From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id F150BA0555; Wed, 25 May 2022 17:47:22 +0200 (CEST) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 2CF3342BD3; Wed, 25 May 2022 17:46:30 +0200 (CEST) Received: from mx0b-0016f401.pphosted.com (mx0b-0016f401.pphosted.com [67.231.156.173]) by mails.dpdk.org (Postfix) with ESMTP id A7F0042BD2 for ; Wed, 25 May 2022 17:46:28 +0200 (CEST) Received: from pps.filterd (m0045851.ppops.net [127.0.0.1]) by mx0b-0016f401.pphosted.com (8.17.1.5/8.17.1.5) with ESMTP id 24P7U2ii020530; Wed, 25 May 2022 08:46:28 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding : content-type; s=pfpt0220; bh=GASl6ra5DFCNtBjksnYrFkh6rAyb+I2jxIukpZSHGrs=; b=k4e0DWAYFNZgipXd1kiw6vdbh4sBU706QTS1sKx9niwTzbelV/as3tVCxMyrgHnl4PU2 3sKSldifgAl6k9VUrHjpx+xLp4ZW5vWp05knKqwclXR4kKnFhOM04EqVBSD3KtOjLsdP y/0qCfDwylWnJF8BoqTsS4+/2cdlHOUubQJjiv+7H+ENX61LcmSDyJSBFlsemzUMfAcq ARBpJqk1j2EZs4M8rSTb2CcYBy8iu7wjccVVOBSgozw6uW6T+J2cssE9+8dq3MjfkTa/ 4k+CDpr0zdEQdWf3H5PWpkxvspODjI7TJ9Bi0IcGb6M4/dIHBJL+TE1tkgI/AtokaHgI 2g== Received: from dc5-exch01.marvell.com ([199.233.59.181]) by mx0b-0016f401.pphosted.com (PPS) with ESMTPS id 3g93ty4g02-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Wed, 25 May 2022 08:46:27 -0700 Received: from DC5-EXCH01.marvell.com (10.69.176.38) by DC5-EXCH01.marvell.com (10.69.176.38) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Wed, 25 May 2022 08:46:25 -0700 Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH01.marvell.com (10.69.176.38) with Microsoft SMTP Server id 15.0.1497.2 via Frontend Transport; Wed, 25 May 2022 08:46:24 -0700 Received: from localhost.localdomain (unknown [10.28.34.38]) by maili.marvell.com (Postfix) with ESMTP id 718133F7052; Wed, 25 May 2022 08:46:23 -0700 (PDT) From: Gowrishankar Muthukrishnan To: CC: Fan Zhang , Brian Dooley , , Anoob Joseph , Archana Muniganti , Jerin Jacob , Gowrishankar Muthukrishnan Subject: [v5, 11/11] examples/fips_validation: add parsing for aes_cbc Date: Wed, 25 May 2022 21:15:42 +0530 Message-ID: <4c9975d32a1e6e28debe11afafa3f1d7045030d9.1653491969.git.gmuthukrishn@marvell.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: References: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Content-Type: text/plain X-Proofpoint-GUID: vjhDO55v5KamOzkWj2Lb6eA8MWTeZY4m X-Proofpoint-ORIG-GUID: vjhDO55v5KamOzkWj2Lb6eA8MWTeZY4m X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.874,Hydra:6.0.486,FMLib:17.11.64.514 definitions=2022-05-25_04,2022-05-25_02,2022-02-23_01 X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Added function to parse algorithm for AES_CBC test. Signed-off-by: Gowrishankar Muthukrishnan --- examples/fips_validation/fips_validation.c | 8 +- examples/fips_validation/fips_validation.h | 4 + .../fips_validation/fips_validation_aes.c | 223 ++++++++++++++++++ examples/fips_validation/main.c | 73 ++++-- 4 files changed, 281 insertions(+), 27 deletions(-) diff --git a/examples/fips_validation/fips_validation.c b/examples/fips_validation/fips_validation.c index ab4c0d0eca..8cec172a5f 100644 --- a/examples/fips_validation/fips_validation.c +++ b/examples/fips_validation/fips_validation.c @@ -120,7 +120,7 @@ fips_test_parse_header(void) for (i = 0; i < info.nb_vec_lines; i++) { if (!algo_parsed) { - if (strstr(info.vec[i], "AESVS")) { + if (strstr(info.vec[i], "AES")) { algo_parsed = 1; info.algo = FIPS_TEST_ALGO_AES; ret = parse_test_aes_init(); @@ -458,10 +458,12 @@ fips_test_parse_one_json_vector_set(void) /* Vector sets contain the algorithm type, and nothing else we need. */ if (strstr(algo_str, "AES-GCM")) info.algo = FIPS_TEST_ALGO_AES_GCM; - if (strstr(algo_str, "HMAC")) + else if (strstr(algo_str, "HMAC")) info.algo = FIPS_TEST_ALGO_HMAC; - if (strstr(algo_str, "CMAC")) + else if (strstr(algo_str, "CMAC")) info.algo = FIPS_TEST_ALGO_AES_CMAC; + else if (strstr(algo_str, "AES-CBC")) + info.algo = FIPS_TEST_ALGO_AES; else return -EINVAL; diff --git a/examples/fips_validation/fips_validation.h b/examples/fips_validation/fips_validation.h index 88cbb0303e..6385ec4d8d 100644 --- a/examples/fips_validation/fips_validation.h +++ b/examples/fips_validation/fips_validation.h @@ -103,6 +103,7 @@ enum fips_aesavs_test_types { AESAVS_TYPE_VARTXT, AESAVS_TYPE_MMT, AESAVS_TYPE_MCT, + AESAVS_TYPE_AFT, }; enum fips_tdes_test_types { @@ -262,6 +263,9 @@ parse_test_hmac_json_algorithm(void); int parse_test_cmac_json_init(void); + +int +parse_test_aes_json_init(void); #endif /* RTE_HAS_JANSSON */ int diff --git a/examples/fips_validation/fips_validation_aes.c b/examples/fips_validation/fips_validation_aes.c index b3c5e31f32..f935217f34 100644 --- a/examples/fips_validation/fips_validation_aes.c +++ b/examples/fips_validation/fips_validation_aes.c @@ -7,6 +7,7 @@ #include #include +#include #include "fips_validation.h" @@ -25,6 +26,19 @@ #define OP_ENC_STR "ENCRYPT" #define OP_DEC_STR "DECRYPT" +#define ALGO_JSON_STR "algorithm" +#define TESTTYPE_JSON_STR "testType" +#define DIR_JSON_STR "direction" +#define KEYLEN_JSON_STR "keyLen" + +#define KEY_JSON_STR "key" +#define IV_JSON_STR "iv" +#define PT_JSON_STR "pt" +#define CT_JSON_STR "ct" + +#define OP_ENC_JSON_STR "encrypt" +#define OP_DEC_JSON_STR "decrypt" + struct { uint32_t type; const char *desc; @@ -37,6 +51,7 @@ struct { {TDES_VARIABLE_TEXT, "KAT"}, {AESAVS_TYPE_MMT, "MMT"}, {AESAVS_TYPE_MCT, "MCT"}, + {AESAVS_TYPE_AFT, "AFT"}, }; struct aes_test_algo { @@ -92,6 +107,214 @@ struct fips_test_callback aes_writeback_callbacks[] = { {NULL, NULL, NULL} /**< end pointer */ }; +#ifdef RTE_HAS_JANSSON +struct fips_test_callback aes_dec_json_vectors[] = { + {KEY_JSON_STR, parse_uint8_known_len_hex_str, &vec.cipher_auth.key}, + {IV_JSON_STR, parse_uint8_hex_str, &vec.iv}, + {CT_JSON_STR, parse_uint8_hex_str, &vec.ct}, + {NULL, NULL, NULL} /**< end pointer */ +}; + +struct fips_test_callback aes_interim_json_vectors[] = { + {KEYLEN_JSON_STR, parser_read_uint32_bit_val, &vec.cipher_auth.key}, + {NULL, NULL, NULL} /**< end pointer */ +}; + +struct fips_test_callback aes_enc_json_vectors[] = { + {KEY_JSON_STR, parse_uint8_known_len_hex_str, &vec.cipher_auth.key}, + {IV_JSON_STR, parse_uint8_hex_str, &vec.iv}, + {PT_JSON_STR, parse_uint8_hex_str, &vec.pt}, + {NULL, NULL, NULL} /**< end pointer */ +}; + +static int +parse_test_aes_json_writeback(struct fips_val *val) +{ + struct fips_val tmp_val; + json_t *tcId; + + tcId = json_object_get(json_info.json_test_case, "tcId"); + + json_info.json_write_case = json_object(); + json_object_set(json_info.json_write_case, "tcId", tcId); + + if (info.op == FIPS_TEST_ENC_AUTH_GEN) { + json_t *ct; + + tmp_val.val = val->val; + tmp_val.len = vec.pt.len; + + writeback_hex_str("", info.one_line_text, &tmp_val); + ct = json_string(info.one_line_text); + json_object_set_new(json_info.json_write_case, CT_JSON_STR, ct); + + tmp_val.val = val->val + vec.pt.len; + tmp_val.len = val->len - vec.pt.len; + + writeback_hex_str("", info.one_line_text, &tmp_val); + } else { + if (vec.status == RTE_CRYPTO_OP_STATUS_SUCCESS) { + tmp_val.val = val->val; + tmp_val.len = vec.ct.len; + + writeback_hex_str("", info.one_line_text, &tmp_val); + json_object_set_new(json_info.json_write_case, PT_JSON_STR, + json_string(info.one_line_text)); + } else { + json_object_set_new(json_info.json_write_case, "testPassed", json_false()); + } + } + + return 0; +} + +static int +parse_test_aes_mct_json_writeback(struct fips_val *val) +{ + json_t *tcId, *resArr, *res, *ct, *pt, *key, *iv; + struct fips_val tmp_val; + + tcId = json_object_get(json_info.json_test_case, "tcId"); + if (json_info.json_write_case) { + json_t *wcId; + + wcId = json_object_get(json_info.json_write_case, "tcId"); + if (!json_equal(tcId, wcId)) { + json_info.json_write_case = json_object(); + json_object_set(json_info.json_write_case, "tcId", tcId); + json_object_set(json_info.json_write_case, "resultsArray", json_array()); + } + } else { + json_info.json_write_case = json_object(); + json_object_set(json_info.json_write_case, "tcId", tcId); + json_object_set(json_info.json_write_case, "resultsArray", json_array()); + } + + resArr = json_object_get(json_info.json_write_case, "resultsArray"); + if (!json_is_array(resArr)) + return -EINVAL; + + res = json_object(); + if (info .op == FIPS_TEST_ENC_AUTH_GEN) { + writeback_hex_str("", info.one_line_text, &vec.cipher_auth.key); + key = json_string(info.one_line_text); + json_object_set_new(res, KEY_JSON_STR, key); + + writeback_hex_str("", info.one_line_text, &val[2]); + iv = json_string(info.one_line_text); + json_object_set_new(res, IV_JSON_STR, iv); + + writeback_hex_str("", info.one_line_text, &val[1]); + pt = json_string(info.one_line_text); + json_object_set_new(res, PT_JSON_STR, pt); + + tmp_val.val = val->val; + tmp_val.len = vec.pt.len; + + writeback_hex_str("", info.one_line_text, &tmp_val); + ct = json_string(info.one_line_text); + json_object_set_new(res, CT_JSON_STR, ct); + + tmp_val.val = val->val + vec.pt.len; + tmp_val.len = val->len - vec.pt.len; + + writeback_hex_str("", info.one_line_text, &tmp_val); + } else { + if (vec.status == RTE_CRYPTO_OP_STATUS_SUCCESS) { + writeback_hex_str("", info.one_line_text, &vec.cipher_auth.key); + key = json_string(info.one_line_text); + json_object_set_new(res, KEY_JSON_STR, key); + + writeback_hex_str("", info.one_line_text, &val[2]); + iv = json_string(info.one_line_text); + json_object_set_new(res, IV_JSON_STR, iv); + + tmp_val.val = val->val; + tmp_val.len = vec.ct.len; + + writeback_hex_str("", info.one_line_text, &tmp_val); + pt = json_string(info.one_line_text); + json_object_set_new(res, PT_JSON_STR, pt); + + writeback_hex_str("", info.one_line_text, &val[1]); + ct = json_string(info.one_line_text); + json_object_set_new(res, CT_JSON_STR, ct); + } else { + json_object_set_new(json_info.json_write_case, "testPassed", json_false()); + } + } + + json_array_append(resArr, res); + return 0; +} + +int +parse_test_aes_json_init(void) +{ + json_t *type_obj = json_object_get(json_info.json_test_group, TESTTYPE_JSON_STR); + json_t *algo_obj = json_object_get(json_info.json_vector_set, ALGO_JSON_STR); + const char *type_str = json_string_value(type_obj); + const char *algo_str = json_string_value(algo_obj); + uint32_t i; + + if (json_info.json_test_group) { + json_t *direction_obj; + const char *direction_str; + + direction_obj = json_object_get(json_info.json_test_group, DIR_JSON_STR); + direction_str = json_string_value(direction_obj); + + if (strcmp(direction_str, OP_ENC_JSON_STR) == 0) { + info.op = FIPS_TEST_ENC_AUTH_GEN; + info.callbacks = aes_enc_json_vectors; + + } else if (strcmp(direction_str, OP_DEC_JSON_STR) == 0) { + info.op = FIPS_TEST_DEC_AUTH_VERIF; + info.callbacks = aes_dec_json_vectors; + } else { + return -EINVAL; + } + info.interim_callbacks = aes_interim_json_vectors; + } + + for (i = 0; i < RTE_DIM(aes_test_types); i++) + if (strstr(type_str, aes_test_types[i].desc)) { + info.interim_info.aes_data.test_type = + aes_test_types[i].type; + break; + } + + if (i >= RTE_DIM(aes_test_types)) + return -EINVAL; + + switch (info.interim_info.aes_data.test_type) { + case AESAVS_TYPE_MCT: + info.parse_writeback = parse_test_aes_mct_json_writeback; + break; + case AESAVS_TYPE_AFT: + info.parse_writeback = parse_test_aes_json_writeback; + break; + default: + info.parse_writeback = NULL; + } + + if (!info.parse_writeback) + return -EINVAL; + + for (i = 0; i < RTE_DIM(algo_con); i++) + if (strstr(algo_str, algo_con[i].name)) { + info.interim_info.aes_data.cipher_algo = + (uint32_t)algo_con[i].algo; + break; + } + + if (i >= RTE_DIM(algo_con)) + return -EINVAL; + + return 0; +} +#endif /* RTE_HAS_JANSSON */ + static int parse_test_aes_writeback(struct fips_val *val) { diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c index e703a111da..1ce7e3563f 100644 --- a/examples/fips_validation/main.c +++ b/examples/fips_validation/main.c @@ -1545,7 +1545,7 @@ fips_mct_aes_test(void) #define AES_BLOCK_SIZE 16 #define AES_EXTERN_ITER 100 #define AES_INTERN_ITER 1000 - struct fips_val val = {NULL, 0}, val_key; + struct fips_val val[3] = {{NULL, 0},}, val_key, pt, ct, iv; uint8_t prev_out[AES_BLOCK_SIZE] = {0}; uint8_t prev_in[AES_BLOCK_SIZE] = {0}; uint32_t i, j, k; @@ -1555,10 +1555,12 @@ fips_mct_aes_test(void) return fips_mct_aes_ecb_test(); for (i = 0; i < AES_EXTERN_ITER; i++) { - if (i != 0) - update_info_vec(i); + if (info.file_type != FIPS_TYPE_JSON) { + if (i != 0) + update_info_vec(i); - fips_test_write_one_case(); + fips_test_write_one_case(); + } for (j = 0; j < AES_INTERN_ITER; j++) { ret = fips_run_test(); @@ -1571,7 +1573,7 @@ fips_mct_aes_test(void) return ret; } - ret = get_writeback_data(&val); + ret = get_writeback_data(&val[0]); if (ret < 0) return ret; @@ -1579,24 +1581,39 @@ fips_mct_aes_test(void) memcpy(prev_in, vec.ct.val, AES_BLOCK_SIZE); if (j == 0) { - memcpy(prev_out, val.val, AES_BLOCK_SIZE); + memcpy(prev_out, val[0].val, AES_BLOCK_SIZE); + pt.len = vec.pt.len; + pt.val = calloc(1, pt.len); + memcpy(pt.val, vec.pt.val, pt.len); + + ct.len = vec.ct.len; + ct.val = calloc(1, ct.len); + memcpy(ct.val, vec.ct.val, ct.len); + + iv.len = vec.iv.len; + iv.val = calloc(1, iv.len); + memcpy(iv.val, vec.iv.val, iv.len); if (info.op == FIPS_TEST_ENC_AUTH_GEN) { - memcpy(vec.pt.val, vec.iv.val, - AES_BLOCK_SIZE); - memcpy(vec.iv.val, val.val, - AES_BLOCK_SIZE); + memcpy(vec.pt.val, vec.iv.val, AES_BLOCK_SIZE); + memcpy(vec.iv.val, val[0].val, AES_BLOCK_SIZE); + val[1].val = pt.val; + val[1].len = pt.len; + val[2].val = iv.val; + val[2].len = iv.len; } else { - memcpy(vec.ct.val, vec.iv.val, - AES_BLOCK_SIZE); - memcpy(vec.iv.val, prev_in, - AES_BLOCK_SIZE); + memcpy(vec.ct.val, vec.iv.val, AES_BLOCK_SIZE); + memcpy(vec.iv.val, prev_in, AES_BLOCK_SIZE); + val[1].val = ct.val; + val[1].len = ct.len; + val[2].val = iv.val; + val[2].len = iv.len; } continue; } if (info.op == FIPS_TEST_ENC_AUTH_GEN) { - memcpy(vec.iv.val, val.val, AES_BLOCK_SIZE); + memcpy(vec.iv.val, val[0].val, AES_BLOCK_SIZE); memcpy(vec.pt.val, prev_out, AES_BLOCK_SIZE); } else { memcpy(vec.iv.val, prev_in, AES_BLOCK_SIZE); @@ -1606,33 +1623,38 @@ fips_mct_aes_test(void) if (j == AES_INTERN_ITER - 1) continue; - memcpy(prev_out, val.val, AES_BLOCK_SIZE); + memcpy(prev_out, val[0].val, AES_BLOCK_SIZE); } - info.parse_writeback(&val); - fprintf(info.fp_wr, "\n"); + info.parse_writeback(val); + if (info.file_type != FIPS_TYPE_JSON) + fprintf(info.fp_wr, "\n"); - if (i == AES_EXTERN_ITER - 1) + if (i == AES_EXTERN_ITER - 1) { + free(pt.val); + free(ct.val); + free(iv.val); continue; + } /** update key */ memcpy(&val_key, &vec.cipher_auth.key, sizeof(val_key)); for (k = 0; k < vec.cipher_auth.key.len; k++) { switch (vec.cipher_auth.key.len) { case 16: - val_key.val[k] ^= val.val[k]; + val_key.val[k] ^= val[0].val[k]; break; case 24: if (k < 8) val_key.val[k] ^= prev_out[k + 8]; else - val_key.val[k] ^= val.val[k - 8]; + val_key.val[k] ^= val[0].val[k - 8]; break; case 32: if (k < 16) val_key.val[k] ^= prev_out[k]; else - val_key.val[k] ^= val.val[k - 16]; + val_key.val[k] ^= val[0].val[k - 16]; break; default: return -1; @@ -1640,10 +1662,10 @@ fips_mct_aes_test(void) } if (info.op == FIPS_TEST_DEC_AUTH_VERIF) - memcpy(vec.iv.val, val.val, AES_BLOCK_SIZE); + memcpy(vec.iv.val, val[0].val, AES_BLOCK_SIZE); } - free(val.val); + free(val[0].val); return 1; } @@ -1944,6 +1966,9 @@ fips_test_one_test_group(void) case FIPS_TEST_ALGO_AES_CMAC: ret = parse_test_cmac_json_init(); break; + case FIPS_TEST_ALGO_AES: + ret = parse_test_aes_json_init(); + break; default: return -EINVAL; } -- 2.25.1