Download Print this page

HP 6125XLG Configuration Manual: Fips Self-tests; Power-up Self-tests; Conditional Self-tests; Triggering Self-tests

R2306-hp 6125xlg blade switch security configuration guide.
Hide thumbs

Advertisement

FIPS self-tests

FIPS provides self-test mechanisms, including power-up self-test and conditional self-test, to ensure the
normal operation of cryptography modules. You can also trigger a self-test. If the power-up self-test fails,
the device where the self-test process exists reboots. If the conditional self-test fails, the system outputs
self-test failure information.
NOTE:
If a self-test fails, contact HP Support.

Power-up self-tests

The power-up self-test, also called "known-answer test," examines the availability of FIPS-allowed
cryptographic algorithms. A cryptographic algorithm is run on data for which the correct output is
already known. The calculated output is compared with the known answer. If they are not identical, the
known-answer test fails.
The power-up self-test examines the following cryptographic algorithms:
DSA (signature and authentication)
RSA (signature and authentication)
RSA (encryption and decryption)
AES
3DES
SHA1
HMAC-SHA1
Random number generator algorithms

Conditional self-tests

A conditional self-test runs when an asymmetrical cryptographic module or a random number generator
module is invoked. Conditional self-tests include the following types:
Pair-wise consistency test—This test is run when a DSA/RSA asymmetrical key-pair is generated. It
uses the public key to encrypt a plain text, and uses the private key to decrypt the encrypted text. If
the decryption is successful, the test succeeds. Otherwise, the test fails.
Continuous random number generator test—This test is run when a random number is generated.
If two consecutive random numbers are different, the test succeeds. Otherwise, the test fails. This test
can also be run when a DSA/RSA asymmetrical key-pair is generated.

Triggering self-tests

To examine whether the cryptography modules operate correctly, you can trigger a self-test on the
cryptographic algorithms. The triggered self-test is the same as the power-up self-test. If the self-test fails,
the device automatically reboots.
To trigger a self-test:
194

Advertisement

Troubleshooting

   Related Manuals for HP 6125XLG

Comments to this Manuals

Symbols: 0
Latest comments: