From: Akhil Goyal <gak...@marvell.com>
Added support for SM2 asymmetric crypto performance.
A new command line option is added to specify
asymmetric operation type `--asym-op Type`.
Type can be sign/verify/encrypt/decrypt.
Example command:
./dpdk-test-crypto-perf --vdev crypto_openssl -c 0x30 -- \
--devtype crypto_openssl --ptest throughput --optype sm2 \
--total-ops 10000 --asym-op sign
Signed-off-by: Akhil Goyal <gak...@marvell.com>
---
app/test-crypto-perf/cperf_ops.c | 69 ++++++++++-
app/test-crypto-perf/cperf_options.h | 6 +
app/test-crypto-perf/cperf_options_parsing.c | 55 ++++++++-
app/test-crypto-perf/cperf_test_common.c | 3 +-
app/test-crypto-perf/cperf_test_vectors.c | 120 +++++++++++++++++++
app/test-crypto-perf/cperf_test_vectors.h | 25 ++++
app/test-crypto-perf/main.c | 61 ++++++++++
doc/guides/tools/cryptoperf.rst | 6 +
8 files changed, 341 insertions(+), 4 deletions(-)
diff --git a/app/test-crypto-perf/cperf_ops.c b/app/test-crypto-perf/cperf_ops.c
index a802281a71..f0860a46c0 100644
--- a/app/test-crypto-perf/cperf_ops.c
+++ b/app/test-crypto-perf/cperf_ops.c
@@ -10,7 +10,7 @@
#include "cperf_test_vectors.h"
static void
-cperf_set_ops_asym(struct rte_crypto_op **ops,
+cperf_set_ops_asym_modex(struct rte_crypto_op **ops,
uint32_t src_buf_offset __rte_unused,
uint32_t dst_buf_offset __rte_unused, uint16_t nb_ops,
void *sess,
@@ -34,6 +34,47 @@ cperf_set_ops_asym(struct rte_crypto_op **ops,
}
}
+static void
+cperf_set_ops_asym_sm2(struct rte_crypto_op **ops,
+ uint32_t src_buf_offset __rte_unused,
+ uint32_t dst_buf_offset __rte_unused, uint16_t nb_ops,
+ void *sess,
+ const struct cperf_options *options,
+ const struct cperf_test_vector *test_vector __rte_unused,
+ uint16_t iv_offset __rte_unused,
+ uint32_t *imix_idx __rte_unused,
+ uint64_t *tsc_start __rte_unused)
+{
+ uint16_t i;
+
+ for (i = 0; i < nb_ops; i++) {
+ struct rte_crypto_asym_op *asym_op = ops[i]->asym;
+
+ ops[i]->status = RTE_CRYPTO_OP_STATUS_NOT_PROCESSED;
+ rte_crypto_op_attach_asym_session(ops[i], sess);
+
+ /* Populate op with operational details */
+ asym_op->sm2.hash = options->asym_hash_alg;
+
+ asym_op->sm2.op_type = options->asym_op_type;
+ asym_op->sm2.message.data = options->sm2_data->message.data;
+ asym_op->sm2.message.length = options->sm2_data->message.length;
+ asym_op->sm2.cipher.data = options->sm2_data->cipher.data;
+ asym_op->sm2.cipher.length = options->sm2_data->cipher.length;
+ asym_op->sm2.id.data = options->sm2_data->id.data;
+ asym_op->sm2.id.length = options->sm2_data->id.length;
+
+ asym_op->sm2.k.data = options->sm2_data->k.data;
+ asym_op->sm2.k.length = options->sm2_data->k.length;
+
+ asym_op->sm2.r.data = options->sm2_data->sign_r.data;
+ asym_op->sm2.r.length = options->sm2_data->sign_r.length;
+ asym_op->sm2.s.data = options->sm2_data->sign_s.data;
+ asym_op->sm2.s.length = options->sm2_data->sign_s.length;
+ }
+}
+
+
#ifdef RTE_LIB_SECURITY
static void
test_ipsec_vec_populate(struct rte_mbuf *m, const struct cperf_options
*options,
@@ -932,6 +973,27 @@ cperf_create_session(struct rte_mempool *sess_mp,
}
return asym_sess;
}
+
+ if (options->op_type == CPERF_ASYM_SM2) {
+ xform.next = NULL;
+ xform.xform_type = RTE_CRYPTO_ASYM_XFORM_SM2;
+ xform.ec.curve_id = options->sm2_data->curve;
+ xform.ec.pkey.data = options->sm2_data->pkey.data;
+ xform.ec.pkey.length = options->sm2_data->pkey.length;
+ xform.ec.q.x.data = options->sm2_data->pubkey_qx.data;
+ xform.ec.q.x.length = options->sm2_data->pubkey_qx.length;
+ xform.ec.q.y.data = options->sm2_data->pubkey_qy.data;
+ xform.ec.q.y.length = options->sm2_data->pubkey_qy.length;
+
+ ret = rte_cryptodev_asym_session_create(dev_id, &xform,
+ sess_mp, &asym_sess);
+ if (ret < 0) {
+ RTE_LOG(ERR, USER1, "SM2 Asym session create failed\n");
+ return NULL;
+ }
+
+ return asym_sess;
+ }
#ifdef RTE_LIB_SECURITY
/*
* security only
@@ -1230,7 +1292,10 @@ cperf_get_op_functions(const struct cperf_options
*options,
op_fns->populate_ops = cperf_set_ops_cipher;
break;
case CPERF_ASYM_MODEX:
- op_fns->populate_ops = cperf_set_ops_asym;
+ op_fns->populate_ops = cperf_set_ops_asym_modex;
+ break;
+ case CPERF_ASYM_SM2:
+ op_fns->populate_ops = cperf_set_ops_asym_sm2;
break;
#ifdef RTE_LIB_SECURITY
case CPERF_PDCP:
diff --git a/app/test-crypto-perf/cperf_options.h
b/app/test-crypto-perf/cperf_options.h
index be36c70be1..d730ae18d0 100644
--- a/app/test-crypto-perf/cperf_options.h
+++ b/app/test-crypto-perf/cperf_options.h
@@ -49,6 +49,8 @@
#define CPERF_DIGEST_SZ ("digest-sz")
+#define CPERF_ASYM_OP ("asym-op")
+
#ifdef RTE_LIB_SECURITY
#define CPERF_PDCP_SN_SZ ("pdcp-sn-sz")
#define CPERF_PDCP_DOMAIN ("pdcp-domain")
@@ -85,6 +87,7 @@ enum cperf_op_type {
CPERF_DOCSIS,
CPERF_IPSEC,
CPERF_ASYM_MODEX,
+ CPERF_ASYM_SM2,
CPERF_TLS,
};
@@ -162,6 +165,9 @@ struct cperf_options {
uint8_t imix_distribution_count;
struct cperf_modex_test_data *modex_data;
uint16_t modex_len;
+ struct cperf_sm2_test_data *sm2_data;
+ enum rte_crypto_asym_op_type asym_op_type;
+ enum rte_crypto_auth_algorithm asym_hash_alg;
};
void
diff --git a/app/test-crypto-perf/cperf_options_parsing.c
b/app/test-crypto-perf/cperf_options_parsing.c
index 8c20974273..49609e560e 100644
--- a/app/test-crypto-perf/cperf_options_parsing.c
+++ b/app/test-crypto-perf/cperf_options_parsing.c
@@ -37,7 +37,7 @@ usage(char *progname)
" --desc-nb N: set number of descriptors for each crypto
device\n"
" --devtype TYPE: set crypto device type to use\n"
" --optype cipher-only / auth-only / cipher-then-auth /
auth-then-cipher /\n"
- " aead / pdcp / docsis / ipsec / modex / tls-record :
set operation type\n"
+ " aead / pdcp / docsis / ipsec / modex / sm2 /
tls-record : set operation type\n"
" --sessionless: enable session-less crypto operations\n"
" --out-of-place: enable out-of-place crypto operations\n"
" --test-file NAME: set the test vector file path\n"
@@ -61,6 +61,7 @@ usage(char *progname)
" --csv-friendly: enable test result output CSV friendly\n"
" --modex-len N: modex length, supported lengths are "
"60, 128, 255, 448. Default: 128\n"
+ " --asym-op encrypt / decrypt / sign / verify : set asym
operation type\n"
#ifdef RTE_LIB_SECURITY
" --pdcp-sn-sz N: set PDCP SN size N <5/7/12/15/18>\n"
" --pdcp-domain DOMAIN: set PDCP domain <control/user>\n"
@@ -482,6 +483,10 @@ parse_op_type(struct cperf_options *opts, const char *arg)
cperf_op_type_strs[CPERF_ASYM_MODEX],
CPERF_ASYM_MODEX
},
+ {
+ cperf_op_type_strs[CPERF_ASYM_SM2],
+ CPERF_ASYM_SM2
+ },
{
cperf_op_type_strs[CPERF_TLS],
CPERF_TLS
@@ -861,6 +866,45 @@ parse_aead_aad_sz(struct cperf_options *opts, const char
*arg)
return parse_uint16_t(&opts->aead_aad_sz, arg);
}
+static int
+parse_asym_op(struct cperf_options *opts, const char *arg)
+{
+ struct name_id_map asym_op_namemap[] = {
+ {
+ rte_crypto_asym_op_strings
+ [RTE_CRYPTO_ASYM_OP_ENCRYPT],
+ RTE_CRYPTO_ASYM_OP_ENCRYPT
+ },
+ {
+ rte_crypto_asym_op_strings
+ [RTE_CRYPTO_ASYM_OP_DECRYPT],
+ RTE_CRYPTO_ASYM_OP_DECRYPT
+ },
+ {
+ rte_crypto_asym_op_strings
+ [RTE_CRYPTO_ASYM_OP_SIGN],
+ RTE_CRYPTO_ASYM_OP_SIGN
+ },
+ {
+ rte_crypto_asym_op_strings
+ [RTE_CRYPTO_ASYM_OP_VERIFY],
+ RTE_CRYPTO_ASYM_OP_VERIFY
+ }
+ };
+
+ int id = get_str_key_id_mapping(asym_op_namemap,
+ RTE_DIM(asym_op_namemap), arg);
+ if (id < 0) {
+ RTE_LOG(ERR, USER1, "invalid ASYM operation specified\n");
+ return -1;
+ }
+
+ opts->asym_op_type = (enum rte_crypto_asym_op_type)id;
+
+ return 0;
+}
+
+
static int
parse_csv_friendly(struct cperf_options *opts, const char *arg __rte_unused)
{
@@ -935,6 +979,8 @@ static struct option lgopts[] = {
{ CPERF_DIGEST_SZ, required_argument, 0, 0 },
+ { CPERF_ASYM_OP, required_argument, 0, 0 },
+
#ifdef RTE_LIB_SECURITY
{ CPERF_PDCP_SN_SZ, required_argument, 0, 0 },
{ CPERF_PDCP_DOMAIN, required_argument, 0, 0 },
@@ -1017,6 +1063,9 @@ cperf_options_default(struct cperf_options *opts)
opts->docsis_hdr_sz = 17;
#endif
opts->modex_data = (struct cperf_modex_test_data *)&modex_perf_data[0];
+
+ opts->sm2_data = &sm2_perf_data;
+ opts->asym_op_type = RTE_CRYPTO_ASYM_OP_SIGN;
}
static int
@@ -1053,6 +1102,7 @@ cperf_opts_parse_long(int opt_idx, struct cperf_options
*opts)
{ CPERF_AEAD_IV_SZ, parse_aead_iv_sz },
{ CPERF_AEAD_AAD_SZ, parse_aead_aad_sz },
{ CPERF_DIGEST_SZ, parse_digest_sz },
+ { CPERF_ASYM_OP, parse_asym_op },
#ifdef RTE_LIB_SECURITY
{ CPERF_PDCP_SN_SZ, parse_pdcp_sn_sz },
{ CPERF_PDCP_DOMAIN, parse_pdcp_domain },
@@ -1438,6 +1488,9 @@ cperf_options_dump(struct cperf_options *opts)
printf("#\n");
printf("# number of queue pairs per device: %u\n", opts->nb_qps);
printf("# crypto operation: %s\n", cperf_op_type_strs[opts->op_type]);
+ if (opts->op_type == CPERF_ASYM_SM2)
+ printf("# asym operation type: %s\n",
+ rte_crypto_asym_op_strings[opts->asym_op_type]);
printf("# sessionless: %s\n", opts->sessionless ? "yes" : "no");
printf("# out of place: %s\n", opts->out_of_place ? "yes" : "no");
if (opts->test == CPERF_TEST_TYPE_PMDCC)
diff --git a/app/test-crypto-perf/cperf_test_common.c
b/app/test-crypto-perf/cperf_test_common.c
index 0f1f0b72c1..14ca9e964a 100644
--- a/app/test-crypto-perf/cperf_test_common.c
+++ b/app/test-crypto-perf/cperf_test_common.c
@@ -305,7 +305,8 @@ cperf_mbuf_set(struct rte_mbuf *mbuf,
bool
cperf_is_asym_test(const struct cperf_options *options)
{
- if (options->op_type == CPERF_ASYM_MODEX)
+ if (options->op_type == CPERF_ASYM_MODEX ||
+ options->op_type == CPERF_ASYM_SM2)
return true;
return false;
diff --git a/app/test-crypto-perf/cperf_test_vectors.c
b/app/test-crypto-perf/cperf_test_vectors.c
index de43d303a5..5ea5333029 100644
--- a/app/test-crypto-perf/cperf_test_vectors.c
+++ b/app/test-crypto-perf/cperf_test_vectors.c
@@ -804,6 +804,80 @@ cperf_modex_test_data modex_perf_data[10] = {
}
};
+static uint8_t fp256_pkey[] = {
+ 0x77, 0x84, 0x35, 0x65, 0x4c, 0x7a, 0x6d, 0xb1,
+ 0x1e, 0x63, 0x0b, 0x41, 0x97, 0x36, 0x04, 0xf4,
+ 0xec, 0x35, 0xee, 0x3b, 0x76, 0xc2, 0x34, 0x08,
+ 0xd9, 0x4a, 0x22, 0x0d, 0x7f, 0xf6, 0xc6, 0x90
+};
+
+static uint8_t fp256_qx[] = {
+ 0x7b, 0x24, 0xa3, 0x03, 0xcf, 0xb2, 0x22, 0xfa,
+ 0x4c, 0xb3, 0x88, 0x54, 0xf9, 0x30, 0xd1, 0x4d,
+ 0xe3, 0x50, 0xda, 0xba, 0xe6, 0xa7, 0x0b, 0x91,
+ 0x4c, 0x04, 0x0d, 0x5c, 0xe0, 0x8e, 0x86, 0xc5
+};
+
+static uint8_t fp256_qy[] = {
+ 0xbc, 0x39, 0xe3, 0x19, 0x4e, 0xd2, 0x29, 0x22,
+ 0x5b, 0x37, 0x2d, 0xeb, 0xcc, 0x05, 0x52, 0x8d,
+ 0xb9, 0x40, 0xa3, 0xab, 0x3c, 0xbe, 0x16, 0x30,
+ 0x1c, 0xe4, 0xe8, 0x7f, 0xba, 0x6e, 0x0b, 0xae
+};
+
+static uint8_t fp256_k[] = {
+ 0x01, 0x04, 0x02, 0x05, 0x04, 0x06, 0x03, 0x07
+};
+
+static uint8_t fp256_sign_r[] = {
+ 0x75, 0x2B, 0x8C, 0x15, 0x38, 0x10, 0xF6, 0xC0,
+ 0x28, 0xC9, 0x8A, 0x51, 0xD0, 0x62, 0x69, 0x4B,
+ 0xF6, 0x58, 0x06, 0xEB, 0xF1, 0x91, 0x1F, 0x15,
+ 0x8B, 0x08, 0x09, 0xF9, 0x88, 0x0A, 0x44, 0x24
+};
+
+static uint8_t fp256_sign_s[] = {
+ 0x5A, 0x3C, 0x96, 0x3E, 0x1C, 0xB4, 0x19, 0xF9,
+ 0xD7, 0x78, 0xB8, 0xCE, 0xFF, 0x9D, 0xB1, 0x31,
+ 0x77, 0xDB, 0xA0, 0xFE, 0x84, 0x61, 0x1A, 0xD9,
+ 0x4E, 0xFF, 0x82, 0x13, 0x1C, 0xCA, 0x04, 0x75,
+};
+
+static uint8_t fp256_id[] = {
+ 0x1, 0x2, 0x3, 0x4, 0x5, 0x6, 0x7, 0x8
+};
+
+static uint8_t fp256_message[] = {
+ 0x6D, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x20,
+ 0x64, 0x69, 0x67, 0x65, 0x73, 0x74
+};
+
+static uint8_t fp256_digest[] = {
+ 0x0F, 0xB5, 0xCE, 0xF3, 0x3C, 0xB7, 0xD1, 0x35,
+ 0xA9, 0x3A, 0xC7, 0xA7, 0x89, 0x2A, 0x6D, 0x9A,
+ 0xF3, 0x1E, 0xC5, 0x38, 0xD3, 0x65, 0x1B, 0xB9,
+ 0xDF, 0x5F, 0x7F, 0x4A, 0xD8, 0x89, 0x57, 0xF1
+};
+
+static uint8_t fp256_cipher[] = {
+ 0x30, 0x78, 0x02, 0x21, 0x00, 0xAB, 0xBD, 0xE8,
+ 0xE8, 0x80, 0x93, 0x36, 0x77, 0xB6, 0x44, 0x47,
+ 0x6D, 0x00, 0xF6, 0x51, 0xC8, 0x80, 0x9C, 0x9E,
+ 0xD9, 0xEC, 0x36, 0x8A, 0x60, 0x8E, 0x26, 0x2D,
+ 0x71, 0x31, 0xB7, 0xC1, 0x38, 0x02, 0x21, 0x00,
+ 0xE1, 0xBF, 0x4C, 0x13, 0x7A, 0x87, 0x40, 0x32,
+ 0xF5, 0xA1, 0xE2, 0xA1, 0x3B, 0x83, 0xBF, 0x6B,
+ 0x3F, 0xFB, 0xC8, 0x13, 0x01, 0xDE, 0xCF, 0xC0,
+ 0xF4, 0x24, 0x66, 0x52, 0x89, 0xDA, 0x6D, 0x7A,
+ 0x04, 0x20, 0x8E, 0xFD, 0x52, 0x77, 0xC9, 0xE7,
+ 0x90, 0xD1, 0x17, 0x75, 0xDE, 0xEE, 0xF3, 0xE5,
+ 0x11, 0x0C, 0x5D, 0xE1, 0x3A, 0xB6, 0x2B, 0x72,
+ 0x60, 0xE5, 0xD5, 0xF3, 0x0F, 0xE2, 0x44, 0xDB,
+ 0xBC, 0x66, 0x04, 0x0E, 0x78, 0x2D, 0xC0, 0x3D,
+ 0x38, 0xA2, 0x42, 0xA4, 0x8E, 0x8B, 0xF5, 0x06,
+ 0x32, 0xFA
+};
+
uint8_t plaintext[2048] = {
0x71, 0x75, 0x83, 0x98, 0x75, 0x42, 0x51, 0x09, 0x94, 0x02, 0x13, 0x20,
0x15, 0x64, 0x46, 0x32, 0x08, 0x18, 0x91, 0x82, 0x86, 0x52, 0x23, 0x93,
@@ -1208,6 +1282,52 @@ uint8_t ipsec_plaintext[2048] = {
0x75, 0x67, 0x00, 0x01
};
+/** SM2 Fp256 elliptic curve test params */
+struct
+cperf_sm2_test_data sm2_perf_data = {
+ .pubkey_qx = {
+ .data = fp256_qx,
+ .length = sizeof(fp256_qx),
+ },
+ .pubkey_qy = {
+ .data = fp256_qy,
+ .length = sizeof(fp256_qy),
+ },
+ .k = {
+ .data = fp256_k,
+ .length = sizeof(fp256_k),
+ },
+ .sign_r = {
+ .data = fp256_sign_r,
+ .length = sizeof(fp256_sign_r),
+ },
+ .sign_s = {
+ .data = fp256_sign_s,
+ .length = sizeof(fp256_sign_s),
+ },
+ .id = {
+ .data = fp256_id,
+ .length = sizeof(fp256_id),
+ },
+ .pkey = {
+ .data = fp256_pkey,
+ .length = sizeof(fp256_pkey),
+ },
+ .message = {
+ .data = fp256_message,
+ .length = sizeof(fp256_message),
+ },
+ .digest = {
+ .data = fp256_digest,
+ .length = sizeof(fp256_digest),
+ },
+ .cipher = {
+ .data = fp256_cipher,
+ .length = sizeof(fp256_cipher),
+ },
+ .curve = RTE_CRYPTO_EC_GROUP_SM2
+};
+
struct cperf_test_vector*
cperf_test_vector_get_dummy(struct cperf_options *options)
{
diff --git a/app/test-crypto-perf/cperf_test_vectors.h
b/app/test-crypto-perf/cperf_test_vectors.h
index a3e431e5e6..a218081d6e 100644
--- a/app/test-crypto-perf/cperf_test_vectors.h
+++ b/app/test-crypto-perf/cperf_test_vectors.h
@@ -75,6 +75,16 @@ struct cperf_test_vector {
uint32_t mlen;
uint32_t elen;
} modex;
+
+ struct {
+ uint8_t *sign_r;
+ uint8_t *sign_s;
+ uint8_t *message;
+ uint8_t *cipher;
+ uint32_t sign_len;
+ uint32_t msg_len;
+ uint32_t cipher_len;
+ } sm2;
};
struct cperf_modex_test_data {
@@ -97,6 +107,20 @@ struct cperf_modex_test_data {
} result;
};
+struct cperf_sm2_test_data {
+ rte_crypto_param pubkey_qx;
+ rte_crypto_param pubkey_qy;
+ rte_crypto_param pkey;
+ rte_crypto_param k;
+ rte_crypto_param sign_r;
+ rte_crypto_param sign_s;
+ rte_crypto_param id;
+ rte_crypto_param cipher;
+ rte_crypto_param message;
+ rte_crypto_param digest;
+ int curve;
+};
+
struct cperf_test_vector*
cperf_test_vector_get_dummy(struct cperf_options *options);
@@ -111,5 +135,6 @@ extern uint8_t aad[];
extern uint8_t digest[2048];
extern struct cperf_modex_test_data modex_perf_data[10];
+extern struct cperf_sm2_test_data sm2_perf_data;
#endif
diff --git a/app/test-crypto-perf/main.c b/app/test-crypto-perf/main.c
index 780f22f399..2f39edbe6a 100644
--- a/app/test-crypto-perf/main.c
+++ b/app/test-crypto-perf/main.c
@@ -45,6 +45,7 @@ const char *cperf_op_type_strs[] = {
[CPERF_DOCSIS] = "docsis",
[CPERF_IPSEC] = "ipsec",
[CPERF_ASYM_MODEX] = "modex",
+ [CPERF_ASYM_SM2] = "sm2",
[CPERF_TLS] = "tls-record"
};
@@ -224,6 +225,7 @@ cperf_initialize_cryptodev(struct cperf_options *opts,
uint8_t *enabled_cdevs)
};
switch (opts->op_type) {
+ case CPERF_ASYM_SM2:
case CPERF_ASYM_MODEX:
conf.ff_disable |= (RTE_CRYPTODEV_FF_SECURITY |
RTE_CRYPTODEV_FF_SYMMETRIC_CRYPTO);
@@ -362,6 +364,65 @@ cperf_verify_devices_capabilities(struct cperf_options
*opts,
}
+ if (opts->op_type == CPERF_ASYM_SM2) {
+ asym_cap_idx.type = RTE_CRYPTO_ASYM_XFORM_SM2;
+ asym_capability =
rte_cryptodev_asym_capability_get(cdev_id, &asym_cap_idx);
+ if (asym_capability == NULL)
+ return -1;
+
+ if
(!rte_cryptodev_asym_xform_capability_check_optype(asym_capability,
+ opts->asym_op_type))
+ return -1;
+
+ if
(rte_cryptodev_asym_xform_capability_check_hash(asym_capability,
+ RTE_CRYPTO_AUTH_SM3)) {
+ opts->asym_hash_alg = RTE_CRYPTO_AUTH_SM3;
+ if (opts->asym_op_type ==
RTE_CRYPTO_ASYM_OP_SIGN ||
+ opts->asym_op_type ==
RTE_CRYPTO_ASYM_OP_VERIFY) {
+ opts->sm2_data->message.data =
sm2_perf_data.message.data;
+ opts->sm2_data->message.length =
+
sm2_perf_data.message.length;
+ opts->sm2_data->id.data =
sm2_perf_data.id.data;
+ opts->sm2_data->id.length =
sm2_perf_data.id.length;
+ }
+ } else {
+ opts->asym_hash_alg = RTE_CRYPTO_AUTH_NULL;
+ if (opts->asym_op_type ==
RTE_CRYPTO_ASYM_OP_SIGN ||
+ opts->asym_op_type ==
RTE_CRYPTO_ASYM_OP_VERIFY) {
+ opts->sm2_data->message.data =
sm2_perf_data.digest.data;
+ opts->sm2_data->message.length =
+
sm2_perf_data.digest.length;
+ opts->sm2_data->id.data = NULL;
+ opts->sm2_data->id.length = 0;
+ }
+ }
+ if (asym_capability->internal_rng != 0) {
+ opts->sm2_data->k.data = NULL;
+ opts->sm2_data->k.length = 0;
+ }
+ if (opts->asym_op_type == RTE_CRYPTO_ASYM_OP_ENCRYPT) {
+ opts->sm2_data->message.data =
sm2_perf_data.message.data;
+ opts->sm2_data->message.length =
sm2_perf_data.message.length;
+ opts->sm2_data->cipher.data =
sm2_perf_data.cipher.data;
+ opts->sm2_data->cipher.length =
sm2_perf_data.cipher.length;
+ } else if (opts->asym_op_type ==
RTE_CRYPTO_ASYM_OP_DECRYPT) {
+ opts->sm2_data->cipher.data =
sm2_perf_data.cipher.data;
+ opts->sm2_data->cipher.length =
sm2_perf_data.cipher.length;
+ opts->sm2_data->message.data =
sm2_perf_data.message.data;
+ opts->sm2_data->message.length =
sm2_perf_data.message.length;
+ } else if (opts->asym_op_type ==
RTE_CRYPTO_ASYM_OP_SIGN) {
+ opts->sm2_data->sign_r.data =
sm2_perf_data.sign_r.data;
+ opts->sm2_data->sign_r.length =
sm2_perf_data.sign_r.length;
+ opts->sm2_data->sign_s.data =
sm2_perf_data.sign_s.data;
+ opts->sm2_data->sign_s.length =
sm2_perf_data.sign_s.length;
+ } else if (opts->asym_op_type ==
RTE_CRYPTO_ASYM_OP_VERIFY) {
+ opts->sm2_data->sign_r.data =
sm2_perf_data.sign_r.data;
+ opts->sm2_data->sign_r.length =
sm2_perf_data.sign_r.length;
+ opts->sm2_data->sign_s.data =
sm2_perf_data.sign_s.data;
+ opts->sm2_data->sign_s.length =
sm2_perf_data.sign_s.length;
+ }
+ }
+
if (opts->op_type == CPERF_AUTH_ONLY ||
opts->op_type == CPERF_CIPHER_THEN_AUTH ||
opts->op_type == CPERF_AUTH_THEN_CIPHER) {
diff --git a/doc/guides/tools/cryptoperf.rst b/doc/guides/tools/cryptoperf.rst
index facf412799..8cfb194f10 100644
--- a/doc/guides/tools/cryptoperf.rst
+++ b/doc/guides/tools/cryptoperf.rst
@@ -175,6 +175,7 @@ The following are the application command-line options:
pdcp
docsis
modex
+ sm2
ipsec
tls-record
@@ -342,6 +343,11 @@ The following are the application command-line options:
Set modex length for asymmetric crypto perf test.
Supported lengths are 60, 128, 255, 448. Default length is 128.
+* ``--asym-op <sign/verify/encrypt/decrypt>``
+
+ Set Asymmetric crypto operation mode.
+ To be used with SM2 asymmetric crypto ops. Default is ``sign``.
+
* ``--tls-version <TLS1.2/TLS1.3/DTLS1.2>``
Set TLS/DTLS protocol version for perf test (default is TLS1.2).
--
2.25.1
