Closed Bug 408205 Opened 13 years ago Closed 9 years ago

Need a test (litmus) for FIPS mode

Categories

(Core :: Security: PSM, defect)

defect
Not set

Tracking

()

RESOLVED FIXED

People

(Reporter: benjamin, Assigned: marcia)

References

Details

We had a little scare in bug 404340 (see also bug 370693) that FIPS mode might be broken in beta2. After some discussion in #developers we think we're ok, but we'd like to add a test in Litmus for FIPS mode to make sure we get adequate testing.

Kaie/nelson: what would be a good test from within the Firefox UI to see whether FIPS mode is working properly?
Flags: in-litmus?
In Firefox UI, try to enable FIPS mode.

  prefs/advanced/encryption/security devices/enable fips button

In general, if that dialog shows a button labeled "disable fips", you're in FIPS mode, and if you can do SSL while in that mode, you should be fine.

Note that FIPS mode requires you have a master password set - do that before you attempt to enabled FIPS mode.

CC'ing some more people to correct me, but I think "working SSL while FIPS mode enabled" is a correct hint that FIPS mode is working.
i will create a litmus testcase for this
https://litmus.mozilla.org/show_test.cgi?id=5200 is one test case that has been created, I will create a few more for enabling and disabling.
adding in Litmus+ flag. Unless folks think more tests are needed here, then can this bug be resolved fixed?
Flags: in-litmus? → in-litmus+
Is this issue resolved?
Thanks a lot for working on this, Marcia!

It would be nice if the litmus would list the following additional information:

   Verify that the label of the button still says "enable fips".
Assignee: kaie → marcia
Status: NEW → RESOLVED
Closed: 10 years ago
Resolution: --- → FIXED
(In reply to comment #0)
> 
> Kaie/nelson: what would be a good test from within the Firefox UI to see
> whether FIPS mode is working properly?

Hmm, if the intention is to "test that FIPS mode is working properly", then the litmus test https://litmus.mozilla.org/show_test.cgi?id=5200 is not sufficient.

What you'd need to do is:
- in firefox or thunderbird or any other app, 
  go to preferences, find the security preferences
- select "use a master password"
- enter password twice, use: 123.456, confirm
- go to preferences advanced / encryption
- click security devices
- click enable fips
- you should NOT get a prompt
- the label of "enable fips" button should have changed to "disable fips"
- the button may have changed to disabled (grayed out), that's fine
Status: RESOLVED → REOPENED
Resolution: FIXED → ---
Based on the previous comment, I believe the following testcase should suffice:
https://litmus.mozilla.org/show_test.cgi?id=13884

Resolving FIXED.
Status: REOPENED → RESOLVED
Closed: 10 years ago9 years ago
Resolution: --- → FIXED
Issue is Resolved - removing QA-Wanted Keywords - QA-Wanted query clean-up task
Keywords: qawanted
You need to log in before you can comment on or make changes to this bug.