From patchwork Wed Mar 8 09:45:26 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Dmitry Eremin-Solenikov X-Patchwork-Id: 95021 Delivered-To: patch@linaro.org Received: by 10.140.82.71 with SMTP id g65csp2271899qgd; Wed, 8 Mar 2017 01:46:24 -0800 (PST) X-Received: by 10.55.42.24 with SMTP id q24mr6051233qkh.51.1488966384778; Wed, 08 Mar 2017 01:46:24 -0800 (PST) Return-Path: Received: from lists.linaro.org (lists.linaro.org. [54.225.227.206]) by mx.google.com with ESMTP id q88si2533303qkh.92.2017.03.08.01.46.24; Wed, 08 Mar 2017 01:46:24 -0800 (PST) Received-SPF: pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.225.227.206 as permitted sender) client-ip=54.225.227.206; Authentication-Results: mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.225.227.206 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.linaro.org (Postfix, from userid 109) id DEE4A607FB; Wed, 8 Mar 2017 09:46:17 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on ip-10-142-244-252 X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00, RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, URIBL_BLOCKED autolearn=disabled version=3.4.0 Received: from [127.0.0.1] (localhost [127.0.0.1]) by lists.linaro.org (Postfix) with ESMTP id AD15962DDA; Wed, 8 Mar 2017 09:45:46 +0000 (UTC) X-Original-To: lng-odp@lists.linaro.org Delivered-To: lng-odp@lists.linaro.org Received: by lists.linaro.org (Postfix, from userid 109) id E0C6B62CBB; Wed, 8 Mar 2017 09:45:39 +0000 (UTC) Received: from mail-wm0-f42.google.com (mail-wm0-f42.google.com [74.125.82.42]) by lists.linaro.org (Postfix) with ESMTPS id 1C04B62C44 for ; Wed, 8 Mar 2017 09:45:38 +0000 (UTC) Received: by mail-wm0-f42.google.com with SMTP id t189so25943471wmt.1 for ; Wed, 08 Mar 2017 01:45:38 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references; bh=0UEhPpgrCk+LL+YCavAh/xzxIojsXcCB7wXJRsMv7xI=; b=Qr4+ZNHAu1By/juJYSycp+95qbjOiS7d0OyLN1a1b4OH+bo4K4h4OChwDSwp3ETKZX GbeuHn4UBRV9SdFzhTqCBUivOtZQd3SPT3U8sLNjWOLP3uOMSgzUSSlUm0yChapC3TrI 67WoioBTn1gbyXf6dPHCvrlZb9W/shvvoUPeGRg6d3phyygPKPpOS4e7KFRxbYChblnZ fJcdvG5zpvZsrycy9/oPpcIRDLvJjwMItz7ie2+xafV0M+POFfI4TH0RL3Lv9QwSnAIU bBzr/SibIg0hU6XCz+AaaWvSKLc7bkwhXWhkdaip9UjJTv831IKBTS7mNOr5wu60LbRl IYmw== X-Gm-Message-State: AMke39lNP3wog/3o+/GLqjBUxbBA2Jg4tBrTWrs5mH+ibJQwpv10fF40UuxI15pGtxNEEniQ/tJYNQ== X-Received: by 10.28.129.212 with SMTP id c203mr4551046wmd.19.1488966336836; Wed, 08 Mar 2017 01:45:36 -0800 (PST) Received: from forlindon.c.hoisthospitality.com ([109.74.56.122]) by smtp.gmail.com with ESMTPSA id x133sm22515934wme.22.2017.03.08.01.45.36 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 08 Mar 2017 01:45:36 -0800 (PST) From: Dmitry Eremin-Solenikov To: lng-odp@lists.linaro.org Date: Wed, 8 Mar 2017 12:45:26 +0300 Message-Id: <20170308094533.30795-2-dmitry.ereminsolenikov@linaro.org> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20170308094533.30795-1-dmitry.ereminsolenikov@linaro.org> References: <20170308094533.30795-1-dmitry.ereminsolenikov@linaro.org> Subject: [lng-odp] [API-NEXT 1/8] validation: crypto: add tests for checking message digests X-BeenThere: lng-odp@lists.linaro.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "The OpenDataPlane \(ODP\) List" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: lng-odp-bounces@lists.linaro.org Sender: "lng-odp" Currently ODP testsuite only verifies generation of digests. Let's also verify that checking the digest actually works. Test that check function will accept valid digest and that it will reject wrong digests. Signed-off-by: Dmitry Eremin-Solenikov --- test/common_plat/validation/api/crypto/crypto.h | 12 +- .../validation/api/crypto/odp_crypto_test_inp.c | 172 +++++++++++++++++++-- 2 files changed, 169 insertions(+), 15 deletions(-) -- 2.11.0 diff --git a/test/common_plat/validation/api/crypto/crypto.h b/test/common_plat/validation/api/crypto/crypto.h index c25cbb39..49ca5122 100644 --- a/test/common_plat/validation/api/crypto/crypto.h +++ b/test/common_plat/validation/api/crypto/crypto.h @@ -22,10 +22,14 @@ void crypto_test_enc_alg_aes128_gcm(void); void crypto_test_enc_alg_aes128_gcm_ovr_iv(void); void crypto_test_dec_alg_aes128_gcm(void); void crypto_test_dec_alg_aes128_gcm_ovr_iv(void); -void crypto_test_alg_hmac_md5(void); -void crypto_test_alg_hmac_sha1(void); -void crypto_test_alg_hmac_sha256(void); -void crypto_test_alg_hmac_sha512(void); +void crypto_test_gen_alg_hmac_md5(void); +void crypto_test_check_alg_hmac_md5(void); +void crypto_test_gen_alg_hmac_sha1(void); +void crypto_test_check_alg_hmac_sha1(void); +void crypto_test_gen_alg_hmac_sha256(void); +void crypto_test_check_alg_hmac_sha256(void); +void crypto_test_gen_alg_hmac_sha512(void); +void crypto_test_check_alg_hmac_sha512(void); /* test arrays: */ extern odp_testinfo_t crypto_suite[]; diff --git a/test/common_plat/validation/api/crypto/odp_crypto_test_inp.c b/test/common_plat/validation/api/crypto/odp_crypto_test_inp.c index 42149ac6..9af7ba3b 100644 --- a/test/common_plat/validation/api/crypto/odp_crypto_test_inp.c +++ b/test/common_plat/validation/api/crypto/odp_crypto_test_inp.c @@ -65,6 +65,7 @@ static const char *cipher_alg_name(odp_cipher_alg_t cipher) * buffer can be used. * */ static void alg_test(odp_crypto_op_t op, + odp_bool_t should_fail, odp_cipher_alg_t cipher_alg, odp_crypto_iv_t ses_iv, uint8_t *op_iv_ptr, @@ -239,6 +240,10 @@ static void alg_test(odp_crypto_op_t op, op_params.override_iv_ptr = op_iv_ptr; op_params.hash_result_offset = plaintext_len; + if (0 != digest_len) { + memcpy(data_addr + op_params.hash_result_offset, + digest, digest_len); + } rc = odp_crypto_operation(&op_params, &posted, &result); if (rc < 0) { @@ -259,8 +264,15 @@ static void alg_test(odp_crypto_op_t op, odp_crypto_compl_free(compl_event); } - CU_ASSERT(result.ok); CU_ASSERT(result.pkt == pkt); + CU_ASSERT(result.ctx == (void *)0xdeadbeef); + + if (should_fail) { + CU_ASSERT(!result.ok); + goto cleanup; + } + + CU_ASSERT(result.ok); if (cipher_alg != ODP_CIPHER_ALG_NULL) CU_ASSERT(!memcmp(data_addr, ciphertext, ciphertext_len)); @@ -268,8 +280,6 @@ static void alg_test(odp_crypto_op_t op, if (op == ODP_CRYPTO_OP_ENCODE && auth_alg != ODP_AUTH_ALG_NULL) CU_ASSERT(!memcmp(data_addr + op_params.hash_result_offset, digest, digest_len)); - - CU_ASSERT(result.ctx == (void *)0xdeadbeef); cleanup: rc = odp_crypto_session_destroy(session); CU_ASSERT(!rc); @@ -453,6 +463,7 @@ void crypto_test_enc_alg_3des_cbc(void) continue; alg_test(ODP_CRYPTO_OP_ENCODE, + 0, ODP_CIPHER_ALG_3DES_CBC, iv, NULL, @@ -488,6 +499,7 @@ void crypto_test_enc_alg_3des_cbc_ovr_iv(void) continue; alg_test(ODP_CRYPTO_OP_ENCODE, + 0, ODP_CIPHER_ALG_3DES_CBC, iv, tdes_cbc_reference_iv[i], @@ -527,6 +539,7 @@ void crypto_test_dec_alg_3des_cbc(void) continue; alg_test(ODP_CRYPTO_OP_DECODE, + 0, ODP_CIPHER_ALG_3DES_CBC, iv, NULL, @@ -564,6 +577,7 @@ void crypto_test_dec_alg_3des_cbc_ovr_iv(void) continue; alg_test(ODP_CRYPTO_OP_DECODE, + 0, ODP_CIPHER_ALG_3DES_CBC, iv, tdes_cbc_reference_iv[i], @@ -610,6 +624,7 @@ void crypto_test_enc_alg_aes128_gcm(void) continue; alg_test(ODP_CRYPTO_OP_ENCODE, + 0, ODP_CIPHER_ALG_AES_GCM, iv, NULL, @@ -653,6 +668,7 @@ void crypto_test_enc_alg_aes128_gcm_ovr_iv(void) continue; alg_test(ODP_CRYPTO_OP_ENCODE, + 0, ODP_CIPHER_ALG_AES_GCM, iv, aes128_gcm_reference_iv[i], @@ -699,6 +715,7 @@ void crypto_test_dec_alg_aes128_gcm(void) continue; alg_test(ODP_CRYPTO_OP_DECODE, + 0, ODP_CIPHER_ALG_AES_GCM, iv, NULL, @@ -743,6 +760,7 @@ void crypto_test_dec_alg_aes128_gcm_ovr_iv(void) continue; alg_test(ODP_CRYPTO_OP_DECODE, + 0, ODP_CIPHER_ALG_AES_GCM, iv, aes128_gcm_reference_iv[i], @@ -790,6 +808,7 @@ void crypto_test_enc_alg_aes128_cbc(void) continue; alg_test(ODP_CRYPTO_OP_ENCODE, + 0, ODP_CIPHER_ALG_AES_CBC, iv, NULL, @@ -825,6 +844,7 @@ void crypto_test_enc_alg_aes128_cbc_ovr_iv(void) continue; alg_test(ODP_CRYPTO_OP_ENCODE, + 0, ODP_CIPHER_ALG_AES_CBC, iv, aes128_cbc_reference_iv[i], @@ -864,6 +884,7 @@ void crypto_test_dec_alg_aes128_cbc(void) continue; alg_test(ODP_CRYPTO_OP_DECODE, + 0, ODP_CIPHER_ALG_AES_CBC, iv, NULL, @@ -901,6 +922,7 @@ void crypto_test_dec_alg_aes128_cbc_ovr_iv(void) continue; alg_test(ODP_CRYPTO_OP_DECODE, + 0, ODP_CIPHER_ALG_AES_CBC, iv, aes128_cbc_reference_iv[i], @@ -927,7 +949,7 @@ static int check_alg_hmac_md5(void) * In addition the test verifies if the implementation can use the * packet buffer as completion event buffer. * */ -void crypto_test_alg_hmac_md5(void) +void crypto_test_gen_alg_hmac_md5(void) { odp_crypto_key_t cipher_key = { .data = NULL, .length = 0 }, auth_key = { .data = NULL, .length = 0 }; @@ -946,6 +968,7 @@ void crypto_test_alg_hmac_md5(void) continue; alg_test(ODP_CRYPTO_OP_ENCODE, + 0, ODP_CIPHER_ALG_NULL, iv, iv.data, @@ -961,6 +984,59 @@ void crypto_test_alg_hmac_md5(void) } } +void crypto_test_check_alg_hmac_md5(void) +{ + odp_crypto_key_t cipher_key = { .data = NULL, .length = 0 }, + auth_key = { .data = NULL, .length = 0 }; + odp_crypto_iv_t iv = { .data = NULL, .length = 0 }; + uint8_t wrong_digest[HMAC_MD5_DIGEST_LEN]; + + unsigned int test_vec_num = (sizeof(hmac_md5_reference_length) / + sizeof(hmac_md5_reference_length[0])); + unsigned int i; + + memset(wrong_digest, 0xa5, sizeof(wrong_digest)); + + for (i = 0; i < test_vec_num; i++) { + auth_key.data = hmac_md5_reference_key[i]; + auth_key.length = sizeof(hmac_md5_reference_key[i]); + + if (!check_auth_options(ODP_AUTH_ALG_MD5_HMAC, auth_key.length, + HMAC_MD5_96_CHECK_LEN)) + continue; + + alg_test(ODP_CRYPTO_OP_DECODE, + 0, + ODP_CIPHER_ALG_NULL, + iv, + iv.data, + cipher_key, + ODP_AUTH_ALG_MD5_HMAC, + auth_key, + NULL, NULL, + hmac_md5_reference_plaintext[i], + hmac_md5_reference_length[i], + NULL, 0, + hmac_md5_reference_digest[i], + HMAC_MD5_96_CHECK_LEN); + + alg_test(ODP_CRYPTO_OP_DECODE, + 1, + ODP_CIPHER_ALG_NULL, + iv, + iv.data, + cipher_key, + ODP_AUTH_ALG_MD5_HMAC, + auth_key, + NULL, NULL, + hmac_md5_reference_plaintext[i], + hmac_md5_reference_length[i], + NULL, 0, + wrong_digest, + HMAC_MD5_96_CHECK_LEN); + } +} + static int check_alg_hmac_sha256(void) { return check_alg_support(ODP_CIPHER_ALG_NULL, ODP_AUTH_ALG_SHA256_HMAC); @@ -973,7 +1049,7 @@ static int check_alg_hmac_sha256(void) * In addition the test verifies if the implementation can use the * packet buffer as completion event buffer. * */ -void crypto_test_alg_hmac_sha256(void) +void crypto_test_gen_alg_hmac_sha256(void) { odp_crypto_key_t cipher_key = { .data = NULL, .length = 0 }, auth_key = { .data = NULL, .length = 0 }; @@ -994,6 +1070,47 @@ void crypto_test_alg_hmac_sha256(void) continue; alg_test(ODP_CRYPTO_OP_ENCODE, + 0, + ODP_CIPHER_ALG_NULL, + iv, + iv.data, + cipher_key, + ODP_AUTH_ALG_SHA256_HMAC, + auth_key, + NULL, NULL, + hmac_sha256_reference_plaintext[i], + hmac_sha256_reference_length[i], + NULL, 0, + hmac_sha256_reference_digest[i], + HMAC_SHA256_128_CHECK_LEN); + } +} + +void crypto_test_check_alg_hmac_sha256(void) +{ + odp_crypto_key_t cipher_key = { .data = NULL, .length = 0 }, + auth_key = { .data = NULL, .length = 0 }; + odp_crypto_iv_t iv = { .data = NULL, .length = 0 }; + uint8_t wrong_digest[HMAC_SHA256_DIGEST_LEN]; + + unsigned int test_vec_num = (sizeof(hmac_sha256_reference_length) / + sizeof(hmac_sha256_reference_length[0])); + + unsigned int i; + + memset(wrong_digest, 0xa5, sizeof(wrong_digest)); + + for (i = 0; i < test_vec_num; i++) { + auth_key.data = hmac_sha256_reference_key[i]; + auth_key.length = sizeof(hmac_sha256_reference_key[i]); + + if (!check_auth_options(ODP_AUTH_ALG_SHA256_HMAC, + auth_key.length, + HMAC_SHA256_128_CHECK_LEN)) + continue; + + alg_test(ODP_CRYPTO_OP_DECODE, + 0, ODP_CIPHER_ALG_NULL, iv, iv.data, @@ -1006,6 +1123,21 @@ void crypto_test_alg_hmac_sha256(void) NULL, 0, hmac_sha256_reference_digest[i], HMAC_SHA256_128_CHECK_LEN); + + alg_test(ODP_CRYPTO_OP_DECODE, + 1, + ODP_CIPHER_ALG_NULL, + iv, + iv.data, + cipher_key, + ODP_AUTH_ALG_SHA256_HMAC, + auth_key, + NULL, NULL, + hmac_sha256_reference_plaintext[i], + hmac_sha256_reference_length[i], + NULL, 0, + wrong_digest, + HMAC_SHA256_128_CHECK_LEN); } } @@ -1014,7 +1146,12 @@ static int check_alg_hmac_sha1(void) return check_alg_support(ODP_CIPHER_ALG_NULL, ODP_AUTH_ALG_SHA1_HMAC); } -void crypto_test_alg_hmac_sha1(void) +void crypto_test_gen_alg_hmac_sha1(void) +{ + printf(" TEST NOT IMPLEMENTED YET "); +} + +void crypto_test_check_alg_hmac_sha1(void) { printf(" TEST NOT IMPLEMENTED YET "); } @@ -1024,7 +1161,12 @@ static int check_alg_hmac_sha512(void) return check_alg_support(ODP_CIPHER_ALG_NULL, ODP_AUTH_ALG_SHA512_HMAC); } -void crypto_test_alg_hmac_sha512(void) +void crypto_test_gen_alg_hmac_sha512(void) +{ + printf(" TEST NOT IMPLEMENTED YET "); +} + +void crypto_test_check_alg_hmac_sha512(void) { printf(" TEST NOT IMPLEMENTED YET "); } @@ -1078,13 +1220,21 @@ odp_testinfo_t crypto_suite[] = { check_alg_aes_gcm), ODP_TEST_INFO_CONDITIONAL(crypto_test_dec_alg_aes128_gcm_ovr_iv, check_alg_aes_gcm), - ODP_TEST_INFO_CONDITIONAL(crypto_test_alg_hmac_md5, + ODP_TEST_INFO_CONDITIONAL(crypto_test_gen_alg_hmac_md5, + check_alg_hmac_md5), + ODP_TEST_INFO_CONDITIONAL(crypto_test_check_alg_hmac_md5, check_alg_hmac_md5), - ODP_TEST_INFO_CONDITIONAL(crypto_test_alg_hmac_sha1, + ODP_TEST_INFO_CONDITIONAL(crypto_test_gen_alg_hmac_sha1, check_alg_hmac_sha1), - ODP_TEST_INFO_CONDITIONAL(crypto_test_alg_hmac_sha256, + ODP_TEST_INFO_CONDITIONAL(crypto_test_check_alg_hmac_sha1, + check_alg_hmac_sha1), + ODP_TEST_INFO_CONDITIONAL(crypto_test_gen_alg_hmac_sha256, + check_alg_hmac_sha256), + ODP_TEST_INFO_CONDITIONAL(crypto_test_check_alg_hmac_sha256, check_alg_hmac_sha256), - ODP_TEST_INFO_CONDITIONAL(crypto_test_alg_hmac_sha512, + ODP_TEST_INFO_CONDITIONAL(crypto_test_gen_alg_hmac_sha512, + check_alg_hmac_sha512), + ODP_TEST_INFO_CONDITIONAL(crypto_test_check_alg_hmac_sha512, check_alg_hmac_sha512), ODP_TEST_INFO_NULL, };