From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <stable-bounces@dpdk.org>
Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124])
	by inbox.dpdk.org (Postfix) with ESMTP id 5B98341E88
	for <public@inbox.dpdk.org>; Tue, 14 Mar 2023 01:12:12 +0100 (CET)
Received: from mails.dpdk.org (localhost [127.0.0.1])
	by mails.dpdk.org (Postfix) with ESMTP id 8A1714282D;
	Tue, 14 Mar 2023 01:12:11 +0100 (CET)
Received: from mga09.intel.com (mga09.intel.com [134.134.136.24])
 by mails.dpdk.org (Postfix) with ESMTP id 127A340F16;
 Tue, 14 Mar 2023 01:12:09 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;
 d=intel.com; i=@intel.com; q=dns/txt; s=Intel;
 t=1678752730; x=1710288730;
 h=from:to:cc:subject:date:message-id:in-reply-to: references;
 bh=+eX6ha6FPJn4L0plfL9uvjXQHh7eub0QyvauKMgWDqc=;
 b=AnLeUQBgbEtQuC3jdtSw5jRQMHmMem1DUmmvbxHLlsmkrVRK8nT8YdYt
 HbBJSkM9UanzK3cUlPJBz78Hdxu6MrHElQ8kk4sdDqzrC175zZ2iPwgg/
 czdimFUkXf5nnNktUYnUk7UEALu0AdMtGZOed/ZY40RWWO56bTW0UuCdv
 znJxA30SR97PoySadSCGbOXVI2v36CaoThsabFuHrBt3nX93gXE5E5CQJ
 Te3Je8ues3wa9A9Zwt3CvNjFzBFdbsHU/sZ8Kc0hx1RlheegqpUxAYu7e
 uSP7QEqolPoEvDUwj1+S6tN21M0VbigYG7cA+8V805KFJzgnT03JB1Z6B Q==;
X-IronPort-AV: E=McAfee;i="6500,9779,10648"; a="338838716"
X-IronPort-AV: E=Sophos;i="5.98,258,1673942400"; d="scan'208";a="338838716"
Received: from fmsmga001.fm.intel.com ([10.253.24.23])
 by orsmga102.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;
 13 Mar 2023 17:12:09 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=McAfee;i="6500,9779,10648"; a="822155535"
X-IronPort-AV: E=Sophos;i="5.98,258,1673942400"; d="scan'208";a="822155535"
Received: from silpixa00400465.ir.intel.com ([10.55.128.39])
 by fmsmga001.fm.intel.com with ESMTP; 13 Mar 2023 17:12:07 -0700
From: Kai Ji <kai.ji@intel.com>
To: dev@dpdk.org
Cc: gakhil@marvell.com, stable@dpdk.org,
 Arkadiusz Kusztal <arkadiuszx.kusztal@intel.com>, Kai Ji <kai.ji@intel.com>
Subject: [dpdk-dev v1 2/2] app/test: add ecdh test cases
Date: Tue, 14 Mar 2023 08:12:02 +0800
Message-Id: <20230314001202.38306-2-kai.ji@intel.com>
X-Mailer: git-send-email 2.17.1
In-Reply-To: <20230314001202.38306-1-kai.ji@intel.com>
References: <20230314001202.38306-1-kai.ji@intel.com>
X-BeenThere: stable@dpdk.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: patches for DPDK stable branches <stable.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/stable>,
 <mailto:stable-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/stable/>
List-Post: <mailto:stable@dpdk.org>
List-Help: <mailto:stable-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/stable>,
 <mailto:stable-request@dpdk.org?subject=subscribe>
Errors-To: stable-bounces@dpdk.org

From: Arkadiusz Kusztal <arkadiuszx.kusztal@intel.com>

Added Elliptic-Curve Diffie Hellman test cases.

Signed-off-by: Arkadiusz Kusztal <arkadiuszx.kusztal@intel.com>
Signed-off-by: Kai Ji <kai.ji@intel.com>
---
 app/test/test_cryptodev_asym.c              | 356 ++++++++++++++++++++
 app/test/test_cryptodev_ecdh_test_vectors.h | 144 ++++++++
 2 files changed, 500 insertions(+)
 create mode 100644 app/test/test_cryptodev_ecdh_test_vectors.h

diff --git a/app/test/test_cryptodev_asym.c b/app/test/test_cryptodev_asym.c
index 91550946e2..9e475051e0 100644
--- a/app/test/test_cryptodev_asym.c
+++ b/app/test/test_cryptodev_asym.c
@@ -19,6 +19,7 @@
 #include "test_cryptodev_dsa_test_vectors.h"
 #include "test_cryptodev_ecdsa_test_vectors.h"
 #include "test_cryptodev_ecpm_test_vectors.h"
+#include "test_cryptodev_ecdh_test_vectors.h"
 #include "test_cryptodev_mod_test_vectors.h"
 #include "test_cryptodev_rsa_test_vectors.h"
 #include "test_cryptodev_asym_util.h"
@@ -2229,6 +2230,357 @@ test_ecpm_all_curve(void)
 	return overall_status;
 }

+static int
+test_ecdh(const void *input_vector)
+{
+	const struct ECDH_test_vector *test_vector = input_vector;
+	struct crypto_testsuite_params_asym *ts_params = &testsuite_params;
+	struct rte_mempool *op_mpool = ts_params->op_mpool;
+	struct rte_crypto_asym_xform xform = {
+		.next = NULL,
+		.xform_type = RTE_CRYPTO_ASYM_XFORM_ECDH,
+		.ec.curve_id = test_vector->curve_id
+	};
+	const uint8_t dev_id = ts_params->valid_devs[0];
+	uint8_t alice_x[test_vector->curve_bytesize],
+		alice_y[test_vector->curve_bytesize];
+	uint8_t bob_x[test_vector->curve_bytesize],
+		bob_y[test_vector->curve_bytesize];
+	uint8_t alice_xZ[test_vector->curve_bytesize],
+		alice_yZ[test_vector->curve_bytesize];
+	uint8_t bob_xZ[test_vector->curve_bytesize],
+		bob_yZ[test_vector->curve_bytesize];
+	struct rte_crypto_op *alice_op = NULL, *bob_op = NULL;
+
+	alice_op = rte_crypto_op_alloc(op_mpool,
+		RTE_CRYPTO_OP_TYPE_ASYMMETRIC);
+	bob_op = rte_crypto_op_alloc(op_mpool,
+		RTE_CRYPTO_OP_TYPE_ASYMMETRIC);
+
+	/*
+	 * STEP 1a:
+	 * Generate Alice public key
+	 */
+
+	alice_op->sess_type = RTE_CRYPTO_OP_SESSIONLESS;
+	alice_op->asym->xform = &xform;
+	alice_op->asym->ecdh.ke_type = RTE_CRYPTO_ASYM_KE_PUB_KEY_GENERATE;
+	alice_op->asym->ecdh.priv_key = test_vector->alice_d;
+	alice_op->asym->ecdh.pub_key.x.data = alice_x;
+	alice_op->asym->ecdh.pub_key.y.data = alice_y;
+
+	if (rte_cryptodev_enqueue_burst(dev_id, 0, &alice_op, 1) != 1) {
+		RTE_LOG(ERR, USER1, "Error sending packet for sign\n");
+		return -1;
+	}
+
+	while (rte_cryptodev_dequeue_burst(dev_id, 0, &alice_op, 1) == 0)
+		rte_pause();
+
+	if (alice_op->asym->ecdh.pub_key.x.length !=
+			test_vector->alice_q.x.length) {
+		RTE_LOG(ERR, USER1, "Incorrect Alice public key length (X coeff)\n");
+		RTE_LOG(ERR, USER1,
+			"Received length = %d Expected length = %d\n",
+			(unsigned int)test_vector->alice_q.x.length,
+			(unsigned int)alice_op->asym->ecdh.pub_key.x.length
+		);
+		goto error;
+	}
+	if (alice_op->asym->ecdh.pub_key.y.length !=
+			test_vector->alice_q.y.length) {
+		RTE_LOG(ERR, USER1, "Incorrect Alice public key length (X coeff)\n");
+		RTE_LOG(ERR, USER1,
+			"Received length = %d Expected length = %d\n",
+			(unsigned int)test_vector->alice_q.y.length,
+			(unsigned int)alice_op->asym->ecdh.pub_key.y.length
+		);
+		goto error;
+	}
+	if (memcmp(alice_op->asym->ecdh.pub_key.x.data,
+			test_vector->alice_q.x.data,
+			test_vector->alice_q.x.length)
+	) {
+		RTE_LOG(ERR, USER1, "Incorrect Alice public key X\n");
+		debug_hexdump(stdout, "Generated PublicKey x (Alice):",
+			alice_op->asym->ecdh.pub_key.x.data,
+			alice_op->asym->ecdh.pub_key.x.length);
+		goto error;
+	}
+	if (memcmp(alice_op->asym->ecdh.pub_key.y.data,
+			test_vector->alice_q.y.data,
+			test_vector->alice_q.y.length)
+	) {
+		RTE_LOG(ERR, USER1, "Incorrect Alice public key Y\n");
+		debug_hexdump(stdout, "Generated PublicKey y (Alice):",
+				alice_op->asym->ecdh.pub_key.y.data,
+				alice_op->asym->ecdh.pub_key.y.length);
+		goto error;
+	}
+
+
+	/*
+	 * STEP 1b:
+	 * Generate Bob public key
+	 */
+
+	bob_op->sess_type = RTE_CRYPTO_OP_SESSIONLESS;
+	bob_op->asym->xform = &xform;
+	bob_op->asym->ecdh.ke_type = RTE_CRYPTO_ASYM_KE_PUB_KEY_GENERATE;
+	bob_op->asym->ecdh.priv_key = test_vector->bob_d;
+	bob_op->asym->ecdh.pub_key.x.data = bob_x;
+	bob_op->asym->ecdh.pub_key.y.data = bob_y;
+
+	if (rte_cryptodev_enqueue_burst(dev_id, 0, &bob_op, 1) != 1) {
+		RTE_LOG(ERR, USER1, "Error sending packet for sign\n");
+		goto error;
+	}
+
+	while (rte_cryptodev_dequeue_burst(dev_id, 0, &bob_op, 1) == 0)
+		rte_pause();
+
+	if (bob_op->asym->ecdh.pub_key.x.length !=
+			test_vector->bob_q.x.length) {
+		RTE_LOG(ERR, USER1, "Incorrect Bob's public key length (X coeff)\n");
+		RTE_LOG(ERR, USER1,
+			"Received length = %d Expected length = %d\n",
+			(unsigned int)test_vector->bob_q.x.length,
+			(unsigned int)bob_op->asym->ecdh.pub_key.x.length
+		);
+		goto error;
+	}
+	if (bob_op->asym->ecdh.pub_key.y.length !=
+			test_vector->bob_q.y.length) {
+		RTE_LOG(ERR, USER1, "Incorrect Bob's public key length (Y coeff)\n");
+		RTE_LOG(ERR, USER1,
+			"Received length = %d Expected length = %d\n",
+			(unsigned int)test_vector->bob_q.y.length,
+			(unsigned int)bob_op->asym->ecdh.pub_key.y.length
+		);
+		goto error;
+	}
+	if (memcmp(bob_op->asym->ecdh.pub_key.x.data,
+			test_vector->bob_q.x.data,
+			test_vector->bob_q.x.length)
+	) {
+		RTE_LOG(ERR, USER1, "Incorrect Bob's public key X\n");
+		debug_hexdump(stdout,
+			"Generated PublicKey x (bob):",
+			bob_op->asym->ecdh.pub_key.x.data,
+			bob_op->asym->ecdh.pub_key.x.length
+		);
+		goto error;
+	}
+	if (memcmp(bob_op->asym->ecdh.pub_key.y.data,
+			test_vector->bob_q.y.data,
+			test_vector->bob_q.y.length)
+	) {
+		RTE_LOG(ERR, USER1, "Incorrect Bob's public key Y\n");
+		debug_hexdump(stdout,
+			"Generated PublicKey y (bob):",
+			bob_op->asym->ecdh.pub_key.y.data,
+			bob_op->asym->ecdh.pub_key.y.length
+		);
+		goto error;
+	}
+
+	/*
+	 * STEP 1.5a:
+	 * Alice verifies Bob's public key, reusing op, other parameters
+	 * then already set, only what Alice needs to do is to set public
+	 * key of Bob and change key exchange type to VERIFY.
+	 */
+
+	alice_op->asym->ecdh.ke_type = RTE_CRYPTO_ASYM_KE_PUB_KEY_VERIFY;
+	alice_op->asym->ecdh.pub_key.x.data = bob_x;
+	alice_op->asym->ecdh.pub_key.x.length =
+		bob_op->asym->ecdh.pub_key.x.length;
+	alice_op->asym->ecdh.pub_key.y.data = bob_y;
+	alice_op->asym->ecdh.pub_key.y.length =
+		bob_op->asym->ecdh.pub_key.y.length;
+
+	if (rte_cryptodev_enqueue_burst(dev_id, 0, &alice_op, 1) != 1) {
+		RTE_LOG(ERR, USER1, "Error sending packet for sign\n");
+		goto error;
+	}
+
+	while (rte_cryptodev_dequeue_burst(dev_id, 0, &alice_op, 1) == 0)
+		rte_pause();
+
+	if (alice_op->status != RTE_CRYPTO_OP_STATUS_SUCCESS) {
+		RTE_LOG(ERR, USER1,
+			"line %u FAILED: %s", __LINE__,
+			"Failed to verify Bob's public key, it does not belongs to curve points\n"
+		);
+		return TEST_FAILED;
+	}
+
+	/*
+	 * STEP 1.5b:
+	 * Bob verifies Alice's public key, reusing op, other parameters
+	 * then already set, only what Bob needs to do is to set public
+	 * key of Alice and change key exchange type to VERIFY.
+	 */
+
+	bob_op->asym->ecdh.ke_type = RTE_CRYPTO_ASYM_KE_PUB_KEY_VERIFY;
+	bob_op->asym->ecdh.pub_key.x.data = alice_x;
+	bob_op->asym->ecdh.pub_key.x.length =
+		alice_op->asym->ecdh.pub_key.x.length;
+	bob_op->asym->ecdh.pub_key.y.data = alice_y;
+	bob_op->asym->ecdh.pub_key.y.length =
+		alice_op->asym->ecdh.pub_key.y.length;
+
+	if (rte_cryptodev_enqueue_burst(dev_id, 0, &bob_op, 1) != 1) {
+		RTE_LOG(ERR, USER1, "Error sending packet for sign\n");
+		goto error;
+	}
+
+	while (rte_cryptodev_dequeue_burst(dev_id, 0, &bob_op, 1) == 0)
+		rte_pause();
+
+	if (bob_op->status != RTE_CRYPTO_OP_STATUS_SUCCESS) {
+		RTE_LOG(ERR, USER1,
+			"line %u FAILED: %s", __LINE__,
+			"Failed to verify Alice's public key it does not belongs to curve points\n"
+		);
+		goto error;
+	}
+
+	/*
+	 * STEP 2a:
+	 * Alice generates shared secret Z, since Bob's public key was already
+	 * set when doing verification only key exchange type need to be changed,
+	 * and setting place where Z will be copied by the PMD.
+	 */
+
+	alice_op->asym->ecdh.ke_type = RTE_CRYPTO_ASYM_KE_SHARED_SECRET_COMPUTE;
+	alice_op->asym->ecdh.shared_secret.x.data = alice_xZ;
+	alice_op->asym->ecdh.shared_secret.y.data = alice_yZ;
+
+	if (rte_cryptodev_enqueue_burst(dev_id, 0, &alice_op, 1) != 1) {
+		RTE_LOG(ERR, USER1, "Error sending packet for sign\n");
+		goto error;
+	}
+	while (rte_cryptodev_dequeue_burst(dev_id, 0, &alice_op, 1) == 0)
+		rte_pause();
+
+	if (alice_op->asym->ecdh.shared_secret.x.length !=
+			test_vector->Z.x.length) {
+		RTE_LOG(ERR, USER1, "Incorrect Alice's shared secret length X\n");
+		RTE_LOG(ERR, USER1,
+			"Received = %d Expected = %d\n",
+			(unsigned int)alice_op->asym->ecdh.shared_secret.x.length,
+			(unsigned int)test_vector->Z.x.length
+		);
+		goto error;
+	}
+	if (alice_op->asym->ecdh.shared_secret.y.length != test_vector->Z.y.length) {
+		RTE_LOG(ERR, USER1, "Incorrect Alice's shared secret length Y\n");
+		RTE_LOG(ERR, USER1,
+			"Received = %d Expected = %d\n",
+			(unsigned int)alice_op->asym->ecdh.shared_secret.y.length,
+			(unsigned int)test_vector->Z.y.length
+		);
+		goto error;
+	}
+
+	if (memcmp(alice_op->asym->ecdh.shared_secret.x.data,
+			test_vector->Z.x.data,
+			test_vector->Z.x.length)
+	) {
+		RTE_LOG(ERR, USER1, "Incorrect Alice's shared secret X\n");
+		debug_hexdump(stdout,
+			"Generated SharedSecret x (Alice):",
+			alice_op->asym->ecdh.shared_secret.x.data,
+			alice_op->asym->ecdh.shared_secret.x.length
+		);
+		goto error;
+	}
+	if (memcmp(alice_op->asym->ecdh.shared_secret.y.data,
+			test_vector->Z.y.data,
+			test_vector->Z.y.length)
+	) {
+		RTE_LOG(ERR, USER1, "Incorrect Alice's shared secret Y\n");
+		debug_hexdump(stdout,
+			"Generated SharedSecret y (Alice):",
+			alice_op->asym->ecdh.shared_secret.y.data,
+			alice_op->asym->ecdh.shared_secret.y.length
+		);
+		goto error;
+	}
+
+	/*
+	 * STEP 2b:
+	 * Bob generates shared secret Z, since Alice's public key was already
+	 * set when doing verification only, key exchange type needs to be
+	 * changed, and setting place where Z will be copied by the PMD.
+	 */
+
+	bob_op->asym->ecdh.ke_type = RTE_CRYPTO_ASYM_KE_SHARED_SECRET_COMPUTE;
+	bob_op->asym->ecdh.shared_secret.x.data = bob_xZ;
+	bob_op->asym->ecdh.shared_secret.y.data = bob_yZ;
+
+	if (rte_cryptodev_enqueue_burst(dev_id, 0, &bob_op, 1) != 1) {
+		RTE_LOG(ERR, USER1, "Error sending packet for sign\n");
+		goto error;
+	}
+
+	while (rte_cryptodev_dequeue_burst(dev_id, 0, &bob_op, 1) == 0)
+		rte_pause();
+
+	if (bob_op->asym->ecdh.shared_secret.x.length != test_vector->Z.x.length) {
+		RTE_LOG(ERR, USER1, "Incorrect Bob's shared secret length X\n");
+		RTE_LOG(ERR, USER1,
+			"Received = %d Expected = %d\n",
+			(unsigned int)bob_op->asym->ecdh.shared_secret.x.length,
+			(unsigned int)test_vector->Z.x.length
+		);
+		goto error;
+	}
+	if (bob_op->asym->ecdh.shared_secret.y.length != test_vector->Z.y.length) {
+		RTE_LOG(ERR, USER1, "Incorrect Bob's shared secret length Y\n");
+		RTE_LOG(ERR, USER1,
+			"Received = %d Expected = %d\n",
+			(unsigned int)bob_op->asym->ecdh.shared_secret.y.length,
+			(unsigned int)test_vector->Z.y.length
+		);
+		goto error;
+	}
+
+	if (memcmp(bob_op->asym->ecdh.shared_secret.x.data,
+			test_vector->Z.x.data,
+			test_vector->Z.x.length)
+	) {
+		RTE_LOG(ERR, USER1, "Incorrect Bob's shared secret X\n");
+		debug_hexdump(stdout,
+			"Generated SharedSecret x (Bob):",
+			bob_op->asym->ecdh.shared_secret.x.data,
+			bob_op->asym->ecdh.shared_secret.x.length
+		);
+		goto error;
+	}
+	if (memcmp(bob_op->asym->ecdh.shared_secret.y.data,
+			test_vector->Z.y.data,
+			test_vector->Z.y.length)
+	) {
+		RTE_LOG(ERR, USER1, "Incorrect Bob's shared secret Y\n");
+		debug_hexdump(stdout,
+			"Generated SharedSecret y (Bob):",
+			bob_op->asym->ecdh.shared_secret.y.data,
+			bob_op->asym->ecdh.shared_secret.y.length
+		);
+		goto error;
+	}
+
+	/* Both shared secret where correctly verified -> Test passed */
+
+	return TEST_SUCCESS;
+error:
+	rte_crypto_op_free(alice_op);
+	rte_crypto_op_free(bob_op);
+	return TEST_FAILED;
+}
+
 static void *
 dh_alice_bob_set_session(uint8_t dev_id,
 	struct rte_crypto_op *op,
@@ -2487,6 +2839,10 @@ static struct unit_test_suite cryptodev_qat_asym_testsuite  = {
 	.teardown = testsuite_teardown,
 	.unit_test_cases = {
 		TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, test_one_by_one),
+		TEST_CASE_NAMED_WITH_DATA(
+			"Test - ECDH secp256r1, RFC 5114 256",
+			ut_setup_asym, ut_teardown_asym,
+			test_ecdh, &rfc5114_secp256r1),
 		TEST_CASES_END() /**< NULL terminate unit test array */
 	}
 };
diff --git a/app/test/test_cryptodev_ecdh_test_vectors.h b/app/test/test_cryptodev_ecdh_test_vectors.h
new file mode 100644
index 0000000000..c8151302ed
--- /dev/null
+++ b/app/test/test_cryptodev_ecdh_test_vectors.h
@@ -0,0 +1,144 @@
+/* SPDX-License-Identifier: BSD-3-Clause
+ * Copyright (C) 2022 Intel Corporation
+ */
+
+#ifndef __TEST_CRYPTODEV_ECDH_VECTORS_H__
+#define __TEST_CRYPTODEV_ECDH_VECTORS_H__
+
+#include "rte_crypto_asym.h"
+
+/*
+ * Elliptic Curve Diffie-Hellman test vector struct
+ * Peers are named Alice and Bob
+ * q - is a public key
+ * d - is a private key
+ * Z - is a shared secret
+ */
+
+struct ECDH_test_vector {
+	enum rte_crypto_curve_id curve_id;
+	int curve_bytesize;
+	rte_crypto_uint alice_d;
+	rte_crypto_uint bob_d;
+	struct rte_crypto_ec_point alice_q;
+	struct rte_crypto_ec_point bob_q;
+	struct rte_crypto_ec_point Z;
+};
+
+/*
+ * Elliptic Curve Diffie-Hellman test
+ * It consist of three phases:
+ * - Generation of public key based on private key
+ * - Verification of peer's public key
+ * - Generation of shared secret
+ * Peers in tests are named Alice and Bob
+ */
+
+/* RFC 5114 256-bit Random ECP Group Data */
+
+/*
+ * Alice's parameters
+ */
+static uint8_t rfc5114_256b_dA[] = {
+	0x81, 0x42, 0x64, 0x14, 0x5F, 0x2F, 0x56, 0xF2,
+	0xE9, 0x6A, 0x8E, 0x33, 0x7A, 0x12, 0x84, 0x99,
+	0x3F, 0xAF, 0x43, 0x2A, 0x5A, 0xBC, 0xE5, 0x9E,
+	0x86, 0x7B, 0x72, 0x91, 0xD5, 0x07, 0xA3, 0xAF,
+};
+
+static uint8_t rfc5114_256b_x_qA[] = {
+	0x2A, 0xF5, 0x02, 0xF3, 0xBE, 0x89, 0x52, 0xF2,
+	0xC9, 0xB5, 0xA8, 0xD4, 0x16, 0x0D, 0x09, 0xE9,
+	0x71, 0x65, 0xBE, 0x50, 0xBC, 0x42, 0xAE, 0x4A,
+	0x5E, 0x8D, 0x3B, 0x4B, 0xA8, 0x3A, 0xEB, 0x15,
+};
+
+static uint8_t rfc5114_256b_y_qA[] = {
+	0xEB, 0x0F, 0xAF, 0x4C, 0xA9, 0x86, 0xC4, 0xD3,
+	0x86, 0x81, 0xA0, 0xF9, 0x87, 0x2D, 0x79, 0xD5,
+	0x67, 0x95, 0xBD, 0x4B, 0xFF, 0x6E, 0x6D, 0xE3,
+	0xC0, 0xF5, 0x01, 0x5E, 0xCE, 0x5E, 0xFD, 0x85,
+};
+
+/*
+ * Bob's parameters
+ */
+static uint8_t rfc5114_256b_dB[] = {
+	0x2C, 0xE1, 0x78, 0x8E, 0xC1, 0x97, 0xE0, 0x96,
+	0xDB, 0x95, 0xA2, 0x00, 0xCC, 0x0A, 0xB2, 0x6A,
+	0x19, 0xCE, 0x6B, 0xCC, 0xAD, 0x56, 0x2B, 0x8E,
+	0xEE, 0x1B, 0x59, 0x37, 0x61, 0xCF, 0x7F, 0x41,
+};
+
+static uint8_t rfc5114_256b_x_qB[] = {
+	0xB1, 0x20, 0xDE, 0x4A, 0xA3, 0x64, 0x92, 0x79,
+	0x53, 0x46, 0xE8, 0xDE, 0x6C, 0x2C, 0x86, 0x46,
+	0xAE, 0x06, 0xAA, 0xEA, 0x27, 0x9F, 0xA7, 0x75,
+	0xB3, 0xAB, 0x07, 0x15, 0xF6, 0xCE, 0x51, 0xB0,
+};
+
+static uint8_t rfc5114_256b_y_qB[] = {
+	0x9F, 0x1B, 0x7E, 0xEC, 0xE2, 0x0D, 0x7B, 0x5E,
+	0xD8, 0xEC, 0x68, 0x5F, 0xA3, 0xF0, 0x71, 0xD8,
+	0x37, 0x27, 0x02, 0x70, 0x92, 0xA8, 0x41, 0x13,
+	0x85, 0xC3, 0x4D, 0xDE, 0x57, 0x08, 0xB2, 0xB6,
+};
+
+static uint8_t rfc5114_256b_x_Z[] = {
+	0xDD, 0x0F, 0x53, 0x96, 0x21, 0x9D, 0x1E, 0xA3,
+	0x93, 0x31, 0x04, 0x12, 0xD1, 0x9A, 0x08, 0xF1,
+	0xF5, 0x81, 0x1E, 0x9D, 0xC8, 0xEC, 0x8E, 0xEA,
+	0x7F, 0x80, 0xD2, 0x1C, 0x82, 0x0C, 0x27, 0x88,
+};
+
+static uint8_t rfc5114_256b_y_Z[] = {
+	0x03, 0x57, 0xDC, 0xCD, 0x4C, 0x80, 0x4D, 0x0D,
+	0x8D, 0x33, 0xAA, 0x42, 0xB8, 0x48, 0x83, 0x4A,
+	0xA5, 0x60, 0x5F, 0x9A, 0xB0, 0xD3, 0x72, 0x39,
+	0xA1, 0x15, 0xBB, 0xB6, 0x47, 0x93, 0x6F, 0x50,
+};
+
+static struct ECDH_test_vector rfc5114_secp256r1 = {
+	.curve_id = RTE_CRYPTO_EC_GROUP_SECP256R1,
+	.curve_bytesize = 32,
+	.alice_d = {
+		.data = rfc5114_256b_dA,
+		.length = sizeof(rfc5114_256b_dA),
+	},
+	.alice_q = {
+		.x = {
+			.data = rfc5114_256b_x_qA,
+			.length = sizeof(rfc5114_256b_x_qA),
+		},
+		.y = {
+			.data = rfc5114_256b_y_qA,
+			.length = sizeof(rfc5114_256b_y_qA),
+		},
+	},
+	.bob_d = {
+		.data = rfc5114_256b_dB,
+		.length = sizeof(rfc5114_256b_dB)
+	},
+	.bob_q = {
+		.x = {
+			.data = rfc5114_256b_x_qB,
+			.length = sizeof(rfc5114_256b_x_qB),
+		},
+		.y = {
+			.data = rfc5114_256b_y_qB,
+			.length = sizeof(rfc5114_256b_y_qB),
+		},
+	},
+	.Z = {
+		.x = {
+			.data = rfc5114_256b_x_Z,
+			.length = sizeof(rfc5114_256b_x_Z),
+		},
+		.y = {
+			.data = rfc5114_256b_y_Z,
+			.length = sizeof(rfc5114_256b_y_Z),
+		}
+	}
+};
+
+#endif
--
2.17.1