Closed Bug 408205 Opened 17 years ago Closed 14 years ago

Need a test (litmus) for FIPS mode


(Core :: Security: PSM, defect)

Not set





(Reporter: benjamin, Assigned: marcia)



We had a little scare in bug 404340 (see also bug 370693) that FIPS mode might be broken in beta2. After some discussion in #developers we think we're ok, but we'd like to add a test in Litmus for FIPS mode to make sure we get adequate testing.

Kaie/nelson: what would be a good test from within the Firefox UI to see whether FIPS mode is working properly?
Flags: in-litmus?
In Firefox UI, try to enable FIPS mode.

  prefs/advanced/encryption/security devices/enable fips button

In general, if that dialog shows a button labeled "disable fips", you're in FIPS mode, and if you can do SSL while in that mode, you should be fine.

Note that FIPS mode requires you have a master password set - do that before you attempt to enabled FIPS mode.

CC'ing some more people to correct me, but I think "working SSL while FIPS mode enabled" is a correct hint that FIPS mode is working.
i will create a litmus testcase for this is one test case that has been created, I will create a few more for enabling and disabling.
adding in Litmus+ flag. Unless folks think more tests are needed here, then can this bug be resolved fixed?
Flags: in-litmus? → in-litmus+
Is this issue resolved?
Thanks a lot for working on this, Marcia!

It would be nice if the litmus would list the following additional information:

   Verify that the label of the button still says "enable fips".
Assignee: kaie → marcia
Closed: 14 years ago
Resolution: --- → FIXED
(In reply to comment #0)
> Kaie/nelson: what would be a good test from within the Firefox UI to see
> whether FIPS mode is working properly?

Hmm, if the intention is to "test that FIPS mode is working properly", then the litmus test is not sufficient.

What you'd need to do is:
- in firefox or thunderbird or any other app, 
  go to preferences, find the security preferences
- select "use a master password"
- enter password twice, use: 123.456, confirm
- go to preferences advanced / encryption
- click security devices
- click enable fips
- you should NOT get a prompt
- the label of "enable fips" button should have changed to "disable fips"
- the button may have changed to disabled (grayed out), that's fine
Resolution: FIXED → ---
Based on the previous comment, I believe the following testcase should suffice:

Resolving FIXED.
Closed: 14 years ago14 years ago
Resolution: --- → FIXED
Issue is Resolved - removing QA-Wanted Keywords - QA-Wanted query clean-up task
Keywords: qawanted
You need to log in before you can comment on or make changes to this bug.