Project

General

Profile

Actions
Copy link

action #102767

closed

[security][FIPS] Rename and restruture the test cases corresponding to FIPS ceritified modules in FIPS Security job group

Added by bchou about 3 years ago. Updated over 1 year ago.

Status:
Rejected
Priority:
Normal
Assignee:
-
Category:
Enhancement to existing tests
Target version:
-
Start date:
2021-11-22
Due date:
% Done:

0%

Estimated time:
32.00 h
Difficulty:
Tags:
fips

Description

Description:

FIPS-related test cases are getting more in SLESP4. The idea is trying to rename and restructure the test cases corresponding to FIPS-certified modules in the FIPS Security job group.

Actions
Copy link
 #1

Updated by llzhao over 2 years ago

  • Subject changed from [sle][security][sle15sp4][FIPS] Rename and restruture the test cases corresponding to FIPS ceritified modules in FIPS Security job group to [sle][security][backlog][FIPS] Rename and restruture the test cases corresponding to FIPS ceritified modules in FIPS Security job group
Actions
Copy link
 #2

Updated by bchou over 2 years ago

  • Status changed from New to Blocked

This is the enhancement test for FIPS test groups.

We need to consider if there is a good way to integrate and simplify the test cases if possible.

Set this as blocked. We can enhance it before SLE15 SP5.

Actions
Copy link
 #3

Updated by tjyrinki_suse over 2 years ago

Could you possibly give a rough outline or examples of what kind of renames would happen, and what would be the benefit?

Or would it be combining tests like there are currently same tests for fips_env and fips_kernel?

Just so we who are new to FIPS related work would understand :)

Actions
Copy link
 #4

Updated by bchou over 2 years ago

  • Status changed from Blocked to New
  • Assignee deleted (bchou)

My original thought is that we can reclassify the test cases into different groups.

From the list:
https://confluence.suse.com/pages/viewpage.action?pageId=937623759#FIPS1402/3QEtestCoverageandEnhancement-Regressiontestlists

Separate all test cases by Used FIPS Library:

Such as,
If they use OpenSSL Library and we group them as
fips_ker_openssl_lib.

If they use libgcrypt Library and we group them as
fips_ker_libgcrypt_lib.

If they use gnutls Library and we group them as
fips_ker_gnutls_lib.

If they use mozilla-nss Library and we group them as
fips_ker_mozilla-nss_lib.

If they use kernel Library and we group them as
fips_ker_kernel_lib.

...etc.

Some others that multimachine tests will not be included in these groups.

I think it would be huge work to collect them and reclassify them. So I think we can treat it as an enhancement.

Actions
Copy link
 #5

Updated by pstivanin about 2 years ago

I'm not convinced by this solution. For example, where would we put a test that's using two or more of those libs?

Actions
Copy link
 #6

Updated by pstivanin almost 2 years ago

  • Subject changed from [sle][security][backlog][FIPS] Rename and restruture the test cases corresponding to FIPS ceritified modules in FIPS Security job group to [security][FIPS] Rename and restruture the test cases corresponding to FIPS ceritified modules in FIPS Security job group
Actions
Copy link
 #7

Updated by pstivanin over 1 year ago

  • Status changed from New to Rejected
Actions
Copy link

Also available in: Atom PDF