FIPS provides self-test mechanisms, including power-up self-test and conditional self-test, to ensure the
normal operation of cryptography modules. You can also trigger a self-test. If the power-up self-test fails,
the device where the self-test process exists reboots. If the conditional self-test fails, the system outputs
self-test failure information.
If a self-test fails, contact HP Support.
The power-up self-test, also called "known-answer test," examines the availability of FIPS-allowed
cryptographic algorithms. A cryptographic algorithm is run on data for which the correct output is
already known. The calculated output is compared with the known answer. If they are not identical, the
known-answer test fails.
The power-up self-test examines the following cryptographic algorithms:
DSA (signature and authentication)
RSA (signature and authentication)
RSA (encryption and decryption)
Random number generator algorithms
A conditional self-test runs when an asymmetrical cryptographic module or a random number generator
module is invoked. Conditional self-tests include the following types:
Pair-wise consistency test—This test is run when a DSA/RSA asymmetrical key-pair is generated. It
uses the public key to encrypt a plain text, and uses the private key to decrypt the encrypted text. If
the decryption is successful, the test succeeds. Otherwise, the test fails.
Continuous random number generator test—This test is run when a random number is generated.
If two consecutive random numbers are different, the test succeeds. Otherwise, the test fails. This test
can also be run when a DSA/RSA asymmetrical key-pair is generated.
To examine whether the cryptography modules operate correctly, you can trigger a self-test on the
cryptographic algorithms. The triggered self-test is the same as the power-up self-test. If the self-test fails,
the device automatically reboots.
To trigger a self-test: