|Issue||BSAFE: Crypto-J: on.load versus manually running self-test with CryptoJ.runSelfTests|
As the Developer?s Guide mentions and as the Security Policy confirms on page 17 (Crypto-J 4.1), FIPS 140-2 compliance requires setting the KAT strategy to on.load.
The on.load strategy will run the self tests when the module loads. If the module loads, all of the self tests have passed.
The on.load strategy runs exactly the same tests as CryptoJ.runSelfTests().
Calling CryptoJ.runSelfTests() will just run the tests again. If no exception is thrown, then all of the tests passed.
In general, manually running the self-tests won?t help you much. The main benefit of calling runSelfTests would be to detect memory failures which have occurred since the module was first loaded.
|Legacy Article ID||a52625|