diff mbox series

[v4,6/8] examples/fips_validation: add json to hmac

Message ID 20220429161559.415645-7-blo@iol.unh.edu (mailing list archive)
State Superseded
Delegated to: akhil goyal
Headers show
Series Add JSON vector set support to fips validation | expand

Checks

Context Check Description
ci/checkpatch success coding style OK

Commit Message

Brandon Lo April 29, 2022, 4:15 p.m. UTC
Adds JSON support for the HMAC algorithm.

Signed-off-by: Brandon Lo <blo@iol.unh.edu>
---
 examples/fips_validation/fips_validation.c    |  2 +
 examples/fips_validation/fips_validation.h    |  6 ++
 .../fips_validation/fips_validation_hmac.c    | 93 +++++++++++++++++++
 examples/fips_validation/main.c               |  3 +
 4 files changed, 104 insertions(+)

Comments

Gowrishankar Muthukrishnan May 18, 2022, 3:45 p.m. UTC | #1
Verified the functionality changes and looks good to me.

Acked-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>

Thanks.

> -----Original Message-----
> From: Brandon Lo <blo@iol.unh.edu>
> Sent: Friday, April 29, 2022 9:46 PM
> To: roy.fan.zhang@intel.com; ciara.power@intel.com
> Cc: dev@dpdk.org; Brandon Lo <blo@iol.unh.edu>
> Subject: [EXT] [PATCH v4 6/8] examples/fips_validation: add json to hmac
> 
> External Email
> 
> ----------------------------------------------------------------------
> Adds JSON support for the HMAC algorithm.
> 
> Signed-off-by: Brandon Lo <blo@iol.unh.edu>
> ---
>  examples/fips_validation/fips_validation.c    |  2 +
>  examples/fips_validation/fips_validation.h    |  6 ++
>  .../fips_validation/fips_validation_hmac.c    | 93 +++++++++++++++++++
>  examples/fips_validation/main.c               |  3 +
>  4 files changed, 104 insertions(+)
> 
> diff --git a/examples/fips_validation/fips_validation.c
> b/examples/fips_validation/fips_validation.c
> index d220dcab1f..04dfb85262 100644
> --- a/examples/fips_validation/fips_validation.c
> +++ b/examples/fips_validation/fips_validation.c
> @@ -458,6 +458,8 @@ fips_test_parse_one_json_vector_set(void)
>  	/* Vector sets contain the algorithm type, and nothing else we need.
> */
>  	if (strstr(algo_str, "AES-GCM"))
>  		info.algo = FIPS_TEST_ALGO_AES_GCM;
> +	if (strstr(algo_str, "HMAC"))
> +		info.algo = FIPS_TEST_ALGO_HMAC;
>  	else
>  		return -EINVAL;
> 
> diff --git a/examples/fips_validation/fips_validation.h
> b/examples/fips_validation/fips_validation.h
> index 8d7af99e04..2c65d838b0 100644
> --- a/examples/fips_validation/fips_validation.h
> +++ b/examples/fips_validation/fips_validation.h
> @@ -253,6 +253,12 @@ fips_test_parse_one_json_case(void);
> 
>  int
>  parse_test_gcm_json_init(void);
> +
> +int
> +parse_test_hmac_json_init(void);
> +
> +int
> +parse_test_hmac_json_algorithm(void);
>  #endif /* RTE_HAS_JANSSON */
> 
>  int
> diff --git a/examples/fips_validation/fips_validation_hmac.c
> b/examples/fips_validation/fips_validation_hmac.c
> index 1285c9d283..4cd1b1ac07 100644
> --- a/examples/fips_validation/fips_validation_hmac.c
> +++ b/examples/fips_validation/fips_validation_hmac.c
> @@ -19,6 +19,15 @@
>  #define PT_STR		"Msg = "
>  #define TAG_STR		"Mac = "
> 
> +#define ALGO_JSON_STR	"algorithm"
> +
> +#define KEYLEN_JSON_STR	"keyLen"
> +#define TAGLEN_JSON_STR	"macLen"
> +
> +#define KEY_JSON_STR	"key"
> +#define PT_JSON_STR		"msg"
> +#define TAG_JSON_STR	"mac"
> +
>  struct hash_size_conversion {
>  	const char *str;
>  	enum rte_crypto_auth_algorithm algo;
> @@ -65,6 +74,29 @@ struct fips_test_callback hmac_tests_interim_vectors[]
> = {
>  		{NULL, NULL, NULL} /**< end pointer */  };
> 
> +#ifdef RTE_HAS_JANSSON
> +struct hash_size_conversion json_algorithms[] = {
> +		{"HMAC-SHA-1", RTE_CRYPTO_AUTH_SHA1_HMAC},
> +		{"HMAC-SHA2-224", RTE_CRYPTO_AUTH_SHA224_HMAC},
> +		{"HMAC-SHA2-256", RTE_CRYPTO_AUTH_SHA256_HMAC},
> +		{"HMAC-SHA2-384", RTE_CRYPTO_AUTH_SHA384_HMAC},
> +		{"HMAC-SHA2-512", RTE_CRYPTO_AUTH_SHA512_HMAC}, };
> +
> +struct fips_test_callback hmac_tests_json_vectors[] = {
> +		{KEY_JSON_STR, parse_uint8_hex_str,
> &vec.cipher_auth.key},
> +		{PT_JSON_STR, parse_uint8_hex_str, &vec.pt},
> +		{TAG_JSON_STR, parse_uint8_hex_str,
> &vec.cipher_auth.digest},
> +		{NULL, NULL, NULL} /**< end pointer */ };
> +
> +struct fips_test_callback hmac_tests_interim_json_vectors[] = {
> +		{KEYLEN_JSON_STR, parser_read_uint32_val,
> &vec.cipher_auth.key},
> +		{TAGLEN_JSON_STR, parser_read_uint32_bit_val,
> &vec.cipher_auth.digest},
> +		{NULL, NULL, NULL} /**< end pointer */ }; #endif /*
> RTE_HAS_JANSSON
> +*/
> +
>  static int
>  parse_test_hmac_writeback(struct fips_val *val)  { @@ -103,3 +135,64 @@
> parse_test_hmac_init(void)
> 
>  	return 0;
>  }
> +
> +#ifdef RTE_HAS_JANSSON
> +static int
> +parse_test_hmac_json_writeback(struct fips_val *val) {
> +	struct fips_val val_local;
> +	json_t *tcId, *mac;
> +
> +	tcId = json_object_get(json_info.json_test_case, "tcId");
> +
> +	json_info.json_write_case = json_object();
> +	json_object_set(json_info.json_write_case, "tcId", tcId);
> +
> +
> +	val_local.val = val->val + vec.pt.len;
> +	val_local.len = vec.cipher_auth.digest.len;
> +
> +	writeback_hex_str("", info.one_line_text, &val_local);
> +
> +	mac = json_string(info.one_line_text);
> +	json_object_set_new(json_info.json_write_case, TAG_JSON_STR,
> mac);
> +
> +	return 0;
> +}
> +
> +int
> +parse_test_hmac_json_algorithm(void)
> +{
> +	json_t *algorithm_object;
> +	const char *algorithm_str;
> +	uint32_t i;
> +
> +	algorithm_object = json_object_get(json_info.json_vector_set,
> "algorithm");
> +	algorithm_str = json_string_value(algorithm_object);
> +
> +	for (i = 0; i < RTE_DIM(json_algorithms); i++) {
> +		if (strstr(algorithm_str, json_algorithms[i].str)) {
> +			info.interim_info.hmac_data.algo =
> json_algorithms[i].algo;
> +			return 0;
> +		}
> +	}
> +
> +	return -1;
> +}
> +
> +int
> +parse_test_hmac_json_init(void)
> +{
> +	info.op = FIPS_TEST_ENC_AUTH_GEN;
> +	info.parse_writeback = parse_test_hmac_json_writeback;
> +	info.callbacks = hmac_tests_json_vectors;
> +	info.writeback_callbacks = NULL;
> +	info.kat_check = rsp_test_hmac_check;
> +	info.interim_callbacks = hmac_tests_interim_json_vectors;
> +
> +	if (parse_test_hmac_json_algorithm() < 0)
> +		return -1;
> +
> +	return 0;
> +}
> +#endif /* RTE_HAS_JANSSON */
> diff --git a/examples/fips_validation/main.c
> b/examples/fips_validation/main.c index a1d8a1d758..de6dedaf75 100644
> --- a/examples/fips_validation/main.c
> +++ b/examples/fips_validation/main.c
> @@ -1943,6 +1943,9 @@ fips_test_one_test_group(void)
>  	case FIPS_TEST_ALGO_AES_GCM:
>  		ret = parse_test_gcm_json_init();
>  		break;
> +	case FIPS_TEST_ALGO_HMAC:
> +		ret = parse_test_hmac_json_init();
> +		break;
>  	default:
>  		return -EINVAL;
>  	}
> --
> 2.25.1
diff mbox series

Patch

diff --git a/examples/fips_validation/fips_validation.c b/examples/fips_validation/fips_validation.c
index d220dcab1f..04dfb85262 100644
--- a/examples/fips_validation/fips_validation.c
+++ b/examples/fips_validation/fips_validation.c
@@ -458,6 +458,8 @@  fips_test_parse_one_json_vector_set(void)
 	/* Vector sets contain the algorithm type, and nothing else we need. */
 	if (strstr(algo_str, "AES-GCM"))
 		info.algo = FIPS_TEST_ALGO_AES_GCM;
+	if (strstr(algo_str, "HMAC"))
+		info.algo = FIPS_TEST_ALGO_HMAC;
 	else
 		return -EINVAL;
 
diff --git a/examples/fips_validation/fips_validation.h b/examples/fips_validation/fips_validation.h
index 8d7af99e04..2c65d838b0 100644
--- a/examples/fips_validation/fips_validation.h
+++ b/examples/fips_validation/fips_validation.h
@@ -253,6 +253,12 @@  fips_test_parse_one_json_case(void);
 
 int
 parse_test_gcm_json_init(void);
+
+int
+parse_test_hmac_json_init(void);
+
+int
+parse_test_hmac_json_algorithm(void);
 #endif /* RTE_HAS_JANSSON */
 
 int
diff --git a/examples/fips_validation/fips_validation_hmac.c b/examples/fips_validation/fips_validation_hmac.c
index 1285c9d283..4cd1b1ac07 100644
--- a/examples/fips_validation/fips_validation_hmac.c
+++ b/examples/fips_validation/fips_validation_hmac.c
@@ -19,6 +19,15 @@ 
 #define PT_STR		"Msg = "
 #define TAG_STR		"Mac = "
 
+#define ALGO_JSON_STR	"algorithm"
+
+#define KEYLEN_JSON_STR	"keyLen"
+#define TAGLEN_JSON_STR	"macLen"
+
+#define KEY_JSON_STR	"key"
+#define PT_JSON_STR		"msg"
+#define TAG_JSON_STR	"mac"
+
 struct hash_size_conversion {
 	const char *str;
 	enum rte_crypto_auth_algorithm algo;
@@ -65,6 +74,29 @@  struct fips_test_callback hmac_tests_interim_vectors[] = {
 		{NULL, NULL, NULL} /**< end pointer */
 };
 
+#ifdef RTE_HAS_JANSSON
+struct hash_size_conversion json_algorithms[] = {
+		{"HMAC-SHA-1", RTE_CRYPTO_AUTH_SHA1_HMAC},
+		{"HMAC-SHA2-224", RTE_CRYPTO_AUTH_SHA224_HMAC},
+		{"HMAC-SHA2-256", RTE_CRYPTO_AUTH_SHA256_HMAC},
+		{"HMAC-SHA2-384", RTE_CRYPTO_AUTH_SHA384_HMAC},
+		{"HMAC-SHA2-512", RTE_CRYPTO_AUTH_SHA512_HMAC},
+};
+
+struct fips_test_callback hmac_tests_json_vectors[] = {
+		{KEY_JSON_STR, parse_uint8_hex_str, &vec.cipher_auth.key},
+		{PT_JSON_STR, parse_uint8_hex_str, &vec.pt},
+		{TAG_JSON_STR, parse_uint8_hex_str, &vec.cipher_auth.digest},
+		{NULL, NULL, NULL} /**< end pointer */
+};
+
+struct fips_test_callback hmac_tests_interim_json_vectors[] = {
+		{KEYLEN_JSON_STR, parser_read_uint32_val, &vec.cipher_auth.key},
+		{TAGLEN_JSON_STR, parser_read_uint32_bit_val, &vec.cipher_auth.digest},
+		{NULL, NULL, NULL} /**< end pointer */
+};
+#endif /* RTE_HAS_JANSSON */
+
 static int
 parse_test_hmac_writeback(struct fips_val *val)
 {
@@ -103,3 +135,64 @@  parse_test_hmac_init(void)
 
 	return 0;
 }
+
+#ifdef RTE_HAS_JANSSON
+static int
+parse_test_hmac_json_writeback(struct fips_val *val)
+{
+	struct fips_val val_local;
+	json_t *tcId, *mac;
+
+	tcId = json_object_get(json_info.json_test_case, "tcId");
+
+	json_info.json_write_case = json_object();
+	json_object_set(json_info.json_write_case, "tcId", tcId);
+
+
+	val_local.val = val->val + vec.pt.len;
+	val_local.len = vec.cipher_auth.digest.len;
+
+	writeback_hex_str("", info.one_line_text, &val_local);
+
+	mac = json_string(info.one_line_text);
+	json_object_set_new(json_info.json_write_case, TAG_JSON_STR, mac);
+
+	return 0;
+}
+
+int
+parse_test_hmac_json_algorithm(void)
+{
+	json_t *algorithm_object;
+	const char *algorithm_str;
+	uint32_t i;
+
+	algorithm_object = json_object_get(json_info.json_vector_set, "algorithm");
+	algorithm_str = json_string_value(algorithm_object);
+
+	for (i = 0; i < RTE_DIM(json_algorithms); i++) {
+		if (strstr(algorithm_str, json_algorithms[i].str)) {
+			info.interim_info.hmac_data.algo = json_algorithms[i].algo;
+			return 0;
+		}
+	}
+
+	return -1;
+}
+
+int
+parse_test_hmac_json_init(void)
+{
+	info.op = FIPS_TEST_ENC_AUTH_GEN;
+	info.parse_writeback = parse_test_hmac_json_writeback;
+	info.callbacks = hmac_tests_json_vectors;
+	info.writeback_callbacks = NULL;
+	info.kat_check = rsp_test_hmac_check;
+	info.interim_callbacks = hmac_tests_interim_json_vectors;
+
+	if (parse_test_hmac_json_algorithm() < 0)
+		return -1;
+
+	return 0;
+}
+#endif /* RTE_HAS_JANSSON */
diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c
index a1d8a1d758..de6dedaf75 100644
--- a/examples/fips_validation/main.c
+++ b/examples/fips_validation/main.c
@@ -1943,6 +1943,9 @@  fips_test_one_test_group(void)
 	case FIPS_TEST_ALGO_AES_GCM:
 		ret = parse_test_gcm_json_init();
 		break;
+	case FIPS_TEST_ALGO_HMAC:
+		ret = parse_test_hmac_json_init();
+		break;
 	default:
 		return -EINVAL;
 	}