This patch adds support in fips_validation app to validate ECDSA.
Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
Acked-by: Brian Dooley <brian.dooley@intel.com>
Add support for asymmetric crypto validation starting with RSA.
For the generation of crypto values which is multiprecision in
math, openssl library is used only for this purpose.
Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
Acked-by: Brian Dooley <brian.dooley@intel.com>
Added functionality to parse algorithm for AES CTR test
Signed-off-by: Brian Dooley <brian.dooley@intel.com>
Acked-by: Kai Ji <kai.ji@intel.com>
Acked-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
Added functionality to parse algorithm for AES GMAC test.
Signed-off-by: Brian Dooley <brian.dooley@intel.com>
Acked-by: Kai Ji <kai.ji@intel.com>
Acked-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
In asym op, while parsing test interim info, existing buffer of size
256 bytes is not sufficient, hence setting it to maximum that a test
would need.
Fixes: 58cc98801e ("examples/fips_validation: add JSON parsing")
Cc: stable@dpdk.org
Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
Acked-by: Brian Dooley <brian.dooley@intel.com>
Added function to calculate hash size for a given SHA hash algorithm.
Fixes: d5c247145c ("examples/fips_validation: add parsing for SHA")
Cc: stable@dpdk.org
Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
Acked-by: Brian Dooley <brian.dooley@intel.com>
Asym tests need a callback to write interim info in expected output.
Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
Acked-by: Brian Dooley <brian.dooley@intel.com>
Added function to parse algorithm for TDES CBC and ECB tests in JSON.
Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
Acked-by: Brian Dooley <brian.dooley@intel.com>
Added function to parse algorithm for SHA test.
Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
Added function to parse algorithm for AES XTS test.
Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
Add algorithm enum specifically for AES_CBC instead of relying on
AES as such.
Fixes: 8b8546aaed ("examples/fips_validation: add parsing for AES-CBC")
Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
When compiling this example out of DPDK, linking the executable fails
with:
## Building fips_validation
/usr/bin/ld: /tmp/ccQjeHBg.o: in function `fips_test_init':
fips_validation.c:(.text+0x7ab): undefined reference to `json_loadf'
/usr/bin/ld: /tmp/ccQjeHBg.o: in function
`fips_test_parse_one_json_vector_set':
fips_validation.c:(.text+0xc2e): undefined reference to `json_object_get'
/usr/bin/ld: fips_validation.c:(.text+0xc36): undefined reference to
`json_string_value'
/usr/bin/ld: /tmp/ccQjeHBg.o: in function `fips_test_parse_one_json_group':
fips_validation.c:(.text+0xd00): undefined reference to `json_object_get'
/usr/bin/ld: fips_validation.c:(.text+0xd14): undefined reference to
`json_integer_value'
...
Code in an example can't rely on RTE_HAS_JANSSON, because it only
indicates that the jansson library was available at the time of dpdk
compilation.
Prefer a local build flag (like what is done in vm_power_manager).
And add linking to libjansson, if available.
Fixes: f556293fd5 ("examples/fips_validation: add JSON info to header")
Signed-off-by: David Marchand <david.marchand@redhat.com>
Acked-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
Added function to parse algorithm for AES_CBC test.
Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
Tested-by: Jakub Poczatek <jakub.poczatek@intel.com>
Implemented JSON support for the CMAC test.
Signed-off-by: Brandon Lo <blo@iol.unh.edu>
Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
Tested-by: Jakub Poczatek <jakub.poczatek@intel.com>
Added JSON support for the HMAC algorithm.
Signed-off-by: Brandon Lo <blo@iol.unh.edu>
Acked-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
Tested-by: Jakub Poczatek <jakub.poczatek@intel.com>
Added JSON-specific testing and writeback functions which allows
the user to test AES-GCM vector sets.
Signed-off-by: Brandon Lo <blo@iol.unh.edu>
Acked-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
Tested-by: Jakub Poczatek <jakub.poczatek@intel.com>
Added JSON-specific functions and other information needed to
test the new FIPS test vectors.
Signed-off-by: Brandon Lo <blo@iol.unh.edu>
Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
Tested-by: Jakub Poczatek <jakub.poczatek@intel.com>
Instead of using getopt_long return value, strcmp was used to
compare the input parameters with the struct option array. This
patch get rid of all those strcmp by directly binding each longopt
with an int enum. This is to improve readability and consistency in
all examples.
Bugzilla ID: 238
Reported-by: David Marchand <david.marchand@redhat.com>
Signed-off-by: Ibtisam Tariq <ibtisam.tariq@emumba.com>
Reviewed-by: David Marchand <david.marchand@redhat.com>
This patch updates fips validation GCM test capabilities:
- In NIST GCMVS spec GMAC test vectors are the GCM ones with
plaintext length as 0 and uses AAD as input data. Originally
fips_validation tests treats them both as GCM test vectors.
This patch introduce automatic test type recognition between
the two: when plaintext length is 0 the prepare_gmac_xform
and prepare_auth_op functions are called, otherwise
prepare_gcm_xform and prepare_aead_op functions are called.
- NIST GCMVS also specified externally or internally IV
generation. When IV is to be generated by IUT internally IUT
shall store the generated IV in the response file. This patch
also adds the support to that.
Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
Signed-off-by: Weqaar Janjua <weqaar.a.janjua@intel.com>
Acked-by: John Griffin <john.griffin@intel.com>
This patch adds SGL support to FIPS sample application.
Originally the application allocates single mbuf of 64KB - 1
bytes data room. With the change the user may reduce the
mbuf dataroom size by using the add cmdline option. If the
input test data is longer than the user provided data room
size the application will automatically build chained mbufs
for the target cryptodev PMD to test.
Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: John Griffin <john.griffin@intel.com>
If the file name is larger than MAX_STRING_SIZE (64), strcpy()
will overwrite the content of memory.
Replace strcpy() by rte_strscpy(), check its return value, and
increase file_name size to 256.
Fixes: 3d0fad56b7 ("examples/fips_validation: add crypto FIPS application")
Cc: stable@dpdk.org
Signed-off-by: Olivier Matz <olivier.matz@6wind.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
Processing of test vector for COUNT = 0 is getting skipped, as
some of the NIST TDES files doesn't have an empty line after
[ENCRYPT]/[DECRYPT] and thus treated as an interim block.
Parse function now identifies such blocks, separates out interim
and test vector data, and then parses each with their respective
callbacks.
Fixes: 3d0fad56b7 ("examples/fips_validation: add crypto FIPS application")
Cc: stable@dpdk.org
Signed-off-by: Archana Muniganti <marchana@marvell.com>
Signed-off-by: Ayuj Verma <ayverma@marvell.com>
AES XTS support is added to fips application. Parse test-vectors
from input files, populate AES XTS tests and prepare AES XTS
operations for fips validation.
Signed-off-by: Abed Kamaluddin <akamaluddin@marvell.com>
Signed-off-by: Archana Muniganti <marchana@marvell.com>
Signed-off-by: Sucharitha Sarananaga <ssarananaga@marvell.com>
This patch enables plain SHA algorithm CAVP test support
in fips_validation sample application.
Signed-off-by: Damian Nowak <damianx.nowak@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Marko Kovacevic <marko.kovacevic@intel.com>
Added enablement for CCM parser, to allow the
application to parser the ccm request files and to validate all
test types supported.
Signed-off-by: Marko Kovacevic <marko.kovacevic@intel.com>
Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
Reviewed-by: Akhil Goyal <akhil.goyal@nxp.com>
Added enablement for CMAC parser, to allow the
application to parser the cmac request files and to validate all
test types supported.
Signed-off-by: Marko Kovacevic <marko.kovacevic@intel.com>
Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
Reviewed-by: Akhil Goyal <akhil.goyal@nxp.com>
Added enablement for GCM parser, to allow the
application to parser the GCM request file and to validate all
tests supported.
Signed-off-by: Marko Kovacevic <marko.kovacevic@intel.com>
Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
Reviewed-by: Akhil Goyal <akhil.goyal@nxp.com>
Added enablement for TDES parser, to allow the
application to parser the TDES request files and to validate all
test types supported.
Signed-off-by: Marko Kovacevic <marko.kovacevic@intel.com>
Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
Reviewed-by: Akhil Goyal <akhil.goyal@nxp.com>
Added enablement for HMAC parser, to allow the
application to parser the hmac request files and to validate all
tests supported
Signed-off-by: Marko Kovacevic <marko.kovacevic@intel.com>
Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
Reviewed-by: Akhil Goyal <akhil.goyal@nxp.com>
Added enablement for AES-CBC parser, to allow the
application to parser the aes request file and to validate all
test types supported.
Signed-off-by: Marko Kovacevic <marko.kovacevic@intel.com>
Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
Reviewed-by: Akhil Goyal <akhil.goyal@nxp.com>
Added FIPS application into the examples to allow
users to use a simple sample app to validate
their systems and be able to get FIPS certification.
Signed-off-by: Marko Kovacevic <marko.kovacevic@intel.com>
Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
Reviewed-by: Akhil Goyal <akhil.goyal@nxp.com>
