Project

General

Profile

action #102767

[security][FIPS] Rename and restruture the test cases corresponding to FIPS ceritified modules in FIPS Security job group

Added by bchou about 1 year ago. Updated 4 days ago.

Status:
New
Priority:
Normal
Assignee:
-
Category:
Enhancement to existing tests
Target version:
-
Start date:
2021-11-22
Due date:
% Done:

0%

Estimated time:
32.00 h
Difficulty:
Tags:

Description

Description:

FIPS-related test cases are getting more in SLESP4. The idea is trying to rename and restructure the test cases corresponding to FIPS-certified modules in the FIPS Security job group.

History

#1 Updated by llzhao 9 months ago

  • Subject changed from [sle][security][sle15sp4][FIPS] Rename and restruture the test cases corresponding to FIPS ceritified modules in FIPS Security job group to [sle][security][backlog][FIPS] Rename and restruture the test cases corresponding to FIPS ceritified modules in FIPS Security job group

#2 Updated by bchou 7 months ago

  • Status changed from New to Blocked

This is the enhancement test for FIPS test groups.

We need to consider if there is a good way to integrate and simplify the test cases if possible.

Set this as blocked. We can enhance it before SLE15 SP5.

#3 Updated by tjyrinki_suse 4 months ago

Could you possibly give a rough outline or examples of what kind of renames would happen, and what would be the benefit?

Or would it be combining tests like there are currently same tests for fips_env and fips_kernel?

Just so we who are new to FIPS related work would understand :)

#4 Updated by bchou 4 months ago

  • Status changed from Blocked to New
  • Assignee deleted (bchou)

My original thought is that we can reclassify the test cases into different groups.

From the list:
https://confluence.suse.com/pages/viewpage.action?pageId=937623759#FIPS1402/3QEtestCoverageandEnhancement-Regressiontestlists

Separate all test cases by Used FIPS Library:

Such as,
If they use OpenSSL Library and we group them as
fips_ker_openssl_lib.

If they use libgcrypt Library and we group them as
fips_ker_libgcrypt_lib.

If they use gnutls Library and we group them as
fips_ker_gnutls_lib.

If they use mozilla-nss Library and we group them as
fips_ker_mozilla-nss_lib.

If they use kernel Library and we group them as
fips_ker_kernel_lib.

...etc.

Some others that multimachine tests will not be included in these groups.

I think it would be huge work to collect them and reclassify them. So I think we can treat it as an enhancement.

#5 Updated by pstivanin 20 days ago

I'm not convinced by this solution. For example, where would we put a test that's using two or more of those libs?

#6 Updated by pstivanin 4 days ago

  • Subject changed from [sle][security][backlog][FIPS] Rename and restruture the test cases corresponding to FIPS ceritified modules in FIPS Security job group to [security][FIPS] Rename and restruture the test cases corresponding to FIPS ceritified modules in FIPS Security job group

Also available in: Atom PDF