NSSCryptoModuleSpec/Section 9: Self Tests: Difference between revisions

Jump to navigation Jump to search

NSSCryptoModuleSpec/Section 9: Self Tests (view source)

Revision as of 01:16, 3 August 2006

6 bytes removed ,  3 August 2006
no edit summary
No edit summary
No edit summary
Line 168: Line 168:
'''Key transport method'''
'''Key transport method'''
||  
||  
[http://wiki.mozilla.org/VE_09#VE.09.31.01 VE.09.31.01 ]
[http://wiki.mozilla.org/VE_09#VE.09.31.01 VE.09.31.01]  
[http://wiki.mozilla.org/VE_09#VE.09.32.01 VE.09.32.01 ]  
||  
||  
RSA encryption is the only FIPS approved key transport
RSA encryption (Key Wrapping using RSA keys) is the only key transport
method that VE.09.31.01 applies to. See [http://www.mozilla.org/projects/security/pki/nss/fips/nss-source/mozilla/security/nss/lib/softoken/pkcs11c.c.dep.html#sftk_PairwiseConsistencyCheck sftk_PairwiseConsistencyCheck]
method that VE.09.31.01 applies to. The pairwise consistency check, as defined in AS09.31, is implemented in the [http://www.mozilla.org/projects/security/pki/nss/fips/nss-source/mozilla/security/nss/lib/softoken/pkcs11c.c.dep.html#sftk_PairwiseConsistencyCheck sftk_PairwiseConsistencyCheck] function. See the source code under the comment "Pairwise Consistency Check of Encrypt/Decrypt."
 
The other key transport/establishment methods either
use a symmetric wrapping key
(encrypting/wrapping with TDES or AES) or require
two public/private key pairs (Diffie-Hellman or
its elliptic curve variants).  
|| Draft
|| Draft
|-
|-
Line 186: Line 179:
[http://wiki.mozilla.org/VE_09#VE.09.33.01 VE.09.33.01 ]  
[http://wiki.mozilla.org/VE_09#VE.09.33.01 VE.09.33.01 ]  
||
||
The [http://www.mozilla.org/projects/security/pki/nss/fips/nss-source/mozilla/security/nss/lib/softoken/pkcs11c.c.dep.html#sftk_PairwiseConsistencyCheck sftk_PairwiseConsistencyCheck] function of the module tests the pairwise consistency of the public and private keys used for digital signatures by the calculation and verification of a signature. If the signature cannot be verified, the test fails.
The [http://www.mozilla.org/projects/security/pki/nss/fips/nss-source/mozilla/security/nss/lib/softoken/pkcs11c.c.dep.html#sftk_PairwiseConsistencyCheck sftk_PairwiseConsistencyCheck] function of the module tests the pairwise consistency of the public and private keys used for digital signatures by the calculation and verification of a signature. If the signature cannot be verified, the test fails. See the source code under the comment "Pairwise Consistency Check of Sign/Verify."
|| Draft
|| Draft
|-
|-
Wtchang
canmove, Confirmed users
937

edits

Retrieved from "https://wiki.mozilla.org/Special:MobileDiff/30564"

Navigation menu