Added function to parse algorithm for SHA test. Verified with SHA 1 and 256 vectors. SHA 384 and 512 has some issues with the way jansson objects are created, which could be addressed separately.
Signed-off-by: Gowrishankar Muthukrishnan <gmuthukri...@marvell.com> --- examples/fips_validation/fips_validation.c | 2 + examples/fips_validation/fips_validation.h | 10 + .../fips_validation/fips_validation_sha.c | 188 ++++++++++++++++++ examples/fips_validation/main.c | 37 +++- 4 files changed, 226 insertions(+), 11 deletions(-) diff --git a/examples/fips_validation/fips_validation.c b/examples/fips_validation/fips_validation.c index f181363ef7..12b9b03f56 100644 --- a/examples/fips_validation/fips_validation.c +++ b/examples/fips_validation/fips_validation.c @@ -466,6 +466,8 @@ fips_test_parse_one_json_vector_set(void) info.algo = FIPS_TEST_ALGO_AES_CBC; else if (strstr(algo_str, "AES-XTS")) info.algo = FIPS_TEST_ALGO_AES_XTS; + else if (strstr(algo_str, "SHA")) + info.algo = FIPS_TEST_ALGO_SHA; else return -EINVAL; diff --git a/examples/fips_validation/fips_validation.h b/examples/fips_validation/fips_validation.h index d716b198c6..5c1abcbd91 100644 --- a/examples/fips_validation/fips_validation.h +++ b/examples/fips_validation/fips_validation.h @@ -133,6 +133,7 @@ enum fips_ccm_test_types { enum fips_sha_test_types { SHA_KAT = 0, + SHA_AFT, SHA_MCT }; @@ -280,6 +281,15 @@ parse_test_aes_json_init(void); int parse_test_xts_json_init(void); + +int +parse_test_sha_json_init(void); + +int +parse_test_sha_json_algorithm(void); + +int +parse_test_sha_json_test_type(void); #endif /* USE_JANSSON */ int diff --git a/examples/fips_validation/fips_validation_sha.c b/examples/fips_validation/fips_validation_sha.c index 34c364c75a..a2928618d7 100644 --- a/examples/fips_validation/fips_validation_sha.c +++ b/examples/fips_validation/fips_validation_sha.c @@ -17,6 +17,11 @@ #define SEED_STR "Seed = " #define MCT_STR "Monte" +#define ALGO_JSON_STR "algorithm" +#define TESTTYPE_JSON_STR "testType" + +#define PT_JSON_STR "msg" + struct plain_hash_size_conversion { const char *str; enum rte_crypto_auth_algorithm algo; @@ -62,6 +67,32 @@ struct fips_test_callback sha_tests_interim_vectors[] = { {NULL, NULL, NULL} /**< end pointer */ }; +#ifdef USE_JANSSON +static struct { + uint32_t type; + const char *desc; +} sha_test_types[] = { + {SHA_MCT, "MCT"}, + {SHA_AFT, "AFT"}, +}; + +static struct plain_hash_algorithms { + const char *str; + enum rte_crypto_auth_algorithm algo; +} json_algorithms[] = { + {"SHA-1", RTE_CRYPTO_AUTH_SHA1}, + {"SHA2-224", RTE_CRYPTO_AUTH_SHA224}, + {"SHA2-256", RTE_CRYPTO_AUTH_SHA256}, + {"SHA2-384", RTE_CRYPTO_AUTH_SHA384}, + {"SHA2-512", RTE_CRYPTO_AUTH_SHA512}, +}; + +struct fips_test_callback sha_tests_json_vectors[] = { + {PT_JSON_STR, parse_uint8_hex_str, &vec.pt}, + {NULL, NULL, NULL} /**< end pointer */ +}; +#endif /* USE_JANSSON */ + static int parse_test_sha_writeback(struct fips_val *val) // ! { @@ -108,3 +139,160 @@ parse_test_sha_init(void) info.kat_check = rsp_test_sha_check; return 0; } + +#ifdef USE_JANSSON +static int +parse_test_sha_json_writeback(struct fips_val *val) +{ + struct fips_val val_local; + json_t *tcId, *md; + + tcId = json_object_get(json_info.json_test_case, "tcId"); + + json_info.json_write_case = json_object(); + json_object_set_new(json_info.json_write_case, "tcId", tcId); + + val_local.val = val->val + vec.pt.len; + val_local.len = vec.cipher_auth.digest.len; + + writeback_hex_str("", info.one_line_text, &val_local); + md = json_string(info.one_line_text); + json_object_set_new(json_info.json_write_case, "md", md); + + return 0; +} + +static int +parse_test_sha_mct_json_writeback(struct fips_val *val) +{ + json_t *tcId, *msg, *md, *resArr, *res; + struct fips_val val_local; + + tcId = json_object_get(json_info.json_test_case, "tcId"); + if (json_info.json_write_case) { + json_t *wcId; + + wcId = json_object_get(json_info.json_write_case, "tcId"); + if (!json_equal(tcId, wcId)) { + json_info.json_write_case = json_object(); + json_object_set_new(json_info.json_write_case, "tcId", tcId); + json_object_set_new(json_info.json_write_case, "resultsArray", + json_array()); + } + } else { + json_info.json_write_case = json_object(); + json_object_set_new(json_info.json_write_case, "tcId", tcId); + json_object_set_new(json_info.json_write_case, "resultsArray", json_array()); + } + + resArr = json_object_get(json_info.json_write_case, "resultsArray"); + if (!json_is_array(resArr)) + return -EINVAL; + + res = json_object(); + + writeback_hex_str("", info.one_line_text, &val[1]); + msg = json_string(info.one_line_text); + json_object_set_new(res, "msg", msg); + + val_local.val = val[0].val + vec.pt.len; + val_local.len = vec.cipher_auth.digest.len; + + writeback_hex_str("", info.one_line_text, &val_local); + md = json_string(info.one_line_text); + json_object_set_new(res, "md", md); + + json_array_append_new(resArr, res); + return 0; +} + +int +parse_test_sha_json_algorithm(void) +{ + json_t *algorithm_object; + const char *algorithm_str; + uint32_t i; + + algorithm_object = json_object_get(json_info.json_vector_set, "algorithm"); + algorithm_str = json_string_value(algorithm_object); + + for (i = 0; i < RTE_DIM(json_algorithms); i++) { + if (strstr(algorithm_str, json_algorithms[i].str)) { + info.interim_info.sha_data.algo = json_algorithms[i].algo; + break; + } + } + + if (i == RTE_DIM(json_algorithms)) + return -1; + + for (i = 0; i < RTE_DIM(phsc); i++) { + if (info.interim_info.sha_data.algo == phsc[i].algo) { + vec.cipher_auth.digest.len = atoi(phsc[i].str); + vec.cipher_auth.digest.val = calloc(0, vec.cipher_auth.digest.len * 8); + break; + } + } + + if (i == RTE_DIM(phsc)) + return -1; + + return 0; +} + +int +parse_test_sha_json_test_type(void) +{ + json_t *type_object; + const char *type_str; + uint32_t i; + + type_object = json_object_get(json_info.json_test_group, TESTTYPE_JSON_STR); + type_str = json_string_value(type_object); + + for (i = 0; i < RTE_DIM(sha_test_types); i++) + if (strstr(type_str, sha_test_types[i].desc)) { + info.interim_info.aes_data.test_type = + sha_test_types[i].type; + break; + } + + if (i == RTE_DIM(sha_test_types)) + return -1; + + switch (info.interim_info.sha_data.test_type) { + case SHA_MCT: + info.parse_writeback = parse_test_sha_mct_json_writeback; + break; + case SHA_AFT: + info.parse_writeback = parse_test_sha_json_writeback; + break; + default: + info.parse_writeback = NULL; + } + + if (!info.parse_writeback) + return -1; + + return 0; +} + +int +parse_test_sha_json_init(void) +{ + info.op = FIPS_TEST_ENC_AUTH_GEN; + info.parse_writeback = parse_test_sha_json_writeback; + info.callbacks = sha_tests_json_vectors; + info.writeback_callbacks = NULL; + info.kat_check = rsp_test_sha_check; + info.interim_callbacks = NULL; + + if (parse_test_sha_json_algorithm() < 0) + return -1; + + if (parse_test_sha_json_test_type() < 0) + return -1; + + return 0; +} +#endif /* USE_JANSSON */ diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c index 7ccb5f52f4..41347de199 100644 --- a/examples/fips_validation/main.c +++ b/examples/fips_validation/main.c @@ -1693,19 +1693,24 @@ fips_mct_sha_test(void) #define SHA_EXTERN_ITER 100 #define SHA_INTERN_ITER 1000 #define SHA_MD_BLOCK 3 - struct fips_val val = {NULL, 0}, md[SHA_MD_BLOCK]; + struct fips_val val[2] = {{NULL, 0},}, md[SHA_MD_BLOCK], msg; char temp[MAX_DIGEST_SIZE*2]; int ret; uint32_t i, j; + msg.len = SHA_MD_BLOCK * vec.cipher_auth.digest.len; + msg.val = calloc(1, msg.len); + memcpy(vec.cipher_auth.digest.val, vec.pt.val, vec.cipher_auth.digest.len); for (i = 0; i < SHA_MD_BLOCK; i++) md[i].val = rte_malloc(NULL, (MAX_DIGEST_SIZE*2), 0); rte_free(vec.pt.val); vec.pt.val = rte_malloc(NULL, (MAX_DIGEST_SIZE*SHA_MD_BLOCK), 0); - fips_test_write_one_case(); - fprintf(info.fp_wr, "\n"); + if (info.file_type != FIPS_TYPE_JSON) { + fips_test_write_one_case(); + fprintf(info.fp_wr, "\n"); + } for (j = 0; j < SHA_EXTERN_ITER; j++) { @@ -1719,6 +1724,9 @@ fips_mct_sha_test(void) vec.cipher_auth.digest.len); md[2].len = vec.cipher_auth.digest.len; + for (i = 0; i < SHA_MD_BLOCK; i++) + memcpy(&msg.val[i * md[i].len], md[i].val, md[i].len); + for (i = 0; i < (SHA_INTERN_ITER); i++) { memcpy(vec.pt.val, md[0].val, @@ -1742,7 +1750,7 @@ fips_mct_sha_test(void) return ret; } - ret = get_writeback_data(&val); + ret = get_writeback_data(&val[0]); if (ret < 0) return ret; @@ -1751,7 +1759,7 @@ fips_mct_sha_test(void) memcpy(md[1].val, md[2].val, md[2].len); md[1].len = md[2].len; - memcpy(md[2].val, (val.val + vec.pt.len), + memcpy(md[2].val, (val[0].val + vec.pt.len), vec.cipher_auth.digest.len); md[2].len = vec.cipher_auth.digest.len; } @@ -1759,11 +1767,14 @@ fips_mct_sha_test(void) memcpy(vec.cipher_auth.digest.val, md[2].val, md[2].len); vec.cipher_auth.digest.len = md[2].len; - fprintf(info.fp_wr, "COUNT = %u\n", j); - - writeback_hex_str("", temp, &vec.cipher_auth.digest); - - fprintf(info.fp_wr, "MD = %s\n\n", temp); + if (info.file_type != FIPS_TYPE_JSON) { + fprintf(info.fp_wr, "COUNT = %u\n", j); + writeback_hex_str("", temp, &vec.cipher_auth.digest); + fprintf(info.fp_wr, "MD = %s\n\n", temp); + } + val[1].val = msg.val; + val[1].len = msg.len; + info.parse_writeback(val); } for (i = 0; i < (SHA_MD_BLOCK); i++) @@ -1771,7 +1782,8 @@ fips_mct_sha_test(void) rte_free(vec.pt.val); - free(val.val); + free(val[0].val); + free(msg.val); return 0; } @@ -1996,6 +2008,9 @@ fips_test_one_test_group(void) case FIPS_TEST_ALGO_AES: ret = parse_test_aes_json_init(); break; + case FIPS_TEST_ALGO_SHA: + ret = parse_test_sha_json_init(); + break; default: return -EINVAL; } -- 2.25.1