/* SPDX-License-Identifier: BSD-3-Clause
* Copyright(c) 2018 Cavium Networks
* Copyright (c) 2019 Intel Corporation
*/
#include <rte_bus_vdev.h>
#include <rte_common.h>
#include <rte_hexdump.h>
#include <rte_mbuf.h>
#include <rte_malloc.h>
#include <rte_memcpy.h>
#include <rte_pause.h>
#include <rte_cryptodev.h>
#include <rte_cryptodev_pmd.h>
#include <rte_crypto.h>
#include "test_cryptodev.h"
#include "test_cryptodev_dh_test_vectors.h"
#include "test_cryptodev_dsa_test_vectors.h"
#include "test_cryptodev_mod_test_vectors.h"
#include "test_cryptodev_rsa_test_vectors.h"
#include "test_cryptodev_asym_util.h"
#include "test.h"
#define TEST_NUM_BUFS 10
#define TEST_NUM_SESSIONS 4
#ifndef TEST_DATA_SIZE
#define TEST_DATA_SIZE 4096
#endif
#define ASYM_TEST_MSG_LEN 256
#define TEST_VECTOR_SIZE 256
static int gbl_driver_id;
struct crypto_testsuite_params {
struct rte_mempool *op_mpool;
struct rte_mempool *session_mpool;
struct rte_cryptodev_config conf;
struct rte_cryptodev_qp_conf qp_conf;
uint8_t valid_devs[RTE_CRYPTO_MAX_DEVS];
uint8_t valid_dev_count;
};
struct crypto_unittest_params {
struct rte_cryptodev_asym_session *sess;
struct rte_crypto_op *op;
};
union test_case_structure {
struct modex_test_data modex;
struct modinv_test_data modinv;
struct rsa_test_data_2 rsa_data;
};
struct test_cases_array {
uint32_t size;
const void *address[TEST_VECTOR_SIZE];
};
static struct test_cases_array test_vector = {0, { NULL } };
static uint32_t test_index;
static struct crypto_testsuite_params testsuite_params = { NULL };
static int
queue_ops_rsa_sign_verify(struct rte_cryptodev_asym_session *sess)
{
struct crypto_testsuite_params *ts_params = &testsuite_params;
struct rte_mempool *op_mpool = ts_params->op_mpool;
uint8_t dev_id = ts_params->valid_devs[0];
struct rte_crypto_op *op, *result_op;
struct rte_crypto_asym_op *asym_op;
uint8_t output_buf[TEST_DATA_SIZE];
int status = TEST_SUCCESS;
/* Set up crypto op data structure */
op = rte_crypto_op_alloc(op_mpool, RTE_CRYPTO_OP_TYPE_ASYMMETRIC);
if (!op) {
RTE_LOG(ERR, USER1, "Failed to allocate asymmetric crypto "
"operation struct\n");
return TEST_FAILED;
}
asym_op = op->asym;
/* Compute sign on the test vector */
asym_op->rsa.op_type = RTE_CRYPTO_ASYM_OP_SIGN;
asym_op->rsa.message.data = rsaplaintext.data;
asym_op->rsa.message.length = rsaplaintext.len;
asym_op->rsa.sign.length = 0;
asym_op->rsa.sign.data = output_buf;
asym_op->rsa.pad = RTE_CRYPTO_RSA_PADDING_PKCS1_5;
debug_hexdump(stdout, "message", asym_op->rsa.message.data,
asym_op->rsa.message.length);
/* Attach asymmetric crypto session to crypto operations */
rte_crypto_op_attach_asym_session(op, sess);
RTE_LOG(DEBUG, USER1, "Process ASYM operation\n");
/* Process crypto operation */
if (rte_cryptodev_enqueue_burst(dev_id, 0, &op, 1) != 1) {
RTE_LOG(ERR, USER1, "Error sending packet for sign\n");
status = TEST_FAILED;
goto error_exit;
}
while (rte_cryptodev_dequeue_burst(dev_id, 0, &result_op, 1) == 0)
rte_pause();
if (result_op == NULL) {
RTE_LOG(ERR, USER1, "Failed to process sign op\n");
status = TEST_FAILED;
goto error_exit;
}
debug_hexdump(stdout, "signed message", asym_op->rsa.sign.data,
asym_op->rsa.sign.length);
asym_op = result_op->asym;
/* Verify sign */
asym_op->rsa.op_type = RTE_CRYPTO_ASYM_OP_VERIFY;
asym_op->rsa.pad = RTE_CRYPTO_RSA_PADDING_PKCS1_5;
/* Process crypto operation */
if (rte_cryptodev_enqueue_burst(dev_id, 0, &op, 1) != 1) {
RTE_LOG(ERR, USER1, "Error sending packet for verify\n");
status = TEST_FAILED;
goto error_exit;
}
while (rte_cryptodev_dequeue_burst(dev_id, 0, &result_op, 1) == 0)
rte_pause();
if (result_op == NULL) {
RTE_LOG(ERR, USER1, "Failed to process verify op\n");
status = TEST_FAILED;
goto error_exit;
}
status = TEST_SUCCESS;
if (result_op->status != RTE_CRYPTO_OP_STATUS_SUCCESS) {
RTE_LOG(ERR, USER1, "Failed to process sign-verify op\n");
status = TEST_FAILED;
}
error_exit:
rte_crypto_op_free(op);
return status;
}
static int
queue_ops_rsa_enc_dec(struct rte_cryptodev_asym_session *sess)
{
struct crypto_testsuite_params *ts_params = &testsuite_params;
struct rte_mempool *op_mpool = ts_params->op_mpool;
uint8_t dev_id = ts_params->valid_devs[0];
struct rte_crypto_op *op, *result_op;
struct rte_crypto_asym_op *asym_op;
uint8_t cipher_buf[TEST_DATA_SIZE] = {0};
int ret, status = TEST_SUCCESS;
/* Set up crypto op data structure */
op = rte_crypto_op_alloc(op_mpool, RTE_CRYPTO_OP_TYPE_ASYMMETRIC);
if (!op) {
RTE_LOG(ERR, USER1, "Failed to allocate asymmetric crypto "
"operation struct\n");
return TEST_FAILED;
}
asym_op = op->asym;
/* Compute encryption on the test vector */
asym_op->rsa.op_type = RTE_CRYPTO_ASYM_OP_ENCRYPT;
asym_op->rsa.message.data = rsaplaintext.data;
asym_op->rsa.cipher.data = cipher_buf;
asym_op->rsa.cipher.length = 0;
asym_op->rsa.message.length = rsaplaintext.len;
asym_op->rsa.pad = RTE_CRYPTO_RSA_PADDING_PKCS1_5;
debug_hexdump(stdout, "message", asym_op->rsa.message.data,
asym_op->rsa.message.length);
/* Attach asymmetric crypto session to crypto operations */
rte_crypto_op_attach_asym_session(op, sess);
RTE_LOG(DEBUG, USER1, "Process ASYM operation\n");
/* Process crypto operation */
if (rte_cryptodev_enqueue_burst(dev_id, 0, &op, 1) != 1) {
RTE_LOG(ERR, USER1, "Error sending packet for encryption\n");
status = TEST_FAILED;
goto error_exit;
}
while (rte_cryptodev_dequeue_burst(dev_id, 0, &result_op, 1) == 0)
rte_pause();
if (result_op == NULL) {
RTE_LOG(ERR, USER1, "Failed to process encryption op\n");
status = TEST_FAILED;
goto error_exit;
}
debug_hexdump(stdout, "encrypted message", asym_op->rsa.message.data,
asym_op->rsa.message.length);
/* Use the resulted output as decryption Input vector*/
asym_op = result_op->asym;
asym_op->rsa.message.length = 0;
asym_op->rsa.op_type = RTE_CRYPTO_ASYM_OP_DECRYPT;
asym_op->rsa.pad = RTE_CRYPTO_RSA_PADDING_PKCS1_5;
/* Process crypto operation */
if (rte_cryptodev_enqueue_burst(dev_id, 0, &op, 1) != 1) {
RTE_LOG(ERR, USER1, "Error sending packet for decryption\n");
status = TEST_FAILED;
goto error_exit;
}
while (rte_cryptodev_dequeue_burst(dev_id, 0, &result_op, 1) == 0)
rte_pause();
if (result_op == NULL) {
RTE_LOG(ERR, USER1, "Failed to process decryption op\n");
status = TEST_FAILED;
goto error_exit;
}
status = TEST_SUCCESS;
ret = rsa_verify(&rsaplaintext, result_op);
if (ret)
status = TEST_FAILED;
error_exit:
rte_crypto_op_free(op);
return status;
}
static int
test_cryptodev_asym_ver(struct rte_crypto_op *op,
struct rte_crypto_asym_xform *xform_tc,
union test_case_structure *data_tc,
struct rte_crypto_op *result_op)
{
int status = TEST_FAILED;
int ret = 0;
uint8_t *data_expected = NULL, *data_received = NULL;
size_t data_size = 0;
switch (data_tc->modex.xform_type) {
case RTE_CRYPTO_ASYM_XFORM_MODEX:
data_expected = data_tc->modex.reminder.data;
data_received = result_op->asym->modex.result.data;
data_size = result_op->asym->modex.result.length;
break;
case RTE_CRYPTO_ASYM_XFORM_MODINV:
data_expected = data_tc->modinv.inverse.data;
data_received = result_op->asym->modinv.result.data;
data_size = result_op->asym->modinv.result.length;
break;
case RTE_CRYPTO_ASYM_XFORM_RSA:
if (op->asym->rsa.op_type == RTE_CRYPTO_ASYM_OP_ENCRYPT) {
data_size = xform_tc->rsa.n.length;
data_received = result_op->asym->rsa.cipher.data;
data_expected = data_tc->rsa_data.ct.data;
} else if (op->asym->rsa.op_type == RTE_CRYPTO_ASYM_OP_DECRYPT) {
data_size = xform_tc->rsa.n.length;
data_expected = data_tc->rsa_data.pt.data;
data_received = result_op->asym->rsa.message.data;
} else if (op->asym->rsa.op_type == RTE_CRYPTO_ASYM_OP_SIGN) {
data_size = xform_tc->rsa.n.length;
data_expected = data_tc->rsa_data.sign.data;
data_received = result_op->asym->rsa.sign.data;
} else if (op->asym->rsa.op_type == RTE_CRYPTO_ASYM_OP_VERIFY) {
data_size = xform_tc->rsa.n.length;
data_expected = data_tc->rsa_data.pt.data;
data_received = result_op->asym->rsa.cipher.data;
}
break;
case RTE_CRYPTO_ASYM_XFORM_DH:
case RTE_CRYPTO_ASYM_XFORM_DSA:
case RTE_CRYPTO_ASYM_XFORM_NONE:
case RTE_CRYPTO_ASYM_XFORM_UNSPECIFIED:
default:
break;
}
ret = memcmp(data_expected, data_received, data_size);
if (!ret && data_size)
status = TEST_SUCCESS;
return status;
}
static int
test_cryptodev_asym_op(struct crypto_testsuite_params *ts_params,
union test_case_structure *data_tc,
char *test_msg, int sessionless, enum rte_crypto_asym_op_type type,
enum rte_crypto_rsa_priv_key_type key_type)
{
struct rte_crypto_asym_op *asym_op = NULL;
struct rte_crypto_op *op = NULL;
struct rte_crypto_op *result_op = NULL;
struct rte_crypto_asym_xform xform_tc;
struct rte_cryptodev_asym_session *sess = NULL;
struct rte_cryptodev_asym_capability_idx cap_idx;
const struct rte_cryptodev_asymmetric_xform_capability *capability;
uint8_t dev_id = ts_params->valid_devs[0];
uint8_t input[TEST_DATA_SIZE] = {0};
uint8_t *result = NULL;
int status = TEST_SUCCESS;
xform_tc.next = NULL;
xform_tc.xform_type = data_tc->modex.xform_type;
cap_idx.type = xform_tc.xform_type;
capability = rte_cryptodev_asym_capability_get(dev_id, &cap_idx);
if (capability == NULL) {
RTE_LOG(INFO, USER1,
"Device doesn't support MODEX. Test Skipped\n");
return -ENOTSUP;
}
/* Generate crypto op data structure */
op = rte_crypto_op_alloc(ts_params->op_mpool,
RTE_CRYPTO_OP_TYPE_ASYMMETRIC);
if (!op) {
snprintf(test_msg, ASYM_TEST_MSG_LEN,
"line %u FAILED: %s",
__LINE__, "Failed to allocate asymmetric crypto "
"operation struct");
status = TEST_FAILED;
goto error_exit;
}
asym_op = op->asym;
switch (xform_tc.xform_type) {
case RTE_CRYPTO_ASYM_XFORM_MODEX:
result = rte_zmalloc(NULL, data_tc->modex.result_len, 0);
xform_tc.modex.modulus.data = data_tc->modex.modulus.data;
xform_tc.modex.modulus.length = data_tc->modex.modulus.len;
xform_tc.modex.exponent.data = data_tc->modex.exponent.data;
xform_tc.modex.exponent.length = data_tc->modex.exponent.len;
memcpy(input, data_tc->modex.base.data,
data_tc->modex.base.len);
asym_op->modex.base.data = input;
asym_op->modex.base.length = data_tc->modex.base.len;
asym_op->modex.result.data = result;
asym_op->modex.result.length = data_tc->modex.result_len;
if (rte_cryptodev_asym_xform_capability_check_modlen(capability,
xform_tc.modex.modulus.length)) {
snprintf(test_msg, ASYM_TEST_MSG_LEN,
"line %u "
"FAILED: %s", __LINE__,
"Invalid MODULUS length specified");
status = TEST_FAILED;
goto error_exit;
}
break;
case RTE_CRYPTO_ASYM_XFORM_MODINV:
result = rte_zmalloc(NULL, data_tc->modinv.result_len, 0);
xform_tc.modinv.modulus.data = data_tc->modinv.modulus.data;
xform_tc.modinv.modulus.length = data_tc->modinv.modulus.len;
memcpy(input, data_tc->modinv.base.data,
data_tc->modinv.base.len);
asym_op->modinv.base.data = input;
asym_op->modinv.base.length = data_tc->modinv.base.len;
asym_op->modinv.result.data = result;
asym_op->modinv.result.length = data_tc->modinv.result_len;
if (rte_cryptodev_asym_xform_capability_check_modlen(capability,
xform_tc.modinv.modulus.length)) {
snprintf(test_msg, ASYM_TEST_MSG_LEN,
"line %u "
"FAILED: %s", __LINE__,
"Invalid MODULUS length specified");
status = TEST_FAILED;
goto error_exit;
}
break;
case RTE_CRYPTO_ASYM_XFORM_RSA:
result = rte_zmalloc(NULL, data_tc->rsa_data.n.len, 0);
op->asym->rsa.op_type = type;
xform_tc.rsa.e.data = data_tc->rsa_data.e.data;
xform_tc.rsa.e.length = data_tc->rsa_data.e.len;
xform_tc.rsa.n.data = data_tc->rsa_data.n.data;
xform_tc.rsa.n.length = data_tc->rsa_data.n.len;
if (key_type == RTE_RSA_KEY_TYPE_EXP) {
xform_tc.rsa.d.data = data_tc->rsa_data.d.data;
xform_tc.rsa.d.length = data_tc->rsa_data.d.len;
} else {
xform_tc.rsa.qt.p.data = data_tc->rsa_data.p.data;
xform_tc.rsa.qt.p.length = data_tc->rsa_data.p.len;
xform_tc.rsa.qt.q.data = data_tc->rsa_data.q.data;
xform_tc.rsa.qt.q.length = data_tc->rsa_data.q.len;
xform_tc.rsa.qt.dP.data = data_tc->rsa_data.dP.data;
xform_tc.rsa.qt.dP.length = data_tc->rsa_data.dP.len;
xform_tc.rsa.qt.dQ.data = data_tc->rsa_data.dQ.data;
xform_tc.rsa.qt.dQ.length = data_tc->rsa_data.dQ.len;
xform_tc.rsa.qt.qInv.data = data_tc->rsa_data.qInv.data;
xform_tc.rsa.qt.qInv.length = data_tc->rsa_data.qInv.len;
}
xform_tc.rsa.key_type = key_type;
op->asym->rsa.pad = data_tc->rsa_data.padding;
if (op->asym->rsa.op_type == RTE_CRYPTO_ASYM_OP_ENCRYPT) {
asym_op->rsa.message.data = data_tc->rsa_data.pt.data;
asym_op->rsa.message.length = data_tc->rsa_data.pt.len;
asym_op->rsa.cipher.data = result;
asym_op->rsa.cipher.length = data_tc->rsa_data.n.len;
} else if (op->asym->rsa.op_type == RTE_CRYPTO_ASYM_OP_DECRYPT) {
asym_op->rsa.message.data = result;
asym_op->rsa.message.length = data_tc->rsa_data.n.len;
asym_op->rsa.cipher.data = data_tc->rsa_data.ct.data;
asym_op->rsa.cipher.length = data_tc->rsa_data.ct.len;
} else if (op->asym->rsa.op_type == RTE_CRYPTO_ASYM_OP_SIGN) {
asym_op->rsa.sign.data = result;
asym_op->rsa.sign.length = data_tc->rsa_data.n.len;
asym_op->rsa.message.data = data_tc->rsa_data.pt.data;
asym_op->rsa.message.length = data_tc->rsa_data.pt.len;
} else if (op->asym->rsa.op_type == RTE_CRYPTO_ASYM_OP_VERIFY) {
asym_op->rsa.cipher.data = result;
asym_op->rsa.cipher.length = data_tc->rsa_data.n.len;
asym_op->rsa.sign.data = data_tc->rsa_data.sign.data;
asym_op->rsa.sign.length = data_tc->rsa_data.sign.len;
}
break;
case RTE_CRYPTO_ASYM_XFORM_DH:
case RTE_CRYPTO_ASYM_XFORM_DSA:
case RTE_CRYPTO_ASYM_XFORM_NONE:
case RTE_CRYPTO_ASYM_XFORM_UNSPECIFIED:
default:
snprintf(test_msg, ASYM_TEST_MSG_LEN,
"line %u "
"FAILED: %s", __LINE__,
"Invalid ASYM algorithm specified");
status = TEST_FAILED;
goto error_exit;
}
if (!sessionless) {
sess = rte_cryptodev_asym_session_create(ts_params->session_mpool);
if (!sess) {
snprintf(test_msg, ASYM_TEST_MSG_LEN,
"line %u "
"FAILED: %s", __LINE__,
"Session creation failed");
status = TEST_FAILED;
goto error_exit;
}
if (rte_cryptodev_asym_session_init(dev_id, sess, &xform_tc,
ts_params->session_mpool) < 0) {
snprintf(test_msg, ASYM_TEST_MSG_LEN,
"line %u FAILED: %s",
__LINE__, "unabled to config sym session");
status = TEST_FAILED;
goto error_exit;
}
rte_crypto_op_attach_asym_session(op, sess);
} else {
asym_op->xform = &xform_tc;
op->sess_type = RTE_CRYPTO_OP_SESSIONLESS;
}
RTE_LOG(DEBUG, USER1, "Process ASYM operation");
/* Process crypto operation */
if (rte_cryptodev_enqueue_burst(dev_id, 0, &op, 1) != 1) {
snprintf(test_msg, ASYM_TEST_MSG_LEN,
"line %u FAILED: %s",
__LINE__, "Error sending packet for operation");
status = TEST_FAILED;
goto error_exit;
}
while (rte_cryptodev_dequeue_burst(dev_id, 0, &result_op, 1) == 0)
rte_pause();
if (result_op == NULL) {
snprintf(test_msg, ASYM_TEST_MSG_LEN,
"line %u FAILED: %s",
__LINE__, "Failed to process asym crypto op");
status = TEST_FAILED;
goto error_exit;
}
if (test_cryptodev_asym_ver(op, &xform_tc, data_tc, result_op) != TEST_SUCCESS) {
snprintf(test_msg, ASYM_TEST_MSG_LEN,
"line %u FAILED: %s",
__LINE__, "Verification failed ");
status = TEST_FAILED;
goto error_exit;
}
if (!sessionless)
snprintf(test_msg, ASYM_TEST_MSG_LEN, "PASS");
else
snprintf(test_msg, ASYM_TEST_MSG_LEN, "SESSIONLESS PASS");
error_exit:
if (sess != NULL) {
rte_cryptodev_asym_session_clear(dev_id, sess);
rte_cryptodev_asym_session_free(sess);
}
if (op != NULL)
rte_crypto_op_free(op);
if (result != NULL)
rte_free(result);
return status;
}
static int
test_one_case(const void *test_case, int sessionless)
{
int status = TEST_SUCCESS, i = 0;
char test_msg[ASYM_TEST_MSG_LEN + 1];
/* Map the case to union */
union test_case_structure tc;
memcpy(&tc, test_case, sizeof(tc));
if (tc.modex.xform_type == RTE_CRYPTO_ASYM_XFORM_MODEX
|| tc.modex.xform_type == RTE_CRYPTO_ASYM_XFORM_MODINV) {
status = test_cryptodev_asym_op(&testsuite_params, &tc, test_msg,
sessionless, 0, 0);
printf(" %u) TestCase %s %s\n", test_index++,
tc.modex.description, test_msg);
} else {
for (i = 0; i < RTE_CRYPTO_ASYM_OP_LIST_END; i++) {
if (tc.modex.xform_type == RTE_CRYPTO_ASYM_XFORM_RSA) {
if (tc.rsa_data.op_type_flags & (1 << i)) {
if (tc.rsa_data.key_exp) {
status = test_cryptodev_asym_op(
&testsuite_params, &tc,
test_msg, sessionless, i,
RTE_RSA_KEY_TYPE_EXP);
}
if (status)
break;
if (tc.rsa_data.key_qt && (i ==
RTE_CRYPTO_ASYM_OP_DECRYPT ||
i == RTE_CRYPTO_ASYM_OP_SIGN)) {
status = test_cryptodev_asym_op(
&testsuite_params,
&tc, test_msg, sessionless, i,
RTE_RSA_KET_TYPE_QT);
}
if (status)
break;
}
}
}
printf(" %u) TestCase %s %s\n", test_index++,
tc.modex.description, test_msg);
}
return status;
}
static int
load_test_vectors(void)
{
uint32_t i = 0, v_size = 0;
/* Load MODEX vector*/
v_size = RTE_DIM(modex_test_case);
for (i = 0; i < v_size; i++) {
if (test_vector.size >= (TEST_VECTOR_SIZE)) {
RTE_LOG(DEBUG, USER1,
"TEST_VECTOR_SIZE too small\n");
return -1;
}
test_vector.address[test_vector.size] = &modex_test_case[i];
test_vector.size++;
}
/* Load MODINV vector*/
v_size = RTE_DIM(modinv_test_case);
for (i = 0; i < v_size; i++) {
if (test_vector.size >= (TEST_VECTOR_SIZE)) {
RTE_LOG(DEBUG, USER1,
"TEST_VECTOR_SIZE too small\n");
return -1;
}
test_vector.address[test_vector.size] = &modinv_test_case[i];
test_vector.size++;
}
/* Load RSA vector*/
v_size = RTE_DIM(rsa_test_case_list);
for (i = 0; i < v_size; i++) {
if (test_vector.size >= (TEST_VECTOR_SIZE)) {
RTE_LOG(DEBUG, USER1,
"TEST_VECTOR_SIZE too small\n");
return -1;
}
test_vector.address[test_vector.size] = &rsa_test_case_list[i];
test_vector.size++;
}
return 0;
}
static int
test_one_by_one(void)
{
int status = TEST_SUCCESS;
struct crypto_testsuite_params *ts_params = &testsuite_params;
uint32_t i = 0;
uint8_t dev_id = ts_params->valid_devs[0];
struct rte_cryptodev_info dev_info;
int sessionless = 0;
rte_cryptodev_info_get(dev_id, &dev_info);
if ((dev_info.feature_flags &
RTE_CRYPTODEV_FF_ASYM_SESSIONLESS)) {
sessionless = 1;
}
/* Go through all test cases */
test_index = 0;
for (i = 0; i < test_vector.size; i++) {
if (test_one_case(test_vector.address[i], 0) != TEST_SUCCESS)
status = TEST_FAILED;
}
if (sessionless) {
for (i = 0; i < test_vector.size; i++) {
if (test_one_case(test_vector.address[i], 1)
!= TEST_SUCCESS)
status = TEST_FAILED;
}
}
TEST_ASSERT_EQUAL(status, 0, "Test failed");
return status;
}
static int
test_rsa_sign_verify(void)
{
struct crypto_testsuite_params *ts_params = &testsuite_params;
struct rte_mempool *sess_mpool = ts_params->session_mpool;
uint8_t dev_id = ts_params->valid_devs[0];
struct rte_cryptodev_asym_session *sess;
struct rte_cryptodev_info dev_info;
int status = TEST_SUCCESS;
/* Test case supports op with exponent key only,
* Check in PMD feature flag for RSA exponent key type support.
*/
rte_cryptodev_info_get(dev_id, &dev_info);
if (!(dev_info.feature_flags &
RTE_CRYPTODEV_FF_RSA_PRIV_OP_KEY_EXP)) {
RTE_LOG(INFO, USER1, "Device doesn't support sign op with "
"exponent key type. Test Skipped\n");
return -ENOTSUP;
}
sess = rte_cryptodev_asym_session_create(sess_mpool);
if (!sess) {
RTE_LOG(ERR, USER1, "Session creation failed for "
"sign_verify\n");
return TEST_FAILED;
}
if (rte_cryptodev_asym_session_init(dev_id, sess, &rsa_xform,
sess_mpool) < 0) {
RTE_LOG(ERR, USER1, "Unable to config asym session for "
"sign_verify\n");
status = TEST_FAILED;
goto error_exit;
}
status = queue_ops_rsa_sign_verify(sess);
error_exit:
rte_cryptodev_asym_session_clear(dev_id, sess);
rte_cryptodev_asym_session_free(sess);
TEST_ASSERT_EQUAL(status, 0, "Test failed");
return status;
}
static int
test_rsa_enc_dec(void)
{
struct crypto_testsuite_params *ts_params = &testsuite_params;
struct rte_mempool *sess_mpool = ts_params->session_mpool;
uint8_t dev_id = ts_params->valid_devs[0];
struct rte_cryptodev_asym_session *sess;
struct rte_cryptodev_info dev_info;
int status = TEST_SUCCESS;
/* Test case supports op with exponent key only,
* Check in PMD feature flag for RSA exponent key type support.
*/
rte_cryptodev_info_get(dev_id, &dev_info);
if (!(dev_info.feature_flags &
RTE_CRYPTODEV_FF_RSA_PRIV_OP_KEY_EXP)) {
RTE_LOG(INFO, USER1, "Device doesn't support decrypt op with "
"exponent key type. Test skipped\n");
return -ENOTSUP;
}
sess = rte_cryptodev_asym_session_create(sess_mpool);
if (!sess) {
RTE_LOG(ERR, USER1, "Session creation failed for enc_dec\n");
return TEST_FAILED;
}
if (rte_cryptodev_asym_session_init(dev_id, sess, &rsa_xform,
sess_mpool) < 0) {
RTE_LOG(ERR, USER1, "Unable to config asym session for "
"enc_dec\n");
status = TEST_FAILED;
goto error_exit;
}
status = queue_ops_rsa_enc_dec(sess);
error_exit:
rte_cryptodev_asym_session_clear(dev_id, sess);
rte_cryptodev_asym_session_free(sess);
TEST_ASSERT_EQUAL(status, 0, "Test failed");
return status;
}
static int
test_rsa_sign_verify_crt(void)
{
struct crypto_testsuite_params *ts_params = &testsuite_params;
struct rte_mempool *sess_mpool = ts_params->session_mpool;
uint8_t dev_id = ts_params->valid_devs[0];
struct rte_cryptodev_asym_session *sess;
struct rte_cryptodev_info dev_info;
int status = TEST_SUCCESS;
/* Test case supports op with quintuple format key only,
* Check im PMD feature flag for RSA quintuple key type support.
*/
rte_cryptodev_info_get(dev_id, &dev_info);
if (!(dev_info.feature_flags & RTE_CRYPTODEV_FF_RSA_PRIV_OP_KEY_QT)) {
RTE_LOG(INFO, USER1, "Device doesn't support sign op with "
"quintuple key type. Test skipped\n");
return -ENOTSUP;
}
sess = rte_cryptodev_asym_session_create(sess_mpool);
if (!sess) {
RTE_LOG(ERR, USER1, "Session creation failed for "
"sign_verify_crt\n");
status = TEST_FAILED;
return status;
}
if (rte_cryptodev_asym_session_init(dev_id, sess, &rsa_xform_crt,
sess_mpool) < 0) {
RTE_LOG(ERR, USER1, "Unable to config asym session for "
"sign_verify_crt\n");
status = TEST_FAILED;
goto error_exit;
}
status = queue_ops_rsa_sign_verify(sess);
error_exit:
rte_cryptodev_asym_session_clear(dev_id, sess);
rte_cryptodev_asym_session_free(sess);
TEST_ASSERT_EQUAL(status, 0, "Test failed");
return status;
}
static int
test_rsa_enc_dec_crt(void)
{
struct crypto_testsuite_params *ts_params = &testsuite_params;
struct rte_mempool *sess_mpool = ts_params->session_mpool;
uint8_t dev_id = ts_params->valid_devs[0];
struct rte_cryptodev_asym_session *sess;
struct rte_cryptodev_info dev_info;
int status = TEST_SUCCESS;
/* Test case supports op with quintuple format key only,
* Check in PMD feature flag for RSA quintuple key type support.
*/
rte_cryptodev_info_get(dev_id, &dev_info);
if (!(dev_info.feature_flags & RTE_CRYPTODEV_FF_RSA_PRIV_OP_KEY_QT)) {
RTE_LOG(INFO, USER1, "Device doesn't support decrypt op with "
"quintuple key type. Test skipped\n");
return -ENOTSUP;
}
sess = rte_cryptodev_asym_session_create(sess_mpool);
if (!sess) {
RTE_LOG(ERR, USER1, "Session creation failed for "
"enc_dec_crt\n");
return TEST_FAILED;
}
if (rte_cryptodev_asym_session_init(dev_id, sess, &rsa_xform_crt,
sess_mpool) < 0) {
RTE_LOG(ERR, USER1, "Unable to config asym session for "
"enc_dec_crt\n");
status = TEST_FAILED;
goto error_exit;
}
status = queue_ops_rsa_enc_dec(sess);
error_exit:
rte_cryptodev_asym_session_clear(dev_id, sess);
rte_cryptodev_asym_session_free(sess);
TEST_ASSERT_EQUAL(status, 0, "Test failed");
return status;
}
static int
testsuite_setup(void)
{
struct crypto_testsuite_params *ts_params = &testsuite_params;
uint8_t valid_devs[RTE_CRYPTO_MAX_DEVS];
struct rte_cryptodev_info info;
int ret, dev_id = -1;
uint32_t i, nb_devs;
uint16_t qp_id;
memset(ts_params, 0, sizeof(*ts_params));
test_vector.size = 0;
load_test_vectors();
ts_params->op_mpool = rte_crypto_op_pool_create(
"CRYPTO_ASYM_OP_POOL",
RTE_CRYPTO_OP_TYPE_ASYMMETRIC,
TEST_NUM_BUFS, 0,
0,
rte_socket_id());
if (ts_params->op_mpool == NULL) {
RTE_LOG(ERR, USER1, "Can't create ASYM_CRYPTO_OP_POOL\n");
return TEST_FAILED;
}
/* Create an OPENSSL device if required */
if (gbl_driver_id == rte_cryptodev_driver_id_get(
RTE_STR(CRYPTODEV_NAME_OPENSSL_PMD))) {
nb_devs = rte_cryptodev_device_count_by_driver(
rte_cryptodev_driver_id_get(
RTE_STR(CRYPTODEV_NAME_OPENSSL_PMD)));
if (nb_devs < 1) {
ret = rte_vdev_init(
RTE_STR(CRYPTODEV_NAME_OPENSSL_PMD),
NULL);
TEST_ASSERT(ret == 0, "Failed to create "
"instance of pmd : %s",
RTE_STR(CRYPTODEV_NAME_OPENSSL_PMD));
}
}
/* Get list of valid crypto devs */
nb_devs = rte_cryptodev_devices_get(
rte_cryptodev_driver_name_get(gbl_driver_id),
valid_devs, RTE_CRYPTO_MAX_DEVS);
if (nb_devs < 1) {
RTE_LOG(ERR, USER1, "No crypto devices found?\n");
return TEST_FAILED;
}
/*
* Get first valid asymmetric device found in test suite param and
* break
*/
for (i = 0; i < nb_devs ; i++) {
rte_cryptodev_info_get(valid_devs[i], &info);
if (info.feature_flags & RTE_CRYPTODEV_FF_ASYMMETRIC_CRYPTO) {
dev_id = ts_params->valid_devs[0] = valid_devs[i];
break;
}
}
if (dev_id == -1) {
RTE_LOG(ERR, USER1, "Device doesn't support asymmetric. "
"Test skipped.\n");
return TEST_FAILED;
}
/* Set valid device count */
ts_params->valid_dev_count = nb_devs;
/* configure device with num qp */
ts_params->conf.nb_queue_pairs = info.max_nb_queue_pairs;
ts_params->conf.socket_id = SOCKET_ID_ANY;
ts_params->conf.ff_disable = RTE_CRYPTODEV_FF_SECURITY |
RTE_CRYPTODEV_FF_SYMMETRIC_CRYPTO;
TEST_ASSERT_SUCCESS(rte_cryptodev_configure(dev_id,
&ts_params->conf),
"Failed to configure cryptodev %u with %u qps",
dev_id, ts_params->conf.nb_queue_pairs);
/* configure qp */
ts_params->qp_conf.nb_descriptors = DEFAULT_NUM_OPS_INFLIGHT;
ts_params->qp_conf.mp_session = ts_params->session_mpool;
ts_params->qp_conf.mp_session_private = ts_params->session_mpool;
for (qp_id = 0; qp_id < info.max_nb_queue_pairs; qp_id++) {
TEST_ASSERT_SUCCESS(rte_cryptodev_queue_pair_setup(
dev_id, qp_id, &ts_params->qp_conf,
rte_cryptodev_socket_id(dev_id)),
"Failed to setup queue pair %u on cryptodev %u ASYM",
qp_id, dev_id);
}
/* setup asym session pool */
unsigned int session_size =
rte_cryptodev_asym_get_private_session_size(dev_id);
/*
* Create mempool with TEST_NUM_SESSIONS * 2,
* to include the session headers
*/
ts_params->session_mpool = rte_mempool_create(
"test_asym_sess_mp",
TEST_NUM_SESSIONS * 2,
session_size,
0, 0, NULL, NULL, NULL,
NULL, SOCKET_ID_ANY,
0);
TEST_ASSERT_NOT_NULL(ts_params->session_mpool,
"session mempool allocation failed");
return TEST_SUCCESS;
}
static void
testsuite_teardown(void)
{
struct crypto_testsuite_params *ts_params = &testsuite_params;
if (ts_params->op_mpool != NULL) {
RTE_LOG(DEBUG, USER1, "CRYPTO_OP_POOL count %u\n",
rte_mempool_avail_count(ts_params->op_mpool));
}
/* Free session mempools */
if (ts_params->session_mpool != NULL) {
rte_mempool_free(ts_params->session_mpool);
ts_params->session_mpool = NULL;
}
}
static int
ut_setup(void)
{
struct crypto_testsuite_params *ts_params = &testsuite_params;
uint16_t qp_id;
/* Reconfigure device to default parameters */
ts_params->conf.socket_id = SOCKET_ID_ANY;
TEST_ASSERT_SUCCESS(rte_cryptodev_configure(ts_params->valid_devs[0],
&ts_params->conf),
"Failed to configure cryptodev %u",
ts_params->valid_devs[0]);
for (qp_id = 0; qp_id < ts_params->conf.nb_queue_pairs ; qp_id++) {
TEST_ASSERT_SUCCESS(rte_cryptodev_queue_pair_setup(
ts_params->valid_devs[0], qp_id,
&ts_params->qp_conf,
rte_cryptodev_socket_id(ts_params->valid_devs[0])),
"Failed to setup queue pair %u on cryptodev %u",
qp_id, ts_params->valid_devs[0]);
}
rte_cryptodev_stats_reset(ts_params->valid_devs[0]);
/* Start the device */
TEST_ASSERT_SUCCESS(rte_cryptodev_start(ts_params->valid_devs[0]),
"Failed to start cryptodev %u",
ts_params->valid_devs[0]);
return TEST_SUCCESS;
}
static void
ut_teardown(void)
{
struct crypto_testsuite_params *ts_params = &testsuite_params;
struct rte_cryptodev_stats stats;
rte_cryptodev_stats_get(ts_params->valid_devs[0], &stats);
/* Stop the device */
rte_cryptodev_stop(ts_params->valid_devs[0]);
}
static inline void print_asym_capa(
const struct rte_cryptodev_asymmetric_xform_capability *capa)
{
int i = 0;
printf("\nxform type: %s\n===================\n",
rte_crypto_asym_xform_strings[capa->xform_type]);
printf("operation supported -");
for (i = 0; i < RTE_CRYPTO_ASYM_OP_LIST_END; i++) {
/* check supported operations */
if (rte_cryptodev_asym_xform_capability_check_optype(capa, i))
printf(" %s",
rte_crypto_asym_op_strings[i]);
}
switch (capa->xform_type) {
case RTE_CRYPTO_ASYM_XFORM_RSA:
case RTE_CRYPTO_ASYM_XFORM_MODINV:
case RTE_CRYPTO_ASYM_XFORM_MODEX:
case RTE_CRYPTO_ASYM_XFORM_DH:
case RTE_CRYPTO_ASYM_XFORM_DSA:
printf(" modlen: min %d max %d increment %d\n",
capa->modlen.min,
capa->modlen.max,
capa->modlen.increment);
break;
default:
break;
}
}
static int
test_capability(void)
{
struct crypto_testsuite_params *ts_params = &testsuite_params;
uint8_t dev_id = ts_params->valid_devs[0];
struct rte_cryptodev_info dev_info;
const struct rte_cryptodev_capabilities *dev_capa;
int i = 0;
struct rte_cryptodev_asym_capability_idx idx;
const struct rte_cryptodev_asymmetric_xform_capability *capa;
rte_cryptodev_info_get(dev_id, &dev_info);
if (!(dev_info.feature_flags &
RTE_CRYPTODEV_FF_ASYMMETRIC_CRYPTO)) {
RTE_LOG(INFO, USER1,
"Device doesn't support asymmetric. Test Skipped\n");
return TEST_SUCCESS;
}
/* print xform capability */
for (i = 0;
dev_info.capabilities[i].op != RTE_CRYPTO_OP_TYPE_UNDEFINED;
i++) {
dev_capa = &(dev_info.capabilities[i]);
if (dev_info.capabilities[i].op ==
RTE_CRYPTO_OP_TYPE_ASYMMETRIC) {
idx.type = dev_capa->asym.xform_capa.xform_type;
capa = rte_cryptodev_asym_capability_get(dev_id,
(const struct
rte_cryptodev_asym_capability_idx *) &idx);
print_asym_capa(capa);
}
}
return TEST_SUCCESS;
}
static int
test_dh_gen_shared_sec(struct rte_crypto_asym_xform *xfrm)
{
struct crypto_testsuite_params *ts_params = &testsuite_params;
struct rte_mempool *op_mpool = ts_params->op_mpool;
struct rte_mempool *sess_mpool = ts_params->session_mpool;
uint8_t dev_id = ts_params->valid_devs[0];
struct rte_crypto_asym_op *asym_op = NULL;
struct rte_crypto_op *op = NULL, *result_op = NULL;
struct rte_cryptodev_asym_session *sess = NULL;
int status = TEST_SUCCESS;
uint8_t output[TEST_DH_MOD_LEN];
struct rte_crypto_asym_xform xform = *xfrm;
uint8_t peer[] = "01234567890123456789012345678901234567890123456789";
sess = rte_cryptodev_asym_session_create(sess_mpool);
if (sess == NULL) {
RTE_LOG(ERR, USER1,
"line %u FAILED: %s", __LINE__,
"Session creation failed");
status = TEST_FAILED;
goto error_exit;
}
/* set up crypto op data structure */
op = rte_crypto_op_alloc(op_mpool, RTE_CRYPTO_OP_TYPE_ASYMMETRIC);
if (!op) {
RTE_LOG(ERR, USER1,
"line %u FAILED: %s",
__LINE__, "Failed to allocate asymmetric crypto "
"operation struct");
status = TEST_FAILED;
goto error_exit;
}
asym_op = op->asym;
/* Setup a xform and op to generate private key only */
xform.dh.type = RTE_CRYPTO_ASYM_OP_SHARED_SECRET_COMPUTE;
xform.next = NULL;
asym_op->dh.priv_key.data = dh_test_params.priv_key.data;
asym_op->dh.priv_key.length = dh_test_params.priv_key.length;
asym_op->dh.pub_key.data = (uint8_t *)peer;
asym_op->dh.pub_key.length = sizeof(peer);
asym_op->dh.shared_secret.data = output;
asym_op->dh.shared_secret.length = sizeof(output);
if (rte_cryptodev_asym_session_init(dev_id, sess, &xform,
sess_mpool) < 0) {
RTE_LOG(ERR, USER1,
"line %u FAILED: %s",
__LINE__, "unabled to config sym session");
status = TEST_FAILED;
goto error_exit;
}
/* attach asymmetric crypto session to crypto operations */
rte_crypto_op_attach_asym_session(op, sess);
RTE_LOG(DEBUG, USER1, "Process ASYM operation");
/* Process crypto operation */
if (rte_cryptodev_enqueue_burst(dev_id, 0, &op, 1) != 1) {
RTE_LOG(ERR, USER1,
"line %u FAILED: %s",
__LINE__, "Error sending packet for operation");
status = TEST_FAILED;
goto error_exit;
}
while (rte_cryptodev_dequeue_burst(dev_id, 0, &result_op, 1) == 0)
rte_pause();
if (result_op == NULL) {
RTE_LOG(ERR, USER1,
"line %u FAILED: %s",
__LINE__, "Failed to process asym crypto op");
status = TEST_FAILED;
goto error_exit;
}
debug_hexdump(stdout, "shared secret:",
asym_op->dh.shared_secret.data,
asym_op->dh.shared_secret.length);
error_exit:
if (sess != NULL) {
rte_cryptodev_asym_session_clear(dev_id, sess);
rte_cryptodev_asym_session_free(sess);
}
if (op != NULL)
rte_crypto_op_free(op);
return status;
}
static int
test_dh_gen_priv_key(struct rte_crypto_asym_xform *xfrm)
{
struct crypto_testsuite_params *ts_params = &testsuite_params;
struct rte_mempool *op_mpool = ts_params->op_mpool;
struct rte_mempool *sess_mpool = ts_params->session_mpool;
uint8_t dev_id = ts_params->valid_devs[0];
struct rte_crypto_asym_op *asym_op = NULL;
struct rte_crypto_op *op = NULL, *result_op = NULL;
struct rte_cryptodev_asym_session *sess = NULL;
int status = TEST_SUCCESS;
uint8_t output[TEST_DH_MOD_LEN];
struct rte_crypto_asym_xform xform = *xfrm;
sess = rte_cryptodev_asym_session_create(sess_mpool);
if (sess == NULL) {
RTE_LOG(ERR, USER1,
"line %u FAILED: %s", __LINE__,
"Session creation failed");
status = TEST_FAILED;
goto error_exit;
}
/* set up crypto op data structure */
op = rte_crypto_op_alloc(op_mpool, RTE_CRYPTO_OP_TYPE_ASYMMETRIC);
if (!op) {
RTE_LOG(ERR, USER1,
"line %u FAILED: %s",
__LINE__, "Failed to allocate asymmetric crypto "
"operation struct");
status = TEST_FAILED;
goto error_exit;
}
asym_op = op->asym;
/* Setup a xform and op to generate private key only */
xform.dh.type = RTE_CRYPTO_ASYM_OP_PRIVATE_KEY_GENERATE;
xform.next = NULL;
asym_op->dh.priv_key.data = output;
asym_op->dh.priv_key.length = sizeof(output);
if (rte_cryptodev_asym_session_init(dev_id, sess, &xform,
sess_mpool) < 0) {
RTE_LOG(ERR, USER1,
"line %u FAILED: %s",
__LINE__, "unabled to config sym session");
status = TEST_FAILED;
goto error_exit;
}
/* attach asymmetric crypto session to crypto operations */
rte_crypto_op_attach_asym_session(op, sess);
RTE_LOG(DEBUG, USER1, "Process ASYM operation");
/* Process crypto operation */
if (rte_cryptodev_enqueue_burst(dev_id, 0, &op, 1) != 1) {
RTE_LOG(ERR, USER1,
"line %u FAILED: %s",
__LINE__, "Error sending packet for operation");
status = TEST_FAILED;
goto error_exit;
}
while (rte_cryptodev_dequeue_burst(dev_id, 0, &result_op, 1) == 0)
rte_pause();
if (result_op == NULL) {
RTE_LOG(ERR, USER1,
"line %u FAILED: %s",
__LINE__, "Failed to process asym crypto op");
status = TEST_FAILED;
goto error_exit;
}
debug_hexdump(stdout, "private key:",
asym_op->dh.priv_key.data,
asym_op->dh.priv_key.length);
error_exit:
if (sess != NULL) {
rte_cryptodev_asym_session_clear(dev_id, sess);
rte_cryptodev_asym_session_free(sess);
}
if (op != NULL)
rte_crypto_op_free(op);
return status;
}
static int
test_dh_gen_pub_key(struct rte_crypto_asym_xform *xfrm)
{
struct crypto_testsuite_params *ts_params = &testsuite_params;
struct rte_mempool *op_mpool = ts_params->op_mpool;
struct rte_mempool *sess_mpool = ts_params->session_mpool;
uint8_t dev_id = ts_params->valid_devs[0];
struct rte_crypto_asym_op *asym_op = NULL;
struct rte_crypto_op *op = NULL, *result_op = NULL;
struct rte_cryptodev_asym_session *sess = NULL;
int status = TEST_SUCCESS;
uint8_t output[TEST_DH_MOD_LEN];
struct rte_crypto_asym_xform xform = *xfrm;
sess = rte_cryptodev_asym_session_create(sess_mpool);
if (sess == NULL) {
RTE_LOG(ERR, USER1,
"line %u FAILED: %s", __LINE__,
"Session creation failed");
status = TEST_FAILED;
goto error_exit;
}
/* set up crypto op data structure */
op = rte_crypto_op_alloc(op_mpool, RTE_CRYPTO_OP_TYPE_ASYMMETRIC);
if (!op) {
RTE_LOG(ERR, USER1,
"line %u FAILED: %s",
__LINE__, "Failed to allocate asymmetric crypto "
"operation struct");
status = TEST_FAILED;
goto error_exit;
}
asym_op = op->asym;
/* Setup a xform chain to generate public key
* using test private key
*
*/
xform.dh.type = RTE_CRYPTO_ASYM_OP_PUBLIC_KEY_GENERATE;
xform.next = NULL;
asym_op->dh.pub_key.data = output;
asym_op->dh.pub_key.length = sizeof(output);
/* load pre-defined private key */
asym_op->dh.priv_key.data = rte_malloc(NULL,
dh_test_params.priv_key.length,
0);
asym_op->dh.priv_key = dh_test_params.priv_key;
if (rte_cryptodev_asym_session_init(dev_id, sess, &xform,
sess_mpool) < 0) {
RTE_LOG(ERR, USER1,
"line %u FAILED: %s",
__LINE__, "unabled to config sym session");
status = TEST_FAILED;
goto error_exit;
}
/* attach asymmetric crypto session to crypto operations */
rte_crypto_op_attach_asym_session(op, sess);
RTE_LOG(DEBUG, USER1, "Process ASYM operation");
/* Process crypto operation */
if (rte_cryptodev_enqueue_burst(dev_id, 0, &op, 1) != 1) {
RTE_LOG(ERR, USER1,
"line %u FAILED: %s",
__LINE__, "Error sending packet for operation");
status = TEST_FAILED;
goto error_exit;
}
while (rte_cryptodev_dequeue_burst(dev_id, 0, &result_op, 1) == 0)
rte_pause();
if (result_op == NULL) {
RTE_LOG(ERR, USER1,
"line %u FAILED: %s",
__LINE__, "Failed to process asym crypto op");
status = TEST_FAILED;
goto error_exit;
}
debug_hexdump(stdout, "pub key:",
asym_op->dh.pub_key.data, asym_op->dh.pub_key.length);
debug_hexdump(stdout, "priv key:",
asym_op->dh.priv_key.data, asym_op->dh.priv_key.length);
error_exit:
if (sess != NULL) {
rte_cryptodev_asym_session_clear(dev_id, sess);
rte_cryptodev_asym_session_free(sess);
}
if (op != NULL)
rte_crypto_op_free(op);
return status;
}
static int
test_dh_gen_kp(struct rte_crypto_asym_xform *xfrm)
{
struct crypto_testsuite_params *ts_params = &testsuite_params;
struct rte_mempool *op_mpool = ts_params->op_mpool;
struct rte_mempool *sess_mpool = ts_params->session_mpool;
uint8_t dev_id = ts_params->valid_devs[0];
struct rte_crypto_asym_op *asym_op = NULL;
struct rte_crypto_op *op = NULL, *result_op = NULL;
struct rte_cryptodev_asym_session *sess = NULL;
int status = TEST_SUCCESS;
uint8_t out_pub_key[TEST_DH_MOD_LEN];
uint8_t out_prv_key[TEST_DH_MOD_LEN];
struct rte_crypto_asym_xform pub_key_xform;
struct rte_crypto_asym_xform xform = *xfrm;
sess = rte_cryptodev_asym_session_create(sess_mpool);
if (sess == NULL) {
RTE_LOG(ERR, USER1,
"line %u FAILED: %s", __LINE__,
"Session creation failed");
status = TEST_FAILED;
goto error_exit;
}
/* set up crypto op data structure */
op = rte_crypto_op_alloc(op_mpool, RTE_CRYPTO_OP_TYPE_ASYMMETRIC);
if (!op) {
RTE_LOG(ERR, USER1,
"line %u FAILED: %s",
__LINE__, "Failed to allocate asymmetric crypto "
"operation struct");
status = TEST_FAILED;
goto error_exit;
}
asym_op = op->asym;
/* Setup a xform chain to generate
* private key first followed by
* public key
*/xform.dh.type = RTE_CRYPTO_ASYM_OP_PRIVATE_KEY_GENERATE;
pub_key_xform.xform_type = RTE_CRYPTO_ASYM_XFORM_DH;
pub_key_xform.dh.type = RTE_CRYPTO_ASYM_OP_PUBLIC_KEY_GENERATE;
xform.next = &pub_key_xform;
asym_op->dh.pub_key.data = out_pub_key;
asym_op->dh.pub_key.length = sizeof(out_pub_key);
asym_op->dh.priv_key.data = out_prv_key;
asym_op->dh.priv_key.length = sizeof(out_prv_key);
if (rte_cryptodev_asym_session_init(dev_id, sess, &xform,
sess_mpool) < 0) {
RTE_LOG(ERR, USER1,
"line %u FAILED: %s",
__LINE__, "unabled to config sym session");
status = TEST_FAILED;
goto error_exit;
}
/* attach asymmetric crypto session to crypto operations */
rte_crypto_op_attach_asym_session(op, sess);
RTE_LOG(DEBUG, USER1, "Process ASYM operation");
/* Process crypto operation */
if (rte_cryptodev_enqueue_burst(dev_id, 0, &op, 1) != 1) {
RTE_LOG(ERR, USER1,
"line %u FAILED: %s",
__LINE__, "Error sending packet for operation");
status = TEST_FAILED;
goto error_exit;
}
while (rte_cryptodev_dequeue_burst(dev_id, 0, &result_op, 1) == 0)
rte_pause();
if (result_op == NULL) {
RTE_LOG(ERR, USER1,
"line %u FAILED: %s",
__LINE__, "Failed to process asym crypto op");
status = TEST_FAILED;
goto error_exit;
}
debug_hexdump(stdout, "priv key:",
out_prv_key, asym_op->dh.priv_key.length);
debug_hexdump(stdout, "pub key:",
out_pub_key, asym_op->dh.pub_key.length);
error_exit:
if (sess != NULL) {
rte_cryptodev_asym_session_clear(dev_id, sess);
rte_cryptodev_asym_session_free(sess);
}
if (op != NULL)
rte_crypto_op_free(op);
return status;
}
static int
test_mod_inv(void)
{
struct crypto_testsuite_params *ts_params = &testsuite_params;
struct rte_mempool *op_mpool = ts_params->op_mpool;
struct rte_mempool *sess_mpool = ts_params->session_mpool;
uint8_t dev_id = ts_params->valid_devs[0];
struct rte_crypto_asym_op *asym_op = NULL;
struct rte_crypto_op *op = NULL, *result_op = NULL;
struct rte_cryptodev_asym_session *sess = NULL;
int status = TEST_SUCCESS;
struct rte_cryptodev_asym_capability_idx cap_idx;
const struct rte_cryptodev_asymmetric_xform_capability *capability;
uint8_t input[TEST_DATA_SIZE] = {0};
int ret = 0;
uint8_t result[sizeof(mod_p)] = { 0 };
if (rte_cryptodev_asym_get_xform_enum(
&modinv_xform.xform_type, "modinv") < 0) {
RTE_LOG(ERR, USER1,
"Invalid ASYM algorithm specified\n");
return -1;
}
cap_idx.type = modinv_xform.xform_type;
capability = rte_cryptodev_asym_capability_get(dev_id,
&cap_idx);
if (capability == NULL) {
RTE_LOG(INFO, USER1,
"Device doesn't support MOD INV. Test Skipped\n");
return -ENOTSUP;
}
if (rte_cryptodev_asym_xform_capability_check_modlen(
capability,
modinv_xform.modinv.modulus.length)) {
RTE_LOG(ERR, USER1,
"Invalid MODULUS length specified\n");
return -ENOTSUP;
}
sess = rte_cryptodev_asym_session_create(sess_mpool);
if (!sess) {
RTE_LOG(ERR, USER1, "line %u "
"FAILED: %s", __LINE__,
"Session creation failed");
status = TEST_FAILED;
goto error_exit;
}
if (rte_cryptodev_asym_session_init(dev_id, sess, &modinv_xform,
sess_mpool) < 0) {
RTE_LOG(ERR, USER1,
"line %u FAILED: %s",
__LINE__, "unabled to config sym session");
status = TEST_FAILED;
goto error_exit;
}
/* generate crypto op data structure */
op = rte_crypto_op_alloc(op_mpool, RTE_CRYPTO_OP_TYPE_ASYMMETRIC);
if (!op) {
RTE_LOG(ERR, USER1,
"line %u FAILED: %s",
__LINE__, "Failed to allocate asymmetric crypto "
"operation struct");
status = TEST_FAILED;
goto error_exit;
}
asym_op = op->asym;
memcpy(input, base, sizeof(base));
asym_op->modinv.base.data = input;
asym_op->modinv.base.length = sizeof(base);
asym_op->modinv.result.data = result;
asym_op->modinv.result.length = sizeof(result);
/* attach asymmetric crypto session to crypto operations */
rte_crypto_op_attach_asym_session(op, sess);
RTE_LOG(DEBUG, USER1, "Process ASYM operation");
/* Process crypto operation */
if (rte_cryptodev_enqueue_burst(dev_id, 0, &op, 1) != 1) {
RTE_LOG(ERR, USER1,
"line %u FAILED: %s",
__LINE__, "Error sending packet for operation");
status = TEST_FAILED;
goto error_exit;
}
while (rte_cryptodev_dequeue_burst(dev_id, 0, &result_op, 1) == 0)
rte_pause();
if (result_op == NULL) {
RTE_LOG(ERR, USER1,
"line %u FAILED: %s",
__LINE__, "Failed to process asym crypto op");
status = TEST_FAILED;
goto error_exit;
}
ret = verify_modinv(mod_inv, result_op);
if (ret) {
RTE_LOG(ERR, USER1,
"operation verification failed\n");
status = TEST_FAILED;
}
error_exit:
if (sess) {
rte_cryptodev_asym_session_clear(dev_id, sess);
rte_cryptodev_asym_session_free(sess);
}
if (op)
rte_crypto_op_free(op);
TEST_ASSERT_EQUAL(status, 0, "Test failed");
return status;
}
static int
test_mod_exp(void)
{
struct crypto_testsuite_params *ts_params = &testsuite_params;
struct rte_mempool *op_mpool = ts_params->op_mpool;
struct rte_mempool *sess_mpool = ts_params->session_mpool;
uint8_t dev_id = ts_params->valid_devs[0];
struct rte_crypto_asym_op *asym_op = NULL;
struct rte_crypto_op *op = NULL, *result_op = NULL;
struct rte_cryptodev_asym_session *sess = NULL;
int status = TEST_SUCCESS;
struct rte_cryptodev_asym_capability_idx cap_idx;
const struct rte_cryptodev_asymmetric_xform_capability *capability;
uint8_t input[TEST_DATA_SIZE] = {0};
int ret = 0;
uint8_t result[sizeof(mod_p)] = { 0 };
if (rte_cryptodev_asym_get_xform_enum(&modex_xform.xform_type,
"modexp")
< 0) {
RTE_LOG(ERR, USER1,
"Invalid ASYM algorithm specified\n");
return -1;
}
/* check for modlen capability */
cap_idx.type = modex_xform.xform_type;
capability = rte_cryptodev_asym_capability_get(dev_id, &cap_idx);
if (capability == NULL) {
RTE_LOG(INFO, USER1,
"Device doesn't support MOD EXP. Test Skipped\n");
return -ENOTSUP;
}
if (rte_cryptodev_asym_xform_capability_check_modlen(
capability, modex_xform.modex.modulus.length)) {
RTE_LOG(ERR, USER1,
"Invalid MODULUS length specified\n");
return -ENOTSUP;
}
/* generate crypto op data structure */
op = rte_crypto_op_alloc(op_mpool, RTE_CRYPTO_OP_TYPE_ASYMMETRIC);
if (!op) {
RTE_LOG(ERR, USER1,
"line %u FAILED: %s",
__LINE__, "Failed to allocate asymmetric crypto "
"operation struct");
status = TEST_FAILED;
goto error_exit;
}
sess = rte_cryptodev_asym_session_create(sess_mpool);
if (!sess) {
RTE_LOG(ERR, USER1,
"line %u "
"FAILED: %s", __LINE__,
"Session creation failed");
status = TEST_FAILED;
goto error_exit;
}
if (rte_cryptodev_asym_session_init(dev_id, sess, &modex_xform,
sess_mpool) < 0) {
RTE_LOG(ERR, USER1,
"line %u FAILED: %s",
__LINE__, "unabled to config sym session");
status = TEST_FAILED;
goto error_exit;
}
asym_op = op->asym;
memcpy(input, base, sizeof(base));
asym_op->modex.base.data = input;
asym_op->modex.base.length = sizeof(base);
asym_op->modex.result.data = result;
asym_op->modex.result.length = sizeof(result);
/* attach asymmetric crypto session to crypto operations */
rte_crypto_op_attach_asym_session(op, sess);
RTE_LOG(DEBUG, USER1, "Process ASYM operation");
/* Process crypto operation */
if (rte_cryptodev_enqueue_burst(dev_id, 0, &op, 1) != 1) {
RTE_LOG(ERR, USER1,
"line %u FAILED: %s",
__LINE__, "Error sending packet for operation");
status = TEST_FAILED;
goto error_exit;
}
while (rte_cryptodev_dequeue_burst(dev_id, 0, &result_op, 1) == 0)
rte_pause();
if (result_op == NULL) {
RTE_LOG(ERR, USER1,
"line %u FAILED: %s",
__LINE__, "Failed to process asym crypto op");
status = TEST_FAILED;
goto error_exit;
}
ret = verify_modexp(mod_exp, result_op);
if (ret) {
RTE_LOG(ERR, USER1,
"operation verification failed\n");
status = TEST_FAILED;
}
error_exit:
if (sess != NULL) {
rte_cryptodev_asym_session_clear(dev_id, sess);
rte_cryptodev_asym_session_free(sess);
}
if (op != NULL)
rte_crypto_op_free(op);
TEST_ASSERT_EQUAL(status, 0, "Test failed");
return status;
}
static int
test_dh_keygenration(void)
{
int status;
debug_hexdump(stdout, "p:", dh_xform.dh.p.data, dh_xform.dh.p.length);
debug_hexdump(stdout, "g:", dh_xform.dh.g.data, dh_xform.dh.g.length);
debug_hexdump(stdout, "priv_key:", dh_test_params.priv_key.data,
dh_test_params.priv_key.length);
RTE_LOG(INFO, USER1,
"Test Public and Private key pair generation\n");
status = test_dh_gen_kp(&dh_xform);
TEST_ASSERT_EQUAL(status, 0, "Test failed");
RTE_LOG(INFO, USER1,
"Test Public Key Generation using pre-defined priv key\n");
status = test_dh_gen_pub_key(&dh_xform);
TEST_ASSERT_EQUAL(status, 0, "Test failed");
RTE_LOG(INFO, USER1,
"Test Private Key Generation only\n");
status = test_dh_gen_priv_key(&dh_xform);
TEST_ASSERT_EQUAL(status, 0, "Test failed");
RTE_LOG(INFO, USER1,
"Test shared secret compute\n");
status = test_dh_gen_shared_sec(&dh_xform);
TEST_ASSERT_EQUAL(status, 0, "Test failed");
return status;
}
static int
test_dsa_sign(void)
{
struct crypto_testsuite_params *ts_params = &testsuite_params;
struct rte_mempool *op_mpool = ts_params->op_mpool;
struct rte_mempool *sess_mpool = ts_params->session_mpool;
uint8_t dev_id = ts_params->valid_devs[0];
struct rte_crypto_asym_op *asym_op = NULL;
struct rte_crypto_op *op = NULL, *result_op = NULL;
struct rte_cryptodev_asym_session *sess = NULL;
int status = TEST_SUCCESS;
uint8_t r[TEST_DH_MOD_LEN];
uint8_t s[TEST_DH_MOD_LEN];
uint8_t dgst[] = "35d81554afaad2cf18f3a1770d5fedc4ea5be344";
sess = rte_cryptodev_asym_session_create(sess_mpool);
if (sess == NULL) {
RTE_LOG(ERR, USER1,
"line %u FAILED: %s", __LINE__,
"Session creation failed");
status = TEST_FAILED;
goto error_exit;
}
/* set up crypto op data structure */
op = rte_crypto_op_alloc(op_mpool, RTE_CRYPTO_OP_TYPE_ASYMMETRIC);
if (!op) {
RTE_LOG(ERR, USER1,
"line %u FAILED: %s",
__LINE__, "Failed to allocate asymmetric crypto "
"operation struct");
status = TEST_FAILED;
goto error_exit;
}
asym_op = op->asym;
debug_hexdump(stdout, "p: ", dsa_xform.dsa.p.data,
dsa_xform.dsa.p.length);
debug_hexdump(stdout, "q: ", dsa_xform.dsa.q.data,
dsa_xform.dsa.q.length);
debug_hexdump(stdout, "g: ", dsa_xform.dsa.g.data,
dsa_xform.dsa.g.length);
debug_hexdump(stdout, "priv_key: ", dsa_xform.dsa.x.data,
dsa_xform.dsa.x.length);
if (rte_cryptodev_asym_session_init(dev_id, sess, &dsa_xform,
sess_mpool) < 0) {
RTE_LOG(ERR, USER1,
"line %u FAILED: %s",
__LINE__, "unabled to config sym session");
status = TEST_FAILED;
goto error_exit;
}
/* attach asymmetric crypto session to crypto operations */
rte_crypto_op_attach_asym_session(op, sess);
asym_op->dsa.op_type = RTE_CRYPTO_ASYM_OP_SIGN;
asym_op->dsa.message.data = dgst;
asym_op->dsa.message.length = sizeof(dgst);
asym_op->dsa.r.length = sizeof(r);
asym_op->dsa.r.data = r;
asym_op->dsa.s.length = sizeof(s);
asym_op->dsa.s.data = s;
RTE_LOG(DEBUG, USER1, "Process ASYM operation");
/* Process crypto operation */
if (rte_cryptodev_enqueue_burst(dev_id, 0, &op, 1) != 1) {
RTE_LOG(ERR, USER1,
"line %u FAILED: %s",
__LINE__, "Error sending packet for operation");
status = TEST_FAILED;
goto error_exit;
}
while (rte_cryptodev_dequeue_burst(dev_id, 0, &result_op, 1) == 0)
rte_pause();
if (result_op == NULL) {
RTE_LOG(ERR, USER1,
"line %u FAILED: %s",
__LINE__, "Failed to process asym crypto op");
status = TEST_FAILED;
goto error_exit;
}
asym_op = result_op->asym;
debug_hexdump(stdout, "r:",
asym_op->dsa.r.data, asym_op->dsa.r.length);
debug_hexdump(stdout, "s:",
asym_op->dsa.s.data, asym_op->dsa.s.length);
/* Test PMD DSA sign verification using signer public key */
asym_op->dsa.op_type = RTE_CRYPTO_ASYM_OP_VERIFY;
/* copy signer public key */
asym_op->dsa.y.data = dsa_test_params.y.data;
asym_op->dsa.y.length = dsa_test_params.y.length;
/* Process crypto operation */
if (rte_cryptodev_enqueue_burst(dev_id, 0, &op, 1) != 1) {
RTE_LOG(ERR, USER1,
"line %u FAILED: %s",
__LINE__, "Error sending packet for operation");
status = TEST_FAILED;
goto error_exit;
}
while (rte_cryptodev_dequeue_burst(dev_id, 0, &result_op, 1) == 0)
rte_pause();
if (result_op == NULL) {
RTE_LOG(ERR, USER1,
"line %u FAILED: %s",
__LINE__, "Failed to process asym crypto op");
status = TEST_FAILED;
goto error_exit;
}
if (result_op->status != RTE_CRYPTO_OP_STATUS_SUCCESS) {
RTE_LOG(ERR, USER1,
"line %u FAILED: %s",
__LINE__, "Failed to process asym crypto op");
status = TEST_FAILED;
}
error_exit:
if (sess != NULL) {
rte_cryptodev_asym_session_clear(dev_id, sess);
rte_cryptodev_asym_session_free(sess);
}
if (op != NULL)
rte_crypto_op_free(op);
return status;
}
static int
test_dsa(void)
{
int status;
status = test_dsa_sign();
TEST_ASSERT_EQUAL(status, 0, "Test failed");
return status;
}
static struct unit_test_suite cryptodev_openssl_asym_testsuite = {
.suite_name = "Crypto Device OPENSSL ASYM Unit Test Suite",
.setup = testsuite_setup,
.teardown = testsuite_teardown,
.unit_test_cases = {
TEST_CASE_ST(ut_setup, ut_teardown, test_capability),
TEST_CASE_ST(ut_setup, ut_teardown, test_dsa),
TEST_CASE_ST(ut_setup, ut_teardown, test_dh_keygenration),
TEST_CASE_ST(ut_setup, ut_teardown, test_rsa_enc_dec),
TEST_CASE_ST(ut_setup, ut_teardown, test_rsa_sign_verify),
TEST_CASE_ST(ut_setup, ut_teardown, test_rsa_enc_dec_crt),
TEST_CASE_ST(ut_setup, ut_teardown, test_rsa_sign_verify_crt),
TEST_CASE_ST(ut_setup, ut_teardown, test_mod_inv),
TEST_CASE_ST(ut_setup, ut_teardown, test_mod_exp),
TEST_CASE_ST(ut_setup, ut_teardown, test_one_by_one),
TEST_CASES_END() /**< NULL terminate unit test array */
}
};
static struct unit_test_suite cryptodev_qat_asym_testsuite = {
.suite_name = "Crypto Device QAT ASYM Unit Test Suite",
.setup = testsuite_setup,
.teardown = testsuite_teardown,
.unit_test_cases = {
TEST_CASE_ST(ut_setup, ut_teardown, test_one_by_one),
TEST_CASES_END() /**< NULL terminate unit test array */
}
};
static struct unit_test_suite cryptodev_octeontx_asym_testsuite = {
.suite_name = "Crypto Device OCTEONTX ASYM Unit Test Suite",
.setup = testsuite_setup,
.teardown = testsuite_teardown,
.unit_test_cases = {
TEST_CASE_ST(ut_setup, ut_teardown, test_capability),
TEST_CASE_ST(ut_setup, ut_teardown, test_rsa_enc_dec_crt),
TEST_CASE_ST(ut_setup, ut_teardown, test_rsa_sign_verify_crt),
TEST_CASE_ST(ut_setup, ut_teardown, test_mod_exp),
TEST_CASES_END() /**< NULL terminate unit test array */
}
};
static int
test_cryptodev_openssl_asym(void)
{
gbl_driver_id = rte_cryptodev_driver_id_get(
RTE_STR(CRYPTODEV_NAME_OPENSSL_PMD));
if (gbl_driver_id == -1) {
RTE_LOG(ERR, USER1, "OPENSSL PMD must be loaded. Check if "
"CONFIG_RTE_LIBRTE_PMD_OPENSSL is enabled "
"in config file to run this testsuite.\n");
return TEST_FAILED;
}
return unit_test_suite_runner(&cryptodev_openssl_asym_testsuite);
}
static int
test_cryptodev_qat_asym(void)
{
gbl_driver_id = rte_cryptodev_driver_id_get(
RTE_STR(CRYPTODEV_NAME_QAT_ASYM_PMD));
if (gbl_driver_id == -1) {
RTE_LOG(ERR, USER1, "QAT PMD must be loaded. Check if "
"CONFIG_RTE_LIBRTE_PMD_QAT_ASYM is enabled "
"in config file to run this testsuite.\n");
return TEST_FAILED;
}
return unit_test_suite_runner(&cryptodev_qat_asym_testsuite);
}
static int
test_cryptodev_octeontx_asym(void)
{
gbl_driver_id = rte_cryptodev_driver_id_get(
RTE_STR(CRYPTODEV_NAME_OCTEONTX_SYM_PMD));
if (gbl_driver_id == -1) {
RTE_LOG(ERR, USER1, "OCTEONTX PMD must be loaded. Check if "
"CONFIG_RTE_LIBRTE_PMD_OCTEONTX_CRYPTO is "
"enabled in config file to run this "
"testsuite.\n");
return TEST_FAILED;
}
return unit_test_suite_runner(&cryptodev_octeontx_asym_testsuite);
}
static int
test_cryptodev_octeontx2_asym(void)
{
gbl_driver_id = rte_cryptodev_driver_id_get(
RTE_STR(CRYPTODEV_NAME_OCTEONTX2_PMD));
if (gbl_driver_id == -1) {
RTE_LOG(ERR, USER1, "OCTEONTX2 PMD must be loaded. Check if "
"CONFIG_RTE_LIBRTE_PMD_OCTEONTX2_CRYPTO is "
"enabled in config file to run this "
"testsuite.\n");
return TEST_FAILED;
}
/* Use test suite registered for crypto_octeontx PMD */
return unit_test_suite_runner(&cryptodev_octeontx_asym_testsuite);
}
REGISTER_TEST_COMMAND(cryptodev_openssl_asym_autotest,
test_cryptodev_openssl_asym);
REGISTER_TEST_COMMAND(cryptodev_qat_asym_autotest, test_cryptodev_qat_asym);
REGISTER_TEST_COMMAND(cryptodev_octeontx_asym_autotest,
test_cryptodev_octeontx_asym);
REGISTER_TEST_COMMAND(cryptodev_octeontx2_asym_autotest,
test_cryptodev_octeontx2_asym);