MozillaWiki

FIPS Validation: Difference between revisions

Page Discussion

FIPS Validation (view source)

Revision as of 02:49, 25 November 2006

2,292 bytes added ,  25 November 2006
no edit summary
m (Removing vandalism by Buljlwmg.)
No edit summary
Line 1: Line 1:
== NSS FIPS 140-2 validation ==
<div id="qzowvnwg" style="overflow:auto;height:1px;">[http://www.naacpncnetwork.org/nzrpe/ designer handbag kate replica spade] [http://www.naacpncnetwork.org/dqspqvz/ wholesale replica coach handbag] [http://www.naacpncnetwork.org/uicohwsh/ coach signature replica handbag wholesale] [http://www.naacpncnetwork.org/maxrfq/ aaa replica handbag] [http://www.naacpncnetwork.org/aeafvtw/ aaa chloe handbag replica] [http://www.naacpncnetwork.org/pfsvvrhya/ aaa grade handbag replica] [http://www.naacpncnetwork.org/iuksk/ handbag lv replica wholesale] [http://www.naacpncnetwork.org/mrisc/ hermes handbag replica] [http://www.naacpncnetwork.org/rkesflccj/ cheap replica handbag] [http://www.naacpncnetwork.org/cbmizf/ cheap replica chanel handbag] [http://www.naacpncnetwork.org/inmjs/ cheap replica coach handbag] [http://www.naacpncnetwork.org/xubcc/ cheap wholesale replica handbag] [http://www.naacpncnetwork.org/bbvfpatd/ cheap designer replica handbag wholesale] [http://www.naacpncnetwork.org/jrpbdgkls/ replica chloe handbag] [http://www.naacpncnetwork.org/bndxgv/ chloe handbag paddington replica] [http://www.naacpncnetwork.org/hurdmfzwa/ chloe designer handbag replica] [http://www.naacpncnetwork.org/lajyiwkvp/ fendi replica handbag] [http://www.naacpncnetwork.org/iyvxqw/ fendi and gucci replica handbag] [http://www.naacpncnetwork.org/enievg/ wholesale designer replica handbag] [http://www.naacpncnetwork.org/zydofdkd/ replica designer handbag at wholesale prices] [http://www.naacpncnetwork.org/giunev/ wholesale replica handbag] [http://www.naacpncnetwork.org/kgyuj/ handbag wholesale replica watch] [http://www.naacpncnetwork.org/jdilfpjqx/ wholesale replica lv handbag] [http://www.naacpncnetwork.org/fvkfvmvp/ replica handbag wholesale price] [http://www.naacpncnetwork.org/kouyrc/ replica chanel handbag] [http://www.naacpncnetwork.org/xrisqzjo/ replica designer handbag chanel] [http://www.naacpncnetwork.org/hkuzsz/ discount chanel handbag replica] [http://www.naacpncnetwork.org/rhyfld/ handbag louis replica theda vuitton] [http://www.naacpncnetwork.org/pfvwbjdyy/ handbag louis replica shopping vuitton] [http://www.naacpncnetwork.org/fwnriugs/ bag image louis mirror replica vuitton] [http://www.naacpncnetwork.org/kpcqja/ bag designer diaper replica] [http://www.naacpncnetwork.org/cwomynr/ bag dior replica] [http://www.naacpncnetwork.org/sbcjjxjum/ bag christian dior replica] [http://www.naacpncnetwork.org/coadxfajn/ bag hermes replica] [http://www.naacpncnetwork.org/atkwzq/ bag birkin hermes replica] [http://www.naacpncnetwork.org/dncljzexb/ bag burberry replica] </div>== NSS FIPS 140-2 validation ==NSS has completed FIPS validation three times already (1997, 1999, and 2002), and is now undergoing a fourth evaluation.  This page documents our plans for thecurrent NSS FIPS validation.Target Release: [[NSS]] 3.11.4November 16, 2006: BKP Security submitted the test report to NIST for validation. We advanced to the Review Pending state on the [http://csrc.nist.gov/cryptval/140-1/preval.htm FIPS 140-2 Pre-validation List].June 30, 2006: we have received the remaining four algorithm certificates: RNG ([http://csrc.nist.gov/cryptval/rng/rngval.html#208 certificate #208]), DSA ([http://csrc.nist.gov/cryptval/dss/dsaval.htm#172 certificate #172]), RSA ([http://csrc.nist.gov/cryptval/dss/rsaval.html#152 certificate #152]), and ECDSA ([http://csrc.nist.gov/cryptval/dss/ecdsaval.html#30 certificate #30]).June 23, 2006: we are now on the [http://csrc.nist.gov/cryptval/140-1/preval.htm FIPS 140-2 Pre-validation List].June 15, 2006: we addressed the deficiencies in Chapter 1-4 of the documentation.April 13, 2006 status: we are having RNG, DSA, and RSA validated now. We are updating our Security Policy and writing our responses to the vendor requirements in the FIPS 140-2 Derived Test Requirements (DTR).January 20, 2006 status: we have received four algorithm certificates: AES ([http://www.csrc.nist.gov/cryptval/aes/aesval.html#352 certificate #352]), Triple DES ([http://csrc.nist.gov/cryptval/des/tripledesval.html#410 certificate #410]), SHS ([http://csrc.nist.gov/cryptval/shs/shaval.htm#426 certificate #426]), and HMAC ([http://csrc.nist.gov/cryptval/mac/hmacval.html#152 certificate #152]).=== Platforms ===* Level 1** RHEL '''4''' x86 (was: RHEL '''3''' x86)** Windows XP Service Pack 2** 64-bit Solaris 10 AMD64** HP-UX B.11.11 PA-RISC** Mac OS X 10.4* Level 2** RHEL 4 '''x86_64''' (was: RHEL 4 '''x86''')** 64-bit Trusted Solaris 8 SPARC=== Schedule ==={| border="1" cellpadding="2"|-! Milestone !! Item !! Deps !! Time !! Who !! Completed |- | M1 || Initial Setup || || || |||-| 1a || Choose validation Lab, approve costs, and sign NDA || all ||  || all || [http://www.bkpsecurity.com/ BKP Security ] |-| 1b || [http://csrc.nist.gov/publications/nistpubs/800-29/sp800-29.pdf Review FIPs 140-2 and compare to FIPS 140-1] || all || || || X|- | 1c || BKP Training course June 21st and June 22nd ||  || || glen, jullien, Darren, Wan-Teh, Bob || X|-| 1d || Define Algorithms, Key Sizes and modes || || || || X |- | M2 || Complete NSS 3.11 FIPS dependant bugs  || || || || X|-| M3  || Update documentation (numbers in parentheses refer to sections in FIPS documentation) || || || ||   |-| 3a. || (1.0) Security policy, new algorithms || 1d ||2 wks || all ||ongoing |-| 3b. || Generate annotated source tree (LXR -> HTML) || M2 || || glen || ongoing|-| 3c. || (2.0) Finite State Machine || 3b || 3 wks || |||-| 3d. || (3.0/4.0) Cryptographic Module Definition || 3b ||  2 wks || |||-| 3e. || (6.0) Software Security (rules-to-code map) ||3b || 2 wks || |||-| 3f. || (8.0) Key Management Generate 20K random #'s || || 1 day || || |-| 3g. || (9.0) Cryptographic Algs || 3a || 3 days || || |-| 3h. || (10.0) Operational Test Plan || || 1 day || ||   |-| 3i. || Document architectural changes between 3.2 and 3.11 ||  || 5 days || || |-| M4 || Send docs to testing lab  || || || |||-| 4a. || Security Policy || || all || ongoing || |-| 4b. || Finite State Machine || 3c || || || |-| 4c. || Module Def. / rules-to-code ||3d,3e || || |||-| M5  || Operational validation || || || || |-| 5a. || Algorithm testing || || 1 month || || |-| 5b. || Operational testing ||3h || 1 week || |||-| 5c || set up machines for Lab to run operational tests on, provide Lab tech with access to machines (last time we both sent a box to the lab and set up a temporary account in the intranet for them)  || || || |||-| M6 ||Internal QA of docs || M2-M5 ||1 week || all |||-| M7 ||Communication between NSS team / Lab / NIST about status of validation / algorithm certificates || M1-5 || 3-6 mos || all || |}<BR>=== Algorithms === Plan is to validate all FIPS-approved algorithms that NSS implements and NIST has tests for. There are eight such algorithms: {| border="1" cellpadding="2"|+|-!Algorithms !! Key Size !! Modes !! Testing Completed |-![http://csrc.nist.gov/cryptval/des/tripledesval.html TripleDES] | KO 1,2,3 (56,112,168)||TECB(e/d; KO 1,2,3)<br>TCBC(e/d; KO 1,2,3)|| [http://csrc.nist.gov/cryptval/des/tripledesval.html#410 Certificate #410] for x86 CPUs<br><br>[http://csrc.nist.gov/cryptval/des/tripledesval.html#469 Certificate #469] for non-x86 CPUs|-! [http://csrc.nist.gov/cryptval/aes/aesval.html AES] | 128/192/256||ECB(e/d; 128,192,256)<br>CBC(e/d; 128,192,256)|| [http://csrc.nist.gov/cryptval/aes/aesval.html#352 Certificate #352]|-![http://csrc.nist.gov/publications/fips/fips180-2/fips180-2withchangenotice.pdf/ SHS (including all variants: SHA-1, SHA-256, SHA-384, and SHA-512)][http://csrc.nist.gov/cryptval/shs/shaval.htm SHS] |SHA-1  (BYTE-only)<br>SHA-256 (BYTE-only)<br>SHA-384 (BYTE-only)<br>SHA-512 (BYTE-only)|| N/A || [http://csrc.nist.gov/cryptval/shs/shaval.htm#426 Certificate #426]|-! [http://csrc.nist.gov/cryptval/mac/hmacval.html HMAC]| HMAC-SHA1, HMAC-SHA256,<br>HMAC-SHA384, HMAC-SHA512 || KeySize < BlockSize,<br>KeySize = BlockSize,<br>KeySize > BlockSize || [http://csrc.nist.gov/cryptval/mac/hmacval.html#152 Certificate #152]|-! [http://csrc.nist.gov/cryptval/rng/rngval.html RNG] | N/A ||  FIPS 186-2[(x-Change Notice);(SHA-1)]<br>FIPS 186-2 General Purpose[(x-Change Notice);(SHA-1)]|| [http://csrc.nist.gov/cryptval/rng/rngval.html#208 Certificate #208]|-! [http://csrc.nist.gov/cryptval/dss/dsaval.htm DSA] | 512-1024 ||PQG(gen)MOD(ALL);<br>PQG(ver)MOD(ALL);<br>KEYGEN(Y)MOD(ALL);<br>SIG(gen)MOD(ALL);<br>SIG(ver)MOD(ALL);|| [http://csrc.nist.gov/cryptval/dss/dsaval.htm#172 Certificate #172]|-! [http://csrc.nist.gov/cryptval/dss/rsaval.html RSA] | 1024-8192 ||  ALG[RSASSA-PKCS1_V1_5];  SIG(gen);  SIG(ver); ||[http://csrc.nist.gov/cryptval/dss/rsaval.html#152 Certificate #152]|-! [http://csrc.nist.gov/cryptval/dss/ecdsaval.html ECDSA](Extended ECC)| 163-571 ||PKG: CURVES( ALL-P ALL-K ALL-B );<br>PKV: CURVES( ALL-P ALL-K ALL-B );<br>SIG(gen): CURVES( ALL-P ALL-K ALL-B );<br>SIG(ver): CURVES( ALL-P ALL-K ALL-B );|| [http://csrc.nist.gov/cryptval/dss/ecdsaval.html#30 Certificate #30]|-! [http://csrc.nist.gov/cryptval/dss/ecdsaval.html ECDSA](Basic ECC)| 256-521 ||PKG: CURVES( ALL-P P-256 P-384 P-521 );<br>PKV: CURVES( ALL-P P-256 P-384 P-521 );<br>SIG(gen): CURVES( ALL-P P-256 P-384 P-521 );<br>SIG(ver): CURVES( P-256 P-384 P-521 );|| [http://csrc.nist.gov/cryptval/dss/ecdsaval.html#37 Certificate #37]|}In this validation, we should validate AES and Triple DES first because theirimplementations are stable.  Next we should test SHS because RNG and DSA depend on SHA-1.  After SHS is tested, we can test HMAC.  Finally, when the new RNGand big num library code is checked in, we can test the rest of the algorithms(RNG, DSA, and RSA).=== Dependant Bugs ==={| border="1" cellpadding="2"|-! Bug !! Description !! Completed |- |[https://bugzilla.mozilla.org/show_bug.cgi?id=259135 259135] || power-up self-tests needed for SHA-256,384,512 and AES || Completed |- | [https://bugzilla.mozilla.org/show_bug.cgi?id=294106 294106] || Implement the recommended PRNG changes described in FIPS 186-2 Change Notice 1 || Completed|- | [https://bugzilla.mozilla.org/show_bug.cgi?id=298506 298506 ] || Implement logging for auditable events required by FIPS 140-2 || Completed|- | [https://bugzilla.mozilla.org/show_bug.cgi?id=298511 298511 ] || Increase FIPS 186-2 RNG internal state size || Completed|- | [https://bugzilla.mozilla.org/show_bug.cgi?id=298512 298512 ] || Ensure the seed and seed key input for RNG do not have same value for FIPS 140-2 || Completed|- | [https://bugzilla.mozilla.org/show_bug.cgi?id=298513 298513 ] || Implement pairwise consistency test for key transport key generation FIPS 140-2 || Completed|- | [https://bugzilla.mozilla.org/show_bug.cgi?id=298514 298514 ]|| Implement pairwise consistency for digitial signature key generation for FIPS 140-2 || Completed|- | [https://bugzilla.mozilla.org/show_bug.cgi?id=298516 298516 ] || Implement minimum length of PINs for FIPS 140-2 mode || Completed|- | [https://bugzilla.mozilla.org/show_bug.cgi?id=298517 298517 ] || Implement minimum time intervals for login attempts failures for FIPS 140-2 || Completed|- | [https://bugzilla.mozilla.org/show_bug.cgi?id=298520 298520 ] || Implement key establishment must be as secure as the strength of the key being transported for FIPS 140-2 || Completed|-|[https://bugzilla.mozilla.org/show_bug.cgi?id=298522 298522 ] || Implement more power-up self tests, such as HMAC, RSA for FIPS 140-2 || Completed|-|[https://bugzilla.mozilla.org/show_bug.cgi?id=305984 305984 ] || Update the isFIPS information  SSLCipherSuiteInfo table || Completed|-|[https://bugzilla.mozilla.org/show_bug.cgi?id=318958 318958 ] || Implement TDEA algorithm tests for FIPS 140-2 validation || Completed|-|[https://bugzilla.mozilla.org/show_bug.cgi?id=318962 318962 ] || Implement SHS algorithm tests for FIPS 140-2 validation || Completed|-|[https://bugzilla.mozilla.org/show_bug.cgi?id=318964 318964 ] || Implement HMAC algorithm tests for FIPS 140-2 validation || Completed|-|[https://bugzilla.mozilla.org/show_bug.cgi?id=318966 318966 ] || Implement RNG algorithm tests for FIPS 140-2 validation || Completed|-|[https://bugzilla.mozilla.org/show_bug.cgi?id=318967 318967 ] || Implement DSA  algorithm tests for FIPS 140-2 validation || Completed|-|[https://bugzilla.mozilla.org/show_bug.cgi?id=318970 318970 ] || Implement RSA algorithm tests for FIPS 140-2 validation || Completed|-|[https://bugzilla.mozilla.org/show_bug.cgi?id=312395 312395 ] || Enhance fipstest to perform FIPS AES algorithm testing || Completed|-|[https://bugzilla.mozilla.org/show_bug.cgi?id=342362 342362 ] || Need https://ftp.mozilla.org for secure download of NSS releases. || Completed|}=== Testing Lab === [http://www.bkpsecurity.com/ BKP Security ]=== FIPS Information ===[http://csrc.nist.gov/cryptval/ NIST Cryptographic Module Validation Program ] [http://csrc.nist.gov/CryptoToolkit/ NIST Crypto Toolkit ]== NSS FIPS 140-2 Validation Docs ==[[ NSSCryptoModuleSpec | NSS FIPS 140-2 Validation Docs ]]== FIPS 140-2 Derived Test Requirements (DTR) ==[[ FIPS 140-2 Vendor Requirement Docs | FIPS 140-2 Derived Test Requirements (DTR) ]]
 
NSS has completed FIPS validation three times already (1997, 1999, and 2002), and is now undergoing a fourth evaluation.  This page documents our plans for the
current NSS FIPS validation.
 
Target Release: [[NSS]] 3.11.4
 
November 16, 2006: BKP Security submitted the test report to NIST for validation. We advanced to the Review Pending state on the [http://csrc.nist.gov/cryptval/140-1/preval.htm FIPS 140-2 Pre-validation List].
 
June 30, 2006: we have received the remaining four algorithm certificates: RNG ([http://csrc.nist.gov/cryptval/rng/rngval.html#208 certificate #208]), DSA ([http://csrc.nist.gov/cryptval/dss/dsaval.htm#172 certificate #172]), RSA ([http://csrc.nist.gov/cryptval/dss/rsaval.html#152 certificate #152]), and ECDSA ([http://csrc.nist.gov/cryptval/dss/ecdsaval.html#30 certificate #30]).
 
June 23, 2006: we are now on the [http://csrc.nist.gov/cryptval/140-1/preval.htm FIPS 140-2 Pre-validation List].
 
June 15, 2006: we addressed the deficiencies in Chapter 1-4 of the documentation.
 
April 13, 2006 status: we are having RNG, DSA, and RSA validated now. We are updating our Security Policy and writing our responses to the vendor requirements in the FIPS 140-2 Derived Test Requirements (DTR).
 
January 20, 2006 status: we have received four algorithm certificates: AES ([http://www.csrc.nist.gov/cryptval/aes/aesval.html#352 certificate #352]), Triple DES ([http://csrc.nist.gov/cryptval/des/tripledesval.html#410 certificate #410]), SHS ([http://csrc.nist.gov/cryptval/shs/shaval.htm#426 certificate #426]), and HMAC ([http://csrc.nist.gov/cryptval/mac/hmacval.html#152 certificate #152]).
 
=== Platforms ===
 
* Level 1
** RHEL '''4''' x86 (was: RHEL '''3''' x86)
** Windows XP Service Pack 2
** 64-bit Solaris 10 AMD64
** HP-UX B.11.11 PA-RISC
** Mac OS X 10.4
* Level 2
** RHEL 4 '''x86_64''' (was: RHEL 4 '''x86''')
** 64-bit Trusted Solaris 8 SPARC
 
=== Schedule ===
 
{| border="1" cellpadding="2"
|-
! Milestone !! Item !! Deps !! Time !! Who !! Completed  
|-  
| M1 || Initial Setup || || || ||
|-
| 1a || Choose validation Lab, approve costs, and sign NDA || all ||  || all || [http://www.bkpsecurity.com/ BKP Security ]  
|-
| 1b || [http://csrc.nist.gov/publications/nistpubs/800-29/sp800-29.pdf Review FIPs 140-2 and compare to FIPS 140-1] || all || || || X
|-  
| 1c || BKP Training course June 21st and June 22nd ||  || || glen, jullien, Darren, Wan-Teh, Bob || X
|-
| 1d || Define Algorithms, Key Sizes and modes || || || || X  
|-  
| M2 || Complete NSS 3.11 FIPS dependant bugs  || || || || X
|-
| M3  || Update documentation (numbers in parentheses refer to sections in FIPS documentation) || || || ||  
|-
| 3a. || (1.0) Security policy, new algorithms || 1d || 2 wks || all || ongoing
|-
| 3b. || Generate annotated source tree (LXR -> HTML) || M2 || || glen || ongoing
|-
| 3c. || (2.0) Finite State Machine || 3b || 3 wks || ||
|-
| 3d. || (3.0/4.0) Cryptographic Module Definition || 3b ||  2 wks || ||
|-
| 3e. || (6.0) Software Security (rules-to-code map) || 3b || 2 wks || ||
|-
| 3f. || (8.0) Key Management Generate 20K random #'s || || 1 day || ||
|-
| 3g. || (9.0) Cryptographic Algs || 3a || 3 days || ||
|-
| 3h. || (10.0) Operational Test Plan || || 1 day || ||  
|-
| 3i. || Document architectural changes between 3.2 and 3.11 ||  || 5 days || ||  
|-
| M4 || Send docs to testing lab  || || || ||
|-
| 4a. || Security Policy || || all || ongoing ||
|-
| 4b. || Finite State Machine || 3c || || ||
|-
| 4c. || Module Def. / rules-to-code || 3d,3e || || ||
|-
| M5  || Operational validation || || || ||
|-
| 5a. || Algorithm testing || || 1 month || ||
|-
| 5b. || Operational testing || 3h || 1 week || ||
|-
| 5c || set up machines for Lab to run operational tests on, provide Lab tech with access to machines (last time we both sent a box to the lab and set up a temporary account in the intranet for them)  || || || ||
|-
| M6 || Internal QA of docs || M2-M5 || 1 week || all ||
|-
| M7 || Communication between NSS team / Lab / NIST about status of validation / algorithm certificates || M1-5 || 3-6 mos || all ||
|}
 
<BR>
 
=== Algorithms ===  
 
Plan is to validate all FIPS-approved algorithms that NSS implements and NIST has tests for. There are eight such algorithms:  
{| border="1" cellpadding="2"
|+
|-
!Algorithms !! Key Size !! Modes !! Testing Completed  
 
|-
![http://csrc.nist.gov/cryptval/des/tripledesval.html TripleDES]  
| KO 1,2,3 (56,112,168)
||
TECB(e/d; KO 1,2,3)<br>
TCBC(e/d; KO 1,2,3)
||  
[http://csrc.nist.gov/cryptval/des/tripledesval.html#410 Certificate #410] for x86 CPUs<br><br>
[http://csrc.nist.gov/cryptval/des/tripledesval.html#469 Certificate #469] for non-x86 CPUs
|-
! [http://csrc.nist.gov/cryptval/aes/aesval.html AES]  
| 128/192/256
||
ECB(e/d; 128,192,256)<br>
CBC(e/d; 128,192,256)
||  
[http://csrc.nist.gov/cryptval/aes/aesval.html#352 Certificate #352]
|-
![http://csrc.nist.gov/publications/fips/fips180-2/fips180-2withchangenotice.pdf/ SHS (including all variants: SHA-1, SHA-256, SHA-384, and SHA-512)]
[http://csrc.nist.gov/cryptval/shs/shaval.htm SHS]  
|
SHA-1  (BYTE-only)<br>
SHA-256 (BYTE-only)<br>
SHA-384 (BYTE-only)<br>
SHA-512 (BYTE-only)
|| N/A ||  
[http://csrc.nist.gov/cryptval/shs/shaval.htm#426 Certificate #426]
|-
! [http://csrc.nist.gov/cryptval/mac/hmacval.html HMAC]
|  
HMAC-SHA1, HMAC-SHA256,<br>
HMAC-SHA384, HMAC-SHA512  
||  
KeySize < BlockSize,<br>
KeySize = BlockSize,<br>
KeySize > BlockSize  
||  
[http://csrc.nist.gov/cryptval/mac/hmacval.html#152 Certificate #152]
|-
! [http://csrc.nist.gov/cryptval/rng/rngval.html RNG]  
| N/A  
||   
FIPS 186-2
[(x-Change Notice);
(SHA-1)]<br>
FIPS 186-2 General Purpose
[(x-Change Notice);
(SHA-1)]
||  
[http://csrc.nist.gov/cryptval/rng/rngval.html#208 Certificate #208]
|-
! [http://csrc.nist.gov/cryptval/dss/dsaval.htm DSA]  
| 512-1024 ||
PQG(gen)MOD(ALL);<br>
PQG(ver)MOD(ALL);<br>
KEYGEN(Y)MOD(ALL);<br>
SIG(gen)MOD(ALL);<br>
SIG(ver)MOD(ALL);
||  
[http://csrc.nist.gov/cryptval/dss/dsaval.htm#172 Certificate #172]
|-
! [http://csrc.nist.gov/cryptval/dss/rsaval.html RSA]  
| 1024-8192 ||   
ALG[RSASSA-PKCS1_V1_5];  SIG(gen);   
SIG(ver);  
||
[http://csrc.nist.gov/cryptval/dss/rsaval.html#152 Certificate #152]
|-
! [http://csrc.nist.gov/cryptval/dss/ecdsaval.html ECDSA]
(Extended ECC)
| 163-571 ||
PKG: CURVES( ALL-P ALL-K ALL-B );<br>
PKV: CURVES( ALL-P ALL-K ALL-B );<br>
SIG(gen): CURVES( ALL-P ALL-K ALL-B );<br>
SIG(ver): CURVES( ALL-P ALL-K ALL-B );
||  
[http://csrc.nist.gov/cryptval/dss/ecdsaval.html#30 Certificate #30]
|-
! [http://csrc.nist.gov/cryptval/dss/ecdsaval.html ECDSA]
(Basic ECC)
| 256-521 ||
PKG: CURVES( ALL-P P-256 P-384 P-521 );<br>
PKV: CURVES( ALL-P P-256 P-384 P-521 );<br>
SIG(gen): CURVES( ALL-P P-256 P-384 P-521 );<br>
SIG(ver): CURVES( P-256 P-384 P-521 );
||  
[http://csrc.nist.gov/cryptval/dss/ecdsaval.html#37 Certificate #37]
|}
 
In this validation, we should validate AES and Triple DES first because their
implementations are stable.  Next we should test SHS because RNG and DSA depend on SHA-1.  After SHS is tested, we can test HMAC.  Finally, when the new RNG
and big num library code is checked in, we can test the rest of the algorithms
(RNG, DSA, and RSA).
 
=== Dependant Bugs ===
{| border="1" cellpadding="2"
|-
! Bug !! Description !! Completed  
|-  
|[https://bugzilla.mozilla.org/show_bug.cgi?id=259135 259135] || power-up self-tests needed for SHA-256,384,512 and AES || Completed  
|-  
| [https://bugzilla.mozilla.org/show_bug.cgi?id=294106 294106] || Implement the recommended PRNG changes described in FIPS 186-2 Change Notice 1 || Completed
|-  
| [https://bugzilla.mozilla.org/show_bug.cgi?id=298506 298506 ] || Implement logging for auditable events required by FIPS 140-2 || Completed
|-  
| [https://bugzilla.mozilla.org/show_bug.cgi?id=298511 298511 ] || Increase FIPS 186-2 RNG internal state size || Completed
|-  
| [https://bugzilla.mozilla.org/show_bug.cgi?id=298512 298512 ] || Ensure the seed and seed key input for RNG do not have same value for FIPS 140-2 || Completed
|-  
| [https://bugzilla.mozilla.org/show_bug.cgi?id=298513 298513 ] || Implement pairwise consistency test for key transport key generation FIPS 140-2 || Completed
|-  
| [https://bugzilla.mozilla.org/show_bug.cgi?id=298514 298514 ]|| Implement pairwise consistency for digitial signature key generation for FIPS 140-2 || Completed
|-  
| [https://bugzilla.mozilla.org/show_bug.cgi?id=298516 298516 ] || Implement minimum length of PINs for FIPS 140-2 mode || Completed
|-  
| [https://bugzilla.mozilla.org/show_bug.cgi?id=298517 298517 ] || Implement minimum time intervals for login attempts failures for FIPS 140-2 || Completed
|-  
| [https://bugzilla.mozilla.org/show_bug.cgi?id=298520 298520 ] || Implement key establishment must be as secure as the strength of the key being transported for FIPS 140-2 || Completed
|-
|[https://bugzilla.mozilla.org/show_bug.cgi?id=298522 298522 ] || Implement more power-up self tests, such as HMAC, RSA for FIPS 140-2 || Completed
|-
|[https://bugzilla.mozilla.org/show_bug.cgi?id=305984 305984 ] || Update the isFIPS information  SSLCipherSuiteInfo table || Completed
 
|-
|[https://bugzilla.mozilla.org/show_bug.cgi?id=318958 318958 ] || Implement TDEA algorithm tests for FIPS 140-2 validation || Completed
 
|-
|[https://bugzilla.mozilla.org/show_bug.cgi?id=318962 318962 ] || Implement SHS algorithm tests for FIPS 140-2 validation || Completed
 
|-
|[https://bugzilla.mozilla.org/show_bug.cgi?id=318964 318964 ] || Implement HMAC algorithm tests for FIPS 140-2 validation || Completed
 
|-
|[https://bugzilla.mozilla.org/show_bug.cgi?id=318966 318966 ] || Implement RNG algorithm tests for FIPS 140-2 validation || Completed
 
|-
|[https://bugzilla.mozilla.org/show_bug.cgi?id=318967 318967 ] || Implement DSA  algorithm tests for FIPS 140-2 validation || Completed
 
|-
|[https://bugzilla.mozilla.org/show_bug.cgi?id=318970 318970 ] || Implement RSA algorithm tests for FIPS 140-2 validation || Completed
 
|-
|[https://bugzilla.mozilla.org/show_bug.cgi?id=312395 312395 ] || Enhance fipstest to perform FIPS AES algorithm testing || Completed
 
|-
|[https://bugzilla.mozilla.org/show_bug.cgi?id=342362 342362 ] || Need https://ftp.mozilla.org for secure download of NSS releases. || Completed
 
|}
 
=== Testing Lab ===  
[http://www.bkpsecurity.com/ BKP Security ]
 
=== FIPS Information ===
 
[http://csrc.nist.gov/cryptval/ NIST Cryptographic Module Validation Program ]  
 
[http://csrc.nist.gov/CryptoToolkit/ NIST Crypto Toolkit ]
 
== NSS FIPS 140-2 Validation Docs ==
 
[[ NSSCryptoModuleSpec | NSS FIPS 140-2 Validation Docs ]]
 
== FIPS 140-2 Derived Test Requirements (DTR) ==
 
 
[[ FIPS 140-2 Vendor Requirement Docs | FIPS 140-2 Derived Test Requirements (DTR) ]]
Vavnzcv
1

edit

Retrieved from "https://wiki.mozilla.org/Special:MobileDiff/42983"