From: Adam Dybkowski <adamx.dybkowski@intel.com>
To: dev@dpdk.org, fiona.trahe@intel.com,
arkadiuszx.kusztal@intel.com, akhil.goyal@nxp.com
Cc: Adam Dybkowski <adamx.dybkowski@intel.com>
Subject: [dpdk-dev] [PATCH v3 1/3] test/crypto: add more AES GCM tests for QAT PMD
Date: Tue, 8 Oct 2019 14:44:31 +0200 [thread overview]
Message-ID: <20191008124433.22304-2-adamx.dybkowski@intel.com> (raw)
In-Reply-To: <20191008124433.22304-1-adamx.dybkowski@intel.com>
This patch adds 256-bit AES GCM tests for QAT PMD
(which already existed for AESNI and OpenSSL) and also adds
a number of negative unit tests for AES GCM for QAT PMD, in order
to verify authenticated encryption and decryption with modified data.
Signed-off-by: Adam Dybkowski <adamx.dybkowski@intel.com>
---
app/test/test_cryptodev.c | 226 ++++++++++++++++++++++++++++++++++++++
1 file changed, 226 insertions(+)
diff --git a/app/test/test_cryptodev.c b/app/test/test_cryptodev.c
index 63cfa1af1..ffed298fd 100644
--- a/app/test/test_cryptodev.c
+++ b/app/test/test_cryptodev.c
@@ -7675,6 +7675,12 @@ test_AES_GCM_authenticated_encryption_test_case_7(void)
return test_authenticated_encryption(&gcm_test_case_7);
}
+static int
+test_AES_GCM_authenticated_encryption_test_case_8(void)
+{
+ return test_authenticated_encryption(&gcm_test_case_8);
+}
+
static int
test_AES_GCM_auth_encryption_test_case_192_1(void)
{
@@ -7771,6 +7777,93 @@ test_AES_GCM_auth_encryption_test_case_aad_2(void)
return test_authenticated_encryption(&gcm_test_case_aad_2);
}
+static int
+test_AES_GCM_auth_encryption_fail_iv_corrupt(void)
+{
+ struct aead_test_data tdata;
+ int res;
+
+ RTE_LOG(INFO, USER1, "This is a negative test, errors are expected\n");
+ memcpy(&tdata, &gcm_test_case_7, sizeof(struct aead_test_data));
+ tdata.iv.data[0] += 1;
+ res = test_authenticated_encryption(&tdata);
+ TEST_ASSERT_EQUAL(res, TEST_FAILED, "encryption not failed");
+ return TEST_SUCCESS;
+}
+
+static int
+test_AES_GCM_auth_encryption_fail_in_data_corrupt(void)
+{
+ struct aead_test_data tdata;
+ int res;
+
+ RTE_LOG(INFO, USER1, "This is a negative test, errors are expected\n");
+ memcpy(&tdata, &gcm_test_case_7, sizeof(struct aead_test_data));
+ tdata.plaintext.data[0] += 1;
+ res = test_authenticated_encryption(&tdata);
+ TEST_ASSERT_EQUAL(res, TEST_FAILED, "encryption not failed");
+ return TEST_SUCCESS;
+}
+
+static int
+test_AES_GCM_auth_encryption_fail_out_data_corrupt(void)
+{
+ struct aead_test_data tdata;
+ int res;
+
+ RTE_LOG(INFO, USER1, "This is a negative test, errors are expected\n");
+ memcpy(&tdata, &gcm_test_case_7, sizeof(struct aead_test_data));
+ tdata.ciphertext.data[0] += 1;
+ res = test_authenticated_encryption(&tdata);
+ TEST_ASSERT_EQUAL(res, TEST_FAILED, "encryption not failed");
+ return TEST_SUCCESS;
+}
+
+static int
+test_AES_GCM_auth_encryption_fail_aad_len_corrupt(void)
+{
+ struct aead_test_data tdata;
+ int res;
+
+ RTE_LOG(INFO, USER1, "This is a negative test, errors are expected\n");
+ memcpy(&tdata, &gcm_test_case_7, sizeof(struct aead_test_data));
+ tdata.aad.len += 1;
+ res = test_authenticated_encryption(&tdata);
+ TEST_ASSERT_EQUAL(res, TEST_FAILED, "encryption not failed");
+ return TEST_SUCCESS;
+}
+
+static int
+test_AES_GCM_auth_encryption_fail_aad_corrupt(void)
+{
+ struct aead_test_data tdata;
+ uint8_t aad[gcm_test_case_7.aad.len];
+ int res;
+
+ RTE_LOG(INFO, USER1, "This is a negative test, errors are expected\n");
+ memcpy(&tdata, &gcm_test_case_7, sizeof(struct aead_test_data));
+ memcpy(aad, gcm_test_case_7.aad.data, gcm_test_case_7.aad.len);
+ aad[0] += 1;
+ tdata.aad.data = aad;
+ res = test_authenticated_encryption(&tdata);
+ TEST_ASSERT_EQUAL(res, TEST_FAILED, "encryption not failed");
+ return TEST_SUCCESS;
+}
+
+static int
+test_AES_GCM_auth_encryption_fail_tag_corrupt(void)
+{
+ struct aead_test_data tdata;
+ int res;
+
+ RTE_LOG(INFO, USER1, "This is a negative test, errors are expected\n");
+ memcpy(&tdata, &gcm_test_case_7, sizeof(struct aead_test_data));
+ tdata.auth_tag.data[0] += 1;
+ res = test_authenticated_encryption(&tdata);
+ TEST_ASSERT_EQUAL(res, TEST_FAILED, "encryption not failed");
+ return TEST_SUCCESS;
+}
+
static int
test_authenticated_decryption(const struct aead_test_data *tdata)
{
@@ -7839,6 +7932,7 @@ test_authenticated_decryption(const struct aead_test_data *tdata)
TEST_ASSERT_EQUAL(ut_params->op->status,
RTE_CRYPTO_OP_STATUS_SUCCESS,
"Authentication failed");
+
return 0;
}
@@ -7884,6 +7978,12 @@ test_AES_GCM_authenticated_decryption_test_case_7(void)
return test_authenticated_decryption(&gcm_test_case_7);
}
+static int
+test_AES_GCM_authenticated_decryption_test_case_8(void)
+{
+ return test_authenticated_decryption(&gcm_test_case_8);
+}
+
static int
test_AES_GCM_auth_decryption_test_case_192_1(void)
{
@@ -7980,6 +8080,88 @@ test_AES_GCM_auth_decryption_test_case_aad_2(void)
return test_authenticated_decryption(&gcm_test_case_aad_2);
}
+static int
+test_AES_GCM_auth_decryption_fail_iv_corrupt(void)
+{
+ struct aead_test_data tdata;
+ int res;
+
+ memcpy(&tdata, &gcm_test_case_7, sizeof(struct aead_test_data));
+ tdata.iv.data[0] += 1;
+ res = test_authenticated_decryption(&tdata);
+ TEST_ASSERT_EQUAL(res, TEST_FAILED, "decryption not failed");
+ return TEST_SUCCESS;
+}
+
+static int
+test_AES_GCM_auth_decryption_fail_in_data_corrupt(void)
+{
+ struct aead_test_data tdata;
+ int res;
+
+ RTE_LOG(INFO, USER1, "This is a negative test, errors are expected\n");
+ memcpy(&tdata, &gcm_test_case_7, sizeof(struct aead_test_data));
+ tdata.plaintext.data[0] += 1;
+ res = test_authenticated_decryption(&tdata);
+ TEST_ASSERT_EQUAL(res, TEST_FAILED, "decryption not failed");
+ return TEST_SUCCESS;
+}
+
+static int
+test_AES_GCM_auth_decryption_fail_out_data_corrupt(void)
+{
+ struct aead_test_data tdata;
+ int res;
+
+ memcpy(&tdata, &gcm_test_case_7, sizeof(struct aead_test_data));
+ tdata.ciphertext.data[0] += 1;
+ res = test_authenticated_decryption(&tdata);
+ TEST_ASSERT_EQUAL(res, TEST_FAILED, "decryption not failed");
+ return TEST_SUCCESS;
+}
+
+static int
+test_AES_GCM_auth_decryption_fail_aad_len_corrupt(void)
+{
+ struct aead_test_data tdata;
+ int res;
+
+ memcpy(&tdata, &gcm_test_case_7, sizeof(struct aead_test_data));
+ tdata.aad.len += 1;
+ res = test_authenticated_decryption(&tdata);
+ TEST_ASSERT_EQUAL(res, TEST_FAILED, "decryption not failed");
+ return TEST_SUCCESS;
+}
+
+static int
+test_AES_GCM_auth_decryption_fail_aad_corrupt(void)
+{
+ struct aead_test_data tdata;
+ uint8_t aad[gcm_test_case_7.aad.len];
+ int res;
+
+ memcpy(&tdata, &gcm_test_case_7, sizeof(struct aead_test_data));
+ memcpy(aad, gcm_test_case_7.aad.data, gcm_test_case_7.aad.len);
+ aad[0] += 1;
+ tdata.aad.data = aad;
+ res = test_authenticated_decryption(&tdata);
+ TEST_ASSERT_EQUAL(res, TEST_FAILED, "decryption not failed");
+ return TEST_SUCCESS;
+}
+
+static int
+test_AES_GCM_auth_decryption_fail_tag_corrupt(void)
+{
+ struct aead_test_data tdata;
+ int res;
+
+ memcpy(&tdata, &gcm_test_case_7, sizeof(struct aead_test_data));
+ tdata.auth_tag.data[0] += 1;
+ res = test_authenticated_decryption(&tdata);
+ TEST_ASSERT_EQUAL(res, TEST_FAILED, "authentication not failed");
+ return TEST_SUCCESS;
+}
+
static int
test_authenticated_encryption_oop(const struct aead_test_data *tdata)
{
@@ -10927,6 +11109,8 @@ static struct unit_test_suite cryptodev_qat_testsuite = {
test_AES_GCM_authenticated_encryption_test_case_6),
TEST_CASE_ST(ut_setup, ut_teardown,
test_AES_GCM_authenticated_encryption_test_case_7),
+ TEST_CASE_ST(ut_setup, ut_teardown,
+ test_AES_GCM_authenticated_encryption_test_case_8),
/** AES GCM Authenticated Decryption */
TEST_CASE_ST(ut_setup, ut_teardown,
@@ -10943,6 +11127,8 @@ static struct unit_test_suite cryptodev_qat_testsuite = {
test_AES_GCM_authenticated_decryption_test_case_6),
TEST_CASE_ST(ut_setup, ut_teardown,
test_AES_GCM_authenticated_decryption_test_case_7),
+ TEST_CASE_ST(ut_setup, ut_teardown,
+ test_AES_GCM_authenticated_decryption_test_case_8),
/** AES GCM Authenticated Encryption 192 bits key */
TEST_CASE_ST(ut_setup, ut_teardown,
@@ -10992,6 +11178,22 @@ static struct unit_test_suite cryptodev_qat_testsuite = {
TEST_CASE_ST(ut_setup, ut_teardown,
test_AES_GCM_auth_encryption_test_case_256_7),
+ /** AES GCM Authenticated Decryption 256 bits key */
+ TEST_CASE_ST(ut_setup, ut_teardown,
+ test_AES_GCM_auth_decryption_test_case_256_1),
+ TEST_CASE_ST(ut_setup, ut_teardown,
+ test_AES_GCM_auth_decryption_test_case_256_2),
+ TEST_CASE_ST(ut_setup, ut_teardown,
+ test_AES_GCM_auth_decryption_test_case_256_3),
+ TEST_CASE_ST(ut_setup, ut_teardown,
+ test_AES_GCM_auth_decryption_test_case_256_4),
+ TEST_CASE_ST(ut_setup, ut_teardown,
+ test_AES_GCM_auth_decryption_test_case_256_5),
+ TEST_CASE_ST(ut_setup, ut_teardown,
+ test_AES_GCM_auth_decryption_test_case_256_6),
+ TEST_CASE_ST(ut_setup, ut_teardown,
+ test_AES_GCM_auth_decryption_test_case_256_7),
+
/** AES GMAC Authentication */
TEST_CASE_ST(ut_setup, ut_teardown,
test_AES_GMAC_authentication_test_case_1),
@@ -11214,6 +11416,30 @@ static struct unit_test_suite cryptodev_qat_testsuite = {
authentication_verify_HMAC_SHA1_fail_data_corrupt),
TEST_CASE_ST(ut_setup, ut_teardown,
authentication_verify_HMAC_SHA1_fail_tag_corrupt),
+ TEST_CASE_ST(ut_setup, ut_teardown,
+ test_AES_GCM_auth_encryption_fail_iv_corrupt),
+ TEST_CASE_ST(ut_setup, ut_teardown,
+ test_AES_GCM_auth_encryption_fail_in_data_corrupt),
+ TEST_CASE_ST(ut_setup, ut_teardown,
+ test_AES_GCM_auth_encryption_fail_out_data_corrupt),
+ TEST_CASE_ST(ut_setup, ut_teardown,
+ test_AES_GCM_auth_encryption_fail_aad_len_corrupt),
+ TEST_CASE_ST(ut_setup, ut_teardown,
+ test_AES_GCM_auth_encryption_fail_aad_corrupt),
+ TEST_CASE_ST(ut_setup, ut_teardown,
+ test_AES_GCM_auth_encryption_fail_tag_corrupt),
+ TEST_CASE_ST(ut_setup, ut_teardown,
+ test_AES_GCM_auth_decryption_fail_iv_corrupt),
+ TEST_CASE_ST(ut_setup, ut_teardown,
+ test_AES_GCM_auth_decryption_fail_in_data_corrupt),
+ TEST_CASE_ST(ut_setup, ut_teardown,
+ test_AES_GCM_auth_decryption_fail_out_data_corrupt),
+ TEST_CASE_ST(ut_setup, ut_teardown,
+ test_AES_GCM_auth_decryption_fail_aad_len_corrupt),
+ TEST_CASE_ST(ut_setup, ut_teardown,
+ test_AES_GCM_auth_decryption_fail_aad_corrupt),
+ TEST_CASE_ST(ut_setup, ut_teardown,
+ test_AES_GCM_auth_decryption_fail_tag_corrupt),
TEST_CASE_ST(ut_setup, ut_teardown,
authentication_verify_AES128_GMAC_fail_data_corrupt),
TEST_CASE_ST(ut_setup, ut_teardown,
--
2.17.1
next prev parent reply other threads:[~2019-10-08 12:52 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-09-06 14:47 [dpdk-dev] [PATCH 0/2] QAT: handle Single Pass GCM Adam Dybkowski
2019-09-06 14:47 ` [dpdk-dev] [PATCH 1/2] common/qat: add new QAT GEN3 definitions Adam Dybkowski
2019-09-06 14:47 ` [dpdk-dev] [PATCH 2/2] crypto/qat: handle Single Pass Crypto Requests Adam Dybkowski
2019-09-27 15:47 ` [dpdk-dev] [PATCH v2 0/3] QAT: handle Single Pass GCM Adam Dybkowski
2019-09-27 15:47 ` [dpdk-dev] [PATCH v2 1/3] test/crypto: add more AES GCM tests for QAT PMD Adam Dybkowski
2019-10-03 12:41 ` Trahe, Fiona
2019-09-27 15:47 ` [dpdk-dev] [PATCH v2 2/3] common/qat: add new QAT GEN3 definitions Adam Dybkowski
2019-10-03 12:58 ` Trahe, Fiona
2019-09-27 15:47 ` [dpdk-dev] [PATCH v2 3/3] crypto/qat: handle Single Pass Crypto Requests on GEN3 QAT Adam Dybkowski
2019-10-03 13:04 ` Trahe, Fiona
2019-10-08 12:44 ` [dpdk-dev] [PATCH v3 0/3] QAT: handle Single Pass GCM Adam Dybkowski
2019-10-08 12:44 ` Adam Dybkowski [this message]
2019-10-08 12:44 ` [dpdk-dev] [PATCH v3 2/3] common/qat: add new QAT GEN3 definitions Adam Dybkowski
2019-10-08 12:44 ` [dpdk-dev] [PATCH v3 3/3] crypto/qat: handle Single Pass Crypto Requests on GEN3 QAT Adam Dybkowski
2019-10-08 15:03 ` [dpdk-dev] [PATCH v3 0/3] QAT: handle Single Pass GCM Trahe, Fiona
2019-10-09 9:17 ` Akhil Goyal
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20191008124433.22304-2-adamx.dybkowski@intel.com \
--to=adamx.dybkowski@intel.com \
--cc=akhil.goyal@nxp.com \
--cc=arkadiuszx.kusztal@intel.com \
--cc=dev@dpdk.org \
--cc=fiona.trahe@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).