[PATCH v1] examples/fips_validation: add parsing for xts

[PATCH v1] examples/fips_validation: add parsing for xts

[Gowrishankar Muthukrishnan]

Added function to parse algorithm for AES XTS test.

Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
---
 examples/fips_validation/fips_validation.c    |   4 +-
 examples/fips_validation/fips_validation.h    |  17 ++-
 .../fips_validation/fips_validation_xts.c     | 126 ++++++++++++++++++
 examples/fips_validation/main.c               |   5 +
 4 files changed, 150 insertions(+), 2 deletions(-)

diff --git a/examples/fips_validation/fips_validation.c b/examples/fips_validation/fips_validation.c
index 324abccb14..f181363ef7 100644
--- a/examples/fips_validation/fips_validation.c
+++ b/examples/fips_validation/fips_validation.c
@@ -463,7 +463,9 @@ fips_test_parse_one_json_vector_set(void)
 	else if (strstr(algo_str, "CMAC"))
 		info.algo = FIPS_TEST_ALGO_AES_CMAC;
 	else if (strstr(algo_str, "AES-CBC"))
-		info.algo = FIPS_TEST_ALGO_AES;
+		info.algo = FIPS_TEST_ALGO_AES_CBC;
+	else if (strstr(algo_str, "AES-XTS"))
+		info.algo = FIPS_TEST_ALGO_AES_XTS;
 	else
 		return -EINVAL;
 
diff --git a/examples/fips_validation/fips_validation.h b/examples/fips_validation/fips_validation.h
index 69d738b718..8ae849c46f 100644
--- a/examples/fips_validation/fips_validation.h
+++ b/examples/fips_validation/fips_validation.h
@@ -34,13 +34,14 @@
 
 enum fips_test_algorithms {
 		FIPS_TEST_ALGO_AES = 0,
+		FIPS_TEST_ALGO_AES_CBC,
 		FIPS_TEST_ALGO_AES_GCM,
 		FIPS_TEST_ALGO_AES_CMAC,
 		FIPS_TEST_ALGO_AES_CCM,
+		FIPS_TEST_ALGO_AES_XTS,
 		FIPS_TEST_ALGO_HMAC,
 		FIPS_TEST_ALGO_TDES,
 		FIPS_TEST_ALGO_SHA,
-		FIPS_TEST_ALGO_AES_XTS,
 		FIPS_TEST_ALGO_MAX
 };
 
@@ -170,7 +171,17 @@ struct gcm_interim_data {
 	uint8_t gen_iv;
 };
 
+
 #ifdef USE_JANSSON
+enum xts_tweak_modes {
+  XTS_TWEAK_MODE_HEX = 0,
+  XTS_TWEAK_MODE_NUMBER
+};
+
+struct xts_interim_data {
+	enum xts_tweak_modes tweak_mode;
+};
+
 struct fips_test_json_info {
 	/* Information used for reading from json */
 	json_t *json_root;
@@ -207,6 +218,7 @@ struct fips_test_interim_info {
 		struct ccm_interim_data ccm_data;
 		struct sha_interim_data sha_data;
 		struct gcm_interim_data gcm_data;
+		struct xts_interim_data xts_data;
 	} interim_info;
 
 	enum fips_test_op op;
@@ -266,6 +278,9 @@ parse_test_cmac_json_init(void);
 
 int
 parse_test_aes_json_init(void);
+
+int
+parse_test_xts_json_init(void);
 #endif /* USE_JANSSON */
 
 int
diff --git a/examples/fips_validation/fips_validation_xts.c b/examples/fips_validation/fips_validation_xts.c
index 5bb1966f6c..2de852c1fc 100644
--- a/examples/fips_validation/fips_validation_xts.c
+++ b/examples/fips_validation/fips_validation_xts.c
@@ -24,6 +24,22 @@
 #define OP_ENC_STR	"ENCRYPT"
 #define OP_DEC_STR	"DECRYPT"
 
+#define ALGO_JSON_STR		"algorithm"
+#define TESTTYPE_JSON_STR	"testType"
+#define DIR_JSON_STR		"direction"
+#define KEYLEN_JSON_STR		"keyLen"
+#define TWEAKMODE_JSON_STR	"tweakMode"
+
+#define KEY_JSON_STR		"key"
+#define DATAUNITLEN_JSON_STR	"dataUnitLen"
+#define PAYLOADLEN_JSON_STR	"payloadLen"
+#define TWEAKVALUE_JSON_STR	"tweakValue"
+#define PT_JSON_STR	"pt"
+#define CT_JSON_STR	"ct"
+
+#define OP_ENC_JSON_STR	"encrypt"
+#define OP_DEC_JSON_STR	"decrypt"
+
 static int
 parse_interim_xts_enc_dec(const char *key,
 		__rte_unused char *text,
@@ -62,6 +78,116 @@ struct fips_test_callback xts_writeback_callbacks[] = {
 		{NULL, NULL, NULL} /**< end pointer */
 };
 
+#ifdef RTE_HAS_JANSSON
+static int
+parser_xts_read_keylen(const char *key, char *src, struct fips_val *val)
+{
+	int ret;
+
+	ret = parser_read_uint32_bit_val(key, src, val);
+	if (ret < 0)
+		return ret;
+
+	val->len *= 2;
+	return 0;
+}
+
+struct fips_test_callback xts_dec_json_vectors[] = {
+		{KEY_JSON_STR, parse_uint8_known_len_hex_str, &vec.cipher_auth.key},
+		{TWEAKVALUE_JSON_STR, parse_uint8_hex_str, &vec.iv},
+		{CT_JSON_STR, parse_uint8_hex_str, &vec.ct},
+		{NULL, NULL, NULL} /**< end pointer */
+};
+
+struct fips_test_callback xts_interim_json_vectors[] = {
+		{KEYLEN_JSON_STR, parser_xts_read_keylen, &vec.cipher_auth.key},
+		{NULL, NULL, NULL} /**< end pointer */
+};
+
+struct fips_test_callback xts_enc_json_vectors[] = {
+		{KEY_JSON_STR, parse_uint8_known_len_hex_str, &vec.cipher_auth.key},
+		{TWEAKVALUE_JSON_STR, parse_uint8_hex_str, &vec.iv},
+		{PT_JSON_STR, parse_uint8_hex_str, &vec.pt},
+		{NULL, NULL, NULL} /**< end pointer */
+};
+
+static int
+parse_test_xts_json_writeback(struct fips_val *val)
+{
+	struct fips_val tmp_val;
+	json_t *tcId;
+
+	tcId = json_object_get(json_info.json_test_case, "tcId");
+
+	json_info.json_write_case = json_object();
+	json_object_set(json_info.json_write_case, "tcId", tcId);
+
+	if (info.op == FIPS_TEST_ENC_AUTH_GEN) {
+		json_t *ct;
+
+		tmp_val.val = val->val;
+		tmp_val.len = vec.pt.len;
+
+		writeback_hex_str("", info.one_line_text, &tmp_val);
+		ct = json_string(info.one_line_text);
+		json_object_set_new(json_info.json_write_case, CT_JSON_STR, ct);
+
+		tmp_val.val = val->val + vec.pt.len;
+		tmp_val.len = val->len - vec.pt.len;
+
+		writeback_hex_str("", info.one_line_text, &tmp_val);
+	} else {
+		if (vec.status == RTE_CRYPTO_OP_STATUS_SUCCESS) {
+			tmp_val.val = val->val;
+			tmp_val.len = vec.ct.len;
+
+			writeback_hex_str("", info.one_line_text, &tmp_val);
+			json_object_set_new(json_info.json_write_case, PT_JSON_STR,
+								json_string(info.one_line_text));
+		} else {
+			json_object_set_new(json_info.json_write_case, "testPassed", json_false());
+		}
+	}
+
+	return 0;
+}
+
+int
+parse_test_xts_json_init(void)
+{
+	if (json_info.json_test_group) {
+		json_t *direction_obj, *tweakmode_obj;
+		const char *direction_str, *tweakmode_str;
+
+		direction_obj = json_object_get(json_info.json_test_group, DIR_JSON_STR);
+		direction_str = json_string_value(direction_obj);
+
+		if (strcmp(direction_str, OP_ENC_JSON_STR) == 0) {
+			info.op = FIPS_TEST_ENC_AUTH_GEN;
+			info.callbacks = xts_enc_json_vectors;
+
+		} else if (strcmp(direction_str, OP_DEC_JSON_STR) == 0) {
+			info.op = FIPS_TEST_DEC_AUTH_VERIF;
+			info.callbacks = xts_dec_json_vectors;
+		} else {
+			return -EINVAL;
+		}
+
+		tweakmode_obj = json_object_get(json_info.json_test_group, TWEAKMODE_JSON_STR);
+		tweakmode_str = json_string_value(tweakmode_obj);
+		if (strcmp(tweakmode_str, "hex") == 0)
+			info.interim_info.xts_data.tweak_mode = XTS_TWEAK_MODE_HEX;
+		else
+			info.interim_info.xts_data.tweak_mode = XTS_TWEAK_MODE_NUMBER;
+
+		info.interim_callbacks = xts_interim_json_vectors;
+	}
+
+	info.parse_writeback = parse_test_xts_json_writeback;
+	return 0;
+}
+#endif /* RTE_HAS_JANSSON */
+
 static int
 parse_test_xts_writeback(struct fips_val *val)
 {
diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c
index ceabea788e..7ccb5f52f4 100644
--- a/examples/fips_validation/main.c
+++ b/examples/fips_validation/main.c
@@ -1781,6 +1781,7 @@ static int
 init_test_ops(void)
 {
 	switch (info.algo) {
+	case FIPS_TEST_ALGO_AES_CBC:
 	case FIPS_TEST_ALGO_AES:
 		test_ops.prepare_op = prepare_cipher_op;
 		test_ops.prepare_xform  = prepare_aes_xform;
@@ -1988,6 +1989,10 @@ fips_test_one_test_group(void)
 	case FIPS_TEST_ALGO_AES_CMAC:
 		ret = parse_test_cmac_json_init();
 		break;
+	case FIPS_TEST_ALGO_AES_XTS:
+		ret = parse_test_xts_json_init();
+		break;
+	case FIPS_TEST_ALGO_AES_CBC:
 	case FIPS_TEST_ALGO_AES:
 		ret = parse_test_aes_json_init();
 		break;
-- 
2.25.1

Re: [PATCH v1] examples/fips_validation: add parsing for xts

[David Marchand]

On Tue, Jun 28, 2022 at 9:59 AM Gowrishankar Muthukrishnan
<gmuthukrishn@marvell.com> wrote:
>
> Added function to parse algorithm for AES XTS test.
>
> Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
> ---
>  examples/fips_validation/fips_validation.c    |   4 +-
>  examples/fips_validation/fips_validation.h    |  17 ++-
>  .../fips_validation/fips_validation_xts.c     | 126 ++++++++++++++++++
>  examples/fips_validation/main.c               |   5 +
>  4 files changed, 150 insertions(+), 2 deletions(-)
>
> diff --git a/examples/fips_validation/fips_validation.c b/examples/fips_validation/fips_validation.c
> index 324abccb14..f181363ef7 100644
> --- a/examples/fips_validation/fips_validation.c
> +++ b/examples/fips_validation/fips_validation.c
> @@ -463,7 +463,9 @@ fips_test_parse_one_json_vector_set(void)
>         else if (strstr(algo_str, "CMAC"))
>                 info.algo = FIPS_TEST_ALGO_AES_CMAC;
>         else if (strstr(algo_str, "AES-CBC"))
> -               info.algo = FIPS_TEST_ALGO_AES;
> +               info.algo = FIPS_TEST_ALGO_AES_CBC;

Is this part related to adding xts support?
It looks more like a fix.


> +       else if (strstr(algo_str, "AES-XTS"))
> +               info.algo = FIPS_TEST_ALGO_AES_XTS;
>         else
>                 return -EINVAL;
>
> diff --git a/examples/fips_validation/fips_validation.h b/examples/fips_validation/fips_validation.h
> index 69d738b718..8ae849c46f 100644
> --- a/examples/fips_validation/fips_validation.h
> +++ b/examples/fips_validation/fips_validation.h
> @@ -34,13 +34,14 @@
>
>  enum fips_test_algorithms {
>                 FIPS_TEST_ALGO_AES = 0,
> +               FIPS_TEST_ALGO_AES_CBC,
>                 FIPS_TEST_ALGO_AES_GCM,
>                 FIPS_TEST_ALGO_AES_CMAC,
>                 FIPS_TEST_ALGO_AES_CCM,
> +               FIPS_TEST_ALGO_AES_XTS,
>                 FIPS_TEST_ALGO_HMAC,
>                 FIPS_TEST_ALGO_TDES,
>                 FIPS_TEST_ALGO_SHA,
> -               FIPS_TEST_ALGO_AES_XTS,
>                 FIPS_TEST_ALGO_MAX
>  };
>
> @@ -170,7 +171,17 @@ struct gcm_interim_data {
>         uint8_t gen_iv;
>  };
>
> +

No need for another blank line.

>  #ifdef USE_JANSSON
> +enum xts_tweak_modes {
> +  XTS_TWEAK_MODE_HEX = 0,
> +  XTS_TWEAK_MODE_NUMBER
> +};
> +
> +struct xts_interim_data {
> +       enum xts_tweak_modes tweak_mode;
> +};
> +
>  struct fips_test_json_info {
>         /* Information used for reading from json */
>         json_t *json_root;
> @@ -207,6 +218,7 @@ struct fips_test_interim_info {
>                 struct ccm_interim_data ccm_data;
>                 struct sha_interim_data sha_data;
>                 struct gcm_interim_data gcm_data;
> +               struct xts_interim_data xts_data;
>         } interim_info;
>
>         enum fips_test_op op;
> @@ -266,6 +278,9 @@ parse_test_cmac_json_init(void);
>
>  int
>  parse_test_aes_json_init(void);
> +
> +int
> +parse_test_xts_json_init(void);
>  #endif /* USE_JANSSON */
>
>  int
> diff --git a/examples/fips_validation/fips_validation_xts.c b/examples/fips_validation/fips_validation_xts.c
> index 5bb1966f6c..2de852c1fc 100644
> --- a/examples/fips_validation/fips_validation_xts.c
> +++ b/examples/fips_validation/fips_validation_xts.c
> @@ -24,6 +24,22 @@
>  #define OP_ENC_STR     "ENCRYPT"
>  #define OP_DEC_STR     "DECRYPT"
>
> +#define ALGO_JSON_STR          "algorithm"
> +#define TESTTYPE_JSON_STR      "testType"
> +#define DIR_JSON_STR           "direction"
> +#define KEYLEN_JSON_STR                "keyLen"
> +#define TWEAKMODE_JSON_STR     "tweakMode"
> +
> +#define KEY_JSON_STR           "key"
> +#define DATAUNITLEN_JSON_STR   "dataUnitLen"
> +#define PAYLOADLEN_JSON_STR    "payloadLen"
> +#define TWEAKVALUE_JSON_STR    "tweakValue"
> +#define PT_JSON_STR    "pt"
> +#define CT_JSON_STR    "ct"
> +
> +#define OP_ENC_JSON_STR        "encrypt"
> +#define OP_DEC_JSON_STR        "decrypt"
> +
>  static int
>  parse_interim_xts_enc_dec(const char *key,
>                 __rte_unused char *text,
> @@ -62,6 +78,116 @@ struct fips_test_callback xts_writeback_callbacks[] = {
>                 {NULL, NULL, NULL} /**< end pointer */
>  };
>
> +#ifdef RTE_HAS_JANSSON

Code in examples can't rely on internal RTE_HAS_JANSSON.


-- 
David Marchand

[PATCH v2] examples/fips_validation: add parsing for xts

[Gowrishankar Muthukrishnan]

Added function to parse algorithm for AES XTS test.

Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
---
v2:
 - build failure fixed if no jansson lib available.
---
 examples/fips_validation/fips_validation.c    |   4 +-
 examples/fips_validation/fips_validation.h    |  16 +-
 .../fips_validation/fips_validation_xts.c     | 141 ++++++++++++++++++
 examples/fips_validation/main.c               |   5 +
 4 files changed, 164 insertions(+), 2 deletions(-)

diff --git a/examples/fips_validation/fips_validation.c b/examples/fips_validation/fips_validation.c
index 324abccb14..f181363ef7 100644
--- a/examples/fips_validation/fips_validation.c
+++ b/examples/fips_validation/fips_validation.c
@@ -463,7 +463,9 @@ fips_test_parse_one_json_vector_set(void)
 	else if (strstr(algo_str, "CMAC"))
 		info.algo = FIPS_TEST_ALGO_AES_CMAC;
 	else if (strstr(algo_str, "AES-CBC"))
-		info.algo = FIPS_TEST_ALGO_AES;
+		info.algo = FIPS_TEST_ALGO_AES_CBC;
+	else if (strstr(algo_str, "AES-XTS"))
+		info.algo = FIPS_TEST_ALGO_AES_XTS;
 	else
 		return -EINVAL;
 
diff --git a/examples/fips_validation/fips_validation.h b/examples/fips_validation/fips_validation.h
index 69d738b718..d716b198c6 100644
--- a/examples/fips_validation/fips_validation.h
+++ b/examples/fips_validation/fips_validation.h
@@ -34,13 +34,14 @@
 
 enum fips_test_algorithms {
 		FIPS_TEST_ALGO_AES = 0,
+		FIPS_TEST_ALGO_AES_CBC,
 		FIPS_TEST_ALGO_AES_GCM,
 		FIPS_TEST_ALGO_AES_CMAC,
 		FIPS_TEST_ALGO_AES_CCM,
+		FIPS_TEST_ALGO_AES_XTS,
 		FIPS_TEST_ALGO_HMAC,
 		FIPS_TEST_ALGO_TDES,
 		FIPS_TEST_ALGO_SHA,
-		FIPS_TEST_ALGO_AES_XTS,
 		FIPS_TEST_ALGO_MAX
 };
 
@@ -170,6 +171,15 @@ struct gcm_interim_data {
 	uint8_t gen_iv;
 };
 
+enum xts_tweak_modes {
+	XTS_TWEAK_MODE_HEX = 0,
+	XTS_TWEAK_MODE_NUMBER
+};
+
+struct xts_interim_data {
+	enum xts_tweak_modes tweak_mode;
+};
+
 #ifdef USE_JANSSON
 struct fips_test_json_info {
 	/* Information used for reading from json */
@@ -207,6 +217,7 @@ struct fips_test_interim_info {
 		struct ccm_interim_data ccm_data;
 		struct sha_interim_data sha_data;
 		struct gcm_interim_data gcm_data;
+		struct xts_interim_data xts_data;
 	} interim_info;
 
 	enum fips_test_op op;
@@ -266,6 +277,9 @@ parse_test_cmac_json_init(void);
 
 int
 parse_test_aes_json_init(void);
+
+int
+parse_test_xts_json_init(void);
 #endif /* USE_JANSSON */
 
 int
diff --git a/examples/fips_validation/fips_validation_xts.c b/examples/fips_validation/fips_validation_xts.c
index 5bb1966f6c..531e3c688e 100644
--- a/examples/fips_validation/fips_validation_xts.c
+++ b/examples/fips_validation/fips_validation_xts.c
@@ -24,6 +24,22 @@
 #define OP_ENC_STR	"ENCRYPT"
 #define OP_DEC_STR	"DECRYPT"
 
+#define ALGO_JSON_STR		"algorithm"
+#define TESTTYPE_JSON_STR	"testType"
+#define DIR_JSON_STR		"direction"
+#define KEYLEN_JSON_STR		"keyLen"
+#define TWEAKMODE_JSON_STR	"tweakMode"
+
+#define KEY_JSON_STR		"key"
+#define DATAUNITLEN_JSON_STR	"dataUnitLen"
+#define PAYLOADLEN_JSON_STR	"payloadLen"
+#define TWEAKVALUE_JSON_STR	"tweakValue"
+#define PT_JSON_STR	"pt"
+#define CT_JSON_STR	"ct"
+
+#define OP_ENC_JSON_STR	"encrypt"
+#define OP_DEC_JSON_STR	"decrypt"
+
 static int
 parse_interim_xts_enc_dec(const char *key,
 		__rte_unused char *text,
@@ -62,6 +78,131 @@ struct fips_test_callback xts_writeback_callbacks[] = {
 		{NULL, NULL, NULL} /**< end pointer */
 };
 
+#ifdef USE_JANSSON
+static int
+parser_xts_read_keylen(const char *key, char *src, struct fips_val *val)
+{
+	int ret;
+
+	ret = parser_read_uint32_bit_val(key, src, val);
+	if (ret < 0)
+		return ret;
+
+	val->len *= 2;
+	return 0;
+}
+
+static int
+parser_xts_read_tweakval(const char *key, char *src, struct fips_val *val)
+{
+	int ret;
+
+	if (info.interim_info.xts_data.tweak_mode == XTS_TWEAK_MODE_HEX)
+		ret = parse_uint8_hex_str(key, src, val);
+	else if (info.interim_info.xts_data.tweak_mode == XTS_TWEAK_MODE_NUMBER)
+		ret = parser_read_uint32_bit_val(key, src, val);
+	else
+		ret = -1;
+
+	return ret;
+}
+
+struct fips_test_callback xts_dec_json_vectors[] = {
+		{KEY_JSON_STR, parse_uint8_known_len_hex_str, &vec.cipher_auth.key},
+		{TWEAKVALUE_JSON_STR, parser_xts_read_tweakval, &vec.iv},
+		{CT_JSON_STR, parse_uint8_hex_str, &vec.ct},
+		{NULL, NULL, NULL} /**< end pointer */
+};
+
+struct fips_test_callback xts_interim_json_vectors[] = {
+		{KEYLEN_JSON_STR, parser_xts_read_keylen, &vec.cipher_auth.key},
+		{NULL, NULL, NULL} /**< end pointer */
+};
+
+struct fips_test_callback xts_enc_json_vectors[] = {
+		{KEY_JSON_STR, parse_uint8_known_len_hex_str, &vec.cipher_auth.key},
+		{TWEAKVALUE_JSON_STR, parser_xts_read_tweakval, &vec.iv},
+		{PT_JSON_STR, parse_uint8_hex_str, &vec.pt},
+		{NULL, NULL, NULL} /**< end pointer */
+};
+
+static int
+parse_test_xts_json_writeback(struct fips_val *val)
+{
+	struct fips_val tmp_val;
+	json_t *tcId;
+
+	tcId = json_object_get(json_info.json_test_case, "tcId");
+
+	json_info.json_write_case = json_object();
+	json_object_set(json_info.json_write_case, "tcId", tcId);
+
+	if (info.op == FIPS_TEST_ENC_AUTH_GEN) {
+		json_t *ct;
+
+		tmp_val.val = val->val;
+		tmp_val.len = vec.pt.len;
+
+		writeback_hex_str("", info.one_line_text, &tmp_val);
+		ct = json_string(info.one_line_text);
+		json_object_set_new(json_info.json_write_case, CT_JSON_STR, ct);
+
+		tmp_val.val = val->val + vec.pt.len;
+		tmp_val.len = val->len - vec.pt.len;
+
+		writeback_hex_str("", info.one_line_text, &tmp_val);
+	} else {
+		if (vec.status == RTE_CRYPTO_OP_STATUS_SUCCESS) {
+			tmp_val.val = val->val;
+			tmp_val.len = vec.ct.len;
+
+			writeback_hex_str("", info.one_line_text, &tmp_val);
+			json_object_set_new(json_info.json_write_case, PT_JSON_STR,
+								json_string(info.one_line_text));
+		} else {
+			json_object_set_new(json_info.json_write_case, "testPassed", json_false());
+		}
+	}
+
+	return 0;
+}
+
+int
+parse_test_xts_json_init(void)
+{
+	if (json_info.json_test_group) {
+		json_t *direction_obj, *tweakmode_obj;
+		const char *direction_str, *tweakmode_str;
+
+		direction_obj = json_object_get(json_info.json_test_group, DIR_JSON_STR);
+		direction_str = json_string_value(direction_obj);
+
+		if (strcmp(direction_str, OP_ENC_JSON_STR) == 0) {
+			info.op = FIPS_TEST_ENC_AUTH_GEN;
+			info.callbacks = xts_enc_json_vectors;
+
+		} else if (strcmp(direction_str, OP_DEC_JSON_STR) == 0) {
+			info.op = FIPS_TEST_DEC_AUTH_VERIF;
+			info.callbacks = xts_dec_json_vectors;
+		} else {
+			return -EINVAL;
+		}
+
+		tweakmode_obj = json_object_get(json_info.json_test_group, TWEAKMODE_JSON_STR);
+		tweakmode_str = json_string_value(tweakmode_obj);
+		if (strcmp(tweakmode_str, "hex") == 0)
+			info.interim_info.xts_data.tweak_mode = XTS_TWEAK_MODE_HEX;
+		else
+			info.interim_info.xts_data.tweak_mode = XTS_TWEAK_MODE_NUMBER;
+
+		info.interim_callbacks = xts_interim_json_vectors;
+	}
+
+	info.parse_writeback = parse_test_xts_json_writeback;
+	return 0;
+}
+#endif /* USE_JANSSON */
+
 static int
 parse_test_xts_writeback(struct fips_val *val)
 {
diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c
index ceabea788e..7ccb5f52f4 100644
--- a/examples/fips_validation/main.c
+++ b/examples/fips_validation/main.c
@@ -1781,6 +1781,7 @@ static int
 init_test_ops(void)
 {
 	switch (info.algo) {
+	case FIPS_TEST_ALGO_AES_CBC:
 	case FIPS_TEST_ALGO_AES:
 		test_ops.prepare_op = prepare_cipher_op;
 		test_ops.prepare_xform  = prepare_aes_xform;
@@ -1988,6 +1989,10 @@ fips_test_one_test_group(void)
 	case FIPS_TEST_ALGO_AES_CMAC:
 		ret = parse_test_cmac_json_init();
 		break;
+	case FIPS_TEST_ALGO_AES_XTS:
+		ret = parse_test_xts_json_init();
+		break;
+	case FIPS_TEST_ALGO_AES_CBC:
 	case FIPS_TEST_ALGO_AES:
 		ret = parse_test_aes_json_init();
 		break;
-- 
2.25.1

RE: [PATCH v2] examples/fips_validation: add parsing for xts

[Zhang, Roy Fan]

Hi,

> -----Original Message-----
> From: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
> Sent: Tuesday, June 28, 2022 2:12 PM
> To: dev@dpdk.org
> Cc: Zhang, Roy Fan <roy.fan.zhang@intel.com>; Dooley, Brian
> <brian.dooley@intel.com>; Anoob Joseph <anoobj@marvell.com>; Archana
> Muniganti <marchana@marvell.com>; Jerin Jacob <jerinj@marvell.com>;
> Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
> Subject: [PATCH v2] examples/fips_validation: add parsing for xts
> 
> Added function to parse algorithm for AES XTS test.
> 
> Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
> ---
> v2:
>  - build failure fixed if no jansson lib available.
> ---
>  examples/fips_validation/fips_validation.c    |   4 +-
>  examples/fips_validation/fips_validation.h    |  16 +-
>  .../fips_validation/fips_validation_xts.c     | 141 ++++++++++++++++++
>  examples/fips_validation/main.c               |   5 +
>  4 files changed, 164 insertions(+), 2 deletions(-)
> 
> diff --git a/examples/fips_validation/fips_validation.c
> b/examples/fips_validation/fips_validation.c
> index 324abccb14..f181363ef7 100644
> --- a/examples/fips_validation/fips_validation.c
> +++ b/examples/fips_validation/fips_validation.c
> @@ -463,7 +463,9 @@ fips_test_parse_one_json_vector_set(void)
>  	else if (strstr(algo_str, "CMAC"))
>  		info.algo = FIPS_TEST_ALGO_AES_CMAC;
>  	else if (strstr(algo_str, "AES-CBC"))

As David suggested - this looks to be a fix - I believe he is right.
I will let Akhil to decide.

> -		info.algo = FIPS_TEST_ALGO_AES;
> +		info.algo = FIPS_TEST_ALGO_AES_CBC;
> +	else if (strstr(algo_str, "AES-XTS"))
> +		info.algo = FIPS_TEST_ALGO_AES_XTS;
>  	else
>  		return -EINVAL;
> 
<snip>
Other than that,
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>

RE: [EXT] Re: [PATCH v1] examples/fips_validation: add parsing for xts

[Gowrishankar Muthukrishnan]

Thanks David, I ack and have added your suggestions in V3.

Regards,
Gowrishankar

[PATCH v3 0/3] example/fips_validation: add xts and sha json parsing

[Gowrishankar Muthukrishnan]

Add support in fips_validation to parse AES_XTS and SHA json vectors.

v3:
 - individual patches for xts and sha are clubbed in this new series.

Gowrishankar Muthukrishnan (3):
  examples/fips_validation: add aes_cbc specific enum
  examples/fips_validation: add parsing for xts
  examples/fips_validation: add parsing for sha

 examples/fips_validation/fips_validation.c    |   6 +-
 examples/fips_validation/fips_validation.h    |  26 ++-
 .../fips_validation/fips_validation_sha.c     | 188 ++++++++++++++++++
 .../fips_validation/fips_validation_xts.c     | 141 +++++++++++++
 examples/fips_validation/main.c               |  44 +++-
 5 files changed, 392 insertions(+), 13 deletions(-)

-- 
2.25.1

[PATCH v3 1/3] examples/fips_validation: add aes_cbc specific enum

[Gowrishankar Muthukrishnan]

Add algorithm enum specifically for AES_CBC instead of relying on
AES as such.

Fixes: 8b8546aaedf ("examples/fips_validation: add parsing for AES-CBC")

Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
---
 examples/fips_validation/fips_validation.c | 2 +-
 examples/fips_validation/fips_validation.h | 1 +
 examples/fips_validation/main.c            | 1 +
 3 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/examples/fips_validation/fips_validation.c b/examples/fips_validation/fips_validation.c
index 324abccb14..68b5572db2 100644
--- a/examples/fips_validation/fips_validation.c
+++ b/examples/fips_validation/fips_validation.c
@@ -463,7 +463,7 @@ fips_test_parse_one_json_vector_set(void)
 	else if (strstr(algo_str, "CMAC"))
 		info.algo = FIPS_TEST_ALGO_AES_CMAC;
 	else if (strstr(algo_str, "AES-CBC"))
-		info.algo = FIPS_TEST_ALGO_AES;
+		info.algo = FIPS_TEST_ALGO_AES_CBC;
 	else
 		return -EINVAL;
 
diff --git a/examples/fips_validation/fips_validation.h b/examples/fips_validation/fips_validation.h
index 69d738b718..819236983d 100644
--- a/examples/fips_validation/fips_validation.h
+++ b/examples/fips_validation/fips_validation.h
@@ -34,6 +34,7 @@
 
 enum fips_test_algorithms {
 		FIPS_TEST_ALGO_AES = 0,
+		FIPS_TEST_ALGO_AES_CBC,
 		FIPS_TEST_ALGO_AES_GCM,
 		FIPS_TEST_ALGO_AES_CMAC,
 		FIPS_TEST_ALGO_AES_CCM,
diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c
index ceabea788e..9c4951595d 100644
--- a/examples/fips_validation/main.c
+++ b/examples/fips_validation/main.c
@@ -1781,6 +1781,7 @@ static int
 init_test_ops(void)
 {
 	switch (info.algo) {
+	case FIPS_TEST_ALGO_AES_CBC:
 	case FIPS_TEST_ALGO_AES:
 		test_ops.prepare_op = prepare_cipher_op;
 		test_ops.prepare_xform  = prepare_aes_xform;
-- 
2.25.1

[PATCH v3 2/3] examples/fips_validation: add parsing for xts

[Gowrishankar Muthukrishnan]

Added function to parse algorithm for AES XTS test.

Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
---
v3:
 - CBC related changes moved to 1/3 patch.
---
 examples/fips_validation/fips_validation.c    |   2 +
 examples/fips_validation/fips_validation.h    |  15 +-
 .../fips_validation/fips_validation_xts.c     | 141 ++++++++++++++++++
 examples/fips_validation/main.c               |   4 +
 4 files changed, 161 insertions(+), 1 deletion(-)

diff --git a/examples/fips_validation/fips_validation.c b/examples/fips_validation/fips_validation.c
index 68b5572db2..f181363ef7 100644
--- a/examples/fips_validation/fips_validation.c
+++ b/examples/fips_validation/fips_validation.c
@@ -464,6 +464,8 @@ fips_test_parse_one_json_vector_set(void)
 		info.algo = FIPS_TEST_ALGO_AES_CMAC;
 	else if (strstr(algo_str, "AES-CBC"))
 		info.algo = FIPS_TEST_ALGO_AES_CBC;
+	else if (strstr(algo_str, "AES-XTS"))
+		info.algo = FIPS_TEST_ALGO_AES_XTS;
 	else
 		return -EINVAL;
 
diff --git a/examples/fips_validation/fips_validation.h b/examples/fips_validation/fips_validation.h
index 819236983d..d716b198c6 100644
--- a/examples/fips_validation/fips_validation.h
+++ b/examples/fips_validation/fips_validation.h
@@ -38,10 +38,10 @@ enum fips_test_algorithms {
 		FIPS_TEST_ALGO_AES_GCM,
 		FIPS_TEST_ALGO_AES_CMAC,
 		FIPS_TEST_ALGO_AES_CCM,
+		FIPS_TEST_ALGO_AES_XTS,
 		FIPS_TEST_ALGO_HMAC,
 		FIPS_TEST_ALGO_TDES,
 		FIPS_TEST_ALGO_SHA,
-		FIPS_TEST_ALGO_AES_XTS,
 		FIPS_TEST_ALGO_MAX
 };
 
@@ -171,6 +171,15 @@ struct gcm_interim_data {
 	uint8_t gen_iv;
 };
 
+enum xts_tweak_modes {
+	XTS_TWEAK_MODE_HEX = 0,
+	XTS_TWEAK_MODE_NUMBER
+};
+
+struct xts_interim_data {
+	enum xts_tweak_modes tweak_mode;
+};
+
 #ifdef USE_JANSSON
 struct fips_test_json_info {
 	/* Information used for reading from json */
@@ -208,6 +217,7 @@ struct fips_test_interim_info {
 		struct ccm_interim_data ccm_data;
 		struct sha_interim_data sha_data;
 		struct gcm_interim_data gcm_data;
+		struct xts_interim_data xts_data;
 	} interim_info;
 
 	enum fips_test_op op;
@@ -267,6 +277,9 @@ parse_test_cmac_json_init(void);
 
 int
 parse_test_aes_json_init(void);
+
+int
+parse_test_xts_json_init(void);
 #endif /* USE_JANSSON */
 
 int
diff --git a/examples/fips_validation/fips_validation_xts.c b/examples/fips_validation/fips_validation_xts.c
index 5bb1966f6c..531e3c688e 100644
--- a/examples/fips_validation/fips_validation_xts.c
+++ b/examples/fips_validation/fips_validation_xts.c
@@ -24,6 +24,22 @@
 #define OP_ENC_STR	"ENCRYPT"
 #define OP_DEC_STR	"DECRYPT"
 
+#define ALGO_JSON_STR		"algorithm"
+#define TESTTYPE_JSON_STR	"testType"
+#define DIR_JSON_STR		"direction"
+#define KEYLEN_JSON_STR		"keyLen"
+#define TWEAKMODE_JSON_STR	"tweakMode"
+
+#define KEY_JSON_STR		"key"
+#define DATAUNITLEN_JSON_STR	"dataUnitLen"
+#define PAYLOADLEN_JSON_STR	"payloadLen"
+#define TWEAKVALUE_JSON_STR	"tweakValue"
+#define PT_JSON_STR	"pt"
+#define CT_JSON_STR	"ct"
+
+#define OP_ENC_JSON_STR	"encrypt"
+#define OP_DEC_JSON_STR	"decrypt"
+
 static int
 parse_interim_xts_enc_dec(const char *key,
 		__rte_unused char *text,
@@ -62,6 +78,131 @@ struct fips_test_callback xts_writeback_callbacks[] = {
 		{NULL, NULL, NULL} /**< end pointer */
 };
 
+#ifdef USE_JANSSON
+static int
+parser_xts_read_keylen(const char *key, char *src, struct fips_val *val)
+{
+	int ret;
+
+	ret = parser_read_uint32_bit_val(key, src, val);
+	if (ret < 0)
+		return ret;
+
+	val->len *= 2;
+	return 0;
+}
+
+static int
+parser_xts_read_tweakval(const char *key, char *src, struct fips_val *val)
+{
+	int ret;
+
+	if (info.interim_info.xts_data.tweak_mode == XTS_TWEAK_MODE_HEX)
+		ret = parse_uint8_hex_str(key, src, val);
+	else if (info.interim_info.xts_data.tweak_mode == XTS_TWEAK_MODE_NUMBER)
+		ret = parser_read_uint32_bit_val(key, src, val);
+	else
+		ret = -1;
+
+	return ret;
+}
+
+struct fips_test_callback xts_dec_json_vectors[] = {
+		{KEY_JSON_STR, parse_uint8_known_len_hex_str, &vec.cipher_auth.key},
+		{TWEAKVALUE_JSON_STR, parser_xts_read_tweakval, &vec.iv},
+		{CT_JSON_STR, parse_uint8_hex_str, &vec.ct},
+		{NULL, NULL, NULL} /**< end pointer */
+};
+
+struct fips_test_callback xts_interim_json_vectors[] = {
+		{KEYLEN_JSON_STR, parser_xts_read_keylen, &vec.cipher_auth.key},
+		{NULL, NULL, NULL} /**< end pointer */
+};
+
+struct fips_test_callback xts_enc_json_vectors[] = {
+		{KEY_JSON_STR, parse_uint8_known_len_hex_str, &vec.cipher_auth.key},
+		{TWEAKVALUE_JSON_STR, parser_xts_read_tweakval, &vec.iv},
+		{PT_JSON_STR, parse_uint8_hex_str, &vec.pt},
+		{NULL, NULL, NULL} /**< end pointer */
+};
+
+static int
+parse_test_xts_json_writeback(struct fips_val *val)
+{
+	struct fips_val tmp_val;
+	json_t *tcId;
+
+	tcId = json_object_get(json_info.json_test_case, "tcId");
+
+	json_info.json_write_case = json_object();
+	json_object_set(json_info.json_write_case, "tcId", tcId);
+
+	if (info.op == FIPS_TEST_ENC_AUTH_GEN) {
+		json_t *ct;
+
+		tmp_val.val = val->val;
+		tmp_val.len = vec.pt.len;
+
+		writeback_hex_str("", info.one_line_text, &tmp_val);
+		ct = json_string(info.one_line_text);
+		json_object_set_new(json_info.json_write_case, CT_JSON_STR, ct);
+
+		tmp_val.val = val->val + vec.pt.len;
+		tmp_val.len = val->len - vec.pt.len;
+
+		writeback_hex_str("", info.one_line_text, &tmp_val);
+	} else {
+		if (vec.status == RTE_CRYPTO_OP_STATUS_SUCCESS) {
+			tmp_val.val = val->val;
+			tmp_val.len = vec.ct.len;
+
+			writeback_hex_str("", info.one_line_text, &tmp_val);
+			json_object_set_new(json_info.json_write_case, PT_JSON_STR,
+								json_string(info.one_line_text));
+		} else {
+			json_object_set_new(json_info.json_write_case, "testPassed", json_false());
+		}
+	}
+
+	return 0;
+}
+
+int
+parse_test_xts_json_init(void)
+{
+	if (json_info.json_test_group) {
+		json_t *direction_obj, *tweakmode_obj;
+		const char *direction_str, *tweakmode_str;
+
+		direction_obj = json_object_get(json_info.json_test_group, DIR_JSON_STR);
+		direction_str = json_string_value(direction_obj);
+
+		if (strcmp(direction_str, OP_ENC_JSON_STR) == 0) {
+			info.op = FIPS_TEST_ENC_AUTH_GEN;
+			info.callbacks = xts_enc_json_vectors;
+
+		} else if (strcmp(direction_str, OP_DEC_JSON_STR) == 0) {
+			info.op = FIPS_TEST_DEC_AUTH_VERIF;
+			info.callbacks = xts_dec_json_vectors;
+		} else {
+			return -EINVAL;
+		}
+
+		tweakmode_obj = json_object_get(json_info.json_test_group, TWEAKMODE_JSON_STR);
+		tweakmode_str = json_string_value(tweakmode_obj);
+		if (strcmp(tweakmode_str, "hex") == 0)
+			info.interim_info.xts_data.tweak_mode = XTS_TWEAK_MODE_HEX;
+		else
+			info.interim_info.xts_data.tweak_mode = XTS_TWEAK_MODE_NUMBER;
+
+		info.interim_callbacks = xts_interim_json_vectors;
+	}
+
+	info.parse_writeback = parse_test_xts_json_writeback;
+	return 0;
+}
+#endif /* USE_JANSSON */
+
 static int
 parse_test_xts_writeback(struct fips_val *val)
 {
diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c
index 9c4951595d..7ccb5f52f4 100644
--- a/examples/fips_validation/main.c
+++ b/examples/fips_validation/main.c
@@ -1989,6 +1989,10 @@ fips_test_one_test_group(void)
 	case FIPS_TEST_ALGO_AES_CMAC:
 		ret = parse_test_cmac_json_init();
 		break;
+	case FIPS_TEST_ALGO_AES_XTS:
+		ret = parse_test_xts_json_init();
+		break;
+	case FIPS_TEST_ALGO_AES_CBC:
 	case FIPS_TEST_ALGO_AES:
 		ret = parse_test_aes_json_init();
 		break;
-- 
2.25.1

[PATCH v3 3/3] examples/fips_validation: add parsing for sha

[Gowrishankar Muthukrishnan]

Added function to parse algorithm for SHA test.

Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
---
v3:
 - added a comment on flat array of fips_val for parse_writeback callback.
---
 examples/fips_validation/fips_validation.c    |   2 +
 examples/fips_validation/fips_validation.h    |  10 +
 .../fips_validation/fips_validation_sha.c     | 188 ++++++++++++++++++
 examples/fips_validation/main.c               |  39 +++-
 4 files changed, 228 insertions(+), 11 deletions(-)

diff --git a/examples/fips_validation/fips_validation.c b/examples/fips_validation/fips_validation.c
index f181363ef7..12b9b03f56 100644
--- a/examples/fips_validation/fips_validation.c
+++ b/examples/fips_validation/fips_validation.c
@@ -466,6 +466,8 @@ fips_test_parse_one_json_vector_set(void)
 		info.algo = FIPS_TEST_ALGO_AES_CBC;
 	else if (strstr(algo_str, "AES-XTS"))
 		info.algo = FIPS_TEST_ALGO_AES_XTS;
+	else if (strstr(algo_str, "SHA"))
+		info.algo = FIPS_TEST_ALGO_SHA;
 	else
 		return -EINVAL;
 
diff --git a/examples/fips_validation/fips_validation.h b/examples/fips_validation/fips_validation.h
index d716b198c6..5c1abcbd91 100644
--- a/examples/fips_validation/fips_validation.h
+++ b/examples/fips_validation/fips_validation.h
@@ -133,6 +133,7 @@ enum fips_ccm_test_types {
 
 enum fips_sha_test_types {
 	SHA_KAT = 0,
+	SHA_AFT,
 	SHA_MCT
 };
 
@@ -280,6 +281,15 @@ parse_test_aes_json_init(void);
 
 int
 parse_test_xts_json_init(void);
+
+int
+parse_test_sha_json_init(void);
+
+int
+parse_test_sha_json_algorithm(void);
+
+int
+parse_test_sha_json_test_type(void);
 #endif /* USE_JANSSON */
 
 int
diff --git a/examples/fips_validation/fips_validation_sha.c b/examples/fips_validation/fips_validation_sha.c
index 34c364c75a..a2928618d7 100644
--- a/examples/fips_validation/fips_validation_sha.c
+++ b/examples/fips_validation/fips_validation_sha.c
@@ -17,6 +17,11 @@
 #define SEED_STR	"Seed = "
 #define MCT_STR		"Monte"
 
+#define ALGO_JSON_STR	"algorithm"
+#define TESTTYPE_JSON_STR	"testType"
+
+#define PT_JSON_STR		"msg"
+
 struct plain_hash_size_conversion {
 	const char *str;
 	enum rte_crypto_auth_algorithm algo;
@@ -62,6 +67,32 @@ struct fips_test_callback sha_tests_interim_vectors[] = {
 		{NULL, NULL, NULL} /**< end pointer */
 };
 
+#ifdef USE_JANSSON
+static struct {
+	uint32_t type;
+	const char *desc;
+} sha_test_types[] = {
+		{SHA_MCT, "MCT"},
+		{SHA_AFT, "AFT"},
+};
+
+static struct plain_hash_algorithms {
+	const char *str;
+	enum rte_crypto_auth_algorithm algo;
+} json_algorithms[] = {
+		{"SHA-1", RTE_CRYPTO_AUTH_SHA1},
+		{"SHA2-224", RTE_CRYPTO_AUTH_SHA224},
+		{"SHA2-256", RTE_CRYPTO_AUTH_SHA256},
+		{"SHA2-384", RTE_CRYPTO_AUTH_SHA384},
+		{"SHA2-512", RTE_CRYPTO_AUTH_SHA512},
+};
+
+struct fips_test_callback sha_tests_json_vectors[] = {
+		{PT_JSON_STR, parse_uint8_hex_str, &vec.pt},
+		{NULL, NULL, NULL} /**< end pointer */
+};
+#endif /* USE_JANSSON */
+
 static int
 parse_test_sha_writeback(struct fips_val *val) // !
 {
@@ -108,3 +139,160 @@ parse_test_sha_init(void)
 	info.kat_check = rsp_test_sha_check;
 	return 0;
 }
+
+#ifdef USE_JANSSON
+static int
+parse_test_sha_json_writeback(struct fips_val *val)
+{
+	struct fips_val val_local;
+	json_t *tcId, *md;
+
+	tcId = json_object_get(json_info.json_test_case, "tcId");
+
+	json_info.json_write_case = json_object();
+	json_object_set_new(json_info.json_write_case, "tcId", tcId);
+
+	val_local.val = val->val + vec.pt.len;
+	val_local.len = vec.cipher_auth.digest.len;
+
+	writeback_hex_str("", info.one_line_text, &val_local);
+	md = json_string(info.one_line_text);
+	json_object_set_new(json_info.json_write_case, "md", md);
+
+	return 0;
+}
+
+static int
+parse_test_sha_mct_json_writeback(struct fips_val *val)
+{
+	json_t *tcId, *msg, *md, *resArr, *res;
+	struct fips_val val_local;
+
+	tcId = json_object_get(json_info.json_test_case, "tcId");
+	if (json_info.json_write_case) {
+		json_t *wcId;
+
+		wcId = json_object_get(json_info.json_write_case, "tcId");
+		if (!json_equal(tcId, wcId)) {
+			json_info.json_write_case = json_object();
+			json_object_set_new(json_info.json_write_case, "tcId", tcId);
+			json_object_set_new(json_info.json_write_case, "resultsArray",
+								json_array());
+		}
+	} else {
+		json_info.json_write_case = json_object();
+		json_object_set_new(json_info.json_write_case, "tcId", tcId);
+		json_object_set_new(json_info.json_write_case, "resultsArray", json_array());
+	}
+
+	resArr = json_object_get(json_info.json_write_case, "resultsArray");
+	if (!json_is_array(resArr))
+		return -EINVAL;
+
+	res = json_object();
+
+	writeback_hex_str("", info.one_line_text, &val[1]);
+	msg = json_string(info.one_line_text);
+	json_object_set_new(res, "msg", msg);
+
+	val_local.val = val[0].val + vec.pt.len;
+	val_local.len = vec.cipher_auth.digest.len;
+
+	writeback_hex_str("", info.one_line_text, &val_local);
+	md = json_string(info.one_line_text);
+	json_object_set_new(res, "md", md);
+
+	json_array_append_new(resArr, res);
+	return 0;
+}
+
+int
+parse_test_sha_json_algorithm(void)
+{
+	json_t *algorithm_object;
+	const char *algorithm_str;
+	uint32_t i;
+
+	algorithm_object = json_object_get(json_info.json_vector_set, "algorithm");
+	algorithm_str = json_string_value(algorithm_object);
+
+	for (i = 0; i < RTE_DIM(json_algorithms); i++) {
+		if (strstr(algorithm_str, json_algorithms[i].str)) {
+			info.interim_info.sha_data.algo = json_algorithms[i].algo;
+			break;
+		}
+	}
+
+	if (i == RTE_DIM(json_algorithms))
+		return -1;
+
+	for (i = 0; i < RTE_DIM(phsc); i++) {
+		if (info.interim_info.sha_data.algo == phsc[i].algo) {
+			vec.cipher_auth.digest.len = atoi(phsc[i].str);
+			vec.cipher_auth.digest.val = calloc(0, vec.cipher_auth.digest.len * 8);
+			break;
+		}
+	}
+
+	if (i == RTE_DIM(phsc))
+		return -1;
+
+	return 0;
+}
+
+int
+parse_test_sha_json_test_type(void)
+{
+	json_t *type_object;
+	const char *type_str;
+	uint32_t i;
+
+	type_object = json_object_get(json_info.json_test_group, TESTTYPE_JSON_STR);
+	type_str = json_string_value(type_object);
+
+	for (i = 0; i < RTE_DIM(sha_test_types); i++)
+		if (strstr(type_str, sha_test_types[i].desc)) {
+			info.interim_info.aes_data.test_type =
+				sha_test_types[i].type;
+			break;
+		}
+
+	if (i == RTE_DIM(sha_test_types))
+		return -1;
+
+	switch (info.interim_info.sha_data.test_type) {
+	case SHA_MCT:
+		info.parse_writeback = parse_test_sha_mct_json_writeback;
+		break;
+	case SHA_AFT:
+		info.parse_writeback = parse_test_sha_json_writeback;
+		break;
+	default:
+		info.parse_writeback = NULL;
+	}
+
+	if (!info.parse_writeback)
+		return -1;
+
+	return 0;
+}
+
+int
+parse_test_sha_json_init(void)
+{
+	info.op = FIPS_TEST_ENC_AUTH_GEN;
+	info.parse_writeback = parse_test_sha_json_writeback;
+	info.callbacks = sha_tests_json_vectors;
+	info.writeback_callbacks = NULL;
+	info.kat_check = rsp_test_sha_check;
+	info.interim_callbacks = NULL;
+
+	if (parse_test_sha_json_algorithm() < 0)
+		return -1;
+
+	if (parse_test_sha_json_test_type() < 0)
+		return -1;
+
+	return 0;
+}
+#endif /* USE_JANSSON */
diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c
index 7ccb5f52f4..6d52048b5c 100644
--- a/examples/fips_validation/main.c
+++ b/examples/fips_validation/main.c
@@ -1693,19 +1693,26 @@ fips_mct_sha_test(void)
 #define SHA_EXTERN_ITER	100
 #define SHA_INTERN_ITER	1000
 #define SHA_MD_BLOCK	3
-	struct fips_val val = {NULL, 0}, md[SHA_MD_BLOCK];
+	/* val[0] is op result and other value is for parse_writeback callback */
+	struct fips_val val[2] = {{NULL, 0},};
+	struct fips_val  md[SHA_MD_BLOCK], msg;
 	char temp[MAX_DIGEST_SIZE*2];
 	int ret;
 	uint32_t i, j;
 
+	msg.len = SHA_MD_BLOCK * vec.cipher_auth.digest.len;
+	msg.val = calloc(1, msg.len);
+	memcpy(vec.cipher_auth.digest.val, vec.pt.val, vec.cipher_auth.digest.len);
 	for (i = 0; i < SHA_MD_BLOCK; i++)
 		md[i].val = rte_malloc(NULL, (MAX_DIGEST_SIZE*2), 0);
 
 	rte_free(vec.pt.val);
 	vec.pt.val = rte_malloc(NULL, (MAX_DIGEST_SIZE*SHA_MD_BLOCK), 0);
 
-	fips_test_write_one_case();
-	fprintf(info.fp_wr, "\n");
+	if (info.file_type != FIPS_TYPE_JSON) {
+		fips_test_write_one_case();
+		fprintf(info.fp_wr, "\n");
+	}
 
 	for (j = 0; j < SHA_EXTERN_ITER; j++) {
 
@@ -1719,6 +1726,9 @@ fips_mct_sha_test(void)
 			vec.cipher_auth.digest.len);
 		md[2].len = vec.cipher_auth.digest.len;
 
+		for (i = 0; i < SHA_MD_BLOCK; i++)
+			memcpy(&msg.val[i * md[i].len], md[i].val, md[i].len);
+
 		for (i = 0; i < (SHA_INTERN_ITER); i++) {
 
 			memcpy(vec.pt.val, md[0].val,
@@ -1742,7 +1752,7 @@ fips_mct_sha_test(void)
 				return ret;
 			}
 
-			ret = get_writeback_data(&val);
+			ret = get_writeback_data(&val[0]);
 			if (ret < 0)
 				return ret;
 
@@ -1751,7 +1761,7 @@ fips_mct_sha_test(void)
 			memcpy(md[1].val, md[2].val, md[2].len);
 			md[1].len = md[2].len;
 
-			memcpy(md[2].val, (val.val + vec.pt.len),
+			memcpy(md[2].val, (val[0].val + vec.pt.len),
 				vec.cipher_auth.digest.len);
 			md[2].len = vec.cipher_auth.digest.len;
 		}
@@ -1759,11 +1769,14 @@ fips_mct_sha_test(void)
 		memcpy(vec.cipher_auth.digest.val, md[2].val, md[2].len);
 		vec.cipher_auth.digest.len = md[2].len;
 
-		fprintf(info.fp_wr, "COUNT = %u\n", j);
-
-		writeback_hex_str("", temp, &vec.cipher_auth.digest);
-
-		fprintf(info.fp_wr, "MD = %s\n\n", temp);
+		if (info.file_type != FIPS_TYPE_JSON) {
+			fprintf(info.fp_wr, "COUNT = %u\n", j);
+			writeback_hex_str("", temp, &vec.cipher_auth.digest);
+			fprintf(info.fp_wr, "MD = %s\n\n", temp);
+		}
+		val[1].val = msg.val;
+		val[1].len = msg.len;
+		info.parse_writeback(val);
 	}
 
 	for (i = 0; i < (SHA_MD_BLOCK); i++)
@@ -1771,7 +1784,8 @@ fips_mct_sha_test(void)
 
 	rte_free(vec.pt.val);
 
-	free(val.val);
+	free(val[0].val);
+	free(msg.val);
 
 	return 0;
 }
@@ -1996,6 +2010,9 @@ fips_test_one_test_group(void)
 	case FIPS_TEST_ALGO_AES:
 		ret = parse_test_aes_json_init();
 		break;
+	case FIPS_TEST_ALGO_SHA:
+		ret = parse_test_sha_json_init();
+		break;
 	default:
 		return -EINVAL;
 	}
-- 
2.25.1

[PATCH v4 0/3] example/fips_validation: add xts and sha json parsing

[Gowrishankar Muthukrishnan]

Add support in fips_validation to parse AES_XTS and SHA json vectors.

v4:
 - doc updates

Gowrishankar Muthukrishnan (3):
  examples/fips_validation: add aes_cbc specific enum
  examples/fips_validation: add parsing for xts
  examples/fips_validation: add parsing for sha

 doc/guides/sample_app_ug/fips_validation.rst  |   2 +
 examples/fips_validation/fips_validation.c    |   6 +-
 examples/fips_validation/fips_validation.h    |  26 ++-
 .../fips_validation/fips_validation_sha.c     | 188 ++++++++++++++++++
 .../fips_validation/fips_validation_xts.c     | 141 +++++++++++++
 examples/fips_validation/main.c               |  44 +++-
 6 files changed, 394 insertions(+), 13 deletions(-)

-- 
2.25.1

[PATCH v4 1/3] examples/fips_validation: add aes_cbc specific enum

[Gowrishankar Muthukrishnan]

Add algorithm enum specifically for AES_CBC instead of relying on
AES as such.

Fixes: 8b8546aaedf ("examples/fips_validation: add parsing for AES-CBC")

Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
---
 examples/fips_validation/fips_validation.c | 2 +-
 examples/fips_validation/fips_validation.h | 1 +
 examples/fips_validation/main.c            | 1 +
 3 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/examples/fips_validation/fips_validation.c b/examples/fips_validation/fips_validation.c
index 324abccb14..68b5572db2 100644
--- a/examples/fips_validation/fips_validation.c
+++ b/examples/fips_validation/fips_validation.c
@@ -463,7 +463,7 @@ fips_test_parse_one_json_vector_set(void)
 	else if (strstr(algo_str, "CMAC"))
 		info.algo = FIPS_TEST_ALGO_AES_CMAC;
 	else if (strstr(algo_str, "AES-CBC"))
-		info.algo = FIPS_TEST_ALGO_AES;
+		info.algo = FIPS_TEST_ALGO_AES_CBC;
 	else
 		return -EINVAL;
 
diff --git a/examples/fips_validation/fips_validation.h b/examples/fips_validation/fips_validation.h
index 69d738b718..819236983d 100644
--- a/examples/fips_validation/fips_validation.h
+++ b/examples/fips_validation/fips_validation.h
@@ -34,6 +34,7 @@
 
 enum fips_test_algorithms {
 		FIPS_TEST_ALGO_AES = 0,
+		FIPS_TEST_ALGO_AES_CBC,
 		FIPS_TEST_ALGO_AES_GCM,
 		FIPS_TEST_ALGO_AES_CMAC,
 		FIPS_TEST_ALGO_AES_CCM,
diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c
index ceabea788e..9c4951595d 100644
--- a/examples/fips_validation/main.c
+++ b/examples/fips_validation/main.c
@@ -1781,6 +1781,7 @@ static int
 init_test_ops(void)
 {
 	switch (info.algo) {
+	case FIPS_TEST_ALGO_AES_CBC:
 	case FIPS_TEST_ALGO_AES:
 		test_ops.prepare_op = prepare_cipher_op;
 		test_ops.prepare_xform  = prepare_aes_xform;
-- 
2.25.1

[PATCH v4 2/3] examples/fips_validation: add parsing for xts

[Gowrishankar Muthukrishnan]

Added function to parse algorithm for AES XTS test.

Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
---
v4:
 - doc update
---
 doc/guides/sample_app_ug/fips_validation.rst  |   1 +
 examples/fips_validation/fips_validation.c    |   2 +
 examples/fips_validation/fips_validation.h    |  15 +-
 .../fips_validation/fips_validation_xts.c     | 141 ++++++++++++++++++
 examples/fips_validation/main.c               |   4 +
 5 files changed, 162 insertions(+), 1 deletion(-)

diff --git a/doc/guides/sample_app_ug/fips_validation.rst b/doc/guides/sample_app_ug/fips_validation.rst
index 43190bb696..41d2e0da13 100644
--- a/doc/guides/sample_app_ug/fips_validation.rst
+++ b/doc/guides/sample_app_ug/fips_validation.rst
@@ -61,6 +61,7 @@ ACVP
     * AES-CBC (128,192,256) - AFT, MCT
     * AES-GCM (128,192,256) - AFT
     * AES-CMAC (128,192,256) - AFT
+    * AES-XTS (128,256) - AFT
     * HMAC (SHA1, SHA224, SHA256, SHA384, SHA512)
 
 
diff --git a/examples/fips_validation/fips_validation.c b/examples/fips_validation/fips_validation.c
index 68b5572db2..f181363ef7 100644
--- a/examples/fips_validation/fips_validation.c
+++ b/examples/fips_validation/fips_validation.c
@@ -464,6 +464,8 @@ fips_test_parse_one_json_vector_set(void)
 		info.algo = FIPS_TEST_ALGO_AES_CMAC;
 	else if (strstr(algo_str, "AES-CBC"))
 		info.algo = FIPS_TEST_ALGO_AES_CBC;
+	else if (strstr(algo_str, "AES-XTS"))
+		info.algo = FIPS_TEST_ALGO_AES_XTS;
 	else
 		return -EINVAL;
 
diff --git a/examples/fips_validation/fips_validation.h b/examples/fips_validation/fips_validation.h
index 819236983d..d716b198c6 100644
--- a/examples/fips_validation/fips_validation.h
+++ b/examples/fips_validation/fips_validation.h
@@ -38,10 +38,10 @@ enum fips_test_algorithms {
 		FIPS_TEST_ALGO_AES_GCM,
 		FIPS_TEST_ALGO_AES_CMAC,
 		FIPS_TEST_ALGO_AES_CCM,
+		FIPS_TEST_ALGO_AES_XTS,
 		FIPS_TEST_ALGO_HMAC,
 		FIPS_TEST_ALGO_TDES,
 		FIPS_TEST_ALGO_SHA,
-		FIPS_TEST_ALGO_AES_XTS,
 		FIPS_TEST_ALGO_MAX
 };
 
@@ -171,6 +171,15 @@ struct gcm_interim_data {
 	uint8_t gen_iv;
 };
 
+enum xts_tweak_modes {
+	XTS_TWEAK_MODE_HEX = 0,
+	XTS_TWEAK_MODE_NUMBER
+};
+
+struct xts_interim_data {
+	enum xts_tweak_modes tweak_mode;
+};
+
 #ifdef USE_JANSSON
 struct fips_test_json_info {
 	/* Information used for reading from json */
@@ -208,6 +217,7 @@ struct fips_test_interim_info {
 		struct ccm_interim_data ccm_data;
 		struct sha_interim_data sha_data;
 		struct gcm_interim_data gcm_data;
+		struct xts_interim_data xts_data;
 	} interim_info;
 
 	enum fips_test_op op;
@@ -267,6 +277,9 @@ parse_test_cmac_json_init(void);
 
 int
 parse_test_aes_json_init(void);
+
+int
+parse_test_xts_json_init(void);
 #endif /* USE_JANSSON */
 
 int
diff --git a/examples/fips_validation/fips_validation_xts.c b/examples/fips_validation/fips_validation_xts.c
index 5bb1966f6c..531e3c688e 100644
--- a/examples/fips_validation/fips_validation_xts.c
+++ b/examples/fips_validation/fips_validation_xts.c
@@ -24,6 +24,22 @@
 #define OP_ENC_STR	"ENCRYPT"
 #define OP_DEC_STR	"DECRYPT"
 
+#define ALGO_JSON_STR		"algorithm"
+#define TESTTYPE_JSON_STR	"testType"
+#define DIR_JSON_STR		"direction"
+#define KEYLEN_JSON_STR		"keyLen"
+#define TWEAKMODE_JSON_STR	"tweakMode"
+
+#define KEY_JSON_STR		"key"
+#define DATAUNITLEN_JSON_STR	"dataUnitLen"
+#define PAYLOADLEN_JSON_STR	"payloadLen"
+#define TWEAKVALUE_JSON_STR	"tweakValue"
+#define PT_JSON_STR	"pt"
+#define CT_JSON_STR	"ct"
+
+#define OP_ENC_JSON_STR	"encrypt"
+#define OP_DEC_JSON_STR	"decrypt"
+
 static int
 parse_interim_xts_enc_dec(const char *key,
 		__rte_unused char *text,
@@ -62,6 +78,131 @@ struct fips_test_callback xts_writeback_callbacks[] = {
 		{NULL, NULL, NULL} /**< end pointer */
 };
 
+#ifdef USE_JANSSON
+static int
+parser_xts_read_keylen(const char *key, char *src, struct fips_val *val)
+{
+	int ret;
+
+	ret = parser_read_uint32_bit_val(key, src, val);
+	if (ret < 0)
+		return ret;
+
+	val->len *= 2;
+	return 0;
+}
+
+static int
+parser_xts_read_tweakval(const char *key, char *src, struct fips_val *val)
+{
+	int ret;
+
+	if (info.interim_info.xts_data.tweak_mode == XTS_TWEAK_MODE_HEX)
+		ret = parse_uint8_hex_str(key, src, val);
+	else if (info.interim_info.xts_data.tweak_mode == XTS_TWEAK_MODE_NUMBER)
+		ret = parser_read_uint32_bit_val(key, src, val);
+	else
+		ret = -1;
+
+	return ret;
+}
+
+struct fips_test_callback xts_dec_json_vectors[] = {
+		{KEY_JSON_STR, parse_uint8_known_len_hex_str, &vec.cipher_auth.key},
+		{TWEAKVALUE_JSON_STR, parser_xts_read_tweakval, &vec.iv},
+		{CT_JSON_STR, parse_uint8_hex_str, &vec.ct},
+		{NULL, NULL, NULL} /**< end pointer */
+};
+
+struct fips_test_callback xts_interim_json_vectors[] = {
+		{KEYLEN_JSON_STR, parser_xts_read_keylen, &vec.cipher_auth.key},
+		{NULL, NULL, NULL} /**< end pointer */
+};
+
+struct fips_test_callback xts_enc_json_vectors[] = {
+		{KEY_JSON_STR, parse_uint8_known_len_hex_str, &vec.cipher_auth.key},
+		{TWEAKVALUE_JSON_STR, parser_xts_read_tweakval, &vec.iv},
+		{PT_JSON_STR, parse_uint8_hex_str, &vec.pt},
+		{NULL, NULL, NULL} /**< end pointer */
+};
+
+static int
+parse_test_xts_json_writeback(struct fips_val *val)
+{
+	struct fips_val tmp_val;
+	json_t *tcId;
+
+	tcId = json_object_get(json_info.json_test_case, "tcId");
+
+	json_info.json_write_case = json_object();
+	json_object_set(json_info.json_write_case, "tcId", tcId);
+
+	if (info.op == FIPS_TEST_ENC_AUTH_GEN) {
+		json_t *ct;
+
+		tmp_val.val = val->val;
+		tmp_val.len = vec.pt.len;
+
+		writeback_hex_str("", info.one_line_text, &tmp_val);
+		ct = json_string(info.one_line_text);
+		json_object_set_new(json_info.json_write_case, CT_JSON_STR, ct);
+
+		tmp_val.val = val->val + vec.pt.len;
+		tmp_val.len = val->len - vec.pt.len;
+
+		writeback_hex_str("", info.one_line_text, &tmp_val);
+	} else {
+		if (vec.status == RTE_CRYPTO_OP_STATUS_SUCCESS) {
+			tmp_val.val = val->val;
+			tmp_val.len = vec.ct.len;
+
+			writeback_hex_str("", info.one_line_text, &tmp_val);
+			json_object_set_new(json_info.json_write_case, PT_JSON_STR,
+								json_string(info.one_line_text));
+		} else {
+			json_object_set_new(json_info.json_write_case, "testPassed", json_false());
+		}
+	}
+
+	return 0;
+}
+
+int
+parse_test_xts_json_init(void)
+{
+	if (json_info.json_test_group) {
+		json_t *direction_obj, *tweakmode_obj;
+		const char *direction_str, *tweakmode_str;
+
+		direction_obj = json_object_get(json_info.json_test_group, DIR_JSON_STR);
+		direction_str = json_string_value(direction_obj);
+
+		if (strcmp(direction_str, OP_ENC_JSON_STR) == 0) {
+			info.op = FIPS_TEST_ENC_AUTH_GEN;
+			info.callbacks = xts_enc_json_vectors;
+
+		} else if (strcmp(direction_str, OP_DEC_JSON_STR) == 0) {
+			info.op = FIPS_TEST_DEC_AUTH_VERIF;
+			info.callbacks = xts_dec_json_vectors;
+		} else {
+			return -EINVAL;
+		}
+
+		tweakmode_obj = json_object_get(json_info.json_test_group, TWEAKMODE_JSON_STR);
+		tweakmode_str = json_string_value(tweakmode_obj);
+		if (strcmp(tweakmode_str, "hex") == 0)
+			info.interim_info.xts_data.tweak_mode = XTS_TWEAK_MODE_HEX;
+		else
+			info.interim_info.xts_data.tweak_mode = XTS_TWEAK_MODE_NUMBER;
+
+		info.interim_callbacks = xts_interim_json_vectors;
+	}
+
+	info.parse_writeback = parse_test_xts_json_writeback;
+	return 0;
+}
+#endif /* USE_JANSSON */
+
 static int
 parse_test_xts_writeback(struct fips_val *val)
 {
diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c
index 9c4951595d..7ccb5f52f4 100644
--- a/examples/fips_validation/main.c
+++ b/examples/fips_validation/main.c
@@ -1989,6 +1989,10 @@ fips_test_one_test_group(void)
 	case FIPS_TEST_ALGO_AES_CMAC:
 		ret = parse_test_cmac_json_init();
 		break;
+	case FIPS_TEST_ALGO_AES_XTS:
+		ret = parse_test_xts_json_init();
+		break;
+	case FIPS_TEST_ALGO_AES_CBC:
 	case FIPS_TEST_ALGO_AES:
 		ret = parse_test_aes_json_init();
 		break;
-- 
2.25.1

[PATCH v4 3/3] examples/fips_validation: add parsing for sha

[Gowrishankar Muthukrishnan]

Added function to parse algorithm for SHA test.

Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
---
v4:
 - doc update
---
 doc/guides/sample_app_ug/fips_validation.rst  |   1 +
 examples/fips_validation/fips_validation.c    |   2 +
 examples/fips_validation/fips_validation.h    |  10 +
 .../fips_validation/fips_validation_sha.c     | 188 ++++++++++++++++++
 examples/fips_validation/main.c               |  39 +++-
 5 files changed, 229 insertions(+), 11 deletions(-)

diff --git a/doc/guides/sample_app_ug/fips_validation.rst b/doc/guides/sample_app_ug/fips_validation.rst
index 41d2e0da13..4b68226665 100644
--- a/doc/guides/sample_app_ug/fips_validation.rst
+++ b/doc/guides/sample_app_ug/fips_validation.rst
@@ -63,6 +63,7 @@ ACVP
     * AES-CMAC (128,192,256) - AFT
     * AES-XTS (128,256) - AFT
     * HMAC (SHA1, SHA224, SHA256, SHA384, SHA512)
+    * SHA (1,256) - AFT, MCT
 
 
 Application Information
diff --git a/examples/fips_validation/fips_validation.c b/examples/fips_validation/fips_validation.c
index f181363ef7..12b9b03f56 100644
--- a/examples/fips_validation/fips_validation.c
+++ b/examples/fips_validation/fips_validation.c
@@ -466,6 +466,8 @@ fips_test_parse_one_json_vector_set(void)
 		info.algo = FIPS_TEST_ALGO_AES_CBC;
 	else if (strstr(algo_str, "AES-XTS"))
 		info.algo = FIPS_TEST_ALGO_AES_XTS;
+	else if (strstr(algo_str, "SHA"))
+		info.algo = FIPS_TEST_ALGO_SHA;
 	else
 		return -EINVAL;
 
diff --git a/examples/fips_validation/fips_validation.h b/examples/fips_validation/fips_validation.h
index d716b198c6..5c1abcbd91 100644
--- a/examples/fips_validation/fips_validation.h
+++ b/examples/fips_validation/fips_validation.h
@@ -133,6 +133,7 @@ enum fips_ccm_test_types {
 
 enum fips_sha_test_types {
 	SHA_KAT = 0,
+	SHA_AFT,
 	SHA_MCT
 };
 
@@ -280,6 +281,15 @@ parse_test_aes_json_init(void);
 
 int
 parse_test_xts_json_init(void);
+
+int
+parse_test_sha_json_init(void);
+
+int
+parse_test_sha_json_algorithm(void);
+
+int
+parse_test_sha_json_test_type(void);
 #endif /* USE_JANSSON */
 
 int
diff --git a/examples/fips_validation/fips_validation_sha.c b/examples/fips_validation/fips_validation_sha.c
index 34c364c75a..a2928618d7 100644
--- a/examples/fips_validation/fips_validation_sha.c
+++ b/examples/fips_validation/fips_validation_sha.c
@@ -17,6 +17,11 @@
 #define SEED_STR	"Seed = "
 #define MCT_STR		"Monte"
 
+#define ALGO_JSON_STR	"algorithm"
+#define TESTTYPE_JSON_STR	"testType"
+
+#define PT_JSON_STR		"msg"
+
 struct plain_hash_size_conversion {
 	const char *str;
 	enum rte_crypto_auth_algorithm algo;
@@ -62,6 +67,32 @@ struct fips_test_callback sha_tests_interim_vectors[] = {
 		{NULL, NULL, NULL} /**< end pointer */
 };
 
+#ifdef USE_JANSSON
+static struct {
+	uint32_t type;
+	const char *desc;
+} sha_test_types[] = {
+		{SHA_MCT, "MCT"},
+		{SHA_AFT, "AFT"},
+};
+
+static struct plain_hash_algorithms {
+	const char *str;
+	enum rte_crypto_auth_algorithm algo;
+} json_algorithms[] = {
+		{"SHA-1", RTE_CRYPTO_AUTH_SHA1},
+		{"SHA2-224", RTE_CRYPTO_AUTH_SHA224},
+		{"SHA2-256", RTE_CRYPTO_AUTH_SHA256},
+		{"SHA2-384", RTE_CRYPTO_AUTH_SHA384},
+		{"SHA2-512", RTE_CRYPTO_AUTH_SHA512},
+};
+
+struct fips_test_callback sha_tests_json_vectors[] = {
+		{PT_JSON_STR, parse_uint8_hex_str, &vec.pt},
+		{NULL, NULL, NULL} /**< end pointer */
+};
+#endif /* USE_JANSSON */
+
 static int
 parse_test_sha_writeback(struct fips_val *val) // !
 {
@@ -108,3 +139,160 @@ parse_test_sha_init(void)
 	info.kat_check = rsp_test_sha_check;
 	return 0;
 }
+
+#ifdef USE_JANSSON
+static int
+parse_test_sha_json_writeback(struct fips_val *val)
+{
+	struct fips_val val_local;
+	json_t *tcId, *md;
+
+	tcId = json_object_get(json_info.json_test_case, "tcId");
+
+	json_info.json_write_case = json_object();
+	json_object_set_new(json_info.json_write_case, "tcId", tcId);
+
+	val_local.val = val->val + vec.pt.len;
+	val_local.len = vec.cipher_auth.digest.len;
+
+	writeback_hex_str("", info.one_line_text, &val_local);
+	md = json_string(info.one_line_text);
+	json_object_set_new(json_info.json_write_case, "md", md);
+
+	return 0;
+}
+
+static int
+parse_test_sha_mct_json_writeback(struct fips_val *val)
+{
+	json_t *tcId, *msg, *md, *resArr, *res;
+	struct fips_val val_local;
+
+	tcId = json_object_get(json_info.json_test_case, "tcId");
+	if (json_info.json_write_case) {
+		json_t *wcId;
+
+		wcId = json_object_get(json_info.json_write_case, "tcId");
+		if (!json_equal(tcId, wcId)) {
+			json_info.json_write_case = json_object();
+			json_object_set_new(json_info.json_write_case, "tcId", tcId);
+			json_object_set_new(json_info.json_write_case, "resultsArray",
+								json_array());
+		}
+	} else {
+		json_info.json_write_case = json_object();
+		json_object_set_new(json_info.json_write_case, "tcId", tcId);
+		json_object_set_new(json_info.json_write_case, "resultsArray", json_array());
+	}
+
+	resArr = json_object_get(json_info.json_write_case, "resultsArray");
+	if (!json_is_array(resArr))
+		return -EINVAL;
+
+	res = json_object();
+
+	writeback_hex_str("", info.one_line_text, &val[1]);
+	msg = json_string(info.one_line_text);
+	json_object_set_new(res, "msg", msg);
+
+	val_local.val = val[0].val + vec.pt.len;
+	val_local.len = vec.cipher_auth.digest.len;
+
+	writeback_hex_str("", info.one_line_text, &val_local);
+	md = json_string(info.one_line_text);
+	json_object_set_new(res, "md", md);
+
+	json_array_append_new(resArr, res);
+	return 0;
+}
+
+int
+parse_test_sha_json_algorithm(void)
+{
+	json_t *algorithm_object;
+	const char *algorithm_str;
+	uint32_t i;
+
+	algorithm_object = json_object_get(json_info.json_vector_set, "algorithm");
+	algorithm_str = json_string_value(algorithm_object);
+
+	for (i = 0; i < RTE_DIM(json_algorithms); i++) {
+		if (strstr(algorithm_str, json_algorithms[i].str)) {
+			info.interim_info.sha_data.algo = json_algorithms[i].algo;
+			break;
+		}
+	}
+
+	if (i == RTE_DIM(json_algorithms))
+		return -1;
+
+	for (i = 0; i < RTE_DIM(phsc); i++) {
+		if (info.interim_info.sha_data.algo == phsc[i].algo) {
+			vec.cipher_auth.digest.len = atoi(phsc[i].str);
+			vec.cipher_auth.digest.val = calloc(0, vec.cipher_auth.digest.len * 8);
+			break;
+		}
+	}
+
+	if (i == RTE_DIM(phsc))
+		return -1;
+
+	return 0;
+}
+
+int
+parse_test_sha_json_test_type(void)
+{
+	json_t *type_object;
+	const char *type_str;
+	uint32_t i;
+
+	type_object = json_object_get(json_info.json_test_group, TESTTYPE_JSON_STR);
+	type_str = json_string_value(type_object);
+
+	for (i = 0; i < RTE_DIM(sha_test_types); i++)
+		if (strstr(type_str, sha_test_types[i].desc)) {
+			info.interim_info.aes_data.test_type =
+				sha_test_types[i].type;
+			break;
+		}
+
+	if (i == RTE_DIM(sha_test_types))
+		return -1;
+
+	switch (info.interim_info.sha_data.test_type) {
+	case SHA_MCT:
+		info.parse_writeback = parse_test_sha_mct_json_writeback;
+		break;
+	case SHA_AFT:
+		info.parse_writeback = parse_test_sha_json_writeback;
+		break;
+	default:
+		info.parse_writeback = NULL;
+	}
+
+	if (!info.parse_writeback)
+		return -1;
+
+	return 0;
+}
+
+int
+parse_test_sha_json_init(void)
+{
+	info.op = FIPS_TEST_ENC_AUTH_GEN;
+	info.parse_writeback = parse_test_sha_json_writeback;
+	info.callbacks = sha_tests_json_vectors;
+	info.writeback_callbacks = NULL;
+	info.kat_check = rsp_test_sha_check;
+	info.interim_callbacks = NULL;
+
+	if (parse_test_sha_json_algorithm() < 0)
+		return -1;
+
+	if (parse_test_sha_json_test_type() < 0)
+		return -1;
+
+	return 0;
+}
+#endif /* USE_JANSSON */
diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c
index 7ccb5f52f4..6d52048b5c 100644
--- a/examples/fips_validation/main.c
+++ b/examples/fips_validation/main.c
@@ -1693,19 +1693,26 @@ fips_mct_sha_test(void)
 #define SHA_EXTERN_ITER	100
 #define SHA_INTERN_ITER	1000
 #define SHA_MD_BLOCK	3
-	struct fips_val val = {NULL, 0}, md[SHA_MD_BLOCK];
+	/* val[0] is op result and other value is for parse_writeback callback */
+	struct fips_val val[2] = {{NULL, 0},};
+	struct fips_val  md[SHA_MD_BLOCK], msg;
 	char temp[MAX_DIGEST_SIZE*2];
 	int ret;
 	uint32_t i, j;
 
+	msg.len = SHA_MD_BLOCK * vec.cipher_auth.digest.len;
+	msg.val = calloc(1, msg.len);
+	memcpy(vec.cipher_auth.digest.val, vec.pt.val, vec.cipher_auth.digest.len);
 	for (i = 0; i < SHA_MD_BLOCK; i++)
 		md[i].val = rte_malloc(NULL, (MAX_DIGEST_SIZE*2), 0);
 
 	rte_free(vec.pt.val);
 	vec.pt.val = rte_malloc(NULL, (MAX_DIGEST_SIZE*SHA_MD_BLOCK), 0);
 
-	fips_test_write_one_case();
-	fprintf(info.fp_wr, "\n");
+	if (info.file_type != FIPS_TYPE_JSON) {
+		fips_test_write_one_case();
+		fprintf(info.fp_wr, "\n");
+	}
 
 	for (j = 0; j < SHA_EXTERN_ITER; j++) {
 
@@ -1719,6 +1726,9 @@ fips_mct_sha_test(void)
 			vec.cipher_auth.digest.len);
 		md[2].len = vec.cipher_auth.digest.len;
 
+		for (i = 0; i < SHA_MD_BLOCK; i++)
+			memcpy(&msg.val[i * md[i].len], md[i].val, md[i].len);
+
 		for (i = 0; i < (SHA_INTERN_ITER); i++) {
 
 			memcpy(vec.pt.val, md[0].val,
@@ -1742,7 +1752,7 @@ fips_mct_sha_test(void)
 				return ret;
 			}
 
-			ret = get_writeback_data(&val);
+			ret = get_writeback_data(&val[0]);
 			if (ret < 0)
 				return ret;
 
@@ -1751,7 +1761,7 @@ fips_mct_sha_test(void)
 			memcpy(md[1].val, md[2].val, md[2].len);
 			md[1].len = md[2].len;
 
-			memcpy(md[2].val, (val.val + vec.pt.len),
+			memcpy(md[2].val, (val[0].val + vec.pt.len),
 				vec.cipher_auth.digest.len);
 			md[2].len = vec.cipher_auth.digest.len;
 		}
@@ -1759,11 +1769,14 @@ fips_mct_sha_test(void)
 		memcpy(vec.cipher_auth.digest.val, md[2].val, md[2].len);
 		vec.cipher_auth.digest.len = md[2].len;
 
-		fprintf(info.fp_wr, "COUNT = %u\n", j);
-
-		writeback_hex_str("", temp, &vec.cipher_auth.digest);
-
-		fprintf(info.fp_wr, "MD = %s\n\n", temp);
+		if (info.file_type != FIPS_TYPE_JSON) {
+			fprintf(info.fp_wr, "COUNT = %u\n", j);
+			writeback_hex_str("", temp, &vec.cipher_auth.digest);
+			fprintf(info.fp_wr, "MD = %s\n\n", temp);
+		}
+		val[1].val = msg.val;
+		val[1].len = msg.len;
+		info.parse_writeback(val);
 	}
 
 	for (i = 0; i < (SHA_MD_BLOCK); i++)
@@ -1771,7 +1784,8 @@ fips_mct_sha_test(void)
 
 	rte_free(vec.pt.val);
 
-	free(val.val);
+	free(val[0].val);
+	free(msg.val);
 
 	return 0;
 }
@@ -1996,6 +2010,9 @@ fips_test_one_test_group(void)
 	case FIPS_TEST_ALGO_AES:
 		ret = parse_test_aes_json_init();
 		break;
+	case FIPS_TEST_ALGO_SHA:
+		ret = parse_test_sha_json_init();
+		break;
 	default:
 		return -EINVAL;
 	}
-- 
2.25.1

RE: [EXT] [PATCH v4 0/3] example/fips_validation: add xts and sha json parsing

[Akhil Goyal]

> Add support in fips_validation to parse AES_XTS and SHA json vectors.
> 
> v4:
>  - doc updates
> 
> Gowrishankar Muthukrishnan (3):
>   examples/fips_validation: add aes_cbc specific enum
>   examples/fips_validation: add parsing for xts
>   examples/fips_validation: add parsing for sha
> 
>  doc/guides/sample_app_ug/fips_validation.rst  |   2 +
>  examples/fips_validation/fips_validation.c    |   6 +-
>  examples/fips_validation/fips_validation.h    |  26 ++-
>  .../fips_validation/fips_validation_sha.c     | 188 ++++++++++++++++++
>  .../fips_validation/fips_validation_xts.c     | 141 +++++++++++++
>  examples/fips_validation/main.c               |  44 +++-
>  6 files changed, 394 insertions(+), 13 deletions(-)
> 
Applied to dpdk-next-crypto

Thanks.