Patch Detail
get:
Show a patch.
patch:
Update a patch.
put:
Update a patch.
GET /api/patches/128395/?format=api
{ "id": 128395, "url": "http://patchwork.dpdk.org/api/patches/128395/?format=api", "web_url": "http://patchwork.dpdk.org/project/dpdk/patch/a232e73180ea15040bd219eb543fe9d321e0137a.1686213149.git.gmuthukrishn@marvell.com/", "project": { "id": 1, "url": "http://patchwork.dpdk.org/api/projects/1/?format=api", "name": "DPDK", "link_name": "dpdk", "list_id": "dev.dpdk.org", "list_email": "dev@dpdk.org", "web_url": "http://core.dpdk.org", "scm_url": "git://dpdk.org/dpdk", "webscm_url": "http://git.dpdk.org/dpdk", "list_archive_url": "https://inbox.dpdk.org/dev", "list_archive_url_format": "https://inbox.dpdk.org/dev/{}", "commit_url_format": "" }, "msgid": "<a232e73180ea15040bd219eb543fe9d321e0137a.1686213149.git.gmuthukrishn@marvell.com>", "list_archive_url": "https://inbox.dpdk.org/dev/a232e73180ea15040bd219eb543fe9d321e0137a.1686213149.git.gmuthukrishn@marvell.com", "date": "2023-06-08T08:36:04", "name": "[v4,3/3] crypto/openssl: add SM2 asymmetric crypto support", "commit_ref": null, "pull_url": null, "state": "accepted", "archived": true, "hash": "3248fafa6aa45d5efcfb2d69caa6ca9a862f3535", "submitter": { "id": 2301, "url": "http://patchwork.dpdk.org/api/people/2301/?format=api", "name": "Gowrishankar Muthukrishnan", "email": "gmuthukrishn@marvell.com" }, "delegate": { "id": 6690, "url": "http://patchwork.dpdk.org/api/users/6690/?format=api", "username": "akhil", "first_name": "akhil", "last_name": "goyal", "email": "gakhil@marvell.com" }, "mbox": "http://patchwork.dpdk.org/project/dpdk/patch/a232e73180ea15040bd219eb543fe9d321e0137a.1686213149.git.gmuthukrishn@marvell.com/mbox/", "series": [ { "id": 28414, "url": "http://patchwork.dpdk.org/api/series/28414/?format=api", "web_url": "http://patchwork.dpdk.org/project/dpdk/list/?series=28414", "date": "2023-06-08T08:36:01", "name": "SM2 crypto algorithm support", "version": 4, "mbox": "http://patchwork.dpdk.org/series/28414/mbox/" } ], "comments": "http://patchwork.dpdk.org/api/patches/128395/comments/", "check": "warning", "checks": "http://patchwork.dpdk.org/api/patches/128395/checks/", "tags": {}, "related": [], "headers": { "Return-Path": "<dev-bounces@dpdk.org>", "X-Original-To": "patchwork@inbox.dpdk.org", "Delivered-To": "patchwork@inbox.dpdk.org", "Received": [ "from mails.dpdk.org (mails.dpdk.org [217.70.189.124])\n\tby inbox.dpdk.org (Postfix) with ESMTP id 5113F42C5C;\n\tThu, 8 Jun 2023 10:36:32 +0200 (CEST)", "from mails.dpdk.org (localhost [127.0.0.1])\n\tby mails.dpdk.org (Postfix) with ESMTP id 6B7D842D29;\n\tThu, 8 Jun 2023 10:36:26 +0200 (CEST)", "from mx0b-0016f401.pphosted.com (mx0a-0016f401.pphosted.com\n [67.231.148.174])\n by mails.dpdk.org (Postfix) with ESMTP id 3861C42D1D\n for <dev@dpdk.org>; Thu, 8 Jun 2023 10:36:24 +0200 (CEST)", "from pps.filterd (m0045849.ppops.net [127.0.0.1])\n by mx0a-0016f401.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id\n 3587nHqn023576; Thu, 8 Jun 2023 01:36:23 -0700", "from dc5-exch01.marvell.com ([199.233.59.181])\n by mx0a-0016f401.pphosted.com (PPS) with ESMTPS id 3r329c1xwn-1\n (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT);\n Thu, 08 Jun 2023 01:36:23 -0700", "from DC5-EXCH01.marvell.com (10.69.176.38) by DC5-EXCH01.marvell.com\n (10.69.176.38) with Microsoft SMTP Server (TLS) id 15.0.1497.48;\n Thu, 8 Jun 2023 01:36:21 -0700", "from maili.marvell.com (10.69.176.80) by DC5-EXCH01.marvell.com\n (10.69.176.38) with Microsoft SMTP Server id 15.0.1497.48 via Frontend\n Transport; Thu, 8 Jun 2023 01:36:21 -0700", "from BG-LT91401.marvell.com (BG-LT91401.marvell.com [10.28.175.191])\n by maili.marvell.com (Postfix) with ESMTP id 3650D3F70BF;\n Thu, 8 Jun 2023 01:36:16 -0700 (PDT)" ], "DKIM-Signature": "v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com;\n h=from : to : cc :\n subject : date : message-id : in-reply-to : references : mime-version :\n content-transfer-encoding : content-type; s=pfpt0220;\n bh=VCYD6HORCB+Hb9c0yH80kfmX/3EmpkMutcyUnNhNEFE=;\n b=ZTbg7pyRzx8y6P26u9ZP+uGiYeRWMQ70Yeq4N/5R8uyv6yBw43DRBcjYTJFUASvTgydm\n r5uapQspmIN9QXyA4UGo9+YHvJ5rDE2f/WgpPortc+kA6b+o4X5t25ZyaR0Y5DbDUhqY\n 6FTjxM3EBP2PZQKl2yddjXhFk/OdRmlCfQyzF8jFqDX3ZZgvuarB5FIM9KBK3qLOZldf\n DmcrNGXLMNdnGcaMEn5Jqc4wYvTOpRF1gc0yPuyUb0tmDT/MsYG11lLmFZdjHifbE8Cm\n sCcJ3T11B6Gjdu+zyldX+saso+fvFAG9Txncid4ZIJQ+kPJeyFXXG2/8BhR91kRTihZu gQ==", "From": "Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>", "To": "<dev@dpdk.org>", "CC": "<anoobj@marvell.com>, Akhil Goyal <gakhil@marvell.com>, Arkadiusz Kusztal\n <arkadiuszx.kusztal@intel.com>, Fan Zhang <fanzhang.oss@gmail.com>, Kai Ji\n <kai.ji@intel.com>, Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>", "Subject": "[PATCH v4 3/3] crypto/openssl: add SM2 asymmetric crypto support", "Date": "Thu, 8 Jun 2023 14:06:04 +0530", "Message-ID": "\n <a232e73180ea15040bd219eb543fe9d321e0137a.1686213149.git.gmuthukrishn@marvell.com>", "X-Mailer": "git-send-email 2.21.0", "In-Reply-To": "<cover.1686213149.git.gmuthukrishn@marvell.com>", "References": "<cover.1686213149.git.gmuthukrishn@marvell.com>", "MIME-Version": "1.0", "Content-Transfer-Encoding": "8bit", "Content-Type": "text/plain", "X-Proofpoint-GUID": "we3gicSJ98oVlzEKtHrv748ypzcoBfmO", "X-Proofpoint-ORIG-GUID": "we3gicSJ98oVlzEKtHrv748ypzcoBfmO", "X-Proofpoint-Virus-Version": "vendor=baseguard\n engine=ICAP:2.0.254,Aquarius:18.0.957,Hydra:6.0.573,FMLib:17.11.176.26\n definitions=2023-06-08_05,2023-06-07_01,2023-05-22_02", "X-BeenThere": "dev@dpdk.org", "X-Mailman-Version": "2.1.29", "Precedence": "list", "List-Id": "DPDK patches and discussions <dev.dpdk.org>", "List-Unsubscribe": "<https://mails.dpdk.org/options/dev>,\n <mailto:dev-request@dpdk.org?subject=unsubscribe>", "List-Archive": "<http://mails.dpdk.org/archives/dev/>", "List-Post": "<mailto:dev@dpdk.org>", "List-Help": "<mailto:dev-request@dpdk.org?subject=help>", "List-Subscribe": "<https://mails.dpdk.org/listinfo/dev>,\n <mailto:dev-request@dpdk.org?subject=subscribe>", "Errors-To": "dev-bounces@dpdk.org" }, "content": "Add SM2 asymmetric algorithm support in openssl PMD.\n\nSigned-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>\n---\n doc/guides/cryptodevs/features/openssl.ini | 1 +\n doc/guides/cryptodevs/openssl.rst | 1 +\n doc/guides/rel_notes/release_23_07.rst | 4 +\n drivers/crypto/openssl/openssl_pmd_private.h | 6 +\n drivers/crypto/openssl/rte_openssl_pmd.c | 297 +++++++++++++++++++\n drivers/crypto/openssl/rte_openssl_pmd_ops.c | 48 +++\n 6 files changed, 357 insertions(+)", "diff": "diff --git a/doc/guides/cryptodevs/features/openssl.ini b/doc/guides/cryptodevs/features/openssl.ini\nindex 4b0f9b162e..b64c8ec4a5 100644\n--- a/doc/guides/cryptodevs/features/openssl.ini\n+++ b/doc/guides/cryptodevs/features/openssl.ini\n@@ -65,6 +65,7 @@ DSA = Y\n Modular Exponentiation = Y\n Modular Inversion = Y\n Diffie-hellman = Y\n+SM2 = Y\n \n ;\n ; Supported Operating systems of the 'openssl' crypto driver.\ndiff --git a/doc/guides/cryptodevs/openssl.rst b/doc/guides/cryptodevs/openssl.rst\nindex 03041ceda1..ff21d21b23 100644\n--- a/doc/guides/cryptodevs/openssl.rst\n+++ b/doc/guides/cryptodevs/openssl.rst\n@@ -53,6 +53,7 @@ Supported Asymmetric Crypto algorithms:\n * ``RTE_CRYPTO_ASYM_XFORM_DH``\n * ``RTE_CRYPTO_ASYM_XFORM_MODINV``\n * ``RTE_CRYPTO_ASYM_XFORM_MODEX``\n+* ``RTE_CRYPTO_ASYM_XFORM_SM2``\n \n \n Installation\ndiff --git a/doc/guides/rel_notes/release_23_07.rst b/doc/guides/rel_notes/release_23_07.rst\nindex 82e29bec5e..d1578e4786 100644\n--- a/doc/guides/rel_notes/release_23_07.rst\n+++ b/doc/guides/rel_notes/release_23_07.rst\n@@ -73,6 +73,10 @@ New Features\n along with prime field curve support.\n \n \n+* **Updated OpenSSL crypto driver for SM2 support.**\n+\n+ Added SM2 algorithm support in asymmetric crypto operations.\n+\n Removed Items\n -------------\n \ndiff --git a/drivers/crypto/openssl/openssl_pmd_private.h b/drivers/crypto/openssl/openssl_pmd_private.h\nindex ed6841e460..1edb669dfd 100644\n--- a/drivers/crypto/openssl/openssl_pmd_private.h\n+++ b/drivers/crypto/openssl/openssl_pmd_private.h\n@@ -12,6 +12,7 @@\n #include <openssl/rsa.h>\n #include <openssl/dh.h>\n #include <openssl/dsa.h>\n+#include <openssl/ec.h>\n #if (OPENSSL_VERSION_NUMBER >= 0x30000000L)\n #include <openssl/provider.h>\n #include <openssl/core_names.h>\n@@ -200,6 +201,11 @@ struct openssl_asym_session {\n \t\t\tOSSL_PARAM_BLD * param_bld;\n #endif\n \t\t} s;\n+\t\tstruct {\n+#if (OPENSSL_VERSION_NUMBER >= 0x30000000L)\n+\t\t\tOSSL_PARAM * params;\n+#endif\n+\t\t} sm2;\n \t} u;\n } __rte_cache_aligned;\n /** Set and validate OPENSSL crypto session parameters */\ndiff --git a/drivers/crypto/openssl/rte_openssl_pmd.c b/drivers/crypto/openssl/rte_openssl_pmd.c\nindex 384d262621..9442d39907 100644\n--- a/drivers/crypto/openssl/rte_openssl_pmd.c\n+++ b/drivers/crypto/openssl/rte_openssl_pmd.c\n@@ -13,6 +13,7 @@\n #include <openssl/cmac.h>\n #include <openssl/hmac.h>\n #include <openssl/evp.h>\n+#include <openssl/ec.h>\n \n #include \"openssl_pmd_private.h\"\n #include \"compat.h\"\n@@ -2662,6 +2663,286 @@ process_openssl_rsa_op_evp(struct rte_crypto_op *cop,\n \treturn ret;\n \n }\n+\n+static int\n+process_openssl_sm2_op_evp(struct rte_crypto_op *cop,\n+\t\tstruct openssl_asym_session *sess)\n+{\n+\tEVP_PKEY_CTX *kctx = NULL, *sctx = NULL, *cctx = NULL;\n+\tstruct rte_crypto_asym_op *op = cop->asym;\n+\tOSSL_PARAM_BLD *param_bld = NULL;\n+\tOSSL_PARAM *params = NULL;\n+\tEVP_PKEY *pkey = NULL;\n+\tBIGNUM *pkey_bn = NULL;\n+\tuint8_t pubkey[64];\n+\tsize_t len = 0;\n+\tint ret = -1;\n+\n+\tcop->status = RTE_CRYPTO_OP_STATUS_ERROR;\n+\n+\tif (cop->asym->sm2.k.data != NULL)\n+\t\tgoto err_sm2;\n+\n+\tparam_bld = OSSL_PARAM_BLD_new();\n+\tif (!param_bld) {\n+\t\tOPENSSL_LOG(ERR, \"failed to allocate params\\n\");\n+\t\tgoto err_sm2;\n+\t}\n+\n+\tret = OSSL_PARAM_BLD_push_utf8_string(param_bld,\n+\t\tOSSL_PKEY_PARAM_GROUP_NAME, \"SM2\", 0);\n+\tif (!ret) {\n+\t\tOPENSSL_LOG(ERR, \"failed to push params\\n\");\n+\t\tgoto err_sm2;\n+\t}\n+\n+\tpkey_bn = BN_bin2bn((const unsigned char *)op->sm2.pkey.data,\n+\t\t\t\t\t\top->sm2.pkey.length, pkey_bn);\n+\n+\tmemset(pubkey, 0, RTE_DIM(pubkey));\n+\tpubkey[0] = 0x04;\n+\tlen += 1;\n+\tmemcpy(&pubkey[len], op->sm2.q.x.data, op->sm2.q.x.length);\n+\tlen += op->sm2.q.x.length;\n+\tmemcpy(&pubkey[len], op->sm2.q.y.data, op->sm2.q.y.length);\n+\tlen += op->sm2.q.y.length;\n+\n+\tret = OSSL_PARAM_BLD_push_BN(param_bld, OSSL_PKEY_PARAM_PRIV_KEY,\n+\t\t\t\t\t\t\t\t pkey_bn);\n+\tif (!ret) {\n+\t\tOPENSSL_LOG(ERR, \"failed to push params\\n\");\n+\t\tgoto err_sm2;\n+\t}\n+\n+\tret = OSSL_PARAM_BLD_push_octet_string(param_bld,\n+\t\t\tOSSL_PKEY_PARAM_PUB_KEY, pubkey, len);\n+\tif (!ret) {\n+\t\tOPENSSL_LOG(ERR, \"failed to push params\\n\");\n+\t\tgoto err_sm2;\n+\t}\n+\n+\tparams = OSSL_PARAM_BLD_to_param(param_bld);\n+\tif (!params) {\n+\t\tOPENSSL_LOG(ERR, \"failed to push params\\n\");\n+\t\tgoto err_sm2;\n+\t}\n+\n+\tswitch (op->sm2.op_type) {\n+\tcase RTE_CRYPTO_ASYM_OP_ENCRYPT:\n+\t\t{\n+\t\t\tOSSL_PARAM *eparams = sess->u.sm2.params;\n+\t\t\tsize_t output_len;\n+\n+\t\t\tkctx = EVP_PKEY_CTX_new_id(EVP_PKEY_SM2, NULL);\n+\t\t\tif (kctx == NULL || EVP_PKEY_fromdata_init(kctx) <= 0 ||\n+\t\t\t\tEVP_PKEY_fromdata(kctx, &pkey, EVP_PKEY_KEYPAIR, params) <= 0)\n+\t\t\t\tgoto err_sm2;\n+\n+\t\t\tcctx = EVP_PKEY_CTX_new_from_pkey(NULL, pkey, NULL);\n+\t\t\tif (!cctx)\n+\t\t\t\tgoto err_sm2;\n+\n+\t\t\tif (!EVP_PKEY_encrypt_init(cctx))\n+\t\t\t\tgoto err_sm2;\n+\n+\t\t\tif (!EVP_PKEY_CTX_set_params(cctx, eparams))\n+\t\t\t\tgoto err_sm2;\n+\n+\t\t\tif (!EVP_PKEY_encrypt(cctx, op->sm2.cipher.data, &output_len,\n+\t\t\t\t\t\t\t\t op->sm2.message.data,\n+\t\t\t\t\t\t\t\t op->sm2.message.length))\n+\t\t\t\tgoto err_sm2;\n+\t\t\top->sm2.cipher.length = output_len;\n+\t\t}\n+\t\tbreak;\n+\tcase RTE_CRYPTO_ASYM_OP_DECRYPT:\n+\t\t{\n+\t\t\tOSSL_PARAM *eparams = sess->u.sm2.params;\n+\n+\t\t\tkctx = EVP_PKEY_CTX_new_id(EVP_PKEY_SM2, NULL);\n+\t\t\tif (kctx == NULL\n+\t\t\t\t|| EVP_PKEY_fromdata_init(kctx) <= 0\n+\t\t\t\t|| EVP_PKEY_fromdata(kctx, &pkey, EVP_PKEY_KEYPAIR, params) <= 0)\n+\t\t\t\tgoto err_sm2;\n+\n+\t\t\tcctx = EVP_PKEY_CTX_new_from_pkey(NULL, pkey, NULL);\n+\t\t\tif (!cctx)\n+\t\t\t\tgoto err_sm2;\n+\n+\t\t\tif (!EVP_PKEY_decrypt_init(cctx))\n+\t\t\t\tgoto err_sm2;\n+\n+\t\t\tif (!EVP_PKEY_CTX_set_params(cctx, eparams))\n+\t\t\t\tgoto err_sm2;\n+\n+\t\t\tif (!EVP_PKEY_decrypt(cctx, op->sm2.message.data, &op->sm2.message.length,\n+\t\t\t\t\top->sm2.cipher.data, op->sm2.cipher.length))\n+\t\t\t\tgoto err_sm2;\n+\t\t}\n+\t\tbreak;\n+\tcase RTE_CRYPTO_ASYM_OP_SIGN:\n+\t\t{\n+\t\t\tunsigned char signbuf[128] = {0};\n+\t\t\tconst unsigned char *signptr;\n+\t\t\tEVP_MD_CTX *md_ctx = NULL;\n+\t\t\tconst BIGNUM *r, *s;\n+\t\t\tECDSA_SIG *ec_sign;\n+\t\t\tEVP_MD *check_md;\n+\t\t\tsize_t signlen;\n+\n+\t\t\tkctx = EVP_PKEY_CTX_new_from_name(NULL, \"SM2\", NULL);\n+\t\t\tif (kctx == NULL || EVP_PKEY_fromdata_init(kctx) <= 0 ||\n+\t\t\t\tEVP_PKEY_fromdata(kctx, &pkey, EVP_PKEY_KEYPAIR, params) <= 0)\n+\t\t\t\tgoto err_sm2;\n+\n+\t\t\tmd_ctx = EVP_MD_CTX_new();\n+\t\t\tif (!md_ctx)\n+\t\t\t\tgoto err_sm2;\n+\n+\t\t\tsctx = EVP_PKEY_CTX_new_from_pkey(NULL, pkey, NULL);\n+\t\t\tif (!sctx)\n+\t\t\t\tgoto err_sm2;\n+\n+\t\t\tEVP_MD_CTX_set_pkey_ctx(md_ctx, sctx);\n+\n+\t\t\tcheck_md = EVP_MD_fetch(NULL, \"sm3\", NULL);\n+\t\t\tif (!check_md)\n+\t\t\t\tgoto err_sm2;\n+\n+\t\t\tif (!EVP_DigestSignInit(md_ctx, NULL, check_md, NULL, pkey))\n+\t\t\t\tgoto err_sm2;\n+\n+\t\t\tif (EVP_PKEY_CTX_set1_id(sctx, op->sm2.id.data, op->sm2.id.length) <= 0)\n+\t\t\t\tgoto err_sm2;\n+\n+\t\t\tif (!EVP_DigestSignUpdate(md_ctx, op->sm2.message.data,\n+\t\t\t\t\top->sm2.message.length))\n+\t\t\t\tgoto err_sm2;\n+\n+\t\t\tif (!EVP_DigestSignFinal(md_ctx, NULL, &signlen))\n+\t\t\t\tgoto err_sm2;\n+\n+\t\t\tif (!EVP_DigestSignFinal(md_ctx, signbuf, &signlen))\n+\t\t\t\tgoto err_sm2;\n+\n+\t\t\tsignptr = signbuf;\n+\t\t\tec_sign = d2i_ECDSA_SIG(NULL, &signptr, signlen);\n+\t\t\tif (!ec_sign)\n+\t\t\t\tgoto err_sm2;\n+\n+\t\t\tr = ECDSA_SIG_get0_r(ec_sign);\n+\t\t\ts = ECDSA_SIG_get0_s(ec_sign);\n+\t\t\tif (!r || !s)\n+\t\t\t\tgoto err_sm2;\n+\n+\t\t\top->sm2.r.length = BN_num_bytes(r);\n+\t\t\top->sm2.s.length = BN_num_bytes(s);\n+\t\t\tBN_bn2bin(r, op->sm2.r.data);\n+\t\t\tBN_bn2bin(s, op->sm2.s.data);\n+\n+\t\t\tECDSA_SIG_free(ec_sign);\n+\t\t}\n+\t\tbreak;\n+\tcase RTE_CRYPTO_ASYM_OP_VERIFY:\n+\t\t{\n+\t\t\tunsigned char signbuf[128] = {0};\n+\t\t\tBIGNUM *r = NULL, *s = NULL;\n+\t\t\tEVP_MD_CTX *md_ctx = NULL;\n+\t\t\tECDSA_SIG *ec_sign;\n+\t\t\tEVP_MD *check_md;\n+\t\t\tsize_t signlen;\n+\n+\t\t\tkctx = EVP_PKEY_CTX_new_from_name(NULL, \"SM2\", NULL);\n+\t\t\tif (kctx == NULL || EVP_PKEY_fromdata_init(kctx) <= 0 ||\n+\t\t\t\tEVP_PKEY_fromdata(kctx, &pkey, EVP_PKEY_PUBLIC_KEY, params) <= 0)\n+\t\t\t\tgoto err_sm2;\n+\n+\t\t\tif (!EVP_PKEY_is_a(pkey, \"SM2\"))\n+\t\t\t\tgoto err_sm2;\n+\n+\t\t\tmd_ctx = EVP_MD_CTX_new();\n+\t\t\tif (!md_ctx)\n+\t\t\t\tgoto err_sm2;\n+\n+\t\t\tsctx = EVP_PKEY_CTX_new_from_pkey(NULL, pkey, NULL);\n+\t\t\tif (!sctx)\n+\t\t\t\tgoto err_sm2;\n+\n+\t\t\tEVP_MD_CTX_set_pkey_ctx(md_ctx, sctx);\n+\n+\t\t\tcheck_md = EVP_MD_fetch(NULL, \"sm3\", NULL);\n+\t\t\tif (!check_md)\n+\t\t\t\tgoto err_sm2;\n+\n+\t\t\tif (!EVP_DigestVerifyInit(md_ctx, NULL, check_md, NULL, pkey))\n+\t\t\t\tgoto err_sm2;\n+\n+\t\t\tif (EVP_PKEY_CTX_set1_id(sctx, op->sm2.id.data, op->sm2.id.length) <= 0)\n+\t\t\t\tgoto err_sm2;\n+\n+\t\t\tif (!EVP_DigestVerifyUpdate(md_ctx, op->sm2.message.data,\n+\t\t\t\t\top->sm2.message.length))\n+\t\t\t\tgoto err_sm2;\n+\n+\t\t\tec_sign = ECDSA_SIG_new();\n+\t\t\tif (!ec_sign)\n+\t\t\t\tgoto err_sm2;\n+\n+\t\t\tr = BN_bin2bn(op->sm2.r.data, op->sm2.r.length, r);\n+\t\t\ts = BN_bin2bn(op->sm2.s.data, op->sm2.s.length, s);\n+\t\t\tif (!r || !s)\n+\t\t\t\tgoto err_sm2;\n+\n+\t\t\tif (!ECDSA_SIG_set0(ec_sign, r, s)) {\n+\t\t\t\tBN_free(r);\n+\t\t\t\tBN_free(s);\n+\t\t\t\tgoto err_sm2;\n+\t\t\t}\n+\n+\t\t\tr = NULL;\n+\t\t\ts = NULL;\n+\n+\t\t\tsignlen = i2d_ECDSA_SIG(ec_sign, (unsigned char **)&signbuf);\n+\t\t\tif (signlen <= 0)\n+\t\t\t\tgoto err_sm2;\n+\n+\t\t\tif (!EVP_DigestVerifyFinal(md_ctx, signbuf, signlen))\n+\t\t\t\tgoto err_sm2;\n+\n+\t\t\tBN_free(r);\n+\t\t\tBN_free(s);\n+\t\t\tECDSA_SIG_free(ec_sign);\n+\t}\n+\t\tbreak;\n+\tdefault:\n+\t\t/* allow ops with invalid args to be pushed to\n+\t\t * completion queue\n+\t\t */\n+\t\tcop->status = RTE_CRYPTO_OP_STATUS_INVALID_ARGS;\n+\t\tgoto err_sm2;\n+\t}\n+\n+\tret = 0;\n+\tcop->status = RTE_CRYPTO_OP_STATUS_SUCCESS;\n+err_sm2:\n+\tif (kctx)\n+\t\tEVP_PKEY_CTX_free(kctx);\n+\n+\tif (sctx)\n+\t\tEVP_PKEY_CTX_free(sctx);\n+\n+\tif (cctx)\n+\t\tEVP_PKEY_CTX_free(cctx);\n+\n+\tif (pkey)\n+\t\tEVP_PKEY_free(pkey);\n+\n+\tif (param_bld)\n+\t\tOSSL_PARAM_BLD_free(param_bld);\n+\n+\treturn ret;\n+}\n+\n #else\n static int\n process_openssl_rsa_op(struct rte_crypto_op *cop,\n@@ -2761,6 +3042,15 @@ process_openssl_rsa_op(struct rte_crypto_op *cop,\n \n \treturn 0;\n }\n+\n+static int\n+process_openssl_sm2_op(struct rte_crypto_op *cop,\n+\t\tstruct openssl_asym_session *sess)\n+{\n+\tRTE_SET_USED(cop);\n+\tRTE_SET_USED(sess);\n+\treturn -ENOTSUP;\n+}\n #endif\n \n static int\n@@ -2809,6 +3099,13 @@ process_asym_op(struct openssl_qp *qp, struct rte_crypto_op *op,\n \t\t\t\tprocess_openssl_dsa_verify_op(op, sess);\n \t\telse\n \t\t\top->status = RTE_CRYPTO_OP_STATUS_INVALID_ARGS;\n+#endif\n+\t\tbreak;\n+\tcase RTE_CRYPTO_ASYM_XFORM_SM2:\n+#if (OPENSSL_VERSION_NUMBER >= 0x30000000L)\n+\t\tretval = process_openssl_sm2_op_evp(op, sess);\n+#else\n+\t\tretval = process_openssl_sm2_op(op, sess);\n #endif\n \t\tbreak;\n \tdefault:\ndiff --git a/drivers/crypto/openssl/rte_openssl_pmd_ops.c b/drivers/crypto/openssl/rte_openssl_pmd_ops.c\nindex 29ad1b9505..fe38e4ebd8 100644\n--- a/drivers/crypto/openssl/rte_openssl_pmd_ops.c\n+++ b/drivers/crypto/openssl/rte_openssl_pmd_ops.c\n@@ -1282,6 +1282,50 @@ static int openssl_set_asym_session_parameters(\n \t\tBN_free(pub_key);\n \t\treturn -1;\n \t}\n+\tcase RTE_CRYPTO_ASYM_XFORM_SM2:\n+\t{\n+#if (OPENSSL_VERSION_NUMBER >= 0x30000000L)\n+\t\tOSSL_PARAM_BLD *param_bld = NULL;\n+\t\tOSSL_PARAM *params = NULL;\n+\t\tint ret = -1;\n+\n+\t\tif (xform->sm2.hash != RTE_CRYPTO_AUTH_SM3)\n+\t\t\treturn -1;\n+\n+\t\tparam_bld = OSSL_PARAM_BLD_new();\n+\t\tif (!param_bld) {\n+\t\t\tOPENSSL_LOG(ERR, \"failed to allocate params\\n\");\n+\t\t\tgoto err_sm2;\n+\t\t}\n+\n+\t\tret = OSSL_PARAM_BLD_push_utf8_string(param_bld,\n+\t\t\t\tOSSL_ASYM_CIPHER_PARAM_DIGEST, \"SM3\", 0);\n+\t\tif (!ret) {\n+\t\t\tOPENSSL_LOG(ERR, \"failed to push params\\n\");\n+\t\t\tgoto err_sm2;\n+\t\t}\n+\n+\t\tparams = OSSL_PARAM_BLD_to_param(param_bld);\n+\t\tif (!params) {\n+\t\t\tOPENSSL_LOG(ERR, \"failed to push params\\n\");\n+\t\t\tgoto err_sm2;\n+\t\t}\n+\n+\t\tasym_session->u.sm2.params = params;\n+\t\tOSSL_PARAM_BLD_free(param_bld);\n+\n+\t\tasym_session->xfrm_type = RTE_CRYPTO_ASYM_XFORM_SM2;\n+\t\tbreak;\n+err_sm2:\n+\t\tif (param_bld)\n+\t\t\tOSSL_PARAM_BLD_free(param_bld);\n+\n+\t\tif (asym_session->u.sm2.params)\n+\t\t\tOSSL_PARAM_free(asym_session->u.sm2.params);\n+\n+\t\treturn -1;\n+#endif\n+\t}\n \tdefault:\n \t\treturn ret;\n \t}\n@@ -1366,6 +1410,10 @@ static void openssl_reset_asym_session(struct openssl_asym_session *sess)\n \t\t\tDSA_free(sess->u.s.dsa);\n #endif\n \t\tbreak;\n+\tcase RTE_CRYPTO_ASYM_XFORM_SM2:\n+#if (OPENSSL_VERSION_NUMBER >= 0x30000000L)\n+\t\tOSSL_PARAM_free(sess->u.sm2.params);\n+#endif\n \tdefault:\n \t\tbreak;\n \t}\n", "prefixes": [ "v4", "3/3" ] }