[dpdk-dev] [PATCH v5 4/8] examples/cryptodev_fips_validate: add TDES parser and enablement for test types

Marko Kovacevic marko.kovacevic at intel.com
Wed Oct 24 16:11:18 CEST 2018


On 24/10/2018 13:31, Akhil Goyal wrote:
> better to be uniform with the name
> TDES or 3DES
sure will make it uniform
>
> On 10/17/2018 6:19 PM, Marko Kovacevic wrote:
>> Added enablement for TDES parser, to allow the
>> application to parser the TDES request files and to validate all
>> test types supported.
>>
>> Signed-off-by: Marko Kovacevic <marko.kovacevic at intel.com>
>> Signed-off-by: Fan Zhang <roy.fan.zhang at intel.com>
>> Acked-by: Arek Kusztal <arkadiuszx.kusztal at intel.com>
>> ---
>>    examples/cryptodev_fips_validate/Makefile          |   1 +
>>    .../cryptodev_fips_parse_3des.c                    | 259 +++++++++++++++++++++
>>    .../cryptodev_fips_parse_aes.c                     |   2 +
>>    .../cryptodev_fips_parse_validate.c                |   5 +
>>    .../cryptodev_fips_validate.h                      |  21 ++
>>    examples/cryptodev_fips_validate/main.c            | 175 ++++++++++++++
>>    examples/cryptodev_fips_validate/meson.build       |   1 +
>>    7 files changed, 464 insertions(+)
>>    create mode 100644 examples/cryptodev_fips_validate/cryptodev_fips_parse_3des.c
>>
>> diff --git a/examples/cryptodev_fips_validate/Makefile b/examples/cryptodev_fips_validate/Makefile
>> index c85c76c..2ddf326 100644
>> --- a/examples/cryptodev_fips_validate/Makefile
>> +++ b/examples/cryptodev_fips_validate/Makefile
>> @@ -7,6 +7,7 @@ APP = fips_validation
>>    # all source are stored in SRCS-y
>>    SRCS-y := cryptodev_fips_parse_aes.c
>>    SRCS-y += cryptodev_fips_parse_hmac.c
>> +SRCS-y += cryptodev_fips_parse_3des.c
>>    SRCS-y += cryptodev_fips_parse_validate.c
>>    SRCS-y += main.c
>>    
>> diff --git a/examples/cryptodev_fips_validate/cryptodev_fips_parse_3des.c b/examples/cryptodev_fips_validate/cryptodev_fips_parse_3des.c
>> new file mode 100644
>> index 0000000..82e9132
>> --- /dev/null
>> +++ b/examples/cryptodev_fips_validate/cryptodev_fips_parse_3des.c
>> @@ -0,0 +1,259 @@
>> +/* SPDX-License-Identifier: BSD-3-Clause
>> + * Copyright(c) 2018 Intel Corporation
>> + */
>> +
>> +#include <string.h>
>> +#include <stdio.h>
>> +
>> +#include <rte_malloc.h>
>> +#include <rte_cryptodev.h>
>> +
>> +#include "cryptodev_fips_validate.h"
>> +
>> +#define NEW_LINE_STR	"#"
>> +#define TEST_TYPE_KEY	" for CBC"
>> +#define TEST_CBCI_KEY	" for CBCI"
>> +
>> +#define ENC_STR		"[ENCRYPT]"
>> +#define DEC_STR		"[DECRYPT]"
>> +
>> +#define COUNT_STR	"COUNT = "
>> +#define KEY1_STR	"KEY1 = "
>> +#define KEY2_STR	"KEY2 = "
>> +#define KEY3_STR	"KEY3 = "
>> +
>> +#define KEYS_STR	"KEYs = "
>> +#define IV_STR		"IV = "
>> +#define PT_STR		"PLAINTEXT = "
>> +#define CT_STR		"CIPHERTEXT = "
>> +#define NK_STR		"NumKeys = "
>> +
>> +#define SET_STR		" = "
>> +
>> +#define PLAIN_TEXT	0
>> +#define CIPHER_TEXT	1
>> +#define KEY_TEXT	2
>> +#define IV_TEXT		3
>> +
>> +#define DEVICE_STR	"# Config Info for : "
>> +
>> +struct {
>> +	uint32_t type;
>> +	const char *desc;
>> +} test_types[] = {
>> +		{TDES_INVERSE_PERMUTATION, "INVERSE PERMUTATION"},
>> +		{TDES_PERMUTATION, "PERMUTATION OPERATION"},
>> +		{TDES_SUBSTITUTION_TABLE, "SUBSTITUTION TABLE"},
>> +		{TDES_VARIABLE_KEY, "VARIABLE KEY"},
>> +		{TDES_VARIABLE_TEXT, "VARIABLE PLAINTEXT/CIPHERTEXT"},
>> +		{TDES_VARIABLE_TEXT, "KAT"},
>> +		{TDES_MCT, "Monte Carlo (Modes) Test"},
>> +		{TDES_MMT, "Multi block Message Test"},
>> +};
>> +
>> +static int
>> +writeback_tdes_hex_str(const char *key, char *dst, struct fips_val *val);
>> +
>> +static int
>> +parse_3des_uint8_hex_str(const char *key, char *src, struct fips_val *val);
>> +
>> +static int
>> +parse_tdes_interim(const char *key,
>> +		__attribute__((__unused__)) char *text,
>> +		struct fips_val *val);
>> +
>> +struct fips_test_callback tdes_tests_vectors[] = {
>> +		{KEYS_STR, parse_3des_uint8_hex_str, &vec.cipher_auth.key},
>> +		{KEY1_STR, parse_3des_uint8_hex_str, &vec.cipher_auth.key},
>> +		{KEY2_STR, parse_3des_uint8_hex_str, &vec.cipher_auth.key},
>> +		{KEY3_STR, parse_3des_uint8_hex_str, &vec.cipher_auth.key},
>> +		{IV_STR, parse_uint8_hex_str, &vec.iv},
>> +		{PT_STR, parse_uint8_hex_str, &vec.pt},
>> +		{CT_STR, parse_uint8_hex_str, &vec.ct},
>> +		{NULL, NULL, NULL} /**< end pointer */
>> +};
>> +
>> +struct fips_test_callback tdes_tests_interim_vectors[] = {
>> +		{ENC_STR, parse_tdes_interim, NULL},
>> +		{DEC_STR, parse_tdes_interim, NULL},
>> +		{NULL, NULL, NULL} /**< end pointer */
>> +};
>> +
>> +struct fips_test_callback tdes_writeback_callbacks[] = {
>> +		/** First element is used to pass COUNT string */
>> +		{COUNT_STR, NULL, NULL},
>> +		{IV_STR, writeback_hex_str, &vec.iv},
>> +		{KEY1_STR, writeback_tdes_hex_str, &vec.cipher_auth.key},
>> +		{KEY2_STR, writeback_tdes_hex_str, &vec.cipher_auth.key},
>> +		{KEY3_STR, writeback_tdes_hex_str, &vec.cipher_auth.key},
>> +		{KEYS_STR, writeback_tdes_hex_str, &vec.cipher_auth.key},
>> +		{PT_STR, writeback_hex_str, &vec.pt},
>> +		{CT_STR, writeback_hex_str, &vec.ct},
>> +		{NULL, NULL, NULL} /**< end pointer */
>> +};
>> +
>> +static int
>> +parse_tdes_interim(const char *key,
>> +		__attribute__((__unused__)) char *text,
>> +		__attribute__((__unused__)) struct fips_val *val)
>> +{
>> +	if (strstr(key, ENC_STR))
>> +		info.op = FIPS_TEST_ENC_AUTH_GEN;
>> +	else if (strstr(key, DEC_STR))
>> +		info.op = FIPS_TEST_DEC_AUTH_VERIF;
>> +	else if (strstr(NK_STR, "NumKeys = 1"))
>> +		info.interim_info.tdes_data.nb_keys = 1;
>> +	else if (strstr(NK_STR, "NumKeys = 2"))
>> +		info.interim_info.tdes_data.nb_keys = 2;
>> +	else if (strstr(NK_STR, "NumKeys = 3"))
>> +		info.interim_info.tdes_data.nb_keys = 3;
>> +	else
>> +		return -EINVAL;
>> +
>> +	return 0;
>> +}
>> +
>> +static int
>> +parse_3des_uint8_hex_str(const char *key, char *src, struct fips_val *val)
>> +{
>> +	uint8_t tmp_key[24] = {0};
>> +	uint32_t len, i;
>> +
>> +	src += strlen(key);
>> +
>> +	len = strlen(src) / 2;
>> +
>> +	if (val->val) {
>> +		memcpy(tmp_key, val->val, val->len);
>> +		rte_free(val->val);
>> +	}
>> +
>> +	val->val = rte_zmalloc(NULL, 24, 0);
>> +	if (!val->val)
>> +		return -1;
>> +
>> +	memcpy(val->val, tmp_key, 24);
>> +
>> +	if (strstr(key, KEYS_STR)) {
>> +		for (i = 0; i < len; i++) {
>> +			char byte[3] = {src[i * 2], src[i * 2 + 1], '\0'};
>> +
>> +			if (parser_read_uint8_hex(&val->val[i], byte) < 0)
>> +				return -EINVAL;
> memory leak for val->val
good catch will fix it.
>> +		}
>> +
>> +		memcpy(val->val + 8, val->val, 8);
>> +		memcpy(val->val + 16, val->val, 8);
>> +
>> +	} else if (strstr(key, KEY1_STR)) {
>> +		for (i = 0; i < len; i++) {
>> +			char byte[3] = {src[i * 2], src[i * 2 + 1], '\0'};
>> +
>> +			if (parser_read_uint8_hex(&val->val[i], byte) < 0)
>> +				return -EINVAL;
>> +		}
>> +
>> +		if (info.interim_info.tdes_data.nb_keys == 2)
>> +			memcpy(val->val + 16, val->val, 8);
>> +
>> +	} else if (strstr(key, KEY2_STR)) {
>> +		for (i = 0; i < len; i++) {
>> +			char byte[3] = {src[i * 2], src[i * 2 + 1], '\0'};
>> +
>> +			if (parser_read_uint8_hex(&val->val[i + 8], byte) < 0)
>> +				return -EINVAL;
>> +		}
>> +
>> +	} else if (strstr(key, KEY3_STR)) {
>> +		for (i = 0; i < len; i++) {
>> +			char byte[3] = {src[i * 2], src[i * 2 + 1], '\0'};
>> +
>> +			if (parser_read_uint8_hex(&val->val[i + 16], byte) < 0)
>> +				return -EINVAL;
>> +		}
>> +	} else
>> +		return -EINVAL;
>> +
>> +	val->len = 24;
>> +
>> +	return 0;
>> +}
>> +
>>


More information about the dev mailing list