DPDK patches and discussions
 help / color / mirror / Atom feed
* [PATCH] examples/fips_validation: cleanup bypass tests in response file
@ 2022-04-21  7:55 Gowrishankar Muthukrishnan
  2022-05-18 15:34 ` Gowrishankar Muthukrishnan
                   ` (2 more replies)
  0 siblings, 3 replies; 6+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-04-21  7:55 UTC (permalink / raw)
  To: dev
  Cc: Fan Zhang, Brian Dooley, Brandon Lo, Anoob Joseph,
	Archana Muniganti, Jerin Jacob, Gowrishankar Muthukrishnan

Remove garbage entries for bypassed tests in response file.

Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
---
 examples/fips_validation/main.c | 74 ++++++++++++++++-----------------
 1 file changed, 35 insertions(+), 39 deletions(-)

diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c
index 70a389c79b..03dad7eaf9 100644
--- a/examples/fips_validation/main.c
+++ b/examples/fips_validation/main.c
@@ -802,7 +802,7 @@ prepare_aes_xform(struct rte_crypto_sym_xform *xform)
 		RTE_LOG(ERR, USER1, "PMD %s key length %u IV length %u\n",
 				info.device_name, cipher_xform->key.length,
 				cipher_xform->iv.length);
-		return -EPERM;
+		return -ENOTSUP;
 	}
 
 	return 0;
@@ -850,7 +850,7 @@ prepare_tdes_xform(struct rte_crypto_sym_xform *xform)
 		RTE_LOG(ERR, USER1, "PMD %s key length %u IV length %u\n",
 				info.device_name, cipher_xform->key.length,
 				cipher_xform->iv.length);
-		return -EPERM;
+		return -ENOTSUP;
 	}
 
 	return 0;
@@ -887,7 +887,7 @@ prepare_hmac_xform(struct rte_crypto_sym_xform *xform)
 		RTE_LOG(ERR, USER1, "PMD %s key length %u IV length %u\n",
 				info.device_name, auth_xform->key.length,
 				auth_xform->digest_length);
-		return -EPERM;
+		return -ENOTSUP;
 	}
 
 	return 0;
@@ -933,7 +933,7 @@ prepare_gcm_xform(struct rte_crypto_sym_xform *xform)
 				aead_xform->digest_length,
 				aead_xform->aad_length,
 				aead_xform->iv.length);
-		return -EPERM;
+		return -ENOTSUP;
 	}
 
 	return 0;
@@ -978,7 +978,7 @@ prepare_gmac_xform(struct rte_crypto_sym_xform *xform)
 				info.device_name, auth_xform->key.length,
 				auth_xform->digest_length,
 				auth_xform->iv.length);
-		return -EPERM;
+		return -ENOTSUP;
 	}
 
 	return 0;
@@ -1016,7 +1016,7 @@ prepare_cmac_xform(struct rte_crypto_sym_xform *xform)
 		RTE_LOG(ERR, USER1, "PMD %s key length %u IV length %u\n",
 				info.device_name, auth_xform->key.length,
 				auth_xform->digest_length);
-		return -EPERM;
+		return -ENOTSUP;
 	}
 
 	return 0;
@@ -1062,7 +1062,7 @@ prepare_ccm_xform(struct rte_crypto_sym_xform *xform)
 				aead_xform->digest_length,
 				aead_xform->aad_length,
 				aead_xform->iv.length);
-		return -EPERM;
+		return -ENOTSUP;
 	}
 
 	return 0;
@@ -1097,7 +1097,7 @@ prepare_sha_xform(struct rte_crypto_sym_xform *xform)
 		RTE_LOG(ERR, USER1, "PMD %s key length %u digest length %u\n",
 				info.device_name, auth_xform->key.length,
 				auth_xform->digest_length);
-		return -EPERM;
+		return -ENOTSUP;
 	}
 
 	return 0;
@@ -1137,7 +1137,7 @@ prepare_xts_xform(struct rte_crypto_sym_xform *xform)
 		RTE_LOG(ERR, USER1, "PMD %s key length %u IV length %u\n",
 				info.device_name, cipher_xform->key.length,
 				cipher_xform->iv.length);
-		return -EPERM;
+		return -ENOTSUP;
 	}
 
 	return 0;
@@ -1252,7 +1252,7 @@ fips_generic_test(void)
 
 	ret = fips_run_test();
 	if (ret < 0) {
-		if (ret == -EPERM || ret == -ENOTSUP) {
+		if (ret == -ENOTSUP) {
 			fprintf(info.fp_wr, "Bypass\n\n");
 			return 0;
 		}
@@ -1287,7 +1287,7 @@ fips_generic_test(void)
 		fprintf(info.fp_wr, "\n");
 	free(val.val);
 
-	return 0;
+	return 1;
 }
 
 static int
@@ -1456,7 +1456,7 @@ fips_mct_tdes_test(void)
 
 	free(val.val);
 
-	return 0;
+	return 1;
 }
 
 static int
@@ -1535,7 +1535,7 @@ fips_mct_aes_ecb_test(void)
 
 	free(val.val);
 
-	return 0;
+	return 1;
 }
 static int
 fips_mct_aes_test(void)
@@ -1643,7 +1643,7 @@ fips_mct_aes_test(void)
 
 	free(val.val);
 
-	return 0;
+	return 1;
 }
 
 static int
@@ -1729,7 +1729,7 @@ fips_mct_sha_test(void)
 
 	free(val.val);
 
-	return 0;
+	return 1;
 }
 
 
@@ -1844,18 +1844,15 @@ fips_test_one_file(void)
 		}
 
 		ret = fips_test_parse_one_case();
-		switch (ret) {
-		case 0:
-			ret = test_ops.test();
-			if (ret == 0)
-				break;
-			RTE_LOG(ERR, USER1, "Error %i: test block\n",
+		if (ret < 0) {
+			RTE_LOG(ERR, USER1, "Error %i: Parse block\n",
 					ret);
 			goto error_one_case;
-		case 1:
-			break;
-		default:
-			RTE_LOG(ERR, USER1, "Error %i: Parse block\n",
+		}
+
+		ret = test_ops.test();
+		if (ret < 0) {
+			RTE_LOG(ERR, USER1, "Error %i: test block\n",
 					ret);
 			goto error_one_case;
 		}
@@ -1905,22 +1902,21 @@ fips_test_one_test_case(void)
 	int ret;
 
 	ret = fips_test_parse_one_json_case();
+	if (ret < 0) {
+		RTE_LOG(ERR, USER1, "Error %i: Parse block\n",
+				ret);
+		goto exit;
+	}
 
-	switch (ret) {
-	case 0:
-		ret = test_ops.test();
-		if (ret == 0)
-			break;
+	ret = test_ops.test();
+	if (ret < 0) {
 		RTE_LOG(ERR, USER1, "Error %i: test block\n",
 				ret);
-		break;
-	case 1:
-		break;
-	default:
-		RTE_LOG(ERR, USER1, "Error %i: Parse block\n",
-				ret);
+		goto exit;
 	}
-	return 0;
+
+exit:
+	return ret;
 }
 
 static int
@@ -1958,8 +1954,8 @@ fips_test_one_test_group(void)
 	tests_size = json_array_size(tests);
 	for (test_idx = 0; test_idx < tests_size; test_idx++) {
 		json_info.json_test_case = json_array_get(tests, test_idx);
-		fips_test_one_test_case();
-		json_array_append_new(write_tests, json_info.json_write_case);
+		if (fips_test_one_test_case() > 0)
+			json_array_append_new(write_tests, json_info.json_write_case);
 	}
 
 	return 0;
-- 
2.25.1


^ permalink raw reply	[flat|nested] 6+ messages in thread

* [PATCH] examples/fips_validation: cleanup bypass tests in response file
  2022-04-21  7:55 [PATCH] examples/fips_validation: cleanup bypass tests in response file Gowrishankar Muthukrishnan
@ 2022-05-18 15:34 ` Gowrishankar Muthukrishnan
  2022-05-19  6:07   ` Gowrishankar Muthukrishnan
  2022-05-18 15:39 ` [PATCH v2] examples/fips_validation: reset IV generation in every test group Gowrishankar Muthukrishnan
  2022-05-18 15:41 ` [PATCH] examples/fips_validation: add parsing for aes_cbc Gowrishankar Muthukrishnan
  2 siblings, 1 reply; 6+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-18 15:34 UTC (permalink / raw)
  To: dev
  Cc: Fan Zhang, Brian Dooley, Brandon Lo, Anoob Joseph,
	Archana Muniganti, Jerin Jacob, Gowrishankar Muthukrishnan

Remove garbage entries for bypassed tests in response file.

Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
---
 examples/fips_validation/main.c | 74 ++++++++++++++++-----------------
 1 file changed, 35 insertions(+), 39 deletions(-)

diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c
index aa8034c29f..8af4dc1894 100644
--- a/examples/fips_validation/main.c
+++ b/examples/fips_validation/main.c
@@ -805,7 +805,7 @@ prepare_aes_xform(struct rte_crypto_sym_xform *xform)
 		RTE_LOG(ERR, USER1, "PMD %s key length %u IV length %u\n",
 				info.device_name, cipher_xform->key.length,
 				cipher_xform->iv.length);
-		return -EPERM;
+		return -ENOTSUP;
 	}
 
 	return 0;
@@ -853,7 +853,7 @@ prepare_tdes_xform(struct rte_crypto_sym_xform *xform)
 		RTE_LOG(ERR, USER1, "PMD %s key length %u IV length %u\n",
 				info.device_name, cipher_xform->key.length,
 				cipher_xform->iv.length);
-		return -EPERM;
+		return -ENOTSUP;
 	}
 
 	return 0;
@@ -890,7 +890,7 @@ prepare_hmac_xform(struct rte_crypto_sym_xform *xform)
 		RTE_LOG(ERR, USER1, "PMD %s key length %u IV length %u\n",
 				info.device_name, auth_xform->key.length,
 				auth_xform->digest_length);
-		return -EPERM;
+		return -ENOTSUP;
 	}
 
 	return 0;
@@ -936,7 +936,7 @@ prepare_gcm_xform(struct rte_crypto_sym_xform *xform)
 				aead_xform->digest_length,
 				aead_xform->aad_length,
 				aead_xform->iv.length);
-		return -EPERM;
+		return -ENOTSUP;
 	}
 
 	return 0;
@@ -981,7 +981,7 @@ prepare_gmac_xform(struct rte_crypto_sym_xform *xform)
 				info.device_name, auth_xform->key.length,
 				auth_xform->digest_length,
 				auth_xform->iv.length);
-		return -EPERM;
+		return -ENOTSUP;
 	}
 
 	return 0;
@@ -1019,7 +1019,7 @@ prepare_cmac_xform(struct rte_crypto_sym_xform *xform)
 		RTE_LOG(ERR, USER1, "PMD %s key length %u IV length %u\n",
 				info.device_name, auth_xform->key.length,
 				auth_xform->digest_length);
-		return -EPERM;
+		return -ENOTSUP;
 	}
 
 	return 0;
@@ -1065,7 +1065,7 @@ prepare_ccm_xform(struct rte_crypto_sym_xform *xform)
 				aead_xform->digest_length,
 				aead_xform->aad_length,
 				aead_xform->iv.length);
-		return -EPERM;
+		return -ENOTSUP;
 	}
 
 	return 0;
@@ -1100,7 +1100,7 @@ prepare_sha_xform(struct rte_crypto_sym_xform *xform)
 		RTE_LOG(ERR, USER1, "PMD %s key length %u digest length %u\n",
 				info.device_name, auth_xform->key.length,
 				auth_xform->digest_length);
-		return -EPERM;
+		return -ENOTSUP;
 	}
 
 	return 0;
@@ -1140,7 +1140,7 @@ prepare_xts_xform(struct rte_crypto_sym_xform *xform)
 		RTE_LOG(ERR, USER1, "PMD %s key length %u IV length %u\n",
 				info.device_name, cipher_xform->key.length,
 				cipher_xform->iv.length);
-		return -EPERM;
+		return -ENOTSUP;
 	}
 
 	return 0;
@@ -1255,7 +1255,7 @@ fips_generic_test(void)
 
 	ret = fips_run_test();
 	if (ret < 0) {
-		if (ret == -EPERM || ret == -ENOTSUP) {
+		if (ret == -ENOTSUP) {
 			fprintf(info.fp_wr, "Bypass\n\n");
 			return 0;
 		}
@@ -1290,7 +1290,7 @@ fips_generic_test(void)
 		fprintf(info.fp_wr, "\n");
 	free(val.val);
 
-	return 0;
+	return 1;
 }
 
 static int
@@ -1459,7 +1459,7 @@ fips_mct_tdes_test(void)
 
 	free(val.val);
 
-	return 0;
+	return 1;
 }
 
 static int
@@ -1538,7 +1538,7 @@ fips_mct_aes_ecb_test(void)
 
 	free(val.val);
 
-	return 0;
+	return 1;
 }
 static int
 fips_mct_aes_test(void)
@@ -1646,7 +1646,7 @@ fips_mct_aes_test(void)
 
 	free(val.val);
 
-	return 0;
+	return 1;
 }
 
 static int
@@ -1732,7 +1732,7 @@ fips_mct_sha_test(void)
 
 	free(val.val);
 
-	return 0;
+	return 1;
 }
 
 
@@ -1847,18 +1847,15 @@ fips_test_one_file(void)
 		}
 
 		ret = fips_test_parse_one_case();
-		switch (ret) {
-		case 0:
-			ret = test_ops.test();
-			if (ret == 0)
-				break;
-			RTE_LOG(ERR, USER1, "Error %i: test block\n",
+		if (ret < 0) {
+			RTE_LOG(ERR, USER1, "Error %i: Parse block\n",
 					ret);
 			goto error_one_case;
-		case 1:
-			break;
-		default:
-			RTE_LOG(ERR, USER1, "Error %i: Parse block\n",
+		}
+
+		ret = test_ops.test();
+		if (ret < 0) {
+			RTE_LOG(ERR, USER1, "Error %i: test block\n",
 					ret);
 			goto error_one_case;
 		}
@@ -1908,22 +1905,21 @@ fips_test_one_test_case(void)
 	int ret;
 
 	ret = fips_test_parse_one_json_case();
+	if (ret < 0) {
+		RTE_LOG(ERR, USER1, "Error %i: Parse block\n",
+				ret);
+		goto exit;
+	}
 
-	switch (ret) {
-	case 0:
-		ret = test_ops.test();
-		if (ret == 0)
-			break;
+	ret = test_ops.test();
+	if (ret < 0) {
 		RTE_LOG(ERR, USER1, "Error %i: test block\n",
 				ret);
-		break;
-	case 1:
-		break;
-	default:
-		RTE_LOG(ERR, USER1, "Error %i: Parse block\n",
-				ret);
+		goto exit;
 	}
-	return 0;
+
+exit:
+	return ret;
 }
 
 static int
@@ -1968,8 +1964,8 @@ fips_test_one_test_group(void)
 	tests_size = json_array_size(tests);
 	for (test_idx = 0; test_idx < tests_size; test_idx++) {
 		json_info.json_test_case = json_array_get(tests, test_idx);
-		fips_test_one_test_case();
-		json_array_append_new(write_tests, json_info.json_write_case);
+		if (fips_test_one_test_case() > 0)
+			json_array_append_new(write_tests, json_info.json_write_case);
 	}
 
 	return 0;
-- 
2.25.1


^ permalink raw reply	[flat|nested] 6+ messages in thread

* [PATCH v2] examples/fips_validation: reset IV generation in every test group
  2022-04-21  7:55 [PATCH] examples/fips_validation: cleanup bypass tests in response file Gowrishankar Muthukrishnan
  2022-05-18 15:34 ` Gowrishankar Muthukrishnan
@ 2022-05-18 15:39 ` Gowrishankar Muthukrishnan
  2022-05-18 15:41 ` [PATCH] examples/fips_validation: add parsing for aes_cbc Gowrishankar Muthukrishnan
  2 siblings, 0 replies; 6+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-18 15:39 UTC (permalink / raw)
  To: dev
  Cc: Fan Zhang, Brian Dooley, Brandon Lo, Anoob Joseph,
	Archana Muniganti, Jerin Jacob, Gowrishankar Muthukrishnan

Reset IV generation in every test group.

Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
---
v2:
 - rebase on latest main.
 
---
 examples/fips_validation/fips_validation_gcm.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/examples/fips_validation/fips_validation_gcm.c b/examples/fips_validation/fips_validation_gcm.c
index 3604b21f13..7e89f2a6b2 100644
--- a/examples/fips_validation/fips_validation_gcm.c
+++ b/examples/fips_validation/fips_validation_gcm.c
@@ -344,6 +344,7 @@ parse_test_gcm_json_init(void)
 
 	direction_obj = json_object_get(json_info.json_test_group, DIR_JSON_STR);
 	direction_str = json_string_value(direction_obj);
+	info.interim_info.gcm_data.gen_iv = 0;
 
 	if (strcmp(direction_str, OP_ENC_JSON_STR) == 0) {
 		json_t *ivGen_obj = json_object_get(json_info.json_test_group, IVGEN_JSON_STR);
-- 
2.25.1


^ permalink raw reply	[flat|nested] 6+ messages in thread

* [PATCH] examples/fips_validation: add parsing for aes_cbc
  2022-04-21  7:55 [PATCH] examples/fips_validation: cleanup bypass tests in response file Gowrishankar Muthukrishnan
  2022-05-18 15:34 ` Gowrishankar Muthukrishnan
  2022-05-18 15:39 ` [PATCH v2] examples/fips_validation: reset IV generation in every test group Gowrishankar Muthukrishnan
@ 2022-05-18 15:41 ` Gowrishankar Muthukrishnan
  2022-05-19  6:09   ` [PATCH v2] " Gowrishankar Muthukrishnan
  2 siblings, 1 reply; 6+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-18 15:41 UTC (permalink / raw)
  To: dev
  Cc: Fan Zhang, Brian Dooley, Brandon Lo, Anoob Joseph,
	Archana Muniganti, Jerin Jacob, Gowrishankar Muthukrishnan

Added function to parse algorithm for AES_CBC test.

Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
---
 examples/fips_validation/fips_validation.c    |  14 +-
 examples/fips_validation/fips_validation.h    |   1 +
 .../fips_validation/fips_validation_aes.c     | 218 ++++++++++++++++++
 examples/fips_validation/main.c               |  70 ++++--
 4 files changed, 275 insertions(+), 28 deletions(-)

diff --git a/examples/fips_validation/fips_validation.c b/examples/fips_validation/fips_validation.c
index 8e0a55c624..de5ebbf076 100644
--- a/examples/fips_validation/fips_validation.c
+++ b/examples/fips_validation/fips_validation.c
@@ -120,7 +120,7 @@ fips_test_parse_header(void)
 
 	for (i = 0; i < info.nb_vec_lines; i++) {
 		if (!algo_parsed) {
-			if (strstr(info.vec[i], "AESVS")) {
+			if (strstr(info.vec[i], "AESVS") || strstr(info.vec[i], "AES-CBC")) {
 				algo_parsed = 1;
 				info.algo = FIPS_TEST_ALGO_AES;
 				ret = parse_test_aes_init();
@@ -456,14 +456,18 @@ fips_test_parse_one_json_vector_set(void)
 	const char *algo_str = json_string_value(algo_obj);
 
 	/* Vector sets contain the algorithm type, and nothing else we need. */
-	if (strstr(algo_str, "AES-GCM"))
+	if (strstr(algo_str, "AES-GCM")) {
 		info.algo = FIPS_TEST_ALGO_AES_GCM;
-	if (strstr(algo_str, "HMAC"))
+	} else if (strstr(algo_str, "HMAC")) {
 		info.algo = FIPS_TEST_ALGO_HMAC;
-	if (strstr(algo_str, "CMAC"))
+	} else if (strstr(algo_str, "CMAC")) {
 		info.algo = FIPS_TEST_ALGO_AES_CMAC;
-	else
+	} else if (strstr(algo_str, "AES-CBC")) {
+		info.algo = FIPS_TEST_ALGO_AES;
+		info.interim_info.aes_data.cipher_algo = RTE_CRYPTO_CIPHER_AES_CBC;
+	} else {
 		return -EINVAL;
+	}
 
 	return 0;
 }
diff --git a/examples/fips_validation/fips_validation.h b/examples/fips_validation/fips_validation.h
index 7f68d454f7..6382f7f7f4 100644
--- a/examples/fips_validation/fips_validation.h
+++ b/examples/fips_validation/fips_validation.h
@@ -103,6 +103,7 @@ enum fips_aesavs_test_types {
 	AESAVS_TYPE_VARTXT,
 	AESAVS_TYPE_MMT,
 	AESAVS_TYPE_MCT,
+	AESAVS_TYPE_AFT,
 };
 
 enum fips_tdes_test_types {
diff --git a/examples/fips_validation/fips_validation_aes.c b/examples/fips_validation/fips_validation_aes.c
index b3c5e31f32..8f68142db8 100644
--- a/examples/fips_validation/fips_validation_aes.c
+++ b/examples/fips_validation/fips_validation_aes.c
@@ -7,6 +7,7 @@
 #include <stdio.h>
 
 #include <rte_cryptodev.h>
+#include <rte_malloc.h>
 
 #include "fips_validation.h"
 
@@ -25,6 +26,18 @@
 #define OP_ENC_STR	"ENCRYPT"
 #define OP_DEC_STR	"DECRYPT"
 
+#define TESTTYPE_JSON_STR "testType"
+#define DIR_JSON_STR	"direction"
+#define KEYLEN_JSON_STR "keyLen"
+
+#define KEY_JSON_STR	"key"
+#define IV_JSON_STR	"iv"
+#define PT_JSON_STR	"pt"
+#define CT_JSON_STR	"ct"
+
+#define OP_ENC_JSON_STR	"encrypt"
+#define OP_DEC_JSON_STR	"decrypt"
+
 struct {
 	uint32_t type;
 	const char *desc;
@@ -37,6 +50,7 @@ struct {
 		{TDES_VARIABLE_TEXT, "KAT"},
 		{AESAVS_TYPE_MMT, "MMT"},
 		{AESAVS_TYPE_MCT, "MCT"},
+		{AESAVS_TYPE_AFT, "AFT"},
 };
 
 struct aes_test_algo {
@@ -92,6 +106,27 @@ struct fips_test_callback aes_writeback_callbacks[] = {
 		{NULL, NULL, NULL} /**< end pointer */
 };
 
+#ifdef RTE_HAS_JANSSON
+struct fips_test_callback aes_dec_json_vectors[] = {
+		{KEY_JSON_STR, parse_uint8_known_len_hex_str, &vec.cipher_auth.key},
+		{IV_JSON_STR, parse_uint8_hex_str, &vec.iv},
+		{CT_JSON_STR, parse_uint8_hex_str, &vec.ct},
+		{NULL, NULL, NULL} /**< end pointer */
+};
+
+struct fips_test_callback aes_interim_json_vectors[] = {
+		{KEYLEN_JSON_STR, parser_read_uint32_bit_val, &vec.cipher_auth.key},
+		{NULL, NULL, NULL} /**< end pointer */
+};
+
+struct fips_test_callback aes_enc_json_vectors[] = {
+		{KEY_JSON_STR, parse_uint8_known_len_hex_str, &vec.cipher_auth.key},
+		{IV_JSON_STR, parse_uint8_hex_str, &vec.iv},
+		{PT_JSON_STR, parse_uint8_hex_str, &vec.pt},
+		{NULL, NULL, NULL} /**< end pointer */
+};
+#endif /* RTE_HAS_JANSSON */
+
 static int
 parse_test_aes_writeback(struct fips_val *val)
 {
@@ -105,6 +140,129 @@ parse_test_aes_writeback(struct fips_val *val)
 	return 0;
 }
 
+#ifdef RTE_HAS_JANSSON
+static int
+parse_test_aes_json_writeback(struct fips_val *val)
+{
+	struct fips_val tmp_val;
+	json_t *tcId;
+
+	tcId = json_object_get(json_info.json_test_case, "tcId");
+
+	json_info.json_write_case = json_object();
+	json_object_set(json_info.json_write_case, "tcId", tcId);
+
+	if (info.op == FIPS_TEST_ENC_AUTH_GEN) {
+		json_t *ct;
+
+		tmp_val.val = val->val;
+		tmp_val.len = vec.pt.len;
+
+		writeback_hex_str("", info.one_line_text, &tmp_val);
+		ct = json_string(info.one_line_text);
+		json_object_set_new(json_info.json_write_case, CT_JSON_STR, ct);
+
+		tmp_val.val = val->val + vec.pt.len;
+		tmp_val.len = val->len - vec.pt.len;
+
+		writeback_hex_str("", info.one_line_text, &tmp_val);
+	} else {
+		if (vec.status == RTE_CRYPTO_OP_STATUS_SUCCESS) {
+			tmp_val.val = val->val;
+			tmp_val.len = vec.ct.len;
+
+			writeback_hex_str("", info.one_line_text, &tmp_val);
+			json_object_set_new(json_info.json_write_case, PT_JSON_STR,
+								json_string(info.one_line_text));
+		} else {
+			json_object_set_new(json_info.json_write_case, "testPassed", json_false());
+		}
+	}
+
+	return 0;
+}
+
+static int
+parse_test_aes_mct_json_writeback(struct fips_val *val)
+{
+	json_t *tcId, *resArr, *res, *ct, *pt, *key, *iv;
+	struct fips_val tmp_val;
+
+	tcId = json_object_get(json_info.json_test_case, "tcId");
+	if (json_info.json_write_case) {
+		json_t *wcId;
+
+		wcId = json_object_get(json_info.json_write_case, "tcId");
+		if (!json_equal(tcId, wcId)) {
+			json_info.json_write_case = json_object();
+			json_object_set(json_info.json_write_case, "tcId", tcId);
+			json_object_set(json_info.json_write_case, "resultsArray", json_array());
+		}
+	} else {
+		json_info.json_write_case = json_object();
+		json_object_set(json_info.json_write_case, "tcId", tcId);
+		json_object_set(json_info.json_write_case, "resultsArray", json_array());
+	}
+
+	resArr = json_object_get(json_info.json_write_case, "resultsArray");
+	if (!json_is_array(resArr))
+		return -EINVAL;
+
+	res = json_object();
+	if (info .op == FIPS_TEST_ENC_AUTH_GEN) {
+		writeback_hex_str("", info.one_line_text, &vec.cipher_auth.key);
+		key = json_string(info.one_line_text);
+		json_object_set_new(res, KEY_JSON_STR, key);
+
+		writeback_hex_str("", info.one_line_text, &val[2]);
+		iv = json_string(info.one_line_text);
+		json_object_set_new(res, IV_JSON_STR, iv);
+
+		writeback_hex_str("", info.one_line_text, &val[1]);
+		pt = json_string(info.one_line_text);
+		json_object_set_new(res, PT_JSON_STR, pt);
+
+		tmp_val.val = val->val;
+		tmp_val.len = vec.pt.len;
+
+		writeback_hex_str("", info.one_line_text, &tmp_val);
+		ct = json_string(info.one_line_text);
+		json_object_set_new(res, CT_JSON_STR, ct);
+
+		tmp_val.val = val->val + vec.pt.len;
+		tmp_val.len = val->len - vec.pt.len;
+
+		writeback_hex_str("", info.one_line_text, &tmp_val);
+	} else {
+		if (vec.status == RTE_CRYPTO_OP_STATUS_SUCCESS) {
+			writeback_hex_str("", info.one_line_text, &vec.cipher_auth.key);
+			key = json_string(info.one_line_text);
+			json_object_set_new(res, KEY_JSON_STR, key);
+
+			writeback_hex_str("", info.one_line_text, &val[2]);
+			iv = json_string(info.one_line_text);
+			json_object_set_new(res, IV_JSON_STR, iv);
+
+			tmp_val.val = val->val;
+			tmp_val.len = vec.ct.len;
+
+			writeback_hex_str("", info.one_line_text, &tmp_val);
+			pt = json_string(info.one_line_text);
+			json_object_set_new(res, PT_JSON_STR, pt);
+
+			writeback_hex_str("", info.one_line_text, &val[1]);
+			ct = json_string(info.one_line_text);
+			json_object_set_new(res, CT_JSON_STR, ct);
+		} else {
+			json_object_set_new(json_info.json_write_case, "testPassed", json_false());
+		}
+	}
+
+	json_array_append(resArr, res);
+	return 0;
+}
+#endif /* RTE_HAS_JANSSON */
+
 static int
 rsp_test_aes_check(struct fips_val *val)
 {
@@ -123,12 +281,72 @@ rsp_test_aes_check(struct fips_val *val)
 	return 0;
 }
 
+#ifdef RTE_HAS_JANSSON
+static int
+parse_test_aes_json_init(void)
+{
+	json_t *type_obj = json_object_get(json_info.json_test_group, TESTTYPE_JSON_STR);
+	const char *type_str = json_string_value(type_obj);
+	uint32_t i;
+
+	if (json_info.json_test_group) {
+		json_t *direction_obj;
+		const char *direction_str;
+
+		direction_obj = json_object_get(json_info.json_test_group, DIR_JSON_STR);
+		direction_str = json_string_value(direction_obj);
+
+		if (strcmp(direction_str, OP_ENC_JSON_STR) == 0) {
+			info.op = FIPS_TEST_ENC_AUTH_GEN;
+			info.callbacks = aes_enc_json_vectors;
+
+		} else if (strcmp(direction_str, OP_DEC_JSON_STR) == 0) {
+			info.op = FIPS_TEST_DEC_AUTH_VERIF;
+			info.callbacks = aes_dec_json_vectors;
+		} else {
+			return -EINVAL;
+		}
+		info.interim_callbacks = aes_interim_json_vectors;
+	}
+
+	for (i = 0; i < RTE_DIM(aes_test_types); i++)
+		if (strstr(type_str, aes_test_types[i].desc)) {
+			info.interim_info.aes_data.test_type =
+				aes_test_types[i].type;
+			break;
+		}
+
+	if (i >= RTE_DIM(aes_test_types))
+		return -EINVAL;
+
+	switch (info.interim_info.aes_data.test_type) {
+	case AESAVS_TYPE_MCT:
+		info.parse_writeback = parse_test_aes_mct_json_writeback;
+		break;
+	case AESAVS_TYPE_AFT:
+		info.parse_writeback = parse_test_aes_json_writeback;
+		break;
+	default:
+		info.parse_writeback = NULL;
+	}
+
+	if (!info.parse_writeback)
+		return -EINVAL;
+
+	return 0;
+}
+#endif /* RTE_HAS_JANSSON */
+
 int
 parse_test_aes_init(void)
 {
 	char *tmp;
 	uint32_t i, j;
 
+#ifdef RTE_HAS_JANSSON
+	return parse_test_aes_json_init();
+#endif /* RTE_HAS_JANSSON */
+
 	for (i = 0; i < info.nb_vec_lines; i++) {
 		char *line = info.vec[i];
 
diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c
index 8af4dc1894..25475348ac 100644
--- a/examples/fips_validation/main.c
+++ b/examples/fips_validation/main.c
@@ -1546,7 +1546,7 @@ fips_mct_aes_test(void)
 #define AES_BLOCK_SIZE	16
 #define AES_EXTERN_ITER	100
 #define AES_INTERN_ITER	1000
-	struct fips_val val = {NULL, 0}, val_key;
+	struct fips_val val[3] = {{NULL, 0},}, val_key,  pt, ct, iv;
 	uint8_t prev_out[AES_BLOCK_SIZE] = {0};
 	uint8_t prev_in[AES_BLOCK_SIZE] = {0};
 	uint32_t i, j, k;
@@ -1556,10 +1556,12 @@ fips_mct_aes_test(void)
 		return fips_mct_aes_ecb_test();
 
 	for (i = 0; i < AES_EXTERN_ITER; i++) {
-		if (i != 0)
-			update_info_vec(i);
+		if (info.file_type != FIPS_TYPE_JSON) {
+			if (i != 0)
+				update_info_vec(i);
 
-		fips_test_write_one_case();
+			fips_test_write_one_case();
+		}
 
 		for (j = 0; j < AES_INTERN_ITER; j++) {
 			ret = fips_run_test();
@@ -1572,7 +1574,7 @@ fips_mct_aes_test(void)
 				return ret;
 			}
 
-			ret = get_writeback_data(&val);
+			ret = get_writeback_data(&val[0]);
 			if (ret < 0)
 				return ret;
 
@@ -1580,24 +1582,39 @@ fips_mct_aes_test(void)
 				memcpy(prev_in, vec.ct.val, AES_BLOCK_SIZE);
 
 			if (j == 0) {
-				memcpy(prev_out, val.val, AES_BLOCK_SIZE);
+				memcpy(prev_out, val[0].val, AES_BLOCK_SIZE);
+				pt.len = vec.pt.len;
+				pt.val = calloc(1, pt.len);
+				memcpy(pt.val, vec.pt.val, pt.len);
+
+				ct.len = vec.ct.len;
+				ct.val = calloc(1, ct.len);
+				memcpy(ct.val, vec.ct.val, ct.len);
+
+				iv.len = vec.iv.len;
+				iv.val = calloc(1, iv.len);
+				memcpy(iv.val, vec.iv.val, iv.len);
 
 				if (info.op == FIPS_TEST_ENC_AUTH_GEN) {
-					memcpy(vec.pt.val, vec.iv.val,
-							AES_BLOCK_SIZE);
-					memcpy(vec.iv.val, val.val,
-							AES_BLOCK_SIZE);
+					memcpy(vec.pt.val, vec.iv.val, AES_BLOCK_SIZE);
+					memcpy(vec.iv.val, val[0].val, AES_BLOCK_SIZE);
+					val[1].val = pt.val;
+					val[1].len = pt.len;
+					val[2].val = iv.val;
+					val[2].len = iv.len;
 				} else {
-					memcpy(vec.ct.val, vec.iv.val,
-							AES_BLOCK_SIZE);
-					memcpy(vec.iv.val, prev_in,
-							AES_BLOCK_SIZE);
+					memcpy(vec.ct.val, vec.iv.val, AES_BLOCK_SIZE);
+					memcpy(vec.iv.val, prev_in, AES_BLOCK_SIZE);
+					val[1].val = ct.val;
+					val[1].len = ct.len;
+					val[2].val = iv.val;
+					val[2].len = iv.len;
 				}
 				continue;
 			}
 
 			if (info.op == FIPS_TEST_ENC_AUTH_GEN) {
-				memcpy(vec.iv.val, val.val, AES_BLOCK_SIZE);
+				memcpy(vec.iv.val, val[0].val, AES_BLOCK_SIZE);
 				memcpy(vec.pt.val, prev_out, AES_BLOCK_SIZE);
 			} else {
 				memcpy(vec.iv.val, prev_in, AES_BLOCK_SIZE);
@@ -1607,33 +1624,37 @@ fips_mct_aes_test(void)
 			if (j == AES_INTERN_ITER - 1)
 				continue;
 
-			memcpy(prev_out, val.val, AES_BLOCK_SIZE);
+			memcpy(prev_out, val[0].val, AES_BLOCK_SIZE);
 		}
 
-		info.parse_writeback(&val);
+		info.parse_writeback(val);
 		fprintf(info.fp_wr, "\n");
 
-		if (i == AES_EXTERN_ITER - 1)
+		if (i == AES_EXTERN_ITER - 1) {
+			free(pt.val);
+			free(ct.val);
+			free(iv.val);
 			continue;
+		}
 
 		/** update key */
 		memcpy(&val_key, &vec.cipher_auth.key, sizeof(val_key));
 		for (k = 0; k < vec.cipher_auth.key.len; k++) {
 			switch (vec.cipher_auth.key.len) {
 			case 16:
-				val_key.val[k] ^= val.val[k];
+				val_key.val[k] ^= val[0].val[k];
 				break;
 			case 24:
 				if (k < 8)
 					val_key.val[k] ^= prev_out[k + 8];
 				else
-					val_key.val[k] ^= val.val[k - 8];
+					val_key.val[k] ^= val[0].val[k - 8];
 				break;
 			case 32:
 				if (k < 16)
 					val_key.val[k] ^= prev_out[k];
 				else
-					val_key.val[k] ^= val.val[k - 16];
+					val_key.val[k] ^= val[0].val[k - 16];
 				break;
 			default:
 				return -1;
@@ -1641,10 +1662,10 @@ fips_mct_aes_test(void)
 		}
 
 		if (info.op == FIPS_TEST_DEC_AUTH_VERIF)
-			memcpy(vec.iv.val, val.val, AES_BLOCK_SIZE);
+			memcpy(vec.iv.val, val[0].val, AES_BLOCK_SIZE);
 	}
 
-	free(val.val);
+	free(val[0].val);
 
 	return 1;
 }
@@ -1945,6 +1966,9 @@ fips_test_one_test_group(void)
 	case FIPS_TEST_ALGO_AES_CMAC:
 		ret = parse_test_cmac_json_init();
 		break;
+	case FIPS_TEST_ALGO_AES:
+		ret = parse_test_aes_init();
+		break;
 	default:
 		return -EINVAL;
 	}
-- 
2.25.1


^ permalink raw reply	[flat|nested] 6+ messages in thread

* [PATCH] examples/fips_validation: cleanup bypass tests in response file
  2022-05-18 15:34 ` Gowrishankar Muthukrishnan
@ 2022-05-19  6:07   ` Gowrishankar Muthukrishnan
  0 siblings, 0 replies; 6+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-19  6:07 UTC (permalink / raw)
  To: dev
  Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
	Archana Muniganti, Jerin Jacob, Gowrishankar Muthukrishnan

Remove garbage entries for bypassed tests in response file.

Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
---
Depends-on: series-22738 ("Add JSON vector set support to fips validation")
---
 examples/fips_validation/main.c | 74 ++++++++++++++++-----------------
 1 file changed, 35 insertions(+), 39 deletions(-)

diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c
index aa8034c29f..8af4dc1894 100644
--- a/examples/fips_validation/main.c
+++ b/examples/fips_validation/main.c
@@ -805,7 +805,7 @@ prepare_aes_xform(struct rte_crypto_sym_xform *xform)
 		RTE_LOG(ERR, USER1, "PMD %s key length %u IV length %u\n",
 				info.device_name, cipher_xform->key.length,
 				cipher_xform->iv.length);
-		return -EPERM;
+		return -ENOTSUP;
 	}
 
 	return 0;
@@ -853,7 +853,7 @@ prepare_tdes_xform(struct rte_crypto_sym_xform *xform)
 		RTE_LOG(ERR, USER1, "PMD %s key length %u IV length %u\n",
 				info.device_name, cipher_xform->key.length,
 				cipher_xform->iv.length);
-		return -EPERM;
+		return -ENOTSUP;
 	}
 
 	return 0;
@@ -890,7 +890,7 @@ prepare_hmac_xform(struct rte_crypto_sym_xform *xform)
 		RTE_LOG(ERR, USER1, "PMD %s key length %u IV length %u\n",
 				info.device_name, auth_xform->key.length,
 				auth_xform->digest_length);
-		return -EPERM;
+		return -ENOTSUP;
 	}
 
 	return 0;
@@ -936,7 +936,7 @@ prepare_gcm_xform(struct rte_crypto_sym_xform *xform)
 				aead_xform->digest_length,
 				aead_xform->aad_length,
 				aead_xform->iv.length);
-		return -EPERM;
+		return -ENOTSUP;
 	}
 
 	return 0;
@@ -981,7 +981,7 @@ prepare_gmac_xform(struct rte_crypto_sym_xform *xform)
 				info.device_name, auth_xform->key.length,
 				auth_xform->digest_length,
 				auth_xform->iv.length);
-		return -EPERM;
+		return -ENOTSUP;
 	}
 
 	return 0;
@@ -1019,7 +1019,7 @@ prepare_cmac_xform(struct rte_crypto_sym_xform *xform)
 		RTE_LOG(ERR, USER1, "PMD %s key length %u IV length %u\n",
 				info.device_name, auth_xform->key.length,
 				auth_xform->digest_length);
-		return -EPERM;
+		return -ENOTSUP;
 	}
 
 	return 0;
@@ -1065,7 +1065,7 @@ prepare_ccm_xform(struct rte_crypto_sym_xform *xform)
 				aead_xform->digest_length,
 				aead_xform->aad_length,
 				aead_xform->iv.length);
-		return -EPERM;
+		return -ENOTSUP;
 	}
 
 	return 0;
@@ -1100,7 +1100,7 @@ prepare_sha_xform(struct rte_crypto_sym_xform *xform)
 		RTE_LOG(ERR, USER1, "PMD %s key length %u digest length %u\n",
 				info.device_name, auth_xform->key.length,
 				auth_xform->digest_length);
-		return -EPERM;
+		return -ENOTSUP;
 	}
 
 	return 0;
@@ -1140,7 +1140,7 @@ prepare_xts_xform(struct rte_crypto_sym_xform *xform)
 		RTE_LOG(ERR, USER1, "PMD %s key length %u IV length %u\n",
 				info.device_name, cipher_xform->key.length,
 				cipher_xform->iv.length);
-		return -EPERM;
+		return -ENOTSUP;
 	}
 
 	return 0;
@@ -1255,7 +1255,7 @@ fips_generic_test(void)
 
 	ret = fips_run_test();
 	if (ret < 0) {
-		if (ret == -EPERM || ret == -ENOTSUP) {
+		if (ret == -ENOTSUP) {
 			fprintf(info.fp_wr, "Bypass\n\n");
 			return 0;
 		}
@@ -1290,7 +1290,7 @@ fips_generic_test(void)
 		fprintf(info.fp_wr, "\n");
 	free(val.val);
 
-	return 0;
+	return 1;
 }
 
 static int
@@ -1459,7 +1459,7 @@ fips_mct_tdes_test(void)
 
 	free(val.val);
 
-	return 0;
+	return 1;
 }
 
 static int
@@ -1538,7 +1538,7 @@ fips_mct_aes_ecb_test(void)
 
 	free(val.val);
 
-	return 0;
+	return 1;
 }
 static int
 fips_mct_aes_test(void)
@@ -1646,7 +1646,7 @@ fips_mct_aes_test(void)
 
 	free(val.val);
 
-	return 0;
+	return 1;
 }
 
 static int
@@ -1732,7 +1732,7 @@ fips_mct_sha_test(void)
 
 	free(val.val);
 
-	return 0;
+	return 1;
 }
 
 
@@ -1847,18 +1847,15 @@ fips_test_one_file(void)
 		}
 
 		ret = fips_test_parse_one_case();
-		switch (ret) {
-		case 0:
-			ret = test_ops.test();
-			if (ret == 0)
-				break;
-			RTE_LOG(ERR, USER1, "Error %i: test block\n",
+		if (ret < 0) {
+			RTE_LOG(ERR, USER1, "Error %i: Parse block\n",
 					ret);
 			goto error_one_case;
-		case 1:
-			break;
-		default:
-			RTE_LOG(ERR, USER1, "Error %i: Parse block\n",
+		}
+
+		ret = test_ops.test();
+		if (ret < 0) {
+			RTE_LOG(ERR, USER1, "Error %i: test block\n",
 					ret);
 			goto error_one_case;
 		}
@@ -1908,22 +1905,21 @@ fips_test_one_test_case(void)
 	int ret;
 
 	ret = fips_test_parse_one_json_case();
+	if (ret < 0) {
+		RTE_LOG(ERR, USER1, "Error %i: Parse block\n",
+				ret);
+		goto exit;
+	}
 
-	switch (ret) {
-	case 0:
-		ret = test_ops.test();
-		if (ret == 0)
-			break;
+	ret = test_ops.test();
+	if (ret < 0) {
 		RTE_LOG(ERR, USER1, "Error %i: test block\n",
 				ret);
-		break;
-	case 1:
-		break;
-	default:
-		RTE_LOG(ERR, USER1, "Error %i: Parse block\n",
-				ret);
+		goto exit;
 	}
-	return 0;
+
+exit:
+	return ret;
 }
 
 static int
@@ -1968,8 +1964,8 @@ fips_test_one_test_group(void)
 	tests_size = json_array_size(tests);
 	for (test_idx = 0; test_idx < tests_size; test_idx++) {
 		json_info.json_test_case = json_array_get(tests, test_idx);
-		fips_test_one_test_case();
-		json_array_append_new(write_tests, json_info.json_write_case);
+		if (fips_test_one_test_case() > 0)
+			json_array_append_new(write_tests, json_info.json_write_case);
 	}
 
 	return 0;
-- 
2.25.1


^ permalink raw reply	[flat|nested] 6+ messages in thread

* [PATCH v2] examples/fips_validation: add parsing for aes_cbc
  2022-05-18 15:41 ` [PATCH] examples/fips_validation: add parsing for aes_cbc Gowrishankar Muthukrishnan
@ 2022-05-19  6:09   ` Gowrishankar Muthukrishnan
  0 siblings, 0 replies; 6+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-19  6:09 UTC (permalink / raw)
  To: dev
  Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
	Archana Muniganti, Jerin Jacob, Gowrishankar Muthukrishnan

Added function to parse algorithm for AES_CBC test.

Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
---
Depends-on: series-22738 ("Add JSON vector set support to fips validation")

v2:
 - minor cleanup.

---
 examples/fips_validation/fips_validation.c    |   8 +-
 examples/fips_validation/fips_validation.h    |   4 +
 .../fips_validation/fips_validation_aes.c     | 223 ++++++++++++++++++
 examples/fips_validation/main.c               |  73 ++++--
 4 files changed, 281 insertions(+), 27 deletions(-)

diff --git a/examples/fips_validation/fips_validation.c b/examples/fips_validation/fips_validation.c
index 8e0a55c624..91d0c348cb 100644
--- a/examples/fips_validation/fips_validation.c
+++ b/examples/fips_validation/fips_validation.c
@@ -120,7 +120,7 @@ fips_test_parse_header(void)
 
 	for (i = 0; i < info.nb_vec_lines; i++) {
 		if (!algo_parsed) {
-			if (strstr(info.vec[i], "AESVS")) {
+			if (strstr(info.vec[i], "AES")) {
 				algo_parsed = 1;
 				info.algo = FIPS_TEST_ALGO_AES;
 				ret = parse_test_aes_init();
@@ -458,10 +458,12 @@ fips_test_parse_one_json_vector_set(void)
 	/* Vector sets contain the algorithm type, and nothing else we need. */
 	if (strstr(algo_str, "AES-GCM"))
 		info.algo = FIPS_TEST_ALGO_AES_GCM;
-	if (strstr(algo_str, "HMAC"))
+	else if (strstr(algo_str, "HMAC"))
 		info.algo = FIPS_TEST_ALGO_HMAC;
-	if (strstr(algo_str, "CMAC"))
+	else if (strstr(algo_str, "CMAC"))
 		info.algo = FIPS_TEST_ALGO_AES_CMAC;
+	else if (strstr(algo_str, "AES-CBC"))
+		info.algo = FIPS_TEST_ALGO_AES;
 	else
 		return -EINVAL;
 
diff --git a/examples/fips_validation/fips_validation.h b/examples/fips_validation/fips_validation.h
index 7f68d454f7..f2f0ea5725 100644
--- a/examples/fips_validation/fips_validation.h
+++ b/examples/fips_validation/fips_validation.h
@@ -103,6 +103,7 @@ enum fips_aesavs_test_types {
 	AESAVS_TYPE_VARTXT,
 	AESAVS_TYPE_MMT,
 	AESAVS_TYPE_MCT,
+	AESAVS_TYPE_AFT,
 };
 
 enum fips_tdes_test_types {
@@ -263,6 +264,9 @@ parse_test_hmac_json_algorithm(void);
 int
 parse_test_cmac_json_init(void);
 
+int
+parse_test_aes_json_init(void);
+
 int
 parser_read_cmac_direction_str(const char *key, char *src, struct fips_val *val);
 #endif /* RTE_HAS_JANSSON */
diff --git a/examples/fips_validation/fips_validation_aes.c b/examples/fips_validation/fips_validation_aes.c
index b3c5e31f32..f935217f34 100644
--- a/examples/fips_validation/fips_validation_aes.c
+++ b/examples/fips_validation/fips_validation_aes.c
@@ -7,6 +7,7 @@
 #include <stdio.h>
 
 #include <rte_cryptodev.h>
+#include <rte_malloc.h>
 
 #include "fips_validation.h"
 
@@ -25,6 +26,19 @@
 #define OP_ENC_STR	"ENCRYPT"
 #define OP_DEC_STR	"DECRYPT"
 
+#define ALGO_JSON_STR 		"algorithm"
+#define TESTTYPE_JSON_STR	"testType"
+#define DIR_JSON_STR		"direction"
+#define KEYLEN_JSON_STR 	"keyLen"
+
+#define KEY_JSON_STR	"key"
+#define IV_JSON_STR	"iv"
+#define PT_JSON_STR	"pt"
+#define CT_JSON_STR	"ct"
+
+#define OP_ENC_JSON_STR	"encrypt"
+#define OP_DEC_JSON_STR	"decrypt"
+
 struct {
 	uint32_t type;
 	const char *desc;
@@ -37,6 +51,7 @@ struct {
 		{TDES_VARIABLE_TEXT, "KAT"},
 		{AESAVS_TYPE_MMT, "MMT"},
 		{AESAVS_TYPE_MCT, "MCT"},
+		{AESAVS_TYPE_AFT, "AFT"},
 };
 
 struct aes_test_algo {
@@ -92,6 +107,214 @@ struct fips_test_callback aes_writeback_callbacks[] = {
 		{NULL, NULL, NULL} /**< end pointer */
 };
 
+#ifdef RTE_HAS_JANSSON
+struct fips_test_callback aes_dec_json_vectors[] = {
+		{KEY_JSON_STR, parse_uint8_known_len_hex_str, &vec.cipher_auth.key},
+		{IV_JSON_STR, parse_uint8_hex_str, &vec.iv},
+		{CT_JSON_STR, parse_uint8_hex_str, &vec.ct},
+		{NULL, NULL, NULL} /**< end pointer */
+};
+
+struct fips_test_callback aes_interim_json_vectors[] = {
+		{KEYLEN_JSON_STR, parser_read_uint32_bit_val, &vec.cipher_auth.key},
+		{NULL, NULL, NULL} /**< end pointer */
+};
+
+struct fips_test_callback aes_enc_json_vectors[] = {
+		{KEY_JSON_STR, parse_uint8_known_len_hex_str, &vec.cipher_auth.key},
+		{IV_JSON_STR, parse_uint8_hex_str, &vec.iv},
+		{PT_JSON_STR, parse_uint8_hex_str, &vec.pt},
+		{NULL, NULL, NULL} /**< end pointer */
+};
+
+static int
+parse_test_aes_json_writeback(struct fips_val *val)
+{
+	struct fips_val tmp_val;
+	json_t *tcId;
+
+	tcId = json_object_get(json_info.json_test_case, "tcId");
+
+	json_info.json_write_case = json_object();
+	json_object_set(json_info.json_write_case, "tcId", tcId);
+
+	if (info.op == FIPS_TEST_ENC_AUTH_GEN) {
+		json_t *ct;
+
+		tmp_val.val = val->val;
+		tmp_val.len = vec.pt.len;
+
+		writeback_hex_str("", info.one_line_text, &tmp_val);
+		ct = json_string(info.one_line_text);
+		json_object_set_new(json_info.json_write_case, CT_JSON_STR, ct);
+
+		tmp_val.val = val->val + vec.pt.len;
+		tmp_val.len = val->len - vec.pt.len;
+
+		writeback_hex_str("", info.one_line_text, &tmp_val);
+	} else {
+		if (vec.status == RTE_CRYPTO_OP_STATUS_SUCCESS) {
+			tmp_val.val = val->val;
+			tmp_val.len = vec.ct.len;
+
+			writeback_hex_str("", info.one_line_text, &tmp_val);
+			json_object_set_new(json_info.json_write_case, PT_JSON_STR,
+								json_string(info.one_line_text));
+		} else {
+			json_object_set_new(json_info.json_write_case, "testPassed", json_false());
+		}
+	}
+
+	return 0;
+}
+
+static int
+parse_test_aes_mct_json_writeback(struct fips_val *val)
+{
+	json_t *tcId, *resArr, *res, *ct, *pt, *key, *iv;
+	struct fips_val tmp_val;
+
+	tcId = json_object_get(json_info.json_test_case, "tcId");
+	if (json_info.json_write_case) {
+		json_t *wcId;
+
+		wcId = json_object_get(json_info.json_write_case, "tcId");
+		if (!json_equal(tcId, wcId)) {
+			json_info.json_write_case = json_object();
+			json_object_set(json_info.json_write_case, "tcId", tcId);
+			json_object_set(json_info.json_write_case, "resultsArray", json_array());
+		}
+	} else {
+		json_info.json_write_case = json_object();
+		json_object_set(json_info.json_write_case, "tcId", tcId);
+		json_object_set(json_info.json_write_case, "resultsArray", json_array());
+	}
+
+	resArr = json_object_get(json_info.json_write_case, "resultsArray");
+	if (!json_is_array(resArr))
+		return -EINVAL;
+
+	res = json_object();
+	if (info .op == FIPS_TEST_ENC_AUTH_GEN) {
+		writeback_hex_str("", info.one_line_text, &vec.cipher_auth.key);
+		key = json_string(info.one_line_text);
+		json_object_set_new(res, KEY_JSON_STR, key);
+
+		writeback_hex_str("", info.one_line_text, &val[2]);
+		iv = json_string(info.one_line_text);
+		json_object_set_new(res, IV_JSON_STR, iv);
+
+		writeback_hex_str("", info.one_line_text, &val[1]);
+		pt = json_string(info.one_line_text);
+		json_object_set_new(res, PT_JSON_STR, pt);
+
+		tmp_val.val = val->val;
+		tmp_val.len = vec.pt.len;
+
+		writeback_hex_str("", info.one_line_text, &tmp_val);
+		ct = json_string(info.one_line_text);
+		json_object_set_new(res, CT_JSON_STR, ct);
+
+		tmp_val.val = val->val + vec.pt.len;
+		tmp_val.len = val->len - vec.pt.len;
+
+		writeback_hex_str("", info.one_line_text, &tmp_val);
+	} else {
+		if (vec.status == RTE_CRYPTO_OP_STATUS_SUCCESS) {
+			writeback_hex_str("", info.one_line_text, &vec.cipher_auth.key);
+			key = json_string(info.one_line_text);
+			json_object_set_new(res, KEY_JSON_STR, key);
+
+			writeback_hex_str("", info.one_line_text, &val[2]);
+			iv = json_string(info.one_line_text);
+			json_object_set_new(res, IV_JSON_STR, iv);
+
+			tmp_val.val = val->val;
+			tmp_val.len = vec.ct.len;
+
+			writeback_hex_str("", info.one_line_text, &tmp_val);
+			pt = json_string(info.one_line_text);
+			json_object_set_new(res, PT_JSON_STR, pt);
+
+			writeback_hex_str("", info.one_line_text, &val[1]);
+			ct = json_string(info.one_line_text);
+			json_object_set_new(res, CT_JSON_STR, ct);
+		} else {
+			json_object_set_new(json_info.json_write_case, "testPassed", json_false());
+		}
+	}
+
+	json_array_append(resArr, res);
+	return 0;
+}
+
+int
+parse_test_aes_json_init(void)
+{
+	json_t *type_obj = json_object_get(json_info.json_test_group, TESTTYPE_JSON_STR);
+	json_t *algo_obj = json_object_get(json_info.json_vector_set, ALGO_JSON_STR);
+	const char *type_str = json_string_value(type_obj);
+	const char *algo_str = json_string_value(algo_obj);
+	uint32_t i;
+
+	if (json_info.json_test_group) {
+		json_t *direction_obj;
+		const char *direction_str;
+
+		direction_obj = json_object_get(json_info.json_test_group, DIR_JSON_STR);
+		direction_str = json_string_value(direction_obj);
+
+		if (strcmp(direction_str, OP_ENC_JSON_STR) == 0) {
+			info.op = FIPS_TEST_ENC_AUTH_GEN;
+			info.callbacks = aes_enc_json_vectors;
+
+		} else if (strcmp(direction_str, OP_DEC_JSON_STR) == 0) {
+			info.op = FIPS_TEST_DEC_AUTH_VERIF;
+			info.callbacks = aes_dec_json_vectors;
+		} else {
+			return -EINVAL;
+		}
+		info.interim_callbacks = aes_interim_json_vectors;
+	}
+
+	for (i = 0; i < RTE_DIM(aes_test_types); i++)
+		if (strstr(type_str, aes_test_types[i].desc)) {
+			info.interim_info.aes_data.test_type =
+				aes_test_types[i].type;
+			break;
+		}
+
+	if (i >= RTE_DIM(aes_test_types))
+		return -EINVAL;
+
+	switch (info.interim_info.aes_data.test_type) {
+	case AESAVS_TYPE_MCT:
+		info.parse_writeback = parse_test_aes_mct_json_writeback;
+		break;
+	case AESAVS_TYPE_AFT:
+		info.parse_writeback = parse_test_aes_json_writeback;
+		break;
+	default:
+		info.parse_writeback = NULL;
+	}
+
+	if (!info.parse_writeback)
+		return -EINVAL;
+
+	for (i = 0; i < RTE_DIM(algo_con); i++)
+		if (strstr(algo_str, algo_con[i].name)) {
+			info.interim_info.aes_data.cipher_algo =
+				(uint32_t)algo_con[i].algo;
+			break;
+		}
+
+	if (i >= RTE_DIM(algo_con))
+		return -EINVAL;
+
+	return 0;
+}
+#endif /* RTE_HAS_JANSSON */
+
 static int
 parse_test_aes_writeback(struct fips_val *val)
 {
diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c
index 8af4dc1894..2f29d165e8 100644
--- a/examples/fips_validation/main.c
+++ b/examples/fips_validation/main.c
@@ -1546,7 +1546,7 @@ fips_mct_aes_test(void)
 #define AES_BLOCK_SIZE	16
 #define AES_EXTERN_ITER	100
 #define AES_INTERN_ITER	1000
-	struct fips_val val = {NULL, 0}, val_key;
+	struct fips_val val[3] = {{NULL, 0},}, val_key,  pt, ct, iv;
 	uint8_t prev_out[AES_BLOCK_SIZE] = {0};
 	uint8_t prev_in[AES_BLOCK_SIZE] = {0};
 	uint32_t i, j, k;
@@ -1556,10 +1556,12 @@ fips_mct_aes_test(void)
 		return fips_mct_aes_ecb_test();
 
 	for (i = 0; i < AES_EXTERN_ITER; i++) {
-		if (i != 0)
-			update_info_vec(i);
+		if (info.file_type != FIPS_TYPE_JSON) {
+			if (i != 0)
+				update_info_vec(i);
 
-		fips_test_write_one_case();
+			fips_test_write_one_case();
+		}
 
 		for (j = 0; j < AES_INTERN_ITER; j++) {
 			ret = fips_run_test();
@@ -1572,7 +1574,7 @@ fips_mct_aes_test(void)
 				return ret;
 			}
 
-			ret = get_writeback_data(&val);
+			ret = get_writeback_data(&val[0]);
 			if (ret < 0)
 				return ret;
 
@@ -1580,24 +1582,39 @@ fips_mct_aes_test(void)
 				memcpy(prev_in, vec.ct.val, AES_BLOCK_SIZE);
 
 			if (j == 0) {
-				memcpy(prev_out, val.val, AES_BLOCK_SIZE);
+				memcpy(prev_out, val[0].val, AES_BLOCK_SIZE);
+				pt.len = vec.pt.len;
+				pt.val = calloc(1, pt.len);
+				memcpy(pt.val, vec.pt.val, pt.len);
+
+				ct.len = vec.ct.len;
+				ct.val = calloc(1, ct.len);
+				memcpy(ct.val, vec.ct.val, ct.len);
+
+				iv.len = vec.iv.len;
+				iv.val = calloc(1, iv.len);
+				memcpy(iv.val, vec.iv.val, iv.len);
 
 				if (info.op == FIPS_TEST_ENC_AUTH_GEN) {
-					memcpy(vec.pt.val, vec.iv.val,
-							AES_BLOCK_SIZE);
-					memcpy(vec.iv.val, val.val,
-							AES_BLOCK_SIZE);
+					memcpy(vec.pt.val, vec.iv.val, AES_BLOCK_SIZE);
+					memcpy(vec.iv.val, val[0].val, AES_BLOCK_SIZE);
+					val[1].val = pt.val;
+					val[1].len = pt.len;
+					val[2].val = iv.val;
+					val[2].len = iv.len;
 				} else {
-					memcpy(vec.ct.val, vec.iv.val,
-							AES_BLOCK_SIZE);
-					memcpy(vec.iv.val, prev_in,
-							AES_BLOCK_SIZE);
+					memcpy(vec.ct.val, vec.iv.val, AES_BLOCK_SIZE);
+					memcpy(vec.iv.val, prev_in, AES_BLOCK_SIZE);
+					val[1].val = ct.val;
+					val[1].len = ct.len;
+					val[2].val = iv.val;
+					val[2].len = iv.len;
 				}
 				continue;
 			}
 
 			if (info.op == FIPS_TEST_ENC_AUTH_GEN) {
-				memcpy(vec.iv.val, val.val, AES_BLOCK_SIZE);
+				memcpy(vec.iv.val, val[0].val, AES_BLOCK_SIZE);
 				memcpy(vec.pt.val, prev_out, AES_BLOCK_SIZE);
 			} else {
 				memcpy(vec.iv.val, prev_in, AES_BLOCK_SIZE);
@@ -1607,33 +1624,38 @@ fips_mct_aes_test(void)
 			if (j == AES_INTERN_ITER - 1)
 				continue;
 
-			memcpy(prev_out, val.val, AES_BLOCK_SIZE);
+			memcpy(prev_out, val[0].val, AES_BLOCK_SIZE);
 		}
 
-		info.parse_writeback(&val);
-		fprintf(info.fp_wr, "\n");
+		info.parse_writeback(val);
+		if (info.file_type != FIPS_TYPE_JSON)
+			fprintf(info.fp_wr, "\n");
 
-		if (i == AES_EXTERN_ITER - 1)
+		if (i == AES_EXTERN_ITER - 1) {
+			free(pt.val);
+			free(ct.val);
+			free(iv.val);
 			continue;
+		}
 
 		/** update key */
 		memcpy(&val_key, &vec.cipher_auth.key, sizeof(val_key));
 		for (k = 0; k < vec.cipher_auth.key.len; k++) {
 			switch (vec.cipher_auth.key.len) {
 			case 16:
-				val_key.val[k] ^= val.val[k];
+				val_key.val[k] ^= val[0].val[k];
 				break;
 			case 24:
 				if (k < 8)
 					val_key.val[k] ^= prev_out[k + 8];
 				else
-					val_key.val[k] ^= val.val[k - 8];
+					val_key.val[k] ^= val[0].val[k - 8];
 				break;
 			case 32:
 				if (k < 16)
 					val_key.val[k] ^= prev_out[k];
 				else
-					val_key.val[k] ^= val.val[k - 16];
+					val_key.val[k] ^= val[0].val[k - 16];
 				break;
 			default:
 				return -1;
@@ -1641,10 +1663,10 @@ fips_mct_aes_test(void)
 		}
 
 		if (info.op == FIPS_TEST_DEC_AUTH_VERIF)
-			memcpy(vec.iv.val, val.val, AES_BLOCK_SIZE);
+			memcpy(vec.iv.val, val[0].val, AES_BLOCK_SIZE);
 	}
 
-	free(val.val);
+	free(val[0].val);
 
 	return 1;
 }
@@ -1945,6 +1967,9 @@ fips_test_one_test_group(void)
 	case FIPS_TEST_ALGO_AES_CMAC:
 		ret = parse_test_cmac_json_init();
 		break;
+	case FIPS_TEST_ALGO_AES:
+		ret = parse_test_aes_json_init();
+		break;
 	default:
 		return -EINVAL;
 	}
-- 
2.25.1


^ permalink raw reply	[flat|nested] 6+ messages in thread

end of thread, other threads:[~2022-05-19  6:09 UTC | newest]

Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-04-21  7:55 [PATCH] examples/fips_validation: cleanup bypass tests in response file Gowrishankar Muthukrishnan
2022-05-18 15:34 ` Gowrishankar Muthukrishnan
2022-05-19  6:07   ` Gowrishankar Muthukrishnan
2022-05-18 15:39 ` [PATCH v2] examples/fips_validation: reset IV generation in every test group Gowrishankar Muthukrishnan
2022-05-18 15:41 ` [PATCH] examples/fips_validation: add parsing for aes_cbc Gowrishankar Muthukrishnan
2022-05-19  6:09   ` [PATCH v2] " Gowrishankar Muthukrishnan

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).