From: "Dooley, Brian" <brian.dooley@intel.com>
To: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>,
"dev@dpdk.org" <dev@dpdk.org>
Cc: Anoob Joseph <anoobj@marvell.com>,
"jerinj@marvell.com" <jerinj@marvell.com>,
Akhil Goyal <gakhil@marvell.com>
Subject: RE: [v1, 02/10] examples/fips_validation: add SHA3 validation
Date: Mon, 27 Feb 2023 09:31:05 +0000 [thread overview]
Message-ID: <DM5PR11MB1851D951850FAD233344293F83AF9@DM5PR11MB1851.namprd11.prod.outlook.com> (raw)
In-Reply-To: <18c7a6838c18d041c52ef57e807eb34871af3946.1675693844.git.gmuthukrishn@marvell.com>
> -----Original Message-----
> From: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
> Sent: Monday 6 February 2023 14:46
> To: dev@dpdk.org
> Cc: Anoob Joseph <anoobj@marvell.com>; jerinj@marvell.com; Akhil Goyal
> <gakhil@marvell.com>; Dooley, Brian <brian.dooley@intel.com>;
> Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
> Subject: [v1, 02/10] examples/fips_validation: add SHA3 validation
>
> Add support in fips_validation to parse SHA3 algorithms.
>
> Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
> ---
> doc/guides/sample_app_ug/fips_validation.rst | 5 +-
> examples/fips_validation/fips_validation.h | 1 +
> .../fips_validation/fips_validation_hmac.c | 8 ++
> .../fips_validation/fips_validation_sha.c | 20 +++--
> examples/fips_validation/main.c | 76 +++++++++----------
> 5 files changed, 61 insertions(+), 49 deletions(-)
>
> diff --git a/doc/guides/sample_app_ug/fips_validation.rst
> b/doc/guides/sample_app_ug/fips_validation.rst
> index 50d23c789b..55837895fe 100644
> --- a/doc/guides/sample_app_ug/fips_validation.rst
> +++ b/doc/guides/sample_app_ug/fips_validation.rst
> @@ -64,8 +64,9 @@ ACVP
> * AES-CTR (128,192,256) - AFT, CTR
> * AES-GMAC (128,192,256) - AFT
> * AES-XTS (128,256) - AFT
> - * HMAC (SHA1, SHA224, SHA256, SHA384, SHA512)
> - * SHA (1, 256, 384, 512) - AFT, MCT
> + * HMAC (SHA1, SHA224, SHA256, SHA384, SHA512, SHA3_224, SHA3_256,
> SHA3_384, SHA3_512)
> + * SHA (1, 224, 256, 384, 512) - AFT, MCT
> + * SHA3 (224, 256, 384, 512) - AFT, MCT
> * TDES-CBC - AFT, MCT
> * TDES-ECB - AFT, MCT
> * RSA
> diff --git a/examples/fips_validation/fips_validation.h
> b/examples/fips_validation/fips_validation.h
> index 565a5cd36e..6c1bd35849 100644
> --- a/examples/fips_validation/fips_validation.h
> +++ b/examples/fips_validation/fips_validation.h
> @@ -205,6 +205,7 @@ struct sha_interim_data {
> /* keep algo always on top as it is also used in asym digest */
> enum rte_crypto_auth_algorithm algo;
> enum fips_sha_test_types test_type;
> + uint8_t md_blocks;
> };
>
> struct gcm_interim_data {
> diff --git a/examples/fips_validation/fips_validation_hmac.c
> b/examples/fips_validation/fips_validation_hmac.c
> index e0721ef028..f1cbc18435 100644
> --- a/examples/fips_validation/fips_validation_hmac.c
> +++ b/examples/fips_validation/fips_validation_hmac.c
> @@ -37,6 +37,10 @@ struct hash_size_conversion {
> {"32", RTE_CRYPTO_AUTH_SHA256_HMAC},
> {"48", RTE_CRYPTO_AUTH_SHA384_HMAC},
> {"64", RTE_CRYPTO_AUTH_SHA512_HMAC},
> + {"28", RTE_CRYPTO_AUTH_SHA3_224_HMAC},
> + {"32", RTE_CRYPTO_AUTH_SHA3_256_HMAC},
> + {"48", RTE_CRYPTO_AUTH_SHA3_384_HMAC},
> + {"64", RTE_CRYPTO_AUTH_SHA3_512_HMAC},
> };
>
> static int
> @@ -81,6 +85,10 @@ struct hash_size_conversion json_algorithms[] = {
> {"HMAC-SHA2-256", RTE_CRYPTO_AUTH_SHA256_HMAC},
> {"HMAC-SHA2-384", RTE_CRYPTO_AUTH_SHA384_HMAC},
> {"HMAC-SHA2-512", RTE_CRYPTO_AUTH_SHA512_HMAC},
> + {"HMAC-SHA3-224", RTE_CRYPTO_AUTH_SHA3_224_HMAC},
> + {"HMAC-SHA3-256", RTE_CRYPTO_AUTH_SHA3_256_HMAC},
> + {"HMAC-SHA3-384", RTE_CRYPTO_AUTH_SHA3_384_HMAC},
> + {"HMAC-SHA3-512", RTE_CRYPTO_AUTH_SHA3_512_HMAC},
> };
>
> struct fips_test_callback hmac_tests_json_vectors[] = { diff --git
> a/examples/fips_validation/fips_validation_sha.c
> b/examples/fips_validation/fips_validation_sha.c
> index 178ea492d3..8b68f5ed36 100644
> --- a/examples/fips_validation/fips_validation_sha.c
> +++ b/examples/fips_validation/fips_validation_sha.c
> @@ -32,6 +32,10 @@ struct plain_hash_size_conversion {
> {"32", RTE_CRYPTO_AUTH_SHA256},
> {"48", RTE_CRYPTO_AUTH_SHA384},
> {"64", RTE_CRYPTO_AUTH_SHA512},
> + {"28", RTE_CRYPTO_AUTH_SHA3_224},
> + {"32", RTE_CRYPTO_AUTH_SHA3_256},
> + {"48", RTE_CRYPTO_AUTH_SHA3_384},
> + {"64", RTE_CRYPTO_AUTH_SHA3_512},
> };
>
> int
> @@ -96,12 +100,17 @@ static struct {
> static struct plain_hash_algorithms {
> const char *str;
> enum rte_crypto_auth_algorithm algo;
> + uint8_t md_blocks;
> } json_algorithms[] = {
> - {"SHA-1", RTE_CRYPTO_AUTH_SHA1},
> - {"SHA2-224", RTE_CRYPTO_AUTH_SHA224},
> - {"SHA2-256", RTE_CRYPTO_AUTH_SHA256},
> - {"SHA2-384", RTE_CRYPTO_AUTH_SHA384},
> - {"SHA2-512", RTE_CRYPTO_AUTH_SHA512},
> + {"SHA-1", RTE_CRYPTO_AUTH_SHA1, 3},
> + {"SHA2-224", RTE_CRYPTO_AUTH_SHA224, 3},
> + {"SHA2-256", RTE_CRYPTO_AUTH_SHA256, 3},
> + {"SHA2-384", RTE_CRYPTO_AUTH_SHA384, 3},
> + {"SHA2-512", RTE_CRYPTO_AUTH_SHA512, 3},
> + {"SHA3-224", RTE_CRYPTO_AUTH_SHA3_224, 1},
> + {"SHA3-256", RTE_CRYPTO_AUTH_SHA3_256, 1},
> + {"SHA3-384", RTE_CRYPTO_AUTH_SHA3_384, 1},
> + {"SHA3-512", RTE_CRYPTO_AUTH_SHA3_512, 1},
> };
>
> struct fips_test_callback sha_tests_json_vectors[] = { @@ -233,6 +242,7 @@
> parse_test_sha_json_algorithm(void)
> for (i = 0; i < RTE_DIM(json_algorithms); i++) {
> if (strstr(algorithm_str, json_algorithms[i].str)) {
> info.interim_info.sha_data.algo =
> json_algorithms[i].algo;
> + info.interim_info.sha_data.md_blocks =
> json_algorithms[i].md_blocks;
> break;
> }
> }
> diff --git a/examples/fips_validation/main.c
> b/examples/fips_validation/main.c index cc585e8418..cf29e440f1 100644
> --- a/examples/fips_validation/main.c
> +++ b/examples/fips_validation/main.c
> @@ -2267,22 +2267,27 @@ fips_mct_sha_test(void) {
> #define SHA_EXTERN_ITER 100
> #define SHA_INTERN_ITER 1000
> -#define SHA_MD_BLOCK 3
> + uint8_t md_blocks = info.interim_info.sha_data.md_blocks;
> struct fips_val val = {NULL, 0};
> - struct fips_val md[SHA_MD_BLOCK], msg;
> + struct fips_val md[md_blocks];
> int ret;
> - uint32_t i, j;
> + uint32_t i, j, k, offset, max_outlen;
> +
> + max_outlen = md_blocks * vec.cipher_auth.digest.len;
> +
> + if (vec.cipher_auth.digest.val)
> + free(vec.cipher_auth.digest.val);
> +
> + vec.cipher_auth.digest.val = calloc(1, max_outlen);
>
> - msg.len = SHA_MD_BLOCK * vec.cipher_auth.digest.len;
> - msg.val = calloc(1, msg.len);
> if (vec.pt.val)
> memcpy(vec.cipher_auth.digest.val, vec.pt.val,
> vec.cipher_auth.digest.len);
>
> - for (i = 0; i < SHA_MD_BLOCK; i++)
> - md[i].val = rte_malloc(NULL, (MAX_DIGEST_SIZE*2), 0);
> -
> rte_free(vec.pt.val);
> - vec.pt.val = rte_malloc(NULL, (MAX_DIGEST_SIZE*SHA_MD_BLOCK),
> 0);
> + vec.pt.val = rte_malloc(NULL, (MAX_DIGEST_SIZE*md_blocks), 0);
> +
> + for (i = 0; i < md_blocks; i++)
> + md[i].val = rte_malloc(NULL, (MAX_DIGEST_SIZE*2), 0);
>
> if (info.file_type != FIPS_TYPE_JSON) {
> fips_test_write_one_case();
> @@ -2290,30 +2295,19 @@ fips_mct_sha_test(void)
> }
>
> for (j = 0; j < SHA_EXTERN_ITER; j++) {
> -
> - memcpy(md[0].val, vec.cipher_auth.digest.val,
> - vec.cipher_auth.digest.len);
> - md[0].len = vec.cipher_auth.digest.len;
> - memcpy(md[1].val, vec.cipher_auth.digest.val,
> - vec.cipher_auth.digest.len);
> - md[1].len = vec.cipher_auth.digest.len;
> - memcpy(md[2].val, vec.cipher_auth.digest.val,
> - vec.cipher_auth.digest.len);
> - md[2].len = vec.cipher_auth.digest.len;
> -
> - for (i = 0; i < SHA_MD_BLOCK; i++)
> - memcpy(&msg.val[i * md[i].len], md[i].val,
> md[i].len);
> + for (i = 0; i < md_blocks; i++) {
> + memcpy(md[i].val, vec.cipher_auth.digest.val,
> + vec.cipher_auth.digest.len);
> + md[i].len = vec.cipher_auth.digest.len;
> + }
>
> for (i = 0; i < (SHA_INTERN_ITER); i++) {
> -
> - memcpy(vec.pt.val, md[0].val,
> - (size_t)md[0].len);
> - memcpy((vec.pt.val + md[0].len), md[1].val,
> - (size_t)md[1].len);
> - memcpy((vec.pt.val + md[0].len + md[1].len),
> - md[2].val,
> - (size_t)md[2].len);
> - vec.pt.len = md[0].len + md[1].len + md[2].len;
> + offset = 0;
> + for (k = 0; k < md_blocks; k++) {
> + memcpy(vec.pt.val + offset, md[k].val,
> (size_t)md[k].len);
> + offset += md[k].len;
> + }
> + vec.pt.len = offset;
>
> ret = fips_run_test();
> if (ret < 0) {
> @@ -2331,18 +2325,18 @@ fips_mct_sha_test(void)
> if (ret < 0)
> return ret;
>
> - memcpy(md[0].val, md[1].val, md[1].len);
> - md[0].len = md[1].len;
> - memcpy(md[1].val, md[2].val, md[2].len);
> - md[1].len = md[2].len;
> + for (k = 1; k < md_blocks; k++) {
> + memcpy(md[k-1].val, md[k].val, md[k].len);
> + md[k-1].len = md[k].len;
> + }
>
> - memcpy(md[2].val, (val.val + vec.pt.len),
> + memcpy(md[md_blocks-1].val, (val.val + vec.pt.len),
> vec.cipher_auth.digest.len);
> - md[2].len = vec.cipher_auth.digest.len;
> + md[md_blocks-1].len = vec.cipher_auth.digest.len;
> }
>
> - memcpy(vec.cipher_auth.digest.val, md[2].val, md[2].len);
> - vec.cipher_auth.digest.len = md[2].len;
> + memcpy(vec.cipher_auth.digest.val, md[md_blocks-1].val,
> md[md_blocks-1].len);
> + vec.cipher_auth.digest.len = md[md_blocks-1].len;
>
> if (info.file_type != FIPS_TYPE_JSON)
> fprintf(info.fp_wr, "COUNT = %u\n", j); @@ -2353,14
> +2347,12 @@ fips_mct_sha_test(void)
> fprintf(info.fp_wr, "\n");
> }
>
> - for (i = 0; i < (SHA_MD_BLOCK); i++)
> + for (i = 0; i < (md_blocks); i++)
> rte_free(md[i].val);
>
> rte_free(vec.pt.val);
>
> free(val.val);
> - free(msg.val);
> -
> return 0;
> }
>
> --
> 2.25.1
Acked-by: Brian Dooley <brian.dooley@intel.com>
next prev parent reply other threads:[~2023-02-27 9:31 UTC|newest]
Thread overview: 40+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-02-06 14:45 [v1, 00/10] fips_validation application improvements Gowrishankar Muthukrishnan
2023-02-06 14:45 ` [v1, 01/10] examples/fips_validation: fix MCT output for SHA Gowrishankar Muthukrishnan
2023-02-27 9:31 ` Dooley, Brian
2023-02-06 14:45 ` [v1, 02/10] examples/fips_validation: add SHA3 validation Gowrishankar Muthukrishnan
2023-02-27 9:31 ` Dooley, Brian [this message]
2023-02-06 14:45 ` [v1, 03/10] examples/fips_validation: fix integer parse in test case Gowrishankar Muthukrishnan
2023-02-27 9:30 ` Dooley, Brian
2023-02-06 14:45 ` [v1, 04/10] examples/fips_validation: add SHAKE validation Gowrishankar Muthukrishnan
2023-02-27 9:30 ` Dooley, Brian
2023-02-06 14:45 ` [v1, 05/10] examples/fips_validation: add CCM JSON validation Gowrishankar Muthukrishnan
2023-02-27 9:29 ` Dooley, Brian
2023-02-06 14:45 ` [v1, 06/10] examples/fips_validation: add ECDSA keygen support Gowrishankar Muthukrishnan
2023-02-27 9:29 ` Dooley, Brian
2023-02-06 14:45 ` [v1, 07/10] examples/fips_validation: add SHA3 algorithms in ECDSA test Gowrishankar Muthukrishnan
2023-02-27 9:29 ` Dooley, Brian
2023-02-06 14:46 ` [v1, 08/10] examples/fips_validation: fix AES GCM validation tests Gowrishankar Muthukrishnan
2023-02-27 9:29 ` Dooley, Brian
2023-02-06 14:46 ` [v1, 09/10] examples/fips_validation: fix AES XTS to read seq number Gowrishankar Muthukrishnan
2023-02-27 9:28 ` Dooley, Brian
2023-02-06 14:46 ` [v1, 10/10] examples/fips_validation: add extra space in JSON buffer Gowrishankar Muthukrishnan
2023-02-27 9:27 ` Dooley, Brian
2023-02-27 9:32 ` [v1, 00/10] fips_validation application improvements Dooley, Brian
2023-02-27 17:27 ` Akhil Goyal
2023-02-28 7:39 ` Akhil Goyal
2023-02-28 14:42 ` Patrick Robb
2023-02-28 15:02 ` [EXT] " Akhil Goyal
2023-02-28 15:52 ` Patrick Robb
2023-03-01 4:04 ` Gowrishankar Muthukrishnan
2023-02-28 17:28 ` [v2, " Gowrishankar Muthukrishnan
2023-02-28 17:28 ` [v2, 01/10] examples/fips_validation: fix MCT output for SHA Gowrishankar Muthukrishnan
2023-02-28 17:28 ` [v2, 02/10] examples/fips_validation: add SHA3 validation Gowrishankar Muthukrishnan
2023-02-28 17:28 ` [v2, 03/10] examples/fips_validation: fix integer parse in test case Gowrishankar Muthukrishnan
2023-02-28 17:28 ` [v2, 04/10] examples/fips_validation: add SHAKE validation Gowrishankar Muthukrishnan
2023-02-28 17:28 ` [v2, 05/10] examples/fips_validation: add CCM JSON validation Gowrishankar Muthukrishnan
2023-02-28 17:28 ` [v2, 06/10] examples/fips_validation: add ECDSA keygen support Gowrishankar Muthukrishnan
2023-02-28 17:28 ` [v2, 07/10] examples/fips_validation: add SHA3 algorithms in ECDSA test Gowrishankar Muthukrishnan
2023-02-28 17:28 ` [v2, 08/10] examples/fips_validation: fix AES GCM validation tests Gowrishankar Muthukrishnan
2023-02-28 17:28 ` [v2, 09/10] examples/fips_validation: fix AES XTS to read seq number Gowrishankar Muthukrishnan
2023-02-28 17:28 ` [v2, 10/10] examples/fips_validation: add extra space in JSON buffer Gowrishankar Muthukrishnan
2023-03-01 11:11 ` [v2, 00/10] fips_validation application improvements Akhil Goyal
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=DM5PR11MB1851D951850FAD233344293F83AF9@DM5PR11MB1851.namprd11.prod.outlook.com \
--to=brian.dooley@intel.com \
--cc=anoobj@marvell.com \
--cc=dev@dpdk.org \
--cc=gakhil@marvell.com \
--cc=gmuthukrishn@marvell.com \
--cc=jerinj@marvell.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).