FIPSFSM: Difference between revisions

From MozillaWiki
Jump to navigation Jump to search
Line 64: Line 64:
| 1.0|| Power Off|| Power On|| Host computer is powered up|| None
| 1.0|| Power Off|| Power On|| Host computer is powered up|| None
|-
|-
| 1.1|| Power On|| Power Up Self Test|| NSS_Initialize/FC_Initialize called|| Power-up self-tests initiated
| 1.1|| Power On|| Power Up Self Test|| <code>FC_Initialize</code> called|| Power-up self-tests initiated
|-
|-
| 1.2|| Power Up Self Test|| Public Services|| Successful library initialization, software integrity test, and power-up self-tests|| FC_Initialize sets the internal Boolean state variable fatalError to false and returns CKR_OK
| 1.2|| Power Up Self Test|| Public Services|| Successful library initialization, software integrity test, and power-up self-tests|| <code>FC_Initialize</code> sets the internal Boolean state variable <code>fatalError</code> to false and returns <code>CKR_OK</code>
|-
|-
| 1.3|| Power Up Self Test|| Error|| Software integrity test or power-up self-test failure|| FC_Initialize sets the internal Boolean state variable fatalError to true and returns CKR_DEVICE_ERROR
| 1.3|| Power Up Self Test|| Error|| Software integrity test or power-up self-test failure|| <code>FC_Initialize</code> sets the internal Boolean state variable <code>fatalError</code> to true and returns <code>CKR_DEVICE_ERROR</code>
|-
|-
| 1.4|| Public Services|| Error|| Conditional self-test (continuous random number generator test) failed while performing a service (random number generation)|| The function (FC_SeedRandom or FC_GenerateRandom) sets the internal Boolean state variable fatalError to true and returns CKR_DEVICE_ERROR
| 1.4|| Public Services|| Error|| Conditional self-test (continuous random number generator test) failed while performing a service (random number generation)|| The function (<code>FC_SeedRandom</code> or <code>FC_GenerateRandom</code>) sets the internal Boolean state variable <code>fatalError</code> to true and returns <code>CKR_DEVICE_ERROR</code>
|-
|-
| 1.5|| Public Services|| NSS User Services|| User login succeeded|| FC_Login sets the internal Boolean state variable isLoggedIn to true and returns CKR_OK
| 1.5|| Public Services|| NSS User Services|| User login succeeded|| <code>FC_Login</code> sets the internal Boolean state variable <code>isLoggedIn</code> to true and returns <code>CKR_OK</code>
|-
|-
| 1.6|| Public Services|| Public Services|| User login failed|| FC_Login returns a nonzero error code (e.g., CKR_PIN_INCORRECT)
| 1.6|| Public Services|| Public Services|| User login failed|| <code>FC_Login</code> returns a nonzero error code (e.g., <code>CKR_PIN_INCORRECT</code>)
|-
|-
| 1.7|| Public Services|| Power On|| NSS_Shutdown/FC_Finalize called|| FC_Finalize returns CKR_OK
| 1.7|| Public Services|| Power On|| <code>FC_Finalize</code> called|| <code>FC_Finalize</code> returns <code>CKR_OK</code>
|-
|-
| 2.1|| NSS User Services|| Public Services|| User logout requested|| FC_Logout sets the internal Boolean state variable isLoggedIn to false and returns CKR_OK
| 2.1|| NSS User Services|| Public Services|| User logout requested|| <code>FC_Logout</code> sets the internal Boolean state variable <code>isLoggedIn</code> to false and returns <code>CKR_OK</code>
|-
|-
| 2.2|| NSS User Services|| On Demand Self Test|| On-demand self-test requested with a FC_Login call|| Self-tests initiated
| 2.2|| NSS User Services|| On Demand Self Test|| On-demand self-test requested with a <code>FC_Login</code> call|| Self-tests initiated
|-
|-
| 2.3|| On Demand Self Test|| NSS User Services|| On-demand self-test passed|| FC_Login returns CKR_USER_ALREADY_LOGGED_IN
| 2.3|| On Demand Self Test|| NSS User Services|| On-demand self-test passed|| <code>FC_Login</code> returns <code>CKR_USER_ALREADY_LOGGED_IN</code>
|-
|-
| 2.4|| On Demand Self Test|| Error|| On-demand self-test failed|| FC_Login sets the internal Boolean state variable fatalError to true and returns CKR_DEVICE_ERROR
| 2.4|| On Demand Self Test|| Error|| On-demand self-test failed|| <code>FC_Login</code> sets the internal Boolean state variable <code>fatalError</code> to true and returns <code>CKR_DEVICE_ERROR</code>
|-
|-
| 2.5|| NSS User Services|| Power On|| NSS_Shutdown/FC_Finalize called|| FC_Finalize returns CKR_OK
| 2.5|| NSS User Services|| Power On|| <code>FC_Finalize</code> called|| <code>FC_Finalize</code> returns <code>CKR_OK</code>
|-
|-
| 2.6|| NSS User Services|| Error|| Conditional self-test (pair-wise consistency test) failed while performing a service (key pair generation)|| The function (FC_GenerateKeyPair) sets the internal Boolean state variable fatalError to true and returns CKR_GENERAL_ERROR or CKR_DEVICE_ERROR
| 2.6|| NSS User Services|| Error|| Conditional self-test (continuous random number generator test or pair-wise consistency test) failed while performing a service (random number generation or key pair generation)|| The function (<code>FC_SeedRandom</code>, <code>FC_GenerateRandom</code>, or <code>FC_GenerateKeyPair</code>) sets the internal Boolean state variable <code>fatalError</code> to true and returns <code>CKR_DEVICE_ERROR</code> or <code>CKR_GENERAL_ERROR</code>
|-
|-
| 3.0|| Error|| Power On|| NSS_Shutdown/FC_Finalize called|| FC_Finalize returns CKR_OK
| 3.0|| Error|| Power On|| <code>FC_Finalize</code> called|| <code>FC_Finalize</code> returns <code>CKR_OK</code>
|-
|-
| 4.0|| Power On|| Power Off|| Host computer is powered off|| None
| 4.0|| Power On|| Power Off|| Host computer is powered off|| None
|+
|+
}
}

Revision as of 00:18, 19 July 2006

This is a draft document.

Finite State Model

The NSS cryptographic module is a shared library/DLL loaded by an application program on a host computer. When a program calls the FC_Initialize function of the NSS cryptographic module library, the state changes and power-up self-tests are performed. See Self Tests for a description of the power-up self-tests. If the self-tests succeed, the library is considered initialized and the module enters the normal operational state. Refer to the tables below when studying this state transition diagram.
Fsmm2.png

Recovery from error states: If the module ever enters the Error state, the NSS cryptographic module library needs to be shut down (transition 3.0) and reinitialized (transition 1.1).

Inclusive statement: The action of the finite state model as a result of all other combinations of data and control inputs is defined as follows.

  • If the data and control inputs are valid and the module performs the service successfully, the module outputs the requested data or status information and returns CKR_OK.
  • If the data and control inputs are invalid or the module encounters an error (e.g., running out of memory) when performing a service, the module does not output any data and simply returns an appropriate error code (e.g., CKR_HOST_MEMORY, CKR_TOKEN_WRITE_PROTECTED, CKR_TEMPLATE_INCOMPLETE, or CKR_ATTRIBUTE_VALUE_INVALID).

The module stays in the current state.

States

State Label

State Mnemonic

State Description

Distinct Indicator

1.X Power Off Host computer is powered off. The initial state. Host computer's power light is off.
1.A Power On Host computer is up and running. Host computer's power light is on.
1.B Power Up Self Test NSS cryptographic module library initialization has been initiated. This state performs library initialization, software integrity test, and power-up self-tests. The FC_Initialize call is executing.
1.C Public Services NSS cryptographic module library has been initialized and its self-tests have passed. Services that do not require logging in to the module are available. Public services can be invoked. Private services fail with the error code CKR_USER_NOT_LOGGED_IN.
2.A NSS User Services Operator has successfully logged in to assume the NSS User role and has access to all the services provided by the NSS cryptographic module. All services can be invoked.
2.B On Demand Self Test Operator requested self-tests are being run. The FC_Login call is executing.
3 Error The NSS cryptographic module either has failed a conditional test while performing a service or has failed a power-up or operator-initiated self-test. No further cryptographic operations will be performed. Only FC_Finalize, FC_InitToken, FC_CloseSession, FC_CloseAllSessions, FC_WaitForSlotEvent, and the "get info" functions (FC_GetFunctionList, FC_GetInfo, FC_GetSlotList, FC_GetSlotInfo, and FC_GetTokenInfo) can be invoked. FC_Initialize fails with the error code CKR_CRYPTOKI_ALREADY_INITIALIZED. All other functions fail with the error code CKR_DEVICE_ERROR.

Transitions

Trans #

Current State

Next State

Input Event

Output Event

1.0 Power Off Power On Host computer is powered up None
1.1 Power On Power Up Self Test FC_Initialize called Power-up self-tests initiated
1.2 Power Up Self Test Public Services Successful library initialization, software integrity test, and power-up self-tests FC_Initialize sets the internal Boolean state variable fatalError to false and returns CKR_OK
1.3 Power Up Self Test Error Software integrity test or power-up self-test failure FC_Initialize sets the internal Boolean state variable fatalError to true and returns CKR_DEVICE_ERROR
1.4 Public Services Error Conditional self-test (continuous random number generator test) failed while performing a service (random number generation) The function (FC_SeedRandom or FC_GenerateRandom) sets the internal Boolean state variable fatalError to true and returns CKR_DEVICE_ERROR
1.5 Public Services NSS User Services User login succeeded FC_Login sets the internal Boolean state variable isLoggedIn to true and returns CKR_OK
1.6 Public Services Public Services User login failed FC_Login returns a nonzero error code (e.g., CKR_PIN_INCORRECT)
1.7 Public Services Power On FC_Finalize called FC_Finalize returns CKR_OK
2.1 NSS User Services Public Services User logout requested FC_Logout sets the internal Boolean state variable isLoggedIn to false and returns CKR_OK
2.2 NSS User Services On Demand Self Test On-demand self-test requested with a FC_Login call Self-tests initiated
2.3 On Demand Self Test NSS User Services On-demand self-test passed FC_Login returns CKR_USER_ALREADY_LOGGED_IN
2.4 On Demand Self Test Error On-demand self-test failed FC_Login sets the internal Boolean state variable fatalError to true and returns CKR_DEVICE_ERROR
2.5 NSS User Services Power On FC_Finalize called FC_Finalize returns CKR_OK
2.6 NSS User Services Error Conditional self-test (continuous random number generator test or pair-wise consistency test) failed while performing a service (random number generation or key pair generation) The function (FC_SeedRandom, FC_GenerateRandom, or FC_GenerateKeyPair) sets the internal Boolean state variable fatalError to true and returns CKR_DEVICE_ERROR or CKR_GENERAL_ERROR
3.0 Error Power On FC_Finalize called FC_Finalize returns CKR_OK
4.0 Power On Power Off Host computer is powered off None
}
Retrieved from "https://wiki.mozilla.org/index.php?title=FIPSFSM&oldid=29522"