MozillaWiki

FIPS Operational Environment: Difference between revisions

Page Discussion

FIPS Operational Environment (view source)

Revision as of 23:21, 27 September 2006

1,204 bytes added ,  27 September 2006
→‎Auditable Events
Line 173: Line 173:
** (optional) an error message. For example, "power-up self-tests failed".
** (optional) an error message. For example, "power-up self-tests failed".


The following events are auditable by the NSS cryptographic module.
===AS06.17===
* modifications, accesses, deletions, and additions of cryptographic data (e.g., cryptographic keys and audit data) and CSPs (e.g., secret and private cryptographic keys, and authentication data such as passwords and PINs): audit data and authentication data are handled below. Here we only handle cryptographic keys.
 
** Object management functions, where the object is a cryptographic key (object class <code>CKO_PUBLIC_KEY</code>, <code>CKO_PRIVATE_KEY</code>, and <code>CKO_SECRET_KEY</code>)
'''AS06.17''' requires that the module record modifications, accesses, deletions, and additions of cryptographic data and CSPs. In our module, cryptographic data and CSPs are cryptographic keys, audit data, and authentication data. We address cryptographic keys in this section and audit data and authentication data in the next section.
*** <code>[http://developer.mozilla.org/en/docs/FC_CreateObject FC_CreateObject]</code>: addition of cryptographic keys
 
**** "C_CreateObject(hSession=''<session handle>'', pTemplate=''<template pointer>'', ulCount=''<count>'', phObject=''<object handle pointer>'')=''<return code>''"
To prevent recording secret and private key values in the audit log due to programming errors, we only record key attributes whose values are very different from an array of bytes:
*** <code>[http://developer.mozilla.org/en/docs/FC_CopyObject FC_CopyObject]</code>: access and addition of cryptographic keys
* <code>CKA_CLASS</code>: object class, e.g., secret key, public key, or private key.
**** "C_CopyObject(hSession=''<session handle>'', hObject=''<object handle>'', pTemplate=''<template pointer>'', ulCount=''<count>'', phNewObject=''<object handle pointer>'')=''<return code>''"
* <code>CKA_KEY_TYPE</code>: key type, e.g., AES key, RSA keys, DSA keys, EC keys, etc.
*** <code>[http://developer.mozilla.org/en/docs/FC_DestroyObject FC_DestroyObject]</code>: deletion of cryptographic keys
* <code>CKA_TOKEN</code>: token (persistent) or session (temporary) object. a boolean.
**** "C_DestroyObject(hSession=''<session handle>'', hObject=''<object handle>'')=''<return code>''"
* <code>CKA_MODULUS_BITS</code>: (RSA keys only) length of RSA modulus in bits. an unsigned long.
*** <code>[http://developer.mozilla.org/en/docs/FC_GetObjectSize FC_GetObjectSize]</code>: access of cryptographic keys
* <code>CKA_PRIME_BITS</code>: (DSA and Diffie-Hellman keys only) length of DSA or Diffie-Hellman prime p in bits. an unsigned long.
**** "C_GetObjectSize(hSession=''<session handle>'', hObject=''<object handle>'', pulSize=''<size pointer>'')=''<return code>''"
* <code>CKA_EC_PARAMS</code>: (EC keys only) the elliptic curve's name.
*** <code>[http://developer.mozilla.org/en/docs/FC_GetAttributeValue FC_GetAttributeValue]</code>: access of cryptographic keys
* <code>CKA_VALUE_LEN</code>: (secret keys) length of key. an unsigned long.
**** "C_GetAttributeValue(hSession=''<session handle>'', hObject=''<object handle>'', pTemplate=''<template pointer>'', ulCount=''<count>'')=''<return code>''"
 
*** <code>[http://developer.mozilla.org/en/docs/FC_SetAttributeValue FC_SetAttributeValue]</code>: modification of cryptographic keys
Moreover, if a function has an object handle pointer argument (e.g., ''phKey''), on a successful return we also record the object handle we store in the location pointed to by the argument (e.g., ''"*phKey = 0x01234567"'').
**** "C_SetAttributeValue(hSession=''<session handle>'', hObject=''<object handle>'', pTemplate=''<template pointer>'', ulCount=''<count>'')=''<return code>''"
 
** Key management functions
Below we list the functions that we audit and the format of the audit messages.  
*** <code>[http://developer.mozilla.org/en/docs/FC_GenerateKey FC_GenerateKey]</code>: addition of cryptographic keys
* Object management functions, where the object is a cryptographic key (object class <code>CKO_PUBLIC_KEY</code>, <code>CKO_PRIVATE_KEY</code>, and <code>CKO_SECRET_KEY</code>)
**** "C_GenerateKey(hSession=''<session handle>'', pMechanism=''<mechanism>'', pTemplate=''<template pointer>'', ulCount=''<count>'', phKey=''<key object handle pointer>'')=''<return code>''"
** <code>[http://developer.mozilla.org/en/docs/FC_CreateObject FC_CreateObject]</code>: addition of cryptographic keys
*** <code>[http://developer.mozilla.org/en/docs/FC_GenerateKeyPair FC_GenerateKeyPair]</code>: addition of cryptographic keys
*** "C_CreateObject(hSession=''<session handle>'', pTemplate=''<template pointer>'', ulCount=''<count>'', phObject=''<object handle pointer>'')=''<return code>''"
**** "C_GenerateKeyPair(hSession=''<session handle>'', pMechanism=''<mechanism>'', pPublicKeyTemplate=''<template pointer>'', ulPublicKeyAttributeCount=''<count>'', pPrivateKeyTemplate=''<template pointer>'', ulPrivateKeyAttributeCount=''<count>'', phPublicKey=''<key object handle pointer>'', phPrivateKey=''<key object handle pointer>'')=''<return code>''"
** <code>[http://developer.mozilla.org/en/docs/FC_CopyObject FC_CopyObject]</code>: access and addition of cryptographic keys
*** <code>[http://developer.mozilla.org/en/docs/FC_WrapKey FC_WrapKey]</code>: access of cryptographic keys
*** "C_CopyObject(hSession=''<session handle>'', hObject=''<object handle>'', pTemplate=''<template pointer>'', ulCount=''<count>'', phNewObject=''<object handle pointer>'')=''<return code>''"
**** "C_WrapKey(hSession=''<session handle>'', pMechanism=''<mechanism>'', hWrappingKey=''<key object handle>'', hKey=''<key object handle>'', pWrappedKey=''<buffer that receives the wrapped key>'', pulWrappedKeyLen=''<pointer to length>'')=''<return code>''"
** <code>[http://developer.mozilla.org/en/docs/FC_DestroyObject FC_DestroyObject]</code>: deletion of cryptographic keys
*** <code>[http://developer.mozilla.org/en/docs/FC_UnwrapKey FC_UnwrapKey]</code>: access and addition of cryptographic keys
*** "C_DestroyObject(hSession=''<session handle>'', hObject=''<object handle>'')=''<return code>''"
**** "C_UnwrapKey(hSession=''<session handle>'', pMechanism=''<mechanism>'', hUnwrappingKey=''<key object handle>'', pWrappedKey=''<pointer to bytes>'', ulWrappedKeyLen=''<length>'', pTemplate=''<template pointer>'', ulAttributeCount=''<count>'', phKey=''<key object handle pointer>'')=''<return code>''"
** <code>[http://developer.mozilla.org/en/docs/FC_GetObjectSize FC_GetObjectSize]</code>: access of cryptographic keys
*** <code>[http://developer.mozilla.org/en/docs/FC_DeriveKey FC_DeriveKey]</code>: access and addition of cryptographic keys
*** "C_GetObjectSize(hSession=''<session handle>'', hObject=''<object handle>'', pulSize=''<size pointer>'')=''<return code>''"
**** "C_DeriveKey(hSession=''<session handle>'', pMechanism=''<mechanism>'', hBaseKey=''<key object handle>'', pTemplate=''<template pointer>'', ulAttributeCount=''<count>'', phKey=''<key object handle pointer>'')=''<return code>''"
** <code>[http://developer.mozilla.org/en/docs/FC_GetAttributeValue FC_GetAttributeValue]</code>: access of cryptographic keys
** Cipher "Init" functions
*** "C_GetAttributeValue(hSession=''<session handle>'', hObject=''<object handle>'', pTemplate=''<template pointer>'', ulCount=''<count>'')=''<return code>''"
*** <code>[http://developer.mozilla.org/en/docs/FC_EncryptInit FC_EncryptInit]</code>: access of cryptographic keys
** <code>[http://developer.mozilla.org/en/docs/FC_SetAttributeValue FC_SetAttributeValue]</code>: modification of cryptographic keys
**** "C_EncryptInit(hSession=''<session handle>'', pMechanism=''<mechanism>'', hKey=''<key object handle>'')=''<return code>''"
*** "C_SetAttributeValue(hSession=''<session handle>'', hObject=''<object handle>'', pTemplate=''<template pointer>'', ulCount=''<count>'')=''<return code>''"
*** <code>[http://developer.mozilla.org/en/docs/FC_DecryptInit FC_DecryptInit]</code>: access of cryptographic keys
* Key management functions
**** "C_DecryptInit(hSession=''<session handle>'', pMechanism=''<mechanism>'', hKey=''<key object handle>'')=''<return code>''"
** <code>[http://developer.mozilla.org/en/docs/FC_GenerateKey FC_GenerateKey]</code>: addition of cryptographic keys
*** <code>[http://developer.mozilla.org/en/docs/FC_SignInit FC_SignInit]</code>: access of cryptographic keys
*** "C_GenerateKey(hSession=''<session handle>'', pMechanism=''<mechanism>'', pTemplate=''<template pointer>'', ulCount=''<count>'', phKey=''<key object handle pointer>'')=''<return code>''"
**** "C_SignInit(hSession=''<session handle>'', pMechanism=''<mechanism>'', hKey=''<key object handle>'')=''<return code>''"
** <code>[http://developer.mozilla.org/en/docs/FC_GenerateKeyPair FC_GenerateKeyPair]</code>: addition of cryptographic keys
*** <code>[http://developer.mozilla.org/en/docs/FC_SignRecoverInit FC_SignRecoverInit]</code>: access of cryptographic keys
*** "C_GenerateKeyPair(hSession=''<session handle>'', pMechanism=''<mechanism>'', pPublicKeyTemplate=''<template pointer>'', ulPublicKeyAttributeCount=''<count>'', pPrivateKeyTemplate=''<template pointer>'', ulPrivateKeyAttributeCount=''<count>'', phPublicKey=''<key object handle pointer>'', phPrivateKey=''<key object handle pointer>'')=''<return code>''"
**** "C_SignRecoverInit(hSession=''<session handle>'', pMechanism=''<mechanism>'', hKey=''<key object handle>'')=''<return code>''"
** <code>[http://developer.mozilla.org/en/docs/FC_WrapKey FC_WrapKey]</code>: access of cryptographic keys
*** <code>[http://developer.mozilla.org/en/docs/FC_VerifyInit FC_VerifyInit]</code>: access of cryptographic keys
*** "C_WrapKey(hSession=''<session handle>'', pMechanism=''<mechanism>'', hWrappingKey=''<key object handle>'', hKey=''<key object handle>'', pWrappedKey=''<buffer that receives the wrapped key>'', pulWrappedKeyLen=''<pointer to length>'')=''<return code>''"
**** "C_VerifyInit(hSession=''<session handle>'', pMechanism=''<mechanism>'', hKey=''<key object handle>'')=''<return code>''"
** <code>[http://developer.mozilla.org/en/docs/FC_UnwrapKey FC_UnwrapKey]</code>: access and addition of cryptographic keys
*** <code>[http://developer.mozilla.org/en/docs/FC_VerifyRecoverInit FC_VerifyRecoverInit]</code>: access of cryptographic keys
*** "C_UnwrapKey(hSession=''<session handle>'', pMechanism=''<mechanism>'', hUnwrappingKey=''<key object handle>'', pWrappedKey=''<pointer to bytes>'', ulWrappedKeyLen=''<length>'', pTemplate=''<template pointer>'', ulAttributeCount=''<count>'', phKey=''<key object handle pointer>'')=''<return code>''"
**** "C_VerifyRecoverInit(hSession=''<session handle>'', pMechanism=''<mechanism>'', hKey=''<key object handle>'')=''<return code>''"
** <code>[http://developer.mozilla.org/en/docs/FC_DeriveKey FC_DeriveKey]</code>: access and addition of cryptographic keys
** Miscellaneous
*** "C_DeriveKey(hSession=''<session handle>'', pMechanism=''<mechanism>'', hBaseKey=''<key object handle>'', pTemplate=''<template pointer>'', ulAttributeCount=''<count>'', phKey=''<key object handle pointer>'')=''<return code>''"
*** <code>[http://developer.mozilla.org/en/docs/FC_DigestKey FC_DigestKey]</code>: access of cryptographic keys
* Cipher "Init" functions
**** "C_DigestKey(hSession=''<session handle>'', hKey=''<key object handle>'')=''<return code>''"
** <code>[http://developer.mozilla.org/en/docs/FC_EncryptInit FC_EncryptInit]</code>: access of cryptographic keys
*** "C_EncryptInit(hSession=''<session handle>'', pMechanism=''<mechanism>'', hKey=''<key object handle>'')=''<return code>''"
** <code>[http://developer.mozilla.org/en/docs/FC_DecryptInit FC_DecryptInit]</code>: access of cryptographic keys
*** "C_DecryptInit(hSession=''<session handle>'', pMechanism=''<mechanism>'', hKey=''<key object handle>'')=''<return code>''"
** <code>[http://developer.mozilla.org/en/docs/FC_SignInit FC_SignInit]</code>: access of cryptographic keys
*** "C_SignInit(hSession=''<session handle>'', pMechanism=''<mechanism>'', hKey=''<key object handle>'')=''<return code>''"
** <code>[http://developer.mozilla.org/en/docs/FC_SignRecoverInit FC_SignRecoverInit]</code>: access of cryptographic keys
*** "C_SignRecoverInit(hSession=''<session handle>'', pMechanism=''<mechanism>'', hKey=''<key object handle>'')=''<return code>''"
** <code>[http://developer.mozilla.org/en/docs/FC_VerifyInit FC_VerifyInit]</code>: access of cryptographic keys
*** "C_VerifyInit(hSession=''<session handle>'', pMechanism=''<mechanism>'', hKey=''<key object handle>'')=''<return code>''"
** <code>[http://developer.mozilla.org/en/docs/FC_VerifyRecoverInit FC_VerifyRecoverInit]</code>: access of cryptographic keys
*** "C_VerifyRecoverInit(hSession=''<session handle>'', pMechanism=''<mechanism>'', hKey=''<key object handle>'')=''<return code>''"
* Miscellaneous
** <code>[http://developer.mozilla.org/en/docs/FC_DigestKey FC_DigestKey]</code>: access of cryptographic keys
*** "C_DigestKey(hSession=''<session handle>'', hKey=''<key object handle>'')=''<return code>''"
 
===AS06.18 and AS06.19===
 
In compliance with '''AS06.18''' and '''AS06.19''', the following events are auditable by the NSS cryptographic module.
* attempts to provide invalid input for crypto officer functions: We log the use of all crypto officer functions with the return code. The return code tells us whether the operator attempted to provide invalid input.
* attempts to provide invalid input for crypto officer functions: We log the use of all crypto officer functions with the return code. The return code tells us whether the operator attempted to provide invalid input.
** <code>FC_InitToken(slotID, pPin, ulPinLen, pLabel)</code>
** <code>FC_InitToken(slotID, pPin, ulPinLen, pLabel)</code>
Wtchang
canmove, Confirmed users
937

edits

Retrieved from "https://wiki.mozilla.org/Special:MobileDiff/34916"