test/crypto: add KASUMI test cases for auth-cipher
authorDamian Nowak <damianx.nowak@intel.com>
Wed, 3 Jul 2019 11:15:56 +0000 (13:15 +0200)
committerAkhil Goyal <akhil.goyal@nxp.com>
Fri, 5 Jul 2019 13:28:14 +0000 (15:28 +0200)
This patch adds test cases for kasumi in-place
and out-of-place auth-cipher operations. Test
cases include buffer appended digest generation
with encryption and buffer decryption with
appended digest verification.

Signed-off-by: Damian Nowak <damianx.nowak@intel.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
app/test/test_cryptodev.c
app/test/test_cryptodev_kasumi_test_vectors.h

index 757722a..518d3b5 100644 (file)
@@ -4545,87 +4545,164 @@ test_snow3g_auth_cipher(const struct snow3g_test_data *tdata,
 }
 
 static int
-test_kasumi_auth_cipher(const struct kasumi_test_data *tdata)
+test_kasumi_auth_cipher(const struct kasumi_test_data *tdata,
+       uint8_t op_mode, uint8_t verify)
 {
        struct crypto_testsuite_params *ts_params = &testsuite_params;
        struct crypto_unittest_params *ut_params = &unittest_params;
 
        int retval;
 
-       uint8_t *plaintext, *ciphertext;
-       unsigned plaintext_pad_len;
-       unsigned plaintext_len;
+       uint8_t *plaintext = NULL, *ciphertext = NULL;
+       unsigned int plaintext_pad_len;
+       unsigned int plaintext_len;
+       unsigned int ciphertext_pad_len;
+       unsigned int ciphertext_len;
+
+       struct rte_cryptodev_info dev_info;
+
+       rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info);
+
+       uint64_t feat_flags = dev_info.feature_flags;
+
+       if (op_mode == OUT_OF_PLACE) {
+               if (!(feat_flags & RTE_CRYPTODEV_FF_DIGEST_ENCRYPTED)) {
+                       printf("Device doesn't support digest encrypted.\n");
+                       return -ENOTSUP;
+               }
+       }
 
        /* Create KASUMI session */
        retval = create_wireless_algo_auth_cipher_session(
                        ts_params->valid_devs[0],
-                       RTE_CRYPTO_CIPHER_OP_ENCRYPT,
-                       RTE_CRYPTO_AUTH_OP_GENERATE,
+                       (verify ? RTE_CRYPTO_CIPHER_OP_DECRYPT
+                                       : RTE_CRYPTO_CIPHER_OP_ENCRYPT),
+                       (verify ? RTE_CRYPTO_AUTH_OP_VERIFY
+                                       : RTE_CRYPTO_AUTH_OP_GENERATE),
                        RTE_CRYPTO_AUTH_KASUMI_F9,
                        RTE_CRYPTO_CIPHER_KASUMI_F8,
                        tdata->key.data, tdata->key.len,
                        0, tdata->digest.len,
                        tdata->cipher_iv.len);
+
        if (retval < 0)
                return retval;
+
        ut_params->ibuf = rte_pktmbuf_alloc(ts_params->mbuf_pool);
+       if (op_mode == OUT_OF_PLACE)
+               ut_params->obuf = rte_pktmbuf_alloc(ts_params->mbuf_pool);
 
        /* clear mbuf payload */
        memset(rte_pktmbuf_mtod(ut_params->ibuf, uint8_t *), 0,
-                       rte_pktmbuf_tailroom(ut_params->ibuf));
+               rte_pktmbuf_tailroom(ut_params->ibuf));
+       if (op_mode == OUT_OF_PLACE)
+               memset(rte_pktmbuf_mtod(ut_params->obuf, uint8_t *), 0,
+                       rte_pktmbuf_tailroom(ut_params->obuf));
 
+       ciphertext_len = ceil_byte_length(tdata->ciphertext.len);
        plaintext_len = ceil_byte_length(tdata->plaintext.len);
-       /* Append data which is padded to a multiple of */
-       /* the algorithms block size */
+       ciphertext_pad_len = RTE_ALIGN_CEIL(ciphertext_len, 16);
        plaintext_pad_len = RTE_ALIGN_CEIL(plaintext_len, 16);
-       plaintext = (uint8_t *)rte_pktmbuf_append(ut_params->ibuf,
-                               plaintext_pad_len);
-       memcpy(plaintext, tdata->plaintext.data, plaintext_len);
 
-       debug_hexdump(stdout, "plaintext:", plaintext, plaintext_len);
+       if (verify) {
+               ciphertext = (uint8_t *)rte_pktmbuf_append(ut_params->ibuf,
+                                       ciphertext_pad_len);
+               memcpy(ciphertext, tdata->ciphertext.data, ciphertext_len);
+               if (op_mode == OUT_OF_PLACE)
+                       rte_pktmbuf_append(ut_params->obuf, ciphertext_pad_len);
+               debug_hexdump(stdout, "ciphertext:", ciphertext,
+                       ciphertext_len);
+       } else {
+               plaintext = (uint8_t *)rte_pktmbuf_append(ut_params->ibuf,
+                                       plaintext_pad_len);
+               memcpy(plaintext, tdata->plaintext.data, plaintext_len);
+               if (op_mode == OUT_OF_PLACE)
+                       rte_pktmbuf_append(ut_params->obuf, plaintext_pad_len);
+               debug_hexdump(stdout, "plaintext:", plaintext,
+                       plaintext_len);
+       }
 
        /* Create KASUMI operation */
-       retval = create_wireless_algo_auth_cipher_operation(tdata->digest.len,
-                               tdata->cipher_iv.data, tdata->cipher_iv.len,
-                               NULL, 0,
-                               plaintext_pad_len,
-                               tdata->validCipherLenInBits.len,
-                               tdata->validCipherOffsetInBits.len,
-                               tdata->validAuthLenInBits.len,
-                               0,
-                               IN_PLACE);
+       retval = create_wireless_algo_auth_cipher_operation(
+               tdata->digest.len,
+               tdata->cipher_iv.data, tdata->cipher_iv.len,
+               NULL, 0,
+               (tdata->digest.offset_bytes == 0 ?
+               (verify ? ciphertext_pad_len : plaintext_pad_len)
+                       : tdata->digest.offset_bytes),
+               tdata->validCipherLenInBits.len,
+               tdata->validCipherOffsetInBits.len,
+               tdata->validAuthLenInBits.len,
+               0,
+               op_mode);
 
        if (retval < 0)
                return retval;
 
        ut_params->op = process_crypto_request(ts_params->valid_devs[0],
                        ut_params->op);
+
        TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf");
-       if (ut_params->op->sym->m_dst)
-               ut_params->obuf = ut_params->op->sym->m_dst;
-       else
-               ut_params->obuf = ut_params->op->sym->m_src;
 
-       ciphertext = rte_pktmbuf_mtod_offset(ut_params->obuf, uint8_t *,
-                               tdata->validCipherOffsetInBits.len >> 3);
+       ut_params->obuf = (op_mode == IN_PLACE ?
+               ut_params->op->sym->m_src : ut_params->op->sym->m_dst);
+
+
+       if (verify) {
+               if (ut_params->obuf)
+                       plaintext = rte_pktmbuf_mtod(ut_params->obuf,
+                                                       uint8_t *);
+               else
+                       plaintext = ciphertext;
+
+               debug_hexdump(stdout, "plaintext:", plaintext,
+                       (tdata->plaintext.len >> 3) - tdata->digest.len);
+               debug_hexdump(stdout, "plaintext expected:",
+                       tdata->plaintext.data,
+                       (tdata->plaintext.len >> 3) - tdata->digest.len);
+       } else {
+               if (ut_params->obuf)
+                       ciphertext = rte_pktmbuf_mtod(ut_params->obuf,
+                                                       uint8_t *);
+               else
+                       ciphertext = plaintext;
+
+               debug_hexdump(stdout, "ciphertext:", ciphertext,
+                       ciphertext_len);
+               debug_hexdump(stdout, "ciphertext expected:",
+                       tdata->ciphertext.data, tdata->ciphertext.len >> 3);
+
+               ut_params->digest = rte_pktmbuf_mtod(
+                       ut_params->obuf, uint8_t *) +
+                       (tdata->digest.offset_bytes == 0 ?
+                       plaintext_pad_len : tdata->digest.offset_bytes);
+
+               debug_hexdump(stdout, "digest:", ut_params->digest,
+                       tdata->digest.len);
+               debug_hexdump(stdout, "digest expected:",
+                       tdata->digest.data, tdata->digest.len);
+       }
 
-       const uint8_t *reference_ciphertext = tdata->ciphertext.data +
-                               (tdata->validCipherOffsetInBits.len >> 3);
        /* Validate obuf */
-       TEST_ASSERT_BUFFERS_ARE_EQUAL_BIT(
+       if (verify) {
+               TEST_ASSERT_BUFFERS_ARE_EQUAL_BIT(
+                       plaintext,
+                       tdata->plaintext.data,
+                       tdata->plaintext.len >> 3,
+                       "KASUMI Plaintext data not as expected");
+       } else {
+               TEST_ASSERT_BUFFERS_ARE_EQUAL_BIT(
                        ciphertext,
-                       reference_ciphertext,
-                       tdata->validCipherLenInBits.len,
+                       tdata->ciphertext.data,
+                       tdata->ciphertext.len >> 3,
                        "KASUMI Ciphertext data not as expected");
-       ut_params->digest = rte_pktmbuf_mtod(ut_params->ibuf, uint8_t *)
-           + plaintext_pad_len;
 
-       /* Validate obuf */
-       TEST_ASSERT_BUFFERS_ARE_EQUAL(
+               TEST_ASSERT_BUFFERS_ARE_EQUAL(
                        ut_params->digest,
                        tdata->digest.data,
                        DIGEST_BYTE_LENGTH_KASUMI_F9,
                        "KASUMI Generated auth tag not as expected");
+       }
        return 0;
 }
 
@@ -5428,7 +5505,43 @@ test_snow3g_auth_cipher_with_digest_test_case_1(void)
 static int
 test_kasumi_auth_cipher_test_case_1(void)
 {
-       return test_kasumi_auth_cipher(&kasumi_test_case_3);
+       return test_kasumi_auth_cipher(
+               &kasumi_test_case_3, IN_PLACE, 0);
+}
+
+static int
+test_kasumi_auth_cipher_test_case_2(void)
+{
+       return test_kasumi_auth_cipher(
+               &kasumi_auth_cipher_test_case_2, IN_PLACE, 0);
+}
+
+static int
+test_kasumi_auth_cipher_test_case_2_oop(void)
+{
+       return test_kasumi_auth_cipher(
+               &kasumi_auth_cipher_test_case_2, OUT_OF_PLACE, 0);
+}
+
+static int
+test_kasumi_auth_cipher_verify_test_case_1(void)
+{
+       return test_kasumi_auth_cipher(
+               &kasumi_test_case_3, IN_PLACE, 1);
+}
+
+static int
+test_kasumi_auth_cipher_verify_test_case_2(void)
+{
+       return test_kasumi_auth_cipher(
+               &kasumi_auth_cipher_test_case_2, IN_PLACE, 1);
+}
+
+static int
+test_kasumi_auth_cipher_verify_test_case_2_oop(void)
+{
+       return test_kasumi_auth_cipher(
+               &kasumi_auth_cipher_test_case_2, OUT_OF_PLACE, 1);
 }
 
 static int
@@ -9727,10 +9840,24 @@ static struct unit_test_suite cryptodev_qat_testsuite  = {
                        test_kasumi_encryption_test_case_1),
                TEST_CASE_ST(ut_setup, ut_teardown,
                        test_kasumi_encryption_test_case_3),
+               TEST_CASE_ST(ut_setup, ut_teardown,
+                       test_kasumi_cipher_auth_test_case_1),
+
+               /** KASUMI generate auth, then encrypt (F8) */
                TEST_CASE_ST(ut_setup, ut_teardown,
                        test_kasumi_auth_cipher_test_case_1),
                TEST_CASE_ST(ut_setup, ut_teardown,
-                       test_kasumi_cipher_auth_test_case_1),
+                       test_kasumi_auth_cipher_test_case_2),
+               TEST_CASE_ST(ut_setup, ut_teardown,
+                       test_kasumi_auth_cipher_test_case_2_oop),
+
+               /** KASUMI decrypt (F8), then verify auth */
+               TEST_CASE_ST(ut_setup, ut_teardown,
+                       test_kasumi_auth_cipher_verify_test_case_1),
+               TEST_CASE_ST(ut_setup, ut_teardown,
+                       test_kasumi_auth_cipher_verify_test_case_2),
+               TEST_CASE_ST(ut_setup, ut_teardown,
+                       test_kasumi_auth_cipher_verify_test_case_2_oop),
 
                /** Negative tests */
                TEST_CASE_ST(ut_setup, ut_teardown,
@@ -10346,10 +10473,24 @@ static struct unit_test_suite cryptodev_sw_kasumi_testsuite  = {
                        test_kasumi_hash_verify_test_case_4),
                TEST_CASE_ST(ut_setup, ut_teardown,
                        test_kasumi_hash_verify_test_case_5),
+               TEST_CASE_ST(ut_setup, ut_teardown,
+                       test_kasumi_cipher_auth_test_case_1),
+
+               /** KASUMI generate auth, then encrypt (F8) */
                TEST_CASE_ST(ut_setup, ut_teardown,
                        test_kasumi_auth_cipher_test_case_1),
                TEST_CASE_ST(ut_setup, ut_teardown,
-                       test_kasumi_cipher_auth_test_case_1),
+                       test_kasumi_auth_cipher_test_case_2),
+               TEST_CASE_ST(ut_setup, ut_teardown,
+                       test_kasumi_auth_cipher_test_case_2_oop),
+
+               /** KASUMI decrypt (F8), then verify auth */
+               TEST_CASE_ST(ut_setup, ut_teardown,
+                       test_kasumi_auth_cipher_verify_test_case_1),
+               TEST_CASE_ST(ut_setup, ut_teardown,
+                       test_kasumi_auth_cipher_verify_test_case_2),
+               TEST_CASE_ST(ut_setup, ut_teardown,
+                       test_kasumi_auth_cipher_verify_test_case_2_oop),
                TEST_CASES_END() /**< NULL terminate unit test array */
        }
 };
index 58a696a..f0a6d55 100644 (file)
@@ -8,12 +8,12 @@
 struct kasumi_test_data {
        struct {
                uint8_t data[64];
-               unsigned len;
+               unsigned int len;
        } key;
 
        struct {
                uint8_t data[64] __rte_aligned(16);
-               unsigned len;
+               unsigned int len;
        } cipher_iv;
 
        /*
@@ -23,20 +23,20 @@ struct kasumi_test_data {
         */
        struct {
                uint8_t data[1024];
-               unsigned len; /* length must be in Bits */
+               unsigned int len; /* length must be in Bits */
        } plaintext;
 
        struct {
-               unsigned len;
+               unsigned int len;
        } validDataLenInBits;
 
        struct {
                uint8_t data[1024];
-               unsigned len; /* length must be in Bits */
+               unsigned int len; /* length must be in Bits */
        } ciphertext;
 
        struct {
-               unsigned len;
+               unsigned int len;
        } validCipherLenInBits;
 
        struct {
@@ -45,12 +45,13 @@ struct kasumi_test_data {
 
        /* Actual length of data to be hashed */
        struct {
-               unsigned len;
+               unsigned int len;
        } validAuthLenInBits;
 
        struct {
                uint8_t data[64];
-               unsigned len;
+               unsigned int len;
+               unsigned int offset_bytes; /* offset must be in Bytes */
        } digest;
 
 };
@@ -205,7 +206,8 @@ struct kasumi_test_data kasumi_test_case_3 = {
        },
        .digest = {
                .data = {0x87, 0x5F, 0xE4, 0x89},
-               .len  = 4
+               .len  = 4,
+               .offset_bytes = 0
        }
 };
 
@@ -353,7 +355,83 @@ struct kasumi_test_data kasumi_test_case_6 = {
        },
        .digest = {
                .data = {0x0F, 0xD2, 0xAA, 0xB5},
-               .len  = 4
+               .len  = 4,
+               .offset_bytes = 0
+       }
+};
+
+struct kasumi_test_data kasumi_auth_cipher_test_case_2 = {
+       .key = {
+               .data = {
+                       0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
+                       0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, 0x10
+               },
+               .len = 16
+       },
+       .cipher_iv = {
+               .data = {
+                       0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08
+               },
+               .len = 8
+       },
+       .plaintext = {
+               .data = {
+                       0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A,
+                       0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A,
+                       0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A,
+                       0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A,
+                       0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A,
+                       0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A,
+                       0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A,
+                       0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A,
+                       0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A,
+                       0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A,
+                       0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A,
+                       0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A,
+                       0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A,
+                       0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A,
+                       0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A,
+                       0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A
+               },
+               .len = 128 << 3
+       },
+       .ciphertext = {
+               .data = {
+                       0x5A, 0x5A, 0xFA, 0xC6, 0xA9, 0x09, 0x91, 0x74,
+                       0x35, 0xAA, 0x85, 0xB0, 0xE0, 0x07, 0x78, 0xDA,
+                       0x05, 0x88, 0x4E, 0x8D, 0xEC, 0x41, 0xF3, 0xBC,
+                       0x0D, 0x9F, 0xE3, 0xEF, 0x8E, 0x33, 0x22, 0xF3,
+                       0x15, 0x4B, 0x12, 0xC2, 0x22, 0x12, 0xD6, 0x46,
+                       0xD7, 0x27, 0x20, 0x1D, 0x50, 0x60, 0x9D, 0x42,
+                       0xF6, 0x73, 0xF5, 0x28, 0x88, 0xBE, 0x60, 0xEC,
+                       0x9C, 0x18, 0x81, 0xC4, 0x0A, 0xF4, 0xD5, 0x7A,
+                       0xB5, 0x3F, 0x1A, 0x79, 0xAB, 0x79, 0xDB, 0x24,
+                       0xF9, 0x6E, 0x86, 0x78, 0x10, 0x19, 0xAE, 0xD8,
+                       0xB2, 0xCA, 0x32, 0x8D, 0xD8, 0x28, 0x8B, 0x2F,
+                       0x5B, 0x3C, 0xE3, 0x7D, 0xD3, 0x70, 0x11, 0xDE,
+                       0x2C, 0xDC, 0xC1, 0xC6, 0xB6, 0xFD, 0xF3, 0x7D,
+                       0x38, 0x97, 0x8B, 0x81, 0x02, 0x88, 0x62, 0x3C,
+                       0x1E, 0x1A, 0x93, 0x21, 0xE3, 0x6D, 0xD7, 0x20,
+                       0x80, 0xA8, 0xDA, 0x18, 0x8F, 0x58, 0x0F, 0x4E
+               },
+               .len = 128 << 3
+       },
+       .validDataLenInBits = {
+               .len = 128 << 3
+       },
+       .validCipherLenInBits = {
+               .len = 126 << 3
+       },
+       .validAuthLenInBits = {
+               .len = 124 << 3
+       },
+       .validCipherOffsetInBits = {
+               .len = 2 << 3
+       },
+       .digest = {
+               .data = {0x8F, 0x58, 0x0F, 0x4E},
+               .len  = 4,
+               .offset_bytes = 124
        }
 };
 #endif /* TEST_CRYPTODEV_KASUMI_TEST_VECTORS_H_ */