FIPS Design Assurance: Difference between revisions

Jump to navigation Jump to search

FIPS Design Assurance (view source)

Revision as of 02:23, 12 May 2006

516 bytes removed ,  12 May 2006
m
→‎Installation
Line 5: Line 5:


===Installation===
===Installation===
NSS releases are available from mozilla.org's FTP site as compressed (zipped) tar files. The file is expanded into a file system subtree in a location that is suitably secured using the capabilities of the local operating system. Once the subtree has been expanded the two shared libraries that compose the FIPS cryptographic module can be checked for validity. Signed SHA-1 hashes of these files are contained in parallel files with the suffix ''.chk''. For example, for libfreebl3.so there will be libfreebl3.chk. To assure the validity of the libraries the crypto officer should verify must recompute the hash and check the signature. This can be accomplished with the following NSS utility.
NSS releases are available from mozilla.org's FTP site as compressed (zipped) tar files. The file is expanded into a file system subtree in a location that is suitably secured using the capabilities of the local operating system.
 
'''signver -V -s <libfile>.<ext> <libfile>.chk'''


Typically, at this point, an application is configured to use NSS libraries from this subtree. Such configuration is not specified here but consists of the following steps which can also be performed with NSS command line utilities.
Typically, at this point, an application is configured to use NSS libraries from this subtree. Such configuration is not specified here but consists of the following steps which can also be performed with NSS command line utilities.
Neil.williams
198

edits

Retrieved from "https://dev.wikimo.nonprod.webservices.mozgcp.net/Special:MobileDiff/25795"

Navigation menu