ISC_CDK Class Reference

#include <cdk.h>

---

Detailed Description

Base class for FIPS 140-1 on-demand self-tests, error state tracking, and convenience utilities.

All public symbols are in the 'cdk' namespace, except for a few assembly language functions under Windows.

Functions typically return 0 on success.

Usage flow:
  ISC_CDK()    // instantiate a new ISC_CDK object
  Test_XYZ()   // run a specified level of as many on-demand tests as you require
  SelfTest()   // or run groups of selftests (e.g., test all symetric ciphers)
  isOK()       // or run all self-tests in level 0

Recommendations for strict FIPS 140-1 compliance:
  All methods in this class may be used by a FIPS 140-1 compliant application. 
  There are no restrictions regarding the functions defined in this file.

Notes:

• Level 0 execute only the first of the possible self-tests for each algorithm.
• Level 1 executes all self-tests for each algorithm, including any relevant Monte Carlo tests. For this reason, level 1 tests can take a considerable amount of time to execute.

Primary Self-Test and Inspectors
int	SelfTest (int level=0, char options[]="a")
	Run one or more system self-tests at the specified level.
bool	isOK ()
	Predicate used to test the hard error state and run all self-tests at level 0.
static int	Version ()
	Get the CDK version number.
Public Member Functions
Constructor and Destructor
	ISC_CDK ()
	Constructor.
virtual	~ISC_CDK ()
	Destructor.
On-Demand Self-Tests
All of these functions are called by SelfTest().
int	Test_CRC (int level)
	Run the CRC-32 tests.
int	Test_MD2 (int level)
	Run the MD2 tests.
int	Test_MD5 (int level)
	Run the MD5 tests.
int	Test_SHA1 (int level)
	Run the SHA-1 tests.
int	Test_SHA256 (int level)
	Run the SHA-256 tests.
int	Test_SHA384 (int level)
	Run the SHA-384 tests.
int	Test_SHA512 (int level)
	Run the SHA-512 tests.
int	Test_HMAC (int level)
	Run the HMAC tests.
int	Test_DES (int level)
	Run the DES tests.
int	Test_TDES (int level)
	Run the TDES tests.
int	Test_AES (int level)
	Run the AES tests.
int	Test_AES_Modes (int level)
	Run the AES Modes tests.
int	Test_RC2 (int level)
	Run the RC2 tests.
int	Test_RC4 (int level)
	Run the RC4 tests.
int	Test_EES (int level)
	Run the EES tests.
int	Test_DSA (int level)
	Run the DSA tests.
int	Test_ECDSA (int level)
	Run the ECDSA tests for NIST curves over fields of characteristic p > 2.
int	Test_ECDSA2 (int level)
	Run the ECDSA tests for NIST curves over binary fields (characteristic 2).
int	Test_RSASign (int level)
	Run the RSA signature tests.
int	Test_PRNG (int level)
	Run the pseudorandom number generation tests.
int	Test_PKCS12 (int level)
	Run the PKCS#12 tests.
int	Test_PWD_Generator (int level)
	Test the CDK's FIPS 181 password generator.

---

Member Function Documentation

bool isOK

(

)

[inline]

Predicate used to test the hard error state and run all self-tests at level 0.

Returns:

true (success), if all self-tests execute successfully
false, if any self-test fails or the CDK is already in its hard error state

int SelfTest	(	int	level = 0,
		char	options[] = "a"
	)

Run one or more system self-tests at the specified level.

Parameters:

	level	the run level: 0 or 1
	options	a character string containing a combination of a, c, d, o and r

Returns:

0 (success), if all requested self-tests executed successfully
CDK_ERROR_STATE

Remarks:

The options string may consist of any combination of the following letters:

• a = run all tests.
• c = test symmetric ciphers (AES, DES, TDES, EES, RC2, RC4)
• d = test message digests (CRC, MD2/MD5,SHA1, SHA-256, -384, -512, HMAC-SHA1
• p = test public key algorithms (DSA, RSA, ECDSA)
• r = test PRNG thus "cd" would run both symmetric cipher self-tests and message digest self-test.

Calling SelfTest() with no parameters runs all tests at level 0.

If a self-test fails, the CDK enters its hard error state and throws an assertion. This should cause the calling application to exit.

int Test_AES

(

int

level

)

Run the AES tests.

Parameters:

level

the run level: 0 or 1

Returns:

0 (success)
CDK_ERROR_STATE

int Test_AES_Modes

(

int

level

)

Run the AES Modes tests.

Parameters:

level

the run level: 0 or 1

Returns:

0 (success)
CDK_ERROR_STATE

int Test_CRC

(

int

level

)

Run the CRC-32 tests.

Parameters:

level

the run level: 0 or 1

Returns:

0 (success)
CDK_ERROR_STATE

int Test_DES

(

int

level

)

Run the DES tests.

Parameters:

level

the run level: 0 or 1

Returns:

0 (success)
CDK_ERROR_STATE

int Test_DSA

(

int

level

)

Run the DSA tests.

Parameters:

level

the run level: 0 or 1

Returns:

0 (success)
CDK_ERROR_STATE

int Test_ECDSA

(

int

level

)

Run the ECDSA tests for NIST curves over fields of characteristic p > 2.

Parameters:

level

the run level: 0 or 1

Returns:

0 (success)
CDK_ERROR_STATE

int Test_ECDSA2

(

int

level

)

Run the ECDSA tests for NIST curves over binary fields (characteristic 2).

Parameters:

level

the run level: 0 or 1

Returns:

0 (success)
CDK_ERROR_STATE

int Test_EES

(

int

level

)

Run the EES tests.

Parameters:

level

the run level: 0 or 1

Returns:

0 (success)
CDK_ERROR_STATE

int Test_HMAC

(

int

level

)

Run the HMAC tests.

Parameters:

level

the run level: 0 or 1

Returns:

0 (success)
CDK_ERROR_STATE

int Test_MD2

(

int

level

)

Run the MD2 tests.

Parameters:

level

the run level: 0 or 1

Returns:

0 (success)
CDK_ERROR_STATE

int Test_MD5

(

int

level

)

Run the MD5 tests.

Parameters:

level

the run level: 0 or 1

Returns:

0 (success)
CDK_ERROR_STATE

int Test_PKCS12

(

int

level

)

Run the PKCS#12 tests.

Parameters:

level

the run level: 0 or 1

Returns:

0 (success)
CDK_ERROR_STATE

Remarks:

This function tests the ability of the CDK to properly create keys from passwords as per PKCS#12.

int Test_PRNG

(

int

level

)

Run the pseudorandom number generation tests.

Parameters:

level

the run level: 0 or 1

Returns:

0 (success)
CDK_ERROR_STATE

int Test_PWD_Generator

(

int

level

)

Test the CDK's FIPS 181 password generator.

Parameters:

level

the run level: 0 or 1

Returns:

0 (success)
CDK_ERROR_STATE

int Test_RC2

(

int

level

)

Run the RC2 tests.

Parameters:

level

the run level: 0 or 1

Returns:

0 (success)
CDK_ERROR_STATE

int Test_RC4

(

int

level

)

Run the RC4 tests.

Parameters:

level

the run level: 0 or 1

Returns:

0 (success)
CDK_ERROR_STATE

int Test_RSASign

(

int

level

)

Run the RSA signature tests.

Parameters:

level

the run level: 0 or 1

Returns:

0 (success)
CDK_ERROR_STATE

int Test_SHA1

(

int

level

)

Run the SHA-1 tests.

Parameters:

level

the run level: 0 or 1

Returns:

0 (success)
CDK_ERROR_STATE

int Test_SHA256

(

int

level

)

Run the SHA-256 tests.

Parameters:

level

the run level: 0 or 1

Returns:

0 (success)
CDK_ERROR_STATE

int Test_SHA384

(

int

level

)

Run the SHA-384 tests.

Parameters:

level

the run level: 0 or 1

Returns:

0 (success)
CDK_ERROR_STATE

int Test_SHA512

(

int

level

)

Run the SHA-512 tests.

Parameters:

level

the run level: 0 or 1

Returns:

0 (success)
CDK_ERROR_STATE

int Test_TDES

(

int

level

)

Run the TDES tests.

Parameters:

level

the run level: 0 or 1

Returns:

0 (success)
CDK_ERROR_STATE

static int Version

(

)

[inline, static]

Get the CDK version number.

Returns:

a three digit decimal number that encodes the CDK version number

Remarks:

A return value of, say "701," represents Version 7.0.1.

---

The documentation for this class was generated from the following file:

• cdk.h

---

ISC Cryptographic Development Kit - User's Guide
Questions? E-mail ISC technical support
Copyright© 2002-2006 Information Security Corp. All rights reserved.