From: Arek Kusztal <arkadiuszx.kusztal@intel.com>
To: dev@dpdk.org
Cc: akhil.goyal@nxp.com, fiona.trahe@intel.com,
shally.verma@caviumnetworks.com,
Arek Kusztal <arkadiuszx.kusztal@intel.com>
Subject: [dpdk-dev] [PATCH v2 3/3] test: rework rsa test implementation
Date: Wed, 3 Jul 2019 17:37:59 +0200 [thread overview]
Message-ID: <20190703153759.1508-4-arkadiuszx.kusztal@intel.com> (raw)
In-Reply-To: <20190703153759.1508-1-arkadiuszx.kusztal@intel.com>
This commit reworks rsa test implementation to be conformant
to the RSA API.
Simulation of PKCS1_5 padding was added to be used with PADDING_NONE
option.
Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
---
app/test/test_cryptodev_asym.c | 44 ++++++++++++++++++++++++-------
app/test/test_cryptodev_asym_util.h | 52 +++++++++++++++++++++++++++++++++++++
2 files changed, 87 insertions(+), 9 deletions(-)
diff --git a/app/test/test_cryptodev_asym.c b/app/test/test_cryptodev_asym.c
index fc92d3d..ae43861 100644
--- a/app/test/test_cryptodev_asym.c
+++ b/app/test/test_cryptodev_asym.c
@@ -402,7 +402,7 @@ test_rsa_sign_verify(void)
asym_op->rsa.message.data = input_buf;
asym_op->rsa.message.length = rsaplaintext.len;
asym_op->rsa.sign.data = output_buf;
- asym_op->rsa.pad = RTE_CRYPTO_RSA_PKCS1_V1_5_BT1;
+ asym_op->rsa.padding = RTE_CRYPTO_RSA_PADDING_PKCS1;
debug_hexdump(stdout, "message", asym_op->rsa.message.data,
asym_op->rsa.message.length);
@@ -437,7 +437,7 @@ test_rsa_sign_verify(void)
/* Verify sign */
asym_op->rsa.op_type = RTE_CRYPTO_ASYM_OP_VERIFY;
- asym_op->rsa.pad = RTE_CRYPTO_RSA_PKCS1_V1_5_BT2;
+ asym_op->rsa.padding = RTE_CRYPTO_RSA_PADDING_PKCS1;
/* Process crypto operation */
if (rte_cryptodev_enqueue_burst(dev_id, 0, &op, 1) != 1) {
@@ -483,7 +483,7 @@ test_rsa_sign_verify(void)
}
static int
-test_rsa_enc_dec(void)
+test_rsa_enc_dec(enum rte_crypto_rsa_padding_type padding)
{
struct crypto_testsuite_params *ts_params = &testsuite_params;
struct rte_mempool *op_mpool = ts_params->op_mpool;
@@ -495,6 +495,7 @@ test_rsa_enc_dec(void)
struct rte_cryptodev_asym_session *sess = NULL;
int status = TEST_SUCCESS;
uint8_t input_buf[TEST_DATA_SIZE] = {0};
+ uint8_t cipher_buf[TEST_DATA_SIZE] = {0};
/* test case supports op with exponent key only,
* Check in PMD feature flag for RSA exponent key type support.
@@ -542,12 +543,18 @@ test_rsa_enc_dec(void)
asym_op = op->asym;
/*Compute encryption on the test vector */
asym_op->rsa.op_type = RTE_CRYPTO_ASYM_OP_ENCRYPT;
-
- memcpy(input_buf, rsaplaintext.data,
- rsaplaintext.len);
asym_op->rsa.message.data = input_buf;
asym_op->rsa.message.length = rsaplaintext.len;
- asym_op->rsa.pad = RTE_CRYPTO_RSA_PKCS1_V1_5_BT2;
+ asym_op->rsa.cipher.data = cipher_buf;
+ asym_op->rsa.cipher.length = 0;
+ asym_op->rsa.padding = padding;
+ if (padding == RTE_CRYPTO_RSA_PADDING_NONE) {
+ rsa_simulate_pkcs1_5_padding(0, input_buf, rsa_xform.rsa.n.length,
+ rsaplaintext.data, rsaplaintext.len);
+ asym_op->rsa.message.length = rsa_xform.rsa.n.length;
+ } else
+ memcpy(input_buf, rsaplaintext.data,
+ rsaplaintext.len);
debug_hexdump(stdout, "message", asym_op->rsa.message.data,
asym_op->rsa.message.length);
@@ -581,7 +588,7 @@ test_rsa_enc_dec(void)
/* Use the resulted output as decryption Input vector*/
asym_op = result_op->asym;
asym_op->rsa.op_type = RTE_CRYPTO_ASYM_OP_DECRYPT;
- asym_op->rsa.pad = RTE_CRYPTO_RSA_PKCS1_V1_5_BT1;
+ asym_op->rsa.padding = padding;
/* Process crypto operation */
if (rte_cryptodev_enqueue_burst(dev_id, 0, &op, 1) != 1) {
@@ -604,7 +611,15 @@ test_rsa_enc_dec(void)
}
status = TEST_SUCCESS;
int ret = 0;
+
+ if (padding == RTE_CRYPTO_RSA_PADDING_NONE) {
+ result_op->asym->rsa.message.length =
+ rsa_simulate_strip_pkcs1_5_padding(result_op->asym->rsa.message.data,
+ rsa_xform.rsa.n.length);
+ }
+
ret = rsa_verify(&rsaplaintext, result_op);
+
if (ret)
status = TEST_FAILED;
@@ -624,6 +639,16 @@ test_rsa_enc_dec(void)
}
static int
+test_rsa_enc_dec_pkcs_1(void){
+ return test_rsa_enc_dec(RTE_CRYPTO_RSA_PADDING_PKCS1);
+}
+
+static int
+test_rsa_enc_dec_pkcs_1_none(void){
+ return test_rsa_enc_dec(RTE_CRYPTO_RSA_PADDING_NONE);
+}
+
+static int
testsuite_setup(void)
{
struct crypto_testsuite_params *ts_params = &testsuite_params;
@@ -1684,7 +1709,8 @@ static struct unit_test_suite cryptodev_openssl_asym_testsuite = {
TEST_CASE_ST(ut_setup, ut_teardown, test_capability),
TEST_CASE_ST(ut_setup, ut_teardown, test_dsa),
TEST_CASE_ST(ut_setup, ut_teardown, test_dh_keygenration),
- TEST_CASE_ST(ut_setup, ut_teardown, test_rsa_enc_dec),
+ TEST_CASE_ST(ut_setup, ut_teardown, test_rsa_enc_dec_pkcs_1),
+ TEST_CASE_ST(ut_setup, ut_teardown, test_rsa_enc_dec_pkcs_1_none),
TEST_CASE_ST(ut_setup, ut_teardown, test_rsa_sign_verify),
TEST_CASE_ST(ut_setup, ut_teardown, test_mod_inv),
TEST_CASE_ST(ut_setup, ut_teardown, test_mod_exp),
diff --git a/app/test/test_cryptodev_asym_util.h b/app/test/test_cryptodev_asym_util.h
index b3d9fb4..484b967 100644
--- a/app/test/test_cryptodev_asym_util.h
+++ b/app/test/test_cryptodev_asym_util.h
@@ -7,6 +7,58 @@
/* Below Apis compare resulted buffer to original test vector */
+/*
+ * Two functions below simulate pkcs 1.5 padding and serves only as an example,
+ * both offer no security.
+ */
+static inline int rsa_simulate_pkcs1_5_padding(int op, uint8_t *p,
+ int key_size, const uint8_t *src, int len) {
+
+ int ps_len;
+
+ if (len > key_size - 11)
+ return -1;
+ ps_len = key_size - len - 3;
+
+ *(p++) = 0;
+ *(p++) = op ? 1 : 2;
+ if (op) {
+ while (ps_len--)
+ *p = 0xFF;
+ } else {
+ while (ps_len--) {
+ *p = (uint8_t)rand();
+ *p ^= !(*p);
+ p++;
+ }
+ }
+
+ *(p++) = 0;
+ memcpy(p, src, len);
+
+ return 0;
+}
+
+static inline int rsa_simulate_strip_pkcs1_5_padding(uint8_t *src,
+ int key_size) {
+ uint8_t tmp[key_size], *orig_src = src;
+ int i = 1;
+ ++src;
+ while (*(src) && i < key_size) {
+ ++i;
+ ++src;
+ }
+ if (i == key_size)
+ return -1;
+
+ ++i;
+ ++src;
+
+ memcpy(tmp, src, key_size - i);
+ memcpy(orig_src, tmp, key_size - i);
+ return key_size - i;
+}
+
static inline int rsa_verify(struct rsa_test_data *rsa_param,
struct rte_crypto_op *result_op)
{
--
2.1.0
next prev parent reply other threads:[~2019-07-03 15:39 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-07-03 15:37 [dpdk-dev] [PATCH v2 0/3]Rework API for RSA algorithm in asymmetric crypto Arek Kusztal
2019-07-03 15:37 ` [dpdk-dev] [PATCH v2 1/3] cryptodev: rework api of rsa algorithm Arek Kusztal
2019-07-04 12:40 ` Kusztal, ArkadiuszX
2019-07-06 13:14 ` Shally Verma
2019-07-08 17:44 ` Kusztal, ArkadiuszX
2019-07-09 10:02 ` Kusztal, ArkadiuszX
2019-07-16 13:51 ` Akhil Goyal
2019-07-16 14:16 ` Kusztal, ArkadiuszX
2019-07-16 14:27 ` Trahe, Fiona
2019-07-03 15:37 ` [dpdk-dev] [PATCH v2 2/3] crypto/openssl: rework openssl rsa implementation Arek Kusztal
2019-07-04 12:44 ` Kusztal, ArkadiuszX
2019-07-03 15:37 ` Arek Kusztal [this message]
2019-07-04 15:13 ` [dpdk-dev] [PATCH v2 0/3]Rework API for RSA algorithm in asymmetric crypto Trahe, Fiona
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190703153759.1508-4-arkadiuszx.kusztal@intel.com \
--to=arkadiuszx.kusztal@intel.com \
--cc=akhil.goyal@nxp.com \
--cc=dev@dpdk.org \
--cc=fiona.trahe@intel.com \
--cc=shally.verma@caviumnetworks.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).