User guide

ManualsBrandsAruba ManualsComputer equipment620

Aruba Networks Security Target

Page 38 of 67

v) HMAC (HMAC-SHA1, HMAC-SHA256, HMAC-SHA384 and HMAC-

SHA512) KAT

67 The following Conditional Self-tests are performed by the TOE:

a) Continuous Random Number Generator Test. This test is run upon

generation of random data by the switch’s random number generators to

detect failure to a constant value. The module stores the first random number

for subsequent comparison, and the module compares the value of the new

random number with the random number generated in the previous round and

enters an error state if the comparison is successful.

b) Bypass test. Ensures that the system has not been placed into a mode of

operation where cryptographic operations have been bypassed, without the

explicit configuration of the cryptographic officer. To conduct the test, a SHA1

hash of the configuration file is calculated and compared to the last known

good hash of the configuration file. If the hashes match, the test is passed.

Otherwise, the test fails (indicating possible tampering with the configuration

file) and the system is halted.

c) RSA Pairwise Consistency test. When the TOE generates a public and

private key pair, it carries out pair-wise consistency tests for both encryption

and digital signing. The test involves encrypting a randomly-generated

message with the public key. If the output is equal to the input message, the

test fails. The encrypted message is then decrypted using the private key and

if the output is not equal to the original message, the test fails. The same

random message is then signed using the private key and then verified with

the public key. If the verification fails, the test fails.

d) ECDSA Pairwise Consistency test. See above RSA pairwise consistency

test description.

e) Firmware Load Test. This test is identical to the Uboot BootLoader Module

Firmware Integrity Test, except that it is performed at the time a new software

image is loaded onto the system. Instead of being performed by the

BootLoader, the test is performed by the ArubaOS operating system. If the

test fails, the newly loaded software image will not be copied into the image

partition, and instead will be deleted. Refer to section 6.1.2.

68 Known-answer tests (KAT) involve operating the cryptographic algorithm on data for

which the correct output is already known and comparing the calculated output with

the previously generated output (the known answer). If the calculated output does

not equal the known answer, the known-answer test shall fail.

69 The above tests are sufficient to demonstrate that the TSF is operating correctly by

verifying the integrity of the TSF and the correct operation of cryptographic

components.

6.2 Cryptography

70 This section incorporates additional detail regarding cryptography required by the

NDPP.

71 The TOE uses cryptographic functions provided by FIPS 140-2 validated modules:

 CMVP Certificate #1727

 CMVP Certificate #1865

 FIPS Algorithm certificates issued: AES #2689, #2680, #2677.

Triple-DES #1607, #1605. RSA #1380, #1379, #1376. ECSDA