From: Damian Nowak Date: Wed, 3 Jul 2019 11:15:55 +0000 (+0200) Subject: test/crypto: add ZUC test cases for auth-cipher X-Git-Url: http://git.droids-corp.org/?a=commitdiff_plain;h=b1c1df46878ded2dc3a79b0ab9972c99b3a53bbf;p=dpdk.git test/crypto: add ZUC test cases for auth-cipher This patch adds test cases for zuc in-place and out-of-place auth-cipher operations. Test cases include buffer appended digest generation with encryption and buffer decryption with appended digest verification. Signed-off-by: Damian Nowak Acked-by: Fiona Trahe --- diff --git a/app/test/test_cryptodev.c b/app/test/test_cryptodev.c index 45089416ee..757722a639 100644 --- a/app/test/test_cryptodev.c +++ b/app/test/test_cryptodev.c @@ -4952,6 +4952,170 @@ test_zuc_authentication(const struct wireless_test_data *tdata) return 0; } +static int +test_zuc_auth_cipher(const struct wireless_test_data *tdata, + uint8_t op_mode, uint8_t verify) +{ + struct crypto_testsuite_params *ts_params = &testsuite_params; + struct crypto_unittest_params *ut_params = &unittest_params; + + int retval; + + uint8_t *plaintext = NULL, *ciphertext = NULL; + unsigned int plaintext_pad_len; + unsigned int plaintext_len; + unsigned int ciphertext_pad_len; + unsigned int ciphertext_len; + + struct rte_cryptodev_info dev_info; + + rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info); + + uint64_t feat_flags = dev_info.feature_flags; + + if (op_mode == OUT_OF_PLACE) { + if (!(feat_flags & RTE_CRYPTODEV_FF_DIGEST_ENCRYPTED)) { + printf("Device doesn't support digest encrypted.\n"); + return -ENOTSUP; + } + } + + /* Create KASUMI session */ + retval = create_wireless_algo_auth_cipher_session( + ts_params->valid_devs[0], + (verify ? RTE_CRYPTO_CIPHER_OP_DECRYPT + : RTE_CRYPTO_CIPHER_OP_ENCRYPT), + (verify ? RTE_CRYPTO_AUTH_OP_VERIFY + : RTE_CRYPTO_AUTH_OP_GENERATE), + RTE_CRYPTO_AUTH_ZUC_EIA3, + RTE_CRYPTO_CIPHER_ZUC_EEA3, + tdata->key.data, tdata->key.len, + tdata->auth_iv.len, tdata->digest.len, + tdata->cipher_iv.len); + + if (retval < 0) + return retval; + + ut_params->ibuf = rte_pktmbuf_alloc(ts_params->mbuf_pool); + if (op_mode == OUT_OF_PLACE) + ut_params->obuf = rte_pktmbuf_alloc(ts_params->mbuf_pool); + + /* clear mbuf payload */ + memset(rte_pktmbuf_mtod(ut_params->ibuf, uint8_t *), 0, + rte_pktmbuf_tailroom(ut_params->ibuf)); + if (op_mode == OUT_OF_PLACE) + memset(rte_pktmbuf_mtod(ut_params->obuf, uint8_t *), 0, + rte_pktmbuf_tailroom(ut_params->obuf)); + + ciphertext_len = ceil_byte_length(tdata->ciphertext.len); + plaintext_len = ceil_byte_length(tdata->plaintext.len); + /* Append data which is padded to a multiple of */ + /* the algorithms block size */ + ciphertext_pad_len = RTE_ALIGN_CEIL(ciphertext_len, 16); + plaintext_pad_len = RTE_ALIGN_CEIL(plaintext_len, 16); + + if (verify) { + ciphertext = (uint8_t *)rte_pktmbuf_append(ut_params->ibuf, + ciphertext_pad_len); + memcpy(ciphertext, tdata->ciphertext.data, ciphertext_len); + if (op_mode == OUT_OF_PLACE) + rte_pktmbuf_append(ut_params->obuf, ciphertext_pad_len); + debug_hexdump(stdout, "ciphertext:", ciphertext, + ciphertext_len); + } else { + plaintext = (uint8_t *)rte_pktmbuf_append(ut_params->ibuf, + plaintext_pad_len); + memcpy(plaintext, tdata->plaintext.data, plaintext_len); + if (op_mode == OUT_OF_PLACE) + rte_pktmbuf_append(ut_params->obuf, plaintext_pad_len); + debug_hexdump(stdout, "plaintext:", plaintext, + plaintext_len); + } + + /* Create ZUC operation */ + retval = create_wireless_algo_auth_cipher_operation( + tdata->digest.len, + tdata->cipher_iv.data, tdata->cipher_iv.len, + tdata->auth_iv.data, tdata->auth_iv.len, + (tdata->digest.offset_bytes == 0 ? + (verify ? ciphertext_pad_len : plaintext_pad_len) + : tdata->digest.offset_bytes), + tdata->validCipherLenInBits.len, + tdata->validCipherOffsetInBits.len, + tdata->validAuthLenInBits.len, + 0, + op_mode); + + if (retval < 0) + return retval; + + ut_params->op = process_crypto_request(ts_params->valid_devs[0], + ut_params->op); + + TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf"); + + ut_params->obuf = (op_mode == IN_PLACE ? + ut_params->op->sym->m_src : ut_params->op->sym->m_dst); + + + if (verify) { + if (ut_params->obuf) + plaintext = rte_pktmbuf_mtod(ut_params->obuf, + uint8_t *); + else + plaintext = ciphertext; + + debug_hexdump(stdout, "plaintext:", plaintext, + (tdata->plaintext.len >> 3) - tdata->digest.len); + debug_hexdump(stdout, "plaintext expected:", + tdata->plaintext.data, + (tdata->plaintext.len >> 3) - tdata->digest.len); + } else { + if (ut_params->obuf) + ciphertext = rte_pktmbuf_mtod(ut_params->obuf, + uint8_t *); + else + ciphertext = plaintext; + + debug_hexdump(stdout, "ciphertext:", ciphertext, + ciphertext_len); + debug_hexdump(stdout, "ciphertext expected:", + tdata->ciphertext.data, tdata->ciphertext.len >> 3); + + ut_params->digest = rte_pktmbuf_mtod( + ut_params->obuf, uint8_t *) + + (tdata->digest.offset_bytes == 0 ? + plaintext_pad_len : tdata->digest.offset_bytes); + + debug_hexdump(stdout, "digest:", ut_params->digest, + tdata->digest.len); + debug_hexdump(stdout, "digest expected:", + tdata->digest.data, tdata->digest.len); + } + + /* Validate obuf */ + if (verify) { + TEST_ASSERT_BUFFERS_ARE_EQUAL_BIT( + plaintext, + tdata->plaintext.data, + tdata->plaintext.len >> 3, + "ZUC Plaintext data not as expected"); + } else { + TEST_ASSERT_BUFFERS_ARE_EQUAL_BIT( + ciphertext, + tdata->ciphertext.data, + tdata->ciphertext.len >> 3, + "ZUC Ciphertext data not as expected"); + + TEST_ASSERT_BUFFERS_ARE_EQUAL( + ut_params->digest, + tdata->digest.data, + DIGEST_BYTE_LENGTH_KASUMI_F9, + "ZUC Generated auth tag not as expected"); + } + return 0; +} + static int test_kasumi_encryption_test_case_1(void) { @@ -5369,6 +5533,34 @@ test_zuc_cipher_auth_test_case_2(void) return test_zuc_cipher_auth(&zuc_test_case_cipher_800b_auth_120b); } +static int +test_zuc_auth_cipher_test_case_1(void) +{ + return test_zuc_auth_cipher( + &zuc_auth_cipher_test_case_1, IN_PLACE, 0); +} + +static int +test_zuc_auth_cipher_test_case_1_oop(void) +{ + return test_zuc_auth_cipher( + &zuc_auth_cipher_test_case_1, OUT_OF_PLACE, 0); +} + +static int +test_zuc_auth_cipher_verify_test_case_1(void) +{ + return test_zuc_auth_cipher( + &zuc_auth_cipher_test_case_1, IN_PLACE, 1); +} + +static int +test_zuc_auth_cipher_verify_test_case_1_oop(void) +{ + return test_zuc_auth_cipher( + &zuc_auth_cipher_test_case_1, OUT_OF_PLACE, 1); +} + static int test_3DES_chain_qat_all(void) { @@ -9480,6 +9672,18 @@ static struct unit_test_suite cryptodev_qat_testsuite = { TEST_CASE_ST(ut_setup, ut_teardown, test_zuc_cipher_auth_test_case_2), + /** ZUC generate auth, then encrypt (EEA3) */ + TEST_CASE_ST(ut_setup, ut_teardown, + test_zuc_auth_cipher_test_case_1), + TEST_CASE_ST(ut_setup, ut_teardown, + test_zuc_auth_cipher_test_case_1_oop), + + /** ZUC decrypt (EEA3), then verify auth */ + TEST_CASE_ST(ut_setup, ut_teardown, + test_zuc_auth_cipher_verify_test_case_1), + TEST_CASE_ST(ut_setup, ut_teardown, + test_zuc_auth_cipher_verify_test_case_1_oop), + /** HMAC_MD5 Authentication */ TEST_CASE_ST(ut_setup, ut_teardown, test_MD5_HMAC_generate_case_1), diff --git a/app/test/test_cryptodev_zuc_test_vectors.h b/app/test/test_cryptodev_zuc_test_vectors.h index 9ff821a18d..cc2338e107 100644 --- a/app/test/test_cryptodev_zuc_test_vectors.h +++ b/app/test/test_cryptodev_zuc_test_vectors.h @@ -34,6 +34,11 @@ struct wireless_test_data { unsigned len; } validCipherLenInBits; + struct { + unsigned int len; + } validCipherOffsetInBits; + + struct { unsigned len; } validAuthLenInBits; @@ -46,6 +51,7 @@ struct wireless_test_data { struct { uint8_t data[64]; unsigned len; + unsigned int offset_bytes; /* offset must be in Bytes */ } digest; }; static struct wireless_test_data zuc_test_case_cipher_193b = { @@ -1040,4 +1046,87 @@ static struct wireless_test_data zuc_test_case_auth_584b = { } }; +struct wireless_test_data zuc_auth_cipher_test_case_1 = { + .key = { + .data = { + 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, + 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, 0x10 + }, + .len = 16 + }, + .cipher_iv = { + .data = { + 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 + }, + .len = 16 + }, + .auth_iv = { + .data = { + 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 + }, + .len = 16 + }, + .plaintext = { + .data = { + 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, + 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, + 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, + 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, + 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, + 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, + 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, + 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, + 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, + 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, + 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, + 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, + 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, + 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, + 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, + 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A + }, + .len = 128 << 3 + }, + .ciphertext = { + .data = { + 0x5A, 0x5A, 0xDB, 0x3D, 0xD5, 0xB7, 0xB9, 0x58, + 0xA5, 0xD3, 0xE3, 0xF9, 0x18, 0x73, 0xB4, 0x74, + 0x05, 0xF0, 0xE9, 0xB6, 0x5D, 0x9A, 0xE3, 0xFA, + 0x5D, 0xFD, 0x24, 0x51, 0xAD, 0x73, 0xCA, 0x64, + 0x91, 0xD5, 0xB3, 0x94, 0x10, 0x91, 0x89, 0xEA, + 0x73, 0x6F, 0xB0, 0x2A, 0x0A, 0x63, 0x0F, 0x8D, + 0x64, 0x87, 0xA3, 0x14, 0x6B, 0x93, 0x31, 0x0F, + 0x14, 0xAD, 0xEA, 0x62, 0x80, 0x3F, 0x44, 0xDD, + 0x4E, 0x30, 0xFA, 0xC8, 0x0E, 0x5F, 0x46, 0xE7, + 0x60, 0xEC, 0xDF, 0x8B, 0x94, 0x7D, 0x2E, 0x63, + 0x48, 0xD9, 0x69, 0x06, 0x13, 0xF2, 0x20, 0x49, + 0x54, 0xA6, 0xD4, 0x98, 0xF4, 0xF6, 0x1D, 0x4A, + 0xC9, 0xA5, 0xDA, 0x46, 0x3D, 0xD9, 0x02, 0x47, + 0x1C, 0x20, 0x73, 0x35, 0x17, 0x1D, 0x81, 0x8D, + 0x2E, 0xCD, 0x70, 0x37, 0x22, 0x55, 0x3C, 0xF3, + 0xDA, 0x70, 0x42, 0x12, 0x0E, 0xAA, 0xC4, 0xAB + }, + .len = 128 << 3 + }, + .validDataLenInBits = { + .len = 128 << 3 + }, + .validCipherLenInBits = { + .len = 126 << 3 + }, + .validAuthLenInBits = { + .len = 124 << 3 + }, + .validCipherOffsetInBits = { + .len = 2 << 3 + }, + .digest = { + .data = {0x0E, 0xAA, 0xC4, 0xAB}, + .len = 4, + .offset_bytes = 124 + } +}; + #endif /* TEST_CRYPTODEV_ZUC_TEST_VECTORS_H_ */