From patchwork Thu Aug 10 09:35:27 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gowrishankar Muthukrishnan X-Patchwork-Id: 130069 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@inbox.dpdk.org Delivered-To: patchwork@inbox.dpdk.org Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 7B61F4301B; Thu, 10 Aug 2023 11:36:12 +0200 (CEST) Received: from mails.dpdk.org (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id B80C543262; Thu, 10 Aug 2023 11:35:53 +0200 (CEST) Received: from mx0b-0016f401.pphosted.com (mx0a-0016f401.pphosted.com [67.231.148.174]) by mails.dpdk.org (Postfix) with ESMTP id AF6CF4326C for ; Thu, 10 Aug 2023 11:35:51 +0200 (CEST) Received: from pps.filterd (m0045849.ppops.net [127.0.0.1]) by mx0a-0016f401.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 37A57PsC014697; Thu, 10 Aug 2023 02:35:51 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding : content-type; s=pfpt0220; bh=0NElUgw/vDp38IIkjQ4fqyTQ5sUKZzpcLSPSZXs3YmE=; b=CnzMkJ28XpTwUzXyUvyuPUDj7yLcnbLmBJ7/wDXF0frLbm1OkOMnCg//O3oWPMNiiKzJ MQw0ZdwPYADRvrE+ulYlB8MSVUSIITq41hb0nno1RTbn9bVJuUe3wCDAeiRCPZq0bQkC NFIyvC7PqcANTO4CPeuOfCKTUEFQ49rtnYV/8OPFpNl/+L7AzUbIpt8BDr/DBekqQzyh qe7/mK35YBOj1H9vdQE+rbyAURw/1ZXLr+uOjnfUABkb1XcN06oK4FnV49FbKIZHXcJX bqUuKOejO8iObwNVWW4ySqQMDgWvjsr8kC245ScTKkcln/baDVYWuSXFXU86KiY4WHPy lw== Received: from dc5-exch01.marvell.com ([199.233.59.181]) by mx0a-0016f401.pphosted.com (PPS) with ESMTPS id 3sc57snqrv-2 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Thu, 10 Aug 2023 02:35:50 -0700 Received: from DC5-EXCH02.marvell.com (10.69.176.39) by DC5-EXCH01.marvell.com (10.69.176.38) with Microsoft SMTP Server (TLS) id 15.0.1497.48; Thu, 10 Aug 2023 02:35:49 -0700 Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH02.marvell.com (10.69.176.39) with Microsoft SMTP Server id 15.0.1497.48 via Frontend Transport; Thu, 10 Aug 2023 02:35:49 -0700 Received: from BG-LT91401.marvell.com (BG-LT91401.marvell.com [10.28.168.34]) by maili.marvell.com (Postfix) with ESMTP id F26573F70AF; Thu, 10 Aug 2023 02:35:46 -0700 (PDT) From: Gowrishankar Muthukrishnan To: CC: , Akhil Goyal , Fan Zhang , Kai Ji , "Gowrishankar Muthukrishnan" Subject: [v1 5/6] app/test: check asymmetric capabilities in SM2 test Date: Thu, 10 Aug 2023 15:05:27 +0530 Message-ID: X-Mailer: git-send-email 2.21.0 In-Reply-To: References: MIME-Version: 1.0 X-Proofpoint-GUID: 3XRmxq4vBv9QROIRys-97jXnE_2x1KjY X-Proofpoint-ORIG-GUID: 3XRmxq4vBv9QROIRys-97jXnE_2x1KjY X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.267,Aquarius:18.0.957,Hydra:6.0.591,FMLib:17.11.176.26 definitions=2023-08-10_09,2023-08-09_01,2023-05-22_02 X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Check asymmetric capabilities such as SM3 hash support and internal RNG and accordingly choose op params for SM2 test. Signed-off-by: Gowrishankar Muthukrishnan Acked-by: Arkadiusz Kusztal --- app/test/test_cryptodev_asym.c | 127 ++++++++++++++------- app/test/test_cryptodev_sm2_test_vectors.h | 28 +++-- 2 files changed, 103 insertions(+), 52 deletions(-) diff --git a/app/test/test_cryptodev_asym.c b/app/test/test_cryptodev_asym.c index b08772a9bf..1f39b1f017 100644 --- a/app/test/test_cryptodev_asym.c +++ b/app/test/test_cryptodev_asym.c @@ -608,6 +608,7 @@ static inline void print_asym_capa( break; case RTE_CRYPTO_ASYM_XFORM_ECDSA: case RTE_CRYPTO_ASYM_XFORM_ECPM: + case RTE_CRYPTO_ASYM_XFORM_SM2: default: break; } @@ -1806,12 +1807,14 @@ test_ecpm_all_curve(void) } static int -_test_sm2_sign(bool rnd_secret) +test_sm2_sign(void) { struct crypto_testsuite_params_asym *ts_params = &testsuite_params; struct crypto_testsuite_sm2_params input_params = sm2_param_fp256; + const struct rte_cryptodev_asymmetric_xform_capability *capa; struct rte_mempool *sess_mpool = ts_params->session_mpool; struct rte_mempool *op_mpool = ts_params->op_mpool; + struct rte_cryptodev_asym_capability_idx idx; uint8_t dev_id = ts_params->valid_devs[0]; struct rte_crypto_op *result_op = NULL; uint8_t output_buf_r[TEST_DATA_SIZE]; @@ -1822,6 +1825,12 @@ _test_sm2_sign(bool rnd_secret) int ret, status = TEST_SUCCESS; void *sess = NULL; + /* Check SM2 capability */ + idx.type = RTE_CRYPTO_ASYM_XFORM_SM2; + capa = rte_cryptodev_asym_capability_get(dev_id, &idx); + if (capa == NULL) + return -ENOTSUP; + /* Setup crypto op data structure */ op = rte_crypto_op_alloc(op_mpool, RTE_CRYPTO_OP_TYPE_ASYMMETRIC); if (op == NULL) { @@ -1839,7 +1848,10 @@ _test_sm2_sign(bool rnd_secret) xform.next = NULL; xform.xform_type = RTE_CRYPTO_ASYM_XFORM_SM2; xform.ec.curve_id = input_params.curve; - xform.ec.hash = RTE_CRYPTO_AUTH_SM3; + if (rte_cryptodev_asym_xform_capability_check_hash(capa, RTE_CRYPTO_AUTH_SM3)) + xform.ec.hash = RTE_CRYPTO_AUTH_SM3; + else + xform.ec.hash = RTE_CRYPTO_AUTH_NULL; ret = rte_cryptodev_asym_session_create(dev_id, &xform, sess_mpool, &sess); if (ret < 0) { @@ -1857,17 +1869,25 @@ _test_sm2_sign(bool rnd_secret) /* Populate op with operational details */ asym_op->sm2.op_type = RTE_CRYPTO_ASYM_OP_SIGN; - asym_op->sm2.message.data = input_params.message.data; - asym_op->sm2.message.length = input_params.message.length; + if (xform.ec.hash == RTE_CRYPTO_AUTH_SM3) { + asym_op->sm2.message.data = input_params.message.data; + asym_op->sm2.message.length = input_params.message.length; + asym_op->sm2.id.data = input_params.id.data; + asym_op->sm2.id.length = input_params.id.length; + } else { + asym_op->sm2.message.data = input_params.digest.data; + asym_op->sm2.message.length = input_params.digest.length; + asym_op->sm2.id.data = NULL; + asym_op->sm2.id.length = 0; + } + asym_op->sm2.pkey.data = input_params.pkey.data; asym_op->sm2.pkey.length = input_params.pkey.length; asym_op->sm2.q.x.data = input_params.pubkey_qx.data; asym_op->sm2.q.x.length = input_params.pubkey_qx.length; asym_op->sm2.q.y.data = input_params.pubkey_qy.data; asym_op->sm2.q.y.length = input_params.pubkey_qy.length; - asym_op->sm2.id.data = input_params.id.data; - asym_op->sm2.id.length = input_params.id.length; - if (rnd_secret) { + if (capa->internal_rng != 0) { asym_op->sm2.k.data = NULL; asym_op->sm2.k.length = 0; } else { @@ -1916,7 +1936,7 @@ _test_sm2_sign(bool rnd_secret) debug_hexdump(stdout, "s:", asym_op->sm2.s.data, asym_op->sm2.s.length); - if (!rnd_secret) { + if (capa->internal_rng == 0) { /* Verify sign (by comparison). */ if (memcmp(input_params.sign_r.data, asym_op->sm2.r.data, asym_op->sm2.r.length) != 0) { @@ -1977,25 +1997,15 @@ _test_sm2_sign(bool rnd_secret) return status; }; -static int -test_sm2_sign_rnd_secret(void) -{ - return _test_sm2_sign(true); -} - -__rte_used static int -test_sm2_sign_plain_secret(void) -{ - return _test_sm2_sign(false); -} - static int test_sm2_verify(void) { struct crypto_testsuite_params_asym *ts_params = &testsuite_params; struct crypto_testsuite_sm2_params input_params = sm2_param_fp256; + const struct rte_cryptodev_asymmetric_xform_capability *capa; struct rte_mempool *sess_mpool = ts_params->session_mpool; struct rte_mempool *op_mpool = ts_params->op_mpool; + struct rte_cryptodev_asym_capability_idx idx; uint8_t dev_id = ts_params->valid_devs[0]; struct rte_crypto_op *result_op = NULL; struct rte_crypto_asym_xform xform; @@ -2004,6 +2014,12 @@ test_sm2_verify(void) int ret, status = TEST_SUCCESS; void *sess = NULL; + /* Check SM2 capability */ + idx.type = RTE_CRYPTO_ASYM_XFORM_SM2; + capa = rte_cryptodev_asym_capability_get(dev_id, &idx); + if (capa == NULL) + return -ENOTSUP; + /* Setup crypto op data structure */ op = rte_crypto_op_alloc(op_mpool, RTE_CRYPTO_OP_TYPE_ASYMMETRIC); if (op == NULL) { @@ -2021,7 +2037,10 @@ test_sm2_verify(void) xform.next = NULL; xform.xform_type = RTE_CRYPTO_ASYM_XFORM_SM2; xform.ec.curve_id = input_params.curve; - xform.ec.hash = RTE_CRYPTO_AUTH_SM3; + if (rte_cryptodev_asym_xform_capability_check_hash(capa, RTE_CRYPTO_AUTH_SM3)) + xform.ec.hash = RTE_CRYPTO_AUTH_SM3; + else + xform.ec.hash = RTE_CRYPTO_AUTH_NULL; ret = rte_cryptodev_asym_session_create(dev_id, &xform, sess_mpool, &sess); if (ret < 0) { @@ -2039,8 +2058,18 @@ test_sm2_verify(void) /* Populate op with operational details */ asym_op->sm2.op_type = RTE_CRYPTO_ASYM_OP_VERIFY; - asym_op->sm2.message.data = input_params.message.data; - asym_op->sm2.message.length = input_params.message.length; + if (xform.ec.hash == RTE_CRYPTO_AUTH_SM3) { + asym_op->sm2.message.data = input_params.message.data; + asym_op->sm2.message.length = input_params.message.length; + asym_op->sm2.id.data = input_params.id.data; + asym_op->sm2.id.length = input_params.id.length; + } else { + asym_op->sm2.message.data = input_params.digest.data; + asym_op->sm2.message.length = input_params.digest.length; + asym_op->sm2.id.data = NULL; + asym_op->sm2.id.length = 0; + } + asym_op->sm2.pkey.data = input_params.pkey.data; asym_op->sm2.pkey.length = input_params.pkey.length; asym_op->sm2.q.x.data = input_params.pubkey_qx.data; @@ -2051,8 +2080,6 @@ test_sm2_verify(void) asym_op->sm2.r.length = input_params.sign_r.length; asym_op->sm2.s.data = input_params.sign_s.data; asym_op->sm2.s.length = input_params.sign_s.length; - asym_op->sm2.id.data = input_params.id.data; - asym_op->sm2.id.length = input_params.id.length; RTE_LOG(DEBUG, USER1, "Process ASYM operation\n"); @@ -2092,13 +2119,15 @@ test_sm2_verify(void) }; static int -_test_sm2_enc(bool rnd_secret) +test_sm2_enc(void) { struct crypto_testsuite_params_asym *ts_params = &testsuite_params; struct crypto_testsuite_sm2_params input_params = sm2_param_fp256; + const struct rte_cryptodev_asymmetric_xform_capability *capa; struct rte_mempool *sess_mpool = ts_params->session_mpool; struct rte_mempool *op_mpool = ts_params->op_mpool; uint8_t output_buf[TEST_DATA_SIZE], *pbuf = NULL; + struct rte_cryptodev_asym_capability_idx idx; uint8_t dev_id = ts_params->valid_devs[0]; struct rte_crypto_op *result_op = NULL; struct rte_crypto_asym_xform xform; @@ -2107,6 +2136,12 @@ _test_sm2_enc(bool rnd_secret) int ret, status = TEST_SUCCESS; void *sess = NULL; + /* Check SM2 capability */ + idx.type = RTE_CRYPTO_ASYM_XFORM_SM2; + capa = rte_cryptodev_asym_capability_get(dev_id, &idx); + if (capa == NULL) + return -ENOTSUP; + /* Setup crypto op data structure */ op = rte_crypto_op_alloc(op_mpool, RTE_CRYPTO_OP_TYPE_ASYMMETRIC); if (op == NULL) { @@ -2123,7 +2158,10 @@ _test_sm2_enc(bool rnd_secret) xform.next = NULL; xform.xform_type = RTE_CRYPTO_ASYM_XFORM_SM2; xform.ec.curve_id = input_params.curve; - xform.ec.hash = RTE_CRYPTO_AUTH_SM3; + if (rte_cryptodev_asym_xform_capability_check_hash(capa, RTE_CRYPTO_AUTH_SM3)) + xform.ec.hash = RTE_CRYPTO_AUTH_SM3; + else + xform.ec.hash = RTE_CRYPTO_AUTH_NULL; ret = rte_cryptodev_asym_session_create(dev_id, &xform, sess_mpool, &sess); if (ret < 0) { @@ -2149,7 +2187,7 @@ _test_sm2_enc(bool rnd_secret) asym_op->sm2.q.x.length = input_params.pubkey_qx.length; asym_op->sm2.q.y.data = input_params.pubkey_qy.data; asym_op->sm2.q.y.length = input_params.pubkey_qy.length; - if (rnd_secret) { + if (capa->internal_rng != 0) { asym_op->sm2.k.data = NULL; asym_op->sm2.k.length = 0; } else { @@ -2195,7 +2233,7 @@ _test_sm2_enc(bool rnd_secret) debug_hexdump(stdout, "cipher:", asym_op->sm2.cipher.data, asym_op->sm2.cipher.length); - if (!rnd_secret) { + if (capa->internal_rng == 0) { if (memcmp(input_params.cipher.data, asym_op->sm2.cipher.data, asym_op->sm2.cipher.length) != 0) { status = TEST_FAILED; @@ -2259,25 +2297,15 @@ _test_sm2_enc(bool rnd_secret) return status; }; -static int -test_sm2_enc_rnd_secret(void) -{ - return _test_sm2_enc(true); -} - -__rte_used static int -test_sm2_enc_plain_secret(void) -{ - return _test_sm2_enc(false); -} - static int test_sm2_dec(void) { struct crypto_testsuite_params_asym *ts_params = &testsuite_params; struct crypto_testsuite_sm2_params input_params = sm2_param_fp256; + const struct rte_cryptodev_asymmetric_xform_capability *capa; struct rte_mempool *sess_mpool = ts_params->session_mpool; struct rte_mempool *op_mpool = ts_params->op_mpool; + struct rte_cryptodev_asym_capability_idx idx; uint8_t dev_id = ts_params->valid_devs[0]; struct rte_crypto_op *result_op = NULL; uint8_t output_buf_m[TEST_DATA_SIZE]; @@ -2287,6 +2315,12 @@ test_sm2_dec(void) int ret, status = TEST_SUCCESS; void *sess = NULL; + /* Check SM2 capability */ + idx.type = RTE_CRYPTO_ASYM_XFORM_SM2; + capa = rte_cryptodev_asym_capability_get(dev_id, &idx); + if (capa == NULL) + return -ENOTSUP; + /* Setup crypto op data structure */ op = rte_crypto_op_alloc(op_mpool, RTE_CRYPTO_OP_TYPE_ASYMMETRIC); if (op == NULL) { @@ -2303,7 +2337,10 @@ test_sm2_dec(void) xform.next = NULL; xform.xform_type = RTE_CRYPTO_ASYM_XFORM_SM2; xform.ec.curve_id = input_params.curve; - xform.ec.hash = RTE_CRYPTO_AUTH_SM3; + if (rte_cryptodev_asym_xform_capability_check_hash(capa, RTE_CRYPTO_AUTH_SM3)) + xform.ec.hash = RTE_CRYPTO_AUTH_SM3; + else + xform.ec.hash = RTE_CRYPTO_AUTH_NULL; ret = rte_cryptodev_asym_session_create(dev_id, &xform, sess_mpool, &sess); if (ret < 0) { @@ -2689,9 +2726,9 @@ static struct unit_test_suite cryptodev_openssl_asym_testsuite = { TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, test_dsa), TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, test_dh_keygenration), - TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, test_sm2_sign_rnd_secret), + TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, test_sm2_sign), TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, test_sm2_verify), - TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, test_sm2_enc_rnd_secret), + TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, test_sm2_enc), TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, test_sm2_dec), TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, test_rsa_enc_dec), TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, @@ -2755,6 +2792,8 @@ static struct unit_test_suite cryptodev_octeontx_asym_testsuite = { TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, test_mod_exp), TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, test_ecdsa_sign_verify_all_curve), + TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, test_sm2_sign), + TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, test_sm2_verify), TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, test_ecpm_all_curve), TEST_CASES_END() /**< NULL terminate unit test array */ diff --git a/app/test/test_cryptodev_sm2_test_vectors.h b/app/test/test_cryptodev_sm2_test_vectors.h index 3d2dba1359..41f5f7074a 100644 --- a/app/test/test_cryptodev_sm2_test_vectors.h +++ b/app/test/test_cryptodev_sm2_test_vectors.h @@ -17,6 +17,7 @@ struct crypto_testsuite_sm2_params { rte_crypto_param id; rte_crypto_param cipher; rte_crypto_param message; + rte_crypto_param digest; int curve; }; @@ -46,17 +47,17 @@ static uint8_t fp256_k[] = { }; static uint8_t fp256_sign_r[] = { - 0xf3, 0x26, 0x10, 0xde, 0xfb, 0xbf, 0x13, 0xd4, - 0x73, 0xb1, 0xc2, 0x80, 0x51, 0x06, 0x29, 0xf9, - 0xfb, 0xc8, 0x11, 0xa7, 0x8d, 0x2c, 0xcb, 0x09, - 0x7c, 0xb2, 0xcf, 0x58, 0x0b, 0x5e, 0x25, 0xff + 0x75, 0x2B, 0x8C, 0x15, 0x38, 0x10, 0xF6, 0xC0, + 0x28, 0xC9, 0x8A, 0x51, 0xD0, 0x62, 0x69, 0x4B, + 0xF6, 0x58, 0x06, 0xEB, 0xF1, 0x91, 0x1F, 0x15, + 0x8B, 0x08, 0x09, 0xF9, 0x88, 0x0A, 0x44, 0x24 }; static uint8_t fp256_sign_s[] = { - 0x8d, 0x8d, 0xb5, 0x40, 0xe3, 0xfb, 0x98, 0xf9, - 0x8c, 0xe4, 0x58, 0x60, 0xf2, 0x78, 0x8f, 0xd9, - 0xbf, 0xb8, 0x47, 0x73, 0x88, 0xc1, 0xd1, 0xcd, - 0x2d, 0xdb, 0xe3, 0xc1, 0x44, 0x30, 0x25, 0x86 + 0x5A, 0x3C, 0x96, 0x3E, 0x1C, 0xB4, 0x19, 0xF9, + 0xD7, 0x78, 0xB8, 0xCE, 0xFF, 0x9D, 0xB1, 0x31, + 0x77, 0xDB, 0xA0, 0xFE, 0x84, 0x61, 0x1A, 0xD9, + 0x4E, 0xFF, 0x82, 0x13, 0x1C, 0xCA, 0x04, 0x75, }; static uint8_t fp256_id[] = { @@ -68,6 +69,13 @@ static uint8_t fp256_message[] = { 0x64, 0x69, 0x67, 0x65, 0x73, 0x74 }; +static uint8_t fp256_digest[] = { + 0x0F, 0xB5, 0xCE, 0xF3, 0x3C, 0xB7, 0xD1, 0x35, + 0xA9, 0x3A, 0xC7, 0xA7, 0x89, 0x2A, 0x6D, 0x9A, + 0xF3, 0x1E, 0xC5, 0x38, 0xD3, 0x65, 0x1B, 0xB9, + 0xDF, 0x5F, 0x7F, 0x4A, 0xD8, 0x89, 0x57, 0xF1 +}; + static uint8_t fp256_cipher[] = { 0x30, 0x78, 0x02, 0x21, 0x00, 0xAB, 0xBD, 0xE8, 0xE8, 0x80, 0x93, 0x36, 0x77, 0xB6, 0x44, 0x47, @@ -121,6 +129,10 @@ struct crypto_testsuite_sm2_params sm2_param_fp256 = { .data = fp256_message, .length = sizeof(fp256_message), }, + .digest = { + .data = fp256_digest, + .length = sizeof(fp256_digest), + }, .cipher = { .data = fp256_cipher, .length = sizeof(fp256_cipher),