dccd1cb407
Update some patch for uadk_engine from mainline. Signed-off-by: Yang Shen <shenyang39@huawei.com> (cherry picked from commit 6ae4d8c0999343eddb153c4e4e879a6b66ef528f)
198 lines
8.4 KiB
Diff
198 lines
8.4 KiB
Diff
From 5dab65ce804d8e7995cef2eecfb375270d55f2ed Mon Sep 17 00:00:00 2001
|
|
From: Zhangfei Gao <zhangfei.gao@linaro.org>
|
|
Date: Wed, 30 Mar 2022 07:34:43 +0000
|
|
Subject: [PATCH 39/57] README: move test script to sanity_test.sh
|
|
|
|
Move test script from README to sanity_test.sh
|
|
|
|
Signed-off-by: Zhangfei Gao <zhangfei.gao@linaro.org>
|
|
---
|
|
README | 103 +-------------------------------------------
|
|
test/sanity_test.sh | 39 ++++++++++++++++-
|
|
2 files changed, 39 insertions(+), 103 deletions(-)
|
|
|
|
diff --git a/README b/README
|
|
index 562a859..ed49128 100644
|
|
--- a/README
|
|
+++ b/README
|
|
@@ -63,108 +63,7 @@ Build & Install OpenSSL UADK Engine
|
|
Testing
|
|
-------
|
|
```
|
|
- sudo test/sanity_test.sh
|
|
-```
|
|
-1. Cipher
|
|
-```
|
|
-openssl enc -aes-128-cbc -a -in data -out data.en -pass pass:123456 -K abc -iv abc -engine uadk_engine -p
|
|
-openssl enc -aes-128-cbc -a -d -in data.en -out data.de -pass pass:123456 -K abc -iv abc -engine uadk_engine -p
|
|
-openssl enc -aes-192-cbc -a -in data -out data.en -pass pass:123456 -K abc -iv abc -engine uadk_engine -p
|
|
-openssl enc -aes-192-cbc -a -d -in data.en -out data.de -pass pass:123456 -K abc -iv abc -engine uadk_engine -p
|
|
-openssl enc -aes-256-cbc -a -in data -out data.en -pass pass:123456 -K abc -iv abc -engine uadk_engine -p
|
|
-openssl enc -aes-256-cbc -a -d -in data.en -out data.de -pass pass:123456 -K abc -iv abc -engine uadk_engine -p
|
|
-openssl enc -aes-128-ecb -a -in data -out data.en -pass pass:123456 -K abc -iv abc -engine uadk_engine -p
|
|
-openssl enc -aes-128-ecb -a -d -in data.en -out data.de -pass pass:123456 -K abc -iv abc -engine uadk_engine -p
|
|
-openssl enc -aes-192-ecb -a -in data -out data.en -pass pass:123456 -K abc -iv abc -engine uadk_engine -p
|
|
-openssl enc -aes-192-ecb -a -d -in data.en -out data.de -pass pass:123456 -K abc -iv abc -engine uadk_engine -p
|
|
-openssl enc -aes-256-ecb -a -in data -out data.en -pass pass:123456 -K abc -iv abc -engine uadk_engine -p
|
|
-openssl enc -aes-256-ecb -a -d -in data.en -out data.de -pass pass:123456 -K abc -iv abc -engine uadk_engine -p
|
|
-openssl enc -aes-128-ctr -a -in data -out data.en -pass pass:123456 -K abc -iv abc -engine uadk_engine -p
|
|
-openssl enc -aes-128-ctr -a -d -in data.en -out data.de -pass pass:123456 -K abc -iv abc -engine uadk_engine -p
|
|
-openssl enc -aes-192-ctr -a -in data -out data.en -pass pass:123456 -K abc -iv abc -engine uadk_engine -p
|
|
-openssl enc -aes-192-ctr -a -d -in data.en -out data.de -pass pass:123456 -K abc -iv abc -engine uadk_engine -p
|
|
-openssl enc -aes-256-ctr -a -in data -out data.en -pass pass:123456 -K abc -iv abc -engine uadk_engine -p
|
|
-openssl enc -aes-256-ctr -a -d -in data.en -out data.de -pass pass:123456 -K abc -iv abc -engine uadk_engine -p
|
|
-openssl enc -sm4-cbc -a -in data -out data.en -pass pass:123456 -K abc -iv abc -engine uadk_engine -p
|
|
-openssl enc -sm4-cbc -a -d -in data.en -out data.de -pass pass:123456 -K abc -iv abc -engine uadk_engine -p
|
|
-openssl enc -sm4-ecb -a -in data -out data.en -pass pass:123456 -K abc -iv abc -engine uadk_engine -p
|
|
-openssl enc -sm4-ecb -a -d -in data.en -out data.de -pass pass:123456 -K abc -iv abc -engine uadk_engine -p
|
|
-openssl enc -des-ede3-cbc -a -in data -out data.en -pass pass:123456 -K abc -iv abc -engine uadk_engine -p
|
|
-openssl enc -des-ede3-cbc -a -d -in data.en -out data.de -pass pass:123456 -K abc -iv abc -engine uadk_engine -p
|
|
-openssl enc -des-ede3-ecb -a -in data -out data.en -pass pass:123456 -K abc -iv abc -engine uadk_engine -p
|
|
-openssl enc -des-ede3-ecb -a -d -in data.en -out data.de -pass pass:123456 -K abc -iv abc -engine uadk_engine -p
|
|
-openssl speed -engine uadk_engine -async_jobs 1 -evp aes-128-cbc
|
|
-openssl speed -engine uadk_engine -async_jobs 1 -evp sm4-cbc
|
|
-openssl speed -engine uadk_engine -async_jobs 1 -evp des-ede3-cbc
|
|
-```
|
|
-2. RSA
|
|
-```
|
|
-openssl genrsa -out prikey.pem -engine uadk_engine 2048
|
|
-openssl rsa -in prikey.pem -pubout -out pubkey.pem -engine uadk_engine
|
|
-openssl rsautl -encrypt -in plain.txt -inkey pubkey.pem -pubin -out enc.txt -engine uadk_engine
|
|
-openssl rsautl -decrypt -in enc.txt -inkey prikey.pem -out dec.txt -engine uadk_engine
|
|
-openssl rsautl -sign -in msg.txt -inkey prikey.pem -out signed.txt -engine uadk_engine
|
|
-openssl rsautl -verify -in signed.txt -inkey pubkey.pem -pubin -out verified.txt -engine uadk_engine
|
|
-openssl speed -elapsed -engine uadk_engine rsa2048
|
|
-openssl speed -elapsed -engine uadk_engine -async_jobs 10 rsa2048
|
|
-```
|
|
-3. SM3
|
|
-```
|
|
-openssl sm3 -engine uadk_engine data
|
|
-```
|
|
-4. MD5
|
|
-```
|
|
-openssl speed -engine uadk_engine -async_jobs 1 -evp md5
|
|
-```
|
|
-5. SHA
|
|
-```
|
|
-openssl sha1 -engine uadk_engine data
|
|
-openssl sha256 -engine uadk_engine data
|
|
-openssl sha512 -engine uadk_engine data
|
|
-```
|
|
-6. DH
|
|
-
|
|
-[step 1] Generate global public parameters, and save them in the file
|
|
-dhparam.pem:
|
|
-```
|
|
-openssl dhparam -out dhparam.pem 2048
|
|
-```
|
|
-[step 2] Generate own private key:
|
|
-```
|
|
-openssl genpkey -paramfile dhparam.pem -out privatekey1.pem
|
|
-openssl genpkey -paramfile dhparam.pem -out privatekey2.pem
|
|
-```
|
|
-[step 3] Generate public key:
|
|
-```
|
|
-openssl pkey -in privatekey1.pem -pubout -out publickey1.pem -engine uadk
|
|
-openssl pkey -in privatekey2.pem -pubout -out publickey2.pem -engine uadk
|
|
-```
|
|
-[step 4] After exchanging public key, each user can derive the shared secret:
|
|
-```
|
|
-openssl pkeyutl -derive -inkey privatekey1.pem -peerkey publickey2.pem -out
|
|
-secret1.bin -engine uadk_engine
|
|
-openssl pkeyutl -derive -inkey privatekey2.pem -peerkey publickey1.pem -out
|
|
-secret2.bin -engine uadk_engine
|
|
-```
|
|
-[step 5] Check secret1.bin and secret2.bin:
|
|
-```
|
|
-cmp secret1.bin secret2.bin
|
|
-xxd secret1.bin
|
|
-xxd secret2.bin
|
|
-```
|
|
-secret1.bin and secret2.bin should be the same.
|
|
-
|
|
-7. SM2
|
|
-```
|
|
-openssl speed -elapsed -engine uadk_engine sm2
|
|
-openssl speed -elapsed -engine uadk_engine -async_jobs 1 sm2
|
|
-openssl ecparam -genkey -name SM2 -out SM2PrivateKey.pem
|
|
-openssl ec -in SM2PrivateKey.pem -pubout -out SM2PublicKey.pem
|
|
-```
|
|
-8. ECDSA
|
|
-```
|
|
-openssl speed -elapsed -engine uadk_engine ecdsap256
|
|
-openssl speed -elapsed -engine uadk_engine -async_jobs 1 ecdsap256
|
|
+ ./test/sanity_test.sh
|
|
```
|
|
|
|
Environment variable of uadk engine
|
|
diff --git a/test/sanity_test.sh b/test/sanity_test.sh
|
|
index 4273310..2c0c504 100755
|
|
--- a/test/sanity_test.sh
|
|
+++ b/test/sanity_test.sh
|
|
@@ -1,6 +1,6 @@
|
|
#!/bin/bash
|
|
|
|
-chmod 666 /dev/hisi_*
|
|
+sudo chmod 666 /dev/hisi_*
|
|
|
|
if [ ! -n "$1" ]; then
|
|
engine_id=uadk_engine
|
|
@@ -24,6 +24,12 @@ if [[ $algs =~ "SM3" ]]; then
|
|
openssl speed -engine $engine_id -async_jobs 1 -evp sm3
|
|
fi
|
|
|
|
+if [[ $algs =~ "SM2" ]]; then
|
|
+ echo "testing SM2"
|
|
+ openssl speed -engine $engine_id -evp sm2
|
|
+ openssl speed -engine $engine_id -async_jobs 1 -evp sm2
|
|
+fi
|
|
+
|
|
if [[ $algs =~ "SHA" ]]; then
|
|
echo "testing SHA"
|
|
openssl speed -engine $engine_id -evp sha1
|
|
@@ -58,6 +64,12 @@ if [[ $algs =~ "AES" ]]; then
|
|
openssl speed -engine $engine_id -async_jobs 1 -evp aes-128-xts
|
|
openssl speed -engine $engine_id -evp aes-256-xts
|
|
openssl speed -engine $engine_id -async_jobs 1 -evp aes-256-xts
|
|
+ openssl speed -engine $engine_id -evp aes-128-ctr
|
|
+ openssl speed -engine $engine_id -async_jobs 1 -evp aes-128-ctr
|
|
+ openssl speed -engine $engine_id -evp aes-192-ctr
|
|
+ openssl speed -engine $engine_id -async_jobs 1 -evp aes-192-ctr
|
|
+ openssl speed -engine $engine_id -evp aes-256-ctr
|
|
+ openssl speed -engine $engine_id -async_jobs 1 -evp aes-256-ctr
|
|
fi
|
|
|
|
if [[ $algs =~ "SM4-CBC" ]]; then
|
|
@@ -134,3 +146,28 @@ if [[ $algs =~ "id-ecPublicKey" ]]; then
|
|
openssl speed -elapsed -engine $engine_id ecdhbrp384r1
|
|
openssl speed -elapsed -engine $engine_id -async_jobs 1 ecdhbrp384r1
|
|
fi
|
|
+
|
|
+#DH
|
|
+if [[ $algs =~ "DH" ]]; then
|
|
+ echo "testing DH"
|
|
+ #1. Generate global public parameters, and save them in the file dhparam.pem:
|
|
+ openssl dhparam -out dhparam.pem 2048
|
|
+
|
|
+ #2. Generate own private key:
|
|
+ openssl genpkey -paramfile dhparam.pem -out privatekey1.pem
|
|
+ openssl genpkey -paramfile dhparam.pem -out privatekey2.pem
|
|
+
|
|
+ #3. Generate public key:
|
|
+ openssl pkey -in privatekey1.pem -pubout -out publickey1.pem -engine $engine_id
|
|
+ openssl pkey -in privatekey2.pem -pubout -out publickey2.pem -engine $engine_id
|
|
+
|
|
+ #4. After exchanging public key, each user can derive the shared secret:
|
|
+ openssl pkeyutl -derive -inkey privatekey1.pem -peerkey publickey2.pem -out secret1.bin -engine $engine_id
|
|
+ openssl pkeyutl -derive -inkey privatekey2.pem -peerkey publickey1.pem -out secret2.bin -engine $engine_id
|
|
+
|
|
+ #5. Check secret1.bin and secret2.bin:
|
|
+ cmp secret1.bin secret2.bin
|
|
+ xxd secret1.bin
|
|
+ xxd secret2.bin
|
|
+ #secret1.bin and secret2.bin should be same.
|
|
+fi
|
|
--
|
|
2.27.0
|
|
|