[v1,05/10] examples/fips_validation: add CCM JSON validation

  Add support in fips_validation to parse CCM JSON vectors.

Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
---
 doc/guides/sample_app_ug/fips_validation.rst  |   1 +
 examples/fips_validation/fips_validation.c    |   2 +
 examples/fips_validation/fips_validation.h    |   3 +
 .../fips_validation/fips_validation_ccm.c     | 132 ++++++++++++++++++
 examples/fips_validation/main.c               |   3 +
 5 files changed, 141 insertions(+)
  

> -----Original Message-----
> From: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
> Sent: Monday 6 February 2023 14:46
> To: dev@dpdk.org
> Cc: Anoob Joseph <anoobj@marvell.com>; jerinj@marvell.com; Akhil Goyal
> <gakhil@marvell.com>; Dooley, Brian <brian.dooley@intel.com>;
> Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
> Subject: [v1, 05/10] examples/fips_validation: add CCM JSON validation
> 
> Add support in fips_validation to parse CCM JSON vectors.
> 
> Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
> ---
>  doc/guides/sample_app_ug/fips_validation.rst  |   1 +
>  examples/fips_validation/fips_validation.c    |   2 +
>  examples/fips_validation/fips_validation.h    |   3 +
>  .../fips_validation/fips_validation_ccm.c     | 132 ++++++++++++++++++
>  examples/fips_validation/main.c               |   3 +
>  5 files changed, 141 insertions(+)
> 
> diff --git a/doc/guides/sample_app_ug/fips_validation.rst
> b/doc/guides/sample_app_ug/fips_validation.rst
> index 4fc8297b34..613c5afd19 100644
> --- a/doc/guides/sample_app_ug/fips_validation.rst
> +++ b/doc/guides/sample_app_ug/fips_validation.rst
> @@ -60,6 +60,7 @@ ACVP
>  * Supported test vectors
>      * AES-CBC (128,192,256) - AFT, MCT
>      * AES-GCM (128,192,256) - AFT
> +    * AES-CCM (128,192,256) - AFT
>      * AES-CMAC (128,192,256) - AFT
>      * AES-CTR (128,192,256) - AFT, CTR
>      * AES-GMAC (128,192,256) - AFT
> diff --git a/examples/fips_validation/fips_validation.c
> b/examples/fips_validation/fips_validation.c
> index d3b6099d73..f840804009 100644
> --- a/examples/fips_validation/fips_validation.c
> +++ b/examples/fips_validation/fips_validation.c
> @@ -460,6 +460,8 @@ fips_test_parse_one_json_vector_set(void)
>  	/* Vector sets contain the algorithm type, and nothing else we need.
> */
>  	if (strstr(algo_str, "AES-GCM"))
>  		info.algo = FIPS_TEST_ALGO_AES_GCM;
> +	else if (strstr(algo_str, "AES-CCM"))
> +		info.algo = FIPS_TEST_ALGO_AES_CCM;
>  	else if (strstr(algo_str, "AES-GMAC"))
>  		info.algo = FIPS_TEST_ALGO_AES_GMAC;
>  	else if (strstr(algo_str, "HMAC"))
> diff --git a/examples/fips_validation/fips_validation.h
> b/examples/fips_validation/fips_validation.h
> index 8fcb5c8500..c4988053c1 100644
> --- a/examples/fips_validation/fips_validation.h
> +++ b/examples/fips_validation/fips_validation.h
> @@ -338,6 +338,9 @@ fips_test_parse_one_json_case(void);
>  int
>  parse_test_gcm_json_init(void);
> 
> +int
> +parse_test_ccm_json_init(void);
> +
>  int
>  parse_test_hmac_json_init(void);
> 
> diff --git a/examples/fips_validation/fips_validation_ccm.c
> b/examples/fips_validation/fips_validation_ccm.c
> index 632999c1e4..0e3ee0d247 100644
> --- a/examples/fips_validation/fips_validation_ccm.c
> +++ b/examples/fips_validation/fips_validation_ccm.c
> @@ -34,6 +34,18 @@
>  #define POS_KEYWORD	"Pass"
>  #define NEG_KEYWORD	"Fail"
> 
> +#define DIR_JSON_STR	"direction"
> +#define IVLEN_JSON_STR		"ivLen"
> +#define PTLEN_JSON_STR	"payloadLen"
> +#define AADLEN_JSON_STR		"aadLen"
> +#define TAGLEN_JSON_STR		"tagLen"
> +#define KEYLEN_JSON_STR		"keyLen"
> +#define PT_JSON_STR		"pt"
> +#define CT_JSON_STR		"ct"
> +#define KEY_JSON_STR		"key"
> +#define IV_JSON_STR		"iv"
> +#define AAD_JSON_STR		"aad"
> +
>  static int
>  parser_dvpt_interim(const char *key, char *src, struct fips_val *val)  { @@ -
> 206,6 +218,126 @@ struct ccm_test_types {
>  			FIPS_TEST_ENC_AUTH_GEN},
>  };
> 
> +#ifdef USE_JANSSON
> +static int
> +parser_read_ccm_direction_str(__rte_unused const char *key, char *src,
> +	__rte_unused struct fips_val *val)
> +{
> +	if (strcmp(src, "encrypt") == 0)
> +		info.op = FIPS_TEST_ENC_AUTH_GEN;
> +	else if (strcmp(src, "decrypt") == 0)
> +		info.op = FIPS_TEST_DEC_AUTH_VERIF;
> +
> +	return 0;
> +}
> +
> +static int
> +parser_read_ccm_aad_str(const char *key, char *src, struct fips_val
> +*val) {
> +	struct fips_val tmp_val = {0};
> +	uint32_t len = val->len;
> +
> +	/* CCM aad requires 18 bytes padding before the real content */
> +	val->val = rte_zmalloc(NULL, len + 18, 0);
> +	if (!val->val)
> +		return -1;
> +
> +	if (parse_uint8_hex_str(key, src, &tmp_val) < 0)
> +		return -1;
> +
> +	memcpy(val->val + 18, tmp_val.val, val->len);
> +	rte_free(tmp_val.val);
> +
> +	return 0;
> +}
> +
> +static int
> +parse_read_ccm_ct_str(const char *key, char *src, struct fips_val *val)
> +{
> +	int ret;
> +
> +	val->len = vec.pt.len;
> +
> +	ret = parse_uint8_known_len_hex_str(key, src, val);
> +	if (ret < 0)
> +		return ret;
> +
> +	src += val->len * 2;
> +
> +	ret = parse_uint8_known_len_hex_str("", src, &vec.aead.digest);
> +	if (ret < 0) {
> +		rte_free(val->val);
> +		memset(val, 0, sizeof(*val));
> +		return ret;
> +	}
> +
> +	return 0;
> +}
> +
> +struct fips_test_callback ccm_tests_interim_json_vectors[] = {
> +	{DIR_JSON_STR, parser_read_ccm_direction_str, NULL},
> +	{IVLEN_JSON_STR, parser_read_uint32_bit_val, &vec.iv},
> +	{PTLEN_JSON_STR, parser_read_uint32_bit_val, &vec.pt},
> +	{AADLEN_JSON_STR, parser_read_uint32_bit_val, &vec.aead.aad},
> +	{TAGLEN_JSON_STR, parser_read_uint32_bit_val,
> &vec.aead.digest},
> +	{KEYLEN_JSON_STR, parser_read_uint32_bit_val, &vec.aead.key},
> +	{NULL, NULL, NULL} /**< end pointer */ };
> +
> +struct fips_test_callback ccm_tests_json_vectors[] = {
> +	{PT_JSON_STR, parse_uint8_known_len_hex_str, &vec.pt},
> +	{CT_JSON_STR, parse_read_ccm_ct_str, &vec.ct},
> +	{KEY_JSON_STR, parse_uint8_known_len_hex_str, &vec.aead.key},
> +	{IV_JSON_STR, parse_uint8_known_len_hex_str, &vec.iv},
> +	{AAD_JSON_STR, parser_read_ccm_aad_str, &vec.aead.aad},
> +	{NULL, NULL, NULL} /**< end pointer */ };
> +
> +static int
> +parse_test_ccm_json_writeback(struct fips_val *val) {
> +	struct fips_val tmp_val;
> +	json_t *tcId;
> +
> +	tcId = json_object_get(json_info.json_test_case, "tcId");
> +	json_info.json_write_case = json_object();
> +	json_object_set(json_info.json_write_case, "tcId", tcId);
> +
> +	if (info.op == FIPS_TEST_ENC_AUTH_GEN) {
> +		json_t *ct;
> +
> +		info.one_line_text[0] = '\0';
> +		writeback_hex_str("", info.one_line_text, val);
> +		ct = json_string(info.one_line_text);
> +		json_object_set_new(json_info.json_write_case,
> CT_JSON_STR, ct);
> +	} else {
> +		if (vec.status == RTE_CRYPTO_OP_STATUS_SUCCESS) {
> +			tmp_val.val = val->val;
> +			tmp_val.len = vec.pt.len;
> +
> +			info.one_line_text[0] = '\0';
> +			writeback_hex_str("", info.one_line_text,
> &tmp_val);
> +			json_object_set_new(json_info.json_write_case,
> PT_JSON_STR,
> +				json_string(info.one_line_text));
> +		}  else {
> +			json_object_set_new(json_info.json_write_case,
> "testPassed",
> +				json_false());
> +		}
> +	}
> +
> +	return 0;
> +}
> +
> +int
> +parse_test_ccm_json_init(void)
> +{
> +	info.interim_callbacks = ccm_tests_interim_json_vectors;
> +	info.parse_writeback = parse_test_ccm_json_writeback;
> +	info.callbacks = ccm_tests_json_vectors;
> +	return 0;
> +}
> +#endif /* USE_JANSSON */
> +
>  static int
>  parse_test_ccm_writeback(struct fips_val *val)  { diff --git
> a/examples/fips_validation/main.c b/examples/fips_validation/main.c index
> 52076160b5..1974dc959b 100644
> --- a/examples/fips_validation/main.c
> +++ b/examples/fips_validation/main.c
> @@ -2677,6 +2677,9 @@ fips_test_one_test_group(void)
>  	case FIPS_TEST_ALGO_AES_GCM:
>  		ret = parse_test_gcm_json_init();
>  		break;
> +	case FIPS_TEST_ALGO_AES_CCM:
> +		ret = parse_test_ccm_json_init();
> +		break;
>  	case FIPS_TEST_ALGO_HMAC:
>  		ret = parse_test_hmac_json_init();
>  		break;
> --
> 2.25.1

Acked-by: Brian Dooley <brian.dooley@intel.com>