From: Fiona Trahe <fiona.trahe@intel.com>
To: dev@dpdk.org
Cc: john.griffin@intel.com, deepak.k.jain@intel.com,
pablo.de.lara.guarch@intel.com, fiona.trahe@intel.com
Subject: [PATCH] crypto test: add integrity check for mbuf data
Date: Thu, 22 Dec 2016 16:51:07 +0000 [thread overview]
Message-ID: <1482425467-27415-1-git-send-email-fiona.trahe@intel.com> (raw)
In block cipher test cases, add checks that the source
and destination mbufs are not modified except where expected.
Signed-off-by: Fiona Trahe <fiona.trahe@intel.com>
---
app/test/test_cryptodev_blockcipher.c | 139 ++++++++++++++++++++++++++++++++--
1 file changed, 134 insertions(+), 5 deletions(-)
diff --git a/app/test/test_cryptodev_blockcipher.c b/app/test/test_cryptodev_blockcipher.c
index 37b10cf..1757c76 100644
--- a/app/test/test_cryptodev_blockcipher.c
+++ b/app/test/test_cryptodev_blockcipher.c
@@ -45,6 +45,7 @@
#include "test_cryptodev_aes_test_vectors.h"
#include "test_cryptodev_des_test_vectors.h"
#include "test_cryptodev_hash_test_vectors.h"
+#include "test_cryptodev.h"
static int
test_blockcipher_one_case(const struct blockcipher_test_case *t,
@@ -71,6 +72,10 @@ test_blockcipher_one_case(const struct blockcipher_test_case *t,
uint32_t buf_len = tdata->ciphertext.len;
uint32_t digest_len = 0;
char *buf_p = NULL;
+ uint8_t src_pattern = 0xa5;
+ uint8_t dst_pattern = 0xb6;
+ uint8_t tmp_src_buf[MBUF_SIZE];
+ uint8_t tmp_dst_buf[MBUF_SIZE];
if (tdata->cipher_key.len)
memcpy(cipher_key, tdata->cipher_key.data,
@@ -104,6 +109,7 @@ test_blockcipher_one_case(const struct blockcipher_test_case *t,
status = TEST_FAILED;
goto error_exit;
}
+ memset(ibuf->buf_addr, src_pattern, ibuf->buf_len);
if (t->op_mask & BLOCKCIPHER_TEST_OP_CIPHER)
buf_len += tdata->iv.len;
@@ -152,6 +158,7 @@ test_blockcipher_one_case(const struct blockcipher_test_case *t,
status = TEST_FAILED;
goto error_exit;
}
+ memset(obuf->buf_addr, dst_pattern, obuf->buf_len);
buf_p = rte_pktmbuf_append(obuf, buf_len);
if (!buf_p) {
@@ -342,6 +349,17 @@ test_blockcipher_one_case(const struct blockcipher_test_case *t,
rte_crypto_op_attach_sym_session(op, sess);
}
+ TEST_HEXDUMP(stdout, "m_src(before):",
+ sym_op->m_src->buf_addr, sym_op->m_src->buf_len);
+ rte_memcpy(tmp_src_buf, sym_op->m_src->buf_addr,
+ sym_op->m_src->buf_len);
+ if (t->feature_mask & BLOCKCIPHER_TEST_FEATURE_OOP) {
+ TEST_HEXDUMP(stdout, "m_dst(before):",
+ sym_op->m_dst->buf_addr, sym_op->m_dst->buf_len);
+ rte_memcpy(tmp_dst_buf, sym_op->m_dst->buf_addr,
+ sym_op->m_dst->buf_len);
+ }
+
/* Process crypto operation */
if (rte_cryptodev_enqueue_burst(dev_id, 0, &op, 1) != 1) {
snprintf(test_msg, BLOCKCIPHER_TEST_MSG_LEN,
@@ -364,12 +382,11 @@ test_blockcipher_one_case(const struct blockcipher_test_case *t,
goto error_exit;
}
- TEST_HEXDUMP(stdout, "m_src:",
- rte_pktmbuf_mtod(sym_op->m_src, uint8_t *), buf_len);
+ TEST_HEXDUMP(stdout, "m_src(after):",
+ sym_op->m_src->buf_addr, sym_op->m_src->buf_len);
if (t->feature_mask & BLOCKCIPHER_TEST_FEATURE_OOP)
- TEST_HEXDUMP(stdout, "m_dst:",
- rte_pktmbuf_mtod(sym_op->m_dst, uint8_t *),
- buf_len);
+ TEST_HEXDUMP(stdout, "m_dst(after):",
+ sym_op->m_dst->buf_addr, sym_op->m_dst->buf_len);
/* Verify results */
if (op->status != RTE_CRYPTO_OP_STATUS_SUCCESS) {
@@ -430,6 +447,118 @@ test_blockcipher_one_case(const struct blockcipher_test_case *t,
}
}
+ /* The only parts that should have changed in the buffer are
+ * plaintext/ciphertext and digest.
+ * In OOP only the dest buffer should change.
+ */
+ if (t->feature_mask & BLOCKCIPHER_TEST_FEATURE_OOP) {
+ struct rte_mbuf *mbuf;
+ uint8_t value;
+ uint32_t head_unchanged_len = 0, changed_len = 0;
+ uint32_t i;
+
+ mbuf = sym_op->m_src;
+ if (t->op_mask & BLOCKCIPHER_TEST_OP_AUTH_VERIFY) {
+ /* white-box test: PMDs use some of the
+ * tailroom as temp storage in verify case
+ */
+ head_unchanged_len = rte_pktmbuf_headroom(mbuf)
+ + rte_pktmbuf_data_len(mbuf);
+ changed_len = digest_len;
+ } else {
+ head_unchanged_len = mbuf->buf_len;
+ changed_len = 0;
+ }
+
+ for (i = 0; i < mbuf->buf_len; i++) {
+ if (i == head_unchanged_len)
+ i += changed_len;
+ value = *((uint8_t *)(mbuf->buf_addr)+i);
+ if (value != tmp_src_buf[i]) {
+ snprintf(test_msg, BLOCKCIPHER_TEST_MSG_LEN,
+ "line %u FAILED: OOP src outer mbuf data (0x%x) not as expected (0x%x)",
+ __LINE__, value, tmp_src_buf[i]);
+ status = TEST_FAILED;
+ goto error_exit;
+ }
+ }
+
+ mbuf = sym_op->m_dst;
+ if (t->op_mask & BLOCKCIPHER_TEST_OP_AUTH) {
+ head_unchanged_len = rte_pktmbuf_headroom(mbuf) +
+ sym_op->auth.data.offset;
+ changed_len = sym_op->auth.data.length;
+ if (t->op_mask & BLOCKCIPHER_TEST_OP_AUTH_GEN)
+ changed_len += sym_op->auth.digest.length;
+ } else {
+ /* cipher-only */
+ head_unchanged_len = rte_pktmbuf_headroom(mbuf) +
+ sym_op->cipher.data.offset;
+ changed_len = sym_op->cipher.data.length;
+ }
+
+ for (i = 0; i < mbuf->buf_len; i++) {
+ if (i == head_unchanged_len)
+ i += changed_len;
+ value = *((uint8_t *)(mbuf->buf_addr)+i);
+ if (value != tmp_dst_buf[i]) {
+ snprintf(test_msg, BLOCKCIPHER_TEST_MSG_LEN,
+ "line %u FAILED: OOP dst outer mbuf data (0x%x) not as expected (0x%x)",
+ __LINE__, value, tmp_dst_buf[i]);
+ status = TEST_FAILED;
+ goto error_exit;
+ }
+ }
+ } else {
+ /* In-place operation */
+ struct rte_mbuf *mbuf;
+ uint8_t value;
+ uint32_t head_unchanged_len = 0, changed_len = 0;
+ uint32_t i;
+
+ mbuf = sym_op->m_src;
+ if (t->op_mask & BLOCKCIPHER_TEST_OP_CIPHER) {
+ head_unchanged_len = rte_pktmbuf_headroom(mbuf) +
+ sym_op->cipher.data.offset;
+ changed_len = sym_op->cipher.data.length;
+ } else {
+ /* auth-only */
+ head_unchanged_len = rte_pktmbuf_headroom(mbuf) +
+ sym_op->auth.data.offset +
+ sym_op->auth.data.length;
+ changed_len = 0;
+ }
+
+ if (t->op_mask & BLOCKCIPHER_TEST_OP_AUTH_GEN)
+ changed_len += sym_op->auth.digest.length;
+
+ if (t->op_mask & BLOCKCIPHER_TEST_OP_AUTH_VERIFY) {
+ /* white-box test: PMDs use some of the
+ * tailroom as temp storage in verify case
+ */
+ if (t->op_mask & BLOCKCIPHER_TEST_OP_CIPHER) {
+ /* This is simplified, not checking digest*/
+ changed_len += digest_len*2;
+ } else {
+ head_unchanged_len += digest_len;
+ changed_len += digest_len;
+ }
+ }
+
+ for (i = 0; i < mbuf->buf_len; i++) {
+ if (i == head_unchanged_len)
+ i += changed_len;
+ value = *((uint8_t *)(mbuf->buf_addr)+i);
+ if (value != tmp_src_buf[i]) {
+ snprintf(test_msg, BLOCKCIPHER_TEST_MSG_LEN,
+ "line %u FAILED: outer mbuf data (0x%x) not as expected (0x%x)",
+ __LINE__, value, tmp_src_buf[i]);
+ status = TEST_FAILED;
+ goto error_exit;
+ }
+ }
+ }
+
snprintf(test_msg, BLOCKCIPHER_TEST_MSG_LEN, "PASS");
error_exit:
--
2.5.0
next reply other threads:[~2016-12-22 16:51 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-12-22 16:51 Fiona Trahe [this message]
2017-01-09 15:22 ` [PATCH] crypto test: add integrity check for mbuf data Kusztal, ArkadiuszX
2017-01-10 13:53 ` De Lara Guarch, Pablo
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1482425467-27415-1-git-send-email-fiona.trahe@intel.com \
--to=fiona.trahe@intel.com \
--cc=deepak.k.jain@intel.com \
--cc=dev@dpdk.org \
--cc=john.griffin@intel.com \
--cc=pablo.de.lara.guarch@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.