FIPSFSM
Jump to navigation
Jump to search
This is a draft document.
States
The NSS FIPS module is initially unloaded. This conforms to the power off state even though the computer where the NSS libraries reside is up and running. At the point where a running program makes an NSS initialization call the state changes to initializing normally followed by the self test state. See [[]] for a description of the power up self tests. If the self tests succeed the module is considered loaded and the normal run state is entered. Refer to the tables below when studying this state diagram.
|
State Label |
State Mnemonic |
State Description |
|---|---|---|
| 1.A | FIPS Module Unloaded (Power Off) | The FIPS Module has not been loaded. (Equivalent to "no power has been applied to the module"). |
| 1.B | Power Up Initialization | Module initialization state. |
| 1.C | Initial Power Up Self Test | The FIPS module performs power up self tests for RC2-ECB, RC2-CBC, RC4, DES-ECB, DES-CBC, DES3-ECB, DES3-CBC, MD2, MD5, SHA-1, RSA encryption, RSA decryption, RSA signatures, RSA signature verification, DSA signatures, and DSA signature verification. |
| 2.A | FIPS Module Loaded | The FIPS module has been loaded and is ready to be utilized. |
Transitions
|
Trans # |
Initial State |
Final State |
Event |
Module |
|---|---|---|---|---|
| 1.1 | Unloaded | Initializing | SECMOD_LoadPKCS11Module() called | - |
| 1.2 | Initializing | Self Test | Successful Initialization | - |
| 1.3 | Self Test | Unloaded | Self test failure | - |
| 1.4 | Self Test | Loaded | Self test successful | - |
| 2.1 | Loaded | Unloaded | SECMOD_UnloadModule() called | - |