ModuleInterfaces: Difference between revisions

ModuleInterfaces (view source)

113 bytes removed , 13 October 2006

198

edits

Revision as of 02:05, 13 October 2006 (view source) Neil.williams (talk \| contribs) (→‎Disconnecting the Output Data Path From the Key Processes) ← Older edit		Revision as of 02:06, 13 October 2006 (view source) Neil.williams (talk \| contribs) (→‎During Self-Tests) Newer edit →
Line 40:		Line 40:
	== Disconnecting the Output Data Path From the Key Processes ==		== Disconnecting the Output Data Path From the Key Processes ==

	During key generation and key zeroization, the NSS cryptographic module doesn't execute any "printf" or logging statement that outputs ~~sensitive information. Audit logging is performed as requested, but the entry does not contain cryptographically~~ sensitive information. The NSS cryptographic module doesn't return the function output arguments until key generation or key zeroization is finished. Therefore, the logical paths used by output data exiting the module are logically disconnected from the processes/threads performing key generation and key zeroization.		During key generation and key zeroization, the NSS cryptographic module doesn't execute any "printf" or logging statement that outputs sensitive information. The NSS cryptographic module doesn't return the function output arguments until key generation or key zeroization is finished. Therefore, the logical paths used by output data exiting the module are logically disconnected from the processes/threads performing key generation and key zeroization.