examples/fips_validation: add JSON to GCM test

Added JSON-specific testing and writeback functions which allows
the user to test AES-GCM vector sets.

Signed-off-by: Brandon Lo <blo@iol.unh.edu>
Acked-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
Tested-by: Jakub Poczatek <jakub.poczatek@intel.com>

examples/fips_validation/fips_validation.h

@@ -250,6 +250,9 @@ fips_test_parse_one_json_group(void);
 
 int
 fips_test_parse_one_json_case(void);
+
+int
+parse_test_gcm_json_init(void);
 #endif /* RTE_HAS_JANSSON */
 
 int

examples/fips_validation/fips_validation_gcm.c

@@ -6,6 +6,10 @@
 #include <time.h>
 #include <stdio.h>
 
+#ifdef RTE_HAS_JANSSON
+#include <jansson.h>
+#endif /* RTE_HAS_JANSSON */
+
 #include <rte_cryptodev.h>
 #include <rte_malloc.h>
 
@@ -37,6 +41,27 @@
 #define OP_ENC_EXT_STR	"ExtIV"
 #define OP_ENC_INT_STR	"IntIV"
 
+#define KEYLEN_JSON_STR		"keyLen"
+#define IVLEN_JSON_STR		"ivLen"
+#define PAYLOADLEN_JSON_STR	"payloadLen"
+#define AADLEN_JSON_STR		"aadLen"
+#define TAGLEN_JSON_STR		"tagLen"
+
+#define KEY_JSON_STR	"key"
+#define IV_JSON_STR		"iv"
+#define PT_JSON_STR		"pt"
+#define CT_JSON_STR		"ct"
+#define AAD_JSON_STR	"aad"
+#define TAG_JSON_STR	"tag"
+#define DIR_JSON_STR	"direction"
+
+#define OP_ENC_JSON_STR	"encrypt"
+#define OP_DEC_JSON_STR	"decrypt"
+
+#define IVGEN_JSON_STR	"ivGen"
+#define OP_ENC_EXT_JSON_STR	"external"
+#define OP_ENC_INT_JSON_STR	"internal"
+
 #define NEG_TEST_STR	"FAIL"
 
 /**
@@ -136,6 +161,40 @@ struct fips_test_callback gcm_enc_vectors[] = {
 		{NULL, NULL, NULL} /**< end pointer */
 };
 
+#ifdef RTE_HAS_JANSSON
+struct fips_test_callback gcm_dec_json_vectors[] = {
+		{KEY_JSON_STR, parse_uint8_known_len_hex_str, &vec.aead.key},
+		{IV_JSON_STR, parse_uint8_known_len_hex_str, &vec.iv},
+		{CT_JSON_STR, parse_gcm_pt_ct_str, &vec.ct},
+		{AAD_JSON_STR, parse_gcm_aad_str, &vec.aead.aad},
+		{TAG_JSON_STR, parse_uint8_known_len_hex_str,
+				&vec.aead.digest},
+		{NULL, NULL, NULL} /**< end pointer */
+};
+
+struct fips_test_callback gcm_interim_json_vectors[] = {
+		{KEYLEN_JSON_STR, parser_read_uint32_bit_val, &vec.aead.key},
+		{IVLEN_JSON_STR, parser_read_uint32_bit_val, &vec.iv},
+		{PAYLOADLEN_JSON_STR, parser_read_gcm_pt_len, &vec.pt},
+		{PAYLOADLEN_JSON_STR, parser_read_uint32_bit_val, &vec.ct},
+		/**< The NIST json test vectors use 'payloadLen' to denote input text
+		 *  length in case of decrypt & encrypt operations.
+		 */
+		{AADLEN_JSON_STR, parser_read_uint32_bit_val, &vec.aead.aad},
+		{TAGLEN_JSON_STR, parser_read_uint32_bit_val,
+				&vec.aead.digest},
+		{NULL, NULL, NULL} /**< end pointer */
+};
+
+struct fips_test_callback gcm_enc_json_vectors[] = {
+		{KEY_JSON_STR, parse_uint8_known_len_hex_str, &vec.aead.key},
+		{IV_JSON_STR, parse_uint8_known_len_hex_str, &vec.iv},
+		{PT_JSON_STR, parse_gcm_pt_ct_str, &vec.pt},
+		{AAD_JSON_STR, parse_gcm_aad_str, &vec.aead.aad},
+		{NULL, NULL, NULL} /**< end pointer */
+};
+#endif /* RTE_HAS_JANSSON */
+
 static int
 parse_test_gcm_writeback(struct fips_val *val)
 {
@@ -194,7 +253,6 @@ parse_test_gcm_init(void)
 	char *tmp;
 	uint32_t i;
 
-
 	for (i = 0; i < info.nb_vec_lines; i++) {
 		char *line = info.vec[i];
 
@@ -218,3 +276,95 @@ parse_test_gcm_init(void)
 
 	return 0;
 }
+
+#ifdef RTE_HAS_JANSSON
+static int
+parse_test_gcm_json_writeback(struct fips_val *val)
+{
+	struct fips_val tmp_val;
+	json_t *tcId, *tag;
+
+	tcId = json_object_get(json_info.json_test_case, "tcId");
+
+	json_info.json_write_case = json_object();
+	json_object_set(json_info.json_write_case, "tcId", tcId);
+
+	if (info.op == FIPS_TEST_ENC_AUTH_GEN) {
+		json_t *ct;
+
+		tmp_val.val = val->val;
+		tmp_val.len = vec.pt.len;
+
+		writeback_hex_str("", info.one_line_text, &tmp_val);
+		ct = json_string(info.one_line_text);
+		json_object_set_new(json_info.json_write_case, CT_JSON_STR, ct);
+
+		if (info.interim_info.gcm_data.gen_iv) {
+			json_t *iv;
+			tmp_val.val = vec.iv.val;
+			tmp_val.len = vec.iv.len;
+
+			writeback_hex_str("", info.one_line_text, &tmp_val);
+			iv = json_string(info.one_line_text);
+			json_object_set_new(json_info.json_write_case, IV_JSON_STR, iv);
+
+			rte_free(vec.iv.val);
+			vec.iv.val = NULL;
+		}
+
+		tmp_val.val = val->val + vec.pt.len;
+		tmp_val.len = val->len - vec.pt.len;
+
+		writeback_hex_str("", info.one_line_text, &tmp_val);
+		tag = json_string(info.one_line_text);
+		json_object_set_new(json_info.json_write_case, TAG_JSON_STR, tag);
+	} else {
+		if (vec.status == RTE_CRYPTO_OP_STATUS_SUCCESS) {
+			if (!info.interim_info.gcm_data.is_gmac) {
+				tmp_val.val = val->val;
+				tmp_val.len = vec.pt.len;
+
+				writeback_hex_str("", info.one_line_text, &tmp_val);
+				json_object_set_new(json_info.json_write_case, PT_JSON_STR,
+					json_string(info.one_line_text));
+			}
+		} else {
+			json_object_set_new(json_info.json_write_case, "testPassed", json_false());
+		}
+	}
+
+	return 0;
+}
+
+int
+parse_test_gcm_json_init(void)
+{
+	json_t *direction_obj;
+	const char *direction_str;
+
+	direction_obj = json_object_get(json_info.json_test_group, DIR_JSON_STR);
+	direction_str = json_string_value(direction_obj);
+	info.interim_info.gcm_data.gen_iv = 0;
+
+	if (strcmp(direction_str, OP_ENC_JSON_STR) == 0) {
+		json_t *ivGen_obj = json_object_get(json_info.json_test_group, IVGEN_JSON_STR);
+		const char *ivGen_str = json_string_value(ivGen_obj);
+
+		info.op = FIPS_TEST_ENC_AUTH_GEN;
+		info.callbacks = gcm_enc_json_vectors;
+
+		if (strcmp(ivGen_str, OP_ENC_INT_JSON_STR) == 0)
+			info.interim_info.gcm_data.gen_iv = 1;
+	} else if (strcmp(direction_str, OP_DEC_JSON_STR) == 0) {
+		info.op = FIPS_TEST_DEC_AUTH_VERIF;
+		info.callbacks = gcm_dec_json_vectors;
+	} else {
+		return -EINVAL;
+	}
+	info.interim_callbacks = gcm_interim_json_vectors;
+	info.parse_writeback = parse_test_gcm_json_writeback;
+
+	return 0;
+}
+
+#endif /* RTE_HAS_JANSSON */

examples/fips_validation/main.c

@@ -1955,11 +1955,12 @@ fips_test_one_test_group(void)
 
 	switch (info.algo) {
 	case FIPS_TEST_ALGO_AES_GCM:
-		ret = parse_test_gcm_init();
+		ret = parse_test_gcm_json_init();
 		break;
 	default:
 		return -EINVAL;
 	}
+
 	if (ret < 0)
 		return ret;