000027271 - BSAFE: Crypto-J: on.load versus manually running self-test with CryptoJ.runSelfTests

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000027271
Applies ToCrypto-J
IssueBSAFE: Crypto-J: on.load versus manually running self-test with CryptoJ.runSelfTests

As the Developer?s Guide mentions and as the Security Policy confirms on page 17 (Crypto-J 4.1), FIPS 140-2 compliance requires setting the KAT strategy to on.load.

The on.load strategy will run the self tests when the module loads.  If the module loads, all of the self tests have passed.

The on.load strategy runs exactly the same tests as CryptoJ.runSelfTests().

Calling CryptoJ.runSelfTests() will just run the tests again. If no exception is thrown, then all of the tests passed.

In general, manually running the self-tests won?t help you much.  The main benefit of calling runSelfTests would be to detect memory failures which have occurred since the module was first loaded.

Legacy Article IDa52625

Attachments

    Outcomes