Sreedhar Kamishetti wrote:
Hello,
I just started looking at JSS.
Can some one point me to the API provided by JSS for running Power Up
and Conditional Self Tests for various cryptographic modules/algorithms?
JSS is a JAVA interface to NSS; basically a JNI wrapper for NSS. JSS in
FIPS mode or Non-FIPS mode does not do any crypto
at the java layer and instead, via JNI calls, requests NSS to perform
the cryptographic operations.
Thus the PowerUp and Conditional Self Test are in NSS.
http://mxr.mozilla.org/security/source/security/nss/lib/softoken/fipstest.c
The PowerUp tests will be performed when NSS is initialized in FIPS mode.
Java application using JSS are said to be FIPS compliant by either
loading NSS in FIPS mode
or using the JSS provided methods to put NSS in FIPS mode. As with C
applications that want to
be FIPS compliant, Java applications using JSS loading (NSS in FIPS
mode) must adhere to
the "Security Rules" specified in the NSS security policy:
http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140sp/140sp814.pdf
Some Related links:
https://wiki.mozilla.org/FIPS_Validation
Sample test program:
http://mxr.mozilla.org/security/source/security/jss/org/mozilla/jss/tests/FipsTest.java
-glen
Thanks,
Sreedhar
------------------------------------------------------------------------
_______________________________________________
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
_______________________________________________
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
