mh_sha1: add new api with parameter checking

Add new MH SHA1 input validation test app Signed-off-by: Marcel Cornu <[email protected]>
intel · Mar 26, 2024 · f80afdf · f80afdf
1 parent 7080fff
commit f80afdf
Show file tree

Hide file tree

Showing 6 changed files with 237 additions and 0 deletions.
diff --git a/Makefile.nmake b/Makefile.nmake
@@ -379,6 +379,8 @@ checks = \
 	xts_128_expanded_key_test.exe \
 	xts_256_expanded_key_test.exe \
 	aes_param_test.exe \
+	mh_sha1_param_test.exe
+
 
 checks: lib $(checks)
 $(checks): $(@B).obj

diff --git a/include/mh_sha1.h b/include/mh_sha1.h
@@ -307,6 +307,48 @@ int mh_sha1_finalize_avx2 (struct mh_sha1_ctx* ctx,
 int mh_sha1_finalize_avx512 (struct mh_sha1_ctx* ctx,
 						void* mh_sha1_digest);
 
+/**
+ * @brief Initialize the mh_sha1_ctx structure.
+ *
+ * @param  ctx Structure holding mh_sha1 info
+ * @return Operation status
+ * @retval 0 on success
+ * @retval Non-zero \a ISAL_CRYPTO_ERR on failure
+ */
+int isal_mh_sha1_init (struct mh_sha1_ctx* ctx);
+
+/**
+ * @brief Multi-hash sha1 update.
+ *
+ * Can be called repeatedly to update hashes with new input data.
+ * This function determines what instruction sets are enabled and selects the
+ * appropriate version at runtime.
+ *
+ * @param  ctx Structure holding mh_sha1 info
+ * @param  buffer Pointer to buffer to be processed
+ * @param  len Length of buffer (in bytes) to be processed
+ * @return Operation status
+ * @retval 0 on success
+ * @retval Non-zero \a ISAL_CRYPTO_ERR on failure
+ */
+int isal_mh_sha1_update (struct mh_sha1_ctx * ctx, const void* buffer, uint32_t len);
+
+/**
+ * @brief Finalize the message digests for multi-hash sha1.
+ *
+ * Place the message digest in mh_sha1_digest which must have enough space
+ * for the outputs.
+ * This function determines what instruction sets are enabled and selects the
+ * appropriate version at runtime.
+ *
+ * @param  ctx Structure holding mh_sha1 info
+ * @param  mh_sha1_digest The digest of mh_sha1
+ * @return Operation status
+ * @retval 0 on success
+ * @retval Non-zero \a ISAL_CRYPTO_ERR on failure
+ */
+int isal_mh_sha1_finalize (struct mh_sha1_ctx* ctx, void* mh_sha1_digest);
+
 #ifdef __cplusplus
 }
 #endif

diff --git a/isa-l_crypto.def b/isa-l_crypto.def
@@ -81,3 +81,6 @@ sm3_ctx_mgr_flush		       @76
 isal_aes_keyexp_128                    @77
 isal_aes_keyexp_192                    @78
 isal_aes_keyexp_256                    @79
+isal_mh_sha1_init                      @80
+isal_mh_sha1_update                    @81
+isal_mh_sha1_finalize                  @82
diff --git a/mh_sha1/Makefile.am b/mh_sha1/Makefile.am
@@ -72,6 +72,8 @@ src_include += -I $(srcdir)/mh_sha1
 extern_hdrs +=	include/mh_sha1.h
 
 check_tests += 	mh_sha1/mh_sha1_test
+check_tests += 	mh_sha1/mh_sha1_param_test
+
 unit_tests  += 	mh_sha1/mh_sha1_update_test
 
 perf_tests  += 	mh_sha1/mh_sha1_perf

diff --git a/mh_sha1/mh_sha1.c b/mh_sha1/mh_sha1.c
@@ -28,6 +28,7 @@
 **********************************************************************/
 
 #include <string.h>
+#include "isal_crypto_api.h"
 #include "mh_sha1_internal.h"
 
 int mh_sha1_init(struct mh_sha1_ctx *ctx)
@@ -52,8 +53,40 @@ int mh_sha1_init(struct mh_sha1_ctx *ctx)
 	return MH_SHA1_CTX_ERROR_NONE;
 }
 
+int isal_mh_sha1_init(struct mh_sha1_ctx *ctx)
+{
+#ifdef SAFE_PARAM
+	if (ctx == NULL)
+		return ISAL_CRYPTO_ERR_NULL_CTX;
+#endif
+	return mh_sha1_init(ctx);
+}
+
+int isal_mh_sha1_update(struct mh_sha1_ctx *ctx, const void *buffer, uint32_t len)
+{
+#ifdef SAFE_PARAM
+	if (ctx == NULL)
+		return ISAL_CRYPTO_ERR_NULL_CTX;
+	if (buffer == NULL)
+		return ISAL_CRYPTO_ERR_NULL_SRC;
+#endif
+	return mh_sha1_update(ctx, buffer, len);
+}
+
+int isal_mh_sha1_finalize(struct mh_sha1_ctx *ctx, void *mh_sha1_digest)
+{
+#ifdef SAFE_PARAM
+	if (ctx == NULL)
+		return ISAL_CRYPTO_ERR_NULL_CTX;
+	if (mh_sha1_digest == NULL)
+		return ISAL_CRYPTO_ERR_NULL_AUTH;
+#endif
+	return mh_sha1_finalize(ctx, mh_sha1_digest);
+}
+
 #if (!defined(NOARCH)) && (defined(__i386__) || defined(__x86_64__) \
 	|| defined( _M_X64) || defined(_M_IX86))
+
 /***************mh_sha1_update***********/
 // mh_sha1_update_sse.c
 #define MH_SHA1_UPDATE_FUNCTION mh_sha1_update_sse

diff --git a/mh_sha1/mh_sha1_param_test.c b/mh_sha1/mh_sha1_param_test.c
@@ -0,0 +1,155 @@
+/**********************************************************************
+  Copyright(c) 2024 Intel Corporation All rights reserved.
+
+  Redistribution and use in source and binary forms, with or without
+  modification, are permitted provided that the following conditions
+  are met:
+    * Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+    * Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in
+      the documentation and/or other materials provided with the
+      distribution.
+    * Neither the name of Intel Corporation nor the names of its
+      contributors may be used to endorse or promote products derived
+      from this software without specific prior written permission.
+
+  THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+  "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+  LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+  A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+  OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+  SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+  LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+  DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+  THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+  (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+  OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+**********************************************************************/
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include "isal_crypto_api.h"
+#include "mh_sha1.h"
+
+#define TEST_LEN   16*1024
+
+#define CHECK_RETURN(state, expected, func, label)	do{ \
+	if((state) != (expected)){ \
+		printf("test: %s() - expected return " \
+		       "value %d, got %d\n", func, expected, state); \
+		goto label; \
+	} \
+}while(0)
+
+#ifdef SAFE_PARAM
+static int test_mh_sha1_init_api(void)
+{
+	int ret, retval = 1;
+	struct mh_sha1_ctx *update_ctx = NULL;
+	ISAL_CRYPTO_ERROR expected = ISAL_CRYPTO_ERR_NULL_CTX;
+	const char *func_name = "isal_mh_sha1_init";
+
+	update_ctx = malloc(sizeof(*update_ctx));
+	if (update_ctx == NULL) {
+		printf("malloc failed test aborted\n");
+		return retval;
+	}
+
+	ret = isal_mh_sha1_init(NULL);
+	CHECK_RETURN(ret, expected, func_name, exit_init);
+
+	expected = ISAL_CRYPTO_ERR_NONE;
+	ret = isal_mh_sha1_init(update_ctx);
+	CHECK_RETURN(ret, expected, func_name, exit_init);
+
+	retval = 0;
+
+      exit_init:
+	free(update_ctx);
+
+	return retval;
+}
+
+static int test_mh_sha1_update_api(void)
+{
+	int ret, retval = 1;
+	struct mh_sha1_ctx *update_ctx = NULL;
+	uint8_t *buff = NULL;
+	ISAL_CRYPTO_ERROR expected = ISAL_CRYPTO_ERR_NULL_CTX;
+	const char *func_name = "isal_mh_sha1_update";
+
+	update_ctx = malloc(sizeof(*update_ctx));
+	buff = malloc(TEST_LEN);
+	if (update_ctx == NULL || buff == NULL) {
+		printf("malloc failed test aborted\n");
+		goto exit_update;
+	}
+
+	ret = isal_mh_sha1_update(NULL, buff, TEST_LEN);
+	CHECK_RETURN(ret, expected, func_name, exit_update);
+
+	expected = ISAL_CRYPTO_ERR_NULL_SRC;
+	ret = isal_mh_sha1_update(update_ctx, NULL, TEST_LEN);
+	CHECK_RETURN(ret, expected, func_name, exit_update);
+
+	expected = ISAL_CRYPTO_ERR_NONE;
+	ret = isal_mh_sha1_update(update_ctx, buff, TEST_LEN);
+	CHECK_RETURN(ret, expected, func_name, exit_update);
+
+	retval = 0;
+
+      exit_update:
+	free(update_ctx);
+	free(buff);
+
+	return retval;
+}
+
+static int test_mh_sha1_finalize_api(void)
+{
+	int ret, retval = 1;
+	struct mh_sha1_ctx *update_ctx = NULL;
+	uint32_t hash_test[SHA1_DIGEST_WORDS] = { 0 };
+	ISAL_CRYPTO_ERROR expected = ISAL_CRYPTO_ERR_NULL_CTX;
+	const char *func_name = "isal_mh_sha1_finalize";
+
+	update_ctx = malloc(sizeof(*update_ctx));
+	if (update_ctx == NULL) {
+		printf("malloc failed test aborted\n");
+		return retval;
+	}
+
+	ret = isal_mh_sha1_finalize(NULL, hash_test);
+	CHECK_RETURN(ret, expected, func_name, exit_finalize);
+
+	expected = ISAL_CRYPTO_ERR_NULL_AUTH;
+	ret = isal_mh_sha1_finalize(update_ctx, NULL);
+	CHECK_RETURN(ret, expected, func_name, exit_finalize);
+
+	expected = ISAL_CRYPTO_ERR_NONE;
+	ret = isal_mh_sha1_finalize(update_ctx, hash_test);
+	CHECK_RETURN(ret, expected, func_name, exit_finalize);
+	retval = 0;
+
+      exit_finalize:
+	free(update_ctx);
+
+	return retval;
+}
+#endif /* SAFE_PARAM */
+
+int main(void)
+{
+	int fail = 0;
+#ifdef SAFE_PARAM
+	fail |= test_mh_sha1_init_api();
+	fail |= test_mh_sha1_update_api();
+	fail |= test_mh_sha1_finalize_api();
+	printf(fail ? "Fail\n" : "Pass\n");
+#else
+	printf("Not Executed\n");
+#endif
+	return fail;
+}