crypto: support ACVP testing #69642
Assignees
Labels
FeatureRequest
Issues asking for a new feature that does not need a proposal.
NeedsFix
The path to resolution is known, but the work has not been done.
Testing
An issue that has been verified to require only test changes, not just a test failure.
Milestone
Comments
Apologies, it wasn't clear which new issue flow to use for this issue and when I selected proposal it added this label. I think the label should be removed since it's internal work. Advice welcome on how to handle this better in the future. |
|
@cpu FYI you can "Open a blank issue." at the bottom of https://github.com/golang/go/issues/new/choose |
|
Change https://go.dev/cl/615816 mentions this issue: |
|
CC @golang/security |
mknyszek
added
NeedsInvestigation
mknyszek
changed the title
mknyszek
removed
the
Proposal-Crypto
mknyszek
changed the title
mknyszek
added
the
FeatureRequest
cpu
added a commit
to cpu/go
that referenced
this issue
Oct 1, 2024
Adds a new crypto/internal/fips test binary that operates as both a unit test fetching/driving the BoringSSL acvptool, and an acvptool module wraper when invoked by the unit test. Initial support for testing the SHA2 family of digests, and the HMAC family of MACs is included. The BSSL acvptool "lowers" the NIST ACVP server JSON test vectors into a simpler stdin/stdout protocol that can be implemented by a module wrapper. The tool will fork our acvpwrapper binary, request the supported configuration, and then provide test cases over stdin, expecting results to be returned on stdout. See "Testing other FIPS modules" from the BoringSSL ACVP.md documentation for a more detailed description of the protocol used between the acvptool and module wrappers. Updates: golang#69642 Updates: golang#69536 Change-Id: I6b568c67f2a71144fbf31db467c6fd25710457f5
|
Change https://go.dev/cl/619755 mentions this issue: |
cpu
added a commit
to cpu/go
that referenced
this issue
Oct 16, 2024
Adds a new crypto/internal/fips test binary that operates as both a unit test fetching/driving the BoringSSL acvptool, and an acvptool module wraper when invoked by the unit test. Initial support for testing the SHA2 and SHA3 family of digests, and the HMAC family of MACs is included. Test vectors and expected answers are maintained in a separate repo, `github.com/cpu/go-acvp` and fetched through the module proxy as part of the test process. The BSSL acvptool "lowers" the NIST ACVP server JSON test vectors into a simpler stdin/stdout protocol that can be implemented by a module wrapper. The tool will fork our acvpwrapper binary, request the supported configuration, and then provide test cases over stdin, expecting results to be returned on stdout. See "Testing other FIPS modules" from the BoringSSL ACVP.md documentation for a more detailed description of the protocol used between the acvptool and module wrappers. Updates golang#69642 Updates golang#69536 Change-Id: I6b568c67f2a71144fbf31db467c6fd25710457f5
cpu
added a commit
to cpu/go
that referenced
this issue
Oct 16, 2024
This commit extends the acvp_test.go module wrapper and its described capabilities to included test coverage for PBKDF vectors. Notably this requires using an updated boringssl version to pick up support for PBKDF vectors in acvptool. Updates: golang#69642 Change-Id: I17dcf2c19c38773fa9123d8e9b2172522e218a8b
|
Change https://go.dev/cl/620935 mentions this issue: |
cpu
added a commit
to cpu/go
that referenced
this issue
Oct 22, 2024
This commit adds ACVP test coverage for the non-deterministic ECDSA vectors (keyGen, keyVer, sigGen, sigVer). Since we haven't yet moved the ECDSA code into the fips package this is a **work in progress** and testing the pre-existing public ecdsa and elliptic packages from crypto. Updates golang#69642 Change-Id: Iec8b18a247b0a652d13f9167a78de2cb74f4dfd0
|
Change https://go.dev/cl/621135 mentions this issue: |
|
Change https://go.dev/cl/622395 mentions this issue: |
gopherbot
pushed a commit
that referenced
this issue
Oct 28, 2024
Adds a new crypto/internal/fips test binary that operates as both a unit test fetching/driving the BoringSSL acvptool, and an acvptool module wraper when invoked by the unit test. Initial support for testing the SHA2 and SHA3 family of digests, and the HMAC family of MACs is included. Test vectors and expected answers are maintained in a separate repo, `github.com/cpu/go-acvp` and fetched through the module proxy as part of the test process. The BSSL acvptool "lowers" the NIST ACVP server JSON test vectors into a simpler stdin/stdout protocol that can be implemented by a module wrapper. The tool will fork our acvpwrapper binary, request the supported configuration, and then provide test cases over stdin, expecting results to be returned on stdout. See "Testing other FIPS modules" from the BoringSSL ACVP.md documentation for a more detailed description of the protocol used between the acvptool and module wrappers. Updates #69642 Updates #69536 Change-Id: I6b568c67f2a71144fbf31db467c6fd25710457f5 Reviewed-on: https://go-review.googlesource.com/c/go/+/615816 Reviewed-by: Michael Pratt <[email protected]> LUCI-TryBot-Result: Go LUCI <[email protected]> Reviewed-by: Filippo Valsorda <[email protected]> Reviewed-by: Dmitri Shuralyov <[email protected]>
gopherbot
pushed a commit
that referenced
this issue
Nov 22, 2024
This commit extends the acvp_test.go module wrapper and its described capabilities to included test coverage for PBKDF vectors. Notably this requires using an updated boringssl version to pick up support for PBKDF vectors in acvptool. Updates #69642 Change-Id: I17dcf2c19c38773fa9123d8e9b2172522e218a8b Reviewed-on: https://go-review.googlesource.com/c/go/+/619755 Reviewed-by: Michael Pratt <[email protected]> Auto-Submit: Filippo Valsorda <[email protected]> LUCI-TryBot-Result: Go LUCI <[email protected]> Reviewed-by: Dmitri Shuralyov <[email protected]> Reviewed-by: Filippo Valsorda <[email protected]>
|
Change https://go.dev/cl/635762 mentions this issue: |
|
Change https://go.dev/cl/636115 mentions this issue: |
|
Change https://go.dev/cl/636116 mentions this issue: |
|
Change https://go.dev/cl/636117 mentions this issue: |
|
Change https://go.dev/cl/636355 mentions this issue: |
|
Change https://go.dev/cl/627655 mentions this issue: |
FiloSottile
pushed a commit
to FiloSottile/go
that referenced
this issue
Jan 27, 2025
Adds ACVP test coverage for the RSA algorithm based on the NIST spec: https://pages.nist.gov/ACVP/draft-celi-acvp-rsa.html Includes coverage for keyGen, sigGen and sigVer across a variety of modulus sizes. For sigGen and sigVer both PKCS1v1.5 and PSS are supported with a variety of SHA2 digests. The static test data from go-acvp only includes sigVer vectors/expected. The keyGen and sigGen test types aren't amenable to fixed data testing. Updates golang#69642 Change-Id: Ia61a69115f2d2a984b95435a37d4c9c6db90a89a
FiloSottile
pushed a commit
to FiloSottile/go
that referenced
this issue
Jan 27, 2025
Adds ACVP test coverage for the SP 800-108r1 KDF feedback mode algorithm based on the NIST spec: https://pages.nist.gov/ACVP/draft-celi-acvp-kbkdf.html The HKDF-based implementation in our FIPS module fixes some parameters, requiring tailoring of the advertised capability to match. Notably: * We only support fixedDataOrder "after fixed data" * We only support a counter length of 8 bits * We only support empty IVs No acvp_test.config.json update accompanies this support because the ACVP tests for this algorithm aren't amenable to fixed data testing. Updates golang#69642 Change-Id: I729e899377a64d2b613d6435241aebabeef93bca
FiloSottile
pushed a commit
to FiloSottile/go
that referenced
this issue
Jan 27, 2025
WIP WIP WIP Requires an upstream update to the acvptool KDA subprocess handler to support OneStepNoCounter mode. WIP WIP WIP Adds ACVP test coverage for the SP 800-56Crev2 IG D.P KDA OneStepNoCounter mode algorithm based on the NIST spec: https://pages.nist.gov/ACVP/draft-hammett-acvp-kas-kdf-onestepnocounter.html Coverage is added for all SHA2 and SHA3 HMACs. Updates golang#69642 Change-Id: I337bf824a71fce6c796a1440b7f08c4f5413d92e
FiloSottile
pushed a commit
to FiloSottile/go
that referenced
this issue
Jan 27, 2025
WIP WIP WIP Requires an upstream update to the acvptool KDF subprocess handler to support cSHAKE WIP WIP WIP Adds ACVP test coverage for the SP 800-185 cSHAKE-128 and cSHAKE-256 algorithms based on the NIST spec: https://pages.nist.gov/ACVP/draft-celi-acvp-xof.html Updates golang#69642 Change-Id: I4a6ef9a99dfe520f3177e0e7c258326475690f52
|
Change https://go.dev/cl/644643 mentions this issue: |
|
Change https://go.dev/cl/644641 mentions this issue: |
gopherbot
pushed a commit
that referenced
this issue
Feb 7, 2025
This commit adds ACVP test coverage for EDDSA (Ed25519, and HashEd25519/Ed25519ph) for the keyGen, keyVer, sigGen, and sigVer capabilities. Updates #69642 Change-Id: I5122d86180bd4d2f7d94570a6dc939808aa24fc4 Reviewed-on: https://go-review.googlesource.com/c/go/+/621135 Reviewed-by: Roland Shoemaker <[email protected]> LUCI-TryBot-Result: Go LUCI <[email protected]> Reviewed-by: Filippo Valsorda <[email protected]> Auto-Submit: Filippo Valsorda <[email protected]> Reviewed-by: Cherry Mui <[email protected]>
gopherbot
pushed a commit
that referenced
this issue
Feb 7, 2025
This commit adds ACVP test coverage for the non-deterministic ECDSA vectors (keyGen, keyVer, sigGen, sigVer) based on the NIST spec: https://pages.nist.gov/ACVP/draft-fussell-acvp-ecdsa.html Updates #69642 Change-Id: Iec8b18a247b0a652d13f9167a78de2cb74f4dfd0 Reviewed-on: https://go-review.googlesource.com/c/go/+/620935 Reviewed-by: Roland Shoemaker <[email protected]> Reviewed-by: Filippo Valsorda <[email protected]> Auto-Submit: Filippo Valsorda <[email protected]> TryBot-Bypass: Filippo Valsorda <[email protected]> Reviewed-by: Cherry Mui <[email protected]>
gopherbot
pushed a commit
that referenced
this issue
Feb 7, 2025
Adds ACVP AES test coverage for: * AES CBC * AES CTR * AES GCM (both internal & external iv gen) For AES key sizes of 128, 192, and 256 bits, based on the NIST spec: https://pages.nist.gov/ACVP/draft-celi-acvp-symmetric.html ECB mode is excluded based on upcoming policy changes forbidding its use. Internal IV gen is excluded from the go-acvp static test data since it's non-deterministic based on the DRBG. Updates #69642 Change-Id: I34f471725e2f1a2f5d32ab9877bde153abf2db0f Reviewed-on: https://go-review.googlesource.com/c/go/+/627655 Reviewed-by: Cherry Mui <[email protected]> LUCI-TryBot-Result: Go LUCI <[email protected]> Auto-Submit: Filippo Valsorda <[email protected]> Reviewed-by: Filippo Valsorda <[email protected]> Reviewed-by: Roland Shoemaker <[email protected]>
gopherbot
pushed a commit
that referenced
this issue
Feb 10, 2025
Adds ACVP test coverage for CMAC-AES based on the NIST spec: https://pages.nist.gov/ACVP/draft-fussell-acvp-mac.html Updates #69642 Change-Id: Ie731863b84c6f8d74c64daa6a6848354420151b2 Reviewed-on: https://go-review.googlesource.com/c/go/+/635762 Reviewed-by: Roland Shoemaker <[email protected]> Reviewed-by: Cherry Mui <[email protected]> LUCI-TryBot-Result: Go LUCI <[email protected]>
gopherbot
pushed a commit
that referenced
this issue
Feb 10, 2025
This commit adds ACVP test coverage for SHAKE-128 and SHAKE-256 based on the NIST spec: https://pages.nist.gov/ACVP/draft-celi-acvp-sha3.html Updates #69642 Change-Id: Ia6899def452fcb63a03603b7919fcb0c3576474b Reviewed-on: https://go-review.googlesource.com/c/go/+/622395 Reviewed-by: Dmitri Shuralyov <[email protected]> TryBot-Bypass: Dmitri Shuralyov <[email protected]> Auto-Submit: Dmitri Shuralyov <[email protected]> Reviewed-by: Cherry Mui <[email protected]> Reviewed-by: Dmitri Shuralyov <[email protected]>
gopherbot
pushed a commit
that referenced
this issue
Feb 10, 2025
Adds ACVP test coverage for the SP 800-56Crev2 HKDF KDA based on the NIST spec: https://pages.nist.gov/ACVP/draft-hammett-acvp-kas-kdf-hkdf.html Updates #69642 Change-Id: Ie4f48f9b0181eaf6c2201a9796d366a31c474eba Reviewed-on: https://go-review.googlesource.com/c/go/+/636115 LUCI-TryBot-Result: Go LUCI <[email protected]> Reviewed-by: Filippo Valsorda <[email protected]> Auto-Submit: Filippo Valsorda <[email protected]> Reviewed-by: Dmitri Shuralyov <[email protected]> Reviewed-by: Roland Shoemaker <[email protected]>
gopherbot
pushed a commit
that referenced
this issue
Feb 10, 2025
Adds ACVP test coverage for the SP 800-135rev1 RFC 7627 TLS v1.2 KDF based on the NIST spec: https://pages.nist.gov/ACVP/draft-celi-acvp-kdf-tls.html Only SHA2-256, SHA2-384 and SHA2-512 are valid hash algorithms for the TLSKDF algorithm. Updates #69642 Change-Id: I553d4f6a1d6652ed486af0e2c94730c8063fb47f Reviewed-on: https://go-review.googlesource.com/c/go/+/636116 LUCI-TryBot-Result: Go LUCI <[email protected]> Reviewed-by: Roland Shoemaker <[email protected]> Reviewed-by: Filippo Valsorda <[email protected]> Auto-Submit: Filippo Valsorda <[email protected]> Reviewed-by: David Chase <[email protected]>
gopherbot
pushed a commit
that referenced
this issue
Feb 10, 2025
Adds ACVP test coverage for the SP 800-56Crev2 IG 2.4.B TLS v1.3 KDF based on the NIST spec: https://pages.nist.gov/ACVP/draft-hammett-acvp-kdf-tls-v1.3.html Only SHA2-256 and SHA2-384 are valid hash algorithms for the TLS1.3 KDF algorithm. The BoringSSL acvptool "lowers" the more complicated TLS 1.3 KDF ACVP test cases into simple invocations of our module wrapper's pre-existing HKDF commands, and the new "HKDFExtract/$HASH" and "HKDFExpandLabel/$HASH" commands added in this branch. Updates #69642 Change-Id: I5fb1af5b5b33c1845b27cf8968e6523e89bcc589 Reviewed-on: https://go-review.googlesource.com/c/go/+/636117 Reviewed-by: Roland Shoemaker <[email protected]> Reviewed-by: Dmitri Shuralyov <[email protected]> LUCI-TryBot-Result: Go LUCI <[email protected]> Auto-Submit: Filippo Valsorda <[email protected]> Reviewed-by: Filippo Valsorda <[email protected]>
gopherbot
pushed a commit
that referenced
this issue
Feb 10, 2025
Adds ACVP test coverage for the SP 800-135rev1 SSH KDF based on the NIST spec: https://pages.nist.gov/ACVP/draft-celi-acvp-kdf-ssh.html Only SHA1, SHA2-224, SHA2-256, SHA2-384, and SHA2-512 are valid hash algorithms for the SSH KDF algorithm. We do not include SHA-1 since it is out of scope for our FIPS module. Similarly only TDES, AES-128, AES-192 and AES-256 are valid ciphers, and we do not include TDES. Updates #69642 Change-Id: I70e45b77a91bd8aa631da30fab54c97e974f433c Reviewed-on: https://go-review.googlesource.com/c/go/+/636355 LUCI-TryBot-Result: Go LUCI <[email protected]> Reviewed-by: Roland Shoemaker <[email protected]> Reviewed-by: Filippo Valsorda <[email protected]> Reviewed-by: Dmitri Shuralyov <[email protected]> Auto-Submit: Filippo Valsorda <[email protected]>
gopherbot
pushed a commit
that referenced
this issue
Feb 10, 2025
Adds ACVP test coverage for the Sp800-56Ar3 KAS-ECC-SSC algorithm based on the NIST spec: https://pages.nist.gov/ACVP/draft-hammett-acvp-kas-ssc-ecc.html There's no acvp_test.config.json update for this algorithm as one test type type requires random key generation and can't be separated from the test type that doesn't, making it a bad fit for static data testing. Updates #69642 Change-Id: I3b6538fad1c1e5c8b14b638ff3b933f11e98f75a Reviewed-on: https://go-review.googlesource.com/c/go/+/637916 Reviewed-by: Roland Shoemaker <[email protected]> LUCI-TryBot-Result: Go LUCI <[email protected]> Auto-Submit: Filippo Valsorda <[email protected]> Reviewed-by: Filippo Valsorda <[email protected]> Reviewed-by: Dmitri Shuralyov <[email protected]>
gopherbot
pushed a commit
that referenced
this issue
Feb 10, 2025
Adds ACVP test coverage for the SP 800-90A rev 1 ctrDRBG algorithm based on the NIST spec: https://pages.nist.gov/ACVP/draft-vassilev-acvp-drbg.html#section-7.2 The implementation in our FIPS module is a minimal implementation tailored to the specific needs of stdlib crypto. As a result we customize the ACVP capability registration so that: * predResistanceEnabled is false * only mode AES-256 is supported * for that mode, * derFuncEnabled is false * persoStringLen is 0 to disable personalization * additionalInputLen is 384 to match the [48]byte argument in our API Other capability values are chosen based on Table 4's ctrDRBG AES-256 w/o `derFuncEnabled` row: https://pages.nist.gov/ACVP/draft-vassilev-acvp-drbg.html#section-7.4 We do enable reseed in the capability, necessitating two acvptool commands: one that expects only 6 args and doesn't reseed ("ctrDRBG/AES-256"), and one that expects 8 args and does ("ctrDRBG-reseed/AES-256"). Updates #69642 Change-Id: I0f01a2f9496f45b130ee7d10916708093236f473 Reviewed-on: https://go-review.googlesource.com/c/go/+/639795 Reviewed-by: Roland Shoemaker <[email protected]> Reviewed-by: Dmitri Shuralyov <[email protected]> Reviewed-by: Filippo Valsorda <[email protected]> Auto-Submit: Filippo Valsorda <[email protected]> LUCI-TryBot-Result: Go LUCI <[email protected]>
gopherbot
pushed a commit
that referenced
this issue
Feb 10, 2025
Adds ACVP test coverage for the SP 800-108r1 KDF counter mode algorithm based on the NIST spec: https://pages.nist.gov/ACVP/draft-celi-acvp-kbkdf.html The implementation in our FIPS module fixes some parameters, requiring tailoring of the advertised capability to match. Notably: * We only support macModes CMAC-AES-128, -192, and -256 * We only support supportedLengths 256 (matching the [32]byte output from CounterKDF.DeriveKey) * We only support fixedDataOrder "before fixed data" * We only support counterLength 16 No acvp_test.config.json update accompanies this support because the ACVP tests for this algorithm aren't amenable to fixed data testing. Updates #69642 Change-Id: I9e02d6c8cb6e209ac8e4c9fba926fffbad916098 Reviewed-on: https://go-review.googlesource.com/c/go/+/639776 Reviewed-by: Filippo Valsorda <[email protected]> Reviewed-by: Dmitri Shuralyov <[email protected]> Reviewed-by: Roland Shoemaker <[email protected]> Auto-Submit: Filippo Valsorda <[email protected]> LUCI-TryBot-Result: Go LUCI <[email protected]>
gopherbot
pushed a commit
that referenced
this issue
Feb 10, 2025
Adds ACVP test coverage for the RSA algorithm based on the NIST spec: https://pages.nist.gov/ACVP/draft-celi-acvp-rsa.html Includes coverage for keyGen, sigGen and sigVer across a variety of modulus sizes. For sigGen and sigVer both PKCS1v1.5 and PSS are supported with a variety of SHA2 digests. The static test data from go-acvp only includes sigVer vectors/expected. The keyGen and sigGen test types aren't amenable to fixed data testing. Updates #69642 Change-Id: Ia61a69115f2d2a984b95435a37d4c9c6db90a89a Reviewed-on: https://go-review.googlesource.com/c/go/+/642135 Reviewed-by: Filippo Valsorda <[email protected]> Auto-Submit: Filippo Valsorda <[email protected]> Reviewed-by: Dmitri Shuralyov <[email protected]> LUCI-TryBot-Result: Go LUCI <[email protected]> Reviewed-by: Roland Shoemaker <[email protected]>
gopherbot
pushed a commit
that referenced
this issue
Feb 10, 2025
Adds ACVP test coverage for the SP 800-108r1 KDF feedback mode algorithm based on the NIST spec: https://pages.nist.gov/ACVP/draft-celi-acvp-kbkdf.html The HKDF-based implementation in our FIPS module fixes some parameters, requiring tailoring of the advertised capability to match. Notably: * We only support fixedDataOrder "after fixed data" * We only support a counter length of 8 bits * We only support empty IVs No acvp_test.config.json update accompanies this support because the ACVP tests for this algorithm aren't amenable to fixed data testing. Updates #69642 Change-Id: I729e899377a64d2b613d6435241aebabeef93bca Reviewed-on: https://go-review.googlesource.com/c/go/+/640016 Reviewed-by: Filippo Valsorda <[email protected]> Reviewed-by: Dmitri Shuralyov <[email protected]> Reviewed-by: Roland Shoemaker <[email protected]> LUCI-TryBot-Result: Go LUCI <[email protected]> Auto-Submit: Filippo Valsorda <[email protected]>
|
Change https://go.dev/cl/648455 mentions this issue: |
|
Change https://go.dev/cl/648435 mentions this issue: |
gopherbot
pushed a commit
that referenced
this issue
Feb 11, 2025
Adds ACVP test coverage for the SP 800-56Crev2 IG D.P KDA OneStepNoCounter mode algorithm based on the NIST spec: https://pages.nist.gov/ACVP/draft-hammett-acvp-kas-kdf-onestepnocounter.html Coverage is added for all SHA2 and SHA3 HMACs. Updates #69642 Change-Id: I337bf824a71fce6c796a1440b7f08c4f5413d92f Reviewed-on: https://go-review.googlesource.com/c/go/+/648435 Reviewed-by: Roland Shoemaker <[email protected]> Reviewed-by: Dmitri Shuralyov <[email protected]> LUCI-TryBot-Result: Go LUCI <[email protected]> Auto-Submit: Roland Shoemaker <[email protected]>
gopherbot
pushed a commit
that referenced
this issue
Feb 11, 2025
Adds ACVP test coverage for the SP 800-185 cSHAKE-128 and cSHAKE-256 algorithms based on the NIST spec: https://pages.nist.gov/ACVP/draft-celi-acvp-xof.html Updates #69642 Change-Id: I4a6ef9a99dfe520f3177e0e7c258326475690f5f Reviewed-on: https://go-review.googlesource.com/c/go/+/648455 LUCI-TryBot-Result: Go LUCI <[email protected]> Reviewed-by: Roland Shoemaker <[email protected]> Auto-Submit: Roland Shoemaker <[email protected]> Reviewed-by: Dmitri Shuralyov <[email protected]>
|
All required ACVP support has been merged in-tree 🎉 |
dmitshur
added
NeedsFix
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Proposal Details
Note: not a formal proposal since this is internal work without new exposed APIs or observable behaviour. It's primarily surfacing FIPS work for tracking purposes.
Background
Go's FIPS 140-3 validation (#69536) will require that we demonstrate that we are only using approved cryptographic algorithms. Doing so is a pre-requisite for cryptographic module verification (CMVP).
The NIST Cryptographic Algorithm Validation Program (CAVP) allows for certification of algorithm implementations via the Automated Cryptographic Validation Test Program (ACVT) using the Automated Cryptographic Validation Protocol (ACVP). The protocol specification is available online in an IETF RFC-like format.
BoringSSL acvptool
Thankfully, the BoringSSL project has already implemented and documented a pure-Go client that can both interact with the demo NIST server, and operate in an offline mode suitable for CI. It "lowers" the more complex NIST protocol into a simple request/response protocol used over stdin/stdout to speak to a forked module wrapper processes.
@aglbriefly discusses its origin in a blog post.Requirements
To meet the testing requirements Go should offer an
acvptoolcompatible module wrapper for the Go FIPS module.It should be implemented so that it's possible to build and test from different operating environments (OEs) and with/without processor algorithm accelerators (PAA) features.
It should be integrated into CI so that there is continual assurance that our algorithms will pass when performing live ACVP testing with the NIST test, or production servers.
Since the license in BoringSSL for new code (such as the acvp tooling) is compatible with the Go repository
license, I believe we have flexibility in terms of whether we vendor the tooling and test data or use both as-is from the BoringSSL repo. The existing Go code in that repo has no external dependencies that would pose a challenge for integration here.
The text was updated successfully, but these errors were encountered: