Power Up Selftests

From MozillaWiki
Jump to navigation Jump to search

The module can perform the following self-tests:

Power-Up Selftests

Cryptographic algorithm tests

A known-answer test is conducted for all cryptographic functions (e.g., encryption, decryption, authentication and random number generation) of each Approved cryptographic algorithm implemented by the cryptographic module:

(see the power-up self-tests source code).
Note: Cryptographic algorithms whose outputs vary for a given set of inputs (DSA and ECDSA) are tested using a known-answer test. The message digest algorithms have independent known-answer tests.

Algorithm

Tests

RC2

RC2-ECB Single-Round Known Answer Encryption
RC2-ECB Single-Round Known Answer Decryption
RC2-CBC Single-Round Known Answer Encryption
RC2-CBC Single-Round Known Answer Decryption

RC4

Single-Round Known Answer Encryption
Single-Round Known Answer Decryption

DES

DES-ECB Single-Round Known Answer Encryption
DES-ECB Single-Round Known Answer Decryption
DES-CBC Single-Round Known Answer Encryption
DES-CBC Single-Round Known Answer Decryption

Triple DES

DES3-ECB Single-Round Known Answer Encryption
DES3-ECB Single-Round Known Answer Decryption
DES3-CBC Single-Round Known Answer Encryption
DES3-CBC Single-Round Known Answer Decryption

AES-128, AES-192, AES-256

AES-ECB Single-Round Known Answer Encryption
AES-ECB Single-Round Known Answer Decryption
AES-CBC Single-Round Known Answer Encryption
AES-CBC Single-Round Known Answer Decryption

MD2

Single-Round Known Answer Hashing

MD5

Single-Round Known Answer Hashing

SHA-1, SHA-256, SHA-384, SHA-512

Single-Round Known Answer Hashing

HMAC-SHA-1

Single-Round Known Answer HMAC

HMAC-SHA-256, HMAC-SHA-384, HMAC-SHA-512

Single-Round Known Answer

RSA

Single-Round Known Answer Encryption
Single-Round Known Answer Decryption
Single-Round Known Answer Signature Test SHA-1
Single-Round Known Answer Signature Test SHA-256
Single-Round Known Answer Signature Test SHA-384
Single-Round Known Answer Signature Test SHA-512

DSA

Single-Round Known Answer Signature
Single-Round Known Answer Verification

RNG
ECDSA

Single-Round Known Answer Signature
Single-Round Known Answer Verification

Software integrity test

Conditional self-tests

  • Pair-wise consistency test (for public and private keys)
  • Continous random number generator test

These tests are mandatory for the FIPS 140-2 mode of operation.

Retrieved from "https://wiki.allizom.org/index.php?title=Power_Up_Selftests&oldid=30656"