[2/2] test/crypto: add negative test cases for cipher buffer alignment

  add negative test cases for 3DES CBC and AES CBC
cipher algorithms for buffer misalignment

Signed-off-by: Sivaramakrishnan Venkat <venkatx.sivaramakrishnan@intel.com>
---
 app/test/test_cryptodev.c                  | 321 ++++++++++++++++++++-
 app/test/test_cryptodev_aes_test_vectors.h | 119 ++++++++
 app/test/test_cryptodev_blockcipher.c      |  20 +-
 app/test/test_cryptodev_blockcipher.h      |   1 +
 app/test/test_cryptodev_des_test_vectors.h |  38 +++
 5 files changed, 491 insertions(+), 8 deletions(-)
  

Acked-by: Kai Ji <kai.ji@intel.com>
  

> add negative test cases for 3DES CBC and AES CBC
> cipher algorithms for buffer misalignment
> 
> Signed-off-by: Sivaramakrishnan Venkat <venkatx.sivaramakrishnan@intel.com>
> ---
>  app/test/test_cryptodev.c                  | 321 ++++++++++++++++++++-
>  app/test/test_cryptodev_aes_test_vectors.h | 119 ++++++++
>  app/test/test_cryptodev_blockcipher.c      |  20 +-
>  app/test/test_cryptodev_blockcipher.h      |   1 +
>  app/test/test_cryptodev_des_test_vectors.h |  38 +++
>  5 files changed, 491 insertions(+), 8 deletions(-)
> 
> diff --git a/app/test/test_cryptodev.c b/app/test/test_cryptodev.c
> index d2c4c6f8b5..12e0cf8044 100644
> --- a/app/test/test_cryptodev.c
> +++ b/app/test/test_cryptodev.c
> @@ -1371,6 +1371,42 @@ negative_hmac_sha1_testsuite_setup(void)
>  	return 0;
>  }
> 
> +static int
> +negative_input_buffer_misalignment_testsuite_setup(void)
> +{
> +	struct crypto_testsuite_params *ts_params = &testsuite_params;
> +	uint8_t dev_id = ts_params->valid_devs[0];
> +	struct rte_cryptodev_info dev_info;
> +	const enum rte_crypto_cipher_algorithm ciphers[] = {
> +		RTE_CRYPTO_CIPHER_3DES_CBC,
> +		RTE_CRYPTO_CIPHER_AES_CBC
> +	};
> +	const enum rte_crypto_auth_algorithm auths[] = {
> +		RTE_CRYPTO_AUTH_SHA256,
> +		RTE_CRYPTO_AUTH_SHA256,
> +	};
> +
> +	rte_cryptodev_info_get(dev_id, &dev_info);
> +
> +	if (!(dev_info.feature_flags &
> RTE_CRYPTODEV_FF_SYMMETRIC_CRYPTO) ||
> +			((global_api_test_type == CRYPTODEV_RAW_API_TEST)
> &&
> +			!(dev_info.feature_flags &
> RTE_CRYPTODEV_FF_SYM_RAW_DP))) {
> +		RTE_LOG(INFO, USER1, "Feature flag requirements for Negative
> "
> +				"Input Buffer misalignment testsuite not
> met\n");
> +		return TEST_SKIPPED;
> +	}
> +
> +	if (check_cipher_capabilities_supported(ciphers, RTE_DIM(ciphers)) != 0
> +			&& check_auth_capabilities_supported(auths,
> +			RTE_DIM(auths)) != 0) {
> +		RTE_LOG(INFO, USER1, "Capability requirements for Negative "
> +				"Input Buffer misalignment testsuite not
> met\n");
> +		return TEST_SKIPPED;
> +	}
> +
> +	return 0;
> +}
> +
>  static int
>  dev_configure_and_start(uint64_t ff_disable)
>  {
> @@ -14469,6 +14505,192 @@ aes128cbc_hmac_sha1_test_vector = {
>  	}
>  };
> 
> +static const struct test_crypto_vector
> +aes128cbc_sha256_misalign_test_vector = {
> +	.crypto_algo = RTE_CRYPTO_CIPHER_AES_CBC,
> +	.cipher_offset = 0,
> +	.cipher_len = 511,
> +	.cipher_key = {
> +		.data = {
> +			0xE4, 0x23, 0x33, 0x8A, 0x35, 0x64, 0x61, 0xE2,
> +			0x49, 0x03, 0xDD, 0xC6, 0xB8, 0xCA, 0x55, 0x7A
> +		},
> +		.len = 16
> +	},
> +	.iv = {
> +		.data = {
> +			0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
> +			0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F
> +		},
> +		.len = 16
> +	},
> +	.plaintext = {
> +		.data = plaintext_aes_common,
> +		.len = 511
> +	},
> +	.ciphertext = {
> +		.data = ciphertext512_aes128cbc,
> +		.len = 511
> +	},
> +	.auth_algo = RTE_CRYPTO_AUTH_SHA256,
> +	.auth_offset = 0,
> +	.auth_key = {
> +		.data = {
> +			0x42, 0x1A, 0x7D, 0x3D, 0xF5, 0x82, 0x80, 0xF1,
> +			0xF1, 0x35, 0x5C, 0x3B, 0xDD, 0x9A, 0x65, 0xBA,
> +			0x58, 0x34, 0x85, 0x61, 0x1C, 0x42, 0x10, 0x76,
> +			0x9A, 0x4F, 0x88, 0x1B, 0xB6, 0x8F, 0xD8, 0x60
> +		},
> +		.len = 32
> +	},
> +	.digest = {
> +		.data = {
> +			0xA8, 0xBC, 0xDB, 0x99, 0xAA, 0x45, 0x91, 0xA3,
> +			0x2D, 0x75, 0x41, 0x92, 0x28, 0x01, 0x87, 0x5D,
> +			0x45, 0xED, 0x49, 0x05, 0xD3, 0xAE, 0x32, 0x57,
> +			0xB7, 0x79, 0x65, 0xFC, 0xFA, 0x6C, 0xFA, 0xDF
> +		},
> +		.len = 32
> +	}
> +};

Why are the vectors added in .c file?


> +
> +static const struct test_crypto_vector
> +aes192cbc_sha256_misalign_test_vector = {
> +	.crypto_algo = RTE_CRYPTO_CIPHER_AES_CBC,
> +	.cipher_offset = 0,
> +	.cipher_len = 511,
> +	.cipher_key = {
> +		.data = {
> +			0xE4, 0x23, 0x33, 0x8A, 0x35, 0x64, 0x61, 0xE2,
> +			0x49, 0x03, 0xDD, 0xC6, 0xB8, 0xCA, 0x55, 0x7A,
> +			0xD4, 0xC3, 0xA3, 0xAA, 0x33, 0x62, 0x61, 0xE0
> +		},
> +		.len = 24
> +	},
> +	.iv = {
> +		.data = {
> +			0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
> +			0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F
> +		},
> +		.len = 16
> +	},
> +	.plaintext = {
> +		.data = plaintext_hash,
> +		.len = 511
> +	},
> +	.ciphertext = {
> +		.data = ciphertext512_aes192cbc,
> +		.len = 511
> +	},
> +	.auth_algo = RTE_CRYPTO_AUTH_SHA256,
> +	.auth_offset = 0,
> +	.auth_key = {
> +		.data = {
> +			0x42, 0x1A, 0x7D, 0x3D, 0xF5, 0x82, 0x80, 0xF1,
> +			0xF1, 0x35, 0x5C, 0x3B, 0xDD, 0x9A, 0x65, 0xBA,
> +			0x58, 0x34, 0x85, 0x61, 0x1C, 0x42, 0x10, 0x76,
> +			0x9A, 0x4F, 0x88, 0x1B, 0xB6, 0x8F, 0xD8, 0x60
> +		},
> +		.len = 32
> +	},
> +	.digest = {
> +		.data = {
> +			0xE0, 0x4E, 0x39, 0x67, 0xB8, 0xB4, 0x56, 0xF4,
> +			0x03, 0x0C, 0xF5, 0x74, 0x52, 0xFF, 0x63, 0x48,
> +			0xE0, 0x3C, 0x38, 0x49, 0x76, 0x29, 0xC0, 0x57,
> +			0xF4, 0x4A, 0x3E, 0x4F, 0x88, 0xB5, 0x05, 0x0E
> +		},
> +		.len = 32
> +	}
> +};
> +
> +static const struct test_crypto_vector
> +aes256cbc_sha256_misalign_test_vector = {
> +	.crypto_algo = RTE_CRYPTO_CIPHER_AES_CBC,
> +	.cipher_offset = 0,
> +	.cipher_len = 511,
> +	.cipher_key = {
> +		.data = {
> +			0xE4, 0x23, 0x33, 0x8A, 0x35, 0x64, 0x61, 0xE2,
> +			0x49, 0x03, 0xDD, 0xC6, 0xB8, 0xCA, 0x55, 0x7A,
> +			0xD4, 0xC3, 0xA3, 0xAA, 0x33, 0x62, 0x61, 0xE0,
> +			0x37, 0x07, 0xB8, 0x23, 0xA2, 0xA3, 0xB5, 0x8D
> +		},
> +		.len = 32
> +	},
> +	.iv = {
> +		.data = {
> +			0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
> +			0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F
> +		},
> +		.len = 16
> +	},
> +	.plaintext = {
> +		.data = plaintext_hash,
> +		.len = 511
> +	},
> +	.ciphertext = {
> +		.data = ciphertext512_aes256cbc,
> +		.len = 511
> +	},
> +	.auth_algo = RTE_CRYPTO_AUTH_SHA256,
> +	.auth_offset = 0,
> +	.auth_key = {
> +		.data = {
> +			0x42, 0x1A, 0x7D, 0x3D, 0xF5, 0x82, 0x80, 0xF1,
> +			0xF1, 0x35, 0x5C, 0x3B, 0xDD, 0x9A, 0x65, 0xBA,
> +			0x58, 0x34, 0x85, 0x61, 0x1C, 0x42, 0x10, 0x76,
> +			0x9A, 0x4F, 0x88, 0x1B, 0xB6, 0x8F, 0xD8, 0x60
> +		},
> +		.len = 32
> +	},
> +	.digest = {
> +		.data = {
> +			0x29, 0x1A, 0x38, 0x7E, 0xBC, 0x57, 0xC4, 0xB6,
> +			0xD6, 0xCE, 0xEF, 0x96, 0x5D, 0x76, 0x2F, 0x3C,
> +			0xDA, 0x95, 0x51, 0x82, 0xD7, 0x7B, 0x11, 0x92,
> +			0x85, 0xED, 0x2D, 0xB5, 0xCF, 0x03, 0xF4, 0x54
> +		},
> +		.len = 32
> +	}
> +};
> +
> +static const struct test_crypto_vector
> +triple_des128cbc_sha1_misalign_test_vector = {
> +	.crypto_algo = RTE_CRYPTO_CIPHER_3DES_CBC,
> +	.cipher_len = 511,
> +	.cipher_key = {
> +		.data = {
> +			0xE4, 0x23, 0x33, 0x8A, 0x35, 0x64, 0x61, 0xE2,
> +			0x49, 0x03, 0xDD, 0xC6, 0xB8, 0xCA, 0x55, 0x7A
> +		},
> +		.len = 16
> +	},
> +	.iv = {
> +		.data = {
> +			0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07
> +		},
> +		.len = 8
> +	},
> +	.plaintext = {
> +		.data = plaintext_hash,
> +		.len = 511
> +	},
> +	.ciphertext = {
> +		.data = ciphertext512_des128cbc,
> +		.len = 511
> +	},
> +	.auth_algo = RTE_CRYPTO_AUTH_SHA1,
> +	.digest = {
> +		.data = {
> +			0x94, 0x45, 0x7B, 0xDF, 0xFE, 0x80, 0xB9, 0xA6,
> +			0xA0, 0x7A, 0xE8, 0x93, 0x40, 0x7B, 0x85, 0x02,
> +			0x1C, 0xD7, 0xE8, 0x87
> +		},
> +		.len = 20
> +	}
> +};
> +
>  static const struct test_crypto_vector
>  aes128cbc_hmac_sha1_aad_test_vector = {
>  	.crypto_algo = RTE_CRYPTO_CIPHER_AES_CBC,
> @@ -15058,7 +15280,7 @@
> test_authenticated_decryption_fail_when_corruption(
>  }
> 
>  static int
> -test_authenticated_encrypt_with_esn(
> +test_authenticated_encrypt(

Any specific reason of changing the name of this function in this patch.


>  		struct crypto_testsuite_params *ts_params,
>  		struct crypto_unittest_params *ut_params,
>  		const struct test_crypto_vector *reference)
> @@ -15159,7 +15381,7 @@ test_authenticated_encrypt_with_esn(
>  		ut_params->op = process_crypto_request(
>  			ts_params->valid_devs[0], ut_params->op);
> 
> -	TEST_ASSERT_NOT_NULL(ut_params->op, "no crypto operation
> returned");
> +	TEST_ASSERT_NOT_NULL(ut_params->op, "Failed crypto process, no
> operation returned");
> 
>  	TEST_ASSERT_EQUAL(ut_params->op->status,
> RTE_CRYPTO_OP_STATUS_SUCCESS,
>  			"crypto op processing failed");
> @@ -15191,7 +15413,7 @@ test_authenticated_encrypt_with_esn(
>  }
> 
>  static int
> -test_authenticated_decrypt_with_esn(
> +test_authenticated_decrypt(
>  		struct crypto_testsuite_params *ts_params,
>  		struct crypto_unittest_params *ut_params,
>  		const struct test_crypto_vector *reference)
> @@ -15291,7 +15513,7 @@ test_authenticated_decrypt_with_esn(
>  		ut_params->op = process_crypto_request(ts_params-
> >valid_devs[0],
>  			ut_params->op);
> 
> -	TEST_ASSERT_NOT_NULL(ut_params->op, "failed crypto process");
> +	TEST_ASSERT_NOT_NULL(ut_params->op, "Failed crypto process, no
> operation returned");
>  	TEST_ASSERT_EQUAL(ut_params->op->status,
>  			RTE_CRYPTO_OP_STATUS_SUCCESS,
>  			"crypto op processing passed");
> @@ -15850,7 +16072,7 @@
> auth_decryption_AES128CBC_HMAC_SHA1_fail_tag_corrupt(void)
>  static int
>  auth_encrypt_AES128CBC_HMAC_SHA1_esn_check(void)
>  {
> -	return test_authenticated_encrypt_with_esn(
> +	return test_authenticated_encrypt(
>  			&testsuite_params,
>  			&unittest_params,
>  			&aes128cbc_hmac_sha1_aad_test_vector);
> @@ -15859,12 +16081,48 @@
> auth_encrypt_AES128CBC_HMAC_SHA1_esn_check(void)
>  static int
>  auth_decrypt_AES128CBC_HMAC_SHA1_esn_check(void)
>  {
> -	return test_authenticated_decrypt_with_esn(
> +	return test_authenticated_decrypt(
>  			&testsuite_params,
>  			&unittest_params,
>  			&aes128cbc_hmac_sha1_aad_test_vector);
>  }
> 
> +static int
> +test_cipher_auth_encryption_fail_data_misalignment(const void *test_data)
> +{
> +	struct test_crypto_vector test_vector;
> +	int res;
> +
> +	memcpy(&test_vector, test_data, sizeof(test_vector));
> +	RTE_LOG(INFO, USER1, "This is a negative test, errors are expected\n");
> +	res = test_authenticated_encrypt(
> +			&testsuite_params,
> +			&unittest_params,
> +			&test_vector);
> +	if (res == TEST_SKIPPED)
> +		return res;
> +	TEST_ASSERT_EQUAL(res, TEST_FAILED, "encryption not failed");
> +	return TEST_SUCCESS;
> +}
> +
> +static int
> +test_cipher_auth_decryption_fail_data_misalignment(const void *test_data)
> +{
> +	struct test_crypto_vector test_vector;
> +	int res;
> +
> +	memcpy(&test_vector, test_data, sizeof(test_vector));
> +	RTE_LOG(INFO, USER1, "This is a negative test, errors are expected\n");
> +	res = test_authenticated_decrypt(
> +			&testsuite_params,
> +			&unittest_params,
> +			&test_vector);
> +	if (res == TEST_SKIPPED)
> +		return res;
> +	TEST_ASSERT_EQUAL(res, TEST_FAILED, "decryption not failed");
> +	return TEST_SUCCESS;
> +}
> +
>  static int
>  test_chacha20_poly1305_encrypt_test_case_rfc8439(void)
>  {
> @@ -16675,6 +16933,56 @@ static struct unit_test_suite
> cryptodev_negative_hmac_sha1_testsuite = {
>  	}
>  };
> 
> +static struct unit_test_suite
> cryptodev_negative_input_buffer_misalignment_testsuite = {
> +	.suite_name = "Negative Input buffer misalignment Unit Test Suite",
> +	.setup = negative_input_buffer_misalignment_testsuite_setup,
> +	.unit_test_cases = {
> +		/** Negative tests */
> +		TEST_CASE_NAMED_WITH_DATA(
> +			"3DES128 CBC SHA1 auth encryption negative test for
> data misalignment",
> +			ut_setup, ut_teardown,
> +			test_cipher_auth_encryption_fail_data_misalignment,
> +			&triple_des128cbc_sha1_misalign_test_vector),
> +		TEST_CASE_NAMED_WITH_DATA(
> +			"3DES128 CBC SHA1 auth decryption negative test for
> data misalignment",
> +			ut_setup, ut_teardown,
> +			test_cipher_auth_decryption_fail_data_misalignment,
> +			&triple_des128cbc_sha1_misalign_test_vector),
> +		TEST_CASE_NAMED_WITH_DATA(
> +			"AES128 CBC SHA256 auth encryption negative test for
> data misalignment",
> +			ut_setup, ut_teardown,
> +			test_cipher_auth_encryption_fail_data_misalignment,
> +			&aes128cbc_sha256_misalign_test_vector),
> +		TEST_CASE_NAMED_WITH_DATA(
> +			"AES128 CBC SHA256 auth decryption negative test for
> data misalignment",
> +			ut_setup, ut_teardown,
> +			test_cipher_auth_decryption_fail_data_misalignment,
> +			&aes128cbc_sha256_misalign_test_vector),
> +		TEST_CASE_NAMED_WITH_DATA(
> +			"AES192 CBC SHA256 auth encryption negative test for
> data misalignment",
> +			ut_setup, ut_teardown,
> +			test_cipher_auth_encryption_fail_data_misalignment,
> +			&aes192cbc_sha256_misalign_test_vector),
> +		TEST_CASE_NAMED_WITH_DATA(
> +			"AES192 CBC SHA256 auth decryption negative test for
> data misalignment",
> +			ut_setup, ut_teardown,
> +			test_cipher_auth_decryption_fail_data_misalignment,
> +			&aes192cbc_sha256_misalign_test_vector),
> +		TEST_CASE_NAMED_WITH_DATA(
> +			"AES256 CBC SHA256 auth encryption negative test for
> data misalignment",
> +			ut_setup, ut_teardown,
> +			test_cipher_auth_encryption_fail_data_misalignment,
> +			&aes256cbc_sha256_misalign_test_vector),
> +		TEST_CASE_NAMED_WITH_DATA(
> +			"AES256 CBC SHA256 auth decryption negative test for
> data misalignment",
> +			ut_setup, ut_teardown,
> +			test_cipher_auth_decryption_fail_data_misalignment,
> +			&aes256cbc_sha256_misalign_test_vector),
> +
> +		TEST_CASES_END() /**< NULL terminate unit test array */
> +	}
> +};
> +
>  static struct unit_test_suite cryptodev_multi_session_testsuite = {
>  	.suite_name = "Multi Session Unit Test Suite",
>  	.setup = multi_session_testsuite_setup,
> @@ -17567,6 +17875,7 @@ run_cryptodev_testsuite(const char *pmd_name)
>  		&cryptodev_esn_testsuite,
>  		&cryptodev_negative_aes_gcm_testsuite,
>  		&cryptodev_negative_aes_gmac_testsuite,
> +		&cryptodev_negative_input_buffer_misalignment_testsuite,
>  		&cryptodev_mixed_cipher_hash_testsuite,
>  		&cryptodev_negative_hmac_sha1_testsuite,
>  		&cryptodev_gen_testsuite,
> diff --git a/app/test/test_cryptodev_aes_test_vectors.h
> b/app/test/test_cryptodev_aes_test_vectors.h
> index 7127156cc4..a026c2ae0e 100644
> --- a/app/test/test_cryptodev_aes_test_vectors.h
> +++ b/app/test/test_cryptodev_aes_test_vectors.h
> @@ -1533,6 +1533,33 @@ static const struct blockcipher_test_data
> aes_test_data_4 = {
>  	}
>  };
> 
> +/** AES-128-CBC Negative test vector */
> +static const struct blockcipher_test_data aes_128_cbc_misalign_test_data = {
> +	.crypto_algo = RTE_CRYPTO_CIPHER_AES_CBC,
> +	.cipher_key = {
> +		.data = {
> +			0xE4, 0x23, 0x33, 0x8A, 0x35, 0x64, 0x61, 0xE2,
> +			0x49, 0x03, 0xDD, 0xC6, 0xB8, 0xCA, 0x55, 0x7A
> +		},
> +		.len = 16
> +	},
> +	.iv = {
> +		.data = {
> +			0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
> +			0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F
> +		},
> +		.len = 16
> +	},
> +	.plaintext = {
> +		.data = plaintext_aes_common,
> +		.len = 511
> +	},
> +	.ciphertext = {
> +		.data = ciphertext512_aes128cbc,
> +		.len = 511
> +	},
> +};
> +
>  /** AES-128-CBC SHA1 test vector (Digest encrypted mode) */
>  static const struct blockcipher_test_data aes_test_data_4_digest_enc = {
>  	.crypto_algo = RTE_CRYPTO_CIPHER_AES_CBC,
> @@ -2000,6 +2027,33 @@ static const struct blockcipher_test_data
> aes_test_data_10 = {
>  	}
>  };
> 
> +/** AES-192-CBC neg test vector */
> +static const struct blockcipher_test_data aes_192_cbc_misalign_test_data = {
> +	.crypto_algo = RTE_CRYPTO_CIPHER_AES_CBC,
> +	.cipher_key = {
> +		.data = {
> +			0xE4, 0x23, 0x33, 0x8A, 0x35, 0x64, 0x61, 0xE2,
> +			0x49, 0x03, 0xDD, 0xC6, 0xB8, 0xCA, 0x55, 0x7A,
> +			0xD4, 0xC3, 0xA3, 0xAA, 0x33, 0x62, 0x61, 0xE0
> +		},
> +		.len = 24
> +	},
> +	.iv = {
> +		.data = {
> +			0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
> +			0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F
> +		},
> +		.len = 16
> +	},
> +	.plaintext = {
> +		.data = plaintext_aes_common,
> +		.len = 511
> +	},
> +	.ciphertext = {
> +		.data = ciphertext512_aes192cbc,
> +		.len = 511
> +	}
> +};
>  /** AES-192-CBC SHA1 test vector (Digest encrypted mode) */
>  static const struct blockcipher_test_data aes_test_data_10_digest_enc = {
>  	.crypto_algo = RTE_CRYPTO_CIPHER_AES_CBC,
> @@ -2212,6 +2266,35 @@ static const struct blockcipher_test_data
> aes_test_data_11 = {
>  	}
>  };
> 
> +/** AES-256-CBC neg test vector */
> +static const struct blockcipher_test_data aes_256_cbc_misalign_test_data = {
> +	.crypto_algo = RTE_CRYPTO_CIPHER_AES_CBC,
> +	.cipher_key = {
> +		.data = {
> +			0xE4, 0x23, 0x33, 0x8A, 0x35, 0x64, 0x61, 0xE2,
> +			0x49, 0x03, 0xDD, 0xC6, 0xB8, 0xCA, 0x55, 0x7A,
> +			0xD4, 0xC3, 0xA3, 0xAA, 0x33, 0x62, 0x61, 0xE0,
> +			0x37, 0x07, 0xB8, 0x23, 0xA2, 0xA3, 0xB5, 0x8D
> +		},
> +		.len = 32
> +	},
> +	.iv = {
> +		.data = {
> +			0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
> +			0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F
> +		},
> +		.len = 16
> +	},
> +	.plaintext = {
> +		.data = plaintext_aes_common,
> +		.len = 511
> +	},
> +	.ciphertext = {
> +		.data = ciphertext512_aes256cbc,
> +		.len = 511
> +	}
> +};
> +
>  /** AES-256-CBC SHA1 test vector (Digest encrypted mode) */
>  static const struct blockcipher_test_data aes_test_data_11_digest_enc = {
>  	.crypto_algo = RTE_CRYPTO_CIPHER_AES_CBC,
> @@ -5117,6 +5200,42 @@ static const struct blockcipher_test_case
> aes_cipheronly_test_cases[] = {
>  		.test_data = &aes_test_data_21,
>  		.op_mask = BLOCKCIPHER_TEST_OP_DECRYPT,
>  	},
> +	{
> +		.test_descr = "AES-128-CBC Encryption Negative Test for data
> misalignment",
> +		.test_data = &aes_128_cbc_misalign_test_data,
> +		.op_mask = BLOCKCIPHER_TEST_OP_ENCRYPT,
> +		.feature_mask = BLOCKCIPHER_TEST_NEG_TEST,
> +	},
> +	{
> +		.test_descr = "AES-192-CBC Encryption Negative Test for data
> misalignment",
> +		.test_data = &aes_192_cbc_misalign_test_data,
> +		.op_mask = BLOCKCIPHER_TEST_OP_ENCRYPT,
> +		.feature_mask = BLOCKCIPHER_TEST_NEG_TEST,
> +	},
> +	{
> +		.test_descr = "AES-256-CBC Encryption Negative Test for data
> misalignment",
> +		.test_data = &aes_256_cbc_misalign_test_data,
> +		.op_mask = BLOCKCIPHER_TEST_OP_ENCRYPT,
> +		.feature_mask = BLOCKCIPHER_TEST_NEG_TEST,
> +	},
> +	{
> +		.test_descr = "AES-128-CBC Decryption Negative Test for data
> misalignment",
> +		.test_data = &aes_128_cbc_misalign_test_data,
> +		.op_mask = BLOCKCIPHER_TEST_OP_DECRYPT,
> +		.feature_mask = BLOCKCIPHER_TEST_NEG_TEST,
> +	},
> +	{
> +		.test_descr = "AES-192-CBC Decryption Negative Test for data
> misalignment",
> +		.test_data = &aes_192_cbc_misalign_test_data,
> +		.op_mask = BLOCKCIPHER_TEST_OP_DECRYPT,
> +		.feature_mask = BLOCKCIPHER_TEST_NEG_TEST,
> +	},
> +	{
> +		.test_descr = "AES-256-CBC Decryption Negative Test for data
> misalignment",
> +		.test_data = &aes_256_cbc_misalign_test_data,
> +		.op_mask = BLOCKCIPHER_TEST_OP_DECRYPT,
> +		.feature_mask = BLOCKCIPHER_TEST_NEG_TEST,
> +	},
>  };
> 
>  static const struct blockcipher_test_case aes_docsis_test_cases[] = {
> diff --git a/app/test/test_cryptodev_blockcipher.c
> b/app/test/test_cryptodev_blockcipher.c
> index 87a321fac3..afd5fd2f2e 100644
> --- a/app/test/test_cryptodev_blockcipher.c
> +++ b/app/test/test_cryptodev_blockcipher.c
> @@ -100,6 +100,7 @@ test_blockcipher_one_case(const struct
> blockcipher_test_case *t,
>  	int nb_segs_out = 1;
>  	uint64_t sgl_type = t->sgl_flag;
>  	uint32_t nb_iterates = 0;
> +	bool validNegTestResult = false;
> 
>  	rte_cryptodev_info_get(dev_id, &dev_info);
>  	uint64_t feat_flags = dev_info.feature_flags;
> @@ -606,6 +607,8 @@ test_blockcipher_one_case(const struct
> blockcipher_test_case *t,
>  			snprintf(test_msg, BLOCKCIPHER_TEST_MSG_LEN, "line
> %u "
>  				"FAILED: Operation failed "
>  				"(0x%X)", __LINE__, op->status);
> +		if (t->feature_mask & BLOCKCIPHER_TEST_NEG_TEST)
> +			validNegTestResult = true;
>  		status = TEST_FAILED;
>  		goto error_exit;
>  	}
> @@ -636,6 +639,8 @@ test_blockcipher_one_case(const struct
> blockcipher_test_case *t,
>  				"FAILED: %s", __LINE__,
>  				"Crypto data not as expected");
>  			status = TEST_FAILED;
> +			if (t->feature_mask & BLOCKCIPHER_TEST_NEG_TEST)
> +				validNegTestResult = true;
>  			goto error_exit;
>  		}
>  	}
> @@ -655,6 +660,8 @@ test_blockcipher_one_case(const struct
> blockcipher_test_case *t,
>  					"FAILED: %s", __LINE__, "Generated "
>  					"digest data not as expected");
>  				status = TEST_FAILED;
> +				if (t->feature_mask &
> BLOCKCIPHER_TEST_NEG_TEST)
> +					validNegTestResult = true;
>  				goto error_exit;
>  			}
>  		}
> @@ -806,10 +813,19 @@ test_blockcipher_one_case(const struct
> blockcipher_test_case *t,
>  			}
>  		}
>  	}
> -
> -	snprintf(test_msg, BLOCKCIPHER_TEST_MSG_LEN, "PASS");
> +	if ((status == TEST_SUCCESS) &&
> +		((t->feature_mask & BLOCKCIPHER_TEST_NEG_TEST) ||
> (validNegTestResult))) {
> +		snprintf(test_msg, BLOCKCIPHER_TEST_MSG_LEN, "FAIL");
> +		status = TEST_FAILED;
> +	} else {
> +		snprintf(test_msg, BLOCKCIPHER_TEST_MSG_LEN, "PASS");
> +	}
> 
>  error_exit:
> +	if (validNegTestResult) {
> +		snprintf(test_msg, BLOCKCIPHER_TEST_MSG_LEN, "PASS");
> +		status = TEST_SUCCESS;
> +	}
>  	if (!(t->feature_mask & BLOCKCIPHER_TEST_FEATURE_SESSIONLESS)) {
>  		if (sess)
>  			rte_cryptodev_sym_session_free(dev_id, sess);
> diff --git a/app/test/test_cryptodev_blockcipher.h
> b/app/test/test_cryptodev_blockcipher.h
> index e6f6c18067..b4d890d8cc 100644
> --- a/app/test/test_cryptodev_blockcipher.h
> +++ b/app/test/test_cryptodev_blockcipher.h
> @@ -20,6 +20,7 @@
>  #define BLOCKCIPHER_TEST_FEATURE_STOPPER	0x04 /* stop upon
> failing */
>  #define BLOCKCIPHER_TEST_FEATURE_SG		0x08 /* Scatter Gather
> */
>  #define BLOCKCIPHER_TEST_FEATURE_DIGEST_ENCRYPTED	0x10
> +#define BLOCKCIPHER_TEST_NEG_TEST	0x80 /* MSB Bit is set for
> negative test */
> 
>  #define BLOCKCIPHER_TEST_OP_CIPHER
> 	(BLOCKCIPHER_TEST_OP_ENCRYPT | \
>  					BLOCKCIPHER_TEST_OP_DECRYPT)
> diff --git a/app/test/test_cryptodev_des_test_vectors.h
> b/app/test/test_cryptodev_des_test_vectors.h
> index 3ded90b6d4..9921b77501 100644
> --- a/app/test/test_cryptodev_des_test_vectors.h
> +++ b/app/test/test_cryptodev_des_test_vectors.h
> @@ -541,6 +541,32 @@ triple_des128cbc_test_vector = {
>  	}
>  };
> 
> +static const struct blockcipher_test_data
> +triple_des128cbc_misalign_test_vector = {
> +	.crypto_algo = RTE_CRYPTO_CIPHER_3DES_CBC,
> +	.cipher_key = {
> +		.data = {
> +			0xE4, 0x23, 0x33, 0x8A, 0x35, 0x64, 0x61, 0xE2,
> +			0x49, 0x03, 0xDD, 0xC6, 0xB8, 0xCA, 0x55, 0x7A
> +		},
> +		.len = 16
> +	},
> +	.iv = {
> +		.data = {
> +			0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07
> +		},
> +		.len = 8
> +	},
> +	.plaintext = {
> +		.data = plaintext_des,
> +		.len = 511
> +	},
> +	.ciphertext = {
> +		.data = ciphertext512_des128cbc,
> +		.len = 511
> +	}
> +};
> +
>  static const struct blockcipher_test_data
>  triple_des128cbc_sha1_test_vector = {
>  	.crypto_algo = RTE_CRYPTO_CIPHER_3DES_CBC,
> @@ -1183,6 +1209,18 @@ static const struct blockcipher_test_case
> triple_des_cipheronly_test_cases[] = {
>  		.test_descr = "3DES-192-CTR Decryption",
>  		.test_data = &triple_des192ctr_test_vector,
>  		.op_mask = BLOCKCIPHER_TEST_OP_DECRYPT,
> +	},
> +	{
> +		.test_descr = "3DES-128-CBC Encryption Negative Test for data
> misalignment",
> +		.test_data = &triple_des128cbc_misalign_test_vector,
> +		.op_mask = BLOCKCIPHER_TEST_OP_ENCRYPT,
> +		.feature_mask = BLOCKCIPHER_TEST_NEG_TEST,
> +	},
> +	{
> +		.test_descr = "3DES-128-CBC Decryption Negative Test for data
> misalignment",
> +		.test_data = &triple_des128cbc_misalign_test_vector,
> +		.op_mask = BLOCKCIPHER_TEST_OP_DECRYPT,
> +		.feature_mask = BLOCKCIPHER_TEST_NEG_TEST,
>  	}
>  };
> 
> --
> 2.25.1
  

Hi Akhil,


> -----Original Message-----
> From: Akhil Goyal <gakhil@marvell.com>
> Sent: Monday, November 13, 2023 12:31 PM
> To: Sivaramakrishnan, VenkatX <venkatx.sivaramakrishnan@intel.com>; Fan
> Zhang <fanzhang.oss@gmail.com>
> Cc: dev@dpdk.org; stable@dpdk.org
> Subject: RE: [EXT] [PATCH 2/2] test/crypto: add negative test cases for cipher
> buffer alignment
> 
> > add negative test cases for 3DES CBC and AES CBC cipher algorithms for
> > buffer misalignment
> >
> > Signed-off-by: Sivaramakrishnan Venkat
> > <venkatx.sivaramakrishnan@intel.com>
> > ---
> >  app/test/test_cryptodev.c                  | 321 ++++++++++++++++++++-
> >  app/test/test_cryptodev_aes_test_vectors.h | 119 ++++++++
> >  app/test/test_cryptodev_blockcipher.c      |  20 +-
> >  app/test/test_cryptodev_blockcipher.h      |   1 +
> >  app/test/test_cryptodev_des_test_vectors.h |  38 +++
> >  5 files changed, 491 insertions(+), 8 deletions(-)
> >
> > diff --git a/app/test/test_cryptodev.c b/app/test/test_cryptodev.c
> > index d2c4c6f8b5..12e0cf8044 100644
> > --- a/app/test/test_cryptodev.c
> > +++ b/app/test/test_cryptodev.c
> > @@ -1371,6 +1371,42 @@ negative_hmac_sha1_testsuite_setup(void)
> >  	return 0;
> >  }
> >
> > +static int
> > +negative_input_buffer_misalignment_testsuite_setup(void)
> > +{
> > +	struct crypto_testsuite_params *ts_params = &testsuite_params;
> > +	uint8_t dev_id = ts_params->valid_devs[0];
> > +	struct rte_cryptodev_info dev_info;
> > +	const enum rte_crypto_cipher_algorithm ciphers[] = {
> > +		RTE_CRYPTO_CIPHER_3DES_CBC,
> > +		RTE_CRYPTO_CIPHER_AES_CBC
> > +	};
> > +	const enum rte_crypto_auth_algorithm auths[] = {
> > +		RTE_CRYPTO_AUTH_SHA256,
> > +		RTE_CRYPTO_AUTH_SHA256,
> > +	};
> > +
> > +	rte_cryptodev_info_get(dev_id, &dev_info);
> > +
> > +	if (!(dev_info.feature_flags &
> > RTE_CRYPTODEV_FF_SYMMETRIC_CRYPTO) ||
> > +			((global_api_test_type ==
> CRYPTODEV_RAW_API_TEST)
> > &&
> > +			!(dev_info.feature_flags &
> > RTE_CRYPTODEV_FF_SYM_RAW_DP))) {
> > +		RTE_LOG(INFO, USER1, "Feature flag requirements for
> Negative
> > "
> > +				"Input Buffer misalignment testsuite not
> > met\n");
> > +		return TEST_SKIPPED;
> > +	}
> > +
> > +	if (check_cipher_capabilities_supported(ciphers, RTE_DIM(ciphers))
> != 0
> > +			&& check_auth_capabilities_supported(auths,
> > +			RTE_DIM(auths)) != 0) {
> > +		RTE_LOG(INFO, USER1, "Capability requirements for Negative
> "
> > +				"Input Buffer misalignment testsuite not
> > met\n");
> > +		return TEST_SKIPPED;
> > +	}
> > +
> > +	return 0;
> > +}
> > +
> >  static int
> >  dev_configure_and_start(uint64_t ff_disable)  { @@ -14469,6
> > +14505,192 @@ aes128cbc_hmac_sha1_test_vector = {
> >  	}
> >  };
> >
> > +static const struct test_crypto_vector
> > +aes128cbc_sha256_misalign_test_vector = {
> > +	.crypto_algo = RTE_CRYPTO_CIPHER_AES_CBC,
> > +	.cipher_offset = 0,
> > +	.cipher_len = 511,
> > +	.cipher_key = {
> > +		.data = {
> > +			0xE4, 0x23, 0x33, 0x8A, 0x35, 0x64, 0x61, 0xE2,
> > +			0x49, 0x03, 0xDD, 0xC6, 0xB8, 0xCA, 0x55, 0x7A
> > +		},
> > +		.len = 16
> > +	},
> > +	.iv = {
> > +		.data = {
> > +			0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
> > +			0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F
> > +		},
> > +		.len = 16
> > +	},
> > +	.plaintext = {
> > +		.data = plaintext_aes_common,
> > +		.len = 511
> > +	},
> > +	.ciphertext = {
> > +		.data = ciphertext512_aes128cbc,
> > +		.len = 511
> > +	},
> > +	.auth_algo = RTE_CRYPTO_AUTH_SHA256,
> > +	.auth_offset = 0,
> > +	.auth_key = {
> > +		.data = {
> > +			0x42, 0x1A, 0x7D, 0x3D, 0xF5, 0x82, 0x80, 0xF1,
> > +			0xF1, 0x35, 0x5C, 0x3B, 0xDD, 0x9A, 0x65, 0xBA,
> > +			0x58, 0x34, 0x85, 0x61, 0x1C, 0x42, 0x10, 0x76,
> > +			0x9A, 0x4F, 0x88, 0x1B, 0xB6, 0x8F, 0xD8, 0x60
> > +		},
> > +		.len = 32
> > +	},
> > +	.digest = {
> > +		.data = {
> > +			0xA8, 0xBC, 0xDB, 0x99, 0xAA, 0x45, 0x91, 0xA3,
> > +			0x2D, 0x75, 0x41, 0x92, 0x28, 0x01, 0x87, 0x5D,
> > +			0x45, 0xED, 0x49, 0x05, 0xD3, 0xAE, 0x32, 0x57,
> > +			0xB7, 0x79, 0x65, 0xFC, 0xFA, 0x6C, 0xFA, 0xDF
> > +		},
> > +		.len = 32
> > +	}
> > +};
> 
> Why are the vectors added in .c file?
> 
We will move the tests to blockcipher test vectors and put in test vector header files with others.
> 

<snip>
> > +
> >  static const struct test_crypto_vector
> > aes128cbc_hmac_sha1_aad_test_vector = {
> >  	.crypto_algo = RTE_CRYPTO_CIPHER_AES_CBC, @@ -15058,7
> +15280,7 @@
> > test_authenticated_decryption_fail_when_corruption(
> >  }
> >
> >  static int
> > -test_authenticated_encrypt_with_esn(
> > +test_authenticated_encrypt(
> 
> Any specific reason of changing the name of this function in this patch.
>  


Renamed so that we could reuse with these tests and not just the ESN tests.
For the next version, as tests are moved to blockcipher test functions, this change is no longer needed.

> 
> >  		struct crypto_testsuite_params *ts_params,
> >  		struct crypto_unittest_params *ut_params,
> >  		const struct test_crypto_vector *reference) @@ -15159,7
> +15381,7 @@

<snip>

more work is needed on the tests so will drop this patch for 23.11.
Will send a new version of QAT patch Today.

Thanks,
Venkat.