* [PATCH v1] examples/fips_validation: add parsing for xts @ 2022-06-28 7:58 Gowrishankar Muthukrishnan 2022-06-28 11:57 ` David Marchand 2022-06-28 13:12 ` [PATCH v2] " Gowrishankar Muthukrishnan 0 siblings, 2 replies; 14+ messages in thread From: Gowrishankar Muthukrishnan @ 2022-06-28 7:58 UTC (permalink / raw) To: dev Cc: Fan Zhang, Brian Dooley, Anoob Joseph, Archana Muniganti, Jerin Jacob, Gowrishankar Muthukrishnan Added function to parse algorithm for AES XTS test. Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com> --- examples/fips_validation/fips_validation.c | 4 +- examples/fips_validation/fips_validation.h | 17 ++- .../fips_validation/fips_validation_xts.c | 126 ++++++++++++++++++ examples/fips_validation/main.c | 5 + 4 files changed, 150 insertions(+), 2 deletions(-) diff --git a/examples/fips_validation/fips_validation.c b/examples/fips_validation/fips_validation.c index 324abccb14..f181363ef7 100644 --- a/examples/fips_validation/fips_validation.c +++ b/examples/fips_validation/fips_validation.c @@ -463,7 +463,9 @@ fips_test_parse_one_json_vector_set(void) else if (strstr(algo_str, "CMAC")) info.algo = FIPS_TEST_ALGO_AES_CMAC; else if (strstr(algo_str, "AES-CBC")) - info.algo = FIPS_TEST_ALGO_AES; + info.algo = FIPS_TEST_ALGO_AES_CBC; + else if (strstr(algo_str, "AES-XTS")) + info.algo = FIPS_TEST_ALGO_AES_XTS; else return -EINVAL; diff --git a/examples/fips_validation/fips_validation.h b/examples/fips_validation/fips_validation.h index 69d738b718..8ae849c46f 100644 --- a/examples/fips_validation/fips_validation.h +++ b/examples/fips_validation/fips_validation.h @@ -34,13 +34,14 @@ enum fips_test_algorithms { FIPS_TEST_ALGO_AES = 0, + FIPS_TEST_ALGO_AES_CBC, FIPS_TEST_ALGO_AES_GCM, FIPS_TEST_ALGO_AES_CMAC, FIPS_TEST_ALGO_AES_CCM, + FIPS_TEST_ALGO_AES_XTS, FIPS_TEST_ALGO_HMAC, FIPS_TEST_ALGO_TDES, FIPS_TEST_ALGO_SHA, - FIPS_TEST_ALGO_AES_XTS, FIPS_TEST_ALGO_MAX }; @@ -170,7 +171,17 @@ struct gcm_interim_data { uint8_t gen_iv; }; + #ifdef USE_JANSSON +enum xts_tweak_modes { + XTS_TWEAK_MODE_HEX = 0, + XTS_TWEAK_MODE_NUMBER +}; + +struct xts_interim_data { + enum xts_tweak_modes tweak_mode; +}; + struct fips_test_json_info { /* Information used for reading from json */ json_t *json_root; @@ -207,6 +218,7 @@ struct fips_test_interim_info { struct ccm_interim_data ccm_data; struct sha_interim_data sha_data; struct gcm_interim_data gcm_data; + struct xts_interim_data xts_data; } interim_info; enum fips_test_op op; @@ -266,6 +278,9 @@ parse_test_cmac_json_init(void); int parse_test_aes_json_init(void); + +int +parse_test_xts_json_init(void); #endif /* USE_JANSSON */ int diff --git a/examples/fips_validation/fips_validation_xts.c b/examples/fips_validation/fips_validation_xts.c index 5bb1966f6c..2de852c1fc 100644 --- a/examples/fips_validation/fips_validation_xts.c +++ b/examples/fips_validation/fips_validation_xts.c @@ -24,6 +24,22 @@ #define OP_ENC_STR "ENCRYPT" #define OP_DEC_STR "DECRYPT" +#define ALGO_JSON_STR "algorithm" +#define TESTTYPE_JSON_STR "testType" +#define DIR_JSON_STR "direction" +#define KEYLEN_JSON_STR "keyLen" +#define TWEAKMODE_JSON_STR "tweakMode" + +#define KEY_JSON_STR "key" +#define DATAUNITLEN_JSON_STR "dataUnitLen" +#define PAYLOADLEN_JSON_STR "payloadLen" +#define TWEAKVALUE_JSON_STR "tweakValue" +#define PT_JSON_STR "pt" +#define CT_JSON_STR "ct" + +#define OP_ENC_JSON_STR "encrypt" +#define OP_DEC_JSON_STR "decrypt" + static int parse_interim_xts_enc_dec(const char *key, __rte_unused char *text, @@ -62,6 +78,116 @@ struct fips_test_callback xts_writeback_callbacks[] = { {NULL, NULL, NULL} /**< end pointer */ }; +#ifdef RTE_HAS_JANSSON +static int +parser_xts_read_keylen(const char *key, char *src, struct fips_val *val) +{ + int ret; + + ret = parser_read_uint32_bit_val(key, src, val); + if (ret < 0) + return ret; + + val->len *= 2; + return 0; +} + +struct fips_test_callback xts_dec_json_vectors[] = { + {KEY_JSON_STR, parse_uint8_known_len_hex_str, &vec.cipher_auth.key}, + {TWEAKVALUE_JSON_STR, parse_uint8_hex_str, &vec.iv}, + {CT_JSON_STR, parse_uint8_hex_str, &vec.ct}, + {NULL, NULL, NULL} /**< end pointer */ +}; + +struct fips_test_callback xts_interim_json_vectors[] = { + {KEYLEN_JSON_STR, parser_xts_read_keylen, &vec.cipher_auth.key}, + {NULL, NULL, NULL} /**< end pointer */ +}; + +struct fips_test_callback xts_enc_json_vectors[] = { + {KEY_JSON_STR, parse_uint8_known_len_hex_str, &vec.cipher_auth.key}, + {TWEAKVALUE_JSON_STR, parse_uint8_hex_str, &vec.iv}, + {PT_JSON_STR, parse_uint8_hex_str, &vec.pt}, + {NULL, NULL, NULL} /**< end pointer */ +}; + +static int +parse_test_xts_json_writeback(struct fips_val *val) +{ + struct fips_val tmp_val; + json_t *tcId; + + tcId = json_object_get(json_info.json_test_case, "tcId"); + + json_info.json_write_case = json_object(); + json_object_set(json_info.json_write_case, "tcId", tcId); + + if (info.op == FIPS_TEST_ENC_AUTH_GEN) { + json_t *ct; + + tmp_val.val = val->val; + tmp_val.len = vec.pt.len; + + writeback_hex_str("", info.one_line_text, &tmp_val); + ct = json_string(info.one_line_text); + json_object_set_new(json_info.json_write_case, CT_JSON_STR, ct); + + tmp_val.val = val->val + vec.pt.len; + tmp_val.len = val->len - vec.pt.len; + + writeback_hex_str("", info.one_line_text, &tmp_val); + } else { + if (vec.status == RTE_CRYPTO_OP_STATUS_SUCCESS) { + tmp_val.val = val->val; + tmp_val.len = vec.ct.len; + + writeback_hex_str("", info.one_line_text, &tmp_val); + json_object_set_new(json_info.json_write_case, PT_JSON_STR, + json_string(info.one_line_text)); + } else { + json_object_set_new(json_info.json_write_case, "testPassed", json_false()); + } + } + + return 0; +} + +int +parse_test_xts_json_init(void) +{ + if (json_info.json_test_group) { + json_t *direction_obj, *tweakmode_obj; + const char *direction_str, *tweakmode_str; + + direction_obj = json_object_get(json_info.json_test_group, DIR_JSON_STR); + direction_str = json_string_value(direction_obj); + + if (strcmp(direction_str, OP_ENC_JSON_STR) == 0) { + info.op = FIPS_TEST_ENC_AUTH_GEN; + info.callbacks = xts_enc_json_vectors; + + } else if (strcmp(direction_str, OP_DEC_JSON_STR) == 0) { + info.op = FIPS_TEST_DEC_AUTH_VERIF; + info.callbacks = xts_dec_json_vectors; + } else { + return -EINVAL; + } + + tweakmode_obj = json_object_get(json_info.json_test_group, TWEAKMODE_JSON_STR); + tweakmode_str = json_string_value(tweakmode_obj); + if (strcmp(tweakmode_str, "hex") == 0) + info.interim_info.xts_data.tweak_mode = XTS_TWEAK_MODE_HEX; + else + info.interim_info.xts_data.tweak_mode = XTS_TWEAK_MODE_NUMBER; + + info.interim_callbacks = xts_interim_json_vectors; + } + + info.parse_writeback = parse_test_xts_json_writeback; + return 0; +} +#endif /* RTE_HAS_JANSSON */ + static int parse_test_xts_writeback(struct fips_val *val) { diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c index ceabea788e..7ccb5f52f4 100644 --- a/examples/fips_validation/main.c +++ b/examples/fips_validation/main.c @@ -1781,6 +1781,7 @@ static int init_test_ops(void) { switch (info.algo) { + case FIPS_TEST_ALGO_AES_CBC: case FIPS_TEST_ALGO_AES: test_ops.prepare_op = prepare_cipher_op; test_ops.prepare_xform = prepare_aes_xform; @@ -1988,6 +1989,10 @@ fips_test_one_test_group(void) case FIPS_TEST_ALGO_AES_CMAC: ret = parse_test_cmac_json_init(); break; + case FIPS_TEST_ALGO_AES_XTS: + ret = parse_test_xts_json_init(); + break; + case FIPS_TEST_ALGO_AES_CBC: case FIPS_TEST_ALGO_AES: ret = parse_test_aes_json_init(); break; -- 2.25.1 ^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: [PATCH v1] examples/fips_validation: add parsing for xts 2022-06-28 7:58 [PATCH v1] examples/fips_validation: add parsing for xts Gowrishankar Muthukrishnan @ 2022-06-28 11:57 ` David Marchand 2022-06-29 9:14 ` [EXT] " Gowrishankar Muthukrishnan 2022-06-28 13:12 ` [PATCH v2] " Gowrishankar Muthukrishnan 1 sibling, 1 reply; 14+ messages in thread From: David Marchand @ 2022-06-28 11:57 UTC (permalink / raw) To: Gowrishankar Muthukrishnan Cc: dev, Fan Zhang, Brian Dooley, Anoob Joseph, Archana Muniganti, Jerin Jacob On Tue, Jun 28, 2022 at 9:59 AM Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com> wrote: > > Added function to parse algorithm for AES XTS test. > > Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com> > --- > examples/fips_validation/fips_validation.c | 4 +- > examples/fips_validation/fips_validation.h | 17 ++- > .../fips_validation/fips_validation_xts.c | 126 ++++++++++++++++++ > examples/fips_validation/main.c | 5 + > 4 files changed, 150 insertions(+), 2 deletions(-) > > diff --git a/examples/fips_validation/fips_validation.c b/examples/fips_validation/fips_validation.c > index 324abccb14..f181363ef7 100644 > --- a/examples/fips_validation/fips_validation.c > +++ b/examples/fips_validation/fips_validation.c > @@ -463,7 +463,9 @@ fips_test_parse_one_json_vector_set(void) > else if (strstr(algo_str, "CMAC")) > info.algo = FIPS_TEST_ALGO_AES_CMAC; > else if (strstr(algo_str, "AES-CBC")) > - info.algo = FIPS_TEST_ALGO_AES; > + info.algo = FIPS_TEST_ALGO_AES_CBC; Is this part related to adding xts support? It looks more like a fix. > + else if (strstr(algo_str, "AES-XTS")) > + info.algo = FIPS_TEST_ALGO_AES_XTS; > else > return -EINVAL; > > diff --git a/examples/fips_validation/fips_validation.h b/examples/fips_validation/fips_validation.h > index 69d738b718..8ae849c46f 100644 > --- a/examples/fips_validation/fips_validation.h > +++ b/examples/fips_validation/fips_validation.h > @@ -34,13 +34,14 @@ > > enum fips_test_algorithms { > FIPS_TEST_ALGO_AES = 0, > + FIPS_TEST_ALGO_AES_CBC, > FIPS_TEST_ALGO_AES_GCM, > FIPS_TEST_ALGO_AES_CMAC, > FIPS_TEST_ALGO_AES_CCM, > + FIPS_TEST_ALGO_AES_XTS, > FIPS_TEST_ALGO_HMAC, > FIPS_TEST_ALGO_TDES, > FIPS_TEST_ALGO_SHA, > - FIPS_TEST_ALGO_AES_XTS, > FIPS_TEST_ALGO_MAX > }; > > @@ -170,7 +171,17 @@ struct gcm_interim_data { > uint8_t gen_iv; > }; > > + No need for another blank line. > #ifdef USE_JANSSON > +enum xts_tweak_modes { > + XTS_TWEAK_MODE_HEX = 0, > + XTS_TWEAK_MODE_NUMBER > +}; > + > +struct xts_interim_data { > + enum xts_tweak_modes tweak_mode; > +}; > + > struct fips_test_json_info { > /* Information used for reading from json */ > json_t *json_root; > @@ -207,6 +218,7 @@ struct fips_test_interim_info { > struct ccm_interim_data ccm_data; > struct sha_interim_data sha_data; > struct gcm_interim_data gcm_data; > + struct xts_interim_data xts_data; > } interim_info; > > enum fips_test_op op; > @@ -266,6 +278,9 @@ parse_test_cmac_json_init(void); > > int > parse_test_aes_json_init(void); > + > +int > +parse_test_xts_json_init(void); > #endif /* USE_JANSSON */ > > int > diff --git a/examples/fips_validation/fips_validation_xts.c b/examples/fips_validation/fips_validation_xts.c > index 5bb1966f6c..2de852c1fc 100644 > --- a/examples/fips_validation/fips_validation_xts.c > +++ b/examples/fips_validation/fips_validation_xts.c > @@ -24,6 +24,22 @@ > #define OP_ENC_STR "ENCRYPT" > #define OP_DEC_STR "DECRYPT" > > +#define ALGO_JSON_STR "algorithm" > +#define TESTTYPE_JSON_STR "testType" > +#define DIR_JSON_STR "direction" > +#define KEYLEN_JSON_STR "keyLen" > +#define TWEAKMODE_JSON_STR "tweakMode" > + > +#define KEY_JSON_STR "key" > +#define DATAUNITLEN_JSON_STR "dataUnitLen" > +#define PAYLOADLEN_JSON_STR "payloadLen" > +#define TWEAKVALUE_JSON_STR "tweakValue" > +#define PT_JSON_STR "pt" > +#define CT_JSON_STR "ct" > + > +#define OP_ENC_JSON_STR "encrypt" > +#define OP_DEC_JSON_STR "decrypt" > + > static int > parse_interim_xts_enc_dec(const char *key, > __rte_unused char *text, > @@ -62,6 +78,116 @@ struct fips_test_callback xts_writeback_callbacks[] = { > {NULL, NULL, NULL} /**< end pointer */ > }; > > +#ifdef RTE_HAS_JANSSON Code in examples can't rely on internal RTE_HAS_JANSSON. -- David Marchand ^ permalink raw reply [flat|nested] 14+ messages in thread
* RE: [EXT] Re: [PATCH v1] examples/fips_validation: add parsing for xts 2022-06-28 11:57 ` David Marchand @ 2022-06-29 9:14 ` Gowrishankar Muthukrishnan 0 siblings, 0 replies; 14+ messages in thread From: Gowrishankar Muthukrishnan @ 2022-06-29 9:14 UTC (permalink / raw) To: David Marchand Cc: dev, Fan Zhang, Brian Dooley, Anoob Joseph, Archana Muniganti, Jerin Jacob Kollanukkaran Thanks David, I ack and have added your suggestions in V3. Regards, Gowrishankar ^ permalink raw reply [flat|nested] 14+ messages in thread
* [PATCH v2] examples/fips_validation: add parsing for xts 2022-06-28 7:58 [PATCH v1] examples/fips_validation: add parsing for xts Gowrishankar Muthukrishnan 2022-06-28 11:57 ` David Marchand @ 2022-06-28 13:12 ` Gowrishankar Muthukrishnan 2022-06-29 8:07 ` Zhang, Roy Fan 2022-06-29 9:52 ` [PATCH v3 0/3] example/fips_validation: add xts and sha json parsing Gowrishankar Muthukrishnan 1 sibling, 2 replies; 14+ messages in thread From: Gowrishankar Muthukrishnan @ 2022-06-28 13:12 UTC (permalink / raw) To: dev Cc: Fan Zhang, Brian Dooley, Anoob Joseph, Archana Muniganti, Jerin Jacob, Gowrishankar Muthukrishnan Added function to parse algorithm for AES XTS test. Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com> --- v2: - build failure fixed if no jansson lib available. --- examples/fips_validation/fips_validation.c | 4 +- examples/fips_validation/fips_validation.h | 16 +- .../fips_validation/fips_validation_xts.c | 141 ++++++++++++++++++ examples/fips_validation/main.c | 5 + 4 files changed, 164 insertions(+), 2 deletions(-) diff --git a/examples/fips_validation/fips_validation.c b/examples/fips_validation/fips_validation.c index 324abccb14..f181363ef7 100644 --- a/examples/fips_validation/fips_validation.c +++ b/examples/fips_validation/fips_validation.c @@ -463,7 +463,9 @@ fips_test_parse_one_json_vector_set(void) else if (strstr(algo_str, "CMAC")) info.algo = FIPS_TEST_ALGO_AES_CMAC; else if (strstr(algo_str, "AES-CBC")) - info.algo = FIPS_TEST_ALGO_AES; + info.algo = FIPS_TEST_ALGO_AES_CBC; + else if (strstr(algo_str, "AES-XTS")) + info.algo = FIPS_TEST_ALGO_AES_XTS; else return -EINVAL; diff --git a/examples/fips_validation/fips_validation.h b/examples/fips_validation/fips_validation.h index 69d738b718..d716b198c6 100644 --- a/examples/fips_validation/fips_validation.h +++ b/examples/fips_validation/fips_validation.h @@ -34,13 +34,14 @@ enum fips_test_algorithms { FIPS_TEST_ALGO_AES = 0, + FIPS_TEST_ALGO_AES_CBC, FIPS_TEST_ALGO_AES_GCM, FIPS_TEST_ALGO_AES_CMAC, FIPS_TEST_ALGO_AES_CCM, + FIPS_TEST_ALGO_AES_XTS, FIPS_TEST_ALGO_HMAC, FIPS_TEST_ALGO_TDES, FIPS_TEST_ALGO_SHA, - FIPS_TEST_ALGO_AES_XTS, FIPS_TEST_ALGO_MAX }; @@ -170,6 +171,15 @@ struct gcm_interim_data { uint8_t gen_iv; }; +enum xts_tweak_modes { + XTS_TWEAK_MODE_HEX = 0, + XTS_TWEAK_MODE_NUMBER +}; + +struct xts_interim_data { + enum xts_tweak_modes tweak_mode; +}; + #ifdef USE_JANSSON struct fips_test_json_info { /* Information used for reading from json */ @@ -207,6 +217,7 @@ struct fips_test_interim_info { struct ccm_interim_data ccm_data; struct sha_interim_data sha_data; struct gcm_interim_data gcm_data; + struct xts_interim_data xts_data; } interim_info; enum fips_test_op op; @@ -266,6 +277,9 @@ parse_test_cmac_json_init(void); int parse_test_aes_json_init(void); + +int +parse_test_xts_json_init(void); #endif /* USE_JANSSON */ int diff --git a/examples/fips_validation/fips_validation_xts.c b/examples/fips_validation/fips_validation_xts.c index 5bb1966f6c..531e3c688e 100644 --- a/examples/fips_validation/fips_validation_xts.c +++ b/examples/fips_validation/fips_validation_xts.c @@ -24,6 +24,22 @@ #define OP_ENC_STR "ENCRYPT" #define OP_DEC_STR "DECRYPT" +#define ALGO_JSON_STR "algorithm" +#define TESTTYPE_JSON_STR "testType" +#define DIR_JSON_STR "direction" +#define KEYLEN_JSON_STR "keyLen" +#define TWEAKMODE_JSON_STR "tweakMode" + +#define KEY_JSON_STR "key" +#define DATAUNITLEN_JSON_STR "dataUnitLen" +#define PAYLOADLEN_JSON_STR "payloadLen" +#define TWEAKVALUE_JSON_STR "tweakValue" +#define PT_JSON_STR "pt" +#define CT_JSON_STR "ct" + +#define OP_ENC_JSON_STR "encrypt" +#define OP_DEC_JSON_STR "decrypt" + static int parse_interim_xts_enc_dec(const char *key, __rte_unused char *text, @@ -62,6 +78,131 @@ struct fips_test_callback xts_writeback_callbacks[] = { {NULL, NULL, NULL} /**< end pointer */ }; +#ifdef USE_JANSSON +static int +parser_xts_read_keylen(const char *key, char *src, struct fips_val *val) +{ + int ret; + + ret = parser_read_uint32_bit_val(key, src, val); + if (ret < 0) + return ret; + + val->len *= 2; + return 0; +} + +static int +parser_xts_read_tweakval(const char *key, char *src, struct fips_val *val) +{ + int ret; + + if (info.interim_info.xts_data.tweak_mode == XTS_TWEAK_MODE_HEX) + ret = parse_uint8_hex_str(key, src, val); + else if (info.interim_info.xts_data.tweak_mode == XTS_TWEAK_MODE_NUMBER) + ret = parser_read_uint32_bit_val(key, src, val); + else + ret = -1; + + return ret; +} + +struct fips_test_callback xts_dec_json_vectors[] = { + {KEY_JSON_STR, parse_uint8_known_len_hex_str, &vec.cipher_auth.key}, + {TWEAKVALUE_JSON_STR, parser_xts_read_tweakval, &vec.iv}, + {CT_JSON_STR, parse_uint8_hex_str, &vec.ct}, + {NULL, NULL, NULL} /**< end pointer */ +}; + +struct fips_test_callback xts_interim_json_vectors[] = { + {KEYLEN_JSON_STR, parser_xts_read_keylen, &vec.cipher_auth.key}, + {NULL, NULL, NULL} /**< end pointer */ +}; + +struct fips_test_callback xts_enc_json_vectors[] = { + {KEY_JSON_STR, parse_uint8_known_len_hex_str, &vec.cipher_auth.key}, + {TWEAKVALUE_JSON_STR, parser_xts_read_tweakval, &vec.iv}, + {PT_JSON_STR, parse_uint8_hex_str, &vec.pt}, + {NULL, NULL, NULL} /**< end pointer */ +}; + +static int +parse_test_xts_json_writeback(struct fips_val *val) +{ + struct fips_val tmp_val; + json_t *tcId; + + tcId = json_object_get(json_info.json_test_case, "tcId"); + + json_info.json_write_case = json_object(); + json_object_set(json_info.json_write_case, "tcId", tcId); + + if (info.op == FIPS_TEST_ENC_AUTH_GEN) { + json_t *ct; + + tmp_val.val = val->val; + tmp_val.len = vec.pt.len; + + writeback_hex_str("", info.one_line_text, &tmp_val); + ct = json_string(info.one_line_text); + json_object_set_new(json_info.json_write_case, CT_JSON_STR, ct); + + tmp_val.val = val->val + vec.pt.len; + tmp_val.len = val->len - vec.pt.len; + + writeback_hex_str("", info.one_line_text, &tmp_val); + } else { + if (vec.status == RTE_CRYPTO_OP_STATUS_SUCCESS) { + tmp_val.val = val->val; + tmp_val.len = vec.ct.len; + + writeback_hex_str("", info.one_line_text, &tmp_val); + json_object_set_new(json_info.json_write_case, PT_JSON_STR, + json_string(info.one_line_text)); + } else { + json_object_set_new(json_info.json_write_case, "testPassed", json_false()); + } + } + + return 0; +} + +int +parse_test_xts_json_init(void) +{ + if (json_info.json_test_group) { + json_t *direction_obj, *tweakmode_obj; + const char *direction_str, *tweakmode_str; + + direction_obj = json_object_get(json_info.json_test_group, DIR_JSON_STR); + direction_str = json_string_value(direction_obj); + + if (strcmp(direction_str, OP_ENC_JSON_STR) == 0) { + info.op = FIPS_TEST_ENC_AUTH_GEN; + info.callbacks = xts_enc_json_vectors; + + } else if (strcmp(direction_str, OP_DEC_JSON_STR) == 0) { + info.op = FIPS_TEST_DEC_AUTH_VERIF; + info.callbacks = xts_dec_json_vectors; + } else { + return -EINVAL; + } + + tweakmode_obj = json_object_get(json_info.json_test_group, TWEAKMODE_JSON_STR); + tweakmode_str = json_string_value(tweakmode_obj); + if (strcmp(tweakmode_str, "hex") == 0) + info.interim_info.xts_data.tweak_mode = XTS_TWEAK_MODE_HEX; + else + info.interim_info.xts_data.tweak_mode = XTS_TWEAK_MODE_NUMBER; + + info.interim_callbacks = xts_interim_json_vectors; + } + + info.parse_writeback = parse_test_xts_json_writeback; + return 0; +} +#endif /* USE_JANSSON */ + static int parse_test_xts_writeback(struct fips_val *val) { diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c index ceabea788e..7ccb5f52f4 100644 --- a/examples/fips_validation/main.c +++ b/examples/fips_validation/main.c @@ -1781,6 +1781,7 @@ static int init_test_ops(void) { switch (info.algo) { + case FIPS_TEST_ALGO_AES_CBC: case FIPS_TEST_ALGO_AES: test_ops.prepare_op = prepare_cipher_op; test_ops.prepare_xform = prepare_aes_xform; @@ -1988,6 +1989,10 @@ fips_test_one_test_group(void) case FIPS_TEST_ALGO_AES_CMAC: ret = parse_test_cmac_json_init(); break; + case FIPS_TEST_ALGO_AES_XTS: + ret = parse_test_xts_json_init(); + break; + case FIPS_TEST_ALGO_AES_CBC: case FIPS_TEST_ALGO_AES: ret = parse_test_aes_json_init(); break; -- 2.25.1 ^ permalink raw reply [flat|nested] 14+ messages in thread
* RE: [PATCH v2] examples/fips_validation: add parsing for xts 2022-06-28 13:12 ` [PATCH v2] " Gowrishankar Muthukrishnan @ 2022-06-29 8:07 ` Zhang, Roy Fan 2022-06-29 9:52 ` [PATCH v3 0/3] example/fips_validation: add xts and sha json parsing Gowrishankar Muthukrishnan 1 sibling, 0 replies; 14+ messages in thread From: Zhang, Roy Fan @ 2022-06-29 8:07 UTC (permalink / raw) To: Gowrishankar Muthukrishnan, dev Cc: Dooley, Brian, Anoob Joseph, Archana Muniganti, Jerin Jacob, david.marchand Hi, > -----Original Message----- > From: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com> > Sent: Tuesday, June 28, 2022 2:12 PM > To: dev@dpdk.org > Cc: Zhang, Roy Fan <roy.fan.zhang@intel.com>; Dooley, Brian > <brian.dooley@intel.com>; Anoob Joseph <anoobj@marvell.com>; Archana > Muniganti <marchana@marvell.com>; Jerin Jacob <jerinj@marvell.com>; > Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com> > Subject: [PATCH v2] examples/fips_validation: add parsing for xts > > Added function to parse algorithm for AES XTS test. > > Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com> > --- > v2: > - build failure fixed if no jansson lib available. > --- > examples/fips_validation/fips_validation.c | 4 +- > examples/fips_validation/fips_validation.h | 16 +- > .../fips_validation/fips_validation_xts.c | 141 ++++++++++++++++++ > examples/fips_validation/main.c | 5 + > 4 files changed, 164 insertions(+), 2 deletions(-) > > diff --git a/examples/fips_validation/fips_validation.c > b/examples/fips_validation/fips_validation.c > index 324abccb14..f181363ef7 100644 > --- a/examples/fips_validation/fips_validation.c > +++ b/examples/fips_validation/fips_validation.c > @@ -463,7 +463,9 @@ fips_test_parse_one_json_vector_set(void) > else if (strstr(algo_str, "CMAC")) > info.algo = FIPS_TEST_ALGO_AES_CMAC; > else if (strstr(algo_str, "AES-CBC")) As David suggested - this looks to be a fix - I believe he is right. I will let Akhil to decide. > - info.algo = FIPS_TEST_ALGO_AES; > + info.algo = FIPS_TEST_ALGO_AES_CBC; > + else if (strstr(algo_str, "AES-XTS")) > + info.algo = FIPS_TEST_ALGO_AES_XTS; > else > return -EINVAL; > <snip> Other than that, Acked-by: Fan Zhang <roy.fan.zhang@intel.com> ^ permalink raw reply [flat|nested] 14+ messages in thread
* [PATCH v3 0/3] example/fips_validation: add xts and sha json parsing 2022-06-28 13:12 ` [PATCH v2] " Gowrishankar Muthukrishnan 2022-06-29 8:07 ` Zhang, Roy Fan @ 2022-06-29 9:52 ` Gowrishankar Muthukrishnan 2022-06-29 9:52 ` [PATCH v3 1/3] examples/fips_validation: add aes_cbc specific enum Gowrishankar Muthukrishnan ` (3 more replies) 1 sibling, 4 replies; 14+ messages in thread From: Gowrishankar Muthukrishnan @ 2022-06-29 9:52 UTC (permalink / raw) To: dev Cc: Fan Zhang, Brian Dooley, Anoob Joseph, Archana Muniganti, Jerin Jacob, Gowrishankar Muthukrishnan Add support in fips_validation to parse AES_XTS and SHA json vectors. v3: - individual patches for xts and sha are clubbed in this new series. Gowrishankar Muthukrishnan (3): examples/fips_validation: add aes_cbc specific enum examples/fips_validation: add parsing for xts examples/fips_validation: add parsing for sha examples/fips_validation/fips_validation.c | 6 +- examples/fips_validation/fips_validation.h | 26 ++- .../fips_validation/fips_validation_sha.c | 188 ++++++++++++++++++ .../fips_validation/fips_validation_xts.c | 141 +++++++++++++ examples/fips_validation/main.c | 44 +++- 5 files changed, 392 insertions(+), 13 deletions(-) -- 2.25.1 ^ permalink raw reply [flat|nested] 14+ messages in thread
* [PATCH v3 1/3] examples/fips_validation: add aes_cbc specific enum 2022-06-29 9:52 ` [PATCH v3 0/3] example/fips_validation: add xts and sha json parsing Gowrishankar Muthukrishnan @ 2022-06-29 9:52 ` Gowrishankar Muthukrishnan 2022-06-29 9:52 ` [PATCH v3 2/3] examples/fips_validation: add parsing for xts Gowrishankar Muthukrishnan ` (2 subsequent siblings) 3 siblings, 0 replies; 14+ messages in thread From: Gowrishankar Muthukrishnan @ 2022-06-29 9:52 UTC (permalink / raw) To: dev Cc: Fan Zhang, Brian Dooley, Anoob Joseph, Archana Muniganti, Jerin Jacob, Gowrishankar Muthukrishnan Add algorithm enum specifically for AES_CBC instead of relying on AES as such. Fixes: 8b8546aaedf ("examples/fips_validation: add parsing for AES-CBC") Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com> Acked-by: Fan Zhang <roy.fan.zhang@intel.com> --- examples/fips_validation/fips_validation.c | 2 +- examples/fips_validation/fips_validation.h | 1 + examples/fips_validation/main.c | 1 + 3 files changed, 3 insertions(+), 1 deletion(-) diff --git a/examples/fips_validation/fips_validation.c b/examples/fips_validation/fips_validation.c index 324abccb14..68b5572db2 100644 --- a/examples/fips_validation/fips_validation.c +++ b/examples/fips_validation/fips_validation.c @@ -463,7 +463,7 @@ fips_test_parse_one_json_vector_set(void) else if (strstr(algo_str, "CMAC")) info.algo = FIPS_TEST_ALGO_AES_CMAC; else if (strstr(algo_str, "AES-CBC")) - info.algo = FIPS_TEST_ALGO_AES; + info.algo = FIPS_TEST_ALGO_AES_CBC; else return -EINVAL; diff --git a/examples/fips_validation/fips_validation.h b/examples/fips_validation/fips_validation.h index 69d738b718..819236983d 100644 --- a/examples/fips_validation/fips_validation.h +++ b/examples/fips_validation/fips_validation.h @@ -34,6 +34,7 @@ enum fips_test_algorithms { FIPS_TEST_ALGO_AES = 0, + FIPS_TEST_ALGO_AES_CBC, FIPS_TEST_ALGO_AES_GCM, FIPS_TEST_ALGO_AES_CMAC, FIPS_TEST_ALGO_AES_CCM, diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c index ceabea788e..9c4951595d 100644 --- a/examples/fips_validation/main.c +++ b/examples/fips_validation/main.c @@ -1781,6 +1781,7 @@ static int init_test_ops(void) { switch (info.algo) { + case FIPS_TEST_ALGO_AES_CBC: case FIPS_TEST_ALGO_AES: test_ops.prepare_op = prepare_cipher_op; test_ops.prepare_xform = prepare_aes_xform; -- 2.25.1 ^ permalink raw reply [flat|nested] 14+ messages in thread
* [PATCH v3 2/3] examples/fips_validation: add parsing for xts 2022-06-29 9:52 ` [PATCH v3 0/3] example/fips_validation: add xts and sha json parsing Gowrishankar Muthukrishnan 2022-06-29 9:52 ` [PATCH v3 1/3] examples/fips_validation: add aes_cbc specific enum Gowrishankar Muthukrishnan @ 2022-06-29 9:52 ` Gowrishankar Muthukrishnan 2022-06-29 9:52 ` [PATCH v3 3/3] examples/fips_validation: add parsing for sha Gowrishankar Muthukrishnan 2022-06-29 12:35 ` [PATCH v4 0/3] example/fips_validation: add xts and sha json parsing Gowrishankar Muthukrishnan 3 siblings, 0 replies; 14+ messages in thread From: Gowrishankar Muthukrishnan @ 2022-06-29 9:52 UTC (permalink / raw) To: dev Cc: Fan Zhang, Brian Dooley, Anoob Joseph, Archana Muniganti, Jerin Jacob, Gowrishankar Muthukrishnan Added function to parse algorithm for AES XTS test. Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com> Acked-by: Fan Zhang <roy.fan.zhang@intel.com> --- v3: - CBC related changes moved to 1/3 patch. --- examples/fips_validation/fips_validation.c | 2 + examples/fips_validation/fips_validation.h | 15 +- .../fips_validation/fips_validation_xts.c | 141 ++++++++++++++++++ examples/fips_validation/main.c | 4 + 4 files changed, 161 insertions(+), 1 deletion(-) diff --git a/examples/fips_validation/fips_validation.c b/examples/fips_validation/fips_validation.c index 68b5572db2..f181363ef7 100644 --- a/examples/fips_validation/fips_validation.c +++ b/examples/fips_validation/fips_validation.c @@ -464,6 +464,8 @@ fips_test_parse_one_json_vector_set(void) info.algo = FIPS_TEST_ALGO_AES_CMAC; else if (strstr(algo_str, "AES-CBC")) info.algo = FIPS_TEST_ALGO_AES_CBC; + else if (strstr(algo_str, "AES-XTS")) + info.algo = FIPS_TEST_ALGO_AES_XTS; else return -EINVAL; diff --git a/examples/fips_validation/fips_validation.h b/examples/fips_validation/fips_validation.h index 819236983d..d716b198c6 100644 --- a/examples/fips_validation/fips_validation.h +++ b/examples/fips_validation/fips_validation.h @@ -38,10 +38,10 @@ enum fips_test_algorithms { FIPS_TEST_ALGO_AES_GCM, FIPS_TEST_ALGO_AES_CMAC, FIPS_TEST_ALGO_AES_CCM, + FIPS_TEST_ALGO_AES_XTS, FIPS_TEST_ALGO_HMAC, FIPS_TEST_ALGO_TDES, FIPS_TEST_ALGO_SHA, - FIPS_TEST_ALGO_AES_XTS, FIPS_TEST_ALGO_MAX }; @@ -171,6 +171,15 @@ struct gcm_interim_data { uint8_t gen_iv; }; +enum xts_tweak_modes { + XTS_TWEAK_MODE_HEX = 0, + XTS_TWEAK_MODE_NUMBER +}; + +struct xts_interim_data { + enum xts_tweak_modes tweak_mode; +}; + #ifdef USE_JANSSON struct fips_test_json_info { /* Information used for reading from json */ @@ -208,6 +217,7 @@ struct fips_test_interim_info { struct ccm_interim_data ccm_data; struct sha_interim_data sha_data; struct gcm_interim_data gcm_data; + struct xts_interim_data xts_data; } interim_info; enum fips_test_op op; @@ -267,6 +277,9 @@ parse_test_cmac_json_init(void); int parse_test_aes_json_init(void); + +int +parse_test_xts_json_init(void); #endif /* USE_JANSSON */ int diff --git a/examples/fips_validation/fips_validation_xts.c b/examples/fips_validation/fips_validation_xts.c index 5bb1966f6c..531e3c688e 100644 --- a/examples/fips_validation/fips_validation_xts.c +++ b/examples/fips_validation/fips_validation_xts.c @@ -24,6 +24,22 @@ #define OP_ENC_STR "ENCRYPT" #define OP_DEC_STR "DECRYPT" +#define ALGO_JSON_STR "algorithm" +#define TESTTYPE_JSON_STR "testType" +#define DIR_JSON_STR "direction" +#define KEYLEN_JSON_STR "keyLen" +#define TWEAKMODE_JSON_STR "tweakMode" + +#define KEY_JSON_STR "key" +#define DATAUNITLEN_JSON_STR "dataUnitLen" +#define PAYLOADLEN_JSON_STR "payloadLen" +#define TWEAKVALUE_JSON_STR "tweakValue" +#define PT_JSON_STR "pt" +#define CT_JSON_STR "ct" + +#define OP_ENC_JSON_STR "encrypt" +#define OP_DEC_JSON_STR "decrypt" + static int parse_interim_xts_enc_dec(const char *key, __rte_unused char *text, @@ -62,6 +78,131 @@ struct fips_test_callback xts_writeback_callbacks[] = { {NULL, NULL, NULL} /**< end pointer */ }; +#ifdef USE_JANSSON +static int +parser_xts_read_keylen(const char *key, char *src, struct fips_val *val) +{ + int ret; + + ret = parser_read_uint32_bit_val(key, src, val); + if (ret < 0) + return ret; + + val->len *= 2; + return 0; +} + +static int +parser_xts_read_tweakval(const char *key, char *src, struct fips_val *val) +{ + int ret; + + if (info.interim_info.xts_data.tweak_mode == XTS_TWEAK_MODE_HEX) + ret = parse_uint8_hex_str(key, src, val); + else if (info.interim_info.xts_data.tweak_mode == XTS_TWEAK_MODE_NUMBER) + ret = parser_read_uint32_bit_val(key, src, val); + else + ret = -1; + + return ret; +} + +struct fips_test_callback xts_dec_json_vectors[] = { + {KEY_JSON_STR, parse_uint8_known_len_hex_str, &vec.cipher_auth.key}, + {TWEAKVALUE_JSON_STR, parser_xts_read_tweakval, &vec.iv}, + {CT_JSON_STR, parse_uint8_hex_str, &vec.ct}, + {NULL, NULL, NULL} /**< end pointer */ +}; + +struct fips_test_callback xts_interim_json_vectors[] = { + {KEYLEN_JSON_STR, parser_xts_read_keylen, &vec.cipher_auth.key}, + {NULL, NULL, NULL} /**< end pointer */ +}; + +struct fips_test_callback xts_enc_json_vectors[] = { + {KEY_JSON_STR, parse_uint8_known_len_hex_str, &vec.cipher_auth.key}, + {TWEAKVALUE_JSON_STR, parser_xts_read_tweakval, &vec.iv}, + {PT_JSON_STR, parse_uint8_hex_str, &vec.pt}, + {NULL, NULL, NULL} /**< end pointer */ +}; + +static int +parse_test_xts_json_writeback(struct fips_val *val) +{ + struct fips_val tmp_val; + json_t *tcId; + + tcId = json_object_get(json_info.json_test_case, "tcId"); + + json_info.json_write_case = json_object(); + json_object_set(json_info.json_write_case, "tcId", tcId); + + if (info.op == FIPS_TEST_ENC_AUTH_GEN) { + json_t *ct; + + tmp_val.val = val->val; + tmp_val.len = vec.pt.len; + + writeback_hex_str("", info.one_line_text, &tmp_val); + ct = json_string(info.one_line_text); + json_object_set_new(json_info.json_write_case, CT_JSON_STR, ct); + + tmp_val.val = val->val + vec.pt.len; + tmp_val.len = val->len - vec.pt.len; + + writeback_hex_str("", info.one_line_text, &tmp_val); + } else { + if (vec.status == RTE_CRYPTO_OP_STATUS_SUCCESS) { + tmp_val.val = val->val; + tmp_val.len = vec.ct.len; + + writeback_hex_str("", info.one_line_text, &tmp_val); + json_object_set_new(json_info.json_write_case, PT_JSON_STR, + json_string(info.one_line_text)); + } else { + json_object_set_new(json_info.json_write_case, "testPassed", json_false()); + } + } + + return 0; +} + +int +parse_test_xts_json_init(void) +{ + if (json_info.json_test_group) { + json_t *direction_obj, *tweakmode_obj; + const char *direction_str, *tweakmode_str; + + direction_obj = json_object_get(json_info.json_test_group, DIR_JSON_STR); + direction_str = json_string_value(direction_obj); + + if (strcmp(direction_str, OP_ENC_JSON_STR) == 0) { + info.op = FIPS_TEST_ENC_AUTH_GEN; + info.callbacks = xts_enc_json_vectors; + + } else if (strcmp(direction_str, OP_DEC_JSON_STR) == 0) { + info.op = FIPS_TEST_DEC_AUTH_VERIF; + info.callbacks = xts_dec_json_vectors; + } else { + return -EINVAL; + } + + tweakmode_obj = json_object_get(json_info.json_test_group, TWEAKMODE_JSON_STR); + tweakmode_str = json_string_value(tweakmode_obj); + if (strcmp(tweakmode_str, "hex") == 0) + info.interim_info.xts_data.tweak_mode = XTS_TWEAK_MODE_HEX; + else + info.interim_info.xts_data.tweak_mode = XTS_TWEAK_MODE_NUMBER; + + info.interim_callbacks = xts_interim_json_vectors; + } + + info.parse_writeback = parse_test_xts_json_writeback; + return 0; +} +#endif /* USE_JANSSON */ + static int parse_test_xts_writeback(struct fips_val *val) { diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c index 9c4951595d..7ccb5f52f4 100644 --- a/examples/fips_validation/main.c +++ b/examples/fips_validation/main.c @@ -1989,6 +1989,10 @@ fips_test_one_test_group(void) case FIPS_TEST_ALGO_AES_CMAC: ret = parse_test_cmac_json_init(); break; + case FIPS_TEST_ALGO_AES_XTS: + ret = parse_test_xts_json_init(); + break; + case FIPS_TEST_ALGO_AES_CBC: case FIPS_TEST_ALGO_AES: ret = parse_test_aes_json_init(); break; -- 2.25.1 ^ permalink raw reply [flat|nested] 14+ messages in thread
* [PATCH v3 3/3] examples/fips_validation: add parsing for sha 2022-06-29 9:52 ` [PATCH v3 0/3] example/fips_validation: add xts and sha json parsing Gowrishankar Muthukrishnan 2022-06-29 9:52 ` [PATCH v3 1/3] examples/fips_validation: add aes_cbc specific enum Gowrishankar Muthukrishnan 2022-06-29 9:52 ` [PATCH v3 2/3] examples/fips_validation: add parsing for xts Gowrishankar Muthukrishnan @ 2022-06-29 9:52 ` Gowrishankar Muthukrishnan 2022-06-29 12:35 ` [PATCH v4 0/3] example/fips_validation: add xts and sha json parsing Gowrishankar Muthukrishnan 3 siblings, 0 replies; 14+ messages in thread From: Gowrishankar Muthukrishnan @ 2022-06-29 9:52 UTC (permalink / raw) To: dev Cc: Fan Zhang, Brian Dooley, Anoob Joseph, Archana Muniganti, Jerin Jacob, Gowrishankar Muthukrishnan Added function to parse algorithm for SHA test. Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com> Acked-by: Fan Zhang <roy.fan.zhang@intel.com> --- v3: - added a comment on flat array of fips_val for parse_writeback callback. --- examples/fips_validation/fips_validation.c | 2 + examples/fips_validation/fips_validation.h | 10 + .../fips_validation/fips_validation_sha.c | 188 ++++++++++++++++++ examples/fips_validation/main.c | 39 +++- 4 files changed, 228 insertions(+), 11 deletions(-) diff --git a/examples/fips_validation/fips_validation.c b/examples/fips_validation/fips_validation.c index f181363ef7..12b9b03f56 100644 --- a/examples/fips_validation/fips_validation.c +++ b/examples/fips_validation/fips_validation.c @@ -466,6 +466,8 @@ fips_test_parse_one_json_vector_set(void) info.algo = FIPS_TEST_ALGO_AES_CBC; else if (strstr(algo_str, "AES-XTS")) info.algo = FIPS_TEST_ALGO_AES_XTS; + else if (strstr(algo_str, "SHA")) + info.algo = FIPS_TEST_ALGO_SHA; else return -EINVAL; diff --git a/examples/fips_validation/fips_validation.h b/examples/fips_validation/fips_validation.h index d716b198c6..5c1abcbd91 100644 --- a/examples/fips_validation/fips_validation.h +++ b/examples/fips_validation/fips_validation.h @@ -133,6 +133,7 @@ enum fips_ccm_test_types { enum fips_sha_test_types { SHA_KAT = 0, + SHA_AFT, SHA_MCT }; @@ -280,6 +281,15 @@ parse_test_aes_json_init(void); int parse_test_xts_json_init(void); + +int +parse_test_sha_json_init(void); + +int +parse_test_sha_json_algorithm(void); + +int +parse_test_sha_json_test_type(void); #endif /* USE_JANSSON */ int diff --git a/examples/fips_validation/fips_validation_sha.c b/examples/fips_validation/fips_validation_sha.c index 34c364c75a..a2928618d7 100644 --- a/examples/fips_validation/fips_validation_sha.c +++ b/examples/fips_validation/fips_validation_sha.c @@ -17,6 +17,11 @@ #define SEED_STR "Seed = " #define MCT_STR "Monte" +#define ALGO_JSON_STR "algorithm" +#define TESTTYPE_JSON_STR "testType" + +#define PT_JSON_STR "msg" + struct plain_hash_size_conversion { const char *str; enum rte_crypto_auth_algorithm algo; @@ -62,6 +67,32 @@ struct fips_test_callback sha_tests_interim_vectors[] = { {NULL, NULL, NULL} /**< end pointer */ }; +#ifdef USE_JANSSON +static struct { + uint32_t type; + const char *desc; +} sha_test_types[] = { + {SHA_MCT, "MCT"}, + {SHA_AFT, "AFT"}, +}; + +static struct plain_hash_algorithms { + const char *str; + enum rte_crypto_auth_algorithm algo; +} json_algorithms[] = { + {"SHA-1", RTE_CRYPTO_AUTH_SHA1}, + {"SHA2-224", RTE_CRYPTO_AUTH_SHA224}, + {"SHA2-256", RTE_CRYPTO_AUTH_SHA256}, + {"SHA2-384", RTE_CRYPTO_AUTH_SHA384}, + {"SHA2-512", RTE_CRYPTO_AUTH_SHA512}, +}; + +struct fips_test_callback sha_tests_json_vectors[] = { + {PT_JSON_STR, parse_uint8_hex_str, &vec.pt}, + {NULL, NULL, NULL} /**< end pointer */ +}; +#endif /* USE_JANSSON */ + static int parse_test_sha_writeback(struct fips_val *val) // ! { @@ -108,3 +139,160 @@ parse_test_sha_init(void) info.kat_check = rsp_test_sha_check; return 0; } + +#ifdef USE_JANSSON +static int +parse_test_sha_json_writeback(struct fips_val *val) +{ + struct fips_val val_local; + json_t *tcId, *md; + + tcId = json_object_get(json_info.json_test_case, "tcId"); + + json_info.json_write_case = json_object(); + json_object_set_new(json_info.json_write_case, "tcId", tcId); + + val_local.val = val->val + vec.pt.len; + val_local.len = vec.cipher_auth.digest.len; + + writeback_hex_str("", info.one_line_text, &val_local); + md = json_string(info.one_line_text); + json_object_set_new(json_info.json_write_case, "md", md); + + return 0; +} + +static int +parse_test_sha_mct_json_writeback(struct fips_val *val) +{ + json_t *tcId, *msg, *md, *resArr, *res; + struct fips_val val_local; + + tcId = json_object_get(json_info.json_test_case, "tcId"); + if (json_info.json_write_case) { + json_t *wcId; + + wcId = json_object_get(json_info.json_write_case, "tcId"); + if (!json_equal(tcId, wcId)) { + json_info.json_write_case = json_object(); + json_object_set_new(json_info.json_write_case, "tcId", tcId); + json_object_set_new(json_info.json_write_case, "resultsArray", + json_array()); + } + } else { + json_info.json_write_case = json_object(); + json_object_set_new(json_info.json_write_case, "tcId", tcId); + json_object_set_new(json_info.json_write_case, "resultsArray", json_array()); + } + + resArr = json_object_get(json_info.json_write_case, "resultsArray"); + if (!json_is_array(resArr)) + return -EINVAL; + + res = json_object(); + + writeback_hex_str("", info.one_line_text, &val[1]); + msg = json_string(info.one_line_text); + json_object_set_new(res, "msg", msg); + + val_local.val = val[0].val + vec.pt.len; + val_local.len = vec.cipher_auth.digest.len; + + writeback_hex_str("", info.one_line_text, &val_local); + md = json_string(info.one_line_text); + json_object_set_new(res, "md", md); + + json_array_append_new(resArr, res); + return 0; +} + +int +parse_test_sha_json_algorithm(void) +{ + json_t *algorithm_object; + const char *algorithm_str; + uint32_t i; + + algorithm_object = json_object_get(json_info.json_vector_set, "algorithm"); + algorithm_str = json_string_value(algorithm_object); + + for (i = 0; i < RTE_DIM(json_algorithms); i++) { + if (strstr(algorithm_str, json_algorithms[i].str)) { + info.interim_info.sha_data.algo = json_algorithms[i].algo; + break; + } + } + + if (i == RTE_DIM(json_algorithms)) + return -1; + + for (i = 0; i < RTE_DIM(phsc); i++) { + if (info.interim_info.sha_data.algo == phsc[i].algo) { + vec.cipher_auth.digest.len = atoi(phsc[i].str); + vec.cipher_auth.digest.val = calloc(0, vec.cipher_auth.digest.len * 8); + break; + } + } + + if (i == RTE_DIM(phsc)) + return -1; + + return 0; +} + +int +parse_test_sha_json_test_type(void) +{ + json_t *type_object; + const char *type_str; + uint32_t i; + + type_object = json_object_get(json_info.json_test_group, TESTTYPE_JSON_STR); + type_str = json_string_value(type_object); + + for (i = 0; i < RTE_DIM(sha_test_types); i++) + if (strstr(type_str, sha_test_types[i].desc)) { + info.interim_info.aes_data.test_type = + sha_test_types[i].type; + break; + } + + if (i == RTE_DIM(sha_test_types)) + return -1; + + switch (info.interim_info.sha_data.test_type) { + case SHA_MCT: + info.parse_writeback = parse_test_sha_mct_json_writeback; + break; + case SHA_AFT: + info.parse_writeback = parse_test_sha_json_writeback; + break; + default: + info.parse_writeback = NULL; + } + + if (!info.parse_writeback) + return -1; + + return 0; +} + +int +parse_test_sha_json_init(void) +{ + info.op = FIPS_TEST_ENC_AUTH_GEN; + info.parse_writeback = parse_test_sha_json_writeback; + info.callbacks = sha_tests_json_vectors; + info.writeback_callbacks = NULL; + info.kat_check = rsp_test_sha_check; + info.interim_callbacks = NULL; + + if (parse_test_sha_json_algorithm() < 0) + return -1; + + if (parse_test_sha_json_test_type() < 0) + return -1; + + return 0; +} +#endif /* USE_JANSSON */ diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c index 7ccb5f52f4..6d52048b5c 100644 --- a/examples/fips_validation/main.c +++ b/examples/fips_validation/main.c @@ -1693,19 +1693,26 @@ fips_mct_sha_test(void) #define SHA_EXTERN_ITER 100 #define SHA_INTERN_ITER 1000 #define SHA_MD_BLOCK 3 - struct fips_val val = {NULL, 0}, md[SHA_MD_BLOCK]; + /* val[0] is op result and other value is for parse_writeback callback */ + struct fips_val val[2] = {{NULL, 0},}; + struct fips_val md[SHA_MD_BLOCK], msg; char temp[MAX_DIGEST_SIZE*2]; int ret; uint32_t i, j; + msg.len = SHA_MD_BLOCK * vec.cipher_auth.digest.len; + msg.val = calloc(1, msg.len); + memcpy(vec.cipher_auth.digest.val, vec.pt.val, vec.cipher_auth.digest.len); for (i = 0; i < SHA_MD_BLOCK; i++) md[i].val = rte_malloc(NULL, (MAX_DIGEST_SIZE*2), 0); rte_free(vec.pt.val); vec.pt.val = rte_malloc(NULL, (MAX_DIGEST_SIZE*SHA_MD_BLOCK), 0); - fips_test_write_one_case(); - fprintf(info.fp_wr, "\n"); + if (info.file_type != FIPS_TYPE_JSON) { + fips_test_write_one_case(); + fprintf(info.fp_wr, "\n"); + } for (j = 0; j < SHA_EXTERN_ITER; j++) { @@ -1719,6 +1726,9 @@ fips_mct_sha_test(void) vec.cipher_auth.digest.len); md[2].len = vec.cipher_auth.digest.len; + for (i = 0; i < SHA_MD_BLOCK; i++) + memcpy(&msg.val[i * md[i].len], md[i].val, md[i].len); + for (i = 0; i < (SHA_INTERN_ITER); i++) { memcpy(vec.pt.val, md[0].val, @@ -1742,7 +1752,7 @@ fips_mct_sha_test(void) return ret; } - ret = get_writeback_data(&val); + ret = get_writeback_data(&val[0]); if (ret < 0) return ret; @@ -1751,7 +1761,7 @@ fips_mct_sha_test(void) memcpy(md[1].val, md[2].val, md[2].len); md[1].len = md[2].len; - memcpy(md[2].val, (val.val + vec.pt.len), + memcpy(md[2].val, (val[0].val + vec.pt.len), vec.cipher_auth.digest.len); md[2].len = vec.cipher_auth.digest.len; } @@ -1759,11 +1769,14 @@ fips_mct_sha_test(void) memcpy(vec.cipher_auth.digest.val, md[2].val, md[2].len); vec.cipher_auth.digest.len = md[2].len; - fprintf(info.fp_wr, "COUNT = %u\n", j); - - writeback_hex_str("", temp, &vec.cipher_auth.digest); - - fprintf(info.fp_wr, "MD = %s\n\n", temp); + if (info.file_type != FIPS_TYPE_JSON) { + fprintf(info.fp_wr, "COUNT = %u\n", j); + writeback_hex_str("", temp, &vec.cipher_auth.digest); + fprintf(info.fp_wr, "MD = %s\n\n", temp); + } + val[1].val = msg.val; + val[1].len = msg.len; + info.parse_writeback(val); } for (i = 0; i < (SHA_MD_BLOCK); i++) @@ -1771,7 +1784,8 @@ fips_mct_sha_test(void) rte_free(vec.pt.val); - free(val.val); + free(val[0].val); + free(msg.val); return 0; } @@ -1996,6 +2010,9 @@ fips_test_one_test_group(void) case FIPS_TEST_ALGO_AES: ret = parse_test_aes_json_init(); break; + case FIPS_TEST_ALGO_SHA: + ret = parse_test_sha_json_init(); + break; default: return -EINVAL; } -- 2.25.1 ^ permalink raw reply [flat|nested] 14+ messages in thread
* [PATCH v4 0/3] example/fips_validation: add xts and sha json parsing 2022-06-29 9:52 ` [PATCH v3 0/3] example/fips_validation: add xts and sha json parsing Gowrishankar Muthukrishnan ` (2 preceding siblings ...) 2022-06-29 9:52 ` [PATCH v3 3/3] examples/fips_validation: add parsing for sha Gowrishankar Muthukrishnan @ 2022-06-29 12:35 ` Gowrishankar Muthukrishnan 2022-06-29 12:35 ` [PATCH v4 1/3] examples/fips_validation: add aes_cbc specific enum Gowrishankar Muthukrishnan ` (3 more replies) 3 siblings, 4 replies; 14+ messages in thread From: Gowrishankar Muthukrishnan @ 2022-06-29 12:35 UTC (permalink / raw) To: dev Cc: Fan Zhang, Brian Dooley, Anoob Joseph, Archana Muniganti, Jerin Jacob, Gowrishankar Muthukrishnan Add support in fips_validation to parse AES_XTS and SHA json vectors. v4: - doc updates Gowrishankar Muthukrishnan (3): examples/fips_validation: add aes_cbc specific enum examples/fips_validation: add parsing for xts examples/fips_validation: add parsing for sha doc/guides/sample_app_ug/fips_validation.rst | 2 + examples/fips_validation/fips_validation.c | 6 +- examples/fips_validation/fips_validation.h | 26 ++- .../fips_validation/fips_validation_sha.c | 188 ++++++++++++++++++ .../fips_validation/fips_validation_xts.c | 141 +++++++++++++ examples/fips_validation/main.c | 44 +++- 6 files changed, 394 insertions(+), 13 deletions(-) -- 2.25.1 ^ permalink raw reply [flat|nested] 14+ messages in thread
* [PATCH v4 1/3] examples/fips_validation: add aes_cbc specific enum 2022-06-29 12:35 ` [PATCH v4 0/3] example/fips_validation: add xts and sha json parsing Gowrishankar Muthukrishnan @ 2022-06-29 12:35 ` Gowrishankar Muthukrishnan 2022-06-29 12:35 ` [PATCH v4 2/3] examples/fips_validation: add parsing for xts Gowrishankar Muthukrishnan ` (2 subsequent siblings) 3 siblings, 0 replies; 14+ messages in thread From: Gowrishankar Muthukrishnan @ 2022-06-29 12:35 UTC (permalink / raw) To: dev Cc: Fan Zhang, Brian Dooley, Anoob Joseph, Archana Muniganti, Jerin Jacob, Gowrishankar Muthukrishnan Add algorithm enum specifically for AES_CBC instead of relying on AES as such. Fixes: 8b8546aaedf ("examples/fips_validation: add parsing for AES-CBC") Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com> Acked-by: Fan Zhang <roy.fan.zhang@intel.com> --- examples/fips_validation/fips_validation.c | 2 +- examples/fips_validation/fips_validation.h | 1 + examples/fips_validation/main.c | 1 + 3 files changed, 3 insertions(+), 1 deletion(-) diff --git a/examples/fips_validation/fips_validation.c b/examples/fips_validation/fips_validation.c index 324abccb14..68b5572db2 100644 --- a/examples/fips_validation/fips_validation.c +++ b/examples/fips_validation/fips_validation.c @@ -463,7 +463,7 @@ fips_test_parse_one_json_vector_set(void) else if (strstr(algo_str, "CMAC")) info.algo = FIPS_TEST_ALGO_AES_CMAC; else if (strstr(algo_str, "AES-CBC")) - info.algo = FIPS_TEST_ALGO_AES; + info.algo = FIPS_TEST_ALGO_AES_CBC; else return -EINVAL; diff --git a/examples/fips_validation/fips_validation.h b/examples/fips_validation/fips_validation.h index 69d738b718..819236983d 100644 --- a/examples/fips_validation/fips_validation.h +++ b/examples/fips_validation/fips_validation.h @@ -34,6 +34,7 @@ enum fips_test_algorithms { FIPS_TEST_ALGO_AES = 0, + FIPS_TEST_ALGO_AES_CBC, FIPS_TEST_ALGO_AES_GCM, FIPS_TEST_ALGO_AES_CMAC, FIPS_TEST_ALGO_AES_CCM, diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c index ceabea788e..9c4951595d 100644 --- a/examples/fips_validation/main.c +++ b/examples/fips_validation/main.c @@ -1781,6 +1781,7 @@ static int init_test_ops(void) { switch (info.algo) { + case FIPS_TEST_ALGO_AES_CBC: case FIPS_TEST_ALGO_AES: test_ops.prepare_op = prepare_cipher_op; test_ops.prepare_xform = prepare_aes_xform; -- 2.25.1 ^ permalink raw reply [flat|nested] 14+ messages in thread
* [PATCH v4 2/3] examples/fips_validation: add parsing for xts 2022-06-29 12:35 ` [PATCH v4 0/3] example/fips_validation: add xts and sha json parsing Gowrishankar Muthukrishnan 2022-06-29 12:35 ` [PATCH v4 1/3] examples/fips_validation: add aes_cbc specific enum Gowrishankar Muthukrishnan @ 2022-06-29 12:35 ` Gowrishankar Muthukrishnan 2022-06-29 12:35 ` [PATCH v4 3/3] examples/fips_validation: add parsing for sha Gowrishankar Muthukrishnan 2022-06-30 4:22 ` [EXT] [PATCH v4 0/3] example/fips_validation: add xts and sha json parsing Akhil Goyal 3 siblings, 0 replies; 14+ messages in thread From: Gowrishankar Muthukrishnan @ 2022-06-29 12:35 UTC (permalink / raw) To: dev Cc: Fan Zhang, Brian Dooley, Anoob Joseph, Archana Muniganti, Jerin Jacob, Gowrishankar Muthukrishnan Added function to parse algorithm for AES XTS test. Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com> Acked-by: Fan Zhang <roy.fan.zhang@intel.com> --- v4: - doc update --- doc/guides/sample_app_ug/fips_validation.rst | 1 + examples/fips_validation/fips_validation.c | 2 + examples/fips_validation/fips_validation.h | 15 +- .../fips_validation/fips_validation_xts.c | 141 ++++++++++++++++++ examples/fips_validation/main.c | 4 + 5 files changed, 162 insertions(+), 1 deletion(-) diff --git a/doc/guides/sample_app_ug/fips_validation.rst b/doc/guides/sample_app_ug/fips_validation.rst index 43190bb696..41d2e0da13 100644 --- a/doc/guides/sample_app_ug/fips_validation.rst +++ b/doc/guides/sample_app_ug/fips_validation.rst @@ -61,6 +61,7 @@ ACVP * AES-CBC (128,192,256) - AFT, MCT * AES-GCM (128,192,256) - AFT * AES-CMAC (128,192,256) - AFT + * AES-XTS (128,256) - AFT * HMAC (SHA1, SHA224, SHA256, SHA384, SHA512) diff --git a/examples/fips_validation/fips_validation.c b/examples/fips_validation/fips_validation.c index 68b5572db2..f181363ef7 100644 --- a/examples/fips_validation/fips_validation.c +++ b/examples/fips_validation/fips_validation.c @@ -464,6 +464,8 @@ fips_test_parse_one_json_vector_set(void) info.algo = FIPS_TEST_ALGO_AES_CMAC; else if (strstr(algo_str, "AES-CBC")) info.algo = FIPS_TEST_ALGO_AES_CBC; + else if (strstr(algo_str, "AES-XTS")) + info.algo = FIPS_TEST_ALGO_AES_XTS; else return -EINVAL; diff --git a/examples/fips_validation/fips_validation.h b/examples/fips_validation/fips_validation.h index 819236983d..d716b198c6 100644 --- a/examples/fips_validation/fips_validation.h +++ b/examples/fips_validation/fips_validation.h @@ -38,10 +38,10 @@ enum fips_test_algorithms { FIPS_TEST_ALGO_AES_GCM, FIPS_TEST_ALGO_AES_CMAC, FIPS_TEST_ALGO_AES_CCM, + FIPS_TEST_ALGO_AES_XTS, FIPS_TEST_ALGO_HMAC, FIPS_TEST_ALGO_TDES, FIPS_TEST_ALGO_SHA, - FIPS_TEST_ALGO_AES_XTS, FIPS_TEST_ALGO_MAX }; @@ -171,6 +171,15 @@ struct gcm_interim_data { uint8_t gen_iv; }; +enum xts_tweak_modes { + XTS_TWEAK_MODE_HEX = 0, + XTS_TWEAK_MODE_NUMBER +}; + +struct xts_interim_data { + enum xts_tweak_modes tweak_mode; +}; + #ifdef USE_JANSSON struct fips_test_json_info { /* Information used for reading from json */ @@ -208,6 +217,7 @@ struct fips_test_interim_info { struct ccm_interim_data ccm_data; struct sha_interim_data sha_data; struct gcm_interim_data gcm_data; + struct xts_interim_data xts_data; } interim_info; enum fips_test_op op; @@ -267,6 +277,9 @@ parse_test_cmac_json_init(void); int parse_test_aes_json_init(void); + +int +parse_test_xts_json_init(void); #endif /* USE_JANSSON */ int diff --git a/examples/fips_validation/fips_validation_xts.c b/examples/fips_validation/fips_validation_xts.c index 5bb1966f6c..531e3c688e 100644 --- a/examples/fips_validation/fips_validation_xts.c +++ b/examples/fips_validation/fips_validation_xts.c @@ -24,6 +24,22 @@ #define OP_ENC_STR "ENCRYPT" #define OP_DEC_STR "DECRYPT" +#define ALGO_JSON_STR "algorithm" +#define TESTTYPE_JSON_STR "testType" +#define DIR_JSON_STR "direction" +#define KEYLEN_JSON_STR "keyLen" +#define TWEAKMODE_JSON_STR "tweakMode" + +#define KEY_JSON_STR "key" +#define DATAUNITLEN_JSON_STR "dataUnitLen" +#define PAYLOADLEN_JSON_STR "payloadLen" +#define TWEAKVALUE_JSON_STR "tweakValue" +#define PT_JSON_STR "pt" +#define CT_JSON_STR "ct" + +#define OP_ENC_JSON_STR "encrypt" +#define OP_DEC_JSON_STR "decrypt" + static int parse_interim_xts_enc_dec(const char *key, __rte_unused char *text, @@ -62,6 +78,131 @@ struct fips_test_callback xts_writeback_callbacks[] = { {NULL, NULL, NULL} /**< end pointer */ }; +#ifdef USE_JANSSON +static int +parser_xts_read_keylen(const char *key, char *src, struct fips_val *val) +{ + int ret; + + ret = parser_read_uint32_bit_val(key, src, val); + if (ret < 0) + return ret; + + val->len *= 2; + return 0; +} + +static int +parser_xts_read_tweakval(const char *key, char *src, struct fips_val *val) +{ + int ret; + + if (info.interim_info.xts_data.tweak_mode == XTS_TWEAK_MODE_HEX) + ret = parse_uint8_hex_str(key, src, val); + else if (info.interim_info.xts_data.tweak_mode == XTS_TWEAK_MODE_NUMBER) + ret = parser_read_uint32_bit_val(key, src, val); + else + ret = -1; + + return ret; +} + +struct fips_test_callback xts_dec_json_vectors[] = { + {KEY_JSON_STR, parse_uint8_known_len_hex_str, &vec.cipher_auth.key}, + {TWEAKVALUE_JSON_STR, parser_xts_read_tweakval, &vec.iv}, + {CT_JSON_STR, parse_uint8_hex_str, &vec.ct}, + {NULL, NULL, NULL} /**< end pointer */ +}; + +struct fips_test_callback xts_interim_json_vectors[] = { + {KEYLEN_JSON_STR, parser_xts_read_keylen, &vec.cipher_auth.key}, + {NULL, NULL, NULL} /**< end pointer */ +}; + +struct fips_test_callback xts_enc_json_vectors[] = { + {KEY_JSON_STR, parse_uint8_known_len_hex_str, &vec.cipher_auth.key}, + {TWEAKVALUE_JSON_STR, parser_xts_read_tweakval, &vec.iv}, + {PT_JSON_STR, parse_uint8_hex_str, &vec.pt}, + {NULL, NULL, NULL} /**< end pointer */ +}; + +static int +parse_test_xts_json_writeback(struct fips_val *val) +{ + struct fips_val tmp_val; + json_t *tcId; + + tcId = json_object_get(json_info.json_test_case, "tcId"); + + json_info.json_write_case = json_object(); + json_object_set(json_info.json_write_case, "tcId", tcId); + + if (info.op == FIPS_TEST_ENC_AUTH_GEN) { + json_t *ct; + + tmp_val.val = val->val; + tmp_val.len = vec.pt.len; + + writeback_hex_str("", info.one_line_text, &tmp_val); + ct = json_string(info.one_line_text); + json_object_set_new(json_info.json_write_case, CT_JSON_STR, ct); + + tmp_val.val = val->val + vec.pt.len; + tmp_val.len = val->len - vec.pt.len; + + writeback_hex_str("", info.one_line_text, &tmp_val); + } else { + if (vec.status == RTE_CRYPTO_OP_STATUS_SUCCESS) { + tmp_val.val = val->val; + tmp_val.len = vec.ct.len; + + writeback_hex_str("", info.one_line_text, &tmp_val); + json_object_set_new(json_info.json_write_case, PT_JSON_STR, + json_string(info.one_line_text)); + } else { + json_object_set_new(json_info.json_write_case, "testPassed", json_false()); + } + } + + return 0; +} + +int +parse_test_xts_json_init(void) +{ + if (json_info.json_test_group) { + json_t *direction_obj, *tweakmode_obj; + const char *direction_str, *tweakmode_str; + + direction_obj = json_object_get(json_info.json_test_group, DIR_JSON_STR); + direction_str = json_string_value(direction_obj); + + if (strcmp(direction_str, OP_ENC_JSON_STR) == 0) { + info.op = FIPS_TEST_ENC_AUTH_GEN; + info.callbacks = xts_enc_json_vectors; + + } else if (strcmp(direction_str, OP_DEC_JSON_STR) == 0) { + info.op = FIPS_TEST_DEC_AUTH_VERIF; + info.callbacks = xts_dec_json_vectors; + } else { + return -EINVAL; + } + + tweakmode_obj = json_object_get(json_info.json_test_group, TWEAKMODE_JSON_STR); + tweakmode_str = json_string_value(tweakmode_obj); + if (strcmp(tweakmode_str, "hex") == 0) + info.interim_info.xts_data.tweak_mode = XTS_TWEAK_MODE_HEX; + else + info.interim_info.xts_data.tweak_mode = XTS_TWEAK_MODE_NUMBER; + + info.interim_callbacks = xts_interim_json_vectors; + } + + info.parse_writeback = parse_test_xts_json_writeback; + return 0; +} +#endif /* USE_JANSSON */ + static int parse_test_xts_writeback(struct fips_val *val) { diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c index 9c4951595d..7ccb5f52f4 100644 --- a/examples/fips_validation/main.c +++ b/examples/fips_validation/main.c @@ -1989,6 +1989,10 @@ fips_test_one_test_group(void) case FIPS_TEST_ALGO_AES_CMAC: ret = parse_test_cmac_json_init(); break; + case FIPS_TEST_ALGO_AES_XTS: + ret = parse_test_xts_json_init(); + break; + case FIPS_TEST_ALGO_AES_CBC: case FIPS_TEST_ALGO_AES: ret = parse_test_aes_json_init(); break; -- 2.25.1 ^ permalink raw reply [flat|nested] 14+ messages in thread
* [PATCH v4 3/3] examples/fips_validation: add parsing for sha 2022-06-29 12:35 ` [PATCH v4 0/3] example/fips_validation: add xts and sha json parsing Gowrishankar Muthukrishnan 2022-06-29 12:35 ` [PATCH v4 1/3] examples/fips_validation: add aes_cbc specific enum Gowrishankar Muthukrishnan 2022-06-29 12:35 ` [PATCH v4 2/3] examples/fips_validation: add parsing for xts Gowrishankar Muthukrishnan @ 2022-06-29 12:35 ` Gowrishankar Muthukrishnan 2022-06-30 4:22 ` [EXT] [PATCH v4 0/3] example/fips_validation: add xts and sha json parsing Akhil Goyal 3 siblings, 0 replies; 14+ messages in thread From: Gowrishankar Muthukrishnan @ 2022-06-29 12:35 UTC (permalink / raw) To: dev Cc: Fan Zhang, Brian Dooley, Anoob Joseph, Archana Muniganti, Jerin Jacob, Gowrishankar Muthukrishnan Added function to parse algorithm for SHA test. Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com> Acked-by: Fan Zhang <roy.fan.zhang@intel.com> --- v4: - doc update --- doc/guides/sample_app_ug/fips_validation.rst | 1 + examples/fips_validation/fips_validation.c | 2 + examples/fips_validation/fips_validation.h | 10 + .../fips_validation/fips_validation_sha.c | 188 ++++++++++++++++++ examples/fips_validation/main.c | 39 +++- 5 files changed, 229 insertions(+), 11 deletions(-) diff --git a/doc/guides/sample_app_ug/fips_validation.rst b/doc/guides/sample_app_ug/fips_validation.rst index 41d2e0da13..4b68226665 100644 --- a/doc/guides/sample_app_ug/fips_validation.rst +++ b/doc/guides/sample_app_ug/fips_validation.rst @@ -63,6 +63,7 @@ ACVP * AES-CMAC (128,192,256) - AFT * AES-XTS (128,256) - AFT * HMAC (SHA1, SHA224, SHA256, SHA384, SHA512) + * SHA (1,256) - AFT, MCT Application Information diff --git a/examples/fips_validation/fips_validation.c b/examples/fips_validation/fips_validation.c index f181363ef7..12b9b03f56 100644 --- a/examples/fips_validation/fips_validation.c +++ b/examples/fips_validation/fips_validation.c @@ -466,6 +466,8 @@ fips_test_parse_one_json_vector_set(void) info.algo = FIPS_TEST_ALGO_AES_CBC; else if (strstr(algo_str, "AES-XTS")) info.algo = FIPS_TEST_ALGO_AES_XTS; + else if (strstr(algo_str, "SHA")) + info.algo = FIPS_TEST_ALGO_SHA; else return -EINVAL; diff --git a/examples/fips_validation/fips_validation.h b/examples/fips_validation/fips_validation.h index d716b198c6..5c1abcbd91 100644 --- a/examples/fips_validation/fips_validation.h +++ b/examples/fips_validation/fips_validation.h @@ -133,6 +133,7 @@ enum fips_ccm_test_types { enum fips_sha_test_types { SHA_KAT = 0, + SHA_AFT, SHA_MCT }; @@ -280,6 +281,15 @@ parse_test_aes_json_init(void); int parse_test_xts_json_init(void); + +int +parse_test_sha_json_init(void); + +int +parse_test_sha_json_algorithm(void); + +int +parse_test_sha_json_test_type(void); #endif /* USE_JANSSON */ int diff --git a/examples/fips_validation/fips_validation_sha.c b/examples/fips_validation/fips_validation_sha.c index 34c364c75a..a2928618d7 100644 --- a/examples/fips_validation/fips_validation_sha.c +++ b/examples/fips_validation/fips_validation_sha.c @@ -17,6 +17,11 @@ #define SEED_STR "Seed = " #define MCT_STR "Monte" +#define ALGO_JSON_STR "algorithm" +#define TESTTYPE_JSON_STR "testType" + +#define PT_JSON_STR "msg" + struct plain_hash_size_conversion { const char *str; enum rte_crypto_auth_algorithm algo; @@ -62,6 +67,32 @@ struct fips_test_callback sha_tests_interim_vectors[] = { {NULL, NULL, NULL} /**< end pointer */ }; +#ifdef USE_JANSSON +static struct { + uint32_t type; + const char *desc; +} sha_test_types[] = { + {SHA_MCT, "MCT"}, + {SHA_AFT, "AFT"}, +}; + +static struct plain_hash_algorithms { + const char *str; + enum rte_crypto_auth_algorithm algo; +} json_algorithms[] = { + {"SHA-1", RTE_CRYPTO_AUTH_SHA1}, + {"SHA2-224", RTE_CRYPTO_AUTH_SHA224}, + {"SHA2-256", RTE_CRYPTO_AUTH_SHA256}, + {"SHA2-384", RTE_CRYPTO_AUTH_SHA384}, + {"SHA2-512", RTE_CRYPTO_AUTH_SHA512}, +}; + +struct fips_test_callback sha_tests_json_vectors[] = { + {PT_JSON_STR, parse_uint8_hex_str, &vec.pt}, + {NULL, NULL, NULL} /**< end pointer */ +}; +#endif /* USE_JANSSON */ + static int parse_test_sha_writeback(struct fips_val *val) // ! { @@ -108,3 +139,160 @@ parse_test_sha_init(void) info.kat_check = rsp_test_sha_check; return 0; } + +#ifdef USE_JANSSON +static int +parse_test_sha_json_writeback(struct fips_val *val) +{ + struct fips_val val_local; + json_t *tcId, *md; + + tcId = json_object_get(json_info.json_test_case, "tcId"); + + json_info.json_write_case = json_object(); + json_object_set_new(json_info.json_write_case, "tcId", tcId); + + val_local.val = val->val + vec.pt.len; + val_local.len = vec.cipher_auth.digest.len; + + writeback_hex_str("", info.one_line_text, &val_local); + md = json_string(info.one_line_text); + json_object_set_new(json_info.json_write_case, "md", md); + + return 0; +} + +static int +parse_test_sha_mct_json_writeback(struct fips_val *val) +{ + json_t *tcId, *msg, *md, *resArr, *res; + struct fips_val val_local; + + tcId = json_object_get(json_info.json_test_case, "tcId"); + if (json_info.json_write_case) { + json_t *wcId; + + wcId = json_object_get(json_info.json_write_case, "tcId"); + if (!json_equal(tcId, wcId)) { + json_info.json_write_case = json_object(); + json_object_set_new(json_info.json_write_case, "tcId", tcId); + json_object_set_new(json_info.json_write_case, "resultsArray", + json_array()); + } + } else { + json_info.json_write_case = json_object(); + json_object_set_new(json_info.json_write_case, "tcId", tcId); + json_object_set_new(json_info.json_write_case, "resultsArray", json_array()); + } + + resArr = json_object_get(json_info.json_write_case, "resultsArray"); + if (!json_is_array(resArr)) + return -EINVAL; + + res = json_object(); + + writeback_hex_str("", info.one_line_text, &val[1]); + msg = json_string(info.one_line_text); + json_object_set_new(res, "msg", msg); + + val_local.val = val[0].val + vec.pt.len; + val_local.len = vec.cipher_auth.digest.len; + + writeback_hex_str("", info.one_line_text, &val_local); + md = json_string(info.one_line_text); + json_object_set_new(res, "md", md); + + json_array_append_new(resArr, res); + return 0; +} + +int +parse_test_sha_json_algorithm(void) +{ + json_t *algorithm_object; + const char *algorithm_str; + uint32_t i; + + algorithm_object = json_object_get(json_info.json_vector_set, "algorithm"); + algorithm_str = json_string_value(algorithm_object); + + for (i = 0; i < RTE_DIM(json_algorithms); i++) { + if (strstr(algorithm_str, json_algorithms[i].str)) { + info.interim_info.sha_data.algo = json_algorithms[i].algo; + break; + } + } + + if (i == RTE_DIM(json_algorithms)) + return -1; + + for (i = 0; i < RTE_DIM(phsc); i++) { + if (info.interim_info.sha_data.algo == phsc[i].algo) { + vec.cipher_auth.digest.len = atoi(phsc[i].str); + vec.cipher_auth.digest.val = calloc(0, vec.cipher_auth.digest.len * 8); + break; + } + } + + if (i == RTE_DIM(phsc)) + return -1; + + return 0; +} + +int +parse_test_sha_json_test_type(void) +{ + json_t *type_object; + const char *type_str; + uint32_t i; + + type_object = json_object_get(json_info.json_test_group, TESTTYPE_JSON_STR); + type_str = json_string_value(type_object); + + for (i = 0; i < RTE_DIM(sha_test_types); i++) + if (strstr(type_str, sha_test_types[i].desc)) { + info.interim_info.aes_data.test_type = + sha_test_types[i].type; + break; + } + + if (i == RTE_DIM(sha_test_types)) + return -1; + + switch (info.interim_info.sha_data.test_type) { + case SHA_MCT: + info.parse_writeback = parse_test_sha_mct_json_writeback; + break; + case SHA_AFT: + info.parse_writeback = parse_test_sha_json_writeback; + break; + default: + info.parse_writeback = NULL; + } + + if (!info.parse_writeback) + return -1; + + return 0; +} + +int +parse_test_sha_json_init(void) +{ + info.op = FIPS_TEST_ENC_AUTH_GEN; + info.parse_writeback = parse_test_sha_json_writeback; + info.callbacks = sha_tests_json_vectors; + info.writeback_callbacks = NULL; + info.kat_check = rsp_test_sha_check; + info.interim_callbacks = NULL; + + if (parse_test_sha_json_algorithm() < 0) + return -1; + + if (parse_test_sha_json_test_type() < 0) + return -1; + + return 0; +} +#endif /* USE_JANSSON */ diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c index 7ccb5f52f4..6d52048b5c 100644 --- a/examples/fips_validation/main.c +++ b/examples/fips_validation/main.c @@ -1693,19 +1693,26 @@ fips_mct_sha_test(void) #define SHA_EXTERN_ITER 100 #define SHA_INTERN_ITER 1000 #define SHA_MD_BLOCK 3 - struct fips_val val = {NULL, 0}, md[SHA_MD_BLOCK]; + /* val[0] is op result and other value is for parse_writeback callback */ + struct fips_val val[2] = {{NULL, 0},}; + struct fips_val md[SHA_MD_BLOCK], msg; char temp[MAX_DIGEST_SIZE*2]; int ret; uint32_t i, j; + msg.len = SHA_MD_BLOCK * vec.cipher_auth.digest.len; + msg.val = calloc(1, msg.len); + memcpy(vec.cipher_auth.digest.val, vec.pt.val, vec.cipher_auth.digest.len); for (i = 0; i < SHA_MD_BLOCK; i++) md[i].val = rte_malloc(NULL, (MAX_DIGEST_SIZE*2), 0); rte_free(vec.pt.val); vec.pt.val = rte_malloc(NULL, (MAX_DIGEST_SIZE*SHA_MD_BLOCK), 0); - fips_test_write_one_case(); - fprintf(info.fp_wr, "\n"); + if (info.file_type != FIPS_TYPE_JSON) { + fips_test_write_one_case(); + fprintf(info.fp_wr, "\n"); + } for (j = 0; j < SHA_EXTERN_ITER; j++) { @@ -1719,6 +1726,9 @@ fips_mct_sha_test(void) vec.cipher_auth.digest.len); md[2].len = vec.cipher_auth.digest.len; + for (i = 0; i < SHA_MD_BLOCK; i++) + memcpy(&msg.val[i * md[i].len], md[i].val, md[i].len); + for (i = 0; i < (SHA_INTERN_ITER); i++) { memcpy(vec.pt.val, md[0].val, @@ -1742,7 +1752,7 @@ fips_mct_sha_test(void) return ret; } - ret = get_writeback_data(&val); + ret = get_writeback_data(&val[0]); if (ret < 0) return ret; @@ -1751,7 +1761,7 @@ fips_mct_sha_test(void) memcpy(md[1].val, md[2].val, md[2].len); md[1].len = md[2].len; - memcpy(md[2].val, (val.val + vec.pt.len), + memcpy(md[2].val, (val[0].val + vec.pt.len), vec.cipher_auth.digest.len); md[2].len = vec.cipher_auth.digest.len; } @@ -1759,11 +1769,14 @@ fips_mct_sha_test(void) memcpy(vec.cipher_auth.digest.val, md[2].val, md[2].len); vec.cipher_auth.digest.len = md[2].len; - fprintf(info.fp_wr, "COUNT = %u\n", j); - - writeback_hex_str("", temp, &vec.cipher_auth.digest); - - fprintf(info.fp_wr, "MD = %s\n\n", temp); + if (info.file_type != FIPS_TYPE_JSON) { + fprintf(info.fp_wr, "COUNT = %u\n", j); + writeback_hex_str("", temp, &vec.cipher_auth.digest); + fprintf(info.fp_wr, "MD = %s\n\n", temp); + } + val[1].val = msg.val; + val[1].len = msg.len; + info.parse_writeback(val); } for (i = 0; i < (SHA_MD_BLOCK); i++) @@ -1771,7 +1784,8 @@ fips_mct_sha_test(void) rte_free(vec.pt.val); - free(val.val); + free(val[0].val); + free(msg.val); return 0; } @@ -1996,6 +2010,9 @@ fips_test_one_test_group(void) case FIPS_TEST_ALGO_AES: ret = parse_test_aes_json_init(); break; + case FIPS_TEST_ALGO_SHA: + ret = parse_test_sha_json_init(); + break; default: return -EINVAL; } -- 2.25.1 ^ permalink raw reply [flat|nested] 14+ messages in thread
* RE: [EXT] [PATCH v4 0/3] example/fips_validation: add xts and sha json parsing 2022-06-29 12:35 ` [PATCH v4 0/3] example/fips_validation: add xts and sha json parsing Gowrishankar Muthukrishnan ` (2 preceding siblings ...) 2022-06-29 12:35 ` [PATCH v4 3/3] examples/fips_validation: add parsing for sha Gowrishankar Muthukrishnan @ 2022-06-30 4:22 ` Akhil Goyal 3 siblings, 0 replies; 14+ messages in thread From: Akhil Goyal @ 2022-06-30 4:22 UTC (permalink / raw) To: Gowrishankar Muthukrishnan, dev Cc: Fan Zhang, Brian Dooley, Anoob Joseph, Archana Muniganti, Jerin Jacob Kollanukkaran, Gowrishankar Muthukrishnan > Add support in fips_validation to parse AES_XTS and SHA json vectors. > > v4: > - doc updates > > Gowrishankar Muthukrishnan (3): > examples/fips_validation: add aes_cbc specific enum > examples/fips_validation: add parsing for xts > examples/fips_validation: add parsing for sha > > doc/guides/sample_app_ug/fips_validation.rst | 2 + > examples/fips_validation/fips_validation.c | 6 +- > examples/fips_validation/fips_validation.h | 26 ++- > .../fips_validation/fips_validation_sha.c | 188 ++++++++++++++++++ > .../fips_validation/fips_validation_xts.c | 141 +++++++++++++ > examples/fips_validation/main.c | 44 +++- > 6 files changed, 394 insertions(+), 13 deletions(-) > Applied to dpdk-next-crypto Thanks. ^ permalink raw reply [flat|nested] 14+ messages in thread
end of thread, other threads:[~2022-06-30 4:23 UTC | newest] Thread overview: 14+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- 2022-06-28 7:58 [PATCH v1] examples/fips_validation: add parsing for xts Gowrishankar Muthukrishnan 2022-06-28 11:57 ` David Marchand 2022-06-29 9:14 ` [EXT] " Gowrishankar Muthukrishnan 2022-06-28 13:12 ` [PATCH v2] " Gowrishankar Muthukrishnan 2022-06-29 8:07 ` Zhang, Roy Fan 2022-06-29 9:52 ` [PATCH v3 0/3] example/fips_validation: add xts and sha json parsing Gowrishankar Muthukrishnan 2022-06-29 9:52 ` [PATCH v3 1/3] examples/fips_validation: add aes_cbc specific enum Gowrishankar Muthukrishnan 2022-06-29 9:52 ` [PATCH v3 2/3] examples/fips_validation: add parsing for xts Gowrishankar Muthukrishnan 2022-06-29 9:52 ` [PATCH v3 3/3] examples/fips_validation: add parsing for sha Gowrishankar Muthukrishnan 2022-06-29 12:35 ` [PATCH v4 0/3] example/fips_validation: add xts and sha json parsing Gowrishankar Muthukrishnan 2022-06-29 12:35 ` [PATCH v4 1/3] examples/fips_validation: add aes_cbc specific enum Gowrishankar Muthukrishnan 2022-06-29 12:35 ` [PATCH v4 2/3] examples/fips_validation: add parsing for xts Gowrishankar Muthukrishnan 2022-06-29 12:35 ` [PATCH v4 3/3] examples/fips_validation: add parsing for sha Gowrishankar Muthukrishnan 2022-06-30 4:22 ` [EXT] [PATCH v4 0/3] example/fips_validation: add xts and sha json parsing Akhil Goyal
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for NNTP newsgroup(s).