219
edits
mNo edit summary |
mNo edit summary |
||
Line 17: | Line 17: | ||
each self-test, and indicate for each error | each self-test, and indicate for each error | ||
state the expected error indicator. | state the expected error indicator. | ||
|| [http://wiki.mozilla.org/VE_09#VE.09.04.01 VE.09.04.01 ] || | || [http://wiki.mozilla.org/VE_09#VE.09.04.01 VE.09.04.01 ] | ||
|| | |||
{| border="1" cellpadding="2" | {| border="1" cellpadding="2" | ||
|+ | |+ | ||
Line 40: | Line 41: | ||
design requirement. | design requirement. | ||
|| | || | ||
[http://wiki.mozilla.org/VE_09#VE.09.05.01 VE.09.05.01 ] | [http://wiki.mozilla.org/VE_09#VE.09.05.01 VE.09.05.01 ] [http://wiki.mozilla.org/VE_09#VE.09.06.01 VE.09.06.01 ] | ||
|| | || | ||
'''Power-up Self Test''': | '''Power-up Self Test''': | ||
Line 60: | Line 61: | ||
tests. | tests. | ||
|| | || | ||
[http://wiki.mozilla.org/VE_09#VE.09.07.01 VE.09.07.01 ] | [http://wiki.mozilla.org/VE_09#VE.09.07.01 VE.09.07.01 ] | ||
|| | || | ||
Line 78: | Line 79: | ||
actions neccessary to clear the condition | actions neccessary to clear the condition | ||
and resume normal operation.''' | and resume normal operation.''' | ||
|| [http://wiki.mozilla.org/VE_09#VE.09.07.02 VE.09.07.02 ] || | || [http://wiki.mozilla.org/VE_09#VE.09.07.02 VE.09.07.02 ] | ||
|| | |||
For fatal error conditions CKR_DEVICE_ERROR | For fatal error conditions CKR_DEVICE_ERROR | ||
and CKR_HOST_MEMORY the only way to clear | and CKR_HOST_MEMORY the only way to clear | ||
Line 92: | Line 94: | ||
self-tests not involve any inputs from | self-tests not involve any inputs from | ||
actions by the operator. | actions by the operator. | ||
|| [http://wiki.mozilla.org/VE_09#VE.09.09.01 VE.09.09.01 ] || | || [http://wiki.mozilla.org/VE_09#VE.09.09.01 VE.09.09.01 ] | ||
|| | |||
'''The products will not have a user | '''The products will not have a user | ||
visible way to initiate these tests | visible way to initiate these tests | ||
Line 103: | Line 106: | ||
indicator that the module outputs upon | indicator that the module outputs upon | ||
successful completion of the power-up self-tests. | successful completion of the power-up self-tests. | ||
|| [http://wiki.mozilla.org/VE_09#VE.09.10.01 VE.09.10.01 ] || | || [http://wiki.mozilla.org/VE_09#VE.09.10.01 VE.09.10.01 ] | ||
|| | |||
[http://www.mozilla.org/projects/security/pki/nss/fips/nss-source/mozilla/security/nss/lib/softoken/fipstokn.c.html Power Up Self Test Code] This is | [http://www.mozilla.org/projects/security/pki/nss/fips/nss-source/mozilla/security/nss/lib/softoken/fipstokn.c.html Power Up Self Test Code] This is | ||
demonstrated throughout the self test | demonstrated throughout the self test | ||
Line 131: | Line 134: | ||
initiate the power-up self-tests | initiate the power-up self-tests | ||
''' | ''' | ||
|| [http://wiki.mozilla.org/VE_09#VE.09.12.01 VE.09.12.01 ] || | || [http://wiki.mozilla.org/VE_09#VE.09.12.01 VE.09.12.01 ] | ||
|| | |||
'''The products will not have a user visible way to initiate | '''The products will not have a user visible way to initiate | ||
these tests other than restarting the program.''' | these tests other than restarting the program.''' | ||
Line 139: | Line 142: | ||
| | | | ||
'''All self tests shall use a known answer'''. | '''All self tests shall use a known answer'''. | ||
|| [http://wiki.mozilla.org/VE_09#VE.09.13.01 VE.09.13.01 ] || | || [http://wiki.mozilla.org/VE_09#VE.09.13.01 VE.09.13.01 ] | ||
|| | |||
A known answer shall be conducted for | A known answer shall be conducted for | ||
all cryptographic functions (e.g., encryption, | all cryptographic functions (e.g., encryption, | ||
Line 148: | Line 152: | ||
|- | |- | ||
| | | | ||
'''If the calculated output does not | '''If the calculated output does not | ||
equal the known answer, the | equal the known answer, the | ||
known-answer test shall fail.''' | known-answer test shall fail.''' | ||
|| [http://wiki.mozilla.org/VE_09#VE.09.16.01 VE.09.16.01 ] || | || [http://wiki.mozilla.org/VE_09#VE.09.16.01 VE.09.16.01 ] | ||
|| | |||
CKR_DEVICE_ERROR is returned when | CKR_DEVICE_ERROR is returned when | ||
ever the calculated output does not | ever the calculated output does not | ||
equal the known answer. | equal the known answer. | ||
|| | || | ||
|- | |- | ||
Line 164: | Line 166: | ||
calculated output with the known answer.''' | calculated output with the known answer.''' | ||
|| | || | ||
[http://wiki.mozilla.org/VE_09#VE.09.17.01 VE.09.17.01 ] | [http://wiki.mozilla.org/VE_09#VE.09.17.01 VE.09.17.01 ] | ||
|| | || | ||
Line 179: | Line 181: | ||
not equal. | not equal. | ||
|| | || | ||
[http://wiki.mozilla.org/VE_09#VE.09.17.02 VE.09.17.02 ] | [http://wiki.mozilla.org/VE_09#VE.09.17.02 VE.09.17.02 ] | ||
|| | || | ||
'''CKR_DEVICE_ERROR''' is returned when the two outputs | '''CKR_DEVICE_ERROR''' is returned when the two outputs | ||
Line 189: | Line 191: | ||
all tests implemented. | all tests implemented. | ||
|| | || | ||
[http://wiki.mozilla.org/VE_09#VE.09.18.01 VE.09.18.01 ] | [http://wiki.mozilla.org/VE_09#VE.09.18.01 VE.09.18.01 ] | ||
[http://wiki.mozilla.org/VE_09#VE.09.18.02 VE.09.18.02 ] | [http://wiki.mozilla.org/VE_09#VE.09.18.02 VE.09.18.02 ] | ||
[http://wiki.mozilla.org/VE_09#VE.09.19.01 VE.09.19.01 ] | [http://wiki.mozilla.org/VE_09#VE.09.19.01 VE.09.19.01 ] | ||
[http://wiki.mozilla.org/VE_09#VE.09.19.02 VE.09.19.02 ] | [http://wiki.mozilla.org/VE_09#VE.09.19.02 VE.09.19.02 ] | ||
[http://wiki.mozilla.org/VE_09#VE.09.20.01 VE.09.20.01 ] | [http://wiki.mozilla.org/VE_09#VE.09.20.01 VE.09.20.01 ] | ||
|| | || | ||
[http://www.mozilla.org/projects/security/pki/nss/fips/nss-source/mozilla/security/nss/lib/softoken/fipstest.c.html | [http://www.mozilla.org/projects/security/pki/nss/fips/nss-source/mozilla/security/nss/lib/softoken/fipstest.c.html | ||
Line 205: | Line 207: | ||
operation. | operation. | ||
|- | |- | ||
| || [http://wiki.mozilla.org/VE_09#VE.09.20.02 VE.09.20.02 ] || (N/A) || | | '''Independant cryptographic algorithm implemenations''' | ||
|| [http://wiki.mozilla.org/VE_09#VE.09.20.02 VE.09.20.02 ] | |||
|| | |||
(N/A) || | |||
|- | |- | ||
| || [http://wiki.mozilla.org/VE_09#VE.09.22.01 VE.09.22.01 ] || || | | | ||
Integrity test for software components | |||
|| | |||
[http://wiki.mozilla.org/VE_09#VE.09.22.01 VE.09.22.01 ] | |||
[http://wiki.mozilla.org/VE_09#VE.09.22.02 VE.09.22.02 ] | |||
[http://wiki.mozilla.org/VE_09#VE.09.22.03 VE.09.22.03 ] | |||
|| | |||
|| | |||
|- | |- | ||
| || [http://wiki.mozilla.org/VE_09#VE.09. | | '''EDC for software integrity''' || [http://wiki.mozilla.org/VE_09#VE.09.24.01 VE.09.24.01 ] || (N/A) || | ||
|- | |- | ||
| || [http://wiki.mozilla.org/VE_09#VE.09. | | '''Critical Functions''' | ||
|| [http://wiki.mozilla.org/VE_09#VE.09.27.01 VE.09.27.01 ] | |||
|| | |||
|- | |- | ||
| || [http://wiki.mozilla.org/VE_09#VE.09. | | | ||
'''Conditional tests''' | |||
|| [http://wiki.mozilla.org/VE_09#VE.09.28.01 VE.09.28.01 ] | |||
|| | |||
|- | |- | ||
| || [http://wiki.mozilla.org/VE_09#VE.09. | '''Verification of Digital Signatures''' | ||
| | |||
'''Key transport method''' | |||
|| | |||
[http://wiki.mozilla.org/VE_09#VE.09.31.01 VE.09.31.01 ] | |||
[http://wiki.mozilla.org/VE_09#VE.09.32.01 VE.09.32.01 ] | |||
|| | |||
|| | |||
|- | |- | ||
| || [http://wiki.mozilla.org/VE_09#VE.09. | | | ||
'''Approved authentication technique''' | |||
|| | |||
[http://wiki.mozilla.org/VE_09#VE.09.33.01 VE.09.33.01 ] | |||
[http://wiki.mozilla.org/VE_09#VE.09.35.01 VE.09.35.01 ] | |||
[http://wiki.mozilla.org/VE_09#VE.09.35.02 VE.09.35.02 ] | |||
|| | |||
DSS signature see 09.22.03 | |||
|| | |||
|- | |- | ||
| | |||
'''Manual Key Entry''' | |||
|| | |||
[http://wiki.mozilla.org/VE_09#VE.09.40.01 VE.09.40.01 ] | |||
[http://wiki.mozilla.org/VE_09#VE.09.40.02 VE.09.40.02 ] | |||
|| (N/A) NSS does not implement manual Key entry || | |||
| | | |||
|- | |- | ||
| | | | ||
Line 248: | Line 274: | ||
|| | || | ||
|- | |- | ||
| || [http://wiki.mozilla.org/VE_09#VE.09.45.01 VE.09.45.01 ] | | '''ByPass Service''' || | ||
[http://wiki.mozilla.org/VE_09#VE.09.45.01 VE.09.45.01 ] | |||
[http://wiki.mozilla.org/VE_09#VE.09.45.02 VE.09.45.02 ] | |||
[http://wiki.mozilla.org/VE_09#VE.09.46.01 VE.09.46.01 ] | |||
[http://wiki.mozilla.org/VE_09#VE.09.46.02 VE.09.46.02 ] | |||
|| (N/A) NSS does not implement a ByPass service. | |||
|| | |||
|} | |} | ||
Return to: [[NSSCryptoModuleSpec]] | Return to: [[NSSCryptoModuleSpec]] |
edits