From: Tejasree Kondoj <ktejasree@marvell.com>
To: Akhil Goyal <gakhil@marvell.com>,
Radu Nicolau <radu.nicolau@intel.com>,
Fiona Trahe <fiona.trahe@intel.com>,
Fan Zhang <roy.fan.zhang@intel.com>,
Arek Kusztal <arkadiuszx.kusztal@intel.com>
Cc: Anoob Joseph <anoobj@marvell.com>,
Ankur Dwivedi <adwivedi@marvell.com>,
Jerin Jacob Kollanukkaran <jerinj@marvell.com>,
"dev@dpdk.org" <dev@dpdk.org>
Subject: Re: [dpdk-dev] [PATCH 2/2] test/crypto: support block cipher DIGEST_ENCRYPTED mode
Date: Wed, 24 Mar 2021 09:18:39 +0000 [thread overview]
Message-ID: <PH0PR18MB3864346968F7EE6990C701F8A8639@PH0PR18MB3864.namprd18.prod.outlook.com> (raw)
In-Reply-To: <MW2PR18MB22848149AF264B14D4CD7F9AD8649@MW2PR18MB2284.namprd18.prod.outlook.com>
Hi Akhil,
Please see inline.
Thanks
Tejasree
> -----Original Message-----
> From: Akhil Goyal <gakhil@marvell.com>
> Sent: Wednesday, March 24, 2021 1:18 AM
> To: Tejasree Kondoj <ktejasree@marvell.com>; Radu Nicolau
> <radu.nicolau@intel.com>; Fiona Trahe <fiona.trahe@intel.com>; Fan Zhang
> <roy.fan.zhang@intel.com>; Arek Kusztal <arkadiuszx.kusztal@intel.com>
> Cc: Anoob Joseph <anoobj@marvell.com>; Ankur Dwivedi
> <adwivedi@marvell.com>; Jerin Jacob Kollanukkaran <jerinj@marvell.com>;
> dev@dpdk.org
> Subject: RE: [PATCH 2/2] test/crypto: support block cipher
> DIGEST_ENCRYPTED mode
>
> > @@ -2565,6 +3052,108 @@ static const struct blockcipher_test_case
> > aes_chain_test_cases[] = {
> > .op_mask = BLOCKCIPHER_TEST_OP_AUTH_VERIFY_DEC,
> > .feature_mask = BLOCKCIPHER_TEST_FEATURE_SESSIONLESS,
> > },
> > + {
> > + .test_descr = "AES-128-CBC HMAC-SHA1 Encryption Digest"
> > + "(Encrypted Digest mode)",
> > + .test_data = &aes_test_data_4_digest_enc,
> > + .op_mask = BLOCKCIPHER_TEST_OP_AUTH_GEN_ENC,
> > + .feature_mask =
> > BLOCKCIPHER_TEST_FEATURE_DIGEST_ENCRYPTED,
> > + },
> > + {
> > + .test_descr = "AES-128-CBC HMAC-SHA1 Encryption Digest "
> > + "Scatter Gather (Encrypted Digest mode)",
> > + .test_data = &aes_test_data_4_digest_enc,
> > + .op_mask = BLOCKCIPHER_TEST_OP_AUTH_GEN_ENC,
> > + .feature_mask = BLOCKCIPHER_TEST_FEATURE_SG |
> > +
> > BLOCKCIPHER_TEST_FEATURE_DIGEST_ENCRYPTED,
> > + },
> > + {
> > + .test_descr = "AES-128-CBC HMAC-SHA1 Encryption Digest "
> > + "(short buffers) (Encrypted Digest mode)",
> > + .test_data = &aes_test_data_13_digest_enc,
> > + .op_mask = BLOCKCIPHER_TEST_OP_AUTH_GEN_ENC,
> > + .feature_mask =
> > BLOCKCIPHER_TEST_FEATURE_DIGEST_ENCRYPTED,
> > + },
> > + {
> > + .test_descr = "AES-128-CBC HMAC-SHA1 Encryption Digest "
> > + "Scatter Gather (Encrypted Digest mode)",
> > + .test_data = &aes_test_data_4_digest_enc,
> > + .op_mask = BLOCKCIPHER_TEST_OP_AUTH_GEN_ENC,
> > + .feature_mask = BLOCKCIPHER_TEST_FEATURE_SG |
> > +
> > BLOCKCIPHER_TEST_FEATURE_DIGEST_ENCRYPTED,
> > + },
> I believe this is getting repeated with the 2nd case.
[Tejasree] Yes. Will remove duplicate.
>
> > + {
> > + .test_descr = "AES-192-CBC HMAC-SHA1 Encryption Digest "
> > + "Sessionless (Encrypted Digest mode)",
> > + .test_data = &aes_test_data_10_digest_enc,
> > + .op_mask = BLOCKCIPHER_TEST_OP_AUTH_GEN_ENC,
> > + .feature_mask = BLOCKCIPHER_TEST_FEATURE_SESSIONLESS
> > |
> > +
> > BLOCKCIPHER_TEST_FEATURE_DIGEST_ENCRYPTED,
> > + },
> > + {
> > + .test_descr = "AES-256-CBC HMAC-SHA1 Encryption Digest "
> > + "Scatter Gather Sessionless (Encrypted Digest
> > mode)",
> > + .test_data = &aes_test_data_11_digest_enc,
> > + .op_mask = BLOCKCIPHER_TEST_OP_AUTH_GEN_ENC,
> > + .feature_mask = BLOCKCIPHER_TEST_FEATURE_SG |
> > + BLOCKCIPHER_TEST_FEATURE_SESSIONLESS |
> > + BLOCKCIPHER_TEST_FEATURE_DIGEST_ENCRYPTED,
> > + },
> > + {
> > + .test_descr = "AES-128-CBC HMAC-SHA1 Decryption Digest "
> > + "Verify (Encrypted Digest mode)",
> > + .test_data = &aes_test_data_4_digest_enc,
> > + .op_mask = BLOCKCIPHER_TEST_OP_DEC_AUTH_VERIFY,
> > + .feature_mask =
> > BLOCKCIPHER_TEST_FEATURE_DIGEST_ENCRYPTED,
> > + },
> > + {
> > + .test_descr = "AES-128-CBC HMAC-SHA1 Decryption Digest "
> > + "Verify Scatter Gather (Encrypted Digest mode)",
> > + .test_data = &aes_test_data_4_digest_enc,
> > + .op_mask = BLOCKCIPHER_TEST_OP_DEC_AUTH_VERIFY,
> > + .feature_mask = BLOCKCIPHER_TEST_FEATURE_SG |
> > +
> > BLOCKCIPHER_TEST_FEATURE_DIGEST_ENCRYPTED,
> > + },
> > + {
> > + .test_descr = "AES-128-CBC HMAC-SHA1 Decryption Digest "
> > + "Verify (short buffers) (Encrypted Digest mode)",
> > + .test_data = &aes_test_data_13_digest_enc,
> > + .op_mask = BLOCKCIPHER_TEST_OP_DEC_AUTH_VERIFY,
> > + .feature_mask =
> > BLOCKCIPHER_TEST_FEATURE_DIGEST_ENCRYPTED,
> > + },
> > + {
> > + .test_descr = "AES-128-CBC HMAC-SHA1 Decryption Digest "
> > + "Verify Scatter Gather (Encrypted Digest mode)",
> > + .test_data = &aes_test_data_4_digest_enc,
> > + .op_mask = BLOCKCIPHER_TEST_OP_DEC_AUTH_VERIFY,
> > + .feature_mask = BLOCKCIPHER_TEST_FEATURE_SG |
> > +
> > BLOCKCIPHER_TEST_FEATURE_DIGEST_ENCRYPTED,
> > + },
>
> The above one is also duplicate. Please check.
[Tejasree] Yes. Will remove this.
>
> > + {
> > + .test_descr = "AES-256-CBC HMAC-SHA1 Decryption Digest "
> > + "Verify Sessionless (Encrypted Digest mode)",
> > + .test_data = &aes_test_data_11_digest_enc,
> > + .op_mask = BLOCKCIPHER_TEST_OP_DEC_AUTH_VERIFY,
> > + .feature_mask = BLOCKCIPHER_TEST_FEATURE_SESSIONLESS
> > |
> > +
> > BLOCKCIPHER_TEST_FEATURE_DIGEST_ENCRYPTED,
> > + },
> > + {
> > + .test_descr = "AES-192-CBC HMAC-SHA1 Decryption Digest "
> > + "Verify Scatter Gather Sessionless (Encrypted Digest
> > mode)",
> > + .test_data = &aes_test_data_10_digest_enc,
> > + .op_mask = BLOCKCIPHER_TEST_OP_DEC_AUTH_VERIFY,
> > + .feature_mask = BLOCKCIPHER_TEST_FEATURE_SESSIONLESS
> > |
> > + BLOCKCIPHER_TEST_FEATURE_SG |
> > +
> > BLOCKCIPHER_TEST_FEATURE_DIGEST_ENCRYPTED,
> > + },
> > + {
> > + .test_descr = "AES-128-CBC HMAC-SHA1 Decryption Digest "
> > + "Verify Sessionless (Encrypted Digest mode)",
> > + .test_data = &aes_test_data_4_digest_enc,
> > + .op_mask = BLOCKCIPHER_TEST_OP_DEC_AUTH_VERIFY,
> > + .feature_mask = BLOCKCIPHER_TEST_FEATURE_SESSIONLESS
> > |
> > +
> > BLOCKCIPHER_TEST_FEATURE_DIGEST_ENCRYPTED,
> > + },
> > {
> > .test_descr = "NULL-CIPHER-NULL-AUTH encrypt & gen
> x8byte",
> > .test_data = &null_test_data_chain_x8_multiple,
>
> [snip]
>
> > @@ -558,18 +620,20 @@ test_blockcipher_one_case(const struct
> > blockcipher_test_case *t,
> > }
> > }
> >
> > - if (t->op_mask & BLOCKCIPHER_TEST_OP_AUTH_GEN) {
> > - uint8_t *auth_res = pktmbuf_mtod_offset(iobuf,
> > - tdata->ciphertext.len);
> > + /* Check digest data only in enc-then-auth_gen case */
>
> Why? The test vector should have an encrypted digest value to check.
> Otherwise how can we validate that the authentication SHA and encryption
> On that SHA is correct or not?
[Tejasree] Cipher text has both encrypted plain text and encrypted digest value.
If cipher text is correct, it implies digest is generated properly.
Will amend the comment to better reflect this.
>
> > + if (!(t->op_mask & BLOCKCIPHER_TEST_OP_DIGEST_ENCRYPTED))
> > + if (t->op_mask & BLOCKCIPHER_TEST_OP_AUTH_GEN) {
> > + uint8_t *auth_res = pktmbuf_mtod_offset(iobuf,
> > + tdata->ciphertext.len);
> >
> > - if (memcmp(auth_res, tdata->digest.data, digest_len)) {
> > - snprintf(test_msg, BLOCKCIPHER_TEST_MSG_LEN,
> > "line %u "
> > - "FAILED: %s", __LINE__, "Generated "
> > - "digest data not as expected");
> > - status = TEST_FAILED;
> > - goto error_exit;
> > + if (memcmp(auth_res, tdata->digest.data,
> > digest_len)) {
> > + snprintf(test_msg,
> > BLOCKCIPHER_TEST_MSG_LEN, "line %u "
> > + "FAILED: %s", __LINE__, "Generated "
> > + "digest data not as expected");
> > + status = TEST_FAILED;
> > + goto error_exit;
> > + }
> > }
> > - }
> >
next prev parent reply other threads:[~2021-03-24 9:18 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-03-15 10:29 [dpdk-dev] [PATCH 0/2] " Tejasree Kondoj
2021-03-15 10:29 ` [dpdk-dev] [PATCH 1/2] common/cpt: support " Tejasree Kondoj
2021-03-15 10:29 ` [dpdk-dev] [PATCH 2/2] test/crypto: support block cipher " Tejasree Kondoj
2021-03-23 19:47 ` Akhil Goyal
2021-03-24 9:18 ` Tejasree Kondoj [this message]
2021-03-16 5:40 ` [dpdk-dev] [PATCH 0/2] " Anoob Joseph
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=PH0PR18MB3864346968F7EE6990C701F8A8639@PH0PR18MB3864.namprd18.prod.outlook.com \
--to=ktejasree@marvell.com \
--cc=adwivedi@marvell.com \
--cc=anoobj@marvell.com \
--cc=arkadiuszx.kusztal@intel.com \
--cc=dev@dpdk.org \
--cc=fiona.trahe@intel.com \
--cc=gakhil@marvell.com \
--cc=jerinj@marvell.com \
--cc=radu.nicolau@intel.com \
--cc=roy.fan.zhang@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).