* [v6, 01/11] examples/fips_validation: add jansson dependency
2022-05-25 17:13 ` [v6, 00/11] Add JSON vector set support to fips validation Gowrishankar Muthukrishnan
@ 2022-05-25 17:13 ` Gowrishankar Muthukrishnan
2022-05-25 17:13 ` [v6, 02/11] examples/fips_validation: add json info to header Gowrishankar Muthukrishnan
` (11 subsequent siblings)
12 siblings, 0 replies; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-25 17:13 UTC (permalink / raw)
To: dev
Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
Archana Muniganti, Jerin Jacob, Brandon Lo
From: Brandon Lo <blo@iol.unh.edu>
Added a check for RTE_HAS_JANSSON into the meson
configuration file for JSON support.
Signed-off-by: Brandon Lo <blo@iol.unh.edu>
---
examples/fips_validation/meson.build | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/examples/fips_validation/meson.build b/examples/fips_validation/meson.build
index 7eef456318..8cd63066b5 100644
--- a/examples/fips_validation/meson.build
+++ b/examples/fips_validation/meson.build
@@ -21,3 +21,7 @@ sources = files(
'fips_dev_self_test.c',
'main.c',
)
+
+if dpdk_conf.has('RTE_HAS_JANSSON')
+ ext_deps += jansson_dep
+endif
--
2.25.1
^ permalink raw reply [flat|nested] 122+ messages in thread
* [v6, 02/11] examples/fips_validation: add json info to header
2022-05-25 17:13 ` [v6, 00/11] Add JSON vector set support to fips validation Gowrishankar Muthukrishnan
2022-05-25 17:13 ` [v6, 01/11] examples/fips_validation: add jansson dependency Gowrishankar Muthukrishnan
@ 2022-05-25 17:13 ` Gowrishankar Muthukrishnan
2022-05-25 17:13 ` [v6, 03/11] examples/fips_validation: add json parsing Gowrishankar Muthukrishnan
` (10 subsequent siblings)
12 siblings, 0 replies; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-25 17:13 UTC (permalink / raw)
To: dev
Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
Archana Muniganti, Jerin Jacob, Brandon Lo,
Gowrishankar Muthukrishnan
From: Brandon Lo <blo@iol.unh.edu>
Added json-specific functions and other information needed to
test the new FIPS test vectors.
Signed-off-by: Brandon Lo <blo@iol.unh.edu>
Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
---
v5:
* fix typo in macro name for prefixes.
v2:
* fix type of prefix to suffix
---
examples/fips_validation/fips_validation.c | 6 +--
examples/fips_validation/fips_validation.h | 48 ++++++++++++++++++++--
2 files changed, 47 insertions(+), 7 deletions(-)
diff --git a/examples/fips_validation/fips_validation.c b/examples/fips_validation/fips_validation.c
index 94253eaee8..38c99b291c 100644
--- a/examples/fips_validation/fips_validation.c
+++ b/examples/fips_validation/fips_validation.c
@@ -270,11 +270,11 @@ parse_file_type(const char *path)
{
const char *tmp = path + strlen(path) - 3;
- if (strstr(tmp, REQ_FILE_PERFIX))
+ if (strstr(tmp, REQ_FILE_PREFIX))
info.file_type = FIPS_TYPE_REQ;
- else if (strstr(tmp, RSP_FILE_PERFIX))
+ else if (strstr(tmp, RSP_FILE_PREFIX))
info.file_type = FIPS_TYPE_RSP;
- else if (strstr(path, FAX_FILE_PERFIX))
+ else if (strstr(path, FAX_FILE_PREFIX))
info.file_type = FIPS_TYPE_FAX;
else
return -EINVAL;
diff --git a/examples/fips_validation/fips_validation.h b/examples/fips_validation/fips_validation.h
index aaadf01ba8..a1c83a9a6a 100644
--- a/examples/fips_validation/fips_validation.h
+++ b/examples/fips_validation/fips_validation.h
@@ -5,6 +5,10 @@
#ifndef _FIPS_VALIDATION_H_
#define _FIPS_VALIDATION_H_
+#ifdef RTE_HAS_JANSSON
+#include <jansson.h>
+#endif /* RTE_HAS_JANSSON */
+
#define FIPS_PARSE_ERR(fmt, args) \
RTE_LOG(ERR, USER1, "FIPS parse error" ## fmt ## "\n", ## args)
@@ -21,9 +25,12 @@
#define POSITIVE_TEST 0
#define NEGATIVE_TEST -1
-#define REQ_FILE_PERFIX "req"
-#define RSP_FILE_PERFIX "rsp"
-#define FAX_FILE_PERFIX "fax"
+#define REQ_FILE_PREFIX "req"
+#define RSP_FILE_PREFIX "rsp"
+#define FAX_FILE_PREFIX "fax"
+#define JSON_FILE_PREFIX "json"
+
+#define ACVVERSION "1.0"
enum fips_test_algorithms {
FIPS_TEST_ALGO_AES = 0,
@@ -40,7 +47,8 @@ enum fips_test_algorithms {
enum file_types {
FIPS_TYPE_REQ = 1,
FIPS_TYPE_FAX,
- FIPS_TYPE_RSP
+ FIPS_TYPE_RSP,
+ FIPS_TYPE_JSON,
};
enum fips_test_op {
@@ -161,6 +169,23 @@ struct gcm_interim_data {
uint8_t gen_iv;
};
+#ifdef RTE_HAS_JANSSON
+struct fips_test_json_info {
+ /* Information used for reading from json */
+ json_t *json_root;
+ json_t *json_vector_set;
+ json_t *json_test_group;
+ json_t *json_test_case;
+ /* Location of json write output */
+ json_t *json_write_root;
+ json_t *json_write_group;
+ json_t *json_write_set;
+ json_t *json_write_case;
+ /* Other info */
+ uint8_t is_sample;
+};
+#endif /* RTE_HAS_JANSSON */
+
struct fips_test_interim_info {
FILE *fp_rd;
FILE *fp_wr;
@@ -196,6 +221,10 @@ struct fips_test_interim_info {
extern struct fips_test_vector vec;
extern struct fips_test_interim_info info;
+#ifdef RTE_HAS_JANSSON
+extern struct fips_test_json_info json_info;
+#endif /* RTE_HAS_JANSSON */
+
int
fips_test_init(const char *req_file_path, const char *rsp_file_path,
const char *device_name);
@@ -212,6 +241,17 @@ fips_test_parse_one_case(void);
void
fips_test_write_one_case(void);
+#ifdef RTE_HAS_JANSSON
+int
+fips_test_parse_one_json_vector_set(void);
+
+int
+fips_test_parse_one_json_group(void);
+
+int
+fips_test_parse_one_json_case(void);
+#endif /* RTE_HAS_JANSSON */
+
int
parse_test_aes_init(void);
--
2.25.1
^ permalink raw reply [flat|nested] 122+ messages in thread
* [v6, 03/11] examples/fips_validation: add json parsing
2022-05-25 17:13 ` [v6, 00/11] Add JSON vector set support to fips validation Gowrishankar Muthukrishnan
2022-05-25 17:13 ` [v6, 01/11] examples/fips_validation: add jansson dependency Gowrishankar Muthukrishnan
2022-05-25 17:13 ` [v6, 02/11] examples/fips_validation: add json info to header Gowrishankar Muthukrishnan
@ 2022-05-25 17:13 ` Gowrishankar Muthukrishnan
2022-05-25 17:13 ` [v6, 04/11] examples/fips_validation: allow json file as input Gowrishankar Muthukrishnan
` (9 subsequent siblings)
12 siblings, 0 replies; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-25 17:13 UTC (permalink / raw)
To: dev
Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
Archana Muniganti, Jerin Jacob, Brandon Lo
From: Brandon Lo <blo@iol.unh.edu>
Added functions to parse the required information from a vector set
given in the new json format.
Signed-off-by: Brandon Lo <blo@iol.unh.edu>
---
v3:
* fix checkpatch warnings
v2:
* fix for loop initialization
---
examples/fips_validation/fips_validation.c | 92 ++++++++++++++++++++++
1 file changed, 92 insertions(+)
diff --git a/examples/fips_validation/fips_validation.c b/examples/fips_validation/fips_validation.c
index 38c99b291c..6594a15579 100644
--- a/examples/fips_validation/fips_validation.c
+++ b/examples/fips_validation/fips_validation.c
@@ -276,6 +276,8 @@ parse_file_type(const char *path)
info.file_type = FIPS_TYPE_RSP;
else if (strstr(path, FAX_FILE_PREFIX))
info.file_type = FIPS_TYPE_FAX;
+ else if (strstr(path, JSON_FILE_PREFIX))
+ info.file_type = FIPS_TYPE_JSON;
else
return -EINVAL;
@@ -311,6 +313,21 @@ fips_test_init(const char *req_file_path, const char *rsp_file_path,
return -EINVAL;
}
+ if (info.file_type == FIPS_TYPE_JSON) {
+#ifdef RTE_HAS_JANSSON
+ json_error_t error;
+ json_info.json_root = json_loadf(info.fp_rd, 0, &error);
+ if (!json_info.json_root) {
+ RTE_LOG(ERR, USER1, "Cannot parse json file %s (line %d, column %d)\n",
+ req_file_path, error.line, error.column);
+ return -EINVAL;
+ }
+#else /* RTE_HAS_JANSSON */
+ RTE_LOG(ERR, USER1, "No json library configured.\n");
+ return -EINVAL;
+#endif /* RTE_HAS_JANSSON */
+ }
+
info.fp_wr = fopen(rsp_file_path, "w");
if (!info.fp_wr) {
RTE_LOG(ERR, USER1, "Cannot open file %s\n", rsp_file_path);
@@ -329,6 +346,9 @@ fips_test_init(const char *req_file_path, const char *rsp_file_path,
return -EINVAL;
}
+ if (info.file_type == FIPS_TYPE_JSON)
+ return 0;
+
if (fips_test_parse_header() < 0) {
RTE_LOG(ERR, USER1, "Failed parsing header\n");
return -1;
@@ -428,6 +448,78 @@ fips_test_write_one_case(void)
fprintf(info.fp_wr, "%s\n", info.vec[i]);
}
+#ifdef RTE_HAS_JANSSON
+int
+fips_test_parse_one_json_vector_set(void)
+{
+ json_t *algo_obj = json_object_get(json_info.json_vector_set, "algorithm");
+ const char *algo_str = json_string_value(algo_obj);
+
+ /* Vector sets contain the algorithm type, and nothing else we need. */
+ if (strstr(algo_str, "AES-GCM"))
+ info.algo = FIPS_TEST_ALGO_AES_GCM;
+ else
+ return -EINVAL;
+
+ return 0;
+}
+
+int
+fips_test_parse_one_json_group(void)
+{
+ int ret, i;
+ json_int_t val;
+ json_t *param;
+
+ if (info.interim_callbacks) {
+ char json_value[256];
+ for (i = 0; info.interim_callbacks[i].key != NULL; i++) {
+ param = json_object_get(json_info.json_test_group,
+ info.interim_callbacks[i].key);
+ val = json_integer_value(param);
+ snprintf(json_value, 255, "%"JSON_INTEGER_FORMAT, val);
+ /* First argument is blank because the key
+ * is not included in the string being parsed.
+ */
+ ret = info.interim_callbacks[i].cb(
+ "", json_value,
+ info.interim_callbacks[i].val
+ );
+ if (ret < 0)
+ return ret;
+ }
+ }
+
+ return 0;
+}
+
+int
+fips_test_parse_one_json_case(void)
+{
+ uint32_t i;
+ int ret = 0;
+ json_t *param;
+
+ for (i = 0; info.callbacks[i].key != NULL; i++) {
+ param = json_object_get(json_info.json_test_case, info.callbacks[i].key);
+ if (param) {
+ strcpy(info.one_line_text, json_string_value(param));
+ /* First argument is blank because the key
+ * is not included in the string being parsed.
+ */
+ ret = info.callbacks[i].cb(
+ "", info.one_line_text,
+ info.callbacks[i].val
+ );
+ if (ret < 0)
+ return ret;
+ }
+ }
+
+ return 0;
+}
+#endif /* RTE_HAS_JANSSON */
+
static int
parser_read_uint64_hex(uint64_t *value, const char *p)
{
--
2.25.1
^ permalink raw reply [flat|nested] 122+ messages in thread
* [v6, 04/11] examples/fips_validation: allow json file as input
2022-05-25 17:13 ` [v6, 00/11] Add JSON vector set support to fips validation Gowrishankar Muthukrishnan
` (2 preceding siblings ...)
2022-05-25 17:13 ` [v6, 03/11] examples/fips_validation: add json parsing Gowrishankar Muthukrishnan
@ 2022-05-25 17:13 ` Gowrishankar Muthukrishnan
2022-05-25 17:13 ` [v6, 05/11] examples/fips_validation: add json to gcm test Gowrishankar Muthukrishnan
` (8 subsequent siblings)
12 siblings, 0 replies; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-25 17:13 UTC (permalink / raw)
To: dev
Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
Archana Muniganti, Jerin Jacob, Brandon Lo,
Gowrishankar Muthukrishnan
From: Brandon Lo <blo@iol.unh.edu>
Added the ability to use the json format as the input
and output of the example application.
Signed-off-by: Brandon Lo <blo@iol.unh.edu>
Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
--
v5:
* fix to check info.file_type in json file type as well.
v3:
* fix checkpatch warnings
v2:
* remove use_json variable
---
examples/fips_validation/main.c | 197 +++++++++++++++++++++++++++++++-
1 file changed, 194 insertions(+), 3 deletions(-)
diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c
index e06ae37567..3d841e5bfd 100644
--- a/examples/fips_validation/main.c
+++ b/examples/fips_validation/main.c
@@ -34,11 +34,17 @@ enum {
OPT_CRYPTODEV_BK_ID_NUM,
#define OPT_CRYPTODEV_BK_DIR_KEY "broken-test-dir"
OPT_CRYPTODEV_BK_DIR_KEY_NUM,
+#define OPT_USE_JSON "use-json"
+ OPT_USE_JSON_NUM,
};
struct fips_test_vector vec;
struct fips_test_interim_info info;
+#ifdef RTE_HAS_JANSSON
+struct fips_test_json_info json_info;
+#endif /* RTE_HAS_JANSSON */
+
struct cryptodev_fips_validate_env {
const char *req_path;
const char *rsp_path;
@@ -166,6 +172,11 @@ cryptodev_fips_validate_app_uninit(void)
static int
fips_test_one_file(void);
+#ifdef RTE_HAS_JANSSON
+static int
+fips_test_one_json_file(void);
+#endif /* RTE_HAS_JANSSON */
+
static int
parse_cryptodev_arg(char *arg)
{
@@ -425,8 +436,17 @@ main(int argc, char *argv[])
goto exit;
}
-
+#ifdef RTE_HAS_JANSSON
+ if (info.file_type == FIPS_TYPE_JSON) {
+ ret = fips_test_one_json_file();
+ json_decref(json_info.json_root);
+ } else {
+ ret = fips_test_one_file();
+ }
+#else /* RTE_HAS_JANSSON */
ret = fips_test_one_file();
+#endif /* RTE_HAS_JANSSON */
+
if (ret < 0) {
RTE_LOG(ERR, USER1, "Error %i: Failed test %s\n",
ret, env.req_path);
@@ -481,7 +501,17 @@ main(int argc, char *argv[])
break;
}
+#ifdef RTE_HAS_JANSSON
+ if (info.file_type == FIPS_TYPE_JSON) {
+ ret = fips_test_one_json_file();
+ json_decref(json_info.json_root);
+ } else {
+ ret = fips_test_one_file();
+ }
+#else /* RTE_HAS_JANSSON */
ret = fips_test_one_file();
+#endif /* RTE_HAS_JANSSON */
+
if (ret < 0) {
RTE_LOG(ERR, USER1, "Error %i: Failed test %s\n",
ret, req_path);
@@ -1219,7 +1249,8 @@ fips_generic_test(void)
struct fips_val val = {NULL, 0};
int ret;
- fips_test_write_one_case();
+ if (info.file_type != FIPS_TYPE_JSON)
+ fips_test_write_one_case();
ret = fips_run_test();
if (ret < 0) {
@@ -1238,6 +1269,7 @@ fips_generic_test(void)
switch (info.file_type) {
case FIPS_TYPE_REQ:
case FIPS_TYPE_RSP:
+ case FIPS_TYPE_JSON:
if (info.parse_writeback == NULL)
return -EPERM;
ret = info.parse_writeback(&val);
@@ -1253,7 +1285,8 @@ fips_generic_test(void)
break;
}
- fprintf(info.fp_wr, "\n");
+ if (info.file_type != FIPS_TYPE_JSON)
+ fprintf(info.fp_wr, "\n");
free(val.val);
return 0;
@@ -1844,3 +1877,161 @@ fips_test_one_file(void)
return ret;
}
+
+#ifdef RTE_HAS_JANSSON
+static int
+fips_test_json_init_writeback(void)
+{
+ json_t *session_info, *session_write;
+ session_info = json_array_get(json_info.json_root, 0);
+ session_write = json_object();
+ json_info.json_write_root = json_array();
+
+ json_object_set(session_write, "jwt",
+ json_object_get(session_info, "jwt"));
+ json_object_set(session_write, "url",
+ json_object_get(session_info, "url"));
+ json_object_set(session_write, "isSample",
+ json_object_get(session_info, "isSample"));
+
+ json_info.is_sample = json_boolean_value(
+ json_object_get(session_info, "isSample"));
+
+ json_array_append_new(json_info.json_write_root, session_write);
+ return 0;
+}
+
+static int
+fips_test_one_test_case(void)
+{
+ int ret;
+
+ ret = fips_test_parse_one_json_case();
+
+ switch (ret) {
+ case 0:
+ ret = test_ops.test();
+ if (ret == 0)
+ break;
+ RTE_LOG(ERR, USER1, "Error %i: test block\n",
+ ret);
+ break;
+ case 1:
+ break;
+ default:
+ RTE_LOG(ERR, USER1, "Error %i: Parse block\n",
+ ret);
+ }
+ return 0;
+}
+
+static int
+fips_test_one_test_group(void)
+{
+ int ret;
+ json_t *tests, *write_tests;
+ size_t test_idx, tests_size;
+
+ write_tests = json_array();
+ json_info.json_write_group = json_object();
+ json_object_set(json_info.json_write_group, "tgId",
+ json_object_get(json_info.json_test_group, "tgId"));
+ json_object_set_new(json_info.json_write_group, "tests", write_tests);
+
+ switch (info.algo) {
+ case FIPS_TEST_ALGO_AES_GCM:
+ ret = parse_test_gcm_init();
+ break;
+ default:
+ return -EINVAL;
+ }
+ if (ret < 0)
+ return ret;
+
+ ret = fips_test_parse_one_json_group();
+ if (ret < 0)
+ return ret;
+
+ ret = init_test_ops();
+ if (ret < 0)
+ return ret;
+
+ tests = json_object_get(json_info.json_test_group, "tests");
+ tests_size = json_array_size(tests);
+ for (test_idx = 0; test_idx < tests_size; test_idx++) {
+ json_info.json_test_case = json_array_get(tests, test_idx);
+ fips_test_one_test_case();
+ json_array_append_new(write_tests, json_info.json_write_case);
+ }
+
+ return 0;
+}
+
+static int
+fips_test_one_vector_set(void)
+{
+ int ret;
+ json_t *test_groups, *write_groups, *write_version, *write_set;
+ size_t group_idx, num_groups;
+
+ test_groups = json_object_get(json_info.json_vector_set, "testGroups");
+ num_groups = json_array_size(test_groups);
+
+ json_info.json_write_set = json_array();
+ write_version = json_object();
+ json_object_set_new(write_version, "acvVersion", json_string(ACVVERSION));
+ json_array_append_new(json_info.json_write_set, write_version);
+
+ write_set = json_object();
+ json_array_append_new(json_info.json_write_set, write_set);
+ write_groups = json_array();
+
+ json_object_set(write_set, "vsId",
+ json_object_get(json_info.json_vector_set, "vsId"));
+ json_object_set(write_set, "algorithm",
+ json_object_get(json_info.json_vector_set, "algorithm"));
+ json_object_set(write_set, "revision",
+ json_object_get(json_info.json_vector_set, "revision"));
+ json_object_set_new(write_set, "isSample",
+ json_boolean(json_info.is_sample));
+ json_object_set_new(write_set, "testGroups", write_groups);
+
+ ret = fips_test_parse_one_json_vector_set();
+ if (ret < 0) {
+ RTE_LOG(ERR, USER1, "Error: Unsupported or invalid vector set algorithm: %s\n",
+ json_string_value(json_object_get(json_info.json_vector_set, "algorithm")));
+ return ret;
+ }
+
+ for (group_idx = 0; group_idx < num_groups; group_idx++) {
+ json_info.json_test_group = json_array_get(test_groups, group_idx);
+ ret = fips_test_one_test_group();
+ json_array_append_new(write_groups, json_info.json_write_group);
+ }
+
+ return 0;
+}
+
+static int
+fips_test_one_json_file(void)
+{
+ size_t vector_set_idx, root_size;
+
+ root_size = json_array_size(json_info.json_root);
+ fips_test_json_init_writeback();
+
+ for (vector_set_idx = 1; vector_set_idx < root_size; vector_set_idx++) {
+ /* Vector set index starts at 1, the 0th index contains test session
+ * information.
+ */
+ json_info.json_vector_set = json_array_get(json_info.json_root, vector_set_idx);
+ fips_test_one_vector_set();
+ json_array_append_new(json_info.json_write_root, json_info.json_write_set);
+ }
+
+ json_dumpf(json_info.json_write_root, info.fp_wr, JSON_INDENT(4));
+ json_decref(json_info.json_write_root);
+
+ return 0;
+}
+#endif /* RTE_HAS_JANSSON */
--
2.25.1
^ permalink raw reply [flat|nested] 122+ messages in thread
* [v6, 05/11] examples/fips_validation: add json to gcm test
2022-05-25 17:13 ` [v6, 00/11] Add JSON vector set support to fips validation Gowrishankar Muthukrishnan
` (3 preceding siblings ...)
2022-05-25 17:13 ` [v6, 04/11] examples/fips_validation: allow json file as input Gowrishankar Muthukrishnan
@ 2022-05-25 17:13 ` Gowrishankar Muthukrishnan
2022-05-25 17:13 ` [v6, 06/11] examples/fips_validation: add json to hmac Gowrishankar Muthukrishnan
` (7 subsequent siblings)
12 siblings, 0 replies; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-25 17:13 UTC (permalink / raw)
To: dev
Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
Archana Muniganti, Jerin Jacob, Brandon Lo
From: Brandon Lo <blo@iol.unh.edu>
Adds json-specific testing and writeback function. Allows
the user to test AES-GCM vector sets.
Signed-off-by: Brandon Lo <blo@iol.unh.edu>
---
v3:
* fix checkpatch warnings
---
examples/fips_validation/fips_validation.h | 3 +
.../fips_validation/fips_validation_gcm.c | 151 +++++++++++++++++-
examples/fips_validation/main.c | 3 +-
3 files changed, 155 insertions(+), 2 deletions(-)
diff --git a/examples/fips_validation/fips_validation.h b/examples/fips_validation/fips_validation.h
index a1c83a9a6a..8b9d528c53 100644
--- a/examples/fips_validation/fips_validation.h
+++ b/examples/fips_validation/fips_validation.h
@@ -250,6 +250,9 @@ fips_test_parse_one_json_group(void);
int
fips_test_parse_one_json_case(void);
+
+int
+parse_test_gcm_json_init(void);
#endif /* RTE_HAS_JANSSON */
int
diff --git a/examples/fips_validation/fips_validation_gcm.c b/examples/fips_validation/fips_validation_gcm.c
index 250d09bf90..3604b21f13 100644
--- a/examples/fips_validation/fips_validation_gcm.c
+++ b/examples/fips_validation/fips_validation_gcm.c
@@ -6,6 +6,10 @@
#include <time.h>
#include <stdio.h>
+#ifdef RTE_HAS_JANSSON
+#include <jansson.h>
+#endif /* RTE_HAS_JANSSON */
+
#include <rte_cryptodev.h>
#include <rte_malloc.h>
@@ -37,6 +41,27 @@
#define OP_ENC_EXT_STR "ExtIV"
#define OP_ENC_INT_STR "IntIV"
+#define KEYLEN_JSON_STR "keyLen"
+#define IVLEN_JSON_STR "ivLen"
+#define PAYLOADLEN_JSON_STR "payloadLen"
+#define AADLEN_JSON_STR "aadLen"
+#define TAGLEN_JSON_STR "tagLen"
+
+#define KEY_JSON_STR "key"
+#define IV_JSON_STR "iv"
+#define PT_JSON_STR "pt"
+#define CT_JSON_STR "ct"
+#define AAD_JSON_STR "aad"
+#define TAG_JSON_STR "tag"
+#define DIR_JSON_STR "direction"
+
+#define OP_ENC_JSON_STR "encrypt"
+#define OP_DEC_JSON_STR "decrypt"
+
+#define IVGEN_JSON_STR "ivGen"
+#define OP_ENC_EXT_JSON_STR "external"
+#define OP_ENC_INT_JSON_STR "internal"
+
#define NEG_TEST_STR "FAIL"
/**
@@ -136,6 +161,40 @@ struct fips_test_callback gcm_enc_vectors[] = {
{NULL, NULL, NULL} /**< end pointer */
};
+#ifdef RTE_HAS_JANSSON
+struct fips_test_callback gcm_dec_json_vectors[] = {
+ {KEY_JSON_STR, parse_uint8_known_len_hex_str, &vec.aead.key},
+ {IV_JSON_STR, parse_uint8_known_len_hex_str, &vec.iv},
+ {CT_JSON_STR, parse_gcm_pt_ct_str, &vec.ct},
+ {AAD_JSON_STR, parse_gcm_aad_str, &vec.aead.aad},
+ {TAG_JSON_STR, parse_uint8_known_len_hex_str,
+ &vec.aead.digest},
+ {NULL, NULL, NULL} /**< end pointer */
+};
+
+struct fips_test_callback gcm_interim_json_vectors[] = {
+ {KEYLEN_JSON_STR, parser_read_uint32_bit_val, &vec.aead.key},
+ {IVLEN_JSON_STR, parser_read_uint32_bit_val, &vec.iv},
+ {PAYLOADLEN_JSON_STR, parser_read_gcm_pt_len, &vec.pt},
+ {PAYLOADLEN_JSON_STR, parser_read_uint32_bit_val, &vec.ct},
+ /**< The NIST json test vectors use 'payloadLen' to denote input text
+ * length in case of decrypt & encrypt operations.
+ */
+ {AADLEN_JSON_STR, parser_read_uint32_bit_val, &vec.aead.aad},
+ {TAGLEN_JSON_STR, parser_read_uint32_bit_val,
+ &vec.aead.digest},
+ {NULL, NULL, NULL} /**< end pointer */
+};
+
+struct fips_test_callback gcm_enc_json_vectors[] = {
+ {KEY_JSON_STR, parse_uint8_known_len_hex_str, &vec.aead.key},
+ {IV_JSON_STR, parse_uint8_known_len_hex_str, &vec.iv},
+ {PT_JSON_STR, parse_gcm_pt_ct_str, &vec.pt},
+ {AAD_JSON_STR, parse_gcm_aad_str, &vec.aead.aad},
+ {NULL, NULL, NULL} /**< end pointer */
+};
+#endif /* RTE_HAS_JANSSON */
+
static int
parse_test_gcm_writeback(struct fips_val *val)
{
@@ -194,7 +253,6 @@ parse_test_gcm_init(void)
char *tmp;
uint32_t i;
-
for (i = 0; i < info.nb_vec_lines; i++) {
char *line = info.vec[i];
@@ -218,3 +276,94 @@ parse_test_gcm_init(void)
return 0;
}
+
+#ifdef RTE_HAS_JANSSON
+static int
+parse_test_gcm_json_writeback(struct fips_val *val)
+{
+ struct fips_val tmp_val;
+ json_t *tcId, *tag;
+
+ tcId = json_object_get(json_info.json_test_case, "tcId");
+
+ json_info.json_write_case = json_object();
+ json_object_set(json_info.json_write_case, "tcId", tcId);
+
+ if (info.op == FIPS_TEST_ENC_AUTH_GEN) {
+ json_t *ct;
+
+ tmp_val.val = val->val;
+ tmp_val.len = vec.pt.len;
+
+ writeback_hex_str("", info.one_line_text, &tmp_val);
+ ct = json_string(info.one_line_text);
+ json_object_set_new(json_info.json_write_case, CT_JSON_STR, ct);
+
+ if (info.interim_info.gcm_data.gen_iv) {
+ json_t *iv;
+ tmp_val.val = vec.iv.val;
+ tmp_val.len = vec.iv.len;
+
+ writeback_hex_str("", info.one_line_text, &tmp_val);
+ iv = json_string(info.one_line_text);
+ json_object_set_new(json_info.json_write_case, IV_JSON_STR, iv);
+
+ rte_free(vec.iv.val);
+ vec.iv.val = NULL;
+ }
+
+ tmp_val.val = val->val + vec.pt.len;
+ tmp_val.len = val->len - vec.pt.len;
+
+ writeback_hex_str("", info.one_line_text, &tmp_val);
+ tag = json_string(info.one_line_text);
+ json_object_set_new(json_info.json_write_case, TAG_JSON_STR, tag);
+ } else {
+ if (vec.status == RTE_CRYPTO_OP_STATUS_SUCCESS) {
+ if (!info.interim_info.gcm_data.is_gmac) {
+ tmp_val.val = val->val;
+ tmp_val.len = vec.pt.len;
+
+ writeback_hex_str("", info.one_line_text, &tmp_val);
+ json_object_set_new(json_info.json_write_case, PT_JSON_STR,
+ json_string(info.one_line_text));
+ }
+ } else {
+ json_object_set_new(json_info.json_write_case, "testPassed", json_false());
+ }
+ }
+
+ return 0;
+}
+
+int
+parse_test_gcm_json_init(void)
+{
+ json_t *direction_obj;
+ const char *direction_str;
+
+ direction_obj = json_object_get(json_info.json_test_group, DIR_JSON_STR);
+ direction_str = json_string_value(direction_obj);
+
+ if (strcmp(direction_str, OP_ENC_JSON_STR) == 0) {
+ json_t *ivGen_obj = json_object_get(json_info.json_test_group, IVGEN_JSON_STR);
+ const char *ivGen_str = json_string_value(ivGen_obj);
+
+ info.op = FIPS_TEST_ENC_AUTH_GEN;
+ info.callbacks = gcm_enc_json_vectors;
+
+ if (strcmp(ivGen_str, OP_ENC_INT_JSON_STR) == 0)
+ info.interim_info.gcm_data.gen_iv = 1;
+ } else if (strcmp(direction_str, OP_DEC_JSON_STR) == 0) {
+ info.op = FIPS_TEST_DEC_AUTH_VERIF;
+ info.callbacks = gcm_dec_json_vectors;
+ } else {
+ return -EINVAL;
+ }
+ info.interim_callbacks = gcm_interim_json_vectors;
+ info.parse_writeback = parse_test_gcm_json_writeback;
+
+ return 0;
+}
+#endif /* RTE_HAS_JANSSON */
+
diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c
index 3d841e5bfd..6a1b323cc8 100644
--- a/examples/fips_validation/main.c
+++ b/examples/fips_validation/main.c
@@ -1940,11 +1940,12 @@ fips_test_one_test_group(void)
switch (info.algo) {
case FIPS_TEST_ALGO_AES_GCM:
- ret = parse_test_gcm_init();
+ ret = parse_test_gcm_json_init();
break;
default:
return -EINVAL;
}
+
if (ret < 0)
return ret;
--
2.25.1
^ permalink raw reply [flat|nested] 122+ messages in thread
* [v6, 06/11] examples/fips_validation: add json to hmac
2022-05-25 17:13 ` [v6, 00/11] Add JSON vector set support to fips validation Gowrishankar Muthukrishnan
` (4 preceding siblings ...)
2022-05-25 17:13 ` [v6, 05/11] examples/fips_validation: add json to gcm test Gowrishankar Muthukrishnan
@ 2022-05-25 17:13 ` Gowrishankar Muthukrishnan
2022-05-25 17:13 ` [v6, 07/11] examples/fips_validation: implement json cmac test Gowrishankar Muthukrishnan
` (6 subsequent siblings)
12 siblings, 0 replies; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-25 17:13 UTC (permalink / raw)
To: dev
Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
Archana Muniganti, Jerin Jacob, Brandon Lo
From: Brandon Lo <blo@iol.unh.edu>
Adds JSON support for the HMAC algorithm.
Signed-off-by: Brandon Lo <blo@iol.unh.edu>
---
examples/fips_validation/fips_validation.c | 2 +
examples/fips_validation/fips_validation.h | 6 ++
.../fips_validation/fips_validation_hmac.c | 93 +++++++++++++++++++
examples/fips_validation/main.c | 3 +
4 files changed, 104 insertions(+)
diff --git a/examples/fips_validation/fips_validation.c b/examples/fips_validation/fips_validation.c
index 6594a15579..e8520f59cf 100644
--- a/examples/fips_validation/fips_validation.c
+++ b/examples/fips_validation/fips_validation.c
@@ -458,6 +458,8 @@ fips_test_parse_one_json_vector_set(void)
/* Vector sets contain the algorithm type, and nothing else we need. */
if (strstr(algo_str, "AES-GCM"))
info.algo = FIPS_TEST_ALGO_AES_GCM;
+ if (strstr(algo_str, "HMAC"))
+ info.algo = FIPS_TEST_ALGO_HMAC;
else
return -EINVAL;
diff --git a/examples/fips_validation/fips_validation.h b/examples/fips_validation/fips_validation.h
index 8b9d528c53..3b3ffb7fa6 100644
--- a/examples/fips_validation/fips_validation.h
+++ b/examples/fips_validation/fips_validation.h
@@ -253,6 +253,12 @@ fips_test_parse_one_json_case(void);
int
parse_test_gcm_json_init(void);
+
+int
+parse_test_hmac_json_init(void);
+
+int
+parse_test_hmac_json_algorithm(void);
#endif /* RTE_HAS_JANSSON */
int
diff --git a/examples/fips_validation/fips_validation_hmac.c b/examples/fips_validation/fips_validation_hmac.c
index 1285c9d283..4cd1b1ac07 100644
--- a/examples/fips_validation/fips_validation_hmac.c
+++ b/examples/fips_validation/fips_validation_hmac.c
@@ -19,6 +19,15 @@
#define PT_STR "Msg = "
#define TAG_STR "Mac = "
+#define ALGO_JSON_STR "algorithm"
+
+#define KEYLEN_JSON_STR "keyLen"
+#define TAGLEN_JSON_STR "macLen"
+
+#define KEY_JSON_STR "key"
+#define PT_JSON_STR "msg"
+#define TAG_JSON_STR "mac"
+
struct hash_size_conversion {
const char *str;
enum rte_crypto_auth_algorithm algo;
@@ -65,6 +74,29 @@ struct fips_test_callback hmac_tests_interim_vectors[] = {
{NULL, NULL, NULL} /**< end pointer */
};
+#ifdef RTE_HAS_JANSSON
+struct hash_size_conversion json_algorithms[] = {
+ {"HMAC-SHA-1", RTE_CRYPTO_AUTH_SHA1_HMAC},
+ {"HMAC-SHA2-224", RTE_CRYPTO_AUTH_SHA224_HMAC},
+ {"HMAC-SHA2-256", RTE_CRYPTO_AUTH_SHA256_HMAC},
+ {"HMAC-SHA2-384", RTE_CRYPTO_AUTH_SHA384_HMAC},
+ {"HMAC-SHA2-512", RTE_CRYPTO_AUTH_SHA512_HMAC},
+};
+
+struct fips_test_callback hmac_tests_json_vectors[] = {
+ {KEY_JSON_STR, parse_uint8_hex_str, &vec.cipher_auth.key},
+ {PT_JSON_STR, parse_uint8_hex_str, &vec.pt},
+ {TAG_JSON_STR, parse_uint8_hex_str, &vec.cipher_auth.digest},
+ {NULL, NULL, NULL} /**< end pointer */
+};
+
+struct fips_test_callback hmac_tests_interim_json_vectors[] = {
+ {KEYLEN_JSON_STR, parser_read_uint32_val, &vec.cipher_auth.key},
+ {TAGLEN_JSON_STR, parser_read_uint32_bit_val, &vec.cipher_auth.digest},
+ {NULL, NULL, NULL} /**< end pointer */
+};
+#endif /* RTE_HAS_JANSSON */
+
static int
parse_test_hmac_writeback(struct fips_val *val)
{
@@ -103,3 +135,64 @@ parse_test_hmac_init(void)
return 0;
}
+
+#ifdef RTE_HAS_JANSSON
+static int
+parse_test_hmac_json_writeback(struct fips_val *val)
+{
+ struct fips_val val_local;
+ json_t *tcId, *mac;
+
+ tcId = json_object_get(json_info.json_test_case, "tcId");
+
+ json_info.json_write_case = json_object();
+ json_object_set(json_info.json_write_case, "tcId", tcId);
+
+
+ val_local.val = val->val + vec.pt.len;
+ val_local.len = vec.cipher_auth.digest.len;
+
+ writeback_hex_str("", info.one_line_text, &val_local);
+
+ mac = json_string(info.one_line_text);
+ json_object_set_new(json_info.json_write_case, TAG_JSON_STR, mac);
+
+ return 0;
+}
+
+int
+parse_test_hmac_json_algorithm(void)
+{
+ json_t *algorithm_object;
+ const char *algorithm_str;
+ uint32_t i;
+
+ algorithm_object = json_object_get(json_info.json_vector_set, "algorithm");
+ algorithm_str = json_string_value(algorithm_object);
+
+ for (i = 0; i < RTE_DIM(json_algorithms); i++) {
+ if (strstr(algorithm_str, json_algorithms[i].str)) {
+ info.interim_info.hmac_data.algo = json_algorithms[i].algo;
+ return 0;
+ }
+ }
+
+ return -1;
+}
+
+int
+parse_test_hmac_json_init(void)
+{
+ info.op = FIPS_TEST_ENC_AUTH_GEN;
+ info.parse_writeback = parse_test_hmac_json_writeback;
+ info.callbacks = hmac_tests_json_vectors;
+ info.writeback_callbacks = NULL;
+ info.kat_check = rsp_test_hmac_check;
+ info.interim_callbacks = hmac_tests_interim_json_vectors;
+
+ if (parse_test_hmac_json_algorithm() < 0)
+ return -1;
+
+ return 0;
+}
+#endif /* RTE_HAS_JANSSON */
diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c
index 6a1b323cc8..261e2c4c99 100644
--- a/examples/fips_validation/main.c
+++ b/examples/fips_validation/main.c
@@ -1942,6 +1942,9 @@ fips_test_one_test_group(void)
case FIPS_TEST_ALGO_AES_GCM:
ret = parse_test_gcm_json_init();
break;
+ case FIPS_TEST_ALGO_HMAC:
+ ret = parse_test_hmac_json_init();
+ break;
default:
return -EINVAL;
}
--
2.25.1
^ permalink raw reply [flat|nested] 122+ messages in thread
* [v6, 07/11] examples/fips_validation: implement json cmac test
2022-05-25 17:13 ` [v6, 00/11] Add JSON vector set support to fips validation Gowrishankar Muthukrishnan
` (5 preceding siblings ...)
2022-05-25 17:13 ` [v6, 06/11] examples/fips_validation: add json to hmac Gowrishankar Muthukrishnan
@ 2022-05-25 17:13 ` Gowrishankar Muthukrishnan
2022-05-25 17:13 ` [v6, 08/11] examples/fips_validation: add parsing for cmac Gowrishankar Muthukrishnan
` (5 subsequent siblings)
12 siblings, 0 replies; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-25 17:13 UTC (permalink / raw)
To: dev
Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
Archana Muniganti, Jerin Jacob, Brandon Lo
From: Brandon Lo <blo@iol.unh.edu>
Implemented JSON support for the CMAC test.
Signed-off-by: Brandon Lo <blo@iol.unh.edu>
--
v5:
* parser_read_cmac_direction_str is static.
---
examples/fips_validation/fips_validation.h | 3 +
.../fips_validation/fips_validation_cmac.c | 80 +++++++++++++++++++
2 files changed, 83 insertions(+)
diff --git a/examples/fips_validation/fips_validation.h b/examples/fips_validation/fips_validation.h
index 3b3ffb7fa6..88cbb0303e 100644
--- a/examples/fips_validation/fips_validation.h
+++ b/examples/fips_validation/fips_validation.h
@@ -259,6 +259,9 @@ parse_test_hmac_json_init(void);
int
parse_test_hmac_json_algorithm(void);
+
+int
+parse_test_cmac_json_init(void);
#endif /* RTE_HAS_JANSSON */
int
diff --git a/examples/fips_validation/fips_validation_cmac.c b/examples/fips_validation/fips_validation_cmac.c
index 54c951ef83..094e3922a4 100644
--- a/examples/fips_validation/fips_validation_cmac.c
+++ b/examples/fips_validation/fips_validation_cmac.c
@@ -32,6 +32,18 @@
#define PASS_STR "P"
#define FAIL_STR "F"
+#define KLEN_JSON_STR "keyLen"
+#define PTLEN_JSON_STR "msgLen"
+#define TAGLEN_JSON_STR "macLen"
+#define KEY_JSON_STR "key"
+#define PT_JSON_STR "message"
+#define TAG_JSON_STR "mac"
+#define DIRECTION_JSON_STR "direction"
+#define POS_NEG_JSON_STR "testPassed"
+
+#define GEN_JSON_STR "gen"
+#define VERIF_JSON_STR "ver"
+
struct hash_algo_conversion {
const char *str;
enum fips_test_algorithms algo;
@@ -39,6 +51,74 @@ struct hash_algo_conversion {
{"AES", FIPS_TEST_ALGO_AES_CMAC},
};
+#ifdef RTE_HAS_JANSSON
+static int
+parser_read_cmac_direction_str(__rte_unused const char *key, char *src,
+ __rte_unused struct fips_val *val)
+{
+ if (strcmp(src, "gen") == 0)
+ info.op = FIPS_TEST_ENC_AUTH_GEN;
+ else if (strcmp(src, "ver") == 0)
+ info.op = FIPS_TEST_DEC_AUTH_VERIF;
+
+ return 0;
+}
+
+struct fips_test_callback cmac_tests_interim_json_vectors[] = {
+ {KLEN_JSON_STR, parser_read_uint32_bit_val, &vec.cipher_auth.key},
+ {PTLEN_JSON_STR, parser_read_uint32_bit_val, &vec.pt},
+ {TAGLEN_JSON_STR, parser_read_uint32_bit_val, &vec.cipher_auth.digest},
+ {DIRECTION_JSON_STR, parser_read_cmac_direction_str, NULL},
+ {NULL, NULL, NULL} /**< end pointer */
+};
+
+struct fips_test_callback cmac_tests_json_vectors[] = {
+ {KEY_JSON_STR, parse_uint8_hex_str, &vec.cipher_auth.key},
+ {PT_JSON_STR, parse_uint8_known_len_hex_str, &vec.pt},
+ {TAG_JSON_STR, parse_uint8_known_len_hex_str,
+ &vec.cipher_auth.digest},
+ {NULL, NULL, NULL} /**< end pointer */
+};
+
+static int
+parse_test_cmac_json_writeback(struct fips_val *val)
+{
+ json_info.json_write_case = json_object();
+ json_object_set(json_info.json_write_case, "tcId",
+ json_object_get(json_info.json_test_case, "tcId"));
+
+ if (info.op == FIPS_TEST_ENC_AUTH_GEN) {
+ struct fips_val tmp_val = {val->val + vec.pt.len,
+ vec.cipher_auth.digest.len};
+
+ writeback_hex_str("", info.one_line_text, &tmp_val);
+ json_object_set_new(json_info.json_write_case, TAG_JSON_STR,
+ json_string(info.one_line_text));
+ } else {
+ if (vec.status == RTE_CRYPTO_OP_STATUS_SUCCESS)
+ json_object_set_new(json_info.json_write_case, POS_NEG_JSON_STR,
+ json_boolean(true));
+ else if (vec.status == RTE_CRYPTO_OP_STATUS_AUTH_FAILED)
+ json_object_set_new(json_info.json_write_case, POS_NEG_JSON_STR,
+ json_boolean(false));
+ }
+
+ return 0;
+}
+
+int
+parse_test_cmac_json_init(void)
+{
+ info.algo = FIPS_TEST_ALGO_AES_CMAC;
+
+ info.parse_writeback = parse_test_cmac_json_writeback;
+ info.callbacks = cmac_tests_json_vectors;
+ info.interim_callbacks = cmac_tests_interim_json_vectors;
+
+ return 0;
+}
+#endif /* RTE_HAS_JANSSON */
+
static int
parse_test_cmac_writeback(struct fips_val *val)
{
--
2.25.1
^ permalink raw reply [flat|nested] 122+ messages in thread
* [v6, 08/11] examples/fips_validation: add parsing for cmac
2022-05-25 17:13 ` [v6, 00/11] Add JSON vector set support to fips validation Gowrishankar Muthukrishnan
` (6 preceding siblings ...)
2022-05-25 17:13 ` [v6, 07/11] examples/fips_validation: implement json cmac test Gowrishankar Muthukrishnan
@ 2022-05-25 17:13 ` Gowrishankar Muthukrishnan
2022-05-25 17:13 ` [v6, 09/11] examples/fips_validation: cleanup bypass tests in response file Gowrishankar Muthukrishnan
` (4 subsequent siblings)
12 siblings, 0 replies; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-25 17:13 UTC (permalink / raw)
To: dev
Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
Archana Muniganti, Jerin Jacob, Brandon Lo,
Gowrishankar Muthukrishnan
From: Brandon Lo <blo@iol.unh.edu>
Added function to parse algorithm for CMAC test.
Signed-off-by: Brandon Lo <blo@iol.unh.edu>
Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
--
v5:
* parser_read_cmac_direction_str implementation moved to static.
---
examples/fips_validation/fips_validation.c | 19 ++++++++++++++++---
examples/fips_validation/main.c | 3 +++
2 files changed, 19 insertions(+), 3 deletions(-)
diff --git a/examples/fips_validation/fips_validation.c b/examples/fips_validation/fips_validation.c
index e8520f59cf..ab4c0d0eca 100644
--- a/examples/fips_validation/fips_validation.c
+++ b/examples/fips_validation/fips_validation.c
@@ -460,6 +460,8 @@ fips_test_parse_one_json_vector_set(void)
info.algo = FIPS_TEST_ALGO_AES_GCM;
if (strstr(algo_str, "HMAC"))
info.algo = FIPS_TEST_ALGO_HMAC;
+ if (strstr(algo_str, "CMAC"))
+ info.algo = FIPS_TEST_ALGO_AES_CMAC;
else
return -EINVAL;
@@ -470,7 +472,6 @@ int
fips_test_parse_one_json_group(void)
{
int ret, i;
- json_int_t val;
json_t *param;
if (info.interim_callbacks) {
@@ -478,8 +479,20 @@ fips_test_parse_one_json_group(void)
for (i = 0; info.interim_callbacks[i].key != NULL; i++) {
param = json_object_get(json_info.json_test_group,
info.interim_callbacks[i].key);
- val = json_integer_value(param);
- snprintf(json_value, 255, "%"JSON_INTEGER_FORMAT, val);
+ switch (json_typeof(param)) {
+ case JSON_STRING:
+ snprintf(json_value, 256, "%s", json_string_value(param));
+ break;
+
+ case JSON_INTEGER:
+ snprintf(json_value, 255, "%"JSON_INTEGER_FORMAT,
+ json_integer_value(param));
+ break;
+
+ default:
+ return -EINVAL;
+ }
+
/* First argument is blank because the key
* is not included in the string being parsed.
*/
diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c
index 261e2c4c99..9df6abf47f 100644
--- a/examples/fips_validation/main.c
+++ b/examples/fips_validation/main.c
@@ -1945,6 +1945,9 @@ fips_test_one_test_group(void)
case FIPS_TEST_ALGO_HMAC:
ret = parse_test_hmac_json_init();
break;
+ case FIPS_TEST_ALGO_AES_CMAC:
+ ret = parse_test_cmac_json_init();
+ break;
default:
return -EINVAL;
}
--
2.25.1
^ permalink raw reply [flat|nested] 122+ messages in thread
* [v6, 09/11] examples/fips_validation: cleanup bypass tests in response file
2022-05-25 17:13 ` [v6, 00/11] Add JSON vector set support to fips validation Gowrishankar Muthukrishnan
` (7 preceding siblings ...)
2022-05-25 17:13 ` [v6, 08/11] examples/fips_validation: add parsing for cmac Gowrishankar Muthukrishnan
@ 2022-05-25 17:13 ` Gowrishankar Muthukrishnan
2022-05-25 17:13 ` [v6, 10/11] examples/fips_validation: reset IV generation in every test group Gowrishankar Muthukrishnan
` (3 subsequent siblings)
12 siblings, 0 replies; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-25 17:13 UTC (permalink / raw)
To: dev
Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
Archana Muniganti, Jerin Jacob, Gowrishankar Muthukrishnan
Remove garbage entries for bypassed tests in response file.
Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
---
examples/fips_validation/main.c | 74 ++++++++++++++++-----------------
1 file changed, 35 insertions(+), 39 deletions(-)
diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c
index 9df6abf47f..e703a111da 100644
--- a/examples/fips_validation/main.c
+++ b/examples/fips_validation/main.c
@@ -804,7 +804,7 @@ prepare_aes_xform(struct rte_crypto_sym_xform *xform)
RTE_LOG(ERR, USER1, "PMD %s key length %u IV length %u\n",
info.device_name, cipher_xform->key.length,
cipher_xform->iv.length);
- return -EPERM;
+ return -ENOTSUP;
}
return 0;
@@ -852,7 +852,7 @@ prepare_tdes_xform(struct rte_crypto_sym_xform *xform)
RTE_LOG(ERR, USER1, "PMD %s key length %u IV length %u\n",
info.device_name, cipher_xform->key.length,
cipher_xform->iv.length);
- return -EPERM;
+ return -ENOTSUP;
}
return 0;
@@ -889,7 +889,7 @@ prepare_hmac_xform(struct rte_crypto_sym_xform *xform)
RTE_LOG(ERR, USER1, "PMD %s key length %u IV length %u\n",
info.device_name, auth_xform->key.length,
auth_xform->digest_length);
- return -EPERM;
+ return -ENOTSUP;
}
return 0;
@@ -935,7 +935,7 @@ prepare_gcm_xform(struct rte_crypto_sym_xform *xform)
aead_xform->digest_length,
aead_xform->aad_length,
aead_xform->iv.length);
- return -EPERM;
+ return -ENOTSUP;
}
return 0;
@@ -980,7 +980,7 @@ prepare_gmac_xform(struct rte_crypto_sym_xform *xform)
info.device_name, auth_xform->key.length,
auth_xform->digest_length,
auth_xform->iv.length);
- return -EPERM;
+ return -ENOTSUP;
}
return 0;
@@ -1018,7 +1018,7 @@ prepare_cmac_xform(struct rte_crypto_sym_xform *xform)
RTE_LOG(ERR, USER1, "PMD %s key length %u IV length %u\n",
info.device_name, auth_xform->key.length,
auth_xform->digest_length);
- return -EPERM;
+ return -ENOTSUP;
}
return 0;
@@ -1064,7 +1064,7 @@ prepare_ccm_xform(struct rte_crypto_sym_xform *xform)
aead_xform->digest_length,
aead_xform->aad_length,
aead_xform->iv.length);
- return -EPERM;
+ return -ENOTSUP;
}
return 0;
@@ -1099,7 +1099,7 @@ prepare_sha_xform(struct rte_crypto_sym_xform *xform)
RTE_LOG(ERR, USER1, "PMD %s key length %u digest length %u\n",
info.device_name, auth_xform->key.length,
auth_xform->digest_length);
- return -EPERM;
+ return -ENOTSUP;
}
return 0;
@@ -1139,7 +1139,7 @@ prepare_xts_xform(struct rte_crypto_sym_xform *xform)
RTE_LOG(ERR, USER1, "PMD %s key length %u IV length %u\n",
info.device_name, cipher_xform->key.length,
cipher_xform->iv.length);
- return -EPERM;
+ return -ENOTSUP;
}
return 0;
@@ -1254,7 +1254,7 @@ fips_generic_test(void)
ret = fips_run_test();
if (ret < 0) {
- if (ret == -EPERM || ret == -ENOTSUP) {
+ if (ret == -ENOTSUP) {
fprintf(info.fp_wr, "Bypass\n\n");
return 0;
}
@@ -1289,7 +1289,7 @@ fips_generic_test(void)
fprintf(info.fp_wr, "\n");
free(val.val);
- return 0;
+ return 1;
}
static int
@@ -1458,7 +1458,7 @@ fips_mct_tdes_test(void)
free(val.val);
- return 0;
+ return 1;
}
static int
@@ -1537,7 +1537,7 @@ fips_mct_aes_ecb_test(void)
free(val.val);
- return 0;
+ return 1;
}
static int
fips_mct_aes_test(void)
@@ -1645,7 +1645,7 @@ fips_mct_aes_test(void)
free(val.val);
- return 0;
+ return 1;
}
static int
@@ -1731,7 +1731,7 @@ fips_mct_sha_test(void)
free(val.val);
- return 0;
+ return 1;
}
@@ -1846,18 +1846,15 @@ fips_test_one_file(void)
}
ret = fips_test_parse_one_case();
- switch (ret) {
- case 0:
- ret = test_ops.test();
- if (ret == 0)
- break;
- RTE_LOG(ERR, USER1, "Error %i: test block\n",
+ if (ret < 0) {
+ RTE_LOG(ERR, USER1, "Error %i: Parse block\n",
ret);
goto error_one_case;
- case 1:
- break;
- default:
- RTE_LOG(ERR, USER1, "Error %i: Parse block\n",
+ }
+
+ ret = test_ops.test();
+ if (ret < 0) {
+ RTE_LOG(ERR, USER1, "Error %i: test block\n",
ret);
goto error_one_case;
}
@@ -1907,22 +1904,21 @@ fips_test_one_test_case(void)
int ret;
ret = fips_test_parse_one_json_case();
+ if (ret < 0) {
+ RTE_LOG(ERR, USER1, "Error %i: Parse block\n",
+ ret);
+ goto exit;
+ }
- switch (ret) {
- case 0:
- ret = test_ops.test();
- if (ret == 0)
- break;
+ ret = test_ops.test();
+ if (ret < 0) {
RTE_LOG(ERR, USER1, "Error %i: test block\n",
ret);
- break;
- case 1:
- break;
- default:
- RTE_LOG(ERR, USER1, "Error %i: Parse block\n",
- ret);
+ goto exit;
}
- return 0;
+
+exit:
+ return ret;
}
static int
@@ -1967,8 +1963,8 @@ fips_test_one_test_group(void)
tests_size = json_array_size(tests);
for (test_idx = 0; test_idx < tests_size; test_idx++) {
json_info.json_test_case = json_array_get(tests, test_idx);
- fips_test_one_test_case();
- json_array_append_new(write_tests, json_info.json_write_case);
+ if (fips_test_one_test_case() > 0)
+ json_array_append_new(write_tests, json_info.json_write_case);
}
return 0;
--
2.25.1
^ permalink raw reply [flat|nested] 122+ messages in thread
* [v6, 10/11] examples/fips_validation: reset IV generation in every test group
2022-05-25 17:13 ` [v6, 00/11] Add JSON vector set support to fips validation Gowrishankar Muthukrishnan
` (8 preceding siblings ...)
2022-05-25 17:13 ` [v6, 09/11] examples/fips_validation: cleanup bypass tests in response file Gowrishankar Muthukrishnan
@ 2022-05-25 17:13 ` Gowrishankar Muthukrishnan
2022-05-25 17:13 ` [v6, 11/11] examples/fips_validation: add parsing for aes_cbc Gowrishankar Muthukrishnan
` (2 subsequent siblings)
12 siblings, 0 replies; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-25 17:13 UTC (permalink / raw)
To: dev
Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
Archana Muniganti, Jerin Jacob, Gowrishankar Muthukrishnan
Reset IV generation in every test group.
Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
---
examples/fips_validation/fips_validation_gcm.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/examples/fips_validation/fips_validation_gcm.c b/examples/fips_validation/fips_validation_gcm.c
index 3604b21f13..7e89f2a6b2 100644
--- a/examples/fips_validation/fips_validation_gcm.c
+++ b/examples/fips_validation/fips_validation_gcm.c
@@ -344,6 +344,7 @@ parse_test_gcm_json_init(void)
direction_obj = json_object_get(json_info.json_test_group, DIR_JSON_STR);
direction_str = json_string_value(direction_obj);
+ info.interim_info.gcm_data.gen_iv = 0;
if (strcmp(direction_str, OP_ENC_JSON_STR) == 0) {
json_t *ivGen_obj = json_object_get(json_info.json_test_group, IVGEN_JSON_STR);
--
2.25.1
^ permalink raw reply [flat|nested] 122+ messages in thread
* [v6, 11/11] examples/fips_validation: add parsing for aes_cbc
2022-05-25 17:13 ` [v6, 00/11] Add JSON vector set support to fips validation Gowrishankar Muthukrishnan
` (9 preceding siblings ...)
2022-05-25 17:13 ` [v6, 10/11] examples/fips_validation: reset IV generation in every test group Gowrishankar Muthukrishnan
@ 2022-05-25 17:13 ` Gowrishankar Muthukrishnan
2022-05-26 6:46 ` [EXT] [v6, 00/11] Add JSON vector set support to fips validation Akhil Goyal
2022-05-26 8:02 ` [v7, " Gowrishankar Muthukrishnan
12 siblings, 0 replies; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-25 17:13 UTC (permalink / raw)
To: dev
Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
Archana Muniganti, Jerin Jacob, Gowrishankar Muthukrishnan
Added function to parse algorithm for AES_CBC test.
Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
--
v6:
* fixed local variable initialization in fips_mct_aes_test.
---
examples/fips_validation/fips_validation.c | 8 +-
examples/fips_validation/fips_validation.h | 4 +
.../fips_validation/fips_validation_aes.c | 223 ++++++++++++++++++
examples/fips_validation/main.c | 76 ++++--
4 files changed, 284 insertions(+), 27 deletions(-)
diff --git a/examples/fips_validation/fips_validation.c b/examples/fips_validation/fips_validation.c
index ab4c0d0eca..8cec172a5f 100644
--- a/examples/fips_validation/fips_validation.c
+++ b/examples/fips_validation/fips_validation.c
@@ -120,7 +120,7 @@ fips_test_parse_header(void)
for (i = 0; i < info.nb_vec_lines; i++) {
if (!algo_parsed) {
- if (strstr(info.vec[i], "AESVS")) {
+ if (strstr(info.vec[i], "AES")) {
algo_parsed = 1;
info.algo = FIPS_TEST_ALGO_AES;
ret = parse_test_aes_init();
@@ -458,10 +458,12 @@ fips_test_parse_one_json_vector_set(void)
/* Vector sets contain the algorithm type, and nothing else we need. */
if (strstr(algo_str, "AES-GCM"))
info.algo = FIPS_TEST_ALGO_AES_GCM;
- if (strstr(algo_str, "HMAC"))
+ else if (strstr(algo_str, "HMAC"))
info.algo = FIPS_TEST_ALGO_HMAC;
- if (strstr(algo_str, "CMAC"))
+ else if (strstr(algo_str, "CMAC"))
info.algo = FIPS_TEST_ALGO_AES_CMAC;
+ else if (strstr(algo_str, "AES-CBC"))
+ info.algo = FIPS_TEST_ALGO_AES;
else
return -EINVAL;
diff --git a/examples/fips_validation/fips_validation.h b/examples/fips_validation/fips_validation.h
index 88cbb0303e..6385ec4d8d 100644
--- a/examples/fips_validation/fips_validation.h
+++ b/examples/fips_validation/fips_validation.h
@@ -103,6 +103,7 @@ enum fips_aesavs_test_types {
AESAVS_TYPE_VARTXT,
AESAVS_TYPE_MMT,
AESAVS_TYPE_MCT,
+ AESAVS_TYPE_AFT,
};
enum fips_tdes_test_types {
@@ -262,6 +263,9 @@ parse_test_hmac_json_algorithm(void);
int
parse_test_cmac_json_init(void);
+
+int
+parse_test_aes_json_init(void);
#endif /* RTE_HAS_JANSSON */
int
diff --git a/examples/fips_validation/fips_validation_aes.c b/examples/fips_validation/fips_validation_aes.c
index b3c5e31f32..0b7b9c0849 100644
--- a/examples/fips_validation/fips_validation_aes.c
+++ b/examples/fips_validation/fips_validation_aes.c
@@ -7,6 +7,7 @@
#include <stdio.h>
#include <rte_cryptodev.h>
+#include <rte_malloc.h>
#include "fips_validation.h"
@@ -25,6 +26,19 @@
#define OP_ENC_STR "ENCRYPT"
#define OP_DEC_STR "DECRYPT"
+#define ALGO_JSON_STR "algorithm"
+#define TESTTYPE_JSON_STR "testType"
+#define DIR_JSON_STR "direction"
+#define KEYLEN_JSON_STR "keyLen"
+
+#define KEY_JSON_STR "key"
+#define IV_JSON_STR "iv"
+#define PT_JSON_STR "pt"
+#define CT_JSON_STR "ct"
+
+#define OP_ENC_JSON_STR "encrypt"
+#define OP_DEC_JSON_STR "decrypt"
+
struct {
uint32_t type;
const char *desc;
@@ -37,6 +51,7 @@ struct {
{TDES_VARIABLE_TEXT, "KAT"},
{AESAVS_TYPE_MMT, "MMT"},
{AESAVS_TYPE_MCT, "MCT"},
+ {AESAVS_TYPE_AFT, "AFT"},
};
struct aes_test_algo {
@@ -92,6 +107,214 @@ struct fips_test_callback aes_writeback_callbacks[] = {
{NULL, NULL, NULL} /**< end pointer */
};
+#ifdef RTE_HAS_JANSSON
+struct fips_test_callback aes_dec_json_vectors[] = {
+ {KEY_JSON_STR, parse_uint8_known_len_hex_str, &vec.cipher_auth.key},
+ {IV_JSON_STR, parse_uint8_hex_str, &vec.iv},
+ {CT_JSON_STR, parse_uint8_hex_str, &vec.ct},
+ {NULL, NULL, NULL} /**< end pointer */
+};
+
+struct fips_test_callback aes_interim_json_vectors[] = {
+ {KEYLEN_JSON_STR, parser_read_uint32_bit_val, &vec.cipher_auth.key},
+ {NULL, NULL, NULL} /**< end pointer */
+};
+
+struct fips_test_callback aes_enc_json_vectors[] = {
+ {KEY_JSON_STR, parse_uint8_known_len_hex_str, &vec.cipher_auth.key},
+ {IV_JSON_STR, parse_uint8_hex_str, &vec.iv},
+ {PT_JSON_STR, parse_uint8_hex_str, &vec.pt},
+ {NULL, NULL, NULL} /**< end pointer */
+};
+
+static int
+parse_test_aes_json_writeback(struct fips_val *val)
+{
+ struct fips_val tmp_val;
+ json_t *tcId;
+
+ tcId = json_object_get(json_info.json_test_case, "tcId");
+
+ json_info.json_write_case = json_object();
+ json_object_set(json_info.json_write_case, "tcId", tcId);
+
+ if (info.op == FIPS_TEST_ENC_AUTH_GEN) {
+ json_t *ct;
+
+ tmp_val.val = val->val;
+ tmp_val.len = vec.pt.len;
+
+ writeback_hex_str("", info.one_line_text, &tmp_val);
+ ct = json_string(info.one_line_text);
+ json_object_set_new(json_info.json_write_case, CT_JSON_STR, ct);
+
+ tmp_val.val = val->val + vec.pt.len;
+ tmp_val.len = val->len - vec.pt.len;
+
+ writeback_hex_str("", info.one_line_text, &tmp_val);
+ } else {
+ if (vec.status == RTE_CRYPTO_OP_STATUS_SUCCESS) {
+ tmp_val.val = val->val;
+ tmp_val.len = vec.ct.len;
+
+ writeback_hex_str("", info.one_line_text, &tmp_val);
+ json_object_set_new(json_info.json_write_case, PT_JSON_STR,
+ json_string(info.one_line_text));
+ } else {
+ json_object_set_new(json_info.json_write_case, "testPassed", json_false());
+ }
+ }
+
+ return 0;
+}
+
+static int
+parse_test_aes_mct_json_writeback(struct fips_val *val)
+{
+ json_t *tcId, *resArr, *res, *ct, *pt, *key, *iv;
+ struct fips_val tmp_val;
+
+ tcId = json_object_get(json_info.json_test_case, "tcId");
+ if (json_info.json_write_case) {
+ json_t *wcId;
+
+ wcId = json_object_get(json_info.json_write_case, "tcId");
+ if (!json_equal(tcId, wcId)) {
+ json_info.json_write_case = json_object();
+ json_object_set(json_info.json_write_case, "tcId", tcId);
+ json_object_set(json_info.json_write_case, "resultsArray", json_array());
+ }
+ } else {
+ json_info.json_write_case = json_object();
+ json_object_set(json_info.json_write_case, "tcId", tcId);
+ json_object_set(json_info.json_write_case, "resultsArray", json_array());
+ }
+
+ resArr = json_object_get(json_info.json_write_case, "resultsArray");
+ if (!json_is_array(resArr))
+ return -EINVAL;
+
+ res = json_object();
+ if (info .op == FIPS_TEST_ENC_AUTH_GEN) {
+ writeback_hex_str("", info.one_line_text, &vec.cipher_auth.key);
+ key = json_string(info.one_line_text);
+ json_object_set_new(res, KEY_JSON_STR, key);
+
+ writeback_hex_str("", info.one_line_text, &val[2]);
+ iv = json_string(info.one_line_text);
+ json_object_set_new(res, IV_JSON_STR, iv);
+
+ writeback_hex_str("", info.one_line_text, &val[1]);
+ pt = json_string(info.one_line_text);
+ json_object_set_new(res, PT_JSON_STR, pt);
+
+ tmp_val.val = val->val;
+ tmp_val.len = vec.pt.len;
+
+ writeback_hex_str("", info.one_line_text, &tmp_val);
+ ct = json_string(info.one_line_text);
+ json_object_set_new(res, CT_JSON_STR, ct);
+
+ tmp_val.val = val->val + vec.pt.len;
+ tmp_val.len = val->len - vec.pt.len;
+
+ writeback_hex_str("", info.one_line_text, &tmp_val);
+ } else {
+ if (vec.status == RTE_CRYPTO_OP_STATUS_SUCCESS) {
+ writeback_hex_str("", info.one_line_text, &vec.cipher_auth.key);
+ key = json_string(info.one_line_text);
+ json_object_set_new(res, KEY_JSON_STR, key);
+
+ writeback_hex_str("", info.one_line_text, &val[2]);
+ iv = json_string(info.one_line_text);
+ json_object_set_new(res, IV_JSON_STR, iv);
+
+ tmp_val.val = val->val;
+ tmp_val.len = vec.ct.len;
+
+ writeback_hex_str("", info.one_line_text, &tmp_val);
+ pt = json_string(info.one_line_text);
+ json_object_set_new(res, PT_JSON_STR, pt);
+
+ writeback_hex_str("", info.one_line_text, &val[1]);
+ ct = json_string(info.one_line_text);
+ json_object_set_new(res, CT_JSON_STR, ct);
+ } else {
+ json_object_set_new(json_info.json_write_case, "testPassed", json_false());
+ }
+ }
+
+ json_array_append(resArr, res);
+ return 0;
+}
+
+int
+parse_test_aes_json_init(void)
+{
+ json_t *type_obj = json_object_get(json_info.json_test_group, TESTTYPE_JSON_STR);
+ json_t *algo_obj = json_object_get(json_info.json_vector_set, ALGO_JSON_STR);
+ const char *type_str = json_string_value(type_obj);
+ const char *algo_str = json_string_value(algo_obj);
+ uint32_t i;
+
+ if (json_info.json_test_group) {
+ json_t *direction_obj;
+ const char *direction_str;
+
+ direction_obj = json_object_get(json_info.json_test_group, DIR_JSON_STR);
+ direction_str = json_string_value(direction_obj);
+
+ if (strcmp(direction_str, OP_ENC_JSON_STR) == 0) {
+ info.op = FIPS_TEST_ENC_AUTH_GEN;
+ info.callbacks = aes_enc_json_vectors;
+
+ } else if (strcmp(direction_str, OP_DEC_JSON_STR) == 0) {
+ info.op = FIPS_TEST_DEC_AUTH_VERIF;
+ info.callbacks = aes_dec_json_vectors;
+ } else {
+ return -EINVAL;
+ }
+ info.interim_callbacks = aes_interim_json_vectors;
+ }
+
+ for (i = 0; i < RTE_DIM(aes_test_types); i++)
+ if (strstr(type_str, aes_test_types[i].desc)) {
+ info.interim_info.aes_data.test_type =
+ aes_test_types[i].type;
+ break;
+ }
+
+ if (i >= RTE_DIM(aes_test_types))
+ return -EINVAL;
+
+ switch (info.interim_info.aes_data.test_type) {
+ case AESAVS_TYPE_MCT:
+ info.parse_writeback = parse_test_aes_mct_json_writeback;
+ break;
+ case AESAVS_TYPE_AFT:
+ info.parse_writeback = parse_test_aes_json_writeback;
+ break;
+ default:
+ info.parse_writeback = NULL;
+ }
+
+ if (!info.parse_writeback)
+ return -EINVAL;
+
+ for (i = 0; i < RTE_DIM(algo_con); i++)
+ if (strstr(algo_str, algo_con[i].name)) {
+ info.interim_info.aes_data.cipher_algo =
+ (uint32_t)algo_con[i].algo;
+ break;
+ }
+
+ if (i >= RTE_DIM(algo_con))
+ return -EINVAL;
+
+ return 0;
+}
+#endif /* RTE_HAS_JANSSON */
+
static int
parse_test_aes_writeback(struct fips_val *val)
{
diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c
index e703a111da..a74a38e1ae 100644
--- a/examples/fips_validation/main.c
+++ b/examples/fips_validation/main.c
@@ -1545,7 +1545,7 @@ fips_mct_aes_test(void)
#define AES_BLOCK_SIZE 16
#define AES_EXTERN_ITER 100
#define AES_INTERN_ITER 1000
- struct fips_val val = {NULL, 0}, val_key;
+ struct fips_val val[3] = {{NULL, 0},}, val_key, pt, ct, iv;
uint8_t prev_out[AES_BLOCK_SIZE] = {0};
uint8_t prev_in[AES_BLOCK_SIZE] = {0};
uint32_t i, j, k;
@@ -1554,11 +1554,16 @@ fips_mct_aes_test(void)
if (info.interim_info.aes_data.cipher_algo == RTE_CRYPTO_CIPHER_AES_ECB)
return fips_mct_aes_ecb_test();
+ memset(&pt, 0, sizeof(struct fips_val));
+ memset(&ct, 0, sizeof(struct fips_val));
+ memset(&iv, 0, sizeof(struct fips_val));
for (i = 0; i < AES_EXTERN_ITER; i++) {
- if (i != 0)
- update_info_vec(i);
+ if (info.file_type != FIPS_TYPE_JSON) {
+ if (i != 0)
+ update_info_vec(i);
- fips_test_write_one_case();
+ fips_test_write_one_case();
+ }
for (j = 0; j < AES_INTERN_ITER; j++) {
ret = fips_run_test();
@@ -1571,7 +1576,7 @@ fips_mct_aes_test(void)
return ret;
}
- ret = get_writeback_data(&val);
+ ret = get_writeback_data(&val[0]);
if (ret < 0)
return ret;
@@ -1579,24 +1584,39 @@ fips_mct_aes_test(void)
memcpy(prev_in, vec.ct.val, AES_BLOCK_SIZE);
if (j == 0) {
- memcpy(prev_out, val.val, AES_BLOCK_SIZE);
+ memcpy(prev_out, val[0].val, AES_BLOCK_SIZE);
+ pt.len = vec.pt.len;
+ pt.val = calloc(1, pt.len);
+ memcpy(pt.val, vec.pt.val, pt.len);
+
+ ct.len = vec.ct.len;
+ ct.val = calloc(1, ct.len);
+ memcpy(ct.val, vec.ct.val, ct.len);
+
+ iv.len = vec.iv.len;
+ iv.val = calloc(1, iv.len);
+ memcpy(iv.val, vec.iv.val, iv.len);
if (info.op == FIPS_TEST_ENC_AUTH_GEN) {
- memcpy(vec.pt.val, vec.iv.val,
- AES_BLOCK_SIZE);
- memcpy(vec.iv.val, val.val,
- AES_BLOCK_SIZE);
+ memcpy(vec.pt.val, vec.iv.val, AES_BLOCK_SIZE);
+ memcpy(vec.iv.val, val[0].val, AES_BLOCK_SIZE);
+ val[1].val = pt.val;
+ val[1].len = pt.len;
+ val[2].val = iv.val;
+ val[2].len = iv.len;
} else {
- memcpy(vec.ct.val, vec.iv.val,
- AES_BLOCK_SIZE);
- memcpy(vec.iv.val, prev_in,
- AES_BLOCK_SIZE);
+ memcpy(vec.ct.val, vec.iv.val, AES_BLOCK_SIZE);
+ memcpy(vec.iv.val, prev_in, AES_BLOCK_SIZE);
+ val[1].val = ct.val;
+ val[1].len = ct.len;
+ val[2].val = iv.val;
+ val[2].len = iv.len;
}
continue;
}
if (info.op == FIPS_TEST_ENC_AUTH_GEN) {
- memcpy(vec.iv.val, val.val, AES_BLOCK_SIZE);
+ memcpy(vec.iv.val, val[0].val, AES_BLOCK_SIZE);
memcpy(vec.pt.val, prev_out, AES_BLOCK_SIZE);
} else {
memcpy(vec.iv.val, prev_in, AES_BLOCK_SIZE);
@@ -1606,33 +1626,38 @@ fips_mct_aes_test(void)
if (j == AES_INTERN_ITER - 1)
continue;
- memcpy(prev_out, val.val, AES_BLOCK_SIZE);
+ memcpy(prev_out, val[0].val, AES_BLOCK_SIZE);
}
- info.parse_writeback(&val);
- fprintf(info.fp_wr, "\n");
+ info.parse_writeback(val);
+ if (info.file_type != FIPS_TYPE_JSON)
+ fprintf(info.fp_wr, "\n");
- if (i == AES_EXTERN_ITER - 1)
+ if (i == AES_EXTERN_ITER - 1) {
+ free(pt.val);
+ free(ct.val);
+ free(iv.val);
continue;
+ }
/** update key */
memcpy(&val_key, &vec.cipher_auth.key, sizeof(val_key));
for (k = 0; k < vec.cipher_auth.key.len; k++) {
switch (vec.cipher_auth.key.len) {
case 16:
- val_key.val[k] ^= val.val[k];
+ val_key.val[k] ^= val[0].val[k];
break;
case 24:
if (k < 8)
val_key.val[k] ^= prev_out[k + 8];
else
- val_key.val[k] ^= val.val[k - 8];
+ val_key.val[k] ^= val[0].val[k - 8];
break;
case 32:
if (k < 16)
val_key.val[k] ^= prev_out[k];
else
- val_key.val[k] ^= val.val[k - 16];
+ val_key.val[k] ^= val[0].val[k - 16];
break;
default:
return -1;
@@ -1640,10 +1665,10 @@ fips_mct_aes_test(void)
}
if (info.op == FIPS_TEST_DEC_AUTH_VERIF)
- memcpy(vec.iv.val, val.val, AES_BLOCK_SIZE);
+ memcpy(vec.iv.val, val[0].val, AES_BLOCK_SIZE);
}
- free(val.val);
+ free(val[0].val);
return 1;
}
@@ -1944,6 +1969,9 @@ fips_test_one_test_group(void)
case FIPS_TEST_ALGO_AES_CMAC:
ret = parse_test_cmac_json_init();
break;
+ case FIPS_TEST_ALGO_AES:
+ ret = parse_test_aes_json_init();
+ break;
default:
return -EINVAL;
}
--
2.25.1
^ permalink raw reply [flat|nested] 122+ messages in thread
* RE: [EXT] [v6, 00/11] Add JSON vector set support to fips validation
2022-05-25 17:13 ` [v6, 00/11] Add JSON vector set support to fips validation Gowrishankar Muthukrishnan
` (10 preceding siblings ...)
2022-05-25 17:13 ` [v6, 11/11] examples/fips_validation: add parsing for aes_cbc Gowrishankar Muthukrishnan
@ 2022-05-26 6:46 ` Akhil Goyal
2022-05-26 8:02 ` [v7, " Gowrishankar Muthukrishnan
12 siblings, 0 replies; 122+ messages in thread
From: Akhil Goyal @ 2022-05-26 6:46 UTC (permalink / raw)
To: Gowrishankar Muthukrishnan, dev
Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
Archana Muniganti, Jerin Jacob Kollanukkaran,
Gowrishankar Muthukrishnan
> Adds a very basic introduction to JSON vector sets in
> the fips validation example application. This patch set
> will only introduce the AES-GCM test using a JSON request
> file because the other algorithms need more information
> than what is given in the new JSON format.
>
> v6:
> * CI centos platform fix.
Series Acked-by: Akhil Goyal <gakhil@marvell.com>
^ permalink raw reply [flat|nested] 122+ messages in thread
* [v7, 00/11] Add JSON vector set support to fips validation
2022-05-25 17:13 ` [v6, 00/11] Add JSON vector set support to fips validation Gowrishankar Muthukrishnan
` (11 preceding siblings ...)
2022-05-26 6:46 ` [EXT] [v6, 00/11] Add JSON vector set support to fips validation Akhil Goyal
@ 2022-05-26 8:02 ` Gowrishankar Muthukrishnan
2022-05-26 8:02 ` [v7, 01/11] examples/fips_validation: add jansson dependency Gowrishankar Muthukrishnan
` (11 more replies)
12 siblings, 12 replies; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-26 8:02 UTC (permalink / raw)
To: dev
Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
Archana Muniganti, Jerin Jacob, Gowrishankar Muthukrishnan
Adds a very basic introduction to JSON vector sets in
the fips validation example application. This patch set
will only introduce the AES-GCM test using a JSON request
file because the other algorithms need more information
than what is given in the new JSON format.
v7:
* Fixed individual patches to build correctly.
v6:
* CI centos platform fix.
v5:
* AES_CBC support appended in series.
Brandon Lo (8):
examples/fips_validation: add jansson dependency
examples/fips_validation: add json info to header
examples/fips_validation: add json parsing
examples/fips_validation: allow json file as input
examples/fips_validation: add json to gcm test
examples/fips_validation: add json to hmac
examples/fips_validation: implement json cmac test
examples/fips_validation: add parsing for cmac
Gowrishankar Muthukrishnan (3):
examples/fips_validation: cleanup bypass tests in response file
examples/fips_validation: reset IV generation in every test group
examples/fips_validation: add parsing for aes_cbc
examples/fips_validation/fips_validation.c | 117 ++++++-
examples/fips_validation/fips_validation.h | 64 +++-
.../fips_validation/fips_validation_aes.c | 223 ++++++++++++
.../fips_validation/fips_validation_cmac.c | 80 +++++
.../fips_validation/fips_validation_gcm.c | 152 +++++++-
.../fips_validation/fips_validation_hmac.c | 93 +++++
examples/fips_validation/main.c | 328 +++++++++++++++---
examples/fips_validation/meson.build | 4 +
8 files changed, 1000 insertions(+), 61 deletions(-)
--
2.25.1
^ permalink raw reply [flat|nested] 122+ messages in thread
* [v7, 01/11] examples/fips_validation: add jansson dependency
2022-05-26 8:02 ` [v7, " Gowrishankar Muthukrishnan
@ 2022-05-26 8:02 ` Gowrishankar Muthukrishnan
2022-05-26 9:46 ` Zhang, Roy Fan
2022-05-26 8:02 ` [v7, 02/11] examples/fips_validation: add json info to header Gowrishankar Muthukrishnan
` (10 subsequent siblings)
11 siblings, 1 reply; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-26 8:02 UTC (permalink / raw)
To: dev
Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
Archana Muniganti, Jerin Jacob, Brandon Lo
From: Brandon Lo <blo@iol.unh.edu>
Added a check for RTE_HAS_JANSSON into the meson
configuration file for JSON support.
Signed-off-by: Brandon Lo <blo@iol.unh.edu>
---
examples/fips_validation/meson.build | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/examples/fips_validation/meson.build b/examples/fips_validation/meson.build
index 7eef456318..8cd63066b5 100644
--- a/examples/fips_validation/meson.build
+++ b/examples/fips_validation/meson.build
@@ -21,3 +21,7 @@ sources = files(
'fips_dev_self_test.c',
'main.c',
)
+
+if dpdk_conf.has('RTE_HAS_JANSSON')
+ ext_deps += jansson_dep
+endif
--
2.25.1
^ permalink raw reply [flat|nested] 122+ messages in thread
* RE: [v7, 01/11] examples/fips_validation: add jansson dependency
2022-05-26 8:02 ` [v7, 01/11] examples/fips_validation: add jansson dependency Gowrishankar Muthukrishnan
@ 2022-05-26 9:46 ` Zhang, Roy Fan
0 siblings, 0 replies; 122+ messages in thread
From: Zhang, Roy Fan @ 2022-05-26 9:46 UTC (permalink / raw)
To: Gowrishankar Muthukrishnan, dev
Cc: Dooley, Brian, lylavoie, Anoob Joseph, Archana Muniganti,
Jerin Jacob, Brandon Lo
> -----Original Message-----
> From: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
> Sent: Thursday, May 26, 2022 9:02 AM
> To: dev@dpdk.org
> Cc: Zhang, Roy Fan <roy.fan.zhang@intel.com>; Dooley, Brian
> <brian.dooley@intel.com>; lylavoie@iol.unh.edu; Anoob Joseph
> <anoobj@marvell.com>; Archana Muniganti <marchana@marvell.com>;
> Jerin Jacob <jerinj@marvell.com>; Brandon Lo <blo@iol.unh.edu>
> Subject: [v7, 01/11] examples/fips_validation: add jansson dependency
>
> From: Brandon Lo <blo@iol.unh.edu>
>
> Added a check for RTE_HAS_JANSSON into the meson
> configuration file for JSON support.
>
> Signed-off-by: Brandon Lo <blo@iol.unh.edu>
> ---
> examples/fips_validation/meson.build | 4 ++++
> 1 file changed, 4 insertions(+)
>
> diff --git a/examples/fips_validation/meson.build
> b/examples/fips_validation/meson.build
> index 7eef456318..8cd63066b5 100644
> --- a/examples/fips_validation/meson.build
> +++ b/examples/fips_validation/meson.build
> @@ -21,3 +21,7 @@ sources = files(
> 'fips_dev_self_test.c',
> 'main.c',
> )
> +
> +if dpdk_conf.has('RTE_HAS_JANSSON')
> + ext_deps += jansson_dep
> +endif
> --
> 2.25.1
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
^ permalink raw reply [flat|nested] 122+ messages in thread
* [v7, 02/11] examples/fips_validation: add json info to header
2022-05-26 8:02 ` [v7, " Gowrishankar Muthukrishnan
2022-05-26 8:02 ` [v7, 01/11] examples/fips_validation: add jansson dependency Gowrishankar Muthukrishnan
@ 2022-05-26 8:02 ` Gowrishankar Muthukrishnan
2022-05-26 9:46 ` Zhang, Roy Fan
2022-05-26 8:02 ` [v7, 03/11] examples/fips_validation: add json parsing Gowrishankar Muthukrishnan
` (9 subsequent siblings)
11 siblings, 1 reply; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-26 8:02 UTC (permalink / raw)
To: dev
Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
Archana Muniganti, Jerin Jacob, Brandon Lo,
Gowrishankar Muthukrishnan
From: Brandon Lo <blo@iol.unh.edu>
Added json-specific functions and other information needed to
test the new FIPS test vectors.
Signed-off-by: Brandon Lo <blo@iol.unh.edu>
Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
---
v7:
* fix switch clause for info.file_type.
v5:
* fix typo in macro name for prefixes.
v2:
* fix type of prefix to suffix
---
examples/fips_validation/fips_validation.c | 6 +--
examples/fips_validation/fips_validation.h | 48 ++++++++++++++++++++--
examples/fips_validation/main.c | 2 +
3 files changed, 49 insertions(+), 7 deletions(-)
diff --git a/examples/fips_validation/fips_validation.c b/examples/fips_validation/fips_validation.c
index 94253eaee8..38c99b291c 100644
--- a/examples/fips_validation/fips_validation.c
+++ b/examples/fips_validation/fips_validation.c
@@ -270,11 +270,11 @@ parse_file_type(const char *path)
{
const char *tmp = path + strlen(path) - 3;
- if (strstr(tmp, REQ_FILE_PERFIX))
+ if (strstr(tmp, REQ_FILE_PREFIX))
info.file_type = FIPS_TYPE_REQ;
- else if (strstr(tmp, RSP_FILE_PERFIX))
+ else if (strstr(tmp, RSP_FILE_PREFIX))
info.file_type = FIPS_TYPE_RSP;
- else if (strstr(path, FAX_FILE_PERFIX))
+ else if (strstr(path, FAX_FILE_PREFIX))
info.file_type = FIPS_TYPE_FAX;
else
return -EINVAL;
diff --git a/examples/fips_validation/fips_validation.h b/examples/fips_validation/fips_validation.h
index aaadf01ba8..a1c83a9a6a 100644
--- a/examples/fips_validation/fips_validation.h
+++ b/examples/fips_validation/fips_validation.h
@@ -5,6 +5,10 @@
#ifndef _FIPS_VALIDATION_H_
#define _FIPS_VALIDATION_H_
+#ifdef RTE_HAS_JANSSON
+#include <jansson.h>
+#endif /* RTE_HAS_JANSSON */
+
#define FIPS_PARSE_ERR(fmt, args) \
RTE_LOG(ERR, USER1, "FIPS parse error" ## fmt ## "\n", ## args)
@@ -21,9 +25,12 @@
#define POSITIVE_TEST 0
#define NEGATIVE_TEST -1
-#define REQ_FILE_PERFIX "req"
-#define RSP_FILE_PERFIX "rsp"
-#define FAX_FILE_PERFIX "fax"
+#define REQ_FILE_PREFIX "req"
+#define RSP_FILE_PREFIX "rsp"
+#define FAX_FILE_PREFIX "fax"
+#define JSON_FILE_PREFIX "json"
+
+#define ACVVERSION "1.0"
enum fips_test_algorithms {
FIPS_TEST_ALGO_AES = 0,
@@ -40,7 +47,8 @@ enum fips_test_algorithms {
enum file_types {
FIPS_TYPE_REQ = 1,
FIPS_TYPE_FAX,
- FIPS_TYPE_RSP
+ FIPS_TYPE_RSP,
+ FIPS_TYPE_JSON,
};
enum fips_test_op {
@@ -161,6 +169,23 @@ struct gcm_interim_data {
uint8_t gen_iv;
};
+#ifdef RTE_HAS_JANSSON
+struct fips_test_json_info {
+ /* Information used for reading from json */
+ json_t *json_root;
+ json_t *json_vector_set;
+ json_t *json_test_group;
+ json_t *json_test_case;
+ /* Location of json write output */
+ json_t *json_write_root;
+ json_t *json_write_group;
+ json_t *json_write_set;
+ json_t *json_write_case;
+ /* Other info */
+ uint8_t is_sample;
+};
+#endif /* RTE_HAS_JANSSON */
+
struct fips_test_interim_info {
FILE *fp_rd;
FILE *fp_wr;
@@ -196,6 +221,10 @@ struct fips_test_interim_info {
extern struct fips_test_vector vec;
extern struct fips_test_interim_info info;
+#ifdef RTE_HAS_JANSSON
+extern struct fips_test_json_info json_info;
+#endif /* RTE_HAS_JANSSON */
+
int
fips_test_init(const char *req_file_path, const char *rsp_file_path,
const char *device_name);
@@ -212,6 +241,17 @@ fips_test_parse_one_case(void);
void
fips_test_write_one_case(void);
+#ifdef RTE_HAS_JANSSON
+int
+fips_test_parse_one_json_vector_set(void);
+
+int
+fips_test_parse_one_json_group(void);
+
+int
+fips_test_parse_one_json_case(void);
+#endif /* RTE_HAS_JANSSON */
+
int
parse_test_aes_init(void);
diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c
index e06ae37567..554d74cda0 100644
--- a/examples/fips_validation/main.c
+++ b/examples/fips_validation/main.c
@@ -1251,6 +1251,8 @@ fips_generic_test(void)
if (ret < 0)
return ret;
break;
+ default:
+ break;
}
fprintf(info.fp_wr, "\n");
--
2.25.1
^ permalink raw reply [flat|nested] 122+ messages in thread
* RE: [v7, 02/11] examples/fips_validation: add json info to header
2022-05-26 8:02 ` [v7, 02/11] examples/fips_validation: add json info to header Gowrishankar Muthukrishnan
@ 2022-05-26 9:46 ` Zhang, Roy Fan
0 siblings, 0 replies; 122+ messages in thread
From: Zhang, Roy Fan @ 2022-05-26 9:46 UTC (permalink / raw)
To: Gowrishankar Muthukrishnan, dev
Cc: Dooley, Brian, lylavoie, Anoob Joseph, Archana Muniganti,
Jerin Jacob, Brandon Lo
> -----Original Message-----
> From: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
> Sent: Thursday, May 26, 2022 9:02 AM
> To: dev@dpdk.org
> Cc: Zhang, Roy Fan <roy.fan.zhang@intel.com>; Dooley, Brian
> <brian.dooley@intel.com>; lylavoie@iol.unh.edu; Anoob Joseph
> <anoobj@marvell.com>; Archana Muniganti <marchana@marvell.com>;
> Jerin Jacob <jerinj@marvell.com>; Brandon Lo <blo@iol.unh.edu>;
> Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
> Subject: [v7, 02/11] examples/fips_validation: add json info to header
>
> From: Brandon Lo <blo@iol.unh.edu>
>
> Added json-specific functions and other information needed to
> test the new FIPS test vectors.
>
> Signed-off-by: Brandon Lo <blo@iol.unh.edu>
> Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
> ---
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
^ permalink raw reply [flat|nested] 122+ messages in thread
* [v7, 03/11] examples/fips_validation: add json parsing
2022-05-26 8:02 ` [v7, " Gowrishankar Muthukrishnan
2022-05-26 8:02 ` [v7, 01/11] examples/fips_validation: add jansson dependency Gowrishankar Muthukrishnan
2022-05-26 8:02 ` [v7, 02/11] examples/fips_validation: add json info to header Gowrishankar Muthukrishnan
@ 2022-05-26 8:02 ` Gowrishankar Muthukrishnan
2022-05-26 9:47 ` Zhang, Roy Fan
2022-05-26 8:02 ` [v7, 04/11] examples/fips_validation: allow json file as input Gowrishankar Muthukrishnan
` (8 subsequent siblings)
11 siblings, 1 reply; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-26 8:02 UTC (permalink / raw)
To: dev
Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
Archana Muniganti, Jerin Jacob, Brandon Lo
From: Brandon Lo <blo@iol.unh.edu>
Added functions to parse the required information from a vector set
given in the new json format.
Signed-off-by: Brandon Lo <blo@iol.unh.edu>
---
v7:
* pulled json_info define from next patch.
v3:
* fix checkpatch warnings
v2:
* fix for loop initialization
---
examples/fips_validation/fips_validation.c | 92 ++++++++++++++++++++++
examples/fips_validation/main.c | 4 +
2 files changed, 96 insertions(+)
diff --git a/examples/fips_validation/fips_validation.c b/examples/fips_validation/fips_validation.c
index 38c99b291c..6594a15579 100644
--- a/examples/fips_validation/fips_validation.c
+++ b/examples/fips_validation/fips_validation.c
@@ -276,6 +276,8 @@ parse_file_type(const char *path)
info.file_type = FIPS_TYPE_RSP;
else if (strstr(path, FAX_FILE_PREFIX))
info.file_type = FIPS_TYPE_FAX;
+ else if (strstr(path, JSON_FILE_PREFIX))
+ info.file_type = FIPS_TYPE_JSON;
else
return -EINVAL;
@@ -311,6 +313,21 @@ fips_test_init(const char *req_file_path, const char *rsp_file_path,
return -EINVAL;
}
+ if (info.file_type == FIPS_TYPE_JSON) {
+#ifdef RTE_HAS_JANSSON
+ json_error_t error;
+ json_info.json_root = json_loadf(info.fp_rd, 0, &error);
+ if (!json_info.json_root) {
+ RTE_LOG(ERR, USER1, "Cannot parse json file %s (line %d, column %d)\n",
+ req_file_path, error.line, error.column);
+ return -EINVAL;
+ }
+#else /* RTE_HAS_JANSSON */
+ RTE_LOG(ERR, USER1, "No json library configured.\n");
+ return -EINVAL;
+#endif /* RTE_HAS_JANSSON */
+ }
+
info.fp_wr = fopen(rsp_file_path, "w");
if (!info.fp_wr) {
RTE_LOG(ERR, USER1, "Cannot open file %s\n", rsp_file_path);
@@ -329,6 +346,9 @@ fips_test_init(const char *req_file_path, const char *rsp_file_path,
return -EINVAL;
}
+ if (info.file_type == FIPS_TYPE_JSON)
+ return 0;
+
if (fips_test_parse_header() < 0) {
RTE_LOG(ERR, USER1, "Failed parsing header\n");
return -1;
@@ -428,6 +448,78 @@ fips_test_write_one_case(void)
fprintf(info.fp_wr, "%s\n", info.vec[i]);
}
+#ifdef RTE_HAS_JANSSON
+int
+fips_test_parse_one_json_vector_set(void)
+{
+ json_t *algo_obj = json_object_get(json_info.json_vector_set, "algorithm");
+ const char *algo_str = json_string_value(algo_obj);
+
+ /* Vector sets contain the algorithm type, and nothing else we need. */
+ if (strstr(algo_str, "AES-GCM"))
+ info.algo = FIPS_TEST_ALGO_AES_GCM;
+ else
+ return -EINVAL;
+
+ return 0;
+}
+
+int
+fips_test_parse_one_json_group(void)
+{
+ int ret, i;
+ json_int_t val;
+ json_t *param;
+
+ if (info.interim_callbacks) {
+ char json_value[256];
+ for (i = 0; info.interim_callbacks[i].key != NULL; i++) {
+ param = json_object_get(json_info.json_test_group,
+ info.interim_callbacks[i].key);
+ val = json_integer_value(param);
+ snprintf(json_value, 255, "%"JSON_INTEGER_FORMAT, val);
+ /* First argument is blank because the key
+ * is not included in the string being parsed.
+ */
+ ret = info.interim_callbacks[i].cb(
+ "", json_value,
+ info.interim_callbacks[i].val
+ );
+ if (ret < 0)
+ return ret;
+ }
+ }
+
+ return 0;
+}
+
+int
+fips_test_parse_one_json_case(void)
+{
+ uint32_t i;
+ int ret = 0;
+ json_t *param;
+
+ for (i = 0; info.callbacks[i].key != NULL; i++) {
+ param = json_object_get(json_info.json_test_case, info.callbacks[i].key);
+ if (param) {
+ strcpy(info.one_line_text, json_string_value(param));
+ /* First argument is blank because the key
+ * is not included in the string being parsed.
+ */
+ ret = info.callbacks[i].cb(
+ "", info.one_line_text,
+ info.callbacks[i].val
+ );
+ if (ret < 0)
+ return ret;
+ }
+ }
+
+ return 0;
+}
+#endif /* RTE_HAS_JANSSON */
+
static int
parser_read_uint64_hex(uint64_t *value, const char *p)
{
diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c
index 554d74cda0..11db983ab0 100644
--- a/examples/fips_validation/main.c
+++ b/examples/fips_validation/main.c
@@ -39,6 +39,10 @@ enum {
struct fips_test_vector vec;
struct fips_test_interim_info info;
+#ifdef RTE_HAS_JANSSON
+struct fips_test_json_info json_info;
+#endif /* RTE_HAS_JANSSON */
+
struct cryptodev_fips_validate_env {
const char *req_path;
const char *rsp_path;
--
2.25.1
^ permalink raw reply [flat|nested] 122+ messages in thread
* RE: [v7, 03/11] examples/fips_validation: add json parsing
2022-05-26 8:02 ` [v7, 03/11] examples/fips_validation: add json parsing Gowrishankar Muthukrishnan
@ 2022-05-26 9:47 ` Zhang, Roy Fan
0 siblings, 0 replies; 122+ messages in thread
From: Zhang, Roy Fan @ 2022-05-26 9:47 UTC (permalink / raw)
To: Gowrishankar Muthukrishnan, dev
Cc: Dooley, Brian, lylavoie, Anoob Joseph, Archana Muniganti, Jerin Jacob
> -----Original Message-----
> From: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
> Sent: Thursday, May 26, 2022 9:02 AM
> To: dev@dpdk.org
> Cc: Zhang, Roy Fan <roy.fan.zhang@intel.com>; Dooley, Brian
> <brian.dooley@intel.com>; lylavoie@iol.unh.edu; Anoob Joseph
> <anoobj@marvell.com>; Archana Muniganti <marchana@marvell.com>;
> Jerin Jacob <jerinj@marvell.com>; Brandon Lo <blo@iol.unh.edu>
> Subject: [v7, 03/11] examples/fips_validation: add json parsing
>
> From: Brandon Lo <blo@iol.unh.edu>
>
> Added functions to parse the required information from a vector set
> given in the new json format.
>
> Signed-off-by: Brandon Lo <blo@iol.unh.edu>
> ---
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
^ permalink raw reply [flat|nested] 122+ messages in thread
* [v7, 04/11] examples/fips_validation: allow json file as input
2022-05-26 8:02 ` [v7, " Gowrishankar Muthukrishnan
` (2 preceding siblings ...)
2022-05-26 8:02 ` [v7, 03/11] examples/fips_validation: add json parsing Gowrishankar Muthukrishnan
@ 2022-05-26 8:02 ` Gowrishankar Muthukrishnan
2022-05-26 9:48 ` Zhang, Roy Fan
2022-05-26 8:02 ` [v7, 05/11] examples/fips_validation: add json to gcm test Gowrishankar Muthukrishnan
` (7 subsequent siblings)
11 siblings, 1 reply; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-26 8:02 UTC (permalink / raw)
To: dev
Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
Archana Muniganti, Jerin Jacob, Brandon Lo,
Gowrishankar Muthukrishnan
From: Brandon Lo <blo@iol.unh.edu>
Added the ability to use the json format as the input
and output of the example application.
Signed-off-by: Brandon Lo <blo@iol.unh.edu>
Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
--
v5:
* fix to check info.file_type in json file type as well.
v3:
* fix checkpatch warnings
v2:
* remove use_json variable
---
examples/fips_validation/main.c | 193 +++++++++++++++++++++++++++++++-
1 file changed, 190 insertions(+), 3 deletions(-)
diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c
index 11db983ab0..81b014d6fa 100644
--- a/examples/fips_validation/main.c
+++ b/examples/fips_validation/main.c
@@ -34,6 +34,8 @@ enum {
OPT_CRYPTODEV_BK_ID_NUM,
#define OPT_CRYPTODEV_BK_DIR_KEY "broken-test-dir"
OPT_CRYPTODEV_BK_DIR_KEY_NUM,
+#define OPT_USE_JSON "use-json"
+ OPT_USE_JSON_NUM,
};
struct fips_test_vector vec;
@@ -170,6 +172,11 @@ cryptodev_fips_validate_app_uninit(void)
static int
fips_test_one_file(void);
+#ifdef RTE_HAS_JANSSON
+static int
+fips_test_one_json_file(void);
+#endif /* RTE_HAS_JANSSON */
+
static int
parse_cryptodev_arg(char *arg)
{
@@ -429,8 +436,17 @@ main(int argc, char *argv[])
goto exit;
}
-
+#ifdef RTE_HAS_JANSSON
+ if (info.file_type == FIPS_TYPE_JSON) {
+ ret = fips_test_one_json_file();
+ json_decref(json_info.json_root);
+ } else {
+ ret = fips_test_one_file();
+ }
+#else /* RTE_HAS_JANSSON */
ret = fips_test_one_file();
+#endif /* RTE_HAS_JANSSON */
+
if (ret < 0) {
RTE_LOG(ERR, USER1, "Error %i: Failed test %s\n",
ret, env.req_path);
@@ -485,7 +501,17 @@ main(int argc, char *argv[])
break;
}
+#ifdef RTE_HAS_JANSSON
+ if (info.file_type == FIPS_TYPE_JSON) {
+ ret = fips_test_one_json_file();
+ json_decref(json_info.json_root);
+ } else {
+ ret = fips_test_one_file();
+ }
+#else /* RTE_HAS_JANSSON */
ret = fips_test_one_file();
+#endif /* RTE_HAS_JANSSON */
+
if (ret < 0) {
RTE_LOG(ERR, USER1, "Error %i: Failed test %s\n",
ret, req_path);
@@ -1223,7 +1249,8 @@ fips_generic_test(void)
struct fips_val val = {NULL, 0};
int ret;
- fips_test_write_one_case();
+ if (info.file_type != FIPS_TYPE_JSON)
+ fips_test_write_one_case();
ret = fips_run_test();
if (ret < 0) {
@@ -1242,6 +1269,7 @@ fips_generic_test(void)
switch (info.file_type) {
case FIPS_TYPE_REQ:
case FIPS_TYPE_RSP:
+ case FIPS_TYPE_JSON:
if (info.parse_writeback == NULL)
return -EPERM;
ret = info.parse_writeback(&val);
@@ -1259,7 +1287,8 @@ fips_generic_test(void)
break;
}
- fprintf(info.fp_wr, "\n");
+ if (info.file_type != FIPS_TYPE_JSON)
+ fprintf(info.fp_wr, "\n");
free(val.val);
return 0;
@@ -1850,3 +1879,161 @@ fips_test_one_file(void)
return ret;
}
+
+#ifdef RTE_HAS_JANSSON
+static int
+fips_test_json_init_writeback(void)
+{
+ json_t *session_info, *session_write;
+ session_info = json_array_get(json_info.json_root, 0);
+ session_write = json_object();
+ json_info.json_write_root = json_array();
+
+ json_object_set(session_write, "jwt",
+ json_object_get(session_info, "jwt"));
+ json_object_set(session_write, "url",
+ json_object_get(session_info, "url"));
+ json_object_set(session_write, "isSample",
+ json_object_get(session_info, "isSample"));
+
+ json_info.is_sample = json_boolean_value(
+ json_object_get(session_info, "isSample"));
+
+ json_array_append_new(json_info.json_write_root, session_write);
+ return 0;
+}
+
+static int
+fips_test_one_test_case(void)
+{
+ int ret;
+
+ ret = fips_test_parse_one_json_case();
+
+ switch (ret) {
+ case 0:
+ ret = test_ops.test();
+ if (ret == 0)
+ break;
+ RTE_LOG(ERR, USER1, "Error %i: test block\n",
+ ret);
+ break;
+ case 1:
+ break;
+ default:
+ RTE_LOG(ERR, USER1, "Error %i: Parse block\n",
+ ret);
+ }
+ return 0;
+}
+
+static int
+fips_test_one_test_group(void)
+{
+ int ret;
+ json_t *tests, *write_tests;
+ size_t test_idx, tests_size;
+
+ write_tests = json_array();
+ json_info.json_write_group = json_object();
+ json_object_set(json_info.json_write_group, "tgId",
+ json_object_get(json_info.json_test_group, "tgId"));
+ json_object_set_new(json_info.json_write_group, "tests", write_tests);
+
+ switch (info.algo) {
+ case FIPS_TEST_ALGO_AES_GCM:
+ ret = parse_test_gcm_init();
+ break;
+ default:
+ return -EINVAL;
+ }
+ if (ret < 0)
+ return ret;
+
+ ret = fips_test_parse_one_json_group();
+ if (ret < 0)
+ return ret;
+
+ ret = init_test_ops();
+ if (ret < 0)
+ return ret;
+
+ tests = json_object_get(json_info.json_test_group, "tests");
+ tests_size = json_array_size(tests);
+ for (test_idx = 0; test_idx < tests_size; test_idx++) {
+ json_info.json_test_case = json_array_get(tests, test_idx);
+ fips_test_one_test_case();
+ json_array_append_new(write_tests, json_info.json_write_case);
+ }
+
+ return 0;
+}
+
+static int
+fips_test_one_vector_set(void)
+{
+ int ret;
+ json_t *test_groups, *write_groups, *write_version, *write_set;
+ size_t group_idx, num_groups;
+
+ test_groups = json_object_get(json_info.json_vector_set, "testGroups");
+ num_groups = json_array_size(test_groups);
+
+ json_info.json_write_set = json_array();
+ write_version = json_object();
+ json_object_set_new(write_version, "acvVersion", json_string(ACVVERSION));
+ json_array_append_new(json_info.json_write_set, write_version);
+
+ write_set = json_object();
+ json_array_append_new(json_info.json_write_set, write_set);
+ write_groups = json_array();
+
+ json_object_set(write_set, "vsId",
+ json_object_get(json_info.json_vector_set, "vsId"));
+ json_object_set(write_set, "algorithm",
+ json_object_get(json_info.json_vector_set, "algorithm"));
+ json_object_set(write_set, "revision",
+ json_object_get(json_info.json_vector_set, "revision"));
+ json_object_set_new(write_set, "isSample",
+ json_boolean(json_info.is_sample));
+ json_object_set_new(write_set, "testGroups", write_groups);
+
+ ret = fips_test_parse_one_json_vector_set();
+ if (ret < 0) {
+ RTE_LOG(ERR, USER1, "Error: Unsupported or invalid vector set algorithm: %s\n",
+ json_string_value(json_object_get(json_info.json_vector_set, "algorithm")));
+ return ret;
+ }
+
+ for (group_idx = 0; group_idx < num_groups; group_idx++) {
+ json_info.json_test_group = json_array_get(test_groups, group_idx);
+ ret = fips_test_one_test_group();
+ json_array_append_new(write_groups, json_info.json_write_group);
+ }
+
+ return 0;
+}
+
+static int
+fips_test_one_json_file(void)
+{
+ size_t vector_set_idx, root_size;
+
+ root_size = json_array_size(json_info.json_root);
+ fips_test_json_init_writeback();
+
+ for (vector_set_idx = 1; vector_set_idx < root_size; vector_set_idx++) {
+ /* Vector set index starts at 1, the 0th index contains test session
+ * information.
+ */
+ json_info.json_vector_set = json_array_get(json_info.json_root, vector_set_idx);
+ fips_test_one_vector_set();
+ json_array_append_new(json_info.json_write_root, json_info.json_write_set);
+ }
+
+ json_dumpf(json_info.json_write_root, info.fp_wr, JSON_INDENT(4));
+ json_decref(json_info.json_write_root);
+
+ return 0;
+}
+#endif /* RTE_HAS_JANSSON */
--
2.25.1
^ permalink raw reply [flat|nested] 122+ messages in thread
* RE: [v7, 04/11] examples/fips_validation: allow json file as input
2022-05-26 8:02 ` [v7, 04/11] examples/fips_validation: allow json file as input Gowrishankar Muthukrishnan
@ 2022-05-26 9:48 ` Zhang, Roy Fan
0 siblings, 0 replies; 122+ messages in thread
From: Zhang, Roy Fan @ 2022-05-26 9:48 UTC (permalink / raw)
To: Gowrishankar Muthukrishnan, dev
Cc: Dooley, Brian, lylavoie, Anoob Joseph, Archana Muniganti,
Jerin Jacob, Brandon Lo
> -----Original Message-----
> From: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
> Sent: Thursday, May 26, 2022 9:02 AM
> To: dev@dpdk.org
> Cc: Zhang, Roy Fan <roy.fan.zhang@intel.com>; Dooley, Brian
> <brian.dooley@intel.com>; lylavoie@iol.unh.edu; Anoob Joseph
> <anoobj@marvell.com>; Archana Muniganti <marchana@marvell.com>;
> Jerin Jacob <jerinj@marvell.com>; Brandon Lo <blo@iol.unh.edu>;
> Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
> Subject: [v7, 04/11] examples/fips_validation: allow json file as input
>
> From: Brandon Lo <blo@iol.unh.edu>
>
> Added the ability to use the json format as the input
> and output of the example application.
>
> Signed-off-by: Brandon Lo <blo@iol.unh.edu>
> Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
> --
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
^ permalink raw reply [flat|nested] 122+ messages in thread
* [v7, 05/11] examples/fips_validation: add json to gcm test
2022-05-26 8:02 ` [v7, " Gowrishankar Muthukrishnan
` (3 preceding siblings ...)
2022-05-26 8:02 ` [v7, 04/11] examples/fips_validation: allow json file as input Gowrishankar Muthukrishnan
@ 2022-05-26 8:02 ` Gowrishankar Muthukrishnan
2022-05-26 9:49 ` Zhang, Roy Fan
2022-05-26 8:02 ` [v7, 06/11] examples/fips_validation: add json to hmac Gowrishankar Muthukrishnan
` (6 subsequent siblings)
11 siblings, 1 reply; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-26 8:02 UTC (permalink / raw)
To: dev
Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
Archana Muniganti, Jerin Jacob, Brandon Lo
From: Brandon Lo <blo@iol.unh.edu>
Adds json-specific testing and writeback function. Allows
the user to test AES-GCM vector sets.
Signed-off-by: Brandon Lo <blo@iol.unh.edu>
---
v3:
* fix checkpatch warnings
---
examples/fips_validation/fips_validation.h | 3 +
.../fips_validation/fips_validation_gcm.c | 151 +++++++++++++++++-
examples/fips_validation/main.c | 3 +-
3 files changed, 155 insertions(+), 2 deletions(-)
diff --git a/examples/fips_validation/fips_validation.h b/examples/fips_validation/fips_validation.h
index a1c83a9a6a..8b9d528c53 100644
--- a/examples/fips_validation/fips_validation.h
+++ b/examples/fips_validation/fips_validation.h
@@ -250,6 +250,9 @@ fips_test_parse_one_json_group(void);
int
fips_test_parse_one_json_case(void);
+
+int
+parse_test_gcm_json_init(void);
#endif /* RTE_HAS_JANSSON */
int
diff --git a/examples/fips_validation/fips_validation_gcm.c b/examples/fips_validation/fips_validation_gcm.c
index 250d09bf90..3604b21f13 100644
--- a/examples/fips_validation/fips_validation_gcm.c
+++ b/examples/fips_validation/fips_validation_gcm.c
@@ -6,6 +6,10 @@
#include <time.h>
#include <stdio.h>
+#ifdef RTE_HAS_JANSSON
+#include <jansson.h>
+#endif /* RTE_HAS_JANSSON */
+
#include <rte_cryptodev.h>
#include <rte_malloc.h>
@@ -37,6 +41,27 @@
#define OP_ENC_EXT_STR "ExtIV"
#define OP_ENC_INT_STR "IntIV"
+#define KEYLEN_JSON_STR "keyLen"
+#define IVLEN_JSON_STR "ivLen"
+#define PAYLOADLEN_JSON_STR "payloadLen"
+#define AADLEN_JSON_STR "aadLen"
+#define TAGLEN_JSON_STR "tagLen"
+
+#define KEY_JSON_STR "key"
+#define IV_JSON_STR "iv"
+#define PT_JSON_STR "pt"
+#define CT_JSON_STR "ct"
+#define AAD_JSON_STR "aad"
+#define TAG_JSON_STR "tag"
+#define DIR_JSON_STR "direction"
+
+#define OP_ENC_JSON_STR "encrypt"
+#define OP_DEC_JSON_STR "decrypt"
+
+#define IVGEN_JSON_STR "ivGen"
+#define OP_ENC_EXT_JSON_STR "external"
+#define OP_ENC_INT_JSON_STR "internal"
+
#define NEG_TEST_STR "FAIL"
/**
@@ -136,6 +161,40 @@ struct fips_test_callback gcm_enc_vectors[] = {
{NULL, NULL, NULL} /**< end pointer */
};
+#ifdef RTE_HAS_JANSSON
+struct fips_test_callback gcm_dec_json_vectors[] = {
+ {KEY_JSON_STR, parse_uint8_known_len_hex_str, &vec.aead.key},
+ {IV_JSON_STR, parse_uint8_known_len_hex_str, &vec.iv},
+ {CT_JSON_STR, parse_gcm_pt_ct_str, &vec.ct},
+ {AAD_JSON_STR, parse_gcm_aad_str, &vec.aead.aad},
+ {TAG_JSON_STR, parse_uint8_known_len_hex_str,
+ &vec.aead.digest},
+ {NULL, NULL, NULL} /**< end pointer */
+};
+
+struct fips_test_callback gcm_interim_json_vectors[] = {
+ {KEYLEN_JSON_STR, parser_read_uint32_bit_val, &vec.aead.key},
+ {IVLEN_JSON_STR, parser_read_uint32_bit_val, &vec.iv},
+ {PAYLOADLEN_JSON_STR, parser_read_gcm_pt_len, &vec.pt},
+ {PAYLOADLEN_JSON_STR, parser_read_uint32_bit_val, &vec.ct},
+ /**< The NIST json test vectors use 'payloadLen' to denote input text
+ * length in case of decrypt & encrypt operations.
+ */
+ {AADLEN_JSON_STR, parser_read_uint32_bit_val, &vec.aead.aad},
+ {TAGLEN_JSON_STR, parser_read_uint32_bit_val,
+ &vec.aead.digest},
+ {NULL, NULL, NULL} /**< end pointer */
+};
+
+struct fips_test_callback gcm_enc_json_vectors[] = {
+ {KEY_JSON_STR, parse_uint8_known_len_hex_str, &vec.aead.key},
+ {IV_JSON_STR, parse_uint8_known_len_hex_str, &vec.iv},
+ {PT_JSON_STR, parse_gcm_pt_ct_str, &vec.pt},
+ {AAD_JSON_STR, parse_gcm_aad_str, &vec.aead.aad},
+ {NULL, NULL, NULL} /**< end pointer */
+};
+#endif /* RTE_HAS_JANSSON */
+
static int
parse_test_gcm_writeback(struct fips_val *val)
{
@@ -194,7 +253,6 @@ parse_test_gcm_init(void)
char *tmp;
uint32_t i;
-
for (i = 0; i < info.nb_vec_lines; i++) {
char *line = info.vec[i];
@@ -218,3 +276,94 @@ parse_test_gcm_init(void)
return 0;
}
+
+#ifdef RTE_HAS_JANSSON
+static int
+parse_test_gcm_json_writeback(struct fips_val *val)
+{
+ struct fips_val tmp_val;
+ json_t *tcId, *tag;
+
+ tcId = json_object_get(json_info.json_test_case, "tcId");
+
+ json_info.json_write_case = json_object();
+ json_object_set(json_info.json_write_case, "tcId", tcId);
+
+ if (info.op == FIPS_TEST_ENC_AUTH_GEN) {
+ json_t *ct;
+
+ tmp_val.val = val->val;
+ tmp_val.len = vec.pt.len;
+
+ writeback_hex_str("", info.one_line_text, &tmp_val);
+ ct = json_string(info.one_line_text);
+ json_object_set_new(json_info.json_write_case, CT_JSON_STR, ct);
+
+ if (info.interim_info.gcm_data.gen_iv) {
+ json_t *iv;
+ tmp_val.val = vec.iv.val;
+ tmp_val.len = vec.iv.len;
+
+ writeback_hex_str("", info.one_line_text, &tmp_val);
+ iv = json_string(info.one_line_text);
+ json_object_set_new(json_info.json_write_case, IV_JSON_STR, iv);
+
+ rte_free(vec.iv.val);
+ vec.iv.val = NULL;
+ }
+
+ tmp_val.val = val->val + vec.pt.len;
+ tmp_val.len = val->len - vec.pt.len;
+
+ writeback_hex_str("", info.one_line_text, &tmp_val);
+ tag = json_string(info.one_line_text);
+ json_object_set_new(json_info.json_write_case, TAG_JSON_STR, tag);
+ } else {
+ if (vec.status == RTE_CRYPTO_OP_STATUS_SUCCESS) {
+ if (!info.interim_info.gcm_data.is_gmac) {
+ tmp_val.val = val->val;
+ tmp_val.len = vec.pt.len;
+
+ writeback_hex_str("", info.one_line_text, &tmp_val);
+ json_object_set_new(json_info.json_write_case, PT_JSON_STR,
+ json_string(info.one_line_text));
+ }
+ } else {
+ json_object_set_new(json_info.json_write_case, "testPassed", json_false());
+ }
+ }
+
+ return 0;
+}
+
+int
+parse_test_gcm_json_init(void)
+{
+ json_t *direction_obj;
+ const char *direction_str;
+
+ direction_obj = json_object_get(json_info.json_test_group, DIR_JSON_STR);
+ direction_str = json_string_value(direction_obj);
+
+ if (strcmp(direction_str, OP_ENC_JSON_STR) == 0) {
+ json_t *ivGen_obj = json_object_get(json_info.json_test_group, IVGEN_JSON_STR);
+ const char *ivGen_str = json_string_value(ivGen_obj);
+
+ info.op = FIPS_TEST_ENC_AUTH_GEN;
+ info.callbacks = gcm_enc_json_vectors;
+
+ if (strcmp(ivGen_str, OP_ENC_INT_JSON_STR) == 0)
+ info.interim_info.gcm_data.gen_iv = 1;
+ } else if (strcmp(direction_str, OP_DEC_JSON_STR) == 0) {
+ info.op = FIPS_TEST_DEC_AUTH_VERIF;
+ info.callbacks = gcm_dec_json_vectors;
+ } else {
+ return -EINVAL;
+ }
+ info.interim_callbacks = gcm_interim_json_vectors;
+ info.parse_writeback = parse_test_gcm_json_writeback;
+
+ return 0;
+}
+#endif /* RTE_HAS_JANSSON */
+
diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c
index 81b014d6fa..f66f7710d8 100644
--- a/examples/fips_validation/main.c
+++ b/examples/fips_validation/main.c
@@ -1942,11 +1942,12 @@ fips_test_one_test_group(void)
switch (info.algo) {
case FIPS_TEST_ALGO_AES_GCM:
- ret = parse_test_gcm_init();
+ ret = parse_test_gcm_json_init();
break;
default:
return -EINVAL;
}
+
if (ret < 0)
return ret;
--
2.25.1
^ permalink raw reply [flat|nested] 122+ messages in thread
* RE: [v7, 05/11] examples/fips_validation: add json to gcm test
2022-05-26 8:02 ` [v7, 05/11] examples/fips_validation: add json to gcm test Gowrishankar Muthukrishnan
@ 2022-05-26 9:49 ` Zhang, Roy Fan
0 siblings, 0 replies; 122+ messages in thread
From: Zhang, Roy Fan @ 2022-05-26 9:49 UTC (permalink / raw)
To: Gowrishankar Muthukrishnan, dev
Cc: Dooley, Brian, lylavoie, Anoob Joseph, Archana Muniganti, Jerin Jacob
> -----Original Message-----
> From: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
> Sent: Thursday, May 26, 2022 9:02 AM
> To: dev@dpdk.org
> Cc: Zhang, Roy Fan <roy.fan.zhang@intel.com>; Dooley, Brian
> <brian.dooley@intel.com>; lylavoie@iol.unh.edu; Anoob Joseph
> <anoobj@marvell.com>; Archana Muniganti <marchana@marvell.com>;
> Jerin Jacob <jerinj@marvell.com>; Brandon Lo <blo@iol.unh.edu>
> Subject: [v7, 05/11] examples/fips_validation: add json to gcm test
>
> From: Brandon Lo <blo@iol.unh.edu>
>
> Adds json-specific testing and writeback function. Allows
> the user to test AES-GCM vector sets.
>
> Signed-off-by: Brandon Lo <blo@iol.unh.edu>
> ---
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
^ permalink raw reply [flat|nested] 122+ messages in thread
* [v7, 06/11] examples/fips_validation: add json to hmac
2022-05-26 8:02 ` [v7, " Gowrishankar Muthukrishnan
` (4 preceding siblings ...)
2022-05-26 8:02 ` [v7, 05/11] examples/fips_validation: add json to gcm test Gowrishankar Muthukrishnan
@ 2022-05-26 8:02 ` Gowrishankar Muthukrishnan
2022-05-26 9:49 ` Zhang, Roy Fan
2022-05-26 8:02 ` [v7, 07/11] examples/fips_validation: implement json cmac test Gowrishankar Muthukrishnan
` (5 subsequent siblings)
11 siblings, 1 reply; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-26 8:02 UTC (permalink / raw)
To: dev
Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
Archana Muniganti, Jerin Jacob, Brandon Lo
From: Brandon Lo <blo@iol.unh.edu>
Adds JSON support for the HMAC algorithm.
Signed-off-by: Brandon Lo <blo@iol.unh.edu>
---
examples/fips_validation/fips_validation.c | 2 +
examples/fips_validation/fips_validation.h | 6 ++
.../fips_validation/fips_validation_hmac.c | 93 +++++++++++++++++++
examples/fips_validation/main.c | 3 +
4 files changed, 104 insertions(+)
diff --git a/examples/fips_validation/fips_validation.c b/examples/fips_validation/fips_validation.c
index 6594a15579..e8520f59cf 100644
--- a/examples/fips_validation/fips_validation.c
+++ b/examples/fips_validation/fips_validation.c
@@ -458,6 +458,8 @@ fips_test_parse_one_json_vector_set(void)
/* Vector sets contain the algorithm type, and nothing else we need. */
if (strstr(algo_str, "AES-GCM"))
info.algo = FIPS_TEST_ALGO_AES_GCM;
+ if (strstr(algo_str, "HMAC"))
+ info.algo = FIPS_TEST_ALGO_HMAC;
else
return -EINVAL;
diff --git a/examples/fips_validation/fips_validation.h b/examples/fips_validation/fips_validation.h
index 8b9d528c53..3b3ffb7fa6 100644
--- a/examples/fips_validation/fips_validation.h
+++ b/examples/fips_validation/fips_validation.h
@@ -253,6 +253,12 @@ fips_test_parse_one_json_case(void);
int
parse_test_gcm_json_init(void);
+
+int
+parse_test_hmac_json_init(void);
+
+int
+parse_test_hmac_json_algorithm(void);
#endif /* RTE_HAS_JANSSON */
int
diff --git a/examples/fips_validation/fips_validation_hmac.c b/examples/fips_validation/fips_validation_hmac.c
index 1285c9d283..4cd1b1ac07 100644
--- a/examples/fips_validation/fips_validation_hmac.c
+++ b/examples/fips_validation/fips_validation_hmac.c
@@ -19,6 +19,15 @@
#define PT_STR "Msg = "
#define TAG_STR "Mac = "
+#define ALGO_JSON_STR "algorithm"
+
+#define KEYLEN_JSON_STR "keyLen"
+#define TAGLEN_JSON_STR "macLen"
+
+#define KEY_JSON_STR "key"
+#define PT_JSON_STR "msg"
+#define TAG_JSON_STR "mac"
+
struct hash_size_conversion {
const char *str;
enum rte_crypto_auth_algorithm algo;
@@ -65,6 +74,29 @@ struct fips_test_callback hmac_tests_interim_vectors[] = {
{NULL, NULL, NULL} /**< end pointer */
};
+#ifdef RTE_HAS_JANSSON
+struct hash_size_conversion json_algorithms[] = {
+ {"HMAC-SHA-1", RTE_CRYPTO_AUTH_SHA1_HMAC},
+ {"HMAC-SHA2-224", RTE_CRYPTO_AUTH_SHA224_HMAC},
+ {"HMAC-SHA2-256", RTE_CRYPTO_AUTH_SHA256_HMAC},
+ {"HMAC-SHA2-384", RTE_CRYPTO_AUTH_SHA384_HMAC},
+ {"HMAC-SHA2-512", RTE_CRYPTO_AUTH_SHA512_HMAC},
+};
+
+struct fips_test_callback hmac_tests_json_vectors[] = {
+ {KEY_JSON_STR, parse_uint8_hex_str, &vec.cipher_auth.key},
+ {PT_JSON_STR, parse_uint8_hex_str, &vec.pt},
+ {TAG_JSON_STR, parse_uint8_hex_str, &vec.cipher_auth.digest},
+ {NULL, NULL, NULL} /**< end pointer */
+};
+
+struct fips_test_callback hmac_tests_interim_json_vectors[] = {
+ {KEYLEN_JSON_STR, parser_read_uint32_val, &vec.cipher_auth.key},
+ {TAGLEN_JSON_STR, parser_read_uint32_bit_val, &vec.cipher_auth.digest},
+ {NULL, NULL, NULL} /**< end pointer */
+};
+#endif /* RTE_HAS_JANSSON */
+
static int
parse_test_hmac_writeback(struct fips_val *val)
{
@@ -103,3 +135,64 @@ parse_test_hmac_init(void)
return 0;
}
+
+#ifdef RTE_HAS_JANSSON
+static int
+parse_test_hmac_json_writeback(struct fips_val *val)
+{
+ struct fips_val val_local;
+ json_t *tcId, *mac;
+
+ tcId = json_object_get(json_info.json_test_case, "tcId");
+
+ json_info.json_write_case = json_object();
+ json_object_set(json_info.json_write_case, "tcId", tcId);
+
+
+ val_local.val = val->val + vec.pt.len;
+ val_local.len = vec.cipher_auth.digest.len;
+
+ writeback_hex_str("", info.one_line_text, &val_local);
+
+ mac = json_string(info.one_line_text);
+ json_object_set_new(json_info.json_write_case, TAG_JSON_STR, mac);
+
+ return 0;
+}
+
+int
+parse_test_hmac_json_algorithm(void)
+{
+ json_t *algorithm_object;
+ const char *algorithm_str;
+ uint32_t i;
+
+ algorithm_object = json_object_get(json_info.json_vector_set, "algorithm");
+ algorithm_str = json_string_value(algorithm_object);
+
+ for (i = 0; i < RTE_DIM(json_algorithms); i++) {
+ if (strstr(algorithm_str, json_algorithms[i].str)) {
+ info.interim_info.hmac_data.algo = json_algorithms[i].algo;
+ return 0;
+ }
+ }
+
+ return -1;
+}
+
+int
+parse_test_hmac_json_init(void)
+{
+ info.op = FIPS_TEST_ENC_AUTH_GEN;
+ info.parse_writeback = parse_test_hmac_json_writeback;
+ info.callbacks = hmac_tests_json_vectors;
+ info.writeback_callbacks = NULL;
+ info.kat_check = rsp_test_hmac_check;
+ info.interim_callbacks = hmac_tests_interim_json_vectors;
+
+ if (parse_test_hmac_json_algorithm() < 0)
+ return -1;
+
+ return 0;
+}
+#endif /* RTE_HAS_JANSSON */
diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c
index f66f7710d8..45b453b913 100644
--- a/examples/fips_validation/main.c
+++ b/examples/fips_validation/main.c
@@ -1944,6 +1944,9 @@ fips_test_one_test_group(void)
case FIPS_TEST_ALGO_AES_GCM:
ret = parse_test_gcm_json_init();
break;
+ case FIPS_TEST_ALGO_HMAC:
+ ret = parse_test_hmac_json_init();
+ break;
default:
return -EINVAL;
}
--
2.25.1
^ permalink raw reply [flat|nested] 122+ messages in thread
* RE: [v7, 06/11] examples/fips_validation: add json to hmac
2022-05-26 8:02 ` [v7, 06/11] examples/fips_validation: add json to hmac Gowrishankar Muthukrishnan
@ 2022-05-26 9:49 ` Zhang, Roy Fan
0 siblings, 0 replies; 122+ messages in thread
From: Zhang, Roy Fan @ 2022-05-26 9:49 UTC (permalink / raw)
To: Gowrishankar Muthukrishnan, dev
Cc: Dooley, Brian, lylavoie, Anoob Joseph, Archana Muniganti,
Jerin Jacob, Brandon Lo
> -----Original Message-----
> From: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
> Sent: Thursday, May 26, 2022 9:02 AM
> To: dev@dpdk.org
> Cc: Zhang, Roy Fan <roy.fan.zhang@intel.com>; Dooley, Brian
> <brian.dooley@intel.com>; lylavoie@iol.unh.edu; Anoob Joseph
> <anoobj@marvell.com>; Archana Muniganti <marchana@marvell.com>;
> Jerin Jacob <jerinj@marvell.com>; Brandon Lo <blo@iol.unh.edu>
> Subject: [v7, 06/11] examples/fips_validation: add json to hmac
>
> From: Brandon Lo <blo@iol.unh.edu>
>
> Adds JSON support for the HMAC algorithm.
>
> Signed-off-by: Brandon Lo <blo@iol.unh.edu>
> ---
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
^ permalink raw reply [flat|nested] 122+ messages in thread
* [v7, 07/11] examples/fips_validation: implement json cmac test
2022-05-26 8:02 ` [v7, " Gowrishankar Muthukrishnan
` (5 preceding siblings ...)
2022-05-26 8:02 ` [v7, 06/11] examples/fips_validation: add json to hmac Gowrishankar Muthukrishnan
@ 2022-05-26 8:02 ` Gowrishankar Muthukrishnan
2022-05-26 9:49 ` Zhang, Roy Fan
2022-05-26 8:02 ` [v7, 08/11] examples/fips_validation: add parsing for cmac Gowrishankar Muthukrishnan
` (4 subsequent siblings)
11 siblings, 1 reply; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-26 8:02 UTC (permalink / raw)
To: dev
Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
Archana Muniganti, Jerin Jacob, Brandon Lo
From: Brandon Lo <blo@iol.unh.edu>
Implemented JSON support for the CMAC test.
Signed-off-by: Brandon Lo <blo@iol.unh.edu>
--
v5:
* parser_read_cmac_direction_str is static.
---
examples/fips_validation/fips_validation.h | 3 +
.../fips_validation/fips_validation_cmac.c | 80 +++++++++++++++++++
2 files changed, 83 insertions(+)
diff --git a/examples/fips_validation/fips_validation.h b/examples/fips_validation/fips_validation.h
index 3b3ffb7fa6..88cbb0303e 100644
--- a/examples/fips_validation/fips_validation.h
+++ b/examples/fips_validation/fips_validation.h
@@ -259,6 +259,9 @@ parse_test_hmac_json_init(void);
int
parse_test_hmac_json_algorithm(void);
+
+int
+parse_test_cmac_json_init(void);
#endif /* RTE_HAS_JANSSON */
int
diff --git a/examples/fips_validation/fips_validation_cmac.c b/examples/fips_validation/fips_validation_cmac.c
index 54c951ef83..094e3922a4 100644
--- a/examples/fips_validation/fips_validation_cmac.c
+++ b/examples/fips_validation/fips_validation_cmac.c
@@ -32,6 +32,18 @@
#define PASS_STR "P"
#define FAIL_STR "F"
+#define KLEN_JSON_STR "keyLen"
+#define PTLEN_JSON_STR "msgLen"
+#define TAGLEN_JSON_STR "macLen"
+#define KEY_JSON_STR "key"
+#define PT_JSON_STR "message"
+#define TAG_JSON_STR "mac"
+#define DIRECTION_JSON_STR "direction"
+#define POS_NEG_JSON_STR "testPassed"
+
+#define GEN_JSON_STR "gen"
+#define VERIF_JSON_STR "ver"
+
struct hash_algo_conversion {
const char *str;
enum fips_test_algorithms algo;
@@ -39,6 +51,74 @@ struct hash_algo_conversion {
{"AES", FIPS_TEST_ALGO_AES_CMAC},
};
+#ifdef RTE_HAS_JANSSON
+static int
+parser_read_cmac_direction_str(__rte_unused const char *key, char *src,
+ __rte_unused struct fips_val *val)
+{
+ if (strcmp(src, "gen") == 0)
+ info.op = FIPS_TEST_ENC_AUTH_GEN;
+ else if (strcmp(src, "ver") == 0)
+ info.op = FIPS_TEST_DEC_AUTH_VERIF;
+
+ return 0;
+}
+
+struct fips_test_callback cmac_tests_interim_json_vectors[] = {
+ {KLEN_JSON_STR, parser_read_uint32_bit_val, &vec.cipher_auth.key},
+ {PTLEN_JSON_STR, parser_read_uint32_bit_val, &vec.pt},
+ {TAGLEN_JSON_STR, parser_read_uint32_bit_val, &vec.cipher_auth.digest},
+ {DIRECTION_JSON_STR, parser_read_cmac_direction_str, NULL},
+ {NULL, NULL, NULL} /**< end pointer */
+};
+
+struct fips_test_callback cmac_tests_json_vectors[] = {
+ {KEY_JSON_STR, parse_uint8_hex_str, &vec.cipher_auth.key},
+ {PT_JSON_STR, parse_uint8_known_len_hex_str, &vec.pt},
+ {TAG_JSON_STR, parse_uint8_known_len_hex_str,
+ &vec.cipher_auth.digest},
+ {NULL, NULL, NULL} /**< end pointer */
+};
+
+static int
+parse_test_cmac_json_writeback(struct fips_val *val)
+{
+ json_info.json_write_case = json_object();
+ json_object_set(json_info.json_write_case, "tcId",
+ json_object_get(json_info.json_test_case, "tcId"));
+
+ if (info.op == FIPS_TEST_ENC_AUTH_GEN) {
+ struct fips_val tmp_val = {val->val + vec.pt.len,
+ vec.cipher_auth.digest.len};
+
+ writeback_hex_str("", info.one_line_text, &tmp_val);
+ json_object_set_new(json_info.json_write_case, TAG_JSON_STR,
+ json_string(info.one_line_text));
+ } else {
+ if (vec.status == RTE_CRYPTO_OP_STATUS_SUCCESS)
+ json_object_set_new(json_info.json_write_case, POS_NEG_JSON_STR,
+ json_boolean(true));
+ else if (vec.status == RTE_CRYPTO_OP_STATUS_AUTH_FAILED)
+ json_object_set_new(json_info.json_write_case, POS_NEG_JSON_STR,
+ json_boolean(false));
+ }
+
+ return 0;
+}
+
+int
+parse_test_cmac_json_init(void)
+{
+ info.algo = FIPS_TEST_ALGO_AES_CMAC;
+
+ info.parse_writeback = parse_test_cmac_json_writeback;
+ info.callbacks = cmac_tests_json_vectors;
+ info.interim_callbacks = cmac_tests_interim_json_vectors;
+
+ return 0;
+}
+#endif /* RTE_HAS_JANSSON */
+
static int
parse_test_cmac_writeback(struct fips_val *val)
{
--
2.25.1
^ permalink raw reply [flat|nested] 122+ messages in thread
* RE: [v7, 07/11] examples/fips_validation: implement json cmac test
2022-05-26 8:02 ` [v7, 07/11] examples/fips_validation: implement json cmac test Gowrishankar Muthukrishnan
@ 2022-05-26 9:49 ` Zhang, Roy Fan
0 siblings, 0 replies; 122+ messages in thread
From: Zhang, Roy Fan @ 2022-05-26 9:49 UTC (permalink / raw)
To: Gowrishankar Muthukrishnan, dev
Cc: Dooley, Brian, lylavoie, Anoob Joseph, Archana Muniganti,
Jerin Jacob, Brandon Lo
> -----Original Message-----
> From: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
> Sent: Thursday, May 26, 2022 9:02 AM
> To: dev@dpdk.org
> Cc: Zhang, Roy Fan <roy.fan.zhang@intel.com>; Dooley, Brian
> <brian.dooley@intel.com>; lylavoie@iol.unh.edu; Anoob Joseph
> <anoobj@marvell.com>; Archana Muniganti <marchana@marvell.com>;
> Jerin Jacob <jerinj@marvell.com>; Brandon Lo <blo@iol.unh.edu>
> Subject: [v7, 07/11] examples/fips_validation: implement json cmac test
>
> From: Brandon Lo <blo@iol.unh.edu>
>
> Implemented JSON support for the CMAC test.
>
> Signed-off-by: Brandon Lo <blo@iol.unh.edu>
> --
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
^ permalink raw reply [flat|nested] 122+ messages in thread
* [v7, 08/11] examples/fips_validation: add parsing for cmac
2022-05-26 8:02 ` [v7, " Gowrishankar Muthukrishnan
` (6 preceding siblings ...)
2022-05-26 8:02 ` [v7, 07/11] examples/fips_validation: implement json cmac test Gowrishankar Muthukrishnan
@ 2022-05-26 8:02 ` Gowrishankar Muthukrishnan
2022-05-26 9:50 ` Zhang, Roy Fan
2022-05-26 8:02 ` [v7, 09/11] examples/fips_validation: cleanup bypass tests in response file Gowrishankar Muthukrishnan
` (3 subsequent siblings)
11 siblings, 1 reply; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-26 8:02 UTC (permalink / raw)
To: dev
Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
Archana Muniganti, Jerin Jacob, Brandon Lo,
Gowrishankar Muthukrishnan
From: Brandon Lo <blo@iol.unh.edu>
Added function to parse algorithm for CMAC test.
Signed-off-by: Brandon Lo <blo@iol.unh.edu>
Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
--
v5:
* parser_read_cmac_direction_str implementation moved to static.
---
examples/fips_validation/fips_validation.c | 19 ++++++++++++++++---
examples/fips_validation/main.c | 3 +++
2 files changed, 19 insertions(+), 3 deletions(-)
diff --git a/examples/fips_validation/fips_validation.c b/examples/fips_validation/fips_validation.c
index e8520f59cf..ab4c0d0eca 100644
--- a/examples/fips_validation/fips_validation.c
+++ b/examples/fips_validation/fips_validation.c
@@ -460,6 +460,8 @@ fips_test_parse_one_json_vector_set(void)
info.algo = FIPS_TEST_ALGO_AES_GCM;
if (strstr(algo_str, "HMAC"))
info.algo = FIPS_TEST_ALGO_HMAC;
+ if (strstr(algo_str, "CMAC"))
+ info.algo = FIPS_TEST_ALGO_AES_CMAC;
else
return -EINVAL;
@@ -470,7 +472,6 @@ int
fips_test_parse_one_json_group(void)
{
int ret, i;
- json_int_t val;
json_t *param;
if (info.interim_callbacks) {
@@ -478,8 +479,20 @@ fips_test_parse_one_json_group(void)
for (i = 0; info.interim_callbacks[i].key != NULL; i++) {
param = json_object_get(json_info.json_test_group,
info.interim_callbacks[i].key);
- val = json_integer_value(param);
- snprintf(json_value, 255, "%"JSON_INTEGER_FORMAT, val);
+ switch (json_typeof(param)) {
+ case JSON_STRING:
+ snprintf(json_value, 256, "%s", json_string_value(param));
+ break;
+
+ case JSON_INTEGER:
+ snprintf(json_value, 255, "%"JSON_INTEGER_FORMAT,
+ json_integer_value(param));
+ break;
+
+ default:
+ return -EINVAL;
+ }
+
/* First argument is blank because the key
* is not included in the string being parsed.
*/
diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c
index 45b453b913..d104d82221 100644
--- a/examples/fips_validation/main.c
+++ b/examples/fips_validation/main.c
@@ -1947,6 +1947,9 @@ fips_test_one_test_group(void)
case FIPS_TEST_ALGO_HMAC:
ret = parse_test_hmac_json_init();
break;
+ case FIPS_TEST_ALGO_AES_CMAC:
+ ret = parse_test_cmac_json_init();
+ break;
default:
return -EINVAL;
}
--
2.25.1
^ permalink raw reply [flat|nested] 122+ messages in thread
* RE: [v7, 08/11] examples/fips_validation: add parsing for cmac
2022-05-26 8:02 ` [v7, 08/11] examples/fips_validation: add parsing for cmac Gowrishankar Muthukrishnan
@ 2022-05-26 9:50 ` Zhang, Roy Fan
0 siblings, 0 replies; 122+ messages in thread
From: Zhang, Roy Fan @ 2022-05-26 9:50 UTC (permalink / raw)
To: Gowrishankar Muthukrishnan, dev
Cc: Dooley, Brian, lylavoie, Anoob Joseph, Archana Muniganti, Jerin Jacob
> -----Original Message-----
> From: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
> Sent: Thursday, May 26, 2022 9:02 AM
> To: dev@dpdk.org
> Cc: Zhang, Roy Fan <roy.fan.zhang@intel.com>; Dooley, Brian
> <brian.dooley@intel.com>; lylavoie@iol.unh.edu; Anoob Joseph
> <anoobj@marvell.com>; Archana Muniganti <marchana@marvell.com>;
> Jerin Jacob <jerinj@marvell.com>; Brandon Lo <blo@iol.unh.edu>;
> Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
> Subject: [v7, 08/11] examples/fips_validation: add parsing for cmac
>
> From: Brandon Lo <blo@iol.unh.edu>
>
> Added function to parse algorithm for CMAC test.
>
> Signed-off-by: Brandon Lo <blo@iol.unh.edu>
> Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
> --
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
^ permalink raw reply [flat|nested] 122+ messages in thread
* [v7, 09/11] examples/fips_validation: cleanup bypass tests in response file
2022-05-26 8:02 ` [v7, " Gowrishankar Muthukrishnan
` (7 preceding siblings ...)
2022-05-26 8:02 ` [v7, 08/11] examples/fips_validation: add parsing for cmac Gowrishankar Muthukrishnan
@ 2022-05-26 8:02 ` Gowrishankar Muthukrishnan
2022-05-26 8:02 ` [v7, 10/11] examples/fips_validation: reset IV generation in every test group Gowrishankar Muthukrishnan
` (2 subsequent siblings)
11 siblings, 0 replies; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-26 8:02 UTC (permalink / raw)
To: dev
Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
Archana Muniganti, Jerin Jacob, Gowrishankar Muthukrishnan
Remove garbage entries for bypassed tests in response file.
Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
---
examples/fips_validation/main.c | 74 ++++++++++++++++-----------------
1 file changed, 35 insertions(+), 39 deletions(-)
diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c
index d104d82221..c203ad2ac2 100644
--- a/examples/fips_validation/main.c
+++ b/examples/fips_validation/main.c
@@ -804,7 +804,7 @@ prepare_aes_xform(struct rte_crypto_sym_xform *xform)
RTE_LOG(ERR, USER1, "PMD %s key length %u IV length %u\n",
info.device_name, cipher_xform->key.length,
cipher_xform->iv.length);
- return -EPERM;
+ return -ENOTSUP;
}
return 0;
@@ -852,7 +852,7 @@ prepare_tdes_xform(struct rte_crypto_sym_xform *xform)
RTE_LOG(ERR, USER1, "PMD %s key length %u IV length %u\n",
info.device_name, cipher_xform->key.length,
cipher_xform->iv.length);
- return -EPERM;
+ return -ENOTSUP;
}
return 0;
@@ -889,7 +889,7 @@ prepare_hmac_xform(struct rte_crypto_sym_xform *xform)
RTE_LOG(ERR, USER1, "PMD %s key length %u IV length %u\n",
info.device_name, auth_xform->key.length,
auth_xform->digest_length);
- return -EPERM;
+ return -ENOTSUP;
}
return 0;
@@ -935,7 +935,7 @@ prepare_gcm_xform(struct rte_crypto_sym_xform *xform)
aead_xform->digest_length,
aead_xform->aad_length,
aead_xform->iv.length);
- return -EPERM;
+ return -ENOTSUP;
}
return 0;
@@ -980,7 +980,7 @@ prepare_gmac_xform(struct rte_crypto_sym_xform *xform)
info.device_name, auth_xform->key.length,
auth_xform->digest_length,
auth_xform->iv.length);
- return -EPERM;
+ return -ENOTSUP;
}
return 0;
@@ -1018,7 +1018,7 @@ prepare_cmac_xform(struct rte_crypto_sym_xform *xform)
RTE_LOG(ERR, USER1, "PMD %s key length %u IV length %u\n",
info.device_name, auth_xform->key.length,
auth_xform->digest_length);
- return -EPERM;
+ return -ENOTSUP;
}
return 0;
@@ -1064,7 +1064,7 @@ prepare_ccm_xform(struct rte_crypto_sym_xform *xform)
aead_xform->digest_length,
aead_xform->aad_length,
aead_xform->iv.length);
- return -EPERM;
+ return -ENOTSUP;
}
return 0;
@@ -1099,7 +1099,7 @@ prepare_sha_xform(struct rte_crypto_sym_xform *xform)
RTE_LOG(ERR, USER1, "PMD %s key length %u digest length %u\n",
info.device_name, auth_xform->key.length,
auth_xform->digest_length);
- return -EPERM;
+ return -ENOTSUP;
}
return 0;
@@ -1139,7 +1139,7 @@ prepare_xts_xform(struct rte_crypto_sym_xform *xform)
RTE_LOG(ERR, USER1, "PMD %s key length %u IV length %u\n",
info.device_name, cipher_xform->key.length,
cipher_xform->iv.length);
- return -EPERM;
+ return -ENOTSUP;
}
return 0;
@@ -1254,7 +1254,7 @@ fips_generic_test(void)
ret = fips_run_test();
if (ret < 0) {
- if (ret == -EPERM || ret == -ENOTSUP) {
+ if (ret == -ENOTSUP) {
fprintf(info.fp_wr, "Bypass\n\n");
return 0;
}
@@ -1291,7 +1291,7 @@ fips_generic_test(void)
fprintf(info.fp_wr, "\n");
free(val.val);
- return 0;
+ return 1;
}
static int
@@ -1460,7 +1460,7 @@ fips_mct_tdes_test(void)
free(val.val);
- return 0;
+ return 1;
}
static int
@@ -1539,7 +1539,7 @@ fips_mct_aes_ecb_test(void)
free(val.val);
- return 0;
+ return 1;
}
static int
fips_mct_aes_test(void)
@@ -1647,7 +1647,7 @@ fips_mct_aes_test(void)
free(val.val);
- return 0;
+ return 1;
}
static int
@@ -1733,7 +1733,7 @@ fips_mct_sha_test(void)
free(val.val);
- return 0;
+ return 1;
}
@@ -1848,18 +1848,15 @@ fips_test_one_file(void)
}
ret = fips_test_parse_one_case();
- switch (ret) {
- case 0:
- ret = test_ops.test();
- if (ret == 0)
- break;
- RTE_LOG(ERR, USER1, "Error %i: test block\n",
+ if (ret < 0) {
+ RTE_LOG(ERR, USER1, "Error %i: Parse block\n",
ret);
goto error_one_case;
- case 1:
- break;
- default:
- RTE_LOG(ERR, USER1, "Error %i: Parse block\n",
+ }
+
+ ret = test_ops.test();
+ if (ret < 0) {
+ RTE_LOG(ERR, USER1, "Error %i: test block\n",
ret);
goto error_one_case;
}
@@ -1909,22 +1906,21 @@ fips_test_one_test_case(void)
int ret;
ret = fips_test_parse_one_json_case();
+ if (ret < 0) {
+ RTE_LOG(ERR, USER1, "Error %i: Parse block\n",
+ ret);
+ goto exit;
+ }
- switch (ret) {
- case 0:
- ret = test_ops.test();
- if (ret == 0)
- break;
+ ret = test_ops.test();
+ if (ret < 0) {
RTE_LOG(ERR, USER1, "Error %i: test block\n",
ret);
- break;
- case 1:
- break;
- default:
- RTE_LOG(ERR, USER1, "Error %i: Parse block\n",
- ret);
+ goto exit;
}
- return 0;
+
+exit:
+ return ret;
}
static int
@@ -1969,8 +1965,8 @@ fips_test_one_test_group(void)
tests_size = json_array_size(tests);
for (test_idx = 0; test_idx < tests_size; test_idx++) {
json_info.json_test_case = json_array_get(tests, test_idx);
- fips_test_one_test_case();
- json_array_append_new(write_tests, json_info.json_write_case);
+ if (fips_test_one_test_case() > 0)
+ json_array_append_new(write_tests, json_info.json_write_case);
}
return 0;
--
2.25.1
^ permalink raw reply [flat|nested] 122+ messages in thread
* [v7, 10/11] examples/fips_validation: reset IV generation in every test group
2022-05-26 8:02 ` [v7, " Gowrishankar Muthukrishnan
` (8 preceding siblings ...)
2022-05-26 8:02 ` [v7, 09/11] examples/fips_validation: cleanup bypass tests in response file Gowrishankar Muthukrishnan
@ 2022-05-26 8:02 ` Gowrishankar Muthukrishnan
2022-05-26 8:02 ` [v7, 11/11] examples/fips_validation: add parsing for aes_cbc Gowrishankar Muthukrishnan
2022-05-30 12:23 ` [v8, 00/10] Add JSON vector set support to fips validation Gowrishankar Muthukrishnan
11 siblings, 0 replies; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-26 8:02 UTC (permalink / raw)
To: dev
Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
Archana Muniganti, Jerin Jacob, Gowrishankar Muthukrishnan
Reset IV generation in every test group.
Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
---
examples/fips_validation/fips_validation_gcm.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/examples/fips_validation/fips_validation_gcm.c b/examples/fips_validation/fips_validation_gcm.c
index 3604b21f13..7e89f2a6b2 100644
--- a/examples/fips_validation/fips_validation_gcm.c
+++ b/examples/fips_validation/fips_validation_gcm.c
@@ -344,6 +344,7 @@ parse_test_gcm_json_init(void)
direction_obj = json_object_get(json_info.json_test_group, DIR_JSON_STR);
direction_str = json_string_value(direction_obj);
+ info.interim_info.gcm_data.gen_iv = 0;
if (strcmp(direction_str, OP_ENC_JSON_STR) == 0) {
json_t *ivGen_obj = json_object_get(json_info.json_test_group, IVGEN_JSON_STR);
--
2.25.1
^ permalink raw reply [flat|nested] 122+ messages in thread
* [v7, 11/11] examples/fips_validation: add parsing for aes_cbc
2022-05-26 8:02 ` [v7, " Gowrishankar Muthukrishnan
` (9 preceding siblings ...)
2022-05-26 8:02 ` [v7, 10/11] examples/fips_validation: reset IV generation in every test group Gowrishankar Muthukrishnan
@ 2022-05-26 8:02 ` Gowrishankar Muthukrishnan
2022-05-30 12:23 ` [v8, 00/10] Add JSON vector set support to fips validation Gowrishankar Muthukrishnan
11 siblings, 0 replies; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-26 8:02 UTC (permalink / raw)
To: dev
Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
Archana Muniganti, Jerin Jacob, Gowrishankar Muthukrishnan
Added function to parse algorithm for AES_CBC test.
Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
--
v6:
* fixed local variable initialization in fips_mct_aes_test.
---
examples/fips_validation/fips_validation.c | 8 +-
examples/fips_validation/fips_validation.h | 4 +
.../fips_validation/fips_validation_aes.c | 223 ++++++++++++++++++
examples/fips_validation/main.c | 76 ++++--
4 files changed, 284 insertions(+), 27 deletions(-)
diff --git a/examples/fips_validation/fips_validation.c b/examples/fips_validation/fips_validation.c
index ab4c0d0eca..8cec172a5f 100644
--- a/examples/fips_validation/fips_validation.c
+++ b/examples/fips_validation/fips_validation.c
@@ -120,7 +120,7 @@ fips_test_parse_header(void)
for (i = 0; i < info.nb_vec_lines; i++) {
if (!algo_parsed) {
- if (strstr(info.vec[i], "AESVS")) {
+ if (strstr(info.vec[i], "AES")) {
algo_parsed = 1;
info.algo = FIPS_TEST_ALGO_AES;
ret = parse_test_aes_init();
@@ -458,10 +458,12 @@ fips_test_parse_one_json_vector_set(void)
/* Vector sets contain the algorithm type, and nothing else we need. */
if (strstr(algo_str, "AES-GCM"))
info.algo = FIPS_TEST_ALGO_AES_GCM;
- if (strstr(algo_str, "HMAC"))
+ else if (strstr(algo_str, "HMAC"))
info.algo = FIPS_TEST_ALGO_HMAC;
- if (strstr(algo_str, "CMAC"))
+ else if (strstr(algo_str, "CMAC"))
info.algo = FIPS_TEST_ALGO_AES_CMAC;
+ else if (strstr(algo_str, "AES-CBC"))
+ info.algo = FIPS_TEST_ALGO_AES;
else
return -EINVAL;
diff --git a/examples/fips_validation/fips_validation.h b/examples/fips_validation/fips_validation.h
index 88cbb0303e..6385ec4d8d 100644
--- a/examples/fips_validation/fips_validation.h
+++ b/examples/fips_validation/fips_validation.h
@@ -103,6 +103,7 @@ enum fips_aesavs_test_types {
AESAVS_TYPE_VARTXT,
AESAVS_TYPE_MMT,
AESAVS_TYPE_MCT,
+ AESAVS_TYPE_AFT,
};
enum fips_tdes_test_types {
@@ -262,6 +263,9 @@ parse_test_hmac_json_algorithm(void);
int
parse_test_cmac_json_init(void);
+
+int
+parse_test_aes_json_init(void);
#endif /* RTE_HAS_JANSSON */
int
diff --git a/examples/fips_validation/fips_validation_aes.c b/examples/fips_validation/fips_validation_aes.c
index b3c5e31f32..0b7b9c0849 100644
--- a/examples/fips_validation/fips_validation_aes.c
+++ b/examples/fips_validation/fips_validation_aes.c
@@ -7,6 +7,7 @@
#include <stdio.h>
#include <rte_cryptodev.h>
+#include <rte_malloc.h>
#include "fips_validation.h"
@@ -25,6 +26,19 @@
#define OP_ENC_STR "ENCRYPT"
#define OP_DEC_STR "DECRYPT"
+#define ALGO_JSON_STR "algorithm"
+#define TESTTYPE_JSON_STR "testType"
+#define DIR_JSON_STR "direction"
+#define KEYLEN_JSON_STR "keyLen"
+
+#define KEY_JSON_STR "key"
+#define IV_JSON_STR "iv"
+#define PT_JSON_STR "pt"
+#define CT_JSON_STR "ct"
+
+#define OP_ENC_JSON_STR "encrypt"
+#define OP_DEC_JSON_STR "decrypt"
+
struct {
uint32_t type;
const char *desc;
@@ -37,6 +51,7 @@ struct {
{TDES_VARIABLE_TEXT, "KAT"},
{AESAVS_TYPE_MMT, "MMT"},
{AESAVS_TYPE_MCT, "MCT"},
+ {AESAVS_TYPE_AFT, "AFT"},
};
struct aes_test_algo {
@@ -92,6 +107,214 @@ struct fips_test_callback aes_writeback_callbacks[] = {
{NULL, NULL, NULL} /**< end pointer */
};
+#ifdef RTE_HAS_JANSSON
+struct fips_test_callback aes_dec_json_vectors[] = {
+ {KEY_JSON_STR, parse_uint8_known_len_hex_str, &vec.cipher_auth.key},
+ {IV_JSON_STR, parse_uint8_hex_str, &vec.iv},
+ {CT_JSON_STR, parse_uint8_hex_str, &vec.ct},
+ {NULL, NULL, NULL} /**< end pointer */
+};
+
+struct fips_test_callback aes_interim_json_vectors[] = {
+ {KEYLEN_JSON_STR, parser_read_uint32_bit_val, &vec.cipher_auth.key},
+ {NULL, NULL, NULL} /**< end pointer */
+};
+
+struct fips_test_callback aes_enc_json_vectors[] = {
+ {KEY_JSON_STR, parse_uint8_known_len_hex_str, &vec.cipher_auth.key},
+ {IV_JSON_STR, parse_uint8_hex_str, &vec.iv},
+ {PT_JSON_STR, parse_uint8_hex_str, &vec.pt},
+ {NULL, NULL, NULL} /**< end pointer */
+};
+
+static int
+parse_test_aes_json_writeback(struct fips_val *val)
+{
+ struct fips_val tmp_val;
+ json_t *tcId;
+
+ tcId = json_object_get(json_info.json_test_case, "tcId");
+
+ json_info.json_write_case = json_object();
+ json_object_set(json_info.json_write_case, "tcId", tcId);
+
+ if (info.op == FIPS_TEST_ENC_AUTH_GEN) {
+ json_t *ct;
+
+ tmp_val.val = val->val;
+ tmp_val.len = vec.pt.len;
+
+ writeback_hex_str("", info.one_line_text, &tmp_val);
+ ct = json_string(info.one_line_text);
+ json_object_set_new(json_info.json_write_case, CT_JSON_STR, ct);
+
+ tmp_val.val = val->val + vec.pt.len;
+ tmp_val.len = val->len - vec.pt.len;
+
+ writeback_hex_str("", info.one_line_text, &tmp_val);
+ } else {
+ if (vec.status == RTE_CRYPTO_OP_STATUS_SUCCESS) {
+ tmp_val.val = val->val;
+ tmp_val.len = vec.ct.len;
+
+ writeback_hex_str("", info.one_line_text, &tmp_val);
+ json_object_set_new(json_info.json_write_case, PT_JSON_STR,
+ json_string(info.one_line_text));
+ } else {
+ json_object_set_new(json_info.json_write_case, "testPassed", json_false());
+ }
+ }
+
+ return 0;
+}
+
+static int
+parse_test_aes_mct_json_writeback(struct fips_val *val)
+{
+ json_t *tcId, *resArr, *res, *ct, *pt, *key, *iv;
+ struct fips_val tmp_val;
+
+ tcId = json_object_get(json_info.json_test_case, "tcId");
+ if (json_info.json_write_case) {
+ json_t *wcId;
+
+ wcId = json_object_get(json_info.json_write_case, "tcId");
+ if (!json_equal(tcId, wcId)) {
+ json_info.json_write_case = json_object();
+ json_object_set(json_info.json_write_case, "tcId", tcId);
+ json_object_set(json_info.json_write_case, "resultsArray", json_array());
+ }
+ } else {
+ json_info.json_write_case = json_object();
+ json_object_set(json_info.json_write_case, "tcId", tcId);
+ json_object_set(json_info.json_write_case, "resultsArray", json_array());
+ }
+
+ resArr = json_object_get(json_info.json_write_case, "resultsArray");
+ if (!json_is_array(resArr))
+ return -EINVAL;
+
+ res = json_object();
+ if (info .op == FIPS_TEST_ENC_AUTH_GEN) {
+ writeback_hex_str("", info.one_line_text, &vec.cipher_auth.key);
+ key = json_string(info.one_line_text);
+ json_object_set_new(res, KEY_JSON_STR, key);
+
+ writeback_hex_str("", info.one_line_text, &val[2]);
+ iv = json_string(info.one_line_text);
+ json_object_set_new(res, IV_JSON_STR, iv);
+
+ writeback_hex_str("", info.one_line_text, &val[1]);
+ pt = json_string(info.one_line_text);
+ json_object_set_new(res, PT_JSON_STR, pt);
+
+ tmp_val.val = val->val;
+ tmp_val.len = vec.pt.len;
+
+ writeback_hex_str("", info.one_line_text, &tmp_val);
+ ct = json_string(info.one_line_text);
+ json_object_set_new(res, CT_JSON_STR, ct);
+
+ tmp_val.val = val->val + vec.pt.len;
+ tmp_val.len = val->len - vec.pt.len;
+
+ writeback_hex_str("", info.one_line_text, &tmp_val);
+ } else {
+ if (vec.status == RTE_CRYPTO_OP_STATUS_SUCCESS) {
+ writeback_hex_str("", info.one_line_text, &vec.cipher_auth.key);
+ key = json_string(info.one_line_text);
+ json_object_set_new(res, KEY_JSON_STR, key);
+
+ writeback_hex_str("", info.one_line_text, &val[2]);
+ iv = json_string(info.one_line_text);
+ json_object_set_new(res, IV_JSON_STR, iv);
+
+ tmp_val.val = val->val;
+ tmp_val.len = vec.ct.len;
+
+ writeback_hex_str("", info.one_line_text, &tmp_val);
+ pt = json_string(info.one_line_text);
+ json_object_set_new(res, PT_JSON_STR, pt);
+
+ writeback_hex_str("", info.one_line_text, &val[1]);
+ ct = json_string(info.one_line_text);
+ json_object_set_new(res, CT_JSON_STR, ct);
+ } else {
+ json_object_set_new(json_info.json_write_case, "testPassed", json_false());
+ }
+ }
+
+ json_array_append(resArr, res);
+ return 0;
+}
+
+int
+parse_test_aes_json_init(void)
+{
+ json_t *type_obj = json_object_get(json_info.json_test_group, TESTTYPE_JSON_STR);
+ json_t *algo_obj = json_object_get(json_info.json_vector_set, ALGO_JSON_STR);
+ const char *type_str = json_string_value(type_obj);
+ const char *algo_str = json_string_value(algo_obj);
+ uint32_t i;
+
+ if (json_info.json_test_group) {
+ json_t *direction_obj;
+ const char *direction_str;
+
+ direction_obj = json_object_get(json_info.json_test_group, DIR_JSON_STR);
+ direction_str = json_string_value(direction_obj);
+
+ if (strcmp(direction_str, OP_ENC_JSON_STR) == 0) {
+ info.op = FIPS_TEST_ENC_AUTH_GEN;
+ info.callbacks = aes_enc_json_vectors;
+
+ } else if (strcmp(direction_str, OP_DEC_JSON_STR) == 0) {
+ info.op = FIPS_TEST_DEC_AUTH_VERIF;
+ info.callbacks = aes_dec_json_vectors;
+ } else {
+ return -EINVAL;
+ }
+ info.interim_callbacks = aes_interim_json_vectors;
+ }
+
+ for (i = 0; i < RTE_DIM(aes_test_types); i++)
+ if (strstr(type_str, aes_test_types[i].desc)) {
+ info.interim_info.aes_data.test_type =
+ aes_test_types[i].type;
+ break;
+ }
+
+ if (i >= RTE_DIM(aes_test_types))
+ return -EINVAL;
+
+ switch (info.interim_info.aes_data.test_type) {
+ case AESAVS_TYPE_MCT:
+ info.parse_writeback = parse_test_aes_mct_json_writeback;
+ break;
+ case AESAVS_TYPE_AFT:
+ info.parse_writeback = parse_test_aes_json_writeback;
+ break;
+ default:
+ info.parse_writeback = NULL;
+ }
+
+ if (!info.parse_writeback)
+ return -EINVAL;
+
+ for (i = 0; i < RTE_DIM(algo_con); i++)
+ if (strstr(algo_str, algo_con[i].name)) {
+ info.interim_info.aes_data.cipher_algo =
+ (uint32_t)algo_con[i].algo;
+ break;
+ }
+
+ if (i >= RTE_DIM(algo_con))
+ return -EINVAL;
+
+ return 0;
+}
+#endif /* RTE_HAS_JANSSON */
+
static int
parse_test_aes_writeback(struct fips_val *val)
{
diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c
index c203ad2ac2..2492df527b 100644
--- a/examples/fips_validation/main.c
+++ b/examples/fips_validation/main.c
@@ -1547,7 +1547,7 @@ fips_mct_aes_test(void)
#define AES_BLOCK_SIZE 16
#define AES_EXTERN_ITER 100
#define AES_INTERN_ITER 1000
- struct fips_val val = {NULL, 0}, val_key;
+ struct fips_val val[3] = {{NULL, 0},}, val_key, pt, ct, iv;
uint8_t prev_out[AES_BLOCK_SIZE] = {0};
uint8_t prev_in[AES_BLOCK_SIZE] = {0};
uint32_t i, j, k;
@@ -1556,11 +1556,16 @@ fips_mct_aes_test(void)
if (info.interim_info.aes_data.cipher_algo == RTE_CRYPTO_CIPHER_AES_ECB)
return fips_mct_aes_ecb_test();
+ memset(&pt, 0, sizeof(struct fips_val));
+ memset(&ct, 0, sizeof(struct fips_val));
+ memset(&iv, 0, sizeof(struct fips_val));
for (i = 0; i < AES_EXTERN_ITER; i++) {
- if (i != 0)
- update_info_vec(i);
+ if (info.file_type != FIPS_TYPE_JSON) {
+ if (i != 0)
+ update_info_vec(i);
- fips_test_write_one_case();
+ fips_test_write_one_case();
+ }
for (j = 0; j < AES_INTERN_ITER; j++) {
ret = fips_run_test();
@@ -1573,7 +1578,7 @@ fips_mct_aes_test(void)
return ret;
}
- ret = get_writeback_data(&val);
+ ret = get_writeback_data(&val[0]);
if (ret < 0)
return ret;
@@ -1581,24 +1586,39 @@ fips_mct_aes_test(void)
memcpy(prev_in, vec.ct.val, AES_BLOCK_SIZE);
if (j == 0) {
- memcpy(prev_out, val.val, AES_BLOCK_SIZE);
+ memcpy(prev_out, val[0].val, AES_BLOCK_SIZE);
+ pt.len = vec.pt.len;
+ pt.val = calloc(1, pt.len);
+ memcpy(pt.val, vec.pt.val, pt.len);
+
+ ct.len = vec.ct.len;
+ ct.val = calloc(1, ct.len);
+ memcpy(ct.val, vec.ct.val, ct.len);
+
+ iv.len = vec.iv.len;
+ iv.val = calloc(1, iv.len);
+ memcpy(iv.val, vec.iv.val, iv.len);
if (info.op == FIPS_TEST_ENC_AUTH_GEN) {
- memcpy(vec.pt.val, vec.iv.val,
- AES_BLOCK_SIZE);
- memcpy(vec.iv.val, val.val,
- AES_BLOCK_SIZE);
+ memcpy(vec.pt.val, vec.iv.val, AES_BLOCK_SIZE);
+ memcpy(vec.iv.val, val[0].val, AES_BLOCK_SIZE);
+ val[1].val = pt.val;
+ val[1].len = pt.len;
+ val[2].val = iv.val;
+ val[2].len = iv.len;
} else {
- memcpy(vec.ct.val, vec.iv.val,
- AES_BLOCK_SIZE);
- memcpy(vec.iv.val, prev_in,
- AES_BLOCK_SIZE);
+ memcpy(vec.ct.val, vec.iv.val, AES_BLOCK_SIZE);
+ memcpy(vec.iv.val, prev_in, AES_BLOCK_SIZE);
+ val[1].val = ct.val;
+ val[1].len = ct.len;
+ val[2].val = iv.val;
+ val[2].len = iv.len;
}
continue;
}
if (info.op == FIPS_TEST_ENC_AUTH_GEN) {
- memcpy(vec.iv.val, val.val, AES_BLOCK_SIZE);
+ memcpy(vec.iv.val, val[0].val, AES_BLOCK_SIZE);
memcpy(vec.pt.val, prev_out, AES_BLOCK_SIZE);
} else {
memcpy(vec.iv.val, prev_in, AES_BLOCK_SIZE);
@@ -1608,33 +1628,38 @@ fips_mct_aes_test(void)
if (j == AES_INTERN_ITER - 1)
continue;
- memcpy(prev_out, val.val, AES_BLOCK_SIZE);
+ memcpy(prev_out, val[0].val, AES_BLOCK_SIZE);
}
- info.parse_writeback(&val);
- fprintf(info.fp_wr, "\n");
+ info.parse_writeback(val);
+ if (info.file_type != FIPS_TYPE_JSON)
+ fprintf(info.fp_wr, "\n");
- if (i == AES_EXTERN_ITER - 1)
+ if (i == AES_EXTERN_ITER - 1) {
+ free(pt.val);
+ free(ct.val);
+ free(iv.val);
continue;
+ }
/** update key */
memcpy(&val_key, &vec.cipher_auth.key, sizeof(val_key));
for (k = 0; k < vec.cipher_auth.key.len; k++) {
switch (vec.cipher_auth.key.len) {
case 16:
- val_key.val[k] ^= val.val[k];
+ val_key.val[k] ^= val[0].val[k];
break;
case 24:
if (k < 8)
val_key.val[k] ^= prev_out[k + 8];
else
- val_key.val[k] ^= val.val[k - 8];
+ val_key.val[k] ^= val[0].val[k - 8];
break;
case 32:
if (k < 16)
val_key.val[k] ^= prev_out[k];
else
- val_key.val[k] ^= val.val[k - 16];
+ val_key.val[k] ^= val[0].val[k - 16];
break;
default:
return -1;
@@ -1642,10 +1667,10 @@ fips_mct_aes_test(void)
}
if (info.op == FIPS_TEST_DEC_AUTH_VERIF)
- memcpy(vec.iv.val, val.val, AES_BLOCK_SIZE);
+ memcpy(vec.iv.val, val[0].val, AES_BLOCK_SIZE);
}
- free(val.val);
+ free(val[0].val);
return 1;
}
@@ -1946,6 +1971,9 @@ fips_test_one_test_group(void)
case FIPS_TEST_ALGO_AES_CMAC:
ret = parse_test_cmac_json_init();
break;
+ case FIPS_TEST_ALGO_AES:
+ ret = parse_test_aes_json_init();
+ break;
default:
return -EINVAL;
}
--
2.25.1
^ permalink raw reply [flat|nested] 122+ messages in thread
* [v8, 00/10] Add JSON vector set support to fips validation
2022-05-26 8:02 ` [v7, " Gowrishankar Muthukrishnan
` (10 preceding siblings ...)
2022-05-26 8:02 ` [v7, 11/11] examples/fips_validation: add parsing for aes_cbc Gowrishankar Muthukrishnan
@ 2022-05-30 12:23 ` Gowrishankar Muthukrishnan
2022-05-30 12:23 ` [v8, 01/10] examples/fips_validation: add jansson dependency Gowrishankar Muthukrishnan
` (10 more replies)
11 siblings, 11 replies; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-30 12:23 UTC (permalink / raw)
To: dev
Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
Archana Muniganti, Jerin Jacob, Gowrishankar Muthukrishnan
Adds a very basic introduction to JSON vector sets in
the fips validation example application. This patch set
will only introduce the AES-GCM test using a JSON request
file because the other algorithms need more information
than what is given in the new JSON format.
v8:
* Fixed overlapped places for FIPS 140-2 test vectors.
v7:
* Fixed individual patches to build correctly.
v6:
* CI centos platform fix.
v5:
* AES_CBC support appended in series.
Brandon Lo (8):
examples/fips_validation: add jansson dependency
examples/fips_validation: add json info to header
examples/fips_validation: add json parsing
examples/fips_validation: allow json file as input
examples/fips_validation: add json to gcm test
examples/fips_validation: add json to hmac
examples/fips_validation: implement json cmac test
examples/fips_validation: add parsing for cmac
Gowrishankar Muthukrishnan (2):
examples/fips_validation: add parsing for aes_cbc
doc: add notes about acvp validation support
doc/guides/sample_app_ug/fips_validation.rst | 30 +-
examples/fips_validation/fips_validation.c | 117 ++++++-
examples/fips_validation/fips_validation.h | 64 +++-
.../fips_validation/fips_validation_aes.c | 223 +++++++++++++
.../fips_validation/fips_validation_cmac.c | 80 +++++
.../fips_validation/fips_validation_gcm.c | 152 ++++++++-
.../fips_validation/fips_validation_hmac.c | 93 ++++++
examples/fips_validation/main.c | 295 ++++++++++++++++--
examples/fips_validation/meson.build | 4 +
9 files changed, 1015 insertions(+), 43 deletions(-)
--
2.25.1
^ permalink raw reply [flat|nested] 122+ messages in thread
* [v8, 01/10] examples/fips_validation: add jansson dependency
2022-05-30 12:23 ` [v8, 00/10] Add JSON vector set support to fips validation Gowrishankar Muthukrishnan
@ 2022-05-30 12:23 ` Gowrishankar Muthukrishnan
2022-05-30 12:23 ` [v8, 02/10] examples/fips_validation: add json info to header Gowrishankar Muthukrishnan
` (9 subsequent siblings)
10 siblings, 0 replies; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-30 12:23 UTC (permalink / raw)
To: dev
Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
Archana Muniganti, Jerin Jacob, Brandon Lo,
Gowrishankar Muthukrishnan
From: Brandon Lo <blo@iol.unh.edu>
Added a check for RTE_HAS_JANSSON into the meson
configuration file for JSON support.
Signed-off-by: Brandon Lo <blo@iol.unh.edu>
Acked-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
---
examples/fips_validation/meson.build | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/examples/fips_validation/meson.build b/examples/fips_validation/meson.build
index 7eef456318..8cd63066b5 100644
--- a/examples/fips_validation/meson.build
+++ b/examples/fips_validation/meson.build
@@ -21,3 +21,7 @@ sources = files(
'fips_dev_self_test.c',
'main.c',
)
+
+if dpdk_conf.has('RTE_HAS_JANSSON')
+ ext_deps += jansson_dep
+endif
--
2.25.1
^ permalink raw reply [flat|nested] 122+ messages in thread
* [v8, 02/10] examples/fips_validation: add json info to header
2022-05-30 12:23 ` [v8, 00/10] Add JSON vector set support to fips validation Gowrishankar Muthukrishnan
2022-05-30 12:23 ` [v8, 01/10] examples/fips_validation: add jansson dependency Gowrishankar Muthukrishnan
@ 2022-05-30 12:23 ` Gowrishankar Muthukrishnan
2022-05-30 12:23 ` [v8, 03/10] examples/fips_validation: add json parsing Gowrishankar Muthukrishnan
` (8 subsequent siblings)
10 siblings, 0 replies; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-30 12:23 UTC (permalink / raw)
To: dev
Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
Archana Muniganti, Jerin Jacob, Brandon Lo,
Gowrishankar Muthukrishnan
From: Brandon Lo <blo@iol.unh.edu>
Added json-specific functions and other information needed to
test the new FIPS test vectors.
Signed-off-by: Brandon Lo <blo@iol.unh.edu>
Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
---
v7:
* fix switch clause for info.file_type.
v5:
* fix typo in macro name for prefixes.
v2:
* fix type of prefix to suffix
---
examples/fips_validation/fips_validation.c | 6 +--
examples/fips_validation/fips_validation.h | 48 ++++++++++++++++++++--
examples/fips_validation/main.c | 2 +
3 files changed, 49 insertions(+), 7 deletions(-)
diff --git a/examples/fips_validation/fips_validation.c b/examples/fips_validation/fips_validation.c
index 94253eaee8..38c99b291c 100644
--- a/examples/fips_validation/fips_validation.c
+++ b/examples/fips_validation/fips_validation.c
@@ -270,11 +270,11 @@ parse_file_type(const char *path)
{
const char *tmp = path + strlen(path) - 3;
- if (strstr(tmp, REQ_FILE_PERFIX))
+ if (strstr(tmp, REQ_FILE_PREFIX))
info.file_type = FIPS_TYPE_REQ;
- else if (strstr(tmp, RSP_FILE_PERFIX))
+ else if (strstr(tmp, RSP_FILE_PREFIX))
info.file_type = FIPS_TYPE_RSP;
- else if (strstr(path, FAX_FILE_PERFIX))
+ else if (strstr(path, FAX_FILE_PREFIX))
info.file_type = FIPS_TYPE_FAX;
else
return -EINVAL;
diff --git a/examples/fips_validation/fips_validation.h b/examples/fips_validation/fips_validation.h
index aaadf01ba8..a1c83a9a6a 100644
--- a/examples/fips_validation/fips_validation.h
+++ b/examples/fips_validation/fips_validation.h
@@ -5,6 +5,10 @@
#ifndef _FIPS_VALIDATION_H_
#define _FIPS_VALIDATION_H_
+#ifdef RTE_HAS_JANSSON
+#include <jansson.h>
+#endif /* RTE_HAS_JANSSON */
+
#define FIPS_PARSE_ERR(fmt, args) \
RTE_LOG(ERR, USER1, "FIPS parse error" ## fmt ## "\n", ## args)
@@ -21,9 +25,12 @@
#define POSITIVE_TEST 0
#define NEGATIVE_TEST -1
-#define REQ_FILE_PERFIX "req"
-#define RSP_FILE_PERFIX "rsp"
-#define FAX_FILE_PERFIX "fax"
+#define REQ_FILE_PREFIX "req"
+#define RSP_FILE_PREFIX "rsp"
+#define FAX_FILE_PREFIX "fax"
+#define JSON_FILE_PREFIX "json"
+
+#define ACVVERSION "1.0"
enum fips_test_algorithms {
FIPS_TEST_ALGO_AES = 0,
@@ -40,7 +47,8 @@ enum fips_test_algorithms {
enum file_types {
FIPS_TYPE_REQ = 1,
FIPS_TYPE_FAX,
- FIPS_TYPE_RSP
+ FIPS_TYPE_RSP,
+ FIPS_TYPE_JSON,
};
enum fips_test_op {
@@ -161,6 +169,23 @@ struct gcm_interim_data {
uint8_t gen_iv;
};
+#ifdef RTE_HAS_JANSSON
+struct fips_test_json_info {
+ /* Information used for reading from json */
+ json_t *json_root;
+ json_t *json_vector_set;
+ json_t *json_test_group;
+ json_t *json_test_case;
+ /* Location of json write output */
+ json_t *json_write_root;
+ json_t *json_write_group;
+ json_t *json_write_set;
+ json_t *json_write_case;
+ /* Other info */
+ uint8_t is_sample;
+};
+#endif /* RTE_HAS_JANSSON */
+
struct fips_test_interim_info {
FILE *fp_rd;
FILE *fp_wr;
@@ -196,6 +221,10 @@ struct fips_test_interim_info {
extern struct fips_test_vector vec;
extern struct fips_test_interim_info info;
+#ifdef RTE_HAS_JANSSON
+extern struct fips_test_json_info json_info;
+#endif /* RTE_HAS_JANSSON */
+
int
fips_test_init(const char *req_file_path, const char *rsp_file_path,
const char *device_name);
@@ -212,6 +241,17 @@ fips_test_parse_one_case(void);
void
fips_test_write_one_case(void);
+#ifdef RTE_HAS_JANSSON
+int
+fips_test_parse_one_json_vector_set(void);
+
+int
+fips_test_parse_one_json_group(void);
+
+int
+fips_test_parse_one_json_case(void);
+#endif /* RTE_HAS_JANSSON */
+
int
parse_test_aes_init(void);
diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c
index e06ae37567..554d74cda0 100644
--- a/examples/fips_validation/main.c
+++ b/examples/fips_validation/main.c
@@ -1251,6 +1251,8 @@ fips_generic_test(void)
if (ret < 0)
return ret;
break;
+ default:
+ break;
}
fprintf(info.fp_wr, "\n");
--
2.25.1
^ permalink raw reply [flat|nested] 122+ messages in thread
* [v8, 03/10] examples/fips_validation: add json parsing
2022-05-30 12:23 ` [v8, 00/10] Add JSON vector set support to fips validation Gowrishankar Muthukrishnan
2022-05-30 12:23 ` [v8, 01/10] examples/fips_validation: add jansson dependency Gowrishankar Muthukrishnan
2022-05-30 12:23 ` [v8, 02/10] examples/fips_validation: add json info to header Gowrishankar Muthukrishnan
@ 2022-05-30 12:23 ` Gowrishankar Muthukrishnan
2022-05-30 12:23 ` [v8, 04/10] examples/fips_validation: allow json file as input Gowrishankar Muthukrishnan
` (7 subsequent siblings)
10 siblings, 0 replies; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-30 12:23 UTC (permalink / raw)
To: dev
Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
Archana Muniganti, Jerin Jacob, Brandon Lo,
Gowrishankar Muthukrishnan
From: Brandon Lo <blo@iol.unh.edu>
Added functions to parse the required information from a vector set
given in the new json format.
Signed-off-by: Brandon Lo <blo@iol.unh.edu>
Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
---
v7:
* pulled json_info define from next patch.
v3:
* fix checkpatch warnings
v2:
* fix for loop initialization
---
examples/fips_validation/fips_validation.c | 92 ++++++++++++++++++++++
examples/fips_validation/main.c | 4 +
2 files changed, 96 insertions(+)
diff --git a/examples/fips_validation/fips_validation.c b/examples/fips_validation/fips_validation.c
index 38c99b291c..6594a15579 100644
--- a/examples/fips_validation/fips_validation.c
+++ b/examples/fips_validation/fips_validation.c
@@ -276,6 +276,8 @@ parse_file_type(const char *path)
info.file_type = FIPS_TYPE_RSP;
else if (strstr(path, FAX_FILE_PREFIX))
info.file_type = FIPS_TYPE_FAX;
+ else if (strstr(path, JSON_FILE_PREFIX))
+ info.file_type = FIPS_TYPE_JSON;
else
return -EINVAL;
@@ -311,6 +313,21 @@ fips_test_init(const char *req_file_path, const char *rsp_file_path,
return -EINVAL;
}
+ if (info.file_type == FIPS_TYPE_JSON) {
+#ifdef RTE_HAS_JANSSON
+ json_error_t error;
+ json_info.json_root = json_loadf(info.fp_rd, 0, &error);
+ if (!json_info.json_root) {
+ RTE_LOG(ERR, USER1, "Cannot parse json file %s (line %d, column %d)\n",
+ req_file_path, error.line, error.column);
+ return -EINVAL;
+ }
+#else /* RTE_HAS_JANSSON */
+ RTE_LOG(ERR, USER1, "No json library configured.\n");
+ return -EINVAL;
+#endif /* RTE_HAS_JANSSON */
+ }
+
info.fp_wr = fopen(rsp_file_path, "w");
if (!info.fp_wr) {
RTE_LOG(ERR, USER1, "Cannot open file %s\n", rsp_file_path);
@@ -329,6 +346,9 @@ fips_test_init(const char *req_file_path, const char *rsp_file_path,
return -EINVAL;
}
+ if (info.file_type == FIPS_TYPE_JSON)
+ return 0;
+
if (fips_test_parse_header() < 0) {
RTE_LOG(ERR, USER1, "Failed parsing header\n");
return -1;
@@ -428,6 +448,78 @@ fips_test_write_one_case(void)
fprintf(info.fp_wr, "%s\n", info.vec[i]);
}
+#ifdef RTE_HAS_JANSSON
+int
+fips_test_parse_one_json_vector_set(void)
+{
+ json_t *algo_obj = json_object_get(json_info.json_vector_set, "algorithm");
+ const char *algo_str = json_string_value(algo_obj);
+
+ /* Vector sets contain the algorithm type, and nothing else we need. */
+ if (strstr(algo_str, "AES-GCM"))
+ info.algo = FIPS_TEST_ALGO_AES_GCM;
+ else
+ return -EINVAL;
+
+ return 0;
+}
+
+int
+fips_test_parse_one_json_group(void)
+{
+ int ret, i;
+ json_int_t val;
+ json_t *param;
+
+ if (info.interim_callbacks) {
+ char json_value[256];
+ for (i = 0; info.interim_callbacks[i].key != NULL; i++) {
+ param = json_object_get(json_info.json_test_group,
+ info.interim_callbacks[i].key);
+ val = json_integer_value(param);
+ snprintf(json_value, 255, "%"JSON_INTEGER_FORMAT, val);
+ /* First argument is blank because the key
+ * is not included in the string being parsed.
+ */
+ ret = info.interim_callbacks[i].cb(
+ "", json_value,
+ info.interim_callbacks[i].val
+ );
+ if (ret < 0)
+ return ret;
+ }
+ }
+
+ return 0;
+}
+
+int
+fips_test_parse_one_json_case(void)
+{
+ uint32_t i;
+ int ret = 0;
+ json_t *param;
+
+ for (i = 0; info.callbacks[i].key != NULL; i++) {
+ param = json_object_get(json_info.json_test_case, info.callbacks[i].key);
+ if (param) {
+ strcpy(info.one_line_text, json_string_value(param));
+ /* First argument is blank because the key
+ * is not included in the string being parsed.
+ */
+ ret = info.callbacks[i].cb(
+ "", info.one_line_text,
+ info.callbacks[i].val
+ );
+ if (ret < 0)
+ return ret;
+ }
+ }
+
+ return 0;
+}
+#endif /* RTE_HAS_JANSSON */
+
static int
parser_read_uint64_hex(uint64_t *value, const char *p)
{
diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c
index 554d74cda0..11db983ab0 100644
--- a/examples/fips_validation/main.c
+++ b/examples/fips_validation/main.c
@@ -39,6 +39,10 @@ enum {
struct fips_test_vector vec;
struct fips_test_interim_info info;
+#ifdef RTE_HAS_JANSSON
+struct fips_test_json_info json_info;
+#endif /* RTE_HAS_JANSSON */
+
struct cryptodev_fips_validate_env {
const char *req_path;
const char *rsp_path;
--
2.25.1
^ permalink raw reply [flat|nested] 122+ messages in thread
* [v8, 04/10] examples/fips_validation: allow json file as input
2022-05-30 12:23 ` [v8, 00/10] Add JSON vector set support to fips validation Gowrishankar Muthukrishnan
` (2 preceding siblings ...)
2022-05-30 12:23 ` [v8, 03/10] examples/fips_validation: add json parsing Gowrishankar Muthukrishnan
@ 2022-05-30 12:23 ` Gowrishankar Muthukrishnan
2022-05-30 12:23 ` [v8, 05/10] examples/fips_validation: add json to gcm test Gowrishankar Muthukrishnan
` (6 subsequent siblings)
10 siblings, 0 replies; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-30 12:23 UTC (permalink / raw)
To: dev
Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
Archana Muniganti, Jerin Jacob, Brandon Lo,
Gowrishankar Muthukrishnan
From: Brandon Lo <blo@iol.unh.edu>
Added the ability to use the json format as the input
and output of the example application.
Signed-off-by: Brandon Lo <blo@iol.unh.edu>
Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
--
v8:
* dont steal refcount on write_set using _new as latter is updated
subsequently in same function.
* fix fips_test_one_test_case to handle error code hence avoid
incorrect test data in response file since a test run for json
req file.
* Do not show bypass string in response for json file test.
v5:
* fix to check info.file_type in json file type as well.
v3:
* fix checkpatch warnings
v2:
* remove use_json variable
---
examples/fips_validation/main.c | 206 +++++++++++++++++++++++++++++++-
1 file changed, 203 insertions(+), 3 deletions(-)
diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c
index 11db983ab0..5bebff853e 100644
--- a/examples/fips_validation/main.c
+++ b/examples/fips_validation/main.c
@@ -34,6 +34,8 @@ enum {
OPT_CRYPTODEV_BK_ID_NUM,
#define OPT_CRYPTODEV_BK_DIR_KEY "broken-test-dir"
OPT_CRYPTODEV_BK_DIR_KEY_NUM,
+#define OPT_USE_JSON "use-json"
+ OPT_USE_JSON_NUM,
};
struct fips_test_vector vec;
@@ -170,6 +172,11 @@ cryptodev_fips_validate_app_uninit(void)
static int
fips_test_one_file(void);
+#ifdef RTE_HAS_JANSSON
+static int
+fips_test_one_json_file(void);
+#endif /* RTE_HAS_JANSSON */
+
static int
parse_cryptodev_arg(char *arg)
{
@@ -429,8 +436,17 @@ main(int argc, char *argv[])
goto exit;
}
-
+#ifdef RTE_HAS_JANSSON
+ if (info.file_type == FIPS_TYPE_JSON) {
+ ret = fips_test_one_json_file();
+ json_decref(json_info.json_root);
+ } else {
+ ret = fips_test_one_file();
+ }
+#else /* RTE_HAS_JANSSON */
ret = fips_test_one_file();
+#endif /* RTE_HAS_JANSSON */
+
if (ret < 0) {
RTE_LOG(ERR, USER1, "Error %i: Failed test %s\n",
ret, env.req_path);
@@ -485,7 +501,17 @@ main(int argc, char *argv[])
break;
}
+#ifdef RTE_HAS_JANSSON
+ if (info.file_type == FIPS_TYPE_JSON) {
+ ret = fips_test_one_json_file();
+ json_decref(json_info.json_root);
+ } else {
+ ret = fips_test_one_file();
+ }
+#else /* RTE_HAS_JANSSON */
ret = fips_test_one_file();
+#endif /* RTE_HAS_JANSSON */
+
if (ret < 0) {
RTE_LOG(ERR, USER1, "Error %i: Failed test %s\n",
ret, req_path);
@@ -1223,11 +1249,15 @@ fips_generic_test(void)
struct fips_val val = {NULL, 0};
int ret;
- fips_test_write_one_case();
+ if (info.file_type != FIPS_TYPE_JSON)
+ fips_test_write_one_case();
ret = fips_run_test();
if (ret < 0) {
if (ret == -EPERM || ret == -ENOTSUP) {
+ if (info.file_type == FIPS_TYPE_JSON)
+ return ret;
+
fprintf(info.fp_wr, "Bypass\n\n");
return 0;
}
@@ -1242,6 +1272,7 @@ fips_generic_test(void)
switch (info.file_type) {
case FIPS_TYPE_REQ:
case FIPS_TYPE_RSP:
+ case FIPS_TYPE_JSON:
if (info.parse_writeback == NULL)
return -EPERM;
ret = info.parse_writeback(&val);
@@ -1259,7 +1290,8 @@ fips_generic_test(void)
break;
}
- fprintf(info.fp_wr, "\n");
+ if (info.file_type != FIPS_TYPE_JSON)
+ fprintf(info.fp_wr, "\n");
free(val.val);
return 0;
@@ -1294,6 +1326,9 @@ fips_mct_tdes_test(void)
ret = fips_run_test();
if (ret < 0) {
if (ret == -EPERM) {
+ if (info.file_type == FIPS_TYPE_JSON)
+ return ret;
+
fprintf(info.fp_wr, "Bypass\n");
return 0;
}
@@ -1455,6 +1490,9 @@ fips_mct_aes_ecb_test(void)
ret = fips_run_test();
if (ret < 0) {
if (ret == -EPERM) {
+ if (info.file_type == FIPS_TYPE_JSON)
+ return ret;
+
fprintf(info.fp_wr, "Bypass\n");
return 0;
}
@@ -1537,6 +1575,9 @@ fips_mct_aes_test(void)
ret = fips_run_test();
if (ret < 0) {
if (ret == -EPERM) {
+ if (info.file_type == FIPS_TYPE_JSON)
+ return ret;
+
fprintf(info.fp_wr, "Bypass\n");
return 0;
}
@@ -1667,6 +1708,9 @@ fips_mct_sha_test(void)
ret = fips_run_test();
if (ret < 0) {
if (ret == -EPERM || ret == -ENOTSUP) {
+ if (info.file_type == FIPS_TYPE_JSON)
+ return ret;
+
fprintf(info.fp_wr, "Bypass\n\n");
return 0;
}
@@ -1850,3 +1894,159 @@ fips_test_one_file(void)
return ret;
}
+
+#ifdef RTE_HAS_JANSSON
+static int
+fips_test_json_init_writeback(void)
+{
+ json_t *session_info, *session_write;
+ session_info = json_array_get(json_info.json_root, 0);
+ session_write = json_object();
+ json_info.json_write_root = json_array();
+
+ json_object_set(session_write, "jwt",
+ json_object_get(session_info, "jwt"));
+ json_object_set(session_write, "url",
+ json_object_get(session_info, "url"));
+ json_object_set(session_write, "isSample",
+ json_object_get(session_info, "isSample"));
+
+ json_info.is_sample = json_boolean_value(
+ json_object_get(session_info, "isSample"));
+
+ json_array_append_new(json_info.json_write_root, session_write);
+ return 0;
+}
+
+static int
+fips_test_one_test_case(void)
+{
+ int ret;
+
+ ret = fips_test_parse_one_json_case();
+
+ switch (ret) {
+ case 0:
+ ret = test_ops.test();
+ if ((ret == 0) || (ret == -EPERM || ret == -ENOTSUP))
+ break;
+ RTE_LOG(ERR, USER1, "Error %i: test block\n",
+ ret);
+ break;
+ default:
+ RTE_LOG(ERR, USER1, "Error %i: Parse block\n",
+ ret);
+ }
+ return ret;
+}
+
+static int
+fips_test_one_test_group(void)
+{
+ int ret;
+ json_t *tests, *write_tests;
+ size_t test_idx, tests_size;
+
+ write_tests = json_array();
+ json_info.json_write_group = json_object();
+ json_object_set(json_info.json_write_group, "tgId",
+ json_object_get(json_info.json_test_group, "tgId"));
+ json_object_set_new(json_info.json_write_group, "tests", write_tests);
+
+ switch (info.algo) {
+ case FIPS_TEST_ALGO_AES_GCM:
+ ret = parse_test_gcm_init();
+ break;
+ default:
+ return -EINVAL;
+ }
+ if (ret < 0)
+ return ret;
+
+ ret = fips_test_parse_one_json_group();
+ if (ret < 0)
+ return ret;
+
+ ret = init_test_ops();
+ if (ret < 0)
+ return ret;
+
+ tests = json_object_get(json_info.json_test_group, "tests");
+ tests_size = json_array_size(tests);
+ for (test_idx = 0; test_idx < tests_size; test_idx++) {
+ json_info.json_test_case = json_array_get(tests, test_idx);
+ if (fips_test_one_test_case() == 0)
+ json_array_append_new(write_tests, json_info.json_write_case);
+ }
+
+ return 0;
+}
+
+static int
+fips_test_one_vector_set(void)
+{
+ int ret;
+ json_t *test_groups, *write_groups, *write_version, *write_set;
+ size_t group_idx, num_groups;
+
+ test_groups = json_object_get(json_info.json_vector_set, "testGroups");
+ num_groups = json_array_size(test_groups);
+
+ json_info.json_write_set = json_array();
+ write_version = json_object();
+ json_object_set_new(write_version, "acvVersion", json_string(ACVVERSION));
+ json_array_append_new(json_info.json_write_set, write_version);
+
+ write_set = json_object();
+ json_array_append(json_info.json_write_set, write_set);
+ write_groups = json_array();
+
+ json_object_set(write_set, "vsId",
+ json_object_get(json_info.json_vector_set, "vsId"));
+ json_object_set(write_set, "algorithm",
+ json_object_get(json_info.json_vector_set, "algorithm"));
+ json_object_set(write_set, "revision",
+ json_object_get(json_info.json_vector_set, "revision"));
+ json_object_set_new(write_set, "isSample",
+ json_boolean(json_info.is_sample));
+ json_object_set_new(write_set, "testGroups", write_groups);
+
+ ret = fips_test_parse_one_json_vector_set();
+ if (ret < 0) {
+ RTE_LOG(ERR, USER1, "Error: Unsupported or invalid vector set algorithm: %s\n",
+ json_string_value(json_object_get(json_info.json_vector_set, "algorithm")));
+ return ret;
+ }
+
+ for (group_idx = 0; group_idx < num_groups; group_idx++) {
+ json_info.json_test_group = json_array_get(test_groups, group_idx);
+ ret = fips_test_one_test_group();
+ json_array_append_new(write_groups, json_info.json_write_group);
+ }
+
+ return 0;
+}
+
+static int
+fips_test_one_json_file(void)
+{
+ size_t vector_set_idx, root_size;
+
+ root_size = json_array_size(json_info.json_root);
+ fips_test_json_init_writeback();
+
+ for (vector_set_idx = 1; vector_set_idx < root_size; vector_set_idx++) {
+ /* Vector set index starts at 1, the 0th index contains test session
+ * information.
+ */
+ json_info.json_vector_set = json_array_get(json_info.json_root, vector_set_idx);
+ fips_test_one_vector_set();
+ json_array_append_new(json_info.json_write_root, json_info.json_write_set);
+ }
+
+ json_dumpf(json_info.json_write_root, info.fp_wr, JSON_INDENT(4));
+ json_decref(json_info.json_write_root);
+
+ return 0;
+}
+#endif /* RTE_HAS_JANSSON */
--
2.25.1
^ permalink raw reply [flat|nested] 122+ messages in thread
* [v8, 05/10] examples/fips_validation: add json to gcm test
2022-05-30 12:23 ` [v8, 00/10] Add JSON vector set support to fips validation Gowrishankar Muthukrishnan
` (3 preceding siblings ...)
2022-05-30 12:23 ` [v8, 04/10] examples/fips_validation: allow json file as input Gowrishankar Muthukrishnan
@ 2022-05-30 12:23 ` Gowrishankar Muthukrishnan
2022-05-30 12:23 ` [v8, 06/10] examples/fips_validation: add json to hmac Gowrishankar Muthukrishnan
` (5 subsequent siblings)
10 siblings, 0 replies; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-30 12:23 UTC (permalink / raw)
To: dev
Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
Archana Muniganti, Jerin Jacob, Brandon Lo,
Gowrishankar Muthukrishnan
From: Brandon Lo <blo@iol.unh.edu>
Adds json-specific testing and writeback function. Allows
the user to test AES-GCM vector sets.
Signed-off-by: Brandon Lo <blo@iol.unh.edu>
Acked-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
---
v8:
* reset IV generation var in every test group as initialization.
v3:
* fix checkpatch warnings
---
examples/fips_validation/fips_validation.h | 3 +
.../fips_validation/fips_validation_gcm.c | 152 +++++++++++++++++-
examples/fips_validation/main.c | 3 +-
3 files changed, 156 insertions(+), 2 deletions(-)
diff --git a/examples/fips_validation/fips_validation.h b/examples/fips_validation/fips_validation.h
index a1c83a9a6a..8b9d528c53 100644
--- a/examples/fips_validation/fips_validation.h
+++ b/examples/fips_validation/fips_validation.h
@@ -250,6 +250,9 @@ fips_test_parse_one_json_group(void);
int
fips_test_parse_one_json_case(void);
+
+int
+parse_test_gcm_json_init(void);
#endif /* RTE_HAS_JANSSON */
int
diff --git a/examples/fips_validation/fips_validation_gcm.c b/examples/fips_validation/fips_validation_gcm.c
index 250d09bf90..7e89f2a6b2 100644
--- a/examples/fips_validation/fips_validation_gcm.c
+++ b/examples/fips_validation/fips_validation_gcm.c
@@ -6,6 +6,10 @@
#include <time.h>
#include <stdio.h>
+#ifdef RTE_HAS_JANSSON
+#include <jansson.h>
+#endif /* RTE_HAS_JANSSON */
+
#include <rte_cryptodev.h>
#include <rte_malloc.h>
@@ -37,6 +41,27 @@
#define OP_ENC_EXT_STR "ExtIV"
#define OP_ENC_INT_STR "IntIV"
+#define KEYLEN_JSON_STR "keyLen"
+#define IVLEN_JSON_STR "ivLen"
+#define PAYLOADLEN_JSON_STR "payloadLen"
+#define AADLEN_JSON_STR "aadLen"
+#define TAGLEN_JSON_STR "tagLen"
+
+#define KEY_JSON_STR "key"
+#define IV_JSON_STR "iv"
+#define PT_JSON_STR "pt"
+#define CT_JSON_STR "ct"
+#define AAD_JSON_STR "aad"
+#define TAG_JSON_STR "tag"
+#define DIR_JSON_STR "direction"
+
+#define OP_ENC_JSON_STR "encrypt"
+#define OP_DEC_JSON_STR "decrypt"
+
+#define IVGEN_JSON_STR "ivGen"
+#define OP_ENC_EXT_JSON_STR "external"
+#define OP_ENC_INT_JSON_STR "internal"
+
#define NEG_TEST_STR "FAIL"
/**
@@ -136,6 +161,40 @@ struct fips_test_callback gcm_enc_vectors[] = {
{NULL, NULL, NULL} /**< end pointer */
};
+#ifdef RTE_HAS_JANSSON
+struct fips_test_callback gcm_dec_json_vectors[] = {
+ {KEY_JSON_STR, parse_uint8_known_len_hex_str, &vec.aead.key},
+ {IV_JSON_STR, parse_uint8_known_len_hex_str, &vec.iv},
+ {CT_JSON_STR, parse_gcm_pt_ct_str, &vec.ct},
+ {AAD_JSON_STR, parse_gcm_aad_str, &vec.aead.aad},
+ {TAG_JSON_STR, parse_uint8_known_len_hex_str,
+ &vec.aead.digest},
+ {NULL, NULL, NULL} /**< end pointer */
+};
+
+struct fips_test_callback gcm_interim_json_vectors[] = {
+ {KEYLEN_JSON_STR, parser_read_uint32_bit_val, &vec.aead.key},
+ {IVLEN_JSON_STR, parser_read_uint32_bit_val, &vec.iv},
+ {PAYLOADLEN_JSON_STR, parser_read_gcm_pt_len, &vec.pt},
+ {PAYLOADLEN_JSON_STR, parser_read_uint32_bit_val, &vec.ct},
+ /**< The NIST json test vectors use 'payloadLen' to denote input text
+ * length in case of decrypt & encrypt operations.
+ */
+ {AADLEN_JSON_STR, parser_read_uint32_bit_val, &vec.aead.aad},
+ {TAGLEN_JSON_STR, parser_read_uint32_bit_val,
+ &vec.aead.digest},
+ {NULL, NULL, NULL} /**< end pointer */
+};
+
+struct fips_test_callback gcm_enc_json_vectors[] = {
+ {KEY_JSON_STR, parse_uint8_known_len_hex_str, &vec.aead.key},
+ {IV_JSON_STR, parse_uint8_known_len_hex_str, &vec.iv},
+ {PT_JSON_STR, parse_gcm_pt_ct_str, &vec.pt},
+ {AAD_JSON_STR, parse_gcm_aad_str, &vec.aead.aad},
+ {NULL, NULL, NULL} /**< end pointer */
+};
+#endif /* RTE_HAS_JANSSON */
+
static int
parse_test_gcm_writeback(struct fips_val *val)
{
@@ -194,7 +253,6 @@ parse_test_gcm_init(void)
char *tmp;
uint32_t i;
-
for (i = 0; i < info.nb_vec_lines; i++) {
char *line = info.vec[i];
@@ -218,3 +276,95 @@ parse_test_gcm_init(void)
return 0;
}
+
+#ifdef RTE_HAS_JANSSON
+static int
+parse_test_gcm_json_writeback(struct fips_val *val)
+{
+ struct fips_val tmp_val;
+ json_t *tcId, *tag;
+
+ tcId = json_object_get(json_info.json_test_case, "tcId");
+
+ json_info.json_write_case = json_object();
+ json_object_set(json_info.json_write_case, "tcId", tcId);
+
+ if (info.op == FIPS_TEST_ENC_AUTH_GEN) {
+ json_t *ct;
+
+ tmp_val.val = val->val;
+ tmp_val.len = vec.pt.len;
+
+ writeback_hex_str("", info.one_line_text, &tmp_val);
+ ct = json_string(info.one_line_text);
+ json_object_set_new(json_info.json_write_case, CT_JSON_STR, ct);
+
+ if (info.interim_info.gcm_data.gen_iv) {
+ json_t *iv;
+ tmp_val.val = vec.iv.val;
+ tmp_val.len = vec.iv.len;
+
+ writeback_hex_str("", info.one_line_text, &tmp_val);
+ iv = json_string(info.one_line_text);
+ json_object_set_new(json_info.json_write_case, IV_JSON_STR, iv);
+
+ rte_free(vec.iv.val);
+ vec.iv.val = NULL;
+ }
+
+ tmp_val.val = val->val + vec.pt.len;
+ tmp_val.len = val->len - vec.pt.len;
+
+ writeback_hex_str("", info.one_line_text, &tmp_val);
+ tag = json_string(info.one_line_text);
+ json_object_set_new(json_info.json_write_case, TAG_JSON_STR, tag);
+ } else {
+ if (vec.status == RTE_CRYPTO_OP_STATUS_SUCCESS) {
+ if (!info.interim_info.gcm_data.is_gmac) {
+ tmp_val.val = val->val;
+ tmp_val.len = vec.pt.len;
+
+ writeback_hex_str("", info.one_line_text, &tmp_val);
+ json_object_set_new(json_info.json_write_case, PT_JSON_STR,
+ json_string(info.one_line_text));
+ }
+ } else {
+ json_object_set_new(json_info.json_write_case, "testPassed", json_false());
+ }
+ }
+
+ return 0;
+}
+
+int
+parse_test_gcm_json_init(void)
+{
+ json_t *direction_obj;
+ const char *direction_str;
+
+ direction_obj = json_object_get(json_info.json_test_group, DIR_JSON_STR);
+ direction_str = json_string_value(direction_obj);
+ info.interim_info.gcm_data.gen_iv = 0;
+
+ if (strcmp(direction_str, OP_ENC_JSON_STR) == 0) {
+ json_t *ivGen_obj = json_object_get(json_info.json_test_group, IVGEN_JSON_STR);
+ const char *ivGen_str = json_string_value(ivGen_obj);
+
+ info.op = FIPS_TEST_ENC_AUTH_GEN;
+ info.callbacks = gcm_enc_json_vectors;
+
+ if (strcmp(ivGen_str, OP_ENC_INT_JSON_STR) == 0)
+ info.interim_info.gcm_data.gen_iv = 1;
+ } else if (strcmp(direction_str, OP_DEC_JSON_STR) == 0) {
+ info.op = FIPS_TEST_DEC_AUTH_VERIF;
+ info.callbacks = gcm_dec_json_vectors;
+ } else {
+ return -EINVAL;
+ }
+ info.interim_callbacks = gcm_interim_json_vectors;
+ info.parse_writeback = parse_test_gcm_json_writeback;
+
+ return 0;
+}
+#endif /* RTE_HAS_JANSSON */
+
diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c
index 5bebff853e..e729b01529 100644
--- a/examples/fips_validation/main.c
+++ b/examples/fips_validation/main.c
@@ -1955,11 +1955,12 @@ fips_test_one_test_group(void)
switch (info.algo) {
case FIPS_TEST_ALGO_AES_GCM:
- ret = parse_test_gcm_init();
+ ret = parse_test_gcm_json_init();
break;
default:
return -EINVAL;
}
+
if (ret < 0)
return ret;
--
2.25.1
^ permalink raw reply [flat|nested] 122+ messages in thread
* [v8, 06/10] examples/fips_validation: add json to hmac
2022-05-30 12:23 ` [v8, 00/10] Add JSON vector set support to fips validation Gowrishankar Muthukrishnan
` (4 preceding siblings ...)
2022-05-30 12:23 ` [v8, 05/10] examples/fips_validation: add json to gcm test Gowrishankar Muthukrishnan
@ 2022-05-30 12:23 ` Gowrishankar Muthukrishnan
2022-05-30 12:23 ` [v8, 07/10] examples/fips_validation: implement json cmac test Gowrishankar Muthukrishnan
` (4 subsequent siblings)
10 siblings, 0 replies; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-30 12:23 UTC (permalink / raw)
To: dev
Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
Archana Muniganti, Jerin Jacob, Brandon Lo,
Gowrishankar Muthukrishnan
From: Brandon Lo <blo@iol.unh.edu>
Adds JSON support for the HMAC algorithm.
Signed-off-by: Brandon Lo <blo@iol.unh.edu>
Acked-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
---
examples/fips_validation/fips_validation.c | 2 +
examples/fips_validation/fips_validation.h | 6 ++
.../fips_validation/fips_validation_hmac.c | 93 +++++++++++++++++++
examples/fips_validation/main.c | 3 +
4 files changed, 104 insertions(+)
diff --git a/examples/fips_validation/fips_validation.c b/examples/fips_validation/fips_validation.c
index 6594a15579..e8520f59cf 100644
--- a/examples/fips_validation/fips_validation.c
+++ b/examples/fips_validation/fips_validation.c
@@ -458,6 +458,8 @@ fips_test_parse_one_json_vector_set(void)
/* Vector sets contain the algorithm type, and nothing else we need. */
if (strstr(algo_str, "AES-GCM"))
info.algo = FIPS_TEST_ALGO_AES_GCM;
+ if (strstr(algo_str, "HMAC"))
+ info.algo = FIPS_TEST_ALGO_HMAC;
else
return -EINVAL;
diff --git a/examples/fips_validation/fips_validation.h b/examples/fips_validation/fips_validation.h
index 8b9d528c53..3b3ffb7fa6 100644
--- a/examples/fips_validation/fips_validation.h
+++ b/examples/fips_validation/fips_validation.h
@@ -253,6 +253,12 @@ fips_test_parse_one_json_case(void);
int
parse_test_gcm_json_init(void);
+
+int
+parse_test_hmac_json_init(void);
+
+int
+parse_test_hmac_json_algorithm(void);
#endif /* RTE_HAS_JANSSON */
int
diff --git a/examples/fips_validation/fips_validation_hmac.c b/examples/fips_validation/fips_validation_hmac.c
index 1285c9d283..4cd1b1ac07 100644
--- a/examples/fips_validation/fips_validation_hmac.c
+++ b/examples/fips_validation/fips_validation_hmac.c
@@ -19,6 +19,15 @@
#define PT_STR "Msg = "
#define TAG_STR "Mac = "
+#define ALGO_JSON_STR "algorithm"
+
+#define KEYLEN_JSON_STR "keyLen"
+#define TAGLEN_JSON_STR "macLen"
+
+#define KEY_JSON_STR "key"
+#define PT_JSON_STR "msg"
+#define TAG_JSON_STR "mac"
+
struct hash_size_conversion {
const char *str;
enum rte_crypto_auth_algorithm algo;
@@ -65,6 +74,29 @@ struct fips_test_callback hmac_tests_interim_vectors[] = {
{NULL, NULL, NULL} /**< end pointer */
};
+#ifdef RTE_HAS_JANSSON
+struct hash_size_conversion json_algorithms[] = {
+ {"HMAC-SHA-1", RTE_CRYPTO_AUTH_SHA1_HMAC},
+ {"HMAC-SHA2-224", RTE_CRYPTO_AUTH_SHA224_HMAC},
+ {"HMAC-SHA2-256", RTE_CRYPTO_AUTH_SHA256_HMAC},
+ {"HMAC-SHA2-384", RTE_CRYPTO_AUTH_SHA384_HMAC},
+ {"HMAC-SHA2-512", RTE_CRYPTO_AUTH_SHA512_HMAC},
+};
+
+struct fips_test_callback hmac_tests_json_vectors[] = {
+ {KEY_JSON_STR, parse_uint8_hex_str, &vec.cipher_auth.key},
+ {PT_JSON_STR, parse_uint8_hex_str, &vec.pt},
+ {TAG_JSON_STR, parse_uint8_hex_str, &vec.cipher_auth.digest},
+ {NULL, NULL, NULL} /**< end pointer */
+};
+
+struct fips_test_callback hmac_tests_interim_json_vectors[] = {
+ {KEYLEN_JSON_STR, parser_read_uint32_val, &vec.cipher_auth.key},
+ {TAGLEN_JSON_STR, parser_read_uint32_bit_val, &vec.cipher_auth.digest},
+ {NULL, NULL, NULL} /**< end pointer */
+};
+#endif /* RTE_HAS_JANSSON */
+
static int
parse_test_hmac_writeback(struct fips_val *val)
{
@@ -103,3 +135,64 @@ parse_test_hmac_init(void)
return 0;
}
+
+#ifdef RTE_HAS_JANSSON
+static int
+parse_test_hmac_json_writeback(struct fips_val *val)
+{
+ struct fips_val val_local;
+ json_t *tcId, *mac;
+
+ tcId = json_object_get(json_info.json_test_case, "tcId");
+
+ json_info.json_write_case = json_object();
+ json_object_set(json_info.json_write_case, "tcId", tcId);
+
+
+ val_local.val = val->val + vec.pt.len;
+ val_local.len = vec.cipher_auth.digest.len;
+
+ writeback_hex_str("", info.one_line_text, &val_local);
+
+ mac = json_string(info.one_line_text);
+ json_object_set_new(json_info.json_write_case, TAG_JSON_STR, mac);
+
+ return 0;
+}
+
+int
+parse_test_hmac_json_algorithm(void)
+{
+ json_t *algorithm_object;
+ const char *algorithm_str;
+ uint32_t i;
+
+ algorithm_object = json_object_get(json_info.json_vector_set, "algorithm");
+ algorithm_str = json_string_value(algorithm_object);
+
+ for (i = 0; i < RTE_DIM(json_algorithms); i++) {
+ if (strstr(algorithm_str, json_algorithms[i].str)) {
+ info.interim_info.hmac_data.algo = json_algorithms[i].algo;
+ return 0;
+ }
+ }
+
+ return -1;
+}
+
+int
+parse_test_hmac_json_init(void)
+{
+ info.op = FIPS_TEST_ENC_AUTH_GEN;
+ info.parse_writeback = parse_test_hmac_json_writeback;
+ info.callbacks = hmac_tests_json_vectors;
+ info.writeback_callbacks = NULL;
+ info.kat_check = rsp_test_hmac_check;
+ info.interim_callbacks = hmac_tests_interim_json_vectors;
+
+ if (parse_test_hmac_json_algorithm() < 0)
+ return -1;
+
+ return 0;
+}
+#endif /* RTE_HAS_JANSSON */
diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c
index e729b01529..2393559d0d 100644
--- a/examples/fips_validation/main.c
+++ b/examples/fips_validation/main.c
@@ -1957,6 +1957,9 @@ fips_test_one_test_group(void)
case FIPS_TEST_ALGO_AES_GCM:
ret = parse_test_gcm_json_init();
break;
+ case FIPS_TEST_ALGO_HMAC:
+ ret = parse_test_hmac_json_init();
+ break;
default:
return -EINVAL;
}
--
2.25.1
^ permalink raw reply [flat|nested] 122+ messages in thread
* [v8, 07/10] examples/fips_validation: implement json cmac test
2022-05-30 12:23 ` [v8, 00/10] Add JSON vector set support to fips validation Gowrishankar Muthukrishnan
` (5 preceding siblings ...)
2022-05-30 12:23 ` [v8, 06/10] examples/fips_validation: add json to hmac Gowrishankar Muthukrishnan
@ 2022-05-30 12:23 ` Gowrishankar Muthukrishnan
2022-05-30 12:23 ` [v8, 08/10] examples/fips_validation: add parsing for cmac Gowrishankar Muthukrishnan
` (3 subsequent siblings)
10 siblings, 0 replies; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-30 12:23 UTC (permalink / raw)
To: dev
Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
Archana Muniganti, Jerin Jacob, Brandon Lo,
Gowrishankar Muthukrishnan
From: Brandon Lo <blo@iol.unh.edu>
Implemented JSON support for the CMAC test.
Signed-off-by: Brandon Lo <blo@iol.unh.edu>
Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
---
v5:
* parser_read_cmac_direction_str is static.
---
examples/fips_validation/fips_validation.h | 3 +
.../fips_validation/fips_validation_cmac.c | 80 +++++++++++++++++++
2 files changed, 83 insertions(+)
diff --git a/examples/fips_validation/fips_validation.h b/examples/fips_validation/fips_validation.h
index 3b3ffb7fa6..88cbb0303e 100644
--- a/examples/fips_validation/fips_validation.h
+++ b/examples/fips_validation/fips_validation.h
@@ -259,6 +259,9 @@ parse_test_hmac_json_init(void);
int
parse_test_hmac_json_algorithm(void);
+
+int
+parse_test_cmac_json_init(void);
#endif /* RTE_HAS_JANSSON */
int
diff --git a/examples/fips_validation/fips_validation_cmac.c b/examples/fips_validation/fips_validation_cmac.c
index 54c951ef83..094e3922a4 100644
--- a/examples/fips_validation/fips_validation_cmac.c
+++ b/examples/fips_validation/fips_validation_cmac.c
@@ -32,6 +32,18 @@
#define PASS_STR "P"
#define FAIL_STR "F"
+#define KLEN_JSON_STR "keyLen"
+#define PTLEN_JSON_STR "msgLen"
+#define TAGLEN_JSON_STR "macLen"
+#define KEY_JSON_STR "key"
+#define PT_JSON_STR "message"
+#define TAG_JSON_STR "mac"
+#define DIRECTION_JSON_STR "direction"
+#define POS_NEG_JSON_STR "testPassed"
+
+#define GEN_JSON_STR "gen"
+#define VERIF_JSON_STR "ver"
+
struct hash_algo_conversion {
const char *str;
enum fips_test_algorithms algo;
@@ -39,6 +51,74 @@ struct hash_algo_conversion {
{"AES", FIPS_TEST_ALGO_AES_CMAC},
};
+#ifdef RTE_HAS_JANSSON
+static int
+parser_read_cmac_direction_str(__rte_unused const char *key, char *src,
+ __rte_unused struct fips_val *val)
+{
+ if (strcmp(src, "gen") == 0)
+ info.op = FIPS_TEST_ENC_AUTH_GEN;
+ else if (strcmp(src, "ver") == 0)
+ info.op = FIPS_TEST_DEC_AUTH_VERIF;
+
+ return 0;
+}
+
+struct fips_test_callback cmac_tests_interim_json_vectors[] = {
+ {KLEN_JSON_STR, parser_read_uint32_bit_val, &vec.cipher_auth.key},
+ {PTLEN_JSON_STR, parser_read_uint32_bit_val, &vec.pt},
+ {TAGLEN_JSON_STR, parser_read_uint32_bit_val, &vec.cipher_auth.digest},
+ {DIRECTION_JSON_STR, parser_read_cmac_direction_str, NULL},
+ {NULL, NULL, NULL} /**< end pointer */
+};
+
+struct fips_test_callback cmac_tests_json_vectors[] = {
+ {KEY_JSON_STR, parse_uint8_hex_str, &vec.cipher_auth.key},
+ {PT_JSON_STR, parse_uint8_known_len_hex_str, &vec.pt},
+ {TAG_JSON_STR, parse_uint8_known_len_hex_str,
+ &vec.cipher_auth.digest},
+ {NULL, NULL, NULL} /**< end pointer */
+};
+
+static int
+parse_test_cmac_json_writeback(struct fips_val *val)
+{
+ json_info.json_write_case = json_object();
+ json_object_set(json_info.json_write_case, "tcId",
+ json_object_get(json_info.json_test_case, "tcId"));
+
+ if (info.op == FIPS_TEST_ENC_AUTH_GEN) {
+ struct fips_val tmp_val = {val->val + vec.pt.len,
+ vec.cipher_auth.digest.len};
+
+ writeback_hex_str("", info.one_line_text, &tmp_val);
+ json_object_set_new(json_info.json_write_case, TAG_JSON_STR,
+ json_string(info.one_line_text));
+ } else {
+ if (vec.status == RTE_CRYPTO_OP_STATUS_SUCCESS)
+ json_object_set_new(json_info.json_write_case, POS_NEG_JSON_STR,
+ json_boolean(true));
+ else if (vec.status == RTE_CRYPTO_OP_STATUS_AUTH_FAILED)
+ json_object_set_new(json_info.json_write_case, POS_NEG_JSON_STR,
+ json_boolean(false));
+ }
+
+ return 0;
+}
+
+int
+parse_test_cmac_json_init(void)
+{
+ info.algo = FIPS_TEST_ALGO_AES_CMAC;
+
+ info.parse_writeback = parse_test_cmac_json_writeback;
+ info.callbacks = cmac_tests_json_vectors;
+ info.interim_callbacks = cmac_tests_interim_json_vectors;
+
+ return 0;
+}
+#endif /* RTE_HAS_JANSSON */
+
static int
parse_test_cmac_writeback(struct fips_val *val)
{
--
2.25.1
^ permalink raw reply [flat|nested] 122+ messages in thread
* [v8, 08/10] examples/fips_validation: add parsing for cmac
2022-05-30 12:23 ` [v8, 00/10] Add JSON vector set support to fips validation Gowrishankar Muthukrishnan
` (6 preceding siblings ...)
2022-05-30 12:23 ` [v8, 07/10] examples/fips_validation: implement json cmac test Gowrishankar Muthukrishnan
@ 2022-05-30 12:23 ` Gowrishankar Muthukrishnan
2022-05-30 12:23 ` [v8, 09/10] examples/fips_validation: add parsing for aes_cbc Gowrishankar Muthukrishnan
` (2 subsequent siblings)
10 siblings, 0 replies; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-30 12:23 UTC (permalink / raw)
To: dev
Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
Archana Muniganti, Jerin Jacob, Brandon Lo,
Gowrishankar Muthukrishnan
From: Brandon Lo <blo@iol.unh.edu>
Added function to parse algorithm for CMAC test.
Signed-off-by: Brandon Lo <blo@iol.unh.edu>
Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
--
v5:
* parser_read_cmac_direction_str implementation moved to static.
---
examples/fips_validation/fips_validation.c | 19 ++++++++++++++++---
examples/fips_validation/main.c | 3 +++
2 files changed, 19 insertions(+), 3 deletions(-)
diff --git a/examples/fips_validation/fips_validation.c b/examples/fips_validation/fips_validation.c
index e8520f59cf..ab4c0d0eca 100644
--- a/examples/fips_validation/fips_validation.c
+++ b/examples/fips_validation/fips_validation.c
@@ -460,6 +460,8 @@ fips_test_parse_one_json_vector_set(void)
info.algo = FIPS_TEST_ALGO_AES_GCM;
if (strstr(algo_str, "HMAC"))
info.algo = FIPS_TEST_ALGO_HMAC;
+ if (strstr(algo_str, "CMAC"))
+ info.algo = FIPS_TEST_ALGO_AES_CMAC;
else
return -EINVAL;
@@ -470,7 +472,6 @@ int
fips_test_parse_one_json_group(void)
{
int ret, i;
- json_int_t val;
json_t *param;
if (info.interim_callbacks) {
@@ -478,8 +479,20 @@ fips_test_parse_one_json_group(void)
for (i = 0; info.interim_callbacks[i].key != NULL; i++) {
param = json_object_get(json_info.json_test_group,
info.interim_callbacks[i].key);
- val = json_integer_value(param);
- snprintf(json_value, 255, "%"JSON_INTEGER_FORMAT, val);
+ switch (json_typeof(param)) {
+ case JSON_STRING:
+ snprintf(json_value, 256, "%s", json_string_value(param));
+ break;
+
+ case JSON_INTEGER:
+ snprintf(json_value, 255, "%"JSON_INTEGER_FORMAT,
+ json_integer_value(param));
+ break;
+
+ default:
+ return -EINVAL;
+ }
+
/* First argument is blank because the key
* is not included in the string being parsed.
*/
diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c
index 2393559d0d..1645fa99e5 100644
--- a/examples/fips_validation/main.c
+++ b/examples/fips_validation/main.c
@@ -1960,6 +1960,9 @@ fips_test_one_test_group(void)
case FIPS_TEST_ALGO_HMAC:
ret = parse_test_hmac_json_init();
break;
+ case FIPS_TEST_ALGO_AES_CMAC:
+ ret = parse_test_cmac_json_init();
+ break;
default:
return -EINVAL;
}
--
2.25.1
^ permalink raw reply [flat|nested] 122+ messages in thread
* [v8, 09/10] examples/fips_validation: add parsing for aes_cbc
2022-05-30 12:23 ` [v8, 00/10] Add JSON vector set support to fips validation Gowrishankar Muthukrishnan
` (7 preceding siblings ...)
2022-05-30 12:23 ` [v8, 08/10] examples/fips_validation: add parsing for cmac Gowrishankar Muthukrishnan
@ 2022-05-30 12:23 ` Gowrishankar Muthukrishnan
2022-05-30 12:23 ` [v8, 10/10] doc: add notes about acvp validation support Gowrishankar Muthukrishnan
2022-05-30 15:52 ` [v9, 00/10] Add JSON vector set support to fips validation Gowrishankar Muthukrishnan
10 siblings, 0 replies; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-30 12:23 UTC (permalink / raw)
To: dev
Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
Archana Muniganti, Jerin Jacob, Gowrishankar Muthukrishnan
Added function to parse algorithm for AES_CBC test.
Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
--
v6:
* fixed local variable initialization in fips_mct_aes_test.
---
examples/fips_validation/fips_validation.c | 8 +-
examples/fips_validation/fips_validation.h | 4 +
.../fips_validation/fips_validation_aes.c | 223 ++++++++++++++++++
examples/fips_validation/main.c | 76 ++++--
4 files changed, 284 insertions(+), 27 deletions(-)
diff --git a/examples/fips_validation/fips_validation.c b/examples/fips_validation/fips_validation.c
index ab4c0d0eca..8cec172a5f 100644
--- a/examples/fips_validation/fips_validation.c
+++ b/examples/fips_validation/fips_validation.c
@@ -120,7 +120,7 @@ fips_test_parse_header(void)
for (i = 0; i < info.nb_vec_lines; i++) {
if (!algo_parsed) {
- if (strstr(info.vec[i], "AESVS")) {
+ if (strstr(info.vec[i], "AES")) {
algo_parsed = 1;
info.algo = FIPS_TEST_ALGO_AES;
ret = parse_test_aes_init();
@@ -458,10 +458,12 @@ fips_test_parse_one_json_vector_set(void)
/* Vector sets contain the algorithm type, and nothing else we need. */
if (strstr(algo_str, "AES-GCM"))
info.algo = FIPS_TEST_ALGO_AES_GCM;
- if (strstr(algo_str, "HMAC"))
+ else if (strstr(algo_str, "HMAC"))
info.algo = FIPS_TEST_ALGO_HMAC;
- if (strstr(algo_str, "CMAC"))
+ else if (strstr(algo_str, "CMAC"))
info.algo = FIPS_TEST_ALGO_AES_CMAC;
+ else if (strstr(algo_str, "AES-CBC"))
+ info.algo = FIPS_TEST_ALGO_AES;
else
return -EINVAL;
diff --git a/examples/fips_validation/fips_validation.h b/examples/fips_validation/fips_validation.h
index 88cbb0303e..6385ec4d8d 100644
--- a/examples/fips_validation/fips_validation.h
+++ b/examples/fips_validation/fips_validation.h
@@ -103,6 +103,7 @@ enum fips_aesavs_test_types {
AESAVS_TYPE_VARTXT,
AESAVS_TYPE_MMT,
AESAVS_TYPE_MCT,
+ AESAVS_TYPE_AFT,
};
enum fips_tdes_test_types {
@@ -262,6 +263,9 @@ parse_test_hmac_json_algorithm(void);
int
parse_test_cmac_json_init(void);
+
+int
+parse_test_aes_json_init(void);
#endif /* RTE_HAS_JANSSON */
int
diff --git a/examples/fips_validation/fips_validation_aes.c b/examples/fips_validation/fips_validation_aes.c
index b3c5e31f32..8db6f4fa31 100644
--- a/examples/fips_validation/fips_validation_aes.c
+++ b/examples/fips_validation/fips_validation_aes.c
@@ -7,6 +7,7 @@
#include <stdio.h>
#include <rte_cryptodev.h>
+#include <rte_malloc.h>
#include "fips_validation.h"
@@ -25,6 +26,19 @@
#define OP_ENC_STR "ENCRYPT"
#define OP_DEC_STR "DECRYPT"
+#define ALGO_JSON_STR "algorithm"
+#define TESTTYPE_JSON_STR "testType"
+#define DIR_JSON_STR "direction"
+#define KEYLEN_JSON_STR "keyLen"
+
+#define KEY_JSON_STR "key"
+#define IV_JSON_STR "iv"
+#define PT_JSON_STR "pt"
+#define CT_JSON_STR "ct"
+
+#define OP_ENC_JSON_STR "encrypt"
+#define OP_DEC_JSON_STR "decrypt"
+
struct {
uint32_t type;
const char *desc;
@@ -37,6 +51,7 @@ struct {
{TDES_VARIABLE_TEXT, "KAT"},
{AESAVS_TYPE_MMT, "MMT"},
{AESAVS_TYPE_MCT, "MCT"},
+ {AESAVS_TYPE_AFT, "AFT"},
};
struct aes_test_algo {
@@ -92,6 +107,214 @@ struct fips_test_callback aes_writeback_callbacks[] = {
{NULL, NULL, NULL} /**< end pointer */
};
+#ifdef RTE_HAS_JANSSON
+struct fips_test_callback aes_dec_json_vectors[] = {
+ {KEY_JSON_STR, parse_uint8_known_len_hex_str, &vec.cipher_auth.key},
+ {IV_JSON_STR, parse_uint8_hex_str, &vec.iv},
+ {CT_JSON_STR, parse_uint8_hex_str, &vec.ct},
+ {NULL, NULL, NULL} /**< end pointer */
+};
+
+struct fips_test_callback aes_interim_json_vectors[] = {
+ {KEYLEN_JSON_STR, parser_read_uint32_bit_val, &vec.cipher_auth.key},
+ {NULL, NULL, NULL} /**< end pointer */
+};
+
+struct fips_test_callback aes_enc_json_vectors[] = {
+ {KEY_JSON_STR, parse_uint8_known_len_hex_str, &vec.cipher_auth.key},
+ {IV_JSON_STR, parse_uint8_hex_str, &vec.iv},
+ {PT_JSON_STR, parse_uint8_hex_str, &vec.pt},
+ {NULL, NULL, NULL} /**< end pointer */
+};
+
+static int
+parse_test_aes_json_writeback(struct fips_val *val)
+{
+ struct fips_val tmp_val;
+ json_t *tcId;
+
+ tcId = json_object_get(json_info.json_test_case, "tcId");
+
+ json_info.json_write_case = json_object();
+ json_object_set(json_info.json_write_case, "tcId", tcId);
+
+ if (info.op == FIPS_TEST_ENC_AUTH_GEN) {
+ json_t *ct;
+
+ tmp_val.val = val->val;
+ tmp_val.len = vec.pt.len;
+
+ writeback_hex_str("", info.one_line_text, &tmp_val);
+ ct = json_string(info.one_line_text);
+ json_object_set_new(json_info.json_write_case, CT_JSON_STR, ct);
+
+ tmp_val.val = val->val + vec.pt.len;
+ tmp_val.len = val->len - vec.pt.len;
+
+ writeback_hex_str("", info.one_line_text, &tmp_val);
+ } else {
+ if (vec.status == RTE_CRYPTO_OP_STATUS_SUCCESS) {
+ tmp_val.val = val->val;
+ tmp_val.len = vec.ct.len;
+
+ writeback_hex_str("", info.one_line_text, &tmp_val);
+ json_object_set_new(json_info.json_write_case, PT_JSON_STR,
+ json_string(info.one_line_text));
+ } else {
+ json_object_set_new(json_info.json_write_case, "testPassed", json_false());
+ }
+ }
+
+ return 0;
+}
+
+static int
+parse_test_aes_mct_json_writeback(struct fips_val *val)
+{
+ json_t *tcId, *resArr, *res, *ct, *pt, *key, *iv;
+ struct fips_val tmp_val;
+
+ tcId = json_object_get(json_info.json_test_case, "tcId");
+ if (json_info.json_write_case) {
+ json_t *wcId;
+
+ wcId = json_object_get(json_info.json_write_case, "tcId");
+ if (!json_equal(tcId, wcId)) {
+ json_info.json_write_case = json_object();
+ json_object_set(json_info.json_write_case, "tcId", tcId);
+ json_object_set(json_info.json_write_case, "resultsArray", json_array());
+ }
+ } else {
+ json_info.json_write_case = json_object();
+ json_object_set(json_info.json_write_case, "tcId", tcId);
+ json_object_set(json_info.json_write_case, "resultsArray", json_array());
+ }
+
+ resArr = json_object_get(json_info.json_write_case, "resultsArray");
+ if (!json_is_array(resArr))
+ return -EINVAL;
+
+ res = json_object();
+ if (info .op == FIPS_TEST_ENC_AUTH_GEN) {
+ writeback_hex_str("", info.one_line_text, &vec.cipher_auth.key);
+ key = json_string(info.one_line_text);
+ json_object_set_new(res, KEY_JSON_STR, key);
+
+ writeback_hex_str("", info.one_line_text, &val[2]);
+ iv = json_string(info.one_line_text);
+ json_object_set_new(res, IV_JSON_STR, iv);
+
+ writeback_hex_str("", info.one_line_text, &val[1]);
+ pt = json_string(info.one_line_text);
+ json_object_set_new(res, PT_JSON_STR, pt);
+
+ tmp_val.val = val->val;
+ tmp_val.len = vec.pt.len;
+
+ writeback_hex_str("", info.one_line_text, &tmp_val);
+ ct = json_string(info.one_line_text);
+ json_object_set_new(res, CT_JSON_STR, ct);
+
+ tmp_val.val = val->val + vec.pt.len;
+ tmp_val.len = val->len - vec.pt.len;
+
+ writeback_hex_str("", info.one_line_text, &tmp_val);
+ } else {
+ if (vec.status == RTE_CRYPTO_OP_STATUS_SUCCESS) {
+ writeback_hex_str("", info.one_line_text, &vec.cipher_auth.key);
+ key = json_string(info.one_line_text);
+ json_object_set_new(res, KEY_JSON_STR, key);
+
+ writeback_hex_str("", info.one_line_text, &val[2]);
+ iv = json_string(info.one_line_text);
+ json_object_set_new(res, IV_JSON_STR, iv);
+
+ tmp_val.val = val->val;
+ tmp_val.len = vec.ct.len;
+
+ writeback_hex_str("", info.one_line_text, &tmp_val);
+ pt = json_string(info.one_line_text);
+ json_object_set_new(res, PT_JSON_STR, pt);
+
+ writeback_hex_str("", info.one_line_text, &val[1]);
+ ct = json_string(info.one_line_text);
+ json_object_set_new(res, CT_JSON_STR, ct);
+ } else {
+ json_object_set_new(json_info.json_write_case, "testPassed", json_false());
+ }
+ }
+
+ json_array_append_new(resArr, res);
+ return 0;
+}
+
+int
+parse_test_aes_json_init(void)
+{
+ json_t *type_obj = json_object_get(json_info.json_test_group, TESTTYPE_JSON_STR);
+ json_t *algo_obj = json_object_get(json_info.json_vector_set, ALGO_JSON_STR);
+ const char *type_str = json_string_value(type_obj);
+ const char *algo_str = json_string_value(algo_obj);
+ uint32_t i;
+
+ if (json_info.json_test_group) {
+ json_t *direction_obj;
+ const char *direction_str;
+
+ direction_obj = json_object_get(json_info.json_test_group, DIR_JSON_STR);
+ direction_str = json_string_value(direction_obj);
+
+ if (strcmp(direction_str, OP_ENC_JSON_STR) == 0) {
+ info.op = FIPS_TEST_ENC_AUTH_GEN;
+ info.callbacks = aes_enc_json_vectors;
+
+ } else if (strcmp(direction_str, OP_DEC_JSON_STR) == 0) {
+ info.op = FIPS_TEST_DEC_AUTH_VERIF;
+ info.callbacks = aes_dec_json_vectors;
+ } else {
+ return -EINVAL;
+ }
+ info.interim_callbacks = aes_interim_json_vectors;
+ }
+
+ for (i = 0; i < RTE_DIM(aes_test_types); i++)
+ if (strstr(type_str, aes_test_types[i].desc)) {
+ info.interim_info.aes_data.test_type =
+ aes_test_types[i].type;
+ break;
+ }
+
+ if (i >= RTE_DIM(aes_test_types))
+ return -EINVAL;
+
+ switch (info.interim_info.aes_data.test_type) {
+ case AESAVS_TYPE_MCT:
+ info.parse_writeback = parse_test_aes_mct_json_writeback;
+ break;
+ case AESAVS_TYPE_AFT:
+ info.parse_writeback = parse_test_aes_json_writeback;
+ break;
+ default:
+ info.parse_writeback = NULL;
+ }
+
+ if (!info.parse_writeback)
+ return -EINVAL;
+
+ for (i = 0; i < RTE_DIM(algo_con); i++)
+ if (strstr(algo_str, algo_con[i].name)) {
+ info.interim_info.aes_data.cipher_algo =
+ (uint32_t)algo_con[i].algo;
+ break;
+ }
+
+ if (i >= RTE_DIM(algo_con))
+ return -EINVAL;
+
+ return 0;
+}
+#endif /* RTE_HAS_JANSSON */
+
static int
parse_test_aes_writeback(struct fips_val *val)
{
diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c
index 1645fa99e5..332a4110e3 100644
--- a/examples/fips_validation/main.c
+++ b/examples/fips_validation/main.c
@@ -1556,7 +1556,7 @@ fips_mct_aes_test(void)
#define AES_BLOCK_SIZE 16
#define AES_EXTERN_ITER 100
#define AES_INTERN_ITER 1000
- struct fips_val val = {NULL, 0}, val_key;
+ struct fips_val val[3] = {{NULL, 0},}, val_key, pt, ct, iv;
uint8_t prev_out[AES_BLOCK_SIZE] = {0};
uint8_t prev_in[AES_BLOCK_SIZE] = {0};
uint32_t i, j, k;
@@ -1565,11 +1565,16 @@ fips_mct_aes_test(void)
if (info.interim_info.aes_data.cipher_algo == RTE_CRYPTO_CIPHER_AES_ECB)
return fips_mct_aes_ecb_test();
+ memset(&pt, 0, sizeof(struct fips_val));
+ memset(&ct, 0, sizeof(struct fips_val));
+ memset(&iv, 0, sizeof(struct fips_val));
for (i = 0; i < AES_EXTERN_ITER; i++) {
- if (i != 0)
- update_info_vec(i);
+ if (info.file_type != FIPS_TYPE_JSON) {
+ if (i != 0)
+ update_info_vec(i);
- fips_test_write_one_case();
+ fips_test_write_one_case();
+ }
for (j = 0; j < AES_INTERN_ITER; j++) {
ret = fips_run_test();
@@ -1585,7 +1590,7 @@ fips_mct_aes_test(void)
return ret;
}
- ret = get_writeback_data(&val);
+ ret = get_writeback_data(&val[0]);
if (ret < 0)
return ret;
@@ -1593,24 +1598,39 @@ fips_mct_aes_test(void)
memcpy(prev_in, vec.ct.val, AES_BLOCK_SIZE);
if (j == 0) {
- memcpy(prev_out, val.val, AES_BLOCK_SIZE);
+ memcpy(prev_out, val[0].val, AES_BLOCK_SIZE);
+ pt.len = vec.pt.len;
+ pt.val = calloc(1, pt.len);
+ memcpy(pt.val, vec.pt.val, pt.len);
+
+ ct.len = vec.ct.len;
+ ct.val = calloc(1, ct.len);
+ memcpy(ct.val, vec.ct.val, ct.len);
+
+ iv.len = vec.iv.len;
+ iv.val = calloc(1, iv.len);
+ memcpy(iv.val, vec.iv.val, iv.len);
if (info.op == FIPS_TEST_ENC_AUTH_GEN) {
- memcpy(vec.pt.val, vec.iv.val,
- AES_BLOCK_SIZE);
- memcpy(vec.iv.val, val.val,
- AES_BLOCK_SIZE);
+ memcpy(vec.pt.val, vec.iv.val, AES_BLOCK_SIZE);
+ memcpy(vec.iv.val, val[0].val, AES_BLOCK_SIZE);
+ val[1].val = pt.val;
+ val[1].len = pt.len;
+ val[2].val = iv.val;
+ val[2].len = iv.len;
} else {
- memcpy(vec.ct.val, vec.iv.val,
- AES_BLOCK_SIZE);
- memcpy(vec.iv.val, prev_in,
- AES_BLOCK_SIZE);
+ memcpy(vec.ct.val, vec.iv.val, AES_BLOCK_SIZE);
+ memcpy(vec.iv.val, prev_in, AES_BLOCK_SIZE);
+ val[1].val = ct.val;
+ val[1].len = ct.len;
+ val[2].val = iv.val;
+ val[2].len = iv.len;
}
continue;
}
if (info.op == FIPS_TEST_ENC_AUTH_GEN) {
- memcpy(vec.iv.val, val.val, AES_BLOCK_SIZE);
+ memcpy(vec.iv.val, val[0].val, AES_BLOCK_SIZE);
memcpy(vec.pt.val, prev_out, AES_BLOCK_SIZE);
} else {
memcpy(vec.iv.val, prev_in, AES_BLOCK_SIZE);
@@ -1620,33 +1640,38 @@ fips_mct_aes_test(void)
if (j == AES_INTERN_ITER - 1)
continue;
- memcpy(prev_out, val.val, AES_BLOCK_SIZE);
+ memcpy(prev_out, val[0].val, AES_BLOCK_SIZE);
}
- info.parse_writeback(&val);
- fprintf(info.fp_wr, "\n");
+ info.parse_writeback(val);
+ if (info.file_type != FIPS_TYPE_JSON)
+ fprintf(info.fp_wr, "\n");
- if (i == AES_EXTERN_ITER - 1)
+ if (i == AES_EXTERN_ITER - 1) {
+ free(pt.val);
+ free(ct.val);
+ free(iv.val);
continue;
+ }
/** update key */
memcpy(&val_key, &vec.cipher_auth.key, sizeof(val_key));
for (k = 0; k < vec.cipher_auth.key.len; k++) {
switch (vec.cipher_auth.key.len) {
case 16:
- val_key.val[k] ^= val.val[k];
+ val_key.val[k] ^= val[0].val[k];
break;
case 24:
if (k < 8)
val_key.val[k] ^= prev_out[k + 8];
else
- val_key.val[k] ^= val.val[k - 8];
+ val_key.val[k] ^= val[0].val[k - 8];
break;
case 32:
if (k < 16)
val_key.val[k] ^= prev_out[k];
else
- val_key.val[k] ^= val.val[k - 16];
+ val_key.val[k] ^= val[0].val[k - 16];
break;
default:
return -1;
@@ -1654,10 +1679,10 @@ fips_mct_aes_test(void)
}
if (info.op == FIPS_TEST_DEC_AUTH_VERIF)
- memcpy(vec.iv.val, val.val, AES_BLOCK_SIZE);
+ memcpy(vec.iv.val, val[0].val, AES_BLOCK_SIZE);
}
- free(val.val);
+ free(val[0].val);
return 0;
}
@@ -1963,6 +1988,9 @@ fips_test_one_test_group(void)
case FIPS_TEST_ALGO_AES_CMAC:
ret = parse_test_cmac_json_init();
break;
+ case FIPS_TEST_ALGO_AES:
+ ret = parse_test_aes_json_init();
+ break;
default:
return -EINVAL;
}
--
2.25.1
^ permalink raw reply [flat|nested] 122+ messages in thread
* [v8, 10/10] doc: add notes about acvp validation support
2022-05-30 12:23 ` [v8, 00/10] Add JSON vector set support to fips validation Gowrishankar Muthukrishnan
` (8 preceding siblings ...)
2022-05-30 12:23 ` [v8, 09/10] examples/fips_validation: add parsing for aes_cbc Gowrishankar Muthukrishnan
@ 2022-05-30 12:23 ` Gowrishankar Muthukrishnan
2022-05-30 15:52 ` [v9, 00/10] Add JSON vector set support to fips validation Gowrishankar Muthukrishnan
10 siblings, 0 replies; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-30 12:23 UTC (permalink / raw)
To: dev
Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
Archana Muniganti, Jerin Jacob, Gowrishankar Muthukrishnan
Add notes on algorithms supported for ACVP validation.
Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
---
doc/guides/sample_app_ug/fips_validation.rst | 30 +++++++++++++++-----
1 file changed, 23 insertions(+), 7 deletions(-)
diff --git a/doc/guides/sample_app_ug/fips_validation.rst b/doc/guides/sample_app_ug/fips_validation.rst
index 39baea3346..4823531567 100644
--- a/doc/guides/sample_app_ug/fips_validation.rst
+++ b/doc/guides/sample_app_ug/fips_validation.rst
@@ -12,19 +12,22 @@ developed by the United States federal government for use in computer systems by
non-military government agencies and government contractors.
This application is used to parse and perform symmetric cryptography
-computation to the NIST Cryptographic Algorithm Validation Program (CAVP) test
-vectors.
+computation to the NIST Cryptographic Algorithm Validation Program (CAVP) and
+Automated Crypto Validation Protocol (ACVP) test vectors.
For an algorithm implementation to be listed on a cryptographic module
validation certificate as an Approved security function, the algorithm
-implementation must meet all the requirements of FIPS 140-2 and must
-successfully complete the cryptographic algorithm validation process.
+implementation must meet all the requirements of FIPS 140-2 (in case of CAVP)
+and FIPS 140-3 (in case of ACVP) and must successfully complete the
+cryptographic algorithm validation process.
Limitations
-----------
-* Only NIST CAVP request files are parsed by this application.
-* The version of request file supported is ``CAVS 21.0``
+CAVP
+----
+
+* The version of request file supported is ``CAVS 21.0``.
* If the header comment in a ``.req`` file does not contain a Algo tag
i.e ``AES,TDES,GCM`` you need to manually add it into the header comment for
example::
@@ -32,7 +35,7 @@ Limitations
# VARIABLE KEY - KAT for CBC / # TDES VARIABLE KEY - KAT for CBC
* The application does not supply the test vectors. The user is expected to
- obtain the test vector files from `NIST
+ obtain the test vector files from `NIST ACVP
<https://csrc.nist.gov/projects/cryptographic-algorithm-validation-
program/block-ciphers>`_ website. To obtain the ``.req`` files you need to
email a person from the NIST website and pay for the ``.req`` files.
@@ -48,6 +51,19 @@ Limitations
* TDES-CBC (1 Key, 2 Keys, 3 Keys) - MMT, Monte, Permop, Subkey, Varkey,
VarText
+ACVP
+----
+
+* The application does not supply the test vectors. The user is expected to
+ obtain the test vector files from `NIST ACVP <https://pages.nist.gov/ACVP>`_
+ website.
+* Supported test vectors
+ * AES-CBC (128,192,256) - AFT, MCT
+ * AES-GCM (128,192,256) - AFT
+ * AES-CMAC (128,192,256) - AFT
+ * HMAC (SHA1, SHA224, SHA256, SHA384, SHA512)
+
+
Application Information
-----------------------
--
2.25.1
^ permalink raw reply [flat|nested] 122+ messages in thread
* [v9, 00/10] Add JSON vector set support to fips validation
2022-05-30 12:23 ` [v8, 00/10] Add JSON vector set support to fips validation Gowrishankar Muthukrishnan
` (9 preceding siblings ...)
2022-05-30 12:23 ` [v8, 10/10] doc: add notes about acvp validation support Gowrishankar Muthukrishnan
@ 2022-05-30 15:52 ` Gowrishankar Muthukrishnan
2022-05-30 15:52 ` [v9, 01/10] examples/fips_validation: add jansson dependency Gowrishankar Muthukrishnan
` (11 more replies)
10 siblings, 12 replies; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-30 15:52 UTC (permalink / raw)
To: dev
Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
Archana Muniganti, Jerin Jacob, Gowrishankar Muthukrishnan
Adds a very basic introduction to JSON vector sets in
the fips validation example application. This patch set
will only introduce the AES-GCM test using a JSON request
file because the other algorithms need more information
than what is given in the new JSON format.
v9:
* doc update.
v8:
* Fixed overlapped places for FIPS 140-2 test vectors.
v7:
* Fixed individual patches to build correctly.
v6:
* CI centos platform fix.
v5:
* AES_CBC support appended in series.
Brandon Lo (8):
examples/fips_validation: add jansson dependency
examples/fips_validation: add json info to header
examples/fips_validation: add json parsing
examples/fips_validation: allow json file as input
examples/fips_validation: add json to gcm test
examples/fips_validation: add json to hmac
examples/fips_validation: implement json cmac test
examples/fips_validation: add parsing for cmac
Gowrishankar Muthukrishnan (2):
examples/fips_validation: add parsing for aes_cbc
doc: add notes about acvp validation support
doc/guides/sample_app_ug/fips_validation.rst | 30 +-
examples/fips_validation/fips_validation.c | 117 ++++++-
examples/fips_validation/fips_validation.h | 64 +++-
.../fips_validation/fips_validation_aes.c | 223 +++++++++++++
.../fips_validation/fips_validation_cmac.c | 80 +++++
.../fips_validation/fips_validation_gcm.c | 152 ++++++++-
.../fips_validation/fips_validation_hmac.c | 93 ++++++
examples/fips_validation/main.c | 295 ++++++++++++++++--
examples/fips_validation/meson.build | 4 +
9 files changed, 1015 insertions(+), 43 deletions(-)
--
2.25.1
^ permalink raw reply [flat|nested] 122+ messages in thread
* [v9, 01/10] examples/fips_validation: add jansson dependency
2022-05-30 15:52 ` [v9, 00/10] Add JSON vector set support to fips validation Gowrishankar Muthukrishnan
@ 2022-05-30 15:52 ` Gowrishankar Muthukrishnan
2022-05-30 15:52 ` [v9, 02/10] examples/fips_validation: add json info to header Gowrishankar Muthukrishnan
` (10 subsequent siblings)
11 siblings, 0 replies; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-30 15:52 UTC (permalink / raw)
To: dev
Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
Archana Muniganti, Jerin Jacob, Brandon Lo,
Gowrishankar Muthukrishnan
From: Brandon Lo <blo@iol.unh.edu>
Added a check for RTE_HAS_JANSSON into the meson
configuration file for JSON support.
Signed-off-by: Brandon Lo <blo@iol.unh.edu>
Acked-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
---
examples/fips_validation/meson.build | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/examples/fips_validation/meson.build b/examples/fips_validation/meson.build
index 7eef456318..8cd63066b5 100644
--- a/examples/fips_validation/meson.build
+++ b/examples/fips_validation/meson.build
@@ -21,3 +21,7 @@ sources = files(
'fips_dev_self_test.c',
'main.c',
)
+
+if dpdk_conf.has('RTE_HAS_JANSSON')
+ ext_deps += jansson_dep
+endif
--
2.25.1
^ permalink raw reply [flat|nested] 122+ messages in thread
* [v9, 02/10] examples/fips_validation: add json info to header
2022-05-30 15:52 ` [v9, 00/10] Add JSON vector set support to fips validation Gowrishankar Muthukrishnan
2022-05-30 15:52 ` [v9, 01/10] examples/fips_validation: add jansson dependency Gowrishankar Muthukrishnan
@ 2022-05-30 15:52 ` Gowrishankar Muthukrishnan
2022-05-30 15:52 ` [v9, 03/10] examples/fips_validation: add json parsing Gowrishankar Muthukrishnan
` (9 subsequent siblings)
11 siblings, 0 replies; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-30 15:52 UTC (permalink / raw)
To: dev
Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
Archana Muniganti, Jerin Jacob, Brandon Lo,
Gowrishankar Muthukrishnan
From: Brandon Lo <blo@iol.unh.edu>
Added json-specific functions and other information needed to
test the new FIPS test vectors.
Signed-off-by: Brandon Lo <blo@iol.unh.edu>
Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
---
v7:
* fix switch clause for info.file_type.
v5:
* fix typo in macro name for prefixes.
v2:
* fix type of prefix to suffix
---
examples/fips_validation/fips_validation.c | 6 +--
examples/fips_validation/fips_validation.h | 48 ++++++++++++++++++++--
examples/fips_validation/main.c | 2 +
3 files changed, 49 insertions(+), 7 deletions(-)
diff --git a/examples/fips_validation/fips_validation.c b/examples/fips_validation/fips_validation.c
index 94253eaee8..38c99b291c 100644
--- a/examples/fips_validation/fips_validation.c
+++ b/examples/fips_validation/fips_validation.c
@@ -270,11 +270,11 @@ parse_file_type(const char *path)
{
const char *tmp = path + strlen(path) - 3;
- if (strstr(tmp, REQ_FILE_PERFIX))
+ if (strstr(tmp, REQ_FILE_PREFIX))
info.file_type = FIPS_TYPE_REQ;
- else if (strstr(tmp, RSP_FILE_PERFIX))
+ else if (strstr(tmp, RSP_FILE_PREFIX))
info.file_type = FIPS_TYPE_RSP;
- else if (strstr(path, FAX_FILE_PERFIX))
+ else if (strstr(path, FAX_FILE_PREFIX))
info.file_type = FIPS_TYPE_FAX;
else
return -EINVAL;
diff --git a/examples/fips_validation/fips_validation.h b/examples/fips_validation/fips_validation.h
index aaadf01ba8..a1c83a9a6a 100644
--- a/examples/fips_validation/fips_validation.h
+++ b/examples/fips_validation/fips_validation.h
@@ -5,6 +5,10 @@
#ifndef _FIPS_VALIDATION_H_
#define _FIPS_VALIDATION_H_
+#ifdef RTE_HAS_JANSSON
+#include <jansson.h>
+#endif /* RTE_HAS_JANSSON */
+
#define FIPS_PARSE_ERR(fmt, args) \
RTE_LOG(ERR, USER1, "FIPS parse error" ## fmt ## "\n", ## args)
@@ -21,9 +25,12 @@
#define POSITIVE_TEST 0
#define NEGATIVE_TEST -1
-#define REQ_FILE_PERFIX "req"
-#define RSP_FILE_PERFIX "rsp"
-#define FAX_FILE_PERFIX "fax"
+#define REQ_FILE_PREFIX "req"
+#define RSP_FILE_PREFIX "rsp"
+#define FAX_FILE_PREFIX "fax"
+#define JSON_FILE_PREFIX "json"
+
+#define ACVVERSION "1.0"
enum fips_test_algorithms {
FIPS_TEST_ALGO_AES = 0,
@@ -40,7 +47,8 @@ enum fips_test_algorithms {
enum file_types {
FIPS_TYPE_REQ = 1,
FIPS_TYPE_FAX,
- FIPS_TYPE_RSP
+ FIPS_TYPE_RSP,
+ FIPS_TYPE_JSON,
};
enum fips_test_op {
@@ -161,6 +169,23 @@ struct gcm_interim_data {
uint8_t gen_iv;
};
+#ifdef RTE_HAS_JANSSON
+struct fips_test_json_info {
+ /* Information used for reading from json */
+ json_t *json_root;
+ json_t *json_vector_set;
+ json_t *json_test_group;
+ json_t *json_test_case;
+ /* Location of json write output */
+ json_t *json_write_root;
+ json_t *json_write_group;
+ json_t *json_write_set;
+ json_t *json_write_case;
+ /* Other info */
+ uint8_t is_sample;
+};
+#endif /* RTE_HAS_JANSSON */
+
struct fips_test_interim_info {
FILE *fp_rd;
FILE *fp_wr;
@@ -196,6 +221,10 @@ struct fips_test_interim_info {
extern struct fips_test_vector vec;
extern struct fips_test_interim_info info;
+#ifdef RTE_HAS_JANSSON
+extern struct fips_test_json_info json_info;
+#endif /* RTE_HAS_JANSSON */
+
int
fips_test_init(const char *req_file_path, const char *rsp_file_path,
const char *device_name);
@@ -212,6 +241,17 @@ fips_test_parse_one_case(void);
void
fips_test_write_one_case(void);
+#ifdef RTE_HAS_JANSSON
+int
+fips_test_parse_one_json_vector_set(void);
+
+int
+fips_test_parse_one_json_group(void);
+
+int
+fips_test_parse_one_json_case(void);
+#endif /* RTE_HAS_JANSSON */
+
int
parse_test_aes_init(void);
diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c
index e06ae37567..554d74cda0 100644
--- a/examples/fips_validation/main.c
+++ b/examples/fips_validation/main.c
@@ -1251,6 +1251,8 @@ fips_generic_test(void)
if (ret < 0)
return ret;
break;
+ default:
+ break;
}
fprintf(info.fp_wr, "\n");
--
2.25.1
^ permalink raw reply [flat|nested] 122+ messages in thread
* [v9, 03/10] examples/fips_validation: add json parsing
2022-05-30 15:52 ` [v9, 00/10] Add JSON vector set support to fips validation Gowrishankar Muthukrishnan
2022-05-30 15:52 ` [v9, 01/10] examples/fips_validation: add jansson dependency Gowrishankar Muthukrishnan
2022-05-30 15:52 ` [v9, 02/10] examples/fips_validation: add json info to header Gowrishankar Muthukrishnan
@ 2022-05-30 15:52 ` Gowrishankar Muthukrishnan
2022-05-30 15:52 ` [v9, 04/10] examples/fips_validation: allow json file as input Gowrishankar Muthukrishnan
` (8 subsequent siblings)
11 siblings, 0 replies; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-30 15:52 UTC (permalink / raw)
To: dev
Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
Archana Muniganti, Jerin Jacob, Brandon Lo,
Gowrishankar Muthukrishnan
From: Brandon Lo <blo@iol.unh.edu>
Added functions to parse the required information from a vector set
given in the new json format.
Signed-off-by: Brandon Lo <blo@iol.unh.edu>
Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
---
v7:
* pulled json_info define from next patch.
v3:
* fix checkpatch warnings
v2:
* fix for loop initialization
---
examples/fips_validation/fips_validation.c | 92 ++++++++++++++++++++++
examples/fips_validation/main.c | 4 +
2 files changed, 96 insertions(+)
diff --git a/examples/fips_validation/fips_validation.c b/examples/fips_validation/fips_validation.c
index 38c99b291c..6594a15579 100644
--- a/examples/fips_validation/fips_validation.c
+++ b/examples/fips_validation/fips_validation.c
@@ -276,6 +276,8 @@ parse_file_type(const char *path)
info.file_type = FIPS_TYPE_RSP;
else if (strstr(path, FAX_FILE_PREFIX))
info.file_type = FIPS_TYPE_FAX;
+ else if (strstr(path, JSON_FILE_PREFIX))
+ info.file_type = FIPS_TYPE_JSON;
else
return -EINVAL;
@@ -311,6 +313,21 @@ fips_test_init(const char *req_file_path, const char *rsp_file_path,
return -EINVAL;
}
+ if (info.file_type == FIPS_TYPE_JSON) {
+#ifdef RTE_HAS_JANSSON
+ json_error_t error;
+ json_info.json_root = json_loadf(info.fp_rd, 0, &error);
+ if (!json_info.json_root) {
+ RTE_LOG(ERR, USER1, "Cannot parse json file %s (line %d, column %d)\n",
+ req_file_path, error.line, error.column);
+ return -EINVAL;
+ }
+#else /* RTE_HAS_JANSSON */
+ RTE_LOG(ERR, USER1, "No json library configured.\n");
+ return -EINVAL;
+#endif /* RTE_HAS_JANSSON */
+ }
+
info.fp_wr = fopen(rsp_file_path, "w");
if (!info.fp_wr) {
RTE_LOG(ERR, USER1, "Cannot open file %s\n", rsp_file_path);
@@ -329,6 +346,9 @@ fips_test_init(const char *req_file_path, const char *rsp_file_path,
return -EINVAL;
}
+ if (info.file_type == FIPS_TYPE_JSON)
+ return 0;
+
if (fips_test_parse_header() < 0) {
RTE_LOG(ERR, USER1, "Failed parsing header\n");
return -1;
@@ -428,6 +448,78 @@ fips_test_write_one_case(void)
fprintf(info.fp_wr, "%s\n", info.vec[i]);
}
+#ifdef RTE_HAS_JANSSON
+int
+fips_test_parse_one_json_vector_set(void)
+{
+ json_t *algo_obj = json_object_get(json_info.json_vector_set, "algorithm");
+ const char *algo_str = json_string_value(algo_obj);
+
+ /* Vector sets contain the algorithm type, and nothing else we need. */
+ if (strstr(algo_str, "AES-GCM"))
+ info.algo = FIPS_TEST_ALGO_AES_GCM;
+ else
+ return -EINVAL;
+
+ return 0;
+}
+
+int
+fips_test_parse_one_json_group(void)
+{
+ int ret, i;
+ json_int_t val;
+ json_t *param;
+
+ if (info.interim_callbacks) {
+ char json_value[256];
+ for (i = 0; info.interim_callbacks[i].key != NULL; i++) {
+ param = json_object_get(json_info.json_test_group,
+ info.interim_callbacks[i].key);
+ val = json_integer_value(param);
+ snprintf(json_value, 255, "%"JSON_INTEGER_FORMAT, val);
+ /* First argument is blank because the key
+ * is not included in the string being parsed.
+ */
+ ret = info.interim_callbacks[i].cb(
+ "", json_value,
+ info.interim_callbacks[i].val
+ );
+ if (ret < 0)
+ return ret;
+ }
+ }
+
+ return 0;
+}
+
+int
+fips_test_parse_one_json_case(void)
+{
+ uint32_t i;
+ int ret = 0;
+ json_t *param;
+
+ for (i = 0; info.callbacks[i].key != NULL; i++) {
+ param = json_object_get(json_info.json_test_case, info.callbacks[i].key);
+ if (param) {
+ strcpy(info.one_line_text, json_string_value(param));
+ /* First argument is blank because the key
+ * is not included in the string being parsed.
+ */
+ ret = info.callbacks[i].cb(
+ "", info.one_line_text,
+ info.callbacks[i].val
+ );
+ if (ret < 0)
+ return ret;
+ }
+ }
+
+ return 0;
+}
+#endif /* RTE_HAS_JANSSON */
+
static int
parser_read_uint64_hex(uint64_t *value, const char *p)
{
diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c
index 554d74cda0..11db983ab0 100644
--- a/examples/fips_validation/main.c
+++ b/examples/fips_validation/main.c
@@ -39,6 +39,10 @@ enum {
struct fips_test_vector vec;
struct fips_test_interim_info info;
+#ifdef RTE_HAS_JANSSON
+struct fips_test_json_info json_info;
+#endif /* RTE_HAS_JANSSON */
+
struct cryptodev_fips_validate_env {
const char *req_path;
const char *rsp_path;
--
2.25.1
^ permalink raw reply [flat|nested] 122+ messages in thread
* [v9, 04/10] examples/fips_validation: allow json file as input
2022-05-30 15:52 ` [v9, 00/10] Add JSON vector set support to fips validation Gowrishankar Muthukrishnan
` (2 preceding siblings ...)
2022-05-30 15:52 ` [v9, 03/10] examples/fips_validation: add json parsing Gowrishankar Muthukrishnan
@ 2022-05-30 15:52 ` Gowrishankar Muthukrishnan
2022-05-30 15:52 ` [v9, 05/10] examples/fips_validation: add json to gcm test Gowrishankar Muthukrishnan
` (7 subsequent siblings)
11 siblings, 0 replies; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-30 15:52 UTC (permalink / raw)
To: dev
Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
Archana Muniganti, Jerin Jacob, Brandon Lo,
Gowrishankar Muthukrishnan
From: Brandon Lo <blo@iol.unh.edu>
Added the ability to use the json format as the input
and output of the example application.
Signed-off-by: Brandon Lo <blo@iol.unh.edu>
Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
--
v8:
* dont steal refcount on write_set using _new as latter is updated
subsequently in same function.
* fix fips_test_one_test_case to handle error code hence avoid
incorrect test data in response file since a test run for json
req file.
* Do not show bypass string in response for json file test.
v5:
* fix to check info.file_type in json file type as well.
v3:
* fix checkpatch warnings
v2:
* remove use_json variable
---
examples/fips_validation/main.c | 206 +++++++++++++++++++++++++++++++-
1 file changed, 203 insertions(+), 3 deletions(-)
diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c
index 11db983ab0..5bebff853e 100644
--- a/examples/fips_validation/main.c
+++ b/examples/fips_validation/main.c
@@ -34,6 +34,8 @@ enum {
OPT_CRYPTODEV_BK_ID_NUM,
#define OPT_CRYPTODEV_BK_DIR_KEY "broken-test-dir"
OPT_CRYPTODEV_BK_DIR_KEY_NUM,
+#define OPT_USE_JSON "use-json"
+ OPT_USE_JSON_NUM,
};
struct fips_test_vector vec;
@@ -170,6 +172,11 @@ cryptodev_fips_validate_app_uninit(void)
static int
fips_test_one_file(void);
+#ifdef RTE_HAS_JANSSON
+static int
+fips_test_one_json_file(void);
+#endif /* RTE_HAS_JANSSON */
+
static int
parse_cryptodev_arg(char *arg)
{
@@ -429,8 +436,17 @@ main(int argc, char *argv[])
goto exit;
}
-
+#ifdef RTE_HAS_JANSSON
+ if (info.file_type == FIPS_TYPE_JSON) {
+ ret = fips_test_one_json_file();
+ json_decref(json_info.json_root);
+ } else {
+ ret = fips_test_one_file();
+ }
+#else /* RTE_HAS_JANSSON */
ret = fips_test_one_file();
+#endif /* RTE_HAS_JANSSON */
+
if (ret < 0) {
RTE_LOG(ERR, USER1, "Error %i: Failed test %s\n",
ret, env.req_path);
@@ -485,7 +501,17 @@ main(int argc, char *argv[])
break;
}
+#ifdef RTE_HAS_JANSSON
+ if (info.file_type == FIPS_TYPE_JSON) {
+ ret = fips_test_one_json_file();
+ json_decref(json_info.json_root);
+ } else {
+ ret = fips_test_one_file();
+ }
+#else /* RTE_HAS_JANSSON */
ret = fips_test_one_file();
+#endif /* RTE_HAS_JANSSON */
+
if (ret < 0) {
RTE_LOG(ERR, USER1, "Error %i: Failed test %s\n",
ret, req_path);
@@ -1223,11 +1249,15 @@ fips_generic_test(void)
struct fips_val val = {NULL, 0};
int ret;
- fips_test_write_one_case();
+ if (info.file_type != FIPS_TYPE_JSON)
+ fips_test_write_one_case();
ret = fips_run_test();
if (ret < 0) {
if (ret == -EPERM || ret == -ENOTSUP) {
+ if (info.file_type == FIPS_TYPE_JSON)
+ return ret;
+
fprintf(info.fp_wr, "Bypass\n\n");
return 0;
}
@@ -1242,6 +1272,7 @@ fips_generic_test(void)
switch (info.file_type) {
case FIPS_TYPE_REQ:
case FIPS_TYPE_RSP:
+ case FIPS_TYPE_JSON:
if (info.parse_writeback == NULL)
return -EPERM;
ret = info.parse_writeback(&val);
@@ -1259,7 +1290,8 @@ fips_generic_test(void)
break;
}
- fprintf(info.fp_wr, "\n");
+ if (info.file_type != FIPS_TYPE_JSON)
+ fprintf(info.fp_wr, "\n");
free(val.val);
return 0;
@@ -1294,6 +1326,9 @@ fips_mct_tdes_test(void)
ret = fips_run_test();
if (ret < 0) {
if (ret == -EPERM) {
+ if (info.file_type == FIPS_TYPE_JSON)
+ return ret;
+
fprintf(info.fp_wr, "Bypass\n");
return 0;
}
@@ -1455,6 +1490,9 @@ fips_mct_aes_ecb_test(void)
ret = fips_run_test();
if (ret < 0) {
if (ret == -EPERM) {
+ if (info.file_type == FIPS_TYPE_JSON)
+ return ret;
+
fprintf(info.fp_wr, "Bypass\n");
return 0;
}
@@ -1537,6 +1575,9 @@ fips_mct_aes_test(void)
ret = fips_run_test();
if (ret < 0) {
if (ret == -EPERM) {
+ if (info.file_type == FIPS_TYPE_JSON)
+ return ret;
+
fprintf(info.fp_wr, "Bypass\n");
return 0;
}
@@ -1667,6 +1708,9 @@ fips_mct_sha_test(void)
ret = fips_run_test();
if (ret < 0) {
if (ret == -EPERM || ret == -ENOTSUP) {
+ if (info.file_type == FIPS_TYPE_JSON)
+ return ret;
+
fprintf(info.fp_wr, "Bypass\n\n");
return 0;
}
@@ -1850,3 +1894,159 @@ fips_test_one_file(void)
return ret;
}
+
+#ifdef RTE_HAS_JANSSON
+static int
+fips_test_json_init_writeback(void)
+{
+ json_t *session_info, *session_write;
+ session_info = json_array_get(json_info.json_root, 0);
+ session_write = json_object();
+ json_info.json_write_root = json_array();
+
+ json_object_set(session_write, "jwt",
+ json_object_get(session_info, "jwt"));
+ json_object_set(session_write, "url",
+ json_object_get(session_info, "url"));
+ json_object_set(session_write, "isSample",
+ json_object_get(session_info, "isSample"));
+
+ json_info.is_sample = json_boolean_value(
+ json_object_get(session_info, "isSample"));
+
+ json_array_append_new(json_info.json_write_root, session_write);
+ return 0;
+}
+
+static int
+fips_test_one_test_case(void)
+{
+ int ret;
+
+ ret = fips_test_parse_one_json_case();
+
+ switch (ret) {
+ case 0:
+ ret = test_ops.test();
+ if ((ret == 0) || (ret == -EPERM || ret == -ENOTSUP))
+ break;
+ RTE_LOG(ERR, USER1, "Error %i: test block\n",
+ ret);
+ break;
+ default:
+ RTE_LOG(ERR, USER1, "Error %i: Parse block\n",
+ ret);
+ }
+ return ret;
+}
+
+static int
+fips_test_one_test_group(void)
+{
+ int ret;
+ json_t *tests, *write_tests;
+ size_t test_idx, tests_size;
+
+ write_tests = json_array();
+ json_info.json_write_group = json_object();
+ json_object_set(json_info.json_write_group, "tgId",
+ json_object_get(json_info.json_test_group, "tgId"));
+ json_object_set_new(json_info.json_write_group, "tests", write_tests);
+
+ switch (info.algo) {
+ case FIPS_TEST_ALGO_AES_GCM:
+ ret = parse_test_gcm_init();
+ break;
+ default:
+ return -EINVAL;
+ }
+ if (ret < 0)
+ return ret;
+
+ ret = fips_test_parse_one_json_group();
+ if (ret < 0)
+ return ret;
+
+ ret = init_test_ops();
+ if (ret < 0)
+ return ret;
+
+ tests = json_object_get(json_info.json_test_group, "tests");
+ tests_size = json_array_size(tests);
+ for (test_idx = 0; test_idx < tests_size; test_idx++) {
+ json_info.json_test_case = json_array_get(tests, test_idx);
+ if (fips_test_one_test_case() == 0)
+ json_array_append_new(write_tests, json_info.json_write_case);
+ }
+
+ return 0;
+}
+
+static int
+fips_test_one_vector_set(void)
+{
+ int ret;
+ json_t *test_groups, *write_groups, *write_version, *write_set;
+ size_t group_idx, num_groups;
+
+ test_groups = json_object_get(json_info.json_vector_set, "testGroups");
+ num_groups = json_array_size(test_groups);
+
+ json_info.json_write_set = json_array();
+ write_version = json_object();
+ json_object_set_new(write_version, "acvVersion", json_string(ACVVERSION));
+ json_array_append_new(json_info.json_write_set, write_version);
+
+ write_set = json_object();
+ json_array_append(json_info.json_write_set, write_set);
+ write_groups = json_array();
+
+ json_object_set(write_set, "vsId",
+ json_object_get(json_info.json_vector_set, "vsId"));
+ json_object_set(write_set, "algorithm",
+ json_object_get(json_info.json_vector_set, "algorithm"));
+ json_object_set(write_set, "revision",
+ json_object_get(json_info.json_vector_set, "revision"));
+ json_object_set_new(write_set, "isSample",
+ json_boolean(json_info.is_sample));
+ json_object_set_new(write_set, "testGroups", write_groups);
+
+ ret = fips_test_parse_one_json_vector_set();
+ if (ret < 0) {
+ RTE_LOG(ERR, USER1, "Error: Unsupported or invalid vector set algorithm: %s\n",
+ json_string_value(json_object_get(json_info.json_vector_set, "algorithm")));
+ return ret;
+ }
+
+ for (group_idx = 0; group_idx < num_groups; group_idx++) {
+ json_info.json_test_group = json_array_get(test_groups, group_idx);
+ ret = fips_test_one_test_group();
+ json_array_append_new(write_groups, json_info.json_write_group);
+ }
+
+ return 0;
+}
+
+static int
+fips_test_one_json_file(void)
+{
+ size_t vector_set_idx, root_size;
+
+ root_size = json_array_size(json_info.json_root);
+ fips_test_json_init_writeback();
+
+ for (vector_set_idx = 1; vector_set_idx < root_size; vector_set_idx++) {
+ /* Vector set index starts at 1, the 0th index contains test session
+ * information.
+ */
+ json_info.json_vector_set = json_array_get(json_info.json_root, vector_set_idx);
+ fips_test_one_vector_set();
+ json_array_append_new(json_info.json_write_root, json_info.json_write_set);
+ }
+
+ json_dumpf(json_info.json_write_root, info.fp_wr, JSON_INDENT(4));
+ json_decref(json_info.json_write_root);
+
+ return 0;
+}
+#endif /* RTE_HAS_JANSSON */
--
2.25.1
^ permalink raw reply [flat|nested] 122+ messages in thread
* [v9, 05/10] examples/fips_validation: add json to gcm test
2022-05-30 15:52 ` [v9, 00/10] Add JSON vector set support to fips validation Gowrishankar Muthukrishnan
` (3 preceding siblings ...)
2022-05-30 15:52 ` [v9, 04/10] examples/fips_validation: allow json file as input Gowrishankar Muthukrishnan
@ 2022-05-30 15:52 ` Gowrishankar Muthukrishnan
2022-05-30 15:52 ` [v9, 06/10] examples/fips_validation: add json to hmac Gowrishankar Muthukrishnan
` (6 subsequent siblings)
11 siblings, 0 replies; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-30 15:52 UTC (permalink / raw)
To: dev
Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
Archana Muniganti, Jerin Jacob, Brandon Lo,
Gowrishankar Muthukrishnan
From: Brandon Lo <blo@iol.unh.edu>
Adds json-specific testing and writeback function. Allows
the user to test AES-GCM vector sets.
Signed-off-by: Brandon Lo <blo@iol.unh.edu>
Acked-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
---
v8:
* reset IV generation var in every test group as initialization.
v3:
* fix checkpatch warnings
---
examples/fips_validation/fips_validation.h | 3 +
.../fips_validation/fips_validation_gcm.c | 152 +++++++++++++++++-
examples/fips_validation/main.c | 3 +-
3 files changed, 156 insertions(+), 2 deletions(-)
diff --git a/examples/fips_validation/fips_validation.h b/examples/fips_validation/fips_validation.h
index a1c83a9a6a..8b9d528c53 100644
--- a/examples/fips_validation/fips_validation.h
+++ b/examples/fips_validation/fips_validation.h
@@ -250,6 +250,9 @@ fips_test_parse_one_json_group(void);
int
fips_test_parse_one_json_case(void);
+
+int
+parse_test_gcm_json_init(void);
#endif /* RTE_HAS_JANSSON */
int
diff --git a/examples/fips_validation/fips_validation_gcm.c b/examples/fips_validation/fips_validation_gcm.c
index 250d09bf90..7e89f2a6b2 100644
--- a/examples/fips_validation/fips_validation_gcm.c
+++ b/examples/fips_validation/fips_validation_gcm.c
@@ -6,6 +6,10 @@
#include <time.h>
#include <stdio.h>
+#ifdef RTE_HAS_JANSSON
+#include <jansson.h>
+#endif /* RTE_HAS_JANSSON */
+
#include <rte_cryptodev.h>
#include <rte_malloc.h>
@@ -37,6 +41,27 @@
#define OP_ENC_EXT_STR "ExtIV"
#define OP_ENC_INT_STR "IntIV"
+#define KEYLEN_JSON_STR "keyLen"
+#define IVLEN_JSON_STR "ivLen"
+#define PAYLOADLEN_JSON_STR "payloadLen"
+#define AADLEN_JSON_STR "aadLen"
+#define TAGLEN_JSON_STR "tagLen"
+
+#define KEY_JSON_STR "key"
+#define IV_JSON_STR "iv"
+#define PT_JSON_STR "pt"
+#define CT_JSON_STR "ct"
+#define AAD_JSON_STR "aad"
+#define TAG_JSON_STR "tag"
+#define DIR_JSON_STR "direction"
+
+#define OP_ENC_JSON_STR "encrypt"
+#define OP_DEC_JSON_STR "decrypt"
+
+#define IVGEN_JSON_STR "ivGen"
+#define OP_ENC_EXT_JSON_STR "external"
+#define OP_ENC_INT_JSON_STR "internal"
+
#define NEG_TEST_STR "FAIL"
/**
@@ -136,6 +161,40 @@ struct fips_test_callback gcm_enc_vectors[] = {
{NULL, NULL, NULL} /**< end pointer */
};
+#ifdef RTE_HAS_JANSSON
+struct fips_test_callback gcm_dec_json_vectors[] = {
+ {KEY_JSON_STR, parse_uint8_known_len_hex_str, &vec.aead.key},
+ {IV_JSON_STR, parse_uint8_known_len_hex_str, &vec.iv},
+ {CT_JSON_STR, parse_gcm_pt_ct_str, &vec.ct},
+ {AAD_JSON_STR, parse_gcm_aad_str, &vec.aead.aad},
+ {TAG_JSON_STR, parse_uint8_known_len_hex_str,
+ &vec.aead.digest},
+ {NULL, NULL, NULL} /**< end pointer */
+};
+
+struct fips_test_callback gcm_interim_json_vectors[] = {
+ {KEYLEN_JSON_STR, parser_read_uint32_bit_val, &vec.aead.key},
+ {IVLEN_JSON_STR, parser_read_uint32_bit_val, &vec.iv},
+ {PAYLOADLEN_JSON_STR, parser_read_gcm_pt_len, &vec.pt},
+ {PAYLOADLEN_JSON_STR, parser_read_uint32_bit_val, &vec.ct},
+ /**< The NIST json test vectors use 'payloadLen' to denote input text
+ * length in case of decrypt & encrypt operations.
+ */
+ {AADLEN_JSON_STR, parser_read_uint32_bit_val, &vec.aead.aad},
+ {TAGLEN_JSON_STR, parser_read_uint32_bit_val,
+ &vec.aead.digest},
+ {NULL, NULL, NULL} /**< end pointer */
+};
+
+struct fips_test_callback gcm_enc_json_vectors[] = {
+ {KEY_JSON_STR, parse_uint8_known_len_hex_str, &vec.aead.key},
+ {IV_JSON_STR, parse_uint8_known_len_hex_str, &vec.iv},
+ {PT_JSON_STR, parse_gcm_pt_ct_str, &vec.pt},
+ {AAD_JSON_STR, parse_gcm_aad_str, &vec.aead.aad},
+ {NULL, NULL, NULL} /**< end pointer */
+};
+#endif /* RTE_HAS_JANSSON */
+
static int
parse_test_gcm_writeback(struct fips_val *val)
{
@@ -194,7 +253,6 @@ parse_test_gcm_init(void)
char *tmp;
uint32_t i;
-
for (i = 0; i < info.nb_vec_lines; i++) {
char *line = info.vec[i];
@@ -218,3 +276,95 @@ parse_test_gcm_init(void)
return 0;
}
+
+#ifdef RTE_HAS_JANSSON
+static int
+parse_test_gcm_json_writeback(struct fips_val *val)
+{
+ struct fips_val tmp_val;
+ json_t *tcId, *tag;
+
+ tcId = json_object_get(json_info.json_test_case, "tcId");
+
+ json_info.json_write_case = json_object();
+ json_object_set(json_info.json_write_case, "tcId", tcId);
+
+ if (info.op == FIPS_TEST_ENC_AUTH_GEN) {
+ json_t *ct;
+
+ tmp_val.val = val->val;
+ tmp_val.len = vec.pt.len;
+
+ writeback_hex_str("", info.one_line_text, &tmp_val);
+ ct = json_string(info.one_line_text);
+ json_object_set_new(json_info.json_write_case, CT_JSON_STR, ct);
+
+ if (info.interim_info.gcm_data.gen_iv) {
+ json_t *iv;
+ tmp_val.val = vec.iv.val;
+ tmp_val.len = vec.iv.len;
+
+ writeback_hex_str("", info.one_line_text, &tmp_val);
+ iv = json_string(info.one_line_text);
+ json_object_set_new(json_info.json_write_case, IV_JSON_STR, iv);
+
+ rte_free(vec.iv.val);
+ vec.iv.val = NULL;
+ }
+
+ tmp_val.val = val->val + vec.pt.len;
+ tmp_val.len = val->len - vec.pt.len;
+
+ writeback_hex_str("", info.one_line_text, &tmp_val);
+ tag = json_string(info.one_line_text);
+ json_object_set_new(json_info.json_write_case, TAG_JSON_STR, tag);
+ } else {
+ if (vec.status == RTE_CRYPTO_OP_STATUS_SUCCESS) {
+ if (!info.interim_info.gcm_data.is_gmac) {
+ tmp_val.val = val->val;
+ tmp_val.len = vec.pt.len;
+
+ writeback_hex_str("", info.one_line_text, &tmp_val);
+ json_object_set_new(json_info.json_write_case, PT_JSON_STR,
+ json_string(info.one_line_text));
+ }
+ } else {
+ json_object_set_new(json_info.json_write_case, "testPassed", json_false());
+ }
+ }
+
+ return 0;
+}
+
+int
+parse_test_gcm_json_init(void)
+{
+ json_t *direction_obj;
+ const char *direction_str;
+
+ direction_obj = json_object_get(json_info.json_test_group, DIR_JSON_STR);
+ direction_str = json_string_value(direction_obj);
+ info.interim_info.gcm_data.gen_iv = 0;
+
+ if (strcmp(direction_str, OP_ENC_JSON_STR) == 0) {
+ json_t *ivGen_obj = json_object_get(json_info.json_test_group, IVGEN_JSON_STR);
+ const char *ivGen_str = json_string_value(ivGen_obj);
+
+ info.op = FIPS_TEST_ENC_AUTH_GEN;
+ info.callbacks = gcm_enc_json_vectors;
+
+ if (strcmp(ivGen_str, OP_ENC_INT_JSON_STR) == 0)
+ info.interim_info.gcm_data.gen_iv = 1;
+ } else if (strcmp(direction_str, OP_DEC_JSON_STR) == 0) {
+ info.op = FIPS_TEST_DEC_AUTH_VERIF;
+ info.callbacks = gcm_dec_json_vectors;
+ } else {
+ return -EINVAL;
+ }
+ info.interim_callbacks = gcm_interim_json_vectors;
+ info.parse_writeback = parse_test_gcm_json_writeback;
+
+ return 0;
+}
+#endif /* RTE_HAS_JANSSON */
+
diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c
index 5bebff853e..e729b01529 100644
--- a/examples/fips_validation/main.c
+++ b/examples/fips_validation/main.c
@@ -1955,11 +1955,12 @@ fips_test_one_test_group(void)
switch (info.algo) {
case FIPS_TEST_ALGO_AES_GCM:
- ret = parse_test_gcm_init();
+ ret = parse_test_gcm_json_init();
break;
default:
return -EINVAL;
}
+
if (ret < 0)
return ret;
--
2.25.1
^ permalink raw reply [flat|nested] 122+ messages in thread
* [v9, 06/10] examples/fips_validation: add json to hmac
2022-05-30 15:52 ` [v9, 00/10] Add JSON vector set support to fips validation Gowrishankar Muthukrishnan
` (4 preceding siblings ...)
2022-05-30 15:52 ` [v9, 05/10] examples/fips_validation: add json to gcm test Gowrishankar Muthukrishnan
@ 2022-05-30 15:52 ` Gowrishankar Muthukrishnan
2022-05-30 15:52 ` [v9, 07/10] examples/fips_validation: implement json cmac test Gowrishankar Muthukrishnan
` (5 subsequent siblings)
11 siblings, 0 replies; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-30 15:52 UTC (permalink / raw)
To: dev
Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
Archana Muniganti, Jerin Jacob, Brandon Lo,
Gowrishankar Muthukrishnan
From: Brandon Lo <blo@iol.unh.edu>
Adds JSON support for the HMAC algorithm.
Signed-off-by: Brandon Lo <blo@iol.unh.edu>
Acked-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
---
examples/fips_validation/fips_validation.c | 2 +
examples/fips_validation/fips_validation.h | 6 ++
.../fips_validation/fips_validation_hmac.c | 93 +++++++++++++++++++
examples/fips_validation/main.c | 3 +
4 files changed, 104 insertions(+)
diff --git a/examples/fips_validation/fips_validation.c b/examples/fips_validation/fips_validation.c
index 6594a15579..e8520f59cf 100644
--- a/examples/fips_validation/fips_validation.c
+++ b/examples/fips_validation/fips_validation.c
@@ -458,6 +458,8 @@ fips_test_parse_one_json_vector_set(void)
/* Vector sets contain the algorithm type, and nothing else we need. */
if (strstr(algo_str, "AES-GCM"))
info.algo = FIPS_TEST_ALGO_AES_GCM;
+ if (strstr(algo_str, "HMAC"))
+ info.algo = FIPS_TEST_ALGO_HMAC;
else
return -EINVAL;
diff --git a/examples/fips_validation/fips_validation.h b/examples/fips_validation/fips_validation.h
index 8b9d528c53..3b3ffb7fa6 100644
--- a/examples/fips_validation/fips_validation.h
+++ b/examples/fips_validation/fips_validation.h
@@ -253,6 +253,12 @@ fips_test_parse_one_json_case(void);
int
parse_test_gcm_json_init(void);
+
+int
+parse_test_hmac_json_init(void);
+
+int
+parse_test_hmac_json_algorithm(void);
#endif /* RTE_HAS_JANSSON */
int
diff --git a/examples/fips_validation/fips_validation_hmac.c b/examples/fips_validation/fips_validation_hmac.c
index 1285c9d283..4cd1b1ac07 100644
--- a/examples/fips_validation/fips_validation_hmac.c
+++ b/examples/fips_validation/fips_validation_hmac.c
@@ -19,6 +19,15 @@
#define PT_STR "Msg = "
#define TAG_STR "Mac = "
+#define ALGO_JSON_STR "algorithm"
+
+#define KEYLEN_JSON_STR "keyLen"
+#define TAGLEN_JSON_STR "macLen"
+
+#define KEY_JSON_STR "key"
+#define PT_JSON_STR "msg"
+#define TAG_JSON_STR "mac"
+
struct hash_size_conversion {
const char *str;
enum rte_crypto_auth_algorithm algo;
@@ -65,6 +74,29 @@ struct fips_test_callback hmac_tests_interim_vectors[] = {
{NULL, NULL, NULL} /**< end pointer */
};
+#ifdef RTE_HAS_JANSSON
+struct hash_size_conversion json_algorithms[] = {
+ {"HMAC-SHA-1", RTE_CRYPTO_AUTH_SHA1_HMAC},
+ {"HMAC-SHA2-224", RTE_CRYPTO_AUTH_SHA224_HMAC},
+ {"HMAC-SHA2-256", RTE_CRYPTO_AUTH_SHA256_HMAC},
+ {"HMAC-SHA2-384", RTE_CRYPTO_AUTH_SHA384_HMAC},
+ {"HMAC-SHA2-512", RTE_CRYPTO_AUTH_SHA512_HMAC},
+};
+
+struct fips_test_callback hmac_tests_json_vectors[] = {
+ {KEY_JSON_STR, parse_uint8_hex_str, &vec.cipher_auth.key},
+ {PT_JSON_STR, parse_uint8_hex_str, &vec.pt},
+ {TAG_JSON_STR, parse_uint8_hex_str, &vec.cipher_auth.digest},
+ {NULL, NULL, NULL} /**< end pointer */
+};
+
+struct fips_test_callback hmac_tests_interim_json_vectors[] = {
+ {KEYLEN_JSON_STR, parser_read_uint32_val, &vec.cipher_auth.key},
+ {TAGLEN_JSON_STR, parser_read_uint32_bit_val, &vec.cipher_auth.digest},
+ {NULL, NULL, NULL} /**< end pointer */
+};
+#endif /* RTE_HAS_JANSSON */
+
static int
parse_test_hmac_writeback(struct fips_val *val)
{
@@ -103,3 +135,64 @@ parse_test_hmac_init(void)
return 0;
}
+
+#ifdef RTE_HAS_JANSSON
+static int
+parse_test_hmac_json_writeback(struct fips_val *val)
+{
+ struct fips_val val_local;
+ json_t *tcId, *mac;
+
+ tcId = json_object_get(json_info.json_test_case, "tcId");
+
+ json_info.json_write_case = json_object();
+ json_object_set(json_info.json_write_case, "tcId", tcId);
+
+
+ val_local.val = val->val + vec.pt.len;
+ val_local.len = vec.cipher_auth.digest.len;
+
+ writeback_hex_str("", info.one_line_text, &val_local);
+
+ mac = json_string(info.one_line_text);
+ json_object_set_new(json_info.json_write_case, TAG_JSON_STR, mac);
+
+ return 0;
+}
+
+int
+parse_test_hmac_json_algorithm(void)
+{
+ json_t *algorithm_object;
+ const char *algorithm_str;
+ uint32_t i;
+
+ algorithm_object = json_object_get(json_info.json_vector_set, "algorithm");
+ algorithm_str = json_string_value(algorithm_object);
+
+ for (i = 0; i < RTE_DIM(json_algorithms); i++) {
+ if (strstr(algorithm_str, json_algorithms[i].str)) {
+ info.interim_info.hmac_data.algo = json_algorithms[i].algo;
+ return 0;
+ }
+ }
+
+ return -1;
+}
+
+int
+parse_test_hmac_json_init(void)
+{
+ info.op = FIPS_TEST_ENC_AUTH_GEN;
+ info.parse_writeback = parse_test_hmac_json_writeback;
+ info.callbacks = hmac_tests_json_vectors;
+ info.writeback_callbacks = NULL;
+ info.kat_check = rsp_test_hmac_check;
+ info.interim_callbacks = hmac_tests_interim_json_vectors;
+
+ if (parse_test_hmac_json_algorithm() < 0)
+ return -1;
+
+ return 0;
+}
+#endif /* RTE_HAS_JANSSON */
diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c
index e729b01529..2393559d0d 100644
--- a/examples/fips_validation/main.c
+++ b/examples/fips_validation/main.c
@@ -1957,6 +1957,9 @@ fips_test_one_test_group(void)
case FIPS_TEST_ALGO_AES_GCM:
ret = parse_test_gcm_json_init();
break;
+ case FIPS_TEST_ALGO_HMAC:
+ ret = parse_test_hmac_json_init();
+ break;
default:
return -EINVAL;
}
--
2.25.1
^ permalink raw reply [flat|nested] 122+ messages in thread
* [v9, 07/10] examples/fips_validation: implement json cmac test
2022-05-30 15:52 ` [v9, 00/10] Add JSON vector set support to fips validation Gowrishankar Muthukrishnan
` (5 preceding siblings ...)
2022-05-30 15:52 ` [v9, 06/10] examples/fips_validation: add json to hmac Gowrishankar Muthukrishnan
@ 2022-05-30 15:52 ` Gowrishankar Muthukrishnan
2022-05-30 15:52 ` [v9, 08/10] examples/fips_validation: add parsing for cmac Gowrishankar Muthukrishnan
` (4 subsequent siblings)
11 siblings, 0 replies; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-30 15:52 UTC (permalink / raw)
To: dev
Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
Archana Muniganti, Jerin Jacob, Brandon Lo,
Gowrishankar Muthukrishnan
From: Brandon Lo <blo@iol.unh.edu>
Implemented JSON support for the CMAC test.
Signed-off-by: Brandon Lo <blo@iol.unh.edu>
Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
---
v5:
* parser_read_cmac_direction_str is static.
---
examples/fips_validation/fips_validation.h | 3 +
.../fips_validation/fips_validation_cmac.c | 80 +++++++++++++++++++
2 files changed, 83 insertions(+)
diff --git a/examples/fips_validation/fips_validation.h b/examples/fips_validation/fips_validation.h
index 3b3ffb7fa6..88cbb0303e 100644
--- a/examples/fips_validation/fips_validation.h
+++ b/examples/fips_validation/fips_validation.h
@@ -259,6 +259,9 @@ parse_test_hmac_json_init(void);
int
parse_test_hmac_json_algorithm(void);
+
+int
+parse_test_cmac_json_init(void);
#endif /* RTE_HAS_JANSSON */
int
diff --git a/examples/fips_validation/fips_validation_cmac.c b/examples/fips_validation/fips_validation_cmac.c
index 54c951ef83..094e3922a4 100644
--- a/examples/fips_validation/fips_validation_cmac.c
+++ b/examples/fips_validation/fips_validation_cmac.c
@@ -32,6 +32,18 @@
#define PASS_STR "P"
#define FAIL_STR "F"
+#define KLEN_JSON_STR "keyLen"
+#define PTLEN_JSON_STR "msgLen"
+#define TAGLEN_JSON_STR "macLen"
+#define KEY_JSON_STR "key"
+#define PT_JSON_STR "message"
+#define TAG_JSON_STR "mac"
+#define DIRECTION_JSON_STR "direction"
+#define POS_NEG_JSON_STR "testPassed"
+
+#define GEN_JSON_STR "gen"
+#define VERIF_JSON_STR "ver"
+
struct hash_algo_conversion {
const char *str;
enum fips_test_algorithms algo;
@@ -39,6 +51,74 @@ struct hash_algo_conversion {
{"AES", FIPS_TEST_ALGO_AES_CMAC},
};
+#ifdef RTE_HAS_JANSSON
+static int
+parser_read_cmac_direction_str(__rte_unused const char *key, char *src,
+ __rte_unused struct fips_val *val)
+{
+ if (strcmp(src, "gen") == 0)
+ info.op = FIPS_TEST_ENC_AUTH_GEN;
+ else if (strcmp(src, "ver") == 0)
+ info.op = FIPS_TEST_DEC_AUTH_VERIF;
+
+ return 0;
+}
+
+struct fips_test_callback cmac_tests_interim_json_vectors[] = {
+ {KLEN_JSON_STR, parser_read_uint32_bit_val, &vec.cipher_auth.key},
+ {PTLEN_JSON_STR, parser_read_uint32_bit_val, &vec.pt},
+ {TAGLEN_JSON_STR, parser_read_uint32_bit_val, &vec.cipher_auth.digest},
+ {DIRECTION_JSON_STR, parser_read_cmac_direction_str, NULL},
+ {NULL, NULL, NULL} /**< end pointer */
+};
+
+struct fips_test_callback cmac_tests_json_vectors[] = {
+ {KEY_JSON_STR, parse_uint8_hex_str, &vec.cipher_auth.key},
+ {PT_JSON_STR, parse_uint8_known_len_hex_str, &vec.pt},
+ {TAG_JSON_STR, parse_uint8_known_len_hex_str,
+ &vec.cipher_auth.digest},
+ {NULL, NULL, NULL} /**< end pointer */
+};
+
+static int
+parse_test_cmac_json_writeback(struct fips_val *val)
+{
+ json_info.json_write_case = json_object();
+ json_object_set(json_info.json_write_case, "tcId",
+ json_object_get(json_info.json_test_case, "tcId"));
+
+ if (info.op == FIPS_TEST_ENC_AUTH_GEN) {
+ struct fips_val tmp_val = {val->val + vec.pt.len,
+ vec.cipher_auth.digest.len};
+
+ writeback_hex_str("", info.one_line_text, &tmp_val);
+ json_object_set_new(json_info.json_write_case, TAG_JSON_STR,
+ json_string(info.one_line_text));
+ } else {
+ if (vec.status == RTE_CRYPTO_OP_STATUS_SUCCESS)
+ json_object_set_new(json_info.json_write_case, POS_NEG_JSON_STR,
+ json_boolean(true));
+ else if (vec.status == RTE_CRYPTO_OP_STATUS_AUTH_FAILED)
+ json_object_set_new(json_info.json_write_case, POS_NEG_JSON_STR,
+ json_boolean(false));
+ }
+
+ return 0;
+}
+
+int
+parse_test_cmac_json_init(void)
+{
+ info.algo = FIPS_TEST_ALGO_AES_CMAC;
+
+ info.parse_writeback = parse_test_cmac_json_writeback;
+ info.callbacks = cmac_tests_json_vectors;
+ info.interim_callbacks = cmac_tests_interim_json_vectors;
+
+ return 0;
+}
+#endif /* RTE_HAS_JANSSON */
+
static int
parse_test_cmac_writeback(struct fips_val *val)
{
--
2.25.1
^ permalink raw reply [flat|nested] 122+ messages in thread
* [v9, 08/10] examples/fips_validation: add parsing for cmac
2022-05-30 15:52 ` [v9, 00/10] Add JSON vector set support to fips validation Gowrishankar Muthukrishnan
` (6 preceding siblings ...)
2022-05-30 15:52 ` [v9, 07/10] examples/fips_validation: implement json cmac test Gowrishankar Muthukrishnan
@ 2022-05-30 15:52 ` Gowrishankar Muthukrishnan
2022-05-30 15:52 ` [v9, 09/10] examples/fips_validation: add parsing for aes_cbc Gowrishankar Muthukrishnan
` (3 subsequent siblings)
11 siblings, 0 replies; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-30 15:52 UTC (permalink / raw)
To: dev
Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
Archana Muniganti, Jerin Jacob, Brandon Lo,
Gowrishankar Muthukrishnan
From: Brandon Lo <blo@iol.unh.edu>
Added function to parse algorithm for CMAC test.
Signed-off-by: Brandon Lo <blo@iol.unh.edu>
Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
--
v5:
* parser_read_cmac_direction_str implementation moved to static.
---
examples/fips_validation/fips_validation.c | 19 ++++++++++++++++---
examples/fips_validation/main.c | 3 +++
2 files changed, 19 insertions(+), 3 deletions(-)
diff --git a/examples/fips_validation/fips_validation.c b/examples/fips_validation/fips_validation.c
index e8520f59cf..ab4c0d0eca 100644
--- a/examples/fips_validation/fips_validation.c
+++ b/examples/fips_validation/fips_validation.c
@@ -460,6 +460,8 @@ fips_test_parse_one_json_vector_set(void)
info.algo = FIPS_TEST_ALGO_AES_GCM;
if (strstr(algo_str, "HMAC"))
info.algo = FIPS_TEST_ALGO_HMAC;
+ if (strstr(algo_str, "CMAC"))
+ info.algo = FIPS_TEST_ALGO_AES_CMAC;
else
return -EINVAL;
@@ -470,7 +472,6 @@ int
fips_test_parse_one_json_group(void)
{
int ret, i;
- json_int_t val;
json_t *param;
if (info.interim_callbacks) {
@@ -478,8 +479,20 @@ fips_test_parse_one_json_group(void)
for (i = 0; info.interim_callbacks[i].key != NULL; i++) {
param = json_object_get(json_info.json_test_group,
info.interim_callbacks[i].key);
- val = json_integer_value(param);
- snprintf(json_value, 255, "%"JSON_INTEGER_FORMAT, val);
+ switch (json_typeof(param)) {
+ case JSON_STRING:
+ snprintf(json_value, 256, "%s", json_string_value(param));
+ break;
+
+ case JSON_INTEGER:
+ snprintf(json_value, 255, "%"JSON_INTEGER_FORMAT,
+ json_integer_value(param));
+ break;
+
+ default:
+ return -EINVAL;
+ }
+
/* First argument is blank because the key
* is not included in the string being parsed.
*/
diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c
index 2393559d0d..1645fa99e5 100644
--- a/examples/fips_validation/main.c
+++ b/examples/fips_validation/main.c
@@ -1960,6 +1960,9 @@ fips_test_one_test_group(void)
case FIPS_TEST_ALGO_HMAC:
ret = parse_test_hmac_json_init();
break;
+ case FIPS_TEST_ALGO_AES_CMAC:
+ ret = parse_test_cmac_json_init();
+ break;
default:
return -EINVAL;
}
--
2.25.1
^ permalink raw reply [flat|nested] 122+ messages in thread
* [v9, 09/10] examples/fips_validation: add parsing for aes_cbc
2022-05-30 15:52 ` [v9, 00/10] Add JSON vector set support to fips validation Gowrishankar Muthukrishnan
` (7 preceding siblings ...)
2022-05-30 15:52 ` [v9, 08/10] examples/fips_validation: add parsing for cmac Gowrishankar Muthukrishnan
@ 2022-05-30 15:52 ` Gowrishankar Muthukrishnan
2022-05-30 15:52 ` [v9, 10/10] doc: add notes about acvp validation support Gowrishankar Muthukrishnan
` (2 subsequent siblings)
11 siblings, 0 replies; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-30 15:52 UTC (permalink / raw)
To: dev
Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
Archana Muniganti, Jerin Jacob, Gowrishankar Muthukrishnan
Added function to parse algorithm for AES_CBC test.
Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
--
v6:
* fixed local variable initialization in fips_mct_aes_test.
---
examples/fips_validation/fips_validation.c | 8 +-
examples/fips_validation/fips_validation.h | 4 +
.../fips_validation/fips_validation_aes.c | 223 ++++++++++++++++++
examples/fips_validation/main.c | 76 ++++--
4 files changed, 284 insertions(+), 27 deletions(-)
diff --git a/examples/fips_validation/fips_validation.c b/examples/fips_validation/fips_validation.c
index ab4c0d0eca..8cec172a5f 100644
--- a/examples/fips_validation/fips_validation.c
+++ b/examples/fips_validation/fips_validation.c
@@ -120,7 +120,7 @@ fips_test_parse_header(void)
for (i = 0; i < info.nb_vec_lines; i++) {
if (!algo_parsed) {
- if (strstr(info.vec[i], "AESVS")) {
+ if (strstr(info.vec[i], "AES")) {
algo_parsed = 1;
info.algo = FIPS_TEST_ALGO_AES;
ret = parse_test_aes_init();
@@ -458,10 +458,12 @@ fips_test_parse_one_json_vector_set(void)
/* Vector sets contain the algorithm type, and nothing else we need. */
if (strstr(algo_str, "AES-GCM"))
info.algo = FIPS_TEST_ALGO_AES_GCM;
- if (strstr(algo_str, "HMAC"))
+ else if (strstr(algo_str, "HMAC"))
info.algo = FIPS_TEST_ALGO_HMAC;
- if (strstr(algo_str, "CMAC"))
+ else if (strstr(algo_str, "CMAC"))
info.algo = FIPS_TEST_ALGO_AES_CMAC;
+ else if (strstr(algo_str, "AES-CBC"))
+ info.algo = FIPS_TEST_ALGO_AES;
else
return -EINVAL;
diff --git a/examples/fips_validation/fips_validation.h b/examples/fips_validation/fips_validation.h
index 88cbb0303e..6385ec4d8d 100644
--- a/examples/fips_validation/fips_validation.h
+++ b/examples/fips_validation/fips_validation.h
@@ -103,6 +103,7 @@ enum fips_aesavs_test_types {
AESAVS_TYPE_VARTXT,
AESAVS_TYPE_MMT,
AESAVS_TYPE_MCT,
+ AESAVS_TYPE_AFT,
};
enum fips_tdes_test_types {
@@ -262,6 +263,9 @@ parse_test_hmac_json_algorithm(void);
int
parse_test_cmac_json_init(void);
+
+int
+parse_test_aes_json_init(void);
#endif /* RTE_HAS_JANSSON */
int
diff --git a/examples/fips_validation/fips_validation_aes.c b/examples/fips_validation/fips_validation_aes.c
index b3c5e31f32..8db6f4fa31 100644
--- a/examples/fips_validation/fips_validation_aes.c
+++ b/examples/fips_validation/fips_validation_aes.c
@@ -7,6 +7,7 @@
#include <stdio.h>
#include <rte_cryptodev.h>
+#include <rte_malloc.h>
#include "fips_validation.h"
@@ -25,6 +26,19 @@
#define OP_ENC_STR "ENCRYPT"
#define OP_DEC_STR "DECRYPT"
+#define ALGO_JSON_STR "algorithm"
+#define TESTTYPE_JSON_STR "testType"
+#define DIR_JSON_STR "direction"
+#define KEYLEN_JSON_STR "keyLen"
+
+#define KEY_JSON_STR "key"
+#define IV_JSON_STR "iv"
+#define PT_JSON_STR "pt"
+#define CT_JSON_STR "ct"
+
+#define OP_ENC_JSON_STR "encrypt"
+#define OP_DEC_JSON_STR "decrypt"
+
struct {
uint32_t type;
const char *desc;
@@ -37,6 +51,7 @@ struct {
{TDES_VARIABLE_TEXT, "KAT"},
{AESAVS_TYPE_MMT, "MMT"},
{AESAVS_TYPE_MCT, "MCT"},
+ {AESAVS_TYPE_AFT, "AFT"},
};
struct aes_test_algo {
@@ -92,6 +107,214 @@ struct fips_test_callback aes_writeback_callbacks[] = {
{NULL, NULL, NULL} /**< end pointer */
};
+#ifdef RTE_HAS_JANSSON
+struct fips_test_callback aes_dec_json_vectors[] = {
+ {KEY_JSON_STR, parse_uint8_known_len_hex_str, &vec.cipher_auth.key},
+ {IV_JSON_STR, parse_uint8_hex_str, &vec.iv},
+ {CT_JSON_STR, parse_uint8_hex_str, &vec.ct},
+ {NULL, NULL, NULL} /**< end pointer */
+};
+
+struct fips_test_callback aes_interim_json_vectors[] = {
+ {KEYLEN_JSON_STR, parser_read_uint32_bit_val, &vec.cipher_auth.key},
+ {NULL, NULL, NULL} /**< end pointer */
+};
+
+struct fips_test_callback aes_enc_json_vectors[] = {
+ {KEY_JSON_STR, parse_uint8_known_len_hex_str, &vec.cipher_auth.key},
+ {IV_JSON_STR, parse_uint8_hex_str, &vec.iv},
+ {PT_JSON_STR, parse_uint8_hex_str, &vec.pt},
+ {NULL, NULL, NULL} /**< end pointer */
+};
+
+static int
+parse_test_aes_json_writeback(struct fips_val *val)
+{
+ struct fips_val tmp_val;
+ json_t *tcId;
+
+ tcId = json_object_get(json_info.json_test_case, "tcId");
+
+ json_info.json_write_case = json_object();
+ json_object_set(json_info.json_write_case, "tcId", tcId);
+
+ if (info.op == FIPS_TEST_ENC_AUTH_GEN) {
+ json_t *ct;
+
+ tmp_val.val = val->val;
+ tmp_val.len = vec.pt.len;
+
+ writeback_hex_str("", info.one_line_text, &tmp_val);
+ ct = json_string(info.one_line_text);
+ json_object_set_new(json_info.json_write_case, CT_JSON_STR, ct);
+
+ tmp_val.val = val->val + vec.pt.len;
+ tmp_val.len = val->len - vec.pt.len;
+
+ writeback_hex_str("", info.one_line_text, &tmp_val);
+ } else {
+ if (vec.status == RTE_CRYPTO_OP_STATUS_SUCCESS) {
+ tmp_val.val = val->val;
+ tmp_val.len = vec.ct.len;
+
+ writeback_hex_str("", info.one_line_text, &tmp_val);
+ json_object_set_new(json_info.json_write_case, PT_JSON_STR,
+ json_string(info.one_line_text));
+ } else {
+ json_object_set_new(json_info.json_write_case, "testPassed", json_false());
+ }
+ }
+
+ return 0;
+}
+
+static int
+parse_test_aes_mct_json_writeback(struct fips_val *val)
+{
+ json_t *tcId, *resArr, *res, *ct, *pt, *key, *iv;
+ struct fips_val tmp_val;
+
+ tcId = json_object_get(json_info.json_test_case, "tcId");
+ if (json_info.json_write_case) {
+ json_t *wcId;
+
+ wcId = json_object_get(json_info.json_write_case, "tcId");
+ if (!json_equal(tcId, wcId)) {
+ json_info.json_write_case = json_object();
+ json_object_set(json_info.json_write_case, "tcId", tcId);
+ json_object_set(json_info.json_write_case, "resultsArray", json_array());
+ }
+ } else {
+ json_info.json_write_case = json_object();
+ json_object_set(json_info.json_write_case, "tcId", tcId);
+ json_object_set(json_info.json_write_case, "resultsArray", json_array());
+ }
+
+ resArr = json_object_get(json_info.json_write_case, "resultsArray");
+ if (!json_is_array(resArr))
+ return -EINVAL;
+
+ res = json_object();
+ if (info .op == FIPS_TEST_ENC_AUTH_GEN) {
+ writeback_hex_str("", info.one_line_text, &vec.cipher_auth.key);
+ key = json_string(info.one_line_text);
+ json_object_set_new(res, KEY_JSON_STR, key);
+
+ writeback_hex_str("", info.one_line_text, &val[2]);
+ iv = json_string(info.one_line_text);
+ json_object_set_new(res, IV_JSON_STR, iv);
+
+ writeback_hex_str("", info.one_line_text, &val[1]);
+ pt = json_string(info.one_line_text);
+ json_object_set_new(res, PT_JSON_STR, pt);
+
+ tmp_val.val = val->val;
+ tmp_val.len = vec.pt.len;
+
+ writeback_hex_str("", info.one_line_text, &tmp_val);
+ ct = json_string(info.one_line_text);
+ json_object_set_new(res, CT_JSON_STR, ct);
+
+ tmp_val.val = val->val + vec.pt.len;
+ tmp_val.len = val->len - vec.pt.len;
+
+ writeback_hex_str("", info.one_line_text, &tmp_val);
+ } else {
+ if (vec.status == RTE_CRYPTO_OP_STATUS_SUCCESS) {
+ writeback_hex_str("", info.one_line_text, &vec.cipher_auth.key);
+ key = json_string(info.one_line_text);
+ json_object_set_new(res, KEY_JSON_STR, key);
+
+ writeback_hex_str("", info.one_line_text, &val[2]);
+ iv = json_string(info.one_line_text);
+ json_object_set_new(res, IV_JSON_STR, iv);
+
+ tmp_val.val = val->val;
+ tmp_val.len = vec.ct.len;
+
+ writeback_hex_str("", info.one_line_text, &tmp_val);
+ pt = json_string(info.one_line_text);
+ json_object_set_new(res, PT_JSON_STR, pt);
+
+ writeback_hex_str("", info.one_line_text, &val[1]);
+ ct = json_string(info.one_line_text);
+ json_object_set_new(res, CT_JSON_STR, ct);
+ } else {
+ json_object_set_new(json_info.json_write_case, "testPassed", json_false());
+ }
+ }
+
+ json_array_append_new(resArr, res);
+ return 0;
+}
+
+int
+parse_test_aes_json_init(void)
+{
+ json_t *type_obj = json_object_get(json_info.json_test_group, TESTTYPE_JSON_STR);
+ json_t *algo_obj = json_object_get(json_info.json_vector_set, ALGO_JSON_STR);
+ const char *type_str = json_string_value(type_obj);
+ const char *algo_str = json_string_value(algo_obj);
+ uint32_t i;
+
+ if (json_info.json_test_group) {
+ json_t *direction_obj;
+ const char *direction_str;
+
+ direction_obj = json_object_get(json_info.json_test_group, DIR_JSON_STR);
+ direction_str = json_string_value(direction_obj);
+
+ if (strcmp(direction_str, OP_ENC_JSON_STR) == 0) {
+ info.op = FIPS_TEST_ENC_AUTH_GEN;
+ info.callbacks = aes_enc_json_vectors;
+
+ } else if (strcmp(direction_str, OP_DEC_JSON_STR) == 0) {
+ info.op = FIPS_TEST_DEC_AUTH_VERIF;
+ info.callbacks = aes_dec_json_vectors;
+ } else {
+ return -EINVAL;
+ }
+ info.interim_callbacks = aes_interim_json_vectors;
+ }
+
+ for (i = 0; i < RTE_DIM(aes_test_types); i++)
+ if (strstr(type_str, aes_test_types[i].desc)) {
+ info.interim_info.aes_data.test_type =
+ aes_test_types[i].type;
+ break;
+ }
+
+ if (i >= RTE_DIM(aes_test_types))
+ return -EINVAL;
+
+ switch (info.interim_info.aes_data.test_type) {
+ case AESAVS_TYPE_MCT:
+ info.parse_writeback = parse_test_aes_mct_json_writeback;
+ break;
+ case AESAVS_TYPE_AFT:
+ info.parse_writeback = parse_test_aes_json_writeback;
+ break;
+ default:
+ info.parse_writeback = NULL;
+ }
+
+ if (!info.parse_writeback)
+ return -EINVAL;
+
+ for (i = 0; i < RTE_DIM(algo_con); i++)
+ if (strstr(algo_str, algo_con[i].name)) {
+ info.interim_info.aes_data.cipher_algo =
+ (uint32_t)algo_con[i].algo;
+ break;
+ }
+
+ if (i >= RTE_DIM(algo_con))
+ return -EINVAL;
+
+ return 0;
+}
+#endif /* RTE_HAS_JANSSON */
+
static int
parse_test_aes_writeback(struct fips_val *val)
{
diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c
index 1645fa99e5..332a4110e3 100644
--- a/examples/fips_validation/main.c
+++ b/examples/fips_validation/main.c
@@ -1556,7 +1556,7 @@ fips_mct_aes_test(void)
#define AES_BLOCK_SIZE 16
#define AES_EXTERN_ITER 100
#define AES_INTERN_ITER 1000
- struct fips_val val = {NULL, 0}, val_key;
+ struct fips_val val[3] = {{NULL, 0},}, val_key, pt, ct, iv;
uint8_t prev_out[AES_BLOCK_SIZE] = {0};
uint8_t prev_in[AES_BLOCK_SIZE] = {0};
uint32_t i, j, k;
@@ -1565,11 +1565,16 @@ fips_mct_aes_test(void)
if (info.interim_info.aes_data.cipher_algo == RTE_CRYPTO_CIPHER_AES_ECB)
return fips_mct_aes_ecb_test();
+ memset(&pt, 0, sizeof(struct fips_val));
+ memset(&ct, 0, sizeof(struct fips_val));
+ memset(&iv, 0, sizeof(struct fips_val));
for (i = 0; i < AES_EXTERN_ITER; i++) {
- if (i != 0)
- update_info_vec(i);
+ if (info.file_type != FIPS_TYPE_JSON) {
+ if (i != 0)
+ update_info_vec(i);
- fips_test_write_one_case();
+ fips_test_write_one_case();
+ }
for (j = 0; j < AES_INTERN_ITER; j++) {
ret = fips_run_test();
@@ -1585,7 +1590,7 @@ fips_mct_aes_test(void)
return ret;
}
- ret = get_writeback_data(&val);
+ ret = get_writeback_data(&val[0]);
if (ret < 0)
return ret;
@@ -1593,24 +1598,39 @@ fips_mct_aes_test(void)
memcpy(prev_in, vec.ct.val, AES_BLOCK_SIZE);
if (j == 0) {
- memcpy(prev_out, val.val, AES_BLOCK_SIZE);
+ memcpy(prev_out, val[0].val, AES_BLOCK_SIZE);
+ pt.len = vec.pt.len;
+ pt.val = calloc(1, pt.len);
+ memcpy(pt.val, vec.pt.val, pt.len);
+
+ ct.len = vec.ct.len;
+ ct.val = calloc(1, ct.len);
+ memcpy(ct.val, vec.ct.val, ct.len);
+
+ iv.len = vec.iv.len;
+ iv.val = calloc(1, iv.len);
+ memcpy(iv.val, vec.iv.val, iv.len);
if (info.op == FIPS_TEST_ENC_AUTH_GEN) {
- memcpy(vec.pt.val, vec.iv.val,
- AES_BLOCK_SIZE);
- memcpy(vec.iv.val, val.val,
- AES_BLOCK_SIZE);
+ memcpy(vec.pt.val, vec.iv.val, AES_BLOCK_SIZE);
+ memcpy(vec.iv.val, val[0].val, AES_BLOCK_SIZE);
+ val[1].val = pt.val;
+ val[1].len = pt.len;
+ val[2].val = iv.val;
+ val[2].len = iv.len;
} else {
- memcpy(vec.ct.val, vec.iv.val,
- AES_BLOCK_SIZE);
- memcpy(vec.iv.val, prev_in,
- AES_BLOCK_SIZE);
+ memcpy(vec.ct.val, vec.iv.val, AES_BLOCK_SIZE);
+ memcpy(vec.iv.val, prev_in, AES_BLOCK_SIZE);
+ val[1].val = ct.val;
+ val[1].len = ct.len;
+ val[2].val = iv.val;
+ val[2].len = iv.len;
}
continue;
}
if (info.op == FIPS_TEST_ENC_AUTH_GEN) {
- memcpy(vec.iv.val, val.val, AES_BLOCK_SIZE);
+ memcpy(vec.iv.val, val[0].val, AES_BLOCK_SIZE);
memcpy(vec.pt.val, prev_out, AES_BLOCK_SIZE);
} else {
memcpy(vec.iv.val, prev_in, AES_BLOCK_SIZE);
@@ -1620,33 +1640,38 @@ fips_mct_aes_test(void)
if (j == AES_INTERN_ITER - 1)
continue;
- memcpy(prev_out, val.val, AES_BLOCK_SIZE);
+ memcpy(prev_out, val[0].val, AES_BLOCK_SIZE);
}
- info.parse_writeback(&val);
- fprintf(info.fp_wr, "\n");
+ info.parse_writeback(val);
+ if (info.file_type != FIPS_TYPE_JSON)
+ fprintf(info.fp_wr, "\n");
- if (i == AES_EXTERN_ITER - 1)
+ if (i == AES_EXTERN_ITER - 1) {
+ free(pt.val);
+ free(ct.val);
+ free(iv.val);
continue;
+ }
/** update key */
memcpy(&val_key, &vec.cipher_auth.key, sizeof(val_key));
for (k = 0; k < vec.cipher_auth.key.len; k++) {
switch (vec.cipher_auth.key.len) {
case 16:
- val_key.val[k] ^= val.val[k];
+ val_key.val[k] ^= val[0].val[k];
break;
case 24:
if (k < 8)
val_key.val[k] ^= prev_out[k + 8];
else
- val_key.val[k] ^= val.val[k - 8];
+ val_key.val[k] ^= val[0].val[k - 8];
break;
case 32:
if (k < 16)
val_key.val[k] ^= prev_out[k];
else
- val_key.val[k] ^= val.val[k - 16];
+ val_key.val[k] ^= val[0].val[k - 16];
break;
default:
return -1;
@@ -1654,10 +1679,10 @@ fips_mct_aes_test(void)
}
if (info.op == FIPS_TEST_DEC_AUTH_VERIF)
- memcpy(vec.iv.val, val.val, AES_BLOCK_SIZE);
+ memcpy(vec.iv.val, val[0].val, AES_BLOCK_SIZE);
}
- free(val.val);
+ free(val[0].val);
return 0;
}
@@ -1963,6 +1988,9 @@ fips_test_one_test_group(void)
case FIPS_TEST_ALGO_AES_CMAC:
ret = parse_test_cmac_json_init();
break;
+ case FIPS_TEST_ALGO_AES:
+ ret = parse_test_aes_json_init();
+ break;
default:
return -EINVAL;
}
--
2.25.1
^ permalink raw reply [flat|nested] 122+ messages in thread
* [v9, 10/10] doc: add notes about acvp validation support
2022-05-30 15:52 ` [v9, 00/10] Add JSON vector set support to fips validation Gowrishankar Muthukrishnan
` (8 preceding siblings ...)
2022-05-30 15:52 ` [v9, 09/10] examples/fips_validation: add parsing for aes_cbc Gowrishankar Muthukrishnan
@ 2022-05-30 15:52 ` Gowrishankar Muthukrishnan
2022-05-31 10:17 ` [v9, 00/10] Add JSON vector set support to fips validation Poczatek, Jakub
2022-05-31 12:36 ` Zhang, Roy Fan
11 siblings, 0 replies; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-05-30 15:52 UTC (permalink / raw)
To: dev
Cc: Fan Zhang, Brian Dooley, lylavoie, Anoob Joseph,
Archana Muniganti, Jerin Jacob, Gowrishankar Muthukrishnan
Add notes on algorithms supported for ACVP validation.
Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
---
doc/guides/sample_app_ug/fips_validation.rst | 30 +++++++++++++++-----
1 file changed, 23 insertions(+), 7 deletions(-)
diff --git a/doc/guides/sample_app_ug/fips_validation.rst b/doc/guides/sample_app_ug/fips_validation.rst
index 39baea3346..43190bb696 100644
--- a/doc/guides/sample_app_ug/fips_validation.rst
+++ b/doc/guides/sample_app_ug/fips_validation.rst
@@ -12,19 +12,22 @@ developed by the United States federal government for use in computer systems by
non-military government agencies and government contractors.
This application is used to parse and perform symmetric cryptography
-computation to the NIST Cryptographic Algorithm Validation Program (CAVP) test
-vectors.
+computation to the NIST Cryptographic Algorithm Validation Program (CAVP) and
+Automated Crypto Validation Protocol (ACVP) test vectors.
For an algorithm implementation to be listed on a cryptographic module
validation certificate as an Approved security function, the algorithm
-implementation must meet all the requirements of FIPS 140-2 and must
-successfully complete the cryptographic algorithm validation process.
+implementation must meet all the requirements of FIPS 140-2 (in case of CAVP)
+and FIPS 140-3 (in case of ACVP) and must successfully complete the
+cryptographic algorithm validation process.
Limitations
-----------
-* Only NIST CAVP request files are parsed by this application.
-* The version of request file supported is ``CAVS 21.0``
+CAVP
+----
+
+* The version of request file supported is ``CAVS 21.0``.
* If the header comment in a ``.req`` file does not contain a Algo tag
i.e ``AES,TDES,GCM`` you need to manually add it into the header comment for
example::
@@ -32,7 +35,7 @@ Limitations
# VARIABLE KEY - KAT for CBC / # TDES VARIABLE KEY - KAT for CBC
* The application does not supply the test vectors. The user is expected to
- obtain the test vector files from `NIST
+ obtain the test vector files from `CAVP
<https://csrc.nist.gov/projects/cryptographic-algorithm-validation-
program/block-ciphers>`_ website. To obtain the ``.req`` files you need to
email a person from the NIST website and pay for the ``.req`` files.
@@ -48,6 +51,19 @@ Limitations
* TDES-CBC (1 Key, 2 Keys, 3 Keys) - MMT, Monte, Permop, Subkey, Varkey,
VarText
+ACVP
+----
+
+* The application does not supply the test vectors. The user is expected to
+ obtain the test vector files from `ACVP <https://pages.nist.gov/ACVP>`_
+ website.
+* Supported test vectors
+ * AES-CBC (128,192,256) - AFT, MCT
+ * AES-GCM (128,192,256) - AFT
+ * AES-CMAC (128,192,256) - AFT
+ * HMAC (SHA1, SHA224, SHA256, SHA384, SHA512)
+
+
Application Information
-----------------------
--
2.25.1
^ permalink raw reply [flat|nested] 122+ messages in thread
* RE: [v9, 00/10] Add JSON vector set support to fips validation
2022-05-30 15:52 ` [v9, 00/10] Add JSON vector set support to fips validation Gowrishankar Muthukrishnan
` (9 preceding siblings ...)
2022-05-30 15:52 ` [v9, 10/10] doc: add notes about acvp validation support Gowrishankar Muthukrishnan
@ 2022-05-31 10:17 ` Poczatek, Jakub
2022-05-31 12:36 ` Zhang, Roy Fan
11 siblings, 0 replies; 122+ messages in thread
From: Poczatek, Jakub @ 2022-05-31 10:17 UTC (permalink / raw)
To: Gowrishankar Muthukrishnan, dev
Cc: Zhang, Roy Fan, Dooley, Brian, lylavoie, Anoob Joseph,
Archana Muniganti, Jerin Jacob
Hey everyone,
FIPS-140-2 tested and passed.
Tested-by: Jakub Poczatek <Jakub.poczatek@intel.com>
-----Original Message-----
From: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
Sent: Monday 30 May 2022 16:53
To: dev@dpdk.org
Cc: Zhang, Roy Fan <roy.fan.zhang@intel.com>; Dooley, Brian <brian.dooley@intel.com>; lylavoie@iol.unh.edu; Anoob Joseph <anoobj@marvell.com>; Archana Muniganti <marchana@marvell.com>; Jerin Jacob <jerinj@marvell.com>; Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
Subject: [v9, 00/10] Add JSON vector set support to fips validation
Adds a very basic introduction to JSON vector sets in the fips validation example application. This patch set will only introduce the AES-GCM test using a JSON request file because the other algorithms need more information than what is given in the new JSON format.
v9:
* doc update.
v8:
* Fixed overlapped places for FIPS 140-2 test vectors.
v7:
* Fixed individual patches to build correctly.
v6:
* CI centos platform fix.
v5:
* AES_CBC support appended in series.
Brandon Lo (8):
examples/fips_validation: add jansson dependency
examples/fips_validation: add json info to header
examples/fips_validation: add json parsing
examples/fips_validation: allow json file as input
examples/fips_validation: add json to gcm test
examples/fips_validation: add json to hmac
examples/fips_validation: implement json cmac test
examples/fips_validation: add parsing for cmac
Gowrishankar Muthukrishnan (2):
examples/fips_validation: add parsing for aes_cbc
doc: add notes about acvp validation support
doc/guides/sample_app_ug/fips_validation.rst | 30 +-
examples/fips_validation/fips_validation.c | 117 ++++++-
examples/fips_validation/fips_validation.h | 64 +++-
.../fips_validation/fips_validation_aes.c | 223 +++++++++++++
.../fips_validation/fips_validation_cmac.c | 80 +++++
.../fips_validation/fips_validation_gcm.c | 152 ++++++++-
.../fips_validation/fips_validation_hmac.c | 93 ++++++
examples/fips_validation/main.c | 295 ++++++++++++++++--
examples/fips_validation/meson.build | 4 +
9 files changed, 1015 insertions(+), 43 deletions(-)
--
2.25.1
^ permalink raw reply [flat|nested] 122+ messages in thread
* RE: [v9, 00/10] Add JSON vector set support to fips validation
2022-05-30 15:52 ` [v9, 00/10] Add JSON vector set support to fips validation Gowrishankar Muthukrishnan
` (10 preceding siblings ...)
2022-05-31 10:17 ` [v9, 00/10] Add JSON vector set support to fips validation Poczatek, Jakub
@ 2022-05-31 12:36 ` Zhang, Roy Fan
2022-05-31 15:23 ` Akhil Goyal
11 siblings, 1 reply; 122+ messages in thread
From: Zhang, Roy Fan @ 2022-05-31 12:36 UTC (permalink / raw)
To: Gowrishankar Muthukrishnan, dev
Cc: Dooley, Brian, lylavoie, Anoob Joseph, Archana Muniganti, Jerin Jacob
> -----Original Message-----
> From: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
> Sent: Monday, May 30, 2022 4:53 PM
> To: dev@dpdk.org
> Cc: Zhang, Roy Fan <roy.fan.zhang@intel.com>; Dooley, Brian
> <brian.dooley@intel.com>; lylavoie@iol.unh.edu; Anoob Joseph
> <anoobj@marvell.com>; Archana Muniganti <marchana@marvell.com>;
> Jerin Jacob <jerinj@marvell.com>; Gowrishankar Muthukrishnan
> <gmuthukrishn@marvell.com>
> Subject: [v9, 00/10] Add JSON vector set support to fips validation
>
> Adds a very basic introduction to JSON vector sets in
> the fips validation example application. This patch set
> will only introduce the AES-GCM test using a JSON request
> file because the other algorithms need more information
> than what is given in the new JSON format.
>
Series-acked-by: Fan Zhang <roy.fan.zhang@intel.com>
^ permalink raw reply [flat|nested] 122+ messages in thread
* RE: [v9, 00/10] Add JSON vector set support to fips validation
2022-05-31 12:36 ` Zhang, Roy Fan
@ 2022-05-31 15:23 ` Akhil Goyal
2022-06-07 9:48 ` David Marchand
0 siblings, 1 reply; 122+ messages in thread
From: Akhil Goyal @ 2022-05-31 15:23 UTC (permalink / raw)
To: Zhang, Roy Fan, Gowrishankar Muthukrishnan, dev
Cc: Dooley, Brian, lylavoie, Anoob Joseph, Archana Muniganti,
Jerin Jacob Kollanukkaran
> > Subject: [v9, 00/10] Add JSON vector set support to fips validation
> >
> > Adds a very basic introduction to JSON vector sets in
> > the fips validation example application. This patch set
> > will only introduce the AES-GCM test using a JSON request
> > file because the other algorithms need more information
> > than what is given in the new JSON format.
> >
> Series-acked-by: Fan Zhang <roy.fan.zhang@intel.com>
Series Applied to dpdk-next-crypto
Thanks.
^ permalink raw reply [flat|nested] 122+ messages in thread
* Re: [v9, 00/10] Add JSON vector set support to fips validation
2022-05-31 15:23 ` Akhil Goyal
@ 2022-06-07 9:48 ` David Marchand
2022-06-13 11:58 ` David Marchand
0 siblings, 1 reply; 122+ messages in thread
From: David Marchand @ 2022-06-07 9:48 UTC (permalink / raw)
To: Akhil Goyal, Gowrishankar Muthukrishnan
Cc: Zhang, Roy Fan, dev, Dooley, Brian, lylavoie, Anoob Joseph,
Archana Muniganti, Jerin Jacob Kollanukkaran
On Tue, May 31, 2022 at 5:23 PM Akhil Goyal <gakhil@marvell.com> wrote:
>
> > > Subject: [v9, 00/10] Add JSON vector set support to fips validation
> > >
> > > Adds a very basic introduction to JSON vector sets in
> > > the fips validation example application. This patch set
> > > will only introduce the AES-GCM test using a JSON request
> > > file because the other algorithms need more information
> > > than what is given in the new JSON format.
> > >
> > Series-acked-by: Fan Zhang <roy.fan.zhang@intel.com>
>
> Series Applied to dpdk-next-crypto
This series breaks compiling the fips example out of DPDK.
## Building fips_validation
/usr/bin/ld: /tmp/ccQjeHBg.o: in function `fips_test_init':
fips_validation.c:(.text+0x7ab): undefined reference to `json_loadf'
/usr/bin/ld: /tmp/ccQjeHBg.o: in function `fips_test_parse_one_json_vector_set':
fips_validation.c:(.text+0xc2e): undefined reference to `json_object_get'
/usr/bin/ld: fips_validation.c:(.text+0xc36): undefined reference to
`json_string_value'
/usr/bin/ld: /tmp/ccQjeHBg.o: in function `fips_test_parse_one_json_group':
fips_validation.c:(.text+0xd00): undefined reference to `json_object_get'
/usr/bin/ld: fips_validation.c:(.text+0xd14): undefined reference to
`json_integer_value'
etc...
I'll send a fix.
--
David Marchand
^ permalink raw reply [flat|nested] 122+ messages in thread
* Re: [v9, 00/10] Add JSON vector set support to fips validation
2022-06-07 9:48 ` David Marchand
@ 2022-06-13 11:58 ` David Marchand
2022-06-21 7:28 ` [EXT] " Gowrishankar Muthukrishnan
0 siblings, 1 reply; 122+ messages in thread
From: David Marchand @ 2022-06-13 11:58 UTC (permalink / raw)
To: Gowrishankar Muthukrishnan, Zhang, Roy Fan, Akhil Goyal
Cc: dev, Dooley, Brian, lylavoie, Anoob Joseph, Archana Muniganti,
Jerin Jacob Kollanukkaran
On Tue, Jun 7, 2022 at 11:48 AM David Marchand
<david.marchand@redhat.com> wrote:
> On Tue, May 31, 2022 at 5:23 PM Akhil Goyal <gakhil@marvell.com> wrote:
> >
> > > > Subject: [v9, 00/10] Add JSON vector set support to fips validation
> > > >
> > > > Adds a very basic introduction to JSON vector sets in
> > > > the fips validation example application. This patch set
> > > > will only introduce the AES-GCM test using a JSON request
> > > > file because the other algorithms need more information
> > > > than what is given in the new JSON format.
> > > >
> > > Series-acked-by: Fan Zhang <roy.fan.zhang@intel.com>
> >
> > Series Applied to dpdk-next-crypto
>
> This series breaks compiling the fips example out of DPDK.
Gowri, Fan, Akhil,
I disabled compilation checks for this example on my side.
Can you look into this?
Thanks.
--
David Marchand
^ permalink raw reply [flat|nested] 122+ messages in thread
* RE: [EXT] Re: [v9, 00/10] Add JSON vector set support to fips validation
2022-06-13 11:58 ` David Marchand
@ 2022-06-21 7:28 ` Gowrishankar Muthukrishnan
2022-06-21 7:36 ` David Marchand
0 siblings, 1 reply; 122+ messages in thread
From: Gowrishankar Muthukrishnan @ 2022-06-21 7:28 UTC (permalink / raw)
To: David Marchand, Zhang, Roy Fan, Akhil Goyal
Cc: dev, Dooley, Brian, lylavoie, Anoob Joseph, Archana Muniganti,
Jerin Jacob Kollanukkaran
Hi David,
Do you mean this patch ? - https://patches.dpdk.org/project/dpdk/patch/20220607100203.1611166-1-david.marchand@redhat.com/
I have acked this. @Akhil Goyal could this be merged ?.
Thanks,
Gowrishankar
> -----Original Message-----
> From: David Marchand <david.marchand@redhat.com>
> Sent: Monday, June 13, 2022 5:29 PM
> To: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>; Zhang, Roy
> Fan <roy.fan.zhang@intel.com>; Akhil Goyal <gakhil@marvell.com>
> Cc: dev@dpdk.org; Dooley, Brian <brian.dooley@intel.com>;
> lylavoie@iol.unh.edu; Anoob Joseph <anoobj@marvell.com>; Archana
> Muniganti <marchana@marvell.com>; Jerin Jacob Kollanukkaran
> <jerinj@marvell.com>
> Subject: [EXT] Re: [v9, 00/10] Add JSON vector set support to fips validation
>
> External Email
>
> ----------------------------------------------------------------------
> On Tue, Jun 7, 2022 at 11:48 AM David Marchand
> <david.marchand@redhat.com> wrote:
> > On Tue, May 31, 2022 at 5:23 PM Akhil Goyal <gakhil@marvell.com> wrote:
> > >
> > > > > Subject: [v9, 00/10] Add JSON vector set support to fips
> > > > > validation
> > > > >
> > > > > Adds a very basic introduction to JSON vector sets in the fips
> > > > > validation example application. This patch set will only
> > > > > introduce the AES-GCM test using a JSON request file because the
> > > > > other algorithms need more information than what is given in the
> > > > > new JSON format.
> > > > >
> > > > Series-acked-by: Fan Zhang <roy.fan.zhang@intel.com>
> > >
> > > Series Applied to dpdk-next-crypto
> >
> > This series breaks compiling the fips example out of DPDK.
>
> Gowri, Fan, Akhil,
>
> I disabled compilation checks for this example on my side.
> Can you look into this?
>
> Thanks.
>
> --
> David Marchand
^ permalink raw reply [flat|nested] 122+ messages in thread
* Re: [EXT] Re: [v9, 00/10] Add JSON vector set support to fips validation
2022-06-21 7:28 ` [EXT] " Gowrishankar Muthukrishnan
@ 2022-06-21 7:36 ` David Marchand
2022-06-21 7:40 ` Akhil Goyal
0 siblings, 1 reply; 122+ messages in thread
From: David Marchand @ 2022-06-21 7:36 UTC (permalink / raw)
To: Gowrishankar Muthukrishnan
Cc: Zhang, Roy Fan, Akhil Goyal, dev, Dooley, Brian, lylavoie,
Anoob Joseph, Archana Muniganti, Jerin Jacob Kollanukkaran
Hello,
On Tue, Jun 21, 2022 at 9:29 AM Gowrishankar Muthukrishnan
<gmuthukrishn@marvell.com> wrote:
> Do you mean this patch ? - https://patches.dpdk.org/project/dpdk/patch/20220607100203.1611166-1-david.marchand@redhat.com/
> I have acked this. @Akhil Goyal could this be merged ?.
Indeed, I had forgotten about it.
Akhil, please take it for rc2.
--
David Marchand
^ permalink raw reply [flat|nested] 122+ messages in thread
* RE: [EXT] Re: [v9, 00/10] Add JSON vector set support to fips validation
2022-06-21 7:36 ` David Marchand
@ 2022-06-21 7:40 ` Akhil Goyal
2022-06-21 7:41 ` David Marchand
0 siblings, 1 reply; 122+ messages in thread
From: Akhil Goyal @ 2022-06-21 7:40 UTC (permalink / raw)
To: David Marchand, Gowrishankar Muthukrishnan
Cc: Zhang, Roy Fan, dev, Dooley, Brian, lylavoie, Anoob Joseph,
Archana Muniganti, Jerin Jacob Kollanukkaran
> Hello,
>
> On Tue, Jun 21, 2022 at 9:29 AM Gowrishankar Muthukrishnan
> <gmuthukrishn@marvell.com> wrote:
> > Do you mean this patch ? - https://patches.dpdk.org/project/dpdk/patch/20220607100203.1611166-1-david.marchand@redhat.com/
> > I have acked this. @Akhil Goyal could this be merged ?.
>
> Indeed, I had forgotten about it.
> Akhil, please take it for rc2.
Sure, this patch was not delegated to me, so I did not notice this.
I will take it for RC2
^ permalink raw reply [flat|nested] 122+ messages in thread
* Re: [EXT] Re: [v9, 00/10] Add JSON vector set support to fips validation
2022-06-21 7:40 ` Akhil Goyal
@ 2022-06-21 7:41 ` David Marchand
0 siblings, 0 replies; 122+ messages in thread
From: David Marchand @ 2022-06-21 7:41 UTC (permalink / raw)
To: Akhil Goyal
Cc: Gowrishankar Muthukrishnan, Zhang, Roy Fan, dev, Dooley, Brian,
lylavoie, Anoob Joseph, Archana Muniganti,
Jerin Jacob Kollanukkaran
On Tue, Jun 21, 2022 at 9:40 AM Akhil Goyal <gakhil@marvell.com> wrote:
> > > Do you mean this patch ? - https://patches.dpdk.org/project/dpdk/patch/20220607100203.1611166-1-david.marchand@redhat.com/
> > > I have acked this. @Akhil Goyal could this be merged ?.
> >
> > Indeed, I had forgotten about it.
> > Akhil, please take it for rc2.
> Sure, this patch was not delegated to me, so I did not notice this.
> I will take it for RC2
Thanks Akhil.
--
David Marchand
^ permalink raw reply [flat|nested] 122+ messages in thread