[2/2] app/test-crypto-perf: fix encrypt operation verify
Checks
Commit Message
AEAD users RTE_CRYPTO_AEAD_OP_* with aead_op and CIPHER uses
RTE_CRYPTO_CIPHER_OP_* with cipher_op in current code.
This commit aligns aead_op and cipher_op operation to fix
incorrect AEAD verification.
Fixes: df52cb3b6e13 ("app/crypto-perf: move verify as single test type")
Signed-off-by: Suanming Mou <suanmingm@nvidia.com>
---
app/test-crypto-perf/cperf_test_verify.c | 9 +++++++--
1 file changed, 7 insertions(+), 2 deletions(-)
Comments
Hi Suanming,
Please see inline.
Thanks,
Anoob
> -----Original Message-----
> From: Suanming Mou <suanmingm@nvidia.com>
> Sent: Wednesday, January 3, 2024 9:26 AM
> To: Ciara Power <ciara.power@intel.com>
> Cc: dev@dpdk.org
> Subject: [EXT] [PATCH 2/2] app/test-crypto-perf: fix encrypt operation verify
>
> External Email
>
> ----------------------------------------------------------------------
> AEAD users RTE_CRYPTO_AEAD_OP_* with aead_op and CIPHER uses
[Anoob] users -> uses
> RTE_CRYPTO_CIPHER_OP_* with cipher_op in current code.
>
> This commit aligns aead_op and cipher_op operation to fix incorrect AEAD
> verification.
>
> Fixes: df52cb3b6e13 ("app/crypto-perf: move verify as single test type")
>
> Signed-off-by: Suanming Mou <suanmingm@nvidia.com>
> ---
> app/test-crypto-perf/cperf_test_verify.c | 9 +++++++--
> 1 file changed, 7 insertions(+), 2 deletions(-)
>
> diff --git a/app/test-crypto-perf/cperf_test_verify.c b/app/test-crypto-
> perf/cperf_test_verify.c
> index 8aa714b969..525a2b1373 100644
> --- a/app/test-crypto-perf/cperf_test_verify.c
> +++ b/app/test-crypto-perf/cperf_test_verify.c
> @@ -113,6 +113,7 @@ cperf_verify_op(struct rte_crypto_op *op,
> uint8_t *data;
> uint32_t cipher_offset, auth_offset;
> uint8_t cipher, auth;
> + bool is_encrypt = false;
> int res = 0;
>
> if (op->status != RTE_CRYPTO_OP_STATUS_SUCCESS) @@ -154,12
> +155,14 @@ cperf_verify_op(struct rte_crypto_op *op,
> cipher_offset = 0;
> auth = 0;
> auth_offset = 0;
> + is_encrypt = options->cipher_op ==
> RTE_CRYPTO_CIPHER_OP_ENCRYPT;
> break;
> case CPERF_CIPHER_THEN_AUTH:
> cipher = 1;
> cipher_offset = 0;
> auth = 1;
> auth_offset = options->test_buffer_size;
> + is_encrypt = options->cipher_op ==
> RTE_CRYPTO_CIPHER_OP_ENCRYPT;
> break;
> case CPERF_AUTH_ONLY:
> cipher = 0;
> @@ -172,12 +175,14 @@ cperf_verify_op(struct rte_crypto_op *op,
> cipher_offset = 0;
> auth = 1;
> auth_offset = options->test_buffer_size;
> + is_encrypt = options->cipher_op ==
> RTE_CRYPTO_CIPHER_OP_ENCRYPT;
> break;
> case CPERF_AEAD:
> cipher = 1;
> cipher_offset = 0;
> - auth = 1;
> + auth = options->aead_op == RTE_CRYPTO_AEAD_OP_ENCRYPT;
> auth_offset = options->test_buffer_size;
> + is_encrypt = !!auth;
> break;
> default:
> res = 1;
> @@ -185,7 +190,7 @@ cperf_verify_op(struct rte_crypto_op *op,
> }
>
> if (cipher == 1) {
> - if (options->cipher_op == RTE_CRYPTO_CIPHER_OP_ENCRYPT)
> + if (is_encrypt)
[Anoob] A similar check is there under 'auth == 1' check, right? Won't that also need fixing?
if (auth == 1) {
if (options->auth_op == RTE_CRYPTO_AUTH_OP_GENERATE)
I think some renaming of the local variables might make code better.
bool cipher, digest_verify = false, is_encrypt = false;
case CPERF_CIPHER_THEN_AUTH:
cipher = true;
cipher_offset = 0;
if (options->cipher_op == RTE_CRYPTO_CIPHER_OP_ENCRYPT) {
is_encrypt = true;
digest_verify = true; /* Assumption - options->auth_op == RTE_CRYPTO_AUTH_OP_GENERATE is verified elsewhere */
auth_offset = options->test_buffer_size;
}
break;
<...>
case CPERF_AEAD:
cipher = true;
cipher_offset = 0;
if (options->aead_op == RTE_CRYPTO_AEAD_OP_ENCRYPT) {
is_encrypt = true;
digest_verify = true;
auth_offset = options->test_buffer_size;
}
What do you think?
> res += !!memcmp(data + cipher_offset,
> vector->ciphertext.data,
> options->test_buffer_size);
> --
> 2.34.1
Hi,
> -----Original Message-----
> From: Anoob Joseph <anoobj@marvell.com>
> Sent: Thursday, January 4, 2024 1:13 PM
> To: Suanming Mou <suanmingm@nvidia.com>; Ciara Power
> <ciara.power@intel.com>
> Cc: dev@dpdk.org
> Subject: RE: [EXT] [PATCH 2/2] app/test-crypto-perf: fix encrypt operation verify
>
> Hi Suanming,
>
> Please see inline.
>
> Thanks,
> Anoob
>
> > -----Original Message-----
> > From: Suanming Mou <suanmingm@nvidia.com>
> > Sent: Wednesday, January 3, 2024 9:26 AM
> > To: Ciara Power <ciara.power@intel.com>
> > Cc: dev@dpdk.org
> > Subject: [EXT] [PATCH 2/2] app/test-crypto-perf: fix encrypt operation
> > verify
> >
> > External Email
> >
> > ----------------------------------------------------------------------
> > AEAD users RTE_CRYPTO_AEAD_OP_* with aead_op and CIPHER uses
> [Anoob] users -> uses
>
> > RTE_CRYPTO_CIPHER_OP_* with cipher_op in current code.
> >
> > This commit aligns aead_op and cipher_op operation to fix incorrect
> > AEAD verification.
> >
> > Fixes: df52cb3b6e13 ("app/crypto-perf: move verify as single test
> > type")
> >
> > Signed-off-by: Suanming Mou <suanmingm@nvidia.com>
> > ---
> > app/test-crypto-perf/cperf_test_verify.c | 9 +++++++--
> > 1 file changed, 7 insertions(+), 2 deletions(-)
> >
> > diff --git a/app/test-crypto-perf/cperf_test_verify.c
> > b/app/test-crypto- perf/cperf_test_verify.c index
> > 8aa714b969..525a2b1373 100644
> > --- a/app/test-crypto-perf/cperf_test_verify.c
> > +++ b/app/test-crypto-perf/cperf_test_verify.c
> > @@ -113,6 +113,7 @@ cperf_verify_op(struct rte_crypto_op *op,
> > uint8_t *data;
> > uint32_t cipher_offset, auth_offset;
> > uint8_t cipher, auth;
> > + bool is_encrypt = false;
> > int res = 0;
> >
> > if (op->status != RTE_CRYPTO_OP_STATUS_SUCCESS) @@ -154,12
> > +155,14 @@ cperf_verify_op(struct rte_crypto_op *op,
> > cipher_offset = 0;
> > auth = 0;
> > auth_offset = 0;
> > + is_encrypt = options->cipher_op ==
> > RTE_CRYPTO_CIPHER_OP_ENCRYPT;
> > break;
> > case CPERF_CIPHER_THEN_AUTH:
> > cipher = 1;
> > cipher_offset = 0;
> > auth = 1;
> > auth_offset = options->test_buffer_size;
> > + is_encrypt = options->cipher_op ==
> > RTE_CRYPTO_CIPHER_OP_ENCRYPT;
> > break;
> > case CPERF_AUTH_ONLY:
> > cipher = 0;
> > @@ -172,12 +175,14 @@ cperf_verify_op(struct rte_crypto_op *op,
> > cipher_offset = 0;
> > auth = 1;
> > auth_offset = options->test_buffer_size;
> > + is_encrypt = options->cipher_op ==
> > RTE_CRYPTO_CIPHER_OP_ENCRYPT;
> > break;
> > case CPERF_AEAD:
> > cipher = 1;
> > cipher_offset = 0;
> > - auth = 1;
> > + auth = options->aead_op == RTE_CRYPTO_AEAD_OP_ENCRYPT;
> > auth_offset = options->test_buffer_size;
> > + is_encrypt = !!auth;
> > break;
> > default:
> > res = 1;
> > @@ -185,7 +190,7 @@ cperf_verify_op(struct rte_crypto_op *op,
> > }
> >
> > if (cipher == 1) {
> > - if (options->cipher_op == RTE_CRYPTO_CIPHER_OP_ENCRYPT)
> > + if (is_encrypt)
>
> [Anoob] A similar check is there under 'auth == 1' check, right? Won't that also
> need fixing?
>
> if (auth == 1) {
> if (options->auth_op == RTE_CRYPTO_AUTH_OP_GENERATE)
>
> I think some renaming of the local variables might make code better.
> bool cipher, digest_verify = false, is_encrypt = false;
>
> case CPERF_CIPHER_THEN_AUTH:
> cipher = true;
> cipher_offset = 0;
> if (options->cipher_op == RTE_CRYPTO_CIPHER_OP_ENCRYPT) {
> is_encrypt = true;
> digest_verify = true; /* Assumption - options->auth_op
> == RTE_CRYPTO_AUTH_OP_GENERATE is verified elsewhere */
> auth_offset = options->test_buffer_size;
> }
> break;
> <...>
> case CPERF_AEAD:
> cipher = true;
> cipher_offset = 0;
> if (options->aead_op == RTE_CRYPTO_AEAD_OP_ENCRYPT) {
> is_encrypt = true;
> digest_verify = true;
> auth_offset = options->test_buffer_size;
> }
>
> What do you think?
Yes, so we can totally remove the auth for now. I will do that. Thanks for the suggestion.
>
> > res += !!memcmp(data + cipher_offset,
> > vector->ciphertext.data,
> > options->test_buffer_size);
> > --
> > 2.34.1
@@ -113,6 +113,7 @@ cperf_verify_op(struct rte_crypto_op *op,
uint8_t *data;
uint32_t cipher_offset, auth_offset;
uint8_t cipher, auth;
+ bool is_encrypt = false;
int res = 0;
if (op->status != RTE_CRYPTO_OP_STATUS_SUCCESS)
@@ -154,12 +155,14 @@ cperf_verify_op(struct rte_crypto_op *op,
cipher_offset = 0;
auth = 0;
auth_offset = 0;
+ is_encrypt = options->cipher_op == RTE_CRYPTO_CIPHER_OP_ENCRYPT;
break;
case CPERF_CIPHER_THEN_AUTH:
cipher = 1;
cipher_offset = 0;
auth = 1;
auth_offset = options->test_buffer_size;
+ is_encrypt = options->cipher_op == RTE_CRYPTO_CIPHER_OP_ENCRYPT;
break;
case CPERF_AUTH_ONLY:
cipher = 0;
@@ -172,12 +175,14 @@ cperf_verify_op(struct rte_crypto_op *op,
cipher_offset = 0;
auth = 1;
auth_offset = options->test_buffer_size;
+ is_encrypt = options->cipher_op == RTE_CRYPTO_CIPHER_OP_ENCRYPT;
break;
case CPERF_AEAD:
cipher = 1;
cipher_offset = 0;
- auth = 1;
+ auth = options->aead_op == RTE_CRYPTO_AEAD_OP_ENCRYPT;
auth_offset = options->test_buffer_size;
+ is_encrypt = !!auth;
break;
default:
res = 1;
@@ -185,7 +190,7 @@ cperf_verify_op(struct rte_crypto_op *op,
}
if (cipher == 1) {
- if (options->cipher_op == RTE_CRYPTO_CIPHER_OP_ENCRYPT)
+ if (is_encrypt)
res += !!memcmp(data + cipher_offset,
vector->ciphertext.data,
options->test_buffer_size);