action #52808
Updated by whdu almost 5 years ago
Now, all FIPS test cases are classified and distributed into four test suits:
* `fips_env_tests_crypt_core`
* `fips_env_tests_crypt_misc`
* `fips_env_tests_crypt_tool`
* `fips_env_tests_crypt_web`
My proposal is re-classified to following test suites:
* **fips_tests_crypt_core**
Core utilities like openssl and openSSH
```openssl_fips_alglist > openssl_fips_hash > openssl_fips_cipher > openssl_pubkey_rsa> openssl_pubkey_dsa >
openssl_alpn > openssh_fips > sshd > ssh_pubkey > ssh_cleanup```
* **fips_tests_crypt_tools** **fips_tests_crypt_tool**
Misc tools
```gpg > curl_fips_rc4_seed > aide_check > journald_fss > git > clamav > openvswitch_ssl```
* **fips_tests_crypt_web**
All web services related cases, eg. w3m_https, apache_ssl
```curl_https > wget_https > w3m_https > apache_ssl > apache_nssfips > libmicrohttpd```
* **fips_env_tests_crypt_kernel**
Applications only can be enabled by kernel fips mode (`fips=1`), eg, dm-crypt
All cases in other test suites should be able to run under _'sigle mode'_ by setting variable environments.
```dm_crypt > cryptsetup```
* **fips_env_tests_crypt_x11**
GUI application cases. We install WE extension here only
```hexchat_ssl > x3270_ssl > seahorse_sshkey > firefox_nss```
All cases in **fips_tests_crypt_core**, **fips_tests_crypt_tools**, **fips_tests_crypt_web** and **fips_env_tests_crypt_x11** can be run either in FIPS kernel mode or single (env) mode. For **fips_env_tests_crypt_kernel**, code will be added to check if it currently under kernel mode, if not then failed.
This ticket could be worked on with poo#52805 together. More information for this proposal will be added if necessary.