From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from dpdk.org (dpdk.org [92.243.14.124]) by inbox.dpdk.org (Postfix) with ESMTP id 0CA95A2EEB for ; Mon, 7 Oct 2019 18:30:05 +0200 (CEST) Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id 72D6C1D178; Mon, 7 Oct 2019 18:29:14 +0200 (CEST) Received: from mga05.intel.com (mga05.intel.com [192.55.52.43]) by dpdk.org (Postfix) with ESMTP id 0C9001D14E for ; Mon, 7 Oct 2019 18:29:06 +0200 (CEST) X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga005.fm.intel.com ([10.253.24.32]) by fmsmga105.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 07 Oct 2019 09:29:06 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.67,268,1566889200"; d="scan'208";a="393082039" Received: from silpixa00398673.ir.intel.com (HELO silpixa00398673.ger.corp.intel.com) ([10.237.223.136]) by fmsmga005.fm.intel.com with ESMTP; 07 Oct 2019 09:29:05 -0700 From: Fan Zhang To: dev@dpdk.org Cc: konstantin.ananyev@intel.com, declan.doherty@intel.com, akhil.goyal@nxp.com, Fan Zhang Date: Mon, 7 Oct 2019 17:28:46 +0100 Message-Id: <20191007162850.60552-7-roy.fan.zhang@intel.com> X-Mailer: git-send-email 2.14.5 In-Reply-To: <20191007162850.60552-1-roy.fan.zhang@intel.com> References: <20190906131330.40185-1-roy.fan.zhang@intel.com> <20191007162850.60552-1-roy.fan.zhang@intel.com> Subject: [dpdk-dev] [PATCH v2 06/10] app/test: add aesni_mb security cpu crypto autotest X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" This patch adds cpu crypto unit test for AESNI_MB PMD. Signed-off-by: Fan Zhang --- app/test/test_security_cpu_crypto.c | 371 +++++++++++++++++++++++++++++++++++- 1 file changed, 369 insertions(+), 2 deletions(-) diff --git a/app/test/test_security_cpu_crypto.c b/app/test/test_security_cpu_crypto.c index ca9a8dae6..a9853a0c0 100644 --- a/app/test/test_security_cpu_crypto.c +++ b/app/test/test_security_cpu_crypto.c @@ -19,12 +19,23 @@ #include "test.h" #include "test_cryptodev.h" +#include "test_cryptodev_blockcipher.h" +#include "test_cryptodev_aes_test_vectors.h" #include "test_cryptodev_aead_test_vectors.h" +#include "test_cryptodev_des_test_vectors.h" +#include "test_cryptodev_hash_test_vectors.h" #define CPU_CRYPTO_TEST_MAX_AAD_LENGTH 16 #define MAX_NB_SIGMENTS 4 #define CACHE_WARM_ITER 2048 +#define TOP_ENC BLOCKCIPHER_TEST_OP_ENCRYPT +#define TOP_DEC BLOCKCIPHER_TEST_OP_DECRYPT +#define TOP_AUTH_GEN BLOCKCIPHER_TEST_OP_AUTH_GEN +#define TOP_AUTH_VER BLOCKCIPHER_TEST_OP_AUTH_VERIFY +#define TOP_ENC_AUTH BLOCKCIPHER_TEST_OP_ENC_AUTH_GEN +#define TOP_AUTH_DEC BLOCKCIPHER_TEST_OP_AUTH_VERIFY_DEC + enum buffer_assemble_option { SGL_MAX_SEG, SGL_ONE_SEG, @@ -35,8 +46,8 @@ struct cpu_crypto_test_case { uint8_t seg[MBUF_DATAPAYLOAD_SIZE]; uint32_t seg_len; } seg_buf[MAX_NB_SIGMENTS]; - uint8_t iv[MAXIMUM_IV_LENGTH]; - uint8_t aad[CPU_CRYPTO_TEST_MAX_AAD_LENGTH]; + uint8_t iv[MAXIMUM_IV_LENGTH * 2]; + uint8_t aad[CPU_CRYPTO_TEST_MAX_AAD_LENGTH * 4]; uint8_t digest[DIGEST_BYTE_LENGTH_SHA512]; } __rte_cache_aligned; @@ -516,6 +527,11 @@ cpu_crypto_test_aead(const struct aead_test_data *tdata, TEST_EXPAND(gcm_test_case_256_6, type) \ TEST_EXPAND(gcm_test_case_256_7, type) +/* test-vector/sgl-option */ +#define all_ccm_unit_test_cases \ + TEST_EXPAND(ccm_test_case_128_1, SGL_ONE_SEG) \ + TEST_EXPAND(ccm_test_case_128_2, SGL_ONE_SEG) \ + TEST_EXPAND(ccm_test_case_128_3, SGL_ONE_SEG) #define TEST_EXPAND(t, o) \ static int \ @@ -531,6 +547,7 @@ cpu_crypto_aead_dec_test_##t##_##o(void) \ all_gcm_unit_test_cases(SGL_ONE_SEG) all_gcm_unit_test_cases(SGL_MAX_SEG) +all_ccm_unit_test_cases #undef TEST_EXPAND static struct unit_test_suite security_cpu_crypto_aesgcm_testsuite = { @@ -758,8 +775,358 @@ test_security_cpu_crypto_aesni_gcm_perf(void) &security_cpu_crypto_aesgcm_perf_testsuite); } +static struct rte_security_session * +create_blockcipher_session(struct rte_security_ctx *ctx, + struct rte_mempool *sess_mp, + uint32_t op_mask, + const struct blockcipher_test_data *test_data, + uint32_t is_unit_test) +{ + struct rte_security_session_conf sess_conf = {0}; + struct rte_crypto_sym_xform xforms[2] = { {0} }; + struct rte_crypto_sym_xform *cipher_xform = NULL; + struct rte_crypto_sym_xform *auth_xform = NULL; + struct rte_crypto_sym_xform *xform; + + if (op_mask & BLOCKCIPHER_TEST_OP_CIPHER) { + cipher_xform = &xforms[0]; + cipher_xform->type = RTE_CRYPTO_SYM_XFORM_CIPHER; + + if (op_mask & TOP_ENC) + cipher_xform->cipher.op = + RTE_CRYPTO_CIPHER_OP_ENCRYPT; + else + cipher_xform->cipher.op = + RTE_CRYPTO_CIPHER_OP_DECRYPT; + + cipher_xform->cipher.algo = test_data->crypto_algo; + cipher_xform->cipher.key.data = test_data->cipher_key.data; + cipher_xform->cipher.key.length = test_data->cipher_key.len; + cipher_xform->cipher.iv.offset = 0; + cipher_xform->cipher.iv.length = test_data->iv.len; + + if (is_unit_test) + debug_hexdump(stdout, "cipher key:", + test_data->cipher_key.data, + test_data->cipher_key.len); + } + + if (op_mask & BLOCKCIPHER_TEST_OP_AUTH) { + auth_xform = &xforms[1]; + auth_xform->type = RTE_CRYPTO_SYM_XFORM_AUTH; + + if (op_mask & TOP_AUTH_GEN) + auth_xform->auth.op = RTE_CRYPTO_AUTH_OP_GENERATE; + else + auth_xform->auth.op = RTE_CRYPTO_AUTH_OP_VERIFY; + + auth_xform->auth.algo = test_data->auth_algo; + auth_xform->auth.key.length = test_data->auth_key.len; + auth_xform->auth.key.data = test_data->auth_key.data; + auth_xform->auth.digest_length = test_data->digest.len; + + if (is_unit_test) + debug_hexdump(stdout, "auth key:", + test_data->auth_key.data, + test_data->auth_key.len); + } + + if (op_mask == TOP_ENC || + op_mask == TOP_DEC) + xform = cipher_xform; + else if (op_mask == TOP_AUTH_GEN || + op_mask == TOP_AUTH_VER) + xform = auth_xform; + else if (op_mask == TOP_ENC_AUTH) { + xform = cipher_xform; + xform->next = auth_xform; + } else if (op_mask == TOP_AUTH_DEC) { + xform = auth_xform; + xform->next = cipher_xform; + } else + return NULL; + + if (test_data->cipher_offset < test_data->auth_offset) + return NULL; + + sess_conf.action_type = RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO; + sess_conf.crypto_xform = xform; + sess_conf.cpucrypto.cipher_offset = test_data->cipher_offset - + test_data->auth_offset; + + return rte_security_session_create(ctx, &sess_conf, sess_mp); +} + +static inline int +assemble_blockcipher_buf(struct cpu_crypto_test_case *data, + struct cpu_crypto_test_obj *obj, + uint32_t obj_idx, + uint32_t op_mask, + const struct blockcipher_test_data *test_data, + uint32_t is_unit_test) +{ + const uint8_t *src; + uint32_t src_len; + uint32_t offset; + + if (op_mask == TOP_ENC_AUTH || + op_mask == TOP_AUTH_GEN || + op_mask == BLOCKCIPHER_TEST_OP_AUTH_VERIFY) + offset = test_data->auth_offset; + else + offset = test_data->cipher_offset; + + if (op_mask & TOP_ENC_AUTH) { + src = test_data->plaintext.data; + src_len = test_data->plaintext.len; + if (is_unit_test) + debug_hexdump(stdout, "plaintext:", src, src_len); + } else { + src = test_data->ciphertext.data; + src_len = test_data->ciphertext.len; + memcpy(data->digest, test_data->digest.data, + test_data->digest.len); + if (is_unit_test) { + debug_hexdump(stdout, "ciphertext:", src, src_len); + debug_hexdump(stdout, "digest:", test_data->digest.data, + test_data->digest.len); + } + } + + if (src_len > MBUF_DATAPAYLOAD_SIZE) + return -ENOMEM; + + memcpy(data->seg_buf[0].seg, src, src_len); + data->seg_buf[0].seg_len = src_len; + obj->vec[obj_idx][0].iov_base = + (void *)(data->seg_buf[0].seg + offset); + obj->vec[obj_idx][0].iov_len = src_len - offset; + + obj->sec_buf[obj_idx].vec = obj->vec[obj_idx]; + obj->sec_buf[obj_idx].num = 1; + + memcpy(data->iv, test_data->iv.data, test_data->iv.len); + if (is_unit_test) + debug_hexdump(stdout, "iv:", test_data->iv.data, + test_data->iv.len); + + obj->iv[obj_idx] = (void *)data->iv; + obj->digest[obj_idx] = (void *)data->digest; + + return 0; +} + +static int +check_blockcipher_result(struct cpu_crypto_test_case *tcase, + uint32_t op_mask, + const struct blockcipher_test_data *test_data) +{ + int ret; + + if (op_mask & BLOCKCIPHER_TEST_OP_CIPHER) { + const char *err_msg1, *err_msg2; + const uint8_t *src_pt_ct; + uint32_t src_len; + + if (op_mask & TOP_ENC) { + src_pt_ct = test_data->ciphertext.data; + src_len = test_data->ciphertext.len; + err_msg1 = CPU_CRYPTO_ERR_EXP_CT; + err_msg2 = CPU_CRYPTO_ERR_GEN_CT; + } else { + src_pt_ct = test_data->plaintext.data; + src_len = test_data->plaintext.len; + err_msg1 = CPU_CRYPTO_ERR_EXP_PT; + err_msg2 = CPU_CRYPTO_ERR_GEN_PT; + } + + ret = memcmp(tcase->seg_buf[0].seg, src_pt_ct, src_len); + if (ret != 0) { + debug_hexdump(stdout, err_msg1, src_pt_ct, src_len); + debug_hexdump(stdout, err_msg2, + tcase->seg_buf[0].seg, + test_data->ciphertext.len); + return -1; + } + } + + if (op_mask & TOP_AUTH_GEN) { + ret = memcmp(tcase->digest, test_data->digest.data, + test_data->digest.len); + if (ret != 0) { + debug_hexdump(stdout, "expect digest:", + test_data->digest.data, + test_data->digest.len); + debug_hexdump(stdout, "gen digest:", + tcase->digest, + test_data->digest.len); + return -1; + } + } + + return 0; +} + +static int +cpu_crypto_test_blockcipher(const struct blockcipher_test_data *tdata, + uint32_t op_mask) +{ + struct cpu_crypto_testsuite_params *ts_params = &testsuite_params; + struct cpu_crypto_unittest_params *ut_params = &unittest_params; + struct cpu_crypto_test_obj *obj = &ut_params->test_obj; + struct cpu_crypto_test_case *tcase; + int ret; + + ut_params->sess = create_blockcipher_session(ts_params->ctx, + ts_params->session_priv_mpool, + op_mask, + tdata, + 1); + if (!ut_params->sess) + return -1; + + ret = allocate_buf(1); + if (ret) + return ret; + + tcase = ut_params->test_datas[0]; + ret = assemble_blockcipher_buf(tcase, obj, 0, op_mask, tdata, 1); + if (ret < 0) { + printf("Test is not supported by the driver\n"); + return ret; + } + + run_test(ts_params->ctx, ut_params->sess, obj, 1); + + ret = check_status(obj, 1); + if (ret < 0) + return ret; + + ret = check_blockcipher_result(tcase, op_mask, tdata); + if (ret < 0) + return ret; + + return 0; +} + +/* Macro to save code for defining BlockCipher test cases */ +/* test-vector-name/op */ +#define all_blockcipher_test_cases \ + TEST_EXPAND(aes_test_data_1, TOP_ENC) \ + TEST_EXPAND(aes_test_data_1, TOP_DEC) \ + TEST_EXPAND(aes_test_data_1, TOP_ENC_AUTH) \ + TEST_EXPAND(aes_test_data_1, TOP_AUTH_DEC) \ + TEST_EXPAND(aes_test_data_2, TOP_ENC) \ + TEST_EXPAND(aes_test_data_2, TOP_DEC) \ + TEST_EXPAND(aes_test_data_2, TOP_ENC_AUTH) \ + TEST_EXPAND(aes_test_data_2, TOP_AUTH_DEC) \ + TEST_EXPAND(aes_test_data_3, TOP_ENC) \ + TEST_EXPAND(aes_test_data_3, TOP_DEC) \ + TEST_EXPAND(aes_test_data_3, TOP_ENC_AUTH) \ + TEST_EXPAND(aes_test_data_3, TOP_AUTH_DEC) \ + TEST_EXPAND(aes_test_data_4, TOP_ENC) \ + TEST_EXPAND(aes_test_data_4, TOP_DEC) \ + TEST_EXPAND(aes_test_data_4, TOP_ENC_AUTH) \ + TEST_EXPAND(aes_test_data_4, TOP_AUTH_DEC) \ + TEST_EXPAND(aes_test_data_5, TOP_ENC) \ + TEST_EXPAND(aes_test_data_5, TOP_DEC) \ + TEST_EXPAND(aes_test_data_5, TOP_ENC_AUTH) \ + TEST_EXPAND(aes_test_data_5, TOP_AUTH_DEC) \ + TEST_EXPAND(aes_test_data_6, TOP_ENC) \ + TEST_EXPAND(aes_test_data_6, TOP_DEC) \ + TEST_EXPAND(aes_test_data_6, TOP_ENC_AUTH) \ + TEST_EXPAND(aes_test_data_6, TOP_AUTH_DEC) \ + TEST_EXPAND(aes_test_data_7, TOP_ENC) \ + TEST_EXPAND(aes_test_data_7, TOP_DEC) \ + TEST_EXPAND(aes_test_data_7, TOP_ENC_AUTH) \ + TEST_EXPAND(aes_test_data_7, TOP_AUTH_DEC) \ + TEST_EXPAND(aes_test_data_8, TOP_ENC) \ + TEST_EXPAND(aes_test_data_8, TOP_DEC) \ + TEST_EXPAND(aes_test_data_8, TOP_ENC_AUTH) \ + TEST_EXPAND(aes_test_data_8, TOP_AUTH_DEC) \ + TEST_EXPAND(aes_test_data_9, TOP_ENC) \ + TEST_EXPAND(aes_test_data_9, TOP_DEC) \ + TEST_EXPAND(aes_test_data_9, TOP_ENC_AUTH) \ + TEST_EXPAND(aes_test_data_9, TOP_AUTH_DEC) \ + TEST_EXPAND(aes_test_data_10, TOP_ENC) \ + TEST_EXPAND(aes_test_data_10, TOP_DEC) \ + TEST_EXPAND(aes_test_data_11, TOP_ENC) \ + TEST_EXPAND(aes_test_data_11, TOP_DEC) \ + TEST_EXPAND(aes_test_data_12, TOP_ENC) \ + TEST_EXPAND(aes_test_data_12, TOP_DEC) \ + TEST_EXPAND(aes_test_data_12, TOP_ENC_AUTH) \ + TEST_EXPAND(aes_test_data_12, TOP_AUTH_DEC) \ + TEST_EXPAND(aes_test_data_13, TOP_ENC) \ + TEST_EXPAND(aes_test_data_13, TOP_DEC) \ + TEST_EXPAND(aes_test_data_13, TOP_ENC_AUTH) \ + TEST_EXPAND(aes_test_data_13, TOP_AUTH_DEC) \ + TEST_EXPAND(des_test_data_1, TOP_ENC) \ + TEST_EXPAND(des_test_data_1, TOP_DEC) \ + TEST_EXPAND(des_test_data_2, TOP_ENC) \ + TEST_EXPAND(des_test_data_2, TOP_DEC) \ + TEST_EXPAND(des_test_data_3, TOP_ENC) \ + TEST_EXPAND(des_test_data_3, TOP_DEC) \ + TEST_EXPAND(triple_des128cbc_hmac_sha1_test_vector, TOP_ENC) \ + TEST_EXPAND(triple_des128cbc_hmac_sha1_test_vector, TOP_DEC) \ + TEST_EXPAND(triple_des128cbc_hmac_sha1_test_vector, TOP_ENC_AUTH) \ + TEST_EXPAND(triple_des128cbc_hmac_sha1_test_vector, TOP_AUTH_DEC) \ + TEST_EXPAND(triple_des64cbc_test_vector, TOP_ENC) \ + TEST_EXPAND(triple_des64cbc_test_vector, TOP_DEC) \ + TEST_EXPAND(triple_des128cbc_test_vector, TOP_ENC) \ + TEST_EXPAND(triple_des128cbc_test_vector, TOP_DEC) \ + TEST_EXPAND(triple_des192cbc_test_vector, TOP_ENC) \ + TEST_EXPAND(triple_des192cbc_test_vector, TOP_DEC) \ + +#define TEST_EXPAND(t, o) \ +static int \ +cpu_crypto_blockcipher_test_##t##_##o(void) \ +{ \ + return cpu_crypto_test_blockcipher(&t, o); \ +} + +all_blockcipher_test_cases +#undef TEST_EXPAND + +static struct unit_test_suite security_cpu_crypto_aesni_mb_testsuite = { + .suite_name = "Security CPU Crypto AESNI-MB Unit Test Suite", + .setup = testsuite_setup, + .teardown = testsuite_teardown, + .unit_test_cases = { +#define TEST_EXPAND(t, o) \ + TEST_CASE_ST(ut_setup, ut_teardown, \ + cpu_crypto_aead_enc_test_##t##_##o), \ + TEST_CASE_ST(ut_setup, ut_teardown, \ + cpu_crypto_aead_dec_test_##t##_##o), \ + + all_gcm_unit_test_cases(SGL_ONE_SEG) + all_ccm_unit_test_cases +#undef TEST_EXPAND + +#define TEST_EXPAND(t, o) \ + TEST_CASE_ST(ut_setup, ut_teardown, \ + cpu_crypto_blockcipher_test_##t##_##o), \ + + all_blockcipher_test_cases +#undef TEST_EXPAND + + TEST_CASES_END() /**< NULL terminate unit test array */ + }, +}; + +static int +test_security_cpu_crypto_aesni_mb(void) +{ + gbl_driver_id = rte_cryptodev_driver_id_get( + RTE_STR(CRYPTODEV_NAME_AESNI_MB_PMD)); + + return unit_test_suite_runner(&security_cpu_crypto_aesni_mb_testsuite); +} + REGISTER_TEST_COMMAND(security_aesni_gcm_autotest, test_security_cpu_crypto_aesni_gcm); REGISTER_TEST_COMMAND(security_aesni_gcm_perftest, test_security_cpu_crypto_aesni_gcm_perf); + +REGISTER_TEST_COMMAND(security_aesni_mb_autotest, + test_security_cpu_crypto_aesni_mb); -- 2.14.5