test/crypto: add RSA and Mod tests
authorSunila Sahu <sunila.sahu@caviumnetworks.com>
Tue, 10 Jul 2018 16:01:30 +0000 (21:31 +0530)
committerPablo de Lara <pablo.de.lara.guarch@intel.com>
Wed, 11 Jul 2018 01:57:25 +0000 (03:57 +0200)
Test application include test case for :
- RSA encrypt, decrypt, sign and verify
- Modular Inversion and Exponentiation

Test cases uses predefined test vectors.

Signed-off-by: Sunila Sahu <sunila.sahu@caviumnetworks.com>
Signed-off-by: Shally Verma <shally.verma@caviumnetworks.com>
Signed-off-by: Ashish Gupta <ashish.gupta@caviumnetworks.com>
Signed-off-by: Umesh Kartha <umesh.kartha@caviumnetworks.com>
Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
test/test/Makefile
test/test/meson.build
test/test/test_cryptodev_asym.c [new file with mode: 0644]
test/test/test_cryptodev_asym_util.h [new file with mode: 0644]
test/test/test_cryptodev_mod_test_vectors.h [new file with mode: 0644]
test/test/test_cryptodev_rsa_test_vectors.h [new file with mode: 0644]

index eccc8ef..d6fb88f 100644 (file)
@@ -179,6 +179,7 @@ SRCS-$(CONFIG_RTE_LIBRTE_PMD_RING) += test_pmd_ring_perf.c
 
 SRCS-$(CONFIG_RTE_LIBRTE_CRYPTODEV) += test_cryptodev_blockcipher.c
 SRCS-$(CONFIG_RTE_LIBRTE_CRYPTODEV) += test_cryptodev.c
+SRCS-$(CONFIG_RTE_LIBRTE_CRYPTODEV) += test_cryptodev_asym.c
 
 ifeq ($(CONFIG_RTE_COMPRESSDEV_TEST),y)
 SRCS-$(CONFIG_RTE_LIBRTE_COMPRESSDEV) += test_compressdev.c
index a907fd2..263cc1c 100644 (file)
@@ -22,6 +22,7 @@ test_sources = files('commands.c',
        'test_cpuflags.c',
        'test_crc.c',
        'test_cryptodev.c',
+       'test_cryptodev_asym.c',
        'test_cryptodev_blockcipher.c',
        'test_cycles.c',
        'test_debug.c',
@@ -130,6 +131,7 @@ test_names = [
        'cryptodev_qat_autotest',
        'cryptodev_aesni_mb_autotest',
        'cryptodev_openssl_autotest',
+       'cryptodev_openssl_asym_autotest',
        'cryptodev_aesni_gcm_autotest',
        'cryptodev_null_autotest',
        'cryptodev_sw_snow3g_autotest',
diff --git a/test/test/test_cryptodev_asym.c b/test/test/test_cryptodev_asym.c
new file mode 100644 (file)
index 0000000..68ec6b0
--- /dev/null
@@ -0,0 +1,803 @@
+/* SPDX-License-Identifier: BSD-3-Clause
+ * Copyright(c) 2018 Cavium Networks
+ */
+
+#include <rte_bus_vdev.h>
+#include <rte_common.h>
+#include <rte_hexdump.h>
+#include <rte_mbuf.h>
+#include <rte_malloc.h>
+#include <rte_memcpy.h>
+#include <rte_pause.h>
+
+#include <rte_cryptodev.h>
+#include <rte_cryptodev_pmd.h>
+#include <rte_crypto.h>
+
+#include "test_cryptodev.h"
+#include "test_cryptodev_mod_test_vectors.h"
+#include "test_cryptodev_rsa_test_vectors.h"
+#include "test_cryptodev_asym_util.h"
+#include "test.h"
+
+#define TEST_NUM_BUFS 10
+#define TEST_NUM_SESSIONS 4
+
+static int gbl_driver_id;
+struct crypto_testsuite_params {
+       struct rte_mempool *op_mpool;
+       struct rte_mempool *session_mpool;
+       struct rte_cryptodev_config conf;
+       struct rte_cryptodev_qp_conf qp_conf;
+       uint8_t valid_devs[RTE_CRYPTO_MAX_DEVS];
+       uint8_t valid_dev_count;
+};
+
+struct crypto_unittest_params {
+       struct rte_cryptodev_asym_session *sess;
+       struct rte_crypto_op *op;
+};
+
+static struct crypto_testsuite_params testsuite_params = { NULL };
+
+static int
+test_rsa_sign_verify(void)
+{
+       struct crypto_testsuite_params *ts_params = &testsuite_params;
+       struct rte_mempool *op_mpool = ts_params->op_mpool;
+       struct rte_mempool *sess_mpool = ts_params->session_mpool;
+       uint8_t dev_id = ts_params->valid_devs[0];
+       struct rte_crypto_asym_op *asym_op = NULL;
+       struct rte_crypto_op *op = NULL, *result_op = NULL;
+       struct rte_cryptodev_asym_session *sess = NULL;
+       int status = TEST_SUCCESS;
+       uint8_t output_buf[TEST_DATA_SIZE] = {0};
+       uint8_t input_buf[TEST_DATA_SIZE] = {0};
+
+       sess = rte_cryptodev_asym_session_create(sess_mpool);
+
+       if (!sess) {
+               RTE_LOG(ERR, USER1, "line %u "
+                               "FAILED: %s", __LINE__,
+                               "Session creation failed");
+               status = TEST_FAILED;
+               goto error_exit;
+       }
+
+       if (rte_cryptodev_asym_session_init(dev_id, sess, &rsa_xform,
+                               sess_mpool) < 0) {
+               RTE_LOG(ERR, USER1,
+                               "line %u FAILED: %s",
+                               __LINE__, "unabled to config sym session");
+               status = TEST_FAILED;
+               goto error_exit;
+       }
+
+       /* set up crypto op data structure */
+       op = rte_crypto_op_alloc(op_mpool, RTE_CRYPTO_OP_TYPE_ASYMMETRIC);
+       if (!op) {
+               RTE_LOG(ERR, USER1,
+                               "line %u FAILED: %s",
+                               __LINE__,
+                               "Failed to allocate asymmetric crypto "
+                               "operation struct");
+               status = TEST_FAILED;
+               goto error_exit;
+       }
+
+       asym_op = op->asym;
+       /* Compute sign on the test vector */
+       asym_op->rsa.op_type = RTE_CRYPTO_ASYM_OP_SIGN;
+
+       memcpy(input_buf, &rsaplaintext.data,
+                       rsaplaintext.len);
+       asym_op->rsa.message.data = input_buf;
+       asym_op->rsa.message.length = rsaplaintext.len;
+       asym_op->rsa.sign.data = output_buf;
+       asym_op->rsa.pad = RTE_CRYPTO_RSA_PKCS1_V1_5_BT1;
+
+       debug_hexdump(stdout, "message", asym_op->rsa.message.data,
+                       asym_op->rsa.message.length);
+
+       /* attach asymmetric crypto session to crypto operations */
+       rte_crypto_op_attach_asym_session(op, sess);
+
+       RTE_LOG(DEBUG, USER1, "Process ASYM operation");
+
+       /* Process crypto operation */
+       if (rte_cryptodev_enqueue_burst(dev_id, 0, &op, 1) != 1) {
+               RTE_LOG(ERR, USER1,
+                               "line %u FAILED: %s",
+                               __LINE__, "Error sending packet for operation");
+               status = TEST_FAILED;
+               goto error_exit;
+       }
+
+       while (rte_cryptodev_dequeue_burst(dev_id, 0, &result_op, 1) == 0)
+               rte_pause();
+
+       if (result_op == NULL) {
+               RTE_LOG(ERR, USER1,
+                               "line %u FAILED: %s",
+                               __LINE__, "Failed to process asym crypto op");
+               status = TEST_FAILED;
+               goto error_exit;
+       }
+       debug_hexdump(stdout, "signed message", asym_op->rsa.sign.data,
+                       asym_op->rsa.sign.length);
+       asym_op = result_op->asym;
+
+       /* Verify sign */
+       asym_op->rsa.op_type = RTE_CRYPTO_ASYM_OP_VERIFY;
+       asym_op->rsa.pad = RTE_CRYPTO_RSA_PKCS1_V1_5_BT2;
+
+       /* Process crypto operation */
+       if (rte_cryptodev_enqueue_burst(dev_id, 0, &op, 1) != 1) {
+               RTE_LOG(ERR, USER1,
+                               "line %u FAILED: %s",
+                               __LINE__, "Error sending packet for operation");
+               status = TEST_FAILED;
+               goto error_exit;
+       }
+
+       while (rte_cryptodev_dequeue_burst(dev_id, 0, &result_op, 1) == 0)
+               rte_pause();
+
+       if (result_op == NULL) {
+               RTE_LOG(ERR, USER1,
+                               "line %u FAILED: %s",
+                               __LINE__, "Failed to process asym crypto op");
+               status = TEST_FAILED;
+               goto error_exit;
+       }
+       status = TEST_SUCCESS;
+       int ret = 0;
+       ret = rsa_verify(&rsaplaintext, result_op);
+       if (ret)
+               status = TEST_FAILED;
+
+error_exit:
+
+       if (sess) {
+               rte_cryptodev_asym_session_clear(dev_id, sess);
+               rte_cryptodev_asym_session_free(sess);
+       }
+
+       if (op)
+               rte_crypto_op_free(op);
+
+       TEST_ASSERT_EQUAL(status, 0, "Test failed");
+
+       return status;
+}
+
+static int
+test_rsa_enc_dec(void)
+{
+       struct crypto_testsuite_params *ts_params = &testsuite_params;
+       struct rte_mempool *op_mpool = ts_params->op_mpool;
+       struct rte_mempool *sess_mpool = ts_params->session_mpool;
+       uint8_t dev_id = ts_params->valid_devs[0];
+       struct rte_crypto_asym_op *asym_op = NULL;
+       struct rte_crypto_op *op = NULL, *result_op = NULL;
+       struct rte_cryptodev_asym_session *sess = NULL;
+       int status = TEST_SUCCESS;
+       uint8_t input_buf[TEST_DATA_SIZE] = {0};
+
+       sess = rte_cryptodev_asym_session_create(sess_mpool);
+
+       if (!sess) {
+               RTE_LOG(ERR, USER1, "line %u "
+                               "FAILED: %s", __LINE__,
+                               "Session creation failed");
+               status = TEST_FAILED;
+               goto error_exit;
+       }
+
+       if (rte_cryptodev_asym_session_init(dev_id, sess, &rsa_xform,
+                               sess_mpool) < 0) {
+               RTE_LOG(ERR, USER1,
+                               "line %u FAILED: %s",
+                               __LINE__, "unabled to config sym session");
+               status = TEST_FAILED;
+               goto error_exit;
+       }
+
+       /* set up crypto op data structure */
+       op = rte_crypto_op_alloc(op_mpool, RTE_CRYPTO_OP_TYPE_ASYMMETRIC);
+       if (!op) {
+               RTE_LOG(ERR, USER1,
+                               "line %u FAILED: %s",
+                               __LINE__,
+                               "Failed to allocate asymmetric crypto "
+                               "operation struct");
+               status = TEST_FAILED;
+               goto error_exit;
+       }
+
+       asym_op = op->asym;
+       /*Compute encryption on the test vector */
+       asym_op->rsa.op_type = RTE_CRYPTO_ASYM_OP_ENCRYPT;
+
+       memcpy(input_buf, rsaplaintext.data,
+                       rsaplaintext.len);
+       asym_op->rsa.message.data = input_buf;
+       asym_op->rsa.message.length = rsaplaintext.len;
+       asym_op->rsa.pad = RTE_CRYPTO_RSA_PKCS1_V1_5_BT2;
+
+       debug_hexdump(stdout, "message", asym_op->rsa.message.data,
+                       asym_op->rsa.message.length);
+
+       /* attach asymmetric crypto session to crypto operations */
+       rte_crypto_op_attach_asym_session(op, sess);
+
+       RTE_LOG(DEBUG, USER1, "Process ASYM operation");
+
+       /* Process crypto operation */
+       if (rte_cryptodev_enqueue_burst(dev_id, 0, &op, 1) != 1) {
+               RTE_LOG(ERR, USER1,
+                               "line %u FAILED: %s",
+                               __LINE__, "Error sending packet for operation");
+               status = TEST_FAILED;
+               goto error_exit;
+       }
+
+       while (rte_cryptodev_dequeue_burst(dev_id, 0, &result_op, 1) == 0)
+               rte_pause();
+
+       if (result_op == NULL) {
+               RTE_LOG(ERR, USER1,
+                               "line %u FAILED: %s",
+                               __LINE__, "Failed to process asym crypto op");
+               status = TEST_FAILED;
+               goto error_exit;
+       }
+       debug_hexdump(stdout, "encrypted message", asym_op->rsa.message.data,
+                       asym_op->rsa.message.length);
+       /* Use the resulted output as decryption Input vector*/
+       asym_op = result_op->asym;
+       asym_op->rsa.op_type = RTE_CRYPTO_ASYM_OP_DECRYPT;
+       asym_op->rsa.pad = RTE_CRYPTO_RSA_PKCS1_V1_5_BT1;
+
+       /* Process crypto operation */
+       if (rte_cryptodev_enqueue_burst(dev_id, 0, &op, 1) != 1) {
+               RTE_LOG(ERR, USER1,
+                               "line %u FAILED: %s",
+                               __LINE__, "Error sending packet for operation");
+               status = TEST_FAILED;
+               goto error_exit;
+       }
+
+       while (rte_cryptodev_dequeue_burst(dev_id, 0, &result_op, 1) == 0)
+               rte_pause();
+
+       if (result_op == NULL) {
+               RTE_LOG(ERR, USER1,
+                               "line %u FAILED: %s",
+                               __LINE__, "Failed to process asym crypto op");
+               status = TEST_FAILED;
+               goto error_exit;
+       }
+       status = TEST_SUCCESS;
+       int ret = 0;
+       ret = rsa_verify(&rsaplaintext, result_op);
+       if (ret)
+               status = TEST_FAILED;
+
+error_exit:
+
+       if (sess) {
+               rte_cryptodev_asym_session_clear(dev_id, sess);
+               rte_cryptodev_asym_session_free(sess);
+       }
+
+       if (op)
+               rte_crypto_op_free(op);
+
+       TEST_ASSERT_EQUAL(status, 0, "Test failed");
+
+       return status;
+}
+
+static int
+testsuite_setup(void)
+{
+       struct crypto_testsuite_params *ts_params = &testsuite_params;
+       struct rte_cryptodev_info info;
+       uint32_t i = 0, nb_devs, dev_id;
+       int ret;
+       uint16_t qp_id;
+
+       memset(ts_params, 0, sizeof(*ts_params));
+
+       ts_params->op_mpool = rte_crypto_op_pool_create(
+                       "CRYPTO_ASYM_OP_POOL",
+                       RTE_CRYPTO_OP_TYPE_ASYMMETRIC,
+                       TEST_NUM_BUFS, 0,
+                       0,
+                       rte_socket_id());
+       if (ts_params->op_mpool == NULL) {
+               RTE_LOG(ERR, USER1, "Can't create ASYM_CRYPTO_OP_POOL\n");
+               return TEST_FAILED;
+       }
+
+       /* Create an OPENSSL device if required */
+       if (gbl_driver_id == rte_cryptodev_driver_id_get(
+                       RTE_STR(CRYPTODEV_NAME_OPENSSL_PMD))) {
+               nb_devs = rte_cryptodev_device_count_by_driver(
+                               rte_cryptodev_driver_id_get(
+                               RTE_STR(CRYPTODEV_NAME_OPENSSL_PMD)));
+               if (nb_devs < 1) {
+                       ret = rte_vdev_init(
+                               RTE_STR(CRYPTODEV_NAME_OPENSSL_PMD),
+                               NULL);
+
+                       TEST_ASSERT(ret == 0, "Failed to create "
+                               "instance of pmd : %s",
+                               RTE_STR(CRYPTODEV_NAME_OPENSSL_PMD));
+               }
+       }
+
+       nb_devs = rte_cryptodev_count();
+       if (nb_devs < 1) {
+               RTE_LOG(ERR, USER1, "No crypto devices found?\n");
+               return TEST_FAILED;
+       }
+
+       /* Create list of valid crypto devs */
+       for (i = 0; i < nb_devs; i++) {
+               rte_cryptodev_info_get(i, &info);
+               if (info.driver_id == gbl_driver_id)
+                       ts_params->valid_devs[ts_params->valid_dev_count++] = i;
+       }
+
+       if (ts_params->valid_dev_count < 1)
+               return TEST_FAILED;
+
+       /* Set up all the qps on the first of the valid devices found */
+
+       dev_id = ts_params->valid_devs[0];
+
+       rte_cryptodev_info_get(dev_id, &info);
+
+       /* check if device support asymmetric, skip if not */
+       if (!(info.feature_flags &
+                               RTE_CRYPTODEV_FF_ASYMMETRIC_CRYPTO)) {
+               RTE_LOG(ERR, USER1, "Device doesn't support asymmetric. "
+                               "Test Skipped.\n");
+               return TEST_FAILED;
+       }
+
+       /* configure device with num qp */
+       ts_params->conf.nb_queue_pairs = info.max_nb_queue_pairs;
+       ts_params->conf.socket_id = SOCKET_ID_ANY;
+       TEST_ASSERT_SUCCESS(rte_cryptodev_configure(dev_id,
+                       &ts_params->conf),
+                       "Failed to configure cryptodev %u with %u qps",
+                       dev_id, ts_params->conf.nb_queue_pairs);
+
+       /* configure qp */
+       ts_params->qp_conf.nb_descriptors = DEFAULT_NUM_OPS_INFLIGHT;
+       for (qp_id = 0; qp_id < info.max_nb_queue_pairs; qp_id++) {
+               TEST_ASSERT_SUCCESS(rte_cryptodev_queue_pair_setup(
+                       dev_id, qp_id, &ts_params->qp_conf,
+                       rte_cryptodev_socket_id(dev_id),
+                       ts_params->session_mpool),
+                       "Failed to setup queue pair %u on cryptodev %u ASYM",
+                       qp_id, dev_id);
+       }
+
+       /* setup asym session pool */
+       unsigned int session_size =
+               rte_cryptodev_asym_get_private_session_size(dev_id);
+       /*
+        * Create mempool with TEST_NUM_SESSIONS * 2,
+        * to include the session headers
+        */
+       ts_params->session_mpool = rte_mempool_create(
+                               "test_asym_sess_mp",
+                               TEST_NUM_SESSIONS * 2,
+                               session_size,
+                               0, 0, NULL, NULL, NULL,
+                               NULL, SOCKET_ID_ANY,
+                               0);
+
+       TEST_ASSERT_NOT_NULL(ts_params->session_mpool,
+                       "session mempool allocation failed");
+
+       return TEST_SUCCESS;
+}
+
+static void
+testsuite_teardown(void)
+{
+       struct crypto_testsuite_params *ts_params = &testsuite_params;
+
+       if (ts_params->op_mpool != NULL) {
+               RTE_LOG(DEBUG, USER1, "CRYPTO_OP_POOL count %u\n",
+               rte_mempool_avail_count(ts_params->op_mpool));
+       }
+
+       /* Free session mempools */
+       if (ts_params->session_mpool != NULL) {
+               rte_mempool_free(ts_params->session_mpool);
+               ts_params->session_mpool = NULL;
+       }
+}
+
+static int
+ut_setup(void)
+{
+       struct crypto_testsuite_params *ts_params = &testsuite_params;
+
+       uint16_t qp_id;
+
+       /* Reconfigure device to default parameters */
+       ts_params->conf.socket_id = SOCKET_ID_ANY;
+
+       TEST_ASSERT_SUCCESS(rte_cryptodev_configure(ts_params->valid_devs[0],
+                       &ts_params->conf),
+                       "Failed to configure cryptodev %u",
+                       ts_params->valid_devs[0]);
+
+       for (qp_id = 0; qp_id < ts_params->conf.nb_queue_pairs ; qp_id++) {
+               TEST_ASSERT_SUCCESS(rte_cryptodev_queue_pair_setup(
+                       ts_params->valid_devs[0], qp_id,
+                       &ts_params->qp_conf,
+                       rte_cryptodev_socket_id(ts_params->valid_devs[0]),
+                       ts_params->session_mpool),
+                       "Failed to setup queue pair %u on cryptodev %u",
+                       qp_id, ts_params->valid_devs[0]);
+       }
+
+       rte_cryptodev_stats_reset(ts_params->valid_devs[0]);
+
+       /* Start the device */
+       TEST_ASSERT_SUCCESS(rte_cryptodev_start(ts_params->valid_devs[0]),
+                                               "Failed to start cryptodev %u",
+                                               ts_params->valid_devs[0]);
+
+       return TEST_SUCCESS;
+}
+
+static void
+ut_teardown(void)
+{
+       struct crypto_testsuite_params *ts_params = &testsuite_params;
+       struct rte_cryptodev_stats stats;
+
+       rte_cryptodev_stats_get(ts_params->valid_devs[0], &stats);
+
+       /* Stop the device */
+       rte_cryptodev_stop(ts_params->valid_devs[0]);
+}
+
+static inline void print_asym_capa(
+               const struct rte_cryptodev_asymmetric_xform_capability *capa)
+{
+       int i = 0;
+
+       printf("\nxform type: %s\n===================\n",
+                       rte_crypto_asym_xform_strings[capa->xform_type]);
+       printf("operation supported -");
+
+       for (i = 0; i < RTE_CRYPTO_ASYM_OP_LIST_END; i++) {
+               /* check supported operations */
+               if (rte_cryptodev_asym_xform_capability_check_optype(capa, i))
+                       printf(" %s",
+                                       rte_crypto_asym_op_strings[i]);
+               }
+               switch (capa->xform_type) {
+               case RTE_CRYPTO_ASYM_XFORM_RSA:
+               case RTE_CRYPTO_ASYM_XFORM_MODINV:
+               case RTE_CRYPTO_ASYM_XFORM_MODEX:
+               case RTE_CRYPTO_ASYM_XFORM_DH:
+               case RTE_CRYPTO_ASYM_XFORM_DSA:
+                       printf(" modlen: min %d max %d increment %d\n",
+                                       capa->modlen.min,
+                                       capa->modlen.max,
+                                       capa->modlen.increment);
+               break;
+               default:
+                       break;
+               }
+}
+
+static int
+test_capability(void)
+{
+       struct crypto_testsuite_params *ts_params = &testsuite_params;
+       uint8_t dev_id = ts_params->valid_devs[0];
+       struct rte_cryptodev_info dev_info;
+       const struct rte_cryptodev_capabilities *dev_capa;
+       int i = 0;
+       struct rte_cryptodev_asym_capability_idx idx;
+       const struct rte_cryptodev_asymmetric_xform_capability *capa;
+
+       rte_cryptodev_info_get(dev_id, &dev_info);
+       if (!(dev_info.feature_flags &
+                               RTE_CRYPTODEV_FF_ASYMMETRIC_CRYPTO)) {
+               RTE_LOG(INFO, USER1,
+                               "Device doesn't support asymmetric. Test Skipped\n");
+               return TEST_SUCCESS;
+       }
+
+       /* print xform capability */
+       for (i = 0;
+               dev_info.capabilities[i].op != RTE_CRYPTO_OP_TYPE_UNDEFINED;
+               i++) {
+               dev_capa = &(dev_info.capabilities[i]);
+               if (dev_info.capabilities[i].op ==
+                               RTE_CRYPTO_OP_TYPE_ASYMMETRIC) {
+                       idx.type = dev_capa->asym.xform_capa.xform_type;
+
+                       capa = rte_cryptodev_asym_capability_get(dev_id,
+                               (const struct
+                               rte_cryptodev_asym_capability_idx *) &idx);
+                       print_asym_capa(capa);
+                       }
+       }
+       return TEST_SUCCESS;
+}
+
+static int
+test_mod_inv(void)
+{
+       struct crypto_testsuite_params *ts_params = &testsuite_params;
+       struct rte_mempool *op_mpool = ts_params->op_mpool;
+       struct rte_mempool *sess_mpool = ts_params->session_mpool;
+       uint8_t dev_id = ts_params->valid_devs[0];
+       struct rte_crypto_asym_op *asym_op = NULL;
+       struct rte_crypto_op *op = NULL, *result_op = NULL;
+       struct rte_cryptodev_asym_session *sess = NULL;
+       int status = TEST_SUCCESS;
+       struct rte_cryptodev_asym_capability_idx cap_idx;
+       const struct rte_cryptodev_asymmetric_xform_capability *capability;
+       uint8_t input[TEST_DATA_SIZE] = {0};
+       int ret = 0;
+
+       if (rte_cryptodev_asym_get_xform_enum(
+               &modinv_xform.xform_type, "modinv") < 0) {
+               RTE_LOG(ERR, USER1,
+                                "Invalid ASYNC algorithm specified\n");
+               return -1;
+       }
+
+       cap_idx.type = modinv_xform.xform_type;
+       capability = rte_cryptodev_asym_capability_get(dev_id,
+                                       &cap_idx);
+
+       if (rte_cryptodev_asym_xform_capability_check_modlen(
+               capability,
+               modinv_xform.modinv.modulus.length)) {
+               RTE_LOG(ERR, USER1,
+                                "Invalid MODULOUS length specified\n");
+                               return -1;
+               }
+
+       sess = rte_cryptodev_asym_session_create(sess_mpool);
+       if (!sess) {
+               RTE_LOG(ERR, USER1, "line %u "
+                               "FAILED: %s", __LINE__,
+                               "Session creation failed");
+               status = TEST_FAILED;
+               goto error_exit;
+       }
+
+       if (rte_cryptodev_asym_session_init(dev_id, sess, &modinv_xform,
+                       sess_mpool) < 0) {
+               RTE_LOG(ERR, USER1,
+                               "line %u FAILED: %s",
+                               __LINE__, "unabled to config sym session");
+               status = TEST_FAILED;
+               goto error_exit;
+       }
+
+       /* generate crypto op data structure */
+       op = rte_crypto_op_alloc(op_mpool, RTE_CRYPTO_OP_TYPE_ASYMMETRIC);
+       if (!op) {
+               RTE_LOG(ERR, USER1,
+                       "line %u FAILED: %s",
+                       __LINE__, "Failed to allocate asymmetric crypto "
+                       "operation struct");
+               status = TEST_FAILED;
+               goto error_exit;
+       }
+
+       asym_op = op->asym;
+       memcpy(input, base, sizeof(base));
+       asym_op->modinv.base.data = input;
+       asym_op->modinv.base.length = sizeof(base);
+
+       /* attach asymmetric crypto session to crypto operations */
+       rte_crypto_op_attach_asym_session(op, sess);
+
+       RTE_LOG(DEBUG, USER1, "Process ASYM operation");
+
+       /* Process crypto operation */
+       if (rte_cryptodev_enqueue_burst(dev_id, 0, &op, 1) != 1) {
+               RTE_LOG(ERR, USER1,
+                       "line %u FAILED: %s",
+                       __LINE__, "Error sending packet for operation");
+               status = TEST_FAILED;
+               goto error_exit;
+       }
+
+       while (rte_cryptodev_dequeue_burst(dev_id, 0, &result_op, 1) == 0)
+               rte_pause();
+
+       if (result_op == NULL) {
+               RTE_LOG(ERR, USER1,
+                               "line %u FAILED: %s",
+                               __LINE__, "Failed to process asym crypto op");
+               status = TEST_FAILED;
+               goto error_exit;
+       }
+
+       ret = verify_modinv(mod_inv, result_op);
+       if (ret) {
+               RTE_LOG(ERR, USER1,
+                        "operation verification failed\n");
+               status = TEST_FAILED;
+       }
+
+error_exit:
+       if (sess) {
+               rte_cryptodev_asym_session_clear(dev_id, sess);
+               rte_cryptodev_asym_session_free(sess);
+       }
+
+       if (op)
+               rte_crypto_op_free(op);
+
+       TEST_ASSERT_EQUAL(status, 0, "Test failed");
+
+       return status;
+}
+
+static int
+test_mod_exp(void)
+{
+       struct crypto_testsuite_params *ts_params = &testsuite_params;
+       struct rte_mempool *op_mpool = ts_params->op_mpool;
+       struct rte_mempool *sess_mpool = ts_params->session_mpool;
+       uint8_t dev_id = ts_params->valid_devs[0];
+       struct rte_crypto_asym_op *asym_op = NULL;
+       struct rte_crypto_op *op = NULL, *result_op = NULL;
+       struct rte_cryptodev_asym_session *sess = NULL;
+       int status = TEST_SUCCESS;
+       struct rte_cryptodev_asym_capability_idx cap_idx;
+       const struct rte_cryptodev_asymmetric_xform_capability *capability;
+       uint8_t input[TEST_DATA_SIZE] = {0};
+       int ret = 0;
+
+       if (rte_cryptodev_asym_get_xform_enum(&modex_xform.xform_type,
+               "modexp")
+               < 0) {
+               RTE_LOG(ERR, USER1,
+                               "Invalid ASYNC algorithm specified\n");
+               return -1;
+       }
+
+       /* check for modlen capability */
+       cap_idx.type = modex_xform.xform_type;
+       capability = rte_cryptodev_asym_capability_get(dev_id, &cap_idx);
+
+       if (rte_cryptodev_asym_xform_capability_check_modlen(
+                       capability, modex_xform.modex.modulus.length)) {
+               RTE_LOG(ERR, USER1,
+                               "Invalid MODULOUS length specified\n");
+                               return -1;
+               }
+
+       /* generate crypto op data structure */
+       op = rte_crypto_op_alloc(op_mpool, RTE_CRYPTO_OP_TYPE_ASYMMETRIC);
+       if (!op) {
+               RTE_LOG(ERR, USER1,
+                       "line %u FAILED: %s",
+                       __LINE__, "Failed to allocate asymmetric crypto "
+                       "operation struct");
+               status = TEST_FAILED;
+               goto error_exit;
+       }
+
+       sess = rte_cryptodev_asym_session_create(sess_mpool);
+       if (!sess) {
+               RTE_LOG(ERR, USER1,
+                                "line %u "
+                               "FAILED: %s", __LINE__,
+                               "Session creation failed");
+               status = TEST_FAILED;
+               goto error_exit;
+       }
+
+       if (rte_cryptodev_asym_session_init(dev_id, sess, &modex_xform,
+                       sess_mpool) < 0) {
+               RTE_LOG(ERR, USER1,
+                               "line %u FAILED: %s",
+                               __LINE__, "unabled to config sym session");
+               status = TEST_FAILED;
+               goto error_exit;
+       }
+
+       asym_op = op->asym;
+       memcpy(input, base, sizeof(base));
+       asym_op->modex.base.data = input;
+       asym_op->modex.base.length = sizeof(base);
+       /* attach asymmetric crypto session to crypto operations */
+       rte_crypto_op_attach_asym_session(op, sess);
+
+       RTE_LOG(DEBUG, USER1, "Process ASYM operation");
+       /* Process crypto operation */
+       if (rte_cryptodev_enqueue_burst(dev_id, 0, &op, 1) != 1) {
+               RTE_LOG(ERR, USER1,
+                               "line %u FAILED: %s",
+                               __LINE__, "Error sending packet for operation");
+               status = TEST_FAILED;
+               goto error_exit;
+       }
+
+       while (rte_cryptodev_dequeue_burst(dev_id, 0, &result_op, 1) == 0)
+               rte_pause();
+
+       if (result_op == NULL) {
+               RTE_LOG(ERR, USER1,
+                               "line %u FAILED: %s",
+                               __LINE__, "Failed to process asym crypto op");
+               status = TEST_FAILED;
+               goto error_exit;
+       }
+
+       ret = verify_modexp(mod_exp, result_op);
+       if (ret) {
+               RTE_LOG(ERR, USER1,
+                        "operation verification failed\n");
+               status = TEST_FAILED;
+       }
+
+error_exit:
+       if (sess != NULL) {
+               rte_cryptodev_asym_session_clear(dev_id, sess);
+               rte_cryptodev_asym_session_free(sess);
+       }
+
+       if (op != NULL)
+               rte_crypto_op_free(op);
+
+       TEST_ASSERT_EQUAL(status, 0, "Test failed");
+
+       return status;
+}
+
+static struct unit_test_suite cryptodev_openssl_asym_testsuite  = {
+       .suite_name = "Crypto Device OPENSSL ASYM Unit Test Suite",
+       .setup = testsuite_setup,
+       .teardown = testsuite_teardown,
+       .unit_test_cases = {
+               TEST_CASE_ST(ut_setup, ut_teardown, test_capability),
+               TEST_CASE_ST(ut_setup, ut_teardown, test_rsa_enc_dec),
+               TEST_CASE_ST(ut_setup, ut_teardown, test_rsa_sign_verify),
+               TEST_CASE_ST(ut_setup, ut_teardown, test_mod_inv),
+               TEST_CASE_ST(ut_setup, ut_teardown, test_mod_exp),
+               TEST_CASES_END() /**< NULL terminate unit test array */
+       }
+};
+
+static int
+test_cryptodev_openssl_asym(void)
+{
+       gbl_driver_id = rte_cryptodev_driver_id_get(
+                       RTE_STR(CRYPTODEV_NAME_OPENSSL_PMD));
+
+       if (gbl_driver_id == -1) {
+               RTE_LOG(ERR, USER1, "OPENSSL PMD must be loaded. Check if "
+                               "CONFIG_RTE_LIBRTE_PMD_OPENSSL is enabled "
+                               "in config file to run this testsuite.\n");
+               return TEST_FAILED;
+       }
+
+       return unit_test_suite_runner(&cryptodev_openssl_asym_testsuite);
+}
+
+REGISTER_TEST_COMMAND(cryptodev_openssl_asym_autotest,
+                                         test_cryptodev_openssl_asym);
diff --git a/test/test/test_cryptodev_asym_util.h b/test/test/test_cryptodev_asym_util.h
new file mode 100644 (file)
index 0000000..dff0c2a
--- /dev/null
@@ -0,0 +1,42 @@
+/* SPDX-License-Identifier: BSD-3-Clause
+ * Copyright(c) 2018 Cavium Networks
+ */
+
+#ifndef TEST_CRYPTODEV_ASYM_TEST_UTIL_H__
+#define TEST_CRYPTODEV_ASYM_TEST_UTIL_H__
+
+/* Below Apis compare resulted buffer to original test vector */
+
+static inline int rsa_verify(struct rsa_test_data *rsa_param,
+               struct rte_crypto_op *result_op)
+{
+       if (memcmp(rsa_param->data,
+                               result_op->asym->rsa.message.data,
+                               result_op->asym->rsa.message.length))
+               return -1;
+       return 0;
+}
+
+static inline int verify_modinv(uint8_t *mod_inv,
+               struct rte_crypto_op *result_op)
+{
+       if (memcmp(mod_inv, result_op->asym->modinv.base.data,
+                               result_op->asym->modinv.base.length))
+               return -1;
+       return 0;
+}
+
+static inline int verify_modexp(uint8_t *mod_exp,
+               struct rte_crypto_op *result_op)
+{
+       if (memcmp(mod_exp, result_op->asym->modex.base.data,
+                               result_op->asym->modex.base.length))
+               return -1;
+       return 0;
+}
+
+#endif /* TEST_CRYPTODEV_ASYM_TEST_UTIL_H__ */
+
+
+
+
diff --git a/test/test/test_cryptodev_mod_test_vectors.h b/test/test/test_cryptodev_mod_test_vectors.h
new file mode 100644 (file)
index 0000000..a25c676
--- /dev/null
@@ -0,0 +1,103 @@
+/* SPDX-License-Identifier: BSD-3-Clause
+ * Copyright(c) 2018 Cavium Networks
+ */
+
+#ifndef TEST_CRYPTODEV_MOD_TEST_VECTORS_H_
+#define TEST_CRYPTODEV_MOD_TEST_VECTORS_H_
+
+/* modular operation test data */
+uint8_t base[] = {
+       0xF8, 0xBA, 0x1A, 0x55, 0xD0, 0x2F, 0x85,
+       0xAE, 0x96, 0x7B, 0xB6, 0x2F, 0xB6, 0xCD,
+       0xA8, 0xEB, 0x7E, 0x78, 0xA0, 0x50
+};
+
+uint8_t mod_p[] = {
+       0x00, 0xb3, 0xa1, 0xaf, 0xb7, 0x13, 0x08, 0x00,
+       0x0a, 0x35, 0xdc, 0x2b, 0x20, 0x8d, 0xa1, 0xb5,
+       0xce, 0x47, 0x8a, 0xc3, 0x80, 0xf4, 0x7d, 0x4a,
+       0xa2, 0x62, 0xfd, 0x61, 0x7f, 0xb5, 0xa8, 0xde,
+       0x0a, 0x17, 0x97, 0xa0, 0xbf, 0xdf, 0x56, 0x5a,
+       0x3d, 0x51, 0x56, 0x4f, 0x70, 0x70, 0x3f, 0x63,
+       0x6a, 0x44, 0x5b, 0xad, 0x84, 0x0d, 0x3f, 0x27,
+       0x6e, 0x3b, 0x34, 0x91, 0x60, 0x14, 0xb9, 0xaa,
+       0x72, 0xfd, 0xa3, 0x64, 0xd2, 0x03, 0xa7, 0x53,
+       0x87, 0x9e, 0x88, 0x0b, 0xc1, 0x14, 0x93, 0x1a,
+       0x62, 0xff, 0xb1, 0x5d, 0x74, 0xcd, 0x59, 0x63,
+       0x18, 0x11, 0x3d, 0x4f, 0xba, 0x75, 0xd4, 0x33,
+       0x4e, 0x23, 0x6b, 0x7b, 0x57, 0x44, 0xe1, 0xd3,
+       0x03, 0x13, 0xa6, 0xf0, 0x8b, 0x60, 0xb0, 0x9e,
+       0xee, 0x75, 0x08, 0x9d, 0x71, 0x63, 0x13, 0xcb,
+       0xa6, 0x81, 0x92, 0x14, 0x03, 0x22, 0x2d, 0xde,
+       0x55
+};
+
+uint8_t mod_e[] = {0x01, 0x00, 0x01};
+
+/* Precomputed modular exponentiation for verification */
+uint8_t mod_exp[] = {
+       0x2C, 0x60, 0x75, 0x45, 0x98, 0x9D, 0xE0, 0x72,
+       0xA0, 0x9D, 0x3A, 0x9E, 0x03, 0x38, 0x73, 0x3C,
+       0x31, 0x83, 0x04, 0xFE, 0x75, 0x43, 0xE6, 0x17,
+       0x5C, 0x01, 0x29, 0x51, 0x69, 0x33, 0x62, 0x2D,
+       0x78, 0xBE, 0xAE, 0xC4, 0xBC, 0xDE, 0x7E, 0x2C,
+       0x77, 0x84, 0xF2, 0xC5, 0x14, 0xB5, 0x2F, 0xF7,
+       0xC5, 0x94, 0xEF, 0x86, 0x75, 0x75, 0xB5, 0x11,
+       0xE5, 0x0E, 0x0A, 0x29, 0x76, 0xE2, 0xEA, 0x32,
+       0x0E, 0x43, 0x77, 0x7E, 0x2C, 0x27, 0xAC, 0x3B,
+       0x86, 0xA5, 0xDB, 0xC9, 0x48, 0x40, 0xE8, 0x99,
+       0x9A, 0x0A, 0x3D, 0xD6, 0x74, 0xFA, 0x2E, 0x2E,
+       0x5B, 0xAF, 0x8C, 0x99, 0x44, 0x2A, 0x67, 0x38,
+       0x27, 0x41, 0x59, 0x9D, 0xB8, 0x51, 0xC9, 0xF7,
+       0x43, 0x61, 0x31, 0x6E, 0xF1, 0x25, 0x38, 0x7F,
+       0xAE, 0xC6, 0xD0, 0xBB, 0x29, 0x76, 0x3F, 0x46,
+       0x2E, 0x1B, 0xE4, 0x67, 0x71, 0xE3, 0x87, 0x5A
+};
+
+/* Precomputed modular inverse for verification */
+uint8_t mod_inv[] = {
+       0x52, 0xb1, 0xa3, 0x8c, 0xc5, 0x8a, 0xb9, 0x1f,
+       0xb6, 0x82, 0xf5, 0x6a, 0x9a, 0xde, 0x8d, 0x2e,
+       0x62, 0x4b, 0xac, 0x49, 0x21, 0x1d, 0x30, 0x4d,
+       0x32, 0xac, 0x1f, 0x40, 0x6d, 0x52, 0xc7, 0x9b,
+       0x6c, 0x0a, 0x82, 0x3a, 0x2c, 0xaf, 0x6b, 0x6d,
+       0x17, 0xbe, 0x43, 0xed, 0x97, 0x78, 0xeb, 0x4c,
+       0x92, 0x6f, 0xcf, 0xed, 0xb1, 0x09, 0xcb, 0x27,
+       0xc2, 0xde, 0x62, 0xfd, 0x21, 0xe6, 0xbd, 0x4f,
+       0xfe, 0x7a, 0x1b, 0x50, 0xfe, 0x10, 0x4a, 0xb0,
+       0xb7, 0xcf, 0xdb, 0x7d, 0xca, 0xc2, 0xf0, 0x1c,
+       0x39, 0x48, 0x6a, 0xb5, 0x4d, 0x8c, 0xfe, 0x63,
+       0x91, 0x9c, 0x21, 0xc3, 0x0e, 0x76, 0xad, 0x44,
+       0x8d, 0x54, 0x33, 0x99, 0xe1, 0x80, 0x19, 0xba,
+       0xb5, 0xac, 0x7d, 0x9c, 0xce, 0x91, 0x2a, 0xd9,
+       0x2c, 0xe1, 0x16, 0xd6, 0xd7, 0xcf, 0x9d, 0x05,
+       0x9a, 0x66, 0x9a, 0x3a, 0xc1, 0xb8, 0x4b, 0xc3
+};
+
+struct rte_crypto_asym_xform modex_xform = {
+       .next = NULL,
+       .xform_type = RTE_CRYPTO_ASYM_XFORM_MODEX,
+       .modex = {
+               .modulus = {
+                       .data = mod_p,
+                       .length = sizeof(mod_p)
+               },
+               .exponent = {
+                       .data = mod_e,
+                       .length = sizeof(mod_e)
+               }
+       }
+};
+
+struct rte_crypto_asym_xform modinv_xform = {
+       .next = NULL,
+       .xform_type = RTE_CRYPTO_ASYM_XFORM_MODINV,
+       .modinv = {
+               .modulus = {
+                       .data = mod_p,
+                       .length = sizeof(mod_p)
+               }
+       }
+};
+
+#endif /* TEST_CRYPTODEV_MOD_TEST_VECTORS_H__ */
diff --git a/test/test/test_cryptodev_rsa_test_vectors.h b/test/test/test_cryptodev_rsa_test_vectors.h
new file mode 100644 (file)
index 0000000..3f8c41a
--- /dev/null
@@ -0,0 +1,88 @@
+/* SPDX-License-Identifier: BSD-3-Clause
+ * Copyright(c) 2018 Cavium Networks
+ */
+
+#ifndef TEST_CRYPTODEV_RSA_TEST_VECTORS_H__
+#define TEST_CRYPTODEV_RSA_TEST_VECTORS_H__
+
+#include "rte_crypto_asym.h"
+
+#define TEST_DATA_SIZE 4096
+
+struct rsa_test_data {
+       uint8_t data[TEST_DATA_SIZE];
+       unsigned int len;
+};
+
+struct rsa_test_data rsaplaintext = {
+       .data = {
+               0xf8, 0xba, 0x1a, 0x55, 0xd0, 0x2f, 0x85, 0xae,
+               0x96, 0x7b, 0xb6, 0x2f, 0xb6, 0xcd, 0xa8, 0xeb,
+               0x7e, 0x78, 0xa0, 0x50
+       },
+       .len = 20
+};
+
+uint8_t rsa_n[] = {
+       0xb3, 0xa1, 0xaf, 0xb7, 0x13, 0x08, 0x00,
+       0x0a, 0x35, 0xdc, 0x2b, 0x20, 0x8d, 0xa1, 0xb5,
+       0xce, 0x47, 0x8a, 0xc3, 0x80, 0xf4, 0x7d, 0x4a,
+       0xa2, 0x62, 0xfd, 0x61, 0x7f, 0xb5, 0xa8, 0xde,
+       0x0a, 0x17, 0x97, 0xa0, 0xbf, 0xdf, 0x56, 0x5a,
+       0x3d, 0x51, 0x56, 0x4f, 0x70, 0x70, 0x3f, 0x63,
+       0x6a, 0x44, 0x5b, 0xad, 0x84, 0x0d, 0x3f, 0x27,
+       0x6e, 0x3b, 0x34, 0x91, 0x60, 0x14, 0xb9, 0xaa,
+       0x72, 0xfd, 0xa3, 0x64, 0xd2, 0x03, 0xa7, 0x53,
+       0x87, 0x9e, 0x88, 0x0b, 0xc1, 0x14, 0x93, 0x1a,
+       0x62, 0xff, 0xb1, 0x5d, 0x74, 0xcd, 0x59, 0x63,
+       0x18, 0x11, 0x3d, 0x4f, 0xba, 0x75, 0xd4, 0x33,
+       0x4e, 0x23, 0x6b, 0x7b, 0x57, 0x44, 0xe1, 0xd3,
+       0x03, 0x13, 0xa6, 0xf0, 0x8b, 0x60, 0xb0, 0x9e,
+       0xee, 0x75, 0x08, 0x9d, 0x71, 0x63, 0x13, 0xcb,
+       0xa6, 0x81, 0x92, 0x14, 0x03, 0x22, 0x2d, 0xde,
+       0x55
+};
+
+uint8_t rsa_d[] = {
+       0x24, 0xd7, 0xea, 0xf4, 0x7f, 0xe0, 0xca, 0x31,
+       0x4d, 0xee, 0xc4, 0xa1, 0xbe, 0xab, 0x06, 0x61,
+       0x32, 0xe7, 0x51, 0x46, 0x27, 0xdf, 0x72, 0xe9,
+       0x6f, 0xa8, 0x4c, 0xd1, 0x26, 0xef, 0x65, 0xeb,
+       0x67, 0xff, 0x5f, 0xa7, 0x3b, 0x25, 0xb9, 0x08,
+       0x8e, 0xa0, 0x47, 0x56, 0xe6, 0x8e, 0xf9, 0xd3,
+       0x18, 0x06, 0x3d, 0xc6, 0xb1, 0xf8, 0xdc, 0x1b,
+       0x8d, 0xe5, 0x30, 0x54, 0x26, 0xac, 0x16, 0x3b,
+       0x7b, 0xad, 0x46, 0x9e, 0x21, 0x6a, 0x57, 0xe6,
+       0x81, 0x56, 0x1d, 0x2a, 0xc4, 0x39, 0x63, 0x67,
+       0x81, 0x2c, 0xca, 0xcc, 0xf8, 0x42, 0x04, 0xbe,
+       0xcf, 0x8f, 0x6c, 0x5b, 0x81, 0x46, 0xb9, 0xc7,
+       0x62, 0x90, 0x87, 0x35, 0x03, 0x9b, 0x89, 0xcb,
+       0x37, 0xbd, 0xf1, 0x1b, 0x99, 0xa1, 0x9a, 0x78,
+       0xd5, 0x4c, 0xdd, 0x3f, 0x41, 0x0c, 0xb7, 0x1a,
+       0xd9, 0x7b, 0x87, 0x5f, 0xbe, 0xb1, 0x83, 0x41
+};
+
+uint8_t rsa_e[] = {0x01, 0x00, 0x01};
+
+/** rsa xform using exponent key */
+struct rte_crypto_asym_xform rsa_xform = {
+       .next = NULL,
+       .xform_type = RTE_CRYPTO_ASYM_XFORM_RSA,
+       .rsa = {
+               .n = {
+                       .data = rsa_n,
+                       .length = sizeof(rsa_n)
+               },
+               .e = {
+                       .data = rsa_e,
+                       .length = sizeof(rsa_e)
+               },
+               .key_type = RTE_RSA_KEY_TYPE_EXP,
+               .d = {
+                       .data = rsa_d,
+                       .length = sizeof(rsa_d)
+               }
+       }
+};
+
+#endif /* TEST_CRYPTODEV_RSA_TEST_VECTORS_H__ */