From patchwork Tue Mar 22 08:11:27 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Arkadiusz Kusztal X-Patchwork-Id: 108799 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@inbox.dpdk.org Delivered-To: patchwork@inbox.dpdk.org Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 9DC88A04FF; Tue, 22 Mar 2022 09:11:52 +0100 (CET) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id D4EE0427F4; Tue, 22 Mar 2022 09:11:48 +0100 (CET) Received: from mga11.intel.com (mga11.intel.com [192.55.52.93]) by mails.dpdk.org (Postfix) with ESMTP id 28092410E5 for ; Tue, 22 Mar 2022 09:11:47 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1647936707; x=1679472707; h=from:to:cc:subject:date:message-id; bh=Utpy/g+AmYyYm/sbN0vu666T2kfspUABTTyLTCvX+so=; b=i/D/Gi5V7PFcbuoUCxyp2hkOm9+yIgcFLdQ7xcF1zWHDv6Q5NOiAG/as EAhxnnUMyd78rA7l4O/beovgDCcoaPp8czttcQQX+vHgcIUXOVvA4mDUh WgV9vN/whlvsMz/ArNbolcIHTNaTvV4HvYtyFwPDjWOx1wVz5Fn40XqWs /1NMOADZMrqVLSwSRi3xP0wp9r+gB4Z/U++htamks48BrtKFlE6QQ0u36 h4i/1hh7Hby2tzZuLweEQPNRsGqm2bINqY67EF25YciLN0u+jAdFIWMyi kNKyH7FOAeti1C6uU4GMcNvypoEGLo3N+auyes9mwvVnras0YJuonP7+M w==; X-IronPort-AV: E=McAfee;i="6200,9189,10293"; a="255321319" X-IronPort-AV: E=Sophos;i="5.90,201,1643702400"; d="scan'208";a="255321319" Received: from orsmga005.jf.intel.com ([10.7.209.41]) by fmsmga102.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 Mar 2022 01:11:40 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.90,201,1643702400"; d="scan'208";a="716833627" Received: from silpixa00400308.ir.intel.com ([10.237.214.95]) by orsmga005.jf.intel.com with ESMTP; 22 Mar 2022 01:11:35 -0700 From: Arek Kusztal To: dev@dpdk.org Cc: gakhil@marvell.com, roy.fan.zhang@intel.com, anoobj@marvell.com, Arek Kusztal Subject: [RFC PATCH 1/2] cryptodev: rsa improvements Date: Tue, 22 Mar 2022 08:11:27 +0000 Message-Id: <20220322081128.23733-1-arkadiuszx.kusztal@intel.com> X-Mailer: git-send-email 2.17.1 X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org This commit reworks rsa implementation. Signed-off-by: Arek Kusztal --- app/test/test_cryptodev_asym.c | 90 +++++++------ app/test/test_cryptodev_asym_util.h | 4 +- drivers/crypto/meson.build | 4 +- drivers/crypto/openssl/rte_openssl_pmd.c | 36 ++--- drivers/crypto/qat/dev/qat_asym_pmd_gen1.c | 2 + drivers/crypto/qat/qat_asym.c | 28 ++-- lib/cryptodev/rte_crypto_asym.h | 202 +++++++++++++++++++++-------- 7 files changed, 235 insertions(+), 131 deletions(-) diff --git a/app/test/test_cryptodev_asym.c b/app/test/test_cryptodev_asym.c index 573af2a537..71378cbdb2 100644 --- a/app/test/test_cryptodev_asym.c +++ b/app/test/test_cryptodev_asym.c @@ -75,6 +75,7 @@ queue_ops_rsa_sign_verify(void *sess) struct rte_crypto_op *op, *result_op; struct rte_crypto_asym_op *asym_op; uint8_t output_buf[TEST_DATA_SIZE]; + uint8_t input_sign[TEST_DATA_SIZE]; int status = TEST_SUCCESS; /* Set up crypto op data structure */ @@ -90,14 +91,14 @@ queue_ops_rsa_sign_verify(void *sess) /* Compute sign on the test vector */ asym_op->rsa.op_type = RTE_CRYPTO_ASYM_OP_SIGN; - asym_op->rsa.message.data = rsaplaintext.data; - asym_op->rsa.message.length = rsaplaintext.len; - asym_op->rsa.sign.length = 0; - asym_op->rsa.sign.data = output_buf; - asym_op->rsa.pad = RTE_CRYPTO_RSA_PADDING_PKCS1_5; + asym_op->rsa.input.data = rsaplaintext.data; + asym_op->rsa.input.length = rsaplaintext.len; + asym_op->rsa.output.length = 0; + asym_op->rsa.output.data = output_buf; + asym_op->rsa.padding.type = RTE_CRYPTO_RSA_PADDING_PKCS1_5; - debug_hexdump(stdout, "message", asym_op->rsa.message.data, - asym_op->rsa.message.length); + debug_hexdump(stdout, "message", asym_op->rsa.input.data, + asym_op->rsa.input.length); /* Attach asymmetric crypto session to crypto operations */ rte_crypto_op_attach_asym_session(op, sess); @@ -120,13 +121,18 @@ queue_ops_rsa_sign_verify(void *sess) goto error_exit; } - debug_hexdump(stdout, "signed message", asym_op->rsa.sign.data, - asym_op->rsa.sign.length); + debug_hexdump(stdout, "signed message", asym_op->rsa.output.data, + asym_op->rsa.output.length); asym_op = result_op->asym; /* Verify sign */ + memcpy(input_sign, asym_op->rsa.output.data, asym_op->rsa.output.length); + asym_op->rsa.input.data = input_sign; + asym_op->rsa.input.length = asym_op->rsa.output.length; + asym_op->rsa.message.data = rsaplaintext.data; + asym_op->rsa.message.length = rsaplaintext.len; asym_op->rsa.op_type = RTE_CRYPTO_ASYM_OP_VERIFY; - asym_op->rsa.pad = RTE_CRYPTO_RSA_PADDING_PKCS1_5; + asym_op->rsa.padding.type = RTE_CRYPTO_RSA_PADDING_PKCS1_5; /* Process crypto operation */ if (rte_cryptodev_enqueue_burst(dev_id, 0, &op, 1) != 1) { @@ -181,14 +187,14 @@ queue_ops_rsa_enc_dec(void *sess) /* Compute encryption on the test vector */ asym_op->rsa.op_type = RTE_CRYPTO_ASYM_OP_ENCRYPT; - asym_op->rsa.message.data = rsaplaintext.data; - asym_op->rsa.cipher.data = cipher_buf; - asym_op->rsa.cipher.length = 0; - asym_op->rsa.message.length = rsaplaintext.len; - asym_op->rsa.pad = RTE_CRYPTO_RSA_PADDING_PKCS1_5; + asym_op->rsa.input.data = rsaplaintext.data; + asym_op->rsa.output.data = cipher_buf; + asym_op->rsa.output.length = 0; + asym_op->rsa.input.length = rsaplaintext.len; + asym_op->rsa.padding.type = RTE_CRYPTO_RSA_PADDING_PKCS1_5; - debug_hexdump(stdout, "message", asym_op->rsa.message.data, - asym_op->rsa.message.length); + debug_hexdump(stdout, "message", asym_op->rsa.input.data, + asym_op->rsa.input.length); /* Attach asymmetric crypto session to crypto operations */ rte_crypto_op_attach_asym_session(op, sess); @@ -210,14 +216,14 @@ queue_ops_rsa_enc_dec(void *sess) status = TEST_FAILED; goto error_exit; } - debug_hexdump(stdout, "encrypted message", asym_op->rsa.message.data, - asym_op->rsa.message.length); + debug_hexdump(stdout, "encrypted message", asym_op->rsa.input.data, + asym_op->rsa.input.length); /* Use the resulted output as decryption Input vector*/ asym_op = result_op->asym; - asym_op->rsa.message.length = 0; + asym_op->rsa.input.length = 0; asym_op->rsa.op_type = RTE_CRYPTO_ASYM_OP_DECRYPT; - asym_op->rsa.pad = RTE_CRYPTO_RSA_PADDING_PKCS1_5; + asym_op->rsa.padding.type = RTE_CRYPTO_RSA_PADDING_PKCS1_5; /* Process crypto operation */ if (rte_cryptodev_enqueue_burst(dev_id, 0, &op, 1) != 1) { @@ -270,20 +276,20 @@ test_cryptodev_asym_ver(struct rte_crypto_op *op, case RTE_CRYPTO_ASYM_XFORM_RSA: if (op->asym->rsa.op_type == RTE_CRYPTO_ASYM_OP_ENCRYPT) { data_size = xform_tc->rsa.n.length; - data_received = result_op->asym->rsa.cipher.data; + data_received = result_op->asym->rsa.output.data; data_expected = data_tc->rsa_data.ct.data; } else if (op->asym->rsa.op_type == RTE_CRYPTO_ASYM_OP_DECRYPT) { data_size = xform_tc->rsa.n.length; data_expected = data_tc->rsa_data.pt.data; - data_received = result_op->asym->rsa.message.data; + data_received = result_op->asym->rsa.output.data; } else if (op->asym->rsa.op_type == RTE_CRYPTO_ASYM_OP_SIGN) { data_size = xform_tc->rsa.n.length; data_expected = data_tc->rsa_data.sign.data; - data_received = result_op->asym->rsa.sign.data; + data_received = result_op->asym->rsa.output.data; } else if (op->asym->rsa.op_type == RTE_CRYPTO_ASYM_OP_VERIFY) { data_size = xform_tc->rsa.n.length; data_expected = data_tc->rsa_data.pt.data; - data_received = result_op->asym->rsa.cipher.data; + data_received = result_op->asym->rsa.output.data; } break; case RTE_CRYPTO_ASYM_XFORM_DH: @@ -414,28 +420,28 @@ test_cryptodev_asym_op(struct crypto_testsuite_params_asym *ts_params, } xform_tc.rsa.key_type = key_type; - op->asym->rsa.pad = data_tc->rsa_data.padding; + op->asym->rsa.padding.type = data_tc->rsa_data.padding; if (op->asym->rsa.op_type == RTE_CRYPTO_ASYM_OP_ENCRYPT) { - asym_op->rsa.message.data = data_tc->rsa_data.pt.data; - asym_op->rsa.message.length = data_tc->rsa_data.pt.len; - asym_op->rsa.cipher.data = result; - asym_op->rsa.cipher.length = data_tc->rsa_data.n.len; + asym_op->rsa.input.data = data_tc->rsa_data.pt.data; + asym_op->rsa.input.length = data_tc->rsa_data.pt.len; + asym_op->rsa.output.data = result; + asym_op->rsa.output.length = data_tc->rsa_data.n.len; } else if (op->asym->rsa.op_type == RTE_CRYPTO_ASYM_OP_DECRYPT) { - asym_op->rsa.message.data = result; - asym_op->rsa.message.length = data_tc->rsa_data.n.len; - asym_op->rsa.cipher.data = data_tc->rsa_data.ct.data; - asym_op->rsa.cipher.length = data_tc->rsa_data.ct.len; + asym_op->rsa.output.data = result; + asym_op->rsa.output.length = data_tc->rsa_data.n.len; + asym_op->rsa.input.data = data_tc->rsa_data.ct.data; + asym_op->rsa.input.length = data_tc->rsa_data.ct.len; } else if (op->asym->rsa.op_type == RTE_CRYPTO_ASYM_OP_SIGN) { - asym_op->rsa.sign.data = result; - asym_op->rsa.sign.length = data_tc->rsa_data.n.len; - asym_op->rsa.message.data = data_tc->rsa_data.pt.data; - asym_op->rsa.message.length = data_tc->rsa_data.pt.len; + asym_op->rsa.output.data = result; + asym_op->rsa.output.length = data_tc->rsa_data.n.len; + asym_op->rsa.input.data = data_tc->rsa_data.pt.data; + asym_op->rsa.input.length = data_tc->rsa_data.pt.len; } else if (op->asym->rsa.op_type == RTE_CRYPTO_ASYM_OP_VERIFY) { - asym_op->rsa.cipher.data = result; - asym_op->rsa.cipher.length = data_tc->rsa_data.n.len; - asym_op->rsa.sign.data = data_tc->rsa_data.sign.data; - asym_op->rsa.sign.length = data_tc->rsa_data.sign.len; + asym_op->rsa.input.data = data_tc->rsa_data.sign.data; + asym_op->rsa.input.length = data_tc->rsa_data.sign.len; + asym_op->rsa.output.data = result; + asym_op->rsa.output.length = data_tc->rsa_data.n.len; } break; case RTE_CRYPTO_ASYM_XFORM_DH: diff --git a/app/test/test_cryptodev_asym_util.h b/app/test/test_cryptodev_asym_util.h index 83dc265dd7..175a6a4307 100644 --- a/app/test/test_cryptodev_asym_util.h +++ b/app/test/test_cryptodev_asym_util.h @@ -11,8 +11,8 @@ static inline int rsa_verify(struct rsa_test_data *rsa_param, struct rte_crypto_op *result_op) { if (memcmp(rsa_param->data, - result_op->asym->rsa.message.data, - result_op->asym->rsa.message.length)) + result_op->asym->rsa.input.data, + result_op->asym->rsa.input.length)) return -1; return 0; } diff --git a/drivers/crypto/meson.build b/drivers/crypto/meson.build index 147b8cf633..4d83b45ca5 100644 --- a/drivers/crypto/meson.build +++ b/drivers/crypto/meson.build @@ -7,7 +7,7 @@ drivers = [ 'bcmfs', 'caam_jr', 'ccp', - 'cnxk', +# 'cnxk', 'dpaa_sec', 'dpaa2_sec', 'ipsec_mb', @@ -15,7 +15,7 @@ drivers = [ 'mvsam', 'nitrox', 'null', - 'octeontx', +# 'octeontx', 'openssl', 'scheduler', 'virtio', diff --git a/drivers/crypto/openssl/rte_openssl_pmd.c b/drivers/crypto/openssl/rte_openssl_pmd.c index d80e1052e2..45cee47c5d 100644 --- a/drivers/crypto/openssl/rte_openssl_pmd.c +++ b/drivers/crypto/openssl/rte_openssl_pmd.c @@ -1897,7 +1897,7 @@ process_openssl_rsa_op(struct rte_crypto_op *cop, int ret = 0; struct rte_crypto_asym_op *op = cop->asym; RSA *rsa = sess->u.r.rsa; - uint32_t pad = (op->rsa.pad); + uint32_t pad = (op->rsa.padding.type); uint8_t *tmp; cop->status = RTE_CRYPTO_OP_STATUS_SUCCESS; @@ -1918,47 +1918,47 @@ process_openssl_rsa_op(struct rte_crypto_op *cop, switch (op->rsa.op_type) { case RTE_CRYPTO_ASYM_OP_ENCRYPT: - ret = RSA_public_encrypt(op->rsa.message.length, - op->rsa.message.data, - op->rsa.cipher.data, + ret = RSA_public_encrypt(op->rsa.input.length, + op->rsa.input.data, + op->rsa.output.data, rsa, pad); if (ret > 0) - op->rsa.cipher.length = ret; + op->rsa.output.length = ret; OPENSSL_LOG(DEBUG, "length of encrypted text %d\n", ret); break; case RTE_CRYPTO_ASYM_OP_DECRYPT: - ret = RSA_private_decrypt(op->rsa.cipher.length, - op->rsa.cipher.data, - op->rsa.message.data, + ret = RSA_private_decrypt(op->rsa.input.length, + op->rsa.input.data, + op->rsa.output.data, rsa, pad); if (ret > 0) - op->rsa.message.length = ret; + op->rsa.output.length = ret; break; case RTE_CRYPTO_ASYM_OP_SIGN: - ret = RSA_private_encrypt(op->rsa.message.length, - op->rsa.message.data, - op->rsa.sign.data, + ret = RSA_private_encrypt(op->rsa.input.length, + op->rsa.input.data, + op->rsa.output.data, rsa, pad); if (ret > 0) - op->rsa.sign.length = ret; + op->rsa.output.length = ret; break; case RTE_CRYPTO_ASYM_OP_VERIFY: - tmp = rte_malloc(NULL, op->rsa.sign.length, 0); + tmp = rte_malloc(NULL, op->rsa.input.length, 0); if (tmp == NULL) { OPENSSL_LOG(ERR, "Memory allocation failed"); cop->status = RTE_CRYPTO_OP_STATUS_ERROR; break; } - ret = RSA_public_decrypt(op->rsa.sign.length, - op->rsa.sign.data, + ret = RSA_public_decrypt(op->rsa.input.length, + op->rsa.input.data, tmp, rsa, pad); @@ -1966,9 +1966,9 @@ process_openssl_rsa_op(struct rte_crypto_op *cop, OPENSSL_LOG(DEBUG, "Length of public_decrypt %d " "length of message %zd\n", - ret, op->rsa.message.length); + ret, op->rsa.input.length); if ((ret <= 0) || (CRYPTO_memcmp(tmp, op->rsa.message.data, - op->rsa.message.length))) { + op->rsa.input.length))) { OPENSSL_LOG(ERR, "RSA sign Verification failed"); cop->status = RTE_CRYPTO_OP_STATUS_ERROR; } diff --git a/drivers/crypto/qat/dev/qat_asym_pmd_gen1.c b/drivers/crypto/qat/dev/qat_asym_pmd_gen1.c index 4499fdaf2d..b84e2963b0 100644 --- a/drivers/crypto/qat/dev/qat_asym_pmd_gen1.c +++ b/drivers/crypto/qat/dev/qat_asym_pmd_gen1.c @@ -4,10 +4,12 @@ #include #include +#include #include "qat_asym.h" #include "qat_crypto.h" #include "qat_crypto_pmd_gens.h" + struct rte_cryptodev_ops qat_asym_crypto_ops_gen1 = { /* Device related operations */ .dev_configure = qat_cryptodev_config, diff --git a/drivers/crypto/qat/qat_asym.c b/drivers/crypto/qat/qat_asym.c index 479d5308cf..cb2b47acbb 100644 --- a/drivers/crypto/qat/qat_asym.c +++ b/drivers/crypto/qat/qat_asym.c @@ -345,9 +345,9 @@ rsa_set_pub_input(struct rte_crypto_asym_op *asym_op, alg_bytesize = qat_function.bytesize; if (asym_op->rsa.op_type == RTE_CRYPTO_ASYM_OP_ENCRYPT) { - switch (asym_op->rsa.pad) { + switch (asym_op->rsa.padding.type) { case RTE_CRYPTO_RSA_PADDING_NONE: - SET_PKE_LN(cookie->input_array, asym_op->rsa.message, + SET_PKE_LN(cookie->input_array, asym_op->rsa.input, alg_bytesize, 0); break; default: @@ -358,9 +358,9 @@ rsa_set_pub_input(struct rte_crypto_asym_op *asym_op, } HEXDUMP("RSA Message", cookie->input_array[0], alg_bytesize); } else { - switch (asym_op->rsa.pad) { + switch (asym_op->rsa.padding.type) { case RTE_CRYPTO_RSA_PADDING_NONE: - SET_PKE_LN(cookie->input_array, asym_op->rsa.sign, + SET_PKE_LN(cookie->input_array, asym_op->rsa.input, alg_bytesize, 0); break; default: @@ -454,9 +454,9 @@ rsa_set_priv_input(struct rte_crypto_asym_op *asym_op, if (asym_op->rsa.op_type == RTE_CRYPTO_ASYM_OP_DECRYPT) { - switch (asym_op->rsa.pad) { + switch (asym_op->rsa.padding.type) { case RTE_CRYPTO_RSA_PADDING_NONE: - SET_PKE_LN(cookie->input_array, asym_op->rsa.cipher, + SET_PKE_LN(cookie->input_array, asym_op->rsa.input, alg_bytesize, 0); HEXDUMP("RSA ciphertext", cookie->input_array[0], alg_bytesize); @@ -469,9 +469,9 @@ rsa_set_priv_input(struct rte_crypto_asym_op *asym_op, } else if (asym_op->rsa.op_type == RTE_CRYPTO_ASYM_OP_SIGN) { - switch (asym_op->rsa.pad) { + switch (asym_op->rsa.padding.type) { case RTE_CRYPTO_RSA_PADDING_NONE: - SET_PKE_LN(cookie->input_array, asym_op->rsa.message, + SET_PKE_LN(cookie->input_array, asym_op->rsa.input, alg_bytesize, 0); HEXDUMP("RSA text to be signed", cookie->input_array[0], alg_bytesize); @@ -519,7 +519,7 @@ rsa_collect(struct rte_crypto_asym_op *asym_op, if (asym_op->rsa.op_type == RTE_CRYPTO_ASYM_OP_ENCRYPT) { - uint8_t *rsa_result = asym_op->rsa.cipher.data; + uint8_t *rsa_result = asym_op->rsa.output.data; rte_memcpy(rsa_result, cookie->output_array[0], @@ -527,9 +527,9 @@ rsa_collect(struct rte_crypto_asym_op *asym_op, HEXDUMP("RSA Encrypted data", cookie->output_array[0], alg_bytesize); } else { - uint8_t *rsa_result = asym_op->rsa.cipher.data; + uint8_t *rsa_result = asym_op->rsa.output.data; - switch (asym_op->rsa.pad) { + switch (asym_op->rsa.padding.type) { case RTE_CRYPTO_RSA_PADDING_NONE: rte_memcpy(rsa_result, cookie->output_array[0], @@ -545,9 +545,9 @@ rsa_collect(struct rte_crypto_asym_op *asym_op, } } else { if (asym_op->rsa.op_type == RTE_CRYPTO_ASYM_OP_DECRYPT) { - uint8_t *rsa_result = asym_op->rsa.message.data; + uint8_t *rsa_result = asym_op->rsa.output.data; - switch (asym_op->rsa.pad) { + switch (asym_op->rsa.padding.type) { case RTE_CRYPTO_RSA_PADDING_NONE: rte_memcpy(rsa_result, cookie->output_array[0], @@ -561,7 +561,7 @@ rsa_collect(struct rte_crypto_asym_op *asym_op, return RTE_CRYPTO_OP_STATUS_ERROR; } } else { - uint8_t *rsa_result = asym_op->rsa.sign.data; + uint8_t *rsa_result = asym_op->rsa.output.data; rte_memcpy(rsa_result, cookie->output_array[0], diff --git a/lib/cryptodev/rte_crypto_asym.h b/lib/cryptodev/rte_crypto_asym.h index cd24d4b07b..834e06b96b 100644 --- a/lib/cryptodev/rte_crypto_asym.h +++ b/lib/cryptodev/rte_crypto_asym.h @@ -50,6 +50,19 @@ enum rte_crypto_ec_group { RTE_CRYPTO_EC_GROUP_SECP521R1 = 25, }; +/**< + * When set, message instead of message digest should be + * provided as an input for signature generation + */ +#define RTE_CRYPTO_RSA_FLAG_PT +/**< + * When set, algorithmIdentifier is not added to message digest, + * therefore not forming digestInfo struct. PKCS1 v1.5 padding + * is added without further changes. + */ +#define RTE_CRYPTO_RSA_FLAG_PKCS1_NO_ASN1 + + /** * Asymmetric crypto transformation types. * Each xform type maps to one asymmetric algorithm @@ -118,6 +131,21 @@ enum rte_crypto_asym_op_type { RTE_CRYPTO_ASYM_OP_LIST_END }; +enum rte_crypto_mgf { + RTE_CRYPTO_MGF_DEFAULT, + /**< Default mask generation function */ + RTE_CRYPTO_MGF_MGF1_SHA1, + /**< MGF1 function with SHA1 hash algorithm */ + RTE_CRYPTO_MGF_MGF1_SHA224, + /**< MGF1 function with SHA224 hash algorithm */ + RTE_CRYPTO_MGF_MGF1_SHA256, + /**< MGF1 function with SHA256 hash algorithm */ + RTE_CRYPTO_MGF_MGF1_SHA384, + /**< MGF1 function with SHA384 hash algorithm */ + RTE_CRYPTO_MGF_MGF1_SHA512, + /**< MGF1 function with SHA512 hash algorithm */ +}; + /** * Padding types for RSA signature. */ @@ -162,6 +190,11 @@ enum rte_crypto_rsa_priv_key_type { * and the device supports CSRNG, 'data' should be set to NULL. * The crypto parameter in question will not be used by the PMD, * as it is internally generated. + * + * In case an allocated buffer is used to return data from the PMD, + * i.e. encrypted/decrypted data or signature, it should be allocated + * with enough memory to hold the expected output. The length field will be set + * with the length of the data returned by the PMD. */ typedef struct rte_crypto_param_t { uint8_t *data; @@ -170,6 +203,8 @@ typedef struct rte_crypto_param_t { /**< IO address of data buffer */ size_t length; /**< length of data in bytes */ + uint32_t capacity; + /**< capacity of this buffer in bytes */ } rte_crypto_param; /** Unsigned big-integer in big-endian format */ @@ -311,6 +346,62 @@ struct rte_crypto_mod_op_param { }; /** + * RSA padding type + */ +struct rte_crypto_rsa_padding { + enum rte_crypto_rsa_padding_type type; + /**< Type of RSA padding */ + enum rte_crypto_auth_algorithm hash; + /**< + * RSA padding hash function + * + * When a specific padding type is selected, the following rules applies: + * - RTE_CRYPTO_RSA_PADDING_NONE: + * This field is ignored by the PMD + * + * - RTE_CRYPTO_RSA_PADDING_PKCS1_5: + * When signing operation this field is used to determine value + * of the DigestInfo structure, therefore specifying which algorithm + * was used to create the message digest. + * When doing encryption/decryption this field is ignored for this + * padding type. + * + * - RTE_CRYPTO_RSA_PADDING_OAEP + * This field shall be set with the hash algorithm used + * in the padding scheme + * + * - RTE_CRYPTO_RSA_PADDING_PSS + * This field shall be set with the hash algorithm used + * in the padding scheme (and to create the input message digest) + */ + enum rte_crypto_mgf mgf; + /**< + * RSA padding mask generation function + * + * Used only for OAEP and PSS padding, otherwise ignored + * by the PMD. + * If RTE_CRYPTO_MGF_DEFAULT is selected, the default mask generation + * function defined by RFC standard is used with the hash function + * selected in the hash field. + */ + uint16_t saltlen; + /**< + * RSA PSS padding salt length + * + * Used only when RTE_CRYPTO_RSA_PADDING_PSS padding is selected, + * otherwise ignored. + */ + rte_crypto_param label; + /**< + * RSA OAEP padding optional label + * + * Used only when RTE_CRYPTO_RSA_PADDING_OAEP padding is selected, + * otherwise ignored. If label.data == NULL, a default label (empty string) + * is used. + */ +}; + +/** * RSA operation params * */ @@ -318,72 +409,77 @@ struct rte_crypto_rsa_op_param { enum rte_crypto_asym_op_type op_type; /**< Type of RSA operation for transform */ - rte_crypto_param message; + rte_crypto_param input; /**< - * Pointer to input data - * - to be encrypted for RSA public encrypt. - * - to be signed for RSA sign generation. - * - to be authenticated for RSA sign verification. + * When op_type == RTE_CRYPTO_ASYM_OP_ENCRYPT: * - * Pointer to output data - * - for RSA private decrypt. - * In this case the underlying array should have been - * allocated with enough memory to hold plaintext output - * (i.e. must be at least RSA key size). The message.length - * field should be 0 and will be overwritten by the PMD - * with the decrypted length. + * If padding.type = RTE_CRYPTO_RSA_PADDING_NONE + * input should only be used along with cryptographically + * secure padding scheme. + * If padding.type = RTE_CRYPTO_RSA_PADDING_PKCS1_5 + * input shall be no longer than public modulus minus 11. + * If padding.type = RTE_CRYPTO_RSA_PADDING_OAEP + * input shall be no longer than public modulus - + * 2 * len(hash) - 2. * - * All data is in Octet-string network byte order format. - */ - - rte_crypto_param cipher; - /**< - * Pointer to input data - * - to be decrypted for RSA private decrypt. + * When op_type == RTE_CRYPTO_ASYM_OP_SIGN: + * + * If padding.type = RTE_CRYPTO_RSA_PADDING_NONE + * input should only be used along with cryptographically + * secure padding scheme. * + * If padding.type = RTE_CRYPTO_RSA_PADDING_PKCS1_5 or + * RTE_CRYPTO_RSA_PADDING_PSS + * if the RTE_CRYPTO_RSA_FLAG_PT flag is set, input shall contain + * the message to be signed, if this flag is not set, input shall contain + * the digest of the message to be signed. * - * Pointer to output data - * - for RSA public encrypt. - * In this case the underlying array should have been allocated - * with enough memory to hold ciphertext output (i.e. must be - * at least RSA key size). The cipher.length field should - * be 0 and will be overwritten by the PMD with the encrypted length. + * When op_type == RTE_CRYPTO_ASYM_OP_DECRYPT: + * + * Input shall contain previously encrypted RSA message. + * + * When op_type == RTE_CRYPTO_ASYM_OP_VERIFY: + * + * Input shall contain signature to be verified * - * All data is in Octet-string network byte order format. */ - rte_crypto_param sign; + union { + rte_crypto_param output; + rte_crypto_param message; + }; /**< - * Pointer to input data - * - to be verified for RSA public decrypt. + * When op_type == RTE_CRYPTO_ASYM_OP_ENCRYPT: + * + * Output shall contain encrypted data, output.length shall + * be set to the length of encrypted data. + * + * When op_type == RTE_CRYPTO_ASYM_OP_DECRYPT/RTE_CRYPTO_ASYM_OP_SIGN: + * + * If padding.type = RTE_CRYPTO_RSA_PADDING_NONE + * output shall contain decrypted/signed data, but all leading zeros + * shall be preserved. Therefore output.length should be + * equal to the length of the modulus. * - * Pointer to output data - * - for RSA private encrypt. - * In this case the underlying array should have been allocated - * with enough memory to hold signature output (i.e. must be - * at least RSA key size). The sign.length field should - * be 0 and will be overwritten by the PMD with the signature length. + * For other types of padding, output should contain + * decrypted data, and output.length shall be set to the length + * of decrypted data. + * + * When op_type == RTE_CRYPTO_ASYM_OP_VERIFY: + * + * If padding.type = RTE_CRYPTO_RSA_PADDING_NONE + * output shall contain the public key decrypted signature. + * All leading zeroes shall be preserved. + * + * For other padding types, the message should be set with data for the + * signature to be compared with. * - * All data is in Octet-string network byte order format. */ - enum rte_crypto_rsa_padding_type pad; - /**< RSA padding scheme to be used for transform */ - - enum rte_crypto_auth_algorithm md; - /**< Hash algorithm to be used for data hash if padding - * scheme is either OAEP or PSS. Valid hash algorithms - * are: - * MD5, SHA1, SHA224, SHA256, SHA384, SHA512 - */ + struct rte_crypto_rsa_padding padding; + /**< RSA padding information */ - enum rte_crypto_auth_algorithm mgf1md; - /**< - * Hash algorithm to be used for mask generation if - * padding scheme is either OAEP or PSS. If padding - * scheme is unspecified data hash algorithm is used - * for mask generation. Valid hash algorithms are: - * MD5, SHA1, SHA224, SHA256, SHA384, SHA512 - */ + uint64_t flags; + /**< RSA configuration flags */ }; /** From patchwork Tue Mar 22 08:11:28 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Arkadiusz Kusztal X-Patchwork-Id: 108798 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@inbox.dpdk.org Delivered-To: patchwork@inbox.dpdk.org Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 09019A04FF; Tue, 22 Mar 2022 09:11:48 +0100 (CET) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id F0334427EE; Tue, 22 Mar 2022 09:11:47 +0100 (CET) Received: from mga11.intel.com (mga11.intel.com [192.55.52.93]) by mails.dpdk.org (Postfix) with ESMTP id 2F568410E5 for ; Tue, 22 Mar 2022 09:11:46 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1647936706; x=1679472706; h=from:to:cc:subject:date:message-id:in-reply-to: references; bh=+zG2R8oJTWBuUQx3Zb0JjHcukYuR8mYxSL9NVut4+Fo=; b=mllH5ouLt4SVmli7aoaT/V0dhG74dtbGVlT3GtFjIAMcwU7cZd4Q0yz8 wLevy4w5rJsxpM9z00KmcdVWtCozZJF87rPO/SY0lCJCCBG4XF1dRvfaR yJ6sIN5h3ENSm7ZXpUIAIauHf6ExfPIUclFqMhIK/mrlbbvc/pNGL8Ede Bogp/DfrufPef+aB+M1yo7s511vqNtV/SjMMTkORWbp1iXeeFwOePbf70 neWkN/mAbZT9zusmqhyuri25aSn8zzp1M4oxCLZY0R7l84rVkJI+KW3H1 35ZC3k9k2/r56NLBBsFcgxLEEcYruodXEANPyY/dF6XHh18usADpGj1t/ g==; X-IronPort-AV: E=McAfee;i="6200,9189,10293"; a="255321320" X-IronPort-AV: E=Sophos;i="5.90,201,1643702400"; d="scan'208";a="255321320" Received: from orsmga005.jf.intel.com ([10.7.209.41]) by fmsmga102.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 Mar 2022 01:11:40 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.90,201,1643702400"; d="scan'208";a="716833634" Received: from silpixa00400308.ir.intel.com ([10.237.214.95]) by orsmga005.jf.intel.com with ESMTP; 22 Mar 2022 01:11:38 -0700 From: Arek Kusztal To: dev@dpdk.org Cc: gakhil@marvell.com, roy.fan.zhang@intel.com, anoobj@marvell.com, Arek Kusztal Subject: [RFC PATCH 2/2] test: add proper pkcs1 signature tests for rsa Date: Tue, 22 Mar 2022 08:11:28 +0000 Message-Id: <20220322081128.23733-2-arkadiuszx.kusztal@intel.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20220322081128.23733-1-arkadiuszx.kusztal@intel.com> References: <20220322081128.23733-1-arkadiuszx.kusztal@intel.com> X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org This commit adds example pkcs1 signature tests. Signed-off-by: Arek Kusztal --- app/test/test_cryptodev_asym.c | 249 +++++++++++++++++++++++++++++-- drivers/crypto/openssl/rte_openssl_pmd.c | 34 ++++- lib/cryptodev/rte_crypto_asym.h | 6 +- 3 files changed, 270 insertions(+), 19 deletions(-) diff --git a/app/test/test_cryptodev_asym.c b/app/test/test_cryptodev_asym.c index 71378cbdb2..512eb34377 100644 --- a/app/test/test_cryptodev_asym.c +++ b/app/test/test_cryptodev_asym.c @@ -15,6 +15,7 @@ #include #include +#include #include "test_cryptodev.h" #include "test_cryptodev_dh_test_vectors.h" @@ -163,6 +164,222 @@ queue_ops_rsa_sign_verify(void *sess) return status; } +/* DPDK RFC RSA 22.07 */ + +static uint8_t +rsa_sign_pkcs_15_pt[] = { + 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, + 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, 0x10, + 0x11, 0x12, 0x13, 0x14, +}; + +static uint8_t +rsa_sign_pkcs_15_pt_sha256[] = { + 0xB1, 0xB2, 0xB3, 0xB4, 0xA1, 0xA2, 0xA3, 0xA4, + 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, + 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, 0x10, + 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, +}; + +static uint8_t +rsa_sign_pkcs_15_padded[] = { + 0x00, 0x01, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0x00, 0x01, 0x02, 0x03, 0x04, + 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C, + 0x0D, 0x0E, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, +}; + +static uint8_t +rsa_sign_pkcs_15_padded_digestinfo_sha1[] = { + 0x00, 0x01, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x30, 0x21, 0x30, + 0x09, 0x06, 0x05, 0x2b, 0x0e, 0x03, 0x02, 0x1a, + 0x05, 0x00, 0x04, 0x14, 0x01, 0x02, 0x03, 0x04, + 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C, + 0x0D, 0x0E, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, +}; + +static uint8_t +rsa_sign_pkcs_15_padded_digestinfo_sha256[] = { + 0x00, 0x01, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x30, 0x31, 0x30, + 0x0d, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, + 0x03, 0x04, 0x02, 0x01, 0x05, 0x00, 0x04, 0x20, + 0xB1, 0xB2, 0xB3, 0xB4, 0xA1, 0xA2, 0xA3, 0xA4, + 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, + 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, 0x10, + 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, +}; + +static void* +rfc2207_rsa_sign_pkcs_15_sesscreat(void) +{ + struct crypto_testsuite_params_asym *ts_params = &testsuite_params; + struct rte_mempool *sess_mpool = ts_params->session_mpool; + uint8_t dev_id = ts_params->valid_devs[0]; + static void *sess = NULL; + int ret; + + if (sess) + return sess; + ret = rte_cryptodev_asym_session_create(dev_id, &rsa_xform, sess_mpool, &sess); + + if (ret < 0) { + RTE_LOG(ERR, USER1, "Session creation failed for " + "sign_verify\n"); + return NULL; + } + return sess; +} + +struct rfc2207_rsa_test_data +{ + enum rte_crypto_rsa_padding_type type; + rte_crypto_param input; + enum rte_crypto_auth_algorithm hash; +}; + +struct rfc2207_rsa_test_data +rfc2207_rsa_test_data_ssl23 = { + .type = RTE_CRYPTO_RSA_PADDING_SSL23, + .input.data = rsa_sign_pkcs_15_pt, + .input.length = sizeof(rsa_sign_pkcs_15_pt), +}; + +struct rfc2207_rsa_test_data +rfc2207_rsa_test_data_ssl23_padded = { + .type = RTE_CRYPTO_RSA_PADDING_NONE, + .input.data = rsa_sign_pkcs_15_padded, + .input.length = sizeof(rsa_sign_pkcs_15_padded), +}; + +struct rfc2207_rsa_test_data +rfc2207_rsa_test_data_pkcs15_sha1 = { + .type = RTE_CRYPTO_RSA_PADDING_PKCS1_5, + .hash = RTE_CRYPTO_AUTH_SHA1, + .input.data = rsa_sign_pkcs_15_pt, + .input.length = sizeof(rsa_sign_pkcs_15_pt), +}; + +struct rfc2207_rsa_test_data +rfc2207_rsa_test_data_pkcs15_digestinfo_sha1 = { + .type = RTE_CRYPTO_RSA_PADDING_NONE, + .input.data = rsa_sign_pkcs_15_padded_digestinfo_sha1, + .input.length = sizeof(rsa_sign_pkcs_15_padded_digestinfo_sha1), +}; + +struct rfc2207_rsa_test_data +rfc2207_rsa_test_data_pkcs15_sha256 = { + .type = RTE_CRYPTO_RSA_PADDING_PKCS1_5, + .hash = RTE_CRYPTO_AUTH_SHA256, + .input.data = rsa_sign_pkcs_15_pt_sha256, + .input.length = sizeof(rsa_sign_pkcs_15_pt_sha256), +}; + +struct rfc2207_rsa_test_data +rfc2207_rsa_test_data_pkcs15_digestinfo_sha256 = { + .type = RTE_CRYPTO_RSA_PADDING_NONE, + .input.data = rsa_sign_pkcs_15_padded_digestinfo_sha256, + .input.length = sizeof(rsa_sign_pkcs_15_padded_digestinfo_sha256), +}; + +struct rfc2207_rsa_test_data +rfc2207_rsa_test_data_pkcs15_oaep = { + .type = RTE_CRYPTO_RSA_PADDING_NONE, + .input.data = rsa_sign_pkcs_15_padded_digestinfo_sha256, + .input.length = sizeof(rsa_sign_pkcs_15_padded_digestinfo_sha256), +}; + +static int +rfc2207_rsa_sign_pkcs_15(const void *test_data) +{ + struct crypto_testsuite_params_asym *ts_params; + uint8_t dev_id; + struct rte_crypto_op *op, *result_op; + struct rte_crypto_asym_op *asym_op; + struct rte_mempool *op_mpool; + void *sess; + uint8_t result[TEST_DATA_SIZE]; + const struct rfc2207_rsa_test_data *tdata = test_data; + + ts_params = &testsuite_params; + dev_id = ts_params->valid_devs[0]; + op_mpool = ts_params->op_mpool; + op = rte_crypto_op_alloc(op_mpool, RTE_CRYPTO_OP_TYPE_ASYMMETRIC); + if (op == NULL) { + RTE_LOG(ERR, USER1, "Failed to allocate asymmetric crypto " + "operation struct\n"); + return TEST_FAILED; + } + + sess = rfc2207_rsa_sign_pkcs_15_sesscreat(); + if (sess == NULL) { + RTE_LOG(ERR, USER1, "Failed to allocate asymmetric crypto " + "operation struct\n"); + return TEST_FAILED; + } + + asym_op = op->asym; + asym_op->rsa.op_type = RTE_CRYPTO_ASYM_OP_SIGN; + asym_op->rsa.padding.type = tdata->type; + asym_op->rsa.padding.hash = tdata->hash; + asym_op->rsa.input = tdata->input; + asym_op->rsa.output.data = result; + + rte_crypto_op_attach_asym_session(op, sess); + + /* Process crypto operation */ + if (rte_cryptodev_enqueue_burst(dev_id, 0, &op, 1) != 1) { + RTE_LOG(ERR, USER1, "Error sending packet for encryption\n"); + return -1; + } + + while (rte_cryptodev_dequeue_burst(dev_id, 0, &result_op, 1) == 0) + rte_pause(); + + if (result_op == NULL) { + RTE_LOG(ERR, USER1, "Failed to process encryption op\n"); + return -1; + } + + printf("\nOutput len = %lu", asym_op->rsa.output.length); + rte_hexdump(stdout, "Signature", asym_op->rsa.output.data, asym_op->rsa.output.length); + + return 0; +} + +/* !---! DPDK RFC RSA 22.07 */ + static int queue_ops_rsa_enc_dec(void *sess) { @@ -2147,20 +2364,32 @@ static struct unit_test_suite cryptodev_openssl_asym_testsuite = { .setup = testsuite_setup, .teardown = testsuite_teardown, .unit_test_cases = { - TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, test_capability), - TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, test_dsa), - TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, + TEST_CASE_ST_DISABLED(ut_setup_asym, ut_teardown_asym, test_capability), + TEST_CASE_ST_DISABLED(ut_setup_asym, ut_teardown_asym, test_dsa), + TEST_CASE_ST_DISABLED(ut_setup_asym, ut_teardown_asym, test_dh_keygenration), - TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, test_rsa_enc_dec), - TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, + TEST_CASE_ST_DISABLED(ut_setup_asym, ut_teardown_asym, test_rsa_enc_dec), + TEST_CASE_ST_DISABLED(ut_setup_asym, ut_teardown_asym, test_rsa_sign_verify), - TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, + TEST_CASE_ST_DISABLED(ut_setup_asym, ut_teardown_asym, test_rsa_enc_dec_crt), - TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, + TEST_CASE_ST_DISABLED(ut_setup_asym, ut_teardown_asym, test_rsa_sign_verify_crt), - TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, test_mod_inv), - TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, test_mod_exp), - TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, test_one_by_one), + TEST_CASE_ST_DISABLED(ut_setup_asym, ut_teardown_asym, test_mod_inv), + TEST_CASE_ST_DISABLED(ut_setup_asym, ut_teardown_asym, test_mod_exp), + TEST_CASE_ST_DISABLED(ut_setup_asym, ut_teardown_asym, test_one_by_one), + TEST_CASE_NAMED_WITH_DATA("rfc2207_rsa_sign_pkcs_15_ssl23", ut_setup_asym, ut_teardown_asym, + rfc2207_rsa_sign_pkcs_15, &rfc2207_rsa_test_data_ssl23), + TEST_CASE_NAMED_WITH_DATA("rfc2207_rsa_sign_pkcs_15_ssl23_padded", ut_setup_asym, ut_teardown_asym, + rfc2207_rsa_sign_pkcs_15, &rfc2207_rsa_test_data_ssl23_padded), + TEST_CASE_NAMED_WITH_DATA("rfc2207_rsa_sign_pkcs_15_sha1", ut_setup_asym, ut_teardown_asym, + rfc2207_rsa_sign_pkcs_15, &rfc2207_rsa_test_data_pkcs15_sha1), + TEST_CASE_NAMED_WITH_DATA("rfc2207_rsa_sign_pkcs_15_digestinfo_sha1", ut_setup_asym, ut_teardown_asym, + rfc2207_rsa_sign_pkcs_15, &rfc2207_rsa_test_data_pkcs15_digestinfo_sha1), + TEST_CASE_NAMED_WITH_DATA("rfc2207_rsa_sign_pkcs_15_sha256", ut_setup_asym, ut_teardown_asym, + rfc2207_rsa_sign_pkcs_15, &rfc2207_rsa_test_data_pkcs15_sha256), + TEST_CASE_NAMED_WITH_DATA("rfc2207_rsa_sign_pkcs_15_digestinfo_sha256", ut_setup_asym, ut_teardown_asym, + rfc2207_rsa_sign_pkcs_15, &rfc2207_rsa_test_data_pkcs15_digestinfo_sha256), TEST_CASES_END() /**< NULL terminate unit test array */ } }; diff --git a/drivers/crypto/openssl/rte_openssl_pmd.c b/drivers/crypto/openssl/rte_openssl_pmd.c index 45cee47c5d..32da143ea0 100644 --- a/drivers/crypto/openssl/rte_openssl_pmd.c +++ b/drivers/crypto/openssl/rte_openssl_pmd.c @@ -1899,11 +1899,24 @@ process_openssl_rsa_op(struct rte_crypto_op *cop, RSA *rsa = sess->u.r.rsa; uint32_t pad = (op->rsa.padding.type); uint8_t *tmp; + int sha; + + switch (op->rsa.padding.hash) { + case RTE_CRYPTO_AUTH_SHA1: + sha = NID_sha1; + break; + case RTE_CRYPTO_AUTH_SHA256: + sha = NID_sha256; + break; + default: + sha = NID_sha1; + } cop->status = RTE_CRYPTO_OP_STATUS_SUCCESS; switch (pad) { case RTE_CRYPTO_RSA_PADDING_PKCS1_5: + case RTE_CRYPTO_RSA_PADDING_SSL23: pad = RSA_PKCS1_PADDING; break; case RTE_CRYPTO_RSA_PADDING_NONE: @@ -1941,13 +1954,20 @@ process_openssl_rsa_op(struct rte_crypto_op *cop, break; case RTE_CRYPTO_ASYM_OP_SIGN: - ret = RSA_private_encrypt(op->rsa.input.length, - op->rsa.input.data, - op->rsa.output.data, - rsa, - pad); - if (ret > 0) - op->rsa.output.length = ret; + if (op->rsa.padding.type != RTE_CRYPTO_RSA_PADDING_PKCS1_5) { + ret = RSA_private_encrypt(op->rsa.input.length, + op->rsa.input.data, + op->rsa.output.data, + rsa, + pad); + if (ret > 0) + op->rsa.output.length = ret; + } else { + ret = RSA_sign(sha, op->rsa.input.data, op->rsa.input.length, + op->rsa.output.data, (unsigned int *)&op->rsa.output.length, rsa); + if (ret == 0) + ret = -1; + } break; case RTE_CRYPTO_ASYM_OP_VERIFY: diff --git a/lib/cryptodev/rte_crypto_asym.h b/lib/cryptodev/rte_crypto_asym.h index 834e06b96b..b3906b08e3 100644 --- a/lib/cryptodev/rte_crypto_asym.h +++ b/lib/cryptodev/rte_crypto_asym.h @@ -149,6 +149,7 @@ enum rte_crypto_mgf { /** * Padding types for RSA signature. */ + #define TEMP enum rte_crypto_rsa_padding_type { RTE_CRYPTO_RSA_PADDING_NONE = 0, /**< RSA no padding scheme */ @@ -160,6 +161,7 @@ enum rte_crypto_rsa_padding_type { /**< RSA PKCS#1 OAEP padding scheme */ RTE_CRYPTO_RSA_PADDING_PSS, /**< RSA PKCS#1 PSS padding scheme */ + TEMP RTE_CRYPTO_RSA_PADDING_SSL23, RTE_CRYPTO_RSA_PADDING_TYPE_LIST_END }; @@ -426,7 +428,7 @@ struct rte_crypto_rsa_op_param { * * If padding.type = RTE_CRYPTO_RSA_PADDING_NONE * input should only be used along with cryptographically - * secure padding scheme. * + * secure padding scheme. * If padding.type = RTE_CRYPTO_RSA_PADDING_PKCS1_5 or * RTE_CRYPTO_RSA_PADDING_PSS * if the RTE_CRYPTO_RSA_FLAG_PT flag is set, input shall contain @@ -434,7 +436,7 @@ struct rte_crypto_rsa_op_param { * the digest of the message to be signed. * * When op_type == RTE_CRYPTO_ASYM_OP_DECRYPT: - * + * * Input shall contain previously encrypted RSA message. * * When op_type == RTE_CRYPTO_ASYM_OP_VERIFY: