From patchwork Fri Oct 11 10:03:35 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Arkadiusz Kusztal X-Patchwork-Id: 60957 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@dpdk.org Delivered-To: patchwork@dpdk.org Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id AA2861EA39; Fri, 11 Oct 2019 12:06:34 +0200 (CEST) Received: from mga11.intel.com (mga11.intel.com [192.55.52.93]) by dpdk.org (Postfix) with ESMTP id 603DD1EA35 for ; Fri, 11 Oct 2019 12:06:32 +0200 (CEST) X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by fmsmga102.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 11 Oct 2019 03:06:31 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.67,283,1566889200"; d="scan'208";a="207398879" Received: from akusztax-mobl.ger.corp.intel.com ([10.104.14.168]) by fmsmga001.fm.intel.com with ESMTP; 11 Oct 2019 03:06:29 -0700 From: Arek Kusztal To: dev@dpdk.org Cc: akhil.goyal@nxp.com, fiona.trahe@intel.com, Arek Kusztal Date: Fri, 11 Oct 2019 12:03:35 +0200 Message-Id: <20191011100339.12912-2-arkadiuszx.kusztal@intel.com> X-Mailer: git-send-email 2.19.1.windows.1 In-Reply-To: <20191011100339.12912-1-arkadiuszx.kusztal@intel.com> References: <20191011100339.12912-1-arkadiuszx.kusztal@intel.com> MIME-Version: 1.0 Subject: [dpdk-dev] [PATCH v2 1/5] crypto/qat: add sessionless implementation to asym pmd X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" This patch adds option to use asymmetric crypto pmd with session-less support. Signed-off-by: Arek Kusztal --- doc/guides/cryptodevs/features/qat.ini | 1 + doc/guides/rel_notes/release_19_11.rst | 4 + drivers/crypto/qat/qat_asym.c | 312 ++++++++++++++++++++------------- drivers/crypto/qat/qat_asym.h | 26 +-- drivers/crypto/qat/qat_asym_pmd.c | 3 +- 5 files changed, 202 insertions(+), 144 deletions(-) diff --git a/doc/guides/cryptodevs/features/qat.ini b/doc/guides/cryptodevs/features/qat.ini index 0832e59..cef8015 100644 --- a/doc/guides/cryptodevs/features/qat.ini +++ b/doc/guides/cryptodevs/features/qat.ini @@ -13,6 +13,7 @@ OOP SGL In LB Out = Y OOP LB In SGL Out = Y OOP LB In LB Out = Y Digest encrypted = Y +Asymmetric sessionless = Y ; ; Supported crypto algorithms of the 'qat' crypto driver. diff --git a/doc/guides/rel_notes/release_19_11.rst b/doc/guides/rel_notes/release_19_11.rst index 4ede7e8..7730483 100644 --- a/doc/guides/rel_notes/release_19_11.rst +++ b/doc/guides/rel_notes/release_19_11.rst @@ -85,6 +85,10 @@ New Features Added stateful decompression support in the Intel QuickAssist Technology PMD. Please note that stateful compression is not supported. +* **Updated the Intel QuickAssist Technology (QAT) asymmetric crypto PMD.** + + Added support for asymmetric session-less operations. + * **Added cryptodev API to use asymmetric session-less operation.** Added session-less option to cryptodev asymmetric API. It works the same way diff --git a/drivers/crypto/qat/qat_asym.c b/drivers/crypto/qat/qat_asym.c index 4ddb0e5..bf5d22d 100644 --- a/drivers/crypto/qat/qat_asym.c +++ b/drivers/crypto/qat/qat_asym.c @@ -26,38 +26,23 @@ static int qat_asym_get_sz_and_func_id(const uint32_t arr[][2], return -1; } -static void qat_asym_build_req_tmpl(void *sess_private_data, - struct rte_crypto_asym_xform *xform) +static inline void qat_fill_req_tmpl(struct icp_qat_fw_pke_request *qat_req) { - - struct icp_qat_fw_pke_request *qat_req; - struct qat_asym_session *session = sess_private_data; - - qat_req = &session->req_tmpl; memset(qat_req, 0, sizeof(*qat_req)); qat_req->pke_hdr.service_type = ICP_QAT_FW_COMN_REQ_CPM_FW_PKE; qat_req->pke_hdr.hdr_flags = ICP_QAT_FW_COMN_HDR_FLAGS_BUILD (ICP_QAT_FW_COMN_REQ_FLAG_SET); - qat_req->pke_hdr.comn_req_flags = 0; - qat_req->pke_hdr.resrvd1 = 0; - qat_req->pke_hdr.resrvd2 = 0; - qat_req->pke_hdr.kpt_mask = 0; - qat_req->pke_hdr.kpt_rn_mask = 0; - qat_req->pke_hdr.cd_pars.content_desc_addr = 0; - qat_req->pke_hdr.cd_pars.content_desc_resrvd = 0; - qat_req->resrvd1 = 0; - qat_req->resrvd2 = 0; - qat_req->next_req_adr = 0; +} - if (xform->xform_type == RTE_CRYPTO_ASYM_XFORM_MODEX) { - qat_req->output_param_count = 1; - qat_req->input_param_count = 3; - } else if (xform->xform_type == RTE_CRYPTO_ASYM_XFORM_MODINV) { - qat_req->output_param_count = 1; - qat_req->input_param_count = 2; - } +static inline void qat_asym_build_req_tmpl(void *sess_private_data) +{ + struct icp_qat_fw_pke_request *qat_req; + struct qat_asym_session *session = sess_private_data; + + qat_req = &session->req_tmpl; + qat_fill_req_tmpl(qat_req); } static size_t max_of(int n, ...) @@ -90,6 +75,19 @@ static void qat_clear_arrays(struct qat_asym_op_cookie *cookie, memset(cookie->output_array[i], 0x0, out_size); } +static void qat_clear_arrays_by_alg(struct qat_asym_op_cookie *cookie, + enum rte_crypto_asym_xform_type alg, int in_size, int out_size) +{ + if (alg == RTE_CRYPTO_ASYM_XFORM_MODEX) + qat_clear_arrays(cookie, QAT_ASYM_MODEXP_NUM_IN_PARAMS, + QAT_ASYM_MODEXP_NUM_OUT_PARAMS, in_size, + out_size); + else if (alg == RTE_CRYPTO_ASYM_XFORM_MODINV) + qat_clear_arrays(cookie, QAT_ASYM_MODINV_NUM_IN_PARAMS, + QAT_ASYM_MODINV_NUM_OUT_PARAMS, in_size, + out_size); +} + static int qat_asym_check_nonzero(rte_crypto_param n) { if (n.length < 8) { @@ -120,51 +118,34 @@ static int qat_asym_check_nonzero(rte_crypto_param n) return 0; } -int -qat_asym_build_request(void *in_op, - uint8_t *out_msg, - void *op_cookie, - __rte_unused enum qat_device_gen qat_dev_gen) +static int +qat_asym_fill_arrays(struct rte_crypto_asym_op *asym_op, + struct icp_qat_fw_pke_request *qat_req, + struct qat_asym_op_cookie *cookie, + struct rte_crypto_asym_xform *xform) { - struct qat_asym_session *ctx; - struct rte_crypto_op *op = (struct rte_crypto_op *)in_op; - struct rte_crypto_asym_op *asym_op = op->asym; - struct icp_qat_fw_pke_request *qat_req = - (struct icp_qat_fw_pke_request *)out_msg; - struct qat_asym_op_cookie *cookie = - (struct qat_asym_op_cookie *)op_cookie; - - uint64_t err = 0; + int err = 0; size_t alg_size; size_t alg_size_in_bytes; - uint32_t func_id; - - ctx = (struct qat_asym_session *)get_asym_session_private_data( - op->asym->session, cryptodev_qat_asym_driver_id); - rte_mov64((uint8_t *)qat_req, (const uint8_t *)&(ctx->req_tmpl)); - qat_req->pke_mid.opaque = (uint64_t)(uintptr_t)op; + uint32_t func_id = 0; - qat_req->pke_mid.src_data_addr = cookie->input_addr; - qat_req->pke_mid.dest_data_addr = cookie->output_addr; - - if (ctx->alg == QAT_PKE_MODEXP) { - err = qat_asym_check_nonzero(ctx->sess_alg_params.mod_exp.n); + if (xform->xform_type == RTE_CRYPTO_ASYM_XFORM_MODEX) { + err = qat_asym_check_nonzero(xform->modex.modulus); if (err) { QAT_LOG(ERR, "Empty modulus in modular exponentiation," " aborting this operation"); - goto error; + return err; } alg_size_in_bytes = max_of(3, asym_op->modex.base.length, - ctx->sess_alg_params.mod_exp.e.length, - ctx->sess_alg_params.mod_exp.n.length); + xform->modex.exponent.length, + xform->modex.modulus.length); alg_size = alg_size_in_bytes << 3; if (qat_asym_get_sz_and_func_id(MOD_EXP_SIZE, sizeof(MOD_EXP_SIZE)/sizeof(*MOD_EXP_SIZE), &alg_size, &func_id)) { - err = QAT_ASYM_ERROR_INVALID_PARAM; - goto error; + return QAT_ASYM_ERROR_INVALID_PARAM; } alg_size_in_bytes = alg_size >> 3; @@ -173,15 +154,17 @@ qat_asym_build_request(void *in_op, , asym_op->modex.base.data, asym_op->modex.base.length); rte_memcpy(cookie->input_array[1] + alg_size_in_bytes - - ctx->sess_alg_params.mod_exp.e.length - , ctx->sess_alg_params.mod_exp.e.data, - ctx->sess_alg_params.mod_exp.e.length); + xform->modex.exponent.length + , xform->modex.exponent.data, + xform->modex.exponent.length); rte_memcpy(cookie->input_array[2] + alg_size_in_bytes - - ctx->sess_alg_params.mod_exp.n.length, - ctx->sess_alg_params.mod_exp.n.data, - ctx->sess_alg_params.mod_exp.n.length); + xform->modex.modulus.length, + xform->modex.modulus.data, + xform->modex.modulus.length); cookie->alg_size = alg_size; qat_req->pke_hdr.cd_pars.func_id = func_id; + qat_req->input_param_count = QAT_ASYM_MODEXP_NUM_IN_PARAMS; + qat_req->output_param_count = QAT_ASYM_MODEXP_NUM_OUT_PARAMS; #if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG QAT_DP_HEXDUMP_LOG(DEBUG, "base", cookie->input_array[0], @@ -193,34 +176,32 @@ qat_asym_build_request(void *in_op, cookie->input_array[2], alg_size_in_bytes); #endif - } else if (ctx->alg == QAT_PKE_MODINV) { - err = qat_asym_check_nonzero(ctx->sess_alg_params.mod_inv.n); + } else if (xform->xform_type == RTE_CRYPTO_ASYM_XFORM_MODINV) { + err = qat_asym_check_nonzero(xform->modinv.modulus); if (err) { QAT_LOG(ERR, "Empty modulus in modular multiplicative" " inverse, aborting this operation"); - goto error; + return err; } alg_size_in_bytes = max_of(2, asym_op->modinv.base.length, - ctx->sess_alg_params.mod_inv.n.length); + xform->modinv.modulus.length); alg_size = alg_size_in_bytes << 3; - if (ctx->sess_alg_params.mod_inv.n.data[ - ctx->sess_alg_params.mod_inv.n.length - 1] & 0x01) { + if (xform->modinv.modulus.data[ + xform->modinv.modulus.length - 1] & 0x01) { if (qat_asym_get_sz_and_func_id(MOD_INV_IDS_ODD, sizeof(MOD_INV_IDS_ODD)/ sizeof(*MOD_INV_IDS_ODD), &alg_size, &func_id)) { - err = QAT_ASYM_ERROR_INVALID_PARAM; - goto error; + return QAT_ASYM_ERROR_INVALID_PARAM; } } else { if (qat_asym_get_sz_and_func_id(MOD_INV_IDS_EVEN, sizeof(MOD_INV_IDS_EVEN)/ sizeof(*MOD_INV_IDS_EVEN), &alg_size, &func_id)) { - err = QAT_ASYM_ERROR_INVALID_PARAM; - goto error; + return QAT_ASYM_ERROR_INVALID_PARAM; } } @@ -230,11 +211,15 @@ qat_asym_build_request(void *in_op, , asym_op->modinv.base.data, asym_op->modinv.base.length); rte_memcpy(cookie->input_array[1] + alg_size_in_bytes - - ctx->sess_alg_params.mod_inv.n.length - , ctx->sess_alg_params.mod_inv.n.data, - ctx->sess_alg_params.mod_inv.n.length); + xform->modinv.modulus.length + , xform->modinv.modulus.data, + xform->modinv.modulus.length); cookie->alg_size = alg_size; qat_req->pke_hdr.cd_pars.func_id = func_id; + qat_req->input_param_count = + QAT_ASYM_MODINV_NUM_IN_PARAMS; + qat_req->output_param_count = + QAT_ASYM_MODINV_NUM_OUT_PARAMS; #if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG QAT_DP_HEXDUMP_LOG(DEBUG, "base", cookie->input_array[0], @@ -244,13 +229,68 @@ qat_asym_build_request(void *in_op, alg_size_in_bytes); #endif } + return 0; +} + +int +qat_asym_build_request(void *in_op, + uint8_t *out_msg, + void *op_cookie, + __rte_unused enum qat_device_gen qat_dev_gen) +{ + struct qat_asym_session *ctx; + struct rte_crypto_op *op = (struct rte_crypto_op *)in_op; + struct rte_crypto_asym_op *asym_op = op->asym; + struct icp_qat_fw_pke_request *qat_req = + (struct icp_qat_fw_pke_request *)out_msg; + struct qat_asym_op_cookie *cookie = + (struct qat_asym_op_cookie *)op_cookie; + int err = 0; + + op->status = RTE_CRYPTO_OP_STATUS_NOT_PROCESSED; + if (op->sess_type == RTE_CRYPTO_OP_WITH_SESSION) { + ctx = (struct qat_asym_session *) + get_asym_session_private_data( + op->asym->session, cryptodev_qat_asym_driver_id); + rte_mov64((uint8_t *)qat_req, (const uint8_t *)&(ctx->req_tmpl)); + err = qat_asym_fill_arrays(asym_op, qat_req, cookie, ctx->xform); + if (err) { + op->status = RTE_CRYPTO_OP_STATUS_INVALID_ARGS; + goto error; + } + } else if (op->sess_type == RTE_CRYPTO_OP_SESSIONLESS) { + qat_fill_req_tmpl(qat_req); + err = qat_asym_fill_arrays(asym_op, qat_req, cookie, + op->asym->xform); + if (err) { + op->status = RTE_CRYPTO_OP_STATUS_INVALID_ARGS; + goto error; + } + } else { + QAT_DP_LOG(ERR, "Invalid session/xform settings"); + op->status = RTE_CRYPTO_OP_STATUS_INVALID_SESSION; + goto error; + } + + qat_req->pke_mid.opaque = (uint64_t)(uintptr_t)op; + qat_req->pke_mid.src_data_addr = cookie->input_addr; + qat_req->pke_mid.dest_data_addr = cookie->output_addr; #if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG QAT_DP_HEXDUMP_LOG(DEBUG, "qat_req:", qat_req, sizeof(struct icp_qat_fw_pke_request)); #endif + return 0; error: + + qat_req->pke_mid.opaque = (uint64_t)(uintptr_t)op; + +#if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG + QAT_DP_HEXDUMP_LOG(DEBUG, "qat_req:", qat_req, + sizeof(struct icp_qat_fw_pke_request)); +#endif + qat_req->output_param_count = 0; qat_req->input_param_count = 0; qat_req->pke_hdr.service_type = ICP_QAT_FW_COMN_REQ_NULL; @@ -259,42 +299,16 @@ qat_asym_build_request(void *in_op, return 0; } -void -qat_asym_process_response(void **op, uint8_t *resp, - void *op_cookie) +static void qat_asym_collect_response(struct rte_crypto_op *rx_op, + struct qat_asym_op_cookie *cookie, + struct rte_crypto_asym_xform *xform) { - struct qat_asym_session *ctx; - struct icp_qat_fw_pke_resp *resp_msg = - (struct icp_qat_fw_pke_resp *)resp; - struct rte_crypto_op *rx_op = (struct rte_crypto_op *)(uintptr_t) - (resp_msg->opaque); - struct rte_crypto_asym_op *asym_op = rx_op->asym; - struct qat_asym_op_cookie *cookie = op_cookie; size_t alg_size, alg_size_in_bytes; + struct rte_crypto_asym_op *asym_op = rx_op->asym; - ctx = (struct qat_asym_session *)get_asym_session_private_data( - rx_op->asym->session, cryptodev_qat_asym_driver_id); - - *op = rx_op; - rx_op->status = RTE_CRYPTO_OP_STATUS_NOT_PROCESSED; - - if (cookie->error) { - cookie->error = 0; - rx_op->status = RTE_CRYPTO_OP_STATUS_ERROR; - QAT_DP_LOG(ERR, "Cookie status returned error"); - } else { - if (ICP_QAT_FW_PKE_RESP_PKE_STAT_GET( - resp_msg->pke_resp_hdr.resp_status.pke_resp_flags)) { - rx_op->status = RTE_CRYPTO_OP_STATUS_ERROR; - QAT_DP_LOG(ERR, "Asymmetric response status returned error"); - } - if (resp_msg->pke_resp_hdr.resp_status.comn_err_code) { - rx_op->status = RTE_CRYPTO_OP_STATUS_ERROR; - QAT_DP_LOG(ERR, "Asymmetric common status returned error"); - } - } + if (xform->xform_type == RTE_CRYPTO_ASYM_XFORM_MODEX) { + rte_crypto_param n = xform->modex.modulus; - if (ctx->alg == QAT_PKE_MODEXP) { alg_size = cookie->alg_size; alg_size_in_bytes = alg_size >> 3; uint8_t *modexp_result = asym_op->modex.result.data; @@ -302,31 +316,30 @@ qat_asym_process_response(void **op, uint8_t *resp, if (rx_op->status == RTE_CRYPTO_OP_STATUS_NOT_PROCESSED) { rte_memcpy(modexp_result + (asym_op->modex.result.length - - ctx->sess_alg_params.mod_exp.n.length), + n.length), cookie->output_array[0] + alg_size_in_bytes - - ctx->sess_alg_params.mod_exp.n.length, - ctx->sess_alg_params.mod_exp.n.length + - n.length, n.length ); rx_op->status = RTE_CRYPTO_OP_STATUS_SUCCESS; #if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG QAT_DP_HEXDUMP_LOG(DEBUG, "modexp_result", cookie->output_array[0], alg_size_in_bytes); + #endif } - qat_clear_arrays(cookie, 3, 1, alg_size_in_bytes, - alg_size_in_bytes); - } else if (ctx->alg == QAT_PKE_MODINV) { + } else if (xform->xform_type == RTE_CRYPTO_ASYM_XFORM_MODINV) { + rte_crypto_param n = xform->modinv.modulus; + alg_size = cookie->alg_size; alg_size_in_bytes = alg_size >> 3; uint8_t *modinv_result = asym_op->modinv.result.data; if (rx_op->status == RTE_CRYPTO_OP_STATUS_NOT_PROCESSED) { rte_memcpy(modinv_result + (asym_op->modinv.result.length - - ctx->sess_alg_params.mod_inv.n.length), + - n.length), cookie->output_array[0] + alg_size_in_bytes - - ctx->sess_alg_params.mod_inv.n.length, - ctx->sess_alg_params.mod_inv.n.length); + - n.length, n.length); rx_op->status = RTE_CRYPTO_OP_STATUS_SUCCESS; #if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG QAT_DP_HEXDUMP_LOG(DEBUG, "modinv_result", @@ -334,8 +347,59 @@ qat_asym_process_response(void **op, uint8_t *resp, alg_size_in_bytes); #endif } - qat_clear_arrays(cookie, 2, 1, alg_size_in_bytes, + } + qat_clear_arrays_by_alg(cookie, xform->xform_type, alg_size_in_bytes, alg_size_in_bytes); +} + +void +qat_asym_process_response(void **op, uint8_t *resp, + void *op_cookie) +{ + struct qat_asym_session *ctx; + struct icp_qat_fw_pke_resp *resp_msg = + (struct icp_qat_fw_pke_resp *)resp; + struct rte_crypto_op *rx_op = (struct rte_crypto_op *)(uintptr_t) + (resp_msg->opaque); + struct qat_asym_op_cookie *cookie = op_cookie; + size_t alg_size, alg_size_in_bytes; + + if (cookie->error) { + cookie->error = 0; + if (rx_op->status == RTE_CRYPTO_OP_STATUS_NOT_PROCESSED) + rx_op->status = RTE_CRYPTO_OP_STATUS_ERROR; + QAT_DP_LOG(ERR, "Cookie status returned error"); + } else { + if (ICP_QAT_FW_PKE_RESP_PKE_STAT_GET( + resp_msg->pke_resp_hdr.resp_status.pke_resp_flags)) { + if (rx_op->status == RTE_CRYPTO_OP_STATUS_NOT_PROCESSED) + rx_op->status = RTE_CRYPTO_OP_STATUS_ERROR; + QAT_DP_LOG(ERR, "Asymmetric response status" + " returned error"); + } + if (resp_msg->pke_resp_hdr.resp_status.comn_err_code) { + if (rx_op->status == RTE_CRYPTO_OP_STATUS_NOT_PROCESSED) + rx_op->status = RTE_CRYPTO_OP_STATUS_ERROR; + QAT_DP_LOG(ERR, "Asymmetric common status" + " returned error"); + } + } + *op = rx_op; + if (cookie->error) { + alg_size = cookie->alg_size; + alg_size_in_bytes = alg_size >> 3; + qat_clear_arrays(cookie, QAT_ASYM_MAX_PARAMS, + QAT_ASYM_MAX_PARAMS, alg_size_in_bytes, + alg_size_in_bytes); + return; + } + + if (rx_op->sess_type == RTE_CRYPTO_OP_WITH_SESSION) { + ctx = (struct qat_asym_session *)get_asym_session_private_data( + rx_op->asym->session, cryptodev_qat_asym_driver_id); + qat_asym_collect_response(rx_op, cookie, ctx->xform); + } else if (rx_op->sess_type == RTE_CRYPTO_OP_SESSIONLESS) { + qat_asym_collect_response(rx_op, cookie, rx_op->asym->xform); } #if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG @@ -362,10 +426,6 @@ qat_asym_session_configure(struct rte_cryptodev *dev, session = sess_private_data; if (xform->xform_type == RTE_CRYPTO_ASYM_XFORM_MODEX) { - session->sess_alg_params.mod_exp.e = xform->modex.exponent; - session->sess_alg_params.mod_exp.n = xform->modex.modulus; - session->alg = QAT_PKE_MODEXP; - if (xform->modex.exponent.length == 0 || xform->modex.modulus.length == 0) { QAT_LOG(ERR, "Invalid mod exp input parameter"); @@ -373,20 +433,24 @@ qat_asym_session_configure(struct rte_cryptodev *dev, goto error; } } else if (xform->xform_type == RTE_CRYPTO_ASYM_XFORM_MODINV) { - session->sess_alg_params.mod_inv.n = xform->modinv.modulus; - session->alg = QAT_PKE_MODINV; - if (xform->modinv.modulus.length == 0) { QAT_LOG(ERR, "Invalid mod inv input parameter"); err = -EINVAL; goto error; } - } else { + } else if (xform->xform_type >= RTE_CRYPTO_ASYM_XFORM_TYPE_LIST_END + || xform->xform_type <= RTE_CRYPTO_ASYM_XFORM_NONE) { QAT_LOG(ERR, "Invalid asymmetric crypto xform"); err = -EINVAL; goto error; + } else { + QAT_LOG(ERR, "Asymmetric crypto xform not implemented"); + err = -EINVAL; + goto error; } - qat_asym_build_req_tmpl(sess_private_data, xform); + + session->xform = xform; + qat_asym_build_req_tmpl(sess_private_data); set_asym_session_private_data(sess, dev->driver_id, sess_private_data); diff --git a/drivers/crypto/qat/qat_asym.h b/drivers/crypto/qat/qat_asym.h index ce4839b..b04eee4 100644 --- a/drivers/crypto/qat/qat_asym.h +++ b/drivers/crypto/qat/qat_asym.h @@ -19,6 +19,12 @@ typedef uint64_t large_int_ptr; #define QAT_ASYM_ERROR_INVALID_PARAM 0x01 +#define QAT_ASYM_MAX_PARAMS 8 +#define QAT_ASYM_MODINV_NUM_IN_PARAMS 2 +#define QAT_ASYM_MODINV_NUM_OUT_PARAMS 1 +#define QAT_ASYM_MODEXP_NUM_IN_PARAMS 3 +#define QAT_ASYM_MODEXP_NUM_OUT_PARAMS 1 + struct qat_asym_op_cookie { size_t alg_size; uint64_t error; @@ -33,27 +39,9 @@ struct qat_asym_op_cookie { uint8_t output_array[MAX_PKE_PARAMS][QAT_PKE_MAX_LN_SIZE] _PKE_ALIGN_; } _PKE_ALIGN_; -enum qat_asym_alg { - QAT_PKE_RSA, - QAT_PKE_DH, - QAT_PKE_DSA, - QAT_PKE_MODEXP, - QAT_PKE_MODINV, -}; - struct qat_asym_session { - enum qat_asym_alg alg; struct icp_qat_fw_pke_request req_tmpl; - uint64_t flags; - union { - struct { - rte_crypto_param n; - rte_crypto_param e; - } mod_exp; - struct { - rte_crypto_param n; - } mod_inv; - } sess_alg_params; + struct rte_crypto_asym_xform *xform; }; int diff --git a/drivers/crypto/qat/qat_asym_pmd.c b/drivers/crypto/qat/qat_asym_pmd.c index c999799..71fd709 100644 --- a/drivers/crypto/qat/qat_asym_pmd.c +++ b/drivers/crypto/qat/qat_asym_pmd.c @@ -270,7 +270,8 @@ qat_asym_dev_create(struct qat_pci_device *qat_pci_dev) cryptodev->dequeue_burst = qat_asym_pmd_dequeue_op_burst; cryptodev->feature_flags = RTE_CRYPTODEV_FF_ASYMMETRIC_CRYPTO | - RTE_CRYPTODEV_FF_HW_ACCELERATED; + RTE_CRYPTODEV_FF_HW_ACCELERATED | + RTE_CRYPTODEV_FF_ASYM_SESSIONLESS; internals = cryptodev->data->dev_private; internals->qat_dev = qat_pci_dev; qat_pci_dev->asym_dev = internals; From patchwork Fri Oct 11 10:03:36 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Arkadiusz Kusztal X-Patchwork-Id: 60958 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@dpdk.org Delivered-To: patchwork@dpdk.org Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id A3B191EA4A; Fri, 11 Oct 2019 12:06:36 +0200 (CEST) Received: from mga11.intel.com (mga11.intel.com [192.55.52.93]) by dpdk.org (Postfix) with ESMTP id B50B31EA3A for ; Fri, 11 Oct 2019 12:06:34 +0200 (CEST) X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by fmsmga102.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 11 Oct 2019 03:06:34 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.67,283,1566889200"; d="scan'208";a="207398896" Received: from akusztax-mobl.ger.corp.intel.com ([10.104.14.168]) by fmsmga001.fm.intel.com with ESMTP; 11 Oct 2019 03:06:32 -0700 From: Arek Kusztal To: dev@dpdk.org Cc: akhil.goyal@nxp.com, fiona.trahe@intel.com, Arek Kusztal Date: Fri, 11 Oct 2019 12:03:36 +0200 Message-Id: <20191011100339.12912-3-arkadiuszx.kusztal@intel.com> X-Mailer: git-send-email 2.19.1.windows.1 In-Reply-To: <20191011100339.12912-1-arkadiuszx.kusztal@intel.com> References: <20191011100339.12912-1-arkadiuszx.kusztal@intel.com> MIME-Version: 1.0 Subject: [dpdk-dev] [PATCH v2 2/5] crypto/qat: add rsa implementation to asym pmd X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" This commit adds rsa algorithm to asymmetric pmd using pair (n, d) private key Signed-off-by: Arek Kusztal --- doc/guides/cryptodevs/features/qat.ini | 2 + doc/guides/rel_notes/release_19_11.rst | 2 + .../qat/qat_adf/qat_pke_functionality_arrays.h | 18 ++ drivers/crypto/qat/qat_asym.c | 253 ++++++++++++++++++++- drivers/crypto/qat/qat_asym.h | 2 + drivers/crypto/qat/qat_asym_capabilities.h | 21 ++ drivers/crypto/qat/qat_asym_pmd.c | 3 +- 7 files changed, 297 insertions(+), 4 deletions(-) diff --git a/doc/guides/cryptodevs/features/qat.ini b/doc/guides/cryptodevs/features/qat.ini index cef8015..374b523 100644 --- a/doc/guides/cryptodevs/features/qat.ini +++ b/doc/guides/cryptodevs/features/qat.ini @@ -14,6 +14,7 @@ OOP LB In SGL Out = Y OOP LB In LB Out = Y Digest encrypted = Y Asymmetric sessionless = Y +RSA PRIV OP KEY EXP = Y ; ; Supported crypto algorithms of the 'qat' crypto driver. @@ -71,3 +72,4 @@ AES CCM (256) = Y [Asymmetric] Modular Exponentiation = Y Modular Inversion = Y +RSA = Y diff --git a/doc/guides/rel_notes/release_19_11.rst b/doc/guides/rel_notes/release_19_11.rst index 7730483..e081fb1 100644 --- a/doc/guides/rel_notes/release_19_11.rst +++ b/doc/guides/rel_notes/release_19_11.rst @@ -89,6 +89,8 @@ New Features Added support for asymmetric session-less operations. + Added support for RSA algorithm with pair (n, d) private key representation. + * **Added cryptodev API to use asymmetric session-less operation.** Added session-less option to cryptodev asymmetric API. It works the same way diff --git a/drivers/common/qat/qat_adf/qat_pke_functionality_arrays.h b/drivers/common/qat/qat_adf/qat_pke_functionality_arrays.h index 8adf209..4f857b9 100644 --- a/drivers/common/qat/qat_adf/qat_pke_functionality_arrays.h +++ b/drivers/common/qat/qat_adf/qat_pke_functionality_arrays.h @@ -49,4 +49,22 @@ static const uint32_t MOD_INV_IDS_EVEN[][2] = { { 4096, MATHS_MODINV_EVEN_L4096 }, }; +static const uint32_t RSA_MODEXP_ENC_IDS[][2] = { + { 512, PKE_RSA_EP_512 }, + { 1024, PKE_RSA_EP_1024 }, + { 1536, PKE_RSA_EP_1536 }, + { 2048, PKE_RSA_EP_2048 }, + { 3072, PKE_RSA_EP_3072 }, + { 4096, PKE_RSA_EP_4096 }, +}; + +static const uint32_t RSA_MODEXP_DEC_IDS[][2] = { + { 512, PKE_RSA_DP1_512 }, + { 1024, PKE_RSA_DP1_1024 }, + { 1536, PKE_RSA_DP1_1536 }, + { 2048, PKE_RSA_DP1_2048 }, + { 3072, PKE_RSA_DP1_3072 }, + { 4096, PKE_RSA_DP1_4096 }, +}; + #endif diff --git a/drivers/crypto/qat/qat_asym.c b/drivers/crypto/qat/qat_asym.c index bf5d22d..8985270 100644 --- a/drivers/crypto/qat/qat_asym.c +++ b/drivers/crypto/qat/qat_asym.c @@ -228,6 +228,170 @@ qat_asym_fill_arrays(struct rte_crypto_asym_op *asym_op, cookie->input_array[1], alg_size_in_bytes); #endif + } else if (xform->xform_type == RTE_CRYPTO_ASYM_XFORM_RSA) { + err = qat_asym_check_nonzero(xform->rsa.n); + if (err) { + QAT_LOG(ERR, "Empty modulus in RSA" + " inverse, aborting this operation"); + return err; + } + + alg_size_in_bytes = xform->rsa.n.length; + alg_size = alg_size_in_bytes << 3; + + qat_req->input_param_count = + QAT_ASYM_RSA_NUM_IN_PARAMS; + qat_req->output_param_count = + QAT_ASYM_RSA_NUM_OUT_PARAMS; + + if (asym_op->rsa.op_type == RTE_CRYPTO_ASYM_OP_ENCRYPT || + asym_op->rsa.op_type == + RTE_CRYPTO_ASYM_OP_VERIFY) { + + if (qat_asym_get_sz_and_func_id(RSA_MODEXP_ENC_IDS, + sizeof(RSA_MODEXP_ENC_IDS)/ + sizeof(*RSA_MODEXP_ENC_IDS), + &alg_size, &func_id)) { + err = QAT_ASYM_ERROR_INVALID_PARAM; + QAT_LOG(ERR, + "Not supported RSA parameter size (key)"); + return err; + } + alg_size_in_bytes = alg_size >> 3; + if (asym_op->rsa.op_type == RTE_CRYPTO_ASYM_OP_ENCRYPT) { + switch (asym_op->rsa.pad) { + case RTE_CRYPTO_RSA_PADDING_NONE: + rte_memcpy(cookie->input_array[0] + + alg_size_in_bytes - + asym_op->rsa.message.length + , asym_op->rsa.message.data, + asym_op->rsa.message.length); + break; + default: + err = QAT_ASYM_ERROR_INVALID_PARAM; + QAT_LOG(ERR, + "Invalid RSA padding (Encryption)"); + return err; + } +#if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG + QAT_DP_HEXDUMP_LOG(DEBUG, "Message", + cookie->input_array[0], + alg_size_in_bytes); +#endif + } else { + switch (asym_op->rsa.pad) { + case RTE_CRYPTO_RSA_PADDING_NONE: + rte_memcpy(cookie->input_array[0], + asym_op->rsa.sign.data, + asym_op->rsa.sign.length); + break; + default: + err = QAT_ASYM_ERROR_INVALID_PARAM; + QAT_LOG(ERR, + "Invalid RSA padding (Verify)"); + return err; + } + +#if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG + QAT_DP_HEXDUMP_LOG(DEBUG, "Signature", + cookie->input_array[0], + alg_size_in_bytes); +#endif + + } + rte_memcpy(cookie->input_array[1] + + alg_size_in_bytes - + xform->rsa.e.length + , xform->rsa.e.data, + xform->rsa.e.length); + rte_memcpy(cookie->input_array[2] + + alg_size_in_bytes - + xform->rsa.n.length, + xform->rsa.n.data, + xform->rsa.n.length); + + cookie->alg_size = alg_size; + qat_req->pke_hdr.cd_pars.func_id = func_id; + +#if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG + QAT_DP_HEXDUMP_LOG(DEBUG, "Public Key", + cookie->input_array[1], alg_size_in_bytes); + QAT_DP_HEXDUMP_LOG(DEBUG, "Modulus", + cookie->input_array[2], alg_size_in_bytes); +#endif + } else { + if (asym_op->rsa.op_type == + RTE_CRYPTO_ASYM_OP_DECRYPT) { + switch (asym_op->rsa.pad) { + case RTE_CRYPTO_RSA_PADDING_NONE: + rte_memcpy(cookie->input_array[0] + + alg_size_in_bytes - + asym_op->rsa.cipher.length, + asym_op->rsa.cipher.data, + asym_op->rsa.cipher.length); + break; + default: + QAT_LOG(ERR, + "Invalid padding of RSA (Decrypt)"); + return QAT_ASYM_ERROR_INVALID_PARAM; + } + + } else if (asym_op->rsa.op_type == + RTE_CRYPTO_ASYM_OP_SIGN) { + switch (asym_op->rsa.pad) { + case RTE_CRYPTO_RSA_PADDING_NONE: + rte_memcpy(cookie->input_array[0] + + alg_size_in_bytes - + asym_op->rsa.message.length, + asym_op->rsa.message.data, + asym_op->rsa.message.length); + break; + default: + QAT_LOG(ERR, + "Invalid padding of RSA (Signature)"); + return QAT_ASYM_ERROR_INVALID_PARAM; + } + } + + if (xform->rsa.key_type == RTE_RSA_KET_TYPE_QT) { + QAT_LOG(ERR, "RSA CRT not implemented"); + return QAT_ASYM_ERROR_INVALID_PARAM; + } else if (xform->rsa.key_type == + RTE_RSA_KEY_TYPE_EXP) { + if (qat_asym_get_sz_and_func_id( + RSA_MODEXP_DEC_IDS, + sizeof(RSA_MODEXP_DEC_IDS)/ + sizeof(*RSA_MODEXP_DEC_IDS), + &alg_size, &func_id)) { + return QAT_ASYM_ERROR_INVALID_PARAM; + } + alg_size_in_bytes = alg_size >> 3; + rte_memcpy(cookie->input_array[1] + + alg_size_in_bytes - + xform->rsa.d.length, + xform->rsa.d.data, + xform->rsa.d.length); + rte_memcpy(cookie->input_array[2] + + alg_size_in_bytes - + xform->rsa.n.length, + xform->rsa.n.data, + xform->rsa.n.length); +#if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG + QAT_DP_HEXDUMP_LOG(DEBUG, "C", cookie->input_array[0], + alg_size_in_bytes); + QAT_DP_HEXDUMP_LOG(DEBUG, "d", cookie->input_array[1], + alg_size_in_bytes); + QAT_DP_HEXDUMP_LOG(DEBUG, "n", cookie->input_array[2], + alg_size_in_bytes); +#endif + + cookie->alg_size = alg_size; + qat_req->pke_hdr.cd_pars.func_id = func_id; + } else { + QAT_LOG(ERR, "Invalid RSA key type"); + return QAT_ASYM_ERROR_INVALID_PARAM; + } + } } return 0; } @@ -252,8 +416,10 @@ qat_asym_build_request(void *in_op, ctx = (struct qat_asym_session *) get_asym_session_private_data( op->asym->session, cryptodev_qat_asym_driver_id); - rte_mov64((uint8_t *)qat_req, (const uint8_t *)&(ctx->req_tmpl)); - err = qat_asym_fill_arrays(asym_op, qat_req, cookie, ctx->xform); + rte_mov64((uint8_t *)qat_req, + (const uint8_t *)&(ctx->req_tmpl)); + err = qat_asym_fill_arrays(asym_op, qat_req, + cookie, ctx->xform); if (err) { op->status = RTE_CRYPTO_OP_STATUS_INVALID_ARGS; goto error; @@ -347,6 +513,81 @@ static void qat_asym_collect_response(struct rte_crypto_op *rx_op, alg_size_in_bytes); #endif } + } else if (xform->xform_type == RTE_CRYPTO_ASYM_XFORM_RSA) { + uint8_t *rsa_result = asym_op->rsa.cipher.data; + + alg_size = cookie->alg_size; + alg_size_in_bytes = alg_size >> 3; + if (asym_op->rsa.op_type == RTE_CRYPTO_ASYM_OP_ENCRYPT || + asym_op->rsa.op_type == + RTE_CRYPTO_ASYM_OP_VERIFY) { + if (asym_op->rsa.op_type == + RTE_CRYPTO_ASYM_OP_ENCRYPT) { + rte_memcpy(rsa_result, + cookie->output_array[0], + xform->rsa.n.length); + rx_op->status = RTE_CRYPTO_OP_STATUS_SUCCESS; +#if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG + QAT_DP_HEXDUMP_LOG(DEBUG, "Encrypted data", + cookie->output_array[0], + alg_size_in_bytes); + asym_op->rsa.cipher.length = alg_size_in_bytes; +#endif + } else if (asym_op->rsa.op_type == + RTE_CRYPTO_ASYM_OP_VERIFY) { + rsa_result = asym_op->rsa.message.data; + switch (asym_op->rsa.pad) { + case RTE_CRYPTO_RSA_PADDING_NONE: + rte_memcpy(rsa_result, + cookie->output_array[0], + xform->rsa.n.length); + rx_op->status = + RTE_CRYPTO_OP_STATUS_SUCCESS; + break; + default: + QAT_LOG(ERR, "Error during setting " + "Padding not supported"); + rx_op->status = + RTE_CRYPTO_OP_STATUS_ERROR; + break; + } + } + } else { + rsa_result = asym_op->rsa.message.data; + if (asym_op->rsa.op_type == + RTE_CRYPTO_ASYM_OP_DECRYPT) { + switch (asym_op->rsa.pad) { + case RTE_CRYPTO_RSA_PADDING_NONE: + rte_memcpy(rsa_result, + cookie->output_array[0], + xform->rsa.n.length + ); + break; + default: + QAT_LOG(ERR, "Error during setting " + "Padding not supported"); + rx_op->status = + RTE_CRYPTO_OP_STATUS_ERROR; + break; + } +#if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG + QAT_DP_HEXDUMP_LOG(DEBUG, "RSA Decrypted Message", + rsa_result, alg_size_in_bytes); +#endif + } else if (asym_op->rsa.op_type == RTE_CRYPTO_ASYM_OP_SIGN) { + rsa_result = asym_op->rsa.sign.data; + rte_memcpy(rsa_result, + cookie->output_array[0], + xform->rsa.n.length + ); + rx_op->status = RTE_CRYPTO_OP_STATUS_SUCCESS; +#if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG + QAT_DP_HEXDUMP_LOG(DEBUG, "RSA Signature", + cookie->output_array[0], + alg_size_in_bytes); +#endif + } + } } qat_clear_arrays_by_alg(cookie, xform->xform_type, alg_size_in_bytes, alg_size_in_bytes); @@ -396,7 +637,7 @@ qat_asym_process_response(void **op, uint8_t *resp, if (rx_op->sess_type == RTE_CRYPTO_OP_WITH_SESSION) { ctx = (struct qat_asym_session *)get_asym_session_private_data( - rx_op->asym->session, cryptodev_qat_asym_driver_id); + rx_op->asym->session, cryptodev_qat_asym_driver_id); qat_asym_collect_response(rx_op, cookie, ctx->xform); } else if (rx_op->sess_type == RTE_CRYPTO_OP_SESSIONLESS) { qat_asym_collect_response(rx_op, cookie, rx_op->asym->xform); @@ -438,6 +679,12 @@ qat_asym_session_configure(struct rte_cryptodev *dev, err = -EINVAL; goto error; } + } else if (xform->xform_type == RTE_CRYPTO_ASYM_XFORM_RSA) { + if (xform->rsa.n.length == 0) { + QAT_LOG(ERR, "Invalid rsa input parameter"); + err = -EINVAL; + goto error; + } } else if (xform->xform_type >= RTE_CRYPTO_ASYM_XFORM_TYPE_LIST_END || xform->xform_type <= RTE_CRYPTO_ASYM_XFORM_NONE) { QAT_LOG(ERR, "Invalid asymmetric crypto xform"); diff --git a/drivers/crypto/qat/qat_asym.h b/drivers/crypto/qat/qat_asym.h index b04eee4..b12a969 100644 --- a/drivers/crypto/qat/qat_asym.h +++ b/drivers/crypto/qat/qat_asym.h @@ -24,6 +24,8 @@ typedef uint64_t large_int_ptr; #define QAT_ASYM_MODINV_NUM_OUT_PARAMS 1 #define QAT_ASYM_MODEXP_NUM_IN_PARAMS 3 #define QAT_ASYM_MODEXP_NUM_OUT_PARAMS 1 +#define QAT_ASYM_RSA_NUM_IN_PARAMS 3 +#define QAT_ASYM_RSA_NUM_OUT_PARAMS 1 struct qat_asym_op_cookie { size_t alg_size; diff --git a/drivers/crypto/qat/qat_asym_capabilities.h b/drivers/crypto/qat/qat_asym_capabilities.h index f43c025..108ec49 100644 --- a/drivers/crypto/qat/qat_asym_capabilities.h +++ b/drivers/crypto/qat/qat_asym_capabilities.h @@ -37,6 +37,27 @@ } \ }, \ } \ + }, \ + { /* RSA */ \ + .op = RTE_CRYPTO_OP_TYPE_ASYMMETRIC, \ + {.asym = { \ + .xform_capa = { \ + .xform_type = RTE_CRYPTO_ASYM_XFORM_RSA, \ + .op_types = ((1 << RTE_CRYPTO_ASYM_OP_SIGN) | \ + (1 << RTE_CRYPTO_ASYM_OP_VERIFY) | \ + (1 << RTE_CRYPTO_ASYM_OP_ENCRYPT) | \ + (1 << RTE_CRYPTO_ASYM_OP_DECRYPT)), \ + { \ + .modlen = { \ + /* min length is based on openssl rsa keygen */ \ + .min = 1, \ + /* value 0 symbolizes no limit on max length */ \ + .max = 512, \ + .increment = 1 \ + }, } \ + } \ + }, \ + } \ } \ #endif /* _QAT_ASYM_CAPABILITIES_H_ */ diff --git a/drivers/crypto/qat/qat_asym_pmd.c b/drivers/crypto/qat/qat_asym_pmd.c index 71fd709..78fc2d7 100644 --- a/drivers/crypto/qat/qat_asym_pmd.c +++ b/drivers/crypto/qat/qat_asym_pmd.c @@ -271,7 +271,8 @@ qat_asym_dev_create(struct qat_pci_device *qat_pci_dev) cryptodev->feature_flags = RTE_CRYPTODEV_FF_ASYMMETRIC_CRYPTO | RTE_CRYPTODEV_FF_HW_ACCELERATED | - RTE_CRYPTODEV_FF_ASYM_SESSIONLESS; + RTE_CRYPTODEV_FF_ASYM_SESSIONLESS | + RTE_CRYPTODEV_FF_RSA_PRIV_OP_KEY_EXP; internals = cryptodev->data->dev_private; internals->qat_dev = qat_pci_dev; qat_pci_dev->asym_dev = internals; From patchwork Fri Oct 11 10:03:37 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Arkadiusz Kusztal X-Patchwork-Id: 60959 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@dpdk.org Delivered-To: patchwork@dpdk.org Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id 5BE751EA96; Fri, 11 Oct 2019 12:06:39 +0200 (CEST) Received: from mga11.intel.com (mga11.intel.com [192.55.52.93]) by dpdk.org (Postfix) with ESMTP id E8C871EA36 for ; Fri, 11 Oct 2019 12:06:36 +0200 (CEST) X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by fmsmga102.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 11 Oct 2019 03:06:36 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.67,283,1566889200"; d="scan'208";a="207398907" Received: from akusztax-mobl.ger.corp.intel.com ([10.104.14.168]) by fmsmga001.fm.intel.com with ESMTP; 11 Oct 2019 03:06:35 -0700 From: Arek Kusztal To: dev@dpdk.org Cc: akhil.goyal@nxp.com, fiona.trahe@intel.com, Arek Kusztal Date: Fri, 11 Oct 2019 12:03:37 +0200 Message-Id: <20191011100339.12912-4-arkadiuszx.kusztal@intel.com> X-Mailer: git-send-email 2.19.1.windows.1 In-Reply-To: <20191011100339.12912-1-arkadiuszx.kusztal@intel.com> References: <20191011100339.12912-1-arkadiuszx.kusztal@intel.com> MIME-Version: 1.0 Subject: [dpdk-dev] [PATCH v2 3/5] crypto/qat: add rsa crt implementation to asym pmd X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" This commit extends RSA implementation by CRT option Signed-off-by: Arek Kusztal --- doc/guides/cryptodevs/features/qat.ini | 1 + doc/guides/rel_notes/release_19_11.rst | 2 + .../qat/qat_adf/qat_pke_functionality_arrays.h | 9 ++++ drivers/crypto/qat/qat_asym.c | 61 +++++++++++++++++++++- drivers/crypto/qat/qat_asym.h | 1 + drivers/crypto/qat/qat_asym_pmd.c | 3 +- 6 files changed, 74 insertions(+), 3 deletions(-) diff --git a/doc/guides/cryptodevs/features/qat.ini b/doc/guides/cryptodevs/features/qat.ini index 374b523..6e350eb 100644 --- a/doc/guides/cryptodevs/features/qat.ini +++ b/doc/guides/cryptodevs/features/qat.ini @@ -15,6 +15,7 @@ OOP LB In LB Out = Y Digest encrypted = Y Asymmetric sessionless = Y RSA PRIV OP KEY EXP = Y +RSA PRIV OP KEY QT = Y ; ; Supported crypto algorithms of the 'qat' crypto driver. diff --git a/doc/guides/rel_notes/release_19_11.rst b/doc/guides/rel_notes/release_19_11.rst index e081fb1..730b198 100644 --- a/doc/guides/rel_notes/release_19_11.rst +++ b/doc/guides/rel_notes/release_19_11.rst @@ -91,6 +91,8 @@ New Features Added support for RSA algorithm with pair (n, d) private key representation. + Added support for RSA algorithm with quintuple private key representation. + * **Added cryptodev API to use asymmetric session-less operation.** Added session-less option to cryptodev asymmetric API. It works the same way diff --git a/drivers/common/qat/qat_adf/qat_pke_functionality_arrays.h b/drivers/common/qat/qat_adf/qat_pke_functionality_arrays.h index 4f857b9..4921e0c 100644 --- a/drivers/common/qat/qat_adf/qat_pke_functionality_arrays.h +++ b/drivers/common/qat/qat_adf/qat_pke_functionality_arrays.h @@ -67,4 +67,13 @@ static const uint32_t RSA_MODEXP_DEC_IDS[][2] = { { 4096, PKE_RSA_DP1_4096 }, }; +static const uint32_t RSA_MODEXP_DEC_CRT_IDS[][2] = { + { 512, PKE_RSA_DP2_512 }, + { 1024, PKE_RSA_DP2_1024 }, + { 1536, PKE_RSA_DP2_1536 }, + { 2048, PKE_RSA_DP2_2048 }, + { 3072, PKE_RSA_DP2_3072 }, + { 4096, PKE_RSA_DP2_4096 }, +}; + #endif diff --git a/drivers/crypto/qat/qat_asym.c b/drivers/crypto/qat/qat_asym.c index 8985270..92e4c9c 100644 --- a/drivers/crypto/qat/qat_asym.c +++ b/drivers/crypto/qat/qat_asym.c @@ -354,8 +354,65 @@ qat_asym_fill_arrays(struct rte_crypto_asym_op *asym_op, } if (xform->rsa.key_type == RTE_RSA_KET_TYPE_QT) { - QAT_LOG(ERR, "RSA CRT not implemented"); - return QAT_ASYM_ERROR_INVALID_PARAM; + + qat_req->input_param_count = + QAT_ASYM_RSA_QT_NUM_IN_PARAMS; + if (qat_asym_get_sz_and_func_id(RSA_MODEXP_DEC_CRT_IDS, + sizeof(RSA_MODEXP_DEC_CRT_IDS)/ + sizeof(*RSA_MODEXP_DEC_CRT_IDS), + &alg_size, &func_id)) { + return QAT_ASYM_ERROR_INVALID_PARAM; + } + alg_size_in_bytes = alg_size >> 3; + + rte_memcpy(cookie->input_array[1] + + (alg_size_in_bytes >> 1) - + xform->rsa.qt.p.length + , xform->rsa.qt.p.data, + xform->rsa.qt.p.length); + rte_memcpy(cookie->input_array[2] + + (alg_size_in_bytes >> 1) - + xform->rsa.qt.q.length + , xform->rsa.qt.q.data, + xform->rsa.qt.q.length); + rte_memcpy(cookie->input_array[3] + + (alg_size_in_bytes >> 1) - + xform->rsa.qt.dP.length + , xform->rsa.qt.dP.data, + xform->rsa.qt.dP.length); + rte_memcpy(cookie->input_array[4] + + (alg_size_in_bytes >> 1) - + xform->rsa.qt.dQ.length + , xform->rsa.qt.dQ.data, + xform->rsa.qt.dQ.length); + rte_memcpy(cookie->input_array[5] + + (alg_size_in_bytes >> 1) - + xform->rsa.qt.qInv.length + , xform->rsa.qt.qInv.data, + xform->rsa.qt.qInv.length); + cookie->alg_size = alg_size; + qat_req->pke_hdr.cd_pars.func_id = func_id; + +#if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG + QAT_DP_HEXDUMP_LOG(DEBUG, "C", + cookie->input_array[0], + alg_size_in_bytes); + QAT_DP_HEXDUMP_LOG(DEBUG, "p", + cookie->input_array[1], + alg_size_in_bytes); + QAT_DP_HEXDUMP_LOG(DEBUG, "q", + cookie->input_array[2], + alg_size_in_bytes); + QAT_DP_HEXDUMP_LOG(DEBUG, + "dP", cookie->input_array[3], + alg_size_in_bytes); + QAT_DP_HEXDUMP_LOG(DEBUG, + "dQ", cookie->input_array[4], + alg_size_in_bytes); + QAT_DP_HEXDUMP_LOG(DEBUG, + "qInv", cookie->input_array[5], + alg_size_in_bytes); +#endif } else if (xform->rsa.key_type == RTE_RSA_KEY_TYPE_EXP) { if (qat_asym_get_sz_and_func_id( diff --git a/drivers/crypto/qat/qat_asym.h b/drivers/crypto/qat/qat_asym.h index b12a969..a8e86e6 100644 --- a/drivers/crypto/qat/qat_asym.h +++ b/drivers/crypto/qat/qat_asym.h @@ -26,6 +26,7 @@ typedef uint64_t large_int_ptr; #define QAT_ASYM_MODEXP_NUM_OUT_PARAMS 1 #define QAT_ASYM_RSA_NUM_IN_PARAMS 3 #define QAT_ASYM_RSA_NUM_OUT_PARAMS 1 +#define QAT_ASYM_RSA_QT_NUM_IN_PARAMS 6 struct qat_asym_op_cookie { size_t alg_size; diff --git a/drivers/crypto/qat/qat_asym_pmd.c b/drivers/crypto/qat/qat_asym_pmd.c index 78fc2d7..c8a52b6 100644 --- a/drivers/crypto/qat/qat_asym_pmd.c +++ b/drivers/crypto/qat/qat_asym_pmd.c @@ -272,7 +272,8 @@ qat_asym_dev_create(struct qat_pci_device *qat_pci_dev) cryptodev->feature_flags = RTE_CRYPTODEV_FF_ASYMMETRIC_CRYPTO | RTE_CRYPTODEV_FF_HW_ACCELERATED | RTE_CRYPTODEV_FF_ASYM_SESSIONLESS | - RTE_CRYPTODEV_FF_RSA_PRIV_OP_KEY_EXP; + RTE_CRYPTODEV_FF_RSA_PRIV_OP_KEY_EXP | + RTE_CRYPTODEV_FF_RSA_PRIV_OP_KEY_QT; internals = cryptodev->data->dev_private; internals->qat_dev = qat_pci_dev; qat_pci_dev->asym_dev = internals; From patchwork Fri Oct 11 10:03:38 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Arkadiusz Kusztal X-Patchwork-Id: 60960 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@dpdk.org Delivered-To: patchwork@dpdk.org Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id DFAFD1EAA2; Fri, 11 Oct 2019 12:06:41 +0200 (CEST) Received: from mga11.intel.com (mga11.intel.com [192.55.52.93]) by dpdk.org (Postfix) with ESMTP id 348DF1EA35 for ; Fri, 11 Oct 2019 12:06:39 +0200 (CEST) X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by fmsmga102.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 11 Oct 2019 03:06:38 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.67,283,1566889200"; d="scan'208";a="207398920" Received: from akusztax-mobl.ger.corp.intel.com ([10.104.14.168]) by fmsmga001.fm.intel.com with ESMTP; 11 Oct 2019 03:06:37 -0700 From: Arek Kusztal To: dev@dpdk.org Cc: akhil.goyal@nxp.com, fiona.trahe@intel.com, Arek Kusztal Date: Fri, 11 Oct 2019 12:03:38 +0200 Message-Id: <20191011100339.12912-5-arkadiuszx.kusztal@intel.com> X-Mailer: git-send-email 2.19.1.windows.1 In-Reply-To: <20191011100339.12912-1-arkadiuszx.kusztal@intel.com> References: <20191011100339.12912-1-arkadiuszx.kusztal@intel.com> MIME-Version: 1.0 Subject: [dpdk-dev] [PATCH v2 4/5] test/crypto: add sessionless to asymmetric mod exp X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" This commmit adds asymmetric sessionless tests to mod exp int test_cryptodev test file Signed-off-by: Arek Kusztal --- app/test/test_cryptodev_asym.c | 73 ++++++++++++++++++++++++++++-------------- 1 file changed, 49 insertions(+), 24 deletions(-) diff --git a/app/test/test_cryptodev_asym.c b/app/test/test_cryptodev_asym.c index e8177e7..31d8bfa 100644 --- a/app/test/test_cryptodev_asym.c +++ b/app/test/test_cryptodev_asym.c @@ -283,7 +283,7 @@ test_cryptodev_asym_ver(union test_case_structure *data_tc, static int test_cryptodev_asym_op(struct crypto_testsuite_params *ts_params, union test_case_structure *data_tc, - char *test_msg) + char *test_msg, int sessionless) { struct rte_crypto_asym_op *asym_op = NULL; struct rte_crypto_op *op = NULL; @@ -382,27 +382,31 @@ test_cryptodev_asym_op(struct crypto_testsuite_params *ts_params, goto error_exit; } - sess = rte_cryptodev_asym_session_create(ts_params->session_mpool); - if (!sess) { - snprintf(test_msg, ASYM_TEST_MSG_LEN, - "line %u " - "FAILED: %s", __LINE__, - "Session creation failed"); - status = TEST_FAILED; - goto error_exit; - } - - if (rte_cryptodev_asym_session_init(dev_id, sess, &xform_tc, - ts_params->session_mpool) < 0) { - snprintf(test_msg, ASYM_TEST_MSG_LEN, - "line %u FAILED: %s", - __LINE__, "unabled to config sym session"); - status = TEST_FAILED; - goto error_exit; - } + if (!sessionless) { + sess = rte_cryptodev_asym_session_create(ts_params->session_mpool); + if (!sess) { + snprintf(test_msg, ASYM_TEST_MSG_LEN, + "line %u " + "FAILED: %s", __LINE__, + "Session creation failed"); + status = TEST_FAILED; + goto error_exit; + } - rte_crypto_op_attach_asym_session(op, sess); + if (rte_cryptodev_asym_session_init(dev_id, sess, &xform_tc, + ts_params->session_mpool) < 0) { + snprintf(test_msg, ASYM_TEST_MSG_LEN, + "line %u FAILED: %s", + __LINE__, "unabled to config sym session"); + status = TEST_FAILED; + goto error_exit; + } + rte_crypto_op_attach_asym_session(op, sess); + } else { + asym_op->xform = &xform_tc; + op->sess_type = RTE_CRYPTO_OP_SESSIONLESS; + } RTE_LOG(DEBUG, USER1, "Process ASYM operation"); /* Process crypto operation */ @@ -433,7 +437,10 @@ test_cryptodev_asym_op(struct crypto_testsuite_params *ts_params, goto error_exit; } - snprintf(test_msg, ASYM_TEST_MSG_LEN, "PASS"); + if (!sessionless) + snprintf(test_msg, ASYM_TEST_MSG_LEN, "PASS"); + else + snprintf(test_msg, ASYM_TEST_MSG_LEN, "SESSIONLESS PASS"); error_exit: if (sess != NULL) { @@ -451,7 +458,7 @@ test_cryptodev_asym_op(struct crypto_testsuite_params *ts_params, } static int -test_one_case(const void *test_case) +test_one_case(const void *test_case, int sessionless) { int status = TEST_SUCCESS; char test_msg[ASYM_TEST_MSG_LEN + 1]; @@ -460,7 +467,8 @@ test_one_case(const void *test_case) union test_case_structure tc; memcpy(&tc, test_case, sizeof(tc)); - status = test_cryptodev_asym_op(&testsuite_params, &tc, test_msg); + status = test_cryptodev_asym_op(&testsuite_params, &tc, test_msg, + sessionless); printf(" %u) TestCase %s %s\n", test_index++, tc.modex.description, test_msg); @@ -501,14 +509,31 @@ static int test_one_by_one(void) { int status = TEST_SUCCESS; + struct crypto_testsuite_params *ts_params = &testsuite_params; uint32_t i = 0; + uint8_t dev_id = ts_params->valid_devs[0]; + struct rte_cryptodev_info dev_info; + int sessionless = 0; + + rte_cryptodev_info_get(dev_id, &dev_info); + if ((dev_info.feature_flags & + RTE_CRYPTODEV_FF_ASYM_SESSIONLESS)) { + sessionless = 1; + } /* Go through all test cases */ test_index = 0; for (i = 0; i < test_vector.size; i++) { - if (test_one_case(test_vector.address[i]) != TEST_SUCCESS) + if (test_one_case(test_vector.address[i], 0) != TEST_SUCCESS) status = TEST_FAILED; } + if (sessionless) { + for (i = 0; i < test_vector.size; i++) { + if (test_one_case(test_vector.address[i], 1) + != TEST_SUCCESS) + status = TEST_FAILED; + } + } TEST_ASSERT_EQUAL(status, 0, "Test failed"); return status; From patchwork Fri Oct 11 10:03:39 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Arkadiusz Kusztal X-Patchwork-Id: 60961 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@dpdk.org Delivered-To: patchwork@dpdk.org Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id 7C20E1EAAE; Fri, 11 Oct 2019 12:06:45 +0200 (CEST) Received: from mga11.intel.com (mga11.intel.com [192.55.52.93]) by dpdk.org (Postfix) with ESMTP id 8D4611EAAE for ; Fri, 11 Oct 2019 12:06:43 +0200 (CEST) X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by fmsmga102.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 11 Oct 2019 03:06:43 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.67,283,1566889200"; d="scan'208";a="207398937" Received: from akusztax-mobl.ger.corp.intel.com ([10.104.14.168]) by fmsmga001.fm.intel.com with ESMTP; 11 Oct 2019 03:06:39 -0700 From: Arek Kusztal To: dev@dpdk.org Cc: akhil.goyal@nxp.com, fiona.trahe@intel.com, Arek Kusztal Date: Fri, 11 Oct 2019 12:03:39 +0200 Message-Id: <20191011100339.12912-6-arkadiuszx.kusztal@intel.com> X-Mailer: git-send-email 2.19.1.windows.1 In-Reply-To: <20191011100339.12912-1-arkadiuszx.kusztal@intel.com> References: <20191011100339.12912-1-arkadiuszx.kusztal@intel.com> MIME-Version: 1.0 Subject: [dpdk-dev] [PATCH v2 5/5] test/crypto: add rsa tests to qat X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" This commit adds RSA tests to Intel QuickAssist Technology pmd test suite Signed-off-by: Arek Kusztal --- app/test/test_cryptodev_asym.c | 115 ++++++++++++++-- app/test/test_cryptodev_rsa_test_vectors.h | 213 +++++++++++++++++++++++++++++ 2 files changed, 313 insertions(+), 15 deletions(-) diff --git a/app/test/test_cryptodev_asym.c b/app/test/test_cryptodev_asym.c index 31d8bfa..66d0ec5 100644 --- a/app/test/test_cryptodev_asym.c +++ b/app/test/test_cryptodev_asym.c @@ -54,6 +54,7 @@ struct crypto_unittest_params { union test_case_structure { struct modex_test_data modex; struct modinv_test_data modinv; + struct rsa_test_data_2 rsa_data; }; struct test_cases_array { @@ -246,10 +247,12 @@ queue_ops_rsa_enc_dec(struct rte_cryptodev_asym_session *sess) return status; } static int -test_cryptodev_asym_ver(union test_case_structure *data_tc, - struct rte_crypto_op *result_op) +test_cryptodev_asym_ver(struct rte_crypto_op *op, + struct rte_crypto_asym_xform *xform_tc, + union test_case_structure *data_tc, + struct rte_crypto_op *result_op) { - int status = TEST_SUCCESS; + int status = TEST_FAILED; int ret = 0; uint8_t *data_expected = NULL, *data_received = NULL; size_t data_size = 0; @@ -265,17 +268,29 @@ test_cryptodev_asym_ver(union test_case_structure *data_tc, data_received = result_op->asym->modinv.result.data; data_size = result_op->asym->modinv.result.length; break; + case RTE_CRYPTO_ASYM_XFORM_RSA: + if (op->asym->rsa.op_type == RTE_CRYPTO_ASYM_OP_ENCRYPT) { + data_size = xform_tc->rsa.n.length; + data_received = result_op->asym->rsa.cipher.data; + data_expected = data_tc->rsa_data.ct.data; + } else if (op->asym->rsa.op_type == RTE_CRYPTO_ASYM_OP_DECRYPT) { + data_size = xform_tc->rsa.n.length; + data_expected = data_tc->rsa_data.pt.data; + data_received = result_op->asym->rsa.message.data; + while (*data_received == 0 && data_size--) + data_received++; + } + break; case RTE_CRYPTO_ASYM_XFORM_DH: case RTE_CRYPTO_ASYM_XFORM_DSA: - case RTE_CRYPTO_ASYM_XFORM_RSA: case RTE_CRYPTO_ASYM_XFORM_NONE: case RTE_CRYPTO_ASYM_XFORM_UNSPECIFIED: default: break; } ret = memcmp(data_expected, data_received, data_size); - if (ret) - status = TEST_FAILED; + if (!ret && data_size) + status = TEST_SUCCESS; return status; } @@ -283,7 +298,8 @@ test_cryptodev_asym_ver(union test_case_structure *data_tc, static int test_cryptodev_asym_op(struct crypto_testsuite_params *ts_params, union test_case_structure *data_tc, - char *test_msg, int sessionless) + char *test_msg, int sessionless, enum rte_crypto_asym_op_type type, + enum rte_crypto_rsa_priv_key_type key_type) { struct rte_crypto_asym_op *asym_op = NULL; struct rte_crypto_op *op = NULL; @@ -368,9 +384,44 @@ test_cryptodev_asym_op(struct crypto_testsuite_params *ts_params, goto error_exit; } break; + case RTE_CRYPTO_ASYM_XFORM_RSA: + result = rte_zmalloc(NULL, data_tc->rsa_data.n.len, 0); + op->asym->rsa.op_type = type; + xform_tc.rsa.e.data = data_tc->rsa_data.e.data; + xform_tc.rsa.e.length = data_tc->rsa_data.e.len; + xform_tc.rsa.d.data = data_tc->rsa_data.d.data; + xform_tc.rsa.d.length = data_tc->rsa_data.d.len; + xform_tc.rsa.n.data = data_tc->rsa_data.n.data; + xform_tc.rsa.n.length = data_tc->rsa_data.n.len; + + xform_tc.rsa.qt.p.data = data_tc->rsa_data.p.data; + xform_tc.rsa.qt.p.length = data_tc->rsa_data.p.len; + xform_tc.rsa.qt.q.data = data_tc->rsa_data.q.data; + xform_tc.rsa.qt.q.length = data_tc->rsa_data.q.len; + xform_tc.rsa.qt.dP.data = data_tc->rsa_data.dP.data; + xform_tc.rsa.qt.dP.length = data_tc->rsa_data.dP.len; + xform_tc.rsa.qt.dQ.data = data_tc->rsa_data.dQ.data; + xform_tc.rsa.qt.dQ.length = data_tc->rsa_data.dQ.len; + xform_tc.rsa.qt.qInv.data = data_tc->rsa_data.qInv.data; + xform_tc.rsa.qt.qInv.length = data_tc->rsa_data.qInv.len; + + xform_tc.rsa.key_type = key_type; + op->asym->rsa.pad = data_tc->rsa_data.padding; + + if (op->asym->rsa.op_type == RTE_CRYPTO_ASYM_OP_ENCRYPT) { + asym_op->rsa.message.data = data_tc->rsa_data.pt.data; + asym_op->rsa.message.length = data_tc->rsa_data.pt.len; + asym_op->rsa.cipher.data = result; + asym_op->rsa.cipher.length = data_tc->rsa_data.n.len; + } else if (op->asym->rsa.op_type == RTE_CRYPTO_ASYM_OP_DECRYPT) { + asym_op->rsa.message.data = result; + asym_op->rsa.message.length = data_tc->rsa_data.n.len; + asym_op->rsa.cipher.data = data_tc->rsa_data.ct.data; + asym_op->rsa.cipher.length = data_tc->rsa_data.ct.len; + } + break; case RTE_CRYPTO_ASYM_XFORM_DH: case RTE_CRYPTO_ASYM_XFORM_DSA: - case RTE_CRYPTO_ASYM_XFORM_RSA: case RTE_CRYPTO_ASYM_XFORM_NONE: case RTE_CRYPTO_ASYM_XFORM_UNSPECIFIED: default: @@ -429,7 +480,7 @@ test_cryptodev_asym_op(struct crypto_testsuite_params *ts_params, goto error_exit; } - if (test_cryptodev_asym_ver(data_tc, result_op) != TEST_SUCCESS) { + if (test_cryptodev_asym_ver(op, &xform_tc, data_tc, result_op) != TEST_SUCCESS) { snprintf(test_msg, ASYM_TEST_MSG_LEN, "line %u FAILED: %s", __LINE__, "Verification failed "); @@ -460,18 +511,41 @@ test_cryptodev_asym_op(struct crypto_testsuite_params *ts_params, static int test_one_case(const void *test_case, int sessionless) { - int status = TEST_SUCCESS; + int status = TEST_SUCCESS, i = 0; char test_msg[ASYM_TEST_MSG_LEN + 1]; /* Map the case to union */ union test_case_structure tc; memcpy(&tc, test_case, sizeof(tc)); - status = test_cryptodev_asym_op(&testsuite_params, &tc, test_msg, - sessionless); - - printf(" %u) TestCase %s %s\n", test_index++, - tc.modex.description, test_msg); + if (tc.modex.xform_type == RTE_CRYPTO_ASYM_XFORM_MODEX + || tc.modex.xform_type == RTE_CRYPTO_ASYM_XFORM_MODINV) { + status = test_cryptodev_asym_op(&testsuite_params, &tc, test_msg, + sessionless, 0, 0); + printf(" %u) TestCase %s %s\n", test_index++, + tc.modex.description, test_msg); + } else { + for (i = 0; i < RTE_CRYPTO_ASYM_OP_LIST_END; i++) { + if (tc.modex.xform_type == RTE_CRYPTO_ASYM_XFORM_RSA) { + if (tc.rsa_data.op_type_flags & (1 << i)) { + if (tc.rsa_data.key_exp) + status = test_cryptodev_asym_op( + &testsuite_params, &tc, + test_msg, sessionless, i, + RTE_RSA_KEY_TYPE_EXP); + if (tc.rsa_data.key_qt && (i == + RTE_CRYPTO_ASYM_OP_DECRYPT || + i == RTE_CRYPTO_ASYM_OP_SIGN)) + status = test_cryptodev_asym_op( + &testsuite_params, + &tc, test_msg, sessionless, i, + RTE_RSA_KET_TYPE_QT); + } + } + } + printf(" %u) TestCase %s %s\n", test_index++, + tc.modex.description, test_msg); + } return status; } @@ -502,6 +576,17 @@ load_test_vectors(void) test_vector.address[test_vector.size] = &modinv_test_case[i]; test_vector.size++; } + /* Load RSA vector*/ + v_size = ARRAY_SIZE(rsa_test_case_list); + for (i = 0; i < v_size; i++) { + if (test_vector.size >= (TEST_VECTOR_SIZE)) { + RTE_LOG(DEBUG, USER1, + "TEST_VECTOR_SIZE too small\n"); + return -1; + } + test_vector.address[test_vector.size] = &rsa_test_case_list[i]; + test_vector.size++; + } return 0; } diff --git a/app/test/test_cryptodev_rsa_test_vectors.h b/app/test/test_cryptodev_rsa_test_vectors.h index 0dc0375..4545d4d 100644 --- a/app/test/test_cryptodev_rsa_test_vectors.h +++ b/app/test/test_cryptodev_rsa_test_vectors.h @@ -5,10 +5,223 @@ #ifndef TEST_CRYPTODEV_RSA_TEST_VECTORS_H__ #define TEST_CRYPTODEV_RSA_TEST_VECTORS_H__ +#include + #include "rte_crypto_asym.h" #define TEST_DATA_SIZE 4096 +struct rsa_test_data_2 { + enum rte_crypto_asym_xform_type xform_type; + const char *description; + uint64_t op_type_flags; + struct { + uint8_t data[DATA_SIZE]; + uint16_t len; + } pt; + struct { + uint8_t data[DATA_SIZE]; + uint16_t len; + } ct; + struct { + uint8_t data[DATA_SIZE]; + uint16_t len; + } sign; + struct { + uint8_t data[DATA_SIZE]; + uint16_t len; + } e; + struct { + uint8_t data[DATA_SIZE]; + uint16_t len; + } d; + struct { + uint8_t data[DATA_SIZE]; + uint16_t len; + } n; + struct { + uint8_t data[DATA_SIZE]; + uint16_t len; + } p; + struct { + uint8_t data[DATA_SIZE]; + uint16_t len; + } q; + struct { + uint8_t data[DATA_SIZE]; + uint16_t len; + } dP; + struct { + uint8_t data[DATA_SIZE]; + uint16_t len; + } dQ; + struct { + uint8_t data[DATA_SIZE]; + uint16_t len; + } qInv; + + uint16_t result_len; + enum rte_crypto_rsa_padding_type padding; + int key_exp; + int key_qt; +}; + +static const struct +rsa_test_data_2 rsa_test_case_list[] = { + { + .description = "RSA Encryption Decryption " + "(n=128, pt=20, e=3) EXP, QT", + .xform_type = RTE_CRYPTO_ASYM_XFORM_RSA, + .op_type_flags = 1UL << RTE_CRYPTO_ASYM_OP_ENCRYPT | + 1UL << RTE_CRYPTO_ASYM_OP_DECRYPT, + .pt = { + .data = { + 0xf8, 0xba, 0x1a, 0x55, 0xd0, 0x2f, 0x85, 0xae, + 0x96, 0x7b, 0xb6, 0x2f, 0xb6, 0xcd, 0xa8, 0xeb, + 0x7e, 0x78, 0xa0, 0x50 + }, + .len = 20, + }, + .ct = { + .data = { + 0x2C, 0x60, 0x75, 0x45, 0x98, 0x9D, 0xE0, 0x72, + 0xA0, 0x9D, 0x3A, 0x9E, 0x03, 0x38, 0x73, 0x3C, + 0x31, 0x83, 0x04, 0xFE, 0x75, 0x43, 0xE6, 0x17, + 0x5C, 0x01, 0x29, 0x51, 0x69, 0x33, 0x62, 0x2D, + 0x78, 0xBE, 0xAE, 0xC4, 0xBC, 0xDE, 0x7E, 0x2C, + 0x77, 0x84, 0xF2, 0xC5, 0x14, 0xB5, 0x2F, 0xF7, + 0xC5, 0x94, 0xEF, 0x86, 0x75, 0x75, 0xB5, 0x11, + 0xE5, 0x0E, 0x0A, 0x29, 0x76, 0xE2, 0xEA, 0x32, + 0x0E, 0x43, 0x77, 0x7E, 0x2C, 0x27, 0xAC, 0x3B, + 0x86, 0xA5, 0xDB, 0xC9, 0x48, 0x40, 0xE8, 0x99, + 0x9A, 0x0A, 0x3D, 0xD6, 0x74, 0xFA, 0x2E, 0x2E, + 0x5B, 0xAF, 0x8C, 0x99, 0x44, 0x2A, 0x67, 0x38, + 0x27, 0x41, 0x59, 0x9D, 0xB8, 0x51, 0xC9, 0xF7, + 0x43, 0x61, 0x31, 0x6E, 0xF1, 0x25, 0x38, 0x7F, + 0xAE, 0xC6, 0xD0, 0xBB, 0x29, 0x76, 0x3F, 0x46, + 0x2E, 0x1B, 0xE4, 0x67, 0x71, 0xE3, 0x87, 0x5A + }, + .len = 128, + }, + .e = { + .data = { + 0x01, 0x00, 0x01 + }, + .len = 3, + }, + .d = { + .data = { + 0x24, 0xd7, 0xea, 0xf4, 0x7f, 0xe0, 0xca, 0x31, + 0x4d, 0xee, 0xc4, 0xa1, 0xbe, 0xab, 0x06, 0x61, + 0x32, 0xe7, 0x51, 0x46, 0x27, 0xdf, 0x72, 0xe9, + 0x6f, 0xa8, 0x4c, 0xd1, 0x26, 0xef, 0x65, 0xeb, + 0x67, 0xff, 0x5f, 0xa7, 0x3b, 0x25, 0xb9, 0x08, + 0x8e, 0xa0, 0x47, 0x56, 0xe6, 0x8e, 0xf9, 0xd3, + 0x18, 0x06, 0x3d, 0xc6, 0xb1, 0xf8, 0xdc, 0x1b, + 0x8d, 0xe5, 0x30, 0x54, 0x26, 0xac, 0x16, 0x3b, + 0x7b, 0xad, 0x46, 0x9e, 0x21, 0x6a, 0x57, 0xe6, + 0x81, 0x56, 0x1d, 0x2a, 0xc4, 0x39, 0x63, 0x67, + 0x81, 0x2c, 0xca, 0xcc, 0xf8, 0x42, 0x04, 0xbe, + 0xcf, 0x8f, 0x6c, 0x5b, 0x81, 0x46, 0xb9, 0xc7, + 0x62, 0x90, 0x87, 0x35, 0x03, 0x9b, 0x89, 0xcb, + 0x37, 0xbd, 0xf1, 0x1b, 0x99, 0xa1, 0x9a, 0x78, + 0xd5, 0x4c, 0xdd, 0x3f, 0x41, 0x0c, 0xb7, 0x1a, + 0xd9, 0x7b, 0x87, 0x5f, 0xbe, 0xb1, 0x83, 0x41 + }, + .len = 128, + }, + .n = { + .data = { + 0xb3, 0xa1, 0xaf, 0xb7, 0x13, 0x08, 0x00, 0x0a, + 0x35, 0xdc, 0x2b, 0x20, 0x8d, 0xa1, 0xb5, 0xce, + 0x47, 0x8a, 0xc3, 0x80, 0xf4, 0x7d, 0x4a, 0xa2, + 0x62, 0xfd, 0x61, 0x7f, 0xb5, 0xa8, 0xde, 0x0a, + 0x17, 0x97, 0xa0, 0xbf, 0xdf, 0x56, 0x5a, 0x3d, + 0x51, 0x56, 0x4f, 0x70, 0x70, 0x3f, 0x63, 0x6a, + 0x44, 0x5b, 0xad, 0x84, 0x0d, 0x3f, 0x27, 0x6e, + 0x3b, 0x34, 0x91, 0x60, 0x14, 0xb9, 0xaa, 0x72, + 0xfd, 0xa3, 0x64, 0xd2, 0x03, 0xa7, 0x53, 0x87, + 0x9e, 0x88, 0x0b, 0xc1, 0x14, 0x93, 0x1a, 0x62, + 0xff, 0xb1, 0x5d, 0x74, 0xcd, 0x59, 0x63, 0x18, + 0x11, 0x3d, 0x4f, 0xba, 0x75, 0xd4, 0x33, 0x4e, + 0x23, 0x6b, 0x7b, 0x57, 0x44, 0xe1, 0xd3, 0x03, + 0x13, 0xa6, 0xf0, 0x8b, 0x60, 0xb0, 0x9e, 0xee, + 0x75, 0x08, 0x9d, 0x71, 0x63, 0x13, 0xcb, 0xa6, + 0x81, 0x92, 0x14, 0x03, 0x22, 0x2d, 0xde, 0x55 + }, + .len = 128, + }, + .p = { + .data = { + 0xdc, 0xba, 0x00, 0x01, 0x57, 0x93, 0xe3, 0x05, + 0xed, 0x61, 0x9a, 0xa3, 0xaf, 0x6a, 0xd3, 0x47, + 0x8f, 0x2d, 0x1e, 0x7f, 0x4d, 0x60, 0xc8, 0x8d, + 0x34, 0xb8, 0x17, 0x84, 0xbc, 0xd4, 0xe9, 0x79, + 0x95, 0x75, 0x19, 0x37, 0xe0, 0xcc, 0xfe, 0x4c, + 0x5d, 0x49, 0x53, 0x61, 0x29, 0xf1, 0xdc, 0x82, + 0x03, 0x96, 0x7d, 0x95, 0x4f, 0xdd, 0x3c, 0x0a, + 0x64, 0x8a, 0x43, 0x2f, 0x95, 0x4a, 0xed, 0xdd + }, + .len = 64, + }, + .q = { + .data = { + 0xd0, 0x56, 0x7a, 0x0a, 0xd5, 0x95, 0xa4, 0x85, + 0x53, 0x35, 0xa1, 0x48, 0x07, 0x6a, 0x7c, 0x08, + 0xe0, 0xfd, 0x4b, 0x88, 0x77, 0xa6, 0x15, 0x23, + 0x0f, 0xbf, 0x14, 0x46, 0x11, 0xee, 0x95, 0xc7, + 0x5e, 0x77, 0x65, 0xa2, 0xb5, 0x50, 0xdf, 0x19, + 0x07, 0xc7, 0x72, 0xdb, 0x29, 0xf6, 0x54, 0x86, + 0xe1, 0xb3, 0x97, 0x0a, 0x28, 0x64, 0x3a, 0x38, + 0xa6, 0x7d, 0x13, 0xc3, 0x79, 0xaa, 0x56, 0xd9 + }, + .len = 64, + }, + .dP = { + .data = { + 0xc5, 0x43, 0x0d, 0x82, 0x25, 0x8c, 0xab, 0x55, + 0xbe, 0xc2, 0x7d, 0xfb, 0x4f, 0x68, 0x3f, 0x0e, + 0x32, 0xec, 0xf5, 0xd6, 0x7b, 0x86, 0xc5, 0x75, + 0x3c, 0xea, 0x51, 0x4a, 0x75, 0xa0, 0x2a, 0x50, + 0x58, 0xbb, 0xe0, 0x1f, 0xca, 0x2e, 0x2a, 0x0e, + 0x81, 0x48, 0x68, 0xd5, 0xeb, 0x30, 0x96, 0x0b, + 0x33, 0xbd, 0xa8, 0xda, 0x6a, 0x17, 0xa3, 0xf2, + 0xfd, 0xcb, 0x7b, 0x23, 0xe9, 0x5e, 0x9f, 0x99 + }, + .len = 64, + }, + .dQ = { + .data = { + 0xbe, 0xff, 0xf9, 0x05, 0x43, 0xc8, 0xdc, 0x3b, + 0x0b, 0x0d, 0x28, 0xde, 0x73, 0x46, 0x11, 0x8e, + 0xc6, 0x4e, 0x11, 0xd8, 0x7b, 0xf0, 0xfc, 0x81, + 0xd7, 0x66, 0xd3, 0xbc, 0x65, 0xa6, 0x39, 0x14, + 0xbd, 0xab, 0x72, 0xb7, 0x57, 0xc9, 0x5b, 0xaf, + 0x83, 0xed, 0x3b, 0x84, 0x68, 0x15, 0x18, 0x6b, + 0x4c, 0x32, 0xac, 0x6f, 0x38, 0x96, 0xa2, 0xb5, + 0xdb, 0x14, 0xe2, 0x70, 0x9c, 0x73, 0x29, 0x09 + }, + .len = 64, + }, + .qInv = { + .data = { + 0x59, 0xbd, 0xb1, 0x37, 0xeb, 0x4e, 0xcf, 0x68, + 0xe7, 0x85, 0x91, 0xbb, 0xc0, 0xdb, 0x8e, 0x41, + 0x91, 0x4a, 0xc0, 0xb1, 0xc5, 0xe8, 0x91, 0xf6, + 0xc7, 0x5a, 0x98, 0x1a, 0x8a, 0x0f, 0x45, 0xb2, + 0x5b, 0xff, 0x7a, 0x2d, 0x98, 0x89, 0x55, 0xd9, + 0xbf, 0x6e, 0xdd, 0x2d, 0xd4, 0xe8, 0x0a, 0xaa, + 0xae, 0x2a, 0xc4, 0x16, 0xb5, 0xba, 0xe1, 0x69, + 0x71, 0x94, 0xdd, 0xa0, 0xf5, 0x1e, 0x6d, 0xcc + }, + .len = 64, + }, + .padding = RTE_CRYPTO_RSA_PADDING_NONE, + .key_exp = 1, + .key_qt = 1, + } +}; + struct rsa_test_data { uint8_t data[TEST_DATA_SIZE]; unsigned int len;