[API-NEXT,v1,4/8] validation: crypto: add AES-GMAC testcase

Message ID	1510164012-14286-5-git-send-email-odpbot@yandex.ru
State	Superseded
Headers	show Delivered-To: patch@linaro.org Received-SPF: pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) client-ip=54.197.127.237; From: Github ODP bot <odpbot@yandex.ru> To: lng-odp@lists.linaro.org Date: Wed, 8 Nov 2017 21:00:08 +0300 Message-Id: <1510164012-14286-5-git-send-email-odpbot@yandex.ru> In-Reply-To: <1510164012-14286-1-git-send-email-odpbot@yandex.ru> References: <1510164012-14286-1-git-send-email-odpbot@yandex.ru> Github-pr-num: 288 Subject: [lng-odp] [PATCH API-NEXT v1 4/8] validation: crypto: add AES-GMAC testcase Precedence: list Errors-To: lng-odp-bounces@lists.linaro.org Sender: "lng-odp" <lng-odp-bounces@lists.linaro.org>
Series	[API-NEXT,v1,1/8] linux-gen: ipsec: use counter instead of random IV for GCM \| expand [API-NEXT,v1,1/8] linux-gen: ipsec: use counter instead of random IV for GCM [API-NEXT,v1,2/8] linux-gen: ipsec: don't leak SA on creation error [API-NEXT,v1,3/8] api: crypto: add AES-GMAC declarations [API-NEXT,v1,4/8] validation: crypto: add AES-GMAC testcase [API-NEXT,v1,5/8] linux-gen: crypto: add AES-GMAC implementation [API-NEXT,v1,6/8] linux-gen: ipsec: add support for AES-GMAC-ESP [API-NEXT,v1,7/8] validation: ipsec: check authentication key length is supported [API-NEXT,v1,8/8] validation: ipsec: support AES-GMAC-ESP validation

Message ID

1510164012-14286-5-git-send-email-odpbot@yandex.ru

State

Superseded

Headers

Received-SPF: pass (google.com: domain of lng-odp-bounces@lists.linaro.org
	designates 54.197.127.237 as permitted sender)
	client-ip=54.197.127.237; 
From: Github ODP bot <odpbot@yandex.ru>
To: lng-odp@lists.linaro.org
Date: Wed,  8 Nov 2017 21:00:08 +0300
Message-Id: <1510164012-14286-5-git-send-email-odpbot@yandex.ru>
In-Reply-To: <1510164012-14286-1-git-send-email-odpbot@yandex.ru>
References: <1510164012-14286-1-git-send-email-odpbot@yandex.ru>
Github-pr-num: 288
Subject: [lng-odp] [PATCH API-NEXT v1 4/8] validation: crypto: add AES-GMAC
	testcase
Precedence: list
Errors-To: lng-odp-bounces@lists.linaro.org
Sender: "lng-odp" <lng-odp-bounces@lists.linaro.org>

Series

[API-NEXT,v1,1/8] linux-gen: ipsec: use counter instead of random IV for GCM | expand

Commit Message

Github ODP bot Nov. 8, 2017, 6 p.m. UTC

From: Dmitry Eremin-Solenikov <dmitry.ereminsolenikov@linaro.org>


Add AES-GMAC test vector based on draft-mcgrew-gcm-test-01.

Signed-off-by: Dmitry Eremin-Solenikov <dmitry.ereminsolenikov@linaro.org>

---
/** Email created from pull request 288 (lumag:gmac)
 ** https://github.com/Linaro/odp/pull/288
 ** Patch: https://github.com/Linaro/odp/pull/288.patch
 ** Base sha: d22c949cc466bf28de559855a1cb525740578137
 ** Merge commit sha: 569b57eebedebdf2d3148ca06f481cb94bea52e4
 **/
 test/validation/api/crypto/crypto.h              |  2 ++
 test/validation/api/crypto/odp_crypto_test_inp.c | 46 ++++++++++++++++++++++++
 test/validation/api/crypto/test_vectors.h        | 33 +++++++++++++++++
 3 files changed, 81 insertions(+)

diff --git a/test/validation/api/crypto/crypto.h b/test/validation/api/crypto/crypto.h
index 71f862ec3..550d2bbff 100644
--- a/test/validation/api/crypto/crypto.h
+++ b/test/validation/api/crypto/crypto.h
@@ -32,6 +32,8 @@  void crypto_test_gen_alg_hmac_sha256(void);
 void crypto_test_check_alg_hmac_sha256(void);
 void crypto_test_gen_alg_hmac_sha512(void);
 void crypto_test_check_alg_hmac_sha512(void);
+void crypto_test_gen_alg_aes_gmac(void);
+void crypto_test_check_alg_aes_gmac(void);
 
 /* test arrays: */
 extern odp_testinfo_t crypto_suite[];
diff --git a/test/validation/api/crypto/odp_crypto_test_inp.c b/test/validation/api/crypto/odp_crypto_test_inp.c
index f05780377..596c8370b 100644
--- a/test/validation/api/crypto/odp_crypto_test_inp.c
+++ b/test/validation/api/crypto/odp_crypto_test_inp.c
@@ -50,6 +50,8 @@  static const char *auth_alg_name(odp_auth_alg_t auth)
 		return "ODP_AUTH_ALG_SHA512_HMAC";
 	case ODP_AUTH_ALG_AES_GCM:
 		return "ODP_AUTH_ALG_AES_GCM";
+	case ODP_AUTH_ALG_AES_GMAC:
+		return "ODP_AUTH_ALG_AES_GMAC";
 	default:
 		return "Unknown";
 	}
@@ -341,6 +343,9 @@  static void alg_test(odp_crypto_op_t op,
 	if (auth_alg == ODP_AUTH_ALG_AES_GCM &&
 	    !(capa.auths.bit.aes_gcm))
 		rc = -1;
+	if (auth_alg == ODP_AUTH_ALG_AES_GMAC &&
+	    !(capa.auths.bit.aes_gmac))
+		rc = -1;
 	if (auth_alg == ODP_AUTH_ALG_MD5_HMAC &&
 	    !(capa.auths.bit.md5_hmac))
 		rc = -1;
@@ -581,6 +586,10 @@  static int check_alg_support(odp_cipher_alg_t cipher, odp_auth_alg_t auth)
 		if (!capability.auths.bit.aes_gcm)
 			return ODP_TEST_INACTIVE;
 		break;
+	case ODP_AUTH_ALG_AES_GMAC:
+		if (!capability.auths.bit.aes_gmac)
+			return ODP_TEST_INACTIVE;
+		break;
 	default:
 		fprintf(stderr, "Unsupported authentication algorithm\n");
 		return ODP_TEST_INACTIVE;
@@ -1025,6 +1034,39 @@  void crypto_test_check_alg_hmac_sha512(void)
 			 false);
 }
 
+static int check_alg_aes_gmac(void)
+{
+	return check_alg_support(ODP_CIPHER_ALG_NULL, ODP_AUTH_ALG_AES_GMAC);
+}
+
+void crypto_test_gen_alg_aes_gmac(void)
+{
+	unsigned int test_vec_num = (sizeof(aes_gmac_reference) /
+				     sizeof(aes_gmac_reference[0]));
+	unsigned int i;
+
+	for (i = 0; i < test_vec_num; i++)
+		alg_test(ODP_CRYPTO_OP_ENCODE,
+			 ODP_CIPHER_ALG_NULL,
+			 ODP_AUTH_ALG_AES_GMAC,
+			 &aes_gmac_reference[i],
+			 false);
+}
+
+void crypto_test_check_alg_aes_gmac(void)
+{
+	unsigned int test_vec_num = (sizeof(aes_gmac_reference) /
+				     sizeof(aes_gmac_reference[0]));
+	unsigned int i;
+
+	for (i = 0; i < test_vec_num; i++)
+		alg_test(ODP_CRYPTO_OP_DECODE,
+			 ODP_CIPHER_ALG_NULL,
+			 ODP_AUTH_ALG_AES_GMAC,
+			 &aes_gmac_reference[i],
+			 false);
+}
+
 int crypto_suite_sync_init(void)
 {
 	suite_context.pool = odp_pool_lookup("packet_pool");
@@ -1122,6 +1164,10 @@  odp_testinfo_t crypto_suite[] = {
 				  check_alg_hmac_sha512),
 	ODP_TEST_INFO_CONDITIONAL(crypto_test_check_alg_hmac_sha512,
 				  check_alg_hmac_sha512),
+	ODP_TEST_INFO_CONDITIONAL(crypto_test_gen_alg_aes_gmac,
+				  check_alg_aes_gmac),
+	ODP_TEST_INFO_CONDITIONAL(crypto_test_check_alg_aes_gmac,
+				  check_alg_aes_gmac),
 	ODP_TEST_INFO_NULL,
 };
 
diff --git a/test/validation/api/crypto/test_vectors.h b/test/validation/api/crypto/test_vectors.h
index 652968be7..125a6d465 100644
--- a/test/validation/api/crypto/test_vectors.h
+++ b/test/validation/api/crypto/test_vectors.h
@@ -361,6 +361,39 @@  static crypto_test_reference_t aes_gcm_reference[] = {
 	}
 };
 
+static crypto_test_reference_t aes_gmac_reference[] = {
+	{
+		.auth_key_length = AES128_GCM_KEY_LEN,
+		.auth_key = { 0x4c, 0x80, 0xcd, 0xef, 0xbb, 0x5d, 0x10, 0xda,
+			      0x90, 0x6a, 0xc7, 0x3c, 0x36, 0x13, 0xa6, 0x34},
+		.iv_length = AES_GCM_IV_LEN,
+		.iv = { 0x22, 0x43, 0x3c, 0x64, 0x00, 0x00, 0x00, 0x00,
+			0x00, 0x00, 0x00, 0x00 },
+		.length = 68,
+		.plaintext = { 0x00, 0x00, 0x43, 0x21, 0x00, 0x00, 0x00, 0x07,
+			       0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+			       0x45, 0x00, 0x00, 0x30, 0xda, 0x3a, 0x00, 0x00,
+			       0x80, 0x01, 0xdf, 0x3b, 0xc0, 0xa8, 0x00, 0x05,
+			       0xc0, 0xa8, 0x00, 0x01, 0x08, 0x00, 0xc6, 0xcd,
+			       0x02, 0x00, 0x07, 0x00, 0x61, 0x62, 0x63, 0x64,
+			       0x65, 0x66, 0x67, 0x68, 0x69, 0x6a, 0x6b, 0x6c,
+			       0x6d, 0x6e, 0x6f, 0x70, 0x71, 0x72, 0x73, 0x74,
+			       0x01, 0x02, 0x02, 0x01 },
+		.ciphertext = { 0x00, 0x00, 0x43, 0x21, 0x00, 0x00, 0x00, 0x07,
+				0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+				0x45, 0x00, 0x00, 0x30, 0xda, 0x3a, 0x00, 0x00,
+				0x80, 0x01, 0xdf, 0x3b, 0xc0, 0xa8, 0x00, 0x05,
+				0xc0, 0xa8, 0x00, 0x01, 0x08, 0x00, 0xc6, 0xcd,
+				0x02, 0x00, 0x07, 0x00, 0x61, 0x62, 0x63, 0x64,
+				0x65, 0x66, 0x67, 0x68, 0x69, 0x6a, 0x6b, 0x6c,
+				0x6d, 0x6e, 0x6f, 0x70, 0x71, 0x72, 0x73, 0x74,
+				0x01, 0x02, 0x02, 0x01 },
+		.digest_length = AES_GCM_DIGEST_LEN,
+		.digest = { 0xf2, 0xa9, 0xa8, 0x36, 0xe1, 0x55, 0x10,
+			    0x6a, 0xa8, 0xdc, 0xd6, 0x18, 0xe4, 0x09, 0x9a, 0xaa }
+	},
+};
+
 static crypto_test_reference_t hmac_md5_reference[] = {
 	{
 		.auth_key_length = HMAC_MD5_KEY_LEN,