test/crypto: check asymmetric capabilities for SM2

Check asymmetric capabilities such as SM3 hash support and
internal RNG and accordingly choose op params for SM2 test.

Signed-off-by: Gowrishankar Muthukrishnan <[email protected]>
Acked-by: Arkadiusz Kusztal <[email protected]>

app/test/test_cryptodev_asym.c

@@ -608,6 +608,7 @@ static inline void print_asym_capa(
 	break;
 	case RTE_CRYPTO_ASYM_XFORM_ECDSA:
 	case RTE_CRYPTO_ASYM_XFORM_ECPM:
+	case RTE_CRYPTO_ASYM_XFORM_SM2:
 	default:
 		break;
 	}
@@ -1806,7 +1807,7 @@ test_ecpm_all_curve(void)
 }
 
 static int
-_test_sm2_sign(bool rnd_secret)
+test_sm2_sign(void)
 {
 	struct crypto_testsuite_params_asym *ts_params = &testsuite_params;
 	struct crypto_testsuite_sm2_params input_params = sm2_param_fp256;
@@ -1875,11 +1876,19 @@ _test_sm2_sign(bool rnd_secret)
 	else
 		asym_op->sm2.hash = RTE_CRYPTO_AUTH_NULL;
 
-	asym_op->sm2.message.data = input_params.message.data;
-	asym_op->sm2.message.length = input_params.message.length;
-	asym_op->sm2.id.data = input_params.id.data;
-	asym_op->sm2.id.length = input_params.id.length;
-	if (rnd_secret) {
+	if (asym_op->sm2.hash == RTE_CRYPTO_AUTH_SM3) {
+		asym_op->sm2.message.data = input_params.message.data;
+		asym_op->sm2.message.length = input_params.message.length;
+		asym_op->sm2.id.data = input_params.id.data;
+		asym_op->sm2.id.length = input_params.id.length;
+	} else {
+		asym_op->sm2.message.data = input_params.digest.data;
+		asym_op->sm2.message.length = input_params.digest.length;
+		asym_op->sm2.id.data = NULL;
+		asym_op->sm2.id.length = 0;
+	}
+
+	if (capa->internal_rng != 0) {
 		asym_op->sm2.k.data = NULL;
 		asym_op->sm2.k.length = 0;
 	} else {
@@ -1928,7 +1937,7 @@ _test_sm2_sign(bool rnd_secret)
 	debug_hexdump(stdout, "s:",
 			asym_op->sm2.s.data, asym_op->sm2.s.length);
 
-	if (!rnd_secret) {
+	if (capa->internal_rng == 0) {
 		/* Verify sign (by comparison). */
 		if (memcmp(input_params.sign_r.data, asym_op->sm2.r.data,
 				   asym_op->sm2.r.length) != 0) {
@@ -1989,18 +1998,6 @@ _test_sm2_sign(bool rnd_secret)
 	return status;
 };
 
-static int
-test_sm2_sign_rnd_secret(void)
-{
-	return _test_sm2_sign(true);
-}
-
-__rte_used static int
-test_sm2_sign_plain_secret(void)
-{
-	return _test_sm2_sign(false);
-}
-
 static int
 test_sm2_verify(void)
 {
@@ -2064,19 +2061,28 @@ test_sm2_verify(void)
 
 	/* Populate op with operational details */
 	asym_op->sm2.op_type = RTE_CRYPTO_ASYM_OP_VERIFY;
+
 	if (rte_cryptodev_asym_xform_capability_check_hash(capa, RTE_CRYPTO_AUTH_SM3))
 		asym_op->sm2.hash = RTE_CRYPTO_AUTH_SM3;
 	else
 		asym_op->sm2.hash = RTE_CRYPTO_AUTH_NULL;
 
-	asym_op->sm2.message.data = input_params.message.data;
-	asym_op->sm2.message.length = input_params.message.length;
+	if (asym_op->sm2.hash == RTE_CRYPTO_AUTH_SM3) {
+		asym_op->sm2.message.data = input_params.message.data;
+		asym_op->sm2.message.length = input_params.message.length;
+		asym_op->sm2.id.data = input_params.id.data;
+		asym_op->sm2.id.length = input_params.id.length;
+	} else {
+		asym_op->sm2.message.data = input_params.digest.data;
+		asym_op->sm2.message.length = input_params.digest.length;
+		asym_op->sm2.id.data = NULL;
+		asym_op->sm2.id.length = 0;
+	}
+
 	asym_op->sm2.r.data = input_params.sign_r.data;
 	asym_op->sm2.r.length = input_params.sign_r.length;
 	asym_op->sm2.s.data = input_params.sign_s.data;
 	asym_op->sm2.s.length = input_params.sign_s.length;
-	asym_op->sm2.id.data = input_params.id.data;
-	asym_op->sm2.id.length = input_params.id.length;
 
 	RTE_LOG(DEBUG, USER1, "Process ASYM operation\n");
 
@@ -2116,7 +2122,7 @@ test_sm2_verify(void)
 };
 
 static int
-_test_sm2_enc(bool rnd_secret)
+test_sm2_enc(void)
 {
 	struct crypto_testsuite_params_asym *ts_params = &testsuite_params;
 	struct crypto_testsuite_sm2_params input_params = sm2_param_fp256;
@@ -2185,7 +2191,8 @@ _test_sm2_enc(bool rnd_secret)
 
 	asym_op->sm2.message.data = input_params.message.data;
 	asym_op->sm2.message.length = input_params.message.length;
-	if (rnd_secret) {
+
+	if (capa->internal_rng != 0) {
 		asym_op->sm2.k.data = NULL;
 		asym_op->sm2.k.length = 0;
 	} else {
@@ -2231,7 +2238,7 @@ _test_sm2_enc(bool rnd_secret)
 	debug_hexdump(stdout, "cipher:",
 			asym_op->sm2.cipher.data, asym_op->sm2.cipher.length);
 
-	if (!rnd_secret) {
+	if (capa->internal_rng == 0) {
 		if (memcmp(input_params.cipher.data, asym_op->sm2.cipher.data,
 				   asym_op->sm2.cipher.length) != 0) {
 			status = TEST_FAILED;
@@ -2295,18 +2302,6 @@ _test_sm2_enc(bool rnd_secret)
 	return status;
 };
 
-static int
-test_sm2_enc_rnd_secret(void)
-{
-	return _test_sm2_enc(true);
-}
-
-__rte_used static int
-test_sm2_enc_plain_secret(void)
-{
-	return _test_sm2_enc(false);
-}
-
 static int
 test_sm2_dec(void)
 {
@@ -2737,9 +2732,9 @@ static struct unit_test_suite cryptodev_openssl_asym_testsuite  = {
 		TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, test_dsa),
 		TEST_CASE_ST(ut_setup_asym, ut_teardown_asym,
 				test_dh_key_generation),
-		TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, test_sm2_sign_rnd_secret),
+		TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, test_sm2_sign),
 		TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, test_sm2_verify),
-		TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, test_sm2_enc_rnd_secret),
+		TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, test_sm2_enc),
 		TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, test_sm2_dec),
 		TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, test_rsa_enc_dec),
 		TEST_CASE_ST(ut_setup_asym, ut_teardown_asym,
@@ -2803,6 +2798,8 @@ static struct unit_test_suite cryptodev_octeontx_asym_testsuite  = {
 		TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, test_mod_exp),
 		TEST_CASE_ST(ut_setup_asym, ut_teardown_asym,
 			     test_ecdsa_sign_verify_all_curve),
+		TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, test_sm2_sign),
+		TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, test_sm2_verify),
 		TEST_CASE_ST(ut_setup_asym, ut_teardown_asym,
 				test_ecpm_all_curve),
 		TEST_CASES_END() /**< NULL terminate unit test array */

app/test/test_cryptodev_sm2_test_vectors.h

@@ -17,6 +17,7 @@ struct crypto_testsuite_sm2_params {
 	rte_crypto_param id;
 	rte_crypto_param cipher;
 	rte_crypto_param message;
+	rte_crypto_param digest;
 	int curve;
 };
 
@@ -46,17 +47,17 @@ static uint8_t fp256_k[] = {
 };
 
 static uint8_t fp256_sign_r[] = {
-	0xf3, 0x26, 0x10, 0xde, 0xfb, 0xbf, 0x13, 0xd4,
-	0x73, 0xb1, 0xc2, 0x80, 0x51, 0x06, 0x29, 0xf9,
-	0xfb, 0xc8, 0x11, 0xa7, 0x8d, 0x2c, 0xcb, 0x09,
-	0x7c, 0xb2, 0xcf, 0x58, 0x0b, 0x5e, 0x25, 0xff
+	0x75, 0x2B, 0x8C, 0x15, 0x38, 0x10, 0xF6, 0xC0,
+	0x28, 0xC9, 0x8A, 0x51, 0xD0, 0x62, 0x69, 0x4B,
+	0xF6, 0x58, 0x06, 0xEB, 0xF1, 0x91, 0x1F, 0x15,
+	0x8B, 0x08, 0x09, 0xF9, 0x88, 0x0A, 0x44, 0x24
 };
 
 static uint8_t fp256_sign_s[] = {
-	0x8d, 0x8d, 0xb5, 0x40, 0xe3, 0xfb, 0x98, 0xf9,
-	0x8c, 0xe4, 0x58, 0x60, 0xf2, 0x78, 0x8f, 0xd9,
-	0xbf, 0xb8, 0x47, 0x73, 0x88, 0xc1, 0xd1, 0xcd,
-	0x2d, 0xdb, 0xe3, 0xc1, 0x44, 0x30, 0x25, 0x86
+	0x5A, 0x3C, 0x96, 0x3E, 0x1C, 0xB4, 0x19, 0xF9,
+	0xD7, 0x78, 0xB8, 0xCE, 0xFF, 0x9D, 0xB1, 0x31,
+	0x77, 0xDB, 0xA0, 0xFE, 0x84, 0x61, 0x1A, 0xD9,
+	0x4E, 0xFF, 0x82, 0x13, 0x1C, 0xCA, 0x04, 0x75,
 };
 
 static uint8_t fp256_id[] = {
@@ -68,6 +69,13 @@ static uint8_t fp256_message[] = {
 	0x64, 0x69, 0x67, 0x65, 0x73, 0x74
 };
 
+static uint8_t fp256_digest[] = {
+	0x0F, 0xB5, 0xCE, 0xF3, 0x3C, 0xB7, 0xD1, 0x35,
+	0xA9, 0x3A, 0xC7, 0xA7, 0x89, 0x2A, 0x6D, 0x9A,
+	0xF3, 0x1E, 0xC5, 0x38, 0xD3, 0x65, 0x1B, 0xB9,
+	0xDF, 0x5F, 0x7F, 0x4A, 0xD8, 0x89, 0x57, 0xF1
+};
+
 static uint8_t fp256_cipher[] = {
 	0x30, 0x78, 0x02, 0x21, 0x00, 0xAB, 0xBD, 0xE8,
 	0xE8, 0x80, 0x93, 0x36, 0x77, 0xB6, 0x44, 0x47,
@@ -121,6 +129,10 @@ struct crypto_testsuite_sm2_params sm2_param_fp256 = {
 		.data = fp256_message,
 		.length = sizeof(fp256_message),
 	},
+	.digest = {
+		.data = fp256_digest,
+		.length = sizeof(fp256_digest),
+	},
 	.cipher = {
 		.data = fp256_cipher,
 		.length = sizeof(fp256_cipher),