FIPS セルフテストについて
暗号化モジュールは、セキュリティルールを適用して、FIPSモード動作でジュニパーネットワークスJunosオペレーティングシステム(Junos OS)を実行しているデバイスがFIPS 140-3レベル 2のセキュリティ要件を満たしていることを確認します。FIPS 用に承認された暗号アルゴリズムの出力を検証し、一部のシステム モジュールの整合性をテストするために、デバイスは次の一連の既知の回答テスト(KAT)セルフテストを実行します。
-
kernel_kats—カーネル暗号化ルーチンの KAT -
md_kats- libmd および libc の KAT -
openssl_kats- OpenSSL 暗号化実装用の KAT -
openssl-102_kats—OpenSSL v1.0.2 暗号化実装用の KAT -
quicksec_7_0_kats—KAT (Quicksec_7_0Toolkit暗号化の実装用) -
octcrypto_kats—オクテオンのKAT
-
srxpfe_kats—SRXパケット転送エンジンのKAT
KAT セルフテストは、デバイスで FIPS モードの動作が有効になっている場合、起動時と再起動時に自動的に実行されます。条件付きセルフテストも自動的に実行され、デジタル署名されたソフトウェアパッケージ、生成された乱数、RSAとECDSAのキーペア、および手動で入力されたキーを検証します。
KATが正常に完了すると、システムログ(syslog)ファイルが更新され、実行されたテストが表示されます。
デバイスが KAT に障害が発生した場合、デバイスは詳細をシステム ログ ファイルに書き込み、FIPS エラー状態(パニック)に入り、再起動します。
file show /var/log/messagesコマンドは、システムログを表示します。
再起動が完了したら、通常の操作を続行します。エラーが発生した場合は、ジュニパーネットワークス技術支援センター(JTAC)にお問い合わせください。
FIPS セルフテストを設定するには、管理者権限が必要です。デバイスは、FIPSモードソフトウェアで評価版のJunos OSを実行している必要があります。
この例では、FIPS セルフテストは毎週水曜日のニューヨーク市の午前 9:00 に実行されます。
メモ:週単位のテストの代わりに、月と日のステートメントを含めることで、月次テストを構成できます。
デバイスでの電源投入時自己診断テストの実行
暗号モジュールの電源がオンになるたびに、モジュールは暗号アルゴリズムがまだ正しく動作すること、および機密データが損傷していないことをテストします。パワーオン自己診断テストは、モジュールの電源を入れ直すことにより、オンデマンドで実行されます。デバイスの電源投入時またはリセット時に、モジュールは以下のセルフテストを実行します。モジュールによる暗号化の他の使用の前に、すべてのKATが正常に完了する必要があります。KAT の 1 つが失敗した場合、モジュールは重大障害エラー状態になります。このモジュールは、電源投入時の自己診断テストの実行中に、SRX5400およびSRX5800デバイスに対して以下のステータス出力を表示します。Initializing Verified Exec:
random: randomdev_wait_until_seeded unblock wait
uhub1: 2 ports with 2 removable, self powered
uhub0: 2 ports with 2 removable, self powered
ugen1.2: <vendor 0x8087 product 0x8002> at usbus1
uhub2 on uhub0
uhub2: <vendor 0x8087 product 0x8002, class 9/0, rev 2.00/0.05, addr 2> on usbus1
uhub2: 8 ports with 8 removable, self powered
random: Entropy start-up health tests performed on 1024 samples passed.
random: unblocking device.
FIPS veriexec ECDSA Verify Known Answer Test: Passed
Verified os-kernel-prd-x86-64-20220607 signed by PackageProductionECP256_2022 method ECDSA256+SHA256
Enforcing Verified Exec:
Verified os-libs-12-x86-64-20220607 signed by PackageProductionECP256_2022 method ECDSA256+SHA256
Mounting os-libs-12-x86-64-20220607.2c547a1_builder_stable_12_222
Verified os-runtime-x86-64-20220607 signed by PackageProductionECP256_2022 method ECDSA256+SHA256
Mounting os-runtime-x86-64-20220607.2c547a1_builder_stable_12_222
** /dev/gpt/config
** Last Mounted on /.mount/config
** Phase 1 - Check Blocks and Sizes
** Phase 2 - Check Pathnames
** Phase 3 - Check Connectivity
** Phase 4 - Check Reference Counts
** Phase 5 - Check Cyl groups
31 files, 30 used, 406089 free (9 frags, 50760 blocks, 0.0% fragmentation)
***** FILE SYSTEM IS CLEAN *****
** /dev/gpt/var
** Last Mounted on /.mount/var
** Phase 1 - Check Blocks and Sizes
** Phase 2 - Check Pathnames
** Phase 3 - Check Connectivity
** Phase 4 - Check Reference Counts
** Phase 5 - Check Cyl groups
942 files, 1550816 used, 2103356 free (636 frags, 262840 blocks, 0.0% fragmentation)
***** FILE SYSTEM IS CLEAN *****
@ 1665143338 [2022-10-07 11:48:58 UTC] verify pending ...
Verified fips-mode-x86-64-20220617 signed by PackageProductionECP256_2022 method ECDSA256+SHA256
Verified jdocs-x86-32-20220617 signed by PackageProductionECP256_2022 method ECDSA256+SHA256
Verified dsa-x86-64-22.9 signed by PackageProductionECP256_2022 method ECDSA256+SHA256
Verified jinsight-x86-32-22.9 signed by PackageProductionECP256_2022 method ECDSA256+SHA256
Verified jmrt-base-x86-64-20220617 signed by PackageProductionECP256_2022 method ECDSA256+SHA256
Verified jphone-home-x86-32-20220617 signed by PackageProductionECP256_2022 method ECDSA256+SHA256
Verified jsd-x86-32-22.9-jet-1 signed by PackageProductionECP256_2022 method ECDSA256+SHA256
Verified junos-daemons-srx-x86-64-20220617 signed by PackageProductionECP256_2022 method ECDSA256+SHA256
Verified junos-daemons-x86-64-20220617 signed by PackageProductionECP256_2022 method ECDSA256+SHA256
Verified junos-dp-crypto-support-srx-x86-32-20220617 signed by PackageProductionECP256_2022 method ECDSA256+SHA256
Verified junos-l2-rsi-20220617 signed by PackageProductionECP256_2022 method ECDSA256+SHA256
Verified junos-libs-compat32-srx-x86-64-20220617 signed by PackageProductionECP256_2022 method ECDSA256+SHA256
Verified junos-libs-compat32-x86-64-20220617 signed by PackageProductionECP256_2022 method ECDSA256+SHA256
Verified junos-libs-srx-x86-64-20220617 signed by PackageProductionECP256_2022 method ECDSA256+SHA256
Verified junos-libs-srxtvp-x86-64-20220617 signed by PackageProductionECP256_2022 method ECDSA256+SHA256
Verified junos-libs-x86-64-20220617 signed by PackageProductionECP256_2022 method ECDSA256+SHA256
Verified junos-modules-x86-64-20220617 signed by PackageProductionECP256_2022 method ECDSA256+SHA256
Verified junos-net-mtx-prd-x86-64-20220617 signed by PackageProductionECP256_2022 method ECDSA256+SHA256
Verified junos-openconfig-x86-32-22.9 signed by PackageProductionECP256_2022 method ECDSA256+SHA256
Verified junos-platform-srx-x86-32-20220617 signed by PackageProductionECP256_2022 method ECDSA256+SHA256
Verified junos-platform-x86-32-20220617 signed by PackageProductionECP256_2022 method ECDSA256+SHA256
Verified junos-pppoe-x86-32-20220617 signed by PackageProductionECP256_2022 method ECDSA256+SHA256
Verified junos-probe-x86-64-20220617 signed by PackageProductionECP256_2022 method ECDSA256+SHA256
Verified junos-redis-x86-32-20220617 signed by PackageProductionECP256_2022 method ECDSA256+SHA256
Verified junos-routing-aggregated-x86-64-20220617 signed by PackageProductionECP256_2022 method ECDSA256+SHA256
Verified junos-routing-compat32-x86-64-20220617 signed by PackageProductionECP256_2022 method ECDSA256+SHA256
Verified junos-routing-controller-external-x86-64-20220617 signed by PackageProductionECP256_2022 method ECDSA256+SHA256
Verified junos-routing-mpls-oam-basic-x86-64-20220617 signed by PackageProductionECP256_2022 method ECDSA256+SHA256
Verified junos-routing-lsys-x86-64-20220617 signed by PackageProductionECP256_2022 method ECDSA256+SHA256
Verified junos-runtime-srx-x86-32-20220617 signed by PackageProductionECP256_2022 method ECDSA256+SHA256
Verified junos-runtime-srxtvp-x86-32-20220617 signed by PackageProductionECP256_2022 method ECDSA256+SHA256
Verified junos-runtime-x86-32-20220617 signed by PackageProductionECP256_2022 method ECDSA256+SHA256
Verified junos-net-prd-x86-64-20220617 signed by PackageProductionECP256_2022 method ECDSA256+SHA256
Verified na-telemetry-x86-32-22.9 signed by PackageProductionECP256_2022 method ECDSA256+SHA256
Verified jweb-srxtvp-x86-32-20220617 signed by PackageProductionECP256_2022 method ECDSA256+SHA256
Verified os-kernel-prd-x86-64-20220607 signed by PackageProductionECP256_2022 method ECDSA256+SHA256
Verified os-compat32-x86-64-20220607 signed by PackageProductionECP256_2022 method ECDSA256+SHA256
Verified os-crypto-x86-64-20220607 signed by PackageProductionECP256_2022 method ECDSA256+SHA256
Verified os-boot-junos-ve-x86-64-20220607 signed by PackageProductionECP256_2022 method ECDSA256+SHA256
Verified os-libs-12-x86-64-20220607 signed by PackageProductionECP256_2022 method ECDSA256+SHA256
Verified os-runtime-x86-64-20220607 signed by PackageProductionECP256_2022 method ECDSA256+SHA256
Verified os-libs-compat32-12-x86-64-20220607 signed by PackageProductionECP256_2022 method ECDSA256+SHA256
Verified os-vmguest-x86-64-20220607 signed by PackageProductionECP256_2022 method ECDSA256+SHA256
Verified py-base-x86-32-20220617 signed by PackageProductionECP256_2022 method ECDSA256+SHA256
Verified py-extensions-x86-32-20220617 signed by PackageProductionECP256_2022 method ECDSA256+SHA256
Verified os-zoneinfo-20220607 signed by PackageProductionECP256_2022 method ECDSA256+SHA256
@ 1665143338 [2022-10-07 11:48:58 UTC] verify done
@ 1665143338 [2022-10-07 11:48:58 UTC] activating
Verified jail-runtime signed by PackageProductionECP256_2022 method ECDSA256+SHA256
kern.activate_pending_set: 0 -> 1
NOTE: 'pending' set now 'active'
@ 1665143340 [2022-10-07 11:49:00 UTC] mount start
@ 1665143340 [2022-10-07 11:49:00 UTC] junos 22.2R1.9
Mounting os-zoneinfo-20220607.2c547a1_builder_stable_12_222
Mounting os-libs-compat32-12-x86-64-20220607.2c547a1_builder_stable_12_222
Mounting os-compat32-x86-64-20220607.2c547a1_builder_stable_12_222
Mounting py-extensions-x86-32-20220617.153850_builder_junos_222_r1
Mounting py-base-x86-32-20220617.153850_builder_junos_222_r1
Mounting os-vmguest-x86-64-20220607.2c547a1_builder_stable_12_222
Mounting os-crypto-x86-64-20220607.2c547a1_builder_stable_12_222
Mounting junos-net-prd-x86-64-20220617.153850_builder_junos_222_r1
Mounting junos-libs-x86-64-20220617.153850_builder_junos_222_r1
Mounting junos-libs-compat32-x86-64-20220617.153850_builder_junos_222_r1
Mounting junos-runtime-x86-32-20220617.153850_builder_junos_222_r1
Starting watchdog daemon ...
Mounting na-telemetry-x86-32-22.2R1.9
Mounting junos-libs-compat32-srx-x86-64-20220617.153850_builder_junos_222_r1
Mounting junos-runtime-srx-x86-32-20220617.153850_builder_junos_222_r1
Mounting junos-platform-srx-x86-32-20220617.153850_builder_junos_222_r1
Mounting junos-platform-x86-32-20220617.153850_builder_junos_222_r1
Mounting junos-runtime-srxtvp-x86-32-20220617.153850_builder_junos_222_r1
Mounting junos-routing-mpls-oam-basic-x86-64-20220617.153850_builder_junos_222_r1
Mounting junos-routing-lsys-x86-64-20220617.153850_builder_junos_222_r1
Mounting junos-routing-controller-external-x86-64-20220617.153850_builder_junos_222_r1
Mounting junos-routing-compat32-x86-64-20220617.153850_builder_junos_222_r1
Mounting junos-routing-aggregated-x86-64-20220617.153850_builder_junos_222_r1
Mounting junos-redis-x86-32-20220617.153850_builder_junos_222_r1
Mounting junos-probe-x86-64-20220617.153850_builder_junos_222_r1
Mounting junos-pppoe-x86-32-20220617.153850_builder_junos_222_r1
Mounting junos-openconfig-x86-32-22.2R1.9
Mounting junos-modules-x86-64-20220617.153850_builder_junos_222_r1
Mounting junos-libs-srxtvp-x86-64-20220617.153850_builder_junos_222_r1
Mounting junos-libs-srx-x86-64-20220617.153850_builder_junos_222_r1
Mounting junos-l2-rsi-20220617.153850_builder_junos_222_r1
Mounting junos-dp-crypto-support-srx-x86-32-20220617.153850_builder_junos_222_r1
Mounting junos-daemons-x86-64-20220617.153850_builder_junos_222_r1
Mounting junos-daemons-srx-x86-64-20220617.153850_builder_junos_222_r1
Mounting jsd-x86-32-22.2R1.9-jet-1
Mounting jphone-home-x86-32-20220617.153850_builder_junos_222_r1
Mounting jmrt-base-x86-64-20220617.153850_builder_junos_222_r1
Mounting jinsight-x86-32-22.2R1.9
Mounting jdocs-x86-32-20220617.153850_builder_junos_222_r1
Mounting fips-mode-x86-64-20220617.153850_builder_junos_222_r1
Mounting dsa-x86-64-22.2R1.9
@ 1665143423 [2022-10-07 11:50:23 UTC] mount done
grep: /var/etc/jlaunchd.inc: No such file or directory
grep: /var/etc/jlaunchd.inc: No such file or directory
grep: /var/etc/jlaunchd.inc: No such file or directory
grep: /var/etc/jlaunchd.inc: No such file or directory
Removing /etc/malloc.conf
Detected data disk
Initialize /var subdirs...
Mounting shared partition /var/host ..
Detected swap drive
Enable swap
*** Creating PVIDb..\n
1371+0 records in
1371+0 records out
712920 bytes transferred in 0.010728 secs (66451475 bytes/sec)
Copied libschema-filter-dd.tlv to /opt/lib/dd/filter\n
Executing the Junos host files signature script
Verified manifest signed by PackageDevelopmentECP256_2022 method ECDSA256+SHA256
mkdir: /mfs/var/run: File exists
*** Mounting Host disks ...
Verified fips-optest-x86-32-22.2R1 signed by PackageProductionECP256_2022 method ECDSA256+SHA256
/usr/sbin/pkg: package fips-mode-x86-64-20220617.153850_builder_junos_222_r1 is already installed
@ 1665143426 [2022-10-07 11:50:26 UTC] vmguest: setup ...
@ 1665143426 [2022-10-07 11:50:26 UTC] vmguest: mounted /dev/vtbd2
@ 1665143426 [2022-10-07 11:50:26 UTC] vmguest: no config found:
total 0
usage: umount [-fNnv] special ... | node ... | fsid ...
umount -a | -A [-F fstab] [-fnv] [-h host] [-t type]
Cannot find: jsim-pfe
usage: /usr/sbin/pkg add <pkg> ...
where <pkg> is a compressed tar file
/usr/sbin/pkg: package fips-mode-x86-64-20220617.153850_builder_junos_222_r1 is already installed
Checking platform support for: srxtvp
Attempting to add missing junos-modules-srxtvp
Verified junos-modules-srxtvp signed by PackageProductionECP256_2022 method ECDSA256+SHA256
Verified contents/contents.izo
Verified contents/contents.symlinks
Verified package.xml
Adding junos-modules-srxtvp-x86-64-20220617.153850_builder_junos_222_r1 ...
The package junos-modules-srxtvp-x86-64-20220617.153850_builder_junos_222_r1 is now active
Attempting to add missing junos-appsecure-tvp
Verified junos-appsecure-tvp signed by PackageProductionECP256_2022 method ECDSA256+SHA256
Verified contents/contents.izo
Verified contents/contents.symlinks
Verified package.xml
Adding junos-appsecure-tvp-x86-32-20220617.153850_builder_junos_222_r1 ...
The package junos-appsecure-tvp-x86-32-20220617.153850_builder_junos_222_r1 is now active
Mounting junos-modules-srxtvp-x86-64-20220617.153850_builder_junos_222_r1
Mounting junos-appsecure-tvp-x86-32-20220617.153850_builder_junos_222_r1
@ 1665143430 [2022-10-07 11:50:30 UTC] mountlate start
Mounting jweb-srxtvp-x86-32-20220617.153850_builder_junos_222_r1
Setup /packages/mnt/jweb-srxtvp-1860cb5b/jail/var/cache dir only for srxtvp
mount_nullfs: /web-api: No such file or directory
@ 1665143435 [2022-10-07 11:50:35 UTC] mountlate done
kern.module_path: /packages/sets/pending/boot/os-vmguest/;/packages/sets/pending/boot/netstack/;/packages/sets/pending/boot/os-crypto/;/packages/sets/pending/boot/os-kernel/;/packages/sets/pending/boot/junos-net-platform/;/packages/sets/pending/boot/junos-modules/ -> /modules;/modules/ifpfe_drv;/modules/ifpfe_media;/modules/peertype;/modules/platform
Loading JUNOS chassis module
chassis_init_hw_chassis_startup_time: chassis startup time 0.000000, shared: 0x7ffffffff300, base: 0x7ffffffff000, offset: 0x300
IPsec: Initialized Security Association Processing.
Loading the SLB driver
Loading the Protobuf-C module
hgcommdev0: <HGCOMMDEV For Host VM communication> mem 0xfebf3000-0xfebf3fff at device 22.0 on pci0
hgcommdev0: hgcommdev: registers at 0xfffff800febf3000
pci-hgcomdev module loaded bcmsdk_5_9_x kld
Loading BCMSDK module.....
Junosprocfs mounted on /junosproc.
VirtIO PCI 9P Transport adapter is not present
VirtIO PCI 9P Transport adapter is not present
@ 1665143437 [2022-10-07 11:50:37 UTC] mgd start
Creating initial configuration: ...
mgd: Running FIPS Self-tests
mgd: Testing kernel KATS:
mgd: NIST 800-90 HMAC DRBG Known Answer Test: Passed
mgd: DES3-CBC Known Answer Test: Passed
mgd: HMAC-SHA1 Known Answer Test: Passed
mgd: HMAC-SHA2-256 Known Answer Test: Passed
mgd: SHA-2-384 Known Answer Test: Passed
mgd: SHA-2-512 Known Answer Test: Passed
mgd: AES128-CMAC Known Answer Test: Passed
mgd: AES-CBC Known Answer Test: Passed
mgd: Testing MACSec KATS:
mgd: AES128-CMAC Known Answer Test: Passed
mgd: AES256-CMAC Known Answer Test: Passed
mgd: AES-ECB Known Answer Test: Passed
mgd: AES-KEYWRAP Known Answer Test: Passed
mgd: KBKDF Known Answer Test: Passed
mgd: Testing libmd KATS:
mgd: HMAC-SHA1 Known Answer Test: Passed
mgd: HMAC-SHA2-256 Known Answer Test: Passed
mgd: SHA-2-512 Known Answer Test: Passed
mgd: Testing OpenSSL v1.0.2 KATS:
mgd: NIST 800-90 HMAC DRBG Known Answer Test: Passed
mgd: FIPS ECDSA Known Answer Test: Passed
mgd: FIPS ECDH Known Answer Test: Passed
mgd: FIPS RSA Known Answer Test: Passed
mgd: DES3-CBC Known Answer Test: Passed
mgd: HMAC-SHA1 Known Answer Test: Passed
mgd: HMAC-SHA2-224 Known Answer Test: Passed
mgd: HMAC-SHA2-256 Known Answer Test: Passed
mgd: HMAC-SHA2-384 Known Answer Test: Passed
mgd: HMAC-SHA2-512 Known Answer Test: Passed
mgd: AES-CBC Known Answer Test: Passed
mgd: AES-GCM Known Answer Test: Passed
mgd: ECDSA-SIGN Known Answer Test: Passed
mgd: KDF-IKE-V1 Known Answer Test: Passed
mgd: KDF-SSH-SHA256 Known Answer Test: Passed
mgd: KAS-ECC-EPHEM-UNIFIED-NOKC Known Answer Test: Passed
mgd: KAS-FFC-EPHEM-NOKC Known Answer Test: Passed
mgd: Testing OpenSSL KATS:
mgd: NIST 800-90 HMAC DRBG Known Answer Test: Passed
mgd: FIPS ECDSA Known Answer Test: Passed
mgd: FIPS ECDH Known Answer Test: Passed
mgd: FIPS RSA Known Answer Test: Passed
mgd: DES3-CBC Known Answer Test: Passed
mgd: HMAC-SHA1 Known Answer Test: Passed
mgd: HMAC-SHA2-224 Known Answer Test: Passed
mgd: HMAC-SHA2-256 Known Answer Test: Passed
mgd: HMAC-SHA2-384 Known Answer Test: Passed
mgd: HMAC-SHA2-512 Known Answer Test: Passed
mgd: AES-CBC Known Answer Test: Passed
mgd: AES-GCM Known Answer Test: Passed
mgd: ECDSA-SIGN Known Answer Test: Passed
mgd: KDF-IKE-V1 Known Answer Test: Passed
mgd: KDF-SSH-SHA256 Known Answer Test: Passed
mgd: KAS-ECC-EPHEM-UNIFIED-NOKC Known Answer Test: Passed
mgd: KAS-FFC-EPHEM-NOKC Known Answer Test: Passed
mgd: Testing QuickSec 7.0 KATS:
mgd: NIST 800-90 HMAC DRBG Known Answer Test: Passed
mgd: DES3-CBC Known Answer Test: Passed
mgd: HMAC-SHA1 Known Answer Test: Passed
mgd: HMAC-SHA2-224 Known Answer Test: Passed
mgd: HMAC-SHA2-256 Known Answer Test: Passed
mgd: HMAC-SHA2-384 Known Answer Test: Passed
mgd: HMAC-SHA2-512 Known Answer Test: Passed
mgd: AES-CBC Known Answer Test: Passed
mgd: AES-GCM Known Answer Test: Passed
mgd: SSH-RSA-ENC Known Answer Test: Passed
mgd: SSH-RSA-SIGN Known Answer Test: Passed
mgd: SSH-ECDSA-SIGN Known Answer Test: Passed
mgd: KDF-IKE-V1 Known Answer Test: Passed
mgd: KDF-IKE-V2 Known Answer Test: Passed
mgd: Testing QuickSec KATS:
mgd: NIST 800-90 HMAC DRBG Known Answer Test: Passed
mgd: DES3-CBC Known Answer Test: Passed
mgd: HMAC-SHA1 Known Answer Test: Passed
mgd: HMAC-SHA2-224 Known Answer Test: Passed
mgd: HMAC-SHA2-256 Known Answer Test: Passed
mgd: HMAC-SHA2-384 Known Answer Test: Passed
mgd: HMAC-SHA2-512 Known Answer Test: Passed
mgd: AES-CBC Known Answer Test: Passed
mgd: AES-GCM Known Answer Test: Passed
mgd: SSH-RSA-ENC Known Answer Test: Passed
mgd: SSH-RSA-SIGN Known Answer Test: Passed
mgd: KDF-IKE-V1 Known Answer Test: Passed
mgd: KDF-IKE-V2 Known Answer Test: Passed
mgd: Testing SSH IPsec KATS:
mgd: NIST 800-90 HMAC DRBG Known Answer Test: Passed
mgd: DES3-CBC Known Answer Test: Passed
mgd: HMAC-SHA1 Known Answer Test: Passed
mgd: HMAC-SHA2-256 Known Answer Test: Passed
mgd: AES-CBC Known Answer Test: Passed
mgd: SSH-RSA-ENC Known Answer Test: Passed
mgd: SSH-RSA-SIGN Known Answer Test: Passed
mgd: KDF-IKE-V1 Known Answer Test: Passed
mgd: Testing file integrity:
mgd: File integrity Known Answer Test: Passed
mgd: Testing crypto integrity:
mgd: Crypto integrity Known Answer Test: Passed
mgd: Expect an exec Authentication error...
MAC/veriexec: no fingerprint (file=/sbin/kats/cannot-exec fsid=209 fileid=49356 gen=1 uid=0 pid=24703 ppid=24670 gppid=24666)mgd: /sbin/kats/run-tests: /sbin/kats/cannot-exec: Authentication error
mgd: FIPS Self-tests Passed
Initializing Verified Exec:
random: randomdev_wait_until_seeded unblock wait
uhub0: 21 ports with 21 removable, self powered
random: Entropy start-up health tests performed on 1024 samples passed.
random: unblocking device.
FIPS veriexec ECDSA Verify Known Answer Test: Passed
Verified os-kernel-prd-x86-64-20220607 signed by PackageProductionECP256_2022 method
ECDSA256+SHA256
Enforcing Verified Exec:
Verified os-libs-12-x86-64-20220607 signed by PackageProductionECP256_2022 method ECDSA256+SHA256
Mounting os-libs-12-x86-64-20220607.2c547a1_builder_stable_12_222
Verified os-runtime-x86-64-20220607 signed by PackageProductionECP256_2022 method ECDSA256+SHA256
Mounting os-runtime-x86-64-20220607.2c547a1_builder_stable_12_222
** /dev/gpt/config
FILE SYSTEM CLEAN; SKIPPING CHECKS
clean, 426502 free (6 frags, 53312 blocks, 0.0% fragmentation)
** /dev/gpt/var
FILE SYSTEM CLEAN; SKIPPING CHECKS
clean, 12942661 free (317 frags, 1617793 blocks, 0.0% fragmentation)
@ 1663137800 [2022-09-14 06:43:20 UTC] verify active ...
Verified jail-runtime-x86-32-20220607 signed by PackageProductionECP256_2022 method
ECDSA256+SHA256
Verified fips-optest-x86-32-22.9 signed by PackageProductionECP256_2022 method ECDSA256+SHA256
Verified jdocs-x86-32-20220617 signed by PackageProductionECP256_2022 method ECDSA256+SHA256
Verified dsa-x86-64-22.9 signed by PackageProductionECP256_2022 method ECDSA256+SHA256
Verified fips-mode-x86-64-20220617 signed by PackageProductionECP256_2022 method ECDSA256+SHA256
Verified jinsight-x86-32-22.9 signed by PackageProductionECP256_2022 method ECDSA256+SHA256
Verified jpfe-common-x86-32-20220617 signed by PackageProductionECP256_2022 method
ECDSA256+SHA256
Verified jpfe-X960-x86-32-20220617 signed by PackageProductionECP256_2022 method ECDSA256+SHA256
Verified jpfe-X-x86-32-20220617 signed by PackageProductionECP256_2022 method ECDSA256+SHA256
Verified jmrt-base-x86-64-20220617 signed by PackageProductionECP256_2022 method ECDSA256+SHA256
Verified jfirmware-x86-32-22.8 signed by PackageProductionECP256_2022 method ECDSA256+SHA256
Verified jpfe-spc3-x86-32-20220617 signed by PackageProductionECP256_2022 method ECDSA256+SHA256
Verified jpfe-wrlinuxlts19-x86-32-20220617 signed by PackageProductionECP256_2022 method
ECDSA256+SHA256
Verified jservices-appid-x86-32-20220617 signed by PackageProductionECP256_2022 method
ECDSA256+SHA256
Verified jservices-aacl-x86-32-20220617 signed by PackageProductionECP256_2022 method
ECDSA256+SHA256
Verified jservices-alg-x86-32-20220617 signed by PackageProductionECP256_2022 method
ECDSA256+SHA256
Verified jsd-x86-32-22.9-jet-1 signed by PackageProductionECP256_2022 method ECDSA256+SHA256
Verified jservices-cos-x86-32-20220617 signed by PackageProductionECP256_2022 method
ECDSA256+SHA256
Verified jservices-cpcd-x86-32-20220617 signed by PackageProductionECP256_2022 method
ECDSA256+SHA256
Verified jservices-crypto-base-x86-32-20220617 signed by PackageProductionECP256_2022 method
ECDSA256+SHA256
Verified jservices-hcm-x86-32-20220617 signed by PackageProductionECP256_2022 method
ECDSA256+SHA256
Verified jservices-idp-x86-32-20220617 signed by PackageProductionECP256_2022 method
ECDSA256+SHA256
Verified jservices-dnsf-x86-32-20220617 signed by PackageProductionECP256_2022 method
ECDSA256+SHA256
Verified jservices-ids-x86-32-20220617 signed by PackageProductionECP256_2022 method
ECDSA256+SHA256
Verified jservices-ipsec-x86-32-20220617 signed by PackageProductionECP256_2022 method
ECDSA256+SHA256
Verified jservices-jflow-x86-32-20220617 signed by PackageProductionECP256_2022 method
ECDSA256+SHA256
Verified jservices-llpdf-x86-32-20220617 signed by PackageProductionECP256_2022 method
ECDSA256+SHA256
Verified jservices-lrf-x86-32-20220617 signed by PackageProductionECP256_2022 method
ECDSA256+SHA256
Verified jservices-jdpi-x86-32-20220617 signed by PackageProductionECP256_2022 method
ECDSA256+SHA256
Verified jservices-mobile-x86-32-20220617 signed by PackageProductionECP256_2022 method
ECDSA256+SHA256
Verified jservices-mss-x86-32-20220617 signed by PackageProductionECP256_2022 method
ECDSA256+SHA256
Verified jservices-nat-x86-32-20220617 signed by PackageProductionECP256_2022 method
ECDSA256+SHA256
Verified jservices-pcef-x86-32-20220617 signed by PackageProductionECP256_2022 method
ECDSA256+SHA256
Verified jservices-rpm-x86-32-20220617 signed by PackageProductionECP256_2022 method
ECDSA256+SHA256
Verified jservices-rtcom-x86-32-20220617 signed by PackageProductionECP256_2022 method
ECDSA256+SHA256
Verified jservices-sfw-x86-32-20220617 signed by PackageProductionECP256_2022 method
ECDSA256+SHA256
Verified jservices-softwire-x86-32-20220617 signed by PackageProductionECP256_2022 method
ECDSA256+SHA256
Verified jservices-tcp-log-x86-32-20220617 signed by PackageProductionECP256_2022 method
ECDSA256+SHA256
Verified jservices-telemetry-x86-32-20220617 signed by PackageProductionECP256_2022 method
ECDSA256+SHA256
Verified jservices-traffic-dird-x86-32-20220617 signed by PackageProductionECP256_2022 method
ECDSA256+SHA256
Verified jservices-ssl-x86-32-20220617 signed by PackageProductionECP256_2022 method
ECDSA256+SHA256
Verified junos-daemons-srx-x86-64-20220617 signed by PackageProductionECP256_2022 method
ECDSA256+SHA256
Verified jservices-urlf-x86-32-20220617 signed by PackageProductionECP256_2022 method
ECDSA256+SHA256
Verified junos-daemons-x86-64-20220617 signed by PackageProductionECP256_2022 method
ECDSA256+SHA256
Verified junos-dp-crypto-support-srx-x86-32-20220617 signed by PackageProductionECP256_2022
method ECDSA256+SHA256
Verified junos-appsecure-he-x86-32-20220617 signed by PackageProductionECP256_2022 method
ECDSA256+SHA256
Verified junos-ike-x86-32-20220617 signed by PackageProductionECP256_2022 method ECDSA256+SHA256
Verified junos-l2-rsi-20220617 signed by PackageProductionECP256_2022 method ECDSA256+SHA256
Verified junos-libs-compat32-srx-x86-64-20220617 signed by PackageProductionECP256_2022 method
ECDSA256+SHA256
Verified junos-libs-srx-x86-64-20220617 signed by PackageProductionECP256_2022 method
ECDSA256+SHA256
Verified junos-modules-srx-x86-64-20220617 signed by PackageProductionECP256_2022 method
ECDSA256+SHA256
Verified junos-libs-compat32-x86-64-20220617 signed by PackageProductionECP256_2022 method
ECDSA256+SHA256
Verified junos-libs-x86-64-20220617 signed by PackageProductionECP256_2022 method ECDSA256+SHA256
Verified junos-modules-x86-64-20220617 signed by PackageProductionECP256_2022 method
ECDSA256+SHA256
Verified junos-probe-x86-64-20220617 signed by PackageProductionECP256_2022 method
ECDSA256+SHA256
Verified junos-net-mtx-prd-x86-64-20220617 signed by PackageProductionECP256_2022 method
ECDSA256+SHA256
Verified junos-platform-srx-x86-32-20220617 signed by PackageProductionECP256_2022 method
ECDSA256+SHA256
Verified junos-openconfig-x86-32-22.9 signed by PackageProductionECP256_2022 method
ECDSA256+SHA256
Verified junos-platform-x86-32-20220617 signed by PackageProductionECP256_2022 method
ECDSA256+SHA256
Verified junos-routing-compat32-x86-64-20220617 signed by PackageProductionECP256_2022 method
ECDSA256+SHA256
Verified junos-redis-x86-32-20220617 signed by PackageProductionECP256_2022 method
ECDSA256+SHA256
Verified junos-routing-aggregated-x86-64-20220617 signed by PackageProductionECP256_2022 method
ECDSA256+SHA256
Verified junos-routing-lsys-x86-64-20220617 signed by PackageProductionECP256_2022 method
ECDSA256+SHA256
Verified junos-runtime-srx-x86-32-20220617 signed by PackageProductionECP256_2022 method
ECDSA256+SHA256
Verified junos-routing-mpls-oam-basic-x86-64-20220617 signed by PackageProductionECP256_2022
method ECDSA256+SHA256
Verified junos-runtime-x86-32-20220617 signed by PackageProductionECP256_2022 method
ECDSA256+SHA256
Verified na-telemetry-x86-32-22.9 signed by PackageProductionECP256_2022 method ECDSA256+SHA256
Verified jweb-srx-x86-32-20220617 signed by PackageProductionECP256_2022 method ECDSA256+SHA256
Verified junos-net-prd-x86-64-20220617 signed by PackageProductionECP256_2022 method
ECDSA256+SHA256
Verified os-boot-junos-ve-x86-64-20220607 signed by PackageProductionECP256_2022 method
ECDSA256+SHA256
Verified os-compat32-x86-64-20220607 signed by PackageProductionECP256_2022 method
ECDSA256+SHA256
Verified os-libs-12-x86-64-20220607 signed by PackageProductionECP256_2022 method ECDSA256+SHA256
Verified os-kernel-prd-x86-64-20220607 signed by PackageProductionECP256_2022 method
ECDSA256+SHA256
Verified os-crypto-x86-64-20220607 signed by PackageProductionECP256_2022 method ECDSA256+SHA256
Verified os-runtime-x86-64-20220607 signed by PackageProductionECP256_2022 method ECDSA256+SHA256
Verified os-vmguest-x86-64-20220607 signed by PackageProductionECP256_2022 method ECDSA256+SHA256
Verified os-libs-compat32-12-x86-64-20220607 signed by PackageProductionECP256_2022 method
ECDSA256+SHA256
Verified py-base-x86-32-20220617 signed by PackageProductionECP256_2022 method ECDSA256+SHA256
Verified py-extensions-x86-32-20220617 signed by PackageProductionECP256_2022 method
ECDSA256+SHA256
Verified junos-vmguest-mtx-x86-64-20220617 signed by PackageProductionECP256_2022 method
ECDSA256+SHA256
Verified os-zoneinfo-20220607 signed by PackageProductionECP256_2022 method ECDSA256+SHA256
@ 1663137801 [2022-09-14 06:43:21 UTC] verify done
@ 1663137801 [2022-09-14 06:43:21 UTC] mount start
@ 1663137801 [2022-09-14 06:43:21 UTC] junos 22.2R1.9
Mounting os-zoneinfo-20220607.2c547a1_builder_stable_12_222
Mounting junos-net-prd-x86-64-20220617.153850_builder_junos_222_r1
Mounting junos-libs-x86-64-20220617.153850_builder_junos_222_r1
Mounting os-libs-compat32-12-x86-64-20220607.2c547a1_builder_stable_12_222
Mounting os-compat32-x86-64-20220607.2c547a1_builder_stable_12_222
Mounting junos-libs-compat32-x86-64-20220617.153850_builder_junos_222_r1
Mounting junos-runtime-x86-32-20220617.153850_builder_junos_222_r1
Starting watchdog daemon ...
Mounting junos-vmguest-mtx-x86-64-20220617.153850_builder_junos_222_r1
Mounting py-extensions-x86-32-20220617.153850_builder_junos_222_r1
Mounting py-base-x86-32-20220617.153850_builder_junos_222_r1
Mounting os-vmguest-x86-64-20220607.2c547a1_builder_stable_12_222
Mounting os-crypto-x86-64-20220607.2c547a1_builder_stable_12_222
Mounting na-telemetry-x86-32-22.2R1.9
Mounting junos-libs-compat32-srx-x86-64-20220617.153850_builder_junos_222_r1
Mounting junos-runtime-srx-x86-32-20220617.153850_builder_junos_222_r1
Mounting junos-routing-mpls-oam-basic-x86-64-20220617.153850_builder_junos_222_r1
Mounting junos-routing-lsys-x86-64-20220617.153850_builder_junos_222_r1
Mounting junos-routing-compat32-x86-64-20220617.153850_builder_junos_222_r1
Mounting junos-routing-aggregated-x86-64-20220617.153850_builder_junos_222_r1
Mounting junos-redis-x86-32-20220617.153850_builder_junos_222_r1
Mounting junos-probe-x86-64-20220617.153850_builder_junos_222_r1
Mounting junos-platform-x86-32-20220617.153850_builder_junos_222_r1
Mounting junos-platform-srx-x86-32-20220617.153850_builder_junos_222_r1
Mounting junos-openconfig-x86-32-22.2R1.9
Mounting junos-modules-x86-64-20220617.153850_builder_junos_222_r1
Mounting junos-modules-srx-x86-64-20220617.153850_builder_junos_222_r1
Mounting junos-libs-srx-x86-64-20220617.153850_builder_junos_222_r1
Mounting junos-l2-rsi-20220617.153850_builder_junos_222_r1
Mounting junos-dp-crypto-support-srx-x86-32-20220617.153850_builder_junos_222_r1
Mounting junos-daemons-x86-64-20220617.153850_builder_junos_222_r1
Mounting junos-daemons-srx-x86-64-20220617.153850_builder_junos_222_r1
Mounting junos-appsecure-he-x86-32-20220617.153850_builder_junos_222_r1
Mounting jsd-x86-32-22.2R1.9-jet-1
Mounting jpfe-wrlinuxlts19-x86-32-20220617.153850_builder_junos_222_r1
Mounting jpfe-spc3-x86-32-20220617.153850_builder_junos_222_r1
Mounting jpfe-X960-x86-32-20220617.153850_builder_junos_222_r1
Mounting jpfe-common-x86-32-20220617.153850_builder_junos_222_r1
Mounting jpfe-X-x86-32-20220617.153850_builder_junos_222_r1
Mounting jmrt-base-x86-64-20220617.153850_builder_junos_222_r1
Mounting jinsight-x86-32-22.2R1.9
Mounting jfirmware-x86-32-22.2R1.8
Mounting jdocs-x86-32-20220617.153850_builder_junos_222_r1
Mounting fips-optest-x86-32-22.2R1.9
Mounting fips-mode-x86-64-20220617.153850_builder_junos_222_r1
Mounting dsa-x86-64-22.2R1.9
@ 1663137842 [2022-09-14 06:44:02 UTC] mount done
grep: /var/etc/jlaunchd.inc: No such file or directory
grep: /var/etc/jlaunchd.inc: No such file or directory
grep: /var/etc/jlaunchd.inc: No such file or directory
grep: /var/etc/jlaunchd.inc: No such file or directory
Removing /etc/malloc.conf
Checking platform support for: srx5400
@ 1663137844 [2022-09-14 06:44:04 UTC] mountlate start
Mounting jweb-srx-x86-32-20220617.153850_builder_junos_222_r1
Setup /packages/mnt/jweb-srx-5d585241/jail/var/cache dir only for srx5400
mount_nullfs: /web-api: No such file or directory
Mounting junos-ike-x86-32-20220617.153850_builder_junos_222_r1
@ 1663137848 [2022-09-14 06:44:08 UTC] mountlate done
kern.module_path: /packages/sets/active/boot/os-vmguest/;/packages/sets/active/boot/netstack/;/
packages/sets/active/boot/os-crypto/;/packages/sets/active/boot/os-kernel/;/packages/sets/active/
boot/junos-net-platform/;/packages/sets/active/boot/junos-modules/ -> /modules;/modules/dev;/
modules/ifpfe_drv;/modules/ifpfe_media;/modules/jam_core;/modules/jam_plugin;/modules/peertype;/
modules/platform
besw0: mem 0xfeb80000-0xfeb8ffff irq 10 at device 5.0 on pci0
Loading BCMSDK module.....
bcm_sdk_init(): DevID = 0xb680, RevID = 0x12
bcm_sdk_init: device ID: dev: 0xb680, rev: 0x12
bcm_sdk_init: device unit no: 0
bcm_soc_cm_device_init: device unit no: 0
bcore_init: after soc_reset_init
bcore_init: after soc_misc_init
bcore_init: after soc_mmu_init
bcore_init: before bcm_init
bcore_init: before port stuff
bcore_init: after port stuff
bcore_init: link scan interval is (soc_property): 4000000
bcore_mxseries_init: Finished mxseries port configuration
bcore_init: Finished platform specific initialization
bcm_sdk_init: Done sdk init
Loading JUNOS chassis module
chassis_init_hw_chassis_startup_time: chassis startup time 0.000000, shared: 0x7ffffffff300,
base: 0x7ffffffff000, offset: 0x300
IPsec: Initialized Security Association Processing.
hgcommdev0: port 0xc000-0xc0ff mem 0xfeba8000-0xfeba8fff at device 22.0 on pci0
hgcommdev0: hgcommdev: registers at 0xfffff800feba8000
pci-hgcomdev module loadedLoading the CHMIC module
Loading POS driver
Loading Aggregate sonet driver
Loading the SLB driver
Loading the IMA Group Media Layer; Attaching to media services layer
Loading the IMA Link Media Layer; Attaching to media services layer
Loading the SONET Media Layer; Attaching to media services layer
Loading the Protobuf-C module
Loading the JAM-Core module
Loading the JAM-Core module - succeeded
Loading Multilink Services PICs module.
Loading the Mx Platform NETPFE module
MTX Platform JAM-Core module - load success
interface pci_hgcommdev.1 already present in the KLD 'pci-hgcomm.ko'!
linker_load_file: /modules/platform/pci_hgcomm.ko - unsupported file type
kldload: an error occurred while loading module pci_hgcomm.ko. Please check dmesg(8) for more
details.
Junosprocfs mounted on /junosproc.
VirtIO PCI 9P Transport adapter is not present
@ 1663137852 [2022-09-14 06:44:12 UTC] mgd start
Creating initial configuration: ...
mgd: Running FIPS Self-tests
mgd: Testing kernel KATS:
mgd: NIST 800-90 HMAC DRBG Known Answer Test: Passed
mgd: DES3-CBC Known Answer Test: Passed
mgd: HMAC-SHA1 Known Answer Test: Passed
mgd: HMAC-SHA2-256 Known Answer Test: Passed
mgd: SHA-2-384 Known Answer Test: Passed
mgd: SHA-2-512 Known Answer Test: Passed
mgd: AES128-CMAC Known Answer Test: Passed
mgd: AES-CBC Known Answer Test: Passed
mgd: Testing MACSec KATS:
mgd: AES128-CMAC Known Answer Test: Passed
mgd: AES256-CMAC Known Answer Test: Passed
mgd: AES-ECB Known Answer Test: Passed
mgd: AES-KEYWRAP Known Answer Test: Passed
mgd: KBKDF Known Answer Test: Passed
mgd: Testing libmd KATS:
mgd: HMAC-SHA1 Known Answer Test: Passed
mgd: HMAC-SHA2-256 Known Answer Test: Passed
mgd: SHA-2-512 Known Answer Test: Passed
mgd: Testing OpenSSL v1.0.2 KATS:
mgd: NIST 800-90 HMAC DRBG Known Answer Test: Passed
mgd: FIPS ECDSA Known Answer Test: Passed
mgd: FIPS ECDH Known Answer Test: Passed
mgd: FIPS RSA Known Answer Test: Passed
mgd: DES3-CBC Known Answer Test: Passed
mgd: HMAC-SHA1 Known Answer Test: Passed
mgd: HMAC-SHA2-224 Known Answer Test: Passed
mgd: HMAC-SHA2-256 Known Answer Test: Passed
mgd: HMAC-SHA2-384 Known Answer Test: Passed
mgd: HMAC-SHA2-512 Known Answer Test: Passed
mgd: AES-CBC Known Answer Test: Passed
mgd: AES-GCM Known Answer Test: Passed
mgd: ECDSA-SIGN Known Answer Test: Passed
mgd: KDF-IKE-V1 Known Answer Test: Passed
mgd: KDF-SSH-SHA256 Known Answer Test: Passed
mgd: KAS-ECC-EPHEM-UNIFIED-NOKC Known Answer Test: Passed
mgd: KAS-FFC-EPHEM-NOKC Known Answer Test: Passed
mgd: Testing OpenSSL KATS:
mgd: NIST 800-90 HMAC DRBG Known Answer Test: Passed
mgd: FIPS ECDSA Known Answer Test: Passed
mgd: FIPS ECDH Known Answer Test: Passed
mgd: FIPS RSA Known Answer Test: Passed
mgd: DES3-CBC Known Answer Test: Passed
mgd: HMAC-SHA1 Known Answer Test: Passed
mgd: HMAC-SHA2-224 Known Answer Test: Passed
mgd: HMAC-SHA2-256 Known Answer Test: Passed
mgd: HMAC-SHA2-384 Known Answer Test: Passed
mgd: HMAC-SHA2-512 Known Answer Test: Passed
mgd: AES-CBC Known Answer Test: Passed
mgd: AES-GCM Known Answer Test: Passed
mgd: ECDSA-SIGN Known Answer Test: Passed
mgd: KDF-IKE-V1 Known Answer Test: Passed
mgd: KDF-SSH-SHA256 Known Answer Test: Passed
mgd: KAS-ECC-EPHEM-UNIFIED-NOKC Known Answer Test: Passed
mgd: KAS-FFC-EPHEM-NOKC Known Answer Test: Passed
mgd: Testing QuickSec 7.0 KATS:
mgd: NIST 800-90 HMAC DRBG Known Answer Test: Passed
mgd: DES3-CBC Known Answer Test: Passed
mgd: HMAC-SHA1 Known Answer Test: Passed
mgd: HMAC-SHA2-224 Known Answer Test: Passed
mgd: HMAC-SHA2-256 Known Answer Test: Passed
mgd: HMAC-SHA2-384 Known Answer Test: Passed
mgd: HMAC-SHA2-512 Known Answer Test: Passed
mgd: AES-CBC Known Answer Test: Passed
mgd: AES-GCM Known Answer Test: Passed
mgd: SSH-RSA-ENC Known Answer Test: Passed
mgd: SSH-RSA-SIGN Known Answer Test: Passed
mgd: SSH-ECDSA-SIGN Known Answer Test: Passed
mgd: KDF-IKE-V1 Known Answer Test: Passed
mgd: KDF-IKE-V2 Known Answer Test: Passed
mgd: Testing QuickSec KATS:
mgd: NIST 800-90 HMAC DRBG Known Answer Test: Passed
mgd: DES3-CBC Known Answer Test: Passed
mgd: HMAC-SHA1 Known Answer Test: Passed
mgd: HMAC-SHA2-224 Known Answer Test: Passed
mgd: HMAC-SHA2-256 Known Answer Test: Passed
mgd: HMAC-SHA2-384 Known Answer Test: Passed
mgd: HMAC-SHA2-512 Known Answer Test: Passed
mgd: AES-CBC Known Answer Test: Passed
mgd: AES-GCM Known Answer Test: Passed
mgd: SSH-RSA-ENC Known Answer Test: Passed
mgd: SSH-RSA-SIGN Known Answer Test: Passed
mgd: KDF-IKE-V1 Known Answer Test: Passed
mgd: KDF-IKE-V2 Known Answer Test: Passed
mgd: Testing SSH IPsec KATS:
mgd: NIST 800-90 HMAC DRBG Known Answer Test: Passed
mgd: DES3-CBC Known Answer Test: Passed
mgd: HMAC-SHA1 Known Answer Test: Passed
mgd: HMAC-SHA2-256 Known Answer Test: Passed
mgd: AES-CBC Known Answer Test: Passed
mgd: SSH-RSA-ENC Known Answer Test: Passed
mgd: SSH-RSA-SIGN Known Answer Test: Passed
mgd: KDF-IKE-V1 Known Answer Test: Passed
mgd: Testing file integrity:
mgd: File integrity Known Answer Test: Passed
mgd: Testing crypto integrity:
mgd: Crypto integrity Known Answer Test: Passed
mgd: Expect an exec Authentication error...
MAC/veriexec: no fingerprint (file=/sbin/kats/cannot-exec fsid=225 fileid=49356 gen=1 uid=0
206
pid=8369 ppid=8335 gppid=8333)mgd: /sbin/kats/run-tests: /sbin/kats/cannot-exec: Authentication
error
mgd: FIPS Self-tests Passed
メモ:このモジュールは、承認された動作モードでは使用されない暗号化ライブラリとアルゴリズムを実装します。
このモジュールは、電源投入時の自己診断テストの失敗時に、SRX5400およびSRX5800デバイスに対して以下のステータス出力を表示します。
Testing kernel KATS:
panic: pid 2121 (kernel_kats), uid 0, FIPS error 1: NIST 800-90 HMAC DRBG Known Answer Test:
Failed
Testing libmd KATS:
panic: pid 91115 (md_kats), uid 0, FIPS error 1: HMAC-SHA1 Known Answer Test: Failed
Testing OpenSSL v1.0.2 KATS:
panic: pid 20121 (openssl-102_kats), uid 0, FIPS error 1: NIST 800-90 HMAC DRBG Known Answer Test: Failed
Testing JSF Crypto (Octeon) KATs:
panic: pid 2231 (jsf_crypto_octeon_k), uid 0, FIPS error 1: AES-GCM Known Answer Test: Failed
Testing OpenSSL KATS:
panic: pid 2340 (openssl_kats), uid 0, FIPS error 1: NIST 800-90 HMAC DRBG Known Answer Test:
Failed
Testing QuickSec 7.0 KATS:
panic: pid 37538 (quicksec_7_0_kats), uid 0, FIPS error 1: NIST 800-90 HMAC DRBG Known Answer
Test: Failed