DPDK patches and discussions
 help / color / mirror / Atom feed
* [PATCH 0/5] Add JSON vector set support to fips validation
@ 2022-01-27 14:51 Brandon Lo
  2022-01-27 14:51 ` [PATCH 1/5] examples/fips_validation: add jansson dependency Brandon Lo
                   ` (5 more replies)
  0 siblings, 6 replies; 122+ messages in thread
From: Brandon Lo @ 2022-01-27 14:51 UTC (permalink / raw)
  To: dev; +Cc: ciara.power, roy.fan.zhang, Brandon Lo

Adds a very basic introduction to JSON vector sets in
the fips validation example application. This patch set
will only introduce the AES-GCM test using a JSON request
file because the other algorithms need more information
than what is given in the new JSON format.

Brandon Lo (5):
  examples/fips_validation: add jansson dependency
  examples/fips_validation: add json info to header
  examples/fips_validation: add json parsing
  examples/fips_validation: allow json file as input
  examples/fips_validation: add json to gcm test

 examples/fips_validation/fips_validation.c    |  84 ++++++++
 examples/fips_validation/fips_validation.h    |  42 +++-
 .../fips_validation/fips_validation_gcm.c     | 149 ++++++++++++++
 examples/fips_validation/main.c               | 192 +++++++++++++++++-
 examples/fips_validation/meson.build          |   4 +
 5 files changed, 467 insertions(+), 4 deletions(-)

-- 
2.25.1


^ permalink raw reply	[flat|nested] 122+ messages in thread

* [PATCH 1/5] examples/fips_validation: add jansson dependency
  2022-01-27 14:51 [PATCH 0/5] Add JSON vector set support to fips validation Brandon Lo
@ 2022-01-27 14:51 ` Brandon Lo
  2022-01-27 14:51 ` [PATCH 2/5] examples/fips_validation: add json info to header Brandon Lo
                   ` (4 subsequent siblings)
  5 siblings, 0 replies; 122+ messages in thread
From: Brandon Lo @ 2022-01-27 14:51 UTC (permalink / raw)
  To: dev; +Cc: ciara.power, roy.fan.zhang, Brandon Lo

Added a check for RTE_HAS_JANSSON into the meson
configuration file for JSON support.

Signed-off-by: Brandon Lo <blo@iol.unh.edu>
---
 examples/fips_validation/meson.build | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/examples/fips_validation/meson.build b/examples/fips_validation/meson.build
index 7eef456318..8cd63066b5 100644
--- a/examples/fips_validation/meson.build
+++ b/examples/fips_validation/meson.build
@@ -21,3 +21,7 @@ sources = files(
         'fips_dev_self_test.c',
         'main.c',
 )
+
+if dpdk_conf.has('RTE_HAS_JANSSON')
+    ext_deps += jansson_dep
+endif
-- 
2.25.1


^ permalink raw reply	[flat|nested] 122+ messages in thread

* [PATCH 2/5] examples/fips_validation: add json info to header
  2022-01-27 14:51 [PATCH 0/5] Add JSON vector set support to fips validation Brandon Lo
  2022-01-27 14:51 ` [PATCH 1/5] examples/fips_validation: add jansson dependency Brandon Lo
@ 2022-01-27 14:51 ` Brandon Lo
  2022-01-27 14:51 ` [PATCH 3/5] examples/fips_validation: add json parsing Brandon Lo
                   ` (3 subsequent siblings)
  5 siblings, 0 replies; 122+ messages in thread
From: Brandon Lo @ 2022-01-27 14:51 UTC (permalink / raw)
  To: dev; +Cc: ciara.power, roy.fan.zhang, Brandon Lo

Added json-specific functions and other information needed to
test the new FIPS test vectors.

Signed-off-by: Brandon Lo <blo@iol.unh.edu>
---
 examples/fips_validation/fips_validation.h | 42 +++++++++++++++++++++-
 1 file changed, 41 insertions(+), 1 deletion(-)

diff --git a/examples/fips_validation/fips_validation.h b/examples/fips_validation/fips_validation.h
index aaadf01ba8..e2789df93a 100644
--- a/examples/fips_validation/fips_validation.h
+++ b/examples/fips_validation/fips_validation.h
@@ -5,6 +5,10 @@
 #ifndef _FIPS_VALIDATION_H_
 #define _FIPS_VALIDATION_H_
 
+#ifdef RTE_HAS_JANSSON
+#include <jansson.h>
+#endif /* RTE_HAS_JANSSON */
+
 #define FIPS_PARSE_ERR(fmt, args)					\
 	RTE_LOG(ERR, USER1, "FIPS parse error" ## fmt ## "\n", ## args)
 
@@ -24,6 +28,9 @@
 #define REQ_FILE_PERFIX		"req"
 #define RSP_FILE_PERFIX		"rsp"
 #define FAX_FILE_PERFIX		"fax"
+#define JSON_FILE_PERFIX	"json"
+
+#define ACVVERSION			"1.0"
 
 enum fips_test_algorithms {
 		FIPS_TEST_ALGO_AES = 0,
@@ -40,7 +47,8 @@ enum fips_test_algorithms {
 enum file_types {
 	FIPS_TYPE_REQ = 1,
 	FIPS_TYPE_FAX,
-	FIPS_TYPE_RSP
+	FIPS_TYPE_RSP,
+	FIPS_TYPE_JSON,
 };
 
 enum fips_test_op {
@@ -161,6 +169,23 @@ struct gcm_interim_data {
 	uint8_t gen_iv;
 };
 
+#ifdef RTE_HAS_JANSSON
+struct fips_test_json_info {
+	/* Information used for reading from json */
+	json_t *json_root;
+	json_t *json_vector_set;
+	json_t *json_test_group;
+	json_t *json_test_case;
+	/* Location of json write output */
+	json_t *json_write_root;
+	json_t *json_write_group;
+	json_t *json_write_set;
+	json_t *json_write_case;
+	/* Other info */
+	uint8_t is_sample;
+};
+#endif /* RTE_HAS_JANSSON */
+
 struct fips_test_interim_info {
 	FILE *fp_rd;
 	FILE *fp_wr;
@@ -196,6 +221,10 @@ struct fips_test_interim_info {
 extern struct fips_test_vector vec;
 extern struct fips_test_interim_info info;
 
+#ifdef RTE_HAS_JANSSON
+extern struct fips_test_json_info json_info;
+#endif /* RTE_HAS_JANSSON */
+
 int
 fips_test_init(const char *req_file_path, const char *rsp_file_path,
 		const char *device_name);
@@ -212,6 +241,17 @@ fips_test_parse_one_case(void);
 void
 fips_test_write_one_case(void);
 
+#ifdef RTE_HAS_JANSSON
+int
+fips_test_parse_one_json_vector_set(void);
+
+int
+fips_test_parse_one_json_group(void);
+
+int
+fips_test_parse_one_json_case(void);
+#endif /* RTE_HAS_JANSSON */
+
 int
 parse_test_aes_init(void);
 
-- 
2.25.1


^ permalink raw reply	[flat|nested] 122+ messages in thread

* [PATCH 3/5] examples/fips_validation: add json parsing
  2022-01-27 14:51 [PATCH 0/5] Add JSON vector set support to fips validation Brandon Lo
  2022-01-27 14:51 ` [PATCH 1/5] examples/fips_validation: add jansson dependency Brandon Lo
  2022-01-27 14:51 ` [PATCH 2/5] examples/fips_validation: add json info to header Brandon Lo
@ 2022-01-27 14:51 ` Brandon Lo
  2022-01-27 14:51 ` [PATCH 4/5] examples/fips_validation: allow json file as input Brandon Lo
                   ` (2 subsequent siblings)
  5 siblings, 0 replies; 122+ messages in thread
From: Brandon Lo @ 2022-01-27 14:51 UTC (permalink / raw)
  To: dev; +Cc: ciara.power, roy.fan.zhang, Brandon Lo

Added functions to parse the required information from a vector set
given in the new json format.

Signed-off-by: Brandon Lo <blo@iol.unh.edu>
---
 examples/fips_validation/fips_validation.c | 84 ++++++++++++++++++++++
 1 file changed, 84 insertions(+)

diff --git a/examples/fips_validation/fips_validation.c b/examples/fips_validation/fips_validation.c
index 52a7bf952d..40254a9181 100644
--- a/examples/fips_validation/fips_validation.c
+++ b/examples/fips_validation/fips_validation.c
@@ -276,6 +276,8 @@ parse_file_type(const char *path)
 		info.file_type = FIPS_TYPE_RSP;
 	else if (strstr(path, FAX_FILE_PERFIX))
 		info.file_type = FIPS_TYPE_FAX;
+	else if (strstr(path, JSON_FILE_PERFIX))
+		info.file_type = FIPS_TYPE_JSON;
 	else
 		return -EINVAL;
 
@@ -311,6 +313,21 @@ fips_test_init(const char *req_file_path, const char *rsp_file_path,
 		return -EINVAL;
 	}
 
+	if (info.file_type == FIPS_TYPE_JSON) {
+#ifdef RTE_HAS_JANSSON
+		json_error_t error;
+		json_info.json_root = json_loadf(info.fp_rd, 0, &error);
+		if (!json_info.json_root) {
+			RTE_LOG(ERR, USER1, "Cannot parse json file %s (line %d, column %d)\n",
+				req_file_path, error.line, error.column);
+			return -EINVAL;
+		}
+#else /* RTE_HAS_JANSSON */
+		RTE_LOG(ERR, USER1, "No json library configured.\n");
+		return -EINVAL;
+#endif /* RTE_HAS_JANSSON */
+	}
+
 	info.fp_wr = fopen(rsp_file_path, "w");
 	if (!info.fp_wr) {
 		RTE_LOG(ERR, USER1, "Cannot open file %s\n", rsp_file_path);
@@ -329,6 +346,8 @@ fips_test_init(const char *req_file_path, const char *rsp_file_path,
 		return -EINVAL;
 	}
 
+	if (info.file_type == FIPS_TYPE_JSON) return 0;
+
 	if (fips_test_parse_header() < 0) {
 		RTE_LOG(ERR, USER1, "Failed parsing header\n");
 		return -1;
@@ -429,6 +448,71 @@ fips_test_write_one_case(void)
 		fprintf(info.fp_wr, "%s\n", info.vec[i]);
 }
 
+#ifdef RTE_HAS_JANSSON
+int
+fips_test_parse_one_json_vector_set(void)
+{
+	json_t *algo_obj = json_object_get(json_info.json_vector_set, "algorithm");
+	const char *algo_str = json_string_value(algo_obj);
+
+	/* Vector sets contain the algorithm type, and nothing else we need. */
+	if (strstr(algo_str, "AES-GCM")) info.algo = FIPS_TEST_ALGO_AES_GCM;
+	else return -EINVAL;
+
+	return 0;
+}
+
+int
+fips_test_parse_one_json_group(void)
+{
+	int ret;
+
+	if (info.interim_callbacks) {
+		char json_value[256];
+		for (int i = 0; info.interim_callbacks[i].key != NULL; i++) {
+			json_t *param = json_object_get(json_info.json_test_group, info.interim_callbacks[i].key);
+			json_int_t val = json_integer_value(param);
+			sprintf(json_value, "%lld", val);
+			/* First argument is blank because the key
+			   is not included in the string being parsed. */
+			ret = info.interim_callbacks[i].cb(
+				"", json_value,
+				info.interim_callbacks[i].val
+			);
+			if (ret < 0)
+				return ret;
+		}
+	}
+
+	return 0;
+}
+
+int
+fips_test_parse_one_json_case(void)
+{
+	uint32_t i;
+	int ret = 0;
+
+	for (i = 0; info.callbacks[i].key != NULL; i++) {
+		json_t *param = json_object_get(json_info.json_test_case, info.callbacks[i].key);
+		if (param) {
+			const char *json_string = json_string_value(param);
+			strcpy(info.one_line_text, json_string);
+			/* First argument is blank because the key
+			   is not included in the string being parsed. */
+			ret = info.callbacks[i].cb(
+				"", info.one_line_text,
+				info.callbacks[i].val
+			);
+			if (ret < 0)
+				return ret;
+		}
+	}
+
+	return 0;
+}
+#endif /* RTE_HAS_JANSSON */
+
 static int
 parser_read_uint64_hex(uint64_t *value, const char *p)
 {
-- 
2.25.1


^ permalink raw reply	[flat|nested] 122+ messages in thread

* [PATCH 4/5] examples/fips_validation: allow json file as input
  2022-01-27 14:51 [PATCH 0/5] Add JSON vector set support to fips validation Brandon Lo
                   ` (2 preceding siblings ...)
  2022-01-27 14:51 ` [PATCH 3/5] examples/fips_validation: add json parsing Brandon Lo
@ 2022-01-27 14:51 ` Brandon Lo
  2022-01-27 14:51 ` [PATCH 5/5] examples/fips_validation: add json to gcm test Brandon Lo
  2022-01-29 17:03 ` [PATCH v2 0/5] Add JSON vector set support to fips validation Brandon Lo
  5 siblings, 0 replies; 122+ messages in thread
From: Brandon Lo @ 2022-01-27 14:51 UTC (permalink / raw)
  To: dev; +Cc: ciara.power, roy.fan.zhang, Brandon Lo

Added the ability to use the json format as the input
and output of the example application.

Signed-off-by: Brandon Lo <blo@iol.unh.edu>
---
 examples/fips_validation/main.c | 192 +++++++++++++++++++++++++++++++-
 1 file changed, 189 insertions(+), 3 deletions(-)

diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c
index dc40bffe7d..40d0d10ec7 100644
--- a/examples/fips_validation/main.c
+++ b/examples/fips_validation/main.c
@@ -34,11 +34,17 @@ enum {
 	OPT_CRYPTODEV_BK_ID_NUM,
 #define OPT_CRYPTODEV_BK_DIR_KEY    "broken-test-dir"
 	OPT_CRYPTODEV_BK_DIR_KEY_NUM,
+#define OPT_USE_JSON                "use-json"
+	OPT_USE_JSON_NUM,
 };
 
 struct fips_test_vector vec;
 struct fips_test_interim_info info;
 
+#ifdef RTE_HAS_JANSSON
+struct fips_test_json_info json_info;
+#endif /* RTE_HAS_JANSSON */
+
 struct cryptodev_fips_validate_env {
 	const char *req_path;
 	const char *rsp_path;
@@ -169,6 +175,11 @@ cryptodev_fips_validate_app_uninit(void)
 static int
 fips_test_one_file(void);
 
+#ifdef RTE_HAS_JANSSON
+static int
+fips_test_one_json_file(void);
+#endif /* RTE_HAS_JANSSON */
+
 static int
 parse_cryptodev_arg(char *arg)
 {
@@ -392,6 +403,7 @@ int
 main(int argc, char *argv[])
 {
 	int ret;
+	char use_json;
 
 	ret = rte_eal_init(argc, argv);
 	if (ret < 0) {
@@ -427,9 +439,16 @@ main(int argc, char *argv[])
 					ret, env.req_path);
 			goto exit;
 		}
+		use_json = info.file_type == FIPS_TYPE_JSON;
 
-
+#ifdef RTE_HAS_JANSSON
+		ret = info.file_type == FIPS_TYPE_JSON ?
+			fips_test_one_json_file() : fips_test_one_file();
+		if (use_json) json_decref(json_info.json_root);
+#else /* RTE_HAS_JANSSON */
 		ret = fips_test_one_file();
+#endif /* RTE_HAS_JANSSON */
+
 		if (ret < 0) {
 			RTE_LOG(ERR, USER1, "Error %i: Failed test %s\n",
 					ret, env.req_path);
@@ -483,8 +502,19 @@ main(int argc, char *argv[])
 						ret, req_path);
 				break;
 			}
+			use_json = info.file_type == FIPS_TYPE_JSON;
 
+#ifdef RTE_HAS_JANSSON
+			if (use_json) {
+				ret = fips_test_one_json_file();
+				json_decref(json_info.json_root);
+			} else {
+				ret = fips_test_one_file();
+			}
+#else /* RTE_HAS_JANSSON */
 			ret = fips_test_one_file();
+#endif /* RTE_HAS_JANSSON */
+
 			if (ret < 0) {
 				RTE_LOG(ERR, USER1, "Error %i: Failed test %s\n",
 						ret, req_path);
@@ -1226,7 +1256,7 @@ fips_generic_test(void)
 	struct fips_val val = {NULL, 0};
 	int ret;
 
-	fips_test_write_one_case();
+	if (info.file_type != FIPS_TYPE_JSON) fips_test_write_one_case();
 
 	ret = fips_run_test();
 	if (ret < 0) {
@@ -1245,6 +1275,7 @@ fips_generic_test(void)
 	switch (info.file_type) {
 	case FIPS_TYPE_REQ:
 	case FIPS_TYPE_RSP:
+	case FIPS_TYPE_JSON:
 		if (info.parse_writeback == NULL)
 			return -EPERM;
 		ret = info.parse_writeback(&val);
@@ -1260,7 +1291,7 @@ fips_generic_test(void)
 		break;
 	}
 
-	fprintf(info.fp_wr, "\n");
+	if (info.file_type != FIPS_TYPE_JSON) fprintf(info.fp_wr, "\n");
 	free(val.val);
 
 	return 0;
@@ -1856,3 +1887,158 @@ fips_test_one_file(void)
 
 	return ret;
 }
+
+#ifdef RTE_HAS_JANSSON
+static int
+fips_test_json_init_writeback(void)
+{
+	json_t *session_info, *session_write;
+	session_info = json_array_get(json_info.json_root, 0);
+	session_write = json_object();
+	json_info.json_write_root = json_array();
+
+	json_object_set(session_write, "jwt",
+		json_object_get(session_info, "jwt"));
+	json_object_set(session_write, "url",
+		json_object_get(session_info, "url"));
+	json_object_set(session_write, "isSample",
+		json_object_get(session_info, "isSample"));
+
+	json_info.is_sample = json_boolean_value(
+		json_object_get(session_info, "isSample"));
+
+	json_array_append_new(json_info.json_write_root, session_write);
+	return 0;
+}
+
+static int
+fips_test_one_test_case(void)
+{
+	int ret;
+
+	ret = fips_test_parse_one_json_case();
+
+	switch (ret) {
+	case 0:
+		ret = test_ops.test();
+		if (ret == 0)
+			break;
+		RTE_LOG(ERR, USER1, "Error %i: test block\n",
+				ret);
+		break;
+	case 1:
+		break;
+	default:
+		RTE_LOG(ERR, USER1, "Error %i: Parse block\n",
+				ret);
+	}
+	return 0;
+}
+
+static int
+fips_test_one_test_group(void)
+{
+	int ret;
+	json_t *tests, *write_tests;
+	size_t test_idx, tests_size;
+
+	write_tests = json_array();
+	json_info.json_write_group = json_object();
+	json_object_set(json_info.json_write_group, "tgId",
+		json_object_get(json_info.json_test_group, "tgId"));
+	json_object_set_new(json_info.json_write_group, "tests", write_tests);
+
+	switch (info.algo) {
+		case FIPS_TEST_ALGO_AES_GCM:
+			ret = parse_test_gcm_init();
+			break;
+		default:
+			return -EINVAL;
+	}
+	if (ret < 0) return ret;
+
+	ret = fips_test_parse_one_json_group();
+	if (ret < 0) return ret;
+
+	ret = init_test_ops();
+	if (ret < 0) return ret;
+
+	tests = json_object_get(json_info.json_test_group, "tests");
+	tests_size = json_array_size(tests);
+	for (test_idx = 0; test_idx < tests_size; test_idx++) {
+		json_info.json_test_case = json_array_get(tests, test_idx);
+		fips_test_one_test_case();
+		json_array_append_new(write_tests, json_info.json_write_case);
+	}
+
+	return 0;
+}
+
+static int
+fips_test_one_vector_set(void)
+{
+	int ret;
+	json_t *test_groups, *write_groups, *write_version, *write_set;
+	size_t group_idx, num_groups;
+
+	test_groups = json_object_get(json_info.json_vector_set, "testGroups");
+	num_groups = json_array_size(test_groups);
+
+	json_info.json_write_set = json_array();
+	write_version = json_object();
+	json_object_set_new(write_version, "acvVersion", json_string(ACVVERSION));
+	json_array_append_new(json_info.json_write_set, write_version);
+
+	write_set = json_object();
+	json_array_append_new(json_info.json_write_set, write_set);
+	write_groups = json_array();
+
+	json_object_set(write_set, "vsId",
+		json_object_get(json_info.json_vector_set, "vsId"));
+	json_object_set(write_set, "algorithm",
+		json_object_get(json_info.json_vector_set, "algorithm"));
+	json_object_set(write_set, "revision",
+		json_object_get(json_info.json_vector_set, "revision"));
+	json_object_set_new(write_set, "isSample",
+		json_boolean(json_info.is_sample));
+	json_object_set_new(write_set, "testGroups", write_groups);
+
+	ret = fips_test_parse_one_json_vector_set();
+	if (ret < 0) {
+		RTE_LOG(ERR, USER1, "Error: Unsupported or invalid vector set algorithm: %s\n",
+			json_string_value(json_object_get(json_info.json_vector_set, "algorithm")));
+		return ret;
+	}
+
+	for (group_idx = 0; group_idx < num_groups; group_idx++) {
+		json_info.json_test_group = json_array_get(test_groups, group_idx);
+		ret = fips_test_one_test_group();
+		json_array_append_new(write_groups, json_info.json_write_group);
+	}
+
+	return 0;
+}
+
+static int
+fips_test_one_json_file(void)
+{
+	size_t vector_set_idx, root_size;
+
+	root_size = json_array_size(json_info.json_root);
+	fips_test_json_init_writeback();
+
+	for (vector_set_idx = 1; vector_set_idx < root_size; vector_set_idx++) {
+		/* Vector set index starts at 1, the 0th index contains test session
+		 * information.
+		 */
+		json_info.json_vector_set = json_array_get(json_info.json_root, vector_set_idx);
+		fips_test_one_vector_set();
+		json_array_append_new(json_info.json_write_root, json_info.json_write_set);
+	}
+
+	json_dumpf(json_info.json_write_root, info.fp_wr, JSON_INDENT(4));
+	json_decref(json_info.json_write_root);
+
+	return 0;
+}
+#endif /* RTE_HAS_JANSSON */
-- 
2.25.1


^ permalink raw reply	[flat|nested] 122+ messages in thread

* [PATCH 5/5] examples/fips_validation: add json to gcm test
  2022-01-27 14:51 [PATCH 0/5] Add JSON vector set support to fips validation Brandon Lo
                   ` (3 preceding siblings ...)
  2022-01-27 14:51 ` [PATCH 4/5] examples/fips_validation: allow json file as input Brandon Lo
@ 2022-01-27 14:51 ` Brandon Lo
  2022-01-29 17:03 ` [PATCH v2 0/5] Add JSON vector set support to fips validation Brandon Lo
  5 siblings, 0 replies; 122+ messages in thread
From: Brandon Lo @ 2022-01-27 14:51 UTC (permalink / raw)
  To: dev; +Cc: ciara.power, roy.fan.zhang, Brandon Lo

Adds json-specific testing and writeback function. Allows
the user to test AES-GCM vector sets.

Signed-off-by: Brandon Lo <blo@iol.unh.edu>
---
 .../fips_validation/fips_validation_gcm.c     | 149 ++++++++++++++++++
 1 file changed, 149 insertions(+)

diff --git a/examples/fips_validation/fips_validation_gcm.c b/examples/fips_validation/fips_validation_gcm.c
index 250d09bf90..4df20370b6 100644
--- a/examples/fips_validation/fips_validation_gcm.c
+++ b/examples/fips_validation/fips_validation_gcm.c
@@ -6,6 +6,10 @@
 #include <time.h>
 #include <stdio.h>
 
+#ifdef RTE_HAS_JANSSON
+#include <jansson.h>
+#endif /* RTE_HAS_JANSSON */
+
 #include <rte_cryptodev.h>
 #include <rte_malloc.h>
 
@@ -37,6 +41,27 @@
 #define OP_ENC_EXT_STR	"ExtIV"
 #define OP_ENC_INT_STR	"IntIV"
 
+#define KEYLEN_JSON_STR		"keyLen"
+#define IVLEN_JSON_STR		"ivLen"
+#define PAYLOADLEN_JSON_STR	"payloadLen"
+#define AADLEN_JSON_STR		"aadLen"
+#define TAGLEN_JSON_STR		"tagLen"
+
+#define KEY_JSON_STR	"key"
+#define IV_JSON_STR		"iv"
+#define PT_JSON_STR		"pt"
+#define CT_JSON_STR		"ct"
+#define AAD_JSON_STR	"aad"
+#define TAG_JSON_STR	"tag"
+#define DIR_JSON_STR 	"direction"
+
+#define OP_ENC_JSON_STR	"encrypt"
+#define OP_DEC_JSON_STR	"decrypt"
+
+#define IVGEN_JSON_STR	"ivGen"
+#define OP_ENC_EXT_JSON_STR	"external"
+#define OP_ENC_INT_JSON_STR	"internal"
+
 #define NEG_TEST_STR	"FAIL"
 
 /**
@@ -136,6 +161,40 @@ struct fips_test_callback gcm_enc_vectors[] = {
 		{NULL, NULL, NULL} /**< end pointer */
 };
 
+#ifdef RTE_HAS_JANSSON
+struct fips_test_callback gcm_dec_json_vectors[] = {
+		{KEY_JSON_STR, parse_uint8_known_len_hex_str, &vec.aead.key},
+		{IV_JSON_STR, parse_uint8_known_len_hex_str, &vec.iv},
+		{CT_JSON_STR, parse_gcm_pt_ct_str, &vec.ct},
+		{AAD_JSON_STR, parse_gcm_aad_str, &vec.aead.aad},
+		{TAG_JSON_STR, parse_uint8_known_len_hex_str,
+				&vec.aead.digest},
+		{NULL, NULL, NULL} /**< end pointer */
+};
+
+struct fips_test_callback gcm_interim_json_vectors[] = {
+		{KEYLEN_JSON_STR, parser_read_uint32_bit_val, &vec.aead.key},
+		{IVLEN_JSON_STR, parser_read_uint32_bit_val, &vec.iv},
+		{PAYLOADLEN_JSON_STR, parser_read_gcm_pt_len, &vec.pt},
+		{PAYLOADLEN_JSON_STR, parser_read_uint32_bit_val, &vec.ct},
+		/**< The NIST json test vectors use 'payloadLen' to denote input text
+		 *  length in case of decrypt & encrypt operations.
+		 */
+		{AADLEN_JSON_STR, parser_read_uint32_bit_val, &vec.aead.aad},
+		{TAGLEN_JSON_STR, parser_read_uint32_bit_val,
+				&vec.aead.digest},
+		{NULL, NULL, NULL} /**< end pointer */
+};
+
+struct fips_test_callback gcm_enc_json_vectors[] = {
+		{KEY_JSON_STR, parse_uint8_known_len_hex_str, &vec.aead.key},
+		{IV_JSON_STR, parse_uint8_known_len_hex_str, &vec.iv},
+		{PT_JSON_STR, parse_gcm_pt_ct_str, &vec.pt},
+		{AAD_JSON_STR, parse_gcm_aad_str, &vec.aead.aad},
+		{NULL, NULL, NULL} /**< end pointer */
+};
+#endif /* RTE_HAS_JANSSON */
+
 static int
 parse_test_gcm_writeback(struct fips_val *val)
 {
@@ -188,12 +247,102 @@ parse_test_gcm_writeback(struct fips_val *val)
 	return 0;
 }
 
+#ifdef RTE_HAS_JANSSON
+static int
+parse_test_gcm_json_writeback(struct fips_val *val)
+{
+	struct fips_val tmp_val;
+	json_t *tcId, *tag;
+
+	tcId = json_object_get(json_info.json_test_case, "tcId");
+
+	json_info.json_write_case = json_object();
+	json_object_set(json_info.json_write_case, "tcId", tcId);
+
+	if (info.op == FIPS_TEST_ENC_AUTH_GEN) {
+		json_t *ct;
+
+		tmp_val.val = val->val;
+		tmp_val.len = vec.pt.len;
+
+		writeback_hex_str("", info.one_line_text, &tmp_val);
+		ct = json_string(info.one_line_text);
+		json_object_set_new(json_info.json_write_case, CT_JSON_STR, ct);
+
+		if (info.interim_info.gcm_data.gen_iv) {
+			json_t *iv;
+			tmp_val.val = vec.iv.val;
+			tmp_val.len = vec.iv.len;
+
+			writeback_hex_str("", info.one_line_text, &tmp_val);
+			iv = json_string(info.one_line_text);
+			json_object_set_new(json_info.json_write_case, IV_JSON_STR, iv);
+
+			rte_free(vec.iv.val);
+			vec.iv.val = NULL;
+		}
+
+		tmp_val.val = val->val + vec.pt.len;
+		tmp_val.len = val->len - vec.pt.len;
+
+		writeback_hex_str("", info.one_line_text, &tmp_val);
+		tag = json_string(info.one_line_text);
+		json_object_set_new(json_info.json_write_case, TAG_JSON_STR, tag);
+	} else {
+		if (vec.status == RTE_CRYPTO_OP_STATUS_SUCCESS) {
+			if (!info.interim_info.gcm_data.is_gmac) {
+				tmp_val.val = val->val;
+				tmp_val.len = vec.pt.len;
+
+				writeback_hex_str("", info.one_line_text, &tmp_val);
+				json_object_set_new(json_info.json_write_case, PT_JSON_STR,
+					json_string(info.one_line_text));
+			}
+		} else {
+			json_object_set_new(json_info.json_write_case, "testPassed", json_false());
+		}
+	}
+
+	return 0;
+}
+#endif /* RTE_HAS_JANSSON */
+
 int
 parse_test_gcm_init(void)
 {
 	char *tmp;
 	uint32_t i;
 
+#ifdef RTE_HAS_JANSSON
+	if (json_info.json_test_group) {
+		json_t *direction_obj;
+		const char *direction_str;
+
+		direction_obj = json_object_get(json_info.json_test_group, DIR_JSON_STR);
+		direction_str = json_string_value(direction_obj);
+
+		if (strcmp(direction_str, OP_ENC_JSON_STR) == 0) {
+			json_t *ivGen_obj = json_object_get(json_info.json_test_group, IVGEN_JSON_STR);
+			const char *ivGen_str = json_string_value(ivGen_obj);
+
+			info.op = FIPS_TEST_ENC_AUTH_GEN;
+			info.callbacks = gcm_enc_json_vectors;
+
+			if (strcmp(ivGen_str, OP_ENC_INT_JSON_STR) == 0) {
+				info.interim_info.gcm_data.gen_iv = 1;
+			}
+		} else if (strcmp(direction_str, OP_DEC_JSON_STR) == 0) {
+			info.op = FIPS_TEST_DEC_AUTH_VERIF;
+			info.callbacks = gcm_dec_json_vectors;
+		} else {
+			return -EINVAL;
+		}
+		info.interim_callbacks = gcm_interim_json_vectors;
+		info.parse_writeback = parse_test_gcm_json_writeback;
+
+		return 0;
+	}
+#endif /* RTE_HAS_JANSSON */
 
 	for (i = 0; i < info.nb_vec_lines; i++) {
 		char *line = info.vec[i];
-- 
2.25.1


^ permalink raw reply	[flat|nested] 122+ messages in thread

* [PATCH v2 0/5] Add JSON vector set support to fips validation
  2022-01-27 14:51 [PATCH 0/5] Add JSON vector set support to fips validation Brandon Lo
                   ` (4 preceding siblings ...)
  2022-01-27 14:51 ` [PATCH 5/5] examples/fips_validation: add json to gcm test Brandon Lo
@ 2022-01-29 17:03 ` Brandon Lo
  2022-01-29 17:03   ` [PATCH v2 1/5] examples/fips_validation: add jansson dependency Brandon Lo
                     ` (5 more replies)
  5 siblings, 6 replies; 122+ messages in thread
From: Brandon Lo @ 2022-01-29 17:03 UTC (permalink / raw)
  To: roy.fan.zhang, ciara.power; +Cc: dev, Brandon Lo

Adds a very basic introduction to JSON vector sets in
the fips validation example application. This patch set
will only introduce the AES-GCM test using a JSON request
file because the other algorithms need more information
than what is given in the new JSON format.

Brandon Lo (5):
  examples/fips_validation: add jansson dependency
  examples/fips_validation: add json info to header
  examples/fips_validation: add json parsing
  examples/fips_validation: allow json file as input
  examples/fips_validation: add json to gcm test

 examples/fips_validation/fips_validation.c    |  90 ++++++++-
 examples/fips_validation/fips_validation.h    |  48 ++++-
 .../fips_validation/fips_validation_gcm.c     | 149 ++++++++++++++
 examples/fips_validation/main.c               | 190 +++++++++++++++++-
 examples/fips_validation/meson.build          |   4 +
 5 files changed, 471 insertions(+), 10 deletions(-)

-- 
2.25.1


^ permalink raw reply	[flat|nested] 122+ messages in thread

* [PATCH v2 1/5] examples/fips_validation: add jansson dependency
  2022-01-29 17:03 ` [PATCH v2 0/5] Add JSON vector set support to fips validation Brandon Lo
@ 2022-01-29 17:03   ` Brandon Lo
  2022-01-29 17:03   ` [PATCH v2 2/5] examples/fips_validation: add json info to header Brandon Lo
                     ` (4 subsequent siblings)
  5 siblings, 0 replies; 122+ messages in thread
From: Brandon Lo @ 2022-01-29 17:03 UTC (permalink / raw)
  To: roy.fan.zhang, ciara.power; +Cc: dev, Brandon Lo

Added a check for RTE_HAS_JANSSON into the meson
configuration file for JSON support.

Signed-off-by: Brandon Lo <blo@iol.unh.edu>
---
 examples/fips_validation/meson.build | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/examples/fips_validation/meson.build b/examples/fips_validation/meson.build
index 7eef456318..8cd63066b5 100644
--- a/examples/fips_validation/meson.build
+++ b/examples/fips_validation/meson.build
@@ -21,3 +21,7 @@ sources = files(
         'fips_dev_self_test.c',
         'main.c',
 )
+
+if dpdk_conf.has('RTE_HAS_JANSSON')
+    ext_deps += jansson_dep
+endif
-- 
2.25.1


^ permalink raw reply	[flat|nested] 122+ messages in thread

* [PATCH v2 2/5] examples/fips_validation: add json info to header
  2022-01-29 17:03 ` [PATCH v2 0/5] Add JSON vector set support to fips validation Brandon Lo
  2022-01-29 17:03   ` [PATCH v2 1/5] examples/fips_validation: add jansson dependency Brandon Lo
@ 2022-01-29 17:03   ` Brandon Lo
  2022-01-29 17:03   ` [PATCH v2 3/5] examples/fips_validation: add json parsing Brandon Lo
                     ` (3 subsequent siblings)
  5 siblings, 0 replies; 122+ messages in thread
From: Brandon Lo @ 2022-01-29 17:03 UTC (permalink / raw)
  To: roy.fan.zhang, ciara.power; +Cc: dev, Brandon Lo

Added json-specific functions and other information needed to
test the new FIPS test vectors.

Signed-off-by: Brandon Lo <blo@iol.unh.edu>
---
v2:

* fix type of prefix to suffix

 examples/fips_validation/fips_validation.h | 48 ++++++++++++++++++++--
 1 file changed, 44 insertions(+), 4 deletions(-)

diff --git a/examples/fips_validation/fips_validation.h b/examples/fips_validation/fips_validation.h
index aaadf01ba8..8e2963faa3 100644
--- a/examples/fips_validation/fips_validation.h
+++ b/examples/fips_validation/fips_validation.h
@@ -5,6 +5,10 @@
 #ifndef _FIPS_VALIDATION_H_
 #define _FIPS_VALIDATION_H_
 
+#ifdef RTE_HAS_JANSSON
+#include <jansson.h>
+#endif /* RTE_HAS_JANSSON */
+
 #define FIPS_PARSE_ERR(fmt, args)					\
 	RTE_LOG(ERR, USER1, "FIPS parse error" ## fmt ## "\n", ## args)
 
@@ -21,9 +25,12 @@
 #define POSITIVE_TEST		0
 #define NEGATIVE_TEST		-1
 
-#define REQ_FILE_PERFIX		"req"
-#define RSP_FILE_PERFIX		"rsp"
-#define FAX_FILE_PERFIX		"fax"
+#define REQ_FILE_SUFFIX		"req"
+#define RSP_FILE_SUFFIX		"rsp"
+#define FAX_FILE_SUFFIX		"fax"
+#define JSON_FILE_SUFFIX	"json"
+
+#define ACVVERSION			"1.0"
 
 enum fips_test_algorithms {
 		FIPS_TEST_ALGO_AES = 0,
@@ -40,7 +47,8 @@ enum fips_test_algorithms {
 enum file_types {
 	FIPS_TYPE_REQ = 1,
 	FIPS_TYPE_FAX,
-	FIPS_TYPE_RSP
+	FIPS_TYPE_RSP,
+	FIPS_TYPE_JSON,
 };
 
 enum fips_test_op {
@@ -161,6 +169,23 @@ struct gcm_interim_data {
 	uint8_t gen_iv;
 };
 
+#ifdef RTE_HAS_JANSSON
+struct fips_test_json_info {
+	/* Information used for reading from json */
+	json_t *json_root;
+	json_t *json_vector_set;
+	json_t *json_test_group;
+	json_t *json_test_case;
+	/* Location of json write output */
+	json_t *json_write_root;
+	json_t *json_write_group;
+	json_t *json_write_set;
+	json_t *json_write_case;
+	/* Other info */
+	uint8_t is_sample;
+};
+#endif /* RTE_HAS_JANSSON */
+
 struct fips_test_interim_info {
 	FILE *fp_rd;
 	FILE *fp_wr;
@@ -196,6 +221,10 @@ struct fips_test_interim_info {
 extern struct fips_test_vector vec;
 extern struct fips_test_interim_info info;
 
+#ifdef RTE_HAS_JANSSON
+extern struct fips_test_json_info json_info;
+#endif /* RTE_HAS_JANSSON */
+
 int
 fips_test_init(const char *req_file_path, const char *rsp_file_path,
 		const char *device_name);
@@ -212,6 +241,17 @@ fips_test_parse_one_case(void);
 void
 fips_test_write_one_case(void);
 
+#ifdef RTE_HAS_JANSSON
+int
+fips_test_parse_one_json_vector_set(void);
+
+int
+fips_test_parse_one_json_group(void);
+
+int
+fips_test_parse_one_json_case(void);
+#endif /* RTE_HAS_JANSSON */
+
 int
 parse_test_aes_init(void);
 
-- 
2.25.1


^ permalink raw reply	[flat|nested] 122+ messages in thread

* [PATCH v2 3/5] examples/fips_validation: add json parsing
  2022-01-29 17:03 ` [PATCH v2 0/5] Add JSON vector set support to fips validation Brandon Lo
  2022-01-29 17:03   ` [PATCH v2 1/5] examples/fips_validation: add jansson dependency Brandon Lo
  2022-01-29 17:03   ` [PATCH v2 2/5] examples/fips_validation: add json info to header Brandon Lo
@ 2022-01-29 17:03   ` Brandon Lo
  2022-01-29 17:03   ` [PATCH v2 4/5] examples/fips_validation: allow json file as input Brandon Lo
                     ` (2 subsequent siblings)
  5 siblings, 0 replies; 122+ messages in thread
From: Brandon Lo @ 2022-01-29 17:03 UTC (permalink / raw)
  To: roy.fan.zhang, ciara.power; +Cc: dev, Brandon Lo

Added functions to parse the required information from a vector set
given in the new json format.

Signed-off-by: Brandon Lo <blo@iol.unh.edu>
---
v2:
* fix for loop initialization

 examples/fips_validation/fips_validation.c | 90 +++++++++++++++++++++-
 1 file changed, 87 insertions(+), 3 deletions(-)

diff --git a/examples/fips_validation/fips_validation.c b/examples/fips_validation/fips_validation.c
index 52a7bf952d..6f83cb7fc4 100644
--- a/examples/fips_validation/fips_validation.c
+++ b/examples/fips_validation/fips_validation.c
@@ -270,12 +270,14 @@ parse_file_type(const char *path)
 {
 	const char *tmp = path + strlen(path) - 3;
 
-	if (strstr(tmp, REQ_FILE_PERFIX))
+	if (strstr(tmp, REQ_FILE_SUFFIX))
 		info.file_type = FIPS_TYPE_REQ;
-	else if (strstr(tmp, RSP_FILE_PERFIX))
+	else if (strstr(tmp, RSP_FILE_SUFFIX))
 		info.file_type = FIPS_TYPE_RSP;
-	else if (strstr(path, FAX_FILE_PERFIX))
+	else if (strstr(path, FAX_FILE_SUFFIX))
 		info.file_type = FIPS_TYPE_FAX;
+	else if (strstr(path, JSON_FILE_SUFFIX))
+		info.file_type = FIPS_TYPE_JSON;
 	else
 		return -EINVAL;
 
@@ -311,6 +313,21 @@ fips_test_init(const char *req_file_path, const char *rsp_file_path,
 		return -EINVAL;
 	}
 
+	if (info.file_type == FIPS_TYPE_JSON) {
+#ifdef RTE_HAS_JANSSON
+		json_error_t error;
+		json_info.json_root = json_loadf(info.fp_rd, 0, &error);
+		if (!json_info.json_root) {
+			RTE_LOG(ERR, USER1, "Cannot parse json file %s (line %d, column %d)\n",
+				req_file_path, error.line, error.column);
+			return -EINVAL;
+		}
+#else /* RTE_HAS_JANSSON */
+		RTE_LOG(ERR, USER1, "No json library configured.\n");
+		return -EINVAL;
+#endif /* RTE_HAS_JANSSON */
+	}
+
 	info.fp_wr = fopen(rsp_file_path, "w");
 	if (!info.fp_wr) {
 		RTE_LOG(ERR, USER1, "Cannot open file %s\n", rsp_file_path);
@@ -329,6 +346,8 @@ fips_test_init(const char *req_file_path, const char *rsp_file_path,
 		return -EINVAL;
 	}
 
+	if (info.file_type == FIPS_TYPE_JSON) return 0;
+
 	if (fips_test_parse_header() < 0) {
 		RTE_LOG(ERR, USER1, "Failed parsing header\n");
 		return -1;
@@ -429,6 +448,71 @@ fips_test_write_one_case(void)
 		fprintf(info.fp_wr, "%s\n", info.vec[i]);
 }
 
+#ifdef RTE_HAS_JANSSON
+int
+fips_test_parse_one_json_vector_set(void)
+{
+	json_t *algo_obj = json_object_get(json_info.json_vector_set, "algorithm");
+	const char *algo_str = json_string_value(algo_obj);
+
+	/* Vector sets contain the algorithm type, and nothing else we need. */
+	if (strstr(algo_str, "AES-GCM")) info.algo = FIPS_TEST_ALGO_AES_GCM;
+	else return -EINVAL;
+
+	return 0;
+}
+
+int
+fips_test_parse_one_json_group(void)
+{
+	int ret, i;
+
+	if (info.interim_callbacks) {
+		char json_value[256];
+		for (i = 0; info.interim_callbacks[i].key != NULL; i++) {
+			json_t *param = json_object_get(json_info.json_test_group, info.interim_callbacks[i].key);
+			json_int_t val = json_integer_value(param);
+			sprintf(json_value, "%lld", val);
+			/* First argument is blank because the key
+			   is not included in the string being parsed. */
+			ret = info.interim_callbacks[i].cb(
+				"", json_value,
+				info.interim_callbacks[i].val
+			);
+			if (ret < 0)
+				return ret;
+		}
+	}
+
+	return 0;
+}
+
+int
+fips_test_parse_one_json_case(void)
+{
+	uint32_t i;
+	int ret = 0;
+
+	for (i = 0; info.callbacks[i].key != NULL; i++) {
+		json_t *param = json_object_get(json_info.json_test_case, info.callbacks[i].key);
+		if (param) {
+			const char *json_string = json_string_value(param);
+			strcpy(info.one_line_text, json_string);
+			/* First argument is blank because the key
+			   is not included in the string being parsed. */
+			ret = info.callbacks[i].cb(
+				"", info.one_line_text,
+				info.callbacks[i].val
+			);
+			if (ret < 0)
+				return ret;
+		}
+	}
+
+	return 0;
+}
+#endif /* RTE_HAS_JANSSON */
+
 static int
 parser_read_uint64_hex(uint64_t *value, const char *p)
 {
-- 
2.25.1


^ permalink raw reply	[flat|nested] 122+ messages in thread

* [PATCH v2 4/5] examples/fips_validation: allow json file as input
  2022-01-29 17:03 ` [PATCH v2 0/5] Add JSON vector set support to fips validation Brandon Lo
                     ` (2 preceding siblings ...)
  2022-01-29 17:03   ` [PATCH v2 3/5] examples/fips_validation: add json parsing Brandon Lo
@ 2022-01-29 17:03   ` Brandon Lo
  2022-01-29 17:03   ` [PATCH v2 5/5] examples/fips_validation: add json to gcm test Brandon Lo
  2022-01-29 17:55   ` [PATCH v3 0/5] Add JSON vector set support to fips validation Brandon Lo
  5 siblings, 0 replies; 122+ messages in thread
From: Brandon Lo @ 2022-01-29 17:03 UTC (permalink / raw)
  To: roy.fan.zhang, ciara.power; +Cc: dev, Brandon Lo

Added the ability to use the json format as the input
and output of the example application.

Signed-off-by: Brandon Lo <blo@iol.unh.edu>
---
v2:
* remove use_json variable

 examples/fips_validation/main.c | 190 +++++++++++++++++++++++++++++++-
 1 file changed, 187 insertions(+), 3 deletions(-)

diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c
index dc40bffe7d..2f82c7a541 100644
--- a/examples/fips_validation/main.c
+++ b/examples/fips_validation/main.c
@@ -39,6 +39,10 @@ enum {
 struct fips_test_vector vec;
 struct fips_test_interim_info info;
 
+#ifdef RTE_HAS_JANSSON
+struct fips_test_json_info json_info;
+#endif /* RTE_HAS_JANSSON */
+
 struct cryptodev_fips_validate_env {
 	const char *req_path;
 	const char *rsp_path;
@@ -169,6 +173,11 @@ cryptodev_fips_validate_app_uninit(void)
 static int
 fips_test_one_file(void);
 
+#ifdef RTE_HAS_JANSSON
+static int
+fips_test_one_json_file(void);
+#endif /* RTE_HAS_JANSSON */
+
 static int
 parse_cryptodev_arg(char *arg)
 {
@@ -428,8 +437,17 @@ main(int argc, char *argv[])
 			goto exit;
 		}
 
-
+#ifdef RTE_HAS_JANSSON
+		if (info.file_type == FIPS_TYPE_JSON) {
+			ret = fips_test_one_json_file();
+			json_decref(json_info.json_root);
+		} else {
+			ret = fips_test_one_file();
+		}
+#else /* RTE_HAS_JANSSON */
 		ret = fips_test_one_file();
+#endif /* RTE_HAS_JANSSON */
+
 		if (ret < 0) {
 			RTE_LOG(ERR, USER1, "Error %i: Failed test %s\n",
 					ret, env.req_path);
@@ -484,7 +502,17 @@ main(int argc, char *argv[])
 				break;
 			}
 
+#ifdef RTE_HAS_JANSSON
+			if (info.file_type == FIPS_TYPE_JSON) {
+				ret = fips_test_one_json_file();
+				json_decref(json_info.json_root);
+			} else {
+				ret = fips_test_one_file();
+			}
+#else /* RTE_HAS_JANSSON */
 			ret = fips_test_one_file();
+#endif /* RTE_HAS_JANSSON */
+
 			if (ret < 0) {
 				RTE_LOG(ERR, USER1, "Error %i: Failed test %s\n",
 						ret, req_path);
@@ -1226,7 +1254,7 @@ fips_generic_test(void)
 	struct fips_val val = {NULL, 0};
 	int ret;
 
-	fips_test_write_one_case();
+	if (info.file_type != FIPS_TYPE_JSON) fips_test_write_one_case();
 
 	ret = fips_run_test();
 	if (ret < 0) {
@@ -1245,6 +1273,7 @@ fips_generic_test(void)
 	switch (info.file_type) {
 	case FIPS_TYPE_REQ:
 	case FIPS_TYPE_RSP:
+	case FIPS_TYPE_JSON:
 		if (info.parse_writeback == NULL)
 			return -EPERM;
 		ret = info.parse_writeback(&val);
@@ -1260,7 +1289,7 @@ fips_generic_test(void)
 		break;
 	}
 
-	fprintf(info.fp_wr, "\n");
+	if (info.file_type != FIPS_TYPE_JSON) fprintf(info.fp_wr, "\n");
 	free(val.val);
 
 	return 0;
@@ -1856,3 +1885,158 @@ fips_test_one_file(void)
 
 	return ret;
 }
+
+#ifdef RTE_HAS_JANSSON
+static int
+fips_test_json_init_writeback(void)
+{
+	json_t *session_info, *session_write;
+	session_info = json_array_get(json_info.json_root, 0);
+	session_write = json_object();
+	json_info.json_write_root = json_array();
+
+	json_object_set(session_write, "jwt",
+		json_object_get(session_info, "jwt"));
+	json_object_set(session_write, "url",
+		json_object_get(session_info, "url"));
+	json_object_set(session_write, "isSample",
+		json_object_get(session_info, "isSample"));
+
+	json_info.is_sample = json_boolean_value(
+		json_object_get(session_info, "isSample"));
+
+	json_array_append_new(json_info.json_write_root, session_write);
+	return 0;
+}
+
+static int
+fips_test_one_test_case(void)
+{
+	int ret;
+
+	ret = fips_test_parse_one_json_case();
+
+	switch (ret) {
+	case 0:
+		ret = test_ops.test();
+		if (ret == 0)
+			break;
+		RTE_LOG(ERR, USER1, "Error %i: test block\n",
+				ret);
+		break;
+	case 1:
+		break;
+	default:
+		RTE_LOG(ERR, USER1, "Error %i: Parse block\n",
+				ret);
+	}
+	return 0;
+}
+
+static int
+fips_test_one_test_group(void)
+{
+	int ret;
+	json_t *tests, *write_tests;
+	size_t test_idx, tests_size;
+
+	write_tests = json_array();
+	json_info.json_write_group = json_object();
+	json_object_set(json_info.json_write_group, "tgId",
+		json_object_get(json_info.json_test_group, "tgId"));
+	json_object_set_new(json_info.json_write_group, "tests", write_tests);
+
+	switch (info.algo) {
+		case FIPS_TEST_ALGO_AES_GCM:
+			ret = parse_test_gcm_init();
+			break;
+		default:
+			return -EINVAL;
+	}
+	if (ret < 0) return ret;
+
+	ret = fips_test_parse_one_json_group();
+	if (ret < 0) return ret;
+
+	ret = init_test_ops();
+	if (ret < 0) return ret;
+
+	tests = json_object_get(json_info.json_test_group, "tests");
+	tests_size = json_array_size(tests);
+	for (test_idx = 0; test_idx < tests_size; test_idx++) {
+		json_info.json_test_case = json_array_get(tests, test_idx);
+		fips_test_one_test_case();
+		json_array_append_new(write_tests, json_info.json_write_case);
+	}
+
+	return 0;
+}
+
+static int
+fips_test_one_vector_set(void)
+{
+	int ret;
+	json_t *test_groups, *write_groups, *write_version, *write_set;
+	size_t group_idx, num_groups;
+
+	test_groups = json_object_get(json_info.json_vector_set, "testGroups");
+	num_groups = json_array_size(test_groups);
+
+	json_info.json_write_set = json_array();
+	write_version = json_object();
+	json_object_set_new(write_version, "acvVersion", json_string(ACVVERSION));
+	json_array_append_new(json_info.json_write_set, write_version);
+
+	write_set = json_object();
+	json_array_append_new(json_info.json_write_set, write_set);
+	write_groups = json_array();
+
+	json_object_set(write_set, "vsId",
+		json_object_get(json_info.json_vector_set, "vsId"));
+	json_object_set(write_set, "algorithm",
+		json_object_get(json_info.json_vector_set, "algorithm"));
+	json_object_set(write_set, "revision",
+		json_object_get(json_info.json_vector_set, "revision"));
+	json_object_set_new(write_set, "isSample",
+		json_boolean(json_info.is_sample));
+	json_object_set_new(write_set, "testGroups", write_groups);
+
+	ret = fips_test_parse_one_json_vector_set();
+	if (ret < 0) {
+		RTE_LOG(ERR, USER1, "Error: Unsupported or invalid vector set algorithm: %s\n",
+			json_string_value(json_object_get(json_info.json_vector_set, "algorithm")));
+		return ret;
+	}
+
+	for (group_idx = 0; group_idx < num_groups; group_idx++) {
+		json_info.json_test_group = json_array_get(test_groups, group_idx);
+		ret = fips_test_one_test_group();
+		json_array_append_new(write_groups, json_info.json_write_group);
+	}
+
+	return 0;
+}
+
+static int
+fips_test_one_json_file(void)
+{
+	size_t vector_set_idx, root_size;
+
+	root_size = json_array_size(json_info.json_root);
+	fips_test_json_init_writeback();
+
+	for (vector_set_idx = 1; vector_set_idx < root_size; vector_set_idx++) {
+		/* Vector set index starts at 1, the 0th index contains test session
+		 * information.
+		 */
+		json_info.json_vector_set = json_array_get(json_info.json_root, vector_set_idx);
+		fips_test_one_vector_set();
+		json_array_append_new(json_info.json_write_root, json_info.json_write_set);
+	}
+
+	json_dumpf(json_info.json_write_root, info.fp_wr, JSON_INDENT(4));
+	json_decref(json_info.json_write_root);
+
+	return 0;
+}
+#endif /* RTE_HAS_JANSSON */
-- 
2.25.1


^ permalink raw reply	[flat|nested] 122+ messages in thread

* [PATCH v2 5/5] examples/fips_validation: add json to gcm test
  2022-01-29 17:03 ` [PATCH v2 0/5] Add JSON vector set support to fips validation Brandon Lo
                     ` (3 preceding siblings ...)
  2022-01-29 17:03   ` [PATCH v2 4/5] examples/fips_validation: allow json file as input Brandon Lo
@ 2022-01-29 17:03   ` Brandon Lo
  2022-01-29 17:55   ` [PATCH v3 0/5] Add JSON vector set support to fips validation Brandon Lo
  5 siblings, 0 replies; 122+ messages in thread
From: Brandon Lo @ 2022-01-29 17:03 UTC (permalink / raw)
  To: roy.fan.zhang, ciara.power; +Cc: dev, Brandon Lo

Adds json-specific testing and writeback function. Allows
the user to test AES-GCM vector sets.

Signed-off-by: Brandon Lo <blo@iol.unh.edu>
---
 .../fips_validation/fips_validation_gcm.c     | 149 ++++++++++++++++++
 1 file changed, 149 insertions(+)

diff --git a/examples/fips_validation/fips_validation_gcm.c b/examples/fips_validation/fips_validation_gcm.c
index 250d09bf90..4df20370b6 100644
--- a/examples/fips_validation/fips_validation_gcm.c
+++ b/examples/fips_validation/fips_validation_gcm.c
@@ -6,6 +6,10 @@
 #include <time.h>
 #include <stdio.h>
 
+#ifdef RTE_HAS_JANSSON
+#include <jansson.h>
+#endif /* RTE_HAS_JANSSON */
+
 #include <rte_cryptodev.h>
 #include <rte_malloc.h>
 
@@ -37,6 +41,27 @@
 #define OP_ENC_EXT_STR	"ExtIV"
 #define OP_ENC_INT_STR	"IntIV"
 
+#define KEYLEN_JSON_STR		"keyLen"
+#define IVLEN_JSON_STR		"ivLen"
+#define PAYLOADLEN_JSON_STR	"payloadLen"
+#define AADLEN_JSON_STR		"aadLen"
+#define TAGLEN_JSON_STR		"tagLen"
+
+#define KEY_JSON_STR	"key"
+#define IV_JSON_STR		"iv"
+#define PT_JSON_STR		"pt"
+#define CT_JSON_STR		"ct"
+#define AAD_JSON_STR	"aad"
+#define TAG_JSON_STR	"tag"
+#define DIR_JSON_STR 	"direction"
+
+#define OP_ENC_JSON_STR	"encrypt"
+#define OP_DEC_JSON_STR	"decrypt"
+
+#define IVGEN_JSON_STR	"ivGen"
+#define OP_ENC_EXT_JSON_STR	"external"
+#define OP_ENC_INT_JSON_STR	"internal"
+
 #define NEG_TEST_STR	"FAIL"
 
 /**
@@ -136,6 +161,40 @@ struct fips_test_callback gcm_enc_vectors[] = {
 		{NULL, NULL, NULL} /**< end pointer */
 };
 
+#ifdef RTE_HAS_JANSSON
+struct fips_test_callback gcm_dec_json_vectors[] = {
+		{KEY_JSON_STR, parse_uint8_known_len_hex_str, &vec.aead.key},
+		{IV_JSON_STR, parse_uint8_known_len_hex_str, &vec.iv},
+		{CT_JSON_STR, parse_gcm_pt_ct_str, &vec.ct},
+		{AAD_JSON_STR, parse_gcm_aad_str, &vec.aead.aad},
+		{TAG_JSON_STR, parse_uint8_known_len_hex_str,
+				&vec.aead.digest},
+		{NULL, NULL, NULL} /**< end pointer */
+};
+
+struct fips_test_callback gcm_interim_json_vectors[] = {
+		{KEYLEN_JSON_STR, parser_read_uint32_bit_val, &vec.aead.key},
+		{IVLEN_JSON_STR, parser_read_uint32_bit_val, &vec.iv},
+		{PAYLOADLEN_JSON_STR, parser_read_gcm_pt_len, &vec.pt},
+		{PAYLOADLEN_JSON_STR, parser_read_uint32_bit_val, &vec.ct},
+		/**< The NIST json test vectors use 'payloadLen' to denote input text
+		 *  length in case of decrypt & encrypt operations.
+		 */
+		{AADLEN_JSON_STR, parser_read_uint32_bit_val, &vec.aead.aad},
+		{TAGLEN_JSON_STR, parser_read_uint32_bit_val,
+				&vec.aead.digest},
+		{NULL, NULL, NULL} /**< end pointer */
+};
+
+struct fips_test_callback gcm_enc_json_vectors[] = {
+		{KEY_JSON_STR, parse_uint8_known_len_hex_str, &vec.aead.key},
+		{IV_JSON_STR, parse_uint8_known_len_hex_str, &vec.iv},
+		{PT_JSON_STR, parse_gcm_pt_ct_str, &vec.pt},
+		{AAD_JSON_STR, parse_gcm_aad_str, &vec.aead.aad},
+		{NULL, NULL, NULL} /**< end pointer */
+};
+#endif /* RTE_HAS_JANSSON */
+
 static int
 parse_test_gcm_writeback(struct fips_val *val)
 {
@@ -188,12 +247,102 @@ parse_test_gcm_writeback(struct fips_val *val)
 	return 0;
 }
 
+#ifdef RTE_HAS_JANSSON
+static int
+parse_test_gcm_json_writeback(struct fips_val *val)
+{
+	struct fips_val tmp_val;
+	json_t *tcId, *tag;
+
+	tcId = json_object_get(json_info.json_test_case, "tcId");
+
+	json_info.json_write_case = json_object();
+	json_object_set(json_info.json_write_case, "tcId", tcId);
+
+	if (info.op == FIPS_TEST_ENC_AUTH_GEN) {
+		json_t *ct;
+
+		tmp_val.val = val->val;
+		tmp_val.len = vec.pt.len;
+
+		writeback_hex_str("", info.one_line_text, &tmp_val);
+		ct = json_string(info.one_line_text);
+		json_object_set_new(json_info.json_write_case, CT_JSON_STR, ct);
+
+		if (info.interim_info.gcm_data.gen_iv) {
+			json_t *iv;
+			tmp_val.val = vec.iv.val;
+			tmp_val.len = vec.iv.len;
+
+			writeback_hex_str("", info.one_line_text, &tmp_val);
+			iv = json_string(info.one_line_text);
+			json_object_set_new(json_info.json_write_case, IV_JSON_STR, iv);
+
+			rte_free(vec.iv.val);
+			vec.iv.val = NULL;
+		}
+
+		tmp_val.val = val->val + vec.pt.len;
+		tmp_val.len = val->len - vec.pt.len;
+
+		writeback_hex_str("", info.one_line_text, &tmp_val);
+		tag = json_string(info.one_line_text);
+		json_object_set_new(json_info.json_write_case, TAG_JSON_STR, tag);
+	} else {
+		if (vec.status == RTE_CRYPTO_OP_STATUS_SUCCESS) {
+			if (!info.interim_info.gcm_data.is_gmac) {
+				tmp_val.val = val->val;
+				tmp_val.len = vec.pt.len;
+
+				writeback_hex_str("", info.one_line_text, &tmp_val);
+				json_object_set_new(json_info.json_write_case, PT_JSON_STR,
+					json_string(info.one_line_text));
+			}
+		} else {
+			json_object_set_new(json_info.json_write_case, "testPassed", json_false());
+		}
+	}
+
+	return 0;
+}
+#endif /* RTE_HAS_JANSSON */
+
 int
 parse_test_gcm_init(void)
 {
 	char *tmp;
 	uint32_t i;
 
+#ifdef RTE_HAS_JANSSON
+	if (json_info.json_test_group) {
+		json_t *direction_obj;
+		const char *direction_str;
+
+		direction_obj = json_object_get(json_info.json_test_group, DIR_JSON_STR);
+		direction_str = json_string_value(direction_obj);
+
+		if (strcmp(direction_str, OP_ENC_JSON_STR) == 0) {
+			json_t *ivGen_obj = json_object_get(json_info.json_test_group, IVGEN_JSON_STR);
+			const char *ivGen_str = json_string_value(ivGen_obj);
+
+			info.op = FIPS_TEST_ENC_AUTH_GEN;
+			info.callbacks = gcm_enc_json_vectors;
+
+			if (strcmp(ivGen_str, OP_ENC_INT_JSON_STR) == 0) {
+				info.interim_info.gcm_data.gen_iv = 1;
+			}
+		} else if (strcmp(direction_str, OP_DEC_JSON_STR) == 0) {
+			info.op = FIPS_TEST_DEC_AUTH_VERIF;
+			info.callbacks = gcm_dec_json_vectors;
+		} else {
+			return -EINVAL;
+		}
+		info.interim_callbacks = gcm_interim_json_vectors;
+		info.parse_writeback = parse_test_gcm_json_writeback;
+
+		return 0;
+	}
+#endif /* RTE_HAS_JANSSON */
 
 	for (i = 0; i < info.nb_vec_lines; i++) {
 		char *line = info.vec[i];
-- 
2.25.1


^ permalink raw reply	[flat|nested] 122+ messages in thread

* [PATCH v3 0/5] Add JSON vector set support to fips validation
  2022-01-29 17:03 ` [PATCH v2 0/5] Add JSON vector set support to fips validation Brandon Lo
                     ` (4 preceding siblings ...)
  2022-01-29 17:03   ` [PATCH v2 5/5] examples/fips_validation: add json to gcm test Brandon Lo
@ 2022-01-29 17:55   ` Brandon Lo
  2022-01-29 17:55     ` [PATCH v3 1/5] examples/fips_validation: add jansson dependency Brandon Lo
                       ` (7 more replies)
  5 siblings, 8 replies; 122+ messages in thread
From: Brandon Lo @ 2022-01-29 17:55 UTC (permalink / raw)
  To: roy.fan.zhang, ciara.power; +Cc: dev, Brandon Lo

Adds a very basic introduction to JSON vector sets in
the fips validation example application. This patch set
will only introduce the AES-GCM test using a JSON request
file because the other algorithms need more information
than what is given in the new JSON format.

Brandon Lo (5):
  examples/fips_validation: add jansson dependency
  examples/fips_validation: add json info to header
  examples/fips_validation: add json parsing
  examples/fips_validation: allow json file as input
  examples/fips_validation: add json to gcm test

 examples/fips_validation/fips_validation.c    |  96 ++++++++-
 examples/fips_validation/fips_validation.h    |  48 ++++-
 .../fips_validation/fips_validation_gcm.c     | 150 ++++++++++++++
 examples/fips_validation/main.c               | 195 +++++++++++++++++-
 examples/fips_validation/meson.build          |   4 +
 5 files changed, 483 insertions(+), 10 deletions(-)

-- 
2.25.1


^ permalink raw reply	[flat|nested] 122+ messages in thread

* [PATCH v3 1/5] examples/fips_validation: add jansson dependency
  2022-01-29 17:55   ` [PATCH v3 0/5] Add JSON vector set support to fips validation Brandon Lo
@ 2022-01-29 17:55     ` Brandon Lo
  2022-01-29 17:55     ` [PATCH v3 2/5] examples/fips_validation: add json info to header Brandon Lo
                       ` (6 subsequent siblings)
  7 siblings, 0 replies; 122+ messages in thread
From: Brandon Lo @ 2022-01-29 17:55 UTC (permalink / raw)
  To: roy.fan.zhang, ciara.power; +Cc: dev, Brandon Lo

Added a check for RTE_HAS_JANSSON into the meson
configuration file for JSON support.

Signed-off-by: Brandon Lo <blo@iol.unh.edu>
---
 examples/fips_validation/meson.build | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/examples/fips_validation/meson.build b/examples/fips_validation/meson.build
index 7eef456318..8cd63066b5 100644
--- a/examples/fips_validation/meson.build
+++ b/examples/fips_validation/meson.build
@@ -21,3 +21,7 @@ sources = files(
         'fips_dev_self_test.c',
         'main.c',
 )
+
+if dpdk_conf.has('RTE_HAS_JANSSON')
+    ext_deps += jansson_dep
+endif
-- 
2.25.1


^ permalink raw reply	[flat|nested] 122+ messages in thread

* [PATCH v3 2/5] examples/fips_validation: add json info to header
  2022-01-29 17:55   ` [PATCH v3 0/5] Add JSON vector set support to fips validation Brandon Lo
  2022-01-29 17:55     ` [PATCH v3 1/5] examples/fips_validation: add jansson dependency Brandon Lo
@ 2022-01-29 17:55     ` Brandon Lo
  2022-01-29 17:55     ` [PATCH v3 3/5] examples/fips_validation: add json parsing Brandon Lo
                       ` (5 subsequent siblings)
  7 siblings, 0 replies; 122+ messages in thread
From: Brandon Lo @ 2022-01-29 17:55 UTC (permalink / raw)
  To: roy.fan.zhang, ciara.power; +Cc: dev, Brandon Lo

Added json-specific functions and other information needed to
test the new FIPS test vectors.

Signed-off-by: Brandon Lo <blo@iol.unh.edu>
---
v2:
* fix type of prefix to suffix

 examples/fips_validation/fips_validation.h | 48 ++++++++++++++++++++--
 1 file changed, 44 insertions(+), 4 deletions(-)

diff --git a/examples/fips_validation/fips_validation.h b/examples/fips_validation/fips_validation.h
index aaadf01ba8..8e2963faa3 100644
--- a/examples/fips_validation/fips_validation.h
+++ b/examples/fips_validation/fips_validation.h
@@ -5,6 +5,10 @@
 #ifndef _FIPS_VALIDATION_H_
 #define _FIPS_VALIDATION_H_
 
+#ifdef RTE_HAS_JANSSON
+#include <jansson.h>
+#endif /* RTE_HAS_JANSSON */
+
 #define FIPS_PARSE_ERR(fmt, args)					\
 	RTE_LOG(ERR, USER1, "FIPS parse error" ## fmt ## "\n", ## args)
 
@@ -21,9 +25,12 @@
 #define POSITIVE_TEST		0
 #define NEGATIVE_TEST		-1
 
-#define REQ_FILE_PERFIX		"req"
-#define RSP_FILE_PERFIX		"rsp"
-#define FAX_FILE_PERFIX		"fax"
+#define REQ_FILE_SUFFIX		"req"
+#define RSP_FILE_SUFFIX		"rsp"
+#define FAX_FILE_SUFFIX		"fax"
+#define JSON_FILE_SUFFIX	"json"
+
+#define ACVVERSION			"1.0"
 
 enum fips_test_algorithms {
 		FIPS_TEST_ALGO_AES = 0,
@@ -40,7 +47,8 @@ enum fips_test_algorithms {
 enum file_types {
 	FIPS_TYPE_REQ = 1,
 	FIPS_TYPE_FAX,
-	FIPS_TYPE_RSP
+	FIPS_TYPE_RSP,
+	FIPS_TYPE_JSON,
 };
 
 enum fips_test_op {
@@ -161,6 +169,23 @@ struct gcm_interim_data {
 	uint8_t gen_iv;
 };
 
+#ifdef RTE_HAS_JANSSON
+struct fips_test_json_info {
+	/* Information used for reading from json */
+	json_t *json_root;
+	json_t *json_vector_set;
+	json_t *json_test_group;
+	json_t *json_test_case;
+	/* Location of json write output */
+	json_t *json_write_root;
+	json_t *json_write_group;
+	json_t *json_write_set;
+	json_t *json_write_case;
+	/* Other info */
+	uint8_t is_sample;
+};
+#endif /* RTE_HAS_JANSSON */
+
 struct fips_test_interim_info {
 	FILE *fp_rd;
 	FILE *fp_wr;
@@ -196,6 +221,10 @@ struct fips_test_interim_info {
 extern struct fips_test_vector vec;
 extern struct fips_test_interim_info info;
 
+#ifdef RTE_HAS_JANSSON
+extern struct fips_test_json_info json_info;
+#endif /* RTE_HAS_JANSSON */
+
 int
 fips_test_init(const char *req_file_path, const char *rsp_file_path,
 		const char *device_name);
@@ -212,6 +241,17 @@ fips_test_parse_one_case(void);
 void
 fips_test_write_one_case(void);
 
+#ifdef RTE_HAS_JANSSON
+int
+fips_test_parse_one_json_vector_set(void);
+
+int
+fips_test_parse_one_json_group(void);
+
+int
+fips_test_parse_one_json_case(void);
+#endif /* RTE_HAS_JANSSON */
+
 int
 parse_test_aes_init(void);
 
-- 
2.25.1


^ permalink raw reply	[flat|nested] 122+ messages in thread

* [PATCH v3 3/5] examples/fips_validation: add json parsing
  2022-01-29 17:55   ` [PATCH v3 0/5] Add JSON vector set support to fips validation Brandon Lo
  2022-01-29 17:55     ` [PATCH v3 1/5] examples/fips_validation: add jansson dependency Brandon Lo
  2022-01-29 17:55     ` [PATCH v3 2/5] examples/fips_validation: add json info to header Brandon Lo
@ 2022-01-29 17:55     ` Brandon Lo
  2022-01-29 17:55     ` [PATCH v3 4/5] examples/fips_validation: allow json file as input Brandon Lo
                       ` (4 subsequent siblings)
  7 siblings, 0 replies; 122+ messages in thread
From: Brandon Lo @ 2022-01-29 17:55 UTC (permalink / raw)
  To: roy.fan.zhang, ciara.power; +Cc: dev, Brandon Lo

Added functions to parse the required information from a vector set
given in the new json format.

Signed-off-by: Brandon Lo <blo@iol.unh.edu>
---
v3:
* fix checkpatch warnings

v2:
* fix for loop initialization

 examples/fips_validation/fips_validation.c | 96 +++++++++++++++++++++-
 1 file changed, 93 insertions(+), 3 deletions(-)

diff --git a/examples/fips_validation/fips_validation.c b/examples/fips_validation/fips_validation.c
index 52a7bf952d..198cdb5688 100644
--- a/examples/fips_validation/fips_validation.c
+++ b/examples/fips_validation/fips_validation.c
@@ -270,12 +270,14 @@ parse_file_type(const char *path)
 {
 	const char *tmp = path + strlen(path) - 3;
 
-	if (strstr(tmp, REQ_FILE_PERFIX))
+	if (strstr(tmp, REQ_FILE_SUFFIX))
 		info.file_type = FIPS_TYPE_REQ;
-	else if (strstr(tmp, RSP_FILE_PERFIX))
+	else if (strstr(tmp, RSP_FILE_SUFFIX))
 		info.file_type = FIPS_TYPE_RSP;
-	else if (strstr(path, FAX_FILE_PERFIX))
+	else if (strstr(path, FAX_FILE_SUFFIX))
 		info.file_type = FIPS_TYPE_FAX;
+	else if (strstr(path, JSON_FILE_SUFFIX))
+		info.file_type = FIPS_TYPE_JSON;
 	else
 		return -EINVAL;
 
@@ -311,6 +313,21 @@ fips_test_init(const char *req_file_path, const char *rsp_file_path,
 		return -EINVAL;
 	}
 
+	if (info.file_type == FIPS_TYPE_JSON) {
+#ifdef RTE_HAS_JANSSON
+		json_error_t error;
+		json_info.json_root = json_loadf(info.fp_rd, 0, &error);
+		if (!json_info.json_root) {
+			RTE_LOG(ERR, USER1, "Cannot parse json file %s (line %d, column %d)\n",
+				req_file_path, error.line, error.column);
+			return -EINVAL;
+		}
+#else /* RTE_HAS_JANSSON */
+		RTE_LOG(ERR, USER1, "No json library configured.\n");
+		return -EINVAL;
+#endif /* RTE_HAS_JANSSON */
+	}
+
 	info.fp_wr = fopen(rsp_file_path, "w");
 	if (!info.fp_wr) {
 		RTE_LOG(ERR, USER1, "Cannot open file %s\n", rsp_file_path);
@@ -329,6 +346,9 @@ fips_test_init(const char *req_file_path, const char *rsp_file_path,
 		return -EINVAL;
 	}
 
+	if (info.file_type == FIPS_TYPE_JSON)
+		return 0;
+
 	if (fips_test_parse_header() < 0) {
 		RTE_LOG(ERR, USER1, "Failed parsing header\n");
 		return -1;
@@ -429,6 +449,76 @@ fips_test_write_one_case(void)
 		fprintf(info.fp_wr, "%s\n", info.vec[i]);
 }
 
+#ifdef RTE_HAS_JANSSON
+int
+fips_test_parse_one_json_vector_set(void)
+{
+	json_t *algo_obj = json_object_get(json_info.json_vector_set, "algorithm");
+	const char *algo_str = json_string_value(algo_obj);
+
+	/* Vector sets contain the algorithm type, and nothing else we need. */
+	if (strstr(algo_str, "AES-GCM"))
+		info.algo = FIPS_TEST_ALGO_AES_GCM;
+	else
+		return -EINVAL;
+
+	return 0;
+}
+
+int
+fips_test_parse_one_json_group(void)
+{
+	int ret, i;
+
+	if (info.interim_callbacks) {
+		char json_value[256];
+		for (i = 0; info.interim_callbacks[i].key != NULL; i++) {
+			json_t *param = json_object_get(json_info.json_test_group,
+				info.interim_callbacks[i].key);
+			json_int_t val = json_integer_value(param);
+			snprintf(json_value, 255, "%"JSON_INTEGER_FORMAT, val);
+			/* First argument is blank because the key
+			 * is not included in the string being parsed.
+			 */
+			ret = info.interim_callbacks[i].cb(
+				"", json_value,
+				info.interim_callbacks[i].val
+			);
+			if (ret < 0)
+				return ret;
+		}
+	}
+
+	return 0;
+}
+
+int
+fips_test_parse_one_json_case(void)
+{
+	uint32_t i;
+	int ret = 0;
+
+	for (i = 0; info.callbacks[i].key != NULL; i++) {
+		json_t *param = json_object_get(json_info.json_test_case, info.callbacks[i].key);
+		if (param) {
+			const char *json_string = json_string_value(param);
+			strcpy(info.one_line_text, json_string);
+			/* First argument is blank because the key
+			 * is not included in the string being parsed.
+			 */
+			ret = info.callbacks[i].cb(
+				"", info.one_line_text,
+				info.callbacks[i].val
+			);
+			if (ret < 0)
+				return ret;
+		}
+	}
+
+	return 0;
+}
+#endif /* RTE_HAS_JANSSON */
+
 static int
 parser_read_uint64_hex(uint64_t *value, const char *p)
 {
-- 
2.25.1


^ permalink raw reply	[flat|nested] 122+ messages in thread

* [PATCH v3 4/5] examples/fips_validation: allow json file as input
  2022-01-29 17:55   ` [PATCH v3 0/5] Add JSON vector set support to fips validation Brandon Lo
                       ` (2 preceding siblings ...)
  2022-01-29 17:55     ` [PATCH v3 3/5] examples/fips_validation: add json parsing Brandon Lo
@ 2022-01-29 17:55     ` Brandon Lo
  2022-01-29 17:55     ` [PATCH v3 5/5] examples/fips_validation: add json to gcm test Brandon Lo
                       ` (3 subsequent siblings)
  7 siblings, 0 replies; 122+ messages in thread
From: Brandon Lo @ 2022-01-29 17:55 UTC (permalink / raw)
  To: roy.fan.zhang, ciara.power; +Cc: dev, Brandon Lo

Added the ability to use the json format as the input
and output of the example application.

Signed-off-by: Brandon Lo <blo@iol.unh.edu>
---
v3:
* fix checkpatch warnings

v2:
* remove use_json variable

 examples/fips_validation/main.c | 195 +++++++++++++++++++++++++++++++-
 1 file changed, 192 insertions(+), 3 deletions(-)

diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c
index dc40bffe7d..6a6794fab1 100644
--- a/examples/fips_validation/main.c
+++ b/examples/fips_validation/main.c
@@ -39,6 +39,10 @@ enum {
 struct fips_test_vector vec;
 struct fips_test_interim_info info;
 
+#ifdef RTE_HAS_JANSSON
+struct fips_test_json_info json_info;
+#endif /* RTE_HAS_JANSSON */
+
 struct cryptodev_fips_validate_env {
 	const char *req_path;
 	const char *rsp_path;
@@ -169,6 +173,11 @@ cryptodev_fips_validate_app_uninit(void)
 static int
 fips_test_one_file(void);
 
+#ifdef RTE_HAS_JANSSON
+static int
+fips_test_one_json_file(void);
+#endif /* RTE_HAS_JANSSON */
+
 static int
 parse_cryptodev_arg(char *arg)
 {
@@ -428,8 +437,17 @@ main(int argc, char *argv[])
 			goto exit;
 		}
 
-
+#ifdef RTE_HAS_JANSSON
+		if (info.file_type == FIPS_TYPE_JSON) {
+			ret = fips_test_one_json_file();
+			json_decref(json_info.json_root);
+		} else {
+			ret = fips_test_one_file();
+		}
+#else /* RTE_HAS_JANSSON */
 		ret = fips_test_one_file();
+#endif /* RTE_HAS_JANSSON */
+
 		if (ret < 0) {
 			RTE_LOG(ERR, USER1, "Error %i: Failed test %s\n",
 					ret, env.req_path);
@@ -484,7 +502,17 @@ main(int argc, char *argv[])
 				break;
 			}
 
+#ifdef RTE_HAS_JANSSON
+			if (info.file_type == FIPS_TYPE_JSON) {
+				ret = fips_test_one_json_file();
+				json_decref(json_info.json_root);
+			} else {
+				ret = fips_test_one_file();
+			}
+#else /* RTE_HAS_JANSSON */
 			ret = fips_test_one_file();
+#endif /* RTE_HAS_JANSSON */
+
 			if (ret < 0) {
 				RTE_LOG(ERR, USER1, "Error %i: Failed test %s\n",
 						ret, req_path);
@@ -1226,7 +1254,8 @@ fips_generic_test(void)
 	struct fips_val val = {NULL, 0};
 	int ret;
 
-	fips_test_write_one_case();
+	if (info.file_type != FIPS_TYPE_JSON)
+		fips_test_write_one_case();
 
 	ret = fips_run_test();
 	if (ret < 0) {
@@ -1245,6 +1274,7 @@ fips_generic_test(void)
 	switch (info.file_type) {
 	case FIPS_TYPE_REQ:
 	case FIPS_TYPE_RSP:
+	case FIPS_TYPE_JSON:
 		if (info.parse_writeback == NULL)
 			return -EPERM;
 		ret = info.parse_writeback(&val);
@@ -1260,7 +1290,8 @@ fips_generic_test(void)
 		break;
 	}
 
-	fprintf(info.fp_wr, "\n");
+	if (info.file_type != FIPS_TYPE_JSON)
+		fprintf(info.fp_wr, "\n");
 	free(val.val);
 
 	return 0;
@@ -1856,3 +1887,161 @@ fips_test_one_file(void)
 
 	return ret;
 }
+
+#ifdef RTE_HAS_JANSSON
+static int
+fips_test_json_init_writeback(void)
+{
+	json_t *session_info, *session_write;
+	session_info = json_array_get(json_info.json_root, 0);
+	session_write = json_object();
+	json_info.json_write_root = json_array();
+
+	json_object_set(session_write, "jwt",
+		json_object_get(session_info, "jwt"));
+	json_object_set(session_write, "url",
+		json_object_get(session_info, "url"));
+	json_object_set(session_write, "isSample",
+		json_object_get(session_info, "isSample"));
+
+	json_info.is_sample = json_boolean_value(
+		json_object_get(session_info, "isSample"));
+
+	json_array_append_new(json_info.json_write_root, session_write);
+	return 0;
+}
+
+static int
+fips_test_one_test_case(void)
+{
+	int ret;
+
+	ret = fips_test_parse_one_json_case();
+
+	switch (ret) {
+	case 0:
+		ret = test_ops.test();
+		if (ret == 0)
+			break;
+		RTE_LOG(ERR, USER1, "Error %i: test block\n",
+				ret);
+		break;
+	case 1:
+		break;
+	default:
+		RTE_LOG(ERR, USER1, "Error %i: Parse block\n",
+				ret);
+	}
+	return 0;
+}
+
+static int
+fips_test_one_test_group(void)
+{
+	int ret;
+	json_t *tests, *write_tests;
+	size_t test_idx, tests_size;
+
+	write_tests = json_array();
+	json_info.json_write_group = json_object();
+	json_object_set(json_info.json_write_group, "tgId",
+		json_object_get(json_info.json_test_group, "tgId"));
+	json_object_set_new(json_info.json_write_group, "tests", write_tests);
+
+	switch (info.algo) {
+	case FIPS_TEST_ALGO_AES_GCM:
+		ret = parse_test_gcm_init();
+		break;
+	default:
+		return -EINVAL;
+	}
+	if (ret < 0)
+		return ret;
+
+	ret = fips_test_parse_one_json_group();
+	if (ret < 0)
+		return ret;
+
+	ret = init_test_ops();
+	if (ret < 0)
+		return ret;
+
+	tests = json_object_get(json_info.json_test_group, "tests");
+	tests_size = json_array_size(tests);
+	for (test_idx = 0; test_idx < tests_size; test_idx++) {
+		json_info.json_test_case = json_array_get(tests, test_idx);
+		fips_test_one_test_case();
+		json_array_append_new(write_tests, json_info.json_write_case);
+	}
+
+	return 0;
+}
+
+static int
+fips_test_one_vector_set(void)
+{
+	int ret;
+	json_t *test_groups, *write_groups, *write_version, *write_set;
+	size_t group_idx, num_groups;
+
+	test_groups = json_object_get(json_info.json_vector_set, "testGroups");
+	num_groups = json_array_size(test_groups);
+
+	json_info.json_write_set = json_array();
+	write_version = json_object();
+	json_object_set_new(write_version, "acvVersion", json_string(ACVVERSION));
+	json_array_append_new(json_info.json_write_set, write_version);
+
+	write_set = json_object();
+	json_array_append_new(json_info.json_write_set, write_set);
+	write_groups = json_array();
+
+	json_object_set(write_set, "vsId",
+		json_object_get(json_info.json_vector_set, "vsId"));
+	json_object_set(write_set, "algorithm",
+		json_object_get(json_info.json_vector_set, "algorithm"));
+	json_object_set(write_set, "revision",
+		json_object_get(json_info.json_vector_set, "revision"));
+	json_object_set_new(write_set, "isSample",
+		json_boolean(json_info.is_sample));
+	json_object_set_new(write_set, "testGroups", write_groups);
+
+	ret = fips_test_parse_one_json_vector_set();
+	if (ret < 0) {
+		RTE_LOG(ERR, USER1, "Error: Unsupported or invalid vector set algorithm: %s\n",
+			json_string_value(json_object_get(json_info.json_vector_set, "algorithm")));
+		return ret;
+	}
+
+	for (group_idx = 0; group_idx < num_groups; group_idx++) {
+		json_info.json_test_group = json_array_get(test_groups, group_idx);
+		ret = fips_test_one_test_group();
+		json_array_append_new(write_groups, json_info.json_write_group);
+	}
+
+	return 0;
+}
+
+static int
+fips_test_one_json_file(void)
+{
+	size_t vector_set_idx, root_size;
+
+	root_size = json_array_size(json_info.json_root);
+	fips_test_json_init_writeback();
+
+	for (vector_set_idx = 1; vector_set_idx < root_size; vector_set_idx++) {
+		/* Vector set index starts at 1, the 0th index contains test session
+		 * information.
+		 */
+		json_info.json_vector_set = json_array_get(json_info.json_root, vector_set_idx);
+		fips_test_one_vector_set();
+		json_array_append_new(json_info.json_write_root, json_info.json_write_set);
+	}
+
+	json_dumpf(json_info.json_write_root, info.fp_wr, JSON_INDENT(4));
+	json_decref(json_info.json_write_root);
+
+	return 0;
+}
+#endif /* RTE_HAS_JANSSON */
-- 
2.25.1


^ permalink raw reply	[flat|nested] 122+ messages in thread

* [PATCH v3 5/5] examples/fips_validation: add json to gcm test
  2022-01-29 17:55   ` [PATCH v3 0/5] Add JSON vector set support to fips validation Brandon Lo
                       ` (3 preceding siblings ...)
  2022-01-29 17:55     ` [PATCH v3 4/5] examples/fips_validation: allow json file as input Brandon Lo
@ 2022-01-29 17:55     ` Brandon Lo
  2022-02-02 15:15     ` [PATCH v3 0/5] Add JSON vector set support to fips validation Brandon Lo
                       ` (2 subsequent siblings)
  7 siblings, 0 replies; 122+ messages in thread
From: Brandon Lo @ 2022-01-29 17:55 UTC (permalink / raw)
  To: roy.fan.zhang, ciara.power; +Cc: dev, Brandon Lo

Adds json-specific testing and writeback function. Allows
the user to test AES-GCM vector sets.

Signed-off-by: Brandon Lo <blo@iol.unh.edu>
---
v3:
* fix checkpatch warnings

 .../fips_validation/fips_validation_gcm.c     | 150 ++++++++++++++++++
 1 file changed, 150 insertions(+)

diff --git a/examples/fips_validation/fips_validation_gcm.c b/examples/fips_validation/fips_validation_gcm.c
index 250d09bf90..5c72dbf790 100644
--- a/examples/fips_validation/fips_validation_gcm.c
+++ b/examples/fips_validation/fips_validation_gcm.c
@@ -6,6 +6,10 @@
 #include <time.h>
 #include <stdio.h>
 
+#ifdef RTE_HAS_JANSSON
+#include <jansson.h>
+#endif /* RTE_HAS_JANSSON */
+
 #include <rte_cryptodev.h>
 #include <rte_malloc.h>
 
@@ -37,6 +41,27 @@
 #define OP_ENC_EXT_STR	"ExtIV"
 #define OP_ENC_INT_STR	"IntIV"
 
+#define KEYLEN_JSON_STR		"keyLen"
+#define IVLEN_JSON_STR		"ivLen"
+#define PAYLOADLEN_JSON_STR	"payloadLen"
+#define AADLEN_JSON_STR		"aadLen"
+#define TAGLEN_JSON_STR		"tagLen"
+
+#define KEY_JSON_STR	"key"
+#define IV_JSON_STR		"iv"
+#define PT_JSON_STR		"pt"
+#define CT_JSON_STR		"ct"
+#define AAD_JSON_STR	"aad"
+#define TAG_JSON_STR	"tag"
+#define DIR_JSON_STR	"direction"
+
+#define OP_ENC_JSON_STR	"encrypt"
+#define OP_DEC_JSON_STR	"decrypt"
+
+#define IVGEN_JSON_STR	"ivGen"
+#define OP_ENC_EXT_JSON_STR	"external"
+#define OP_ENC_INT_JSON_STR	"internal"
+
 #define NEG_TEST_STR	"FAIL"
 
 /**
@@ -136,6 +161,40 @@ struct fips_test_callback gcm_enc_vectors[] = {
 		{NULL, NULL, NULL} /**< end pointer */
 };
 
+#ifdef RTE_HAS_JANSSON
+struct fips_test_callback gcm_dec_json_vectors[] = {
+		{KEY_JSON_STR, parse_uint8_known_len_hex_str, &vec.aead.key},
+		{IV_JSON_STR, parse_uint8_known_len_hex_str, &vec.iv},
+		{CT_JSON_STR, parse_gcm_pt_ct_str, &vec.ct},
+		{AAD_JSON_STR, parse_gcm_aad_str, &vec.aead.aad},
+		{TAG_JSON_STR, parse_uint8_known_len_hex_str,
+				&vec.aead.digest},
+		{NULL, NULL, NULL} /**< end pointer */
+};
+
+struct fips_test_callback gcm_interim_json_vectors[] = {
+		{KEYLEN_JSON_STR, parser_read_uint32_bit_val, &vec.aead.key},
+		{IVLEN_JSON_STR, parser_read_uint32_bit_val, &vec.iv},
+		{PAYLOADLEN_JSON_STR, parser_read_gcm_pt_len, &vec.pt},
+		{PAYLOADLEN_JSON_STR, parser_read_uint32_bit_val, &vec.ct},
+		/**< The NIST json test vectors use 'payloadLen' to denote input text
+		 *  length in case of decrypt & encrypt operations.
+		 */
+		{AADLEN_JSON_STR, parser_read_uint32_bit_val, &vec.aead.aad},
+		{TAGLEN_JSON_STR, parser_read_uint32_bit_val,
+				&vec.aead.digest},
+		{NULL, NULL, NULL} /**< end pointer */
+};
+
+struct fips_test_callback gcm_enc_json_vectors[] = {
+		{KEY_JSON_STR, parse_uint8_known_len_hex_str, &vec.aead.key},
+		{IV_JSON_STR, parse_uint8_known_len_hex_str, &vec.iv},
+		{PT_JSON_STR, parse_gcm_pt_ct_str, &vec.pt},
+		{AAD_JSON_STR, parse_gcm_aad_str, &vec.aead.aad},
+		{NULL, NULL, NULL} /**< end pointer */
+};
+#endif /* RTE_HAS_JANSSON */
+
 static int
 parse_test_gcm_writeback(struct fips_val *val)
 {
@@ -188,12 +247,103 @@ parse_test_gcm_writeback(struct fips_val *val)
 	return 0;
 }
 
+#ifdef RTE_HAS_JANSSON
+static int
+parse_test_gcm_json_writeback(struct fips_val *val)
+{
+	struct fips_val tmp_val;
+	json_t *tcId, *tag;
+
+	tcId = json_object_get(json_info.json_test_case, "tcId");
+
+	json_info.json_write_case = json_object();
+	json_object_set(json_info.json_write_case, "tcId", tcId);
+
+	if (info.op == FIPS_TEST_ENC_AUTH_GEN) {
+		json_t *ct;
+
+		tmp_val.val = val->val;
+		tmp_val.len = vec.pt.len;
+
+		writeback_hex_str("", info.one_line_text, &tmp_val);
+		ct = json_string(info.one_line_text);
+		json_object_set_new(json_info.json_write_case, CT_JSON_STR, ct);
+
+		if (info.interim_info.gcm_data.gen_iv) {
+			json_t *iv;
+			tmp_val.val = vec.iv.val;
+			tmp_val.len = vec.iv.len;
+
+			writeback_hex_str("", info.one_line_text, &tmp_val);
+			iv = json_string(info.one_line_text);
+			json_object_set_new(json_info.json_write_case, IV_JSON_STR, iv);
+
+			rte_free(vec.iv.val);
+			vec.iv.val = NULL;
+		}
+
+		tmp_val.val = val->val + vec.pt.len;
+		tmp_val.len = val->len - vec.pt.len;
+
+		writeback_hex_str("", info.one_line_text, &tmp_val);
+		tag = json_string(info.one_line_text);
+		json_object_set_new(json_info.json_write_case, TAG_JSON_STR, tag);
+	} else {
+		if (vec.status == RTE_CRYPTO_OP_STATUS_SUCCESS) {
+			if (!info.interim_info.gcm_data.is_gmac) {
+				tmp_val.val = val->val;
+				tmp_val.len = vec.pt.len;
+
+				writeback_hex_str("", info.one_line_text, &tmp_val);
+				json_object_set_new(json_info.json_write_case, PT_JSON_STR,
+					json_string(info.one_line_text));
+			}
+		} else {
+			json_object_set_new(json_info.json_write_case, "testPassed", json_false());
+		}
+	}
+
+	return 0;
+}
+#endif /* RTE_HAS_JANSSON */
+
 int
 parse_test_gcm_init(void)
 {
 	char *tmp;
 	uint32_t i;
 
+#ifdef RTE_HAS_JANSSON
+	if (json_info.json_test_group) {
+		json_t *direction_obj;
+		const char *direction_str;
+
+		direction_obj = json_object_get(json_info.json_test_group, DIR_JSON_STR);
+		direction_str = json_string_value(direction_obj);
+
+		if (strcmp(direction_str, OP_ENC_JSON_STR) == 0) {
+			json_t *ivGen_obj;
+			const char *ivGen_str;
+
+			ivGen_obj = json_object_get(json_info.json_test_group, IVGEN_JSON_STR);
+			ivGen_str = json_string_value(ivGen_obj);
+			info.op = FIPS_TEST_ENC_AUTH_GEN;
+			info.callbacks = gcm_enc_json_vectors;
+
+			if (strcmp(ivGen_str, OP_ENC_INT_JSON_STR) == 0)
+				info.interim_info.gcm_data.gen_iv = 1;
+		} else if (strcmp(direction_str, OP_DEC_JSON_STR) == 0) {
+			info.op = FIPS_TEST_DEC_AUTH_VERIF;
+			info.callbacks = gcm_dec_json_vectors;
+		} else {
+			return -EINVAL;
+		}
+		info.interim_callbacks = gcm_interim_json_vectors;
+		info.parse_writeback = parse_test_gcm_json_writeback;
+
+		return 0;
+	}
+#endif /* RTE_HAS_JANSSON */
 
 	for (i = 0; i < info.nb_vec_lines; i++) {
 		char *line = info.vec[i];
-- 
2.25.1


^ permalink raw reply	[flat|nested] 122+ messages in thread

* Re: [PATCH v3 0/5] Add JSON vector set support to fips validation
  2022-01-29 17:55   ` [PATCH v3 0/5] Add JSON vector set support to fips validation Brandon Lo
                       ` (4 preceding siblings ...)
  2022-01-29 17:55     ` [PATCH v3 5/5] examples/fips_validation: add json to gcm test Brandon Lo
@ 2022-02-02 15:15     ` Brandon Lo
       [not found]       ` <MN2PR11MB382152E7C1DAFD68066264DEE62F9@MN2PR11MB3821.namprd11.prod.outlook.com>
  2022-02-08 21:48     ` [EXT] " Akhil Goyal
  2022-04-29 16:15     ` [PATCH v4 0/8] " Brandon Lo
  7 siblings, 1 reply; 122+ messages in thread
From: Brandon Lo @ 2022-02-02 15:15 UTC (permalink / raw)
  To: Zhang, Roy Fan, Power, Ciara; +Cc: dev

Hi Fan and Ciara,

Could you please review this patch set?
Not sure who the maintainer of the fips_validation example is (I think
Marko Kovacevic stopped working on the FIPS validation example).

Thanks,
Brandon



--
Brandon Lo
UNH InterOperability Laboratory
21 Madbury Rd, Suite 100, Durham, NH 03824
blo@iol.unh.edu
www.iol.unh.edu

^ permalink raw reply	[flat|nested] 122+ messages in thread

* RE: [EXT] [PATCH v3 0/5] Add JSON vector set support to fips validation
  2022-01-29 17:55   ` [PATCH v3 0/5] Add JSON vector set support to fips validation Brandon Lo
                       ` (5 preceding siblings ...)
  2022-02-02 15:15     ` [PATCH v3 0/5] Add JSON vector set support to fips validation Brandon Lo
@ 2022-02-08 21:48     ` Akhil Goyal
  2022-04-29 16:15     ` [PATCH v4 0/8] " Brandon Lo
  7 siblings, 0 replies; 122+ messages in thread
From: Akhil Goyal @ 2022-02-08 21:48 UTC (permalink / raw)
  To: Brandon Lo, roy.fan.zhang, ciara.power, Marko Kovacevic; +Cc: dev

Hi Marko/Fan,

Please review this series.

> Adds a very basic introduction to JSON vector sets in
> the fips validation example application. This patch set
> will only introduce the AES-GCM test using a JSON request
> file because the other algorithms need more information
> than what is given in the new JSON format.
> 
> Brandon Lo (5):
>   examples/fips_validation: add jansson dependency
>   examples/fips_validation: add json info to header
>   examples/fips_validation: add json parsing
>   examples/fips_validation: allow json file as input
>   examples/fips_validation: add json to gcm test
> 
>  examples/fips_validation/fips_validation.c    |  96 ++++++++-
>  examples/fips_validation/fips_validation.h    |  48 ++++-
>  .../fips_validation/fips_validation_gcm.c     | 150 ++++++++++++++
>  examples/fips_validation/main.c               | 195 +++++++++++++++++-
>  examples/fips_validation/meson.build          |   4 +
>  5 files changed, 483 insertions(+), 10 deletions(-)
> 
> --
> 2.25.1


^ permalink raw reply	[flat|nested] 122+ messages in thread

* Re: [PATCH v3 0/5] Add JSON vector set support to fips validation
       [not found]             ` <CAOeXdvZbwW2tP-vyELRJza_imjjRm-JNYu+c4=-y2VtigqNg5A@mail.gmail.com>
@ 2022-04-14 13:41               ` Brandon Lo
  2022-04-21  8:02                 ` [EXT] " Gowrishankar Muthukrishnan
  0 siblings, 1 reply; 122+ messages in thread
From: Brandon Lo @ 2022-04-14 13:41 UTC (permalink / raw)
  To: dev, Zhang, Roy Fan, Power, Ciara

Adding the dev mailing list back into this discussion.

On Wed, Apr 13, 2022 at 9:13 AM Brandon Lo <blo@iol.unh.edu> wrote:
>
> Hi guys,
>
> Lincoln and I would like to know if we can get this patch set looked
> at and merged before submitting the rest of the algorithms. So far,
> I've worked on implementing the HMAC and CMAC tests, but I keep
> getting pulled away by some requests from the community. This patchset
> does not seem to break backward compatibility, so merging it will only
> lead to more coverage from the UNH lab. It may also be easier to
> review since it isn't going to be one huge patchset that needs to be
> looked at in the future.
>
> On Thu, Feb 17, 2022 at 7:47 AM Brandon Lo <blo@iol.unh.edu> wrote:
> >
> > On Fri, Feb 11, 2022 at 9:16 AM Brandon Lo <blo@iol.unh.edu> wrote:
> > > I only have the AES-GCM algorithm implemented because the current
> > > implementations of the other algorithms require some extra information
> > > than what comes with the JSON format in the API.
> > > For example, I couldn't find the JSON counterpart for things like
> > > fips_validation_sha.c's "MD =" or "Seed =" as well as
> > > fips_validation_ccm.c's extra test types like CCM-DVPT, CCM-VADT, etc.
> > > just to name a few.
> > > This could very well be due to my inexperience with the FIPS
> > > validation, and I definitely plan to take another look at it again.
> > >
> > > My assumption is that the JSON version of FIPS validation files isn't
> > > used as much as the old CAVP format, so I am more aiming towards
> > > getting something working in the lab first and then expanding on it
> > > later.
> >
> > Hi all,
> >
> > Could I get someone to look at this patch set?
> > The UNH lab is ready to deploy FIPS testing on patches that affect the
> > crypto portion of DPDK.
> >
> > Thanks,
> > Brandon
> >
> >
> > --
> > Brandon Lo
> > UNH InterOperability Laboratory
> > 21 Madbury Rd, Suite 100, Durham, NH 03824
> > blo@iol.unh.edu
> > www.iol.unh.edu
>
>
>
> --
> Brandon Lo
> UNH InterOperability Laboratory
> 21 Madbury Rd, Suite 100, Durham, NH 03824
> blo@iol.unh.edu
> www.iol.unh.edu



-- 
Brandon Lo
UNH InterOperability Laboratory
21 Madbury Rd, Suite 100, Durham, NH 03824
blo@iol.unh.edu
www.iol.unh.edu

^ permalink raw reply	[flat|nested] 122+ messages in thread

* RE: [EXT] Re: [PATCH v3 0/5] Add JSON vector set support to fips validation
  2022-04-14 13:41               ` Brandon Lo
@ 2022-04-21  8:02                 ` Gowrishankar Muthukrishnan
  2022-04-26 14:30                   ` Brandon Lo
  0 siblings, 1 reply; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-04-21  8:02 UTC (permalink / raw)
  To: Brandon Lo, dev, Zhang, Roy Fan, Power, Ciara; +Cc: Anoob Joseph

Hi Brandon,
Following some cleanup patches I have posted against examples/fips, I would like to take enabling AES_CBC in fips validation.
Please let me know if you/anyone have already have WIP for the same, before I proceed.

Thanks,
Gowrishankar

> -----Original Message-----
> From: Brandon Lo <blo@iol.unh.edu>
> Sent: Thursday, April 14, 2022 7:12 PM
> To: dev <dev@dpdk.org>; Zhang, Roy Fan <roy.fan.zhang@intel.com>;
> Power, Ciara <ciara.power@intel.com>
> Subject: [EXT] Re: [PATCH v3 0/5] Add JSON vector set support to fips
> validation
> 
> External Email
> 
> ----------------------------------------------------------------------
> Adding the dev mailing list back into this discussion.
> 
> On Wed, Apr 13, 2022 at 9:13 AM Brandon Lo <blo@iol.unh.edu> wrote:
> >
> > Hi guys,
> >
> > Lincoln and I would like to know if we can get this patch set looked
> > at and merged before submitting the rest of the algorithms. So far,
> > I've worked on implementing the HMAC and CMAC tests, but I keep
> > getting pulled away by some requests from the community. This patchset
> > does not seem to break backward compatibility, so merging it will only
> > lead to more coverage from the UNH lab. It may also be easier to
> > review since it isn't going to be one huge patchset that needs to be
> > looked at in the future.
> >
> > On Thu, Feb 17, 2022 at 7:47 AM Brandon Lo <blo@iol.unh.edu> wrote:
> > >
> > > On Fri, Feb 11, 2022 at 9:16 AM Brandon Lo <blo@iol.unh.edu> wrote:
> > > > I only have the AES-GCM algorithm implemented because the current
> > > > implementations of the other algorithms require some extra
> > > > information than what comes with the JSON format in the API.
> > > > For example, I couldn't find the JSON counterpart for things like
> > > > fips_validation_sha.c's "MD =" or "Seed =" as well as
> > > > fips_validation_ccm.c's extra test types like CCM-DVPT, CCM-VADT,
> etc.
> > > > just to name a few.
> > > > This could very well be due to my inexperience with the FIPS
> > > > validation, and I definitely plan to take another look at it again.
> > > >
> > > > My assumption is that the JSON version of FIPS validation files
> > > > isn't used as much as the old CAVP format, so I am more aiming
> > > > towards getting something working in the lab first and then
> > > > expanding on it later.
> > >
> > > Hi all,
> > >
> > > Could I get someone to look at this patch set?
> > > The UNH lab is ready to deploy FIPS testing on patches that affect
> > > the crypto portion of DPDK.
> > >
> > > Thanks,
> > > Brandon
> > >
> > >
> > > --
> > > Brandon Lo
> > > UNH InterOperability Laboratory
> > > 21 Madbury Rd, Suite 100, Durham, NH 03824 blo@iol.unh.edu
> > > https://urldefense.proofpoint.com/v2/url?u=http-
> 3A__www.iol.unh.edu&
> > > d=DwIBaQ&c=nKjWec2b6R0mOyPaz7xtfQ&r=EAtr-
> g7yUFhtOio8r2Rtm13Aqe4WVp_S
> > >
> _gHpcu6KFVo&m=35t4n1T3FnlAkNla3EmGLgWSAhIknbuvLgguNAXKjN0xCMs
> cV7HXyJ
> > >
> 95BftFMJJJ&s=GVCZy3E9sE9H23TSCEcLyQoT4zxNQ4pyameEW76PZno&e=
> >
> >
> >
> > --
> > Brandon Lo
> > UNH InterOperability Laboratory
> > 21 Madbury Rd, Suite 100, Durham, NH 03824 blo@iol.unh.edu
> > https://urldefense.proofpoint.com/v2/url?u=http-
> 3A__www.iol.unh.edu&d=
> > DwIBaQ&c=nKjWec2b6R0mOyPaz7xtfQ&r=EAtr-
> g7yUFhtOio8r2Rtm13Aqe4WVp_S_gHp
> >
> cu6KFVo&m=35t4n1T3FnlAkNla3EmGLgWSAhIknbuvLgguNAXKjN0xCMscV7H
> XyJ95BftF
> > MJJJ&s=GVCZy3E9sE9H23TSCEcLyQoT4zxNQ4pyameEW76PZno&e=
> 
> 
> 
> --
> Brandon Lo
> UNH InterOperability Laboratory
> 21 Madbury Rd, Suite 100, Durham, NH 03824 blo@iol.unh.edu
> https://urldefense.proofpoint.com/v2/url?u=http-
> 3A__www.iol.unh.edu&d=DwIBaQ&c=nKjWec2b6R0mOyPaz7xtfQ&r=EAtr-
> g7yUFhtOio8r2Rtm13Aqe4WVp_S_gHpcu6KFVo&m=35t4n1T3FnlAkNla3EmG
> LgWSAhIknbuvLgguNAXKjN0xCMscV7HXyJ95BftFMJJJ&s=GVCZy3E9sE9H23T
> SCEcLyQoT4zxNQ4pyameEW76PZno&e=

^ permalink raw reply	[flat|nested] 122+ messages in thread

* Re: [EXT] Re: [PATCH v3 0/5] Add JSON vector set support to fips validation
  2022-04-21  8:02                 ` [EXT] " Gowrishankar Muthukrishnan
@ 2022-04-26 14:30                   ` Brandon Lo
  0 siblings, 0 replies; 122+ messages in thread
From: Brandon Lo @ 2022-04-26 14:30 UTC (permalink / raw)
  To: Gowrishankar Muthukrishnan
  Cc: dev, Zhang, Roy Fan, Power, Ciara, Anoob Joseph

Hi Gowrishankar,

I apologize for the late response. I have not worked on the AES-CBC
implementation, so you are free to go ahead.
Please let me know if you run into any issues that I can help with.

Thanks,
Brandon

On Thu, Apr 21, 2022 at 4:02 AM Gowrishankar Muthukrishnan
<gmuthukrishn@marvell.com> wrote:
>
> Hi Brandon,
> Following some cleanup patches I have posted against examples/fips, I would like to take enabling AES_CBC in fips validation.
> Please let me know if you/anyone have already have WIP for the same, before I proceed.
>
> Thanks,
> Gowrishankar
>
> > -----Original Message-----
> > From: Brandon Lo <blo@iol.unh.edu>
> > Sent: Thursday, April 14, 2022 7:12 PM
> > To: dev <dev@dpdk.org>; Zhang, Roy Fan <roy.fan.zhang@intel.com>;
> > Power, Ciara <ciara.power@intel.com>
> > Subject: [EXT] Re: [PATCH v3 0/5] Add JSON vector set support to fips
> > validation
> >
> > External Email
> >
> > ----------------------------------------------------------------------
> > Adding the dev mailing list back into this discussion.
> >
> > On Wed, Apr 13, 2022 at 9:13 AM Brandon Lo <blo@iol.unh.edu> wrote:
> > >
> > > Hi guys,
> > >
> > > Lincoln and I would like to know if we can get this patch set looked
> > > at and merged before submitting the rest of the algorithms. So far,
> > > I've worked on implementing the HMAC and CMAC tests, but I keep
> > > getting pulled away by some requests from the community. This patchset
> > > does not seem to break backward compatibility, so merging it will only
> > > lead to more coverage from the UNH lab. It may also be easier to
> > > review since it isn't going to be one huge patchset that needs to be
> > > looked at in the future.
> > >
> > > On Thu, Feb 17, 2022 at 7:47 AM Brandon Lo <blo@iol.unh.edu> wrote:
> > > >
> > > > On Fri, Feb 11, 2022 at 9:16 AM Brandon Lo <blo@iol.unh.edu> wrote:
> > > > > I only have the AES-GCM algorithm implemented because the current
> > > > > implementations of the other algorithms require some extra
> > > > > information than what comes with the JSON format in the API.
> > > > > For example, I couldn't find the JSON counterpart for things like
> > > > > fips_validation_sha.c's "MD =" or "Seed =" as well as
> > > > > fips_validation_ccm.c's extra test types like CCM-DVPT, CCM-VADT,
> > etc.
> > > > > just to name a few.
> > > > > This could very well be due to my inexperience with the FIPS
> > > > > validation, and I definitely plan to take another look at it again.
> > > > >
> > > > > My assumption is that the JSON version of FIPS validation files
> > > > > isn't used as much as the old CAVP format, so I am more aiming
> > > > > towards getting something working in the lab first and then
> > > > > expanding on it later.
> > > >
> > > > Hi all,
> > > >
> > > > Could I get someone to look at this patch set?
> > > > The UNH lab is ready to deploy FIPS testing on patches that affect
> > > > the crypto portion of DPDK.
> > > >
> > > > Thanks,
> > > > Brandon
> > > >
> > > >
> > > > --
> > > > Brandon Lo
> > > > UNH InterOperability Laboratory
> > > > 21 Madbury Rd, Suite 100, Durham, NH 03824 blo@iol.unh.edu
> > > > https://urldefense.proofpoint.com/v2/url?u=http-
> > 3A__www.iol.unh.edu&
> > > > d=DwIBaQ&c=nKjWec2b6R0mOyPaz7xtfQ&r=EAtr-
> > g7yUFhtOio8r2Rtm13Aqe4WVp_S
> > > >
> > _gHpcu6KFVo&m=35t4n1T3FnlAkNla3EmGLgWSAhIknbuvLgguNAXKjN0xCMs
> > cV7HXyJ
> > > >
> > 95BftFMJJJ&s=GVCZy3E9sE9H23TSCEcLyQoT4zxNQ4pyameEW76PZno&e=
> > >
> > >
> > >
> > > --
> > > Brandon Lo
> > > UNH InterOperability Laboratory
> > > 21 Madbury Rd, Suite 100, Durham, NH 03824 blo@iol.unh.edu
> > > https://urldefense.proofpoint.com/v2/url?u=http-
> > 3A__www.iol.unh.edu&d=
> > > DwIBaQ&c=nKjWec2b6R0mOyPaz7xtfQ&r=EAtr-
> > g7yUFhtOio8r2Rtm13Aqe4WVp_S_gHp
> > >
> > cu6KFVo&m=35t4n1T3FnlAkNla3EmGLgWSAhIknbuvLgguNAXKjN0xCMscV7H
> > XyJ95BftF
> > > MJJJ&s=GVCZy3E9sE9H23TSCEcLyQoT4zxNQ4pyameEW76PZno&e=
> >
> >
> >
> > --
> > Brandon Lo
> > UNH InterOperability Laboratory
> > 21 Madbury Rd, Suite 100, Durham, NH 03824 blo@iol.unh.edu
> > https://urldefense.proofpoint.com/v2/url?u=http-
> > 3A__www.iol.unh.edu&d=DwIBaQ&c=nKjWec2b6R0mOyPaz7xtfQ&r=EAtr-
> > g7yUFhtOio8r2Rtm13Aqe4WVp_S_gHpcu6KFVo&m=35t4n1T3FnlAkNla3EmG
> > LgWSAhIknbuvLgguNAXKjN0xCMscV7HXyJ95BftFMJJJ&s=GVCZy3E9sE9H23T
> > SCEcLyQoT4zxNQ4pyameEW76PZno&e=



-- 
Brandon Lo
UNH InterOperability Laboratory
21 Madbury Rd, Suite 100, Durham, NH 03824
blo@iol.unh.edu
www.iol.unh.edu

^ permalink raw reply	[flat|nested] 122+ messages in thread

* [PATCH v4 0/8] Add JSON vector set support to fips validation
  2022-01-29 17:55   ` [PATCH v3 0/5] Add JSON vector set support to fips validation Brandon Lo
                       ` (6 preceding siblings ...)
  2022-02-08 21:48     ` [EXT] " Akhil Goyal
@ 2022-04-29 16:15     ` Brandon Lo
  2022-04-29 16:15       ` [PATCH v4 1/8] examples/fips_validation: add jansson dependency Brandon Lo
                         ` (9 more replies)
  7 siblings, 10 replies; 122+ messages in thread
From: Brandon Lo @ 2022-04-29 16:15 UTC (permalink / raw)
  To: roy.fan.zhang, ciara.power; +Cc: dev, Brandon Lo

Adds a very basic introduction to JSON vector sets in
the fips validation example application. This patch set
will only introduce the AES-GCM test using a JSON request
file because the other algorithms need more information
than what is given in the new JSON format.

Brandon Lo (8):
  examples/fips_validation: add jansson dependency
  examples/fips_validation: add json info to header
  examples/fips_validation: add json parsing
  examples/fips_validation: allow json file as input
  examples/fips_validation: add json to gcm test
  examples/fips_validation: add json to hmac
  examples/fips_validation: implement json cmac test
  examples/fips_validation: add parsing for cmac

 examples/fips_validation/fips_validation.c    | 119 ++++++++++
 examples/fips_validation/fips_validation.h    |  57 ++++-
 .../fips_validation/fips_validation_cmac.c    |  68 ++++++
 .../fips_validation/fips_validation_gcm.c     | 151 ++++++++++++-
 .../fips_validation/fips_validation_hmac.c    |  93 ++++++++
 examples/fips_validation/main.c               | 207 +++++++++++++++++-
 examples/fips_validation/meson.build          |   4 +
 7 files changed, 693 insertions(+), 6 deletions(-)

-- 
2.25.1


^ permalink raw reply	[flat|nested] 122+ messages in thread

* [PATCH v4 1/8] examples/fips_validation: add jansson dependency
  2022-04-29 16:15     ` [PATCH v4 0/8] " Brandon Lo
@ 2022-04-29 16:15       ` Brandon Lo
  2022-05-18 15:44         ` [EXT] " Gowrishankar Muthukrishnan
  2022-04-29 16:15       ` [PATCH v4 2/8] examples/fips_validation: add json info to header Brandon Lo
                         ` (8 subsequent siblings)
  9 siblings, 1 reply; 122+ messages in thread
From: Brandon Lo @ 2022-04-29 16:15 UTC (permalink / raw)
  To: roy.fan.zhang, ciara.power; +Cc: dev, Brandon Lo

Added a check for RTE_HAS_JANSSON into the meson
configuration file for JSON support.

Signed-off-by: Brandon Lo <blo@iol.unh.edu>
---
 examples/fips_validation/meson.build | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/examples/fips_validation/meson.build b/examples/fips_validation/meson.build
index 7eef456318..8cd63066b5 100644
--- a/examples/fips_validation/meson.build
+++ b/examples/fips_validation/meson.build
@@ -21,3 +21,7 @@ sources = files(
         'fips_dev_self_test.c',
         'main.c',
 )
+
+if dpdk_conf.has('RTE_HAS_JANSSON')
+    ext_deps += jansson_dep
+endif
-- 
2.25.1


^ permalink raw reply	[flat|nested] 122+ messages in thread

* [PATCH v4 2/8] examples/fips_validation: add json info to header
  2022-04-29 16:15     ` [PATCH v4 0/8] " Brandon Lo
  2022-04-29 16:15       ` [PATCH v4 1/8] examples/fips_validation: add jansson dependency Brandon Lo
@ 2022-04-29 16:15       ` Brandon Lo
  2022-05-18 15:44         ` [EXT] " Gowrishankar Muthukrishnan
  2022-04-29 16:15       ` [PATCH v4 3/8] examples/fips_validation: add json parsing Brandon Lo
                         ` (7 subsequent siblings)
  9 siblings, 1 reply; 122+ messages in thread
From: Brandon Lo @ 2022-04-29 16:15 UTC (permalink / raw)
  To: roy.fan.zhang, ciara.power; +Cc: dev, Brandon Lo

Added json-specific functions and other information needed to
test the new FIPS test vectors.

Signed-off-by: Brandon Lo <blo@iol.unh.edu>
---
v2:
* fix type of prefix to suffix

 examples/fips_validation/fips_validation.h | 42 +++++++++++++++++++++-
 1 file changed, 41 insertions(+), 1 deletion(-)

diff --git a/examples/fips_validation/fips_validation.h b/examples/fips_validation/fips_validation.h
index aaadf01ba8..e2789df93a 100644
--- a/examples/fips_validation/fips_validation.h
+++ b/examples/fips_validation/fips_validation.h
@@ -5,6 +5,10 @@
 #ifndef _FIPS_VALIDATION_H_
 #define _FIPS_VALIDATION_H_
 
+#ifdef RTE_HAS_JANSSON
+#include <jansson.h>
+#endif /* RTE_HAS_JANSSON */
+
 #define FIPS_PARSE_ERR(fmt, args)					\
 	RTE_LOG(ERR, USER1, "FIPS parse error" ## fmt ## "\n", ## args)
 
@@ -24,6 +28,9 @@
 #define REQ_FILE_PERFIX		"req"
 #define RSP_FILE_PERFIX		"rsp"
 #define FAX_FILE_PERFIX		"fax"
+#define JSON_FILE_PERFIX	"json"
+
+#define ACVVERSION			"1.0"
 
 enum fips_test_algorithms {
 		FIPS_TEST_ALGO_AES = 0,
@@ -40,7 +47,8 @@ enum fips_test_algorithms {
 enum file_types {
 	FIPS_TYPE_REQ = 1,
 	FIPS_TYPE_FAX,
-	FIPS_TYPE_RSP
+	FIPS_TYPE_RSP,
+	FIPS_TYPE_JSON,
 };
 
 enum fips_test_op {
@@ -161,6 +169,23 @@ struct gcm_interim_data {
 	uint8_t gen_iv;
 };
 
+#ifdef RTE_HAS_JANSSON
+struct fips_test_json_info {
+	/* Information used for reading from json */
+	json_t *json_root;
+	json_t *json_vector_set;
+	json_t *json_test_group;
+	json_t *json_test_case;
+	/* Location of json write output */
+	json_t *json_write_root;
+	json_t *json_write_group;
+	json_t *json_write_set;
+	json_t *json_write_case;
+	/* Other info */
+	uint8_t is_sample;
+};
+#endif /* RTE_HAS_JANSSON */
+
 struct fips_test_interim_info {
 	FILE *fp_rd;
 	FILE *fp_wr;
@@ -196,6 +221,10 @@ struct fips_test_interim_info {
 extern struct fips_test_vector vec;
 extern struct fips_test_interim_info info;
 
+#ifdef RTE_HAS_JANSSON
+extern struct fips_test_json_info json_info;
+#endif /* RTE_HAS_JANSSON */
+
 int
 fips_test_init(const char *req_file_path, const char *rsp_file_path,
 		const char *device_name);
@@ -212,6 +241,17 @@ fips_test_parse_one_case(void);
 void
 fips_test_write_one_case(void);
 
+#ifdef RTE_HAS_JANSSON
+int
+fips_test_parse_one_json_vector_set(void);
+
+int
+fips_test_parse_one_json_group(void);
+
+int
+fips_test_parse_one_json_case(void);
+#endif /* RTE_HAS_JANSSON */
+
 int
 parse_test_aes_init(void);
 
-- 
2.25.1


^ permalink raw reply	[flat|nested] 122+ messages in thread

* [PATCH v4 3/8] examples/fips_validation: add json parsing
  2022-04-29 16:15     ` [PATCH v4 0/8] " Brandon Lo
  2022-04-29 16:15       ` [PATCH v4 1/8] examples/fips_validation: add jansson dependency Brandon Lo
  2022-04-29 16:15       ` [PATCH v4 2/8] examples/fips_validation: add json info to header Brandon Lo
@ 2022-04-29 16:15       ` Brandon Lo
  2022-05-18 15:45         ` [EXT] " Gowrishankar Muthukrishnan
  2022-04-29 16:15       ` [PATCH v4 4/8] examples/fips_validation: allow json file as input Brandon Lo
                         ` (6 subsequent siblings)
  9 siblings, 1 reply; 122+ messages in thread
From: Brandon Lo @ 2022-04-29 16:15 UTC (permalink / raw)
  To: roy.fan.zhang, ciara.power; +Cc: dev, Brandon Lo

Added functions to parse the required information from a vector set
given in the new json format.

Signed-off-by: Brandon Lo <blo@iol.unh.edu>
---
v3:
* fix checkpatch warnings

v2:
* fix for loop initialization

 examples/fips_validation/fips_validation.c | 92 ++++++++++++++++++++++
 1 file changed, 92 insertions(+)

diff --git a/examples/fips_validation/fips_validation.c b/examples/fips_validation/fips_validation.c
index 94253eaee8..d220dcab1f 100644
--- a/examples/fips_validation/fips_validation.c
+++ b/examples/fips_validation/fips_validation.c
@@ -276,6 +276,8 @@ parse_file_type(const char *path)
 		info.file_type = FIPS_TYPE_RSP;
 	else if (strstr(path, FAX_FILE_PERFIX))
 		info.file_type = FIPS_TYPE_FAX;
+	else if (strstr(path, JSON_FILE_PERFIX))
+		info.file_type = FIPS_TYPE_JSON;
 	else
 		return -EINVAL;
 
@@ -311,6 +313,21 @@ fips_test_init(const char *req_file_path, const char *rsp_file_path,
 		return -EINVAL;
 	}
 
+	if (info.file_type == FIPS_TYPE_JSON) {
+#ifdef RTE_HAS_JANSSON
+		json_error_t error;
+		json_info.json_root = json_loadf(info.fp_rd, 0, &error);
+		if (!json_info.json_root) {
+			RTE_LOG(ERR, USER1, "Cannot parse json file %s (line %d, column %d)\n",
+				req_file_path, error.line, error.column);
+			return -EINVAL;
+		}
+#else /* RTE_HAS_JANSSON */
+		RTE_LOG(ERR, USER1, "No json library configured.\n");
+		return -EINVAL;
+#endif /* RTE_HAS_JANSSON */
+	}
+
 	info.fp_wr = fopen(rsp_file_path, "w");
 	if (!info.fp_wr) {
 		RTE_LOG(ERR, USER1, "Cannot open file %s\n", rsp_file_path);
@@ -329,6 +346,9 @@ fips_test_init(const char *req_file_path, const char *rsp_file_path,
 		return -EINVAL;
 	}
 
+	if (info.file_type == FIPS_TYPE_JSON)
+		return 0;
+
 	if (fips_test_parse_header() < 0) {
 		RTE_LOG(ERR, USER1, "Failed parsing header\n");
 		return -1;
@@ -428,6 +448,78 @@ fips_test_write_one_case(void)
 		fprintf(info.fp_wr, "%s\n", info.vec[i]);
 }
 
+#ifdef RTE_HAS_JANSSON
+int
+fips_test_parse_one_json_vector_set(void)
+{
+	json_t *algo_obj = json_object_get(json_info.json_vector_set, "algorithm");
+	const char *algo_str = json_string_value(algo_obj);
+
+	/* Vector sets contain the algorithm type, and nothing else we need. */
+	if (strstr(algo_str, "AES-GCM"))
+		info.algo = FIPS_TEST_ALGO_AES_GCM;
+	else
+		return -EINVAL;
+
+	return 0;
+}
+
+int
+fips_test_parse_one_json_group(void)
+{
+	int ret, i;
+	json_int_t val;
+	json_t *param;
+
+	if (info.interim_callbacks) {
+		char json_value[256];
+		for (i = 0; info.interim_callbacks[i].key != NULL; i++) {
+			param = json_object_get(json_info.json_test_group,
+					info.interim_callbacks[i].key);
+			val = json_integer_value(param);
+			snprintf(json_value, 255, "%"JSON_INTEGER_FORMAT, val);
+			/* First argument is blank because the key
+			 * is not included in the string being parsed.
+			 */
+			ret = info.interim_callbacks[i].cb(
+				"", json_value,
+				info.interim_callbacks[i].val
+			);
+			if (ret < 0)
+				return ret;
+		}
+	}
+
+	return 0;
+}
+
+int
+fips_test_parse_one_json_case(void)
+{
+	uint32_t i;
+	int ret = 0;
+	json_t *param;
+
+	for (i = 0; info.callbacks[i].key != NULL; i++) {
+		param = json_object_get(json_info.json_test_case, info.callbacks[i].key);
+		if (param) {
+			strcpy(info.one_line_text, json_string_value(param));
+			/* First argument is blank because the key
+			 * is not included in the string being parsed.
+			 */
+			ret = info.callbacks[i].cb(
+				"", info.one_line_text,
+				info.callbacks[i].val
+			);
+			if (ret < 0)
+				return ret;
+		}
+	}
+
+	return 0;
+}
+#endif /* RTE_HAS_JANSSON */
+
 static int
 parser_read_uint64_hex(uint64_t *value, const char *p)
 {
-- 
2.25.1


^ permalink raw reply	[flat|nested] 122+ messages in thread

* [PATCH v4 4/8] examples/fips_validation: allow json file as input
  2022-04-29 16:15     ` [PATCH v4 0/8] " Brandon Lo
                         ` (2 preceding siblings ...)
  2022-04-29 16:15       ` [PATCH v4 3/8] examples/fips_validation: add json parsing Brandon Lo
@ 2022-04-29 16:15       ` Brandon Lo
  2022-05-18 15:45         ` [EXT] " Gowrishankar Muthukrishnan
  2022-05-19  5:30         ` Gowrishankar Muthukrishnan
  2022-04-29 16:15       ` [PATCH v4 5/8] examples/fips_validation: add json to gcm test Brandon Lo
                         ` (5 subsequent siblings)
  9 siblings, 2 replies; 122+ messages in thread
From: Brandon Lo @ 2022-04-29 16:15 UTC (permalink / raw)
  To: roy.fan.zhang, ciara.power; +Cc: dev, Brandon Lo

Added the ability to use the json format as the input
and output of the example application.

Signed-off-by: Brandon Lo <blo@iol.unh.edu>
---
v3:
* fix checkpatch warnings

v2:
* remove use_json variable

 examples/fips_validation/main.c | 200 +++++++++++++++++++++++++++++++-
 1 file changed, 196 insertions(+), 4 deletions(-)

diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c
index e06ae37567..65f736f3cb 100644
--- a/examples/fips_validation/main.c
+++ b/examples/fips_validation/main.c
@@ -34,11 +34,17 @@ enum {
 	OPT_CRYPTODEV_BK_ID_NUM,
 #define OPT_CRYPTODEV_BK_DIR_KEY    "broken-test-dir"
 	OPT_CRYPTODEV_BK_DIR_KEY_NUM,
+#define OPT_USE_JSON                "use-json"
+	OPT_USE_JSON_NUM,
 };
 
 struct fips_test_vector vec;
 struct fips_test_interim_info info;
 
+#ifdef RTE_HAS_JANSSON
+struct fips_test_json_info json_info;
+#endif /* RTE_HAS_JANSSON */
+
 struct cryptodev_fips_validate_env {
 	const char *req_path;
 	const char *rsp_path;
@@ -166,6 +172,11 @@ cryptodev_fips_validate_app_uninit(void)
 static int
 fips_test_one_file(void);
 
+#ifdef RTE_HAS_JANSSON
+static int
+fips_test_one_json_file(void);
+#endif /* RTE_HAS_JANSSON */
+
 static int
 parse_cryptodev_arg(char *arg)
 {
@@ -389,6 +400,7 @@ int
 main(int argc, char *argv[])
 {
 	int ret;
+	char use_json;
 
 	ret = rte_eal_init(argc, argv);
 	if (ret < 0) {
@@ -424,9 +436,17 @@ main(int argc, char *argv[])
 					ret, env.req_path);
 			goto exit;
 		}
-
-
+		use_json = info.file_type == FIPS_TYPE_JSON;
+
+#ifdef RTE_HAS_JANSSON
+		ret = info.file_type == FIPS_TYPE_JSON ?
+			fips_test_one_json_file() : fips_test_one_file();
+		if (use_json)
+			json_decref(json_info.json_root);
+#else /* RTE_HAS_JANSSON */
 		ret = fips_test_one_file();
+#endif /* RTE_HAS_JANSSON */
+
 		if (ret < 0) {
 			RTE_LOG(ERR, USER1, "Error %i: Failed test %s\n",
 					ret, env.req_path);
@@ -480,8 +500,19 @@ main(int argc, char *argv[])
 						ret, req_path);
 				break;
 			}
+			use_json = info.file_type == FIPS_TYPE_JSON;
 
+#ifdef RTE_HAS_JANSSON
+			if (use_json) {
+				ret = fips_test_one_json_file();
+				json_decref(json_info.json_root);
+			} else {
+				ret = fips_test_one_file();
+			}
+#else /* RTE_HAS_JANSSON */
 			ret = fips_test_one_file();
+#endif /* RTE_HAS_JANSSON */
+
 			if (ret < 0) {
 				RTE_LOG(ERR, USER1, "Error %i: Failed test %s\n",
 						ret, req_path);
@@ -1219,7 +1250,8 @@ fips_generic_test(void)
 	struct fips_val val = {NULL, 0};
 	int ret;
 
-	fips_test_write_one_case();
+	if (info.file_type != FIPS_TYPE_JSON)
+		fips_test_write_one_case();
 
 	ret = fips_run_test();
 	if (ret < 0) {
@@ -1238,6 +1270,7 @@ fips_generic_test(void)
 	switch (info.file_type) {
 	case FIPS_TYPE_REQ:
 	case FIPS_TYPE_RSP:
+	case FIPS_TYPE_JSON:
 		if (info.parse_writeback == NULL)
 			return -EPERM;
 		ret = info.parse_writeback(&val);
@@ -1253,7 +1286,8 @@ fips_generic_test(void)
 		break;
 	}
 
-	fprintf(info.fp_wr, "\n");
+	if (info.file_type != FIPS_TYPE_JSON)
+		fprintf(info.fp_wr, "\n");
 	free(val.val);
 
 	return 0;
@@ -1844,3 +1878,161 @@ fips_test_one_file(void)
 
 	return ret;
 }
+
+#ifdef RTE_HAS_JANSSON
+static int
+fips_test_json_init_writeback(void)
+{
+	json_t *session_info, *session_write;
+	session_info = json_array_get(json_info.json_root, 0);
+	session_write = json_object();
+	json_info.json_write_root = json_array();
+
+	json_object_set(session_write, "jwt",
+		json_object_get(session_info, "jwt"));
+	json_object_set(session_write, "url",
+		json_object_get(session_info, "url"));
+	json_object_set(session_write, "isSample",
+		json_object_get(session_info, "isSample"));
+
+	json_info.is_sample = json_boolean_value(
+		json_object_get(session_info, "isSample"));
+
+	json_array_append_new(json_info.json_write_root, session_write);
+	return 0;
+}
+
+static int
+fips_test_one_test_case(void)
+{
+	int ret;
+
+	ret = fips_test_parse_one_json_case();
+
+	switch (ret) {
+	case 0:
+		ret = test_ops.test();
+		if (ret == 0)
+			break;
+		RTE_LOG(ERR, USER1, "Error %i: test block\n",
+				ret);
+		break;
+	case 1:
+		break;
+	default:
+		RTE_LOG(ERR, USER1, "Error %i: Parse block\n",
+				ret);
+	}
+	return 0;
+}
+
+static int
+fips_test_one_test_group(void)
+{
+	int ret;
+	json_t *tests, *write_tests;
+	size_t test_idx, tests_size;
+
+	write_tests = json_array();
+	json_info.json_write_group = json_object();
+	json_object_set(json_info.json_write_group, "tgId",
+		json_object_get(json_info.json_test_group, "tgId"));
+	json_object_set_new(json_info.json_write_group, "tests", write_tests);
+
+	switch (info.algo) {
+	case FIPS_TEST_ALGO_AES_GCM:
+		ret = parse_test_gcm_init();
+		break;
+	default:
+		return -EINVAL;
+	}
+	if (ret < 0)
+		return ret;
+
+	ret = fips_test_parse_one_json_group();
+	if (ret < 0)
+		return ret;
+
+	ret = init_test_ops();
+	if (ret < 0)
+		return ret;
+
+	tests = json_object_get(json_info.json_test_group, "tests");
+	tests_size = json_array_size(tests);
+	for (test_idx = 0; test_idx < tests_size; test_idx++) {
+		json_info.json_test_case = json_array_get(tests, test_idx);
+		fips_test_one_test_case();
+		json_array_append_new(write_tests, json_info.json_write_case);
+	}
+
+	return 0;
+}
+
+static int
+fips_test_one_vector_set(void)
+{
+	int ret;
+	json_t *test_groups, *write_groups, *write_version, *write_set;
+	size_t group_idx, num_groups;
+
+	test_groups = json_object_get(json_info.json_vector_set, "testGroups");
+	num_groups = json_array_size(test_groups);
+
+	json_info.json_write_set = json_array();
+	write_version = json_object();
+	json_object_set_new(write_version, "acvVersion", json_string(ACVVERSION));
+	json_array_append_new(json_info.json_write_set, write_version);
+
+	write_set = json_object();
+	json_array_append_new(json_info.json_write_set, write_set);
+	write_groups = json_array();
+
+	json_object_set(write_set, "vsId",
+		json_object_get(json_info.json_vector_set, "vsId"));
+	json_object_set(write_set, "algorithm",
+		json_object_get(json_info.json_vector_set, "algorithm"));
+	json_object_set(write_set, "revision",
+		json_object_get(json_info.json_vector_set, "revision"));
+	json_object_set_new(write_set, "isSample",
+		json_boolean(json_info.is_sample));
+	json_object_set_new(write_set, "testGroups", write_groups);
+
+	ret = fips_test_parse_one_json_vector_set();
+	if (ret < 0) {
+		RTE_LOG(ERR, USER1, "Error: Unsupported or invalid vector set algorithm: %s\n",
+			json_string_value(json_object_get(json_info.json_vector_set, "algorithm")));
+		return ret;
+	}
+
+	for (group_idx = 0; group_idx < num_groups; group_idx++) {
+		json_info.json_test_group = json_array_get(test_groups, group_idx);
+		ret = fips_test_one_test_group();
+		json_array_append_new(write_groups, json_info.json_write_group);
+	}
+
+	return 0;
+}
+
+static int
+fips_test_one_json_file(void)
+{
+	size_t vector_set_idx, root_size;
+
+	root_size = json_array_size(json_info.json_root);
+	fips_test_json_init_writeback();
+
+	for (vector_set_idx = 1; vector_set_idx < root_size; vector_set_idx++) {
+		/* Vector set index starts at 1, the 0th index contains test session
+		 * information.
+		 */
+		json_info.json_vector_set = json_array_get(json_info.json_root, vector_set_idx);
+		fips_test_one_vector_set();
+		json_array_append_new(json_info.json_write_root, json_info.json_write_set);
+	}
+
+	json_dumpf(json_info.json_write_root, info.fp_wr, JSON_INDENT(4));
+	json_decref(json_info.json_write_root);
+
+	return 0;
+}
+#endif /* RTE_HAS_JANSSON */
-- 
2.25.1


^ permalink raw reply	[flat|nested] 122+ messages in thread

* [PATCH v4 5/8] examples/fips_validation: add json to gcm test
  2022-04-29 16:15     ` [PATCH v4 0/8] " Brandon Lo
                         ` (3 preceding siblings ...)
  2022-04-29 16:15       ` [PATCH v4 4/8] examples/fips_validation: allow json file as input Brandon Lo
@ 2022-04-29 16:15       ` Brandon Lo
  2022-05-18 15:45         ` [EXT] " Gowrishankar Muthukrishnan
  2022-04-29 16:15       ` [PATCH v4 6/8] examples/fips_validation: add json to hmac Brandon Lo
                         ` (4 subsequent siblings)
  9 siblings, 1 reply; 122+ messages in thread
From: Brandon Lo @ 2022-04-29 16:15 UTC (permalink / raw)
  To: roy.fan.zhang, ciara.power; +Cc: dev, Brandon Lo

Adds json-specific testing and writeback function. Allows
the user to test AES-GCM vector sets.

Signed-off-by: Brandon Lo <blo@iol.unh.edu>
---
v3:
* fix checkpatch warnings

 examples/fips_validation/fips_validation.h    |   3 +
 .../fips_validation/fips_validation_gcm.c     | 151 +++++++++++++++++-
 examples/fips_validation/main.c               |   3 +-
 3 files changed, 155 insertions(+), 2 deletions(-)

diff --git a/examples/fips_validation/fips_validation.h b/examples/fips_validation/fips_validation.h
index e2789df93a..8d7af99e04 100644
--- a/examples/fips_validation/fips_validation.h
+++ b/examples/fips_validation/fips_validation.h
@@ -250,6 +250,9 @@ fips_test_parse_one_json_group(void);
 
 int
 fips_test_parse_one_json_case(void);
+
+int
+parse_test_gcm_json_init(void);
 #endif /* RTE_HAS_JANSSON */
 
 int
diff --git a/examples/fips_validation/fips_validation_gcm.c b/examples/fips_validation/fips_validation_gcm.c
index 250d09bf90..3604b21f13 100644
--- a/examples/fips_validation/fips_validation_gcm.c
+++ b/examples/fips_validation/fips_validation_gcm.c
@@ -6,6 +6,10 @@
 #include <time.h>
 #include <stdio.h>
 
+#ifdef RTE_HAS_JANSSON
+#include <jansson.h>
+#endif /* RTE_HAS_JANSSON */
+
 #include <rte_cryptodev.h>
 #include <rte_malloc.h>
 
@@ -37,6 +41,27 @@
 #define OP_ENC_EXT_STR	"ExtIV"
 #define OP_ENC_INT_STR	"IntIV"
 
+#define KEYLEN_JSON_STR		"keyLen"
+#define IVLEN_JSON_STR		"ivLen"
+#define PAYLOADLEN_JSON_STR	"payloadLen"
+#define AADLEN_JSON_STR		"aadLen"
+#define TAGLEN_JSON_STR		"tagLen"
+
+#define KEY_JSON_STR	"key"
+#define IV_JSON_STR		"iv"
+#define PT_JSON_STR		"pt"
+#define CT_JSON_STR		"ct"
+#define AAD_JSON_STR	"aad"
+#define TAG_JSON_STR	"tag"
+#define DIR_JSON_STR	"direction"
+
+#define OP_ENC_JSON_STR	"encrypt"
+#define OP_DEC_JSON_STR	"decrypt"
+
+#define IVGEN_JSON_STR	"ivGen"
+#define OP_ENC_EXT_JSON_STR	"external"
+#define OP_ENC_INT_JSON_STR	"internal"
+
 #define NEG_TEST_STR	"FAIL"
 
 /**
@@ -136,6 +161,40 @@ struct fips_test_callback gcm_enc_vectors[] = {
 		{NULL, NULL, NULL} /**< end pointer */
 };
 
+#ifdef RTE_HAS_JANSSON
+struct fips_test_callback gcm_dec_json_vectors[] = {
+		{KEY_JSON_STR, parse_uint8_known_len_hex_str, &vec.aead.key},
+		{IV_JSON_STR, parse_uint8_known_len_hex_str, &vec.iv},
+		{CT_JSON_STR, parse_gcm_pt_ct_str, &vec.ct},
+		{AAD_JSON_STR, parse_gcm_aad_str, &vec.aead.aad},
+		{TAG_JSON_STR, parse_uint8_known_len_hex_str,
+				&vec.aead.digest},
+		{NULL, NULL, NULL} /**< end pointer */
+};
+
+struct fips_test_callback gcm_interim_json_vectors[] = {
+		{KEYLEN_JSON_STR, parser_read_uint32_bit_val, &vec.aead.key},
+		{IVLEN_JSON_STR, parser_read_uint32_bit_val, &vec.iv},
+		{PAYLOADLEN_JSON_STR, parser_read_gcm_pt_len, &vec.pt},
+		{PAYLOADLEN_JSON_STR, parser_read_uint32_bit_val, &vec.ct},
+		/**< The NIST json test vectors use 'payloadLen' to denote input text
+		 *  length in case of decrypt & encrypt operations.
+		 */
+		{AADLEN_JSON_STR, parser_read_uint32_bit_val, &vec.aead.aad},
+		{TAGLEN_JSON_STR, parser_read_uint32_bit_val,
+				&vec.aead.digest},
+		{NULL, NULL, NULL} /**< end pointer */
+};
+
+struct fips_test_callback gcm_enc_json_vectors[] = {
+		{KEY_JSON_STR, parse_uint8_known_len_hex_str, &vec.aead.key},
+		{IV_JSON_STR, parse_uint8_known_len_hex_str, &vec.iv},
+		{PT_JSON_STR, parse_gcm_pt_ct_str, &vec.pt},
+		{AAD_JSON_STR, parse_gcm_aad_str, &vec.aead.aad},
+		{NULL, NULL, NULL} /**< end pointer */
+};
+#endif /* RTE_HAS_JANSSON */
+
 static int
 parse_test_gcm_writeback(struct fips_val *val)
 {
@@ -194,7 +253,6 @@ parse_test_gcm_init(void)
 	char *tmp;
 	uint32_t i;
 
-
 	for (i = 0; i < info.nb_vec_lines; i++) {
 		char *line = info.vec[i];
 
@@ -218,3 +276,94 @@ parse_test_gcm_init(void)
 
 	return 0;
 }
+
+#ifdef RTE_HAS_JANSSON
+static int
+parse_test_gcm_json_writeback(struct fips_val *val)
+{
+	struct fips_val tmp_val;
+	json_t *tcId, *tag;
+
+	tcId = json_object_get(json_info.json_test_case, "tcId");
+
+	json_info.json_write_case = json_object();
+	json_object_set(json_info.json_write_case, "tcId", tcId);
+
+	if (info.op == FIPS_TEST_ENC_AUTH_GEN) {
+		json_t *ct;
+
+		tmp_val.val = val->val;
+		tmp_val.len = vec.pt.len;
+
+		writeback_hex_str("", info.one_line_text, &tmp_val);
+		ct = json_string(info.one_line_text);
+		json_object_set_new(json_info.json_write_case, CT_JSON_STR, ct);
+
+		if (info.interim_info.gcm_data.gen_iv) {
+			json_t *iv;
+			tmp_val.val = vec.iv.val;
+			tmp_val.len = vec.iv.len;
+
+			writeback_hex_str("", info.one_line_text, &tmp_val);
+			iv = json_string(info.one_line_text);
+			json_object_set_new(json_info.json_write_case, IV_JSON_STR, iv);
+
+			rte_free(vec.iv.val);
+			vec.iv.val = NULL;
+		}
+
+		tmp_val.val = val->val + vec.pt.len;
+		tmp_val.len = val->len - vec.pt.len;
+
+		writeback_hex_str("", info.one_line_text, &tmp_val);
+		tag = json_string(info.one_line_text);
+		json_object_set_new(json_info.json_write_case, TAG_JSON_STR, tag);
+	} else {
+		if (vec.status == RTE_CRYPTO_OP_STATUS_SUCCESS) {
+			if (!info.interim_info.gcm_data.is_gmac) {
+				tmp_val.val = val->val;
+				tmp_val.len = vec.pt.len;
+
+				writeback_hex_str("", info.one_line_text, &tmp_val);
+				json_object_set_new(json_info.json_write_case, PT_JSON_STR,
+					json_string(info.one_line_text));
+			}
+		} else {
+			json_object_set_new(json_info.json_write_case, "testPassed", json_false());
+		}
+	}
+
+	return 0;
+}
+
+int
+parse_test_gcm_json_init(void)
+{
+	json_t *direction_obj;
+	const char *direction_str;
+
+	direction_obj = json_object_get(json_info.json_test_group, DIR_JSON_STR);
+	direction_str = json_string_value(direction_obj);
+
+	if (strcmp(direction_str, OP_ENC_JSON_STR) == 0) {
+		json_t *ivGen_obj = json_object_get(json_info.json_test_group, IVGEN_JSON_STR);
+		const char *ivGen_str = json_string_value(ivGen_obj);
+
+		info.op = FIPS_TEST_ENC_AUTH_GEN;
+		info.callbacks = gcm_enc_json_vectors;
+
+		if (strcmp(ivGen_str, OP_ENC_INT_JSON_STR) == 0)
+			info.interim_info.gcm_data.gen_iv = 1;
+	} else if (strcmp(direction_str, OP_DEC_JSON_STR) == 0) {
+		info.op = FIPS_TEST_DEC_AUTH_VERIF;
+		info.callbacks = gcm_dec_json_vectors;
+	} else {
+		return -EINVAL;
+	}
+	info.interim_callbacks = gcm_interim_json_vectors;
+	info.parse_writeback = parse_test_gcm_json_writeback;
+
+	return 0;
+}
+#endif /* RTE_HAS_JANSSON */
+
diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c
index 65f736f3cb..a1d8a1d758 100644
--- a/examples/fips_validation/main.c
+++ b/examples/fips_validation/main.c
@@ -1941,11 +1941,12 @@ fips_test_one_test_group(void)
 
 	switch (info.algo) {
 	case FIPS_TEST_ALGO_AES_GCM:
-		ret = parse_test_gcm_init();
+		ret = parse_test_gcm_json_init();
 		break;
 	default:
 		return -EINVAL;
 	}
+
 	if (ret < 0)
 		return ret;
 
-- 
2.25.1


^ permalink raw reply	[flat|nested] 122+ messages in thread

* [PATCH v4 6/8] examples/fips_validation: add json to hmac
  2022-04-29 16:15     ` [PATCH v4 0/8] " Brandon Lo
                         ` (4 preceding siblings ...)
  2022-04-29 16:15       ` [PATCH v4 5/8] examples/fips_validation: add json to gcm test Brandon Lo
@ 2022-04-29 16:15       ` Brandon Lo
  2022-05-18 15:45         ` [EXT] " Gowrishankar Muthukrishnan
  2022-04-29 16:15       ` [PATCH v4 7/8] examples/fips_validation: implement json cmac test Brandon Lo
                         ` (3 subsequent siblings)
  9 siblings, 1 reply; 122+ messages in thread
From: Brandon Lo @ 2022-04-29 16:15 UTC (permalink / raw)
  To: roy.fan.zhang, ciara.power; +Cc: dev, Brandon Lo

Adds JSON support for the HMAC algorithm.

Signed-off-by: Brandon Lo <blo@iol.unh.edu>
---
 examples/fips_validation/fips_validation.c    |  2 +
 examples/fips_validation/fips_validation.h    |  6 ++
 .../fips_validation/fips_validation_hmac.c    | 93 +++++++++++++++++++
 examples/fips_validation/main.c               |  3 +
 4 files changed, 104 insertions(+)

diff --git a/examples/fips_validation/fips_validation.c b/examples/fips_validation/fips_validation.c
index d220dcab1f..04dfb85262 100644
--- a/examples/fips_validation/fips_validation.c
+++ b/examples/fips_validation/fips_validation.c
@@ -458,6 +458,8 @@ fips_test_parse_one_json_vector_set(void)
 	/* Vector sets contain the algorithm type, and nothing else we need. */
 	if (strstr(algo_str, "AES-GCM"))
 		info.algo = FIPS_TEST_ALGO_AES_GCM;
+	if (strstr(algo_str, "HMAC"))
+		info.algo = FIPS_TEST_ALGO_HMAC;
 	else
 		return -EINVAL;
 
diff --git a/examples/fips_validation/fips_validation.h b/examples/fips_validation/fips_validation.h
index 8d7af99e04..2c65d838b0 100644
--- a/examples/fips_validation/fips_validation.h
+++ b/examples/fips_validation/fips_validation.h
@@ -253,6 +253,12 @@ fips_test_parse_one_json_case(void);
 
 int
 parse_test_gcm_json_init(void);
+
+int
+parse_test_hmac_json_init(void);
+
+int
+parse_test_hmac_json_algorithm(void);
 #endif /* RTE_HAS_JANSSON */
 
 int
diff --git a/examples/fips_validation/fips_validation_hmac.c b/examples/fips_validation/fips_validation_hmac.c
index 1285c9d283..4cd1b1ac07 100644
--- a/examples/fips_validation/fips_validation_hmac.c
+++ b/examples/fips_validation/fips_validation_hmac.c
@@ -19,6 +19,15 @@
 #define PT_STR		"Msg = "
 #define TAG_STR		"Mac = "
 
+#define ALGO_JSON_STR	"algorithm"
+
+#define KEYLEN_JSON_STR	"keyLen"
+#define TAGLEN_JSON_STR	"macLen"
+
+#define KEY_JSON_STR	"key"
+#define PT_JSON_STR		"msg"
+#define TAG_JSON_STR	"mac"
+
 struct hash_size_conversion {
 	const char *str;
 	enum rte_crypto_auth_algorithm algo;
@@ -65,6 +74,29 @@ struct fips_test_callback hmac_tests_interim_vectors[] = {
 		{NULL, NULL, NULL} /**< end pointer */
 };
 
+#ifdef RTE_HAS_JANSSON
+struct hash_size_conversion json_algorithms[] = {
+		{"HMAC-SHA-1", RTE_CRYPTO_AUTH_SHA1_HMAC},
+		{"HMAC-SHA2-224", RTE_CRYPTO_AUTH_SHA224_HMAC},
+		{"HMAC-SHA2-256", RTE_CRYPTO_AUTH_SHA256_HMAC},
+		{"HMAC-SHA2-384", RTE_CRYPTO_AUTH_SHA384_HMAC},
+		{"HMAC-SHA2-512", RTE_CRYPTO_AUTH_SHA512_HMAC},
+};
+
+struct fips_test_callback hmac_tests_json_vectors[] = {
+		{KEY_JSON_STR, parse_uint8_hex_str, &vec.cipher_auth.key},
+		{PT_JSON_STR, parse_uint8_hex_str, &vec.pt},
+		{TAG_JSON_STR, parse_uint8_hex_str, &vec.cipher_auth.digest},
+		{NULL, NULL, NULL} /**< end pointer */
+};
+
+struct fips_test_callback hmac_tests_interim_json_vectors[] = {
+		{KEYLEN_JSON_STR, parser_read_uint32_val, &vec.cipher_auth.key},
+		{TAGLEN_JSON_STR, parser_read_uint32_bit_val, &vec.cipher_auth.digest},
+		{NULL, NULL, NULL} /**< end pointer */
+};
+#endif /* RTE_HAS_JANSSON */
+
 static int
 parse_test_hmac_writeback(struct fips_val *val)
 {
@@ -103,3 +135,64 @@ parse_test_hmac_init(void)
 
 	return 0;
 }
+
+#ifdef RTE_HAS_JANSSON
+static int
+parse_test_hmac_json_writeback(struct fips_val *val)
+{
+	struct fips_val val_local;
+	json_t *tcId, *mac;
+
+	tcId = json_object_get(json_info.json_test_case, "tcId");
+
+	json_info.json_write_case = json_object();
+	json_object_set(json_info.json_write_case, "tcId", tcId);
+
+
+	val_local.val = val->val + vec.pt.len;
+	val_local.len = vec.cipher_auth.digest.len;
+
+	writeback_hex_str("", info.one_line_text, &val_local);
+
+	mac = json_string(info.one_line_text);
+	json_object_set_new(json_info.json_write_case, TAG_JSON_STR, mac);
+
+	return 0;
+}
+
+int
+parse_test_hmac_json_algorithm(void)
+{
+	json_t *algorithm_object;
+	const char *algorithm_str;
+	uint32_t i;
+
+	algorithm_object = json_object_get(json_info.json_vector_set, "algorithm");
+	algorithm_str = json_string_value(algorithm_object);
+
+	for (i = 0; i < RTE_DIM(json_algorithms); i++) {
+		if (strstr(algorithm_str, json_algorithms[i].str)) {
+			info.interim_info.hmac_data.algo = json_algorithms[i].algo;
+			return 0;
+		}
+	}
+
+	return -1;
+}
+
+int
+parse_test_hmac_json_init(void)
+{
+	info.op = FIPS_TEST_ENC_AUTH_GEN;
+	info.parse_writeback = parse_test_hmac_json_writeback;
+	info.callbacks = hmac_tests_json_vectors;
+	info.writeback_callbacks = NULL;
+	info.kat_check = rsp_test_hmac_check;
+	info.interim_callbacks = hmac_tests_interim_json_vectors;
+
+	if (parse_test_hmac_json_algorithm() < 0)
+		return -1;
+
+	return 0;
+}
+#endif /* RTE_HAS_JANSSON */
diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c
index a1d8a1d758..de6dedaf75 100644
--- a/examples/fips_validation/main.c
+++ b/examples/fips_validation/main.c
@@ -1943,6 +1943,9 @@ fips_test_one_test_group(void)
 	case FIPS_TEST_ALGO_AES_GCM:
 		ret = parse_test_gcm_json_init();
 		break;
+	case FIPS_TEST_ALGO_HMAC:
+		ret = parse_test_hmac_json_init();
+		break;
 	default:
 		return -EINVAL;
 	}
-- 
2.25.1


^ permalink raw reply	[flat|nested] 122+ messages in thread

* [PATCH v4 7/8] examples/fips_validation: implement json cmac test
  2022-04-29 16:15     ` [PATCH v4 0/8] " Brandon Lo
                         ` (5 preceding siblings ...)
  2022-04-29 16:15       ` [PATCH v4 6/8] examples/fips_validation: add json to hmac Brandon Lo
@ 2022-04-29 16:15       ` Brandon Lo
  2022-05-18 15:46         ` [EXT] " Gowrishankar Muthukrishnan
  2022-04-29 16:15       ` [PATCH v4 8/8] examples/fips_validation: add parsing for cmac Brandon Lo
                         ` (2 subsequent siblings)
  9 siblings, 1 reply; 122+ messages in thread
From: Brandon Lo @ 2022-04-29 16:15 UTC (permalink / raw)
  To: roy.fan.zhang, ciara.power; +Cc: dev, Brandon Lo

Implemented JSON support for the CMAC test.

Signed-off-by: Brandon Lo <blo@iol.unh.edu>
---
 examples/fips_validation/fips_validation.h    |  6 ++
 .../fips_validation/fips_validation_cmac.c    | 68 +++++++++++++++++++
 2 files changed, 74 insertions(+)

diff --git a/examples/fips_validation/fips_validation.h b/examples/fips_validation/fips_validation.h
index 2c65d838b0..7f68d454f7 100644
--- a/examples/fips_validation/fips_validation.h
+++ b/examples/fips_validation/fips_validation.h
@@ -259,6 +259,12 @@ parse_test_hmac_json_init(void);
 
 int
 parse_test_hmac_json_algorithm(void);
+
+int
+parse_test_cmac_json_init(void);
+
+int
+parser_read_cmac_direction_str(const char *key, char *src, struct fips_val *val);
 #endif /* RTE_HAS_JANSSON */
 
 int
diff --git a/examples/fips_validation/fips_validation_cmac.c b/examples/fips_validation/fips_validation_cmac.c
index 54c951ef83..4b5fd2aca7 100644
--- a/examples/fips_validation/fips_validation_cmac.c
+++ b/examples/fips_validation/fips_validation_cmac.c
@@ -32,6 +32,18 @@
 #define PASS_STR	"P"
 #define FAIL_STR	"F"
 
+#define KLEN_JSON_STR		"keyLen"
+#define PTLEN_JSON_STR		"msgLen"
+#define TAGLEN_JSON_STR		"macLen"
+#define KEY_JSON_STR		"key"
+#define PT_JSON_STR			"message"
+#define TAG_JSON_STR		"mac"
+#define DIRECTION_JSON_STR	"direction"
+#define POS_NEG_JSON_STR	"testPassed"
+
+#define GEN_JSON_STR	"gen"
+#define VERIF_JSON_STR	"ver"
+
 struct hash_algo_conversion {
 	const char *str;
 	enum fips_test_algorithms algo;
@@ -39,6 +51,62 @@ struct hash_algo_conversion {
 		{"AES", FIPS_TEST_ALGO_AES_CMAC},
 };
 
+#ifdef RTE_HAS_JANSSON
+struct fips_test_callback cmac_tests_interim_json_vectors[] = {
+		{KLEN_JSON_STR, parser_read_uint32_bit_val, &vec.cipher_auth.key},
+		{PTLEN_JSON_STR, parser_read_uint32_bit_val, &vec.pt},
+		{TAGLEN_JSON_STR, parser_read_uint32_bit_val, &vec.cipher_auth.digest},
+		{DIRECTION_JSON_STR, parser_read_cmac_direction_str, NULL},
+		{NULL, NULL, NULL} /**< end pointer */
+};
+
+struct fips_test_callback cmac_tests_json_vectors[] = {
+		{KEY_JSON_STR, parse_uint8_hex_str, &vec.cipher_auth.key},
+		{PT_JSON_STR, parse_uint8_known_len_hex_str, &vec.pt},
+		{TAG_JSON_STR, parse_uint8_known_len_hex_str,
+				&vec.cipher_auth.digest},
+		{NULL, NULL, NULL} /**< end pointer */
+};
+
+static int
+parse_test_cmac_json_writeback(struct fips_val *val)
+{
+	json_info.json_write_case = json_object();
+	json_object_set(json_info.json_write_case, "tcId",
+		json_object_get(json_info.json_test_case, "tcId"));
+
+	if (info.op == FIPS_TEST_ENC_AUTH_GEN) {
+		struct fips_val tmp_val = {val->val + vec.pt.len,
+				vec.cipher_auth.digest.len};
+
+		writeback_hex_str("", info.one_line_text, &tmp_val);
+		json_object_set_new(json_info.json_write_case, TAG_JSON_STR,
+			json_string(info.one_line_text));
+	} else {
+		if (vec.status == RTE_CRYPTO_OP_STATUS_SUCCESS)
+			json_object_set_new(json_info.json_write_case, POS_NEG_JSON_STR,
+				json_boolean(true));
+		else if (vec.status == RTE_CRYPTO_OP_STATUS_AUTH_FAILED)
+			json_object_set_new(json_info.json_write_case, POS_NEG_JSON_STR,
+				json_boolean(false));
+	}
+
+	return 0;
+}
+
+int
+parse_test_cmac_json_init(void)
+{
+	info.algo = FIPS_TEST_ALGO_AES_CMAC;
+
+	info.parse_writeback = parse_test_cmac_json_writeback;
+	info.callbacks = cmac_tests_json_vectors;
+	info.interim_callbacks = cmac_tests_interim_json_vectors;
+
+	return 0;
+}
+#endif /* RTE_HAS_JANSSON */
+
 static int
 parse_test_cmac_writeback(struct fips_val *val)
 {
-- 
2.25.1


^ permalink raw reply	[flat|nested] 122+ messages in thread

* [PATCH v4 8/8] examples/fips_validation: add parsing for cmac
  2022-04-29 16:15     ` [PATCH v4 0/8] " Brandon Lo
                         ` (6 preceding siblings ...)
  2022-04-29 16:15       ` [PATCH v4 7/8] examples/fips_validation: implement json cmac test Brandon Lo
@ 2022-04-29 16:15       ` Brandon Lo
  2022-05-18 15:46         ` [EXT] " Gowrishankar Muthukrishnan
  2022-05-19  5:31         ` Gowrishankar Muthukrishnan
  2022-04-29 16:19       ` [PATCH v4 0/8] Add JSON vector set support to fips validation Brandon Lo
  2022-05-25 15:45       ` [v5, 00/11] " Gowrishankar Muthukrishnan
  9 siblings, 2 replies; 122+ messages in thread
From: Brandon Lo @ 2022-04-29 16:15 UTC (permalink / raw)
  To: roy.fan.zhang, ciara.power; +Cc: dev, Brandon Lo

Added function to parse algorithm for CMAC test.

Signed-off-by: Brandon Lo <blo@iol.unh.edu>
---
 examples/fips_validation/fips_validation.c | 31 +++++++++++++++++++---
 examples/fips_validation/main.c            |  3 +++
 2 files changed, 31 insertions(+), 3 deletions(-)

diff --git a/examples/fips_validation/fips_validation.c b/examples/fips_validation/fips_validation.c
index 04dfb85262..8e0a55c624 100644
--- a/examples/fips_validation/fips_validation.c
+++ b/examples/fips_validation/fips_validation.c
@@ -460,6 +460,8 @@ fips_test_parse_one_json_vector_set(void)
 		info.algo = FIPS_TEST_ALGO_AES_GCM;
 	if (strstr(algo_str, "HMAC"))
 		info.algo = FIPS_TEST_ALGO_HMAC;
+	if (strstr(algo_str, "CMAC"))
+		info.algo = FIPS_TEST_ALGO_AES_CMAC;
 	else
 		return -EINVAL;
 
@@ -470,7 +472,6 @@ int
 fips_test_parse_one_json_group(void)
 {
 	int ret, i;
-	json_int_t val;
 	json_t *param;
 
 	if (info.interim_callbacks) {
@@ -478,8 +479,20 @@ fips_test_parse_one_json_group(void)
 		for (i = 0; info.interim_callbacks[i].key != NULL; i++) {
 			param = json_object_get(json_info.json_test_group,
 					info.interim_callbacks[i].key);
-			val = json_integer_value(param);
-			snprintf(json_value, 255, "%"JSON_INTEGER_FORMAT, val);
+			switch (json_typeof(param)) {
+			case JSON_STRING:
+				snprintf(json_value, 256, "%s", json_string_value(param));
+				break;
+
+			case JSON_INTEGER:
+				snprintf(json_value, 255, "%"JSON_INTEGER_FORMAT,
+						json_integer_value(param));
+				break;
+
+			default:
+				return -EINVAL;
+			}
+
 			/* First argument is blank because the key
 			 * is not included in the string being parsed.
 			 */
@@ -673,6 +686,18 @@ parser_read_uint32_bit_val(const char *key, char *src, struct fips_val *val)
 	return 0;
 }
 
+int
+parser_read_cmac_direction_str(__rte_unused const char *key, char *src,
+		__rte_unused struct fips_val *val)
+{
+	if (strcmp(src, "gen") == 0)
+		info.op = FIPS_TEST_ENC_AUTH_GEN;
+	else if (strcmp(src, "ver") == 0)
+		info.op = FIPS_TEST_DEC_AUTH_VERIF;
+
+	return 0;
+}
+
 int
 writeback_hex_str(const char *key, char *dst, struct fips_val *val)
 {
diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c
index de6dedaf75..aa8034c29f 100644
--- a/examples/fips_validation/main.c
+++ b/examples/fips_validation/main.c
@@ -1946,6 +1946,9 @@ fips_test_one_test_group(void)
 	case FIPS_TEST_ALGO_HMAC:
 		ret = parse_test_hmac_json_init();
 		break;
+	case FIPS_TEST_ALGO_AES_CMAC:
+		ret = parse_test_cmac_json_init();
+		break;
 	default:
 		return -EINVAL;
 	}
-- 
2.25.1


^ permalink raw reply	[flat|nested] 122+ messages in thread

* Re: [PATCH v4 0/8] Add JSON vector set support to fips validation
  2022-04-29 16:15     ` [PATCH v4 0/8] " Brandon Lo
                         ` (7 preceding siblings ...)
  2022-04-29 16:15       ` [PATCH v4 8/8] examples/fips_validation: add parsing for cmac Brandon Lo
@ 2022-04-29 16:19       ` Brandon Lo
  2022-05-25 15:45       ` [v5, 00/11] " Gowrishankar Muthukrishnan
  9 siblings, 0 replies; 122+ messages in thread
From: Brandon Lo @ 2022-04-29 16:19 UTC (permalink / raw)
  To: Zhang, Roy Fan, Power, Ciara; +Cc: dev

Hi everyone,

I'm going to be leaving the UNH IOL, so I've submitted the work that
will be continued by other members of the lab.

Thanks,
Brandon

On Fri, Apr 29, 2022 at 12:16 PM Brandon Lo <blo@iol.unh.edu> wrote:
>
> Adds a very basic introduction to JSON vector sets in
> the fips validation example application. This patch set
> will only introduce the AES-GCM test using a JSON request
> file because the other algorithms need more information
> than what is given in the new JSON format.
>
> Brandon Lo (8):
>   examples/fips_validation: add jansson dependency
>   examples/fips_validation: add json info to header
>   examples/fips_validation: add json parsing
>   examples/fips_validation: allow json file as input
>   examples/fips_validation: add json to gcm test
>   examples/fips_validation: add json to hmac
>   examples/fips_validation: implement json cmac test
>   examples/fips_validation: add parsing for cmac
>
>  examples/fips_validation/fips_validation.c    | 119 ++++++++++
>  examples/fips_validation/fips_validation.h    |  57 ++++-
>  .../fips_validation/fips_validation_cmac.c    |  68 ++++++
>  .../fips_validation/fips_validation_gcm.c     | 151 ++++++++++++-
>  .../fips_validation/fips_validation_hmac.c    |  93 ++++++++
>  examples/fips_validation/main.c               | 207 +++++++++++++++++-
>  examples/fips_validation/meson.build          |   4 +
>  7 files changed, 693 insertions(+), 6 deletions(-)
>
> --
> 2.25.1
>


-- 
Brandon Lo
UNH InterOperability Laboratory
21 Madbury Rd, Suite 100, Durham, NH 03824
blo@iol.unh.edu
www.iol.unh.edu

^ permalink raw reply	[flat|nested] 122+ messages in thread

* RE: [EXT] [PATCH v4 1/8] examples/fips_validation: add jansson dependency
  2022-04-29 16:15       ` [PATCH v4 1/8] examples/fips_validation: add jansson dependency Brandon Lo
@ 2022-05-18 15:44         ` Gowrishankar Muthukrishnan
  0 siblings, 0 replies; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-18 15:44 UTC (permalink / raw)
  To: Brandon Lo, roy.fan.zhang, ciara.power; +Cc: dev, Akhil Goyal

Verified the functionality changes and looks good to me.

Acked-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>

Thanks.

> -----Original Message-----
> From: Brandon Lo <blo@iol.unh.edu>
> Sent: Friday, April 29, 2022 9:46 PM
> To: roy.fan.zhang@intel.com; ciara.power@intel.com
> Cc: dev@dpdk.org; Brandon Lo <blo@iol.unh.edu>
> Subject: [EXT] [PATCH v4 1/8] examples/fips_validation: add jansson
> dependency
> 
> External Email
> 
> ----------------------------------------------------------------------
> Added a check for RTE_HAS_JANSSON into the meson configuration file for
> JSON support.
> 
> Signed-off-by: Brandon Lo <blo@iol.unh.edu>
> ---
>  examples/fips_validation/meson.build | 4 ++++
>  1 file changed, 4 insertions(+)
> 
> diff --git a/examples/fips_validation/meson.build
> b/examples/fips_validation/meson.build
> index 7eef456318..8cd63066b5 100644
> --- a/examples/fips_validation/meson.build
> +++ b/examples/fips_validation/meson.build
> @@ -21,3 +21,7 @@ sources = files(
>          'fips_dev_self_test.c',
>          'main.c',
>  )
> +
> +if dpdk_conf.has('RTE_HAS_JANSSON')
> +    ext_deps += jansson_dep
> +endif
> --
> 2.25.1


^ permalink raw reply	[flat|nested] 122+ messages in thread

* RE: [EXT] [PATCH v4 2/8] examples/fips_validation: add json info to header
  2022-04-29 16:15       ` [PATCH v4 2/8] examples/fips_validation: add json info to header Brandon Lo
@ 2022-05-18 15:44         ` Gowrishankar Muthukrishnan
  0 siblings, 0 replies; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-18 15:44 UTC (permalink / raw)
  To: Brandon Lo, roy.fan.zhang, ciara.power; +Cc: dev, Akhil Goyal

Verified the functionality changes and looks good to me.

Acked-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>

Thanks.

> -----Original Message-----
> From: Brandon Lo <blo@iol.unh.edu>
> Sent: Friday, April 29, 2022 9:46 PM
> To: roy.fan.zhang@intel.com; ciara.power@intel.com
> Cc: dev@dpdk.org; Brandon Lo <blo@iol.unh.edu>
> Subject: [EXT] [PATCH v4 2/8] examples/fips_validation: add json info to
> header
> 
> External Email
> 
> ----------------------------------------------------------------------
> Added json-specific functions and other information needed to test the new
> FIPS test vectors.
> 
> Signed-off-by: Brandon Lo <blo@iol.unh.edu>
> ---
> v2:
> * fix type of prefix to suffix
> 
>  examples/fips_validation/fips_validation.h | 42 +++++++++++++++++++++-
>  1 file changed, 41 insertions(+), 1 deletion(-)
> 
> diff --git a/examples/fips_validation/fips_validation.h
> b/examples/fips_validation/fips_validation.h
> index aaadf01ba8..e2789df93a 100644
> --- a/examples/fips_validation/fips_validation.h
> +++ b/examples/fips_validation/fips_validation.h
> @@ -5,6 +5,10 @@
>  #ifndef _FIPS_VALIDATION_H_
>  #define _FIPS_VALIDATION_H_
> 
> +#ifdef RTE_HAS_JANSSON
> +#include <jansson.h>
> +#endif /* RTE_HAS_JANSSON */
> +
>  #define FIPS_PARSE_ERR(fmt, args)					\
>  	RTE_LOG(ERR, USER1, "FIPS parse error" ## fmt ## "\n", ## args)
> 
> @@ -24,6 +28,9 @@
>  #define REQ_FILE_PERFIX		"req"
>  #define RSP_FILE_PERFIX		"rsp"
>  #define FAX_FILE_PERFIX		"fax"
> +#define JSON_FILE_PERFIX	"json"
> +
> +#define ACVVERSION			"1.0"
> 
>  enum fips_test_algorithms {
>  		FIPS_TEST_ALGO_AES = 0,
> @@ -40,7 +47,8 @@ enum fips_test_algorithms {  enum file_types {
>  	FIPS_TYPE_REQ = 1,
>  	FIPS_TYPE_FAX,
> -	FIPS_TYPE_RSP
> +	FIPS_TYPE_RSP,
> +	FIPS_TYPE_JSON,
>  };
> 
>  enum fips_test_op {
> @@ -161,6 +169,23 @@ struct gcm_interim_data {
>  	uint8_t gen_iv;
>  };
> 
> +#ifdef RTE_HAS_JANSSON
> +struct fips_test_json_info {
> +	/* Information used for reading from json */
> +	json_t *json_root;
> +	json_t *json_vector_set;
> +	json_t *json_test_group;
> +	json_t *json_test_case;
> +	/* Location of json write output */
> +	json_t *json_write_root;
> +	json_t *json_write_group;
> +	json_t *json_write_set;
> +	json_t *json_write_case;
> +	/* Other info */
> +	uint8_t is_sample;
> +};
> +#endif /* RTE_HAS_JANSSON */
> +
>  struct fips_test_interim_info {
>  	FILE *fp_rd;
>  	FILE *fp_wr;
> @@ -196,6 +221,10 @@ struct fips_test_interim_info {  extern struct
> fips_test_vector vec;  extern struct fips_test_interim_info info;
> 
> +#ifdef RTE_HAS_JANSSON
> +extern struct fips_test_json_info json_info; #endif /* RTE_HAS_JANSSON
> +*/
> +
>  int
>  fips_test_init(const char *req_file_path, const char *rsp_file_path,
>  		const char *device_name);
> @@ -212,6 +241,17 @@ fips_test_parse_one_case(void);  void
> fips_test_write_one_case(void);
> 
> +#ifdef RTE_HAS_JANSSON
> +int
> +fips_test_parse_one_json_vector_set(void);
> +
> +int
> +fips_test_parse_one_json_group(void);
> +
> +int
> +fips_test_parse_one_json_case(void);
> +#endif /* RTE_HAS_JANSSON */
> +
>  int
>  parse_test_aes_init(void);
> 
> --
> 2.25.1


^ permalink raw reply	[flat|nested] 122+ messages in thread

* RE: [EXT] [PATCH v4 3/8] examples/fips_validation: add json parsing
  2022-04-29 16:15       ` [PATCH v4 3/8] examples/fips_validation: add json parsing Brandon Lo
@ 2022-05-18 15:45         ` Gowrishankar Muthukrishnan
  0 siblings, 0 replies; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-18 15:45 UTC (permalink / raw)
  To: Brandon Lo, roy.fan.zhang, ciara.power; +Cc: dev, Akhil Goyal

Verified the functionality changes and looks good to me.

Acked-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>

Thanks.

> -----Original Message-----
> From: Brandon Lo <blo@iol.unh.edu>
> Sent: Friday, April 29, 2022 9:46 PM
> To: roy.fan.zhang@intel.com; ciara.power@intel.com
> Cc: dev@dpdk.org; Brandon Lo <blo@iol.unh.edu>
> Subject: [EXT] [PATCH v4 3/8] examples/fips_validation: add json parsing
> 
> External Email
> 
> ----------------------------------------------------------------------
> Added functions to parse the required information from a vector set given in
> the new json format.
> 
> Signed-off-by: Brandon Lo <blo@iol.unh.edu>
> ---
> v3:
> * fix checkpatch warnings
> 
> v2:
> * fix for loop initialization
> 
>  examples/fips_validation/fips_validation.c | 92 ++++++++++++++++++++++
>  1 file changed, 92 insertions(+)
> 
> diff --git a/examples/fips_validation/fips_validation.c
> b/examples/fips_validation/fips_validation.c
> index 94253eaee8..d220dcab1f 100644
> --- a/examples/fips_validation/fips_validation.c
> +++ b/examples/fips_validation/fips_validation.c
> @@ -276,6 +276,8 @@ parse_file_type(const char *path)
>  		info.file_type = FIPS_TYPE_RSP;
>  	else if (strstr(path, FAX_FILE_PERFIX))
>  		info.file_type = FIPS_TYPE_FAX;
> +	else if (strstr(path, JSON_FILE_PERFIX))
> +		info.file_type = FIPS_TYPE_JSON;
>  	else
>  		return -EINVAL;
> 
> @@ -311,6 +313,21 @@ fips_test_init(const char *req_file_path, const char
> *rsp_file_path,
>  		return -EINVAL;
>  	}
> 
> +	if (info.file_type == FIPS_TYPE_JSON) { #ifdef RTE_HAS_JANSSON
> +		json_error_t error;
> +		json_info.json_root = json_loadf(info.fp_rd, 0, &error);
> +		if (!json_info.json_root) {
> +			RTE_LOG(ERR, USER1, "Cannot parse json file %s (line
> %d, column %d)\n",
> +				req_file_path, error.line, error.column);
> +			return -EINVAL;
> +		}
> +#else /* RTE_HAS_JANSSON */
> +		RTE_LOG(ERR, USER1, "No json library configured.\n");
> +		return -EINVAL;
> +#endif /* RTE_HAS_JANSSON */
> +	}
> +
>  	info.fp_wr = fopen(rsp_file_path, "w");
>  	if (!info.fp_wr) {
>  		RTE_LOG(ERR, USER1, "Cannot open file %s\n",
> rsp_file_path); @@ -329,6 +346,9 @@ fips_test_init(const char
> *req_file_path, const char *rsp_file_path,
>  		return -EINVAL;
>  	}
> 
> +	if (info.file_type == FIPS_TYPE_JSON)
> +		return 0;
> +
>  	if (fips_test_parse_header() < 0) {
>  		RTE_LOG(ERR, USER1, "Failed parsing header\n");
>  		return -1;
> @@ -428,6 +448,78 @@ fips_test_write_one_case(void)
>  		fprintf(info.fp_wr, "%s\n", info.vec[i]);  }
> 
> +#ifdef RTE_HAS_JANSSON
> +int
> +fips_test_parse_one_json_vector_set(void)
> +{
> +	json_t *algo_obj = json_object_get(json_info.json_vector_set,
> "algorithm");
> +	const char *algo_str = json_string_value(algo_obj);
> +
> +	/* Vector sets contain the algorithm type, and nothing else we need.
> */
> +	if (strstr(algo_str, "AES-GCM"))
> +		info.algo = FIPS_TEST_ALGO_AES_GCM;
> +	else
> +		return -EINVAL;
> +
> +	return 0;
> +}
> +
> +int
> +fips_test_parse_one_json_group(void)
> +{
> +	int ret, i;
> +	json_int_t val;
> +	json_t *param;
> +
> +	if (info.interim_callbacks) {
> +		char json_value[256];
> +		for (i = 0; info.interim_callbacks[i].key != NULL; i++) {
> +			param =
> json_object_get(json_info.json_test_group,
> +					info.interim_callbacks[i].key);
> +			val = json_integer_value(param);
> +			snprintf(json_value, 255,
> "%"JSON_INTEGER_FORMAT, val);
> +			/* First argument is blank because the key
> +			 * is not included in the string being parsed.
> +			 */
> +			ret = info.interim_callbacks[i].cb(
> +				"", json_value,
> +				info.interim_callbacks[i].val
> +			);
> +			if (ret < 0)
> +				return ret;
> +		}
> +	}
> +
> +	return 0;
> +}
> +
> +int
> +fips_test_parse_one_json_case(void)
> +{
> +	uint32_t i;
> +	int ret = 0;
> +	json_t *param;
> +
> +	for (i = 0; info.callbacks[i].key != NULL; i++) {
> +		param = json_object_get(json_info.json_test_case,
> info.callbacks[i].key);
> +		if (param) {
> +			strcpy(info.one_line_text,
> json_string_value(param));
> +			/* First argument is blank because the key
> +			 * is not included in the string being parsed.
> +			 */
> +			ret = info.callbacks[i].cb(
> +				"", info.one_line_text,
> +				info.callbacks[i].val
> +			);
> +			if (ret < 0)
> +				return ret;
> +		}
> +	}
> +
> +	return 0;
> +}
> +#endif /* RTE_HAS_JANSSON */
> +
>  static int
>  parser_read_uint64_hex(uint64_t *value, const char *p)  {
> --
> 2.25.1


^ permalink raw reply	[flat|nested] 122+ messages in thread

* RE: [EXT] [PATCH v4 4/8] examples/fips_validation: allow json file as input
  2022-04-29 16:15       ` [PATCH v4 4/8] examples/fips_validation: allow json file as input Brandon Lo
@ 2022-05-18 15:45         ` Gowrishankar Muthukrishnan
  2022-05-19  5:30         ` Gowrishankar Muthukrishnan
  1 sibling, 0 replies; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-18 15:45 UTC (permalink / raw)
  To: Brandon Lo, roy.fan.zhang, ciara.power; +Cc: dev, Akhil Goyal

Verified the functionality changes and looks good to me.

Acked-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>

Thanks.

> -----Original Message-----
> From: Brandon Lo <blo@iol.unh.edu>
> Sent: Friday, April 29, 2022 9:46 PM
> To: roy.fan.zhang@intel.com; ciara.power@intel.com
> Cc: dev@dpdk.org; Brandon Lo <blo@iol.unh.edu>
> Subject: [EXT] [PATCH v4 4/8] examples/fips_validation: allow json file as
> input
> 
> External Email
> 
> ----------------------------------------------------------------------
> Added the ability to use the json format as the input and output of the
> example application.
> 
> Signed-off-by: Brandon Lo <blo@iol.unh.edu>
> ---
> v3:
> * fix checkpatch warnings
> 
> v2:
> * remove use_json variable
> 
>  examples/fips_validation/main.c | 200
> +++++++++++++++++++++++++++++++-
>  1 file changed, 196 insertions(+), 4 deletions(-)
> 
> diff --git a/examples/fips_validation/main.c
> b/examples/fips_validation/main.c index e06ae37567..65f736f3cb 100644
> --- a/examples/fips_validation/main.c
> +++ b/examples/fips_validation/main.c
> @@ -34,11 +34,17 @@ enum {
>  	OPT_CRYPTODEV_BK_ID_NUM,
>  #define OPT_CRYPTODEV_BK_DIR_KEY    "broken-test-dir"
>  	OPT_CRYPTODEV_BK_DIR_KEY_NUM,
> +#define OPT_USE_JSON                "use-json"
> +	OPT_USE_JSON_NUM,
>  };
> 
>  struct fips_test_vector vec;
>  struct fips_test_interim_info info;
> 
> +#ifdef RTE_HAS_JANSSON
> +struct fips_test_json_info json_info;
> +#endif /* RTE_HAS_JANSSON */
> +
>  struct cryptodev_fips_validate_env {
>  	const char *req_path;
>  	const char *rsp_path;
> @@ -166,6 +172,11 @@ cryptodev_fips_validate_app_uninit(void)
>  static int
>  fips_test_one_file(void);
> 
> +#ifdef RTE_HAS_JANSSON
> +static int
> +fips_test_one_json_file(void);
> +#endif /* RTE_HAS_JANSSON */
> +
>  static int
>  parse_cryptodev_arg(char *arg)
>  {
> @@ -389,6 +400,7 @@ int
>  main(int argc, char *argv[])
>  {
>  	int ret;
> +	char use_json;
> 
>  	ret = rte_eal_init(argc, argv);
>  	if (ret < 0) {
> @@ -424,9 +436,17 @@ main(int argc, char *argv[])
>  					ret, env.req_path);
>  			goto exit;
>  		}
> -
> -
> +		use_json = info.file_type == FIPS_TYPE_JSON;
> +
> +#ifdef RTE_HAS_JANSSON
> +		ret = info.file_type == FIPS_TYPE_JSON ?
> +			fips_test_one_json_file() : fips_test_one_file();
> +		if (use_json)
> +			json_decref(json_info.json_root);
> +#else /* RTE_HAS_JANSSON */
>  		ret = fips_test_one_file();
> +#endif /* RTE_HAS_JANSSON */
> +
>  		if (ret < 0) {
>  			RTE_LOG(ERR, USER1, "Error %i: Failed test %s\n",
>  					ret, env.req_path);
> @@ -480,8 +500,19 @@ main(int argc, char *argv[])
>  						ret, req_path);
>  				break;
>  			}
> +			use_json = info.file_type == FIPS_TYPE_JSON;
> 
> +#ifdef RTE_HAS_JANSSON
> +			if (use_json) {
> +				ret = fips_test_one_json_file();
> +				json_decref(json_info.json_root);
> +			} else {
> +				ret = fips_test_one_file();
> +			}
> +#else /* RTE_HAS_JANSSON */
>  			ret = fips_test_one_file();
> +#endif /* RTE_HAS_JANSSON */
> +
>  			if (ret < 0) {
>  				RTE_LOG(ERR, USER1, "Error %i: Failed test
> %s\n",
>  						ret, req_path);
> @@ -1219,7 +1250,8 @@ fips_generic_test(void)
>  	struct fips_val val = {NULL, 0};
>  	int ret;
> 
> -	fips_test_write_one_case();
> +	if (info.file_type != FIPS_TYPE_JSON)
> +		fips_test_write_one_case();
> 
>  	ret = fips_run_test();
>  	if (ret < 0) {
> @@ -1238,6 +1270,7 @@ fips_generic_test(void)
>  	switch (info.file_type) {
>  	case FIPS_TYPE_REQ:
>  	case FIPS_TYPE_RSP:
> +	case FIPS_TYPE_JSON:
>  		if (info.parse_writeback == NULL)
>  			return -EPERM;
>  		ret = info.parse_writeback(&val);
> @@ -1253,7 +1286,8 @@ fips_generic_test(void)
>  		break;
>  	}
> 
> -	fprintf(info.fp_wr, "\n");
> +	if (info.file_type != FIPS_TYPE_JSON)
> +		fprintf(info.fp_wr, "\n");
>  	free(val.val);
> 
>  	return 0;
> @@ -1844,3 +1878,161 @@ fips_test_one_file(void)
> 
>  	return ret;
>  }
> +
> +#ifdef RTE_HAS_JANSSON
> +static int
> +fips_test_json_init_writeback(void)
> +{
> +	json_t *session_info, *session_write;
> +	session_info = json_array_get(json_info.json_root, 0);
> +	session_write = json_object();
> +	json_info.json_write_root = json_array();
> +
> +	json_object_set(session_write, "jwt",
> +		json_object_get(session_info, "jwt"));
> +	json_object_set(session_write, "url",
> +		json_object_get(session_info, "url"));
> +	json_object_set(session_write, "isSample",
> +		json_object_get(session_info, "isSample"));
> +
> +	json_info.is_sample = json_boolean_value(
> +		json_object_get(session_info, "isSample"));
> +
> +	json_array_append_new(json_info.json_write_root,
> session_write);
> +	return 0;
> +}
> +
> +static int
> +fips_test_one_test_case(void)
> +{
> +	int ret;
> +
> +	ret = fips_test_parse_one_json_case();
> +
> +	switch (ret) {
> +	case 0:
> +		ret = test_ops.test();
> +		if (ret == 0)
> +			break;
> +		RTE_LOG(ERR, USER1, "Error %i: test block\n",
> +				ret);
> +		break;
> +	case 1:
> +		break;
> +	default:
> +		RTE_LOG(ERR, USER1, "Error %i: Parse block\n",
> +				ret);
> +	}
> +	return 0;
> +}
> +
> +static int
> +fips_test_one_test_group(void)
> +{
> +	int ret;
> +	json_t *tests, *write_tests;
> +	size_t test_idx, tests_size;
> +
> +	write_tests = json_array();
> +	json_info.json_write_group = json_object();
> +	json_object_set(json_info.json_write_group, "tgId",
> +		json_object_get(json_info.json_test_group, "tgId"));
> +	json_object_set_new(json_info.json_write_group, "tests",
> write_tests);
> +
> +	switch (info.algo) {
> +	case FIPS_TEST_ALGO_AES_GCM:
> +		ret = parse_test_gcm_init();
> +		break;
> +	default:
> +		return -EINVAL;
> +	}
> +	if (ret < 0)
> +		return ret;
> +
> +	ret = fips_test_parse_one_json_group();
> +	if (ret < 0)
> +		return ret;
> +
> +	ret = init_test_ops();
> +	if (ret < 0)
> +		return ret;
> +
> +	tests = json_object_get(json_info.json_test_group, "tests");
> +	tests_size = json_array_size(tests);
> +	for (test_idx = 0; test_idx < tests_size; test_idx++) {
> +		json_info.json_test_case = json_array_get(tests, test_idx);
> +		fips_test_one_test_case();
> +		json_array_append_new(write_tests,
> json_info.json_write_case);
> +	}
> +
> +	return 0;
> +}
> +
> +static int
> +fips_test_one_vector_set(void)
> +{
> +	int ret;
> +	json_t *test_groups, *write_groups, *write_version, *write_set;
> +	size_t group_idx, num_groups;
> +
> +	test_groups = json_object_get(json_info.json_vector_set,
> "testGroups");
> +	num_groups = json_array_size(test_groups);
> +
> +	json_info.json_write_set = json_array();
> +	write_version = json_object();
> +	json_object_set_new(write_version, "acvVersion",
> json_string(ACVVERSION));
> +	json_array_append_new(json_info.json_write_set, write_version);
> +
> +	write_set = json_object();
> +	json_array_append_new(json_info.json_write_set, write_set);
> +	write_groups = json_array();
> +
> +	json_object_set(write_set, "vsId",
> +		json_object_get(json_info.json_vector_set, "vsId"));
> +	json_object_set(write_set, "algorithm",
> +		json_object_get(json_info.json_vector_set, "algorithm"));
> +	json_object_set(write_set, "revision",
> +		json_object_get(json_info.json_vector_set, "revision"));
> +	json_object_set_new(write_set, "isSample",
> +		json_boolean(json_info.is_sample));
> +	json_object_set_new(write_set, "testGroups", write_groups);
> +
> +	ret = fips_test_parse_one_json_vector_set();
> +	if (ret < 0) {
> +		RTE_LOG(ERR, USER1, "Error: Unsupported or invalid vector
> set algorithm: %s\n",
> +
> 	json_string_value(json_object_get(json_info.json_vector_set,
> "algorithm")));
> +		return ret;
> +	}
> +
> +	for (group_idx = 0; group_idx < num_groups; group_idx++) {
> +		json_info.json_test_group = json_array_get(test_groups,
> group_idx);
> +		ret = fips_test_one_test_group();
> +		json_array_append_new(write_groups,
> json_info.json_write_group);
> +	}
> +
> +	return 0;
> +}
> +
> +static int
> +fips_test_one_json_file(void)
> +{
> +	size_t vector_set_idx, root_size;
> +
> +	root_size = json_array_size(json_info.json_root);
> +	fips_test_json_init_writeback();
> +
> +	for (vector_set_idx = 1; vector_set_idx < root_size;
> vector_set_idx++) {
> +		/* Vector set index starts at 1, the 0th index contains test
> session
> +		 * information.
> +		 */
> +		json_info.json_vector_set =
> json_array_get(json_info.json_root, vector_set_idx);
> +		fips_test_one_vector_set();
> +		json_array_append_new(json_info.json_write_root,
> json_info.json_write_set);
> +	}
> +
> +	json_dumpf(json_info.json_write_root, info.fp_wr,
> JSON_INDENT(4));
> +	json_decref(json_info.json_write_root);
> +
> +	return 0;
> +}
> +#endif /* RTE_HAS_JANSSON */
> --
> 2.25.1


^ permalink raw reply	[flat|nested] 122+ messages in thread

* RE: [EXT] [PATCH v4 5/8] examples/fips_validation: add json to gcm test
  2022-04-29 16:15       ` [PATCH v4 5/8] examples/fips_validation: add json to gcm test Brandon Lo
@ 2022-05-18 15:45         ` Gowrishankar Muthukrishnan
  0 siblings, 0 replies; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-18 15:45 UTC (permalink / raw)
  To: Brandon Lo, roy.fan.zhang, ciara.power; +Cc: dev, Akhil Goyal

Verified the functionality changes and looks good to me.

Acked-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>

Thanks.

> -----Original Message-----
> From: Brandon Lo <blo@iol.unh.edu>
> Sent: Friday, April 29, 2022 9:46 PM
> To: roy.fan.zhang@intel.com; ciara.power@intel.com
> Cc: dev@dpdk.org; Brandon Lo <blo@iol.unh.edu>
> Subject: [EXT] [PATCH v4 5/8] examples/fips_validation: add json to gcm test
> 
> External Email
> 
> ----------------------------------------------------------------------
> Adds json-specific testing and writeback function. Allows the user to test
> AES-GCM vector sets.
> 
> Signed-off-by: Brandon Lo <blo@iol.unh.edu>
> ---
> v3:
> * fix checkpatch warnings
> 
>  examples/fips_validation/fips_validation.h    |   3 +
>  .../fips_validation/fips_validation_gcm.c     | 151 +++++++++++++++++-
>  examples/fips_validation/main.c               |   3 +-
>  3 files changed, 155 insertions(+), 2 deletions(-)
> 
> diff --git a/examples/fips_validation/fips_validation.h
> b/examples/fips_validation/fips_validation.h
> index e2789df93a..8d7af99e04 100644
> --- a/examples/fips_validation/fips_validation.h
> +++ b/examples/fips_validation/fips_validation.h
> @@ -250,6 +250,9 @@ fips_test_parse_one_json_group(void);
> 
>  int
>  fips_test_parse_one_json_case(void);
> +
> +int
> +parse_test_gcm_json_init(void);
>  #endif /* RTE_HAS_JANSSON */
> 
>  int
> diff --git a/examples/fips_validation/fips_validation_gcm.c
> b/examples/fips_validation/fips_validation_gcm.c
> index 250d09bf90..3604b21f13 100644
> --- a/examples/fips_validation/fips_validation_gcm.c
> +++ b/examples/fips_validation/fips_validation_gcm.c
> @@ -6,6 +6,10 @@
>  #include <time.h>
>  #include <stdio.h>
> 
> +#ifdef RTE_HAS_JANSSON
> +#include <jansson.h>
> +#endif /* RTE_HAS_JANSSON */
> +
>  #include <rte_cryptodev.h>
>  #include <rte_malloc.h>
> 
> @@ -37,6 +41,27 @@
>  #define OP_ENC_EXT_STR	"ExtIV"
>  #define OP_ENC_INT_STR	"IntIV"
> 
> +#define KEYLEN_JSON_STR		"keyLen"
> +#define IVLEN_JSON_STR		"ivLen"
> +#define PAYLOADLEN_JSON_STR	"payloadLen"
> +#define AADLEN_JSON_STR		"aadLen"
> +#define TAGLEN_JSON_STR		"tagLen"
> +
> +#define KEY_JSON_STR	"key"
> +#define IV_JSON_STR		"iv"
> +#define PT_JSON_STR		"pt"
> +#define CT_JSON_STR		"ct"
> +#define AAD_JSON_STR	"aad"
> +#define TAG_JSON_STR	"tag"
> +#define DIR_JSON_STR	"direction"
> +
> +#define OP_ENC_JSON_STR	"encrypt"
> +#define OP_DEC_JSON_STR	"decrypt"
> +
> +#define IVGEN_JSON_STR	"ivGen"
> +#define OP_ENC_EXT_JSON_STR	"external"
> +#define OP_ENC_INT_JSON_STR	"internal"
> +
>  #define NEG_TEST_STR	"FAIL"
> 
>  /**
> @@ -136,6 +161,40 @@ struct fips_test_callback gcm_enc_vectors[] = {
>  		{NULL, NULL, NULL} /**< end pointer */  };
> 
> +#ifdef RTE_HAS_JANSSON
> +struct fips_test_callback gcm_dec_json_vectors[] = {
> +		{KEY_JSON_STR, parse_uint8_known_len_hex_str,
> &vec.aead.key},
> +		{IV_JSON_STR, parse_uint8_known_len_hex_str, &vec.iv},
> +		{CT_JSON_STR, parse_gcm_pt_ct_str, &vec.ct},
> +		{AAD_JSON_STR, parse_gcm_aad_str, &vec.aead.aad},
> +		{TAG_JSON_STR, parse_uint8_known_len_hex_str,
> +				&vec.aead.digest},
> +		{NULL, NULL, NULL} /**< end pointer */ };
> +
> +struct fips_test_callback gcm_interim_json_vectors[] = {
> +		{KEYLEN_JSON_STR, parser_read_uint32_bit_val,
> &vec.aead.key},
> +		{IVLEN_JSON_STR, parser_read_uint32_bit_val, &vec.iv},
> +		{PAYLOADLEN_JSON_STR, parser_read_gcm_pt_len,
> &vec.pt},
> +		{PAYLOADLEN_JSON_STR, parser_read_uint32_bit_val,
> &vec.ct},
> +		/**< The NIST json test vectors use 'payloadLen' to denote
> input text
> +		 *  length in case of decrypt & encrypt operations.
> +		 */
> +		{AADLEN_JSON_STR, parser_read_uint32_bit_val,
> &vec.aead.aad},
> +		{TAGLEN_JSON_STR, parser_read_uint32_bit_val,
> +				&vec.aead.digest},
> +		{NULL, NULL, NULL} /**< end pointer */ };
> +
> +struct fips_test_callback gcm_enc_json_vectors[] = {
> +		{KEY_JSON_STR, parse_uint8_known_len_hex_str,
> &vec.aead.key},
> +		{IV_JSON_STR, parse_uint8_known_len_hex_str, &vec.iv},
> +		{PT_JSON_STR, parse_gcm_pt_ct_str, &vec.pt},
> +		{AAD_JSON_STR, parse_gcm_aad_str, &vec.aead.aad},
> +		{NULL, NULL, NULL} /**< end pointer */ }; #endif /*
> RTE_HAS_JANSSON
> +*/
> +
>  static int
>  parse_test_gcm_writeback(struct fips_val *val)  { @@ -194,7 +253,6 @@
> parse_test_gcm_init(void)
>  	char *tmp;
>  	uint32_t i;
> 
> -
>  	for (i = 0; i < info.nb_vec_lines; i++) {
>  		char *line = info.vec[i];
> 
> @@ -218,3 +276,94 @@ parse_test_gcm_init(void)
> 
>  	return 0;
>  }
> +
> +#ifdef RTE_HAS_JANSSON
> +static int
> +parse_test_gcm_json_writeback(struct fips_val *val) {
> +	struct fips_val tmp_val;
> +	json_t *tcId, *tag;
> +
> +	tcId = json_object_get(json_info.json_test_case, "tcId");
> +
> +	json_info.json_write_case = json_object();
> +	json_object_set(json_info.json_write_case, "tcId", tcId);
> +
> +	if (info.op == FIPS_TEST_ENC_AUTH_GEN) {
> +		json_t *ct;
> +
> +		tmp_val.val = val->val;
> +		tmp_val.len = vec.pt.len;
> +
> +		writeback_hex_str("", info.one_line_text, &tmp_val);
> +		ct = json_string(info.one_line_text);
> +		json_object_set_new(json_info.json_write_case,
> CT_JSON_STR, ct);
> +
> +		if (info.interim_info.gcm_data.gen_iv) {
> +			json_t *iv;
> +			tmp_val.val = vec.iv.val;
> +			tmp_val.len = vec.iv.len;
> +
> +			writeback_hex_str("", info.one_line_text,
> &tmp_val);
> +			iv = json_string(info.one_line_text);
> +			json_object_set_new(json_info.json_write_case,
> IV_JSON_STR, iv);
> +
> +			rte_free(vec.iv.val);
> +			vec.iv.val = NULL;
> +		}
> +
> +		tmp_val.val = val->val + vec.pt.len;
> +		tmp_val.len = val->len - vec.pt.len;
> +
> +		writeback_hex_str("", info.one_line_text, &tmp_val);
> +		tag = json_string(info.one_line_text);
> +		json_object_set_new(json_info.json_write_case,
> TAG_JSON_STR, tag);
> +	} else {
> +		if (vec.status == RTE_CRYPTO_OP_STATUS_SUCCESS) {
> +			if (!info.interim_info.gcm_data.is_gmac) {
> +				tmp_val.val = val->val;
> +				tmp_val.len = vec.pt.len;
> +
> +				writeback_hex_str("", info.one_line_text,
> &tmp_val);
> +
> 	json_object_set_new(json_info.json_write_case, PT_JSON_STR,
> +					json_string(info.one_line_text));
> +			}
> +		} else {
> +			json_object_set_new(json_info.json_write_case,
> "testPassed", json_false());
> +		}
> +	}
> +
> +	return 0;
> +}
> +
> +int
> +parse_test_gcm_json_init(void)
> +{
> +	json_t *direction_obj;
> +	const char *direction_str;
> +
> +	direction_obj = json_object_get(json_info.json_test_group,
> DIR_JSON_STR);
> +	direction_str = json_string_value(direction_obj);
> +
> +	if (strcmp(direction_str, OP_ENC_JSON_STR) == 0) {
> +		json_t *ivGen_obj =
> json_object_get(json_info.json_test_group, IVGEN_JSON_STR);
> +		const char *ivGen_str = json_string_value(ivGen_obj);
> +
> +		info.op = FIPS_TEST_ENC_AUTH_GEN;
> +		info.callbacks = gcm_enc_json_vectors;
> +
> +		if (strcmp(ivGen_str, OP_ENC_INT_JSON_STR) == 0)
> +			info.interim_info.gcm_data.gen_iv = 1;
> +	} else if (strcmp(direction_str, OP_DEC_JSON_STR) == 0) {
> +		info.op = FIPS_TEST_DEC_AUTH_VERIF;
> +		info.callbacks = gcm_dec_json_vectors;
> +	} else {
> +		return -EINVAL;
> +	}
> +	info.interim_callbacks = gcm_interim_json_vectors;
> +	info.parse_writeback = parse_test_gcm_json_writeback;
> +
> +	return 0;
> +}
> +#endif /* RTE_HAS_JANSSON */
> +
> diff --git a/examples/fips_validation/main.c
> b/examples/fips_validation/main.c index 65f736f3cb..a1d8a1d758 100644
> --- a/examples/fips_validation/main.c
> +++ b/examples/fips_validation/main.c
> @@ -1941,11 +1941,12 @@ fips_test_one_test_group(void)
> 
>  	switch (info.algo) {
>  	case FIPS_TEST_ALGO_AES_GCM:
> -		ret = parse_test_gcm_init();
> +		ret = parse_test_gcm_json_init();
>  		break;
>  	default:
>  		return -EINVAL;
>  	}
> +
>  	if (ret < 0)
>  		return ret;
> 
> --
> 2.25.1


^ permalink raw reply	[flat|nested] 122+ messages in thread

* RE: [EXT] [PATCH v4 6/8] examples/fips_validation: add json to hmac
  2022-04-29 16:15       ` [PATCH v4 6/8] examples/fips_validation: add json to hmac Brandon Lo
@ 2022-05-18 15:45         ` Gowrishankar Muthukrishnan
  0 siblings, 0 replies; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-18 15:45 UTC (permalink / raw)
  To: Brandon Lo, roy.fan.zhang, ciara.power; +Cc: dev, Akhil Goyal

Verified the functionality changes and looks good to me.

Acked-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>

Thanks.

> -----Original Message-----
> From: Brandon Lo <blo@iol.unh.edu>
> Sent: Friday, April 29, 2022 9:46 PM
> To: roy.fan.zhang@intel.com; ciara.power@intel.com
> Cc: dev@dpdk.org; Brandon Lo <blo@iol.unh.edu>
> Subject: [EXT] [PATCH v4 6/8] examples/fips_validation: add json to hmac
> 
> External Email
> 
> ----------------------------------------------------------------------
> Adds JSON support for the HMAC algorithm.
> 
> Signed-off-by: Brandon Lo <blo@iol.unh.edu>
> ---
>  examples/fips_validation/fips_validation.c    |  2 +
>  examples/fips_validation/fips_validation.h    |  6 ++
>  .../fips_validation/fips_validation_hmac.c    | 93 +++++++++++++++++++
>  examples/fips_validation/main.c               |  3 +
>  4 files changed, 104 insertions(+)
> 
> diff --git a/examples/fips_validation/fips_validation.c
> b/examples/fips_validation/fips_validation.c
> index d220dcab1f..04dfb85262 100644
> --- a/examples/fips_validation/fips_validation.c
> +++ b/examples/fips_validation/fips_validation.c
> @@ -458,6 +458,8 @@ fips_test_parse_one_json_vector_set(void)
>  	/* Vector sets contain the algorithm type, and nothing else we need.
> */
>  	if (strstr(algo_str, "AES-GCM"))
>  		info.algo = FIPS_TEST_ALGO_AES_GCM;
> +	if (strstr(algo_str, "HMAC"))
> +		info.algo = FIPS_TEST_ALGO_HMAC;
>  	else
>  		return -EINVAL;
> 
> diff --git a/examples/fips_validation/fips_validation.h
> b/examples/fips_validation/fips_validation.h
> index 8d7af99e04..2c65d838b0 100644
> --- a/examples/fips_validation/fips_validation.h
> +++ b/examples/fips_validation/fips_validation.h
> @@ -253,6 +253,12 @@ fips_test_parse_one_json_case(void);
> 
>  int
>  parse_test_gcm_json_init(void);
> +
> +int
> +parse_test_hmac_json_init(void);
> +
> +int
> +parse_test_hmac_json_algorithm(void);
>  #endif /* RTE_HAS_JANSSON */
> 
>  int
> diff --git a/examples/fips_validation/fips_validation_hmac.c
> b/examples/fips_validation/fips_validation_hmac.c
> index 1285c9d283..4cd1b1ac07 100644
> --- a/examples/fips_validation/fips_validation_hmac.c
> +++ b/examples/fips_validation/fips_validation_hmac.c
> @@ -19,6 +19,15 @@
>  #define PT_STR		"Msg = "
>  #define TAG_STR		"Mac = "
> 
> +#define ALGO_JSON_STR	"algorithm"
> +
> +#define KEYLEN_JSON_STR	"keyLen"
> +#define TAGLEN_JSON_STR	"macLen"
> +
> +#define KEY_JSON_STR	"key"
> +#define PT_JSON_STR		"msg"
> +#define TAG_JSON_STR	"mac"
> +
>  struct hash_size_conversion {
>  	const char *str;
>  	enum rte_crypto_auth_algorithm algo;
> @@ -65,6 +74,29 @@ struct fips_test_callback hmac_tests_interim_vectors[]
> = {
>  		{NULL, NULL, NULL} /**< end pointer */  };
> 
> +#ifdef RTE_HAS_JANSSON
> +struct hash_size_conversion json_algorithms[] = {
> +		{"HMAC-SHA-1", RTE_CRYPTO_AUTH_SHA1_HMAC},
> +		{"HMAC-SHA2-224", RTE_CRYPTO_AUTH_SHA224_HMAC},
> +		{"HMAC-SHA2-256", RTE_CRYPTO_AUTH_SHA256_HMAC},
> +		{"HMAC-SHA2-384", RTE_CRYPTO_AUTH_SHA384_HMAC},
> +		{"HMAC-SHA2-512", RTE_CRYPTO_AUTH_SHA512_HMAC}, };
> +
> +struct fips_test_callback hmac_tests_json_vectors[] = {
> +		{KEY_JSON_STR, parse_uint8_hex_str,
> &vec.cipher_auth.key},
> +		{PT_JSON_STR, parse_uint8_hex_str, &vec.pt},
> +		{TAG_JSON_STR, parse_uint8_hex_str,
> &vec.cipher_auth.digest},
> +		{NULL, NULL, NULL} /**< end pointer */ };
> +
> +struct fips_test_callback hmac_tests_interim_json_vectors[] = {
> +		{KEYLEN_JSON_STR, parser_read_uint32_val,
> &vec.cipher_auth.key},
> +		{TAGLEN_JSON_STR, parser_read_uint32_bit_val,
> &vec.cipher_auth.digest},
> +		{NULL, NULL, NULL} /**< end pointer */ }; #endif /*
> RTE_HAS_JANSSON
> +*/
> +
>  static int
>  parse_test_hmac_writeback(struct fips_val *val)  { @@ -103,3 +135,64 @@
> parse_test_hmac_init(void)
> 
>  	return 0;
>  }
> +
> +#ifdef RTE_HAS_JANSSON
> +static int
> +parse_test_hmac_json_writeback(struct fips_val *val) {
> +	struct fips_val val_local;
> +	json_t *tcId, *mac;
> +
> +	tcId = json_object_get(json_info.json_test_case, "tcId");
> +
> +	json_info.json_write_case = json_object();
> +	json_object_set(json_info.json_write_case, "tcId", tcId);
> +
> +
> +	val_local.val = val->val + vec.pt.len;
> +	val_local.len = vec.cipher_auth.digest.len;
> +
> +	writeback_hex_str("", info.one_line_text, &val_local);
> +
> +	mac = json_string(info.one_line_text);
> +	json_object_set_new(json_info.json_write_case, TAG_JSON_STR,
> mac);
> +
> +	return 0;
> +}
> +
> +int
> +parse_test_hmac_json_algorithm(void)
> +{
> +	json_t *algorithm_object;
> +	const char *algorithm_str;
> +	uint32_t i;
> +
> +	algorithm_object = json_object_get(json_info.json_vector_set,
> "algorithm");
> +	algorithm_str = json_string_value(algorithm_object);
> +
> +	for (i = 0; i < RTE_DIM(json_algorithms); i++) {
> +		if (strstr(algorithm_str, json_algorithms[i].str)) {
> +			info.interim_info.hmac_data.algo =
> json_algorithms[i].algo;
> +			return 0;
> +		}
> +	}
> +
> +	return -1;
> +}
> +
> +int
> +parse_test_hmac_json_init(void)
> +{
> +	info.op = FIPS_TEST_ENC_AUTH_GEN;
> +	info.parse_writeback = parse_test_hmac_json_writeback;
> +	info.callbacks = hmac_tests_json_vectors;
> +	info.writeback_callbacks = NULL;
> +	info.kat_check = rsp_test_hmac_check;
> +	info.interim_callbacks = hmac_tests_interim_json_vectors;
> +
> +	if (parse_test_hmac_json_algorithm() < 0)
> +		return -1;
> +
> +	return 0;
> +}
> +#endif /* RTE_HAS_JANSSON */
> diff --git a/examples/fips_validation/main.c
> b/examples/fips_validation/main.c index a1d8a1d758..de6dedaf75 100644
> --- a/examples/fips_validation/main.c
> +++ b/examples/fips_validation/main.c
> @@ -1943,6 +1943,9 @@ fips_test_one_test_group(void)
>  	case FIPS_TEST_ALGO_AES_GCM:
>  		ret = parse_test_gcm_json_init();
>  		break;
> +	case FIPS_TEST_ALGO_HMAC:
> +		ret = parse_test_hmac_json_init();
> +		break;
>  	default:
>  		return -EINVAL;
>  	}
> --
> 2.25.1


^ permalink raw reply	[flat|nested] 122+ messages in thread

* RE: [EXT] [PATCH v4 7/8] examples/fips_validation: implement json cmac test
  2022-04-29 16:15       ` [PATCH v4 7/8] examples/fips_validation: implement json cmac test Brandon Lo
@ 2022-05-18 15:46         ` Gowrishankar Muthukrishnan
  0 siblings, 0 replies; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-18 15:46 UTC (permalink / raw)
  To: Brandon Lo, roy.fan.zhang, ciara.power; +Cc: dev, Akhil Goyal

Verified the functionality changes and looks good to me.

Acked-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>

Thanks.

> -----Original Message-----
> From: Brandon Lo <blo@iol.unh.edu>
> Sent: Friday, April 29, 2022 9:46 PM
> To: roy.fan.zhang@intel.com; ciara.power@intel.com
> Cc: dev@dpdk.org; Brandon Lo <blo@iol.unh.edu>
> Subject: [EXT] [PATCH v4 7/8] examples/fips_validation: implement json
> cmac test
> 
> External Email
> 
> ----------------------------------------------------------------------
> Implemented JSON support for the CMAC test.
> 
> Signed-off-by: Brandon Lo <blo@iol.unh.edu>
> ---
>  examples/fips_validation/fips_validation.h    |  6 ++
>  .../fips_validation/fips_validation_cmac.c    | 68 +++++++++++++++++++
>  2 files changed, 74 insertions(+)
> 
> diff --git a/examples/fips_validation/fips_validation.h
> b/examples/fips_validation/fips_validation.h
> index 2c65d838b0..7f68d454f7 100644
> --- a/examples/fips_validation/fips_validation.h
> +++ b/examples/fips_validation/fips_validation.h
> @@ -259,6 +259,12 @@ parse_test_hmac_json_init(void);
> 
>  int
>  parse_test_hmac_json_algorithm(void);
> +
> +int
> +parse_test_cmac_json_init(void);
> +
> +int
> +parser_read_cmac_direction_str(const char *key, char *src, struct
> +fips_val *val);
>  #endif /* RTE_HAS_JANSSON */
> 
>  int
> diff --git a/examples/fips_validation/fips_validation_cmac.c
> b/examples/fips_validation/fips_validation_cmac.c
> index 54c951ef83..4b5fd2aca7 100644
> --- a/examples/fips_validation/fips_validation_cmac.c
> +++ b/examples/fips_validation/fips_validation_cmac.c
> @@ -32,6 +32,18 @@
>  #define PASS_STR	"P"
>  #define FAIL_STR	"F"
> 
> +#define KLEN_JSON_STR		"keyLen"
> +#define PTLEN_JSON_STR		"msgLen"
> +#define TAGLEN_JSON_STR		"macLen"
> +#define KEY_JSON_STR		"key"
> +#define PT_JSON_STR			"message"
> +#define TAG_JSON_STR		"mac"
> +#define DIRECTION_JSON_STR	"direction"
> +#define POS_NEG_JSON_STR	"testPassed"
> +
> +#define GEN_JSON_STR	"gen"
> +#define VERIF_JSON_STR	"ver"
> +
>  struct hash_algo_conversion {
>  	const char *str;
>  	enum fips_test_algorithms algo;
> @@ -39,6 +51,62 @@ struct hash_algo_conversion {
>  		{"AES", FIPS_TEST_ALGO_AES_CMAC},
>  };
> 
> +#ifdef RTE_HAS_JANSSON
> +struct fips_test_callback cmac_tests_interim_json_vectors[] = {
> +		{KLEN_JSON_STR, parser_read_uint32_bit_val,
> &vec.cipher_auth.key},
> +		{PTLEN_JSON_STR, parser_read_uint32_bit_val, &vec.pt},
> +		{TAGLEN_JSON_STR, parser_read_uint32_bit_val,
> &vec.cipher_auth.digest},
> +		{DIRECTION_JSON_STR, parser_read_cmac_direction_str,
> NULL},
> +		{NULL, NULL, NULL} /**< end pointer */ };
> +
> +struct fips_test_callback cmac_tests_json_vectors[] = {
> +		{KEY_JSON_STR, parse_uint8_hex_str,
> &vec.cipher_auth.key},
> +		{PT_JSON_STR, parse_uint8_known_len_hex_str, &vec.pt},
> +		{TAG_JSON_STR, parse_uint8_known_len_hex_str,
> +				&vec.cipher_auth.digest},
> +		{NULL, NULL, NULL} /**< end pointer */ };
> +
> +static int
> +parse_test_cmac_json_writeback(struct fips_val *val) {
> +	json_info.json_write_case = json_object();
> +	json_object_set(json_info.json_write_case, "tcId",
> +		json_object_get(json_info.json_test_case, "tcId"));
> +
> +	if (info.op == FIPS_TEST_ENC_AUTH_GEN) {
> +		struct fips_val tmp_val = {val->val + vec.pt.len,
> +				vec.cipher_auth.digest.len};
> +
> +		writeback_hex_str("", info.one_line_text, &tmp_val);
> +		json_object_set_new(json_info.json_write_case,
> TAG_JSON_STR,
> +			json_string(info.one_line_text));
> +	} else {
> +		if (vec.status == RTE_CRYPTO_OP_STATUS_SUCCESS)
> +			json_object_set_new(json_info.json_write_case,
> POS_NEG_JSON_STR,
> +				json_boolean(true));
> +		else if (vec.status ==
> RTE_CRYPTO_OP_STATUS_AUTH_FAILED)
> +			json_object_set_new(json_info.json_write_case,
> POS_NEG_JSON_STR,
> +				json_boolean(false));
> +	}
> +
> +	return 0;
> +}
> +
> +int
> +parse_test_cmac_json_init(void)
> +{
> +	info.algo = FIPS_TEST_ALGO_AES_CMAC;
> +
> +	info.parse_writeback = parse_test_cmac_json_writeback;
> +	info.callbacks = cmac_tests_json_vectors;
> +	info.interim_callbacks = cmac_tests_interim_json_vectors;
> +
> +	return 0;
> +}
> +#endif /* RTE_HAS_JANSSON */
> +
>  static int
>  parse_test_cmac_writeback(struct fips_val *val)  {
> --
> 2.25.1


^ permalink raw reply	[flat|nested] 122+ messages in thread

* RE: [EXT] [PATCH v4 8/8] examples/fips_validation: add parsing for cmac
  2022-04-29 16:15       ` [PATCH v4 8/8] examples/fips_validation: add parsing for cmac Brandon Lo
@ 2022-05-18 15:46         ` Gowrishankar Muthukrishnan
  2022-05-19  5:31         ` Gowrishankar Muthukrishnan
  1 sibling, 0 replies; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-18 15:46 UTC (permalink / raw)
  To: Brandon Lo, roy.fan.zhang, ciara.power; +Cc: dev, Akhil Goyal

Verified the functionality changes and looks good to me.

Acked-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>

Thanks.

> -----Original Message-----
> From: Brandon Lo <blo@iol.unh.edu>
> Sent: Friday, April 29, 2022 9:46 PM
> To: roy.fan.zhang@intel.com; ciara.power@intel.com
> Cc: dev@dpdk.org; Brandon Lo <blo@iol.unh.edu>
> Subject: [EXT] [PATCH v4 8/8] examples/fips_validation: add parsing for cmac
> 
> External Email
> 
> ----------------------------------------------------------------------
> Added function to parse algorithm for CMAC test.
> 
> Signed-off-by: Brandon Lo <blo@iol.unh.edu>
> ---
>  examples/fips_validation/fips_validation.c | 31 +++++++++++++++++++---
>  examples/fips_validation/main.c            |  3 +++
>  2 files changed, 31 insertions(+), 3 deletions(-)
> 
> diff --git a/examples/fips_validation/fips_validation.c
> b/examples/fips_validation/fips_validation.c
> index 04dfb85262..8e0a55c624 100644
> --- a/examples/fips_validation/fips_validation.c
> +++ b/examples/fips_validation/fips_validation.c
> @@ -460,6 +460,8 @@ fips_test_parse_one_json_vector_set(void)
>  		info.algo = FIPS_TEST_ALGO_AES_GCM;
>  	if (strstr(algo_str, "HMAC"))
>  		info.algo = FIPS_TEST_ALGO_HMAC;
> +	if (strstr(algo_str, "CMAC"))
> +		info.algo = FIPS_TEST_ALGO_AES_CMAC;
>  	else
>  		return -EINVAL;
> 
> @@ -470,7 +472,6 @@ int
>  fips_test_parse_one_json_group(void)
>  {
>  	int ret, i;
> -	json_int_t val;
>  	json_t *param;
> 
>  	if (info.interim_callbacks) {
> @@ -478,8 +479,20 @@ fips_test_parse_one_json_group(void)
>  		for (i = 0; info.interim_callbacks[i].key != NULL; i++) {
>  			param =
> json_object_get(json_info.json_test_group,
>  					info.interim_callbacks[i].key);
> -			val = json_integer_value(param);
> -			snprintf(json_value, 255,
> "%"JSON_INTEGER_FORMAT, val);
> +			switch (json_typeof(param)) {
> +			case JSON_STRING:
> +				snprintf(json_value, 256, "%s",
> json_string_value(param));
> +				break;
> +
> +			case JSON_INTEGER:
> +				snprintf(json_value, 255,
> "%"JSON_INTEGER_FORMAT,
> +						json_integer_value(param));
> +				break;
> +
> +			default:
> +				return -EINVAL;
> +			}
> +
>  			/* First argument is blank because the key
>  			 * is not included in the string being parsed.
>  			 */
> @@ -673,6 +686,18 @@ parser_read_uint32_bit_val(const char *key, char
> *src, struct fips_val *val)
>  	return 0;
>  }
> 
> +int
> +parser_read_cmac_direction_str(__rte_unused const char *key, char *src,
> +		__rte_unused struct fips_val *val)
> +{
> +	if (strcmp(src, "gen") == 0)
> +		info.op = FIPS_TEST_ENC_AUTH_GEN;
> +	else if (strcmp(src, "ver") == 0)
> +		info.op = FIPS_TEST_DEC_AUTH_VERIF;
> +
> +	return 0;
> +}
> +
>  int
>  writeback_hex_str(const char *key, char *dst, struct fips_val *val)  { diff --git
> a/examples/fips_validation/main.c b/examples/fips_validation/main.c index
> de6dedaf75..aa8034c29f 100644
> --- a/examples/fips_validation/main.c
> +++ b/examples/fips_validation/main.c
> @@ -1946,6 +1946,9 @@ fips_test_one_test_group(void)
>  	case FIPS_TEST_ALGO_HMAC:
>  		ret = parse_test_hmac_json_init();
>  		break;
> +	case FIPS_TEST_ALGO_AES_CMAC:
> +		ret = parse_test_cmac_json_init();
> +		break;
>  	default:
>  		return -EINVAL;
>  	}
> --
> 2.25.1


^ permalink raw reply	[flat|nested] 122+ messages in thread

* RE: [EXT] [PATCH v4 4/8] examples/fips_validation: allow json file as input
  2022-04-29 16:15       ` [PATCH v4 4/8] examples/fips_validation: allow json file as input Brandon Lo
  2022-05-18 15:45         ` [EXT] " Gowrishankar Muthukrishnan
@ 2022-05-19  5:30         ` Gowrishankar Muthukrishnan
  2022-05-19  9:12           ` Gowrishankar Muthukrishnan
  1 sibling, 1 reply; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-19  5:30 UTC (permalink / raw)
  To: Brandon Lo, roy.fan.zhang, ciara.power; +Cc: dev

Please find comments inline from CI point of view.

> -----Original Message-----
....
....
>  main(int argc, char *argv[])
>  {
>  	int ret;
> +	char use_json;
> 
>  	ret = rte_eal_init(argc, argv);
>  	if (ret < 0) {
> @@ -424,9 +436,17 @@ main(int argc, char *argv[])
>  					ret, env.req_path);
>  			goto exit;
>  		}
> -
> -
> +		use_json = info.file_type == FIPS_TYPE_JSON;

use_json is not required apart from setting info.file_type. Some CI build fails
for unused use_json (when !RTE_HAS_JANSSON). Can this be removed ?.

Thanks,
Gowrishankar


^ permalink raw reply	[flat|nested] 122+ messages in thread

* RE: [EXT] [PATCH v4 8/8] examples/fips_validation: add parsing for cmac
  2022-04-29 16:15       ` [PATCH v4 8/8] examples/fips_validation: add parsing for cmac Brandon Lo
  2022-05-18 15:46         ` [EXT] " Gowrishankar Muthukrishnan
@ 2022-05-19  5:31         ` Gowrishankar Muthukrishnan
  2022-05-19  9:11           ` Gowrishankar Muthukrishnan
  1 sibling, 1 reply; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-19  5:31 UTC (permalink / raw)
  To: Brandon Lo, roy.fan.zhang, ciara.power; +Cc: dev

Please find comments inline from CI point of view.

> -----Original Message-----
> From: Brandon Lo <blo@iol.unh.edu>
> Sent: Friday, April 29, 2022 9:46 PM
> To: roy.fan.zhang@intel.com; ciara.power@intel.com
> Cc: dev@dpdk.org; Brandon Lo <blo@iol.unh.edu>
> Subject: [EXT] [PATCH v4 8/8] examples/fips_validation: add parsing for cmac
> 
> External Email
> 
> ----------------------------------------------------------------------
> Added function to parse algorithm for CMAC test.
> 
> Signed-off-by: Brandon Lo <blo@iol.unh.edu>
> ---
>  examples/fips_validation/fips_validation.c | 31 +++++++++++++++++++---
>  examples/fips_validation/main.c            |  3 +++
>  2 files changed, 31 insertions(+), 3 deletions(-)
> 
> diff --git a/examples/fips_validation/fips_validation.c
> b/examples/fips_validation/fips_validation.c
> index 04dfb85262..8e0a55c624 100644
> --- a/examples/fips_validation/fips_validation.c
> +++ b/examples/fips_validation/fips_validation.c
> @@ -460,6 +460,8 @@ fips_test_parse_one_json_vector_set(void)
>  		info.algo = FIPS_TEST_ALGO_AES_GCM;
......
......
> 
> +int
> +parser_read_cmac_direction_str(__rte_unused const char *key, char *src,
> +		__rte_unused struct fips_val *val)

Can this function be static in fips_validation_cmac.c which is more appropriate also ?.

Thanks,
Gowrishankar


^ permalink raw reply	[flat|nested] 122+ messages in thread

* RE: [EXT] [PATCH v4 8/8] examples/fips_validation: add parsing for cmac
  2022-05-19  5:31         ` Gowrishankar Muthukrishnan
@ 2022-05-19  9:11           ` Gowrishankar Muthukrishnan
  0 siblings, 0 replies; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-19  9:11 UTC (permalink / raw)
  To: Brandon Lo, roy.fan.zhang, ciara.power, lylavoie; +Cc: dev

+ lylavoie@iol.unh.edu 

> -----Original Message-----
> From: Gowrishankar Muthukrishnan
> Sent: Thursday, May 19, 2022 11:01 AM
> To: Brandon Lo <blo@iol.unh.edu>; roy.fan.zhang@intel.com;
> ciara.power@intel.com
> Cc: dev@dpdk.org
> Subject: RE: [EXT] [PATCH v4 8/8] examples/fips_validation: add parsing for
> cmac
> 
> Please find comments inline from CI point of view.
> 
> > -----Original Message-----
> > From: Brandon Lo <blo@iol.unh.edu>
> > Sent: Friday, April 29, 2022 9:46 PM
> > To: roy.fan.zhang@intel.com; ciara.power@intel.com
> > Cc: dev@dpdk.org; Brandon Lo <blo@iol.unh.edu>
> > Subject: [EXT] [PATCH v4 8/8] examples/fips_validation: add parsing for
> cmac
> >
> > External Email
> >
> > ----------------------------------------------------------------------
> > Added function to parse algorithm for CMAC test.
> >
> > Signed-off-by: Brandon Lo <blo@iol.unh.edu>
> > ---
> >  examples/fips_validation/fips_validation.c | 31 +++++++++++++++++++---
> >  examples/fips_validation/main.c            |  3 +++
> >  2 files changed, 31 insertions(+), 3 deletions(-)
> >
> > diff --git a/examples/fips_validation/fips_validation.c
> > b/examples/fips_validation/fips_validation.c
> > index 04dfb85262..8e0a55c624 100644
> > --- a/examples/fips_validation/fips_validation.c
> > +++ b/examples/fips_validation/fips_validation.c
> > @@ -460,6 +460,8 @@ fips_test_parse_one_json_vector_set(void)
> >  		info.algo = FIPS_TEST_ALGO_AES_GCM;
> ......
> ......
> >
> > +int
> > +parser_read_cmac_direction_str(__rte_unused const char *key, char
> *src,
> > +		__rte_unused struct fips_val *val)
> 
> Can this function be static in fips_validation_cmac.c which is more
> appropriate also ?.
> 
> Thanks,
> Gowrishankar


^ permalink raw reply	[flat|nested] 122+ messages in thread

* RE: [EXT] [PATCH v4 4/8] examples/fips_validation: allow json file as input
  2022-05-19  5:30         ` Gowrishankar Muthukrishnan
@ 2022-05-19  9:12           ` Gowrishankar Muthukrishnan
  0 siblings, 0 replies; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-19  9:12 UTC (permalink / raw)
  To: Brandon Lo, roy.fan.zhang, ciara.power, lylavoie; +Cc: dev

+lylavoie@iol.unh.edu

> -----Original Message-----
> From: Gowrishankar Muthukrishnan
> Sent: Thursday, May 19, 2022 11:00 AM
> To: Brandon Lo <blo@iol.unh.edu>; roy.fan.zhang@intel.com;
> ciara.power@intel.com
> Cc: dev@dpdk.org
> Subject: RE: [EXT] [PATCH v4 4/8] examples/fips_validation: allow json file as
> input
> 
> Please find comments inline from CI point of view.
> 
> > -----Original Message-----
> ....
> ....
> >  main(int argc, char *argv[])
> >  {
> >  	int ret;
> > +	char use_json;
> >
> >  	ret = rte_eal_init(argc, argv);
> >  	if (ret < 0) {
> > @@ -424,9 +436,17 @@ main(int argc, char *argv[])
> >  					ret, env.req_path);
> >  			goto exit;
> >  		}
> > -
> > -
> > +		use_json = info.file_type == FIPS_TYPE_JSON;
> 
> use_json is not required apart from setting info.file_type. Some CI build fails
> for unused use_json (when !RTE_HAS_JANSSON). Can this be removed ?.
> 
> Thanks,
> Gowrishankar


^ permalink raw reply	[flat|nested] 122+ messages in thread

* [v5, 00/11] Add JSON vector set support to fips validation
  2022-04-29 16:15     ` [PATCH v4 0/8] " Brandon Lo
                         ` (8 preceding siblings ...)
  2022-04-29 16:19       ` [PATCH v4 0/8] Add JSON vector set support to fips validation Brandon Lo
@ 2022-05-25 15:45       ` Gowrishankar Muthukrishnan
  2022-05-25 15:45         ` [v5, 01/11] examples/fips_validation: add jansson dependency Gowrishankar Muthukrishnan
                           ` (11 more replies)
  9 siblings, 12 replies; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-25 15:45 UTC (permalink / raw)
  To: dev
  Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
	Archana Muniganti, Jerin Jacob, Gowrishankar Muthukrishnan

Adds a very basic introduction to JSON vector sets in
the fips validation example application. This patch set
will only introduce the AES-GCM test using a JSON request
file because the other algorithms need more information
than what is given in the new JSON format.

v5:
* AES_CBC support appended in series.

Brandon Lo (8):
  examples/fips_validation: add jansson dependency
  examples/fips_validation: add json info to header
  examples/fips_validation: add json parsing
  examples/fips_validation: allow json file as input
  examples/fips_validation: add json to gcm test
  examples/fips_validation: add json to hmac
  examples/fips_validation: implement json cmac test
  examples/fips_validation: add parsing for cmac

Gowrishankar Muthukrishnan (3):
  examples/fips_validation: cleanup bypass tests in response file
  examples/fips_validation: reset IV generation in every test group
  examples/fips_validation: add parsing for aes_cbc

 examples/fips_validation/fips_validation.c    | 117 ++++++-
 examples/fips_validation/fips_validation.h    |  64 +++-
 .../fips_validation/fips_validation_aes.c     | 223 ++++++++++++
 .../fips_validation/fips_validation_cmac.c    |  80 +++++
 .../fips_validation/fips_validation_gcm.c     | 152 ++++++++-
 .../fips_validation/fips_validation_hmac.c    |  93 +++++
 examples/fips_validation/main.c               | 323 +++++++++++++++---
 examples/fips_validation/meson.build          |   4 +
 8 files changed, 995 insertions(+), 61 deletions(-)

--
2.25.1


^ permalink raw reply	[flat|nested] 122+ messages in thread

* [v5, 01/11] examples/fips_validation: add jansson dependency
  2022-05-25 15:45       ` [v5, 00/11] " Gowrishankar Muthukrishnan
@ 2022-05-25 15:45         ` Gowrishankar Muthukrishnan
  2022-05-25 15:45         ` [v5, 02/11] examples/fips_validation: add json info to header Gowrishankar Muthukrishnan
                           ` (10 subsequent siblings)
  11 siblings, 0 replies; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-25 15:45 UTC (permalink / raw)
  To: dev
  Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
	Archana Muniganti, Jerin Jacob, Brandon Lo

From: Brandon Lo <blo@iol.unh.edu>

Added a check for RTE_HAS_JANSSON into the meson
configuration file for JSON support.

Signed-off-by: Brandon Lo <blo@iol.unh.edu>
---
 examples/fips_validation/meson.build | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/examples/fips_validation/meson.build b/examples/fips_validation/meson.build
index 7eef456318..8cd63066b5 100644
--- a/examples/fips_validation/meson.build
+++ b/examples/fips_validation/meson.build
@@ -21,3 +21,7 @@ sources = files(
         'fips_dev_self_test.c',
         'main.c',
 )
+
+if dpdk_conf.has('RTE_HAS_JANSSON')
+    ext_deps += jansson_dep
+endif
-- 
2.25.1


^ permalink raw reply	[flat|nested] 122+ messages in thread

* [v5, 02/11] examples/fips_validation: add json info to header
  2022-05-25 15:45       ` [v5, 00/11] " Gowrishankar Muthukrishnan
  2022-05-25 15:45         ` [v5, 01/11] examples/fips_validation: add jansson dependency Gowrishankar Muthukrishnan
@ 2022-05-25 15:45         ` Gowrishankar Muthukrishnan
  2022-05-25 15:45         ` [v5, 03/11] examples/fips_validation: add json parsing Gowrishankar Muthukrishnan
                           ` (9 subsequent siblings)
  11 siblings, 0 replies; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-25 15:45 UTC (permalink / raw)
  To: dev
  Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
	Archana Muniganti, Jerin Jacob, Brandon Lo,
	Gowrishankar Muthukrishnan

From: Brandon Lo <blo@iol.unh.edu>

Added json-specific functions and other information needed to
test the new FIPS test vectors.

Signed-off-by: Brandon Lo <blo@iol.unh.edu>
Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
---
v5:
* fix typo in macro name for prefixes.

v2:
* fix type of prefix to suffix
---
 examples/fips_validation/fips_validation.c |  6 +--
 examples/fips_validation/fips_validation.h | 48 ++++++++++++++++++++--
 2 files changed, 47 insertions(+), 7 deletions(-)

diff --git a/examples/fips_validation/fips_validation.c b/examples/fips_validation/fips_validation.c
index 94253eaee8..38c99b291c 100644
--- a/examples/fips_validation/fips_validation.c
+++ b/examples/fips_validation/fips_validation.c
@@ -270,11 +270,11 @@ parse_file_type(const char *path)
 {
 	const char *tmp = path + strlen(path) - 3;
 
-	if (strstr(tmp, REQ_FILE_PERFIX))
+	if (strstr(tmp, REQ_FILE_PREFIX))
 		info.file_type = FIPS_TYPE_REQ;
-	else if (strstr(tmp, RSP_FILE_PERFIX))
+	else if (strstr(tmp, RSP_FILE_PREFIX))
 		info.file_type = FIPS_TYPE_RSP;
-	else if (strstr(path, FAX_FILE_PERFIX))
+	else if (strstr(path, FAX_FILE_PREFIX))
 		info.file_type = FIPS_TYPE_FAX;
 	else
 		return -EINVAL;
diff --git a/examples/fips_validation/fips_validation.h b/examples/fips_validation/fips_validation.h
index aaadf01ba8..a1c83a9a6a 100644
--- a/examples/fips_validation/fips_validation.h
+++ b/examples/fips_validation/fips_validation.h
@@ -5,6 +5,10 @@
 #ifndef _FIPS_VALIDATION_H_
 #define _FIPS_VALIDATION_H_
 
+#ifdef RTE_HAS_JANSSON
+#include <jansson.h>
+#endif /* RTE_HAS_JANSSON */
+
 #define FIPS_PARSE_ERR(fmt, args)					\
 	RTE_LOG(ERR, USER1, "FIPS parse error" ## fmt ## "\n", ## args)
 
@@ -21,9 +25,12 @@
 #define POSITIVE_TEST		0
 #define NEGATIVE_TEST		-1
 
-#define REQ_FILE_PERFIX		"req"
-#define RSP_FILE_PERFIX		"rsp"
-#define FAX_FILE_PERFIX		"fax"
+#define REQ_FILE_PREFIX		"req"
+#define RSP_FILE_PREFIX		"rsp"
+#define FAX_FILE_PREFIX		"fax"
+#define JSON_FILE_PREFIX	"json"
+
+#define ACVVERSION			"1.0"
 
 enum fips_test_algorithms {
 		FIPS_TEST_ALGO_AES = 0,
@@ -40,7 +47,8 @@ enum fips_test_algorithms {
 enum file_types {
 	FIPS_TYPE_REQ = 1,
 	FIPS_TYPE_FAX,
-	FIPS_TYPE_RSP
+	FIPS_TYPE_RSP,
+	FIPS_TYPE_JSON,
 };
 
 enum fips_test_op {
@@ -161,6 +169,23 @@ struct gcm_interim_data {
 	uint8_t gen_iv;
 };
 
+#ifdef RTE_HAS_JANSSON
+struct fips_test_json_info {
+	/* Information used for reading from json */
+	json_t *json_root;
+	json_t *json_vector_set;
+	json_t *json_test_group;
+	json_t *json_test_case;
+	/* Location of json write output */
+	json_t *json_write_root;
+	json_t *json_write_group;
+	json_t *json_write_set;
+	json_t *json_write_case;
+	/* Other info */
+	uint8_t is_sample;
+};
+#endif /* RTE_HAS_JANSSON */
+
 struct fips_test_interim_info {
 	FILE *fp_rd;
 	FILE *fp_wr;
@@ -196,6 +221,10 @@ struct fips_test_interim_info {
 extern struct fips_test_vector vec;
 extern struct fips_test_interim_info info;
 
+#ifdef RTE_HAS_JANSSON
+extern struct fips_test_json_info json_info;
+#endif /* RTE_HAS_JANSSON */
+
 int
 fips_test_init(const char *req_file_path, const char *rsp_file_path,
 		const char *device_name);
@@ -212,6 +241,17 @@ fips_test_parse_one_case(void);
 void
 fips_test_write_one_case(void);
 
+#ifdef RTE_HAS_JANSSON
+int
+fips_test_parse_one_json_vector_set(void);
+
+int
+fips_test_parse_one_json_group(void);
+
+int
+fips_test_parse_one_json_case(void);
+#endif /* RTE_HAS_JANSSON */
+
 int
 parse_test_aes_init(void);
 
-- 
2.25.1


^ permalink raw reply	[flat|nested] 122+ messages in thread

* [v5, 03/11] examples/fips_validation: add json parsing
  2022-05-25 15:45       ` [v5, 00/11] " Gowrishankar Muthukrishnan
  2022-05-25 15:45         ` [v5, 01/11] examples/fips_validation: add jansson dependency Gowrishankar Muthukrishnan
  2022-05-25 15:45         ` [v5, 02/11] examples/fips_validation: add json info to header Gowrishankar Muthukrishnan
@ 2022-05-25 15:45         ` Gowrishankar Muthukrishnan
  2022-05-25 15:45         ` [v5, 04/11] examples/fips_validation: allow json file as input Gowrishankar Muthukrishnan
                           ` (8 subsequent siblings)
  11 siblings, 0 replies; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-25 15:45 UTC (permalink / raw)
  To: dev
  Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
	Archana Muniganti, Jerin Jacob, Brandon Lo

From: Brandon Lo <blo@iol.unh.edu>

Added functions to parse the required information from a vector set
given in the new json format.

Signed-off-by: Brandon Lo <blo@iol.unh.edu>
---
v3:
* fix checkpatch warnings

v2:
* fix for loop initialization
---
 examples/fips_validation/fips_validation.c | 92 ++++++++++++++++++++++
 1 file changed, 92 insertions(+)

diff --git a/examples/fips_validation/fips_validation.c b/examples/fips_validation/fips_validation.c
index 38c99b291c..6594a15579 100644
--- a/examples/fips_validation/fips_validation.c
+++ b/examples/fips_validation/fips_validation.c
@@ -276,6 +276,8 @@ parse_file_type(const char *path)
 		info.file_type = FIPS_TYPE_RSP;
 	else if (strstr(path, FAX_FILE_PREFIX))
 		info.file_type = FIPS_TYPE_FAX;
+	else if (strstr(path, JSON_FILE_PREFIX))
+		info.file_type = FIPS_TYPE_JSON;
 	else
 		return -EINVAL;
 
@@ -311,6 +313,21 @@ fips_test_init(const char *req_file_path, const char *rsp_file_path,
 		return -EINVAL;
 	}
 
+	if (info.file_type == FIPS_TYPE_JSON) {
+#ifdef RTE_HAS_JANSSON
+		json_error_t error;
+		json_info.json_root = json_loadf(info.fp_rd, 0, &error);
+		if (!json_info.json_root) {
+			RTE_LOG(ERR, USER1, "Cannot parse json file %s (line %d, column %d)\n",
+				req_file_path, error.line, error.column);
+			return -EINVAL;
+		}
+#else /* RTE_HAS_JANSSON */
+		RTE_LOG(ERR, USER1, "No json library configured.\n");
+		return -EINVAL;
+#endif /* RTE_HAS_JANSSON */
+	}
+
 	info.fp_wr = fopen(rsp_file_path, "w");
 	if (!info.fp_wr) {
 		RTE_LOG(ERR, USER1, "Cannot open file %s\n", rsp_file_path);
@@ -329,6 +346,9 @@ fips_test_init(const char *req_file_path, const char *rsp_file_path,
 		return -EINVAL;
 	}
 
+	if (info.file_type == FIPS_TYPE_JSON)
+		return 0;
+
 	if (fips_test_parse_header() < 0) {
 		RTE_LOG(ERR, USER1, "Failed parsing header\n");
 		return -1;
@@ -428,6 +448,78 @@ fips_test_write_one_case(void)
 		fprintf(info.fp_wr, "%s\n", info.vec[i]);
 }
 
+#ifdef RTE_HAS_JANSSON
+int
+fips_test_parse_one_json_vector_set(void)
+{
+	json_t *algo_obj = json_object_get(json_info.json_vector_set, "algorithm");
+	const char *algo_str = json_string_value(algo_obj);
+
+	/* Vector sets contain the algorithm type, and nothing else we need. */
+	if (strstr(algo_str, "AES-GCM"))
+		info.algo = FIPS_TEST_ALGO_AES_GCM;
+	else
+		return -EINVAL;
+
+	return 0;
+}
+
+int
+fips_test_parse_one_json_group(void)
+{
+	int ret, i;
+	json_int_t val;
+	json_t *param;
+
+	if (info.interim_callbacks) {
+		char json_value[256];
+		for (i = 0; info.interim_callbacks[i].key != NULL; i++) {
+			param = json_object_get(json_info.json_test_group,
+					info.interim_callbacks[i].key);
+			val = json_integer_value(param);
+			snprintf(json_value, 255, "%"JSON_INTEGER_FORMAT, val);
+			/* First argument is blank because the key
+			 * is not included in the string being parsed.
+			 */
+			ret = info.interim_callbacks[i].cb(
+				"", json_value,
+				info.interim_callbacks[i].val
+			);
+			if (ret < 0)
+				return ret;
+		}
+	}
+
+	return 0;
+}
+
+int
+fips_test_parse_one_json_case(void)
+{
+	uint32_t i;
+	int ret = 0;
+	json_t *param;
+
+	for (i = 0; info.callbacks[i].key != NULL; i++) {
+		param = json_object_get(json_info.json_test_case, info.callbacks[i].key);
+		if (param) {
+			strcpy(info.one_line_text, json_string_value(param));
+			/* First argument is blank because the key
+			 * is not included in the string being parsed.
+			 */
+			ret = info.callbacks[i].cb(
+				"", info.one_line_text,
+				info.callbacks[i].val
+			);
+			if (ret < 0)
+				return ret;
+		}
+	}
+
+	return 0;
+}
+#endif /* RTE_HAS_JANSSON */
+
 static int
 parser_read_uint64_hex(uint64_t *value, const char *p)
 {
-- 
2.25.1


^ permalink raw reply	[flat|nested] 122+ messages in thread

* [v5, 04/11] examples/fips_validation: allow json file as input
  2022-05-25 15:45       ` [v5, 00/11] " Gowrishankar Muthukrishnan
                           ` (2 preceding siblings ...)
  2022-05-25 15:45         ` [v5, 03/11] examples/fips_validation: add json parsing Gowrishankar Muthukrishnan
@ 2022-05-25 15:45         ` Gowrishankar Muthukrishnan
  2022-05-25 15:45         ` [v5, 05/11] examples/fips_validation: add json to gcm test Gowrishankar Muthukrishnan
                           ` (7 subsequent siblings)
  11 siblings, 0 replies; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-25 15:45 UTC (permalink / raw)
  To: dev
  Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
	Archana Muniganti, Jerin Jacob, Brandon Lo,
	Gowrishankar Muthukrishnan

From: Brandon Lo <blo@iol.unh.edu>

Added the ability to use the json format as the input
and output of the example application.

Signed-off-by: Brandon Lo <blo@iol.unh.edu>
Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
--
v5:
* fix to check info.file_type in json file type as well.

v3:
* fix checkpatch warnings

v2:
* remove use_json variable
---
 examples/fips_validation/main.c | 197 +++++++++++++++++++++++++++++++-
 1 file changed, 194 insertions(+), 3 deletions(-)

diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c
index e06ae37567..3d841e5bfd 100644
--- a/examples/fips_validation/main.c
+++ b/examples/fips_validation/main.c
@@ -34,11 +34,17 @@ enum {
 	OPT_CRYPTODEV_BK_ID_NUM,
 #define OPT_CRYPTODEV_BK_DIR_KEY    "broken-test-dir"
 	OPT_CRYPTODEV_BK_DIR_KEY_NUM,
+#define OPT_USE_JSON                "use-json"
+	OPT_USE_JSON_NUM,
 };
 
 struct fips_test_vector vec;
 struct fips_test_interim_info info;
 
+#ifdef RTE_HAS_JANSSON
+struct fips_test_json_info json_info;
+#endif /* RTE_HAS_JANSSON */
+
 struct cryptodev_fips_validate_env {
 	const char *req_path;
 	const char *rsp_path;
@@ -166,6 +172,11 @@ cryptodev_fips_validate_app_uninit(void)
 static int
 fips_test_one_file(void);
 
+#ifdef RTE_HAS_JANSSON
+static int
+fips_test_one_json_file(void);
+#endif /* RTE_HAS_JANSSON */
+
 static int
 parse_cryptodev_arg(char *arg)
 {
@@ -425,8 +436,17 @@ main(int argc, char *argv[])
 			goto exit;
 		}
 
-
+#ifdef RTE_HAS_JANSSON
+		if (info.file_type == FIPS_TYPE_JSON) {
+			ret = fips_test_one_json_file();
+			json_decref(json_info.json_root);
+		}  else {
+			ret = fips_test_one_file();
+		}
+#else /* RTE_HAS_JANSSON */
 		ret = fips_test_one_file();
+#endif /* RTE_HAS_JANSSON */
+
 		if (ret < 0) {
 			RTE_LOG(ERR, USER1, "Error %i: Failed test %s\n",
 					ret, env.req_path);
@@ -481,7 +501,17 @@ main(int argc, char *argv[])
 				break;
 			}
 
+#ifdef RTE_HAS_JANSSON
+			if (info.file_type == FIPS_TYPE_JSON) {
+				ret = fips_test_one_json_file();
+				json_decref(json_info.json_root);
+			} else {
+				ret = fips_test_one_file();
+			}
+#else /* RTE_HAS_JANSSON */
 			ret = fips_test_one_file();
+#endif /* RTE_HAS_JANSSON */
+
 			if (ret < 0) {
 				RTE_LOG(ERR, USER1, "Error %i: Failed test %s\n",
 						ret, req_path);
@@ -1219,7 +1249,8 @@ fips_generic_test(void)
 	struct fips_val val = {NULL, 0};
 	int ret;
 
-	fips_test_write_one_case();
+	if (info.file_type != FIPS_TYPE_JSON)
+		fips_test_write_one_case();
 
 	ret = fips_run_test();
 	if (ret < 0) {
@@ -1238,6 +1269,7 @@ fips_generic_test(void)
 	switch (info.file_type) {
 	case FIPS_TYPE_REQ:
 	case FIPS_TYPE_RSP:
+	case FIPS_TYPE_JSON:
 		if (info.parse_writeback == NULL)
 			return -EPERM;
 		ret = info.parse_writeback(&val);
@@ -1253,7 +1285,8 @@ fips_generic_test(void)
 		break;
 	}
 
-	fprintf(info.fp_wr, "\n");
+	if (info.file_type != FIPS_TYPE_JSON)
+		fprintf(info.fp_wr, "\n");
 	free(val.val);
 
 	return 0;
@@ -1844,3 +1877,161 @@ fips_test_one_file(void)
 
 	return ret;
 }
+
+#ifdef RTE_HAS_JANSSON
+static int
+fips_test_json_init_writeback(void)
+{
+	json_t *session_info, *session_write;
+	session_info = json_array_get(json_info.json_root, 0);
+	session_write = json_object();
+	json_info.json_write_root = json_array();
+
+	json_object_set(session_write, "jwt",
+		json_object_get(session_info, "jwt"));
+	json_object_set(session_write, "url",
+		json_object_get(session_info, "url"));
+	json_object_set(session_write, "isSample",
+		json_object_get(session_info, "isSample"));
+
+	json_info.is_sample = json_boolean_value(
+		json_object_get(session_info, "isSample"));
+
+	json_array_append_new(json_info.json_write_root, session_write);
+	return 0;
+}
+
+static int
+fips_test_one_test_case(void)
+{
+	int ret;
+
+	ret = fips_test_parse_one_json_case();
+
+	switch (ret) {
+	case 0:
+		ret = test_ops.test();
+		if (ret == 0)
+			break;
+		RTE_LOG(ERR, USER1, "Error %i: test block\n",
+				ret);
+		break;
+	case 1:
+		break;
+	default:
+		RTE_LOG(ERR, USER1, "Error %i: Parse block\n",
+				ret);
+	}
+	return 0;
+}
+
+static int
+fips_test_one_test_group(void)
+{
+	int ret;
+	json_t *tests, *write_tests;
+	size_t test_idx, tests_size;
+
+	write_tests = json_array();
+	json_info.json_write_group = json_object();
+	json_object_set(json_info.json_write_group, "tgId",
+		json_object_get(json_info.json_test_group, "tgId"));
+	json_object_set_new(json_info.json_write_group, "tests", write_tests);
+
+	switch (info.algo) {
+	case FIPS_TEST_ALGO_AES_GCM:
+		ret = parse_test_gcm_init();
+		break;
+	default:
+		return -EINVAL;
+	}
+	if (ret < 0)
+		return ret;
+
+	ret = fips_test_parse_one_json_group();
+	if (ret < 0)
+		return ret;
+
+	ret = init_test_ops();
+	if (ret < 0)
+		return ret;
+
+	tests = json_object_get(json_info.json_test_group, "tests");
+	tests_size = json_array_size(tests);
+	for (test_idx = 0; test_idx < tests_size; test_idx++) {
+		json_info.json_test_case = json_array_get(tests, test_idx);
+		fips_test_one_test_case();
+		json_array_append_new(write_tests, json_info.json_write_case);
+	}
+
+	return 0;
+}
+
+static int
+fips_test_one_vector_set(void)
+{
+	int ret;
+	json_t *test_groups, *write_groups, *write_version, *write_set;
+	size_t group_idx, num_groups;
+
+	test_groups = json_object_get(json_info.json_vector_set, "testGroups");
+	num_groups = json_array_size(test_groups);
+
+	json_info.json_write_set = json_array();
+	write_version = json_object();
+	json_object_set_new(write_version, "acvVersion", json_string(ACVVERSION));
+	json_array_append_new(json_info.json_write_set, write_version);
+
+	write_set = json_object();
+	json_array_append_new(json_info.json_write_set, write_set);
+	write_groups = json_array();
+
+	json_object_set(write_set, "vsId",
+		json_object_get(json_info.json_vector_set, "vsId"));
+	json_object_set(write_set, "algorithm",
+		json_object_get(json_info.json_vector_set, "algorithm"));
+	json_object_set(write_set, "revision",
+		json_object_get(json_info.json_vector_set, "revision"));
+	json_object_set_new(write_set, "isSample",
+		json_boolean(json_info.is_sample));
+	json_object_set_new(write_set, "testGroups", write_groups);
+
+	ret = fips_test_parse_one_json_vector_set();
+	if (ret < 0) {
+		RTE_LOG(ERR, USER1, "Error: Unsupported or invalid vector set algorithm: %s\n",
+			json_string_value(json_object_get(json_info.json_vector_set, "algorithm")));
+		return ret;
+	}
+
+	for (group_idx = 0; group_idx < num_groups; group_idx++) {
+		json_info.json_test_group = json_array_get(test_groups, group_idx);
+		ret = fips_test_one_test_group();
+		json_array_append_new(write_groups, json_info.json_write_group);
+	}
+
+	return 0;
+}
+
+static int
+fips_test_one_json_file(void)
+{
+	size_t vector_set_idx, root_size;
+
+	root_size = json_array_size(json_info.json_root);
+	fips_test_json_init_writeback();
+
+	for (vector_set_idx = 1; vector_set_idx < root_size; vector_set_idx++) {
+		/* Vector set index starts at 1, the 0th index contains test session
+		 * information.
+		 */
+		json_info.json_vector_set = json_array_get(json_info.json_root, vector_set_idx);
+		fips_test_one_vector_set();
+		json_array_append_new(json_info.json_write_root, json_info.json_write_set);
+	}
+
+	json_dumpf(json_info.json_write_root, info.fp_wr, JSON_INDENT(4));
+	json_decref(json_info.json_write_root);
+
+	return 0;
+}
+#endif /* RTE_HAS_JANSSON */
-- 
2.25.1


^ permalink raw reply	[flat|nested] 122+ messages in thread

* [v5, 05/11] examples/fips_validation: add json to gcm test
  2022-05-25 15:45       ` [v5, 00/11] " Gowrishankar Muthukrishnan
                           ` (3 preceding siblings ...)
  2022-05-25 15:45         ` [v5, 04/11] examples/fips_validation: allow json file as input Gowrishankar Muthukrishnan
@ 2022-05-25 15:45         ` Gowrishankar Muthukrishnan
  2022-05-25 15:45         ` [v5, 06/11] examples/fips_validation: add json to hmac Gowrishankar Muthukrishnan
                           ` (6 subsequent siblings)
  11 siblings, 0 replies; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-25 15:45 UTC (permalink / raw)
  To: dev
  Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
	Archana Muniganti, Jerin Jacob, Brandon Lo

From: Brandon Lo <blo@iol.unh.edu>

Adds json-specific testing and writeback function. Allows
the user to test AES-GCM vector sets.

Signed-off-by: Brandon Lo <blo@iol.unh.edu>
---
v3:
* fix checkpatch warnings
---
 examples/fips_validation/fips_validation.h    |   3 +
 .../fips_validation/fips_validation_gcm.c     | 151 +++++++++++++++++-
 examples/fips_validation/main.c               |   3 +-
 3 files changed, 155 insertions(+), 2 deletions(-)

diff --git a/examples/fips_validation/fips_validation.h b/examples/fips_validation/fips_validation.h
index a1c83a9a6a..8b9d528c53 100644
--- a/examples/fips_validation/fips_validation.h
+++ b/examples/fips_validation/fips_validation.h
@@ -250,6 +250,9 @@ fips_test_parse_one_json_group(void);
 
 int
 fips_test_parse_one_json_case(void);
+
+int
+parse_test_gcm_json_init(void);
 #endif /* RTE_HAS_JANSSON */
 
 int
diff --git a/examples/fips_validation/fips_validation_gcm.c b/examples/fips_validation/fips_validation_gcm.c
index 250d09bf90..3604b21f13 100644
--- a/examples/fips_validation/fips_validation_gcm.c
+++ b/examples/fips_validation/fips_validation_gcm.c
@@ -6,6 +6,10 @@
 #include <time.h>
 #include <stdio.h>
 
+#ifdef RTE_HAS_JANSSON
+#include <jansson.h>
+#endif /* RTE_HAS_JANSSON */
+
 #include <rte_cryptodev.h>
 #include <rte_malloc.h>
 
@@ -37,6 +41,27 @@
 #define OP_ENC_EXT_STR	"ExtIV"
 #define OP_ENC_INT_STR	"IntIV"
 
+#define KEYLEN_JSON_STR		"keyLen"
+#define IVLEN_JSON_STR		"ivLen"
+#define PAYLOADLEN_JSON_STR	"payloadLen"
+#define AADLEN_JSON_STR		"aadLen"
+#define TAGLEN_JSON_STR		"tagLen"
+
+#define KEY_JSON_STR	"key"
+#define IV_JSON_STR		"iv"
+#define PT_JSON_STR		"pt"
+#define CT_JSON_STR		"ct"
+#define AAD_JSON_STR	"aad"
+#define TAG_JSON_STR	"tag"
+#define DIR_JSON_STR	"direction"
+
+#define OP_ENC_JSON_STR	"encrypt"
+#define OP_DEC_JSON_STR	"decrypt"
+
+#define IVGEN_JSON_STR	"ivGen"
+#define OP_ENC_EXT_JSON_STR	"external"
+#define OP_ENC_INT_JSON_STR	"internal"
+
 #define NEG_TEST_STR	"FAIL"
 
 /**
@@ -136,6 +161,40 @@ struct fips_test_callback gcm_enc_vectors[] = {
 		{NULL, NULL, NULL} /**< end pointer */
 };
 
+#ifdef RTE_HAS_JANSSON
+struct fips_test_callback gcm_dec_json_vectors[] = {
+		{KEY_JSON_STR, parse_uint8_known_len_hex_str, &vec.aead.key},
+		{IV_JSON_STR, parse_uint8_known_len_hex_str, &vec.iv},
+		{CT_JSON_STR, parse_gcm_pt_ct_str, &vec.ct},
+		{AAD_JSON_STR, parse_gcm_aad_str, &vec.aead.aad},
+		{TAG_JSON_STR, parse_uint8_known_len_hex_str,
+				&vec.aead.digest},
+		{NULL, NULL, NULL} /**< end pointer */
+};
+
+struct fips_test_callback gcm_interim_json_vectors[] = {
+		{KEYLEN_JSON_STR, parser_read_uint32_bit_val, &vec.aead.key},
+		{IVLEN_JSON_STR, parser_read_uint32_bit_val, &vec.iv},
+		{PAYLOADLEN_JSON_STR, parser_read_gcm_pt_len, &vec.pt},
+		{PAYLOADLEN_JSON_STR, parser_read_uint32_bit_val, &vec.ct},
+		/**< The NIST json test vectors use 'payloadLen' to denote input text
+		 *  length in case of decrypt & encrypt operations.
+		 */
+		{AADLEN_JSON_STR, parser_read_uint32_bit_val, &vec.aead.aad},
+		{TAGLEN_JSON_STR, parser_read_uint32_bit_val,
+				&vec.aead.digest},
+		{NULL, NULL, NULL} /**< end pointer */
+};
+
+struct fips_test_callback gcm_enc_json_vectors[] = {
+		{KEY_JSON_STR, parse_uint8_known_len_hex_str, &vec.aead.key},
+		{IV_JSON_STR, parse_uint8_known_len_hex_str, &vec.iv},
+		{PT_JSON_STR, parse_gcm_pt_ct_str, &vec.pt},
+		{AAD_JSON_STR, parse_gcm_aad_str, &vec.aead.aad},
+		{NULL, NULL, NULL} /**< end pointer */
+};
+#endif /* RTE_HAS_JANSSON */
+
 static int
 parse_test_gcm_writeback(struct fips_val *val)
 {
@@ -194,7 +253,6 @@ parse_test_gcm_init(void)
 	char *tmp;
 	uint32_t i;
 
-
 	for (i = 0; i < info.nb_vec_lines; i++) {
 		char *line = info.vec[i];
 
@@ -218,3 +276,94 @@ parse_test_gcm_init(void)
 
 	return 0;
 }
+
+#ifdef RTE_HAS_JANSSON
+static int
+parse_test_gcm_json_writeback(struct fips_val *val)
+{
+	struct fips_val tmp_val;
+	json_t *tcId, *tag;
+
+	tcId = json_object_get(json_info.json_test_case, "tcId");
+
+	json_info.json_write_case = json_object();
+	json_object_set(json_info.json_write_case, "tcId", tcId);
+
+	if (info.op == FIPS_TEST_ENC_AUTH_GEN) {
+		json_t *ct;
+
+		tmp_val.val = val->val;
+		tmp_val.len = vec.pt.len;
+
+		writeback_hex_str("", info.one_line_text, &tmp_val);
+		ct = json_string(info.one_line_text);
+		json_object_set_new(json_info.json_write_case, CT_JSON_STR, ct);
+
+		if (info.interim_info.gcm_data.gen_iv) {
+			json_t *iv;
+			tmp_val.val = vec.iv.val;
+			tmp_val.len = vec.iv.len;
+
+			writeback_hex_str("", info.one_line_text, &tmp_val);
+			iv = json_string(info.one_line_text);
+			json_object_set_new(json_info.json_write_case, IV_JSON_STR, iv);
+
+			rte_free(vec.iv.val);
+			vec.iv.val = NULL;
+		}
+
+		tmp_val.val = val->val + vec.pt.len;
+		tmp_val.len = val->len - vec.pt.len;
+
+		writeback_hex_str("", info.one_line_text, &tmp_val);
+		tag = json_string(info.one_line_text);
+		json_object_set_new(json_info.json_write_case, TAG_JSON_STR, tag);
+	} else {
+		if (vec.status == RTE_CRYPTO_OP_STATUS_SUCCESS) {
+			if (!info.interim_info.gcm_data.is_gmac) {
+				tmp_val.val = val->val;
+				tmp_val.len = vec.pt.len;
+
+				writeback_hex_str("", info.one_line_text, &tmp_val);
+				json_object_set_new(json_info.json_write_case, PT_JSON_STR,
+					json_string(info.one_line_text));
+			}
+		} else {
+			json_object_set_new(json_info.json_write_case, "testPassed", json_false());
+		}
+	}
+
+	return 0;
+}
+
+int
+parse_test_gcm_json_init(void)
+{
+	json_t *direction_obj;
+	const char *direction_str;
+
+	direction_obj = json_object_get(json_info.json_test_group, DIR_JSON_STR);
+	direction_str = json_string_value(direction_obj);
+
+	if (strcmp(direction_str, OP_ENC_JSON_STR) == 0) {
+		json_t *ivGen_obj = json_object_get(json_info.json_test_group, IVGEN_JSON_STR);
+		const char *ivGen_str = json_string_value(ivGen_obj);
+
+		info.op = FIPS_TEST_ENC_AUTH_GEN;
+		info.callbacks = gcm_enc_json_vectors;
+
+		if (strcmp(ivGen_str, OP_ENC_INT_JSON_STR) == 0)
+			info.interim_info.gcm_data.gen_iv = 1;
+	} else if (strcmp(direction_str, OP_DEC_JSON_STR) == 0) {
+		info.op = FIPS_TEST_DEC_AUTH_VERIF;
+		info.callbacks = gcm_dec_json_vectors;
+	} else {
+		return -EINVAL;
+	}
+	info.interim_callbacks = gcm_interim_json_vectors;
+	info.parse_writeback = parse_test_gcm_json_writeback;
+
+	return 0;
+}
+#endif /* RTE_HAS_JANSSON */
+
diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c
index 3d841e5bfd..6a1b323cc8 100644
--- a/examples/fips_validation/main.c
+++ b/examples/fips_validation/main.c
@@ -1940,11 +1940,12 @@ fips_test_one_test_group(void)
 
 	switch (info.algo) {
 	case FIPS_TEST_ALGO_AES_GCM:
-		ret = parse_test_gcm_init();
+		ret = parse_test_gcm_json_init();
 		break;
 	default:
 		return -EINVAL;
 	}
+
 	if (ret < 0)
 		return ret;
 
-- 
2.25.1


^ permalink raw reply	[flat|nested] 122+ messages in thread

* [v5, 06/11] examples/fips_validation: add json to hmac
  2022-05-25 15:45       ` [v5, 00/11] " Gowrishankar Muthukrishnan
                           ` (4 preceding siblings ...)
  2022-05-25 15:45         ` [v5, 05/11] examples/fips_validation: add json to gcm test Gowrishankar Muthukrishnan
@ 2022-05-25 15:45         ` Gowrishankar Muthukrishnan
  2022-05-25 15:45         ` [v5, 07/11] examples/fips_validation: implement json cmac test Gowrishankar Muthukrishnan
                           ` (5 subsequent siblings)
  11 siblings, 0 replies; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-25 15:45 UTC (permalink / raw)
  To: dev
  Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
	Archana Muniganti, Jerin Jacob, Brandon Lo

From: Brandon Lo <blo@iol.unh.edu>

Adds JSON support for the HMAC algorithm.

Signed-off-by: Brandon Lo <blo@iol.unh.edu>
---
 examples/fips_validation/fips_validation.c    |  2 +
 examples/fips_validation/fips_validation.h    |  6 ++
 .../fips_validation/fips_validation_hmac.c    | 93 +++++++++++++++++++
 examples/fips_validation/main.c               |  3 +
 4 files changed, 104 insertions(+)

diff --git a/examples/fips_validation/fips_validation.c b/examples/fips_validation/fips_validation.c
index 6594a15579..e8520f59cf 100644
--- a/examples/fips_validation/fips_validation.c
+++ b/examples/fips_validation/fips_validation.c
@@ -458,6 +458,8 @@ fips_test_parse_one_json_vector_set(void)
 	/* Vector sets contain the algorithm type, and nothing else we need. */
 	if (strstr(algo_str, "AES-GCM"))
 		info.algo = FIPS_TEST_ALGO_AES_GCM;
+	if (strstr(algo_str, "HMAC"))
+		info.algo = FIPS_TEST_ALGO_HMAC;
 	else
 		return -EINVAL;
 
diff --git a/examples/fips_validation/fips_validation.h b/examples/fips_validation/fips_validation.h
index 8b9d528c53..3b3ffb7fa6 100644
--- a/examples/fips_validation/fips_validation.h
+++ b/examples/fips_validation/fips_validation.h
@@ -253,6 +253,12 @@ fips_test_parse_one_json_case(void);
 
 int
 parse_test_gcm_json_init(void);
+
+int
+parse_test_hmac_json_init(void);
+
+int
+parse_test_hmac_json_algorithm(void);
 #endif /* RTE_HAS_JANSSON */
 
 int
diff --git a/examples/fips_validation/fips_validation_hmac.c b/examples/fips_validation/fips_validation_hmac.c
index 1285c9d283..4cd1b1ac07 100644
--- a/examples/fips_validation/fips_validation_hmac.c
+++ b/examples/fips_validation/fips_validation_hmac.c
@@ -19,6 +19,15 @@
 #define PT_STR		"Msg = "
 #define TAG_STR		"Mac = "
 
+#define ALGO_JSON_STR	"algorithm"
+
+#define KEYLEN_JSON_STR	"keyLen"
+#define TAGLEN_JSON_STR	"macLen"
+
+#define KEY_JSON_STR	"key"
+#define PT_JSON_STR		"msg"
+#define TAG_JSON_STR	"mac"
+
 struct hash_size_conversion {
 	const char *str;
 	enum rte_crypto_auth_algorithm algo;
@@ -65,6 +74,29 @@ struct fips_test_callback hmac_tests_interim_vectors[] = {
 		{NULL, NULL, NULL} /**< end pointer */
 };
 
+#ifdef RTE_HAS_JANSSON
+struct hash_size_conversion json_algorithms[] = {
+		{"HMAC-SHA-1", RTE_CRYPTO_AUTH_SHA1_HMAC},
+		{"HMAC-SHA2-224", RTE_CRYPTO_AUTH_SHA224_HMAC},
+		{"HMAC-SHA2-256", RTE_CRYPTO_AUTH_SHA256_HMAC},
+		{"HMAC-SHA2-384", RTE_CRYPTO_AUTH_SHA384_HMAC},
+		{"HMAC-SHA2-512", RTE_CRYPTO_AUTH_SHA512_HMAC},
+};
+
+struct fips_test_callback hmac_tests_json_vectors[] = {
+		{KEY_JSON_STR, parse_uint8_hex_str, &vec.cipher_auth.key},
+		{PT_JSON_STR, parse_uint8_hex_str, &vec.pt},
+		{TAG_JSON_STR, parse_uint8_hex_str, &vec.cipher_auth.digest},
+		{NULL, NULL, NULL} /**< end pointer */
+};
+
+struct fips_test_callback hmac_tests_interim_json_vectors[] = {
+		{KEYLEN_JSON_STR, parser_read_uint32_val, &vec.cipher_auth.key},
+		{TAGLEN_JSON_STR, parser_read_uint32_bit_val, &vec.cipher_auth.digest},
+		{NULL, NULL, NULL} /**< end pointer */
+};
+#endif /* RTE_HAS_JANSSON */
+
 static int
 parse_test_hmac_writeback(struct fips_val *val)
 {
@@ -103,3 +135,64 @@ parse_test_hmac_init(void)
 
 	return 0;
 }
+
+#ifdef RTE_HAS_JANSSON
+static int
+parse_test_hmac_json_writeback(struct fips_val *val)
+{
+	struct fips_val val_local;
+	json_t *tcId, *mac;
+
+	tcId = json_object_get(json_info.json_test_case, "tcId");
+
+	json_info.json_write_case = json_object();
+	json_object_set(json_info.json_write_case, "tcId", tcId);
+
+
+	val_local.val = val->val + vec.pt.len;
+	val_local.len = vec.cipher_auth.digest.len;
+
+	writeback_hex_str("", info.one_line_text, &val_local);
+
+	mac = json_string(info.one_line_text);
+	json_object_set_new(json_info.json_write_case, TAG_JSON_STR, mac);
+
+	return 0;
+}
+
+int
+parse_test_hmac_json_algorithm(void)
+{
+	json_t *algorithm_object;
+	const char *algorithm_str;
+	uint32_t i;
+
+	algorithm_object = json_object_get(json_info.json_vector_set, "algorithm");
+	algorithm_str = json_string_value(algorithm_object);
+
+	for (i = 0; i < RTE_DIM(json_algorithms); i++) {
+		if (strstr(algorithm_str, json_algorithms[i].str)) {
+			info.interim_info.hmac_data.algo = json_algorithms[i].algo;
+			return 0;
+		}
+	}
+
+	return -1;
+}
+
+int
+parse_test_hmac_json_init(void)
+{
+	info.op = FIPS_TEST_ENC_AUTH_GEN;
+	info.parse_writeback = parse_test_hmac_json_writeback;
+	info.callbacks = hmac_tests_json_vectors;
+	info.writeback_callbacks = NULL;
+	info.kat_check = rsp_test_hmac_check;
+	info.interim_callbacks = hmac_tests_interim_json_vectors;
+
+	if (parse_test_hmac_json_algorithm() < 0)
+		return -1;
+
+	return 0;
+}
+#endif /* RTE_HAS_JANSSON */
diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c
index 6a1b323cc8..261e2c4c99 100644
--- a/examples/fips_validation/main.c
+++ b/examples/fips_validation/main.c
@@ -1942,6 +1942,9 @@ fips_test_one_test_group(void)
 	case FIPS_TEST_ALGO_AES_GCM:
 		ret = parse_test_gcm_json_init();
 		break;
+	case FIPS_TEST_ALGO_HMAC:
+		ret = parse_test_hmac_json_init();
+		break;
 	default:
 		return -EINVAL;
 	}
-- 
2.25.1


^ permalink raw reply	[flat|nested] 122+ messages in thread

* [v5, 07/11] examples/fips_validation: implement json cmac test
  2022-05-25 15:45       ` [v5, 00/11] " Gowrishankar Muthukrishnan
                           ` (5 preceding siblings ...)
  2022-05-25 15:45         ` [v5, 06/11] examples/fips_validation: add json to hmac Gowrishankar Muthukrishnan
@ 2022-05-25 15:45         ` Gowrishankar Muthukrishnan
  2022-05-25 15:45         ` [v5, 08/11] examples/fips_validation: add parsing for cmac Gowrishankar Muthukrishnan
                           ` (4 subsequent siblings)
  11 siblings, 0 replies; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-25 15:45 UTC (permalink / raw)
  To: dev
  Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
	Archana Muniganti, Jerin Jacob, Brandon Lo

From: Brandon Lo <blo@iol.unh.edu>

Implemented JSON support for the CMAC test.

Signed-off-by: Brandon Lo <blo@iol.unh.edu>
--
v5:
* parser_read_cmac_direction_str is static.
---
 examples/fips_validation/fips_validation.h    |  3 +
 .../fips_validation/fips_validation_cmac.c    | 80 +++++++++++++++++++
 2 files changed, 83 insertions(+)

diff --git a/examples/fips_validation/fips_validation.h b/examples/fips_validation/fips_validation.h
index 3b3ffb7fa6..88cbb0303e 100644
--- a/examples/fips_validation/fips_validation.h
+++ b/examples/fips_validation/fips_validation.h
@@ -259,6 +259,9 @@ parse_test_hmac_json_init(void);
 
 int
 parse_test_hmac_json_algorithm(void);
+
+int
+parse_test_cmac_json_init(void);
 #endif /* RTE_HAS_JANSSON */
 
 int
diff --git a/examples/fips_validation/fips_validation_cmac.c b/examples/fips_validation/fips_validation_cmac.c
index 54c951ef83..094e3922a4 100644
--- a/examples/fips_validation/fips_validation_cmac.c
+++ b/examples/fips_validation/fips_validation_cmac.c
@@ -32,6 +32,18 @@
 #define PASS_STR	"P"
 #define FAIL_STR	"F"
 
+#define KLEN_JSON_STR		"keyLen"
+#define PTLEN_JSON_STR		"msgLen"
+#define TAGLEN_JSON_STR		"macLen"
+#define KEY_JSON_STR		"key"
+#define PT_JSON_STR			"message"
+#define TAG_JSON_STR		"mac"
+#define DIRECTION_JSON_STR	"direction"
+#define POS_NEG_JSON_STR	"testPassed"
+
+#define GEN_JSON_STR	"gen"
+#define VERIF_JSON_STR	"ver"
+
 struct hash_algo_conversion {
 	const char *str;
 	enum fips_test_algorithms algo;
@@ -39,6 +51,74 @@ struct hash_algo_conversion {
 		{"AES", FIPS_TEST_ALGO_AES_CMAC},
 };
 
+#ifdef RTE_HAS_JANSSON
+static int
+parser_read_cmac_direction_str(__rte_unused const char *key, char *src,
+		__rte_unused struct fips_val *val)
+{
+	if (strcmp(src, "gen") == 0)
+		info.op = FIPS_TEST_ENC_AUTH_GEN;
+	else if (strcmp(src, "ver") == 0)
+		info.op = FIPS_TEST_DEC_AUTH_VERIF;
+
+	return 0;
+}
+
+struct fips_test_callback cmac_tests_interim_json_vectors[] = {
+		{KLEN_JSON_STR, parser_read_uint32_bit_val, &vec.cipher_auth.key},
+		{PTLEN_JSON_STR, parser_read_uint32_bit_val, &vec.pt},
+		{TAGLEN_JSON_STR, parser_read_uint32_bit_val, &vec.cipher_auth.digest},
+		{DIRECTION_JSON_STR, parser_read_cmac_direction_str, NULL},
+		{NULL, NULL, NULL} /**< end pointer */
+};
+
+struct fips_test_callback cmac_tests_json_vectors[] = {
+		{KEY_JSON_STR, parse_uint8_hex_str, &vec.cipher_auth.key},
+		{PT_JSON_STR, parse_uint8_known_len_hex_str, &vec.pt},
+		{TAG_JSON_STR, parse_uint8_known_len_hex_str,
+				&vec.cipher_auth.digest},
+		{NULL, NULL, NULL} /**< end pointer */
+};
+
+static int
+parse_test_cmac_json_writeback(struct fips_val *val)
+{
+	json_info.json_write_case = json_object();
+	json_object_set(json_info.json_write_case, "tcId",
+		json_object_get(json_info.json_test_case, "tcId"));
+
+	if (info.op == FIPS_TEST_ENC_AUTH_GEN) {
+		struct fips_val tmp_val = {val->val + vec.pt.len,
+				vec.cipher_auth.digest.len};
+
+		writeback_hex_str("", info.one_line_text, &tmp_val);
+		json_object_set_new(json_info.json_write_case, TAG_JSON_STR,
+			json_string(info.one_line_text));
+	} else {
+		if (vec.status == RTE_CRYPTO_OP_STATUS_SUCCESS)
+			json_object_set_new(json_info.json_write_case, POS_NEG_JSON_STR,
+				json_boolean(true));
+		else if (vec.status == RTE_CRYPTO_OP_STATUS_AUTH_FAILED)
+			json_object_set_new(json_info.json_write_case, POS_NEG_JSON_STR,
+				json_boolean(false));
+	}
+
+	return 0;
+}
+
+int
+parse_test_cmac_json_init(void)
+{
+	info.algo = FIPS_TEST_ALGO_AES_CMAC;
+
+	info.parse_writeback = parse_test_cmac_json_writeback;
+	info.callbacks = cmac_tests_json_vectors;
+	info.interim_callbacks = cmac_tests_interim_json_vectors;
+
+	return 0;
+}
+#endif /* RTE_HAS_JANSSON */
+
 static int
 parse_test_cmac_writeback(struct fips_val *val)
 {
-- 
2.25.1


^ permalink raw reply	[flat|nested] 122+ messages in thread

* [v5, 08/11] examples/fips_validation: add parsing for cmac
  2022-05-25 15:45       ` [v5, 00/11] " Gowrishankar Muthukrishnan
                           ` (6 preceding siblings ...)
  2022-05-25 15:45         ` [v5, 07/11] examples/fips_validation: implement json cmac test Gowrishankar Muthukrishnan
@ 2022-05-25 15:45         ` Gowrishankar Muthukrishnan
  2022-05-25 15:45         ` [v5, 09/11] examples/fips_validation: cleanup bypass tests in response file Gowrishankar Muthukrishnan
                           ` (3 subsequent siblings)
  11 siblings, 0 replies; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-25 15:45 UTC (permalink / raw)
  To: dev
  Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
	Archana Muniganti, Jerin Jacob, Brandon Lo,
	Gowrishankar Muthukrishnan

From: Brandon Lo <blo@iol.unh.edu>

Added function to parse algorithm for CMAC test.

Signed-off-by: Brandon Lo <blo@iol.unh.edu>
Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
--
v5:
* parser_read_cmac_direction_str implementation moved to static.
---
 examples/fips_validation/fips_validation.c | 19 ++++++++++++++++---
 examples/fips_validation/main.c            |  3 +++
 2 files changed, 19 insertions(+), 3 deletions(-)

diff --git a/examples/fips_validation/fips_validation.c b/examples/fips_validation/fips_validation.c
index e8520f59cf..ab4c0d0eca 100644
--- a/examples/fips_validation/fips_validation.c
+++ b/examples/fips_validation/fips_validation.c
@@ -460,6 +460,8 @@ fips_test_parse_one_json_vector_set(void)
 		info.algo = FIPS_TEST_ALGO_AES_GCM;
 	if (strstr(algo_str, "HMAC"))
 		info.algo = FIPS_TEST_ALGO_HMAC;
+	if (strstr(algo_str, "CMAC"))
+		info.algo = FIPS_TEST_ALGO_AES_CMAC;
 	else
 		return -EINVAL;
 
@@ -470,7 +472,6 @@ int
 fips_test_parse_one_json_group(void)
 {
 	int ret, i;
-	json_int_t val;
 	json_t *param;
 
 	if (info.interim_callbacks) {
@@ -478,8 +479,20 @@ fips_test_parse_one_json_group(void)
 		for (i = 0; info.interim_callbacks[i].key != NULL; i++) {
 			param = json_object_get(json_info.json_test_group,
 					info.interim_callbacks[i].key);
-			val = json_integer_value(param);
-			snprintf(json_value, 255, "%"JSON_INTEGER_FORMAT, val);
+			switch (json_typeof(param)) {
+			case JSON_STRING:
+				snprintf(json_value, 256, "%s", json_string_value(param));
+				break;
+
+			case JSON_INTEGER:
+				snprintf(json_value, 255, "%"JSON_INTEGER_FORMAT,
+						json_integer_value(param));
+				break;
+
+			default:
+				return -EINVAL;
+			}
+
 			/* First argument is blank because the key
 			 * is not included in the string being parsed.
 			 */
diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c
index 261e2c4c99..9df6abf47f 100644
--- a/examples/fips_validation/main.c
+++ b/examples/fips_validation/main.c
@@ -1945,6 +1945,9 @@ fips_test_one_test_group(void)
 	case FIPS_TEST_ALGO_HMAC:
 		ret = parse_test_hmac_json_init();
 		break;
+	case FIPS_TEST_ALGO_AES_CMAC:
+		ret = parse_test_cmac_json_init();
+		break;
 	default:
 		return -EINVAL;
 	}
-- 
2.25.1


^ permalink raw reply	[flat|nested] 122+ messages in thread

* [v5, 09/11] examples/fips_validation: cleanup bypass tests in response file
  2022-05-25 15:45       ` [v5, 00/11] " Gowrishankar Muthukrishnan
                           ` (7 preceding siblings ...)
  2022-05-25 15:45         ` [v5, 08/11] examples/fips_validation: add parsing for cmac Gowrishankar Muthukrishnan
@ 2022-05-25 15:45         ` Gowrishankar Muthukrishnan
  2022-05-25 15:45         ` [v5, 10/11] examples/fips_validation: reset IV generation in every test group Gowrishankar Muthukrishnan
                           ` (2 subsequent siblings)
  11 siblings, 0 replies; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-25 15:45 UTC (permalink / raw)
  To: dev
  Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
	Archana Muniganti, Jerin Jacob, Gowrishankar Muthukrishnan

Remove garbage entries for bypassed tests in response file.

Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
---
 examples/fips_validation/main.c | 74 ++++++++++++++++-----------------
 1 file changed, 35 insertions(+), 39 deletions(-)

diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c
index 9df6abf47f..e703a111da 100644
--- a/examples/fips_validation/main.c
+++ b/examples/fips_validation/main.c
@@ -804,7 +804,7 @@ prepare_aes_xform(struct rte_crypto_sym_xform *xform)
 		RTE_LOG(ERR, USER1, "PMD %s key length %u IV length %u\n",
 				info.device_name, cipher_xform->key.length,
 				cipher_xform->iv.length);
-		return -EPERM;
+		return -ENOTSUP;
 	}
 
 	return 0;
@@ -852,7 +852,7 @@ prepare_tdes_xform(struct rte_crypto_sym_xform *xform)
 		RTE_LOG(ERR, USER1, "PMD %s key length %u IV length %u\n",
 				info.device_name, cipher_xform->key.length,
 				cipher_xform->iv.length);
-		return -EPERM;
+		return -ENOTSUP;
 	}
 
 	return 0;
@@ -889,7 +889,7 @@ prepare_hmac_xform(struct rte_crypto_sym_xform *xform)
 		RTE_LOG(ERR, USER1, "PMD %s key length %u IV length %u\n",
 				info.device_name, auth_xform->key.length,
 				auth_xform->digest_length);
-		return -EPERM;
+		return -ENOTSUP;
 	}
 
 	return 0;
@@ -935,7 +935,7 @@ prepare_gcm_xform(struct rte_crypto_sym_xform *xform)
 				aead_xform->digest_length,
 				aead_xform->aad_length,
 				aead_xform->iv.length);
-		return -EPERM;
+		return -ENOTSUP;
 	}
 
 	return 0;
@@ -980,7 +980,7 @@ prepare_gmac_xform(struct rte_crypto_sym_xform *xform)
 				info.device_name, auth_xform->key.length,
 				auth_xform->digest_length,
 				auth_xform->iv.length);
-		return -EPERM;
+		return -ENOTSUP;
 	}
 
 	return 0;
@@ -1018,7 +1018,7 @@ prepare_cmac_xform(struct rte_crypto_sym_xform *xform)
 		RTE_LOG(ERR, USER1, "PMD %s key length %u IV length %u\n",
 				info.device_name, auth_xform->key.length,
 				auth_xform->digest_length);
-		return -EPERM;
+		return -ENOTSUP;
 	}
 
 	return 0;
@@ -1064,7 +1064,7 @@ prepare_ccm_xform(struct rte_crypto_sym_xform *xform)
 				aead_xform->digest_length,
 				aead_xform->aad_length,
 				aead_xform->iv.length);
-		return -EPERM;
+		return -ENOTSUP;
 	}
 
 	return 0;
@@ -1099,7 +1099,7 @@ prepare_sha_xform(struct rte_crypto_sym_xform *xform)
 		RTE_LOG(ERR, USER1, "PMD %s key length %u digest length %u\n",
 				info.device_name, auth_xform->key.length,
 				auth_xform->digest_length);
-		return -EPERM;
+		return -ENOTSUP;
 	}
 
 	return 0;
@@ -1139,7 +1139,7 @@ prepare_xts_xform(struct rte_crypto_sym_xform *xform)
 		RTE_LOG(ERR, USER1, "PMD %s key length %u IV length %u\n",
 				info.device_name, cipher_xform->key.length,
 				cipher_xform->iv.length);
-		return -EPERM;
+		return -ENOTSUP;
 	}
 
 	return 0;
@@ -1254,7 +1254,7 @@ fips_generic_test(void)
 
 	ret = fips_run_test();
 	if (ret < 0) {
-		if (ret == -EPERM || ret == -ENOTSUP) {
+		if (ret == -ENOTSUP) {
 			fprintf(info.fp_wr, "Bypass\n\n");
 			return 0;
 		}
@@ -1289,7 +1289,7 @@ fips_generic_test(void)
 		fprintf(info.fp_wr, "\n");
 	free(val.val);
 
-	return 0;
+	return 1;
 }
 
 static int
@@ -1458,7 +1458,7 @@ fips_mct_tdes_test(void)
 
 	free(val.val);
 
-	return 0;
+	return 1;
 }
 
 static int
@@ -1537,7 +1537,7 @@ fips_mct_aes_ecb_test(void)
 
 	free(val.val);
 
-	return 0;
+	return 1;
 }
 static int
 fips_mct_aes_test(void)
@@ -1645,7 +1645,7 @@ fips_mct_aes_test(void)
 
 	free(val.val);
 
-	return 0;
+	return 1;
 }
 
 static int
@@ -1731,7 +1731,7 @@ fips_mct_sha_test(void)
 
 	free(val.val);
 
-	return 0;
+	return 1;
 }
 
 
@@ -1846,18 +1846,15 @@ fips_test_one_file(void)
 		}
 
 		ret = fips_test_parse_one_case();
-		switch (ret) {
-		case 0:
-			ret = test_ops.test();
-			if (ret == 0)
-				break;
-			RTE_LOG(ERR, USER1, "Error %i: test block\n",
+		if (ret < 0) {
+			RTE_LOG(ERR, USER1, "Error %i: Parse block\n",
 					ret);
 			goto error_one_case;
-		case 1:
-			break;
-		default:
-			RTE_LOG(ERR, USER1, "Error %i: Parse block\n",
+		}
+
+		ret = test_ops.test();
+		if (ret < 0) {
+			RTE_LOG(ERR, USER1, "Error %i: test block\n",
 					ret);
 			goto error_one_case;
 		}
@@ -1907,22 +1904,21 @@ fips_test_one_test_case(void)
 	int ret;
 
 	ret = fips_test_parse_one_json_case();
+	if (ret < 0) {
+		RTE_LOG(ERR, USER1, "Error %i: Parse block\n",
+				ret);
+		goto exit;
+	}
 
-	switch (ret) {
-	case 0:
-		ret = test_ops.test();
-		if (ret == 0)
-			break;
+	ret = test_ops.test();
+	if (ret < 0) {
 		RTE_LOG(ERR, USER1, "Error %i: test block\n",
 				ret);
-		break;
-	case 1:
-		break;
-	default:
-		RTE_LOG(ERR, USER1, "Error %i: Parse block\n",
-				ret);
+		goto exit;
 	}
-	return 0;
+
+exit:
+	return ret;
 }
 
 static int
@@ -1967,8 +1963,8 @@ fips_test_one_test_group(void)
 	tests_size = json_array_size(tests);
 	for (test_idx = 0; test_idx < tests_size; test_idx++) {
 		json_info.json_test_case = json_array_get(tests, test_idx);
-		fips_test_one_test_case();
-		json_array_append_new(write_tests, json_info.json_write_case);
+		if (fips_test_one_test_case() > 0)
+			json_array_append_new(write_tests, json_info.json_write_case);
 	}
 
 	return 0;
-- 
2.25.1


^ permalink raw reply	[flat|nested] 122+ messages in thread

* [v5, 10/11] examples/fips_validation: reset IV generation in every test group
  2022-05-25 15:45       ` [v5, 00/11] " Gowrishankar Muthukrishnan
                           ` (8 preceding siblings ...)
  2022-05-25 15:45         ` [v5, 09/11] examples/fips_validation: cleanup bypass tests in response file Gowrishankar Muthukrishnan
@ 2022-05-25 15:45         ` Gowrishankar Muthukrishnan
  2022-05-25 15:45         ` [v5, 11/11] examples/fips_validation: add parsing for aes_cbc Gowrishankar Muthukrishnan
  2022-05-25 17:13         ` [v6, 00/11] Add JSON vector set support to fips validation Gowrishankar Muthukrishnan
  11 siblings, 0 replies; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-25 15:45 UTC (permalink / raw)
  To: dev
  Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
	Archana Muniganti, Jerin Jacob, Gowrishankar Muthukrishnan

Reset IV generation in every test group.

Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
---
 examples/fips_validation/fips_validation_gcm.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/examples/fips_validation/fips_validation_gcm.c b/examples/fips_validation/fips_validation_gcm.c
index 3604b21f13..7e89f2a6b2 100644
--- a/examples/fips_validation/fips_validation_gcm.c
+++ b/examples/fips_validation/fips_validation_gcm.c
@@ -344,6 +344,7 @@ parse_test_gcm_json_init(void)
 
 	direction_obj = json_object_get(json_info.json_test_group, DIR_JSON_STR);
 	direction_str = json_string_value(direction_obj);
+	info.interim_info.gcm_data.gen_iv = 0;
 
 	if (strcmp(direction_str, OP_ENC_JSON_STR) == 0) {
 		json_t *ivGen_obj = json_object_get(json_info.json_test_group, IVGEN_JSON_STR);
-- 
2.25.1


^ permalink raw reply	[flat|nested] 122+ messages in thread

* [v5, 11/11] examples/fips_validation: add parsing for aes_cbc
  2022-05-25 15:45       ` [v5, 00/11] " Gowrishankar Muthukrishnan
                           ` (9 preceding siblings ...)
  2022-05-25 15:45         ` [v5, 10/11] examples/fips_validation: reset IV generation in every test group Gowrishankar Muthukrishnan
@ 2022-05-25 15:45         ` Gowrishankar Muthukrishnan
  2022-05-25 17:08           ` [v5,11/11] " Gowrishankar Muthukrishnan
  2022-05-25 17:13         ` [v6, 00/11] Add JSON vector set support to fips validation Gowrishankar Muthukrishnan
  11 siblings, 1 reply; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-25 15:45 UTC (permalink / raw)
  To: dev
  Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
	Archana Muniganti, Jerin Jacob, Gowrishankar Muthukrishnan

Added function to parse algorithm for AES_CBC test.

Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
---
 examples/fips_validation/fips_validation.c    |   8 +-
 examples/fips_validation/fips_validation.h    |   4 +
 .../fips_validation/fips_validation_aes.c     | 223 ++++++++++++++++++
 examples/fips_validation/main.c               |  73 ++++--
 4 files changed, 281 insertions(+), 27 deletions(-)

diff --git a/examples/fips_validation/fips_validation.c b/examples/fips_validation/fips_validation.c
index ab4c0d0eca..8cec172a5f 100644
--- a/examples/fips_validation/fips_validation.c
+++ b/examples/fips_validation/fips_validation.c
@@ -120,7 +120,7 @@ fips_test_parse_header(void)
 
 	for (i = 0; i < info.nb_vec_lines; i++) {
 		if (!algo_parsed) {
-			if (strstr(info.vec[i], "AESVS")) {
+			if (strstr(info.vec[i], "AES")) {
 				algo_parsed = 1;
 				info.algo = FIPS_TEST_ALGO_AES;
 				ret = parse_test_aes_init();
@@ -458,10 +458,12 @@ fips_test_parse_one_json_vector_set(void)
 	/* Vector sets contain the algorithm type, and nothing else we need. */
 	if (strstr(algo_str, "AES-GCM"))
 		info.algo = FIPS_TEST_ALGO_AES_GCM;
-	if (strstr(algo_str, "HMAC"))
+	else if (strstr(algo_str, "HMAC"))
 		info.algo = FIPS_TEST_ALGO_HMAC;
-	if (strstr(algo_str, "CMAC"))
+	else if (strstr(algo_str, "CMAC"))
 		info.algo = FIPS_TEST_ALGO_AES_CMAC;
+	else if (strstr(algo_str, "AES-CBC"))
+		info.algo = FIPS_TEST_ALGO_AES;
 	else
 		return -EINVAL;
 
diff --git a/examples/fips_validation/fips_validation.h b/examples/fips_validation/fips_validation.h
index 88cbb0303e..6385ec4d8d 100644
--- a/examples/fips_validation/fips_validation.h
+++ b/examples/fips_validation/fips_validation.h
@@ -103,6 +103,7 @@ enum fips_aesavs_test_types {
 	AESAVS_TYPE_VARTXT,
 	AESAVS_TYPE_MMT,
 	AESAVS_TYPE_MCT,
+	AESAVS_TYPE_AFT,
 };
 
 enum fips_tdes_test_types {
@@ -262,6 +263,9 @@ parse_test_hmac_json_algorithm(void);
 
 int
 parse_test_cmac_json_init(void);
+
+int
+parse_test_aes_json_init(void);
 #endif /* RTE_HAS_JANSSON */
 
 int
diff --git a/examples/fips_validation/fips_validation_aes.c b/examples/fips_validation/fips_validation_aes.c
index b3c5e31f32..f935217f34 100644
--- a/examples/fips_validation/fips_validation_aes.c
+++ b/examples/fips_validation/fips_validation_aes.c
@@ -7,6 +7,7 @@
 #include <stdio.h>
 
 #include <rte_cryptodev.h>
+#include <rte_malloc.h>
 
 #include "fips_validation.h"
 
@@ -25,6 +26,19 @@
 #define OP_ENC_STR	"ENCRYPT"
 #define OP_DEC_STR	"DECRYPT"
 
+#define ALGO_JSON_STR 		"algorithm"
+#define TESTTYPE_JSON_STR	"testType"
+#define DIR_JSON_STR		"direction"
+#define KEYLEN_JSON_STR 	"keyLen"
+
+#define KEY_JSON_STR	"key"
+#define IV_JSON_STR	"iv"
+#define PT_JSON_STR	"pt"
+#define CT_JSON_STR	"ct"
+
+#define OP_ENC_JSON_STR	"encrypt"
+#define OP_DEC_JSON_STR	"decrypt"
+
 struct {
 	uint32_t type;
 	const char *desc;
@@ -37,6 +51,7 @@ struct {
 		{TDES_VARIABLE_TEXT, "KAT"},
 		{AESAVS_TYPE_MMT, "MMT"},
 		{AESAVS_TYPE_MCT, "MCT"},
+		{AESAVS_TYPE_AFT, "AFT"},
 };
 
 struct aes_test_algo {
@@ -92,6 +107,214 @@ struct fips_test_callback aes_writeback_callbacks[] = {
 		{NULL, NULL, NULL} /**< end pointer */
 };
 
+#ifdef RTE_HAS_JANSSON
+struct fips_test_callback aes_dec_json_vectors[] = {
+		{KEY_JSON_STR, parse_uint8_known_len_hex_str, &vec.cipher_auth.key},
+		{IV_JSON_STR, parse_uint8_hex_str, &vec.iv},
+		{CT_JSON_STR, parse_uint8_hex_str, &vec.ct},
+		{NULL, NULL, NULL} /**< end pointer */
+};
+
+struct fips_test_callback aes_interim_json_vectors[] = {
+		{KEYLEN_JSON_STR, parser_read_uint32_bit_val, &vec.cipher_auth.key},
+		{NULL, NULL, NULL} /**< end pointer */
+};
+
+struct fips_test_callback aes_enc_json_vectors[] = {
+		{KEY_JSON_STR, parse_uint8_known_len_hex_str, &vec.cipher_auth.key},
+		{IV_JSON_STR, parse_uint8_hex_str, &vec.iv},
+		{PT_JSON_STR, parse_uint8_hex_str, &vec.pt},
+		{NULL, NULL, NULL} /**< end pointer */
+};
+
+static int
+parse_test_aes_json_writeback(struct fips_val *val)
+{
+	struct fips_val tmp_val;
+	json_t *tcId;
+
+	tcId = json_object_get(json_info.json_test_case, "tcId");
+
+	json_info.json_write_case = json_object();
+	json_object_set(json_info.json_write_case, "tcId", tcId);
+
+	if (info.op == FIPS_TEST_ENC_AUTH_GEN) {
+		json_t *ct;
+
+		tmp_val.val = val->val;
+		tmp_val.len = vec.pt.len;
+
+		writeback_hex_str("", info.one_line_text, &tmp_val);
+		ct = json_string(info.one_line_text);
+		json_object_set_new(json_info.json_write_case, CT_JSON_STR, ct);
+
+		tmp_val.val = val->val + vec.pt.len;
+		tmp_val.len = val->len - vec.pt.len;
+
+		writeback_hex_str("", info.one_line_text, &tmp_val);
+	} else {
+		if (vec.status == RTE_CRYPTO_OP_STATUS_SUCCESS) {
+			tmp_val.val = val->val;
+			tmp_val.len = vec.ct.len;
+
+			writeback_hex_str("", info.one_line_text, &tmp_val);
+			json_object_set_new(json_info.json_write_case, PT_JSON_STR,
+								json_string(info.one_line_text));
+		} else {
+			json_object_set_new(json_info.json_write_case, "testPassed", json_false());
+		}
+	}
+
+	return 0;
+}
+
+static int
+parse_test_aes_mct_json_writeback(struct fips_val *val)
+{
+	json_t *tcId, *resArr, *res, *ct, *pt, *key, *iv;
+	struct fips_val tmp_val;
+
+	tcId = json_object_get(json_info.json_test_case, "tcId");
+	if (json_info.json_write_case) {
+		json_t *wcId;
+
+		wcId = json_object_get(json_info.json_write_case, "tcId");
+		if (!json_equal(tcId, wcId)) {
+			json_info.json_write_case = json_object();
+			json_object_set(json_info.json_write_case, "tcId", tcId);
+			json_object_set(json_info.json_write_case, "resultsArray", json_array());
+		}
+	} else {
+		json_info.json_write_case = json_object();
+		json_object_set(json_info.json_write_case, "tcId", tcId);
+		json_object_set(json_info.json_write_case, "resultsArray", json_array());
+	}
+
+	resArr = json_object_get(json_info.json_write_case, "resultsArray");
+	if (!json_is_array(resArr))
+		return -EINVAL;
+
+	res = json_object();
+	if (info .op == FIPS_TEST_ENC_AUTH_GEN) {
+		writeback_hex_str("", info.one_line_text, &vec.cipher_auth.key);
+		key = json_string(info.one_line_text);
+		json_object_set_new(res, KEY_JSON_STR, key);
+
+		writeback_hex_str("", info.one_line_text, &val[2]);
+		iv = json_string(info.one_line_text);
+		json_object_set_new(res, IV_JSON_STR, iv);
+
+		writeback_hex_str("", info.one_line_text, &val[1]);
+		pt = json_string(info.one_line_text);
+		json_object_set_new(res, PT_JSON_STR, pt);
+
+		tmp_val.val = val->val;
+		tmp_val.len = vec.pt.len;
+
+		writeback_hex_str("", info.one_line_text, &tmp_val);
+		ct = json_string(info.one_line_text);
+		json_object_set_new(res, CT_JSON_STR, ct);
+
+		tmp_val.val = val->val + vec.pt.len;
+		tmp_val.len = val->len - vec.pt.len;
+
+		writeback_hex_str("", info.one_line_text, &tmp_val);
+	} else {
+		if (vec.status == RTE_CRYPTO_OP_STATUS_SUCCESS) {
+			writeback_hex_str("", info.one_line_text, &vec.cipher_auth.key);
+			key = json_string(info.one_line_text);
+			json_object_set_new(res, KEY_JSON_STR, key);
+
+			writeback_hex_str("", info.one_line_text, &val[2]);
+			iv = json_string(info.one_line_text);
+			json_object_set_new(res, IV_JSON_STR, iv);
+
+			tmp_val.val = val->val;
+			tmp_val.len = vec.ct.len;
+
+			writeback_hex_str("", info.one_line_text, &tmp_val);
+			pt = json_string(info.one_line_text);
+			json_object_set_new(res, PT_JSON_STR, pt);
+
+			writeback_hex_str("", info.one_line_text, &val[1]);
+			ct = json_string(info.one_line_text);
+			json_object_set_new(res, CT_JSON_STR, ct);
+		} else {
+			json_object_set_new(json_info.json_write_case, "testPassed", json_false());
+		}
+	}
+
+	json_array_append(resArr, res);
+	return 0;
+}
+
+int
+parse_test_aes_json_init(void)
+{
+	json_t *type_obj = json_object_get(json_info.json_test_group, TESTTYPE_JSON_STR);
+	json_t *algo_obj = json_object_get(json_info.json_vector_set, ALGO_JSON_STR);
+	const char *type_str = json_string_value(type_obj);
+	const char *algo_str = json_string_value(algo_obj);
+	uint32_t i;
+
+	if (json_info.json_test_group) {
+		json_t *direction_obj;
+		const char *direction_str;
+
+		direction_obj = json_object_get(json_info.json_test_group, DIR_JSON_STR);
+		direction_str = json_string_value(direction_obj);
+
+		if (strcmp(direction_str, OP_ENC_JSON_STR) == 0) {
+			info.op = FIPS_TEST_ENC_AUTH_GEN;
+			info.callbacks = aes_enc_json_vectors;
+
+		} else if (strcmp(direction_str, OP_DEC_JSON_STR) == 0) {
+			info.op = FIPS_TEST_DEC_AUTH_VERIF;
+			info.callbacks = aes_dec_json_vectors;
+		} else {
+			return -EINVAL;
+		}
+		info.interim_callbacks = aes_interim_json_vectors;
+	}
+
+	for (i = 0; i < RTE_DIM(aes_test_types); i++)
+		if (strstr(type_str, aes_test_types[i].desc)) {
+			info.interim_info.aes_data.test_type =
+				aes_test_types[i].type;
+			break;
+		}
+
+	if (i >= RTE_DIM(aes_test_types))
+		return -EINVAL;
+
+	switch (info.interim_info.aes_data.test_type) {
+	case AESAVS_TYPE_MCT:
+		info.parse_writeback = parse_test_aes_mct_json_writeback;
+		break;
+	case AESAVS_TYPE_AFT:
+		info.parse_writeback = parse_test_aes_json_writeback;
+		break;
+	default:
+		info.parse_writeback = NULL;
+	}
+
+	if (!info.parse_writeback)
+		return -EINVAL;
+
+	for (i = 0; i < RTE_DIM(algo_con); i++)
+		if (strstr(algo_str, algo_con[i].name)) {
+			info.interim_info.aes_data.cipher_algo =
+				(uint32_t)algo_con[i].algo;
+			break;
+		}
+
+	if (i >= RTE_DIM(algo_con))
+		return -EINVAL;
+
+	return 0;
+}
+#endif /* RTE_HAS_JANSSON */
+
 static int
 parse_test_aes_writeback(struct fips_val *val)
 {
diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c
index e703a111da..1ce7e3563f 100644
--- a/examples/fips_validation/main.c
+++ b/examples/fips_validation/main.c
@@ -1545,7 +1545,7 @@ fips_mct_aes_test(void)
 #define AES_BLOCK_SIZE	16
 #define AES_EXTERN_ITER	100
 #define AES_INTERN_ITER	1000
-	struct fips_val val = {NULL, 0}, val_key;
+	struct fips_val val[3] = {{NULL, 0},}, val_key,  pt, ct, iv;
 	uint8_t prev_out[AES_BLOCK_SIZE] = {0};
 	uint8_t prev_in[AES_BLOCK_SIZE] = {0};
 	uint32_t i, j, k;
@@ -1555,10 +1555,12 @@ fips_mct_aes_test(void)
 		return fips_mct_aes_ecb_test();
 
 	for (i = 0; i < AES_EXTERN_ITER; i++) {
-		if (i != 0)
-			update_info_vec(i);
+		if (info.file_type != FIPS_TYPE_JSON) {
+			if (i != 0)
+				update_info_vec(i);
 
-		fips_test_write_one_case();
+			fips_test_write_one_case();
+		}
 
 		for (j = 0; j < AES_INTERN_ITER; j++) {
 			ret = fips_run_test();
@@ -1571,7 +1573,7 @@ fips_mct_aes_test(void)
 				return ret;
 			}
 
-			ret = get_writeback_data(&val);
+			ret = get_writeback_data(&val[0]);
 			if (ret < 0)
 				return ret;
 
@@ -1579,24 +1581,39 @@ fips_mct_aes_test(void)
 				memcpy(prev_in, vec.ct.val, AES_BLOCK_SIZE);
 
 			if (j == 0) {
-				memcpy(prev_out, val.val, AES_BLOCK_SIZE);
+				memcpy(prev_out, val[0].val, AES_BLOCK_SIZE);
+				pt.len = vec.pt.len;
+				pt.val = calloc(1, pt.len);
+				memcpy(pt.val, vec.pt.val, pt.len);
+
+				ct.len = vec.ct.len;
+				ct.val = calloc(1, ct.len);
+				memcpy(ct.val, vec.ct.val, ct.len);
+
+				iv.len = vec.iv.len;
+				iv.val = calloc(1, iv.len);
+				memcpy(iv.val, vec.iv.val, iv.len);
 
 				if (info.op == FIPS_TEST_ENC_AUTH_GEN) {
-					memcpy(vec.pt.val, vec.iv.val,
-							AES_BLOCK_SIZE);
-					memcpy(vec.iv.val, val.val,
-							AES_BLOCK_SIZE);
+					memcpy(vec.pt.val, vec.iv.val, AES_BLOCK_SIZE);
+					memcpy(vec.iv.val, val[0].val, AES_BLOCK_SIZE);
+					val[1].val = pt.val;
+					val[1].len = pt.len;
+					val[2].val = iv.val;
+					val[2].len = iv.len;
 				} else {
-					memcpy(vec.ct.val, vec.iv.val,
-							AES_BLOCK_SIZE);
-					memcpy(vec.iv.val, prev_in,
-							AES_BLOCK_SIZE);
+					memcpy(vec.ct.val, vec.iv.val, AES_BLOCK_SIZE);
+					memcpy(vec.iv.val, prev_in, AES_BLOCK_SIZE);
+					val[1].val = ct.val;
+					val[1].len = ct.len;
+					val[2].val = iv.val;
+					val[2].len = iv.len;
 				}
 				continue;
 			}
 
 			if (info.op == FIPS_TEST_ENC_AUTH_GEN) {
-				memcpy(vec.iv.val, val.val, AES_BLOCK_SIZE);
+				memcpy(vec.iv.val, val[0].val, AES_BLOCK_SIZE);
 				memcpy(vec.pt.val, prev_out, AES_BLOCK_SIZE);
 			} else {
 				memcpy(vec.iv.val, prev_in, AES_BLOCK_SIZE);
@@ -1606,33 +1623,38 @@ fips_mct_aes_test(void)
 			if (j == AES_INTERN_ITER - 1)
 				continue;
 
-			memcpy(prev_out, val.val, AES_BLOCK_SIZE);
+			memcpy(prev_out, val[0].val, AES_BLOCK_SIZE);
 		}
 
-		info.parse_writeback(&val);
-		fprintf(info.fp_wr, "\n");
+		info.parse_writeback(val);
+		if (info.file_type != FIPS_TYPE_JSON)
+			fprintf(info.fp_wr, "\n");
 
-		if (i == AES_EXTERN_ITER - 1)
+		if (i == AES_EXTERN_ITER - 1) {
+			free(pt.val);
+			free(ct.val);
+			free(iv.val);
 			continue;
+		}
 
 		/** update key */
 		memcpy(&val_key, &vec.cipher_auth.key, sizeof(val_key));
 		for (k = 0; k < vec.cipher_auth.key.len; k++) {
 			switch (vec.cipher_auth.key.len) {
 			case 16:
-				val_key.val[k] ^= val.val[k];
+				val_key.val[k] ^= val[0].val[k];
 				break;
 			case 24:
 				if (k < 8)
 					val_key.val[k] ^= prev_out[k + 8];
 				else
-					val_key.val[k] ^= val.val[k - 8];
+					val_key.val[k] ^= val[0].val[k - 8];
 				break;
 			case 32:
 				if (k < 16)
 					val_key.val[k] ^= prev_out[k];
 				else
-					val_key.val[k] ^= val.val[k - 16];
+					val_key.val[k] ^= val[0].val[k - 16];
 				break;
 			default:
 				return -1;
@@ -1640,10 +1662,10 @@ fips_mct_aes_test(void)
 		}
 
 		if (info.op == FIPS_TEST_DEC_AUTH_VERIF)
-			memcpy(vec.iv.val, val.val, AES_BLOCK_SIZE);
+			memcpy(vec.iv.val, val[0].val, AES_BLOCK_SIZE);
 	}
 
-	free(val.val);
+	free(val[0].val);
 
 	return 1;
 }
@@ -1944,6 +1966,9 @@ fips_test_one_test_group(void)
 	case FIPS_TEST_ALGO_AES_CMAC:
 		ret = parse_test_cmac_json_init();
 		break;
+	case FIPS_TEST_ALGO_AES:
+		ret = parse_test_aes_json_init();
+		break;
 	default:
 		return -EINVAL;
 	}
-- 
2.25.1


^ permalink raw reply	[flat|nested] 122+ messages in thread

* [v5,11/11] examples/fips_validation: add parsing for aes_cbc
  2022-05-25 15:45         ` [v5, 11/11] examples/fips_validation: add parsing for aes_cbc Gowrishankar Muthukrishnan
@ 2022-05-25 17:08           ` Gowrishankar Muthukrishnan
  0 siblings, 0 replies; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-25 17:08 UTC (permalink / raw)
  To: dev
  Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
	Archana Muniganti, Jerin Jacob, Gowrishankar Muthukrishnan

Added function to parse algorithm for AES_CBC test.

Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
---
 examples/fips_validation/fips_validation.c    |   8 +-
 examples/fips_validation/fips_validation.h    |   4 +
 .../fips_validation/fips_validation_aes.c     | 223 ++++++++++++++++++
 examples/fips_validation/main.c               |  76 ++++--
 4 files changed, 284 insertions(+), 27 deletions(-)

diff --git a/examples/fips_validation/fips_validation.c b/examples/fips_validation/fips_validation.c
index ab4c0d0eca..8cec172a5f 100644
--- a/examples/fips_validation/fips_validation.c
+++ b/examples/fips_validation/fips_validation.c
@@ -120,7 +120,7 @@ fips_test_parse_header(void)
 
 	for (i = 0; i < info.nb_vec_lines; i++) {
 		if (!algo_parsed) {
-			if (strstr(info.vec[i], "AESVS")) {
+			if (strstr(info.vec[i], "AES")) {
 				algo_parsed = 1;
 				info.algo = FIPS_TEST_ALGO_AES;
 				ret = parse_test_aes_init();
@@ -458,10 +458,12 @@ fips_test_parse_one_json_vector_set(void)
 	/* Vector sets contain the algorithm type, and nothing else we need. */
 	if (strstr(algo_str, "AES-GCM"))
 		info.algo = FIPS_TEST_ALGO_AES_GCM;
-	if (strstr(algo_str, "HMAC"))
+	else if (strstr(algo_str, "HMAC"))
 		info.algo = FIPS_TEST_ALGO_HMAC;
-	if (strstr(algo_str, "CMAC"))
+	else if (strstr(algo_str, "CMAC"))
 		info.algo = FIPS_TEST_ALGO_AES_CMAC;
+	else if (strstr(algo_str, "AES-CBC"))
+		info.algo = FIPS_TEST_ALGO_AES;
 	else
 		return -EINVAL;
 
diff --git a/examples/fips_validation/fips_validation.h b/examples/fips_validation/fips_validation.h
index 88cbb0303e..6385ec4d8d 100644
--- a/examples/fips_validation/fips_validation.h
+++ b/examples/fips_validation/fips_validation.h
@@ -103,6 +103,7 @@ enum fips_aesavs_test_types {
 	AESAVS_TYPE_VARTXT,
 	AESAVS_TYPE_MMT,
 	AESAVS_TYPE_MCT,
+	AESAVS_TYPE_AFT,
 };
 
 enum fips_tdes_test_types {
@@ -262,6 +263,9 @@ parse_test_hmac_json_algorithm(void);
 
 int
 parse_test_cmac_json_init(void);
+
+int
+parse_test_aes_json_init(void);
 #endif /* RTE_HAS_JANSSON */
 
 int
diff --git a/examples/fips_validation/fips_validation_aes.c b/examples/fips_validation/fips_validation_aes.c
index b3c5e31f32..0b7b9c0849 100644
--- a/examples/fips_validation/fips_validation_aes.c
+++ b/examples/fips_validation/fips_validation_aes.c
@@ -7,6 +7,7 @@
 #include <stdio.h>
 
 #include <rte_cryptodev.h>
+#include <rte_malloc.h>
 
 #include "fips_validation.h"
 
@@ -25,6 +26,19 @@
 #define OP_ENC_STR	"ENCRYPT"
 #define OP_DEC_STR	"DECRYPT"
 
+#define ALGO_JSON_STR		"algorithm"
+#define TESTTYPE_JSON_STR	"testType"
+#define DIR_JSON_STR		"direction"
+#define KEYLEN_JSON_STR		"keyLen"
+
+#define KEY_JSON_STR	"key"
+#define IV_JSON_STR	"iv"
+#define PT_JSON_STR	"pt"
+#define CT_JSON_STR	"ct"
+
+#define OP_ENC_JSON_STR	"encrypt"
+#define OP_DEC_JSON_STR	"decrypt"
+
 struct {
 	uint32_t type;
 	const char *desc;
@@ -37,6 +51,7 @@ struct {
 		{TDES_VARIABLE_TEXT, "KAT"},
 		{AESAVS_TYPE_MMT, "MMT"},
 		{AESAVS_TYPE_MCT, "MCT"},
+		{AESAVS_TYPE_AFT, "AFT"},
 };
 
 struct aes_test_algo {
@@ -92,6 +107,214 @@ struct fips_test_callback aes_writeback_callbacks[] = {
 		{NULL, NULL, NULL} /**< end pointer */
 };
 
+#ifdef RTE_HAS_JANSSON
+struct fips_test_callback aes_dec_json_vectors[] = {
+		{KEY_JSON_STR, parse_uint8_known_len_hex_str, &vec.cipher_auth.key},
+		{IV_JSON_STR, parse_uint8_hex_str, &vec.iv},
+		{CT_JSON_STR, parse_uint8_hex_str, &vec.ct},
+		{NULL, NULL, NULL} /**< end pointer */
+};
+
+struct fips_test_callback aes_interim_json_vectors[] = {
+		{KEYLEN_JSON_STR, parser_read_uint32_bit_val, &vec.cipher_auth.key},
+		{NULL, NULL, NULL} /**< end pointer */
+};
+
+struct fips_test_callback aes_enc_json_vectors[] = {
+		{KEY_JSON_STR, parse_uint8_known_len_hex_str, &vec.cipher_auth.key},
+		{IV_JSON_STR, parse_uint8_hex_str, &vec.iv},
+		{PT_JSON_STR, parse_uint8_hex_str, &vec.pt},
+		{NULL, NULL, NULL} /**< end pointer */
+};
+
+static int
+parse_test_aes_json_writeback(struct fips_val *val)
+{
+	struct fips_val tmp_val;
+	json_t *tcId;
+
+	tcId = json_object_get(json_info.json_test_case, "tcId");
+
+	json_info.json_write_case = json_object();
+	json_object_set(json_info.json_write_case, "tcId", tcId);
+
+	if (info.op == FIPS_TEST_ENC_AUTH_GEN) {
+		json_t *ct;
+
+		tmp_val.val = val->val;
+		tmp_val.len = vec.pt.len;
+
+		writeback_hex_str("", info.one_line_text, &tmp_val);
+		ct = json_string(info.one_line_text);
+		json_object_set_new(json_info.json_write_case, CT_JSON_STR, ct);
+
+		tmp_val.val = val->val + vec.pt.len;
+		tmp_val.len = val->len - vec.pt.len;
+
+		writeback_hex_str("", info.one_line_text, &tmp_val);
+	} else {
+		if (vec.status == RTE_CRYPTO_OP_STATUS_SUCCESS) {
+			tmp_val.val = val->val;
+			tmp_val.len = vec.ct.len;
+
+			writeback_hex_str("", info.one_line_text, &tmp_val);
+			json_object_set_new(json_info.json_write_case, PT_JSON_STR,
+								json_string(info.one_line_text));
+		} else {
+			json_object_set_new(json_info.json_write_case, "testPassed", json_false());
+		}
+	}
+
+	return 0;
+}
+
+static int
+parse_test_aes_mct_json_writeback(struct fips_val *val)
+{
+	json_t *tcId, *resArr, *res, *ct, *pt, *key, *iv;
+	struct fips_val tmp_val;
+
+	tcId = json_object_get(json_info.json_test_case, "tcId");
+	if (json_info.json_write_case) {
+		json_t *wcId;
+
+		wcId = json_object_get(json_info.json_write_case, "tcId");
+		if (!json_equal(tcId, wcId)) {
+			json_info.json_write_case = json_object();
+			json_object_set(json_info.json_write_case, "tcId", tcId);
+			json_object_set(json_info.json_write_case, "resultsArray", json_array());
+		}
+	} else {
+		json_info.json_write_case = json_object();
+		json_object_set(json_info.json_write_case, "tcId", tcId);
+		json_object_set(json_info.json_write_case, "resultsArray", json_array());
+	}
+
+	resArr = json_object_get(json_info.json_write_case, "resultsArray");
+	if (!json_is_array(resArr))
+		return -EINVAL;
+
+	res = json_object();
+	if (info .op == FIPS_TEST_ENC_AUTH_GEN) {
+		writeback_hex_str("", info.one_line_text, &vec.cipher_auth.key);
+		key = json_string(info.one_line_text);
+		json_object_set_new(res, KEY_JSON_STR, key);
+
+		writeback_hex_str("", info.one_line_text, &val[2]);
+		iv = json_string(info.one_line_text);
+		json_object_set_new(res, IV_JSON_STR, iv);
+
+		writeback_hex_str("", info.one_line_text, &val[1]);
+		pt = json_string(info.one_line_text);
+		json_object_set_new(res, PT_JSON_STR, pt);
+
+		tmp_val.val = val->val;
+		tmp_val.len = vec.pt.len;
+
+		writeback_hex_str("", info.one_line_text, &tmp_val);
+		ct = json_string(info.one_line_text);
+		json_object_set_new(res, CT_JSON_STR, ct);
+
+		tmp_val.val = val->val + vec.pt.len;
+		tmp_val.len = val->len - vec.pt.len;
+
+		writeback_hex_str("", info.one_line_text, &tmp_val);
+	} else {
+		if (vec.status == RTE_CRYPTO_OP_STATUS_SUCCESS) {
+			writeback_hex_str("", info.one_line_text, &vec.cipher_auth.key);
+			key = json_string(info.one_line_text);
+			json_object_set_new(res, KEY_JSON_STR, key);
+
+			writeback_hex_str("", info.one_line_text, &val[2]);
+			iv = json_string(info.one_line_text);
+			json_object_set_new(res, IV_JSON_STR, iv);
+
+			tmp_val.val = val->val;
+			tmp_val.len = vec.ct.len;
+
+			writeback_hex_str("", info.one_line_text, &tmp_val);
+			pt = json_string(info.one_line_text);
+			json_object_set_new(res, PT_JSON_STR, pt);
+
+			writeback_hex_str("", info.one_line_text, &val[1]);
+			ct = json_string(info.one_line_text);
+			json_object_set_new(res, CT_JSON_STR, ct);
+		} else {
+			json_object_set_new(json_info.json_write_case, "testPassed", json_false());
+		}
+	}
+
+	json_array_append(resArr, res);
+	return 0;
+}
+
+int
+parse_test_aes_json_init(void)
+{
+	json_t *type_obj = json_object_get(json_info.json_test_group, TESTTYPE_JSON_STR);
+	json_t *algo_obj = json_object_get(json_info.json_vector_set, ALGO_JSON_STR);
+	const char *type_str = json_string_value(type_obj);
+	const char *algo_str = json_string_value(algo_obj);
+	uint32_t i;
+
+	if (json_info.json_test_group) {
+		json_t *direction_obj;
+		const char *direction_str;
+
+		direction_obj = json_object_get(json_info.json_test_group, DIR_JSON_STR);
+		direction_str = json_string_value(direction_obj);
+
+		if (strcmp(direction_str, OP_ENC_JSON_STR) == 0) {
+			info.op = FIPS_TEST_ENC_AUTH_GEN;
+			info.callbacks = aes_enc_json_vectors;
+
+		} else if (strcmp(direction_str, OP_DEC_JSON_STR) == 0) {
+			info.op = FIPS_TEST_DEC_AUTH_VERIF;
+			info.callbacks = aes_dec_json_vectors;
+		} else {
+			return -EINVAL;
+		}
+		info.interim_callbacks = aes_interim_json_vectors;
+	}
+
+	for (i = 0; i < RTE_DIM(aes_test_types); i++)
+		if (strstr(type_str, aes_test_types[i].desc)) {
+			info.interim_info.aes_data.test_type =
+				aes_test_types[i].type;
+			break;
+		}
+
+	if (i >= RTE_DIM(aes_test_types))
+		return -EINVAL;
+
+	switch (info.interim_info.aes_data.test_type) {
+	case AESAVS_TYPE_MCT:
+		info.parse_writeback = parse_test_aes_mct_json_writeback;
+		break;
+	case AESAVS_TYPE_AFT:
+		info.parse_writeback = parse_test_aes_json_writeback;
+		break;
+	default:
+		info.parse_writeback = NULL;
+	}
+
+	if (!info.parse_writeback)
+		return -EINVAL;
+
+	for (i = 0; i < RTE_DIM(algo_con); i++)
+		if (strstr(algo_str, algo_con[i].name)) {
+			info.interim_info.aes_data.cipher_algo =
+				(uint32_t)algo_con[i].algo;
+			break;
+		}
+
+	if (i >= RTE_DIM(algo_con))
+		return -EINVAL;
+
+	return 0;
+}
+#endif /* RTE_HAS_JANSSON */
+
 static int
 parse_test_aes_writeback(struct fips_val *val)
 {
diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c
index e703a111da..a74a38e1ae 100644
--- a/examples/fips_validation/main.c
+++ b/examples/fips_validation/main.c
@@ -1545,7 +1545,7 @@ fips_mct_aes_test(void)
 #define AES_BLOCK_SIZE	16
 #define AES_EXTERN_ITER	100
 #define AES_INTERN_ITER	1000
-	struct fips_val val = {NULL, 0}, val_key;
+	struct fips_val val[3] = {{NULL, 0},}, val_key,  pt, ct, iv;
 	uint8_t prev_out[AES_BLOCK_SIZE] = {0};
 	uint8_t prev_in[AES_BLOCK_SIZE] = {0};
 	uint32_t i, j, k;
@@ -1554,11 +1554,16 @@ fips_mct_aes_test(void)
 	if (info.interim_info.aes_data.cipher_algo == RTE_CRYPTO_CIPHER_AES_ECB)
 		return fips_mct_aes_ecb_test();
 
+	memset(&pt, 0, sizeof(struct fips_val));
+	memset(&ct, 0, sizeof(struct fips_val));
+	memset(&iv, 0, sizeof(struct fips_val));
 	for (i = 0; i < AES_EXTERN_ITER; i++) {
-		if (i != 0)
-			update_info_vec(i);
+		if (info.file_type != FIPS_TYPE_JSON) {
+			if (i != 0)
+				update_info_vec(i);
 
-		fips_test_write_one_case();
+			fips_test_write_one_case();
+		}
 
 		for (j = 0; j < AES_INTERN_ITER; j++) {
 			ret = fips_run_test();
@@ -1571,7 +1576,7 @@ fips_mct_aes_test(void)
 				return ret;
 			}
 
-			ret = get_writeback_data(&val);
+			ret = get_writeback_data(&val[0]);
 			if (ret < 0)
 				return ret;
 
@@ -1579,24 +1584,39 @@ fips_mct_aes_test(void)
 				memcpy(prev_in, vec.ct.val, AES_BLOCK_SIZE);
 
 			if (j == 0) {
-				memcpy(prev_out, val.val, AES_BLOCK_SIZE);
+				memcpy(prev_out, val[0].val, AES_BLOCK_SIZE);
+				pt.len = vec.pt.len;
+				pt.val = calloc(1, pt.len);
+				memcpy(pt.val, vec.pt.val, pt.len);
+
+				ct.len = vec.ct.len;
+				ct.val = calloc(1, ct.len);
+				memcpy(ct.val, vec.ct.val, ct.len);
+
+				iv.len = vec.iv.len;
+				iv.val = calloc(1, iv.len);
+				memcpy(iv.val, vec.iv.val, iv.len);
 
 				if (info.op == FIPS_TEST_ENC_AUTH_GEN) {
-					memcpy(vec.pt.val, vec.iv.val,
-							AES_BLOCK_SIZE);
-					memcpy(vec.iv.val, val.val,
-							AES_BLOCK_SIZE);
+					memcpy(vec.pt.val, vec.iv.val, AES_BLOCK_SIZE);
+					memcpy(vec.iv.val, val[0].val, AES_BLOCK_SIZE);
+					val[1].val = pt.val;
+					val[1].len = pt.len;
+					val[2].val = iv.val;
+					val[2].len = iv.len;
 				} else {
-					memcpy(vec.ct.val, vec.iv.val,
-							AES_BLOCK_SIZE);
-					memcpy(vec.iv.val, prev_in,
-							AES_BLOCK_SIZE);
+					memcpy(vec.ct.val, vec.iv.val, AES_BLOCK_SIZE);
+					memcpy(vec.iv.val, prev_in, AES_BLOCK_SIZE);
+					val[1].val = ct.val;
+					val[1].len = ct.len;
+					val[2].val = iv.val;
+					val[2].len = iv.len;
 				}
 				continue;
 			}
 
 			if (info.op == FIPS_TEST_ENC_AUTH_GEN) {
-				memcpy(vec.iv.val, val.val, AES_BLOCK_SIZE);
+				memcpy(vec.iv.val, val[0].val, AES_BLOCK_SIZE);
 				memcpy(vec.pt.val, prev_out, AES_BLOCK_SIZE);
 			} else {
 				memcpy(vec.iv.val, prev_in, AES_BLOCK_SIZE);
@@ -1606,33 +1626,38 @@ fips_mct_aes_test(void)
 			if (j == AES_INTERN_ITER - 1)
 				continue;
 
-			memcpy(prev_out, val.val, AES_BLOCK_SIZE);
+			memcpy(prev_out, val[0].val, AES_BLOCK_SIZE);
 		}
 
-		info.parse_writeback(&val);
-		fprintf(info.fp_wr, "\n");
+		info.parse_writeback(val);
+		if (info.file_type != FIPS_TYPE_JSON)
+			fprintf(info.fp_wr, "\n");
 
-		if (i == AES_EXTERN_ITER - 1)
+		if (i == AES_EXTERN_ITER - 1) {
+			free(pt.val);
+			free(ct.val);
+			free(iv.val);
 			continue;
+		}
 
 		/** update key */
 		memcpy(&val_key, &vec.cipher_auth.key, sizeof(val_key));
 		for (k = 0; k < vec.cipher_auth.key.len; k++) {
 			switch (vec.cipher_auth.key.len) {
 			case 16:
-				val_key.val[k] ^= val.val[k];
+				val_key.val[k] ^= val[0].val[k];
 				break;
 			case 24:
 				if (k < 8)
 					val_key.val[k] ^= prev_out[k + 8];
 				else
-					val_key.val[k] ^= val.val[k - 8];
+					val_key.val[k] ^= val[0].val[k - 8];
 				break;
 			case 32:
 				if (k < 16)
 					val_key.val[k] ^= prev_out[k];
 				else
-					val_key.val[k] ^= val.val[k - 16];
+					val_key.val[k] ^= val[0].val[k - 16];
 				break;
 			default:
 				return -1;
@@ -1640,10 +1665,10 @@ fips_mct_aes_test(void)
 		}
 
 		if (info.op == FIPS_TEST_DEC_AUTH_VERIF)
-			memcpy(vec.iv.val, val.val, AES_BLOCK_SIZE);
+			memcpy(vec.iv.val, val[0].val, AES_BLOCK_SIZE);
 	}
 
-	free(val.val);
+	free(val[0].val);
 
 	return 1;
 }
@@ -1944,6 +1969,9 @@ fips_test_one_test_group(void)
 	case FIPS_TEST_ALGO_AES_CMAC:
 		ret = parse_test_cmac_json_init();
 		break;
+	case FIPS_TEST_ALGO_AES:
+		ret = parse_test_aes_json_init();
+		break;
 	default:
 		return -EINVAL;
 	}
-- 
2.25.1


^ permalink raw reply	[flat|nested] 122+ messages in thread

* [v6, 00/11] Add JSON vector set support to fips validation
  2022-05-25 15:45       ` [v5, 00/11] " Gowrishankar Muthukrishnan
                           ` (10 preceding siblings ...)
  2022-05-25 15:45         ` [v5, 11/11] examples/fips_validation: add parsing for aes_cbc Gowrishankar Muthukrishnan
@ 2022-05-25 17:13         ` Gowrishankar Muthukrishnan
  2022-05-25 17:13           ` [v6, 01/11] examples/fips_validation: add jansson dependency Gowrishankar Muthukrishnan
                             ` (12 more replies)
  11 siblings, 13 replies; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-25 17:13 UTC (permalink / raw)
  To: dev
  Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
	Archana Muniganti, Jerin Jacob, Gowrishankar Muthukrishnan

Adds a very basic introduction to JSON vector sets in
the fips validation example application. This patch set
will only introduce the AES-GCM test using a JSON request
file because the other algorithms need more information
than what is given in the new JSON format.

v6:
* CI centos platform fix.

v5:
* AES_CBC support appended in series.

Brandon Lo (8):
  examples/fips_validation: add jansson dependency
  examples/fips_validation: add json info to header
  examples/fips_validation: add json parsing
  examples/fips_validation: allow json file as input
  examples/fips_validation: add json to gcm test
  examples/fips_validation: add json to hmac
  examples/fips_validation: implement json cmac test
  examples/fips_validation: add parsing for cmac

Gowrishankar Muthukrishnan (3):
  examples/fips_validation: cleanup bypass tests in response file
  examples/fips_validation: reset IV generation in every test group
  examples/fips_validation: add parsing for aes_cbc

 examples/fips_validation/fips_validation.c    | 117 ++++++-
 examples/fips_validation/fips_validation.h    |  64 +++-
 .../fips_validation/fips_validation_aes.c     | 223 ++++++++++++
 .../fips_validation/fips_validation_cmac.c    |  80 +++++
 .../fips_validation/fips_validation_gcm.c     | 152 +++++++-
 .../fips_validation/fips_validation_hmac.c    |  93 +++++
 examples/fips_validation/main.c               | 326 +++++++++++++++---
 examples/fips_validation/meson.build          |   4 +
 8 files changed, 998 insertions(+), 61 deletions(-)

-- 
2.25.1


^ permalink raw reply	[flat|nested] 122+ messages in thread

* [v6, 01/11] examples/fips_validation: add jansson dependency
  2022-05-25 17:13         ` [v6, 00/11] Add JSON vector set support to fips validation Gowrishankar Muthukrishnan
@ 2022-05-25 17:13           ` Gowrishankar Muthukrishnan
  2022-05-25 17:13           ` [v6, 02/11] examples/fips_validation: add json info to header Gowrishankar Muthukrishnan
                             ` (11 subsequent siblings)
  12 siblings, 0 replies; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-25 17:13 UTC (permalink / raw)
  To: dev
  Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
	Archana Muniganti, Jerin Jacob, Brandon Lo

From: Brandon Lo <blo@iol.unh.edu>

Added a check for RTE_HAS_JANSSON into the meson
configuration file for JSON support.

Signed-off-by: Brandon Lo <blo@iol.unh.edu>
---
 examples/fips_validation/meson.build | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/examples/fips_validation/meson.build b/examples/fips_validation/meson.build
index 7eef456318..8cd63066b5 100644
--- a/examples/fips_validation/meson.build
+++ b/examples/fips_validation/meson.build
@@ -21,3 +21,7 @@ sources = files(
         'fips_dev_self_test.c',
         'main.c',
 )
+
+if dpdk_conf.has('RTE_HAS_JANSSON')
+    ext_deps += jansson_dep
+endif
-- 
2.25.1


^ permalink raw reply	[flat|nested] 122+ messages in thread

* [v6, 02/11] examples/fips_validation: add json info to header
  2022-05-25 17:13         ` [v6, 00/11] Add JSON vector set support to fips validation Gowrishankar Muthukrishnan
  2022-05-25 17:13           ` [v6, 01/11] examples/fips_validation: add jansson dependency Gowrishankar Muthukrishnan
@ 2022-05-25 17:13           ` Gowrishankar Muthukrishnan
  2022-05-25 17:13           ` [v6, 03/11] examples/fips_validation: add json parsing Gowrishankar Muthukrishnan
                             ` (10 subsequent siblings)
  12 siblings, 0 replies; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-25 17:13 UTC (permalink / raw)
  To: dev
  Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
	Archana Muniganti, Jerin Jacob, Brandon Lo,
	Gowrishankar Muthukrishnan

From: Brandon Lo <blo@iol.unh.edu>

Added json-specific functions and other information needed to
test the new FIPS test vectors.

Signed-off-by: Brandon Lo <blo@iol.unh.edu>
Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
---
v5:
* fix typo in macro name for prefixes.

v2:
* fix type of prefix to suffix
---
 examples/fips_validation/fips_validation.c |  6 +--
 examples/fips_validation/fips_validation.h | 48 ++++++++++++++++++++--
 2 files changed, 47 insertions(+), 7 deletions(-)

diff --git a/examples/fips_validation/fips_validation.c b/examples/fips_validation/fips_validation.c
index 94253eaee8..38c99b291c 100644
--- a/examples/fips_validation/fips_validation.c
+++ b/examples/fips_validation/fips_validation.c
@@ -270,11 +270,11 @@ parse_file_type(const char *path)
 {
 	const char *tmp = path + strlen(path) - 3;
 
-	if (strstr(tmp, REQ_FILE_PERFIX))
+	if (strstr(tmp, REQ_FILE_PREFIX))
 		info.file_type = FIPS_TYPE_REQ;
-	else if (strstr(tmp, RSP_FILE_PERFIX))
+	else if (strstr(tmp, RSP_FILE_PREFIX))
 		info.file_type = FIPS_TYPE_RSP;
-	else if (strstr(path, FAX_FILE_PERFIX))
+	else if (strstr(path, FAX_FILE_PREFIX))
 		info.file_type = FIPS_TYPE_FAX;
 	else
 		return -EINVAL;
diff --git a/examples/fips_validation/fips_validation.h b/examples/fips_validation/fips_validation.h
index aaadf01ba8..a1c83a9a6a 100644
--- a/examples/fips_validation/fips_validation.h
+++ b/examples/fips_validation/fips_validation.h
@@ -5,6 +5,10 @@
 #ifndef _FIPS_VALIDATION_H_
 #define _FIPS_VALIDATION_H_
 
+#ifdef RTE_HAS_JANSSON
+#include <jansson.h>
+#endif /* RTE_HAS_JANSSON */
+
 #define FIPS_PARSE_ERR(fmt, args)					\
 	RTE_LOG(ERR, USER1, "FIPS parse error" ## fmt ## "\n", ## args)
 
@@ -21,9 +25,12 @@
 #define POSITIVE_TEST		0
 #define NEGATIVE_TEST		-1
 
-#define REQ_FILE_PERFIX		"req"
-#define RSP_FILE_PERFIX		"rsp"
-#define FAX_FILE_PERFIX		"fax"
+#define REQ_FILE_PREFIX		"req"
+#define RSP_FILE_PREFIX		"rsp"
+#define FAX_FILE_PREFIX		"fax"
+#define JSON_FILE_PREFIX	"json"
+
+#define ACVVERSION			"1.0"
 
 enum fips_test_algorithms {
 		FIPS_TEST_ALGO_AES = 0,
@@ -40,7 +47,8 @@ enum fips_test_algorithms {
 enum file_types {
 	FIPS_TYPE_REQ = 1,
 	FIPS_TYPE_FAX,
-	FIPS_TYPE_RSP
+	FIPS_TYPE_RSP,
+	FIPS_TYPE_JSON,
 };
 
 enum fips_test_op {
@@ -161,6 +169,23 @@ struct gcm_interim_data {
 	uint8_t gen_iv;
 };
 
+#ifdef RTE_HAS_JANSSON
+struct fips_test_json_info {
+	/* Information used for reading from json */
+	json_t *json_root;
+	json_t *json_vector_set;
+	json_t *json_test_group;
+	json_t *json_test_case;
+	/* Location of json write output */
+	json_t *json_write_root;
+	json_t *json_write_group;
+	json_t *json_write_set;
+	json_t *json_write_case;
+	/* Other info */
+	uint8_t is_sample;
+};
+#endif /* RTE_HAS_JANSSON */
+
 struct fips_test_interim_info {
 	FILE *fp_rd;
 	FILE *fp_wr;
@@ -196,6 +221,10 @@ struct fips_test_interim_info {
 extern struct fips_test_vector vec;
 extern struct fips_test_interim_info info;
 
+#ifdef RTE_HAS_JANSSON
+extern struct fips_test_json_info json_info;
+#endif /* RTE_HAS_JANSSON */
+
 int
 fips_test_init(const char *req_file_path, const char *rsp_file_path,
 		const char *device_name);
@@ -212,6 +241,17 @@ fips_test_parse_one_case(void);
 void
 fips_test_write_one_case(void);
 
+#ifdef RTE_HAS_JANSSON
+int
+fips_test_parse_one_json_vector_set(void);
+
+int
+fips_test_parse_one_json_group(void);
+
+int
+fips_test_parse_one_json_case(void);
+#endif /* RTE_HAS_JANSSON */
+
 int
 parse_test_aes_init(void);
 
-- 
2.25.1


^ permalink raw reply	[flat|nested] 122+ messages in thread

* [v6, 03/11] examples/fips_validation: add json parsing
  2022-05-25 17:13         ` [v6, 00/11] Add JSON vector set support to fips validation Gowrishankar Muthukrishnan
  2022-05-25 17:13           ` [v6, 01/11] examples/fips_validation: add jansson dependency Gowrishankar Muthukrishnan
  2022-05-25 17:13           ` [v6, 02/11] examples/fips_validation: add json info to header Gowrishankar Muthukrishnan
@ 2022-05-25 17:13           ` Gowrishankar Muthukrishnan
  2022-05-25 17:13           ` [v6, 04/11] examples/fips_validation: allow json file as input Gowrishankar Muthukrishnan
                             ` (9 subsequent siblings)
  12 siblings, 0 replies; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-25 17:13 UTC (permalink / raw)
  To: dev
  Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
	Archana Muniganti, Jerin Jacob, Brandon Lo

From: Brandon Lo <blo@iol.unh.edu>

Added functions to parse the required information from a vector set
given in the new json format.

Signed-off-by: Brandon Lo <blo@iol.unh.edu>
---
v3:
* fix checkpatch warnings

v2:
* fix for loop initialization
---
 examples/fips_validation/fips_validation.c | 92 ++++++++++++++++++++++
 1 file changed, 92 insertions(+)

diff --git a/examples/fips_validation/fips_validation.c b/examples/fips_validation/fips_validation.c
index 38c99b291c..6594a15579 100644
--- a/examples/fips_validation/fips_validation.c
+++ b/examples/fips_validation/fips_validation.c
@@ -276,6 +276,8 @@ parse_file_type(const char *path)
 		info.file_type = FIPS_TYPE_RSP;
 	else if (strstr(path, FAX_FILE_PREFIX))
 		info.file_type = FIPS_TYPE_FAX;
+	else if (strstr(path, JSON_FILE_PREFIX))
+		info.file_type = FIPS_TYPE_JSON;
 	else
 		return -EINVAL;
 
@@ -311,6 +313,21 @@ fips_test_init(const char *req_file_path, const char *rsp_file_path,
 		return -EINVAL;
 	}
 
+	if (info.file_type == FIPS_TYPE_JSON) {
+#ifdef RTE_HAS_JANSSON
+		json_error_t error;
+		json_info.json_root = json_loadf(info.fp_rd, 0, &error);
+		if (!json_info.json_root) {
+			RTE_LOG(ERR, USER1, "Cannot parse json file %s (line %d, column %d)\n",
+				req_file_path, error.line, error.column);
+			return -EINVAL;
+		}
+#else /* RTE_HAS_JANSSON */
+		RTE_LOG(ERR, USER1, "No json library configured.\n");
+		return -EINVAL;
+#endif /* RTE_HAS_JANSSON */
+	}
+
 	info.fp_wr = fopen(rsp_file_path, "w");
 	if (!info.fp_wr) {
 		RTE_LOG(ERR, USER1, "Cannot open file %s\n", rsp_file_path);
@@ -329,6 +346,9 @@ fips_test_init(const char *req_file_path, const char *rsp_file_path,
 		return -EINVAL;
 	}
 
+	if (info.file_type == FIPS_TYPE_JSON)
+		return 0;
+
 	if (fips_test_parse_header() < 0) {
 		RTE_LOG(ERR, USER1, "Failed parsing header\n");
 		return -1;
@@ -428,6 +448,78 @@ fips_test_write_one_case(void)
 		fprintf(info.fp_wr, "%s\n", info.vec[i]);
 }
 
+#ifdef RTE_HAS_JANSSON
+int
+fips_test_parse_one_json_vector_set(void)
+{
+	json_t *algo_obj = json_object_get(json_info.json_vector_set, "algorithm");
+	const char *algo_str = json_string_value(algo_obj);
+
+	/* Vector sets contain the algorithm type, and nothing else we need. */
+	if (strstr(algo_str, "AES-GCM"))
+		info.algo = FIPS_TEST_ALGO_AES_GCM;
+	else
+		return -EINVAL;
+
+	return 0;
+}
+
+int
+fips_test_parse_one_json_group(void)
+{
+	int ret, i;
+	json_int_t val;
+	json_t *param;
+
+	if (info.interim_callbacks) {
+		char json_value[256];
+		for (i = 0; info.interim_callbacks[i].key != NULL; i++) {
+			param = json_object_get(json_info.json_test_group,
+					info.interim_callbacks[i].key);
+			val = json_integer_value(param);
+			snprintf(json_value, 255, "%"JSON_INTEGER_FORMAT, val);
+			/* First argument is blank because the key
+			 * is not included in the string being parsed.
+			 */
+			ret = info.interim_callbacks[i].cb(
+				"", json_value,
+				info.interim_callbacks[i].val
+			);
+			if (ret < 0)
+				return ret;
+		}
+	}
+
+	return 0;
+}
+
+int
+fips_test_parse_one_json_case(void)
+{
+	uint32_t i;
+	int ret = 0;
+	json_t *param;
+
+	for (i = 0; info.callbacks[i].key != NULL; i++) {
+		param = json_object_get(json_info.json_test_case, info.callbacks[i].key);
+		if (param) {
+			strcpy(info.one_line_text, json_string_value(param));
+			/* First argument is blank because the key
+			 * is not included in the string being parsed.
+			 */
+			ret = info.callbacks[i].cb(
+				"", info.one_line_text,
+				info.callbacks[i].val
+			);
+			if (ret < 0)
+				return ret;
+		}
+	}
+
+	return 0;
+}
+#endif /* RTE_HAS_JANSSON */
+
 static int
 parser_read_uint64_hex(uint64_t *value, const char *p)
 {
-- 
2.25.1


^ permalink raw reply	[flat|nested] 122+ messages in thread

* [v6, 04/11] examples/fips_validation: allow json file as input
  2022-05-25 17:13         ` [v6, 00/11] Add JSON vector set support to fips validation Gowrishankar Muthukrishnan
                             ` (2 preceding siblings ...)
  2022-05-25 17:13           ` [v6, 03/11] examples/fips_validation: add json parsing Gowrishankar Muthukrishnan
@ 2022-05-25 17:13           ` Gowrishankar Muthukrishnan
  2022-05-25 17:13           ` [v6, 05/11] examples/fips_validation: add json to gcm test Gowrishankar Muthukrishnan
                             ` (8 subsequent siblings)
  12 siblings, 0 replies; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-25 17:13 UTC (permalink / raw)
  To: dev
  Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
	Archana Muniganti, Jerin Jacob, Brandon Lo,
	Gowrishankar Muthukrishnan

From: Brandon Lo <blo@iol.unh.edu>

Added the ability to use the json format as the input
and output of the example application.

Signed-off-by: Brandon Lo <blo@iol.unh.edu>
Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
--
v5:
* fix to check info.file_type in json file type as well.

v3:
* fix checkpatch warnings

v2:
* remove use_json variable
---
 examples/fips_validation/main.c | 197 +++++++++++++++++++++++++++++++-
 1 file changed, 194 insertions(+), 3 deletions(-)

diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c
index e06ae37567..3d841e5bfd 100644
--- a/examples/fips_validation/main.c
+++ b/examples/fips_validation/main.c
@@ -34,11 +34,17 @@ enum {
 	OPT_CRYPTODEV_BK_ID_NUM,
 #define OPT_CRYPTODEV_BK_DIR_KEY    "broken-test-dir"
 	OPT_CRYPTODEV_BK_DIR_KEY_NUM,
+#define OPT_USE_JSON                "use-json"
+	OPT_USE_JSON_NUM,
 };
 
 struct fips_test_vector vec;
 struct fips_test_interim_info info;
 
+#ifdef RTE_HAS_JANSSON
+struct fips_test_json_info json_info;
+#endif /* RTE_HAS_JANSSON */
+
 struct cryptodev_fips_validate_env {
 	const char *req_path;
 	const char *rsp_path;
@@ -166,6 +172,11 @@ cryptodev_fips_validate_app_uninit(void)
 static int
 fips_test_one_file(void);
 
+#ifdef RTE_HAS_JANSSON
+static int
+fips_test_one_json_file(void);
+#endif /* RTE_HAS_JANSSON */
+
 static int
 parse_cryptodev_arg(char *arg)
 {
@@ -425,8 +436,17 @@ main(int argc, char *argv[])
 			goto exit;
 		}
 
-
+#ifdef RTE_HAS_JANSSON
+		if (info.file_type == FIPS_TYPE_JSON) {
+			ret = fips_test_one_json_file();
+			json_decref(json_info.json_root);
+		}  else {
+			ret = fips_test_one_file();
+		}
+#else /* RTE_HAS_JANSSON */
 		ret = fips_test_one_file();
+#endif /* RTE_HAS_JANSSON */
+
 		if (ret < 0) {
 			RTE_LOG(ERR, USER1, "Error %i: Failed test %s\n",
 					ret, env.req_path);
@@ -481,7 +501,17 @@ main(int argc, char *argv[])
 				break;
 			}
 
+#ifdef RTE_HAS_JANSSON
+			if (info.file_type == FIPS_TYPE_JSON) {
+				ret = fips_test_one_json_file();
+				json_decref(json_info.json_root);
+			} else {
+				ret = fips_test_one_file();
+			}
+#else /* RTE_HAS_JANSSON */
 			ret = fips_test_one_file();
+#endif /* RTE_HAS_JANSSON */
+
 			if (ret < 0) {
 				RTE_LOG(ERR, USER1, "Error %i: Failed test %s\n",
 						ret, req_path);
@@ -1219,7 +1249,8 @@ fips_generic_test(void)
 	struct fips_val val = {NULL, 0};
 	int ret;
 
-	fips_test_write_one_case();
+	if (info.file_type != FIPS_TYPE_JSON)
+		fips_test_write_one_case();
 
 	ret = fips_run_test();
 	if (ret < 0) {
@@ -1238,6 +1269,7 @@ fips_generic_test(void)
 	switch (info.file_type) {
 	case FIPS_TYPE_REQ:
 	case FIPS_TYPE_RSP:
+	case FIPS_TYPE_JSON:
 		if (info.parse_writeback == NULL)
 			return -EPERM;
 		ret = info.parse_writeback(&val);
@@ -1253,7 +1285,8 @@ fips_generic_test(void)
 		break;
 	}
 
-	fprintf(info.fp_wr, "\n");
+	if (info.file_type != FIPS_TYPE_JSON)
+		fprintf(info.fp_wr, "\n");
 	free(val.val);
 
 	return 0;
@@ -1844,3 +1877,161 @@ fips_test_one_file(void)
 
 	return ret;
 }
+
+#ifdef RTE_HAS_JANSSON
+static int
+fips_test_json_init_writeback(void)
+{
+	json_t *session_info, *session_write;
+	session_info = json_array_get(json_info.json_root, 0);
+	session_write = json_object();
+	json_info.json_write_root = json_array();
+
+	json_object_set(session_write, "jwt",
+		json_object_get(session_info, "jwt"));
+	json_object_set(session_write, "url",
+		json_object_get(session_info, "url"));
+	json_object_set(session_write, "isSample",
+		json_object_get(session_info, "isSample"));
+
+	json_info.is_sample = json_boolean_value(
+		json_object_get(session_info, "isSample"));
+
+	json_array_append_new(json_info.json_write_root, session_write);
+	return 0;
+}
+
+static int
+fips_test_one_test_case(void)
+{
+	int ret;
+
+	ret = fips_test_parse_one_json_case();
+
+	switch (ret) {
+	case 0:
+		ret = test_ops.test();
+		if (ret == 0)
+			break;
+		RTE_LOG(ERR, USER1, "Error %i: test block\n",
+				ret);
+		break;
+	case 1:
+		break;
+	default:
+		RTE_LOG(ERR, USER1, "Error %i: Parse block\n",
+				ret);
+	}
+	return 0;
+}
+
+static int
+fips_test_one_test_group(void)
+{
+	int ret;
+	json_t *tests, *write_tests;
+	size_t test_idx, tests_size;
+
+	write_tests = json_array();
+	json_info.json_write_group = json_object();
+	json_object_set(json_info.json_write_group, "tgId",
+		json_object_get(json_info.json_test_group, "tgId"));
+	json_object_set_new(json_info.json_write_group, "tests", write_tests);
+
+	switch (info.algo) {
+	case FIPS_TEST_ALGO_AES_GCM:
+		ret = parse_test_gcm_init();
+		break;
+	default:
+		return -EINVAL;
+	}
+	if (ret < 0)
+		return ret;
+
+	ret = fips_test_parse_one_json_group();
+	if (ret < 0)
+		return ret;
+
+	ret = init_test_ops();
+	if (ret < 0)
+		return ret;
+
+	tests = json_object_get(json_info.json_test_group, "tests");
+	tests_size = json_array_size(tests);
+	for (test_idx = 0; test_idx < tests_size; test_idx++) {
+		json_info.json_test_case = json_array_get(tests, test_idx);
+		fips_test_one_test_case();
+		json_array_append_new(write_tests, json_info.json_write_case);
+	}
+
+	return 0;
+}
+
+static int
+fips_test_one_vector_set(void)
+{
+	int ret;
+	json_t *test_groups, *write_groups, *write_version, *write_set;
+	size_t group_idx, num_groups;
+
+	test_groups = json_object_get(json_info.json_vector_set, "testGroups");
+	num_groups = json_array_size(test_groups);
+
+	json_info.json_write_set = json_array();
+	write_version = json_object();
+	json_object_set_new(write_version, "acvVersion", json_string(ACVVERSION));
+	json_array_append_new(json_info.json_write_set, write_version);
+
+	write_set = json_object();
+	json_array_append_new(json_info.json_write_set, write_set);
+	write_groups = json_array();
+
+	json_object_set(write_set, "vsId",
+		json_object_get(json_info.json_vector_set, "vsId"));
+	json_object_set(write_set, "algorithm",
+		json_object_get(json_info.json_vector_set, "algorithm"));
+	json_object_set(write_set, "revision",
+		json_object_get(json_info.json_vector_set, "revision"));
+	json_object_set_new(write_set, "isSample",
+		json_boolean(json_info.is_sample));
+	json_object_set_new(write_set, "testGroups", write_groups);
+
+	ret = fips_test_parse_one_json_vector_set();
+	if (ret < 0) {
+		RTE_LOG(ERR, USER1, "Error: Unsupported or invalid vector set algorithm: %s\n",
+			json_string_value(json_object_get(json_info.json_vector_set, "algorithm")));
+		return ret;
+	}
+
+	for (group_idx = 0; group_idx < num_groups; group_idx++) {
+		json_info.json_test_group = json_array_get(test_groups, group_idx);
+		ret = fips_test_one_test_group();
+		json_array_append_new(write_groups, json_info.json_write_group);
+	}
+
+	return 0;
+}
+
+static int
+fips_test_one_json_file(void)
+{
+	size_t vector_set_idx, root_size;
+
+	root_size = json_array_size(json_info.json_root);
+	fips_test_json_init_writeback();
+
+	for (vector_set_idx = 1; vector_set_idx < root_size; vector_set_idx++) {
+		/* Vector set index starts at 1, the 0th index contains test session
+		 * information.
+		 */
+		json_info.json_vector_set = json_array_get(json_info.json_root, vector_set_idx);
+		fips_test_one_vector_set();
+		json_array_append_new(json_info.json_write_root, json_info.json_write_set);
+	}
+
+	json_dumpf(json_info.json_write_root, info.fp_wr, JSON_INDENT(4));
+	json_decref(json_info.json_write_root);
+
+	return 0;
+}
+#endif /* RTE_HAS_JANSSON */
-- 
2.25.1


^ permalink raw reply	[flat|nested] 122+ messages in thread

* [v6, 05/11] examples/fips_validation: add json to gcm test
  2022-05-25 17:13         ` [v6, 00/11] Add JSON vector set support to fips validation Gowrishankar Muthukrishnan
                             ` (3 preceding siblings ...)
  2022-05-25 17:13           ` [v6, 04/11] examples/fips_validation: allow json file as input Gowrishankar Muthukrishnan
@ 2022-05-25 17:13           ` Gowrishankar Muthukrishnan
  2022-05-25 17:13           ` [v6, 06/11] examples/fips_validation: add json to hmac Gowrishankar Muthukrishnan
                             ` (7 subsequent siblings)
  12 siblings, 0 replies; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-25 17:13 UTC (permalink / raw)
  To: dev
  Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
	Archana Muniganti, Jerin Jacob, Brandon Lo

From: Brandon Lo <blo@iol.unh.edu>

Adds json-specific testing and writeback function. Allows
the user to test AES-GCM vector sets.

Signed-off-by: Brandon Lo <blo@iol.unh.edu>
---
v3:
* fix checkpatch warnings
---
 examples/fips_validation/fips_validation.h    |   3 +
 .../fips_validation/fips_validation_gcm.c     | 151 +++++++++++++++++-
 examples/fips_validation/main.c               |   3 +-
 3 files changed, 155 insertions(+), 2 deletions(-)

diff --git a/examples/fips_validation/fips_validation.h b/examples/fips_validation/fips_validation.h
index a1c83a9a6a..8b9d528c53 100644
--- a/examples/fips_validation/fips_validation.h
+++ b/examples/fips_validation/fips_validation.h
@@ -250,6 +250,9 @@ fips_test_parse_one_json_group(void);
 
 int
 fips_test_parse_one_json_case(void);
+
+int
+parse_test_gcm_json_init(void);
 #endif /* RTE_HAS_JANSSON */
 
 int
diff --git a/examples/fips_validation/fips_validation_gcm.c b/examples/fips_validation/fips_validation_gcm.c
index 250d09bf90..3604b21f13 100644
--- a/examples/fips_validation/fips_validation_gcm.c
+++ b/examples/fips_validation/fips_validation_gcm.c
@@ -6,6 +6,10 @@
 #include <time.h>
 #include <stdio.h>
 
+#ifdef RTE_HAS_JANSSON
+#include <jansson.h>
+#endif /* RTE_HAS_JANSSON */
+
 #include <rte_cryptodev.h>
 #include <rte_malloc.h>
 
@@ -37,6 +41,27 @@
 #define OP_ENC_EXT_STR	"ExtIV"
 #define OP_ENC_INT_STR	"IntIV"
 
+#define KEYLEN_JSON_STR		"keyLen"
+#define IVLEN_JSON_STR		"ivLen"
+#define PAYLOADLEN_JSON_STR	"payloadLen"
+#define AADLEN_JSON_STR		"aadLen"
+#define TAGLEN_JSON_STR		"tagLen"
+
+#define KEY_JSON_STR	"key"
+#define IV_JSON_STR		"iv"
+#define PT_JSON_STR		"pt"
+#define CT_JSON_STR		"ct"
+#define AAD_JSON_STR	"aad"
+#define TAG_JSON_STR	"tag"
+#define DIR_JSON_STR	"direction"
+
+#define OP_ENC_JSON_STR	"encrypt"
+#define OP_DEC_JSON_STR	"decrypt"
+
+#define IVGEN_JSON_STR	"ivGen"
+#define OP_ENC_EXT_JSON_STR	"external"
+#define OP_ENC_INT_JSON_STR	"internal"
+
 #define NEG_TEST_STR	"FAIL"
 
 /**
@@ -136,6 +161,40 @@ struct fips_test_callback gcm_enc_vectors[] = {
 		{NULL, NULL, NULL} /**< end pointer */
 };
 
+#ifdef RTE_HAS_JANSSON
+struct fips_test_callback gcm_dec_json_vectors[] = {
+		{KEY_JSON_STR, parse_uint8_known_len_hex_str, &vec.aead.key},
+		{IV_JSON_STR, parse_uint8_known_len_hex_str, &vec.iv},
+		{CT_JSON_STR, parse_gcm_pt_ct_str, &vec.ct},
+		{AAD_JSON_STR, parse_gcm_aad_str, &vec.aead.aad},
+		{TAG_JSON_STR, parse_uint8_known_len_hex_str,
+				&vec.aead.digest},
+		{NULL, NULL, NULL} /**< end pointer */
+};
+
+struct fips_test_callback gcm_interim_json_vectors[] = {
+		{KEYLEN_JSON_STR, parser_read_uint32_bit_val, &vec.aead.key},
+		{IVLEN_JSON_STR, parser_read_uint32_bit_val, &vec.iv},
+		{PAYLOADLEN_JSON_STR, parser_read_gcm_pt_len, &vec.pt},
+		{PAYLOADLEN_JSON_STR, parser_read_uint32_bit_val, &vec.ct},
+		/**< The NIST json test vectors use 'payloadLen' to denote input text
+		 *  length in case of decrypt & encrypt operations.
+		 */
+		{AADLEN_JSON_STR, parser_read_uint32_bit_val, &vec.aead.aad},
+		{TAGLEN_JSON_STR, parser_read_uint32_bit_val,
+				&vec.aead.digest},
+		{NULL, NULL, NULL} /**< end pointer */
+};
+
+struct fips_test_callback gcm_enc_json_vectors[] = {
+		{KEY_JSON_STR, parse_uint8_known_len_hex_str, &vec.aead.key},
+		{IV_JSON_STR, parse_uint8_known_len_hex_str, &vec.iv},
+		{PT_JSON_STR, parse_gcm_pt_ct_str, &vec.pt},
+		{AAD_JSON_STR, parse_gcm_aad_str, &vec.aead.aad},
+		{NULL, NULL, NULL} /**< end pointer */
+};
+#endif /* RTE_HAS_JANSSON */
+
 static int
 parse_test_gcm_writeback(struct fips_val *val)
 {
@@ -194,7 +253,6 @@ parse_test_gcm_init(void)
 	char *tmp;
 	uint32_t i;
 
-
 	for (i = 0; i < info.nb_vec_lines; i++) {
 		char *line = info.vec[i];
 
@@ -218,3 +276,94 @@ parse_test_gcm_init(void)
 
 	return 0;
 }
+
+#ifdef RTE_HAS_JANSSON
+static int
+parse_test_gcm_json_writeback(struct fips_val *val)
+{
+	struct fips_val tmp_val;
+	json_t *tcId, *tag;
+
+	tcId = json_object_get(json_info.json_test_case, "tcId");
+
+	json_info.json_write_case = json_object();
+	json_object_set(json_info.json_write_case, "tcId", tcId);
+
+	if (info.op == FIPS_TEST_ENC_AUTH_GEN) {
+		json_t *ct;
+
+		tmp_val.val = val->val;
+		tmp_val.len = vec.pt.len;
+
+		writeback_hex_str("", info.one_line_text, &tmp_val);
+		ct = json_string(info.one_line_text);
+		json_object_set_new(json_info.json_write_case, CT_JSON_STR, ct);
+
+		if (info.interim_info.gcm_data.gen_iv) {
+			json_t *iv;
+			tmp_val.val = vec.iv.val;
+			tmp_val.len = vec.iv.len;
+
+			writeback_hex_str("", info.one_line_text, &tmp_val);
+			iv = json_string(info.one_line_text);
+			json_object_set_new(json_info.json_write_case, IV_JSON_STR, iv);
+
+			rte_free(vec.iv.val);
+			vec.iv.val = NULL;
+		}
+
+		tmp_val.val = val->val + vec.pt.len;
+		tmp_val.len = val->len - vec.pt.len;
+
+		writeback_hex_str("", info.one_line_text, &tmp_val);
+		tag = json_string(info.one_line_text);
+		json_object_set_new(json_info.json_write_case, TAG_JSON_STR, tag);
+	} else {
+		if (vec.status == RTE_CRYPTO_OP_STATUS_SUCCESS) {
+			if (!info.interim_info.gcm_data.is_gmac) {
+				tmp_val.val = val->val;
+				tmp_val.len = vec.pt.len;
+
+				writeback_hex_str("", info.one_line_text, &tmp_val);
+				json_object_set_new(json_info.json_write_case, PT_JSON_STR,
+					json_string(info.one_line_text));
+			}
+		} else {
+			json_object_set_new(json_info.json_write_case, "testPassed", json_false());
+		}
+	}
+
+	return 0;
+}
+
+int
+parse_test_gcm_json_init(void)
+{
+	json_t *direction_obj;
+	const char *direction_str;
+
+	direction_obj = json_object_get(json_info.json_test_group, DIR_JSON_STR);
+	direction_str = json_string_value(direction_obj);
+
+	if (strcmp(direction_str, OP_ENC_JSON_STR) == 0) {
+		json_t *ivGen_obj = json_object_get(json_info.json_test_group, IVGEN_JSON_STR);
+		const char *ivGen_str = json_string_value(ivGen_obj);
+
+		info.op = FIPS_TEST_ENC_AUTH_GEN;
+		info.callbacks = gcm_enc_json_vectors;
+
+		if (strcmp(ivGen_str, OP_ENC_INT_JSON_STR) == 0)
+			info.interim_info.gcm_data.gen_iv = 1;
+	} else if (strcmp(direction_str, OP_DEC_JSON_STR) == 0) {
+		info.op = FIPS_TEST_DEC_AUTH_VERIF;
+		info.callbacks = gcm_dec_json_vectors;
+	} else {
+		return -EINVAL;
+	}
+	info.interim_callbacks = gcm_interim_json_vectors;
+	info.parse_writeback = parse_test_gcm_json_writeback;
+
+	return 0;
+}
+#endif /* RTE_HAS_JANSSON */
+
diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c
index 3d841e5bfd..6a1b323cc8 100644
--- a/examples/fips_validation/main.c
+++ b/examples/fips_validation/main.c
@@ -1940,11 +1940,12 @@ fips_test_one_test_group(void)
 
 	switch (info.algo) {
 	case FIPS_TEST_ALGO_AES_GCM:
-		ret = parse_test_gcm_init();
+		ret = parse_test_gcm_json_init();
 		break;
 	default:
 		return -EINVAL;
 	}
+
 	if (ret < 0)
 		return ret;
 
-- 
2.25.1


^ permalink raw reply	[flat|nested] 122+ messages in thread

* [v6, 06/11] examples/fips_validation: add json to hmac
  2022-05-25 17:13         ` [v6, 00/11] Add JSON vector set support to fips validation Gowrishankar Muthukrishnan
                             ` (4 preceding siblings ...)
  2022-05-25 17:13           ` [v6, 05/11] examples/fips_validation: add json to gcm test Gowrishankar Muthukrishnan
@ 2022-05-25 17:13           ` Gowrishankar Muthukrishnan
  2022-05-25 17:13           ` [v6, 07/11] examples/fips_validation: implement json cmac test Gowrishankar Muthukrishnan
                             ` (6 subsequent siblings)
  12 siblings, 0 replies; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-25 17:13 UTC (permalink / raw)
  To: dev
  Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
	Archana Muniganti, Jerin Jacob, Brandon Lo

From: Brandon Lo <blo@iol.unh.edu>

Adds JSON support for the HMAC algorithm.

Signed-off-by: Brandon Lo <blo@iol.unh.edu>
---
 examples/fips_validation/fips_validation.c    |  2 +
 examples/fips_validation/fips_validation.h    |  6 ++
 .../fips_validation/fips_validation_hmac.c    | 93 +++++++++++++++++++
 examples/fips_validation/main.c               |  3 +
 4 files changed, 104 insertions(+)

diff --git a/examples/fips_validation/fips_validation.c b/examples/fips_validation/fips_validation.c
index 6594a15579..e8520f59cf 100644
--- a/examples/fips_validation/fips_validation.c
+++ b/examples/fips_validation/fips_validation.c
@@ -458,6 +458,8 @@ fips_test_parse_one_json_vector_set(void)
 	/* Vector sets contain the algorithm type, and nothing else we need. */
 	if (strstr(algo_str, "AES-GCM"))
 		info.algo = FIPS_TEST_ALGO_AES_GCM;
+	if (strstr(algo_str, "HMAC"))
+		info.algo = FIPS_TEST_ALGO_HMAC;
 	else
 		return -EINVAL;
 
diff --git a/examples/fips_validation/fips_validation.h b/examples/fips_validation/fips_validation.h
index 8b9d528c53..3b3ffb7fa6 100644
--- a/examples/fips_validation/fips_validation.h
+++ b/examples/fips_validation/fips_validation.h
@@ -253,6 +253,12 @@ fips_test_parse_one_json_case(void);
 
 int
 parse_test_gcm_json_init(void);
+
+int
+parse_test_hmac_json_init(void);
+
+int
+parse_test_hmac_json_algorithm(void);
 #endif /* RTE_HAS_JANSSON */
 
 int
diff --git a/examples/fips_validation/fips_validation_hmac.c b/examples/fips_validation/fips_validation_hmac.c
index 1285c9d283..4cd1b1ac07 100644
--- a/examples/fips_validation/fips_validation_hmac.c
+++ b/examples/fips_validation/fips_validation_hmac.c
@@ -19,6 +19,15 @@
 #define PT_STR		"Msg = "
 #define TAG_STR		"Mac = "
 
+#define ALGO_JSON_STR	"algorithm"
+
+#define KEYLEN_JSON_STR	"keyLen"
+#define TAGLEN_JSON_STR	"macLen"
+
+#define KEY_JSON_STR	"key"
+#define PT_JSON_STR		"msg"
+#define TAG_JSON_STR	"mac"
+
 struct hash_size_conversion {
 	const char *str;
 	enum rte_crypto_auth_algorithm algo;
@@ -65,6 +74,29 @@ struct fips_test_callback hmac_tests_interim_vectors[] = {
 		{NULL, NULL, NULL} /**< end pointer */
 };
 
+#ifdef RTE_HAS_JANSSON
+struct hash_size_conversion json_algorithms[] = {
+		{"HMAC-SHA-1", RTE_CRYPTO_AUTH_SHA1_HMAC},
+		{"HMAC-SHA2-224", RTE_CRYPTO_AUTH_SHA224_HMAC},
+		{"HMAC-SHA2-256", RTE_CRYPTO_AUTH_SHA256_HMAC},
+		{"HMAC-SHA2-384", RTE_CRYPTO_AUTH_SHA384_HMAC},
+		{"HMAC-SHA2-512", RTE_CRYPTO_AUTH_SHA512_HMAC},
+};
+
+struct fips_test_callback hmac_tests_json_vectors[] = {
+		{KEY_JSON_STR, parse_uint8_hex_str, &vec.cipher_auth.key},
+		{PT_JSON_STR, parse_uint8_hex_str, &vec.pt},
+		{TAG_JSON_STR, parse_uint8_hex_str, &vec.cipher_auth.digest},
+		{NULL, NULL, NULL} /**< end pointer */
+};
+
+struct fips_test_callback hmac_tests_interim_json_vectors[] = {
+		{KEYLEN_JSON_STR, parser_read_uint32_val, &vec.cipher_auth.key},
+		{TAGLEN_JSON_STR, parser_read_uint32_bit_val, &vec.cipher_auth.digest},
+		{NULL, NULL, NULL} /**< end pointer */
+};
+#endif /* RTE_HAS_JANSSON */
+
 static int
 parse_test_hmac_writeback(struct fips_val *val)
 {
@@ -103,3 +135,64 @@ parse_test_hmac_init(void)
 
 	return 0;
 }
+
+#ifdef RTE_HAS_JANSSON
+static int
+parse_test_hmac_json_writeback(struct fips_val *val)
+{
+	struct fips_val val_local;
+	json_t *tcId, *mac;
+
+	tcId = json_object_get(json_info.json_test_case, "tcId");
+
+	json_info.json_write_case = json_object();
+	json_object_set(json_info.json_write_case, "tcId", tcId);
+
+
+	val_local.val = val->val + vec.pt.len;
+	val_local.len = vec.cipher_auth.digest.len;
+
+	writeback_hex_str("", info.one_line_text, &val_local);
+
+	mac = json_string(info.one_line_text);
+	json_object_set_new(json_info.json_write_case, TAG_JSON_STR, mac);
+
+	return 0;
+}
+
+int
+parse_test_hmac_json_algorithm(void)
+{
+	json_t *algorithm_object;
+	const char *algorithm_str;
+	uint32_t i;
+
+	algorithm_object = json_object_get(json_info.json_vector_set, "algorithm");
+	algorithm_str = json_string_value(algorithm_object);
+
+	for (i = 0; i < RTE_DIM(json_algorithms); i++) {
+		if (strstr(algorithm_str, json_algorithms[i].str)) {
+			info.interim_info.hmac_data.algo = json_algorithms[i].algo;
+			return 0;
+		}
+	}
+
+	return -1;
+}
+
+int
+parse_test_hmac_json_init(void)
+{
+	info.op = FIPS_TEST_ENC_AUTH_GEN;
+	info.parse_writeback = parse_test_hmac_json_writeback;
+	info.callbacks = hmac_tests_json_vectors;
+	info.writeback_callbacks = NULL;
+	info.kat_check = rsp_test_hmac_check;
+	info.interim_callbacks = hmac_tests_interim_json_vectors;
+
+	if (parse_test_hmac_json_algorithm() < 0)
+		return -1;
+
+	return 0;
+}
+#endif /* RTE_HAS_JANSSON */
diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c
index 6a1b323cc8..261e2c4c99 100644
--- a/examples/fips_validation/main.c
+++ b/examples/fips_validation/main.c
@@ -1942,6 +1942,9 @@ fips_test_one_test_group(void)
 	case FIPS_TEST_ALGO_AES_GCM:
 		ret = parse_test_gcm_json_init();
 		break;
+	case FIPS_TEST_ALGO_HMAC:
+		ret = parse_test_hmac_json_init();
+		break;
 	default:
 		return -EINVAL;
 	}
-- 
2.25.1


^ permalink raw reply	[flat|nested] 122+ messages in thread

* [v6, 07/11] examples/fips_validation: implement json cmac test
  2022-05-25 17:13         ` [v6, 00/11] Add JSON vector set support to fips validation Gowrishankar Muthukrishnan
                             ` (5 preceding siblings ...)
  2022-05-25 17:13           ` [v6, 06/11] examples/fips_validation: add json to hmac Gowrishankar Muthukrishnan
@ 2022-05-25 17:13           ` Gowrishankar Muthukrishnan
  2022-05-25 17:13           ` [v6, 08/11] examples/fips_validation: add parsing for cmac Gowrishankar Muthukrishnan
                             ` (5 subsequent siblings)
  12 siblings, 0 replies; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-25 17:13 UTC (permalink / raw)
  To: dev
  Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
	Archana Muniganti, Jerin Jacob, Brandon Lo

From: Brandon Lo <blo@iol.unh.edu>

Implemented JSON support for the CMAC test.

Signed-off-by: Brandon Lo <blo@iol.unh.edu>
--
v5:
* parser_read_cmac_direction_str is static.
---
 examples/fips_validation/fips_validation.h    |  3 +
 .../fips_validation/fips_validation_cmac.c    | 80 +++++++++++++++++++
 2 files changed, 83 insertions(+)

diff --git a/examples/fips_validation/fips_validation.h b/examples/fips_validation/fips_validation.h
index 3b3ffb7fa6..88cbb0303e 100644
--- a/examples/fips_validation/fips_validation.h
+++ b/examples/fips_validation/fips_validation.h
@@ -259,6 +259,9 @@ parse_test_hmac_json_init(void);
 
 int
 parse_test_hmac_json_algorithm(void);
+
+int
+parse_test_cmac_json_init(void);
 #endif /* RTE_HAS_JANSSON */
 
 int
diff --git a/examples/fips_validation/fips_validation_cmac.c b/examples/fips_validation/fips_validation_cmac.c
index 54c951ef83..094e3922a4 100644
--- a/examples/fips_validation/fips_validation_cmac.c
+++ b/examples/fips_validation/fips_validation_cmac.c
@@ -32,6 +32,18 @@
 #define PASS_STR	"P"
 #define FAIL_STR	"F"
 
+#define KLEN_JSON_STR		"keyLen"
+#define PTLEN_JSON_STR		"msgLen"
+#define TAGLEN_JSON_STR		"macLen"
+#define KEY_JSON_STR		"key"
+#define PT_JSON_STR			"message"
+#define TAG_JSON_STR		"mac"
+#define DIRECTION_JSON_STR	"direction"
+#define POS_NEG_JSON_STR	"testPassed"
+
+#define GEN_JSON_STR	"gen"
+#define VERIF_JSON_STR	"ver"
+
 struct hash_algo_conversion {
 	const char *str;
 	enum fips_test_algorithms algo;
@@ -39,6 +51,74 @@ struct hash_algo_conversion {
 		{"AES", FIPS_TEST_ALGO_AES_CMAC},
 };
 
+#ifdef RTE_HAS_JANSSON
+static int
+parser_read_cmac_direction_str(__rte_unused const char *key, char *src,
+		__rte_unused struct fips_val *val)
+{
+	if (strcmp(src, "gen") == 0)
+		info.op = FIPS_TEST_ENC_AUTH_GEN;
+	else if (strcmp(src, "ver") == 0)
+		info.op = FIPS_TEST_DEC_AUTH_VERIF;
+
+	return 0;
+}
+
+struct fips_test_callback cmac_tests_interim_json_vectors[] = {
+		{KLEN_JSON_STR, parser_read_uint32_bit_val, &vec.cipher_auth.key},
+		{PTLEN_JSON_STR, parser_read_uint32_bit_val, &vec.pt},
+		{TAGLEN_JSON_STR, parser_read_uint32_bit_val, &vec.cipher_auth.digest},
+		{DIRECTION_JSON_STR, parser_read_cmac_direction_str, NULL},
+		{NULL, NULL, NULL} /**< end pointer */
+};
+
+struct fips_test_callback cmac_tests_json_vectors[] = {
+		{KEY_JSON_STR, parse_uint8_hex_str, &vec.cipher_auth.key},
+		{PT_JSON_STR, parse_uint8_known_len_hex_str, &vec.pt},
+		{TAG_JSON_STR, parse_uint8_known_len_hex_str,
+				&vec.cipher_auth.digest},
+		{NULL, NULL, NULL} /**< end pointer */
+};
+
+static int
+parse_test_cmac_json_writeback(struct fips_val *val)
+{
+	json_info.json_write_case = json_object();
+	json_object_set(json_info.json_write_case, "tcId",
+		json_object_get(json_info.json_test_case, "tcId"));
+
+	if (info.op == FIPS_TEST_ENC_AUTH_GEN) {
+		struct fips_val tmp_val = {val->val + vec.pt.len,
+				vec.cipher_auth.digest.len};
+
+		writeback_hex_str("", info.one_line_text, &tmp_val);
+		json_object_set_new(json_info.json_write_case, TAG_JSON_STR,
+			json_string(info.one_line_text));
+	} else {
+		if (vec.status == RTE_CRYPTO_OP_STATUS_SUCCESS)
+			json_object_set_new(json_info.json_write_case, POS_NEG_JSON_STR,
+				json_boolean(true));
+		else if (vec.status == RTE_CRYPTO_OP_STATUS_AUTH_FAILED)
+			json_object_set_new(json_info.json_write_case, POS_NEG_JSON_STR,
+				json_boolean(false));
+	}
+
+	return 0;
+}
+
+int
+parse_test_cmac_json_init(void)
+{
+	info.algo = FIPS_TEST_ALGO_AES_CMAC;
+
+	info.parse_writeback = parse_test_cmac_json_writeback;
+	info.callbacks = cmac_tests_json_vectors;
+	info.interim_callbacks = cmac_tests_interim_json_vectors;
+
+	return 0;
+}
+#endif /* RTE_HAS_JANSSON */
+
 static int
 parse_test_cmac_writeback(struct fips_val *val)
 {
-- 
2.25.1


^ permalink raw reply	[flat|nested] 122+ messages in thread

* [v6, 08/11] examples/fips_validation: add parsing for cmac
  2022-05-25 17:13         ` [v6, 00/11] Add JSON vector set support to fips validation Gowrishankar Muthukrishnan
                             ` (6 preceding siblings ...)
  2022-05-25 17:13           ` [v6, 07/11] examples/fips_validation: implement json cmac test Gowrishankar Muthukrishnan
@ 2022-05-25 17:13           ` Gowrishankar Muthukrishnan
  2022-05-25 17:13           ` [v6, 09/11] examples/fips_validation: cleanup bypass tests in response file Gowrishankar Muthukrishnan
                             ` (4 subsequent siblings)
  12 siblings, 0 replies; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-25 17:13 UTC (permalink / raw)
  To: dev
  Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
	Archana Muniganti, Jerin Jacob, Brandon Lo,
	Gowrishankar Muthukrishnan

From: Brandon Lo <blo@iol.unh.edu>

Added function to parse algorithm for CMAC test.

Signed-off-by: Brandon Lo <blo@iol.unh.edu>
Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
--
v5:
* parser_read_cmac_direction_str implementation moved to static.
---
 examples/fips_validation/fips_validation.c | 19 ++++++++++++++++---
 examples/fips_validation/main.c            |  3 +++
 2 files changed, 19 insertions(+), 3 deletions(-)

diff --git a/examples/fips_validation/fips_validation.c b/examples/fips_validation/fips_validation.c
index e8520f59cf..ab4c0d0eca 100644
--- a/examples/fips_validation/fips_validation.c
+++ b/examples/fips_validation/fips_validation.c
@@ -460,6 +460,8 @@ fips_test_parse_one_json_vector_set(void)
 		info.algo = FIPS_TEST_ALGO_AES_GCM;
 	if (strstr(algo_str, "HMAC"))
 		info.algo = FIPS_TEST_ALGO_HMAC;
+	if (strstr(algo_str, "CMAC"))
+		info.algo = FIPS_TEST_ALGO_AES_CMAC;
 	else
 		return -EINVAL;
 
@@ -470,7 +472,6 @@ int
 fips_test_parse_one_json_group(void)
 {
 	int ret, i;
-	json_int_t val;
 	json_t *param;
 
 	if (info.interim_callbacks) {
@@ -478,8 +479,20 @@ fips_test_parse_one_json_group(void)
 		for (i = 0; info.interim_callbacks[i].key != NULL; i++) {
 			param = json_object_get(json_info.json_test_group,
 					info.interim_callbacks[i].key);
-			val = json_integer_value(param);
-			snprintf(json_value, 255, "%"JSON_INTEGER_FORMAT, val);
+			switch (json_typeof(param)) {
+			case JSON_STRING:
+				snprintf(json_value, 256, "%s", json_string_value(param));
+				break;
+
+			case JSON_INTEGER:
+				snprintf(json_value, 255, "%"JSON_INTEGER_FORMAT,
+						json_integer_value(param));
+				break;
+
+			default:
+				return -EINVAL;
+			}
+
 			/* First argument is blank because the key
 			 * is not included in the string being parsed.
 			 */
diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c
index 261e2c4c99..9df6abf47f 100644
--- a/examples/fips_validation/main.c
+++ b/examples/fips_validation/main.c
@@ -1945,6 +1945,9 @@ fips_test_one_test_group(void)
 	case FIPS_TEST_ALGO_HMAC:
 		ret = parse_test_hmac_json_init();
 		break;
+	case FIPS_TEST_ALGO_AES_CMAC:
+		ret = parse_test_cmac_json_init();
+		break;
 	default:
 		return -EINVAL;
 	}
-- 
2.25.1


^ permalink raw reply	[flat|nested] 122+ messages in thread

* [v6, 09/11] examples/fips_validation: cleanup bypass tests in response file
  2022-05-25 17:13         ` [v6, 00/11] Add JSON vector set support to fips validation Gowrishankar Muthukrishnan
                             ` (7 preceding siblings ...)
  2022-05-25 17:13           ` [v6, 08/11] examples/fips_validation: add parsing for cmac Gowrishankar Muthukrishnan
@ 2022-05-25 17:13           ` Gowrishankar Muthukrishnan
  2022-05-25 17:13           ` [v6, 10/11] examples/fips_validation: reset IV generation in every test group Gowrishankar Muthukrishnan
                             ` (3 subsequent siblings)
  12 siblings, 0 replies; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-25 17:13 UTC (permalink / raw)
  To: dev
  Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
	Archana Muniganti, Jerin Jacob, Gowrishankar Muthukrishnan

Remove garbage entries for bypassed tests in response file.

Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
---
 examples/fips_validation/main.c | 74 ++++++++++++++++-----------------
 1 file changed, 35 insertions(+), 39 deletions(-)

diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c
index 9df6abf47f..e703a111da 100644
--- a/examples/fips_validation/main.c
+++ b/examples/fips_validation/main.c
@@ -804,7 +804,7 @@ prepare_aes_xform(struct rte_crypto_sym_xform *xform)
 		RTE_LOG(ERR, USER1, "PMD %s key length %u IV length %u\n",
 				info.device_name, cipher_xform->key.length,
 				cipher_xform->iv.length);
-		return -EPERM;
+		return -ENOTSUP;
 	}
 
 	return 0;
@@ -852,7 +852,7 @@ prepare_tdes_xform(struct rte_crypto_sym_xform *xform)
 		RTE_LOG(ERR, USER1, "PMD %s key length %u IV length %u\n",
 				info.device_name, cipher_xform->key.length,
 				cipher_xform->iv.length);
-		return -EPERM;
+		return -ENOTSUP;
 	}
 
 	return 0;
@@ -889,7 +889,7 @@ prepare_hmac_xform(struct rte_crypto_sym_xform *xform)
 		RTE_LOG(ERR, USER1, "PMD %s key length %u IV length %u\n",
 				info.device_name, auth_xform->key.length,
 				auth_xform->digest_length);
-		return -EPERM;
+		return -ENOTSUP;
 	}
 
 	return 0;
@@ -935,7 +935,7 @@ prepare_gcm_xform(struct rte_crypto_sym_xform *xform)
 				aead_xform->digest_length,
 				aead_xform->aad_length,
 				aead_xform->iv.length);
-		return -EPERM;
+		return -ENOTSUP;
 	}
 
 	return 0;
@@ -980,7 +980,7 @@ prepare_gmac_xform(struct rte_crypto_sym_xform *xform)
 				info.device_name, auth_xform->key.length,
 				auth_xform->digest_length,
 				auth_xform->iv.length);
-		return -EPERM;
+		return -ENOTSUP;
 	}
 
 	return 0;
@@ -1018,7 +1018,7 @@ prepare_cmac_xform(struct rte_crypto_sym_xform *xform)
 		RTE_LOG(ERR, USER1, "PMD %s key length %u IV length %u\n",
 				info.device_name, auth_xform->key.length,
 				auth_xform->digest_length);
-		return -EPERM;
+		return -ENOTSUP;
 	}
 
 	return 0;
@@ -1064,7 +1064,7 @@ prepare_ccm_xform(struct rte_crypto_sym_xform *xform)
 				aead_xform->digest_length,
 				aead_xform->aad_length,
 				aead_xform->iv.length);
-		return -EPERM;
+		return -ENOTSUP;
 	}
 
 	return 0;
@@ -1099,7 +1099,7 @@ prepare_sha_xform(struct rte_crypto_sym_xform *xform)
 		RTE_LOG(ERR, USER1, "PMD %s key length %u digest length %u\n",
 				info.device_name, auth_xform->key.length,
 				auth_xform->digest_length);
-		return -EPERM;
+		return -ENOTSUP;
 	}
 
 	return 0;
@@ -1139,7 +1139,7 @@ prepare_xts_xform(struct rte_crypto_sym_xform *xform)
 		RTE_LOG(ERR, USER1, "PMD %s key length %u IV length %u\n",
 				info.device_name, cipher_xform->key.length,
 				cipher_xform->iv.length);
-		return -EPERM;
+		return -ENOTSUP;
 	}
 
 	return 0;
@@ -1254,7 +1254,7 @@ fips_generic_test(void)
 
 	ret = fips_run_test();
 	if (ret < 0) {
-		if (ret == -EPERM || ret == -ENOTSUP) {
+		if (ret == -ENOTSUP) {
 			fprintf(info.fp_wr, "Bypass\n\n");
 			return 0;
 		}
@@ -1289,7 +1289,7 @@ fips_generic_test(void)
 		fprintf(info.fp_wr, "\n");
 	free(val.val);
 
-	return 0;
+	return 1;
 }
 
 static int
@@ -1458,7 +1458,7 @@ fips_mct_tdes_test(void)
 
 	free(val.val);
 
-	return 0;
+	return 1;
 }
 
 static int
@@ -1537,7 +1537,7 @@ fips_mct_aes_ecb_test(void)
 
 	free(val.val);
 
-	return 0;
+	return 1;
 }
 static int
 fips_mct_aes_test(void)
@@ -1645,7 +1645,7 @@ fips_mct_aes_test(void)
 
 	free(val.val);
 
-	return 0;
+	return 1;
 }
 
 static int
@@ -1731,7 +1731,7 @@ fips_mct_sha_test(void)
 
 	free(val.val);
 
-	return 0;
+	return 1;
 }
 
 
@@ -1846,18 +1846,15 @@ fips_test_one_file(void)
 		}
 
 		ret = fips_test_parse_one_case();
-		switch (ret) {
-		case 0:
-			ret = test_ops.test();
-			if (ret == 0)
-				break;
-			RTE_LOG(ERR, USER1, "Error %i: test block\n",
+		if (ret < 0) {
+			RTE_LOG(ERR, USER1, "Error %i: Parse block\n",
 					ret);
 			goto error_one_case;
-		case 1:
-			break;
-		default:
-			RTE_LOG(ERR, USER1, "Error %i: Parse block\n",
+		}
+
+		ret = test_ops.test();
+		if (ret < 0) {
+			RTE_LOG(ERR, USER1, "Error %i: test block\n",
 					ret);
 			goto error_one_case;
 		}
@@ -1907,22 +1904,21 @@ fips_test_one_test_case(void)
 	int ret;
 
 	ret = fips_test_parse_one_json_case();
+	if (ret < 0) {
+		RTE_LOG(ERR, USER1, "Error %i: Parse block\n",
+				ret);
+		goto exit;
+	}
 
-	switch (ret) {
-	case 0:
-		ret = test_ops.test();
-		if (ret == 0)
-			break;
+	ret = test_ops.test();
+	if (ret < 0) {
 		RTE_LOG(ERR, USER1, "Error %i: test block\n",
 				ret);
-		break;
-	case 1:
-		break;
-	default:
-		RTE_LOG(ERR, USER1, "Error %i: Parse block\n",
-				ret);
+		goto exit;
 	}
-	return 0;
+
+exit:
+	return ret;
 }
 
 static int
@@ -1967,8 +1963,8 @@ fips_test_one_test_group(void)
 	tests_size = json_array_size(tests);
 	for (test_idx = 0; test_idx < tests_size; test_idx++) {
 		json_info.json_test_case = json_array_get(tests, test_idx);
-		fips_test_one_test_case();
-		json_array_append_new(write_tests, json_info.json_write_case);
+		if (fips_test_one_test_case() > 0)
+			json_array_append_new(write_tests, json_info.json_write_case);
 	}
 
 	return 0;
-- 
2.25.1


^ permalink raw reply	[flat|nested] 122+ messages in thread

* [v6, 10/11] examples/fips_validation: reset IV generation in every test group
  2022-05-25 17:13         ` [v6, 00/11] Add JSON vector set support to fips validation Gowrishankar Muthukrishnan
                             ` (8 preceding siblings ...)
  2022-05-25 17:13           ` [v6, 09/11] examples/fips_validation: cleanup bypass tests in response file Gowrishankar Muthukrishnan
@ 2022-05-25 17:13           ` Gowrishankar Muthukrishnan
  2022-05-25 17:13           ` [v6, 11/11] examples/fips_validation: add parsing for aes_cbc Gowrishankar Muthukrishnan
                             ` (2 subsequent siblings)
  12 siblings, 0 replies; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-25 17:13 UTC (permalink / raw)
  To: dev
  Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
	Archana Muniganti, Jerin Jacob, Gowrishankar Muthukrishnan

Reset IV generation in every test group.

Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
---
 examples/fips_validation/fips_validation_gcm.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/examples/fips_validation/fips_validation_gcm.c b/examples/fips_validation/fips_validation_gcm.c
index 3604b21f13..7e89f2a6b2 100644
--- a/examples/fips_validation/fips_validation_gcm.c
+++ b/examples/fips_validation/fips_validation_gcm.c
@@ -344,6 +344,7 @@ parse_test_gcm_json_init(void)
 
 	direction_obj = json_object_get(json_info.json_test_group, DIR_JSON_STR);
 	direction_str = json_string_value(direction_obj);
+	info.interim_info.gcm_data.gen_iv = 0;
 
 	if (strcmp(direction_str, OP_ENC_JSON_STR) == 0) {
 		json_t *ivGen_obj = json_object_get(json_info.json_test_group, IVGEN_JSON_STR);
-- 
2.25.1


^ permalink raw reply	[flat|nested] 122+ messages in thread

* [v6, 11/11] examples/fips_validation: add parsing for aes_cbc
  2022-05-25 17:13         ` [v6, 00/11] Add JSON vector set support to fips validation Gowrishankar Muthukrishnan
                             ` (9 preceding siblings ...)
  2022-05-25 17:13           ` [v6, 10/11] examples/fips_validation: reset IV generation in every test group Gowrishankar Muthukrishnan
@ 2022-05-25 17:13           ` Gowrishankar Muthukrishnan
  2022-05-26  6:46           ` [EXT] [v6, 00/11] Add JSON vector set support to fips validation Akhil Goyal
  2022-05-26  8:02           ` [v7, " Gowrishankar Muthukrishnan
  12 siblings, 0 replies; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-25 17:13 UTC (permalink / raw)
  To: dev
  Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
	Archana Muniganti, Jerin Jacob, Gowrishankar Muthukrishnan

Added function to parse algorithm for AES_CBC test.

Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
--
v6:
* fixed local variable initialization in fips_mct_aes_test.
---
 examples/fips_validation/fips_validation.c    |   8 +-
 examples/fips_validation/fips_validation.h    |   4 +
 .../fips_validation/fips_validation_aes.c     | 223 ++++++++++++++++++
 examples/fips_validation/main.c               |  76 ++++--
 4 files changed, 284 insertions(+), 27 deletions(-)

diff --git a/examples/fips_validation/fips_validation.c b/examples/fips_validation/fips_validation.c
index ab4c0d0eca..8cec172a5f 100644
--- a/examples/fips_validation/fips_validation.c
+++ b/examples/fips_validation/fips_validation.c
@@ -120,7 +120,7 @@ fips_test_parse_header(void)
 
 	for (i = 0; i < info.nb_vec_lines; i++) {
 		if (!algo_parsed) {
-			if (strstr(info.vec[i], "AESVS")) {
+			if (strstr(info.vec[i], "AES")) {
 				algo_parsed = 1;
 				info.algo = FIPS_TEST_ALGO_AES;
 				ret = parse_test_aes_init();
@@ -458,10 +458,12 @@ fips_test_parse_one_json_vector_set(void)
 	/* Vector sets contain the algorithm type, and nothing else we need. */
 	if (strstr(algo_str, "AES-GCM"))
 		info.algo = FIPS_TEST_ALGO_AES_GCM;
-	if (strstr(algo_str, "HMAC"))
+	else if (strstr(algo_str, "HMAC"))
 		info.algo = FIPS_TEST_ALGO_HMAC;
-	if (strstr(algo_str, "CMAC"))
+	else if (strstr(algo_str, "CMAC"))
 		info.algo = FIPS_TEST_ALGO_AES_CMAC;
+	else if (strstr(algo_str, "AES-CBC"))
+		info.algo = FIPS_TEST_ALGO_AES;
 	else
 		return -EINVAL;
 
diff --git a/examples/fips_validation/fips_validation.h b/examples/fips_validation/fips_validation.h
index 88cbb0303e..6385ec4d8d 100644
--- a/examples/fips_validation/fips_validation.h
+++ b/examples/fips_validation/fips_validation.h
@@ -103,6 +103,7 @@ enum fips_aesavs_test_types {
 	AESAVS_TYPE_VARTXT,
 	AESAVS_TYPE_MMT,
 	AESAVS_TYPE_MCT,
+	AESAVS_TYPE_AFT,
 };
 
 enum fips_tdes_test_types {
@@ -262,6 +263,9 @@ parse_test_hmac_json_algorithm(void);
 
 int
 parse_test_cmac_json_init(void);
+
+int
+parse_test_aes_json_init(void);
 #endif /* RTE_HAS_JANSSON */
 
 int
diff --git a/examples/fips_validation/fips_validation_aes.c b/examples/fips_validation/fips_validation_aes.c
index b3c5e31f32..0b7b9c0849 100644
--- a/examples/fips_validation/fips_validation_aes.c
+++ b/examples/fips_validation/fips_validation_aes.c
@@ -7,6 +7,7 @@
 #include <stdio.h>
 
 #include <rte_cryptodev.h>
+#include <rte_malloc.h>
 
 #include "fips_validation.h"
 
@@ -25,6 +26,19 @@
 #define OP_ENC_STR	"ENCRYPT"
 #define OP_DEC_STR	"DECRYPT"
 
+#define ALGO_JSON_STR		"algorithm"
+#define TESTTYPE_JSON_STR	"testType"
+#define DIR_JSON_STR		"direction"
+#define KEYLEN_JSON_STR		"keyLen"
+
+#define KEY_JSON_STR	"key"
+#define IV_JSON_STR	"iv"
+#define PT_JSON_STR	"pt"
+#define CT_JSON_STR	"ct"
+
+#define OP_ENC_JSON_STR	"encrypt"
+#define OP_DEC_JSON_STR	"decrypt"
+
 struct {
 	uint32_t type;
 	const char *desc;
@@ -37,6 +51,7 @@ struct {
 		{TDES_VARIABLE_TEXT, "KAT"},
 		{AESAVS_TYPE_MMT, "MMT"},
 		{AESAVS_TYPE_MCT, "MCT"},
+		{AESAVS_TYPE_AFT, "AFT"},
 };
 
 struct aes_test_algo {
@@ -92,6 +107,214 @@ struct fips_test_callback aes_writeback_callbacks[] = {
 		{NULL, NULL, NULL} /**< end pointer */
 };
 
+#ifdef RTE_HAS_JANSSON
+struct fips_test_callback aes_dec_json_vectors[] = {
+		{KEY_JSON_STR, parse_uint8_known_len_hex_str, &vec.cipher_auth.key},
+		{IV_JSON_STR, parse_uint8_hex_str, &vec.iv},
+		{CT_JSON_STR, parse_uint8_hex_str, &vec.ct},
+		{NULL, NULL, NULL} /**< end pointer */
+};
+
+struct fips_test_callback aes_interim_json_vectors[] = {
+		{KEYLEN_JSON_STR, parser_read_uint32_bit_val, &vec.cipher_auth.key},
+		{NULL, NULL, NULL} /**< end pointer */
+};
+
+struct fips_test_callback aes_enc_json_vectors[] = {
+		{KEY_JSON_STR, parse_uint8_known_len_hex_str, &vec.cipher_auth.key},
+		{IV_JSON_STR, parse_uint8_hex_str, &vec.iv},
+		{PT_JSON_STR, parse_uint8_hex_str, &vec.pt},
+		{NULL, NULL, NULL} /**< end pointer */
+};
+
+static int
+parse_test_aes_json_writeback(struct fips_val *val)
+{
+	struct fips_val tmp_val;
+	json_t *tcId;
+
+	tcId = json_object_get(json_info.json_test_case, "tcId");
+
+	json_info.json_write_case = json_object();
+	json_object_set(json_info.json_write_case, "tcId", tcId);
+
+	if (info.op == FIPS_TEST_ENC_AUTH_GEN) {
+		json_t *ct;
+
+		tmp_val.val = val->val;
+		tmp_val.len = vec.pt.len;
+
+		writeback_hex_str("", info.one_line_text, &tmp_val);
+		ct = json_string(info.one_line_text);
+		json_object_set_new(json_info.json_write_case, CT_JSON_STR, ct);
+
+		tmp_val.val = val->val + vec.pt.len;
+		tmp_val.len = val->len - vec.pt.len;
+
+		writeback_hex_str("", info.one_line_text, &tmp_val);
+	} else {
+		if (vec.status == RTE_CRYPTO_OP_STATUS_SUCCESS) {
+			tmp_val.val = val->val;
+			tmp_val.len = vec.ct.len;
+
+			writeback_hex_str("", info.one_line_text, &tmp_val);
+			json_object_set_new(json_info.json_write_case, PT_JSON_STR,
+								json_string(info.one_line_text));
+		} else {
+			json_object_set_new(json_info.json_write_case, "testPassed", json_false());
+		}
+	}
+
+	return 0;
+}
+
+static int
+parse_test_aes_mct_json_writeback(struct fips_val *val)
+{
+	json_t *tcId, *resArr, *res, *ct, *pt, *key, *iv;
+	struct fips_val tmp_val;
+
+	tcId = json_object_get(json_info.json_test_case, "tcId");
+	if (json_info.json_write_case) {
+		json_t *wcId;
+
+		wcId = json_object_get(json_info.json_write_case, "tcId");
+		if (!json_equal(tcId, wcId)) {
+			json_info.json_write_case = json_object();
+			json_object_set(json_info.json_write_case, "tcId", tcId);
+			json_object_set(json_info.json_write_case, "resultsArray", json_array());
+		}
+	} else {
+		json_info.json_write_case = json_object();
+		json_object_set(json_info.json_write_case, "tcId", tcId);
+		json_object_set(json_info.json_write_case, "resultsArray", json_array());
+	}
+
+	resArr = json_object_get(json_info.json_write_case, "resultsArray");
+	if (!json_is_array(resArr))
+		return -EINVAL;
+
+	res = json_object();
+	if (info .op == FIPS_TEST_ENC_AUTH_GEN) {
+		writeback_hex_str("", info.one_line_text, &vec.cipher_auth.key);
+		key = json_string(info.one_line_text);
+		json_object_set_new(res, KEY_JSON_STR, key);
+
+		writeback_hex_str("", info.one_line_text, &val[2]);
+		iv = json_string(info.one_line_text);
+		json_object_set_new(res, IV_JSON_STR, iv);
+
+		writeback_hex_str("", info.one_line_text, &val[1]);
+		pt = json_string(info.one_line_text);
+		json_object_set_new(res, PT_JSON_STR, pt);
+
+		tmp_val.val = val->val;
+		tmp_val.len = vec.pt.len;
+
+		writeback_hex_str("", info.one_line_text, &tmp_val);
+		ct = json_string(info.one_line_text);
+		json_object_set_new(res, CT_JSON_STR, ct);
+
+		tmp_val.val = val->val + vec.pt.len;
+		tmp_val.len = val->len - vec.pt.len;
+
+		writeback_hex_str("", info.one_line_text, &tmp_val);
+	} else {
+		if (vec.status == RTE_CRYPTO_OP_STATUS_SUCCESS) {
+			writeback_hex_str("", info.one_line_text, &vec.cipher_auth.key);
+			key = json_string(info.one_line_text);
+			json_object_set_new(res, KEY_JSON_STR, key);
+
+			writeback_hex_str("", info.one_line_text, &val[2]);
+			iv = json_string(info.one_line_text);
+			json_object_set_new(res, IV_JSON_STR, iv);
+
+			tmp_val.val = val->val;
+			tmp_val.len = vec.ct.len;
+
+			writeback_hex_str("", info.one_line_text, &tmp_val);
+			pt = json_string(info.one_line_text);
+			json_object_set_new(res, PT_JSON_STR, pt);
+
+			writeback_hex_str("", info.one_line_text, &val[1]);
+			ct = json_string(info.one_line_text);
+			json_object_set_new(res, CT_JSON_STR, ct);
+		} else {
+			json_object_set_new(json_info.json_write_case, "testPassed", json_false());
+		}
+	}
+
+	json_array_append(resArr, res);
+	return 0;
+}
+
+int
+parse_test_aes_json_init(void)
+{
+	json_t *type_obj = json_object_get(json_info.json_test_group, TESTTYPE_JSON_STR);
+	json_t *algo_obj = json_object_get(json_info.json_vector_set, ALGO_JSON_STR);
+	const char *type_str = json_string_value(type_obj);
+	const char *algo_str = json_string_value(algo_obj);
+	uint32_t i;
+
+	if (json_info.json_test_group) {
+		json_t *direction_obj;
+		const char *direction_str;
+
+		direction_obj = json_object_get(json_info.json_test_group, DIR_JSON_STR);
+		direction_str = json_string_value(direction_obj);
+
+		if (strcmp(direction_str, OP_ENC_JSON_STR) == 0) {
+			info.op = FIPS_TEST_ENC_AUTH_GEN;
+			info.callbacks = aes_enc_json_vectors;
+
+		} else if (strcmp(direction_str, OP_DEC_JSON_STR) == 0) {
+			info.op = FIPS_TEST_DEC_AUTH_VERIF;
+			info.callbacks = aes_dec_json_vectors;
+		} else {
+			return -EINVAL;
+		}
+		info.interim_callbacks = aes_interim_json_vectors;
+	}
+
+	for (i = 0; i < RTE_DIM(aes_test_types); i++)
+		if (strstr(type_str, aes_test_types[i].desc)) {
+			info.interim_info.aes_data.test_type =
+				aes_test_types[i].type;
+			break;
+		}
+
+	if (i >= RTE_DIM(aes_test_types))
+		return -EINVAL;
+
+	switch (info.interim_info.aes_data.test_type) {
+	case AESAVS_TYPE_MCT:
+		info.parse_writeback = parse_test_aes_mct_json_writeback;
+		break;
+	case AESAVS_TYPE_AFT:
+		info.parse_writeback = parse_test_aes_json_writeback;
+		break;
+	default:
+		info.parse_writeback = NULL;
+	}
+
+	if (!info.parse_writeback)
+		return -EINVAL;
+
+	for (i = 0; i < RTE_DIM(algo_con); i++)
+		if (strstr(algo_str, algo_con[i].name)) {
+			info.interim_info.aes_data.cipher_algo =
+				(uint32_t)algo_con[i].algo;
+			break;
+		}
+
+	if (i >= RTE_DIM(algo_con))
+		return -EINVAL;
+
+	return 0;
+}
+#endif /* RTE_HAS_JANSSON */
+
 static int
 parse_test_aes_writeback(struct fips_val *val)
 {
diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c
index e703a111da..a74a38e1ae 100644
--- a/examples/fips_validation/main.c
+++ b/examples/fips_validation/main.c
@@ -1545,7 +1545,7 @@ fips_mct_aes_test(void)
 #define AES_BLOCK_SIZE	16
 #define AES_EXTERN_ITER	100
 #define AES_INTERN_ITER	1000
-	struct fips_val val = {NULL, 0}, val_key;
+	struct fips_val val[3] = {{NULL, 0},}, val_key,  pt, ct, iv;
 	uint8_t prev_out[AES_BLOCK_SIZE] = {0};
 	uint8_t prev_in[AES_BLOCK_SIZE] = {0};
 	uint32_t i, j, k;
@@ -1554,11 +1554,16 @@ fips_mct_aes_test(void)
 	if (info.interim_info.aes_data.cipher_algo == RTE_CRYPTO_CIPHER_AES_ECB)
 		return fips_mct_aes_ecb_test();
 
+	memset(&pt, 0, sizeof(struct fips_val));
+	memset(&ct, 0, sizeof(struct fips_val));
+	memset(&iv, 0, sizeof(struct fips_val));
 	for (i = 0; i < AES_EXTERN_ITER; i++) {
-		if (i != 0)
-			update_info_vec(i);
+		if (info.file_type != FIPS_TYPE_JSON) {
+			if (i != 0)
+				update_info_vec(i);
 
-		fips_test_write_one_case();
+			fips_test_write_one_case();
+		}
 
 		for (j = 0; j < AES_INTERN_ITER; j++) {
 			ret = fips_run_test();
@@ -1571,7 +1576,7 @@ fips_mct_aes_test(void)
 				return ret;
 			}
 
-			ret = get_writeback_data(&val);
+			ret = get_writeback_data(&val[0]);
 			if (ret < 0)
 				return ret;
 
@@ -1579,24 +1584,39 @@ fips_mct_aes_test(void)
 				memcpy(prev_in, vec.ct.val, AES_BLOCK_SIZE);
 
 			if (j == 0) {
-				memcpy(prev_out, val.val, AES_BLOCK_SIZE);
+				memcpy(prev_out, val[0].val, AES_BLOCK_SIZE);
+				pt.len = vec.pt.len;
+				pt.val = calloc(1, pt.len);
+				memcpy(pt.val, vec.pt.val, pt.len);
+
+				ct.len = vec.ct.len;
+				ct.val = calloc(1, ct.len);
+				memcpy(ct.val, vec.ct.val, ct.len);
+
+				iv.len = vec.iv.len;
+				iv.val = calloc(1, iv.len);
+				memcpy(iv.val, vec.iv.val, iv.len);
 
 				if (info.op == FIPS_TEST_ENC_AUTH_GEN) {
-					memcpy(vec.pt.val, vec.iv.val,
-							AES_BLOCK_SIZE);
-					memcpy(vec.iv.val, val.val,
-							AES_BLOCK_SIZE);
+					memcpy(vec.pt.val, vec.iv.val, AES_BLOCK_SIZE);
+					memcpy(vec.iv.val, val[0].val, AES_BLOCK_SIZE);
+					val[1].val = pt.val;
+					val[1].len = pt.len;
+					val[2].val = iv.val;
+					val[2].len = iv.len;
 				} else {
-					memcpy(vec.ct.val, vec.iv.val,
-							AES_BLOCK_SIZE);
-					memcpy(vec.iv.val, prev_in,
-							AES_BLOCK_SIZE);
+					memcpy(vec.ct.val, vec.iv.val, AES_BLOCK_SIZE);
+					memcpy(vec.iv.val, prev_in, AES_BLOCK_SIZE);
+					val[1].val = ct.val;
+					val[1].len = ct.len;
+					val[2].val = iv.val;
+					val[2].len = iv.len;
 				}
 				continue;
 			}
 
 			if (info.op == FIPS_TEST_ENC_AUTH_GEN) {
-				memcpy(vec.iv.val, val.val, AES_BLOCK_SIZE);
+				memcpy(vec.iv.val, val[0].val, AES_BLOCK_SIZE);
 				memcpy(vec.pt.val, prev_out, AES_BLOCK_SIZE);
 			} else {
 				memcpy(vec.iv.val, prev_in, AES_BLOCK_SIZE);
@@ -1606,33 +1626,38 @@ fips_mct_aes_test(void)
 			if (j == AES_INTERN_ITER - 1)
 				continue;
 
-			memcpy(prev_out, val.val, AES_BLOCK_SIZE);
+			memcpy(prev_out, val[0].val, AES_BLOCK_SIZE);
 		}
 
-		info.parse_writeback(&val);
-		fprintf(info.fp_wr, "\n");
+		info.parse_writeback(val);
+		if (info.file_type != FIPS_TYPE_JSON)
+			fprintf(info.fp_wr, "\n");
 
-		if (i == AES_EXTERN_ITER - 1)
+		if (i == AES_EXTERN_ITER - 1) {
+			free(pt.val);
+			free(ct.val);
+			free(iv.val);
 			continue;
+		}
 
 		/** update key */
 		memcpy(&val_key, &vec.cipher_auth.key, sizeof(val_key));
 		for (k = 0; k < vec.cipher_auth.key.len; k++) {
 			switch (vec.cipher_auth.key.len) {
 			case 16:
-				val_key.val[k] ^= val.val[k];
+				val_key.val[k] ^= val[0].val[k];
 				break;
 			case 24:
 				if (k < 8)
 					val_key.val[k] ^= prev_out[k + 8];
 				else
-					val_key.val[k] ^= val.val[k - 8];
+					val_key.val[k] ^= val[0].val[k - 8];
 				break;
 			case 32:
 				if (k < 16)
 					val_key.val[k] ^= prev_out[k];
 				else
-					val_key.val[k] ^= val.val[k - 16];
+					val_key.val[k] ^= val[0].val[k - 16];
 				break;
 			default:
 				return -1;
@@ -1640,10 +1665,10 @@ fips_mct_aes_test(void)
 		}
 
 		if (info.op == FIPS_TEST_DEC_AUTH_VERIF)
-			memcpy(vec.iv.val, val.val, AES_BLOCK_SIZE);
+			memcpy(vec.iv.val, val[0].val, AES_BLOCK_SIZE);
 	}
 
-	free(val.val);
+	free(val[0].val);
 
 	return 1;
 }
@@ -1944,6 +1969,9 @@ fips_test_one_test_group(void)
 	case FIPS_TEST_ALGO_AES_CMAC:
 		ret = parse_test_cmac_json_init();
 		break;
+	case FIPS_TEST_ALGO_AES:
+		ret = parse_test_aes_json_init();
+		break;
 	default:
 		return -EINVAL;
 	}
-- 
2.25.1


^ permalink raw reply	[flat|nested] 122+ messages in thread

* RE: [EXT] [v6, 00/11] Add JSON vector set support to fips validation
  2022-05-25 17:13         ` [v6, 00/11] Add JSON vector set support to fips validation Gowrishankar Muthukrishnan
                             ` (10 preceding siblings ...)
  2022-05-25 17:13           ` [v6, 11/11] examples/fips_validation: add parsing for aes_cbc Gowrishankar Muthukrishnan
@ 2022-05-26  6:46           ` Akhil Goyal
  2022-05-26  8:02           ` [v7, " Gowrishankar Muthukrishnan
  12 siblings, 0 replies; 122+ messages in thread
From: Akhil Goyal @ 2022-05-26  6:46 UTC (permalink / raw)
  To: Gowrishankar Muthukrishnan, dev
  Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
	Archana Muniganti, Jerin Jacob Kollanukkaran,
	Gowrishankar Muthukrishnan

> Adds a very basic introduction to JSON vector sets in
> the fips validation example application. This patch set
> will only introduce the AES-GCM test using a JSON request
> file because the other algorithms need more information
> than what is given in the new JSON format.
> 
> v6:
> * CI centos platform fix.


Series Acked-by: Akhil Goyal <gakhil@marvell.com>

^ permalink raw reply	[flat|nested] 122+ messages in thread

* [v7, 00/11] Add JSON vector set support to fips validation
  2022-05-25 17:13         ` [v6, 00/11] Add JSON vector set support to fips validation Gowrishankar Muthukrishnan
                             ` (11 preceding siblings ...)
  2022-05-26  6:46           ` [EXT] [v6, 00/11] Add JSON vector set support to fips validation Akhil Goyal
@ 2022-05-26  8:02           ` Gowrishankar Muthukrishnan
  2022-05-26  8:02             ` [v7, 01/11] examples/fips_validation: add jansson dependency Gowrishankar Muthukrishnan
                               ` (11 more replies)
  12 siblings, 12 replies; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-26  8:02 UTC (permalink / raw)
  To: dev
  Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
	Archana Muniganti, Jerin Jacob, Gowrishankar Muthukrishnan

Adds a very basic introduction to JSON vector sets in
the fips validation example application. This patch set
will only introduce the AES-GCM test using a JSON request
file because the other algorithms need more information
than what is given in the new JSON format.

v7:
* Fixed individual patches to build correctly.

v6:
* CI centos platform fix.

v5:
* AES_CBC support appended in series.

Brandon Lo (8):
  examples/fips_validation: add jansson dependency
  examples/fips_validation: add json info to header
  examples/fips_validation: add json parsing
  examples/fips_validation: allow json file as input
  examples/fips_validation: add json to gcm test
  examples/fips_validation: add json to hmac
  examples/fips_validation: implement json cmac test
  examples/fips_validation: add parsing for cmac

Gowrishankar Muthukrishnan (3):
  examples/fips_validation: cleanup bypass tests in response file
  examples/fips_validation: reset IV generation in every test group
  examples/fips_validation: add parsing for aes_cbc

 examples/fips_validation/fips_validation.c    | 117 ++++++-
 examples/fips_validation/fips_validation.h    |  64 +++-
 .../fips_validation/fips_validation_aes.c     | 223 ++++++++++++
 .../fips_validation/fips_validation_cmac.c    |  80 +++++
 .../fips_validation/fips_validation_gcm.c     | 152 +++++++-
 .../fips_validation/fips_validation_hmac.c    |  93 +++++
 examples/fips_validation/main.c               | 328 +++++++++++++++---
 examples/fips_validation/meson.build          |   4 +
 8 files changed, 1000 insertions(+), 61 deletions(-)

-- 
2.25.1


^ permalink raw reply	[flat|nested] 122+ messages in thread

* [v7, 01/11] examples/fips_validation: add jansson dependency
  2022-05-26  8:02           ` [v7, " Gowrishankar Muthukrishnan
@ 2022-05-26  8:02             ` Gowrishankar Muthukrishnan
  2022-05-26  9:46               ` Zhang, Roy Fan
  2022-05-26  8:02             ` [v7, 02/11] examples/fips_validation: add json info to header Gowrishankar Muthukrishnan
                               ` (10 subsequent siblings)
  11 siblings, 1 reply; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-26  8:02 UTC (permalink / raw)
  To: dev
  Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
	Archana Muniganti, Jerin Jacob, Brandon Lo

From: Brandon Lo <blo@iol.unh.edu>

Added a check for RTE_HAS_JANSSON into the meson
configuration file for JSON support.

Signed-off-by: Brandon Lo <blo@iol.unh.edu>
---
 examples/fips_validation/meson.build | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/examples/fips_validation/meson.build b/examples/fips_validation/meson.build
index 7eef456318..8cd63066b5 100644
--- a/examples/fips_validation/meson.build
+++ b/examples/fips_validation/meson.build
@@ -21,3 +21,7 @@ sources = files(
         'fips_dev_self_test.c',
         'main.c',
 )
+
+if dpdk_conf.has('RTE_HAS_JANSSON')
+    ext_deps += jansson_dep
+endif
-- 
2.25.1


^ permalink raw reply	[flat|nested] 122+ messages in thread

* [v7, 02/11] examples/fips_validation: add json info to header
  2022-05-26  8:02           ` [v7, " Gowrishankar Muthukrishnan
  2022-05-26  8:02             ` [v7, 01/11] examples/fips_validation: add jansson dependency Gowrishankar Muthukrishnan
@ 2022-05-26  8:02             ` Gowrishankar Muthukrishnan
  2022-05-26  9:46               ` Zhang, Roy Fan
  2022-05-26  8:02             ` [v7, 03/11] examples/fips_validation: add json parsing Gowrishankar Muthukrishnan
                               ` (9 subsequent siblings)
  11 siblings, 1 reply; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-26  8:02 UTC (permalink / raw)
  To: dev
  Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
	Archana Muniganti, Jerin Jacob, Brandon Lo,
	Gowrishankar Muthukrishnan

From: Brandon Lo <blo@iol.unh.edu>

Added json-specific functions and other information needed to
test the new FIPS test vectors.

Signed-off-by: Brandon Lo <blo@iol.unh.edu>
Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
---
v7:
* fix switch clause for info.file_type.

v5:
* fix typo in macro name for prefixes.

v2:
* fix type of prefix to suffix
---
 examples/fips_validation/fips_validation.c |  6 +--
 examples/fips_validation/fips_validation.h | 48 ++++++++++++++++++++--
 examples/fips_validation/main.c            |  2 +
 3 files changed, 49 insertions(+), 7 deletions(-)

diff --git a/examples/fips_validation/fips_validation.c b/examples/fips_validation/fips_validation.c
index 94253eaee8..38c99b291c 100644
--- a/examples/fips_validation/fips_validation.c
+++ b/examples/fips_validation/fips_validation.c
@@ -270,11 +270,11 @@ parse_file_type(const char *path)
 {
 	const char *tmp = path + strlen(path) - 3;
 
-	if (strstr(tmp, REQ_FILE_PERFIX))
+	if (strstr(tmp, REQ_FILE_PREFIX))
 		info.file_type = FIPS_TYPE_REQ;
-	else if (strstr(tmp, RSP_FILE_PERFIX))
+	else if (strstr(tmp, RSP_FILE_PREFIX))
 		info.file_type = FIPS_TYPE_RSP;
-	else if (strstr(path, FAX_FILE_PERFIX))
+	else if (strstr(path, FAX_FILE_PREFIX))
 		info.file_type = FIPS_TYPE_FAX;
 	else
 		return -EINVAL;
diff --git a/examples/fips_validation/fips_validation.h b/examples/fips_validation/fips_validation.h
index aaadf01ba8..a1c83a9a6a 100644
--- a/examples/fips_validation/fips_validation.h
+++ b/examples/fips_validation/fips_validation.h
@@ -5,6 +5,10 @@
 #ifndef _FIPS_VALIDATION_H_
 #define _FIPS_VALIDATION_H_
 
+#ifdef RTE_HAS_JANSSON
+#include <jansson.h>
+#endif /* RTE_HAS_JANSSON */
+
 #define FIPS_PARSE_ERR(fmt, args)					\
 	RTE_LOG(ERR, USER1, "FIPS parse error" ## fmt ## "\n", ## args)
 
@@ -21,9 +25,12 @@
 #define POSITIVE_TEST		0
 #define NEGATIVE_TEST		-1
 
-#define REQ_FILE_PERFIX		"req"
-#define RSP_FILE_PERFIX		"rsp"
-#define FAX_FILE_PERFIX		"fax"
+#define REQ_FILE_PREFIX		"req"
+#define RSP_FILE_PREFIX		"rsp"
+#define FAX_FILE_PREFIX		"fax"
+#define JSON_FILE_PREFIX	"json"
+
+#define ACVVERSION			"1.0"
 
 enum fips_test_algorithms {
 		FIPS_TEST_ALGO_AES = 0,
@@ -40,7 +47,8 @@ enum fips_test_algorithms {
 enum file_types {
 	FIPS_TYPE_REQ = 1,
 	FIPS_TYPE_FAX,
-	FIPS_TYPE_RSP
+	FIPS_TYPE_RSP,
+	FIPS_TYPE_JSON,
 };
 
 enum fips_test_op {
@@ -161,6 +169,23 @@ struct gcm_interim_data {
 	uint8_t gen_iv;
 };
 
+#ifdef RTE_HAS_JANSSON
+struct fips_test_json_info {
+	/* Information used for reading from json */
+	json_t *json_root;
+	json_t *json_vector_set;
+	json_t *json_test_group;
+	json_t *json_test_case;
+	/* Location of json write output */
+	json_t *json_write_root;
+	json_t *json_write_group;
+	json_t *json_write_set;
+	json_t *json_write_case;
+	/* Other info */
+	uint8_t is_sample;
+};
+#endif /* RTE_HAS_JANSSON */
+
 struct fips_test_interim_info {
 	FILE *fp_rd;
 	FILE *fp_wr;
@@ -196,6 +221,10 @@ struct fips_test_interim_info {
 extern struct fips_test_vector vec;
 extern struct fips_test_interim_info info;
 
+#ifdef RTE_HAS_JANSSON
+extern struct fips_test_json_info json_info;
+#endif /* RTE_HAS_JANSSON */
+
 int
 fips_test_init(const char *req_file_path, const char *rsp_file_path,
 		const char *device_name);
@@ -212,6 +241,17 @@ fips_test_parse_one_case(void);
 void
 fips_test_write_one_case(void);
 
+#ifdef RTE_HAS_JANSSON
+int
+fips_test_parse_one_json_vector_set(void);
+
+int
+fips_test_parse_one_json_group(void);
+
+int
+fips_test_parse_one_json_case(void);
+#endif /* RTE_HAS_JANSSON */
+
 int
 parse_test_aes_init(void);
 
diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c
index e06ae37567..554d74cda0 100644
--- a/examples/fips_validation/main.c
+++ b/examples/fips_validation/main.c
@@ -1251,6 +1251,8 @@ fips_generic_test(void)
 		if (ret < 0)
 			return ret;
 		break;
+	default:
+		break;
 	}
 
 	fprintf(info.fp_wr, "\n");
-- 
2.25.1


^ permalink raw reply	[flat|nested] 122+ messages in thread

* [v7, 03/11] examples/fips_validation: add json parsing
  2022-05-26  8:02           ` [v7, " Gowrishankar Muthukrishnan
  2022-05-26  8:02             ` [v7, 01/11] examples/fips_validation: add jansson dependency Gowrishankar Muthukrishnan
  2022-05-26  8:02             ` [v7, 02/11] examples/fips_validation: add json info to header Gowrishankar Muthukrishnan
@ 2022-05-26  8:02             ` Gowrishankar Muthukrishnan
  2022-05-26  9:47               ` Zhang, Roy Fan
  2022-05-26  8:02             ` [v7, 04/11] examples/fips_validation: allow json file as input Gowrishankar Muthukrishnan
                               ` (8 subsequent siblings)
  11 siblings, 1 reply; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-26  8:02 UTC (permalink / raw)
  To: dev
  Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
	Archana Muniganti, Jerin Jacob, Brandon Lo

From: Brandon Lo <blo@iol.unh.edu>

Added functions to parse the required information from a vector set
given in the new json format.

Signed-off-by: Brandon Lo <blo@iol.unh.edu>
---
v7:
* pulled json_info define from next patch.

v3:
* fix checkpatch warnings

v2:
* fix for loop initialization
---
 examples/fips_validation/fips_validation.c | 92 ++++++++++++++++++++++
 examples/fips_validation/main.c            |  4 +
 2 files changed, 96 insertions(+)

diff --git a/examples/fips_validation/fips_validation.c b/examples/fips_validation/fips_validation.c
index 38c99b291c..6594a15579 100644
--- a/examples/fips_validation/fips_validation.c
+++ b/examples/fips_validation/fips_validation.c
@@ -276,6 +276,8 @@ parse_file_type(const char *path)
 		info.file_type = FIPS_TYPE_RSP;
 	else if (strstr(path, FAX_FILE_PREFIX))
 		info.file_type = FIPS_TYPE_FAX;
+	else if (strstr(path, JSON_FILE_PREFIX))
+		info.file_type = FIPS_TYPE_JSON;
 	else
 		return -EINVAL;
 
@@ -311,6 +313,21 @@ fips_test_init(const char *req_file_path, const char *rsp_file_path,
 		return -EINVAL;
 	}
 
+	if (info.file_type == FIPS_TYPE_JSON) {
+#ifdef RTE_HAS_JANSSON
+		json_error_t error;
+		json_info.json_root = json_loadf(info.fp_rd, 0, &error);
+		if (!json_info.json_root) {
+			RTE_LOG(ERR, USER1, "Cannot parse json file %s (line %d, column %d)\n",
+				req_file_path, error.line, error.column);
+			return -EINVAL;
+		}
+#else /* RTE_HAS_JANSSON */
+		RTE_LOG(ERR, USER1, "No json library configured.\n");
+		return -EINVAL;
+#endif /* RTE_HAS_JANSSON */
+	}
+
 	info.fp_wr = fopen(rsp_file_path, "w");
 	if (!info.fp_wr) {
 		RTE_LOG(ERR, USER1, "Cannot open file %s\n", rsp_file_path);
@@ -329,6 +346,9 @@ fips_test_init(const char *req_file_path, const char *rsp_file_path,
 		return -EINVAL;
 	}
 
+	if (info.file_type == FIPS_TYPE_JSON)
+		return 0;
+
 	if (fips_test_parse_header() < 0) {
 		RTE_LOG(ERR, USER1, "Failed parsing header\n");
 		return -1;
@@ -428,6 +448,78 @@ fips_test_write_one_case(void)
 		fprintf(info.fp_wr, "%s\n", info.vec[i]);
 }
 
+#ifdef RTE_HAS_JANSSON
+int
+fips_test_parse_one_json_vector_set(void)
+{
+	json_t *algo_obj = json_object_get(json_info.json_vector_set, "algorithm");
+	const char *algo_str = json_string_value(algo_obj);
+
+	/* Vector sets contain the algorithm type, and nothing else we need. */
+	if (strstr(algo_str, "AES-GCM"))
+		info.algo = FIPS_TEST_ALGO_AES_GCM;
+	else
+		return -EINVAL;
+
+	return 0;
+}
+
+int
+fips_test_parse_one_json_group(void)
+{
+	int ret, i;
+	json_int_t val;
+	json_t *param;
+
+	if (info.interim_callbacks) {
+		char json_value[256];
+		for (i = 0; info.interim_callbacks[i].key != NULL; i++) {
+			param = json_object_get(json_info.json_test_group,
+					info.interim_callbacks[i].key);
+			val = json_integer_value(param);
+			snprintf(json_value, 255, "%"JSON_INTEGER_FORMAT, val);
+			/* First argument is blank because the key
+			 * is not included in the string being parsed.
+			 */
+			ret = info.interim_callbacks[i].cb(
+				"", json_value,
+				info.interim_callbacks[i].val
+			);
+			if (ret < 0)
+				return ret;
+		}
+	}
+
+	return 0;
+}
+
+int
+fips_test_parse_one_json_case(void)
+{
+	uint32_t i;
+	int ret = 0;
+	json_t *param;
+
+	for (i = 0; info.callbacks[i].key != NULL; i++) {
+		param = json_object_get(json_info.json_test_case, info.callbacks[i].key);
+		if (param) {
+			strcpy(info.one_line_text, json_string_value(param));
+			/* First argument is blank because the key
+			 * is not included in the string being parsed.
+			 */
+			ret = info.callbacks[i].cb(
+				"", info.one_line_text,
+				info.callbacks[i].val
+			);
+			if (ret < 0)
+				return ret;
+		}
+	}
+
+	return 0;
+}
+#endif /* RTE_HAS_JANSSON */
+
 static int
 parser_read_uint64_hex(uint64_t *value, const char *p)
 {
diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c
index 554d74cda0..11db983ab0 100644
--- a/examples/fips_validation/main.c
+++ b/examples/fips_validation/main.c
@@ -39,6 +39,10 @@ enum {
 struct fips_test_vector vec;
 struct fips_test_interim_info info;
 
+#ifdef RTE_HAS_JANSSON
+struct fips_test_json_info json_info;
+#endif /* RTE_HAS_JANSSON */
+
 struct cryptodev_fips_validate_env {
 	const char *req_path;
 	const char *rsp_path;
-- 
2.25.1


^ permalink raw reply	[flat|nested] 122+ messages in thread

* [v7, 04/11] examples/fips_validation: allow json file as input
  2022-05-26  8:02           ` [v7, " Gowrishankar Muthukrishnan
                               ` (2 preceding siblings ...)
  2022-05-26  8:02             ` [v7, 03/11] examples/fips_validation: add json parsing Gowrishankar Muthukrishnan
@ 2022-05-26  8:02             ` Gowrishankar Muthukrishnan
  2022-05-26  9:48               ` Zhang, Roy Fan
  2022-05-26  8:02             ` [v7, 05/11] examples/fips_validation: add json to gcm test Gowrishankar Muthukrishnan
                               ` (7 subsequent siblings)
  11 siblings, 1 reply; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-26  8:02 UTC (permalink / raw)
  To: dev
  Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
	Archana Muniganti, Jerin Jacob, Brandon Lo,
	Gowrishankar Muthukrishnan

From: Brandon Lo <blo@iol.unh.edu>

Added the ability to use the json format as the input
and output of the example application.

Signed-off-by: Brandon Lo <blo@iol.unh.edu>
Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
--
v5:
* fix to check info.file_type in json file type as well.

v3:
* fix checkpatch warnings

v2:
* remove use_json variable
---
 examples/fips_validation/main.c | 193 +++++++++++++++++++++++++++++++-
 1 file changed, 190 insertions(+), 3 deletions(-)

diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c
index 11db983ab0..81b014d6fa 100644
--- a/examples/fips_validation/main.c
+++ b/examples/fips_validation/main.c
@@ -34,6 +34,8 @@ enum {
 	OPT_CRYPTODEV_BK_ID_NUM,
 #define OPT_CRYPTODEV_BK_DIR_KEY    "broken-test-dir"
 	OPT_CRYPTODEV_BK_DIR_KEY_NUM,
+#define OPT_USE_JSON                "use-json"
+	OPT_USE_JSON_NUM,
 };
 
 struct fips_test_vector vec;
@@ -170,6 +172,11 @@ cryptodev_fips_validate_app_uninit(void)
 static int
 fips_test_one_file(void);
 
+#ifdef RTE_HAS_JANSSON
+static int
+fips_test_one_json_file(void);
+#endif /* RTE_HAS_JANSSON */
+
 static int
 parse_cryptodev_arg(char *arg)
 {
@@ -429,8 +436,17 @@ main(int argc, char *argv[])
 			goto exit;
 		}
 
-
+#ifdef RTE_HAS_JANSSON
+		if (info.file_type == FIPS_TYPE_JSON) {
+			ret = fips_test_one_json_file();
+			json_decref(json_info.json_root);
+		}  else {
+			ret = fips_test_one_file();
+		}
+#else /* RTE_HAS_JANSSON */
 		ret = fips_test_one_file();
+#endif /* RTE_HAS_JANSSON */
+
 		if (ret < 0) {
 			RTE_LOG(ERR, USER1, "Error %i: Failed test %s\n",
 					ret, env.req_path);
@@ -485,7 +501,17 @@ main(int argc, char *argv[])
 				break;
 			}
 
+#ifdef RTE_HAS_JANSSON
+			if (info.file_type == FIPS_TYPE_JSON) {
+				ret = fips_test_one_json_file();
+				json_decref(json_info.json_root);
+			} else {
+				ret = fips_test_one_file();
+			}
+#else /* RTE_HAS_JANSSON */
 			ret = fips_test_one_file();
+#endif /* RTE_HAS_JANSSON */
+
 			if (ret < 0) {
 				RTE_LOG(ERR, USER1, "Error %i: Failed test %s\n",
 						ret, req_path);
@@ -1223,7 +1249,8 @@ fips_generic_test(void)
 	struct fips_val val = {NULL, 0};
 	int ret;
 
-	fips_test_write_one_case();
+	if (info.file_type != FIPS_TYPE_JSON)
+		fips_test_write_one_case();
 
 	ret = fips_run_test();
 	if (ret < 0) {
@@ -1242,6 +1269,7 @@ fips_generic_test(void)
 	switch (info.file_type) {
 	case FIPS_TYPE_REQ:
 	case FIPS_TYPE_RSP:
+	case FIPS_TYPE_JSON:
 		if (info.parse_writeback == NULL)
 			return -EPERM;
 		ret = info.parse_writeback(&val);
@@ -1259,7 +1287,8 @@ fips_generic_test(void)
 		break;
 	}
 
-	fprintf(info.fp_wr, "\n");
+	if (info.file_type != FIPS_TYPE_JSON)
+		fprintf(info.fp_wr, "\n");
 	free(val.val);
 
 	return 0;
@@ -1850,3 +1879,161 @@ fips_test_one_file(void)
 
 	return ret;
 }
+
+#ifdef RTE_HAS_JANSSON
+static int
+fips_test_json_init_writeback(void)
+{
+	json_t *session_info, *session_write;
+	session_info = json_array_get(json_info.json_root, 0);
+	session_write = json_object();
+	json_info.json_write_root = json_array();
+
+	json_object_set(session_write, "jwt",
+		json_object_get(session_info, "jwt"));
+	json_object_set(session_write, "url",
+		json_object_get(session_info, "url"));
+	json_object_set(session_write, "isSample",
+		json_object_get(session_info, "isSample"));
+
+	json_info.is_sample = json_boolean_value(
+		json_object_get(session_info, "isSample"));
+
+	json_array_append_new(json_info.json_write_root, session_write);
+	return 0;
+}
+
+static int
+fips_test_one_test_case(void)
+{
+	int ret;
+
+	ret = fips_test_parse_one_json_case();
+
+	switch (ret) {
+	case 0:
+		ret = test_ops.test();
+		if (ret == 0)
+			break;
+		RTE_LOG(ERR, USER1, "Error %i: test block\n",
+				ret);
+		break;
+	case 1:
+		break;
+	default:
+		RTE_LOG(ERR, USER1, "Error %i: Parse block\n",
+				ret);
+	}
+	return 0;
+}
+
+static int
+fips_test_one_test_group(void)
+{
+	int ret;
+	json_t *tests, *write_tests;
+	size_t test_idx, tests_size;
+
+	write_tests = json_array();
+	json_info.json_write_group = json_object();
+	json_object_set(json_info.json_write_group, "tgId",
+		json_object_get(json_info.json_test_group, "tgId"));
+	json_object_set_new(json_info.json_write_group, "tests", write_tests);
+
+	switch (info.algo) {
+	case FIPS_TEST_ALGO_AES_GCM:
+		ret = parse_test_gcm_init();
+		break;
+	default:
+		return -EINVAL;
+	}
+	if (ret < 0)
+		return ret;
+
+	ret = fips_test_parse_one_json_group();
+	if (ret < 0)
+		return ret;
+
+	ret = init_test_ops();
+	if (ret < 0)
+		return ret;
+
+	tests = json_object_get(json_info.json_test_group, "tests");
+	tests_size = json_array_size(tests);
+	for (test_idx = 0; test_idx < tests_size; test_idx++) {
+		json_info.json_test_case = json_array_get(tests, test_idx);
+		fips_test_one_test_case();
+		json_array_append_new(write_tests, json_info.json_write_case);
+	}
+
+	return 0;
+}
+
+static int
+fips_test_one_vector_set(void)
+{
+	int ret;
+	json_t *test_groups, *write_groups, *write_version, *write_set;
+	size_t group_idx, num_groups;
+
+	test_groups = json_object_get(json_info.json_vector_set, "testGroups");
+	num_groups = json_array_size(test_groups);
+
+	json_info.json_write_set = json_array();
+	write_version = json_object();
+	json_object_set_new(write_version, "acvVersion", json_string(ACVVERSION));
+	json_array_append_new(json_info.json_write_set, write_version);
+
+	write_set = json_object();
+	json_array_append_new(json_info.json_write_set, write_set);
+	write_groups = json_array();
+
+	json_object_set(write_set, "vsId",
+		json_object_get(json_info.json_vector_set, "vsId"));
+	json_object_set(write_set, "algorithm",
+		json_object_get(json_info.json_vector_set, "algorithm"));
+	json_object_set(write_set, "revision",
+		json_object_get(json_info.json_vector_set, "revision"));
+	json_object_set_new(write_set, "isSample",
+		json_boolean(json_info.is_sample));
+	json_object_set_new(write_set, "testGroups", write_groups);
+
+	ret = fips_test_parse_one_json_vector_set();
+	if (ret < 0) {
+		RTE_LOG(ERR, USER1, "Error: Unsupported or invalid vector set algorithm: %s\n",
+			json_string_value(json_object_get(json_info.json_vector_set, "algorithm")));
+		return ret;
+	}
+
+	for (group_idx = 0; group_idx < num_groups; group_idx++) {
+		json_info.json_test_group = json_array_get(test_groups, group_idx);
+		ret = fips_test_one_test_group();
+		json_array_append_new(write_groups, json_info.json_write_group);
+	}
+
+	return 0;
+}
+
+static int
+fips_test_one_json_file(void)
+{
+	size_t vector_set_idx, root_size;
+
+	root_size = json_array_size(json_info.json_root);
+	fips_test_json_init_writeback();
+
+	for (vector_set_idx = 1; vector_set_idx < root_size; vector_set_idx++) {
+		/* Vector set index starts at 1, the 0th index contains test session
+		 * information.
+		 */
+		json_info.json_vector_set = json_array_get(json_info.json_root, vector_set_idx);
+		fips_test_one_vector_set();
+		json_array_append_new(json_info.json_write_root, json_info.json_write_set);
+	}
+
+	json_dumpf(json_info.json_write_root, info.fp_wr, JSON_INDENT(4));
+	json_decref(json_info.json_write_root);
+
+	return 0;
+}
+#endif /* RTE_HAS_JANSSON */
-- 
2.25.1


^ permalink raw reply	[flat|nested] 122+ messages in thread

* [v7, 05/11] examples/fips_validation: add json to gcm test
  2022-05-26  8:02           ` [v7, " Gowrishankar Muthukrishnan
                               ` (3 preceding siblings ...)
  2022-05-26  8:02             ` [v7, 04/11] examples/fips_validation: allow json file as input Gowrishankar Muthukrishnan
@ 2022-05-26  8:02             ` Gowrishankar Muthukrishnan
  2022-05-26  9:49               ` Zhang, Roy Fan
  2022-05-26  8:02             ` [v7, 06/11] examples/fips_validation: add json to hmac Gowrishankar Muthukrishnan
                               ` (6 subsequent siblings)
  11 siblings, 1 reply; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-26  8:02 UTC (permalink / raw)
  To: dev
  Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
	Archana Muniganti, Jerin Jacob, Brandon Lo

From: Brandon Lo <blo@iol.unh.edu>

Adds json-specific testing and writeback function. Allows
the user to test AES-GCM vector sets.

Signed-off-by: Brandon Lo <blo@iol.unh.edu>
---
v3:
* fix checkpatch warnings
---
 examples/fips_validation/fips_validation.h    |   3 +
 .../fips_validation/fips_validation_gcm.c     | 151 +++++++++++++++++-
 examples/fips_validation/main.c               |   3 +-
 3 files changed, 155 insertions(+), 2 deletions(-)

diff --git a/examples/fips_validation/fips_validation.h b/examples/fips_validation/fips_validation.h
index a1c83a9a6a..8b9d528c53 100644
--- a/examples/fips_validation/fips_validation.h
+++ b/examples/fips_validation/fips_validation.h
@@ -250,6 +250,9 @@ fips_test_parse_one_json_group(void);
 
 int
 fips_test_parse_one_json_case(void);
+
+int
+parse_test_gcm_json_init(void);
 #endif /* RTE_HAS_JANSSON */
 
 int
diff --git a/examples/fips_validation/fips_validation_gcm.c b/examples/fips_validation/fips_validation_gcm.c
index 250d09bf90..3604b21f13 100644
--- a/examples/fips_validation/fips_validation_gcm.c
+++ b/examples/fips_validation/fips_validation_gcm.c
@@ -6,6 +6,10 @@
 #include <time.h>
 #include <stdio.h>
 
+#ifdef RTE_HAS_JANSSON
+#include <jansson.h>
+#endif /* RTE_HAS_JANSSON */
+
 #include <rte_cryptodev.h>
 #include <rte_malloc.h>
 
@@ -37,6 +41,27 @@
 #define OP_ENC_EXT_STR	"ExtIV"
 #define OP_ENC_INT_STR	"IntIV"
 
+#define KEYLEN_JSON_STR		"keyLen"
+#define IVLEN_JSON_STR		"ivLen"
+#define PAYLOADLEN_JSON_STR	"payloadLen"
+#define AADLEN_JSON_STR		"aadLen"
+#define TAGLEN_JSON_STR		"tagLen"
+
+#define KEY_JSON_STR	"key"
+#define IV_JSON_STR		"iv"
+#define PT_JSON_STR		"pt"
+#define CT_JSON_STR		"ct"
+#define AAD_JSON_STR	"aad"
+#define TAG_JSON_STR	"tag"
+#define DIR_JSON_STR	"direction"
+
+#define OP_ENC_JSON_STR	"encrypt"
+#define OP_DEC_JSON_STR	"decrypt"
+
+#define IVGEN_JSON_STR	"ivGen"
+#define OP_ENC_EXT_JSON_STR	"external"
+#define OP_ENC_INT_JSON_STR	"internal"
+
 #define NEG_TEST_STR	"FAIL"
 
 /**
@@ -136,6 +161,40 @@ struct fips_test_callback gcm_enc_vectors[] = {
 		{NULL, NULL, NULL} /**< end pointer */
 };
 
+#ifdef RTE_HAS_JANSSON
+struct fips_test_callback gcm_dec_json_vectors[] = {
+		{KEY_JSON_STR, parse_uint8_known_len_hex_str, &vec.aead.key},
+		{IV_JSON_STR, parse_uint8_known_len_hex_str, &vec.iv},
+		{CT_JSON_STR, parse_gcm_pt_ct_str, &vec.ct},
+		{AAD_JSON_STR, parse_gcm_aad_str, &vec.aead.aad},
+		{TAG_JSON_STR, parse_uint8_known_len_hex_str,
+				&vec.aead.digest},
+		{NULL, NULL, NULL} /**< end pointer */
+};
+
+struct fips_test_callback gcm_interim_json_vectors[] = {
+		{KEYLEN_JSON_STR, parser_read_uint32_bit_val, &vec.aead.key},
+		{IVLEN_JSON_STR, parser_read_uint32_bit_val, &vec.iv},
+		{PAYLOADLEN_JSON_STR, parser_read_gcm_pt_len, &vec.pt},
+		{PAYLOADLEN_JSON_STR, parser_read_uint32_bit_val, &vec.ct},
+		/**< The NIST json test vectors use 'payloadLen' to denote input text
+		 *  length in case of decrypt & encrypt operations.
+		 */
+		{AADLEN_JSON_STR, parser_read_uint32_bit_val, &vec.aead.aad},
+		{TAGLEN_JSON_STR, parser_read_uint32_bit_val,
+				&vec.aead.digest},
+		{NULL, NULL, NULL} /**< end pointer */
+};
+
+struct fips_test_callback gcm_enc_json_vectors[] = {
+		{KEY_JSON_STR, parse_uint8_known_len_hex_str, &vec.aead.key},
+		{IV_JSON_STR, parse_uint8_known_len_hex_str, &vec.iv},
+		{PT_JSON_STR, parse_gcm_pt_ct_str, &vec.pt},
+		{AAD_JSON_STR, parse_gcm_aad_str, &vec.aead.aad},
+		{NULL, NULL, NULL} /**< end pointer */
+};
+#endif /* RTE_HAS_JANSSON */
+
 static int
 parse_test_gcm_writeback(struct fips_val *val)
 {
@@ -194,7 +253,6 @@ parse_test_gcm_init(void)
 	char *tmp;
 	uint32_t i;
 
-
 	for (i = 0; i < info.nb_vec_lines; i++) {
 		char *line = info.vec[i];
 
@@ -218,3 +276,94 @@ parse_test_gcm_init(void)
 
 	return 0;
 }
+
+#ifdef RTE_HAS_JANSSON
+static int
+parse_test_gcm_json_writeback(struct fips_val *val)
+{
+	struct fips_val tmp_val;
+	json_t *tcId, *tag;
+
+	tcId = json_object_get(json_info.json_test_case, "tcId");
+
+	json_info.json_write_case = json_object();
+	json_object_set(json_info.json_write_case, "tcId", tcId);
+
+	if (info.op == FIPS_TEST_ENC_AUTH_GEN) {
+		json_t *ct;
+
+		tmp_val.val = val->val;
+		tmp_val.len = vec.pt.len;
+
+		writeback_hex_str("", info.one_line_text, &tmp_val);
+		ct = json_string(info.one_line_text);
+		json_object_set_new(json_info.json_write_case, CT_JSON_STR, ct);
+
+		if (info.interim_info.gcm_data.gen_iv) {
+			json_t *iv;
+			tmp_val.val = vec.iv.val;
+			tmp_val.len = vec.iv.len;
+
+			writeback_hex_str("", info.one_line_text, &tmp_val);
+			iv = json_string(info.one_line_text);
+			json_object_set_new(json_info.json_write_case, IV_JSON_STR, iv);
+
+			rte_free(vec.iv.val);
+			vec.iv.val = NULL;
+		}
+
+		tmp_val.val = val->val + vec.pt.len;
+		tmp_val.len = val->len - vec.pt.len;
+
+		writeback_hex_str("", info.one_line_text, &tmp_val);
+		tag = json_string(info.one_line_text);
+		json_object_set_new(json_info.json_write_case, TAG_JSON_STR, tag);
+	} else {
+		if (vec.status == RTE_CRYPTO_OP_STATUS_SUCCESS) {
+			if (!info.interim_info.gcm_data.is_gmac) {
+				tmp_val.val = val->val;
+				tmp_val.len = vec.pt.len;
+
+				writeback_hex_str("", info.one_line_text, &tmp_val);
+				json_object_set_new(json_info.json_write_case, PT_JSON_STR,
+					json_string(info.one_line_text));
+			}
+		} else {
+			json_object_set_new(json_info.json_write_case, "testPassed", json_false());
+		}
+	}
+
+	return 0;
+}
+
+int
+parse_test_gcm_json_init(void)
+{
+	json_t *direction_obj;
+	const char *direction_str;
+
+	direction_obj = json_object_get(json_info.json_test_group, DIR_JSON_STR);
+	direction_str = json_string_value(direction_obj);
+
+	if (strcmp(direction_str, OP_ENC_JSON_STR) == 0) {
+		json_t *ivGen_obj = json_object_get(json_info.json_test_group, IVGEN_JSON_STR);
+		const char *ivGen_str = json_string_value(ivGen_obj);
+
+		info.op = FIPS_TEST_ENC_AUTH_GEN;
+		info.callbacks = gcm_enc_json_vectors;
+
+		if (strcmp(ivGen_str, OP_ENC_INT_JSON_STR) == 0)
+			info.interim_info.gcm_data.gen_iv = 1;
+	} else if (strcmp(direction_str, OP_DEC_JSON_STR) == 0) {
+		info.op = FIPS_TEST_DEC_AUTH_VERIF;
+		info.callbacks = gcm_dec_json_vectors;
+	} else {
+		return -EINVAL;
+	}
+	info.interim_callbacks = gcm_interim_json_vectors;
+	info.parse_writeback = parse_test_gcm_json_writeback;
+
+	return 0;
+}
+#endif /* RTE_HAS_JANSSON */
+
diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c
index 81b014d6fa..f66f7710d8 100644
--- a/examples/fips_validation/main.c
+++ b/examples/fips_validation/main.c
@@ -1942,11 +1942,12 @@ fips_test_one_test_group(void)
 
 	switch (info.algo) {
 	case FIPS_TEST_ALGO_AES_GCM:
-		ret = parse_test_gcm_init();
+		ret = parse_test_gcm_json_init();
 		break;
 	default:
 		return -EINVAL;
 	}
+
 	if (ret < 0)
 		return ret;
 
-- 
2.25.1


^ permalink raw reply	[flat|nested] 122+ messages in thread

* [v7, 06/11] examples/fips_validation: add json to hmac
  2022-05-26  8:02           ` [v7, " Gowrishankar Muthukrishnan
                               ` (4 preceding siblings ...)
  2022-05-26  8:02             ` [v7, 05/11] examples/fips_validation: add json to gcm test Gowrishankar Muthukrishnan
@ 2022-05-26  8:02             ` Gowrishankar Muthukrishnan
  2022-05-26  9:49               ` Zhang, Roy Fan
  2022-05-26  8:02             ` [v7, 07/11] examples/fips_validation: implement json cmac test Gowrishankar Muthukrishnan
                               ` (5 subsequent siblings)
  11 siblings, 1 reply; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-26  8:02 UTC (permalink / raw)
  To: dev
  Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
	Archana Muniganti, Jerin Jacob, Brandon Lo

From: Brandon Lo <blo@iol.unh.edu>

Adds JSON support for the HMAC algorithm.

Signed-off-by: Brandon Lo <blo@iol.unh.edu>
---
 examples/fips_validation/fips_validation.c    |  2 +
 examples/fips_validation/fips_validation.h    |  6 ++
 .../fips_validation/fips_validation_hmac.c    | 93 +++++++++++++++++++
 examples/fips_validation/main.c               |  3 +
 4 files changed, 104 insertions(+)

diff --git a/examples/fips_validation/fips_validation.c b/examples/fips_validation/fips_validation.c
index 6594a15579..e8520f59cf 100644
--- a/examples/fips_validation/fips_validation.c
+++ b/examples/fips_validation/fips_validation.c
@@ -458,6 +458,8 @@ fips_test_parse_one_json_vector_set(void)
 	/* Vector sets contain the algorithm type, and nothing else we need. */
 	if (strstr(algo_str, "AES-GCM"))
 		info.algo = FIPS_TEST_ALGO_AES_GCM;
+	if (strstr(algo_str, "HMAC"))
+		info.algo = FIPS_TEST_ALGO_HMAC;
 	else
 		return -EINVAL;
 
diff --git a/examples/fips_validation/fips_validation.h b/examples/fips_validation/fips_validation.h
index 8b9d528c53..3b3ffb7fa6 100644
--- a/examples/fips_validation/fips_validation.h
+++ b/examples/fips_validation/fips_validation.h
@@ -253,6 +253,12 @@ fips_test_parse_one_json_case(void);
 
 int
 parse_test_gcm_json_init(void);
+
+int
+parse_test_hmac_json_init(void);
+
+int
+parse_test_hmac_json_algorithm(void);
 #endif /* RTE_HAS_JANSSON */
 
 int
diff --git a/examples/fips_validation/fips_validation_hmac.c b/examples/fips_validation/fips_validation_hmac.c
index 1285c9d283..4cd1b1ac07 100644
--- a/examples/fips_validation/fips_validation_hmac.c
+++ b/examples/fips_validation/fips_validation_hmac.c
@@ -19,6 +19,15 @@
 #define PT_STR		"Msg = "
 #define TAG_STR		"Mac = "
 
+#define ALGO_JSON_STR	"algorithm"
+
+#define KEYLEN_JSON_STR	"keyLen"
+#define TAGLEN_JSON_STR	"macLen"
+
+#define KEY_JSON_STR	"key"
+#define PT_JSON_STR		"msg"
+#define TAG_JSON_STR	"mac"
+
 struct hash_size_conversion {
 	const char *str;
 	enum rte_crypto_auth_algorithm algo;
@@ -65,6 +74,29 @@ struct fips_test_callback hmac_tests_interim_vectors[] = {
 		{NULL, NULL, NULL} /**< end pointer */
 };
 
+#ifdef RTE_HAS_JANSSON
+struct hash_size_conversion json_algorithms[] = {
+		{"HMAC-SHA-1", RTE_CRYPTO_AUTH_SHA1_HMAC},
+		{"HMAC-SHA2-224", RTE_CRYPTO_AUTH_SHA224_HMAC},
+		{"HMAC-SHA2-256", RTE_CRYPTO_AUTH_SHA256_HMAC},
+		{"HMAC-SHA2-384", RTE_CRYPTO_AUTH_SHA384_HMAC},
+		{"HMAC-SHA2-512", RTE_CRYPTO_AUTH_SHA512_HMAC},
+};
+
+struct fips_test_callback hmac_tests_json_vectors[] = {
+		{KEY_JSON_STR, parse_uint8_hex_str, &vec.cipher_auth.key},
+		{PT_JSON_STR, parse_uint8_hex_str, &vec.pt},
+		{TAG_JSON_STR, parse_uint8_hex_str, &vec.cipher_auth.digest},
+		{NULL, NULL, NULL} /**< end pointer */
+};
+
+struct fips_test_callback hmac_tests_interim_json_vectors[] = {
+		{KEYLEN_JSON_STR, parser_read_uint32_val, &vec.cipher_auth.key},
+		{TAGLEN_JSON_STR, parser_read_uint32_bit_val, &vec.cipher_auth.digest},
+		{NULL, NULL, NULL} /**< end pointer */
+};
+#endif /* RTE_HAS_JANSSON */
+
 static int
 parse_test_hmac_writeback(struct fips_val *val)
 {
@@ -103,3 +135,64 @@ parse_test_hmac_init(void)
 
 	return 0;
 }
+
+#ifdef RTE_HAS_JANSSON
+static int
+parse_test_hmac_json_writeback(struct fips_val *val)
+{
+	struct fips_val val_local;
+	json_t *tcId, *mac;
+
+	tcId = json_object_get(json_info.json_test_case, "tcId");
+
+	json_info.json_write_case = json_object();
+	json_object_set(json_info.json_write_case, "tcId", tcId);
+
+
+	val_local.val = val->val + vec.pt.len;
+	val_local.len = vec.cipher_auth.digest.len;
+
+	writeback_hex_str("", info.one_line_text, &val_local);
+
+	mac = json_string(info.one_line_text);
+	json_object_set_new(json_info.json_write_case, TAG_JSON_STR, mac);
+
+	return 0;
+}
+
+int
+parse_test_hmac_json_algorithm(void)
+{
+	json_t *algorithm_object;
+	const char *algorithm_str;
+	uint32_t i;
+
+	algorithm_object = json_object_get(json_info.json_vector_set, "algorithm");
+	algorithm_str = json_string_value(algorithm_object);
+
+	for (i = 0; i < RTE_DIM(json_algorithms); i++) {
+		if (strstr(algorithm_str, json_algorithms[i].str)) {
+			info.interim_info.hmac_data.algo = json_algorithms[i].algo;
+			return 0;
+		}
+	}
+
+	return -1;
+}
+
+int
+parse_test_hmac_json_init(void)
+{
+	info.op = FIPS_TEST_ENC_AUTH_GEN;
+	info.parse_writeback = parse_test_hmac_json_writeback;
+	info.callbacks = hmac_tests_json_vectors;
+	info.writeback_callbacks = NULL;
+	info.kat_check = rsp_test_hmac_check;
+	info.interim_callbacks = hmac_tests_interim_json_vectors;
+
+	if (parse_test_hmac_json_algorithm() < 0)
+		return -1;
+
+	return 0;
+}
+#endif /* RTE_HAS_JANSSON */
diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c
index f66f7710d8..45b453b913 100644
--- a/examples/fips_validation/main.c
+++ b/examples/fips_validation/main.c
@@ -1944,6 +1944,9 @@ fips_test_one_test_group(void)
 	case FIPS_TEST_ALGO_AES_GCM:
 		ret = parse_test_gcm_json_init();
 		break;
+	case FIPS_TEST_ALGO_HMAC:
+		ret = parse_test_hmac_json_init();
+		break;
 	default:
 		return -EINVAL;
 	}
-- 
2.25.1


^ permalink raw reply	[flat|nested] 122+ messages in thread

* [v7, 07/11] examples/fips_validation: implement json cmac test
  2022-05-26  8:02           ` [v7, " Gowrishankar Muthukrishnan
                               ` (5 preceding siblings ...)
  2022-05-26  8:02             ` [v7, 06/11] examples/fips_validation: add json to hmac Gowrishankar Muthukrishnan
@ 2022-05-26  8:02             ` Gowrishankar Muthukrishnan
  2022-05-26  9:49               ` Zhang, Roy Fan
  2022-05-26  8:02             ` [v7, 08/11] examples/fips_validation: add parsing for cmac Gowrishankar Muthukrishnan
                               ` (4 subsequent siblings)
  11 siblings, 1 reply; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-26  8:02 UTC (permalink / raw)
  To: dev
  Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
	Archana Muniganti, Jerin Jacob, Brandon Lo

From: Brandon Lo <blo@iol.unh.edu>

Implemented JSON support for the CMAC test.

Signed-off-by: Brandon Lo <blo@iol.unh.edu>
--
v5:
* parser_read_cmac_direction_str is static.
---
 examples/fips_validation/fips_validation.h    |  3 +
 .../fips_validation/fips_validation_cmac.c    | 80 +++++++++++++++++++
 2 files changed, 83 insertions(+)

diff --git a/examples/fips_validation/fips_validation.h b/examples/fips_validation/fips_validation.h
index 3b3ffb7fa6..88cbb0303e 100644
--- a/examples/fips_validation/fips_validation.h
+++ b/examples/fips_validation/fips_validation.h
@@ -259,6 +259,9 @@ parse_test_hmac_json_init(void);
 
 int
 parse_test_hmac_json_algorithm(void);
+
+int
+parse_test_cmac_json_init(void);
 #endif /* RTE_HAS_JANSSON */
 
 int
diff --git a/examples/fips_validation/fips_validation_cmac.c b/examples/fips_validation/fips_validation_cmac.c
index 54c951ef83..094e3922a4 100644
--- a/examples/fips_validation/fips_validation_cmac.c
+++ b/examples/fips_validation/fips_validation_cmac.c
@@ -32,6 +32,18 @@
 #define PASS_STR	"P"
 #define FAIL_STR	"F"
 
+#define KLEN_JSON_STR		"keyLen"
+#define PTLEN_JSON_STR		"msgLen"
+#define TAGLEN_JSON_STR		"macLen"
+#define KEY_JSON_STR		"key"
+#define PT_JSON_STR			"message"
+#define TAG_JSON_STR		"mac"
+#define DIRECTION_JSON_STR	"direction"
+#define POS_NEG_JSON_STR	"testPassed"
+
+#define GEN_JSON_STR	"gen"
+#define VERIF_JSON_STR	"ver"
+
 struct hash_algo_conversion {
 	const char *str;
 	enum fips_test_algorithms algo;
@@ -39,6 +51,74 @@ struct hash_algo_conversion {
 		{"AES", FIPS_TEST_ALGO_AES_CMAC},
 };
 
+#ifdef RTE_HAS_JANSSON
+static int
+parser_read_cmac_direction_str(__rte_unused const char *key, char *src,
+		__rte_unused struct fips_val *val)
+{
+	if (strcmp(src, "gen") == 0)
+		info.op = FIPS_TEST_ENC_AUTH_GEN;
+	else if (strcmp(src, "ver") == 0)
+		info.op = FIPS_TEST_DEC_AUTH_VERIF;
+
+	return 0;
+}
+
+struct fips_test_callback cmac_tests_interim_json_vectors[] = {
+		{KLEN_JSON_STR, parser_read_uint32_bit_val, &vec.cipher_auth.key},
+		{PTLEN_JSON_STR, parser_read_uint32_bit_val, &vec.pt},
+		{TAGLEN_JSON_STR, parser_read_uint32_bit_val, &vec.cipher_auth.digest},
+		{DIRECTION_JSON_STR, parser_read_cmac_direction_str, NULL},
+		{NULL, NULL, NULL} /**< end pointer */
+};
+
+struct fips_test_callback cmac_tests_json_vectors[] = {
+		{KEY_JSON_STR, parse_uint8_hex_str, &vec.cipher_auth.key},
+		{PT_JSON_STR, parse_uint8_known_len_hex_str, &vec.pt},
+		{TAG_JSON_STR, parse_uint8_known_len_hex_str,
+				&vec.cipher_auth.digest},
+		{NULL, NULL, NULL} /**< end pointer */
+};
+
+static int
+parse_test_cmac_json_writeback(struct fips_val *val)
+{
+	json_info.json_write_case = json_object();
+	json_object_set(json_info.json_write_case, "tcId",
+		json_object_get(json_info.json_test_case, "tcId"));
+
+	if (info.op == FIPS_TEST_ENC_AUTH_GEN) {
+		struct fips_val tmp_val = {val->val + vec.pt.len,
+				vec.cipher_auth.digest.len};
+
+		writeback_hex_str("", info.one_line_text, &tmp_val);
+		json_object_set_new(json_info.json_write_case, TAG_JSON_STR,
+			json_string(info.one_line_text));
+	} else {
+		if (vec.status == RTE_CRYPTO_OP_STATUS_SUCCESS)
+			json_object_set_new(json_info.json_write_case, POS_NEG_JSON_STR,
+				json_boolean(true));
+		else if (vec.status == RTE_CRYPTO_OP_STATUS_AUTH_FAILED)
+			json_object_set_new(json_info.json_write_case, POS_NEG_JSON_STR,
+				json_boolean(false));
+	}
+
+	return 0;
+}
+
+int
+parse_test_cmac_json_init(void)
+{
+	info.algo = FIPS_TEST_ALGO_AES_CMAC;
+
+	info.parse_writeback = parse_test_cmac_json_writeback;
+	info.callbacks = cmac_tests_json_vectors;
+	info.interim_callbacks = cmac_tests_interim_json_vectors;
+
+	return 0;
+}
+#endif /* RTE_HAS_JANSSON */
+
 static int
 parse_test_cmac_writeback(struct fips_val *val)
 {
-- 
2.25.1


^ permalink raw reply	[flat|nested] 122+ messages in thread

* [v7, 08/11] examples/fips_validation: add parsing for cmac
  2022-05-26  8:02           ` [v7, " Gowrishankar Muthukrishnan
                               ` (6 preceding siblings ...)
  2022-05-26  8:02             ` [v7, 07/11] examples/fips_validation: implement json cmac test Gowrishankar Muthukrishnan
@ 2022-05-26  8:02             ` Gowrishankar Muthukrishnan
  2022-05-26  9:50               ` Zhang, Roy Fan
  2022-05-26  8:02             ` [v7, 09/11] examples/fips_validation: cleanup bypass tests in response file Gowrishankar Muthukrishnan
                               ` (3 subsequent siblings)
  11 siblings, 1 reply; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-26  8:02 UTC (permalink / raw)
  To: dev
  Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
	Archana Muniganti, Jerin Jacob, Brandon Lo,
	Gowrishankar Muthukrishnan

From: Brandon Lo <blo@iol.unh.edu>

Added function to parse algorithm for CMAC test.

Signed-off-by: Brandon Lo <blo@iol.unh.edu>
Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
--
v5:
* parser_read_cmac_direction_str implementation moved to static.
---
 examples/fips_validation/fips_validation.c | 19 ++++++++++++++++---
 examples/fips_validation/main.c            |  3 +++
 2 files changed, 19 insertions(+), 3 deletions(-)

diff --git a/examples/fips_validation/fips_validation.c b/examples/fips_validation/fips_validation.c
index e8520f59cf..ab4c0d0eca 100644
--- a/examples/fips_validation/fips_validation.c
+++ b/examples/fips_validation/fips_validation.c
@@ -460,6 +460,8 @@ fips_test_parse_one_json_vector_set(void)
 		info.algo = FIPS_TEST_ALGO_AES_GCM;
 	if (strstr(algo_str, "HMAC"))
 		info.algo = FIPS_TEST_ALGO_HMAC;
+	if (strstr(algo_str, "CMAC"))
+		info.algo = FIPS_TEST_ALGO_AES_CMAC;
 	else
 		return -EINVAL;
 
@@ -470,7 +472,6 @@ int
 fips_test_parse_one_json_group(void)
 {
 	int ret, i;
-	json_int_t val;
 	json_t *param;
 
 	if (info.interim_callbacks) {
@@ -478,8 +479,20 @@ fips_test_parse_one_json_group(void)
 		for (i = 0; info.interim_callbacks[i].key != NULL; i++) {
 			param = json_object_get(json_info.json_test_group,
 					info.interim_callbacks[i].key);
-			val = json_integer_value(param);
-			snprintf(json_value, 255, "%"JSON_INTEGER_FORMAT, val);
+			switch (json_typeof(param)) {
+			case JSON_STRING:
+				snprintf(json_value, 256, "%s", json_string_value(param));
+				break;
+
+			case JSON_INTEGER:
+				snprintf(json_value, 255, "%"JSON_INTEGER_FORMAT,
+						json_integer_value(param));
+				break;
+
+			default:
+				return -EINVAL;
+			}
+
 			/* First argument is blank because the key
 			 * is not included in the string being parsed.
 			 */
diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c
index 45b453b913..d104d82221 100644
--- a/examples/fips_validation/main.c
+++ b/examples/fips_validation/main.c
@@ -1947,6 +1947,9 @@ fips_test_one_test_group(void)
 	case FIPS_TEST_ALGO_HMAC:
 		ret = parse_test_hmac_json_init();
 		break;
+	case FIPS_TEST_ALGO_AES_CMAC:
+		ret = parse_test_cmac_json_init();
+		break;
 	default:
 		return -EINVAL;
 	}
-- 
2.25.1


^ permalink raw reply	[flat|nested] 122+ messages in thread

* [v7, 09/11] examples/fips_validation: cleanup bypass tests in response file
  2022-05-26  8:02           ` [v7, " Gowrishankar Muthukrishnan
                               ` (7 preceding siblings ...)
  2022-05-26  8:02             ` [v7, 08/11] examples/fips_validation: add parsing for cmac Gowrishankar Muthukrishnan
@ 2022-05-26  8:02             ` Gowrishankar Muthukrishnan
  2022-05-26  8:02             ` [v7, 10/11] examples/fips_validation: reset IV generation in every test group Gowrishankar Muthukrishnan
                               ` (2 subsequent siblings)
  11 siblings, 0 replies; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-26  8:02 UTC (permalink / raw)
  To: dev
  Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
	Archana Muniganti, Jerin Jacob, Gowrishankar Muthukrishnan

Remove garbage entries for bypassed tests in response file.

Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
---
 examples/fips_validation/main.c | 74 ++++++++++++++++-----------------
 1 file changed, 35 insertions(+), 39 deletions(-)

diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c
index d104d82221..c203ad2ac2 100644
--- a/examples/fips_validation/main.c
+++ b/examples/fips_validation/main.c
@@ -804,7 +804,7 @@ prepare_aes_xform(struct rte_crypto_sym_xform *xform)
 		RTE_LOG(ERR, USER1, "PMD %s key length %u IV length %u\n",
 				info.device_name, cipher_xform->key.length,
 				cipher_xform->iv.length);
-		return -EPERM;
+		return -ENOTSUP;
 	}
 
 	return 0;
@@ -852,7 +852,7 @@ prepare_tdes_xform(struct rte_crypto_sym_xform *xform)
 		RTE_LOG(ERR, USER1, "PMD %s key length %u IV length %u\n",
 				info.device_name, cipher_xform->key.length,
 				cipher_xform->iv.length);
-		return -EPERM;
+		return -ENOTSUP;
 	}
 
 	return 0;
@@ -889,7 +889,7 @@ prepare_hmac_xform(struct rte_crypto_sym_xform *xform)
 		RTE_LOG(ERR, USER1, "PMD %s key length %u IV length %u\n",
 				info.device_name, auth_xform->key.length,
 				auth_xform->digest_length);
-		return -EPERM;
+		return -ENOTSUP;
 	}
 
 	return 0;
@@ -935,7 +935,7 @@ prepare_gcm_xform(struct rte_crypto_sym_xform *xform)
 				aead_xform->digest_length,
 				aead_xform->aad_length,
 				aead_xform->iv.length);
-		return -EPERM;
+		return -ENOTSUP;
 	}
 
 	return 0;
@@ -980,7 +980,7 @@ prepare_gmac_xform(struct rte_crypto_sym_xform *xform)
 				info.device_name, auth_xform->key.length,
 				auth_xform->digest_length,
 				auth_xform->iv.length);
-		return -EPERM;
+		return -ENOTSUP;
 	}
 
 	return 0;
@@ -1018,7 +1018,7 @@ prepare_cmac_xform(struct rte_crypto_sym_xform *xform)
 		RTE_LOG(ERR, USER1, "PMD %s key length %u IV length %u\n",
 				info.device_name, auth_xform->key.length,
 				auth_xform->digest_length);
-		return -EPERM;
+		return -ENOTSUP;
 	}
 
 	return 0;
@@ -1064,7 +1064,7 @@ prepare_ccm_xform(struct rte_crypto_sym_xform *xform)
 				aead_xform->digest_length,
 				aead_xform->aad_length,
 				aead_xform->iv.length);
-		return -EPERM;
+		return -ENOTSUP;
 	}
 
 	return 0;
@@ -1099,7 +1099,7 @@ prepare_sha_xform(struct rte_crypto_sym_xform *xform)
 		RTE_LOG(ERR, USER1, "PMD %s key length %u digest length %u\n",
 				info.device_name, auth_xform->key.length,
 				auth_xform->digest_length);
-		return -EPERM;
+		return -ENOTSUP;
 	}
 
 	return 0;
@@ -1139,7 +1139,7 @@ prepare_xts_xform(struct rte_crypto_sym_xform *xform)
 		RTE_LOG(ERR, USER1, "PMD %s key length %u IV length %u\n",
 				info.device_name, cipher_xform->key.length,
 				cipher_xform->iv.length);
-		return -EPERM;
+		return -ENOTSUP;
 	}
 
 	return 0;
@@ -1254,7 +1254,7 @@ fips_generic_test(void)
 
 	ret = fips_run_test();
 	if (ret < 0) {
-		if (ret == -EPERM || ret == -ENOTSUP) {
+		if (ret == -ENOTSUP) {
 			fprintf(info.fp_wr, "Bypass\n\n");
 			return 0;
 		}
@@ -1291,7 +1291,7 @@ fips_generic_test(void)
 		fprintf(info.fp_wr, "\n");
 	free(val.val);
 
-	return 0;
+	return 1;
 }
 
 static int
@@ -1460,7 +1460,7 @@ fips_mct_tdes_test(void)
 
 	free(val.val);
 
-	return 0;
+	return 1;
 }
 
 static int
@@ -1539,7 +1539,7 @@ fips_mct_aes_ecb_test(void)
 
 	free(val.val);
 
-	return 0;
+	return 1;
 }
 static int
 fips_mct_aes_test(void)
@@ -1647,7 +1647,7 @@ fips_mct_aes_test(void)
 
 	free(val.val);
 
-	return 0;
+	return 1;
 }
 
 static int
@@ -1733,7 +1733,7 @@ fips_mct_sha_test(void)
 
 	free(val.val);
 
-	return 0;
+	return 1;
 }
 
 
@@ -1848,18 +1848,15 @@ fips_test_one_file(void)
 		}
 
 		ret = fips_test_parse_one_case();
-		switch (ret) {
-		case 0:
-			ret = test_ops.test();
-			if (ret == 0)
-				break;
-			RTE_LOG(ERR, USER1, "Error %i: test block\n",
+		if (ret < 0) {
+			RTE_LOG(ERR, USER1, "Error %i: Parse block\n",
 					ret);
 			goto error_one_case;
-		case 1:
-			break;
-		default:
-			RTE_LOG(ERR, USER1, "Error %i: Parse block\n",
+		}
+
+		ret = test_ops.test();
+		if (ret < 0) {
+			RTE_LOG(ERR, USER1, "Error %i: test block\n",
 					ret);
 			goto error_one_case;
 		}
@@ -1909,22 +1906,21 @@ fips_test_one_test_case(void)
 	int ret;
 
 	ret = fips_test_parse_one_json_case();
+	if (ret < 0) {
+		RTE_LOG(ERR, USER1, "Error %i: Parse block\n",
+				ret);
+		goto exit;
+	}
 
-	switch (ret) {
-	case 0:
-		ret = test_ops.test();
-		if (ret == 0)
-			break;
+	ret = test_ops.test();
+	if (ret < 0) {
 		RTE_LOG(ERR, USER1, "Error %i: test block\n",
 				ret);
-		break;
-	case 1:
-		break;
-	default:
-		RTE_LOG(ERR, USER1, "Error %i: Parse block\n",
-				ret);
+		goto exit;
 	}
-	return 0;
+
+exit:
+	return ret;
 }
 
 static int
@@ -1969,8 +1965,8 @@ fips_test_one_test_group(void)
 	tests_size = json_array_size(tests);
 	for (test_idx = 0; test_idx < tests_size; test_idx++) {
 		json_info.json_test_case = json_array_get(tests, test_idx);
-		fips_test_one_test_case();
-		json_array_append_new(write_tests, json_info.json_write_case);
+		if (fips_test_one_test_case() > 0)
+			json_array_append_new(write_tests, json_info.json_write_case);
 	}
 
 	return 0;
-- 
2.25.1


^ permalink raw reply	[flat|nested] 122+ messages in thread

* [v7, 10/11] examples/fips_validation: reset IV generation in every test group
  2022-05-26  8:02           ` [v7, " Gowrishankar Muthukrishnan
                               ` (8 preceding siblings ...)
  2022-05-26  8:02             ` [v7, 09/11] examples/fips_validation: cleanup bypass tests in response file Gowrishankar Muthukrishnan
@ 2022-05-26  8:02             ` Gowrishankar Muthukrishnan
  2022-05-26  8:02             ` [v7, 11/11] examples/fips_validation: add parsing for aes_cbc Gowrishankar Muthukrishnan
  2022-05-30 12:23             ` [v8, 00/10] Add JSON vector set support to fips validation Gowrishankar Muthukrishnan
  11 siblings, 0 replies; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-26  8:02 UTC (permalink / raw)
  To: dev
  Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
	Archana Muniganti, Jerin Jacob, Gowrishankar Muthukrishnan

Reset IV generation in every test group.

Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
---
 examples/fips_validation/fips_validation_gcm.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/examples/fips_validation/fips_validation_gcm.c b/examples/fips_validation/fips_validation_gcm.c
index 3604b21f13..7e89f2a6b2 100644
--- a/examples/fips_validation/fips_validation_gcm.c
+++ b/examples/fips_validation/fips_validation_gcm.c
@@ -344,6 +344,7 @@ parse_test_gcm_json_init(void)
 
 	direction_obj = json_object_get(json_info.json_test_group, DIR_JSON_STR);
 	direction_str = json_string_value(direction_obj);
+	info.interim_info.gcm_data.gen_iv = 0;
 
 	if (strcmp(direction_str, OP_ENC_JSON_STR) == 0) {
 		json_t *ivGen_obj = json_object_get(json_info.json_test_group, IVGEN_JSON_STR);
-- 
2.25.1


^ permalink raw reply	[flat|nested] 122+ messages in thread

* [v7, 11/11] examples/fips_validation: add parsing for aes_cbc
  2022-05-26  8:02           ` [v7, " Gowrishankar Muthukrishnan
                               ` (9 preceding siblings ...)
  2022-05-26  8:02             ` [v7, 10/11] examples/fips_validation: reset IV generation in every test group Gowrishankar Muthukrishnan
@ 2022-05-26  8:02             ` Gowrishankar Muthukrishnan
  2022-05-30 12:23             ` [v8, 00/10] Add JSON vector set support to fips validation Gowrishankar Muthukrishnan
  11 siblings, 0 replies; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-26  8:02 UTC (permalink / raw)
  To: dev
  Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
	Archana Muniganti, Jerin Jacob, Gowrishankar Muthukrishnan

Added function to parse algorithm for AES_CBC test.

Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
--
v6:
* fixed local variable initialization in fips_mct_aes_test.
---
 examples/fips_validation/fips_validation.c    |   8 +-
 examples/fips_validation/fips_validation.h    |   4 +
 .../fips_validation/fips_validation_aes.c     | 223 ++++++++++++++++++
 examples/fips_validation/main.c               |  76 ++++--
 4 files changed, 284 insertions(+), 27 deletions(-)

diff --git a/examples/fips_validation/fips_validation.c b/examples/fips_validation/fips_validation.c
index ab4c0d0eca..8cec172a5f 100644
--- a/examples/fips_validation/fips_validation.c
+++ b/examples/fips_validation/fips_validation.c
@@ -120,7 +120,7 @@ fips_test_parse_header(void)
 
 	for (i = 0; i < info.nb_vec_lines; i++) {
 		if (!algo_parsed) {
-			if (strstr(info.vec[i], "AESVS")) {
+			if (strstr(info.vec[i], "AES")) {
 				algo_parsed = 1;
 				info.algo = FIPS_TEST_ALGO_AES;
 				ret = parse_test_aes_init();
@@ -458,10 +458,12 @@ fips_test_parse_one_json_vector_set(void)
 	/* Vector sets contain the algorithm type, and nothing else we need. */
 	if (strstr(algo_str, "AES-GCM"))
 		info.algo = FIPS_TEST_ALGO_AES_GCM;
-	if (strstr(algo_str, "HMAC"))
+	else if (strstr(algo_str, "HMAC"))
 		info.algo = FIPS_TEST_ALGO_HMAC;
-	if (strstr(algo_str, "CMAC"))
+	else if (strstr(algo_str, "CMAC"))
 		info.algo = FIPS_TEST_ALGO_AES_CMAC;
+	else if (strstr(algo_str, "AES-CBC"))
+		info.algo = FIPS_TEST_ALGO_AES;
 	else
 		return -EINVAL;
 
diff --git a/examples/fips_validation/fips_validation.h b/examples/fips_validation/fips_validation.h
index 88cbb0303e..6385ec4d8d 100644
--- a/examples/fips_validation/fips_validation.h
+++ b/examples/fips_validation/fips_validation.h
@@ -103,6 +103,7 @@ enum fips_aesavs_test_types {
 	AESAVS_TYPE_VARTXT,
 	AESAVS_TYPE_MMT,
 	AESAVS_TYPE_MCT,
+	AESAVS_TYPE_AFT,
 };
 
 enum fips_tdes_test_types {
@@ -262,6 +263,9 @@ parse_test_hmac_json_algorithm(void);
 
 int
 parse_test_cmac_json_init(void);
+
+int
+parse_test_aes_json_init(void);
 #endif /* RTE_HAS_JANSSON */
 
 int
diff --git a/examples/fips_validation/fips_validation_aes.c b/examples/fips_validation/fips_validation_aes.c
index b3c5e31f32..0b7b9c0849 100644
--- a/examples/fips_validation/fips_validation_aes.c
+++ b/examples/fips_validation/fips_validation_aes.c
@@ -7,6 +7,7 @@
 #include <stdio.h>
 
 #include <rte_cryptodev.h>
+#include <rte_malloc.h>
 
 #include "fips_validation.h"
 
@@ -25,6 +26,19 @@
 #define OP_ENC_STR	"ENCRYPT"
 #define OP_DEC_STR	"DECRYPT"
 
+#define ALGO_JSON_STR		"algorithm"
+#define TESTTYPE_JSON_STR	"testType"
+#define DIR_JSON_STR		"direction"
+#define KEYLEN_JSON_STR		"keyLen"
+
+#define KEY_JSON_STR	"key"
+#define IV_JSON_STR	"iv"
+#define PT_JSON_STR	"pt"
+#define CT_JSON_STR	"ct"
+
+#define OP_ENC_JSON_STR	"encrypt"
+#define OP_DEC_JSON_STR	"decrypt"
+
 struct {
 	uint32_t type;
 	const char *desc;
@@ -37,6 +51,7 @@ struct {
 		{TDES_VARIABLE_TEXT, "KAT"},
 		{AESAVS_TYPE_MMT, "MMT"},
 		{AESAVS_TYPE_MCT, "MCT"},
+		{AESAVS_TYPE_AFT, "AFT"},
 };
 
 struct aes_test_algo {
@@ -92,6 +107,214 @@ struct fips_test_callback aes_writeback_callbacks[] = {
 		{NULL, NULL, NULL} /**< end pointer */
 };
 
+#ifdef RTE_HAS_JANSSON
+struct fips_test_callback aes_dec_json_vectors[] = {
+		{KEY_JSON_STR, parse_uint8_known_len_hex_str, &vec.cipher_auth.key},
+		{IV_JSON_STR, parse_uint8_hex_str, &vec.iv},
+		{CT_JSON_STR, parse_uint8_hex_str, &vec.ct},
+		{NULL, NULL, NULL} /**< end pointer */
+};
+
+struct fips_test_callback aes_interim_json_vectors[] = {
+		{KEYLEN_JSON_STR, parser_read_uint32_bit_val, &vec.cipher_auth.key},
+		{NULL, NULL, NULL} /**< end pointer */
+};
+
+struct fips_test_callback aes_enc_json_vectors[] = {
+		{KEY_JSON_STR, parse_uint8_known_len_hex_str, &vec.cipher_auth.key},
+		{IV_JSON_STR, parse_uint8_hex_str, &vec.iv},
+		{PT_JSON_STR, parse_uint8_hex_str, &vec.pt},
+		{NULL, NULL, NULL} /**< end pointer */
+};
+
+static int
+parse_test_aes_json_writeback(struct fips_val *val)
+{
+	struct fips_val tmp_val;
+	json_t *tcId;
+
+	tcId = json_object_get(json_info.json_test_case, "tcId");
+
+	json_info.json_write_case = json_object();
+	json_object_set(json_info.json_write_case, "tcId", tcId);
+
+	if (info.op == FIPS_TEST_ENC_AUTH_GEN) {
+		json_t *ct;
+
+		tmp_val.val = val->val;
+		tmp_val.len = vec.pt.len;
+
+		writeback_hex_str("", info.one_line_text, &tmp_val);
+		ct = json_string(info.one_line_text);
+		json_object_set_new(json_info.json_write_case, CT_JSON_STR, ct);
+
+		tmp_val.val = val->val + vec.pt.len;
+		tmp_val.len = val->len - vec.pt.len;
+
+		writeback_hex_str("", info.one_line_text, &tmp_val);
+	} else {
+		if (vec.status == RTE_CRYPTO_OP_STATUS_SUCCESS) {
+			tmp_val.val = val->val;
+			tmp_val.len = vec.ct.len;
+
+			writeback_hex_str("", info.one_line_text, &tmp_val);
+			json_object_set_new(json_info.json_write_case, PT_JSON_STR,
+								json_string(info.one_line_text));
+		} else {
+			json_object_set_new(json_info.json_write_case, "testPassed", json_false());
+		}
+	}
+
+	return 0;
+}
+
+static int
+parse_test_aes_mct_json_writeback(struct fips_val *val)
+{
+	json_t *tcId, *resArr, *res, *ct, *pt, *key, *iv;
+	struct fips_val tmp_val;
+
+	tcId = json_object_get(json_info.json_test_case, "tcId");
+	if (json_info.json_write_case) {
+		json_t *wcId;
+
+		wcId = json_object_get(json_info.json_write_case, "tcId");
+		if (!json_equal(tcId, wcId)) {
+			json_info.json_write_case = json_object();
+			json_object_set(json_info.json_write_case, "tcId", tcId);
+			json_object_set(json_info.json_write_case, "resultsArray", json_array());
+		}
+	} else {
+		json_info.json_write_case = json_object();
+		json_object_set(json_info.json_write_case, "tcId", tcId);
+		json_object_set(json_info.json_write_case, "resultsArray", json_array());
+	}
+
+	resArr = json_object_get(json_info.json_write_case, "resultsArray");
+	if (!json_is_array(resArr))
+		return -EINVAL;
+
+	res = json_object();
+	if (info .op == FIPS_TEST_ENC_AUTH_GEN) {
+		writeback_hex_str("", info.one_line_text, &vec.cipher_auth.key);
+		key = json_string(info.one_line_text);
+		json_object_set_new(res, KEY_JSON_STR, key);
+
+		writeback_hex_str("", info.one_line_text, &val[2]);
+		iv = json_string(info.one_line_text);
+		json_object_set_new(res, IV_JSON_STR, iv);
+
+		writeback_hex_str("", info.one_line_text, &val[1]);
+		pt = json_string(info.one_line_text);
+		json_object_set_new(res, PT_JSON_STR, pt);
+
+		tmp_val.val = val->val;
+		tmp_val.len = vec.pt.len;
+
+		writeback_hex_str("", info.one_line_text, &tmp_val);
+		ct = json_string(info.one_line_text);
+		json_object_set_new(res, CT_JSON_STR, ct);
+
+		tmp_val.val = val->val + vec.pt.len;
+		tmp_val.len = val->len - vec.pt.len;
+
+		writeback_hex_str("", info.one_line_text, &tmp_val);
+	} else {
+		if (vec.status == RTE_CRYPTO_OP_STATUS_SUCCESS) {
+			writeback_hex_str("", info.one_line_text, &vec.cipher_auth.key);
+			key = json_string(info.one_line_text);
+			json_object_set_new(res, KEY_JSON_STR, key);
+
+			writeback_hex_str("", info.one_line_text, &val[2]);
+			iv = json_string(info.one_line_text);
+			json_object_set_new(res, IV_JSON_STR, iv);
+
+			tmp_val.val = val->val;
+			tmp_val.len = vec.ct.len;
+
+			writeback_hex_str("", info.one_line_text, &tmp_val);
+			pt = json_string(info.one_line_text);
+			json_object_set_new(res, PT_JSON_STR, pt);
+
+			writeback_hex_str("", info.one_line_text, &val[1]);
+			ct = json_string(info.one_line_text);
+			json_object_set_new(res, CT_JSON_STR, ct);
+		} else {
+			json_object_set_new(json_info.json_write_case, "testPassed", json_false());
+		}
+	}
+
+	json_array_append(resArr, res);
+	return 0;
+}
+
+int
+parse_test_aes_json_init(void)
+{
+	json_t *type_obj = json_object_get(json_info.json_test_group, TESTTYPE_JSON_STR);
+	json_t *algo_obj = json_object_get(json_info.json_vector_set, ALGO_JSON_STR);
+	const char *type_str = json_string_value(type_obj);
+	const char *algo_str = json_string_value(algo_obj);
+	uint32_t i;
+
+	if (json_info.json_test_group) {
+		json_t *direction_obj;
+		const char *direction_str;
+
+		direction_obj = json_object_get(json_info.json_test_group, DIR_JSON_STR);
+		direction_str = json_string_value(direction_obj);
+
+		if (strcmp(direction_str, OP_ENC_JSON_STR) == 0) {
+			info.op = FIPS_TEST_ENC_AUTH_GEN;
+			info.callbacks = aes_enc_json_vectors;
+
+		} else if (strcmp(direction_str, OP_DEC_JSON_STR) == 0) {
+			info.op = FIPS_TEST_DEC_AUTH_VERIF;
+			info.callbacks = aes_dec_json_vectors;
+		} else {
+			return -EINVAL;
+		}
+		info.interim_callbacks = aes_interim_json_vectors;
+	}
+
+	for (i = 0; i < RTE_DIM(aes_test_types); i++)
+		if (strstr(type_str, aes_test_types[i].desc)) {
+			info.interim_info.aes_data.test_type =
+				aes_test_types[i].type;
+			break;
+		}
+
+	if (i >= RTE_DIM(aes_test_types))
+		return -EINVAL;
+
+	switch (info.interim_info.aes_data.test_type) {
+	case AESAVS_TYPE_MCT:
+		info.parse_writeback = parse_test_aes_mct_json_writeback;
+		break;
+	case AESAVS_TYPE_AFT:
+		info.parse_writeback = parse_test_aes_json_writeback;
+		break;
+	default:
+		info.parse_writeback = NULL;
+	}
+
+	if (!info.parse_writeback)
+		return -EINVAL;
+
+	for (i = 0; i < RTE_DIM(algo_con); i++)
+		if (strstr(algo_str, algo_con[i].name)) {
+			info.interim_info.aes_data.cipher_algo =
+				(uint32_t)algo_con[i].algo;
+			break;
+		}
+
+	if (i >= RTE_DIM(algo_con))
+		return -EINVAL;
+
+	return 0;
+}
+#endif /* RTE_HAS_JANSSON */
+
 static int
 parse_test_aes_writeback(struct fips_val *val)
 {
diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c
index c203ad2ac2..2492df527b 100644
--- a/examples/fips_validation/main.c
+++ b/examples/fips_validation/main.c
@@ -1547,7 +1547,7 @@ fips_mct_aes_test(void)
 #define AES_BLOCK_SIZE	16
 #define AES_EXTERN_ITER	100
 #define AES_INTERN_ITER	1000
-	struct fips_val val = {NULL, 0}, val_key;
+	struct fips_val val[3] = {{NULL, 0},}, val_key,  pt, ct, iv;
 	uint8_t prev_out[AES_BLOCK_SIZE] = {0};
 	uint8_t prev_in[AES_BLOCK_SIZE] = {0};
 	uint32_t i, j, k;
@@ -1556,11 +1556,16 @@ fips_mct_aes_test(void)
 	if (info.interim_info.aes_data.cipher_algo == RTE_CRYPTO_CIPHER_AES_ECB)
 		return fips_mct_aes_ecb_test();
 
+	memset(&pt, 0, sizeof(struct fips_val));
+	memset(&ct, 0, sizeof(struct fips_val));
+	memset(&iv, 0, sizeof(struct fips_val));
 	for (i = 0; i < AES_EXTERN_ITER; i++) {
-		if (i != 0)
-			update_info_vec(i);
+		if (info.file_type != FIPS_TYPE_JSON) {
+			if (i != 0)
+				update_info_vec(i);
 
-		fips_test_write_one_case();
+			fips_test_write_one_case();
+		}
 
 		for (j = 0; j < AES_INTERN_ITER; j++) {
 			ret = fips_run_test();
@@ -1573,7 +1578,7 @@ fips_mct_aes_test(void)
 				return ret;
 			}
 
-			ret = get_writeback_data(&val);
+			ret = get_writeback_data(&val[0]);
 			if (ret < 0)
 				return ret;
 
@@ -1581,24 +1586,39 @@ fips_mct_aes_test(void)
 				memcpy(prev_in, vec.ct.val, AES_BLOCK_SIZE);
 
 			if (j == 0) {
-				memcpy(prev_out, val.val, AES_BLOCK_SIZE);
+				memcpy(prev_out, val[0].val, AES_BLOCK_SIZE);
+				pt.len = vec.pt.len;
+				pt.val = calloc(1, pt.len);
+				memcpy(pt.val, vec.pt.val, pt.len);
+
+				ct.len = vec.ct.len;
+				ct.val = calloc(1, ct.len);
+				memcpy(ct.val, vec.ct.val, ct.len);
+
+				iv.len = vec.iv.len;
+				iv.val = calloc(1, iv.len);
+				memcpy(iv.val, vec.iv.val, iv.len);
 
 				if (info.op == FIPS_TEST_ENC_AUTH_GEN) {
-					memcpy(vec.pt.val, vec.iv.val,
-							AES_BLOCK_SIZE);
-					memcpy(vec.iv.val, val.val,
-							AES_BLOCK_SIZE);
+					memcpy(vec.pt.val, vec.iv.val, AES_BLOCK_SIZE);
+					memcpy(vec.iv.val, val[0].val, AES_BLOCK_SIZE);
+					val[1].val = pt.val;
+					val[1].len = pt.len;
+					val[2].val = iv.val;
+					val[2].len = iv.len;
 				} else {
-					memcpy(vec.ct.val, vec.iv.val,
-							AES_BLOCK_SIZE);
-					memcpy(vec.iv.val, prev_in,
-							AES_BLOCK_SIZE);
+					memcpy(vec.ct.val, vec.iv.val, AES_BLOCK_SIZE);
+					memcpy(vec.iv.val, prev_in, AES_BLOCK_SIZE);
+					val[1].val = ct.val;
+					val[1].len = ct.len;
+					val[2].val = iv.val;
+					val[2].len = iv.len;
 				}
 				continue;
 			}
 
 			if (info.op == FIPS_TEST_ENC_AUTH_GEN) {
-				memcpy(vec.iv.val, val.val, AES_BLOCK_SIZE);
+				memcpy(vec.iv.val, val[0].val, AES_BLOCK_SIZE);
 				memcpy(vec.pt.val, prev_out, AES_BLOCK_SIZE);
 			} else {
 				memcpy(vec.iv.val, prev_in, AES_BLOCK_SIZE);
@@ -1608,33 +1628,38 @@ fips_mct_aes_test(void)
 			if (j == AES_INTERN_ITER - 1)
 				continue;
 
-			memcpy(prev_out, val.val, AES_BLOCK_SIZE);
+			memcpy(prev_out, val[0].val, AES_BLOCK_SIZE);
 		}
 
-		info.parse_writeback(&val);
-		fprintf(info.fp_wr, "\n");
+		info.parse_writeback(val);
+		if (info.file_type != FIPS_TYPE_JSON)
+			fprintf(info.fp_wr, "\n");
 
-		if (i == AES_EXTERN_ITER - 1)
+		if (i == AES_EXTERN_ITER - 1) {
+			free(pt.val);
+			free(ct.val);
+			free(iv.val);
 			continue;
+		}
 
 		/** update key */
 		memcpy(&val_key, &vec.cipher_auth.key, sizeof(val_key));
 		for (k = 0; k < vec.cipher_auth.key.len; k++) {
 			switch (vec.cipher_auth.key.len) {
 			case 16:
-				val_key.val[k] ^= val.val[k];
+				val_key.val[k] ^= val[0].val[k];
 				break;
 			case 24:
 				if (k < 8)
 					val_key.val[k] ^= prev_out[k + 8];
 				else
-					val_key.val[k] ^= val.val[k - 8];
+					val_key.val[k] ^= val[0].val[k - 8];
 				break;
 			case 32:
 				if (k < 16)
 					val_key.val[k] ^= prev_out[k];
 				else
-					val_key.val[k] ^= val.val[k - 16];
+					val_key.val[k] ^= val[0].val[k - 16];
 				break;
 			default:
 				return -1;
@@ -1642,10 +1667,10 @@ fips_mct_aes_test(void)
 		}
 
 		if (info.op == FIPS_TEST_DEC_AUTH_VERIF)
-			memcpy(vec.iv.val, val.val, AES_BLOCK_SIZE);
+			memcpy(vec.iv.val, val[0].val, AES_BLOCK_SIZE);
 	}
 
-	free(val.val);
+	free(val[0].val);
 
 	return 1;
 }
@@ -1946,6 +1971,9 @@ fips_test_one_test_group(void)
 	case FIPS_TEST_ALGO_AES_CMAC:
 		ret = parse_test_cmac_json_init();
 		break;
+	case FIPS_TEST_ALGO_AES:
+		ret = parse_test_aes_json_init();
+		break;
 	default:
 		return -EINVAL;
 	}
-- 
2.25.1


^ permalink raw reply	[flat|nested] 122+ messages in thread

* RE: [v7, 01/11] examples/fips_validation: add jansson dependency
  2022-05-26  8:02             ` [v7, 01/11] examples/fips_validation: add jansson dependency Gowrishankar Muthukrishnan
@ 2022-05-26  9:46               ` Zhang, Roy Fan
  0 siblings, 0 replies; 122+ messages in thread
From: Zhang, Roy Fan @ 2022-05-26  9:46 UTC (permalink / raw)
  To: Gowrishankar Muthukrishnan, dev
  Cc: Dooley, Brian, lylavoie, Anoob Joseph, Archana Muniganti,
	Jerin Jacob, Brandon Lo

> -----Original Message-----
> From: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
> Sent: Thursday, May 26, 2022 9:02 AM
> To: dev@dpdk.org
> Cc: Zhang, Roy Fan <roy.fan.zhang@intel.com>; Dooley, Brian
> <brian.dooley@intel.com>; lylavoie@iol.unh.edu; Anoob Joseph
> <anoobj@marvell.com>; Archana Muniganti <marchana@marvell.com>;
> Jerin Jacob <jerinj@marvell.com>; Brandon Lo <blo@iol.unh.edu>
> Subject: [v7, 01/11] examples/fips_validation: add jansson dependency
> 
> From: Brandon Lo <blo@iol.unh.edu>
> 
> Added a check for RTE_HAS_JANSSON into the meson
> configuration file for JSON support.
> 
> Signed-off-by: Brandon Lo <blo@iol.unh.edu>
> ---
>  examples/fips_validation/meson.build | 4 ++++
>  1 file changed, 4 insertions(+)
> 
> diff --git a/examples/fips_validation/meson.build
> b/examples/fips_validation/meson.build
> index 7eef456318..8cd63066b5 100644
> --- a/examples/fips_validation/meson.build
> +++ b/examples/fips_validation/meson.build
> @@ -21,3 +21,7 @@ sources = files(
>          'fips_dev_self_test.c',
>          'main.c',
>  )
> +
> +if dpdk_conf.has('RTE_HAS_JANSSON')
> +    ext_deps += jansson_dep
> +endif
> --
> 2.25.1
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>


^ permalink raw reply	[flat|nested] 122+ messages in thread

* RE: [v7, 02/11] examples/fips_validation: add json info to header
  2022-05-26  8:02             ` [v7, 02/11] examples/fips_validation: add json info to header Gowrishankar Muthukrishnan
@ 2022-05-26  9:46               ` Zhang, Roy Fan
  0 siblings, 0 replies; 122+ messages in thread
From: Zhang, Roy Fan @ 2022-05-26  9:46 UTC (permalink / raw)
  To: Gowrishankar Muthukrishnan, dev
  Cc: Dooley, Brian, lylavoie, Anoob Joseph, Archana Muniganti,
	Jerin Jacob, Brandon Lo

> -----Original Message-----
> From: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
> Sent: Thursday, May 26, 2022 9:02 AM
> To: dev@dpdk.org
> Cc: Zhang, Roy Fan <roy.fan.zhang@intel.com>; Dooley, Brian
> <brian.dooley@intel.com>; lylavoie@iol.unh.edu; Anoob Joseph
> <anoobj@marvell.com>; Archana Muniganti <marchana@marvell.com>;
> Jerin Jacob <jerinj@marvell.com>; Brandon Lo <blo@iol.unh.edu>;
> Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
> Subject: [v7, 02/11] examples/fips_validation: add json info to header
> 
> From: Brandon Lo <blo@iol.unh.edu>
> 
> Added json-specific functions and other information needed to
> test the new FIPS test vectors.
> 
> Signed-off-by: Brandon Lo <blo@iol.unh.edu>
> Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
> ---
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>

^ permalink raw reply	[flat|nested] 122+ messages in thread

* RE: [v7, 03/11] examples/fips_validation: add json parsing
  2022-05-26  8:02             ` [v7, 03/11] examples/fips_validation: add json parsing Gowrishankar Muthukrishnan
@ 2022-05-26  9:47               ` Zhang, Roy Fan
  0 siblings, 0 replies; 122+ messages in thread
From: Zhang, Roy Fan @ 2022-05-26  9:47 UTC (permalink / raw)
  To: Gowrishankar Muthukrishnan, dev
  Cc: Dooley, Brian, lylavoie, Anoob Joseph, Archana Muniganti, Jerin Jacob

> -----Original Message-----
> From: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
> Sent: Thursday, May 26, 2022 9:02 AM
> To: dev@dpdk.org
> Cc: Zhang, Roy Fan <roy.fan.zhang@intel.com>; Dooley, Brian
> <brian.dooley@intel.com>; lylavoie@iol.unh.edu; Anoob Joseph
> <anoobj@marvell.com>; Archana Muniganti <marchana@marvell.com>;
> Jerin Jacob <jerinj@marvell.com>; Brandon Lo <blo@iol.unh.edu>
> Subject: [v7, 03/11] examples/fips_validation: add json parsing
> 
> From: Brandon Lo <blo@iol.unh.edu>
> 
> Added functions to parse the required information from a vector set
> given in the new json format.
> 
> Signed-off-by: Brandon Lo <blo@iol.unh.edu>
> ---
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>

^ permalink raw reply	[flat|nested] 122+ messages in thread

* RE: [v7, 04/11] examples/fips_validation: allow json file as input
  2022-05-26  8:02             ` [v7, 04/11] examples/fips_validation: allow json file as input Gowrishankar Muthukrishnan
@ 2022-05-26  9:48               ` Zhang, Roy Fan
  0 siblings, 0 replies; 122+ messages in thread
From: Zhang, Roy Fan @ 2022-05-26  9:48 UTC (permalink / raw)
  To: Gowrishankar Muthukrishnan, dev
  Cc: Dooley, Brian, lylavoie, Anoob Joseph, Archana Muniganti,
	Jerin Jacob, Brandon Lo

> -----Original Message-----
> From: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
> Sent: Thursday, May 26, 2022 9:02 AM
> To: dev@dpdk.org
> Cc: Zhang, Roy Fan <roy.fan.zhang@intel.com>; Dooley, Brian
> <brian.dooley@intel.com>; lylavoie@iol.unh.edu; Anoob Joseph
> <anoobj@marvell.com>; Archana Muniganti <marchana@marvell.com>;
> Jerin Jacob <jerinj@marvell.com>; Brandon Lo <blo@iol.unh.edu>;
> Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
> Subject: [v7, 04/11] examples/fips_validation: allow json file as input
> 
> From: Brandon Lo <blo@iol.unh.edu>
> 
> Added the ability to use the json format as the input
> and output of the example application.
> 
> Signed-off-by: Brandon Lo <blo@iol.unh.edu>
> Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
> --
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>

^ permalink raw reply	[flat|nested] 122+ messages in thread

* RE: [v7, 05/11] examples/fips_validation: add json to gcm test
  2022-05-26  8:02             ` [v7, 05/11] examples/fips_validation: add json to gcm test Gowrishankar Muthukrishnan
@ 2022-05-26  9:49               ` Zhang, Roy Fan
  0 siblings, 0 replies; 122+ messages in thread
From: Zhang, Roy Fan @ 2022-05-26  9:49 UTC (permalink / raw)
  To: Gowrishankar Muthukrishnan, dev
  Cc: Dooley, Brian, lylavoie, Anoob Joseph, Archana Muniganti, Jerin Jacob

> -----Original Message-----
> From: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
> Sent: Thursday, May 26, 2022 9:02 AM
> To: dev@dpdk.org
> Cc: Zhang, Roy Fan <roy.fan.zhang@intel.com>; Dooley, Brian
> <brian.dooley@intel.com>; lylavoie@iol.unh.edu; Anoob Joseph
> <anoobj@marvell.com>; Archana Muniganti <marchana@marvell.com>;
> Jerin Jacob <jerinj@marvell.com>; Brandon Lo <blo@iol.unh.edu>
> Subject: [v7, 05/11] examples/fips_validation: add json to gcm test
> 
> From: Brandon Lo <blo@iol.unh.edu>
> 
> Adds json-specific testing and writeback function. Allows
> the user to test AES-GCM vector sets.
> 
> Signed-off-by: Brandon Lo <blo@iol.unh.edu>
> ---
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>

^ permalink raw reply	[flat|nested] 122+ messages in thread

* RE: [v7, 06/11] examples/fips_validation: add json to hmac
  2022-05-26  8:02             ` [v7, 06/11] examples/fips_validation: add json to hmac Gowrishankar Muthukrishnan
@ 2022-05-26  9:49               ` Zhang, Roy Fan
  0 siblings, 0 replies; 122+ messages in thread
From: Zhang, Roy Fan @ 2022-05-26  9:49 UTC (permalink / raw)
  To: Gowrishankar Muthukrishnan, dev
  Cc: Dooley, Brian, lylavoie, Anoob Joseph, Archana Muniganti,
	Jerin Jacob, Brandon Lo

> -----Original Message-----
> From: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
> Sent: Thursday, May 26, 2022 9:02 AM
> To: dev@dpdk.org
> Cc: Zhang, Roy Fan <roy.fan.zhang@intel.com>; Dooley, Brian
> <brian.dooley@intel.com>; lylavoie@iol.unh.edu; Anoob Joseph
> <anoobj@marvell.com>; Archana Muniganti <marchana@marvell.com>;
> Jerin Jacob <jerinj@marvell.com>; Brandon Lo <blo@iol.unh.edu>
> Subject: [v7, 06/11] examples/fips_validation: add json to hmac
> 
> From: Brandon Lo <blo@iol.unh.edu>
> 
> Adds JSON support for the HMAC algorithm.
> 
> Signed-off-by: Brandon Lo <blo@iol.unh.edu>
> ---
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>

^ permalink raw reply	[flat|nested] 122+ messages in thread

* RE: [v7, 07/11] examples/fips_validation: implement json cmac test
  2022-05-26  8:02             ` [v7, 07/11] examples/fips_validation: implement json cmac test Gowrishankar Muthukrishnan
@ 2022-05-26  9:49               ` Zhang, Roy Fan
  0 siblings, 0 replies; 122+ messages in thread
From: Zhang, Roy Fan @ 2022-05-26  9:49 UTC (permalink / raw)
  To: Gowrishankar Muthukrishnan, dev
  Cc: Dooley, Brian, lylavoie, Anoob Joseph, Archana Muniganti,
	Jerin Jacob, Brandon Lo

> -----Original Message-----
> From: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
> Sent: Thursday, May 26, 2022 9:02 AM
> To: dev@dpdk.org
> Cc: Zhang, Roy Fan <roy.fan.zhang@intel.com>; Dooley, Brian
> <brian.dooley@intel.com>; lylavoie@iol.unh.edu; Anoob Joseph
> <anoobj@marvell.com>; Archana Muniganti <marchana@marvell.com>;
> Jerin Jacob <jerinj@marvell.com>; Brandon Lo <blo@iol.unh.edu>
> Subject: [v7, 07/11] examples/fips_validation: implement json cmac test
> 
> From: Brandon Lo <blo@iol.unh.edu>
> 
> Implemented JSON support for the CMAC test.
> 
> Signed-off-by: Brandon Lo <blo@iol.unh.edu>
> --
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>

^ permalink raw reply	[flat|nested] 122+ messages in thread

* RE: [v7, 08/11] examples/fips_validation: add parsing for cmac
  2022-05-26  8:02             ` [v7, 08/11] examples/fips_validation: add parsing for cmac Gowrishankar Muthukrishnan
@ 2022-05-26  9:50               ` Zhang, Roy Fan
  0 siblings, 0 replies; 122+ messages in thread
From: Zhang, Roy Fan @ 2022-05-26  9:50 UTC (permalink / raw)
  To: Gowrishankar Muthukrishnan, dev
  Cc: Dooley, Brian, lylavoie, Anoob Joseph, Archana Muniganti, Jerin Jacob

> -----Original Message-----
> From: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
> Sent: Thursday, May 26, 2022 9:02 AM
> To: dev@dpdk.org
> Cc: Zhang, Roy Fan <roy.fan.zhang@intel.com>; Dooley, Brian
> <brian.dooley@intel.com>; lylavoie@iol.unh.edu; Anoob Joseph
> <anoobj@marvell.com>; Archana Muniganti <marchana@marvell.com>;
> Jerin Jacob <jerinj@marvell.com>; Brandon Lo <blo@iol.unh.edu>;
> Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
> Subject: [v7, 08/11] examples/fips_validation: add parsing for cmac
> 
> From: Brandon Lo <blo@iol.unh.edu>
> 
> Added function to parse algorithm for CMAC test.
> 
> Signed-off-by: Brandon Lo <blo@iol.unh.edu>
> Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
> --
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>

^ permalink raw reply	[flat|nested] 122+ messages in thread

* [v8, 00/10] Add JSON vector set support to fips validation
  2022-05-26  8:02           ` [v7, " Gowrishankar Muthukrishnan
                               ` (10 preceding siblings ...)
  2022-05-26  8:02             ` [v7, 11/11] examples/fips_validation: add parsing for aes_cbc Gowrishankar Muthukrishnan
@ 2022-05-30 12:23             ` Gowrishankar Muthukrishnan
  2022-05-30 12:23               ` [v8, 01/10] examples/fips_validation: add jansson dependency Gowrishankar Muthukrishnan
                                 ` (10 more replies)
  11 siblings, 11 replies; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-30 12:23 UTC (permalink / raw)
  To: dev
  Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
	Archana Muniganti, Jerin Jacob, Gowrishankar Muthukrishnan

Adds a very basic introduction to JSON vector sets in
the fips validation example application. This patch set
will only introduce the AES-GCM test using a JSON request
file because the other algorithms need more information
than what is given in the new JSON format.

v8:
* Fixed overlapped places for FIPS 140-2 test vectors.

v7:
* Fixed individual patches to build correctly.

v6:
* CI centos platform fix.

v5:
* AES_CBC support appended in series.

Brandon Lo (8):
  examples/fips_validation: add jansson dependency
  examples/fips_validation: add json info to header
  examples/fips_validation: add json parsing
  examples/fips_validation: allow json file as input
  examples/fips_validation: add json to gcm test
  examples/fips_validation: add json to hmac
  examples/fips_validation: implement json cmac test
  examples/fips_validation: add parsing for cmac

Gowrishankar Muthukrishnan (2):
  examples/fips_validation: add parsing for aes_cbc
  doc: add notes about acvp validation support

 doc/guides/sample_app_ug/fips_validation.rst  |  30 +-
 examples/fips_validation/fips_validation.c    | 117 ++++++-
 examples/fips_validation/fips_validation.h    |  64 +++-
 .../fips_validation/fips_validation_aes.c     | 223 +++++++++++++
 .../fips_validation/fips_validation_cmac.c    |  80 +++++
 .../fips_validation/fips_validation_gcm.c     | 152 ++++++++-
 .../fips_validation/fips_validation_hmac.c    |  93 ++++++
 examples/fips_validation/main.c               | 295 ++++++++++++++++--
 examples/fips_validation/meson.build          |   4 +
 9 files changed, 1015 insertions(+), 43 deletions(-)

-- 
2.25.1


^ permalink raw reply	[flat|nested] 122+ messages in thread

* [v8, 01/10] examples/fips_validation: add jansson dependency
  2022-05-30 12:23             ` [v8, 00/10] Add JSON vector set support to fips validation Gowrishankar Muthukrishnan
@ 2022-05-30 12:23               ` Gowrishankar Muthukrishnan
  2022-05-30 12:23               ` [v8, 02/10] examples/fips_validation: add json info to header Gowrishankar Muthukrishnan
                                 ` (9 subsequent siblings)
  10 siblings, 0 replies; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-30 12:23 UTC (permalink / raw)
  To: dev
  Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
	Archana Muniganti, Jerin Jacob, Brandon Lo,
	Gowrishankar Muthukrishnan

From: Brandon Lo <blo@iol.unh.edu>

Added a check for RTE_HAS_JANSSON into the meson
configuration file for JSON support.

Signed-off-by: Brandon Lo <blo@iol.unh.edu>
Acked-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
---
 examples/fips_validation/meson.build | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/examples/fips_validation/meson.build b/examples/fips_validation/meson.build
index 7eef456318..8cd63066b5 100644
--- a/examples/fips_validation/meson.build
+++ b/examples/fips_validation/meson.build
@@ -21,3 +21,7 @@ sources = files(
         'fips_dev_self_test.c',
         'main.c',
 )
+
+if dpdk_conf.has('RTE_HAS_JANSSON')
+    ext_deps += jansson_dep
+endif
-- 
2.25.1


^ permalink raw reply	[flat|nested] 122+ messages in thread

* [v8, 02/10] examples/fips_validation: add json info to header
  2022-05-30 12:23             ` [v8, 00/10] Add JSON vector set support to fips validation Gowrishankar Muthukrishnan
  2022-05-30 12:23               ` [v8, 01/10] examples/fips_validation: add jansson dependency Gowrishankar Muthukrishnan
@ 2022-05-30 12:23               ` Gowrishankar Muthukrishnan
  2022-05-30 12:23               ` [v8, 03/10] examples/fips_validation: add json parsing Gowrishankar Muthukrishnan
                                 ` (8 subsequent siblings)
  10 siblings, 0 replies; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-30 12:23 UTC (permalink / raw)
  To: dev
  Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
	Archana Muniganti, Jerin Jacob, Brandon Lo,
	Gowrishankar Muthukrishnan

From: Brandon Lo <blo@iol.unh.edu>

Added json-specific functions and other information needed to
test the new FIPS test vectors.

Signed-off-by: Brandon Lo <blo@iol.unh.edu>
Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
---
v7:
* fix switch clause for info.file_type.

v5:
* fix typo in macro name for prefixes.

v2:
* fix type of prefix to suffix
---
 examples/fips_validation/fips_validation.c |  6 +--
 examples/fips_validation/fips_validation.h | 48 ++++++++++++++++++++--
 examples/fips_validation/main.c            |  2 +
 3 files changed, 49 insertions(+), 7 deletions(-)

diff --git a/examples/fips_validation/fips_validation.c b/examples/fips_validation/fips_validation.c
index 94253eaee8..38c99b291c 100644
--- a/examples/fips_validation/fips_validation.c
+++ b/examples/fips_validation/fips_validation.c
@@ -270,11 +270,11 @@ parse_file_type(const char *path)
 {
 	const char *tmp = path + strlen(path) - 3;
 
-	if (strstr(tmp, REQ_FILE_PERFIX))
+	if (strstr(tmp, REQ_FILE_PREFIX))
 		info.file_type = FIPS_TYPE_REQ;
-	else if (strstr(tmp, RSP_FILE_PERFIX))
+	else if (strstr(tmp, RSP_FILE_PREFIX))
 		info.file_type = FIPS_TYPE_RSP;
-	else if (strstr(path, FAX_FILE_PERFIX))
+	else if (strstr(path, FAX_FILE_PREFIX))
 		info.file_type = FIPS_TYPE_FAX;
 	else
 		return -EINVAL;
diff --git a/examples/fips_validation/fips_validation.h b/examples/fips_validation/fips_validation.h
index aaadf01ba8..a1c83a9a6a 100644
--- a/examples/fips_validation/fips_validation.h
+++ b/examples/fips_validation/fips_validation.h
@@ -5,6 +5,10 @@
 #ifndef _FIPS_VALIDATION_H_
 #define _FIPS_VALIDATION_H_
 
+#ifdef RTE_HAS_JANSSON
+#include <jansson.h>
+#endif /* RTE_HAS_JANSSON */
+
 #define FIPS_PARSE_ERR(fmt, args)					\
 	RTE_LOG(ERR, USER1, "FIPS parse error" ## fmt ## "\n", ## args)
 
@@ -21,9 +25,12 @@
 #define POSITIVE_TEST		0
 #define NEGATIVE_TEST		-1
 
-#define REQ_FILE_PERFIX		"req"
-#define RSP_FILE_PERFIX		"rsp"
-#define FAX_FILE_PERFIX		"fax"
+#define REQ_FILE_PREFIX		"req"
+#define RSP_FILE_PREFIX		"rsp"
+#define FAX_FILE_PREFIX		"fax"
+#define JSON_FILE_PREFIX	"json"
+
+#define ACVVERSION			"1.0"
 
 enum fips_test_algorithms {
 		FIPS_TEST_ALGO_AES = 0,
@@ -40,7 +47,8 @@ enum fips_test_algorithms {
 enum file_types {
 	FIPS_TYPE_REQ = 1,
 	FIPS_TYPE_FAX,
-	FIPS_TYPE_RSP
+	FIPS_TYPE_RSP,
+	FIPS_TYPE_JSON,
 };
 
 enum fips_test_op {
@@ -161,6 +169,23 @@ struct gcm_interim_data {
 	uint8_t gen_iv;
 };
 
+#ifdef RTE_HAS_JANSSON
+struct fips_test_json_info {
+	/* Information used for reading from json */
+	json_t *json_root;
+	json_t *json_vector_set;
+	json_t *json_test_group;
+	json_t *json_test_case;
+	/* Location of json write output */
+	json_t *json_write_root;
+	json_t *json_write_group;
+	json_t *json_write_set;
+	json_t *json_write_case;
+	/* Other info */
+	uint8_t is_sample;
+};
+#endif /* RTE_HAS_JANSSON */
+
 struct fips_test_interim_info {
 	FILE *fp_rd;
 	FILE *fp_wr;
@@ -196,6 +221,10 @@ struct fips_test_interim_info {
 extern struct fips_test_vector vec;
 extern struct fips_test_interim_info info;
 
+#ifdef RTE_HAS_JANSSON
+extern struct fips_test_json_info json_info;
+#endif /* RTE_HAS_JANSSON */
+
 int
 fips_test_init(const char *req_file_path, const char *rsp_file_path,
 		const char *device_name);
@@ -212,6 +241,17 @@ fips_test_parse_one_case(void);
 void
 fips_test_write_one_case(void);
 
+#ifdef RTE_HAS_JANSSON
+int
+fips_test_parse_one_json_vector_set(void);
+
+int
+fips_test_parse_one_json_group(void);
+
+int
+fips_test_parse_one_json_case(void);
+#endif /* RTE_HAS_JANSSON */
+
 int
 parse_test_aes_init(void);
 
diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c
index e06ae37567..554d74cda0 100644
--- a/examples/fips_validation/main.c
+++ b/examples/fips_validation/main.c
@@ -1251,6 +1251,8 @@ fips_generic_test(void)
 		if (ret < 0)
 			return ret;
 		break;
+	default:
+		break;
 	}
 
 	fprintf(info.fp_wr, "\n");
-- 
2.25.1


^ permalink raw reply	[flat|nested] 122+ messages in thread

* [v8, 03/10] examples/fips_validation: add json parsing
  2022-05-30 12:23             ` [v8, 00/10] Add JSON vector set support to fips validation Gowrishankar Muthukrishnan
  2022-05-30 12:23               ` [v8, 01/10] examples/fips_validation: add jansson dependency Gowrishankar Muthukrishnan
  2022-05-30 12:23               ` [v8, 02/10] examples/fips_validation: add json info to header Gowrishankar Muthukrishnan
@ 2022-05-30 12:23               ` Gowrishankar Muthukrishnan
  2022-05-30 12:23               ` [v8, 04/10] examples/fips_validation: allow json file as input Gowrishankar Muthukrishnan
                                 ` (7 subsequent siblings)
  10 siblings, 0 replies; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-30 12:23 UTC (permalink / raw)
  To: dev
  Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
	Archana Muniganti, Jerin Jacob, Brandon Lo,
	Gowrishankar Muthukrishnan

From: Brandon Lo <blo@iol.unh.edu>

Added functions to parse the required information from a vector set
given in the new json format.

Signed-off-by: Brandon Lo <blo@iol.unh.edu>
Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
---
v7:
* pulled json_info define from next patch.

v3:
* fix checkpatch warnings

v2:
* fix for loop initialization
---
 examples/fips_validation/fips_validation.c | 92 ++++++++++++++++++++++
 examples/fips_validation/main.c            |  4 +
 2 files changed, 96 insertions(+)

diff --git a/examples/fips_validation/fips_validation.c b/examples/fips_validation/fips_validation.c
index 38c99b291c..6594a15579 100644
--- a/examples/fips_validation/fips_validation.c
+++ b/examples/fips_validation/fips_validation.c
@@ -276,6 +276,8 @@ parse_file_type(const char *path)
 		info.file_type = FIPS_TYPE_RSP;
 	else if (strstr(path, FAX_FILE_PREFIX))
 		info.file_type = FIPS_TYPE_FAX;
+	else if (strstr(path, JSON_FILE_PREFIX))
+		info.file_type = FIPS_TYPE_JSON;
 	else
 		return -EINVAL;
 
@@ -311,6 +313,21 @@ fips_test_init(const char *req_file_path, const char *rsp_file_path,
 		return -EINVAL;
 	}
 
+	if (info.file_type == FIPS_TYPE_JSON) {
+#ifdef RTE_HAS_JANSSON
+		json_error_t error;
+		json_info.json_root = json_loadf(info.fp_rd, 0, &error);
+		if (!json_info.json_root) {
+			RTE_LOG(ERR, USER1, "Cannot parse json file %s (line %d, column %d)\n",
+				req_file_path, error.line, error.column);
+			return -EINVAL;
+		}
+#else /* RTE_HAS_JANSSON */
+		RTE_LOG(ERR, USER1, "No json library configured.\n");
+		return -EINVAL;
+#endif /* RTE_HAS_JANSSON */
+	}
+
 	info.fp_wr = fopen(rsp_file_path, "w");
 	if (!info.fp_wr) {
 		RTE_LOG(ERR, USER1, "Cannot open file %s\n", rsp_file_path);
@@ -329,6 +346,9 @@ fips_test_init(const char *req_file_path, const char *rsp_file_path,
 		return -EINVAL;
 	}
 
+	if (info.file_type == FIPS_TYPE_JSON)
+		return 0;
+
 	if (fips_test_parse_header() < 0) {
 		RTE_LOG(ERR, USER1, "Failed parsing header\n");
 		return -1;
@@ -428,6 +448,78 @@ fips_test_write_one_case(void)
 		fprintf(info.fp_wr, "%s\n", info.vec[i]);
 }
 
+#ifdef RTE_HAS_JANSSON
+int
+fips_test_parse_one_json_vector_set(void)
+{
+	json_t *algo_obj = json_object_get(json_info.json_vector_set, "algorithm");
+	const char *algo_str = json_string_value(algo_obj);
+
+	/* Vector sets contain the algorithm type, and nothing else we need. */
+	if (strstr(algo_str, "AES-GCM"))
+		info.algo = FIPS_TEST_ALGO_AES_GCM;
+	else
+		return -EINVAL;
+
+	return 0;
+}
+
+int
+fips_test_parse_one_json_group(void)
+{
+	int ret, i;
+	json_int_t val;
+	json_t *param;
+
+	if (info.interim_callbacks) {
+		char json_value[256];
+		for (i = 0; info.interim_callbacks[i].key != NULL; i++) {
+			param = json_object_get(json_info.json_test_group,
+					info.interim_callbacks[i].key);
+			val = json_integer_value(param);
+			snprintf(json_value, 255, "%"JSON_INTEGER_FORMAT, val);
+			/* First argument is blank because the key
+			 * is not included in the string being parsed.
+			 */
+			ret = info.interim_callbacks[i].cb(
+				"", json_value,
+				info.interim_callbacks[i].val
+			);
+			if (ret < 0)
+				return ret;
+		}
+	}
+
+	return 0;
+}
+
+int
+fips_test_parse_one_json_case(void)
+{
+	uint32_t i;
+	int ret = 0;
+	json_t *param;
+
+	for (i = 0; info.callbacks[i].key != NULL; i++) {
+		param = json_object_get(json_info.json_test_case, info.callbacks[i].key);
+		if (param) {
+			strcpy(info.one_line_text, json_string_value(param));
+			/* First argument is blank because the key
+			 * is not included in the string being parsed.
+			 */
+			ret = info.callbacks[i].cb(
+				"", info.one_line_text,
+				info.callbacks[i].val
+			);
+			if (ret < 0)
+				return ret;
+		}
+	}
+
+	return 0;
+}
+#endif /* RTE_HAS_JANSSON */
+
 static int
 parser_read_uint64_hex(uint64_t *value, const char *p)
 {
diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c
index 554d74cda0..11db983ab0 100644
--- a/examples/fips_validation/main.c
+++ b/examples/fips_validation/main.c
@@ -39,6 +39,10 @@ enum {
 struct fips_test_vector vec;
 struct fips_test_interim_info info;
 
+#ifdef RTE_HAS_JANSSON
+struct fips_test_json_info json_info;
+#endif /* RTE_HAS_JANSSON */
+
 struct cryptodev_fips_validate_env {
 	const char *req_path;
 	const char *rsp_path;
-- 
2.25.1


^ permalink raw reply	[flat|nested] 122+ messages in thread

* [v8, 04/10] examples/fips_validation: allow json file as input
  2022-05-30 12:23             ` [v8, 00/10] Add JSON vector set support to fips validation Gowrishankar Muthukrishnan
                                 ` (2 preceding siblings ...)
  2022-05-30 12:23               ` [v8, 03/10] examples/fips_validation: add json parsing Gowrishankar Muthukrishnan
@ 2022-05-30 12:23               ` Gowrishankar Muthukrishnan
  2022-05-30 12:23               ` [v8, 05/10] examples/fips_validation: add json to gcm test Gowrishankar Muthukrishnan
                                 ` (6 subsequent siblings)
  10 siblings, 0 replies; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-30 12:23 UTC (permalink / raw)
  To: dev
  Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
	Archana Muniganti, Jerin Jacob, Brandon Lo,
	Gowrishankar Muthukrishnan

From: Brandon Lo <blo@iol.unh.edu>

Added the ability to use the json format as the input
and output of the example application.

Signed-off-by: Brandon Lo <blo@iol.unh.edu>
Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
--
v8:
* dont steal refcount on write_set using _new as latter is updated
  subsequently in same function.
* fix fips_test_one_test_case to handle error code hence avoid
  incorrect test data in response file since a test run for json
  req file.
* Do not show bypass string in response for json file test.

v5:
* fix to check info.file_type in json file type as well.

v3:
* fix checkpatch warnings

v2:
* remove use_json variable
---
 examples/fips_validation/main.c | 206 +++++++++++++++++++++++++++++++-
 1 file changed, 203 insertions(+), 3 deletions(-)

diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c
index 11db983ab0..5bebff853e 100644
--- a/examples/fips_validation/main.c
+++ b/examples/fips_validation/main.c
@@ -34,6 +34,8 @@ enum {
 	OPT_CRYPTODEV_BK_ID_NUM,
 #define OPT_CRYPTODEV_BK_DIR_KEY    "broken-test-dir"
 	OPT_CRYPTODEV_BK_DIR_KEY_NUM,
+#define OPT_USE_JSON                "use-json"
+	OPT_USE_JSON_NUM,
 };
 
 struct fips_test_vector vec;
@@ -170,6 +172,11 @@ cryptodev_fips_validate_app_uninit(void)
 static int
 fips_test_one_file(void);
 
+#ifdef RTE_HAS_JANSSON
+static int
+fips_test_one_json_file(void);
+#endif /* RTE_HAS_JANSSON */
+
 static int
 parse_cryptodev_arg(char *arg)
 {
@@ -429,8 +436,17 @@ main(int argc, char *argv[])
 			goto exit;
 		}
 
-
+#ifdef RTE_HAS_JANSSON
+		if (info.file_type == FIPS_TYPE_JSON) {
+			ret = fips_test_one_json_file();
+			json_decref(json_info.json_root);
+		}  else {
+			ret = fips_test_one_file();
+		}
+#else /* RTE_HAS_JANSSON */
 		ret = fips_test_one_file();
+#endif /* RTE_HAS_JANSSON */
+
 		if (ret < 0) {
 			RTE_LOG(ERR, USER1, "Error %i: Failed test %s\n",
 					ret, env.req_path);
@@ -485,7 +501,17 @@ main(int argc, char *argv[])
 				break;
 			}
 
+#ifdef RTE_HAS_JANSSON
+			if (info.file_type == FIPS_TYPE_JSON) {
+				ret = fips_test_one_json_file();
+				json_decref(json_info.json_root);
+			} else {
+				ret = fips_test_one_file();
+			}
+#else /* RTE_HAS_JANSSON */
 			ret = fips_test_one_file();
+#endif /* RTE_HAS_JANSSON */
+
 			if (ret < 0) {
 				RTE_LOG(ERR, USER1, "Error %i: Failed test %s\n",
 						ret, req_path);
@@ -1223,11 +1249,15 @@ fips_generic_test(void)
 	struct fips_val val = {NULL, 0};
 	int ret;
 
-	fips_test_write_one_case();
+	if (info.file_type != FIPS_TYPE_JSON)
+		fips_test_write_one_case();
 
 	ret = fips_run_test();
 	if (ret < 0) {
 		if (ret == -EPERM || ret == -ENOTSUP) {
+			if (info.file_type == FIPS_TYPE_JSON)
+				return ret;
+
 			fprintf(info.fp_wr, "Bypass\n\n");
 			return 0;
 		}
@@ -1242,6 +1272,7 @@ fips_generic_test(void)
 	switch (info.file_type) {
 	case FIPS_TYPE_REQ:
 	case FIPS_TYPE_RSP:
+	case FIPS_TYPE_JSON:
 		if (info.parse_writeback == NULL)
 			return -EPERM;
 		ret = info.parse_writeback(&val);
@@ -1259,7 +1290,8 @@ fips_generic_test(void)
 		break;
 	}
 
-	fprintf(info.fp_wr, "\n");
+	if (info.file_type != FIPS_TYPE_JSON)
+		fprintf(info.fp_wr, "\n");
 	free(val.val);
 
 	return 0;
@@ -1294,6 +1326,9 @@ fips_mct_tdes_test(void)
 			ret = fips_run_test();
 			if (ret < 0) {
 				if (ret == -EPERM) {
+					if (info.file_type == FIPS_TYPE_JSON)
+						return ret;
+
 					fprintf(info.fp_wr, "Bypass\n");
 					return 0;
 				}
@@ -1455,6 +1490,9 @@ fips_mct_aes_ecb_test(void)
 			ret = fips_run_test();
 			if (ret < 0) {
 				if (ret == -EPERM) {
+					if (info.file_type == FIPS_TYPE_JSON)
+						return ret;
+
 					fprintf(info.fp_wr, "Bypass\n");
 					return 0;
 				}
@@ -1537,6 +1575,9 @@ fips_mct_aes_test(void)
 			ret = fips_run_test();
 			if (ret < 0) {
 				if (ret == -EPERM) {
+					if (info.file_type == FIPS_TYPE_JSON)
+						return ret;
+
 					fprintf(info.fp_wr, "Bypass\n");
 					return 0;
 				}
@@ -1667,6 +1708,9 @@ fips_mct_sha_test(void)
 			ret = fips_run_test();
 			if (ret < 0) {
 				if (ret == -EPERM || ret == -ENOTSUP) {
+					if (info.file_type == FIPS_TYPE_JSON)
+						return ret;
+
 					fprintf(info.fp_wr, "Bypass\n\n");
 					return 0;
 				}
@@ -1850,3 +1894,159 @@ fips_test_one_file(void)
 
 	return ret;
 }
+
+#ifdef RTE_HAS_JANSSON
+static int
+fips_test_json_init_writeback(void)
+{
+	json_t *session_info, *session_write;
+	session_info = json_array_get(json_info.json_root, 0);
+	session_write = json_object();
+	json_info.json_write_root = json_array();
+
+	json_object_set(session_write, "jwt",
+		json_object_get(session_info, "jwt"));
+	json_object_set(session_write, "url",
+		json_object_get(session_info, "url"));
+	json_object_set(session_write, "isSample",
+		json_object_get(session_info, "isSample"));
+
+	json_info.is_sample = json_boolean_value(
+		json_object_get(session_info, "isSample"));
+
+	json_array_append_new(json_info.json_write_root, session_write);
+	return 0;
+}
+
+static int
+fips_test_one_test_case(void)
+{
+	int ret;
+
+	ret = fips_test_parse_one_json_case();
+
+	switch (ret) {
+	case 0:
+		ret = test_ops.test();
+		if ((ret == 0) || (ret == -EPERM || ret == -ENOTSUP))
+			break;
+		RTE_LOG(ERR, USER1, "Error %i: test block\n",
+				ret);
+		break;
+	default:
+		RTE_LOG(ERR, USER1, "Error %i: Parse block\n",
+				ret);
+	}
+	return ret;
+}
+
+static int
+fips_test_one_test_group(void)
+{
+	int ret;
+	json_t *tests, *write_tests;
+	size_t test_idx, tests_size;
+
+	write_tests = json_array();
+	json_info.json_write_group = json_object();
+	json_object_set(json_info.json_write_group, "tgId",
+		json_object_get(json_info.json_test_group, "tgId"));
+	json_object_set_new(json_info.json_write_group, "tests", write_tests);
+
+	switch (info.algo) {
+	case FIPS_TEST_ALGO_AES_GCM:
+		ret = parse_test_gcm_init();
+		break;
+	default:
+		return -EINVAL;
+	}
+	if (ret < 0)
+		return ret;
+
+	ret = fips_test_parse_one_json_group();
+	if (ret < 0)
+		return ret;
+
+	ret = init_test_ops();
+	if (ret < 0)
+		return ret;
+
+	tests = json_object_get(json_info.json_test_group, "tests");
+	tests_size = json_array_size(tests);
+	for (test_idx = 0; test_idx < tests_size; test_idx++) {
+		json_info.json_test_case = json_array_get(tests, test_idx);
+		if (fips_test_one_test_case() == 0)
+			json_array_append_new(write_tests, json_info.json_write_case);
+	}
+
+	return 0;
+}
+
+static int
+fips_test_one_vector_set(void)
+{
+	int ret;
+	json_t *test_groups, *write_groups, *write_version, *write_set;
+	size_t group_idx, num_groups;
+
+	test_groups = json_object_get(json_info.json_vector_set, "testGroups");
+	num_groups = json_array_size(test_groups);
+
+	json_info.json_write_set = json_array();
+	write_version = json_object();
+	json_object_set_new(write_version, "acvVersion", json_string(ACVVERSION));
+	json_array_append_new(json_info.json_write_set, write_version);
+
+	write_set = json_object();
+	json_array_append(json_info.json_write_set, write_set);
+	write_groups = json_array();
+
+	json_object_set(write_set, "vsId",
+		json_object_get(json_info.json_vector_set, "vsId"));
+	json_object_set(write_set, "algorithm",
+		json_object_get(json_info.json_vector_set, "algorithm"));
+	json_object_set(write_set, "revision",
+		json_object_get(json_info.json_vector_set, "revision"));
+	json_object_set_new(write_set, "isSample",
+		json_boolean(json_info.is_sample));
+	json_object_set_new(write_set, "testGroups", write_groups);
+
+	ret = fips_test_parse_one_json_vector_set();
+	if (ret < 0) {
+		RTE_LOG(ERR, USER1, "Error: Unsupported or invalid vector set algorithm: %s\n",
+			json_string_value(json_object_get(json_info.json_vector_set, "algorithm")));
+		return ret;
+	}
+
+	for (group_idx = 0; group_idx < num_groups; group_idx++) {
+		json_info.json_test_group = json_array_get(test_groups, group_idx);
+		ret = fips_test_one_test_group();
+		json_array_append_new(write_groups, json_info.json_write_group);
+	}
+
+	return 0;
+}
+
+static int
+fips_test_one_json_file(void)
+{
+	size_t vector_set_idx, root_size;
+
+	root_size = json_array_size(json_info.json_root);
+	fips_test_json_init_writeback();
+
+	for (vector_set_idx = 1; vector_set_idx < root_size; vector_set_idx++) {
+		/* Vector set index starts at 1, the 0th index contains test session
+		 * information.
+		 */
+		json_info.json_vector_set = json_array_get(json_info.json_root, vector_set_idx);
+		fips_test_one_vector_set();
+		json_array_append_new(json_info.json_write_root, json_info.json_write_set);
+	}
+
+	json_dumpf(json_info.json_write_root, info.fp_wr, JSON_INDENT(4));
+	json_decref(json_info.json_write_root);
+
+	return 0;
+}
+#endif /* RTE_HAS_JANSSON */
-- 
2.25.1


^ permalink raw reply	[flat|nested] 122+ messages in thread

* [v8, 05/10] examples/fips_validation: add json to gcm test
  2022-05-30 12:23             ` [v8, 00/10] Add JSON vector set support to fips validation Gowrishankar Muthukrishnan
                                 ` (3 preceding siblings ...)
  2022-05-30 12:23               ` [v8, 04/10] examples/fips_validation: allow json file as input Gowrishankar Muthukrishnan
@ 2022-05-30 12:23               ` Gowrishankar Muthukrishnan
  2022-05-30 12:23               ` [v8, 06/10] examples/fips_validation: add json to hmac Gowrishankar Muthukrishnan
                                 ` (5 subsequent siblings)
  10 siblings, 0 replies; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-30 12:23 UTC (permalink / raw)
  To: dev
  Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
	Archana Muniganti, Jerin Jacob, Brandon Lo,
	Gowrishankar Muthukrishnan

From: Brandon Lo <blo@iol.unh.edu>

Adds json-specific testing and writeback function. Allows
the user to test AES-GCM vector sets.

Signed-off-by: Brandon Lo <blo@iol.unh.edu>
Acked-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
---
v8:
* reset IV generation var in every test group as initialization.

v3:
* fix checkpatch warnings
---
 examples/fips_validation/fips_validation.h    |   3 +
 .../fips_validation/fips_validation_gcm.c     | 152 +++++++++++++++++-
 examples/fips_validation/main.c               |   3 +-
 3 files changed, 156 insertions(+), 2 deletions(-)

diff --git a/examples/fips_validation/fips_validation.h b/examples/fips_validation/fips_validation.h
index a1c83a9a6a..8b9d528c53 100644
--- a/examples/fips_validation/fips_validation.h
+++ b/examples/fips_validation/fips_validation.h
@@ -250,6 +250,9 @@ fips_test_parse_one_json_group(void);
 
 int
 fips_test_parse_one_json_case(void);
+
+int
+parse_test_gcm_json_init(void);
 #endif /* RTE_HAS_JANSSON */
 
 int
diff --git a/examples/fips_validation/fips_validation_gcm.c b/examples/fips_validation/fips_validation_gcm.c
index 250d09bf90..7e89f2a6b2 100644
--- a/examples/fips_validation/fips_validation_gcm.c
+++ b/examples/fips_validation/fips_validation_gcm.c
@@ -6,6 +6,10 @@
 #include <time.h>
 #include <stdio.h>
 
+#ifdef RTE_HAS_JANSSON
+#include <jansson.h>
+#endif /* RTE_HAS_JANSSON */
+
 #include <rte_cryptodev.h>
 #include <rte_malloc.h>
 
@@ -37,6 +41,27 @@
 #define OP_ENC_EXT_STR	"ExtIV"
 #define OP_ENC_INT_STR	"IntIV"
 
+#define KEYLEN_JSON_STR		"keyLen"
+#define IVLEN_JSON_STR		"ivLen"
+#define PAYLOADLEN_JSON_STR	"payloadLen"
+#define AADLEN_JSON_STR		"aadLen"
+#define TAGLEN_JSON_STR		"tagLen"
+
+#define KEY_JSON_STR	"key"
+#define IV_JSON_STR		"iv"
+#define PT_JSON_STR		"pt"
+#define CT_JSON_STR		"ct"
+#define AAD_JSON_STR	"aad"
+#define TAG_JSON_STR	"tag"
+#define DIR_JSON_STR	"direction"
+
+#define OP_ENC_JSON_STR	"encrypt"
+#define OP_DEC_JSON_STR	"decrypt"
+
+#define IVGEN_JSON_STR	"ivGen"
+#define OP_ENC_EXT_JSON_STR	"external"
+#define OP_ENC_INT_JSON_STR	"internal"
+
 #define NEG_TEST_STR	"FAIL"
 
 /**
@@ -136,6 +161,40 @@ struct fips_test_callback gcm_enc_vectors[] = {
 		{NULL, NULL, NULL} /**< end pointer */
 };
 
+#ifdef RTE_HAS_JANSSON
+struct fips_test_callback gcm_dec_json_vectors[] = {
+		{KEY_JSON_STR, parse_uint8_known_len_hex_str, &vec.aead.key},
+		{IV_JSON_STR, parse_uint8_known_len_hex_str, &vec.iv},
+		{CT_JSON_STR, parse_gcm_pt_ct_str, &vec.ct},
+		{AAD_JSON_STR, parse_gcm_aad_str, &vec.aead.aad},
+		{TAG_JSON_STR, parse_uint8_known_len_hex_str,
+				&vec.aead.digest},
+		{NULL, NULL, NULL} /**< end pointer */
+};
+
+struct fips_test_callback gcm_interim_json_vectors[] = {
+		{KEYLEN_JSON_STR, parser_read_uint32_bit_val, &vec.aead.key},
+		{IVLEN_JSON_STR, parser_read_uint32_bit_val, &vec.iv},
+		{PAYLOADLEN_JSON_STR, parser_read_gcm_pt_len, &vec.pt},
+		{PAYLOADLEN_JSON_STR, parser_read_uint32_bit_val, &vec.ct},
+		/**< The NIST json test vectors use 'payloadLen' to denote input text
+		 *  length in case of decrypt & encrypt operations.
+		 */
+		{AADLEN_JSON_STR, parser_read_uint32_bit_val, &vec.aead.aad},
+		{TAGLEN_JSON_STR, parser_read_uint32_bit_val,
+				&vec.aead.digest},
+		{NULL, NULL, NULL} /**< end pointer */
+};
+
+struct fips_test_callback gcm_enc_json_vectors[] = {
+		{KEY_JSON_STR, parse_uint8_known_len_hex_str, &vec.aead.key},
+		{IV_JSON_STR, parse_uint8_known_len_hex_str, &vec.iv},
+		{PT_JSON_STR, parse_gcm_pt_ct_str, &vec.pt},
+		{AAD_JSON_STR, parse_gcm_aad_str, &vec.aead.aad},
+		{NULL, NULL, NULL} /**< end pointer */
+};
+#endif /* RTE_HAS_JANSSON */
+
 static int
 parse_test_gcm_writeback(struct fips_val *val)
 {
@@ -194,7 +253,6 @@ parse_test_gcm_init(void)
 	char *tmp;
 	uint32_t i;
 
-
 	for (i = 0; i < info.nb_vec_lines; i++) {
 		char *line = info.vec[i];
 
@@ -218,3 +276,95 @@ parse_test_gcm_init(void)
 
 	return 0;
 }
+
+#ifdef RTE_HAS_JANSSON
+static int
+parse_test_gcm_json_writeback(struct fips_val *val)
+{
+	struct fips_val tmp_val;
+	json_t *tcId, *tag;
+
+	tcId = json_object_get(json_info.json_test_case, "tcId");
+
+	json_info.json_write_case = json_object();
+	json_object_set(json_info.json_write_case, "tcId", tcId);
+
+	if (info.op == FIPS_TEST_ENC_AUTH_GEN) {
+		json_t *ct;
+
+		tmp_val.val = val->val;
+		tmp_val.len = vec.pt.len;
+
+		writeback_hex_str("", info.one_line_text, &tmp_val);
+		ct = json_string(info.one_line_text);
+		json_object_set_new(json_info.json_write_case, CT_JSON_STR, ct);
+
+		if (info.interim_info.gcm_data.gen_iv) {
+			json_t *iv;
+			tmp_val.val = vec.iv.val;
+			tmp_val.len = vec.iv.len;
+
+			writeback_hex_str("", info.one_line_text, &tmp_val);
+			iv = json_string(info.one_line_text);
+			json_object_set_new(json_info.json_write_case, IV_JSON_STR, iv);
+
+			rte_free(vec.iv.val);
+			vec.iv.val = NULL;
+		}
+
+		tmp_val.val = val->val + vec.pt.len;
+		tmp_val.len = val->len - vec.pt.len;
+
+		writeback_hex_str("", info.one_line_text, &tmp_val);
+		tag = json_string(info.one_line_text);
+		json_object_set_new(json_info.json_write_case, TAG_JSON_STR, tag);
+	} else {
+		if (vec.status == RTE_CRYPTO_OP_STATUS_SUCCESS) {
+			if (!info.interim_info.gcm_data.is_gmac) {
+				tmp_val.val = val->val;
+				tmp_val.len = vec.pt.len;
+
+				writeback_hex_str("", info.one_line_text, &tmp_val);
+				json_object_set_new(json_info.json_write_case, PT_JSON_STR,
+					json_string(info.one_line_text));
+			}
+		} else {
+			json_object_set_new(json_info.json_write_case, "testPassed", json_false());
+		}
+	}
+
+	return 0;
+}
+
+int
+parse_test_gcm_json_init(void)
+{
+	json_t *direction_obj;
+	const char *direction_str;
+
+	direction_obj = json_object_get(json_info.json_test_group, DIR_JSON_STR);
+	direction_str = json_string_value(direction_obj);
+	info.interim_info.gcm_data.gen_iv = 0;
+
+	if (strcmp(direction_str, OP_ENC_JSON_STR) == 0) {
+		json_t *ivGen_obj = json_object_get(json_info.json_test_group, IVGEN_JSON_STR);
+		const char *ivGen_str = json_string_value(ivGen_obj);
+
+		info.op = FIPS_TEST_ENC_AUTH_GEN;
+		info.callbacks = gcm_enc_json_vectors;
+
+		if (strcmp(ivGen_str, OP_ENC_INT_JSON_STR) == 0)
+			info.interim_info.gcm_data.gen_iv = 1;
+	} else if (strcmp(direction_str, OP_DEC_JSON_STR) == 0) {
+		info.op = FIPS_TEST_DEC_AUTH_VERIF;
+		info.callbacks = gcm_dec_json_vectors;
+	} else {
+		return -EINVAL;
+	}
+	info.interim_callbacks = gcm_interim_json_vectors;
+	info.parse_writeback = parse_test_gcm_json_writeback;
+
+	return 0;
+}
+#endif /* RTE_HAS_JANSSON */
+
diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c
index 5bebff853e..e729b01529 100644
--- a/examples/fips_validation/main.c
+++ b/examples/fips_validation/main.c
@@ -1955,11 +1955,12 @@ fips_test_one_test_group(void)
 
 	switch (info.algo) {
 	case FIPS_TEST_ALGO_AES_GCM:
-		ret = parse_test_gcm_init();
+		ret = parse_test_gcm_json_init();
 		break;
 	default:
 		return -EINVAL;
 	}
+
 	if (ret < 0)
 		return ret;
 
-- 
2.25.1


^ permalink raw reply	[flat|nested] 122+ messages in thread

* [v8, 06/10] examples/fips_validation: add json to hmac
  2022-05-30 12:23             ` [v8, 00/10] Add JSON vector set support to fips validation Gowrishankar Muthukrishnan
                                 ` (4 preceding siblings ...)
  2022-05-30 12:23               ` [v8, 05/10] examples/fips_validation: add json to gcm test Gowrishankar Muthukrishnan
@ 2022-05-30 12:23               ` Gowrishankar Muthukrishnan
  2022-05-30 12:23               ` [v8, 07/10] examples/fips_validation: implement json cmac test Gowrishankar Muthukrishnan
                                 ` (4 subsequent siblings)
  10 siblings, 0 replies; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-30 12:23 UTC (permalink / raw)
  To: dev
  Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
	Archana Muniganti, Jerin Jacob, Brandon Lo,
	Gowrishankar Muthukrishnan

From: Brandon Lo <blo@iol.unh.edu>

Adds JSON support for the HMAC algorithm.

Signed-off-by: Brandon Lo <blo@iol.unh.edu>
Acked-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
---
 examples/fips_validation/fips_validation.c    |  2 +
 examples/fips_validation/fips_validation.h    |  6 ++
 .../fips_validation/fips_validation_hmac.c    | 93 +++++++++++++++++++
 examples/fips_validation/main.c               |  3 +
 4 files changed, 104 insertions(+)

diff --git a/examples/fips_validation/fips_validation.c b/examples/fips_validation/fips_validation.c
index 6594a15579..e8520f59cf 100644
--- a/examples/fips_validation/fips_validation.c
+++ b/examples/fips_validation/fips_validation.c
@@ -458,6 +458,8 @@ fips_test_parse_one_json_vector_set(void)
 	/* Vector sets contain the algorithm type, and nothing else we need. */
 	if (strstr(algo_str, "AES-GCM"))
 		info.algo = FIPS_TEST_ALGO_AES_GCM;
+	if (strstr(algo_str, "HMAC"))
+		info.algo = FIPS_TEST_ALGO_HMAC;
 	else
 		return -EINVAL;
 
diff --git a/examples/fips_validation/fips_validation.h b/examples/fips_validation/fips_validation.h
index 8b9d528c53..3b3ffb7fa6 100644
--- a/examples/fips_validation/fips_validation.h
+++ b/examples/fips_validation/fips_validation.h
@@ -253,6 +253,12 @@ fips_test_parse_one_json_case(void);
 
 int
 parse_test_gcm_json_init(void);
+
+int
+parse_test_hmac_json_init(void);
+
+int
+parse_test_hmac_json_algorithm(void);
 #endif /* RTE_HAS_JANSSON */
 
 int
diff --git a/examples/fips_validation/fips_validation_hmac.c b/examples/fips_validation/fips_validation_hmac.c
index 1285c9d283..4cd1b1ac07 100644
--- a/examples/fips_validation/fips_validation_hmac.c
+++ b/examples/fips_validation/fips_validation_hmac.c
@@ -19,6 +19,15 @@
 #define PT_STR		"Msg = "
 #define TAG_STR		"Mac = "
 
+#define ALGO_JSON_STR	"algorithm"
+
+#define KEYLEN_JSON_STR	"keyLen"
+#define TAGLEN_JSON_STR	"macLen"
+
+#define KEY_JSON_STR	"key"
+#define PT_JSON_STR		"msg"
+#define TAG_JSON_STR	"mac"
+
 struct hash_size_conversion {
 	const char *str;
 	enum rte_crypto_auth_algorithm algo;
@@ -65,6 +74,29 @@ struct fips_test_callback hmac_tests_interim_vectors[] = {
 		{NULL, NULL, NULL} /**< end pointer */
 };
 
+#ifdef RTE_HAS_JANSSON
+struct hash_size_conversion json_algorithms[] = {
+		{"HMAC-SHA-1", RTE_CRYPTO_AUTH_SHA1_HMAC},
+		{"HMAC-SHA2-224", RTE_CRYPTO_AUTH_SHA224_HMAC},
+		{"HMAC-SHA2-256", RTE_CRYPTO_AUTH_SHA256_HMAC},
+		{"HMAC-SHA2-384", RTE_CRYPTO_AUTH_SHA384_HMAC},
+		{"HMAC-SHA2-512", RTE_CRYPTO_AUTH_SHA512_HMAC},
+};
+
+struct fips_test_callback hmac_tests_json_vectors[] = {
+		{KEY_JSON_STR, parse_uint8_hex_str, &vec.cipher_auth.key},
+		{PT_JSON_STR, parse_uint8_hex_str, &vec.pt},
+		{TAG_JSON_STR, parse_uint8_hex_str, &vec.cipher_auth.digest},
+		{NULL, NULL, NULL} /**< end pointer */
+};
+
+struct fips_test_callback hmac_tests_interim_json_vectors[] = {
+		{KEYLEN_JSON_STR, parser_read_uint32_val, &vec.cipher_auth.key},
+		{TAGLEN_JSON_STR, parser_read_uint32_bit_val, &vec.cipher_auth.digest},
+		{NULL, NULL, NULL} /**< end pointer */
+};
+#endif /* RTE_HAS_JANSSON */
+
 static int
 parse_test_hmac_writeback(struct fips_val *val)
 {
@@ -103,3 +135,64 @@ parse_test_hmac_init(void)
 
 	return 0;
 }
+
+#ifdef RTE_HAS_JANSSON
+static int
+parse_test_hmac_json_writeback(struct fips_val *val)
+{
+	struct fips_val val_local;
+	json_t *tcId, *mac;
+
+	tcId = json_object_get(json_info.json_test_case, "tcId");
+
+	json_info.json_write_case = json_object();
+	json_object_set(json_info.json_write_case, "tcId", tcId);
+
+
+	val_local.val = val->val + vec.pt.len;
+	val_local.len = vec.cipher_auth.digest.len;
+
+	writeback_hex_str("", info.one_line_text, &val_local);
+
+	mac = json_string(info.one_line_text);
+	json_object_set_new(json_info.json_write_case, TAG_JSON_STR, mac);
+
+	return 0;
+}
+
+int
+parse_test_hmac_json_algorithm(void)
+{
+	json_t *algorithm_object;
+	const char *algorithm_str;
+	uint32_t i;
+
+	algorithm_object = json_object_get(json_info.json_vector_set, "algorithm");
+	algorithm_str = json_string_value(algorithm_object);
+
+	for (i = 0; i < RTE_DIM(json_algorithms); i++) {
+		if (strstr(algorithm_str, json_algorithms[i].str)) {
+			info.interim_info.hmac_data.algo = json_algorithms[i].algo;
+			return 0;
+		}
+	}
+
+	return -1;
+}
+
+int
+parse_test_hmac_json_init(void)
+{
+	info.op = FIPS_TEST_ENC_AUTH_GEN;
+	info.parse_writeback = parse_test_hmac_json_writeback;
+	info.callbacks = hmac_tests_json_vectors;
+	info.writeback_callbacks = NULL;
+	info.kat_check = rsp_test_hmac_check;
+	info.interim_callbacks = hmac_tests_interim_json_vectors;
+
+	if (parse_test_hmac_json_algorithm() < 0)
+		return -1;
+
+	return 0;
+}
+#endif /* RTE_HAS_JANSSON */
diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c
index e729b01529..2393559d0d 100644
--- a/examples/fips_validation/main.c
+++ b/examples/fips_validation/main.c
@@ -1957,6 +1957,9 @@ fips_test_one_test_group(void)
 	case FIPS_TEST_ALGO_AES_GCM:
 		ret = parse_test_gcm_json_init();
 		break;
+	case FIPS_TEST_ALGO_HMAC:
+		ret = parse_test_hmac_json_init();
+		break;
 	default:
 		return -EINVAL;
 	}
-- 
2.25.1


^ permalink raw reply	[flat|nested] 122+ messages in thread

* [v8, 07/10] examples/fips_validation: implement json cmac test
  2022-05-30 12:23             ` [v8, 00/10] Add JSON vector set support to fips validation Gowrishankar Muthukrishnan
                                 ` (5 preceding siblings ...)
  2022-05-30 12:23               ` [v8, 06/10] examples/fips_validation: add json to hmac Gowrishankar Muthukrishnan
@ 2022-05-30 12:23               ` Gowrishankar Muthukrishnan
  2022-05-30 12:23               ` [v8, 08/10] examples/fips_validation: add parsing for cmac Gowrishankar Muthukrishnan
                                 ` (3 subsequent siblings)
  10 siblings, 0 replies; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-30 12:23 UTC (permalink / raw)
  To: dev
  Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
	Archana Muniganti, Jerin Jacob, Brandon Lo,
	Gowrishankar Muthukrishnan

From: Brandon Lo <blo@iol.unh.edu>

Implemented JSON support for the CMAC test.

Signed-off-by: Brandon Lo <blo@iol.unh.edu>
Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
---
v5:
* parser_read_cmac_direction_str is static.
---
 examples/fips_validation/fips_validation.h    |  3 +
 .../fips_validation/fips_validation_cmac.c    | 80 +++++++++++++++++++
 2 files changed, 83 insertions(+)

diff --git a/examples/fips_validation/fips_validation.h b/examples/fips_validation/fips_validation.h
index 3b3ffb7fa6..88cbb0303e 100644
--- a/examples/fips_validation/fips_validation.h
+++ b/examples/fips_validation/fips_validation.h
@@ -259,6 +259,9 @@ parse_test_hmac_json_init(void);
 
 int
 parse_test_hmac_json_algorithm(void);
+
+int
+parse_test_cmac_json_init(void);
 #endif /* RTE_HAS_JANSSON */
 
 int
diff --git a/examples/fips_validation/fips_validation_cmac.c b/examples/fips_validation/fips_validation_cmac.c
index 54c951ef83..094e3922a4 100644
--- a/examples/fips_validation/fips_validation_cmac.c
+++ b/examples/fips_validation/fips_validation_cmac.c
@@ -32,6 +32,18 @@
 #define PASS_STR	"P"
 #define FAIL_STR	"F"
 
+#define KLEN_JSON_STR		"keyLen"
+#define PTLEN_JSON_STR		"msgLen"
+#define TAGLEN_JSON_STR		"macLen"
+#define KEY_JSON_STR		"key"
+#define PT_JSON_STR			"message"
+#define TAG_JSON_STR		"mac"
+#define DIRECTION_JSON_STR	"direction"
+#define POS_NEG_JSON_STR	"testPassed"
+
+#define GEN_JSON_STR	"gen"
+#define VERIF_JSON_STR	"ver"
+
 struct hash_algo_conversion {
 	const char *str;
 	enum fips_test_algorithms algo;
@@ -39,6 +51,74 @@ struct hash_algo_conversion {
 		{"AES", FIPS_TEST_ALGO_AES_CMAC},
 };
 
+#ifdef RTE_HAS_JANSSON
+static int
+parser_read_cmac_direction_str(__rte_unused const char *key, char *src,
+		__rte_unused struct fips_val *val)
+{
+	if (strcmp(src, "gen") == 0)
+		info.op = FIPS_TEST_ENC_AUTH_GEN;
+	else if (strcmp(src, "ver") == 0)
+		info.op = FIPS_TEST_DEC_AUTH_VERIF;
+
+	return 0;
+}
+
+struct fips_test_callback cmac_tests_interim_json_vectors[] = {
+		{KLEN_JSON_STR, parser_read_uint32_bit_val, &vec.cipher_auth.key},
+		{PTLEN_JSON_STR, parser_read_uint32_bit_val, &vec.pt},
+		{TAGLEN_JSON_STR, parser_read_uint32_bit_val, &vec.cipher_auth.digest},
+		{DIRECTION_JSON_STR, parser_read_cmac_direction_str, NULL},
+		{NULL, NULL, NULL} /**< end pointer */
+};
+
+struct fips_test_callback cmac_tests_json_vectors[] = {
+		{KEY_JSON_STR, parse_uint8_hex_str, &vec.cipher_auth.key},
+		{PT_JSON_STR, parse_uint8_known_len_hex_str, &vec.pt},
+		{TAG_JSON_STR, parse_uint8_known_len_hex_str,
+				&vec.cipher_auth.digest},
+		{NULL, NULL, NULL} /**< end pointer */
+};
+
+static int
+parse_test_cmac_json_writeback(struct fips_val *val)
+{
+	json_info.json_write_case = json_object();
+	json_object_set(json_info.json_write_case, "tcId",
+		json_object_get(json_info.json_test_case, "tcId"));
+
+	if (info.op == FIPS_TEST_ENC_AUTH_GEN) {
+		struct fips_val tmp_val = {val->val + vec.pt.len,
+				vec.cipher_auth.digest.len};
+
+		writeback_hex_str("", info.one_line_text, &tmp_val);
+		json_object_set_new(json_info.json_write_case, TAG_JSON_STR,
+			json_string(info.one_line_text));
+	} else {
+		if (vec.status == RTE_CRYPTO_OP_STATUS_SUCCESS)
+			json_object_set_new(json_info.json_write_case, POS_NEG_JSON_STR,
+				json_boolean(true));
+		else if (vec.status == RTE_CRYPTO_OP_STATUS_AUTH_FAILED)
+			json_object_set_new(json_info.json_write_case, POS_NEG_JSON_STR,
+				json_boolean(false));
+	}
+
+	return 0;
+}
+
+int
+parse_test_cmac_json_init(void)
+{
+	info.algo = FIPS_TEST_ALGO_AES_CMAC;
+
+	info.parse_writeback = parse_test_cmac_json_writeback;
+	info.callbacks = cmac_tests_json_vectors;
+	info.interim_callbacks = cmac_tests_interim_json_vectors;
+
+	return 0;
+}
+#endif /* RTE_HAS_JANSSON */
+
 static int
 parse_test_cmac_writeback(struct fips_val *val)
 {
-- 
2.25.1


^ permalink raw reply	[flat|nested] 122+ messages in thread

* [v8, 08/10] examples/fips_validation: add parsing for cmac
  2022-05-30 12:23             ` [v8, 00/10] Add JSON vector set support to fips validation Gowrishankar Muthukrishnan
                                 ` (6 preceding siblings ...)
  2022-05-30 12:23               ` [v8, 07/10] examples/fips_validation: implement json cmac test Gowrishankar Muthukrishnan
@ 2022-05-30 12:23               ` Gowrishankar Muthukrishnan
  2022-05-30 12:23               ` [v8, 09/10] examples/fips_validation: add parsing for aes_cbc Gowrishankar Muthukrishnan
                                 ` (2 subsequent siblings)
  10 siblings, 0 replies; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-30 12:23 UTC (permalink / raw)
  To: dev
  Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
	Archana Muniganti, Jerin Jacob, Brandon Lo,
	Gowrishankar Muthukrishnan

From: Brandon Lo <blo@iol.unh.edu>

Added function to parse algorithm for CMAC test.

Signed-off-by: Brandon Lo <blo@iol.unh.edu>
Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
--
v5:
* parser_read_cmac_direction_str implementation moved to static.
---
 examples/fips_validation/fips_validation.c | 19 ++++++++++++++++---
 examples/fips_validation/main.c            |  3 +++
 2 files changed, 19 insertions(+), 3 deletions(-)

diff --git a/examples/fips_validation/fips_validation.c b/examples/fips_validation/fips_validation.c
index e8520f59cf..ab4c0d0eca 100644
--- a/examples/fips_validation/fips_validation.c
+++ b/examples/fips_validation/fips_validation.c
@@ -460,6 +460,8 @@ fips_test_parse_one_json_vector_set(void)
 		info.algo = FIPS_TEST_ALGO_AES_GCM;
 	if (strstr(algo_str, "HMAC"))
 		info.algo = FIPS_TEST_ALGO_HMAC;
+	if (strstr(algo_str, "CMAC"))
+		info.algo = FIPS_TEST_ALGO_AES_CMAC;
 	else
 		return -EINVAL;
 
@@ -470,7 +472,6 @@ int
 fips_test_parse_one_json_group(void)
 {
 	int ret, i;
-	json_int_t val;
 	json_t *param;
 
 	if (info.interim_callbacks) {
@@ -478,8 +479,20 @@ fips_test_parse_one_json_group(void)
 		for (i = 0; info.interim_callbacks[i].key != NULL; i++) {
 			param = json_object_get(json_info.json_test_group,
 					info.interim_callbacks[i].key);
-			val = json_integer_value(param);
-			snprintf(json_value, 255, "%"JSON_INTEGER_FORMAT, val);
+			switch (json_typeof(param)) {
+			case JSON_STRING:
+				snprintf(json_value, 256, "%s", json_string_value(param));
+				break;
+
+			case JSON_INTEGER:
+				snprintf(json_value, 255, "%"JSON_INTEGER_FORMAT,
+						json_integer_value(param));
+				break;
+
+			default:
+				return -EINVAL;
+			}
+
 			/* First argument is blank because the key
 			 * is not included in the string being parsed.
 			 */
diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c
index 2393559d0d..1645fa99e5 100644
--- a/examples/fips_validation/main.c
+++ b/examples/fips_validation/main.c
@@ -1960,6 +1960,9 @@ fips_test_one_test_group(void)
 	case FIPS_TEST_ALGO_HMAC:
 		ret = parse_test_hmac_json_init();
 		break;
+	case FIPS_TEST_ALGO_AES_CMAC:
+		ret = parse_test_cmac_json_init();
+		break;
 	default:
 		return -EINVAL;
 	}
-- 
2.25.1


^ permalink raw reply	[flat|nested] 122+ messages in thread

* [v8, 09/10] examples/fips_validation: add parsing for aes_cbc
  2022-05-30 12:23             ` [v8, 00/10] Add JSON vector set support to fips validation Gowrishankar Muthukrishnan
                                 ` (7 preceding siblings ...)
  2022-05-30 12:23               ` [v8, 08/10] examples/fips_validation: add parsing for cmac Gowrishankar Muthukrishnan
@ 2022-05-30 12:23               ` Gowrishankar Muthukrishnan
  2022-05-30 12:23               ` [v8, 10/10] doc: add notes about acvp validation support Gowrishankar Muthukrishnan
  2022-05-30 15:52               ` [v9, 00/10] Add JSON vector set support to fips validation Gowrishankar Muthukrishnan
  10 siblings, 0 replies; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-30 12:23 UTC (permalink / raw)
  To: dev
  Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
	Archana Muniganti, Jerin Jacob, Gowrishankar Muthukrishnan

Added function to parse algorithm for AES_CBC test.

Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
--
v6:
* fixed local variable initialization in fips_mct_aes_test.
---
 examples/fips_validation/fips_validation.c    |   8 +-
 examples/fips_validation/fips_validation.h    |   4 +
 .../fips_validation/fips_validation_aes.c     | 223 ++++++++++++++++++
 examples/fips_validation/main.c               |  76 ++++--
 4 files changed, 284 insertions(+), 27 deletions(-)

diff --git a/examples/fips_validation/fips_validation.c b/examples/fips_validation/fips_validation.c
index ab4c0d0eca..8cec172a5f 100644
--- a/examples/fips_validation/fips_validation.c
+++ b/examples/fips_validation/fips_validation.c
@@ -120,7 +120,7 @@ fips_test_parse_header(void)
 
 	for (i = 0; i < info.nb_vec_lines; i++) {
 		if (!algo_parsed) {
-			if (strstr(info.vec[i], "AESVS")) {
+			if (strstr(info.vec[i], "AES")) {
 				algo_parsed = 1;
 				info.algo = FIPS_TEST_ALGO_AES;
 				ret = parse_test_aes_init();
@@ -458,10 +458,12 @@ fips_test_parse_one_json_vector_set(void)
 	/* Vector sets contain the algorithm type, and nothing else we need. */
 	if (strstr(algo_str, "AES-GCM"))
 		info.algo = FIPS_TEST_ALGO_AES_GCM;
-	if (strstr(algo_str, "HMAC"))
+	else if (strstr(algo_str, "HMAC"))
 		info.algo = FIPS_TEST_ALGO_HMAC;
-	if (strstr(algo_str, "CMAC"))
+	else if (strstr(algo_str, "CMAC"))
 		info.algo = FIPS_TEST_ALGO_AES_CMAC;
+	else if (strstr(algo_str, "AES-CBC"))
+		info.algo = FIPS_TEST_ALGO_AES;
 	else
 		return -EINVAL;
 
diff --git a/examples/fips_validation/fips_validation.h b/examples/fips_validation/fips_validation.h
index 88cbb0303e..6385ec4d8d 100644
--- a/examples/fips_validation/fips_validation.h
+++ b/examples/fips_validation/fips_validation.h
@@ -103,6 +103,7 @@ enum fips_aesavs_test_types {
 	AESAVS_TYPE_VARTXT,
 	AESAVS_TYPE_MMT,
 	AESAVS_TYPE_MCT,
+	AESAVS_TYPE_AFT,
 };
 
 enum fips_tdes_test_types {
@@ -262,6 +263,9 @@ parse_test_hmac_json_algorithm(void);
 
 int
 parse_test_cmac_json_init(void);
+
+int
+parse_test_aes_json_init(void);
 #endif /* RTE_HAS_JANSSON */
 
 int
diff --git a/examples/fips_validation/fips_validation_aes.c b/examples/fips_validation/fips_validation_aes.c
index b3c5e31f32..8db6f4fa31 100644
--- a/examples/fips_validation/fips_validation_aes.c
+++ b/examples/fips_validation/fips_validation_aes.c
@@ -7,6 +7,7 @@
 #include <stdio.h>
 
 #include <rte_cryptodev.h>
+#include <rte_malloc.h>
 
 #include "fips_validation.h"
 
@@ -25,6 +26,19 @@
 #define OP_ENC_STR	"ENCRYPT"
 #define OP_DEC_STR	"DECRYPT"
 
+#define ALGO_JSON_STR		"algorithm"
+#define TESTTYPE_JSON_STR	"testType"
+#define DIR_JSON_STR		"direction"
+#define KEYLEN_JSON_STR		"keyLen"
+
+#define KEY_JSON_STR	"key"
+#define IV_JSON_STR	"iv"
+#define PT_JSON_STR	"pt"
+#define CT_JSON_STR	"ct"
+
+#define OP_ENC_JSON_STR	"encrypt"
+#define OP_DEC_JSON_STR	"decrypt"
+
 struct {
 	uint32_t type;
 	const char *desc;
@@ -37,6 +51,7 @@ struct {
 		{TDES_VARIABLE_TEXT, "KAT"},
 		{AESAVS_TYPE_MMT, "MMT"},
 		{AESAVS_TYPE_MCT, "MCT"},
+		{AESAVS_TYPE_AFT, "AFT"},
 };
 
 struct aes_test_algo {
@@ -92,6 +107,214 @@ struct fips_test_callback aes_writeback_callbacks[] = {
 		{NULL, NULL, NULL} /**< end pointer */
 };
 
+#ifdef RTE_HAS_JANSSON
+struct fips_test_callback aes_dec_json_vectors[] = {
+		{KEY_JSON_STR, parse_uint8_known_len_hex_str, &vec.cipher_auth.key},
+		{IV_JSON_STR, parse_uint8_hex_str, &vec.iv},
+		{CT_JSON_STR, parse_uint8_hex_str, &vec.ct},
+		{NULL, NULL, NULL} /**< end pointer */
+};
+
+struct fips_test_callback aes_interim_json_vectors[] = {
+		{KEYLEN_JSON_STR, parser_read_uint32_bit_val, &vec.cipher_auth.key},
+		{NULL, NULL, NULL} /**< end pointer */
+};
+
+struct fips_test_callback aes_enc_json_vectors[] = {
+		{KEY_JSON_STR, parse_uint8_known_len_hex_str, &vec.cipher_auth.key},
+		{IV_JSON_STR, parse_uint8_hex_str, &vec.iv},
+		{PT_JSON_STR, parse_uint8_hex_str, &vec.pt},
+		{NULL, NULL, NULL} /**< end pointer */
+};
+
+static int
+parse_test_aes_json_writeback(struct fips_val *val)
+{
+	struct fips_val tmp_val;
+	json_t *tcId;
+
+	tcId = json_object_get(json_info.json_test_case, "tcId");
+
+	json_info.json_write_case = json_object();
+	json_object_set(json_info.json_write_case, "tcId", tcId);
+
+	if (info.op == FIPS_TEST_ENC_AUTH_GEN) {
+		json_t *ct;
+
+		tmp_val.val = val->val;
+		tmp_val.len = vec.pt.len;
+
+		writeback_hex_str("", info.one_line_text, &tmp_val);
+		ct = json_string(info.one_line_text);
+		json_object_set_new(json_info.json_write_case, CT_JSON_STR, ct);
+
+		tmp_val.val = val->val + vec.pt.len;
+		tmp_val.len = val->len - vec.pt.len;
+
+		writeback_hex_str("", info.one_line_text, &tmp_val);
+	} else {
+		if (vec.status == RTE_CRYPTO_OP_STATUS_SUCCESS) {
+			tmp_val.val = val->val;
+			tmp_val.len = vec.ct.len;
+
+			writeback_hex_str("", info.one_line_text, &tmp_val);
+			json_object_set_new(json_info.json_write_case, PT_JSON_STR,
+								json_string(info.one_line_text));
+		} else {
+			json_object_set_new(json_info.json_write_case, "testPassed", json_false());
+		}
+	}
+
+	return 0;
+}
+
+static int
+parse_test_aes_mct_json_writeback(struct fips_val *val)
+{
+	json_t *tcId, *resArr, *res, *ct, *pt, *key, *iv;
+	struct fips_val tmp_val;
+
+	tcId = json_object_get(json_info.json_test_case, "tcId");
+	if (json_info.json_write_case) {
+		json_t *wcId;
+
+		wcId = json_object_get(json_info.json_write_case, "tcId");
+		if (!json_equal(tcId, wcId)) {
+			json_info.json_write_case = json_object();
+			json_object_set(json_info.json_write_case, "tcId", tcId);
+			json_object_set(json_info.json_write_case, "resultsArray", json_array());
+		}
+	} else {
+		json_info.json_write_case = json_object();
+		json_object_set(json_info.json_write_case, "tcId", tcId);
+		json_object_set(json_info.json_write_case, "resultsArray", json_array());
+	}
+
+	resArr = json_object_get(json_info.json_write_case, "resultsArray");
+	if (!json_is_array(resArr))
+		return -EINVAL;
+
+	res = json_object();
+	if (info .op == FIPS_TEST_ENC_AUTH_GEN) {
+		writeback_hex_str("", info.one_line_text, &vec.cipher_auth.key);
+		key = json_string(info.one_line_text);
+		json_object_set_new(res, KEY_JSON_STR, key);
+
+		writeback_hex_str("", info.one_line_text, &val[2]);
+		iv = json_string(info.one_line_text);
+		json_object_set_new(res, IV_JSON_STR, iv);
+
+		writeback_hex_str("", info.one_line_text, &val[1]);
+		pt = json_string(info.one_line_text);
+		json_object_set_new(res, PT_JSON_STR, pt);
+
+		tmp_val.val = val->val;
+		tmp_val.len = vec.pt.len;
+
+		writeback_hex_str("", info.one_line_text, &tmp_val);
+		ct = json_string(info.one_line_text);
+		json_object_set_new(res, CT_JSON_STR, ct);
+
+		tmp_val.val = val->val + vec.pt.len;
+		tmp_val.len = val->len - vec.pt.len;
+
+		writeback_hex_str("", info.one_line_text, &tmp_val);
+	} else {
+		if (vec.status == RTE_CRYPTO_OP_STATUS_SUCCESS) {
+			writeback_hex_str("", info.one_line_text, &vec.cipher_auth.key);
+			key = json_string(info.one_line_text);
+			json_object_set_new(res, KEY_JSON_STR, key);
+
+			writeback_hex_str("", info.one_line_text, &val[2]);
+			iv = json_string(info.one_line_text);
+			json_object_set_new(res, IV_JSON_STR, iv);
+
+			tmp_val.val = val->val;
+			tmp_val.len = vec.ct.len;
+
+			writeback_hex_str("", info.one_line_text, &tmp_val);
+			pt = json_string(info.one_line_text);
+			json_object_set_new(res, PT_JSON_STR, pt);
+
+			writeback_hex_str("", info.one_line_text, &val[1]);
+			ct = json_string(info.one_line_text);
+			json_object_set_new(res, CT_JSON_STR, ct);
+		} else {
+			json_object_set_new(json_info.json_write_case, "testPassed", json_false());
+		}
+	}
+
+	json_array_append_new(resArr, res);
+	return 0;
+}
+
+int
+parse_test_aes_json_init(void)
+{
+	json_t *type_obj = json_object_get(json_info.json_test_group, TESTTYPE_JSON_STR);
+	json_t *algo_obj = json_object_get(json_info.json_vector_set, ALGO_JSON_STR);
+	const char *type_str = json_string_value(type_obj);
+	const char *algo_str = json_string_value(algo_obj);
+	uint32_t i;
+
+	if (json_info.json_test_group) {
+		json_t *direction_obj;
+		const char *direction_str;
+
+		direction_obj = json_object_get(json_info.json_test_group, DIR_JSON_STR);
+		direction_str = json_string_value(direction_obj);
+
+		if (strcmp(direction_str, OP_ENC_JSON_STR) == 0) {
+			info.op = FIPS_TEST_ENC_AUTH_GEN;
+			info.callbacks = aes_enc_json_vectors;
+
+		} else if (strcmp(direction_str, OP_DEC_JSON_STR) == 0) {
+			info.op = FIPS_TEST_DEC_AUTH_VERIF;
+			info.callbacks = aes_dec_json_vectors;
+		} else {
+			return -EINVAL;
+		}
+		info.interim_callbacks = aes_interim_json_vectors;
+	}
+
+	for (i = 0; i < RTE_DIM(aes_test_types); i++)
+		if (strstr(type_str, aes_test_types[i].desc)) {
+			info.interim_info.aes_data.test_type =
+				aes_test_types[i].type;
+			break;
+		}
+
+	if (i >= RTE_DIM(aes_test_types))
+		return -EINVAL;
+
+	switch (info.interim_info.aes_data.test_type) {
+	case AESAVS_TYPE_MCT:
+		info.parse_writeback = parse_test_aes_mct_json_writeback;
+		break;
+	case AESAVS_TYPE_AFT:
+		info.parse_writeback = parse_test_aes_json_writeback;
+		break;
+	default:
+		info.parse_writeback = NULL;
+	}
+
+	if (!info.parse_writeback)
+		return -EINVAL;
+
+	for (i = 0; i < RTE_DIM(algo_con); i++)
+		if (strstr(algo_str, algo_con[i].name)) {
+			info.interim_info.aes_data.cipher_algo =
+				(uint32_t)algo_con[i].algo;
+			break;
+		}
+
+	if (i >= RTE_DIM(algo_con))
+		return -EINVAL;
+
+	return 0;
+}
+#endif /* RTE_HAS_JANSSON */
+
 static int
 parse_test_aes_writeback(struct fips_val *val)
 {
diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c
index 1645fa99e5..332a4110e3 100644
--- a/examples/fips_validation/main.c
+++ b/examples/fips_validation/main.c
@@ -1556,7 +1556,7 @@ fips_mct_aes_test(void)
 #define AES_BLOCK_SIZE	16
 #define AES_EXTERN_ITER	100
 #define AES_INTERN_ITER	1000
-	struct fips_val val = {NULL, 0}, val_key;
+	struct fips_val val[3] = {{NULL, 0},}, val_key,  pt, ct, iv;
 	uint8_t prev_out[AES_BLOCK_SIZE] = {0};
 	uint8_t prev_in[AES_BLOCK_SIZE] = {0};
 	uint32_t i, j, k;
@@ -1565,11 +1565,16 @@ fips_mct_aes_test(void)
 	if (info.interim_info.aes_data.cipher_algo == RTE_CRYPTO_CIPHER_AES_ECB)
 		return fips_mct_aes_ecb_test();
 
+	memset(&pt, 0, sizeof(struct fips_val));
+	memset(&ct, 0, sizeof(struct fips_val));
+	memset(&iv, 0, sizeof(struct fips_val));
 	for (i = 0; i < AES_EXTERN_ITER; i++) {
-		if (i != 0)
-			update_info_vec(i);
+		if (info.file_type != FIPS_TYPE_JSON) {
+			if (i != 0)
+				update_info_vec(i);
 
-		fips_test_write_one_case();
+			fips_test_write_one_case();
+		}
 
 		for (j = 0; j < AES_INTERN_ITER; j++) {
 			ret = fips_run_test();
@@ -1585,7 +1590,7 @@ fips_mct_aes_test(void)
 				return ret;
 			}
 
-			ret = get_writeback_data(&val);
+			ret = get_writeback_data(&val[0]);
 			if (ret < 0)
 				return ret;
 
@@ -1593,24 +1598,39 @@ fips_mct_aes_test(void)
 				memcpy(prev_in, vec.ct.val, AES_BLOCK_SIZE);
 
 			if (j == 0) {
-				memcpy(prev_out, val.val, AES_BLOCK_SIZE);
+				memcpy(prev_out, val[0].val, AES_BLOCK_SIZE);
+				pt.len = vec.pt.len;
+				pt.val = calloc(1, pt.len);
+				memcpy(pt.val, vec.pt.val, pt.len);
+
+				ct.len = vec.ct.len;
+				ct.val = calloc(1, ct.len);
+				memcpy(ct.val, vec.ct.val, ct.len);
+
+				iv.len = vec.iv.len;
+				iv.val = calloc(1, iv.len);
+				memcpy(iv.val, vec.iv.val, iv.len);
 
 				if (info.op == FIPS_TEST_ENC_AUTH_GEN) {
-					memcpy(vec.pt.val, vec.iv.val,
-							AES_BLOCK_SIZE);
-					memcpy(vec.iv.val, val.val,
-							AES_BLOCK_SIZE);
+					memcpy(vec.pt.val, vec.iv.val, AES_BLOCK_SIZE);
+					memcpy(vec.iv.val, val[0].val, AES_BLOCK_SIZE);
+					val[1].val = pt.val;
+					val[1].len = pt.len;
+					val[2].val = iv.val;
+					val[2].len = iv.len;
 				} else {
-					memcpy(vec.ct.val, vec.iv.val,
-							AES_BLOCK_SIZE);
-					memcpy(vec.iv.val, prev_in,
-							AES_BLOCK_SIZE);
+					memcpy(vec.ct.val, vec.iv.val, AES_BLOCK_SIZE);
+					memcpy(vec.iv.val, prev_in, AES_BLOCK_SIZE);
+					val[1].val = ct.val;
+					val[1].len = ct.len;
+					val[2].val = iv.val;
+					val[2].len = iv.len;
 				}
 				continue;
 			}
 
 			if (info.op == FIPS_TEST_ENC_AUTH_GEN) {
-				memcpy(vec.iv.val, val.val, AES_BLOCK_SIZE);
+				memcpy(vec.iv.val, val[0].val, AES_BLOCK_SIZE);
 				memcpy(vec.pt.val, prev_out, AES_BLOCK_SIZE);
 			} else {
 				memcpy(vec.iv.val, prev_in, AES_BLOCK_SIZE);
@@ -1620,33 +1640,38 @@ fips_mct_aes_test(void)
 			if (j == AES_INTERN_ITER - 1)
 				continue;
 
-			memcpy(prev_out, val.val, AES_BLOCK_SIZE);
+			memcpy(prev_out, val[0].val, AES_BLOCK_SIZE);
 		}
 
-		info.parse_writeback(&val);
-		fprintf(info.fp_wr, "\n");
+		info.parse_writeback(val);
+		if (info.file_type != FIPS_TYPE_JSON)
+			fprintf(info.fp_wr, "\n");
 
-		if (i == AES_EXTERN_ITER - 1)
+		if (i == AES_EXTERN_ITER - 1) {
+			free(pt.val);
+			free(ct.val);
+			free(iv.val);
 			continue;
+		}
 
 		/** update key */
 		memcpy(&val_key, &vec.cipher_auth.key, sizeof(val_key));
 		for (k = 0; k < vec.cipher_auth.key.len; k++) {
 			switch (vec.cipher_auth.key.len) {
 			case 16:
-				val_key.val[k] ^= val.val[k];
+				val_key.val[k] ^= val[0].val[k];
 				break;
 			case 24:
 				if (k < 8)
 					val_key.val[k] ^= prev_out[k + 8];
 				else
-					val_key.val[k] ^= val.val[k - 8];
+					val_key.val[k] ^= val[0].val[k - 8];
 				break;
 			case 32:
 				if (k < 16)
 					val_key.val[k] ^= prev_out[k];
 				else
-					val_key.val[k] ^= val.val[k - 16];
+					val_key.val[k] ^= val[0].val[k - 16];
 				break;
 			default:
 				return -1;
@@ -1654,10 +1679,10 @@ fips_mct_aes_test(void)
 		}
 
 		if (info.op == FIPS_TEST_DEC_AUTH_VERIF)
-			memcpy(vec.iv.val, val.val, AES_BLOCK_SIZE);
+			memcpy(vec.iv.val, val[0].val, AES_BLOCK_SIZE);
 	}
 
-	free(val.val);
+	free(val[0].val);
 
 	return 0;
 }
@@ -1963,6 +1988,9 @@ fips_test_one_test_group(void)
 	case FIPS_TEST_ALGO_AES_CMAC:
 		ret = parse_test_cmac_json_init();
 		break;
+	case FIPS_TEST_ALGO_AES:
+		ret = parse_test_aes_json_init();
+		break;
 	default:
 		return -EINVAL;
 	}
-- 
2.25.1


^ permalink raw reply	[flat|nested] 122+ messages in thread

* [v8, 10/10] doc: add notes about acvp validation support
  2022-05-30 12:23             ` [v8, 00/10] Add JSON vector set support to fips validation Gowrishankar Muthukrishnan
                                 ` (8 preceding siblings ...)
  2022-05-30 12:23               ` [v8, 09/10] examples/fips_validation: add parsing for aes_cbc Gowrishankar Muthukrishnan
@ 2022-05-30 12:23               ` Gowrishankar Muthukrishnan
  2022-05-30 15:52               ` [v9, 00/10] Add JSON vector set support to fips validation Gowrishankar Muthukrishnan
  10 siblings, 0 replies; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-30 12:23 UTC (permalink / raw)
  To: dev
  Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
	Archana Muniganti, Jerin Jacob, Gowrishankar Muthukrishnan

Add notes on algorithms supported for ACVP validation.

Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
---
 doc/guides/sample_app_ug/fips_validation.rst | 30 +++++++++++++++-----
 1 file changed, 23 insertions(+), 7 deletions(-)

diff --git a/doc/guides/sample_app_ug/fips_validation.rst b/doc/guides/sample_app_ug/fips_validation.rst
index 39baea3346..4823531567 100644
--- a/doc/guides/sample_app_ug/fips_validation.rst
+++ b/doc/guides/sample_app_ug/fips_validation.rst
@@ -12,19 +12,22 @@ developed by the United States federal government for use in computer systems by
 non-military government agencies and government contractors.
 
 This application is used to parse and perform symmetric cryptography
-computation to the NIST Cryptographic Algorithm Validation Program (CAVP) test
-vectors.
+computation to the NIST Cryptographic Algorithm Validation Program (CAVP) and
+Automated Crypto Validation Protocol (ACVP) test vectors.
 
 For an algorithm implementation to be listed on a cryptographic module
 validation certificate as an Approved security function, the algorithm
-implementation must meet all the requirements of FIPS 140-2 and must
-successfully complete the cryptographic algorithm validation process.
+implementation must meet all the requirements of FIPS 140-2 (in case of CAVP)
+and FIPS 140-3 (in case of ACVP) and must successfully complete the
+cryptographic algorithm validation process.
 
 Limitations
 -----------
 
-* Only NIST CAVP request files are parsed by this application.
-* The version of request file supported is ``CAVS 21.0``
+CAVP
+----
+
+* The version of request file supported is ``CAVS 21.0``.
 * If the header comment in a ``.req`` file does not contain a Algo tag
   i.e ``AES,TDES,GCM`` you need to manually add it into the header comment for
   example::
@@ -32,7 +35,7 @@ Limitations
       # VARIABLE KEY - KAT for CBC / # TDES VARIABLE KEY - KAT for CBC
 
 * The application does not supply the test vectors. The user is expected to
-  obtain the test vector files from `NIST
+  obtain the test vector files from `NIST ACVP
   <https://csrc.nist.gov/projects/cryptographic-algorithm-validation-
   program/block-ciphers>`_ website. To obtain the ``.req`` files you need to
   email a person from the NIST website and pay for the ``.req`` files.
@@ -48,6 +51,19 @@ Limitations
     * TDES-CBC (1 Key, 2 Keys, 3 Keys) - MMT, Monte, Permop, Subkey, Varkey,
       VarText
 
+ACVP
+----
+
+* The application does not supply the test vectors. The user is expected to
+  obtain the test vector files from `NIST ACVP  <https://pages.nist.gov/ACVP>`_
+  website.
+* Supported test vectors
+    * AES-CBC (128,192,256) - AFT, MCT
+    * AES-GCM (128,192,256) - AFT
+    * AES-CMAC (128,192,256) - AFT
+    * HMAC (SHA1, SHA224, SHA256, SHA384, SHA512)
+
+
 Application Information
 -----------------------
 
-- 
2.25.1


^ permalink raw reply	[flat|nested] 122+ messages in thread

* [v9, 00/10] Add JSON vector set support to fips validation
  2022-05-30 12:23             ` [v8, 00/10] Add JSON vector set support to fips validation Gowrishankar Muthukrishnan
                                 ` (9 preceding siblings ...)
  2022-05-30 12:23               ` [v8, 10/10] doc: add notes about acvp validation support Gowrishankar Muthukrishnan
@ 2022-05-30 15:52               ` Gowrishankar Muthukrishnan
  2022-05-30 15:52                 ` [v9, 01/10] examples/fips_validation: add jansson dependency Gowrishankar Muthukrishnan
                                   ` (11 more replies)
  10 siblings, 12 replies; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-30 15:52 UTC (permalink / raw)
  To: dev
  Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
	Archana Muniganti, Jerin Jacob, Gowrishankar Muthukrishnan

Adds a very basic introduction to JSON vector sets in
the fips validation example application. This patch set
will only introduce the AES-GCM test using a JSON request
file because the other algorithms need more information
than what is given in the new JSON format.

v9:
* doc update.

v8:
* Fixed overlapped places for FIPS 140-2 test vectors.

v7:
* Fixed individual patches to build correctly.

v6:
* CI centos platform fix.

v5:
* AES_CBC support appended in series.

Brandon Lo (8):
  examples/fips_validation: add jansson dependency
  examples/fips_validation: add json info to header
  examples/fips_validation: add json parsing
  examples/fips_validation: allow json file as input
  examples/fips_validation: add json to gcm test
  examples/fips_validation: add json to hmac
  examples/fips_validation: implement json cmac test
  examples/fips_validation: add parsing for cmac

Gowrishankar Muthukrishnan (2):
  examples/fips_validation: add parsing for aes_cbc
  doc: add notes about acvp validation support

 doc/guides/sample_app_ug/fips_validation.rst  |  30 +-
 examples/fips_validation/fips_validation.c    | 117 ++++++-
 examples/fips_validation/fips_validation.h    |  64 +++-
 .../fips_validation/fips_validation_aes.c     | 223 +++++++++++++
 .../fips_validation/fips_validation_cmac.c    |  80 +++++
 .../fips_validation/fips_validation_gcm.c     | 152 ++++++++-
 .../fips_validation/fips_validation_hmac.c    |  93 ++++++
 examples/fips_validation/main.c               | 295 ++++++++++++++++--
 examples/fips_validation/meson.build          |   4 +
 9 files changed, 1015 insertions(+), 43 deletions(-)

-- 
2.25.1


^ permalink raw reply	[flat|nested] 122+ messages in thread

* [v9, 01/10] examples/fips_validation: add jansson dependency
  2022-05-30 15:52               ` [v9, 00/10] Add JSON vector set support to fips validation Gowrishankar Muthukrishnan
@ 2022-05-30 15:52                 ` Gowrishankar Muthukrishnan
  2022-05-30 15:52                 ` [v9, 02/10] examples/fips_validation: add json info to header Gowrishankar Muthukrishnan
                                   ` (10 subsequent siblings)
  11 siblings, 0 replies; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-30 15:52 UTC (permalink / raw)
  To: dev
  Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
	Archana Muniganti, Jerin Jacob, Brandon Lo,
	Gowrishankar Muthukrishnan

From: Brandon Lo <blo@iol.unh.edu>

Added a check for RTE_HAS_JANSSON into the meson
configuration file for JSON support.

Signed-off-by: Brandon Lo <blo@iol.unh.edu>
Acked-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
---
 examples/fips_validation/meson.build | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/examples/fips_validation/meson.build b/examples/fips_validation/meson.build
index 7eef456318..8cd63066b5 100644
--- a/examples/fips_validation/meson.build
+++ b/examples/fips_validation/meson.build
@@ -21,3 +21,7 @@ sources = files(
         'fips_dev_self_test.c',
         'main.c',
 )
+
+if dpdk_conf.has('RTE_HAS_JANSSON')
+    ext_deps += jansson_dep
+endif
-- 
2.25.1


^ permalink raw reply	[flat|nested] 122+ messages in thread

* [v9, 02/10] examples/fips_validation: add json info to header
  2022-05-30 15:52               ` [v9, 00/10] Add JSON vector set support to fips validation Gowrishankar Muthukrishnan
  2022-05-30 15:52                 ` [v9, 01/10] examples/fips_validation: add jansson dependency Gowrishankar Muthukrishnan
@ 2022-05-30 15:52                 ` Gowrishankar Muthukrishnan
  2022-05-30 15:52                 ` [v9, 03/10] examples/fips_validation: add json parsing Gowrishankar Muthukrishnan
                                   ` (9 subsequent siblings)
  11 siblings, 0 replies; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-30 15:52 UTC (permalink / raw)
  To: dev
  Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
	Archana Muniganti, Jerin Jacob, Brandon Lo,
	Gowrishankar Muthukrishnan

From: Brandon Lo <blo@iol.unh.edu>

Added json-specific functions and other information needed to
test the new FIPS test vectors.

Signed-off-by: Brandon Lo <blo@iol.unh.edu>
Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
---
v7:
* fix switch clause for info.file_type.

v5:
* fix typo in macro name for prefixes.

v2:
* fix type of prefix to suffix
---
 examples/fips_validation/fips_validation.c |  6 +--
 examples/fips_validation/fips_validation.h | 48 ++++++++++++++++++++--
 examples/fips_validation/main.c            |  2 +
 3 files changed, 49 insertions(+), 7 deletions(-)

diff --git a/examples/fips_validation/fips_validation.c b/examples/fips_validation/fips_validation.c
index 94253eaee8..38c99b291c 100644
--- a/examples/fips_validation/fips_validation.c
+++ b/examples/fips_validation/fips_validation.c
@@ -270,11 +270,11 @@ parse_file_type(const char *path)
 {
 	const char *tmp = path + strlen(path) - 3;
 
-	if (strstr(tmp, REQ_FILE_PERFIX))
+	if (strstr(tmp, REQ_FILE_PREFIX))
 		info.file_type = FIPS_TYPE_REQ;
-	else if (strstr(tmp, RSP_FILE_PERFIX))
+	else if (strstr(tmp, RSP_FILE_PREFIX))
 		info.file_type = FIPS_TYPE_RSP;
-	else if (strstr(path, FAX_FILE_PERFIX))
+	else if (strstr(path, FAX_FILE_PREFIX))
 		info.file_type = FIPS_TYPE_FAX;
 	else
 		return -EINVAL;
diff --git a/examples/fips_validation/fips_validation.h b/examples/fips_validation/fips_validation.h
index aaadf01ba8..a1c83a9a6a 100644
--- a/examples/fips_validation/fips_validation.h
+++ b/examples/fips_validation/fips_validation.h
@@ -5,6 +5,10 @@
 #ifndef _FIPS_VALIDATION_H_
 #define _FIPS_VALIDATION_H_
 
+#ifdef RTE_HAS_JANSSON
+#include <jansson.h>
+#endif /* RTE_HAS_JANSSON */
+
 #define FIPS_PARSE_ERR(fmt, args)					\
 	RTE_LOG(ERR, USER1, "FIPS parse error" ## fmt ## "\n", ## args)
 
@@ -21,9 +25,12 @@
 #define POSITIVE_TEST		0
 #define NEGATIVE_TEST		-1
 
-#define REQ_FILE_PERFIX		"req"
-#define RSP_FILE_PERFIX		"rsp"
-#define FAX_FILE_PERFIX		"fax"
+#define REQ_FILE_PREFIX		"req"
+#define RSP_FILE_PREFIX		"rsp"
+#define FAX_FILE_PREFIX		"fax"
+#define JSON_FILE_PREFIX	"json"
+
+#define ACVVERSION			"1.0"
 
 enum fips_test_algorithms {
 		FIPS_TEST_ALGO_AES = 0,
@@ -40,7 +47,8 @@ enum fips_test_algorithms {
 enum file_types {
 	FIPS_TYPE_REQ = 1,
 	FIPS_TYPE_FAX,
-	FIPS_TYPE_RSP
+	FIPS_TYPE_RSP,
+	FIPS_TYPE_JSON,
 };
 
 enum fips_test_op {
@@ -161,6 +169,23 @@ struct gcm_interim_data {
 	uint8_t gen_iv;
 };
 
+#ifdef RTE_HAS_JANSSON
+struct fips_test_json_info {
+	/* Information used for reading from json */
+	json_t *json_root;
+	json_t *json_vector_set;
+	json_t *json_test_group;
+	json_t *json_test_case;
+	/* Location of json write output */
+	json_t *json_write_root;
+	json_t *json_write_group;
+	json_t *json_write_set;
+	json_t *json_write_case;
+	/* Other info */
+	uint8_t is_sample;
+};
+#endif /* RTE_HAS_JANSSON */
+
 struct fips_test_interim_info {
 	FILE *fp_rd;
 	FILE *fp_wr;
@@ -196,6 +221,10 @@ struct fips_test_interim_info {
 extern struct fips_test_vector vec;
 extern struct fips_test_interim_info info;
 
+#ifdef RTE_HAS_JANSSON
+extern struct fips_test_json_info json_info;
+#endif /* RTE_HAS_JANSSON */
+
 int
 fips_test_init(const char *req_file_path, const char *rsp_file_path,
 		const char *device_name);
@@ -212,6 +241,17 @@ fips_test_parse_one_case(void);
 void
 fips_test_write_one_case(void);
 
+#ifdef RTE_HAS_JANSSON
+int
+fips_test_parse_one_json_vector_set(void);
+
+int
+fips_test_parse_one_json_group(void);
+
+int
+fips_test_parse_one_json_case(void);
+#endif /* RTE_HAS_JANSSON */
+
 int
 parse_test_aes_init(void);
 
diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c
index e06ae37567..554d74cda0 100644
--- a/examples/fips_validation/main.c
+++ b/examples/fips_validation/main.c
@@ -1251,6 +1251,8 @@ fips_generic_test(void)
 		if (ret < 0)
 			return ret;
 		break;
+	default:
+		break;
 	}
 
 	fprintf(info.fp_wr, "\n");
-- 
2.25.1


^ permalink raw reply	[flat|nested] 122+ messages in thread

* [v9, 03/10] examples/fips_validation: add json parsing
  2022-05-30 15:52               ` [v9, 00/10] Add JSON vector set support to fips validation Gowrishankar Muthukrishnan
  2022-05-30 15:52                 ` [v9, 01/10] examples/fips_validation: add jansson dependency Gowrishankar Muthukrishnan
  2022-05-30 15:52                 ` [v9, 02/10] examples/fips_validation: add json info to header Gowrishankar Muthukrishnan
@ 2022-05-30 15:52                 ` Gowrishankar Muthukrishnan
  2022-05-30 15:52                 ` [v9, 04/10] examples/fips_validation: allow json file as input Gowrishankar Muthukrishnan
                                   ` (8 subsequent siblings)
  11 siblings, 0 replies; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-30 15:52 UTC (permalink / raw)
  To: dev
  Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
	Archana Muniganti, Jerin Jacob, Brandon Lo,
	Gowrishankar Muthukrishnan

From: Brandon Lo <blo@iol.unh.edu>

Added functions to parse the required information from a vector set
given in the new json format.

Signed-off-by: Brandon Lo <blo@iol.unh.edu>
Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
---
v7:
* pulled json_info define from next patch.

v3:
* fix checkpatch warnings

v2:
* fix for loop initialization
---
 examples/fips_validation/fips_validation.c | 92 ++++++++++++++++++++++
 examples/fips_validation/main.c            |  4 +
 2 files changed, 96 insertions(+)

diff --git a/examples/fips_validation/fips_validation.c b/examples/fips_validation/fips_validation.c
index 38c99b291c..6594a15579 100644
--- a/examples/fips_validation/fips_validation.c
+++ b/examples/fips_validation/fips_validation.c
@@ -276,6 +276,8 @@ parse_file_type(const char *path)
 		info.file_type = FIPS_TYPE_RSP;
 	else if (strstr(path, FAX_FILE_PREFIX))
 		info.file_type = FIPS_TYPE_FAX;
+	else if (strstr(path, JSON_FILE_PREFIX))
+		info.file_type = FIPS_TYPE_JSON;
 	else
 		return -EINVAL;
 
@@ -311,6 +313,21 @@ fips_test_init(const char *req_file_path, const char *rsp_file_path,
 		return -EINVAL;
 	}
 
+	if (info.file_type == FIPS_TYPE_JSON) {
+#ifdef RTE_HAS_JANSSON
+		json_error_t error;
+		json_info.json_root = json_loadf(info.fp_rd, 0, &error);
+		if (!json_info.json_root) {
+			RTE_LOG(ERR, USER1, "Cannot parse json file %s (line %d, column %d)\n",
+				req_file_path, error.line, error.column);
+			return -EINVAL;
+		}
+#else /* RTE_HAS_JANSSON */
+		RTE_LOG(ERR, USER1, "No json library configured.\n");
+		return -EINVAL;
+#endif /* RTE_HAS_JANSSON */
+	}
+
 	info.fp_wr = fopen(rsp_file_path, "w");
 	if (!info.fp_wr) {
 		RTE_LOG(ERR, USER1, "Cannot open file %s\n", rsp_file_path);
@@ -329,6 +346,9 @@ fips_test_init(const char *req_file_path, const char *rsp_file_path,
 		return -EINVAL;
 	}
 
+	if (info.file_type == FIPS_TYPE_JSON)
+		return 0;
+
 	if (fips_test_parse_header() < 0) {
 		RTE_LOG(ERR, USER1, "Failed parsing header\n");
 		return -1;
@@ -428,6 +448,78 @@ fips_test_write_one_case(void)
 		fprintf(info.fp_wr, "%s\n", info.vec[i]);
 }
 
+#ifdef RTE_HAS_JANSSON
+int
+fips_test_parse_one_json_vector_set(void)
+{
+	json_t *algo_obj = json_object_get(json_info.json_vector_set, "algorithm");
+	const char *algo_str = json_string_value(algo_obj);
+
+	/* Vector sets contain the algorithm type, and nothing else we need. */
+	if (strstr(algo_str, "AES-GCM"))
+		info.algo = FIPS_TEST_ALGO_AES_GCM;
+	else
+		return -EINVAL;
+
+	return 0;
+}
+
+int
+fips_test_parse_one_json_group(void)
+{
+	int ret, i;
+	json_int_t val;
+	json_t *param;
+
+	if (info.interim_callbacks) {
+		char json_value[256];
+		for (i = 0; info.interim_callbacks[i].key != NULL; i++) {
+			param = json_object_get(json_info.json_test_group,
+					info.interim_callbacks[i].key);
+			val = json_integer_value(param);
+			snprintf(json_value, 255, "%"JSON_INTEGER_FORMAT, val);
+			/* First argument is blank because the key
+			 * is not included in the string being parsed.
+			 */
+			ret = info.interim_callbacks[i].cb(
+				"", json_value,
+				info.interim_callbacks[i].val
+			);
+			if (ret < 0)
+				return ret;
+		}
+	}
+
+	return 0;
+}
+
+int
+fips_test_parse_one_json_case(void)
+{
+	uint32_t i;
+	int ret = 0;
+	json_t *param;
+
+	for (i = 0; info.callbacks[i].key != NULL; i++) {
+		param = json_object_get(json_info.json_test_case, info.callbacks[i].key);
+		if (param) {
+			strcpy(info.one_line_text, json_string_value(param));
+			/* First argument is blank because the key
+			 * is not included in the string being parsed.
+			 */
+			ret = info.callbacks[i].cb(
+				"", info.one_line_text,
+				info.callbacks[i].val
+			);
+			if (ret < 0)
+				return ret;
+		}
+	}
+
+	return 0;
+}
+#endif /* RTE_HAS_JANSSON */
+
 static int
 parser_read_uint64_hex(uint64_t *value, const char *p)
 {
diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c
index 554d74cda0..11db983ab0 100644
--- a/examples/fips_validation/main.c
+++ b/examples/fips_validation/main.c
@@ -39,6 +39,10 @@ enum {
 struct fips_test_vector vec;
 struct fips_test_interim_info info;
 
+#ifdef RTE_HAS_JANSSON
+struct fips_test_json_info json_info;
+#endif /* RTE_HAS_JANSSON */
+
 struct cryptodev_fips_validate_env {
 	const char *req_path;
 	const char *rsp_path;
-- 
2.25.1


^ permalink raw reply	[flat|nested] 122+ messages in thread

* [v9, 04/10] examples/fips_validation: allow json file as input
  2022-05-30 15:52               ` [v9, 00/10] Add JSON vector set support to fips validation Gowrishankar Muthukrishnan
                                   ` (2 preceding siblings ...)
  2022-05-30 15:52                 ` [v9, 03/10] examples/fips_validation: add json parsing Gowrishankar Muthukrishnan
@ 2022-05-30 15:52                 ` Gowrishankar Muthukrishnan
  2022-05-30 15:52                 ` [v9, 05/10] examples/fips_validation: add json to gcm test Gowrishankar Muthukrishnan
                                   ` (7 subsequent siblings)
  11 siblings, 0 replies; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-30 15:52 UTC (permalink / raw)
  To: dev
  Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
	Archana Muniganti, Jerin Jacob, Brandon Lo,
	Gowrishankar Muthukrishnan

From: Brandon Lo <blo@iol.unh.edu>

Added the ability to use the json format as the input
and output of the example application.

Signed-off-by: Brandon Lo <blo@iol.unh.edu>
Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
--
v8:
* dont steal refcount on write_set using _new as latter is updated
  subsequently in same function.
* fix fips_test_one_test_case to handle error code hence avoid
  incorrect test data in response file since a test run for json
  req file.
* Do not show bypass string in response for json file test.

v5:
* fix to check info.file_type in json file type as well.

v3:
* fix checkpatch warnings

v2:
* remove use_json variable
---
 examples/fips_validation/main.c | 206 +++++++++++++++++++++++++++++++-
 1 file changed, 203 insertions(+), 3 deletions(-)

diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c
index 11db983ab0..5bebff853e 100644
--- a/examples/fips_validation/main.c
+++ b/examples/fips_validation/main.c
@@ -34,6 +34,8 @@ enum {
 	OPT_CRYPTODEV_BK_ID_NUM,
 #define OPT_CRYPTODEV_BK_DIR_KEY    "broken-test-dir"
 	OPT_CRYPTODEV_BK_DIR_KEY_NUM,
+#define OPT_USE_JSON                "use-json"
+	OPT_USE_JSON_NUM,
 };
 
 struct fips_test_vector vec;
@@ -170,6 +172,11 @@ cryptodev_fips_validate_app_uninit(void)
 static int
 fips_test_one_file(void);
 
+#ifdef RTE_HAS_JANSSON
+static int
+fips_test_one_json_file(void);
+#endif /* RTE_HAS_JANSSON */
+
 static int
 parse_cryptodev_arg(char *arg)
 {
@@ -429,8 +436,17 @@ main(int argc, char *argv[])
 			goto exit;
 		}
 
-
+#ifdef RTE_HAS_JANSSON
+		if (info.file_type == FIPS_TYPE_JSON) {
+			ret = fips_test_one_json_file();
+			json_decref(json_info.json_root);
+		}  else {
+			ret = fips_test_one_file();
+		}
+#else /* RTE_HAS_JANSSON */
 		ret = fips_test_one_file();
+#endif /* RTE_HAS_JANSSON */
+
 		if (ret < 0) {
 			RTE_LOG(ERR, USER1, "Error %i: Failed test %s\n",
 					ret, env.req_path);
@@ -485,7 +501,17 @@ main(int argc, char *argv[])
 				break;
 			}
 
+#ifdef RTE_HAS_JANSSON
+			if (info.file_type == FIPS_TYPE_JSON) {
+				ret = fips_test_one_json_file();
+				json_decref(json_info.json_root);
+			} else {
+				ret = fips_test_one_file();
+			}
+#else /* RTE_HAS_JANSSON */
 			ret = fips_test_one_file();
+#endif /* RTE_HAS_JANSSON */
+
 			if (ret < 0) {
 				RTE_LOG(ERR, USER1, "Error %i: Failed test %s\n",
 						ret, req_path);
@@ -1223,11 +1249,15 @@ fips_generic_test(void)
 	struct fips_val val = {NULL, 0};
 	int ret;
 
-	fips_test_write_one_case();
+	if (info.file_type != FIPS_TYPE_JSON)
+		fips_test_write_one_case();
 
 	ret = fips_run_test();
 	if (ret < 0) {
 		if (ret == -EPERM || ret == -ENOTSUP) {
+			if (info.file_type == FIPS_TYPE_JSON)
+				return ret;
+
 			fprintf(info.fp_wr, "Bypass\n\n");
 			return 0;
 		}
@@ -1242,6 +1272,7 @@ fips_generic_test(void)
 	switch (info.file_type) {
 	case FIPS_TYPE_REQ:
 	case FIPS_TYPE_RSP:
+	case FIPS_TYPE_JSON:
 		if (info.parse_writeback == NULL)
 			return -EPERM;
 		ret = info.parse_writeback(&val);
@@ -1259,7 +1290,8 @@ fips_generic_test(void)
 		break;
 	}
 
-	fprintf(info.fp_wr, "\n");
+	if (info.file_type != FIPS_TYPE_JSON)
+		fprintf(info.fp_wr, "\n");
 	free(val.val);
 
 	return 0;
@@ -1294,6 +1326,9 @@ fips_mct_tdes_test(void)
 			ret = fips_run_test();
 			if (ret < 0) {
 				if (ret == -EPERM) {
+					if (info.file_type == FIPS_TYPE_JSON)
+						return ret;
+
 					fprintf(info.fp_wr, "Bypass\n");
 					return 0;
 				}
@@ -1455,6 +1490,9 @@ fips_mct_aes_ecb_test(void)
 			ret = fips_run_test();
 			if (ret < 0) {
 				if (ret == -EPERM) {
+					if (info.file_type == FIPS_TYPE_JSON)
+						return ret;
+
 					fprintf(info.fp_wr, "Bypass\n");
 					return 0;
 				}
@@ -1537,6 +1575,9 @@ fips_mct_aes_test(void)
 			ret = fips_run_test();
 			if (ret < 0) {
 				if (ret == -EPERM) {
+					if (info.file_type == FIPS_TYPE_JSON)
+						return ret;
+
 					fprintf(info.fp_wr, "Bypass\n");
 					return 0;
 				}
@@ -1667,6 +1708,9 @@ fips_mct_sha_test(void)
 			ret = fips_run_test();
 			if (ret < 0) {
 				if (ret == -EPERM || ret == -ENOTSUP) {
+					if (info.file_type == FIPS_TYPE_JSON)
+						return ret;
+
 					fprintf(info.fp_wr, "Bypass\n\n");
 					return 0;
 				}
@@ -1850,3 +1894,159 @@ fips_test_one_file(void)
 
 	return ret;
 }
+
+#ifdef RTE_HAS_JANSSON
+static int
+fips_test_json_init_writeback(void)
+{
+	json_t *session_info, *session_write;
+	session_info = json_array_get(json_info.json_root, 0);
+	session_write = json_object();
+	json_info.json_write_root = json_array();
+
+	json_object_set(session_write, "jwt",
+		json_object_get(session_info, "jwt"));
+	json_object_set(session_write, "url",
+		json_object_get(session_info, "url"));
+	json_object_set(session_write, "isSample",
+		json_object_get(session_info, "isSample"));
+
+	json_info.is_sample = json_boolean_value(
+		json_object_get(session_info, "isSample"));
+
+	json_array_append_new(json_info.json_write_root, session_write);
+	return 0;
+}
+
+static int
+fips_test_one_test_case(void)
+{
+	int ret;
+
+	ret = fips_test_parse_one_json_case();
+
+	switch (ret) {
+	case 0:
+		ret = test_ops.test();
+		if ((ret == 0) || (ret == -EPERM || ret == -ENOTSUP))
+			break;
+		RTE_LOG(ERR, USER1, "Error %i: test block\n",
+				ret);
+		break;
+	default:
+		RTE_LOG(ERR, USER1, "Error %i: Parse block\n",
+				ret);
+	}
+	return ret;
+}
+
+static int
+fips_test_one_test_group(void)
+{
+	int ret;
+	json_t *tests, *write_tests;
+	size_t test_idx, tests_size;
+
+	write_tests = json_array();
+	json_info.json_write_group = json_object();
+	json_object_set(json_info.json_write_group, "tgId",
+		json_object_get(json_info.json_test_group, "tgId"));
+	json_object_set_new(json_info.json_write_group, "tests", write_tests);
+
+	switch (info.algo) {
+	case FIPS_TEST_ALGO_AES_GCM:
+		ret = parse_test_gcm_init();
+		break;
+	default:
+		return -EINVAL;
+	}
+	if (ret < 0)
+		return ret;
+
+	ret = fips_test_parse_one_json_group();
+	if (ret < 0)
+		return ret;
+
+	ret = init_test_ops();
+	if (ret < 0)
+		return ret;
+
+	tests = json_object_get(json_info.json_test_group, "tests");
+	tests_size = json_array_size(tests);
+	for (test_idx = 0; test_idx < tests_size; test_idx++) {
+		json_info.json_test_case = json_array_get(tests, test_idx);
+		if (fips_test_one_test_case() == 0)
+			json_array_append_new(write_tests, json_info.json_write_case);
+	}
+
+	return 0;
+}
+
+static int
+fips_test_one_vector_set(void)
+{
+	int ret;
+	json_t *test_groups, *write_groups, *write_version, *write_set;
+	size_t group_idx, num_groups;
+
+	test_groups = json_object_get(json_info.json_vector_set, "testGroups");
+	num_groups = json_array_size(test_groups);
+
+	json_info.json_write_set = json_array();
+	write_version = json_object();
+	json_object_set_new(write_version, "acvVersion", json_string(ACVVERSION));
+	json_array_append_new(json_info.json_write_set, write_version);
+
+	write_set = json_object();
+	json_array_append(json_info.json_write_set, write_set);
+	write_groups = json_array();
+
+	json_object_set(write_set, "vsId",
+		json_object_get(json_info.json_vector_set, "vsId"));
+	json_object_set(write_set, "algorithm",
+		json_object_get(json_info.json_vector_set, "algorithm"));
+	json_object_set(write_set, "revision",
+		json_object_get(json_info.json_vector_set, "revision"));
+	json_object_set_new(write_set, "isSample",
+		json_boolean(json_info.is_sample));
+	json_object_set_new(write_set, "testGroups", write_groups);
+
+	ret = fips_test_parse_one_json_vector_set();
+	if (ret < 0) {
+		RTE_LOG(ERR, USER1, "Error: Unsupported or invalid vector set algorithm: %s\n",
+			json_string_value(json_object_get(json_info.json_vector_set, "algorithm")));
+		return ret;
+	}
+
+	for (group_idx = 0; group_idx < num_groups; group_idx++) {
+		json_info.json_test_group = json_array_get(test_groups, group_idx);
+		ret = fips_test_one_test_group();
+		json_array_append_new(write_groups, json_info.json_write_group);
+	}
+
+	return 0;
+}
+
+static int
+fips_test_one_json_file(void)
+{
+	size_t vector_set_idx, root_size;
+
+	root_size = json_array_size(json_info.json_root);
+	fips_test_json_init_writeback();
+
+	for (vector_set_idx = 1; vector_set_idx < root_size; vector_set_idx++) {
+		/* Vector set index starts at 1, the 0th index contains test session
+		 * information.
+		 */
+		json_info.json_vector_set = json_array_get(json_info.json_root, vector_set_idx);
+		fips_test_one_vector_set();
+		json_array_append_new(json_info.json_write_root, json_info.json_write_set);
+	}
+
+	json_dumpf(json_info.json_write_root, info.fp_wr, JSON_INDENT(4));
+	json_decref(json_info.json_write_root);
+
+	return 0;
+}
+#endif /* RTE_HAS_JANSSON */
-- 
2.25.1


^ permalink raw reply	[flat|nested] 122+ messages in thread

* [v9, 05/10] examples/fips_validation: add json to gcm test
  2022-05-30 15:52               ` [v9, 00/10] Add JSON vector set support to fips validation Gowrishankar Muthukrishnan
                                   ` (3 preceding siblings ...)
  2022-05-30 15:52                 ` [v9, 04/10] examples/fips_validation: allow json file as input Gowrishankar Muthukrishnan
@ 2022-05-30 15:52                 ` Gowrishankar Muthukrishnan
  2022-05-30 15:52                 ` [v9, 06/10] examples/fips_validation: add json to hmac Gowrishankar Muthukrishnan
                                   ` (6 subsequent siblings)
  11 siblings, 0 replies; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-30 15:52 UTC (permalink / raw)
  To: dev
  Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
	Archana Muniganti, Jerin Jacob, Brandon Lo,
	Gowrishankar Muthukrishnan

From: Brandon Lo <blo@iol.unh.edu>

Adds json-specific testing and writeback function. Allows
the user to test AES-GCM vector sets.

Signed-off-by: Brandon Lo <blo@iol.unh.edu>
Acked-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
---
v8:
* reset IV generation var in every test group as initialization.

v3:
* fix checkpatch warnings
---
 examples/fips_validation/fips_validation.h    |   3 +
 .../fips_validation/fips_validation_gcm.c     | 152 +++++++++++++++++-
 examples/fips_validation/main.c               |   3 +-
 3 files changed, 156 insertions(+), 2 deletions(-)

diff --git a/examples/fips_validation/fips_validation.h b/examples/fips_validation/fips_validation.h
index a1c83a9a6a..8b9d528c53 100644
--- a/examples/fips_validation/fips_validation.h
+++ b/examples/fips_validation/fips_validation.h
@@ -250,6 +250,9 @@ fips_test_parse_one_json_group(void);
 
 int
 fips_test_parse_one_json_case(void);
+
+int
+parse_test_gcm_json_init(void);
 #endif /* RTE_HAS_JANSSON */
 
 int
diff --git a/examples/fips_validation/fips_validation_gcm.c b/examples/fips_validation/fips_validation_gcm.c
index 250d09bf90..7e89f2a6b2 100644
--- a/examples/fips_validation/fips_validation_gcm.c
+++ b/examples/fips_validation/fips_validation_gcm.c
@@ -6,6 +6,10 @@
 #include <time.h>
 #include <stdio.h>
 
+#ifdef RTE_HAS_JANSSON
+#include <jansson.h>
+#endif /* RTE_HAS_JANSSON */
+
 #include <rte_cryptodev.h>
 #include <rte_malloc.h>
 
@@ -37,6 +41,27 @@
 #define OP_ENC_EXT_STR	"ExtIV"
 #define OP_ENC_INT_STR	"IntIV"
 
+#define KEYLEN_JSON_STR		"keyLen"
+#define IVLEN_JSON_STR		"ivLen"
+#define PAYLOADLEN_JSON_STR	"payloadLen"
+#define AADLEN_JSON_STR		"aadLen"
+#define TAGLEN_JSON_STR		"tagLen"
+
+#define KEY_JSON_STR	"key"
+#define IV_JSON_STR		"iv"
+#define PT_JSON_STR		"pt"
+#define CT_JSON_STR		"ct"
+#define AAD_JSON_STR	"aad"
+#define TAG_JSON_STR	"tag"
+#define DIR_JSON_STR	"direction"
+
+#define OP_ENC_JSON_STR	"encrypt"
+#define OP_DEC_JSON_STR	"decrypt"
+
+#define IVGEN_JSON_STR	"ivGen"
+#define OP_ENC_EXT_JSON_STR	"external"
+#define OP_ENC_INT_JSON_STR	"internal"
+
 #define NEG_TEST_STR	"FAIL"
 
 /**
@@ -136,6 +161,40 @@ struct fips_test_callback gcm_enc_vectors[] = {
 		{NULL, NULL, NULL} /**< end pointer */
 };
 
+#ifdef RTE_HAS_JANSSON
+struct fips_test_callback gcm_dec_json_vectors[] = {
+		{KEY_JSON_STR, parse_uint8_known_len_hex_str, &vec.aead.key},
+		{IV_JSON_STR, parse_uint8_known_len_hex_str, &vec.iv},
+		{CT_JSON_STR, parse_gcm_pt_ct_str, &vec.ct},
+		{AAD_JSON_STR, parse_gcm_aad_str, &vec.aead.aad},
+		{TAG_JSON_STR, parse_uint8_known_len_hex_str,
+				&vec.aead.digest},
+		{NULL, NULL, NULL} /**< end pointer */
+};
+
+struct fips_test_callback gcm_interim_json_vectors[] = {
+		{KEYLEN_JSON_STR, parser_read_uint32_bit_val, &vec.aead.key},
+		{IVLEN_JSON_STR, parser_read_uint32_bit_val, &vec.iv},
+		{PAYLOADLEN_JSON_STR, parser_read_gcm_pt_len, &vec.pt},
+		{PAYLOADLEN_JSON_STR, parser_read_uint32_bit_val, &vec.ct},
+		/**< The NIST json test vectors use 'payloadLen' to denote input text
+		 *  length in case of decrypt & encrypt operations.
+		 */
+		{AADLEN_JSON_STR, parser_read_uint32_bit_val, &vec.aead.aad},
+		{TAGLEN_JSON_STR, parser_read_uint32_bit_val,
+				&vec.aead.digest},
+		{NULL, NULL, NULL} /**< end pointer */
+};
+
+struct fips_test_callback gcm_enc_json_vectors[] = {
+		{KEY_JSON_STR, parse_uint8_known_len_hex_str, &vec.aead.key},
+		{IV_JSON_STR, parse_uint8_known_len_hex_str, &vec.iv},
+		{PT_JSON_STR, parse_gcm_pt_ct_str, &vec.pt},
+		{AAD_JSON_STR, parse_gcm_aad_str, &vec.aead.aad},
+		{NULL, NULL, NULL} /**< end pointer */
+};
+#endif /* RTE_HAS_JANSSON */
+
 static int
 parse_test_gcm_writeback(struct fips_val *val)
 {
@@ -194,7 +253,6 @@ parse_test_gcm_init(void)
 	char *tmp;
 	uint32_t i;
 
-
 	for (i = 0; i < info.nb_vec_lines; i++) {
 		char *line = info.vec[i];
 
@@ -218,3 +276,95 @@ parse_test_gcm_init(void)
 
 	return 0;
 }
+
+#ifdef RTE_HAS_JANSSON
+static int
+parse_test_gcm_json_writeback(struct fips_val *val)
+{
+	struct fips_val tmp_val;
+	json_t *tcId, *tag;
+
+	tcId = json_object_get(json_info.json_test_case, "tcId");
+
+	json_info.json_write_case = json_object();
+	json_object_set(json_info.json_write_case, "tcId", tcId);
+
+	if (info.op == FIPS_TEST_ENC_AUTH_GEN) {
+		json_t *ct;
+
+		tmp_val.val = val->val;
+		tmp_val.len = vec.pt.len;
+
+		writeback_hex_str("", info.one_line_text, &tmp_val);
+		ct = json_string(info.one_line_text);
+		json_object_set_new(json_info.json_write_case, CT_JSON_STR, ct);
+
+		if (info.interim_info.gcm_data.gen_iv) {
+			json_t *iv;
+			tmp_val.val = vec.iv.val;
+			tmp_val.len = vec.iv.len;
+
+			writeback_hex_str("", info.one_line_text, &tmp_val);
+			iv = json_string(info.one_line_text);
+			json_object_set_new(json_info.json_write_case, IV_JSON_STR, iv);
+
+			rte_free(vec.iv.val);
+			vec.iv.val = NULL;
+		}
+
+		tmp_val.val = val->val + vec.pt.len;
+		tmp_val.len = val->len - vec.pt.len;
+
+		writeback_hex_str("", info.one_line_text, &tmp_val);
+		tag = json_string(info.one_line_text);
+		json_object_set_new(json_info.json_write_case, TAG_JSON_STR, tag);
+	} else {
+		if (vec.status == RTE_CRYPTO_OP_STATUS_SUCCESS) {
+			if (!info.interim_info.gcm_data.is_gmac) {
+				tmp_val.val = val->val;
+				tmp_val.len = vec.pt.len;
+
+				writeback_hex_str("", info.one_line_text, &tmp_val);
+				json_object_set_new(json_info.json_write_case, PT_JSON_STR,
+					json_string(info.one_line_text));
+			}
+		} else {
+			json_object_set_new(json_info.json_write_case, "testPassed", json_false());
+		}
+	}
+
+	return 0;
+}
+
+int
+parse_test_gcm_json_init(void)
+{
+	json_t *direction_obj;
+	const char *direction_str;
+
+	direction_obj = json_object_get(json_info.json_test_group, DIR_JSON_STR);
+	direction_str = json_string_value(direction_obj);
+	info.interim_info.gcm_data.gen_iv = 0;
+
+	if (strcmp(direction_str, OP_ENC_JSON_STR) == 0) {
+		json_t *ivGen_obj = json_object_get(json_info.json_test_group, IVGEN_JSON_STR);
+		const char *ivGen_str = json_string_value(ivGen_obj);
+
+		info.op = FIPS_TEST_ENC_AUTH_GEN;
+		info.callbacks = gcm_enc_json_vectors;
+
+		if (strcmp(ivGen_str, OP_ENC_INT_JSON_STR) == 0)
+			info.interim_info.gcm_data.gen_iv = 1;
+	} else if (strcmp(direction_str, OP_DEC_JSON_STR) == 0) {
+		info.op = FIPS_TEST_DEC_AUTH_VERIF;
+		info.callbacks = gcm_dec_json_vectors;
+	} else {
+		return -EINVAL;
+	}
+	info.interim_callbacks = gcm_interim_json_vectors;
+	info.parse_writeback = parse_test_gcm_json_writeback;
+
+	return 0;
+}
+#endif /* RTE_HAS_JANSSON */
+
diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c
index 5bebff853e..e729b01529 100644
--- a/examples/fips_validation/main.c
+++ b/examples/fips_validation/main.c
@@ -1955,11 +1955,12 @@ fips_test_one_test_group(void)
 
 	switch (info.algo) {
 	case FIPS_TEST_ALGO_AES_GCM:
-		ret = parse_test_gcm_init();
+		ret = parse_test_gcm_json_init();
 		break;
 	default:
 		return -EINVAL;
 	}
+
 	if (ret < 0)
 		return ret;
 
-- 
2.25.1


^ permalink raw reply	[flat|nested] 122+ messages in thread

* [v9, 06/10] examples/fips_validation: add json to hmac
  2022-05-30 15:52               ` [v9, 00/10] Add JSON vector set support to fips validation Gowrishankar Muthukrishnan
                                   ` (4 preceding siblings ...)
  2022-05-30 15:52                 ` [v9, 05/10] examples/fips_validation: add json to gcm test Gowrishankar Muthukrishnan
@ 2022-05-30 15:52                 ` Gowrishankar Muthukrishnan
  2022-05-30 15:52                 ` [v9, 07/10] examples/fips_validation: implement json cmac test Gowrishankar Muthukrishnan
                                   ` (5 subsequent siblings)
  11 siblings, 0 replies; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-30 15:52 UTC (permalink / raw)
  To: dev
  Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
	Archana Muniganti, Jerin Jacob, Brandon Lo,
	Gowrishankar Muthukrishnan

From: Brandon Lo <blo@iol.unh.edu>

Adds JSON support for the HMAC algorithm.

Signed-off-by: Brandon Lo <blo@iol.unh.edu>
Acked-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
---
 examples/fips_validation/fips_validation.c    |  2 +
 examples/fips_validation/fips_validation.h    |  6 ++
 .../fips_validation/fips_validation_hmac.c    | 93 +++++++++++++++++++
 examples/fips_validation/main.c               |  3 +
 4 files changed, 104 insertions(+)

diff --git a/examples/fips_validation/fips_validation.c b/examples/fips_validation/fips_validation.c
index 6594a15579..e8520f59cf 100644
--- a/examples/fips_validation/fips_validation.c
+++ b/examples/fips_validation/fips_validation.c
@@ -458,6 +458,8 @@ fips_test_parse_one_json_vector_set(void)
 	/* Vector sets contain the algorithm type, and nothing else we need. */
 	if (strstr(algo_str, "AES-GCM"))
 		info.algo = FIPS_TEST_ALGO_AES_GCM;
+	if (strstr(algo_str, "HMAC"))
+		info.algo = FIPS_TEST_ALGO_HMAC;
 	else
 		return -EINVAL;
 
diff --git a/examples/fips_validation/fips_validation.h b/examples/fips_validation/fips_validation.h
index 8b9d528c53..3b3ffb7fa6 100644
--- a/examples/fips_validation/fips_validation.h
+++ b/examples/fips_validation/fips_validation.h
@@ -253,6 +253,12 @@ fips_test_parse_one_json_case(void);
 
 int
 parse_test_gcm_json_init(void);
+
+int
+parse_test_hmac_json_init(void);
+
+int
+parse_test_hmac_json_algorithm(void);
 #endif /* RTE_HAS_JANSSON */
 
 int
diff --git a/examples/fips_validation/fips_validation_hmac.c b/examples/fips_validation/fips_validation_hmac.c
index 1285c9d283..4cd1b1ac07 100644
--- a/examples/fips_validation/fips_validation_hmac.c
+++ b/examples/fips_validation/fips_validation_hmac.c
@@ -19,6 +19,15 @@
 #define PT_STR		"Msg = "
 #define TAG_STR		"Mac = "
 
+#define ALGO_JSON_STR	"algorithm"
+
+#define KEYLEN_JSON_STR	"keyLen"
+#define TAGLEN_JSON_STR	"macLen"
+
+#define KEY_JSON_STR	"key"
+#define PT_JSON_STR		"msg"
+#define TAG_JSON_STR	"mac"
+
 struct hash_size_conversion {
 	const char *str;
 	enum rte_crypto_auth_algorithm algo;
@@ -65,6 +74,29 @@ struct fips_test_callback hmac_tests_interim_vectors[] = {
 		{NULL, NULL, NULL} /**< end pointer */
 };
 
+#ifdef RTE_HAS_JANSSON
+struct hash_size_conversion json_algorithms[] = {
+		{"HMAC-SHA-1", RTE_CRYPTO_AUTH_SHA1_HMAC},
+		{"HMAC-SHA2-224", RTE_CRYPTO_AUTH_SHA224_HMAC},
+		{"HMAC-SHA2-256", RTE_CRYPTO_AUTH_SHA256_HMAC},
+		{"HMAC-SHA2-384", RTE_CRYPTO_AUTH_SHA384_HMAC},
+		{"HMAC-SHA2-512", RTE_CRYPTO_AUTH_SHA512_HMAC},
+};
+
+struct fips_test_callback hmac_tests_json_vectors[] = {
+		{KEY_JSON_STR, parse_uint8_hex_str, &vec.cipher_auth.key},
+		{PT_JSON_STR, parse_uint8_hex_str, &vec.pt},
+		{TAG_JSON_STR, parse_uint8_hex_str, &vec.cipher_auth.digest},
+		{NULL, NULL, NULL} /**< end pointer */
+};
+
+struct fips_test_callback hmac_tests_interim_json_vectors[] = {
+		{KEYLEN_JSON_STR, parser_read_uint32_val, &vec.cipher_auth.key},
+		{TAGLEN_JSON_STR, parser_read_uint32_bit_val, &vec.cipher_auth.digest},
+		{NULL, NULL, NULL} /**< end pointer */
+};
+#endif /* RTE_HAS_JANSSON */
+
 static int
 parse_test_hmac_writeback(struct fips_val *val)
 {
@@ -103,3 +135,64 @@ parse_test_hmac_init(void)
 
 	return 0;
 }
+
+#ifdef RTE_HAS_JANSSON
+static int
+parse_test_hmac_json_writeback(struct fips_val *val)
+{
+	struct fips_val val_local;
+	json_t *tcId, *mac;
+
+	tcId = json_object_get(json_info.json_test_case, "tcId");
+
+	json_info.json_write_case = json_object();
+	json_object_set(json_info.json_write_case, "tcId", tcId);
+
+
+	val_local.val = val->val + vec.pt.len;
+	val_local.len = vec.cipher_auth.digest.len;
+
+	writeback_hex_str("", info.one_line_text, &val_local);
+
+	mac = json_string(info.one_line_text);
+	json_object_set_new(json_info.json_write_case, TAG_JSON_STR, mac);
+
+	return 0;
+}
+
+int
+parse_test_hmac_json_algorithm(void)
+{
+	json_t *algorithm_object;
+	const char *algorithm_str;
+	uint32_t i;
+
+	algorithm_object = json_object_get(json_info.json_vector_set, "algorithm");
+	algorithm_str = json_string_value(algorithm_object);
+
+	for (i = 0; i < RTE_DIM(json_algorithms); i++) {
+		if (strstr(algorithm_str, json_algorithms[i].str)) {
+			info.interim_info.hmac_data.algo = json_algorithms[i].algo;
+			return 0;
+		}
+	}
+
+	return -1;
+}
+
+int
+parse_test_hmac_json_init(void)
+{
+	info.op = FIPS_TEST_ENC_AUTH_GEN;
+	info.parse_writeback = parse_test_hmac_json_writeback;
+	info.callbacks = hmac_tests_json_vectors;
+	info.writeback_callbacks = NULL;
+	info.kat_check = rsp_test_hmac_check;
+	info.interim_callbacks = hmac_tests_interim_json_vectors;
+
+	if (parse_test_hmac_json_algorithm() < 0)
+		return -1;
+
+	return 0;
+}
+#endif /* RTE_HAS_JANSSON */
diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c
index e729b01529..2393559d0d 100644
--- a/examples/fips_validation/main.c
+++ b/examples/fips_validation/main.c
@@ -1957,6 +1957,9 @@ fips_test_one_test_group(void)
 	case FIPS_TEST_ALGO_AES_GCM:
 		ret = parse_test_gcm_json_init();
 		break;
+	case FIPS_TEST_ALGO_HMAC:
+		ret = parse_test_hmac_json_init();
+		break;
 	default:
 		return -EINVAL;
 	}
-- 
2.25.1


^ permalink raw reply	[flat|nested] 122+ messages in thread

* [v9, 07/10] examples/fips_validation: implement json cmac test
  2022-05-30 15:52               ` [v9, 00/10] Add JSON vector set support to fips validation Gowrishankar Muthukrishnan
                                   ` (5 preceding siblings ...)
  2022-05-30 15:52                 ` [v9, 06/10] examples/fips_validation: add json to hmac Gowrishankar Muthukrishnan
@ 2022-05-30 15:52                 ` Gowrishankar Muthukrishnan
  2022-05-30 15:52                 ` [v9, 08/10] examples/fips_validation: add parsing for cmac Gowrishankar Muthukrishnan
                                   ` (4 subsequent siblings)
  11 siblings, 0 replies; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-30 15:52 UTC (permalink / raw)
  To: dev
  Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
	Archana Muniganti, Jerin Jacob, Brandon Lo,
	Gowrishankar Muthukrishnan

From: Brandon Lo <blo@iol.unh.edu>

Implemented JSON support for the CMAC test.

Signed-off-by: Brandon Lo <blo@iol.unh.edu>
Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
---
v5:
* parser_read_cmac_direction_str is static.
---
 examples/fips_validation/fips_validation.h    |  3 +
 .../fips_validation/fips_validation_cmac.c    | 80 +++++++++++++++++++
 2 files changed, 83 insertions(+)

diff --git a/examples/fips_validation/fips_validation.h b/examples/fips_validation/fips_validation.h
index 3b3ffb7fa6..88cbb0303e 100644
--- a/examples/fips_validation/fips_validation.h
+++ b/examples/fips_validation/fips_validation.h
@@ -259,6 +259,9 @@ parse_test_hmac_json_init(void);
 
 int
 parse_test_hmac_json_algorithm(void);
+
+int
+parse_test_cmac_json_init(void);
 #endif /* RTE_HAS_JANSSON */
 
 int
diff --git a/examples/fips_validation/fips_validation_cmac.c b/examples/fips_validation/fips_validation_cmac.c
index 54c951ef83..094e3922a4 100644
--- a/examples/fips_validation/fips_validation_cmac.c
+++ b/examples/fips_validation/fips_validation_cmac.c
@@ -32,6 +32,18 @@
 #define PASS_STR	"P"
 #define FAIL_STR	"F"
 
+#define KLEN_JSON_STR		"keyLen"
+#define PTLEN_JSON_STR		"msgLen"
+#define TAGLEN_JSON_STR		"macLen"
+#define KEY_JSON_STR		"key"
+#define PT_JSON_STR			"message"
+#define TAG_JSON_STR		"mac"
+#define DIRECTION_JSON_STR	"direction"
+#define POS_NEG_JSON_STR	"testPassed"
+
+#define GEN_JSON_STR	"gen"
+#define VERIF_JSON_STR	"ver"
+
 struct hash_algo_conversion {
 	const char *str;
 	enum fips_test_algorithms algo;
@@ -39,6 +51,74 @@ struct hash_algo_conversion {
 		{"AES", FIPS_TEST_ALGO_AES_CMAC},
 };
 
+#ifdef RTE_HAS_JANSSON
+static int
+parser_read_cmac_direction_str(__rte_unused const char *key, char *src,
+		__rte_unused struct fips_val *val)
+{
+	if (strcmp(src, "gen") == 0)
+		info.op = FIPS_TEST_ENC_AUTH_GEN;
+	else if (strcmp(src, "ver") == 0)
+		info.op = FIPS_TEST_DEC_AUTH_VERIF;
+
+	return 0;
+}
+
+struct fips_test_callback cmac_tests_interim_json_vectors[] = {
+		{KLEN_JSON_STR, parser_read_uint32_bit_val, &vec.cipher_auth.key},
+		{PTLEN_JSON_STR, parser_read_uint32_bit_val, &vec.pt},
+		{TAGLEN_JSON_STR, parser_read_uint32_bit_val, &vec.cipher_auth.digest},
+		{DIRECTION_JSON_STR, parser_read_cmac_direction_str, NULL},
+		{NULL, NULL, NULL} /**< end pointer */
+};
+
+struct fips_test_callback cmac_tests_json_vectors[] = {
+		{KEY_JSON_STR, parse_uint8_hex_str, &vec.cipher_auth.key},
+		{PT_JSON_STR, parse_uint8_known_len_hex_str, &vec.pt},
+		{TAG_JSON_STR, parse_uint8_known_len_hex_str,
+				&vec.cipher_auth.digest},
+		{NULL, NULL, NULL} /**< end pointer */
+};
+
+static int
+parse_test_cmac_json_writeback(struct fips_val *val)
+{
+	json_info.json_write_case = json_object();
+	json_object_set(json_info.json_write_case, "tcId",
+		json_object_get(json_info.json_test_case, "tcId"));
+
+	if (info.op == FIPS_TEST_ENC_AUTH_GEN) {
+		struct fips_val tmp_val = {val->val + vec.pt.len,
+				vec.cipher_auth.digest.len};
+
+		writeback_hex_str("", info.one_line_text, &tmp_val);
+		json_object_set_new(json_info.json_write_case, TAG_JSON_STR,
+			json_string(info.one_line_text));
+	} else {
+		if (vec.status == RTE_CRYPTO_OP_STATUS_SUCCESS)
+			json_object_set_new(json_info.json_write_case, POS_NEG_JSON_STR,
+				json_boolean(true));
+		else if (vec.status == RTE_CRYPTO_OP_STATUS_AUTH_FAILED)
+			json_object_set_new(json_info.json_write_case, POS_NEG_JSON_STR,
+				json_boolean(false));
+	}
+
+	return 0;
+}
+
+int
+parse_test_cmac_json_init(void)
+{
+	info.algo = FIPS_TEST_ALGO_AES_CMAC;
+
+	info.parse_writeback = parse_test_cmac_json_writeback;
+	info.callbacks = cmac_tests_json_vectors;
+	info.interim_callbacks = cmac_tests_interim_json_vectors;
+
+	return 0;
+}
+#endif /* RTE_HAS_JANSSON */
+
 static int
 parse_test_cmac_writeback(struct fips_val *val)
 {
-- 
2.25.1


^ permalink raw reply	[flat|nested] 122+ messages in thread

* [v9, 08/10] examples/fips_validation: add parsing for cmac
  2022-05-30 15:52               ` [v9, 00/10] Add JSON vector set support to fips validation Gowrishankar Muthukrishnan
                                   ` (6 preceding siblings ...)
  2022-05-30 15:52                 ` [v9, 07/10] examples/fips_validation: implement json cmac test Gowrishankar Muthukrishnan
@ 2022-05-30 15:52                 ` Gowrishankar Muthukrishnan
  2022-05-30 15:52                 ` [v9, 09/10] examples/fips_validation: add parsing for aes_cbc Gowrishankar Muthukrishnan
                                   ` (3 subsequent siblings)
  11 siblings, 0 replies; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-30 15:52 UTC (permalink / raw)
  To: dev
  Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
	Archana Muniganti, Jerin Jacob, Brandon Lo,
	Gowrishankar Muthukrishnan

From: Brandon Lo <blo@iol.unh.edu>

Added function to parse algorithm for CMAC test.

Signed-off-by: Brandon Lo <blo@iol.unh.edu>
Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
--
v5:
* parser_read_cmac_direction_str implementation moved to static.
---
 examples/fips_validation/fips_validation.c | 19 ++++++++++++++++---
 examples/fips_validation/main.c            |  3 +++
 2 files changed, 19 insertions(+), 3 deletions(-)

diff --git a/examples/fips_validation/fips_validation.c b/examples/fips_validation/fips_validation.c
index e8520f59cf..ab4c0d0eca 100644
--- a/examples/fips_validation/fips_validation.c
+++ b/examples/fips_validation/fips_validation.c
@@ -460,6 +460,8 @@ fips_test_parse_one_json_vector_set(void)
 		info.algo = FIPS_TEST_ALGO_AES_GCM;
 	if (strstr(algo_str, "HMAC"))
 		info.algo = FIPS_TEST_ALGO_HMAC;
+	if (strstr(algo_str, "CMAC"))
+		info.algo = FIPS_TEST_ALGO_AES_CMAC;
 	else
 		return -EINVAL;
 
@@ -470,7 +472,6 @@ int
 fips_test_parse_one_json_group(void)
 {
 	int ret, i;
-	json_int_t val;
 	json_t *param;
 
 	if (info.interim_callbacks) {
@@ -478,8 +479,20 @@ fips_test_parse_one_json_group(void)
 		for (i = 0; info.interim_callbacks[i].key != NULL; i++) {
 			param = json_object_get(json_info.json_test_group,
 					info.interim_callbacks[i].key);
-			val = json_integer_value(param);
-			snprintf(json_value, 255, "%"JSON_INTEGER_FORMAT, val);
+			switch (json_typeof(param)) {
+			case JSON_STRING:
+				snprintf(json_value, 256, "%s", json_string_value(param));
+				break;
+
+			case JSON_INTEGER:
+				snprintf(json_value, 255, "%"JSON_INTEGER_FORMAT,
+						json_integer_value(param));
+				break;
+
+			default:
+				return -EINVAL;
+			}
+
 			/* First argument is blank because the key
 			 * is not included in the string being parsed.
 			 */
diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c
index 2393559d0d..1645fa99e5 100644
--- a/examples/fips_validation/main.c
+++ b/examples/fips_validation/main.c
@@ -1960,6 +1960,9 @@ fips_test_one_test_group(void)
 	case FIPS_TEST_ALGO_HMAC:
 		ret = parse_test_hmac_json_init();
 		break;
+	case FIPS_TEST_ALGO_AES_CMAC:
+		ret = parse_test_cmac_json_init();
+		break;
 	default:
 		return -EINVAL;
 	}
-- 
2.25.1


^ permalink raw reply	[flat|nested] 122+ messages in thread

* [v9, 09/10] examples/fips_validation: add parsing for aes_cbc
  2022-05-30 15:52               ` [v9, 00/10] Add JSON vector set support to fips validation Gowrishankar Muthukrishnan
                                   ` (7 preceding siblings ...)
  2022-05-30 15:52                 ` [v9, 08/10] examples/fips_validation: add parsing for cmac Gowrishankar Muthukrishnan
@ 2022-05-30 15:52                 ` Gowrishankar Muthukrishnan
  2022-05-30 15:52                 ` [v9, 10/10] doc: add notes about acvp validation support Gowrishankar Muthukrishnan
                                   ` (2 subsequent siblings)
  11 siblings, 0 replies; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-30 15:52 UTC (permalink / raw)
  To: dev
  Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
	Archana Muniganti, Jerin Jacob, Gowrishankar Muthukrishnan

Added function to parse algorithm for AES_CBC test.

Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
--
v6:
* fixed local variable initialization in fips_mct_aes_test.
---
 examples/fips_validation/fips_validation.c    |   8 +-
 examples/fips_validation/fips_validation.h    |   4 +
 .../fips_validation/fips_validation_aes.c     | 223 ++++++++++++++++++
 examples/fips_validation/main.c               |  76 ++++--
 4 files changed, 284 insertions(+), 27 deletions(-)

diff --git a/examples/fips_validation/fips_validation.c b/examples/fips_validation/fips_validation.c
index ab4c0d0eca..8cec172a5f 100644
--- a/examples/fips_validation/fips_validation.c
+++ b/examples/fips_validation/fips_validation.c
@@ -120,7 +120,7 @@ fips_test_parse_header(void)
 
 	for (i = 0; i < info.nb_vec_lines; i++) {
 		if (!algo_parsed) {
-			if (strstr(info.vec[i], "AESVS")) {
+			if (strstr(info.vec[i], "AES")) {
 				algo_parsed = 1;
 				info.algo = FIPS_TEST_ALGO_AES;
 				ret = parse_test_aes_init();
@@ -458,10 +458,12 @@ fips_test_parse_one_json_vector_set(void)
 	/* Vector sets contain the algorithm type, and nothing else we need. */
 	if (strstr(algo_str, "AES-GCM"))
 		info.algo = FIPS_TEST_ALGO_AES_GCM;
-	if (strstr(algo_str, "HMAC"))
+	else if (strstr(algo_str, "HMAC"))
 		info.algo = FIPS_TEST_ALGO_HMAC;
-	if (strstr(algo_str, "CMAC"))
+	else if (strstr(algo_str, "CMAC"))
 		info.algo = FIPS_TEST_ALGO_AES_CMAC;
+	else if (strstr(algo_str, "AES-CBC"))
+		info.algo = FIPS_TEST_ALGO_AES;
 	else
 		return -EINVAL;
 
diff --git a/examples/fips_validation/fips_validation.h b/examples/fips_validation/fips_validation.h
index 88cbb0303e..6385ec4d8d 100644
--- a/examples/fips_validation/fips_validation.h
+++ b/examples/fips_validation/fips_validation.h
@@ -103,6 +103,7 @@ enum fips_aesavs_test_types {
 	AESAVS_TYPE_VARTXT,
 	AESAVS_TYPE_MMT,
 	AESAVS_TYPE_MCT,
+	AESAVS_TYPE_AFT,
 };
 
 enum fips_tdes_test_types {
@@ -262,6 +263,9 @@ parse_test_hmac_json_algorithm(void);
 
 int
 parse_test_cmac_json_init(void);
+
+int
+parse_test_aes_json_init(void);
 #endif /* RTE_HAS_JANSSON */
 
 int
diff --git a/examples/fips_validation/fips_validation_aes.c b/examples/fips_validation/fips_validation_aes.c
index b3c5e31f32..8db6f4fa31 100644
--- a/examples/fips_validation/fips_validation_aes.c
+++ b/examples/fips_validation/fips_validation_aes.c
@@ -7,6 +7,7 @@
 #include <stdio.h>
 
 #include <rte_cryptodev.h>
+#include <rte_malloc.h>
 
 #include "fips_validation.h"
 
@@ -25,6 +26,19 @@
 #define OP_ENC_STR	"ENCRYPT"
 #define OP_DEC_STR	"DECRYPT"
 
+#define ALGO_JSON_STR		"algorithm"
+#define TESTTYPE_JSON_STR	"testType"
+#define DIR_JSON_STR		"direction"
+#define KEYLEN_JSON_STR		"keyLen"
+
+#define KEY_JSON_STR	"key"
+#define IV_JSON_STR	"iv"
+#define PT_JSON_STR	"pt"
+#define CT_JSON_STR	"ct"
+
+#define OP_ENC_JSON_STR	"encrypt"
+#define OP_DEC_JSON_STR	"decrypt"
+
 struct {
 	uint32_t type;
 	const char *desc;
@@ -37,6 +51,7 @@ struct {
 		{TDES_VARIABLE_TEXT, "KAT"},
 		{AESAVS_TYPE_MMT, "MMT"},
 		{AESAVS_TYPE_MCT, "MCT"},
+		{AESAVS_TYPE_AFT, "AFT"},
 };
 
 struct aes_test_algo {
@@ -92,6 +107,214 @@ struct fips_test_callback aes_writeback_callbacks[] = {
 		{NULL, NULL, NULL} /**< end pointer */
 };
 
+#ifdef RTE_HAS_JANSSON
+struct fips_test_callback aes_dec_json_vectors[] = {
+		{KEY_JSON_STR, parse_uint8_known_len_hex_str, &vec.cipher_auth.key},
+		{IV_JSON_STR, parse_uint8_hex_str, &vec.iv},
+		{CT_JSON_STR, parse_uint8_hex_str, &vec.ct},
+		{NULL, NULL, NULL} /**< end pointer */
+};
+
+struct fips_test_callback aes_interim_json_vectors[] = {
+		{KEYLEN_JSON_STR, parser_read_uint32_bit_val, &vec.cipher_auth.key},
+		{NULL, NULL, NULL} /**< end pointer */
+};
+
+struct fips_test_callback aes_enc_json_vectors[] = {
+		{KEY_JSON_STR, parse_uint8_known_len_hex_str, &vec.cipher_auth.key},
+		{IV_JSON_STR, parse_uint8_hex_str, &vec.iv},
+		{PT_JSON_STR, parse_uint8_hex_str, &vec.pt},
+		{NULL, NULL, NULL} /**< end pointer */
+};
+
+static int
+parse_test_aes_json_writeback(struct fips_val *val)
+{
+	struct fips_val tmp_val;
+	json_t *tcId;
+
+	tcId = json_object_get(json_info.json_test_case, "tcId");
+
+	json_info.json_write_case = json_object();
+	json_object_set(json_info.json_write_case, "tcId", tcId);
+
+	if (info.op == FIPS_TEST_ENC_AUTH_GEN) {
+		json_t *ct;
+
+		tmp_val.val = val->val;
+		tmp_val.len = vec.pt.len;
+
+		writeback_hex_str("", info.one_line_text, &tmp_val);
+		ct = json_string(info.one_line_text);
+		json_object_set_new(json_info.json_write_case, CT_JSON_STR, ct);
+
+		tmp_val.val = val->val + vec.pt.len;
+		tmp_val.len = val->len - vec.pt.len;
+
+		writeback_hex_str("", info.one_line_text, &tmp_val);
+	} else {
+		if (vec.status == RTE_CRYPTO_OP_STATUS_SUCCESS) {
+			tmp_val.val = val->val;
+			tmp_val.len = vec.ct.len;
+
+			writeback_hex_str("", info.one_line_text, &tmp_val);
+			json_object_set_new(json_info.json_write_case, PT_JSON_STR,
+								json_string(info.one_line_text));
+		} else {
+			json_object_set_new(json_info.json_write_case, "testPassed", json_false());
+		}
+	}
+
+	return 0;
+}
+
+static int
+parse_test_aes_mct_json_writeback(struct fips_val *val)
+{
+	json_t *tcId, *resArr, *res, *ct, *pt, *key, *iv;
+	struct fips_val tmp_val;
+
+	tcId = json_object_get(json_info.json_test_case, "tcId");
+	if (json_info.json_write_case) {
+		json_t *wcId;
+
+		wcId = json_object_get(json_info.json_write_case, "tcId");
+		if (!json_equal(tcId, wcId)) {
+			json_info.json_write_case = json_object();
+			json_object_set(json_info.json_write_case, "tcId", tcId);
+			json_object_set(json_info.json_write_case, "resultsArray", json_array());
+		}
+	} else {
+		json_info.json_write_case = json_object();
+		json_object_set(json_info.json_write_case, "tcId", tcId);
+		json_object_set(json_info.json_write_case, "resultsArray", json_array());
+	}
+
+	resArr = json_object_get(json_info.json_write_case, "resultsArray");
+	if (!json_is_array(resArr))
+		return -EINVAL;
+
+	res = json_object();
+	if (info .op == FIPS_TEST_ENC_AUTH_GEN) {
+		writeback_hex_str("", info.one_line_text, &vec.cipher_auth.key);
+		key = json_string(info.one_line_text);
+		json_object_set_new(res, KEY_JSON_STR, key);
+
+		writeback_hex_str("", info.one_line_text, &val[2]);
+		iv = json_string(info.one_line_text);
+		json_object_set_new(res, IV_JSON_STR, iv);
+
+		writeback_hex_str("", info.one_line_text, &val[1]);
+		pt = json_string(info.one_line_text);
+		json_object_set_new(res, PT_JSON_STR, pt);
+
+		tmp_val.val = val->val;
+		tmp_val.len = vec.pt.len;
+
+		writeback_hex_str("", info.one_line_text, &tmp_val);
+		ct = json_string(info.one_line_text);
+		json_object_set_new(res, CT_JSON_STR, ct);
+
+		tmp_val.val = val->val + vec.pt.len;
+		tmp_val.len = val->len - vec.pt.len;
+
+		writeback_hex_str("", info.one_line_text, &tmp_val);
+	} else {
+		if (vec.status == RTE_CRYPTO_OP_STATUS_SUCCESS) {
+			writeback_hex_str("", info.one_line_text, &vec.cipher_auth.key);
+			key = json_string(info.one_line_text);
+			json_object_set_new(res, KEY_JSON_STR, key);
+
+			writeback_hex_str("", info.one_line_text, &val[2]);
+			iv = json_string(info.one_line_text);
+			json_object_set_new(res, IV_JSON_STR, iv);
+
+			tmp_val.val = val->val;
+			tmp_val.len = vec.ct.len;
+
+			writeback_hex_str("", info.one_line_text, &tmp_val);
+			pt = json_string(info.one_line_text);
+			json_object_set_new(res, PT_JSON_STR, pt);
+
+			writeback_hex_str("", info.one_line_text, &val[1]);
+			ct = json_string(info.one_line_text);
+			json_object_set_new(res, CT_JSON_STR, ct);
+		} else {
+			json_object_set_new(json_info.json_write_case, "testPassed", json_false());
+		}
+	}
+
+	json_array_append_new(resArr, res);
+	return 0;
+}
+
+int
+parse_test_aes_json_init(void)
+{
+	json_t *type_obj = json_object_get(json_info.json_test_group, TESTTYPE_JSON_STR);
+	json_t *algo_obj = json_object_get(json_info.json_vector_set, ALGO_JSON_STR);
+	const char *type_str = json_string_value(type_obj);
+	const char *algo_str = json_string_value(algo_obj);
+	uint32_t i;
+
+	if (json_info.json_test_group) {
+		json_t *direction_obj;
+		const char *direction_str;
+
+		direction_obj = json_object_get(json_info.json_test_group, DIR_JSON_STR);
+		direction_str = json_string_value(direction_obj);
+
+		if (strcmp(direction_str, OP_ENC_JSON_STR) == 0) {
+			info.op = FIPS_TEST_ENC_AUTH_GEN;
+			info.callbacks = aes_enc_json_vectors;
+
+		} else if (strcmp(direction_str, OP_DEC_JSON_STR) == 0) {
+			info.op = FIPS_TEST_DEC_AUTH_VERIF;
+			info.callbacks = aes_dec_json_vectors;
+		} else {
+			return -EINVAL;
+		}
+		info.interim_callbacks = aes_interim_json_vectors;
+	}
+
+	for (i = 0; i < RTE_DIM(aes_test_types); i++)
+		if (strstr(type_str, aes_test_types[i].desc)) {
+			info.interim_info.aes_data.test_type =
+				aes_test_types[i].type;
+			break;
+		}
+
+	if (i >= RTE_DIM(aes_test_types))
+		return -EINVAL;
+
+	switch (info.interim_info.aes_data.test_type) {
+	case AESAVS_TYPE_MCT:
+		info.parse_writeback = parse_test_aes_mct_json_writeback;
+		break;
+	case AESAVS_TYPE_AFT:
+		info.parse_writeback = parse_test_aes_json_writeback;
+		break;
+	default:
+		info.parse_writeback = NULL;
+	}
+
+	if (!info.parse_writeback)
+		return -EINVAL;
+
+	for (i = 0; i < RTE_DIM(algo_con); i++)
+		if (strstr(algo_str, algo_con[i].name)) {
+			info.interim_info.aes_data.cipher_algo =
+				(uint32_t)algo_con[i].algo;
+			break;
+		}
+
+	if (i >= RTE_DIM(algo_con))
+		return -EINVAL;
+
+	return 0;
+}
+#endif /* RTE_HAS_JANSSON */
+
 static int
 parse_test_aes_writeback(struct fips_val *val)
 {
diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c
index 1645fa99e5..332a4110e3 100644
--- a/examples/fips_validation/main.c
+++ b/examples/fips_validation/main.c
@@ -1556,7 +1556,7 @@ fips_mct_aes_test(void)
 #define AES_BLOCK_SIZE	16
 #define AES_EXTERN_ITER	100
 #define AES_INTERN_ITER	1000
-	struct fips_val val = {NULL, 0}, val_key;
+	struct fips_val val[3] = {{NULL, 0},}, val_key,  pt, ct, iv;
 	uint8_t prev_out[AES_BLOCK_SIZE] = {0};
 	uint8_t prev_in[AES_BLOCK_SIZE] = {0};
 	uint32_t i, j, k;
@@ -1565,11 +1565,16 @@ fips_mct_aes_test(void)
 	if (info.interim_info.aes_data.cipher_algo == RTE_CRYPTO_CIPHER_AES_ECB)
 		return fips_mct_aes_ecb_test();
 
+	memset(&pt, 0, sizeof(struct fips_val));
+	memset(&ct, 0, sizeof(struct fips_val));
+	memset(&iv, 0, sizeof(struct fips_val));
 	for (i = 0; i < AES_EXTERN_ITER; i++) {
-		if (i != 0)
-			update_info_vec(i);
+		if (info.file_type != FIPS_TYPE_JSON) {
+			if (i != 0)
+				update_info_vec(i);
 
-		fips_test_write_one_case();
+			fips_test_write_one_case();
+		}
 
 		for (j = 0; j < AES_INTERN_ITER; j++) {
 			ret = fips_run_test();
@@ -1585,7 +1590,7 @@ fips_mct_aes_test(void)
 				return ret;
 			}
 
-			ret = get_writeback_data(&val);
+			ret = get_writeback_data(&val[0]);
 			if (ret < 0)
 				return ret;
 
@@ -1593,24 +1598,39 @@ fips_mct_aes_test(void)
 				memcpy(prev_in, vec.ct.val, AES_BLOCK_SIZE);
 
 			if (j == 0) {
-				memcpy(prev_out, val.val, AES_BLOCK_SIZE);
+				memcpy(prev_out, val[0].val, AES_BLOCK_SIZE);
+				pt.len = vec.pt.len;
+				pt.val = calloc(1, pt.len);
+				memcpy(pt.val, vec.pt.val, pt.len);
+
+				ct.len = vec.ct.len;
+				ct.val = calloc(1, ct.len);
+				memcpy(ct.val, vec.ct.val, ct.len);
+
+				iv.len = vec.iv.len;
+				iv.val = calloc(1, iv.len);
+				memcpy(iv.val, vec.iv.val, iv.len);
 
 				if (info.op == FIPS_TEST_ENC_AUTH_GEN) {
-					memcpy(vec.pt.val, vec.iv.val,
-							AES_BLOCK_SIZE);
-					memcpy(vec.iv.val, val.val,
-							AES_BLOCK_SIZE);
+					memcpy(vec.pt.val, vec.iv.val, AES_BLOCK_SIZE);
+					memcpy(vec.iv.val, val[0].val, AES_BLOCK_SIZE);
+					val[1].val = pt.val;
+					val[1].len = pt.len;
+					val[2].val = iv.val;
+					val[2].len = iv.len;
 				} else {
-					memcpy(vec.ct.val, vec.iv.val,
-							AES_BLOCK_SIZE);
-					memcpy(vec.iv.val, prev_in,
-							AES_BLOCK_SIZE);
+					memcpy(vec.ct.val, vec.iv.val, AES_BLOCK_SIZE);
+					memcpy(vec.iv.val, prev_in, AES_BLOCK_SIZE);
+					val[1].val = ct.val;
+					val[1].len = ct.len;
+					val[2].val = iv.val;
+					val[2].len = iv.len;
 				}
 				continue;
 			}
 
 			if (info.op == FIPS_TEST_ENC_AUTH_GEN) {
-				memcpy(vec.iv.val, val.val, AES_BLOCK_SIZE);
+				memcpy(vec.iv.val, val[0].val, AES_BLOCK_SIZE);
 				memcpy(vec.pt.val, prev_out, AES_BLOCK_SIZE);
 			} else {
 				memcpy(vec.iv.val, prev_in, AES_BLOCK_SIZE);
@@ -1620,33 +1640,38 @@ fips_mct_aes_test(void)
 			if (j == AES_INTERN_ITER - 1)
 				continue;
 
-			memcpy(prev_out, val.val, AES_BLOCK_SIZE);
+			memcpy(prev_out, val[0].val, AES_BLOCK_SIZE);
 		}
 
-		info.parse_writeback(&val);
-		fprintf(info.fp_wr, "\n");
+		info.parse_writeback(val);
+		if (info.file_type != FIPS_TYPE_JSON)
+			fprintf(info.fp_wr, "\n");
 
-		if (i == AES_EXTERN_ITER - 1)
+		if (i == AES_EXTERN_ITER - 1) {
+			free(pt.val);
+			free(ct.val);
+			free(iv.val);
 			continue;
+		}
 
 		/** update key */
 		memcpy(&val_key, &vec.cipher_auth.key, sizeof(val_key));
 		for (k = 0; k < vec.cipher_auth.key.len; k++) {
 			switch (vec.cipher_auth.key.len) {
 			case 16:
-				val_key.val[k] ^= val.val[k];
+				val_key.val[k] ^= val[0].val[k];
 				break;
 			case 24:
 				if (k < 8)
 					val_key.val[k] ^= prev_out[k + 8];
 				else
-					val_key.val[k] ^= val.val[k - 8];
+					val_key.val[k] ^= val[0].val[k - 8];
 				break;
 			case 32:
 				if (k < 16)
 					val_key.val[k] ^= prev_out[k];
 				else
-					val_key.val[k] ^= val.val[k - 16];
+					val_key.val[k] ^= val[0].val[k - 16];
 				break;
 			default:
 				return -1;
@@ -1654,10 +1679,10 @@ fips_mct_aes_test(void)
 		}
 
 		if (info.op == FIPS_TEST_DEC_AUTH_VERIF)
-			memcpy(vec.iv.val, val.val, AES_BLOCK_SIZE);
+			memcpy(vec.iv.val, val[0].val, AES_BLOCK_SIZE);
 	}
 
-	free(val.val);
+	free(val[0].val);
 
 	return 0;
 }
@@ -1963,6 +1988,9 @@ fips_test_one_test_group(void)
 	case FIPS_TEST_ALGO_AES_CMAC:
 		ret = parse_test_cmac_json_init();
 		break;
+	case FIPS_TEST_ALGO_AES:
+		ret = parse_test_aes_json_init();
+		break;
 	default:
 		return -EINVAL;
 	}
-- 
2.25.1


^ permalink raw reply	[flat|nested] 122+ messages in thread

* [v9, 10/10] doc: add notes about acvp validation support
  2022-05-30 15:52               ` [v9, 00/10] Add JSON vector set support to fips validation Gowrishankar Muthukrishnan
                                   ` (8 preceding siblings ...)
  2022-05-30 15:52                 ` [v9, 09/10] examples/fips_validation: add parsing for aes_cbc Gowrishankar Muthukrishnan
@ 2022-05-30 15:52                 ` Gowrishankar Muthukrishnan
  2022-05-31 10:17                 ` [v9, 00/10] Add JSON vector set support to fips validation Poczatek, Jakub
  2022-05-31 12:36                 ` Zhang, Roy Fan
  11 siblings, 0 replies; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-30 15:52 UTC (permalink / raw)
  To: dev
  Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
	Archana Muniganti, Jerin Jacob, Gowrishankar Muthukrishnan

Add notes on algorithms supported for ACVP validation.

Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
---
 doc/guides/sample_app_ug/fips_validation.rst | 30 +++++++++++++++-----
 1 file changed, 23 insertions(+), 7 deletions(-)

diff --git a/doc/guides/sample_app_ug/fips_validation.rst b/doc/guides/sample_app_ug/fips_validation.rst
index 39baea3346..43190bb696 100644
--- a/doc/guides/sample_app_ug/fips_validation.rst
+++ b/doc/guides/sample_app_ug/fips_validation.rst
@@ -12,19 +12,22 @@ developed by the United States federal government for use in computer systems by
 non-military government agencies and government contractors.
 
 This application is used to parse and perform symmetric cryptography
-computation to the NIST Cryptographic Algorithm Validation Program (CAVP) test
-vectors.
+computation to the NIST Cryptographic Algorithm Validation Program (CAVP) and
+Automated Crypto Validation Protocol (ACVP) test vectors.
 
 For an algorithm implementation to be listed on a cryptographic module
 validation certificate as an Approved security function, the algorithm
-implementation must meet all the requirements of FIPS 140-2 and must
-successfully complete the cryptographic algorithm validation process.
+implementation must meet all the requirements of FIPS 140-2 (in case of CAVP)
+and FIPS 140-3 (in case of ACVP) and must successfully complete the
+cryptographic algorithm validation process.
 
 Limitations
 -----------
 
-* Only NIST CAVP request files are parsed by this application.
-* The version of request file supported is ``CAVS 21.0``
+CAVP
+----
+
+* The version of request file supported is ``CAVS 21.0``.
 * If the header comment in a ``.req`` file does not contain a Algo tag
   i.e ``AES,TDES,GCM`` you need to manually add it into the header comment for
   example::
@@ -32,7 +35,7 @@ Limitations
       # VARIABLE KEY - KAT for CBC / # TDES VARIABLE KEY - KAT for CBC
 
 * The application does not supply the test vectors. The user is expected to
-  obtain the test vector files from `NIST
+  obtain the test vector files from `CAVP
   <https://csrc.nist.gov/projects/cryptographic-algorithm-validation-
   program/block-ciphers>`_ website. To obtain the ``.req`` files you need to
   email a person from the NIST website and pay for the ``.req`` files.
@@ -48,6 +51,19 @@ Limitations
     * TDES-CBC (1 Key, 2 Keys, 3 Keys) - MMT, Monte, Permop, Subkey, Varkey,
       VarText
 
+ACVP
+----
+
+* The application does not supply the test vectors. The user is expected to
+  obtain the test vector files from `ACVP  <https://pages.nist.gov/ACVP>`_
+  website.
+* Supported test vectors
+    * AES-CBC (128,192,256) - AFT, MCT
+    * AES-GCM (128,192,256) - AFT
+    * AES-CMAC (128,192,256) - AFT
+    * HMAC (SHA1, SHA224, SHA256, SHA384, SHA512)
+
+
 Application Information
 -----------------------
 
-- 
2.25.1


^ permalink raw reply	[flat|nested] 122+ messages in thread

* RE: [v9, 00/10] Add JSON vector set support to fips validation
  2022-05-30 15:52               ` [v9, 00/10] Add JSON vector set support to fips validation Gowrishankar Muthukrishnan
                                   ` (9 preceding siblings ...)
  2022-05-30 15:52                 ` [v9, 10/10] doc: add notes about acvp validation support Gowrishankar Muthukrishnan
@ 2022-05-31 10:17                 ` Poczatek, Jakub
  2022-05-31 12:36                 ` Zhang, Roy Fan
  11 siblings, 0 replies; 122+ messages in thread
From: Poczatek, Jakub @ 2022-05-31 10:17 UTC (permalink / raw)
  To: Gowrishankar Muthukrishnan, dev
  Cc: Zhang, Roy Fan, Dooley, Brian, lylavoie, Anoob Joseph,
	Archana Muniganti, Jerin Jacob

Hey everyone, 

FIPS-140-2 tested and passed. 

Tested-by: Jakub Poczatek <Jakub.poczatek@intel.com>

-----Original Message-----
From: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com> 
Sent: Monday 30 May 2022 16:53
To: dev@dpdk.org
Cc: Zhang, Roy Fan <roy.fan.zhang@intel.com>; Dooley, Brian <brian.dooley@intel.com>; lylavoie@iol.unh.edu; Anoob Joseph <anoobj@marvell.com>; Archana Muniganti <marchana@marvell.com>; Jerin Jacob <jerinj@marvell.com>; Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
Subject: [v9, 00/10] Add JSON vector set support to fips validation

Adds a very basic introduction to JSON vector sets in the fips validation example application. This patch set will only introduce the AES-GCM test using a JSON request file because the other algorithms need more information than what is given in the new JSON format.

v9:
* doc update.

v8:
* Fixed overlapped places for FIPS 140-2 test vectors.

v7:
* Fixed individual patches to build correctly.

v6:
* CI centos platform fix.

v5:
* AES_CBC support appended in series.

Brandon Lo (8):
  examples/fips_validation: add jansson dependency
  examples/fips_validation: add json info to header
  examples/fips_validation: add json parsing
  examples/fips_validation: allow json file as input
  examples/fips_validation: add json to gcm test
  examples/fips_validation: add json to hmac
  examples/fips_validation: implement json cmac test
  examples/fips_validation: add parsing for cmac

Gowrishankar Muthukrishnan (2):
  examples/fips_validation: add parsing for aes_cbc
  doc: add notes about acvp validation support

 doc/guides/sample_app_ug/fips_validation.rst  |  30 +-
 examples/fips_validation/fips_validation.c    | 117 ++++++-
 examples/fips_validation/fips_validation.h    |  64 +++-
 .../fips_validation/fips_validation_aes.c     | 223 +++++++++++++
 .../fips_validation/fips_validation_cmac.c    |  80 +++++
 .../fips_validation/fips_validation_gcm.c     | 152 ++++++++-
 .../fips_validation/fips_validation_hmac.c    |  93 ++++++
 examples/fips_validation/main.c               | 295 ++++++++++++++++--
 examples/fips_validation/meson.build          |   4 +
 9 files changed, 1015 insertions(+), 43 deletions(-)

--
2.25.1


^ permalink raw reply	[flat|nested] 122+ messages in thread

* RE: [v9, 00/10] Add JSON vector set support to fips validation
  2022-05-30 15:52               ` [v9, 00/10] Add JSON vector set support to fips validation Gowrishankar Muthukrishnan
                                   ` (10 preceding siblings ...)
  2022-05-31 10:17                 ` [v9, 00/10] Add JSON vector set support to fips validation Poczatek, Jakub
@ 2022-05-31 12:36                 ` Zhang, Roy Fan
  2022-05-31 15:23                   ` Akhil Goyal
  11 siblings, 1 reply; 122+ messages in thread
From: Zhang, Roy Fan @ 2022-05-31 12:36 UTC (permalink / raw)
  To: Gowrishankar Muthukrishnan, dev
  Cc: Dooley, Brian, lylavoie, Anoob Joseph, Archana Muniganti, Jerin Jacob

> -----Original Message-----
> From: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
> Sent: Monday, May 30, 2022 4:53 PM
> To: dev@dpdk.org
> Cc: Zhang, Roy Fan <roy.fan.zhang@intel.com>; Dooley, Brian
> <brian.dooley@intel.com>; lylavoie@iol.unh.edu; Anoob Joseph
> <anoobj@marvell.com>; Archana Muniganti <marchana@marvell.com>;
> Jerin Jacob <jerinj@marvell.com>; Gowrishankar Muthukrishnan
> <gmuthukrishn@marvell.com>
> Subject: [v9, 00/10] Add JSON vector set support to fips validation
> 
> Adds a very basic introduction to JSON vector sets in
> the fips validation example application. This patch set
> will only introduce the AES-GCM test using a JSON request
> file because the other algorithms need more information
> than what is given in the new JSON format.
> 
Series-acked-by: Fan Zhang <roy.fan.zhang@intel.com>

^ permalink raw reply	[flat|nested] 122+ messages in thread

* RE: [v9, 00/10] Add JSON vector set support to fips validation
  2022-05-31 12:36                 ` Zhang, Roy Fan
@ 2022-05-31 15:23                   ` Akhil Goyal
  2022-06-07  9:48                     ` David Marchand
  0 siblings, 1 reply; 122+ messages in thread
From: Akhil Goyal @ 2022-05-31 15:23 UTC (permalink / raw)
  To: Zhang, Roy Fan, Gowrishankar Muthukrishnan, dev
  Cc: Dooley, Brian, lylavoie, Anoob Joseph, Archana Muniganti,
	Jerin Jacob Kollanukkaran

> > Subject: [v9, 00/10] Add JSON vector set support to fips validation
> >
> > Adds a very basic introduction to JSON vector sets in
> > the fips validation example application. This patch set
> > will only introduce the AES-GCM test using a JSON request
> > file because the other algorithms need more information
> > than what is given in the new JSON format.
> >
> Series-acked-by: Fan Zhang <roy.fan.zhang@intel.com>

Series Applied to dpdk-next-crypto

Thanks.

^ permalink raw reply	[flat|nested] 122+ messages in thread

* Re: [v9, 00/10] Add JSON vector set support to fips validation
  2022-05-31 15:23                   ` Akhil Goyal
@ 2022-06-07  9:48                     ` David Marchand
  2022-06-13 11:58                       ` David Marchand
  0 siblings, 1 reply; 122+ messages in thread
From: David Marchand @ 2022-06-07  9:48 UTC (permalink / raw)
  To: Akhil Goyal, Gowrishankar Muthukrishnan
  Cc: Zhang, Roy Fan, dev, Dooley, Brian, lylavoie, Anoob Joseph,
	Archana Muniganti, Jerin Jacob Kollanukkaran

On Tue, May 31, 2022 at 5:23 PM Akhil Goyal <gakhil@marvell.com> wrote:
>
> > > Subject: [v9, 00/10] Add JSON vector set support to fips validation
> > >
> > > Adds a very basic introduction to JSON vector sets in
> > > the fips validation example application. This patch set
> > > will only introduce the AES-GCM test using a JSON request
> > > file because the other algorithms need more information
> > > than what is given in the new JSON format.
> > >
> > Series-acked-by: Fan Zhang <roy.fan.zhang@intel.com>
>
> Series Applied to dpdk-next-crypto

This series breaks compiling the fips example out of DPDK.

## Building fips_validation
/usr/bin/ld: /tmp/ccQjeHBg.o: in function `fips_test_init':
fips_validation.c:(.text+0x7ab): undefined reference to `json_loadf'
/usr/bin/ld: /tmp/ccQjeHBg.o: in function `fips_test_parse_one_json_vector_set':
fips_validation.c:(.text+0xc2e): undefined reference to `json_object_get'
/usr/bin/ld: fips_validation.c:(.text+0xc36): undefined reference to
`json_string_value'
/usr/bin/ld: /tmp/ccQjeHBg.o: in function `fips_test_parse_one_json_group':
fips_validation.c:(.text+0xd00): undefined reference to `json_object_get'
/usr/bin/ld: fips_validation.c:(.text+0xd14): undefined reference to
`json_integer_value'
etc...

I'll send a fix.

-- 
David Marchand


^ permalink raw reply	[flat|nested] 122+ messages in thread

* Re: [v9, 00/10] Add JSON vector set support to fips validation
  2022-06-07  9:48                     ` David Marchand
@ 2022-06-13 11:58                       ` David Marchand
  2022-06-21  7:28                         ` [EXT] " Gowrishankar Muthukrishnan
  0 siblings, 1 reply; 122+ messages in thread
From: David Marchand @ 2022-06-13 11:58 UTC (permalink / raw)
  To: Gowrishankar Muthukrishnan, Zhang, Roy Fan, Akhil Goyal
  Cc: dev, Dooley, Brian, lylavoie, Anoob Joseph, Archana Muniganti,
	Jerin Jacob Kollanukkaran

On Tue, Jun 7, 2022 at 11:48 AM David Marchand
<david.marchand@redhat.com> wrote:
> On Tue, May 31, 2022 at 5:23 PM Akhil Goyal <gakhil@marvell.com> wrote:
> >
> > > > Subject: [v9, 00/10] Add JSON vector set support to fips validation
> > > >
> > > > Adds a very basic introduction to JSON vector sets in
> > > > the fips validation example application. This patch set
> > > > will only introduce the AES-GCM test using a JSON request
> > > > file because the other algorithms need more information
> > > > than what is given in the new JSON format.
> > > >
> > > Series-acked-by: Fan Zhang <roy.fan.zhang@intel.com>
> >
> > Series Applied to dpdk-next-crypto
>
> This series breaks compiling the fips example out of DPDK.

Gowri, Fan, Akhil,

I disabled compilation checks for this example on my side.
Can you look into this?

Thanks.

-- 
David Marchand


^ permalink raw reply	[flat|nested] 122+ messages in thread

* RE: [EXT] Re: [v9, 00/10] Add JSON vector set support to fips validation
  2022-06-13 11:58                       ` David Marchand
@ 2022-06-21  7:28                         ` Gowrishankar Muthukrishnan
  2022-06-21  7:36                           ` David Marchand
  0 siblings, 1 reply; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-06-21  7:28 UTC (permalink / raw)
  To: David Marchand, Zhang, Roy Fan, Akhil Goyal
  Cc: dev, Dooley, Brian, lylavoie, Anoob Joseph, Archana Muniganti,
	Jerin Jacob Kollanukkaran

Hi David,
Do you mean this patch ? - https://patches.dpdk.org/project/dpdk/patch/20220607100203.1611166-1-david.marchand@redhat.com/
I have acked this. @Akhil Goyal could this be merged ?.

Thanks,
Gowrishankar

> -----Original Message-----
> From: David Marchand <david.marchand@redhat.com>
> Sent: Monday, June 13, 2022 5:29 PM
> To: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>; Zhang, Roy
> Fan <roy.fan.zhang@intel.com>; Akhil Goyal <gakhil@marvell.com>
> Cc: dev@dpdk.org; Dooley, Brian <brian.dooley@intel.com>;
> lylavoie@iol.unh.edu; Anoob Joseph <anoobj@marvell.com>; Archana
> Muniganti <marchana@marvell.com>; Jerin Jacob Kollanukkaran
> <jerinj@marvell.com>
> Subject: [EXT] Re: [v9, 00/10] Add JSON vector set support to fips validation
> 
> External Email
> 
> ----------------------------------------------------------------------
> On Tue, Jun 7, 2022 at 11:48 AM David Marchand
> <david.marchand@redhat.com> wrote:
> > On Tue, May 31, 2022 at 5:23 PM Akhil Goyal <gakhil@marvell.com> wrote:
> > >
> > > > > Subject: [v9, 00/10] Add JSON vector set support to fips
> > > > > validation
> > > > >
> > > > > Adds a very basic introduction to JSON vector sets in the fips
> > > > > validation example application. This patch set will only
> > > > > introduce the AES-GCM test using a JSON request file because the
> > > > > other algorithms need more information than what is given in the
> > > > > new JSON format.
> > > > >
> > > > Series-acked-by: Fan Zhang <roy.fan.zhang@intel.com>
> > >
> > > Series Applied to dpdk-next-crypto
> >
> > This series breaks compiling the fips example out of DPDK.
> 
> Gowri, Fan, Akhil,
> 
> I disabled compilation checks for this example on my side.
> Can you look into this?
> 
> Thanks.
> 
> --
> David Marchand


^ permalink raw reply	[flat|nested] 122+ messages in thread

* Re: [EXT] Re: [v9, 00/10] Add JSON vector set support to fips validation
  2022-06-21  7:28                         ` [EXT] " Gowrishankar Muthukrishnan
@ 2022-06-21  7:36                           ` David Marchand
  2022-06-21  7:40                             ` Akhil Goyal
  0 siblings, 1 reply; 122+ messages in thread
From: David Marchand @ 2022-06-21  7:36 UTC (permalink / raw)
  To: Gowrishankar Muthukrishnan
  Cc: Zhang, Roy Fan, Akhil Goyal, dev, Dooley, Brian, lylavoie,
	Anoob Joseph, Archana Muniganti, Jerin Jacob Kollanukkaran

Hello,

On Tue, Jun 21, 2022 at 9:29 AM Gowrishankar Muthukrishnan
<gmuthukrishn@marvell.com> wrote:
> Do you mean this patch ? - https://patches.dpdk.org/project/dpdk/patch/20220607100203.1611166-1-david.marchand@redhat.com/
> I have acked this. @Akhil Goyal could this be merged ?.

Indeed, I had forgotten about it.
Akhil, please take it for rc2.


-- 
David Marchand


^ permalink raw reply	[flat|nested] 122+ messages in thread

* RE: [EXT] Re: [v9, 00/10] Add JSON vector set support to fips validation
  2022-06-21  7:36                           ` David Marchand
@ 2022-06-21  7:40                             ` Akhil Goyal
  2022-06-21  7:41                               ` David Marchand
  0 siblings, 1 reply; 122+ messages in thread
From: Akhil Goyal @ 2022-06-21  7:40 UTC (permalink / raw)
  To: David Marchand, Gowrishankar Muthukrishnan
  Cc: Zhang, Roy Fan, dev, Dooley, Brian, lylavoie, Anoob Joseph,
	Archana Muniganti, Jerin Jacob Kollanukkaran

> Hello,
> 
> On Tue, Jun 21, 2022 at 9:29 AM Gowrishankar Muthukrishnan
> <gmuthukrishn@marvell.com> wrote:
> > Do you mean this patch ? - https://patches.dpdk.org/project/dpdk/patch/20220607100203.1611166-1-david.marchand@redhat.com/
> > I have acked this. @Akhil Goyal could this be merged ?.
> 
> Indeed, I had forgotten about it.
> Akhil, please take it for rc2.
Sure, this patch was not delegated to me, so I did not notice this.
I will take it for RC2

^ permalink raw reply	[flat|nested] 122+ messages in thread

* Re: [EXT] Re: [v9, 00/10] Add JSON vector set support to fips validation
  2022-06-21  7:40                             ` Akhil Goyal
@ 2022-06-21  7:41                               ` David Marchand
  0 siblings, 0 replies; 122+ messages in thread
From: David Marchand @ 2022-06-21  7:41 UTC (permalink / raw)
  To: Akhil Goyal
  Cc: Gowrishankar Muthukrishnan, Zhang, Roy Fan, dev, Dooley, Brian,
	lylavoie, Anoob Joseph, Archana Muniganti,
	Jerin Jacob Kollanukkaran

On Tue, Jun 21, 2022 at 9:40 AM Akhil Goyal <gakhil@marvell.com> wrote:
> > > Do you mean this patch ? - https://patches.dpdk.org/project/dpdk/patch/20220607100203.1611166-1-david.marchand@redhat.com/
> > > I have acked this. @Akhil Goyal could this be merged ?.
> >
> > Indeed, I had forgotten about it.
> > Akhil, please take it for rc2.
> Sure, this patch was not delegated to me, so I did not notice this.
> I will take it for RC2

Thanks Akhil.


-- 
David Marchand


^ permalink raw reply	[flat|nested] 122+ messages in thread

end of thread, other threads:[~2022-06-21  7:42 UTC | newest]

Thread overview: 122+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-01-27 14:51 [PATCH 0/5] Add JSON vector set support to fips validation Brandon Lo
2022-01-27 14:51 ` [PATCH 1/5] examples/fips_validation: add jansson dependency Brandon Lo
2022-01-27 14:51 ` [PATCH 2/5] examples/fips_validation: add json info to header Brandon Lo
2022-01-27 14:51 ` [PATCH 3/5] examples/fips_validation: add json parsing Brandon Lo
2022-01-27 14:51 ` [PATCH 4/5] examples/fips_validation: allow json file as input Brandon Lo
2022-01-27 14:51 ` [PATCH 5/5] examples/fips_validation: add json to gcm test Brandon Lo
2022-01-29 17:03 ` [PATCH v2 0/5] Add JSON vector set support to fips validation Brandon Lo
2022-01-29 17:03   ` [PATCH v2 1/5] examples/fips_validation: add jansson dependency Brandon Lo
2022-01-29 17:03   ` [PATCH v2 2/5] examples/fips_validation: add json info to header Brandon Lo
2022-01-29 17:03   ` [PATCH v2 3/5] examples/fips_validation: add json parsing Brandon Lo
2022-01-29 17:03   ` [PATCH v2 4/5] examples/fips_validation: allow json file as input Brandon Lo
2022-01-29 17:03   ` [PATCH v2 5/5] examples/fips_validation: add json to gcm test Brandon Lo
2022-01-29 17:55   ` [PATCH v3 0/5] Add JSON vector set support to fips validation Brandon Lo
2022-01-29 17:55     ` [PATCH v3 1/5] examples/fips_validation: add jansson dependency Brandon Lo
2022-01-29 17:55     ` [PATCH v3 2/5] examples/fips_validation: add json info to header Brandon Lo
2022-01-29 17:55     ` [PATCH v3 3/5] examples/fips_validation: add json parsing Brandon Lo
2022-01-29 17:55     ` [PATCH v3 4/5] examples/fips_validation: allow json file as input Brandon Lo
2022-01-29 17:55     ` [PATCH v3 5/5] examples/fips_validation: add json to gcm test Brandon Lo
2022-02-02 15:15     ` [PATCH v3 0/5] Add JSON vector set support to fips validation Brandon Lo
     [not found]       ` <MN2PR11MB382152E7C1DAFD68066264DEE62F9@MN2PR11MB3821.namprd11.prod.outlook.com>
     [not found]         ` <CAOeXdvZFkEUn-e2Reo3xg519qWpGq-UbYFhJqVeEMcXVxK7+YQ@mail.gmail.com>
     [not found]           ` <CAOeXdvZ4nBudX+bMdRASaLp=c955vUHi1Z-geUC6gFvE__2ozg@mail.gmail.com>
     [not found]             ` <CAOeXdvZbwW2tP-vyELRJza_imjjRm-JNYu+c4=-y2VtigqNg5A@mail.gmail.com>
2022-04-14 13:41               ` Brandon Lo
2022-04-21  8:02                 ` [EXT] " Gowrishankar Muthukrishnan
2022-04-26 14:30                   ` Brandon Lo
2022-02-08 21:48     ` [EXT] " Akhil Goyal
2022-04-29 16:15     ` [PATCH v4 0/8] " Brandon Lo
2022-04-29 16:15       ` [PATCH v4 1/8] examples/fips_validation: add jansson dependency Brandon Lo
2022-05-18 15:44         ` [EXT] " Gowrishankar Muthukrishnan
2022-04-29 16:15       ` [PATCH v4 2/8] examples/fips_validation: add json info to header Brandon Lo
2022-05-18 15:44         ` [EXT] " Gowrishankar Muthukrishnan
2022-04-29 16:15       ` [PATCH v4 3/8] examples/fips_validation: add json parsing Brandon Lo
2022-05-18 15:45         ` [EXT] " Gowrishankar Muthukrishnan
2022-04-29 16:15       ` [PATCH v4 4/8] examples/fips_validation: allow json file as input Brandon Lo
2022-05-18 15:45         ` [EXT] " Gowrishankar Muthukrishnan
2022-05-19  5:30         ` Gowrishankar Muthukrishnan
2022-05-19  9:12           ` Gowrishankar Muthukrishnan
2022-04-29 16:15       ` [PATCH v4 5/8] examples/fips_validation: add json to gcm test Brandon Lo
2022-05-18 15:45         ` [EXT] " Gowrishankar Muthukrishnan
2022-04-29 16:15       ` [PATCH v4 6/8] examples/fips_validation: add json to hmac Brandon Lo
2022-05-18 15:45         ` [EXT] " Gowrishankar Muthukrishnan
2022-04-29 16:15       ` [PATCH v4 7/8] examples/fips_validation: implement json cmac test Brandon Lo
2022-05-18 15:46         ` [EXT] " Gowrishankar Muthukrishnan
2022-04-29 16:15       ` [PATCH v4 8/8] examples/fips_validation: add parsing for cmac Brandon Lo
2022-05-18 15:46         ` [EXT] " Gowrishankar Muthukrishnan
2022-05-19  5:31         ` Gowrishankar Muthukrishnan
2022-05-19  9:11           ` Gowrishankar Muthukrishnan
2022-04-29 16:19       ` [PATCH v4 0/8] Add JSON vector set support to fips validation Brandon Lo
2022-05-25 15:45       ` [v5, 00/11] " Gowrishankar Muthukrishnan
2022-05-25 15:45         ` [v5, 01/11] examples/fips_validation: add jansson dependency Gowrishankar Muthukrishnan
2022-05-25 15:45         ` [v5, 02/11] examples/fips_validation: add json info to header Gowrishankar Muthukrishnan
2022-05-25 15:45         ` [v5, 03/11] examples/fips_validation: add json parsing Gowrishankar Muthukrishnan
2022-05-25 15:45         ` [v5, 04/11] examples/fips_validation: allow json file as input Gowrishankar Muthukrishnan
2022-05-25 15:45         ` [v5, 05/11] examples/fips_validation: add json to gcm test Gowrishankar Muthukrishnan
2022-05-25 15:45         ` [v5, 06/11] examples/fips_validation: add json to hmac Gowrishankar Muthukrishnan
2022-05-25 15:45         ` [v5, 07/11] examples/fips_validation: implement json cmac test Gowrishankar Muthukrishnan
2022-05-25 15:45         ` [v5, 08/11] examples/fips_validation: add parsing for cmac Gowrishankar Muthukrishnan
2022-05-25 15:45         ` [v5, 09/11] examples/fips_validation: cleanup bypass tests in response file Gowrishankar Muthukrishnan
2022-05-25 15:45         ` [v5, 10/11] examples/fips_validation: reset IV generation in every test group Gowrishankar Muthukrishnan
2022-05-25 15:45         ` [v5, 11/11] examples/fips_validation: add parsing for aes_cbc Gowrishankar Muthukrishnan
2022-05-25 17:08           ` [v5,11/11] " Gowrishankar Muthukrishnan
2022-05-25 17:13         ` [v6, 00/11] Add JSON vector set support to fips validation Gowrishankar Muthukrishnan
2022-05-25 17:13           ` [v6, 01/11] examples/fips_validation: add jansson dependency Gowrishankar Muthukrishnan
2022-05-25 17:13           ` [v6, 02/11] examples/fips_validation: add json info to header Gowrishankar Muthukrishnan
2022-05-25 17:13           ` [v6, 03/11] examples/fips_validation: add json parsing Gowrishankar Muthukrishnan
2022-05-25 17:13           ` [v6, 04/11] examples/fips_validation: allow json file as input Gowrishankar Muthukrishnan
2022-05-25 17:13           ` [v6, 05/11] examples/fips_validation: add json to gcm test Gowrishankar Muthukrishnan
2022-05-25 17:13           ` [v6, 06/11] examples/fips_validation: add json to hmac Gowrishankar Muthukrishnan
2022-05-25 17:13           ` [v6, 07/11] examples/fips_validation: implement json cmac test Gowrishankar Muthukrishnan
2022-05-25 17:13           ` [v6, 08/11] examples/fips_validation: add parsing for cmac Gowrishankar Muthukrishnan
2022-05-25 17:13           ` [v6, 09/11] examples/fips_validation: cleanup bypass tests in response file Gowrishankar Muthukrishnan
2022-05-25 17:13           ` [v6, 10/11] examples/fips_validation: reset IV generation in every test group Gowrishankar Muthukrishnan
2022-05-25 17:13           ` [v6, 11/11] examples/fips_validation: add parsing for aes_cbc Gowrishankar Muthukrishnan
2022-05-26  6:46           ` [EXT] [v6, 00/11] Add JSON vector set support to fips validation Akhil Goyal
2022-05-26  8:02           ` [v7, " Gowrishankar Muthukrishnan
2022-05-26  8:02             ` [v7, 01/11] examples/fips_validation: add jansson dependency Gowrishankar Muthukrishnan
2022-05-26  9:46               ` Zhang, Roy Fan
2022-05-26  8:02             ` [v7, 02/11] examples/fips_validation: add json info to header Gowrishankar Muthukrishnan
2022-05-26  9:46               ` Zhang, Roy Fan
2022-05-26  8:02             ` [v7, 03/11] examples/fips_validation: add json parsing Gowrishankar Muthukrishnan
2022-05-26  9:47               ` Zhang, Roy Fan
2022-05-26  8:02             ` [v7, 04/11] examples/fips_validation: allow json file as input Gowrishankar Muthukrishnan
2022-05-26  9:48               ` Zhang, Roy Fan
2022-05-26  8:02             ` [v7, 05/11] examples/fips_validation: add json to gcm test Gowrishankar Muthukrishnan
2022-05-26  9:49               ` Zhang, Roy Fan
2022-05-26  8:02             ` [v7, 06/11] examples/fips_validation: add json to hmac Gowrishankar Muthukrishnan
2022-05-26  9:49               ` Zhang, Roy Fan
2022-05-26  8:02             ` [v7, 07/11] examples/fips_validation: implement json cmac test Gowrishankar Muthukrishnan
2022-05-26  9:49               ` Zhang, Roy Fan
2022-05-26  8:02             ` [v7, 08/11] examples/fips_validation: add parsing for cmac Gowrishankar Muthukrishnan
2022-05-26  9:50               ` Zhang, Roy Fan
2022-05-26  8:02             ` [v7, 09/11] examples/fips_validation: cleanup bypass tests in response file Gowrishankar Muthukrishnan
2022-05-26  8:02             ` [v7, 10/11] examples/fips_validation: reset IV generation in every test group Gowrishankar Muthukrishnan
2022-05-26  8:02             ` [v7, 11/11] examples/fips_validation: add parsing for aes_cbc Gowrishankar Muthukrishnan
2022-05-30 12:23             ` [v8, 00/10] Add JSON vector set support to fips validation Gowrishankar Muthukrishnan
2022-05-30 12:23               ` [v8, 01/10] examples/fips_validation: add jansson dependency Gowrishankar Muthukrishnan
2022-05-30 12:23               ` [v8, 02/10] examples/fips_validation: add json info to header Gowrishankar Muthukrishnan
2022-05-30 12:23               ` [v8, 03/10] examples/fips_validation: add json parsing Gowrishankar Muthukrishnan
2022-05-30 12:23               ` [v8, 04/10] examples/fips_validation: allow json file as input Gowrishankar Muthukrishnan
2022-05-30 12:23               ` [v8, 05/10] examples/fips_validation: add json to gcm test Gowrishankar Muthukrishnan
2022-05-30 12:23               ` [v8, 06/10] examples/fips_validation: add json to hmac Gowrishankar Muthukrishnan
2022-05-30 12:23               ` [v8, 07/10] examples/fips_validation: implement json cmac test Gowrishankar Muthukrishnan
2022-05-30 12:23               ` [v8, 08/10] examples/fips_validation: add parsing for cmac Gowrishankar Muthukrishnan
2022-05-30 12:23               ` [v8, 09/10] examples/fips_validation: add parsing for aes_cbc Gowrishankar Muthukrishnan
2022-05-30 12:23               ` [v8, 10/10] doc: add notes about acvp validation support Gowrishankar Muthukrishnan
2022-05-30 15:52               ` [v9, 00/10] Add JSON vector set support to fips validation Gowrishankar Muthukrishnan
2022-05-30 15:52                 ` [v9, 01/10] examples/fips_validation: add jansson dependency Gowrishankar Muthukrishnan
2022-05-30 15:52                 ` [v9, 02/10] examples/fips_validation: add json info to header Gowrishankar Muthukrishnan
2022-05-30 15:52                 ` [v9, 03/10] examples/fips_validation: add json parsing Gowrishankar Muthukrishnan
2022-05-30 15:52                 ` [v9, 04/10] examples/fips_validation: allow json file as input Gowrishankar Muthukrishnan
2022-05-30 15:52                 ` [v9, 05/10] examples/fips_validation: add json to gcm test Gowrishankar Muthukrishnan
2022-05-30 15:52                 ` [v9, 06/10] examples/fips_validation: add json to hmac Gowrishankar Muthukrishnan
2022-05-30 15:52                 ` [v9, 07/10] examples/fips_validation: implement json cmac test Gowrishankar Muthukrishnan
2022-05-30 15:52                 ` [v9, 08/10] examples/fips_validation: add parsing for cmac Gowrishankar Muthukrishnan
2022-05-30 15:52                 ` [v9, 09/10] examples/fips_validation: add parsing for aes_cbc Gowrishankar Muthukrishnan
2022-05-30 15:52                 ` [v9, 10/10] doc: add notes about acvp validation support Gowrishankar Muthukrishnan
2022-05-31 10:17                 ` [v9, 00/10] Add JSON vector set support to fips validation Poczatek, Jakub
2022-05-31 12:36                 ` Zhang, Roy Fan
2022-05-31 15:23                   ` Akhil Goyal
2022-06-07  9:48                     ` David Marchand
2022-06-13 11:58                       ` David Marchand
2022-06-21  7:28                         ` [EXT] " Gowrishankar Muthukrishnan
2022-06-21  7:36                           ` David Marchand
2022-06-21  7:40                             ` Akhil Goyal
2022-06-21  7:41                               ` David Marchand

DPDK patches and discussions

This inbox may be cloned and mirrored by anyone:

	git clone --mirror https://inbox.dpdk.org/dev/0 dev/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 dev dev/ https://inbox.dpdk.org/dev \
		dev@dpdk.org
	public-inbox-index dev

Example config snippet for mirrors.
Newsgroup available over NNTP:
	nntp://inbox.dpdk.org/inbox.dpdk.dev


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git