[dpdk-dev] [PATCH v2 2/2] test/crypto: add more tests for mixed encypted-digest
Akhil Goyal
akhil.goyal at nxp.com
Wed Jan 15 14:50:17 CET 2020
Hi Adam,
>
> This patch adds unit tests for QAT PMD for mixed encrypted-digest
> cases, involving SNOW3G UIA2, ZUC EIA3, AES CMAC and NULL auth
> algorithms together with SNOW3G UEA2, ZUC EEA3, AES CTR and NULL
> cipher algorithms in various combinations.
>
> Signed-off-by: Adam Dybkowski <adamx.dybkowski at intel.com>
This patch doesn't apply on current tree.
Could you please rebase.
> ---
> app/test/test_cryptodev.c | 470 ++++++-
> app/test/test_cryptodev_mixed_test_vectors.h | 1320 +++++++++++++++++-
> 2 files changed, 1721 insertions(+), 69 deletions(-)
>
//snip
> /* Create the session */
> - retval = create_wireless_algo_auth_cipher_session(
> - ts_params->valid_devs[0],
> - (verify ? RTE_CRYPTO_CIPHER_OP_DECRYPT
> - : RTE_CRYPTO_CIPHER_OP_ENCRYPT),
> - (verify ? RTE_CRYPTO_AUTH_OP_VERIFY
> - : RTE_CRYPTO_AUTH_OP_GENERATE),
> - tdata->auth_algo,
> - tdata->cipher_algo,
> - tdata->auth_key.data, tdata->auth_key.len,
> - tdata->auth_iv.len, tdata->digest_enc.len,
> - tdata->cipher_iv.len);
> -
> + if (verify)
> + retval = create_wireless_algo_cipher_auth_session(
> + ts_params->valid_devs[0],
> + RTE_CRYPTO_CIPHER_OP_DECRYPT,
> + RTE_CRYPTO_AUTH_OP_VERIFY,
> + tdata->auth_algo,
> + tdata->cipher_algo,
> + tdata->auth_key.data, tdata->auth_key.len,
> + tdata->auth_iv.len, tdata->digest_enc.len,
> + tdata->cipher_iv.len);
> + else
> + retval = create_wireless_algo_auth_cipher_session(
> + ts_params->valid_devs[0],
> + RTE_CRYPTO_CIPHER_OP_ENCRYPT,
> + RTE_CRYPTO_AUTH_OP_GENERATE,
> + tdata->auth_algo,
> + tdata->cipher_algo,
> + tdata->auth_key.data, tdata->auth_key.len,
> + tdata->auth_iv.len, tdata->digest_enc.len,
> + tdata->cipher_iv.len);
Why are these changes done? It looked better previously.
> if (retval < 0)
> return retval;
>
> @@ -6642,25 +6690,45 @@ test_mixed_auth_cipher(const struct
> mixed_cipher_auth_test_data *tdata,
> }
>
> /* Create the operation */
> - retval = create_wireless_algo_auth_cipher_operation(
> - tdata->digest_enc.len,
> - tdata->cipher_iv.data, tdata->cipher_iv.len,
> - tdata->auth_iv.data, tdata->auth_iv.len,
> - (tdata->digest_enc.offset == 0 ?
> - (verify ? ciphertext_pad_len : plaintext_pad_len)
> - : tdata->digest_enc.offset),
> - tdata->validCipherLen.len_bits,
> - tdata->cipher.offset_bits,
> - tdata->validAuthLen.len_bits,
> - tdata->auth.offset_bits,
> - op_mode, 0);
> -
> + if (verify)
> + retval = create_wireless_algo_cipher_hash_operation(
> + tdata->digest_enc.data, tdata->digest_enc.len,
> + tdata->auth_iv.data, tdata->auth_iv.len,
> + plaintext_len, RTE_CRYPTO_AUTH_OP_VERIFY,
> + tdata->cipher_iv.data, tdata->cipher_iv.len,
> + tdata->validCipherLen.len_bits,
> + tdata->cipher.offset_bits,
> + tdata->validAuthLen.len_bits,
> + tdata->auth.offset_bits);
> + else
> + retval = create_wireless_algo_auth_cipher_operation(
> + tdata->digest_enc.len,
> + tdata->cipher_iv.data, tdata->cipher_iv.len,
> + tdata->auth_iv.data, tdata->auth_iv.len,
> + (tdata->digest_enc.offset == 0 ?
> + plaintext_pad_len
> + : tdata->digest_enc.offset),
> + tdata->validCipherLen.len_bits,
> + tdata->cipher.offset_bits,
> + tdata->validAuthLen.len_bits,
> + tdata->auth.offset_bits,
> + op_mode, 0);
> if (retval < 0)
> return retval;
>
> - ut_params->op = process_crypto_request(ts_params->valid_devs[0],
> + op = process_crypto_request(ts_params->valid_devs[0],
> ut_params->op);
>
> + /* Check if the op failed because the device doesn't */
> + /* support this particular combination of algorithms */
> + if (op == NULL && ut_params->op->status ==
> + RTE_CRYPTO_OP_STATUS_INVALID_SESSION) {
> + printf("Device doesn't support this mixed combination. "
> + "Test Skipped.\n");
> + return -ENOTSUP;
> + }
> + ut_params->op = op;
> +
> TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf");
>
> ut_params->obuf = (op_mode == IN_PLACE ?
> @@ -6675,12 +6743,10 @@ test_mixed_auth_cipher(const struct
> mixed_cipher_auth_test_data *tdata,
> (tdata->cipher.offset_bits >> 3);
>
> debug_hexdump(stdout, "plaintext:", plaintext,
> - (tdata->plaintext.len_bits >> 3) -
> - tdata->digest_enc.len);
> + tdata->plaintext.len_bits >> 3);
> debug_hexdump(stdout, "plaintext expected:",
> tdata->plaintext.data,
> - (tdata->plaintext.len_bits >> 3) -
> - tdata->digest_enc.len);
> + tdata->plaintext.len_bits >> 3);
> } else {
> if (ut_params->obuf)
> ciphertext = rte_pktmbuf_mtod(ut_params->obuf,
> @@ -6725,6 +6791,10 @@ test_mixed_auth_cipher(const struct
> mixed_cipher_auth_test_data *tdata,
> DIGEST_BYTE_LENGTH_SNOW3G_UIA2,
> "Generated auth tag not as expected");
> }
> +
> + TEST_ASSERT_EQUAL(ut_params->op->status,
> RTE_CRYPTO_OP_STATUS_SUCCESS,
> + "crypto op processing failed");
> +
> return 0;
> }
>
> @@ -6748,6 +6818,7 @@ test_mixed_auth_cipher_sgl(const struct
> mixed_cipher_auth_test_data *tdata,
> uint8_t digest_buffer[10000];
>
> struct rte_cryptodev_info dev_info;
> + struct rte_crypto_op *op;
>
> /* Check if device supports particular algorithms */
> if (test_mixed_check_if_unsupported(tdata))
> @@ -6776,18 +6847,26 @@ test_mixed_auth_cipher_sgl(const struct
> mixed_cipher_auth_test_data *tdata,
> }
>
> /* Create the session */
> - retval = create_wireless_algo_auth_cipher_session(
> - ts_params->valid_devs[0],
> - (verify ? RTE_CRYPTO_CIPHER_OP_DECRYPT
> - : RTE_CRYPTO_CIPHER_OP_ENCRYPT),
> - (verify ? RTE_CRYPTO_AUTH_OP_VERIFY
> - : RTE_CRYPTO_AUTH_OP_GENERATE),
> - tdata->auth_algo,
> - tdata->cipher_algo,
> - tdata->auth_key.data, tdata->auth_key.len,
> - tdata->auth_iv.len, tdata->digest_enc.len,
> - tdata->cipher_iv.len);
> -
> + if (verify)
> + retval = create_wireless_algo_cipher_auth_session(
> + ts_params->valid_devs[0],
> + RTE_CRYPTO_CIPHER_OP_DECRYPT,
> + RTE_CRYPTO_AUTH_OP_VERIFY,
> + tdata->auth_algo,
> + tdata->cipher_algo,
> + tdata->auth_key.data, tdata->auth_key.len,
> + tdata->auth_iv.len, tdata->digest_enc.len,
> + tdata->cipher_iv.len);
> + else
> + retval = create_wireless_algo_auth_cipher_session(
> + ts_params->valid_devs[0],
> + RTE_CRYPTO_CIPHER_OP_ENCRYPT,
> + RTE_CRYPTO_AUTH_OP_GENERATE,
> + tdata->auth_algo,
> + tdata->cipher_algo,
> + tdata->auth_key.data, tdata->auth_key.len,
> + tdata->auth_iv.len, tdata->digest_enc.len,
> + tdata->cipher_iv.len);
> if (retval < 0)
> return retval;
>
> @@ -6797,7 +6876,7 @@ test_mixed_auth_cipher_sgl(const struct
> mixed_cipher_auth_test_data *tdata,
> plaintext_pad_len = RTE_ALIGN_CEIL(plaintext_len, 16);
>
> ut_params->ibuf = create_segmented_mbuf(ts_params->mbuf_pool,
> - plaintext_pad_len, 15, 0);
> + ciphertext_pad_len, 15, 0);
> TEST_ASSERT_NOT_NULL(ut_params->ibuf,
> "Failed to allocate input buffer in mempool");
>
> @@ -6826,25 +6905,46 @@ test_mixed_auth_cipher_sgl(const struct
> mixed_cipher_auth_test_data *tdata,
> memset(buffer, 0, sizeof(buffer));
>
> /* Create the operation */
> - retval = create_wireless_algo_auth_cipher_operation(
> - tdata->digest_enc.len,
> - tdata->cipher_iv.data, tdata->cipher_iv.len,
> - tdata->auth_iv.data, tdata->auth_iv.len,
> - (tdata->digest_enc.offset == 0 ?
> - (verify ? ciphertext_pad_len : plaintext_pad_len)
> - : tdata->digest_enc.offset),
> - tdata->validCipherLen.len_bits,
> - tdata->cipher.offset_bits,
> - tdata->validAuthLen.len_bits,
> - tdata->auth.offset_bits,
> - op_mode, 1);
> -
> + if (verify)
> + retval = create_wireless_algo_cipher_hash_operation(
> + tdata->digest_enc.data, tdata->digest_enc.len,
> + tdata->auth_iv.data, tdata->auth_iv.len,
> + plaintext_len, RTE_CRYPTO_AUTH_OP_VERIFY,
> + tdata->cipher_iv.data, tdata->cipher_iv.len,
> + tdata->validCipherLen.len_bits,
> + tdata->cipher.offset_bits,
> + tdata->validAuthLen.len_bits,
> + tdata->auth.offset_bits);
> + else
> + retval = create_wireless_algo_auth_cipher_operation(
> + tdata->digest_enc.len,
> + tdata->cipher_iv.data, tdata->cipher_iv.len,
> + tdata->auth_iv.data, tdata->auth_iv.len,
> + (tdata->digest_enc.offset == 0 ?
> + plaintext_pad_len
> + : tdata->digest_enc.offset),
> + tdata->validCipherLen.len_bits,
> + tdata->cipher.offset_bits,
> + tdata->validAuthLen.len_bits,
> + tdata->auth.offset_bits,
> + op_mode, 1);
> if (retval < 0)
> return retval;
>
> - ut_params->op = process_crypto_request(ts_params->valid_devs[0],
> + op = process_crypto_request(ts_params->valid_devs[0],
> ut_params->op);
>
> + /* Check if the op failed because the device doesn't */
> + /* support this particular combination of algorithms */
> + if (op == NULL && ut_params->op->status ==
> + RTE_CRYPTO_OP_STATUS_INVALID_SESSION) {
> + printf("Device doesn't support this mixed combination. "
> + "Test Skipped.\n");
> + return -ENOTSUP;
> + }
> +
> + ut_params->op = op;
> +
> TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf");
>
> ut_params->obuf = (op_mode == IN_PLACE ?
> @@ -6917,6 +7017,10 @@ test_mixed_auth_cipher_sgl(const struct
> mixed_cipher_auth_test_data *tdata,
> tdata->digest_enc.len,
> "Generated auth tag not as expected");
> }
> +
> + TEST_ASSERT_EQUAL(ut_params->op->status,
> RTE_CRYPTO_OP_STATUS_SUCCESS,
> + "crypto op processing failed");
> +
> return 0;
> }
>
> @@ -6978,6 +7082,176 @@
> test_verify_aes_cmac_aes_ctr_digest_enc_test_case_1_oop_sgl(void)
> &auth_aes_cmac_cipher_aes_ctr_test_case_1, OUT_OF_PLACE,
> 1);
> }
>
Can we have a single function to execute all cases with some function arguments?
> +/** MIXED AUTH + CIPHER */
> +
> +static int
> +test_auth_zuc_cipher_snow_test_case_1(void)
> +{
> + return test_mixed_auth_cipher(
> + &auth_zuc_cipher_snow_test_case_1, OUT_OF_PLACE, 0);
> +}
> +
> +static int
> +test_verify_auth_zuc_cipher_snow_test_case_1(void)
> +{
> + return test_mixed_auth_cipher(
> + &auth_zuc_cipher_snow_test_case_1, OUT_OF_PLACE, 1);
> +}
> +
> +static int
> +test_auth_aes_cmac_cipher_snow_test_case_1(void)
> +{
> + return test_mixed_auth_cipher(
> + &auth_aes_cmac_cipher_snow_test_case_1, OUT_OF_PLACE,
> 0);
> +}
> +
> +static int
> +test_verify_auth_aes_cmac_cipher_snow_test_case_1(void)
> +{
> + return test_mixed_auth_cipher(
> + &auth_aes_cmac_cipher_snow_test_case_1, OUT_OF_PLACE,
> 1);
> +}
> +
> +static int
> +test_auth_zuc_cipher_aes_ctr_test_case_1(void)
> +{
> + return test_mixed_auth_cipher(
> + &auth_zuc_cipher_aes_ctr_test_case_1, OUT_OF_PLACE, 0);
> +}
> +
> +static int
> +test_verify_auth_zuc_cipher_aes_ctr_test_case_1(void)
> +{
> + return test_mixed_auth_cipher(
> + &auth_zuc_cipher_aes_ctr_test_case_1, OUT_OF_PLACE, 1);
> +}
> +
> +static int
> +test_auth_snow_cipher_aes_ctr_test_case_1(void)
> +{
> + return test_mixed_auth_cipher(
> + &auth_snow_cipher_aes_ctr_test_case_1, OUT_OF_PLACE, 0);
> +}
> +
> +static int
> +test_verify_auth_snow_cipher_aes_ctr_test_case_1(void)
> +{
> + return test_mixed_auth_cipher(
> + &auth_snow_cipher_aes_ctr_test_case_1, OUT_OF_PLACE, 1);
> +}
> +
> +static int
> +test_auth_snow_cipher_zuc_test_case_1(void)
> +{
> + return test_mixed_auth_cipher(
> + &auth_snow_cipher_zuc_test_case_1, OUT_OF_PLACE, 0);
> +}
> +
> +static int
> +test_verify_auth_snow_cipher_zuc_test_case_1(void)
> +{
> + return test_mixed_auth_cipher(
> + &auth_snow_cipher_zuc_test_case_1, OUT_OF_PLACE, 1);
> +}
> +
> +static int
> +test_auth_aes_cmac_cipher_zuc_test_case_1(void)
> +{
> + return test_mixed_auth_cipher(
> + &auth_aes_cmac_cipher_zuc_test_case_1, OUT_OF_PLACE, 0);
> +}
> +
> +static int
> +test_verify_auth_aes_cmac_cipher_zuc_test_case_1(void)
> +{
> + return test_mixed_auth_cipher(
> + &auth_aes_cmac_cipher_zuc_test_case_1, OUT_OF_PLACE, 1);
> +}
> +
> +static int
> +test_auth_null_cipher_snow_test_case_1(void)
> +{
> + return test_mixed_auth_cipher(
> + &auth_null_cipher_snow_test_case_1, OUT_OF_PLACE, 0);
> +}
> +
> +static int
> +test_verify_auth_null_cipher_snow_test_case_1(void)
> +{
> + return test_mixed_auth_cipher(
> + &auth_null_cipher_snow_test_case_1, OUT_OF_PLACE, 1);
> +}
> +
> +static int
> +test_auth_null_cipher_zuc_test_case_1(void)
> +{
> + return test_mixed_auth_cipher(
> + &auth_null_cipher_zuc_test_case_1, OUT_OF_PLACE, 0);
> +}
> +
> +static int
> +test_verify_auth_null_cipher_zuc_test_case_1(void)
> +{
> + return test_mixed_auth_cipher(
> + &auth_null_cipher_zuc_test_case_1, OUT_OF_PLACE, 1);
> +}
> +
> +static int
> +test_auth_snow_cipher_null_test_case_1(void)
> +{
> + return test_mixed_auth_cipher(
> + &auth_snow_cipher_null_test_case_1, OUT_OF_PLACE, 0);
> +}
> +
> +static int
> +test_verify_auth_snow_cipher_null_test_case_1(void)
> +{
> + return test_mixed_auth_cipher(
> + &auth_snow_cipher_null_test_case_1, OUT_OF_PLACE, 1);
> +}
> +
> +static int
> +test_auth_zuc_cipher_null_test_case_1(void)
> +{
> + return test_mixed_auth_cipher(
> + &auth_zuc_cipher_null_test_case_1, OUT_OF_PLACE, 0);
> +}
> +
> +static int
> +test_verify_auth_zuc_cipher_null_test_case_1(void)
> +{
> + return test_mixed_auth_cipher(
> + &auth_zuc_cipher_null_test_case_1, OUT_OF_PLACE, 1);
> +}
> +
> +static int
> +test_auth_null_cipher_aes_ctr_test_case_1(void)
> +{
> + return test_mixed_auth_cipher(
> + &auth_null_cipher_aes_ctr_test_case_1, OUT_OF_PLACE, 0);
> +}
> +
> +static int
> +test_verify_auth_null_cipher_aes_ctr_test_case_1(void)
> +{
> + return test_mixed_auth_cipher(
> + &auth_null_cipher_aes_ctr_test_case_1, OUT_OF_PLACE, 1);
> +}
> +
> +static int
> +test_auth_aes_cmac_cipher_null_test_case_1(void)
> +{
> + return test_mixed_auth_cipher(
> + &auth_aes_cmac_cipher_null_test_case_1, OUT_OF_PLACE, 0);
> +}
> +
> +static int
> +test_verify_auth_aes_cmac_cipher_null_test_case_1(void)
> +{
> + return test_mixed_auth_cipher(
> + &auth_aes_cmac_cipher_null_test_case_1, OUT_OF_PLACE, 1);
> +}
> +
> static int
> test_3DES_chain_qat_all(void)
> {
> @@ -12288,6 +12562,68 @@ static struct unit_test_suite
> cryptodev_qat_testsuite = {
> TEST_CASE_ST(ut_setup, ut_teardown,
>
> test_verify_aes_cmac_aes_ctr_digest_enc_test_case_1_oop_sgl),
>
> + /** AUTH ZUC + CIPHER SNOW3G */
> + TEST_CASE_ST(ut_setup, ut_teardown,
> + test_auth_zuc_cipher_snow_test_case_1),
> + TEST_CASE_ST(ut_setup, ut_teardown,
> + test_verify_auth_zuc_cipher_snow_test_case_1),
> + /** AUTH AES CMAC + CIPHER SNOW3G */
> + TEST_CASE_ST(ut_setup, ut_teardown,
> + test_auth_aes_cmac_cipher_snow_test_case_1),
> + TEST_CASE_ST(ut_setup, ut_teardown,
> + test_verify_auth_aes_cmac_cipher_snow_test_case_1),
> + /** AUTH ZUC + CIPHER AES CTR */
> + TEST_CASE_ST(ut_setup, ut_teardown,
> + test_auth_zuc_cipher_aes_ctr_test_case_1),
> + TEST_CASE_ST(ut_setup, ut_teardown,
> + test_verify_auth_zuc_cipher_aes_ctr_test_case_1),
> + /** AUTH SNOW3G + CIPHER AES CTR */
> + TEST_CASE_ST(ut_setup, ut_teardown,
> + test_auth_snow_cipher_aes_ctr_test_case_1),
> + TEST_CASE_ST(ut_setup, ut_teardown,
> + test_verify_auth_snow_cipher_aes_ctr_test_case_1),
> + /** AUTH SNOW3G + CIPHER ZUC */
> + TEST_CASE_ST(ut_setup, ut_teardown,
> + test_auth_snow_cipher_zuc_test_case_1),
> + TEST_CASE_ST(ut_setup, ut_teardown,
> + test_verify_auth_snow_cipher_zuc_test_case_1),
> + /** AUTH AES CMAC + CIPHER ZUC */
> + TEST_CASE_ST(ut_setup, ut_teardown,
> + test_auth_aes_cmac_cipher_zuc_test_case_1),
> + TEST_CASE_ST(ut_setup, ut_teardown,
> + test_verify_auth_aes_cmac_cipher_zuc_test_case_1),
> +
> + /** AUTH NULL + CIPHER SNOW3G */
> + TEST_CASE_ST(ut_setup, ut_teardown,
> + test_auth_null_cipher_snow_test_case_1),
> + TEST_CASE_ST(ut_setup, ut_teardown,
> + test_verify_auth_null_cipher_snow_test_case_1),
> + /** AUTH NULL + CIPHER ZUC */
> + TEST_CASE_ST(ut_setup, ut_teardown,
> + test_auth_null_cipher_zuc_test_case_1),
> + TEST_CASE_ST(ut_setup, ut_teardown,
> + test_verify_auth_null_cipher_zuc_test_case_1),
> + /** AUTH SNOW3G + CIPHER NULL */
> + TEST_CASE_ST(ut_setup, ut_teardown,
> + test_auth_snow_cipher_null_test_case_1),
> + TEST_CASE_ST(ut_setup, ut_teardown,
> + test_verify_auth_snow_cipher_null_test_case_1),
> + /** AUTH ZUC + CIPHER NULL */
> + TEST_CASE_ST(ut_setup, ut_teardown,
> + test_auth_zuc_cipher_null_test_case_1),
> + TEST_CASE_ST(ut_setup, ut_teardown,
> + test_verify_auth_zuc_cipher_null_test_case_1),
> + /** AUTH NULL + CIPHER AES CTR */
> + TEST_CASE_ST(ut_setup, ut_teardown,
> + test_auth_null_cipher_aes_ctr_test_case_1),
> + TEST_CASE_ST(ut_setup, ut_teardown,
> + test_verify_auth_null_cipher_aes_ctr_test_case_1),
> + /** AUTH AES CMAC + CIPHER NULL */
> + TEST_CASE_ST(ut_setup, ut_teardown,
> + test_auth_aes_cmac_cipher_null_test_case_1),
> + TEST_CASE_ST(ut_setup, ut_teardown,
> + test_verify_auth_aes_cmac_cipher_null_test_case_1),
> +
> TEST_CASES_END() /**< NULL terminate unit test array */
> }
> };
More information about the dev
mailing list