From patchwork Wed Jan 24 19:00:05 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Github ODP bot X-Patchwork-Id: 125707 Delivered-To: patch@linaro.org Received: by 10.46.66.141 with SMTP id h13csp603254ljf; Wed, 24 Jan 2018 11:00:33 -0800 (PST) X-Google-Smtp-Source: AH8x227yJKOOSqGZ9mctshuvfGvDAB6t8e34qboqGFdOiyz+V2JYmNUOdzZkSabBdD2elJqo1HPo X-Received: by 10.55.182.3 with SMTP id g3mr11349650qkf.238.1516820433709; Wed, 24 Jan 2018 11:00:33 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1516820433; cv=none; d=google.com; s=arc-20160816; b=HMnuohKxIkHvQjs0xL8zOMW9SgRjl9PeCN4f8tpoKozQhNujKxD5sGDJrAzOhifLxd 3hgS5aCKxrZOzK4+GNiND3/+PMs0mcbwVP9Q4RlvDRQdhL21aXWs/5GJ9kHgHxWsKU2M cfDP1qaBA8/1gGdA6wF2Gl0UhAvPJH1mtntvkvKOszz1TrcPz94sDBzKsQ1YKOVP68oR 1B9ENDobrFqfFOyz4gMa3hSa7r2J7lGvbzF9PXm6fjxckaTZ97cy0OrIgYOYZPaeKLHq 5XWrgeweDgv+6YaECkABgAHRgW4qfv31uyKdM7onh6ln5LnfD2y+pSUqG4tC/Dmmk31u Nwjg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:github-pr-num :references:in-reply-to:message-id:date:to:from:delivered-to :arc-authentication-results; bh=mGSbNA9c81AnHU7nOqr/Y1nin0UUragYIeNIwpurbjk=; b=ar3ucYR0r5Sbl+pUClqmlS44pse2YXQH9W1eiyFG8cQ7nFK3XziZoKVD67vs7Vy7uU oF6LNVOyFStUnZmyvmu8Uhe4y0qKe+3M/uT7lmEfFBCk+ony4mzizDSryBx67zRaEUZD Q7/LXuGE0nC7LjiOG7r3hq451Zys28L6lRIqgXoc+klFcppC1CH4E3BOvrtXWh65zuSo BX8rPTGFybp5SYg2WASZRy3P3YE4osml/X/aT4LSZ1cptu/0PQHf7IbLQpnyyqF5FrMq 8z3T06SK71Q/cL6tm6Qyhm9L4jLUEaXHwXgm8Akrhc4hfjr2ozNgX5UPcKOM/ukI7uGj PpZA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Return-Path: Received: from lists.linaro.org (ec2-54-197-127-237.compute-1.amazonaws.com. [54.197.127.237]) by mx.google.com with ESMTP id 126si781174qkg.234.2018.01.24.11.00.30; Wed, 24 Jan 2018 11:00:33 -0800 (PST) Received-SPF: pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) client-ip=54.197.127.237; Authentication-Results: mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Received: by lists.linaro.org (Postfix, from userid 109) id 301D26176C; Wed, 24 Jan 2018 19:00:30 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on ip-10-142-244-252 X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,FREEMAIL_FROM, RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H2 autolearn=disabled version=3.4.0 Received: from [127.0.0.1] (localhost [127.0.0.1]) by lists.linaro.org (Postfix) with ESMTP id BB966614E2; Wed, 24 Jan 2018 19:00:21 +0000 (UTC) X-Original-To: lng-odp@lists.linaro.org Delivered-To: lng-odp@lists.linaro.org Received: by lists.linaro.org (Postfix, from userid 109) id 65DD360725; Wed, 24 Jan 2018 19:00:19 +0000 (UTC) Received: from forward100p.mail.yandex.net (forward100p.mail.yandex.net [77.88.28.100]) by lists.linaro.org (Postfix) with ESMTPS id EA0C460725 for ; Wed, 24 Jan 2018 19:00:16 +0000 (UTC) Received: from mxback13g.mail.yandex.net (mxback13g.mail.yandex.net [IPv6:2a02:6b8:0:1472:2741:0:8b7:92]) by forward100p.mail.yandex.net (Yandex) with ESMTP id 42FED5102776 for ; Wed, 24 Jan 2018 22:00:15 +0300 (MSK) Received: from smtp3p.mail.yandex.net (smtp3p.mail.yandex.net [2a02:6b8:0:1472:2741:0:8b6:8]) by mxback13g.mail.yandex.net (nwsmtp/Yandex) with ESMTP id bfpqam2FAm-0FVCPp7U; Wed, 24 Jan 2018 22:00:15 +0300 Received: by smtp3p.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id eveK2VsYyq-0CGqUwQM; Wed, 24 Jan 2018 22:00:13 +0300 (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client certificate not present) From: Github ODP bot To: lng-odp@lists.linaro.org Date: Wed, 24 Jan 2018 22:00:05 +0300 Message-Id: <1516820410-23442-2-git-send-email-odpbot@yandex.ru> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1516820410-23442-1-git-send-email-odpbot@yandex.ru> References: <1516820410-23442-1-git-send-email-odpbot@yandex.ru> Github-pr-num: 428 Subject: [lng-odp] [PATCH API-NEXT v4 1/6] api: crypto: add ChaCha20-Poly1305 support X-BeenThere: lng-odp@lists.linaro.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "The OpenDataPlane \(ODP\) List" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: lng-odp-bounces@lists.linaro.org Sender: "lng-odp" From: Dmitry Eremin-Solenikov ChaCha20-Poly1305 is a promising AEAD algorithm. Add decarations to support it. Signed-off-by: Dmitry Eremin-Solenikov --- /** Email created from pull request 428 (lumag:chacha-poly1305) ** https://github.com/Linaro/odp/pull/428 ** Patch: https://github.com/Linaro/odp/pull/428.patch ** Base sha: 44974a09b01c79adb9637a5dff38539598a76737 ** Merge commit sha: 516808773882a012c221502d190787c1cdddd1b9 **/ include/odp/api/spec/crypto.h | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/include/odp/api/spec/crypto.h b/include/odp/api/spec/crypto.h index 77ea317b8..ef0b267fa 100644 --- a/include/odp/api/spec/crypto.h +++ b/include/odp/api/spec/crypto.h @@ -89,6 +89,12 @@ typedef enum { */ ODP_CIPHER_ALG_AES_GCM, + /** ChaCha20-Poly1305 AEAD + * + * @note Must be paired with ODP_AUTH_ALG_CHACHA20_POLY1305 + */ + ODP_CIPHER_ALG_CHACHA20_POLY1305, + /** @deprecated Use ODP_CIPHER_ALG_AES_CBC instead */ ODP_DEPRECATE(ODP_CIPHER_ALG_AES128_CBC), @@ -148,6 +154,12 @@ typedef enum { */ ODP_AUTH_ALG_AES_GMAC, + /** ChaCha20-Poly1305 AEAD + * + * @note Must be paired with ODP_CIPHER_ALG_CHACHA20_POLY1305 + */ + ODP_AUTH_ALG_CHACHA20_POLY1305, + /** @deprecated Use ODP_AUTH_ALG_MD5_HMAC instead */ ODP_DEPRECATE(ODP_AUTH_ALG_MD5_96), @@ -183,6 +195,9 @@ typedef union odp_crypto_cipher_algos_t { /** ODP_CIPHER_ALG_AES_GCM */ uint32_t aes_gcm : 1; + /** ODP_CIPHER_ALG_CHACHA20_POLY1305 */ + uint32_t chacha20_poly1305 : 1; + /** @deprecated Use aes_cbc instead */ uint32_t ODP_DEPRECATE(aes128_cbc) : 1; @@ -225,6 +240,9 @@ typedef union odp_crypto_auth_algos_t { /** ODP_AUTH_ALG_AES_GMAC*/ uint32_t aes_gmac : 1; + /** ODP_AUTH_ALG_CHACHA20_POLY1305 */ + uint32_t chacha20_poly1305 : 1; + /** @deprecated Use md5_hmac instead */ uint32_t ODP_DEPRECATE(md5_96) : 1; From patchwork Wed Jan 24 19:00:06 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Github ODP bot X-Patchwork-Id: 125708 Delivered-To: patch@linaro.org Received: by 10.46.66.141 with SMTP id h13csp604709ljf; Wed, 24 Jan 2018 11:02:17 -0800 (PST) X-Google-Smtp-Source: AH8x2247hUl1PydWQQ2VeufDusHJYM0ZcommkkGPEUM1KVUrVnPgoc8WnLdbp2J/dmu80hC8WM/p X-Received: by 10.37.192.194 with SMTP id c185mr6205774ybf.133.1516820537642; Wed, 24 Jan 2018 11:02:17 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1516820537; cv=none; d=google.com; s=arc-20160816; b=SUJx/yo5GMh31GHsZAVqnfWsv+1lmd4E1rRx/saLevfEArqDeu0SWqk8eA4MoOp48+ mwM+no72lfEc7HFgH6XJanIFKU/U8ttCLjQhdognhUZoLZmnS0gOvwAzYCt5VLOWRGhz lyVfqSDjhFTtLuWiKWLApxVj0iQ92aQU01hMM+UUTCNNDsNmEFRdcWMct9QjdeyCwPhW HdoGJMU1ljEcVfSTImy2PxT+hcUAX6NYR1ByLReciC7Huf7mt3RfUWfB7mHJk4Cwy9Oy HoJ9rYeNd5mD76oOfRPOgoRtIsy2tofTk3ZewZnUAMb7zXg7eBTDqXGAfCTzeuq113cK nOSQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:github-pr-num :references:in-reply-to:message-id:date:to:from:delivered-to :arc-authentication-results; bh=szmIrvAx2hwkI9b1Lavkii+poHok0NAzQN7hkoTEPj8=; b=liV8zZjqYKMpqAWU6SywmKpN2mNw4/FymW/VOExQE1ZVSHTbvi5wf6UGmkkGjT7P4T y1aONGzfKldarGQjb/4PgWP3pcvjonXGjx0/RpQ91qeRbNAL4Du3iAvrP4r16YAnfYTA mXnCv571wTWBRyLLpPl6TMZsw7UlgDmmJWrstL+P9YoPwQIzGgdOnBxtQXKQFB7FVH3H QKGJ9Ahi930PF78cnKBBJiIxWXkJelhT9LVf1bDdrrosUyTf0X+1NTnZY9ZdYWsreOvB Yviy8Ijgir22Yuc5IZCPnLQKE+T7ugQyvdcY1rqlDCsJs2ukj6w2qPiULsKL+QFXcRKl pzog== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Return-Path: Received: from lists.linaro.org (ec2-54-197-127-237.compute-1.amazonaws.com. [54.197.127.237]) by mx.google.com with ESMTP id u63si170435qkl.288.2018.01.24.11.02.17; Wed, 24 Jan 2018 11:02:17 -0800 (PST) Received-SPF: pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) client-ip=54.197.127.237; Authentication-Results: mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Received: by lists.linaro.org (Postfix, from userid 109) id 44D5961702; Wed, 24 Jan 2018 19:02:17 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on ip-10-142-244-252 X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,FREEMAIL_FROM, RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H2 autolearn=disabled version=3.4.0 Received: from [127.0.0.1] (localhost [127.0.0.1]) by lists.linaro.org (Postfix) with ESMTP id C63726176C; Wed, 24 Jan 2018 19:01:07 +0000 (UTC) X-Original-To: lng-odp@lists.linaro.org Delivered-To: lng-odp@lists.linaro.org Received: by lists.linaro.org (Postfix, from userid 109) id D42F161702; Wed, 24 Jan 2018 19:00:45 +0000 (UTC) Received: from forward100o.mail.yandex.net (forward100o.mail.yandex.net [37.140.190.180]) by lists.linaro.org (Postfix) with ESMTPS id 883AA60725 for ; Wed, 24 Jan 2018 19:00:21 +0000 (UTC) Received: from mxback13j.mail.yandex.net (mxback13j.mail.yandex.net [IPv6:2a02:6b8:0:1619::88]) by forward100o.mail.yandex.net (Yandex) with ESMTP id 1E54A2A23CA9 for ; Wed, 24 Jan 2018 22:00:20 +0300 (MSK) Received: from smtp3p.mail.yandex.net (smtp3p.mail.yandex.net [2a02:6b8:0:1472:2741:0:8b6:8]) by mxback13j.mail.yandex.net (nwsmtp/Yandex) with ESMTP id 7NcwLDta35-0JBO4WML; Wed, 24 Jan 2018 22:00:20 +0300 Received: by smtp3p.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id eveK2VsYyq-0GGO7GeX; Wed, 24 Jan 2018 22:00:17 +0300 (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client certificate not present) From: Github ODP bot To: lng-odp@lists.linaro.org Date: Wed, 24 Jan 2018 22:00:06 +0300 Message-Id: <1516820410-23442-3-git-send-email-odpbot@yandex.ru> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1516820410-23442-1-git-send-email-odpbot@yandex.ru> References: <1516820410-23442-1-git-send-email-odpbot@yandex.ru> Github-pr-num: 428 Subject: [lng-odp] [PATCH API-NEXT v4 2/6] validation: crypto: use unix file format X-BeenThere: lng-odp@lists.linaro.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "The OpenDataPlane \(ODP\) List" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: lng-odp-bounces@lists.linaro.org Sender: "lng-odp" From: Dmitry Eremin-Solenikov Merge f925f103c90591776f73863d30159357b08bf71e changed EOL to DOS convention in this file. Change it back. Fixes: f925f103c90591776f73863d30159357b08bf71e Signed-off-by: Dmitry Eremin-Solenikov --- /** Email created from pull request 428 (lumag:chacha-poly1305) ** https://github.com/Linaro/odp/pull/428 ** Patch: https://github.com/Linaro/odp/pull/428.patch ** Base sha: 44974a09b01c79adb9637a5dff38539598a76737 ** Merge commit sha: 516808773882a012c221502d190787c1cdddd1b9 **/ test/validation/api/crypto/odp_crypto_test_inp.c | 2592 +++++++++++----------- 1 file changed, 1296 insertions(+), 1296 deletions(-) diff --git a/test/validation/api/crypto/odp_crypto_test_inp.c b/test/validation/api/crypto/odp_crypto_test_inp.c index 1d92c6568..2b0ba1cd9 100644 --- a/test/validation/api/crypto/odp_crypto_test_inp.c +++ b/test/validation/api/crypto/odp_crypto_test_inp.c @@ -1,1296 +1,1296 @@ -/* Copyright (c) 2014-2018, Linaro Limited - * All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - */ - -#include "config.h" - -#include -#include -#include -#include "test_vectors.h" -#include "odp_crypto_test_inp.h" -#include "crypto.h" - -#define MAX_ALG_CAPA 32 - -struct suite_context_s { - odp_bool_t packet; - odp_crypto_op_mode_t op_mode; - odp_crypto_op_mode_t pref_mode; - odp_pool_t pool; - odp_queue_t queue; -}; - -static struct suite_context_s suite_context; - -static int packet_cmp_mem(odp_packet_t pkt, uint32_t offset, - void *s, uint32_t len) -{ - uint8_t buf[len]; - - odp_packet_copy_to_mem(pkt, offset, len, buf); - - return memcmp(buf, s, len); -} - -static const char *auth_alg_name(odp_auth_alg_t auth) -{ - switch (auth) { - case ODP_AUTH_ALG_NULL: - return "ODP_AUTH_ALG_NULL"; - case ODP_AUTH_ALG_MD5_HMAC: - return "ODP_AUTH_ALG_MD5_HMAC"; - case ODP_AUTH_ALG_SHA1_HMAC: - return "ODP_AUTH_ALG_SHA1_HMAC"; - case ODP_AUTH_ALG_SHA256_HMAC: - return "ODP_AUTH_ALG_SHA256_HMAC"; - case ODP_AUTH_ALG_SHA512_HMAC: - return "ODP_AUTH_ALG_SHA512_HMAC"; - case ODP_AUTH_ALG_AES_GCM: - return "ODP_AUTH_ALG_AES_GCM"; - case ODP_AUTH_ALG_AES_GMAC: - return "ODP_AUTH_ALG_AES_GMAC"; - default: - return "Unknown"; - } -} - -static const char *cipher_alg_name(odp_cipher_alg_t cipher) -{ - switch (cipher) { - case ODP_CIPHER_ALG_NULL: - return "ODP_CIPHER_ALG_NULL"; - case ODP_CIPHER_ALG_DES: - return "ODP_CIPHER_ALG_DES"; - case ODP_CIPHER_ALG_3DES_CBC: - return "ODP_CIPHER_ALG_3DES_CBC"; - case ODP_CIPHER_ALG_AES_CBC: - return "ODP_CIPHER_ALG_AES_CBC"; - case ODP_CIPHER_ALG_AES_GCM: - return "ODP_CIPHER_ALG_AES_GCM"; - default: - return "Unknown"; - } -} - -static int alg_op(odp_packet_t pkt, - odp_bool_t *ok, - odp_crypto_session_t session, - uint8_t *cipher_iv_ptr, - uint8_t *auth_iv_ptr, - odp_packet_data_range_t *cipher_range, - odp_packet_data_range_t *auth_range, - uint8_t *aad, - unsigned int plaintext_len) -{ - int rc; - odp_crypto_op_result_t result; - odp_crypto_op_param_t op_params; - odp_bool_t posted; - odp_event_subtype_t subtype; - - /* Prepare input/output params */ - memset(&op_params, 0, sizeof(op_params)); - op_params.session = session; - op_params.pkt = pkt; - op_params.out_pkt = pkt; - op_params.ctx = (void *)0xdeadbeef; - - op_params.cipher_range = *cipher_range; - op_params.auth_range = *auth_range; - if (cipher_iv_ptr) - op_params.cipher_iv_ptr = cipher_iv_ptr; - if (auth_iv_ptr) - op_params.auth_iv_ptr = auth_iv_ptr; - - op_params.aad_ptr = aad; - - op_params.hash_result_offset = plaintext_len; - - rc = odp_crypto_operation(&op_params, &posted, &result); - if (rc < 0) { - CU_FAIL("Failed odp_crypto_operation()"); - return rc; - } - - if (posted) { - odp_event_t event; - odp_crypto_compl_t compl_event; - - /* Poll completion queue for results */ - do { - event = odp_queue_deq(suite_context.queue); - } while (event == ODP_EVENT_INVALID); - - CU_ASSERT(ODP_EVENT_CRYPTO_COMPL == odp_event_type(event)); - CU_ASSERT(ODP_EVENT_NO_SUBTYPE == odp_event_subtype(event)); - CU_ASSERT(ODP_EVENT_CRYPTO_COMPL == - odp_event_types(event, &subtype)); - CU_ASSERT(ODP_EVENT_NO_SUBTYPE == subtype); - - compl_event = odp_crypto_compl_from_event(event); - CU_ASSERT(odp_crypto_compl_to_u64(compl_event) == - odp_crypto_compl_to_u64( - odp_crypto_compl_from_event(event))); - odp_crypto_compl_result(compl_event, &result); - odp_crypto_compl_free(compl_event); - } - - CU_ASSERT(result.pkt == pkt); - CU_ASSERT(result.ctx == (void *)0xdeadbeef); - CU_ASSERT(ODP_EVENT_PACKET == - odp_event_type(odp_packet_to_event(result.pkt))); - CU_ASSERT(ODP_EVENT_PACKET_BASIC == - odp_event_subtype(odp_packet_to_event(result.pkt))); - CU_ASSERT(ODP_EVENT_PACKET == - odp_event_types(odp_packet_to_event(result.pkt), &subtype)); - CU_ASSERT(ODP_EVENT_PACKET_BASIC == subtype); - - *ok = result.ok; - - return 0; -} - -static int alg_packet_op(odp_packet_t pkt, - odp_bool_t *ok, - odp_crypto_session_t session, - uint8_t *cipher_iv_ptr, - uint8_t *auth_iv_ptr, - odp_packet_data_range_t *cipher_range, - odp_packet_data_range_t *auth_range, - uint8_t *aad, - unsigned int plaintext_len) -{ - int rc; - odp_crypto_packet_result_t result; - odp_crypto_packet_op_param_t op_params; - odp_event_subtype_t subtype; - odp_packet_t out_pkt = pkt; - - /* Prepare input/output params */ - memset(&op_params, 0, sizeof(op_params)); - op_params.session = session; - - op_params.cipher_range = *cipher_range; - op_params.auth_range = *auth_range; - if (cipher_iv_ptr) - op_params.cipher_iv_ptr = cipher_iv_ptr; - if (auth_iv_ptr) - op_params.auth_iv_ptr = auth_iv_ptr; - - op_params.aad_ptr = aad; - - op_params.hash_result_offset = plaintext_len; - - rc = odp_crypto_op(&pkt, &out_pkt, &op_params, 1); - if (rc < 0) { - CU_FAIL("Failed odp_crypto_packet_op()"); - return rc; - } - - CU_ASSERT(out_pkt == pkt); - CU_ASSERT(ODP_EVENT_PACKET == - odp_event_type(odp_packet_to_event(pkt))); - CU_ASSERT(ODP_EVENT_PACKET_CRYPTO == - odp_event_subtype(odp_packet_to_event(pkt))); - CU_ASSERT(ODP_EVENT_PACKET == - odp_event_types(odp_packet_to_event(pkt), &subtype)); - CU_ASSERT(ODP_EVENT_PACKET_CRYPTO == subtype); - - rc = odp_crypto_result(&result, pkt); - if (rc < 0) { - CU_FAIL("Failed odp_crypto_packet_result()"); - return rc; - } - - if (!result.ok) - CU_ASSERT(odp_packet_has_error(pkt)); - - *ok = result.ok; - - return 0; -} - -static int alg_packet_op_enq(odp_packet_t pkt, - odp_bool_t *ok, - odp_crypto_session_t session, - uint8_t *cipher_iv_ptr, - uint8_t *auth_iv_ptr, - odp_packet_data_range_t *cipher_range, - odp_packet_data_range_t *auth_range, - uint8_t *aad, - unsigned int plaintext_len) -{ - int rc; - odp_event_t event; - odp_crypto_packet_result_t result; - odp_crypto_packet_op_param_t op_params; - odp_event_subtype_t subtype; - odp_packet_t out_pkt = pkt; - - /* Prepare input/output params */ - memset(&op_params, 0, sizeof(op_params)); - op_params.session = session; - - op_params.cipher_range = *cipher_range; - op_params.auth_range = *auth_range; - if (cipher_iv_ptr) - op_params.cipher_iv_ptr = cipher_iv_ptr; - if (auth_iv_ptr) - op_params.auth_iv_ptr = auth_iv_ptr; - - op_params.aad_ptr = aad; - - op_params.hash_result_offset = plaintext_len; - - rc = odp_crypto_op_enq(&pkt, &pkt, &op_params, 1); - if (rc < 0) { - CU_FAIL("Failed odp_crypto_op_enq()"); - return rc; - } - - /* Poll completion queue for results */ - do { - event = odp_queue_deq(suite_context.queue); - } while (event == ODP_EVENT_INVALID); - - CU_ASSERT(ODP_EVENT_PACKET == odp_event_type(event)); - CU_ASSERT(ODP_EVENT_PACKET_CRYPTO == odp_event_subtype(event)); - CU_ASSERT(ODP_EVENT_PACKET == odp_event_types(event, &subtype)); - CU_ASSERT(ODP_EVENT_PACKET_CRYPTO == subtype); - - pkt = odp_crypto_packet_from_event(event); - - CU_ASSERT(out_pkt == pkt); - CU_ASSERT(ODP_EVENT_PACKET == - odp_event_type(odp_packet_to_event(pkt))); - CU_ASSERT(ODP_EVENT_PACKET_CRYPTO == - odp_event_subtype(odp_packet_to_event(pkt))); - CU_ASSERT(ODP_EVENT_PACKET == - odp_event_types(odp_packet_to_event(pkt), &subtype)); - CU_ASSERT(ODP_EVENT_PACKET_CRYPTO == subtype); - - rc = odp_crypto_result(&result, pkt); - if (rc < 0) { - CU_FAIL("Failed odp_crypto_packet_result()"); - return rc; - } - - CU_ASSERT((!odp_packet_has_error(pkt)) == result.ok); - - *ok = result.ok; - - return 0; -} - -typedef enum crypto_test { - NORMAL_TEST = 0, /**< Plain execution */ - REPEAT_TEST, /**< Rerun without reinitializing the session */ - WRONG_DIGEST_TEST, /**< Check against wrong digest */ - MAX_TEST, /**< Final mark */ -} crypto_test; - -/* Basic algorithm run function for async inplace mode. - * Creates a session from input parameters and runs one operation - * on input_vec. Checks the output of the crypto operation against - * output_vec. Operation completion event is dequeued polling the - * session output queue. Completion context pointer is retrieved - * and checked against the one set before the operation. - * Completion event can be a separate buffer or the input packet - * buffer can be used. - * */ -static void alg_test(odp_crypto_op_t op, - odp_cipher_alg_t cipher_alg, - odp_auth_alg_t auth_alg, - crypto_test_reference_t *ref, - odp_bool_t ovr_iv) -{ - odp_crypto_session_t session; - int rc; - odp_crypto_ses_create_err_t status; - odp_bool_t ok = false; - int iteration; - odp_crypto_session_param_t ses_params; - odp_packet_data_range_t cipher_range; - odp_packet_data_range_t auth_range; - odp_crypto_key_t cipher_key = { - .data = ref->cipher_key, - .length = ref->cipher_key_length - }; - odp_crypto_key_t auth_key = { - .data = ref->auth_key, - .length = ref->auth_key_length - }; - odp_crypto_iv_t cipher_iv = { - .data = ovr_iv ? NULL : ref->cipher_iv, - .length = ref->cipher_iv_length - }; - odp_crypto_iv_t auth_iv = { - .data = ovr_iv ? NULL : ref->auth_iv, - .length = ref->auth_iv_length - }; - - /* Create a crypto session */ - odp_crypto_session_param_init(&ses_params); - ses_params.op = op; - ses_params.auth_cipher_text = false; - ses_params.op_mode = suite_context.op_mode; - ses_params.pref_mode = suite_context.pref_mode; - ses_params.cipher_alg = cipher_alg; - ses_params.auth_alg = auth_alg; - ses_params.compl_queue = suite_context.queue; - ses_params.output_pool = suite_context.pool; - ses_params.cipher_key = cipher_key; - ses_params.cipher_iv = cipher_iv; - ses_params.auth_iv = auth_iv; - ses_params.auth_key = auth_key; - ses_params.auth_digest_len = ref->digest_length; - ses_params.auth_aad_len = ref->aad_length; - - rc = odp_crypto_session_create(&ses_params, &session, &status); - CU_ASSERT_FATAL(!rc); - CU_ASSERT(status == ODP_CRYPTO_SES_CREATE_ERR_NONE); - CU_ASSERT(odp_crypto_session_to_u64(session) != - odp_crypto_session_to_u64(ODP_CRYPTO_SESSION_INVALID)); - - cipher_range.offset = 0; - cipher_range.length = ref->length; - auth_range.offset = 0; - auth_range.length = ref->length; - - /* Prepare input data */ - odp_packet_t pkt = odp_packet_alloc(suite_context.pool, - ref->length + ref->digest_length); - CU_ASSERT(pkt != ODP_PACKET_INVALID); - if (pkt == ODP_PACKET_INVALID) - goto cleanup; - - for (iteration = NORMAL_TEST; iteration < MAX_TEST; iteration++) { - /* checking against wrong digest is meaningless for NULL digest - * or when generating digest */ - if (iteration == WRONG_DIGEST_TEST && - (auth_alg == ODP_AUTH_ALG_NULL || - op == ODP_CRYPTO_OP_ENCODE)) - continue; - - if (op == ODP_CRYPTO_OP_ENCODE) { - odp_packet_copy_from_mem(pkt, 0, ref->length, - ref->plaintext); - } else { - odp_packet_copy_from_mem(pkt, 0, ref->length, - ref->ciphertext); - odp_packet_copy_from_mem(pkt, ref->length, - ref->digest_length, - ref->digest); - if (iteration == WRONG_DIGEST_TEST) { - uint8_t byte = ~ref->digest[0]; - - odp_packet_copy_from_mem(pkt, ref->length, - 1, &byte); - } - } - - if (!suite_context.packet) - rc = alg_op(pkt, &ok, session, - ovr_iv ? ref->cipher_iv : NULL, - ovr_iv ? ref->auth_iv : NULL, - &cipher_range, &auth_range, - ref->aad, ref->length); - else if (ODP_CRYPTO_ASYNC == suite_context.op_mode) - rc = alg_packet_op_enq(pkt, &ok, session, - ovr_iv ? ref->cipher_iv : NULL, - ovr_iv ? ref->auth_iv : NULL, - &cipher_range, &auth_range, - ref->aad, ref->length); - else - rc = alg_packet_op(pkt, &ok, session, - ovr_iv ? ref->cipher_iv : NULL, - ovr_iv ? ref->auth_iv : NULL, - &cipher_range, &auth_range, - ref->aad, ref->length); - if (rc < 0) - break; - - if (iteration == WRONG_DIGEST_TEST) { - CU_ASSERT(!ok); - continue; - } - - CU_ASSERT(ok); - - if (op == ODP_CRYPTO_OP_ENCODE) { - CU_ASSERT(!packet_cmp_mem(pkt, 0, - ref->ciphertext, - ref->length)); - CU_ASSERT(!packet_cmp_mem(pkt, ref->length, - ref->digest, - ref->digest_length)); - } else { - CU_ASSERT(!packet_cmp_mem(pkt, 0, - ref->plaintext, - ref->length)); - } - } - - odp_packet_free(pkt); - -cleanup: - rc = odp_crypto_session_destroy(session); - CU_ASSERT(!rc); -} - -static void check_alg(odp_crypto_op_t op, - odp_cipher_alg_t cipher_alg, - odp_auth_alg_t auth_alg, - crypto_test_reference_t *ref, - size_t count, - odp_bool_t ovr_iv) -{ - odp_crypto_capability_t capa; - odp_crypto_cipher_capability_t cipher_capa[MAX_ALG_CAPA]; - odp_crypto_auth_capability_t auth_capa[MAX_ALG_CAPA]; - int rc, cipher_num, auth_num, i; - odp_bool_t cipher_tested[MAX_ALG_CAPA]; - odp_bool_t auth_tested[MAX_ALG_CAPA]; - odp_bool_t cipher_ok = false; - odp_bool_t auth_ok = false; - size_t idx; - - rc = odp_crypto_capability(&capa); - CU_ASSERT(!rc); - - if (cipher_alg == ODP_CIPHER_ALG_3DES_CBC && - !(capa.ciphers.bit.trides_cbc)) - rc = -1; - if (cipher_alg == ODP_CIPHER_ALG_AES_CBC && - !(capa.ciphers.bit.aes_cbc)) - rc = -1; - if (cipher_alg == ODP_CIPHER_ALG_AES_CTR && - !(capa.ciphers.bit.aes_ctr)) - rc = -1; - if (cipher_alg == ODP_CIPHER_ALG_AES_GCM && - !(capa.ciphers.bit.aes_gcm)) - rc = -1; - if (cipher_alg == ODP_CIPHER_ALG_DES && - !(capa.ciphers.bit.des)) - rc = -1; - if (cipher_alg == ODP_CIPHER_ALG_NULL && - !(capa.ciphers.bit.null)) - rc = -1; - - CU_ASSERT(!rc); - CU_ASSERT((~capa.ciphers.all_bits & capa.hw_ciphers.all_bits) == 0); - - if (auth_alg == ODP_AUTH_ALG_AES_GCM && - !(capa.auths.bit.aes_gcm)) - rc = -1; - if (auth_alg == ODP_AUTH_ALG_AES_GMAC && - !(capa.auths.bit.aes_gmac)) - rc = -1; - if (auth_alg == ODP_AUTH_ALG_MD5_HMAC && - !(capa.auths.bit.md5_hmac)) - rc = -1; - if (auth_alg == ODP_AUTH_ALG_NULL && - !(capa.auths.bit.null)) - rc = -1; - if (auth_alg == ODP_AUTH_ALG_SHA1_HMAC && - !(capa.auths.bit.sha1_hmac)) - rc = -1; - if (auth_alg == ODP_AUTH_ALG_SHA256_HMAC && - !(capa.auths.bit.sha256_hmac)) - rc = -1; - if (auth_alg == ODP_AUTH_ALG_SHA512_HMAC && - !(capa.auths.bit.sha512_hmac)) - rc = -1; - - CU_ASSERT(!rc); - CU_ASSERT((~capa.auths.all_bits & capa.hw_auths.all_bits) == 0); - - cipher_num = odp_crypto_cipher_capability(cipher_alg, cipher_capa, - MAX_ALG_CAPA); - - CU_ASSERT(cipher_num > 0); - CU_ASSERT(cipher_num <= MAX_ALG_CAPA); - if (cipher_num > MAX_ALG_CAPA) - cipher_num = MAX_ALG_CAPA; - - auth_num = odp_crypto_auth_capability(auth_alg, auth_capa, - MAX_ALG_CAPA); - - CU_ASSERT(auth_num > 0); - CU_ASSERT(auth_num <= MAX_ALG_CAPA); - if (auth_num > MAX_ALG_CAPA) - auth_num = MAX_ALG_CAPA; - - memset(cipher_tested, 0, sizeof(cipher_tested)); - memset(auth_tested, 0, sizeof(auth_tested)); - - for (idx = 0; idx < count; idx++) { - int cipher_idx = -1, auth_idx = -1; - - for (i = 0; i < cipher_num; i++) { - if (cipher_capa[i].key_len == - ref[idx].cipher_key_length && - cipher_capa[i].iv_len == - ref[idx].cipher_iv_length) { - cipher_idx = i; - break; - } - } - - if (cipher_idx < 0) { - printf("\n Unsupported: alg=%s, key_len=%" PRIu32 - ", iv_len=%" PRIu32 "\n", - cipher_alg_name(cipher_alg), - ref[idx].cipher_key_length, - ref[idx].cipher_iv_length); - continue; - } - - for (i = 0; i < auth_num; i++) { - if (auth_capa[i].digest_len == - ref[idx].digest_length && - auth_capa[i].iv_len == - ref[idx].auth_iv_length && - auth_capa[i].key_len == - ref[idx].auth_key_length) { - auth_idx = i; - break; - } - } - - if (auth_idx < 0) { - printf("\n Unsupported: alg=%s, key_len=%" PRIu32 - ", iv_len=%" PRIu32 ", digest_len=%" PRIu32 "\n", - auth_alg_name(auth_alg), - ref[idx].auth_key_length, - ref[idx].auth_iv_length, - ref[idx].digest_length); - continue; - } - - alg_test(op, cipher_alg, auth_alg, &ref[idx], ovr_iv); - - cipher_tested[cipher_idx] = true; - auth_tested[auth_idx] = true; - } - - for (i = 0; i < cipher_num; i++) { - cipher_ok |= cipher_tested[i]; - if (!cipher_tested[i]) { - /* GMAC-related hacks */ - if (cipher_alg == ODP_CIPHER_ALG_NULL) - continue; - printf("\n Untested: alg=%s, key_len=%" PRIu32 ", " - "iv_len=%" PRIu32 "\n", - cipher_alg_name(cipher_alg), - cipher_capa[i].key_len, - cipher_capa[i].iv_len); - } - } - - for (i = 0; i < auth_num; i++) { - auth_ok |= auth_tested[i]; - if (!auth_tested[i]) - printf("\n Untested: alg=%s, key_len=%" PRIu32 ", " - "digest_len=%" PRIu32 "\n", - auth_alg_name(auth_alg), - auth_capa[i].key_len, - auth_capa[i].digest_len); - } - - /* Verify that we were able to run at least several tests */ - CU_ASSERT(cipher_ok); - CU_ASSERT(auth_ok); -} - -/** - * Check if given cipher and authentication algorithms are supported - * - * @param cipher Cipher algorithm - * @param auth Authentication algorithm - * - * @retval ODP_TEST_ACTIVE when both algorithms are supported - * @retval ODP_TEST_INACTIVE when either algorithm is not supported - */ -static int check_alg_support(odp_cipher_alg_t cipher, odp_auth_alg_t auth) -{ - odp_crypto_capability_t capability; - - if (odp_crypto_capability(&capability)) - return ODP_TEST_INACTIVE; - - if (suite_context.packet) { - if (suite_context.op_mode == ODP_CRYPTO_SYNC && - capability.sync_mode == ODP_SUPPORT_NO) - return ODP_TEST_INACTIVE; - if (suite_context.op_mode == ODP_CRYPTO_ASYNC && - capability.async_mode == ODP_SUPPORT_NO) - return ODP_TEST_INACTIVE; - } - - /* Cipher algorithms */ - switch (cipher) { - case ODP_CIPHER_ALG_NULL: - if (!capability.ciphers.bit.null) - return ODP_TEST_INACTIVE; - break; - case ODP_CIPHER_ALG_DES: - if (!capability.ciphers.bit.des) - return ODP_TEST_INACTIVE; - break; - case ODP_CIPHER_ALG_3DES_CBC: - if (!capability.ciphers.bit.trides_cbc) - return ODP_TEST_INACTIVE; - break; - case ODP_CIPHER_ALG_AES_CBC: - if (!capability.ciphers.bit.aes_cbc) - return ODP_TEST_INACTIVE; - break; - case ODP_CIPHER_ALG_AES_CTR: - if (!capability.ciphers.bit.aes_ctr) - return ODP_TEST_INACTIVE; - break; - case ODP_CIPHER_ALG_AES_GCM: - if (!capability.ciphers.bit.aes_gcm) - return ODP_TEST_INACTIVE; - break; - default: - fprintf(stderr, "Unsupported cipher algorithm\n"); - return ODP_TEST_INACTIVE; - } - - /* Authentication algorithms */ - switch (auth) { - case ODP_AUTH_ALG_NULL: - if (!capability.auths.bit.null) - return ODP_TEST_INACTIVE; - break; - case ODP_AUTH_ALG_MD5_HMAC: - if (!capability.auths.bit.md5_hmac) - return ODP_TEST_INACTIVE; - break; - case ODP_AUTH_ALG_SHA1_HMAC: - if (!capability.auths.bit.sha1_hmac) - return ODP_TEST_INACTIVE; - break; - case ODP_AUTH_ALG_SHA256_HMAC: - if (!capability.auths.bit.sha256_hmac) - return ODP_TEST_INACTIVE; - break; - case ODP_AUTH_ALG_SHA512_HMAC: - if (!capability.auths.bit.sha512_hmac) - return ODP_TEST_INACTIVE; - break; - case ODP_AUTH_ALG_AES_GCM: - if (!capability.auths.bit.aes_gcm) - return ODP_TEST_INACTIVE; - break; - case ODP_AUTH_ALG_AES_GMAC: - if (!capability.auths.bit.aes_gmac) - return ODP_TEST_INACTIVE; - break; - default: - fprintf(stderr, "Unsupported authentication algorithm\n"); - return ODP_TEST_INACTIVE; - } - - return ODP_TEST_ACTIVE; -} - -static int check_alg_null(void) -{ - return check_alg_support(ODP_CIPHER_ALG_NULL, ODP_AUTH_ALG_NULL); -} - -#define ARRAY_SIZE(a) (sizeof(a) / sizeof(a[0])) -static void crypto_test_enc_alg_null(void) -{ - check_alg(ODP_CRYPTO_OP_ENCODE, - ODP_CIPHER_ALG_NULL, - ODP_AUTH_ALG_NULL, - null_reference, - ARRAY_SIZE(null_reference), - false); -} - -static void crypto_test_dec_alg_null(void) -{ - check_alg(ODP_CRYPTO_OP_DECODE, - ODP_CIPHER_ALG_NULL, - ODP_AUTH_ALG_NULL, - null_reference, - ARRAY_SIZE(null_reference), - false); -} - -static int check_alg_3des_cbc(void) -{ - return check_alg_support(ODP_CIPHER_ALG_3DES_CBC, ODP_AUTH_ALG_NULL); -} - -/* This test verifies the correctness of encode (plaintext -> ciphertext) - * operation for 3DES_CBC algorithm. IV for the operation is the session IV. - * In addition the test verifies if the implementation can use the - * packet buffer as completion event buffer.*/ -static void crypto_test_enc_alg_3des_cbc(void) -{ - check_alg(ODP_CRYPTO_OP_ENCODE, - ODP_CIPHER_ALG_3DES_CBC, - ODP_AUTH_ALG_NULL, - tdes_cbc_reference, - ARRAY_SIZE(tdes_cbc_reference), - false); -} - -/* This test verifies the correctness of encode (plaintext -> ciphertext) - * operation for 3DES_CBC algorithm. IV for the operation is the operation IV. - * */ -static void crypto_test_enc_alg_3des_cbc_ovr_iv(void) -{ - check_alg(ODP_CRYPTO_OP_ENCODE, - ODP_CIPHER_ALG_3DES_CBC, - ODP_AUTH_ALG_NULL, - tdes_cbc_reference, - ARRAY_SIZE(tdes_cbc_reference), - true); -} - -/* This test verifies the correctness of decode (ciphertext -> plaintext) - * operation for 3DES_CBC algorithm. IV for the operation is the session IV - * In addition the test verifies if the implementation can use the - * packet buffer as completion event buffer. - * */ -static void crypto_test_dec_alg_3des_cbc(void) -{ - check_alg(ODP_CRYPTO_OP_DECODE, - ODP_CIPHER_ALG_3DES_CBC, - ODP_AUTH_ALG_NULL, - tdes_cbc_reference, - ARRAY_SIZE(tdes_cbc_reference), - false); -} - -/* This test verifies the correctness of decode (ciphertext -> plaintext) - * operation for 3DES_CBC algorithm. IV for the operation is the session IV - * In addition the test verifies if the implementation can use the - * packet buffer as completion event buffer. - * */ -static void crypto_test_dec_alg_3des_cbc_ovr_iv(void) -{ - check_alg(ODP_CRYPTO_OP_DECODE, - ODP_CIPHER_ALG_3DES_CBC, - ODP_AUTH_ALG_NULL, - tdes_cbc_reference, - ARRAY_SIZE(tdes_cbc_reference), - true); -} - -static int check_alg_aes_gcm(void) -{ - return check_alg_support(ODP_CIPHER_ALG_AES_GCM, ODP_AUTH_ALG_AES_GCM); -} - -/* This test verifies the correctness of encode (plaintext -> ciphertext) - * operation for AES128_GCM algorithm. IV for the operation is the session IV. - * In addition the test verifies if the implementation can use the - * packet buffer as completion event buffer.*/ -static void crypto_test_enc_alg_aes_gcm(void) -{ - check_alg(ODP_CRYPTO_OP_ENCODE, - ODP_CIPHER_ALG_AES_GCM, - ODP_AUTH_ALG_AES_GCM, - aes_gcm_reference, - ARRAY_SIZE(aes_gcm_reference), - false); -} - -/* This test verifies the correctness of encode (plaintext -> ciphertext) - * operation for AES128_GCM algorithm. IV for the operation is the session IV. - * In addition the test verifies if the implementation can use the - * packet buffer as completion event buffer.*/ -static void crypto_test_enc_alg_aes_gcm_ovr_iv(void) -{ - check_alg(ODP_CRYPTO_OP_ENCODE, - ODP_CIPHER_ALG_AES_GCM, - ODP_AUTH_ALG_AES_GCM, - aes_gcm_reference, - ARRAY_SIZE(aes_gcm_reference), - true); -} - -/* This test verifies the correctness of decode (ciphertext -> plaintext) - * operation for 3DES_CBC algorithm. IV for the operation is the session IV - * In addition the test verifies if the implementation can use the - * packet buffer as completion event buffer. - * */ -static void crypto_test_dec_alg_aes_gcm(void) -{ - check_alg(ODP_CRYPTO_OP_DECODE, - ODP_CIPHER_ALG_AES_GCM, - ODP_AUTH_ALG_AES_GCM, - aes_gcm_reference, - ARRAY_SIZE(aes_gcm_reference), - false); -} - -/* This test verifies the correctness of decode (ciphertext -> plaintext) - * operation for 3DES_CBC algorithm. IV for the operation is the session IV - * In addition the test verifies if the implementation can use the - * packet buffer as completion event buffer. - * */ -static void crypto_test_dec_alg_aes_gcm_ovr_iv(void) -{ - check_alg(ODP_CRYPTO_OP_DECODE, - ODP_CIPHER_ALG_AES_GCM, - ODP_AUTH_ALG_AES_GCM, - aes_gcm_reference, - ARRAY_SIZE(aes_gcm_reference), - true); -} - -static int check_alg_aes_cbc(void) -{ - return check_alg_support(ODP_CIPHER_ALG_AES_CBC, ODP_AUTH_ALG_NULL); -} - -/* This test verifies the correctness of encode (plaintext -> ciphertext) - * operation for AES128_CBC algorithm. IV for the operation is the session IV. - * In addition the test verifies if the implementation can use the - * packet buffer as completion event buffer.*/ -static void crypto_test_enc_alg_aes_cbc(void) -{ - check_alg(ODP_CRYPTO_OP_ENCODE, - ODP_CIPHER_ALG_AES_CBC, - ODP_AUTH_ALG_NULL, - aes_cbc_reference, - ARRAY_SIZE(aes_cbc_reference), - false); -} - -/* This test verifies the correctness of encode (plaintext -> ciphertext) - * operation for AES128_CBC algorithm. IV for the operation is the operation IV. - * */ -static void crypto_test_enc_alg_aes_cbc_ovr_iv(void) -{ - check_alg(ODP_CRYPTO_OP_ENCODE, - ODP_CIPHER_ALG_AES_CBC, - ODP_AUTH_ALG_NULL, - aes_cbc_reference, - ARRAY_SIZE(aes_cbc_reference), - true); -} - -/* This test verifies the correctness of decode (ciphertext -> plaintext) - * operation for AES128_CBC algorithm. IV for the operation is the session IV - * In addition the test verifies if the implementation can use the - * packet buffer as completion event buffer. - * */ -static void crypto_test_dec_alg_aes_cbc(void) -{ - check_alg(ODP_CRYPTO_OP_DECODE, - ODP_CIPHER_ALG_AES_CBC, - ODP_AUTH_ALG_NULL, - aes_cbc_reference, - ARRAY_SIZE(aes_cbc_reference), - false); -} - -/* This test verifies the correctness of decode (ciphertext -> plaintext) - * operation for AES128_CBC algorithm. IV for the operation is the session IV - * In addition the test verifies if the implementation can use the - * packet buffer as completion event buffer. - * */ -static void crypto_test_dec_alg_aes_cbc_ovr_iv(void) -{ - check_alg(ODP_CRYPTO_OP_DECODE, - ODP_CIPHER_ALG_AES_CBC, - ODP_AUTH_ALG_NULL, - aes_cbc_reference, - ARRAY_SIZE(aes_cbc_reference), - true); -} - -static int check_alg_aes_ctr(void) -{ - return check_alg_support(ODP_CIPHER_ALG_AES_CTR, ODP_AUTH_ALG_NULL); -} - -/* This test verifies the correctness of encode (plaintext -> ciphertext) - * operation for AES128_CTR algorithm. IV for the operation is the session IV. - * In addition the test verifies if the implementation can use the - * packet buffer as completion event buffer.*/ -static void crypto_test_enc_alg_aes_ctr(void) -{ - check_alg(ODP_CRYPTO_OP_ENCODE, - ODP_CIPHER_ALG_AES_CTR, - ODP_AUTH_ALG_NULL, - aes_ctr_reference, - ARRAY_SIZE(aes_ctr_reference), - false); -} - -/* This test verifies the correctness of encode (plaintext -> ciphertext) - * operation for AES128_CTR algorithm. IV for the operation is the operation IV. - * */ -static void crypto_test_enc_alg_aes_ctr_ovr_iv(void) -{ - check_alg(ODP_CRYPTO_OP_ENCODE, - ODP_CIPHER_ALG_AES_CTR, - ODP_AUTH_ALG_NULL, - aes_ctr_reference, - ARRAY_SIZE(aes_ctr_reference), - true); -} - -/* This test verifies the correctness of decode (ciphertext -> plaintext) - * operation for AES128_CTR algorithm. IV for the operation is the session IV - * In addition the test verifies if the implementation can use the - * packet buffer as completion event buffer. - * */ -static void crypto_test_dec_alg_aes_ctr(void) -{ - check_alg(ODP_CRYPTO_OP_DECODE, - ODP_CIPHER_ALG_AES_CTR, - ODP_AUTH_ALG_NULL, - aes_ctr_reference, - ARRAY_SIZE(aes_ctr_reference), - false); -} - -/* This test verifies the correctness of decode (ciphertext -> plaintext) - * operation for AES128_CTR algorithm. IV for the operation is the session IV - * In addition the test verifies if the implementation can use the - * packet buffer as completion event buffer. - * */ -static void crypto_test_dec_alg_aes_ctr_ovr_iv(void) -{ - check_alg(ODP_CRYPTO_OP_DECODE, - ODP_CIPHER_ALG_AES_CTR, - ODP_AUTH_ALG_NULL, - aes_ctr_reference, - ARRAY_SIZE(aes_ctr_reference), - true); -} - -static int check_alg_hmac_md5(void) -{ - return check_alg_support(ODP_CIPHER_ALG_NULL, ODP_AUTH_ALG_MD5_HMAC); -} - -/* This test verifies the correctness of HMAC_MD5 digest operation. - * The output check length is truncated to 12 bytes (96 bits) as - * returned by the crypto operation API call. - * Note that hash digest is a one-way operation. - * In addition the test verifies if the implementation can use the - * packet buffer as completion event buffer. - * */ -static void crypto_test_gen_alg_hmac_md5(void) -{ - check_alg(ODP_CRYPTO_OP_ENCODE, - ODP_CIPHER_ALG_NULL, - ODP_AUTH_ALG_MD5_HMAC, - hmac_md5_reference, - ARRAY_SIZE(hmac_md5_reference), - false); -} - -static void crypto_test_check_alg_hmac_md5(void) -{ - check_alg(ODP_CRYPTO_OP_DECODE, - ODP_CIPHER_ALG_NULL, - ODP_AUTH_ALG_MD5_HMAC, - hmac_md5_reference, - ARRAY_SIZE(hmac_md5_reference), - false); -} - -static int check_alg_hmac_sha1(void) -{ - return check_alg_support(ODP_CIPHER_ALG_NULL, ODP_AUTH_ALG_SHA1_HMAC); -} - -/* This test verifies the correctness of HMAC_SHA1 digest operation. - * The output check length is truncated to 12 bytes (96 bits) as - * returned by the crypto operation API call. - * Note that hash digest is a one-way operation. - * In addition the test verifies if the implementation can use the - * packet buffer as completion event buffer. - * */ -static void crypto_test_gen_alg_hmac_sha1(void) -{ - check_alg(ODP_CRYPTO_OP_ENCODE, - ODP_CIPHER_ALG_NULL, - ODP_AUTH_ALG_SHA1_HMAC, - hmac_sha1_reference, - ARRAY_SIZE(hmac_sha1_reference), - false); -} - -static void crypto_test_check_alg_hmac_sha1(void) -{ - check_alg(ODP_CRYPTO_OP_DECODE, - ODP_CIPHER_ALG_NULL, - ODP_AUTH_ALG_SHA1_HMAC, - hmac_sha1_reference, - ARRAY_SIZE(hmac_sha1_reference), - false); -} - -static int check_alg_hmac_sha256(void) -{ - return check_alg_support(ODP_CIPHER_ALG_NULL, ODP_AUTH_ALG_SHA256_HMAC); -} - -/* This test verifies the correctness of HMAC_SHA256 digest operation. - * The output check length is truncated to 16 bytes (128 bits) as - * returned by the crypto operation API call. - * Note that hash digest is a one-way operation. - * In addition the test verifies if the implementation can use the - * packet buffer as completion event buffer. - * */ -static void crypto_test_gen_alg_hmac_sha256(void) -{ - check_alg(ODP_CRYPTO_OP_ENCODE, - ODP_CIPHER_ALG_NULL, - ODP_AUTH_ALG_SHA256_HMAC, - hmac_sha256_reference, - ARRAY_SIZE(hmac_sha256_reference), - false); -} - -static void crypto_test_check_alg_hmac_sha256(void) -{ - check_alg(ODP_CRYPTO_OP_DECODE, - ODP_CIPHER_ALG_NULL, - ODP_AUTH_ALG_SHA256_HMAC, - hmac_sha256_reference, - ARRAY_SIZE(hmac_sha256_reference), - false); -} - -static int check_alg_hmac_sha512(void) -{ - return check_alg_support(ODP_CIPHER_ALG_NULL, ODP_AUTH_ALG_SHA512_HMAC); -} - -/* This test verifies the correctness of HMAC_SHA512 digest operation. - * The output check length is truncated to 32 bytes (256 bits) as - * returned by the crypto operation API call. - * Note that hash digest is a one-way operation. - * In addition the test verifies if the implementation can use the - * packet buffer as completion event buffer. - * */ -static void crypto_test_gen_alg_hmac_sha512(void) -{ - check_alg(ODP_CRYPTO_OP_ENCODE, - ODP_CIPHER_ALG_NULL, - ODP_AUTH_ALG_SHA512_HMAC, - hmac_sha512_reference, - ARRAY_SIZE(hmac_sha512_reference), - false); -} - -static void crypto_test_check_alg_hmac_sha512(void) -{ - check_alg(ODP_CRYPTO_OP_DECODE, - ODP_CIPHER_ALG_NULL, - ODP_AUTH_ALG_SHA512_HMAC, - hmac_sha512_reference, - ARRAY_SIZE(hmac_sha512_reference), - false); -} - -static int check_alg_aes_gmac(void) -{ - return check_alg_support(ODP_CIPHER_ALG_NULL, ODP_AUTH_ALG_AES_GMAC); -} - -static void crypto_test_gen_alg_aes_gmac(void) -{ - unsigned int test_vec_num = (sizeof(aes_gmac_reference) / - sizeof(aes_gmac_reference[0])); - unsigned int i; - - for (i = 0; i < test_vec_num; i++) - check_alg(ODP_CRYPTO_OP_ENCODE, - ODP_CIPHER_ALG_NULL, - ODP_AUTH_ALG_AES_GMAC, - aes_gmac_reference, - ARRAY_SIZE(aes_gmac_reference), - false); -} - -static void crypto_test_gen_alg_aes_gmac_ovr_iv(void) -{ - unsigned int test_vec_num = (sizeof(aes_gmac_reference) / - sizeof(aes_gmac_reference[0])); - unsigned int i; - - for (i = 0; i < test_vec_num; i++) - alg_test(ODP_CRYPTO_OP_ENCODE, - ODP_CIPHER_ALG_NULL, - ODP_AUTH_ALG_AES_GMAC, - &aes_gmac_reference[i], - true); -} - -static void crypto_test_check_alg_aes_gmac(void) -{ - check_alg(ODP_CRYPTO_OP_DECODE, - ODP_CIPHER_ALG_NULL, - ODP_AUTH_ALG_AES_GMAC, - aes_gmac_reference, - ARRAY_SIZE(aes_gmac_reference), - false); -} - -static void crypto_test_check_alg_aes_gmac_ovr_iv(void) -{ - unsigned int test_vec_num = (sizeof(aes_gmac_reference) / - sizeof(aes_gmac_reference[0])); - unsigned int i; - - for (i = 0; i < test_vec_num; i++) - alg_test(ODP_CRYPTO_OP_DECODE, - ODP_CIPHER_ALG_NULL, - ODP_AUTH_ALG_AES_GMAC, - &aes_gmac_reference[i], - true); -} - -int crypto_suite_sync_init(void) -{ - suite_context.pool = odp_pool_lookup("packet_pool"); - if (suite_context.pool == ODP_POOL_INVALID) - return -1; - - suite_context.queue = ODP_QUEUE_INVALID; - suite_context.pref_mode = ODP_CRYPTO_SYNC; - return 0; -} - -int crypto_suite_async_init(void) -{ - suite_context.pool = odp_pool_lookup("packet_pool"); - if (suite_context.pool == ODP_POOL_INVALID) - return -1; - suite_context.queue = odp_queue_lookup("crypto-out"); - if (suite_context.queue == ODP_QUEUE_INVALID) - return -1; - - suite_context.pref_mode = ODP_CRYPTO_ASYNC; - return 0; -} - -int crypto_suite_packet_sync_init(void) -{ - suite_context.packet = true; - suite_context.op_mode = ODP_CRYPTO_SYNC; - - suite_context.pool = odp_pool_lookup("packet_pool"); - if (suite_context.pool == ODP_POOL_INVALID) - return -1; - - suite_context.queue = ODP_QUEUE_INVALID; - return 0; -} - -int crypto_suite_packet_async_init(void) -{ - suite_context.packet = true; - suite_context.op_mode = ODP_CRYPTO_ASYNC; - - suite_context.pool = odp_pool_lookup("packet_pool"); - if (suite_context.pool == ODP_POOL_INVALID) - return -1; - - suite_context.queue = odp_queue_lookup("crypto-out"); - if (suite_context.queue == ODP_QUEUE_INVALID) - return -1; - return 0; -} - -odp_testinfo_t crypto_suite[] = { - ODP_TEST_INFO_CONDITIONAL(crypto_test_enc_alg_null, - check_alg_null), - ODP_TEST_INFO_CONDITIONAL(crypto_test_dec_alg_null, - check_alg_null), - ODP_TEST_INFO_CONDITIONAL(crypto_test_enc_alg_3des_cbc, - check_alg_3des_cbc), - ODP_TEST_INFO_CONDITIONAL(crypto_test_dec_alg_3des_cbc, - check_alg_3des_cbc), - ODP_TEST_INFO_CONDITIONAL(crypto_test_enc_alg_3des_cbc_ovr_iv, - check_alg_3des_cbc), - ODP_TEST_INFO_CONDITIONAL(crypto_test_dec_alg_3des_cbc_ovr_iv, - check_alg_3des_cbc), - ODP_TEST_INFO_CONDITIONAL(crypto_test_enc_alg_aes_cbc, - check_alg_aes_cbc), - ODP_TEST_INFO_CONDITIONAL(crypto_test_dec_alg_aes_cbc, - check_alg_aes_cbc), - ODP_TEST_INFO_CONDITIONAL(crypto_test_enc_alg_aes_cbc_ovr_iv, - check_alg_aes_cbc), - ODP_TEST_INFO_CONDITIONAL(crypto_test_dec_alg_aes_cbc_ovr_iv, - check_alg_aes_cbc), - ODP_TEST_INFO_CONDITIONAL(crypto_test_enc_alg_aes_ctr, - check_alg_aes_ctr), - ODP_TEST_INFO_CONDITIONAL(crypto_test_dec_alg_aes_ctr, - check_alg_aes_ctr), - ODP_TEST_INFO_CONDITIONAL(crypto_test_enc_alg_aes_ctr_ovr_iv, - check_alg_aes_ctr), - ODP_TEST_INFO_CONDITIONAL(crypto_test_dec_alg_aes_ctr_ovr_iv, - check_alg_aes_ctr), - ODP_TEST_INFO_CONDITIONAL(crypto_test_enc_alg_aes_gcm, - check_alg_aes_gcm), - ODP_TEST_INFO_CONDITIONAL(crypto_test_enc_alg_aes_gcm_ovr_iv, - check_alg_aes_gcm), - ODP_TEST_INFO_CONDITIONAL(crypto_test_dec_alg_aes_gcm, - check_alg_aes_gcm), - ODP_TEST_INFO_CONDITIONAL(crypto_test_dec_alg_aes_gcm_ovr_iv, - check_alg_aes_gcm), - ODP_TEST_INFO_CONDITIONAL(crypto_test_gen_alg_hmac_md5, - check_alg_hmac_md5), - ODP_TEST_INFO_CONDITIONAL(crypto_test_check_alg_hmac_md5, - check_alg_hmac_md5), - ODP_TEST_INFO_CONDITIONAL(crypto_test_gen_alg_hmac_sha1, - check_alg_hmac_sha1), - ODP_TEST_INFO_CONDITIONAL(crypto_test_check_alg_hmac_sha1, - check_alg_hmac_sha1), - ODP_TEST_INFO_CONDITIONAL(crypto_test_gen_alg_hmac_sha256, - check_alg_hmac_sha256), - ODP_TEST_INFO_CONDITIONAL(crypto_test_check_alg_hmac_sha256, - check_alg_hmac_sha256), - ODP_TEST_INFO_CONDITIONAL(crypto_test_gen_alg_hmac_sha512, - check_alg_hmac_sha512), - ODP_TEST_INFO_CONDITIONAL(crypto_test_check_alg_hmac_sha512, - check_alg_hmac_sha512), - ODP_TEST_INFO_CONDITIONAL(crypto_test_gen_alg_aes_gmac, - check_alg_aes_gmac), - ODP_TEST_INFO_CONDITIONAL(crypto_test_gen_alg_aes_gmac_ovr_iv, - check_alg_aes_gmac), - ODP_TEST_INFO_CONDITIONAL(crypto_test_check_alg_aes_gmac, - check_alg_aes_gmac), - ODP_TEST_INFO_CONDITIONAL(crypto_test_check_alg_aes_gmac_ovr_iv, - check_alg_aes_gmac), - ODP_TEST_INFO_NULL, -}; - -int crypto_suite_term(void) -{ - int i; - int first = 1; - - for (i = 0; crypto_suite[i].pName; i++) { - if (crypto_suite[i].check_active && - crypto_suite[i].check_active() == ODP_TEST_INACTIVE) { - if (first) { - first = 0; - printf("\n\n Inactive tests:\n"); - } - printf(" %s\n", crypto_suite[i].pName); - } - } - return 0; -} +/* Copyright (c) 2014-2018, Linaro Limited + * All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +#include "config.h" + +#include +#include +#include +#include "test_vectors.h" +#include "odp_crypto_test_inp.h" +#include "crypto.h" + +#define MAX_ALG_CAPA 32 + +struct suite_context_s { + odp_bool_t packet; + odp_crypto_op_mode_t op_mode; + odp_crypto_op_mode_t pref_mode; + odp_pool_t pool; + odp_queue_t queue; +}; + +static struct suite_context_s suite_context; + +static int packet_cmp_mem(odp_packet_t pkt, uint32_t offset, + void *s, uint32_t len) +{ + uint8_t buf[len]; + + odp_packet_copy_to_mem(pkt, offset, len, buf); + + return memcmp(buf, s, len); +} + +static const char *auth_alg_name(odp_auth_alg_t auth) +{ + switch (auth) { + case ODP_AUTH_ALG_NULL: + return "ODP_AUTH_ALG_NULL"; + case ODP_AUTH_ALG_MD5_HMAC: + return "ODP_AUTH_ALG_MD5_HMAC"; + case ODP_AUTH_ALG_SHA1_HMAC: + return "ODP_AUTH_ALG_SHA1_HMAC"; + case ODP_AUTH_ALG_SHA256_HMAC: + return "ODP_AUTH_ALG_SHA256_HMAC"; + case ODP_AUTH_ALG_SHA512_HMAC: + return "ODP_AUTH_ALG_SHA512_HMAC"; + case ODP_AUTH_ALG_AES_GCM: + return "ODP_AUTH_ALG_AES_GCM"; + case ODP_AUTH_ALG_AES_GMAC: + return "ODP_AUTH_ALG_AES_GMAC"; + default: + return "Unknown"; + } +} + +static const char *cipher_alg_name(odp_cipher_alg_t cipher) +{ + switch (cipher) { + case ODP_CIPHER_ALG_NULL: + return "ODP_CIPHER_ALG_NULL"; + case ODP_CIPHER_ALG_DES: + return "ODP_CIPHER_ALG_DES"; + case ODP_CIPHER_ALG_3DES_CBC: + return "ODP_CIPHER_ALG_3DES_CBC"; + case ODP_CIPHER_ALG_AES_CBC: + return "ODP_CIPHER_ALG_AES_CBC"; + case ODP_CIPHER_ALG_AES_GCM: + return "ODP_CIPHER_ALG_AES_GCM"; + default: + return "Unknown"; + } +} + +static int alg_op(odp_packet_t pkt, + odp_bool_t *ok, + odp_crypto_session_t session, + uint8_t *cipher_iv_ptr, + uint8_t *auth_iv_ptr, + odp_packet_data_range_t *cipher_range, + odp_packet_data_range_t *auth_range, + uint8_t *aad, + unsigned int plaintext_len) +{ + int rc; + odp_crypto_op_result_t result; + odp_crypto_op_param_t op_params; + odp_bool_t posted; + odp_event_subtype_t subtype; + + /* Prepare input/output params */ + memset(&op_params, 0, sizeof(op_params)); + op_params.session = session; + op_params.pkt = pkt; + op_params.out_pkt = pkt; + op_params.ctx = (void *)0xdeadbeef; + + op_params.cipher_range = *cipher_range; + op_params.auth_range = *auth_range; + if (cipher_iv_ptr) + op_params.cipher_iv_ptr = cipher_iv_ptr; + if (auth_iv_ptr) + op_params.auth_iv_ptr = auth_iv_ptr; + + op_params.aad_ptr = aad; + + op_params.hash_result_offset = plaintext_len; + + rc = odp_crypto_operation(&op_params, &posted, &result); + if (rc < 0) { + CU_FAIL("Failed odp_crypto_operation()"); + return rc; + } + + if (posted) { + odp_event_t event; + odp_crypto_compl_t compl_event; + + /* Poll completion queue for results */ + do { + event = odp_queue_deq(suite_context.queue); + } while (event == ODP_EVENT_INVALID); + + CU_ASSERT(ODP_EVENT_CRYPTO_COMPL == odp_event_type(event)); + CU_ASSERT(ODP_EVENT_NO_SUBTYPE == odp_event_subtype(event)); + CU_ASSERT(ODP_EVENT_CRYPTO_COMPL == + odp_event_types(event, &subtype)); + CU_ASSERT(ODP_EVENT_NO_SUBTYPE == subtype); + + compl_event = odp_crypto_compl_from_event(event); + CU_ASSERT(odp_crypto_compl_to_u64(compl_event) == + odp_crypto_compl_to_u64( + odp_crypto_compl_from_event(event))); + odp_crypto_compl_result(compl_event, &result); + odp_crypto_compl_free(compl_event); + } + + CU_ASSERT(result.pkt == pkt); + CU_ASSERT(result.ctx == (void *)0xdeadbeef); + CU_ASSERT(ODP_EVENT_PACKET == + odp_event_type(odp_packet_to_event(result.pkt))); + CU_ASSERT(ODP_EVENT_PACKET_BASIC == + odp_event_subtype(odp_packet_to_event(result.pkt))); + CU_ASSERT(ODP_EVENT_PACKET == + odp_event_types(odp_packet_to_event(result.pkt), &subtype)); + CU_ASSERT(ODP_EVENT_PACKET_BASIC == subtype); + + *ok = result.ok; + + return 0; +} + +static int alg_packet_op(odp_packet_t pkt, + odp_bool_t *ok, + odp_crypto_session_t session, + uint8_t *cipher_iv_ptr, + uint8_t *auth_iv_ptr, + odp_packet_data_range_t *cipher_range, + odp_packet_data_range_t *auth_range, + uint8_t *aad, + unsigned int plaintext_len) +{ + int rc; + odp_crypto_packet_result_t result; + odp_crypto_packet_op_param_t op_params; + odp_event_subtype_t subtype; + odp_packet_t out_pkt = pkt; + + /* Prepare input/output params */ + memset(&op_params, 0, sizeof(op_params)); + op_params.session = session; + + op_params.cipher_range = *cipher_range; + op_params.auth_range = *auth_range; + if (cipher_iv_ptr) + op_params.cipher_iv_ptr = cipher_iv_ptr; + if (auth_iv_ptr) + op_params.auth_iv_ptr = auth_iv_ptr; + + op_params.aad_ptr = aad; + + op_params.hash_result_offset = plaintext_len; + + rc = odp_crypto_op(&pkt, &out_pkt, &op_params, 1); + if (rc < 0) { + CU_FAIL("Failed odp_crypto_packet_op()"); + return rc; + } + + CU_ASSERT(out_pkt == pkt); + CU_ASSERT(ODP_EVENT_PACKET == + odp_event_type(odp_packet_to_event(pkt))); + CU_ASSERT(ODP_EVENT_PACKET_CRYPTO == + odp_event_subtype(odp_packet_to_event(pkt))); + CU_ASSERT(ODP_EVENT_PACKET == + odp_event_types(odp_packet_to_event(pkt), &subtype)); + CU_ASSERT(ODP_EVENT_PACKET_CRYPTO == subtype); + + rc = odp_crypto_result(&result, pkt); + if (rc < 0) { + CU_FAIL("Failed odp_crypto_packet_result()"); + return rc; + } + + if (!result.ok) + CU_ASSERT(odp_packet_has_error(pkt)); + + *ok = result.ok; + + return 0; +} + +static int alg_packet_op_enq(odp_packet_t pkt, + odp_bool_t *ok, + odp_crypto_session_t session, + uint8_t *cipher_iv_ptr, + uint8_t *auth_iv_ptr, + odp_packet_data_range_t *cipher_range, + odp_packet_data_range_t *auth_range, + uint8_t *aad, + unsigned int plaintext_len) +{ + int rc; + odp_event_t event; + odp_crypto_packet_result_t result; + odp_crypto_packet_op_param_t op_params; + odp_event_subtype_t subtype; + odp_packet_t out_pkt = pkt; + + /* Prepare input/output params */ + memset(&op_params, 0, sizeof(op_params)); + op_params.session = session; + + op_params.cipher_range = *cipher_range; + op_params.auth_range = *auth_range; + if (cipher_iv_ptr) + op_params.cipher_iv_ptr = cipher_iv_ptr; + if (auth_iv_ptr) + op_params.auth_iv_ptr = auth_iv_ptr; + + op_params.aad_ptr = aad; + + op_params.hash_result_offset = plaintext_len; + + rc = odp_crypto_op_enq(&pkt, &pkt, &op_params, 1); + if (rc < 0) { + CU_FAIL("Failed odp_crypto_op_enq()"); + return rc; + } + + /* Poll completion queue for results */ + do { + event = odp_queue_deq(suite_context.queue); + } while (event == ODP_EVENT_INVALID); + + CU_ASSERT(ODP_EVENT_PACKET == odp_event_type(event)); + CU_ASSERT(ODP_EVENT_PACKET_CRYPTO == odp_event_subtype(event)); + CU_ASSERT(ODP_EVENT_PACKET == odp_event_types(event, &subtype)); + CU_ASSERT(ODP_EVENT_PACKET_CRYPTO == subtype); + + pkt = odp_crypto_packet_from_event(event); + + CU_ASSERT(out_pkt == pkt); + CU_ASSERT(ODP_EVENT_PACKET == + odp_event_type(odp_packet_to_event(pkt))); + CU_ASSERT(ODP_EVENT_PACKET_CRYPTO == + odp_event_subtype(odp_packet_to_event(pkt))); + CU_ASSERT(ODP_EVENT_PACKET == + odp_event_types(odp_packet_to_event(pkt), &subtype)); + CU_ASSERT(ODP_EVENT_PACKET_CRYPTO == subtype); + + rc = odp_crypto_result(&result, pkt); + if (rc < 0) { + CU_FAIL("Failed odp_crypto_packet_result()"); + return rc; + } + + CU_ASSERT((!odp_packet_has_error(pkt)) == result.ok); + + *ok = result.ok; + + return 0; +} + +typedef enum crypto_test { + NORMAL_TEST = 0, /**< Plain execution */ + REPEAT_TEST, /**< Rerun without reinitializing the session */ + WRONG_DIGEST_TEST, /**< Check against wrong digest */ + MAX_TEST, /**< Final mark */ +} crypto_test; + +/* Basic algorithm run function for async inplace mode. + * Creates a session from input parameters and runs one operation + * on input_vec. Checks the output of the crypto operation against + * output_vec. Operation completion event is dequeued polling the + * session output queue. Completion context pointer is retrieved + * and checked against the one set before the operation. + * Completion event can be a separate buffer or the input packet + * buffer can be used. + * */ +static void alg_test(odp_crypto_op_t op, + odp_cipher_alg_t cipher_alg, + odp_auth_alg_t auth_alg, + crypto_test_reference_t *ref, + odp_bool_t ovr_iv) +{ + odp_crypto_session_t session; + int rc; + odp_crypto_ses_create_err_t status; + odp_bool_t ok = false; + int iteration; + odp_crypto_session_param_t ses_params; + odp_packet_data_range_t cipher_range; + odp_packet_data_range_t auth_range; + odp_crypto_key_t cipher_key = { + .data = ref->cipher_key, + .length = ref->cipher_key_length + }; + odp_crypto_key_t auth_key = { + .data = ref->auth_key, + .length = ref->auth_key_length + }; + odp_crypto_iv_t cipher_iv = { + .data = ovr_iv ? NULL : ref->cipher_iv, + .length = ref->cipher_iv_length + }; + odp_crypto_iv_t auth_iv = { + .data = ovr_iv ? NULL : ref->auth_iv, + .length = ref->auth_iv_length + }; + + /* Create a crypto session */ + odp_crypto_session_param_init(&ses_params); + ses_params.op = op; + ses_params.auth_cipher_text = false; + ses_params.op_mode = suite_context.op_mode; + ses_params.pref_mode = suite_context.pref_mode; + ses_params.cipher_alg = cipher_alg; + ses_params.auth_alg = auth_alg; + ses_params.compl_queue = suite_context.queue; + ses_params.output_pool = suite_context.pool; + ses_params.cipher_key = cipher_key; + ses_params.cipher_iv = cipher_iv; + ses_params.auth_iv = auth_iv; + ses_params.auth_key = auth_key; + ses_params.auth_digest_len = ref->digest_length; + ses_params.auth_aad_len = ref->aad_length; + + rc = odp_crypto_session_create(&ses_params, &session, &status); + CU_ASSERT_FATAL(!rc); + CU_ASSERT(status == ODP_CRYPTO_SES_CREATE_ERR_NONE); + CU_ASSERT(odp_crypto_session_to_u64(session) != + odp_crypto_session_to_u64(ODP_CRYPTO_SESSION_INVALID)); + + cipher_range.offset = 0; + cipher_range.length = ref->length; + auth_range.offset = 0; + auth_range.length = ref->length; + + /* Prepare input data */ + odp_packet_t pkt = odp_packet_alloc(suite_context.pool, + ref->length + ref->digest_length); + CU_ASSERT(pkt != ODP_PACKET_INVALID); + if (pkt == ODP_PACKET_INVALID) + goto cleanup; + + for (iteration = NORMAL_TEST; iteration < MAX_TEST; iteration++) { + /* checking against wrong digest is meaningless for NULL digest + * or when generating digest */ + if (iteration == WRONG_DIGEST_TEST && + (auth_alg == ODP_AUTH_ALG_NULL || + op == ODP_CRYPTO_OP_ENCODE)) + continue; + + if (op == ODP_CRYPTO_OP_ENCODE) { + odp_packet_copy_from_mem(pkt, 0, ref->length, + ref->plaintext); + } else { + odp_packet_copy_from_mem(pkt, 0, ref->length, + ref->ciphertext); + odp_packet_copy_from_mem(pkt, ref->length, + ref->digest_length, + ref->digest); + if (iteration == WRONG_DIGEST_TEST) { + uint8_t byte = ~ref->digest[0]; + + odp_packet_copy_from_mem(pkt, ref->length, + 1, &byte); + } + } + + if (!suite_context.packet) + rc = alg_op(pkt, &ok, session, + ovr_iv ? ref->cipher_iv : NULL, + ovr_iv ? ref->auth_iv : NULL, + &cipher_range, &auth_range, + ref->aad, ref->length); + else if (ODP_CRYPTO_ASYNC == suite_context.op_mode) + rc = alg_packet_op_enq(pkt, &ok, session, + ovr_iv ? ref->cipher_iv : NULL, + ovr_iv ? ref->auth_iv : NULL, + &cipher_range, &auth_range, + ref->aad, ref->length); + else + rc = alg_packet_op(pkt, &ok, session, + ovr_iv ? ref->cipher_iv : NULL, + ovr_iv ? ref->auth_iv : NULL, + &cipher_range, &auth_range, + ref->aad, ref->length); + if (rc < 0) + break; + + if (iteration == WRONG_DIGEST_TEST) { + CU_ASSERT(!ok); + continue; + } + + CU_ASSERT(ok); + + if (op == ODP_CRYPTO_OP_ENCODE) { + CU_ASSERT(!packet_cmp_mem(pkt, 0, + ref->ciphertext, + ref->length)); + CU_ASSERT(!packet_cmp_mem(pkt, ref->length, + ref->digest, + ref->digest_length)); + } else { + CU_ASSERT(!packet_cmp_mem(pkt, 0, + ref->plaintext, + ref->length)); + } + } + + odp_packet_free(pkt); + +cleanup: + rc = odp_crypto_session_destroy(session); + CU_ASSERT(!rc); +} + +static void check_alg(odp_crypto_op_t op, + odp_cipher_alg_t cipher_alg, + odp_auth_alg_t auth_alg, + crypto_test_reference_t *ref, + size_t count, + odp_bool_t ovr_iv) +{ + odp_crypto_capability_t capa; + odp_crypto_cipher_capability_t cipher_capa[MAX_ALG_CAPA]; + odp_crypto_auth_capability_t auth_capa[MAX_ALG_CAPA]; + int rc, cipher_num, auth_num, i; + odp_bool_t cipher_tested[MAX_ALG_CAPA]; + odp_bool_t auth_tested[MAX_ALG_CAPA]; + odp_bool_t cipher_ok = false; + odp_bool_t auth_ok = false; + size_t idx; + + rc = odp_crypto_capability(&capa); + CU_ASSERT(!rc); + + if (cipher_alg == ODP_CIPHER_ALG_3DES_CBC && + !(capa.ciphers.bit.trides_cbc)) + rc = -1; + if (cipher_alg == ODP_CIPHER_ALG_AES_CBC && + !(capa.ciphers.bit.aes_cbc)) + rc = -1; + if (cipher_alg == ODP_CIPHER_ALG_AES_CTR && + !(capa.ciphers.bit.aes_ctr)) + rc = -1; + if (cipher_alg == ODP_CIPHER_ALG_AES_GCM && + !(capa.ciphers.bit.aes_gcm)) + rc = -1; + if (cipher_alg == ODP_CIPHER_ALG_DES && + !(capa.ciphers.bit.des)) + rc = -1; + if (cipher_alg == ODP_CIPHER_ALG_NULL && + !(capa.ciphers.bit.null)) + rc = -1; + + CU_ASSERT(!rc); + CU_ASSERT((~capa.ciphers.all_bits & capa.hw_ciphers.all_bits) == 0); + + if (auth_alg == ODP_AUTH_ALG_AES_GCM && + !(capa.auths.bit.aes_gcm)) + rc = -1; + if (auth_alg == ODP_AUTH_ALG_AES_GMAC && + !(capa.auths.bit.aes_gmac)) + rc = -1; + if (auth_alg == ODP_AUTH_ALG_MD5_HMAC && + !(capa.auths.bit.md5_hmac)) + rc = -1; + if (auth_alg == ODP_AUTH_ALG_NULL && + !(capa.auths.bit.null)) + rc = -1; + if (auth_alg == ODP_AUTH_ALG_SHA1_HMAC && + !(capa.auths.bit.sha1_hmac)) + rc = -1; + if (auth_alg == ODP_AUTH_ALG_SHA256_HMAC && + !(capa.auths.bit.sha256_hmac)) + rc = -1; + if (auth_alg == ODP_AUTH_ALG_SHA512_HMAC && + !(capa.auths.bit.sha512_hmac)) + rc = -1; + + CU_ASSERT(!rc); + CU_ASSERT((~capa.auths.all_bits & capa.hw_auths.all_bits) == 0); + + cipher_num = odp_crypto_cipher_capability(cipher_alg, cipher_capa, + MAX_ALG_CAPA); + + CU_ASSERT(cipher_num > 0); + CU_ASSERT(cipher_num <= MAX_ALG_CAPA); + if (cipher_num > MAX_ALG_CAPA) + cipher_num = MAX_ALG_CAPA; + + auth_num = odp_crypto_auth_capability(auth_alg, auth_capa, + MAX_ALG_CAPA); + + CU_ASSERT(auth_num > 0); + CU_ASSERT(auth_num <= MAX_ALG_CAPA); + if (auth_num > MAX_ALG_CAPA) + auth_num = MAX_ALG_CAPA; + + memset(cipher_tested, 0, sizeof(cipher_tested)); + memset(auth_tested, 0, sizeof(auth_tested)); + + for (idx = 0; idx < count; idx++) { + int cipher_idx = -1, auth_idx = -1; + + for (i = 0; i < cipher_num; i++) { + if (cipher_capa[i].key_len == + ref[idx].cipher_key_length && + cipher_capa[i].iv_len == + ref[idx].cipher_iv_length) { + cipher_idx = i; + break; + } + } + + if (cipher_idx < 0) { + printf("\n Unsupported: alg=%s, key_len=%" PRIu32 + ", iv_len=%" PRIu32 "\n", + cipher_alg_name(cipher_alg), + ref[idx].cipher_key_length, + ref[idx].cipher_iv_length); + continue; + } + + for (i = 0; i < auth_num; i++) { + if (auth_capa[i].digest_len == + ref[idx].digest_length && + auth_capa[i].iv_len == + ref[idx].auth_iv_length && + auth_capa[i].key_len == + ref[idx].auth_key_length) { + auth_idx = i; + break; + } + } + + if (auth_idx < 0) { + printf("\n Unsupported: alg=%s, key_len=%" PRIu32 + ", iv_len=%" PRIu32 ", digest_len=%" PRIu32 "\n", + auth_alg_name(auth_alg), + ref[idx].auth_key_length, + ref[idx].auth_iv_length, + ref[idx].digest_length); + continue; + } + + alg_test(op, cipher_alg, auth_alg, &ref[idx], ovr_iv); + + cipher_tested[cipher_idx] = true; + auth_tested[auth_idx] = true; + } + + for (i = 0; i < cipher_num; i++) { + cipher_ok |= cipher_tested[i]; + if (!cipher_tested[i]) { + /* GMAC-related hacks */ + if (cipher_alg == ODP_CIPHER_ALG_NULL) + continue; + printf("\n Untested: alg=%s, key_len=%" PRIu32 ", " + "iv_len=%" PRIu32 "\n", + cipher_alg_name(cipher_alg), + cipher_capa[i].key_len, + cipher_capa[i].iv_len); + } + } + + for (i = 0; i < auth_num; i++) { + auth_ok |= auth_tested[i]; + if (!auth_tested[i]) + printf("\n Untested: alg=%s, key_len=%" PRIu32 ", " + "digest_len=%" PRIu32 "\n", + auth_alg_name(auth_alg), + auth_capa[i].key_len, + auth_capa[i].digest_len); + } + + /* Verify that we were able to run at least several tests */ + CU_ASSERT(cipher_ok); + CU_ASSERT(auth_ok); +} + +/** + * Check if given cipher and authentication algorithms are supported + * + * @param cipher Cipher algorithm + * @param auth Authentication algorithm + * + * @retval ODP_TEST_ACTIVE when both algorithms are supported + * @retval ODP_TEST_INACTIVE when either algorithm is not supported + */ +static int check_alg_support(odp_cipher_alg_t cipher, odp_auth_alg_t auth) +{ + odp_crypto_capability_t capability; + + if (odp_crypto_capability(&capability)) + return ODP_TEST_INACTIVE; + + if (suite_context.packet) { + if (suite_context.op_mode == ODP_CRYPTO_SYNC && + capability.sync_mode == ODP_SUPPORT_NO) + return ODP_TEST_INACTIVE; + if (suite_context.op_mode == ODP_CRYPTO_ASYNC && + capability.async_mode == ODP_SUPPORT_NO) + return ODP_TEST_INACTIVE; + } + + /* Cipher algorithms */ + switch (cipher) { + case ODP_CIPHER_ALG_NULL: + if (!capability.ciphers.bit.null) + return ODP_TEST_INACTIVE; + break; + case ODP_CIPHER_ALG_DES: + if (!capability.ciphers.bit.des) + return ODP_TEST_INACTIVE; + break; + case ODP_CIPHER_ALG_3DES_CBC: + if (!capability.ciphers.bit.trides_cbc) + return ODP_TEST_INACTIVE; + break; + case ODP_CIPHER_ALG_AES_CBC: + if (!capability.ciphers.bit.aes_cbc) + return ODP_TEST_INACTIVE; + break; + case ODP_CIPHER_ALG_AES_CTR: + if (!capability.ciphers.bit.aes_ctr) + return ODP_TEST_INACTIVE; + break; + case ODP_CIPHER_ALG_AES_GCM: + if (!capability.ciphers.bit.aes_gcm) + return ODP_TEST_INACTIVE; + break; + default: + fprintf(stderr, "Unsupported cipher algorithm\n"); + return ODP_TEST_INACTIVE; + } + + /* Authentication algorithms */ + switch (auth) { + case ODP_AUTH_ALG_NULL: + if (!capability.auths.bit.null) + return ODP_TEST_INACTIVE; + break; + case ODP_AUTH_ALG_MD5_HMAC: + if (!capability.auths.bit.md5_hmac) + return ODP_TEST_INACTIVE; + break; + case ODP_AUTH_ALG_SHA1_HMAC: + if (!capability.auths.bit.sha1_hmac) + return ODP_TEST_INACTIVE; + break; + case ODP_AUTH_ALG_SHA256_HMAC: + if (!capability.auths.bit.sha256_hmac) + return ODP_TEST_INACTIVE; + break; + case ODP_AUTH_ALG_SHA512_HMAC: + if (!capability.auths.bit.sha512_hmac) + return ODP_TEST_INACTIVE; + break; + case ODP_AUTH_ALG_AES_GCM: + if (!capability.auths.bit.aes_gcm) + return ODP_TEST_INACTIVE; + break; + case ODP_AUTH_ALG_AES_GMAC: + if (!capability.auths.bit.aes_gmac) + return ODP_TEST_INACTIVE; + break; + default: + fprintf(stderr, "Unsupported authentication algorithm\n"); + return ODP_TEST_INACTIVE; + } + + return ODP_TEST_ACTIVE; +} + +static int check_alg_null(void) +{ + return check_alg_support(ODP_CIPHER_ALG_NULL, ODP_AUTH_ALG_NULL); +} + +#define ARRAY_SIZE(a) (sizeof(a) / sizeof(a[0])) +static void crypto_test_enc_alg_null(void) +{ + check_alg(ODP_CRYPTO_OP_ENCODE, + ODP_CIPHER_ALG_NULL, + ODP_AUTH_ALG_NULL, + null_reference, + ARRAY_SIZE(null_reference), + false); +} + +static void crypto_test_dec_alg_null(void) +{ + check_alg(ODP_CRYPTO_OP_DECODE, + ODP_CIPHER_ALG_NULL, + ODP_AUTH_ALG_NULL, + null_reference, + ARRAY_SIZE(null_reference), + false); +} + +static int check_alg_3des_cbc(void) +{ + return check_alg_support(ODP_CIPHER_ALG_3DES_CBC, ODP_AUTH_ALG_NULL); +} + +/* This test verifies the correctness of encode (plaintext -> ciphertext) + * operation for 3DES_CBC algorithm. IV for the operation is the session IV. + * In addition the test verifies if the implementation can use the + * packet buffer as completion event buffer.*/ +static void crypto_test_enc_alg_3des_cbc(void) +{ + check_alg(ODP_CRYPTO_OP_ENCODE, + ODP_CIPHER_ALG_3DES_CBC, + ODP_AUTH_ALG_NULL, + tdes_cbc_reference, + ARRAY_SIZE(tdes_cbc_reference), + false); +} + +/* This test verifies the correctness of encode (plaintext -> ciphertext) + * operation for 3DES_CBC algorithm. IV for the operation is the operation IV. + * */ +static void crypto_test_enc_alg_3des_cbc_ovr_iv(void) +{ + check_alg(ODP_CRYPTO_OP_ENCODE, + ODP_CIPHER_ALG_3DES_CBC, + ODP_AUTH_ALG_NULL, + tdes_cbc_reference, + ARRAY_SIZE(tdes_cbc_reference), + true); +} + +/* This test verifies the correctness of decode (ciphertext -> plaintext) + * operation for 3DES_CBC algorithm. IV for the operation is the session IV + * In addition the test verifies if the implementation can use the + * packet buffer as completion event buffer. + * */ +static void crypto_test_dec_alg_3des_cbc(void) +{ + check_alg(ODP_CRYPTO_OP_DECODE, + ODP_CIPHER_ALG_3DES_CBC, + ODP_AUTH_ALG_NULL, + tdes_cbc_reference, + ARRAY_SIZE(tdes_cbc_reference), + false); +} + +/* This test verifies the correctness of decode (ciphertext -> plaintext) + * operation for 3DES_CBC algorithm. IV for the operation is the session IV + * In addition the test verifies if the implementation can use the + * packet buffer as completion event buffer. + * */ +static void crypto_test_dec_alg_3des_cbc_ovr_iv(void) +{ + check_alg(ODP_CRYPTO_OP_DECODE, + ODP_CIPHER_ALG_3DES_CBC, + ODP_AUTH_ALG_NULL, + tdes_cbc_reference, + ARRAY_SIZE(tdes_cbc_reference), + true); +} + +static int check_alg_aes_gcm(void) +{ + return check_alg_support(ODP_CIPHER_ALG_AES_GCM, ODP_AUTH_ALG_AES_GCM); +} + +/* This test verifies the correctness of encode (plaintext -> ciphertext) + * operation for AES128_GCM algorithm. IV for the operation is the session IV. + * In addition the test verifies if the implementation can use the + * packet buffer as completion event buffer.*/ +static void crypto_test_enc_alg_aes_gcm(void) +{ + check_alg(ODP_CRYPTO_OP_ENCODE, + ODP_CIPHER_ALG_AES_GCM, + ODP_AUTH_ALG_AES_GCM, + aes_gcm_reference, + ARRAY_SIZE(aes_gcm_reference), + false); +} + +/* This test verifies the correctness of encode (plaintext -> ciphertext) + * operation for AES128_GCM algorithm. IV for the operation is the session IV. + * In addition the test verifies if the implementation can use the + * packet buffer as completion event buffer.*/ +static void crypto_test_enc_alg_aes_gcm_ovr_iv(void) +{ + check_alg(ODP_CRYPTO_OP_ENCODE, + ODP_CIPHER_ALG_AES_GCM, + ODP_AUTH_ALG_AES_GCM, + aes_gcm_reference, + ARRAY_SIZE(aes_gcm_reference), + true); +} + +/* This test verifies the correctness of decode (ciphertext -> plaintext) + * operation for 3DES_CBC algorithm. IV for the operation is the session IV + * In addition the test verifies if the implementation can use the + * packet buffer as completion event buffer. + * */ +static void crypto_test_dec_alg_aes_gcm(void) +{ + check_alg(ODP_CRYPTO_OP_DECODE, + ODP_CIPHER_ALG_AES_GCM, + ODP_AUTH_ALG_AES_GCM, + aes_gcm_reference, + ARRAY_SIZE(aes_gcm_reference), + false); +} + +/* This test verifies the correctness of decode (ciphertext -> plaintext) + * operation for 3DES_CBC algorithm. IV for the operation is the session IV + * In addition the test verifies if the implementation can use the + * packet buffer as completion event buffer. + * */ +static void crypto_test_dec_alg_aes_gcm_ovr_iv(void) +{ + check_alg(ODP_CRYPTO_OP_DECODE, + ODP_CIPHER_ALG_AES_GCM, + ODP_AUTH_ALG_AES_GCM, + aes_gcm_reference, + ARRAY_SIZE(aes_gcm_reference), + true); +} + +static int check_alg_aes_cbc(void) +{ + return check_alg_support(ODP_CIPHER_ALG_AES_CBC, ODP_AUTH_ALG_NULL); +} + +/* This test verifies the correctness of encode (plaintext -> ciphertext) + * operation for AES128_CBC algorithm. IV for the operation is the session IV. + * In addition the test verifies if the implementation can use the + * packet buffer as completion event buffer.*/ +static void crypto_test_enc_alg_aes_cbc(void) +{ + check_alg(ODP_CRYPTO_OP_ENCODE, + ODP_CIPHER_ALG_AES_CBC, + ODP_AUTH_ALG_NULL, + aes_cbc_reference, + ARRAY_SIZE(aes_cbc_reference), + false); +} + +/* This test verifies the correctness of encode (plaintext -> ciphertext) + * operation for AES128_CBC algorithm. IV for the operation is the operation IV. + * */ +static void crypto_test_enc_alg_aes_cbc_ovr_iv(void) +{ + check_alg(ODP_CRYPTO_OP_ENCODE, + ODP_CIPHER_ALG_AES_CBC, + ODP_AUTH_ALG_NULL, + aes_cbc_reference, + ARRAY_SIZE(aes_cbc_reference), + true); +} + +/* This test verifies the correctness of decode (ciphertext -> plaintext) + * operation for AES128_CBC algorithm. IV for the operation is the session IV + * In addition the test verifies if the implementation can use the + * packet buffer as completion event buffer. + * */ +static void crypto_test_dec_alg_aes_cbc(void) +{ + check_alg(ODP_CRYPTO_OP_DECODE, + ODP_CIPHER_ALG_AES_CBC, + ODP_AUTH_ALG_NULL, + aes_cbc_reference, + ARRAY_SIZE(aes_cbc_reference), + false); +} + +/* This test verifies the correctness of decode (ciphertext -> plaintext) + * operation for AES128_CBC algorithm. IV for the operation is the session IV + * In addition the test verifies if the implementation can use the + * packet buffer as completion event buffer. + * */ +static void crypto_test_dec_alg_aes_cbc_ovr_iv(void) +{ + check_alg(ODP_CRYPTO_OP_DECODE, + ODP_CIPHER_ALG_AES_CBC, + ODP_AUTH_ALG_NULL, + aes_cbc_reference, + ARRAY_SIZE(aes_cbc_reference), + true); +} + +static int check_alg_aes_ctr(void) +{ + return check_alg_support(ODP_CIPHER_ALG_AES_CTR, ODP_AUTH_ALG_NULL); +} + +/* This test verifies the correctness of encode (plaintext -> ciphertext) + * operation for AES128_CTR algorithm. IV for the operation is the session IV. + * In addition the test verifies if the implementation can use the + * packet buffer as completion event buffer.*/ +static void crypto_test_enc_alg_aes_ctr(void) +{ + check_alg(ODP_CRYPTO_OP_ENCODE, + ODP_CIPHER_ALG_AES_CTR, + ODP_AUTH_ALG_NULL, + aes_ctr_reference, + ARRAY_SIZE(aes_ctr_reference), + false); +} + +/* This test verifies the correctness of encode (plaintext -> ciphertext) + * operation for AES128_CTR algorithm. IV for the operation is the operation IV. + * */ +static void crypto_test_enc_alg_aes_ctr_ovr_iv(void) +{ + check_alg(ODP_CRYPTO_OP_ENCODE, + ODP_CIPHER_ALG_AES_CTR, + ODP_AUTH_ALG_NULL, + aes_ctr_reference, + ARRAY_SIZE(aes_ctr_reference), + true); +} + +/* This test verifies the correctness of decode (ciphertext -> plaintext) + * operation for AES128_CTR algorithm. IV for the operation is the session IV + * In addition the test verifies if the implementation can use the + * packet buffer as completion event buffer. + * */ +static void crypto_test_dec_alg_aes_ctr(void) +{ + check_alg(ODP_CRYPTO_OP_DECODE, + ODP_CIPHER_ALG_AES_CTR, + ODP_AUTH_ALG_NULL, + aes_ctr_reference, + ARRAY_SIZE(aes_ctr_reference), + false); +} + +/* This test verifies the correctness of decode (ciphertext -> plaintext) + * operation for AES128_CTR algorithm. IV for the operation is the session IV + * In addition the test verifies if the implementation can use the + * packet buffer as completion event buffer. + * */ +static void crypto_test_dec_alg_aes_ctr_ovr_iv(void) +{ + check_alg(ODP_CRYPTO_OP_DECODE, + ODP_CIPHER_ALG_AES_CTR, + ODP_AUTH_ALG_NULL, + aes_ctr_reference, + ARRAY_SIZE(aes_ctr_reference), + true); +} + +static int check_alg_hmac_md5(void) +{ + return check_alg_support(ODP_CIPHER_ALG_NULL, ODP_AUTH_ALG_MD5_HMAC); +} + +/* This test verifies the correctness of HMAC_MD5 digest operation. + * The output check length is truncated to 12 bytes (96 bits) as + * returned by the crypto operation API call. + * Note that hash digest is a one-way operation. + * In addition the test verifies if the implementation can use the + * packet buffer as completion event buffer. + * */ +static void crypto_test_gen_alg_hmac_md5(void) +{ + check_alg(ODP_CRYPTO_OP_ENCODE, + ODP_CIPHER_ALG_NULL, + ODP_AUTH_ALG_MD5_HMAC, + hmac_md5_reference, + ARRAY_SIZE(hmac_md5_reference), + false); +} + +static void crypto_test_check_alg_hmac_md5(void) +{ + check_alg(ODP_CRYPTO_OP_DECODE, + ODP_CIPHER_ALG_NULL, + ODP_AUTH_ALG_MD5_HMAC, + hmac_md5_reference, + ARRAY_SIZE(hmac_md5_reference), + false); +} + +static int check_alg_hmac_sha1(void) +{ + return check_alg_support(ODP_CIPHER_ALG_NULL, ODP_AUTH_ALG_SHA1_HMAC); +} + +/* This test verifies the correctness of HMAC_SHA1 digest operation. + * The output check length is truncated to 12 bytes (96 bits) as + * returned by the crypto operation API call. + * Note that hash digest is a one-way operation. + * In addition the test verifies if the implementation can use the + * packet buffer as completion event buffer. + * */ +static void crypto_test_gen_alg_hmac_sha1(void) +{ + check_alg(ODP_CRYPTO_OP_ENCODE, + ODP_CIPHER_ALG_NULL, + ODP_AUTH_ALG_SHA1_HMAC, + hmac_sha1_reference, + ARRAY_SIZE(hmac_sha1_reference), + false); +} + +static void crypto_test_check_alg_hmac_sha1(void) +{ + check_alg(ODP_CRYPTO_OP_DECODE, + ODP_CIPHER_ALG_NULL, + ODP_AUTH_ALG_SHA1_HMAC, + hmac_sha1_reference, + ARRAY_SIZE(hmac_sha1_reference), + false); +} + +static int check_alg_hmac_sha256(void) +{ + return check_alg_support(ODP_CIPHER_ALG_NULL, ODP_AUTH_ALG_SHA256_HMAC); +} + +/* This test verifies the correctness of HMAC_SHA256 digest operation. + * The output check length is truncated to 16 bytes (128 bits) as + * returned by the crypto operation API call. + * Note that hash digest is a one-way operation. + * In addition the test verifies if the implementation can use the + * packet buffer as completion event buffer. + * */ +static void crypto_test_gen_alg_hmac_sha256(void) +{ + check_alg(ODP_CRYPTO_OP_ENCODE, + ODP_CIPHER_ALG_NULL, + ODP_AUTH_ALG_SHA256_HMAC, + hmac_sha256_reference, + ARRAY_SIZE(hmac_sha256_reference), + false); +} + +static void crypto_test_check_alg_hmac_sha256(void) +{ + check_alg(ODP_CRYPTO_OP_DECODE, + ODP_CIPHER_ALG_NULL, + ODP_AUTH_ALG_SHA256_HMAC, + hmac_sha256_reference, + ARRAY_SIZE(hmac_sha256_reference), + false); +} + +static int check_alg_hmac_sha512(void) +{ + return check_alg_support(ODP_CIPHER_ALG_NULL, ODP_AUTH_ALG_SHA512_HMAC); +} + +/* This test verifies the correctness of HMAC_SHA512 digest operation. + * The output check length is truncated to 32 bytes (256 bits) as + * returned by the crypto operation API call. + * Note that hash digest is a one-way operation. + * In addition the test verifies if the implementation can use the + * packet buffer as completion event buffer. + * */ +static void crypto_test_gen_alg_hmac_sha512(void) +{ + check_alg(ODP_CRYPTO_OP_ENCODE, + ODP_CIPHER_ALG_NULL, + ODP_AUTH_ALG_SHA512_HMAC, + hmac_sha512_reference, + ARRAY_SIZE(hmac_sha512_reference), + false); +} + +static void crypto_test_check_alg_hmac_sha512(void) +{ + check_alg(ODP_CRYPTO_OP_DECODE, + ODP_CIPHER_ALG_NULL, + ODP_AUTH_ALG_SHA512_HMAC, + hmac_sha512_reference, + ARRAY_SIZE(hmac_sha512_reference), + false); +} + +static int check_alg_aes_gmac(void) +{ + return check_alg_support(ODP_CIPHER_ALG_NULL, ODP_AUTH_ALG_AES_GMAC); +} + +static void crypto_test_gen_alg_aes_gmac(void) +{ + unsigned int test_vec_num = (sizeof(aes_gmac_reference) / + sizeof(aes_gmac_reference[0])); + unsigned int i; + + for (i = 0; i < test_vec_num; i++) + check_alg(ODP_CRYPTO_OP_ENCODE, + ODP_CIPHER_ALG_NULL, + ODP_AUTH_ALG_AES_GMAC, + aes_gmac_reference, + ARRAY_SIZE(aes_gmac_reference), + false); +} + +static void crypto_test_gen_alg_aes_gmac_ovr_iv(void) +{ + unsigned int test_vec_num = (sizeof(aes_gmac_reference) / + sizeof(aes_gmac_reference[0])); + unsigned int i; + + for (i = 0; i < test_vec_num; i++) + alg_test(ODP_CRYPTO_OP_ENCODE, + ODP_CIPHER_ALG_NULL, + ODP_AUTH_ALG_AES_GMAC, + &aes_gmac_reference[i], + true); +} + +static void crypto_test_check_alg_aes_gmac(void) +{ + check_alg(ODP_CRYPTO_OP_DECODE, + ODP_CIPHER_ALG_NULL, + ODP_AUTH_ALG_AES_GMAC, + aes_gmac_reference, + ARRAY_SIZE(aes_gmac_reference), + false); +} + +static void crypto_test_check_alg_aes_gmac_ovr_iv(void) +{ + unsigned int test_vec_num = (sizeof(aes_gmac_reference) / + sizeof(aes_gmac_reference[0])); + unsigned int i; + + for (i = 0; i < test_vec_num; i++) + alg_test(ODP_CRYPTO_OP_DECODE, + ODP_CIPHER_ALG_NULL, + ODP_AUTH_ALG_AES_GMAC, + &aes_gmac_reference[i], + true); +} + +int crypto_suite_sync_init(void) +{ + suite_context.pool = odp_pool_lookup("packet_pool"); + if (suite_context.pool == ODP_POOL_INVALID) + return -1; + + suite_context.queue = ODP_QUEUE_INVALID; + suite_context.pref_mode = ODP_CRYPTO_SYNC; + return 0; +} + +int crypto_suite_async_init(void) +{ + suite_context.pool = odp_pool_lookup("packet_pool"); + if (suite_context.pool == ODP_POOL_INVALID) + return -1; + suite_context.queue = odp_queue_lookup("crypto-out"); + if (suite_context.queue == ODP_QUEUE_INVALID) + return -1; + + suite_context.pref_mode = ODP_CRYPTO_ASYNC; + return 0; +} + +int crypto_suite_packet_sync_init(void) +{ + suite_context.packet = true; + suite_context.op_mode = ODP_CRYPTO_SYNC; + + suite_context.pool = odp_pool_lookup("packet_pool"); + if (suite_context.pool == ODP_POOL_INVALID) + return -1; + + suite_context.queue = ODP_QUEUE_INVALID; + return 0; +} + +int crypto_suite_packet_async_init(void) +{ + suite_context.packet = true; + suite_context.op_mode = ODP_CRYPTO_ASYNC; + + suite_context.pool = odp_pool_lookup("packet_pool"); + if (suite_context.pool == ODP_POOL_INVALID) + return -1; + + suite_context.queue = odp_queue_lookup("crypto-out"); + if (suite_context.queue == ODP_QUEUE_INVALID) + return -1; + return 0; +} + +odp_testinfo_t crypto_suite[] = { + ODP_TEST_INFO_CONDITIONAL(crypto_test_enc_alg_null, + check_alg_null), + ODP_TEST_INFO_CONDITIONAL(crypto_test_dec_alg_null, + check_alg_null), + ODP_TEST_INFO_CONDITIONAL(crypto_test_enc_alg_3des_cbc, + check_alg_3des_cbc), + ODP_TEST_INFO_CONDITIONAL(crypto_test_dec_alg_3des_cbc, + check_alg_3des_cbc), + ODP_TEST_INFO_CONDITIONAL(crypto_test_enc_alg_3des_cbc_ovr_iv, + check_alg_3des_cbc), + ODP_TEST_INFO_CONDITIONAL(crypto_test_dec_alg_3des_cbc_ovr_iv, + check_alg_3des_cbc), + ODP_TEST_INFO_CONDITIONAL(crypto_test_enc_alg_aes_cbc, + check_alg_aes_cbc), + ODP_TEST_INFO_CONDITIONAL(crypto_test_dec_alg_aes_cbc, + check_alg_aes_cbc), + ODP_TEST_INFO_CONDITIONAL(crypto_test_enc_alg_aes_cbc_ovr_iv, + check_alg_aes_cbc), + ODP_TEST_INFO_CONDITIONAL(crypto_test_dec_alg_aes_cbc_ovr_iv, + check_alg_aes_cbc), + ODP_TEST_INFO_CONDITIONAL(crypto_test_enc_alg_aes_ctr, + check_alg_aes_ctr), + ODP_TEST_INFO_CONDITIONAL(crypto_test_dec_alg_aes_ctr, + check_alg_aes_ctr), + ODP_TEST_INFO_CONDITIONAL(crypto_test_enc_alg_aes_ctr_ovr_iv, + check_alg_aes_ctr), + ODP_TEST_INFO_CONDITIONAL(crypto_test_dec_alg_aes_ctr_ovr_iv, + check_alg_aes_ctr), + ODP_TEST_INFO_CONDITIONAL(crypto_test_enc_alg_aes_gcm, + check_alg_aes_gcm), + ODP_TEST_INFO_CONDITIONAL(crypto_test_enc_alg_aes_gcm_ovr_iv, + check_alg_aes_gcm), + ODP_TEST_INFO_CONDITIONAL(crypto_test_dec_alg_aes_gcm, + check_alg_aes_gcm), + ODP_TEST_INFO_CONDITIONAL(crypto_test_dec_alg_aes_gcm_ovr_iv, + check_alg_aes_gcm), + ODP_TEST_INFO_CONDITIONAL(crypto_test_gen_alg_hmac_md5, + check_alg_hmac_md5), + ODP_TEST_INFO_CONDITIONAL(crypto_test_check_alg_hmac_md5, + check_alg_hmac_md5), + ODP_TEST_INFO_CONDITIONAL(crypto_test_gen_alg_hmac_sha1, + check_alg_hmac_sha1), + ODP_TEST_INFO_CONDITIONAL(crypto_test_check_alg_hmac_sha1, + check_alg_hmac_sha1), + ODP_TEST_INFO_CONDITIONAL(crypto_test_gen_alg_hmac_sha256, + check_alg_hmac_sha256), + ODP_TEST_INFO_CONDITIONAL(crypto_test_check_alg_hmac_sha256, + check_alg_hmac_sha256), + ODP_TEST_INFO_CONDITIONAL(crypto_test_gen_alg_hmac_sha512, + check_alg_hmac_sha512), + ODP_TEST_INFO_CONDITIONAL(crypto_test_check_alg_hmac_sha512, + check_alg_hmac_sha512), + ODP_TEST_INFO_CONDITIONAL(crypto_test_gen_alg_aes_gmac, + check_alg_aes_gmac), + ODP_TEST_INFO_CONDITIONAL(crypto_test_gen_alg_aes_gmac_ovr_iv, + check_alg_aes_gmac), + ODP_TEST_INFO_CONDITIONAL(crypto_test_check_alg_aes_gmac, + check_alg_aes_gmac), + ODP_TEST_INFO_CONDITIONAL(crypto_test_check_alg_aes_gmac_ovr_iv, + check_alg_aes_gmac), + ODP_TEST_INFO_NULL, +}; + +int crypto_suite_term(void) +{ + int i; + int first = 1; + + for (i = 0; crypto_suite[i].pName; i++) { + if (crypto_suite[i].check_active && + crypto_suite[i].check_active() == ODP_TEST_INACTIVE) { + if (first) { + first = 0; + printf("\n\n Inactive tests:\n"); + } + printf(" %s\n", crypto_suite[i].pName); + } + } + return 0; +} From patchwork Wed Jan 24 19:00:07 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Github ODP bot X-Patchwork-Id: 125709 Delivered-To: patch@linaro.org Received: by 10.46.66.141 with SMTP id h13csp606964ljf; Wed, 24 Jan 2018 11:06:10 -0800 (PST) X-Google-Smtp-Source: AH8x224v+ngd6QbU+Wl21JzlqKpXtqsQxAQFoHr0EZwHe3QdEfjEeLfxXRiq8eCmTP4hnVcV0EkY X-Received: by 10.13.217.80 with SMTP id b77mr6479091ywe.123.1516820769870; Wed, 24 Jan 2018 11:06:09 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1516820769; cv=none; d=google.com; s=arc-20160816; b=RaXYbdTchSBNiGEcEV1W0VkIL3teunf5nzA4W8rrHBW8MITfDvpeY6iKgoFSr3qw2D fglGTnGhfVLcMCM0thMpoEu3pRlZmfmATzxjFCigYMm3wYcfGPcQYbalKK26ClmNNPA6 wRgx8UipTbr4y4eFN6pgSmSjE328uBDXtNc8huOp4rtDMhREYpXmQEgyYryVzeAFFiWN mZGPaOfENQEcWmyD1A19IKczc/VrdmGTosi1pkc+bvgAxVgFqLoOP1reJBG9GCJW6Hta TkbUxokJtfoezc+VqVHP+0mMMJz3UGGxl3WVHqY6+ad26Y8Nn7tS/6SI3Nho+B9RoabI HMow== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:github-pr-num :references:in-reply-to:message-id:date:to:from:delivered-to :arc-authentication-results; bh=c9JV5PTi9A6XjMvoePtC04qSzS2j+0XO8ivsY8UzWWQ=; b=iLQhydObi7PdbdjiWLuaN6WuKhXFxlVGsNm7LjTvA3l9tiNn7Ul+m6p7TTxiuzhKdS w5VWJF3f+5bbQ8QajEMQmAvaRHKRuLeQz6ohR2vGZQRG1SjO3XvalYStzFH8Ii6kxm59 uwIgQ9vQZqhoDDD6cTX5yiCPLx0nc8UrwhfexJhtFc0whnIQio9EZHoF3WCNdmTg/+V6 vIDJaC47hNglm00OEjL/QqyVAj6wvZsjqWovAWNHSlQUmZ1EO9tTNAOoIY6Y15Meif69 OYg8bVM+zFgpNYvpx36zj/MhsxAWDPSrG82GmTu9HirGnx4Z9S1flkVrG8PX7+hPSKhP 3uZw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Return-Path: Received: from lists.linaro.org (ec2-54-197-127-237.compute-1.amazonaws.com. [54.197.127.237]) by mx.google.com with ESMTP id b66si499492ybh.534.2018.01.24.11.06.09; Wed, 24 Jan 2018 11:06:09 -0800 (PST) Received-SPF: pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) client-ip=54.197.127.237; Authentication-Results: mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Received: by lists.linaro.org (Postfix, from userid 109) id 867A4617AD; Wed, 24 Jan 2018 19:06:09 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on ip-10-142-244-252 X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,FREEMAIL_FROM, RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H2 autolearn=disabled version=3.4.0 Received: from [127.0.0.1] (localhost [127.0.0.1]) by lists.linaro.org (Postfix) with ESMTP id 406D261706; Wed, 24 Jan 2018 19:01:12 +0000 (UTC) X-Original-To: lng-odp@lists.linaro.org Delivered-To: lng-odp@lists.linaro.org Received: by lists.linaro.org (Postfix, from userid 109) id 2BE376176F; Wed, 24 Jan 2018 19:01:00 +0000 (UTC) Received: from forward104p.mail.yandex.net (forward104p.mail.yandex.net [77.88.28.107]) by lists.linaro.org (Postfix) with ESMTPS id 435BF61704 for ; Wed, 24 Jan 2018 19:00:22 +0000 (UTC) Received: from mxback2g.mail.yandex.net (mxback2g.mail.yandex.net [IPv6:2a02:6b8:0:1472:2741:0:8b7:163]) by forward104p.mail.yandex.net (Yandex) with ESMTP id AC7FB182B9E for ; Wed, 24 Jan 2018 22:00:20 +0300 (MSK) Received: from smtp3p.mail.yandex.net (smtp3p.mail.yandex.net [2a02:6b8:0:1472:2741:0:8b6:8]) by mxback2g.mail.yandex.net (nwsmtp/Yandex) with ESMTP id BgxZBXofFo-0KNaGfsI; Wed, 24 Jan 2018 22:00:20 +0300 Received: by smtp3p.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id eveK2VsYyq-0KG0MIUr; Wed, 24 Jan 2018 22:00:20 +0300 (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client certificate not present) From: Github ODP bot To: lng-odp@lists.linaro.org Date: Wed, 24 Jan 2018 22:00:07 +0300 Message-Id: <1516820410-23442-4-git-send-email-odpbot@yandex.ru> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1516820410-23442-1-git-send-email-odpbot@yandex.ru> References: <1516820410-23442-1-git-send-email-odpbot@yandex.ru> Github-pr-num: 428 Subject: [lng-odp] [PATCH API-NEXT v4 3/6] validation: crypto: add ChaCha20-Poly1305 test vectors X-BeenThere: lng-odp@lists.linaro.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "The OpenDataPlane \(ODP\) List" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: lng-odp-bounces@lists.linaro.org Sender: "lng-odp" From: Dmitry Eremin-Solenikov Signed-off-by: Dmitry Eremin-Solenikov --- /** Email created from pull request 428 (lumag:chacha-poly1305) ** https://github.com/Linaro/odp/pull/428 ** Patch: https://github.com/Linaro/odp/pull/428.patch ** Base sha: 44974a09b01c79adb9637a5dff38539598a76737 ** Merge commit sha: 516808773882a012c221502d190787c1cdddd1b9 **/ test/validation/api/crypto/odp_crypto_test_inp.c | 72 +++++++++++++++++++ test/validation/api/crypto/test_vectors.h | 88 ++++++++++++++++++++++++ test/validation/api/crypto/test_vectors_len.h | 7 +- 3 files changed, 166 insertions(+), 1 deletion(-) diff --git a/test/validation/api/crypto/odp_crypto_test_inp.c b/test/validation/api/crypto/odp_crypto_test_inp.c index 2b0ba1cd9..dfcd4793b 100644 --- a/test/validation/api/crypto/odp_crypto_test_inp.c +++ b/test/validation/api/crypto/odp_crypto_test_inp.c @@ -52,6 +52,8 @@ static const char *auth_alg_name(odp_auth_alg_t auth) return "ODP_AUTH_ALG_AES_GCM"; case ODP_AUTH_ALG_AES_GMAC: return "ODP_AUTH_ALG_AES_GMAC"; + case ODP_AUTH_ALG_CHACHA20_POLY1305: + return "ODP_AUTH_ALG_CHACHA20_POLY1305"; default: return "Unknown"; } @@ -70,6 +72,8 @@ static const char *cipher_alg_name(odp_cipher_alg_t cipher) return "ODP_CIPHER_ALG_AES_CBC"; case ODP_CIPHER_ALG_AES_GCM: return "ODP_CIPHER_ALG_AES_GCM"; + case ODP_CIPHER_ALG_CHACHA20_POLY1305: + return "ODP_CIPHER_ALG_CHACHA20_POLY1305"; default: return "Unknown"; } @@ -473,6 +477,9 @@ static void check_alg(odp_crypto_op_t op, if (cipher_alg == ODP_CIPHER_ALG_AES_GCM && !(capa.ciphers.bit.aes_gcm)) rc = -1; + if (cipher_alg == ODP_CIPHER_ALG_CHACHA20_POLY1305 && + !(capa.ciphers.bit.chacha20_poly1305)) + rc = -1; if (cipher_alg == ODP_CIPHER_ALG_DES && !(capa.ciphers.bit.des)) rc = -1; @@ -489,6 +496,9 @@ static void check_alg(odp_crypto_op_t op, if (auth_alg == ODP_AUTH_ALG_AES_GMAC && !(capa.auths.bit.aes_gmac)) rc = -1; + if (auth_alg == ODP_AUTH_ALG_CHACHA20_POLY1305 && + !(capa.auths.bit.chacha20_poly1305)) + rc = -1; if (auth_alg == ODP_AUTH_ALG_MD5_HMAC && !(capa.auths.bit.md5_hmac)) rc = -1; @@ -657,6 +667,10 @@ static int check_alg_support(odp_cipher_alg_t cipher, odp_auth_alg_t auth) if (!capability.ciphers.bit.aes_gcm) return ODP_TEST_INACTIVE; break; + case ODP_CIPHER_ALG_CHACHA20_POLY1305: + if (!capability.ciphers.bit.chacha20_poly1305) + return ODP_TEST_INACTIVE; + break; default: fprintf(stderr, "Unsupported cipher algorithm\n"); return ODP_TEST_INACTIVE; @@ -692,6 +706,10 @@ static int check_alg_support(odp_cipher_alg_t cipher, odp_auth_alg_t auth) if (!capability.auths.bit.aes_gmac) return ODP_TEST_INACTIVE; break; + case ODP_AUTH_ALG_CHACHA20_POLY1305: + if (!capability.auths.bit.chacha20_poly1305) + return ODP_TEST_INACTIVE; + break; default: fprintf(stderr, "Unsupported authentication algorithm\n"); return ODP_TEST_INACTIVE; @@ -788,6 +806,52 @@ static void crypto_test_dec_alg_3des_cbc_ovr_iv(void) true); } +static int check_alg_chacha20_poly1305(void) +{ + return check_alg_support(ODP_CIPHER_ALG_CHACHA20_POLY1305, + ODP_AUTH_ALG_CHACHA20_POLY1305); +} + +static void crypto_test_enc_alg_chacha20_poly1305(void) +{ + check_alg(ODP_CRYPTO_OP_ENCODE, + ODP_CIPHER_ALG_CHACHA20_POLY1305, + ODP_AUTH_ALG_CHACHA20_POLY1305, + chacha20_poly1305_reference, + ARRAY_SIZE(chacha20_poly1305_reference), + false); +} + +static void crypto_test_enc_alg_chacha20_poly1305_ovr_iv(void) +{ + check_alg(ODP_CRYPTO_OP_ENCODE, + ODP_CIPHER_ALG_CHACHA20_POLY1305, + ODP_AUTH_ALG_CHACHA20_POLY1305, + chacha20_poly1305_reference, + ARRAY_SIZE(chacha20_poly1305_reference), + true); +} + +static void crypto_test_dec_alg_chacha20_poly1305(void) +{ + check_alg(ODP_CRYPTO_OP_DECODE, + ODP_CIPHER_ALG_CHACHA20_POLY1305, + ODP_AUTH_ALG_CHACHA20_POLY1305, + chacha20_poly1305_reference, + ARRAY_SIZE(chacha20_poly1305_reference), + false); +} + +static void crypto_test_dec_alg_chacha20_poly1305_ovr_iv(void) +{ + check_alg(ODP_CRYPTO_OP_DECODE, + ODP_CIPHER_ALG_CHACHA20_POLY1305, + ODP_AUTH_ALG_CHACHA20_POLY1305, + chacha20_poly1305_reference, + ARRAY_SIZE(chacha20_poly1305_reference), + true); +} + static int check_alg_aes_gcm(void) { return check_alg_support(ODP_CIPHER_ALG_AES_GCM, ODP_AUTH_ALG_AES_GCM); @@ -1250,6 +1314,14 @@ odp_testinfo_t crypto_suite[] = { check_alg_aes_gcm), ODP_TEST_INFO_CONDITIONAL(crypto_test_dec_alg_aes_gcm_ovr_iv, check_alg_aes_gcm), + ODP_TEST_INFO_CONDITIONAL(crypto_test_enc_alg_chacha20_poly1305, + check_alg_chacha20_poly1305), + ODP_TEST_INFO_CONDITIONAL(crypto_test_enc_alg_chacha20_poly1305_ovr_iv, + check_alg_chacha20_poly1305), + ODP_TEST_INFO_CONDITIONAL(crypto_test_dec_alg_chacha20_poly1305, + check_alg_chacha20_poly1305), + ODP_TEST_INFO_CONDITIONAL(crypto_test_dec_alg_chacha20_poly1305_ovr_iv, + check_alg_chacha20_poly1305), ODP_TEST_INFO_CONDITIONAL(crypto_test_gen_alg_hmac_md5, check_alg_hmac_md5), ODP_TEST_INFO_CONDITIONAL(crypto_test_check_alg_hmac_md5, diff --git a/test/validation/api/crypto/test_vectors.h b/test/validation/api/crypto/test_vectors.h index 9c0b844d1..a3970bb28 100644 --- a/test/validation/api/crypto/test_vectors.h +++ b/test/validation/api/crypto/test_vectors.h @@ -477,6 +477,94 @@ static crypto_test_reference_t aes_gmac_reference[] = { }, }; +static crypto_test_reference_t chacha20_poly1305_reference[] = { + { + .cipher_key_length = CHACHA20_POLY1305_KEY_LEN, + .cipher_key = { 0x1c, 0x92, 0x40, 0xa5, 0xeb, 0x55, 0xd3, 0x8a, + 0xf3, 0x33, 0x88, 0x86, 0x04, 0xf6, 0xb5, 0xf0, + 0x47, 0x39, 0x17, 0xc1, 0x40, 0x2b, 0x80, 0x09, + 0x9d, 0xca, 0x5c, 0xbc, 0x20, 0x70, 0x75, 0xc0}, + .cipher_iv_length = CHACHA20_POLY1305_IV_LEN, + .cipher_iv = { 0x00, 0x00, 0x00, 0x00, 0x01, 0x02, 0x03, 0x04, + 0x05, 0x06, 0x07, 0x08 }, + .length = 265, + .plaintext = { 0x49, 0x6e, 0x74, 0x65, 0x72, 0x6e, 0x65, 0x74, + 0x2d, 0x44, 0x72, 0x61, 0x66, 0x74, 0x73, 0x20, + 0x61, 0x72, 0x65, 0x20, 0x64, 0x72, 0x61, 0x66, + 0x74, 0x20, 0x64, 0x6f, 0x63, 0x75, 0x6d, 0x65, + 0x6e, 0x74, 0x73, 0x20, 0x76, 0x61, 0x6c, 0x69, + 0x64, 0x20, 0x66, 0x6f, 0x72, 0x20, 0x61, 0x20, + 0x6d, 0x61, 0x78, 0x69, 0x6d, 0x75, 0x6d, 0x20, + 0x6f, 0x66, 0x20, 0x73, 0x69, 0x78, 0x20, 0x6d, + 0x6f, 0x6e, 0x74, 0x68, 0x73, 0x20, 0x61, 0x6e, + 0x64, 0x20, 0x6d, 0x61, 0x79, 0x20, 0x62, 0x65, + 0x20, 0x75, 0x70, 0x64, 0x61, 0x74, 0x65, 0x64, + 0x2c, 0x20, 0x72, 0x65, 0x70, 0x6c, 0x61, 0x63, + 0x65, 0x64, 0x2c, 0x20, 0x6f, 0x72, 0x20, 0x6f, + 0x62, 0x73, 0x6f, 0x6c, 0x65, 0x74, 0x65, 0x64, + 0x20, 0x62, 0x79, 0x20, 0x6f, 0x74, 0x68, 0x65, + 0x72, 0x20, 0x64, 0x6f, 0x63, 0x75, 0x6d, 0x65, + 0x6e, 0x74, 0x73, 0x20, 0x61, 0x74, 0x20, 0x61, + 0x6e, 0x79, 0x20, 0x74, 0x69, 0x6d, 0x65, 0x2e, + 0x20, 0x49, 0x74, 0x20, 0x69, 0x73, 0x20, 0x69, + 0x6e, 0x61, 0x70, 0x70, 0x72, 0x6f, 0x70, 0x72, + 0x69, 0x61, 0x74, 0x65, 0x20, 0x74, 0x6f, 0x20, + 0x75, 0x73, 0x65, 0x20, 0x49, 0x6e, 0x74, 0x65, + 0x72, 0x6e, 0x65, 0x74, 0x2d, 0x44, 0x72, 0x61, + 0x66, 0x74, 0x73, 0x20, 0x61, 0x73, 0x20, 0x72, + 0x65, 0x66, 0x65, 0x72, 0x65, 0x6e, 0x63, 0x65, + 0x20, 0x6d, 0x61, 0x74, 0x65, 0x72, 0x69, 0x61, + 0x6c, 0x20, 0x6f, 0x72, 0x20, 0x74, 0x6f, 0x20, + 0x63, 0x69, 0x74, 0x65, 0x20, 0x74, 0x68, 0x65, + 0x6d, 0x20, 0x6f, 0x74, 0x68, 0x65, 0x72, 0x20, + 0x74, 0x68, 0x61, 0x6e, 0x20, 0x61, 0x73, 0x20, + 0x2f, 0xe2, 0x80, 0x9c, 0x77, 0x6f, 0x72, 0x6b, + 0x20, 0x69, 0x6e, 0x20, 0x70, 0x72, 0x6f, 0x67, + 0x72, 0x65, 0x73, 0x73, 0x2e, 0x2f, 0xe2, 0x80, + 0x9d }, + .ciphertext = { 0x64, 0xa0, 0x86, 0x15, 0x75, 0x86, 0x1a, 0xf4, + 0x60, 0xf0, 0x62, 0xc7, 0x9b, 0xe6, 0x43, 0xbd, + 0x5e, 0x80, 0x5c, 0xfd, 0x34, 0x5c, 0xf3, 0x89, + 0xf1, 0x08, 0x67, 0x0a, 0xc7, 0x6c, 0x8c, 0xb2, + 0x4c, 0x6c, 0xfc, 0x18, 0x75, 0x5d, 0x43, 0xee, + 0xa0, 0x9e, 0xe9, 0x4e, 0x38, 0x2d, 0x26, 0xb0, + 0xbd, 0xb7, 0xb7, 0x3c, 0x32, 0x1b, 0x01, 0x00, + 0xd4, 0xf0, 0x3b, 0x7f, 0x35, 0x58, 0x94, 0xcf, + 0x33, 0x2f, 0x83, 0x0e, 0x71, 0x0b, 0x97, 0xce, + 0x98, 0xc8, 0xa8, 0x4a, 0xbd, 0x0b, 0x94, 0x81, + 0x14, 0xad, 0x17, 0x6e, 0x00, 0x8d, 0x33, 0xbd, + 0x60, 0xf9, 0x82, 0xb1, 0xff, 0x37, 0xc8, 0x55, + 0x97, 0x97, 0xa0, 0x6e, 0xf4, 0xf0, 0xef, 0x61, + 0xc1, 0x86, 0x32, 0x4e, 0x2b, 0x35, 0x06, 0x38, + 0x36, 0x06, 0x90, 0x7b, 0x6a, 0x7c, 0x02, 0xb0, + 0xf9, 0xf6, 0x15, 0x7b, 0x53, 0xc8, 0x67, 0xe4, + 0xb9, 0x16, 0x6c, 0x76, 0x7b, 0x80, 0x4d, 0x46, + 0xa5, 0x9b, 0x52, 0x16, 0xcd, 0xe7, 0xa4, 0xe9, + 0x90, 0x40, 0xc5, 0xa4, 0x04, 0x33, 0x22, 0x5e, + 0xe2, 0x82, 0xa1, 0xb0, 0xa0, 0x6c, 0x52, 0x3e, + 0xaf, 0x45, 0x34, 0xd7, 0xf8, 0x3f, 0xa1, 0x15, + 0x5b, 0x00, 0x47, 0x71, 0x8c, 0xbc, 0x54, 0x6a, + 0x0d, 0x07, 0x2b, 0x04, 0xb3, 0x56, 0x4e, 0xea, + 0x1b, 0x42, 0x22, 0x73, 0xf5, 0x48, 0x27, 0x1a, + 0x0b, 0xb2, 0x31, 0x60, 0x53, 0xfa, 0x76, 0x99, + 0x19, 0x55, 0xeb, 0xd6, 0x31, 0x59, 0x43, 0x4e, + 0xce, 0xbb, 0x4e, 0x46, 0x6d, 0xae, 0x5a, 0x10, + 0x73, 0xa6, 0x72, 0x76, 0x27, 0x09, 0x7a, 0x10, + 0x49, 0xe6, 0x17, 0xd9, 0x1d, 0x36, 0x10, 0x94, + 0xfa, 0x68, 0xf0, 0xff, 0x77, 0x98, 0x71, 0x30, + 0x30, 0x5b, 0xea, 0xba, 0x2e, 0xda, 0x04, 0xdf, + 0x99, 0x7b, 0x71, 0x4d, 0x6c, 0x6f, 0x2c, 0x29, + 0xa6, 0xad, 0x5c, 0xb4, 0x02, 0x2b, 0x02, 0x70, + 0x9b }, + .aad_length = 12, + .aad = { 0xf3, 0x33, 0x88, 0x86, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x4e, 0x91 }, + .digest_length = CHACHA20_POLY1305_CHECK_LEN, + .digest = { 0xee, 0xad, 0x9d, 0x67, 0x89, 0x0c, 0xbb, 0x22, + 0x39, 0x23, 0x36, 0xfe, 0xa1, 0x85, 0x1f, 0x38 } + }, +}; + static crypto_test_reference_t hmac_md5_reference[] = { { .auth_key_length = HMAC_MD5_KEY_LEN, diff --git a/test/validation/api/crypto/test_vectors_len.h b/test/validation/api/crypto/test_vectors_len.h index 2551b054c..d41c7b286 100644 --- a/test/validation/api/crypto/test_vectors_len.h +++ b/test/validation/api/crypto/test_vectors_len.h @@ -9,7 +9,7 @@ /* Maximum */ #define MAX_KEY_LEN 64 #define MAX_IV_LEN 16 -#define MAX_DATA_LEN 128 +#define MAX_DATA_LEN 270 #define MAX_AAD_LEN 12 #define MAX_DIGEST_LEN 64 @@ -74,4 +74,9 @@ #define HMAC_SHA512_256_CHECK_LEN 32 #define HMAC_SHA512_CHECK_LEN 64 +/* ChaCha20-Poly1305 */ +#define CHACHA20_POLY1305_KEY_LEN 32 +#define CHACHA20_POLY1305_IV_LEN 12 +#define CHACHA20_POLY1305_CHECK_LEN 16 + #endif From patchwork Wed Jan 24 19:00:09 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Github ODP bot X-Patchwork-Id: 125710 Delivered-To: patch@linaro.org Received: by 10.46.66.141 with SMTP id h13csp607689ljf; Wed, 24 Jan 2018 11:07:30 -0800 (PST) X-Google-Smtp-Source: AH8x227I2dDBaGAsbZ6mVRM4VYU8gNbeCnUa7cjW74ESO5P7/yEo7wbg6PX0litp1oCVhvkdLGvl X-Received: by 10.13.253.132 with SMTP id n126mr6215765ywf.10.1516820850123; Wed, 24 Jan 2018 11:07:30 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1516820850; cv=none; d=google.com; s=arc-20160816; b=a5Oy3QyXbKhDcI6qkksg2H/bKKtfE1LbqhJZw9aNk80a8C90jM98UukL9eCz2ToDwH /67CR523gZY4ppBbO6cAvPcHy9Q1bvnP29m+xBxBPrn9MgVo/yNDEXZM6B5VCIP5Uk8C oXx6QC165Gn77zgj+LoWK8YhBDkOvD/4pIPEQqYLW4eUEqGoCQ3vjXEoF4fqp19aYEKU //kTDeY2jHChUoj0IIQkqaAM5bwI3+/21psW4mwaEOyItPOtO8Mv73JGM+OsBZBUTeRB dmYQtehRKt05IP9zlwVdf9fdN1A2pVtl1tgmr66d2KyPqTnx/DIO+Svm19C2gCMPByS7 uOpQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:github-pr-num :references:in-reply-to:message-id:date:to:from:delivered-to :arc-authentication-results; bh=ZLrMAS4x0joVF5WTHylrAmjqpnwJFRw7saniwwpPlao=; b=peVwF6zAEOVGZ+wvqMLraTnEspX+K6VcwF9rxFPxmTZ4kvL4s2/6y88uK8dX9wn+t9 fNjyG/f39PleGfapj2gUsg8vl4m1xdkn+mQmNYRSMoK27rKWPdGdcnrDyLqowy++vlje JteU5jae78UxY+cZ1B6/Ev5iwnME75bkajsC6jR3AM13r7iPm1hir3M8xy2OYJrcTqLI 5cPQ0g5V4stpuwJza19cDjCQeXwrM6lqqd+fcEhc+1jcesfwnzKtm/Hx7+dfW+enuZ4U 7BbeoQ6rIolHa8Ov4v8RH1EArmYTAkYADQyHtWszBD7VfxYd7lO8GW09JXH7RqfvaAB2 f90Q== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Return-Path: Received: from lists.linaro.org (ec2-54-197-127-237.compute-1.amazonaws.com. [54.197.127.237]) by mx.google.com with ESMTP id t13si2815936ybl.631.2018.01.24.11.07.29; Wed, 24 Jan 2018 11:07:30 -0800 (PST) Received-SPF: pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) client-ip=54.197.127.237; Authentication-Results: mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Received: by lists.linaro.org (Postfix, from userid 109) id B17106179A; Wed, 24 Jan 2018 19:07:29 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on ip-10-142-244-252 X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,FREEMAIL_FROM, RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H2 autolearn=disabled version=3.4.0 Received: from [127.0.0.1] (localhost [127.0.0.1]) by lists.linaro.org (Postfix) with ESMTP id 9A8126176F; Wed, 24 Jan 2018 19:01:15 +0000 (UTC) X-Original-To: lng-odp@lists.linaro.org Delivered-To: lng-odp@lists.linaro.org Received: by lists.linaro.org (Postfix, from userid 109) id CC63D61769; Wed, 24 Jan 2018 19:01:09 +0000 (UTC) Received: from forward104p.mail.yandex.net (forward104p.mail.yandex.net [77.88.28.107]) by lists.linaro.org (Postfix) with ESMTPS id C777F61706 for ; Wed, 24 Jan 2018 19:00:22 +0000 (UTC) Received: from mxback12g.mail.yandex.net (mxback12g.mail.yandex.net [IPv6:2a02:6b8:0:1472:2741:0:8b7:91]) by forward104p.mail.yandex.net (Yandex) with ESMTP id 8BA21182B9A for ; Wed, 24 Jan 2018 22:00:21 +0300 (MSK) Received: from smtp3p.mail.yandex.net (smtp3p.mail.yandex.net [2a02:6b8:0:1472:2741:0:8b6:8]) by mxback12g.mail.yandex.net (nwsmtp/Yandex) with ESMTP id CD5X2CeSp8-0LX82aKC; Wed, 24 Jan 2018 22:00:21 +0300 Received: by smtp3p.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id eveK2VsYyq-0LGagxp6; Wed, 24 Jan 2018 22:00:21 +0300 (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client certificate not present) From: Github ODP bot To: lng-odp@lists.linaro.org Date: Wed, 24 Jan 2018 22:00:09 +0300 Message-Id: <1516820410-23442-6-git-send-email-odpbot@yandex.ru> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1516820410-23442-1-git-send-email-odpbot@yandex.ru> References: <1516820410-23442-1-git-send-email-odpbot@yandex.ru> Github-pr-num: 428 Subject: [lng-odp] [PATCH API-NEXT v4 5/6] validation: ipsec: add ChaCha20-Poly1305 test vectors X-BeenThere: lng-odp@lists.linaro.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "The OpenDataPlane \(ODP\) List" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: lng-odp-bounces@lists.linaro.org Sender: "lng-odp" From: Dmitry Eremin-Solenikov Signed-off-by: Dmitry Eremin-Solenikov --- /** Email created from pull request 428 (lumag:chacha-poly1305) ** https://github.com/Linaro/odp/pull/428 ** Patch: https://github.com/Linaro/odp/pull/428.patch ** Base sha: 44974a09b01c79adb9637a5dff38539598a76737 ** Merge commit sha: 516808773882a012c221502d190787c1cdddd1b9 **/ test/validation/api/ipsec/ipsec.c | 14 +++++++ test/validation/api/ipsec/ipsec.h | 1 + test/validation/api/ipsec/ipsec_test_in.c | 33 +++++++++++++++ test/validation/api/ipsec/ipsec_test_out.c | 44 ++++++++++++++++++++ test/validation/api/ipsec/test_vectors.h | 66 ++++++++++++++++++++++++++++++ 5 files changed, 158 insertions(+) diff --git a/test/validation/api/ipsec/ipsec.c b/test/validation/api/ipsec/ipsec.c index 5d3112a27..31bd557fe 100644 --- a/test/validation/api/ipsec/ipsec.c +++ b/test/validation/api/ipsec/ipsec.c @@ -177,6 +177,10 @@ int ipsec_check(odp_bool_t ah, if (!capa.ciphers.bit.aes_gcm) return ODP_TEST_INACTIVE; break; + case ODP_CIPHER_ALG_CHACHA20_POLY1305: + if (!capa.ciphers.bit.chacha20_poly1305) + return ODP_TEST_INACTIVE; + break; default: fprintf(stderr, "Unsupported cipher algorithm\n"); return ODP_TEST_INACTIVE; @@ -212,6 +216,10 @@ int ipsec_check(odp_bool_t ah, if (!capa.auths.bit.aes_gmac) return ODP_TEST_INACTIVE; break; + case ODP_AUTH_ALG_CHACHA20_POLY1305: + if (!capa.auths.bit.chacha20_poly1305) + return ODP_TEST_INACTIVE; + break; default: fprintf(stderr, "Unsupported authentication algorithm\n"); return ODP_TEST_INACTIVE; @@ -313,6 +321,12 @@ int ipsec_check_esp_null_aes_gmac_128(void) ODP_AUTH_ALG_AES_GMAC, 128); } +int ipsec_check_esp_chacha20_poly1305(void) +{ + return ipsec_check_esp(ODP_CIPHER_ALG_CHACHA20_POLY1305, 256, + ODP_AUTH_ALG_CHACHA20_POLY1305, 0); +} + void ipsec_sa_param_fill(odp_ipsec_sa_param_t *param, odp_bool_t in, odp_bool_t ah, diff --git a/test/validation/api/ipsec/ipsec.h b/test/validation/api/ipsec/ipsec.h index 31ebed789..7ba9ef10e 100644 --- a/test/validation/api/ipsec/ipsec.h +++ b/test/validation/api/ipsec/ipsec.h @@ -91,5 +91,6 @@ int ipsec_check_esp_aes_gcm_128(void); int ipsec_check_esp_aes_gcm_256(void); int ipsec_check_ah_aes_gmac_128(void); int ipsec_check_esp_null_aes_gmac_128(void); +int ipsec_check_esp_chacha20_poly1305(void); #endif diff --git a/test/validation/api/ipsec/ipsec_test_in.c b/test/validation/api/ipsec/ipsec_test_in.c index 8a82abe49..8138defb5 100644 --- a/test/validation/api/ipsec/ipsec_test_in.c +++ b/test/validation/api/ipsec/ipsec_test_in.c @@ -1136,6 +1136,37 @@ static void test_in_ipv4_mcgrew_gcm_15_esp(void) ipsec_sa_destroy(sa); } +static void test_in_ipv4_rfc7634_chacha(void) +{ + odp_ipsec_tunnel_param_t tunnel = {}; + odp_ipsec_sa_param_t param; + odp_ipsec_sa_t sa; + + ipsec_sa_param_fill(¶m, + true, false, 0x01020304, &tunnel, + ODP_CIPHER_ALG_CHACHA20_POLY1305, &key_rfc7634, + ODP_AUTH_ALG_CHACHA20_POLY1305, NULL, + &key_rfc7634_salt); + + sa = odp_ipsec_sa_create(¶m); + + CU_ASSERT_NOT_EQUAL_FATAL(ODP_IPSEC_SA_INVALID, sa); + + ipsec_test_part test = { + .pkt_in = &pkt_ipv4_rfc7634_esp, + .out_pkt = 1, + .out = { + { .status.warn.all = 0, + .status.error.all = 0, + .pkt_out = &pkt_ipv4_rfc7634}, + }, + }; + + ipsec_check_in_one(&test, sa); + + ipsec_sa_destroy(sa); +} + static void test_in_ipv4_ah_aes_gmac_128(void) { odp_ipsec_sa_param_t param; @@ -1474,6 +1505,8 @@ odp_testinfo_t ipsec_in_suite[] = { #endif ODP_TEST_INFO_CONDITIONAL(test_in_ipv4_mcgrew_gcm_15_esp, ipsec_check_esp_null_aes_gmac_128), + ODP_TEST_INFO_CONDITIONAL(test_in_ipv4_rfc7634_chacha, + ipsec_check_esp_chacha20_poly1305), ODP_TEST_INFO_CONDITIONAL(test_in_ipv4_ah_sha256, ipsec_check_ah_sha256), ODP_TEST_INFO_CONDITIONAL(test_in_ipv4_ah_sha256_tun_ipv4, diff --git a/test/validation/api/ipsec/ipsec_test_out.c b/test/validation/api/ipsec/ipsec_test_out.c index 971fbbf8d..0f49c7e1f 100644 --- a/test/validation/api/ipsec/ipsec_test_out.c +++ b/test/validation/api/ipsec/ipsec_test_out.c @@ -500,6 +500,48 @@ static void test_out_ipv4_esp_null_aes_gmac_128(void) ipsec_sa_destroy(sa); } +static void test_out_ipv4_esp_chacha20_poly1305(void) +{ + odp_ipsec_sa_param_t param; + odp_ipsec_sa_t sa; + odp_ipsec_sa_t sa2; + + ipsec_sa_param_fill(¶m, + false, false, 123, NULL, + ODP_CIPHER_ALG_CHACHA20_POLY1305, &key_rfc7634, + ODP_AUTH_ALG_CHACHA20_POLY1305, NULL, + &key_rfc7634_salt); + + sa = odp_ipsec_sa_create(¶m); + + CU_ASSERT_NOT_EQUAL_FATAL(ODP_IPSEC_SA_INVALID, sa); + + ipsec_sa_param_fill(¶m, + true, false, 123, NULL, + ODP_CIPHER_ALG_CHACHA20_POLY1305, &key_rfc7634, + ODP_AUTH_ALG_CHACHA20_POLY1305, NULL, + &key_rfc7634_salt); + + sa2 = odp_ipsec_sa_create(¶m); + + CU_ASSERT_NOT_EQUAL_FATAL(ODP_IPSEC_SA_INVALID, sa2); + + ipsec_test_part test = { + .pkt_in = &pkt_ipv4_icmp_0, + .out_pkt = 1, + .out = { + { .status.warn.all = 0, + .status.error.all = 0, + .pkt_out = &pkt_ipv4_icmp_0 }, + }, + }; + + ipsec_check_out_in_one(&test, sa, sa2); + + ipsec_sa_destroy(sa2); + ipsec_sa_destroy(sa); +} + static void test_out_ipv4_ah_sha256_frag_check(void) { odp_ipsec_sa_param_t param; @@ -978,6 +1020,8 @@ odp_testinfo_t ipsec_out_suite[] = { ipsec_check_ah_aes_gmac_128), ODP_TEST_INFO_CONDITIONAL(test_out_ipv4_esp_null_aes_gmac_128, ipsec_check_esp_null_aes_gmac_128), + ODP_TEST_INFO_CONDITIONAL(test_out_ipv4_esp_chacha20_poly1305, + ipsec_check_esp_chacha20_poly1305), ODP_TEST_INFO_CONDITIONAL(test_out_ipv4_ah_sha256_frag_check, ipsec_check_ah_sha256), ODP_TEST_INFO_CONDITIONAL(test_out_ipv4_ah_sha256_frag_check_2, diff --git a/test/validation/api/ipsec/test_vectors.h b/test/validation/api/ipsec/test_vectors.h index 4732d6ca5..f14fdb2b3 100644 --- a/test/validation/api/ipsec/test_vectors.h +++ b/test/validation/api/ipsec/test_vectors.h @@ -48,6 +48,11 @@ KEY(key_mcgrew_gcm_salt_12, 0xd9, 0x66, 0x42, 0x67); KEY(key_mcgrew_gcm_15, 0x4c, 0x80, 0xcd, 0xef, 0xbb, 0x5d, 0x10, 0xda, 0x90, 0x6a, 0xc7, 0x3c, 0x36, 0x13, 0xa6, 0x34); KEY(key_mcgrew_gcm_salt_15, 0x22, 0x43, 0x3c, 0x64); +KEY(key_rfc7634, 0x80, 0x81, 0x82, 0x83, 0x84, 0x85, 0x86, 0x87, + 0x88, 0x89, 0x8a, 0x8b, 0x8c, 0x8d, 0x8e, 0x8f, + 0x90, 0x91, 0x92, 0x93, 0x94, 0x95, 0x96, 0x97, + 0x98, 0x99, 0x9a, 0x9b, 0x9c, 0x9d, 0x9e, 0x9f); +KEY(key_rfc7634_salt, 0xa0, 0xa1, 0xa2, 0xa3); static const ODP_UNUSED ipsec_test_packet pkt_ipv4_icmp_0 = { .len = 142, @@ -1730,6 +1735,67 @@ static const ipsec_test_packet pkt_mcgrew_gcm_test_15_esp = { }, }; +static const ODP_UNUSED ipsec_test_packet pkt_ipv4_rfc7634 = { + .len = 98, + .l2_offset = 0, + .l3_offset = 14, + .l4_offset = 34, + .data = { + /* ETH - not a part of RFC, added for simplicity */ + 0xf1, 0xf1, 0xf1, 0xf1, 0xf1, 0xf1, + 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0x08, 0x00, + + /* IP */ + 0x45, 0x00, 0x00, 0x54, 0xa6, 0xf2, 0x00, 0x00, + 0x40, 0x01, 0xe7, 0x78, 0xc6, 0x33, 0x64, 0x05, + 0xc0, 0x00, 0x02, 0x05, + + /* ICMP */ + 0x08, 0x00, 0x5b, 0x7a, 0x3a, 0x08, 0x00, 0x00, + 0x55, 0x3b, 0xec, 0x10, 0x00, 0x07, 0x36, 0x27, + 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, + 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, + 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, + 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, + 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, + 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, + }, +}; + +static const ODP_UNUSED ipsec_test_packet pkt_ipv4_rfc7634_esp = { + .len = 154, + .l2_offset = 0, + .l3_offset = 14, + .l4_offset = 34, + .data = { + /* ETH - not a part of RFC, added for simplicity */ + 0xf1, 0xf1, 0xf1, 0xf1, 0xf1, 0xf1, + 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0x08, 0x00, + + /* IP */ + 0x45, 0x00, 0x00, 0x8c, 0x23, 0x45, 0x00, 0x00, + 0x40, 0x32, 0xde, 0x5b, 0xcb, 0x00, 0x71, 0x99, + 0xcb, 0x00, 0x71, 0x05, + + /* ESP */ + 0x01, 0x02, 0x03, 0x04, 0x00, 0x00, 0x00, 0x05, + 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, + 0x24, 0x03, 0x94, 0x28, 0xb9, 0x7f, 0x41, 0x7e, + 0x3c, 0x13, 0x75, 0x3a, 0x4f, 0x05, 0x08, 0x7b, + 0x67, 0xc3, 0x52, 0xe6, 0xa7, 0xfa, 0xb1, 0xb9, + 0x82, 0xd4, 0x66, 0xef, 0x40, 0x7a, 0xe5, 0xc6, + 0x14, 0xee, 0x80, 0x99, 0xd5, 0x28, 0x44, 0xeb, + 0x61, 0xaa, 0x95, 0xdf, 0xab, 0x4c, 0x02, 0xf7, + 0x2a, 0xa7, 0x1e, 0x7c, 0x4c, 0x4f, 0x64, 0xc9, + 0xbe, 0xfe, 0x2f, 0xac, 0xc6, 0x38, 0xe8, 0xf3, + 0xcb, 0xec, 0x16, 0x3f, 0xac, 0x46, 0x9b, 0x50, + 0x27, 0x73, 0xf6, 0xfb, 0x94, 0xe6, 0x64, 0xda, + 0x91, 0x65, 0xb8, 0x28, 0x29, 0xf6, 0x41, 0xe0, + 0x76, 0xaa, 0xa8, 0x26, 0x6b, 0x7f, 0xb0, 0xf7, + 0xb1, 0x1b, 0x36, 0x99, 0x07, 0xe1, 0xad, 0x43, + }, +}; + static const ODP_UNUSED ipsec_test_packet pkt_ipv6_icmp_0_esp_udp_null_sha256_1 = { .len = 206, From patchwork Wed Jan 24 19:00:10 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Github ODP bot X-Patchwork-Id: 125711 Delivered-To: patch@linaro.org Received: by 10.46.66.141 with SMTP id h13csp608337ljf; Wed, 24 Jan 2018 11:08:49 -0800 (PST) X-Google-Smtp-Source: AH8x225L9EX2jib/4OScayZCxC3nPJxiOadQsPeqymqfzL3q6sTSxaCcz4a9YJNDclSIQxiplR7z X-Received: by 10.37.139.138 with SMTP id j10mr6330263ybl.231.1516820929211; Wed, 24 Jan 2018 11:08:49 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1516820929; cv=none; d=google.com; s=arc-20160816; b=O5lb/5MNzzd5ulYTDf3rMF5loR4hUTFkj2JtpTvkfp0xmWQgDaMdMBhKwcyhfxNAAP MqcH4NwpR4Wlj18XoD+0HjaTBife4sP1VGmpupZwKFykdtDDxXuUTqmT0mWsOC5Fjy+1 nbU/QRD9Ytp0ZdBr3TRDEiCH4ncK7XXVvS3N2pxLoGmzxGvYFqVG8rf8AanrZ9Pwcx54 VUzrMcqr76vZ8JSl2kup3+mtZjuvQ6RJXi1kr3Q1IlOqKqWwNtCx4iqutGTMffFZLgZG EXbrJ//hgyLyRqCaBNBs3jQu+g9Plt57N3JKXm1bJ2x5rZ7h4l+QR1v7nVOqQZdtph7O 0Oew== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:github-pr-num :references:in-reply-to:message-id:date:to:from:delivered-to :arc-authentication-results; bh=thcVtZA7FFW+q+NJVeETVaUtNdzkyKc6v6KLCL/80Vs=; b=tWSNyYTik38/DGe8Ifhi0pZZ6BET/SW4PWCDhWT5xhcC9v/GVB+zPlDqbKomXItLVT Lt7AUXHAqXkiqDOppXhkARjXtM5Hlhim8oViT9vkikdgn2sf9x0hzVvkGGmbw3CtD0HD oStAshCw3pC0LZppnYDeES3pqhA86Ehner2oNqdQ1598gfWsKeG/wBCNPtoLa98FlkNE bI+a6yiEHiT+RpRr1k9gj18lsz7LLlYqJ8vpRXsLB1zNAdgRz+bUuhb8LqLmJyFZTJmT R31LHyZUOx33eZ4SE7GXgfxB+bWZ1d+Sr0GQP7D79dOjc+gwqgmmj1kLNmK+NuWTnZv9 NLAQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Return-Path: Received: from lists.linaro.org (ec2-54-197-127-237.compute-1.amazonaws.com. [54.197.127.237]) by mx.google.com with ESMTP id p186si158902ywp.515.2018.01.24.11.08.48; Wed, 24 Jan 2018 11:08:49 -0800 (PST) Received-SPF: pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) client-ip=54.197.127.237; Authentication-Results: mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Received: by lists.linaro.org (Postfix, from userid 109) id B954461782; Wed, 24 Jan 2018 19:08:48 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on ip-10-142-244-252 X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,FREEMAIL_FROM, RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H2 autolearn=disabled version=3.4.0 Received: from [127.0.0.1] (localhost [127.0.0.1]) by lists.linaro.org (Postfix) with ESMTP id F09E36178D; Wed, 24 Jan 2018 19:01:18 +0000 (UTC) X-Original-To: lng-odp@lists.linaro.org Delivered-To: lng-odp@lists.linaro.org Received: by lists.linaro.org (Postfix, from userid 109) id A573161706; Wed, 24 Jan 2018 19:01:10 +0000 (UTC) Received: from forward101j.mail.yandex.net (forward101j.mail.yandex.net [5.45.198.241]) by lists.linaro.org (Postfix) with ESMTPS id 6D38D61718 for ; Wed, 24 Jan 2018 19:00:23 +0000 (UTC) Received: from mxback5g.mail.yandex.net (mxback5g.mail.yandex.net [IPv6:2a02:6b8:0:1472:2741:0:8b7:166]) by forward101j.mail.yandex.net (Yandex) with ESMTP id E2E281245229 for ; Wed, 24 Jan 2018 22:00:21 +0300 (MSK) Received: from smtp3p.mail.yandex.net (smtp3p.mail.yandex.net [2a02:6b8:0:1472:2741:0:8b6:8]) by mxback5g.mail.yandex.net (nwsmtp/Yandex) with ESMTP id nXdaCWrfhc-0LMSKEZA; Wed, 24 Jan 2018 22:00:21 +0300 Received: by smtp3p.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id eveK2VsYyq-0LG0SI64; Wed, 24 Jan 2018 22:00:21 +0300 (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client certificate not present) From: Github ODP bot To: lng-odp@lists.linaro.org Date: Wed, 24 Jan 2018 22:00:10 +0300 Message-Id: <1516820410-23442-7-git-send-email-odpbot@yandex.ru> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1516820410-23442-1-git-send-email-odpbot@yandex.ru> References: <1516820410-23442-1-git-send-email-odpbot@yandex.ru> Github-pr-num: 428 Subject: [lng-odp] [PATCH API-NEXT v4 6/6] linux-gen: ipsec: support ChaCha20-Poly1305 X-BeenThere: lng-odp@lists.linaro.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "The OpenDataPlane \(ODP\) List" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: lng-odp-bounces@lists.linaro.org Sender: "lng-odp" From: Dmitry Eremin-Solenikov Support IPsec ChaCha20-Poly1305 on top of linux-generic's crypto support. Signed-off-by: Dmitry Eremin-Solenikov --- /** Email created from pull request 428 (lumag:chacha-poly1305) ** https://github.com/Linaro/odp/pull/428 ** Patch: https://github.com/Linaro/odp/pull/428.patch ** Base sha: 44974a09b01c79adb9637a5dff38539598a76737 ** Merge commit sha: 516808773882a012c221502d190787c1cdddd1b9 **/ platform/linux-generic/odp_ipsec.c | 1 + platform/linux-generic/odp_ipsec_sad.c | 12 ++++++++++++ 2 files changed, 13 insertions(+) diff --git a/platform/linux-generic/odp_ipsec.c b/platform/linux-generic/odp_ipsec.c index b6192377e..43d7b9f52 100644 --- a/platform/linux-generic/odp_ipsec.c +++ b/platform/linux-generic/odp_ipsec.c @@ -112,6 +112,7 @@ int odp_ipsec_auth_capability(odp_auth_alg_t auth, continue; if (ODP_AUTH_ALG_AES_GCM == auth || + ODP_AUTH_ALG_CHACHA20_POLY1305 == auth || ODP_DEPRECATE(ODP_AUTH_ALG_AES128_GCM) == auth) { uint8_t aad_len = 12; diff --git a/platform/linux-generic/odp_ipsec_sad.c b/platform/linux-generic/odp_ipsec_sad.c index 031adef65..d97735408 100644 --- a/platform/linux-generic/odp_ipsec_sad.c +++ b/platform/linux-generic/odp_ipsec_sad.c @@ -210,6 +210,8 @@ uint32_t _odp_ipsec_cipher_iv_len(odp_cipher_alg_t cipher) #endif case ODP_CIPHER_ALG_AES_GCM: return 12; + case ODP_CIPHER_ALG_CHACHA20_POLY1305: + return 12; default: return (uint32_t)-1; } @@ -240,6 +242,8 @@ uint32_t _odp_ipsec_auth_digest_len(odp_auth_alg_t auth) case ODP_AUTH_ALG_AES_GCM: case ODP_AUTH_ALG_AES_GMAC: return 16; + case ODP_AUTH_ALG_CHACHA20_POLY1305: + return 16; default: return (uint32_t)-1; } @@ -392,6 +396,11 @@ odp_ipsec_sa_t odp_ipsec_sa_create(const odp_ipsec_sa_param_t *param) ipsec_sa->esp_iv_len = 8; ipsec_sa->esp_block_len = 16; break; + case ODP_CIPHER_ALG_CHACHA20_POLY1305: + ipsec_sa->use_counter_iv = 1; + ipsec_sa->esp_iv_len = 8; + ipsec_sa->esp_block_len = 1; + break; default: goto error; } @@ -411,6 +420,9 @@ odp_ipsec_sa_t odp_ipsec_sa_create(const odp_ipsec_sa_param_t *param) ipsec_sa->esp_block_len = 16; crypto_param.auth_iv.length = 12; break; + case ODP_AUTH_ALG_CHACHA20_POLY1305: + crypto_param.auth_aad_len = sizeof(ipsec_aad_t); + break; default: break; }