This is a draft document.
Finite State Model
The state transition diagram of the NSS cryptographic module is shown below.
The NSS cryptographic module has two modes of operation: FIPS Approved mode and non-FIPS Approved mode. The FIPS Approved mode is of more interest to the FIPS 140-2 validation and it is therefore shown with more details. When a program calls the
FC_Initialize function of the NSS cryptographic module library, the state changes and power-up self-tests are performed. See Self Tests for a description of the power-up self-tests. If the self-tests succeed, the library is considered initialized for the FIPS Approved mode and the module enters the normal operational state. Please refer to the tables below when studying this state transition diagram.
Recovery from error states: If the FIPS Approved mode of the module ever enters the Error state, the NSS cryptographic module library needs to be shut down (transition 3.0) and reinitialized (transition 1.1).
Inclusive statement: The action of the finite state model as a result of all other combinations of data and control inputs is defined as follows.
- If the data and control inputs are valid and the module performs the service successfully, the module outputs the requested data or status information and returns
- If the data and control inputs are invalid or the module encounters an error (e.g., running out of memory) when performing a service, the module does not output any data and simply returns an appropriate error code (e.g.,
The module stays in the current state.
|1.X||Power Off||Host computer is powered off. The initial state.||Host computer's power light is off.|
|1.A||Inactive||Host computer is up and running.||Host computer's power light is on.|
|1.B||Power Up Self Test||NSS cryptographic module library initialization for the FIPS Approved mode has been initiated. This state performs library initialization, software integrity test, and power-up self-tests.|| The |
|1.C||Public Services||NSS cryptographic module library has been initialized for the FIPS Approved mode and its self-tests have passed. Services that do not require logging in to the module are available.|| Public services can be invoked. Private services fail with the error code |
|2||NSS User Services||Operator has successfully logged in to assume the NSS User role and has access to all the services provided by the FIPS Approved mode of the NSS cryptographic module.||All services can be invoked.|
|3||Error||The FIPS Approved mode of the NSS cryptographic module either has failed a conditional test while performing a service or has failed a power-up or operator-initiated self-test. No further cryptographic operations will be performed.|| Only |
|5.B||Non-FIPS Mode||The non-FIPS Approved mode of the NSS cryptographic module has been activated. This is a composite state whose substates are not relevant to FIPS 140-2.|| |
|1.0||Power Off||Inactive||Host computer is powered up||None|
|1.1||Inactive||Power Up Self Test||
||Opens the databases. Power-up self-tests initiated.|
|1.2||Power Up Self Test||Public Services||Successful library initialization, software integrity test, and power-up self-tests|| |
|1.3||Power Up Self Test||Error||Software integrity test or power-up self-test failure|| |
|1.4||Public Services||Error||Conditional self-test (continuous random number generator test) failed while performing a service (random number generation)|| The function (|
|1.5||Public Services||NSS User Services||User login succeeded|| |
|1.6||Public Services||Public Services||User login failed|| |
|2.1||NSS User Services||Public Services||User logout requested|| |
|2.5||NSS User Services||Inactive||
|2.6||NSS User Services||Error||Conditional self-test (continuous random number generator test or pair-wise consistency test) failed while performing a service (random number generation or key pair generation)|| The function (|
|4.0||Any state other than "Power Off"||Power Off||Host computer is powered off||None|
|| Opens the databases. |