From patchwork Wed Apr 27 07:43:59 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Arkadiusz Kusztal <arkadiuszx.kusztal@intel.com>
X-Patchwork-Id: 110303
X-Patchwork-Delegate: gakhil@marvell.com
Return-Path: <dev-bounces@dpdk.org>
X-Original-To: patchwork@inbox.dpdk.org
Delivered-To: patchwork@inbox.dpdk.org
Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124])
	by inbox.dpdk.org (Postfix) with ESMTP id DF9BCA050F;
	Wed, 27 Apr 2022 09:44:22 +0200 (CEST)
Received: from [217.70.189.124] (localhost [127.0.0.1])
	by mails.dpdk.org (Postfix) with ESMTP id AE871427FC;
	Wed, 27 Apr 2022 09:44:14 +0200 (CEST)
Received: from mga17.intel.com (mga17.intel.com [192.55.52.151])
 by mails.dpdk.org (Postfix) with ESMTP id AEDF1427FB
 for <dev@dpdk.org>; Wed, 27 Apr 2022 09:44:13 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;
 d=intel.com; i=@intel.com; q=dns/txt; s=Intel;
 t=1651045453; x=1682581453;
 h=from:to:cc:subject:date:message-id:in-reply-to: references;
 bh=3cRP0ScJPiqTHGNW7QEk5/3Ife0+X4kT4JgeB5Z5Ba0=;
 b=GancfU7oMBkfRK5+Mg5X8ekhQkiki7HD4S7JcC5WmHrly+48hn21AiNU
 T7ud8ehVcwCW6X6yUszMnSs7kqRRHgWYaaZRYT1QJwEVNRKnbTOzUKPIq
 vnl6/nNpytyM42AaoBCTJ6aUdmw5jd5ybftO7lJHdYVrhAq3z9nW7W/CN
 sxyHJIdkmAENPMD243LfzkptYaiYZbd1HP4NJSg72in8Zc7dCxkkRQfym
 hy4faGU1IJtLWCJbr62ePmMdWGB+Eegaqse9BKyiThUR7KgeFxbNV/y+v
 fU3Tq0PolHZLTaNnk0q8H2bJAJo38b6Ki1hTSXfKOS3QH8Ol5OfuCZyer Q==;
X-IronPort-AV: E=McAfee;i="6400,9594,10329"; a="246414407"
X-IronPort-AV: E=Sophos;i="5.90,292,1643702400"; d="scan'208";a="246414407"
Received: from orsmga003.jf.intel.com ([10.7.209.27])
 by fmsmga107.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;
 27 Apr 2022 00:44:13 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.90,292,1643702400"; d="scan'208";a="513562111"
Received: from silpixa00400308.ir.intel.com ([10.237.214.95])
 by orsmga003.jf.intel.com with ESMTP; 27 Apr 2022 00:44:11 -0700
From: Arek Kusztal <arkadiuszx.kusztal@intel.com>
To: dev@dpdk.org
Cc: gakhil@marvell.com, roy.fan.zhang@intel.com,
 Arek Kusztal <arkadiuszx.kusztal@intel.com>
Subject: [PATCH v4 2/3] crypto/openssl: move dh type from xform to dh op
Date: Wed, 27 Apr 2022 08:43:59 +0100
Message-Id: <20220427074400.2091-3-arkadiuszx.kusztal@intel.com>
X-Mailer: git-send-email 2.17.1
In-Reply-To: <20220427074400.2091-1-arkadiuszx.kusztal@intel.com>
References: <20220427074400.2091-1-arkadiuszx.kusztal@intel.com>
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: DPDK patches and discussions <dev.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
Errors-To: dev-bounces@dpdk.org

This commit reflects API changes of location of
operation type in Diffie-Hellman.

Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
---
 drivers/crypto/openssl/rte_openssl_pmd.c     | 54 ++--------------------------
 drivers/crypto/openssl/rte_openssl_pmd_ops.c | 26 --------------
 2 files changed, 3 insertions(+), 77 deletions(-)

diff --git a/drivers/crypto/openssl/rte_openssl_pmd.c b/drivers/crypto/openssl/rte_openssl_pmd.c
index d80e1052e2..409711c097 100644
--- a/drivers/crypto/openssl/rte_openssl_pmd.c
+++ b/drivers/crypto/openssl/rte_openssl_pmd.c
@@ -1696,12 +1696,7 @@ process_openssl_dh_op(struct rte_crypto_op *cop,
 	BIGNUM *priv_key = NULL;
 	int ret = 0;
 
-	if (sess->u.dh.key_op &
-			(1 << RTE_CRYPTO_ASYM_OP_SHARED_SECRET_COMPUTE)) {
-		/* compute shared secret using peer public key
-		 * and current private key
-		 * shared secret = peer_key ^ priv_key mod p
-		 */
+	if (op->op_type == RTE_CRYPTO_ASYM_OP_SHARED_SECRET_COMPUTE) {
 		BIGNUM *peer_key = NULL;
 
 		/* copy private key and peer key and compute shared secret */
@@ -1735,10 +1730,6 @@ process_openssl_dh_op(struct rte_crypto_op *cop,
 		if (ret < 0) {
 			cop->status = RTE_CRYPTO_OP_STATUS_ERROR;
 			BN_free(peer_key);
-			/* priv key is already loaded into dh,
-			 * let's not free that directly here.
-			 * DH_free() will auto free it later.
-			 */
 			return 0;
 		}
 		cop->status = RTE_CRYPTO_OP_STATUS_SUCCESS;
@@ -1747,50 +1738,12 @@ process_openssl_dh_op(struct rte_crypto_op *cop,
 		return 0;
 	}
 
-	/*
-	 * other options are public and private key generations.
-	 *
-	 * if user provides private key,
-	 * then first set DH with user provided private key
-	 */
-	if ((sess->u.dh.key_op &
-			(1 << RTE_CRYPTO_ASYM_OP_PUBLIC_KEY_GENERATE)) &&
-			!(sess->u.dh.key_op &
-			(1 << RTE_CRYPTO_ASYM_OP_PRIVATE_KEY_GENERATE))) {
-		/* generate public key using user-provided private key
-		 * pub_key = g ^ priv_key mod p
-		 */
-
-		/* load private key into DH */
-		priv_key = BN_bin2bn(op->priv_key.data,
-				op->priv_key.length,
-				priv_key);
-		if (priv_key == NULL) {
-			cop->status = RTE_CRYPTO_OP_STATUS_NOT_PROCESSED;
-			return -1;
-		}
-		ret = set_dh_priv_key(dh_key, priv_key);
-		if (ret) {
-			OPENSSL_LOG(ERR, "Failed to set private key\n");
-			cop->status = RTE_CRYPTO_OP_STATUS_ERROR;
-			BN_free(priv_key);
-			return 0;
-		}
-	}
-
-	/* generate public and private key pair.
-	 *
-	 * if private key already set, generates only public key.
-	 *
-	 * if private key is not already set, then set it to random value
-	 * and update internal private key.
-	 */
 	if (!DH_generate_key(dh_key)) {
 		cop->status = RTE_CRYPTO_OP_STATUS_ERROR;
 		return 0;
 	}
 
-	if (sess->u.dh.key_op & (1 << RTE_CRYPTO_ASYM_OP_PUBLIC_KEY_GENERATE)) {
+	if (op->op_type == RTE_CRYPTO_ASYM_OP_PUBLIC_KEY_GENERATE) {
 		const BIGNUM *pub_key = NULL;
 
 		OPENSSL_LOG(DEBUG, "%s:%d update public key\n",
@@ -1804,8 +1757,7 @@ process_openssl_dh_op(struct rte_crypto_op *cop,
 				op->pub_key.data);
 	}
 
-	if (sess->u.dh.key_op &
-			(1 << RTE_CRYPTO_ASYM_OP_PRIVATE_KEY_GENERATE)) {
+	if (op->op_type == RTE_CRYPTO_ASYM_OP_PRIVATE_KEY_GENERATE) {
 		const BIGNUM *priv_key = NULL;
 
 		OPENSSL_LOG(DEBUG, "%s:%d updated priv key\n",
diff --git a/drivers/crypto/openssl/rte_openssl_pmd_ops.c b/drivers/crypto/openssl/rte_openssl_pmd_ops.c
index 1cb07794bd..02802ab0c2 100644
--- a/drivers/crypto/openssl/rte_openssl_pmd_ops.c
+++ b/drivers/crypto/openssl/rte_openssl_pmd_ops.c
@@ -1000,32 +1000,6 @@ static int openssl_set_asym_session_parameters(
 			goto err_dh;
 		}
 
-		/*
-		 * setup xfrom for
-		 * public key generate, or
-		 * DH Priv key generate, or both
-		 * public and private key generate
-		 */
-		asym_session->u.dh.key_op = (1 << xform->dh.type);
-
-		if (xform->dh.type ==
-			RTE_CRYPTO_ASYM_OP_PRIVATE_KEY_GENERATE) {
-			/* check if next is pubkey */
-			if ((xform->next != NULL) &&
-				(xform->next->xform_type ==
-				RTE_CRYPTO_ASYM_XFORM_DH) &&
-				(xform->next->dh.type ==
-				RTE_CRYPTO_ASYM_OP_PUBLIC_KEY_GENERATE)
-				) {
-				/*
-				 * setup op as pub/priv key
-				 * pair generationi
-				 */
-				asym_session->u.dh.key_op |=
-				(1 <<
-				RTE_CRYPTO_ASYM_OP_PUBLIC_KEY_GENERATE);
-			}
-		}
 		asym_session->u.dh.dh_key = dh;
 		asym_session->xfrm_type = RTE_CRYPTO_ASYM_XFORM_DH;
 		break;