Power Up Selftests
Contents
Power-Up Self-Tests
The module can perform the following power-up self-tests:
Cryptographic algorithm tests
A known-answer test is conducted for all cryptographic functions (e.g., encryption, decryption, authentication, and random number generation) of each Approved cryptographic algorithm implemented by the cryptographic module. (See the power-up self-tests source code.)
|
Algorithm |
Tests |
|---|---|
| RC2 |
RC2-ECB Single-Round Known Answer Encryption |
| RC4 |
Single-Round Known Answer Encryption |
| DES |
DES-ECB Single-Round Known Answer Encryption |
| Triple DES |
DES3-ECB Single-Round Known Answer Encryption |
| AES-128, AES-192, AES-256 |
AES-ECB Single-Round Known Answer Encryption |
| MD2 |
Single-Round Known Answer Hashing |
| MD5 |
Single-Round Known Answer Hashing |
| SHA-1, SHA-256, SHA-384, SHA-512 |
Single-Round Known Answer Hashing |
| HMAC-SHA-1, HMAC-SHA-256, HMAC-SHA-384, HMAC-SHA-512 |
Single-Round Known Answer HMAC |
| RSA |
Single-Round Known Answer Encryption |
| DSA |
Single-Round Known Answer Signature |
| RNG |
NIST SP 800-90 Hash_Drbg Known Answer Test |
| ECDSA - NIST Curve P-256 (the Extended ECC version of the module also tests Curve K-283) |
Single-Round Known Answer Signature |
Random number generator test
See the known-answer test for RNG above.
Software/firmware integrity test
An integrity check is performed on the libraries that contain the NSS cryptographic module. If the check fails, the module immediately enters the Error state.
Critical functions test
No other critical functions tests are performed on power-up.
