From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from dpdk.org (dpdk.org [92.243.14.124]) by inbox.dpdk.org (Postfix) with ESMTP id 1BFE0A0487 for ; Wed, 3 Jul 2019 17:39:33 +0200 (CEST) Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id 333EA5B3A; Wed, 3 Jul 2019 17:39:28 +0200 (CEST) Received: from mga06.intel.com (mga06.intel.com [134.134.136.31]) by dpdk.org (Postfix) with ESMTP id 562BB58C4 for ; Wed, 3 Jul 2019 17:39:25 +0200 (CEST) X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by orsmga104.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 03 Jul 2019 08:39:24 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.63,446,1557212400"; d="scan'208";a="184788201" Received: from damiannx-mobl1.ger.corp.intel.com (HELO akusztax-MOBL.ger.corp.intel.com) ([10.104.14.182]) by fmsmga001.fm.intel.com with ESMTP; 03 Jul 2019 08:39:22 -0700 From: Arek Kusztal To: dev@dpdk.org Cc: akhil.goyal@nxp.com, fiona.trahe@intel.com, shally.verma@caviumnetworks.com, Arek Kusztal Date: Wed, 3 Jul 2019 17:37:59 +0200 Message-Id: <20190703153759.1508-4-arkadiuszx.kusztal@intel.com> X-Mailer: git-send-email 2.19.1.windows.1 In-Reply-To: <20190703153759.1508-1-arkadiuszx.kusztal@intel.com> References: <20190703153759.1508-1-arkadiuszx.kusztal@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Subject: [dpdk-dev] [PATCH v2 3/3] test: rework rsa test implementation X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" This commit reworks rsa test implementation to be conformant to the RSA API. Simulation of PKCS1_5 padding was added to be used with PADDING_NONE option. Signed-off-by: Arek Kusztal --- app/test/test_cryptodev_asym.c | 44 ++++++++++++++++++++++++------- app/test/test_cryptodev_asym_util.h | 52 +++++++++++++++++++++++++++++++++++++ 2 files changed, 87 insertions(+), 9 deletions(-) diff --git a/app/test/test_cryptodev_asym.c b/app/test/test_cryptodev_asym.c index fc92d3d..ae43861 100644 --- a/app/test/test_cryptodev_asym.c +++ b/app/test/test_cryptodev_asym.c @@ -402,7 +402,7 @@ test_rsa_sign_verify(void) asym_op->rsa.message.data = input_buf; asym_op->rsa.message.length = rsaplaintext.len; asym_op->rsa.sign.data = output_buf; - asym_op->rsa.pad = RTE_CRYPTO_RSA_PKCS1_V1_5_BT1; + asym_op->rsa.padding = RTE_CRYPTO_RSA_PADDING_PKCS1; debug_hexdump(stdout, "message", asym_op->rsa.message.data, asym_op->rsa.message.length); @@ -437,7 +437,7 @@ test_rsa_sign_verify(void) /* Verify sign */ asym_op->rsa.op_type = RTE_CRYPTO_ASYM_OP_VERIFY; - asym_op->rsa.pad = RTE_CRYPTO_RSA_PKCS1_V1_5_BT2; + asym_op->rsa.padding = RTE_CRYPTO_RSA_PADDING_PKCS1; /* Process crypto operation */ if (rte_cryptodev_enqueue_burst(dev_id, 0, &op, 1) != 1) { @@ -483,7 +483,7 @@ test_rsa_sign_verify(void) } static int -test_rsa_enc_dec(void) +test_rsa_enc_dec(enum rte_crypto_rsa_padding_type padding) { struct crypto_testsuite_params *ts_params = &testsuite_params; struct rte_mempool *op_mpool = ts_params->op_mpool; @@ -495,6 +495,7 @@ test_rsa_enc_dec(void) struct rte_cryptodev_asym_session *sess = NULL; int status = TEST_SUCCESS; uint8_t input_buf[TEST_DATA_SIZE] = {0}; + uint8_t cipher_buf[TEST_DATA_SIZE] = {0}; /* test case supports op with exponent key only, * Check in PMD feature flag for RSA exponent key type support. @@ -542,12 +543,18 @@ test_rsa_enc_dec(void) asym_op = op->asym; /*Compute encryption on the test vector */ asym_op->rsa.op_type = RTE_CRYPTO_ASYM_OP_ENCRYPT; - - memcpy(input_buf, rsaplaintext.data, - rsaplaintext.len); asym_op->rsa.message.data = input_buf; asym_op->rsa.message.length = rsaplaintext.len; - asym_op->rsa.pad = RTE_CRYPTO_RSA_PKCS1_V1_5_BT2; + asym_op->rsa.cipher.data = cipher_buf; + asym_op->rsa.cipher.length = 0; + asym_op->rsa.padding = padding; + if (padding == RTE_CRYPTO_RSA_PADDING_NONE) { + rsa_simulate_pkcs1_5_padding(0, input_buf, rsa_xform.rsa.n.length, + rsaplaintext.data, rsaplaintext.len); + asym_op->rsa.message.length = rsa_xform.rsa.n.length; + } else + memcpy(input_buf, rsaplaintext.data, + rsaplaintext.len); debug_hexdump(stdout, "message", asym_op->rsa.message.data, asym_op->rsa.message.length); @@ -581,7 +588,7 @@ test_rsa_enc_dec(void) /* Use the resulted output as decryption Input vector*/ asym_op = result_op->asym; asym_op->rsa.op_type = RTE_CRYPTO_ASYM_OP_DECRYPT; - asym_op->rsa.pad = RTE_CRYPTO_RSA_PKCS1_V1_5_BT1; + asym_op->rsa.padding = padding; /* Process crypto operation */ if (rte_cryptodev_enqueue_burst(dev_id, 0, &op, 1) != 1) { @@ -604,7 +611,15 @@ test_rsa_enc_dec(void) } status = TEST_SUCCESS; int ret = 0; + + if (padding == RTE_CRYPTO_RSA_PADDING_NONE) { + result_op->asym->rsa.message.length = + rsa_simulate_strip_pkcs1_5_padding(result_op->asym->rsa.message.data, + rsa_xform.rsa.n.length); + } + ret = rsa_verify(&rsaplaintext, result_op); + if (ret) status = TEST_FAILED; @@ -624,6 +639,16 @@ test_rsa_enc_dec(void) } static int +test_rsa_enc_dec_pkcs_1(void){ + return test_rsa_enc_dec(RTE_CRYPTO_RSA_PADDING_PKCS1); +} + +static int +test_rsa_enc_dec_pkcs_1_none(void){ + return test_rsa_enc_dec(RTE_CRYPTO_RSA_PADDING_NONE); +} + +static int testsuite_setup(void) { struct crypto_testsuite_params *ts_params = &testsuite_params; @@ -1684,7 +1709,8 @@ static struct unit_test_suite cryptodev_openssl_asym_testsuite = { TEST_CASE_ST(ut_setup, ut_teardown, test_capability), TEST_CASE_ST(ut_setup, ut_teardown, test_dsa), TEST_CASE_ST(ut_setup, ut_teardown, test_dh_keygenration), - TEST_CASE_ST(ut_setup, ut_teardown, test_rsa_enc_dec), + TEST_CASE_ST(ut_setup, ut_teardown, test_rsa_enc_dec_pkcs_1), + TEST_CASE_ST(ut_setup, ut_teardown, test_rsa_enc_dec_pkcs_1_none), TEST_CASE_ST(ut_setup, ut_teardown, test_rsa_sign_verify), TEST_CASE_ST(ut_setup, ut_teardown, test_mod_inv), TEST_CASE_ST(ut_setup, ut_teardown, test_mod_exp), diff --git a/app/test/test_cryptodev_asym_util.h b/app/test/test_cryptodev_asym_util.h index b3d9fb4..484b967 100644 --- a/app/test/test_cryptodev_asym_util.h +++ b/app/test/test_cryptodev_asym_util.h @@ -7,6 +7,58 @@ /* Below Apis compare resulted buffer to original test vector */ +/* + * Two functions below simulate pkcs 1.5 padding and serves only as an example, + * both offer no security. + */ +static inline int rsa_simulate_pkcs1_5_padding(int op, uint8_t *p, + int key_size, const uint8_t *src, int len) { + + int ps_len; + + if (len > key_size - 11) + return -1; + ps_len = key_size - len - 3; + + *(p++) = 0; + *(p++) = op ? 1 : 2; + if (op) { + while (ps_len--) + *p = 0xFF; + } else { + while (ps_len--) { + *p = (uint8_t)rand(); + *p ^= !(*p); + p++; + } + } + + *(p++) = 0; + memcpy(p, src, len); + + return 0; +} + +static inline int rsa_simulate_strip_pkcs1_5_padding(uint8_t *src, + int key_size) { + uint8_t tmp[key_size], *orig_src = src; + int i = 1; + ++src; + while (*(src) && i < key_size) { + ++i; + ++src; + } + if (i == key_size) + return -1; + + ++i; + ++src; + + memcpy(tmp, src, key_size - i); + memcpy(orig_src, tmp, key_size - i); + return key_size - i; +} + static inline int rsa_verify(struct rsa_test_data *rsa_param, struct rte_crypto_op *result_op) { -- 2.1.0