DPDK CI discussions
 help / color / mirror / Atom feed
From: Brandon Lo <blo@iol.unh.edu>
To: alialnu@nvidia.com
Cc: ci@dpdk.org, Brandon Lo <blo@iol.unh.edu>
Subject: [PATCH v4 4/4] doc: add readme file for acvp_tool
Date: Mon, 18 Apr 2022 09:36:10 -0400
Message-ID: <20220418133610.10835-5-blo@iol.unh.edu> (raw)
In-Reply-To: <20220418133610.10835-1-blo@iol.unh.edu>

This readme file contains instructions to set up
and use the acvp_tool.

Signed-off-by: Brandon Lo <blo@iol.unh.edu>
---
 tools/acvp/README | 71 +++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 71 insertions(+)
 create mode 100644 tools/acvp/README

diff --git a/tools/acvp/README b/tools/acvp/README
new file mode 100644
index 0000000..0cd3acc
--- /dev/null
+++ b/tools/acvp/README
@@ -0,0 +1,71 @@
+The ACVP tool is a general tool for interacting with the NIST ACVP API
+in order to test different cryptographic implementations.
+
+It produces machine-readable output for parsing in a CI environment.
+
+
+Requirements
+------------
+
+There are also packages you need to download from the requirements.txt file:
+* pyotp
+* requests
+
+The tool expects that you have all the credential files from NIST:
+* Client certificate (usually a .cer file from NIST)
+* Key file for the certificate
+* Time-based one-time password seed file (usually a .txt file from NIST)
+
+The path to each file must be stored in an environment variable:
+$ACVP_SEED_FILE  =  Path to the TOTP seed .txt file    (given by NIST).
+$ACVP_CERT_FILE  =  Path to the client .cer/.crt file  (given by NIST).
+$ACVP_KEY_FILE   =  Path to the certificate key file   (generated by user).
+
+If you do not have the required files from NIST, you must email them
+to create demo credentials.
+https://pages.nist.gov/ACVP/#access
+
+
+Setup
+-----
+
+After setting the environment variables as described in the
+"Requirements" section, you will need to edit the acvp_config.json file.
+
+The acvp_config.json file is expected to be a json object
+containing two keys: "url" and "algorithms"
+
+"url" must be the base URL string of the API you want to use.
+"algorithms" must be an array of algorithm objects as detailed in the
+ACVP API specification here:
+https://github.com/usnistgov/ACVP/wiki/ACVTS-End-User-Documentation
+
+Now you can use the acvp_tool.py script to register a test session,
+upload the results, and download the verdict.
+
+
+Usage
+-----
+
+To see all options available, use the --help flag.
+
+First, register and download a new test session with the tool:
+    acvp_tool.py --request $DOWNLOAD_PATH
+The file written to $DOWNLOAD_PATH will contain both the session information
+and the test vectors.
+
+You should use the DPDK FIPS validation example application to test
+the vectors in this file. The example application will generate
+the result file which is uploaded back to the ACVP API.
+
+After running tests with the vector file, you can submit the result:
+    acvp_tool.py --response $RESULT_PATH --upload
+where $RESULT_PATH is the path of the file containing the answers.
+
+Once you submit your results, you can do
+    acvp_tool.py --response $RESULT_PATH --verdict $VERDICT_PATH
+where $VERDICT_PATH is where you want to save the verdict information.
+The verdict file will contain the result of each test case submitted.
+
+You can also combine the options:
+    acvp_tool.py --response $RESULT_PATH --upload --verdict $VERDICT_PATH
-- 
2.25.1


      parent reply	other threads:[~2022-04-18 13:36 UTC|newest]

Thread overview: 20+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-01-26 18:16 [PATCH v2 0/4] Add ACVP tool Brandon Lo
2022-01-26 18:16 ` [PATCH v2 1/4] tools: add acvp_tool Brandon Lo
2022-01-26 18:25   ` Brandon Lo
2022-01-26 18:56     ` [PATCH v3 " Brandon Lo
2022-01-26 18:16 ` [PATCH v2 2/4] tools: add default config file for acvp_tool Brandon Lo
2022-01-26 18:16 ` [PATCH v2 3/4] tools: add requirements " Brandon Lo
2022-01-26 18:16 ` [PATCH v2 4/4] doc: add readme " Brandon Lo
2022-02-02 15:04 ` [PATCH v3 0/4] Add ACVP tool Brandon Lo
2022-02-02 15:04   ` [PATCH v3 1/4] tools: add acvp_tool Brandon Lo
2022-04-16 10:34     ` Ali Alnubani
2022-02-02 15:04   ` [PATCH v3 2/4] tools: add default config file for acvp_tool Brandon Lo
2022-02-02 15:04   ` [PATCH v3 3/4] tools: add requirements " Brandon Lo
2022-02-02 15:04   ` [PATCH v3 4/4] doc: add readme " Brandon Lo
2022-02-17 14:27   ` [PATCH v3 0/4] Add ACVP tool Brandon Lo
2022-04-16 10:35   ` Ali Alnubani
2022-04-18 13:36   ` [PATCH v4 " Brandon Lo
2022-04-18 13:36     ` [PATCH v4 1/4] tools: add acvp_tool Brandon Lo
2022-04-18 13:36     ` [PATCH v4 2/4] tools: add default config file for acvp_tool Brandon Lo
2022-04-18 13:36     ` [PATCH v4 3/4] tools: add requirements " Brandon Lo
2022-04-18 13:36     ` Brandon Lo [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20220418133610.10835-5-blo@iol.unh.edu \
    --to=blo@iol.unh.edu \
    --cc=alialnu@nvidia.com \
    --cc=ci@dpdk.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

DPDK CI discussions

This inbox may be cloned and mirrored by anyone:

	git clone --mirror http://inbox.dpdk.org/ci/0 ci/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 ci ci/ http://inbox.dpdk.org/ci \
		ci@dpdk.org
	public-inbox-index ci

Example config snippet for mirrors.
Newsgroup available over NNTP:
	nntp://inbox.dpdk.org/inbox.dpdk.ci


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git