From: Tadeusz Struk <tadeusz.struk@intel.com>
To: "Corentin Labbe" <clabbe.montjoie@gmail.com>,
"Stephan Müller" <smueller@chronox.de>
Cc: herbert@gondor.apana.org.au, linux-crypto@vger.kernel.org,
linux-kernel@vger.kernel.org
Subject: Re: Problem with RSA test from testmgr
Date: Wed, 1 Mar 2017 18:15:13 -0800 [thread overview]
Message-ID: <122aa2a3-e478-1a68-083a-273ceabaf2fb@intel.com> (raw)
In-Reply-To: <20170301120414.GA18217@Red>
Hi Corentin,
On 03/01/2017 04:04 AM, Corentin Labbe wrote:
>> I would think the issue is that the OpenSSL BIGNUM lib has some issues: when
>> calculating m^e mod n, m has to be equal to the key size. The kernel's MPI
>> code handles the case where m is smaller than the key size.
>>
>> Note, in your code below, ptext is the 8 bytes from ptext_ex plus trailing
>> zeroes whereas the kernel uses just the 8 bytes.
>>
>> It seems that your implementation has the same issue.
>>
>> What about the following test: change vector->m to be 64 bytes (i.e.
>> RSA_size(key) in size in testmgr.h and check the output of crypto/rsa.c,
>> openssl's output with the app below and your RSA hardware.
> I got the following:
>
> [ 1.086228] alg: akcipher: encrypt test failed. Invalid output
> [ 1.092196] 00000000: 6e 7c 8a 75 e7 30 80 d1 5e ab 9b db a2 cf ed db
> [ 1.098882] 00000010: c9 b2 db 43 bd 9a b9 75 27 f3 73 d9 73 b7 81 8c
> [ 1.105524] 00000020: 49 e8 45 fc 43 44 f5 6d f0 f7 b8 f2 ae 6b ae 49
> [ 1.112090] 00000030: 1b 8e 50 c6 88 4e 99 09 78 14 f2 5d 99 c3 7f f9
> [ 1.118747] alg: akcipher: test 1 failed for rsa-generic, err=-22
> (Exactly the output of my hardare and openssl test)
>
> So the problem is just that my hardware does not handle non-padded data.
The difference between openssl's RSA_private_decrypt() and the akcipher api
is that openssl only takes only one size, flen, for both src and dst buffers,
so in your test app you need to do something like this:
memset(ptextp, 0, 256);
memcpy(ptextp + 64 - 8, ptext_ex, plen);
key = RSA_new();
key->n = BN_bin2bn(n, sizeof(n)-1, key->n);
key->e = BN_bin2bn(e, sizeof(e)-1, key->e);
num = RSA_public_encrypt(RSA_size(key), ptextp, ctext, key, RSA_NO_PADDING);
The akcipher API has separate sizes for both the src and dst. It is the length of the
scatterlist in the akcipher_request. If a HW can't handle different buffers lengths
then its driver needs to add the padding internally.
Thanks,
--
Tadeusz
next prev parent reply other threads:[~2017-03-02 2:15 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-02-28 15:59 Problem with RSA test from testmgr Corentin Labbe
2017-02-28 16:08 ` Stephan Müller
2017-02-28 16:45 ` Corentin Labbe
2017-02-28 22:35 ` Stephan Müller
2017-03-01 12:04 ` Corentin Labbe
2017-03-01 15:07 ` Stephan Müller
2017-03-02 6:21 ` Corentin Labbe
2017-03-02 16:30 ` Tadeusz Struk
2017-03-02 2:15 ` Tadeusz Struk [this message]
2017-03-02 6:08 ` Stephan Müller
2017-03-02 16:26 ` Tadeusz Struk
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=122aa2a3-e478-1a68-083a-273ceabaf2fb@intel.com \
--to=tadeusz.struk@intel.com \
--cc=clabbe.montjoie@gmail.com \
--cc=herbert@gondor.apana.org.au \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=smueller@chronox.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox