Message ID | 20181012144501.19562-1-marko.kovacevic@intel.com (mailing list archive) |
---|---|
Headers |
Return-Path: <dev-bounces@dpdk.org> X-Original-To: patchwork@dpdk.org Delivered-To: patchwork@dpdk.org Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id 532991B935; Fri, 12 Oct 2018 16:47:02 +0200 (CEST) Received: from mga01.intel.com (mga01.intel.com [192.55.52.88]) by dpdk.org (Postfix) with ESMTP id 934C01B75F for <dev@dpdk.org>; Fri, 12 Oct 2018 16:47:00 +0200 (CEST) X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga006.fm.intel.com ([10.253.24.20]) by fmsmga101.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 12 Oct 2018 07:46:59 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.54,372,1534834800"; d="scan'208";a="271863328" Received: from silpixa00399502.ir.intel.com (HELO silpixa00399502.ger.corp.intel.com) ([10.237.223.218]) by fmsmga006.fm.intel.com with ESMTP; 12 Oct 2018 07:46:58 -0700 From: Marko Kovacevic <marko.kovacevic@intel.com> To: dev@dpdk.org Cc: roy.fan.zhang@intel.com, akhil.goyal@nxp.com, arkadiuszx.kusztal@intel.com, Marko Kovacevic <marko.kovacevic@intel.com> Date: Fri, 12 Oct 2018 15:44:53 +0100 Message-Id: <20181012144501.19562-1-marko.kovacevic@intel.com> X-Mailer: git-send-email 2.9.5 Subject: [dpdk-dev] [PATCH v4 0/8] FIPS validation capability X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions <dev.dpdk.org> List-Unsubscribe: <https://mails.dpdk.org/options/dev>, <mailto:dev-request@dpdk.org?subject=unsubscribe> List-Archive: <http://mails.dpdk.org/archives/dev/> List-Post: <mailto:dev@dpdk.org> List-Help: <mailto:dev-request@dpdk.org?subject=help> List-Subscribe: <https://mails.dpdk.org/listinfo/dev>, <mailto:dev-request@dpdk.org?subject=subscribe> Errors-To: dev-bounces@dpdk.org Sender: "dev" <dev-bounces@dpdk.org> |
Series |
FIPS validation capability
|
|
Message
Kovacevic, Marko
Oct. 12, 2018, 2:44 p.m. UTC
This sample application is made for the purpose so that users of DPDK who wish to get FIPS certification for their platforms, this sample app enables users to parse test vectors that is gotten from NIST and be able to get a generated response file which they can then verify and be sure their system will pass FIPS certification. Marko Kovacevic (8): v4: - Added Limitation - Changed TDES BLOCK SIZE from 16 -> 8 as DES block size is 64bits (main.c) v3: - Fixed a no-testing bug - Fixed some code style issue v2: - Refactor the code. - Move the code from test to sample applcation examples: add fips validation into examples examples: add aes parser and enablement for test types examples: add hmac parser examples: add TDES parser and enablement for test types examples: add gcm parser examples: add cmac parser and enablement for test types examples: add ccm parser and enablement for test types doc: add guides for fips validation doc/guides/rel_notes/release_18_11.rst | 6 + doc/guides/sample_app_ug/fips_validation.rst | 105 ++ doc/guides/sample_app_ug/index.rst | 1 + examples/cryptodev_fips_validate/Makefile | 75 ++ .../cryptodev_fips_parse_3des.c | 259 +++++ .../cryptodev_fips_parse_aes.c | 188 +++ .../cryptodev_fips_parse_ccm.c | 272 +++++ .../cryptodev_fips_parse_cmac.c | 116 ++ .../cryptodev_fips_parse_gcm.c | 125 ++ .../cryptodev_fips_parse_hmac.c | 105 ++ .../cryptodev_fips_parse_validate.c | 593 ++++++++++ .../cryptodev_fips_validate.h | 234 ++++ examples/cryptodev_fips_validate/main.c | 1221 ++++++++++++++++++++ examples/cryptodev_fips_validate/meson.build | 20 + 14 files changed, 3320 insertions(+) create mode 100644 doc/guides/sample_app_ug/fips_validation.rst create mode 100644 examples/cryptodev_fips_validate/Makefile create mode 100644 examples/cryptodev_fips_validate/cryptodev_fips_parse_3des.c create mode 100644 examples/cryptodev_fips_validate/cryptodev_fips_parse_aes.c create mode 100644 examples/cryptodev_fips_validate/cryptodev_fips_parse_ccm.c create mode 100644 examples/cryptodev_fips_validate/cryptodev_fips_parse_cmac.c create mode 100644 examples/cryptodev_fips_validate/cryptodev_fips_parse_gcm.c create mode 100644 examples/cryptodev_fips_validate/cryptodev_fips_parse_hmac.c create mode 100644 examples/cryptodev_fips_validate/cryptodev_fips_parse_validate.c create mode 100644 examples/cryptodev_fips_validate/cryptodev_fips_validate.h create mode 100644 examples/cryptodev_fips_validate/main.c create mode 100644 examples/cryptodev_fips_validate/meson.build
Comments
> -----Original Message----- > From: Kovacevic, Marko > Sent: Friday, October 12, 2018 4:45 PM > To: dev@dpdk.org > Cc: Zhang, Roy Fan <roy.fan.zhang@intel.com>; akhil.goyal@nxp.com; > Kusztal, ArkadiuszX <arkadiuszx.kusztal@intel.com>; Kovacevic, Marko > <marko.kovacevic@intel.com> > Subject: [PATCH v4 0/8] FIPS validation capability > > This sample application is made for the purpose so that users of DPDK who > wish to get FIPS certification for their platforms, this sample app enables > users to parse test vectors that is gotten from NIST and be able to get a > generated response file which they can then verify and be sure their system > will pass FIPS certification. > > Marko Kovacevic (8): > v4: > - Added Limitation > - Changed TDES BLOCK SIZE from 16 -> 8 > as DES block size is 64bits (main.c) > v3: > - Fixed a no-testing bug > - Fixed some code style issue > > v2: > - Refactor the code. > - Move the code from test to sample applcation > > examples: add fips validation into examples > examples: add aes parser and enablement for test types > examples: add hmac parser > examples: add TDES parser and enablement for test types > examples: add gcm parser > examples: add cmac parser and enablement for test types > examples: add ccm parser and enablement for test types > doc: add guides for fips validation > > doc/guides/rel_notes/release_18_11.rst | 6 + > doc/guides/sample_app_ug/fips_validation.rst | 105 ++ > doc/guides/sample_app_ug/index.rst | 1 + > examples/cryptodev_fips_validate/Makefile | 75 ++ > .../cryptodev_fips_parse_3des.c | 259 +++++ > .../cryptodev_fips_parse_aes.c | 188 +++ > .../cryptodev_fips_parse_ccm.c | 272 +++++ > .../cryptodev_fips_parse_cmac.c | 116 ++ > .../cryptodev_fips_parse_gcm.c | 125 ++ > .../cryptodev_fips_parse_hmac.c | 105 ++ > .../cryptodev_fips_parse_validate.c | 593 ++++++++++ > .../cryptodev_fips_validate.h | 234 ++++ > examples/cryptodev_fips_validate/main.c | 1221 > ++++++++++++++++++++ > examples/cryptodev_fips_validate/meson.build | 20 + > 14 files changed, 3320 insertions(+) > create mode 100644 doc/guides/sample_app_ug/fips_validation.rst > create mode 100644 examples/cryptodev_fips_validate/Makefile > create mode 100644 > examples/cryptodev_fips_validate/cryptodev_fips_parse_3des.c > create mode 100644 > examples/cryptodev_fips_validate/cryptodev_fips_parse_aes.c > create mode 100644 > examples/cryptodev_fips_validate/cryptodev_fips_parse_ccm.c > create mode 100644 > examples/cryptodev_fips_validate/cryptodev_fips_parse_cmac.c > create mode 100644 > examples/cryptodev_fips_validate/cryptodev_fips_parse_gcm.c > create mode 100644 > examples/cryptodev_fips_validate/cryptodev_fips_parse_hmac.c > create mode 100644 > examples/cryptodev_fips_validate/cryptodev_fips_parse_validate.c > create mode 100644 > examples/cryptodev_fips_validate/cryptodev_fips_validate.h > create mode 100644 examples/cryptodev_fips_validate/main.c > create mode 100644 examples/cryptodev_fips_validate/meson.build > > -- > 2.9.5 Series-acked-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
Hi Marko/Fan, On 10/12/2018 8:14 PM, Marko Kovacevic wrote: > This sample application is made for the purpose so that users of DPDK > who wish to get FIPS certification for their platforms, this sample app enables > users to parse test vectors that is gotten from NIST and be able to get > a generated response file which they can then verify and be sure their > system will pass FIPS certification. > > Marko Kovacevic (8): > v4: > - Added Limitation > - Changed TDES BLOCK SIZE from 16 -> 8 > as DES block size is 64bits (main.c) > v3: > - Fixed a no-testing bug > - Fixed some code style issue > > v2: > - Refactor the code. > - Move the code from test to sample applcation > > examples: add fips validation into examples > examples: add aes parser and enablement for test types > examples: add hmac parser > examples: add TDES parser and enablement for test types > examples: add gcm parser > examples: add cmac parser and enablement for test types > examples: add ccm parser and enablement for test types > doc: add guides for fips validation > > doc/guides/rel_notes/release_18_11.rst | 6 + > doc/guides/sample_app_ug/fips_validation.rst | 105 ++ > doc/guides/sample_app_ug/index.rst | 1 + > examples/cryptodev_fips_validate/Makefile | 75 ++ > .../cryptodev_fips_parse_3des.c | 259 +++++ > .../cryptodev_fips_parse_aes.c | 188 +++ > .../cryptodev_fips_parse_ccm.c | 272 +++++ > .../cryptodev_fips_parse_cmac.c | 116 ++ > .../cryptodev_fips_parse_gcm.c | 125 ++ > .../cryptodev_fips_parse_hmac.c | 105 ++ > .../cryptodev_fips_parse_validate.c | 593 ++++++++++ > .../cryptodev_fips_validate.h | 234 ++++ > examples/cryptodev_fips_validate/main.c | 1221 ++++++++++++++++++++ > examples/cryptodev_fips_validate/meson.build | 20 + > 14 files changed, 3320 insertions(+) > create mode 100644 doc/guides/sample_app_ug/fips_validation.rst > create mode 100644 examples/cryptodev_fips_validate/Makefile > create mode 100644 examples/cryptodev_fips_validate/cryptodev_fips_parse_3des.c > create mode 100644 examples/cryptodev_fips_validate/cryptodev_fips_parse_aes.c > create mode 100644 examples/cryptodev_fips_validate/cryptodev_fips_parse_ccm.c > create mode 100644 examples/cryptodev_fips_validate/cryptodev_fips_parse_cmac.c > create mode 100644 examples/cryptodev_fips_validate/cryptodev_fips_parse_gcm.c > create mode 100644 examples/cryptodev_fips_validate/cryptodev_fips_parse_hmac.c > create mode 100644 examples/cryptodev_fips_validate/cryptodev_fips_parse_validate.c > create mode 100644 examples/cryptodev_fips_validate/cryptodev_fips_validate.h > create mode 100644 examples/cryptodev_fips_validate/main.c > create mode 100644 examples/cryptodev_fips_validate/meson.build > Some generic comments - patch titles should be examples/cryptodev_fips_validate:XXX - app name could be fips_validation. better to have same name file in doc. - MAINTAINERS file is not updated. - better to mention about Publication 140-2 of FIPS (which represent the crypto cases) in documentation - Please mention in the documentation and the application as well that the .req file is optional and the application can be run without that. and the procedure to get the .req file as the documentation depicts that the .req file is present in the link provided. - Why is the build dependent on bus_pci? Does it have limitation for not being used by any other buses? I think this should be bus independent. Thanks, Akhil