From: Brandon Lo <blo@iol.unh.edu> To: alialnu@nvidia.com Cc: ci@dpdk.org, Brandon Lo <blo@iol.unh.edu> Subject: [PATCH v4 4/4] doc: add readme file for acvp_tool Date: Mon, 18 Apr 2022 09:36:10 -0400 Message-ID: <20220418133610.10835-5-blo@iol.unh.edu> (raw) In-Reply-To: <20220418133610.10835-1-blo@iol.unh.edu> This readme file contains instructions to set up and use the acvp_tool. Signed-off-by: Brandon Lo <blo@iol.unh.edu> --- tools/acvp/README | 71 +++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 71 insertions(+) create mode 100644 tools/acvp/README diff --git a/tools/acvp/README b/tools/acvp/README new file mode 100644 index 0000000..0cd3acc --- /dev/null +++ b/tools/acvp/README @@ -0,0 +1,71 @@ +The ACVP tool is a general tool for interacting with the NIST ACVP API +in order to test different cryptographic implementations. + +It produces machine-readable output for parsing in a CI environment. + + +Requirements +------------ + +There are also packages you need to download from the requirements.txt file: +* pyotp +* requests + +The tool expects that you have all the credential files from NIST: +* Client certificate (usually a .cer file from NIST) +* Key file for the certificate +* Time-based one-time password seed file (usually a .txt file from NIST) + +The path to each file must be stored in an environment variable: +$ACVP_SEED_FILE = Path to the TOTP seed .txt file (given by NIST). +$ACVP_CERT_FILE = Path to the client .cer/.crt file (given by NIST). +$ACVP_KEY_FILE = Path to the certificate key file (generated by user). + +If you do not have the required files from NIST, you must email them +to create demo credentials. +https://pages.nist.gov/ACVP/#access + + +Setup +----- + +After setting the environment variables as described in the +"Requirements" section, you will need to edit the acvp_config.json file. + +The acvp_config.json file is expected to be a json object +containing two keys: "url" and "algorithms" + +"url" must be the base URL string of the API you want to use. +"algorithms" must be an array of algorithm objects as detailed in the +ACVP API specification here: +https://github.com/usnistgov/ACVP/wiki/ACVTS-End-User-Documentation + +Now you can use the acvp_tool.py script to register a test session, +upload the results, and download the verdict. + + +Usage +----- + +To see all options available, use the --help flag. + +First, register and download a new test session with the tool: + acvp_tool.py --request $DOWNLOAD_PATH +The file written to $DOWNLOAD_PATH will contain both the session information +and the test vectors. + +You should use the DPDK FIPS validation example application to test +the vectors in this file. The example application will generate +the result file which is uploaded back to the ACVP API. + +After running tests with the vector file, you can submit the result: + acvp_tool.py --response $RESULT_PATH --upload +where $RESULT_PATH is the path of the file containing the answers. + +Once you submit your results, you can do + acvp_tool.py --response $RESULT_PATH --verdict $VERDICT_PATH +where $VERDICT_PATH is where you want to save the verdict information. +The verdict file will contain the result of each test case submitted. + +You can also combine the options: + acvp_tool.py --response $RESULT_PATH --upload --verdict $VERDICT_PATH -- 2.25.1
prev parent reply other threads:[~2022-04-18 13:36 UTC|newest] Thread overview: 20+ messages / expand[flat|nested] mbox.gz Atom feed top 2022-01-26 18:16 [PATCH v2 0/4] Add ACVP tool Brandon Lo 2022-01-26 18:16 ` [PATCH v2 1/4] tools: add acvp_tool Brandon Lo 2022-01-26 18:25 ` Brandon Lo 2022-01-26 18:56 ` [PATCH v3 " Brandon Lo 2022-01-26 18:16 ` [PATCH v2 2/4] tools: add default config file for acvp_tool Brandon Lo 2022-01-26 18:16 ` [PATCH v2 3/4] tools: add requirements " Brandon Lo 2022-01-26 18:16 ` [PATCH v2 4/4] doc: add readme " Brandon Lo 2022-02-02 15:04 ` [PATCH v3 0/4] Add ACVP tool Brandon Lo 2022-02-02 15:04 ` [PATCH v3 1/4] tools: add acvp_tool Brandon Lo 2022-04-16 10:34 ` Ali Alnubani 2022-02-02 15:04 ` [PATCH v3 2/4] tools: add default config file for acvp_tool Brandon Lo 2022-02-02 15:04 ` [PATCH v3 3/4] tools: add requirements " Brandon Lo 2022-02-02 15:04 ` [PATCH v3 4/4] doc: add readme " Brandon Lo 2022-02-17 14:27 ` [PATCH v3 0/4] Add ACVP tool Brandon Lo 2022-04-16 10:35 ` Ali Alnubani 2022-04-18 13:36 ` [PATCH v4 " Brandon Lo 2022-04-18 13:36 ` [PATCH v4 1/4] tools: add acvp_tool Brandon Lo 2022-04-18 13:36 ` [PATCH v4 2/4] tools: add default config file for acvp_tool Brandon Lo 2022-04-18 13:36 ` [PATCH v4 3/4] tools: add requirements " Brandon Lo 2022-04-18 13:36 ` Brandon Lo [this message]
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=20220418133610.10835-5-blo@iol.unh.edu \ --to=blo@iol.unh.edu \ --cc=alialnu@nvidia.com \ --cc=ci@dpdk.org \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: link
DPDK CI discussions This inbox may be cloned and mirrored by anyone: git clone --mirror http://inbox.dpdk.org/ci/0 ci/git/0.git # If you have public-inbox 1.1+ installed, you may # initialize and index your mirror using the following commands: public-inbox-init -V2 ci ci/ http://inbox.dpdk.org/ci \ ci@dpdk.org public-inbox-index ci Example config snippet for mirrors. Newsgroup available over NNTP: nntp://inbox.dpdk.org/inbox.dpdk.ci AGPL code for this site: git clone https://public-inbox.org/public-inbox.git