From 2c6dab9cd93d42e4aad35a73b6e6421f76cf8068 Mon Sep 17 00:00:00 2001 From: Sunila Sahu Date: Tue, 10 Jul 2018 21:31:30 +0530 Subject: [PATCH] test/crypto: add RSA and Mod tests Test application include test case for : - RSA encrypt, decrypt, sign and verify - Modular Inversion and Exponentiation Test cases uses predefined test vectors. Signed-off-by: Sunila Sahu Signed-off-by: Shally Verma Signed-off-by: Ashish Gupta Signed-off-by: Umesh Kartha Acked-by: Pablo de Lara --- test/test/Makefile | 1 + test/test/meson.build | 2 + test/test/test_cryptodev_asym.c | 803 ++++++++++++++++++++ test/test/test_cryptodev_asym_util.h | 42 + test/test/test_cryptodev_mod_test_vectors.h | 103 +++ test/test/test_cryptodev_rsa_test_vectors.h | 88 +++ 6 files changed, 1039 insertions(+) create mode 100644 test/test/test_cryptodev_asym.c create mode 100644 test/test/test_cryptodev_asym_util.h create mode 100644 test/test/test_cryptodev_mod_test_vectors.h create mode 100644 test/test/test_cryptodev_rsa_test_vectors.h diff --git a/test/test/Makefile b/test/test/Makefile index eccc8efcf1..d6fb88fda1 100644 --- a/test/test/Makefile +++ b/test/test/Makefile @@ -179,6 +179,7 @@ SRCS-$(CONFIG_RTE_LIBRTE_PMD_RING) += test_pmd_ring_perf.c SRCS-$(CONFIG_RTE_LIBRTE_CRYPTODEV) += test_cryptodev_blockcipher.c SRCS-$(CONFIG_RTE_LIBRTE_CRYPTODEV) += test_cryptodev.c +SRCS-$(CONFIG_RTE_LIBRTE_CRYPTODEV) += test_cryptodev_asym.c ifeq ($(CONFIG_RTE_COMPRESSDEV_TEST),y) SRCS-$(CONFIG_RTE_LIBRTE_COMPRESSDEV) += test_compressdev.c diff --git a/test/test/meson.build b/test/test/meson.build index a907fd2567..263cc1cf3b 100644 --- a/test/test/meson.build +++ b/test/test/meson.build @@ -22,6 +22,7 @@ test_sources = files('commands.c', 'test_cpuflags.c', 'test_crc.c', 'test_cryptodev.c', + 'test_cryptodev_asym.c', 'test_cryptodev_blockcipher.c', 'test_cycles.c', 'test_debug.c', @@ -130,6 +131,7 @@ test_names = [ 'cryptodev_qat_autotest', 'cryptodev_aesni_mb_autotest', 'cryptodev_openssl_autotest', + 'cryptodev_openssl_asym_autotest', 'cryptodev_aesni_gcm_autotest', 'cryptodev_null_autotest', 'cryptodev_sw_snow3g_autotest', diff --git a/test/test/test_cryptodev_asym.c b/test/test/test_cryptodev_asym.c new file mode 100644 index 0000000000..68ec6b0a47 --- /dev/null +++ b/test/test/test_cryptodev_asym.c @@ -0,0 +1,803 @@ +/* SPDX-License-Identifier: BSD-3-Clause + * Copyright(c) 2018 Cavium Networks + */ + +#include +#include +#include +#include +#include +#include +#include + +#include +#include +#include + +#include "test_cryptodev.h" +#include "test_cryptodev_mod_test_vectors.h" +#include "test_cryptodev_rsa_test_vectors.h" +#include "test_cryptodev_asym_util.h" +#include "test.h" + +#define TEST_NUM_BUFS 10 +#define TEST_NUM_SESSIONS 4 + +static int gbl_driver_id; +struct crypto_testsuite_params { + struct rte_mempool *op_mpool; + struct rte_mempool *session_mpool; + struct rte_cryptodev_config conf; + struct rte_cryptodev_qp_conf qp_conf; + uint8_t valid_devs[RTE_CRYPTO_MAX_DEVS]; + uint8_t valid_dev_count; +}; + +struct crypto_unittest_params { + struct rte_cryptodev_asym_session *sess; + struct rte_crypto_op *op; +}; + +static struct crypto_testsuite_params testsuite_params = { NULL }; + +static int +test_rsa_sign_verify(void) +{ + struct crypto_testsuite_params *ts_params = &testsuite_params; + struct rte_mempool *op_mpool = ts_params->op_mpool; + struct rte_mempool *sess_mpool = ts_params->session_mpool; + uint8_t dev_id = ts_params->valid_devs[0]; + struct rte_crypto_asym_op *asym_op = NULL; + struct rte_crypto_op *op = NULL, *result_op = NULL; + struct rte_cryptodev_asym_session *sess = NULL; + int status = TEST_SUCCESS; + uint8_t output_buf[TEST_DATA_SIZE] = {0}; + uint8_t input_buf[TEST_DATA_SIZE] = {0}; + + sess = rte_cryptodev_asym_session_create(sess_mpool); + + if (!sess) { + RTE_LOG(ERR, USER1, "line %u " + "FAILED: %s", __LINE__, + "Session creation failed"); + status = TEST_FAILED; + goto error_exit; + } + + if (rte_cryptodev_asym_session_init(dev_id, sess, &rsa_xform, + sess_mpool) < 0) { + RTE_LOG(ERR, USER1, + "line %u FAILED: %s", + __LINE__, "unabled to config sym session"); + status = TEST_FAILED; + goto error_exit; + } + + /* set up crypto op data structure */ + op = rte_crypto_op_alloc(op_mpool, RTE_CRYPTO_OP_TYPE_ASYMMETRIC); + if (!op) { + RTE_LOG(ERR, USER1, + "line %u FAILED: %s", + __LINE__, + "Failed to allocate asymmetric crypto " + "operation struct"); + status = TEST_FAILED; + goto error_exit; + } + + asym_op = op->asym; + /* Compute sign on the test vector */ + asym_op->rsa.op_type = RTE_CRYPTO_ASYM_OP_SIGN; + + memcpy(input_buf, &rsaplaintext.data, + rsaplaintext.len); + asym_op->rsa.message.data = input_buf; + asym_op->rsa.message.length = rsaplaintext.len; + asym_op->rsa.sign.data = output_buf; + asym_op->rsa.pad = RTE_CRYPTO_RSA_PKCS1_V1_5_BT1; + + debug_hexdump(stdout, "message", asym_op->rsa.message.data, + asym_op->rsa.message.length); + + /* attach asymmetric crypto session to crypto operations */ + rte_crypto_op_attach_asym_session(op, sess); + + RTE_LOG(DEBUG, USER1, "Process ASYM operation"); + + /* Process crypto operation */ + if (rte_cryptodev_enqueue_burst(dev_id, 0, &op, 1) != 1) { + RTE_LOG(ERR, USER1, + "line %u FAILED: %s", + __LINE__, "Error sending packet for operation"); + status = TEST_FAILED; + goto error_exit; + } + + while (rte_cryptodev_dequeue_burst(dev_id, 0, &result_op, 1) == 0) + rte_pause(); + + if (result_op == NULL) { + RTE_LOG(ERR, USER1, + "line %u FAILED: %s", + __LINE__, "Failed to process asym crypto op"); + status = TEST_FAILED; + goto error_exit; + } + debug_hexdump(stdout, "signed message", asym_op->rsa.sign.data, + asym_op->rsa.sign.length); + asym_op = result_op->asym; + + /* Verify sign */ + asym_op->rsa.op_type = RTE_CRYPTO_ASYM_OP_VERIFY; + asym_op->rsa.pad = RTE_CRYPTO_RSA_PKCS1_V1_5_BT2; + + /* Process crypto operation */ + if (rte_cryptodev_enqueue_burst(dev_id, 0, &op, 1) != 1) { + RTE_LOG(ERR, USER1, + "line %u FAILED: %s", + __LINE__, "Error sending packet for operation"); + status = TEST_FAILED; + goto error_exit; + } + + while (rte_cryptodev_dequeue_burst(dev_id, 0, &result_op, 1) == 0) + rte_pause(); + + if (result_op == NULL) { + RTE_LOG(ERR, USER1, + "line %u FAILED: %s", + __LINE__, "Failed to process asym crypto op"); + status = TEST_FAILED; + goto error_exit; + } + status = TEST_SUCCESS; + int ret = 0; + ret = rsa_verify(&rsaplaintext, result_op); + if (ret) + status = TEST_FAILED; + +error_exit: + + if (sess) { + rte_cryptodev_asym_session_clear(dev_id, sess); + rte_cryptodev_asym_session_free(sess); + } + + if (op) + rte_crypto_op_free(op); + + TEST_ASSERT_EQUAL(status, 0, "Test failed"); + + return status; +} + +static int +test_rsa_enc_dec(void) +{ + struct crypto_testsuite_params *ts_params = &testsuite_params; + struct rte_mempool *op_mpool = ts_params->op_mpool; + struct rte_mempool *sess_mpool = ts_params->session_mpool; + uint8_t dev_id = ts_params->valid_devs[0]; + struct rte_crypto_asym_op *asym_op = NULL; + struct rte_crypto_op *op = NULL, *result_op = NULL; + struct rte_cryptodev_asym_session *sess = NULL; + int status = TEST_SUCCESS; + uint8_t input_buf[TEST_DATA_SIZE] = {0}; + + sess = rte_cryptodev_asym_session_create(sess_mpool); + + if (!sess) { + RTE_LOG(ERR, USER1, "line %u " + "FAILED: %s", __LINE__, + "Session creation failed"); + status = TEST_FAILED; + goto error_exit; + } + + if (rte_cryptodev_asym_session_init(dev_id, sess, &rsa_xform, + sess_mpool) < 0) { + RTE_LOG(ERR, USER1, + "line %u FAILED: %s", + __LINE__, "unabled to config sym session"); + status = TEST_FAILED; + goto error_exit; + } + + /* set up crypto op data structure */ + op = rte_crypto_op_alloc(op_mpool, RTE_CRYPTO_OP_TYPE_ASYMMETRIC); + if (!op) { + RTE_LOG(ERR, USER1, + "line %u FAILED: %s", + __LINE__, + "Failed to allocate asymmetric crypto " + "operation struct"); + status = TEST_FAILED; + goto error_exit; + } + + asym_op = op->asym; + /*Compute encryption on the test vector */ + asym_op->rsa.op_type = RTE_CRYPTO_ASYM_OP_ENCRYPT; + + memcpy(input_buf, rsaplaintext.data, + rsaplaintext.len); + asym_op->rsa.message.data = input_buf; + asym_op->rsa.message.length = rsaplaintext.len; + asym_op->rsa.pad = RTE_CRYPTO_RSA_PKCS1_V1_5_BT2; + + debug_hexdump(stdout, "message", asym_op->rsa.message.data, + asym_op->rsa.message.length); + + /* attach asymmetric crypto session to crypto operations */ + rte_crypto_op_attach_asym_session(op, sess); + + RTE_LOG(DEBUG, USER1, "Process ASYM operation"); + + /* Process crypto operation */ + if (rte_cryptodev_enqueue_burst(dev_id, 0, &op, 1) != 1) { + RTE_LOG(ERR, USER1, + "line %u FAILED: %s", + __LINE__, "Error sending packet for operation"); + status = TEST_FAILED; + goto error_exit; + } + + while (rte_cryptodev_dequeue_burst(dev_id, 0, &result_op, 1) == 0) + rte_pause(); + + if (result_op == NULL) { + RTE_LOG(ERR, USER1, + "line %u FAILED: %s", + __LINE__, "Failed to process asym crypto op"); + status = TEST_FAILED; + goto error_exit; + } + debug_hexdump(stdout, "encrypted message", asym_op->rsa.message.data, + asym_op->rsa.message.length); + /* Use the resulted output as decryption Input vector*/ + asym_op = result_op->asym; + asym_op->rsa.op_type = RTE_CRYPTO_ASYM_OP_DECRYPT; + asym_op->rsa.pad = RTE_CRYPTO_RSA_PKCS1_V1_5_BT1; + + /* Process crypto operation */ + if (rte_cryptodev_enqueue_burst(dev_id, 0, &op, 1) != 1) { + RTE_LOG(ERR, USER1, + "line %u FAILED: %s", + __LINE__, "Error sending packet for operation"); + status = TEST_FAILED; + goto error_exit; + } + + while (rte_cryptodev_dequeue_burst(dev_id, 0, &result_op, 1) == 0) + rte_pause(); + + if (result_op == NULL) { + RTE_LOG(ERR, USER1, + "line %u FAILED: %s", + __LINE__, "Failed to process asym crypto op"); + status = TEST_FAILED; + goto error_exit; + } + status = TEST_SUCCESS; + int ret = 0; + ret = rsa_verify(&rsaplaintext, result_op); + if (ret) + status = TEST_FAILED; + +error_exit: + + if (sess) { + rte_cryptodev_asym_session_clear(dev_id, sess); + rte_cryptodev_asym_session_free(sess); + } + + if (op) + rte_crypto_op_free(op); + + TEST_ASSERT_EQUAL(status, 0, "Test failed"); + + return status; +} + +static int +testsuite_setup(void) +{ + struct crypto_testsuite_params *ts_params = &testsuite_params; + struct rte_cryptodev_info info; + uint32_t i = 0, nb_devs, dev_id; + int ret; + uint16_t qp_id; + + memset(ts_params, 0, sizeof(*ts_params)); + + ts_params->op_mpool = rte_crypto_op_pool_create( + "CRYPTO_ASYM_OP_POOL", + RTE_CRYPTO_OP_TYPE_ASYMMETRIC, + TEST_NUM_BUFS, 0, + 0, + rte_socket_id()); + if (ts_params->op_mpool == NULL) { + RTE_LOG(ERR, USER1, "Can't create ASYM_CRYPTO_OP_POOL\n"); + return TEST_FAILED; + } + + /* Create an OPENSSL device if required */ + if (gbl_driver_id == rte_cryptodev_driver_id_get( + RTE_STR(CRYPTODEV_NAME_OPENSSL_PMD))) { + nb_devs = rte_cryptodev_device_count_by_driver( + rte_cryptodev_driver_id_get( + RTE_STR(CRYPTODEV_NAME_OPENSSL_PMD))); + if (nb_devs < 1) { + ret = rte_vdev_init( + RTE_STR(CRYPTODEV_NAME_OPENSSL_PMD), + NULL); + + TEST_ASSERT(ret == 0, "Failed to create " + "instance of pmd : %s", + RTE_STR(CRYPTODEV_NAME_OPENSSL_PMD)); + } + } + + nb_devs = rte_cryptodev_count(); + if (nb_devs < 1) { + RTE_LOG(ERR, USER1, "No crypto devices found?\n"); + return TEST_FAILED; + } + + /* Create list of valid crypto devs */ + for (i = 0; i < nb_devs; i++) { + rte_cryptodev_info_get(i, &info); + if (info.driver_id == gbl_driver_id) + ts_params->valid_devs[ts_params->valid_dev_count++] = i; + } + + if (ts_params->valid_dev_count < 1) + return TEST_FAILED; + + /* Set up all the qps on the first of the valid devices found */ + + dev_id = ts_params->valid_devs[0]; + + rte_cryptodev_info_get(dev_id, &info); + + /* check if device support asymmetric, skip if not */ + if (!(info.feature_flags & + RTE_CRYPTODEV_FF_ASYMMETRIC_CRYPTO)) { + RTE_LOG(ERR, USER1, "Device doesn't support asymmetric. " + "Test Skipped.\n"); + return TEST_FAILED; + } + + /* configure device with num qp */ + ts_params->conf.nb_queue_pairs = info.max_nb_queue_pairs; + ts_params->conf.socket_id = SOCKET_ID_ANY; + TEST_ASSERT_SUCCESS(rte_cryptodev_configure(dev_id, + &ts_params->conf), + "Failed to configure cryptodev %u with %u qps", + dev_id, ts_params->conf.nb_queue_pairs); + + /* configure qp */ + ts_params->qp_conf.nb_descriptors = DEFAULT_NUM_OPS_INFLIGHT; + for (qp_id = 0; qp_id < info.max_nb_queue_pairs; qp_id++) { + TEST_ASSERT_SUCCESS(rte_cryptodev_queue_pair_setup( + dev_id, qp_id, &ts_params->qp_conf, + rte_cryptodev_socket_id(dev_id), + ts_params->session_mpool), + "Failed to setup queue pair %u on cryptodev %u ASYM", + qp_id, dev_id); + } + + /* setup asym session pool */ + unsigned int session_size = + rte_cryptodev_asym_get_private_session_size(dev_id); + /* + * Create mempool with TEST_NUM_SESSIONS * 2, + * to include the session headers + */ + ts_params->session_mpool = rte_mempool_create( + "test_asym_sess_mp", + TEST_NUM_SESSIONS * 2, + session_size, + 0, 0, NULL, NULL, NULL, + NULL, SOCKET_ID_ANY, + 0); + + TEST_ASSERT_NOT_NULL(ts_params->session_mpool, + "session mempool allocation failed"); + + return TEST_SUCCESS; +} + +static void +testsuite_teardown(void) +{ + struct crypto_testsuite_params *ts_params = &testsuite_params; + + if (ts_params->op_mpool != NULL) { + RTE_LOG(DEBUG, USER1, "CRYPTO_OP_POOL count %u\n", + rte_mempool_avail_count(ts_params->op_mpool)); + } + + /* Free session mempools */ + if (ts_params->session_mpool != NULL) { + rte_mempool_free(ts_params->session_mpool); + ts_params->session_mpool = NULL; + } +} + +static int +ut_setup(void) +{ + struct crypto_testsuite_params *ts_params = &testsuite_params; + + uint16_t qp_id; + + /* Reconfigure device to default parameters */ + ts_params->conf.socket_id = SOCKET_ID_ANY; + + TEST_ASSERT_SUCCESS(rte_cryptodev_configure(ts_params->valid_devs[0], + &ts_params->conf), + "Failed to configure cryptodev %u", + ts_params->valid_devs[0]); + + for (qp_id = 0; qp_id < ts_params->conf.nb_queue_pairs ; qp_id++) { + TEST_ASSERT_SUCCESS(rte_cryptodev_queue_pair_setup( + ts_params->valid_devs[0], qp_id, + &ts_params->qp_conf, + rte_cryptodev_socket_id(ts_params->valid_devs[0]), + ts_params->session_mpool), + "Failed to setup queue pair %u on cryptodev %u", + qp_id, ts_params->valid_devs[0]); + } + + rte_cryptodev_stats_reset(ts_params->valid_devs[0]); + + /* Start the device */ + TEST_ASSERT_SUCCESS(rte_cryptodev_start(ts_params->valid_devs[0]), + "Failed to start cryptodev %u", + ts_params->valid_devs[0]); + + return TEST_SUCCESS; +} + +static void +ut_teardown(void) +{ + struct crypto_testsuite_params *ts_params = &testsuite_params; + struct rte_cryptodev_stats stats; + + rte_cryptodev_stats_get(ts_params->valid_devs[0], &stats); + + /* Stop the device */ + rte_cryptodev_stop(ts_params->valid_devs[0]); +} + +static inline void print_asym_capa( + const struct rte_cryptodev_asymmetric_xform_capability *capa) +{ + int i = 0; + + printf("\nxform type: %s\n===================\n", + rte_crypto_asym_xform_strings[capa->xform_type]); + printf("operation supported -"); + + for (i = 0; i < RTE_CRYPTO_ASYM_OP_LIST_END; i++) { + /* check supported operations */ + if (rte_cryptodev_asym_xform_capability_check_optype(capa, i)) + printf(" %s", + rte_crypto_asym_op_strings[i]); + } + switch (capa->xform_type) { + case RTE_CRYPTO_ASYM_XFORM_RSA: + case RTE_CRYPTO_ASYM_XFORM_MODINV: + case RTE_CRYPTO_ASYM_XFORM_MODEX: + case RTE_CRYPTO_ASYM_XFORM_DH: + case RTE_CRYPTO_ASYM_XFORM_DSA: + printf(" modlen: min %d max %d increment %d\n", + capa->modlen.min, + capa->modlen.max, + capa->modlen.increment); + break; + default: + break; + } +} + +static int +test_capability(void) +{ + struct crypto_testsuite_params *ts_params = &testsuite_params; + uint8_t dev_id = ts_params->valid_devs[0]; + struct rte_cryptodev_info dev_info; + const struct rte_cryptodev_capabilities *dev_capa; + int i = 0; + struct rte_cryptodev_asym_capability_idx idx; + const struct rte_cryptodev_asymmetric_xform_capability *capa; + + rte_cryptodev_info_get(dev_id, &dev_info); + if (!(dev_info.feature_flags & + RTE_CRYPTODEV_FF_ASYMMETRIC_CRYPTO)) { + RTE_LOG(INFO, USER1, + "Device doesn't support asymmetric. Test Skipped\n"); + return TEST_SUCCESS; + } + + /* print xform capability */ + for (i = 0; + dev_info.capabilities[i].op != RTE_CRYPTO_OP_TYPE_UNDEFINED; + i++) { + dev_capa = &(dev_info.capabilities[i]); + if (dev_info.capabilities[i].op == + RTE_CRYPTO_OP_TYPE_ASYMMETRIC) { + idx.type = dev_capa->asym.xform_capa.xform_type; + + capa = rte_cryptodev_asym_capability_get(dev_id, + (const struct + rte_cryptodev_asym_capability_idx *) &idx); + print_asym_capa(capa); + } + } + return TEST_SUCCESS; +} + +static int +test_mod_inv(void) +{ + struct crypto_testsuite_params *ts_params = &testsuite_params; + struct rte_mempool *op_mpool = ts_params->op_mpool; + struct rte_mempool *sess_mpool = ts_params->session_mpool; + uint8_t dev_id = ts_params->valid_devs[0]; + struct rte_crypto_asym_op *asym_op = NULL; + struct rte_crypto_op *op = NULL, *result_op = NULL; + struct rte_cryptodev_asym_session *sess = NULL; + int status = TEST_SUCCESS; + struct rte_cryptodev_asym_capability_idx cap_idx; + const struct rte_cryptodev_asymmetric_xform_capability *capability; + uint8_t input[TEST_DATA_SIZE] = {0}; + int ret = 0; + + if (rte_cryptodev_asym_get_xform_enum( + &modinv_xform.xform_type, "modinv") < 0) { + RTE_LOG(ERR, USER1, + "Invalid ASYNC algorithm specified\n"); + return -1; + } + + cap_idx.type = modinv_xform.xform_type; + capability = rte_cryptodev_asym_capability_get(dev_id, + &cap_idx); + + if (rte_cryptodev_asym_xform_capability_check_modlen( + capability, + modinv_xform.modinv.modulus.length)) { + RTE_LOG(ERR, USER1, + "Invalid MODULOUS length specified\n"); + return -1; + } + + sess = rte_cryptodev_asym_session_create(sess_mpool); + if (!sess) { + RTE_LOG(ERR, USER1, "line %u " + "FAILED: %s", __LINE__, + "Session creation failed"); + status = TEST_FAILED; + goto error_exit; + } + + if (rte_cryptodev_asym_session_init(dev_id, sess, &modinv_xform, + sess_mpool) < 0) { + RTE_LOG(ERR, USER1, + "line %u FAILED: %s", + __LINE__, "unabled to config sym session"); + status = TEST_FAILED; + goto error_exit; + } + + /* generate crypto op data structure */ + op = rte_crypto_op_alloc(op_mpool, RTE_CRYPTO_OP_TYPE_ASYMMETRIC); + if (!op) { + RTE_LOG(ERR, USER1, + "line %u FAILED: %s", + __LINE__, "Failed to allocate asymmetric crypto " + "operation struct"); + status = TEST_FAILED; + goto error_exit; + } + + asym_op = op->asym; + memcpy(input, base, sizeof(base)); + asym_op->modinv.base.data = input; + asym_op->modinv.base.length = sizeof(base); + + /* attach asymmetric crypto session to crypto operations */ + rte_crypto_op_attach_asym_session(op, sess); + + RTE_LOG(DEBUG, USER1, "Process ASYM operation"); + + /* Process crypto operation */ + if (rte_cryptodev_enqueue_burst(dev_id, 0, &op, 1) != 1) { + RTE_LOG(ERR, USER1, + "line %u FAILED: %s", + __LINE__, "Error sending packet for operation"); + status = TEST_FAILED; + goto error_exit; + } + + while (rte_cryptodev_dequeue_burst(dev_id, 0, &result_op, 1) == 0) + rte_pause(); + + if (result_op == NULL) { + RTE_LOG(ERR, USER1, + "line %u FAILED: %s", + __LINE__, "Failed to process asym crypto op"); + status = TEST_FAILED; + goto error_exit; + } + + ret = verify_modinv(mod_inv, result_op); + if (ret) { + RTE_LOG(ERR, USER1, + "operation verification failed\n"); + status = TEST_FAILED; + } + +error_exit: + if (sess) { + rte_cryptodev_asym_session_clear(dev_id, sess); + rte_cryptodev_asym_session_free(sess); + } + + if (op) + rte_crypto_op_free(op); + + TEST_ASSERT_EQUAL(status, 0, "Test failed"); + + return status; +} + +static int +test_mod_exp(void) +{ + struct crypto_testsuite_params *ts_params = &testsuite_params; + struct rte_mempool *op_mpool = ts_params->op_mpool; + struct rte_mempool *sess_mpool = ts_params->session_mpool; + uint8_t dev_id = ts_params->valid_devs[0]; + struct rte_crypto_asym_op *asym_op = NULL; + struct rte_crypto_op *op = NULL, *result_op = NULL; + struct rte_cryptodev_asym_session *sess = NULL; + int status = TEST_SUCCESS; + struct rte_cryptodev_asym_capability_idx cap_idx; + const struct rte_cryptodev_asymmetric_xform_capability *capability; + uint8_t input[TEST_DATA_SIZE] = {0}; + int ret = 0; + + if (rte_cryptodev_asym_get_xform_enum(&modex_xform.xform_type, + "modexp") + < 0) { + RTE_LOG(ERR, USER1, + "Invalid ASYNC algorithm specified\n"); + return -1; + } + + /* check for modlen capability */ + cap_idx.type = modex_xform.xform_type; + capability = rte_cryptodev_asym_capability_get(dev_id, &cap_idx); + + if (rte_cryptodev_asym_xform_capability_check_modlen( + capability, modex_xform.modex.modulus.length)) { + RTE_LOG(ERR, USER1, + "Invalid MODULOUS length specified\n"); + return -1; + } + + /* generate crypto op data structure */ + op = rte_crypto_op_alloc(op_mpool, RTE_CRYPTO_OP_TYPE_ASYMMETRIC); + if (!op) { + RTE_LOG(ERR, USER1, + "line %u FAILED: %s", + __LINE__, "Failed to allocate asymmetric crypto " + "operation struct"); + status = TEST_FAILED; + goto error_exit; + } + + sess = rte_cryptodev_asym_session_create(sess_mpool); + if (!sess) { + RTE_LOG(ERR, USER1, + "line %u " + "FAILED: %s", __LINE__, + "Session creation failed"); + status = TEST_FAILED; + goto error_exit; + } + + if (rte_cryptodev_asym_session_init(dev_id, sess, &modex_xform, + sess_mpool) < 0) { + RTE_LOG(ERR, USER1, + "line %u FAILED: %s", + __LINE__, "unabled to config sym session"); + status = TEST_FAILED; + goto error_exit; + } + + asym_op = op->asym; + memcpy(input, base, sizeof(base)); + asym_op->modex.base.data = input; + asym_op->modex.base.length = sizeof(base); + /* attach asymmetric crypto session to crypto operations */ + rte_crypto_op_attach_asym_session(op, sess); + + RTE_LOG(DEBUG, USER1, "Process ASYM operation"); + /* Process crypto operation */ + if (rte_cryptodev_enqueue_burst(dev_id, 0, &op, 1) != 1) { + RTE_LOG(ERR, USER1, + "line %u FAILED: %s", + __LINE__, "Error sending packet for operation"); + status = TEST_FAILED; + goto error_exit; + } + + while (rte_cryptodev_dequeue_burst(dev_id, 0, &result_op, 1) == 0) + rte_pause(); + + if (result_op == NULL) { + RTE_LOG(ERR, USER1, + "line %u FAILED: %s", + __LINE__, "Failed to process asym crypto op"); + status = TEST_FAILED; + goto error_exit; + } + + ret = verify_modexp(mod_exp, result_op); + if (ret) { + RTE_LOG(ERR, USER1, + "operation verification failed\n"); + status = TEST_FAILED; + } + +error_exit: + if (sess != NULL) { + rte_cryptodev_asym_session_clear(dev_id, sess); + rte_cryptodev_asym_session_free(sess); + } + + if (op != NULL) + rte_crypto_op_free(op); + + TEST_ASSERT_EQUAL(status, 0, "Test failed"); + + return status; +} + +static struct unit_test_suite cryptodev_openssl_asym_testsuite = { + .suite_name = "Crypto Device OPENSSL ASYM Unit Test Suite", + .setup = testsuite_setup, + .teardown = testsuite_teardown, + .unit_test_cases = { + TEST_CASE_ST(ut_setup, ut_teardown, test_capability), + TEST_CASE_ST(ut_setup, ut_teardown, test_rsa_enc_dec), + TEST_CASE_ST(ut_setup, ut_teardown, test_rsa_sign_verify), + TEST_CASE_ST(ut_setup, ut_teardown, test_mod_inv), + TEST_CASE_ST(ut_setup, ut_teardown, test_mod_exp), + TEST_CASES_END() /**< NULL terminate unit test array */ + } +}; + +static int +test_cryptodev_openssl_asym(void) +{ + gbl_driver_id = rte_cryptodev_driver_id_get( + RTE_STR(CRYPTODEV_NAME_OPENSSL_PMD)); + + if (gbl_driver_id == -1) { + RTE_LOG(ERR, USER1, "OPENSSL PMD must be loaded. Check if " + "CONFIG_RTE_LIBRTE_PMD_OPENSSL is enabled " + "in config file to run this testsuite.\n"); + return TEST_FAILED; + } + + return unit_test_suite_runner(&cryptodev_openssl_asym_testsuite); +} + +REGISTER_TEST_COMMAND(cryptodev_openssl_asym_autotest, + test_cryptodev_openssl_asym); diff --git a/test/test/test_cryptodev_asym_util.h b/test/test/test_cryptodev_asym_util.h new file mode 100644 index 0000000000..dff0c2ada6 --- /dev/null +++ b/test/test/test_cryptodev_asym_util.h @@ -0,0 +1,42 @@ +/* SPDX-License-Identifier: BSD-3-Clause + * Copyright(c) 2018 Cavium Networks + */ + +#ifndef TEST_CRYPTODEV_ASYM_TEST_UTIL_H__ +#define TEST_CRYPTODEV_ASYM_TEST_UTIL_H__ + +/* Below Apis compare resulted buffer to original test vector */ + +static inline int rsa_verify(struct rsa_test_data *rsa_param, + struct rte_crypto_op *result_op) +{ + if (memcmp(rsa_param->data, + result_op->asym->rsa.message.data, + result_op->asym->rsa.message.length)) + return -1; + return 0; +} + +static inline int verify_modinv(uint8_t *mod_inv, + struct rte_crypto_op *result_op) +{ + if (memcmp(mod_inv, result_op->asym->modinv.base.data, + result_op->asym->modinv.base.length)) + return -1; + return 0; +} + +static inline int verify_modexp(uint8_t *mod_exp, + struct rte_crypto_op *result_op) +{ + if (memcmp(mod_exp, result_op->asym->modex.base.data, + result_op->asym->modex.base.length)) + return -1; + return 0; +} + +#endif /* TEST_CRYPTODEV_ASYM_TEST_UTIL_H__ */ + + + + diff --git a/test/test/test_cryptodev_mod_test_vectors.h b/test/test/test_cryptodev_mod_test_vectors.h new file mode 100644 index 0000000000..a25c676ac1 --- /dev/null +++ b/test/test/test_cryptodev_mod_test_vectors.h @@ -0,0 +1,103 @@ +/* SPDX-License-Identifier: BSD-3-Clause + * Copyright(c) 2018 Cavium Networks + */ + +#ifndef TEST_CRYPTODEV_MOD_TEST_VECTORS_H_ +#define TEST_CRYPTODEV_MOD_TEST_VECTORS_H_ + +/* modular operation test data */ +uint8_t base[] = { + 0xF8, 0xBA, 0x1A, 0x55, 0xD0, 0x2F, 0x85, + 0xAE, 0x96, 0x7B, 0xB6, 0x2F, 0xB6, 0xCD, + 0xA8, 0xEB, 0x7E, 0x78, 0xA0, 0x50 +}; + +uint8_t mod_p[] = { + 0x00, 0xb3, 0xa1, 0xaf, 0xb7, 0x13, 0x08, 0x00, + 0x0a, 0x35, 0xdc, 0x2b, 0x20, 0x8d, 0xa1, 0xb5, + 0xce, 0x47, 0x8a, 0xc3, 0x80, 0xf4, 0x7d, 0x4a, + 0xa2, 0x62, 0xfd, 0x61, 0x7f, 0xb5, 0xa8, 0xde, + 0x0a, 0x17, 0x97, 0xa0, 0xbf, 0xdf, 0x56, 0x5a, + 0x3d, 0x51, 0x56, 0x4f, 0x70, 0x70, 0x3f, 0x63, + 0x6a, 0x44, 0x5b, 0xad, 0x84, 0x0d, 0x3f, 0x27, + 0x6e, 0x3b, 0x34, 0x91, 0x60, 0x14, 0xb9, 0xaa, + 0x72, 0xfd, 0xa3, 0x64, 0xd2, 0x03, 0xa7, 0x53, + 0x87, 0x9e, 0x88, 0x0b, 0xc1, 0x14, 0x93, 0x1a, + 0x62, 0xff, 0xb1, 0x5d, 0x74, 0xcd, 0x59, 0x63, + 0x18, 0x11, 0x3d, 0x4f, 0xba, 0x75, 0xd4, 0x33, + 0x4e, 0x23, 0x6b, 0x7b, 0x57, 0x44, 0xe1, 0xd3, + 0x03, 0x13, 0xa6, 0xf0, 0x8b, 0x60, 0xb0, 0x9e, + 0xee, 0x75, 0x08, 0x9d, 0x71, 0x63, 0x13, 0xcb, + 0xa6, 0x81, 0x92, 0x14, 0x03, 0x22, 0x2d, 0xde, + 0x55 +}; + +uint8_t mod_e[] = {0x01, 0x00, 0x01}; + +/* Precomputed modular exponentiation for verification */ +uint8_t mod_exp[] = { + 0x2C, 0x60, 0x75, 0x45, 0x98, 0x9D, 0xE0, 0x72, + 0xA0, 0x9D, 0x3A, 0x9E, 0x03, 0x38, 0x73, 0x3C, + 0x31, 0x83, 0x04, 0xFE, 0x75, 0x43, 0xE6, 0x17, + 0x5C, 0x01, 0x29, 0x51, 0x69, 0x33, 0x62, 0x2D, + 0x78, 0xBE, 0xAE, 0xC4, 0xBC, 0xDE, 0x7E, 0x2C, + 0x77, 0x84, 0xF2, 0xC5, 0x14, 0xB5, 0x2F, 0xF7, + 0xC5, 0x94, 0xEF, 0x86, 0x75, 0x75, 0xB5, 0x11, + 0xE5, 0x0E, 0x0A, 0x29, 0x76, 0xE2, 0xEA, 0x32, + 0x0E, 0x43, 0x77, 0x7E, 0x2C, 0x27, 0xAC, 0x3B, + 0x86, 0xA5, 0xDB, 0xC9, 0x48, 0x40, 0xE8, 0x99, + 0x9A, 0x0A, 0x3D, 0xD6, 0x74, 0xFA, 0x2E, 0x2E, + 0x5B, 0xAF, 0x8C, 0x99, 0x44, 0x2A, 0x67, 0x38, + 0x27, 0x41, 0x59, 0x9D, 0xB8, 0x51, 0xC9, 0xF7, + 0x43, 0x61, 0x31, 0x6E, 0xF1, 0x25, 0x38, 0x7F, + 0xAE, 0xC6, 0xD0, 0xBB, 0x29, 0x76, 0x3F, 0x46, + 0x2E, 0x1B, 0xE4, 0x67, 0x71, 0xE3, 0x87, 0x5A +}; + +/* Precomputed modular inverse for verification */ +uint8_t mod_inv[] = { + 0x52, 0xb1, 0xa3, 0x8c, 0xc5, 0x8a, 0xb9, 0x1f, + 0xb6, 0x82, 0xf5, 0x6a, 0x9a, 0xde, 0x8d, 0x2e, + 0x62, 0x4b, 0xac, 0x49, 0x21, 0x1d, 0x30, 0x4d, + 0x32, 0xac, 0x1f, 0x40, 0x6d, 0x52, 0xc7, 0x9b, + 0x6c, 0x0a, 0x82, 0x3a, 0x2c, 0xaf, 0x6b, 0x6d, + 0x17, 0xbe, 0x43, 0xed, 0x97, 0x78, 0xeb, 0x4c, + 0x92, 0x6f, 0xcf, 0xed, 0xb1, 0x09, 0xcb, 0x27, + 0xc2, 0xde, 0x62, 0xfd, 0x21, 0xe6, 0xbd, 0x4f, + 0xfe, 0x7a, 0x1b, 0x50, 0xfe, 0x10, 0x4a, 0xb0, + 0xb7, 0xcf, 0xdb, 0x7d, 0xca, 0xc2, 0xf0, 0x1c, + 0x39, 0x48, 0x6a, 0xb5, 0x4d, 0x8c, 0xfe, 0x63, + 0x91, 0x9c, 0x21, 0xc3, 0x0e, 0x76, 0xad, 0x44, + 0x8d, 0x54, 0x33, 0x99, 0xe1, 0x80, 0x19, 0xba, + 0xb5, 0xac, 0x7d, 0x9c, 0xce, 0x91, 0x2a, 0xd9, + 0x2c, 0xe1, 0x16, 0xd6, 0xd7, 0xcf, 0x9d, 0x05, + 0x9a, 0x66, 0x9a, 0x3a, 0xc1, 0xb8, 0x4b, 0xc3 +}; + +struct rte_crypto_asym_xform modex_xform = { + .next = NULL, + .xform_type = RTE_CRYPTO_ASYM_XFORM_MODEX, + .modex = { + .modulus = { + .data = mod_p, + .length = sizeof(mod_p) + }, + .exponent = { + .data = mod_e, + .length = sizeof(mod_e) + } + } +}; + +struct rte_crypto_asym_xform modinv_xform = { + .next = NULL, + .xform_type = RTE_CRYPTO_ASYM_XFORM_MODINV, + .modinv = { + .modulus = { + .data = mod_p, + .length = sizeof(mod_p) + } + } +}; + +#endif /* TEST_CRYPTODEV_MOD_TEST_VECTORS_H__ */ diff --git a/test/test/test_cryptodev_rsa_test_vectors.h b/test/test/test_cryptodev_rsa_test_vectors.h new file mode 100644 index 0000000000..3f8c41a673 --- /dev/null +++ b/test/test/test_cryptodev_rsa_test_vectors.h @@ -0,0 +1,88 @@ +/* SPDX-License-Identifier: BSD-3-Clause + * Copyright(c) 2018 Cavium Networks + */ + +#ifndef TEST_CRYPTODEV_RSA_TEST_VECTORS_H__ +#define TEST_CRYPTODEV_RSA_TEST_VECTORS_H__ + +#include "rte_crypto_asym.h" + +#define TEST_DATA_SIZE 4096 + +struct rsa_test_data { + uint8_t data[TEST_DATA_SIZE]; + unsigned int len; +}; + +struct rsa_test_data rsaplaintext = { + .data = { + 0xf8, 0xba, 0x1a, 0x55, 0xd0, 0x2f, 0x85, 0xae, + 0x96, 0x7b, 0xb6, 0x2f, 0xb6, 0xcd, 0xa8, 0xeb, + 0x7e, 0x78, 0xa0, 0x50 + }, + .len = 20 +}; + +uint8_t rsa_n[] = { + 0xb3, 0xa1, 0xaf, 0xb7, 0x13, 0x08, 0x00, + 0x0a, 0x35, 0xdc, 0x2b, 0x20, 0x8d, 0xa1, 0xb5, + 0xce, 0x47, 0x8a, 0xc3, 0x80, 0xf4, 0x7d, 0x4a, + 0xa2, 0x62, 0xfd, 0x61, 0x7f, 0xb5, 0xa8, 0xde, + 0x0a, 0x17, 0x97, 0xa0, 0xbf, 0xdf, 0x56, 0x5a, + 0x3d, 0x51, 0x56, 0x4f, 0x70, 0x70, 0x3f, 0x63, + 0x6a, 0x44, 0x5b, 0xad, 0x84, 0x0d, 0x3f, 0x27, + 0x6e, 0x3b, 0x34, 0x91, 0x60, 0x14, 0xb9, 0xaa, + 0x72, 0xfd, 0xa3, 0x64, 0xd2, 0x03, 0xa7, 0x53, + 0x87, 0x9e, 0x88, 0x0b, 0xc1, 0x14, 0x93, 0x1a, + 0x62, 0xff, 0xb1, 0x5d, 0x74, 0xcd, 0x59, 0x63, + 0x18, 0x11, 0x3d, 0x4f, 0xba, 0x75, 0xd4, 0x33, + 0x4e, 0x23, 0x6b, 0x7b, 0x57, 0x44, 0xe1, 0xd3, + 0x03, 0x13, 0xa6, 0xf0, 0x8b, 0x60, 0xb0, 0x9e, + 0xee, 0x75, 0x08, 0x9d, 0x71, 0x63, 0x13, 0xcb, + 0xa6, 0x81, 0x92, 0x14, 0x03, 0x22, 0x2d, 0xde, + 0x55 +}; + +uint8_t rsa_d[] = { + 0x24, 0xd7, 0xea, 0xf4, 0x7f, 0xe0, 0xca, 0x31, + 0x4d, 0xee, 0xc4, 0xa1, 0xbe, 0xab, 0x06, 0x61, + 0x32, 0xe7, 0x51, 0x46, 0x27, 0xdf, 0x72, 0xe9, + 0x6f, 0xa8, 0x4c, 0xd1, 0x26, 0xef, 0x65, 0xeb, + 0x67, 0xff, 0x5f, 0xa7, 0x3b, 0x25, 0xb9, 0x08, + 0x8e, 0xa0, 0x47, 0x56, 0xe6, 0x8e, 0xf9, 0xd3, + 0x18, 0x06, 0x3d, 0xc6, 0xb1, 0xf8, 0xdc, 0x1b, + 0x8d, 0xe5, 0x30, 0x54, 0x26, 0xac, 0x16, 0x3b, + 0x7b, 0xad, 0x46, 0x9e, 0x21, 0x6a, 0x57, 0xe6, + 0x81, 0x56, 0x1d, 0x2a, 0xc4, 0x39, 0x63, 0x67, + 0x81, 0x2c, 0xca, 0xcc, 0xf8, 0x42, 0x04, 0xbe, + 0xcf, 0x8f, 0x6c, 0x5b, 0x81, 0x46, 0xb9, 0xc7, + 0x62, 0x90, 0x87, 0x35, 0x03, 0x9b, 0x89, 0xcb, + 0x37, 0xbd, 0xf1, 0x1b, 0x99, 0xa1, 0x9a, 0x78, + 0xd5, 0x4c, 0xdd, 0x3f, 0x41, 0x0c, 0xb7, 0x1a, + 0xd9, 0x7b, 0x87, 0x5f, 0xbe, 0xb1, 0x83, 0x41 +}; + +uint8_t rsa_e[] = {0x01, 0x00, 0x01}; + +/** rsa xform using exponent key */ +struct rte_crypto_asym_xform rsa_xform = { + .next = NULL, + .xform_type = RTE_CRYPTO_ASYM_XFORM_RSA, + .rsa = { + .n = { + .data = rsa_n, + .length = sizeof(rsa_n) + }, + .e = { + .data = rsa_e, + .length = sizeof(rsa_e) + }, + .key_type = RTE_RSA_KEY_TYPE_EXP, + .d = { + .data = rsa_d, + .length = sizeof(rsa_d) + } + } +}; + +#endif /* TEST_CRYPTODEV_RSA_TEST_VECTORS_H__ */