Patch Detail
get:
Show a patch.
patch:
Update a patch.
put:
Update a patch.
GET /api/patches/115223/?format=api
{ "id": 115223, "url": "http://patches.dpdk.org/api/patches/115223/?format=api", "web_url": "http://patches.dpdk.org/project/dpdk/patch/20220818060526.17343-3-arkadiuszx.kusztal@intel.com/", "project": { "id": 1, "url": "http://patches.dpdk.org/api/projects/1/?format=api", "name": "DPDK", "link_name": "dpdk", "list_id": "dev.dpdk.org", "list_email": "dev@dpdk.org", "web_url": "http://core.dpdk.org", "scm_url": "git://dpdk.org/dpdk", "webscm_url": "http://git.dpdk.org/dpdk", "list_archive_url": "https://inbox.dpdk.org/dev", "list_archive_url_format": "https://inbox.dpdk.org/dev/{}", "commit_url_format": "" }, "msgid": "<20220818060526.17343-3-arkadiuszx.kusztal@intel.com>", "list_archive_url": "https://inbox.dpdk.org/dev/20220818060526.17343-3-arkadiuszx.kusztal@intel.com", "date": "2022-08-18T06:05:26", "name": "[2/2] test/crypto: add ecdh tests", "commit_ref": null, "pull_url": null, "state": "changes-requested", "archived": true, "hash": "3758f7cc4e0450c8c4bf74285a2bf3b18f59d99b", "submitter": { "id": 452, "url": "http://patches.dpdk.org/api/people/452/?format=api", "name": "Arkadiusz Kusztal", "email": "arkadiuszx.kusztal@intel.com" }, "delegate": { "id": 6690, "url": "http://patches.dpdk.org/api/users/6690/?format=api", "username": "akhil", "first_name": "akhil", "last_name": "goyal", "email": "gakhil@marvell.com" }, "mbox": "http://patches.dpdk.org/project/dpdk/patch/20220818060526.17343-3-arkadiuszx.kusztal@intel.com/mbox/", "series": [ { "id": 24348, "url": "http://patches.dpdk.org/api/series/24348/?format=api", "web_url": "http://patches.dpdk.org/project/dpdk/list/?series=24348", "date": "2022-08-18T06:05:24", "name": "test: add elliptic curve tests", "version": 1, "mbox": "http://patches.dpdk.org/series/24348/mbox/" } ], "comments": "http://patches.dpdk.org/api/patches/115223/comments/", "check": "fail", "checks": "http://patches.dpdk.org/api/patches/115223/checks/", "tags": {}, "related": [], "headers": { "Return-Path": "<dev-bounces@dpdk.org>", "X-Original-To": "patchwork@inbox.dpdk.org", "Delivered-To": "patchwork@inbox.dpdk.org", "Received": [ "from mails.dpdk.org (mails.dpdk.org [217.70.189.124])\n\tby inbox.dpdk.org (Postfix) with ESMTP id 0A18AA034C;\n\tThu, 18 Aug 2022 09:14:40 +0200 (CEST)", "from [217.70.189.124] (localhost [127.0.0.1])\n\tby mails.dpdk.org (Postfix) with ESMTP id E7E0C427F0;\n\tThu, 18 Aug 2022 09:14:32 +0200 (CEST)", "from mga12.intel.com (mga12.intel.com [192.55.52.136])\n by mails.dpdk.org (Postfix) with ESMTP id 30AB740E2D\n for <dev@dpdk.org>; Thu, 18 Aug 2022 09:14:29 +0200 (CEST)", "from orsmga006.jf.intel.com ([10.7.209.51])\n by fmsmga106.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;\n 18 Aug 2022 00:14:19 -0700", "from silpixa00399302.ir.intel.com ([10.237.214.136])\n by orsmga006.jf.intel.com with ESMTP; 18 Aug 2022 00:14:18 -0700" ], "DKIM-Signature": "v=1; a=rsa-sha256; c=relaxed/simple;\n d=intel.com; i=@intel.com; q=dns/txt; s=Intel;\n t=1660806869; x=1692342869;\n h=from:to:cc:subject:date:message-id:in-reply-to: references;\n bh=71/TTVtvb3rHDXLfaf0KTrJUvEgdqolHA3uv80HZZuQ=;\n b=fb0FrjE2pxuVPzQg6uDhSIWfSPEVHKOt5fxO9atYyu2LnA4193IqDcsP\n 4wnfBTBhojHAscgEKOLDPlYhwwf7Ti9+fyW8+xDm2Cr2CDGld4IOK2dc9\n tZ4lj4D2MOUEa/rcIv1aiiNTYMsmdt+oFBtgzVwwVJh52G/PKvk1mkiEF\n sZIVfU/eZRAZKXmfRzvxqIkXsjqMs99wMcg6QPXlaDjclciFn1k4RCLcf\n GVbosBCbD3yWM70D37N2/h1JpTD2eN5Y7ysGSKzNv0rmvjL9NWa4Rkveb\n YnE7+mxdHuFnZGYNLPEs2tWfLVX6KWYZvKOfNnEZhrEwhK4hDhN+DUlc1 A==;", "X-IronPort-AV": [ "E=McAfee;i=\"6500,9779,10442\"; a=\"272452123\"", "E=Sophos;i=\"5.93,245,1654585200\"; d=\"scan'208\";a=\"272452123\"", "E=Sophos;i=\"5.93,245,1654585200\"; d=\"scan'208\";a=\"584092682\"" ], "X-ExtLoop1": "1", "From": "Arek Kusztal <arkadiuszx.kusztal@intel.com>", "To": "dev@dpdk.org", "Cc": "gakhil@marvell.com,\n\tArek Kusztal <arkadiuszx.kusztal@intel.com>", "Subject": "[PATCH 2/2] test/crypto: add ecdh tests", "Date": "Thu, 18 Aug 2022 07:05:26 +0100", "Message-Id": "<20220818060526.17343-3-arkadiuszx.kusztal@intel.com>", "X-Mailer": "git-send-email 2.13.6", "In-Reply-To": "<20220818060526.17343-1-arkadiuszx.kusztal@intel.com>", "References": "<20220818060526.17343-1-arkadiuszx.kusztal@intel.com>", "X-BeenThere": "dev@dpdk.org", "X-Mailman-Version": "2.1.29", "Precedence": "list", "List-Id": "DPDK patches and discussions <dev.dpdk.org>", "List-Unsubscribe": "<https://mails.dpdk.org/options/dev>,\n <mailto:dev-request@dpdk.org?subject=unsubscribe>", "List-Archive": "<http://mails.dpdk.org/archives/dev/>", "List-Post": "<mailto:dev@dpdk.org>", "List-Help": "<mailto:dev-request@dpdk.org?subject=help>", "List-Subscribe": "<https://mails.dpdk.org/listinfo/dev>,\n <mailto:dev-request@dpdk.org?subject=subscribe>", "Errors-To": "dev-bounces@dpdk.org" }, "content": "This commit adds ECDH test cases based on rfc5114.\n\nSigned-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>\n---\n app/test/test_cryptodev_asym.c | 357 +++++++++++++++++++++++++++++++++\n app/test/test_cryptodev_ecdh_vectors.h | 144 +++++++++++++\n 2 files changed, 501 insertions(+)\n create mode 100644 app/test/test_cryptodev_ecdh_vectors.h", "diff": "diff --git a/app/test/test_cryptodev_asym.c b/app/test/test_cryptodev_asym.c\nindex 0fea47c42e..a097023011 100644\n--- a/app/test/test_cryptodev_asym.c\n+++ b/app/test/test_cryptodev_asym.c\n@@ -23,6 +23,7 @@\n #include \"test_cryptodev_rsa_test_vectors.h\"\n #include \"test_cryptodev_asym_util.h\"\n #include \"test.h\"\n+#include \"test_cryptodev_ecdh_vectors.h\"\n \n #define TEST_NUM_BUFS 10\n #define TEST_NUM_SESSIONS 4\n@@ -2362,6 +2363,358 @@ test_ecdsa_verify(const void *input_vector)\n \treturn TEST_SUCCESS;\n }\n \n+/*\n+ * This function is split into 3 steps: STEP1, STEP1.5, STEP2\n+ * Steps 1 and 2 are just DH steps (Public key and shared secret generation).\n+ * Step 1.5 is Public Key verification (if point belongs to elliptic curve)\n+ */\n+static int\n+test_ecdh(const void *input_vector)\n+{\n+\tconst struct ECDH_test_vector *test_vector = input_vector;\n+\tstruct crypto_testsuite_params_asym *ts_params = &testsuite_params;\n+\tstruct rte_mempool *op_mpool = ts_params->op_mpool;\n+\tstruct rte_crypto_asym_xform xform = {\n+\t\t.next = NULL,\n+\t\t.xform_type = RTE_CRYPTO_ASYM_XFORM_ECDH,\n+\t\t.ec.curve_id = test_vector->curve_id\n+\t};\n+\tconst uint8_t dev_id = ts_params->valid_devs[0];\n+\n+\tuint8_t alice_x[test_vector->curve_bytesize],\n+\t\talice_y[test_vector->curve_bytesize];\n+\tuint8_t bob_x[test_vector->curve_bytesize],\n+\t\tbob_y[test_vector->curve_bytesize];\n+\tuint8_t alice_xZ[test_vector->curve_bytesize],\n+\t\talice_yZ[test_vector->curve_bytesize];\n+\tuint8_t bob_xZ[test_vector->curve_bytesize],\n+\t\tbob_yZ[test_vector->curve_bytesize];\n+\tstruct rte_crypto_op *alice_op = NULL, *bob_op = NULL;\n+\n+\talice_op = rte_crypto_op_alloc(op_mpool,\n+\t\tRTE_CRYPTO_OP_TYPE_ASYMMETRIC);\n+\tbob_op = rte_crypto_op_alloc(op_mpool,\n+\t\tRTE_CRYPTO_OP_TYPE_ASYMMETRIC);\n+\n+\t/*\n+\t * STEP 1a:\n+\t * Generate Alice public key\n+\t */\n+\n+\talice_op->sess_type = RTE_CRYPTO_OP_SESSIONLESS;\n+\talice_op->asym->xform = &xform;\n+\talice_op->asym->ecdh.ke_type = RTE_CRYPTO_ASYM_KE_PUB_KEY_GENERATE;\n+\talice_op->asym->ecdh.priv_key = test_vector->alice_d;\n+\talice_op->asym->ecdh.pub_key.x.data = alice_x;\n+\talice_op->asym->ecdh.pub_key.y.data = alice_y;\n+\n+\tif (rte_cryptodev_enqueue_burst(dev_id, 0, &alice_op, 1) != 1) {\n+\t\tRTE_LOG(ERR, USER1, \"Error sending packet for sign\\n\");\n+\t\treturn -1;\n+\t}\n+\n+\twhile (rte_cryptodev_dequeue_burst(dev_id, 0, &alice_op, 1) == 0)\n+\t\trte_pause();\n+\n+\tif (alice_op->asym->ecdh.pub_key.x.length !=\n+\t\t\ttest_vector->alice_q.x.length) {\n+\t\tRTE_LOG(ERR, USER1,\n+\t\t\t\t\"Incorrect Alice public key length (X coeff) Received length = %lu Expeceted length = %lu\\n\",\n+\t\t\t\ttest_vector->alice_q.x.length,\n+\t\t\t\talice_op->asym->ecdh.pub_key.x.length\n+\t\t\t);\n+\t\tgoto error;\n+\t}\n+\tif (alice_op->asym->ecdh.pub_key.y.length !=\n+\t\t\ttest_vector->alice_q.y.length) {\n+\t\tRTE_LOG(ERR, USER1,\n+\t\t\t\t\"Incorrect Alice public key length (Y coeff) Received length = %lu Expeceted length = %lu\\n\",\n+\t\t\t\t\ttest_vector->alice_q.y.length,\n+\t\t\t\t\talice_op->asym->ecdh.pub_key.y.length\n+\t\t\t\t);\n+\t\tgoto error;\n+\t}\n+\tif (memcmp(alice_op->asym->ecdh.pub_key.x.data,\n+\t\t\ttest_vector->alice_q.x.data,\n+\t\t\ttest_vector->alice_q.x.length)\n+\t) {\n+\t\tRTE_LOG(ERR, USER1, \"Incorrect Alice public key X\\n\");\n+\t\tdebug_hexdump(stdout, \"Generated PublicKey x (Alice):\",\n+\t\t\talice_op->asym->ecdh.pub_key.x.data,\n+\t\t\talice_op->asym->ecdh.pub_key.x.length);\n+\t\tgoto error;\n+\t}\n+\tif (memcmp(alice_op->asym->ecdh.pub_key.y.data,\n+\t\t\ttest_vector->alice_q.y.data,\n+\t\t\ttest_vector->alice_q.y.length)\n+\t) {\n+\t\tRTE_LOG(ERR, USER1, \"Incorrect Alice public key Y\\n\");\n+\t\tdebug_hexdump(stdout, \"Generated PublicKey y (Alice):\",\n+\t\t\t\talice_op->asym->ecdh.pub_key.y.data,\n+\t\t\t\talice_op->asym->ecdh.pub_key.y.length);\n+\t\tgoto error;\n+\t}\n+\n+\n+\t/*\n+\t * STEP 1b:\n+\t * Generate Bob public key\n+\t */\n+\n+\tbob_op->sess_type = RTE_CRYPTO_OP_SESSIONLESS;\n+\tbob_op->asym->xform = &xform;\n+\tbob_op->asym->ecdh.ke_type = RTE_CRYPTO_ASYM_KE_PUB_KEY_GENERATE;\n+\tbob_op->asym->ecdh.priv_key = test_vector->bob_d;\n+\tbob_op->asym->ecdh.pub_key.x.data = bob_x;\n+\tbob_op->asym->ecdh.pub_key.y.data = bob_y;\n+\n+\tif (rte_cryptodev_enqueue_burst(dev_id, 0, &bob_op, 1) != 1) {\n+\t\tRTE_LOG(ERR, USER1, \"Error sending packet for sign\\n\");\n+\t\tgoto error;\n+\t}\n+\n+\twhile (rte_cryptodev_dequeue_burst(dev_id, 0, &bob_op, 1) == 0)\n+\t\trte_pause();\n+\n+\tif (bob_op->asym->ecdh.pub_key.x.length !=\n+\t\t\ttest_vector->bob_q.x.length) {\n+\t\tRTE_LOG(ERR, USER1,\n+\t\t\t\"Incorrect Bob's public key length (X coeff) Received length = %lu Expeceted length = %lu\\n\",\n+\t\t\ttest_vector->bob_q.x.length,\n+\t\t\tbob_op->asym->ecdh.pub_key.x.length\n+\t\t);\n+\t\tgoto error;\n+\t}\n+\tif (bob_op->asym->ecdh.pub_key.y.length !=\n+\t\t\ttest_vector->bob_q.y.length) {\n+\t\tRTE_LOG(ERR, USER1,\n+\t\t\t\"Incorrect Bob's public key length (Y coeff) Received length = %lu Expeceted length = %lu\\n\",\n+\t\t\ttest_vector->bob_q.y.length,\n+\t\t\tbob_op->asym->ecdh.pub_key.y.length\n+\t\t);\n+\t\tgoto error;\n+\t}\n+\tif (memcmp(bob_op->asym->ecdh.pub_key.x.data,\n+\t\t\ttest_vector->bob_q.x.data,\n+\t\t\ttest_vector->bob_q.x.length)\n+\t) {\n+\t\tRTE_LOG(ERR, USER1, \"Incorrect Bob's public key X\\n\");\n+\t\tdebug_hexdump(stdout,\n+\t\t\t\"Generated PublicKey x (bob):\",\n+\t\t\tbob_op->asym->ecdh.pub_key.x.data,\n+\t\t\tbob_op->asym->ecdh.pub_key.x.length\n+\t\t);\n+\t\tgoto error;\n+\t}\n+\tif (memcmp(bob_op->asym->ecdh.pub_key.y.data,\n+\t\t\ttest_vector->bob_q.y.data,\n+\t\t\ttest_vector->bob_q.y.length)\n+\t) {\n+\t\tRTE_LOG(ERR, USER1, \"Incorrect Bob's public key Y\\n\");\n+\t\tdebug_hexdump(stdout,\n+\t\t\t\"Generated PublicKey y (bob):\",\n+\t\t\tbob_op->asym->ecdh.pub_key.y.data,\n+\t\t\tbob_op->asym->ecdh.pub_key.y.length\n+\t\t);\n+\t\tgoto error;\n+\t}\n+\n+\t/*\n+\t * STEP 1.5a:\n+\t * Alice verifies Bob's public key, reusing op, other parameters\n+\t * then already set, only what Alice needs to do is to set public\n+\t * key of Bob and change key exchange type to VERIFY.\n+\t */\n+\n+\talice_op->asym->ecdh.ke_type = RTE_CRYPTO_ASYM_KE_PUB_KEY_VERIFY;\n+\talice_op->asym->ecdh.pub_key.x.data = bob_x;\n+\talice_op->asym->ecdh.pub_key.x.length =\n+\t\tbob_op->asym->ecdh.pub_key.x.length;\n+\talice_op->asym->ecdh.pub_key.y.data = bob_y;\n+\talice_op->asym->ecdh.pub_key.y.length =\n+\t\tbob_op->asym->ecdh.pub_key.y.length;\n+\n+\tif (rte_cryptodev_enqueue_burst(dev_id, 0, &alice_op, 1) != 1) {\n+\t\tRTE_LOG(ERR, USER1, \"Error sending packet for sign\\n\");\n+\t\tgoto error;\n+\t}\n+\n+\twhile (rte_cryptodev_dequeue_burst(dev_id, 0, &alice_op, 1) == 0)\n+\t\trte_pause();\n+\n+\tif (alice_op->status != RTE_CRYPTO_OP_STATUS_SUCCESS) {\n+\t\tRTE_LOG(ERR, USER1,\n+\t\t\t\t\"line %u FAILED: %s\", __LINE__,\n+\t\t\t\t\"Failed to verify Bob's public key, it does not belongs to curve points\\n\"\n+\t\t\t);\n+\t\treturn TEST_FAILED;\n+\t}\n+\n+\t/*\n+\t * STEP 1.5b:\n+\t * Bob verifies Alice's public key, reusing op, other parameters\n+\t * then already set, only what Bob needs to do is to set public\n+\t * key of Alice and change key exchange type to VERIFY.\n+\t */\n+\n+\tbob_op->asym->ecdh.ke_type = RTE_CRYPTO_ASYM_KE_PUB_KEY_VERIFY;\n+\tbob_op->asym->ecdh.pub_key.x.data = alice_x;\n+\tbob_op->asym->ecdh.pub_key.x.length =\n+\t\talice_op->asym->ecdh.pub_key.x.length;\n+\tbob_op->asym->ecdh.pub_key.y.data = alice_y;\n+\tbob_op->asym->ecdh.pub_key.y.length =\n+\t\talice_op->asym->ecdh.pub_key.y.length;\n+\n+\tif (rte_cryptodev_enqueue_burst(dev_id, 0, &bob_op, 1) != 1) {\n+\t\tRTE_LOG(ERR, USER1, \"Error sending packet for sign\\n\");\n+\t\tgoto error;\n+\t}\n+\n+\twhile (rte_cryptodev_dequeue_burst(dev_id, 0, &bob_op, 1) == 0)\n+\t\trte_pause();\n+\n+\tif (bob_op->status != RTE_CRYPTO_OP_STATUS_SUCCESS) {\n+\t\tRTE_LOG(ERR, USER1,\n+\t\t\t\t\"line %u FAILED: %s\", __LINE__,\n+\t\t\t\t\"Failed to verify Alice's public key, it does not belongs to curve points\\n\"\n+\t\t\t);\n+\t\tgoto error;\n+\t}\n+\n+\t/*\n+\t * STEP 2a:\n+\t * Alice generates shared secret Z, since Bob's public key was already\n+\t * set when doing verification only key exchange type need to be\n+\t * changed, and setting place where Z will be copied by the PMD.\n+\t */\n+\n+\talice_op->asym->ecdh.ke_type = RTE_CRYPTO_ASYM_KE_SHARED_SECRET_COMPUTE;\n+\talice_op->asym->ecdh.shared_secret.x.data = alice_xZ;\n+\talice_op->asym->ecdh.shared_secret.y.data = alice_yZ;\n+\n+\tif (rte_cryptodev_enqueue_burst(dev_id, 0, &alice_op, 1) != 1) {\n+\t\tRTE_LOG(ERR, USER1, \"Error sending packet for sign\\n\");\n+\t\tgoto error;\n+\t}\n+\twhile (rte_cryptodev_dequeue_burst(dev_id, 0, &alice_op, 1) == 0)\n+\t\trte_pause();\n+\n+\tif (alice_op->asym->ecdh.shared_secret.x.length !=\n+\t\t\ttest_vector->Z.x.length) {\n+\t\tRTE_LOG(ERR, USER1,\n+\t\t\t\t\"Incorrect Alice's shared secret length X Received = %lu Expected = %lu\\n\",\n+\t\t\t\talice_op->asym->ecdh.shared_secret.x.length,\n+\t\t\t\ttest_vector->Z.x.length\n+\t\t);\n+\t\tgoto error;\n+\t}\n+\tif (alice_op->asym->ecdh.shared_secret.y.length !=\n+\t\t\ttest_vector->Z.y.length) {\n+\t\tRTE_LOG(ERR, USER1,\n+\t\t\t\t\"Incorrect Alice's shared secret length Y Received = %lu Expected = %lu\\n\",\n+\t\t\t\talice_op->asym->ecdh.shared_secret.y.length,\n+\t\t\t\ttest_vector->Z.y.length\n+\t\t);\n+\t\tgoto error;\n+\t}\n+\n+\tif (memcmp(alice_op->asym->ecdh.shared_secret.x.data,\n+\t\t\ttest_vector->Z.x.data,\n+\t\t\ttest_vector->Z.x.length)\n+\t) {\n+\t\tRTE_LOG(ERR, USER1, \"Incorrect Alice's shared secret X\\n\");\n+\t\tdebug_hexdump(stdout,\n+\t\t\t\"Generated SharedSecret x (Alice):\",\n+\t\t\talice_op->asym->ecdh.shared_secret.x.data,\n+\t\t\talice_op->asym->ecdh.shared_secret.x.length\n+\t\t);\n+\t\tgoto error;\n+\t}\n+\tif (memcmp(alice_op->asym->ecdh.shared_secret.y.data,\n+\t\t\ttest_vector->Z.y.data,\n+\t\t\ttest_vector->Z.y.length)\n+\t) {\n+\t\tRTE_LOG(ERR, USER1, \"Incorrect Alice's shared secret Y\\n\");\n+\t\tdebug_hexdump(stdout,\n+\t\t\t\"Generated SharedSecret y (Alice):\",\n+\t\t\talice_op->asym->ecdh.shared_secret.y.data,\n+\t\t\talice_op->asym->ecdh.shared_secret.y.length\n+\t\t);\n+\t\tgoto error;\n+\t}\n+\n+\t/*\n+\t * STEP 2b:\n+\t * Bob generates shared secret Z, since Alice's public key was already\n+\t * set when doing verification only key exchange type need to be\n+\t * changed, and setting place where Z will be copied by the PMD.\n+\t */\n+\n+\tbob_op->asym->ecdh.ke_type = RTE_CRYPTO_ASYM_KE_SHARED_SECRET_COMPUTE;\n+\tbob_op->asym->ecdh.shared_secret.x.data = bob_xZ;\n+\tbob_op->asym->ecdh.shared_secret.y.data = bob_yZ;\n+\n+\tif (rte_cryptodev_enqueue_burst(dev_id, 0, &bob_op, 1) != 1) {\n+\t\tRTE_LOG(ERR, USER1, \"Error sending packet for sign\\n\");\n+\t\tgoto error;\n+\t}\n+\n+\twhile (rte_cryptodev_dequeue_burst(dev_id, 0, &bob_op, 1) == 0)\n+\t\trte_pause();\n+\n+\tif (bob_op->asym->ecdh.shared_secret.x.length !=\n+\t\t\ttest_vector->Z.x.length) {\n+\t\tRTE_LOG(ERR, USER1,\n+\t\t\t\t\"Incorrect Bob's shared secret length X Received = %lu Expected = %lu\\n\",\n+\t\t\t\tbob_op->asym->ecdh.shared_secret.x.length,\n+\t\t\t\ttest_vector->Z.x.length\n+\t\t);\n+\t\tgoto error;\n+\t}\n+\tif (bob_op->asym->ecdh.shared_secret.y.length !=\n+\t\t\ttest_vector->Z.y.length) {\n+\t\tRTE_LOG(ERR, USER1,\n+\t\t\t\t\"Incorrect Bob's shared secret length Y Received = %lu Expected = %lu\\n\",\n+\t\t\t\tbob_op->asym->ecdh.shared_secret.y.length,\n+\t\t\t\ttest_vector->Z.y.length\n+\t\t);\n+\t\tgoto error;\n+\t}\n+\n+\tif (memcmp(bob_op->asym->ecdh.shared_secret.x.data,\n+\t\t\ttest_vector->Z.x.data,\n+\t\t\ttest_vector->Z.x.length)\n+\t) {\n+\t\tRTE_LOG(ERR, USER1, \"Incorrect Bob's shared secret X\\n\");\n+\t\tdebug_hexdump(stdout,\n+\t\t\t\"Generated SharedSecret x (Bob):\",\n+\t\t\tbob_op->asym->ecdh.shared_secret.x.data,\n+\t\t\tbob_op->asym->ecdh.shared_secret.x.length\n+\t\t);\n+\t\tgoto error;\n+\t}\n+\tif (memcmp(bob_op->asym->ecdh.shared_secret.y.data,\n+\t\t\ttest_vector->Z.y.data,\n+\t\t\ttest_vector->Z.y.length)\n+\t) {\n+\t\tRTE_LOG(ERR, USER1, \"Incorrect Bob's shared secret Y\\n\");\n+\t\tdebug_hexdump(stdout,\n+\t\t\t\"Generated SharedSecret y (Bob):\",\n+\t\t\tbob_op->asym->ecdh.shared_secret.y.data,\n+\t\t\tbob_op->asym->ecdh.shared_secret.y.length\n+\t\t);\n+\t\tgoto error;\n+\t}\n+\n+\t/* Both shared secret where correctly verified -> Test passed */\n+\n+\treturn TEST_SUCCESS;\n+error:\n+\trte_crypto_op_free(alice_op);\n+\trte_crypto_op_free(bob_op);\n+\treturn TEST_FAILED;\n+}\n+\n static struct unit_test_suite cryptodev_openssl_asym_testsuite = {\n \t.suite_name = \"Crypto Device OPENSSL ASYM Unit Test Suite\",\n \t.setup = testsuite_setup,\n@@ -2391,6 +2744,10 @@ static struct unit_test_suite cryptodev_qat_asym_testsuite = {\n \t.teardown = testsuite_teardown,\n \t.unit_test_cases = {\n \t\tTEST_CASE_NAMED_WITH_DATA(\n+\t\t\t\"Test - ECDH secp256r1, RFC 5114 256 Random\",\n+\t\t\tut_setup_asym, ut_teardown_asym,\n+\t\t\ttest_ecdh, &rfc5114_secp256r1),\n+\t\tTEST_CASE_NAMED_WITH_DATA(\n \t\t\t\"Test - ECDSA secp256r1 signature generation\",\n \t\t\tut_setup_asym, ut_teardown_asym,\n \t\t\ttest_ecdsa_sign, &ecdsa_param_secp256r1),\ndiff --git a/app/test/test_cryptodev_ecdh_vectors.h b/app/test/test_cryptodev_ecdh_vectors.h\nnew file mode 100644\nindex 0000000000..553e33de38\n--- /dev/null\n+++ b/app/test/test_cryptodev_ecdh_vectors.h\n@@ -0,0 +1,144 @@\n+/* SPDX-License-Identifier: BSD-3-Clause\n+ * Copyright (C) 2022 Intel Corporation\n+ */\n+\n+#ifndef __TEST_CRYPTODEV_ECDH_VECTORS_H__\n+#define __TEST_CRYPTODEV_ECDH_VECTORS_H__\n+\n+#include \"rte_crypto_asym.h\"\n+\n+/*\n+ * Elliptic Curve Diffie-Hellman test vector struct\n+ * Peers are named Alice and Bob\n+ * q - is a public key\n+ * d - is a private key\n+ * Z - is a shared secret\n+ */\n+\n+struct ECDH_test_vector {\n+\tenum rte_crypto_curve_id curve_id;\n+\tint curve_bytesize;\n+\trte_crypto_uint alice_d;\n+\trte_crypto_uint bob_d;\n+\tstruct rte_crypto_ec_point alice_q;\n+\tstruct rte_crypto_ec_point bob_q;\n+\tstruct rte_crypto_ec_point Z;\n+};\n+\n+/*\n+ * Elliptic Curve Diffie-Hellman test\n+ * It consist of three phases:\n+ * - Generation of public key based on private key\n+ * - Verification of peer's public key\n+ * - Generation of shared secret\n+ * Peers in tests are named Alice and Bob\n+ */\n+\n+/* RFC 5114 256-bit Random ECP Group Data */\n+\n+/*\n+ * Alice's parameters\n+ */\n+static uint8_t rfc5114_256b_dA[] = {\n+\t0x81, 0x42, 0x64, 0x14, 0x5F, 0x2F, 0x56, 0xF2,\n+\t0xE9, 0x6A, 0x8E, 0x33, 0x7A, 0x12, 0x84, 0x99,\n+\t0x3F, 0xAF, 0x43, 0x2A, 0x5A, 0xBC, 0xE5, 0x9E,\n+\t0x86, 0x7B, 0x72, 0x91, 0xD5, 0x07, 0xA3, 0xAF,\n+};\n+\n+static uint8_t rfc5114_256b_x_qA[] = {\n+\t0x2A, 0xF5, 0x02, 0xF3, 0xBE, 0x89, 0x52, 0xF2,\n+\t0xC9, 0xB5, 0xA8, 0xD4, 0x16, 0x0D, 0x09, 0xE9,\n+\t0x71, 0x65, 0xBE, 0x50, 0xBC, 0x42, 0xAE, 0x4A,\n+\t0x5E, 0x8D, 0x3B, 0x4B, 0xA8, 0x3A, 0xEB, 0x15,\n+};\n+\n+static uint8_t rfc5114_256b_y_qA[] = {\n+\t0xEB, 0x0F, 0xAF, 0x4C, 0xA9, 0x86, 0xC4, 0xD3,\n+\t0x86, 0x81, 0xA0, 0xF9, 0x87, 0x2D, 0x79, 0xD5,\n+\t0x67, 0x95, 0xBD, 0x4B, 0xFF, 0x6E, 0x6D, 0xE3,\n+\t0xC0, 0xF5, 0x01, 0x5E, 0xCE, 0x5E, 0xFD, 0x85,\n+};\n+\n+/*\n+ * Bob's parameters\n+ */\n+static uint8_t rfc5114_256b_dB[] = {\n+\t0x2C, 0xE1, 0x78, 0x8E, 0xC1, 0x97, 0xE0, 0x96,\n+\t0xDB, 0x95, 0xA2, 0x00, 0xCC, 0x0A, 0xB2, 0x6A,\n+\t0x19, 0xCE, 0x6B, 0xCC, 0xAD, 0x56, 0x2B, 0x8E,\n+\t0xEE, 0x1B, 0x59, 0x37, 0x61, 0xCF, 0x7F, 0x41,\n+};\n+\n+static uint8_t rfc5114_256b_x_qB[] = {\n+\t0xB1, 0x20, 0xDE, 0x4A, 0xA3, 0x64, 0x92, 0x79,\n+\t0x53, 0x46, 0xE8, 0xDE, 0x6C, 0x2C, 0x86, 0x46,\n+\t0xAE, 0x06, 0xAA, 0xEA, 0x27, 0x9F, 0xA7, 0x75,\n+\t0xB3, 0xAB, 0x07, 0x15, 0xF6, 0xCE, 0x51, 0xB0,\n+};\n+\n+static uint8_t rfc5114_256b_y_qB[] = {\n+\t0x9F, 0x1B, 0x7E, 0xEC, 0xE2, 0x0D, 0x7B, 0x5E,\n+\t0xD8, 0xEC, 0x68, 0x5F, 0xA3, 0xF0, 0x71, 0xD8,\n+\t0x37, 0x27, 0x02, 0x70, 0x92, 0xA8, 0x41, 0x13,\n+\t0x85, 0xC3, 0x4D, 0xDE, 0x57, 0x08, 0xB2, 0xB6,\n+};\n+\n+static uint8_t rfc5114_256b_x_Z[] = {\n+\t0xDD, 0x0F, 0x53, 0x96, 0x21, 0x9D, 0x1E, 0xA3,\n+\t0x93, 0x31, 0x04, 0x12, 0xD1, 0x9A, 0x08, 0xF1,\n+\t0xF5, 0x81, 0x1E, 0x9D, 0xC8, 0xEC, 0x8E, 0xEA,\n+\t0x7F, 0x80, 0xD2, 0x1C, 0x82, 0x0C, 0x27, 0x88,\n+};\n+\n+static uint8_t rfc5114_256b_y_Z[] = {\n+\t0x03, 0x57, 0xDC, 0xCD, 0x4C, 0x80, 0x4D, 0x0D,\n+\t0x8D, 0x33, 0xAA, 0x42, 0xB8, 0x48, 0x83, 0x4A,\n+\t0xA5, 0x60, 0x5F, 0x9A, 0xB0, 0xD3, 0x72, 0x39,\n+\t0xA1, 0x15, 0xBB, 0xB6, 0x47, 0x93, 0x6F, 0x50,\n+};\n+\n+static struct ECDH_test_vector rfc5114_secp256r1 = {\n+\t.curve_id = RTE_CRYPTO_EC_GROUP_SECP256R1,\n+\t.curve_bytesize = 32,\n+\t.alice_d = {\n+\t\t.data = rfc5114_256b_dA,\n+\t\t.length = sizeof(rfc5114_256b_dA),\n+\t},\n+\t.alice_q = {\n+\t\t.x = {\n+\t\t\t.data = rfc5114_256b_x_qA,\n+\t\t\t.length = sizeof(rfc5114_256b_x_qA),\n+\t\t},\n+\t\t.y = {\n+\t\t\t.data = rfc5114_256b_y_qA,\n+\t\t\t.length = sizeof(rfc5114_256b_y_qA),\n+\t\t},\n+\t},\n+\t.bob_d = {\n+\t\t.data = rfc5114_256b_dB,\n+\t\t.length = sizeof(rfc5114_256b_dB)\n+\t},\n+\t.bob_q = {\n+\t\t.x = {\n+\t\t\t.data = rfc5114_256b_x_qB,\n+\t\t\t.length = sizeof(rfc5114_256b_x_qB),\n+\t\t},\n+\t\t.y = {\n+\t\t\t.data = rfc5114_256b_y_qB,\n+\t\t\t.length = sizeof(rfc5114_256b_y_qB),\n+\t\t},\n+\t},\n+\t.Z = {\n+\t\t.x = {\n+\t\t\t.data = rfc5114_256b_x_Z,\n+\t\t\t.length = sizeof(rfc5114_256b_x_Z),\n+\t\t},\n+\t\t.y = {\n+\t\t\t.data = rfc5114_256b_y_Z,\n+\t\t\t.length = sizeof(rfc5114_256b_y_Z),\n+\t\t}\n+\t}\n+};\n+\n+#endif\n\\ No newline at end of file\n", "prefixes": [ "2/2" ] }