X-Git-Url: http://git.droids-corp.org/?p=dpdk.git;a=blobdiff_plain;f=examples%2Ffips_validation%2Fmain.c;h=08a1b9c6dcc3bb2c5dbd809642a6a01d8bb448ff;hp=9a2c8da61952afa99f25e9b60d2318e1ce350d27;hb=d659460a17afa28d4c7a37d492df47ab3ac542c7;hpb=82cfb9c24f66084e6c7933e6c00bca409bcc00e2 diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c index 9a2c8da619..08a1b9c6dc 100644 --- a/examples/fips_validation/main.c +++ b/examples/fips_validation/main.c @@ -315,8 +315,21 @@ cryptodev_fips_validate_parse_args(int argc, char **argv) } } - if (env.req_path == NULL || env.rsp_path == NULL || - env.dev_id == UINT32_MAX) { + if (env.dev_id == UINT32_MAX) { + RTE_LOG(ERR, USER1, "No device specified\n"); + cryptodev_fips_validate_usage(prgname); + return -EINVAL; + } + + if ((env.req_path == NULL && env.rsp_path != NULL) || + (env.req_path != NULL && env.rsp_path == NULL)) { + RTE_LOG(ERR, USER1, "Missing req path or rsp path\n"); + cryptodev_fips_validate_usage(prgname); + return -EINVAL; + } + + if (env.req_path == NULL && env.self_test == 0) { + RTE_LOG(ERR, USER1, "--self-test must be set if req path is missing\n"); cryptodev_fips_validate_usage(prgname); return -EINVAL; } @@ -348,6 +361,11 @@ main(int argc, char *argv[]) return -1; } + if (env.req_path == NULL || env.rsp_path == NULL) { + printf("No request, exit.\n"); + goto exit; + } + if (!env.is_path_folder) { printf("Processing file %s... ", env.req_path); @@ -912,6 +930,46 @@ prepare_sha_xform(struct rte_crypto_sym_xform *xform) return 0; } +static int +prepare_xts_xform(struct rte_crypto_sym_xform *xform) +{ + const struct rte_cryptodev_symmetric_capability *cap; + struct rte_cryptodev_sym_capability_idx cap_idx; + struct rte_crypto_cipher_xform *cipher_xform = &xform->cipher; + + xform->type = RTE_CRYPTO_SYM_XFORM_CIPHER; + + cipher_xform->algo = RTE_CRYPTO_CIPHER_AES_XTS; + cipher_xform->op = (info.op == FIPS_TEST_ENC_AUTH_GEN) ? + RTE_CRYPTO_CIPHER_OP_ENCRYPT : + RTE_CRYPTO_CIPHER_OP_DECRYPT; + cipher_xform->key.data = vec.cipher_auth.key.val; + cipher_xform->key.length = vec.cipher_auth.key.len; + cipher_xform->iv.length = vec.iv.len; + cipher_xform->iv.offset = IV_OFF; + + cap_idx.algo.cipher = RTE_CRYPTO_CIPHER_AES_XTS; + cap_idx.type = RTE_CRYPTO_SYM_XFORM_CIPHER; + + cap = rte_cryptodev_sym_capability_get(env.dev_id, &cap_idx); + if (!cap) { + RTE_LOG(ERR, USER1, "Failed to get capability for cdev %u\n", + env.dev_id); + return -EINVAL; + } + + if (rte_cryptodev_sym_capability_check_cipher(cap, + cipher_xform->key.length, + cipher_xform->iv.length) != 0) { + RTE_LOG(ERR, USER1, "PMD %s key length %u IV length %u\n", + info.device_name, cipher_xform->key.length, + cipher_xform->iv.length); + return -EPERM; + } + + return 0; +} + static void get_writeback_data(struct fips_val *val) { @@ -1030,7 +1088,10 @@ fips_mct_tdes_test(void) int test_mode = info.interim_info.tdes_data.test_mode; for (i = 0; i < TDES_EXTERN_ITER; i++) { - if (i != 0) + if (i == 0) { + if (!(strstr(info.vec[0], "COUNT"))) + fprintf(info.fp_wr, "%s%u\n", "COUNT = ", 0); + } else update_info_vec(i); fips_test_write_one_case(); @@ -1486,6 +1547,11 @@ init_test_ops(void) else test_ops.test = fips_generic_test; break; + case FIPS_TEST_ALGO_AES_XTS: + test_ops.prepare_op = prepare_cipher_op; + test_ops.prepare_xform = prepare_xts_xform; + test_ops.test = fips_generic_test; + break; default: if (strstr(info.file_name, "TECB") || strstr(info.file_name, "TCBC")) {