From d5beebf85aea3ff2437f9b43ebc03f8712d4ad7c Mon Sep 17 00:00:00 2001 From: Piotr Azarewicz Date: Tue, 17 Jan 2017 12:19:19 +0100 Subject: [PATCH] crypto/aesni_gcm: test new features Added new unit tests for AES-NI GCM PMD to verify new functionalities. Signed-off-by: Piotr Azarewicz Acked-by: Declan Doherty --- app/test/test_cryptodev.c | 753 ++++++++++++++++++--- app/test/test_cryptodev_gcm_test_vectors.h | 491 +++++++++++++- 2 files changed, 1116 insertions(+), 128 deletions(-) diff --git a/app/test/test_cryptodev.c b/app/test/test_cryptodev.c index 5786fde2cc..e8d1eae9e5 100644 --- a/app/test/test_cryptodev.c +++ b/app/test/test_cryptodev.c @@ -4316,17 +4316,49 @@ create_gcm_session(uint8_t dev_id, enum rte_crypto_cipher_operation op, return 0; } +static int +create_gcm_xforms(struct rte_crypto_op *op, + enum rte_crypto_cipher_operation cipher_op, + uint8_t *key, const uint8_t key_len, + const uint8_t aad_len, const uint8_t auth_len, + enum rte_crypto_auth_operation auth_op) +{ + TEST_ASSERT_NOT_NULL(rte_crypto_op_sym_xforms_alloc(op, 2), + "failed to allocate space for crypto transforms"); + + struct rte_crypto_sym_op *sym_op = op->sym; + + /* Setup Cipher Parameters */ + sym_op->xform->type = RTE_CRYPTO_SYM_XFORM_CIPHER; + sym_op->xform->cipher.algo = RTE_CRYPTO_CIPHER_AES_GCM; + sym_op->xform->cipher.op = cipher_op; + sym_op->xform->cipher.key.data = key; + sym_op->xform->cipher.key.length = key_len; + + TEST_HEXDUMP(stdout, "key:", key, key_len); + + /* Setup Authentication Parameters */ + sym_op->xform->next->type = RTE_CRYPTO_SYM_XFORM_AUTH; + sym_op->xform->next->auth.algo = RTE_CRYPTO_AUTH_AES_GCM; + sym_op->xform->next->auth.op = auth_op; + sym_op->xform->next->auth.digest_length = auth_len; + sym_op->xform->next->auth.add_auth_data_length = aad_len; + sym_op->xform->next->auth.key.length = 0; + sym_op->xform->next->auth.key.data = NULL; + sym_op->xform->next->next = NULL; + + return 0; +} + static int create_gcm_operation(enum rte_crypto_cipher_operation op, - const uint8_t *auth_tag, const unsigned auth_tag_len, - const uint8_t *iv, const unsigned iv_len, - const uint8_t *aad, const unsigned aad_len, - const unsigned data_len, unsigned data_pad_len) + const struct gcm_test_data *tdata) { struct crypto_testsuite_params *ts_params = &testsuite_params; struct crypto_unittest_params *ut_params = &unittest_params; - unsigned iv_pad_len = 0, aad_buffer_len; + uint8_t *plaintext, *ciphertext; + unsigned int iv_pad_len, aad_pad_len, plaintext_pad_len; /* Generate Crypto op data structure */ ut_params->op = rte_crypto_op_alloc(ts_params->op_mpool, @@ -4336,77 +4368,118 @@ create_gcm_operation(enum rte_crypto_cipher_operation op, struct rte_crypto_sym_op *sym_op = ut_params->op->sym; - if (ut_params->obuf) { - sym_op->auth.digest.data = (uint8_t *)rte_pktmbuf_append( - ut_params->obuf, auth_tag_len); - TEST_ASSERT_NOT_NULL(sym_op->auth.digest.data, - "no room to append digest"); - sym_op->auth.digest.phys_addr = pktmbuf_mtophys_offset( - ut_params->obuf, data_pad_len); - } else { - sym_op->auth.digest.data = (uint8_t *)rte_pktmbuf_append( - ut_params->ibuf, auth_tag_len); - TEST_ASSERT_NOT_NULL(sym_op->auth.digest.data, - "no room to append digest"); - sym_op->auth.digest.phys_addr = pktmbuf_mtophys_offset( - ut_params->ibuf, data_pad_len); - } - sym_op->auth.digest.length = auth_tag_len; - - if (op == RTE_CRYPTO_CIPHER_OP_DECRYPT) { - rte_memcpy(sym_op->auth.digest.data, auth_tag, auth_tag_len); - TEST_HEXDUMP(stdout, "digest:", - sym_op->auth.digest.data, - sym_op->auth.digest.length); - } + /* Append aad data */ + aad_pad_len = RTE_ALIGN_CEIL(tdata->aad.len, 16); + sym_op->auth.aad.data = (uint8_t *)rte_pktmbuf_append(ut_params->ibuf, + aad_pad_len); + TEST_ASSERT_NOT_NULL(sym_op->auth.aad.data, + "no room to append aad"); - /* iv */ - iv_pad_len = RTE_ALIGN_CEIL(iv_len, 16); + sym_op->auth.aad.length = tdata->aad.len; + sym_op->auth.aad.phys_addr = + rte_pktmbuf_mtophys(ut_params->ibuf); + memcpy(sym_op->auth.aad.data, tdata->aad.data, tdata->aad.len); + TEST_HEXDUMP(stdout, "aad:", sym_op->auth.aad.data, + sym_op->auth.aad.length); + /* Prepend iv */ + iv_pad_len = RTE_ALIGN_CEIL(tdata->iv.len, 16); sym_op->cipher.iv.data = (uint8_t *)rte_pktmbuf_prepend( ut_params->ibuf, iv_pad_len); TEST_ASSERT_NOT_NULL(sym_op->cipher.iv.data, "no room to prepend iv"); memset(sym_op->cipher.iv.data, 0, iv_pad_len); sym_op->cipher.iv.phys_addr = rte_pktmbuf_mtophys(ut_params->ibuf); - sym_op->cipher.iv.length = iv_len; + sym_op->cipher.iv.length = tdata->iv.len; - rte_memcpy(sym_op->cipher.iv.data, iv, iv_len); + rte_memcpy(sym_op->cipher.iv.data, tdata->iv.data, tdata->iv.len); + TEST_HEXDUMP(stdout, "iv:", sym_op->cipher.iv.data, + sym_op->cipher.iv.length); - /* - * Always allocate the aad up to the block size. - * The cryptodev API calls out - - * - the array must be big enough to hold the AAD, plus any - * space to round this up to the nearest multiple of the - * block size (16 bytes). - */ - aad_buffer_len = ALIGN_POW2_ROUNDUP(aad_len, 16); + /* Append plaintext/ciphertext */ + if (op == RTE_CRYPTO_CIPHER_OP_ENCRYPT) { + plaintext_pad_len = RTE_ALIGN_CEIL(tdata->plaintext.len, 16); + plaintext = (uint8_t *)rte_pktmbuf_append(ut_params->ibuf, + plaintext_pad_len); + TEST_ASSERT_NOT_NULL(plaintext, "no room to append plaintext"); - sym_op->auth.aad.data = (uint8_t *)rte_pktmbuf_prepend( - ut_params->ibuf, aad_buffer_len); - TEST_ASSERT_NOT_NULL(sym_op->auth.aad.data, - "no room to prepend aad"); - sym_op->auth.aad.phys_addr = rte_pktmbuf_mtophys( - ut_params->ibuf); - sym_op->auth.aad.length = aad_len; + memcpy(plaintext, tdata->plaintext.data, tdata->plaintext.len); + TEST_HEXDUMP(stdout, "plaintext:", plaintext, + tdata->plaintext.len); - memset(sym_op->auth.aad.data, 0, aad_buffer_len); - rte_memcpy(sym_op->auth.aad.data, aad, aad_len); + if (ut_params->obuf) { + ciphertext = (uint8_t *)rte_pktmbuf_append( + ut_params->obuf, + plaintext_pad_len + aad_pad_len + + iv_pad_len); + TEST_ASSERT_NOT_NULL(ciphertext, + "no room to append ciphertext"); - TEST_HEXDUMP(stdout, "iv:", sym_op->cipher.iv.data, iv_pad_len); - TEST_HEXDUMP(stdout, "aad:", - sym_op->auth.aad.data, aad_len); + memset(ciphertext + aad_pad_len + iv_pad_len, 0, + tdata->ciphertext.len); + } + } else { + plaintext_pad_len = RTE_ALIGN_CEIL(tdata->ciphertext.len, 16); + ciphertext = (uint8_t *)rte_pktmbuf_append(ut_params->ibuf, + plaintext_pad_len); + TEST_ASSERT_NOT_NULL(ciphertext, + "no room to append ciphertext"); - if (ut_params->obuf) { - rte_pktmbuf_prepend(ut_params->obuf, iv_pad_len); - rte_pktmbuf_prepend(ut_params->obuf, aad_buffer_len); + memcpy(ciphertext, tdata->ciphertext.data, + tdata->ciphertext.len); + TEST_HEXDUMP(stdout, "ciphertext:", ciphertext, + tdata->ciphertext.len); + + if (ut_params->obuf) { + plaintext = (uint8_t *)rte_pktmbuf_append( + ut_params->obuf, + plaintext_pad_len + aad_pad_len + + iv_pad_len); + TEST_ASSERT_NOT_NULL(plaintext, + "no room to append plaintext"); + + memset(plaintext + aad_pad_len + iv_pad_len, 0, + tdata->plaintext.len); + } } - sym_op->cipher.data.length = data_len; - sym_op->cipher.data.offset = aad_buffer_len + iv_pad_len; + /* Append digest data */ + if (op == RTE_CRYPTO_CIPHER_OP_ENCRYPT) { + sym_op->auth.digest.data = (uint8_t *)rte_pktmbuf_append( + ut_params->obuf ? ut_params->obuf : + ut_params->ibuf, + tdata->auth_tag.len); + TEST_ASSERT_NOT_NULL(sym_op->auth.digest.data, + "no room to append digest"); + memset(sym_op->auth.digest.data, 0, tdata->auth_tag.len); + sym_op->auth.digest.phys_addr = rte_pktmbuf_mtophys_offset( + ut_params->obuf ? ut_params->obuf : + ut_params->ibuf, + plaintext_pad_len + + aad_pad_len + iv_pad_len); + sym_op->auth.digest.length = tdata->auth_tag.len; + } else { + sym_op->auth.digest.data = (uint8_t *)rte_pktmbuf_append( + ut_params->ibuf, tdata->auth_tag.len); + TEST_ASSERT_NOT_NULL(sym_op->auth.digest.data, + "no room to append digest"); + sym_op->auth.digest.phys_addr = rte_pktmbuf_mtophys_offset( + ut_params->ibuf, + plaintext_pad_len + aad_pad_len + iv_pad_len); + sym_op->auth.digest.length = tdata->auth_tag.len; - sym_op->auth.data.offset = aad_buffer_len + iv_pad_len; - sym_op->auth.data.length = data_len; + rte_memcpy(sym_op->auth.digest.data, tdata->auth_tag.data, + tdata->auth_tag.len); + TEST_HEXDUMP(stdout, "digest:", + sym_op->auth.digest.data, + sym_op->auth.digest.length); + } + + sym_op->cipher.data.length = tdata->plaintext.len; + sym_op->cipher.data.offset = aad_pad_len + iv_pad_len; + + sym_op->auth.data.length = tdata->plaintext.len; + sym_op->auth.data.offset = aad_pad_len + iv_pad_len; return 0; } @@ -4418,9 +4491,9 @@ test_mb_AES_GCM_authenticated_encryption(const struct gcm_test_data *tdata) struct crypto_unittest_params *ut_params = &unittest_params; int retval; - - uint8_t *plaintext, *ciphertext, *auth_tag; + uint8_t *ciphertext, *auth_tag; uint16_t plaintext_pad_len; + uint32_t i; /* Create GCM session */ retval = create_gcm_session(ts_params->valid_devs[0], @@ -4431,31 +4504,20 @@ test_mb_AES_GCM_authenticated_encryption(const struct gcm_test_data *tdata) if (retval < 0) return retval; - - ut_params->ibuf = rte_pktmbuf_alloc(ts_params->mbuf_pool); + if (tdata->aad.len > MBUF_SIZE) { + ut_params->ibuf = rte_pktmbuf_alloc(ts_params->large_mbuf_pool); + /* Populate full size of add data */ + for (i = 32; i < GCM_MAX_AAD_LENGTH; i += 32) + memcpy(&tdata->aad.data[i], &tdata->aad.data[0], 32); + } else + ut_params->ibuf = rte_pktmbuf_alloc(ts_params->mbuf_pool); /* clear mbuf payload */ memset(rte_pktmbuf_mtod(ut_params->ibuf, uint8_t *), 0, rte_pktmbuf_tailroom(ut_params->ibuf)); - /* - * Append data which is padded to a multiple - * of the algorithms block size - */ - plaintext_pad_len = RTE_ALIGN_CEIL(tdata->plaintext.len, 16); - - plaintext = (uint8_t *)rte_pktmbuf_append(ut_params->ibuf, - plaintext_pad_len); - memcpy(plaintext, tdata->plaintext.data, tdata->plaintext.len); - - TEST_HEXDUMP(stdout, "plaintext:", plaintext, tdata->plaintext.len); - - /* Create GCM opertaion */ - retval = create_gcm_operation(RTE_CRYPTO_CIPHER_OP_ENCRYPT, - tdata->auth_tag.data, tdata->auth_tag.len, - tdata->iv.data, tdata->iv.len, - tdata->aad.data, tdata->aad.len, - tdata->plaintext.len, plaintext_pad_len); + /* Create GCM operation */ + retval = create_gcm_operation(RTE_CRYPTO_CIPHER_OP_ENCRYPT, tdata); if (retval < 0) return retval; @@ -4470,14 +4532,18 @@ test_mb_AES_GCM_authenticated_encryption(const struct gcm_test_data *tdata) TEST_ASSERT_EQUAL(ut_params->op->status, RTE_CRYPTO_OP_STATUS_SUCCESS, "crypto op processing failed"); + plaintext_pad_len = RTE_ALIGN_CEIL(tdata->plaintext.len, 16); + if (ut_params->op->sym->m_dst) { ciphertext = rte_pktmbuf_mtod(ut_params->op->sym->m_dst, uint8_t *); auth_tag = rte_pktmbuf_mtod_offset(ut_params->op->sym->m_dst, uint8_t *, plaintext_pad_len); } else { - ciphertext = plaintext; - auth_tag = plaintext + plaintext_pad_len; + ciphertext = rte_pktmbuf_mtod_offset(ut_params->op->sym->m_src, + uint8_t *, + ut_params->op->sym->cipher.data.offset); + auth_tag = ciphertext + plaintext_pad_len; } TEST_HEXDUMP(stdout, "ciphertext:", ciphertext, tdata->ciphertext.len); @@ -4542,6 +4608,60 @@ test_mb_AES_GCM_authenticated_encryption_test_case_7(void) return test_mb_AES_GCM_authenticated_encryption(&gcm_test_case_7); } +static int +test_mb_AES_GCM_auth_encryption_test_case_256_1(void) +{ + return test_mb_AES_GCM_authenticated_encryption(&gcm_test_case_256_1); +} + +static int +test_mb_AES_GCM_auth_encryption_test_case_256_2(void) +{ + return test_mb_AES_GCM_authenticated_encryption(&gcm_test_case_256_2); +} + +static int +test_mb_AES_GCM_auth_encryption_test_case_256_3(void) +{ + return test_mb_AES_GCM_authenticated_encryption(&gcm_test_case_256_3); +} + +static int +test_mb_AES_GCM_auth_encryption_test_case_256_4(void) +{ + return test_mb_AES_GCM_authenticated_encryption(&gcm_test_case_256_4); +} + +static int +test_mb_AES_GCM_auth_encryption_test_case_256_5(void) +{ + return test_mb_AES_GCM_authenticated_encryption(&gcm_test_case_256_5); +} + +static int +test_mb_AES_GCM_auth_encryption_test_case_256_6(void) +{ + return test_mb_AES_GCM_authenticated_encryption(&gcm_test_case_256_6); +} + +static int +test_mb_AES_GCM_auth_encryption_test_case_256_7(void) +{ + return test_mb_AES_GCM_authenticated_encryption(&gcm_test_case_256_7); +} + +static int +test_mb_AES_GCM_auth_encryption_test_case_aad_1(void) +{ + return test_mb_AES_GCM_authenticated_encryption(&gcm_test_case_aad_1); +} + +static int +test_mb_AES_GCM_auth_encryption_test_case_aad_2(void) +{ + return test_mb_AES_GCM_authenticated_encryption(&gcm_test_case_aad_2); +} + static int test_mb_AES_GCM_authenticated_decryption(const struct gcm_test_data *tdata) { @@ -4549,9 +4669,8 @@ test_mb_AES_GCM_authenticated_decryption(const struct gcm_test_data *tdata) struct crypto_unittest_params *ut_params = &unittest_params; int retval; - - uint8_t *plaintext, *ciphertext; - uint16_t ciphertext_pad_len; + uint8_t *plaintext; + uint32_t i; /* Create GCM session */ retval = create_gcm_session(ts_params->valid_devs[0], @@ -4562,31 +4681,23 @@ test_mb_AES_GCM_authenticated_decryption(const struct gcm_test_data *tdata) if (retval < 0) return retval; - /* alloc mbuf and set payload */ - ut_params->ibuf = rte_pktmbuf_alloc(ts_params->mbuf_pool); + if (tdata->aad.len > MBUF_SIZE) { + ut_params->ibuf = rte_pktmbuf_alloc(ts_params->large_mbuf_pool); + /* Populate full size of add data */ + for (i = 32; i < GCM_MAX_AAD_LENGTH; i += 32) + memcpy(&tdata->aad.data[i], &tdata->aad.data[0], 32); + } else + ut_params->ibuf = rte_pktmbuf_alloc(ts_params->mbuf_pool); memset(rte_pktmbuf_mtod(ut_params->ibuf, uint8_t *), 0, rte_pktmbuf_tailroom(ut_params->ibuf)); - ciphertext_pad_len = RTE_ALIGN_CEIL(tdata->ciphertext.len, 16); - - ciphertext = (uint8_t *)rte_pktmbuf_append(ut_params->ibuf, - ciphertext_pad_len); - memcpy(ciphertext, tdata->ciphertext.data, tdata->ciphertext.len); - - TEST_HEXDUMP(stdout, "ciphertext:", ciphertext, tdata->ciphertext.len); - - /* Create GCM opertaion */ - retval = create_gcm_operation(RTE_CRYPTO_CIPHER_OP_DECRYPT, - tdata->auth_tag.data, tdata->auth_tag.len, - tdata->iv.data, tdata->iv.len, - tdata->aad.data, tdata->aad.len, - tdata->ciphertext.len, ciphertext_pad_len); + /* Create GCM operation */ + retval = create_gcm_operation(RTE_CRYPTO_CIPHER_OP_DECRYPT, tdata); if (retval < 0) return retval; - rte_crypto_op_attach_sym_session(ut_params->op, ut_params->sess); ut_params->op->sym->m_src = ut_params->ibuf; @@ -4602,7 +4713,9 @@ test_mb_AES_GCM_authenticated_decryption(const struct gcm_test_data *tdata) plaintext = rte_pktmbuf_mtod(ut_params->op->sym->m_dst, uint8_t *); else - plaintext = ciphertext; + plaintext = rte_pktmbuf_mtod_offset(ut_params->op->sym->m_src, + uint8_t *, + ut_params->op->sym->cipher.data.offset); TEST_HEXDUMP(stdout, "plaintext:", plaintext, tdata->ciphertext.len); @@ -4661,6 +4774,358 @@ test_mb_AES_GCM_authenticated_decryption_test_case_7(void) return test_mb_AES_GCM_authenticated_decryption(&gcm_test_case_7); } +static int +test_mb_AES_GCM_auth_decryption_test_case_256_1(void) +{ + return test_mb_AES_GCM_authenticated_decryption(&gcm_test_case_256_1); +} + +static int +test_mb_AES_GCM_auth_decryption_test_case_256_2(void) +{ + return test_mb_AES_GCM_authenticated_decryption(&gcm_test_case_256_2); +} + +static int +test_mb_AES_GCM_auth_decryption_test_case_256_3(void) +{ + return test_mb_AES_GCM_authenticated_decryption(&gcm_test_case_256_3); +} + +static int +test_mb_AES_GCM_auth_decryption_test_case_256_4(void) +{ + return test_mb_AES_GCM_authenticated_decryption(&gcm_test_case_256_4); +} + +static int +test_mb_AES_GCM_auth_decryption_test_case_256_5(void) +{ + return test_mb_AES_GCM_authenticated_decryption(&gcm_test_case_256_5); +} + +static int +test_mb_AES_GCM_auth_decryption_test_case_256_6(void) +{ + return test_mb_AES_GCM_authenticated_decryption(&gcm_test_case_256_6); +} + +static int +test_mb_AES_GCM_auth_decryption_test_case_256_7(void) +{ + return test_mb_AES_GCM_authenticated_decryption(&gcm_test_case_256_7); +} + +static int +test_mb_AES_GCM_auth_decryption_test_case_aad_1(void) +{ + return test_mb_AES_GCM_authenticated_decryption(&gcm_test_case_aad_1); +} + +static int +test_mb_AES_GCM_auth_decryption_test_case_aad_2(void) +{ + return test_mb_AES_GCM_authenticated_decryption(&gcm_test_case_aad_2); +} + +static int +test_AES_GCM_authenticated_encryption_oop(const struct gcm_test_data *tdata) +{ + struct crypto_testsuite_params *ts_params = &testsuite_params; + struct crypto_unittest_params *ut_params = &unittest_params; + + int retval; + uint8_t *ciphertext, *auth_tag; + uint16_t plaintext_pad_len; + + /* Create GCM session */ + retval = create_gcm_session(ts_params->valid_devs[0], + RTE_CRYPTO_CIPHER_OP_ENCRYPT, + tdata->key.data, tdata->key.len, + tdata->aad.len, tdata->auth_tag.len, + RTE_CRYPTO_AUTH_OP_GENERATE); + if (retval < 0) + return retval; + + ut_params->ibuf = rte_pktmbuf_alloc(ts_params->mbuf_pool); + ut_params->obuf = rte_pktmbuf_alloc(ts_params->mbuf_pool); + + /* clear mbuf payload */ + memset(rte_pktmbuf_mtod(ut_params->ibuf, uint8_t *), 0, + rte_pktmbuf_tailroom(ut_params->ibuf)); + memset(rte_pktmbuf_mtod(ut_params->obuf, uint8_t *), 0, + rte_pktmbuf_tailroom(ut_params->obuf)); + + /* Create GCM operation */ + retval = create_gcm_operation(RTE_CRYPTO_CIPHER_OP_ENCRYPT, tdata); + if (retval < 0) + return retval; + + rte_crypto_op_attach_sym_session(ut_params->op, ut_params->sess); + + ut_params->op->sym->m_src = ut_params->ibuf; + ut_params->op->sym->m_dst = ut_params->obuf; + + /* Process crypto operation */ + TEST_ASSERT_NOT_NULL(process_crypto_request(ts_params->valid_devs[0], + ut_params->op), "failed to process sym crypto op"); + + TEST_ASSERT_EQUAL(ut_params->op->status, RTE_CRYPTO_OP_STATUS_SUCCESS, + "crypto op processing failed"); + + plaintext_pad_len = RTE_ALIGN_CEIL(tdata->plaintext.len, 16); + + ciphertext = rte_pktmbuf_mtod_offset(ut_params->obuf, uint8_t *, + ut_params->op->sym->cipher.data.offset); + auth_tag = ciphertext + plaintext_pad_len; + + TEST_HEXDUMP(stdout, "ciphertext:", ciphertext, tdata->ciphertext.len); + TEST_HEXDUMP(stdout, "auth tag:", auth_tag, tdata->auth_tag.len); + + /* Validate obuf */ + TEST_ASSERT_BUFFERS_ARE_EQUAL( + ciphertext, + tdata->ciphertext.data, + tdata->ciphertext.len, + "GCM Ciphertext data not as expected"); + + TEST_ASSERT_BUFFERS_ARE_EQUAL( + auth_tag, + tdata->auth_tag.data, + tdata->auth_tag.len, + "GCM Generated auth tag not as expected"); + + return 0; + +} + +static int +test_mb_AES_GCM_authenticated_encryption_oop(void) +{ + return test_AES_GCM_authenticated_encryption_oop(&gcm_test_case_5); +} + +static int +test_AES_GCM_authenticated_decryption_oop(const struct gcm_test_data *tdata) +{ + struct crypto_testsuite_params *ts_params = &testsuite_params; + struct crypto_unittest_params *ut_params = &unittest_params; + + int retval; + uint8_t *plaintext; + + /* Create GCM session */ + retval = create_gcm_session(ts_params->valid_devs[0], + RTE_CRYPTO_CIPHER_OP_DECRYPT, + tdata->key.data, tdata->key.len, + tdata->aad.len, tdata->auth_tag.len, + RTE_CRYPTO_AUTH_OP_VERIFY); + if (retval < 0) + return retval; + + /* alloc mbuf and set payload */ + ut_params->ibuf = rte_pktmbuf_alloc(ts_params->mbuf_pool); + ut_params->obuf = rte_pktmbuf_alloc(ts_params->mbuf_pool); + + memset(rte_pktmbuf_mtod(ut_params->ibuf, uint8_t *), 0, + rte_pktmbuf_tailroom(ut_params->ibuf)); + memset(rte_pktmbuf_mtod(ut_params->obuf, uint8_t *), 0, + rte_pktmbuf_tailroom(ut_params->obuf)); + + /* Create GCM operation */ + retval = create_gcm_operation(RTE_CRYPTO_CIPHER_OP_DECRYPT, tdata); + if (retval < 0) + return retval; + + rte_crypto_op_attach_sym_session(ut_params->op, ut_params->sess); + + ut_params->op->sym->m_src = ut_params->ibuf; + ut_params->op->sym->m_dst = ut_params->obuf; + + /* Process crypto operation */ + TEST_ASSERT_NOT_NULL(process_crypto_request(ts_params->valid_devs[0], + ut_params->op), "failed to process sym crypto op"); + + TEST_ASSERT_EQUAL(ut_params->op->status, RTE_CRYPTO_OP_STATUS_SUCCESS, + "crypto op processing failed"); + + plaintext = rte_pktmbuf_mtod_offset(ut_params->obuf, uint8_t *, + ut_params->op->sym->cipher.data.offset); + + TEST_HEXDUMP(stdout, "plaintext:", plaintext, tdata->ciphertext.len); + + /* Validate obuf */ + TEST_ASSERT_BUFFERS_ARE_EQUAL( + plaintext, + tdata->plaintext.data, + tdata->plaintext.len, + "GCM plaintext data not as expected"); + + TEST_ASSERT_EQUAL(ut_params->op->status, + RTE_CRYPTO_OP_STATUS_SUCCESS, + "GCM authentication failed"); + return 0; +} + +static int +test_mb_AES_GCM_authenticated_decryption_oop(void) +{ + return test_AES_GCM_authenticated_decryption_oop(&gcm_test_case_5); +} + +static int +test_AES_GCM_authenticated_encryption_sessionless( + const struct gcm_test_data *tdata) +{ + struct crypto_testsuite_params *ts_params = &testsuite_params; + struct crypto_unittest_params *ut_params = &unittest_params; + + int retval; + uint8_t *ciphertext, *auth_tag; + uint16_t plaintext_pad_len; + uint8_t key[tdata->key.len + 1]; + + ut_params->ibuf = rte_pktmbuf_alloc(ts_params->mbuf_pool); + + /* clear mbuf payload */ + memset(rte_pktmbuf_mtod(ut_params->ibuf, uint8_t *), 0, + rte_pktmbuf_tailroom(ut_params->ibuf)); + + /* Create GCM operation */ + retval = create_gcm_operation(RTE_CRYPTO_CIPHER_OP_ENCRYPT, tdata); + if (retval < 0) + return retval; + + /* Create GCM xforms */ + memcpy(key, tdata->key.data, tdata->key.len); + retval = create_gcm_xforms(ut_params->op, + RTE_CRYPTO_CIPHER_OP_ENCRYPT, + key, tdata->key.len, + tdata->aad.len, tdata->auth_tag.len, + RTE_CRYPTO_AUTH_OP_GENERATE); + if (retval < 0) + return retval; + + ut_params->op->sym->m_src = ut_params->ibuf; + + TEST_ASSERT_EQUAL(ut_params->op->sym->sess_type, + RTE_CRYPTO_SYM_OP_SESSIONLESS, + "crypto op session type not sessionless"); + + /* Process crypto operation */ + TEST_ASSERT_NOT_NULL(process_crypto_request(ts_params->valid_devs[0], + ut_params->op), "failed to process sym crypto op"); + + TEST_ASSERT_NOT_NULL(ut_params->op, "failed crypto process"); + + TEST_ASSERT_EQUAL(ut_params->op->status, RTE_CRYPTO_OP_STATUS_SUCCESS, + "crypto op status not success"); + + plaintext_pad_len = RTE_ALIGN_CEIL(tdata->plaintext.len, 16); + + ciphertext = rte_pktmbuf_mtod_offset(ut_params->ibuf, uint8_t *, + ut_params->op->sym->cipher.data.offset); + auth_tag = ciphertext + plaintext_pad_len; + + TEST_HEXDUMP(stdout, "ciphertext:", ciphertext, tdata->ciphertext.len); + TEST_HEXDUMP(stdout, "auth tag:", auth_tag, tdata->auth_tag.len); + + /* Validate obuf */ + TEST_ASSERT_BUFFERS_ARE_EQUAL( + ciphertext, + tdata->ciphertext.data, + tdata->ciphertext.len, + "GCM Ciphertext data not as expected"); + + TEST_ASSERT_BUFFERS_ARE_EQUAL( + auth_tag, + tdata->auth_tag.data, + tdata->auth_tag.len, + "GCM Generated auth tag not as expected"); + + return 0; + +} + +static int +test_mb_AES_GCM_authenticated_encryption_sessionless(void) +{ + return test_AES_GCM_authenticated_encryption_sessionless( + &gcm_test_case_5); +} + +static int +test_AES_GCM_authenticated_decryption_sessionless( + const struct gcm_test_data *tdata) +{ + struct crypto_testsuite_params *ts_params = &testsuite_params; + struct crypto_unittest_params *ut_params = &unittest_params; + + int retval; + uint8_t *plaintext; + uint8_t key[tdata->key.len + 1]; + + /* alloc mbuf and set payload */ + ut_params->ibuf = rte_pktmbuf_alloc(ts_params->mbuf_pool); + + memset(rte_pktmbuf_mtod(ut_params->ibuf, uint8_t *), 0, + rte_pktmbuf_tailroom(ut_params->ibuf)); + + /* Create GCM operation */ + retval = create_gcm_operation(RTE_CRYPTO_CIPHER_OP_DECRYPT, tdata); + if (retval < 0) + return retval; + + /* Create GCM xforms */ + memcpy(key, tdata->key.data, tdata->key.len); + retval = create_gcm_xforms(ut_params->op, + RTE_CRYPTO_CIPHER_OP_DECRYPT, + key, tdata->key.len, + tdata->aad.len, tdata->auth_tag.len, + RTE_CRYPTO_AUTH_OP_VERIFY); + if (retval < 0) + return retval; + + ut_params->op->sym->m_src = ut_params->ibuf; + + TEST_ASSERT_EQUAL(ut_params->op->sym->sess_type, + RTE_CRYPTO_SYM_OP_SESSIONLESS, + "crypto op session type not sessionless"); + + /* Process crypto operation */ + TEST_ASSERT_NOT_NULL(process_crypto_request(ts_params->valid_devs[0], + ut_params->op), "failed to process sym crypto op"); + + TEST_ASSERT_NOT_NULL(ut_params->op, "failed crypto process"); + + TEST_ASSERT_EQUAL(ut_params->op->status, RTE_CRYPTO_OP_STATUS_SUCCESS, + "crypto op status not success"); + + plaintext = rte_pktmbuf_mtod_offset(ut_params->ibuf, uint8_t *, + ut_params->op->sym->cipher.data.offset); + + TEST_HEXDUMP(stdout, "plaintext:", plaintext, tdata->ciphertext.len); + + /* Validate obuf */ + TEST_ASSERT_BUFFERS_ARE_EQUAL( + plaintext, + tdata->plaintext.data, + tdata->plaintext.len, + "GCM plaintext data not as expected"); + + TEST_ASSERT_EQUAL(ut_params->op->status, + RTE_CRYPTO_OP_STATUS_SUCCESS, + "GCM authentication failed"); + return 0; +} + +static int +test_mb_AES_GCM_authenticated_decryption_sessionless(void) +{ + return test_AES_GCM_authenticated_decryption_sessionless( + &gcm_test_case_5); +} + static int test_stats(void) { @@ -7102,6 +7567,86 @@ static struct unit_test_suite cryptodev_aesni_gcm_testsuite = { TEST_CASE_ST(ut_setup, ut_teardown, test_mb_AES_GCM_authenticated_decryption_test_case_7), + /** AES GCM Authenticated Encryption 256 bits key */ + TEST_CASE_ST(ut_setup, ut_teardown, + test_mb_AES_GCM_auth_encryption_test_case_256_1), + TEST_CASE_ST(ut_setup, ut_teardown, + test_mb_AES_GCM_auth_encryption_test_case_256_2), + TEST_CASE_ST(ut_setup, ut_teardown, + test_mb_AES_GCM_auth_encryption_test_case_256_3), + TEST_CASE_ST(ut_setup, ut_teardown, + test_mb_AES_GCM_auth_encryption_test_case_256_4), + TEST_CASE_ST(ut_setup, ut_teardown, + test_mb_AES_GCM_auth_encryption_test_case_256_5), + TEST_CASE_ST(ut_setup, ut_teardown, + test_mb_AES_GCM_auth_encryption_test_case_256_6), + TEST_CASE_ST(ut_setup, ut_teardown, + test_mb_AES_GCM_auth_encryption_test_case_256_7), + + /** AES GCM Authenticated Decryption 256 bits key */ + TEST_CASE_ST(ut_setup, ut_teardown, + test_mb_AES_GCM_auth_decryption_test_case_256_1), + TEST_CASE_ST(ut_setup, ut_teardown, + test_mb_AES_GCM_auth_decryption_test_case_256_2), + TEST_CASE_ST(ut_setup, ut_teardown, + test_mb_AES_GCM_auth_decryption_test_case_256_3), + TEST_CASE_ST(ut_setup, ut_teardown, + test_mb_AES_GCM_auth_decryption_test_case_256_4), + TEST_CASE_ST(ut_setup, ut_teardown, + test_mb_AES_GCM_auth_decryption_test_case_256_5), + TEST_CASE_ST(ut_setup, ut_teardown, + test_mb_AES_GCM_auth_decryption_test_case_256_6), + TEST_CASE_ST(ut_setup, ut_teardown, + test_mb_AES_GCM_auth_decryption_test_case_256_7), + + /** AES GCM Authenticated Encryption big aad size */ + TEST_CASE_ST(ut_setup, ut_teardown, + test_mb_AES_GCM_auth_encryption_test_case_aad_1), + TEST_CASE_ST(ut_setup, ut_teardown, + test_mb_AES_GCM_auth_encryption_test_case_aad_2), + + /** AES GCM Authenticated Decryption big aad size */ + TEST_CASE_ST(ut_setup, ut_teardown, + test_mb_AES_GCM_auth_decryption_test_case_aad_1), + TEST_CASE_ST(ut_setup, ut_teardown, + test_mb_AES_GCM_auth_decryption_test_case_aad_2), + + /** AES GMAC Authentication */ + TEST_CASE_ST(ut_setup, ut_teardown, + test_AES_GMAC_authentication_test_case_1), + TEST_CASE_ST(ut_setup, ut_teardown, + test_AES_GMAC_authentication_verify_test_case_1), + TEST_CASE_ST(ut_setup, ut_teardown, + test_AES_GMAC_authentication_test_case_3), + TEST_CASE_ST(ut_setup, ut_teardown, + test_AES_GMAC_authentication_verify_test_case_3), + TEST_CASE_ST(ut_setup, ut_teardown, + test_AES_GMAC_authentication_test_case_4), + TEST_CASE_ST(ut_setup, ut_teardown, + test_AES_GMAC_authentication_verify_test_case_4), + + /** Negative tests */ + TEST_CASE_ST(ut_setup, ut_teardown, + authentication_verify_AES128_GMAC_fail_data_corrupt), + TEST_CASE_ST(ut_setup, ut_teardown, + authentication_verify_AES128_GMAC_fail_tag_corrupt), + + /** Out of place tests */ + TEST_CASE_ST(ut_setup, ut_teardown, + test_mb_AES_GCM_authenticated_encryption_oop), + TEST_CASE_ST(ut_setup, ut_teardown, + test_mb_AES_GCM_authenticated_decryption_oop), + + /** Session-less tests */ + TEST_CASE_ST(ut_setup, ut_teardown, + test_mb_AES_GCM_authenticated_encryption_sessionless), + TEST_CASE_ST(ut_setup, ut_teardown, + test_mb_AES_GCM_authenticated_decryption_sessionless), + + /** Scatter-Gather */ + TEST_CASE_ST(ut_setup, ut_teardown, + test_AES_GCM_auth_encrypt_SGL_out_of_place_400B_1seg), + TEST_CASES_END() /**< NULL terminate unit test array */ } }; diff --git a/app/test/test_cryptodev_gcm_test_vectors.h b/app/test/test_cryptodev_gcm_test_vectors.h index 45ea3d4b08..5764edb118 100644 --- a/app/test/test_cryptodev_gcm_test_vectors.h +++ b/app/test/test_cryptodev_gcm_test_vectors.h @@ -33,7 +33,17 @@ #ifndef TEST_CRYPTODEV_GCM_TEST_VECTORS_H_ #define TEST_CRYPTODEV_GCM_TEST_VECTORS_H_ -#define GMAC_LARGE_PLAINTEXT_LENGTH 65376 +#define GMAC_LARGE_PLAINTEXT_LENGTH 65344 +#define GCM_MAX_AAD_LENGTH 65536 +#define GCM_LARGE_AAD_LENGTH 65296 + +static uint8_t gcm_aad_zero_text[GCM_MAX_AAD_LENGTH] = { 0 }; + +static uint8_t gcm_aad_text[GCM_MAX_AAD_LENGTH] = { + 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef, + 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef, + 0x00, 0xf1, 0xe2, 0xd3, 0xc4, 0xb5, 0xa6, 0x97, + 0x88, 0x79, 0x6a, 0x5b, 0x4c, 0x3d, 0x2e, 0x1f }; struct gcm_test_data { @@ -48,7 +58,7 @@ struct gcm_test_data { } iv; struct { - uint8_t data[64]; + uint8_t *data; unsigned len; } aad; @@ -111,7 +121,7 @@ static const struct gcm_test_data gcm_test_case_1 = { .len = 12 }, .aad = { - .data = { 0 }, + .data = gcm_aad_zero_text, .len = 0 }, .plaintext = { @@ -148,7 +158,7 @@ static const struct gcm_test_data gcm_test_case_2 = { .len = 12 }, .aad = { - .data = { 0 }, + .data = gcm_aad_zero_text, .len = 0 }, .plaintext = { @@ -186,7 +196,7 @@ static const struct gcm_test_data gcm_test_case_3 = { .len = 12 }, .aad = { - .data = { 0 }, + .data = gcm_aad_zero_text, .len = 0 }, .plaintext = { @@ -238,8 +248,7 @@ static const struct gcm_test_data gcm_test_case_4 = { .len = 12 }, .aad = { - .data = { - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, + .data = gcm_aad_zero_text, .len = 8 }, .plaintext = { @@ -294,8 +303,7 @@ static const struct gcm_test_data gcm_test_case_5 = { .len = 12 }, .aad = { - .data = { - 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef }, + .data = gcm_aad_text, .len = 8 }, .plaintext = { @@ -351,10 +359,7 @@ static const struct gcm_test_data gcm_test_case_6 = { .len = 12 }, .aad = { - .data = { - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00 - }, + .data = gcm_aad_zero_text, .len = 12 }, .plaintext = { @@ -409,10 +414,7 @@ static const struct gcm_test_data gcm_test_case_7 = { .len = 12 }, .aad = { - .data = { - 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef, - 0xfe, 0xed, 0xfa, 0xce - }, + .data = gcm_aad_text, .len = 12 }, .plaintext = { @@ -466,10 +468,7 @@ static const struct gcm_test_data gcm_test_case_8 = { .len = 12 }, .aad = { - .data = { - 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef, - 0xfe, 0xed, 0xfa, 0xce - }, + .data = gcm_aad_text, .len = 12 }, .plaintext = { @@ -1003,6 +1002,450 @@ static const struct gcm_test_data gcm_test_case_8 = { } }; +/** AES-256 Test Vectors */ +static const struct gcm_test_data gcm_test_case_256_1 = { + .key = { + .data = { + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, + .len = 32 + }, + .iv = { + .data = { + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00 }, + .len = 12 + }, + .aad = { + .data = gcm_aad_zero_text, + .len = 0 + }, + .plaintext = { + .data = { 0x00 }, + .len = 0 + }, + .ciphertext = { + .data = { 0x00 }, + .len = 0 + }, + .auth_tag = { + .data = { + 0x53, 0x0F, 0x8A, 0xFB, 0xC7, 0x45, 0x36, 0xB9, + 0xA9, 0x63, 0xB4, 0xF1, 0xC4, 0xCB, 0x73, 0x8B }, + .len = 16 + } +}; + +/** AES-256 Test Vectors */ +static const struct gcm_test_data gcm_test_case_256_2 = { + .key = { + .data = { + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, + .len = 32 + }, + .iv = { + .data = { + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00 }, + .len = 12 + }, + .aad = { + .data = gcm_aad_zero_text, + .len = 0 + }, + .plaintext = { + .data = { + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, + .len = 16 + }, + .ciphertext = { + .data = { + 0xCE, 0xA7, 0x40, 0x3D, 0x4D, 0x60, 0x6B, 0x6E, + 0x07, 0x4E, 0xC5, 0xD3, 0xBA, 0xF3, 0x9D, 0x18 }, + .len = 16 + }, + .auth_tag = { + .data = { + 0xD0, 0xD1, 0xC8, 0xA7, 0x99, 0x99, 0x6B, 0xF0, + 0x26, 0x5B, 0x98, 0xB5, 0xD4, 0x8A, 0xB9, 0x19 }, + .len = 16 + } +}; + +/** AES-256 Test Vectors */ +static const struct gcm_test_data gcm_test_case_256_3 = { + .key = { + .data = { + 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c, + 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08, + 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5, + 0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a }, + .len = 32 + }, + .iv = { + .data = { + 0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad, + 0xde, 0xca, 0xf8, 0x88 }, + .len = 12 + }, + .aad = { + .data = gcm_aad_zero_text, + .len = 0 + }, + .plaintext = { + .data = { + 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5, + 0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a, + 0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda, + 0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72, + 0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53, + 0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25, + 0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57, + 0xba, 0x63, 0x7b, 0x39, 0x1a, 0xaf, 0xd2, 0x55 }, + .len = 64 + }, + .ciphertext = { + .data = { + 0x05, 0xA2, 0x39, 0xA5, 0xE1, 0x1A, 0x74, 0xEA, + 0x6B, 0x2A, 0x55, 0xF6, 0xD7, 0x88, 0x44, 0x7E, + 0x93, 0x7E, 0x23, 0x64, 0x8D, 0xF8, 0xD4, 0x04, + 0x3B, 0x40, 0xEF, 0x6D, 0x7C, 0x6B, 0xF3, 0xB9, + 0x50, 0x15, 0x97, 0x5D, 0xB8, 0x28, 0xA1, 0xD5, + 0x22, 0xDE, 0x36, 0x26, 0xD0, 0x6A, 0x7A, 0xC0, + 0xB5, 0x14, 0x36, 0xAF, 0x3A, 0xC6, 0x50, 0xAB, + 0xFA, 0x47, 0xC8, 0x2E, 0xF0, 0x68, 0xE1, 0x3E }, + .len = 64 + }, + .auth_tag = { + .data = { + 0x64, 0xAF, 0x1D, 0xFB, 0xE8, 0x0D, 0x37, 0xD8, + 0x92, 0xC3, 0xB9, 0x1D, 0xD3, 0x08, 0xAB, 0xFC }, + .len = 16 + } +}; + +/** AES-256 Test Vectors */ +static const struct gcm_test_data gcm_test_case_256_4 = { + .key = { + .data = { + 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c, + 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08, + 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5, + 0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a }, + .len = 32 + }, + .iv = { + .data = { + 0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad, + 0xde, 0xca, 0xf8, 0x88 }, + .len = 12 + }, + .aad = { + .data = gcm_aad_zero_text, + .len = 8 + }, + .plaintext = { + .data = { + 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5, + 0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a, + 0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda, + 0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72, + 0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53, + 0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25, + 0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57, + 0xba, 0x63, 0x7b, 0x39 }, + .len = 60 + }, + .ciphertext = { + .data = { + 0x05, 0xA2, 0x39, 0xA5, 0xE1, 0x1A, 0x74, 0xEA, + 0x6B, 0x2A, 0x55, 0xF6, 0xD7, 0x88, 0x44, 0x7E, + 0x93, 0x7E, 0x23, 0x64, 0x8D, 0xF8, 0xD4, 0x04, + 0x3B, 0x40, 0xEF, 0x6D, 0x7C, 0x6B, 0xF3, 0xB9, + 0x50, 0x15, 0x97, 0x5D, 0xB8, 0x28, 0xA1, 0xD5, + 0x22, 0xDE, 0x36, 0x26, 0xD0, 0x6A, 0x7A, 0xC0, + 0xB5, 0x14, 0x36, 0xAF, 0x3A, 0xC6, 0x50, 0xAB, + 0xFA, 0x47, 0xC8, 0x2E }, + .len = 60 + }, + .auth_tag = { + .data = { + 0x63, 0x16, 0x91, 0xAE, 0x17, 0x05, 0x5E, 0xA6, + 0x6D, 0x0A, 0x51, 0xE2, 0x50, 0x21, 0x85, 0x4A }, + .len = 16 + } + +}; + +/** AES-256 Test Vectors */ +static const struct gcm_test_data gcm_test_case_256_5 = { + .key = { + .data = { + 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c, + 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08, + 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5, + 0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a }, + .len = 32 + }, + .iv = { + .data = { + 0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad, + 0xde, 0xca, 0xf8, 0x88 }, + .len = 12 + }, + .aad = { + .data = gcm_aad_text, + .len = 8 + }, + .plaintext = { + .data = { + 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5, + 0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a, + 0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda, + 0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72, + 0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53, + 0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25, + 0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57, + 0xba, 0x63, 0x7b, 0x39 }, + .len = 60 + }, + .ciphertext = { + .data = { + 0x05, 0xA2, 0x39, 0xA5, 0xE1, 0x1A, 0x74, 0xEA, + 0x6B, 0x2A, 0x55, 0xF6, 0xD7, 0x88, 0x44, 0x7E, + 0x93, 0x7E, 0x23, 0x64, 0x8D, 0xF8, 0xD4, 0x04, + 0x3B, 0x40, 0xEF, 0x6D, 0x7C, 0x6B, 0xF3, 0xB9, + 0x50, 0x15, 0x97, 0x5D, 0xB8, 0x28, 0xA1, 0xD5, + 0x22, 0xDE, 0x36, 0x26, 0xD0, 0x6A, 0x7A, 0xC0, + 0xB5, 0x14, 0x36, 0xAF, 0x3A, 0xC6, 0x50, 0xAB, + 0xFA, 0x47, 0xC8, 0x2E }, + .len = 60 + }, + .auth_tag = { + .data = { + 0xA7, 0x99, 0xAC, 0xB8, 0x27, 0xDA, 0xB1, 0x82, + 0x79, 0xFD, 0x83, 0x73, 0x52, 0x4D, 0xDB, 0xF1 }, + .len = 16 + } + +}; + +/** AES-256 Test Vectors */ +static const struct gcm_test_data gcm_test_case_256_6 = { + .key = { + .data = { + 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c, + 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08, + 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5, + 0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a }, + .len = 32 + }, + .iv = { + .data = { + 0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad, + 0xde, 0xca, 0xf8, 0x88 }, + .len = 12 + }, + .aad = { + .data = gcm_aad_zero_text, + .len = 12 + }, + .plaintext = { + .data = { + 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5, + 0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a, + 0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda, + 0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72, + 0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53, + 0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25, + 0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57, + 0xba, 0x63, 0x7b, 0x39 }, + .len = 60 + }, + .ciphertext = { + .data = { + 0x05, 0xA2, 0x39, 0xA5, 0xE1, 0x1A, 0x74, 0xEA, + 0x6B, 0x2A, 0x55, 0xF6, 0xD7, 0x88, 0x44, 0x7E, + 0x93, 0x7E, 0x23, 0x64, 0x8D, 0xF8, 0xD4, 0x04, + 0x3B, 0x40, 0xEF, 0x6D, 0x7C, 0x6B, 0xF3, 0xB9, + 0x50, 0x15, 0x97, 0x5D, 0xB8, 0x28, 0xA1, 0xD5, + 0x22, 0xDE, 0x36, 0x26, 0xD0, 0x6A, 0x7A, 0xC0, + 0xB5, 0x14, 0x36, 0xAF, 0x3A, 0xC6, 0x50, 0xAB, + 0xFA, 0x47, 0xC8, 0x2E }, + .len = 60 + }, + .auth_tag = { + .data = { + 0x5D, 0xA5, 0x0E, 0x53, 0x64, 0x7F, 0x3F, 0xAE, + 0x1A, 0x1F, 0xC0, 0xB0, 0xD8, 0xBE, 0xF2, 0x64 }, + .len = 16 + } +}; + +/** AES-256 Test Vectors */ +static const struct gcm_test_data gcm_test_case_256_7 = { + .key = { + .data = { + 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c, + 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08, + 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5, + 0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a }, + .len = 32 + }, + .iv = { + .data = { + 0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad, + 0xde, 0xca, 0xf8, 0x88 }, + .len = 12 + }, + .aad = { + .data = gcm_aad_text, + .len = 12 + }, + .plaintext = { + .data = { + 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5, + 0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a, + 0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda, + 0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72, + 0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53, + 0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25, + 0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57, + 0xba, 0x63, 0x7b, 0x39 }, + .len = 60 + }, + .ciphertext = { + .data = { + 0x05, 0xA2, 0x39, 0xA5, 0xE1, 0x1A, 0x74, 0xEA, + 0x6B, 0x2A, 0x55, 0xF6, 0xD7, 0x88, 0x44, 0x7E, + 0x93, 0x7E, 0x23, 0x64, 0x8D, 0xF8, 0xD4, 0x04, + 0x3B, 0x40, 0xEF, 0x6D, 0x7C, 0x6B, 0xF3, 0xB9, + 0x50, 0x15, 0x97, 0x5D, 0xB8, 0x28, 0xA1, 0xD5, + 0x22, 0xDE, 0x36, 0x26, 0xD0, 0x6A, 0x7A, 0xC0, + 0xB5, 0x14, 0x36, 0xAF, 0x3A, 0xC6, 0x50, 0xAB, + 0xFA, 0x47, 0xC8, 0x2E }, + .len = 60 + }, + .auth_tag = { + .data = { + 0x4E, 0xD0, 0x91, 0x95, 0x83, 0xA9, 0x38, 0x72, + 0x09, 0xA9, 0xCE, 0x5F, 0x89, 0x06, 0x4E, 0xC8 }, + .len = 16 + } +}; + +/** variable AAD AES-128 Test Vectors */ +static const struct gcm_test_data gcm_test_case_aad_1 = { + .key = { + .data = { + 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c, + 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08 }, + .len = 16 + }, + .iv = { + .data = { + 0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad, + 0xde, 0xca, 0xf8, 0x88 }, + .len = 12 + }, + .aad = { + .data = gcm_aad_text, + .len = GCM_LARGE_AAD_LENGTH + }, + .plaintext = { + .data = { + 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5, + 0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a, + 0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda, + 0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72, + 0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53, + 0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25, + 0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57, + 0xba, 0x63, 0x7b, 0x39, 0x1a, 0xaf, 0xd2, 0x55 }, + .len = 64 + }, + .ciphertext = { + .data = { + 0x42, 0x83, 0x1E, 0xC2, 0x21, 0x77, 0x74, 0x24, + 0x4B, 0x72, 0x21, 0xB7, 0x84, 0xD0, 0xD4, 0x9C, + 0xE3, 0xAA, 0x21, 0x2F, 0x2C, 0x02, 0xA4, 0xE0, + 0x35, 0xC1, 0x7E, 0x23, 0x29, 0xAC, 0xA1, 0x2E, + 0x21, 0xD5, 0x14, 0xB2, 0x54, 0x66, 0x93, 0x1C, + 0x7D, 0x8F, 0x6A, 0x5A, 0xAC, 0x84, 0xAA, 0x05, + 0x1B, 0xA3, 0x0B, 0x39, 0x6A, 0x0A, 0xAC, 0x97, + 0x3D, 0x58, 0xE0, 0x91, 0x47, 0x3F, 0x59, 0x85 + }, + .len = 64 + }, + .auth_tag = { + .data = { + 0xCA, 0x70, 0xAF, 0x96, 0xA8, 0x5D, 0x40, 0x47, + 0x0C, 0x3C, 0x48, 0xF5, 0xF0, 0xF5, 0xA5, 0x7D + }, + .len = 16 + } +}; + +/** variable AAD AES-256 Test Vectors */ +static const struct gcm_test_data gcm_test_case_aad_2 = { + .key = { + .data = { + 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c, + 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08, + 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5, + 0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a }, + .len = 32 + }, + .iv = { + .data = { + 0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad, + 0xde, 0xca, 0xf8, 0x88 }, + .len = 12 + }, + .aad = { + .data = gcm_aad_text, + .len = GCM_LARGE_AAD_LENGTH + }, + .plaintext = { + .data = { + 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5, + 0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a, + 0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda, + 0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72, + 0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53, + 0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25, + 0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57, + 0xba, 0x63, 0x7b, 0x39, 0x1a, 0xaf, 0xd2, 0x55 }, + .len = 64 + }, + .ciphertext = { + .data = { + 0x05, 0xA2, 0x39, 0xA5, 0xE1, 0x1A, 0x74, 0xEA, + 0x6B, 0x2A, 0x55, 0xF6, 0xD7, 0x88, 0x44, 0x7E, + 0x93, 0x7E, 0x23, 0x64, 0x8D, 0xF8, 0xD4, 0x04, + 0x3B, 0x40, 0xEF, 0x6D, 0x7C, 0x6B, 0xF3, 0xB9, + 0x50, 0x15, 0x97, 0x5D, 0xB8, 0x28, 0xA1, 0xD5, + 0x22, 0xDE, 0x36, 0x26, 0xD0, 0x6A, 0x7A, 0xC0, + 0xB5, 0x14, 0x36, 0xAF, 0x3A, 0xC6, 0x50, 0xAB, + 0xFA, 0x47, 0xC8, 0x2E, 0xF0, 0x68, 0xE1, 0x3E + }, + .len = 64 + }, + .auth_tag = { + .data = { + 0xBA, 0x06, 0xDA, 0xA1, 0x91, 0xE1, 0xFE, 0x22, + 0x59, 0xDA, 0x67, 0xAF, 0x9D, 0xA5, 0x43, 0x94 + }, + .len = 16 + } +}; + /** GMAC Test Vectors */ static uint8_t gmac_plaintext[GMAC_LARGE_PLAINTEXT_LENGTH] = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, @@ -1781,8 +2224,8 @@ static const struct gmac_test_data gmac_test_case_4 = { }, .gmac_tag = { .data = { - 0x88, 0x82, 0xb4, 0x93, 0x8f, 0x04, 0xcd, 0x06, - 0xfd, 0xac, 0x6d, 0x8b, 0x9c, 0x9e, 0x8f, 0xec + 0x3f, 0x07, 0xcb, 0xb9, 0x86, 0x3a, 0xea, 0xc2, + 0x2f, 0x3a, 0x2a, 0x93, 0xd8, 0x09, 0x6b, 0xda }, .len = 16 } @@ -1802,7 +2245,7 @@ static const struct gcm_test_data gcm_test_case_SGL_1 = { .len = 12 }, .aad = { - .data = { 0 }, + .data = gcm_aad_zero_text, .len = 0 }, .plaintext = { -- 2.20.1