Closed
Bug 347409
Opened 18 years ago
Closed 18 years ago
Initiate the power-up self-tests on demand by restarting the NSS cryptographic module
Categories
(NSS :: Libraries, enhancement, P2)
Tracking
(Not tracked)
RESOLVED
FIXED
3.11.3
People
(Reporter: wtc, Assigned: wtc)
Details
Attachments
(1 file)
2.03 KB,
patch
|
neil.williams
:
review+
nelson
:
review+
|
Details | Diff | Splinter Review |
FIPS 140-2 says:
In addition to performing the power-up self-tests when
powered up, a cryptographic module shall permit operator
to initiate the tests on demand for periodic testing of
the module.
It then says:
Resetting, rebooting, and power cycling are acceptable
means for the on-demand initiation of power-up tests.
For the NSS cryptographic module, "resetting, rebooting,
and power cycling" are equivalent to calling FC_Finalize
and FC_Initialize to shut down and restart the PKCS #11
module.
Right now we provide the on-demand initiation of power-up
self-tests by overloading FC_Login -- if the operator is
already logged into the FIPS token and calls FC_Login again,
it means he wants to initiate the power-up self-tests on
demand. I propose that we take advantage of what FIPS 140-2
allows us to do, and just use restarting the PKCS #11 module
as the means for the on-demand initiation of power-up tests.
Then we will only need to call the power-up self-tests in
FC_Initialize.
Our FIPS documentation will need to be updated.
Assignee | ||
Comment 1•18 years ago
|
||
Remove the on-demand initiation of power-up self-tests
(and the audit logging statement for self-test failure)
from FC_Login.
Note that I add a new Boolean variable 'successful' to
store the value of the common expression
(rv == CKR_OK) || (rv == CKR_USER_ALREADY_LOGGED_IN).
Attachment #232195 -
Flags: superreview?(nelson)
Attachment #232195 -
Flags: review?(neil.williams)
Comment 2•18 years ago
|
||
Comment on attachment 232195 [details] [diff] [review]
Proposed patch
My only uncertainty about this patch was the use of %l in this statement:
>+ PR_snprintf(msg,sizeof msg,
>+ "C_Login(hSession=%lu, userType=%lu)=0x%08lX",
>+ (PRUint32)hSession,(PRUint32)userType,(PRUint32)rv);
I seem to recall that NSPR's printf functions interpret %l differently
than libc's functions, but do not recall the details.
Attachment #232195 -
Flags: superreview?(nelson) → review+
Assignee | ||
Comment 3•18 years ago
|
||
Nelson, NSPR uses %l for PRInt32 and PRUint32, whereas libc uses
%l for long and unsigned long. Since the three variables I want
to print with PR_snprintf are all unsigned long's, I first cast
them to PRUint32 and then use the %l format. (Since PKCS #11
supports 32-bit platforms, it's safe to cast those unsigned long
values to PRUint32 even on 64-bit platforms.)
Assignee | ||
Comment 4•18 years ago
|
||
I checked in the patch on the NSS trunk (NSS 3.12).
Checking in fipstokn.c;
/cvsroot/mozilla/security/nss/lib/softoken/fipstokn.c,v <-- fipstokn.c
new revision: 1.18; previous revision: 1.17
done
Neil, please review this patch so that I can check it in
on the NSS_3_11_BRANCH. Thanks.
Status: NEW → ASSIGNED
Priority: -- → P2
Comment 5•18 years ago
|
||
Comment on attachment 232195 [details] [diff] [review]
Proposed patch
OK.
Attachment #232195 -
Flags: review?(neil.williams) → review+
Assignee | ||
Comment 6•18 years ago
|
||
I checked in the patch on the NSS_3_11_BRANCH for NSS 3.11.3.
Checking in fipstokn.c;
/cvsroot/mozilla/security/nss/lib/softoken/fipstokn.c,v <-- fipstokn.c
new revision: 1.11.2.8; previous revision: 1.11.2.7
done
Status: ASSIGNED → RESOLVED
Closed: 18 years ago
Resolution: --- → FIXED
Target Milestone: 3.11.5 → 3.11.3
You need to log in
before you can comment on or make changes to this bug.
Description
•