User guide
Aruba Networks Security Target
Page 37 of 67
64 The memory buffers used in packet processing are sanitized subsequent to each
packet being processed. Buffers are made logically unavailable by overwriting the
buffer headers with zeroes.
6.1.6 Self Test
Related SFRs: FPT_TST_EXT.1
65 The TOE performs both power-up and conditional self-tests to verify correct and
secure operation. In the event that any self-test fails, the TOE will enter an error
state, log the error, and reboot automatically. Failure of self-tests requires return to
manufacturer. Relevant log messages are identified in the following supplements:
a) Aruba 3000, 6000/M3 and Dell W-3000, W-6000M3 Controllers with ArubaOS
FIPS Firmware Non-Proprietary Security Policy FIPS 140-2 Level 2 Release
Supplement. Ref 0510541-16.
b) Aruba 620, 650 and Dell W- 620, W-650 Controllers with ArubaOS FIPS
Firmware Non-Proprietary Security Policy FIPS 140-2 Level 2 Release
Supplement. Ref 0510888-02.
66 The following test are performed:
a) ArubaOS OpenSSL Module:
i) AES Known Answer Tests (KAT)
ii) Triple-DES KAT
iii) RNG KAT
iv) RSA KAT
v) ECDSA (sign/verify)
vi) SHA (SHA1, SHA256 and SHA384) KAT
vii) HMAC (HMAC-SHA1, HMAC-SHA256 and HMAC-SHA384) KAT
b) ArubaOS Cryptographic Module
i) AES KAT
ii) Triple-DES KAT
iii) SHA (SHA1, SHA256, SHA384 and SHA512) KAT
iv) HMAC (HMAC-SHA1, HMAC-SHA256, HMAC-SHA384 and HMAC-
SHA512) KAT
v) RSA (sign/verify)
vi) ECDSA (sign/verify)
vii) FIPS 186-2 RNG KAT
c) ArubaOS Uboot BootLoader Module
i) Firmware Integrity Test: RSA 2048-bit Signature Validation
d) Aruba Hardware Known Answer Tests:
i) AES KAT
ii) AES-CCM KAT
iii) AES-GCM KAT
iv) Triple DES KAT