* [dpdk-dev v1 1/2] app/test: add diffie-hellman test cases
@ 2023-03-14 0:12 Kai Ji
2023-03-14 0:12 ` [dpdk-dev v1 2/2] app/test: add ecdh " Kai Ji
` (2 more replies)
0 siblings, 3 replies; 8+ messages in thread
From: Kai Ji @ 2023-03-14 0:12 UTC (permalink / raw
To: dev; +Cc: gakhil, stable, Arkadiusz Kusztal, Kai Ji
From: Arkadiusz Kusztal <arkadiuszx.kusztal@intel.com>
Added Diffie-Hellman tests. This tests adding possibility
to check correctness of particular DH phases, which is not
possible with current tests cases.
Signed-off-by: Arkadiusz Kusztal <arkadiuszx.kusztal@intel.com>
Signed-off-by: Kai Ji <kai.ji@intel.com>
---
app/test/test_cryptodev_asym.c | 262 ++++++++++++++++++
app/test/test_cryptodev_dh_test_vectors.h | 318 ++++++++++++++++++++++
2 files changed, 580 insertions(+)
diff --git a/app/test/test_cryptodev_asym.c b/app/test/test_cryptodev_asym.c
index 5b16dcab56..91550946e2 100644
--- a/app/test/test_cryptodev_asym.c
+++ b/app/test/test_cryptodev_asym.c
@@ -64,6 +64,39 @@ static uint32_t test_index;
static struct crypto_testsuite_params_asym testsuite_params = { NULL };
+static void
+test_crypto_rand(int len, uint8_t *buffer)
+{
+ int i;
+
+ for (i = 0; i < len; ++i)
+ buffer[i] = (uint8_t)(rand() % ((uint8_t)-1)) | 1;
+}
+
+static int
+process_crypto_request(uint8_t dev_id, struct rte_crypto_op **op,
+ struct rte_crypto_op **result_op)
+{
+ /* Process crypto operation */
+ if (rte_cryptodev_enqueue_burst(dev_id, 0, op, 1) != 1) {
+ RTE_LOG(ERR, USER1,
+ "line %u FAILED: %s",
+ __LINE__, "Error sending packet for operation");
+ return -1;
+ }
+
+ while (rte_cryptodev_dequeue_burst(dev_id, 0, result_op, 1) == 0)
+ rte_pause();
+
+ if (*result_op == NULL) {
+ RTE_LOG(ERR, USER1,
+ "line %u FAILED: %s",
+ __LINE__, "Failed to process asym crypto op");
+ return -1;
+ }
+ return 0;
+}
+
static int
queue_ops_rsa_sign_verify(void *sess)
{
@@ -2196,6 +2229,219 @@ test_ecpm_all_curve(void)
return overall_status;
}
+static void *
+dh_alice_bob_set_session(uint8_t dev_id,
+ struct rte_crypto_op *op,
+ const struct test_dh_group *group)
+{
+ struct rte_crypto_asym_xform xform = { };
+ void *sess = NULL;
+ int ret = 0;
+
+ xform.xform_type = RTE_CRYPTO_ASYM_XFORM_DH;
+ xform.dh.g.data = group->g.data;
+ xform.dh.g.length = group->g.bytesize;
+ xform.dh.p.data = group->p.data;
+ xform.dh.p.length = group->p.bytesize;
+ ret = rte_cryptodev_asym_session_create(dev_id, &xform,
+ testsuite_params.session_mpool, &sess);
+ if (ret)
+ return NULL;
+
+ rte_crypto_op_attach_asym_session(op, sess);
+ return sess;
+}
+
+static void
+dh_alice_bob_gen_x(const struct test_dh_group *group,
+ uint8_t *private_data)
+{
+ test_crypto_rand(group->priv_ff_size, private_data);
+ if (private_data[0] > group->p.data[0])
+ private_data[0] = group->p.data[0] - 1;
+}
+
+static int
+dh_alice_bob_gen_y(struct rte_crypto_op *op,
+ const char *name,
+ const uint8_t dev_id,
+ uint8_t *y,
+ uint8_t *x,
+ const int ff_size)
+{
+ struct rte_crypto_op *result_op;
+ int ret = 0;
+
+ op->asym->dh.ke_type = RTE_CRYPTO_ASYM_KE_PUB_KEY_GENERATE;
+ op->asym->dh.pub_key.data = y;
+ op->asym->dh.priv_key.data = x;
+ op->asym->dh.priv_key.length = ff_size;
+
+ ret = process_crypto_request(dev_id, &op, &result_op);
+ TEST_ASSERT_SUCCESS(ret, "Failed to compute public key for %s", name);
+
+ return 0;
+}
+
+static int
+dh_alice_bob_shared_compute(uint8_t dev_id,
+ const char *name,
+ struct rte_crypto_op *op,
+ uint8_t *secret,
+ uint8_t *peer,
+ uint32_t peer_size)
+{
+ struct rte_crypto_op *result_op;
+ int ret = 0;
+
+ op->asym->dh.ke_type = RTE_CRYPTO_ASYM_KE_SHARED_SECRET_COMPUTE;
+ op->asym->dh.pub_key.data = peer;
+ op->asym->dh.pub_key.length = peer_size;
+ op->asym->dh.shared_secret.data = secret;
+
+ ret = process_crypto_request(dev_id, &op, &result_op);
+ TEST_ASSERT_SUCCESS(ret,
+ "Failed to compute shared secret for %s",
+ name);
+
+ return 0;
+}
+
+/* Diffie-Hellman test to verify the processed data */
+static int
+dh_alice_bob_verify(struct rte_crypto_op *alice_op,
+ struct rte_crypto_op *bob_op)
+{
+ int ret = 0;
+
+ /* Verify processed data */
+ ret = (alice_op->asym->dh.shared_secret.length ==
+ bob_op->asym->dh.shared_secret.length);
+ if (!ret) {
+ RTE_LOG(ERR, USER1, "line %u FAILED: %s", __LINE__,
+ "Alice's and Bob's shared secret length do not match.");
+ return TEST_FAILED;
+ }
+ ret = memcmp(alice_op->asym->dh.shared_secret.data,
+ alice_op->asym->dh.shared_secret.data,
+ bob_op->asym->dh.shared_secret.length);
+ if (ret) {
+ RTE_LOG(ERR, USER1, "line %u FAILED: %s", __LINE__,
+ "Alice's and Bob's shared secret do not match.");
+ return TEST_FAILED;
+ }
+ return TEST_SUCCESS;
+}
+
+static int
+test_dh_alice_and_bob(const void *test_data)
+{
+ uint8_t alice_x[TEST_DH_MOD_LEN] = { };
+ uint8_t alice_y[TEST_DH_MOD_LEN] = { };
+ uint8_t alice_secret[TEST_DH_MOD_LEN] = { };
+ uint8_t bob_x[TEST_DH_MOD_LEN] = { };
+ uint8_t bob_y[TEST_DH_MOD_LEN] = { };
+ uint8_t bob_secret[TEST_DH_MOD_LEN] = { };
+
+ const struct test_dh_group *group = test_data;
+ struct rte_crypto_op *alice_op = NULL;
+ struct rte_crypto_op *bob_op = NULL;
+ void *alice_session = NULL;
+ void *bob_session = NULL;
+
+ int ret = TEST_SUCCESS;
+ uint32_t alice_y_size = 0;
+ uint32_t bob_y_size = 0;
+ uint8_t dev_id = testsuite_params.valid_devs[0];
+
+ alice_op = rte_crypto_op_alloc(testsuite_params.op_mpool,
+ RTE_CRYPTO_OP_TYPE_ASYMMETRIC);
+ if (alice_op == NULL) {
+ RTE_LOG(ERR, USER1, "line %u FAILED: %s", __LINE__,
+ "Cannot allocate alice_op");
+ ret = TEST_FAILED;
+ goto error_exit;
+ }
+ bob_op = rte_crypto_op_alloc(testsuite_params.op_mpool,
+ RTE_CRYPTO_OP_TYPE_ASYMMETRIC);
+ if (bob_op == NULL) {
+ RTE_LOG(ERR, USER1, "line %u FAILED: %s", __LINE__,
+ "Cannot allocate bob_op");
+ ret = TEST_FAILED;
+ goto error_exit;
+ }
+
+ alice_session = dh_alice_bob_set_session(dev_id, alice_op,
+ group);
+ if (alice_session == NULL) {
+ RTE_LOG(ERR, USER1, "line %u FAILED: %s", __LINE__,
+ "Cannot allocate alice_session");
+ ret = TEST_FAILED;
+ goto error_exit;
+ }
+ bob_session = dh_alice_bob_set_session(dev_id, bob_op,
+ group);
+ if (bob_session == NULL) {
+ RTE_LOG(ERR, USER1, "line %u FAILED: %s", __LINE__,
+ "Cannot allocate bob_session");
+ ret = TEST_FAILED;
+ goto error_exit;
+ }
+
+ dh_alice_bob_gen_x(group, alice_x);
+ ret = dh_alice_bob_gen_y(alice_op, "Alice", dev_id,
+ alice_y, alice_x, group->priv_ff_size);
+ if (ret) {
+ RTE_LOG(ERR, USER1, "line %u FAILED: %s", __LINE__,
+ "Diffie-Hellman error\n");
+ goto error_exit;
+ }
+ alice_y_size = alice_op->asym->dh.pub_key.length;
+ dh_alice_bob_gen_x(group, bob_x);
+ ret = dh_alice_bob_gen_y(bob_op, "Bob", dev_id,
+ bob_y, bob_x, group->priv_ff_size);
+ if (ret) {
+ RTE_LOG(ERR, USER1, "line %u FAILED: %s", __LINE__,
+ "Diffie-Hellman error\n");
+ goto error_exit;
+ }
+ bob_y_size = bob_op->asym->dh.pub_key.length;
+
+ ret = dh_alice_bob_shared_compute(dev_id, "Alice", alice_op,
+ alice_secret, bob_y, bob_y_size);
+ if (ret) {
+ RTE_LOG(ERR, USER1, "line %u FAILED: %s", __LINE__,
+ "Diffie-Hellman error, error computing Alice's shared secret");
+ goto error_exit;
+ }
+
+ ret = dh_alice_bob_shared_compute(dev_id, "Bob", bob_op, bob_secret,
+ alice_y, alice_y_size);
+ if (ret) {
+ RTE_LOG(ERR, USER1, "line %u FAILED: %s", __LINE__,
+ "Diffie-Hellman error, error computing Bob's shared secret");
+ goto error_exit;
+ }
+
+ ret = dh_alice_bob_verify(alice_op, bob_op);
+ if (ret) {
+ RTE_LOG(ERR, USER1, "line %u FAILED: %s", __LINE__,
+ "Diffie-Hellman error");
+ goto error_exit;
+ }
+
+error_exit:
+ if (alice_session)
+ rte_cryptodev_asym_session_free(dev_id, alice_session);
+ if (bob_session)
+ rte_cryptodev_asym_session_free(dev_id, bob_session);
+ if (alice_op)
+ rte_crypto_op_free(alice_op);
+ if (bob_op != NULL)
+ rte_crypto_op_free(bob_op);
+ return ret;
+}
+
static struct unit_test_suite cryptodev_openssl_asym_testsuite = {
.suite_name = "Crypto Device OPENSSL ASYM Unit Test Suite",
.setup = testsuite_setup,
@@ -2215,6 +2461,22 @@ static struct unit_test_suite cryptodev_openssl_asym_testsuite = {
TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, test_mod_inv),
TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, test_mod_exp),
TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, test_one_by_one),
+ TEST_CASE_NAMED_WITH_DATA(
+ "Diffie-Hellman Alice and Bob group 14 ikev2 test",
+ ut_setup_asym, ut_teardown_asym,
+ test_dh_alice_and_bob, &test_dh_ikev2group_14),
+ TEST_CASE_NAMED_WITH_DATA(
+ "Diffie-Hellman Alice and Bob group 15 ikev2 test",
+ ut_setup_asym, ut_teardown_asym,
+ test_dh_alice_and_bob, &test_dh_ikev2group_15),
+ TEST_CASE_NAMED_WITH_DATA(
+ "Diffie-Hellman Alice and Bob group 16 ikev2 test",
+ ut_setup_asym, ut_teardown_asym,
+ test_dh_alice_and_bob, &test_dh_ikev2group_16),
+ TEST_CASE_NAMED_WITH_DATA(
+ "Diffie-Hellman Alice and Bob group 24 ikev2 test",
+ ut_setup_asym, ut_teardown_asym,
+ test_dh_alice_and_bob, &test_dh_ikev2group_24),
TEST_CASES_END() /**< NULL terminate unit test array */
}
};
diff --git a/app/test/test_cryptodev_dh_test_vectors.h b/app/test/test_cryptodev_dh_test_vectors.h
index fe7510dcd3..6af677c614 100644
--- a/app/test/test_cryptodev_dh_test_vectors.h
+++ b/app/test/test_cryptodev_dh_test_vectors.h
@@ -10,6 +10,18 @@
#define TEST_DATA_SIZE 4096
#define TEST_DH_MOD_LEN 1024
+struct test_dh_group {
+ int id;
+ struct {
+ uint8_t *data;
+ uint32_t bytesize;
+ } g;
+ struct {
+ uint8_t *data;
+ uint32_t bytesize;
+ } p;
+ uint32_t priv_ff_size;
+};
struct dh_test_param {
rte_crypto_param priv_key;
@@ -77,4 +89,310 @@ struct rte_crypto_asym_xform dh_xform = {
}
};
+static uint8_t test_dh_gen_2[] = {
+ 0x2,
+};
+
+static uint8_t test_dh_ikev2group14_p[] = {
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68, 0xC2, 0x34,
+ 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1,
+ 0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74,
+ 0x02, 0x0B, 0xBE, 0xA6, 0x3B, 0x13, 0x9B, 0x22,
+ 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD,
+ 0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B,
+ 0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, 0x37,
+ 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45,
+ 0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6,
+ 0xF4, 0x4C, 0x42, 0xE9, 0xA6, 0x37, 0xED, 0x6B,
+ 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED,
+ 0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5,
+ 0xAE, 0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6,
+ 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D,
+ 0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05,
+ 0x98, 0xDA, 0x48, 0x36, 0x1C, 0x55, 0xD3, 0x9A,
+ 0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F,
+ 0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96,
+ 0x1C, 0x62, 0xF3, 0x56, 0x20, 0x85, 0x52, 0xBB,
+ 0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D,
+ 0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04,
+ 0xF1, 0x74, 0x6C, 0x08, 0xCA, 0x18, 0x21, 0x7C,
+ 0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B,
+ 0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03,
+ 0x9B, 0x27, 0x83, 0xA2, 0xEC, 0x07, 0xA2, 0x8F,
+ 0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9,
+ 0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18,
+ 0x39, 0x95, 0x49, 0x7C, 0xEA, 0x95, 0x6A, 0xE5,
+ 0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10,
+ 0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAC, 0xAA, 0x68,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+};
+
+static uint8_t test_dh_ikev2group15_p[] = {
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68, 0xC2, 0x34,
+ 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1,
+ 0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74,
+ 0x02, 0x0B, 0xBE, 0xA6, 0x3B, 0x13, 0x9B, 0x22,
+ 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD,
+ 0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B,
+ 0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, 0x37,
+ 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45,
+ 0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6,
+ 0xF4, 0x4C, 0x42, 0xE9, 0xA6, 0x37, 0xED, 0x6B,
+ 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED,
+ 0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5,
+ 0xAE, 0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6,
+ 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D,
+ 0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05,
+ 0x98, 0xDA, 0x48, 0x36, 0x1C, 0x55, 0xD3, 0x9A,
+ 0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F,
+ 0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96,
+ 0x1C, 0x62, 0xF3, 0x56, 0x20, 0x85, 0x52, 0xBB,
+ 0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D,
+ 0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04,
+ 0xF1, 0x74, 0x6C, 0x08, 0xCA, 0x18, 0x21, 0x7C,
+ 0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B,
+ 0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03,
+ 0x9B, 0x27, 0x83, 0xA2, 0xEC, 0x07, 0xA2, 0x8F,
+ 0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9,
+ 0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18,
+ 0x39, 0x95, 0x49, 0x7C, 0xEA, 0x95, 0x6A, 0xE5,
+ 0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10,
+ 0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAA, 0xC4, 0x2D,
+ 0xAD, 0x33, 0x17, 0x0D, 0x04, 0x50, 0x7A, 0x33,
+ 0xA8, 0x55, 0x21, 0xAB, 0xDF, 0x1C, 0xBA, 0x64,
+ 0xEC, 0xFB, 0x85, 0x04, 0x58, 0xDB, 0xEF, 0x0A,
+ 0x8A, 0xEA, 0x71, 0x57, 0x5D, 0x06, 0x0C, 0x7D,
+ 0xB3, 0x97, 0x0F, 0x85, 0xA6, 0xE1, 0xE4, 0xC7,
+ 0xAB, 0xF5, 0xAE, 0x8C, 0xDB, 0x09, 0x33, 0xD7,
+ 0x1E, 0x8C, 0x94, 0xE0, 0x4A, 0x25, 0x61, 0x9D,
+ 0xCE, 0xE3, 0xD2, 0x26, 0x1A, 0xD2, 0xEE, 0x6B,
+ 0xF1, 0x2F, 0xFA, 0x06, 0xD9, 0x8A, 0x08, 0x64,
+ 0xD8, 0x76, 0x02, 0x73, 0x3E, 0xC8, 0x6A, 0x64,
+ 0x52, 0x1F, 0x2B, 0x18, 0x17, 0x7B, 0x20, 0x0C,
+ 0xBB, 0xE1, 0x17, 0x57, 0x7A, 0x61, 0x5D, 0x6C,
+ 0x77, 0x09, 0x88, 0xC0, 0xBA, 0xD9, 0x46, 0xE2,
+ 0x08, 0xE2, 0x4F, 0xA0, 0x74, 0xE5, 0xAB, 0x31,
+ 0x43, 0xDB, 0x5B, 0xFC, 0xE0, 0xFD, 0x10, 0x8E,
+ 0x4B, 0x82, 0xD1, 0x20, 0xA9, 0x3A, 0xD2, 0xCA,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+};
+
+static uint8_t test_dh_ikev2group16_p[] = {
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68, 0xC2, 0x34,
+ 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1,
+ 0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74,
+ 0x02, 0x0B, 0xBE, 0xA6, 0x3B, 0x13, 0x9B, 0x22,
+ 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD,
+ 0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B,
+ 0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, 0x37,
+ 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45,
+ 0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6,
+ 0xF4, 0x4C, 0x42, 0xE9, 0xA6, 0x37, 0xED, 0x6B,
+ 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED,
+ 0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5,
+ 0xAE, 0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6,
+ 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D,
+ 0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05,
+ 0x98, 0xDA, 0x48, 0x36, 0x1C, 0x55, 0xD3, 0x9A,
+ 0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F,
+ 0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96,
+ 0x1C, 0x62, 0xF3, 0x56, 0x20, 0x85, 0x52, 0xBB,
+ 0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D,
+ 0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04,
+ 0xF1, 0x74, 0x6C, 0x08, 0xCA, 0x18, 0x21, 0x7C,
+ 0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B,
+ 0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03,
+ 0x9B, 0x27, 0x83, 0xA2, 0xEC, 0x07, 0xA2, 0x8F,
+ 0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9,
+ 0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18,
+ 0x39, 0x95, 0x49, 0x7C, 0xEA, 0x95, 0x6A, 0xE5,
+ 0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10,
+ 0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAA, 0xC4, 0x2D,
+ 0xAD, 0x33, 0x17, 0x0D, 0x04, 0x50, 0x7A, 0x33,
+ 0xA8, 0x55, 0x21, 0xAB, 0xDF, 0x1C, 0xBA, 0x64,
+ 0xEC, 0xFB, 0x85, 0x04, 0x58, 0xDB, 0xEF, 0x0A,
+ 0x8A, 0xEA, 0x71, 0x57, 0x5D, 0x06, 0x0C, 0x7D,
+ 0xB3, 0x97, 0x0F, 0x85, 0xA6, 0xE1, 0xE4, 0xC7,
+ 0xAB, 0xF5, 0xAE, 0x8C, 0xDB, 0x09, 0x33, 0xD7,
+ 0x1E, 0x8C, 0x94, 0xE0, 0x4A, 0x25, 0x61, 0x9D,
+ 0xCE, 0xE3, 0xD2, 0x26, 0x1A, 0xD2, 0xEE, 0x6B,
+ 0xF1, 0x2F, 0xFA, 0x06, 0xD9, 0x8A, 0x08, 0x64,
+ 0xD8, 0x76, 0x02, 0x73, 0x3E, 0xC8, 0x6A, 0x64,
+ 0x52, 0x1F, 0x2B, 0x18, 0x17, 0x7B, 0x20, 0x0C,
+ 0xBB, 0xE1, 0x17, 0x57, 0x7A, 0x61, 0x5D, 0x6C,
+ 0x77, 0x09, 0x88, 0xC0, 0xBA, 0xD9, 0x46, 0xE2,
+ 0x08, 0xE2, 0x4F, 0xA0, 0x74, 0xE5, 0xAB, 0x31,
+ 0x43, 0xDB, 0x5B, 0xFC, 0xE0, 0xFD, 0x10, 0x8E,
+ 0x4B, 0x82, 0xD1, 0x20, 0xA9, 0x21, 0x08, 0x01,
+ 0x1A, 0x72, 0x3C, 0x12, 0xA7, 0x87, 0xE6, 0xD7,
+ 0x88, 0x71, 0x9A, 0x10, 0xBD, 0xBA, 0x5B, 0x26,
+ 0x99, 0xC3, 0x27, 0x18, 0x6A, 0xF4, 0xE2, 0x3C,
+ 0x1A, 0x94, 0x68, 0x34, 0xB6, 0x15, 0x0B, 0xDA,
+ 0x25, 0x83, 0xE9, 0xCA, 0x2A, 0xD4, 0x4C, 0xE8,
+ 0xDB, 0xBB, 0xC2, 0xDB, 0x04, 0xDE, 0x8E, 0xF9,
+ 0x2E, 0x8E, 0xFC, 0x14, 0x1F, 0xBE, 0xCA, 0xA6,
+ 0x28, 0x7C, 0x59, 0x47, 0x4E, 0x6B, 0xC0, 0x5D,
+ 0x99, 0xB2, 0x96, 0x4F, 0xA0, 0x90, 0xC3, 0xA2,
+ 0x23, 0x3B, 0xA1, 0x86, 0x51, 0x5B, 0xE7, 0xED,
+ 0x1F, 0x61, 0x29, 0x70, 0xCE, 0xE2, 0xD7, 0xAF,
+ 0xB8, 0x1B, 0xDD, 0x76, 0x21, 0x70, 0x48, 0x1C,
+ 0xD0, 0x06, 0x91, 0x27, 0xD5, 0xB0, 0x5A, 0xA9,
+ 0x93, 0xB4, 0xEA, 0x98, 0x8D, 0x8F, 0xDD, 0xC1,
+ 0x86, 0xFF, 0xB7, 0xDC, 0x90, 0xA6, 0xC0, 0x8F,
+ 0x4D, 0xF4, 0x35, 0xC9, 0x34, 0x06, 0x31, 0x99,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+};
+
+static uint8_t test_dh_ikev2group24_p[] = {
+ 0x87, 0xA8, 0xE6, 0x1D, 0xB4, 0xB6, 0x66, 0x3C,
+ 0xFF, 0xBB, 0xD1, 0x9C, 0x65, 0x19, 0x59, 0x99,
+ 0x8C, 0xEE, 0xF6, 0x08, 0x66, 0x0D, 0xD0, 0xF2,
+ 0x5D, 0x2C, 0xEE, 0xD4, 0x43, 0x5E, 0x3B, 0x00,
+ 0xE0, 0x0D, 0xF8, 0xF1, 0xD6, 0x19, 0x57, 0xD4,
+ 0xFA, 0xF7, 0xDF, 0x45, 0x61, 0xB2, 0xAA, 0x30,
+ 0x16, 0xC3, 0xD9, 0x11, 0x34, 0x09, 0x6F, 0xAA,
+ 0x3B, 0xF4, 0x29, 0x6D, 0x83, 0x0E, 0x9A, 0x7C,
+ 0x20, 0x9E, 0x0C, 0x64, 0x97, 0x51, 0x7A, 0xBD,
+ 0x5A, 0x8A, 0x9D, 0x30, 0x6B, 0xCF, 0x67, 0xED,
+ 0x91, 0xF9, 0xE6, 0x72, 0x5B, 0x47, 0x58, 0xC0,
+ 0x22, 0xE0, 0xB1, 0xEF, 0x42, 0x75, 0xBF, 0x7B,
+ 0x6C, 0x5B, 0xFC, 0x11, 0xD4, 0x5F, 0x90, 0x88,
+ 0xB9, 0x41, 0xF5, 0x4E, 0xB1, 0xE5, 0x9B, 0xB8,
+ 0xBC, 0x39, 0xA0, 0xBF, 0x12, 0x30, 0x7F, 0x5C,
+ 0x4F, 0xDB, 0x70, 0xC5, 0x81, 0xB2, 0x3F, 0x76,
+ 0xB6, 0x3A, 0xCA, 0xE1, 0xCA, 0xA6, 0xB7, 0x90,
+ 0x2D, 0x52, 0x52, 0x67, 0x35, 0x48, 0x8A, 0x0E,
+ 0xF1, 0x3C, 0x6D, 0x9A, 0x51, 0xBF, 0xA4, 0xAB,
+ 0x3A, 0xD8, 0x34, 0x77, 0x96, 0x52, 0x4D, 0x8E,
+ 0xF6, 0xA1, 0x67, 0xB5, 0xA4, 0x18, 0x25, 0xD9,
+ 0x67, 0xE1, 0x44, 0xE5, 0x14, 0x05, 0x64, 0x25,
+ 0x1C, 0xCA, 0xCB, 0x83, 0xE6, 0xB4, 0x86, 0xF6,
+ 0xB3, 0xCA, 0x3F, 0x79, 0x71, 0x50, 0x60, 0x26,
+ 0xC0, 0xB8, 0x57, 0xF6, 0x89, 0x96, 0x28, 0x56,
+ 0xDE, 0xD4, 0x01, 0x0A, 0xBD, 0x0B, 0xE6, 0x21,
+ 0xC3, 0xA3, 0x96, 0x0A, 0x54, 0xE7, 0x10, 0xC3,
+ 0x75, 0xF2, 0x63, 0x75, 0xD7, 0x01, 0x41, 0x03,
+ 0xA4, 0xB5, 0x43, 0x30, 0xC1, 0x98, 0xAF, 0x12,
+ 0x61, 0x16, 0xD2, 0x27, 0x6E, 0x11, 0x71, 0x5F,
+ 0x69, 0x38, 0x77, 0xFA, 0xD7, 0xEF, 0x09, 0xCA,
+ 0xDB, 0x09, 0x4A, 0xE9, 0x1E, 0x1A, 0x15, 0x97,
+};
+
+
+static uint8_t test_dh_ikev2group24_g[] = {
+ 0x3F, 0xB3, 0x2C, 0x9B, 0x73, 0x13, 0x4D, 0x0B,
+ 0x2E, 0x77, 0x50, 0x66, 0x60, 0xED, 0xBD, 0x48,
+ 0x4C, 0xA7, 0xB1, 0x8F, 0x21, 0xEF, 0x20, 0x54,
+ 0x07, 0xF4, 0x79, 0x3A, 0x1A, 0x0B, 0xA1, 0x25,
+ 0x10, 0xDB, 0xC1, 0x50, 0x77, 0xBE, 0x46, 0x3F,
+ 0xFF, 0x4F, 0xED, 0x4A, 0xAC, 0x0B, 0xB5, 0x55,
+ 0xBE, 0x3A, 0x6C, 0x1B, 0x0C, 0x6B, 0x47, 0xB1,
+ 0xBC, 0x37, 0x73, 0xBF, 0x7E, 0x8C, 0x6F, 0x62,
+ 0x90, 0x12, 0x28, 0xF8, 0xC2, 0x8C, 0xBB, 0x18,
+ 0xA5, 0x5A, 0xE3, 0x13, 0x41, 0x00, 0x0A, 0x65,
+ 0x01, 0x96, 0xF9, 0x31, 0xC7, 0x7A, 0x57, 0xF2,
+ 0xDD, 0xF4, 0x63, 0xE5, 0xE9, 0xEC, 0x14, 0x4B,
+ 0x77, 0x7D, 0xE6, 0x2A, 0xAA, 0xB8, 0xA8, 0x62,
+ 0x8A, 0xC3, 0x76, 0xD2, 0x82, 0xD6, 0xED, 0x38,
+ 0x64, 0xE6, 0x79, 0x82, 0x42, 0x8E, 0xBC, 0x83,
+ 0x1D, 0x14, 0x34, 0x8F, 0x6F, 0x2F, 0x91, 0x93,
+ 0xB5, 0x04, 0x5A, 0xF2, 0x76, 0x71, 0x64, 0xE1,
+ 0xDF, 0xC9, 0x67, 0xC1, 0xFB, 0x3F, 0x2E, 0x55,
+ 0xA4, 0xBD, 0x1B, 0xFF, 0xE8, 0x3B, 0x9C, 0x80,
+ 0xD0, 0x52, 0xB9, 0x85, 0xD1, 0x82, 0xEA, 0x0A,
+ 0xDB, 0x2A, 0x3B, 0x73, 0x13, 0xD3, 0xFE, 0x14,
+ 0xC8, 0x48, 0x4B, 0x1E, 0x05, 0x25, 0x88, 0xB9,
+ 0xB7, 0xD2, 0xBB, 0xD2, 0xDF, 0x01, 0x61, 0x99,
+ 0xEC, 0xD0, 0x6E, 0x15, 0x57, 0xCD, 0x09, 0x15,
+ 0xB3, 0x35, 0x3B, 0xBB, 0x64, 0xE0, 0xEC, 0x37,
+ 0x7F, 0xD0, 0x28, 0x37, 0x0D, 0xF9, 0x2B, 0x52,
+ 0xC7, 0x89, 0x14, 0x28, 0xCD, 0xC6, 0x7E, 0xB6,
+ 0x18, 0x4B, 0x52, 0x3D, 0x1D, 0xB2, 0x46, 0xC3,
+ 0x2F, 0x63, 0x07, 0x84, 0x90, 0xF0, 0x0E, 0xF8,
+ 0xD6, 0x47, 0xD1, 0x48, 0xD4, 0x79, 0x54, 0x51,
+ 0x5E, 0x23, 0x27, 0xCF, 0xEF, 0x98, 0xC5, 0x82,
+ 0x66, 0x4B, 0x4C, 0x0F, 0x6C, 0xC4, 0x16, 0x59,
+};
+
+static const struct test_dh_group test_dh_ikev2group_14 = {
+ .id = 0,
+ /*
+ * Officially 14, ikev2
+ */
+ .g = {
+ .data = test_dh_gen_2,
+ .bytesize = sizeof(test_dh_gen_2),
+ },
+ .p = {
+ .data = test_dh_ikev2group14_p,
+ .bytesize = sizeof(test_dh_ikev2group14_p),
+ },
+ .priv_ff_size = 256,
+};
+
+static const struct test_dh_group test_dh_ikev2group_15 = {
+ .id = 0,
+ /*
+ * Officially 15, ikev2
+ */
+ .g = {
+ .data = test_dh_gen_2,
+ .bytesize = sizeof(test_dh_gen_2),
+ },
+ .p = {
+ .data = test_dh_ikev2group15_p,
+ .bytesize = sizeof(test_dh_ikev2group15_p),
+ },
+ .priv_ff_size = 384,
+};
+
+static const struct test_dh_group test_dh_ikev2group_16 = {
+ .id = 0,
+ /*
+ * Officially 16, ikev2
+ */
+ .g = {
+ .data = test_dh_gen_2,
+ .bytesize = sizeof(test_dh_gen_2),
+ },
+ .p = {
+ .data = test_dh_ikev2group16_p,
+ .bytesize = sizeof(test_dh_ikev2group16_p),
+ },
+ .priv_ff_size = 512,
+};
+
+static const struct test_dh_group test_dh_ikev2group_24 = {
+ .id = 0,
+ /*
+ * Officially 24, ikev2
+ */
+ .g = {
+ .data = test_dh_ikev2group24_g,
+ .bytesize = sizeof(test_dh_ikev2group24_g),
+ },
+ .p = {
+ .data = test_dh_ikev2group24_p,
+ .bytesize = sizeof(test_dh_ikev2group24_p),
+ },
+ .priv_ff_size = 32,
+};
+
+static const struct test_dh_group test_ecdh_secp256r1 = {
+ .id = RTE_CRYPTO_EC_GROUP_SECP256R1,
+ .priv_ff_size = 32,
+};
+static const struct test_dh_group test_ecdh_secp384r1 = {
+ .id = RTE_CRYPTO_EC_GROUP_SECP384R1,
+ .priv_ff_size = 48,
+};
+static const struct test_dh_group test_ecdh_secp521r1 = {
+ .id = RTE_CRYPTO_EC_GROUP_SECP521R1,
+ .priv_ff_size = 64,
+};
+
+
#endif /* TEST_CRYPTODEV_DH_TEST_VECTORS_H__ */
--
2.17.1
^ permalink raw reply related [flat|nested] 8+ messages in thread
* [dpdk-dev v1 2/2] app/test: add ecdh test cases
2023-03-14 0:12 [dpdk-dev v1 1/2] app/test: add diffie-hellman test cases Kai Ji
@ 2023-03-14 0:12 ` Kai Ji
2023-03-14 10:54 ` [EXT] [dpdk-dev v1 1/2] app/test: add diffie-hellman " Akhil Goyal
2023-03-14 18:34 ` [dpdk-dev v2 0/3] app/test: add asymmetric " Kai Ji
2 siblings, 0 replies; 8+ messages in thread
From: Kai Ji @ 2023-03-14 0:12 UTC (permalink / raw
To: dev; +Cc: gakhil, stable, Arkadiusz Kusztal, Kai Ji
From: Arkadiusz Kusztal <arkadiuszx.kusztal@intel.com>
Added Elliptic-Curve Diffie Hellman test cases.
Signed-off-by: Arkadiusz Kusztal <arkadiuszx.kusztal@intel.com>
Signed-off-by: Kai Ji <kai.ji@intel.com>
---
app/test/test_cryptodev_asym.c | 356 ++++++++++++++++++++
app/test/test_cryptodev_ecdh_test_vectors.h | 144 ++++++++
2 files changed, 500 insertions(+)
create mode 100644 app/test/test_cryptodev_ecdh_test_vectors.h
diff --git a/app/test/test_cryptodev_asym.c b/app/test/test_cryptodev_asym.c
index 91550946e2..9e475051e0 100644
--- a/app/test/test_cryptodev_asym.c
+++ b/app/test/test_cryptodev_asym.c
@@ -19,6 +19,7 @@
#include "test_cryptodev_dsa_test_vectors.h"
#include "test_cryptodev_ecdsa_test_vectors.h"
#include "test_cryptodev_ecpm_test_vectors.h"
+#include "test_cryptodev_ecdh_test_vectors.h"
#include "test_cryptodev_mod_test_vectors.h"
#include "test_cryptodev_rsa_test_vectors.h"
#include "test_cryptodev_asym_util.h"
@@ -2229,6 +2230,357 @@ test_ecpm_all_curve(void)
return overall_status;
}
+static int
+test_ecdh(const void *input_vector)
+{
+ const struct ECDH_test_vector *test_vector = input_vector;
+ struct crypto_testsuite_params_asym *ts_params = &testsuite_params;
+ struct rte_mempool *op_mpool = ts_params->op_mpool;
+ struct rte_crypto_asym_xform xform = {
+ .next = NULL,
+ .xform_type = RTE_CRYPTO_ASYM_XFORM_ECDH,
+ .ec.curve_id = test_vector->curve_id
+ };
+ const uint8_t dev_id = ts_params->valid_devs[0];
+ uint8_t alice_x[test_vector->curve_bytesize],
+ alice_y[test_vector->curve_bytesize];
+ uint8_t bob_x[test_vector->curve_bytesize],
+ bob_y[test_vector->curve_bytesize];
+ uint8_t alice_xZ[test_vector->curve_bytesize],
+ alice_yZ[test_vector->curve_bytesize];
+ uint8_t bob_xZ[test_vector->curve_bytesize],
+ bob_yZ[test_vector->curve_bytesize];
+ struct rte_crypto_op *alice_op = NULL, *bob_op = NULL;
+
+ alice_op = rte_crypto_op_alloc(op_mpool,
+ RTE_CRYPTO_OP_TYPE_ASYMMETRIC);
+ bob_op = rte_crypto_op_alloc(op_mpool,
+ RTE_CRYPTO_OP_TYPE_ASYMMETRIC);
+
+ /*
+ * STEP 1a:
+ * Generate Alice public key
+ */
+
+ alice_op->sess_type = RTE_CRYPTO_OP_SESSIONLESS;
+ alice_op->asym->xform = &xform;
+ alice_op->asym->ecdh.ke_type = RTE_CRYPTO_ASYM_KE_PUB_KEY_GENERATE;
+ alice_op->asym->ecdh.priv_key = test_vector->alice_d;
+ alice_op->asym->ecdh.pub_key.x.data = alice_x;
+ alice_op->asym->ecdh.pub_key.y.data = alice_y;
+
+ if (rte_cryptodev_enqueue_burst(dev_id, 0, &alice_op, 1) != 1) {
+ RTE_LOG(ERR, USER1, "Error sending packet for sign\n");
+ return -1;
+ }
+
+ while (rte_cryptodev_dequeue_burst(dev_id, 0, &alice_op, 1) == 0)
+ rte_pause();
+
+ if (alice_op->asym->ecdh.pub_key.x.length !=
+ test_vector->alice_q.x.length) {
+ RTE_LOG(ERR, USER1, "Incorrect Alice public key length (X coeff)\n");
+ RTE_LOG(ERR, USER1,
+ "Received length = %d Expected length = %d\n",
+ (unsigned int)test_vector->alice_q.x.length,
+ (unsigned int)alice_op->asym->ecdh.pub_key.x.length
+ );
+ goto error;
+ }
+ if (alice_op->asym->ecdh.pub_key.y.length !=
+ test_vector->alice_q.y.length) {
+ RTE_LOG(ERR, USER1, "Incorrect Alice public key length (X coeff)\n");
+ RTE_LOG(ERR, USER1,
+ "Received length = %d Expected length = %d\n",
+ (unsigned int)test_vector->alice_q.y.length,
+ (unsigned int)alice_op->asym->ecdh.pub_key.y.length
+ );
+ goto error;
+ }
+ if (memcmp(alice_op->asym->ecdh.pub_key.x.data,
+ test_vector->alice_q.x.data,
+ test_vector->alice_q.x.length)
+ ) {
+ RTE_LOG(ERR, USER1, "Incorrect Alice public key X\n");
+ debug_hexdump(stdout, "Generated PublicKey x (Alice):",
+ alice_op->asym->ecdh.pub_key.x.data,
+ alice_op->asym->ecdh.pub_key.x.length);
+ goto error;
+ }
+ if (memcmp(alice_op->asym->ecdh.pub_key.y.data,
+ test_vector->alice_q.y.data,
+ test_vector->alice_q.y.length)
+ ) {
+ RTE_LOG(ERR, USER1, "Incorrect Alice public key Y\n");
+ debug_hexdump(stdout, "Generated PublicKey y (Alice):",
+ alice_op->asym->ecdh.pub_key.y.data,
+ alice_op->asym->ecdh.pub_key.y.length);
+ goto error;
+ }
+
+
+ /*
+ * STEP 1b:
+ * Generate Bob public key
+ */
+
+ bob_op->sess_type = RTE_CRYPTO_OP_SESSIONLESS;
+ bob_op->asym->xform = &xform;
+ bob_op->asym->ecdh.ke_type = RTE_CRYPTO_ASYM_KE_PUB_KEY_GENERATE;
+ bob_op->asym->ecdh.priv_key = test_vector->bob_d;
+ bob_op->asym->ecdh.pub_key.x.data = bob_x;
+ bob_op->asym->ecdh.pub_key.y.data = bob_y;
+
+ if (rte_cryptodev_enqueue_burst(dev_id, 0, &bob_op, 1) != 1) {
+ RTE_LOG(ERR, USER1, "Error sending packet for sign\n");
+ goto error;
+ }
+
+ while (rte_cryptodev_dequeue_burst(dev_id, 0, &bob_op, 1) == 0)
+ rte_pause();
+
+ if (bob_op->asym->ecdh.pub_key.x.length !=
+ test_vector->bob_q.x.length) {
+ RTE_LOG(ERR, USER1, "Incorrect Bob's public key length (X coeff)\n");
+ RTE_LOG(ERR, USER1,
+ "Received length = %d Expected length = %d\n",
+ (unsigned int)test_vector->bob_q.x.length,
+ (unsigned int)bob_op->asym->ecdh.pub_key.x.length
+ );
+ goto error;
+ }
+ if (bob_op->asym->ecdh.pub_key.y.length !=
+ test_vector->bob_q.y.length) {
+ RTE_LOG(ERR, USER1, "Incorrect Bob's public key length (Y coeff)\n");
+ RTE_LOG(ERR, USER1,
+ "Received length = %d Expected length = %d\n",
+ (unsigned int)test_vector->bob_q.y.length,
+ (unsigned int)bob_op->asym->ecdh.pub_key.y.length
+ );
+ goto error;
+ }
+ if (memcmp(bob_op->asym->ecdh.pub_key.x.data,
+ test_vector->bob_q.x.data,
+ test_vector->bob_q.x.length)
+ ) {
+ RTE_LOG(ERR, USER1, "Incorrect Bob's public key X\n");
+ debug_hexdump(stdout,
+ "Generated PublicKey x (bob):",
+ bob_op->asym->ecdh.pub_key.x.data,
+ bob_op->asym->ecdh.pub_key.x.length
+ );
+ goto error;
+ }
+ if (memcmp(bob_op->asym->ecdh.pub_key.y.data,
+ test_vector->bob_q.y.data,
+ test_vector->bob_q.y.length)
+ ) {
+ RTE_LOG(ERR, USER1, "Incorrect Bob's public key Y\n");
+ debug_hexdump(stdout,
+ "Generated PublicKey y (bob):",
+ bob_op->asym->ecdh.pub_key.y.data,
+ bob_op->asym->ecdh.pub_key.y.length
+ );
+ goto error;
+ }
+
+ /*
+ * STEP 1.5a:
+ * Alice verifies Bob's public key, reusing op, other parameters
+ * then already set, only what Alice needs to do is to set public
+ * key of Bob and change key exchange type to VERIFY.
+ */
+
+ alice_op->asym->ecdh.ke_type = RTE_CRYPTO_ASYM_KE_PUB_KEY_VERIFY;
+ alice_op->asym->ecdh.pub_key.x.data = bob_x;
+ alice_op->asym->ecdh.pub_key.x.length =
+ bob_op->asym->ecdh.pub_key.x.length;
+ alice_op->asym->ecdh.pub_key.y.data = bob_y;
+ alice_op->asym->ecdh.pub_key.y.length =
+ bob_op->asym->ecdh.pub_key.y.length;
+
+ if (rte_cryptodev_enqueue_burst(dev_id, 0, &alice_op, 1) != 1) {
+ RTE_LOG(ERR, USER1, "Error sending packet for sign\n");
+ goto error;
+ }
+
+ while (rte_cryptodev_dequeue_burst(dev_id, 0, &alice_op, 1) == 0)
+ rte_pause();
+
+ if (alice_op->status != RTE_CRYPTO_OP_STATUS_SUCCESS) {
+ RTE_LOG(ERR, USER1,
+ "line %u FAILED: %s", __LINE__,
+ "Failed to verify Bob's public key, it does not belongs to curve points\n"
+ );
+ return TEST_FAILED;
+ }
+
+ /*
+ * STEP 1.5b:
+ * Bob verifies Alice's public key, reusing op, other parameters
+ * then already set, only what Bob needs to do is to set public
+ * key of Alice and change key exchange type to VERIFY.
+ */
+
+ bob_op->asym->ecdh.ke_type = RTE_CRYPTO_ASYM_KE_PUB_KEY_VERIFY;
+ bob_op->asym->ecdh.pub_key.x.data = alice_x;
+ bob_op->asym->ecdh.pub_key.x.length =
+ alice_op->asym->ecdh.pub_key.x.length;
+ bob_op->asym->ecdh.pub_key.y.data = alice_y;
+ bob_op->asym->ecdh.pub_key.y.length =
+ alice_op->asym->ecdh.pub_key.y.length;
+
+ if (rte_cryptodev_enqueue_burst(dev_id, 0, &bob_op, 1) != 1) {
+ RTE_LOG(ERR, USER1, "Error sending packet for sign\n");
+ goto error;
+ }
+
+ while (rte_cryptodev_dequeue_burst(dev_id, 0, &bob_op, 1) == 0)
+ rte_pause();
+
+ if (bob_op->status != RTE_CRYPTO_OP_STATUS_SUCCESS) {
+ RTE_LOG(ERR, USER1,
+ "line %u FAILED: %s", __LINE__,
+ "Failed to verify Alice's public key it does not belongs to curve points\n"
+ );
+ goto error;
+ }
+
+ /*
+ * STEP 2a:
+ * Alice generates shared secret Z, since Bob's public key was already
+ * set when doing verification only key exchange type need to be changed,
+ * and setting place where Z will be copied by the PMD.
+ */
+
+ alice_op->asym->ecdh.ke_type = RTE_CRYPTO_ASYM_KE_SHARED_SECRET_COMPUTE;
+ alice_op->asym->ecdh.shared_secret.x.data = alice_xZ;
+ alice_op->asym->ecdh.shared_secret.y.data = alice_yZ;
+
+ if (rte_cryptodev_enqueue_burst(dev_id, 0, &alice_op, 1) != 1) {
+ RTE_LOG(ERR, USER1, "Error sending packet for sign\n");
+ goto error;
+ }
+ while (rte_cryptodev_dequeue_burst(dev_id, 0, &alice_op, 1) == 0)
+ rte_pause();
+
+ if (alice_op->asym->ecdh.shared_secret.x.length !=
+ test_vector->Z.x.length) {
+ RTE_LOG(ERR, USER1, "Incorrect Alice's shared secret length X\n");
+ RTE_LOG(ERR, USER1,
+ "Received = %d Expected = %d\n",
+ (unsigned int)alice_op->asym->ecdh.shared_secret.x.length,
+ (unsigned int)test_vector->Z.x.length
+ );
+ goto error;
+ }
+ if (alice_op->asym->ecdh.shared_secret.y.length != test_vector->Z.y.length) {
+ RTE_LOG(ERR, USER1, "Incorrect Alice's shared secret length Y\n");
+ RTE_LOG(ERR, USER1,
+ "Received = %d Expected = %d\n",
+ (unsigned int)alice_op->asym->ecdh.shared_secret.y.length,
+ (unsigned int)test_vector->Z.y.length
+ );
+ goto error;
+ }
+
+ if (memcmp(alice_op->asym->ecdh.shared_secret.x.data,
+ test_vector->Z.x.data,
+ test_vector->Z.x.length)
+ ) {
+ RTE_LOG(ERR, USER1, "Incorrect Alice's shared secret X\n");
+ debug_hexdump(stdout,
+ "Generated SharedSecret x (Alice):",
+ alice_op->asym->ecdh.shared_secret.x.data,
+ alice_op->asym->ecdh.shared_secret.x.length
+ );
+ goto error;
+ }
+ if (memcmp(alice_op->asym->ecdh.shared_secret.y.data,
+ test_vector->Z.y.data,
+ test_vector->Z.y.length)
+ ) {
+ RTE_LOG(ERR, USER1, "Incorrect Alice's shared secret Y\n");
+ debug_hexdump(stdout,
+ "Generated SharedSecret y (Alice):",
+ alice_op->asym->ecdh.shared_secret.y.data,
+ alice_op->asym->ecdh.shared_secret.y.length
+ );
+ goto error;
+ }
+
+ /*
+ * STEP 2b:
+ * Bob generates shared secret Z, since Alice's public key was already
+ * set when doing verification only, key exchange type needs to be
+ * changed, and setting place where Z will be copied by the PMD.
+ */
+
+ bob_op->asym->ecdh.ke_type = RTE_CRYPTO_ASYM_KE_SHARED_SECRET_COMPUTE;
+ bob_op->asym->ecdh.shared_secret.x.data = bob_xZ;
+ bob_op->asym->ecdh.shared_secret.y.data = bob_yZ;
+
+ if (rte_cryptodev_enqueue_burst(dev_id, 0, &bob_op, 1) != 1) {
+ RTE_LOG(ERR, USER1, "Error sending packet for sign\n");
+ goto error;
+ }
+
+ while (rte_cryptodev_dequeue_burst(dev_id, 0, &bob_op, 1) == 0)
+ rte_pause();
+
+ if (bob_op->asym->ecdh.shared_secret.x.length != test_vector->Z.x.length) {
+ RTE_LOG(ERR, USER1, "Incorrect Bob's shared secret length X\n");
+ RTE_LOG(ERR, USER1,
+ "Received = %d Expected = %d\n",
+ (unsigned int)bob_op->asym->ecdh.shared_secret.x.length,
+ (unsigned int)test_vector->Z.x.length
+ );
+ goto error;
+ }
+ if (bob_op->asym->ecdh.shared_secret.y.length != test_vector->Z.y.length) {
+ RTE_LOG(ERR, USER1, "Incorrect Bob's shared secret length Y\n");
+ RTE_LOG(ERR, USER1,
+ "Received = %d Expected = %d\n",
+ (unsigned int)bob_op->asym->ecdh.shared_secret.y.length,
+ (unsigned int)test_vector->Z.y.length
+ );
+ goto error;
+ }
+
+ if (memcmp(bob_op->asym->ecdh.shared_secret.x.data,
+ test_vector->Z.x.data,
+ test_vector->Z.x.length)
+ ) {
+ RTE_LOG(ERR, USER1, "Incorrect Bob's shared secret X\n");
+ debug_hexdump(stdout,
+ "Generated SharedSecret x (Bob):",
+ bob_op->asym->ecdh.shared_secret.x.data,
+ bob_op->asym->ecdh.shared_secret.x.length
+ );
+ goto error;
+ }
+ if (memcmp(bob_op->asym->ecdh.shared_secret.y.data,
+ test_vector->Z.y.data,
+ test_vector->Z.y.length)
+ ) {
+ RTE_LOG(ERR, USER1, "Incorrect Bob's shared secret Y\n");
+ debug_hexdump(stdout,
+ "Generated SharedSecret y (Bob):",
+ bob_op->asym->ecdh.shared_secret.y.data,
+ bob_op->asym->ecdh.shared_secret.y.length
+ );
+ goto error;
+ }
+
+ /* Both shared secret where correctly verified -> Test passed */
+
+ return TEST_SUCCESS;
+error:
+ rte_crypto_op_free(alice_op);
+ rte_crypto_op_free(bob_op);
+ return TEST_FAILED;
+}
+
static void *
dh_alice_bob_set_session(uint8_t dev_id,
struct rte_crypto_op *op,
@@ -2487,6 +2839,10 @@ static struct unit_test_suite cryptodev_qat_asym_testsuite = {
.teardown = testsuite_teardown,
.unit_test_cases = {
TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, test_one_by_one),
+ TEST_CASE_NAMED_WITH_DATA(
+ "Test - ECDH secp256r1, RFC 5114 256",
+ ut_setup_asym, ut_teardown_asym,
+ test_ecdh, &rfc5114_secp256r1),
TEST_CASES_END() /**< NULL terminate unit test array */
}
};
diff --git a/app/test/test_cryptodev_ecdh_test_vectors.h b/app/test/test_cryptodev_ecdh_test_vectors.h
new file mode 100644
index 0000000000..c8151302ed
--- /dev/null
+++ b/app/test/test_cryptodev_ecdh_test_vectors.h
@@ -0,0 +1,144 @@
+/* SPDX-License-Identifier: BSD-3-Clause
+ * Copyright (C) 2022 Intel Corporation
+ */
+
+#ifndef __TEST_CRYPTODEV_ECDH_VECTORS_H__
+#define __TEST_CRYPTODEV_ECDH_VECTORS_H__
+
+#include "rte_crypto_asym.h"
+
+/*
+ * Elliptic Curve Diffie-Hellman test vector struct
+ * Peers are named Alice and Bob
+ * q - is a public key
+ * d - is a private key
+ * Z - is a shared secret
+ */
+
+struct ECDH_test_vector {
+ enum rte_crypto_curve_id curve_id;
+ int curve_bytesize;
+ rte_crypto_uint alice_d;
+ rte_crypto_uint bob_d;
+ struct rte_crypto_ec_point alice_q;
+ struct rte_crypto_ec_point bob_q;
+ struct rte_crypto_ec_point Z;
+};
+
+/*
+ * Elliptic Curve Diffie-Hellman test
+ * It consist of three phases:
+ * - Generation of public key based on private key
+ * - Verification of peer's public key
+ * - Generation of shared secret
+ * Peers in tests are named Alice and Bob
+ */
+
+/* RFC 5114 256-bit Random ECP Group Data */
+
+/*
+ * Alice's parameters
+ */
+static uint8_t rfc5114_256b_dA[] = {
+ 0x81, 0x42, 0x64, 0x14, 0x5F, 0x2F, 0x56, 0xF2,
+ 0xE9, 0x6A, 0x8E, 0x33, 0x7A, 0x12, 0x84, 0x99,
+ 0x3F, 0xAF, 0x43, 0x2A, 0x5A, 0xBC, 0xE5, 0x9E,
+ 0x86, 0x7B, 0x72, 0x91, 0xD5, 0x07, 0xA3, 0xAF,
+};
+
+static uint8_t rfc5114_256b_x_qA[] = {
+ 0x2A, 0xF5, 0x02, 0xF3, 0xBE, 0x89, 0x52, 0xF2,
+ 0xC9, 0xB5, 0xA8, 0xD4, 0x16, 0x0D, 0x09, 0xE9,
+ 0x71, 0x65, 0xBE, 0x50, 0xBC, 0x42, 0xAE, 0x4A,
+ 0x5E, 0x8D, 0x3B, 0x4B, 0xA8, 0x3A, 0xEB, 0x15,
+};
+
+static uint8_t rfc5114_256b_y_qA[] = {
+ 0xEB, 0x0F, 0xAF, 0x4C, 0xA9, 0x86, 0xC4, 0xD3,
+ 0x86, 0x81, 0xA0, 0xF9, 0x87, 0x2D, 0x79, 0xD5,
+ 0x67, 0x95, 0xBD, 0x4B, 0xFF, 0x6E, 0x6D, 0xE3,
+ 0xC0, 0xF5, 0x01, 0x5E, 0xCE, 0x5E, 0xFD, 0x85,
+};
+
+/*
+ * Bob's parameters
+ */
+static uint8_t rfc5114_256b_dB[] = {
+ 0x2C, 0xE1, 0x78, 0x8E, 0xC1, 0x97, 0xE0, 0x96,
+ 0xDB, 0x95, 0xA2, 0x00, 0xCC, 0x0A, 0xB2, 0x6A,
+ 0x19, 0xCE, 0x6B, 0xCC, 0xAD, 0x56, 0x2B, 0x8E,
+ 0xEE, 0x1B, 0x59, 0x37, 0x61, 0xCF, 0x7F, 0x41,
+};
+
+static uint8_t rfc5114_256b_x_qB[] = {
+ 0xB1, 0x20, 0xDE, 0x4A, 0xA3, 0x64, 0x92, 0x79,
+ 0x53, 0x46, 0xE8, 0xDE, 0x6C, 0x2C, 0x86, 0x46,
+ 0xAE, 0x06, 0xAA, 0xEA, 0x27, 0x9F, 0xA7, 0x75,
+ 0xB3, 0xAB, 0x07, 0x15, 0xF6, 0xCE, 0x51, 0xB0,
+};
+
+static uint8_t rfc5114_256b_y_qB[] = {
+ 0x9F, 0x1B, 0x7E, 0xEC, 0xE2, 0x0D, 0x7B, 0x5E,
+ 0xD8, 0xEC, 0x68, 0x5F, 0xA3, 0xF0, 0x71, 0xD8,
+ 0x37, 0x27, 0x02, 0x70, 0x92, 0xA8, 0x41, 0x13,
+ 0x85, 0xC3, 0x4D, 0xDE, 0x57, 0x08, 0xB2, 0xB6,
+};
+
+static uint8_t rfc5114_256b_x_Z[] = {
+ 0xDD, 0x0F, 0x53, 0x96, 0x21, 0x9D, 0x1E, 0xA3,
+ 0x93, 0x31, 0x04, 0x12, 0xD1, 0x9A, 0x08, 0xF1,
+ 0xF5, 0x81, 0x1E, 0x9D, 0xC8, 0xEC, 0x8E, 0xEA,
+ 0x7F, 0x80, 0xD2, 0x1C, 0x82, 0x0C, 0x27, 0x88,
+};
+
+static uint8_t rfc5114_256b_y_Z[] = {
+ 0x03, 0x57, 0xDC, 0xCD, 0x4C, 0x80, 0x4D, 0x0D,
+ 0x8D, 0x33, 0xAA, 0x42, 0xB8, 0x48, 0x83, 0x4A,
+ 0xA5, 0x60, 0x5F, 0x9A, 0xB0, 0xD3, 0x72, 0x39,
+ 0xA1, 0x15, 0xBB, 0xB6, 0x47, 0x93, 0x6F, 0x50,
+};
+
+static struct ECDH_test_vector rfc5114_secp256r1 = {
+ .curve_id = RTE_CRYPTO_EC_GROUP_SECP256R1,
+ .curve_bytesize = 32,
+ .alice_d = {
+ .data = rfc5114_256b_dA,
+ .length = sizeof(rfc5114_256b_dA),
+ },
+ .alice_q = {
+ .x = {
+ .data = rfc5114_256b_x_qA,
+ .length = sizeof(rfc5114_256b_x_qA),
+ },
+ .y = {
+ .data = rfc5114_256b_y_qA,
+ .length = sizeof(rfc5114_256b_y_qA),
+ },
+ },
+ .bob_d = {
+ .data = rfc5114_256b_dB,
+ .length = sizeof(rfc5114_256b_dB)
+ },
+ .bob_q = {
+ .x = {
+ .data = rfc5114_256b_x_qB,
+ .length = sizeof(rfc5114_256b_x_qB),
+ },
+ .y = {
+ .data = rfc5114_256b_y_qB,
+ .length = sizeof(rfc5114_256b_y_qB),
+ },
+ },
+ .Z = {
+ .x = {
+ .data = rfc5114_256b_x_Z,
+ .length = sizeof(rfc5114_256b_x_Z),
+ },
+ .y = {
+ .data = rfc5114_256b_y_Z,
+ .length = sizeof(rfc5114_256b_y_Z),
+ }
+ }
+};
+
+#endif
--
2.17.1
^ permalink raw reply related [flat|nested] 8+ messages in thread
* RE: [EXT] [dpdk-dev v1 1/2] app/test: add diffie-hellman test cases
2023-03-14 0:12 [dpdk-dev v1 1/2] app/test: add diffie-hellman test cases Kai Ji
2023-03-14 0:12 ` [dpdk-dev v1 2/2] app/test: add ecdh " Kai Ji
@ 2023-03-14 10:54 ` Akhil Goyal
2023-03-14 18:34 ` [dpdk-dev v2 0/3] app/test: add asymmetric " Kai Ji
2 siblings, 0 replies; 8+ messages in thread
From: Akhil Goyal @ 2023-03-14 10:54 UTC (permalink / raw
To: Kai Ji, dev@dpdk.org; +Cc: stable@dpdk.org, Arkadiusz Kusztal
> From: Arkadiusz Kusztal <arkadiuszx.kusztal@intel.com>
>
> Added Diffie-Hellman tests. This tests adding possibility
> to check correctness of particular DH phases, which is not
> possible with current tests cases.
>
> Signed-off-by: Arkadiusz Kusztal <arkadiuszx.kusztal@intel.com>
> Signed-off-by: Kai Ji <kai.ji@intel.com>
This series will be deferred for next release as it is sent pretty late for this cycle.
^ permalink raw reply [flat|nested] 8+ messages in thread
* [dpdk-dev v2 0/3] app/test: add asymmetric test cases
2023-03-14 0:12 [dpdk-dev v1 1/2] app/test: add diffie-hellman test cases Kai Ji
2023-03-14 0:12 ` [dpdk-dev v1 2/2] app/test: add ecdh " Kai Ji
2023-03-14 10:54 ` [EXT] [dpdk-dev v1 1/2] app/test: add diffie-hellman " Akhil Goyal
@ 2023-03-14 18:34 ` Kai Ji
2023-03-14 18:34 ` [dpdk-dev v2 1/3] app/test: add diffie-hellman " Kai Ji
` (2 more replies)
2 siblings, 3 replies; 8+ messages in thread
From: Kai Ji @ 2023-03-14 18:34 UTC (permalink / raw
To: dev; +Cc: gakhil, stable, Kai Ji
This patch add in the new DH, ECDH and ECDSA asymc test cases.
Arkadiusz Kusztal (3):
app/test: add diffie-hellman test cases
app/test: add ecdh test cases
app/test: add ecdsa kat sessionless tests
app/test/test_cryptodev_asym.c | 839 ++++++++++++++++++++
app/test/test_cryptodev_dh_test_vectors.h | 318 ++++++++
app/test/test_cryptodev_ecdh_test_vectors.h | 144 ++++
3 files changed, 1301 insertions(+)
create mode 100644 app/test/test_cryptodev_ecdh_test_vectors.h
--
2.17.1
^ permalink raw reply [flat|nested] 8+ messages in thread
* [dpdk-dev v2 1/3] app/test: add diffie-hellman test cases
2023-03-14 18:34 ` [dpdk-dev v2 0/3] app/test: add asymmetric " Kai Ji
@ 2023-03-14 18:34 ` Kai Ji
2023-06-23 10:29 ` [EXT] " Gowrishankar Muthukrishnan
2023-03-14 18:34 ` [dpdk-dev v2 2/3] app/test: add ecdh " Kai Ji
2023-03-14 18:34 ` [dpdk-dev v2 3/3] app/test: add ecdsa kat sessionless tests Kai Ji
2 siblings, 1 reply; 8+ messages in thread
From: Kai Ji @ 2023-03-14 18:34 UTC (permalink / raw
To: dev; +Cc: gakhil, stable, Arkadiusz Kusztal, Kai Ji
From: Arkadiusz Kusztal <arkadiuszx.kusztal@intel.com>
Added Diffie-Hellman tests. This tests adding possibility
to check correctness of particular DH phases, which is not
possible with current tests cases.
Signed-off-by: Arkadiusz Kusztal <arkadiuszx.kusztal@intel.com>
Signed-off-by: Kai Ji <kai.ji@intel.com>
---
app/test/test_cryptodev_asym.c | 264 ++++++++++++++++++
app/test/test_cryptodev_dh_test_vectors.h | 318 ++++++++++++++++++++++
2 files changed, 582 insertions(+)
diff --git a/app/test/test_cryptodev_asym.c b/app/test/test_cryptodev_asym.c
index 5b16dcab56..b9034b637a 100644
--- a/app/test/test_cryptodev_asym.c
+++ b/app/test/test_cryptodev_asym.c
@@ -64,6 +64,39 @@ static uint32_t test_index;
static struct crypto_testsuite_params_asym testsuite_params = { NULL };
+static void
+test_crypto_rand(int len, uint8_t *buffer)
+{
+ int i;
+
+ for (i = 0; i < len; ++i)
+ buffer[i] = (uint8_t)(rand() % ((uint8_t)-1)) | 1;
+}
+
+static int
+process_crypto_request(uint8_t dev_id, struct rte_crypto_op **op,
+ struct rte_crypto_op **result_op)
+{
+ /* Process crypto operation */
+ if (rte_cryptodev_enqueue_burst(dev_id, 0, op, 1) != 1) {
+ RTE_LOG(ERR, USER1,
+ "line %u FAILED: %s",
+ __LINE__, "Error sending packet for operation");
+ return -1;
+ }
+
+ while (rte_cryptodev_dequeue_burst(dev_id, 0, result_op, 1) == 0)
+ rte_pause();
+
+ if (*result_op == NULL) {
+ RTE_LOG(ERR, USER1,
+ "line %u FAILED: %s",
+ __LINE__, "Failed to process asym crypto op");
+ return -1;
+ }
+ return 0;
+}
+
static int
queue_ops_rsa_sign_verify(void *sess)
{
@@ -809,6 +842,8 @@ testsuite_setup(void)
test_vector.size = 0;
load_test_vectors();
+ srand(time(NULL));
+
/* Device, op pool and session configuration for asymmetric crypto. 8< */
ts_params->op_mpool = rte_crypto_op_pool_create(
"CRYPTO_ASYM_OP_POOL",
@@ -2196,6 +2231,219 @@ test_ecpm_all_curve(void)
return overall_status;
}
+static void *
+dh_alice_bob_set_session(uint8_t dev_id,
+ struct rte_crypto_op *op,
+ const struct test_dh_group *group)
+{
+ struct rte_crypto_asym_xform xform = { };
+ void *sess = NULL;
+ int ret = 0;
+
+ xform.xform_type = RTE_CRYPTO_ASYM_XFORM_DH;
+ xform.dh.g.data = group->g.data;
+ xform.dh.g.length = group->g.bytesize;
+ xform.dh.p.data = group->p.data;
+ xform.dh.p.length = group->p.bytesize;
+ ret = rte_cryptodev_asym_session_create(dev_id, &xform,
+ testsuite_params.session_mpool, &sess);
+ if (ret)
+ return NULL;
+
+ rte_crypto_op_attach_asym_session(op, sess);
+ return sess;
+}
+
+static void
+dh_alice_bob_gen_x(const struct test_dh_group *group,
+ uint8_t *private_data)
+{
+ test_crypto_rand(group->priv_ff_size, private_data);
+ if (private_data[0] > group->p.data[0])
+ private_data[0] = group->p.data[0] - 1;
+}
+
+static int
+dh_alice_bob_gen_y(struct rte_crypto_op *op,
+ const char *name,
+ const uint8_t dev_id,
+ uint8_t *y,
+ uint8_t *x,
+ const int ff_size)
+{
+ struct rte_crypto_op *result_op;
+ int ret = 0;
+
+ op->asym->dh.ke_type = RTE_CRYPTO_ASYM_KE_PUB_KEY_GENERATE;
+ op->asym->dh.pub_key.data = y;
+ op->asym->dh.priv_key.data = x;
+ op->asym->dh.priv_key.length = ff_size;
+
+ ret = process_crypto_request(dev_id, &op, &result_op);
+ TEST_ASSERT_SUCCESS(ret, "Failed to compute public key for %s", name);
+
+ return 0;
+}
+
+static int
+dh_alice_bob_shared_compute(uint8_t dev_id,
+ const char *name,
+ struct rte_crypto_op *op,
+ uint8_t *secret,
+ uint8_t *peer,
+ uint32_t peer_size)
+{
+ struct rte_crypto_op *result_op;
+ int ret = 0;
+
+ op->asym->dh.ke_type = RTE_CRYPTO_ASYM_KE_SHARED_SECRET_COMPUTE;
+ op->asym->dh.pub_key.data = peer;
+ op->asym->dh.pub_key.length = peer_size;
+ op->asym->dh.shared_secret.data = secret;
+
+ ret = process_crypto_request(dev_id, &op, &result_op);
+ TEST_ASSERT_SUCCESS(ret,
+ "Failed to compute shared secret for %s",
+ name);
+
+ return 0;
+}
+
+/* Diffie-Hellman test to verify the processed data */
+static int
+dh_alice_bob_verify(struct rte_crypto_op *alice_op,
+ struct rte_crypto_op *bob_op)
+{
+ int ret = 0;
+
+ /* Verify processed data */
+ ret = (alice_op->asym->dh.shared_secret.length ==
+ bob_op->asym->dh.shared_secret.length);
+ if (!ret) {
+ RTE_LOG(ERR, USER1, "line %u FAILED: %s", __LINE__,
+ "Alice's and Bob's shared secret length do not match.");
+ return TEST_FAILED;
+ }
+ ret = memcmp(alice_op->asym->dh.shared_secret.data,
+ alice_op->asym->dh.shared_secret.data,
+ bob_op->asym->dh.shared_secret.length);
+ if (ret) {
+ RTE_LOG(ERR, USER1, "line %u FAILED: %s", __LINE__,
+ "Alice's and Bob's shared secret do not match.");
+ return TEST_FAILED;
+ }
+ return TEST_SUCCESS;
+}
+
+static int
+test_dh_alice_and_bob(const void *test_data)
+{
+ uint8_t alice_x[TEST_DH_MOD_LEN] = { };
+ uint8_t alice_y[TEST_DH_MOD_LEN] = { };
+ uint8_t alice_secret[TEST_DH_MOD_LEN] = { };
+ uint8_t bob_x[TEST_DH_MOD_LEN] = { };
+ uint8_t bob_y[TEST_DH_MOD_LEN] = { };
+ uint8_t bob_secret[TEST_DH_MOD_LEN] = { };
+
+ const struct test_dh_group *group = test_data;
+ struct rte_crypto_op *alice_op = NULL;
+ struct rte_crypto_op *bob_op = NULL;
+ void *alice_session = NULL;
+ void *bob_session = NULL;
+
+ int ret = TEST_SUCCESS;
+ uint32_t alice_y_size = 0;
+ uint32_t bob_y_size = 0;
+ uint8_t dev_id = testsuite_params.valid_devs[0];
+
+ alice_op = rte_crypto_op_alloc(testsuite_params.op_mpool,
+ RTE_CRYPTO_OP_TYPE_ASYMMETRIC);
+ if (alice_op == NULL) {
+ RTE_LOG(ERR, USER1, "line %u FAILED: %s", __LINE__,
+ "Cannot allocate alice_op");
+ ret = TEST_FAILED;
+ goto error_exit;
+ }
+ bob_op = rte_crypto_op_alloc(testsuite_params.op_mpool,
+ RTE_CRYPTO_OP_TYPE_ASYMMETRIC);
+ if (bob_op == NULL) {
+ RTE_LOG(ERR, USER1, "line %u FAILED: %s", __LINE__,
+ "Cannot allocate bob_op");
+ ret = TEST_FAILED;
+ goto error_exit;
+ }
+
+ alice_session = dh_alice_bob_set_session(dev_id, alice_op,
+ group);
+ if (alice_session == NULL) {
+ RTE_LOG(ERR, USER1, "line %u FAILED: %s", __LINE__,
+ "Cannot allocate alice_session");
+ ret = TEST_FAILED;
+ goto error_exit;
+ }
+ bob_session = dh_alice_bob_set_session(dev_id, bob_op,
+ group);
+ if (bob_session == NULL) {
+ RTE_LOG(ERR, USER1, "line %u FAILED: %s", __LINE__,
+ "Cannot allocate bob_session");
+ ret = TEST_FAILED;
+ goto error_exit;
+ }
+
+ dh_alice_bob_gen_x(group, alice_x);
+ ret = dh_alice_bob_gen_y(alice_op, "Alice", dev_id,
+ alice_y, alice_x, group->priv_ff_size);
+ if (ret) {
+ RTE_LOG(ERR, USER1, "line %u FAILED: %s", __LINE__,
+ "Diffie-Hellman error\n");
+ goto error_exit;
+ }
+ alice_y_size = alice_op->asym->dh.pub_key.length;
+ dh_alice_bob_gen_x(group, bob_x);
+ ret = dh_alice_bob_gen_y(bob_op, "Bob", dev_id,
+ bob_y, bob_x, group->priv_ff_size);
+ if (ret) {
+ RTE_LOG(ERR, USER1, "line %u FAILED: %s", __LINE__,
+ "Diffie-Hellman error\n");
+ goto error_exit;
+ }
+ bob_y_size = bob_op->asym->dh.pub_key.length;
+
+ ret = dh_alice_bob_shared_compute(dev_id, "Alice", alice_op,
+ alice_secret, bob_y, bob_y_size);
+ if (ret) {
+ RTE_LOG(ERR, USER1, "line %u FAILED: %s", __LINE__,
+ "Diffie-Hellman error, error computing Alice's shared secret");
+ goto error_exit;
+ }
+
+ ret = dh_alice_bob_shared_compute(dev_id, "Bob", bob_op, bob_secret,
+ alice_y, alice_y_size);
+ if (ret) {
+ RTE_LOG(ERR, USER1, "line %u FAILED: %s", __LINE__,
+ "Diffie-Hellman error, error computing Bob's shared secret");
+ goto error_exit;
+ }
+
+ ret = dh_alice_bob_verify(alice_op, bob_op);
+ if (ret) {
+ RTE_LOG(ERR, USER1, "line %u FAILED: %s", __LINE__,
+ "Diffie-Hellman error");
+ goto error_exit;
+ }
+
+error_exit:
+ if (alice_session)
+ rte_cryptodev_asym_session_free(dev_id, alice_session);
+ if (bob_session)
+ rte_cryptodev_asym_session_free(dev_id, bob_session);
+ if (alice_op)
+ rte_crypto_op_free(alice_op);
+ if (bob_op != NULL)
+ rte_crypto_op_free(bob_op);
+ return ret;
+}
+
static struct unit_test_suite cryptodev_openssl_asym_testsuite = {
.suite_name = "Crypto Device OPENSSL ASYM Unit Test Suite",
.setup = testsuite_setup,
@@ -2215,6 +2463,22 @@ static struct unit_test_suite cryptodev_openssl_asym_testsuite = {
TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, test_mod_inv),
TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, test_mod_exp),
TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, test_one_by_one),
+ TEST_CASE_NAMED_WITH_DATA(
+ "Diffie-Hellman Alice and Bob group 14 ikev2 test",
+ ut_setup_asym, ut_teardown_asym,
+ test_dh_alice_and_bob, &test_dh_ikev2group_14),
+ TEST_CASE_NAMED_WITH_DATA(
+ "Diffie-Hellman Alice and Bob group 15 ikev2 test",
+ ut_setup_asym, ut_teardown_asym,
+ test_dh_alice_and_bob, &test_dh_ikev2group_15),
+ TEST_CASE_NAMED_WITH_DATA(
+ "Diffie-Hellman Alice and Bob group 16 ikev2 test",
+ ut_setup_asym, ut_teardown_asym,
+ test_dh_alice_and_bob, &test_dh_ikev2group_16),
+ TEST_CASE_NAMED_WITH_DATA(
+ "Diffie-Hellman Alice and Bob group 24 ikev2 test",
+ ut_setup_asym, ut_teardown_asym,
+ test_dh_alice_and_bob, &test_dh_ikev2group_24),
TEST_CASES_END() /**< NULL terminate unit test array */
}
};
diff --git a/app/test/test_cryptodev_dh_test_vectors.h b/app/test/test_cryptodev_dh_test_vectors.h
index fe7510dcd3..6af677c614 100644
--- a/app/test/test_cryptodev_dh_test_vectors.h
+++ b/app/test/test_cryptodev_dh_test_vectors.h
@@ -10,6 +10,18 @@
#define TEST_DATA_SIZE 4096
#define TEST_DH_MOD_LEN 1024
+struct test_dh_group {
+ int id;
+ struct {
+ uint8_t *data;
+ uint32_t bytesize;
+ } g;
+ struct {
+ uint8_t *data;
+ uint32_t bytesize;
+ } p;
+ uint32_t priv_ff_size;
+};
struct dh_test_param {
rte_crypto_param priv_key;
@@ -77,4 +89,310 @@ struct rte_crypto_asym_xform dh_xform = {
}
};
+static uint8_t test_dh_gen_2[] = {
+ 0x2,
+};
+
+static uint8_t test_dh_ikev2group14_p[] = {
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68, 0xC2, 0x34,
+ 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1,
+ 0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74,
+ 0x02, 0x0B, 0xBE, 0xA6, 0x3B, 0x13, 0x9B, 0x22,
+ 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD,
+ 0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B,
+ 0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, 0x37,
+ 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45,
+ 0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6,
+ 0xF4, 0x4C, 0x42, 0xE9, 0xA6, 0x37, 0xED, 0x6B,
+ 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED,
+ 0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5,
+ 0xAE, 0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6,
+ 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D,
+ 0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05,
+ 0x98, 0xDA, 0x48, 0x36, 0x1C, 0x55, 0xD3, 0x9A,
+ 0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F,
+ 0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96,
+ 0x1C, 0x62, 0xF3, 0x56, 0x20, 0x85, 0x52, 0xBB,
+ 0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D,
+ 0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04,
+ 0xF1, 0x74, 0x6C, 0x08, 0xCA, 0x18, 0x21, 0x7C,
+ 0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B,
+ 0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03,
+ 0x9B, 0x27, 0x83, 0xA2, 0xEC, 0x07, 0xA2, 0x8F,
+ 0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9,
+ 0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18,
+ 0x39, 0x95, 0x49, 0x7C, 0xEA, 0x95, 0x6A, 0xE5,
+ 0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10,
+ 0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAC, 0xAA, 0x68,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+};
+
+static uint8_t test_dh_ikev2group15_p[] = {
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68, 0xC2, 0x34,
+ 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1,
+ 0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74,
+ 0x02, 0x0B, 0xBE, 0xA6, 0x3B, 0x13, 0x9B, 0x22,
+ 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD,
+ 0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B,
+ 0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, 0x37,
+ 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45,
+ 0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6,
+ 0xF4, 0x4C, 0x42, 0xE9, 0xA6, 0x37, 0xED, 0x6B,
+ 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED,
+ 0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5,
+ 0xAE, 0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6,
+ 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D,
+ 0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05,
+ 0x98, 0xDA, 0x48, 0x36, 0x1C, 0x55, 0xD3, 0x9A,
+ 0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F,
+ 0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96,
+ 0x1C, 0x62, 0xF3, 0x56, 0x20, 0x85, 0x52, 0xBB,
+ 0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D,
+ 0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04,
+ 0xF1, 0x74, 0x6C, 0x08, 0xCA, 0x18, 0x21, 0x7C,
+ 0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B,
+ 0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03,
+ 0x9B, 0x27, 0x83, 0xA2, 0xEC, 0x07, 0xA2, 0x8F,
+ 0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9,
+ 0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18,
+ 0x39, 0x95, 0x49, 0x7C, 0xEA, 0x95, 0x6A, 0xE5,
+ 0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10,
+ 0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAA, 0xC4, 0x2D,
+ 0xAD, 0x33, 0x17, 0x0D, 0x04, 0x50, 0x7A, 0x33,
+ 0xA8, 0x55, 0x21, 0xAB, 0xDF, 0x1C, 0xBA, 0x64,
+ 0xEC, 0xFB, 0x85, 0x04, 0x58, 0xDB, 0xEF, 0x0A,
+ 0x8A, 0xEA, 0x71, 0x57, 0x5D, 0x06, 0x0C, 0x7D,
+ 0xB3, 0x97, 0x0F, 0x85, 0xA6, 0xE1, 0xE4, 0xC7,
+ 0xAB, 0xF5, 0xAE, 0x8C, 0xDB, 0x09, 0x33, 0xD7,
+ 0x1E, 0x8C, 0x94, 0xE0, 0x4A, 0x25, 0x61, 0x9D,
+ 0xCE, 0xE3, 0xD2, 0x26, 0x1A, 0xD2, 0xEE, 0x6B,
+ 0xF1, 0x2F, 0xFA, 0x06, 0xD9, 0x8A, 0x08, 0x64,
+ 0xD8, 0x76, 0x02, 0x73, 0x3E, 0xC8, 0x6A, 0x64,
+ 0x52, 0x1F, 0x2B, 0x18, 0x17, 0x7B, 0x20, 0x0C,
+ 0xBB, 0xE1, 0x17, 0x57, 0x7A, 0x61, 0x5D, 0x6C,
+ 0x77, 0x09, 0x88, 0xC0, 0xBA, 0xD9, 0x46, 0xE2,
+ 0x08, 0xE2, 0x4F, 0xA0, 0x74, 0xE5, 0xAB, 0x31,
+ 0x43, 0xDB, 0x5B, 0xFC, 0xE0, 0xFD, 0x10, 0x8E,
+ 0x4B, 0x82, 0xD1, 0x20, 0xA9, 0x3A, 0xD2, 0xCA,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+};
+
+static uint8_t test_dh_ikev2group16_p[] = {
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68, 0xC2, 0x34,
+ 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1,
+ 0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74,
+ 0x02, 0x0B, 0xBE, 0xA6, 0x3B, 0x13, 0x9B, 0x22,
+ 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD,
+ 0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B,
+ 0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, 0x37,
+ 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45,
+ 0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6,
+ 0xF4, 0x4C, 0x42, 0xE9, 0xA6, 0x37, 0xED, 0x6B,
+ 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED,
+ 0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5,
+ 0xAE, 0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6,
+ 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D,
+ 0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05,
+ 0x98, 0xDA, 0x48, 0x36, 0x1C, 0x55, 0xD3, 0x9A,
+ 0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F,
+ 0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96,
+ 0x1C, 0x62, 0xF3, 0x56, 0x20, 0x85, 0x52, 0xBB,
+ 0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D,
+ 0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04,
+ 0xF1, 0x74, 0x6C, 0x08, 0xCA, 0x18, 0x21, 0x7C,
+ 0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B,
+ 0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03,
+ 0x9B, 0x27, 0x83, 0xA2, 0xEC, 0x07, 0xA2, 0x8F,
+ 0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9,
+ 0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18,
+ 0x39, 0x95, 0x49, 0x7C, 0xEA, 0x95, 0x6A, 0xE5,
+ 0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10,
+ 0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAA, 0xC4, 0x2D,
+ 0xAD, 0x33, 0x17, 0x0D, 0x04, 0x50, 0x7A, 0x33,
+ 0xA8, 0x55, 0x21, 0xAB, 0xDF, 0x1C, 0xBA, 0x64,
+ 0xEC, 0xFB, 0x85, 0x04, 0x58, 0xDB, 0xEF, 0x0A,
+ 0x8A, 0xEA, 0x71, 0x57, 0x5D, 0x06, 0x0C, 0x7D,
+ 0xB3, 0x97, 0x0F, 0x85, 0xA6, 0xE1, 0xE4, 0xC7,
+ 0xAB, 0xF5, 0xAE, 0x8C, 0xDB, 0x09, 0x33, 0xD7,
+ 0x1E, 0x8C, 0x94, 0xE0, 0x4A, 0x25, 0x61, 0x9D,
+ 0xCE, 0xE3, 0xD2, 0x26, 0x1A, 0xD2, 0xEE, 0x6B,
+ 0xF1, 0x2F, 0xFA, 0x06, 0xD9, 0x8A, 0x08, 0x64,
+ 0xD8, 0x76, 0x02, 0x73, 0x3E, 0xC8, 0x6A, 0x64,
+ 0x52, 0x1F, 0x2B, 0x18, 0x17, 0x7B, 0x20, 0x0C,
+ 0xBB, 0xE1, 0x17, 0x57, 0x7A, 0x61, 0x5D, 0x6C,
+ 0x77, 0x09, 0x88, 0xC0, 0xBA, 0xD9, 0x46, 0xE2,
+ 0x08, 0xE2, 0x4F, 0xA0, 0x74, 0xE5, 0xAB, 0x31,
+ 0x43, 0xDB, 0x5B, 0xFC, 0xE0, 0xFD, 0x10, 0x8E,
+ 0x4B, 0x82, 0xD1, 0x20, 0xA9, 0x21, 0x08, 0x01,
+ 0x1A, 0x72, 0x3C, 0x12, 0xA7, 0x87, 0xE6, 0xD7,
+ 0x88, 0x71, 0x9A, 0x10, 0xBD, 0xBA, 0x5B, 0x26,
+ 0x99, 0xC3, 0x27, 0x18, 0x6A, 0xF4, 0xE2, 0x3C,
+ 0x1A, 0x94, 0x68, 0x34, 0xB6, 0x15, 0x0B, 0xDA,
+ 0x25, 0x83, 0xE9, 0xCA, 0x2A, 0xD4, 0x4C, 0xE8,
+ 0xDB, 0xBB, 0xC2, 0xDB, 0x04, 0xDE, 0x8E, 0xF9,
+ 0x2E, 0x8E, 0xFC, 0x14, 0x1F, 0xBE, 0xCA, 0xA6,
+ 0x28, 0x7C, 0x59, 0x47, 0x4E, 0x6B, 0xC0, 0x5D,
+ 0x99, 0xB2, 0x96, 0x4F, 0xA0, 0x90, 0xC3, 0xA2,
+ 0x23, 0x3B, 0xA1, 0x86, 0x51, 0x5B, 0xE7, 0xED,
+ 0x1F, 0x61, 0x29, 0x70, 0xCE, 0xE2, 0xD7, 0xAF,
+ 0xB8, 0x1B, 0xDD, 0x76, 0x21, 0x70, 0x48, 0x1C,
+ 0xD0, 0x06, 0x91, 0x27, 0xD5, 0xB0, 0x5A, 0xA9,
+ 0x93, 0xB4, 0xEA, 0x98, 0x8D, 0x8F, 0xDD, 0xC1,
+ 0x86, 0xFF, 0xB7, 0xDC, 0x90, 0xA6, 0xC0, 0x8F,
+ 0x4D, 0xF4, 0x35, 0xC9, 0x34, 0x06, 0x31, 0x99,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+};
+
+static uint8_t test_dh_ikev2group24_p[] = {
+ 0x87, 0xA8, 0xE6, 0x1D, 0xB4, 0xB6, 0x66, 0x3C,
+ 0xFF, 0xBB, 0xD1, 0x9C, 0x65, 0x19, 0x59, 0x99,
+ 0x8C, 0xEE, 0xF6, 0x08, 0x66, 0x0D, 0xD0, 0xF2,
+ 0x5D, 0x2C, 0xEE, 0xD4, 0x43, 0x5E, 0x3B, 0x00,
+ 0xE0, 0x0D, 0xF8, 0xF1, 0xD6, 0x19, 0x57, 0xD4,
+ 0xFA, 0xF7, 0xDF, 0x45, 0x61, 0xB2, 0xAA, 0x30,
+ 0x16, 0xC3, 0xD9, 0x11, 0x34, 0x09, 0x6F, 0xAA,
+ 0x3B, 0xF4, 0x29, 0x6D, 0x83, 0x0E, 0x9A, 0x7C,
+ 0x20, 0x9E, 0x0C, 0x64, 0x97, 0x51, 0x7A, 0xBD,
+ 0x5A, 0x8A, 0x9D, 0x30, 0x6B, 0xCF, 0x67, 0xED,
+ 0x91, 0xF9, 0xE6, 0x72, 0x5B, 0x47, 0x58, 0xC0,
+ 0x22, 0xE0, 0xB1, 0xEF, 0x42, 0x75, 0xBF, 0x7B,
+ 0x6C, 0x5B, 0xFC, 0x11, 0xD4, 0x5F, 0x90, 0x88,
+ 0xB9, 0x41, 0xF5, 0x4E, 0xB1, 0xE5, 0x9B, 0xB8,
+ 0xBC, 0x39, 0xA0, 0xBF, 0x12, 0x30, 0x7F, 0x5C,
+ 0x4F, 0xDB, 0x70, 0xC5, 0x81, 0xB2, 0x3F, 0x76,
+ 0xB6, 0x3A, 0xCA, 0xE1, 0xCA, 0xA6, 0xB7, 0x90,
+ 0x2D, 0x52, 0x52, 0x67, 0x35, 0x48, 0x8A, 0x0E,
+ 0xF1, 0x3C, 0x6D, 0x9A, 0x51, 0xBF, 0xA4, 0xAB,
+ 0x3A, 0xD8, 0x34, 0x77, 0x96, 0x52, 0x4D, 0x8E,
+ 0xF6, 0xA1, 0x67, 0xB5, 0xA4, 0x18, 0x25, 0xD9,
+ 0x67, 0xE1, 0x44, 0xE5, 0x14, 0x05, 0x64, 0x25,
+ 0x1C, 0xCA, 0xCB, 0x83, 0xE6, 0xB4, 0x86, 0xF6,
+ 0xB3, 0xCA, 0x3F, 0x79, 0x71, 0x50, 0x60, 0x26,
+ 0xC0, 0xB8, 0x57, 0xF6, 0x89, 0x96, 0x28, 0x56,
+ 0xDE, 0xD4, 0x01, 0x0A, 0xBD, 0x0B, 0xE6, 0x21,
+ 0xC3, 0xA3, 0x96, 0x0A, 0x54, 0xE7, 0x10, 0xC3,
+ 0x75, 0xF2, 0x63, 0x75, 0xD7, 0x01, 0x41, 0x03,
+ 0xA4, 0xB5, 0x43, 0x30, 0xC1, 0x98, 0xAF, 0x12,
+ 0x61, 0x16, 0xD2, 0x27, 0x6E, 0x11, 0x71, 0x5F,
+ 0x69, 0x38, 0x77, 0xFA, 0xD7, 0xEF, 0x09, 0xCA,
+ 0xDB, 0x09, 0x4A, 0xE9, 0x1E, 0x1A, 0x15, 0x97,
+};
+
+
+static uint8_t test_dh_ikev2group24_g[] = {
+ 0x3F, 0xB3, 0x2C, 0x9B, 0x73, 0x13, 0x4D, 0x0B,
+ 0x2E, 0x77, 0x50, 0x66, 0x60, 0xED, 0xBD, 0x48,
+ 0x4C, 0xA7, 0xB1, 0x8F, 0x21, 0xEF, 0x20, 0x54,
+ 0x07, 0xF4, 0x79, 0x3A, 0x1A, 0x0B, 0xA1, 0x25,
+ 0x10, 0xDB, 0xC1, 0x50, 0x77, 0xBE, 0x46, 0x3F,
+ 0xFF, 0x4F, 0xED, 0x4A, 0xAC, 0x0B, 0xB5, 0x55,
+ 0xBE, 0x3A, 0x6C, 0x1B, 0x0C, 0x6B, 0x47, 0xB1,
+ 0xBC, 0x37, 0x73, 0xBF, 0x7E, 0x8C, 0x6F, 0x62,
+ 0x90, 0x12, 0x28, 0xF8, 0xC2, 0x8C, 0xBB, 0x18,
+ 0xA5, 0x5A, 0xE3, 0x13, 0x41, 0x00, 0x0A, 0x65,
+ 0x01, 0x96, 0xF9, 0x31, 0xC7, 0x7A, 0x57, 0xF2,
+ 0xDD, 0xF4, 0x63, 0xE5, 0xE9, 0xEC, 0x14, 0x4B,
+ 0x77, 0x7D, 0xE6, 0x2A, 0xAA, 0xB8, 0xA8, 0x62,
+ 0x8A, 0xC3, 0x76, 0xD2, 0x82, 0xD6, 0xED, 0x38,
+ 0x64, 0xE6, 0x79, 0x82, 0x42, 0x8E, 0xBC, 0x83,
+ 0x1D, 0x14, 0x34, 0x8F, 0x6F, 0x2F, 0x91, 0x93,
+ 0xB5, 0x04, 0x5A, 0xF2, 0x76, 0x71, 0x64, 0xE1,
+ 0xDF, 0xC9, 0x67, 0xC1, 0xFB, 0x3F, 0x2E, 0x55,
+ 0xA4, 0xBD, 0x1B, 0xFF, 0xE8, 0x3B, 0x9C, 0x80,
+ 0xD0, 0x52, 0xB9, 0x85, 0xD1, 0x82, 0xEA, 0x0A,
+ 0xDB, 0x2A, 0x3B, 0x73, 0x13, 0xD3, 0xFE, 0x14,
+ 0xC8, 0x48, 0x4B, 0x1E, 0x05, 0x25, 0x88, 0xB9,
+ 0xB7, 0xD2, 0xBB, 0xD2, 0xDF, 0x01, 0x61, 0x99,
+ 0xEC, 0xD0, 0x6E, 0x15, 0x57, 0xCD, 0x09, 0x15,
+ 0xB3, 0x35, 0x3B, 0xBB, 0x64, 0xE0, 0xEC, 0x37,
+ 0x7F, 0xD0, 0x28, 0x37, 0x0D, 0xF9, 0x2B, 0x52,
+ 0xC7, 0x89, 0x14, 0x28, 0xCD, 0xC6, 0x7E, 0xB6,
+ 0x18, 0x4B, 0x52, 0x3D, 0x1D, 0xB2, 0x46, 0xC3,
+ 0x2F, 0x63, 0x07, 0x84, 0x90, 0xF0, 0x0E, 0xF8,
+ 0xD6, 0x47, 0xD1, 0x48, 0xD4, 0x79, 0x54, 0x51,
+ 0x5E, 0x23, 0x27, 0xCF, 0xEF, 0x98, 0xC5, 0x82,
+ 0x66, 0x4B, 0x4C, 0x0F, 0x6C, 0xC4, 0x16, 0x59,
+};
+
+static const struct test_dh_group test_dh_ikev2group_14 = {
+ .id = 0,
+ /*
+ * Officially 14, ikev2
+ */
+ .g = {
+ .data = test_dh_gen_2,
+ .bytesize = sizeof(test_dh_gen_2),
+ },
+ .p = {
+ .data = test_dh_ikev2group14_p,
+ .bytesize = sizeof(test_dh_ikev2group14_p),
+ },
+ .priv_ff_size = 256,
+};
+
+static const struct test_dh_group test_dh_ikev2group_15 = {
+ .id = 0,
+ /*
+ * Officially 15, ikev2
+ */
+ .g = {
+ .data = test_dh_gen_2,
+ .bytesize = sizeof(test_dh_gen_2),
+ },
+ .p = {
+ .data = test_dh_ikev2group15_p,
+ .bytesize = sizeof(test_dh_ikev2group15_p),
+ },
+ .priv_ff_size = 384,
+};
+
+static const struct test_dh_group test_dh_ikev2group_16 = {
+ .id = 0,
+ /*
+ * Officially 16, ikev2
+ */
+ .g = {
+ .data = test_dh_gen_2,
+ .bytesize = sizeof(test_dh_gen_2),
+ },
+ .p = {
+ .data = test_dh_ikev2group16_p,
+ .bytesize = sizeof(test_dh_ikev2group16_p),
+ },
+ .priv_ff_size = 512,
+};
+
+static const struct test_dh_group test_dh_ikev2group_24 = {
+ .id = 0,
+ /*
+ * Officially 24, ikev2
+ */
+ .g = {
+ .data = test_dh_ikev2group24_g,
+ .bytesize = sizeof(test_dh_ikev2group24_g),
+ },
+ .p = {
+ .data = test_dh_ikev2group24_p,
+ .bytesize = sizeof(test_dh_ikev2group24_p),
+ },
+ .priv_ff_size = 32,
+};
+
+static const struct test_dh_group test_ecdh_secp256r1 = {
+ .id = RTE_CRYPTO_EC_GROUP_SECP256R1,
+ .priv_ff_size = 32,
+};
+static const struct test_dh_group test_ecdh_secp384r1 = {
+ .id = RTE_CRYPTO_EC_GROUP_SECP384R1,
+ .priv_ff_size = 48,
+};
+static const struct test_dh_group test_ecdh_secp521r1 = {
+ .id = RTE_CRYPTO_EC_GROUP_SECP521R1,
+ .priv_ff_size = 64,
+};
+
+
#endif /* TEST_CRYPTODEV_DH_TEST_VECTORS_H__ */
--
2.17.1
^ permalink raw reply related [flat|nested] 8+ messages in thread
* [dpdk-dev v2 2/3] app/test: add ecdh test cases
2023-03-14 18:34 ` [dpdk-dev v2 0/3] app/test: add asymmetric " Kai Ji
2023-03-14 18:34 ` [dpdk-dev v2 1/3] app/test: add diffie-hellman " Kai Ji
@ 2023-03-14 18:34 ` Kai Ji
2023-03-14 18:34 ` [dpdk-dev v2 3/3] app/test: add ecdsa kat sessionless tests Kai Ji
2 siblings, 0 replies; 8+ messages in thread
From: Kai Ji @ 2023-03-14 18:34 UTC (permalink / raw
To: dev; +Cc: gakhil, stable, Arkadiusz Kusztal, Kai Ji
From: Arkadiusz Kusztal <arkadiuszx.kusztal@intel.com>
Added Elliptic-Curve Diffie Hellman test cases.
Signed-off-by: Arkadiusz Kusztal <arkadiuszx.kusztal@intel.com>
Signed-off-by: Kai Ji <kai.ji@intel.com>
---
app/test/test_cryptodev_asym.c | 366 ++++++++++++++++++++
app/test/test_cryptodev_ecdh_test_vectors.h | 144 ++++++++
2 files changed, 510 insertions(+)
create mode 100644 app/test/test_cryptodev_ecdh_test_vectors.h
diff --git a/app/test/test_cryptodev_asym.c b/app/test/test_cryptodev_asym.c
index b9034b637a..fd5c5788b2 100644
--- a/app/test/test_cryptodev_asym.c
+++ b/app/test/test_cryptodev_asym.c
@@ -19,6 +19,7 @@
#include "test_cryptodev_dsa_test_vectors.h"
#include "test_cryptodev_ecdsa_test_vectors.h"
#include "test_cryptodev_ecpm_test_vectors.h"
+#include "test_cryptodev_ecdh_test_vectors.h"
#include "test_cryptodev_mod_test_vectors.h"
#include "test_cryptodev_rsa_test_vectors.h"
#include "test_cryptodev_asym_util.h"
@@ -2231,6 +2232,367 @@ test_ecpm_all_curve(void)
return overall_status;
}
+static int
+test_ecdh(const void *input_vector)
+{
+ const struct ECDH_test_vector *test_vector = input_vector;
+ struct crypto_testsuite_params_asym *ts_params = &testsuite_params;
+ struct rte_mempool *op_mpool = ts_params->op_mpool;
+ struct rte_crypto_asym_xform xform = {
+ .next = NULL,
+ .xform_type = RTE_CRYPTO_ASYM_XFORM_ECDH,
+ .ec.curve_id = test_vector->curve_id
+ };
+ const uint8_t dev_id = ts_params->valid_devs[0];
+ uint8_t alice_x[test_vector->curve_bytesize],
+ alice_y[test_vector->curve_bytesize];
+ uint8_t bob_x[test_vector->curve_bytesize],
+ bob_y[test_vector->curve_bytesize];
+ uint8_t alice_xZ[test_vector->curve_bytesize],
+ alice_yZ[test_vector->curve_bytesize];
+ uint8_t bob_xZ[test_vector->curve_bytesize],
+ bob_yZ[test_vector->curve_bytesize];
+ struct rte_crypto_op *alice_op = NULL, *bob_op = NULL;
+
+ alice_op = rte_crypto_op_alloc(op_mpool,
+ RTE_CRYPTO_OP_TYPE_ASYMMETRIC);
+ if (alice_op == NULL) {
+ RTE_LOG(ERR, USER1, "Error when allocationg alice_op\n");
+ goto error;
+ }
+ bob_op = rte_crypto_op_alloc(op_mpool,
+ RTE_CRYPTO_OP_TYPE_ASYMMETRIC);
+ if (bob_op == NULL) {
+ RTE_LOG(ERR, USER1, "Error when allocationg bob_op\n");
+ goto error;
+ }
+
+ /*
+ * STEP 1a:
+ * Generate Alice public key
+ */
+
+ alice_op->sess_type = RTE_CRYPTO_OP_SESSIONLESS;
+ alice_op->asym->xform = &xform;
+ alice_op->asym->ecdh.ke_type = RTE_CRYPTO_ASYM_KE_PUB_KEY_GENERATE;
+ alice_op->asym->ecdh.priv_key = test_vector->alice_d;
+ alice_op->asym->ecdh.pub_key.x.data = alice_x;
+ alice_op->asym->ecdh.pub_key.y.data = alice_y;
+
+ if (rte_cryptodev_enqueue_burst(dev_id, 0, &alice_op, 1) != 1) {
+ RTE_LOG(ERR, USER1, "Error sending packet for sign\n");
+ goto error;
+ }
+
+ while (rte_cryptodev_dequeue_burst(dev_id, 0, &alice_op, 1) == 0)
+ rte_pause();
+
+ if (alice_op->asym->ecdh.pub_key.x.length !=
+ test_vector->alice_q.x.length) {
+ RTE_LOG(ERR, USER1, "Incorrect Alice public key length (X coeff)\n");
+ RTE_LOG(ERR, USER1,
+ "Received length = %d Expected length = %d\n",
+ (unsigned int)test_vector->alice_q.x.length,
+ (unsigned int)alice_op->asym->ecdh.pub_key.x.length
+ );
+ goto error;
+ }
+ if (alice_op->asym->ecdh.pub_key.y.length !=
+ test_vector->alice_q.y.length) {
+ RTE_LOG(ERR, USER1, "Incorrect Alice public key length (Y coeff)\n");
+ RTE_LOG(ERR, USER1,
+ "Received length = %d Expected length = %d\n",
+ (unsigned int)test_vector->alice_q.y.length,
+ (unsigned int)alice_op->asym->ecdh.pub_key.y.length
+ );
+ goto error;
+ }
+ if (memcmp(alice_op->asym->ecdh.pub_key.x.data,
+ test_vector->alice_q.x.data,
+ test_vector->alice_q.x.length)
+ ) {
+ RTE_LOG(ERR, USER1, "Incorrect Alice public key X\n");
+ debug_hexdump(stdout, "Generated PublicKey x (Alice):",
+ alice_op->asym->ecdh.pub_key.x.data,
+ alice_op->asym->ecdh.pub_key.x.length);
+ goto error;
+ }
+ if (memcmp(alice_op->asym->ecdh.pub_key.y.data,
+ test_vector->alice_q.y.data,
+ test_vector->alice_q.y.length)
+ ) {
+ RTE_LOG(ERR, USER1, "Incorrect Alice public key Y\n");
+ debug_hexdump(stdout, "Generated PublicKey y (Alice):",
+ alice_op->asym->ecdh.pub_key.y.data,
+ alice_op->asym->ecdh.pub_key.y.length);
+ goto error;
+ }
+
+
+ /*
+ * STEP 1b:
+ * Generate Bob public key
+ */
+
+ bob_op->sess_type = RTE_CRYPTO_OP_SESSIONLESS;
+ bob_op->asym->xform = &xform;
+ bob_op->asym->ecdh.ke_type = RTE_CRYPTO_ASYM_KE_PUB_KEY_GENERATE;
+ bob_op->asym->ecdh.priv_key = test_vector->bob_d;
+ bob_op->asym->ecdh.pub_key.x.data = bob_x;
+ bob_op->asym->ecdh.pub_key.y.data = bob_y;
+
+ if (rte_cryptodev_enqueue_burst(dev_id, 0, &bob_op, 1) != 1) {
+ RTE_LOG(ERR, USER1, "Error sending packet for sign\n");
+ goto error;
+ }
+
+ while (rte_cryptodev_dequeue_burst(dev_id, 0, &bob_op, 1) == 0)
+ rte_pause();
+
+ if (bob_op->asym->ecdh.pub_key.x.length !=
+ test_vector->bob_q.x.length) {
+ RTE_LOG(ERR, USER1, "Incorrect Bob's public key length (X coeff)\n");
+ RTE_LOG(ERR, USER1,
+ "Received length = %d Expected length = %d\n",
+ (unsigned int)test_vector->bob_q.x.length,
+ (unsigned int)bob_op->asym->ecdh.pub_key.x.length
+ );
+ goto error;
+ }
+ if (bob_op->asym->ecdh.pub_key.y.length !=
+ test_vector->bob_q.y.length) {
+ RTE_LOG(ERR, USER1, "Incorrect Bob's public key length (Y coeff)\n");
+ RTE_LOG(ERR, USER1,
+ "Received length = %d Expected length = %d\n",
+ (unsigned int)test_vector->bob_q.y.length,
+ (unsigned int)bob_op->asym->ecdh.pub_key.y.length
+ );
+ goto error;
+ }
+ if (memcmp(bob_op->asym->ecdh.pub_key.x.data,
+ test_vector->bob_q.x.data,
+ test_vector->bob_q.x.length)
+ ) {
+ RTE_LOG(ERR, USER1, "Incorrect Bob's public key X\n");
+ debug_hexdump(stdout,
+ "Generated PublicKey x (bob):",
+ bob_op->asym->ecdh.pub_key.x.data,
+ bob_op->asym->ecdh.pub_key.x.length
+ );
+ goto error;
+ }
+ if (memcmp(bob_op->asym->ecdh.pub_key.y.data,
+ test_vector->bob_q.y.data,
+ test_vector->bob_q.y.length)
+ ) {
+ RTE_LOG(ERR, USER1, "Incorrect Bob's public key Y\n");
+ debug_hexdump(stdout,
+ "Generated PublicKey y (bob):",
+ bob_op->asym->ecdh.pub_key.y.data,
+ bob_op->asym->ecdh.pub_key.y.length
+ );
+ goto error;
+ }
+
+ /*
+ * STEP 1.5a:
+ * Alice verifies Bob's public key, reusing op, other parameters
+ * then already set, only what Alice needs to do is to set public
+ * key of Bob and change key exchange type to VERIFY.
+ */
+
+ alice_op->asym->ecdh.ke_type = RTE_CRYPTO_ASYM_KE_PUB_KEY_VERIFY;
+ alice_op->asym->ecdh.pub_key.x.data = bob_x;
+ alice_op->asym->ecdh.pub_key.x.length =
+ bob_op->asym->ecdh.pub_key.x.length;
+ alice_op->asym->ecdh.pub_key.y.data = bob_y;
+ alice_op->asym->ecdh.pub_key.y.length =
+ bob_op->asym->ecdh.pub_key.y.length;
+
+ if (rte_cryptodev_enqueue_burst(dev_id, 0, &alice_op, 1) != 1) {
+ RTE_LOG(ERR, USER1, "Error sending packet for sign\n");
+ goto error;
+ }
+
+ while (rte_cryptodev_dequeue_burst(dev_id, 0, &alice_op, 1) == 0)
+ rte_pause();
+
+ if (alice_op->status != RTE_CRYPTO_OP_STATUS_SUCCESS) {
+ RTE_LOG(ERR, USER1,
+ "line %u FAILED: %s", __LINE__,
+ "Failed to verify Bob's public key, it does not belongs to curve points\n"
+ );
+ return TEST_FAILED;
+ }
+
+ /*
+ * STEP 1.5b:
+ * Bob verifies Alice's public key, reusing op, other parameters
+ * then already set, only what Bob needs to do is to set public
+ * key of Alice and change key exchange type to VERIFY.
+ */
+
+ bob_op->asym->ecdh.ke_type = RTE_CRYPTO_ASYM_KE_PUB_KEY_VERIFY;
+ bob_op->asym->ecdh.pub_key.x.data = alice_x;
+ bob_op->asym->ecdh.pub_key.x.length =
+ alice_op->asym->ecdh.pub_key.x.length;
+ bob_op->asym->ecdh.pub_key.y.data = alice_y;
+ bob_op->asym->ecdh.pub_key.y.length =
+ alice_op->asym->ecdh.pub_key.y.length;
+
+ if (rte_cryptodev_enqueue_burst(dev_id, 0, &bob_op, 1) != 1) {
+ RTE_LOG(ERR, USER1, "Error sending packet for sign\n");
+ goto error;
+ }
+
+ while (rte_cryptodev_dequeue_burst(dev_id, 0, &bob_op, 1) == 0)
+ rte_pause();
+
+ if (bob_op->status != RTE_CRYPTO_OP_STATUS_SUCCESS) {
+ RTE_LOG(ERR, USER1,
+ "line %u FAILED: %s", __LINE__,
+ "Failed to verify Alice's public key it does not belongs to curve points\n"
+ );
+ goto error;
+ }
+
+ /*
+ * STEP 2a:
+ * Alice generates shared secret Z, since Bob's public key was already
+ * set when doing verification only key exchange type need to be changed,
+ * and setting place where Z will be copied by the PMD.
+ */
+
+ alice_op->asym->ecdh.ke_type = RTE_CRYPTO_ASYM_KE_SHARED_SECRET_COMPUTE;
+ alice_op->asym->ecdh.shared_secret.x.data = alice_xZ;
+ alice_op->asym->ecdh.shared_secret.y.data = alice_yZ;
+
+ if (rte_cryptodev_enqueue_burst(dev_id, 0, &alice_op, 1) != 1) {
+ RTE_LOG(ERR, USER1, "Error sending packet for sign\n");
+ goto error;
+ }
+ while (rte_cryptodev_dequeue_burst(dev_id, 0, &alice_op, 1) == 0)
+ rte_pause();
+
+ if (alice_op->asym->ecdh.shared_secret.x.length !=
+ test_vector->Z.x.length) {
+ RTE_LOG(ERR, USER1, "Incorrect Alice's shared secret length X\n");
+ RTE_LOG(ERR, USER1,
+ "Received = %d Expected = %d\n",
+ (unsigned int)alice_op->asym->ecdh.shared_secret.x.length,
+ (unsigned int)test_vector->Z.x.length
+ );
+ goto error;
+ }
+ if (alice_op->asym->ecdh.shared_secret.y.length != test_vector->Z.y.length) {
+ RTE_LOG(ERR, USER1, "Incorrect Alice's shared secret length Y\n");
+ RTE_LOG(ERR, USER1,
+ "Received = %d Expected = %d\n",
+ (unsigned int)alice_op->asym->ecdh.shared_secret.y.length,
+ (unsigned int)test_vector->Z.y.length
+ );
+ goto error;
+ }
+
+ if (memcmp(alice_op->asym->ecdh.shared_secret.x.data,
+ test_vector->Z.x.data,
+ test_vector->Z.x.length)
+ ) {
+ RTE_LOG(ERR, USER1, "Incorrect Alice's shared secret X\n");
+ debug_hexdump(stdout,
+ "Generated SharedSecret x (Alice):",
+ alice_op->asym->ecdh.shared_secret.x.data,
+ alice_op->asym->ecdh.shared_secret.x.length
+ );
+ goto error;
+ }
+ if (memcmp(alice_op->asym->ecdh.shared_secret.y.data,
+ test_vector->Z.y.data,
+ test_vector->Z.y.length)
+ ) {
+ RTE_LOG(ERR, USER1, "Incorrect Alice's shared secret Y\n");
+ debug_hexdump(stdout,
+ "Generated SharedSecret y (Alice):",
+ alice_op->asym->ecdh.shared_secret.y.data,
+ alice_op->asym->ecdh.shared_secret.y.length
+ );
+ goto error;
+ }
+
+ /*
+ * STEP 2b:
+ * Bob generates shared secret Z, since Alice's public key was already
+ * set when doing verification only, key exchange type needs to be
+ * changed, and setting place where Z will be copied by the PMD.
+ */
+
+ bob_op->asym->ecdh.ke_type = RTE_CRYPTO_ASYM_KE_SHARED_SECRET_COMPUTE;
+ bob_op->asym->ecdh.shared_secret.x.data = bob_xZ;
+ bob_op->asym->ecdh.shared_secret.y.data = bob_yZ;
+
+ if (rte_cryptodev_enqueue_burst(dev_id, 0, &bob_op, 1) != 1) {
+ RTE_LOG(ERR, USER1, "Error sending packet for sign\n");
+ goto error;
+ }
+
+ while (rte_cryptodev_dequeue_burst(dev_id, 0, &bob_op, 1) == 0)
+ rte_pause();
+
+ if (bob_op->asym->ecdh.shared_secret.x.length != test_vector->Z.x.length) {
+ RTE_LOG(ERR, USER1, "Incorrect Bob's shared secret length X\n");
+ RTE_LOG(ERR, USER1,
+ "Received = %d Expected = %d\n",
+ (unsigned int)bob_op->asym->ecdh.shared_secret.x.length,
+ (unsigned int)test_vector->Z.x.length
+ );
+ goto error;
+ }
+ if (bob_op->asym->ecdh.shared_secret.y.length != test_vector->Z.y.length) {
+ RTE_LOG(ERR, USER1, "Incorrect Bob's shared secret length Y\n");
+ RTE_LOG(ERR, USER1,
+ "Received = %d Expected = %d\n",
+ (unsigned int)bob_op->asym->ecdh.shared_secret.y.length,
+ (unsigned int)test_vector->Z.y.length
+ );
+ goto error;
+ }
+
+ if (memcmp(bob_op->asym->ecdh.shared_secret.x.data,
+ test_vector->Z.x.data,
+ test_vector->Z.x.length)
+ ) {
+ RTE_LOG(ERR, USER1, "Incorrect Bob's shared secret X\n");
+ debug_hexdump(stdout,
+ "Generated SharedSecret x (Bob):",
+ bob_op->asym->ecdh.shared_secret.x.data,
+ bob_op->asym->ecdh.shared_secret.x.length
+ );
+ goto error;
+ }
+ if (memcmp(bob_op->asym->ecdh.shared_secret.y.data,
+ test_vector->Z.y.data,
+ test_vector->Z.y.length)
+ ) {
+ RTE_LOG(ERR, USER1, "Incorrect Bob's shared secret Y\n");
+ debug_hexdump(stdout,
+ "Generated SharedSecret y (Bob):",
+ bob_op->asym->ecdh.shared_secret.y.data,
+ bob_op->asym->ecdh.shared_secret.y.length
+ );
+ goto error;
+ }
+
+ /* Both shared secret where correctly verified -> Test passed */
+
+ rte_crypto_op_free(alice_op);
+ rte_crypto_op_free(bob_op);
+ return TEST_SUCCESS;
+error:
+ rte_crypto_op_free(alice_op);
+ rte_crypto_op_free(bob_op);
+ return TEST_FAILED;
+}
+
static void *
dh_alice_bob_set_session(uint8_t dev_id,
struct rte_crypto_op *op,
@@ -2489,6 +2851,10 @@ static struct unit_test_suite cryptodev_qat_asym_testsuite = {
.teardown = testsuite_teardown,
.unit_test_cases = {
TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, test_one_by_one),
+ TEST_CASE_NAMED_WITH_DATA(
+ "Test - ECDH secp256r1, RFC 5114 256",
+ ut_setup_asym, ut_teardown_asym,
+ test_ecdh, &rfc5114_secp256r1),
TEST_CASES_END() /**< NULL terminate unit test array */
}
};
diff --git a/app/test/test_cryptodev_ecdh_test_vectors.h b/app/test/test_cryptodev_ecdh_test_vectors.h
new file mode 100644
index 0000000000..c8151302ed
--- /dev/null
+++ b/app/test/test_cryptodev_ecdh_test_vectors.h
@@ -0,0 +1,144 @@
+/* SPDX-License-Identifier: BSD-3-Clause
+ * Copyright (C) 2022 Intel Corporation
+ */
+
+#ifndef __TEST_CRYPTODEV_ECDH_VECTORS_H__
+#define __TEST_CRYPTODEV_ECDH_VECTORS_H__
+
+#include "rte_crypto_asym.h"
+
+/*
+ * Elliptic Curve Diffie-Hellman test vector struct
+ * Peers are named Alice and Bob
+ * q - is a public key
+ * d - is a private key
+ * Z - is a shared secret
+ */
+
+struct ECDH_test_vector {
+ enum rte_crypto_curve_id curve_id;
+ int curve_bytesize;
+ rte_crypto_uint alice_d;
+ rte_crypto_uint bob_d;
+ struct rte_crypto_ec_point alice_q;
+ struct rte_crypto_ec_point bob_q;
+ struct rte_crypto_ec_point Z;
+};
+
+/*
+ * Elliptic Curve Diffie-Hellman test
+ * It consist of three phases:
+ * - Generation of public key based on private key
+ * - Verification of peer's public key
+ * - Generation of shared secret
+ * Peers in tests are named Alice and Bob
+ */
+
+/* RFC 5114 256-bit Random ECP Group Data */
+
+/*
+ * Alice's parameters
+ */
+static uint8_t rfc5114_256b_dA[] = {
+ 0x81, 0x42, 0x64, 0x14, 0x5F, 0x2F, 0x56, 0xF2,
+ 0xE9, 0x6A, 0x8E, 0x33, 0x7A, 0x12, 0x84, 0x99,
+ 0x3F, 0xAF, 0x43, 0x2A, 0x5A, 0xBC, 0xE5, 0x9E,
+ 0x86, 0x7B, 0x72, 0x91, 0xD5, 0x07, 0xA3, 0xAF,
+};
+
+static uint8_t rfc5114_256b_x_qA[] = {
+ 0x2A, 0xF5, 0x02, 0xF3, 0xBE, 0x89, 0x52, 0xF2,
+ 0xC9, 0xB5, 0xA8, 0xD4, 0x16, 0x0D, 0x09, 0xE9,
+ 0x71, 0x65, 0xBE, 0x50, 0xBC, 0x42, 0xAE, 0x4A,
+ 0x5E, 0x8D, 0x3B, 0x4B, 0xA8, 0x3A, 0xEB, 0x15,
+};
+
+static uint8_t rfc5114_256b_y_qA[] = {
+ 0xEB, 0x0F, 0xAF, 0x4C, 0xA9, 0x86, 0xC4, 0xD3,
+ 0x86, 0x81, 0xA0, 0xF9, 0x87, 0x2D, 0x79, 0xD5,
+ 0x67, 0x95, 0xBD, 0x4B, 0xFF, 0x6E, 0x6D, 0xE3,
+ 0xC0, 0xF5, 0x01, 0x5E, 0xCE, 0x5E, 0xFD, 0x85,
+};
+
+/*
+ * Bob's parameters
+ */
+static uint8_t rfc5114_256b_dB[] = {
+ 0x2C, 0xE1, 0x78, 0x8E, 0xC1, 0x97, 0xE0, 0x96,
+ 0xDB, 0x95, 0xA2, 0x00, 0xCC, 0x0A, 0xB2, 0x6A,
+ 0x19, 0xCE, 0x6B, 0xCC, 0xAD, 0x56, 0x2B, 0x8E,
+ 0xEE, 0x1B, 0x59, 0x37, 0x61, 0xCF, 0x7F, 0x41,
+};
+
+static uint8_t rfc5114_256b_x_qB[] = {
+ 0xB1, 0x20, 0xDE, 0x4A, 0xA3, 0x64, 0x92, 0x79,
+ 0x53, 0x46, 0xE8, 0xDE, 0x6C, 0x2C, 0x86, 0x46,
+ 0xAE, 0x06, 0xAA, 0xEA, 0x27, 0x9F, 0xA7, 0x75,
+ 0xB3, 0xAB, 0x07, 0x15, 0xF6, 0xCE, 0x51, 0xB0,
+};
+
+static uint8_t rfc5114_256b_y_qB[] = {
+ 0x9F, 0x1B, 0x7E, 0xEC, 0xE2, 0x0D, 0x7B, 0x5E,
+ 0xD8, 0xEC, 0x68, 0x5F, 0xA3, 0xF0, 0x71, 0xD8,
+ 0x37, 0x27, 0x02, 0x70, 0x92, 0xA8, 0x41, 0x13,
+ 0x85, 0xC3, 0x4D, 0xDE, 0x57, 0x08, 0xB2, 0xB6,
+};
+
+static uint8_t rfc5114_256b_x_Z[] = {
+ 0xDD, 0x0F, 0x53, 0x96, 0x21, 0x9D, 0x1E, 0xA3,
+ 0x93, 0x31, 0x04, 0x12, 0xD1, 0x9A, 0x08, 0xF1,
+ 0xF5, 0x81, 0x1E, 0x9D, 0xC8, 0xEC, 0x8E, 0xEA,
+ 0x7F, 0x80, 0xD2, 0x1C, 0x82, 0x0C, 0x27, 0x88,
+};
+
+static uint8_t rfc5114_256b_y_Z[] = {
+ 0x03, 0x57, 0xDC, 0xCD, 0x4C, 0x80, 0x4D, 0x0D,
+ 0x8D, 0x33, 0xAA, 0x42, 0xB8, 0x48, 0x83, 0x4A,
+ 0xA5, 0x60, 0x5F, 0x9A, 0xB0, 0xD3, 0x72, 0x39,
+ 0xA1, 0x15, 0xBB, 0xB6, 0x47, 0x93, 0x6F, 0x50,
+};
+
+static struct ECDH_test_vector rfc5114_secp256r1 = {
+ .curve_id = RTE_CRYPTO_EC_GROUP_SECP256R1,
+ .curve_bytesize = 32,
+ .alice_d = {
+ .data = rfc5114_256b_dA,
+ .length = sizeof(rfc5114_256b_dA),
+ },
+ .alice_q = {
+ .x = {
+ .data = rfc5114_256b_x_qA,
+ .length = sizeof(rfc5114_256b_x_qA),
+ },
+ .y = {
+ .data = rfc5114_256b_y_qA,
+ .length = sizeof(rfc5114_256b_y_qA),
+ },
+ },
+ .bob_d = {
+ .data = rfc5114_256b_dB,
+ .length = sizeof(rfc5114_256b_dB)
+ },
+ .bob_q = {
+ .x = {
+ .data = rfc5114_256b_x_qB,
+ .length = sizeof(rfc5114_256b_x_qB),
+ },
+ .y = {
+ .data = rfc5114_256b_y_qB,
+ .length = sizeof(rfc5114_256b_y_qB),
+ },
+ },
+ .Z = {
+ .x = {
+ .data = rfc5114_256b_x_Z,
+ .length = sizeof(rfc5114_256b_x_Z),
+ },
+ .y = {
+ .data = rfc5114_256b_y_Z,
+ .length = sizeof(rfc5114_256b_y_Z),
+ }
+ }
+};
+
+#endif
--
2.17.1
^ permalink raw reply related [flat|nested] 8+ messages in thread
* [dpdk-dev v2 3/3] app/test: add ecdsa kat sessionless tests
2023-03-14 18:34 ` [dpdk-dev v2 0/3] app/test: add asymmetric " Kai Ji
2023-03-14 18:34 ` [dpdk-dev v2 1/3] app/test: add diffie-hellman " Kai Ji
2023-03-14 18:34 ` [dpdk-dev v2 2/3] app/test: add ecdh " Kai Ji
@ 2023-03-14 18:34 ` Kai Ji
2 siblings, 0 replies; 8+ messages in thread
From: Kai Ji @ 2023-03-14 18:34 UTC (permalink / raw
To: dev; +Cc: gakhil, stable, Arkadiusz Kusztal, Kai Ji
From: Arkadiusz Kusztal <arkadiuszx.kusztal@intel.com>
Added sessionless ECDSA known answer test cases to
QAT asym crypto testsuite.
Signed-off-by: Arkadiusz Kusztal <arkadiuszx.kusztal@intel.com>
Signed-off-by: Kai Ji <kai.ji@intel.com>
---
app/test/test_cryptodev_asym.c | 209 +++++++++++++++++++++++++++++++++
1 file changed, 209 insertions(+)
diff --git a/app/test/test_cryptodev_asym.c b/app/test/test_cryptodev_asym.c
index fd5c5788b2..cc603ae805 100644
--- a/app/test/test_cryptodev_asym.c
+++ b/app/test/test_cryptodev_asym.c
@@ -2232,6 +2232,191 @@ test_ecpm_all_curve(void)
return overall_status;
}
+/*
+ * ECDSA Signature generation function
+ */
+static int
+test_ecdsa_sign(const void *input_vector)
+{
+ const struct crypto_testsuite_ecdsa_params *test_vector = input_vector;
+ struct crypto_testsuite_params_asym *ts_params = &testsuite_params;
+ struct rte_mempool *op_mpool = ts_params->op_mpool;
+ struct rte_crypto_op *op;
+ struct rte_crypto_op *result_op = NULL;
+ struct rte_crypto_asym_xform xform = {
+ .next = NULL,
+ .xform_type = RTE_CRYPTO_ASYM_XFORM_ECDSA,
+ .ec.curve_id = test_vector->curve
+ };
+ uint8_t R[test_vector->sign_r.length];
+ uint8_t S[test_vector->sign_s.length];
+ const uint8_t dev_id = ts_params->valid_devs[0];
+ int ret = TEST_SUCCESS;
+
+ op = rte_crypto_op_alloc(op_mpool, RTE_CRYPTO_OP_TYPE_ASYMMETRIC);
+ if (op == NULL) {
+ RTE_LOG(ERR, USER1,
+ "line %u FAILED: %s", __LINE__,
+ "Failed to allocate asymmetric crypto "
+ "operation struct\n");
+ return TEST_FAILED;
+ }
+ /*
+ * Set input data
+ * - Sessionless operation, no session will be created. User is responsible
+ * for taking care of xform lifetime -> in case of ECDSA no keys are stored
+ * in xform so it is not security crucial to clear data, although it is
+ * recommended to clear xform anyway.
+ * - Generation of signature pair R, S.
+ * - Message is a digest of message to be signed.
+ * - k is a random integer in interval (1, n - 1)
+ * - pkey is a private key
+ */
+ op->sess_type = RTE_CRYPTO_OP_SESSIONLESS;
+ op->asym->xform = &xform;
+ op->asym->ecdsa.op_type = RTE_CRYPTO_ASYM_OP_SIGN;
+ op->asym->ecdsa.message.data = test_vector->digest.data;
+ op->asym->ecdsa.message.length = test_vector->digest.length;
+ op->asym->ecdsa.k.data = test_vector->scalar.data;
+ op->asym->ecdsa.k.length = test_vector->scalar.length;
+ op->asym->ecdsa.pkey.data = test_vector->pkey.data;
+ op->asym->ecdsa.pkey.length = test_vector->pkey.length;
+
+ /*
+ * Set output data
+ * Signature pair R, S. Positive integers.
+ */
+ op->asym->ecdsa.r.data = R;
+ op->asym->ecdsa.s.data = S;
+
+ /* Sending packet for signature generation */
+ if (rte_cryptodev_enqueue_burst(dev_id, 0, &op, 1) != 1) {
+ RTE_LOG(ERR, USER1,
+ "line %u FAILED: %s", __LINE__,
+ "Error sending packet for operation\n");
+ ret = TEST_FAILED;
+ goto error_exit;
+ }
+ /* Waiting for packet to be dequeued */
+ while (rte_cryptodev_dequeue_burst(dev_id, 0, &result_op, 1) == 0)
+ rte_pause();
+
+ if (result_op == NULL) {
+ RTE_LOG(ERR, USER1,
+ "line %u FAILED: %s", __LINE__,
+ "Failed to process asym crypto op\n");
+ ret = TEST_FAILED;
+ goto error_exit;
+ }
+
+ if (result_op->status != RTE_CRYPTO_OP_STATUS_SUCCESS) {
+ RTE_LOG(ERR, USER1,
+ "line %u FAILED: %s", __LINE__,
+ "ECDSA generation failed.\n");
+ ret = TEST_FAILED;
+ goto error_exit;
+ }
+
+ /* Generated signature R, S */
+ debug_hexdump(stdout, "R:", result_op->asym->ecdsa.r.data,
+ result_op->asym->ecdsa.r.length);
+ debug_hexdump(stdout, "S:", result_op->asym->ecdsa.s.data,
+ result_op->asym->ecdsa.s.length);
+
+error_exit:
+ rte_crypto_op_free(op);
+ return ret;
+}
+
+/*
+ * ECDSA Signature verification function
+ */
+static int
+test_ecdsa_verify(const void *input_vector)
+{
+ const struct crypto_testsuite_ecdsa_params *test_vector = input_vector;
+ struct crypto_testsuite_params_asym *ts_params = &testsuite_params;
+ struct rte_mempool *op_mpool = ts_params->op_mpool;
+ struct rte_crypto_op *op;
+ struct rte_crypto_op *result_op = NULL;
+ struct rte_crypto_asym_xform xform = {
+ .next = NULL,
+ .xform_type = RTE_CRYPTO_ASYM_XFORM_ECDSA,
+ .ec.curve_id = test_vector->curve
+ };
+ const uint8_t dev_id = ts_params->valid_devs[0];
+ int ret = TEST_SUCCESS;
+
+ op = rte_crypto_op_alloc(op_mpool, RTE_CRYPTO_OP_TYPE_ASYMMETRIC);
+ if (op == NULL) {
+ RTE_LOG(ERR, USER1,
+ "line %u FAILED: %s", __LINE__,
+ "Failed to allocate asymmetric crypto "
+ "operation struct\n");
+ ret = TEST_FAILED;
+ goto error_exit;
+ }
+ /*
+ * Set input data
+ * - Sessionless operation, no session will be created. User is responsible
+ * for taking care of xform lifetime -> in case of ECDSA no keys are stored
+ * in xform so it is not security crucial to clear data, although it is
+ * recommended to clear xform anyway.
+ * - Verification of signature pair R, S.
+ * - Message is a digest of message that was signed.
+ * - q is a public key
+ */
+ op->sess_type = RTE_CRYPTO_OP_SESSIONLESS;
+ op->asym->xform = &xform;
+ op->asym->ecdsa.op_type = RTE_CRYPTO_ASYM_OP_VERIFY;
+ op->asym->ecdsa.message.data = test_vector->digest.data;
+ op->asym->ecdsa.message.length = test_vector->digest.length;
+ op->asym->ecdsa.q.x.data = test_vector->pubkey_qx.data;
+ op->asym->ecdsa.q.x.length = test_vector->pubkey_qx.length;
+ op->asym->ecdsa.q.y.data = test_vector->pubkey_qy.data;
+ op->asym->ecdsa.q.y.length = test_vector->pubkey_qx.length;
+ op->asym->ecdsa.r.data = test_vector->sign_r.data;
+ op->asym->ecdsa.r.length = test_vector->sign_r.length;
+ op->asym->ecdsa.s.data = test_vector->sign_s.data;
+ op->asym->ecdsa.s.length = test_vector->sign_s.length;
+
+ /* Sending packet for signature generation */
+ if (rte_cryptodev_enqueue_burst(dev_id, 0, &op, 1) != 1) {
+ RTE_LOG(ERR, USER1,
+ "line %u FAILED: %s", __LINE__,
+ "Error sending packet for operation\n");
+ ret = TEST_FAILED;
+ goto error_exit;
+ }
+ /* Waiting for packet to be dequeued */
+ while (rte_cryptodev_dequeue_burst(dev_id, 0, &result_op, 1) == 0)
+ rte_pause();
+
+ if (result_op == NULL) {
+ RTE_LOG(ERR, USER1,
+ "line %u FAILED: %s", __LINE__,
+ "Failed to process asym crypto op\n");
+ ret = TEST_FAILED;
+ goto error_exit;
+ }
+
+ /*
+ * If result_op->status equals RTE_CRYPTO_OP_STATUS_SUCCESS
+ * signature was verified correctly
+ */
+ if (result_op->status != RTE_CRYPTO_OP_STATUS_SUCCESS) {
+ RTE_LOG(ERR, USER1,
+ "line %u FAILED: %s", __LINE__,
+ "ECDSA verify failed.\n");
+ ret = TEST_FAILED;
+ goto error_exit;
+ }
+
+error_exit:
+ rte_crypto_op_free(op);
+ return ret;
+}
+
static int
test_ecdh(const void *input_vector)
{
@@ -2851,6 +3036,30 @@ static struct unit_test_suite cryptodev_qat_asym_testsuite = {
.teardown = testsuite_teardown,
.unit_test_cases = {
TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, test_one_by_one),
+ TEST_CASE_NAMED_WITH_DATA(
+ "Test - ECDSA secp256r1 signature generation",
+ ut_setup_asym, ut_teardown_asym,
+ test_ecdsa_sign, &ecdsa_param_secp256r1),
+ TEST_CASE_NAMED_WITH_DATA(
+ "Test - ECDSA secp256r1 signature verification",
+ ut_setup_asym, ut_teardown_asym,
+ test_ecdsa_verify, &ecdsa_param_secp256r1),
+ TEST_CASE_NAMED_WITH_DATA(
+ "Test - ECDSA secp384r1 signature generation",
+ ut_setup_asym, ut_teardown_asym,
+ test_ecdsa_sign, &ecdsa_param_secp384r1),
+ TEST_CASE_NAMED_WITH_DATA(
+ "Test - ECDSA secp384r1 signature verification",
+ ut_setup_asym, ut_teardown_asym,
+ test_ecdsa_verify, &ecdsa_param_secp384r1),
+ TEST_CASE_NAMED_WITH_DATA(
+ "Test - ECDSA secp521r1 signature generation",
+ ut_setup_asym, ut_teardown_asym,
+ test_ecdsa_sign, &ecdsa_param_secp521r1),
+ TEST_CASE_NAMED_WITH_DATA(
+ "Test - ECDSA secp521r1 signature verification",
+ ut_setup_asym, ut_teardown_asym,
+ test_ecdsa_verify, &ecdsa_param_secp521r1),
TEST_CASE_NAMED_WITH_DATA(
"Test - ECDH secp256r1, RFC 5114 256",
ut_setup_asym, ut_teardown_asym,
--
2.17.1
^ permalink raw reply related [flat|nested] 8+ messages in thread
* RE: [EXT] [dpdk-dev v2 1/3] app/test: add diffie-hellman test cases
2023-03-14 18:34 ` [dpdk-dev v2 1/3] app/test: add diffie-hellman " Kai Ji
@ 2023-06-23 10:29 ` Gowrishankar Muthukrishnan
0 siblings, 0 replies; 8+ messages in thread
From: Gowrishankar Muthukrishnan @ 2023-06-23 10:29 UTC (permalink / raw
To: Kai Ji, dev@dpdk.org; +Cc: Akhil Goyal, stable@dpdk.org, Arkadiusz Kusztal
> diff --git a/app/test/test_cryptodev_asym.c b/app/test/test_cryptodev_asym.c
> index 5b16dcab56..b9034b637a 100644
> --- a/app/test/test_cryptodev_asym.c
> +++ b/app/test/test_cryptodev_asym.c
> @@ -64,6 +64,39 @@ static uint32_t test_index;
>
> static struct crypto_testsuite_params_asym testsuite_params = { NULL };
>
> +static void
> +test_crypto_rand(int len, uint8_t *buffer) {
Just a minor suggestion on params order here (below), for ease in readability.
test_crypto_rand(uint8_t *buffer, int len)
> + int i;
> +
> + for (i = 0; i < len; ++i)
> + buffer[i] = (uint8_t)(rand() % ((uint8_t)-1)) | 1; }
rand() % UINT8_MAX easier ?
Also } in next line.
> +
> +static int
> +process_crypto_request(uint8_t dev_id, struct rte_crypto_op **op,
> + struct rte_crypto_op **result_op)
> +{
> + /* Process crypto operation */
> + if (rte_cryptodev_enqueue_burst(dev_id, 0, op, 1) != 1) {
> + RTE_LOG(ERR, USER1,
> + "line %u FAILED: %s",
> + __LINE__, "Error sending packet for operation");
> + return -1;
> + }
> +
> + while (rte_cryptodev_dequeue_burst(dev_id, 0, result_op, 1) == 0)
> + rte_pause();
> +
> + if (*result_op == NULL) {
> + RTE_LOG(ERR, USER1,
> + "line %u FAILED: %s",
> + __LINE__, "Failed to process asym crypto op");
> + return -1;
> + }
> + return 0;
> +}
> +
> static int
> queue_ops_rsa_sign_verify(void *sess)
> {
> @@ -809,6 +842,8 @@ testsuite_setup(void)
> test_vector.size = 0;
> load_test_vectors();
>
> + srand(time(NULL));
> +
> /* Device, op pool and session configuration for asymmetric crypto. 8<
> */
> ts_params->op_mpool = rte_crypto_op_pool_create(
> "CRYPTO_ASYM_OP_POOL",
> @@ -2196,6 +2231,219 @@ test_ecpm_all_curve(void)
> return overall_status;
> }
>
> +static void *
> +dh_alice_bob_set_session(uint8_t dev_id,
> + struct rte_crypto_op *op,
> + const struct test_dh_group *group)
> +{
> + struct rte_crypto_asym_xform xform = { };
> + void *sess = NULL;
> + int ret = 0;
> +
> + xform.xform_type = RTE_CRYPTO_ASYM_XFORM_DH;
> + xform.dh.g.data = group->g.data;
> + xform.dh.g.length = group->g.bytesize;
> + xform.dh.p.data = group->p.data;
> + xform.dh.p.length = group->p.bytesize;
> + ret = rte_cryptodev_asym_session_create(dev_id, &xform,
> + testsuite_params.session_mpool, &sess);
> + if (ret)
> + return NULL;
> +
> + rte_crypto_op_attach_asym_session(op, sess);
> + return sess;
> +}
> +
> +static void
> +dh_alice_bob_gen_x(const struct test_dh_group *group,
> + uint8_t *private_data)
> +{
> + test_crypto_rand(group->priv_ff_size, private_data);
> + if (private_data[0] > group->p.data[0])
> + private_data[0] = group->p.data[0] - 1; }
} in next line.
> +
> +static int
> +dh_alice_bob_gen_y(struct rte_crypto_op *op,
> + const char *name,
> + const uint8_t dev_id,
Could this order be dev_id, name, op etc ??
> + uint8_t *y,
> + uint8_t *x,
> + const int ff_size)
> +{
> + struct rte_crypto_op *result_op;
> + int ret = 0;
> +
> + op->asym->dh.ke_type = RTE_CRYPTO_ASYM_KE_PUB_KEY_GENERATE;
> + op->asym->dh.pub_key.data = y;
> + op->asym->dh.priv_key.data = x;
> + op->asym->dh.priv_key.length = ff_size;
> +
> + ret = process_crypto_request(dev_id, &op, &result_op);
> + TEST_ASSERT_SUCCESS(ret, "Failed to compute public key for %s",
> name);
> +
> + return 0;
> +}
> +
> +static int
> +dh_alice_bob_shared_compute(uint8_t dev_id,
> + const char *name,
> + struct rte_crypto_op *op,
> + uint8_t *secret,
> + uint8_t *peer,
> + uint32_t peer_size)
> +{
> + struct rte_crypto_op *result_op;
> + int ret = 0;
> +
> + op->asym->dh.ke_type =
> RTE_CRYPTO_ASYM_KE_SHARED_SECRET_COMPUTE;
> + op->asym->dh.pub_key.data = peer;
> + op->asym->dh.pub_key.length = peer_size;
> + op->asym->dh.shared_secret.data = secret;
> +
> + ret = process_crypto_request(dev_id, &op, &result_op);
> + TEST_ASSERT_SUCCESS(ret,
> + "Failed to compute shared secret for %s",
> + name);
> +
> + return 0;
> +}
> +
> +/* Diffie-Hellman test to verify the processed data */ static int
Patch format incorrect ?
> +dh_alice_bob_verify(struct rte_crypto_op *alice_op,
> + struct rte_crypto_op *bob_op)
> +{
> + int ret = 0;
> +
> + /* Verify processed data */
> + ret = (alice_op->asym->dh.shared_secret.length ==
> + bob_op->asym->dh.shared_secret.length);
Is 0 length allowed ?
> + if (!ret) {
> + RTE_LOG(ERR, USER1, "line %u FAILED: %s", __LINE__,
> + "Alice's and Bob's shared secret length do not match.");
> + return TEST_FAILED;
> + }
> + ret = memcmp(alice_op->asym->dh.shared_secret.data,
> + alice_op->asym->dh.shared_secret.data,
> + bob_op->asym->dh.shared_secret.length);
> + if (ret) {
> + RTE_LOG(ERR, USER1, "line %u FAILED: %s", __LINE__,
> + "Alice's and Bob's shared secret do not match.");
> + return TEST_FAILED;
> + }
> + return TEST_SUCCESS;
> +}
> +
<cut..>
> +static const struct test_dh_group test_dh_ikev2group_24 = {
> + .id = 0,
> + /*
> + * Officially 24, ikev2
> + */
> + .g = {
> + .data = test_dh_ikev2group24_g,
> + .bytesize = sizeof(test_dh_ikev2group24_g),
> + },
> + .p = {
> + .data = test_dh_ikev2group24_p,
> + .bytesize = sizeof(test_dh_ikev2group24_p),
> + },
> + .priv_ff_size = 32,
> +};
> +
Below are suppose to be 2/3 patch right ?
> +static const struct test_dh_group test_ecdh_secp256r1 = {
> + .id = RTE_CRYPTO_EC_GROUP_SECP256R1,
> + .priv_ff_size = 32,
> +};
> +static const struct test_dh_group test_ecdh_secp384r1 = {
> + .id = RTE_CRYPTO_EC_GROUP_SECP384R1,
> + .priv_ff_size = 48,
> +};
> +static const struct test_dh_group test_ecdh_secp521r1 = {
> + .id = RTE_CRYPTO_EC_GROUP_SECP521R1,
> + .priv_ff_size = 64,
> +};
> +
> +
> #endif /* TEST_CRYPTODEV_DH_TEST_VECTORS_H__ */
> --
> 2.17.1
^ permalink raw reply [flat|nested] 8+ messages in thread
end of thread, other threads:[~2023-06-23 10:29 UTC | newest]
Thread overview: 8+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2023-03-14 0:12 [dpdk-dev v1 1/2] app/test: add diffie-hellman test cases Kai Ji
2023-03-14 0:12 ` [dpdk-dev v1 2/2] app/test: add ecdh " Kai Ji
2023-03-14 10:54 ` [EXT] [dpdk-dev v1 1/2] app/test: add diffie-hellman " Akhil Goyal
2023-03-14 18:34 ` [dpdk-dev v2 0/3] app/test: add asymmetric " Kai Ji
2023-03-14 18:34 ` [dpdk-dev v2 1/3] app/test: add diffie-hellman " Kai Ji
2023-06-23 10:29 ` [EXT] " Gowrishankar Muthukrishnan
2023-03-14 18:34 ` [dpdk-dev v2 2/3] app/test: add ecdh " Kai Ji
2023-03-14 18:34 ` [dpdk-dev v2 3/3] app/test: add ecdsa kat sessionless tests Kai Ji
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.