FIPSFSM: Difference between revisions

FIPSFSM (view source)

Revision as of 23:59, 18 July 2006

132 bytes added , 18 July 2006

→‎Finite State Model

Wtchang

canmove, Confirmed users

937

edits

@@ Line 2: / Line 2: @@
 ==Finite State Model==
-The NSS FIPS cryptographic module runs as part of an application program on a host computer. When a running program makes an NSS library initialization call, the state changes and power-up self-tests are performed. See [http://wiki.mozilla.org/Section_9:_Self_Tests Self Tests] for a description of the power-up self-tests. If the self-tests succeed, the NSS library is considered initialized and the module enters the normal operational state. Refer to the tables below when studying this state transition diagram.<br>
+The NSS cryptographic module is a shared library/DLL loaded by an application program on a host computer. When a program calls the <code>FC_Initialize</code> function of the NSS cryptographic module library, the state changes and power-up self-tests are performed. See [http://wiki.mozilla.org/Section_9:_Self_Tests Self Tests] for a description of the power-up self-tests. If the self-tests succeed, the library is considered initialized and the module enters the normal operational state. Refer to the tables below when studying this state transition diagram.<br>
 [[ Image:Fsmm2.png ]]
-'''Recovery from error states''': If the module ever enters the Error state, the NSS library needs to be shut down (transition 3.0) and reinitialized (transition 1.1).
+'''Recovery from error states''': If the module ever enters the Error state, the NSS cryptographic module library needs to be shut down (transition 3.0) and reinitialized (transition 1.1).
 '''Inclusive statement''': The action of the finite state model as a result of all other combinations of data and control inputs is defined as follows.
-* If the data and control inputs are valid and the module performs the service successfully, the module outputs the requested data or status information and returns CKR_OK.
+* If the data and control inputs are valid and the module performs the service successfully, the module outputs the requested data or status information and returns <code>CKR_OK</code>.
-* If the data and control inputs are invalid or the module encounters an error (e.g., running out of memory) when performing a service, the module does not output any data and simply returns an appropriate error code (e.g., CKR_HOST_MEMORY, CKR_TOKEN_WRITE_PROTECTED, CKR_TEMPLATE_INCOMPLETE, or CKR_ATTRIBUTE_VALUE_INVALID).
+* If the data and control inputs are invalid or the module encounters an error (e.g., running out of memory) when performing a service, the module does not output any data and simply returns an appropriate error code (e.g., <code>CKR_HOST_MEMORY</code>, <code>CKR_TOKEN_WRITE_PROTECTED</code>, <code>CKR_TEMPLATE_INCOMPLETE</code>, or <code>CKR_ATTRIBUTE_VALUE_INVALID</code>).
 The module stays in the current state.