On Mon, 6 Jul 2020 at 22:54, Paul Wouters <[email protected]> wrote: > > On Mon, 6 Jul 2020, Andrew Cagney wrote: > > > > > This provides more info: > > > > diff --git a/programs/cavp/Makefile b/programs/cavp/Makefile > > index 90b724ee1c..ca4a8a7120 100644 > > --- a/programs/cavp/Makefile > > +++ b/programs/cavp/Makefile > > @@ -67,7 +67,7 @@ test.cavp.%.fax: | $(builddir) > > > > .PRECIOUS: %.out > > test.cavp.%.out: test.cavp.%.fax $(PROGRAM) > > - $(builddir)/cavp \ > > + $(builddir)/cavp -fips -v \ > > $(builddir)/test.cavp.$*.fax \ > > > $(builddir)/test.cavp.$*.tmp > > mv $(builddir)/test.cavp.$*.tmp $(builddir)/test.cavp.$*.out > > I guess the spec file should detect if we are in FIPS mode and add that > flag in we are building in FIPS mode? But then it should skip any > non-allowed test vectors. And I think really we should not have non-FIPS > test vectors in these files because they came from NIST? :) > > Maybe we should just remove those tests from the CAVP files?
yes. even trim the files back to almost nothing (each combination has 100 tests; just one is needed?) - and add to the repo so we can run them from within the testsuite > > Since NIST moved to CMVP, I guess these CAVP files won't see any more > updates. > > And another interesting question would be, shouldn't we make this > requirement forced in non-FIPS too? > > >> From memory, the key needs to be >= digest size when fips. 128 bits > > falls short of 384 and 512. > > Yeah, it should be half the keysize atleast. So for SHA-384 you need 192 > bits so nonces of 96 bits. > > Paul _______________________________________________ Swan-dev mailing list [email protected] https://lists.libreswan.org/mailman/listinfo/swan-dev
