summaryrefslogtreecommitdiff
path: root/examples/fips_validation
AgeCommit message (Collapse)Author
9 daysexamples/fips_validation: fix vectors for AES-GCMSucharitha Sarananaga
Test vectors for AES-GCM need to be populated by using aead member and not cipher_auth. Using incorrect member would result in failures when AES-GCM with non-zero AAD is tried. Bugzilla ID: 360 Fixes: 4aaad2995e13 ("examples/fips_validation: support GCM parsing") Signed-off-by: Anoob Joseph <anoobj@marvell.com> Signed-off-by: Sucharitha Sarananaga <ssarananaga@marvell.com>
2019-11-20examples: hide error for missing pkg-config path flagBruce Richardson
Some versions of pkg-config don't support the --path flag, which is not a fatal error when building the apps. Without the flag, the makefile just cannot track the .pc file of DPDK as a dependency of the build. Therefore, we can ignore the error and suppress it by redirecting to /dev/null the stderr from that call to pkg-config. Fixes: 22119c4591a0 ("examples: use pkg-config in makefiles") Cc: stable@dpdk.org Signed-off-by: Bruce Richardson <bruce.richardson@intel.com> Tested-by: Ferruh Yigit <ferruh.yigit@intel.com>
2019-11-20examples: fix build with old pkg-configBruce Richardson
Not all versions of pkg-config in distros have support for the --define-prefix flag [1], causing errors when building examples manually or with test-meson-builds.sh script [2]. For the former case, we need to remove the hard-coded use of the flag in the Makefiles. For the latter case, the flag is necessary for builds to succeed, so we skip the tests when it's not present, passing it as part of the pkg-config command if it is supported. [1] CentOS Linux release 7.7.1908 (Core) pkg-config version 0.27.1 [2] ## Building cmdline Unknown option --define-prefix gmake: Entering directory `...ild-x86-default/install-root/usr/local/share/dpdk/examples/cmdline' rm -f build/cmdline build/cmdline-static build/cmdline-shared test -d build && rmdir -p build || true Unknown option --define-prefix Unknown option --define-prefix gcc -O3 main.c commands.c parse_obj_list.c -o build/cmdline-shared main.c:14:28: fatal error: cmdline_rdline.h: No such file or directory Fixes: ca9268529d2b ("examples: support relocated DPDK install") Fixes: 7f80a2102bbb ("devtools: test pkg-config file") Cc: stable@dpdk.org Reported-by: Ferruh Yigit <ferruh.yigit@intel.com> Signed-off-by: Bruce Richardson <bruce.richardson@intel.com> Tested-by: Ferruh Yigit <ferruh.yigit@intel.com>
2019-11-20examples/fips_validation: fix auth verifyFan Zhang
Fixes: f64adb6714e0 ("examples/fips_validation: support HMAC parsing") Cc: stable@dpdk.org This patch fixes the incorrect mbuf write and digest memory leak in fips_validation authentication verify. Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com> Acked-by: Marko Kovacevic <marko.kovacevic@intel.com>
2019-10-23examples/fips_validation: separate ECB and CBC initMichael Shamis
Separate initialization of IV, PT and CT according to TDES ECB and CBC crypto modes Signed-off-by: Michael Shamis <michaelsh@marvell.com> Reviewed-by: Marko Kovacevic <marko.kovacevic@intel.com>
2019-10-23examples/fips_validation: support AES ECBMichael Shamis
Signed-off-by: Michael Shamis <michaelsh@marvell.com> Reviewed-by: Marko Kovacevic <marko.kovacevic@intel.com>
2019-10-23examples/fips_validation: support TDES ECBMichael Shamis
Signed-off-by: Michael Shamis <michaelsh@marvell.com> Reviewed-by: Marko Kovacevic <marko.kovacevic@intel.com>
2019-10-09examples/fips_validation: fix null dereferencesChaitanya Babu Talluri
One issue caught by Coverity 343408 *deref_parm: Directly dereferencing parameter val->val. In writeback_tdes_hex_str(), tmp_val is initialised to null. tmp_val.val is updated only if keys are found. If keys are not found,it doesn't fails but continues to invoke writeback_hex_str(),where val->val is accessed without null check. The fix is to return the error, if keys are not found in writeback_tdes_hex_str(). Coverity issue: 343408 Fixes: 527cbf3d5e ("examples/fips_validation: support TDES parsing") Cc: stable@dpdk.org Signed-off-by: Chaitanya Babu Talluri <tallurix.chaitanya.babu@intel.com> Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
2019-07-05cryptodev: add feature flags to disableAnoob Joseph
Adding a new field, ff_disable, to allow applications to control the features enabled on the crypto device. This would allow for efficient usage of HW/SW offloads. Signed-off-by: Anoob Joseph <anoobj@marvell.com> Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
2019-07-05examples/fips_validation: fix logically dead codeFan Zhang
Coverity issue: 336866, 336841, 336838 Fixes: 41d561cbdd24 ("examples/fips_validation: add power on self test") Cc: stable@dpdk.org Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com> Acked-by: Marko Kovacevic <marko.kovacevic@intel.com>
2019-07-03examples: fix pkg-config detection with older makeBruce Richardson
Make versions before 4.2 did not have support for the .SHELLSTATUS variable, so use another method to detect shell success. Fixes: 22119c4591a0 ("examples: use pkg-config in makefiles") Cc: stable@dpdk.org Signed-off-by: Bruce Richardson <bruce.richardson@intel.com> Acked-by: Luca Boccassi <bluca@debian.org>
2019-07-02examples: support relocated DPDK installBruce Richardson
For testing of DPDK, we want to override the prefix given by the pkg-config file, so that we can get correct paths for DPDK installed in an unusual location. Signed-off-by: Bruce Richardson <bruce.richardson@intel.com> Acked-by: Luca Boccassi <bluca@debian.org>
2019-05-20examples: fix make clean when using pkg-configBruce Richardson
The "make clean" command had a number of issues: - the "--ignore-fail-on-non-empty" flag is not present on BSD - the call to remove the build folder would fail if there was no build folder present. These are fixed by only removing the build folder if it exists, and by using -p flag to rmdir in place of --ignore-fail-on-non-empty Fixes: 22119c4591a0 ("examples: use pkg-config in makefiles") Cc: stable@dpdk.org Signed-off-by: Bruce Richardson <bruce.richardson@intel.com> Acked-by: Luca Boccassi <bluca@debian.org>
2019-04-18examples/fips_validation: fix CMAC testMarko Kovacevic
As a result of the cmac test running the test where PT len is 65536 it should give a result back to the user USER1: Error -1: Prepare op USER1: PT len 65536 as this MSG len is not supported. Issue was that the application was not freeing the op properly after a while causing the app to fail. CRYPTODEV: rte_cryptodev_sym_session_create() line 1340: couldn't get object from session mempool USER1: Error -12: test block USER1: Error -12: Failed test CMAC/req/CMAC.req Fixes: cd255ccf5764 ("examples/fips_validation: support AES parsing") Cc: stable@dpdk.org Signed-off-by: Marko Kovacevic <marko.kovacevic@intel.com>
2019-04-18examples/fips_validation: fix HMAC testMarko Kovacevic
Application was failing as the HMAC and Plain SHA fips request files are similar in a way that they both have SHA- in the top section to determine the hash algo and hash sizes. And HMAC having the algo in the second line but the Plain SHA in the third meant that when the HMAC files was used once it parsed the third line Plain SHA was set as the algo and not HMAC. USER1: Failed to get capability for cdev 0 USER1: Error -22: test block [L=20 SHAAlg=SHA_2] USER1: Error -22: Failed test /root/FIPS/HMAC/req/HMAC.req Fixes: f4797bae0050 ("examples/fips_validation: support plain SHA") Signed-off-by: Marko Kovacevic <marko.kovacevic@intel.com>
2019-03-30examples: detect default build directoryBruce Richardson
Most examples have in their makefiles a default RTE_TARGET directory to be used in case RTE_TARGET is not set. Rather than just using a hard-coded default, we can instead detect what the build directory is relative to RTE_SDK directory. This fixes a potential issue for anyone who continues to build using "make install T=x86_64-native-linuxapp-gcc" and skips setting RTE_TARGET explicitly, instead relying on the fact that they were building in a directory which corresponded to the example default path - which was changed to "x86_64-native-linux-gcc" by commit 218c4e68c1d9 ("mk: use linux and freebsd in config names"). Signed-off-by: Bruce Richardson <bruce.richardson@intel.com> Acked-by: Ferruh Yigit <ferruh.yigit@intel.com>
2019-03-22examples/fips_validation: support plain SHADamian Nowak
This patch enables plain SHA algorithm CAVP test support in fips_validation sample application. Signed-off-by: Damian Nowak <damianx.nowak@intel.com> Acked-by: Fan Zhang <roy.fan.zhang@intel.com> Acked-by: Marko Kovacevic <marko.kovacevic@intel.com>
2019-03-12mk: use linux and freebsd in config namesBruce Richardson
Rather than using linuxapp and bsdapp everywhere, we can change things to use the, more readable, terms "linux" and "freebsd" in our build configs. Rather than renaming the configs we can just duplicate the existing ones with the new names using symlinks, and use the new names exclusively internally. ["make showconfigs" also only shows the new names to keep the list short] The result is that backward compatibility is kept fully but any new builds or development can be done using the newer names, i.e. both "make config T=x86_64-native-linuxapp-gcc" and "T=x86_64-native-linux-gcc" work. Signed-off-by: Bruce Richardson <bruce.richardson@intel.com>
2019-01-22examples/fips_validation: fix physical addressFan Zhang
This patch fixes the missed digest and aad data physical addresses filling to crypto operations in fips_validation sample application. Fixes: 41d561cbdd24 ("examples/fips_validation: add power on self test") Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com> Acked-by: Marko Kovacevic <marko.kovacevic@intel.com>
2019-01-18examples/fips_validation: fix session private mempoolFan Zhang
This patch fixes the incorrect session private mempool passing to cryptodev. Fixes: 41d561cbdd24 ("examples/fips_validation: add power on self test") Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com> Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
2019-01-10examples/fips_validation: add power on self testFan Zhang
This patch adds a sample power on self-test to fips_validate sample application. Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com> Acked-by: Damian Nowak <damianx.nowak@intel.com>
2019-01-10examples: use separate crypto session mempoolsFan Zhang
This patch uses the two session mempool approach to all cryptodev sample applications. One mempool is for session header objects, and the other is for session private data. Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com> Acked-by: Fiona Trahe <fiona.trahe@intel.com> Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
2019-01-10cryptodev: change queue pair configure structureFan Zhang
This patch changes the cryptodev queue pair configure structure to enable two mempool passed into cryptodev PMD simutaneously. Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com> Acked-by: Fiona Trahe <fiona.trahe@intel.com> Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com> Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
2018-11-07examples/fips_validation: fix uninitialized accessMarko Kovacevic
Fixing a bug raised in coverity using uninitialized value. Coverity issue: 325881 Fixes: 527cbf3d5ee3 ("examples/fips_validation: support TDES parsing") Signed-off-by: Marko Kovacevic <marko.kovacevic@intel.com>
2018-11-06examples/fips_validation: fix unitialized variablesMarko Kovacevic
Fixed compilation issue with variable which may be used uninitialized. Fixes: 527cbf3d5ee3 ("examples/fips_validation: support TDES parsing") Signed-off-by: Marko Kovacevic <marko.kovacevic@intel.com>
2018-11-05examples/fips_validation: fix buildThomas Monjalon
The example was not added to the Makefile and there are some compilation errors: examples/fips_validation/main.c: In function ‘prepare_aead_op’: error: control reaches end of non-void function examples/fips_validation/main.c: In function ‘prepare_auth_op’: error: control reaches end of non-void function Fixes: 3d0fad56b74a ("examples/fips_validation: add crypto FIPS application") Fixes: f64adb6714e0 ("examples/fips_validation: support HMAC parsing") Fixes: 4aaad2995e13 ("examples/fips_validation: support GCM parsing") Signed-off-by: Thomas Monjalon <thomas@monjalon.net> Reviewed-by: Ferruh Yigit <ferruh.yigit@intel.com> Tested-by: Ferruh Yigit <ferruh.yigit@intel.com>
2018-11-02examples/fips_validation: support CCM parsingMarko Kovacevic
Added enablement for CCM parser, to allow the application to parser the ccm request files and to validate all test types supported. Signed-off-by: Marko Kovacevic <marko.kovacevic@intel.com> Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com> Acked-by: Arek Kusztal <arkadiuszx.kusztal@intel.com> Reviewed-by: Akhil Goyal <akhil.goyal@nxp.com>
2018-11-02examples/fips_validation: support CMAC parsingMarko Kovacevic
Added enablement for CMAC parser, to allow the application to parser the cmac request files and to validate all test types supported. Signed-off-by: Marko Kovacevic <marko.kovacevic@intel.com> Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com> Acked-by: Arek Kusztal <arkadiuszx.kusztal@intel.com> Reviewed-by: Akhil Goyal <akhil.goyal@nxp.com>
2018-11-02examples/fips_validation: support GCM parsingMarko Kovacevic
Added enablement for GCM parser, to allow the application to parser the GCM request file and to validate all tests supported. Signed-off-by: Marko Kovacevic <marko.kovacevic@intel.com> Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com> Acked-by: Arek Kusztal <arkadiuszx.kusztal@intel.com> Reviewed-by: Akhil Goyal <akhil.goyal@nxp.com>
2018-11-02examples/fips_validation: support TDES parsingMarko Kovacevic
Added enablement for TDES parser, to allow the application to parser the TDES request files and to validate all test types supported. Signed-off-by: Marko Kovacevic <marko.kovacevic@intel.com> Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com> Acked-by: Arek Kusztal <arkadiuszx.kusztal@intel.com> Reviewed-by: Akhil Goyal <akhil.goyal@nxp.com>
2018-11-02examples/fips_validation: support HMAC parsingMarko Kovacevic
Added enablement for HMAC parser, to allow the application to parser the hmac request files and to validate all tests supported Signed-off-by: Marko Kovacevic <marko.kovacevic@intel.com> Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com> Acked-by: Arek Kusztal <arkadiuszx.kusztal@intel.com> Reviewed-by: Akhil Goyal <akhil.goyal@nxp.com>
2018-11-02examples/fips_validation: support AES parsingMarko Kovacevic
Added enablement for AES-CBC parser, to allow the application to parser the aes request file and to validate all test types supported. Signed-off-by: Marko Kovacevic <marko.kovacevic@intel.com> Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com> Acked-by: Arek Kusztal <arkadiuszx.kusztal@intel.com> Reviewed-by: Akhil Goyal <akhil.goyal@nxp.com>
2018-11-02examples/fips_validation: add crypto FIPS applicationMarko Kovacevic
Added FIPS application into the examples to allow users to use a simple sample app to validate their systems and be able to get FIPS certification. Signed-off-by: Marko Kovacevic <marko.kovacevic@intel.com> Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com> Acked-by: Arek Kusztal <arkadiuszx.kusztal@intel.com> Reviewed-by: Akhil Goyal <akhil.goyal@nxp.com>