This commit reworks rsa test implementation to be conformant
to the RSA API.
Simulation of PKCS1_5 padding was added to be used with PADDING_NONE
option.
Signed-off-by: Arek Kusztal <arkadiuszx.kusz...@intel.com>
---
app/test/test_cryptodev_asym.c | 44 ++++++++++++++++++++++++-------
app/test/test_cryptodev_asym_util.h | 52 +++++++++++++++++++++++++++++++++++++
2 files changed, 87 insertions(+), 9 deletions(-)
diff --git a/app/test/test_cryptodev_asym.c b/app/test/test_cryptodev_asym.c
index fc92d3d..ae43861 100644
--- a/app/test/test_cryptodev_asym.c
+++ b/app/test/test_cryptodev_asym.c
@@ -402,7 +402,7 @@ test_rsa_sign_verify(void)
asym_op->rsa.message.data = input_buf;
asym_op->rsa.message.length = rsaplaintext.len;
asym_op->rsa.sign.data = output_buf;
- asym_op->rsa.pad = RTE_CRYPTO_RSA_PKCS1_V1_5_BT1;
+ asym_op->rsa.padding = RTE_CRYPTO_RSA_PADDING_PKCS1;
debug_hexdump(stdout, "message", asym_op->rsa.message.data,
asym_op->rsa.message.length);
@@ -437,7 +437,7 @@ test_rsa_sign_verify(void)
/* Verify sign */
asym_op->rsa.op_type = RTE_CRYPTO_ASYM_OP_VERIFY;
- asym_op->rsa.pad = RTE_CRYPTO_RSA_PKCS1_V1_5_BT2;
+ asym_op->rsa.padding = RTE_CRYPTO_RSA_PADDING_PKCS1;
/* Process crypto operation */
if (rte_cryptodev_enqueue_burst(dev_id, 0, &op, 1) != 1) {
@@ -483,7 +483,7 @@ test_rsa_sign_verify(void)
}
static int
-test_rsa_enc_dec(void)
+test_rsa_enc_dec(enum rte_crypto_rsa_padding_type padding)
{
struct crypto_testsuite_params *ts_params = &testsuite_params;
struct rte_mempool *op_mpool = ts_params->op_mpool;
@@ -495,6 +495,7 @@ test_rsa_enc_dec(void)
struct rte_cryptodev_asym_session *sess = NULL;
int status = TEST_SUCCESS;
uint8_t input_buf[TEST_DATA_SIZE] = {0};
+ uint8_t cipher_buf[TEST_DATA_SIZE] = {0};
/* test case supports op with exponent key only,
* Check in PMD feature flag for RSA exponent key type support.
@@ -542,12 +543,18 @@ test_rsa_enc_dec(void)
asym_op = op->asym;
/*Compute encryption on the test vector */
asym_op->rsa.op_type = RTE_CRYPTO_ASYM_OP_ENCRYPT;
-
- memcpy(input_buf, rsaplaintext.data,
- rsaplaintext.len);
asym_op->rsa.message.data = input_buf;
asym_op->rsa.message.length = rsaplaintext.len;
- asym_op->rsa.pad = RTE_CRYPTO_RSA_PKCS1_V1_5_BT2;
+ asym_op->rsa.cipher.data = cipher_buf;
+ asym_op->rsa.cipher.length = 0;
+ asym_op->rsa.padding = padding;
+ if (padding == RTE_CRYPTO_RSA_PADDING_NONE) {
+ rsa_simulate_pkcs1_5_padding(0, input_buf,
rsa_xform.rsa.n.length,
+ rsaplaintext.data, rsaplaintext.len);
+ asym_op->rsa.message.length = rsa_xform.rsa.n.length;
+ } else
+ memcpy(input_buf, rsaplaintext.data,
+ rsaplaintext.len);
debug_hexdump(stdout, "message", asym_op->rsa.message.data,
asym_op->rsa.message.length);
@@ -581,7 +588,7 @@ test_rsa_enc_dec(void)
/* Use the resulted output as decryption Input vector*/
asym_op = result_op->asym;
asym_op->rsa.op_type = RTE_CRYPTO_ASYM_OP_DECRYPT;
- asym_op->rsa.pad = RTE_CRYPTO_RSA_PKCS1_V1_5_BT1;
+ asym_op->rsa.padding = padding;
/* Process crypto operation */
if (rte_cryptodev_enqueue_burst(dev_id, 0, &op, 1) != 1) {
@@ -604,7 +611,15 @@ test_rsa_enc_dec(void)
}
status = TEST_SUCCESS;
int ret = 0;
+
+ if (padding == RTE_CRYPTO_RSA_PADDING_NONE) {
+ result_op->asym->rsa.message.length =
+
rsa_simulate_strip_pkcs1_5_padding(result_op->asym->rsa.message.data,
+ rsa_xform.rsa.n.length);
+ }
+
ret = rsa_verify(&rsaplaintext, result_op);
+
if (ret)
status = TEST_FAILED;
@@ -624,6 +639,16 @@ test_rsa_enc_dec(void)
}
static int
+test_rsa_enc_dec_pkcs_1(void){
+ return test_rsa_enc_dec(RTE_CRYPTO_RSA_PADDING_PKCS1);
+}
+
+static int
+test_rsa_enc_dec_pkcs_1_none(void){
+ return test_rsa_enc_dec(RTE_CRYPTO_RSA_PADDING_NONE);
+}
+
+static int
testsuite_setup(void)
{
struct crypto_testsuite_params *ts_params = &testsuite_params;
@@ -1684,7 +1709,8 @@ static struct unit_test_suite
cryptodev_openssl_asym_testsuite = {
TEST_CASE_ST(ut_setup, ut_teardown, test_capability),
TEST_CASE_ST(ut_setup, ut_teardown, test_dsa),
TEST_CASE_ST(ut_setup, ut_teardown, test_dh_keygenration),
- TEST_CASE_ST(ut_setup, ut_teardown, test_rsa_enc_dec),
+ TEST_CASE_ST(ut_setup, ut_teardown, test_rsa_enc_dec_pkcs_1),
+ TEST_CASE_ST(ut_setup, ut_teardown,
test_rsa_enc_dec_pkcs_1_none),
TEST_CASE_ST(ut_setup, ut_teardown, test_rsa_sign_verify),
TEST_CASE_ST(ut_setup, ut_teardown, test_mod_inv),
TEST_CASE_ST(ut_setup, ut_teardown, test_mod_exp),
diff --git a/app/test/test_cryptodev_asym_util.h
b/app/test/test_cryptodev_asym_util.h
index b3d9fb4..484b967 100644
--- a/app/test/test_cryptodev_asym_util.h
+++ b/app/test/test_cryptodev_asym_util.h
@@ -7,6 +7,58 @@
/* Below Apis compare resulted buffer to original test vector */
+/*
+ * Two functions below simulate pkcs 1.5 padding and serves only as an example,
+ * both offer no security.
+ */
+static inline int rsa_simulate_pkcs1_5_padding(int op, uint8_t *p,
+ int key_size, const uint8_t *src, int len) {
+
+ int ps_len;
+
+ if (len > key_size - 11)
+ return -1;
+ ps_len = key_size - len - 3;
+
+ *(p++) = 0;
+ *(p++) = op ? 1 : 2;
+ if (op) {
+ while (ps_len--)
+ *p = 0xFF;
+ } else {
+ while (ps_len--) {
+ *p = (uint8_t)rand();
+ *p ^= !(*p);
+ p++;
+ }
+ }
+
+ *(p++) = 0;
+ memcpy(p, src, len);
+
+ return 0;
+}
+
+static inline int rsa_simulate_strip_pkcs1_5_padding(uint8_t *src,
+ int key_size) {
+ uint8_t tmp[key_size], *orig_src = src;
+ int i = 1;
+ ++src;
+ while (*(src) && i < key_size) {
+ ++i;
+ ++src;
+ }
+ if (i == key_size)
+ return -1;
+
+ ++i;
+ ++src;
+
+ memcpy(tmp, src, key_size - i);
+ memcpy(orig_src, tmp, key_size - i);
+ return key_size - i;
+}
+
static inline int rsa_verify(struct rsa_test_data *rsa_param,
struct rte_crypto_op *result_op)
{
--
2.1.0
