From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id E707AA00C4; Mon, 30 May 2022 14:24:49 +0200 (CEST) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id C98E542BC2; Mon, 30 May 2022 14:24:18 +0200 (CEST) Received: from mx0b-0016f401.pphosted.com (mx0b-0016f401.pphosted.com [67.231.156.173]) by mails.dpdk.org (Postfix) with ESMTP id 3507342BC1 for ; Mon, 30 May 2022 14:24:17 +0200 (CEST) Received: from pps.filterd (m0045851.ppops.net [127.0.0.1]) by mx0b-0016f401.pphosted.com (8.17.1.5/8.17.1.5) with ESMTP id 24UC1ROH018928; Mon, 30 May 2022 05:24:16 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding : content-type; s=pfpt0220; bh=/i6W3jAjSmUH6AUy7Yoyv+8WbiYz7aWJYlHVxKhG2Lo=; b=IRSAbrCyIVXGDLKjVI5t1BQ8WL/wZhUk0zFKVycMtbA5lRkUoCV++38prXHGc5CAvPAJ 7WMWic1KMXOv5HTStHPtmJ7dB3ziyuXxQLOLFA8dHiA2GNnH5SFBSx8kzRiNPnAjLHCi WRK3blMSyaf9gBzs7NsVGZOoRO+oIyX21ghKN3pvx/JQs1Eemg7fdpyN8+EbRMkMpMe7 axj38aWEVCq3RDAei1wZzOkzD3NaDfvuNx3tFssNf1uAkugd9n5wTU0EOlBMKLcti4W3 +cueu6exVmFnue41TSfJ/ZAFdUkwbnc6SvsUmUelWvV5Y95D5O6FKTQpIo5e9n6zCKZH RQ== Received: from dc5-exch01.marvell.com ([199.233.59.181]) by mx0b-0016f401.pphosted.com (PPS) with ESMTPS id 3gbk8n5c9h-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Mon, 30 May 2022 05:24:16 -0700 Received: from DC5-EXCH02.marvell.com (10.69.176.39) by DC5-EXCH01.marvell.com (10.69.176.38) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Mon, 30 May 2022 05:24:14 -0700 Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH02.marvell.com (10.69.176.39) with Microsoft SMTP Server id 15.0.1497.18 via Frontend Transport; Mon, 30 May 2022 05:24:14 -0700 Received: from localhost.localdomain (unknown [10.28.34.38]) by maili.marvell.com (Postfix) with ESMTP id 2E8D33F70C1; Mon, 30 May 2022 05:24:11 -0700 (PDT) From: Gowrishankar Muthukrishnan To: CC: Fan Zhang , Brian Dooley , , Anoob Joseph , Archana Muniganti , Jerin Jacob , Gowrishankar Muthukrishnan Subject: [v8, 10/10] doc: add notes about acvp validation support Date: Mon, 30 May 2022 17:53:30 +0530 Message-ID: <62cb134716db742f95299ce6c0c9e678cc14a7ad.1653913201.git.gmuthukrishn@marvell.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: References: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Content-Type: text/plain X-Proofpoint-ORIG-GUID: g5GYsNvLKXdF8Z5DrAJfLSUhe0eZiKW6 X-Proofpoint-GUID: g5GYsNvLKXdF8Z5DrAJfLSUhe0eZiKW6 X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.874,Hydra:6.0.486,FMLib:17.11.64.514 definitions=2022-05-30_04,2022-05-30_01,2022-02-23_01 X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Add notes on algorithms supported for ACVP validation. Signed-off-by: Gowrishankar Muthukrishnan --- doc/guides/sample_app_ug/fips_validation.rst | 30 +++++++++++++++----- 1 file changed, 23 insertions(+), 7 deletions(-) diff --git a/doc/guides/sample_app_ug/fips_validation.rst b/doc/guides/sample_app_ug/fips_validation.rst index 39baea3346..4823531567 100644 --- a/doc/guides/sample_app_ug/fips_validation.rst +++ b/doc/guides/sample_app_ug/fips_validation.rst @@ -12,19 +12,22 @@ developed by the United States federal government for use in computer systems by non-military government agencies and government contractors. This application is used to parse and perform symmetric cryptography -computation to the NIST Cryptographic Algorithm Validation Program (CAVP) test -vectors. +computation to the NIST Cryptographic Algorithm Validation Program (CAVP) and +Automated Crypto Validation Protocol (ACVP) test vectors. For an algorithm implementation to be listed on a cryptographic module validation certificate as an Approved security function, the algorithm -implementation must meet all the requirements of FIPS 140-2 and must -successfully complete the cryptographic algorithm validation process. +implementation must meet all the requirements of FIPS 140-2 (in case of CAVP) +and FIPS 140-3 (in case of ACVP) and must successfully complete the +cryptographic algorithm validation process. Limitations ----------- -* Only NIST CAVP request files are parsed by this application. -* The version of request file supported is ``CAVS 21.0`` +CAVP +---- + +* The version of request file supported is ``CAVS 21.0``. * If the header comment in a ``.req`` file does not contain a Algo tag i.e ``AES,TDES,GCM`` you need to manually add it into the header comment for example:: @@ -32,7 +35,7 @@ Limitations # VARIABLE KEY - KAT for CBC / # TDES VARIABLE KEY - KAT for CBC * The application does not supply the test vectors. The user is expected to - obtain the test vector files from `NIST + obtain the test vector files from `NIST ACVP `_ website. To obtain the ``.req`` files you need to email a person from the NIST website and pay for the ``.req`` files. @@ -48,6 +51,19 @@ Limitations * TDES-CBC (1 Key, 2 Keys, 3 Keys) - MMT, Monte, Permop, Subkey, Varkey, VarText +ACVP +---- + +* The application does not supply the test vectors. The user is expected to + obtain the test vector files from `NIST ACVP `_ + website. +* Supported test vectors + * AES-CBC (128,192,256) - AFT, MCT + * AES-GCM (128,192,256) - AFT + * AES-CMAC (128,192,256) - AFT + * HMAC (SHA1, SHA224, SHA256, SHA384, SHA512) + + Application Information ----------------------- -- 2.25.1