Conditional self-tests, Thms listed in, Table 11 – H3C Technologies H3C S6300 Series Switches User Manual

352

Table 11 Power-up self-test list

Type Operations

Cryptographic algorithm
self-test

Tests the following algorithms:

•

DSA (signature and authentication).

•

RSA (signature and authentication).

•

RSA (encryption and decryption).

•

AES.

•

3DES.

•

SHA1.

•

HMAC-SHA1.

•

Random number generator algorithms.

Table 12 Power-up self-test list

Type Operations

KAT

Tests the following algorithms:

•

SHA1, SHA224, SHA256, SHA384, and SHA512.

•

HMAC-SHA1, HMAC-SHA224, HMAC-SHA256, HMAC-SHA384, and

HMAC-SHA512.

•

AES.

•

RSA (signature and authentication).

•

DRBG.

PWCT

Tests the following algorithms:

•

RSA (signature and authentication).

•

RSA (encryption and decryption).

•

DSA (signature and authentication).

•

ECDSA (signature and authentication).

Conditional self-tests

A conditional self-test runs when an asymmetrical cryptographic module or a random number generator

module is invoked. Conditional self-tests include the following types:

•

Pairwise conditional test (PWCT)

{

Signature and authentication test—The test is run when a DSA or RSA asymmetrical key pair is
generated. It uses the private key to sign the specific data, and it then uses the public key to

authenticate the signed data. If the authentication is successful, the test succeeds.

{

Encryption and decryption test—The test is run when an RSA asymmetrical key pair is

generated. It uses the public key to encrypt a plain text, and it then uses the private key to
decrypt the encrypted text. If the decryption is successful, the test succeeds.

•

Continuous random number generator test—This test is run when a random number is generated.
If two consecutive random numbers are different, the test succeeds. Otherwise, the test fails. This test

can also be run when a DSA/RSA asymmetrical key-pair is generated.