From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 72712A0542; Mon, 30 May 2022 17:53:51 +0200 (CEST) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 2C6CF42B94; Mon, 30 May 2022 17:53:24 +0200 (CEST) Received: from mx0b-0016f401.pphosted.com (mx0b-0016f401.pphosted.com [67.231.156.173]) by mails.dpdk.org (Postfix) with ESMTP id A578342B92 for ; Mon, 30 May 2022 17:53:22 +0200 (CEST) Received: from pps.filterd (m0045851.ppops.net [127.0.0.1]) by mx0b-0016f401.pphosted.com (8.17.1.5/8.17.1.5) with ESMTP id 24UBWl1h007791; Mon, 30 May 2022 08:53:21 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding : content-type; s=pfpt0220; bh=Bw8yHxjVqriQ4luMnjmqMzPo9L7NBVgQy4h8os4dPHU=; b=AfHEmgm9+6Ax/tlD+FF2yjoq4UIK2E0CoU9vhF9vGlA1nU4LjMoh0wMVwk+Tk7uz+ECd L/MpFEa0GeYRe2VBVfzGJQttLDPzgDb35CWf634JXCzp7Ram9XGcTi+yoksw7pP5RZJy MU2DjJe1YjFwL/k8R0YaaR+bc2jlh71QAKF1ErY7+Q46k5ua8Ewtf2HFmAjGROBQed+V 7WpKuxcqPVinKnn6h0HjcRz2qvHAGNJpe77Ixu+8N6KmGZjAMKDiuOpwXZGNx9AbVVEO CB485btl52Y1p8UjxuUMPzhp5g+sIBFSSm7k7+XDseqk8SBJasHSV0RLywgsFGGXGcEP Jg== Received: from dc5-exch02.marvell.com ([199.233.59.182]) by mx0b-0016f401.pphosted.com (PPS) with ESMTPS id 3gbk8n61q9-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Mon, 30 May 2022 08:53:21 -0700 Received: from DC5-EXCH02.marvell.com (10.69.176.39) by DC5-EXCH02.marvell.com (10.69.176.39) with Microsoft SMTP Server (TLS) id 15.0.1497.18; Mon, 30 May 2022 08:53:19 -0700 Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH02.marvell.com (10.69.176.39) with Microsoft SMTP Server id 15.0.1497.18 via Frontend Transport; Mon, 30 May 2022 08:53:19 -0700 Received: from localhost.localdomain (unknown [10.28.34.38]) by maili.marvell.com (Postfix) with ESMTP id 69C5F3F7048; Mon, 30 May 2022 08:53:17 -0700 (PDT) From: Gowrishankar Muthukrishnan To: CC: Fan Zhang , Brian Dooley , , Anoob Joseph , Archana Muniganti , Jerin Jacob , Gowrishankar Muthukrishnan Subject: [v9, 10/10] doc: add notes about acvp validation support Date: Mon, 30 May 2022 21:22:44 +0530 Message-ID: X-Mailer: git-send-email 2.25.1 In-Reply-To: References: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Content-Type: text/plain X-Proofpoint-ORIG-GUID: 1McwUdr4jOjxO-G81qF-mRQgJybHJjL4 X-Proofpoint-GUID: 1McwUdr4jOjxO-G81qF-mRQgJybHJjL4 X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.874,Hydra:6.0.486,FMLib:17.11.64.514 definitions=2022-05-30_07,2022-05-30_01,2022-02-23_01 X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Add notes on algorithms supported for ACVP validation. Signed-off-by: Gowrishankar Muthukrishnan --- doc/guides/sample_app_ug/fips_validation.rst | 30 +++++++++++++++----- 1 file changed, 23 insertions(+), 7 deletions(-) diff --git a/doc/guides/sample_app_ug/fips_validation.rst b/doc/guides/sample_app_ug/fips_validation.rst index 39baea3346..43190bb696 100644 --- a/doc/guides/sample_app_ug/fips_validation.rst +++ b/doc/guides/sample_app_ug/fips_validation.rst @@ -12,19 +12,22 @@ developed by the United States federal government for use in computer systems by non-military government agencies and government contractors. This application is used to parse and perform symmetric cryptography -computation to the NIST Cryptographic Algorithm Validation Program (CAVP) test -vectors. +computation to the NIST Cryptographic Algorithm Validation Program (CAVP) and +Automated Crypto Validation Protocol (ACVP) test vectors. For an algorithm implementation to be listed on a cryptographic module validation certificate as an Approved security function, the algorithm -implementation must meet all the requirements of FIPS 140-2 and must -successfully complete the cryptographic algorithm validation process. +implementation must meet all the requirements of FIPS 140-2 (in case of CAVP) +and FIPS 140-3 (in case of ACVP) and must successfully complete the +cryptographic algorithm validation process. Limitations ----------- -* Only NIST CAVP request files are parsed by this application. -* The version of request file supported is ``CAVS 21.0`` +CAVP +---- + +* The version of request file supported is ``CAVS 21.0``. * If the header comment in a ``.req`` file does not contain a Algo tag i.e ``AES,TDES,GCM`` you need to manually add it into the header comment for example:: @@ -32,7 +35,7 @@ Limitations # VARIABLE KEY - KAT for CBC / # TDES VARIABLE KEY - KAT for CBC * The application does not supply the test vectors. The user is expected to - obtain the test vector files from `NIST + obtain the test vector files from `CAVP `_ website. To obtain the ``.req`` files you need to email a person from the NIST website and pay for the ``.req`` files. @@ -48,6 +51,19 @@ Limitations * TDES-CBC (1 Key, 2 Keys, 3 Keys) - MMT, Monte, Permop, Subkey, Varkey, VarText +ACVP +---- + +* The application does not supply the test vectors. The user is expected to + obtain the test vector files from `ACVP `_ + website. +* Supported test vectors + * AES-CBC (128,192,256) - AFT, MCT + * AES-GCM (128,192,256) - AFT + * AES-CMAC (128,192,256) - AFT + * HMAC (SHA1, SHA224, SHA256, SHA384, SHA512) + + Application Information ----------------------- -- 2.25.1