diff mbox series

[RFC,2/2] test: add proper pkcs1 signature tests for rsa

Message ID 20220322081128.23733-2-arkadiuszx.kusztal@intel.com (mailing list archive)
State RFC
Delegated to: akhil goyal
Headers show
Series [RFC,1/2] cryptodev: rsa improvements | expand

Checks

Context Check Description
ci/intel-Testing success Testing PASS
ci/Intel-compilation fail Compilation issues
ci/checkpatch warning coding style issues

Commit Message

Kusztal, ArkadiuszX March 22, 2022, 8:11 a.m. UTC
This commit adds example pkcs1 signature tests.

Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
---
 app/test/test_cryptodev_asym.c           | 249 +++++++++++++++++++++++++++++--
 drivers/crypto/openssl/rte_openssl_pmd.c |  34 ++++-
 lib/cryptodev/rte_crypto_asym.h          |   6 +-
 3 files changed, 270 insertions(+), 19 deletions(-)

Comments

Kusztal, ArkadiuszX March 22, 2022, 9:13 a.m. UTC | #1
Hi,

> -----Original Message-----
> From: Kusztal, ArkadiuszX <arkadiuszx.kusztal@intel.com>
> Sent: Tuesday, March 22, 2022 9:11 AM
> To: dev@dpdk.org
> Cc: gakhil@marvell.com; Zhang, Roy Fan <roy.fan.zhang@intel.com>;
> anoobj@marvell.com; Kusztal, ArkadiuszX <arkadiuszx.kusztal@intel.com>
> Subject: [RFC PATCH 2/2] test: add proper pkcs1 signature tests for rsa
> 
> This commit adds example pkcs1 signature tests.
> 
> Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
> ---
>  app/test/test_cryptodev_asym.c           | 249
> +++++++++++++++++++++++++++++--
>  drivers/crypto/openssl/rte_openssl_pmd.c |  34 ++++-
>  lib/cryptodev/rte_crypto_asym.h          |   6 +-
>  3 files changed, 270 insertions(+), 19 deletions(-)
> 
> diff --git a/app/test/test_cryptodev_asym.c b/app/test/test_cryptodev_asym.c
> index 71378cbdb2..512eb34377 100644
> --- a/app/test/test_cryptodev_asym.c
> +++ b/app/test/test_cryptodev_asym.c
> @@ -15,6 +15,7 @@
> 
>  #include <rte_cryptodev.h>
>  #include <rte_crypto.h>
> +#include <openssl/rsa.h>
> 
>  #include "test_cryptodev.h"
>  #include "test_cryptodev_dh_test_vectors.h"
> @@ -163,6 +164,222 @@ queue_ops_rsa_sign_verify(void *sess)
>  	return status;
>  }
> 
> +/* DPDK RFC RSA 22.07 */
> +
> +static uint8_t
> +rsa_sign_pkcs_15_pt[] = {
> +	0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
> +	0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, 0x10,
> +	0x11, 0x12, 0x13, 0x14,
> +};
> +
> +static uint8_t
> +rsa_sign_pkcs_15_pt_sha256[] = {
> +	0xB1, 0xB2, 0xB3, 0xB4,	0xA1, 0xA2, 0xA3, 0xA4,
> +	0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
> +	0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, 0x10,
> +	0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, };
> +
> +static uint8_t
> +rsa_sign_pkcs_15_padded[] = {
> +	0x00, 0x01, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
> +	0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
> +	0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
> +	0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
> +	0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
> +	0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
> +	0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
> +	0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
> +	0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
> +	0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
> +	0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
> +	0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
> +	0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
> +	0xFF, 0xFF, 0xFF, 0x00, 0x01, 0x02, 0x03, 0x04,
> +	0x05, 0x06, 0x07, 0x08,	0x09, 0x0A, 0x0B, 0x0C,
> +	0x0D, 0x0E, 0x0F, 0x10,	0x11, 0x12, 0x13, 0x14,
> +};
> +
> +static uint8_t
> +rsa_sign_pkcs_15_padded_digestinfo_sha1[] = {
> +	0x00, 0x01, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
> +	0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
> +	0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
> +	0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
> +	0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
> +	0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
> +	0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
> +	0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
> +	0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
> +	0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
> +	0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
> +	0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x30, 0x21, 0x30,
> +	0x09, 0x06, 0x05, 0x2b, 0x0e, 0x03, 0x02, 0x1a,
> +	0x05, 0x00, 0x04, 0x14, 0x01, 0x02, 0x03, 0x04,
> +	0x05, 0x06, 0x07, 0x08,	0x09, 0x0A, 0x0B, 0x0C,
> +	0x0D, 0x0E, 0x0F, 0x10,	0x11, 0x12, 0x13, 0x14,
> +};
> +
> +static uint8_t
> +rsa_sign_pkcs_15_padded_digestinfo_sha256[] = {
> +	0x00, 0x01, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
> +	0xFF, 0xFF, 0xFF, 0xFF,	0xFF, 0xFF, 0xFF, 0xFF,
> +	0xFF, 0xFF, 0xFF, 0xFF,	0xFF, 0xFF, 0xFF, 0xFF,
> +	0xFF, 0xFF, 0xFF, 0xFF,	0xFF, 0xFF, 0xFF, 0xFF,
> +	0xFF, 0xFF, 0xFF, 0xFF,	0xFF, 0xFF, 0xFF, 0xFF,
> +	0xFF, 0xFF, 0xFF, 0xFF,	0xFF, 0xFF, 0xFF, 0xFF,
> +	0xFF, 0xFF, 0xFF, 0xFF,	0xFF, 0xFF, 0xFF, 0xFF,
> +	0xFF, 0xFF, 0xFF, 0xFF,	0xFF, 0xFF, 0xFF, 0xFF,
> +	0xFF, 0xFF, 0xFF, 0xFF,	0xFF, 0xFF, 0xFF, 0xFF,
> +	0xFF, 0xFF, 0xFF, 0xFF,	0x00, 0x30, 0x31, 0x30,
> +	0x0d, 0x06, 0x09, 0x60,	0x86, 0x48, 0x01, 0x65,
> +	0x03, 0x04, 0x02, 0x01,	0x05, 0x00, 0x04, 0x20,
> +	0xB1, 0xB2, 0xB3, 0xB4,	0xA1, 0xA2, 0xA3, 0xA4,
> +	0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
> +	0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, 0x10,
> +	0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, };
> +
> +static void*
> +rfc2207_rsa_sign_pkcs_15_sesscreat(void)
> +{
> +	struct crypto_testsuite_params_asym *ts_params = &testsuite_params;
> +	struct rte_mempool *sess_mpool = ts_params->session_mpool;
> +	uint8_t dev_id = ts_params->valid_devs[0];
> +	static void *sess = NULL;
> +	int ret;
> +
> +	if (sess)
> +		return sess;
> +	ret = rte_cryptodev_asym_session_create(dev_id, &rsa_xform,
> +sess_mpool, &sess);
> +
> +	if (ret < 0) {
> +		RTE_LOG(ERR, USER1, "Session creation failed for "
> +			"sign_verify\n");
> +		return NULL;
> +	}
> +	return sess;
> +}
> +
> +struct rfc2207_rsa_test_data
> +{
> +	enum rte_crypto_rsa_padding_type type;
> +	rte_crypto_param input;
> +	enum rte_crypto_auth_algorithm hash;
> +};
> +
[Arek] - rfc2207_rsa_test_data_ssl23 and rfc2207_rsa_test_data_pkcs15_sha1 creates PKCS1_5 signature from same data, but signatures are different as 
RTE_CRYPTO_RSA_PADDING_SSL23 (PKCS1_5 flag in other patch) which is what we currently have in Cryptodev does not use AlgorithmIdentifier.

> +struct rfc2207_rsa_test_data
> +rfc2207_rsa_test_data_ssl23 = {
> +	.type = RTE_CRYPTO_RSA_PADDING_SSL23,
> +	.input.data = rsa_sign_pkcs_15_pt,
> +	.input.length = sizeof(rsa_sign_pkcs_15_pt), };
> +
> +struct rfc2207_rsa_test_data
> +rfc2207_rsa_test_data_ssl23_padded = {
> +	.type = RTE_CRYPTO_RSA_PADDING_NONE,
> +	.input.data = rsa_sign_pkcs_15_padded,
> +	.input.length = sizeof(rsa_sign_pkcs_15_padded), };
> +
> +struct rfc2207_rsa_test_data
> +rfc2207_rsa_test_data_pkcs15_sha1 = {
> +	.type = RTE_CRYPTO_RSA_PADDING_PKCS1_5,
> +	.hash = RTE_CRYPTO_AUTH_SHA1,
> +	.input.data = rsa_sign_pkcs_15_pt,
> +	.input.length = sizeof(rsa_sign_pkcs_15_pt), };
> +
> +struct rfc2207_rsa_test_data
> +rfc2207_rsa_test_data_pkcs15_digestinfo_sha1 = {
> +	.type = RTE_CRYPTO_RSA_PADDING_NONE,
> +	.input.data = rsa_sign_pkcs_15_padded_digestinfo_sha1,
> +	.input.length = sizeof(rsa_sign_pkcs_15_padded_digestinfo_sha1),
> +};
> +
> +struct rfc2207_rsa_test_data
> +rfc2207_rsa_test_data_pkcs15_sha256 = {
> +	.type = RTE_CRYPTO_RSA_PADDING_PKCS1_5,
> +	.hash = RTE_CRYPTO_AUTH_SHA256,
> +	.input.data = rsa_sign_pkcs_15_pt_sha256,
> +	.input.length = sizeof(rsa_sign_pkcs_15_pt_sha256),
> +};
> +
> +struct rfc2207_rsa_test_data
> +rfc2207_rsa_test_data_pkcs15_digestinfo_sha256 = {
> +	.type = RTE_CRYPTO_RSA_PADDING_NONE,
> +	.input.data = rsa_sign_pkcs_15_padded_digestinfo_sha256,
> +	.input.length = sizeof(rsa_sign_pkcs_15_padded_digestinfo_sha256),
> +};
> +
> +struct rfc2207_rsa_test_data
> +rfc2207_rsa_test_data_pkcs15_oaep = {
> +	.type = RTE_CRYPTO_RSA_PADDING_NONE,
> +	.input.data = rsa_sign_pkcs_15_padded_digestinfo_sha256,
> +	.input.length = sizeof(rsa_sign_pkcs_15_padded_digestinfo_sha256),
> +};
> +
> +static int
> +rfc2207_rsa_sign_pkcs_15(const void *test_data) {
> +	struct crypto_testsuite_params_asym *ts_params;
> +	uint8_t dev_id;
> +	struct rte_crypto_op *op, *result_op;
> +	struct rte_crypto_asym_op *asym_op;
> +	struct rte_mempool *op_mpool;
> +	void *sess;
> +	uint8_t result[TEST_DATA_SIZE];
> +	const struct rfc2207_rsa_test_data *tdata = test_data;
> +
> +	ts_params = &testsuite_params;
> +	dev_id = ts_params->valid_devs[0];
> +	op_mpool = ts_params->op_mpool;
> +	op = rte_crypto_op_alloc(op_mpool,
> RTE_CRYPTO_OP_TYPE_ASYMMETRIC);
> +	if (op == NULL) {
> +		RTE_LOG(ERR, USER1, "Failed to allocate asymmetric crypto "
> +			"operation struct\n");
> +		return TEST_FAILED;
> +	}
> +
> +	sess = rfc2207_rsa_sign_pkcs_15_sesscreat();
> +	if (sess == NULL) {
> +		RTE_LOG(ERR, USER1, "Failed to allocate asymmetric crypto "
> +			"operation struct\n");
> +		return TEST_FAILED;
> +	}
> +
> +	asym_op = op->asym;
> +	asym_op->rsa.op_type = RTE_CRYPTO_ASYM_OP_SIGN;
> +	asym_op->rsa.padding.type = tdata->type;
> +	asym_op->rsa.padding.hash = tdata->hash;
> +	asym_op->rsa.input = tdata->input;
> +	asym_op->rsa.output.data = result;
> +
> +	rte_crypto_op_attach_asym_session(op, sess);
> +
> +	/* Process crypto operation */
> +	if (rte_cryptodev_enqueue_burst(dev_id, 0, &op, 1) != 1) {
> +		RTE_LOG(ERR, USER1, "Error sending packet for encryption\n");
> +		return -1;
> +	}
> +
> +	while (rte_cryptodev_dequeue_burst(dev_id, 0, &result_op, 1) == 0)
> +		rte_pause();
> +
> +	if (result_op == NULL) {
> +		RTE_LOG(ERR, USER1, "Failed to process encryption op\n");
> +		return -1;
> +	}
> +
> +	printf("\nOutput len = %lu", asym_op->rsa.output.length);
> +	rte_hexdump(stdout, "Signature", asym_op->rsa.output.data,
> +asym_op->rsa.output.length);
> +
> +	return 0;
> +}
> +
> +/* !---! DPDK RFC RSA 22.07 */
> +
>  static int
>  queue_ops_rsa_enc_dec(void *sess)
>  {
> @@ -2147,20 +2364,32 @@ static struct unit_test_suite
> cryptodev_openssl_asym_testsuite  = {
>  	.setup = testsuite_setup,
>  	.teardown = testsuite_teardown,
>  	.unit_test_cases = {
> -		TEST_CASE_ST(ut_setup_asym, ut_teardown_asym,
> test_capability),
> -		TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, test_dsa),
> -		TEST_CASE_ST(ut_setup_asym, ut_teardown_asym,
> +		TEST_CASE_ST_DISABLED(ut_setup_asym, ut_teardown_asym,
> test_capability),
> +		TEST_CASE_ST_DISABLED(ut_setup_asym, ut_teardown_asym,
> test_dsa),
> +		TEST_CASE_ST_DISABLED(ut_setup_asym, ut_teardown_asym,
>  				test_dh_keygenration),
> -		TEST_CASE_ST(ut_setup_asym, ut_teardown_asym,
> test_rsa_enc_dec),
> -		TEST_CASE_ST(ut_setup_asym, ut_teardown_asym,
> +		TEST_CASE_ST_DISABLED(ut_setup_asym, ut_teardown_asym,
> test_rsa_enc_dec),
> +		TEST_CASE_ST_DISABLED(ut_setup_asym, ut_teardown_asym,
>  				test_rsa_sign_verify),
> -		TEST_CASE_ST(ut_setup_asym, ut_teardown_asym,
> +		TEST_CASE_ST_DISABLED(ut_setup_asym, ut_teardown_asym,
>  				test_rsa_enc_dec_crt),
> -		TEST_CASE_ST(ut_setup_asym, ut_teardown_asym,
> +		TEST_CASE_ST_DISABLED(ut_setup_asym, ut_teardown_asym,
>  				test_rsa_sign_verify_crt),
> -		TEST_CASE_ST(ut_setup_asym, ut_teardown_asym,
> test_mod_inv),
> -		TEST_CASE_ST(ut_setup_asym, ut_teardown_asym,
> test_mod_exp),
> -		TEST_CASE_ST(ut_setup_asym, ut_teardown_asym,
> test_one_by_one),
> +		TEST_CASE_ST_DISABLED(ut_setup_asym, ut_teardown_asym,
> test_mod_inv),
> +		TEST_CASE_ST_DISABLED(ut_setup_asym, ut_teardown_asym,
> test_mod_exp),
> +		TEST_CASE_ST_DISABLED(ut_setup_asym, ut_teardown_asym,
> test_one_by_one),
> +
> 	TEST_CASE_NAMED_WITH_DATA("rfc2207_rsa_sign_pkcs_15_ssl23",
> ut_setup_asym, ut_teardown_asym,
> +				rfc2207_rsa_sign_pkcs_15,
> &rfc2207_rsa_test_data_ssl23),
> +
> 	TEST_CASE_NAMED_WITH_DATA("rfc2207_rsa_sign_pkcs_15_ssl23_pa
> dded", ut_setup_asym, ut_teardown_asym,
> +				rfc2207_rsa_sign_pkcs_15,
> &rfc2207_rsa_test_data_ssl23_padded),
> +
> 	TEST_CASE_NAMED_WITH_DATA("rfc2207_rsa_sign_pkcs_15_sha1",
> ut_setup_asym, ut_teardown_asym,
> +				rfc2207_rsa_sign_pkcs_15,
> &rfc2207_rsa_test_data_pkcs15_sha1),
> +
> 	TEST_CASE_NAMED_WITH_DATA("rfc2207_rsa_sign_pkcs_15_digestinf
> o_sha1", ut_setup_asym, ut_teardown_asym,
> +				rfc2207_rsa_sign_pkcs_15,
> &rfc2207_rsa_test_data_pkcs15_digestinfo_sha1),
> +
> 	TEST_CASE_NAMED_WITH_DATA("rfc2207_rsa_sign_pkcs_15_sha256",
> ut_setup_asym, ut_teardown_asym,
> +				rfc2207_rsa_sign_pkcs_15,
> &rfc2207_rsa_test_data_pkcs15_sha256),
> +
> 	TEST_CASE_NAMED_WITH_DATA("rfc2207_rsa_sign_pkcs_15_digestinf
> o_sha256", ut_setup_asym, ut_teardown_asym,
> +				rfc2207_rsa_sign_pkcs_15,
> +&rfc2207_rsa_test_data_pkcs15_digestinfo_sha256),
>  		TEST_CASES_END() /**< NULL terminate unit test array */
>  	}
>  };
> diff --git a/drivers/crypto/openssl/rte_openssl_pmd.c
> b/drivers/crypto/openssl/rte_openssl_pmd.c
> index 45cee47c5d..32da143ea0 100644
> --- a/drivers/crypto/openssl/rte_openssl_pmd.c
> +++ b/drivers/crypto/openssl/rte_openssl_pmd.c
> @@ -1899,11 +1899,24 @@ process_openssl_rsa_op(struct rte_crypto_op
> *cop,
>  	RSA *rsa = sess->u.r.rsa;
>  	uint32_t pad = (op->rsa.padding.type);
>  	uint8_t *tmp;
> +	int sha;
> +
> +	switch (op->rsa.padding.hash) {
> +	case RTE_CRYPTO_AUTH_SHA1:
> +		sha = NID_sha1;
> +		break;
> +	case RTE_CRYPTO_AUTH_SHA256:
> +		sha = NID_sha256;
> +		break;
> +	default:
> +		sha = NID_sha1;
> +	}
> 
>  	cop->status = RTE_CRYPTO_OP_STATUS_SUCCESS;
> 
>  	switch (pad) {
>  	case RTE_CRYPTO_RSA_PADDING_PKCS1_5:
> +	case RTE_CRYPTO_RSA_PADDING_SSL23:
>  		pad = RSA_PKCS1_PADDING;
>  		break;
>  	case RTE_CRYPTO_RSA_PADDING_NONE:
> @@ -1941,13 +1954,20 @@ process_openssl_rsa_op(struct rte_crypto_op
> *cop,
>  		break;
> 
>  	case RTE_CRYPTO_ASYM_OP_SIGN:
> -		ret = RSA_private_encrypt(op->rsa.input.length,
> -				op->rsa.input.data,
> -				op->rsa.output.data,
> -				rsa,
> -				pad);
> -		if (ret > 0)
> -			op->rsa.output.length = ret;
> +		if (op->rsa.padding.type !=
> RTE_CRYPTO_RSA_PADDING_PKCS1_5) {
> +			ret = RSA_private_encrypt(op->rsa.input.length,
> +					op->rsa.input.data,
> +					op->rsa.output.data,
> +					rsa,
> +					pad);
> +			if (ret > 0)
> +				op->rsa.output.length = ret;
> +		} else {
> +			ret = RSA_sign(sha, op->rsa.input.data, op-
> >rsa.input.length,
> +						op->rsa.output.data, (unsigned
> int *)&op->rsa.output.length, rsa);
> +			if (ret == 0)
> +				ret = -1;
> +		}
>  		break;
> 
>  	case RTE_CRYPTO_ASYM_OP_VERIFY:
> diff --git a/lib/cryptodev/rte_crypto_asym.h b/lib/cryptodev/rte_crypto_asym.h
> index 834e06b96b..b3906b08e3 100644
> --- a/lib/cryptodev/rte_crypto_asym.h
> +++ b/lib/cryptodev/rte_crypto_asym.h
> @@ -149,6 +149,7 @@ enum rte_crypto_mgf {
>  /**
>   * Padding types for RSA signature.
>   */
> + #define TEMP
>  enum rte_crypto_rsa_padding_type {
>  	RTE_CRYPTO_RSA_PADDING_NONE = 0,
>  	/**< RSA no padding scheme */
> @@ -160,6 +161,7 @@ enum rte_crypto_rsa_padding_type {
>  	/**< RSA PKCS#1 OAEP padding scheme */
>  	RTE_CRYPTO_RSA_PADDING_PSS,
>  	/**< RSA PKCS#1 PSS padding scheme */
> +	TEMP RTE_CRYPTO_RSA_PADDING_SSL23,
>  	RTE_CRYPTO_RSA_PADDING_TYPE_LIST_END
>  };
> 
> @@ -426,7 +428,7 @@ struct rte_crypto_rsa_op_param {
>  	 *
>  	 * If padding.type = RTE_CRYPTO_RSA_PADDING_NONE
>  	 * input should only be used along with cryptographically
> -	 * secure padding scheme.	 *
> +	 * secure padding scheme.
>  	 * If padding.type = RTE_CRYPTO_RSA_PADDING_PKCS1_5 or
>  	 * RTE_CRYPTO_RSA_PADDING_PSS
>  	 * if the RTE_CRYPTO_RSA_FLAG_PT flag is set, input shall contain @@ -
> 434,7 +436,7 @@ struct rte_crypto_rsa_op_param {
>  	 * the digest of the message to be signed.
>  	 *
>  	 * When op_type == RTE_CRYPTO_ASYM_OP_DECRYPT:
> -	 *
> +	 *
>  	 * Input shall contain previously encrypted RSA message.
>  	 *
>  	 * When op_type == RTE_CRYPTO_ASYM_OP_VERIFY:
> --
> 2.13.6
Kusztal, ArkadiuszX March 22, 2022, 10:23 a.m. UTC | #2
More explanation below.

> -----Original Message-----
> From: Kusztal, ArkadiuszX
> Sent: Tuesday, March 22, 2022 10:14 AM
> To: dev@dpdk.org
> Cc: gakhil@marvell.com; Zhang, Roy Fan <roy.fan.zhang@intel.com>;
> anoobj@marvell.com
> Subject: RE: [RFC PATCH 2/2] test: add proper pkcs1 signature tests for rsa
> 
> Hi,
> 
> > -----Original Message-----
> > From: Kusztal, ArkadiuszX <arkadiuszx.kusztal@intel.com>
> > Sent: Tuesday, March 22, 2022 9:11 AM
> > To: dev@dpdk.org
> > Cc: gakhil@marvell.com; Zhang, Roy Fan <roy.fan.zhang@intel.com>;
> > anoobj@marvell.com; Kusztal, ArkadiuszX <arkadiuszx.kusztal@intel.com>
> > Subject: [RFC PATCH 2/2] test: add proper pkcs1 signature tests for
> > rsa
> >
> > This commit adds example pkcs1 signature tests.
> >
> > Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
> > ---
> >  app/test/test_cryptodev_asym.c           | 249
> > +++++++++++++++++++++++++++++--
> >  drivers/crypto/openssl/rte_openssl_pmd.c |  34 ++++-
> >  lib/cryptodev/rte_crypto_asym.h          |   6 +-
> >  3 files changed, 270 insertions(+), 19 deletions(-)
> >
> > diff --git a/app/test/test_cryptodev_asym.c
> > b/app/test/test_cryptodev_asym.c index 71378cbdb2..512eb34377 100644
> > --- a/app/test/test_cryptodev_asym.c
> > +++ b/app/test/test_cryptodev_asym.c
> > @@ -15,6 +15,7 @@
> >
> >  #include <rte_cryptodev.h>
> >  #include <rte_crypto.h>
> > +#include <openssl/rsa.h>
> >
> >  #include "test_cryptodev.h"
> >  #include "test_cryptodev_dh_test_vectors.h"
> > @@ -163,6 +164,222 @@ queue_ops_rsa_sign_verify(void *sess)
> >  	return status;
> >  }
> >
> > +/* DPDK RFC RSA 22.07 */
> > +
> > +static uint8_t
> > +rsa_sign_pkcs_15_pt[] = {
> > +	0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
> > +	0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, 0x10,
> > +	0x11, 0x12, 0x13, 0x14,
> > +};
> > +
> > +static uint8_t
> > +rsa_sign_pkcs_15_pt_sha256[] = {
> > +	0xB1, 0xB2, 0xB3, 0xB4,	0xA1, 0xA2, 0xA3, 0xA4,
> > +	0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
> > +	0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, 0x10,
> > +	0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, };
> > +
> > +static uint8_t
> > +rsa_sign_pkcs_15_padded[] = {
> > +	0x00, 0x01, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
> > +	0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
> > +	0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
> > +	0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
> > +	0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
> > +	0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
> > +	0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
> > +	0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
> > +	0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
> > +	0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
> > +	0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
> > +	0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
> > +	0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
> > +	0xFF, 0xFF, 0xFF, 0x00, 0x01, 0x02, 0x03, 0x04,
> > +	0x05, 0x06, 0x07, 0x08,	0x09, 0x0A, 0x0B, 0x0C,
> > +	0x0D, 0x0E, 0x0F, 0x10,	0x11, 0x12, 0x13, 0x14,
> > +};
> > +
> > +static uint8_t
> > +rsa_sign_pkcs_15_padded_digestinfo_sha1[] = {
> > +	0x00, 0x01, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
> > +	0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
> > +	0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
> > +	0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
> > +	0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
> > +	0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
> > +	0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
> > +	0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
> > +	0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
> > +	0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
> > +	0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
> > +	0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x30, 0x21, 0x30,
> > +	0x09, 0x06, 0x05, 0x2b, 0x0e, 0x03, 0x02, 0x1a,
> > +	0x05, 0x00, 0x04, 0x14, 0x01, 0x02, 0x03, 0x04,
> > +	0x05, 0x06, 0x07, 0x08,	0x09, 0x0A, 0x0B, 0x0C,
> > +	0x0D, 0x0E, 0x0F, 0x10,	0x11, 0x12, 0x13, 0x14,
> > +};
> > +
> > +static uint8_t
> > +rsa_sign_pkcs_15_padded_digestinfo_sha256[] = {
> > +	0x00, 0x01, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
> > +	0xFF, 0xFF, 0xFF, 0xFF,	0xFF, 0xFF, 0xFF, 0xFF,
> > +	0xFF, 0xFF, 0xFF, 0xFF,	0xFF, 0xFF, 0xFF, 0xFF,
> > +	0xFF, 0xFF, 0xFF, 0xFF,	0xFF, 0xFF, 0xFF, 0xFF,
> > +	0xFF, 0xFF, 0xFF, 0xFF,	0xFF, 0xFF, 0xFF, 0xFF,
> > +	0xFF, 0xFF, 0xFF, 0xFF,	0xFF, 0xFF, 0xFF, 0xFF,
> > +	0xFF, 0xFF, 0xFF, 0xFF,	0xFF, 0xFF, 0xFF, 0xFF,
> > +	0xFF, 0xFF, 0xFF, 0xFF,	0xFF, 0xFF, 0xFF, 0xFF,
> > +	0xFF, 0xFF, 0xFF, 0xFF,	0xFF, 0xFF, 0xFF, 0xFF,
> > +	0xFF, 0xFF, 0xFF, 0xFF,	0x00, 0x30, 0x31, 0x30,
> > +	0x0d, 0x06, 0x09, 0x60,	0x86, 0x48, 0x01, 0x65,
> > +	0x03, 0x04, 0x02, 0x01,	0x05, 0x00, 0x04, 0x20,
> > +	0xB1, 0xB2, 0xB3, 0xB4,	0xA1, 0xA2, 0xA3, 0xA4,
> > +	0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
> > +	0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, 0x10,
> > +	0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, };
> > +
> > +static void*
> > +rfc2207_rsa_sign_pkcs_15_sesscreat(void)
> > +{
> > +	struct crypto_testsuite_params_asym *ts_params = &testsuite_params;
> > +	struct rte_mempool *sess_mpool = ts_params->session_mpool;
> > +	uint8_t dev_id = ts_params->valid_devs[0];
> > +	static void *sess = NULL;
> > +	int ret;
> > +
> > +	if (sess)
> > +		return sess;
> > +	ret = rte_cryptodev_asym_session_create(dev_id, &rsa_xform,
> > +sess_mpool, &sess);
> > +
> > +	if (ret < 0) {
> > +		RTE_LOG(ERR, USER1, "Session creation failed for "
> > +			"sign_verify\n");
> > +		return NULL;
> > +	}
> > +	return sess;
> > +}
> > +
> > +struct rfc2207_rsa_test_data
> > +{
> > +	enum rte_crypto_rsa_padding_type type;
> > +	rte_crypto_param input;
> > +	enum rte_crypto_auth_algorithm hash; };
> > +
> [Arek] - rfc2207_rsa_test_data_ssl23 and rfc2207_rsa_test_data_pkcs15_sha1
> creates PKCS1_5 signature from same data, but signatures are different as
> RTE_CRYPTO_RSA_PADDING_SSL23 (PKCS1_5 flag in other patch) which is what
> we currently have in Cryptodev does not use AlgorithmIdentifier.
[Arek] - this patch is not meant to be applied, but only to show what kind of problem we are dealing with right now in terms of RSA padding.
And why OpenSSL RSA_private_encrypt is not doing proper signature, but still this option may be in Cryptodev (pre TLS1.1) as a different padding or RSA flag.
> 
> > +struct rfc2207_rsa_test_data
> > +rfc2207_rsa_test_data_ssl23 = {
> > +	.type = RTE_CRYPTO_RSA_PADDING_SSL23,
> > +	.input.data = rsa_sign_pkcs_15_pt,
> > +	.input.length = sizeof(rsa_sign_pkcs_15_pt), };
> > +
> > +struct rfc2207_rsa_test_data
> > +rfc2207_rsa_test_data_ssl23_padded = {
> > +	.type = RTE_CRYPTO_RSA_PADDING_NONE,
> > +	.input.data = rsa_sign_pkcs_15_padded,
> > +	.input.length = sizeof(rsa_sign_pkcs_15_padded), };
> > +
> > +struct rfc2207_rsa_test_data
> > +rfc2207_rsa_test_data_pkcs15_sha1 = {
> > +	.type = RTE_CRYPTO_RSA_PADDING_PKCS1_5,
> > +	.hash = RTE_CRYPTO_AUTH_SHA1,
> > +	.input.data = rsa_sign_pkcs_15_pt,
> > +	.input.length = sizeof(rsa_sign_pkcs_15_pt), };
> > +
> > +struct rfc2207_rsa_test_data
> > +rfc2207_rsa_test_data_pkcs15_digestinfo_sha1 = {
> > +	.type = RTE_CRYPTO_RSA_PADDING_NONE,
> > +	.input.data = rsa_sign_pkcs_15_padded_digestinfo_sha1,
> > +	.input.length = sizeof(rsa_sign_pkcs_15_padded_digestinfo_sha1),
> > +};
> > +
> > +struct rfc2207_rsa_test_data
> > +rfc2207_rsa_test_data_pkcs15_sha256 = {
> > +	.type = RTE_CRYPTO_RSA_PADDING_PKCS1_5,
> > +	.hash = RTE_CRYPTO_AUTH_SHA256,
> > +	.input.data = rsa_sign_pkcs_15_pt_sha256,
> > +	.input.length = sizeof(rsa_sign_pkcs_15_pt_sha256),
> > +};
> > +
> > +struct rfc2207_rsa_test_data
> > +rfc2207_rsa_test_data_pkcs15_digestinfo_sha256 = {
> > +	.type = RTE_CRYPTO_RSA_PADDING_NONE,
> > +	.input.data = rsa_sign_pkcs_15_padded_digestinfo_sha256,
> > +	.input.length = sizeof(rsa_sign_pkcs_15_padded_digestinfo_sha256),
> > +};
> > +
> > +struct rfc2207_rsa_test_data
> > +rfc2207_rsa_test_data_pkcs15_oaep = {
> > +	.type = RTE_CRYPTO_RSA_PADDING_NONE,
> > +	.input.data = rsa_sign_pkcs_15_padded_digestinfo_sha256,
> > +	.input.length = sizeof(rsa_sign_pkcs_15_padded_digestinfo_sha256),
> > +};
> > +
> > +static int
> > +rfc2207_rsa_sign_pkcs_15(const void *test_data) {
> > +	struct crypto_testsuite_params_asym *ts_params;
> > +	uint8_t dev_id;
> > +	struct rte_crypto_op *op, *result_op;
> > +	struct rte_crypto_asym_op *asym_op;
> > +	struct rte_mempool *op_mpool;
> > +	void *sess;
> > +	uint8_t result[TEST_DATA_SIZE];
> > +	const struct rfc2207_rsa_test_data *tdata = test_data;
> > +
> > +	ts_params = &testsuite_params;
> > +	dev_id = ts_params->valid_devs[0];
> > +	op_mpool = ts_params->op_mpool;
> > +	op = rte_crypto_op_alloc(op_mpool,
> > RTE_CRYPTO_OP_TYPE_ASYMMETRIC);
> > +	if (op == NULL) {
> > +		RTE_LOG(ERR, USER1, "Failed to allocate asymmetric crypto "
> > +			"operation struct\n");
> > +		return TEST_FAILED;
> > +	}
> > +
> > +	sess = rfc2207_rsa_sign_pkcs_15_sesscreat();
> > +	if (sess == NULL) {
> > +		RTE_LOG(ERR, USER1, "Failed to allocate asymmetric crypto "
> > +			"operation struct\n");
> > +		return TEST_FAILED;
> > +	}
> > +
> > +	asym_op = op->asym;
> > +	asym_op->rsa.op_type = RTE_CRYPTO_ASYM_OP_SIGN;
> > +	asym_op->rsa.padding.type = tdata->type;
> > +	asym_op->rsa.padding.hash = tdata->hash;
> > +	asym_op->rsa.input = tdata->input;
> > +	asym_op->rsa.output.data = result;
> > +
> > +	rte_crypto_op_attach_asym_session(op, sess);
> > +
> > +	/* Process crypto operation */
> > +	if (rte_cryptodev_enqueue_burst(dev_id, 0, &op, 1) != 1) {
> > +		RTE_LOG(ERR, USER1, "Error sending packet for encryption\n");
> > +		return -1;
> > +	}
> > +
> > +	while (rte_cryptodev_dequeue_burst(dev_id, 0, &result_op, 1) == 0)
> > +		rte_pause();
> > +
> > +	if (result_op == NULL) {
> > +		RTE_LOG(ERR, USER1, "Failed to process encryption op\n");
> > +		return -1;
> > +	}
> > +
> > +	printf("\nOutput len = %lu", asym_op->rsa.output.length);
> > +	rte_hexdump(stdout, "Signature", asym_op->rsa.output.data,
> > +asym_op->rsa.output.length);
> > +
> > +	return 0;
> > +}
> > +
> > +/* !---! DPDK RFC RSA 22.07 */
> > +
> >  static int
> >  queue_ops_rsa_enc_dec(void *sess)
> >  {
> > @@ -2147,20 +2364,32 @@ static struct unit_test_suite
> > cryptodev_openssl_asym_testsuite  = {
> >  	.setup = testsuite_setup,
> >  	.teardown = testsuite_teardown,
> >  	.unit_test_cases = {
> > -		TEST_CASE_ST(ut_setup_asym, ut_teardown_asym,
> > test_capability),
> > -		TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, test_dsa),
> > -		TEST_CASE_ST(ut_setup_asym, ut_teardown_asym,
> > +		TEST_CASE_ST_DISABLED(ut_setup_asym, ut_teardown_asym,
> > test_capability),
> > +		TEST_CASE_ST_DISABLED(ut_setup_asym, ut_teardown_asym,
> > test_dsa),
> > +		TEST_CASE_ST_DISABLED(ut_setup_asym, ut_teardown_asym,
> >  				test_dh_keygenration),
> > -		TEST_CASE_ST(ut_setup_asym, ut_teardown_asym,
> > test_rsa_enc_dec),
> > -		TEST_CASE_ST(ut_setup_asym, ut_teardown_asym,
> > +		TEST_CASE_ST_DISABLED(ut_setup_asym, ut_teardown_asym,
> > test_rsa_enc_dec),
> > +		TEST_CASE_ST_DISABLED(ut_setup_asym, ut_teardown_asym,
> >  				test_rsa_sign_verify),
> > -		TEST_CASE_ST(ut_setup_asym, ut_teardown_asym,
> > +		TEST_CASE_ST_DISABLED(ut_setup_asym, ut_teardown_asym,
> >  				test_rsa_enc_dec_crt),
> > -		TEST_CASE_ST(ut_setup_asym, ut_teardown_asym,
> > +		TEST_CASE_ST_DISABLED(ut_setup_asym, ut_teardown_asym,
> >  				test_rsa_sign_verify_crt),
> > -		TEST_CASE_ST(ut_setup_asym, ut_teardown_asym,
> > test_mod_inv),
> > -		TEST_CASE_ST(ut_setup_asym, ut_teardown_asym,
> > test_mod_exp),
> > -		TEST_CASE_ST(ut_setup_asym, ut_teardown_asym,
> > test_one_by_one),
> > +		TEST_CASE_ST_DISABLED(ut_setup_asym, ut_teardown_asym,
> > test_mod_inv),
> > +		TEST_CASE_ST_DISABLED(ut_setup_asym, ut_teardown_asym,
> > test_mod_exp),
> > +		TEST_CASE_ST_DISABLED(ut_setup_asym, ut_teardown_asym,
> > test_one_by_one),
> > +
> > 	TEST_CASE_NAMED_WITH_DATA("rfc2207_rsa_sign_pkcs_15_ssl23",
> > ut_setup_asym, ut_teardown_asym,
> > +				rfc2207_rsa_sign_pkcs_15,
> > &rfc2207_rsa_test_data_ssl23),
> > +
> > 	TEST_CASE_NAMED_WITH_DATA("rfc2207_rsa_sign_pkcs_15_ssl23_pa
> > dded", ut_setup_asym, ut_teardown_asym,
> > +				rfc2207_rsa_sign_pkcs_15,
> > &rfc2207_rsa_test_data_ssl23_padded),
> > +
> > 	TEST_CASE_NAMED_WITH_DATA("rfc2207_rsa_sign_pkcs_15_sha1",
> > ut_setup_asym, ut_teardown_asym,
> > +				rfc2207_rsa_sign_pkcs_15,
> > &rfc2207_rsa_test_data_pkcs15_sha1),
> > +
> > 	TEST_CASE_NAMED_WITH_DATA("rfc2207_rsa_sign_pkcs_15_digestinf
> > o_sha1", ut_setup_asym, ut_teardown_asym,
> > +				rfc2207_rsa_sign_pkcs_15,
> > &rfc2207_rsa_test_data_pkcs15_digestinfo_sha1),
> > +
> > 	TEST_CASE_NAMED_WITH_DATA("rfc2207_rsa_sign_pkcs_15_sha256",
> > ut_setup_asym, ut_teardown_asym,
> > +				rfc2207_rsa_sign_pkcs_15,
> > &rfc2207_rsa_test_data_pkcs15_sha256),
> > +
> > 	TEST_CASE_NAMED_WITH_DATA("rfc2207_rsa_sign_pkcs_15_digestinf
> > o_sha256", ut_setup_asym, ut_teardown_asym,
> > +				rfc2207_rsa_sign_pkcs_15,
> > +&rfc2207_rsa_test_data_pkcs15_digestinfo_sha256),
> >  		TEST_CASES_END() /**< NULL terminate unit test array */
> >  	}
> >  };
> > diff --git a/drivers/crypto/openssl/rte_openssl_pmd.c
> > b/drivers/crypto/openssl/rte_openssl_pmd.c
> > index 45cee47c5d..32da143ea0 100644
> > --- a/drivers/crypto/openssl/rte_openssl_pmd.c
> > +++ b/drivers/crypto/openssl/rte_openssl_pmd.c
> > @@ -1899,11 +1899,24 @@ process_openssl_rsa_op(struct rte_crypto_op
> > *cop,
> >  	RSA *rsa = sess->u.r.rsa;
> >  	uint32_t pad = (op->rsa.padding.type);
> >  	uint8_t *tmp;
> > +	int sha;
> > +
> > +	switch (op->rsa.padding.hash) {
> > +	case RTE_CRYPTO_AUTH_SHA1:
> > +		sha = NID_sha1;
> > +		break;
> > +	case RTE_CRYPTO_AUTH_SHA256:
> > +		sha = NID_sha256;
> > +		break;
> > +	default:
> > +		sha = NID_sha1;
> > +	}
> >
> >  	cop->status = RTE_CRYPTO_OP_STATUS_SUCCESS;
> >
> >  	switch (pad) {
> >  	case RTE_CRYPTO_RSA_PADDING_PKCS1_5:
> > +	case RTE_CRYPTO_RSA_PADDING_SSL23:
> >  		pad = RSA_PKCS1_PADDING;
> >  		break;
> >  	case RTE_CRYPTO_RSA_PADDING_NONE:
> > @@ -1941,13 +1954,20 @@ process_openssl_rsa_op(struct rte_crypto_op
> > *cop,
> >  		break;
> >
> >  	case RTE_CRYPTO_ASYM_OP_SIGN:
> > -		ret = RSA_private_encrypt(op->rsa.input.length,
> > -				op->rsa.input.data,
> > -				op->rsa.output.data,
> > -				rsa,
> > -				pad);
> > -		if (ret > 0)
> > -			op->rsa.output.length = ret;
> > +		if (op->rsa.padding.type !=
> > RTE_CRYPTO_RSA_PADDING_PKCS1_5) {
> > +			ret = RSA_private_encrypt(op->rsa.input.length,
> > +					op->rsa.input.data,
> > +					op->rsa.output.data,
> > +					rsa,
> > +					pad);
> > +			if (ret > 0)
> > +				op->rsa.output.length = ret;
> > +		} else {
> > +			ret = RSA_sign(sha, op->rsa.input.data, op-
> > >rsa.input.length,
> > +						op->rsa.output.data, (unsigned
> > int *)&op->rsa.output.length, rsa);
> > +			if (ret == 0)
> > +				ret = -1;
> > +		}
> >  		break;
> >
> >  	case RTE_CRYPTO_ASYM_OP_VERIFY:
> > diff --git a/lib/cryptodev/rte_crypto_asym.h
> > b/lib/cryptodev/rte_crypto_asym.h index 834e06b96b..b3906b08e3 100644
> > --- a/lib/cryptodev/rte_crypto_asym.h
> > +++ b/lib/cryptodev/rte_crypto_asym.h
> > @@ -149,6 +149,7 @@ enum rte_crypto_mgf {
> >  /**
> >   * Padding types for RSA signature.
> >   */
> > + #define TEMP
> >  enum rte_crypto_rsa_padding_type {
> >  	RTE_CRYPTO_RSA_PADDING_NONE = 0,
> >  	/**< RSA no padding scheme */
> > @@ -160,6 +161,7 @@ enum rte_crypto_rsa_padding_type {
> >  	/**< RSA PKCS#1 OAEP padding scheme */
> >  	RTE_CRYPTO_RSA_PADDING_PSS,
> >  	/**< RSA PKCS#1 PSS padding scheme */
> > +	TEMP RTE_CRYPTO_RSA_PADDING_SSL23,
> >  	RTE_CRYPTO_RSA_PADDING_TYPE_LIST_END
> >  };
> >
> > @@ -426,7 +428,7 @@ struct rte_crypto_rsa_op_param {
> >  	 *
> >  	 * If padding.type = RTE_CRYPTO_RSA_PADDING_NONE
> >  	 * input should only be used along with cryptographically
> > -	 * secure padding scheme.	 *
> > +	 * secure padding scheme.
> >  	 * If padding.type = RTE_CRYPTO_RSA_PADDING_PKCS1_5 or
> >  	 * RTE_CRYPTO_RSA_PADDING_PSS
> >  	 * if the RTE_CRYPTO_RSA_FLAG_PT flag is set, input shall contain @@
> > -
> > 434,7 +436,7 @@ struct rte_crypto_rsa_op_param {
> >  	 * the digest of the message to be signed.
> >  	 *
> >  	 * When op_type == RTE_CRYPTO_ASYM_OP_DECRYPT:
> > -	 *
> > +	 *
> >  	 * Input shall contain previously encrypted RSA message.
> >  	 *
> >  	 * When op_type == RTE_CRYPTO_ASYM_OP_VERIFY:
> > --
> > 2.13.6
diff mbox series

Patch

diff --git a/app/test/test_cryptodev_asym.c b/app/test/test_cryptodev_asym.c
index 71378cbdb2..512eb34377 100644
--- a/app/test/test_cryptodev_asym.c
+++ b/app/test/test_cryptodev_asym.c
@@ -15,6 +15,7 @@ 
 
 #include <rte_cryptodev.h>
 #include <rte_crypto.h>
+#include <openssl/rsa.h>
 
 #include "test_cryptodev.h"
 #include "test_cryptodev_dh_test_vectors.h"
@@ -163,6 +164,222 @@  queue_ops_rsa_sign_verify(void *sess)
 	return status;
 }
 
+/* DPDK RFC RSA 22.07 */
+
+static uint8_t
+rsa_sign_pkcs_15_pt[] = {
+	0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
+	0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, 0x10,
+	0x11, 0x12, 0x13, 0x14,
+};
+
+static uint8_t
+rsa_sign_pkcs_15_pt_sha256[] = {
+	0xB1, 0xB2, 0xB3, 0xB4,	0xA1, 0xA2, 0xA3, 0xA4,
+	0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
+	0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, 0x10,
+	0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18,
+};
+
+static uint8_t
+rsa_sign_pkcs_15_padded[] = {
+	0x00, 0x01, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+	0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+	0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+	0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+	0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+	0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+	0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+	0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+	0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+	0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+	0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+	0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+	0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+	0xFF, 0xFF, 0xFF, 0x00, 0x01, 0x02, 0x03, 0x04,
+	0x05, 0x06, 0x07, 0x08,	0x09, 0x0A, 0x0B, 0x0C,
+	0x0D, 0x0E, 0x0F, 0x10,	0x11, 0x12, 0x13, 0x14,
+};
+
+static uint8_t
+rsa_sign_pkcs_15_padded_digestinfo_sha1[] = {
+	0x00, 0x01, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+	0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+	0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+	0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+	0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+	0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+	0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+	0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+	0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+	0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+	0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+	0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x30, 0x21, 0x30,
+	0x09, 0x06, 0x05, 0x2b, 0x0e, 0x03, 0x02, 0x1a,
+	0x05, 0x00, 0x04, 0x14, 0x01, 0x02, 0x03, 0x04,
+	0x05, 0x06, 0x07, 0x08,	0x09, 0x0A, 0x0B, 0x0C,
+	0x0D, 0x0E, 0x0F, 0x10,	0x11, 0x12, 0x13, 0x14,
+};
+
+static uint8_t
+rsa_sign_pkcs_15_padded_digestinfo_sha256[] = {
+	0x00, 0x01, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 
+	0xFF, 0xFF, 0xFF, 0xFF,	0xFF, 0xFF, 0xFF, 0xFF, 
+	0xFF, 0xFF, 0xFF, 0xFF,	0xFF, 0xFF, 0xFF, 0xFF, 
+	0xFF, 0xFF, 0xFF, 0xFF,	0xFF, 0xFF, 0xFF, 0xFF, 
+	0xFF, 0xFF, 0xFF, 0xFF,	0xFF, 0xFF, 0xFF, 0xFF, 
+	0xFF, 0xFF, 0xFF, 0xFF,	0xFF, 0xFF, 0xFF, 0xFF, 
+	0xFF, 0xFF, 0xFF, 0xFF,	0xFF, 0xFF, 0xFF, 0xFF, 
+	0xFF, 0xFF, 0xFF, 0xFF,	0xFF, 0xFF, 0xFF, 0xFF, 
+	0xFF, 0xFF, 0xFF, 0xFF,	0xFF, 0xFF, 0xFF, 0xFF, 
+	0xFF, 0xFF, 0xFF, 0xFF,	0x00, 0x30, 0x31, 0x30,
+	0x0d, 0x06, 0x09, 0x60,	0x86, 0x48, 0x01, 0x65, 
+	0x03, 0x04, 0x02, 0x01,	0x05, 0x00, 0x04, 0x20,
+	0xB1, 0xB2, 0xB3, 0xB4,	0xA1, 0xA2, 0xA3, 0xA4,
+	0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
+	0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, 0x10,
+	0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18,
+};
+
+static void*
+rfc2207_rsa_sign_pkcs_15_sesscreat(void)
+{
+	struct crypto_testsuite_params_asym *ts_params = &testsuite_params;
+	struct rte_mempool *sess_mpool = ts_params->session_mpool;
+	uint8_t dev_id = ts_params->valid_devs[0];
+	static void *sess = NULL;
+	int ret;
+
+	if (sess)
+		return sess;
+	ret = rte_cryptodev_asym_session_create(dev_id, &rsa_xform, sess_mpool, &sess);
+
+	if (ret < 0) {
+		RTE_LOG(ERR, USER1, "Session creation failed for "
+			"sign_verify\n");
+		return NULL;
+	}
+	return sess;
+}
+
+struct rfc2207_rsa_test_data
+{
+	enum rte_crypto_rsa_padding_type type;
+	rte_crypto_param input;
+	enum rte_crypto_auth_algorithm hash;
+};
+
+struct rfc2207_rsa_test_data
+rfc2207_rsa_test_data_ssl23 = {
+	.type = RTE_CRYPTO_RSA_PADDING_SSL23,
+	.input.data = rsa_sign_pkcs_15_pt,
+	.input.length = sizeof(rsa_sign_pkcs_15_pt),
+};
+
+struct rfc2207_rsa_test_data
+rfc2207_rsa_test_data_ssl23_padded = {
+	.type = RTE_CRYPTO_RSA_PADDING_NONE,
+	.input.data = rsa_sign_pkcs_15_padded,
+	.input.length = sizeof(rsa_sign_pkcs_15_padded),
+};
+
+struct rfc2207_rsa_test_data
+rfc2207_rsa_test_data_pkcs15_sha1 = {
+	.type = RTE_CRYPTO_RSA_PADDING_PKCS1_5,
+	.hash = RTE_CRYPTO_AUTH_SHA1,
+	.input.data = rsa_sign_pkcs_15_pt,
+	.input.length = sizeof(rsa_sign_pkcs_15_pt),
+};
+
+struct rfc2207_rsa_test_data
+rfc2207_rsa_test_data_pkcs15_digestinfo_sha1 = {
+	.type = RTE_CRYPTO_RSA_PADDING_NONE,
+	.input.data = rsa_sign_pkcs_15_padded_digestinfo_sha1,
+	.input.length = sizeof(rsa_sign_pkcs_15_padded_digestinfo_sha1),
+};
+
+struct rfc2207_rsa_test_data
+rfc2207_rsa_test_data_pkcs15_sha256 = {
+	.type = RTE_CRYPTO_RSA_PADDING_PKCS1_5,
+	.hash = RTE_CRYPTO_AUTH_SHA256,
+	.input.data = rsa_sign_pkcs_15_pt_sha256,
+	.input.length = sizeof(rsa_sign_pkcs_15_pt_sha256),
+};
+
+struct rfc2207_rsa_test_data
+rfc2207_rsa_test_data_pkcs15_digestinfo_sha256 = {
+	.type = RTE_CRYPTO_RSA_PADDING_NONE,
+	.input.data = rsa_sign_pkcs_15_padded_digestinfo_sha256,
+	.input.length = sizeof(rsa_sign_pkcs_15_padded_digestinfo_sha256),
+};
+
+struct rfc2207_rsa_test_data
+rfc2207_rsa_test_data_pkcs15_oaep = {
+	.type = RTE_CRYPTO_RSA_PADDING_NONE,
+	.input.data = rsa_sign_pkcs_15_padded_digestinfo_sha256,
+	.input.length = sizeof(rsa_sign_pkcs_15_padded_digestinfo_sha256),
+};
+
+static int
+rfc2207_rsa_sign_pkcs_15(const void *test_data)
+{
+	struct crypto_testsuite_params_asym *ts_params;
+	uint8_t dev_id;
+	struct rte_crypto_op *op, *result_op;
+	struct rte_crypto_asym_op *asym_op;
+	struct rte_mempool *op_mpool;
+	void *sess;
+	uint8_t result[TEST_DATA_SIZE];
+	const struct rfc2207_rsa_test_data *tdata = test_data;
+
+	ts_params = &testsuite_params;
+	dev_id = ts_params->valid_devs[0];
+	op_mpool = ts_params->op_mpool;
+	op = rte_crypto_op_alloc(op_mpool, RTE_CRYPTO_OP_TYPE_ASYMMETRIC);
+	if (op == NULL) {
+		RTE_LOG(ERR, USER1, "Failed to allocate asymmetric crypto "
+			"operation struct\n");
+		return TEST_FAILED;
+	}
+
+	sess = rfc2207_rsa_sign_pkcs_15_sesscreat();
+	if (sess == NULL) {
+		RTE_LOG(ERR, USER1, "Failed to allocate asymmetric crypto "
+			"operation struct\n");
+		return TEST_FAILED;
+	}
+
+	asym_op = op->asym;
+	asym_op->rsa.op_type = RTE_CRYPTO_ASYM_OP_SIGN;
+	asym_op->rsa.padding.type = tdata->type;
+	asym_op->rsa.padding.hash = tdata->hash;
+	asym_op->rsa.input = tdata->input;
+	asym_op->rsa.output.data = result;
+
+	rte_crypto_op_attach_asym_session(op, sess);
+
+	/* Process crypto operation */
+	if (rte_cryptodev_enqueue_burst(dev_id, 0, &op, 1) != 1) {
+		RTE_LOG(ERR, USER1, "Error sending packet for encryption\n");
+		return -1;
+	}
+
+	while (rte_cryptodev_dequeue_burst(dev_id, 0, &result_op, 1) == 0)
+		rte_pause();
+
+	if (result_op == NULL) {
+		RTE_LOG(ERR, USER1, "Failed to process encryption op\n");
+		return -1;
+	}
+
+	printf("\nOutput len = %lu", asym_op->rsa.output.length);
+	rte_hexdump(stdout, "Signature", asym_op->rsa.output.data, asym_op->rsa.output.length);
+
+	return 0;
+}
+
+/* !---! DPDK RFC RSA 22.07 */
+
 static int
 queue_ops_rsa_enc_dec(void *sess)
 {
@@ -2147,20 +2364,32 @@  static struct unit_test_suite cryptodev_openssl_asym_testsuite  = {
 	.setup = testsuite_setup,
 	.teardown = testsuite_teardown,
 	.unit_test_cases = {
-		TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, test_capability),
-		TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, test_dsa),
-		TEST_CASE_ST(ut_setup_asym, ut_teardown_asym,
+		TEST_CASE_ST_DISABLED(ut_setup_asym, ut_teardown_asym, test_capability),
+		TEST_CASE_ST_DISABLED(ut_setup_asym, ut_teardown_asym, test_dsa),
+		TEST_CASE_ST_DISABLED(ut_setup_asym, ut_teardown_asym,
 				test_dh_keygenration),
-		TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, test_rsa_enc_dec),
-		TEST_CASE_ST(ut_setup_asym, ut_teardown_asym,
+		TEST_CASE_ST_DISABLED(ut_setup_asym, ut_teardown_asym, test_rsa_enc_dec),
+		TEST_CASE_ST_DISABLED(ut_setup_asym, ut_teardown_asym,
 				test_rsa_sign_verify),
-		TEST_CASE_ST(ut_setup_asym, ut_teardown_asym,
+		TEST_CASE_ST_DISABLED(ut_setup_asym, ut_teardown_asym,
 				test_rsa_enc_dec_crt),
-		TEST_CASE_ST(ut_setup_asym, ut_teardown_asym,
+		TEST_CASE_ST_DISABLED(ut_setup_asym, ut_teardown_asym,
 				test_rsa_sign_verify_crt),
-		TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, test_mod_inv),
-		TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, test_mod_exp),
-		TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, test_one_by_one),
+		TEST_CASE_ST_DISABLED(ut_setup_asym, ut_teardown_asym, test_mod_inv),
+		TEST_CASE_ST_DISABLED(ut_setup_asym, ut_teardown_asym, test_mod_exp),
+		TEST_CASE_ST_DISABLED(ut_setup_asym, ut_teardown_asym, test_one_by_one),
+		TEST_CASE_NAMED_WITH_DATA("rfc2207_rsa_sign_pkcs_15_ssl23", ut_setup_asym, ut_teardown_asym,
+				rfc2207_rsa_sign_pkcs_15, &rfc2207_rsa_test_data_ssl23),
+		TEST_CASE_NAMED_WITH_DATA("rfc2207_rsa_sign_pkcs_15_ssl23_padded", ut_setup_asym, ut_teardown_asym,
+				rfc2207_rsa_sign_pkcs_15, &rfc2207_rsa_test_data_ssl23_padded),
+		TEST_CASE_NAMED_WITH_DATA("rfc2207_rsa_sign_pkcs_15_sha1", ut_setup_asym, ut_teardown_asym,
+				rfc2207_rsa_sign_pkcs_15, &rfc2207_rsa_test_data_pkcs15_sha1),
+		TEST_CASE_NAMED_WITH_DATA("rfc2207_rsa_sign_pkcs_15_digestinfo_sha1", ut_setup_asym, ut_teardown_asym,
+				rfc2207_rsa_sign_pkcs_15, &rfc2207_rsa_test_data_pkcs15_digestinfo_sha1),
+		TEST_CASE_NAMED_WITH_DATA("rfc2207_rsa_sign_pkcs_15_sha256", ut_setup_asym, ut_teardown_asym,
+				rfc2207_rsa_sign_pkcs_15, &rfc2207_rsa_test_data_pkcs15_sha256),
+		TEST_CASE_NAMED_WITH_DATA("rfc2207_rsa_sign_pkcs_15_digestinfo_sha256", ut_setup_asym, ut_teardown_asym,
+				rfc2207_rsa_sign_pkcs_15, &rfc2207_rsa_test_data_pkcs15_digestinfo_sha256),
 		TEST_CASES_END() /**< NULL terminate unit test array */
 	}
 };
diff --git a/drivers/crypto/openssl/rte_openssl_pmd.c b/drivers/crypto/openssl/rte_openssl_pmd.c
index 45cee47c5d..32da143ea0 100644
--- a/drivers/crypto/openssl/rte_openssl_pmd.c
+++ b/drivers/crypto/openssl/rte_openssl_pmd.c
@@ -1899,11 +1899,24 @@  process_openssl_rsa_op(struct rte_crypto_op *cop,
 	RSA *rsa = sess->u.r.rsa;
 	uint32_t pad = (op->rsa.padding.type);
 	uint8_t *tmp;
+	int sha;
+
+	switch (op->rsa.padding.hash) {
+	case RTE_CRYPTO_AUTH_SHA1:
+		sha = NID_sha1;
+		break;
+	case RTE_CRYPTO_AUTH_SHA256:
+		sha = NID_sha256;
+		break;
+	default:
+		sha = NID_sha1;
+	}
 
 	cop->status = RTE_CRYPTO_OP_STATUS_SUCCESS;
 
 	switch (pad) {
 	case RTE_CRYPTO_RSA_PADDING_PKCS1_5:
+	case RTE_CRYPTO_RSA_PADDING_SSL23:
 		pad = RSA_PKCS1_PADDING;
 		break;
 	case RTE_CRYPTO_RSA_PADDING_NONE:
@@ -1941,13 +1954,20 @@  process_openssl_rsa_op(struct rte_crypto_op *cop,
 		break;
 
 	case RTE_CRYPTO_ASYM_OP_SIGN:
-		ret = RSA_private_encrypt(op->rsa.input.length,
-				op->rsa.input.data,
-				op->rsa.output.data,
-				rsa,
-				pad);
-		if (ret > 0)
-			op->rsa.output.length = ret;
+		if (op->rsa.padding.type != RTE_CRYPTO_RSA_PADDING_PKCS1_5) {
+			ret = RSA_private_encrypt(op->rsa.input.length,
+					op->rsa.input.data,
+					op->rsa.output.data,
+					rsa,
+					pad);
+			if (ret > 0)
+				op->rsa.output.length = ret;
+		} else {
+			ret = RSA_sign(sha, op->rsa.input.data, op->rsa.input.length,
+						op->rsa.output.data, (unsigned int *)&op->rsa.output.length, rsa);
+			if (ret == 0)
+				ret = -1;
+		}
 		break;
 
 	case RTE_CRYPTO_ASYM_OP_VERIFY:
diff --git a/lib/cryptodev/rte_crypto_asym.h b/lib/cryptodev/rte_crypto_asym.h
index 834e06b96b..b3906b08e3 100644
--- a/lib/cryptodev/rte_crypto_asym.h
+++ b/lib/cryptodev/rte_crypto_asym.h
@@ -149,6 +149,7 @@  enum rte_crypto_mgf {
 /**
  * Padding types for RSA signature.
  */
+ #define TEMP
 enum rte_crypto_rsa_padding_type {
 	RTE_CRYPTO_RSA_PADDING_NONE = 0,
 	/**< RSA no padding scheme */
@@ -160,6 +161,7 @@  enum rte_crypto_rsa_padding_type {
 	/**< RSA PKCS#1 OAEP padding scheme */
 	RTE_CRYPTO_RSA_PADDING_PSS,
 	/**< RSA PKCS#1 PSS padding scheme */
+	TEMP RTE_CRYPTO_RSA_PADDING_SSL23,
 	RTE_CRYPTO_RSA_PADDING_TYPE_LIST_END
 };
 
@@ -426,7 +428,7 @@  struct rte_crypto_rsa_op_param {
 	 *
 	 * If padding.type = RTE_CRYPTO_RSA_PADDING_NONE
 	 * input should only be used along with cryptographically
-	 * secure padding scheme.	 *
+	 * secure padding scheme.
 	 * If padding.type = RTE_CRYPTO_RSA_PADDING_PKCS1_5 or
 	 * RTE_CRYPTO_RSA_PADDING_PSS
 	 * if the RTE_CRYPTO_RSA_FLAG_PT flag is set, input shall contain
@@ -434,7 +436,7 @@  struct rte_crypto_rsa_op_param {
 	 * the digest of the message to be signed.
 	 *
 	 * When op_type == RTE_CRYPTO_ASYM_OP_DECRYPT:
-	 * 
+	 *
 	 * Input shall contain previously encrypted RSA message.
 	 *
 	 * When op_type == RTE_CRYPTO_ASYM_OP_VERIFY: