000025128 - Specifics of short and full FIPS self-tests

Document created by RSA Customer Support Employee on Jun 16, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000025128
Applies ToBSAFE/Crypto-C Micro Edition 2.1
IssueSpecifics of short and full FIPS self-tests

The securty policy, in section 4.7, lists the power-up self-tests, the conditional self-tests, and the additional tests run for the special FIPS modes.

The full tests are more comprehensive versions of the start-up tests.

For example:

AES start-up tests only try one test vector (encrypt and decrypt) for one key size for all modes. The full tests try all key sizes.

The RSA start-up tests attempt verification of a known good signature and a pairwise consistency test for each signature algorithm. The full tests attempt a key generation for 4 different sizes and pair-wise consistency check for each of the RSA signature algorithms.

Vectors used are often from standards but sometimes are just known good inputs and outputs.

NIST does not specify what or how to test. It is up to our FIPS testing lab and then CMVP to agree that what we are testing is sufficient.

There are specific tests required by SP800-90 for the Dual EC DRBG and HMAC DRBG. The required tests are performed and our testing lab checks the implementation of the tests.

Note that the chances of the tests failing are very remote as the binaries are tested on the platform by our testing lab.

Regarding block cipher modes, each algorithm is tested once as the same code paths are used regardless of mode.

Legacy Article IDa39115