diff mbox series

[API-NEXT,v2,1/8] validation: crypto: add tests for checking message digests

Message ID 20170403114212.23355-2-dmitry.ereminsolenikov@linaro.org
State New
Headers show
Series crypto rework and support for SHA-1/-512 | expand

Commit Message

Dmitry Eremin-Solenikov April 3, 2017, 11:42 a.m. UTC
Currently ODP testsuite only verifies generation of digests. Let's also
verify that checking the digest actually works. Test that check function
will accept valid digest and that it will reject wrong digests.

Signed-off-by: Dmitry Eremin-Solenikov <dmitry.ereminsolenikov@linaro.org>

---
 test/common_plat/validation/api/crypto/crypto.h    |  12 +-
 .../validation/api/crypto/odp_crypto_test_inp.c    | 172 +++++++++++++++++++--
 2 files changed, 169 insertions(+), 15 deletions(-)

-- 
2.11.0
diff mbox series

Patch

diff --git a/test/common_plat/validation/api/crypto/crypto.h b/test/common_plat/validation/api/crypto/crypto.h
index c25cbb39..49ca5122 100644
--- a/test/common_plat/validation/api/crypto/crypto.h
+++ b/test/common_plat/validation/api/crypto/crypto.h
@@ -22,10 +22,14 @@  void crypto_test_enc_alg_aes128_gcm(void);
 void crypto_test_enc_alg_aes128_gcm_ovr_iv(void);
 void crypto_test_dec_alg_aes128_gcm(void);
 void crypto_test_dec_alg_aes128_gcm_ovr_iv(void);
-void crypto_test_alg_hmac_md5(void);
-void crypto_test_alg_hmac_sha1(void);
-void crypto_test_alg_hmac_sha256(void);
-void crypto_test_alg_hmac_sha512(void);
+void crypto_test_gen_alg_hmac_md5(void);
+void crypto_test_check_alg_hmac_md5(void);
+void crypto_test_gen_alg_hmac_sha1(void);
+void crypto_test_check_alg_hmac_sha1(void);
+void crypto_test_gen_alg_hmac_sha256(void);
+void crypto_test_check_alg_hmac_sha256(void);
+void crypto_test_gen_alg_hmac_sha512(void);
+void crypto_test_check_alg_hmac_sha512(void);
 
 /* test arrays: */
 extern odp_testinfo_t crypto_suite[];
diff --git a/test/common_plat/validation/api/crypto/odp_crypto_test_inp.c b/test/common_plat/validation/api/crypto/odp_crypto_test_inp.c
index 42149ac6..9af7ba3b 100644
--- a/test/common_plat/validation/api/crypto/odp_crypto_test_inp.c
+++ b/test/common_plat/validation/api/crypto/odp_crypto_test_inp.c
@@ -65,6 +65,7 @@  static const char *cipher_alg_name(odp_cipher_alg_t cipher)
  * buffer can be used.
  * */
 static void alg_test(odp_crypto_op_t op,
+		     odp_bool_t should_fail,
 		     odp_cipher_alg_t cipher_alg,
 		     odp_crypto_iv_t ses_iv,
 		     uint8_t *op_iv_ptr,
@@ -239,6 +240,10 @@  static void alg_test(odp_crypto_op_t op,
 		op_params.override_iv_ptr = op_iv_ptr;
 
 	op_params.hash_result_offset = plaintext_len;
+	if (0 != digest_len) {
+		memcpy(data_addr + op_params.hash_result_offset,
+		       digest, digest_len);
+	}
 
 	rc = odp_crypto_operation(&op_params, &posted, &result);
 	if (rc < 0) {
@@ -259,8 +264,15 @@  static void alg_test(odp_crypto_op_t op,
 		odp_crypto_compl_free(compl_event);
 	}
 
-	CU_ASSERT(result.ok);
 	CU_ASSERT(result.pkt == pkt);
+	CU_ASSERT(result.ctx == (void *)0xdeadbeef);
+
+	if (should_fail) {
+		CU_ASSERT(!result.ok);
+		goto cleanup;
+	}
+
+	CU_ASSERT(result.ok);
 
 	if (cipher_alg != ODP_CIPHER_ALG_NULL)
 		CU_ASSERT(!memcmp(data_addr, ciphertext, ciphertext_len));
@@ -268,8 +280,6 @@  static void alg_test(odp_crypto_op_t op,
 	if (op == ODP_CRYPTO_OP_ENCODE && auth_alg != ODP_AUTH_ALG_NULL)
 		CU_ASSERT(!memcmp(data_addr + op_params.hash_result_offset,
 				  digest, digest_len));
-
-	CU_ASSERT(result.ctx == (void *)0xdeadbeef);
 cleanup:
 	rc = odp_crypto_session_destroy(session);
 	CU_ASSERT(!rc);
@@ -453,6 +463,7 @@  void crypto_test_enc_alg_3des_cbc(void)
 			continue;
 
 		alg_test(ODP_CRYPTO_OP_ENCODE,
+			 0,
 			 ODP_CIPHER_ALG_3DES_CBC,
 			 iv,
 			 NULL,
@@ -488,6 +499,7 @@  void crypto_test_enc_alg_3des_cbc_ovr_iv(void)
 			continue;
 
 		alg_test(ODP_CRYPTO_OP_ENCODE,
+			 0,
 			 ODP_CIPHER_ALG_3DES_CBC,
 			 iv,
 			 tdes_cbc_reference_iv[i],
@@ -527,6 +539,7 @@  void crypto_test_dec_alg_3des_cbc(void)
 			continue;
 
 		alg_test(ODP_CRYPTO_OP_DECODE,
+			 0,
 			 ODP_CIPHER_ALG_3DES_CBC,
 			 iv,
 			 NULL,
@@ -564,6 +577,7 @@  void crypto_test_dec_alg_3des_cbc_ovr_iv(void)
 			continue;
 
 		alg_test(ODP_CRYPTO_OP_DECODE,
+			 0,
 			 ODP_CIPHER_ALG_3DES_CBC,
 			 iv,
 			 tdes_cbc_reference_iv[i],
@@ -610,6 +624,7 @@  void crypto_test_enc_alg_aes128_gcm(void)
 			continue;
 
 		alg_test(ODP_CRYPTO_OP_ENCODE,
+			 0,
 			 ODP_CIPHER_ALG_AES_GCM,
 			 iv,
 			 NULL,
@@ -653,6 +668,7 @@  void crypto_test_enc_alg_aes128_gcm_ovr_iv(void)
 			continue;
 
 		alg_test(ODP_CRYPTO_OP_ENCODE,
+			 0,
 			 ODP_CIPHER_ALG_AES_GCM,
 			 iv,
 			 aes128_gcm_reference_iv[i],
@@ -699,6 +715,7 @@  void crypto_test_dec_alg_aes128_gcm(void)
 			continue;
 
 		alg_test(ODP_CRYPTO_OP_DECODE,
+			 0,
 			 ODP_CIPHER_ALG_AES_GCM,
 			 iv,
 			 NULL,
@@ -743,6 +760,7 @@  void crypto_test_dec_alg_aes128_gcm_ovr_iv(void)
 			continue;
 
 		alg_test(ODP_CRYPTO_OP_DECODE,
+			 0,
 			 ODP_CIPHER_ALG_AES_GCM,
 			 iv,
 			 aes128_gcm_reference_iv[i],
@@ -790,6 +808,7 @@  void crypto_test_enc_alg_aes128_cbc(void)
 			continue;
 
 		alg_test(ODP_CRYPTO_OP_ENCODE,
+			 0,
 			 ODP_CIPHER_ALG_AES_CBC,
 			 iv,
 			 NULL,
@@ -825,6 +844,7 @@  void crypto_test_enc_alg_aes128_cbc_ovr_iv(void)
 			continue;
 
 		alg_test(ODP_CRYPTO_OP_ENCODE,
+			 0,
 			 ODP_CIPHER_ALG_AES_CBC,
 			 iv,
 			 aes128_cbc_reference_iv[i],
@@ -864,6 +884,7 @@  void crypto_test_dec_alg_aes128_cbc(void)
 			continue;
 
 		alg_test(ODP_CRYPTO_OP_DECODE,
+			 0,
 			 ODP_CIPHER_ALG_AES_CBC,
 			 iv,
 			 NULL,
@@ -901,6 +922,7 @@  void crypto_test_dec_alg_aes128_cbc_ovr_iv(void)
 			continue;
 
 		alg_test(ODP_CRYPTO_OP_DECODE,
+			 0,
 			 ODP_CIPHER_ALG_AES_CBC,
 			 iv,
 			 aes128_cbc_reference_iv[i],
@@ -927,7 +949,7 @@  static int check_alg_hmac_md5(void)
  * In addition the test verifies if the implementation can use the
  * packet buffer as completion event buffer.
  * */
-void crypto_test_alg_hmac_md5(void)
+void crypto_test_gen_alg_hmac_md5(void)
 {
 	odp_crypto_key_t cipher_key = { .data = NULL, .length = 0 },
 			 auth_key   = { .data = NULL, .length = 0 };
@@ -946,6 +968,7 @@  void crypto_test_alg_hmac_md5(void)
 			continue;
 
 		alg_test(ODP_CRYPTO_OP_ENCODE,
+			 0,
 			 ODP_CIPHER_ALG_NULL,
 			 iv,
 			 iv.data,
@@ -961,6 +984,59 @@  void crypto_test_alg_hmac_md5(void)
 	}
 }
 
+void crypto_test_check_alg_hmac_md5(void)
+{
+	odp_crypto_key_t cipher_key = { .data = NULL, .length = 0 },
+			 auth_key   = { .data = NULL, .length = 0 };
+	odp_crypto_iv_t iv = { .data = NULL, .length = 0 };
+	uint8_t wrong_digest[HMAC_MD5_DIGEST_LEN];
+
+	unsigned int test_vec_num = (sizeof(hmac_md5_reference_length) /
+				     sizeof(hmac_md5_reference_length[0]));
+	unsigned int i;
+
+	memset(wrong_digest, 0xa5, sizeof(wrong_digest));
+
+	for (i = 0; i < test_vec_num; i++) {
+		auth_key.data = hmac_md5_reference_key[i];
+		auth_key.length = sizeof(hmac_md5_reference_key[i]);
+
+		if (!check_auth_options(ODP_AUTH_ALG_MD5_HMAC, auth_key.length,
+					HMAC_MD5_96_CHECK_LEN))
+			continue;
+
+		alg_test(ODP_CRYPTO_OP_DECODE,
+			 0,
+			 ODP_CIPHER_ALG_NULL,
+			 iv,
+			 iv.data,
+			 cipher_key,
+			 ODP_AUTH_ALG_MD5_HMAC,
+			 auth_key,
+			 NULL, NULL,
+			 hmac_md5_reference_plaintext[i],
+			 hmac_md5_reference_length[i],
+			 NULL, 0,
+			 hmac_md5_reference_digest[i],
+			 HMAC_MD5_96_CHECK_LEN);
+
+		alg_test(ODP_CRYPTO_OP_DECODE,
+			 1,
+			 ODP_CIPHER_ALG_NULL,
+			 iv,
+			 iv.data,
+			 cipher_key,
+			 ODP_AUTH_ALG_MD5_HMAC,
+			 auth_key,
+			 NULL, NULL,
+			 hmac_md5_reference_plaintext[i],
+			 hmac_md5_reference_length[i],
+			 NULL, 0,
+			 wrong_digest,
+			 HMAC_MD5_96_CHECK_LEN);
+	}
+}
+
 static int check_alg_hmac_sha256(void)
 {
 	return check_alg_support(ODP_CIPHER_ALG_NULL, ODP_AUTH_ALG_SHA256_HMAC);
@@ -973,7 +1049,7 @@  static int check_alg_hmac_sha256(void)
  * In addition the test verifies if the implementation can use the
  * packet buffer as completion event buffer.
  * */
-void crypto_test_alg_hmac_sha256(void)
+void crypto_test_gen_alg_hmac_sha256(void)
 {
 	odp_crypto_key_t cipher_key = { .data = NULL, .length = 0 },
 			 auth_key   = { .data = NULL, .length = 0 };
@@ -994,6 +1070,47 @@  void crypto_test_alg_hmac_sha256(void)
 			continue;
 
 		alg_test(ODP_CRYPTO_OP_ENCODE,
+			 0,
+			 ODP_CIPHER_ALG_NULL,
+			 iv,
+			 iv.data,
+			 cipher_key,
+			 ODP_AUTH_ALG_SHA256_HMAC,
+			 auth_key,
+			 NULL, NULL,
+			 hmac_sha256_reference_plaintext[i],
+			 hmac_sha256_reference_length[i],
+			 NULL, 0,
+			 hmac_sha256_reference_digest[i],
+			 HMAC_SHA256_128_CHECK_LEN);
+	}
+}
+
+void crypto_test_check_alg_hmac_sha256(void)
+{
+	odp_crypto_key_t cipher_key = { .data = NULL, .length = 0 },
+			 auth_key   = { .data = NULL, .length = 0 };
+	odp_crypto_iv_t iv = { .data = NULL, .length = 0 };
+	uint8_t wrong_digest[HMAC_SHA256_DIGEST_LEN];
+
+	unsigned int test_vec_num = (sizeof(hmac_sha256_reference_length) /
+				     sizeof(hmac_sha256_reference_length[0]));
+
+	unsigned int i;
+
+	memset(wrong_digest, 0xa5, sizeof(wrong_digest));
+
+	for (i = 0; i < test_vec_num; i++) {
+		auth_key.data = hmac_sha256_reference_key[i];
+		auth_key.length = sizeof(hmac_sha256_reference_key[i]);
+
+		if (!check_auth_options(ODP_AUTH_ALG_SHA256_HMAC,
+					auth_key.length,
+					HMAC_SHA256_128_CHECK_LEN))
+			continue;
+
+		alg_test(ODP_CRYPTO_OP_DECODE,
+			 0,
 			 ODP_CIPHER_ALG_NULL,
 			 iv,
 			 iv.data,
@@ -1006,6 +1123,21 @@  void crypto_test_alg_hmac_sha256(void)
 			 NULL, 0,
 			 hmac_sha256_reference_digest[i],
 			 HMAC_SHA256_128_CHECK_LEN);
+
+		alg_test(ODP_CRYPTO_OP_DECODE,
+			 1,
+			 ODP_CIPHER_ALG_NULL,
+			 iv,
+			 iv.data,
+			 cipher_key,
+			 ODP_AUTH_ALG_SHA256_HMAC,
+			 auth_key,
+			 NULL, NULL,
+			 hmac_sha256_reference_plaintext[i],
+			 hmac_sha256_reference_length[i],
+			 NULL, 0,
+			 wrong_digest,
+			 HMAC_SHA256_128_CHECK_LEN);
 	}
 }
 
@@ -1014,7 +1146,12 @@  static int check_alg_hmac_sha1(void)
 	return check_alg_support(ODP_CIPHER_ALG_NULL, ODP_AUTH_ALG_SHA1_HMAC);
 }
 
-void crypto_test_alg_hmac_sha1(void)
+void crypto_test_gen_alg_hmac_sha1(void)
+{
+	printf(" TEST NOT IMPLEMENTED YET ");
+}
+
+void crypto_test_check_alg_hmac_sha1(void)
 {
 	printf(" TEST NOT IMPLEMENTED YET ");
 }
@@ -1024,7 +1161,12 @@  static int check_alg_hmac_sha512(void)
 	return check_alg_support(ODP_CIPHER_ALG_NULL, ODP_AUTH_ALG_SHA512_HMAC);
 }
 
-void crypto_test_alg_hmac_sha512(void)
+void crypto_test_gen_alg_hmac_sha512(void)
+{
+	printf(" TEST NOT IMPLEMENTED YET ");
+}
+
+void crypto_test_check_alg_hmac_sha512(void)
 {
 	printf(" TEST NOT IMPLEMENTED YET ");
 }
@@ -1078,13 +1220,21 @@  odp_testinfo_t crypto_suite[] = {
 				  check_alg_aes_gcm),
 	ODP_TEST_INFO_CONDITIONAL(crypto_test_dec_alg_aes128_gcm_ovr_iv,
 				  check_alg_aes_gcm),
-	ODP_TEST_INFO_CONDITIONAL(crypto_test_alg_hmac_md5,
+	ODP_TEST_INFO_CONDITIONAL(crypto_test_gen_alg_hmac_md5,
+				  check_alg_hmac_md5),
+	ODP_TEST_INFO_CONDITIONAL(crypto_test_check_alg_hmac_md5,
 				  check_alg_hmac_md5),
-	ODP_TEST_INFO_CONDITIONAL(crypto_test_alg_hmac_sha1,
+	ODP_TEST_INFO_CONDITIONAL(crypto_test_gen_alg_hmac_sha1,
 				  check_alg_hmac_sha1),
-	ODP_TEST_INFO_CONDITIONAL(crypto_test_alg_hmac_sha256,
+	ODP_TEST_INFO_CONDITIONAL(crypto_test_check_alg_hmac_sha1,
+				  check_alg_hmac_sha1),
+	ODP_TEST_INFO_CONDITIONAL(crypto_test_gen_alg_hmac_sha256,
+				  check_alg_hmac_sha256),
+	ODP_TEST_INFO_CONDITIONAL(crypto_test_check_alg_hmac_sha256,
 				  check_alg_hmac_sha256),
-	ODP_TEST_INFO_CONDITIONAL(crypto_test_alg_hmac_sha512,
+	ODP_TEST_INFO_CONDITIONAL(crypto_test_gen_alg_hmac_sha512,
+				  check_alg_hmac_sha512),
+	ODP_TEST_INFO_CONDITIONAL(crypto_test_check_alg_hmac_sha512,
 				  check_alg_hmac_sha512),
 	ODP_TEST_INFO_NULL,
 };