[openssl-dev] FIPS CAVP tests for WinCE.

[Steve Marquess]

On 06/18/2017 01:03 PM, Jayalakshmi bhat wrote:
> Hi All,
> 
> I am using OpenSSL-FIPS-2.0.4 library on ARM7 + WinCE 6.0 with "user
> affirm" the validation for Y per I.G. G.5.
> 
> We want to run latest CAVP test suites. We have built the  *build_algvs
> and other executable* for the above product/build environment. 
> However when we are trying to execute the executable with  req file and
> resp file parameters,  example  fips_drbgvs CTR_DRBG.req CTR_DRBG.resp
> we end up in receiving error "error opening the input file".
> 
> Later we found that WinCE environment cannot read simple character file
> name, it needs some windows specific conversion like WideCharToMultiByte.
> 
> We have the below questions, 
> 
> 1. Is there any way to build the test suites on  WinCE environment. User
> guide says it is incomplete?
> 2. As these are test files, is it OK to modify them?

WinCE (with WinEC) is one of the most painful environments to test on,
and what's worse is no two such devices seem to be very similar. We've
ended up hand-hacking the test suite software for each and every such
platform validation, and the hacks for one WinCR device aren't
necessarily useful for the next one.

The test suite software is outside the ideologically significant
"cryptographic module boundary", but you'll need to consult with your
particular accredited test lab on just what is and isn't acceptable.

Also please note that the algorithm test vectors change frequently, so
even on a well-behaved target device you generally can't use the test
suite software from earlier validations as-is. Usually the hacks to
accommodate the latest test vector format aren't difficult, but you
don't know what's actually needed until you get the new set of test
vectors (which of course cost money).

-Steve M.

-- 
Steve Marquess
OpenSSL Validation Services, Inc.
1829 Mount Ephraim Road
Adamstown, MD  21710
USA
+1 301 874 2571
marquess at openssl.com
gpg/pgp key: http://openssl.com/docs/0x6D1892F5.asc