diff mbox series

[2/2] app/test-crypto-perf: fix encrypt operation verify

Message ID	20240103035605.720256-2-suanmingm@nvidia.com (mailing list archive)
State	Superseded, archived
Delegated to:	akhil goyal
Headers	Received-SPF: Pass (protection.outlook.com: domain of nvidia.com designates 216.228.117.161 as permitted sender) receiver=protection.outlook.com; client-ip=216.228.117.161; helo=mail.nvidia.com; pr=C From: Suanming Mou <suanmingm@nvidia.com> To: Ciara Power <ciara.power@intel.com> CC: <dev@dpdk.org> Subject: [PATCH 2/2] app/test-crypto-perf: fix encrypt operation verify Date: Wed, 3 Jan 2024 11:56:05 +0800 Message-ID: <20240103035605.720256-2-suanmingm@nvidia.com> In-Reply-To: <20240103035605.720256-1-suanmingm@nvidia.com> References: <20240103035605.720256-1-suanmingm@nvidia.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Content-Type: text/plain Precedence: list Errors-To: dev-bounces@dpdk.org
Series	[1/2] app/test-crypto-perf: fix invalid memcmp results \| [1/2] app/test-crypto-perf: fix invalid memcmp results [2/2] app/test-crypto-perf: fix encrypt operation verify

Checks

Context	Check	Description
ci/checkpatch	success	coding style OK
ci/loongarch-compilation	success	Compilation OK
ci/loongarch-unit-testing	success	Unit Testing PASS
ci/Intel-compilation	success	Compilation OK
ci/github-robot: build	success	github build: passed
ci/intel-Testing	success	Testing PASS
ci/intel-Functional	success	Functional PASS
ci/iol-unit-amd64-testing	success	Testing PASS
ci/iol-abi-testing	success	Testing PASS
ci/iol-unit-arm64-testing	success	Testing PASS
ci/iol-compile-amd64-testing	success	Testing PASS
ci/iol-mellanox-Performance	success	Performance Testing PASS
ci/iol-broadcom-Functional	success	Functional Testing PASS
ci/iol-broadcom-Performance	success	Performance Testing PASS
ci/iol-compile-arm64-testing	success	Testing PASS
ci/iol-sample-apps-testing	success	Testing PASS
ci/iol-intel-Functional	success	Functional Testing PASS
ci/iol-intel-Performance	success	Performance Testing PASS

Commit Message

Suanming Mou Jan. 3, 2024, 3:56 a.m. UTC

  AEAD users RTE_CRYPTO_AEAD_OP_* with aead_op and CIPHER uses
RTE_CRYPTO_CIPHER_OP_* with cipher_op in current code.

This commit aligns aead_op and cipher_op operation to fix
incorrect AEAD verification.

Fixes: df52cb3b6e13 ("app/crypto-perf: move verify as single test type")

Signed-off-by: Suanming Mou <suanmingm@nvidia.com>
---
 app/test-crypto-perf/cperf_test_verify.c | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

Comments

Anoob Joseph Jan. 4, 2024, 5:13 a.m. UTC | #1

Hi Suanming,

Please see inline.

Thanks,
Anoob

> -----Original Message-----
> From: Suanming Mou <suanmingm@nvidia.com>
> Sent: Wednesday, January 3, 2024 9:26 AM
> To: Ciara Power <ciara.power@intel.com>
> Cc: dev@dpdk.org
> Subject: [EXT] [PATCH 2/2] app/test-crypto-perf: fix encrypt operation verify
> 
> External Email
> 
> ----------------------------------------------------------------------
> AEAD users RTE_CRYPTO_AEAD_OP_* with aead_op and CIPHER uses
[Anoob] users -> uses

> RTE_CRYPTO_CIPHER_OP_* with cipher_op in current code.
> 
> This commit aligns aead_op and cipher_op operation to fix incorrect AEAD
> verification.
> 
> Fixes: df52cb3b6e13 ("app/crypto-perf: move verify as single test type")
> 
> Signed-off-by: Suanming Mou <suanmingm@nvidia.com>
> ---
>  app/test-crypto-perf/cperf_test_verify.c | 9 +++++++--
>  1 file changed, 7 insertions(+), 2 deletions(-)
> 
> diff --git a/app/test-crypto-perf/cperf_test_verify.c b/app/test-crypto-
> perf/cperf_test_verify.c
> index 8aa714b969..525a2b1373 100644
> --- a/app/test-crypto-perf/cperf_test_verify.c
> +++ b/app/test-crypto-perf/cperf_test_verify.c
> @@ -113,6 +113,7 @@ cperf_verify_op(struct rte_crypto_op *op,
>  	uint8_t *data;
>  	uint32_t cipher_offset, auth_offset;
>  	uint8_t	cipher, auth;
> +	bool is_encrypt = false;
>  	int res = 0;
> 
>  	if (op->status != RTE_CRYPTO_OP_STATUS_SUCCESS) @@ -154,12
> +155,14 @@ cperf_verify_op(struct rte_crypto_op *op,
>  		cipher_offset = 0;
>  		auth = 0;
>  		auth_offset = 0;
> +		is_encrypt = options->cipher_op ==
> RTE_CRYPTO_CIPHER_OP_ENCRYPT;
>  		break;
>  	case CPERF_CIPHER_THEN_AUTH:
>  		cipher = 1;
>  		cipher_offset = 0;
>  		auth = 1;
>  		auth_offset = options->test_buffer_size;
> +		is_encrypt = options->cipher_op ==
> RTE_CRYPTO_CIPHER_OP_ENCRYPT;
>  		break;
>  	case CPERF_AUTH_ONLY:
>  		cipher = 0;
> @@ -172,12 +175,14 @@ cperf_verify_op(struct rte_crypto_op *op,
>  		cipher_offset = 0;
>  		auth = 1;
>  		auth_offset = options->test_buffer_size;
> +		is_encrypt = options->cipher_op ==
> RTE_CRYPTO_CIPHER_OP_ENCRYPT;
>  		break;
>  	case CPERF_AEAD:
>  		cipher = 1;
>  		cipher_offset = 0;
> -		auth = 1;
> +		auth = options->aead_op == RTE_CRYPTO_AEAD_OP_ENCRYPT;
>  		auth_offset = options->test_buffer_size;
> +		is_encrypt = !!auth;
>  		break;
>  	default:
>  		res = 1;
> @@ -185,7 +190,7 @@ cperf_verify_op(struct rte_crypto_op *op,
>  	}
> 
>  	if (cipher == 1) {
> -		if (options->cipher_op == RTE_CRYPTO_CIPHER_OP_ENCRYPT)
> +		if (is_encrypt)

[Anoob] A similar check is there under 'auth == 1' check, right? Won't that also need fixing?

	if (auth == 1) {
		if (options->auth_op == RTE_CRYPTO_AUTH_OP_GENERATE)

I think some renaming of the local variables might make code better.
        bool cipher, digest_verify = false, is_encrypt = false;

	case CPERF_CIPHER_THEN_AUTH:
		cipher = true;
		cipher_offset = 0;
		if (options->cipher_op == RTE_CRYPTO_CIPHER_OP_ENCRYPT) {
			is_encrypt = true;
			digest_verify = true; /* Assumption - options->auth_op == RTE_CRYPTO_AUTH_OP_GENERATE is verified elsewhere */
			auth_offset = options->test_buffer_size;
		}
		break;
	<...>
	case CPERF_AEAD:
		cipher = true;
		cipher_offset = 0;
                             if (options->aead_op == RTE_CRYPTO_AEAD_OP_ENCRYPT) {
                             	is_encrypt = true;
			digest_verify = true;
			auth_offset = options->test_buffer_size;
		}

What do you think?

>  			res += !!memcmp(data + cipher_offset,
>  					vector->ciphertext.data,
>  					options->test_buffer_size);
> --
> 2.34.1

Suanming Mou Jan. 4, 2024, 8:56 a.m. UTC | #2

Hi,

> -----Original Message-----
> From: Anoob Joseph <anoobj@marvell.com>
> Sent: Thursday, January 4, 2024 1:13 PM
> To: Suanming Mou <suanmingm@nvidia.com>; Ciara Power
> <ciara.power@intel.com>
> Cc: dev@dpdk.org
> Subject: RE: [EXT] [PATCH 2/2] app/test-crypto-perf: fix encrypt operation verify
> 
> Hi Suanming,
> 
> Please see inline.
> 
> Thanks,
> Anoob
> 
> > -----Original Message-----
> > From: Suanming Mou <suanmingm@nvidia.com>
> > Sent: Wednesday, January 3, 2024 9:26 AM
> > To: Ciara Power <ciara.power@intel.com>
> > Cc: dev@dpdk.org
> > Subject: [EXT] [PATCH 2/2] app/test-crypto-perf: fix encrypt operation
> > verify
> >
> > External Email
> >
> > ----------------------------------------------------------------------
> > AEAD users RTE_CRYPTO_AEAD_OP_* with aead_op and CIPHER uses
> [Anoob] users -> uses
> 
> > RTE_CRYPTO_CIPHER_OP_* with cipher_op in current code.
> >
> > This commit aligns aead_op and cipher_op operation to fix incorrect
> > AEAD verification.
> >
> > Fixes: df52cb3b6e13 ("app/crypto-perf: move verify as single test
> > type")
> >
> > Signed-off-by: Suanming Mou <suanmingm@nvidia.com>
> > ---
> >  app/test-crypto-perf/cperf_test_verify.c | 9 +++++++--
> >  1 file changed, 7 insertions(+), 2 deletions(-)
> >
> > diff --git a/app/test-crypto-perf/cperf_test_verify.c
> > b/app/test-crypto- perf/cperf_test_verify.c index
> > 8aa714b969..525a2b1373 100644
> > --- a/app/test-crypto-perf/cperf_test_verify.c
> > +++ b/app/test-crypto-perf/cperf_test_verify.c
> > @@ -113,6 +113,7 @@ cperf_verify_op(struct rte_crypto_op *op,
> >  	uint8_t *data;
> >  	uint32_t cipher_offset, auth_offset;
> >  	uint8_t	cipher, auth;
> > +	bool is_encrypt = false;
> >  	int res = 0;
> >
> >  	if (op->status != RTE_CRYPTO_OP_STATUS_SUCCESS) @@ -154,12
> > +155,14 @@ cperf_verify_op(struct rte_crypto_op *op,
> >  		cipher_offset = 0;
> >  		auth = 0;
> >  		auth_offset = 0;
> > +		is_encrypt = options->cipher_op ==
> > RTE_CRYPTO_CIPHER_OP_ENCRYPT;
> >  		break;
> >  	case CPERF_CIPHER_THEN_AUTH:
> >  		cipher = 1;
> >  		cipher_offset = 0;
> >  		auth = 1;
> >  		auth_offset = options->test_buffer_size;
> > +		is_encrypt = options->cipher_op ==
> > RTE_CRYPTO_CIPHER_OP_ENCRYPT;
> >  		break;
> >  	case CPERF_AUTH_ONLY:
> >  		cipher = 0;
> > @@ -172,12 +175,14 @@ cperf_verify_op(struct rte_crypto_op *op,
> >  		cipher_offset = 0;
> >  		auth = 1;
> >  		auth_offset = options->test_buffer_size;
> > +		is_encrypt = options->cipher_op ==
> > RTE_CRYPTO_CIPHER_OP_ENCRYPT;
> >  		break;
> >  	case CPERF_AEAD:
> >  		cipher = 1;
> >  		cipher_offset = 0;
> > -		auth = 1;
> > +		auth = options->aead_op == RTE_CRYPTO_AEAD_OP_ENCRYPT;
> >  		auth_offset = options->test_buffer_size;
> > +		is_encrypt = !!auth;
> >  		break;
> >  	default:
> >  		res = 1;
> > @@ -185,7 +190,7 @@ cperf_verify_op(struct rte_crypto_op *op,
> >  	}
> >
> >  	if (cipher == 1) {
> > -		if (options->cipher_op == RTE_CRYPTO_CIPHER_OP_ENCRYPT)
> > +		if (is_encrypt)
> 
> [Anoob] A similar check is there under 'auth == 1' check, right? Won't that also
> need fixing?
> 
> 	if (auth == 1) {
> 		if (options->auth_op == RTE_CRYPTO_AUTH_OP_GENERATE)
> 
> I think some renaming of the local variables might make code better.
>         bool cipher, digest_verify = false, is_encrypt = false;
> 
> 	case CPERF_CIPHER_THEN_AUTH:
> 		cipher = true;
> 		cipher_offset = 0;
> 		if (options->cipher_op == RTE_CRYPTO_CIPHER_OP_ENCRYPT) {
> 			is_encrypt = true;
> 			digest_verify = true; /* Assumption - options->auth_op
> == RTE_CRYPTO_AUTH_OP_GENERATE is verified elsewhere */
> 			auth_offset = options->test_buffer_size;
> 		}
> 		break;
> 	<...>
> 	case CPERF_AEAD:
> 		cipher = true;
> 		cipher_offset = 0;
>                              if (options->aead_op == RTE_CRYPTO_AEAD_OP_ENCRYPT) {
>                              	is_encrypt = true;
> 			digest_verify = true;
> 			auth_offset = options->test_buffer_size;
> 		}
> 
> What do you think?

Yes, so we can totally remove the auth for now. I will do that. Thanks for the suggestion.

> 
> >  			res += !!memcmp(data + cipher_offset,
> >  					vector->ciphertext.data,
> >  					options->test_buffer_size);
> > --
> > 2.34.1

diff mbox series

Patch

diff --git a/app/test-crypto-perf/cperf_test_verify.c b/app/test-crypto-perf/cperf_test_verify.c
index 8aa714b969..525a2b1373 100644
--- a/app/test-crypto-perf/cperf_test_verify.c
+++ b/app/test-crypto-perf/cperf_test_verify.c
@@ -113,6 +113,7 @@  cperf_verify_op(struct rte_crypto_op *op,
 	uint8_t *data;
 	uint32_t cipher_offset, auth_offset;
 	uint8_t	cipher, auth;
+	bool is_encrypt = false;
 	int res = 0;
 
 	if (op->status != RTE_CRYPTO_OP_STATUS_SUCCESS)
@@ -154,12 +155,14 @@  cperf_verify_op(struct rte_crypto_op *op,
 		cipher_offset = 0;
 		auth = 0;
 		auth_offset = 0;
+		is_encrypt = options->cipher_op == RTE_CRYPTO_CIPHER_OP_ENCRYPT;
 		break;
 	case CPERF_CIPHER_THEN_AUTH:
 		cipher = 1;
 		cipher_offset = 0;
 		auth = 1;
 		auth_offset = options->test_buffer_size;
+		is_encrypt = options->cipher_op == RTE_CRYPTO_CIPHER_OP_ENCRYPT;
 		break;
 	case CPERF_AUTH_ONLY:
 		cipher = 0;
@@ -172,12 +175,14 @@  cperf_verify_op(struct rte_crypto_op *op,
 		cipher_offset = 0;
 		auth = 1;
 		auth_offset = options->test_buffer_size;
+		is_encrypt = options->cipher_op == RTE_CRYPTO_CIPHER_OP_ENCRYPT;
 		break;
 	case CPERF_AEAD:
 		cipher = 1;
 		cipher_offset = 0;
-		auth = 1;
+		auth = options->aead_op == RTE_CRYPTO_AEAD_OP_ENCRYPT;
 		auth_offset = options->test_buffer_size;
+		is_encrypt = !!auth;
 		break;
 	default:
 		res = 1;
@@ -185,7 +190,7 @@  cperf_verify_op(struct rte_crypto_op *op,
 	}
 
 	if (cipher == 1) {
-		if (options->cipher_op == RTE_CRYPTO_CIPHER_OP_ENCRYPT)
+		if (is_encrypt)
 			res += !!memcmp(data + cipher_offset,
 					vector->ciphertext.data,
 					options->test_buffer_size);