Am Dienstag, 9. Juli 2019, 13:34:21 CEST schrieb Gilad Ben-Yossef: Hi Gilad, > On Tue, Jul 9, 2019 at 9:44 AM Bhat, Jayalakshmi Manjunath > > <jayalakshmi.bhat@xxxxxx> wrote: > > Hi All, > > > > We are working on a product that requires NIAP certification and use IPSec > > environment for certification. IPSec functionality is achieved by third > > party IPsec library and native XFRM. Third party IPsec library is used > > for ISAKMP and XFRM for IPsec. > > > > CAVS test cases are required for NIAP certification. Thus we need to > > implement CAVS test harness for Third party library and Linux crypto > > algorithms. I found the documentation on kernel crypto API usage. > > > > Please can you indication what is the right method to implement the test > > harness for Linux crypto algorithms. 1. Should I implement CAVS test > > harness for Linux kernel crypto algorithms as a user space application > > that exercise the kernel crypto API? 2. Should I implement CAVS > > test harness as module in Linux kernel? > > > > > > Any information on this will help me very much on implementation. > > Are you sure the needed tests are not already implemented in the > kernel crypto API testmgr? The testmgr implements the power-on self tests required by FIPS 140-2. But CAVS testing implies that there is a large set of test vectors which need to be processed by the crypto implementations. These test vectors are generated anew for each test round. Only the test approach remains stable. > > Gilad Ciao Stephan
