test/crypto: add ZUC test cases for auth-cipher

This patch adds test cases for zuc in-place
and out-of-place auth-cipher operations. Test
cases include buffer appended digest generation
with encryption and buffer decryption with
appended digest verification.

Signed-off-by: Damian Nowak <damianx.nowak@intel.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>

app/test/test_cryptodev.c

@@ -4952,6 +4952,170 @@ test_zuc_authentication(const struct wireless_test_data *tdata)
 	return 0;
 }
 
+static int
+test_zuc_auth_cipher(const struct wireless_test_data *tdata,
+	uint8_t op_mode, uint8_t verify)
+{
+	struct crypto_testsuite_params *ts_params = &testsuite_params;
+	struct crypto_unittest_params *ut_params = &unittest_params;
+
+	int retval;
+
+	uint8_t *plaintext = NULL, *ciphertext = NULL;
+	unsigned int plaintext_pad_len;
+	unsigned int plaintext_len;
+	unsigned int ciphertext_pad_len;
+	unsigned int ciphertext_len;
+
+	struct rte_cryptodev_info dev_info;
+
+	rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info);
+
+	uint64_t feat_flags = dev_info.feature_flags;
+
+	if (op_mode == OUT_OF_PLACE) {
+		if (!(feat_flags & RTE_CRYPTODEV_FF_DIGEST_ENCRYPTED)) {
+			printf("Device doesn't support digest encrypted.\n");
+			return -ENOTSUP;
+		}
+	}
+
+	/* Create KASUMI session */
+	retval = create_wireless_algo_auth_cipher_session(
+			ts_params->valid_devs[0],
+			(verify ? RTE_CRYPTO_CIPHER_OP_DECRYPT
+					: RTE_CRYPTO_CIPHER_OP_ENCRYPT),
+			(verify ? RTE_CRYPTO_AUTH_OP_VERIFY
+					: RTE_CRYPTO_AUTH_OP_GENERATE),
+			RTE_CRYPTO_AUTH_ZUC_EIA3,
+			RTE_CRYPTO_CIPHER_ZUC_EEA3,
+			tdata->key.data, tdata->key.len,
+			tdata->auth_iv.len, tdata->digest.len,
+			tdata->cipher_iv.len);
+
+	if (retval < 0)
+		return retval;
+
+	ut_params->ibuf = rte_pktmbuf_alloc(ts_params->mbuf_pool);
+	if (op_mode == OUT_OF_PLACE)
+		ut_params->obuf = rte_pktmbuf_alloc(ts_params->mbuf_pool);
+
+	/* clear mbuf payload */
+	memset(rte_pktmbuf_mtod(ut_params->ibuf, uint8_t *), 0,
+		rte_pktmbuf_tailroom(ut_params->ibuf));
+	if (op_mode == OUT_OF_PLACE)
+		memset(rte_pktmbuf_mtod(ut_params->obuf, uint8_t *), 0,
+			rte_pktmbuf_tailroom(ut_params->obuf));
+
+	ciphertext_len = ceil_byte_length(tdata->ciphertext.len);
+	plaintext_len = ceil_byte_length(tdata->plaintext.len);
+	/* Append data which is padded to a multiple of */
+	/* the algorithms block size */
+	ciphertext_pad_len = RTE_ALIGN_CEIL(ciphertext_len, 16);
+	plaintext_pad_len = RTE_ALIGN_CEIL(plaintext_len, 16);
+
+	if (verify) {
+		ciphertext = (uint8_t *)rte_pktmbuf_append(ut_params->ibuf,
+					ciphertext_pad_len);
+		memcpy(ciphertext, tdata->ciphertext.data, ciphertext_len);
+		if (op_mode == OUT_OF_PLACE)
+			rte_pktmbuf_append(ut_params->obuf, ciphertext_pad_len);
+		debug_hexdump(stdout, "ciphertext:", ciphertext,
+			ciphertext_len);
+	} else {
+		plaintext = (uint8_t *)rte_pktmbuf_append(ut_params->ibuf,
+					plaintext_pad_len);
+		memcpy(plaintext, tdata->plaintext.data, plaintext_len);
+		if (op_mode == OUT_OF_PLACE)
+			rte_pktmbuf_append(ut_params->obuf, plaintext_pad_len);
+		debug_hexdump(stdout, "plaintext:", plaintext,
+			plaintext_len);
+	}
+
+	/* Create ZUC operation */
+	retval = create_wireless_algo_auth_cipher_operation(
+		tdata->digest.len,
+		tdata->cipher_iv.data, tdata->cipher_iv.len,
+		tdata->auth_iv.data, tdata->auth_iv.len,
+		(tdata->digest.offset_bytes == 0 ?
+		(verify ? ciphertext_pad_len : plaintext_pad_len)
+			: tdata->digest.offset_bytes),
+		tdata->validCipherLenInBits.len,
+		tdata->validCipherOffsetInBits.len,
+		tdata->validAuthLenInBits.len,
+		0,
+		op_mode);
+
+	if (retval < 0)
+		return retval;
+
+	ut_params->op = process_crypto_request(ts_params->valid_devs[0],
+			ut_params->op);
+
+	TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf");
+
+	ut_params->obuf = (op_mode == IN_PLACE ?
+		ut_params->op->sym->m_src : ut_params->op->sym->m_dst);
+
+
+	if (verify) {
+		if (ut_params->obuf)
+			plaintext = rte_pktmbuf_mtod(ut_params->obuf,
+							uint8_t *);
+		else
+			plaintext = ciphertext;
+
+		debug_hexdump(stdout, "plaintext:", plaintext,
+			(tdata->plaintext.len >> 3) - tdata->digest.len);
+		debug_hexdump(stdout, "plaintext expected:",
+			tdata->plaintext.data,
+			(tdata->plaintext.len >> 3) - tdata->digest.len);
+	} else {
+		if (ut_params->obuf)
+			ciphertext = rte_pktmbuf_mtod(ut_params->obuf,
+							uint8_t *);
+		else
+			ciphertext = plaintext;
+
+		debug_hexdump(stdout, "ciphertext:", ciphertext,
+			ciphertext_len);
+		debug_hexdump(stdout, "ciphertext expected:",
+			tdata->ciphertext.data, tdata->ciphertext.len >> 3);
+
+		ut_params->digest = rte_pktmbuf_mtod(
+			ut_params->obuf, uint8_t *) +
+			(tdata->digest.offset_bytes == 0 ?
+			plaintext_pad_len : tdata->digest.offset_bytes);
+
+		debug_hexdump(stdout, "digest:", ut_params->digest,
+			tdata->digest.len);
+		debug_hexdump(stdout, "digest expected:",
+			tdata->digest.data, tdata->digest.len);
+	}
+
+	/* Validate obuf */
+	if (verify) {
+		TEST_ASSERT_BUFFERS_ARE_EQUAL_BIT(
+			plaintext,
+			tdata->plaintext.data,
+			tdata->plaintext.len >> 3,
+			"ZUC Plaintext data not as expected");
+	} else {
+		TEST_ASSERT_BUFFERS_ARE_EQUAL_BIT(
+			ciphertext,
+			tdata->ciphertext.data,
+			tdata->ciphertext.len >> 3,
+			"ZUC Ciphertext data not as expected");
+
+		TEST_ASSERT_BUFFERS_ARE_EQUAL(
+			ut_params->digest,
+			tdata->digest.data,
+			DIGEST_BYTE_LENGTH_KASUMI_F9,
+			"ZUC Generated auth tag not as expected");
+	}
+	return 0;
+}
+
 static int
 test_kasumi_encryption_test_case_1(void)
 {
@@ -5369,6 +5533,34 @@ test_zuc_cipher_auth_test_case_2(void)
 	return test_zuc_cipher_auth(&zuc_test_case_cipher_800b_auth_120b);
 }
 
+static int
+test_zuc_auth_cipher_test_case_1(void)
+{
+	return test_zuc_auth_cipher(
+		&zuc_auth_cipher_test_case_1, IN_PLACE, 0);
+}
+
+static int
+test_zuc_auth_cipher_test_case_1_oop(void)
+{
+	return test_zuc_auth_cipher(
+		&zuc_auth_cipher_test_case_1, OUT_OF_PLACE, 0);
+}
+
+static int
+test_zuc_auth_cipher_verify_test_case_1(void)
+{
+	return test_zuc_auth_cipher(
+		&zuc_auth_cipher_test_case_1, IN_PLACE, 1);
+}
+
+static int
+test_zuc_auth_cipher_verify_test_case_1_oop(void)
+{
+	return test_zuc_auth_cipher(
+		&zuc_auth_cipher_test_case_1, OUT_OF_PLACE, 1);
+}
+
 static int
 test_3DES_chain_qat_all(void)
 {
@@ -9480,6 +9672,18 @@ static struct unit_test_suite cryptodev_qat_testsuite  = {
 		TEST_CASE_ST(ut_setup, ut_teardown,
 			test_zuc_cipher_auth_test_case_2),
 
+		/** ZUC generate auth, then encrypt (EEA3) */
+		TEST_CASE_ST(ut_setup, ut_teardown,
+			test_zuc_auth_cipher_test_case_1),
+		TEST_CASE_ST(ut_setup, ut_teardown,
+			test_zuc_auth_cipher_test_case_1_oop),
+
+		/** ZUC decrypt (EEA3), then verify auth */
+		TEST_CASE_ST(ut_setup, ut_teardown,
+			test_zuc_auth_cipher_verify_test_case_1),
+		TEST_CASE_ST(ut_setup, ut_teardown,
+			test_zuc_auth_cipher_verify_test_case_1_oop),
+
 		/** HMAC_MD5 Authentication */
 		TEST_CASE_ST(ut_setup, ut_teardown,
 			test_MD5_HMAC_generate_case_1),

app/test/test_cryptodev_zuc_test_vectors.h

@@ -34,6 +34,11 @@ struct wireless_test_data {
 		unsigned len;
 	} validCipherLenInBits;
 
+	struct {
+		unsigned int len;
+	} validCipherOffsetInBits;
+
+
 	struct {
 		unsigned len;
 	} validAuthLenInBits;
@@ -46,6 +51,7 @@ struct wireless_test_data {
 	struct {
 		uint8_t data[64];
 		unsigned len;
+		unsigned int offset_bytes; /* offset must be in Bytes */
 	} digest;
 };
 static struct wireless_test_data zuc_test_case_cipher_193b = {
@@ -1040,4 +1046,87 @@ static struct wireless_test_data zuc_test_case_auth_584b = {
 	}
 };
 
+struct wireless_test_data zuc_auth_cipher_test_case_1 = {
+	.key = {
+		.data = {
+			0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
+			0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, 0x10
+		},
+		.len = 16
+	},
+	.cipher_iv = {
+		.data = {
+			0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
+			0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
+		},
+		.len = 16
+	},
+	.auth_iv = {
+		.data = {
+			0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
+			0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
+		},
+		.len = 16
+	},
+	.plaintext = {
+		.data = {
+			0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A,
+			0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A,
+			0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A,
+			0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A,
+			0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A,
+			0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A,
+			0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A,
+			0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A,
+			0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A,
+			0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A,
+			0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A,
+			0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A,
+			0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A,
+			0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A,
+			0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A,
+			0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A
+		},
+		.len = 128 << 3
+	},
+	.ciphertext = {
+		.data = {
+			0x5A, 0x5A, 0xDB, 0x3D, 0xD5, 0xB7, 0xB9, 0x58,
+			0xA5, 0xD3, 0xE3, 0xF9, 0x18, 0x73, 0xB4, 0x74,
+			0x05, 0xF0, 0xE9, 0xB6, 0x5D, 0x9A, 0xE3, 0xFA,
+			0x5D, 0xFD, 0x24, 0x51, 0xAD, 0x73, 0xCA, 0x64,
+			0x91, 0xD5, 0xB3, 0x94, 0x10, 0x91, 0x89, 0xEA,
+			0x73, 0x6F, 0xB0, 0x2A, 0x0A, 0x63, 0x0F, 0x8D,
+			0x64, 0x87, 0xA3, 0x14, 0x6B, 0x93, 0x31, 0x0F,
+			0x14, 0xAD, 0xEA, 0x62, 0x80, 0x3F, 0x44, 0xDD,
+			0x4E, 0x30, 0xFA, 0xC8, 0x0E, 0x5F, 0x46, 0xE7,
+			0x60, 0xEC, 0xDF, 0x8B, 0x94, 0x7D, 0x2E, 0x63,
+			0x48, 0xD9, 0x69, 0x06, 0x13, 0xF2, 0x20, 0x49,
+			0x54, 0xA6, 0xD4, 0x98, 0xF4, 0xF6, 0x1D, 0x4A,
+			0xC9, 0xA5, 0xDA, 0x46, 0x3D, 0xD9, 0x02, 0x47,
+			0x1C, 0x20, 0x73, 0x35, 0x17, 0x1D, 0x81, 0x8D,
+			0x2E, 0xCD, 0x70, 0x37, 0x22, 0x55, 0x3C, 0xF3,
+			0xDA, 0x70, 0x42, 0x12, 0x0E, 0xAA, 0xC4, 0xAB
+		},
+		.len = 128 << 3
+	},
+	.validDataLenInBits = {
+		.len = 128 << 3
+	},
+	.validCipherLenInBits = {
+		.len = 126 << 3
+	},
+	.validAuthLenInBits = {
+		.len = 124 << 3
+	},
+	.validCipherOffsetInBits = {
+		.len = 2 << 3
+	},
+	.digest = {
+		.data = {0x0E, 0xAA, 0xC4, 0xAB},
+		.len  = 4,
+		.offset_bytes = 124
+	}
+};
+
 #endif /* TEST_CRYPTODEV_ZUC_TEST_VECTORS_H_ */