Hi all, I'm trying to use net-snmp as part of a FIPS 140-3 submission. One of the requirements for this is to have a known-answer test (KAT) for the key derivation function (KDF) that is implemented in snmplib (i.e., generate_Ku() / generate_Kul()). It's a simple test, just call these functions with some hard-coded data and check that they output the expected result. This KAT should run as part of the init phase, and in case of a failure, the snmp agent?? (forgive me if I got the wrong term - I'm thinking about the snmpd daemon) should fail to start (i.e., exit with an error code).
I couldn't find any such test already implemented, so I'd like to make my own patch that adds this functionality. Question is, where is the best place to add the code for this test? I was thinking somewhere along the lines of agent/snmpd.c::main() or agent/snmp_agent.c::init_master_agent(), something like that. Could you share some thoughts on this? Is there a better place where I could do this test (and easily exit the process in case of failure)? Thanks, Cristian Sandu This email message and any attachments are intended solely for the use of the addressees hereof. This message and any attachments may contain information that is confidential, privileged and exempt from disclosure under applicable law. If you are not the intended recipient of this message, you are prohibited from reading, disclosing, reproducing, distributing, disseminating or otherwise using this transmission. If you have received this message in error, please promptly notify the sender at Ceragon by reply E-mail and immediately delete this message from your system.
_______________________________________________ Net-snmp-users mailing list Net-snmp-users@lists.sourceforge.net Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
