Re: CAVS test harness

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Am Dienstag, 9. Juli 2019, 13:34:21 CEST schrieb Gilad Ben-Yossef:

Hi Gilad,

> On Tue, Jul 9, 2019 at 9:44 AM Bhat, Jayalakshmi Manjunath
> 
> <jayalakshmi.bhat@xxxxxx> wrote:
> > Hi All,
> > 
> > We are working on a product that requires NIAP certification and use IPSec
> > environment for certification. IPSec functionality is achieved by third
> > party IPsec library and native XFRM. Third  party IPsec library is used
> > for ISAKMP and XFRM for IPsec.
> > 
> > CAVS test cases are required for NIAP certification.  Thus we need to
> > implement CAVS test harness for Third party library and Linux crypto
> > algorithms. I found the documentation on kernel crypto API usage.
> > 
> > Please can you indication what is the right method to implement the test
> > harness for Linux crypto algorithms. 1.      Should I implement CAVS test
> > harness for Linux kernel crypto algorithms as a user space application
> > that exercise the kernel crypto API? 2.      Should I implement  CAVS
> > test harness as module in Linux kernel?
> > 
> > 
> > Any information on this will help me very much on implementation.
> 
> Are you sure the needed tests are not already implemented in the
> kernel crypto API testmgr?

The testmgr implements the power-on self tests required by FIPS 140-2. But 
CAVS testing implies that there is a large set of test vectors which need to 
be processed by the crypto implementations.

These test vectors are generated anew for each test round. Only the test 
approach remains stable.
> 
> Gilad



Ciao
Stephan





[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

  Powered by Linux