From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id B9487A0503; Wed, 18 May 2022 17:41:17 +0200 (CEST) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id AB06740156; Wed, 18 May 2022 17:41:17 +0200 (CEST) Received: from mx0b-0016f401.pphosted.com (mx0a-0016f401.pphosted.com [67.231.148.174]) by mails.dpdk.org (Postfix) with ESMTP id A0B4F400D6 for ; Wed, 18 May 2022 17:41:16 +0200 (CEST) Received: from pps.filterd (m0045849.ppops.net [127.0.0.1]) by mx0a-0016f401.pphosted.com (8.17.1.5/8.17.1.5) with ESMTP id 24I91tJE008585; Wed, 18 May 2022 08:41:15 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding : content-type; s=pfpt0220; bh=u1udlNYSwcZTf3+zdLt1DxW4JPFvHSWOVE/XgdAmxCM=; b=Y64fJcjZgw/ks1k+2WB52zwcHIGABhkXcBcdvhSfhD6M23QWy0I3r4/FKzjmij9WWmwF azXGQ1tMPtpWj+epK66hE3iWm+TvG5wnv6t2DzkiIsXWWQtXPiGd5q7g2mjNX7sFpgbP 7fXFIpl65ngoCqcdWyirzDNbAmEV8Wt2FqEnjIKhN6jJMVv2wj4eP/yaM+e+YoPoZCtG WjtR/OXyrEsVjkJsrPrfkpM9ErxCGM68JUE7PIIDOcfnl14vYhGWeD7d4EoVFbd6yPCF h8M0vbhSxT4JgzqtotmrcFbn9h2ZSmZMyC8aCfABYWct780nkyC0+4dMVesN6OGpBTGc Bg== Received: from dc5-exch01.marvell.com ([199.233.59.181]) by mx0a-0016f401.pphosted.com (PPS) with ESMTPS id 3g4m6f3m7r-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Wed, 18 May 2022 08:41:15 -0700 Received: from DC5-EXCH02.marvell.com (10.69.176.39) by DC5-EXCH01.marvell.com (10.69.176.38) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Wed, 18 May 2022 08:41:14 -0700 Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH02.marvell.com (10.69.176.39) with Microsoft SMTP Server id 15.0.1497.18 via Frontend Transport; Wed, 18 May 2022 08:41:14 -0700 Received: from localhost.localdomain (unknown [10.28.34.38]) by maili.marvell.com (Postfix) with ESMTP id A17903F70C6; Wed, 18 May 2022 08:41:11 -0700 (PDT) From: Gowrishankar Muthukrishnan To: CC: Fan Zhang , Brian Dooley , Brandon Lo , Anoob Joseph , Archana Muniganti , Jerin Jacob , Gowrishankar Muthukrishnan Subject: [PATCH] examples/fips_validation: add parsing for aes_cbc Date: Wed, 18 May 2022 21:11:03 +0530 Message-ID: <20220518154103.3618811-1-gmuthukrishn@marvell.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20220421075552.528836-1-gmuthukrishn@marvell.com> References: <20220421075552.528836-1-gmuthukrishn@marvell.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Content-Type: text/plain X-Proofpoint-GUID: QxGAfymk4bArUubz_b0w7v-dFezU0Hfg X-Proofpoint-ORIG-GUID: QxGAfymk4bArUubz_b0w7v-dFezU0Hfg X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.874,Hydra:6.0.486,FMLib:17.11.64.514 definitions=2022-05-18_06,2022-05-17_02,2022-02-23_01 X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Added function to parse algorithm for AES_CBC test. Signed-off-by: Gowrishankar Muthukrishnan --- examples/fips_validation/fips_validation.c | 14 +- examples/fips_validation/fips_validation.h | 1 + .../fips_validation/fips_validation_aes.c | 218 ++++++++++++++++++ examples/fips_validation/main.c | 70 ++++-- 4 files changed, 275 insertions(+), 28 deletions(-) diff --git a/examples/fips_validation/fips_validation.c b/examples/fips_validation/fips_validation.c index 8e0a55c624..de5ebbf076 100644 --- a/examples/fips_validation/fips_validation.c +++ b/examples/fips_validation/fips_validation.c @@ -120,7 +120,7 @@ fips_test_parse_header(void) for (i = 0; i < info.nb_vec_lines; i++) { if (!algo_parsed) { - if (strstr(info.vec[i], "AESVS")) { + if (strstr(info.vec[i], "AESVS") || strstr(info.vec[i], "AES-CBC")) { algo_parsed = 1; info.algo = FIPS_TEST_ALGO_AES; ret = parse_test_aes_init(); @@ -456,14 +456,18 @@ fips_test_parse_one_json_vector_set(void) const char *algo_str = json_string_value(algo_obj); /* Vector sets contain the algorithm type, and nothing else we need. */ - if (strstr(algo_str, "AES-GCM")) + if (strstr(algo_str, "AES-GCM")) { info.algo = FIPS_TEST_ALGO_AES_GCM; - if (strstr(algo_str, "HMAC")) + } else if (strstr(algo_str, "HMAC")) { info.algo = FIPS_TEST_ALGO_HMAC; - if (strstr(algo_str, "CMAC")) + } else if (strstr(algo_str, "CMAC")) { info.algo = FIPS_TEST_ALGO_AES_CMAC; - else + } else if (strstr(algo_str, "AES-CBC")) { + info.algo = FIPS_TEST_ALGO_AES; + info.interim_info.aes_data.cipher_algo = RTE_CRYPTO_CIPHER_AES_CBC; + } else { return -EINVAL; + } return 0; } diff --git a/examples/fips_validation/fips_validation.h b/examples/fips_validation/fips_validation.h index 7f68d454f7..6382f7f7f4 100644 --- a/examples/fips_validation/fips_validation.h +++ b/examples/fips_validation/fips_validation.h @@ -103,6 +103,7 @@ enum fips_aesavs_test_types { AESAVS_TYPE_VARTXT, AESAVS_TYPE_MMT, AESAVS_TYPE_MCT, + AESAVS_TYPE_AFT, }; enum fips_tdes_test_types { diff --git a/examples/fips_validation/fips_validation_aes.c b/examples/fips_validation/fips_validation_aes.c index b3c5e31f32..8f68142db8 100644 --- a/examples/fips_validation/fips_validation_aes.c +++ b/examples/fips_validation/fips_validation_aes.c @@ -7,6 +7,7 @@ #include #include +#include #include "fips_validation.h" @@ -25,6 +26,18 @@ #define OP_ENC_STR "ENCRYPT" #define OP_DEC_STR "DECRYPT" +#define TESTTYPE_JSON_STR "testType" +#define DIR_JSON_STR "direction" +#define KEYLEN_JSON_STR "keyLen" + +#define KEY_JSON_STR "key" +#define IV_JSON_STR "iv" +#define PT_JSON_STR "pt" +#define CT_JSON_STR "ct" + +#define OP_ENC_JSON_STR "encrypt" +#define OP_DEC_JSON_STR "decrypt" + struct { uint32_t type; const char *desc; @@ -37,6 +50,7 @@ struct { {TDES_VARIABLE_TEXT, "KAT"}, {AESAVS_TYPE_MMT, "MMT"}, {AESAVS_TYPE_MCT, "MCT"}, + {AESAVS_TYPE_AFT, "AFT"}, }; struct aes_test_algo { @@ -92,6 +106,27 @@ struct fips_test_callback aes_writeback_callbacks[] = { {NULL, NULL, NULL} /**< end pointer */ }; +#ifdef RTE_HAS_JANSSON +struct fips_test_callback aes_dec_json_vectors[] = { + {KEY_JSON_STR, parse_uint8_known_len_hex_str, &vec.cipher_auth.key}, + {IV_JSON_STR, parse_uint8_hex_str, &vec.iv}, + {CT_JSON_STR, parse_uint8_hex_str, &vec.ct}, + {NULL, NULL, NULL} /**< end pointer */ +}; + +struct fips_test_callback aes_interim_json_vectors[] = { + {KEYLEN_JSON_STR, parser_read_uint32_bit_val, &vec.cipher_auth.key}, + {NULL, NULL, NULL} /**< end pointer */ +}; + +struct fips_test_callback aes_enc_json_vectors[] = { + {KEY_JSON_STR, parse_uint8_known_len_hex_str, &vec.cipher_auth.key}, + {IV_JSON_STR, parse_uint8_hex_str, &vec.iv}, + {PT_JSON_STR, parse_uint8_hex_str, &vec.pt}, + {NULL, NULL, NULL} /**< end pointer */ +}; +#endif /* RTE_HAS_JANSSON */ + static int parse_test_aes_writeback(struct fips_val *val) { @@ -105,6 +140,129 @@ parse_test_aes_writeback(struct fips_val *val) return 0; } +#ifdef RTE_HAS_JANSSON +static int +parse_test_aes_json_writeback(struct fips_val *val) +{ + struct fips_val tmp_val; + json_t *tcId; + + tcId = json_object_get(json_info.json_test_case, "tcId"); + + json_info.json_write_case = json_object(); + json_object_set(json_info.json_write_case, "tcId", tcId); + + if (info.op == FIPS_TEST_ENC_AUTH_GEN) { + json_t *ct; + + tmp_val.val = val->val; + tmp_val.len = vec.pt.len; + + writeback_hex_str("", info.one_line_text, &tmp_val); + ct = json_string(info.one_line_text); + json_object_set_new(json_info.json_write_case, CT_JSON_STR, ct); + + tmp_val.val = val->val + vec.pt.len; + tmp_val.len = val->len - vec.pt.len; + + writeback_hex_str("", info.one_line_text, &tmp_val); + } else { + if (vec.status == RTE_CRYPTO_OP_STATUS_SUCCESS) { + tmp_val.val = val->val; + tmp_val.len = vec.ct.len; + + writeback_hex_str("", info.one_line_text, &tmp_val); + json_object_set_new(json_info.json_write_case, PT_JSON_STR, + json_string(info.one_line_text)); + } else { + json_object_set_new(json_info.json_write_case, "testPassed", json_false()); + } + } + + return 0; +} + +static int +parse_test_aes_mct_json_writeback(struct fips_val *val) +{ + json_t *tcId, *resArr, *res, *ct, *pt, *key, *iv; + struct fips_val tmp_val; + + tcId = json_object_get(json_info.json_test_case, "tcId"); + if (json_info.json_write_case) { + json_t *wcId; + + wcId = json_object_get(json_info.json_write_case, "tcId"); + if (!json_equal(tcId, wcId)) { + json_info.json_write_case = json_object(); + json_object_set(json_info.json_write_case, "tcId", tcId); + json_object_set(json_info.json_write_case, "resultsArray", json_array()); + } + } else { + json_info.json_write_case = json_object(); + json_object_set(json_info.json_write_case, "tcId", tcId); + json_object_set(json_info.json_write_case, "resultsArray", json_array()); + } + + resArr = json_object_get(json_info.json_write_case, "resultsArray"); + if (!json_is_array(resArr)) + return -EINVAL; + + res = json_object(); + if (info .op == FIPS_TEST_ENC_AUTH_GEN) { + writeback_hex_str("", info.one_line_text, &vec.cipher_auth.key); + key = json_string(info.one_line_text); + json_object_set_new(res, KEY_JSON_STR, key); + + writeback_hex_str("", info.one_line_text, &val[2]); + iv = json_string(info.one_line_text); + json_object_set_new(res, IV_JSON_STR, iv); + + writeback_hex_str("", info.one_line_text, &val[1]); + pt = json_string(info.one_line_text); + json_object_set_new(res, PT_JSON_STR, pt); + + tmp_val.val = val->val; + tmp_val.len = vec.pt.len; + + writeback_hex_str("", info.one_line_text, &tmp_val); + ct = json_string(info.one_line_text); + json_object_set_new(res, CT_JSON_STR, ct); + + tmp_val.val = val->val + vec.pt.len; + tmp_val.len = val->len - vec.pt.len; + + writeback_hex_str("", info.one_line_text, &tmp_val); + } else { + if (vec.status == RTE_CRYPTO_OP_STATUS_SUCCESS) { + writeback_hex_str("", info.one_line_text, &vec.cipher_auth.key); + key = json_string(info.one_line_text); + json_object_set_new(res, KEY_JSON_STR, key); + + writeback_hex_str("", info.one_line_text, &val[2]); + iv = json_string(info.one_line_text); + json_object_set_new(res, IV_JSON_STR, iv); + + tmp_val.val = val->val; + tmp_val.len = vec.ct.len; + + writeback_hex_str("", info.one_line_text, &tmp_val); + pt = json_string(info.one_line_text); + json_object_set_new(res, PT_JSON_STR, pt); + + writeback_hex_str("", info.one_line_text, &val[1]); + ct = json_string(info.one_line_text); + json_object_set_new(res, CT_JSON_STR, ct); + } else { + json_object_set_new(json_info.json_write_case, "testPassed", json_false()); + } + } + + json_array_append(resArr, res); + return 0; +} +#endif /* RTE_HAS_JANSSON */ + static int rsp_test_aes_check(struct fips_val *val) { @@ -123,12 +281,72 @@ rsp_test_aes_check(struct fips_val *val) return 0; } +#ifdef RTE_HAS_JANSSON +static int +parse_test_aes_json_init(void) +{ + json_t *type_obj = json_object_get(json_info.json_test_group, TESTTYPE_JSON_STR); + const char *type_str = json_string_value(type_obj); + uint32_t i; + + if (json_info.json_test_group) { + json_t *direction_obj; + const char *direction_str; + + direction_obj = json_object_get(json_info.json_test_group, DIR_JSON_STR); + direction_str = json_string_value(direction_obj); + + if (strcmp(direction_str, OP_ENC_JSON_STR) == 0) { + info.op = FIPS_TEST_ENC_AUTH_GEN; + info.callbacks = aes_enc_json_vectors; + + } else if (strcmp(direction_str, OP_DEC_JSON_STR) == 0) { + info.op = FIPS_TEST_DEC_AUTH_VERIF; + info.callbacks = aes_dec_json_vectors; + } else { + return -EINVAL; + } + info.interim_callbacks = aes_interim_json_vectors; + } + + for (i = 0; i < RTE_DIM(aes_test_types); i++) + if (strstr(type_str, aes_test_types[i].desc)) { + info.interim_info.aes_data.test_type = + aes_test_types[i].type; + break; + } + + if (i >= RTE_DIM(aes_test_types)) + return -EINVAL; + + switch (info.interim_info.aes_data.test_type) { + case AESAVS_TYPE_MCT: + info.parse_writeback = parse_test_aes_mct_json_writeback; + break; + case AESAVS_TYPE_AFT: + info.parse_writeback = parse_test_aes_json_writeback; + break; + default: + info.parse_writeback = NULL; + } + + if (!info.parse_writeback) + return -EINVAL; + + return 0; +} +#endif /* RTE_HAS_JANSSON */ + int parse_test_aes_init(void) { char *tmp; uint32_t i, j; +#ifdef RTE_HAS_JANSSON + return parse_test_aes_json_init(); +#endif /* RTE_HAS_JANSSON */ + for (i = 0; i < info.nb_vec_lines; i++) { char *line = info.vec[i]; diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c index 8af4dc1894..25475348ac 100644 --- a/examples/fips_validation/main.c +++ b/examples/fips_validation/main.c @@ -1546,7 +1546,7 @@ fips_mct_aes_test(void) #define AES_BLOCK_SIZE 16 #define AES_EXTERN_ITER 100 #define AES_INTERN_ITER 1000 - struct fips_val val = {NULL, 0}, val_key; + struct fips_val val[3] = {{NULL, 0},}, val_key, pt, ct, iv; uint8_t prev_out[AES_BLOCK_SIZE] = {0}; uint8_t prev_in[AES_BLOCK_SIZE] = {0}; uint32_t i, j, k; @@ -1556,10 +1556,12 @@ fips_mct_aes_test(void) return fips_mct_aes_ecb_test(); for (i = 0; i < AES_EXTERN_ITER; i++) { - if (i != 0) - update_info_vec(i); + if (info.file_type != FIPS_TYPE_JSON) { + if (i != 0) + update_info_vec(i); - fips_test_write_one_case(); + fips_test_write_one_case(); + } for (j = 0; j < AES_INTERN_ITER; j++) { ret = fips_run_test(); @@ -1572,7 +1574,7 @@ fips_mct_aes_test(void) return ret; } - ret = get_writeback_data(&val); + ret = get_writeback_data(&val[0]); if (ret < 0) return ret; @@ -1580,24 +1582,39 @@ fips_mct_aes_test(void) memcpy(prev_in, vec.ct.val, AES_BLOCK_SIZE); if (j == 0) { - memcpy(prev_out, val.val, AES_BLOCK_SIZE); + memcpy(prev_out, val[0].val, AES_BLOCK_SIZE); + pt.len = vec.pt.len; + pt.val = calloc(1, pt.len); + memcpy(pt.val, vec.pt.val, pt.len); + + ct.len = vec.ct.len; + ct.val = calloc(1, ct.len); + memcpy(ct.val, vec.ct.val, ct.len); + + iv.len = vec.iv.len; + iv.val = calloc(1, iv.len); + memcpy(iv.val, vec.iv.val, iv.len); if (info.op == FIPS_TEST_ENC_AUTH_GEN) { - memcpy(vec.pt.val, vec.iv.val, - AES_BLOCK_SIZE); - memcpy(vec.iv.val, val.val, - AES_BLOCK_SIZE); + memcpy(vec.pt.val, vec.iv.val, AES_BLOCK_SIZE); + memcpy(vec.iv.val, val[0].val, AES_BLOCK_SIZE); + val[1].val = pt.val; + val[1].len = pt.len; + val[2].val = iv.val; + val[2].len = iv.len; } else { - memcpy(vec.ct.val, vec.iv.val, - AES_BLOCK_SIZE); - memcpy(vec.iv.val, prev_in, - AES_BLOCK_SIZE); + memcpy(vec.ct.val, vec.iv.val, AES_BLOCK_SIZE); + memcpy(vec.iv.val, prev_in, AES_BLOCK_SIZE); + val[1].val = ct.val; + val[1].len = ct.len; + val[2].val = iv.val; + val[2].len = iv.len; } continue; } if (info.op == FIPS_TEST_ENC_AUTH_GEN) { - memcpy(vec.iv.val, val.val, AES_BLOCK_SIZE); + memcpy(vec.iv.val, val[0].val, AES_BLOCK_SIZE); memcpy(vec.pt.val, prev_out, AES_BLOCK_SIZE); } else { memcpy(vec.iv.val, prev_in, AES_BLOCK_SIZE); @@ -1607,33 +1624,37 @@ fips_mct_aes_test(void) if (j == AES_INTERN_ITER - 1) continue; - memcpy(prev_out, val.val, AES_BLOCK_SIZE); + memcpy(prev_out, val[0].val, AES_BLOCK_SIZE); } - info.parse_writeback(&val); + info.parse_writeback(val); fprintf(info.fp_wr, "\n"); - if (i == AES_EXTERN_ITER - 1) + if (i == AES_EXTERN_ITER - 1) { + free(pt.val); + free(ct.val); + free(iv.val); continue; + } /** update key */ memcpy(&val_key, &vec.cipher_auth.key, sizeof(val_key)); for (k = 0; k < vec.cipher_auth.key.len; k++) { switch (vec.cipher_auth.key.len) { case 16: - val_key.val[k] ^= val.val[k]; + val_key.val[k] ^= val[0].val[k]; break; case 24: if (k < 8) val_key.val[k] ^= prev_out[k + 8]; else - val_key.val[k] ^= val.val[k - 8]; + val_key.val[k] ^= val[0].val[k - 8]; break; case 32: if (k < 16) val_key.val[k] ^= prev_out[k]; else - val_key.val[k] ^= val.val[k - 16]; + val_key.val[k] ^= val[0].val[k - 16]; break; default: return -1; @@ -1641,10 +1662,10 @@ fips_mct_aes_test(void) } if (info.op == FIPS_TEST_DEC_AUTH_VERIF) - memcpy(vec.iv.val, val.val, AES_BLOCK_SIZE); + memcpy(vec.iv.val, val[0].val, AES_BLOCK_SIZE); } - free(val.val); + free(val[0].val); return 1; } @@ -1945,6 +1966,9 @@ fips_test_one_test_group(void) case FIPS_TEST_ALGO_AES_CMAC: ret = parse_test_cmac_json_init(); break; + case FIPS_TEST_ALGO_AES: + ret = parse_test_aes_init(); + break; default: return -EINVAL; } -- 2.25.1