canmove, Confirmed users
937
edits
FIPS Module Specification: Difference between revisions
→Cryptographic Module Specification
No edit summary |
|||
| Line 3: | Line 3: | ||
==Cryptographic Module Specification== | ==Cryptographic Module Specification== | ||
The NSS cryptographic module is a cryptographic library that presents an application program interface ('''API''') based on the PKCS #11 standard to applications. The NSS cryptographic module is compiled and built for specific platforms (see [ | The NSS cryptographic module is a cryptographic library that presents an application program interface ('''API''') based on the PKCS #11 standard to applications. The NSS cryptographic module is compiled and built for specific platforms (see [[Security_Policy#Platform_List|Platform List]]) and tagged with a release identifier to be published on [https://ftp.mozilla.org ftp.mozilla.org]. The release compliant with FIPS 140-2 is version 3.11.5. | ||
Functions that are being certified include Triple DES(KO 1,2,3 56/112/168), AES(128/192/256), SHS (SHA-1, SHA-256, SHA-384, SHA-512), HMAC, RNG, DSA (512-1024), RSA (1024-8092), and ECDSA. | Functions that are being certified include Triple DES(KO 1,2,3 56/112/168), AES(128/192/256), SHS (SHA-1, SHA-256, SHA-384, SHA-512), HMAC, RNG, DSA (512-1024), RSA (1024-8092), and ECDSA. | ||
| Line 150: | Line 150: | ||
The design of the software components of the NSS cryptographic module is specified in the following documents. Some of these documents cover the larger NSS project, of which the NSS cryptographic module is a component. | The design of the software components of the NSS cryptographic module is specified in the following documents. Some of these documents cover the larger NSS project, of which the NSS cryptographic module is a component. | ||
* [ | * [[Section_4:_Finite_State_Model|Finite State Model and Description]] | ||
* [http://www.mozilla.org/projects/security/pki/nss/pcertdb.html Physical format of the certificate database] | * [http://www.mozilla.org/projects/security/pki/nss/pcertdb.html Physical format of the certificate database] | ||
* [http://www.mozilla.org/projects/security/pki/nss/devel/pk11wrap.pdf The pk11wrap layer and the softoken] | * [http://www.mozilla.org/projects/security/pki/nss/devel/pk11wrap.pdf The pk11wrap layer and the softoken] | ||