From mboxrd@z Thu Jan 1 00:00:00 1970
Return-Path: <dev-bounces@dpdk.org>
Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124])
by inbox.dpdk.org (Postfix) with ESMTP id 4A120A00C2;
Tue, 27 Sep 2022 09:27:05 +0200 (CEST)
Received: from [217.70.189.124] (localhost [127.0.0.1])
by mails.dpdk.org (Postfix) with ESMTP id 0141D42B77;
Tue, 27 Sep 2022 09:26:38 +0200 (CEST)
Received: from mx0b-0016f401.pphosted.com (mx0a-0016f401.pphosted.com
[67.231.148.174])
by mails.dpdk.org (Postfix) with ESMTP id E0B7A42B70
for <dev@dpdk.org>; Tue, 27 Sep 2022 09:26:35 +0200 (CEST)
Received: from pps.filterd (m0045849.ppops.net [127.0.0.1])
by mx0a-0016f401.pphosted.com (8.17.1.5/8.17.1.5) with ESMTP id 28R4V91l032060;
Tue, 27 Sep 2022 00:26:35 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com;
h=from : to : cc :
subject : date : message-id : in-reply-to : references : mime-version :
content-transfer-encoding : content-type; s=pfpt0220;
bh=K+I9Bp0ctYZy3WIvQpuK2YO8mVV4TkuK8DiHKZY0oks=;
b=YvHdm95ZUsKImWhj5Pl4uHMxsJqcsMvlMORAWLOpvtEryTYNXXV05zfjVlldzFBkojas
GjjiduYWaXKDEEgnTPNMXUWtSmh7ff/0sSA/+/q2Ovl4LHXmr0OD50ALkos8ljgk7MEy
PN2wxL81mJy61+mSmNMMIjj8zLxoN/4qMQfuZHir0Kg8O4Ozgvm6x+qLGe1Srz6SezJV
Pu6Q5UQmAr465xY2xm/cM5DzbJdZHcsgLoRY7EBRPNA9nqHD+shwFur1RVjgXuEdvJaH
Re6pbXRwwpEezYPZCEqAXURqAVBSlzGuI8gXvmPIO1j8dIC1S/yqxltlH51JXXtINQxy yQ==
Received: from dc5-exch01.marvell.com ([199.233.59.181])
by mx0a-0016f401.pphosted.com (PPS) with ESMTPS id 3jucsq36c4-1
(version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT);
Tue, 27 Sep 2022 00:26:34 -0700
Received: from DC5-EXCH02.marvell.com (10.69.176.39) by DC5-EXCH01.marvell.com
(10.69.176.38) with Microsoft SMTP Server (TLS) id 15.0.1497.2;
Tue, 27 Sep 2022 00:26:33 -0700
Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH02.marvell.com
(10.69.176.39) with Microsoft SMTP Server id 15.0.1497.18 via Frontend
Transport; Tue, 27 Sep 2022 00:26:33 -0700
Received: from localhost.localdomain (unknown [10.28.34.38])
by maili.marvell.com (Postfix) with ESMTP id 2F6E05B695F;
Tue, 27 Sep 2022 00:26:30 -0700 (PDT)
From: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
To: <dev@dpdk.org>
CC: Anoob Joseph <anoobj@marvell.com>, Fan Zhang <roy.fan.zhang@intel.com>,
Brian Dooley <brian.dooley@intel.com>,
Akhil Goyal <gakhil@marvell.com>, <jerinj@marvell.com>,
Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
Subject: [v2 6/7] examples/fips_validation: encode digest with hash OID
Date: Tue, 27 Sep 2022 12:56:11 +0530
Message-ID: <70002880b18a7bda81c315ca542220e76f43b96b.1664263264.git.gmuthukrishn@marvell.com>
X-Mailer: git-send-email 2.25.1
In-Reply-To: <cover.1664263264.git.gmuthukrishn@marvell.com>
References: <cover.1664263264.git.gmuthukrishn@marvell.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Content-Type: text/plain
X-Proofpoint-GUID: L_FGXOtcahwIyez2twRaTSACMJuAt2k3
X-Proofpoint-ORIG-GUID: L_FGXOtcahwIyez2twRaTSACMJuAt2k3
X-Proofpoint-Virus-Version: vendor=baseguard
engine=ICAP:2.0.205,Aquarius:18.0.895,Hydra:6.0.528,FMLib:17.11.122.1
definitions=2022-09-27_02,2022-09-22_02,2022-06-22_01
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: DPDK patches and discussions <dev.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/dev>,
<mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/dev>,
<mailto:dev-request@dpdk.org?subject=subscribe>
Errors-To: dev-bounces@dpdk.org
FIPS RSA validation requires hash ddigest be encoded with ASN.1
value for digest info.
Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
---
examples/fips_validation/main.c | 78 +++++++++++++++++++++++++++++++++
1 file changed, 78 insertions(+)
diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c
index ed86c10350..cfa01eae20 100644
--- a/examples/fips_validation/main.c
+++ b/examples/fips_validation/main.c
@@ -851,6 +851,63 @@ prepare_aead_op(void)
return 0;
}
+static int
+get_hash_oid(enum rte_crypto_auth_algorithm hash, uint8_t *buf)
+{
+ uint8_t id_sha512[] = {0x30, 0x51, 0x30, 0x0d, 0x06, 0x09,
+ 0x60, 0x86, 0x48, 0x01, 0x65, 0x03,
+ 0x04, 0x02, 0x03, 0x05, 0x00, 0x04,
+ 0x40};
+ uint8_t id_sha384[] = {0x30, 0x41, 0x30, 0x0d, 0x06, 0x09,
+ 0x60, 0x86, 0x48, 0x01, 0x65, 0x03,
+ 0x04, 0x02, 0x02, 0x05, 0x00, 0x04,
+ 0x30};
+ uint8_t id_sha256[] = {0x30, 0x31, 0x30, 0x0d, 0x06, 0x09,
+ 0x60, 0x86, 0x48, 0x01, 0x65, 0x03,
+ 0x04, 0x02, 0x01, 0x05, 0x00, 0x04,
+ 0x20};
+ uint8_t id_sha224[] = {0x30, 0x2d, 0x30, 0x0d, 0x06, 0x09,
+ 0x60, 0x86, 0x48, 0x01, 0x65, 0x03,
+ 0x04, 0x02, 0x04, 0x05, 0x00, 0x04,
+ 0x1c};
+ uint8_t id_sha1[] = {0x30, 0x21, 0x30, 0x09, 0x06, 0x05,
+ 0x2b, 0x0e, 0x03, 0x02, 0x1a, 0x05,
+ 0x00, 0x04, 0x14};
+ uint8_t *id = NULL;
+ int id_len = 0;
+
+ switch (hash) {
+ case RTE_CRYPTO_AUTH_SHA1:
+ id = id_sha1;
+ id_len = sizeof(id_sha1);
+ break;
+ case RTE_CRYPTO_AUTH_SHA224:
+ id = id_sha224;
+ id_len = sizeof(id_sha224);
+ break;
+ case RTE_CRYPTO_AUTH_SHA256:
+ id = id_sha256;
+ id_len = sizeof(id_sha256);
+ break;
+ case RTE_CRYPTO_AUTH_SHA384:
+ id = id_sha384;
+ id_len = sizeof(id_sha384);
+ break;
+ case RTE_CRYPTO_AUTH_SHA512:
+ id = id_sha512;
+ id_len = sizeof(id_sha512);
+ break;
+ default:
+ id_len = -1;
+ break;
+ }
+
+ if (id != NULL)
+ rte_memcpy(buf, id, id_len);
+
+ return id_len;
+}
+
static int
prepare_rsa_op(void)
{
@@ -864,6 +921,27 @@ prepare_rsa_op(void)
asym->rsa.padding.hash = info.interim_info.rsa_data.auth;
if (env.digest) {
+ if (asym->rsa.padding.type == RTE_CRYPTO_RSA_PADDING_PKCS1_5) {
+ int b_len = 0;
+ uint8_t b[32];
+
+ b_len = get_hash_oid(asym->rsa.padding.hash, b);
+ if (b_len < 0) {
+ RTE_LOG(ERR, USER1, "Failed to get digest info for hash %d\n",
+ asym->rsa.padding.hash);
+ return -EINVAL;
+ }
+
+ if (b_len) {
+ msg.len = env.digest_len + b_len;
+ msg.val = rte_zmalloc(NULL, msg.len, 0);
+ rte_memcpy(msg.val, b, b_len);
+ rte_memcpy(msg.val + b_len, env.digest, env.digest_len);
+ rte_free(env.digest);
+ env.digest = msg.val;
+ env.digest_len = msg.len;
+ }
+ }
msg.val = env.digest;
msg.len = env.digest_len;
} else {
--
2.25.1