From patchwork Wed Nov 29 16:10:34 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gowrishankar Muthukrishnan X-Patchwork-Id: 134697 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@inbox.dpdk.org Delivered-To: patchwork@inbox.dpdk.org Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 5098F43402; Wed, 29 Nov 2023 17:10:46 +0100 (CET) Received: from mails.dpdk.org (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 3813F42E30; Wed, 29 Nov 2023 17:10:46 +0100 (CET) Received: from mx0b-0016f401.pphosted.com (mx0a-0016f401.pphosted.com [67.231.148.174]) by mails.dpdk.org (Postfix) with ESMTP id 420F5409FA for ; Wed, 29 Nov 2023 17:10:45 +0100 (CET) Received: from pps.filterd (m0045849.ppops.net [127.0.0.1]) by mx0a-0016f401.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 3ATFAIkW011841; Wed, 29 Nov 2023 08:10:44 -0800 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com; h=from : to : cc : subject : date : message-id : mime-version : content-transfer-encoding : content-type; s=pfpt0220; bh=qD8UJGINbESaA6OFYEyxhtQ6uaJJwyn+wLa2PFtYBQg=; b=F8oCL7wi5pPn+CmJX1juESZ2YAu1r9C1/zSuWhRUkFnON6ei18j0JM0nfjohjljpLIAd NAHQ1WdPkxX4+wXw1E7YOsLBiCGdLiMJIC6mGFnn2NI1qeiqicj+J1AKtZQxC9rXff/o Fe3yV2fUelPVUx9PNe3qzZl2tdCYCS7CjnwTwpuccEU/9JXMIWoMMNUpKXSk1P2gCnZO i3G7PmKBHdMQQFQ6xjrvh+x3QJHoWutVMjnQk+0Q8kgavKo9Pl4SCPTWjT9T6XdnYc/t BhjWqCJSnMZ/55wVm0SJ+twgAkGyseXd19jfa7eUue4FsT0ly7R3rFZbX5EhYgXMPcUC FA== Received: from dc5-exch02.marvell.com ([199.233.59.182]) by mx0a-0016f401.pphosted.com (PPS) with ESMTPS id 3up4x199b3-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Wed, 29 Nov 2023 08:10:44 -0800 Received: from DC5-EXCH02.marvell.com (10.69.176.39) by DC5-EXCH02.marvell.com (10.69.176.39) with Microsoft SMTP Server (TLS) id 15.0.1497.48; Wed, 29 Nov 2023 08:10:42 -0800 Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH02.marvell.com (10.69.176.39) with Microsoft SMTP Server id 15.0.1497.48 via Frontend Transport; Wed, 29 Nov 2023 08:10:42 -0800 Received: from BG-LT91401.marvell.com (BG-LT91401.marvell.com [10.28.168.34]) by maili.marvell.com (Postfix) with ESMTP id 050FA3F7041; Wed, 29 Nov 2023 08:10:39 -0800 (PST) From: Gowrishankar Muthukrishnan To: CC: , Akhil Goyal , Fan Zhang , Kai Ji , "Gowrishankar Muthukrishnan" Subject: [PATCH v1 1/3] cryptodev: add EDDSA asymmetric crypto algorithm Date: Wed, 29 Nov 2023 21:40:34 +0530 Message-ID: <0ae6a1afadac64050d80b0fd7712c4a6a8599e2c.1701273963.git.gmuthukrishn@marvell.com> X-Mailer: git-send-email 2.21.0 MIME-Version: 1.0 X-Proofpoint-GUID: jsMfJva6QIynejfHBfSfQ2Ywp_D3tMDu X-Proofpoint-ORIG-GUID: jsMfJva6QIynejfHBfSfQ2Ywp_D3tMDu X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.272,Aquarius:18.0.997,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2023-11-29_14,2023-11-29_01,2023-05-22_02 X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Add support for asymmetric EDDSA in cryptodev, as referenced in RFC: https://datatracker.ietf.org/doc/html/rfc8032 Signed-off-by: Gowrishankar Muthukrishnan --- doc/guides/cryptodevs/features/default.ini | 1 + doc/guides/prog_guide/cryptodev_lib.rst | 2 +- lib/cryptodev/rte_crypto_asym.h | 51 +++++++++++++++++++++- 3 files changed, 52 insertions(+), 2 deletions(-) diff --git a/doc/guides/cryptodevs/features/default.ini b/doc/guides/cryptodevs/features/default.ini index f411d4bab7..3073753911 100644 --- a/doc/guides/cryptodevs/features/default.ini +++ b/doc/guides/cryptodevs/features/default.ini @@ -130,6 +130,7 @@ ECDSA = ECPM = ECDH = SM2 = +EDDSA = ; ; Supported Operating systems of a default crypto driver. diff --git a/doc/guides/prog_guide/cryptodev_lib.rst b/doc/guides/prog_guide/cryptodev_lib.rst index 2b513bbf82..dd636ba5ef 100644 --- a/doc/guides/prog_guide/cryptodev_lib.rst +++ b/doc/guides/prog_guide/cryptodev_lib.rst @@ -927,7 +927,7 @@ Asymmetric Cryptography The cryptodev library currently provides support for the following asymmetric Crypto operations; RSA, Modular exponentiation and inversion, Diffie-Hellman and Elliptic Curve Diffie-Hellman public and/or private key generation and shared -secret compute, DSA Signature generation and verification. +secret compute, DSA and EdDSA Signature generation and verification. Session and Session Management ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/lib/cryptodev/rte_crypto_asym.h b/lib/cryptodev/rte_crypto_asym.h index 39d3da3952..7813d28b7a 100644 --- a/lib/cryptodev/rte_crypto_asym.h +++ b/lib/cryptodev/rte_crypto_asym.h @@ -65,9 +65,22 @@ enum rte_crypto_curve_id { RTE_CRYPTO_EC_GROUP_SECP256R1 = 23, RTE_CRYPTO_EC_GROUP_SECP384R1 = 24, RTE_CRYPTO_EC_GROUP_SECP521R1 = 25, + RTE_CRYPTO_EC_GROUP_ED25519 = 29, + RTE_CRYPTO_EC_GROUP_ED448 = 30, RTE_CRYPTO_EC_GROUP_SM2 = 41, }; +/** + * List of Edwards curve instances as per RFC 8032 (Section 5). + */ +enum rte_crypto_edward_instance { + RTE_CRYPTO_EDCURVE_25519, + RTE_CRYPTO_EDCURVE_25519CTX, + RTE_CRYPTO_EDCURVE_25519PH, + RTE_CRYPTO_EDCURVE_448, + RTE_CRYPTO_EDCURVE_448PH +}; + /** * Asymmetric crypto transformation types. * Each xform type maps to one asymmetric algorithm @@ -108,6 +121,10 @@ enum rte_crypto_asym_xform_type { /**< Elliptic Curve Digital Signature Algorithm * Perform Signature Generation and Verification. */ + RTE_CRYPTO_ASYM_XFORM_EDDSA, + /**< Edwards Curve Digital Signature Algorithm + * Perform Signature Generation and Verification. + */ RTE_CRYPTO_ASYM_XFORM_ECDH, /**< Elliptic Curve Diffie Hellman */ RTE_CRYPTO_ASYM_XFORM_ECPM, @@ -376,7 +393,13 @@ struct rte_crypto_ec_xform { rte_crypto_uint pkey; /**< Private key */ - struct rte_crypto_ec_point q; + union { + struct rte_crypto_ec_point q; + /**< Elliptic curve point */ + + rte_crypto_uint qcomp; + /**< Elliptic curve point compressed */ + }; /**< Public key */ }; @@ -585,6 +608,31 @@ struct rte_crypto_ecdsa_op_param { */ }; +/** + * EDDSA operation params + */ +struct rte_crypto_eddsa_op_param { + enum rte_crypto_asym_op_type op_type; + /**< Signature generation or verification */ + + rte_crypto_param message; + /**< Input message digest to be signed or verified */ + + rte_crypto_param context; + /**< Context value for the sign op. + * Must not be empty for Ed25519ctx instance. + */ + + enum rte_crypto_edward_instance instance; + /**< Type of Edwards curve. */ + + rte_crypto_uint sign; + /**< Edward curve signature + * output : for signature generation + * input : for signature verification + */ +}; + /** * Structure for EC point multiplication operation param */ @@ -718,6 +766,7 @@ struct rte_crypto_asym_op { struct rte_crypto_ecdh_op_param ecdh; struct rte_crypto_dsa_op_param dsa; struct rte_crypto_ecdsa_op_param ecdsa; + struct rte_crypto_eddsa_op_param eddsa; struct rte_crypto_ecpm_op_param ecpm; struct rte_crypto_sm2_op_param sm2; }; From patchwork Wed Nov 29 16:10:35 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gowrishankar Muthukrishnan X-Patchwork-Id: 134698 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@inbox.dpdk.org Delivered-To: patchwork@inbox.dpdk.org Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id DDD6943402; Wed, 29 Nov 2023 17:10:54 +0100 (CET) Received: from mails.dpdk.org (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id D559242E39; Wed, 29 Nov 2023 17:10:49 +0100 (CET) Received: from mx0b-0016f401.pphosted.com (mx0b-0016f401.pphosted.com [67.231.156.173]) by mails.dpdk.org (Postfix) with ESMTP id 26A5142E4B for ; Wed, 29 Nov 2023 17:10:48 +0100 (CET) Received: from pps.filterd (m0045851.ppops.net [127.0.0.1]) by mx0b-0016f401.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 3ATEsoAp022054; Wed, 29 Nov 2023 08:10:47 -0800 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding : content-type; s=pfpt0220; bh=HCB1q7ogwg7ZFf1cZ4WUAy15zyWNnq5Fyg/W1mQ8apY=; b=K3YPSlkBQ0RoWGnjY2uAWHoGADMwQDOB7+XlzfGFvddCMvZDnKECHBDDmPkL98o+srER oU7qmCvACFFiU9eKlgJXVpnT2nb7mZPuznls/gKS3SHUNC/HdVaKO/nez54FxcDDYNGh MEEZ8KpdDN8myQSGL2ST6kwZXlTrugR8fInAqecpBCOFeNCaV98F4nwomT2GH7UdSbOI Bp8V3TzKco6XqlqYT5sp0neWOQTAb5BbxK0xjrmUQB+cHxQNQ/6di+mTJJ/1arrhSmDy tWZ3bGVF85Us64WL/blKkLGZOj4jb6MvZSOZe/iULBGqCE/0yyl9a92qtLWf9YQv+Tm6 Vw== Received: from dc5-exch02.marvell.com ([199.233.59.182]) by mx0b-0016f401.pphosted.com (PPS) with ESMTPS id 3una4dpuh6-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Wed, 29 Nov 2023 08:10:47 -0800 Received: from DC5-EXCH01.marvell.com (10.69.176.38) by DC5-EXCH02.marvell.com (10.69.176.39) with Microsoft SMTP Server (TLS) id 15.0.1497.48; Wed, 29 Nov 2023 08:10:45 -0800 Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH01.marvell.com (10.69.176.38) with Microsoft SMTP Server id 15.0.1497.48 via Frontend Transport; Wed, 29 Nov 2023 08:10:45 -0800 Received: from BG-LT91401.marvell.com (BG-LT91401.marvell.com [10.28.168.34]) by maili.marvell.com (Postfix) with ESMTP id AD0C53F7059; Wed, 29 Nov 2023 08:10:42 -0800 (PST) From: Gowrishankar Muthukrishnan To: CC: , Akhil Goyal , Fan Zhang , Kai Ji , "Gowrishankar Muthukrishnan" Subject: [PATCH v1 2/3] crypto/openssl: add EDDSA support Date: Wed, 29 Nov 2023 21:40:35 +0530 Message-ID: <03d11c7c6e1e523784dd2a745169e75e466802c1.1701273963.git.gmuthukrishn@marvell.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: <0ae6a1afadac64050d80b0fd7712c4a6a8599e2c.1701273963.git.gmuthukrishn@marvell.com> References: <0ae6a1afadac64050d80b0fd7712c4a6a8599e2c.1701273963.git.gmuthukrishn@marvell.com> MIME-Version: 1.0 X-Proofpoint-GUID: uPmVLNbrg2uJilPam67wutUVL3dZT99u X-Proofpoint-ORIG-GUID: uPmVLNbrg2uJilPam67wutUVL3dZT99u X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.272,Aquarius:18.0.997,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2023-11-29_14,2023-11-29_01,2023-05-22_02 X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Add EDDSA support in OpenSSL PMD. Signed-off-by: Gowrishankar Muthukrishnan --- For openssl library support, refer: https://github.com/openssl/openssl/commit/4f8b7c2319523f8e83b8b2fa31127832fa092552 --- drivers/crypto/openssl/openssl_pmd_private.h | 6 + drivers/crypto/openssl/rte_openssl_pmd.c | 165 +++++++++++++++++++ drivers/crypto/openssl/rte_openssl_pmd_ops.c | 80 +++++++++ 3 files changed, 251 insertions(+) diff --git a/drivers/crypto/openssl/openssl_pmd_private.h b/drivers/crypto/openssl/openssl_pmd_private.h index 334912d335..7061a1b85b 100644 --- a/drivers/crypto/openssl/openssl_pmd_private.h +++ b/drivers/crypto/openssl/openssl_pmd_private.h @@ -212,6 +212,12 @@ struct openssl_asym_session { OSSL_PARAM * params; #endif } sm2; + struct { + uint8_t curve_id; +#if (OPENSSL_VERSION_NUMBER >= 0x30000000L) + OSSL_PARAM *params; +#endif + } eddsa; } u; } __rte_cache_aligned; /** Set and validate OPENSSL crypto session parameters */ diff --git a/drivers/crypto/openssl/rte_openssl_pmd.c b/drivers/crypto/openssl/rte_openssl_pmd.c index e8cb09defc..61c1f95202 100644 --- a/drivers/crypto/openssl/rte_openssl_pmd.c +++ b/drivers/crypto/openssl/rte_openssl_pmd.c @@ -2890,6 +2890,155 @@ process_openssl_sm2_op_evp(struct rte_crypto_op *cop, return ret; } +static int +process_openssl_eddsa_op_evp(struct rte_crypto_op *cop, + struct openssl_asym_session *sess) +{ + static const char * const instance[] = {"Ed25519", "Ed25519ctx", "Ed25519ph", + "Ed448", "Ed448ph"}; + EVP_PKEY_CTX *kctx = NULL, *sctx = NULL, *cctx = NULL; + const uint8_t curve_id = sess->u.eddsa.curve_id; + struct rte_crypto_asym_op *op = cop->asym; + OSSL_PARAM *params = sess->u.eddsa.params; + OSSL_PARAM_BLD *iparam_bld = NULL; + OSSL_PARAM *iparams = NULL; + uint8_t signbuf[128] = {0}; + EVP_MD_CTX *md_ctx = NULL; + EVP_PKEY *pkey = NULL; + size_t signlen; + int ret = -1; + + cop->status = RTE_CRYPTO_OP_STATUS_ERROR; + + iparam_bld = OSSL_PARAM_BLD_new(); + if (!iparam_bld) + goto err_eddsa; + + OSSL_PARAM_BLD_push_octet_string(iparam_bld, "context-string", + op->eddsa.context.data, op->eddsa.context.length); + + OSSL_PARAM_BLD_push_utf8_string(iparam_bld, "instance", + instance[op->eddsa.instance], strlen(instance[op->eddsa.instance])); + + iparams = OSSL_PARAM_BLD_to_param(iparam_bld); + if (!iparams) + goto err_eddsa; + + switch (op->eddsa.op_type) { + case RTE_CRYPTO_ASYM_OP_SIGN: + { + if (curve_id == RTE_CRYPTO_EC_GROUP_ED25519) + kctx = EVP_PKEY_CTX_new_from_name(NULL, "ED25519", NULL); + else + kctx = EVP_PKEY_CTX_new_from_name(NULL, "ED448", NULL); + + if (kctx == NULL || EVP_PKEY_fromdata_init(kctx) <= 0 || + EVP_PKEY_fromdata(kctx, &pkey, EVP_PKEY_KEYPAIR, params) <= 0) + goto err_eddsa; + + md_ctx = EVP_MD_CTX_new(); + if (!md_ctx) + goto err_eddsa; + + sctx = EVP_PKEY_CTX_new_from_pkey(NULL, pkey, NULL); + if (!sctx) + goto err_eddsa; + + EVP_MD_CTX_set_pkey_ctx(md_ctx, sctx); + +#if (OPENSSL_VERSION_NUMBER >= 0x30300000L) + if (!EVP_DigestSignInit_ex(md_ctx, NULL, NULL, NULL, NULL, pkey, iparams)) + goto err_eddsa; +#else + if (op->eddsa.instance == RTE_CRYPTO_EDCURVE_25519 || + op->eddsa.instance == RTE_CRYPTO_EDCURVE_448) { + if (!EVP_DigestSignInit(md_ctx, NULL, NULL, NULL, pkey)) + goto err_eddsa; + } else + goto err_eddsa; +#endif + + if (!EVP_DigestSign(md_ctx, NULL, &signlen, op->eddsa.message.data, + op->eddsa.message.length)) + goto err_eddsa; + + if (signlen > RTE_DIM(signbuf)) + goto err_eddsa; + + if (!EVP_DigestSign(md_ctx, signbuf, &signlen, op->eddsa.message.data, + op->eddsa.message.length)) + goto err_eddsa; + + memcpy(op->eddsa.sign.data, &signbuf[0], signlen); + op->eddsa.sign.length = signlen; + } + break; + case RTE_CRYPTO_ASYM_OP_VERIFY: + { + if (curve_id == RTE_CRYPTO_EC_GROUP_ED25519) + kctx = EVP_PKEY_CTX_new_from_name(NULL, "ED25519", NULL); + else + kctx = EVP_PKEY_CTX_new_from_name(NULL, "ED448", NULL); + + if (kctx == NULL || EVP_PKEY_fromdata_init(kctx) <= 0 || + EVP_PKEY_fromdata(kctx, &pkey, EVP_PKEY_PUBLIC_KEY, params) <= 0) + goto err_eddsa; + + md_ctx = EVP_MD_CTX_new(); + if (!md_ctx) + goto err_eddsa; + + sctx = EVP_PKEY_CTX_new_from_pkey(NULL, pkey, NULL); + if (!sctx) + goto err_eddsa; + + EVP_MD_CTX_set_pkey_ctx(md_ctx, sctx); + +#if (OPENSSL_VERSION_NUMBER >= 0x30300000L) + if (!EVP_DigestVerifyInit_ex(md_ctx, NULL, NULL, NULL, NULL, pkey, iparams)) + goto err_eddsa; +#else + if (op->eddsa.instance == RTE_CRYPTO_EDCURVE_25519 || + op->eddsa.instance == RTE_CRYPTO_EDCURVE_448) { + if (!EVP_DigestVerifyInit(md_ctx, NULL, NULL, NULL, pkey)) + goto err_eddsa; + } else + goto err_eddsa; +#endif + + signlen = op->eddsa.sign.length; + memcpy(&signbuf[0], op->eddsa.sign.data, op->eddsa.sign.length); + + ret = EVP_DigestVerify(md_ctx, signbuf, signlen, op->eddsa.message.data, + op->eddsa.message.length); + if (ret == 0) + goto err_eddsa; + } + break; + default: + /* allow ops with invalid args to be pushed to + * completion queue + */ + cop->status = RTE_CRYPTO_OP_STATUS_INVALID_ARGS; + goto err_eddsa; + } + + ret = 0; + cop->status = RTE_CRYPTO_OP_STATUS_SUCCESS; +err_eddsa: + OSSL_PARAM_BLD_free(iparam_bld); + + if (sctx) + EVP_PKEY_CTX_free(sctx); + + if (cctx) + EVP_PKEY_CTX_free(cctx); + + if (pkey) + EVP_PKEY_free(pkey); + + return ret; +} #else static int process_openssl_rsa_op(struct rte_crypto_op *cop, @@ -2998,6 +3147,15 @@ process_openssl_sm2_op(struct rte_crypto_op *cop, RTE_SET_USED(sess); return -ENOTSUP; } + +static int +process_openssl_eddsa_op(struct rte_crypto_op *cop, + struct openssl_asym_session *sess) +{ + RTE_SET_USED(cop); + RTE_SET_USED(sess); + return -ENOTSUP; +} #endif static int @@ -3053,6 +3211,13 @@ process_asym_op(struct openssl_qp *qp, struct rte_crypto_op *op, retval = process_openssl_sm2_op_evp(op, sess); #else retval = process_openssl_sm2_op(op, sess); +#endif + break; + case RTE_CRYPTO_ASYM_XFORM_EDDSA: +#if (OPENSSL_VERSION_NUMBER >= 0x30000000L) + retval = process_openssl_eddsa_op_evp(op, sess); +#else + retval = process_openssl_eddsa_op(op, sess); #endif break; default: diff --git a/drivers/crypto/openssl/rte_openssl_pmd_ops.c b/drivers/crypto/openssl/rte_openssl_pmd_ops.c index b16baaa08f..36c4c68da9 100644 --- a/drivers/crypto/openssl/rte_openssl_pmd_ops.c +++ b/drivers/crypto/openssl/rte_openssl_pmd_ops.c @@ -610,6 +610,20 @@ static const struct rte_cryptodev_capabilities openssl_pmd_capabilities[] = { } } }, + { /* EDDSA */ + .op = RTE_CRYPTO_OP_TYPE_ASYMMETRIC, + {.asym = { + .xform_capa = { + .xform_type = RTE_CRYPTO_ASYM_XFORM_EDDSA, + .hash_algos = (1 << RTE_CRYPTO_AUTH_SHA512 | + 1 << RTE_CRYPTO_AUTH_SHAKE_256), + .op_types = + ((1<= 0x30000000L) + OSSL_PARAM_BLD *param_bld = NULL; + OSSL_PARAM *params = NULL; + int ret = -1; + + asym_session->u.eddsa.curve_id = xform->ec.curve_id; + + param_bld = OSSL_PARAM_BLD_new(); + if (!param_bld) { + OPENSSL_LOG(ERR, "failed to allocate params\n"); + goto err_eddsa; + } + + ret = OSSL_PARAM_BLD_push_utf8_string(param_bld, + OSSL_PKEY_PARAM_GROUP_NAME, "ED25519", sizeof("ED25519")); + if (!ret) { + OPENSSL_LOG(ERR, "failed to push params\n"); + goto err_eddsa; + } + + ret = OSSL_PARAM_BLD_push_octet_string(param_bld, OSSL_PKEY_PARAM_PRIV_KEY, + xform->ec.pkey.data, xform->ec.pkey.length); + if (!ret) { + OPENSSL_LOG(ERR, "failed to push params\n"); + goto err_eddsa; + } + + ret = OSSL_PARAM_BLD_push_octet_string(param_bld, OSSL_PKEY_PARAM_PUB_KEY, + xform->ec.qcomp.data, xform->ec.qcomp.length); + if (!ret) { + OPENSSL_LOG(ERR, "failed to push params\n"); + goto err_eddsa; + } + + params = OSSL_PARAM_BLD_to_param(param_bld); + if (!params) { + OPENSSL_LOG(ERR, "failed to push params\n"); + goto err_eddsa; + } + + asym_session->u.eddsa.params = params; + OSSL_PARAM_BLD_free(param_bld); + + asym_session->xfrm_type = RTE_CRYPTO_ASYM_XFORM_EDDSA; + break; +err_eddsa: + if (param_bld) + OSSL_PARAM_BLD_free(param_bld); + + if (asym_session->u.eddsa.params) + OSSL_PARAM_free(asym_session->u.eddsa.params); + + return -1; +#else + OPENSSL_LOG(WARNING, "EDDSA unsupported for OpenSSL Version < 3.0"); + return -ENOTSUP; #endif } default: @@ -1511,6 +1585,12 @@ static void openssl_reset_asym_session(struct openssl_asym_session *sess) #if (OPENSSL_VERSION_NUMBER >= 0x30000000L) OSSL_PARAM_free(sess->u.sm2.params); #endif + break; + case RTE_CRYPTO_ASYM_XFORM_EDDSA: +#if (OPENSSL_VERSION_NUMBER >= 0x30000000L) + OSSL_PARAM_free(sess->u.eddsa.params); +#endif + break; default: break; } From patchwork Wed Nov 29 16:10:36 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gowrishankar Muthukrishnan X-Patchwork-Id: 134699 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@inbox.dpdk.org Delivered-To: patchwork@inbox.dpdk.org Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id C943B43402; Wed, 29 Nov 2023 17:11:02 +0100 (CET) Received: from mails.dpdk.org (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 0B5D242E51; Wed, 29 Nov 2023 17:10:54 +0100 (CET) Received: from mx0b-0016f401.pphosted.com (mx0a-0016f401.pphosted.com [67.231.148.174]) by mails.dpdk.org (Postfix) with ESMTP id 9F28542E4F for ; Wed, 29 Nov 2023 17:10:51 +0100 (CET) Received: from pps.filterd (m0045849.ppops.net [127.0.0.1]) by mx0a-0016f401.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 3ATFAE0Z011768; Wed, 29 Nov 2023 08:10:50 -0800 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding : content-type; s=pfpt0220; bh=YuQCW8jfu0knSm9VAGOPg+nYW+ES3dlA1inRiZVcP58=; b=kJfbE8YvtNI1np7SX8GneCAeUPXElSwqY435lQU2tDoqf9YymCOiFiFo38kTVMFM/MN+ uO8Wy6sT6Z6u0qnLofYWB5eQecxKeffVM/VoF5o9C7PD2w6DUoAol+I3vAVUxSg6uWIp CO4R3DQ/QovwZ34pOS5vN2/mOrm1bDREOdrEY5PdW9bn2nfJ2dY/YHvHEr//V+nIIf6c Ah7kwpPV9O2pJLtCqFkRXgP0QSQp8NRbfM6bGUH5O19JKcFJa/Yc6ffSWQTYcnE2UHZq 7l1zw96SEqqXHA2FeQ0hGToDYakwr8eYWsPg6cmVV/b49UNZOcBZ2ToqqyReU+h6oRPQ tw== Received: from dc5-exch02.marvell.com ([199.233.59.182]) by mx0a-0016f401.pphosted.com (PPS) with ESMTPS id 3up4x199bn-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Wed, 29 Nov 2023 08:10:49 -0800 Received: from DC5-EXCH01.marvell.com (10.69.176.38) by DC5-EXCH02.marvell.com (10.69.176.39) with Microsoft SMTP Server (TLS) id 15.0.1497.48; Wed, 29 Nov 2023 08:10:47 -0800 Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH01.marvell.com (10.69.176.38) with Microsoft SMTP Server id 15.0.1497.48 via Frontend Transport; Wed, 29 Nov 2023 08:10:47 -0800 Received: from BG-LT91401.marvell.com (BG-LT91401.marvell.com [10.28.168.34]) by maili.marvell.com (Postfix) with ESMTP id 591153F7048; Wed, 29 Nov 2023 08:10:45 -0800 (PST) From: Gowrishankar Muthukrishnan To: CC: , Akhil Goyal , Fan Zhang , Kai Ji , "Gowrishankar Muthukrishnan" Subject: [PATCH v1 3/3] test/crypto: add asymmetric EDDSA test cases Date: Wed, 29 Nov 2023 21:40:36 +0530 Message-ID: X-Mailer: git-send-email 2.21.0 In-Reply-To: <0ae6a1afadac64050d80b0fd7712c4a6a8599e2c.1701273963.git.gmuthukrishn@marvell.com> References: <0ae6a1afadac64050d80b0fd7712c4a6a8599e2c.1701273963.git.gmuthukrishn@marvell.com> MIME-Version: 1.0 X-Proofpoint-GUID: qdY58mKWrb-TtpdFIU53_x8EzCk-j5vn X-Proofpoint-ORIG-GUID: qdY58mKWrb-TtpdFIU53_x8EzCk-j5vn X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.272,Aquarius:18.0.997,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2023-11-29_14,2023-11-29_01,2023-05-22_02 X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Add test cases to validate EDDSA sign and verify ops, as per RFC 8032. Signed-off-by: Gowrishankar Muthukrishnan --- app/test/test_cryptodev_asym.c | 339 +++++++++++++++++++ app/test/test_cryptodev_eddsa_test_vectors.h | 330 ++++++++++++++++++ 2 files changed, 669 insertions(+) create mode 100644 app/test/test_cryptodev_eddsa_test_vectors.h diff --git a/app/test/test_cryptodev_asym.c b/app/test/test_cryptodev_asym.c index 17daf734e8..93ce75b7c9 100644 --- a/app/test/test_cryptodev_asym.c +++ b/app/test/test_cryptodev_asym.c @@ -20,6 +20,7 @@ #include "test_cryptodev_ecdh_test_vectors.h" #include "test_cryptodev_ecdsa_test_vectors.h" #include "test_cryptodev_ecpm_test_vectors.h" +#include "test_cryptodev_eddsa_test_vectors.h" #include "test_cryptodev_mod_test_vectors.h" #include "test_cryptodev_rsa_test_vectors.h" #include "test_cryptodev_sm2_test_vectors.h" @@ -3171,6 +3172,343 @@ test_sm2_dec(void) return status; }; +static int +test_eddsa_sign(enum rte_crypto_edward_instance instance) +{ + struct crypto_testsuite_params_asym *ts_params = &testsuite_params; + const struct rte_cryptodev_asymmetric_xform_capability *capa; + struct rte_mempool *sess_mpool = ts_params->session_mpool; + struct rte_mempool *op_mpool = ts_params->op_mpool; + struct crypto_testsuite_eddsa_params input_params; + struct rte_cryptodev_asym_capability_idx idx; + uint8_t dev_id = ts_params->valid_devs[0]; + struct rte_crypto_op *result_op = NULL; + uint8_t output_buf_r[TEST_DATA_SIZE]; + struct rte_crypto_asym_xform xform; + struct rte_crypto_asym_op *asym_op; + struct rte_crypto_op *op = NULL; + int ret, status = TEST_FAILED; + void *sess = NULL; + bool ctx = false; + + switch (instance) { + case RTE_CRYPTO_EDCURVE_25519: + input_params = eddsa_param_ed25519; + break; + case RTE_CRYPTO_EDCURVE_25519CTX: + input_params = eddsa_param_ed25519ctx; + ctx = true; + break; + case RTE_CRYPTO_EDCURVE_25519PH: + input_params = eddsa_param_ed25519ph; + break; + case RTE_CRYPTO_EDCURVE_448: + input_params = eddsa_param_ed448; + break; + case RTE_CRYPTO_EDCURVE_448PH: + input_params = eddsa_param_ed448ph; + break; + default: + RTE_LOG(ERR, USER1, + "line %u FAILED: %s", __LINE__, + "Unsupported curve id\n"); + status = TEST_SKIPPED; + goto exit; + } + + /* Check EDDSA capability */ + idx.type = RTE_CRYPTO_ASYM_XFORM_EDDSA; + capa = rte_cryptodev_asym_capability_get(dev_id, &idx); + if (capa == NULL) + return -ENOTSUP; + + /* Setup crypto op data structure */ + op = rte_crypto_op_alloc(op_mpool, RTE_CRYPTO_OP_TYPE_ASYMMETRIC); + if (op == NULL) { + RTE_LOG(ERR, USER1, + "line %u FAILED: %s", __LINE__, + "Failed to allocate asymmetric crypto " + "operation struct\n"); + status = TEST_FAILED; + goto exit; + } + + asym_op = op->asym; + + /* Setup asym xform */ + xform.next = NULL; + xform.xform_type = RTE_CRYPTO_ASYM_XFORM_EDDSA; + xform.ec.curve_id = input_params.curve; + xform.ec.pkey.data = input_params.pkey.data; + xform.ec.pkey.length = input_params.pkey.length; + xform.ec.qcomp.data = input_params.pubkey.data; + xform.ec.qcomp.length = input_params.pubkey.length; + + ret = rte_cryptodev_asym_session_create(dev_id, &xform, sess_mpool, &sess); + if (ret < 0) { + RTE_LOG(ERR, USER1, + "line %u FAILED: %s", __LINE__, + "Session creation failed\n"); + status = (ret == -ENOTSUP) ? TEST_SKIPPED : TEST_FAILED; + goto exit; + } + + /* Attach asymmetric crypto session to crypto operations */ + rte_crypto_op_attach_asym_session(op, sess); + + /* Compute sign */ + + /* Populate op with operational details */ + asym_op->eddsa.op_type = RTE_CRYPTO_ASYM_OP_SIGN; + asym_op->eddsa.instance = input_params.instance; + asym_op->eddsa.message.data = input_params.message.data; + asym_op->eddsa.message.length = input_params.message.length; + if (ctx) { + asym_op->eddsa.context.data = input_params.context.data; + asym_op->eddsa.context.length = input_params.context.length; + } + + /* Init out buf */ + asym_op->eddsa.sign.data = output_buf_r; + + RTE_LOG(DEBUG, USER1, "Process ASYM operation\n"); + + /* Process crypto operation */ + if (rte_cryptodev_enqueue_burst(dev_id, 0, &op, 1) != 1) { + RTE_LOG(ERR, USER1, + "line %u FAILED: %s", __LINE__, + "Error sending packet for operation\n"); + goto exit; + } + + while (rte_cryptodev_dequeue_burst(dev_id, 0, &result_op, 1) == 0) + rte_pause(); + + if (result_op == NULL) { + RTE_LOG(ERR, USER1, + "line %u FAILED: %s", __LINE__, + "Failed to process asym crypto op\n"); + goto exit; + } + + if (result_op->status != RTE_CRYPTO_OP_STATUS_SUCCESS) { + RTE_LOG(ERR, USER1, + "line %u FAILED: %s", __LINE__, + "Failed to process asym crypto op\n"); + goto exit; + } + + asym_op = result_op->asym; + + debug_hexdump(stdout, "sign:", + asym_op->eddsa.sign.data, asym_op->eddsa.sign.length); + + /* Verify sign (by comparison). */ + if (memcmp(input_params.sign.data, asym_op->eddsa.sign.data, + asym_op->eddsa.sign.length) != 0) { + RTE_LOG(ERR, USER1, + "line %u FAILED: %s", __LINE__, + "EDDSA sign failed.\n"); + goto exit; + } + + status = TEST_SUCCESS; +exit: + if (sess != NULL) + rte_cryptodev_asym_session_free(dev_id, sess); + rte_crypto_op_free(op); + return status; +}; + +static int +test_eddsa_verify(enum rte_crypto_edward_instance instance) +{ + struct crypto_testsuite_params_asym *ts_params = &testsuite_params; + const struct rte_cryptodev_asymmetric_xform_capability *capa; + struct rte_mempool *sess_mpool = ts_params->session_mpool; + struct rte_mempool *op_mpool = ts_params->op_mpool; + struct crypto_testsuite_eddsa_params input_params; + struct rte_cryptodev_asym_capability_idx idx; + uint8_t dev_id = ts_params->valid_devs[0]; + struct rte_crypto_op *result_op = NULL; + struct rte_crypto_asym_xform xform; + struct rte_crypto_asym_op *asym_op; + struct rte_crypto_op *op = NULL; + int ret, status = TEST_FAILED; + void *sess = NULL; + bool ctx = false; + + switch (instance) { + case RTE_CRYPTO_EDCURVE_25519: + input_params = eddsa_param_ed25519; + break; + case RTE_CRYPTO_EDCURVE_25519CTX: + input_params = eddsa_param_ed25519ctx; + ctx = true; + break; + case RTE_CRYPTO_EDCURVE_25519PH: + input_params = eddsa_param_ed25519ph; + break; + case RTE_CRYPTO_EDCURVE_448: + input_params = eddsa_param_ed448; + break; + case RTE_CRYPTO_EDCURVE_448PH: + input_params = eddsa_param_ed448ph; + break; + default: + RTE_LOG(ERR, USER1, + "line %u FAILED: %s", __LINE__, + "Unsupported curve id\n"); + status = TEST_SKIPPED; + goto exit; + } + + /* Check EDDSA capability */ + idx.type = RTE_CRYPTO_ASYM_XFORM_EDDSA; + capa = rte_cryptodev_asym_capability_get(dev_id, &idx); + if (capa == NULL) + return -ENOTSUP; + + /* Setup crypto op data structure */ + op = rte_crypto_op_alloc(op_mpool, RTE_CRYPTO_OP_TYPE_ASYMMETRIC); + if (op == NULL) { + RTE_LOG(ERR, USER1, + "line %u FAILED: %s", __LINE__, + "Failed to allocate asymmetric crypto " + "operation struct\n"); + goto exit; + } + + asym_op = op->asym; + + /* Setup asym xform */ + xform.next = NULL; + xform.xform_type = RTE_CRYPTO_ASYM_XFORM_EDDSA; + xform.ec.curve_id = input_params.curve; + xform.ec.pkey.data = input_params.pkey.data; + xform.ec.pkey.length = input_params.pkey.length; + xform.ec.qcomp.data = input_params.pubkey.data; + xform.ec.qcomp.length = input_params.pubkey.length; + + ret = rte_cryptodev_asym_session_create(dev_id, &xform, sess_mpool, &sess); + if (ret < 0) { + RTE_LOG(ERR, USER1, + "line %u FAILED: %s", __LINE__, + "Session creation failed\n"); + status = (ret == -ENOTSUP) ? TEST_SKIPPED : TEST_FAILED; + goto exit; + } + + /* Attach asymmetric crypto session to crypto operations */ + rte_crypto_op_attach_asym_session(op, sess); + + /* Compute sign */ + + /* Populate op with operational details */ + asym_op->eddsa.op_type = RTE_CRYPTO_ASYM_OP_VERIFY; + asym_op->eddsa.instance = input_params.instance; + asym_op->eddsa.message.data = input_params.message.data; + asym_op->eddsa.message.length = input_params.message.length; + if (ctx) { + asym_op->eddsa.context.data = input_params.context.data; + asym_op->eddsa.context.length = input_params.context.length; + } + + /* Init out buf */ + asym_op->eddsa.sign.data = input_params.sign.data; + asym_op->eddsa.sign.length = input_params.sign.length; + + RTE_LOG(DEBUG, USER1, "Process ASYM operation\n"); + + /* Process crypto operation */ + if (rte_cryptodev_enqueue_burst(dev_id, 0, &op, 1) != 1) { + RTE_LOG(ERR, USER1, + "line %u FAILED: %s", __LINE__, + "Error sending packet for operation\n"); + goto exit; + } + + while (rte_cryptodev_dequeue_burst(dev_id, 0, &result_op, 1) == 0) + rte_pause(); + + if (result_op == NULL) { + RTE_LOG(ERR, USER1, + "line %u FAILED: %s", __LINE__, + "Failed to process asym crypto op\n"); + goto exit; + } + + if (result_op->status != RTE_CRYPTO_OP_STATUS_SUCCESS) { + RTE_LOG(ERR, USER1, + "line %u FAILED: %s", __LINE__, + "Failed to process asym crypto op\n"); + goto exit; + } + + asym_op = result_op->asym; + + debug_hexdump(stdout, "sign:", + asym_op->eddsa.sign.data, asym_op->eddsa.sign.length); + + /* Verify sign (by comparison). */ + if (memcmp(input_params.sign.data, asym_op->eddsa.sign.data, + asym_op->eddsa.sign.length) != 0) { + status = TEST_FAILED; + RTE_LOG(ERR, USER1, + "line %u FAILED: %s", __LINE__, + "EDDSA sign failed.\n"); + goto exit; + } + + status = TEST_SUCCESS; +exit: + if (sess != NULL) + rte_cryptodev_asym_session_free(dev_id, sess); + rte_crypto_op_free(op); + return status; +}; + +static int +test_eddsa_sign_verify_all_curve(void) +{ + static const char * const edcurve[] = {"ed25519", "ed25519ctx", "ed25519ph", + "ed448", "ed448ph"}; + int status, overall_status = TEST_SUCCESS; + enum rte_crypto_edward_instance ins; + int test_index = 0; + const char *msg; + + for (ins = RTE_CRYPTO_EDCURVE_25519; ins <= RTE_CRYPTO_EDCURVE_448PH; ins++) { + status = test_eddsa_sign(ins); + if (status == TEST_SUCCESS) { + msg = "succeeded"; + } else if (status == TEST_SKIPPED) { + msg = "skipped"; + } else { + msg = "failed"; + overall_status = status; + } + printf(" %u) TestCase Sign Curve %s %s\n", + test_index ++, edcurve[ins], msg); + } + + for (ins = RTE_CRYPTO_EDCURVE_25519; ins <= RTE_CRYPTO_EDCURVE_448PH; ins++) { + status = test_eddsa_verify(ins); + if (status == TEST_SUCCESS) { + msg = "succeeded"; + } else if (status == TEST_SKIPPED) { + msg = "skipped"; + } else { + msg = "failed"; + overall_status = status; + } + printf(" %u) TestCase Verify Curve %s %s\n", + test_index ++, edcurve[ins], msg); + } + + return overall_status; +} + static int send_one(void) { int ticks = 0; @@ -3513,6 +3851,7 @@ static struct unit_test_suite cryptodev_openssl_asym_testsuite = { "Modex Group 18 test", ut_setup_asym, ut_teardown_asym, modular_exponentiation, &modex_group_test_cases[5]), + TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, test_eddsa_sign_verify_all_curve), TEST_CASES_END() /**< NULL terminate unit test array */ } }; diff --git a/app/test/test_cryptodev_eddsa_test_vectors.h b/app/test/test_cryptodev_eddsa_test_vectors.h new file mode 100644 index 0000000000..11b17e6c62 --- /dev/null +++ b/app/test/test_cryptodev_eddsa_test_vectors.h @@ -0,0 +1,330 @@ +/* SPDX-License-Identifier: BSD-3-Clause + * Copyright(C) 2023 Marvell. + */ + +#ifndef __TEST_CRYPTODEV_EDDSA_TEST_VECTORS_H__ +#define __TEST_CRYPTODEV_EDDSA_TEST_VECTORS_H__ + +#include "rte_crypto_asym.h" + +struct crypto_testsuite_eddsa_params { + rte_crypto_param pubkey; + rte_crypto_param pkey; + rte_crypto_param sign; + rte_crypto_param message; + rte_crypto_param context; + enum rte_crypto_curve_id curve; + enum rte_crypto_edward_instance instance; +}; + +static uint8_t ed25519_pkey[] = { + 0x83, 0x3f, 0xe6, 0x24, 0x09, 0x23, 0x7b, 0x9d, + 0x62, 0xec, 0x77, 0x58, 0x75, 0x20, 0x91, 0x1e, + 0x9a, 0x75, 0x9c, 0xec, 0x1d, 0x19, 0x75, 0x5b, + 0x7d, 0xa9, 0x01, 0xb9, 0x6d, 0xca, 0x3d, 0x42 +}; + +static uint8_t ed25519_pubkey[] = { + 0xec, 0x17, 0x2b, 0x93, 0xad, 0x5e, 0x56, 0x3b, + 0xf4, 0x93, 0x2c, 0x70, 0xe1, 0x24, 0x50, 0x34, + 0xc3, 0x54, 0x67, 0xef, 0x2e, 0xfd, 0x4d, 0x64, + 0xeb, 0xf8, 0x19, 0x68, 0x34, 0x67, 0xe2, 0xbf +}; + +static uint8_t ed25519_sign[] = { + 0xdc, 0x2a, 0x44, 0x59, 0xe7, 0x36, 0x96, 0x33, + 0xa5, 0x2b, 0x1b, 0xf2, 0x77, 0x83, 0x9a, 0x00, + 0x20, 0x10, 0x09, 0xa3, 0xef, 0xbf, 0x3e, 0xcb, + 0x69, 0xbe, 0xa2, 0x18, 0x6c, 0x26, 0xb5, 0x89, + 0x09, 0x35, 0x1f, 0xc9, 0xac, 0x90, 0xb3, 0xec, + 0xfd, 0xfb, 0xc7, 0xc6, 0x64, 0x31, 0xe0, 0x30, + 0x3d, 0xca, 0x17, 0x9c, 0x13, 0x8a, 0xc1, 0x7a, + 0xd9, 0xbe, 0xf1, 0x17, 0x73, 0x31, 0xa7, 0x04 +}; + +static uint8_t ed25519_message[] = { + 0xdd, 0xaf, 0x35, 0xa1, 0x93, 0x61, 0x7a, 0xba, + 0xcc, 0x41, 0x73, 0x49, 0xae, 0x20, 0x41, 0x31, + 0x12, 0xe6, 0xfa, 0x4e, 0x89, 0xa9, 0x7e, 0xa2, + 0x0a, 0x9e, 0xee, 0xe6, 0x4b, 0x55, 0xd3, 0x9a, + 0x21, 0x92, 0x99, 0x2a, 0x27, 0x4f, 0xc1, 0xa8, + 0x36, 0xba, 0x3c, 0x23, 0xa3, 0xfe, 0xeb, 0xbd, + 0x45, 0x4d, 0x44, 0x23, 0x64, 0x3c, 0xe8, 0x0e, + 0x2a, 0x9a, 0xc9, 0x4f, 0xa5, 0x4c, 0xa4, 0x9f +}; + +/** EDDSA ed25519 curve test params (RFC 8032) */ +struct crypto_testsuite_eddsa_params eddsa_param_ed25519 = { + .pkey = { + .data = ed25519_pkey, + .length = sizeof(ed25519_pkey), + }, + .pubkey = { + .data = ed25519_pubkey, + .length = sizeof(ed25519_pubkey), + }, + .sign = { + .data = ed25519_sign, + .length = sizeof(ed25519_sign), + }, + .message = { + .data = ed25519_message, + .length = sizeof(ed25519_message), + }, + .curve = RTE_CRYPTO_EC_GROUP_ED25519, + .instance = RTE_CRYPTO_EDCURVE_25519 +}; + +static uint8_t ed25519ctx_pkey[] = { + 0x03, 0x05, 0x33, 0x4e, 0x38, 0x1a, 0xf7, 0x8f, + 0x14, 0x1c, 0xb6, 0x66, 0xf6, 0x19, 0x9f, 0x57, + 0xbc, 0x34, 0x95, 0x33, 0x5a, 0x25, 0x6a, 0x95, + 0xbd, 0x2a, 0x55, 0xbf, 0x54, 0x66, 0x63, 0xf6 +}; + +static uint8_t ed25519ctx_pubkey[] = { + 0xdf, 0xc9, 0x42, 0x5e, 0x4f, 0x96, 0x8f, 0x7f, + 0x0c, 0x29, 0xf0, 0x25, 0x9c, 0xf5, 0xf9, 0xae, + 0xd6, 0x85, 0x1c, 0x2b, 0xb4, 0xad, 0x8b, 0xfb, + 0x86, 0x0c, 0xfe, 0xe0, 0xab, 0x24, 0x82, 0x92 +}; + +static uint8_t ed25519ctx_sign[] = { + 0x55, 0xa4, 0xcc, 0x2f, 0x70, 0xa5, 0x4e, 0x04, + 0x28, 0x8c, 0x5f, 0x4c, 0xd1, 0xe4, 0x5a, 0x7b, + 0xb5, 0x20, 0xb3, 0x62, 0x92, 0x91, 0x18, 0x76, + 0xca, 0xda, 0x73, 0x23, 0x19, 0x8d, 0xd8, 0x7a, + 0x8b, 0x36, 0x95, 0x0b, 0x95, 0x13, 0x00, 0x22, + 0x90, 0x7a, 0x7f, 0xb7, 0xc4, 0xe9, 0xb2, 0xd5, + 0xf6, 0xcc, 0xa6, 0x85, 0xa5, 0x87, 0xb4, 0xb2, + 0x1f, 0x4b, 0x88, 0x8e, 0x4e, 0x7e, 0xdb, 0x0d +}; + +static uint8_t ed25519ctx_message[] = { + 0xf7, 0x26, 0x93, 0x6d, 0x19, 0xc8, 0x00, 0x49, + 0x4e, 0x3f, 0xda, 0xff, 0x20, 0xb2, 0x76, 0xa8 +}; + +static uint8_t ed25519ctx_context[] = { + 0x66, 0x6f, 0x6f +}; + +/** EDDSA ed25519ctx curve test params (RFC 8032) */ +struct crypto_testsuite_eddsa_params eddsa_param_ed25519ctx = { + .pkey = { + .data = ed25519ctx_pkey, + .length = sizeof(ed25519ctx_pkey), + }, + .pubkey = { + .data = ed25519ctx_pubkey, + .length = sizeof(ed25519ctx_pubkey), + }, + .sign = { + .data = ed25519ctx_sign, + .length = sizeof(ed25519ctx_sign), + }, + .message = { + .data = ed25519ctx_message, + .length = sizeof(ed25519ctx_message), + }, + .context = { + .data = ed25519ctx_context, + .length = sizeof(ed25519ctx_context), + }, + .curve = RTE_CRYPTO_EC_GROUP_ED25519, + .instance = RTE_CRYPTO_EDCURVE_25519CTX +}; + +static uint8_t ed25519ph_pkey[] = { + 0x83, 0x3f, 0xe6, 0x24, 0x09, 0x23, 0x7b, 0x9d, + 0x62, 0xec, 0x77, 0x58, 0x75, 0x20, 0x91, 0x1e, + 0x9a, 0x75, 0x9c, 0xec, 0x1d, 0x19, 0x75, 0x5b, + 0x7d, 0xa9, 0x01, 0xb9, 0x6d, 0xca, 0x3d, 0x42 +}; + +static uint8_t ed25519ph_pubkey[] = { + 0xec, 0x17, 0x2b, 0x93, 0xad, 0x5e, 0x56, 0x3b, + 0xf4, 0x93, 0x2c, 0x70, 0xe1, 0x24, 0x50, 0x34, + 0xc3, 0x54, 0x67, 0xef, 0x2e, 0xfd, 0x4d, 0x64, + 0xeb, 0xf8, 0x19, 0x68, 0x34, 0x67, 0xe2, 0xbf +}; + +static uint8_t ed25519ph_sign[] = { + 0x98, 0xa7, 0x02, 0x22, 0xf0, 0xb8, 0x12, 0x1a, + 0xa9, 0xd3, 0x0f, 0x81, 0x3d, 0x68, 0x3f, 0x80, + 0x9e, 0x46, 0x2b, 0x46, 0x9c, 0x7f, 0xf8, 0x76, + 0x39, 0x49, 0x9b, 0xb9, 0x4e, 0x6d, 0xae, 0x41, + 0x31, 0xf8, 0x50, 0x42, 0x46, 0x3c, 0x2a, 0x35, + 0x5a, 0x20, 0x03, 0xd0, 0x62, 0xad, 0xf5, 0xaa, + 0xa1, 0x0b, 0x8c, 0x61, 0xe6, 0x36, 0x06, 0x2a, + 0xaa, 0xd1, 0x1c, 0x2a, 0x26, 0x08, 0x34, 0x06 +}; + +static uint8_t ed25519ph_message[] = { + 0x61, 0x62, 0x63 +}; + +/** EDDSA ed25519ph curve test params (RFC 8032) */ +struct crypto_testsuite_eddsa_params eddsa_param_ed25519ph = { + .pkey = { + .data = ed25519ph_pkey, + .length = sizeof(ed25519ph_pkey), + }, + .pubkey = { + .data = ed25519ph_pubkey, + .length = sizeof(ed25519ph_pubkey), + }, + .sign = { + .data = ed25519ph_sign, + .length = sizeof(ed25519ph_sign), + }, + .message = { + .data = ed25519ph_message, + .length = sizeof(ed25519ph_message), + }, + .curve = RTE_CRYPTO_EC_GROUP_ED25519, + .instance = RTE_CRYPTO_EDCURVE_25519PH +}; + +static uint8_t ed448_pkey[] = { + 0xd6, 0x5d, 0xf3, 0x41, 0xad, 0x13, 0xe0, 0x08, + 0x56, 0x76, 0x88, 0xba, 0xed, 0xda, 0x8e, 0x9d, + 0xcd, 0xc1, 0x7d, 0xc0, 0x24, 0x97, 0x4e, 0xa5, + 0xb4, 0x22, 0x7b, 0x65, 0x30, 0xe3, 0x39, 0xbf, + 0xf2, 0x1f, 0x99, 0xe6, 0x8c, 0xa6, 0x96, 0x8f, + 0x3c, 0xca, 0x6d, 0xfe, 0x0f, 0xb9, 0xf4, 0xfa, + 0xb4, 0xfa, 0x13, 0x5d, 0x55, 0x42, 0xea, 0x3f, + 0x01 +}; + +static uint8_t ed448_pubkey[] = { + 0xdf, 0x97, 0x05, 0xf5, 0x8e, 0xdb, 0xab, 0x80, + 0x2c, 0x7f, 0x83, 0x63, 0xcf, 0xe5, 0x56, 0x0a, + 0xb1, 0xc6, 0x13, 0x2c, 0x20, 0xa9, 0xf1, 0xdd, + 0x16, 0x34, 0x83, 0xa2, 0x6f, 0x8a, 0xc5, 0x3a, + 0x39, 0xd6, 0x80, 0x8b, 0xf4, 0xa1, 0xdf, 0xbd, + 0x26, 0x1b, 0x09, 0x9b, 0xb0, 0x3b, 0x3f, 0xb5, + 0x09, 0x06, 0xcb, 0x28, 0xbd, 0x8a, 0x08, 0x1f, + 0x00 +}; + +static uint8_t ed448_sign[] = { + 0x55, 0x4b, 0xc2, 0x48, 0x08, 0x60, 0xb4, 0x9e, + 0xab, 0x85, 0x32, 0xd2, 0xa5, 0x33, 0xb7, 0xd5, + 0x78, 0xef, 0x47, 0x3e, 0xeb, 0x58, 0xc9, 0x8b, + 0xb2, 0xd0, 0xe1, 0xce, 0x48, 0x8a, 0x98, 0xb1, + 0x8d, 0xfd, 0xe9, 0xb9, 0xb9, 0x07, 0x75, 0xe6, + 0x7f, 0x47, 0xd4, 0xa1, 0xc3, 0x48, 0x20, 0x58, + 0xef, 0xc9, 0xf4, 0x0d, 0x2c, 0xa0, 0x33, 0xa0, + 0x80, + 0x1b, 0x63, 0xd4, 0x5b, 0x3b, 0x72, 0x2e, 0xf5, + 0x52, 0xba, 0xd3, 0xb4, 0xcc, 0xb6, 0x67, 0xda, + 0x35, 0x01, 0x92, 0xb6, 0x1c, 0x50, 0x8c, 0xf7, + 0xb6, 0xb5, 0xad, 0xad, 0xc2, 0xc8, 0xd9, 0xa4, + 0x46, 0xef, 0x00, 0x3f, 0xb0, 0x5c, 0xba, 0x5f, + 0x30, 0xe8, 0x8e, 0x36, 0xec, 0x27, 0x03, 0xb3, + 0x49, 0xca, 0x22, 0x9c, 0x26, 0x70, 0x83, 0x39, + 0x00 +}; + +static uint8_t ed448_message[] = { + 0xbd, 0x0f, 0x6a, 0x37, 0x47, 0xcd, 0x56, 0x1b, + 0xdd, 0xdf, 0x46, 0x40, 0xa3, 0x32, 0x46, 0x1a, + 0x4a, 0x30, 0xa1, 0x2a, 0x43, 0x4c, 0xd0, 0xbf, + 0x40, 0xd7, 0x66, 0xd9, 0xc6, 0xd4, 0x58, 0xe5, + 0x51, 0x22, 0x04, 0xa3, 0x0c, 0x17, 0xd1, 0xf5, + 0x0b, 0x50, 0x79, 0x63, 0x1f, 0x64, 0xeb, 0x31, + 0x12, 0x18, 0x2d, 0xa3, 0x00, 0x58, 0x35, 0x46, + 0x11, 0x13, 0x71, 0x8d, 0x1a, 0x5e, 0xf9, 0x44 +}; + +/** EDDSA ed448 curve test params (RFC 8032) */ +struct crypto_testsuite_eddsa_params eddsa_param_ed448 = { + .pkey = { + .data = ed448_pkey, + .length = sizeof(ed448_pkey), + }, + .pubkey = { + .data = ed448_pubkey, + .length = sizeof(ed448_pubkey), + }, + .sign = { + .data = ed448_sign, + .length = sizeof(ed448_sign), + }, + .message = { + .data = ed448_message, + .length = sizeof(ed448_message), + }, + .curve = RTE_CRYPTO_EC_GROUP_ED448, + .instance = RTE_CRYPTO_EDCURVE_448 +}; + +static uint8_t ed448ph_pkey[] = { + 0x83, 0x3f, 0xe6, 0x24, 0x09, 0x23, 0x7b, 0x9d, + 0x62, 0xec, 0x77, 0x58, 0x75, 0x20, 0x91, 0x1e, + 0x9a, 0x75, 0x9c, 0xec, 0x1d, 0x19, 0x75, 0x5b, + 0x7d, 0xa9, 0x01, 0xb9, 0x6d, 0xca, 0x3d, 0x42, + 0xef, 0x78, 0x22, 0xe0, 0xd5, 0x10, 0x41, 0x27, + 0xdc, 0x05, 0xd6, 0xdb, 0xef, 0xde, 0x69, 0xe3, + 0xab, 0x2c, 0xec, 0x7c, 0x86, 0x7c, 0x6e, 0x2c, + 0x49 +}; + +static uint8_t ed448ph_pubkey[] = { + 0x25, 0x9b, 0x71, 0xc1, 0x9f, 0x83, 0xef, 0x77, + 0xa7, 0xab, 0xd2, 0x65, 0x24, 0xcb, 0xdb, 0x31, + 0x61, 0xb5, 0x90, 0xa4, 0x8f, 0x7d, 0x17, 0xde, + 0x3e, 0xe0, 0xba, 0x9c, 0x52, 0xbe, 0xb7, 0x43, + 0xc0, 0x94, 0x28, 0xa1, 0x31, 0xd6, 0xb1, 0xb5, + 0x73, 0x03, 0xd9, 0x0d, 0x81, 0x32, 0xc2, 0x76, + 0xd5, 0xed, 0x3d, 0x5d, 0x01, 0xc0, 0xf5, 0x38, + 0x80 +}; + +static uint8_t ed448ph_sign[] = { + 0x82, 0x2f, 0x69, 0x01, 0xf7, 0x48, 0x0f, 0x3d, + 0x5f, 0x56, 0x2c, 0x59, 0x29, 0x94, 0xd9, 0x69, + 0x36, 0x02, 0x87, 0x56, 0x14, 0x48, 0x32, 0x56, + 0x50, 0x56, 0x00, 0xbb, 0xc2, 0x81, 0xae, 0x38, + 0x1f, 0x54, 0xd6, 0xbc, 0xe2, 0xea, 0x91, 0x15, + 0x74, 0x93, 0x2f, 0x52, 0xa4, 0xe6, 0xca, 0xdd, + 0x78, 0x76, 0x93, 0x75, 0xec, 0x3f, 0xfd, 0x1b, + 0x80, + 0x1a, 0x0d, 0x9b, 0x3f, 0x40, 0x30, 0xcd, 0x43, + 0x39, 0x64, 0xb6, 0x45, 0x7e, 0xa3, 0x94, 0x76, + 0x51, 0x12, 0x14, 0xf9, 0x74, 0x69, 0xb5, 0x7d, + 0xd3, 0x2d, 0xbc, 0x56, 0x0a, 0x9a, 0x94, 0xd0, + 0x0b, 0xff, 0x07, 0x62, 0x04, 0x64, 0xa3, 0xad, + 0x20, 0x3d, 0xf7, 0xdc, 0x7c, 0xe3, 0x60, 0xc3, + 0xcd, 0x36, 0x96, 0xd9, 0xd9, 0xfa, 0xb9, 0x0f, + 0x00 +}; + +static uint8_t ed448ph_message[] = { + 0x61, 0x62, 0x63 +}; + +/** EDDSA ed448ph curve test params (RFC 8032) */ +struct crypto_testsuite_eddsa_params eddsa_param_ed448ph = { + .pkey = { + .data = ed448ph_pkey, + .length = sizeof(ed448ph_pkey), + }, + .pubkey = { + .data = ed448ph_pubkey, + .length = sizeof(ed448ph_pubkey), + }, + .sign = { + .data = ed448ph_sign, + .length = sizeof(ed448ph_sign), + }, + .message = { + .data = ed448ph_message, + .length = sizeof(ed448ph_message), + }, + .curve = RTE_CRYPTO_EC_GROUP_ED448, + .instance = RTE_CRYPTO_EDCURVE_448PH +}; + +#endif /* __TEST_CRYPTODEV_EDDSA_TEST_VECTORS_H__ */