[v4,6/8] examples/fips_validation: add json to hmac
Checks
Commit Message
Adds JSON support for the HMAC algorithm.
Signed-off-by: Brandon Lo <blo@iol.unh.edu>
---
examples/fips_validation/fips_validation.c | 2 +
examples/fips_validation/fips_validation.h | 6 ++
.../fips_validation/fips_validation_hmac.c | 93 +++++++++++++++++++
examples/fips_validation/main.c | 3 +
4 files changed, 104 insertions(+)
Comments
Verified the functionality changes and looks good to me.
Acked-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
Thanks.
> -----Original Message-----
> From: Brandon Lo <blo@iol.unh.edu>
> Sent: Friday, April 29, 2022 9:46 PM
> To: roy.fan.zhang@intel.com; ciara.power@intel.com
> Cc: dev@dpdk.org; Brandon Lo <blo@iol.unh.edu>
> Subject: [EXT] [PATCH v4 6/8] examples/fips_validation: add json to hmac
>
> External Email
>
> ----------------------------------------------------------------------
> Adds JSON support for the HMAC algorithm.
>
> Signed-off-by: Brandon Lo <blo@iol.unh.edu>
> ---
> examples/fips_validation/fips_validation.c | 2 +
> examples/fips_validation/fips_validation.h | 6 ++
> .../fips_validation/fips_validation_hmac.c | 93 +++++++++++++++++++
> examples/fips_validation/main.c | 3 +
> 4 files changed, 104 insertions(+)
>
> diff --git a/examples/fips_validation/fips_validation.c
> b/examples/fips_validation/fips_validation.c
> index d220dcab1f..04dfb85262 100644
> --- a/examples/fips_validation/fips_validation.c
> +++ b/examples/fips_validation/fips_validation.c
> @@ -458,6 +458,8 @@ fips_test_parse_one_json_vector_set(void)
> /* Vector sets contain the algorithm type, and nothing else we need.
> */
> if (strstr(algo_str, "AES-GCM"))
> info.algo = FIPS_TEST_ALGO_AES_GCM;
> + if (strstr(algo_str, "HMAC"))
> + info.algo = FIPS_TEST_ALGO_HMAC;
> else
> return -EINVAL;
>
> diff --git a/examples/fips_validation/fips_validation.h
> b/examples/fips_validation/fips_validation.h
> index 8d7af99e04..2c65d838b0 100644
> --- a/examples/fips_validation/fips_validation.h
> +++ b/examples/fips_validation/fips_validation.h
> @@ -253,6 +253,12 @@ fips_test_parse_one_json_case(void);
>
> int
> parse_test_gcm_json_init(void);
> +
> +int
> +parse_test_hmac_json_init(void);
> +
> +int
> +parse_test_hmac_json_algorithm(void);
> #endif /* RTE_HAS_JANSSON */
>
> int
> diff --git a/examples/fips_validation/fips_validation_hmac.c
> b/examples/fips_validation/fips_validation_hmac.c
> index 1285c9d283..4cd1b1ac07 100644
> --- a/examples/fips_validation/fips_validation_hmac.c
> +++ b/examples/fips_validation/fips_validation_hmac.c
> @@ -19,6 +19,15 @@
> #define PT_STR "Msg = "
> #define TAG_STR "Mac = "
>
> +#define ALGO_JSON_STR "algorithm"
> +
> +#define KEYLEN_JSON_STR "keyLen"
> +#define TAGLEN_JSON_STR "macLen"
> +
> +#define KEY_JSON_STR "key"
> +#define PT_JSON_STR "msg"
> +#define TAG_JSON_STR "mac"
> +
> struct hash_size_conversion {
> const char *str;
> enum rte_crypto_auth_algorithm algo;
> @@ -65,6 +74,29 @@ struct fips_test_callback hmac_tests_interim_vectors[]
> = {
> {NULL, NULL, NULL} /**< end pointer */ };
>
> +#ifdef RTE_HAS_JANSSON
> +struct hash_size_conversion json_algorithms[] = {
> + {"HMAC-SHA-1", RTE_CRYPTO_AUTH_SHA1_HMAC},
> + {"HMAC-SHA2-224", RTE_CRYPTO_AUTH_SHA224_HMAC},
> + {"HMAC-SHA2-256", RTE_CRYPTO_AUTH_SHA256_HMAC},
> + {"HMAC-SHA2-384", RTE_CRYPTO_AUTH_SHA384_HMAC},
> + {"HMAC-SHA2-512", RTE_CRYPTO_AUTH_SHA512_HMAC}, };
> +
> +struct fips_test_callback hmac_tests_json_vectors[] = {
> + {KEY_JSON_STR, parse_uint8_hex_str,
> &vec.cipher_auth.key},
> + {PT_JSON_STR, parse_uint8_hex_str, &vec.pt},
> + {TAG_JSON_STR, parse_uint8_hex_str,
> &vec.cipher_auth.digest},
> + {NULL, NULL, NULL} /**< end pointer */ };
> +
> +struct fips_test_callback hmac_tests_interim_json_vectors[] = {
> + {KEYLEN_JSON_STR, parser_read_uint32_val,
> &vec.cipher_auth.key},
> + {TAGLEN_JSON_STR, parser_read_uint32_bit_val,
> &vec.cipher_auth.digest},
> + {NULL, NULL, NULL} /**< end pointer */ }; #endif /*
> RTE_HAS_JANSSON
> +*/
> +
> static int
> parse_test_hmac_writeback(struct fips_val *val) { @@ -103,3 +135,64 @@
> parse_test_hmac_init(void)
>
> return 0;
> }
> +
> +#ifdef RTE_HAS_JANSSON
> +static int
> +parse_test_hmac_json_writeback(struct fips_val *val) {
> + struct fips_val val_local;
> + json_t *tcId, *mac;
> +
> + tcId = json_object_get(json_info.json_test_case, "tcId");
> +
> + json_info.json_write_case = json_object();
> + json_object_set(json_info.json_write_case, "tcId", tcId);
> +
> +
> + val_local.val = val->val + vec.pt.len;
> + val_local.len = vec.cipher_auth.digest.len;
> +
> + writeback_hex_str("", info.one_line_text, &val_local);
> +
> + mac = json_string(info.one_line_text);
> + json_object_set_new(json_info.json_write_case, TAG_JSON_STR,
> mac);
> +
> + return 0;
> +}
> +
> +int
> +parse_test_hmac_json_algorithm(void)
> +{
> + json_t *algorithm_object;
> + const char *algorithm_str;
> + uint32_t i;
> +
> + algorithm_object = json_object_get(json_info.json_vector_set,
> "algorithm");
> + algorithm_str = json_string_value(algorithm_object);
> +
> + for (i = 0; i < RTE_DIM(json_algorithms); i++) {
> + if (strstr(algorithm_str, json_algorithms[i].str)) {
> + info.interim_info.hmac_data.algo =
> json_algorithms[i].algo;
> + return 0;
> + }
> + }
> +
> + return -1;
> +}
> +
> +int
> +parse_test_hmac_json_init(void)
> +{
> + info.op = FIPS_TEST_ENC_AUTH_GEN;
> + info.parse_writeback = parse_test_hmac_json_writeback;
> + info.callbacks = hmac_tests_json_vectors;
> + info.writeback_callbacks = NULL;
> + info.kat_check = rsp_test_hmac_check;
> + info.interim_callbacks = hmac_tests_interim_json_vectors;
> +
> + if (parse_test_hmac_json_algorithm() < 0)
> + return -1;
> +
> + return 0;
> +}
> +#endif /* RTE_HAS_JANSSON */
> diff --git a/examples/fips_validation/main.c
> b/examples/fips_validation/main.c index a1d8a1d758..de6dedaf75 100644
> --- a/examples/fips_validation/main.c
> +++ b/examples/fips_validation/main.c
> @@ -1943,6 +1943,9 @@ fips_test_one_test_group(void)
> case FIPS_TEST_ALGO_AES_GCM:
> ret = parse_test_gcm_json_init();
> break;
> + case FIPS_TEST_ALGO_HMAC:
> + ret = parse_test_hmac_json_init();
> + break;
> default:
> return -EINVAL;
> }
> --
> 2.25.1
@@ -458,6 +458,8 @@ fips_test_parse_one_json_vector_set(void)
/* Vector sets contain the algorithm type, and nothing else we need. */
if (strstr(algo_str, "AES-GCM"))
info.algo = FIPS_TEST_ALGO_AES_GCM;
+ if (strstr(algo_str, "HMAC"))
+ info.algo = FIPS_TEST_ALGO_HMAC;
else
return -EINVAL;
@@ -253,6 +253,12 @@ fips_test_parse_one_json_case(void);
int
parse_test_gcm_json_init(void);
+
+int
+parse_test_hmac_json_init(void);
+
+int
+parse_test_hmac_json_algorithm(void);
#endif /* RTE_HAS_JANSSON */
int
@@ -19,6 +19,15 @@
#define PT_STR "Msg = "
#define TAG_STR "Mac = "
+#define ALGO_JSON_STR "algorithm"
+
+#define KEYLEN_JSON_STR "keyLen"
+#define TAGLEN_JSON_STR "macLen"
+
+#define KEY_JSON_STR "key"
+#define PT_JSON_STR "msg"
+#define TAG_JSON_STR "mac"
+
struct hash_size_conversion {
const char *str;
enum rte_crypto_auth_algorithm algo;
@@ -65,6 +74,29 @@ struct fips_test_callback hmac_tests_interim_vectors[] = {
{NULL, NULL, NULL} /**< end pointer */
};
+#ifdef RTE_HAS_JANSSON
+struct hash_size_conversion json_algorithms[] = {
+ {"HMAC-SHA-1", RTE_CRYPTO_AUTH_SHA1_HMAC},
+ {"HMAC-SHA2-224", RTE_CRYPTO_AUTH_SHA224_HMAC},
+ {"HMAC-SHA2-256", RTE_CRYPTO_AUTH_SHA256_HMAC},
+ {"HMAC-SHA2-384", RTE_CRYPTO_AUTH_SHA384_HMAC},
+ {"HMAC-SHA2-512", RTE_CRYPTO_AUTH_SHA512_HMAC},
+};
+
+struct fips_test_callback hmac_tests_json_vectors[] = {
+ {KEY_JSON_STR, parse_uint8_hex_str, &vec.cipher_auth.key},
+ {PT_JSON_STR, parse_uint8_hex_str, &vec.pt},
+ {TAG_JSON_STR, parse_uint8_hex_str, &vec.cipher_auth.digest},
+ {NULL, NULL, NULL} /**< end pointer */
+};
+
+struct fips_test_callback hmac_tests_interim_json_vectors[] = {
+ {KEYLEN_JSON_STR, parser_read_uint32_val, &vec.cipher_auth.key},
+ {TAGLEN_JSON_STR, parser_read_uint32_bit_val, &vec.cipher_auth.digest},
+ {NULL, NULL, NULL} /**< end pointer */
+};
+#endif /* RTE_HAS_JANSSON */
+
static int
parse_test_hmac_writeback(struct fips_val *val)
{
@@ -103,3 +135,64 @@ parse_test_hmac_init(void)
return 0;
}
+
+#ifdef RTE_HAS_JANSSON
+static int
+parse_test_hmac_json_writeback(struct fips_val *val)
+{
+ struct fips_val val_local;
+ json_t *tcId, *mac;
+
+ tcId = json_object_get(json_info.json_test_case, "tcId");
+
+ json_info.json_write_case = json_object();
+ json_object_set(json_info.json_write_case, "tcId", tcId);
+
+
+ val_local.val = val->val + vec.pt.len;
+ val_local.len = vec.cipher_auth.digest.len;
+
+ writeback_hex_str("", info.one_line_text, &val_local);
+
+ mac = json_string(info.one_line_text);
+ json_object_set_new(json_info.json_write_case, TAG_JSON_STR, mac);
+
+ return 0;
+}
+
+int
+parse_test_hmac_json_algorithm(void)
+{
+ json_t *algorithm_object;
+ const char *algorithm_str;
+ uint32_t i;
+
+ algorithm_object = json_object_get(json_info.json_vector_set, "algorithm");
+ algorithm_str = json_string_value(algorithm_object);
+
+ for (i = 0; i < RTE_DIM(json_algorithms); i++) {
+ if (strstr(algorithm_str, json_algorithms[i].str)) {
+ info.interim_info.hmac_data.algo = json_algorithms[i].algo;
+ return 0;
+ }
+ }
+
+ return -1;
+}
+
+int
+parse_test_hmac_json_init(void)
+{
+ info.op = FIPS_TEST_ENC_AUTH_GEN;
+ info.parse_writeback = parse_test_hmac_json_writeback;
+ info.callbacks = hmac_tests_json_vectors;
+ info.writeback_callbacks = NULL;
+ info.kat_check = rsp_test_hmac_check;
+ info.interim_callbacks = hmac_tests_interim_json_vectors;
+
+ if (parse_test_hmac_json_algorithm() < 0)
+ return -1;
+
+ return 0;
+}
+#endif /* RTE_HAS_JANSSON */
@@ -1943,6 +1943,9 @@ fips_test_one_test_group(void)
case FIPS_TEST_ALGO_AES_GCM:
ret = parse_test_gcm_json_init();
break;
+ case FIPS_TEST_ALGO_HMAC:
+ ret = parse_test_hmac_json_init();
+ break;
default:
return -EINVAL;
}