From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from dpdk.org (dpdk.org [92.243.14.124]) by inbox.dpdk.org (Postfix) with ESMTP id 3C767A04F3 for ; Tue, 7 Jan 2020 18:38:06 +0100 (CET) Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id 286D81DA24; Tue, 7 Jan 2020 18:38:06 +0100 (CET) Received: from mx0b-0016f401.pphosted.com (mx0b-0016f401.pphosted.com [67.231.156.173]) by dpdk.org (Postfix) with ESMTP id C1B201D57F; Tue, 7 Jan 2020 10:39:16 +0100 (CET) Received: from pps.filterd (m0045851.ppops.net [127.0.0.1]) by mx0b-0016f401.pphosted.com (8.16.0.42/8.16.0.42) with SMTP id 0079aOks003853; Tue, 7 Jan 2020 01:39:16 -0800 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com; h=from : to : cc : subject : date : message-id : mime-version : content-type; s=pfpt0818; bh=l4RODlFB04aTnp524zM7i8KurF9d86313PRnSEKg4gI=; b=KFi9DJnq63J6/Ptkfnht3lA03PBhDCNeLuGyxtb883+5Jn7wHA9UnHrUhiy5FBMh4qpD mvZzdYcZMuc7ZwTN8MGi3eXowCJw91C20ym+OXa1WBkK9xPxq+Wm8morrBr+IDFmN75G +MfDFKvyzviOyyFh1/Vv4DXPnL0o5EhiNTnWOnqZshbh/qX67nBhdwL3ZCC0VGBN6NGb mTGnLXVSsgU/v8r532wiCHM/jxTwFYvt0v7i6D80iEWZt9wF0GEnp2pED7hRJPozUUXN 08UE/GCt/8eCORHJf/ZKSg2mHq2xOCExlsdbXBbVZR6c2addsugGj+fLZNG91xyafZQv zw== Received: from sc-exch01.marvell.com ([199.233.58.181]) by mx0b-0016f401.pphosted.com with ESMTP id 2xcn0b0fsc-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Tue, 07 Jan 2020 01:39:15 -0800 Received: from SC-EXCH03.marvell.com (10.93.176.83) by SC-EXCH01.marvell.com (10.93.176.81) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Tue, 7 Jan 2020 01:39:13 -0800 Received: from maili.marvell.com (10.93.176.43) by SC-EXCH03.marvell.com (10.93.176.83) with Microsoft SMTP Server id 15.0.1497.2 via Frontend Transport; Tue, 7 Jan 2020 01:39:12 -0800 Received: from hyd1409.caveonetworks.com.com (unknown [10.29.45.15]) by maili.marvell.com (Postfix) with ESMTP id 52C383F703F; Tue, 7 Jan 2020 01:39:09 -0800 (PST) From: Archana Muniganti To: , CC: Sucharitha Sarananaga , , , , , Abed Kamaluddin , Archana Muniganti Date: Tue, 7 Jan 2020 15:08:43 +0530 Message-ID: <1578389923-18041-1-git-send-email-marchana@marvell.com> X-Mailer: git-send-email 1.8.3.1 MIME-Version: 1.0 Content-Type: text/plain X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.95,18.0.572 definitions=2020-01-07_02:2020-01-06,2020-01-07 signatures=0 X-Mailman-Approved-At: Tue, 07 Jan 2020 18:38:05 +0100 Subject: [dpdk-stable] [PATCH] examples/fips_validation: add AES XTS support X-BeenThere: stable@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: patches for DPDK stable branches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: stable-bounces@dpdk.org Sender: "stable" From: Sucharitha Sarananaga AES XTS support is added to fips application. Parse test-vectors from input files, populate AES XTS tests and prepare AES XTS operations for fips validation. Signed-off-by: Abed Kamaluddin Signed-off-by: Archana Muniganti Signed-off-by: Sucharitha Sarananaga --- examples/fips_validation/Makefile | 1 + examples/fips_validation/fips_validation.c | 6 ++ examples/fips_validation/fips_validation.h | 4 + examples/fips_validation/fips_validation_xts.c | 119 +++++++++++++++++++++++++ examples/fips_validation/main.c | 45 ++++++++++ examples/fips_validation/meson.build | 1 + 6 files changed, 176 insertions(+) create mode 100644 examples/fips_validation/fips_validation_xts.c diff --git a/examples/fips_validation/Makefile b/examples/fips_validation/Makefile index 1385e8c..c207d11 100644 --- a/examples/fips_validation/Makefile +++ b/examples/fips_validation/Makefile @@ -14,6 +14,7 @@ SRCS-y += fips_validation_cmac.c SRCS-y += fips_validation_ccm.c SRCS-y += fips_validation_sha.c SRCS-y += fips_dev_self_test.c +SRCS-y += fips_validation_xts.c SRCS-y += main.c # Build using pkg-config variables if possible diff --git a/examples/fips_validation/fips_validation.c b/examples/fips_validation/fips_validation.c index 07ffa62..ef24b72 100644 --- a/examples/fips_validation/fips_validation.c +++ b/examples/fips_validation/fips_validation.c @@ -150,6 +150,12 @@ ret = parse_test_sha_init(); if (ret < 0) return ret; + } else if (strstr(info.vec[i], "XTS")) { + algo_parsed = 1; + info.algo = FIPS_TEST_ALGO_AES_XTS; + ret = parse_test_xts_init(); + if (ret < 0) + return ret; } } diff --git a/examples/fips_validation/fips_validation.h b/examples/fips_validation/fips_validation.h index d487fb0..5aee955 100644 --- a/examples/fips_validation/fips_validation.h +++ b/examples/fips_validation/fips_validation.h @@ -31,6 +31,7 @@ enum fips_test_algorithms { FIPS_TEST_ALGO_HMAC, FIPS_TEST_ALGO_TDES, FIPS_TEST_ALGO_SHA, + FIPS_TEST_ALGO_AES_XTS, FIPS_TEST_ALGO_MAX }; @@ -223,6 +224,9 @@ struct fips_test_interim_info { parse_test_sha_init(void); int +parse_test_xts_init(void); + +int parser_read_uint8_hex(uint8_t *value, const char *p); int diff --git a/examples/fips_validation/fips_validation_xts.c b/examples/fips_validation/fips_validation_xts.c new file mode 100644 index 0000000..5bb1966 --- /dev/null +++ b/examples/fips_validation/fips_validation_xts.c @@ -0,0 +1,119 @@ +/* SPDX-License-Identifier: BSD-3-Clause + * Copyright (C) 2020 Marvell International Ltd. + */ + +#include +#include +#include + +#include + +#include "fips_validation.h" + +#define MODE_STR "XTS" +#define ALGO_STR "test data for " +#define OP_STR "State" +#define KEY_SIZE_STR "Key Length : " + +#define COUNT_STR "COUNT = " +#define KEY_STR "Key = " +#define IV_STR "i = " +#define PT_STR "PT = " +#define CT_STR "CT = " + +#define OP_ENC_STR "ENCRYPT" +#define OP_DEC_STR "DECRYPT" + +static int +parse_interim_xts_enc_dec(const char *key, + __rte_unused char *text, + __rte_unused struct fips_val *val) +{ + if (strcmp(key, OP_ENC_STR) == 0) + info.op = FIPS_TEST_ENC_AUTH_GEN; + else if (strcmp(key, OP_DEC_STR) == 0) + info.op = FIPS_TEST_DEC_AUTH_VERIF; + else + return -1; + return 0; +} + +struct fips_test_callback xts_tests_vectors[] = { + {KEY_STR, parse_uint8_hex_str, &vec.cipher_auth.key}, + {IV_STR, parse_uint8_hex_str, &vec.iv}, + {PT_STR, parse_uint8_hex_str, &vec.pt}, + {CT_STR, parse_uint8_hex_str, &vec.ct}, + {NULL, NULL, NULL} /**< end pointer */ +}; + +struct fips_test_callback xts_tests_interim_vectors[] = { + {OP_ENC_STR, parse_interim_xts_enc_dec, NULL}, + {OP_DEC_STR, parse_interim_xts_enc_dec, NULL}, + {NULL, NULL, NULL} /**< end pointer */ +}; + +struct fips_test_callback xts_writeback_callbacks[] = { + /** First element is used to pass COUNT string */ + {COUNT_STR, NULL, NULL}, + {IV_STR, writeback_hex_str, &vec.iv}, + {KEY_STR, writeback_hex_str, &vec.cipher_auth.key}, + {PT_STR, writeback_hex_str, &vec.pt}, + {CT_STR, writeback_hex_str, &vec.ct}, + {NULL, NULL, NULL} /**< end pointer */ +}; + +static int +parse_test_xts_writeback(struct fips_val *val) +{ + if (info.op == FIPS_TEST_ENC_AUTH_GEN) + fprintf(info.fp_wr, "%s", CT_STR); + else + fprintf(info.fp_wr, "%s", PT_STR); + + parse_write_hex_str(val); + return 0; +} + +static int +rsp_test_xts_check(struct fips_val *val) +{ + struct fips_val *data; + if (info.op == FIPS_TEST_ENC_AUTH_GEN) + data = &vec.ct; + else + data = &vec.pt; + + if (memcmp(val->val, data->val, val->len) == 0) + fprintf(info.fp_wr, "Success\n"); + else + fprintf(info.fp_wr, "Failed\n"); + return 0; +} + +int parse_test_xts_init(void) +{ + char *tmp; + uint32_t i; + for (i = 0; i < info.nb_vec_lines; i++) { + char *line = info.vec[i]; + tmp = strstr(line, KEY_SIZE_STR); + if (tmp) { + tmp += (strlen(KEY_SIZE_STR) + strlen("AES")); + if (parser_read_uint32( + &info.interim_info.aes_data.key_len, + tmp) < 0) + return -EINVAL; + info.interim_info.aes_data.key_len = + (info.interim_info.aes_data.key_len*2) / 8; + continue; + } + + } + info.parse_writeback = parse_test_xts_writeback; + info.callbacks = xts_tests_vectors; + info.interim_callbacks = xts_tests_interim_vectors; + info.writeback_callbacks = xts_writeback_callbacks; + info.kat_check = rsp_test_xts_check; + + return 0; +} diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c index 9a2c8da..f9b2056 100644 --- a/examples/fips_validation/main.c +++ b/examples/fips_validation/main.c @@ -912,6 +912,46 @@ struct fips_test_ops { return 0; } +static int +prepare_xts_xform(struct rte_crypto_sym_xform *xform) +{ + const struct rte_cryptodev_symmetric_capability *cap; + struct rte_cryptodev_sym_capability_idx cap_idx; + struct rte_crypto_cipher_xform *cipher_xform = &xform->cipher; + + xform->type = RTE_CRYPTO_SYM_XFORM_CIPHER; + + cipher_xform->algo = RTE_CRYPTO_CIPHER_AES_XTS; + cipher_xform->op = (info.op == FIPS_TEST_ENC_AUTH_GEN) ? + RTE_CRYPTO_CIPHER_OP_ENCRYPT : + RTE_CRYPTO_CIPHER_OP_DECRYPT; + cipher_xform->key.data = vec.cipher_auth.key.val; + cipher_xform->key.length = vec.cipher_auth.key.len; + cipher_xform->iv.length = vec.iv.len; + cipher_xform->iv.offset = IV_OFF; + + cap_idx.algo.cipher = RTE_CRYPTO_CIPHER_AES_XTS; + cap_idx.type = RTE_CRYPTO_SYM_XFORM_CIPHER; + + cap = rte_cryptodev_sym_capability_get(env.dev_id, &cap_idx); + if (!cap) { + RTE_LOG(ERR, USER1, "Failed to get capability for cdev %u\n", + env.dev_id); + return -EINVAL; + } + + if (rte_cryptodev_sym_capability_check_cipher(cap, + cipher_xform->key.length, + cipher_xform->iv.length) != 0) { + RTE_LOG(ERR, USER1, "PMD %s key length %u IV length %u\n", + info.device_name, cipher_xform->key.length, + cipher_xform->iv.length); + return -EPERM; + } + + return 0; +} + static void get_writeback_data(struct fips_val *val) { @@ -1486,6 +1526,11 @@ struct fips_test_ops { else test_ops.test = fips_generic_test; break; + case FIPS_TEST_ALGO_AES_XTS: + test_ops.prepare_op = prepare_cipher_op; + test_ops.prepare_xform = prepare_xts_xform; + test_ops.test = fips_generic_test; + break; default: if (strstr(info.file_name, "TECB") || strstr(info.file_name, "TCBC")) { diff --git a/examples/fips_validation/meson.build b/examples/fips_validation/meson.build index 6dd6308..e2745d2 100644 --- a/examples/fips_validation/meson.build +++ b/examples/fips_validation/meson.build @@ -17,6 +17,7 @@ sources = files( 'fips_validation_cmac.c', 'fips_validation_ccm.c', 'fips_validation_sha.c', + 'fips_validation_xts.c', 'fips_dev_self_test.c', 'main.c' ) -- 1.8.3.1