Received: by 2002:a25:ad19:0:0:0:0:0 with SMTP id y25csp10413943ybi; Thu, 11 Jul 2019 05:00:23 -0700 (PDT) X-Google-Smtp-Source: APXvYqwrIGHi1pNjdlR5z6RLcot3Jve8x8VIKfHo3MB5qNjTgVDL3qg1mvXL3vpjLRtj4pagc5tx X-Received: by 2002:a17:90a:3463:: with SMTP id o90mr4536198pjb.15.1562846423737; Thu, 11 Jul 2019 05:00:23 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1562846423; cv=none; d=google.com; s=arc-20160816; b=d6SkTCqfRO2jjXv3C5J2R+85zQ/QmdK92sXIeCwgcw5TCKIbrLww60m22JY+RtFe7C OfFzX1Luz0EJCli75R/IOy9RT/LWOE82A1Ur9LUy+6Kogendpe0s1LOl6ApEsOKgRvmn LqlajKmAaq1gh+yLrsKwvwD4BFyBbJlyW0BzzmTuH3PnOnIji5y/F386wr5CzEzBLAKy qhu2ZdMVcvXeWsTD4E3mE/em95DQDFhKuAqCIbnXJ+Gt/T5yNPp8FuF8jN+cH5eClYLs 7pB0aac2DrFb5g2QDmUc84+Dm/Nc0f6gpVwcVj5Ybl5620QLSN/wW5Qkwp58SX+n4NEf w6Aw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=OuwZ8K0f/Gg0RtZtWjajCRJNHjGMsgFwRKm7HEm15Qc=; b=d61t4Nv6jfSGQ6hJihhkAv2XxPSUWG3IGPZGHhb6YPt8jEWTwdZqrbCx4HwRVGSu2V 0250Nbt9XHIDAxwOZ71UT1UlE6jNJr3sDiBGbhDc85v/LMmr2+LKkvxQLqLh9BLOcCnM +K0xpUyBTnazmZsOviQ8DXwnC2+fw0vQWxghrJoHKMnWwUAdOn+VVh93pIqt6fZPVFpw TpYYbthe5FlZrsyyio5V6HEnRbz++wpQUgKThyUde8Yjv+kwRH9ZDcK0BAANxUBx9OOK p3L1a1SbAnNUGu0+4ILI7z3noyVA/fF/GemHXNGDLYGXxVJEvavmkn15w0maTFdtRVqs c8PA== ARC-Authentication-Results: i=1; mx.google.com; dkim=fail header.i=@chronox.de header.s=strato-dkim-0002 header.b=CfIfHB1r; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id j71si4917118pge.50.2019.07.11.05.00.01; Thu, 11 Jul 2019 05:00:23 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=fail header.i=@chronox.de header.s=strato-dkim-0002 header.b=CfIfHB1r; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728289AbfGKL7q (ORCPT + 99 others); Thu, 11 Jul 2019 07:59:46 -0400 Received: from mo4-p01-ob.smtp.rzone.de ([85.215.255.52]:10903 "EHLO mo4-p01-ob.smtp.rzone.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728198AbfGKL7q (ORCPT ); Thu, 11 Jul 2019 07:59:46 -0400 X-Greylist: delayed 434 seconds by postgrey-1.27 at vger.kernel.org; Thu, 11 Jul 2019 07:59:45 EDT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; t=1562846382; s=strato-dkim-0002; d=chronox.de; h=References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: X-RZG-CLASS-ID:X-RZG-AUTH:From:Subject:Sender; bh=OuwZ8K0f/Gg0RtZtWjajCRJNHjGMsgFwRKm7HEm15Qc=; b=CfIfHB1rJMqMlyaCkkle+fM0C7apQMpe+2RbbXE0Fqzdf3buncb1gadzdbw9N2pfXK tNSqHP8r9FMDrYU+C7Dn4jmcwqKQj58y0MLEOb0EVzuB4CCL++Fb+MDYU/4TWcNBea7Z jJ+ptJTCZKE2y+HQLZRmON+5ndugZ5GMK9AbzriNuLU0/n5ALxU2X0GatzB+PEXy7lae PzERneUEgXdEGsUscSxhNTHfzqjbVMTzC0eI83K8QqjoOnyLLs41DZHiTVC9MB82w1GX OaXSHawJ+JZ2Nq4yRDg/AyX8sF6L0+Nz2UsI+MGRSJ3QeAZ2s6dOWn4gN1uGw6JmVvoF oDiw== X-RZG-AUTH: ":P2ERcEykfu11Y98lp/T7+hdri+uKZK8TKWEqNyiHySGSa9k9xm0dNS3IdRcRALiq2+M=" X-RZG-CLASS-ID: mo00 Received: from tauon.chronox.de by smtp.strato.de (RZmta 44.24 DYNA|AUTH) with ESMTPSA id 9078d1v6BBxfwtR (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (curve secp521r1 with 521 ECDH bits, eq. 15360 bits RSA)) (Client did not present a certificate); Thu, 11 Jul 2019 13:59:41 +0200 (CEST) From: Stephan Mueller To: "Bhat, Jayalakshmi Manjunath" Cc: "linux-crypto@vger.kernel.org" Subject: Re: CAVS test harness Date: Thu, 11 Jul 2019 13:59:41 +0200 Message-ID: <1782078.ZURsmYODYl@tauon.chronox.de> In-Reply-To: <3201120.NINpRaGeap@tauon.chronox.de> References: <3201120.NINpRaGeap@tauon.chronox.de> MIME-Version: 1.0 Content-Transfer-Encoding: 7Bit Content-Type: text/plain; charset="us-ascii" Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Am Donnerstag, 11. Juli 2019, 13:52:29 CEST schrieb Stephan Mueller: Hi, > Am Dienstag, 9. Juli 2019, 08:43:51 CEST schrieb Bhat, Jayalakshmi > Manjunath: > > Hi Jayalakshmi, > > > Hi All, > > > > We are working on a product that requires NIAP certification and use IPSec > > environment for certification. IPSec functionality is achieved by third > > party IPsec library and native XFRM. Third party IPsec library is used > > for > > ISAKMP and XFRM for IPsec. > > > > CAVS test cases are required for NIAP certification. Thus we need to > > implement CAVS test harness for Third party library and Linux crypto > > algorithms. I found the documentation on kernel crypto API usage. > > > > Please can you indication what is the right method to implement the test > > harness for Linux crypto algorithms. > > 1. Should I implement CAVS test > > harness for Linux kernel crypto algorithms as a user space application > > that > > exercise the kernel crypto API? > > 2. Should I implement CAVS test harness as > > module in Linux kernel? > > As I have implemented the full CAVS test framework I can tell you that the > AF_ALG interface will not allow you to perform all tests required by CAVS. > > Thus you need to implement your own kernel module with its own interface. As a side note: if you only want to test the symmetric ciphers and the hashes/ HMACs, you can implement that with libkcapi easily. However, if you are interested in testing the DRBG due to its relevance for the GCM IV, you certainly need a kernel module. > > > Any information on this will help me very much on implementation. > > > > Regards, > > Jayalakshmi > > Ciao > Stephan Ciao Stephan