1
2
3
4
5#ifndef _FIPS_VALIDATION_H_
6#define _FIPS_VALIDATION_H_
7
8#define FIPS_PARSE_ERR(fmt, args) \
9 RTE_LOG(ERR, USER1, "FIPS parse error" ## fmt ## "\n", ## args)
10
11#define ERR_MSG_SIZE 128
12#define MAX_CASE_LINE 15
13#define MAX_LINE_CHAR 204800
14#define MAX_NB_TESTS 10240
15#define DEF_MBUF_SEG_SIZE (UINT16_MAX - sizeof(struct rte_mbuf) - \
16 RTE_PKTMBUF_HEADROOM)
17#define MAX_STRING_SIZE 64
18#define MAX_FILE_NAME_SIZE 256
19#define MAX_DIGEST_SIZE 64
20
21#define POSITIVE_TEST 0
22#define NEGATIVE_TEST -1
23
24#define REQ_FILE_PERFIX "req"
25#define RSP_FILE_PERFIX "rsp"
26#define FAX_FILE_PERFIX "fax"
27
28enum fips_test_algorithms {
29 FIPS_TEST_ALGO_AES = 0,
30 FIPS_TEST_ALGO_AES_GCM,
31 FIPS_TEST_ALGO_AES_CMAC,
32 FIPS_TEST_ALGO_AES_CCM,
33 FIPS_TEST_ALGO_HMAC,
34 FIPS_TEST_ALGO_TDES,
35 FIPS_TEST_ALGO_SHA,
36 FIPS_TEST_ALGO_AES_XTS,
37 FIPS_TEST_ALGO_MAX
38};
39
40enum file_types {
41 FIPS_TYPE_REQ = 1,
42 FIPS_TYPE_FAX,
43 FIPS_TYPE_RSP
44};
45
46enum fips_test_op {
47 FIPS_TEST_ENC_AUTH_GEN = 1,
48 FIPS_TEST_DEC_AUTH_VERIF,
49};
50
51#define MAX_LINE_PER_VECTOR 16
52
53struct fips_val {
54 uint8_t *val;
55 uint32_t len;
56};
57
58struct fips_test_vector {
59 union {
60 struct {
61 struct fips_val key;
62 struct fips_val digest;
63 struct fips_val auth_aad;
64 struct fips_val aad;
65 } cipher_auth;
66 struct {
67 struct fips_val key;
68 struct fips_val digest;
69 struct fips_val aad;
70 } aead;
71 };
72
73 struct fips_val pt;
74 struct fips_val ct;
75 struct fips_val iv;
76
77 enum rte_crypto_op_status status;
78};
79
80typedef int (*post_prcess_t)(struct fips_val *val);
81
82typedef int (*parse_callback_t)(const char *key, char *text,
83 struct fips_val *val);
84
85struct fips_test_callback {
86 const char *key;
87 parse_callback_t cb;
88 struct fips_val *val;
89};
90
91enum fips_aesavs_test_types {
92 AESAVS_TYPE_GFXBOX = 1,
93 AESAVS_TYPE_KEYSBOX,
94 AESAVS_TYPE_VARKEY,
95 AESAVS_TYPE_VARTXT,
96 AESAVS_TYPE_MMT,
97 AESAVS_TYPE_MCT,
98};
99
100enum fips_tdes_test_types {
101 TDES_INVERSE_PERMUTATION = 0,
102 TDES_PERMUTATION,
103 TDES_SUBSTITUTION_TABLE,
104 TDES_VARIABLE_KEY,
105 TDES_VARIABLE_TEXT,
106 TDES_KAT,
107 TDES_MCT,
108 TDES_MMT
109};
110
111enum fips_tdes_test_mode {
112 TDES_MODE_CBC = 0,
113 TDES_MODE_ECB
114};
115
116enum fips_ccm_test_types {
117 CCM_VADT = 1,
118 CCM_VPT,
119 CCM_VNT,
120 CCM_VTT,
121 CCM_DVPT,
122};
123
124enum fips_sha_test_types {
125 SHA_KAT = 0,
126 SHA_MCT
127};
128
129struct aesavs_interim_data {
130 enum fips_aesavs_test_types test_type;
131 uint32_t cipher_algo;
132 uint32_t key_len;
133};
134
135struct hmac_interim_data {
136 enum rte_crypto_auth_algorithm algo;
137};
138
139struct tdes_interim_data {
140 enum fips_tdes_test_types test_type;
141 enum fips_tdes_test_mode test_mode;
142 uint32_t nb_keys;
143};
144
145struct ccm_interim_data {
146 enum fips_ccm_test_types test_type;
147 uint32_t aad_len;
148 uint32_t pt_len;
149 uint32_t digest_len;
150 uint32_t key_len;
151 uint32_t iv_len;
152};
153
154struct sha_interim_data {
155 enum fips_sha_test_types test_type;
156 enum rte_crypto_auth_algorithm algo;
157};
158
159struct gcm_interim_data {
160 uint8_t is_gmac;
161 uint8_t gen_iv;
162};
163
164struct fips_test_interim_info {
165 FILE *fp_rd;
166 FILE *fp_wr;
167 enum file_types file_type;
168 enum fips_test_algorithms algo;
169 char *one_line_text;
170 char *vec[MAX_LINE_PER_VECTOR];
171 uint32_t vec_start_off;
172 uint32_t nb_vec_lines;
173 char device_name[MAX_STRING_SIZE];
174 char file_name[MAX_FILE_NAME_SIZE];
175 float version;
176
177 union {
178 struct aesavs_interim_data aes_data;
179 struct hmac_interim_data hmac_data;
180 struct tdes_interim_data tdes_data;
181 struct ccm_interim_data ccm_data;
182 struct sha_interim_data sha_data;
183 struct gcm_interim_data gcm_data;
184 } interim_info;
185
186 enum fips_test_op op;
187
188 const struct fips_test_callback *callbacks;
189 const struct fips_test_callback *interim_callbacks;
190 const struct fips_test_callback *writeback_callbacks;
191
192 post_prcess_t parse_writeback;
193 post_prcess_t kat_check;
194};
195
196extern struct fips_test_vector vec;
197extern struct fips_test_interim_info info;
198
199int
200fips_test_init(const char *req_file_path, const char *rsp_file_path,
201 const char *device_name);
202
203void
204fips_test_clear(void);
205
206int
207fips_test_fetch_one_block(void);
208
209int
210fips_test_parse_one_case(void);
211
212void
213fips_test_write_one_case(void);
214
215int
216parse_test_aes_init(void);
217
218int
219parse_test_tdes_init(void);
220
221int
222parse_test_hmac_init(void);
223
224int
225parse_test_gcm_init(void);
226
227int
228parse_test_cmac_init(void);
229
230int
231parse_test_ccm_init(void);
232
233int
234parse_test_sha_init(void);
235
236int
237parse_test_xts_init(void);
238
239int
240parser_read_uint8_hex(uint8_t *value, const char *p);
241
242int
243parse_uint8_hex_str(const char *key, char *src, struct fips_val *val);
244
245int
246parse_uint8_known_len_hex_str(const char *key, char *src, struct fips_val *val);
247
248int
249parser_read_uint32_val(const char *key, char *src, struct fips_val *val);
250
251int
252parser_read_uint32_bit_val(const char *key, char *src, struct fips_val *val);
253
254int
255parser_read_uint32(uint32_t *value, char *p);
256
257int
258parser_read_uint32_val(const char *key, char *src, struct fips_val *val);
259
260int
261writeback_hex_str(const char *key, char *dst, struct fips_val *val);
262
263void
264parse_write_hex_str(struct fips_val *src);
265
266int
267update_info_vec(uint32_t count);
268
269typedef int (*fips_test_one_case_t)(void);
270typedef int (*fips_prepare_op_t)(void);
271typedef int (*fips_prepare_xform_t)(struct rte_crypto_sym_xform *);
272
273struct fips_test_ops {
274 fips_prepare_xform_t prepare_xform;
275 fips_prepare_op_t prepare_op;
276 fips_test_one_case_t test;
277};
278
279extern struct fips_test_ops test_ops;
280
281int prepare_aead_op(void);
282
283int prepare_auth_op(void);
284
285int prepare_gcm_xform(struct rte_crypto_sym_xform *xform);
286
287int prepare_gmac_xform(struct rte_crypto_sym_xform *xform);
288
289#endif
290