From patchwork Fri Jun 7 10:05:58 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Damian Nowak X-Patchwork-Id: 54530 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@dpdk.org Delivered-To: patchwork@dpdk.org Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id 3D2B91B9B6; Fri, 7 Jun 2019 12:09:33 +0200 (CEST) Received: from mga01.intel.com (mga01.intel.com [192.55.52.88]) by dpdk.org (Postfix) with ESMTP id 8905F1B9AB for ; Fri, 7 Jun 2019 12:09:29 +0200 (CEST) X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by fmsmga101.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 07 Jun 2019 03:09:29 -0700 X-ExtLoop1: 1 Received: from damiannx-mobl1.ger.corp.intel.com ([10.103.104.100]) by fmsmga001.fm.intel.com with ESMTP; 07 Jun 2019 03:09:28 -0700 From: Damian Nowak To: dev@dpdk.org Cc: fiona.trahe@intel.com, arkadiuszx.kusztal@intel.com, Damian Nowak Date: Fri, 7 Jun 2019 12:05:58 +0200 Message-Id: <20190607100608.16212-2-damianx.nowak@intel.com> X-Mailer: git-send-email 2.21.0.windows.1 In-Reply-To: <20190607100608.16212-1-damianx.nowak@intel.com> References: <20190603145048.2596-1-damianx.nowak@intel.com> <20190607100608.16212-1-damianx.nowak@intel.com> MIME-Version: 1.0 Subject: [dpdk-dev] [PATCH v2 01/10] cryptodev: document usage of digest-appended operations X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" This patch explains what are the conditions and how to use digest appended for auth-cipher operations. Signed-off-by: Damian Nowak --- lib/librte_cryptodev/rte_crypto_sym.h | 43 +++++++++++++++++++++++++++++++++++ 1 file changed, 43 insertions(+) diff --git a/lib/librte_cryptodev/rte_crypto_sym.h b/lib/librte_cryptodev/rte_crypto_sym.h index c80e90e..b211bf5 100644 --- a/lib/librte_cryptodev/rte_crypto_sym.h +++ b/lib/librte_cryptodev/rte_crypto_sym.h @@ -662,6 +662,49 @@ struct rte_crypto_sym_op { * physically contiguous memory at this * location. * + * @note + * Digest can be generated, appended to + * the end of raw data and encrypted + * together using chained digest + * generation + * (@ref RTE_CRYPTO_AUTH_OP_GENERATE) + * and encryption + * (@ref RTE_CRYPTO_CIPHER_OP_ENCRYPT) + * xforms. Similarly, authentication + * of the raw data against appended, + * decrypted digest, can be performed + * using decryption + * (@ref RTE_CRYPTO_CIPHER_OP_DECRYPT) + * and digest verification + * (@ref RTE_CRYPTO_AUTH_OP_VERIFY) + * chained xforms. + * To perform those operations, a few + * additional conditions must be met: + * - caller must allocate at least + * digest_length of memory at the end of + * source and (in case of out-of-place + * operations) destination buffer; those + * buffers can be linear or split using + * scatter-gather lists, + * - digest data pointer must point to + * the end of source or (in case of + * out-of-place operations) destination + * data, which is pointer to the raw + * data buffer + auth.data.offset + + * auth.data.length, + * - cipher.data.offset + + * cipher.data.length must be greater + * than auth.data.offset + + * auth.data.length and is typically + * equal to auth.data.offset + + * auth.data.length + digest_length. + * + * Note, that for security reasons, it + * is PMDs' responsibility to not + * leave an unencrypted digest in any + * buffer after performing auth-cipher + * operations. + * * For digest generation, the digest result * will overwrite any data at this location. * From patchwork Fri Jun 7 10:05:59 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Damian Nowak X-Patchwork-Id: 54531 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@dpdk.org Delivered-To: patchwork@dpdk.org Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id AEFD31B9C1; Fri, 7 Jun 2019 12:09:35 +0200 (CEST) Received: from mga01.intel.com (mga01.intel.com [192.55.52.88]) by dpdk.org (Postfix) with ESMTP id F2FF31B9B3 for ; Fri, 7 Jun 2019 12:09:30 +0200 (CEST) X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by fmsmga101.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 07 Jun 2019 03:09:30 -0700 X-ExtLoop1: 1 Received: from damiannx-mobl1.ger.corp.intel.com ([10.103.104.100]) by fmsmga001.fm.intel.com with ESMTP; 07 Jun 2019 03:09:29 -0700 From: Damian Nowak To: dev@dpdk.org Cc: fiona.trahe@intel.com, arkadiuszx.kusztal@intel.com, Damian Nowak Date: Fri, 7 Jun 2019 12:05:59 +0200 Message-Id: <20190607100608.16212-3-damianx.nowak@intel.com> X-Mailer: git-send-email 2.21.0.windows.1 In-Reply-To: <20190607100608.16212-1-damianx.nowak@intel.com> References: <20190603145048.2596-1-damianx.nowak@intel.com> <20190607100608.16212-1-damianx.nowak@intel.com> MIME-Version: 1.0 Subject: [dpdk-dev] [PATCH v2 02/10] cryptodev: add digest encrypted feature flag X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" Some PMDs can only support digest being encrypted separately in auth-cipher operations. Thus it is required to add feature flag in PMD to reflect if it does support digest-appended both: digest generation with encryption and decryption with digest verification. Signed-off-by: Damian Nowak --- lib/librte_cryptodev/rte_cryptodev.c | 2 ++ lib/librte_cryptodev/rte_cryptodev.h | 2 ++ 2 files changed, 4 insertions(+) diff --git a/lib/librte_cryptodev/rte_cryptodev.c b/lib/librte_cryptodev/rte_cryptodev.c index 00c2cf4..f657192 100644 --- a/lib/librte_cryptodev/rte_cryptodev.c +++ b/lib/librte_cryptodev/rte_cryptodev.c @@ -490,6 +490,8 @@ rte_cryptodev_get_feature_name(uint64_t flag) return "RSA_PRIV_OP_KEY_EXP"; case RTE_CRYPTODEV_FF_RSA_PRIV_OP_KEY_QT: return "RSA_PRIV_OP_KEY_QT"; + case RTE_CRYPTODEV_FF_DIGEST_ENCRYPTED: + return "DIGEST_ENCRYPTED"; default: return NULL; } diff --git a/lib/librte_cryptodev/rte_cryptodev.h b/lib/librte_cryptodev/rte_cryptodev.h index 2d4f6d7..c0d406e 100644 --- a/lib/librte_cryptodev/rte_cryptodev.h +++ b/lib/librte_cryptodev/rte_cryptodev.h @@ -442,6 +442,8 @@ rte_cryptodev_asym_get_xform_enum(enum rte_crypto_asym_xform_type *xform_enum, /**< Support RSA Private Key OP with exponent */ #define RTE_CRYPTODEV_FF_RSA_PRIV_OP_KEY_QT (1ULL << 18) /**< Support RSA Private Key OP with CRT (quintuple) Keys */ +#define RTE_CRYPTODEV_FF_DIGEST_ENCRYPTED (1ULL << 19) +/**< Support digest appended auth-cipher operations */ /** From patchwork Fri Jun 7 10:06:00 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Damian Nowak X-Patchwork-Id: 54532 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@dpdk.org Delivered-To: patchwork@dpdk.org Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id D66421B9C7; Fri, 7 Jun 2019 12:09:38 +0200 (CEST) Received: from mga01.intel.com (mga01.intel.com [192.55.52.88]) by dpdk.org (Postfix) with ESMTP id 4A5281B9B4 for ; Fri, 7 Jun 2019 12:09:32 +0200 (CEST) X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by fmsmga101.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 07 Jun 2019 03:09:31 -0700 X-ExtLoop1: 1 Received: from damiannx-mobl1.ger.corp.intel.com ([10.103.104.100]) by fmsmga001.fm.intel.com with ESMTP; 07 Jun 2019 03:09:30 -0700 From: Damian Nowak To: dev@dpdk.org Cc: fiona.trahe@intel.com, arkadiuszx.kusztal@intel.com, Damian Nowak Date: Fri, 7 Jun 2019 12:06:00 +0200 Message-Id: <20190607100608.16212-4-damianx.nowak@intel.com> X-Mailer: git-send-email 2.21.0.windows.1 In-Reply-To: <20190607100608.16212-1-damianx.nowak@intel.com> References: <20190603145048.2596-1-damianx.nowak@intel.com> <20190607100608.16212-1-damianx.nowak@intel.com> MIME-Version: 1.0 Subject: [dpdk-dev] [PATCH v2 03/10] crypto/qat: handle buffer size for digest-encrypted auth-cipher X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" This patch adds condition to be met when using wireless algorithms (SNOW3G, KASUMI, ZUC) in out-of-place auth-cipher operations. It checks if the digest location overlaps with the data to be encrypted or decrypted and if so, treats as a digest-encrypted case. It also checks if the digest is being encrypted or decrypted partially and extends PMD buffers accordingly. Signed-off-by: Damian Nowak --- drivers/crypto/qat/qat_sym.c | 31 +++++++++++++++++++------------ 1 file changed, 19 insertions(+), 12 deletions(-) diff --git a/drivers/crypto/qat/qat_sym.c b/drivers/crypto/qat/qat_sym.c index 8801ca5..90b0ba4 100644 --- a/drivers/crypto/qat/qat_sym.c +++ b/drivers/crypto/qat/qat_sym.c @@ -493,6 +493,25 @@ qat_sym_build_request(void *in_op, uint8_t *out_msg, (cipher_param->cipher_offset + cipher_param->cipher_length) : (auth_param->auth_off + auth_param->auth_len); + /* Handle case of auth-gen-then-cipher with digest encrypted */ + if (wireless_auth && + (auth_ofs + auth_len < cipher_ofs + cipher_len) && + (op->sym->auth.digest.phys_addr == + (in_place ? src_buf_start : dst_buf_start) + + auth_ofs + auth_len)) { + /* Handle partial digest encryption */ + if (cipher_ofs + cipher_len < + auth_ofs + auth_len + ctx->digest_length) + qat_req->comn_mid.dst_length = + qat_req->comn_mid.src_length += + auth_ofs + auth_len + ctx->digest_length - + cipher_ofs - cipher_len; + struct icp_qat_fw_comn_req_hdr *header = &qat_req->comn_hdr; + ICP_QAT_FW_LA_DIGEST_IN_BUFFER_SET( + header->serv_specif_flags, + ICP_QAT_FW_LA_DIGEST_IN_BUFFER); + } + if (do_sgl) { ICP_QAT_FW_COMN_PTR_TYPE_SET(qat_req->comn_hdr.comn_req_flags, @@ -533,18 +552,6 @@ qat_sym_build_request(void *in_op, uint8_t *out_msg, } else { qat_req->comn_mid.src_data_addr = src_buf_start; qat_req->comn_mid.dest_data_addr = dst_buf_start; - /* handle case of auth-gen-then-cipher with digest encrypted */ - if (wireless_auth && in_place && - (op->sym->auth.digest.phys_addr == - src_buf_start + auth_ofs + auth_len) && - (auth_ofs + auth_len + ctx->digest_length <= - cipher_ofs + cipher_len)) { - struct icp_qat_fw_comn_req_hdr *header = - &qat_req->comn_hdr; - ICP_QAT_FW_LA_DIGEST_IN_BUFFER_SET( - header->serv_specif_flags, - ICP_QAT_FW_LA_DIGEST_IN_BUFFER); - } } #if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG From patchwork Fri Jun 7 10:06:01 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Damian Nowak X-Patchwork-Id: 54533 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@dpdk.org Delivered-To: patchwork@dpdk.org Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id 306071B9D1; Fri, 7 Jun 2019 12:09:41 +0200 (CEST) Received: from mga01.intel.com (mga01.intel.com [192.55.52.88]) by dpdk.org (Postfix) with ESMTP id 9B9101B9BA for ; Fri, 7 Jun 2019 12:09:33 +0200 (CEST) X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by fmsmga101.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 07 Jun 2019 03:09:33 -0700 X-ExtLoop1: 1 Received: from damiannx-mobl1.ger.corp.intel.com ([10.103.104.100]) by fmsmga001.fm.intel.com with ESMTP; 07 Jun 2019 03:09:32 -0700 From: Damian Nowak To: dev@dpdk.org Cc: fiona.trahe@intel.com, arkadiuszx.kusztal@intel.com, Damian Nowak Date: Fri, 7 Jun 2019 12:06:01 +0200 Message-Id: <20190607100608.16212-5-damianx.nowak@intel.com> X-Mailer: git-send-email 2.21.0.windows.1 In-Reply-To: <20190607100608.16212-1-damianx.nowak@intel.com> References: <20190603145048.2596-1-damianx.nowak@intel.com> <20190607100608.16212-1-damianx.nowak@intel.com> MIME-Version: 1.0 Subject: [dpdk-dev] [PATCH v2 04/10] crypto/qat: add digest encrypted feature flag X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" This patch adds feature flag for QuickAssist Technology to emphasize it's support for digest appended auth-cipher operations. Signed-off-by: Damian Nowak --- drivers/crypto/qat/qat_sym_pmd.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/drivers/crypto/qat/qat_sym_pmd.c b/drivers/crypto/qat/qat_sym_pmd.c index af21270..71f21ce 100644 --- a/drivers/crypto/qat/qat_sym_pmd.c +++ b/drivers/crypto/qat/qat_sym_pmd.c @@ -278,7 +278,8 @@ qat_sym_dev_create(struct qat_pci_device *qat_pci_dev) RTE_CRYPTODEV_FF_OOP_SGL_IN_SGL_OUT | RTE_CRYPTODEV_FF_OOP_SGL_IN_LB_OUT | RTE_CRYPTODEV_FF_OOP_LB_IN_SGL_OUT | - RTE_CRYPTODEV_FF_OOP_LB_IN_LB_OUT; + RTE_CRYPTODEV_FF_OOP_LB_IN_LB_OUT | + RTE_CRYPTODEV_FF_DIGEST_ENCRYPTED; internals = cryptodev->data->dev_private; internals->qat_dev = qat_pci_dev; From patchwork Fri Jun 7 10:06:02 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Damian Nowak X-Patchwork-Id: 54534 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@dpdk.org Delivered-To: patchwork@dpdk.org Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id 6C86D1B9DB; Fri, 7 Jun 2019 12:09:43 +0200 (CEST) Received: from mga01.intel.com (mga01.intel.com [192.55.52.88]) by dpdk.org (Postfix) with ESMTP id 86BA61B9BF for ; Fri, 7 Jun 2019 12:09:35 +0200 (CEST) X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by fmsmga101.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 07 Jun 2019 03:09:35 -0700 X-ExtLoop1: 1 Received: from damiannx-mobl1.ger.corp.intel.com ([10.103.104.100]) by fmsmga001.fm.intel.com with ESMTP; 07 Jun 2019 03:09:33 -0700 From: Damian Nowak To: dev@dpdk.org Cc: fiona.trahe@intel.com, arkadiuszx.kusztal@intel.com, Damian Nowak Date: Fri, 7 Jun 2019 12:06:02 +0200 Message-Id: <20190607100608.16212-6-damianx.nowak@intel.com> X-Mailer: git-send-email 2.21.0.windows.1 In-Reply-To: <20190607100608.16212-1-damianx.nowak@intel.com> References: <20190603145048.2596-1-damianx.nowak@intel.com> <20190607100608.16212-1-damianx.nowak@intel.com> MIME-Version: 1.0 Subject: [dpdk-dev] [PATCH v2 05/10] test/crypto: add snow3g test cases for auth-cipher X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" This patch adds test cases for snow3g in-place and out-of-place auth-cipher operations. Test cases include buffer appended digest generation with encryption and buffer decryption with appended digest verification. It also adds cases where digest is encrypted only partially. Signed-off-by: Damian Nowak --- app/test/test_cryptodev.c | 281 +++++++++++++++++++++----- app/test/test_cryptodev_snow3g_test_vectors.h | 167 ++++++++++++++- 2 files changed, 392 insertions(+), 56 deletions(-) diff --git a/app/test/test_cryptodev.c b/app/test/test_cryptodev.c index 9f31aaa..08023a5 100644 --- a/app/test/test_cryptodev.c +++ b/app/test/test_cryptodev.c @@ -1,5 +1,5 @@ /* SPDX-License-Identifier: BSD-3-Clause - * Copyright(c) 2015-2017 Intel Corporation + * Copyright(c) 2015-2019 Intel Corporation */ #include @@ -40,7 +40,10 @@ #include "test_cryptodev_hmac_test_vectors.h" #define VDEV_ARGS_SIZE 100 -#define MAX_NB_SESSIONS 4 +#define MAX_NB_SESSIONS 4 + +#define IN_PLACE 0 +#define OUT_OF_PLACE 1 static int gbl_driver_id; @@ -2814,7 +2817,8 @@ create_wireless_algo_auth_cipher_operation(unsigned int auth_tag_len, const uint8_t *auth_iv, uint8_t auth_iv_len, unsigned int data_pad_len, unsigned int cipher_len, unsigned int cipher_offset, - unsigned int auth_len, unsigned int auth_offset) + unsigned int auth_len, unsigned int auth_offset, + uint8_t op_mode) { struct crypto_testsuite_params *ts_params = &testsuite_params; struct crypto_unittest_params *ut_params = &unittest_params; @@ -2830,24 +2834,31 @@ create_wireless_algo_auth_cipher_operation(unsigned int auth_tag_len, struct rte_crypto_sym_op *sym_op = ut_params->op->sym; - /* set crypto operation source mbuf */ + /* set crypto operation mbufs */ sym_op->m_src = ut_params->ibuf; + if (op_mode == OUT_OF_PLACE) + sym_op->m_dst = ut_params->obuf; /* digest */ - sym_op->auth.digest.data = (uint8_t *) rte_pktmbuf_mtod_offset( - ut_params->ibuf, uint8_t *, data_pad_len); + sym_op->auth.digest.data = rte_pktmbuf_mtod_offset( + (op_mode == IN_PLACE ? + ut_params->ibuf : ut_params->obuf), + uint8_t *, data_pad_len); TEST_ASSERT_NOT_NULL(sym_op->auth.digest.data, "no room to append auth tag"); sym_op->auth.digest.phys_addr = rte_pktmbuf_iova_offset( - ut_params->ibuf, data_pad_len); + (op_mode == IN_PLACE ? + ut_params->ibuf : ut_params->obuf), + data_pad_len); memset(sym_op->auth.digest.data, 0, auth_tag_len); /* Copy cipher and auth IVs at the end of the crypto operation */ - uint8_t *iv_ptr = rte_crypto_op_ctod_offset(ut_params->op, uint8_t *, - IV_OFFSET); + uint8_t *iv_ptr = rte_crypto_op_ctod_offset( + ut_params->op, uint8_t *, IV_OFFSET); + rte_memcpy(iv_ptr, cipher_iv, cipher_iv_len); iv_ptr += cipher_iv_len; rte_memcpy(iv_ptr, auth_iv, auth_iv_len); @@ -4312,90 +4323,166 @@ test_snow3g_cipher_auth(const struct snow3g_test_data *tdata) "SNOW 3G Generated auth tag not as expected"); return 0; } + static int -test_snow3g_auth_cipher(const struct snow3g_test_data *tdata) +test_snow3g_auth_cipher(const struct snow3g_test_data *tdata, + uint8_t op_mode, uint8_t verify) { struct crypto_testsuite_params *ts_params = &testsuite_params; struct crypto_unittest_params *ut_params = &unittest_params; int retval; - uint8_t *plaintext, *ciphertext; - unsigned plaintext_pad_len; - unsigned plaintext_len; + uint8_t *plaintext = NULL, *ciphertext = NULL; + unsigned int plaintext_pad_len; + unsigned int plaintext_len; + unsigned int ciphertext_pad_len; + unsigned int ciphertext_len; + + struct rte_cryptodev_info dev_info; + + rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info); + + uint64_t feat_flags = dev_info.feature_flags; + + if (op_mode == OUT_OF_PLACE) { + if (!(feat_flags & RTE_CRYPTODEV_FF_DIGEST_ENCRYPTED)) { + printf("Device doesn't support digest encrypted.\n"); + return -ENOTSUP; + } + } /* Create SNOW 3G session */ - retval = create_wireless_algo_auth_cipher_session(ts_params->valid_devs[0], - RTE_CRYPTO_CIPHER_OP_ENCRYPT, - RTE_CRYPTO_AUTH_OP_GENERATE, + retval = create_wireless_algo_auth_cipher_session( + ts_params->valid_devs[0], + (verify ? RTE_CRYPTO_CIPHER_OP_DECRYPT + : RTE_CRYPTO_CIPHER_OP_ENCRYPT), + (verify ? RTE_CRYPTO_AUTH_OP_VERIFY + : RTE_CRYPTO_AUTH_OP_GENERATE), RTE_CRYPTO_AUTH_SNOW3G_UIA2, RTE_CRYPTO_CIPHER_SNOW3G_UEA2, tdata->key.data, tdata->key.len, tdata->auth_iv.len, tdata->digest.len, tdata->cipher_iv.len); + if (retval < 0) return retval; ut_params->ibuf = rte_pktmbuf_alloc(ts_params->mbuf_pool); + if (op_mode == OUT_OF_PLACE) + ut_params->obuf = rte_pktmbuf_alloc(ts_params->mbuf_pool); /* clear mbuf payload */ memset(rte_pktmbuf_mtod(ut_params->ibuf, uint8_t *), 0, - rte_pktmbuf_tailroom(ut_params->ibuf)); + rte_pktmbuf_tailroom(ut_params->ibuf)); + if (op_mode == OUT_OF_PLACE) + memset(rte_pktmbuf_mtod(ut_params->obuf, uint8_t *), 0, + rte_pktmbuf_tailroom(ut_params->obuf)); + ciphertext_len = ceil_byte_length(tdata->ciphertext.len); plaintext_len = ceil_byte_length(tdata->plaintext.len); /* Append data which is padded to a multiple of */ /* the algorithms block size */ + ciphertext_pad_len = RTE_ALIGN_CEIL(ciphertext_len, 16); plaintext_pad_len = RTE_ALIGN_CEIL(plaintext_len, 16); - plaintext = (uint8_t *)rte_pktmbuf_append(ut_params->ibuf, - plaintext_pad_len); - memcpy(plaintext, tdata->plaintext.data, plaintext_len); - debug_hexdump(stdout, "plaintext:", plaintext, plaintext_len); + if (verify) { + ciphertext = (uint8_t *)rte_pktmbuf_append(ut_params->ibuf, + ciphertext_pad_len); + memcpy(ciphertext, tdata->ciphertext.data, ciphertext_len); + if (op_mode == OUT_OF_PLACE) + rte_pktmbuf_append(ut_params->obuf, ciphertext_pad_len); + debug_hexdump(stdout, "ciphertext:", ciphertext, + ciphertext_len); + } else { + plaintext = (uint8_t *)rte_pktmbuf_append(ut_params->ibuf, + plaintext_pad_len); + memcpy(plaintext, tdata->plaintext.data, plaintext_len); + if (op_mode == OUT_OF_PLACE) + rte_pktmbuf_append(ut_params->obuf, plaintext_pad_len); + debug_hexdump(stdout, "plaintext:", plaintext, plaintext_len); + } /* Create SNOW 3G operation */ retval = create_wireless_algo_auth_cipher_operation( tdata->digest.len, tdata->cipher_iv.data, tdata->cipher_iv.len, tdata->auth_iv.data, tdata->auth_iv.len, - tdata->digest.offset_bytes == 0 ? - plaintext_pad_len : tdata->digest.offset_bytes, + (tdata->digest.offset_bytes == 0 ? + (verify ? ciphertext_pad_len : plaintext_pad_len) + : tdata->digest.offset_bytes), tdata->validCipherLenInBits.len, tdata->cipher.offset_bits, tdata->validAuthLenInBits.len, - tdata->auth.offset_bits); + tdata->auth.offset_bits, + op_mode); if (retval < 0) return retval; ut_params->op = process_crypto_request(ts_params->valid_devs[0], ut_params->op); + TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf"); - ut_params->obuf = ut_params->op->sym->m_src; - if (ut_params->obuf) - ciphertext = rte_pktmbuf_mtod(ut_params->obuf, uint8_t *); - else - ciphertext = plaintext; - ut_params->digest = rte_pktmbuf_mtod(ut_params->obuf, uint8_t *) + ut_params->obuf = (op_mode == IN_PLACE ? + ut_params->op->sym->m_src : ut_params->op->sym->m_dst); + + if (verify) { + if (ut_params->obuf) + plaintext = rte_pktmbuf_mtod(ut_params->obuf, + uint8_t *); + else + plaintext = ciphertext + + (tdata->cipher.offset_bits >> 3); + + debug_hexdump(stdout, "plaintext:", plaintext, + (tdata->plaintext.len >> 3) - tdata->digest.len); + debug_hexdump(stdout, "plaintext expected:", + tdata->plaintext.data, + (tdata->plaintext.len >> 3) - tdata->digest.len); + } else { + if (ut_params->obuf) + ciphertext = rte_pktmbuf_mtod(ut_params->obuf, + uint8_t *); + else + ciphertext = plaintext; + + debug_hexdump(stdout, "ciphertext:", ciphertext, + ciphertext_len); + debug_hexdump(stdout, "ciphertext expected:", + tdata->ciphertext.data, tdata->ciphertext.len >> 3); + + ut_params->digest = rte_pktmbuf_mtod(ut_params->obuf, uint8_t *) + (tdata->digest.offset_bytes == 0 ? - plaintext_pad_len : tdata->digest.offset_bytes); + plaintext_pad_len : tdata->digest.offset_bytes); - debug_hexdump(stdout, "digest:", ut_params->digest, tdata->digest.len); - debug_hexdump(stdout, "ciphertext:", ciphertext, plaintext_len); + debug_hexdump(stdout, "digest:", ut_params->digest, + tdata->digest.len); + debug_hexdump(stdout, "digest expected:", tdata->digest.data, + tdata->digest.len); + } /* Validate obuf */ - TEST_ASSERT_BUFFERS_ARE_EQUAL_BIT( - ciphertext, - tdata->ciphertext.data, - tdata->validDataLenInBits.len, - "SNOW 3G Ciphertext data not as expected"); + if (verify) { + TEST_ASSERT_BUFFERS_ARE_EQUAL_BIT( + plaintext, + tdata->plaintext.data, + tdata->plaintext.len >> 3, + "SNOW 3G Plaintext data not as expected"); + } else { + TEST_ASSERT_BUFFERS_ARE_EQUAL_BIT( + ciphertext, + tdata->ciphertext.data, + tdata->validDataLenInBits.len, + "SNOW 3G Ciphertext data not as expected"); - /* Validate obuf */ - TEST_ASSERT_BUFFERS_ARE_EQUAL( - ut_params->digest, - tdata->digest.data, - DIGEST_BYTE_LENGTH_SNOW3G_UIA2, - "SNOW 3G Generated auth tag not as expected"); + TEST_ASSERT_BUFFERS_ARE_EQUAL( + ut_params->digest, + tdata->digest.data, + DIGEST_BYTE_LENGTH_SNOW3G_UIA2, + "SNOW 3G Generated auth tag not as expected"); + } return 0; } @@ -4447,8 +4534,8 @@ test_kasumi_auth_cipher(const struct kasumi_test_data *tdata) tdata->validCipherLenInBits.len, tdata->validCipherOffsetInBits.len, tdata->validAuthLenInBits.len, - 0 - ); + 0, + IN_PLACE); if (retval < 0) return retval; @@ -5038,13 +5125,82 @@ test_snow3g_cipher_auth_test_case_1(void) static int test_snow3g_auth_cipher_test_case_1(void) { - return test_snow3g_auth_cipher(&snow3g_test_case_6); + return test_snow3g_auth_cipher( + &snow3g_auth_cipher_test_case_1, IN_PLACE, 0); +} + +static int +test_snow3g_auth_cipher_test_case_2(void) +{ + return test_snow3g_auth_cipher( + &snow3g_auth_cipher_test_case_2, IN_PLACE, 0); +} + +static int +test_snow3g_auth_cipher_test_case_2_oop(void) +{ + return test_snow3g_auth_cipher( + &snow3g_auth_cipher_test_case_2, OUT_OF_PLACE, 0); +} + +static int +test_snow3g_auth_cipher_part_digest_enc(void) +{ + return test_snow3g_auth_cipher( + &snow3g_auth_cipher_partial_digest_encryption, + IN_PLACE, 0); +} + +static int +test_snow3g_auth_cipher_part_digest_enc_oop(void) +{ + return test_snow3g_auth_cipher( + &snow3g_auth_cipher_partial_digest_encryption, + OUT_OF_PLACE, 0); +} + +static int +test_snow3g_auth_cipher_verify_test_case_1(void) +{ + return test_snow3g_auth_cipher( + &snow3g_auth_cipher_test_case_1, IN_PLACE, 1); +} + +static int +test_snow3g_auth_cipher_verify_test_case_2(void) +{ + return test_snow3g_auth_cipher( + &snow3g_auth_cipher_test_case_2, IN_PLACE, 1); +} + +static int +test_snow3g_auth_cipher_verify_test_case_2_oop(void) +{ + return test_snow3g_auth_cipher( + &snow3g_auth_cipher_test_case_2, OUT_OF_PLACE, 1); +} + +static int +test_snow3g_auth_cipher_verify_part_digest_enc(void) +{ + return test_snow3g_auth_cipher( + &snow3g_auth_cipher_partial_digest_encryption, + IN_PLACE, 1); +} + +static int +test_snow3g_auth_cipher_verify_part_digest_enc_oop(void) +{ + return test_snow3g_auth_cipher( + &snow3g_auth_cipher_partial_digest_encryption, + OUT_OF_PLACE, 1); } static int test_snow3g_auth_cipher_with_digest_test_case_1(void) { - return test_snow3g_auth_cipher(&snow3g_test_case_7); + return test_snow3g_auth_cipher( + &snow3g_test_case_7, IN_PLACE, 0); } static int @@ -8650,9 +8806,6 @@ test_authenticated_encryption_SGL(const struct aead_test_data *tdata, return 0; } -#define IN_PLACE 0 -#define OUT_OF_PLACE 1 - static int test_AES_GCM_auth_encrypt_SGL_out_of_place_400B_400B(void) { @@ -9189,6 +9342,30 @@ static struct unit_test_suite cryptodev_qat_testsuite = { TEST_CASE_ST(ut_setup, ut_teardown, test_snow3g_decryption_test_case_1_oop), + /** SNOW 3G generate auth, then encrypt (UEA2) */ + TEST_CASE_ST(ut_setup, ut_teardown, + test_snow3g_auth_cipher_test_case_1), + TEST_CASE_ST(ut_setup, ut_teardown, + test_snow3g_auth_cipher_test_case_2), + TEST_CASE_ST(ut_setup, ut_teardown, + test_snow3g_auth_cipher_test_case_2_oop), + TEST_CASE_ST(ut_setup, ut_teardown, + test_snow3g_auth_cipher_part_digest_enc), + TEST_CASE_ST(ut_setup, ut_teardown, + test_snow3g_auth_cipher_part_digest_enc_oop), + + /** SNOW 3G decrypt (UEA2), then verify auth */ + TEST_CASE_ST(ut_setup, ut_teardown, + test_snow3g_auth_cipher_verify_test_case_1), + TEST_CASE_ST(ut_setup, ut_teardown, + test_snow3g_auth_cipher_verify_test_case_2), + TEST_CASE_ST(ut_setup, ut_teardown, + test_snow3g_auth_cipher_verify_test_case_2_oop), + TEST_CASE_ST(ut_setup, ut_teardown, + test_snow3g_auth_cipher_verify_part_digest_enc), + TEST_CASE_ST(ut_setup, ut_teardown, + test_snow3g_auth_cipher_verify_part_digest_enc_oop), + /** SNOW 3G decrypt only (UEA2) */ TEST_CASE_ST(ut_setup, ut_teardown, test_snow3g_decryption_test_case_1), @@ -9217,8 +9394,6 @@ static struct unit_test_suite cryptodev_qat_testsuite = { TEST_CASE_ST(ut_setup, ut_teardown, test_snow3g_cipher_auth_test_case_1), TEST_CASE_ST(ut_setup, ut_teardown, - test_snow3g_auth_cipher_test_case_1), - TEST_CASE_ST(ut_setup, ut_teardown, test_snow3g_auth_cipher_with_digest_test_case_1), /** ZUC encrypt only (EEA3) */ diff --git a/app/test/test_cryptodev_snow3g_test_vectors.h b/app/test/test_cryptodev_snow3g_test_vectors.h index 3e55ac1..3abc037 100644 --- a/app/test/test_cryptodev_snow3g_test_vectors.h +++ b/app/test/test_cryptodev_snow3g_test_vectors.h @@ -1,5 +1,5 @@ /* SPDX-License-Identifier: BSD-3-Clause - * Copyright(c) 2015-2017 Intel Corporation + * Copyright(c) 2015-2019 Intel Corporation */ #ifndef TEST_CRYPTODEV_SNOW3G_TEST_VECTORS_H_ @@ -59,6 +59,7 @@ struct snow3g_test_data { unsigned int offset_bits; } auth; }; + struct snow3g_test_data snow3g_test_case_1 = { .key = { .data = { @@ -347,7 +348,8 @@ struct snow3g_test_data snow3g_test_case_5 = { .len = 840 }, }; -struct snow3g_test_data snow3g_test_case_6 = { + +struct snow3g_test_data snow3g_auth_cipher_test_case_1 = { .key = { .data = { 0xC7, 0x36, 0xC6, 0xAA, 0xB2, 0x2B, 0xFF, 0xF9, @@ -415,7 +417,6 @@ struct snow3g_test_data snow3g_test_case_6 = { }, }; - struct snow3g_test_data snow3g_test_case_7 = { .key = { .data = { @@ -508,4 +509,164 @@ struct snow3g_test_data snow3g_test_case_7 = { }, }; +struct snow3g_test_data snow3g_auth_cipher_test_case_2 = { + .key = { + .data = { + 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, + 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10 + + }, + .len = 16 + }, + .cipher_iv = { + .data = { + 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, + 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08 + }, + .len = 16 + }, + .auth_iv = { + .data = { + 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 + }, + .len = 16 + }, + .plaintext = { + .data = { + 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, + 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, + 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, + 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, + 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, + 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, + 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, + 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, + 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, + 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, + 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, + 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, + 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, + 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, + 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, + 0x5A, 0x5A, 0x5A, 0x5A, 0x01, 0x02, 0x03, 0x04, + + }, + .len = 128 << 3 + }, + .ciphertext = { + .data = { + 0x5A, 0x5A, 0xE4, 0xAD, 0x29, 0xA2, 0x6A, 0xA6, + 0x20, 0x1D, 0xCD, 0x08, 0x50, 0xD6, 0xE6, 0x47, + 0xBC, 0x88, 0x08, 0x01, 0x17, 0xFA, 0x47, 0x5B, + 0x90, 0x40, 0xBA, 0x0C, 0xB5, 0x58, 0xF3, 0x0C, + 0xA0, 0xD4, 0x98, 0x83, 0x1B, 0xCE, 0x54, 0xE3, + 0x29, 0x00, 0x3C, 0xA4, 0xAD, 0x74, 0xEE, 0x05, + 0xA3, 0x6C, 0xD4, 0xAC, 0xC6, 0x30, 0x33, 0xC9, + 0x37, 0x57, 0x41, 0x9B, 0xD4, 0x73, 0xB9, 0x77, + 0x70, 0x8B, 0x63, 0xDD, 0x22, 0xB8, 0xE1, 0x85, + 0xB2, 0x92, 0x7C, 0x37, 0xD3, 0x2E, 0xD9, 0xF4, + 0x4A, 0x69, 0x25, 0x30, 0xE3, 0x5B, 0x8B, 0xF6, + 0x0F, 0xDE, 0x0B, 0x92, 0xD5, 0x25, 0x52, 0x6D, + 0x26, 0xEB, 0x2F, 0x8A, 0x3B, 0x8B, 0x38, 0xE2, + 0x48, 0xD3, 0x4A, 0x98, 0xF7, 0x3A, 0xC2, 0x46, + 0x69, 0x8D, 0x73, 0x3E, 0x57, 0x88, 0x2C, 0x80, + 0xF0, 0xF2, 0x75, 0xB8, 0x7D, 0x27, 0xC6, 0xDA, + + }, + .len = 128 << 3 + }, + .cipher = { + .len_bits = 126 << 3, + .offset_bits = 2 << 3 + }, + .auth = { + .len_bits = 124 << 3, + .offset_bits = 0 + }, + .digest = { + .data = { + 0x7D, 0x27, 0xC6, 0xDA + }, + .len = 4, + .offset_bytes = 124 + }, + .validDataLenInBits = { + .len = 128 << 3 + }, + .validCipherLenInBits = { + .len = 126 << 3 + }, + .validAuthLenInBits = { + .len = 124 << 3 + }, +}; + +struct snow3g_test_data snow3g_auth_cipher_partial_digest_encryption = { + .key = { + .data = { + 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, + 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10 + + }, + .len = 16 + }, + .cipher_iv = { + .data = { + 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, + 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08 + }, + .len = 16 + }, + .auth_iv = { + .data = { + 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 + }, + .len = 16 + }, + .plaintext = { + .data = { + 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, + 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, + 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, + 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A + }, + .len = 32 << 3 + }, + .ciphertext = { + .data = { + 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, + 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0xE4, 0xAD, + 0x29, 0xA2, 0x6A, 0xA6, 0x20, 0x1D, 0xCD, 0x08, + 0x50, 0xD6, 0xE6, 0x47, 0xB3, 0xBD, 0xC3, 0x08 + }, + .len = 32 << 3 + }, + .cipher = { + .len_bits = 16 << 3, + .offset_bits = 14 << 3 + }, + .auth = { + .len_bits = 28 << 3, + .offset_bits = 0 + }, + .digest = { + .data = { + 0xB3, 0xBD, 0xC3, 0x08 + }, + .len = 4, + .offset_bytes = 28 + }, + .validDataLenInBits = { + .len = 32 << 3 + }, + .validCipherLenInBits = { + .len = 16 << 3 + }, + .validAuthLenInBits = { + .len = 28 << 3 + }, +}; + #endif /* TEST_CRYPTODEV_SNOW3G_TEST_VECTORS_H_ */ From patchwork Fri Jun 7 10:06:03 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Damian Nowak X-Patchwork-Id: 54535 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@dpdk.org Delivered-To: patchwork@dpdk.org Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id 630561B9E1; Fri, 7 Jun 2019 12:09:46 +0200 (CEST) Received: from mga01.intel.com (mga01.intel.com [192.55.52.88]) by dpdk.org (Postfix) with ESMTP id 3B0311B9C4 for ; Fri, 7 Jun 2019 12:09:37 +0200 (CEST) X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by fmsmga101.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 07 Jun 2019 03:09:36 -0700 X-ExtLoop1: 1 Received: from damiannx-mobl1.ger.corp.intel.com ([10.103.104.100]) by fmsmga001.fm.intel.com with ESMTP; 07 Jun 2019 03:09:35 -0700 From: Damian Nowak To: dev@dpdk.org Cc: fiona.trahe@intel.com, arkadiuszx.kusztal@intel.com, Damian Nowak Date: Fri, 7 Jun 2019 12:06:03 +0200 Message-Id: <20190607100608.16212-7-damianx.nowak@intel.com> X-Mailer: git-send-email 2.21.0.windows.1 In-Reply-To: <20190607100608.16212-1-damianx.nowak@intel.com> References: <20190603145048.2596-1-damianx.nowak@intel.com> <20190607100608.16212-1-damianx.nowak@intel.com> MIME-Version: 1.0 Subject: [dpdk-dev] [PATCH v2 06/10] test/crypto: add kasumi test cases for auth-cipher X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" This patch adds test cases for kasumi in-place and out-of-place auth-cipher operations. Test cases include buffer appended digest generation with encryption and buffer decryption with appended digest verification. Signed-off-by: Damian Nowak --- app/test/test_cryptodev.c | 203 +++++++++++++++++++++----- app/test/test_cryptodev_kasumi_test_vectors.h | 98 +++++++++++-- 2 files changed, 254 insertions(+), 47 deletions(-) diff --git a/app/test/test_cryptodev.c b/app/test/test_cryptodev.c index 08023a5..c8ea5b5 100644 --- a/app/test/test_cryptodev.c +++ b/app/test/test_cryptodev.c @@ -4487,87 +4487,166 @@ test_snow3g_auth_cipher(const struct snow3g_test_data *tdata, } static int -test_kasumi_auth_cipher(const struct kasumi_test_data *tdata) +test_kasumi_auth_cipher(const struct kasumi_test_data *tdata, + uint8_t op_mode, uint8_t verify) { struct crypto_testsuite_params *ts_params = &testsuite_params; struct crypto_unittest_params *ut_params = &unittest_params; int retval; - uint8_t *plaintext, *ciphertext; - unsigned plaintext_pad_len; - unsigned plaintext_len; + uint8_t *plaintext = NULL, *ciphertext = NULL; + unsigned int plaintext_pad_len; + unsigned int plaintext_len; + unsigned int ciphertext_pad_len; + unsigned int ciphertext_len; + + struct rte_cryptodev_info dev_info; + + rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info); + + uint64_t feat_flags = dev_info.feature_flags; + + if (op_mode == OUT_OF_PLACE) { + if (!(feat_flags & RTE_CRYPTODEV_FF_DIGEST_ENCRYPTED)) { + printf("Device doesn't support digest encrypted.\n"); + return -ENOTSUP; + } + } /* Create KASUMI session */ retval = create_wireless_algo_auth_cipher_session( ts_params->valid_devs[0], - RTE_CRYPTO_CIPHER_OP_ENCRYPT, - RTE_CRYPTO_AUTH_OP_GENERATE, + (verify ? RTE_CRYPTO_CIPHER_OP_DECRYPT + : RTE_CRYPTO_CIPHER_OP_ENCRYPT), + (verify ? RTE_CRYPTO_AUTH_OP_VERIFY + : RTE_CRYPTO_AUTH_OP_GENERATE), RTE_CRYPTO_AUTH_KASUMI_F9, RTE_CRYPTO_CIPHER_KASUMI_F8, tdata->key.data, tdata->key.len, 0, tdata->digest.len, tdata->cipher_iv.len); + if (retval < 0) return retval; + ut_params->ibuf = rte_pktmbuf_alloc(ts_params->mbuf_pool); + if (op_mode == OUT_OF_PLACE) + ut_params->obuf = rte_pktmbuf_alloc(ts_params->mbuf_pool); /* clear mbuf payload */ memset(rte_pktmbuf_mtod(ut_params->ibuf, uint8_t *), 0, - rte_pktmbuf_tailroom(ut_params->ibuf)); + rte_pktmbuf_tailroom(ut_params->ibuf)); + if (op_mode == OUT_OF_PLACE) + memset(rte_pktmbuf_mtod(ut_params->obuf, uint8_t *), 0, + rte_pktmbuf_tailroom(ut_params->obuf)); + ciphertext_len = ceil_byte_length(tdata->ciphertext.len); plaintext_len = ceil_byte_length(tdata->plaintext.len); /* Append data which is padded to a multiple of */ /* the algorithms block size */ + ciphertext_pad_len = RTE_ALIGN_CEIL(ciphertext_len, 16); plaintext_pad_len = RTE_ALIGN_CEIL(plaintext_len, 16); - plaintext = (uint8_t *)rte_pktmbuf_append(ut_params->ibuf, - plaintext_pad_len); - memcpy(plaintext, tdata->plaintext.data, plaintext_len); - debug_hexdump(stdout, "plaintext:", plaintext, plaintext_len); + if (verify) { + ciphertext = (uint8_t *)rte_pktmbuf_append(ut_params->ibuf, + ciphertext_pad_len); + memcpy(ciphertext, tdata->ciphertext.data, ciphertext_len); + if (op_mode == OUT_OF_PLACE) + rte_pktmbuf_append(ut_params->obuf, ciphertext_pad_len); + debug_hexdump(stdout, "ciphertext:", ciphertext, + ciphertext_len); + } else { + plaintext = (uint8_t *)rte_pktmbuf_append(ut_params->ibuf, + plaintext_pad_len); + memcpy(plaintext, tdata->plaintext.data, plaintext_len); + if (op_mode == OUT_OF_PLACE) + rte_pktmbuf_append(ut_params->obuf, plaintext_pad_len); + debug_hexdump(stdout, "plaintext:", plaintext, + plaintext_len); + } /* Create KASUMI operation */ - retval = create_wireless_algo_auth_cipher_operation(tdata->digest.len, - tdata->cipher_iv.data, tdata->cipher_iv.len, - NULL, 0, - plaintext_pad_len, - tdata->validCipherLenInBits.len, - tdata->validCipherOffsetInBits.len, - tdata->validAuthLenInBits.len, - 0, - IN_PLACE); + retval = create_wireless_algo_auth_cipher_operation( + tdata->digest.len, + tdata->cipher_iv.data, tdata->cipher_iv.len, + NULL, 0, + (tdata->digest.offset_bytes == 0 ? + (verify ? ciphertext_pad_len : plaintext_pad_len) + : tdata->digest.offset_bytes), + tdata->validCipherLenInBits.len, + tdata->validCipherOffsetInBits.len, + tdata->validAuthLenInBits.len, + 0, + op_mode); if (retval < 0) return retval; ut_params->op = process_crypto_request(ts_params->valid_devs[0], ut_params->op); + TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf"); - if (ut_params->op->sym->m_dst) - ut_params->obuf = ut_params->op->sym->m_dst; - else - ut_params->obuf = ut_params->op->sym->m_src; - ciphertext = rte_pktmbuf_mtod_offset(ut_params->obuf, uint8_t *, - tdata->validCipherOffsetInBits.len >> 3); + ut_params->obuf = (op_mode == IN_PLACE ? + ut_params->op->sym->m_src : ut_params->op->sym->m_dst); + + + if (verify) { + if (ut_params->obuf) + plaintext = rte_pktmbuf_mtod(ut_params->obuf, + uint8_t *); + else + plaintext = ciphertext; + + debug_hexdump(stdout, "plaintext:", plaintext, + (tdata->plaintext.len >> 3) - tdata->digest.len); + debug_hexdump(stdout, "plaintext expected:", + tdata->plaintext.data, + (tdata->plaintext.len >> 3) - tdata->digest.len); + } else { + if (ut_params->obuf) + ciphertext = rte_pktmbuf_mtod(ut_params->obuf, + uint8_t *); + else + ciphertext = plaintext; + + debug_hexdump(stdout, "ciphertext:", ciphertext, + ciphertext_len); + debug_hexdump(stdout, "ciphertext expected:", + tdata->ciphertext.data, tdata->ciphertext.len >> 3); + + ut_params->digest = rte_pktmbuf_mtod( + ut_params->obuf, uint8_t *) + + (tdata->digest.offset_bytes == 0 ? + plaintext_pad_len : tdata->digest.offset_bytes); + + debug_hexdump(stdout, "digest:", ut_params->digest, + tdata->digest.len); + debug_hexdump(stdout, "digest expected:", + tdata->digest.data, tdata->digest.len); + } - const uint8_t *reference_ciphertext = tdata->ciphertext.data + - (tdata->validCipherOffsetInBits.len >> 3); /* Validate obuf */ - TEST_ASSERT_BUFFERS_ARE_EQUAL_BIT( + if (verify) { + TEST_ASSERT_BUFFERS_ARE_EQUAL_BIT( + plaintext, + tdata->plaintext.data, + tdata->plaintext.len >> 3, + "KASUMI Plaintext data not as expected"); + } else { + TEST_ASSERT_BUFFERS_ARE_EQUAL_BIT( ciphertext, - reference_ciphertext, - tdata->validCipherLenInBits.len, + tdata->ciphertext.data, + tdata->ciphertext.len >> 3, "KASUMI Ciphertext data not as expected"); - ut_params->digest = rte_pktmbuf_mtod(ut_params->ibuf, uint8_t *) - + plaintext_pad_len; - /* Validate obuf */ - TEST_ASSERT_BUFFERS_ARE_EQUAL( + TEST_ASSERT_BUFFERS_ARE_EQUAL( ut_params->digest, tdata->digest.data, DIGEST_BYTE_LENGTH_KASUMI_F9, "KASUMI Generated auth tag not as expected"); + } return 0; } @@ -5206,7 +5285,43 @@ test_snow3g_auth_cipher_with_digest_test_case_1(void) static int test_kasumi_auth_cipher_test_case_1(void) { - return test_kasumi_auth_cipher(&kasumi_test_case_3); + return test_kasumi_auth_cipher( + &kasumi_test_case_3, IN_PLACE, 0); +} + +static int +test_kasumi_auth_cipher_test_case_2(void) +{ + return test_kasumi_auth_cipher( + &kasumi_auth_cipher_test_case_2, IN_PLACE, 0); +} + +static int +test_kasumi_auth_cipher_test_case_2_oop(void) +{ + return test_kasumi_auth_cipher( + &kasumi_auth_cipher_test_case_2, OUT_OF_PLACE, 0); +} + +static int +test_kasumi_auth_cipher_verify_test_case_1(void) +{ + return test_kasumi_auth_cipher( + &kasumi_test_case_3, IN_PLACE, 1); +} + +static int +test_kasumi_auth_cipher_verify_test_case_2(void) +{ + return test_kasumi_auth_cipher( + &kasumi_auth_cipher_test_case_2, IN_PLACE, 1); +} + +static int +test_kasumi_auth_cipher_verify_test_case_2_oop(void) +{ + return test_kasumi_auth_cipher( + &kasumi_auth_cipher_test_case_2, OUT_OF_PLACE, 1); } static int @@ -9472,9 +9587,23 @@ static struct unit_test_suite cryptodev_qat_testsuite = { TEST_CASE_ST(ut_setup, ut_teardown, test_kasumi_encryption_test_case_3), TEST_CASE_ST(ut_setup, ut_teardown, + test_kasumi_cipher_auth_test_case_1), + + /** KASUMI generate auth, then encrypt (F8) */ + TEST_CASE_ST(ut_setup, ut_teardown, test_kasumi_auth_cipher_test_case_1), TEST_CASE_ST(ut_setup, ut_teardown, - test_kasumi_cipher_auth_test_case_1), + test_kasumi_auth_cipher_test_case_2), + TEST_CASE_ST(ut_setup, ut_teardown, + test_kasumi_auth_cipher_test_case_2_oop), + + /** KASUMI decrypt (F8), then verify auth */ + TEST_CASE_ST(ut_setup, ut_teardown, + test_kasumi_auth_cipher_verify_test_case_1), + TEST_CASE_ST(ut_setup, ut_teardown, + test_kasumi_auth_cipher_verify_test_case_2), + TEST_CASE_ST(ut_setup, ut_teardown, + test_kasumi_auth_cipher_verify_test_case_2_oop), /** Negative tests */ TEST_CASE_ST(ut_setup, ut_teardown, diff --git a/app/test/test_cryptodev_kasumi_test_vectors.h b/app/test/test_cryptodev_kasumi_test_vectors.h index 58a696a..f0a6d55 100644 --- a/app/test/test_cryptodev_kasumi_test_vectors.h +++ b/app/test/test_cryptodev_kasumi_test_vectors.h @@ -8,12 +8,12 @@ struct kasumi_test_data { struct { uint8_t data[64]; - unsigned len; + unsigned int len; } key; struct { uint8_t data[64] __rte_aligned(16); - unsigned len; + unsigned int len; } cipher_iv; /* @@ -23,20 +23,20 @@ struct kasumi_test_data { */ struct { uint8_t data[1024]; - unsigned len; /* length must be in Bits */ + unsigned int len; /* length must be in Bits */ } plaintext; struct { - unsigned len; + unsigned int len; } validDataLenInBits; struct { uint8_t data[1024]; - unsigned len; /* length must be in Bits */ + unsigned int len; /* length must be in Bits */ } ciphertext; struct { - unsigned len; + unsigned int len; } validCipherLenInBits; struct { @@ -45,12 +45,13 @@ struct kasumi_test_data { /* Actual length of data to be hashed */ struct { - unsigned len; + unsigned int len; } validAuthLenInBits; struct { uint8_t data[64]; - unsigned len; + unsigned int len; + unsigned int offset_bytes; /* offset must be in Bytes */ } digest; }; @@ -205,7 +206,8 @@ struct kasumi_test_data kasumi_test_case_3 = { }, .digest = { .data = {0x87, 0x5F, 0xE4, 0x89}, - .len = 4 + .len = 4, + .offset_bytes = 0 } }; @@ -353,7 +355,83 @@ struct kasumi_test_data kasumi_test_case_6 = { }, .digest = { .data = {0x0F, 0xD2, 0xAA, 0xB5}, - .len = 4 + .len = 4, + .offset_bytes = 0 + } +}; + +struct kasumi_test_data kasumi_auth_cipher_test_case_2 = { + .key = { + .data = { + 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, + 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, 0x10 + }, + .len = 16 + }, + .cipher_iv = { + .data = { + 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08 + }, + .len = 8 + }, + .plaintext = { + .data = { + 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, + 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, + 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, + 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, + 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, + 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, + 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, + 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, + 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, + 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, + 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, + 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, + 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, + 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, + 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, + 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A + }, + .len = 128 << 3 + }, + .ciphertext = { + .data = { + 0x5A, 0x5A, 0xFA, 0xC6, 0xA9, 0x09, 0x91, 0x74, + 0x35, 0xAA, 0x85, 0xB0, 0xE0, 0x07, 0x78, 0xDA, + 0x05, 0x88, 0x4E, 0x8D, 0xEC, 0x41, 0xF3, 0xBC, + 0x0D, 0x9F, 0xE3, 0xEF, 0x8E, 0x33, 0x22, 0xF3, + 0x15, 0x4B, 0x12, 0xC2, 0x22, 0x12, 0xD6, 0x46, + 0xD7, 0x27, 0x20, 0x1D, 0x50, 0x60, 0x9D, 0x42, + 0xF6, 0x73, 0xF5, 0x28, 0x88, 0xBE, 0x60, 0xEC, + 0x9C, 0x18, 0x81, 0xC4, 0x0A, 0xF4, 0xD5, 0x7A, + 0xB5, 0x3F, 0x1A, 0x79, 0xAB, 0x79, 0xDB, 0x24, + 0xF9, 0x6E, 0x86, 0x78, 0x10, 0x19, 0xAE, 0xD8, + 0xB2, 0xCA, 0x32, 0x8D, 0xD8, 0x28, 0x8B, 0x2F, + 0x5B, 0x3C, 0xE3, 0x7D, 0xD3, 0x70, 0x11, 0xDE, + 0x2C, 0xDC, 0xC1, 0xC6, 0xB6, 0xFD, 0xF3, 0x7D, + 0x38, 0x97, 0x8B, 0x81, 0x02, 0x88, 0x62, 0x3C, + 0x1E, 0x1A, 0x93, 0x21, 0xE3, 0x6D, 0xD7, 0x20, + 0x80, 0xA8, 0xDA, 0x18, 0x8F, 0x58, 0x0F, 0x4E + }, + .len = 128 << 3 + }, + .validDataLenInBits = { + .len = 128 << 3 + }, + .validCipherLenInBits = { + .len = 126 << 3 + }, + .validAuthLenInBits = { + .len = 124 << 3 + }, + .validCipherOffsetInBits = { + .len = 2 << 3 + }, + .digest = { + .data = {0x8F, 0x58, 0x0F, 0x4E}, + .len = 4, + .offset_bytes = 124 } }; #endif /* TEST_CRYPTODEV_KASUMI_TEST_VECTORS_H_ */ From patchwork Fri Jun 7 10:06:04 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Damian Nowak X-Patchwork-Id: 54536 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@dpdk.org Delivered-To: patchwork@dpdk.org Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id 9F9901B9E9; Fri, 7 Jun 2019 12:09:48 +0200 (CEST) Received: from mga01.intel.com (mga01.intel.com [192.55.52.88]) by dpdk.org (Postfix) with ESMTP id E741E1B9C8 for ; Fri, 7 Jun 2019 12:09:38 +0200 (CEST) X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by fmsmga101.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 07 Jun 2019 03:09:38 -0700 X-ExtLoop1: 1 Received: from damiannx-mobl1.ger.corp.intel.com ([10.103.104.100]) by fmsmga001.fm.intel.com with ESMTP; 07 Jun 2019 03:09:37 -0700 From: Damian Nowak To: dev@dpdk.org Cc: fiona.trahe@intel.com, arkadiuszx.kusztal@intel.com, Damian Nowak Date: Fri, 7 Jun 2019 12:06:04 +0200 Message-Id: <20190607100608.16212-8-damianx.nowak@intel.com> X-Mailer: git-send-email 2.21.0.windows.1 In-Reply-To: <20190607100608.16212-1-damianx.nowak@intel.com> References: <20190603145048.2596-1-damianx.nowak@intel.com> <20190607100608.16212-1-damianx.nowak@intel.com> MIME-Version: 1.0 Subject: [dpdk-dev] [PATCH v2 07/10] test/crypto: add sgl test cases for ip and oop X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" This patch adds test cases for snow3g in-place and out-of-place auth-cipher operations with scatter-gather lists as input and output mbufs. Test cases include buffer appended digest generation with encryption and buffer decryption with appended digest verification. It also adds cases where digest is encrypted only partially. Signed-off-by: Damian Nowak --- app/test/test_cryptodev.c | 262 ++++++++++++++++++++++++++ app/test/test_cryptodev_snow3g_test_vectors.h | 67 +++++++ 2 files changed, 329 insertions(+) diff --git a/app/test/test_cryptodev.c b/app/test/test_cryptodev.c index c8ea5b5..fa2b5df 100644 --- a/app/test/test_cryptodev.c +++ b/app/test/test_cryptodev.c @@ -4487,6 +4487,192 @@ test_snow3g_auth_cipher(const struct snow3g_test_data *tdata, } static int +test_snow3g_auth_cipher_sgl(const struct snow3g_test_data *tdata, + uint8_t op_mode, uint8_t verify) +{ + struct crypto_testsuite_params *ts_params = &testsuite_params; + struct crypto_unittest_params *ut_params = &unittest_params; + + int retval; + + const uint8_t *plaintext = NULL; + const uint8_t *ciphertext = NULL; + const uint8_t *digest = NULL; + unsigned int plaintext_pad_len; + unsigned int plaintext_len; + unsigned int ciphertext_pad_len; + unsigned int ciphertext_len; + uint8_t buffer[10000]; + uint8_t digest_buffer[10000]; + + struct rte_cryptodev_info dev_info; + + rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info); + + uint64_t feat_flags = dev_info.feature_flags; + + if (op_mode == IN_PLACE) { + if (!(feat_flags & RTE_CRYPTODEV_FF_IN_PLACE_SGL)) { + printf("Device doesn't support in-place scatter-gather " + "in both input and output mbufs.\n"); + return -ENOTSUP; + } + } else { + if (!(feat_flags & RTE_CRYPTODEV_FF_OOP_SGL_IN_SGL_OUT)) { + printf("Device doesn't support out-of-place scatter-gather " + "in both input and output mbufs.\n"); + return -ENOTSUP; + } + if (!(feat_flags & RTE_CRYPTODEV_FF_DIGEST_ENCRYPTED)) { + printf("Device doesn't support digest encrypted.\n"); + return -ENOTSUP; + } + } + + /* Create SNOW 3G session */ + retval = create_wireless_algo_auth_cipher_session( + ts_params->valid_devs[0], + (verify ? RTE_CRYPTO_CIPHER_OP_DECRYPT + : RTE_CRYPTO_CIPHER_OP_ENCRYPT), + (verify ? RTE_CRYPTO_AUTH_OP_VERIFY + : RTE_CRYPTO_AUTH_OP_GENERATE), + RTE_CRYPTO_AUTH_SNOW3G_UIA2, + RTE_CRYPTO_CIPHER_SNOW3G_UEA2, + tdata->key.data, tdata->key.len, + tdata->auth_iv.len, tdata->digest.len, + tdata->cipher_iv.len); + + if (retval < 0) + return retval; + + ciphertext_len = ceil_byte_length(tdata->ciphertext.len); + plaintext_len = ceil_byte_length(tdata->plaintext.len); + /* Append data which is padded to a multiple of */ + /* the algorithms block size */ + ciphertext_pad_len = RTE_ALIGN_CEIL(ciphertext_len, 16); + plaintext_pad_len = RTE_ALIGN_CEIL(plaintext_len, 16); + + ut_params->ibuf = create_segmented_mbuf(ts_params->mbuf_pool, + plaintext_pad_len, 15, 0); + TEST_ASSERT_NOT_NULL(ut_params->ibuf, + "Failed to allocate input buffer in mempool"); + + if (op_mode == OUT_OF_PLACE) { + ut_params->obuf = create_segmented_mbuf(ts_params->mbuf_pool, + plaintext_pad_len, 15, 0); + TEST_ASSERT_NOT_NULL(ut_params->obuf, + "Failed to allocate output buffer in mempool"); + } + + if (verify) { + pktmbuf_write(ut_params->ibuf, 0, ciphertext_len, + tdata->ciphertext.data); + ciphertext = rte_pktmbuf_read(ut_params->ibuf, 0, + ciphertext_len, buffer); + debug_hexdump(stdout, "ciphertext:", ciphertext, + ciphertext_len); + } else { + pktmbuf_write(ut_params->ibuf, 0, plaintext_len, + tdata->plaintext.data); + plaintext = rte_pktmbuf_read(ut_params->ibuf, 0, + plaintext_len, buffer); + debug_hexdump(stdout, "plaintext:", plaintext, + plaintext_len); + } + memset(buffer, 0, sizeof(buffer)); + + /* Create SNOW 3G operation */ + retval = create_wireless_algo_auth_cipher_operation( + tdata->digest.len, + tdata->cipher_iv.data, tdata->cipher_iv.len, + tdata->auth_iv.data, tdata->auth_iv.len, + (tdata->digest.offset_bytes == 0 ? + (verify ? ciphertext_pad_len : plaintext_pad_len) + : tdata->digest.offset_bytes), + tdata->validCipherLenInBits.len, + tdata->cipher.offset_bits, + tdata->validAuthLenInBits.len, + tdata->auth.offset_bits, + op_mode); + + if (retval < 0) + return retval; + + ut_params->op = process_crypto_request(ts_params->valid_devs[0], + ut_params->op); + + TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf"); + + ut_params->obuf = (op_mode == IN_PLACE ? + ut_params->op->sym->m_src : ut_params->op->sym->m_dst); + + if (verify) { + if (ut_params->obuf) + plaintext = rte_pktmbuf_read(ut_params->obuf, 0, + plaintext_len, buffer); + else + plaintext = rte_pktmbuf_read(ut_params->ibuf, 0, + plaintext_len, buffer); + + debug_hexdump(stdout, "plaintext:", plaintext, + (tdata->plaintext.len >> 3) - tdata->digest.len); + debug_hexdump(stdout, "plaintext expected:", + tdata->plaintext.data, + (tdata->plaintext.len >> 3) - tdata->digest.len); + } else { + if (ut_params->obuf) + ciphertext = rte_pktmbuf_read(ut_params->obuf, 0, + ciphertext_len, buffer); + else + ciphertext = rte_pktmbuf_read(ut_params->ibuf, 0, + ciphertext_len, buffer); + + debug_hexdump(stdout, "ciphertext:", ciphertext, + ciphertext_len); + debug_hexdump(stdout, "ciphertext expected:", + tdata->ciphertext.data, tdata->ciphertext.len >> 3); + + if (ut_params->obuf) + digest = rte_pktmbuf_read(ut_params->obuf, + (tdata->digest.offset_bytes == 0 ? + plaintext_pad_len : tdata->digest.offset_bytes), + tdata->digest.len, digest_buffer); + else + digest = rte_pktmbuf_read(ut_params->ibuf, + (tdata->digest.offset_bytes == 0 ? + plaintext_pad_len : tdata->digest.offset_bytes), + tdata->digest.len, digest_buffer); + + debug_hexdump(stdout, "digest:", digest, + tdata->digest.len); + debug_hexdump(stdout, "digest expected:", + tdata->digest.data, tdata->digest.len); + } + + /* Validate obuf */ + if (verify) { + TEST_ASSERT_BUFFERS_ARE_EQUAL_BIT( + plaintext, + tdata->plaintext.data, + tdata->plaintext.len >> 3, + "SNOW 3G Plaintext data not as expected"); + } else { + TEST_ASSERT_BUFFERS_ARE_EQUAL_BIT( + ciphertext, + tdata->ciphertext.data, + tdata->validDataLenInBits.len, + "SNOW 3G Ciphertext data not as expected"); + + TEST_ASSERT_BUFFERS_ARE_EQUAL( + digest, + tdata->digest.data, + DIGEST_BYTE_LENGTH_SNOW3G_UIA2, + "SNOW 3G Generated auth tag not as expected"); + } + return 0; +} + +static int test_kasumi_auth_cipher(const struct kasumi_test_data *tdata, uint8_t op_mode, uint8_t verify) { @@ -5239,6 +5425,36 @@ test_snow3g_auth_cipher_part_digest_enc_oop(void) } static int +test_snow3g_auth_cipher_test_case_3_sgl(void) +{ + return test_snow3g_auth_cipher_sgl( + &snow3g_auth_cipher_test_case_3, IN_PLACE, 0); +} + +static int +test_snow3g_auth_cipher_test_case_3_oop_sgl(void) +{ + return test_snow3g_auth_cipher_sgl( + &snow3g_auth_cipher_test_case_3, OUT_OF_PLACE, 0); +} + +static int +test_snow3g_auth_cipher_part_digest_enc_sgl(void) +{ + return test_snow3g_auth_cipher_sgl( + &snow3g_auth_cipher_partial_digest_encryption, + IN_PLACE, 0); +} + +static int +test_snow3g_auth_cipher_part_digest_enc_oop_sgl(void) +{ + return test_snow3g_auth_cipher_sgl( + &snow3g_auth_cipher_partial_digest_encryption, + OUT_OF_PLACE, 0); +} + +static int test_snow3g_auth_cipher_verify_test_case_1(void) { return test_snow3g_auth_cipher( @@ -5276,6 +5492,36 @@ test_snow3g_auth_cipher_verify_part_digest_enc_oop(void) } static int +test_snow3g_auth_cipher_verify_test_case_3_sgl(void) +{ + return test_snow3g_auth_cipher_sgl( + &snow3g_auth_cipher_test_case_3, IN_PLACE, 1); +} + +static int +test_snow3g_auth_cipher_verify_test_case_3_oop_sgl(void) +{ + return test_snow3g_auth_cipher_sgl( + &snow3g_auth_cipher_test_case_3, OUT_OF_PLACE, 1); +} + +static int +test_snow3g_auth_cipher_verify_part_digest_enc_sgl(void) +{ + return test_snow3g_auth_cipher_sgl( + &snow3g_auth_cipher_partial_digest_encryption, + IN_PLACE, 1); +} + +static int +test_snow3g_auth_cipher_verify_part_digest_enc_oop_sgl(void) +{ + return test_snow3g_auth_cipher_sgl( + &snow3g_auth_cipher_partial_digest_encryption, + OUT_OF_PLACE, 1); +} + +static int test_snow3g_auth_cipher_with_digest_test_case_1(void) { return test_snow3g_auth_cipher( @@ -9468,6 +9714,14 @@ static struct unit_test_suite cryptodev_qat_testsuite = { test_snow3g_auth_cipher_part_digest_enc), TEST_CASE_ST(ut_setup, ut_teardown, test_snow3g_auth_cipher_part_digest_enc_oop), + TEST_CASE_ST(ut_setup, ut_teardown, + test_snow3g_auth_cipher_test_case_3_sgl), + TEST_CASE_ST(ut_setup, ut_teardown, + test_snow3g_auth_cipher_test_case_3_oop_sgl), + TEST_CASE_ST(ut_setup, ut_teardown, + test_snow3g_auth_cipher_part_digest_enc_sgl), + TEST_CASE_ST(ut_setup, ut_teardown, + test_snow3g_auth_cipher_part_digest_enc_oop_sgl), /** SNOW 3G decrypt (UEA2), then verify auth */ TEST_CASE_ST(ut_setup, ut_teardown, @@ -9480,6 +9734,14 @@ static struct unit_test_suite cryptodev_qat_testsuite = { test_snow3g_auth_cipher_verify_part_digest_enc), TEST_CASE_ST(ut_setup, ut_teardown, test_snow3g_auth_cipher_verify_part_digest_enc_oop), + TEST_CASE_ST(ut_setup, ut_teardown, + test_snow3g_auth_cipher_verify_test_case_3_sgl), + TEST_CASE_ST(ut_setup, ut_teardown, + test_snow3g_auth_cipher_verify_test_case_3_oop_sgl), + TEST_CASE_ST(ut_setup, ut_teardown, + test_snow3g_auth_cipher_verify_part_digest_enc_sgl), + TEST_CASE_ST(ut_setup, ut_teardown, + test_snow3g_auth_cipher_verify_part_digest_enc_oop_sgl), /** SNOW 3G decrypt only (UEA2) */ TEST_CASE_ST(ut_setup, ut_teardown, diff --git a/app/test/test_cryptodev_snow3g_test_vectors.h b/app/test/test_cryptodev_snow3g_test_vectors.h index 3abc037..bbe0566 100644 --- a/app/test/test_cryptodev_snow3g_test_vectors.h +++ b/app/test/test_cryptodev_snow3g_test_vectors.h @@ -602,6 +602,73 @@ struct snow3g_test_data snow3g_auth_cipher_test_case_2 = { }, }; +struct snow3g_test_data snow3g_auth_cipher_test_case_3 = { + .key = { + .data = { + 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, + 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10 + + }, + .len = 16 + }, + .cipher_iv = { + .data = { + 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, + 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08 + }, + .len = 16 + }, + .auth_iv = { + .data = { + 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 + }, + .len = 16 + }, + .plaintext = { + .data = { + 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, + 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, + 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, + 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, + }, + .len = 32 << 3 + }, + .ciphertext = { + .data = { + 0x5A, 0x5A, 0xE4, 0xAD, 0x29, 0xA2, 0x6A, 0xA6, + 0x20, 0x1D, 0xCD, 0x08, 0x50, 0xD6, 0xE6, 0x47, + 0xBC, 0x88, 0x08, 0x01, 0x17, 0xFA, 0x47, 0x5B, + 0x90, 0x40, 0xBA, 0x0C, 0xBA, 0x6D, 0x6A, 0x5E, + }, + .len = 32 << 3 + }, + .cipher = { + .len_bits = 30 << 3, + .offset_bits = 2 << 3 + }, + .auth = { + .len_bits = 28 << 3, + .offset_bits = 0 + }, + .digest = { + .data = { + 0xBA, 0x6D, 0x6A, 0x5E + }, + .len = 4, + .offset_bytes = 28 + }, + .validDataLenInBits = { + .len = 32 << 3 + }, + .validCipherLenInBits = { + .len = 30 << 3 + }, + .validAuthLenInBits = { + .len = 28 << 3 + }, +}; + struct snow3g_test_data snow3g_auth_cipher_partial_digest_encryption = { .key = { .data = { From patchwork Fri Jun 7 10:06:05 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Damian Nowak X-Patchwork-Id: 54537 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@dpdk.org Delivered-To: patchwork@dpdk.org Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id 716A91B9F0; Fri, 7 Jun 2019 12:09:50 +0200 (CEST) Received: from mga01.intel.com (mga01.intel.com [192.55.52.88]) by dpdk.org (Postfix) with ESMTP id 47F8A1B9CE for ; Fri, 7 Jun 2019 12:09:40 +0200 (CEST) X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by fmsmga101.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 07 Jun 2019 03:09:39 -0700 X-ExtLoop1: 1 Received: from damiannx-mobl1.ger.corp.intel.com ([10.103.104.100]) by fmsmga001.fm.intel.com with ESMTP; 07 Jun 2019 03:09:38 -0700 From: Damian Nowak To: dev@dpdk.org Cc: fiona.trahe@intel.com, arkadiuszx.kusztal@intel.com, Damian Nowak Date: Fri, 7 Jun 2019 12:06:05 +0200 Message-Id: <20190607100608.16212-9-damianx.nowak@intel.com> X-Mailer: git-send-email 2.21.0.windows.1 In-Reply-To: <20190607100608.16212-1-damianx.nowak@intel.com> References: <20190603145048.2596-1-damianx.nowak@intel.com> <20190607100608.16212-1-damianx.nowak@intel.com> MIME-Version: 1.0 Subject: [dpdk-dev] [PATCH v2 08/10] test/crypto: return correct value if feature not supported X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" This patch makes unsupported tests visible in the testsuite summary. Signed-off-by: Damian Nowak --- app/test/test_cryptodev.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/app/test/test_cryptodev.c b/app/test/test_cryptodev.c index fa2b5df..ac63bc6 100644 --- a/app/test/test_cryptodev.c +++ b/app/test/test_cryptodev.c @@ -3341,7 +3341,7 @@ test_kasumi_encryption_sgl(const struct kasumi_test_data *tdata) if (!(feat_flags & RTE_CRYPTODEV_FF_IN_PLACE_SGL)) { printf("Device doesn't support in-place scatter-gather. " "Test Skipped.\n"); - return 0; + return -ENOTSUP; } /* Create KASUMI session */ @@ -3492,7 +3492,7 @@ test_kasumi_encryption_oop_sgl(const struct kasumi_test_data *tdata) printf("Device doesn't support out-of-place scatter-gather " "in both input and output mbufs. " "Test Skipped.\n"); - return 0; + return -ENOTSUP; } /* Create KASUMI session */ @@ -3847,7 +3847,7 @@ test_snow3g_encryption_oop_sgl(const struct snow3g_test_data *tdata) printf("Device doesn't support out-of-place scatter-gather " "in both input and output mbufs. " "Test Skipped.\n"); - return 0; + return -ENOTSUP; } /* Create SNOW 3G session */ @@ -5029,7 +5029,7 @@ test_zuc_encryption_sgl(const struct wireless_test_data *tdata) if (!(feat_flags & RTE_CRYPTODEV_FF_IN_PLACE_SGL)) { printf("Device doesn't support in-place scatter-gather. " "Test Skipped.\n"); - return 0; + return -ENOTSUP; } plaintext_len = ceil_byte_length(tdata->plaintext.len); From patchwork Fri Jun 7 10:06:06 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Damian Nowak X-Patchwork-Id: 54538 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@dpdk.org Delivered-To: patchwork@dpdk.org Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id 81E201BA56; Fri, 7 Jun 2019 12:09:55 +0200 (CEST) Received: from mga01.intel.com (mga01.intel.com [192.55.52.88]) by dpdk.org (Postfix) with ESMTP id A207A1B9D5 for ; Fri, 7 Jun 2019 12:09:41 +0200 (CEST) X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by fmsmga101.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 07 Jun 2019 03:09:41 -0700 X-ExtLoop1: 1 Received: from damiannx-mobl1.ger.corp.intel.com ([10.103.104.100]) by fmsmga001.fm.intel.com with ESMTP; 07 Jun 2019 03:09:40 -0700 From: Damian Nowak To: dev@dpdk.org Cc: fiona.trahe@intel.com, arkadiuszx.kusztal@intel.com, Damian Nowak Date: Fri, 7 Jun 2019 12:06:06 +0200 Message-Id: <20190607100608.16212-10-damianx.nowak@intel.com> X-Mailer: git-send-email 2.21.0.windows.1 In-Reply-To: <20190607100608.16212-1-damianx.nowak@intel.com> References: <20190603145048.2596-1-damianx.nowak@intel.com> <20190607100608.16212-1-damianx.nowak@intel.com> MIME-Version: 1.0 Subject: [dpdk-dev] [PATCH v2 09/10] doc/crypto: document digest-encrypted limitations in qat X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" This patch adds description of limitation when using digest-appended auth-cipher operations on QuickAssist Technology driver. Signed-off-by: Damian Nowak --- doc/guides/cryptodevs/qat.rst | 1 + 1 file changed, 1 insertion(+) diff --git a/doc/guides/cryptodevs/qat.rst b/doc/guides/cryptodevs/qat.rst index e905f6d..7b57035 100644 --- a/doc/guides/cryptodevs/qat.rst +++ b/doc/guides/cryptodevs/qat.rst @@ -82,6 +82,7 @@ Limitations * ZUC EEA3/EIA3 is not supported by dh895xcc devices * Maximum additional authenticated data (AAD) for GCM is 240 bytes long and must be passed to the device in a buffer rounded up to the nearest block-size multiple (x16) and padded with zeros. * Queue pairs are not thread-safe (that is, within a single queue pair, RX and TX from different lcores is not supported). +* Only SNOW 3G (UIA2), KASUMI (F9) and ZUC (EIA3) are supported, when using hash-cipher with digest appended and encrypted operations. Extra notes on KASUMI F9 ~~~~~~~~~~~~~~~~~~~~~~~~ From patchwork Fri Jun 7 10:06:07 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Damian Nowak X-Patchwork-Id: 54539 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@dpdk.org Delivered-To: patchwork@dpdk.org Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id 03EAD1BA4D; Fri, 7 Jun 2019 12:09:59 +0200 (CEST) Received: from mga01.intel.com (mga01.intel.com [192.55.52.88]) by dpdk.org (Postfix) with ESMTP id 27A8A1B9C4 for ; Fri, 7 Jun 2019 12:09:42 +0200 (CEST) X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by fmsmga101.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 07 Jun 2019 03:09:42 -0700 X-ExtLoop1: 1 Received: from damiannx-mobl1.ger.corp.intel.com ([10.103.104.100]) by fmsmga001.fm.intel.com with ESMTP; 07 Jun 2019 03:09:41 -0700 From: Damian Nowak To: dev@dpdk.org Cc: fiona.trahe@intel.com, arkadiuszx.kusztal@intel.com, Damian Nowak Date: Fri, 7 Jun 2019 12:06:07 +0200 Message-Id: <20190607100608.16212-11-damianx.nowak@intel.com> X-Mailer: git-send-email 2.21.0.windows.1 In-Reply-To: <20190607100608.16212-1-damianx.nowak@intel.com> References: <20190603145048.2596-1-damianx.nowak@intel.com> <20190607100608.16212-1-damianx.nowak@intel.com> MIME-Version: 1.0 Subject: [dpdk-dev] [PATCH v2 10/10] doc: update release notes for 19.08 X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" This patch adds release note entries for hash-cipher digest-encrypted operations and new digest_encrypted feature flag. Signed-off-by: Damian Nowak --- doc/guides/rel_notes/release_19_08.rst | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/doc/guides/rel_notes/release_19_08.rst b/doc/guides/rel_notes/release_19_08.rst index b9510f9..1c85a2e 100644 --- a/doc/guides/rel_notes/release_19_08.rst +++ b/doc/guides/rel_notes/release_19_08.rst @@ -54,6 +54,11 @@ New Features Also, make sure to start the actual text at the margin. ========================================================= +* **Updated the QuickAssist Technology (QAT) symmetric crypto PMD.** + + Added support for hash-cipher with digest encrypted, when using + out-of-place operations. + Removed Items ------------- @@ -83,6 +88,9 @@ API Changes Also, make sure to start the actual text at the margin. ========================================================= +* cryptodev: ``RTE_CRYPTODEV_FF_DIGEST_ENCRYPTED`` feature flag + has been introduced. + ABI Changes -----------