From patchwork Fri Sep 6 12:00:36 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Arkadiusz Kusztal X-Patchwork-Id: 58839 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@dpdk.org Delivered-To: patchwork@dpdk.org Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id 56C8F1F2C2; Fri, 6 Sep 2019 14:01:31 +0200 (CEST) Received: from mga02.intel.com (mga02.intel.com [134.134.136.20]) by dpdk.org (Postfix) with ESMTP id 1EE6F1F2BA for ; Fri, 6 Sep 2019 14:01:28 +0200 (CEST) X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by orsmga101.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 06 Sep 2019 05:01:27 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.64,473,1559545200"; d="scan'208";a="199504740" Received: from akusztax-mobl.ger.corp.intel.com ([10.104.116.188]) by fmsmga001.fm.intel.com with ESMTP; 06 Sep 2019 05:01:24 -0700 From: Arek Kusztal To: dev@dpdk.org Cc: akhil.goyal@nxp.com, fiona.trahe@intel.com, Arek Kusztal Date: Fri, 6 Sep 2019 14:00:36 +0200 Message-Id: <20190906120039.11640-1-arkadiuszx.kusztal@intel.com> X-Mailer: git-send-email 2.19.1.windows.1 MIME-Version: 1.0 Subject: [dpdk-dev] [PATCH 1/4] crypto/qat: add sessionless implementation to asym pmd X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" This patch adds option to use asymmetric crypto pmd with session-less support. Signed-off-by: Arek Kusztal --- doc/guides/rel_notes/release_19_11.rst | 3 + drivers/crypto/qat/qat_asym.c | 312 ++++++++++++++++++++------------- drivers/crypto/qat/qat_asym.h | 26 +-- drivers/crypto/qat/qat_asym_pmd.c | 3 +- 4 files changed, 200 insertions(+), 144 deletions(-) diff --git a/doc/guides/rel_notes/release_19_11.rst b/doc/guides/rel_notes/release_19_11.rst index 8490d89..2e79d17 100644 --- a/doc/guides/rel_notes/release_19_11.rst +++ b/doc/guides/rel_notes/release_19_11.rst @@ -56,6 +56,9 @@ New Features Also, make sure to start the actual text at the margin. ========================================================= +* **Updated the Intel QuickAssist Technology (QAT) asymmetric crypto PMD.** + + Added support for session-less operations. Removed Items ------------- diff --git a/drivers/crypto/qat/qat_asym.c b/drivers/crypto/qat/qat_asym.c index 4ddb0e5..bf5d22d 100644 --- a/drivers/crypto/qat/qat_asym.c +++ b/drivers/crypto/qat/qat_asym.c @@ -26,38 +26,23 @@ static int qat_asym_get_sz_and_func_id(const uint32_t arr[][2], return -1; } -static void qat_asym_build_req_tmpl(void *sess_private_data, - struct rte_crypto_asym_xform *xform) +static inline void qat_fill_req_tmpl(struct icp_qat_fw_pke_request *qat_req) { - - struct icp_qat_fw_pke_request *qat_req; - struct qat_asym_session *session = sess_private_data; - - qat_req = &session->req_tmpl; memset(qat_req, 0, sizeof(*qat_req)); qat_req->pke_hdr.service_type = ICP_QAT_FW_COMN_REQ_CPM_FW_PKE; qat_req->pke_hdr.hdr_flags = ICP_QAT_FW_COMN_HDR_FLAGS_BUILD (ICP_QAT_FW_COMN_REQ_FLAG_SET); - qat_req->pke_hdr.comn_req_flags = 0; - qat_req->pke_hdr.resrvd1 = 0; - qat_req->pke_hdr.resrvd2 = 0; - qat_req->pke_hdr.kpt_mask = 0; - qat_req->pke_hdr.kpt_rn_mask = 0; - qat_req->pke_hdr.cd_pars.content_desc_addr = 0; - qat_req->pke_hdr.cd_pars.content_desc_resrvd = 0; - qat_req->resrvd1 = 0; - qat_req->resrvd2 = 0; - qat_req->next_req_adr = 0; +} - if (xform->xform_type == RTE_CRYPTO_ASYM_XFORM_MODEX) { - qat_req->output_param_count = 1; - qat_req->input_param_count = 3; - } else if (xform->xform_type == RTE_CRYPTO_ASYM_XFORM_MODINV) { - qat_req->output_param_count = 1; - qat_req->input_param_count = 2; - } +static inline void qat_asym_build_req_tmpl(void *sess_private_data) +{ + struct icp_qat_fw_pke_request *qat_req; + struct qat_asym_session *session = sess_private_data; + + qat_req = &session->req_tmpl; + qat_fill_req_tmpl(qat_req); } static size_t max_of(int n, ...) @@ -90,6 +75,19 @@ static void qat_clear_arrays(struct qat_asym_op_cookie *cookie, memset(cookie->output_array[i], 0x0, out_size); } +static void qat_clear_arrays_by_alg(struct qat_asym_op_cookie *cookie, + enum rte_crypto_asym_xform_type alg, int in_size, int out_size) +{ + if (alg == RTE_CRYPTO_ASYM_XFORM_MODEX) + qat_clear_arrays(cookie, QAT_ASYM_MODEXP_NUM_IN_PARAMS, + QAT_ASYM_MODEXP_NUM_OUT_PARAMS, in_size, + out_size); + else if (alg == RTE_CRYPTO_ASYM_XFORM_MODINV) + qat_clear_arrays(cookie, QAT_ASYM_MODINV_NUM_IN_PARAMS, + QAT_ASYM_MODINV_NUM_OUT_PARAMS, in_size, + out_size); +} + static int qat_asym_check_nonzero(rte_crypto_param n) { if (n.length < 8) { @@ -120,51 +118,34 @@ static int qat_asym_check_nonzero(rte_crypto_param n) return 0; } -int -qat_asym_build_request(void *in_op, - uint8_t *out_msg, - void *op_cookie, - __rte_unused enum qat_device_gen qat_dev_gen) +static int +qat_asym_fill_arrays(struct rte_crypto_asym_op *asym_op, + struct icp_qat_fw_pke_request *qat_req, + struct qat_asym_op_cookie *cookie, + struct rte_crypto_asym_xform *xform) { - struct qat_asym_session *ctx; - struct rte_crypto_op *op = (struct rte_crypto_op *)in_op; - struct rte_crypto_asym_op *asym_op = op->asym; - struct icp_qat_fw_pke_request *qat_req = - (struct icp_qat_fw_pke_request *)out_msg; - struct qat_asym_op_cookie *cookie = - (struct qat_asym_op_cookie *)op_cookie; - - uint64_t err = 0; + int err = 0; size_t alg_size; size_t alg_size_in_bytes; - uint32_t func_id; - - ctx = (struct qat_asym_session *)get_asym_session_private_data( - op->asym->session, cryptodev_qat_asym_driver_id); - rte_mov64((uint8_t *)qat_req, (const uint8_t *)&(ctx->req_tmpl)); - qat_req->pke_mid.opaque = (uint64_t)(uintptr_t)op; + uint32_t func_id = 0; - qat_req->pke_mid.src_data_addr = cookie->input_addr; - qat_req->pke_mid.dest_data_addr = cookie->output_addr; - - if (ctx->alg == QAT_PKE_MODEXP) { - err = qat_asym_check_nonzero(ctx->sess_alg_params.mod_exp.n); + if (xform->xform_type == RTE_CRYPTO_ASYM_XFORM_MODEX) { + err = qat_asym_check_nonzero(xform->modex.modulus); if (err) { QAT_LOG(ERR, "Empty modulus in modular exponentiation," " aborting this operation"); - goto error; + return err; } alg_size_in_bytes = max_of(3, asym_op->modex.base.length, - ctx->sess_alg_params.mod_exp.e.length, - ctx->sess_alg_params.mod_exp.n.length); + xform->modex.exponent.length, + xform->modex.modulus.length); alg_size = alg_size_in_bytes << 3; if (qat_asym_get_sz_and_func_id(MOD_EXP_SIZE, sizeof(MOD_EXP_SIZE)/sizeof(*MOD_EXP_SIZE), &alg_size, &func_id)) { - err = QAT_ASYM_ERROR_INVALID_PARAM; - goto error; + return QAT_ASYM_ERROR_INVALID_PARAM; } alg_size_in_bytes = alg_size >> 3; @@ -173,15 +154,17 @@ qat_asym_build_request(void *in_op, , asym_op->modex.base.data, asym_op->modex.base.length); rte_memcpy(cookie->input_array[1] + alg_size_in_bytes - - ctx->sess_alg_params.mod_exp.e.length - , ctx->sess_alg_params.mod_exp.e.data, - ctx->sess_alg_params.mod_exp.e.length); + xform->modex.exponent.length + , xform->modex.exponent.data, + xform->modex.exponent.length); rte_memcpy(cookie->input_array[2] + alg_size_in_bytes - - ctx->sess_alg_params.mod_exp.n.length, - ctx->sess_alg_params.mod_exp.n.data, - ctx->sess_alg_params.mod_exp.n.length); + xform->modex.modulus.length, + xform->modex.modulus.data, + xform->modex.modulus.length); cookie->alg_size = alg_size; qat_req->pke_hdr.cd_pars.func_id = func_id; + qat_req->input_param_count = QAT_ASYM_MODEXP_NUM_IN_PARAMS; + qat_req->output_param_count = QAT_ASYM_MODEXP_NUM_OUT_PARAMS; #if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG QAT_DP_HEXDUMP_LOG(DEBUG, "base", cookie->input_array[0], @@ -193,34 +176,32 @@ qat_asym_build_request(void *in_op, cookie->input_array[2], alg_size_in_bytes); #endif - } else if (ctx->alg == QAT_PKE_MODINV) { - err = qat_asym_check_nonzero(ctx->sess_alg_params.mod_inv.n); + } else if (xform->xform_type == RTE_CRYPTO_ASYM_XFORM_MODINV) { + err = qat_asym_check_nonzero(xform->modinv.modulus); if (err) { QAT_LOG(ERR, "Empty modulus in modular multiplicative" " inverse, aborting this operation"); - goto error; + return err; } alg_size_in_bytes = max_of(2, asym_op->modinv.base.length, - ctx->sess_alg_params.mod_inv.n.length); + xform->modinv.modulus.length); alg_size = alg_size_in_bytes << 3; - if (ctx->sess_alg_params.mod_inv.n.data[ - ctx->sess_alg_params.mod_inv.n.length - 1] & 0x01) { + if (xform->modinv.modulus.data[ + xform->modinv.modulus.length - 1] & 0x01) { if (qat_asym_get_sz_and_func_id(MOD_INV_IDS_ODD, sizeof(MOD_INV_IDS_ODD)/ sizeof(*MOD_INV_IDS_ODD), &alg_size, &func_id)) { - err = QAT_ASYM_ERROR_INVALID_PARAM; - goto error; + return QAT_ASYM_ERROR_INVALID_PARAM; } } else { if (qat_asym_get_sz_and_func_id(MOD_INV_IDS_EVEN, sizeof(MOD_INV_IDS_EVEN)/ sizeof(*MOD_INV_IDS_EVEN), &alg_size, &func_id)) { - err = QAT_ASYM_ERROR_INVALID_PARAM; - goto error; + return QAT_ASYM_ERROR_INVALID_PARAM; } } @@ -230,11 +211,15 @@ qat_asym_build_request(void *in_op, , asym_op->modinv.base.data, asym_op->modinv.base.length); rte_memcpy(cookie->input_array[1] + alg_size_in_bytes - - ctx->sess_alg_params.mod_inv.n.length - , ctx->sess_alg_params.mod_inv.n.data, - ctx->sess_alg_params.mod_inv.n.length); + xform->modinv.modulus.length + , xform->modinv.modulus.data, + xform->modinv.modulus.length); cookie->alg_size = alg_size; qat_req->pke_hdr.cd_pars.func_id = func_id; + qat_req->input_param_count = + QAT_ASYM_MODINV_NUM_IN_PARAMS; + qat_req->output_param_count = + QAT_ASYM_MODINV_NUM_OUT_PARAMS; #if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG QAT_DP_HEXDUMP_LOG(DEBUG, "base", cookie->input_array[0], @@ -244,13 +229,68 @@ qat_asym_build_request(void *in_op, alg_size_in_bytes); #endif } + return 0; +} + +int +qat_asym_build_request(void *in_op, + uint8_t *out_msg, + void *op_cookie, + __rte_unused enum qat_device_gen qat_dev_gen) +{ + struct qat_asym_session *ctx; + struct rte_crypto_op *op = (struct rte_crypto_op *)in_op; + struct rte_crypto_asym_op *asym_op = op->asym; + struct icp_qat_fw_pke_request *qat_req = + (struct icp_qat_fw_pke_request *)out_msg; + struct qat_asym_op_cookie *cookie = + (struct qat_asym_op_cookie *)op_cookie; + int err = 0; + + op->status = RTE_CRYPTO_OP_STATUS_NOT_PROCESSED; + if (op->sess_type == RTE_CRYPTO_OP_WITH_SESSION) { + ctx = (struct qat_asym_session *) + get_asym_session_private_data( + op->asym->session, cryptodev_qat_asym_driver_id); + rte_mov64((uint8_t *)qat_req, (const uint8_t *)&(ctx->req_tmpl)); + err = qat_asym_fill_arrays(asym_op, qat_req, cookie, ctx->xform); + if (err) { + op->status = RTE_CRYPTO_OP_STATUS_INVALID_ARGS; + goto error; + } + } else if (op->sess_type == RTE_CRYPTO_OP_SESSIONLESS) { + qat_fill_req_tmpl(qat_req); + err = qat_asym_fill_arrays(asym_op, qat_req, cookie, + op->asym->xform); + if (err) { + op->status = RTE_CRYPTO_OP_STATUS_INVALID_ARGS; + goto error; + } + } else { + QAT_DP_LOG(ERR, "Invalid session/xform settings"); + op->status = RTE_CRYPTO_OP_STATUS_INVALID_SESSION; + goto error; + } + + qat_req->pke_mid.opaque = (uint64_t)(uintptr_t)op; + qat_req->pke_mid.src_data_addr = cookie->input_addr; + qat_req->pke_mid.dest_data_addr = cookie->output_addr; #if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG QAT_DP_HEXDUMP_LOG(DEBUG, "qat_req:", qat_req, sizeof(struct icp_qat_fw_pke_request)); #endif + return 0; error: + + qat_req->pke_mid.opaque = (uint64_t)(uintptr_t)op; + +#if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG + QAT_DP_HEXDUMP_LOG(DEBUG, "qat_req:", qat_req, + sizeof(struct icp_qat_fw_pke_request)); +#endif + qat_req->output_param_count = 0; qat_req->input_param_count = 0; qat_req->pke_hdr.service_type = ICP_QAT_FW_COMN_REQ_NULL; @@ -259,42 +299,16 @@ qat_asym_build_request(void *in_op, return 0; } -void -qat_asym_process_response(void **op, uint8_t *resp, - void *op_cookie) +static void qat_asym_collect_response(struct rte_crypto_op *rx_op, + struct qat_asym_op_cookie *cookie, + struct rte_crypto_asym_xform *xform) { - struct qat_asym_session *ctx; - struct icp_qat_fw_pke_resp *resp_msg = - (struct icp_qat_fw_pke_resp *)resp; - struct rte_crypto_op *rx_op = (struct rte_crypto_op *)(uintptr_t) - (resp_msg->opaque); - struct rte_crypto_asym_op *asym_op = rx_op->asym; - struct qat_asym_op_cookie *cookie = op_cookie; size_t alg_size, alg_size_in_bytes; + struct rte_crypto_asym_op *asym_op = rx_op->asym; - ctx = (struct qat_asym_session *)get_asym_session_private_data( - rx_op->asym->session, cryptodev_qat_asym_driver_id); - - *op = rx_op; - rx_op->status = RTE_CRYPTO_OP_STATUS_NOT_PROCESSED; - - if (cookie->error) { - cookie->error = 0; - rx_op->status = RTE_CRYPTO_OP_STATUS_ERROR; - QAT_DP_LOG(ERR, "Cookie status returned error"); - } else { - if (ICP_QAT_FW_PKE_RESP_PKE_STAT_GET( - resp_msg->pke_resp_hdr.resp_status.pke_resp_flags)) { - rx_op->status = RTE_CRYPTO_OP_STATUS_ERROR; - QAT_DP_LOG(ERR, "Asymmetric response status returned error"); - } - if (resp_msg->pke_resp_hdr.resp_status.comn_err_code) { - rx_op->status = RTE_CRYPTO_OP_STATUS_ERROR; - QAT_DP_LOG(ERR, "Asymmetric common status returned error"); - } - } + if (xform->xform_type == RTE_CRYPTO_ASYM_XFORM_MODEX) { + rte_crypto_param n = xform->modex.modulus; - if (ctx->alg == QAT_PKE_MODEXP) { alg_size = cookie->alg_size; alg_size_in_bytes = alg_size >> 3; uint8_t *modexp_result = asym_op->modex.result.data; @@ -302,31 +316,30 @@ qat_asym_process_response(void **op, uint8_t *resp, if (rx_op->status == RTE_CRYPTO_OP_STATUS_NOT_PROCESSED) { rte_memcpy(modexp_result + (asym_op->modex.result.length - - ctx->sess_alg_params.mod_exp.n.length), + n.length), cookie->output_array[0] + alg_size_in_bytes - - ctx->sess_alg_params.mod_exp.n.length, - ctx->sess_alg_params.mod_exp.n.length + - n.length, n.length ); rx_op->status = RTE_CRYPTO_OP_STATUS_SUCCESS; #if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG QAT_DP_HEXDUMP_LOG(DEBUG, "modexp_result", cookie->output_array[0], alg_size_in_bytes); + #endif } - qat_clear_arrays(cookie, 3, 1, alg_size_in_bytes, - alg_size_in_bytes); - } else if (ctx->alg == QAT_PKE_MODINV) { + } else if (xform->xform_type == RTE_CRYPTO_ASYM_XFORM_MODINV) { + rte_crypto_param n = xform->modinv.modulus; + alg_size = cookie->alg_size; alg_size_in_bytes = alg_size >> 3; uint8_t *modinv_result = asym_op->modinv.result.data; if (rx_op->status == RTE_CRYPTO_OP_STATUS_NOT_PROCESSED) { rte_memcpy(modinv_result + (asym_op->modinv.result.length - - ctx->sess_alg_params.mod_inv.n.length), + - n.length), cookie->output_array[0] + alg_size_in_bytes - - ctx->sess_alg_params.mod_inv.n.length, - ctx->sess_alg_params.mod_inv.n.length); + - n.length, n.length); rx_op->status = RTE_CRYPTO_OP_STATUS_SUCCESS; #if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG QAT_DP_HEXDUMP_LOG(DEBUG, "modinv_result", @@ -334,8 +347,59 @@ qat_asym_process_response(void **op, uint8_t *resp, alg_size_in_bytes); #endif } - qat_clear_arrays(cookie, 2, 1, alg_size_in_bytes, + } + qat_clear_arrays_by_alg(cookie, xform->xform_type, alg_size_in_bytes, alg_size_in_bytes); +} + +void +qat_asym_process_response(void **op, uint8_t *resp, + void *op_cookie) +{ + struct qat_asym_session *ctx; + struct icp_qat_fw_pke_resp *resp_msg = + (struct icp_qat_fw_pke_resp *)resp; + struct rte_crypto_op *rx_op = (struct rte_crypto_op *)(uintptr_t) + (resp_msg->opaque); + struct qat_asym_op_cookie *cookie = op_cookie; + size_t alg_size, alg_size_in_bytes; + + if (cookie->error) { + cookie->error = 0; + if (rx_op->status == RTE_CRYPTO_OP_STATUS_NOT_PROCESSED) + rx_op->status = RTE_CRYPTO_OP_STATUS_ERROR; + QAT_DP_LOG(ERR, "Cookie status returned error"); + } else { + if (ICP_QAT_FW_PKE_RESP_PKE_STAT_GET( + resp_msg->pke_resp_hdr.resp_status.pke_resp_flags)) { + if (rx_op->status == RTE_CRYPTO_OP_STATUS_NOT_PROCESSED) + rx_op->status = RTE_CRYPTO_OP_STATUS_ERROR; + QAT_DP_LOG(ERR, "Asymmetric response status" + " returned error"); + } + if (resp_msg->pke_resp_hdr.resp_status.comn_err_code) { + if (rx_op->status == RTE_CRYPTO_OP_STATUS_NOT_PROCESSED) + rx_op->status = RTE_CRYPTO_OP_STATUS_ERROR; + QAT_DP_LOG(ERR, "Asymmetric common status" + " returned error"); + } + } + *op = rx_op; + if (cookie->error) { + alg_size = cookie->alg_size; + alg_size_in_bytes = alg_size >> 3; + qat_clear_arrays(cookie, QAT_ASYM_MAX_PARAMS, + QAT_ASYM_MAX_PARAMS, alg_size_in_bytes, + alg_size_in_bytes); + return; + } + + if (rx_op->sess_type == RTE_CRYPTO_OP_WITH_SESSION) { + ctx = (struct qat_asym_session *)get_asym_session_private_data( + rx_op->asym->session, cryptodev_qat_asym_driver_id); + qat_asym_collect_response(rx_op, cookie, ctx->xform); + } else if (rx_op->sess_type == RTE_CRYPTO_OP_SESSIONLESS) { + qat_asym_collect_response(rx_op, cookie, rx_op->asym->xform); } #if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG @@ -362,10 +426,6 @@ qat_asym_session_configure(struct rte_cryptodev *dev, session = sess_private_data; if (xform->xform_type == RTE_CRYPTO_ASYM_XFORM_MODEX) { - session->sess_alg_params.mod_exp.e = xform->modex.exponent; - session->sess_alg_params.mod_exp.n = xform->modex.modulus; - session->alg = QAT_PKE_MODEXP; - if (xform->modex.exponent.length == 0 || xform->modex.modulus.length == 0) { QAT_LOG(ERR, "Invalid mod exp input parameter"); @@ -373,20 +433,24 @@ qat_asym_session_configure(struct rte_cryptodev *dev, goto error; } } else if (xform->xform_type == RTE_CRYPTO_ASYM_XFORM_MODINV) { - session->sess_alg_params.mod_inv.n = xform->modinv.modulus; - session->alg = QAT_PKE_MODINV; - if (xform->modinv.modulus.length == 0) { QAT_LOG(ERR, "Invalid mod inv input parameter"); err = -EINVAL; goto error; } - } else { + } else if (xform->xform_type >= RTE_CRYPTO_ASYM_XFORM_TYPE_LIST_END + || xform->xform_type <= RTE_CRYPTO_ASYM_XFORM_NONE) { QAT_LOG(ERR, "Invalid asymmetric crypto xform"); err = -EINVAL; goto error; + } else { + QAT_LOG(ERR, "Asymmetric crypto xform not implemented"); + err = -EINVAL; + goto error; } - qat_asym_build_req_tmpl(sess_private_data, xform); + + session->xform = xform; + qat_asym_build_req_tmpl(sess_private_data); set_asym_session_private_data(sess, dev->driver_id, sess_private_data); diff --git a/drivers/crypto/qat/qat_asym.h b/drivers/crypto/qat/qat_asym.h index ce4839b..b04eee4 100644 --- a/drivers/crypto/qat/qat_asym.h +++ b/drivers/crypto/qat/qat_asym.h @@ -19,6 +19,12 @@ typedef uint64_t large_int_ptr; #define QAT_ASYM_ERROR_INVALID_PARAM 0x01 +#define QAT_ASYM_MAX_PARAMS 8 +#define QAT_ASYM_MODINV_NUM_IN_PARAMS 2 +#define QAT_ASYM_MODINV_NUM_OUT_PARAMS 1 +#define QAT_ASYM_MODEXP_NUM_IN_PARAMS 3 +#define QAT_ASYM_MODEXP_NUM_OUT_PARAMS 1 + struct qat_asym_op_cookie { size_t alg_size; uint64_t error; @@ -33,27 +39,9 @@ struct qat_asym_op_cookie { uint8_t output_array[MAX_PKE_PARAMS][QAT_PKE_MAX_LN_SIZE] _PKE_ALIGN_; } _PKE_ALIGN_; -enum qat_asym_alg { - QAT_PKE_RSA, - QAT_PKE_DH, - QAT_PKE_DSA, - QAT_PKE_MODEXP, - QAT_PKE_MODINV, -}; - struct qat_asym_session { - enum qat_asym_alg alg; struct icp_qat_fw_pke_request req_tmpl; - uint64_t flags; - union { - struct { - rte_crypto_param n; - rte_crypto_param e; - } mod_exp; - struct { - rte_crypto_param n; - } mod_inv; - } sess_alg_params; + struct rte_crypto_asym_xform *xform; }; int diff --git a/drivers/crypto/qat/qat_asym_pmd.c b/drivers/crypto/qat/qat_asym_pmd.c index c999799..71fd709 100644 --- a/drivers/crypto/qat/qat_asym_pmd.c +++ b/drivers/crypto/qat/qat_asym_pmd.c @@ -270,7 +270,8 @@ qat_asym_dev_create(struct qat_pci_device *qat_pci_dev) cryptodev->dequeue_burst = qat_asym_pmd_dequeue_op_burst; cryptodev->feature_flags = RTE_CRYPTODEV_FF_ASYMMETRIC_CRYPTO | - RTE_CRYPTODEV_FF_HW_ACCELERATED; + RTE_CRYPTODEV_FF_HW_ACCELERATED | + RTE_CRYPTODEV_FF_ASYM_SESSIONLESS; internals = cryptodev->data->dev_private; internals->qat_dev = qat_pci_dev; qat_pci_dev->asym_dev = internals; From patchwork Fri Sep 6 12:00:37 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Arkadiusz Kusztal X-Patchwork-Id: 58840 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@dpdk.org Delivered-To: patchwork@dpdk.org Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id D82EE1F303; Fri, 6 Sep 2019 14:01:39 +0200 (CEST) Received: from mga12.intel.com (mga12.intel.com [192.55.52.136]) by dpdk.org (Postfix) with ESMTP id E883C1F2BA for ; Fri, 6 Sep 2019 14:01:37 +0200 (CEST) X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by fmsmga106.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 06 Sep 2019 05:01:38 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.64,473,1559545200"; d="scan'208";a="199504766" Received: from akusztax-mobl.ger.corp.intel.com ([10.104.116.188]) by fmsmga001.fm.intel.com with ESMTP; 06 Sep 2019 05:01:34 -0700 From: Arek Kusztal To: dev@dpdk.org Cc: akhil.goyal@nxp.com, fiona.trahe@intel.com, Arek Kusztal Date: Fri, 6 Sep 2019 14:00:37 +0200 Message-Id: <20190906120039.11640-2-arkadiuszx.kusztal@intel.com> X-Mailer: git-send-email 2.19.1.windows.1 In-Reply-To: <20190906120039.11640-1-arkadiuszx.kusztal@intel.com> References: <20190906120039.11640-1-arkadiuszx.kusztal@intel.com> MIME-Version: 1.0 Subject: [dpdk-dev] [PATCH 2/4] crypto/qat: add rsa implementation to asym pmd X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" This commit adds rsa algorithm to asymmetric pmd using pair (n, d) private key Signed-off-by: Arek Kusztal --- doc/guides/cryptodevs/features/qat.ini | 1 + doc/guides/rel_notes/release_19_11.rst | 1 + .../qat/qat_adf/qat_pke_functionality_arrays.h | 18 ++ drivers/crypto/qat/qat_asym.c | 253 ++++++++++++++++++++- drivers/crypto/qat/qat_asym.h | 2 + drivers/crypto/qat/qat_asym_pmd.c | 3 +- 6 files changed, 274 insertions(+), 4 deletions(-) diff --git a/doc/guides/cryptodevs/features/qat.ini b/doc/guides/cryptodevs/features/qat.ini index 0832e59..afbc71a 100644 --- a/doc/guides/cryptodevs/features/qat.ini +++ b/doc/guides/cryptodevs/features/qat.ini @@ -70,3 +70,4 @@ AES CCM (256) = Y [Asymmetric] Modular Exponentiation = Y Modular Inversion = Y +RSA = Y diff --git a/doc/guides/rel_notes/release_19_11.rst b/doc/guides/rel_notes/release_19_11.rst index 2e79d17..a8c4efd 100644 --- a/doc/guides/rel_notes/release_19_11.rst +++ b/doc/guides/rel_notes/release_19_11.rst @@ -59,6 +59,7 @@ New Features * **Updated the Intel QuickAssist Technology (QAT) asymmetric crypto PMD.** Added support for session-less operations. + Added support for RSA algorithm with pair (n, d) private key representation. Removed Items ------------- diff --git a/drivers/common/qat/qat_adf/qat_pke_functionality_arrays.h b/drivers/common/qat/qat_adf/qat_pke_functionality_arrays.h index 8adf209..4f857b9 100644 --- a/drivers/common/qat/qat_adf/qat_pke_functionality_arrays.h +++ b/drivers/common/qat/qat_adf/qat_pke_functionality_arrays.h @@ -49,4 +49,22 @@ static const uint32_t MOD_INV_IDS_EVEN[][2] = { { 4096, MATHS_MODINV_EVEN_L4096 }, }; +static const uint32_t RSA_MODEXP_ENC_IDS[][2] = { + { 512, PKE_RSA_EP_512 }, + { 1024, PKE_RSA_EP_1024 }, + { 1536, PKE_RSA_EP_1536 }, + { 2048, PKE_RSA_EP_2048 }, + { 3072, PKE_RSA_EP_3072 }, + { 4096, PKE_RSA_EP_4096 }, +}; + +static const uint32_t RSA_MODEXP_DEC_IDS[][2] = { + { 512, PKE_RSA_DP1_512 }, + { 1024, PKE_RSA_DP1_1024 }, + { 1536, PKE_RSA_DP1_1536 }, + { 2048, PKE_RSA_DP1_2048 }, + { 3072, PKE_RSA_DP1_3072 }, + { 4096, PKE_RSA_DP1_4096 }, +}; + #endif diff --git a/drivers/crypto/qat/qat_asym.c b/drivers/crypto/qat/qat_asym.c index bf5d22d..8985270 100644 --- a/drivers/crypto/qat/qat_asym.c +++ b/drivers/crypto/qat/qat_asym.c @@ -228,6 +228,170 @@ qat_asym_fill_arrays(struct rte_crypto_asym_op *asym_op, cookie->input_array[1], alg_size_in_bytes); #endif + } else if (xform->xform_type == RTE_CRYPTO_ASYM_XFORM_RSA) { + err = qat_asym_check_nonzero(xform->rsa.n); + if (err) { + QAT_LOG(ERR, "Empty modulus in RSA" + " inverse, aborting this operation"); + return err; + } + + alg_size_in_bytes = xform->rsa.n.length; + alg_size = alg_size_in_bytes << 3; + + qat_req->input_param_count = + QAT_ASYM_RSA_NUM_IN_PARAMS; + qat_req->output_param_count = + QAT_ASYM_RSA_NUM_OUT_PARAMS; + + if (asym_op->rsa.op_type == RTE_CRYPTO_ASYM_OP_ENCRYPT || + asym_op->rsa.op_type == + RTE_CRYPTO_ASYM_OP_VERIFY) { + + if (qat_asym_get_sz_and_func_id(RSA_MODEXP_ENC_IDS, + sizeof(RSA_MODEXP_ENC_IDS)/ + sizeof(*RSA_MODEXP_ENC_IDS), + &alg_size, &func_id)) { + err = QAT_ASYM_ERROR_INVALID_PARAM; + QAT_LOG(ERR, + "Not supported RSA parameter size (key)"); + return err; + } + alg_size_in_bytes = alg_size >> 3; + if (asym_op->rsa.op_type == RTE_CRYPTO_ASYM_OP_ENCRYPT) { + switch (asym_op->rsa.pad) { + case RTE_CRYPTO_RSA_PADDING_NONE: + rte_memcpy(cookie->input_array[0] + + alg_size_in_bytes - + asym_op->rsa.message.length + , asym_op->rsa.message.data, + asym_op->rsa.message.length); + break; + default: + err = QAT_ASYM_ERROR_INVALID_PARAM; + QAT_LOG(ERR, + "Invalid RSA padding (Encryption)"); + return err; + } +#if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG + QAT_DP_HEXDUMP_LOG(DEBUG, "Message", + cookie->input_array[0], + alg_size_in_bytes); +#endif + } else { + switch (asym_op->rsa.pad) { + case RTE_CRYPTO_RSA_PADDING_NONE: + rte_memcpy(cookie->input_array[0], + asym_op->rsa.sign.data, + asym_op->rsa.sign.length); + break; + default: + err = QAT_ASYM_ERROR_INVALID_PARAM; + QAT_LOG(ERR, + "Invalid RSA padding (Verify)"); + return err; + } + +#if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG + QAT_DP_HEXDUMP_LOG(DEBUG, "Signature", + cookie->input_array[0], + alg_size_in_bytes); +#endif + + } + rte_memcpy(cookie->input_array[1] + + alg_size_in_bytes - + xform->rsa.e.length + , xform->rsa.e.data, + xform->rsa.e.length); + rte_memcpy(cookie->input_array[2] + + alg_size_in_bytes - + xform->rsa.n.length, + xform->rsa.n.data, + xform->rsa.n.length); + + cookie->alg_size = alg_size; + qat_req->pke_hdr.cd_pars.func_id = func_id; + +#if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG + QAT_DP_HEXDUMP_LOG(DEBUG, "Public Key", + cookie->input_array[1], alg_size_in_bytes); + QAT_DP_HEXDUMP_LOG(DEBUG, "Modulus", + cookie->input_array[2], alg_size_in_bytes); +#endif + } else { + if (asym_op->rsa.op_type == + RTE_CRYPTO_ASYM_OP_DECRYPT) { + switch (asym_op->rsa.pad) { + case RTE_CRYPTO_RSA_PADDING_NONE: + rte_memcpy(cookie->input_array[0] + + alg_size_in_bytes - + asym_op->rsa.cipher.length, + asym_op->rsa.cipher.data, + asym_op->rsa.cipher.length); + break; + default: + QAT_LOG(ERR, + "Invalid padding of RSA (Decrypt)"); + return QAT_ASYM_ERROR_INVALID_PARAM; + } + + } else if (asym_op->rsa.op_type == + RTE_CRYPTO_ASYM_OP_SIGN) { + switch (asym_op->rsa.pad) { + case RTE_CRYPTO_RSA_PADDING_NONE: + rte_memcpy(cookie->input_array[0] + + alg_size_in_bytes - + asym_op->rsa.message.length, + asym_op->rsa.message.data, + asym_op->rsa.message.length); + break; + default: + QAT_LOG(ERR, + "Invalid padding of RSA (Signature)"); + return QAT_ASYM_ERROR_INVALID_PARAM; + } + } + + if (xform->rsa.key_type == RTE_RSA_KET_TYPE_QT) { + QAT_LOG(ERR, "RSA CRT not implemented"); + return QAT_ASYM_ERROR_INVALID_PARAM; + } else if (xform->rsa.key_type == + RTE_RSA_KEY_TYPE_EXP) { + if (qat_asym_get_sz_and_func_id( + RSA_MODEXP_DEC_IDS, + sizeof(RSA_MODEXP_DEC_IDS)/ + sizeof(*RSA_MODEXP_DEC_IDS), + &alg_size, &func_id)) { + return QAT_ASYM_ERROR_INVALID_PARAM; + } + alg_size_in_bytes = alg_size >> 3; + rte_memcpy(cookie->input_array[1] + + alg_size_in_bytes - + xform->rsa.d.length, + xform->rsa.d.data, + xform->rsa.d.length); + rte_memcpy(cookie->input_array[2] + + alg_size_in_bytes - + xform->rsa.n.length, + xform->rsa.n.data, + xform->rsa.n.length); +#if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG + QAT_DP_HEXDUMP_LOG(DEBUG, "C", cookie->input_array[0], + alg_size_in_bytes); + QAT_DP_HEXDUMP_LOG(DEBUG, "d", cookie->input_array[1], + alg_size_in_bytes); + QAT_DP_HEXDUMP_LOG(DEBUG, "n", cookie->input_array[2], + alg_size_in_bytes); +#endif + + cookie->alg_size = alg_size; + qat_req->pke_hdr.cd_pars.func_id = func_id; + } else { + QAT_LOG(ERR, "Invalid RSA key type"); + return QAT_ASYM_ERROR_INVALID_PARAM; + } + } } return 0; } @@ -252,8 +416,10 @@ qat_asym_build_request(void *in_op, ctx = (struct qat_asym_session *) get_asym_session_private_data( op->asym->session, cryptodev_qat_asym_driver_id); - rte_mov64((uint8_t *)qat_req, (const uint8_t *)&(ctx->req_tmpl)); - err = qat_asym_fill_arrays(asym_op, qat_req, cookie, ctx->xform); + rte_mov64((uint8_t *)qat_req, + (const uint8_t *)&(ctx->req_tmpl)); + err = qat_asym_fill_arrays(asym_op, qat_req, + cookie, ctx->xform); if (err) { op->status = RTE_CRYPTO_OP_STATUS_INVALID_ARGS; goto error; @@ -347,6 +513,81 @@ static void qat_asym_collect_response(struct rte_crypto_op *rx_op, alg_size_in_bytes); #endif } + } else if (xform->xform_type == RTE_CRYPTO_ASYM_XFORM_RSA) { + uint8_t *rsa_result = asym_op->rsa.cipher.data; + + alg_size = cookie->alg_size; + alg_size_in_bytes = alg_size >> 3; + if (asym_op->rsa.op_type == RTE_CRYPTO_ASYM_OP_ENCRYPT || + asym_op->rsa.op_type == + RTE_CRYPTO_ASYM_OP_VERIFY) { + if (asym_op->rsa.op_type == + RTE_CRYPTO_ASYM_OP_ENCRYPT) { + rte_memcpy(rsa_result, + cookie->output_array[0], + xform->rsa.n.length); + rx_op->status = RTE_CRYPTO_OP_STATUS_SUCCESS; +#if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG + QAT_DP_HEXDUMP_LOG(DEBUG, "Encrypted data", + cookie->output_array[0], + alg_size_in_bytes); + asym_op->rsa.cipher.length = alg_size_in_bytes; +#endif + } else if (asym_op->rsa.op_type == + RTE_CRYPTO_ASYM_OP_VERIFY) { + rsa_result = asym_op->rsa.message.data; + switch (asym_op->rsa.pad) { + case RTE_CRYPTO_RSA_PADDING_NONE: + rte_memcpy(rsa_result, + cookie->output_array[0], + xform->rsa.n.length); + rx_op->status = + RTE_CRYPTO_OP_STATUS_SUCCESS; + break; + default: + QAT_LOG(ERR, "Error during setting " + "Padding not supported"); + rx_op->status = + RTE_CRYPTO_OP_STATUS_ERROR; + break; + } + } + } else { + rsa_result = asym_op->rsa.message.data; + if (asym_op->rsa.op_type == + RTE_CRYPTO_ASYM_OP_DECRYPT) { + switch (asym_op->rsa.pad) { + case RTE_CRYPTO_RSA_PADDING_NONE: + rte_memcpy(rsa_result, + cookie->output_array[0], + xform->rsa.n.length + ); + break; + default: + QAT_LOG(ERR, "Error during setting " + "Padding not supported"); + rx_op->status = + RTE_CRYPTO_OP_STATUS_ERROR; + break; + } +#if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG + QAT_DP_HEXDUMP_LOG(DEBUG, "RSA Decrypted Message", + rsa_result, alg_size_in_bytes); +#endif + } else if (asym_op->rsa.op_type == RTE_CRYPTO_ASYM_OP_SIGN) { + rsa_result = asym_op->rsa.sign.data; + rte_memcpy(rsa_result, + cookie->output_array[0], + xform->rsa.n.length + ); + rx_op->status = RTE_CRYPTO_OP_STATUS_SUCCESS; +#if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG + QAT_DP_HEXDUMP_LOG(DEBUG, "RSA Signature", + cookie->output_array[0], + alg_size_in_bytes); +#endif + } + } } qat_clear_arrays_by_alg(cookie, xform->xform_type, alg_size_in_bytes, alg_size_in_bytes); @@ -396,7 +637,7 @@ qat_asym_process_response(void **op, uint8_t *resp, if (rx_op->sess_type == RTE_CRYPTO_OP_WITH_SESSION) { ctx = (struct qat_asym_session *)get_asym_session_private_data( - rx_op->asym->session, cryptodev_qat_asym_driver_id); + rx_op->asym->session, cryptodev_qat_asym_driver_id); qat_asym_collect_response(rx_op, cookie, ctx->xform); } else if (rx_op->sess_type == RTE_CRYPTO_OP_SESSIONLESS) { qat_asym_collect_response(rx_op, cookie, rx_op->asym->xform); @@ -438,6 +679,12 @@ qat_asym_session_configure(struct rte_cryptodev *dev, err = -EINVAL; goto error; } + } else if (xform->xform_type == RTE_CRYPTO_ASYM_XFORM_RSA) { + if (xform->rsa.n.length == 0) { + QAT_LOG(ERR, "Invalid rsa input parameter"); + err = -EINVAL; + goto error; + } } else if (xform->xform_type >= RTE_CRYPTO_ASYM_XFORM_TYPE_LIST_END || xform->xform_type <= RTE_CRYPTO_ASYM_XFORM_NONE) { QAT_LOG(ERR, "Invalid asymmetric crypto xform"); diff --git a/drivers/crypto/qat/qat_asym.h b/drivers/crypto/qat/qat_asym.h index b04eee4..b12a969 100644 --- a/drivers/crypto/qat/qat_asym.h +++ b/drivers/crypto/qat/qat_asym.h @@ -24,6 +24,8 @@ typedef uint64_t large_int_ptr; #define QAT_ASYM_MODINV_NUM_OUT_PARAMS 1 #define QAT_ASYM_MODEXP_NUM_IN_PARAMS 3 #define QAT_ASYM_MODEXP_NUM_OUT_PARAMS 1 +#define QAT_ASYM_RSA_NUM_IN_PARAMS 3 +#define QAT_ASYM_RSA_NUM_OUT_PARAMS 1 struct qat_asym_op_cookie { size_t alg_size; diff --git a/drivers/crypto/qat/qat_asym_pmd.c b/drivers/crypto/qat/qat_asym_pmd.c index 71fd709..78fc2d7 100644 --- a/drivers/crypto/qat/qat_asym_pmd.c +++ b/drivers/crypto/qat/qat_asym_pmd.c @@ -271,7 +271,8 @@ qat_asym_dev_create(struct qat_pci_device *qat_pci_dev) cryptodev->feature_flags = RTE_CRYPTODEV_FF_ASYMMETRIC_CRYPTO | RTE_CRYPTODEV_FF_HW_ACCELERATED | - RTE_CRYPTODEV_FF_ASYM_SESSIONLESS; + RTE_CRYPTODEV_FF_ASYM_SESSIONLESS | + RTE_CRYPTODEV_FF_RSA_PRIV_OP_KEY_EXP; internals = cryptodev->data->dev_private; internals->qat_dev = qat_pci_dev; qat_pci_dev->asym_dev = internals; From patchwork Fri Sep 6 12:00:38 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Arkadiusz Kusztal X-Patchwork-Id: 58841 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@dpdk.org Delivered-To: patchwork@dpdk.org Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id 78BA11F30F; Fri, 6 Sep 2019 14:01:45 +0200 (CEST) Received: from mga05.intel.com (mga05.intel.com [192.55.52.43]) by dpdk.org (Postfix) with ESMTP id 90B251F2FF for ; Fri, 6 Sep 2019 14:01:43 +0200 (CEST) X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by fmsmga105.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 06 Sep 2019 05:01:42 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.64,473,1559545200"; d="scan'208";a="199504773" Received: from akusztax-mobl.ger.corp.intel.com ([10.104.116.188]) by fmsmga001.fm.intel.com with ESMTP; 06 Sep 2019 05:01:36 -0700 From: Arek Kusztal To: dev@dpdk.org Cc: akhil.goyal@nxp.com, fiona.trahe@intel.com, Arek Kusztal Date: Fri, 6 Sep 2019 14:00:38 +0200 Message-Id: <20190906120039.11640-3-arkadiuszx.kusztal@intel.com> X-Mailer: git-send-email 2.19.1.windows.1 In-Reply-To: <20190906120039.11640-1-arkadiuszx.kusztal@intel.com> References: <20190906120039.11640-1-arkadiuszx.kusztal@intel.com> MIME-Version: 1.0 Subject: [dpdk-dev] [PATCH 3/4] crypto/qat: add rsa crt implementation to asym pmd X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" This commit extends RSA implementation by CRT option Signed-off-by: Arek Kusztal --- doc/guides/rel_notes/release_19_11.rst | 1 + .../qat/qat_adf/qat_pke_functionality_arrays.h | 9 ++++ drivers/crypto/qat/qat_asym.c | 59 +++++++++++++++++++++- drivers/crypto/qat/qat_asym.h | 1 + drivers/crypto/qat/qat_asym_pmd.c | 3 +- 5 files changed, 70 insertions(+), 3 deletions(-) diff --git a/doc/guides/rel_notes/release_19_11.rst b/doc/guides/rel_notes/release_19_11.rst index a8c4efd..e0b9169 100644 --- a/doc/guides/rel_notes/release_19_11.rst +++ b/doc/guides/rel_notes/release_19_11.rst @@ -60,6 +60,7 @@ New Features Added support for session-less operations. Added support for RSA algorithm with pair (n, d) private key representation. + Added support for RSA algorithm with quintuple private key representation. Removed Items ------------- diff --git a/drivers/common/qat/qat_adf/qat_pke_functionality_arrays.h b/drivers/common/qat/qat_adf/qat_pke_functionality_arrays.h index 4f857b9..4921e0c 100644 --- a/drivers/common/qat/qat_adf/qat_pke_functionality_arrays.h +++ b/drivers/common/qat/qat_adf/qat_pke_functionality_arrays.h @@ -67,4 +67,13 @@ static const uint32_t RSA_MODEXP_DEC_IDS[][2] = { { 4096, PKE_RSA_DP1_4096 }, }; +static const uint32_t RSA_MODEXP_DEC_CRT_IDS[][2] = { + { 512, PKE_RSA_DP2_512 }, + { 1024, PKE_RSA_DP2_1024 }, + { 1536, PKE_RSA_DP2_1536 }, + { 2048, PKE_RSA_DP2_2048 }, + { 3072, PKE_RSA_DP2_3072 }, + { 4096, PKE_RSA_DP2_4096 }, +}; + #endif diff --git a/drivers/crypto/qat/qat_asym.c b/drivers/crypto/qat/qat_asym.c index 8985270..3e3827d 100644 --- a/drivers/crypto/qat/qat_asym.c +++ b/drivers/crypto/qat/qat_asym.c @@ -354,8 +354,63 @@ qat_asym_fill_arrays(struct rte_crypto_asym_op *asym_op, } if (xform->rsa.key_type == RTE_RSA_KET_TYPE_QT) { - QAT_LOG(ERR, "RSA CRT not implemented"); - return QAT_ASYM_ERROR_INVALID_PARAM; + + qat_req->input_param_count = + QAT_ASYM_RSA_QT_NUM_IN_PARAMS; + if (qat_asym_get_sz_and_func_id(RSA_MODEXP_DEC_CRT_IDS, + sizeof(RSA_MODEXP_DEC_CRT_IDS)/ + sizeof(*RSA_MODEXP_DEC_CRT_IDS), + &alg_size, &func_id)) { + return QAT_ASYM_ERROR_INVALID_PARAM; + } + alg_size_in_bytes = alg_size >> 3; + + rte_memcpy(cookie->input_array[1] + + (alg_size_in_bytes >> 1) - + xform->rsa.qt.p.length + , xform->rsa.qt.p.data, + xform->rsa.qt.p.length); + rte_memcpy(cookie->input_array[2] + + (alg_size_in_bytes >> 1) - + xform->rsa.qt.q.length + , xform->rsa.qt.q.data, + xform->rsa.qt.q.length); + rte_memcpy(cookie->input_array[3] + + (alg_size_in_bytes >> 1) - + xform->rsa.qt.dP.length + , xform->rsa.qt.dP.data, + xform->rsa.qt.dP.length); + rte_memcpy(cookie->input_array[4] + + (alg_size_in_bytes >> 1) - + xform->rsa.qt.dQ.length + , xform->rsa.qt.dQ.data, + xform->rsa.qt.dQ.length); + rte_memcpy(cookie->input_array[5] + + (alg_size_in_bytes >> 1) - + xform->rsa.qt.qInv.length + , xform->rsa.qt.qInv.data, + xform->rsa.qt.qInv.length); + +#if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG + QAT_DP_HEXDUMP_LOG(DEBUG, "C", + cookie->input_array[0], + alg_size_in_bytes); + QAT_DP_HEXDUMP_LOG(DEBUG, "p", + cookie->input_array[1], + alg_size_in_bytes); + QAT_DP_HEXDUMP_LOG(DEBUG, "q", + cookie->input_array[2], + alg_size_in_bytes); + QAT_DP_HEXDUMP_LOG(DEBUG, + "dP", cookie->input_array[3], + alg_size_in_bytes); + QAT_DP_HEXDUMP_LOG(DEBUG, + "dQ", cookie->input_array[4], + alg_size_in_bytes); + QAT_DP_HEXDUMP_LOG(DEBUG, + "qInv", cookie->input_array[5], + alg_size_in_bytes); +#endif } else if (xform->rsa.key_type == RTE_RSA_KEY_TYPE_EXP) { if (qat_asym_get_sz_and_func_id( diff --git a/drivers/crypto/qat/qat_asym.h b/drivers/crypto/qat/qat_asym.h index b12a969..a8e86e6 100644 --- a/drivers/crypto/qat/qat_asym.h +++ b/drivers/crypto/qat/qat_asym.h @@ -26,6 +26,7 @@ typedef uint64_t large_int_ptr; #define QAT_ASYM_MODEXP_NUM_OUT_PARAMS 1 #define QAT_ASYM_RSA_NUM_IN_PARAMS 3 #define QAT_ASYM_RSA_NUM_OUT_PARAMS 1 +#define QAT_ASYM_RSA_QT_NUM_IN_PARAMS 6 struct qat_asym_op_cookie { size_t alg_size; diff --git a/drivers/crypto/qat/qat_asym_pmd.c b/drivers/crypto/qat/qat_asym_pmd.c index 78fc2d7..c8a52b6 100644 --- a/drivers/crypto/qat/qat_asym_pmd.c +++ b/drivers/crypto/qat/qat_asym_pmd.c @@ -272,7 +272,8 @@ qat_asym_dev_create(struct qat_pci_device *qat_pci_dev) cryptodev->feature_flags = RTE_CRYPTODEV_FF_ASYMMETRIC_CRYPTO | RTE_CRYPTODEV_FF_HW_ACCELERATED | RTE_CRYPTODEV_FF_ASYM_SESSIONLESS | - RTE_CRYPTODEV_FF_RSA_PRIV_OP_KEY_EXP; + RTE_CRYPTODEV_FF_RSA_PRIV_OP_KEY_EXP | + RTE_CRYPTODEV_FF_RSA_PRIV_OP_KEY_QT; internals = cryptodev->data->dev_private; internals->qat_dev = qat_pci_dev; qat_pci_dev->asym_dev = internals; From patchwork Fri Sep 6 12:00:39 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Arkadiusz Kusztal X-Patchwork-Id: 58842 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@dpdk.org Delivered-To: patchwork@dpdk.org Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id C04581F318; Fri, 6 Sep 2019 14:01:47 +0200 (CEST) Received: from mga05.intel.com (mga05.intel.com [192.55.52.43]) by dpdk.org (Postfix) with ESMTP id 586261F2FF for ; Fri, 6 Sep 2019 14:01:44 +0200 (CEST) X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by fmsmga105.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 06 Sep 2019 05:01:43 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.64,473,1559545200"; d="scan'208";a="199504779" Received: from akusztax-mobl.ger.corp.intel.com ([10.104.116.188]) by fmsmga001.fm.intel.com with ESMTP; 06 Sep 2019 05:01:41 -0700 From: Arek Kusztal To: dev@dpdk.org Cc: akhil.goyal@nxp.com, fiona.trahe@intel.com, Arek Kusztal Date: Fri, 6 Sep 2019 14:00:39 +0200 Message-Id: <20190906120039.11640-4-arkadiuszx.kusztal@intel.com> X-Mailer: git-send-email 2.19.1.windows.1 In-Reply-To: <20190906120039.11640-1-arkadiuszx.kusztal@intel.com> References: <20190906120039.11640-1-arkadiuszx.kusztal@intel.com> MIME-Version: 1.0 Subject: [dpdk-dev] [PATCH 4/4] test/crypto: add sessionless to asymmetric mod exp X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" This commmit adds asymmetric sessionless tests to mod exp int test_cryptodev test file Signed-off-by: Arek Kusztal --- app/test/test_cryptodev_asym.c | 73 ++++++++++++++++++++++++++++-------------- 1 file changed, 49 insertions(+), 24 deletions(-) diff --git a/app/test/test_cryptodev_asym.c b/app/test/test_cryptodev_asym.c index e8177e7..31d8bfa 100644 --- a/app/test/test_cryptodev_asym.c +++ b/app/test/test_cryptodev_asym.c @@ -283,7 +283,7 @@ test_cryptodev_asym_ver(union test_case_structure *data_tc, static int test_cryptodev_asym_op(struct crypto_testsuite_params *ts_params, union test_case_structure *data_tc, - char *test_msg) + char *test_msg, int sessionless) { struct rte_crypto_asym_op *asym_op = NULL; struct rte_crypto_op *op = NULL; @@ -382,27 +382,31 @@ test_cryptodev_asym_op(struct crypto_testsuite_params *ts_params, goto error_exit; } - sess = rte_cryptodev_asym_session_create(ts_params->session_mpool); - if (!sess) { - snprintf(test_msg, ASYM_TEST_MSG_LEN, - "line %u " - "FAILED: %s", __LINE__, - "Session creation failed"); - status = TEST_FAILED; - goto error_exit; - } - - if (rte_cryptodev_asym_session_init(dev_id, sess, &xform_tc, - ts_params->session_mpool) < 0) { - snprintf(test_msg, ASYM_TEST_MSG_LEN, - "line %u FAILED: %s", - __LINE__, "unabled to config sym session"); - status = TEST_FAILED; - goto error_exit; - } + if (!sessionless) { + sess = rte_cryptodev_asym_session_create(ts_params->session_mpool); + if (!sess) { + snprintf(test_msg, ASYM_TEST_MSG_LEN, + "line %u " + "FAILED: %s", __LINE__, + "Session creation failed"); + status = TEST_FAILED; + goto error_exit; + } - rte_crypto_op_attach_asym_session(op, sess); + if (rte_cryptodev_asym_session_init(dev_id, sess, &xform_tc, + ts_params->session_mpool) < 0) { + snprintf(test_msg, ASYM_TEST_MSG_LEN, + "line %u FAILED: %s", + __LINE__, "unabled to config sym session"); + status = TEST_FAILED; + goto error_exit; + } + rte_crypto_op_attach_asym_session(op, sess); + } else { + asym_op->xform = &xform_tc; + op->sess_type = RTE_CRYPTO_OP_SESSIONLESS; + } RTE_LOG(DEBUG, USER1, "Process ASYM operation"); /* Process crypto operation */ @@ -433,7 +437,10 @@ test_cryptodev_asym_op(struct crypto_testsuite_params *ts_params, goto error_exit; } - snprintf(test_msg, ASYM_TEST_MSG_LEN, "PASS"); + if (!sessionless) + snprintf(test_msg, ASYM_TEST_MSG_LEN, "PASS"); + else + snprintf(test_msg, ASYM_TEST_MSG_LEN, "SESSIONLESS PASS"); error_exit: if (sess != NULL) { @@ -451,7 +458,7 @@ test_cryptodev_asym_op(struct crypto_testsuite_params *ts_params, } static int -test_one_case(const void *test_case) +test_one_case(const void *test_case, int sessionless) { int status = TEST_SUCCESS; char test_msg[ASYM_TEST_MSG_LEN + 1]; @@ -460,7 +467,8 @@ test_one_case(const void *test_case) union test_case_structure tc; memcpy(&tc, test_case, sizeof(tc)); - status = test_cryptodev_asym_op(&testsuite_params, &tc, test_msg); + status = test_cryptodev_asym_op(&testsuite_params, &tc, test_msg, + sessionless); printf(" %u) TestCase %s %s\n", test_index++, tc.modex.description, test_msg); @@ -501,14 +509,31 @@ static int test_one_by_one(void) { int status = TEST_SUCCESS; + struct crypto_testsuite_params *ts_params = &testsuite_params; uint32_t i = 0; + uint8_t dev_id = ts_params->valid_devs[0]; + struct rte_cryptodev_info dev_info; + int sessionless = 0; + + rte_cryptodev_info_get(dev_id, &dev_info); + if ((dev_info.feature_flags & + RTE_CRYPTODEV_FF_ASYM_SESSIONLESS)) { + sessionless = 1; + } /* Go through all test cases */ test_index = 0; for (i = 0; i < test_vector.size; i++) { - if (test_one_case(test_vector.address[i]) != TEST_SUCCESS) + if (test_one_case(test_vector.address[i], 0) != TEST_SUCCESS) status = TEST_FAILED; } + if (sessionless) { + for (i = 0; i < test_vector.size; i++) { + if (test_one_case(test_vector.address[i], 1) + != TEST_SUCCESS) + status = TEST_FAILED; + } + } TEST_ASSERT_EQUAL(status, 0, "Test failed"); return status;