Manualshelf

Reference Guide

ManualsBrandsDell ManualsBSAFEBSAFE Crypto-J
11121314151617181920
20 Crypto-C ME Cryptographic Toolkit
RSA BSAFE Crypto-C Micro Edition 4.1 Security Policy
Level 1
Entropy RNG
OTP RNG.
For more information about using Crypto-C ME in a FIPS 140-2-compliant manner,
see “Secure Operation of Crypto-C ME” on page 22.
2.6 Self Tests
Crypto-C ME performs a number of power-up and conditional self-tests to ensure
proper operation.
If a power-up self-test fails for one of the resource libraries, all cryptographic services
for the library are disabled. Services for a disabled library can only be re-enabled by
reloading the FIPS 140-2 module. If a conditional self-test fails, the operation fails but
no services are disabled.
For self-test failures (power-up or conditional) the library notifies the user through the
returns and error codes for the API.
2.6.1 Power-up Self-test
Crypto-C ME implements the following power-up self-tests:
AES in CCM, GCM, GMAC, and XTS mode Known Answer Tests (KATs)
Triple DES KATs
SHA-1, SHA-224, SHA-256, SHA-384, SHA-512, SHA-512/224, and
SHA-512/256 KATs
HMAC SHA-1, SHA-224, SHA-256, SHA-384, SHA-512 SHA-512/224, and
SHA-512/256 KATs
TLS 1.0/1.1 ANSI X9.63 KDF KATs
RSA sign/verify KATs
RSA sign/verify test
DSA sign/verify test
ECDSA sign/verify test
DH and ECDH conditional tests
PRNG (CTR DRBG, HMAC DRBG, and FIPS 186-2) KATs
Software integrity test using DSA signature verification.
Power-up self-tests are executed automatically when Crypto-C ME is loaded into
memory.