Hi,
> -----Original Message-----
> From: Kusztal, ArkadiuszX <arkadiuszx.kusz...@intel.com>
> Sent: Tuesday, March 22, 2022 9:11 AM
> To: dev@dpdk.org
> Cc: gak...@marvell.com; Zhang, Roy Fan <roy.fan.zh...@intel.com>;
> ano...@marvell.com; Kusztal, ArkadiuszX <arkadiuszx.kusz...@intel.com>
> Subject: [RFC PATCH 2/2] test: add proper pkcs1 signature tests for rsa
>
> This commit adds example pkcs1 signature tests.
>
> Signed-off-by: Arek Kusztal <arkadiuszx.kusz...@intel.com>
> ---
> app/test/test_cryptodev_asym.c | 249
> +++++++++++++++++++++++++++++--
> drivers/crypto/openssl/rte_openssl_pmd.c | 34 ++++-
> lib/cryptodev/rte_crypto_asym.h | 6 +-
> 3 files changed, 270 insertions(+), 19 deletions(-)
>
> diff --git a/app/test/test_cryptodev_asym.c b/app/test/test_cryptodev_asym.c
> index 71378cbdb2..512eb34377 100644
> --- a/app/test/test_cryptodev_asym.c
> +++ b/app/test/test_cryptodev_asym.c
> @@ -15,6 +15,7 @@
>
> #include <rte_cryptodev.h>
> #include <rte_crypto.h>
> +#include <openssl/rsa.h>
>
> #include "test_cryptodev.h"
> #include "test_cryptodev_dh_test_vectors.h"
> @@ -163,6 +164,222 @@ queue_ops_rsa_sign_verify(void *sess)
> return status;
> }
>
> +/* DPDK RFC RSA 22.07 */
> +
> +static uint8_t
> +rsa_sign_pkcs_15_pt[] = {
> + 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
> + 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, 0x10,
> + 0x11, 0x12, 0x13, 0x14,
> +};
> +
> +static uint8_t
> +rsa_sign_pkcs_15_pt_sha256[] = {
> + 0xB1, 0xB2, 0xB3, 0xB4, 0xA1, 0xA2, 0xA3, 0xA4,
> + 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
> + 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, 0x10,
> + 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, };
> +
> +static uint8_t
> +rsa_sign_pkcs_15_padded[] = {
> + 0x00, 0x01, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
> + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
> + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
> + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
> + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
> + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
> + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
> + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
> + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
> + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
> + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
> + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
> + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
> + 0xFF, 0xFF, 0xFF, 0x00, 0x01, 0x02, 0x03, 0x04,
> + 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C,
> + 0x0D, 0x0E, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14,
> +};
> +
> +static uint8_t
> +rsa_sign_pkcs_15_padded_digestinfo_sha1[] = {
> + 0x00, 0x01, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
> + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
> + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
> + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
> + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
> + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
> + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
> + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
> + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
> + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
> + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
> + 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x30, 0x21, 0x30,
> + 0x09, 0x06, 0x05, 0x2b, 0x0e, 0x03, 0x02, 0x1a,
> + 0x05, 0x00, 0x04, 0x14, 0x01, 0x02, 0x03, 0x04,
> + 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C,
> + 0x0D, 0x0E, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14,
> +};
> +
> +static uint8_t
> +rsa_sign_pkcs_15_padded_digestinfo_sha256[] = {
> + 0x00, 0x01, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
> + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
> + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
> + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
> + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
> + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
> + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
> + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
> + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
> + 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x30, 0x31, 0x30,
> + 0x0d, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65,
> + 0x03, 0x04, 0x02, 0x01, 0x05, 0x00, 0x04, 0x20,
> + 0xB1, 0xB2, 0xB3, 0xB4, 0xA1, 0xA2, 0xA3, 0xA4,
> + 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
> + 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, 0x10,
> + 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, };
> +
> +static void*
> +rfc2207_rsa_sign_pkcs_15_sesscreat(void)
> +{
> + struct crypto_testsuite_params_asym *ts_params = &testsuite_params;
> + struct rte_mempool *sess_mpool = ts_params->session_mpool;
> + uint8_t dev_id = ts_params->valid_devs[0];
> + static void *sess = NULL;
> + int ret;
> +
> + if (sess)
> + return sess;
> + ret = rte_cryptodev_asym_session_create(dev_id, &rsa_xform,
> +sess_mpool, &sess);
> +
> + if (ret < 0) {
> + RTE_LOG(ERR, USER1, "Session creation failed for "
> + "sign_verify\n");
> + return NULL;
> + }
> + return sess;
> +}
> +
> +struct rfc2207_rsa_test_data
> +{
> + enum rte_crypto_rsa_padding_type type;
> + rte_crypto_param input;
> + enum rte_crypto_auth_algorithm hash;
> +};
> +
[Arek] - rfc2207_rsa_test_data_ssl23 and rfc2207_rsa_test_data_pkcs15_sha1
creates PKCS1_5 signature from same data, but signatures are different as
RTE_CRYPTO_RSA_PADDING_SSL23 (PKCS1_5 flag in other patch) which is what we
currently have in Cryptodev does not use AlgorithmIdentifier.
> +struct rfc2207_rsa_test_data
> +rfc2207_rsa_test_data_ssl23 = {
> + .type = RTE_CRYPTO_RSA_PADDING_SSL23,
> + .input.data = rsa_sign_pkcs_15_pt,
> + .input.length = sizeof(rsa_sign_pkcs_15_pt), };
> +
> +struct rfc2207_rsa_test_data
> +rfc2207_rsa_test_data_ssl23_padded = {
> + .type = RTE_CRYPTO_RSA_PADDING_NONE,
> + .input.data = rsa_sign_pkcs_15_padded,
> + .input.length = sizeof(rsa_sign_pkcs_15_padded), };
> +
> +struct rfc2207_rsa_test_data
> +rfc2207_rsa_test_data_pkcs15_sha1 = {
> + .type = RTE_CRYPTO_RSA_PADDING_PKCS1_5,
> + .hash = RTE_CRYPTO_AUTH_SHA1,
> + .input.data = rsa_sign_pkcs_15_pt,
> + .input.length = sizeof(rsa_sign_pkcs_15_pt), };
> +
> +struct rfc2207_rsa_test_data
> +rfc2207_rsa_test_data_pkcs15_digestinfo_sha1 = {
> + .type = RTE_CRYPTO_RSA_PADDING_NONE,
> + .input.data = rsa_sign_pkcs_15_padded_digestinfo_sha1,
> + .input.length = sizeof(rsa_sign_pkcs_15_padded_digestinfo_sha1),
> +};
> +
> +struct rfc2207_rsa_test_data
> +rfc2207_rsa_test_data_pkcs15_sha256 = {
> + .type = RTE_CRYPTO_RSA_PADDING_PKCS1_5,
> + .hash = RTE_CRYPTO_AUTH_SHA256,
> + .input.data = rsa_sign_pkcs_15_pt_sha256,
> + .input.length = sizeof(rsa_sign_pkcs_15_pt_sha256),
> +};
> +
> +struct rfc2207_rsa_test_data
> +rfc2207_rsa_test_data_pkcs15_digestinfo_sha256 = {
> + .type = RTE_CRYPTO_RSA_PADDING_NONE,
> + .input.data = rsa_sign_pkcs_15_padded_digestinfo_sha256,
> + .input.length = sizeof(rsa_sign_pkcs_15_padded_digestinfo_sha256),
> +};
> +
> +struct rfc2207_rsa_test_data
> +rfc2207_rsa_test_data_pkcs15_oaep = {
> + .type = RTE_CRYPTO_RSA_PADDING_NONE,
> + .input.data = rsa_sign_pkcs_15_padded_digestinfo_sha256,
> + .input.length = sizeof(rsa_sign_pkcs_15_padded_digestinfo_sha256),
> +};
> +
> +static int
> +rfc2207_rsa_sign_pkcs_15(const void *test_data) {
> + struct crypto_testsuite_params_asym *ts_params;
> + uint8_t dev_id;
> + struct rte_crypto_op *op, *result_op;
> + struct rte_crypto_asym_op *asym_op;
> + struct rte_mempool *op_mpool;
> + void *sess;
> + uint8_t result[TEST_DATA_SIZE];
> + const struct rfc2207_rsa_test_data *tdata = test_data;
> +
> + ts_params = &testsuite_params;
> + dev_id = ts_params->valid_devs[0];
> + op_mpool = ts_params->op_mpool;
> + op = rte_crypto_op_alloc(op_mpool,
> RTE_CRYPTO_OP_TYPE_ASYMMETRIC);
> + if (op == NULL) {
> + RTE_LOG(ERR, USER1, "Failed to allocate asymmetric crypto "
> + "operation struct\n");
> + return TEST_FAILED;
> + }
> +
> + sess = rfc2207_rsa_sign_pkcs_15_sesscreat();
> + if (sess == NULL) {
> + RTE_LOG(ERR, USER1, "Failed to allocate asymmetric crypto "
> + "operation struct\n");
> + return TEST_FAILED;
> + }
> +
> + asym_op = op->asym;
> + asym_op->rsa.op_type = RTE_CRYPTO_ASYM_OP_SIGN;
> + asym_op->rsa.padding.type = tdata->type;
> + asym_op->rsa.padding.hash = tdata->hash;
> + asym_op->rsa.input = tdata->input;
> + asym_op->rsa.output.data = result;
> +
> + rte_crypto_op_attach_asym_session(op, sess);
> +
> + /* Process crypto operation */
> + if (rte_cryptodev_enqueue_burst(dev_id, 0, &op, 1) != 1) {
> + RTE_LOG(ERR, USER1, "Error sending packet for encryption\n");
> + return -1;
> + }
> +
> + while (rte_cryptodev_dequeue_burst(dev_id, 0, &result_op, 1) == 0)
> + rte_pause();
> +
> + if (result_op == NULL) {
> + RTE_LOG(ERR, USER1, "Failed to process encryption op\n");
> + return -1;
> + }
> +
> + printf("\nOutput len = %lu", asym_op->rsa.output.length);
> + rte_hexdump(stdout, "Signature", asym_op->rsa.output.data,
> +asym_op->rsa.output.length);
> +
> + return 0;
> +}
> +
> +/* !---! DPDK RFC RSA 22.07 */
> +
> static int
> queue_ops_rsa_enc_dec(void *sess)
> {
> @@ -2147,20 +2364,32 @@ static struct unit_test_suite
> cryptodev_openssl_asym_testsuite = {
> .setup = testsuite_setup,
> .teardown = testsuite_teardown,
> .unit_test_cases = {
> - TEST_CASE_ST(ut_setup_asym, ut_teardown_asym,
> test_capability),
> - TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, test_dsa),
> - TEST_CASE_ST(ut_setup_asym, ut_teardown_asym,
> + TEST_CASE_ST_DISABLED(ut_setup_asym, ut_teardown_asym,
> test_capability),
> + TEST_CASE_ST_DISABLED(ut_setup_asym, ut_teardown_asym,
> test_dsa),
> + TEST_CASE_ST_DISABLED(ut_setup_asym, ut_teardown_asym,
> test_dh_keygenration),
> - TEST_CASE_ST(ut_setup_asym, ut_teardown_asym,
> test_rsa_enc_dec),
> - TEST_CASE_ST(ut_setup_asym, ut_teardown_asym,
> + TEST_CASE_ST_DISABLED(ut_setup_asym, ut_teardown_asym,
> test_rsa_enc_dec),
> + TEST_CASE_ST_DISABLED(ut_setup_asym, ut_teardown_asym,
> test_rsa_sign_verify),
> - TEST_CASE_ST(ut_setup_asym, ut_teardown_asym,
> + TEST_CASE_ST_DISABLED(ut_setup_asym, ut_teardown_asym,
> test_rsa_enc_dec_crt),
> - TEST_CASE_ST(ut_setup_asym, ut_teardown_asym,
> + TEST_CASE_ST_DISABLED(ut_setup_asym, ut_teardown_asym,
> test_rsa_sign_verify_crt),
> - TEST_CASE_ST(ut_setup_asym, ut_teardown_asym,
> test_mod_inv),
> - TEST_CASE_ST(ut_setup_asym, ut_teardown_asym,
> test_mod_exp),
> - TEST_CASE_ST(ut_setup_asym, ut_teardown_asym,
> test_one_by_one),
> + TEST_CASE_ST_DISABLED(ut_setup_asym, ut_teardown_asym,
> test_mod_inv),
> + TEST_CASE_ST_DISABLED(ut_setup_asym, ut_teardown_asym,
> test_mod_exp),
> + TEST_CASE_ST_DISABLED(ut_setup_asym, ut_teardown_asym,
> test_one_by_one),
> +
> TEST_CASE_NAMED_WITH_DATA("rfc2207_rsa_sign_pkcs_15_ssl23",
> ut_setup_asym, ut_teardown_asym,
> + rfc2207_rsa_sign_pkcs_15,
> &rfc2207_rsa_test_data_ssl23),
> +
> TEST_CASE_NAMED_WITH_DATA("rfc2207_rsa_sign_pkcs_15_ssl23_pa
> dded", ut_setup_asym, ut_teardown_asym,
> + rfc2207_rsa_sign_pkcs_15,
> &rfc2207_rsa_test_data_ssl23_padded),
> +
> TEST_CASE_NAMED_WITH_DATA("rfc2207_rsa_sign_pkcs_15_sha1",
> ut_setup_asym, ut_teardown_asym,
> + rfc2207_rsa_sign_pkcs_15,
> &rfc2207_rsa_test_data_pkcs15_sha1),
> +
> TEST_CASE_NAMED_WITH_DATA("rfc2207_rsa_sign_pkcs_15_digestinf
> o_sha1", ut_setup_asym, ut_teardown_asym,
> + rfc2207_rsa_sign_pkcs_15,
> &rfc2207_rsa_test_data_pkcs15_digestinfo_sha1),
> +
> TEST_CASE_NAMED_WITH_DATA("rfc2207_rsa_sign_pkcs_15_sha256",
> ut_setup_asym, ut_teardown_asym,
> + rfc2207_rsa_sign_pkcs_15,
> &rfc2207_rsa_test_data_pkcs15_sha256),
> +
> TEST_CASE_NAMED_WITH_DATA("rfc2207_rsa_sign_pkcs_15_digestinf
> o_sha256", ut_setup_asym, ut_teardown_asym,
> + rfc2207_rsa_sign_pkcs_15,
> +&rfc2207_rsa_test_data_pkcs15_digestinfo_sha256),
> TEST_CASES_END() /**< NULL terminate unit test array */
> }
> };
> diff --git a/drivers/crypto/openssl/rte_openssl_pmd.c
> b/drivers/crypto/openssl/rte_openssl_pmd.c
> index 45cee47c5d..32da143ea0 100644
> --- a/drivers/crypto/openssl/rte_openssl_pmd.c
> +++ b/drivers/crypto/openssl/rte_openssl_pmd.c
> @@ -1899,11 +1899,24 @@ process_openssl_rsa_op(struct rte_crypto_op
> *cop,
> RSA *rsa = sess->u.r.rsa;
> uint32_t pad = (op->rsa.padding.type);
> uint8_t *tmp;
> + int sha;
> +
> + switch (op->rsa.padding.hash) {
> + case RTE_CRYPTO_AUTH_SHA1:
> + sha = NID_sha1;
> + break;
> + case RTE_CRYPTO_AUTH_SHA256:
> + sha = NID_sha256;
> + break;
> + default:
> + sha = NID_sha1;
> + }
>
> cop->status = RTE_CRYPTO_OP_STATUS_SUCCESS;
>
> switch (pad) {
> case RTE_CRYPTO_RSA_PADDING_PKCS1_5:
> + case RTE_CRYPTO_RSA_PADDING_SSL23:
> pad = RSA_PKCS1_PADDING;
> break;
> case RTE_CRYPTO_RSA_PADDING_NONE:
> @@ -1941,13 +1954,20 @@ process_openssl_rsa_op(struct rte_crypto_op
> *cop,
> break;
>
> case RTE_CRYPTO_ASYM_OP_SIGN:
> - ret = RSA_private_encrypt(op->rsa.input.length,
> - op->rsa.input.data,
> - op->rsa.output.data,
> - rsa,
> - pad);
> - if (ret > 0)
> - op->rsa.output.length = ret;
> + if (op->rsa.padding.type !=
> RTE_CRYPTO_RSA_PADDING_PKCS1_5) {
> + ret = RSA_private_encrypt(op->rsa.input.length,
> + op->rsa.input.data,
> + op->rsa.output.data,
> + rsa,
> + pad);
> + if (ret > 0)
> + op->rsa.output.length = ret;
> + } else {
> + ret = RSA_sign(sha, op->rsa.input.data, op-
> >rsa.input.length,
> + op->rsa.output.data, (unsigned
> int *)&op->rsa.output.length, rsa);
> + if (ret == 0)
> + ret = -1;
> + }
> break;
>
> case RTE_CRYPTO_ASYM_OP_VERIFY:
> diff --git a/lib/cryptodev/rte_crypto_asym.h b/lib/cryptodev/rte_crypto_asym.h
> index 834e06b96b..b3906b08e3 100644
> --- a/lib/cryptodev/rte_crypto_asym.h
> +++ b/lib/cryptodev/rte_crypto_asym.h
> @@ -149,6 +149,7 @@ enum rte_crypto_mgf {
> /**
> * Padding types for RSA signature.
> */
> + #define TEMP
> enum rte_crypto_rsa_padding_type {
> RTE_CRYPTO_RSA_PADDING_NONE = 0,
> /**< RSA no padding scheme */
> @@ -160,6 +161,7 @@ enum rte_crypto_rsa_padding_type {
> /**< RSA PKCS#1 OAEP padding scheme */
> RTE_CRYPTO_RSA_PADDING_PSS,
> /**< RSA PKCS#1 PSS padding scheme */
> + TEMP RTE_CRYPTO_RSA_PADDING_SSL23,
> RTE_CRYPTO_RSA_PADDING_TYPE_LIST_END
> };
>
> @@ -426,7 +428,7 @@ struct rte_crypto_rsa_op_param {
> *
> * If padding.type = RTE_CRYPTO_RSA_PADDING_NONE
> * input should only be used along with cryptographically
> - * secure padding scheme. *
> + * secure padding scheme.
> * If padding.type = RTE_CRYPTO_RSA_PADDING_PKCS1_5 or
> * RTE_CRYPTO_RSA_PADDING_PSS
> * if the RTE_CRYPTO_RSA_FLAG_PT flag is set, input shall contain @@ -
> 434,7 +436,7 @@ struct rte_crypto_rsa_op_param {
> * the digest of the message to be signed.
> *
> * When op_type == RTE_CRYPTO_ASYM_OP_DECRYPT:
> - *
> + *
> * Input shall contain previously encrypted RSA message.
> *
> * When op_type == RTE_CRYPTO_ASYM_OP_VERIFY:
> --
> 2.13.6
