inputs (DSA and ECDSA) are tested using a known-answer test. The message digest algorithms have independent known-answer tests.</div>
|}
 
* Software integrity test
 
=Conditional self-tests=
* Pair-wise consistency test (for public and private keys)
* Continous random number generator test


These tests are mandatory for the FIPS 140-2 mode of
These tests are mandatory for the FIPS 140-2 mode of
operation.
operation.

Revision as of 20:30, 3 August 2006

The module can perform the following self-tests:

Power-Up Selftests

  • Cryptographic algorithm tests

A known-answer test is conducted for all cryptographic functions (e.g., encryption, decryption, authentication and random number generation) of each Approved cryptographic algorithm implemented by the cryptographic module:

(see the power-up self-tests source code).
Note: Cryptographic algorithms whose outputs vary for a given set of inputs (DSA and ECDSA) are tested using a known-answer test. The message digest algorithms have independent known-answer tests.

Algorithm

Comment

RC2
RC4
DES
Triple DES
AES-128
AES-192
AES-256
MD2
MD5
SHA-1
SHA-256
SHA-384
SHA-512
HMAC-SHA-1
HMAC-SHA-256
HMAC-SHA-384
HMAC-SHA-512
RSA
DSA
RNG
ECDSA
  • Software integrity test

Conditional self-tests

  • Pair-wise consistency test (for public and private keys)
  • Continous random number generator test

These tests are mandatory for the FIPS 140-2 mode of operation.

Retrieved from "https://wiki.allizom.org/index.php?title=Power_Up_Selftests&oldid=30613"