From patchwork Mon Oct  9 13:54:50 2023
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
X-Patchwork-Id: 132428
X-Patchwork-Delegate: gakhil@marvell.com
Return-Path: <dev-bounces@dpdk.org>
X-Original-To: patchwork@inbox.dpdk.org
Delivered-To: patchwork@inbox.dpdk.org
Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124])
	by inbox.dpdk.org (Postfix) with ESMTP id 6D58C4233C;
	Mon,  9 Oct 2023 15:55:26 +0200 (CEST)
Received: from mails.dpdk.org (localhost [127.0.0.1])
	by mails.dpdk.org (Postfix) with ESMTP id 08B2D406BC;
	Mon,  9 Oct 2023 15:55:15 +0200 (CEST)
Received: from mx0b-0016f401.pphosted.com (mx0b-0016f401.pphosted.com
 [67.231.156.173])
 by mails.dpdk.org (Postfix) with ESMTP id 406B840A6F
 for <dev@dpdk.org>; Mon,  9 Oct 2023 15:55:13 +0200 (CEST)
Received: from pps.filterd (m0045851.ppops.net [127.0.0.1])
 by mx0b-0016f401.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id
 399CpdlN008257; Mon, 9 Oct 2023 06:55:12 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com;
 h=from : to : cc :
 subject : date : message-id : in-reply-to : references : mime-version :
 content-transfer-encoding : content-type; s=pfpt0220;
 bh=RWI3ku3OzPmqnYwvaTdp4Z0xqZs9YhHk0iUhuMuY1hc=;
 b=Uew5oPtgFqaNnqog4gARf/tLb75k8mqwQjEHrfoVU23GHAzM7snr4HjiKDFKrVX8bQLm
 ocoRbCq2PsnR7g5t7AXbwrknzUywXvi2FgIyl3a7xHAaJlCIQrcngHglUnSI5T7S4B47
 irMaW52/MpwOzxrYtxcsjOiU3O4Km2FrfA6ODi7+jKt2B5RwccZYQVgzOIC812iQA3SG
 zHdtZa/MheqFzb792kSqxhHhl9LmME/+ACUOoNLGueUKk2Dndx+Acwc8Oc9KraM4+IH0
 BmdUiDxBEk0TFa5e+Sf2jVL5kzwjrzxhsWwF9waa3BrQ/sV8hznGhqK0vR7+7/l25xyQ PQ==
Received: from dc5-exch02.marvell.com ([199.233.59.182])
 by mx0b-0016f401.pphosted.com (PPS) with ESMTPS id 3tkh7ccd83-1
 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT);
 Mon, 09 Oct 2023 06:55:12 -0700
Received: from DC5-EXCH01.marvell.com (10.69.176.38) by DC5-EXCH02.marvell.com
 (10.69.176.39) with Microsoft SMTP Server (TLS) id 15.0.1497.48;
 Mon, 9 Oct 2023 06:55:10 -0700
Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH01.marvell.com
 (10.69.176.38) with Microsoft SMTP Server id 15.0.1497.48 via Frontend
 Transport; Mon, 9 Oct 2023 06:55:10 -0700
Received: from BG-LT91401.marvell.com (BG-LT91401.marvell.com [10.28.168.34])
 by maili.marvell.com (Postfix) with ESMTP id A44B03F70A4;
 Mon,  9 Oct 2023 06:55:07 -0700 (PDT)
From: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
To: <dev@dpdk.org>
CC: <anoobj@marvell.com>, Akhil Goyal <gakhil@marvell.com>, Fan Zhang
 <fanzhang.oss@gmail.com>, Kai Ji <kai.ji@intel.com>, Arkadiusz Kusztal
 <arkadiuszx.kusztal@intel.com>, Ciara Power <ciara.power@intel.com>,
 Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
Subject: [PATCH v4 3/7] cryptodev: use generic EC xform params for SM2
Date: Mon, 9 Oct 2023 19:24:50 +0530
Message-ID: 
 <d789735781888601bec1aa6d1fd7f5a5d27b06e2.1696859505.git.gmuthukrishn@marvell.com>
X-Mailer: git-send-email 2.21.0
In-Reply-To: <cover.1696859505.git.gmuthukrishn@marvell.com>
References: <cover.1696859505.git.gmuthukrishn@marvell.com>
MIME-Version: 1.0
X-Proofpoint-GUID: uDILLAjgF9dTDaJ4Cz9d9udRleTDvHSx
X-Proofpoint-ORIG-GUID: uDILLAjgF9dTDaJ4Cz9d9udRleTDvHSx
X-Proofpoint-Virus-Version: vendor=baseguard
 engine=ICAP:2.0.267,Aquarius:18.0.980,Hydra:6.0.619,FMLib:17.11.176.26
 definitions=2023-10-09_11,2023-10-09_01,2023-05-22_02
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: DPDK patches and discussions <dev.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
Errors-To: dev-bounces@dpdk.org

SM2 curve could use generic EC xform as it is yet another EC.
This would also require SM2 curve ID enumerated
along with other curves, as listed in:
https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml

Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
Acked-by: Arkadiusz Kusztal <arkadiuszx.kusztal@intel.com>
---
 app/test/test_cryptodev_asym.c               | 40 ++++++++++++--------
 app/test/test_cryptodev_sm2_test_vectors.h   |  4 +-
 doc/guides/rel_notes/release_23_11.rst       |  2 +
 drivers/crypto/openssl/rte_openssl_pmd_ops.c |  3 --
 lib/cryptodev/rte_crypto_asym.h              | 19 +++-------
 5 files changed, 34 insertions(+), 34 deletions(-)

diff --git a/app/test/test_cryptodev_asym.c b/app/test/test_cryptodev_asym.c
index af323e02d9..514ea96b8b 100644
--- a/app/test/test_cryptodev_asym.c
+++ b/app/test/test_cryptodev_asym.c
@@ -1846,10 +1846,7 @@ _test_sm2_sign(bool rnd_secret)
 	/* Setup asym xform */
 	xform.next = NULL;
 	xform.xform_type = RTE_CRYPTO_ASYM_XFORM_SM2;
-	if (rte_cryptodev_asym_xform_capability_check_hash(capa, RTE_CRYPTO_AUTH_SM3))
-		xform.sm2.hash = RTE_CRYPTO_AUTH_SM3;
-	else
-		xform.sm2.hash = RTE_CRYPTO_AUTH_NULL;
+	xform.ec.curve_id = input_params.curve;
 
 	ret = rte_cryptodev_asym_session_create(dev_id, &xform, sess_mpool, &sess);
 	if (ret < 0) {
@@ -1867,6 +1864,11 @@ _test_sm2_sign(bool rnd_secret)
 
 	/* Populate op with operational details */
 	asym_op->sm2.op_type = RTE_CRYPTO_ASYM_OP_SIGN;
+	if (rte_cryptodev_asym_xform_capability_check_hash(capa, RTE_CRYPTO_AUTH_SM3))
+		asym_op->sm2.hash = RTE_CRYPTO_AUTH_SM3;
+	else
+		asym_op->sm2.hash = RTE_CRYPTO_AUTH_NULL;
+
 	asym_op->sm2.message.data = input_params.message.data;
 	asym_op->sm2.message.length = input_params.message.length;
 	asym_op->sm2.pkey.data = input_params.pkey.data;
@@ -2038,10 +2040,7 @@ test_sm2_verify(void)
 	/* Setup asym xform */
 	xform.next = NULL;
 	xform.xform_type = RTE_CRYPTO_ASYM_XFORM_SM2;
-	if (rte_cryptodev_asym_xform_capability_check_hash(capa, RTE_CRYPTO_AUTH_SM3))
-		xform.sm2.hash = RTE_CRYPTO_AUTH_SM3;
-	else
-		xform.sm2.hash = RTE_CRYPTO_AUTH_NULL;
+	xform.ec.curve_id = input_params.curve;
 
 	ret = rte_cryptodev_asym_session_create(dev_id, &xform, sess_mpool, &sess);
 	if (ret < 0) {
@@ -2059,6 +2058,11 @@ test_sm2_verify(void)
 
 	/* Populate op with operational details */
 	asym_op->sm2.op_type = RTE_CRYPTO_ASYM_OP_VERIFY;
+	if (rte_cryptodev_asym_xform_capability_check_hash(capa, RTE_CRYPTO_AUTH_SM3))
+		asym_op->sm2.hash = RTE_CRYPTO_AUTH_SM3;
+	else
+		asym_op->sm2.hash = RTE_CRYPTO_AUTH_NULL;
+
 	asym_op->sm2.message.data = input_params.message.data;
 	asym_op->sm2.message.length = input_params.message.length;
 	asym_op->sm2.pkey.data = input_params.pkey.data;
@@ -2150,10 +2154,7 @@ _test_sm2_enc(bool rnd_secret)
 	/* Setup asym xform */
 	xform.next = NULL;
 	xform.xform_type = RTE_CRYPTO_ASYM_XFORM_SM2;
-	if (rte_cryptodev_asym_xform_capability_check_hash(capa, RTE_CRYPTO_AUTH_SM3))
-		xform.sm2.hash = RTE_CRYPTO_AUTH_SM3;
-	else
-		xform.sm2.hash = RTE_CRYPTO_AUTH_NULL;
+	xform.ec.curve_id = input_params.curve;
 
 	ret = rte_cryptodev_asym_session_create(dev_id, &xform, sess_mpool, &sess);
 	if (ret < 0) {
@@ -2171,6 +2172,11 @@ _test_sm2_enc(bool rnd_secret)
 
 	/* Populate op with operational details */
 	asym_op->sm2.op_type = RTE_CRYPTO_ASYM_OP_ENCRYPT;
+	if (rte_cryptodev_asym_xform_capability_check_hash(capa, RTE_CRYPTO_AUTH_SM3))
+		asym_op->sm2.hash = RTE_CRYPTO_AUTH_SM3;
+	else
+		asym_op->sm2.hash = RTE_CRYPTO_AUTH_NULL;
+
 	asym_op->sm2.message.data = input_params.message.data;
 	asym_op->sm2.message.length = input_params.message.length;
 	asym_op->sm2.pkey.data = input_params.pkey.data;
@@ -2340,10 +2346,7 @@ test_sm2_dec(void)
 	/* Setup asym xform */
 	xform.next = NULL;
 	xform.xform_type = RTE_CRYPTO_ASYM_XFORM_SM2;
-	if (rte_cryptodev_asym_xform_capability_check_hash(capa, RTE_CRYPTO_AUTH_SM3))
-		xform.sm2.hash = RTE_CRYPTO_AUTH_SM3;
-	else
-		xform.sm2.hash = RTE_CRYPTO_AUTH_NULL;
+	xform.ec.curve_id = input_params.curve;
 
 	ret = rte_cryptodev_asym_session_create(dev_id, &xform, sess_mpool, &sess);
 	if (ret < 0) {
@@ -2361,6 +2364,11 @@ test_sm2_dec(void)
 
 	/* Populate op with operational details */
 	asym_op->sm2.op_type = RTE_CRYPTO_ASYM_OP_DECRYPT;
+	if (rte_cryptodev_asym_xform_capability_check_hash(capa, RTE_CRYPTO_AUTH_SM3))
+		asym_op->sm2.hash = RTE_CRYPTO_AUTH_SM3;
+	else
+		asym_op->sm2.hash = RTE_CRYPTO_AUTH_NULL;
+
 	asym_op->sm2.cipher.data = input_params.cipher.data;
 	asym_op->sm2.cipher.length = input_params.cipher.length;
 	asym_op->sm2.pkey.data = input_params.pkey.data;
diff --git a/app/test/test_cryptodev_sm2_test_vectors.h b/app/test/test_cryptodev_sm2_test_vectors.h
index 7a4ce70c10..3d2dba1359 100644
--- a/app/test/test_cryptodev_sm2_test_vectors.h
+++ b/app/test/test_cryptodev_sm2_test_vectors.h
@@ -17,6 +17,7 @@ struct crypto_testsuite_sm2_params {
 	rte_crypto_param id;
 	rte_crypto_param cipher;
 	rte_crypto_param message;
+	int curve;
 };
 
 static uint8_t fp256_pkey[] = {
@@ -123,7 +124,8 @@ struct crypto_testsuite_sm2_params sm2_param_fp256 = {
 	.cipher = {
 		.data = fp256_cipher,
 		.length = sizeof(fp256_cipher),
-	}
+	},
+	.curve = RTE_CRYPTO_EC_GROUP_SM2
 };
 
 #endif /* __TEST_CRYPTODEV_SM2_TEST_VECTORS_H__ */
diff --git a/doc/guides/rel_notes/release_23_11.rst b/doc/guides/rel_notes/release_23_11.rst
index 250735efa9..53639543a6 100644
--- a/doc/guides/rel_notes/release_23_11.rst
+++ b/doc/guides/rel_notes/release_23_11.rst
@@ -122,6 +122,8 @@ Removed Items
 * security: Removed deprecated field ``reserved_opts`` from struct
   ``rte_security_ipsec_sa_options``.
 
+* crypto: Removed SM2 xform parameter in asymmetric xform.
+
 
 API Changes
 -----------
diff --git a/drivers/crypto/openssl/rte_openssl_pmd_ops.c b/drivers/crypto/openssl/rte_openssl_pmd_ops.c
index d5dc365064..6252a36f94 100644
--- a/drivers/crypto/openssl/rte_openssl_pmd_ops.c
+++ b/drivers/crypto/openssl/rte_openssl_pmd_ops.c
@@ -1305,9 +1305,6 @@ static int openssl_set_asym_session_parameters(
 		OSSL_PARAM *params = NULL;
 		int ret = -1;
 
-		if (xform->sm2.hash != RTE_CRYPTO_AUTH_SM3)
-			return -1;
-
 		param_bld = OSSL_PARAM_BLD_new();
 		if (!param_bld) {
 			OPENSSL_LOG(ERR, "failed to allocate params\n");
diff --git a/lib/cryptodev/rte_crypto_asym.h b/lib/cryptodev/rte_crypto_asym.h
index 2f000ab015..e56c8c7816 100644
--- a/lib/cryptodev/rte_crypto_asym.h
+++ b/lib/cryptodev/rte_crypto_asym.h
@@ -64,7 +64,8 @@ enum rte_crypto_curve_id {
 	RTE_CRYPTO_EC_GROUP_SECP224R1 = 21,
 	RTE_CRYPTO_EC_GROUP_SECP256R1 = 23,
 	RTE_CRYPTO_EC_GROUP_SECP384R1 = 24,
-	RTE_CRYPTO_EC_GROUP_SECP521R1 = 25
+	RTE_CRYPTO_EC_GROUP_SECP521R1 = 25,
+	RTE_CRYPTO_EC_GROUP_SM2       = 41,
 };
 
 /**
@@ -373,16 +374,6 @@ struct rte_crypto_ec_xform {
 	/**< Pre-defined ec groups */
 };
 
-/**
- * Asymmetric SM2 transform data.
- *
- * Structure describing SM2 xform params.
- */
-struct rte_crypto_sm2_xform {
-	enum rte_crypto_auth_algorithm hash;
-	/**< Hash algorithm used in SM2 op. */
-};
-
 /**
  * Operations params for modular operations:
  * exponentiation and multiplicative inverse
@@ -639,9 +630,6 @@ struct rte_crypto_asym_xform {
 		/**< EC xform parameters, used by elliptic curve based
 		 * operations.
 		 */
-
-		struct rte_crypto_sm2_xform sm2;
-		/**< SM2 xform parameters */
 	};
 };
 
@@ -652,6 +640,9 @@ struct rte_crypto_sm2_op_param {
 	enum rte_crypto_asym_op_type op_type;
 	/**< Signature generation or verification. */
 
+	enum rte_crypto_auth_algorithm hash;
+	/**< Hash algorithm used in EC op. */
+
 	rte_crypto_uint pkey;
 	/**< Private key for encryption or sign generation. */