diff mbox series

[v2,3/3] test: rework rsa test implementation

Message ID	20190703153759.1508-4-arkadiuszx.kusztal@intel.com (mailing list archive)
State	Superseded, archived
Delegated to:	akhil goyal
Headers	From: Arek Kusztal <arkadiuszx.kusztal@intel.com> To: dev@dpdk.org Cc: akhil.goyal@nxp.com, fiona.trahe@intel.com, shally.verma@caviumnetworks.com, Arek Kusztal <arkadiuszx.kusztal@intel.com> Date: Wed, 3 Jul 2019 17:37:59 +0200 Message-Id: <20190703153759.1508-4-arkadiuszx.kusztal@intel.com> In-Reply-To: <20190703153759.1508-1-arkadiuszx.kusztal@intel.com> References: <20190703153759.1508-1-arkadiuszx.kusztal@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Subject: [dpdk-dev] [PATCH v2 3/3] test: rework rsa test implementation Precedence: list Errors-To: dev-bounces@dpdk.org Sender: "dev" <dev-bounces@dpdk.org>
Series	Rework API for RSA algorithm in asymmetric crypto \| [v2,0/3] Rework API for RSA algorithm in asymmetric crypto [v2,1/3] cryptodev: rework api of rsa algorithm [v2,2/3] crypto/openssl: rework openssl rsa implementation [v2,3/3] test: rework rsa test implementation

Checks

Context	Check	Description
ci/checkpatch	warning	coding style issues
ci/Intel-compilation	fail	apply issues

Commit Message

Arkadiusz Kusztal July 3, 2019, 3:37 p.m. UTC

  This commit reworks rsa test implementation to be conformant
to the RSA API.
Simulation of PKCS1_5 padding was added to be used with PADDING_NONE
option.

Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
---
 app/test/test_cryptodev_asym.c      | 44 ++++++++++++++++++++++++-------
 app/test/test_cryptodev_asym_util.h | 52 +++++++++++++++++++++++++++++++++++++
 2 files changed, 87 insertions(+), 9 deletions(-)

diff mbox series

Patch

diff --git a/app/test/test_cryptodev_asym.c b/app/test/test_cryptodev_asym.c
index fc92d3d..ae43861 100644
--- a/app/test/test_cryptodev_asym.c
+++ b/app/test/test_cryptodev_asym.c
@@ -402,7 +402,7 @@  test_rsa_sign_verify(void)
 	asym_op->rsa.message.data = input_buf;
 	asym_op->rsa.message.length = rsaplaintext.len;
 	asym_op->rsa.sign.data = output_buf;
-	asym_op->rsa.pad = RTE_CRYPTO_RSA_PKCS1_V1_5_BT1;
+	asym_op->rsa.padding = RTE_CRYPTO_RSA_PADDING_PKCS1;
 
 	debug_hexdump(stdout, "message", asym_op->rsa.message.data,
 			asym_op->rsa.message.length);
@@ -437,7 +437,7 @@  test_rsa_sign_verify(void)
 
 	/* Verify sign */
 	asym_op->rsa.op_type = RTE_CRYPTO_ASYM_OP_VERIFY;
-	asym_op->rsa.pad = RTE_CRYPTO_RSA_PKCS1_V1_5_BT2;
+	asym_op->rsa.padding = RTE_CRYPTO_RSA_PADDING_PKCS1;
 
 	/* Process crypto operation */
 	if (rte_cryptodev_enqueue_burst(dev_id, 0, &op, 1) != 1) {
@@ -483,7 +483,7 @@  test_rsa_sign_verify(void)
 }
 
 static int
-test_rsa_enc_dec(void)
+test_rsa_enc_dec(enum rte_crypto_rsa_padding_type padding)
 {
 	struct crypto_testsuite_params *ts_params = &testsuite_params;
 	struct rte_mempool *op_mpool = ts_params->op_mpool;
@@ -495,6 +495,7 @@  test_rsa_enc_dec(void)
 	struct rte_cryptodev_asym_session *sess = NULL;
 	int status = TEST_SUCCESS;
 	uint8_t input_buf[TEST_DATA_SIZE] = {0};
+	uint8_t cipher_buf[TEST_DATA_SIZE] = {0};
 
 	/* test case supports op with exponent key only,
 	 * Check in PMD feature flag for RSA exponent key type support.
@@ -542,12 +543,18 @@  test_rsa_enc_dec(void)
 	asym_op = op->asym;
 	/*Compute encryption on the test vector */
 	asym_op->rsa.op_type = RTE_CRYPTO_ASYM_OP_ENCRYPT;
-
-	memcpy(input_buf, rsaplaintext.data,
-			rsaplaintext.len);
 	asym_op->rsa.message.data = input_buf;
 	asym_op->rsa.message.length = rsaplaintext.len;
-	asym_op->rsa.pad = RTE_CRYPTO_RSA_PKCS1_V1_5_BT2;
+	asym_op->rsa.cipher.data = cipher_buf;
+	asym_op->rsa.cipher.length = 0;
+	asym_op->rsa.padding = padding;
+	if (padding == RTE_CRYPTO_RSA_PADDING_NONE) {
+		rsa_simulate_pkcs1_5_padding(0, input_buf, rsa_xform.rsa.n.length,
+				rsaplaintext.data, rsaplaintext.len);
+		asym_op->rsa.message.length = rsa_xform.rsa.n.length;
+	} else
+		memcpy(input_buf, rsaplaintext.data,
+				rsaplaintext.len);
 
 	debug_hexdump(stdout, "message", asym_op->rsa.message.data,
 			asym_op->rsa.message.length);
@@ -581,7 +588,7 @@  test_rsa_enc_dec(void)
 	/* Use the resulted output as decryption Input vector*/
 	asym_op = result_op->asym;
 	asym_op->rsa.op_type = RTE_CRYPTO_ASYM_OP_DECRYPT;
-	asym_op->rsa.pad = RTE_CRYPTO_RSA_PKCS1_V1_5_BT1;
+	asym_op->rsa.padding = padding;
 
 	/* Process crypto operation */
 	if (rte_cryptodev_enqueue_burst(dev_id, 0, &op, 1) != 1) {
@@ -604,7 +611,15 @@  test_rsa_enc_dec(void)
 	}
 	status = TEST_SUCCESS;
 	int ret = 0;
+
+	if (padding == RTE_CRYPTO_RSA_PADDING_NONE) {
+		result_op->asym->rsa.message.length =
+				rsa_simulate_strip_pkcs1_5_padding(result_op->asym->rsa.message.data,
+				rsa_xform.rsa.n.length);
+	}
+
 	ret = rsa_verify(&rsaplaintext, result_op);
+
 	if (ret)
 		status = TEST_FAILED;
 
@@ -624,6 +639,16 @@  test_rsa_enc_dec(void)
 }
 
 static int
+test_rsa_enc_dec_pkcs_1(void){
+	return test_rsa_enc_dec(RTE_CRYPTO_RSA_PADDING_PKCS1);
+}
+
+static int
+test_rsa_enc_dec_pkcs_1_none(void){
+	return test_rsa_enc_dec(RTE_CRYPTO_RSA_PADDING_NONE);
+}
+
+static int
 testsuite_setup(void)
 {
 	struct crypto_testsuite_params *ts_params = &testsuite_params;
@@ -1684,7 +1709,8 @@  static struct unit_test_suite cryptodev_openssl_asym_testsuite  = {
 		TEST_CASE_ST(ut_setup, ut_teardown, test_capability),
 		TEST_CASE_ST(ut_setup, ut_teardown, test_dsa),
 		TEST_CASE_ST(ut_setup, ut_teardown, test_dh_keygenration),
-		TEST_CASE_ST(ut_setup, ut_teardown, test_rsa_enc_dec),
+		TEST_CASE_ST(ut_setup, ut_teardown, test_rsa_enc_dec_pkcs_1),
+		TEST_CASE_ST(ut_setup, ut_teardown, test_rsa_enc_dec_pkcs_1_none),
 		TEST_CASE_ST(ut_setup, ut_teardown, test_rsa_sign_verify),
 		TEST_CASE_ST(ut_setup, ut_teardown, test_mod_inv),
 		TEST_CASE_ST(ut_setup, ut_teardown, test_mod_exp),
diff --git a/app/test/test_cryptodev_asym_util.h b/app/test/test_cryptodev_asym_util.h
index b3d9fb4..484b967 100644
--- a/app/test/test_cryptodev_asym_util.h
+++ b/app/test/test_cryptodev_asym_util.h
@@ -7,6 +7,58 @@ 
 
 /* Below Apis compare resulted buffer to original test vector */
 
+/*
+ * Two functions below simulate pkcs 1.5 padding and serves only as an example,
+ * both offer no security.
+ */
+static inline int rsa_simulate_pkcs1_5_padding(int op, uint8_t *p,
+		int key_size, const uint8_t *src, int len) {
+
+	int ps_len;
+
+	if (len > key_size - 11)
+		return -1;
+	ps_len = key_size - len - 3;
+
+	*(p++) = 0;
+	*(p++) = op ? 1 : 2;
+	if (op) {
+		while (ps_len--)
+			*p = 0xFF;
+	} else {
+		while (ps_len--) {
+			*p = (uint8_t)rand();
+			*p ^= !(*p);
+			p++;
+		}
+	}
+
+	*(p++) = 0;
+	memcpy(p, src, len);
+
+	return 0;
+}
+
+static inline int rsa_simulate_strip_pkcs1_5_padding(uint8_t *src,
+		int key_size) {
+	uint8_t tmp[key_size], *orig_src = src;
+	int i = 1;
+	++src;
+	while (*(src) && i < key_size) {
+		++i;
+		++src;
+	}
+	if (i == key_size)
+		return -1;
+
+	++i;
+	++src;
+
+	memcpy(tmp, src, key_size - i);
+	memcpy(orig_src, tmp, key_size - i);
+	return key_size - i;
+}
+
 static inline int rsa_verify(struct rsa_test_data *rsa_param,
 		struct rte_crypto_op *result_op)
 {