Power Up Selftests

From MozillaWiki
Jump to navigation Jump to search

The module can perform the following self-tests:

Power-Up Selftests

  • Cryptographic algorithm tests

A known-answer test is conducted for all cryptographic functions (e.g., encryption, decryption, authentication and random number generation) of each Approved cryptographic algorithm implemented by the cryptographic module:

(see the power-up self-tests source code).
Note: Cryptographic algorithms whose outputs vary for a given set of inputs (DSA and ECDSA) are tested using a known-answer test. The message digest algorithms have independent known-answer tests.

Algorithm

Tests

RC2

RC2-ECB Single-Round Known Answer Encryption
RC2-ECB Single-Round Known Answer Decryption
RC2-CBC Single-Round Known Answer Encryption
RC2-CBC Single-Round Known Answer Decryption

RC4

RC4 Single-Round Known Answer Encryption
RC4 Single-Round Known Answer Decryption

DES

DES-ECB Single-Round Known Answer Encryption
DES-ECB Single-Round Known Answer Decryption
DES-CBC Single-Round Known Answer Encryption
DES-CBC Single-Round Known Answer Decryption

Triple DES

DES3-ECB Single-Round Known Answer Encryption
DES3-ECB Single-Round Known Answer Decryption
DES3-CBC Single-Round Known Answer Encryption
DES3-CBC Single-Round Known Answer Decryption

AES-128, AES-192, AES-256

AES-ECB Single-Round Known Answer Encryption
AES-ECB Single-Round Known Answer Decryption
AES-CBC Single-Round Known Answer Encryption
AES-CBC Single-Round Known Answer Decryption

MD2

MD2 Single-Round Known Answer Hashing

MD5
SHA-1
SHA-256
SHA-384
SHA-512
HMAC-SHA-1
HMAC-SHA-256
HMAC-SHA-384
HMAC-SHA-512
RSA
DSA
RNG
ECDSA
  • Software integrity test

Conditional self-tests

  • Pair-wise consistency test (for public and private keys)
  • Continous random number generator test

These tests are mandatory for the FIPS 140-2 mode of operation.

Retrieved from "https://wiki.allizom.org/index.php?title=Power_Up_Selftests&oldid=30631"