| SunVTS 6.2 Test Reference Manual for SPARC Platforms
|
   
|
Cryptographics Test (cryptotest)
|
cryptotest Description
The Encryption Framework in Solaris 10 provides a user level API for access to cryptographic accelerators. This API is based on the PKCS#11 standard. Cryptographic accelerators are referred to as PKCS#11 tokens, and each cryptographic algorithm that the token accelerates is referred to as a mechanism.
cryptotest tests the mechanism supported by PKCS#11 tokens in the Solaris OS.
cryptotest supports the Sun Crypto Accelerator 500, 1000, 4000, 6000, and the UltraSPARC T1 (high-end processor with chip multithreading [CMT]) Crypto Provider. PKCS documentation is available at: http://www.rsasecurity.com/rsalabs/PKCS
TABLE 9-1 Definitions of the Mechanisms Tested by cryptotest
|
Algorithm
|
Description
|
|
AES
|
CTR and CBC modes
|
|
Diffie-Hellman
|
Crypto mechanism
|
|
DSA
|
Digital signature algorithm
|
|
DES
|
Data encryption standard as defined in FIPS PUB 46-3
|
|
MD5 RSA
|
Data Security MD5 message-digest algorithm
|
|
RSA
|
Public key cryptosystem
|
|
SHA1
|
Secure hash algorithm
|
|
RNG
|
Random number generator algorithm
|
cryptotest Subtests
TABLE 9-2 cryptotest Subtests
|
Subtest
|
Description
|
|
AES
|
Tests CTR and CBC modes
|
|
Diffie-Hellman
|
Tests the crypto mechanism
|
|
DES
|
Tests DES bulk encryption
|
|
3DES
|
Tests 3DES bulk encryption
|
|
RSA
|
Tests RSA public and private keys
|
|
DSA
|
Tests DSA signature verification
|
|
RNG
|
Tests random number generation
|
cryptotest Options
To reach the following dialog boxes, right-click on the test name in the System Map and select Test Parameter Options. Because graphics tests can test multiple types of frame buffers, the test name that is displayed will correspond to the particular framebuffer being tested. If you do not see this test in the System Map, you might need to expand the collapsed groups, or your system might not include the device appropriate to this test. Refer to the SunVTS User's Guide.
mcatest Options
FIGURE 9-1 mcatest Test Parameter Options Dialog Box
TABLE 9-3 mcatest Options
|
Option
|
Description
|
|
AES
|
Tests CTR and CBC modes
|
|
Diffie-Hellman
|
Tests the crypto mechanism
|
|
DES
|
Tests DES bulk encryption
|
|
3DES
|
Tests 3DES bulk encryption
|
|
MD5
|
Data security MD5 message-digest algorithm.
|
|
SHA1
|
Secure hash algorithm.
|
|
RSA
|
Tests RSA public and private keys
|
vcatest Options
FIGURE 9-2 vcatest Test Parameter Options Dialog Box
TABLE 9-4 vcatest Options
|
Option
|
Description
|
|
DES
|
Tests DES bulk encryption
|
|
3DES
|
Tests 3DES bulk encryption
|
|
MD5
|
Data security MD5 message-digest algorithm.
|
|
SHA1
|
Secure hash algorithm.
|
|
RSA
|
Tests RSA public and private keys
|
|
DSA
|
Tests DSA signature verification
|
|
RNG
|
Tests random number generation
|
dcatest Options
FIGURE 9-3 dcatest Test Parameter Options Dialog Box
TABLE 9-5 dcatest Options
|
Option
|
Description
|
|
DES
|
Tests DES bulk encryption
|
|
3DES
|
Tests 3DES bulk encryption
|
|
RSA
|
Tests RSA public and private keys
|
|
DSA
|
Tests DSA signature verification
|
|
RNG
|
Tests random number generation
|
cryptotest Test Modes
TABLE 9-6 cryptotest Supported Test Modes
|
Test Mode
|
Description
|
|
Functional
|
Runs the full set of tests.
|
cryptotest Command-Line Syntax for mcatest
/opt/SUNWvts/bin/sparcv9/cryptotest -f -o dev=mca2, tl=testlist
TABLE 9-7 cryptotest Command Line Syntax for vcatest
|
Option
|
Description
|
|
dev=mcaN
|
Specifies the instance of the device to test such as mca0 or mca2. Defaults to mca0 if not included. N specifies the placement of the instance number of the device being tested.
|
|
tl=testlist
|
Specifies the list of subtests to be performed. The subtests for tl are separated by the + (plus) character. The supported subtests are AES, Diffie-Hellman (DH), DES, 3DES, DSA, RSA, and RNG, so
tl=AES+DH+DES+3DES+DSA+RSA+MD5+SHA1+RNG enables all subtests. You can also insert tl=all, which performs all tests. Defaults to all if no subtests are specified.
|
cryptotest Command-Line Syntax for vcatest
/opt/SUNWvts/bin/sparcv9/cryptotest -f -o dev=vca2, tl=testlist
TABLE 9-8 cryptotest Command Line Syntax for vcatest
|
Option
|
Description
|
|
dev=vcaN
|
Specifies the instance of the device to test such as vca0 or vca2. Defaults to vca0 if not included. N specifies the placement of the instance number of the device being tested.
|
|
tl=testlist
|
Specifies the list of subtests to be performed. The subtests for tl are separated by the + (plus) character. The supported subtests are DES, 3DES, DSA, RSA, and RNG, so
tl=DES+3DES+DSA+RSA+MD5+SHA1+RNG enables all subtests. You can also insert tl=all, which performs all tests. Defaults to all if no subtests are specified.
|
cryptotest Command-Line Syntax for dcatest
/opt/SUNWvts/bin/sparcv9/cryptotest -f -o dev=vca2|dca2, tl=testlist
TABLE 9-9 cryptotest Command Line Syntax for dcatest
|
Option
|
Description
|
|
dev=dcaN
|
Specifies the instance of the device to test such as dca0 or dca2. Defaults to dca0 if not included. N specifies the placement of the instance number of the device being tested.
|
|
tl=testlist
|
Specifies the list of subtests to be performed. The subtests for tl are separated by the + (plus) character. The supported subtests are DES, 3DES, DSA, RSA, and RNG, so
tl=DES+3DES+DSA+RSA+MD5+SHA1+RNG enables all subtests. You can also insert tl=all, which performs all tests. Defaults to all if no subtests are specified.
|
| SunVTS 6.2 Test Reference Manual for SPARC Platforms
|
819-6455-10
|
|
Copyright © 2006, Sun Microsystems, Inc. All Rights Reserved.