43 Commits

Author SHA1 Message Date
Archana Muniganti
2b84d2bd47 examples/fips_validation: fix count overwrite for TDES
Application updates first line of each test vector with
COUNT = i(where i = 1,2,3..) assuming first line contains
COUNT string. But few of the TDES input test vectors don't
contain COUNT string and thus COUNT is getting overwritten on
other data.

Fixes: 527cbf3d5ee3 ("examples/fips_validation: support TDES parsing")
Cc: stable@dpdk.org

Signed-off-by: Archana Muniganti <marchana@marvell.com>
Signed-off-by: Kanaka Durga Kotamarthy <kkotamarthy@marvell.com>
2020-07-18 23:09:01 +02:00
Ayuj Verma
32440cdf2a examples/fips_validation: fix parsing of TDES vectors
Processing of test vector for COUNT = 0 is getting skipped, as
some of the NIST TDES files doesn't have an empty line after
[ENCRYPT]/[DECRYPT] and thus treated as an interim block.

Parse function now identifies such blocks, separates out interim
and test vector data, and then parses each with their respective
callbacks.

Fixes: 3d0fad56b74a ("examples/fips_validation: add crypto FIPS application")
Cc: stable@dpdk.org

Signed-off-by: Archana Muniganti <marchana@marvell.com>
Signed-off-by: Ayuj Verma <ayverma@marvell.com>
2020-07-18 23:09:01 +02:00
Archana Muniganti
a18622864c examples/fips_validation: fix TDES interim callback
Fix missing callback registration and the incorrect
callback definition for interim NK_STR. The callback
should compare input key against the interim.

Fixes: 527cbf3d5ee3 ("examples/fips_validation: support TDES parsing")
Cc: stable@dpdk.org

Signed-off-by: Archana Muniganti <marchana@marvell.com>
2020-07-18 23:09:01 +02:00
Bruce Richardson
8549295db0 build/pkg-config: improve static linking flags
Rather than setting -Bstatic in the linker flags when doing a static link,
and then having to explicitly set -Bdynamic again afterwards, we can update
the pkg-config file to use -l:libfoo.a syntax to explicitly refer to the
static library in question. Since this syntax is not supported by meson's
pkg-config module directly, we can post-process the .pc files instead to
adjust them.

Once done, we can simplify the examples' makefiles and the docs by removing
the explicit static flag.

Signed-off-by: Bruce Richardson <bruce.richardson@intel.com>
Acked-by: Luca Boccassi <bluca@debian.org>
Acked-by: Sunil Pai G <sunil.pai.g@intel.com>
Signed-off-by: Thomas Monjalon <thomas@monjalon.net>
2020-07-01 19:30:52 +02:00
Archana Muniganti
90ecace4f6 examples/fips_validation: fix parsing of algorithms
Few of the NIST TDES test files don't contain TDES string.
Added indicators to identify such files. These indicators
are part of only NIST TDES test vector files.

Fixes: 527cbf3d5ee3 ("examples/fips_validation: support TDES parsing")
Cc: stable@dpdk.org

Signed-off-by: Archana Muniganti <marchana@marvell.com>
Signed-off-by: Ayuj Verma <ayverma@marvell.com>
Acked-by: Anoob Joseph <anoobj@marvell.com>
2020-05-11 13:17:43 +02:00
Thomas Monjalon
f2fc83b40f replace unused attributes
There is a common macro __rte_unused, avoiding warnings,
which is now used where appropriate for consistency.

Signed-off-by: Thomas Monjalon <thomas@monjalon.net>
2020-04-16 18:30:58 +02:00
Anoob Joseph
b1ea86a07c examples/fips_validation: fix string token for CT length
The NIST test vectors use the string 'PTlen' to denote text lengths
in case of encrypt & decrypt operations. So the same string needs to be
used while parsing PT and CT.

Fixes: 2adb3b4e7e54 ("examples/fips_validation: fix AES-GCM cipher length parsing")

Signed-off-by: Anoob Joseph <anoobj@marvell.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
2020-02-20 16:41:49 +01:00
Fan Zhang
2adb3b4e7e examples/fips_validation: fix AES-GCM cipher length parsing
This patch fixes the cipher len keyword typo.

Fixes: 07f5e4553293 ("examples/fips_validation: fix cipher length for AES-GCM")

Suggested-by: Akhil Goyal <akhil.goyal@nxp.com>
Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: David Marchand <david.marchand@redhat.com>
2020-02-14 16:12:29 +01:00
Sucharitha Sarananaga
d5a9ea551f examples/fips_validation: support AES XTS
AES XTS support is added to fips application. Parse test-vectors
from input files, populate AES XTS tests and prepare AES XTS
operations for fips validation.

Signed-off-by: Abed Kamaluddin <akamaluddin@marvell.com>
Signed-off-by: Archana Muniganti <marchana@marvell.com>
Signed-off-by: Sucharitha Sarananaga <ssarananaga@marvell.com>
2020-02-05 15:20:51 +01:00
Sucharitha Sarananaga
07f5e45532 examples/fips_validation: fix cipher length for AES-GCM
Cipher length need to be updated in case of AES-GCM decryption.

Fixes: 4aaad2995e13 ("examples/fips_validation: support GCM parsing")
Cc: stable@dpdk.org

Signed-off-by: Archana Muniganti <marchana@marvell.com>
Signed-off-by: Sucharitha Sarananaga <ssarananaga@marvell.com>
Acked-by: Anoob Joseph <anoobj@marvell.com>
2020-02-05 15:20:51 +01:00
Sucharitha Sarananaga
51b9292ee0 examples/fips_validation: fix vectors for AES-GCM
Test vectors for AES-GCM need to be populated by using aead member
and not cipher_auth. Using incorrect member would result in failures
when AES-GCM with non-zero AAD is tried.

Bugzilla ID: 360
Fixes: 4aaad2995e13 ("examples/fips_validation: support GCM parsing")

Signed-off-by: Anoob Joseph <anoobj@marvell.com>
Signed-off-by: Sucharitha Sarananaga <ssarananaga@marvell.com>
2019-11-28 16:09:48 +01:00
Bruce Richardson
69b1bb49ed examples: hide error for missing pkg-config path flag
Some versions of pkg-config don't support the --path flag, which is not a
fatal error when building the apps. Without the flag, the makefile just
cannot track the .pc file of DPDK as a dependency of the build. Therefore,
we can ignore the error and suppress it by redirecting to /dev/null the
stderr from that call to pkg-config.

Fixes: 22119c4591a0 ("examples: use pkg-config in makefiles")
Cc: stable@dpdk.org

Signed-off-by: Bruce Richardson <bruce.richardson@intel.com>
Tested-by: Ferruh Yigit <ferruh.yigit@intel.com>
2019-11-20 22:48:32 +01:00
Bruce Richardson
12a652a02b examples: fix build with old pkg-config
Not all versions of pkg-config in distros have support for the
--define-prefix flag [1], causing errors when building examples manually or
with test-meson-builds.sh script [2].

For the former case, we need to remove the hard-coded use of the flag in
the Makefiles.

For the latter case, the flag is necessary for builds to succeed, so we
skip the tests when it's not present, passing it as part of the pkg-config
command if it is supported.

[1]
CentOS Linux release 7.7.1908 (Core)
pkg-config version 0.27.1

[2]
 ## Building cmdline
Unknown option --define-prefix
gmake: Entering directory
`...ild-x86-default/install-root/usr/local/share/dpdk/examples/cmdline'
rm -f build/cmdline build/cmdline-static build/cmdline-shared
test -d build && rmdir -p build || true
Unknown option --define-prefix
Unknown option --define-prefix
gcc -O3  main.c commands.c parse_obj_list.c -o build/cmdline-shared
main.c:14:28: fatal error: cmdline_rdline.h: No such file or directory

Fixes: ca9268529d2b ("examples: support relocated DPDK install")
Fixes: 7f80a2102bbb ("devtools: test pkg-config file")
Cc: stable@dpdk.org

Reported-by: Ferruh Yigit <ferruh.yigit@intel.com>
Signed-off-by: Bruce Richardson <bruce.richardson@intel.com>
Tested-by: Ferruh Yigit <ferruh.yigit@intel.com>
2019-11-20 22:47:15 +01:00
Fan Zhang
82cfb9c24f examples/fips_validation: fix auth verify
Fixes: f64adb6714e0 ("examples/fips_validation: support HMAC parsing")
Cc: stable@dpdk.org

This patch fixes the incorrect mbuf write and digest memory leak in
fips_validation authentication verify.

Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Marko Kovacevic <marko.kovacevic@intel.com>
2019-11-20 12:35:51 +01:00
Michael Shamis
ae65004fa7 examples/fips_validation: separate ECB and CBC init
Separate initialization of IV, PT and CT according to TDES
ECB and CBC crypto modes

Signed-off-by: Michael Shamis <michaelsh@marvell.com>
Reviewed-by: Marko Kovacevic <marko.kovacevic@intel.com>
2019-10-23 16:57:06 +02:00
Michael Shamis
d3190431b5 examples/fips_validation: support AES ECB
Signed-off-by: Michael Shamis <michaelsh@marvell.com>
Reviewed-by: Marko Kovacevic <marko.kovacevic@intel.com>
2019-10-23 16:57:06 +02:00
Michael Shamis
efe3a8dbb6 examples/fips_validation: support TDES ECB
Signed-off-by: Michael Shamis <michaelsh@marvell.com>
Reviewed-by: Marko Kovacevic <marko.kovacevic@intel.com>
2019-10-23 16:57:06 +02:00
Chaitanya Babu Talluri
75b3dddf95 examples/fips_validation: fix null dereferences
One issue caught by Coverity 343408
*deref_parm: Directly dereferencing parameter val->val.

In writeback_tdes_hex_str(), tmp_val is initialised to null.
tmp_val.val is updated only if keys are found.
If keys are not found,it doesn't fails but continues
to invoke writeback_hex_str(),where val->val is accessed
without null check.

The fix is to return the error,
if keys are not found in writeback_tdes_hex_str().

Coverity issue: 343408
Fixes: 527cbf3d5e ("examples/fips_validation: support TDES parsing")
Cc: stable@dpdk.org

Signed-off-by: Chaitanya Babu Talluri <tallurix.chaitanya.babu@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
2019-10-09 11:50:12 +02:00
Anoob Joseph
c9030ae382 cryptodev: add feature flags to disable
Adding a new field, ff_disable, to allow applications to control the
features enabled on the crypto device. This would allow for efficient
usage of HW/SW offloads.

Signed-off-by: Anoob Joseph <anoobj@marvell.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
2019-07-05 15:03:25 +02:00
Fan Zhang
6da6a83ee0 examples/fips_validation: fix logically dead code
Coverity issue: 336866, 336841, 336838
Fixes: 41d561cbdd24 ("examples/fips_validation: add power on self test")
Cc: stable@dpdk.org

Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Marko Kovacevic <marko.kovacevic@intel.com>
2019-07-05 14:52:25 +02:00
Bruce Richardson
4131ad5db7 examples: fix pkg-config detection with older make
Make versions before 4.2 did not have support for the .SHELLSTATUS
variable, so use another method to detect shell success.

Fixes: 22119c4591a0 ("examples: use pkg-config in makefiles")
Cc: stable@dpdk.org

Signed-off-by: Bruce Richardson <bruce.richardson@intel.com>
Acked-by: Luca Boccassi <bluca@debian.org>
2019-07-03 23:10:23 +02:00
Bruce Richardson
ca9268529d examples: support relocated DPDK install
For testing of DPDK, we want to override the prefix given by the
pkg-config file, so that we can get correct paths for DPDK installed
in an unusual location.

Signed-off-by: Bruce Richardson <bruce.richardson@intel.com>
Acked-by: Luca Boccassi <bluca@debian.org>
2019-07-02 18:07:46 +02:00
Bruce Richardson
7e9562a107 examples: fix make clean when using pkg-config
The "make clean" command had a number of issues:
- the "--ignore-fail-on-non-empty" flag is not present on BSD
- the call to remove the build folder would fail if there was no build
  folder present.

These are fixed by only removing the build folder if it exists, and by
using -p flag to rmdir in place of --ignore-fail-on-non-empty

Fixes: 22119c4591a0 ("examples: use pkg-config in makefiles")
Cc: stable@dpdk.org

Signed-off-by: Bruce Richardson <bruce.richardson@intel.com>
Acked-by: Luca Boccassi <bluca@debian.org>
2019-05-20 23:57:47 +02:00
Marko Kovacevic
083a277754 examples/fips_validation: fix CMAC test
As a result of the cmac test running the test where
PT len is 65536 it should give a result back to the
user USER1: Error -1: Prepare op USER1: PT len 65536
as this MSG len is not supported. Issue was
that the application was not freeing the op properly after
a while causing the app to fail.

CRYPTODEV: rte_cryptodev_sym_session_create() line 1340:
couldn't get object from session mempool
USER1: Error -12: test block
USER1: Error -12: Failed test CMAC/req/CMAC.req

Fixes: cd255ccf5764 ("examples/fips_validation: support AES parsing")
Cc: stable@dpdk.org

Signed-off-by: Marko Kovacevic <marko.kovacevic@intel.com>
2019-04-18 16:01:28 +02:00
Marko Kovacevic
07f403e773 examples/fips_validation: fix HMAC test
Application was failing as the HMAC and
Plain SHA fips request files are similar in a
way that they both have SHA- in the top section to
determine the hash algo and hash sizes. And HMAC having the
algo in the second line but the Plain SHA in the third
meant that when the HMAC files was used once it parsed the third
line Plain SHA was set as the algo and not HMAC.

USER1: Failed to get capability for cdev 0
USER1: Error -22: test block
[L=20 SHAAlg=SHA_2]
USER1: Error -22: Failed test /root/FIPS/HMAC/req/HMAC.req

Fixes: f4797bae0050 ("examples/fips_validation: support plain SHA")

Signed-off-by: Marko Kovacevic <marko.kovacevic@intel.com>
2019-04-18 16:01:28 +02:00
Bruce Richardson
e9c6594264 examples: detect default build directory
Most examples have in their makefiles a default RTE_TARGET directory to be
used in case RTE_TARGET is not set. Rather than just using a hard-coded
default, we can instead detect what the build directory is relative to
RTE_SDK directory.

This fixes a potential issue for anyone who continues to build using
"make install T=x86_64-native-linuxapp-gcc" and skips setting RTE_TARGET
explicitly, instead relying on the fact that they were building in a
directory which corresponded to the example default path - which was
changed to "x86_64-native-linux-gcc" by commit 218c4e68c1d9 ("mk: use
linux and freebsd in config names").

Signed-off-by: Bruce Richardson <bruce.richardson@intel.com>
Acked-by: Ferruh Yigit <ferruh.yigit@intel.com>
2019-03-30 01:12:15 +01:00
Damian Nowak
f4797bae00 examples/fips_validation: support plain SHA
This patch enables plain SHA algorithm CAVP test support
in fips_validation sample application.

Signed-off-by: Damian Nowak <damianx.nowak@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Marko Kovacevic <marko.kovacevic@intel.com>
2019-03-22 15:54:24 +01:00
Bruce Richardson
218c4e68c1 mk: use linux and freebsd in config names
Rather than using linuxapp and bsdapp everywhere, we can change things to
use the, more readable, terms "linux" and "freebsd" in our build configs.
Rather than renaming the configs we can just duplicate the existing ones
with the new names using symlinks, and use the new names exclusively
internally. ["make showconfigs" also only shows the new names to keep the
list short] The result is that backward compatibility is kept fully but any
new builds or development can be done using the newer names, i.e.  both
"make config T=x86_64-native-linuxapp-gcc" and "T=x86_64-native-linux-gcc"
work.

Signed-off-by: Bruce Richardson <bruce.richardson@intel.com>
2019-03-12 23:05:06 +01:00
Fan Zhang
26e28801ee examples/fips_validation: fix physical address
This patch fixes the missed digest and aad data physical
addresses filling to crypto operations in fips_validation
sample application.

Fixes: 41d561cbdd24 ("examples/fips_validation: add power on self test")

Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Marko Kovacevic <marko.kovacevic@intel.com>
2019-01-22 17:32:20 +01:00
Fan Zhang
19f4fa70e8 examples/fips_validation: fix session private mempool
This patch fixes the incorrect session private mempool passing
to cryptodev.

Fixes: 41d561cbdd24 ("examples/fips_validation: add power on self test")

Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
2019-01-18 00:09:16 +01:00
Fan Zhang
41d561cbdd examples/fips_validation: add power on self test
This patch adds a sample power on self-test to fips_validate
sample application.

Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Damian Nowak <damianx.nowak@intel.com>
2019-01-10 16:57:22 +01:00
Fan Zhang
261bbff75e examples: use separate crypto session mempools
This patch uses the two session mempool approach to all cryptodev
sample applications. One mempool is for session header objects, and
the other is for session private data.

Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
2019-01-10 16:57:22 +01:00
Fan Zhang
725d2a7fbf cryptodev: change queue pair configure structure
This patch changes the cryptodev queue pair configure structure
to enable two mempool passed into cryptodev PMD simutaneously.

Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
2019-01-10 16:57:22 +01:00
Marko Kovacevic
86ce81af73 examples/fips_validation: fix uninitialized access
Fixing a bug raised in coverity using uninitialized value.

Coverity issue: 325881
Fixes: 527cbf3d5ee3 ("examples/fips_validation: support TDES parsing")

Signed-off-by: Marko Kovacevic <marko.kovacevic@intel.com>
2018-11-07 14:53:36 +01:00
Marko Kovacevic
9252e81a9f examples/fips_validation: fix unitialized variables
Fixed compilation issue with variable which may
be used uninitialized.

Fixes: 527cbf3d5ee3 ("examples/fips_validation: support TDES parsing")

Signed-off-by: Marko Kovacevic <marko.kovacevic@intel.com>
2018-11-06 12:13:49 +01:00
Thomas Monjalon
c05e4ab744 examples/fips_validation: fix build
The example was not added to the Makefile and there are some
compilation errors:

examples/fips_validation/main.c: In function ‘prepare_aead_op’:
error: control reaches end of non-void function
examples/fips_validation/main.c: In function ‘prepare_auth_op’:
error: control reaches end of non-void function

Fixes: 3d0fad56b74a ("examples/fips_validation: add crypto FIPS application")
Fixes: f64adb6714e0 ("examples/fips_validation: support HMAC parsing")
Fixes: 4aaad2995e13 ("examples/fips_validation: support GCM parsing")

Signed-off-by: Thomas Monjalon <thomas@monjalon.net>
Reviewed-by: Ferruh Yigit <ferruh.yigit@intel.com>
Tested-by: Ferruh Yigit <ferruh.yigit@intel.com>
2018-11-05 21:04:18 +01:00
Marko Kovacevic
305921f450 examples/fips_validation: support CCM parsing
Added enablement for CCM parser, to allow the
application to parser the ccm request files and to validate all
test types supported.

Signed-off-by: Marko Kovacevic <marko.kovacevic@intel.com>
Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
Reviewed-by: Akhil Goyal <akhil.goyal@nxp.com>
2018-11-02 12:26:06 +01:00
Marko Kovacevic
ac026f4668 examples/fips_validation: support CMAC parsing
Added enablement for CMAC parser, to allow the
application to parser the cmac request files and to validate all
test types supported.

Signed-off-by: Marko Kovacevic <marko.kovacevic@intel.com>
Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
Reviewed-by: Akhil Goyal <akhil.goyal@nxp.com>
2018-11-02 12:26:06 +01:00
Marko Kovacevic
4aaad2995e examples/fips_validation: support GCM parsing
Added enablement for GCM parser, to allow the
application to parser the GCM request file and to validate all
tests supported.

Signed-off-by: Marko Kovacevic <marko.kovacevic@intel.com>
Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
Reviewed-by: Akhil Goyal <akhil.goyal@nxp.com>
2018-11-02 12:26:06 +01:00
Marko Kovacevic
527cbf3d5e examples/fips_validation: support TDES parsing
Added enablement for TDES parser, to allow the
application to parser the TDES request files and to validate all
test types supported.

Signed-off-by: Marko Kovacevic <marko.kovacevic@intel.com>
Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
Reviewed-by: Akhil Goyal <akhil.goyal@nxp.com>
2018-11-02 12:26:06 +01:00
Marko Kovacevic
f64adb6714 examples/fips_validation: support HMAC parsing
Added enablement for HMAC parser, to allow the
application to parser the hmac request files and to validate all
tests supported

Signed-off-by: Marko Kovacevic <marko.kovacevic@intel.com>
Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
Reviewed-by: Akhil Goyal <akhil.goyal@nxp.com>
2018-11-02 12:26:06 +01:00
Marko Kovacevic
cd255ccf57 examples/fips_validation: support AES parsing
Added enablement for AES-CBC parser, to allow the
application to parser the aes request file and to validate all
test types supported.

Signed-off-by: Marko Kovacevic <marko.kovacevic@intel.com>
Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
Reviewed-by: Akhil Goyal <akhil.goyal@nxp.com>
2018-11-02 12:26:06 +01:00
Marko Kovacevic
3d0fad56b7 examples/fips_validation: add crypto FIPS application
Added FIPS application into the examples to allow
users to use a simple sample app to validate
their systems and be able to get FIPS certification.

Signed-off-by: Marko Kovacevic <marko.kovacevic@intel.com>
Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
Reviewed-by: Akhil Goyal <akhil.goyal@nxp.com>
2018-11-02 12:26:06 +01:00