Re: [PATCH RFC v3 3/3] crypto: add tests vectors for RSA
Hi Stephan On 06/03/2015 05:15 PM, Stephan Mueller wrote: May I ask that the outbuf_enc is memcmp()ed with an expected value? This check is required for FIPS 140-2 compliance. Without that memcmp, FIPS 140-2 validations will not be successful. Sure, I will do that. I wasn't aware that this was required. Sorry for bringing that one up just now: 512 and 1024 bit test vectors will not be helpful for several use cases, including FIPS. I can offer to give you 2k or 3k vectors. I have one 2K vector from openSSL fips so I'll use it instead of the 512 one. Besides, wouldn't one vector be sufficient? I think there is no harm to have these 3 vectors to make sure an implementation is well tested. -- To unsubscribe from this list: send the line unsubscribe linux-crypto in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH RFC v3 3/3] crypto: add tests vectors for RSA
New test vectors for RSA algorithm. Signed-off-by: Tadeusz Struk tadeusz.st...@intel.com --- crypto/testmgr.c | 151 ++ crypto/testmgr.h | 86 +++ 2 files changed, 237 insertions(+) diff --git a/crypto/testmgr.c b/crypto/testmgr.c index 717d6f2..54a5412 100644 --- a/crypto/testmgr.c +++ b/crypto/testmgr.c @@ -30,6 +30,8 @@ #include linux/string.h #include crypto/rng.h #include crypto/drbg.h +#include crypto/public_key.h +#include crypto/akcipher.h #include internal.h @@ -116,6 +118,11 @@ struct drbg_test_suite { unsigned int count; }; +struct akcipher_test_suite { + struct akcipher_testvec *vecs; + unsigned int count; +}; + struct alg_test_desc { const char *alg; int (*test)(const struct alg_test_desc *desc, const char *driver, @@ -130,6 +137,7 @@ struct alg_test_desc { struct hash_test_suite hash; struct cprng_test_suite cprng; struct drbg_test_suite drbg; + struct akcipher_test_suite akcipher; } suite; }; @@ -1825,6 +1833,139 @@ static int alg_test_drbg(const struct alg_test_desc *desc, const char *driver, } +static int do_test_rsa(struct crypto_akcipher *tfm, + struct akcipher_testvec *vecs) +{ + struct akcipher_request *req; + struct public_key pkey; + void *outbuf_enc = NULL; + void *outbuf_dec = NULL; + struct tcrypt_result result; + unsigned int out_len = vecs-c_size; + int err = -ENOMEM; + + req = akcipher_request_alloc(tfm, GFP_KERNEL); + if (!req) + return err; + + pkey.rsa.n = mpi_read_raw_data(vecs-pub_key_n, vecs-pub_key_n_size); + if (!pkey.rsa.n) + goto free_req; + + pkey.rsa.e = mpi_read_raw_data(vecs-pub_key_e, vecs-pub_key_e_size); + if (!pkey.rsa.e) + goto free_n; + + pkey.rsa.d = mpi_read_raw_data(vecs-sec_key_d, vecs-sec_key_d_size); + if (!pkey.rsa.d) + goto free_e; + + outbuf_enc = kzalloc(vecs-c_size, GFP_KERNEL); + if (!outbuf_enc) + goto free_d; + + /* Run RSA encrypt - c = m^e mod n;*/ + init_completion(result.completion); + crypto_akcipher_setkey(tfm, pkey); + akcipher_request_set_crypt(req, vecs-m, outbuf_enc, vecs-m_size, + out_len, out_len); + akcipher_request_set_callback(req, CRYPTO_TFM_REQ_MAY_BACKLOG, + tcrypt_complete, result); + err = wait_async_op(result, crypto_akcipher_encrypt(req)); + if (err) { + pr_err(alg: rsa: encrypt test failed. err %d\n, err); + goto free_all; + } + + if (out_len != vecs-c_size) { + err = -EINVAL; + goto free_all; + } + + outbuf_dec = kzalloc(out_len, GFP_KERNEL); + if (!outbuf_dec) { + err = -ENOMEM; + goto free_all; + } + + init_completion(result.completion); + akcipher_request_set_crypt(req, outbuf_enc, outbuf_dec, vecs-c_size, + out_len, out_len); + /* Run RSA decrypt - m = c^d mod n;*/ + err = wait_async_op(result, crypto_akcipher_decrypt(req)); + if (err) { + pr_err(alg: rsa: decrypt test failed. err %d\n, err); + goto free_all; + } + + if (out_len != vecs-m_size) { + err = -EINVAL; + goto free_all; + } + + /* verify that decrypted message is equal to the original msg */ + if (memcmp(vecs-m, outbuf_dec, vecs-m_size)) { + pr_err(alg: rsa: encrypt test failed. Invalid output\n); + err = -EINVAL; + } +free_all: + kfree(outbuf_dec); + kfree(outbuf_enc); +free_d: + mpi_free(pkey.rsa.d); +free_e: + mpi_free(pkey.rsa.e); +free_n: + mpi_free(pkey.rsa.n); +free_req: + akcipher_request_free(req); + return err; +} + +static int test_rsa(struct crypto_akcipher *tfm, struct akcipher_testvec *vecs, + unsigned int tcount) +{ + int ret, i; + + for (i = 0; i tcount; i++) { + ret = do_test_rsa(tfm, vecs++); + if (ret) { + pr_err(alg: rsa: test failed on vector %d\n, i + 1); + return ret; + } + } + return 0; +} + +static int test_akcipher(struct crypto_akcipher *tfm, const char *alg, +struct akcipher_testvec *vecs, unsigned int tcount) +{ + if (strncmp(alg, rsa, 3) == 0) + return test_rsa(tfm, vecs, tcount); + + return 0; +} + +static int alg_test_akcipher(const struct alg_test_desc *desc, +const char *driver, u32 type, u32 mask) +{ + struct crypto_akcipher *tfm; + int err = 0; + + tfm =
Re: [PATCH RFC v3 3/3] crypto: add tests vectors for RSA
Am Mittwoch, 3. Juni 2015, 15:44:24 schrieb Tadeusz Struk: Hi Tadeusz, New test vectors for RSA algorithm. Signed-off-by: Tadeusz Struk tadeusz.st...@intel.com --- crypto/testmgr.c | 151 ++ crypto/testmgr.h | 86 +++ 2 files changed, 237 insertions(+) diff --git a/crypto/testmgr.c b/crypto/testmgr.c index 717d6f2..54a5412 100644 --- a/crypto/testmgr.c +++ b/crypto/testmgr.c @@ -30,6 +30,8 @@ #include linux/string.h #include crypto/rng.h #include crypto/drbg.h +#include crypto/public_key.h +#include crypto/akcipher.h #include internal.h @@ -116,6 +118,11 @@ struct drbg_test_suite { unsigned int count; }; +struct akcipher_test_suite { + struct akcipher_testvec *vecs; + unsigned int count; +}; + struct alg_test_desc { const char *alg; int (*test)(const struct alg_test_desc *desc, const char *driver, @@ -130,6 +137,7 @@ struct alg_test_desc { struct hash_test_suite hash; struct cprng_test_suite cprng; struct drbg_test_suite drbg; + struct akcipher_test_suite akcipher; } suite; }; @@ -1825,6 +1833,139 @@ static int alg_test_drbg(const struct alg_test_desc *desc, const char *driver, } +static int do_test_rsa(struct crypto_akcipher *tfm, +struct akcipher_testvec *vecs) +{ + struct akcipher_request *req; + struct public_key pkey; + void *outbuf_enc = NULL; + void *outbuf_dec = NULL; + struct tcrypt_result result; + unsigned int out_len = vecs-c_size; + int err = -ENOMEM; + + req = akcipher_request_alloc(tfm, GFP_KERNEL); + if (!req) + return err; + + pkey.rsa.n = mpi_read_raw_data(vecs-pub_key_n, vecs-pub_key_n_size); + if (!pkey.rsa.n) + goto free_req; + + pkey.rsa.e = mpi_read_raw_data(vecs-pub_key_e, vecs-pub_key_e_size); + if (!pkey.rsa.e) + goto free_n; + + pkey.rsa.d = mpi_read_raw_data(vecs-sec_key_d, vecs-sec_key_d_size); + if (!pkey.rsa.d) + goto free_e; + + outbuf_enc = kzalloc(vecs-c_size, GFP_KERNEL); + if (!outbuf_enc) + goto free_d; + + /* Run RSA encrypt - c = m^e mod n;*/ + init_completion(result.completion); + crypto_akcipher_setkey(tfm, pkey); + akcipher_request_set_crypt(req, vecs-m, outbuf_enc, vecs-m_size, +out_len, out_len); + akcipher_request_set_callback(req, CRYPTO_TFM_REQ_MAY_BACKLOG, + tcrypt_complete, result); + err = wait_async_op(result, crypto_akcipher_encrypt(req)); + if (err) { + pr_err(alg: rsa: encrypt test failed. err %d\n, err); + goto free_all; + } + + if (out_len != vecs-c_size) { + err = -EINVAL; + goto free_all; + } + May I ask that the outbuf_enc is memcmp()ed with an expected value? This check is required for FIPS 140-2 compliance. Without that memcmp, FIPS 140-2 validations will not be successful. + outbuf_dec = kzalloc(out_len, GFP_KERNEL); + if (!outbuf_dec) { + err = -ENOMEM; + goto free_all; + } + + init_completion(result.completion); + akcipher_request_set_crypt(req, outbuf_enc, outbuf_dec, vecs-c_size, +out_len, out_len); + /* Run RSA decrypt - m = c^d mod n;*/ + err = wait_async_op(result, crypto_akcipher_decrypt(req)); + if (err) { + pr_err(alg: rsa: decrypt test failed. err %d\n, err); + goto free_all; + } + + if (out_len != vecs-m_size) { + err = -EINVAL; + goto free_all; + } + + /* verify that decrypted message is equal to the original msg */ + if (memcmp(vecs-m, outbuf_dec, vecs-m_size)) { + pr_err(alg: rsa: encrypt test failed. Invalid output\n); + err = -EINVAL; + } +free_all: + kfree(outbuf_dec); + kfree(outbuf_enc); +free_d: + mpi_free(pkey.rsa.d); +free_e: + mpi_free(pkey.rsa.e); +free_n: + mpi_free(pkey.rsa.n); +free_req: + akcipher_request_free(req); + return err; +} + +static int test_rsa(struct crypto_akcipher *tfm, struct akcipher_testvec *vecs, + unsigned int tcount) +{ + int ret, i; + + for (i = 0; i tcount; i++) { + ret = do_test_rsa(tfm, vecs++); + if (ret) { + pr_err(alg: rsa: test failed on vector %d\n, i + 1); + return ret; + } + } + return 0; +} + +static int test_akcipher(struct crypto_akcipher *tfm, const char *alg, + struct akcipher_testvec *vecs, unsigned int tcount) +{ + if (strncmp(alg, rsa, 3) == 0) + return test_rsa(tfm, vecs, tcount); + +