From: "Dooley, Brian" <brian.dooley@intel.com>
To: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>,
"dev@dpdk.org" <dev@dpdk.org>
Cc: Anoob Joseph <anoobj@marvell.com>,
"jerinj@marvell.com" <jerinj@marvell.com>,
Akhil Goyal <gakhil@marvell.com>
Subject: RE: [v1, 05/10] examples/fips_validation: add CCM JSON validation
Date: Mon, 27 Feb 2023 09:29:53 +0000 [thread overview]
Message-ID: <DM5PR11MB185159368336B10F328A662283AF9@DM5PR11MB1851.namprd11.prod.outlook.com> (raw)
In-Reply-To: <f419aab9722b0f12315503892d1336d68dd18642.1675693844.git.gmuthukrishn@marvell.com>
> -----Original Message-----
> From: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
> Sent: Monday 6 February 2023 14:46
> To: dev@dpdk.org
> Cc: Anoob Joseph <anoobj@marvell.com>; jerinj@marvell.com; Akhil Goyal
> <gakhil@marvell.com>; Dooley, Brian <brian.dooley@intel.com>;
> Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
> Subject: [v1, 05/10] examples/fips_validation: add CCM JSON validation
>
> Add support in fips_validation to parse CCM JSON vectors.
>
> Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
> ---
> doc/guides/sample_app_ug/fips_validation.rst | 1 +
> examples/fips_validation/fips_validation.c | 2 +
> examples/fips_validation/fips_validation.h | 3 +
> .../fips_validation/fips_validation_ccm.c | 132 ++++++++++++++++++
> examples/fips_validation/main.c | 3 +
> 5 files changed, 141 insertions(+)
>
> diff --git a/doc/guides/sample_app_ug/fips_validation.rst
> b/doc/guides/sample_app_ug/fips_validation.rst
> index 4fc8297b34..613c5afd19 100644
> --- a/doc/guides/sample_app_ug/fips_validation.rst
> +++ b/doc/guides/sample_app_ug/fips_validation.rst
> @@ -60,6 +60,7 @@ ACVP
> * Supported test vectors
> * AES-CBC (128,192,256) - AFT, MCT
> * AES-GCM (128,192,256) - AFT
> + * AES-CCM (128,192,256) - AFT
> * AES-CMAC (128,192,256) - AFT
> * AES-CTR (128,192,256) - AFT, CTR
> * AES-GMAC (128,192,256) - AFT
> diff --git a/examples/fips_validation/fips_validation.c
> b/examples/fips_validation/fips_validation.c
> index d3b6099d73..f840804009 100644
> --- a/examples/fips_validation/fips_validation.c
> +++ b/examples/fips_validation/fips_validation.c
> @@ -460,6 +460,8 @@ fips_test_parse_one_json_vector_set(void)
> /* Vector sets contain the algorithm type, and nothing else we need.
> */
> if (strstr(algo_str, "AES-GCM"))
> info.algo = FIPS_TEST_ALGO_AES_GCM;
> + else if (strstr(algo_str, "AES-CCM"))
> + info.algo = FIPS_TEST_ALGO_AES_CCM;
> else if (strstr(algo_str, "AES-GMAC"))
> info.algo = FIPS_TEST_ALGO_AES_GMAC;
> else if (strstr(algo_str, "HMAC"))
> diff --git a/examples/fips_validation/fips_validation.h
> b/examples/fips_validation/fips_validation.h
> index 8fcb5c8500..c4988053c1 100644
> --- a/examples/fips_validation/fips_validation.h
> +++ b/examples/fips_validation/fips_validation.h
> @@ -338,6 +338,9 @@ fips_test_parse_one_json_case(void);
> int
> parse_test_gcm_json_init(void);
>
> +int
> +parse_test_ccm_json_init(void);
> +
> int
> parse_test_hmac_json_init(void);
>
> diff --git a/examples/fips_validation/fips_validation_ccm.c
> b/examples/fips_validation/fips_validation_ccm.c
> index 632999c1e4..0e3ee0d247 100644
> --- a/examples/fips_validation/fips_validation_ccm.c
> +++ b/examples/fips_validation/fips_validation_ccm.c
> @@ -34,6 +34,18 @@
> #define POS_KEYWORD "Pass"
> #define NEG_KEYWORD "Fail"
>
> +#define DIR_JSON_STR "direction"
> +#define IVLEN_JSON_STR "ivLen"
> +#define PTLEN_JSON_STR "payloadLen"
> +#define AADLEN_JSON_STR "aadLen"
> +#define TAGLEN_JSON_STR "tagLen"
> +#define KEYLEN_JSON_STR "keyLen"
> +#define PT_JSON_STR "pt"
> +#define CT_JSON_STR "ct"
> +#define KEY_JSON_STR "key"
> +#define IV_JSON_STR "iv"
> +#define AAD_JSON_STR "aad"
> +
> static int
> parser_dvpt_interim(const char *key, char *src, struct fips_val *val) { @@ -
> 206,6 +218,126 @@ struct ccm_test_types {
> FIPS_TEST_ENC_AUTH_GEN},
> };
>
> +#ifdef USE_JANSSON
> +static int
> +parser_read_ccm_direction_str(__rte_unused const char *key, char *src,
> + __rte_unused struct fips_val *val)
> +{
> + if (strcmp(src, "encrypt") == 0)
> + info.op = FIPS_TEST_ENC_AUTH_GEN;
> + else if (strcmp(src, "decrypt") == 0)
> + info.op = FIPS_TEST_DEC_AUTH_VERIF;
> +
> + return 0;
> +}
> +
> +static int
> +parser_read_ccm_aad_str(const char *key, char *src, struct fips_val
> +*val) {
> + struct fips_val tmp_val = {0};
> + uint32_t len = val->len;
> +
> + /* CCM aad requires 18 bytes padding before the real content */
> + val->val = rte_zmalloc(NULL, len + 18, 0);
> + if (!val->val)
> + return -1;
> +
> + if (parse_uint8_hex_str(key, src, &tmp_val) < 0)
> + return -1;
> +
> + memcpy(val->val + 18, tmp_val.val, val->len);
> + rte_free(tmp_val.val);
> +
> + return 0;
> +}
> +
> +static int
> +parse_read_ccm_ct_str(const char *key, char *src, struct fips_val *val)
> +{
> + int ret;
> +
> + val->len = vec.pt.len;
> +
> + ret = parse_uint8_known_len_hex_str(key, src, val);
> + if (ret < 0)
> + return ret;
> +
> + src += val->len * 2;
> +
> + ret = parse_uint8_known_len_hex_str("", src, &vec.aead.digest);
> + if (ret < 0) {
> + rte_free(val->val);
> + memset(val, 0, sizeof(*val));
> + return ret;
> + }
> +
> + return 0;
> +}
> +
> +struct fips_test_callback ccm_tests_interim_json_vectors[] = {
> + {DIR_JSON_STR, parser_read_ccm_direction_str, NULL},
> + {IVLEN_JSON_STR, parser_read_uint32_bit_val, &vec.iv},
> + {PTLEN_JSON_STR, parser_read_uint32_bit_val, &vec.pt},
> + {AADLEN_JSON_STR, parser_read_uint32_bit_val, &vec.aead.aad},
> + {TAGLEN_JSON_STR, parser_read_uint32_bit_val,
> &vec.aead.digest},
> + {KEYLEN_JSON_STR, parser_read_uint32_bit_val, &vec.aead.key},
> + {NULL, NULL, NULL} /**< end pointer */ };
> +
> +struct fips_test_callback ccm_tests_json_vectors[] = {
> + {PT_JSON_STR, parse_uint8_known_len_hex_str, &vec.pt},
> + {CT_JSON_STR, parse_read_ccm_ct_str, &vec.ct},
> + {KEY_JSON_STR, parse_uint8_known_len_hex_str, &vec.aead.key},
> + {IV_JSON_STR, parse_uint8_known_len_hex_str, &vec.iv},
> + {AAD_JSON_STR, parser_read_ccm_aad_str, &vec.aead.aad},
> + {NULL, NULL, NULL} /**< end pointer */ };
> +
> +static int
> +parse_test_ccm_json_writeback(struct fips_val *val) {
> + struct fips_val tmp_val;
> + json_t *tcId;
> +
> + tcId = json_object_get(json_info.json_test_case, "tcId");
> + json_info.json_write_case = json_object();
> + json_object_set(json_info.json_write_case, "tcId", tcId);
> +
> + if (info.op == FIPS_TEST_ENC_AUTH_GEN) {
> + json_t *ct;
> +
> + info.one_line_text[0] = '\0';
> + writeback_hex_str("", info.one_line_text, val);
> + ct = json_string(info.one_line_text);
> + json_object_set_new(json_info.json_write_case,
> CT_JSON_STR, ct);
> + } else {
> + if (vec.status == RTE_CRYPTO_OP_STATUS_SUCCESS) {
> + tmp_val.val = val->val;
> + tmp_val.len = vec.pt.len;
> +
> + info.one_line_text[0] = '\0';
> + writeback_hex_str("", info.one_line_text,
> &tmp_val);
> + json_object_set_new(json_info.json_write_case,
> PT_JSON_STR,
> + json_string(info.one_line_text));
> + } else {
> + json_object_set_new(json_info.json_write_case,
> "testPassed",
> + json_false());
> + }
> + }
> +
> + return 0;
> +}
> +
> +int
> +parse_test_ccm_json_init(void)
> +{
> + info.interim_callbacks = ccm_tests_interim_json_vectors;
> + info.parse_writeback = parse_test_ccm_json_writeback;
> + info.callbacks = ccm_tests_json_vectors;
> + return 0;
> +}
> +#endif /* USE_JANSSON */
> +
> static int
> parse_test_ccm_writeback(struct fips_val *val) { diff --git
> a/examples/fips_validation/main.c b/examples/fips_validation/main.c index
> 52076160b5..1974dc959b 100644
> --- a/examples/fips_validation/main.c
> +++ b/examples/fips_validation/main.c
> @@ -2677,6 +2677,9 @@ fips_test_one_test_group(void)
> case FIPS_TEST_ALGO_AES_GCM:
> ret = parse_test_gcm_json_init();
> break;
> + case FIPS_TEST_ALGO_AES_CCM:
> + ret = parse_test_ccm_json_init();
> + break;
> case FIPS_TEST_ALGO_HMAC:
> ret = parse_test_hmac_json_init();
> break;
> --
> 2.25.1
Acked-by: Brian Dooley <brian.dooley@intel.com>
next prev parent reply other threads:[~2023-02-27 9:30 UTC|newest]
Thread overview: 40+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-02-06 14:45 [v1, 00/10] fips_validation application improvements Gowrishankar Muthukrishnan
2023-02-06 14:45 ` [v1, 01/10] examples/fips_validation: fix MCT output for SHA Gowrishankar Muthukrishnan
2023-02-27 9:31 ` Dooley, Brian
2023-02-06 14:45 ` [v1, 02/10] examples/fips_validation: add SHA3 validation Gowrishankar Muthukrishnan
2023-02-27 9:31 ` Dooley, Brian
2023-02-06 14:45 ` [v1, 03/10] examples/fips_validation: fix integer parse in test case Gowrishankar Muthukrishnan
2023-02-27 9:30 ` Dooley, Brian
2023-02-06 14:45 ` [v1, 04/10] examples/fips_validation: add SHAKE validation Gowrishankar Muthukrishnan
2023-02-27 9:30 ` Dooley, Brian
2023-02-06 14:45 ` [v1, 05/10] examples/fips_validation: add CCM JSON validation Gowrishankar Muthukrishnan
2023-02-27 9:29 ` Dooley, Brian [this message]
2023-02-06 14:45 ` [v1, 06/10] examples/fips_validation: add ECDSA keygen support Gowrishankar Muthukrishnan
2023-02-27 9:29 ` Dooley, Brian
2023-02-06 14:45 ` [v1, 07/10] examples/fips_validation: add SHA3 algorithms in ECDSA test Gowrishankar Muthukrishnan
2023-02-27 9:29 ` Dooley, Brian
2023-02-06 14:46 ` [v1, 08/10] examples/fips_validation: fix AES GCM validation tests Gowrishankar Muthukrishnan
2023-02-27 9:29 ` Dooley, Brian
2023-02-06 14:46 ` [v1, 09/10] examples/fips_validation: fix AES XTS to read seq number Gowrishankar Muthukrishnan
2023-02-27 9:28 ` Dooley, Brian
2023-02-06 14:46 ` [v1, 10/10] examples/fips_validation: add extra space in JSON buffer Gowrishankar Muthukrishnan
2023-02-27 9:27 ` Dooley, Brian
2023-02-27 9:32 ` [v1, 00/10] fips_validation application improvements Dooley, Brian
2023-02-27 17:27 ` Akhil Goyal
2023-02-28 7:39 ` Akhil Goyal
2023-02-28 14:42 ` Patrick Robb
2023-02-28 15:02 ` [EXT] " Akhil Goyal
2023-02-28 15:52 ` Patrick Robb
2023-03-01 4:04 ` Gowrishankar Muthukrishnan
2023-02-28 17:28 ` [v2, " Gowrishankar Muthukrishnan
2023-02-28 17:28 ` [v2, 01/10] examples/fips_validation: fix MCT output for SHA Gowrishankar Muthukrishnan
2023-02-28 17:28 ` [v2, 02/10] examples/fips_validation: add SHA3 validation Gowrishankar Muthukrishnan
2023-02-28 17:28 ` [v2, 03/10] examples/fips_validation: fix integer parse in test case Gowrishankar Muthukrishnan
2023-02-28 17:28 ` [v2, 04/10] examples/fips_validation: add SHAKE validation Gowrishankar Muthukrishnan
2023-02-28 17:28 ` [v2, 05/10] examples/fips_validation: add CCM JSON validation Gowrishankar Muthukrishnan
2023-02-28 17:28 ` [v2, 06/10] examples/fips_validation: add ECDSA keygen support Gowrishankar Muthukrishnan
2023-02-28 17:28 ` [v2, 07/10] examples/fips_validation: add SHA3 algorithms in ECDSA test Gowrishankar Muthukrishnan
2023-02-28 17:28 ` [v2, 08/10] examples/fips_validation: fix AES GCM validation tests Gowrishankar Muthukrishnan
2023-02-28 17:28 ` [v2, 09/10] examples/fips_validation: fix AES XTS to read seq number Gowrishankar Muthukrishnan
2023-02-28 17:28 ` [v2, 10/10] examples/fips_validation: add extra space in JSON buffer Gowrishankar Muthukrishnan
2023-03-01 11:11 ` [v2, 00/10] fips_validation application improvements Akhil Goyal
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=DM5PR11MB185159368336B10F328A662283AF9@DM5PR11MB1851.namprd11.prod.outlook.com \
--to=brian.dooley@intel.com \
--cc=anoobj@marvell.com \
--cc=dev@dpdk.org \
--cc=gakhil@marvell.com \
--cc=gmuthukrishn@marvell.com \
--cc=jerinj@marvell.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).