From patchwork Fri Nov 3 13:30:37 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sivaramakrishnan Venkat X-Patchwork-Id: 133898 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@inbox.dpdk.org Delivered-To: patchwork@inbox.dpdk.org Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 12B1F432B0; Mon, 6 Nov 2023 15:18:20 +0100 (CET) Received: from mails.dpdk.org (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id E49DF406B8; Mon, 6 Nov 2023 15:18:15 +0100 (CET) Received: from mgamail.intel.com (mgamail.intel.com [192.55.52.115]) by mails.dpdk.org (Postfix) with ESMTP id 1088F40273; Fri, 3 Nov 2023 14:30:49 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1699018250; x=1730554250; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=dwJxZlZhhy7hIvbzQJnf9sRdlbnvOB79bIwuehFZfZQ=; b=Vsx9IqS9Yu0sr+/2X+X9hBKK9D9sWmP7IAkuI4jfvxXd0wJjpWSqacw3 BtbHbcUfggBvV2dBR2dZ5veMd3GxMrnH3COuibLFI+QoIOaFp2KHKrABO n4GS1UUbn2ue3VlaMfPTWOfrV2ehSSicPG+kw5ZfE/QTSEl4hg1+iz8zO ctk9V80c0yi6K522KdXlQnMzDFCCQlOwZFouMEwR26DWDTP33Ae/b9u/w 5cau3/E8iAn7I7llIse9le7sIljzI2PbCgrR6rMkkWZqKM2GvYUD9nKrr I3npZgZi74J1F8TeUx455zeRWnPS5THqCDzlNq+VpdOR2z2ihUn1rfDc1 w==; X-IronPort-AV: E=McAfee;i="6600,9927,10883"; a="388770147" X-IronPort-AV: E=Sophos;i="6.03,273,1694761200"; d="scan'208";a="388770147" Received: from orviesa001.jf.intel.com ([10.64.159.141]) by fmsmga103.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 03 Nov 2023 06:30:49 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.03,273,1694761200"; d="scan'208";a="9378774" Received: from silpixa00401012.ir.intel.com ([10.243.22.112]) by orviesa001.jf.intel.com with ESMTP; 03 Nov 2023 06:30:48 -0700 From: Sivaramakrishnan Venkat To: Akhil Goyal , Fan Zhang Cc: dev@dpdk.org, stable@dpdk.org, Sivaramakrishnan Venkat Subject: [PATCH 2/2] test/crypto: add negative test cases for cipher buffer alignment Date: Fri, 3 Nov 2023 13:30:37 +0000 Message-Id: <20231103133037.782512-2-venkatx.sivaramakrishnan@intel.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231103133037.782512-1-venkatx.sivaramakrishnan@intel.com> References: <20231103133037.782512-1-venkatx.sivaramakrishnan@intel.com> MIME-Version: 1.0 X-Mailman-Approved-At: Mon, 06 Nov 2023 15:18:13 +0100 X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org add negative test cases for 3DES CBC and AES CBC cipher algorithms for buffer misalignment Signed-off-by: Sivaramakrishnan Venkat Acked-by: Kai Ji --- app/test/test_cryptodev.c | 321 ++++++++++++++++++++- app/test/test_cryptodev_aes_test_vectors.h | 119 ++++++++ app/test/test_cryptodev_blockcipher.c | 20 +- app/test/test_cryptodev_blockcipher.h | 1 + app/test/test_cryptodev_des_test_vectors.h | 38 +++ 5 files changed, 491 insertions(+), 8 deletions(-) diff --git a/app/test/test_cryptodev.c b/app/test/test_cryptodev.c index d2c4c6f8b5..12e0cf8044 100644 --- a/app/test/test_cryptodev.c +++ b/app/test/test_cryptodev.c @@ -1371,6 +1371,42 @@ negative_hmac_sha1_testsuite_setup(void) return 0; } +static int +negative_input_buffer_misalignment_testsuite_setup(void) +{ + struct crypto_testsuite_params *ts_params = &testsuite_params; + uint8_t dev_id = ts_params->valid_devs[0]; + struct rte_cryptodev_info dev_info; + const enum rte_crypto_cipher_algorithm ciphers[] = { + RTE_CRYPTO_CIPHER_3DES_CBC, + RTE_CRYPTO_CIPHER_AES_CBC + }; + const enum rte_crypto_auth_algorithm auths[] = { + RTE_CRYPTO_AUTH_SHA256, + RTE_CRYPTO_AUTH_SHA256, + }; + + rte_cryptodev_info_get(dev_id, &dev_info); + + if (!(dev_info.feature_flags & RTE_CRYPTODEV_FF_SYMMETRIC_CRYPTO) || + ((global_api_test_type == CRYPTODEV_RAW_API_TEST) && + !(dev_info.feature_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) { + RTE_LOG(INFO, USER1, "Feature flag requirements for Negative " + "Input Buffer misalignment testsuite not met\n"); + return TEST_SKIPPED; + } + + if (check_cipher_capabilities_supported(ciphers, RTE_DIM(ciphers)) != 0 + && check_auth_capabilities_supported(auths, + RTE_DIM(auths)) != 0) { + RTE_LOG(INFO, USER1, "Capability requirements for Negative " + "Input Buffer misalignment testsuite not met\n"); + return TEST_SKIPPED; + } + + return 0; +} + static int dev_configure_and_start(uint64_t ff_disable) { @@ -14469,6 +14505,192 @@ aes128cbc_hmac_sha1_test_vector = { } }; +static const struct test_crypto_vector +aes128cbc_sha256_misalign_test_vector = { + .crypto_algo = RTE_CRYPTO_CIPHER_AES_CBC, + .cipher_offset = 0, + .cipher_len = 511, + .cipher_key = { + .data = { + 0xE4, 0x23, 0x33, 0x8A, 0x35, 0x64, 0x61, 0xE2, + 0x49, 0x03, 0xDD, 0xC6, 0xB8, 0xCA, 0x55, 0x7A + }, + .len = 16 + }, + .iv = { + .data = { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F + }, + .len = 16 + }, + .plaintext = { + .data = plaintext_aes_common, + .len = 511 + }, + .ciphertext = { + .data = ciphertext512_aes128cbc, + .len = 511 + }, + .auth_algo = RTE_CRYPTO_AUTH_SHA256, + .auth_offset = 0, + .auth_key = { + .data = { + 0x42, 0x1A, 0x7D, 0x3D, 0xF5, 0x82, 0x80, 0xF1, + 0xF1, 0x35, 0x5C, 0x3B, 0xDD, 0x9A, 0x65, 0xBA, + 0x58, 0x34, 0x85, 0x61, 0x1C, 0x42, 0x10, 0x76, + 0x9A, 0x4F, 0x88, 0x1B, 0xB6, 0x8F, 0xD8, 0x60 + }, + .len = 32 + }, + .digest = { + .data = { + 0xA8, 0xBC, 0xDB, 0x99, 0xAA, 0x45, 0x91, 0xA3, + 0x2D, 0x75, 0x41, 0x92, 0x28, 0x01, 0x87, 0x5D, + 0x45, 0xED, 0x49, 0x05, 0xD3, 0xAE, 0x32, 0x57, + 0xB7, 0x79, 0x65, 0xFC, 0xFA, 0x6C, 0xFA, 0xDF + }, + .len = 32 + } +}; + +static const struct test_crypto_vector +aes192cbc_sha256_misalign_test_vector = { + .crypto_algo = RTE_CRYPTO_CIPHER_AES_CBC, + .cipher_offset = 0, + .cipher_len = 511, + .cipher_key = { + .data = { + 0xE4, 0x23, 0x33, 0x8A, 0x35, 0x64, 0x61, 0xE2, + 0x49, 0x03, 0xDD, 0xC6, 0xB8, 0xCA, 0x55, 0x7A, + 0xD4, 0xC3, 0xA3, 0xAA, 0x33, 0x62, 0x61, 0xE0 + }, + .len = 24 + }, + .iv = { + .data = { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F + }, + .len = 16 + }, + .plaintext = { + .data = plaintext_hash, + .len = 511 + }, + .ciphertext = { + .data = ciphertext512_aes192cbc, + .len = 511 + }, + .auth_algo = RTE_CRYPTO_AUTH_SHA256, + .auth_offset = 0, + .auth_key = { + .data = { + 0x42, 0x1A, 0x7D, 0x3D, 0xF5, 0x82, 0x80, 0xF1, + 0xF1, 0x35, 0x5C, 0x3B, 0xDD, 0x9A, 0x65, 0xBA, + 0x58, 0x34, 0x85, 0x61, 0x1C, 0x42, 0x10, 0x76, + 0x9A, 0x4F, 0x88, 0x1B, 0xB6, 0x8F, 0xD8, 0x60 + }, + .len = 32 + }, + .digest = { + .data = { + 0xE0, 0x4E, 0x39, 0x67, 0xB8, 0xB4, 0x56, 0xF4, + 0x03, 0x0C, 0xF5, 0x74, 0x52, 0xFF, 0x63, 0x48, + 0xE0, 0x3C, 0x38, 0x49, 0x76, 0x29, 0xC0, 0x57, + 0xF4, 0x4A, 0x3E, 0x4F, 0x88, 0xB5, 0x05, 0x0E + }, + .len = 32 + } +}; + +static const struct test_crypto_vector +aes256cbc_sha256_misalign_test_vector = { + .crypto_algo = RTE_CRYPTO_CIPHER_AES_CBC, + .cipher_offset = 0, + .cipher_len = 511, + .cipher_key = { + .data = { + 0xE4, 0x23, 0x33, 0x8A, 0x35, 0x64, 0x61, 0xE2, + 0x49, 0x03, 0xDD, 0xC6, 0xB8, 0xCA, 0x55, 0x7A, + 0xD4, 0xC3, 0xA3, 0xAA, 0x33, 0x62, 0x61, 0xE0, + 0x37, 0x07, 0xB8, 0x23, 0xA2, 0xA3, 0xB5, 0x8D + }, + .len = 32 + }, + .iv = { + .data = { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F + }, + .len = 16 + }, + .plaintext = { + .data = plaintext_hash, + .len = 511 + }, + .ciphertext = { + .data = ciphertext512_aes256cbc, + .len = 511 + }, + .auth_algo = RTE_CRYPTO_AUTH_SHA256, + .auth_offset = 0, + .auth_key = { + .data = { + 0x42, 0x1A, 0x7D, 0x3D, 0xF5, 0x82, 0x80, 0xF1, + 0xF1, 0x35, 0x5C, 0x3B, 0xDD, 0x9A, 0x65, 0xBA, + 0x58, 0x34, 0x85, 0x61, 0x1C, 0x42, 0x10, 0x76, + 0x9A, 0x4F, 0x88, 0x1B, 0xB6, 0x8F, 0xD8, 0x60 + }, + .len = 32 + }, + .digest = { + .data = { + 0x29, 0x1A, 0x38, 0x7E, 0xBC, 0x57, 0xC4, 0xB6, + 0xD6, 0xCE, 0xEF, 0x96, 0x5D, 0x76, 0x2F, 0x3C, + 0xDA, 0x95, 0x51, 0x82, 0xD7, 0x7B, 0x11, 0x92, + 0x85, 0xED, 0x2D, 0xB5, 0xCF, 0x03, 0xF4, 0x54 + }, + .len = 32 + } +}; + +static const struct test_crypto_vector +triple_des128cbc_sha1_misalign_test_vector = { + .crypto_algo = RTE_CRYPTO_CIPHER_3DES_CBC, + .cipher_len = 511, + .cipher_key = { + .data = { + 0xE4, 0x23, 0x33, 0x8A, 0x35, 0x64, 0x61, 0xE2, + 0x49, 0x03, 0xDD, 0xC6, 0xB8, 0xCA, 0x55, 0x7A + }, + .len = 16 + }, + .iv = { + .data = { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07 + }, + .len = 8 + }, + .plaintext = { + .data = plaintext_hash, + .len = 511 + }, + .ciphertext = { + .data = ciphertext512_des128cbc, + .len = 511 + }, + .auth_algo = RTE_CRYPTO_AUTH_SHA1, + .digest = { + .data = { + 0x94, 0x45, 0x7B, 0xDF, 0xFE, 0x80, 0xB9, 0xA6, + 0xA0, 0x7A, 0xE8, 0x93, 0x40, 0x7B, 0x85, 0x02, + 0x1C, 0xD7, 0xE8, 0x87 + }, + .len = 20 + } +}; + static const struct test_crypto_vector aes128cbc_hmac_sha1_aad_test_vector = { .crypto_algo = RTE_CRYPTO_CIPHER_AES_CBC, @@ -15058,7 +15280,7 @@ test_authenticated_decryption_fail_when_corruption( } static int -test_authenticated_encrypt_with_esn( +test_authenticated_encrypt( struct crypto_testsuite_params *ts_params, struct crypto_unittest_params *ut_params, const struct test_crypto_vector *reference) @@ -15159,7 +15381,7 @@ test_authenticated_encrypt_with_esn( ut_params->op = process_crypto_request( ts_params->valid_devs[0], ut_params->op); - TEST_ASSERT_NOT_NULL(ut_params->op, "no crypto operation returned"); + TEST_ASSERT_NOT_NULL(ut_params->op, "Failed crypto process, no operation returned"); TEST_ASSERT_EQUAL(ut_params->op->status, RTE_CRYPTO_OP_STATUS_SUCCESS, "crypto op processing failed"); @@ -15191,7 +15413,7 @@ test_authenticated_encrypt_with_esn( } static int -test_authenticated_decrypt_with_esn( +test_authenticated_decrypt( struct crypto_testsuite_params *ts_params, struct crypto_unittest_params *ut_params, const struct test_crypto_vector *reference) @@ -15291,7 +15513,7 @@ test_authenticated_decrypt_with_esn( ut_params->op = process_crypto_request(ts_params->valid_devs[0], ut_params->op); - TEST_ASSERT_NOT_NULL(ut_params->op, "failed crypto process"); + TEST_ASSERT_NOT_NULL(ut_params->op, "Failed crypto process, no operation returned"); TEST_ASSERT_EQUAL(ut_params->op->status, RTE_CRYPTO_OP_STATUS_SUCCESS, "crypto op processing passed"); @@ -15850,7 +16072,7 @@ auth_decryption_AES128CBC_HMAC_SHA1_fail_tag_corrupt(void) static int auth_encrypt_AES128CBC_HMAC_SHA1_esn_check(void) { - return test_authenticated_encrypt_with_esn( + return test_authenticated_encrypt( &testsuite_params, &unittest_params, &aes128cbc_hmac_sha1_aad_test_vector); @@ -15859,12 +16081,48 @@ auth_encrypt_AES128CBC_HMAC_SHA1_esn_check(void) static int auth_decrypt_AES128CBC_HMAC_SHA1_esn_check(void) { - return test_authenticated_decrypt_with_esn( + return test_authenticated_decrypt( &testsuite_params, &unittest_params, &aes128cbc_hmac_sha1_aad_test_vector); } +static int +test_cipher_auth_encryption_fail_data_misalignment(const void *test_data) +{ + struct test_crypto_vector test_vector; + int res; + + memcpy(&test_vector, test_data, sizeof(test_vector)); + RTE_LOG(INFO, USER1, "This is a negative test, errors are expected\n"); + res = test_authenticated_encrypt( + &testsuite_params, + &unittest_params, + &test_vector); + if (res == TEST_SKIPPED) + return res; + TEST_ASSERT_EQUAL(res, TEST_FAILED, "encryption not failed"); + return TEST_SUCCESS; +} + +static int +test_cipher_auth_decryption_fail_data_misalignment(const void *test_data) +{ + struct test_crypto_vector test_vector; + int res; + + memcpy(&test_vector, test_data, sizeof(test_vector)); + RTE_LOG(INFO, USER1, "This is a negative test, errors are expected\n"); + res = test_authenticated_decrypt( + &testsuite_params, + &unittest_params, + &test_vector); + if (res == TEST_SKIPPED) + return res; + TEST_ASSERT_EQUAL(res, TEST_FAILED, "decryption not failed"); + return TEST_SUCCESS; +} + static int test_chacha20_poly1305_encrypt_test_case_rfc8439(void) { @@ -16675,6 +16933,56 @@ static struct unit_test_suite cryptodev_negative_hmac_sha1_testsuite = { } }; +static struct unit_test_suite cryptodev_negative_input_buffer_misalignment_testsuite = { + .suite_name = "Negative Input buffer misalignment Unit Test Suite", + .setup = negative_input_buffer_misalignment_testsuite_setup, + .unit_test_cases = { + /** Negative tests */ + TEST_CASE_NAMED_WITH_DATA( + "3DES128 CBC SHA1 auth encryption negative test for data misalignment", + ut_setup, ut_teardown, + test_cipher_auth_encryption_fail_data_misalignment, + &triple_des128cbc_sha1_misalign_test_vector), + TEST_CASE_NAMED_WITH_DATA( + "3DES128 CBC SHA1 auth decryption negative test for data misalignment", + ut_setup, ut_teardown, + test_cipher_auth_decryption_fail_data_misalignment, + &triple_des128cbc_sha1_misalign_test_vector), + TEST_CASE_NAMED_WITH_DATA( + "AES128 CBC SHA256 auth encryption negative test for data misalignment", + ut_setup, ut_teardown, + test_cipher_auth_encryption_fail_data_misalignment, + &aes128cbc_sha256_misalign_test_vector), + TEST_CASE_NAMED_WITH_DATA( + "AES128 CBC SHA256 auth decryption negative test for data misalignment", + ut_setup, ut_teardown, + test_cipher_auth_decryption_fail_data_misalignment, + &aes128cbc_sha256_misalign_test_vector), + TEST_CASE_NAMED_WITH_DATA( + "AES192 CBC SHA256 auth encryption negative test for data misalignment", + ut_setup, ut_teardown, + test_cipher_auth_encryption_fail_data_misalignment, + &aes192cbc_sha256_misalign_test_vector), + TEST_CASE_NAMED_WITH_DATA( + "AES192 CBC SHA256 auth decryption negative test for data misalignment", + ut_setup, ut_teardown, + test_cipher_auth_decryption_fail_data_misalignment, + &aes192cbc_sha256_misalign_test_vector), + TEST_CASE_NAMED_WITH_DATA( + "AES256 CBC SHA256 auth encryption negative test for data misalignment", + ut_setup, ut_teardown, + test_cipher_auth_encryption_fail_data_misalignment, + &aes256cbc_sha256_misalign_test_vector), + TEST_CASE_NAMED_WITH_DATA( + "AES256 CBC SHA256 auth decryption negative test for data misalignment", + ut_setup, ut_teardown, + test_cipher_auth_decryption_fail_data_misalignment, + &aes256cbc_sha256_misalign_test_vector), + + TEST_CASES_END() /**< NULL terminate unit test array */ + } +}; + static struct unit_test_suite cryptodev_multi_session_testsuite = { .suite_name = "Multi Session Unit Test Suite", .setup = multi_session_testsuite_setup, @@ -17567,6 +17875,7 @@ run_cryptodev_testsuite(const char *pmd_name) &cryptodev_esn_testsuite, &cryptodev_negative_aes_gcm_testsuite, &cryptodev_negative_aes_gmac_testsuite, + &cryptodev_negative_input_buffer_misalignment_testsuite, &cryptodev_mixed_cipher_hash_testsuite, &cryptodev_negative_hmac_sha1_testsuite, &cryptodev_gen_testsuite, diff --git a/app/test/test_cryptodev_aes_test_vectors.h b/app/test/test_cryptodev_aes_test_vectors.h index 7127156cc4..a026c2ae0e 100644 --- a/app/test/test_cryptodev_aes_test_vectors.h +++ b/app/test/test_cryptodev_aes_test_vectors.h @@ -1533,6 +1533,33 @@ static const struct blockcipher_test_data aes_test_data_4 = { } }; +/** AES-128-CBC Negative test vector */ +static const struct blockcipher_test_data aes_128_cbc_misalign_test_data = { + .crypto_algo = RTE_CRYPTO_CIPHER_AES_CBC, + .cipher_key = { + .data = { + 0xE4, 0x23, 0x33, 0x8A, 0x35, 0x64, 0x61, 0xE2, + 0x49, 0x03, 0xDD, 0xC6, 0xB8, 0xCA, 0x55, 0x7A + }, + .len = 16 + }, + .iv = { + .data = { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F + }, + .len = 16 + }, + .plaintext = { + .data = plaintext_aes_common, + .len = 511 + }, + .ciphertext = { + .data = ciphertext512_aes128cbc, + .len = 511 + }, +}; + /** AES-128-CBC SHA1 test vector (Digest encrypted mode) */ static const struct blockcipher_test_data aes_test_data_4_digest_enc = { .crypto_algo = RTE_CRYPTO_CIPHER_AES_CBC, @@ -2000,6 +2027,33 @@ static const struct blockcipher_test_data aes_test_data_10 = { } }; +/** AES-192-CBC neg test vector */ +static const struct blockcipher_test_data aes_192_cbc_misalign_test_data = { + .crypto_algo = RTE_CRYPTO_CIPHER_AES_CBC, + .cipher_key = { + .data = { + 0xE4, 0x23, 0x33, 0x8A, 0x35, 0x64, 0x61, 0xE2, + 0x49, 0x03, 0xDD, 0xC6, 0xB8, 0xCA, 0x55, 0x7A, + 0xD4, 0xC3, 0xA3, 0xAA, 0x33, 0x62, 0x61, 0xE0 + }, + .len = 24 + }, + .iv = { + .data = { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F + }, + .len = 16 + }, + .plaintext = { + .data = plaintext_aes_common, + .len = 511 + }, + .ciphertext = { + .data = ciphertext512_aes192cbc, + .len = 511 + } +}; /** AES-192-CBC SHA1 test vector (Digest encrypted mode) */ static const struct blockcipher_test_data aes_test_data_10_digest_enc = { .crypto_algo = RTE_CRYPTO_CIPHER_AES_CBC, @@ -2212,6 +2266,35 @@ static const struct blockcipher_test_data aes_test_data_11 = { } }; +/** AES-256-CBC neg test vector */ +static const struct blockcipher_test_data aes_256_cbc_misalign_test_data = { + .crypto_algo = RTE_CRYPTO_CIPHER_AES_CBC, + .cipher_key = { + .data = { + 0xE4, 0x23, 0x33, 0x8A, 0x35, 0x64, 0x61, 0xE2, + 0x49, 0x03, 0xDD, 0xC6, 0xB8, 0xCA, 0x55, 0x7A, + 0xD4, 0xC3, 0xA3, 0xAA, 0x33, 0x62, 0x61, 0xE0, + 0x37, 0x07, 0xB8, 0x23, 0xA2, 0xA3, 0xB5, 0x8D + }, + .len = 32 + }, + .iv = { + .data = { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F + }, + .len = 16 + }, + .plaintext = { + .data = plaintext_aes_common, + .len = 511 + }, + .ciphertext = { + .data = ciphertext512_aes256cbc, + .len = 511 + } +}; + /** AES-256-CBC SHA1 test vector (Digest encrypted mode) */ static const struct blockcipher_test_data aes_test_data_11_digest_enc = { .crypto_algo = RTE_CRYPTO_CIPHER_AES_CBC, @@ -5117,6 +5200,42 @@ static const struct blockcipher_test_case aes_cipheronly_test_cases[] = { .test_data = &aes_test_data_21, .op_mask = BLOCKCIPHER_TEST_OP_DECRYPT, }, + { + .test_descr = "AES-128-CBC Encryption Negative Test for data misalignment", + .test_data = &aes_128_cbc_misalign_test_data, + .op_mask = BLOCKCIPHER_TEST_OP_ENCRYPT, + .feature_mask = BLOCKCIPHER_TEST_NEG_TEST, + }, + { + .test_descr = "AES-192-CBC Encryption Negative Test for data misalignment", + .test_data = &aes_192_cbc_misalign_test_data, + .op_mask = BLOCKCIPHER_TEST_OP_ENCRYPT, + .feature_mask = BLOCKCIPHER_TEST_NEG_TEST, + }, + { + .test_descr = "AES-256-CBC Encryption Negative Test for data misalignment", + .test_data = &aes_256_cbc_misalign_test_data, + .op_mask = BLOCKCIPHER_TEST_OP_ENCRYPT, + .feature_mask = BLOCKCIPHER_TEST_NEG_TEST, + }, + { + .test_descr = "AES-128-CBC Decryption Negative Test for data misalignment", + .test_data = &aes_128_cbc_misalign_test_data, + .op_mask = BLOCKCIPHER_TEST_OP_DECRYPT, + .feature_mask = BLOCKCIPHER_TEST_NEG_TEST, + }, + { + .test_descr = "AES-192-CBC Decryption Negative Test for data misalignment", + .test_data = &aes_192_cbc_misalign_test_data, + .op_mask = BLOCKCIPHER_TEST_OP_DECRYPT, + .feature_mask = BLOCKCIPHER_TEST_NEG_TEST, + }, + { + .test_descr = "AES-256-CBC Decryption Negative Test for data misalignment", + .test_data = &aes_256_cbc_misalign_test_data, + .op_mask = BLOCKCIPHER_TEST_OP_DECRYPT, + .feature_mask = BLOCKCIPHER_TEST_NEG_TEST, + }, }; static const struct blockcipher_test_case aes_docsis_test_cases[] = { diff --git a/app/test/test_cryptodev_blockcipher.c b/app/test/test_cryptodev_blockcipher.c index 87a321fac3..afd5fd2f2e 100644 --- a/app/test/test_cryptodev_blockcipher.c +++ b/app/test/test_cryptodev_blockcipher.c @@ -100,6 +100,7 @@ test_blockcipher_one_case(const struct blockcipher_test_case *t, int nb_segs_out = 1; uint64_t sgl_type = t->sgl_flag; uint32_t nb_iterates = 0; + bool validNegTestResult = false; rte_cryptodev_info_get(dev_id, &dev_info); uint64_t feat_flags = dev_info.feature_flags; @@ -606,6 +607,8 @@ test_blockcipher_one_case(const struct blockcipher_test_case *t, snprintf(test_msg, BLOCKCIPHER_TEST_MSG_LEN, "line %u " "FAILED: Operation failed " "(0x%X)", __LINE__, op->status); + if (t->feature_mask & BLOCKCIPHER_TEST_NEG_TEST) + validNegTestResult = true; status = TEST_FAILED; goto error_exit; } @@ -636,6 +639,8 @@ test_blockcipher_one_case(const struct blockcipher_test_case *t, "FAILED: %s", __LINE__, "Crypto data not as expected"); status = TEST_FAILED; + if (t->feature_mask & BLOCKCIPHER_TEST_NEG_TEST) + validNegTestResult = true; goto error_exit; } } @@ -655,6 +660,8 @@ test_blockcipher_one_case(const struct blockcipher_test_case *t, "FAILED: %s", __LINE__, "Generated " "digest data not as expected"); status = TEST_FAILED; + if (t->feature_mask & BLOCKCIPHER_TEST_NEG_TEST) + validNegTestResult = true; goto error_exit; } } @@ -806,10 +813,19 @@ test_blockcipher_one_case(const struct blockcipher_test_case *t, } } } - - snprintf(test_msg, BLOCKCIPHER_TEST_MSG_LEN, "PASS"); + if ((status == TEST_SUCCESS) && + ((t->feature_mask & BLOCKCIPHER_TEST_NEG_TEST) || (validNegTestResult))) { + snprintf(test_msg, BLOCKCIPHER_TEST_MSG_LEN, "FAIL"); + status = TEST_FAILED; + } else { + snprintf(test_msg, BLOCKCIPHER_TEST_MSG_LEN, "PASS"); + } error_exit: + if (validNegTestResult) { + snprintf(test_msg, BLOCKCIPHER_TEST_MSG_LEN, "PASS"); + status = TEST_SUCCESS; + } if (!(t->feature_mask & BLOCKCIPHER_TEST_FEATURE_SESSIONLESS)) { if (sess) rte_cryptodev_sym_session_free(dev_id, sess); diff --git a/app/test/test_cryptodev_blockcipher.h b/app/test/test_cryptodev_blockcipher.h index e6f6c18067..b4d890d8cc 100644 --- a/app/test/test_cryptodev_blockcipher.h +++ b/app/test/test_cryptodev_blockcipher.h @@ -20,6 +20,7 @@ #define BLOCKCIPHER_TEST_FEATURE_STOPPER 0x04 /* stop upon failing */ #define BLOCKCIPHER_TEST_FEATURE_SG 0x08 /* Scatter Gather */ #define BLOCKCIPHER_TEST_FEATURE_DIGEST_ENCRYPTED 0x10 +#define BLOCKCIPHER_TEST_NEG_TEST 0x80 /* MSB Bit is set for negative test */ #define BLOCKCIPHER_TEST_OP_CIPHER (BLOCKCIPHER_TEST_OP_ENCRYPT | \ BLOCKCIPHER_TEST_OP_DECRYPT) diff --git a/app/test/test_cryptodev_des_test_vectors.h b/app/test/test_cryptodev_des_test_vectors.h index 3ded90b6d4..9921b77501 100644 --- a/app/test/test_cryptodev_des_test_vectors.h +++ b/app/test/test_cryptodev_des_test_vectors.h @@ -541,6 +541,32 @@ triple_des128cbc_test_vector = { } }; +static const struct blockcipher_test_data +triple_des128cbc_misalign_test_vector = { + .crypto_algo = RTE_CRYPTO_CIPHER_3DES_CBC, + .cipher_key = { + .data = { + 0xE4, 0x23, 0x33, 0x8A, 0x35, 0x64, 0x61, 0xE2, + 0x49, 0x03, 0xDD, 0xC6, 0xB8, 0xCA, 0x55, 0x7A + }, + .len = 16 + }, + .iv = { + .data = { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07 + }, + .len = 8 + }, + .plaintext = { + .data = plaintext_des, + .len = 511 + }, + .ciphertext = { + .data = ciphertext512_des128cbc, + .len = 511 + } +}; + static const struct blockcipher_test_data triple_des128cbc_sha1_test_vector = { .crypto_algo = RTE_CRYPTO_CIPHER_3DES_CBC, @@ -1183,6 +1209,18 @@ static const struct blockcipher_test_case triple_des_cipheronly_test_cases[] = { .test_descr = "3DES-192-CTR Decryption", .test_data = &triple_des192ctr_test_vector, .op_mask = BLOCKCIPHER_TEST_OP_DECRYPT, + }, + { + .test_descr = "3DES-128-CBC Encryption Negative Test for data misalignment", + .test_data = &triple_des128cbc_misalign_test_vector, + .op_mask = BLOCKCIPHER_TEST_OP_ENCRYPT, + .feature_mask = BLOCKCIPHER_TEST_NEG_TEST, + }, + { + .test_descr = "3DES-128-CBC Decryption Negative Test for data misalignment", + .test_data = &triple_des128cbc_misalign_test_vector, + .op_mask = BLOCKCIPHER_TEST_OP_DECRYPT, + .feature_mask = BLOCKCIPHER_TEST_NEG_TEST, } };