examples/fips_validation: support TDES ECB

Signed-off-by: Michael Shamis <michaelsh@marvell.com> Reviewed-by: Marko Kovacevic <marko.kovacevic@intel.com>
2019-10-01 14:22:53 +03:00 · 2019-10-01 14:22:53 +03:00 · efe3a8dbb6
commit efe3a8dbb6
parent 8524b44ebc
4 changed files with 38 additions and 4 deletions
--- a/examples/fips_validation/fips_validation.c
+++ b/examples/fips_validation/fips_validation.c
@ -257,6 +257,7 @@ fips_test_init(const char *req_file_path, const char *rsp_file_path,

 	fips_test_clear();

+	strcpy(info.file_name, req_file_path);
 	info.algo = FIPS_TEST_ALGO_MAX;
 	if (parse_file_type(req_file_path) < 0) {
 		RTE_LOG(ERR, USER1, "File %s type not supported\n",
--- a/examples/fips_validation/fips_validation.h
+++ b/examples/fips_validation/fips_validation.h
@ -105,6 +105,11 @@ enum fips_tdes_test_types {
 	TDES_MMT /* Multi block Message Test */
 };

+enum fips_tdes_test_mode {
+	TDES_MODE_CBC = 0,
+	TDES_MODE_ECB
+};
+
 enum fips_ccm_test_types {
 	CCM_VADT	= 1, /* Variable Associated Data Test */
 	CCM_VPT,		 /* Variable Payload Test */
@ -130,6 +135,7 @@ struct hmac_interim_data {

 struct tdes_interim_data {
 	enum fips_tdes_test_types test_type;
+	enum fips_tdes_test_mode test_mode;
 	uint32_t nb_keys;
 };

@ -156,6 +162,7 @@ struct fips_test_interim_info {
 	char *vec[MAX_LINE_PER_VECTOR];
 	uint32_t nb_vec_lines;
 	char device_name[MAX_STRING_SIZE];
+	char file_name[MAX_STRING_SIZE];

 	union {
 		struct aesavs_interim_data aes_data;
--- a/examples/fips_validation/fips_validation_tdes.c
+++ b/examples/fips_validation/fips_validation_tdes.c
@ -12,6 +12,7 @@

 #define NEW_LINE_STR	"#"
 #define TEST_TYPE_KEY	" for CBC"
+#define TEST_TYPE_ECB_KEY	" for ECB"
 #define TEST_CBCI_KEY	" for CBCI"

 #define ENC_STR		"[ENCRYPT]"
@ -252,6 +253,12 @@ parse_test_tdes_init(void)
 			if (strstr(line, test_types[j].desc)) {
 				info.interim_info.tdes_data.test_type =
 						test_types[j].type;
+				if (strstr(line, TEST_TYPE_ECB_KEY))
+					info.interim_info.tdes_data.test_mode =
+						TDES_MODE_ECB;
+				else
+					info.interim_info.tdes_data.test_mode =
+						TDES_MODE_CBC;
 				break;
 			}
 	}
--- a/examples/fips_validation/main.c
+++ b/examples/fips_validation/main.c
@ -689,16 +689,24 @@ prepare_tdes_xform(struct rte_crypto_sym_xform *xform)

 	xform->type = RTE_CRYPTO_SYM_XFORM_CIPHER;

-	cipher_xform->algo = RTE_CRYPTO_CIPHER_3DES_CBC;
+	if (info.interim_info.tdes_data.test_mode == TDES_MODE_CBC)
+		cipher_xform->algo = RTE_CRYPTO_CIPHER_3DES_CBC;
+	else
+		cipher_xform->algo = RTE_CRYPTO_CIPHER_3DES_ECB;
 	cipher_xform->op = (info.op == FIPS_TEST_ENC_AUTH_GEN) ?
 			RTE_CRYPTO_CIPHER_OP_ENCRYPT :
 			RTE_CRYPTO_CIPHER_OP_DECRYPT;
 	cipher_xform->key.data = vec.cipher_auth.key.val;
 	cipher_xform->key.length = vec.cipher_auth.key.len;
-	cipher_xform->iv.length = vec.iv.len;
-	cipher_xform->iv.offset = IV_OFF;

-	cap_idx.algo.cipher = RTE_CRYPTO_CIPHER_3DES_CBC;
+	if (cipher_xform->algo == RTE_CRYPTO_CIPHER_3DES_CBC) {
+		cipher_xform->iv.length = vec.iv.len;
+		cipher_xform->iv.offset = IV_OFF;
+	} else {
+		cipher_xform->iv.length = 0;
+		cipher_xform->iv.offset = 0;
+	}
+	cap_idx.algo.cipher = cipher_xform->algo;
 	cap_idx.type = RTE_CRYPTO_SYM_XFORM_CIPHER;

 	cap = rte_cryptodev_sym_capability_get(env.dev_id, &cap_idx);
@ -1387,6 +1395,17 @@ init_test_ops(void)
 			test_ops.test = fips_generic_test;
 		break;
 	default:
+		if (strstr(info.file_name, "TECB") ||
+				strstr(info.file_name, "TCBC")) {
+			info.algo = FIPS_TEST_ALGO_TDES;
+			test_ops.prepare_op = prepare_cipher_op;
+			test_ops.prepare_xform	= prepare_tdes_xform;
+			if (info.interim_info.tdes_data.test_type == TDES_MCT)
+				test_ops.test = fips_mct_tdes_test;
+			else
+				test_ops.test = fips_generic_test;
+			break;
+		}
 		return -1;
 	}