diff mbox series

[v3,2/3] test/crypto: add asymmetric SM2 test cases

Message ID	85371841f1285528d0f1c5952020d452243f8195.1685870993.git.gmuthukrishn@marvell.com (mailing list archive)
State	Superseded, archived
Delegated to:	akhil goyal
Headers	From: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com> To: <dev@dpdk.org> CC: <anoobj@marvell.com>, Akhil Goyal <gakhil@marvell.com>, Arkadiusz Kusztal <arkadiuszx.kusztal@intel.com>, Fan Zhang <fanzhang.oss@gmail.com>, Kai Ji <kai.ji@intel.com>, Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com> Subject: [PATCH v3 2/3] test/crypto: add asymmetric SM2 test cases Date: Sun, 4 Jun 2023 15:12:45 +0530 Message-ID: <85371841f1285528d0f1c5952020d452243f8195.1685870993.git.gmuthukrishn@marvell.com> In-Reply-To: <cover.1685870993.git.gmuthukrishn@marvell.com> References: <cover.1685870993.git.gmuthukrishn@marvell.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Content-Type: text/plain Precedence: list Errors-To: dev-bounces@dpdk.org
Series	SM2 crypto algorithm support \| [v3,0/3] SM2 crypto algorithm support [v3,1/3] cryptodev: add SM2 asymmetric crypto algorithm [v3,2/3] test/crypto: add asymmetric SM2 test cases [v3,3/3] crypto/openssl: add SM2 asymmetric crypto support

Checks

Context	Check	Description
ci/checkpatch	success	coding style OK

Commit Message

Gowrishankar Muthukrishnan June 4, 2023, 9:42 a.m. UTC

  Added test cases for asymmetric SM2 crypto validation.
Test cases are added for sign/verify/encrypt/decrypt.

Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
---
 app/test/test_cryptodev_asym.c             | 581 +++++++++++++++++++++
 app/test/test_cryptodev_sm2_test_vectors.h | 129 +++++
 2 files changed, 710 insertions(+)
 create mode 100644 app/test/test_cryptodev_sm2_test_vectors.h

diff mbox series

Patch

diff --git a/app/test/test_cryptodev_asym.c b/app/test/test_cryptodev_asym.c
index 9236817650..baa8f89325 100644
--- a/app/test/test_cryptodev_asym.c
+++ b/app/test/test_cryptodev_asym.c
@@ -21,6 +21,7 @@ 
 #include "test_cryptodev_ecpm_test_vectors.h"
 #include "test_cryptodev_mod_test_vectors.h"
 #include "test_cryptodev_rsa_test_vectors.h"
+#include "test_cryptodev_sm2_test_vectors.h"
 #include "test_cryptodev_asym_util.h"
 #include "test.h"
 
@@ -2196,6 +2197,582 @@  test_ecpm_all_curve(void)
 	return overall_status;
 }
 
+static int
+_test_sm2_sign(bool rnd_secret)
+{
+	struct crypto_testsuite_params_asym *ts_params = &testsuite_params;
+	struct crypto_testsuite_sm2_params input_params = sm2_param_fp256;
+	struct rte_mempool *sess_mpool = ts_params->session_mpool;
+	struct rte_mempool *op_mpool = ts_params->op_mpool;
+	uint8_t dev_id = ts_params->valid_devs[0];
+	struct rte_crypto_op *result_op = NULL;
+	uint8_t output_buf_r[TEST_DATA_SIZE];
+	uint8_t output_buf_s[TEST_DATA_SIZE];
+	struct rte_crypto_asym_xform xform;
+	struct rte_crypto_asym_op *asym_op;
+	struct rte_crypto_op *op = NULL;
+	int ret, status = TEST_SUCCESS;
+	void *sess = NULL;
+
+	/* Setup crypto op data structure */
+	op = rte_crypto_op_alloc(op_mpool, RTE_CRYPTO_OP_TYPE_ASYMMETRIC);
+	if (op == NULL) {
+		RTE_LOG(ERR, USER1,
+				"line %u FAILED: %s", __LINE__,
+				"Failed to allocate asymmetric crypto "
+				"operation struct\n");
+		status = TEST_FAILED;
+		goto exit;
+	}
+
+	asym_op = op->asym;
+
+	/* Setup asym xform */
+	xform.next = NULL;
+	xform.xform_type = RTE_CRYPTO_ASYM_XFORM_SM2;
+	xform.sm2.hash = RTE_CRYPTO_AUTH_SM3;
+
+	ret = rte_cryptodev_asym_session_create(dev_id, &xform, sess_mpool, &sess);
+	if (ret < 0) {
+		RTE_LOG(ERR, USER1,
+				"line %u FAILED: %s", __LINE__,
+				"Session creation failed\n");
+		status = (ret == -ENOTSUP) ? TEST_SKIPPED : TEST_FAILED;
+		goto exit;
+	}
+
+	/* Attach asymmetric crypto session to crypto operations */
+	rte_crypto_op_attach_asym_session(op, sess);
+
+	/* Compute sign */
+
+	/* Populate op with operational details */
+	asym_op->sm2.op_type = RTE_CRYPTO_ASYM_OP_SIGN;
+	asym_op->sm2.message.data = input_params.message.data;
+	asym_op->sm2.message.length = input_params.message.length;
+	asym_op->sm2.pkey.data = input_params.pkey.data;
+	asym_op->sm2.pkey.length = input_params.pkey.length;
+	asym_op->sm2.q.x.data = input_params.pubkey_qx.data;
+	asym_op->sm2.q.x.length = input_params.pubkey_qx.length;
+	asym_op->sm2.q.y.data = input_params.pubkey_qy.data;
+	asym_op->sm2.q.y.length = input_params.pubkey_qy.length;
+	asym_op->sm2.id.data = input_params.id.data;
+	asym_op->sm2.id.length = input_params.id.length;
+	if (rnd_secret) {
+		asym_op->sm2.k.data = NULL;
+		asym_op->sm2.k.length = 0;
+	} else {
+		asym_op->sm2.k.data = input_params.k.data;
+		asym_op->sm2.k.length = input_params.k.length;
+	}
+
+	/* Init out buf */
+	asym_op->sm2.r.data = output_buf_r;
+	asym_op->sm2.s.data = output_buf_s;
+
+	RTE_LOG(DEBUG, USER1, "Process ASYM operation\n");
+
+	/* Process crypto operation */
+	if (rte_cryptodev_enqueue_burst(dev_id, 0, &op, 1) != 1) {
+		RTE_LOG(ERR, USER1,
+				"line %u FAILED: %s", __LINE__,
+				"Error sending packet for operation\n");
+		status = TEST_FAILED;
+		goto exit;
+	}
+
+	while (rte_cryptodev_dequeue_burst(dev_id, 0, &result_op, 1) == 0)
+		rte_pause();
+
+	if (result_op == NULL) {
+		RTE_LOG(ERR, USER1,
+				"line %u FAILED: %s", __LINE__,
+				"Failed to process asym crypto op\n");
+		status = TEST_FAILED;
+		goto exit;
+	}
+
+	if (result_op->status != RTE_CRYPTO_OP_STATUS_SUCCESS) {
+		RTE_LOG(ERR, USER1,
+				"line %u FAILED: %s", __LINE__,
+				"Failed to process asym crypto op\n");
+		status = TEST_FAILED;
+		goto exit;
+	}
+
+	asym_op = result_op->asym;
+
+	debug_hexdump(stdout, "r:",
+			asym_op->sm2.r.data, asym_op->sm2.r.length);
+	debug_hexdump(stdout, "s:",
+			asym_op->sm2.s.data, asym_op->sm2.s.length);
+
+	if (!rnd_secret) {
+		/* Verify sign (by comparison). */
+		if (memcmp(input_params.sign_r.data, asym_op->sm2.r.data,
+				   asym_op->sm2.r.length) != 0) {
+			status = TEST_FAILED;
+			RTE_LOG(ERR, USER1,
+					"line %u FAILED: %s", __LINE__,
+					"SM2 sign failed.\n");
+			goto exit;
+		}
+		if (memcmp(input_params.sign_s.data, asym_op->sm2.s.data,
+				   asym_op->sm2.s.length) != 0) {
+			status = TEST_FAILED;
+			RTE_LOG(ERR, USER1,
+					"line %u FAILED: %s", __LINE__,
+					"SM2 sign failed.\n");
+			goto exit;
+		}
+	} else {
+		/* Verify sign (in roundtrip).
+		 * Due to random number used per message, sign op
+		 * would produce different output for same message
+		 * every time. Hence, we can't have expected output
+		 * to match, instead reverse op to verify.
+		 */
+
+		/* Populate op with operational details */
+		asym_op->sm2.op_type = RTE_CRYPTO_ASYM_OP_VERIFY;
+
+		/* Enqueue sign result for verify */
+		if (rte_cryptodev_enqueue_burst(dev_id, 0, &op, 1) != 1) {
+			status = TEST_FAILED;
+			RTE_LOG(ERR, USER1,
+					"line %u FAILED: %s", __LINE__,
+					"Error sending packet for operation\n");
+			goto exit;
+		}
+
+		while (rte_cryptodev_dequeue_burst(dev_id, 0, &result_op, 1) == 0)
+			rte_pause();
+
+		if (result_op == NULL) {
+			status = TEST_FAILED;
+			goto exit;
+		}
+		if (result_op->status != RTE_CRYPTO_OP_STATUS_SUCCESS) {
+			status = TEST_FAILED;
+			RTE_LOG(ERR, USER1,
+					"line %u FAILED: %s", __LINE__,
+					"SM2 verify failed.\n");
+			goto exit;
+		}
+	}
+
+exit:
+	if (sess != NULL)
+		rte_cryptodev_asym_session_free(dev_id, sess);
+	rte_crypto_op_free(op);
+	return status;
+};
+
+static int
+test_sm2_sign_rnd_secret(void)
+{
+	return _test_sm2_sign(true);
+}
+
+__rte_used static int
+test_sm2_sign_plain_secret(void)
+{
+	return _test_sm2_sign(false);
+}
+
+static int
+test_sm2_verify(void)
+{
+	struct crypto_testsuite_params_asym *ts_params = &testsuite_params;
+	struct crypto_testsuite_sm2_params input_params = sm2_param_fp256;
+	struct rte_mempool *sess_mpool = ts_params->session_mpool;
+	struct rte_mempool *op_mpool = ts_params->op_mpool;
+	uint8_t dev_id = ts_params->valid_devs[0];
+	struct rte_crypto_op *result_op = NULL;
+	struct rte_crypto_asym_xform xform;
+	struct rte_crypto_asym_op *asym_op;
+	struct rte_crypto_op *op = NULL;
+	int ret, status = TEST_SUCCESS;
+	void *sess = NULL;
+
+	/* Setup crypto op data structure */
+	op = rte_crypto_op_alloc(op_mpool, RTE_CRYPTO_OP_TYPE_ASYMMETRIC);
+	if (op == NULL) {
+		RTE_LOG(ERR, USER1,
+				"line %u FAILED: %s", __LINE__,
+				"Failed to allocate asymmetric crypto "
+				"operation struct\n");
+		status = TEST_FAILED;
+		goto exit;
+	}
+
+	asym_op = op->asym;
+
+	/* Setup asym xform */
+	xform.next = NULL;
+	xform.xform_type = RTE_CRYPTO_ASYM_XFORM_SM2;
+	xform.sm2.hash = RTE_CRYPTO_AUTH_SM3;
+
+	ret = rte_cryptodev_asym_session_create(dev_id, &xform, sess_mpool, &sess);
+	if (ret < 0) {
+		RTE_LOG(ERR, USER1,
+				"line %u FAILED: %s", __LINE__,
+				"Session creation failed\n");
+		status = (ret == -ENOTSUP) ? TEST_SKIPPED : TEST_FAILED;
+		goto exit;
+	}
+
+	/* Attach asymmetric crypto session to crypto operations */
+	rte_crypto_op_attach_asym_session(op, sess);
+
+	/* Verify given sign */
+
+	/* Populate op with operational details */
+	asym_op->sm2.op_type = RTE_CRYPTO_ASYM_OP_VERIFY;
+	asym_op->sm2.message.data = input_params.message.data;
+	asym_op->sm2.message.length = input_params.message.length;
+	asym_op->sm2.pkey.data = input_params.pkey.data;
+	asym_op->sm2.pkey.length = input_params.pkey.length;
+	asym_op->sm2.q.x.data = input_params.pubkey_qx.data;
+	asym_op->sm2.q.x.length = input_params.pubkey_qx.length;
+	asym_op->sm2.q.y.data = input_params.pubkey_qy.data;
+	asym_op->sm2.q.y.length = input_params.pubkey_qy.length;
+	asym_op->sm2.r.data = input_params.sign_r.data;
+	asym_op->sm2.r.length = input_params.sign_r.length;
+	asym_op->sm2.s.data = input_params.sign_s.data;
+	asym_op->sm2.s.length = input_params.sign_s.length;
+	asym_op->sm2.id.data = input_params.id.data;
+	asym_op->sm2.id.length = input_params.id.length;
+
+	RTE_LOG(DEBUG, USER1, "Process ASYM operation\n");
+
+	/* Process crypto operation */
+	if (rte_cryptodev_enqueue_burst(dev_id, 0, &op, 1) != 1) {
+		RTE_LOG(ERR, USER1,
+				"line %u FAILED: %s", __LINE__,
+				"Error sending packet for operation\n");
+		status = TEST_FAILED;
+		goto exit;
+	}
+
+	while (rte_cryptodev_dequeue_burst(dev_id, 0, &result_op, 1) == 0)
+		rte_pause();
+
+	if (result_op == NULL) {
+		RTE_LOG(ERR, USER1,
+				"line %u FAILED: %s", __LINE__,
+				"Failed to process asym crypto op\n");
+		status = TEST_FAILED;
+		goto exit;
+	}
+
+	if (result_op->status != RTE_CRYPTO_OP_STATUS_SUCCESS) {
+		RTE_LOG(ERR, USER1,
+				"line %u FAILED: %s", __LINE__,
+				"Failed to process asym crypto op\n");
+		status = TEST_FAILED;
+		goto exit;
+	}
+
+exit:
+	if (sess != NULL)
+		rte_cryptodev_asym_session_free(dev_id, sess);
+	rte_crypto_op_free(op);
+	return status;
+};
+
+static int
+_test_sm2_enc(bool rnd_secret)
+{
+	struct crypto_testsuite_params_asym *ts_params = &testsuite_params;
+	struct crypto_testsuite_sm2_params input_params = sm2_param_fp256;
+	struct rte_mempool *sess_mpool = ts_params->session_mpool;
+	struct rte_mempool *op_mpool = ts_params->op_mpool;
+	uint8_t output_buf[TEST_DATA_SIZE], *pbuf = NULL;
+	uint8_t dev_id = ts_params->valid_devs[0];
+	struct rte_crypto_op *result_op = NULL;
+	struct rte_crypto_asym_xform xform;
+	struct rte_crypto_asym_op *asym_op;
+	struct rte_crypto_op *op = NULL;
+	int ret, status = TEST_SUCCESS;
+	void *sess = NULL;
+
+	/* Setup crypto op data structure */
+	op = rte_crypto_op_alloc(op_mpool, RTE_CRYPTO_OP_TYPE_ASYMMETRIC);
+	if (op == NULL) {
+		RTE_LOG(ERR, USER1,
+				"line %u FAILED: %s", __LINE__,
+				"Failed to allocate asymmetric crypto "
+				"operation struct\n");
+		status = TEST_FAILED;
+		goto exit;
+	}
+	asym_op = op->asym;
+
+	/* Setup asym xform */
+	xform.next = NULL;
+	xform.xform_type = RTE_CRYPTO_ASYM_XFORM_SM2;
+	xform.sm2.hash = RTE_CRYPTO_AUTH_SM3;
+
+	ret = rte_cryptodev_asym_session_create(dev_id, &xform, sess_mpool, &sess);
+	if (ret < 0) {
+		RTE_LOG(ERR, USER1,
+				"line %u FAILED: %s", __LINE__,
+				"Session creation failed\n");
+		status = (ret == -ENOTSUP) ? TEST_SKIPPED : TEST_FAILED;
+		goto exit;
+	}
+
+	/* Attach asymmetric crypto session to crypto operations */
+	rte_crypto_op_attach_asym_session(op, sess);
+
+	/* Compute encrypt */
+
+	/* Populate op with operational details */
+	asym_op->sm2.op_type = RTE_CRYPTO_ASYM_OP_ENCRYPT;
+	asym_op->sm2.message.data = input_params.message.data;
+	asym_op->sm2.message.length = input_params.message.length;
+	asym_op->sm2.pkey.data = input_params.pkey.data;
+	asym_op->sm2.pkey.length = input_params.pkey.length;
+	asym_op->sm2.q.x.data = input_params.pubkey_qx.data;
+	asym_op->sm2.q.x.length = input_params.pubkey_qx.length;
+	asym_op->sm2.q.y.data = input_params.pubkey_qy.data;
+	asym_op->sm2.q.y.length = input_params.pubkey_qy.length;
+	if (rnd_secret) {
+		asym_op->sm2.k.data = NULL;
+		asym_op->sm2.k.length = 0;
+	} else {
+		asym_op->sm2.k.data = input_params.k.data;
+		asym_op->sm2.k.length = input_params.k.length;
+	}
+
+	/* Init out buf */
+	asym_op->sm2.cipher.data = output_buf;
+
+	RTE_LOG(DEBUG, USER1, "Process ASYM operation\n");
+
+	/* Process crypto operation */
+	if (rte_cryptodev_enqueue_burst(dev_id, 0, &op, 1) != 1) {
+		RTE_LOG(ERR, USER1,
+				"line %u FAILED: %s", __LINE__,
+				"Error sending packet for operation\n");
+		status = TEST_FAILED;
+		goto exit;
+	}
+
+	while (rte_cryptodev_dequeue_burst(dev_id, 0, &result_op, 1) == 0)
+		rte_pause();
+
+	if (result_op == NULL) {
+		RTE_LOG(ERR, USER1,
+				"line %u FAILED: %s", __LINE__,
+				"Failed to process asym crypto op\n");
+		status = TEST_FAILED;
+		goto exit;
+	}
+
+	if (result_op->status != RTE_CRYPTO_OP_STATUS_SUCCESS) {
+		RTE_LOG(ERR, USER1,
+				"line %u FAILED: %s", __LINE__,
+				"Failed to process asym crypto op\n");
+		status = TEST_FAILED;
+		goto exit;
+	}
+
+	asym_op = result_op->asym;
+
+	debug_hexdump(stdout, "cipher:",
+			asym_op->sm2.cipher.data, asym_op->sm2.cipher.length);
+
+	if (!rnd_secret) {
+		if (memcmp(input_params.cipher.data, asym_op->sm2.cipher.data,
+				   asym_op->sm2.cipher.length) != 0) {
+			status = TEST_FAILED;
+			RTE_LOG(ERR, USER1, "line %u FAILED: %s", __LINE__,
+					"SM2 encrypt failed.\n");
+			goto exit;
+		}
+	} else {
+		/* Verify cipher (in roundtrip).
+		 * Due to random number used per message, encrypt op
+		 * would produce different output for same message
+		 * every time. Hence, we can't have expected output
+		 * to match, instead reverse op to decrypt.
+		 */
+
+		/* Populate op with operational details */
+		op->asym->sm2.op_type = RTE_CRYPTO_ASYM_OP_DECRYPT;
+		pbuf = rte_malloc(NULL, TEST_DATA_SIZE, 0);
+		op->asym->sm2.message.data = pbuf;
+		op->asym->sm2.message.length = TEST_DATA_SIZE;
+
+		/* Enqueue cipher result for decrypt */
+		if (rte_cryptodev_enqueue_burst(dev_id, 0, &op, 1) != 1) {
+			status = TEST_FAILED;
+			RTE_LOG(ERR, USER1,
+					"line %u FAILED: %s", __LINE__,
+					"Error sending packet for operation\n");
+			goto exit;
+		}
+
+		while (rte_cryptodev_dequeue_burst(dev_id, 0, &result_op, 1) == 0)
+			rte_pause();
+
+		if (result_op == NULL) {
+			status = TEST_FAILED;
+			goto exit;
+		}
+		if (result_op->status != RTE_CRYPTO_OP_STATUS_SUCCESS) {
+			status = TEST_FAILED;
+			RTE_LOG(ERR, USER1,
+					"line %u FAILED: %s", __LINE__,
+					"SM2 encrypt failed.\n");
+			goto exit;
+		}
+
+		asym_op = result_op->asym;
+		if (memcmp(input_params.message.data, asym_op->sm2.message.data,
+			       asym_op->sm2.message.length) != 0) {
+			status = TEST_FAILED;
+			RTE_LOG(ERR, USER1, "line %u FAILED: %s", __LINE__,
+					"SM2 encrypt failed.\n");
+			goto exit;
+		}
+	}
+exit:
+	if (pbuf != NULL)
+		rte_free(pbuf);
+
+	if (sess != NULL)
+		rte_cryptodev_asym_session_free(dev_id, sess);
+	rte_crypto_op_free(op);
+	return status;
+};
+
+static int
+test_sm2_enc_rnd_secret(void)
+{
+	return _test_sm2_enc(true);
+}
+
+__rte_used static int
+test_sm2_enc_plain_secret(void)
+{
+	return _test_sm2_enc(false);
+}
+
+static int
+test_sm2_dec(void)
+{
+	struct crypto_testsuite_params_asym *ts_params = &testsuite_params;
+	struct crypto_testsuite_sm2_params input_params = sm2_param_fp256;
+	struct rte_mempool *sess_mpool = ts_params->session_mpool;
+	struct rte_mempool *op_mpool = ts_params->op_mpool;
+	uint8_t dev_id = ts_params->valid_devs[0];
+	struct rte_crypto_op *result_op = NULL;
+	uint8_t output_buf_m[TEST_DATA_SIZE];
+	struct rte_crypto_asym_xform xform;
+	struct rte_crypto_asym_op *asym_op;
+	struct rte_crypto_op *op = NULL;
+	int ret, status = TEST_SUCCESS;
+	void *sess = NULL;
+
+	/* Setup crypto op data structure */
+	op = rte_crypto_op_alloc(op_mpool, RTE_CRYPTO_OP_TYPE_ASYMMETRIC);
+	if (op == NULL) {
+		RTE_LOG(ERR, USER1,
+				"line %u FAILED: %s", __LINE__,
+				"Failed to allocate asymmetric crypto "
+				"operation struct\n");
+		status = TEST_FAILED;
+		goto exit;
+	}
+	asym_op = op->asym;
+
+	/* Setup asym xform */
+	xform.next = NULL;
+	xform.xform_type = RTE_CRYPTO_ASYM_XFORM_SM2;
+	xform.sm2.hash = RTE_CRYPTO_AUTH_SM3;
+
+	ret = rte_cryptodev_asym_session_create(dev_id, &xform, sess_mpool, &sess);
+	if (ret < 0) {
+		RTE_LOG(ERR, USER1,
+				"line %u FAILED: %s", __LINE__,
+				"Session creation failed\n");
+		status = (ret == -ENOTSUP) ? TEST_SKIPPED : TEST_FAILED;
+		goto exit;
+	}
+
+	/* Attach asymmetric crypto session to crypto operations */
+	rte_crypto_op_attach_asym_session(op, sess);
+
+	/* Compute decrypt */
+
+	/* Populate op with operational details */
+	asym_op->sm2.op_type = RTE_CRYPTO_ASYM_OP_DECRYPT;
+	asym_op->sm2.cipher.data = input_params.cipher.data;
+	asym_op->sm2.cipher.length = input_params.cipher.length;
+	asym_op->sm2.pkey.data = input_params.pkey.data;
+	asym_op->sm2.pkey.length = input_params.pkey.length;
+	asym_op->sm2.q.x.data = input_params.pubkey_qx.data;
+	asym_op->sm2.q.x.length = input_params.pubkey_qx.length;
+	asym_op->sm2.q.y.data = input_params.pubkey_qy.data;
+	asym_op->sm2.q.y.length = input_params.pubkey_qy.length;
+
+	/* Init out buf */
+	asym_op->sm2.message.data = output_buf_m;
+	asym_op->sm2.message.length = RTE_DIM(output_buf_m);
+
+	RTE_LOG(DEBUG, USER1, "Process ASYM operation\n");
+
+	/* Process crypto operation */
+	if (rte_cryptodev_enqueue_burst(dev_id, 0, &op, 1) != 1) {
+		RTE_LOG(ERR, USER1,
+				"line %u FAILED: %s", __LINE__,
+				"Error sending packet for operation\n");
+		status = TEST_FAILED;
+		goto exit;
+	}
+
+	while (rte_cryptodev_dequeue_burst(dev_id, 0, &result_op, 1) == 0)
+		rte_pause();
+
+	if (result_op == NULL) {
+		RTE_LOG(ERR, USER1,
+				"line %u FAILED: %s", __LINE__,
+				"Failed to process asym crypto op\n");
+		status = TEST_FAILED;
+		goto exit;
+	}
+
+	if (result_op->status != RTE_CRYPTO_OP_STATUS_SUCCESS) {
+		RTE_LOG(ERR, USER1,
+				"line %u FAILED: %s", __LINE__,
+				"Failed to process asym crypto op\n");
+		status = TEST_FAILED;
+		goto exit;
+	}
+
+	asym_op = result_op->asym;
+
+	debug_hexdump(stdout, "message:",
+			asym_op->sm2.message.data, asym_op->sm2.message.length);
+
+	if (memcmp(input_params.message.data, asym_op->sm2.message.data,
+			op->asym->sm2.message.length)) {
+		status = TEST_FAILED;
+		RTE_LOG(ERR, USER1,
+				"line %u FAILED: %s", __LINE__,
+				"SM2 decrypt failed.\n");
+		goto exit;
+	}
+exit:
+	if (sess != NULL)
+		rte_cryptodev_asym_session_free(dev_id, sess);
+	rte_crypto_op_free(op);
+	return status;
+};
+
 static struct unit_test_suite cryptodev_openssl_asym_testsuite  = {
 	.suite_name = "Crypto Device OPENSSL ASYM Unit Test Suite",
 	.setup = testsuite_setup,
@@ -2205,6 +2782,10 @@  static struct unit_test_suite cryptodev_openssl_asym_testsuite  = {
 		TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, test_dsa),
 		TEST_CASE_ST(ut_setup_asym, ut_teardown_asym,
 				test_dh_keygenration),
+		TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, test_sm2_sign_rnd_secret),
+		TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, test_sm2_verify),
+		TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, test_sm2_enc_rnd_secret),
+		TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, test_sm2_dec),
 		TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, test_rsa_enc_dec),
 		TEST_CASE_ST(ut_setup_asym, ut_teardown_asym,
 				test_rsa_sign_verify),
diff --git a/app/test/test_cryptodev_sm2_test_vectors.h b/app/test/test_cryptodev_sm2_test_vectors.h
new file mode 100644
index 0000000000..7a4ce70c10
--- /dev/null
+++ b/app/test/test_cryptodev_sm2_test_vectors.h
@@ -0,0 +1,129 @@ 
+/* SPDX-License-Identifier: BSD-3-Clause
+ * Copyright(C) 2023 Marvell.
+ */
+
+#ifndef __TEST_CRYPTODEV_SM2_TEST_VECTORS_H__
+#define __TEST_CRYPTODEV_SM2_TEST_VECTORS_H__
+
+#include "rte_crypto_asym.h"
+
+struct crypto_testsuite_sm2_params {
+	rte_crypto_param pubkey_qx;
+	rte_crypto_param pubkey_qy;
+	rte_crypto_param pkey;
+	rte_crypto_param k;
+	rte_crypto_param sign_r;
+	rte_crypto_param sign_s;
+	rte_crypto_param id;
+	rte_crypto_param cipher;
+	rte_crypto_param message;
+};
+
+static uint8_t fp256_pkey[] = {
+	0x77, 0x84, 0x35, 0x65, 0x4c, 0x7a, 0x6d, 0xb1,
+	0x1e, 0x63, 0x0b, 0x41, 0x97, 0x36, 0x04, 0xf4,
+	0xec, 0x35, 0xee, 0x3b, 0x76, 0xc2, 0x34, 0x08,
+	0xd9, 0x4a, 0x22, 0x0d, 0x7f, 0xf6, 0xc6, 0x90
+};
+
+static uint8_t fp256_qx[] = {
+	0x7b, 0x24, 0xa3, 0x03, 0xcf, 0xb2, 0x22, 0xfa,
+	0x4c, 0xb3, 0x88, 0x54, 0xf9, 0x30, 0xd1, 0x4d,
+	0xe3, 0x50, 0xda, 0xba, 0xe6, 0xa7, 0x0b, 0x91,
+	0x4c, 0x04, 0x0d, 0x5c, 0xe0, 0x8e, 0x86, 0xc5
+};
+
+static uint8_t fp256_qy[] = {
+	0xbc, 0x39, 0xe3, 0x19, 0x4e, 0xd2, 0x29, 0x22,
+	0x5b, 0x37, 0x2d, 0xeb, 0xcc, 0x05, 0x52, 0x8d,
+	0xb9, 0x40, 0xa3, 0xab, 0x3c, 0xbe, 0x16, 0x30,
+	0x1c, 0xe4, 0xe8, 0x7f, 0xba, 0x6e, 0x0b, 0xae
+};
+
+static uint8_t fp256_k[] = {
+	0x01, 0x04, 0x02, 0x05, 0x04, 0x06, 0x03, 0x07
+};
+
+static uint8_t fp256_sign_r[] = {
+	0xf3, 0x26, 0x10, 0xde, 0xfb, 0xbf, 0x13, 0xd4,
+	0x73, 0xb1, 0xc2, 0x80, 0x51, 0x06, 0x29, 0xf9,
+	0xfb, 0xc8, 0x11, 0xa7, 0x8d, 0x2c, 0xcb, 0x09,
+	0x7c, 0xb2, 0xcf, 0x58, 0x0b, 0x5e, 0x25, 0xff
+};
+
+static uint8_t fp256_sign_s[] = {
+	0x8d, 0x8d, 0xb5, 0x40, 0xe3, 0xfb, 0x98, 0xf9,
+	0x8c, 0xe4, 0x58, 0x60, 0xf2, 0x78, 0x8f, 0xd9,
+	0xbf, 0xb8, 0x47, 0x73, 0x88, 0xc1, 0xd1, 0xcd,
+	0x2d, 0xdb, 0xe3, 0xc1, 0x44, 0x30, 0x25, 0x86
+};
+
+static uint8_t fp256_id[] = {
+	0x1, 0x2, 0x3, 0x4, 0x5, 0x6, 0x7, 0x8
+};
+
+static uint8_t fp256_message[] = {
+	0x6D, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x20,
+	0x64, 0x69, 0x67, 0x65, 0x73, 0x74
+};
+
+static uint8_t fp256_cipher[] = {
+	0x30, 0x78, 0x02, 0x21, 0x00, 0xAB, 0xBD, 0xE8,
+	0xE8, 0x80, 0x93, 0x36, 0x77, 0xB6, 0x44, 0x47,
+	0x6D, 0x00, 0xF6, 0x51, 0xC8, 0x80, 0x9C, 0x9E,
+	0xD9, 0xEC, 0x36, 0x8A, 0x60, 0x8E, 0x26, 0x2D,
+	0x71, 0x31, 0xB7, 0xC1, 0x38, 0x02, 0x21, 0x00,
+	0xE1, 0xBF, 0x4C, 0x13, 0x7A, 0x87, 0x40, 0x32,
+	0xF5, 0xA1, 0xE2, 0xA1, 0x3B, 0x83, 0xBF, 0x6B,
+	0x3F, 0xFB, 0xC8, 0x13, 0x01, 0xDE, 0xCF, 0xC0,
+	0xF4, 0x24, 0x66, 0x52, 0x89, 0xDA, 0x6D, 0x7A,
+	0x04, 0x20, 0x8E, 0xFD, 0x52, 0x77, 0xC9, 0xE7,
+	0x90, 0xD1, 0x17, 0x75, 0xDE, 0xEE, 0xF3, 0xE5,
+	0x11, 0x0C, 0x5D, 0xE1, 0x3A, 0xB6, 0x2B, 0x72,
+	0x60, 0xE5, 0xD5, 0xF3, 0x0F, 0xE2, 0x44, 0xDB,
+	0xBC, 0x66, 0x04, 0x0E, 0x78, 0x2D, 0xC0, 0x3D,
+	0x38, 0xA2, 0x42, 0xA4, 0x8E, 0x8B, 0xF5, 0x06,
+	0x32, 0xFA
+};
+
+/** SM2 Fp256 elliptic curve test params */
+struct crypto_testsuite_sm2_params sm2_param_fp256 = {
+	.pubkey_qx = {
+		.data = fp256_qx,
+		.length = sizeof(fp256_qx),
+	},
+	.pubkey_qy = {
+		.data = fp256_qy,
+		.length = sizeof(fp256_qy),
+	},
+	.k = {
+		.data = fp256_k,
+		.length = sizeof(fp256_k),
+	},
+	.sign_r = {
+		.data = fp256_sign_r,
+		.length = sizeof(fp256_sign_r),
+	},
+	.sign_s = {
+		.data = fp256_sign_s,
+		.length = sizeof(fp256_sign_s),
+	},
+	.id = {
+		.data = fp256_id,
+		.length = sizeof(fp256_id),
+	},
+	.pkey = {
+		.data = fp256_pkey,
+		.length = sizeof(fp256_pkey),
+	},
+	.message = {
+		.data = fp256_message,
+		.length = sizeof(fp256_message),
+	},
+	.cipher = {
+		.data = fp256_cipher,
+		.length = sizeof(fp256_cipher),
+	}
+};
+
+#endif /* __TEST_CRYPTODEV_SM2_TEST_VECTORS_H__ */