From: Stephan Mueller <smueller@chronox.de>
To: "Bhat, Jayalakshmi Manjunath" <jayalakshmi.bhat@hp.com>
Cc: "linux-crypto@vger.kernel.org" <linux-crypto@vger.kernel.org>
Subject: Re: CAVS test harness
Date: Thu, 11 Jul 2019 13:59:41 +0200 [thread overview]
Message-ID: <1782078.ZURsmYODYl@tauon.chronox.de> (raw)
In-Reply-To: <3201120.NINpRaGeap@tauon.chronox.de>
Am Donnerstag, 11. Juli 2019, 13:52:29 CEST schrieb Stephan Mueller:
Hi,
> Am Dienstag, 9. Juli 2019, 08:43:51 CEST schrieb Bhat, Jayalakshmi
> Manjunath:
>
> Hi Jayalakshmi,
>
> > Hi All,
> >
> > We are working on a product that requires NIAP certification and use IPSec
> > environment for certification. IPSec functionality is achieved by third
> > party IPsec library and native XFRM. Third party IPsec library is used
> > for
> > ISAKMP and XFRM for IPsec.
> >
> > CAVS test cases are required for NIAP certification. Thus we need to
> > implement CAVS test harness for Third party library and Linux crypto
> > algorithms. I found the documentation on kernel crypto API usage.
> >
> > Please can you indication what is the right method to implement the test
> > harness for Linux crypto algorithms.
> > 1. Should I implement CAVS test
> > harness for Linux kernel crypto algorithms as a user space application
> > that
> > exercise the kernel crypto API?
> > 2. Should I implement CAVS test harness as
> > module in Linux kernel?
>
> As I have implemented the full CAVS test framework I can tell you that the
> AF_ALG interface will not allow you to perform all tests required by CAVS.
>
> Thus you need to implement your own kernel module with its own interface.
As a side note: if you only want to test the symmetric ciphers and the hashes/
HMACs, you can implement that with libkcapi easily.
However, if you are interested in testing the DRBG due to its relevance for
the GCM IV, you certainly need a kernel module.
>
> > Any information on this will help me very much on implementation.
> >
> > Regards,
> > Jayalakshmi
>
> Ciao
> Stephan
Ciao
Stephan
next prev parent reply other threads:[~2019-07-11 11:59 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-07-09 6:43 CAVS test harness Bhat, Jayalakshmi Manjunath
2019-07-09 11:34 ` Gilad Ben-Yossef
2019-07-09 16:07 ` Bhat, Jayalakshmi Manjunath
2019-07-10 14:05 ` Gilad Ben-Yossef
2019-07-11 11:54 ` Stephan Mueller
2019-07-11 11:52 ` Stephan Mueller
2019-07-11 11:59 ` Stephan Mueller [this message]
2019-07-11 15:22 ` Bhat, Jayalakshmi Manjunath
2019-07-11 15:33 ` Stephan Mueller
2019-07-12 17:55 ` Bhat, Jayalakshmi Manjunath
2019-07-12 18:35 ` Eric Biggers
2019-07-13 15:49 ` Bhat, Jayalakshmi Manjunath
2019-07-12 20:05 ` Stephan Mueller
2019-07-13 16:04 ` Bhat, Jayalakshmi Manjunath
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1782078.ZURsmYODYl@tauon.chronox.de \
--to=smueller@chronox.de \
--cc=jayalakshmi.bhat@hp.com \
--cc=linux-crypto@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox