* [PATCH] examples/fips_validation: cleanup bypass tests in response file
@ 2022-04-21 7:55 Gowrishankar Muthukrishnan
2022-05-18 15:34 ` Gowrishankar Muthukrishnan
` (2 more replies)
0 siblings, 3 replies; 6+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-04-21 7:55 UTC (permalink / raw)
To: dev
Cc: Fan Zhang, Brian Dooley, Brandon Lo, Anoob Joseph,
Archana Muniganti, Jerin Jacob, Gowrishankar Muthukrishnan
Remove garbage entries for bypassed tests in response file.
Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
---
examples/fips_validation/main.c | 74 ++++++++++++++++-----------------
1 file changed, 35 insertions(+), 39 deletions(-)
diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c
index 70a389c79b..03dad7eaf9 100644
--- a/examples/fips_validation/main.c
+++ b/examples/fips_validation/main.c
@@ -802,7 +802,7 @@ prepare_aes_xform(struct rte_crypto_sym_xform *xform)
RTE_LOG(ERR, USER1, "PMD %s key length %u IV length %u\n",
info.device_name, cipher_xform->key.length,
cipher_xform->iv.length);
- return -EPERM;
+ return -ENOTSUP;
}
return 0;
@@ -850,7 +850,7 @@ prepare_tdes_xform(struct rte_crypto_sym_xform *xform)
RTE_LOG(ERR, USER1, "PMD %s key length %u IV length %u\n",
info.device_name, cipher_xform->key.length,
cipher_xform->iv.length);
- return -EPERM;
+ return -ENOTSUP;
}
return 0;
@@ -887,7 +887,7 @@ prepare_hmac_xform(struct rte_crypto_sym_xform *xform)
RTE_LOG(ERR, USER1, "PMD %s key length %u IV length %u\n",
info.device_name, auth_xform->key.length,
auth_xform->digest_length);
- return -EPERM;
+ return -ENOTSUP;
}
return 0;
@@ -933,7 +933,7 @@ prepare_gcm_xform(struct rte_crypto_sym_xform *xform)
aead_xform->digest_length,
aead_xform->aad_length,
aead_xform->iv.length);
- return -EPERM;
+ return -ENOTSUP;
}
return 0;
@@ -978,7 +978,7 @@ prepare_gmac_xform(struct rte_crypto_sym_xform *xform)
info.device_name, auth_xform->key.length,
auth_xform->digest_length,
auth_xform->iv.length);
- return -EPERM;
+ return -ENOTSUP;
}
return 0;
@@ -1016,7 +1016,7 @@ prepare_cmac_xform(struct rte_crypto_sym_xform *xform)
RTE_LOG(ERR, USER1, "PMD %s key length %u IV length %u\n",
info.device_name, auth_xform->key.length,
auth_xform->digest_length);
- return -EPERM;
+ return -ENOTSUP;
}
return 0;
@@ -1062,7 +1062,7 @@ prepare_ccm_xform(struct rte_crypto_sym_xform *xform)
aead_xform->digest_length,
aead_xform->aad_length,
aead_xform->iv.length);
- return -EPERM;
+ return -ENOTSUP;
}
return 0;
@@ -1097,7 +1097,7 @@ prepare_sha_xform(struct rte_crypto_sym_xform *xform)
RTE_LOG(ERR, USER1, "PMD %s key length %u digest length %u\n",
info.device_name, auth_xform->key.length,
auth_xform->digest_length);
- return -EPERM;
+ return -ENOTSUP;
}
return 0;
@@ -1137,7 +1137,7 @@ prepare_xts_xform(struct rte_crypto_sym_xform *xform)
RTE_LOG(ERR, USER1, "PMD %s key length %u IV length %u\n",
info.device_name, cipher_xform->key.length,
cipher_xform->iv.length);
- return -EPERM;
+ return -ENOTSUP;
}
return 0;
@@ -1252,7 +1252,7 @@ fips_generic_test(void)
ret = fips_run_test();
if (ret < 0) {
- if (ret == -EPERM || ret == -ENOTSUP) {
+ if (ret == -ENOTSUP) {
fprintf(info.fp_wr, "Bypass\n\n");
return 0;
}
@@ -1287,7 +1287,7 @@ fips_generic_test(void)
fprintf(info.fp_wr, "\n");
free(val.val);
- return 0;
+ return 1;
}
static int
@@ -1456,7 +1456,7 @@ fips_mct_tdes_test(void)
free(val.val);
- return 0;
+ return 1;
}
static int
@@ -1535,7 +1535,7 @@ fips_mct_aes_ecb_test(void)
free(val.val);
- return 0;
+ return 1;
}
static int
fips_mct_aes_test(void)
@@ -1643,7 +1643,7 @@ fips_mct_aes_test(void)
free(val.val);
- return 0;
+ return 1;
}
static int
@@ -1729,7 +1729,7 @@ fips_mct_sha_test(void)
free(val.val);
- return 0;
+ return 1;
}
@@ -1844,18 +1844,15 @@ fips_test_one_file(void)
}
ret = fips_test_parse_one_case();
- switch (ret) {
- case 0:
- ret = test_ops.test();
- if (ret == 0)
- break;
- RTE_LOG(ERR, USER1, "Error %i: test block\n",
+ if (ret < 0) {
+ RTE_LOG(ERR, USER1, "Error %i: Parse block\n",
ret);
goto error_one_case;
- case 1:
- break;
- default:
- RTE_LOG(ERR, USER1, "Error %i: Parse block\n",
+ }
+
+ ret = test_ops.test();
+ if (ret < 0) {
+ RTE_LOG(ERR, USER1, "Error %i: test block\n",
ret);
goto error_one_case;
}
@@ -1905,22 +1902,21 @@ fips_test_one_test_case(void)
int ret;
ret = fips_test_parse_one_json_case();
+ if (ret < 0) {
+ RTE_LOG(ERR, USER1, "Error %i: Parse block\n",
+ ret);
+ goto exit;
+ }
- switch (ret) {
- case 0:
- ret = test_ops.test();
- if (ret == 0)
- break;
+ ret = test_ops.test();
+ if (ret < 0) {
RTE_LOG(ERR, USER1, "Error %i: test block\n",
ret);
- break;
- case 1:
- break;
- default:
- RTE_LOG(ERR, USER1, "Error %i: Parse block\n",
- ret);
+ goto exit;
}
- return 0;
+
+exit:
+ return ret;
}
static int
@@ -1958,8 +1954,8 @@ fips_test_one_test_group(void)
tests_size = json_array_size(tests);
for (test_idx = 0; test_idx < tests_size; test_idx++) {
json_info.json_test_case = json_array_get(tests, test_idx);
- fips_test_one_test_case();
- json_array_append_new(write_tests, json_info.json_write_case);
+ if (fips_test_one_test_case() > 0)
+ json_array_append_new(write_tests, json_info.json_write_case);
}
return 0;
--
2.25.1
^ permalink raw reply [flat|nested] 6+ messages in thread
* [PATCH] examples/fips_validation: cleanup bypass tests in response file
2022-04-21 7:55 [PATCH] examples/fips_validation: cleanup bypass tests in response file Gowrishankar Muthukrishnan
@ 2022-05-18 15:34 ` Gowrishankar Muthukrishnan
2022-05-19 6:07 ` Gowrishankar Muthukrishnan
2022-05-18 15:39 ` [PATCH v2] examples/fips_validation: reset IV generation in every test group Gowrishankar Muthukrishnan
2022-05-18 15:41 ` [PATCH] examples/fips_validation: add parsing for aes_cbc Gowrishankar Muthukrishnan
2 siblings, 1 reply; 6+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-18 15:34 UTC (permalink / raw)
To: dev
Cc: Fan Zhang, Brian Dooley, Brandon Lo, Anoob Joseph,
Archana Muniganti, Jerin Jacob, Gowrishankar Muthukrishnan
Remove garbage entries for bypassed tests in response file.
Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
---
examples/fips_validation/main.c | 74 ++++++++++++++++-----------------
1 file changed, 35 insertions(+), 39 deletions(-)
diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c
index aa8034c29f..8af4dc1894 100644
--- a/examples/fips_validation/main.c
+++ b/examples/fips_validation/main.c
@@ -805,7 +805,7 @@ prepare_aes_xform(struct rte_crypto_sym_xform *xform)
RTE_LOG(ERR, USER1, "PMD %s key length %u IV length %u\n",
info.device_name, cipher_xform->key.length,
cipher_xform->iv.length);
- return -EPERM;
+ return -ENOTSUP;
}
return 0;
@@ -853,7 +853,7 @@ prepare_tdes_xform(struct rte_crypto_sym_xform *xform)
RTE_LOG(ERR, USER1, "PMD %s key length %u IV length %u\n",
info.device_name, cipher_xform->key.length,
cipher_xform->iv.length);
- return -EPERM;
+ return -ENOTSUP;
}
return 0;
@@ -890,7 +890,7 @@ prepare_hmac_xform(struct rte_crypto_sym_xform *xform)
RTE_LOG(ERR, USER1, "PMD %s key length %u IV length %u\n",
info.device_name, auth_xform->key.length,
auth_xform->digest_length);
- return -EPERM;
+ return -ENOTSUP;
}
return 0;
@@ -936,7 +936,7 @@ prepare_gcm_xform(struct rte_crypto_sym_xform *xform)
aead_xform->digest_length,
aead_xform->aad_length,
aead_xform->iv.length);
- return -EPERM;
+ return -ENOTSUP;
}
return 0;
@@ -981,7 +981,7 @@ prepare_gmac_xform(struct rte_crypto_sym_xform *xform)
info.device_name, auth_xform->key.length,
auth_xform->digest_length,
auth_xform->iv.length);
- return -EPERM;
+ return -ENOTSUP;
}
return 0;
@@ -1019,7 +1019,7 @@ prepare_cmac_xform(struct rte_crypto_sym_xform *xform)
RTE_LOG(ERR, USER1, "PMD %s key length %u IV length %u\n",
info.device_name, auth_xform->key.length,
auth_xform->digest_length);
- return -EPERM;
+ return -ENOTSUP;
}
return 0;
@@ -1065,7 +1065,7 @@ prepare_ccm_xform(struct rte_crypto_sym_xform *xform)
aead_xform->digest_length,
aead_xform->aad_length,
aead_xform->iv.length);
- return -EPERM;
+ return -ENOTSUP;
}
return 0;
@@ -1100,7 +1100,7 @@ prepare_sha_xform(struct rte_crypto_sym_xform *xform)
RTE_LOG(ERR, USER1, "PMD %s key length %u digest length %u\n",
info.device_name, auth_xform->key.length,
auth_xform->digest_length);
- return -EPERM;
+ return -ENOTSUP;
}
return 0;
@@ -1140,7 +1140,7 @@ prepare_xts_xform(struct rte_crypto_sym_xform *xform)
RTE_LOG(ERR, USER1, "PMD %s key length %u IV length %u\n",
info.device_name, cipher_xform->key.length,
cipher_xform->iv.length);
- return -EPERM;
+ return -ENOTSUP;
}
return 0;
@@ -1255,7 +1255,7 @@ fips_generic_test(void)
ret = fips_run_test();
if (ret < 0) {
- if (ret == -EPERM || ret == -ENOTSUP) {
+ if (ret == -ENOTSUP) {
fprintf(info.fp_wr, "Bypass\n\n");
return 0;
}
@@ -1290,7 +1290,7 @@ fips_generic_test(void)
fprintf(info.fp_wr, "\n");
free(val.val);
- return 0;
+ return 1;
}
static int
@@ -1459,7 +1459,7 @@ fips_mct_tdes_test(void)
free(val.val);
- return 0;
+ return 1;
}
static int
@@ -1538,7 +1538,7 @@ fips_mct_aes_ecb_test(void)
free(val.val);
- return 0;
+ return 1;
}
static int
fips_mct_aes_test(void)
@@ -1646,7 +1646,7 @@ fips_mct_aes_test(void)
free(val.val);
- return 0;
+ return 1;
}
static int
@@ -1732,7 +1732,7 @@ fips_mct_sha_test(void)
free(val.val);
- return 0;
+ return 1;
}
@@ -1847,18 +1847,15 @@ fips_test_one_file(void)
}
ret = fips_test_parse_one_case();
- switch (ret) {
- case 0:
- ret = test_ops.test();
- if (ret == 0)
- break;
- RTE_LOG(ERR, USER1, "Error %i: test block\n",
+ if (ret < 0) {
+ RTE_LOG(ERR, USER1, "Error %i: Parse block\n",
ret);
goto error_one_case;
- case 1:
- break;
- default:
- RTE_LOG(ERR, USER1, "Error %i: Parse block\n",
+ }
+
+ ret = test_ops.test();
+ if (ret < 0) {
+ RTE_LOG(ERR, USER1, "Error %i: test block\n",
ret);
goto error_one_case;
}
@@ -1908,22 +1905,21 @@ fips_test_one_test_case(void)
int ret;
ret = fips_test_parse_one_json_case();
+ if (ret < 0) {
+ RTE_LOG(ERR, USER1, "Error %i: Parse block\n",
+ ret);
+ goto exit;
+ }
- switch (ret) {
- case 0:
- ret = test_ops.test();
- if (ret == 0)
- break;
+ ret = test_ops.test();
+ if (ret < 0) {
RTE_LOG(ERR, USER1, "Error %i: test block\n",
ret);
- break;
- case 1:
- break;
- default:
- RTE_LOG(ERR, USER1, "Error %i: Parse block\n",
- ret);
+ goto exit;
}
- return 0;
+
+exit:
+ return ret;
}
static int
@@ -1968,8 +1964,8 @@ fips_test_one_test_group(void)
tests_size = json_array_size(tests);
for (test_idx = 0; test_idx < tests_size; test_idx++) {
json_info.json_test_case = json_array_get(tests, test_idx);
- fips_test_one_test_case();
- json_array_append_new(write_tests, json_info.json_write_case);
+ if (fips_test_one_test_case() > 0)
+ json_array_append_new(write_tests, json_info.json_write_case);
}
return 0;
--
2.25.1
^ permalink raw reply [flat|nested] 6+ messages in thread
* [PATCH v2] examples/fips_validation: reset IV generation in every test group
2022-04-21 7:55 [PATCH] examples/fips_validation: cleanup bypass tests in response file Gowrishankar Muthukrishnan
2022-05-18 15:34 ` Gowrishankar Muthukrishnan
@ 2022-05-18 15:39 ` Gowrishankar Muthukrishnan
2022-05-18 15:41 ` [PATCH] examples/fips_validation: add parsing for aes_cbc Gowrishankar Muthukrishnan
2 siblings, 0 replies; 6+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-18 15:39 UTC (permalink / raw)
To: dev
Cc: Fan Zhang, Brian Dooley, Brandon Lo, Anoob Joseph,
Archana Muniganti, Jerin Jacob, Gowrishankar Muthukrishnan
Reset IV generation in every test group.
Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
---
v2:
- rebase on latest main.
---
examples/fips_validation/fips_validation_gcm.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/examples/fips_validation/fips_validation_gcm.c b/examples/fips_validation/fips_validation_gcm.c
index 3604b21f13..7e89f2a6b2 100644
--- a/examples/fips_validation/fips_validation_gcm.c
+++ b/examples/fips_validation/fips_validation_gcm.c
@@ -344,6 +344,7 @@ parse_test_gcm_json_init(void)
direction_obj = json_object_get(json_info.json_test_group, DIR_JSON_STR);
direction_str = json_string_value(direction_obj);
+ info.interim_info.gcm_data.gen_iv = 0;
if (strcmp(direction_str, OP_ENC_JSON_STR) == 0) {
json_t *ivGen_obj = json_object_get(json_info.json_test_group, IVGEN_JSON_STR);
--
2.25.1
^ permalink raw reply [flat|nested] 6+ messages in thread
* [PATCH] examples/fips_validation: add parsing for aes_cbc
2022-04-21 7:55 [PATCH] examples/fips_validation: cleanup bypass tests in response file Gowrishankar Muthukrishnan
2022-05-18 15:34 ` Gowrishankar Muthukrishnan
2022-05-18 15:39 ` [PATCH v2] examples/fips_validation: reset IV generation in every test group Gowrishankar Muthukrishnan
@ 2022-05-18 15:41 ` Gowrishankar Muthukrishnan
2022-05-19 6:09 ` [PATCH v2] " Gowrishankar Muthukrishnan
2 siblings, 1 reply; 6+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-18 15:41 UTC (permalink / raw)
To: dev
Cc: Fan Zhang, Brian Dooley, Brandon Lo, Anoob Joseph,
Archana Muniganti, Jerin Jacob, Gowrishankar Muthukrishnan
Added function to parse algorithm for AES_CBC test.
Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
---
examples/fips_validation/fips_validation.c | 14 +-
examples/fips_validation/fips_validation.h | 1 +
.../fips_validation/fips_validation_aes.c | 218 ++++++++++++++++++
examples/fips_validation/main.c | 70 ++++--
4 files changed, 275 insertions(+), 28 deletions(-)
diff --git a/examples/fips_validation/fips_validation.c b/examples/fips_validation/fips_validation.c
index 8e0a55c624..de5ebbf076 100644
--- a/examples/fips_validation/fips_validation.c
+++ b/examples/fips_validation/fips_validation.c
@@ -120,7 +120,7 @@ fips_test_parse_header(void)
for (i = 0; i < info.nb_vec_lines; i++) {
if (!algo_parsed) {
- if (strstr(info.vec[i], "AESVS")) {
+ if (strstr(info.vec[i], "AESVS") || strstr(info.vec[i], "AES-CBC")) {
algo_parsed = 1;
info.algo = FIPS_TEST_ALGO_AES;
ret = parse_test_aes_init();
@@ -456,14 +456,18 @@ fips_test_parse_one_json_vector_set(void)
const char *algo_str = json_string_value(algo_obj);
/* Vector sets contain the algorithm type, and nothing else we need. */
- if (strstr(algo_str, "AES-GCM"))
+ if (strstr(algo_str, "AES-GCM")) {
info.algo = FIPS_TEST_ALGO_AES_GCM;
- if (strstr(algo_str, "HMAC"))
+ } else if (strstr(algo_str, "HMAC")) {
info.algo = FIPS_TEST_ALGO_HMAC;
- if (strstr(algo_str, "CMAC"))
+ } else if (strstr(algo_str, "CMAC")) {
info.algo = FIPS_TEST_ALGO_AES_CMAC;
- else
+ } else if (strstr(algo_str, "AES-CBC")) {
+ info.algo = FIPS_TEST_ALGO_AES;
+ info.interim_info.aes_data.cipher_algo = RTE_CRYPTO_CIPHER_AES_CBC;
+ } else {
return -EINVAL;
+ }
return 0;
}
diff --git a/examples/fips_validation/fips_validation.h b/examples/fips_validation/fips_validation.h
index 7f68d454f7..6382f7f7f4 100644
--- a/examples/fips_validation/fips_validation.h
+++ b/examples/fips_validation/fips_validation.h
@@ -103,6 +103,7 @@ enum fips_aesavs_test_types {
AESAVS_TYPE_VARTXT,
AESAVS_TYPE_MMT,
AESAVS_TYPE_MCT,
+ AESAVS_TYPE_AFT,
};
enum fips_tdes_test_types {
diff --git a/examples/fips_validation/fips_validation_aes.c b/examples/fips_validation/fips_validation_aes.c
index b3c5e31f32..8f68142db8 100644
--- a/examples/fips_validation/fips_validation_aes.c
+++ b/examples/fips_validation/fips_validation_aes.c
@@ -7,6 +7,7 @@
#include <stdio.h>
#include <rte_cryptodev.h>
+#include <rte_malloc.h>
#include "fips_validation.h"
@@ -25,6 +26,18 @@
#define OP_ENC_STR "ENCRYPT"
#define OP_DEC_STR "DECRYPT"
+#define TESTTYPE_JSON_STR "testType"
+#define DIR_JSON_STR "direction"
+#define KEYLEN_JSON_STR "keyLen"
+
+#define KEY_JSON_STR "key"
+#define IV_JSON_STR "iv"
+#define PT_JSON_STR "pt"
+#define CT_JSON_STR "ct"
+
+#define OP_ENC_JSON_STR "encrypt"
+#define OP_DEC_JSON_STR "decrypt"
+
struct {
uint32_t type;
const char *desc;
@@ -37,6 +50,7 @@ struct {
{TDES_VARIABLE_TEXT, "KAT"},
{AESAVS_TYPE_MMT, "MMT"},
{AESAVS_TYPE_MCT, "MCT"},
+ {AESAVS_TYPE_AFT, "AFT"},
};
struct aes_test_algo {
@@ -92,6 +106,27 @@ struct fips_test_callback aes_writeback_callbacks[] = {
{NULL, NULL, NULL} /**< end pointer */
};
+#ifdef RTE_HAS_JANSSON
+struct fips_test_callback aes_dec_json_vectors[] = {
+ {KEY_JSON_STR, parse_uint8_known_len_hex_str, &vec.cipher_auth.key},
+ {IV_JSON_STR, parse_uint8_hex_str, &vec.iv},
+ {CT_JSON_STR, parse_uint8_hex_str, &vec.ct},
+ {NULL, NULL, NULL} /**< end pointer */
+};
+
+struct fips_test_callback aes_interim_json_vectors[] = {
+ {KEYLEN_JSON_STR, parser_read_uint32_bit_val, &vec.cipher_auth.key},
+ {NULL, NULL, NULL} /**< end pointer */
+};
+
+struct fips_test_callback aes_enc_json_vectors[] = {
+ {KEY_JSON_STR, parse_uint8_known_len_hex_str, &vec.cipher_auth.key},
+ {IV_JSON_STR, parse_uint8_hex_str, &vec.iv},
+ {PT_JSON_STR, parse_uint8_hex_str, &vec.pt},
+ {NULL, NULL, NULL} /**< end pointer */
+};
+#endif /* RTE_HAS_JANSSON */
+
static int
parse_test_aes_writeback(struct fips_val *val)
{
@@ -105,6 +140,129 @@ parse_test_aes_writeback(struct fips_val *val)
return 0;
}
+#ifdef RTE_HAS_JANSSON
+static int
+parse_test_aes_json_writeback(struct fips_val *val)
+{
+ struct fips_val tmp_val;
+ json_t *tcId;
+
+ tcId = json_object_get(json_info.json_test_case, "tcId");
+
+ json_info.json_write_case = json_object();
+ json_object_set(json_info.json_write_case, "tcId", tcId);
+
+ if (info.op == FIPS_TEST_ENC_AUTH_GEN) {
+ json_t *ct;
+
+ tmp_val.val = val->val;
+ tmp_val.len = vec.pt.len;
+
+ writeback_hex_str("", info.one_line_text, &tmp_val);
+ ct = json_string(info.one_line_text);
+ json_object_set_new(json_info.json_write_case, CT_JSON_STR, ct);
+
+ tmp_val.val = val->val + vec.pt.len;
+ tmp_val.len = val->len - vec.pt.len;
+
+ writeback_hex_str("", info.one_line_text, &tmp_val);
+ } else {
+ if (vec.status == RTE_CRYPTO_OP_STATUS_SUCCESS) {
+ tmp_val.val = val->val;
+ tmp_val.len = vec.ct.len;
+
+ writeback_hex_str("", info.one_line_text, &tmp_val);
+ json_object_set_new(json_info.json_write_case, PT_JSON_STR,
+ json_string(info.one_line_text));
+ } else {
+ json_object_set_new(json_info.json_write_case, "testPassed", json_false());
+ }
+ }
+
+ return 0;
+}
+
+static int
+parse_test_aes_mct_json_writeback(struct fips_val *val)
+{
+ json_t *tcId, *resArr, *res, *ct, *pt, *key, *iv;
+ struct fips_val tmp_val;
+
+ tcId = json_object_get(json_info.json_test_case, "tcId");
+ if (json_info.json_write_case) {
+ json_t *wcId;
+
+ wcId = json_object_get(json_info.json_write_case, "tcId");
+ if (!json_equal(tcId, wcId)) {
+ json_info.json_write_case = json_object();
+ json_object_set(json_info.json_write_case, "tcId", tcId);
+ json_object_set(json_info.json_write_case, "resultsArray", json_array());
+ }
+ } else {
+ json_info.json_write_case = json_object();
+ json_object_set(json_info.json_write_case, "tcId", tcId);
+ json_object_set(json_info.json_write_case, "resultsArray", json_array());
+ }
+
+ resArr = json_object_get(json_info.json_write_case, "resultsArray");
+ if (!json_is_array(resArr))
+ return -EINVAL;
+
+ res = json_object();
+ if (info .op == FIPS_TEST_ENC_AUTH_GEN) {
+ writeback_hex_str("", info.one_line_text, &vec.cipher_auth.key);
+ key = json_string(info.one_line_text);
+ json_object_set_new(res, KEY_JSON_STR, key);
+
+ writeback_hex_str("", info.one_line_text, &val[2]);
+ iv = json_string(info.one_line_text);
+ json_object_set_new(res, IV_JSON_STR, iv);
+
+ writeback_hex_str("", info.one_line_text, &val[1]);
+ pt = json_string(info.one_line_text);
+ json_object_set_new(res, PT_JSON_STR, pt);
+
+ tmp_val.val = val->val;
+ tmp_val.len = vec.pt.len;
+
+ writeback_hex_str("", info.one_line_text, &tmp_val);
+ ct = json_string(info.one_line_text);
+ json_object_set_new(res, CT_JSON_STR, ct);
+
+ tmp_val.val = val->val + vec.pt.len;
+ tmp_val.len = val->len - vec.pt.len;
+
+ writeback_hex_str("", info.one_line_text, &tmp_val);
+ } else {
+ if (vec.status == RTE_CRYPTO_OP_STATUS_SUCCESS) {
+ writeback_hex_str("", info.one_line_text, &vec.cipher_auth.key);
+ key = json_string(info.one_line_text);
+ json_object_set_new(res, KEY_JSON_STR, key);
+
+ writeback_hex_str("", info.one_line_text, &val[2]);
+ iv = json_string(info.one_line_text);
+ json_object_set_new(res, IV_JSON_STR, iv);
+
+ tmp_val.val = val->val;
+ tmp_val.len = vec.ct.len;
+
+ writeback_hex_str("", info.one_line_text, &tmp_val);
+ pt = json_string(info.one_line_text);
+ json_object_set_new(res, PT_JSON_STR, pt);
+
+ writeback_hex_str("", info.one_line_text, &val[1]);
+ ct = json_string(info.one_line_text);
+ json_object_set_new(res, CT_JSON_STR, ct);
+ } else {
+ json_object_set_new(json_info.json_write_case, "testPassed", json_false());
+ }
+ }
+
+ json_array_append(resArr, res);
+ return 0;
+}
+#endif /* RTE_HAS_JANSSON */
+
static int
rsp_test_aes_check(struct fips_val *val)
{
@@ -123,12 +281,72 @@ rsp_test_aes_check(struct fips_val *val)
return 0;
}
+#ifdef RTE_HAS_JANSSON
+static int
+parse_test_aes_json_init(void)
+{
+ json_t *type_obj = json_object_get(json_info.json_test_group, TESTTYPE_JSON_STR);
+ const char *type_str = json_string_value(type_obj);
+ uint32_t i;
+
+ if (json_info.json_test_group) {
+ json_t *direction_obj;
+ const char *direction_str;
+
+ direction_obj = json_object_get(json_info.json_test_group, DIR_JSON_STR);
+ direction_str = json_string_value(direction_obj);
+
+ if (strcmp(direction_str, OP_ENC_JSON_STR) == 0) {
+ info.op = FIPS_TEST_ENC_AUTH_GEN;
+ info.callbacks = aes_enc_json_vectors;
+
+ } else if (strcmp(direction_str, OP_DEC_JSON_STR) == 0) {
+ info.op = FIPS_TEST_DEC_AUTH_VERIF;
+ info.callbacks = aes_dec_json_vectors;
+ } else {
+ return -EINVAL;
+ }
+ info.interim_callbacks = aes_interim_json_vectors;
+ }
+
+ for (i = 0; i < RTE_DIM(aes_test_types); i++)
+ if (strstr(type_str, aes_test_types[i].desc)) {
+ info.interim_info.aes_data.test_type =
+ aes_test_types[i].type;
+ break;
+ }
+
+ if (i >= RTE_DIM(aes_test_types))
+ return -EINVAL;
+
+ switch (info.interim_info.aes_data.test_type) {
+ case AESAVS_TYPE_MCT:
+ info.parse_writeback = parse_test_aes_mct_json_writeback;
+ break;
+ case AESAVS_TYPE_AFT:
+ info.parse_writeback = parse_test_aes_json_writeback;
+ break;
+ default:
+ info.parse_writeback = NULL;
+ }
+
+ if (!info.parse_writeback)
+ return -EINVAL;
+
+ return 0;
+}
+#endif /* RTE_HAS_JANSSON */
+
int
parse_test_aes_init(void)
{
char *tmp;
uint32_t i, j;
+#ifdef RTE_HAS_JANSSON
+ return parse_test_aes_json_init();
+#endif /* RTE_HAS_JANSSON */
+
for (i = 0; i < info.nb_vec_lines; i++) {
char *line = info.vec[i];
diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c
index 8af4dc1894..25475348ac 100644
--- a/examples/fips_validation/main.c
+++ b/examples/fips_validation/main.c
@@ -1546,7 +1546,7 @@ fips_mct_aes_test(void)
#define AES_BLOCK_SIZE 16
#define AES_EXTERN_ITER 100
#define AES_INTERN_ITER 1000
- struct fips_val val = {NULL, 0}, val_key;
+ struct fips_val val[3] = {{NULL, 0},}, val_key, pt, ct, iv;
uint8_t prev_out[AES_BLOCK_SIZE] = {0};
uint8_t prev_in[AES_BLOCK_SIZE] = {0};
uint32_t i, j, k;
@@ -1556,10 +1556,12 @@ fips_mct_aes_test(void)
return fips_mct_aes_ecb_test();
for (i = 0; i < AES_EXTERN_ITER; i++) {
- if (i != 0)
- update_info_vec(i);
+ if (info.file_type != FIPS_TYPE_JSON) {
+ if (i != 0)
+ update_info_vec(i);
- fips_test_write_one_case();
+ fips_test_write_one_case();
+ }
for (j = 0; j < AES_INTERN_ITER; j++) {
ret = fips_run_test();
@@ -1572,7 +1574,7 @@ fips_mct_aes_test(void)
return ret;
}
- ret = get_writeback_data(&val);
+ ret = get_writeback_data(&val[0]);
if (ret < 0)
return ret;
@@ -1580,24 +1582,39 @@ fips_mct_aes_test(void)
memcpy(prev_in, vec.ct.val, AES_BLOCK_SIZE);
if (j == 0) {
- memcpy(prev_out, val.val, AES_BLOCK_SIZE);
+ memcpy(prev_out, val[0].val, AES_BLOCK_SIZE);
+ pt.len = vec.pt.len;
+ pt.val = calloc(1, pt.len);
+ memcpy(pt.val, vec.pt.val, pt.len);
+
+ ct.len = vec.ct.len;
+ ct.val = calloc(1, ct.len);
+ memcpy(ct.val, vec.ct.val, ct.len);
+
+ iv.len = vec.iv.len;
+ iv.val = calloc(1, iv.len);
+ memcpy(iv.val, vec.iv.val, iv.len);
if (info.op == FIPS_TEST_ENC_AUTH_GEN) {
- memcpy(vec.pt.val, vec.iv.val,
- AES_BLOCK_SIZE);
- memcpy(vec.iv.val, val.val,
- AES_BLOCK_SIZE);
+ memcpy(vec.pt.val, vec.iv.val, AES_BLOCK_SIZE);
+ memcpy(vec.iv.val, val[0].val, AES_BLOCK_SIZE);
+ val[1].val = pt.val;
+ val[1].len = pt.len;
+ val[2].val = iv.val;
+ val[2].len = iv.len;
} else {
- memcpy(vec.ct.val, vec.iv.val,
- AES_BLOCK_SIZE);
- memcpy(vec.iv.val, prev_in,
- AES_BLOCK_SIZE);
+ memcpy(vec.ct.val, vec.iv.val, AES_BLOCK_SIZE);
+ memcpy(vec.iv.val, prev_in, AES_BLOCK_SIZE);
+ val[1].val = ct.val;
+ val[1].len = ct.len;
+ val[2].val = iv.val;
+ val[2].len = iv.len;
}
continue;
}
if (info.op == FIPS_TEST_ENC_AUTH_GEN) {
- memcpy(vec.iv.val, val.val, AES_BLOCK_SIZE);
+ memcpy(vec.iv.val, val[0].val, AES_BLOCK_SIZE);
memcpy(vec.pt.val, prev_out, AES_BLOCK_SIZE);
} else {
memcpy(vec.iv.val, prev_in, AES_BLOCK_SIZE);
@@ -1607,33 +1624,37 @@ fips_mct_aes_test(void)
if (j == AES_INTERN_ITER - 1)
continue;
- memcpy(prev_out, val.val, AES_BLOCK_SIZE);
+ memcpy(prev_out, val[0].val, AES_BLOCK_SIZE);
}
- info.parse_writeback(&val);
+ info.parse_writeback(val);
fprintf(info.fp_wr, "\n");
- if (i == AES_EXTERN_ITER - 1)
+ if (i == AES_EXTERN_ITER - 1) {
+ free(pt.val);
+ free(ct.val);
+ free(iv.val);
continue;
+ }
/** update key */
memcpy(&val_key, &vec.cipher_auth.key, sizeof(val_key));
for (k = 0; k < vec.cipher_auth.key.len; k++) {
switch (vec.cipher_auth.key.len) {
case 16:
- val_key.val[k] ^= val.val[k];
+ val_key.val[k] ^= val[0].val[k];
break;
case 24:
if (k < 8)
val_key.val[k] ^= prev_out[k + 8];
else
- val_key.val[k] ^= val.val[k - 8];
+ val_key.val[k] ^= val[0].val[k - 8];
break;
case 32:
if (k < 16)
val_key.val[k] ^= prev_out[k];
else
- val_key.val[k] ^= val.val[k - 16];
+ val_key.val[k] ^= val[0].val[k - 16];
break;
default:
return -1;
@@ -1641,10 +1662,10 @@ fips_mct_aes_test(void)
}
if (info.op == FIPS_TEST_DEC_AUTH_VERIF)
- memcpy(vec.iv.val, val.val, AES_BLOCK_SIZE);
+ memcpy(vec.iv.val, val[0].val, AES_BLOCK_SIZE);
}
- free(val.val);
+ free(val[0].val);
return 1;
}
@@ -1945,6 +1966,9 @@ fips_test_one_test_group(void)
case FIPS_TEST_ALGO_AES_CMAC:
ret = parse_test_cmac_json_init();
break;
+ case FIPS_TEST_ALGO_AES:
+ ret = parse_test_aes_init();
+ break;
default:
return -EINVAL;
}
--
2.25.1
^ permalink raw reply [flat|nested] 6+ messages in thread
* [PATCH] examples/fips_validation: cleanup bypass tests in response file
2022-05-18 15:34 ` Gowrishankar Muthukrishnan
@ 2022-05-19 6:07 ` Gowrishankar Muthukrishnan
0 siblings, 0 replies; 6+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-19 6:07 UTC (permalink / raw)
To: dev
Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
Archana Muniganti, Jerin Jacob, Gowrishankar Muthukrishnan
Remove garbage entries for bypassed tests in response file.
Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
---
Depends-on: series-22738 ("Add JSON vector set support to fips validation")
---
examples/fips_validation/main.c | 74 ++++++++++++++++-----------------
1 file changed, 35 insertions(+), 39 deletions(-)
diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c
index aa8034c29f..8af4dc1894 100644
--- a/examples/fips_validation/main.c
+++ b/examples/fips_validation/main.c
@@ -805,7 +805,7 @@ prepare_aes_xform(struct rte_crypto_sym_xform *xform)
RTE_LOG(ERR, USER1, "PMD %s key length %u IV length %u\n",
info.device_name, cipher_xform->key.length,
cipher_xform->iv.length);
- return -EPERM;
+ return -ENOTSUP;
}
return 0;
@@ -853,7 +853,7 @@ prepare_tdes_xform(struct rte_crypto_sym_xform *xform)
RTE_LOG(ERR, USER1, "PMD %s key length %u IV length %u\n",
info.device_name, cipher_xform->key.length,
cipher_xform->iv.length);
- return -EPERM;
+ return -ENOTSUP;
}
return 0;
@@ -890,7 +890,7 @@ prepare_hmac_xform(struct rte_crypto_sym_xform *xform)
RTE_LOG(ERR, USER1, "PMD %s key length %u IV length %u\n",
info.device_name, auth_xform->key.length,
auth_xform->digest_length);
- return -EPERM;
+ return -ENOTSUP;
}
return 0;
@@ -936,7 +936,7 @@ prepare_gcm_xform(struct rte_crypto_sym_xform *xform)
aead_xform->digest_length,
aead_xform->aad_length,
aead_xform->iv.length);
- return -EPERM;
+ return -ENOTSUP;
}
return 0;
@@ -981,7 +981,7 @@ prepare_gmac_xform(struct rte_crypto_sym_xform *xform)
info.device_name, auth_xform->key.length,
auth_xform->digest_length,
auth_xform->iv.length);
- return -EPERM;
+ return -ENOTSUP;
}
return 0;
@@ -1019,7 +1019,7 @@ prepare_cmac_xform(struct rte_crypto_sym_xform *xform)
RTE_LOG(ERR, USER1, "PMD %s key length %u IV length %u\n",
info.device_name, auth_xform->key.length,
auth_xform->digest_length);
- return -EPERM;
+ return -ENOTSUP;
}
return 0;
@@ -1065,7 +1065,7 @@ prepare_ccm_xform(struct rte_crypto_sym_xform *xform)
aead_xform->digest_length,
aead_xform->aad_length,
aead_xform->iv.length);
- return -EPERM;
+ return -ENOTSUP;
}
return 0;
@@ -1100,7 +1100,7 @@ prepare_sha_xform(struct rte_crypto_sym_xform *xform)
RTE_LOG(ERR, USER1, "PMD %s key length %u digest length %u\n",
info.device_name, auth_xform->key.length,
auth_xform->digest_length);
- return -EPERM;
+ return -ENOTSUP;
}
return 0;
@@ -1140,7 +1140,7 @@ prepare_xts_xform(struct rte_crypto_sym_xform *xform)
RTE_LOG(ERR, USER1, "PMD %s key length %u IV length %u\n",
info.device_name, cipher_xform->key.length,
cipher_xform->iv.length);
- return -EPERM;
+ return -ENOTSUP;
}
return 0;
@@ -1255,7 +1255,7 @@ fips_generic_test(void)
ret = fips_run_test();
if (ret < 0) {
- if (ret == -EPERM || ret == -ENOTSUP) {
+ if (ret == -ENOTSUP) {
fprintf(info.fp_wr, "Bypass\n\n");
return 0;
}
@@ -1290,7 +1290,7 @@ fips_generic_test(void)
fprintf(info.fp_wr, "\n");
free(val.val);
- return 0;
+ return 1;
}
static int
@@ -1459,7 +1459,7 @@ fips_mct_tdes_test(void)
free(val.val);
- return 0;
+ return 1;
}
static int
@@ -1538,7 +1538,7 @@ fips_mct_aes_ecb_test(void)
free(val.val);
- return 0;
+ return 1;
}
static int
fips_mct_aes_test(void)
@@ -1646,7 +1646,7 @@ fips_mct_aes_test(void)
free(val.val);
- return 0;
+ return 1;
}
static int
@@ -1732,7 +1732,7 @@ fips_mct_sha_test(void)
free(val.val);
- return 0;
+ return 1;
}
@@ -1847,18 +1847,15 @@ fips_test_one_file(void)
}
ret = fips_test_parse_one_case();
- switch (ret) {
- case 0:
- ret = test_ops.test();
- if (ret == 0)
- break;
- RTE_LOG(ERR, USER1, "Error %i: test block\n",
+ if (ret < 0) {
+ RTE_LOG(ERR, USER1, "Error %i: Parse block\n",
ret);
goto error_one_case;
- case 1:
- break;
- default:
- RTE_LOG(ERR, USER1, "Error %i: Parse block\n",
+ }
+
+ ret = test_ops.test();
+ if (ret < 0) {
+ RTE_LOG(ERR, USER1, "Error %i: test block\n",
ret);
goto error_one_case;
}
@@ -1908,22 +1905,21 @@ fips_test_one_test_case(void)
int ret;
ret = fips_test_parse_one_json_case();
+ if (ret < 0) {
+ RTE_LOG(ERR, USER1, "Error %i: Parse block\n",
+ ret);
+ goto exit;
+ }
- switch (ret) {
- case 0:
- ret = test_ops.test();
- if (ret == 0)
- break;
+ ret = test_ops.test();
+ if (ret < 0) {
RTE_LOG(ERR, USER1, "Error %i: test block\n",
ret);
- break;
- case 1:
- break;
- default:
- RTE_LOG(ERR, USER1, "Error %i: Parse block\n",
- ret);
+ goto exit;
}
- return 0;
+
+exit:
+ return ret;
}
static int
@@ -1968,8 +1964,8 @@ fips_test_one_test_group(void)
tests_size = json_array_size(tests);
for (test_idx = 0; test_idx < tests_size; test_idx++) {
json_info.json_test_case = json_array_get(tests, test_idx);
- fips_test_one_test_case();
- json_array_append_new(write_tests, json_info.json_write_case);
+ if (fips_test_one_test_case() > 0)
+ json_array_append_new(write_tests, json_info.json_write_case);
}
return 0;
--
2.25.1
^ permalink raw reply [flat|nested] 6+ messages in thread
* [PATCH v2] examples/fips_validation: add parsing for aes_cbc
2022-05-18 15:41 ` [PATCH] examples/fips_validation: add parsing for aes_cbc Gowrishankar Muthukrishnan
@ 2022-05-19 6:09 ` Gowrishankar Muthukrishnan
0 siblings, 0 replies; 6+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-19 6:09 UTC (permalink / raw)
To: dev
Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
Archana Muniganti, Jerin Jacob, Gowrishankar Muthukrishnan
Added function to parse algorithm for AES_CBC test.
Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
---
Depends-on: series-22738 ("Add JSON vector set support to fips validation")
v2:
- minor cleanup.
---
examples/fips_validation/fips_validation.c | 8 +-
examples/fips_validation/fips_validation.h | 4 +
.../fips_validation/fips_validation_aes.c | 223 ++++++++++++++++++
examples/fips_validation/main.c | 73 ++++--
4 files changed, 281 insertions(+), 27 deletions(-)
diff --git a/examples/fips_validation/fips_validation.c b/examples/fips_validation/fips_validation.c
index 8e0a55c624..91d0c348cb 100644
--- a/examples/fips_validation/fips_validation.c
+++ b/examples/fips_validation/fips_validation.c
@@ -120,7 +120,7 @@ fips_test_parse_header(void)
for (i = 0; i < info.nb_vec_lines; i++) {
if (!algo_parsed) {
- if (strstr(info.vec[i], "AESVS")) {
+ if (strstr(info.vec[i], "AES")) {
algo_parsed = 1;
info.algo = FIPS_TEST_ALGO_AES;
ret = parse_test_aes_init();
@@ -458,10 +458,12 @@ fips_test_parse_one_json_vector_set(void)
/* Vector sets contain the algorithm type, and nothing else we need. */
if (strstr(algo_str, "AES-GCM"))
info.algo = FIPS_TEST_ALGO_AES_GCM;
- if (strstr(algo_str, "HMAC"))
+ else if (strstr(algo_str, "HMAC"))
info.algo = FIPS_TEST_ALGO_HMAC;
- if (strstr(algo_str, "CMAC"))
+ else if (strstr(algo_str, "CMAC"))
info.algo = FIPS_TEST_ALGO_AES_CMAC;
+ else if (strstr(algo_str, "AES-CBC"))
+ info.algo = FIPS_TEST_ALGO_AES;
else
return -EINVAL;
diff --git a/examples/fips_validation/fips_validation.h b/examples/fips_validation/fips_validation.h
index 7f68d454f7..f2f0ea5725 100644
--- a/examples/fips_validation/fips_validation.h
+++ b/examples/fips_validation/fips_validation.h
@@ -103,6 +103,7 @@ enum fips_aesavs_test_types {
AESAVS_TYPE_VARTXT,
AESAVS_TYPE_MMT,
AESAVS_TYPE_MCT,
+ AESAVS_TYPE_AFT,
};
enum fips_tdes_test_types {
@@ -263,6 +264,9 @@ parse_test_hmac_json_algorithm(void);
int
parse_test_cmac_json_init(void);
+int
+parse_test_aes_json_init(void);
+
int
parser_read_cmac_direction_str(const char *key, char *src, struct fips_val *val);
#endif /* RTE_HAS_JANSSON */
diff --git a/examples/fips_validation/fips_validation_aes.c b/examples/fips_validation/fips_validation_aes.c
index b3c5e31f32..f935217f34 100644
--- a/examples/fips_validation/fips_validation_aes.c
+++ b/examples/fips_validation/fips_validation_aes.c
@@ -7,6 +7,7 @@
#include <stdio.h>
#include <rte_cryptodev.h>
+#include <rte_malloc.h>
#include "fips_validation.h"
@@ -25,6 +26,19 @@
#define OP_ENC_STR "ENCRYPT"
#define OP_DEC_STR "DECRYPT"
+#define ALGO_JSON_STR "algorithm"
+#define TESTTYPE_JSON_STR "testType"
+#define DIR_JSON_STR "direction"
+#define KEYLEN_JSON_STR "keyLen"
+
+#define KEY_JSON_STR "key"
+#define IV_JSON_STR "iv"
+#define PT_JSON_STR "pt"
+#define CT_JSON_STR "ct"
+
+#define OP_ENC_JSON_STR "encrypt"
+#define OP_DEC_JSON_STR "decrypt"
+
struct {
uint32_t type;
const char *desc;
@@ -37,6 +51,7 @@ struct {
{TDES_VARIABLE_TEXT, "KAT"},
{AESAVS_TYPE_MMT, "MMT"},
{AESAVS_TYPE_MCT, "MCT"},
+ {AESAVS_TYPE_AFT, "AFT"},
};
struct aes_test_algo {
@@ -92,6 +107,214 @@ struct fips_test_callback aes_writeback_callbacks[] = {
{NULL, NULL, NULL} /**< end pointer */
};
+#ifdef RTE_HAS_JANSSON
+struct fips_test_callback aes_dec_json_vectors[] = {
+ {KEY_JSON_STR, parse_uint8_known_len_hex_str, &vec.cipher_auth.key},
+ {IV_JSON_STR, parse_uint8_hex_str, &vec.iv},
+ {CT_JSON_STR, parse_uint8_hex_str, &vec.ct},
+ {NULL, NULL, NULL} /**< end pointer */
+};
+
+struct fips_test_callback aes_interim_json_vectors[] = {
+ {KEYLEN_JSON_STR, parser_read_uint32_bit_val, &vec.cipher_auth.key},
+ {NULL, NULL, NULL} /**< end pointer */
+};
+
+struct fips_test_callback aes_enc_json_vectors[] = {
+ {KEY_JSON_STR, parse_uint8_known_len_hex_str, &vec.cipher_auth.key},
+ {IV_JSON_STR, parse_uint8_hex_str, &vec.iv},
+ {PT_JSON_STR, parse_uint8_hex_str, &vec.pt},
+ {NULL, NULL, NULL} /**< end pointer */
+};
+
+static int
+parse_test_aes_json_writeback(struct fips_val *val)
+{
+ struct fips_val tmp_val;
+ json_t *tcId;
+
+ tcId = json_object_get(json_info.json_test_case, "tcId");
+
+ json_info.json_write_case = json_object();
+ json_object_set(json_info.json_write_case, "tcId", tcId);
+
+ if (info.op == FIPS_TEST_ENC_AUTH_GEN) {
+ json_t *ct;
+
+ tmp_val.val = val->val;
+ tmp_val.len = vec.pt.len;
+
+ writeback_hex_str("", info.one_line_text, &tmp_val);
+ ct = json_string(info.one_line_text);
+ json_object_set_new(json_info.json_write_case, CT_JSON_STR, ct);
+
+ tmp_val.val = val->val + vec.pt.len;
+ tmp_val.len = val->len - vec.pt.len;
+
+ writeback_hex_str("", info.one_line_text, &tmp_val);
+ } else {
+ if (vec.status == RTE_CRYPTO_OP_STATUS_SUCCESS) {
+ tmp_val.val = val->val;
+ tmp_val.len = vec.ct.len;
+
+ writeback_hex_str("", info.one_line_text, &tmp_val);
+ json_object_set_new(json_info.json_write_case, PT_JSON_STR,
+ json_string(info.one_line_text));
+ } else {
+ json_object_set_new(json_info.json_write_case, "testPassed", json_false());
+ }
+ }
+
+ return 0;
+}
+
+static int
+parse_test_aes_mct_json_writeback(struct fips_val *val)
+{
+ json_t *tcId, *resArr, *res, *ct, *pt, *key, *iv;
+ struct fips_val tmp_val;
+
+ tcId = json_object_get(json_info.json_test_case, "tcId");
+ if (json_info.json_write_case) {
+ json_t *wcId;
+
+ wcId = json_object_get(json_info.json_write_case, "tcId");
+ if (!json_equal(tcId, wcId)) {
+ json_info.json_write_case = json_object();
+ json_object_set(json_info.json_write_case, "tcId", tcId);
+ json_object_set(json_info.json_write_case, "resultsArray", json_array());
+ }
+ } else {
+ json_info.json_write_case = json_object();
+ json_object_set(json_info.json_write_case, "tcId", tcId);
+ json_object_set(json_info.json_write_case, "resultsArray", json_array());
+ }
+
+ resArr = json_object_get(json_info.json_write_case, "resultsArray");
+ if (!json_is_array(resArr))
+ return -EINVAL;
+
+ res = json_object();
+ if (info .op == FIPS_TEST_ENC_AUTH_GEN) {
+ writeback_hex_str("", info.one_line_text, &vec.cipher_auth.key);
+ key = json_string(info.one_line_text);
+ json_object_set_new(res, KEY_JSON_STR, key);
+
+ writeback_hex_str("", info.one_line_text, &val[2]);
+ iv = json_string(info.one_line_text);
+ json_object_set_new(res, IV_JSON_STR, iv);
+
+ writeback_hex_str("", info.one_line_text, &val[1]);
+ pt = json_string(info.one_line_text);
+ json_object_set_new(res, PT_JSON_STR, pt);
+
+ tmp_val.val = val->val;
+ tmp_val.len = vec.pt.len;
+
+ writeback_hex_str("", info.one_line_text, &tmp_val);
+ ct = json_string(info.one_line_text);
+ json_object_set_new(res, CT_JSON_STR, ct);
+
+ tmp_val.val = val->val + vec.pt.len;
+ tmp_val.len = val->len - vec.pt.len;
+
+ writeback_hex_str("", info.one_line_text, &tmp_val);
+ } else {
+ if (vec.status == RTE_CRYPTO_OP_STATUS_SUCCESS) {
+ writeback_hex_str("", info.one_line_text, &vec.cipher_auth.key);
+ key = json_string(info.one_line_text);
+ json_object_set_new(res, KEY_JSON_STR, key);
+
+ writeback_hex_str("", info.one_line_text, &val[2]);
+ iv = json_string(info.one_line_text);
+ json_object_set_new(res, IV_JSON_STR, iv);
+
+ tmp_val.val = val->val;
+ tmp_val.len = vec.ct.len;
+
+ writeback_hex_str("", info.one_line_text, &tmp_val);
+ pt = json_string(info.one_line_text);
+ json_object_set_new(res, PT_JSON_STR, pt);
+
+ writeback_hex_str("", info.one_line_text, &val[1]);
+ ct = json_string(info.one_line_text);
+ json_object_set_new(res, CT_JSON_STR, ct);
+ } else {
+ json_object_set_new(json_info.json_write_case, "testPassed", json_false());
+ }
+ }
+
+ json_array_append(resArr, res);
+ return 0;
+}
+
+int
+parse_test_aes_json_init(void)
+{
+ json_t *type_obj = json_object_get(json_info.json_test_group, TESTTYPE_JSON_STR);
+ json_t *algo_obj = json_object_get(json_info.json_vector_set, ALGO_JSON_STR);
+ const char *type_str = json_string_value(type_obj);
+ const char *algo_str = json_string_value(algo_obj);
+ uint32_t i;
+
+ if (json_info.json_test_group) {
+ json_t *direction_obj;
+ const char *direction_str;
+
+ direction_obj = json_object_get(json_info.json_test_group, DIR_JSON_STR);
+ direction_str = json_string_value(direction_obj);
+
+ if (strcmp(direction_str, OP_ENC_JSON_STR) == 0) {
+ info.op = FIPS_TEST_ENC_AUTH_GEN;
+ info.callbacks = aes_enc_json_vectors;
+
+ } else if (strcmp(direction_str, OP_DEC_JSON_STR) == 0) {
+ info.op = FIPS_TEST_DEC_AUTH_VERIF;
+ info.callbacks = aes_dec_json_vectors;
+ } else {
+ return -EINVAL;
+ }
+ info.interim_callbacks = aes_interim_json_vectors;
+ }
+
+ for (i = 0; i < RTE_DIM(aes_test_types); i++)
+ if (strstr(type_str, aes_test_types[i].desc)) {
+ info.interim_info.aes_data.test_type =
+ aes_test_types[i].type;
+ break;
+ }
+
+ if (i >= RTE_DIM(aes_test_types))
+ return -EINVAL;
+
+ switch (info.interim_info.aes_data.test_type) {
+ case AESAVS_TYPE_MCT:
+ info.parse_writeback = parse_test_aes_mct_json_writeback;
+ break;
+ case AESAVS_TYPE_AFT:
+ info.parse_writeback = parse_test_aes_json_writeback;
+ break;
+ default:
+ info.parse_writeback = NULL;
+ }
+
+ if (!info.parse_writeback)
+ return -EINVAL;
+
+ for (i = 0; i < RTE_DIM(algo_con); i++)
+ if (strstr(algo_str, algo_con[i].name)) {
+ info.interim_info.aes_data.cipher_algo =
+ (uint32_t)algo_con[i].algo;
+ break;
+ }
+
+ if (i >= RTE_DIM(algo_con))
+ return -EINVAL;
+
+ return 0;
+}
+#endif /* RTE_HAS_JANSSON */
+
static int
parse_test_aes_writeback(struct fips_val *val)
{
diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c
index 8af4dc1894..2f29d165e8 100644
--- a/examples/fips_validation/main.c
+++ b/examples/fips_validation/main.c
@@ -1546,7 +1546,7 @@ fips_mct_aes_test(void)
#define AES_BLOCK_SIZE 16
#define AES_EXTERN_ITER 100
#define AES_INTERN_ITER 1000
- struct fips_val val = {NULL, 0}, val_key;
+ struct fips_val val[3] = {{NULL, 0},}, val_key, pt, ct, iv;
uint8_t prev_out[AES_BLOCK_SIZE] = {0};
uint8_t prev_in[AES_BLOCK_SIZE] = {0};
uint32_t i, j, k;
@@ -1556,10 +1556,12 @@ fips_mct_aes_test(void)
return fips_mct_aes_ecb_test();
for (i = 0; i < AES_EXTERN_ITER; i++) {
- if (i != 0)
- update_info_vec(i);
+ if (info.file_type != FIPS_TYPE_JSON) {
+ if (i != 0)
+ update_info_vec(i);
- fips_test_write_one_case();
+ fips_test_write_one_case();
+ }
for (j = 0; j < AES_INTERN_ITER; j++) {
ret = fips_run_test();
@@ -1572,7 +1574,7 @@ fips_mct_aes_test(void)
return ret;
}
- ret = get_writeback_data(&val);
+ ret = get_writeback_data(&val[0]);
if (ret < 0)
return ret;
@@ -1580,24 +1582,39 @@ fips_mct_aes_test(void)
memcpy(prev_in, vec.ct.val, AES_BLOCK_SIZE);
if (j == 0) {
- memcpy(prev_out, val.val, AES_BLOCK_SIZE);
+ memcpy(prev_out, val[0].val, AES_BLOCK_SIZE);
+ pt.len = vec.pt.len;
+ pt.val = calloc(1, pt.len);
+ memcpy(pt.val, vec.pt.val, pt.len);
+
+ ct.len = vec.ct.len;
+ ct.val = calloc(1, ct.len);
+ memcpy(ct.val, vec.ct.val, ct.len);
+
+ iv.len = vec.iv.len;
+ iv.val = calloc(1, iv.len);
+ memcpy(iv.val, vec.iv.val, iv.len);
if (info.op == FIPS_TEST_ENC_AUTH_GEN) {
- memcpy(vec.pt.val, vec.iv.val,
- AES_BLOCK_SIZE);
- memcpy(vec.iv.val, val.val,
- AES_BLOCK_SIZE);
+ memcpy(vec.pt.val, vec.iv.val, AES_BLOCK_SIZE);
+ memcpy(vec.iv.val, val[0].val, AES_BLOCK_SIZE);
+ val[1].val = pt.val;
+ val[1].len = pt.len;
+ val[2].val = iv.val;
+ val[2].len = iv.len;
} else {
- memcpy(vec.ct.val, vec.iv.val,
- AES_BLOCK_SIZE);
- memcpy(vec.iv.val, prev_in,
- AES_BLOCK_SIZE);
+ memcpy(vec.ct.val, vec.iv.val, AES_BLOCK_SIZE);
+ memcpy(vec.iv.val, prev_in, AES_BLOCK_SIZE);
+ val[1].val = ct.val;
+ val[1].len = ct.len;
+ val[2].val = iv.val;
+ val[2].len = iv.len;
}
continue;
}
if (info.op == FIPS_TEST_ENC_AUTH_GEN) {
- memcpy(vec.iv.val, val.val, AES_BLOCK_SIZE);
+ memcpy(vec.iv.val, val[0].val, AES_BLOCK_SIZE);
memcpy(vec.pt.val, prev_out, AES_BLOCK_SIZE);
} else {
memcpy(vec.iv.val, prev_in, AES_BLOCK_SIZE);
@@ -1607,33 +1624,38 @@ fips_mct_aes_test(void)
if (j == AES_INTERN_ITER - 1)
continue;
- memcpy(prev_out, val.val, AES_BLOCK_SIZE);
+ memcpy(prev_out, val[0].val, AES_BLOCK_SIZE);
}
- info.parse_writeback(&val);
- fprintf(info.fp_wr, "\n");
+ info.parse_writeback(val);
+ if (info.file_type != FIPS_TYPE_JSON)
+ fprintf(info.fp_wr, "\n");
- if (i == AES_EXTERN_ITER - 1)
+ if (i == AES_EXTERN_ITER - 1) {
+ free(pt.val);
+ free(ct.val);
+ free(iv.val);
continue;
+ }
/** update key */
memcpy(&val_key, &vec.cipher_auth.key, sizeof(val_key));
for (k = 0; k < vec.cipher_auth.key.len; k++) {
switch (vec.cipher_auth.key.len) {
case 16:
- val_key.val[k] ^= val.val[k];
+ val_key.val[k] ^= val[0].val[k];
break;
case 24:
if (k < 8)
val_key.val[k] ^= prev_out[k + 8];
else
- val_key.val[k] ^= val.val[k - 8];
+ val_key.val[k] ^= val[0].val[k - 8];
break;
case 32:
if (k < 16)
val_key.val[k] ^= prev_out[k];
else
- val_key.val[k] ^= val.val[k - 16];
+ val_key.val[k] ^= val[0].val[k - 16];
break;
default:
return -1;
@@ -1641,10 +1663,10 @@ fips_mct_aes_test(void)
}
if (info.op == FIPS_TEST_DEC_AUTH_VERIF)
- memcpy(vec.iv.val, val.val, AES_BLOCK_SIZE);
+ memcpy(vec.iv.val, val[0].val, AES_BLOCK_SIZE);
}
- free(val.val);
+ free(val[0].val);
return 1;
}
@@ -1945,6 +1967,9 @@ fips_test_one_test_group(void)
case FIPS_TEST_ALGO_AES_CMAC:
ret = parse_test_cmac_json_init();
break;
+ case FIPS_TEST_ALGO_AES:
+ ret = parse_test_aes_json_init();
+ break;
default:
return -EINVAL;
}
--
2.25.1
^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2022-05-19 6:09 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-04-21 7:55 [PATCH] examples/fips_validation: cleanup bypass tests in response file Gowrishankar Muthukrishnan
2022-05-18 15:34 ` Gowrishankar Muthukrishnan
2022-05-19 6:07 ` Gowrishankar Muthukrishnan
2022-05-18 15:39 ` [PATCH v2] examples/fips_validation: reset IV generation in every test group Gowrishankar Muthukrishnan
2022-05-18 15:41 ` [PATCH] examples/fips_validation: add parsing for aes_cbc Gowrishankar Muthukrishnan
2022-05-19 6:09 ` [PATCH v2] " Gowrishankar Muthukrishnan
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).