1d30ea906Sjfb8856606 /* SPDX-License-Identifier: BSD-3-Clause
2d30ea906Sjfb8856606 * Copyright(c) 2018 Intel Corporation
3d30ea906Sjfb8856606 */
4d30ea906Sjfb8856606
5d30ea906Sjfb8856606 #include <string.h>
6d30ea906Sjfb8856606 #include <time.h>
7d30ea906Sjfb8856606 #include <stdio.h>
8d30ea906Sjfb8856606
9d30ea906Sjfb8856606 #include <rte_cryptodev.h>
10*2d9fd380Sjfb8856606 #include <rte_malloc.h>
11d30ea906Sjfb8856606
12d30ea906Sjfb8856606 #include "fips_validation.h"
13d30ea906Sjfb8856606
14d30ea906Sjfb8856606 #define NEW_LINE_STR "#"
15d30ea906Sjfb8856606 #define OP_STR "GCM "
16d30ea906Sjfb8856606
17d30ea906Sjfb8856606 #define PARAM_PREFIX "["
18d30ea906Sjfb8856606 #define KEYLEN_STR "Keylen = "
19d30ea906Sjfb8856606 #define IVLEN_STR "IVlen = "
20d30ea906Sjfb8856606 #define PTLEN_STR "PTlen = "
21d30ea906Sjfb8856606 #define AADLEN_STR "AADlen = "
22d30ea906Sjfb8856606 #define TAGLEN_STR "Taglen = "
23d30ea906Sjfb8856606
24d30ea906Sjfb8856606 #define COUNT_STR "Count = "
25d30ea906Sjfb8856606 #define KEY_STR "Key = "
26d30ea906Sjfb8856606 #define IV_STR "IV = "
27d30ea906Sjfb8856606 #define PT_STR "PT = "
28d30ea906Sjfb8856606 #define CT_STR "CT = "
29d30ea906Sjfb8856606 #define TAG_STR "Tag = "
30d30ea906Sjfb8856606 #define AAD_STR "AAD = "
31d30ea906Sjfb8856606
32d30ea906Sjfb8856606 #define OP_ENC_STR "Encrypt"
33d30ea906Sjfb8856606 #define OP_DEC_STR "Decrypt"
34*2d9fd380Sjfb8856606 /* External/Internal IV generation, specified in file name, following NIST
35*2d9fd380Sjfb8856606 * GCMVS Section 6.1
36*2d9fd380Sjfb8856606 */
37*2d9fd380Sjfb8856606 #define OP_ENC_EXT_STR "ExtIV"
38*2d9fd380Sjfb8856606 #define OP_ENC_INT_STR "IntIV"
39d30ea906Sjfb8856606
40d30ea906Sjfb8856606 #define NEG_TEST_STR "FAIL"
41d30ea906Sjfb8856606
42*2d9fd380Sjfb8856606 /**
43*2d9fd380Sjfb8856606 * GMAC is essentially zero length plaintext and uses AAD as input data.
44*2d9fd380Sjfb8856606 * NIST does not have GMAC specific test vector but using zero length "PTlen"
45*2d9fd380Sjfb8856606 * and uses AAD as input.
46*2d9fd380Sjfb8856606 **/
47*2d9fd380Sjfb8856606 static int
parser_read_gcm_pt_len(const char * key,char * src,__rte_unused struct fips_val * val)48*2d9fd380Sjfb8856606 parser_read_gcm_pt_len(const char *key, char *src,
49*2d9fd380Sjfb8856606 __rte_unused struct fips_val *val)
50*2d9fd380Sjfb8856606 {
51*2d9fd380Sjfb8856606 int ret = parser_read_uint32_bit_val(key, src, &vec.pt);
52*2d9fd380Sjfb8856606
53*2d9fd380Sjfb8856606 if (ret < 0)
54*2d9fd380Sjfb8856606 return ret;
55*2d9fd380Sjfb8856606
56*2d9fd380Sjfb8856606 if (vec.pt.len == 0) {
57*2d9fd380Sjfb8856606 info.interim_info.gcm_data.is_gmac = 1;
58*2d9fd380Sjfb8856606 test_ops.prepare_op = prepare_auth_op;
59*2d9fd380Sjfb8856606 test_ops.prepare_xform = prepare_gmac_xform;
60*2d9fd380Sjfb8856606 } else {
61*2d9fd380Sjfb8856606 info.interim_info.gcm_data.is_gmac = 0;
62*2d9fd380Sjfb8856606 test_ops.prepare_op = prepare_aead_op;
63*2d9fd380Sjfb8856606 test_ops.prepare_xform = prepare_gcm_xform;
64*2d9fd380Sjfb8856606 }
65*2d9fd380Sjfb8856606
66*2d9fd380Sjfb8856606 return ret;
67*2d9fd380Sjfb8856606 }
68*2d9fd380Sjfb8856606
69*2d9fd380Sjfb8856606 static int
parse_gcm_aad_str(const char * key,char * src,__rte_unused struct fips_val * val)70*2d9fd380Sjfb8856606 parse_gcm_aad_str(const char *key, char *src,
71*2d9fd380Sjfb8856606 __rte_unused struct fips_val *val)
72*2d9fd380Sjfb8856606 {
73*2d9fd380Sjfb8856606 /* For GMAC test vector, AAD is treated as input */
74*2d9fd380Sjfb8856606 if (info.interim_info.gcm_data.is_gmac) {
75*2d9fd380Sjfb8856606 vec.pt.len = vec.aead.aad.len;
76*2d9fd380Sjfb8856606 return parse_uint8_known_len_hex_str(key, src, &vec.pt);
77*2d9fd380Sjfb8856606 } else /* gcm */
78*2d9fd380Sjfb8856606 return parse_uint8_known_len_hex_str(key, src, &vec.aead.aad);
79*2d9fd380Sjfb8856606 }
80*2d9fd380Sjfb8856606
81*2d9fd380Sjfb8856606 static int
parse_gcm_pt_ct_str(const char * key,char * src,struct fips_val * val)82*2d9fd380Sjfb8856606 parse_gcm_pt_ct_str(const char *key, char *src, struct fips_val *val)
83*2d9fd380Sjfb8856606 {
84*2d9fd380Sjfb8856606 /* According to NIST GCMVS section 6.1, IUT should generate IV data */
85*2d9fd380Sjfb8856606 if (info.interim_info.gcm_data.gen_iv && vec.iv.len) {
86*2d9fd380Sjfb8856606 uint32_t i;
87*2d9fd380Sjfb8856606
88*2d9fd380Sjfb8856606 if (!vec.iv.val) {
89*2d9fd380Sjfb8856606 vec.iv.val = rte_malloc(0, vec.iv.len, 0);
90*2d9fd380Sjfb8856606 if (!vec.iv.val)
91*2d9fd380Sjfb8856606 return -ENOMEM;
92*2d9fd380Sjfb8856606 }
93*2d9fd380Sjfb8856606
94*2d9fd380Sjfb8856606 for (i = 0; i < vec.iv.len; i++) {
95*2d9fd380Sjfb8856606 int random = rand();
96*2d9fd380Sjfb8856606 vec.iv.val[i] = (uint8_t)random;
97*2d9fd380Sjfb8856606 }
98*2d9fd380Sjfb8856606 }
99*2d9fd380Sjfb8856606
100*2d9fd380Sjfb8856606 /* if PTlen == 0, pt or ct will be handled by AAD later */
101*2d9fd380Sjfb8856606 if (info.interim_info.gcm_data.is_gmac)
102*2d9fd380Sjfb8856606 return 0;
103*2d9fd380Sjfb8856606
104*2d9fd380Sjfb8856606 return parse_uint8_known_len_hex_str(key, src, val);
105*2d9fd380Sjfb8856606 }
106*2d9fd380Sjfb8856606
107d30ea906Sjfb8856606 struct fips_test_callback gcm_dec_vectors[] = {
1084418919fSjohnjiang {KEY_STR, parse_uint8_known_len_hex_str, &vec.aead.key},
109d30ea906Sjfb8856606 {IV_STR, parse_uint8_known_len_hex_str, &vec.iv},
110*2d9fd380Sjfb8856606 {CT_STR, parse_gcm_pt_ct_str, &vec.ct},
111*2d9fd380Sjfb8856606 {AAD_STR, parse_gcm_aad_str, &vec.aead.aad},
112d30ea906Sjfb8856606 {TAG_STR, parse_uint8_known_len_hex_str,
1134418919fSjohnjiang &vec.aead.digest},
114d30ea906Sjfb8856606 {NULL, NULL, NULL} /**< end pointer */
115d30ea906Sjfb8856606 };
116*2d9fd380Sjfb8856606
117d30ea906Sjfb8856606 struct fips_test_callback gcm_interim_vectors[] = {
1184418919fSjohnjiang {KEYLEN_STR, parser_read_uint32_bit_val, &vec.aead.key},
119d30ea906Sjfb8856606 {IVLEN_STR, parser_read_uint32_bit_val, &vec.iv},
120*2d9fd380Sjfb8856606 {PTLEN_STR, parser_read_gcm_pt_len, &vec.pt},
1214418919fSjohnjiang {PTLEN_STR, parser_read_uint32_bit_val, &vec.ct},
1224418919fSjohnjiang /**< The NIST test vectors use 'PTlen' to denote input text
1234418919fSjohnjiang * length in case of decrypt & encrypt operations.
1244418919fSjohnjiang */
1254418919fSjohnjiang {AADLEN_STR, parser_read_uint32_bit_val, &vec.aead.aad},
126d30ea906Sjfb8856606 {TAGLEN_STR, parser_read_uint32_bit_val,
1274418919fSjohnjiang &vec.aead.digest},
128d30ea906Sjfb8856606 {NULL, NULL, NULL} /**< end pointer */
129d30ea906Sjfb8856606 };
130d30ea906Sjfb8856606
131d30ea906Sjfb8856606 struct fips_test_callback gcm_enc_vectors[] = {
1324418919fSjohnjiang {KEY_STR, parse_uint8_known_len_hex_str, &vec.aead.key},
133d30ea906Sjfb8856606 {IV_STR, parse_uint8_known_len_hex_str, &vec.iv},
134*2d9fd380Sjfb8856606 {PT_STR, parse_gcm_pt_ct_str, &vec.pt},
135*2d9fd380Sjfb8856606 {AAD_STR, parse_gcm_aad_str, &vec.aead.aad},
136d30ea906Sjfb8856606 {NULL, NULL, NULL} /**< end pointer */
137d30ea906Sjfb8856606 };
138d30ea906Sjfb8856606
139d30ea906Sjfb8856606 static int
parse_test_gcm_writeback(struct fips_val * val)140d30ea906Sjfb8856606 parse_test_gcm_writeback(struct fips_val *val)
141d30ea906Sjfb8856606 {
142d30ea906Sjfb8856606 struct fips_val tmp_val;
143d30ea906Sjfb8856606
144d30ea906Sjfb8856606 if (info.op == FIPS_TEST_ENC_AUTH_GEN) {
145*2d9fd380Sjfb8856606 /* According to NIST GCMVS section 6.1, IUT should provide
146*2d9fd380Sjfb8856606 * generate IV data
147*2d9fd380Sjfb8856606 */
148*2d9fd380Sjfb8856606 if (info.interim_info.gcm_data.gen_iv) {
149*2d9fd380Sjfb8856606 fprintf(info.fp_wr, "%s", IV_STR);
150*2d9fd380Sjfb8856606 tmp_val.val = vec.iv.val;
151*2d9fd380Sjfb8856606 tmp_val.len = vec.iv.len;
152*2d9fd380Sjfb8856606
153*2d9fd380Sjfb8856606 parse_write_hex_str(&tmp_val);
154*2d9fd380Sjfb8856606 rte_free(vec.iv.val);
155*2d9fd380Sjfb8856606 vec.iv.val = NULL;
156*2d9fd380Sjfb8856606 }
157*2d9fd380Sjfb8856606
158d30ea906Sjfb8856606 fprintf(info.fp_wr, "%s", CT_STR);
159d30ea906Sjfb8856606
160*2d9fd380Sjfb8856606 if (!info.interim_info.gcm_data.is_gmac) {
161d30ea906Sjfb8856606 tmp_val.val = val->val;
162d30ea906Sjfb8856606 tmp_val.len = vec.pt.len;
163d30ea906Sjfb8856606
164d30ea906Sjfb8856606 parse_write_hex_str(&tmp_val);
165*2d9fd380Sjfb8856606 } else
166*2d9fd380Sjfb8856606 fprintf(info.fp_wr, "\n");
167d30ea906Sjfb8856606
168d30ea906Sjfb8856606 fprintf(info.fp_wr, "%s", TAG_STR);
169d30ea906Sjfb8856606
170d30ea906Sjfb8856606 tmp_val.val = val->val + vec.pt.len;
171d30ea906Sjfb8856606 tmp_val.len = val->len - vec.pt.len;
172d30ea906Sjfb8856606
173d30ea906Sjfb8856606 parse_write_hex_str(&tmp_val);
174d30ea906Sjfb8856606 } else {
175d30ea906Sjfb8856606 if (vec.status == RTE_CRYPTO_OP_STATUS_SUCCESS) {
176d30ea906Sjfb8856606 fprintf(info.fp_wr, "%s", PT_STR);
177*2d9fd380Sjfb8856606 if (!info.interim_info.gcm_data.is_gmac) {
178d30ea906Sjfb8856606 tmp_val.val = val->val;
179d30ea906Sjfb8856606 tmp_val.len = vec.pt.len;
180d30ea906Sjfb8856606
181d30ea906Sjfb8856606 parse_write_hex_str(&tmp_val);
182d30ea906Sjfb8856606 } else
183*2d9fd380Sjfb8856606 fprintf(info.fp_wr, "\n");
184*2d9fd380Sjfb8856606 } else
185d30ea906Sjfb8856606 fprintf(info.fp_wr, "%s\n", NEG_TEST_STR);
186d30ea906Sjfb8856606 }
187d30ea906Sjfb8856606
188d30ea906Sjfb8856606 return 0;
189d30ea906Sjfb8856606 }
190d30ea906Sjfb8856606
191d30ea906Sjfb8856606 int
parse_test_gcm_init(void)192d30ea906Sjfb8856606 parse_test_gcm_init(void)
193d30ea906Sjfb8856606 {
194d30ea906Sjfb8856606 char *tmp;
195d30ea906Sjfb8856606 uint32_t i;
196d30ea906Sjfb8856606
197d30ea906Sjfb8856606
198d30ea906Sjfb8856606 for (i = 0; i < info.nb_vec_lines; i++) {
199d30ea906Sjfb8856606 char *line = info.vec[i];
200d30ea906Sjfb8856606
201d30ea906Sjfb8856606 tmp = strstr(line, OP_STR);
202d30ea906Sjfb8856606 if (tmp) {
203d30ea906Sjfb8856606 if (strstr(line, OP_ENC_STR)) {
204d30ea906Sjfb8856606 info.op = FIPS_TEST_ENC_AUTH_GEN;
205d30ea906Sjfb8856606 info.callbacks = gcm_enc_vectors;
206*2d9fd380Sjfb8856606 if (strstr(info.file_name, OP_ENC_INT_STR))
207*2d9fd380Sjfb8856606 info.interim_info.gcm_data.gen_iv = 1;
208d30ea906Sjfb8856606 } else if (strstr(line, OP_DEC_STR)) {
209d30ea906Sjfb8856606 info.op = FIPS_TEST_DEC_AUTH_VERIF;
210d30ea906Sjfb8856606 info.callbacks = gcm_dec_vectors;
211d30ea906Sjfb8856606 } else
212d30ea906Sjfb8856606 return -EINVAL;
213d30ea906Sjfb8856606 }
214d30ea906Sjfb8856606 }
215d30ea906Sjfb8856606
216d30ea906Sjfb8856606 info.interim_callbacks = gcm_interim_vectors;
217d30ea906Sjfb8856606 info.parse_writeback = parse_test_gcm_writeback;
218d30ea906Sjfb8856606
219d30ea906Sjfb8856606 return 0;
220d30ea906Sjfb8856606 }
221