* testmgr.h
@ 2016-08-09 13:21 Gary R Hook
2016-08-09 13:31 ` testmgr.h Stephan Mueller
0 siblings, 1 reply; 2+ messages in thread
From: Gary R Hook @ 2016-08-09 13:21 UTC (permalink / raw)
To: linux-crypto
Q: Is there a policy (de facto or otherwise) on adding tests to testmgr.h?
Two cases:
1) Tests from the NIST document(s) on various ciphers and hashes wherein
we add to an existing set of tests? For example, 3DES ECB mode, or AES
GCM? I suppose this question is really about, "how much is enough?"
2) Adding testing for a mode that has not heretofore been included? For
example, 3DES CFB mode? Pretty sure the answer here is "yes".
Over-arching concern: do we want to include official NIST test cases, or
eschew them?
There was no obvious reference to this (by way of grepping for testmgr)
in any of the existing Documentation. That I could find. If I missed
something, please excuse me.
Thanks,
Gary
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: testmgr.h
2016-08-09 13:21 testmgr.h Gary R Hook
@ 2016-08-09 13:31 ` Stephan Mueller
0 siblings, 0 replies; 2+ messages in thread
From: Stephan Mueller @ 2016-08-09 13:31 UTC (permalink / raw)
To: Gary R Hook; +Cc: linux-crypto
Am Dienstag, 9. August 2016, 08:21:43 CEST schrieb Gary R Hook:
Hi Gary,
> Q: Is there a policy (de facto or otherwise) on adding tests to testmgr.h?
> Two cases:
>
> 1) Tests from the NIST document(s) on various ciphers and hashes wherein
> we add to an existing set of tests? For example, 3DES ECB mode, or AES
> GCM? I suppose this question is really about, "how much is enough?"
>
> 2) Adding testing for a mode that has not heretofore been included? For
> example, 3DES CFB mode? Pretty sure the answer here is "yes".
>
> Over-arching concern: do we want to include official NIST test cases, or
> eschew them?
>
> There was no obvious reference to this (by way of grepping for testmgr)
> in any of the existing Documentation. That I could find. If I missed
> something, please excuse me.
It is always helpful to use test vectors that are created by some third
parties. These are NIST test vectors or test vectors in RFCs. In some cases,
vectors were created using OpenSSL.
Regarding the question how much: I can only answer to the FIPS 140-2
requirements: all tests that need to be there for FIPS 140-2 are there for
those with fips_allowed=1.
Ciao
Stephan
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2016-08-09 13:31 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2016-08-09 13:21 testmgr.h Gary R Hook
2016-08-09 13:31 ` testmgr.h Stephan Mueller
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox