Re: [PATCH] crypto: testmgr - add NIAP FPT_TST_EXT.1 subset of tests

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Am Freitag, dem 08.01.2021 um 17:38 +0000 schrieb Elena Petrova:
> NIAP FPT_TST_EXT.1 [1] specification requires testing of a small set of
> cryptographic modules on boot for devices that need to be NIAP
> compliant. This is also a requirement for FIPS CMVP 140-2/140-3
> certification.
> 
> Currently testmgr adds significant boot time overhead when enabled; we
> measured 3-5 seconds for Android.

I am not sure whether this is necessary. If you build the ciphers as modules,
you can insmod them during boot time before general user space is made
available. Once you insmoded all needed KOs, you load tcrypt to invoke them
which implies that they are verified. This approach allows user space to
determine which KOs are self-tested during boot.

This is the approach all Linux validations took in the past.

Besides, for FIPS 140-3, it is now allowed to have "lazy" self testing which
allows the self-tests to be executed before first use (just like what the
kernel testmgr already does).

Can you please help us understand why the mentioned approach is not
sufficient?

Thanks
Stephan




[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

  Powered by Linux