From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <roy.fan.zhang@intel.com>
Received: from mga17.intel.com (mga17.intel.com [192.55.52.151])
 by dpdk.org (Postfix) with ESMTP id 3E7CB1B1AB
 for <dev@dpdk.org>; Thu,  4 Oct 2018 11:55:41 +0200 (CEST)
X-Amp-Result: SKIPPED(no attachment in message)
X-Amp-File-Uploaded: False
Received: from fmsmga001.fm.intel.com ([10.253.24.23])
 by fmsmga107.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384;
 04 Oct 2018 02:55:39 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.54,338,1534834800"; d="scan'208";a="95993642"
Received: from silpixa00398673.ir.intel.com (HELO
 silpixa00398673.ger.corp.intel.com) ([10.237.223.54])
 by fmsmga001.fm.intel.com with ESMTP; 04 Oct 2018 02:55:20 -0700
From: Fan Zhang <roy.fan.zhang@intel.com>
To: dev@dpdk.org
Cc: akhil.goyal@nxp.com,
	Marko Kovacevic <marko.kovacevic@intel.com>
Date: Thu,  4 Oct 2018 10:40:15 +0100
Message-Id: <20181004094015.46264-9-roy.fan.zhang@intel.com>
X-Mailer: git-send-email 2.13.6
In-Reply-To: <20181004094015.46264-1-roy.fan.zhang@intel.com>
References: <20181004094015.46264-1-roy.fan.zhang@intel.com>
Subject: [dpdk-dev] [PATCH v2 8/8] doc: add guides for fips validation
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: DPDK patches and discussions <dev.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
X-List-Received-Date: Thu, 04 Oct 2018 09:55:41 -0000

From: Marko Kovacevic <marko.kovacevic@intel.com>

Document explains how to run the fips sample app
and instructions users need to parser all the request
files and generate the response files.

Signed-off-by: Marko Kovacevic <marko.kovacevic@intel.com>
Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
---
 doc/guides/rel_notes/release_18_11.rst       |  6 ++
 doc/guides/sample_app_ug/fips_validation.rst | 97 ++++++++++++++++++++++++++++
 doc/guides/sample_app_ug/index.rst           |  5 ++
 3 files changed, 108 insertions(+)
 create mode 100644 doc/guides/sample_app_ug/fips_validation.rst

diff --git a/doc/guides/rel_notes/release_18_11.rst b/doc/guides/rel_notes/release_18_11.rst
index 2133a5b9b..db1579b6e 100644
--- a/doc/guides/rel_notes/release_18_11.rst
+++ b/doc/guides/rel_notes/release_18_11.rst
@@ -104,6 +104,12 @@ New Features
   the specified port. The port must be stopped before the command call in order
   to reconfigure queues.
 
+* **Added Cryptodev Fips Validation Example Application.**
+
+  Added an example application to parse and perform symmetric cryptography
+  computation to the NIST Cryptographic Algorithm Validation Program (CAVP)
+  test vectors.
+
 
 API Changes
 -----------
diff --git a/doc/guides/sample_app_ug/fips_validation.rst b/doc/guides/sample_app_ug/fips_validation.rst
new file mode 100644
index 000000000..e56741a9a
--- /dev/null
+++ b/doc/guides/sample_app_ug/fips_validation.rst
@@ -0,0 +1,97 @@
+..  SPDX-License-Identifier: BSD-3-Clause
+    Copyright(c) 2018 Intel Corporation.
+
+Federal Information Processing Standards (FIPS) CryptoDev Validation
+====================================================================
+
+Overview
+--------
+
+Federal Information Processing Standards (FIPS) are publicly announced standards
+developed by the United States federal government for use in computer systems by
+non-military government agencies and government contractors.
+
+This application is used to parse and perform symmetric cryptography
+computation to the NIST Cryptographic Algorithm Validation Program (CAVP) test
+vectors.
+
+Limitations
+-----------
+
+* Only NIST CAVP request files are parsed by this application.
+* The version of request file supported is ``CAVS 21.0``
+* The application does not supply the test vectors. The user is expected to
+  obtain the test vector files from `NIST
+  <https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/block-ciphers>`_
+* Supported test vectors
+    * AES-CBC (128,192,256) - GFSbox, KeySbox, MCT, MMT
+    * AES-GCM (128,192,256) - EncryptExtIV, Decrypt
+    * AES-CCM (128) - VADT, VNT, VPT, VTT, DVPT
+    * AES-CMAC (128) - Generate, Verify
+    * HMAC (SHA1, SHA224, SHA256, SHA384, SHA512)
+    * TDES (1 Key, 2 Keys, 3 Keys) - MMT, Monte, Permop, Subkey, Varkey, VarText
+
+Compiling the Application
+-------------------------
+
+* Compile Application
+
+    .. code-block:: console
+
+         make -C examples/cryptodev_fips_validate
+
+*  Run ``dos2unix`` on the request files
+
+    .. code-block:: console
+
+         dos2unix AES/req/*
+         dos2unix AES_GCM/req/*
+         dos2unix CCM/req/*
+         dos2unix CMAC/req/*
+         dos2unix HMAC/req/*
+         dos2unix TDES/req/*
+
+Running the Application
+-----------------------
+
+The application requires a number of command line options:
+
+    .. code-block:: console
+
+         ./cryptodev_fips_validate_app [EAL options]
+         -- --req-file FILE_PATH/FOLDER_PATH
+         --rsp-file FILE_PATH/FOLDER_PATH
+         [--cryptodev DEVICE_NAME] [--cryptodev-id ID] [--path-is-folder]
+
+where,
+  * req-file: The path of the request file or folder, separated by
+    ``path-is-folder`` option.
+
+  * rsp-file: The path that the response file or folder is stored. separated by
+    ``path-is-folder`` option.
+
+  * cryptodev: The name of the target DPDK Crypto device to be validated.
+
+  * cryptodev-id: The id of the target DPDK Crypto device to be validated.
+
+  * path-is-folder: If presented the application expects req-file and rsp-file
+    are folder paths.
+
+To run the application in linuxapp environment to test one AES FIPS test data
+file for crypto_aesni_mb PMD, issue the command:
+
+.. code-block:: console
+
+    $ ./cryptodev_fips_validate_app --vdev crypto_aesni_mb -- 
+    --req-file /PATH/TO/REQUEST/FILE.req --rsp-file ./PATH/TO/RESPONSE/FILE.rsp
+    --cryptodev crypto_aesni_mb
+
+To run the application in linuxapp environment to test all AES-GCM FIPS test
+data files in one folder for crypto_aesni_gcm PMD, issue the command:
+
+.. code-block:: console
+
+    $ ./cryptodev_fips_validate_app --vdev crypto_aesni_gcm0 -- 
+    --req-file /PATH/TO/REQUEST/FILE/FOLDER/
+    --rsp-file ./PATH/TO/RESPONSE/FILE/FOLDER/
+    --cryptodev-id 0 --path-is-folder
diff --git a/doc/guides/sample_app_ug/index.rst b/doc/guides/sample_app_ug/index.rst
index 5bedf4f6f..146296b7a 100644
--- a/doc/guides/sample_app_ug/index.rst
+++ b/doc/guides/sample_app_ug/index.rst
@@ -56,6 +56,7 @@ Sample Applications User Guides
     performance_thread
     ipsec_secgw
     bbdev_app
+    fips_validation
 
 **Figures**
 
@@ -83,6 +84,10 @@ Sample Applications User Guides
 
 :numref:`figure_client_svr_sym_multi_proc_app` :ref:`figure_client_svr_sym_multi_proc_app`
 
+:numref:`figure_master_slave_proc` :ref:`figure_master_slave_proc`
+
+:numref:`figure_slave_proc_recov` :ref:`figure_slave_proc_recov`
+
 :numref:`figure_qos_sched_app_arch` :ref:`figure_qos_sched_app_arch`
 
 :numref:`figure_pipeline_overview` :ref:`figure_pipeline_overview`
-- 
2.13.6