Hi All,
I am trying to create NETLINK socket for type NETLINK_AUDIT. Bind fails with
error number 1. I have enabled capabilities CAP_NET_ADMIN, CAP_AUDIT_READ.
Can anyone please tell me what additional capabilities are needed?
Regards,
Jayalakshmi
Hi All,
I am trying to read kernel audit messages specially generated by XFRM in user
space. I wrote Netlink client stub to read the audit message as below. But the
call recvfrom gets blocked indefinite.
Can any one tell me what am I doing wrong?
Regards,
Jayalakshmi
#include
#include
#inclu
Hi All,
There are 2 difference scenarios our device receives PTB.
In the first scenario PTB is received as ESP packet. First ESP gets decrypted
and has payload of ICMP packet as PTB. PTB is 1280.
PMTU is set on the device via icmp6_err function in kernel.
This is followed by device receiving
Hi All,
We have the below scenario. Devices are IPsec tunnel mode configured. Ref
device sends fragmented ping requests. Our device responds with unfragmented
ping response. Router send packet too big with proposed MTU as 1280 and payload
as ESP packet number 3. As soon as our device receive
Hi Stephen,
It worked, thank you so much
Regards,
Jaya
-Original Message-
From: Stephan Mueller
Sent: Monday, August 24, 2020 9:00 PM
To: linux-crypto@vger.kernel.org; Bhat, Jayalakshmi Manjunath
Subject: Re: HMAC test fails for big key using libkcapi
Am Montag, 24. August 2020, 16
Hi All,
I am using libkcapi to execute HMAC tests. One of key size is 229248 bytes.
setsockopt(tfmfd, SOL_ALG, ALG_SET_KEY API fails to set the key.
I am not getting an option to set the buffer size to higher value.
Can you please provide me inputs on how to set the higher buffer size to sock
@vger.kernel.org; Bhat, Jayalakshmi Manjunath
Subject: Re: Information required on how to provide reseed input to DRBG
Am Donnerstag, 13. August 2020, 17:56:49 CEST schrieb Bhat, Jayalakshmi
Manjunath:
Hi Jayalakshmi,
> Hi Stephen,
>
> Thanks you very much on the response. I actu
to_drbg_get_bytes_addtl_test { crypto_rng_set_entropy, crypto_rng_generate)
crypto_drbg_reset_test {crypto_rng_set_entropy, crypto_rng_reset}
crypto_drbg_get_bytes_addtl { crypto_rng_generate)
I am not seeing any API to input reseed values or to trigger reseed?
Regards,
Jaya
-Original M
Hi All,
I could successfully execute the CAVS test for DRBG with
""predResistanceEnabled" : true" reseedImplemented": false.
I am trying to execute the tests with "predResistanceEnabled" : false;
"reseedImplemented" : true. But not successful.
Can anyone please let me know how to provide res
Hi All,
We have tunnel test scenario as below
IPsec tunnel gets created between
1. Our device 3000::::b25c:daff:fe67:f173
2. Gateway 3001::::0200:10ff:fe10:1161
There are 2 hosts behind the gateway
1. Host1 3002::::0200:10ff:fe10:1280
2
Hi All,
We are executing a ping test in TUNNEL mode. This is to test PMTU. The test
configurations are as below.
IP address of our device: 3000::268:ebff:fe85:539f
IP address of Host1 : 3002::200:10ff:fe10:1280
SGW (Gateway address): 3001::200:10ff:fe10:1161
1. SGW send
Hi All,
We are executing a simple ping test on our device in transport mode. Test
configuration and steps are as below
IP address of Host-1=> 3001::200:10ff:fe10:1180
IP address of our device=> 3000::268:ebff:fe85:539f
1.
2 pair of SA's are established.
HOST1_Link
Hi All,
I was going through libkcapi APIs to see if it can be used for DRBG CAVS
validation. But I am thinking it cannot be.
I also found cavs_driver.pl, this seems to depend on some kernel mode driver.
Is it like I need to testmgr.c kind of an interface and that should be accessed
by user mod
Hi Stephen,
Thank you very much
Regards,
Jaya
From: linux-crypto-ow...@vger.kernel.org
On Behalf Of Stephan Mueller
Sent: Tuesday, May 26, 2020 10:53 AM
To: Bhat, Jayalakshmi Manjunath
Cc: Ard Biesheuvel ; linux-crypto@vger.kernel.org
Subject: Re: Monte Carlo Test (MCT) for AES
Am Dienstag
Hi Stephen,
I to add the backend support using libkcapi APIs to exercise Kernel CAVP.
Can you please confirm if my understanding is correct?
Regards,
Jaya
From: linux-crypto-ow...@vger.kernel.org
On Behalf Of Stephan Müller
Sent: Sunday, May 24, 2020 12:14 AM
To: Bhat, Jayalakshmi Manjunath
Hi All,
We are using libkcapi for CAVS vectors verification on our Linux kernel. Our
Linux kernel version is 4.14. Monte Carlo Test (MCT) for SHA worked fine using
libkcapi. We are trying to perform Monte Carlo Test (MCT) for AES using
libkcapi.
We not able to get the result successfully. Is i
Hi Stephan,
Thank you very much. I will try the same.
Regards,
Jaya
-Original Message-
From: Stephan Mueller
Sent: Monday, September 02, 2019 2:35 PM
To: Bhat, Jayalakshmi Manjunath
Cc: linux-crypto@vger.kernel.org
Subject: Re: How to use nonce in DRBG functions.
Am Sonntag, 1
Hi All,
I am trying to implement DRBG CAVS test harness function for Linux Kernel
crypto DRBG with the following requirements.
1. Derivate function is enabled.
2. prediction resistance is not enabled
3. Entropy input length is 256
4. Nonce lengt
Hi All,
We are in the process of implementing
KAT - known answer test
MMT - Multi-block Message Test
MCT - Monte Carlo Test
KAS FFC - Key Agreement Scheme, Finite Field Cryptography
KAS ECC - Elliptic Curve Cryptography
Our approach to implement the testi
Manjunath
Cc: linux-crypto@vger.kernel.org
Subject: Re: CAVS test harness
Am Freitag, 12. Juli 2019, 19:55:07 CEST schrieb Bhat, Jayalakshmi Manjunath:
Hi Jayalakshmi,
> Hi Stephan,
>
> Thank you very much for the suggestions, I have another question, is it
> possible to implement MMT a
Cryptography
KAC ECC - Elliptic Curve Cryptography
Hope this helps.
Regards,
Jaya
-Original Message-
From: linux-crypto-ow...@vger.kernel.org
On Behalf Of Eric Biggers
Sent: Saturday, July 13, 2019 12:05 AM
To: Bhat, Jayalakshmi Manjunath
Cc: Stephan Mueller ; linux-crypto@vger.kernel.org
Bhat, Jayalakshmi Manjunath
Cc: linux-crypto@vger.kernel.org
Subject: Re: CAVS test harness
Am Donnerstag, 11. Juli 2019, 17:22:00 CEST schrieb Bhat, Jayalakshmi
Manjunath:
Hi Jayalakshmi,
> Hi Stephan,
>
> Thank you very much for the reply. Yes we would need to write the test
> for AEC
Manjunath
Cc: linux-crypto@vger.kernel.org
Subject: Re: CAVS test harness
Am Donnerstag, 11. Juli 2019, 13:52:29 CEST schrieb Stephan Mueller:
Hi,
> Am Dienstag, 9. Juli 2019, 08:43:51 CEST schrieb Bhat, Jayalakshmi
> Manjunath:
>
> Hi Jayalakshmi,
>
> > Hi All,
> &g
, Jayalakshmi Manjunath
Cc: linux-crypto@vger.kernel.org
Subject: Re: CAVS test harness
On Tue, Jul 9, 2019 at 9:44 AM Bhat, Jayalakshmi Manjunath
wrote:
>
> Hi All,
>
> We are working on a product that requires NIAP certification and use IPSec
> environment for certi
Hi All,
We are working on a product that requires NIAP certification and use IPSec
environment for certification. IPSec functionality is achieved by third party
IPsec library and native XFRM.
Third party IPsec library is used for ISAKMP and XFRM for IPsec.
CAVS test cases are required for NIA
25 matches
Mail list logo
