Errors can occur during CAVP mode for various reasons. Some types of errors are expected in GCM/XPN Decryption testing. Other errors are a result of configuration problems.
Response Errors
Response errors occur when the algorithm detects an error during the operation. In
the case of GCM/XPN Decryption, the GCMVS intentionally introduces errors in to the
data, so these types of errors are expected. In addition to the
cavp_tx_enc_resp_done
(cavp_rx_dec_resp_done
)
bit in the CAVP_TX_ENC_RESP_STAT_REG (CAVP_RX_DEC_RESP_STAT_REG) register, the
cavp_tx_enc_resp_err
(cavp_rx_dec_resp_err
)
bit in the CAVP_TX_ENC_RESP_STAT_REG (CAVP_RX_DEC_RESP_STAT_REG) register is also
set. Software uses this bit to determine when this type of error has occurred and to
generate the proper response file.
For other tests, assertion of the response error bit indicates an issue with the transaction and is not expected. The response results are likely incorrect, but the values may be used to generate the response file and compare against the VS values.
In either case, no special action is taken by the CAVP logic when this type of error is detected. The error is reported in the register and the transaction completes normally.
Configuration Errors
- The selected port for CAVP testing is not available based on the HSC Subsystem configuration.
- In 1x400G mode, ports 1,2,3 are not available.
- In 2x200G mode, ports 1 and 3 are not available.
- The specified length of AAD plus text exceeds the number of text registers available for requests.
- The selected mode is invalid per the register definition.
- The HSC Subsystem is configured in channelized mode.
- The AAD length specified is greater than 63 bytes with PT/CT length other than 0. An AAD length greater than 63 bytes requires authenticate-only mode, which means the PT/CT must be 0.
- The
cavp_tx_enc_req_en
(cavp_rx_dec_req_en
) bit was cleared during a transaction.
If a configuration error is detected before a transaction is initiated, the
CAVP logic does not initiate the transaction. Instead it flags the error by setting
the cavp_tx_enc_resp_config_err
(cavp_rx_dec_resp_config_err
) bit in the
CAVP_TX_ENC_RESP_STAT_REG (CAVP_RX_DEC_RESP_STAT_REG) register and the cavp_tx_enc_resp_done
(cavp_rx_dec_resp_done
) bit in the CAVP_TX_ENC_RESP_STAT_REG
(CAVP_RX_DEC_RESP_STAT_REG) register, the encryption (decryption) core does not
receive any transaction, and the CAVP FSMs return to IDLE.
If a configuration error is detected in a paused transaction which has
previously started, or the cavp_tx_enc_req_en
(cavp_rx_dec_req_en
) bit is cleared while a
transaction is in progress, the CAVP logic terminates the transaction by providing
the EOP to the core. This ensures that the encryption (decryption) core is ready to
accept the next transaction. It then flags the error as described above and all CAVP
FSMs return to their IDLE state. With this sequence, a good CAVP transaction can be
initiated without being impacted by the previous error.