Patch Detail

HTTP 200 OK
Allow: GET, PUT, PATCH, HEAD, OPTIONS
Content-Type: application/json
Vary: Accept

{
    "id": 47729,
    "url": "http://patches.dpdk.org/api/patches/47729/?format=api",
    "web_url": "http://patches.dpdk.org/project/dpdk/patch/20181102095535.7906-9-marko.kovacevic@intel.com/",
    "project": {
        "id": 1,
        "url": "http://patches.dpdk.org/api/projects/1/?format=api",
        "name": "DPDK",
        "link_name": "dpdk",
        "list_id": "dev.dpdk.org",
        "list_email": "dev@dpdk.org",
        "web_url": "http://core.dpdk.org",
        "scm_url": "git://dpdk.org/dpdk",
        "webscm_url": "http://git.dpdk.org/dpdk",
        "list_archive_url": "https://inbox.dpdk.org/dev",
        "list_archive_url_format": "https://inbox.dpdk.org/dev/{}",
        "commit_url_format": ""
    },
    "msgid": "<20181102095535.7906-9-marko.kovacevic@intel.com>",
    "list_archive_url": "https://inbox.dpdk.org/dev/20181102095535.7906-9-marko.kovacevic@intel.com",
    "date": "2018-11-02T09:55:35",
    "name": "[v7,8/8] doc: add fips validation application guide",
    "commit_ref": null,
    "pull_url": null,
    "state": "accepted",
    "archived": true,
    "hash": "dfdab57c7348e6f91cac5541258817222a67a6c1",
    "submitter": {
        "id": 853,
        "url": "http://patches.dpdk.org/api/people/853/?format=api",
        "name": "Kovacevic, Marko",
        "email": "marko.kovacevic@intel.com"
    },
    "delegate": {
        "id": 6690,
        "url": "http://patches.dpdk.org/api/users/6690/?format=api",
        "username": "akhil",
        "first_name": "akhil",
        "last_name": "goyal",
        "email": "gakhil@marvell.com"
    },
    "mbox": "http://patches.dpdk.org/project/dpdk/patch/20181102095535.7906-9-marko.kovacevic@intel.com/mbox/",
    "series": [
        {
            "id": 2223,
            "url": "http://patches.dpdk.org/api/series/2223/?format=api",
            "web_url": "http://patches.dpdk.org/project/dpdk/list/?series=2223",
            "date": "2018-11-02T09:55:27",
            "name": "FIPS validation capability",
            "version": 7,
            "mbox": "http://patches.dpdk.org/series/2223/mbox/"
        }
    ],
    "comments": "http://patches.dpdk.org/api/patches/47729/comments/",
    "check": "warning",
    "checks": "http://patches.dpdk.org/api/patches/47729/checks/",
    "tags": {},
    "related": [],
    "headers": {
        "Return-Path": "<dev-bounces@dpdk.org>",
        "X-Original-To": "patchwork@dpdk.org",
        "Delivered-To": "patchwork@dpdk.org",
        "Received": [
            "from [92.243.14.124] (localhost [127.0.0.1])\n\tby dpdk.org (Postfix) with ESMTP id 7460C1B411;\n\tFri,  2 Nov 2018 10:55:59 +0100 (CET)",
            "from mga12.intel.com (mga12.intel.com [192.55.52.136])\n\tby dpdk.org (Postfix) with ESMTP id 2E1431B3A4\n\tfor <dev@dpdk.org>; Fri,  2 Nov 2018 10:55:54 +0100 (CET)",
            "from fmsmga001.fm.intel.com ([10.253.24.23])\n\tby fmsmga106.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384;\n\t02 Nov 2018 02:55:53 -0700",
            "from silpixa00399502.ir.intel.com (HELO\n\tsilpixa00399502.ger.corp.intel.com) ([10.237.223.218])\n\tby fmsmga001.fm.intel.com with ESMTP; 02 Nov 2018 02:55:52 -0700"
        ],
        "X-Amp-Result": "SKIPPED(no attachment in message)",
        "X-Amp-File-Uploaded": "False",
        "X-ExtLoop1": "1",
        "X-IronPort-AV": "E=Sophos;i=\"5.54,455,1534834800\"; d=\"scan'208\";a=\"104701229\"",
        "From": "\"Kovacevic, Marko\" <marko.kovacevic@intel.com>",
        "To": "akhil.goyal@nxp.com",
        "Cc": "dev@dpdk.org, roy.fan.zhang@intel.com, arkadiuszx.kusztal@intel.com,\n\t\"Kovacevic, Marko\" <marko.kovacevic@intel.com>",
        "Date": "Fri,  2 Nov 2018 09:55:35 +0000",
        "Message-Id": "<20181102095535.7906-9-marko.kovacevic@intel.com>",
        "X-Mailer": "git-send-email 2.9.5",
        "In-Reply-To": "<20181102095535.7906-1-marko.kovacevic@intel.com>",
        "References": "<20181026110716.42093-1-marko.kovacevic@intel.com>\n\t<20181102095535.7906-1-marko.kovacevic@intel.com>",
        "Subject": "[dpdk-dev] [PATCH v7 8/8] doc: add fips validation application guide",
        "X-BeenThere": "dev@dpdk.org",
        "X-Mailman-Version": "2.1.15",
        "Precedence": "list",
        "List-Id": "DPDK patches and discussions <dev.dpdk.org>",
        "List-Unsubscribe": "<https://mails.dpdk.org/options/dev>,\n\t<mailto:dev-request@dpdk.org?subject=unsubscribe>",
        "List-Archive": "<http://mails.dpdk.org/archives/dev/>",
        "List-Post": "<mailto:dev@dpdk.org>",
        "List-Help": "<mailto:dev-request@dpdk.org?subject=help>",
        "List-Subscribe": "<https://mails.dpdk.org/listinfo/dev>,\n\t<mailto:dev-request@dpdk.org?subject=subscribe>",
        "Errors-To": "dev-bounces@dpdk.org",
        "Sender": "\"dev\" <dev-bounces@dpdk.org>"
    },
    "content": "Document explains how to run the fips sample app\nand instructions users need to parser all the request\nfiles and generate the response files.\n\nSigned-off-by: Marko Kovacevic <marko.kovacevic@intel.com>\nSigned-off-by: Fan Zhang <roy.fan.zhang@intel.com>\nAcked-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>\n---\n doc/guides/rel_notes/release_18_11.rst       |   5 +\n doc/guides/sample_app_ug/fips_validation.rst | 132 +++++++++++++++++++++++++++\n doc/guides/sample_app_ug/index.rst           |   1 +\n 3 files changed, 138 insertions(+)\n create mode 100644 doc/guides/sample_app_ug/fips_validation.rst",
    "diff": "diff --git a/doc/guides/rel_notes/release_18_11.rst b/doc/guides/rel_notes/release_18_11.rst\nindex 376128f..8fa0441 100644\n--- a/doc/guides/rel_notes/release_18_11.rst\n+++ b/doc/guides/rel_notes/release_18_11.rst\n@@ -285,6 +285,11 @@ New Features\n   this application doesn't need to launch dedicated worker threads for vhost\n   enqueue/dequeue operations.\n \n+* **Added Cryptodev Fips Validation Example Application.**\n+\n+  Added an example application to parse and perform symmetric cryptography\n+  computation to the NIST Cryptographic Algorithm Validation Program (CAVP)\n+  test vectors.\n \n API Changes\n -----------\ndiff --git a/doc/guides/sample_app_ug/fips_validation.rst b/doc/guides/sample_app_ug/fips_validation.rst\nnew file mode 100644\nindex 0000000..aeacfac\n--- /dev/null\n+++ b/doc/guides/sample_app_ug/fips_validation.rst\n@@ -0,0 +1,132 @@\n+..  SPDX-License-Identifier: BSD-3-Clause\n+    Copyright(c) 2018 Intel Corporation.\n+\n+Federal Information Processing Standards (FIPS) CryptoDev Validation\n+====================================================================\n+\n+Overview\n+--------\n+\n+Federal Information Processing Standards (FIPS) are publicly announced standards\n+developed by the United States federal government for use in computer systems by\n+non-military government agencies and government contractors.\n+\n+This application is used to parse and perform symmetric cryptography\n+computation to the NIST Cryptographic Algorithm Validation Program (CAVP) test\n+vectors.\n+\n+For an algorithm implementation to be listed on a cryptographic module\n+validation certificate as an Approved security function, the algorithm\n+implementation must meet all the requirements of FIPS 140-2 and must\n+successfully complete the cryptographic algorithm validation process.\n+\n+Limitations\n+-----------\n+\n+* Only NIST CAVP request files are parsed by this application.\n+* The version of request file supported is ``CAVS 21.0``\n+* If the header comment in a ``.req`` file does not contain a Algo tag\n+  i.e ``AES,TDES,GCM`` you need to manually add it into the header comment for\n+  example::\n+\n+      # VARIABLE KEY - KAT for CBC / # TDES VARIABLE KEY - KAT for CBC\n+\n+* The application does not supply the test vectors. The user is expected to\n+  obtain the test vector files from `NIST\n+  <https://csrc.nist.gov/projects/cryptographic-algorithm-validation-\n+  program/block-ciphers>`_ website. To obtain the ``.req`` files you need to\n+  email a person from the NIST website and pay for the ``.req`` files.\n+  The ``.rsp`` files from the site can be used to validate and compare with\n+  the ``.rsp`` files created by the FIPS application.\n+\n+* Supported test vectors\n+    * AES-CBC (128,192,256) - GFSbox, KeySbox, MCT, MMT\n+    * AES-GCM (128,192,256) - EncryptExtIV, Decrypt\n+    * AES-CCM (128) - VADT, VNT, VPT, VTT, DVPT\n+    * AES-CMAC (128) - Generate, Verify\n+    * HMAC (SHA1, SHA224, SHA256, SHA384, SHA512)\n+    * TDES-CBC (1 Key, 2 Keys, 3 Keys) - MMT, Monte, Permop, Subkey, Varkey,\n+      VarText\n+\n+Application Information\n+-----------------------\n+\n+If a ``.req`` is used as the input file after the application is finished\n+running it will generate a response file or ``.rsp``. Differences between the\n+two files are, the ``.req`` file has missing information for instance if doing\n+encryption you will not have the cipher text and that will be generated in the\n+response file. Also if doing decryption it will not have the plain text until it\n+finished the work and in the response file it will be added onto the end of each\n+operation.\n+\n+The application can be run with a ``.rsp`` file and what the outcome of that\n+will be is it will add a extra line in the generated ``.rsp`` which should be\n+the same as the ``.rsp`` used to run the application, this is useful for\n+validating if the application has done the operation correctly.\n+\n+\n+Compiling the Application\n+-------------------------\n+\n+* Compile Application\n+\n+    .. code-block:: console\n+\n+         make -C examples/fips_validation\n+\n+*  Run ``dos2unix`` on the request files\n+\n+    .. code-block:: console\n+\n+         dos2unix AES/req/*\n+         dos2unix AES_GCM/req/*\n+         dos2unix CCM/req/*\n+         dos2unix CMAC/req/*\n+         dos2unix HMAC/req/*\n+         dos2unix TDES/req/*\n+\n+Running the Application\n+-----------------------\n+\n+The application requires a number of command line options:\n+\n+    .. code-block:: console\n+\n+         ./fips_validation [EAL options]\n+         -- --req-file FILE_PATH/FOLDER_PATH\n+         --rsp-file FILE_PATH/FOLDER_PATH\n+         [--cryptodev DEVICE_NAME] [--cryptodev-id ID] [--path-is-folder]\n+\n+where,\n+  * req-file: The path of the request file or folder, separated by\n+    ``path-is-folder`` option.\n+\n+  * rsp-file: The path that the response file or folder is stored. separated by\n+    ``path-is-folder`` option.\n+\n+  * cryptodev: The name of the target DPDK Crypto device to be validated.\n+\n+  * cryptodev-id: The id of the target DPDK Crypto device to be validated.\n+\n+  * path-is-folder: If presented the application expects req-file and rsp-file\n+    are folder paths.\n+\n+\n+To run the application in linuxapp environment to test one AES FIPS test data\n+file for crypto_aesni_mb PMD, issue the command:\n+\n+.. code-block:: console\n+\n+    $ ./fips_validation --vdev crypto_aesni_mb --\n+    --req-file /PATH/TO/REQUEST/FILE.req --rsp-file ./PATH/TO/RESPONSE/FILE.rsp\n+    --cryptodev crypto_aesni_mb\n+\n+To run the application in linuxapp environment to test all AES-GCM FIPS test\n+data files in one folder for crypto_aesni_gcm PMD, issue the command:\n+\n+.. code-block:: console\n+\n+    $ ./fips_validation --vdev crypto_aesni_gcm0 --\n+    --req-file /PATH/TO/REQUEST/FILE/FOLDER/\n+    --rsp-file ./PATH/TO/RESPONSE/FILE/FOLDER/\n+    --cryptodev-id 0 --path-is-folder\ndiff --git a/doc/guides/sample_app_ug/index.rst b/doc/guides/sample_app_ug/index.rst\nindex 74b12af..65c12d9 100644\n--- a/doc/guides/sample_app_ug/index.rst\n+++ b/doc/guides/sample_app_ug/index.rst\n@@ -57,6 +57,7 @@ Sample Applications User Guides\n     performance_thread\n     ipsec_secgw\n     bbdev_app\n+    fips_validation\n \n **Figures**\n \n",
    "prefixes": [
        "v7",
        "8/8"
    ]
}