* [PATCH] examples/fips_validation: cleanup bypass tests in response file @ 2022-04-21 7:55 Gowrishankar Muthukrishnan 2022-05-18 15:34 ` Gowrishankar Muthukrishnan ` (2 more replies) 0 siblings, 3 replies; 6+ messages in thread From: Gowrishankar Muthukrishnan @ 2022-04-21 7:55 UTC (permalink / raw) To: dev Cc: Fan Zhang, Brian Dooley, Brandon Lo, Anoob Joseph, Archana Muniganti, Jerin Jacob, Gowrishankar Muthukrishnan Remove garbage entries for bypassed tests in response file. Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com> --- examples/fips_validation/main.c | 74 ++++++++++++++++----------------- 1 file changed, 35 insertions(+), 39 deletions(-) diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c index 70a389c79b..03dad7eaf9 100644 --- a/examples/fips_validation/main.c +++ b/examples/fips_validation/main.c @@ -802,7 +802,7 @@ prepare_aes_xform(struct rte_crypto_sym_xform *xform) RTE_LOG(ERR, USER1, "PMD %s key length %u IV length %u\n", info.device_name, cipher_xform->key.length, cipher_xform->iv.length); - return -EPERM; + return -ENOTSUP; } return 0; @@ -850,7 +850,7 @@ prepare_tdes_xform(struct rte_crypto_sym_xform *xform) RTE_LOG(ERR, USER1, "PMD %s key length %u IV length %u\n", info.device_name, cipher_xform->key.length, cipher_xform->iv.length); - return -EPERM; + return -ENOTSUP; } return 0; @@ -887,7 +887,7 @@ prepare_hmac_xform(struct rte_crypto_sym_xform *xform) RTE_LOG(ERR, USER1, "PMD %s key length %u IV length %u\n", info.device_name, auth_xform->key.length, auth_xform->digest_length); - return -EPERM; + return -ENOTSUP; } return 0; @@ -933,7 +933,7 @@ prepare_gcm_xform(struct rte_crypto_sym_xform *xform) aead_xform->digest_length, aead_xform->aad_length, aead_xform->iv.length); - return -EPERM; + return -ENOTSUP; } return 0; @@ -978,7 +978,7 @@ prepare_gmac_xform(struct rte_crypto_sym_xform *xform) info.device_name, auth_xform->key.length, auth_xform->digest_length, auth_xform->iv.length); - return -EPERM; + return -ENOTSUP; } return 0; @@ -1016,7 +1016,7 @@ prepare_cmac_xform(struct rte_crypto_sym_xform *xform) RTE_LOG(ERR, USER1, "PMD %s key length %u IV length %u\n", info.device_name, auth_xform->key.length, auth_xform->digest_length); - return -EPERM; + return -ENOTSUP; } return 0; @@ -1062,7 +1062,7 @@ prepare_ccm_xform(struct rte_crypto_sym_xform *xform) aead_xform->digest_length, aead_xform->aad_length, aead_xform->iv.length); - return -EPERM; + return -ENOTSUP; } return 0; @@ -1097,7 +1097,7 @@ prepare_sha_xform(struct rte_crypto_sym_xform *xform) RTE_LOG(ERR, USER1, "PMD %s key length %u digest length %u\n", info.device_name, auth_xform->key.length, auth_xform->digest_length); - return -EPERM; + return -ENOTSUP; } return 0; @@ -1137,7 +1137,7 @@ prepare_xts_xform(struct rte_crypto_sym_xform *xform) RTE_LOG(ERR, USER1, "PMD %s key length %u IV length %u\n", info.device_name, cipher_xform->key.length, cipher_xform->iv.length); - return -EPERM; + return -ENOTSUP; } return 0; @@ -1252,7 +1252,7 @@ fips_generic_test(void) ret = fips_run_test(); if (ret < 0) { - if (ret == -EPERM || ret == -ENOTSUP) { + if (ret == -ENOTSUP) { fprintf(info.fp_wr, "Bypass\n\n"); return 0; } @@ -1287,7 +1287,7 @@ fips_generic_test(void) fprintf(info.fp_wr, "\n"); free(val.val); - return 0; + return 1; } static int @@ -1456,7 +1456,7 @@ fips_mct_tdes_test(void) free(val.val); - return 0; + return 1; } static int @@ -1535,7 +1535,7 @@ fips_mct_aes_ecb_test(void) free(val.val); - return 0; + return 1; } static int fips_mct_aes_test(void) @@ -1643,7 +1643,7 @@ fips_mct_aes_test(void) free(val.val); - return 0; + return 1; } static int @@ -1729,7 +1729,7 @@ fips_mct_sha_test(void) free(val.val); - return 0; + return 1; } @@ -1844,18 +1844,15 @@ fips_test_one_file(void) } ret = fips_test_parse_one_case(); - switch (ret) { - case 0: - ret = test_ops.test(); - if (ret == 0) - break; - RTE_LOG(ERR, USER1, "Error %i: test block\n", + if (ret < 0) { + RTE_LOG(ERR, USER1, "Error %i: Parse block\n", ret); goto error_one_case; - case 1: - break; - default: - RTE_LOG(ERR, USER1, "Error %i: Parse block\n", + } + + ret = test_ops.test(); + if (ret < 0) { + RTE_LOG(ERR, USER1, "Error %i: test block\n", ret); goto error_one_case; } @@ -1905,22 +1902,21 @@ fips_test_one_test_case(void) int ret; ret = fips_test_parse_one_json_case(); + if (ret < 0) { + RTE_LOG(ERR, USER1, "Error %i: Parse block\n", + ret); + goto exit; + } - switch (ret) { - case 0: - ret = test_ops.test(); - if (ret == 0) - break; + ret = test_ops.test(); + if (ret < 0) { RTE_LOG(ERR, USER1, "Error %i: test block\n", ret); - break; - case 1: - break; - default: - RTE_LOG(ERR, USER1, "Error %i: Parse block\n", - ret); + goto exit; } - return 0; + +exit: + return ret; } static int @@ -1958,8 +1954,8 @@ fips_test_one_test_group(void) tests_size = json_array_size(tests); for (test_idx = 0; test_idx < tests_size; test_idx++) { json_info.json_test_case = json_array_get(tests, test_idx); - fips_test_one_test_case(); - json_array_append_new(write_tests, json_info.json_write_case); + if (fips_test_one_test_case() > 0) + json_array_append_new(write_tests, json_info.json_write_case); } return 0; -- 2.25.1 ^ permalink raw reply [flat|nested] 6+ messages in thread
* [PATCH] examples/fips_validation: cleanup bypass tests in response file 2022-04-21 7:55 [PATCH] examples/fips_validation: cleanup bypass tests in response file Gowrishankar Muthukrishnan @ 2022-05-18 15:34 ` Gowrishankar Muthukrishnan 2022-05-19 6:07 ` Gowrishankar Muthukrishnan 2022-05-18 15:39 ` [PATCH v2] examples/fips_validation: reset IV generation in every test group Gowrishankar Muthukrishnan 2022-05-18 15:41 ` [PATCH] examples/fips_validation: add parsing for aes_cbc Gowrishankar Muthukrishnan 2 siblings, 1 reply; 6+ messages in thread From: Gowrishankar Muthukrishnan @ 2022-05-18 15:34 UTC (permalink / raw) To: dev Cc: Fan Zhang, Brian Dooley, Brandon Lo, Anoob Joseph, Archana Muniganti, Jerin Jacob, Gowrishankar Muthukrishnan Remove garbage entries for bypassed tests in response file. Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com> --- examples/fips_validation/main.c | 74 ++++++++++++++++----------------- 1 file changed, 35 insertions(+), 39 deletions(-) diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c index aa8034c29f..8af4dc1894 100644 --- a/examples/fips_validation/main.c +++ b/examples/fips_validation/main.c @@ -805,7 +805,7 @@ prepare_aes_xform(struct rte_crypto_sym_xform *xform) RTE_LOG(ERR, USER1, "PMD %s key length %u IV length %u\n", info.device_name, cipher_xform->key.length, cipher_xform->iv.length); - return -EPERM; + return -ENOTSUP; } return 0; @@ -853,7 +853,7 @@ prepare_tdes_xform(struct rte_crypto_sym_xform *xform) RTE_LOG(ERR, USER1, "PMD %s key length %u IV length %u\n", info.device_name, cipher_xform->key.length, cipher_xform->iv.length); - return -EPERM; + return -ENOTSUP; } return 0; @@ -890,7 +890,7 @@ prepare_hmac_xform(struct rte_crypto_sym_xform *xform) RTE_LOG(ERR, USER1, "PMD %s key length %u IV length %u\n", info.device_name, auth_xform->key.length, auth_xform->digest_length); - return -EPERM; + return -ENOTSUP; } return 0; @@ -936,7 +936,7 @@ prepare_gcm_xform(struct rte_crypto_sym_xform *xform) aead_xform->digest_length, aead_xform->aad_length, aead_xform->iv.length); - return -EPERM; + return -ENOTSUP; } return 0; @@ -981,7 +981,7 @@ prepare_gmac_xform(struct rte_crypto_sym_xform *xform) info.device_name, auth_xform->key.length, auth_xform->digest_length, auth_xform->iv.length); - return -EPERM; + return -ENOTSUP; } return 0; @@ -1019,7 +1019,7 @@ prepare_cmac_xform(struct rte_crypto_sym_xform *xform) RTE_LOG(ERR, USER1, "PMD %s key length %u IV length %u\n", info.device_name, auth_xform->key.length, auth_xform->digest_length); - return -EPERM; + return -ENOTSUP; } return 0; @@ -1065,7 +1065,7 @@ prepare_ccm_xform(struct rte_crypto_sym_xform *xform) aead_xform->digest_length, aead_xform->aad_length, aead_xform->iv.length); - return -EPERM; + return -ENOTSUP; } return 0; @@ -1100,7 +1100,7 @@ prepare_sha_xform(struct rte_crypto_sym_xform *xform) RTE_LOG(ERR, USER1, "PMD %s key length %u digest length %u\n", info.device_name, auth_xform->key.length, auth_xform->digest_length); - return -EPERM; + return -ENOTSUP; } return 0; @@ -1140,7 +1140,7 @@ prepare_xts_xform(struct rte_crypto_sym_xform *xform) RTE_LOG(ERR, USER1, "PMD %s key length %u IV length %u\n", info.device_name, cipher_xform->key.length, cipher_xform->iv.length); - return -EPERM; + return -ENOTSUP; } return 0; @@ -1255,7 +1255,7 @@ fips_generic_test(void) ret = fips_run_test(); if (ret < 0) { - if (ret == -EPERM || ret == -ENOTSUP) { + if (ret == -ENOTSUP) { fprintf(info.fp_wr, "Bypass\n\n"); return 0; } @@ -1290,7 +1290,7 @@ fips_generic_test(void) fprintf(info.fp_wr, "\n"); free(val.val); - return 0; + return 1; } static int @@ -1459,7 +1459,7 @@ fips_mct_tdes_test(void) free(val.val); - return 0; + return 1; } static int @@ -1538,7 +1538,7 @@ fips_mct_aes_ecb_test(void) free(val.val); - return 0; + return 1; } static int fips_mct_aes_test(void) @@ -1646,7 +1646,7 @@ fips_mct_aes_test(void) free(val.val); - return 0; + return 1; } static int @@ -1732,7 +1732,7 @@ fips_mct_sha_test(void) free(val.val); - return 0; + return 1; } @@ -1847,18 +1847,15 @@ fips_test_one_file(void) } ret = fips_test_parse_one_case(); - switch (ret) { - case 0: - ret = test_ops.test(); - if (ret == 0) - break; - RTE_LOG(ERR, USER1, "Error %i: test block\n", + if (ret < 0) { + RTE_LOG(ERR, USER1, "Error %i: Parse block\n", ret); goto error_one_case; - case 1: - break; - default: - RTE_LOG(ERR, USER1, "Error %i: Parse block\n", + } + + ret = test_ops.test(); + if (ret < 0) { + RTE_LOG(ERR, USER1, "Error %i: test block\n", ret); goto error_one_case; } @@ -1908,22 +1905,21 @@ fips_test_one_test_case(void) int ret; ret = fips_test_parse_one_json_case(); + if (ret < 0) { + RTE_LOG(ERR, USER1, "Error %i: Parse block\n", + ret); + goto exit; + } - switch (ret) { - case 0: - ret = test_ops.test(); - if (ret == 0) - break; + ret = test_ops.test(); + if (ret < 0) { RTE_LOG(ERR, USER1, "Error %i: test block\n", ret); - break; - case 1: - break; - default: - RTE_LOG(ERR, USER1, "Error %i: Parse block\n", - ret); + goto exit; } - return 0; + +exit: + return ret; } static int @@ -1968,8 +1964,8 @@ fips_test_one_test_group(void) tests_size = json_array_size(tests); for (test_idx = 0; test_idx < tests_size; test_idx++) { json_info.json_test_case = json_array_get(tests, test_idx); - fips_test_one_test_case(); - json_array_append_new(write_tests, json_info.json_write_case); + if (fips_test_one_test_case() > 0) + json_array_append_new(write_tests, json_info.json_write_case); } return 0; -- 2.25.1 ^ permalink raw reply [flat|nested] 6+ messages in thread
* [PATCH] examples/fips_validation: cleanup bypass tests in response file 2022-05-18 15:34 ` Gowrishankar Muthukrishnan @ 2022-05-19 6:07 ` Gowrishankar Muthukrishnan 0 siblings, 0 replies; 6+ messages in thread From: Gowrishankar Muthukrishnan @ 2022-05-19 6:07 UTC (permalink / raw) To: dev Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph, Archana Muniganti, Jerin Jacob, Gowrishankar Muthukrishnan Remove garbage entries for bypassed tests in response file. Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com> --- Depends-on: series-22738 ("Add JSON vector set support to fips validation") --- examples/fips_validation/main.c | 74 ++++++++++++++++----------------- 1 file changed, 35 insertions(+), 39 deletions(-) diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c index aa8034c29f..8af4dc1894 100644 --- a/examples/fips_validation/main.c +++ b/examples/fips_validation/main.c @@ -805,7 +805,7 @@ prepare_aes_xform(struct rte_crypto_sym_xform *xform) RTE_LOG(ERR, USER1, "PMD %s key length %u IV length %u\n", info.device_name, cipher_xform->key.length, cipher_xform->iv.length); - return -EPERM; + return -ENOTSUP; } return 0; @@ -853,7 +853,7 @@ prepare_tdes_xform(struct rte_crypto_sym_xform *xform) RTE_LOG(ERR, USER1, "PMD %s key length %u IV length %u\n", info.device_name, cipher_xform->key.length, cipher_xform->iv.length); - return -EPERM; + return -ENOTSUP; } return 0; @@ -890,7 +890,7 @@ prepare_hmac_xform(struct rte_crypto_sym_xform *xform) RTE_LOG(ERR, USER1, "PMD %s key length %u IV length %u\n", info.device_name, auth_xform->key.length, auth_xform->digest_length); - return -EPERM; + return -ENOTSUP; } return 0; @@ -936,7 +936,7 @@ prepare_gcm_xform(struct rte_crypto_sym_xform *xform) aead_xform->digest_length, aead_xform->aad_length, aead_xform->iv.length); - return -EPERM; + return -ENOTSUP; } return 0; @@ -981,7 +981,7 @@ prepare_gmac_xform(struct rte_crypto_sym_xform *xform) info.device_name, auth_xform->key.length, auth_xform->digest_length, auth_xform->iv.length); - return -EPERM; + return -ENOTSUP; } return 0; @@ -1019,7 +1019,7 @@ prepare_cmac_xform(struct rte_crypto_sym_xform *xform) RTE_LOG(ERR, USER1, "PMD %s key length %u IV length %u\n", info.device_name, auth_xform->key.length, auth_xform->digest_length); - return -EPERM; + return -ENOTSUP; } return 0; @@ -1065,7 +1065,7 @@ prepare_ccm_xform(struct rte_crypto_sym_xform *xform) aead_xform->digest_length, aead_xform->aad_length, aead_xform->iv.length); - return -EPERM; + return -ENOTSUP; } return 0; @@ -1100,7 +1100,7 @@ prepare_sha_xform(struct rte_crypto_sym_xform *xform) RTE_LOG(ERR, USER1, "PMD %s key length %u digest length %u\n", info.device_name, auth_xform->key.length, auth_xform->digest_length); - return -EPERM; + return -ENOTSUP; } return 0; @@ -1140,7 +1140,7 @@ prepare_xts_xform(struct rte_crypto_sym_xform *xform) RTE_LOG(ERR, USER1, "PMD %s key length %u IV length %u\n", info.device_name, cipher_xform->key.length, cipher_xform->iv.length); - return -EPERM; + return -ENOTSUP; } return 0; @@ -1255,7 +1255,7 @@ fips_generic_test(void) ret = fips_run_test(); if (ret < 0) { - if (ret == -EPERM || ret == -ENOTSUP) { + if (ret == -ENOTSUP) { fprintf(info.fp_wr, "Bypass\n\n"); return 0; } @@ -1290,7 +1290,7 @@ fips_generic_test(void) fprintf(info.fp_wr, "\n"); free(val.val); - return 0; + return 1; } static int @@ -1459,7 +1459,7 @@ fips_mct_tdes_test(void) free(val.val); - return 0; + return 1; } static int @@ -1538,7 +1538,7 @@ fips_mct_aes_ecb_test(void) free(val.val); - return 0; + return 1; } static int fips_mct_aes_test(void) @@ -1646,7 +1646,7 @@ fips_mct_aes_test(void) free(val.val); - return 0; + return 1; } static int @@ -1732,7 +1732,7 @@ fips_mct_sha_test(void) free(val.val); - return 0; + return 1; } @@ -1847,18 +1847,15 @@ fips_test_one_file(void) } ret = fips_test_parse_one_case(); - switch (ret) { - case 0: - ret = test_ops.test(); - if (ret == 0) - break; - RTE_LOG(ERR, USER1, "Error %i: test block\n", + if (ret < 0) { + RTE_LOG(ERR, USER1, "Error %i: Parse block\n", ret); goto error_one_case; - case 1: - break; - default: - RTE_LOG(ERR, USER1, "Error %i: Parse block\n", + } + + ret = test_ops.test(); + if (ret < 0) { + RTE_LOG(ERR, USER1, "Error %i: test block\n", ret); goto error_one_case; } @@ -1908,22 +1905,21 @@ fips_test_one_test_case(void) int ret; ret = fips_test_parse_one_json_case(); + if (ret < 0) { + RTE_LOG(ERR, USER1, "Error %i: Parse block\n", + ret); + goto exit; + } - switch (ret) { - case 0: - ret = test_ops.test(); - if (ret == 0) - break; + ret = test_ops.test(); + if (ret < 0) { RTE_LOG(ERR, USER1, "Error %i: test block\n", ret); - break; - case 1: - break; - default: - RTE_LOG(ERR, USER1, "Error %i: Parse block\n", - ret); + goto exit; } - return 0; + +exit: + return ret; } static int @@ -1968,8 +1964,8 @@ fips_test_one_test_group(void) tests_size = json_array_size(tests); for (test_idx = 0; test_idx < tests_size; test_idx++) { json_info.json_test_case = json_array_get(tests, test_idx); - fips_test_one_test_case(); - json_array_append_new(write_tests, json_info.json_write_case); + if (fips_test_one_test_case() > 0) + json_array_append_new(write_tests, json_info.json_write_case); } return 0; -- 2.25.1 ^ permalink raw reply [flat|nested] 6+ messages in thread
* [PATCH v2] examples/fips_validation: reset IV generation in every test group 2022-04-21 7:55 [PATCH] examples/fips_validation: cleanup bypass tests in response file Gowrishankar Muthukrishnan 2022-05-18 15:34 ` Gowrishankar Muthukrishnan @ 2022-05-18 15:39 ` Gowrishankar Muthukrishnan 2022-05-18 15:41 ` [PATCH] examples/fips_validation: add parsing for aes_cbc Gowrishankar Muthukrishnan 2 siblings, 0 replies; 6+ messages in thread From: Gowrishankar Muthukrishnan @ 2022-05-18 15:39 UTC (permalink / raw) To: dev Cc: Fan Zhang, Brian Dooley, Brandon Lo, Anoob Joseph, Archana Muniganti, Jerin Jacob, Gowrishankar Muthukrishnan Reset IV generation in every test group. Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com> --- v2: - rebase on latest main. --- examples/fips_validation/fips_validation_gcm.c | 1 + 1 file changed, 1 insertion(+) diff --git a/examples/fips_validation/fips_validation_gcm.c b/examples/fips_validation/fips_validation_gcm.c index 3604b21f13..7e89f2a6b2 100644 --- a/examples/fips_validation/fips_validation_gcm.c +++ b/examples/fips_validation/fips_validation_gcm.c @@ -344,6 +344,7 @@ parse_test_gcm_json_init(void) direction_obj = json_object_get(json_info.json_test_group, DIR_JSON_STR); direction_str = json_string_value(direction_obj); + info.interim_info.gcm_data.gen_iv = 0; if (strcmp(direction_str, OP_ENC_JSON_STR) == 0) { json_t *ivGen_obj = json_object_get(json_info.json_test_group, IVGEN_JSON_STR); -- 2.25.1 ^ permalink raw reply [flat|nested] 6+ messages in thread
* [PATCH] examples/fips_validation: add parsing for aes_cbc 2022-04-21 7:55 [PATCH] examples/fips_validation: cleanup bypass tests in response file Gowrishankar Muthukrishnan 2022-05-18 15:34 ` Gowrishankar Muthukrishnan 2022-05-18 15:39 ` [PATCH v2] examples/fips_validation: reset IV generation in every test group Gowrishankar Muthukrishnan @ 2022-05-18 15:41 ` Gowrishankar Muthukrishnan 2022-05-19 6:09 ` [PATCH v2] " Gowrishankar Muthukrishnan 2 siblings, 1 reply; 6+ messages in thread From: Gowrishankar Muthukrishnan @ 2022-05-18 15:41 UTC (permalink / raw) To: dev Cc: Fan Zhang, Brian Dooley, Brandon Lo, Anoob Joseph, Archana Muniganti, Jerin Jacob, Gowrishankar Muthukrishnan Added function to parse algorithm for AES_CBC test. Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com> --- examples/fips_validation/fips_validation.c | 14 +- examples/fips_validation/fips_validation.h | 1 + .../fips_validation/fips_validation_aes.c | 218 ++++++++++++++++++ examples/fips_validation/main.c | 70 ++++-- 4 files changed, 275 insertions(+), 28 deletions(-) diff --git a/examples/fips_validation/fips_validation.c b/examples/fips_validation/fips_validation.c index 8e0a55c624..de5ebbf076 100644 --- a/examples/fips_validation/fips_validation.c +++ b/examples/fips_validation/fips_validation.c @@ -120,7 +120,7 @@ fips_test_parse_header(void) for (i = 0; i < info.nb_vec_lines; i++) { if (!algo_parsed) { - if (strstr(info.vec[i], "AESVS")) { + if (strstr(info.vec[i], "AESVS") || strstr(info.vec[i], "AES-CBC")) { algo_parsed = 1; info.algo = FIPS_TEST_ALGO_AES; ret = parse_test_aes_init(); @@ -456,14 +456,18 @@ fips_test_parse_one_json_vector_set(void) const char *algo_str = json_string_value(algo_obj); /* Vector sets contain the algorithm type, and nothing else we need. */ - if (strstr(algo_str, "AES-GCM")) + if (strstr(algo_str, "AES-GCM")) { info.algo = FIPS_TEST_ALGO_AES_GCM; - if (strstr(algo_str, "HMAC")) + } else if (strstr(algo_str, "HMAC")) { info.algo = FIPS_TEST_ALGO_HMAC; - if (strstr(algo_str, "CMAC")) + } else if (strstr(algo_str, "CMAC")) { info.algo = FIPS_TEST_ALGO_AES_CMAC; - else + } else if (strstr(algo_str, "AES-CBC")) { + info.algo = FIPS_TEST_ALGO_AES; + info.interim_info.aes_data.cipher_algo = RTE_CRYPTO_CIPHER_AES_CBC; + } else { return -EINVAL; + } return 0; } diff --git a/examples/fips_validation/fips_validation.h b/examples/fips_validation/fips_validation.h index 7f68d454f7..6382f7f7f4 100644 --- a/examples/fips_validation/fips_validation.h +++ b/examples/fips_validation/fips_validation.h @@ -103,6 +103,7 @@ enum fips_aesavs_test_types { AESAVS_TYPE_VARTXT, AESAVS_TYPE_MMT, AESAVS_TYPE_MCT, + AESAVS_TYPE_AFT, }; enum fips_tdes_test_types { diff --git a/examples/fips_validation/fips_validation_aes.c b/examples/fips_validation/fips_validation_aes.c index b3c5e31f32..8f68142db8 100644 --- a/examples/fips_validation/fips_validation_aes.c +++ b/examples/fips_validation/fips_validation_aes.c @@ -7,6 +7,7 @@ #include <stdio.h> #include <rte_cryptodev.h> +#include <rte_malloc.h> #include "fips_validation.h" @@ -25,6 +26,18 @@ #define OP_ENC_STR "ENCRYPT" #define OP_DEC_STR "DECRYPT" +#define TESTTYPE_JSON_STR "testType" +#define DIR_JSON_STR "direction" +#define KEYLEN_JSON_STR "keyLen" + +#define KEY_JSON_STR "key" +#define IV_JSON_STR "iv" +#define PT_JSON_STR "pt" +#define CT_JSON_STR "ct" + +#define OP_ENC_JSON_STR "encrypt" +#define OP_DEC_JSON_STR "decrypt" + struct { uint32_t type; const char *desc; @@ -37,6 +50,7 @@ struct { {TDES_VARIABLE_TEXT, "KAT"}, {AESAVS_TYPE_MMT, "MMT"}, {AESAVS_TYPE_MCT, "MCT"}, + {AESAVS_TYPE_AFT, "AFT"}, }; struct aes_test_algo { @@ -92,6 +106,27 @@ struct fips_test_callback aes_writeback_callbacks[] = { {NULL, NULL, NULL} /**< end pointer */ }; +#ifdef RTE_HAS_JANSSON +struct fips_test_callback aes_dec_json_vectors[] = { + {KEY_JSON_STR, parse_uint8_known_len_hex_str, &vec.cipher_auth.key}, + {IV_JSON_STR, parse_uint8_hex_str, &vec.iv}, + {CT_JSON_STR, parse_uint8_hex_str, &vec.ct}, + {NULL, NULL, NULL} /**< end pointer */ +}; + +struct fips_test_callback aes_interim_json_vectors[] = { + {KEYLEN_JSON_STR, parser_read_uint32_bit_val, &vec.cipher_auth.key}, + {NULL, NULL, NULL} /**< end pointer */ +}; + +struct fips_test_callback aes_enc_json_vectors[] = { + {KEY_JSON_STR, parse_uint8_known_len_hex_str, &vec.cipher_auth.key}, + {IV_JSON_STR, parse_uint8_hex_str, &vec.iv}, + {PT_JSON_STR, parse_uint8_hex_str, &vec.pt}, + {NULL, NULL, NULL} /**< end pointer */ +}; +#endif /* RTE_HAS_JANSSON */ + static int parse_test_aes_writeback(struct fips_val *val) { @@ -105,6 +140,129 @@ parse_test_aes_writeback(struct fips_val *val) return 0; } +#ifdef RTE_HAS_JANSSON +static int +parse_test_aes_json_writeback(struct fips_val *val) +{ + struct fips_val tmp_val; + json_t *tcId; + + tcId = json_object_get(json_info.json_test_case, "tcId"); + + json_info.json_write_case = json_object(); + json_object_set(json_info.json_write_case, "tcId", tcId); + + if (info.op == FIPS_TEST_ENC_AUTH_GEN) { + json_t *ct; + + tmp_val.val = val->val; + tmp_val.len = vec.pt.len; + + writeback_hex_str("", info.one_line_text, &tmp_val); + ct = json_string(info.one_line_text); + json_object_set_new(json_info.json_write_case, CT_JSON_STR, ct); + + tmp_val.val = val->val + vec.pt.len; + tmp_val.len = val->len - vec.pt.len; + + writeback_hex_str("", info.one_line_text, &tmp_val); + } else { + if (vec.status == RTE_CRYPTO_OP_STATUS_SUCCESS) { + tmp_val.val = val->val; + tmp_val.len = vec.ct.len; + + writeback_hex_str("", info.one_line_text, &tmp_val); + json_object_set_new(json_info.json_write_case, PT_JSON_STR, + json_string(info.one_line_text)); + } else { + json_object_set_new(json_info.json_write_case, "testPassed", json_false()); + } + } + + return 0; +} + +static int +parse_test_aes_mct_json_writeback(struct fips_val *val) +{ + json_t *tcId, *resArr, *res, *ct, *pt, *key, *iv; + struct fips_val tmp_val; + + tcId = json_object_get(json_info.json_test_case, "tcId"); + if (json_info.json_write_case) { + json_t *wcId; + + wcId = json_object_get(json_info.json_write_case, "tcId"); + if (!json_equal(tcId, wcId)) { + json_info.json_write_case = json_object(); + json_object_set(json_info.json_write_case, "tcId", tcId); + json_object_set(json_info.json_write_case, "resultsArray", json_array()); + } + } else { + json_info.json_write_case = json_object(); + json_object_set(json_info.json_write_case, "tcId", tcId); + json_object_set(json_info.json_write_case, "resultsArray", json_array()); + } + + resArr = json_object_get(json_info.json_write_case, "resultsArray"); + if (!json_is_array(resArr)) + return -EINVAL; + + res = json_object(); + if (info .op == FIPS_TEST_ENC_AUTH_GEN) { + writeback_hex_str("", info.one_line_text, &vec.cipher_auth.key); + key = json_string(info.one_line_text); + json_object_set_new(res, KEY_JSON_STR, key); + + writeback_hex_str("", info.one_line_text, &val[2]); + iv = json_string(info.one_line_text); + json_object_set_new(res, IV_JSON_STR, iv); + + writeback_hex_str("", info.one_line_text, &val[1]); + pt = json_string(info.one_line_text); + json_object_set_new(res, PT_JSON_STR, pt); + + tmp_val.val = val->val; + tmp_val.len = vec.pt.len; + + writeback_hex_str("", info.one_line_text, &tmp_val); + ct = json_string(info.one_line_text); + json_object_set_new(res, CT_JSON_STR, ct); + + tmp_val.val = val->val + vec.pt.len; + tmp_val.len = val->len - vec.pt.len; + + writeback_hex_str("", info.one_line_text, &tmp_val); + } else { + if (vec.status == RTE_CRYPTO_OP_STATUS_SUCCESS) { + writeback_hex_str("", info.one_line_text, &vec.cipher_auth.key); + key = json_string(info.one_line_text); + json_object_set_new(res, KEY_JSON_STR, key); + + writeback_hex_str("", info.one_line_text, &val[2]); + iv = json_string(info.one_line_text); + json_object_set_new(res, IV_JSON_STR, iv); + + tmp_val.val = val->val; + tmp_val.len = vec.ct.len; + + writeback_hex_str("", info.one_line_text, &tmp_val); + pt = json_string(info.one_line_text); + json_object_set_new(res, PT_JSON_STR, pt); + + writeback_hex_str("", info.one_line_text, &val[1]); + ct = json_string(info.one_line_text); + json_object_set_new(res, CT_JSON_STR, ct); + } else { + json_object_set_new(json_info.json_write_case, "testPassed", json_false()); + } + } + + json_array_append(resArr, res); + return 0; +} +#endif /* RTE_HAS_JANSSON */ + static int rsp_test_aes_check(struct fips_val *val) { @@ -123,12 +281,72 @@ rsp_test_aes_check(struct fips_val *val) return 0; } +#ifdef RTE_HAS_JANSSON +static int +parse_test_aes_json_init(void) +{ + json_t *type_obj = json_object_get(json_info.json_test_group, TESTTYPE_JSON_STR); + const char *type_str = json_string_value(type_obj); + uint32_t i; + + if (json_info.json_test_group) { + json_t *direction_obj; + const char *direction_str; + + direction_obj = json_object_get(json_info.json_test_group, DIR_JSON_STR); + direction_str = json_string_value(direction_obj); + + if (strcmp(direction_str, OP_ENC_JSON_STR) == 0) { + info.op = FIPS_TEST_ENC_AUTH_GEN; + info.callbacks = aes_enc_json_vectors; + + } else if (strcmp(direction_str, OP_DEC_JSON_STR) == 0) { + info.op = FIPS_TEST_DEC_AUTH_VERIF; + info.callbacks = aes_dec_json_vectors; + } else { + return -EINVAL; + } + info.interim_callbacks = aes_interim_json_vectors; + } + + for (i = 0; i < RTE_DIM(aes_test_types); i++) + if (strstr(type_str, aes_test_types[i].desc)) { + info.interim_info.aes_data.test_type = + aes_test_types[i].type; + break; + } + + if (i >= RTE_DIM(aes_test_types)) + return -EINVAL; + + switch (info.interim_info.aes_data.test_type) { + case AESAVS_TYPE_MCT: + info.parse_writeback = parse_test_aes_mct_json_writeback; + break; + case AESAVS_TYPE_AFT: + info.parse_writeback = parse_test_aes_json_writeback; + break; + default: + info.parse_writeback = NULL; + } + + if (!info.parse_writeback) + return -EINVAL; + + return 0; +} +#endif /* RTE_HAS_JANSSON */ + int parse_test_aes_init(void) { char *tmp; uint32_t i, j; +#ifdef RTE_HAS_JANSSON + return parse_test_aes_json_init(); +#endif /* RTE_HAS_JANSSON */ + for (i = 0; i < info.nb_vec_lines; i++) { char *line = info.vec[i]; diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c index 8af4dc1894..25475348ac 100644 --- a/examples/fips_validation/main.c +++ b/examples/fips_validation/main.c @@ -1546,7 +1546,7 @@ fips_mct_aes_test(void) #define AES_BLOCK_SIZE 16 #define AES_EXTERN_ITER 100 #define AES_INTERN_ITER 1000 - struct fips_val val = {NULL, 0}, val_key; + struct fips_val val[3] = {{NULL, 0},}, val_key, pt, ct, iv; uint8_t prev_out[AES_BLOCK_SIZE] = {0}; uint8_t prev_in[AES_BLOCK_SIZE] = {0}; uint32_t i, j, k; @@ -1556,10 +1556,12 @@ fips_mct_aes_test(void) return fips_mct_aes_ecb_test(); for (i = 0; i < AES_EXTERN_ITER; i++) { - if (i != 0) - update_info_vec(i); + if (info.file_type != FIPS_TYPE_JSON) { + if (i != 0) + update_info_vec(i); - fips_test_write_one_case(); + fips_test_write_one_case(); + } for (j = 0; j < AES_INTERN_ITER; j++) { ret = fips_run_test(); @@ -1572,7 +1574,7 @@ fips_mct_aes_test(void) return ret; } - ret = get_writeback_data(&val); + ret = get_writeback_data(&val[0]); if (ret < 0) return ret; @@ -1580,24 +1582,39 @@ fips_mct_aes_test(void) memcpy(prev_in, vec.ct.val, AES_BLOCK_SIZE); if (j == 0) { - memcpy(prev_out, val.val, AES_BLOCK_SIZE); + memcpy(prev_out, val[0].val, AES_BLOCK_SIZE); + pt.len = vec.pt.len; + pt.val = calloc(1, pt.len); + memcpy(pt.val, vec.pt.val, pt.len); + + ct.len = vec.ct.len; + ct.val = calloc(1, ct.len); + memcpy(ct.val, vec.ct.val, ct.len); + + iv.len = vec.iv.len; + iv.val = calloc(1, iv.len); + memcpy(iv.val, vec.iv.val, iv.len); if (info.op == FIPS_TEST_ENC_AUTH_GEN) { - memcpy(vec.pt.val, vec.iv.val, - AES_BLOCK_SIZE); - memcpy(vec.iv.val, val.val, - AES_BLOCK_SIZE); + memcpy(vec.pt.val, vec.iv.val, AES_BLOCK_SIZE); + memcpy(vec.iv.val, val[0].val, AES_BLOCK_SIZE); + val[1].val = pt.val; + val[1].len = pt.len; + val[2].val = iv.val; + val[2].len = iv.len; } else { - memcpy(vec.ct.val, vec.iv.val, - AES_BLOCK_SIZE); - memcpy(vec.iv.val, prev_in, - AES_BLOCK_SIZE); + memcpy(vec.ct.val, vec.iv.val, AES_BLOCK_SIZE); + memcpy(vec.iv.val, prev_in, AES_BLOCK_SIZE); + val[1].val = ct.val; + val[1].len = ct.len; + val[2].val = iv.val; + val[2].len = iv.len; } continue; } if (info.op == FIPS_TEST_ENC_AUTH_GEN) { - memcpy(vec.iv.val, val.val, AES_BLOCK_SIZE); + memcpy(vec.iv.val, val[0].val, AES_BLOCK_SIZE); memcpy(vec.pt.val, prev_out, AES_BLOCK_SIZE); } else { memcpy(vec.iv.val, prev_in, AES_BLOCK_SIZE); @@ -1607,33 +1624,37 @@ fips_mct_aes_test(void) if (j == AES_INTERN_ITER - 1) continue; - memcpy(prev_out, val.val, AES_BLOCK_SIZE); + memcpy(prev_out, val[0].val, AES_BLOCK_SIZE); } - info.parse_writeback(&val); + info.parse_writeback(val); fprintf(info.fp_wr, "\n"); - if (i == AES_EXTERN_ITER - 1) + if (i == AES_EXTERN_ITER - 1) { + free(pt.val); + free(ct.val); + free(iv.val); continue; + } /** update key */ memcpy(&val_key, &vec.cipher_auth.key, sizeof(val_key)); for (k = 0; k < vec.cipher_auth.key.len; k++) { switch (vec.cipher_auth.key.len) { case 16: - val_key.val[k] ^= val.val[k]; + val_key.val[k] ^= val[0].val[k]; break; case 24: if (k < 8) val_key.val[k] ^= prev_out[k + 8]; else - val_key.val[k] ^= val.val[k - 8]; + val_key.val[k] ^= val[0].val[k - 8]; break; case 32: if (k < 16) val_key.val[k] ^= prev_out[k]; else - val_key.val[k] ^= val.val[k - 16]; + val_key.val[k] ^= val[0].val[k - 16]; break; default: return -1; @@ -1641,10 +1662,10 @@ fips_mct_aes_test(void) } if (info.op == FIPS_TEST_DEC_AUTH_VERIF) - memcpy(vec.iv.val, val.val, AES_BLOCK_SIZE); + memcpy(vec.iv.val, val[0].val, AES_BLOCK_SIZE); } - free(val.val); + free(val[0].val); return 1; } @@ -1945,6 +1966,9 @@ fips_test_one_test_group(void) case FIPS_TEST_ALGO_AES_CMAC: ret = parse_test_cmac_json_init(); break; + case FIPS_TEST_ALGO_AES: + ret = parse_test_aes_init(); + break; default: return -EINVAL; } -- 2.25.1 ^ permalink raw reply [flat|nested] 6+ messages in thread
* [PATCH v2] examples/fips_validation: add parsing for aes_cbc 2022-05-18 15:41 ` [PATCH] examples/fips_validation: add parsing for aes_cbc Gowrishankar Muthukrishnan @ 2022-05-19 6:09 ` Gowrishankar Muthukrishnan 0 siblings, 0 replies; 6+ messages in thread From: Gowrishankar Muthukrishnan @ 2022-05-19 6:09 UTC (permalink / raw) To: dev Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph, Archana Muniganti, Jerin Jacob, Gowrishankar Muthukrishnan Added function to parse algorithm for AES_CBC test. Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com> --- Depends-on: series-22738 ("Add JSON vector set support to fips validation") v2: - minor cleanup. --- examples/fips_validation/fips_validation.c | 8 +- examples/fips_validation/fips_validation.h | 4 + .../fips_validation/fips_validation_aes.c | 223 ++++++++++++++++++ examples/fips_validation/main.c | 73 ++++-- 4 files changed, 281 insertions(+), 27 deletions(-) diff --git a/examples/fips_validation/fips_validation.c b/examples/fips_validation/fips_validation.c index 8e0a55c624..91d0c348cb 100644 --- a/examples/fips_validation/fips_validation.c +++ b/examples/fips_validation/fips_validation.c @@ -120,7 +120,7 @@ fips_test_parse_header(void) for (i = 0; i < info.nb_vec_lines; i++) { if (!algo_parsed) { - if (strstr(info.vec[i], "AESVS")) { + if (strstr(info.vec[i], "AES")) { algo_parsed = 1; info.algo = FIPS_TEST_ALGO_AES; ret = parse_test_aes_init(); @@ -458,10 +458,12 @@ fips_test_parse_one_json_vector_set(void) /* Vector sets contain the algorithm type, and nothing else we need. */ if (strstr(algo_str, "AES-GCM")) info.algo = FIPS_TEST_ALGO_AES_GCM; - if (strstr(algo_str, "HMAC")) + else if (strstr(algo_str, "HMAC")) info.algo = FIPS_TEST_ALGO_HMAC; - if (strstr(algo_str, "CMAC")) + else if (strstr(algo_str, "CMAC")) info.algo = FIPS_TEST_ALGO_AES_CMAC; + else if (strstr(algo_str, "AES-CBC")) + info.algo = FIPS_TEST_ALGO_AES; else return -EINVAL; diff --git a/examples/fips_validation/fips_validation.h b/examples/fips_validation/fips_validation.h index 7f68d454f7..f2f0ea5725 100644 --- a/examples/fips_validation/fips_validation.h +++ b/examples/fips_validation/fips_validation.h @@ -103,6 +103,7 @@ enum fips_aesavs_test_types { AESAVS_TYPE_VARTXT, AESAVS_TYPE_MMT, AESAVS_TYPE_MCT, + AESAVS_TYPE_AFT, }; enum fips_tdes_test_types { @@ -263,6 +264,9 @@ parse_test_hmac_json_algorithm(void); int parse_test_cmac_json_init(void); +int +parse_test_aes_json_init(void); + int parser_read_cmac_direction_str(const char *key, char *src, struct fips_val *val); #endif /* RTE_HAS_JANSSON */ diff --git a/examples/fips_validation/fips_validation_aes.c b/examples/fips_validation/fips_validation_aes.c index b3c5e31f32..f935217f34 100644 --- a/examples/fips_validation/fips_validation_aes.c +++ b/examples/fips_validation/fips_validation_aes.c @@ -7,6 +7,7 @@ #include <stdio.h> #include <rte_cryptodev.h> +#include <rte_malloc.h> #include "fips_validation.h" @@ -25,6 +26,19 @@ #define OP_ENC_STR "ENCRYPT" #define OP_DEC_STR "DECRYPT" +#define ALGO_JSON_STR "algorithm" +#define TESTTYPE_JSON_STR "testType" +#define DIR_JSON_STR "direction" +#define KEYLEN_JSON_STR "keyLen" + +#define KEY_JSON_STR "key" +#define IV_JSON_STR "iv" +#define PT_JSON_STR "pt" +#define CT_JSON_STR "ct" + +#define OP_ENC_JSON_STR "encrypt" +#define OP_DEC_JSON_STR "decrypt" + struct { uint32_t type; const char *desc; @@ -37,6 +51,7 @@ struct { {TDES_VARIABLE_TEXT, "KAT"}, {AESAVS_TYPE_MMT, "MMT"}, {AESAVS_TYPE_MCT, "MCT"}, + {AESAVS_TYPE_AFT, "AFT"}, }; struct aes_test_algo { @@ -92,6 +107,214 @@ struct fips_test_callback aes_writeback_callbacks[] = { {NULL, NULL, NULL} /**< end pointer */ }; +#ifdef RTE_HAS_JANSSON +struct fips_test_callback aes_dec_json_vectors[] = { + {KEY_JSON_STR, parse_uint8_known_len_hex_str, &vec.cipher_auth.key}, + {IV_JSON_STR, parse_uint8_hex_str, &vec.iv}, + {CT_JSON_STR, parse_uint8_hex_str, &vec.ct}, + {NULL, NULL, NULL} /**< end pointer */ +}; + +struct fips_test_callback aes_interim_json_vectors[] = { + {KEYLEN_JSON_STR, parser_read_uint32_bit_val, &vec.cipher_auth.key}, + {NULL, NULL, NULL} /**< end pointer */ +}; + +struct fips_test_callback aes_enc_json_vectors[] = { + {KEY_JSON_STR, parse_uint8_known_len_hex_str, &vec.cipher_auth.key}, + {IV_JSON_STR, parse_uint8_hex_str, &vec.iv}, + {PT_JSON_STR, parse_uint8_hex_str, &vec.pt}, + {NULL, NULL, NULL} /**< end pointer */ +}; + +static int +parse_test_aes_json_writeback(struct fips_val *val) +{ + struct fips_val tmp_val; + json_t *tcId; + + tcId = json_object_get(json_info.json_test_case, "tcId"); + + json_info.json_write_case = json_object(); + json_object_set(json_info.json_write_case, "tcId", tcId); + + if (info.op == FIPS_TEST_ENC_AUTH_GEN) { + json_t *ct; + + tmp_val.val = val->val; + tmp_val.len = vec.pt.len; + + writeback_hex_str("", info.one_line_text, &tmp_val); + ct = json_string(info.one_line_text); + json_object_set_new(json_info.json_write_case, CT_JSON_STR, ct); + + tmp_val.val = val->val + vec.pt.len; + tmp_val.len = val->len - vec.pt.len; + + writeback_hex_str("", info.one_line_text, &tmp_val); + } else { + if (vec.status == RTE_CRYPTO_OP_STATUS_SUCCESS) { + tmp_val.val = val->val; + tmp_val.len = vec.ct.len; + + writeback_hex_str("", info.one_line_text, &tmp_val); + json_object_set_new(json_info.json_write_case, PT_JSON_STR, + json_string(info.one_line_text)); + } else { + json_object_set_new(json_info.json_write_case, "testPassed", json_false()); + } + } + + return 0; +} + +static int +parse_test_aes_mct_json_writeback(struct fips_val *val) +{ + json_t *tcId, *resArr, *res, *ct, *pt, *key, *iv; + struct fips_val tmp_val; + + tcId = json_object_get(json_info.json_test_case, "tcId"); + if (json_info.json_write_case) { + json_t *wcId; + + wcId = json_object_get(json_info.json_write_case, "tcId"); + if (!json_equal(tcId, wcId)) { + json_info.json_write_case = json_object(); + json_object_set(json_info.json_write_case, "tcId", tcId); + json_object_set(json_info.json_write_case, "resultsArray", json_array()); + } + } else { + json_info.json_write_case = json_object(); + json_object_set(json_info.json_write_case, "tcId", tcId); + json_object_set(json_info.json_write_case, "resultsArray", json_array()); + } + + resArr = json_object_get(json_info.json_write_case, "resultsArray"); + if (!json_is_array(resArr)) + return -EINVAL; + + res = json_object(); + if (info .op == FIPS_TEST_ENC_AUTH_GEN) { + writeback_hex_str("", info.one_line_text, &vec.cipher_auth.key); + key = json_string(info.one_line_text); + json_object_set_new(res, KEY_JSON_STR, key); + + writeback_hex_str("", info.one_line_text, &val[2]); + iv = json_string(info.one_line_text); + json_object_set_new(res, IV_JSON_STR, iv); + + writeback_hex_str("", info.one_line_text, &val[1]); + pt = json_string(info.one_line_text); + json_object_set_new(res, PT_JSON_STR, pt); + + tmp_val.val = val->val; + tmp_val.len = vec.pt.len; + + writeback_hex_str("", info.one_line_text, &tmp_val); + ct = json_string(info.one_line_text); + json_object_set_new(res, CT_JSON_STR, ct); + + tmp_val.val = val->val + vec.pt.len; + tmp_val.len = val->len - vec.pt.len; + + writeback_hex_str("", info.one_line_text, &tmp_val); + } else { + if (vec.status == RTE_CRYPTO_OP_STATUS_SUCCESS) { + writeback_hex_str("", info.one_line_text, &vec.cipher_auth.key); + key = json_string(info.one_line_text); + json_object_set_new(res, KEY_JSON_STR, key); + + writeback_hex_str("", info.one_line_text, &val[2]); + iv = json_string(info.one_line_text); + json_object_set_new(res, IV_JSON_STR, iv); + + tmp_val.val = val->val; + tmp_val.len = vec.ct.len; + + writeback_hex_str("", info.one_line_text, &tmp_val); + pt = json_string(info.one_line_text); + json_object_set_new(res, PT_JSON_STR, pt); + + writeback_hex_str("", info.one_line_text, &val[1]); + ct = json_string(info.one_line_text); + json_object_set_new(res, CT_JSON_STR, ct); + } else { + json_object_set_new(json_info.json_write_case, "testPassed", json_false()); + } + } + + json_array_append(resArr, res); + return 0; +} + +int +parse_test_aes_json_init(void) +{ + json_t *type_obj = json_object_get(json_info.json_test_group, TESTTYPE_JSON_STR); + json_t *algo_obj = json_object_get(json_info.json_vector_set, ALGO_JSON_STR); + const char *type_str = json_string_value(type_obj); + const char *algo_str = json_string_value(algo_obj); + uint32_t i; + + if (json_info.json_test_group) { + json_t *direction_obj; + const char *direction_str; + + direction_obj = json_object_get(json_info.json_test_group, DIR_JSON_STR); + direction_str = json_string_value(direction_obj); + + if (strcmp(direction_str, OP_ENC_JSON_STR) == 0) { + info.op = FIPS_TEST_ENC_AUTH_GEN; + info.callbacks = aes_enc_json_vectors; + + } else if (strcmp(direction_str, OP_DEC_JSON_STR) == 0) { + info.op = FIPS_TEST_DEC_AUTH_VERIF; + info.callbacks = aes_dec_json_vectors; + } else { + return -EINVAL; + } + info.interim_callbacks = aes_interim_json_vectors; + } + + for (i = 0; i < RTE_DIM(aes_test_types); i++) + if (strstr(type_str, aes_test_types[i].desc)) { + info.interim_info.aes_data.test_type = + aes_test_types[i].type; + break; + } + + if (i >= RTE_DIM(aes_test_types)) + return -EINVAL; + + switch (info.interim_info.aes_data.test_type) { + case AESAVS_TYPE_MCT: + info.parse_writeback = parse_test_aes_mct_json_writeback; + break; + case AESAVS_TYPE_AFT: + info.parse_writeback = parse_test_aes_json_writeback; + break; + default: + info.parse_writeback = NULL; + } + + if (!info.parse_writeback) + return -EINVAL; + + for (i = 0; i < RTE_DIM(algo_con); i++) + if (strstr(algo_str, algo_con[i].name)) { + info.interim_info.aes_data.cipher_algo = + (uint32_t)algo_con[i].algo; + break; + } + + if (i >= RTE_DIM(algo_con)) + return -EINVAL; + + return 0; +} +#endif /* RTE_HAS_JANSSON */ + static int parse_test_aes_writeback(struct fips_val *val) { diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c index 8af4dc1894..2f29d165e8 100644 --- a/examples/fips_validation/main.c +++ b/examples/fips_validation/main.c @@ -1546,7 +1546,7 @@ fips_mct_aes_test(void) #define AES_BLOCK_SIZE 16 #define AES_EXTERN_ITER 100 #define AES_INTERN_ITER 1000 - struct fips_val val = {NULL, 0}, val_key; + struct fips_val val[3] = {{NULL, 0},}, val_key, pt, ct, iv; uint8_t prev_out[AES_BLOCK_SIZE] = {0}; uint8_t prev_in[AES_BLOCK_SIZE] = {0}; uint32_t i, j, k; @@ -1556,10 +1556,12 @@ fips_mct_aes_test(void) return fips_mct_aes_ecb_test(); for (i = 0; i < AES_EXTERN_ITER; i++) { - if (i != 0) - update_info_vec(i); + if (info.file_type != FIPS_TYPE_JSON) { + if (i != 0) + update_info_vec(i); - fips_test_write_one_case(); + fips_test_write_one_case(); + } for (j = 0; j < AES_INTERN_ITER; j++) { ret = fips_run_test(); @@ -1572,7 +1574,7 @@ fips_mct_aes_test(void) return ret; } - ret = get_writeback_data(&val); + ret = get_writeback_data(&val[0]); if (ret < 0) return ret; @@ -1580,24 +1582,39 @@ fips_mct_aes_test(void) memcpy(prev_in, vec.ct.val, AES_BLOCK_SIZE); if (j == 0) { - memcpy(prev_out, val.val, AES_BLOCK_SIZE); + memcpy(prev_out, val[0].val, AES_BLOCK_SIZE); + pt.len = vec.pt.len; + pt.val = calloc(1, pt.len); + memcpy(pt.val, vec.pt.val, pt.len); + + ct.len = vec.ct.len; + ct.val = calloc(1, ct.len); + memcpy(ct.val, vec.ct.val, ct.len); + + iv.len = vec.iv.len; + iv.val = calloc(1, iv.len); + memcpy(iv.val, vec.iv.val, iv.len); if (info.op == FIPS_TEST_ENC_AUTH_GEN) { - memcpy(vec.pt.val, vec.iv.val, - AES_BLOCK_SIZE); - memcpy(vec.iv.val, val.val, - AES_BLOCK_SIZE); + memcpy(vec.pt.val, vec.iv.val, AES_BLOCK_SIZE); + memcpy(vec.iv.val, val[0].val, AES_BLOCK_SIZE); + val[1].val = pt.val; + val[1].len = pt.len; + val[2].val = iv.val; + val[2].len = iv.len; } else { - memcpy(vec.ct.val, vec.iv.val, - AES_BLOCK_SIZE); - memcpy(vec.iv.val, prev_in, - AES_BLOCK_SIZE); + memcpy(vec.ct.val, vec.iv.val, AES_BLOCK_SIZE); + memcpy(vec.iv.val, prev_in, AES_BLOCK_SIZE); + val[1].val = ct.val; + val[1].len = ct.len; + val[2].val = iv.val; + val[2].len = iv.len; } continue; } if (info.op == FIPS_TEST_ENC_AUTH_GEN) { - memcpy(vec.iv.val, val.val, AES_BLOCK_SIZE); + memcpy(vec.iv.val, val[0].val, AES_BLOCK_SIZE); memcpy(vec.pt.val, prev_out, AES_BLOCK_SIZE); } else { memcpy(vec.iv.val, prev_in, AES_BLOCK_SIZE); @@ -1607,33 +1624,38 @@ fips_mct_aes_test(void) if (j == AES_INTERN_ITER - 1) continue; - memcpy(prev_out, val.val, AES_BLOCK_SIZE); + memcpy(prev_out, val[0].val, AES_BLOCK_SIZE); } - info.parse_writeback(&val); - fprintf(info.fp_wr, "\n"); + info.parse_writeback(val); + if (info.file_type != FIPS_TYPE_JSON) + fprintf(info.fp_wr, "\n"); - if (i == AES_EXTERN_ITER - 1) + if (i == AES_EXTERN_ITER - 1) { + free(pt.val); + free(ct.val); + free(iv.val); continue; + } /** update key */ memcpy(&val_key, &vec.cipher_auth.key, sizeof(val_key)); for (k = 0; k < vec.cipher_auth.key.len; k++) { switch (vec.cipher_auth.key.len) { case 16: - val_key.val[k] ^= val.val[k]; + val_key.val[k] ^= val[0].val[k]; break; case 24: if (k < 8) val_key.val[k] ^= prev_out[k + 8]; else - val_key.val[k] ^= val.val[k - 8]; + val_key.val[k] ^= val[0].val[k - 8]; break; case 32: if (k < 16) val_key.val[k] ^= prev_out[k]; else - val_key.val[k] ^= val.val[k - 16]; + val_key.val[k] ^= val[0].val[k - 16]; break; default: return -1; @@ -1641,10 +1663,10 @@ fips_mct_aes_test(void) } if (info.op == FIPS_TEST_DEC_AUTH_VERIF) - memcpy(vec.iv.val, val.val, AES_BLOCK_SIZE); + memcpy(vec.iv.val, val[0].val, AES_BLOCK_SIZE); } - free(val.val); + free(val[0].val); return 1; } @@ -1945,6 +1967,9 @@ fips_test_one_test_group(void) case FIPS_TEST_ALGO_AES_CMAC: ret = parse_test_cmac_json_init(); break; + case FIPS_TEST_ALGO_AES: + ret = parse_test_aes_json_init(); + break; default: return -EINVAL; } -- 2.25.1 ^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2022-05-19 6:09 UTC | newest] Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- 2022-04-21 7:55 [PATCH] examples/fips_validation: cleanup bypass tests in response file Gowrishankar Muthukrishnan 2022-05-18 15:34 ` Gowrishankar Muthukrishnan 2022-05-19 6:07 ` Gowrishankar Muthukrishnan 2022-05-18 15:39 ` [PATCH v2] examples/fips_validation: reset IV generation in every test group Gowrishankar Muthukrishnan 2022-05-18 15:41 ` [PATCH] examples/fips_validation: add parsing for aes_cbc Gowrishankar Muthukrishnan 2022-05-19 6:09 ` [PATCH v2] " Gowrishankar Muthukrishnan
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for NNTP newsgroup(s).