[v1,2/3] test/test_cryptodev_asym: add SM2 tests
Checks
Commit Message
Add SM2 tests.
Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
---
app/test/test_cryptodev_asym.c | 506 +++++++++++++++++++++
app/test/test_cryptodev_sm2_test_vectors.h | 120 +++++
2 files changed, 626 insertions(+)
create mode 100644 app/test/test_cryptodev_sm2_test_vectors.h
Comments
Hi Gowri,
> Subject: [v1, 2/3] test/test_cryptodev_asym: add SM2 tests
>
Title should be
test/crypto: add asymmetric SM2 cases
> Add SM2 tests.
Added test cases and test vectors for asymmetric SM2 crypto verification.
Cases are added for sign/verify/encrypt/decrypt.
If you have the reference from where the vectors are taken it can also be mentioned.
>
> Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
> ---
> app/test/test_cryptodev_asym.c | 506 +++++++++++++++++++++
> app/test/test_cryptodev_sm2_test_vectors.h | 120 +++++
> 2 files changed, 626 insertions(+)
> create mode 100644 app/test/test_cryptodev_sm2_test_vectors.h
>
> diff --git a/app/test/test_cryptodev_asym.c b/app/test/test_cryptodev_asym.c
> index 9236817650..bfaeedee27 100644
> --- a/app/test/test_cryptodev_asym.c
> +++ b/app/test/test_cryptodev_asym.c
> @@ -21,6 +21,7 @@
> #include "test_cryptodev_ecpm_test_vectors.h"
> #include "test_cryptodev_mod_test_vectors.h"
> #include "test_cryptodev_rsa_test_vectors.h"
> +#include "test_cryptodev_sm2_test_vectors.h"
> #include "test_cryptodev_asym_util.h"
> #include "test.h"
>
> @@ -2196,6 +2197,507 @@ test_ecpm_all_curve(void)
> return overall_status;
> }
>
> +static int
> +test_sm2_sign(void)
> +{
> + struct crypto_testsuite_params_asym *ts_params = &testsuite_params;
> + struct crypto_testsuite_sm2_params input_params =
> sm2_param_fp256;
> + struct rte_mempool *sess_mpool = ts_params->session_mpool;
> + struct rte_mempool *op_mpool = ts_params->op_mpool;
> + uint8_t dev_id = ts_params->valid_devs[0];
> + struct rte_crypto_op *result_op = NULL;
> + uint8_t output_buf_r[TEST_DATA_SIZE];
> + uint8_t output_buf_s[TEST_DATA_SIZE];
> + struct rte_crypto_asym_xform xform;
> + struct rte_crypto_asym_op *asym_op;
> + struct rte_cryptodev_info dev_info;
> + struct rte_crypto_op *op = NULL;
> + int ret, status = TEST_SUCCESS;
> + void *sess = NULL;
> +
> + rte_cryptodev_info_get(dev_id, &dev_info);
dev_info is being unused. Not checking for capabilities?
> +
> + /* Setup crypto op data structure */
> + op = rte_crypto_op_alloc(op_mpool,
> RTE_CRYPTO_OP_TYPE_ASYMMETRIC);
> + if (op == NULL) {
> + RTE_LOG(ERR, USER1,
> + "line %u FAILED: %s", __LINE__,
> + "Failed to allocate asymmetric crypto "
> + "operation struct\n");
> + status = TEST_FAILED;
> + goto exit;
> + }
> + asym_op = op->asym;
> +
> + /* Setup asym xform */
> + xform.next = NULL;
> + xform.xform_type = RTE_CRYPTO_ASYM_XFORM_SM2;
> + xform.sm2.pkey.data = input_params.pkey.data;
> + xform.sm2.pkey.length = input_params.pkey.length;
> + xform.sm2.q.x.data = input_params.pubkey_qx.data;
> + xform.sm2.q.x.length = input_params.pubkey_qx.length;
> + xform.sm2.q.y.data = input_params.pubkey_qy.data;
> + xform.sm2.q.y.length = input_params.pubkey_qy.length;
> +
> + ret = rte_cryptodev_asym_session_create(dev_id, &xform, sess_mpool,
> &sess);
> + if (ret < 0) {
> + RTE_LOG(ERR, USER1,
> + "line %u FAILED: %s", __LINE__,
> + "Session creation failed\n");
> + status = (ret == -ENOTSUP) ? TEST_SKIPPED : TEST_FAILED;
> + goto exit;
> + }
> +
> + /* Attach asymmetric crypto session to crypto operations */
> + rte_crypto_op_attach_asym_session(op, sess);
> +
> + /* Compute sign */
> +
> + /* Populate op with operational details */
> + op->asym->sm2.op_type = RTE_CRYPTO_ASYM_OP_SIGN;
> + op->asym->sm2.message.data = input_params.message.data;
> + op->asym->sm2.message.length = input_params.message.length;
> + op->asym->sm2.id.data = input_params.id.data;
> + op->asym->sm2.id.length = input_params.id.length;
> +
> + /* Init out buf */
> + op->asym->sm2.r.data = output_buf_r;
> + op->asym->sm2.s.data = output_buf_s;
> +
> + RTE_LOG(DEBUG, USER1, "Process ASYM operation\n");
> +
> + /* Process crypto operation */
> + if (rte_cryptodev_enqueue_burst(dev_id, 0, &op, 1) != 1) {
> + RTE_LOG(ERR, USER1,
> + "line %u FAILED: %s", __LINE__,
> + "Error sending packet for operation\n");
> + status = TEST_FAILED;
> + goto exit;
> + }
> +
> + while (rte_cryptodev_dequeue_burst(dev_id, 0, &result_op, 1) == 0)
> + rte_pause();
Shouldn't this be a finite loop and mark test as failed after some retries?
> +
> + if (result_op == NULL) {
> + RTE_LOG(ERR, USER1,
> + "line %u FAILED: %s", __LINE__,
> + "Failed to process asym crypto op\n");
> + status = TEST_FAILED;
> + goto exit;
> + }
> +
> + if (result_op->status != RTE_CRYPTO_OP_STATUS_SUCCESS) {
> + RTE_LOG(ERR, USER1,
> + "line %u FAILED: %s", __LINE__,
> + "Failed to process asym crypto op\n");
> + status = TEST_FAILED;
> + goto exit;
> + }
> +
> + asym_op = result_op->asym;
> +
> + debug_hexdump(stdout, "r:",
> + asym_op->sm2.r.data, asym_op->sm2.r.length);
> + debug_hexdump(stdout, "s:",
> + asym_op->sm2.s.data, asym_op->sm2.s.length);
> +
> + /* Verify sign (in roundtrip) */
> +
> + /* Populate op with operational details */
> + op->asym->sm2.op_type = RTE_CRYPTO_ASYM_OP_VERIFY;
> +
> + /* Enqueue sign result for verify */
> + if (rte_cryptodev_enqueue_burst(dev_id, 0, &op, 1) != 1) {
> + status = TEST_FAILED;
> + RTE_LOG(ERR, USER1,
> + "line %u FAILED: %s", __LINE__,
> + "Error sending packet for operation\n");
> + goto exit;
> + }
> +
> + while (rte_cryptodev_dequeue_burst(dev_id, 0, &result_op, 1) == 0)
> + rte_pause();
> +
> + if (result_op == NULL) {
> + status = TEST_FAILED;
> + goto exit;
> + }
> + if (result_op->status != RTE_CRYPTO_OP_STATUS_SUCCESS) {
> + status = TEST_FAILED;
> + RTE_LOG(ERR, USER1,
> + "line %u FAILED: %s", __LINE__,
> + "SM2 verify failed.\n");
> + goto exit;
> + }
> +
> +exit:
> + if (sess != NULL)
> + rte_cryptodev_asym_session_free(dev_id, sess);
> + rte_crypto_op_free(op);
> + return status;
> +};
> +
> +static int
> +test_sm2_verify(void)
> +{
> + struct crypto_testsuite_params_asym *ts_params = &testsuite_params;
> + struct crypto_testsuite_sm2_params input_params =
> sm2_param_fp256;
> + struct rte_mempool *sess_mpool = ts_params->session_mpool;
> + struct rte_mempool *op_mpool = ts_params->op_mpool;
> + uint8_t dev_id = ts_params->valid_devs[0];
> + struct rte_crypto_op *result_op = NULL;
> + struct rte_crypto_asym_xform xform;
> + struct rte_cryptodev_info dev_info;
> + struct rte_crypto_op *op = NULL;
> + int ret, status = TEST_SUCCESS;
> + void *sess = NULL;
> +
> + rte_cryptodev_info_get(dev_id, &dev_info);
> +
> + /* Setup crypto op data structure */
> + op = rte_crypto_op_alloc(op_mpool,
> RTE_CRYPTO_OP_TYPE_ASYMMETRIC);
> + if (op == NULL) {
> + RTE_LOG(ERR, USER1,
> + "line %u FAILED: %s", __LINE__,
> + "Failed to allocate asymmetric crypto "
> + "operation struct\n");
> + status = TEST_FAILED;
> + goto exit;
> + }
> +
> + /* Setup asym xform */
> + xform.next = NULL;
> + xform.xform_type = RTE_CRYPTO_ASYM_XFORM_SM2;
> + xform.sm2.q.x.data = input_params.pubkey_qx.data;
> + xform.sm2.q.x.length = input_params.pubkey_qx.length;
> + xform.sm2.q.y.data = input_params.pubkey_qy.data;
> + xform.sm2.q.y.length = input_params.pubkey_qy.length;
> +
> + ret = rte_cryptodev_asym_session_create(dev_id, &xform, sess_mpool,
> &sess);
> + if (ret < 0) {
> + RTE_LOG(ERR, USER1,
> + "line %u FAILED: %s", __LINE__,
> + "Session creation failed\n");
> + status = (ret == -ENOTSUP) ? TEST_SKIPPED : TEST_FAILED;
> + goto exit;
> + }
> +
> + /* Attach asymmetric crypto session to crypto operations */
> + rte_crypto_op_attach_asym_session(op, sess);
> +
> + /* Verify given sign */
> +
> + /* Populate op with operational details */
> + op->asym->sm2.op_type = RTE_CRYPTO_ASYM_OP_VERIFY;
> + op->asym->sm2.message.data = input_params.message.data;
> + op->asym->sm2.message.length = input_params.message.length;
> + op->asym->sm2.r.data = input_params.sign_r.data;
> + op->asym->sm2.r.length = input_params.sign_r.length;
> + op->asym->sm2.s.data = input_params.sign_s.data;
> + op->asym->sm2.s.length = input_params.sign_s.length;
> + op->asym->sm2.id.data = input_params.id.data;
> + op->asym->sm2.id.length = input_params.id.length;
> +
> + RTE_LOG(DEBUG, USER1, "Process ASYM operation\n");
> +
> + /* Process crypto operation */
> + if (rte_cryptodev_enqueue_burst(dev_id, 0, &op, 1) != 1) {
> + RTE_LOG(ERR, USER1,
> + "line %u FAILED: %s", __LINE__,
> + "Error sending packet for operation\n");
> + status = TEST_FAILED;
> + goto exit;
> + }
> +
> + while (rte_cryptodev_dequeue_burst(dev_id, 0, &result_op, 1) == 0)
> + rte_pause();
> +
> + if (result_op == NULL) {
> + RTE_LOG(ERR, USER1,
> + "line %u FAILED: %s", __LINE__,
> + "Failed to process asym crypto op\n");
> + status = TEST_FAILED;
> + goto exit;
> + }
> +
> + if (result_op->status != RTE_CRYPTO_OP_STATUS_SUCCESS) {
> + RTE_LOG(ERR, USER1,
> + "line %u FAILED: %s", __LINE__,
> + "Failed to process asym crypto op\n");
> + status = TEST_FAILED;
> + goto exit;
> + }
> +
> +exit:
> + if (sess != NULL)
> + rte_cryptodev_asym_session_free(dev_id, sess);
> + rte_crypto_op_free(op);
> + return status;
> +};
> +
> +static int
> +test_sm2_encrypt(void)
> +{
> + struct crypto_testsuite_params_asym *ts_params = &testsuite_params;
> + struct crypto_testsuite_sm2_params input_params =
> sm2_param_fp256;
> + struct rte_mempool *sess_mpool = ts_params->session_mpool;
> + struct rte_mempool *op_mpool = ts_params->op_mpool;
> + uint8_t output_buf[TEST_DATA_SIZE], *pbuf = NULL;
> + uint8_t dev_id = ts_params->valid_devs[0];
> + struct rte_crypto_op *result_op = NULL;
> + struct rte_crypto_asym_xform xform;
> + struct rte_crypto_asym_op *asym_op;
> + struct rte_cryptodev_info dev_info;
> + struct rte_crypto_op *op = NULL;
> + int ret, status = TEST_SUCCESS;
> + void *sess = NULL;
> +
> + rte_cryptodev_info_get(dev_id, &dev_info);
> +
> + /* Setup crypto op data structure */
> + op = rte_crypto_op_alloc(op_mpool,
> RTE_CRYPTO_OP_TYPE_ASYMMETRIC);
> + if (op == NULL) {
> + RTE_LOG(ERR, USER1,
> + "line %u FAILED: %s", __LINE__,
> + "Failed to allocate asymmetric crypto "
> + "operation struct\n");
> + status = TEST_FAILED;
> + goto exit;
> + }
> + asym_op = op->asym;
> +
> + /* Setup asym xform */
> + xform.next = NULL;
> + xform.xform_type = RTE_CRYPTO_ASYM_XFORM_SM2;
> + xform.sm2.pkey.data = input_params.pkey.data;
> + xform.sm2.pkey.length = input_params.pkey.length;
> + xform.sm2.q.x.data = input_params.pubkey_qx.data;
> + xform.sm2.q.x.length = input_params.pubkey_qx.length;
> + xform.sm2.q.y.data = input_params.pubkey_qy.data;
> + xform.sm2.q.y.length = input_params.pubkey_qy.length;
> +
> + ret = rte_cryptodev_asym_session_create(dev_id, &xform, sess_mpool,
> &sess);
> + if (ret < 0) {
> + RTE_LOG(ERR, USER1,
> + "line %u FAILED: %s", __LINE__,
> + "Session creation failed\n");
> + status = (ret == -ENOTSUP) ? TEST_SKIPPED : TEST_FAILED;
> + goto exit;
> + }
> +
> + /* Attach asymmetric crypto session to crypto operations */
> + rte_crypto_op_attach_asym_session(op, sess);
> +
> + /* Compute encrypt */
> +
> + /* Populate op with operational details */
> + op->asym->sm2.op_type = RTE_CRYPTO_ASYM_OP_ENCRYPT;
> + op->asym->sm2.message.data = input_params.message.data;
> + op->asym->sm2.message.length = input_params.message.length;
> +
> + /* Init out buf */
> + op->asym->sm2.cipher.data = output_buf;
> +
> + RTE_LOG(DEBUG, USER1, "Process ASYM operation\n");
> +
> + /* Process crypto operation */
> + if (rte_cryptodev_enqueue_burst(dev_id, 0, &op, 1) != 1) {
> + RTE_LOG(ERR, USER1,
> + "line %u FAILED: %s", __LINE__,
> + "Error sending packet for operation\n");
> + status = TEST_FAILED;
> + goto exit;
> + }
> +
> + while (rte_cryptodev_dequeue_burst(dev_id, 0, &result_op, 1) == 0)
> + rte_pause();
> +
> + if (result_op == NULL) {
> + RTE_LOG(ERR, USER1,
> + "line %u FAILED: %s", __LINE__,
> + "Failed to process asym crypto op\n");
> + status = TEST_FAILED;
> + goto exit;
> + }
> +
> + if (result_op->status != RTE_CRYPTO_OP_STATUS_SUCCESS) {
> + RTE_LOG(ERR, USER1,
> + "line %u FAILED: %s", __LINE__,
> + "Failed to process asym crypto op\n");
> + status = TEST_FAILED;
> + goto exit;
> + }
Shouldn't we do content comparison of the cipher text with vectors here as well?
Content is matched only after round trip which will not catch the hardware bug during encryption.
> +
> + asym_op = result_op->asym;
> +
> + debug_hexdump(stdout, "cipher:",
> + asym_op->sm2.cipher.data, asym_op-
> >sm2.cipher.length);
> +
> + /* Verify cipher (in roundtrip) */
> +
> + /* Populate op with operational details */
> + op->asym->sm2.op_type = RTE_CRYPTO_ASYM_OP_DECRYPT;
> + pbuf = rte_malloc(NULL, TEST_DATA_SIZE, 0);
> + op->asym->sm2.message.data = pbuf;
> + op->asym->sm2.message.length = TEST_DATA_SIZE;
> +
> + /* Enqueue cipher result for decrypt */
> + if (rte_cryptodev_enqueue_burst(dev_id, 0, &op, 1) != 1) {
> + status = TEST_FAILED;
> + RTE_LOG(ERR, USER1,
> + "line %u FAILED: %s", __LINE__,
> + "Error sending packet for operation\n");
> + goto exit;
> + }
> +
> + while (rte_cryptodev_dequeue_burst(dev_id, 0, &result_op, 1) == 0)
> + rte_pause();
> +
> + if (result_op == NULL) {
> + status = TEST_FAILED;
> + goto exit;
> + }
> + if (result_op->status != RTE_CRYPTO_OP_STATUS_SUCCESS) {
> + status = TEST_FAILED;
> + RTE_LOG(ERR, USER1,
> + "line %u FAILED: %s", __LINE__,
> + "SM2 encrypt failed.\n");
> + goto exit;
> + }
> +
> + asym_op = result_op->asym;
> + if (memcmp(input_params.message.data, asym_op-
> >sm2.message.data,
> + asym_op->sm2.message.length) != 0) {
> + status = TEST_FAILED;
> + RTE_LOG(ERR, USER1,
> + "line %u FAILED: %s", __LINE__,
> + "SM2 encrypt failed.\n");
> + goto exit;
> + }
> +exit:
> + if (pbuf != NULL)
> + rte_free(pbuf);
> +
> + if (sess != NULL)
> + rte_cryptodev_asym_session_free(dev_id, sess);
> + rte_crypto_op_free(op);
> + return status;
> +};
> +
> +static int
> +test_sm2_decrypt(void)
> +{
> + struct crypto_testsuite_params_asym *ts_params = &testsuite_params;
> + struct crypto_testsuite_sm2_params input_params =
> sm2_param_fp256;
> + struct rte_mempool *sess_mpool = ts_params->session_mpool;
> + struct rte_mempool *op_mpool = ts_params->op_mpool;
> + uint8_t dev_id = ts_params->valid_devs[0];
> + struct rte_crypto_op *result_op = NULL;
> + uint8_t output_buf_m[TEST_DATA_SIZE];
> + struct rte_crypto_asym_xform xform;
> + struct rte_crypto_asym_op *asym_op;
> + struct rte_cryptodev_info dev_info;
> + struct rte_crypto_op *op = NULL;
> + int ret, status = TEST_SUCCESS;
> + void *sess = NULL;
> +
> + rte_cryptodev_info_get(dev_id, &dev_info);
> +
> + /* Setup crypto op data structure */
> + op = rte_crypto_op_alloc(op_mpool,
> RTE_CRYPTO_OP_TYPE_ASYMMETRIC);
> + if (op == NULL) {
> + RTE_LOG(ERR, USER1,
> + "line %u FAILED: %s", __LINE__,
> + "Failed to allocate asymmetric crypto "
> + "operation struct\n");
> + status = TEST_FAILED;
> + goto exit;
> + }
> + asym_op = op->asym;
> +
> + /* Setup asym xform */
> + xform.next = NULL;
> + xform.xform_type = RTE_CRYPTO_ASYM_XFORM_SM2;
> + xform.sm2.pkey.data = input_params.pkey.data;
> + xform.sm2.pkey.length = input_params.pkey.length;
> + xform.sm2.q.x.data = input_params.pubkey_qx.data;
> + xform.sm2.q.x.length = input_params.pubkey_qx.length;
> + xform.sm2.q.y.data = input_params.pubkey_qy.data;
> + xform.sm2.q.y.length = input_params.pubkey_qy.length;
> +
> + ret = rte_cryptodev_asym_session_create(dev_id, &xform, sess_mpool,
> &sess);
> + if (ret < 0) {
> + RTE_LOG(ERR, USER1,
> + "line %u FAILED: %s", __LINE__,
> + "Session creation failed\n");
> + status = (ret == -ENOTSUP) ? TEST_SKIPPED : TEST_FAILED;
> + goto exit;
> + }
> +
> + /* Attach asymmetric crypto session to crypto operations */
> + rte_crypto_op_attach_asym_session(op, sess);
> +
> + /* Compute decrypt */
> +
> + /* Populate op with operational details */
> + op->asym->sm2.op_type = RTE_CRYPTO_ASYM_OP_DECRYPT;
> + op->asym->sm2.cipher.data = input_params.cipher.data;
> + op->asym->sm2.cipher.length = input_params.cipher.length;
> +
> + /* Init out buf */
> + op->asym->sm2.message.data = output_buf_m;
> + op->asym->sm2.message.length = RTE_DIM(output_buf_m);
> +
> + RTE_LOG(DEBUG, USER1, "Process ASYM operation\n");
> +
> + /* Process crypto operation */
> + if (rte_cryptodev_enqueue_burst(dev_id, 0, &op, 1) != 1) {
> + RTE_LOG(ERR, USER1,
> + "line %u FAILED: %s", __LINE__,
> + "Error sending packet for operation\n");
> + status = TEST_FAILED;
> + goto exit;
> + }
> +
> + while (rte_cryptodev_dequeue_burst(dev_id, 0, &result_op, 1) == 0)
> + rte_pause();
> +
> + if (result_op == NULL) {
> + RTE_LOG(ERR, USER1,
> + "line %u FAILED: %s", __LINE__,
> + "Failed to process asym crypto op\n");
> + status = TEST_FAILED;
> + goto exit;
> + }
> +
> + if (result_op->status != RTE_CRYPTO_OP_STATUS_SUCCESS) {
> + RTE_LOG(ERR, USER1,
> + "line %u FAILED: %s", __LINE__,
> + "Failed to process asym crypto op\n");
> + status = TEST_FAILED;
> + goto exit;
> + }
> +
> + asym_op = result_op->asym;
> +
> + debug_hexdump(stdout, "message:",
> + asym_op->sm2.message.data, asym_op-
> >sm2.message.length);
> +
> + if (memcmp(input_params.message.data, asym_op-
> >sm2.message.data,
> + op->asym->sm2.message.length)) {
> + status = TEST_FAILED;
> + RTE_LOG(ERR, USER1,
> + "line %u FAILED: %s", __LINE__,
> + "SM2 decrypt failed.\n");
> + goto exit;
> + }
> +exit:
> + if (sess != NULL)
> + rte_cryptodev_asym_session_free(dev_id, sess);
> + rte_crypto_op_free(op);
> + return status;
> +};
> +
> static struct unit_test_suite cryptodev_openssl_asym_testsuite = {
> .suite_name = "Crypto Device OPENSSL ASYM Unit Test Suite",
> .setup = testsuite_setup,
> @@ -2205,6 +2707,10 @@ static struct unit_test_suite
> cryptodev_openssl_asym_testsuite = {
> TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, test_dsa),
> TEST_CASE_ST(ut_setup_asym, ut_teardown_asym,
> test_dh_keygenration),
> + TEST_CASE_ST(ut_setup_asym, ut_teardown_asym,
> test_sm2_encrypt),
> + TEST_CASE_ST(ut_setup_asym, ut_teardown_asym,
> test_sm2_sign),
> + TEST_CASE_ST(ut_setup_asym, ut_teardown_asym,
> test_sm2_verify),
> + TEST_CASE_ST(ut_setup_asym, ut_teardown_asym,
> test_sm2_decrypt),
> TEST_CASE_ST(ut_setup_asym, ut_teardown_asym,
> test_rsa_enc_dec),
> TEST_CASE_ST(ut_setup_asym, ut_teardown_asym,
> test_rsa_sign_verify),
> diff --git a/app/test/test_cryptodev_sm2_test_vectors.h
> b/app/test/test_cryptodev_sm2_test_vectors.h
> new file mode 100644
> index 0000000000..d70d3ccaa0
> --- /dev/null
> +++ b/app/test/test_cryptodev_sm2_test_vectors.h
> @@ -0,0 +1,120 @@
> +/* SPDX-License-Identifier: BSD-3-Clause
> + * Copyright(C) 2023 Marvell.
> + */
> +
> +#ifndef __TEST_CRYPTODEV_SM2_TEST_VECTORS_H__
> +#define __TEST_CRYPTODEV_SM2_TEST_VECTORS_H__
> +
> +#include "rte_crypto_asym.h"
> +
> +struct crypto_testsuite_sm2_params {
> + rte_crypto_param pubkey_qx;
> + rte_crypto_param pubkey_qy;
> + rte_crypto_param pkey;
> + rte_crypto_param sign_r;
> + rte_crypto_param sign_s;
> + rte_crypto_param id;
> + rte_crypto_param cipher;
> + rte_crypto_param message;
> +};
> +
> +static uint8_t fp256_pkey[] = {
> + 0x77, 0x84, 0x35, 0x65, 0x4c, 0x7a, 0x6d, 0xb1,
> + 0x1e, 0x63, 0x0b, 0x41, 0x97, 0x36, 0x04, 0xf4,
> + 0xec, 0x35, 0xee, 0x3b, 0x76, 0xc2, 0x34, 0x08,
> + 0xd9, 0x4a, 0x22, 0x0d, 0x7f, 0xf6, 0xc6, 0x90
> +};
> +
> +static uint8_t fp256_qx[] = {
> + 0x7b, 0x24, 0xa3, 0x03, 0xcf, 0xb2, 0x22, 0xfa,
> + 0x4c, 0xb3, 0x88, 0x54, 0xf9, 0x30, 0xd1, 0x4d,
> + 0xe3, 0x50, 0xda, 0xba, 0xe6, 0xa7, 0x0b, 0x91,
> + 0x4c, 0x04, 0x0d, 0x5c, 0xe0, 0x8e, 0x86, 0xc5
> +};
> +
> +static uint8_t fp256_qy[] = {
> + 0xbc, 0x39, 0xe3, 0x19, 0x4e, 0xd2, 0x29, 0x22,
> + 0x5b, 0x37, 0x2d, 0xeb, 0xcc, 0x05, 0x52, 0x8d,
> + 0xb9, 0x40, 0xa3, 0xab, 0x3c, 0xbe, 0x16, 0x30,
> + 0x1c, 0xe4, 0xe8, 0x7f, 0xba, 0x6e, 0x0b, 0xae
> +};
> +
> +static uint8_t fp256_sign_r[] = {
> + 0xf3, 0x26, 0x10, 0xde, 0xfb, 0xbf, 0x13, 0xd4,
> + 0x73, 0xb1, 0xc2, 0x80, 0x51, 0x06, 0x29, 0xf9,
> + 0xfb, 0xc8, 0x11, 0xa7, 0x8d, 0x2c, 0xcb, 0x09,
> + 0x7c, 0xb2, 0xcf, 0x58, 0x0b, 0x5e, 0x25, 0xff
> +};
> +
> +static uint8_t fp256_sign_s[] = {
> + 0x8d, 0x8d, 0xb5, 0x40, 0xe3, 0xfb, 0x98, 0xf9,
> + 0x8c, 0xe4, 0x58, 0x60, 0xf2, 0x78, 0x8f, 0xd9,
> + 0xbf, 0xb8, 0x47, 0x73, 0x88, 0xc1, 0xd1, 0xcd,
> + 0x2d, 0xdb, 0xe3, 0xc1, 0x44, 0x30, 0x25, 0x86
> +};
> +
> +static uint8_t fp256_id[] = {
> + 0x1, 0x2, 0x3, 0x4, 0x5, 0x6, 0x7, 0x8
> +};
> +
> +static uint8_t fp256_message[] = {
> + 0x6D, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x20,
> + 0x64, 0x69, 0x67, 0x65, 0x73, 0x74
> +};
> +
> +static uint8_t fp256_cipher[] = {
> + 0x30, 0x78, 0x02, 0x21, 0x00, 0xAB, 0xBD, 0xE8,
> + 0xE8, 0x80, 0x93, 0x36, 0x77, 0xB6, 0x44, 0x47,
> + 0x6D, 0x00, 0xF6, 0x51, 0xC8, 0x80, 0x9C, 0x9E,
> + 0xD9, 0xEC, 0x36, 0x8A, 0x60, 0x8E, 0x26, 0x2D,
> + 0x71, 0x31, 0xB7, 0xC1, 0x38, 0x02, 0x21, 0x00,
> + 0xE1, 0xBF, 0x4C, 0x13, 0x7A, 0x87, 0x40, 0x32,
> + 0xF5, 0xA1, 0xE2, 0xA1, 0x3B, 0x83, 0xBF, 0x6B,
> + 0x3F, 0xFB, 0xC8, 0x13, 0x01, 0xDE, 0xCF, 0xC0,
> + 0xF4, 0x24, 0x66, 0x52, 0x89, 0xDA, 0x6D, 0x7A,
> + 0x04, 0x20, 0x8E, 0xFD, 0x52, 0x77, 0xC9, 0xE7,
> + 0x90, 0xD1, 0x17, 0x75, 0xDE, 0xEE, 0xF3, 0xE5,
> + 0x11, 0x0C, 0x5D, 0xE1, 0x3A, 0xB6, 0x2B, 0x72,
> + 0x60, 0xE5, 0xD5, 0xF3, 0x0F, 0xE2, 0x44, 0xDB,
> + 0xBC, 0x66, 0x04, 0x0E, 0x78, 0x2D, 0xC0, 0x3D,
> + 0x38, 0xA2, 0x42, 0xA4, 0x8E, 0x8B, 0xF5, 0x06,
> + 0x32, 0xFA
> +};
> +
> +/** SM2 Fp256 elliptic curve test params */
> +struct crypto_testsuite_sm2_params sm2_param_fp256 = {
> + .pubkey_qx = {
> + .data = fp256_qx,
> + .length = sizeof(fp256_qx),
> + },
> + .pubkey_qy = {
> + .data = fp256_qy,
> + .length = sizeof(fp256_qy),
> + },
> + .sign_r = {
> + .data = fp256_sign_r,
> + .length = sizeof(fp256_sign_r),
> + },
> + .sign_s = {
> + .data = fp256_sign_s,
> + .length = sizeof(fp256_sign_s),
> + },
> + .id = {
> + .data = fp256_id,
> + .length = sizeof(fp256_id),
> + },
> + .pkey = {
> + .data = fp256_pkey,
> + .length = sizeof(fp256_pkey),
> + },
> + .message = {
> + .data = fp256_message,
> + .length = sizeof(fp256_message),
> + },
> + .cipher = {
> + .data = fp256_cipher,
> + .length = sizeof(fp256_cipher),
> + }
> +};
> +
> +#endif /* __TEST_CRYPTODEV_SM2_TEST_VECTORS_H__ */
> --
> 2.25.1
Hi Akhil,
>
> If you have the reference from where the vectors are taken it can also be
> mentioned.
>
I generated these test vectors in online. There are no reference test vectors quoted
In RFC except for recommended curve parameters, at the end.
https://datatracker.ietf.org/doc/html/draft-shen-sm2-ecdsa-02
> >
> > Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
> > ---
> > app/test/test_cryptodev_asym.c | 506 +++++++++++++++++++++
> > app/test/test_cryptodev_sm2_test_vectors.h | 120 +++++
> > 2 files changed, 626 insertions(+)
> > create mode 100644 app/test/test_cryptodev_sm2_test_vectors.h
> >
> > diff --git a/app/test/test_cryptodev_asym.c
> > b/app/test/test_cryptodev_asym.c index 9236817650..bfaeedee27 100644
> > --- a/app/test/test_cryptodev_asym.c
> > +++ b/app/test/test_cryptodev_asym.c
> > @@ -21,6 +21,7 @@
> > #include "test_cryptodev_ecpm_test_vectors.h"
> > #include "test_cryptodev_mod_test_vectors.h"
> > #include "test_cryptodev_rsa_test_vectors.h"
> > +#include "test_cryptodev_sm2_test_vectors.h"
> > #include "test_cryptodev_asym_util.h"
> > #include "test.h"
> >
> > @@ -2196,6 +2197,507 @@ test_ecpm_all_curve(void)
> > return overall_status;
> > }
> >
> > +static int
> > +test_sm2_sign(void)
> > +{
> > + struct crypto_testsuite_params_asym *ts_params = &testsuite_params;
> > + struct crypto_testsuite_sm2_params input_params =
> > sm2_param_fp256;
> > + struct rte_mempool *sess_mpool = ts_params->session_mpool;
> > + struct rte_mempool *op_mpool = ts_params->op_mpool;
> > + uint8_t dev_id = ts_params->valid_devs[0];
> > + struct rte_crypto_op *result_op = NULL;
> > + uint8_t output_buf_r[TEST_DATA_SIZE];
> > + uint8_t output_buf_s[TEST_DATA_SIZE];
> > + struct rte_crypto_asym_xform xform;
> > + struct rte_crypto_asym_op *asym_op;
> > + struct rte_cryptodev_info dev_info;
> > + struct rte_crypto_op *op = NULL;
> > + int ret, status = TEST_SUCCESS;
> > + void *sess = NULL;
> > +
> > + rte_cryptodev_info_get(dev_id, &dev_info);
>
> dev_info is being unused. Not checking for capabilities?
It is the same case in other algorithms as well. Shall I collectively address this ?
> > +
> > + /* Setup crypto op data structure */
> > + op = rte_crypto_op_alloc(op_mpool,
> > RTE_CRYPTO_OP_TYPE_ASYMMETRIC);
> > + if (op == NULL) {
> > + RTE_LOG(ERR, USER1,
> > + "line %u FAILED: %s", __LINE__,
> > + "Failed to allocate asymmetric crypto "
> > + "operation struct\n");
> > + status = TEST_FAILED;
> > + goto exit;
> > + }
> > + asym_op = op->asym;
> > +
> > + /* Setup asym xform */
> > + xform.next = NULL;
> > + xform.xform_type = RTE_CRYPTO_ASYM_XFORM_SM2;
> > + xform.sm2.pkey.data = input_params.pkey.data;
> > + xform.sm2.pkey.length = input_params.pkey.length;
> > + xform.sm2.q.x.data = input_params.pubkey_qx.data;
> > + xform.sm2.q.x.length = input_params.pubkey_qx.length;
> > + xform.sm2.q.y.data = input_params.pubkey_qy.data;
> > + xform.sm2.q.y.length = input_params.pubkey_qy.length;
> > +
> > + ret = rte_cryptodev_asym_session_create(dev_id, &xform, sess_mpool,
> > &sess);
> > + if (ret < 0) {
> > + RTE_LOG(ERR, USER1,
> > + "line %u FAILED: %s", __LINE__,
> > + "Session creation failed\n");
> > + status = (ret == -ENOTSUP) ? TEST_SKIPPED : TEST_FAILED;
> > + goto exit;
> > + }
> > +
> > + /* Attach asymmetric crypto session to crypto operations */
> > + rte_crypto_op_attach_asym_session(op, sess);
> > +
> > + /* Compute sign */
> > +
> > + /* Populate op with operational details */
> > + op->asym->sm2.op_type = RTE_CRYPTO_ASYM_OP_SIGN;
> > + op->asym->sm2.message.data = input_params.message.data;
> > + op->asym->sm2.message.length = input_params.message.length;
> > + op->asym->sm2.id.data = input_params.id.data;
> > + op->asym->sm2.id.length = input_params.id.length;
> > +
> > + /* Init out buf */
> > + op->asym->sm2.r.data = output_buf_r;
> > + op->asym->sm2.s.data = output_buf_s;
> > +
> > + RTE_LOG(DEBUG, USER1, "Process ASYM operation\n");
> > +
> > + /* Process crypto operation */
> > + if (rte_cryptodev_enqueue_burst(dev_id, 0, &op, 1) != 1) {
> > + RTE_LOG(ERR, USER1,
> > + "line %u FAILED: %s", __LINE__,
> > + "Error sending packet for operation\n");
> > + status = TEST_FAILED;
> > + goto exit;
> > + }
> > +
> > + while (rte_cryptodev_dequeue_burst(dev_id, 0, &result_op, 1) == 0)
> > + rte_pause();
>
> Shouldn't this be a finite loop and mark test as failed after some retries?
It is the same case in other algorithms as well. Shall I collectively address this ?
>
> > +
> > + if (result_op == NULL) {
> > + RTE_LOG(ERR, USER1,
> > + "line %u FAILED: %s", __LINE__,
> > + "Failed to process asym crypto op\n");
> > + status = TEST_FAILED;
> > + goto exit;
> > + }
> > +
...
<cut>
...
> > +static int
> > +test_sm2_encrypt(void)
> > +{
> > + struct crypto_testsuite_params_asym *ts_params = &testsuite_params;
> > + struct crypto_testsuite_sm2_params input_params =
> > sm2_param_fp256;
> > + struct rte_mempool *sess_mpool = ts_params->session_mpool;
> > + struct rte_mempool *op_mpool = ts_params->op_mpool;
> > + uint8_t output_buf[TEST_DATA_SIZE], *pbuf = NULL;
> > + uint8_t dev_id = ts_params->valid_devs[0];
> > + struct rte_crypto_op *result_op = NULL;
> > + struct rte_crypto_asym_xform xform;
> > + struct rte_crypto_asym_op *asym_op;
> > + struct rte_cryptodev_info dev_info;
> > + struct rte_crypto_op *op = NULL;
> > + int ret, status = TEST_SUCCESS;
> > + void *sess = NULL;
> > +
> > + rte_cryptodev_info_get(dev_id, &dev_info);
> > +
> > + /* Setup crypto op data structure */
> > + op = rte_crypto_op_alloc(op_mpool,
> > RTE_CRYPTO_OP_TYPE_ASYMMETRIC);
> > + if (op == NULL) {
> > + RTE_LOG(ERR, USER1,
> > + "line %u FAILED: %s", __LINE__,
> > + "Failed to allocate asymmetric crypto "
> > + "operation struct\n");
> > + status = TEST_FAILED;
> > + goto exit;
> > + }
> > + asym_op = op->asym;
> > +
> > + /* Setup asym xform */
> > + xform.next = NULL;
> > + xform.xform_type = RTE_CRYPTO_ASYM_XFORM_SM2;
> > + xform.sm2.pkey.data = input_params.pkey.data;
> > + xform.sm2.pkey.length = input_params.pkey.length;
> > + xform.sm2.q.x.data = input_params.pubkey_qx.data;
> > + xform.sm2.q.x.length = input_params.pubkey_qx.length;
> > + xform.sm2.q.y.data = input_params.pubkey_qy.data;
> > + xform.sm2.q.y.length = input_params.pubkey_qy.length;
> > +
> > + ret = rte_cryptodev_asym_session_create(dev_id, &xform, sess_mpool,
> > &sess);
> > + if (ret < 0) {
> > + RTE_LOG(ERR, USER1,
> > + "line %u FAILED: %s", __LINE__,
> > + "Session creation failed\n");
> > + status = (ret == -ENOTSUP) ? TEST_SKIPPED : TEST_FAILED;
> > + goto exit;
> > + }
> > +
> > + /* Attach asymmetric crypto session to crypto operations */
> > + rte_crypto_op_attach_asym_session(op, sess);
> > +
> > + /* Compute encrypt */
> > +
> > + /* Populate op with operational details */
> > + op->asym->sm2.op_type = RTE_CRYPTO_ASYM_OP_ENCRYPT;
> > + op->asym->sm2.message.data = input_params.message.data;
> > + op->asym->sm2.message.length = input_params.message.length;
> > +
> > + /* Init out buf */
> > + op->asym->sm2.cipher.data = output_buf;
> > +
> > + RTE_LOG(DEBUG, USER1, "Process ASYM operation\n");
> > +
> > + /* Process crypto operation */
> > + if (rte_cryptodev_enqueue_burst(dev_id, 0, &op, 1) != 1) {
> > + RTE_LOG(ERR, USER1,
> > + "line %u FAILED: %s", __LINE__,
> > + "Error sending packet for operation\n");
> > + status = TEST_FAILED;
> > + goto exit;
> > + }
> > +
> > + while (rte_cryptodev_dequeue_burst(dev_id, 0, &result_op, 1) == 0)
> > + rte_pause();
> > +
> > + if (result_op == NULL) {
> > + RTE_LOG(ERR, USER1,
> > + "line %u FAILED: %s", __LINE__,
> > + "Failed to process asym crypto op\n");
> > + status = TEST_FAILED;
> > + goto exit;
> > + }
> > +
> > + if (result_op->status != RTE_CRYPTO_OP_STATUS_SUCCESS) {
> > + RTE_LOG(ERR, USER1,
> > + "line %u FAILED: %s", __LINE__,
> > + "Failed to process asym crypto op\n");
> > + status = TEST_FAILED;
> > + goto exit;
> > + }
>
> Shouldn't we do content comparison of the cipher text with vectors here as
> well?
> Content is matched only after round trip which will not catch the hardware bug
> during encryption.
Due to random scalar value used (and known only to driver), we can't have expected
cipher string. I ll wait for review on current openssl driver implementation whether
to introduce this scalar value in crypto op param like in EC. Based on this, we could
address this suggestion.
Thanks.
>
> Hi Akhil,
> >
> > If you have the reference from where the vectors are taken it can also be
> > mentioned.
> >
> I generated these test vectors in online. There are no reference test vectors
> quoted
> In RFC except for recommended curve parameters, at the end.
> https://datatracker.ietf.org/doc/html/draft-shen-sm2-ecdsa-02
>
ok
> > >
> > > Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
> > > ---
> > > app/test/test_cryptodev_asym.c | 506 +++++++++++++++++++++
> > > app/test/test_cryptodev_sm2_test_vectors.h | 120 +++++
> > > 2 files changed, 626 insertions(+)
> > > create mode 100644 app/test/test_cryptodev_sm2_test_vectors.h
> > >
> > > diff --git a/app/test/test_cryptodev_asym.c
> > > b/app/test/test_cryptodev_asym.c index 9236817650..bfaeedee27 100644
> > > --- a/app/test/test_cryptodev_asym.c
> > > +++ b/app/test/test_cryptodev_asym.c
> > > @@ -21,6 +21,7 @@
> > > #include "test_cryptodev_ecpm_test_vectors.h"
> > > #include "test_cryptodev_mod_test_vectors.h"
> > > #include "test_cryptodev_rsa_test_vectors.h"
> > > +#include "test_cryptodev_sm2_test_vectors.h"
> > > #include "test_cryptodev_asym_util.h"
> > > #include "test.h"
> > >
> > > @@ -2196,6 +2197,507 @@ test_ecpm_all_curve(void)
> > > return overall_status;
> > > }
> > >
> > > +static int
> > > +test_sm2_sign(void)
> > > +{
> > > + struct crypto_testsuite_params_asym *ts_params = &testsuite_params;
> > > + struct crypto_testsuite_sm2_params input_params =
> > > sm2_param_fp256;
> > > + struct rte_mempool *sess_mpool = ts_params->session_mpool;
> > > + struct rte_mempool *op_mpool = ts_params->op_mpool;
> > > + uint8_t dev_id = ts_params->valid_devs[0];
> > > + struct rte_crypto_op *result_op = NULL;
> > > + uint8_t output_buf_r[TEST_DATA_SIZE];
> > > + uint8_t output_buf_s[TEST_DATA_SIZE];
> > > + struct rte_crypto_asym_xform xform;
> > > + struct rte_crypto_asym_op *asym_op;
> > > + struct rte_cryptodev_info dev_info;
> > > + struct rte_crypto_op *op = NULL;
> > > + int ret, status = TEST_SUCCESS;
> > > + void *sess = NULL;
> > > +
> > > + rte_cryptodev_info_get(dev_id, &dev_info);
> >
> > dev_info is being unused. Not checking for capabilities?
>
> It is the same case in other algorithms as well. Shall I collectively address this ?
You can remove this dev_info get from here and add capability check in a separate patch for all cases.
> > > +
> > > + /* Setup crypto op data structure */
> > > + op = rte_crypto_op_alloc(op_mpool,
> > > RTE_CRYPTO_OP_TYPE_ASYMMETRIC);
> > > + if (op == NULL) {
> > > + RTE_LOG(ERR, USER1,
> > > + "line %u FAILED: %s", __LINE__,
> > > + "Failed to allocate asymmetric crypto "
> > > + "operation struct\n");
> > > + status = TEST_FAILED;
> > > + goto exit;
> > > + }
> > > + asym_op = op->asym;
> > > +
> > > + /* Setup asym xform */
> > > + xform.next = NULL;
> > > + xform.xform_type = RTE_CRYPTO_ASYM_XFORM_SM2;
> > > + xform.sm2.pkey.data = input_params.pkey.data;
> > > + xform.sm2.pkey.length = input_params.pkey.length;
> > > + xform.sm2.q.x.data = input_params.pubkey_qx.data;
> > > + xform.sm2.q.x.length = input_params.pubkey_qx.length;
> > > + xform.sm2.q.y.data = input_params.pubkey_qy.data;
> > > + xform.sm2.q.y.length = input_params.pubkey_qy.length;
> > > +
> > > + ret = rte_cryptodev_asym_session_create(dev_id, &xform, sess_mpool,
> > > &sess);
> > > + if (ret < 0) {
> > > + RTE_LOG(ERR, USER1,
> > > + "line %u FAILED: %s", __LINE__,
> > > + "Session creation failed\n");
> > > + status = (ret == -ENOTSUP) ? TEST_SKIPPED : TEST_FAILED;
> > > + goto exit;
> > > + }
> > > +
> > > + /* Attach asymmetric crypto session to crypto operations */
> > > + rte_crypto_op_attach_asym_session(op, sess);
> > > +
> > > + /* Compute sign */
> > > +
> > > + /* Populate op with operational details */
> > > + op->asym->sm2.op_type = RTE_CRYPTO_ASYM_OP_SIGN;
> > > + op->asym->sm2.message.data = input_params.message.data;
> > > + op->asym->sm2.message.length = input_params.message.length;
> > > + op->asym->sm2.id.data = input_params.id.data;
> > > + op->asym->sm2.id.length = input_params.id.length;
> > > +
> > > + /* Init out buf */
> > > + op->asym->sm2.r.data = output_buf_r;
> > > + op->asym->sm2.s.data = output_buf_s;
> > > +
> > > + RTE_LOG(DEBUG, USER1, "Process ASYM operation\n");
> > > +
> > > + /* Process crypto operation */
> > > + if (rte_cryptodev_enqueue_burst(dev_id, 0, &op, 1) != 1) {
> > > + RTE_LOG(ERR, USER1,
> > > + "line %u FAILED: %s", __LINE__,
> > > + "Error sending packet for operation\n");
> > > + status = TEST_FAILED;
> > > + goto exit;
> > > + }
> > > +
> > > + while (rte_cryptodev_dequeue_burst(dev_id, 0, &result_op, 1) == 0)
> > > + rte_pause();
> >
> > Shouldn't this be a finite loop and mark test as failed after some retries?
>
> It is the same case in other algorithms as well. Shall I collectively address this ?
Ok you can submit a separate patch for it.
> >
> > > +
> > > + if (result_op == NULL) {
> > > + RTE_LOG(ERR, USER1,
> > > + "line %u FAILED: %s", __LINE__,
> > > + "Failed to process asym crypto op\n");
> > > + status = TEST_FAILED;
> > > + goto exit;
> > > + }
> > > +
> ...
> <cut>
> ...
> > > +static int
> > > +test_sm2_encrypt(void)
> > > +{
> > > + struct crypto_testsuite_params_asym *ts_params = &testsuite_params;
> > > + struct crypto_testsuite_sm2_params input_params =
> > > sm2_param_fp256;
> > > + struct rte_mempool *sess_mpool = ts_params->session_mpool;
> > > + struct rte_mempool *op_mpool = ts_params->op_mpool;
> > > + uint8_t output_buf[TEST_DATA_SIZE], *pbuf = NULL;
> > > + uint8_t dev_id = ts_params->valid_devs[0];
> > > + struct rte_crypto_op *result_op = NULL;
> > > + struct rte_crypto_asym_xform xform;
> > > + struct rte_crypto_asym_op *asym_op;
> > > + struct rte_cryptodev_info dev_info;
> > > + struct rte_crypto_op *op = NULL;
> > > + int ret, status = TEST_SUCCESS;
> > > + void *sess = NULL;
> > > +
> > > + rte_cryptodev_info_get(dev_id, &dev_info);
> > > +
> > > + /* Setup crypto op data structure */
> > > + op = rte_crypto_op_alloc(op_mpool,
> > > RTE_CRYPTO_OP_TYPE_ASYMMETRIC);
> > > + if (op == NULL) {
> > > + RTE_LOG(ERR, USER1,
> > > + "line %u FAILED: %s", __LINE__,
> > > + "Failed to allocate asymmetric crypto "
> > > + "operation struct\n");
> > > + status = TEST_FAILED;
> > > + goto exit;
> > > + }
> > > + asym_op = op->asym;
> > > +
> > > + /* Setup asym xform */
> > > + xform.next = NULL;
> > > + xform.xform_type = RTE_CRYPTO_ASYM_XFORM_SM2;
> > > + xform.sm2.pkey.data = input_params.pkey.data;
> > > + xform.sm2.pkey.length = input_params.pkey.length;
> > > + xform.sm2.q.x.data = input_params.pubkey_qx.data;
> > > + xform.sm2.q.x.length = input_params.pubkey_qx.length;
> > > + xform.sm2.q.y.data = input_params.pubkey_qy.data;
> > > + xform.sm2.q.y.length = input_params.pubkey_qy.length;
> > > +
> > > + ret = rte_cryptodev_asym_session_create(dev_id, &xform, sess_mpool,
> > > &sess);
> > > + if (ret < 0) {
> > > + RTE_LOG(ERR, USER1,
> > > + "line %u FAILED: %s", __LINE__,
> > > + "Session creation failed\n");
> > > + status = (ret == -ENOTSUP) ? TEST_SKIPPED : TEST_FAILED;
> > > + goto exit;
> > > + }
> > > +
> > > + /* Attach asymmetric crypto session to crypto operations */
> > > + rte_crypto_op_attach_asym_session(op, sess);
> > > +
> > > + /* Compute encrypt */
> > > +
> > > + /* Populate op with operational details */
> > > + op->asym->sm2.op_type = RTE_CRYPTO_ASYM_OP_ENCRYPT;
> > > + op->asym->sm2.message.data = input_params.message.data;
> > > + op->asym->sm2.message.length = input_params.message.length;
> > > +
> > > + /* Init out buf */
> > > + op->asym->sm2.cipher.data = output_buf;
> > > +
> > > + RTE_LOG(DEBUG, USER1, "Process ASYM operation\n");
> > > +
> > > + /* Process crypto operation */
> > > + if (rte_cryptodev_enqueue_burst(dev_id, 0, &op, 1) != 1) {
> > > + RTE_LOG(ERR, USER1,
> > > + "line %u FAILED: %s", __LINE__,
> > > + "Error sending packet for operation\n");
> > > + status = TEST_FAILED;
> > > + goto exit;
> > > + }
> > > +
> > > + while (rte_cryptodev_dequeue_burst(dev_id, 0, &result_op, 1) == 0)
> > > + rte_pause();
> > > +
> > > + if (result_op == NULL) {
> > > + RTE_LOG(ERR, USER1,
> > > + "line %u FAILED: %s", __LINE__,
> > > + "Failed to process asym crypto op\n");
> > > + status = TEST_FAILED;
> > > + goto exit;
> > > + }
> > > +
> > > + if (result_op->status != RTE_CRYPTO_OP_STATUS_SUCCESS) {
> > > + RTE_LOG(ERR, USER1,
> > > + "line %u FAILED: %s", __LINE__,
> > > + "Failed to process asym crypto op\n");
> > > + status = TEST_FAILED;
> > > + goto exit;
> > > + }
> >
> > Shouldn't we do content comparison of the cipher text with vectors here as
> > well?
> > Content is matched only after round trip which will not catch the hardware bug
> > during encryption.
>
> Due to random scalar value used (and known only to driver), we can't have
> expected
> cipher string. I ll wait for review on current openssl driver implementation
> whether
> to introduce this scalar value in crypto op param like in EC. Based on this, we
> could
> address this suggestion.
>
You can add a comment here in the code to explain this thing.
@@ -21,6 +21,7 @@
#include "test_cryptodev_ecpm_test_vectors.h"
#include "test_cryptodev_mod_test_vectors.h"
#include "test_cryptodev_rsa_test_vectors.h"
+#include "test_cryptodev_sm2_test_vectors.h"
#include "test_cryptodev_asym_util.h"
#include "test.h"
@@ -2196,6 +2197,507 @@ test_ecpm_all_curve(void)
return overall_status;
}
+static int
+test_sm2_sign(void)
+{
+ struct crypto_testsuite_params_asym *ts_params = &testsuite_params;
+ struct crypto_testsuite_sm2_params input_params = sm2_param_fp256;
+ struct rte_mempool *sess_mpool = ts_params->session_mpool;
+ struct rte_mempool *op_mpool = ts_params->op_mpool;
+ uint8_t dev_id = ts_params->valid_devs[0];
+ struct rte_crypto_op *result_op = NULL;
+ uint8_t output_buf_r[TEST_DATA_SIZE];
+ uint8_t output_buf_s[TEST_DATA_SIZE];
+ struct rte_crypto_asym_xform xform;
+ struct rte_crypto_asym_op *asym_op;
+ struct rte_cryptodev_info dev_info;
+ struct rte_crypto_op *op = NULL;
+ int ret, status = TEST_SUCCESS;
+ void *sess = NULL;
+
+ rte_cryptodev_info_get(dev_id, &dev_info);
+
+ /* Setup crypto op data structure */
+ op = rte_crypto_op_alloc(op_mpool, RTE_CRYPTO_OP_TYPE_ASYMMETRIC);
+ if (op == NULL) {
+ RTE_LOG(ERR, USER1,
+ "line %u FAILED: %s", __LINE__,
+ "Failed to allocate asymmetric crypto "
+ "operation struct\n");
+ status = TEST_FAILED;
+ goto exit;
+ }
+ asym_op = op->asym;
+
+ /* Setup asym xform */
+ xform.next = NULL;
+ xform.xform_type = RTE_CRYPTO_ASYM_XFORM_SM2;
+ xform.sm2.pkey.data = input_params.pkey.data;
+ xform.sm2.pkey.length = input_params.pkey.length;
+ xform.sm2.q.x.data = input_params.pubkey_qx.data;
+ xform.sm2.q.x.length = input_params.pubkey_qx.length;
+ xform.sm2.q.y.data = input_params.pubkey_qy.data;
+ xform.sm2.q.y.length = input_params.pubkey_qy.length;
+
+ ret = rte_cryptodev_asym_session_create(dev_id, &xform, sess_mpool, &sess);
+ if (ret < 0) {
+ RTE_LOG(ERR, USER1,
+ "line %u FAILED: %s", __LINE__,
+ "Session creation failed\n");
+ status = (ret == -ENOTSUP) ? TEST_SKIPPED : TEST_FAILED;
+ goto exit;
+ }
+
+ /* Attach asymmetric crypto session to crypto operations */
+ rte_crypto_op_attach_asym_session(op, sess);
+
+ /* Compute sign */
+
+ /* Populate op with operational details */
+ op->asym->sm2.op_type = RTE_CRYPTO_ASYM_OP_SIGN;
+ op->asym->sm2.message.data = input_params.message.data;
+ op->asym->sm2.message.length = input_params.message.length;
+ op->asym->sm2.id.data = input_params.id.data;
+ op->asym->sm2.id.length = input_params.id.length;
+
+ /* Init out buf */
+ op->asym->sm2.r.data = output_buf_r;
+ op->asym->sm2.s.data = output_buf_s;
+
+ RTE_LOG(DEBUG, USER1, "Process ASYM operation\n");
+
+ /* Process crypto operation */
+ if (rte_cryptodev_enqueue_burst(dev_id, 0, &op, 1) != 1) {
+ RTE_LOG(ERR, USER1,
+ "line %u FAILED: %s", __LINE__,
+ "Error sending packet for operation\n");
+ status = TEST_FAILED;
+ goto exit;
+ }
+
+ while (rte_cryptodev_dequeue_burst(dev_id, 0, &result_op, 1) == 0)
+ rte_pause();
+
+ if (result_op == NULL) {
+ RTE_LOG(ERR, USER1,
+ "line %u FAILED: %s", __LINE__,
+ "Failed to process asym crypto op\n");
+ status = TEST_FAILED;
+ goto exit;
+ }
+
+ if (result_op->status != RTE_CRYPTO_OP_STATUS_SUCCESS) {
+ RTE_LOG(ERR, USER1,
+ "line %u FAILED: %s", __LINE__,
+ "Failed to process asym crypto op\n");
+ status = TEST_FAILED;
+ goto exit;
+ }
+
+ asym_op = result_op->asym;
+
+ debug_hexdump(stdout, "r:",
+ asym_op->sm2.r.data, asym_op->sm2.r.length);
+ debug_hexdump(stdout, "s:",
+ asym_op->sm2.s.data, asym_op->sm2.s.length);
+
+ /* Verify sign (in roundtrip) */
+
+ /* Populate op with operational details */
+ op->asym->sm2.op_type = RTE_CRYPTO_ASYM_OP_VERIFY;
+
+ /* Enqueue sign result for verify */
+ if (rte_cryptodev_enqueue_burst(dev_id, 0, &op, 1) != 1) {
+ status = TEST_FAILED;
+ RTE_LOG(ERR, USER1,
+ "line %u FAILED: %s", __LINE__,
+ "Error sending packet for operation\n");
+ goto exit;
+ }
+
+ while (rte_cryptodev_dequeue_burst(dev_id, 0, &result_op, 1) == 0)
+ rte_pause();
+
+ if (result_op == NULL) {
+ status = TEST_FAILED;
+ goto exit;
+ }
+ if (result_op->status != RTE_CRYPTO_OP_STATUS_SUCCESS) {
+ status = TEST_FAILED;
+ RTE_LOG(ERR, USER1,
+ "line %u FAILED: %s", __LINE__,
+ "SM2 verify failed.\n");
+ goto exit;
+ }
+
+exit:
+ if (sess != NULL)
+ rte_cryptodev_asym_session_free(dev_id, sess);
+ rte_crypto_op_free(op);
+ return status;
+};
+
+static int
+test_sm2_verify(void)
+{
+ struct crypto_testsuite_params_asym *ts_params = &testsuite_params;
+ struct crypto_testsuite_sm2_params input_params = sm2_param_fp256;
+ struct rte_mempool *sess_mpool = ts_params->session_mpool;
+ struct rte_mempool *op_mpool = ts_params->op_mpool;
+ uint8_t dev_id = ts_params->valid_devs[0];
+ struct rte_crypto_op *result_op = NULL;
+ struct rte_crypto_asym_xform xform;
+ struct rte_cryptodev_info dev_info;
+ struct rte_crypto_op *op = NULL;
+ int ret, status = TEST_SUCCESS;
+ void *sess = NULL;
+
+ rte_cryptodev_info_get(dev_id, &dev_info);
+
+ /* Setup crypto op data structure */
+ op = rte_crypto_op_alloc(op_mpool, RTE_CRYPTO_OP_TYPE_ASYMMETRIC);
+ if (op == NULL) {
+ RTE_LOG(ERR, USER1,
+ "line %u FAILED: %s", __LINE__,
+ "Failed to allocate asymmetric crypto "
+ "operation struct\n");
+ status = TEST_FAILED;
+ goto exit;
+ }
+
+ /* Setup asym xform */
+ xform.next = NULL;
+ xform.xform_type = RTE_CRYPTO_ASYM_XFORM_SM2;
+ xform.sm2.q.x.data = input_params.pubkey_qx.data;
+ xform.sm2.q.x.length = input_params.pubkey_qx.length;
+ xform.sm2.q.y.data = input_params.pubkey_qy.data;
+ xform.sm2.q.y.length = input_params.pubkey_qy.length;
+
+ ret = rte_cryptodev_asym_session_create(dev_id, &xform, sess_mpool, &sess);
+ if (ret < 0) {
+ RTE_LOG(ERR, USER1,
+ "line %u FAILED: %s", __LINE__,
+ "Session creation failed\n");
+ status = (ret == -ENOTSUP) ? TEST_SKIPPED : TEST_FAILED;
+ goto exit;
+ }
+
+ /* Attach asymmetric crypto session to crypto operations */
+ rte_crypto_op_attach_asym_session(op, sess);
+
+ /* Verify given sign */
+
+ /* Populate op with operational details */
+ op->asym->sm2.op_type = RTE_CRYPTO_ASYM_OP_VERIFY;
+ op->asym->sm2.message.data = input_params.message.data;
+ op->asym->sm2.message.length = input_params.message.length;
+ op->asym->sm2.r.data = input_params.sign_r.data;
+ op->asym->sm2.r.length = input_params.sign_r.length;
+ op->asym->sm2.s.data = input_params.sign_s.data;
+ op->asym->sm2.s.length = input_params.sign_s.length;
+ op->asym->sm2.id.data = input_params.id.data;
+ op->asym->sm2.id.length = input_params.id.length;
+
+ RTE_LOG(DEBUG, USER1, "Process ASYM operation\n");
+
+ /* Process crypto operation */
+ if (rte_cryptodev_enqueue_burst(dev_id, 0, &op, 1) != 1) {
+ RTE_LOG(ERR, USER1,
+ "line %u FAILED: %s", __LINE__,
+ "Error sending packet for operation\n");
+ status = TEST_FAILED;
+ goto exit;
+ }
+
+ while (rte_cryptodev_dequeue_burst(dev_id, 0, &result_op, 1) == 0)
+ rte_pause();
+
+ if (result_op == NULL) {
+ RTE_LOG(ERR, USER1,
+ "line %u FAILED: %s", __LINE__,
+ "Failed to process asym crypto op\n");
+ status = TEST_FAILED;
+ goto exit;
+ }
+
+ if (result_op->status != RTE_CRYPTO_OP_STATUS_SUCCESS) {
+ RTE_LOG(ERR, USER1,
+ "line %u FAILED: %s", __LINE__,
+ "Failed to process asym crypto op\n");
+ status = TEST_FAILED;
+ goto exit;
+ }
+
+exit:
+ if (sess != NULL)
+ rte_cryptodev_asym_session_free(dev_id, sess);
+ rte_crypto_op_free(op);
+ return status;
+};
+
+static int
+test_sm2_encrypt(void)
+{
+ struct crypto_testsuite_params_asym *ts_params = &testsuite_params;
+ struct crypto_testsuite_sm2_params input_params = sm2_param_fp256;
+ struct rte_mempool *sess_mpool = ts_params->session_mpool;
+ struct rte_mempool *op_mpool = ts_params->op_mpool;
+ uint8_t output_buf[TEST_DATA_SIZE], *pbuf = NULL;
+ uint8_t dev_id = ts_params->valid_devs[0];
+ struct rte_crypto_op *result_op = NULL;
+ struct rte_crypto_asym_xform xform;
+ struct rte_crypto_asym_op *asym_op;
+ struct rte_cryptodev_info dev_info;
+ struct rte_crypto_op *op = NULL;
+ int ret, status = TEST_SUCCESS;
+ void *sess = NULL;
+
+ rte_cryptodev_info_get(dev_id, &dev_info);
+
+ /* Setup crypto op data structure */
+ op = rte_crypto_op_alloc(op_mpool, RTE_CRYPTO_OP_TYPE_ASYMMETRIC);
+ if (op == NULL) {
+ RTE_LOG(ERR, USER1,
+ "line %u FAILED: %s", __LINE__,
+ "Failed to allocate asymmetric crypto "
+ "operation struct\n");
+ status = TEST_FAILED;
+ goto exit;
+ }
+ asym_op = op->asym;
+
+ /* Setup asym xform */
+ xform.next = NULL;
+ xform.xform_type = RTE_CRYPTO_ASYM_XFORM_SM2;
+ xform.sm2.pkey.data = input_params.pkey.data;
+ xform.sm2.pkey.length = input_params.pkey.length;
+ xform.sm2.q.x.data = input_params.pubkey_qx.data;
+ xform.sm2.q.x.length = input_params.pubkey_qx.length;
+ xform.sm2.q.y.data = input_params.pubkey_qy.data;
+ xform.sm2.q.y.length = input_params.pubkey_qy.length;
+
+ ret = rte_cryptodev_asym_session_create(dev_id, &xform, sess_mpool, &sess);
+ if (ret < 0) {
+ RTE_LOG(ERR, USER1,
+ "line %u FAILED: %s", __LINE__,
+ "Session creation failed\n");
+ status = (ret == -ENOTSUP) ? TEST_SKIPPED : TEST_FAILED;
+ goto exit;
+ }
+
+ /* Attach asymmetric crypto session to crypto operations */
+ rte_crypto_op_attach_asym_session(op, sess);
+
+ /* Compute encrypt */
+
+ /* Populate op with operational details */
+ op->asym->sm2.op_type = RTE_CRYPTO_ASYM_OP_ENCRYPT;
+ op->asym->sm2.message.data = input_params.message.data;
+ op->asym->sm2.message.length = input_params.message.length;
+
+ /* Init out buf */
+ op->asym->sm2.cipher.data = output_buf;
+
+ RTE_LOG(DEBUG, USER1, "Process ASYM operation\n");
+
+ /* Process crypto operation */
+ if (rte_cryptodev_enqueue_burst(dev_id, 0, &op, 1) != 1) {
+ RTE_LOG(ERR, USER1,
+ "line %u FAILED: %s", __LINE__,
+ "Error sending packet for operation\n");
+ status = TEST_FAILED;
+ goto exit;
+ }
+
+ while (rte_cryptodev_dequeue_burst(dev_id, 0, &result_op, 1) == 0)
+ rte_pause();
+
+ if (result_op == NULL) {
+ RTE_LOG(ERR, USER1,
+ "line %u FAILED: %s", __LINE__,
+ "Failed to process asym crypto op\n");
+ status = TEST_FAILED;
+ goto exit;
+ }
+
+ if (result_op->status != RTE_CRYPTO_OP_STATUS_SUCCESS) {
+ RTE_LOG(ERR, USER1,
+ "line %u FAILED: %s", __LINE__,
+ "Failed to process asym crypto op\n");
+ status = TEST_FAILED;
+ goto exit;
+ }
+
+ asym_op = result_op->asym;
+
+ debug_hexdump(stdout, "cipher:",
+ asym_op->sm2.cipher.data, asym_op->sm2.cipher.length);
+
+ /* Verify cipher (in roundtrip) */
+
+ /* Populate op with operational details */
+ op->asym->sm2.op_type = RTE_CRYPTO_ASYM_OP_DECRYPT;
+ pbuf = rte_malloc(NULL, TEST_DATA_SIZE, 0);
+ op->asym->sm2.message.data = pbuf;
+ op->asym->sm2.message.length = TEST_DATA_SIZE;
+
+ /* Enqueue cipher result for decrypt */
+ if (rte_cryptodev_enqueue_burst(dev_id, 0, &op, 1) != 1) {
+ status = TEST_FAILED;
+ RTE_LOG(ERR, USER1,
+ "line %u FAILED: %s", __LINE__,
+ "Error sending packet for operation\n");
+ goto exit;
+ }
+
+ while (rte_cryptodev_dequeue_burst(dev_id, 0, &result_op, 1) == 0)
+ rte_pause();
+
+ if (result_op == NULL) {
+ status = TEST_FAILED;
+ goto exit;
+ }
+ if (result_op->status != RTE_CRYPTO_OP_STATUS_SUCCESS) {
+ status = TEST_FAILED;
+ RTE_LOG(ERR, USER1,
+ "line %u FAILED: %s", __LINE__,
+ "SM2 encrypt failed.\n");
+ goto exit;
+ }
+
+ asym_op = result_op->asym;
+ if (memcmp(input_params.message.data, asym_op->sm2.message.data,
+ asym_op->sm2.message.length) != 0) {
+ status = TEST_FAILED;
+ RTE_LOG(ERR, USER1,
+ "line %u FAILED: %s", __LINE__,
+ "SM2 encrypt failed.\n");
+ goto exit;
+ }
+exit:
+ if (pbuf != NULL)
+ rte_free(pbuf);
+
+ if (sess != NULL)
+ rte_cryptodev_asym_session_free(dev_id, sess);
+ rte_crypto_op_free(op);
+ return status;
+};
+
+static int
+test_sm2_decrypt(void)
+{
+ struct crypto_testsuite_params_asym *ts_params = &testsuite_params;
+ struct crypto_testsuite_sm2_params input_params = sm2_param_fp256;
+ struct rte_mempool *sess_mpool = ts_params->session_mpool;
+ struct rte_mempool *op_mpool = ts_params->op_mpool;
+ uint8_t dev_id = ts_params->valid_devs[0];
+ struct rte_crypto_op *result_op = NULL;
+ uint8_t output_buf_m[TEST_DATA_SIZE];
+ struct rte_crypto_asym_xform xform;
+ struct rte_crypto_asym_op *asym_op;
+ struct rte_cryptodev_info dev_info;
+ struct rte_crypto_op *op = NULL;
+ int ret, status = TEST_SUCCESS;
+ void *sess = NULL;
+
+ rte_cryptodev_info_get(dev_id, &dev_info);
+
+ /* Setup crypto op data structure */
+ op = rte_crypto_op_alloc(op_mpool, RTE_CRYPTO_OP_TYPE_ASYMMETRIC);
+ if (op == NULL) {
+ RTE_LOG(ERR, USER1,
+ "line %u FAILED: %s", __LINE__,
+ "Failed to allocate asymmetric crypto "
+ "operation struct\n");
+ status = TEST_FAILED;
+ goto exit;
+ }
+ asym_op = op->asym;
+
+ /* Setup asym xform */
+ xform.next = NULL;
+ xform.xform_type = RTE_CRYPTO_ASYM_XFORM_SM2;
+ xform.sm2.pkey.data = input_params.pkey.data;
+ xform.sm2.pkey.length = input_params.pkey.length;
+ xform.sm2.q.x.data = input_params.pubkey_qx.data;
+ xform.sm2.q.x.length = input_params.pubkey_qx.length;
+ xform.sm2.q.y.data = input_params.pubkey_qy.data;
+ xform.sm2.q.y.length = input_params.pubkey_qy.length;
+
+ ret = rte_cryptodev_asym_session_create(dev_id, &xform, sess_mpool, &sess);
+ if (ret < 0) {
+ RTE_LOG(ERR, USER1,
+ "line %u FAILED: %s", __LINE__,
+ "Session creation failed\n");
+ status = (ret == -ENOTSUP) ? TEST_SKIPPED : TEST_FAILED;
+ goto exit;
+ }
+
+ /* Attach asymmetric crypto session to crypto operations */
+ rte_crypto_op_attach_asym_session(op, sess);
+
+ /* Compute decrypt */
+
+ /* Populate op with operational details */
+ op->asym->sm2.op_type = RTE_CRYPTO_ASYM_OP_DECRYPT;
+ op->asym->sm2.cipher.data = input_params.cipher.data;
+ op->asym->sm2.cipher.length = input_params.cipher.length;
+
+ /* Init out buf */
+ op->asym->sm2.message.data = output_buf_m;
+ op->asym->sm2.message.length = RTE_DIM(output_buf_m);
+
+ RTE_LOG(DEBUG, USER1, "Process ASYM operation\n");
+
+ /* Process crypto operation */
+ if (rte_cryptodev_enqueue_burst(dev_id, 0, &op, 1) != 1) {
+ RTE_LOG(ERR, USER1,
+ "line %u FAILED: %s", __LINE__,
+ "Error sending packet for operation\n");
+ status = TEST_FAILED;
+ goto exit;
+ }
+
+ while (rte_cryptodev_dequeue_burst(dev_id, 0, &result_op, 1) == 0)
+ rte_pause();
+
+ if (result_op == NULL) {
+ RTE_LOG(ERR, USER1,
+ "line %u FAILED: %s", __LINE__,
+ "Failed to process asym crypto op\n");
+ status = TEST_FAILED;
+ goto exit;
+ }
+
+ if (result_op->status != RTE_CRYPTO_OP_STATUS_SUCCESS) {
+ RTE_LOG(ERR, USER1,
+ "line %u FAILED: %s", __LINE__,
+ "Failed to process asym crypto op\n");
+ status = TEST_FAILED;
+ goto exit;
+ }
+
+ asym_op = result_op->asym;
+
+ debug_hexdump(stdout, "message:",
+ asym_op->sm2.message.data, asym_op->sm2.message.length);
+
+ if (memcmp(input_params.message.data, asym_op->sm2.message.data,
+ op->asym->sm2.message.length)) {
+ status = TEST_FAILED;
+ RTE_LOG(ERR, USER1,
+ "line %u FAILED: %s", __LINE__,
+ "SM2 decrypt failed.\n");
+ goto exit;
+ }
+exit:
+ if (sess != NULL)
+ rte_cryptodev_asym_session_free(dev_id, sess);
+ rte_crypto_op_free(op);
+ return status;
+};
+
static struct unit_test_suite cryptodev_openssl_asym_testsuite = {
.suite_name = "Crypto Device OPENSSL ASYM Unit Test Suite",
.setup = testsuite_setup,
@@ -2205,6 +2707,10 @@ static struct unit_test_suite cryptodev_openssl_asym_testsuite = {
TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, test_dsa),
TEST_CASE_ST(ut_setup_asym, ut_teardown_asym,
test_dh_keygenration),
+ TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, test_sm2_encrypt),
+ TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, test_sm2_sign),
+ TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, test_sm2_verify),
+ TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, test_sm2_decrypt),
TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, test_rsa_enc_dec),
TEST_CASE_ST(ut_setup_asym, ut_teardown_asym,
test_rsa_sign_verify),
new file mode 100644
@@ -0,0 +1,120 @@
+/* SPDX-License-Identifier: BSD-3-Clause
+ * Copyright(C) 2023 Marvell.
+ */
+
+#ifndef __TEST_CRYPTODEV_SM2_TEST_VECTORS_H__
+#define __TEST_CRYPTODEV_SM2_TEST_VECTORS_H__
+
+#include "rte_crypto_asym.h"
+
+struct crypto_testsuite_sm2_params {
+ rte_crypto_param pubkey_qx;
+ rte_crypto_param pubkey_qy;
+ rte_crypto_param pkey;
+ rte_crypto_param sign_r;
+ rte_crypto_param sign_s;
+ rte_crypto_param id;
+ rte_crypto_param cipher;
+ rte_crypto_param message;
+};
+
+static uint8_t fp256_pkey[] = {
+ 0x77, 0x84, 0x35, 0x65, 0x4c, 0x7a, 0x6d, 0xb1,
+ 0x1e, 0x63, 0x0b, 0x41, 0x97, 0x36, 0x04, 0xf4,
+ 0xec, 0x35, 0xee, 0x3b, 0x76, 0xc2, 0x34, 0x08,
+ 0xd9, 0x4a, 0x22, 0x0d, 0x7f, 0xf6, 0xc6, 0x90
+};
+
+static uint8_t fp256_qx[] = {
+ 0x7b, 0x24, 0xa3, 0x03, 0xcf, 0xb2, 0x22, 0xfa,
+ 0x4c, 0xb3, 0x88, 0x54, 0xf9, 0x30, 0xd1, 0x4d,
+ 0xe3, 0x50, 0xda, 0xba, 0xe6, 0xa7, 0x0b, 0x91,
+ 0x4c, 0x04, 0x0d, 0x5c, 0xe0, 0x8e, 0x86, 0xc5
+};
+
+static uint8_t fp256_qy[] = {
+ 0xbc, 0x39, 0xe3, 0x19, 0x4e, 0xd2, 0x29, 0x22,
+ 0x5b, 0x37, 0x2d, 0xeb, 0xcc, 0x05, 0x52, 0x8d,
+ 0xb9, 0x40, 0xa3, 0xab, 0x3c, 0xbe, 0x16, 0x30,
+ 0x1c, 0xe4, 0xe8, 0x7f, 0xba, 0x6e, 0x0b, 0xae
+};
+
+static uint8_t fp256_sign_r[] = {
+ 0xf3, 0x26, 0x10, 0xde, 0xfb, 0xbf, 0x13, 0xd4,
+ 0x73, 0xb1, 0xc2, 0x80, 0x51, 0x06, 0x29, 0xf9,
+ 0xfb, 0xc8, 0x11, 0xa7, 0x8d, 0x2c, 0xcb, 0x09,
+ 0x7c, 0xb2, 0xcf, 0x58, 0x0b, 0x5e, 0x25, 0xff
+};
+
+static uint8_t fp256_sign_s[] = {
+ 0x8d, 0x8d, 0xb5, 0x40, 0xe3, 0xfb, 0x98, 0xf9,
+ 0x8c, 0xe4, 0x58, 0x60, 0xf2, 0x78, 0x8f, 0xd9,
+ 0xbf, 0xb8, 0x47, 0x73, 0x88, 0xc1, 0xd1, 0xcd,
+ 0x2d, 0xdb, 0xe3, 0xc1, 0x44, 0x30, 0x25, 0x86
+};
+
+static uint8_t fp256_id[] = {
+ 0x1, 0x2, 0x3, 0x4, 0x5, 0x6, 0x7, 0x8
+};
+
+static uint8_t fp256_message[] = {
+ 0x6D, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x20,
+ 0x64, 0x69, 0x67, 0x65, 0x73, 0x74
+};
+
+static uint8_t fp256_cipher[] = {
+ 0x30, 0x78, 0x02, 0x21, 0x00, 0xAB, 0xBD, 0xE8,
+ 0xE8, 0x80, 0x93, 0x36, 0x77, 0xB6, 0x44, 0x47,
+ 0x6D, 0x00, 0xF6, 0x51, 0xC8, 0x80, 0x9C, 0x9E,
+ 0xD9, 0xEC, 0x36, 0x8A, 0x60, 0x8E, 0x26, 0x2D,
+ 0x71, 0x31, 0xB7, 0xC1, 0x38, 0x02, 0x21, 0x00,
+ 0xE1, 0xBF, 0x4C, 0x13, 0x7A, 0x87, 0x40, 0x32,
+ 0xF5, 0xA1, 0xE2, 0xA1, 0x3B, 0x83, 0xBF, 0x6B,
+ 0x3F, 0xFB, 0xC8, 0x13, 0x01, 0xDE, 0xCF, 0xC0,
+ 0xF4, 0x24, 0x66, 0x52, 0x89, 0xDA, 0x6D, 0x7A,
+ 0x04, 0x20, 0x8E, 0xFD, 0x52, 0x77, 0xC9, 0xE7,
+ 0x90, 0xD1, 0x17, 0x75, 0xDE, 0xEE, 0xF3, 0xE5,
+ 0x11, 0x0C, 0x5D, 0xE1, 0x3A, 0xB6, 0x2B, 0x72,
+ 0x60, 0xE5, 0xD5, 0xF3, 0x0F, 0xE2, 0x44, 0xDB,
+ 0xBC, 0x66, 0x04, 0x0E, 0x78, 0x2D, 0xC0, 0x3D,
+ 0x38, 0xA2, 0x42, 0xA4, 0x8E, 0x8B, 0xF5, 0x06,
+ 0x32, 0xFA
+};
+
+/** SM2 Fp256 elliptic curve test params */
+struct crypto_testsuite_sm2_params sm2_param_fp256 = {
+ .pubkey_qx = {
+ .data = fp256_qx,
+ .length = sizeof(fp256_qx),
+ },
+ .pubkey_qy = {
+ .data = fp256_qy,
+ .length = sizeof(fp256_qy),
+ },
+ .sign_r = {
+ .data = fp256_sign_r,
+ .length = sizeof(fp256_sign_r),
+ },
+ .sign_s = {
+ .data = fp256_sign_s,
+ .length = sizeof(fp256_sign_s),
+ },
+ .id = {
+ .data = fp256_id,
+ .length = sizeof(fp256_id),
+ },
+ .pkey = {
+ .data = fp256_pkey,
+ .length = sizeof(fp256_pkey),
+ },
+ .message = {
+ .data = fp256_message,
+ .length = sizeof(fp256_message),
+ },
+ .cipher = {
+ .data = fp256_cipher,
+ .length = sizeof(fp256_cipher),
+ }
+};
+
+#endif /* __TEST_CRYPTODEV_SM2_TEST_VECTORS_H__ */