RE: [EXT] [PATCH v3] examples/fips_validation: add parsing for AES GMAC

Gowrishankar Muthukrishnan Fri, 16 Sep 2022 10:07:01 -0700

Tested with FIPS test vectors from NIST.

Acked-by: Gowrishankar Muthukrishnan <gmuthukri...@marvell.com>


Thanks,
Gowrishankar

> -----Original Message-----
> From: Brian Dooley <brian.doo...@intel.com>
> Sent: Friday, September 16, 2022 2:30 PM
> To: Fan Zhang <roy.fan.zh...@intel.com>; Brian Dooley
> <brian.doo...@intel.com>
> Cc: dev@dpdk.org; Gowrishankar Muthukrishnan
> <gmuthukri...@marvell.com>; Akhil Goyal <gak...@marvell.com>;
> kai...@intel.com
> Subject: [EXT] [PATCH v3] examples/fips_validation: add parsing for AES
> GMAC
> 
> External Email
> 
> ----------------------------------------------------------------------
> Added functionality to parse algorithm for AES GMAC test
> 
> Signed-off-by: Brian Dooley <brian.doo...@intel.com>
> Acked-by: Kai Ji <kai...@intel.com>
> ---
> v2: add random internal iv generation
> ---
> v3: in reply to fix and patchwork CI
> ---
>  examples/fips_validation/fips_validation.c    |  2 ++
>  examples/fips_validation/fips_validation.h    |  1 +
>  .../fips_validation/fips_validation_gcm.c     | 13 ++++++------
>  examples/fips_validation/main.c               | 21 +++++++++++++++++++
>  4 files changed, 31 insertions(+), 6 deletions(-)
> 
> diff --git a/examples/fips_validation/fips_validation.c
> b/examples/fips_validation/fips_validation.c
> index 12b9b03f56..5c7ecce412 100644
> --- a/examples/fips_validation/fips_validation.c
> +++ b/examples/fips_validation/fips_validation.c
> @@ -458,6 +458,8 @@ fips_test_parse_one_json_vector_set(void)
>       /* Vector sets contain the algorithm type, and nothing else we need.
> */
>       if (strstr(algo_str, "AES-GCM"))
>               info.algo = FIPS_TEST_ALGO_AES_GCM;
> +     else if (strstr(algo_str, "AES-GMAC"))
> +             info.algo = FIPS_TEST_ALGO_AES_GMAC;
>       else if (strstr(algo_str, "HMAC"))
>               info.algo = FIPS_TEST_ALGO_HMAC;
>       else if (strstr(algo_str, "CMAC"))
> diff --git a/examples/fips_validation/fips_validation.h
> b/examples/fips_validation/fips_validation.h
> index 5c1abcbd91..24edab68da 100644
> --- a/examples/fips_validation/fips_validation.h
> +++ b/examples/fips_validation/fips_validation.h
> @@ -36,6 +36,7 @@ enum fips_test_algorithms {
>               FIPS_TEST_ALGO_AES = 0,
>               FIPS_TEST_ALGO_AES_CBC,
>               FIPS_TEST_ALGO_AES_GCM,
> +             FIPS_TEST_ALGO_AES_GMAC,
>               FIPS_TEST_ALGO_AES_CMAC,
>               FIPS_TEST_ALGO_AES_CCM,
>               FIPS_TEST_ALGO_AES_XTS,
> diff --git a/examples/fips_validation/fips_validation_gcm.c
> b/examples/fips_validation/fips_validation_gcm.c
> index 6b3d158629..7e1bd77faf 100644
> --- a/examples/fips_validation/fips_validation_gcm.c
> +++ b/examples/fips_validation/fips_validation_gcm.c
> @@ -291,13 +291,14 @@ parse_test_gcm_json_writeback(struct fips_val
> *val)
> 
>       if (info.op == FIPS_TEST_ENC_AUTH_GEN) {
>               json_t *ct;
> +             if (!info.interim_info.gcm_data.is_gmac) {
> +                     tmp_val.val = val->val;
> +                     tmp_val.len = vec.pt.len;
> 
> -             tmp_val.val = val->val;
> -             tmp_val.len = vec.pt.len;
> -
> -             writeback_hex_str("", info.one_line_text, &tmp_val);
> -             ct = json_string(info.one_line_text);
> -             json_object_set_new(json_info.json_write_case,
> CT_JSON_STR, ct);
> +                     writeback_hex_str("", info.one_line_text,
> &tmp_val);
> +                     ct = json_string(info.one_line_text);
> +                     json_object_set_new(json_info.json_write_case,
> CT_JSON_STR, ct);
> +             }
> 
>               if (info.interim_info.gcm_data.gen_iv) {
>                       json_t *iv;
> diff --git a/examples/fips_validation/main.c
> b/examples/fips_validation/main.c index 8bd5a66889..9118ca4d92 100644
> --- a/examples/fips_validation/main.c
> +++ b/examples/fips_validation/main.c
> @@ -669,6 +669,21 @@ prepare_auth_op(void)
> 
>       __rte_crypto_op_reset(env.op,
> RTE_CRYPTO_OP_TYPE_SYMMETRIC);
> 
> +     if (info.interim_info.gcm_data.gen_iv == 1) {
> +             uint32_t i;
> +
> +             if (!vec.iv.val) {
> +                     vec.iv.val = rte_malloc(0, vec.iv.len, 0);
> +                     if (!vec.iv.val)
> +                             return -ENOMEM;
> +             }
> +
> +             for (i = 0; i < vec.iv.len; i++) {
> +                     int random = rand();
> +                     vec.iv.val[i] = (uint8_t)random;
> +             }
> +     }
> +
>       if (vec.iv.len) {
>               uint8_t *iv = rte_crypto_op_ctod_offset(env.op, uint8_t *,
>                               IV_OFF);
> @@ -1817,6 +1832,11 @@ init_test_ops(void)
>               else
>                       test_ops.test = fips_generic_test;
>               break;
> +     case FIPS_TEST_ALGO_AES_GMAC:
> +             test_ops.prepare_op = prepare_auth_op;
> +             test_ops.prepare_xform = prepare_gmac_xform;
> +             test_ops.test = fips_generic_test;
> +             break;
>       case FIPS_TEST_ALGO_AES_GCM:
>               test_ops.prepare_op = prepare_aead_op;
>               test_ops.prepare_xform = prepare_gcm_xform; @@ -1994,6
> +2014,7 @@ fips_test_one_test_group(void)
>       json_object_set_new(json_info.json_write_group, "tests",
> write_tests);
> 
>       switch (info.algo) {
> +     case FIPS_TEST_ALGO_AES_GMAC:
>       case FIPS_TEST_ALGO_AES_GCM:
>               ret = parse_test_gcm_json_init();
>               break;
> --
> 2.25.1

RE: [EXT] [PATCH v3] examples/fips_validation: add parsing for AES GMAC

Reply via email to