lib/cryptodev: move RSA padding information into xform

Message ID 72c136279aae9b1348715aba776c8e4a7cd4f900.1684341299.git.gmuthukrishn@marvell.com (mailing list archive)
State Deferred
Delegated to: akhil goyal
Headers
Series lib/cryptodev: move RSA padding information into xform |

Checks

Context Check Description
ci/checkpatch success coding style OK
ci/loongarch-compilation warning apply patch failure
ci/Intel-compilation warning apply issues
ci/iol-testing warning apply patch failure
ci/github-robot: build success github build: passed

Commit Message

Gowrishankar Muthukrishnan May 17, 2023, 4:52 p.m. UTC
  RSA padding information could be a xform entity rather than part of
crypto op, as it seems associated with hashing algorithm used for
the entire crypto session, where this algorithm is used in message
digest itself. Even in virtIO standard spec, this info is associated
in the asymmetric session creation. Hence, moving this info from
crypto op into xform structure.

Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
---
 app/test/test_cryptodev_asym.c               |  6 +--
 app/test/test_cryptodev_rsa_test_vectors.h   |  2 +
 drivers/common/cpt/cpt_ucode_asym.h          |  4 +-
 drivers/crypto/cnxk/cnxk_ae.h                | 13 +++--
 drivers/crypto/octeontx/otx_cryptodev_ops.c  |  4 +-
 drivers/crypto/openssl/openssl_pmd_private.h |  1 +
 drivers/crypto/openssl/rte_openssl_pmd.c     |  4 +-
 drivers/crypto/openssl/rte_openssl_pmd_ops.c |  1 +
 drivers/crypto/qat/qat_asym.c                | 17 ++++---
 examples/fips_validation/main.c              | 52 +++++++++++---------
 lib/cryptodev/rte_crypto_asym.h              |  6 +--
 11 files changed, 59 insertions(+), 51 deletions(-)
  

Comments

Arkadiusz Kusztal June 1, 2023, 6:40 p.m. UTC | #1
> -----Original Message-----
> From: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
> Sent: Wednesday, May 17, 2023 6:53 PM
> To: dev@dpdk.org
> Cc: anoobj@marvell.com; Akhil Goyal <gakhil@marvell.com>; Fan Zhang
> <fanzhang.oss@gmail.com>; Ankur Dwivedi <adwivedi@marvell.com>; Tejasree
> Kondoj <ktejasree@marvell.com>; Ji, Kai <kai.ji@intel.com>; Dooley, Brian
> <brian.dooley@intel.com>; Gowrishankar Muthukrishnan
> <gmuthukrishn@marvell.com>
> Subject: [PATCH] lib/cryptodev: move RSA padding information into xform
> 
> RSA padding information could be a xform entity rather than part of crypto op,
> as it seems associated with hashing algorithm used for the entire crypto session,
> where this algorithm is used in message digest itself. Even in virtIO standard
> spec, this info is associated in the asymmetric session creation. Hence, moving
> this info from crypto op into xform structure.

With the current approach in with-session mode, we set the key in the PMD only once and use it in different configurations.
In the case where padding is a session parameter, we need to have a session for all padding variations, duplicating the private key occurrences in memory for this reason only.

> 
> Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
> ---
>  app/test/test_cryptodev_asym.c               |  6 +--
>  app/test/test_cryptodev_rsa_test_vectors.h   |  2 +
>  drivers/common/cpt/cpt_ucode_asym.h          |  4 +-
>  drivers/crypto/cnxk/cnxk_ae.h                | 13 +++--
>  drivers/crypto/octeontx/otx_cryptodev_ops.c  |  4 +-
> drivers/crypto/openssl/openssl_pmd_private.h |  1 +
>  drivers/crypto/openssl/rte_openssl_pmd.c     |  4 +-
>  drivers/crypto/openssl/rte_openssl_pmd_ops.c |  1 +
>  drivers/crypto/qat/qat_asym.c                | 17 ++++---
>  examples/fips_validation/main.c              | 52 +++++++++++---------
>  lib/cryptodev/rte_crypto_asym.h              |  6 +--
>  11 files changed, 59 insertions(+), 51 deletions(-)
> 
> diff --git a/app/test/test_cryptodev_asym.c b/app/test/test_cryptodev_asym.c
> index bb4c70deba..1c5114581c 100644
> --- a/app/test/test_cryptodev_asym.c
> +++ b/app/test/test_cryptodev_asym.c
> @@ -92,7 +92,6 @@ queue_ops_rsa_sign_verify(void *sess)
>  	asym_op->rsa.message.length = rsaplaintext.len;
>  	asym_op->rsa.sign.length = RTE_DIM(rsa_n);
>  	asym_op->rsa.sign.data = output_buf;
> -	asym_op->rsa.padding.type = RTE_CRYPTO_RSA_PADDING_PKCS1_5;
> 
>  	debug_hexdump(stdout, "message", asym_op->rsa.message.data,
>  		      asym_op->rsa.message.length);
> @@ -124,7 +123,6 @@ queue_ops_rsa_sign_verify(void *sess)
> 
>  	/* Verify sign */
>  	asym_op->rsa.op_type = RTE_CRYPTO_ASYM_OP_VERIFY;
> -	asym_op->rsa.padding.type = RTE_CRYPTO_RSA_PADDING_PKCS1_5;
> 
>  	/* Process crypto operation */
>  	if (rte_cryptodev_enqueue_burst(dev_id, 0, &op, 1) != 1) { @@ -183,7
> +181,6 @@ queue_ops_rsa_enc_dec(void *sess)
>  	asym_op->rsa.cipher.data = cipher_buf;
>  	asym_op->rsa.cipher.length = RTE_DIM(rsa_n);
>  	asym_op->rsa.message.length = rsaplaintext.len;
> -	asym_op->rsa.padding.type = RTE_CRYPTO_RSA_PADDING_PKCS1_5;
> 
>  	debug_hexdump(stdout, "message", asym_op->rsa.message.data,
>  		      asym_op->rsa.message.length);
> @@ -215,7 +212,6 @@ queue_ops_rsa_enc_dec(void *sess)
>  	asym_op = result_op->asym;
>  	asym_op->rsa.message.length = RTE_DIM(rsa_n);
>  	asym_op->rsa.op_type = RTE_CRYPTO_ASYM_OP_DECRYPT;
> -	asym_op->rsa.padding.type = RTE_CRYPTO_RSA_PADDING_PKCS1_5;
> 
>  	/* Process crypto operation */
>  	if (rte_cryptodev_enqueue_burst(dev_id, 0, &op, 1) != 1) { @@ -412,7
> +408,7 @@ test_cryptodev_asym_op(struct crypto_testsuite_params_asym
> *ts_params,
>  		}
> 
>  		xform_tc.rsa.key_type = key_type;
> -		op->asym->rsa.padding.type = data_tc->rsa_data.padding;
> +		xform_tc.rsa.padding.type = data_tc->rsa_data.padding;
> 
>  		if (op->asym->rsa.op_type ==
> RTE_CRYPTO_ASYM_OP_ENCRYPT) {
>  			asym_op->rsa.message.data = data_tc-
> >rsa_data.pt.data; diff --git a/app/test/test_cryptodev_rsa_test_vectors.h
> b/app/test/test_cryptodev_rsa_test_vectors.h
> index 04539a1ecf..1e05525d4d 100644
> --- a/app/test/test_cryptodev_rsa_test_vectors.h
> +++ b/app/test/test_cryptodev_rsa_test_vectors.h
> @@ -349,6 +349,7 @@ struct rte_crypto_asym_xform rsa_xform = {
>  	.next = NULL,
>  	.xform_type = RTE_CRYPTO_ASYM_XFORM_RSA,
>  	.rsa = {
> +		.padding.type = RTE_CRYPTO_RSA_PADDING_PKCS1_5,
>  		.n = {
>  			.data = rsa_n,
>  			.length = sizeof(rsa_n)
> @@ -370,6 +371,7 @@ struct rte_crypto_asym_xform rsa_xform_crt = {
>  	.next = NULL,
>  	.xform_type = RTE_CRYPTO_ASYM_XFORM_RSA,
>  	.rsa = {
> +		.padding.type = RTE_CRYPTO_RSA_PADDING_PKCS1_5,
>  		.n = {
>  			.data = rsa_n,
>  			.length = sizeof(rsa_n)
> diff --git a/drivers/common/cpt/cpt_ucode_asym.h
> b/drivers/common/cpt/cpt_ucode_asym.h
> index 1105a0c125..42ab0edeea 100644
> --- a/drivers/common/cpt/cpt_ucode_asym.h
> +++ b/drivers/common/cpt/cpt_ucode_asym.h
> @@ -327,7 +327,7 @@ cpt_rsa_prep(struct asym_op_params *rsa_params,
>  	/* Result buffer */
>  	rlen = mod_len;
> 
> -	if (rsa_op.padding.type == RTE_CRYPTO_RSA_PADDING_NONE) {
> +	if (rsa->padding.type == RTE_CRYPTO_RSA_PADDING_NONE) {
>  		/* Use mod_exp operation for no_padding type */
>  		vq_cmd_w0.s.opcode.minor = CPT_MINOR_OP_MODEX;
>  		vq_cmd_w0.s.param2 = exp_len;
> @@ -412,7 +412,7 @@ cpt_rsa_crt_prep(struct asym_op_params *rsa_params,
>  	/* Result buffer */
>  	rlen = mod_len;
> 
> -	if (rsa_op.padding.type == RTE_CRYPTO_RSA_PADDING_NONE) {
> +	if (rsa->padding.type == RTE_CRYPTO_RSA_PADDING_NONE) {
>  		/*Use mod_exp operation for no_padding type */
>  		vq_cmd_w0.s.opcode.minor = CPT_MINOR_OP_MODEX_CRT;
>  	} else {
> diff --git a/drivers/crypto/cnxk/cnxk_ae.h b/drivers/crypto/cnxk/cnxk_ae.h
> index 47f000dd5e..106d38c3bb 100644
> --- a/drivers/crypto/cnxk/cnxk_ae.h
> +++ b/drivers/crypto/cnxk/cnxk_ae.h
> @@ -168,6 +168,9 @@ cnxk_ae_fill_rsa_params(struct cnxk_ae_sess *sess,
>  	rsa->n.length = mod_len;
>  	rsa->e.length = exp_len;
> 
> +	/* Set padding info */
> +	rsa->padding.type = xform->rsa.padding.type;
> +
>  	return 0;
>  }
> 
> @@ -328,7 +331,7 @@ cnxk_ae_rsa_prep(struct rte_crypto_op *op, struct
> roc_ae_buf_ptr *meta_buf,
>  	dptr += in_size;
>  	dlen = total_key_len + in_size;
> 
> -	if (rsa_op.padding.type == RTE_CRYPTO_RSA_PADDING_NONE) {
> +	if (rsa->padding.type == RTE_CRYPTO_RSA_PADDING_NONE) {
>  		/* Use mod_exp operation for no_padding type */
>  		w4.s.opcode_minor = ROC_AE_MINOR_OP_MODEX;
>  		w4.s.param2 = exp_len;
> @@ -383,7 +386,7 @@ cnxk_ae_rsa_exp_prep(struct rte_crypto_op *op, struct
> roc_ae_buf_ptr *meta_buf,
>  	dptr += in_size;
>  	dlen = mod_len + privkey_len + in_size;
> 
> -	if (rsa_op.padding.type == RTE_CRYPTO_RSA_PADDING_NONE) {
> +	if (rsa->padding.type == RTE_CRYPTO_RSA_PADDING_NONE) {
>  		/* Use mod_exp operation for no_padding type */
>  		w4.s.opcode_minor = ROC_AE_MINOR_OP_MODEX;
>  		w4.s.param2 = privkey_len;
> @@ -441,7 +444,7 @@ cnxk_ae_rsa_crt_prep(struct rte_crypto_op *op, struct
> roc_ae_buf_ptr *meta_buf,
>  	dptr += in_size;
>  	dlen = total_key_len + in_size;
> 
> -	if (rsa_op.padding.type == RTE_CRYPTO_RSA_PADDING_NONE) {
> +	if (rsa->padding.type == RTE_CRYPTO_RSA_PADDING_NONE) {
>  		/*Use mod_exp operation for no_padding type */
>  		w4.s.opcode_minor = ROC_AE_MINOR_OP_MODEX_CRT;
>  	} else {
> @@ -836,7 +839,7 @@ cnxk_ae_dequeue_rsa_op(struct rte_crypto_op *cop,
> uint8_t *rptr,
>  		memcpy(rsa->cipher.data, rptr, rsa->cipher.length);
>  		break;
>  	case RTE_CRYPTO_ASYM_OP_DECRYPT:
> -		if (rsa->padding.type == RTE_CRYPTO_RSA_PADDING_NONE) {
> +		if (rsa_ctx->padding.type ==
> RTE_CRYPTO_RSA_PADDING_NONE) {
>  			rsa->message.length = rsa_ctx->n.length;
>  			memcpy(rsa->message.data, rptr, rsa-
> >message.length);
>  		} else {
> @@ -856,7 +859,7 @@ cnxk_ae_dequeue_rsa_op(struct rte_crypto_op *cop,
> uint8_t *rptr,
>  		memcpy(rsa->sign.data, rptr, rsa->sign.length);
>  		break;
>  	case RTE_CRYPTO_ASYM_OP_VERIFY:
> -		if (rsa->padding.type == RTE_CRYPTO_RSA_PADDING_NONE) {
> +		if (rsa_ctx->padding.type ==
> RTE_CRYPTO_RSA_PADDING_NONE) {
>  			rsa->sign.length = rsa_ctx->n.length;
>  			memcpy(rsa->sign.data, rptr, rsa->sign.length);
>  		} else {
> diff --git a/drivers/crypto/octeontx/otx_cryptodev_ops.c
> b/drivers/crypto/octeontx/otx_cryptodev_ops.c
> index 947e1be385..d315dc3237 100644
> --- a/drivers/crypto/octeontx/otx_cryptodev_ops.c
> +++ b/drivers/crypto/octeontx/otx_cryptodev_ops.c
> @@ -708,7 +708,7 @@ otx_cpt_asym_rsa_op(struct rte_crypto_op *cop, struct
> cpt_request_info *req,
>  		memcpy(rsa->cipher.data, req->rptr, rsa->cipher.length);
>  		break;
>  	case RTE_CRYPTO_ASYM_OP_DECRYPT:
> -		if (rsa->padding.type == RTE_CRYPTO_RSA_PADDING_NONE)
> +		if (rsa_ctx->padding.type ==
> RTE_CRYPTO_RSA_PADDING_NONE)
>  			rsa->message.length = rsa_ctx->n.length;
>  		else {
>  			/* Get length of decrypted output */ @@ -725,7 +725,7
> @@ otx_cpt_asym_rsa_op(struct rte_crypto_op *cop, struct cpt_request_info
> *req,
>  		memcpy(rsa->sign.data, req->rptr, rsa->sign.length);
>  		break;
>  	case RTE_CRYPTO_ASYM_OP_VERIFY:
> -		if (rsa->padding.type == RTE_CRYPTO_RSA_PADDING_NONE)
> +		if (rsa_ctx->padding.type ==
> RTE_CRYPTO_RSA_PADDING_NONE)
>  			rsa->sign.length = rsa_ctx->n.length;
>  		else {
>  			/* Get length of decrypted output */ diff --git
> a/drivers/crypto/openssl/openssl_pmd_private.h
> b/drivers/crypto/openssl/openssl_pmd_private.h
> index ed6841e460..a6cc3b0749 100644
> --- a/drivers/crypto/openssl/openssl_pmd_private.h
> +++ b/drivers/crypto/openssl/openssl_pmd_private.h
> @@ -173,6 +173,7 @@ struct openssl_asym_session {
>  	union {
>  		struct rsa {
>  			RSA *rsa;
> +			uint32_t pad;
>  #if (OPENSSL_VERSION_NUMBER >= 0x30000000L)
>  			EVP_PKEY_CTX * ctx;
>  #endif
> diff --git a/drivers/crypto/openssl/rte_openssl_pmd.c
> b/drivers/crypto/openssl/rte_openssl_pmd.c
> index f65fbca300..451151e47c 100644
> --- a/drivers/crypto/openssl/rte_openssl_pmd.c
> +++ b/drivers/crypto/openssl/rte_openssl_pmd.c
> @@ -2513,7 +2513,7 @@ process_openssl_rsa_op_evp(struct rte_crypto_op
> *cop,
>  		struct openssl_asym_session *sess)
>  {
>  	struct rte_crypto_asym_op *op = cop->asym;
> -	uint32_t pad = (op->rsa.padding.type);
> +	uint32_t pad = sess->u.r.pad;
>  	uint8_t *tmp;
>  	size_t outlen = 0;
>  	int ret = -1;
> @@ -2670,7 +2670,7 @@ process_openssl_rsa_op(struct rte_crypto_op *cop,
>  	int ret = 0;
>  	struct rte_crypto_asym_op *op = cop->asym;
>  	RSA *rsa = sess->u.r.rsa;
> -	uint32_t pad = (op->rsa.padding.type);
> +	uint32_t pad = sess->u.r.pad;
>  	uint8_t *tmp;
> 
>  	cop->status = RTE_CRYPTO_OP_STATUS_SUCCESS; diff --git
> a/drivers/crypto/openssl/rte_openssl_pmd_ops.c
> b/drivers/crypto/openssl/rte_openssl_pmd_ops.c
> index 29ad1b9505..3ea46caae9 100644
> --- a/drivers/crypto/openssl/rte_openssl_pmd_ops.c
> +++ b/drivers/crypto/openssl/rte_openssl_pmd_ops.c
> @@ -845,6 +845,7 @@ static int openssl_set_asym_session_parameters(
>  		if (!n || !e)
>  			goto err_rsa;
> 
> +		asym_session->u.r.pad = xform->rsa.padding.type;
>  #if (OPENSSL_VERSION_NUMBER >= 0x30000000L)
>  		OSSL_PARAM_BLD * param_bld = OSSL_PARAM_BLD_new();
>  		if (!param_bld) {
> diff --git a/drivers/crypto/qat/qat_asym.c b/drivers/crypto/qat/qat_asym.c
> index 82e165538d..e1b6e0b2f6 100644
> --- a/drivers/crypto/qat/qat_asym.c
> +++ b/drivers/crypto/qat/qat_asym.c
> @@ -353,7 +353,7 @@ rsa_set_pub_input(struct icp_qat_fw_pke_request
> *qat_req,
>  	alg_bytesize = qat_function.bytesize;
> 
>  	if (asym_op->rsa.op_type == RTE_CRYPTO_ASYM_OP_ENCRYPT) {
> -		switch (asym_op->rsa.padding.type) {
> +		switch (xform->rsa.padding.type) {
>  		case RTE_CRYPTO_RSA_PADDING_NONE:
>  			SET_PKE_LN(asym_op->rsa.message, alg_bytesize, 0);
>  			break;
> @@ -365,7 +365,7 @@ rsa_set_pub_input(struct icp_qat_fw_pke_request
> *qat_req,
>  		}
>  		HEXDUMP("RSA Message", cookie->input_array[0],
> alg_bytesize);
>  	} else {
> -		switch (asym_op->rsa.padding.type) {
> +		switch (xform->rsa.padding.type) {
>  		case RTE_CRYPTO_RSA_PADDING_NONE:
>  			SET_PKE_LN(asym_op->rsa.sign, alg_bytesize, 0);
>  			break;
> @@ -451,7 +451,7 @@ rsa_set_priv_input(struct icp_qat_fw_pke_request
> *qat_req,
> 
>  	if (asym_op->rsa.op_type ==
>  			RTE_CRYPTO_ASYM_OP_DECRYPT) {
> -		switch (asym_op->rsa.padding.type) {
> +		switch (xform->rsa.padding.type) {
>  		case RTE_CRYPTO_RSA_PADDING_NONE:
>  			SET_PKE_LN(asym_op->rsa.cipher,	alg_bytesize,
> 0);
>  			HEXDUMP("RSA ciphertext", cookie->input_array[0],
> @@ -465,7 +465,7 @@ rsa_set_priv_input(struct icp_qat_fw_pke_request
> *qat_req,
> 
>  	} else if (asym_op->rsa.op_type ==
>  			RTE_CRYPTO_ASYM_OP_SIGN) {
> -		switch (asym_op->rsa.padding.type) {
> +		switch (xform->rsa.padding.type) {
>  		case RTE_CRYPTO_RSA_PADDING_NONE:
>  			SET_PKE_LN(asym_op->rsa.message, alg_bytesize, 0);
>  			HEXDUMP("RSA text to be signed", cookie-
> >input_array[0], @@ -505,7 +505,8 @@ rsa_set_input(struct
> icp_qat_fw_pke_request *qat_req,
> 
>  static uint8_t
>  rsa_collect(struct rte_crypto_asym_op *asym_op,
> -		const struct qat_asym_op_cookie *cookie)
> +		const struct qat_asym_op_cookie *cookie,
> +		const struct rte_crypto_asym_xform *xform)
>  {
>  	uint32_t alg_bytesize = cookie->alg_bytesize;
> 
> @@ -521,7 +522,7 @@ rsa_collect(struct rte_crypto_asym_op *asym_op,
>  			HEXDUMP("RSA Encrypted data", cookie-
> >output_array[0],
>  				alg_bytesize);
>  		} else {
> -			switch (asym_op->rsa.padding.type) {
> +			switch (xform->rsa.padding.type) {
>  			case RTE_CRYPTO_RSA_PADDING_NONE:
>  				rte_memcpy(asym_op->rsa.cipher.data,
>  						cookie->output_array[0],
> @@ -538,7 +539,7 @@ rsa_collect(struct rte_crypto_asym_op *asym_op,
>  		}
>  	} else {
>  		if (asym_op->rsa.op_type ==
> RTE_CRYPTO_ASYM_OP_DECRYPT) {
> -			switch (asym_op->rsa.padding.type) {
> +			switch (xform->rsa.padding.type) {
>  			case RTE_CRYPTO_RSA_PADDING_NONE:
>  				rte_memcpy(asym_op->rsa.message.data,
>  					cookie->output_array[0],
> @@ -1009,7 +1010,7 @@ qat_asym_collect_response(struct rte_crypto_op
> *op,
>  	case RTE_CRYPTO_ASYM_XFORM_MODINV:
>  		return modinv_collect(asym_op, cookie, xform);
>  	case RTE_CRYPTO_ASYM_XFORM_RSA:
> -		return rsa_collect(asym_op, cookie);
> +		return rsa_collect(asym_op, cookie, xform);
>  	case RTE_CRYPTO_ASYM_XFORM_ECDSA:
>  		return ecdsa_collect(asym_op, cookie);
>  	case RTE_CRYPTO_ASYM_XFORM_ECPM:
> diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c
> index 4237224d9d..c8e8145a69 100644
> --- a/examples/fips_validation/main.c
> +++ b/examples/fips_validation/main.c
> @@ -926,31 +926,7 @@ prepare_rsa_op(void)
>  	__rte_crypto_op_reset(env.op, RTE_CRYPTO_OP_TYPE_ASYMMETRIC);
> 
>  	asym = env.op->asym;
> -	asym->rsa.padding.type = info.interim_info.rsa_data.padding;
> -	asym->rsa.padding.hash = info.interim_info.rsa_data.auth;
> -
>  	if (env.digest) {
> -		if (asym->rsa.padding.type ==
> RTE_CRYPTO_RSA_PADDING_PKCS1_5) {
> -			int b_len = 0;
> -			uint8_t b[32];
> -
> -			b_len = get_hash_oid(asym->rsa.padding.hash, b);
> -			if (b_len < 0) {
> -				RTE_LOG(ERR, USER1, "Failed to get digest info
> for hash %d\n",
> -					asym->rsa.padding.hash);
> -				return -EINVAL;
> -			}
> -
> -			if (b_len) {
> -				msg.len = env.digest_len + b_len;
> -				msg.val = rte_zmalloc(NULL, msg.len, 0);
> -				rte_memcpy(msg.val, b, b_len);
> -				rte_memcpy(msg.val + b_len, env.digest,
> env.digest_len);
> -				rte_free(env.digest);
> -				env.digest = msg.val;
> -				env.digest_len = msg.len;
> -			}
> -		}
>  		msg.val = env.digest;
>  		msg.len = env.digest_len;
>  	} else {
> @@ -1542,6 +1518,34 @@ prepare_rsa_xform(struct rte_crypto_asym_xform
> *xform)
>  	xform->rsa.e.length = vec.rsa.e.len;
>  	xform->rsa.n.data = vec.rsa.n.val;
>  	xform->rsa.n.length = vec.rsa.n.len;
> +
> +	xform->rsa.padding.type = info.interim_info.rsa_data.padding;
> +	xform->rsa.padding.hash = info.interim_info.rsa_data.auth;
> +	if (env.digest) {
> +		if (xform->rsa.padding.type ==
> RTE_CRYPTO_RSA_PADDING_PKCS1_5) {
> +			struct fips_val msg;
> +			int b_len = 0;
> +			uint8_t b[32];
> +
> +			b_len = get_hash_oid(xform->rsa.padding.hash, b);
> +			if (b_len < 0) {
> +				RTE_LOG(ERR, USER1, "Failed to get digest info
> for hash %d\n",
> +					xform->rsa.padding.hash);
> +				return -EINVAL;
> +			}
> +
> +			if (b_len) {
> +				msg.len = env.digest_len + b_len;
> +				msg.val = rte_zmalloc(NULL, msg.len, 0);
> +				rte_memcpy(msg.val, b, b_len);
> +				rte_memcpy(msg.val + b_len, env.digest,
> env.digest_len);
> +				rte_free(env.digest);
> +				env.digest = msg.val;
> +				env.digest_len = msg.len;
> +			}
> +		}
> +	}
> +
>  	return 0;
>  }
> 
> diff --git a/lib/cryptodev/rte_crypto_asym.h b/lib/cryptodev/rte_crypto_asym.h
> index bdf92d4358..5c80e05da2 100644
> --- a/lib/cryptodev/rte_crypto_asym.h
> +++ b/lib/cryptodev/rte_crypto_asym.h
> @@ -315,6 +315,9 @@ struct rte_crypto_rsa_xform {
>  		struct rte_crypto_rsa_priv_key_qt qt;
>  		/**< qt - Private key in quintuple format */
>  	};
> +
> +	struct rte_crypto_rsa_padding padding;
> +	/**< RSA padding information */
>  };
> 
>  /**
> @@ -451,9 +454,6 @@ struct rte_crypto_rsa_op_param {
>  	 * This could be validated and overwritten by the PMD
>  	 * with the signature length.
>  	 */
> -
> -	struct rte_crypto_rsa_padding padding;
> -	/**< RSA padding information */
>  };
> 
>  /**
> --
> 2.25.1
  
Gowrishankar Muthukrishnan Sept. 28, 2023, 6:23 a.m. UTC | #2
Hi Arek,

> > RSA padding information could be a xform entity rather than part of
> > crypto op, as it seems associated with hashing algorithm used for the
> > entire crypto session, where this algorithm is used in message digest
> > itself. Even in virtIO standard spec, this info is associated in the
> > asymmetric session creation. Hence, moving this info from crypto op into
> xform structure.
> 
> With the current approach in with-session mode, we set the key in the PMD
> only once and use it in different configurations.
> In the case where padding is a session parameter, we need to have a session
> for all padding variations, duplicating the private key occurrences in memory
> for this reason only.
> 

Even as per VirtIO asymmetric spec (below), padding info is per session as in
virtio_crypto_rsa_session_para.
https://github.com/oasis-tcs/virtio-spec/blob/master/device-types/crypto/description.tex#L736

To support VirtIO asymmetric op, this would be required.

Thanks,
Gowrishankar
  

Patch

diff --git a/app/test/test_cryptodev_asym.c b/app/test/test_cryptodev_asym.c
index bb4c70deba..1c5114581c 100644
--- a/app/test/test_cryptodev_asym.c
+++ b/app/test/test_cryptodev_asym.c
@@ -92,7 +92,6 @@  queue_ops_rsa_sign_verify(void *sess)
 	asym_op->rsa.message.length = rsaplaintext.len;
 	asym_op->rsa.sign.length = RTE_DIM(rsa_n);
 	asym_op->rsa.sign.data = output_buf;
-	asym_op->rsa.padding.type = RTE_CRYPTO_RSA_PADDING_PKCS1_5;
 
 	debug_hexdump(stdout, "message", asym_op->rsa.message.data,
 		      asym_op->rsa.message.length);
@@ -124,7 +123,6 @@  queue_ops_rsa_sign_verify(void *sess)
 
 	/* Verify sign */
 	asym_op->rsa.op_type = RTE_CRYPTO_ASYM_OP_VERIFY;
-	asym_op->rsa.padding.type = RTE_CRYPTO_RSA_PADDING_PKCS1_5;
 
 	/* Process crypto operation */
 	if (rte_cryptodev_enqueue_burst(dev_id, 0, &op, 1) != 1) {
@@ -183,7 +181,6 @@  queue_ops_rsa_enc_dec(void *sess)
 	asym_op->rsa.cipher.data = cipher_buf;
 	asym_op->rsa.cipher.length = RTE_DIM(rsa_n);
 	asym_op->rsa.message.length = rsaplaintext.len;
-	asym_op->rsa.padding.type = RTE_CRYPTO_RSA_PADDING_PKCS1_5;
 
 	debug_hexdump(stdout, "message", asym_op->rsa.message.data,
 		      asym_op->rsa.message.length);
@@ -215,7 +212,6 @@  queue_ops_rsa_enc_dec(void *sess)
 	asym_op = result_op->asym;
 	asym_op->rsa.message.length = RTE_DIM(rsa_n);
 	asym_op->rsa.op_type = RTE_CRYPTO_ASYM_OP_DECRYPT;
-	asym_op->rsa.padding.type = RTE_CRYPTO_RSA_PADDING_PKCS1_5;
 
 	/* Process crypto operation */
 	if (rte_cryptodev_enqueue_burst(dev_id, 0, &op, 1) != 1) {
@@ -412,7 +408,7 @@  test_cryptodev_asym_op(struct crypto_testsuite_params_asym *ts_params,
 		}
 
 		xform_tc.rsa.key_type = key_type;
-		op->asym->rsa.padding.type = data_tc->rsa_data.padding;
+		xform_tc.rsa.padding.type = data_tc->rsa_data.padding;
 
 		if (op->asym->rsa.op_type == RTE_CRYPTO_ASYM_OP_ENCRYPT) {
 			asym_op->rsa.message.data = data_tc->rsa_data.pt.data;
diff --git a/app/test/test_cryptodev_rsa_test_vectors.h b/app/test/test_cryptodev_rsa_test_vectors.h
index 04539a1ecf..1e05525d4d 100644
--- a/app/test/test_cryptodev_rsa_test_vectors.h
+++ b/app/test/test_cryptodev_rsa_test_vectors.h
@@ -349,6 +349,7 @@  struct rte_crypto_asym_xform rsa_xform = {
 	.next = NULL,
 	.xform_type = RTE_CRYPTO_ASYM_XFORM_RSA,
 	.rsa = {
+		.padding.type = RTE_CRYPTO_RSA_PADDING_PKCS1_5,
 		.n = {
 			.data = rsa_n,
 			.length = sizeof(rsa_n)
@@ -370,6 +371,7 @@  struct rte_crypto_asym_xform rsa_xform_crt = {
 	.next = NULL,
 	.xform_type = RTE_CRYPTO_ASYM_XFORM_RSA,
 	.rsa = {
+		.padding.type = RTE_CRYPTO_RSA_PADDING_PKCS1_5,
 		.n = {
 			.data = rsa_n,
 			.length = sizeof(rsa_n)
diff --git a/drivers/common/cpt/cpt_ucode_asym.h b/drivers/common/cpt/cpt_ucode_asym.h
index 1105a0c125..42ab0edeea 100644
--- a/drivers/common/cpt/cpt_ucode_asym.h
+++ b/drivers/common/cpt/cpt_ucode_asym.h
@@ -327,7 +327,7 @@  cpt_rsa_prep(struct asym_op_params *rsa_params,
 	/* Result buffer */
 	rlen = mod_len;
 
-	if (rsa_op.padding.type == RTE_CRYPTO_RSA_PADDING_NONE) {
+	if (rsa->padding.type == RTE_CRYPTO_RSA_PADDING_NONE) {
 		/* Use mod_exp operation for no_padding type */
 		vq_cmd_w0.s.opcode.minor = CPT_MINOR_OP_MODEX;
 		vq_cmd_w0.s.param2 = exp_len;
@@ -412,7 +412,7 @@  cpt_rsa_crt_prep(struct asym_op_params *rsa_params,
 	/* Result buffer */
 	rlen = mod_len;
 
-	if (rsa_op.padding.type == RTE_CRYPTO_RSA_PADDING_NONE) {
+	if (rsa->padding.type == RTE_CRYPTO_RSA_PADDING_NONE) {
 		/*Use mod_exp operation for no_padding type */
 		vq_cmd_w0.s.opcode.minor = CPT_MINOR_OP_MODEX_CRT;
 	} else {
diff --git a/drivers/crypto/cnxk/cnxk_ae.h b/drivers/crypto/cnxk/cnxk_ae.h
index 47f000dd5e..106d38c3bb 100644
--- a/drivers/crypto/cnxk/cnxk_ae.h
+++ b/drivers/crypto/cnxk/cnxk_ae.h
@@ -168,6 +168,9 @@  cnxk_ae_fill_rsa_params(struct cnxk_ae_sess *sess,
 	rsa->n.length = mod_len;
 	rsa->e.length = exp_len;
 
+	/* Set padding info */
+	rsa->padding.type = xform->rsa.padding.type;
+
 	return 0;
 }
 
@@ -328,7 +331,7 @@  cnxk_ae_rsa_prep(struct rte_crypto_op *op, struct roc_ae_buf_ptr *meta_buf,
 	dptr += in_size;
 	dlen = total_key_len + in_size;
 
-	if (rsa_op.padding.type == RTE_CRYPTO_RSA_PADDING_NONE) {
+	if (rsa->padding.type == RTE_CRYPTO_RSA_PADDING_NONE) {
 		/* Use mod_exp operation for no_padding type */
 		w4.s.opcode_minor = ROC_AE_MINOR_OP_MODEX;
 		w4.s.param2 = exp_len;
@@ -383,7 +386,7 @@  cnxk_ae_rsa_exp_prep(struct rte_crypto_op *op, struct roc_ae_buf_ptr *meta_buf,
 	dptr += in_size;
 	dlen = mod_len + privkey_len + in_size;
 
-	if (rsa_op.padding.type == RTE_CRYPTO_RSA_PADDING_NONE) {
+	if (rsa->padding.type == RTE_CRYPTO_RSA_PADDING_NONE) {
 		/* Use mod_exp operation for no_padding type */
 		w4.s.opcode_minor = ROC_AE_MINOR_OP_MODEX;
 		w4.s.param2 = privkey_len;
@@ -441,7 +444,7 @@  cnxk_ae_rsa_crt_prep(struct rte_crypto_op *op, struct roc_ae_buf_ptr *meta_buf,
 	dptr += in_size;
 	dlen = total_key_len + in_size;
 
-	if (rsa_op.padding.type == RTE_CRYPTO_RSA_PADDING_NONE) {
+	if (rsa->padding.type == RTE_CRYPTO_RSA_PADDING_NONE) {
 		/*Use mod_exp operation for no_padding type */
 		w4.s.opcode_minor = ROC_AE_MINOR_OP_MODEX_CRT;
 	} else {
@@ -836,7 +839,7 @@  cnxk_ae_dequeue_rsa_op(struct rte_crypto_op *cop, uint8_t *rptr,
 		memcpy(rsa->cipher.data, rptr, rsa->cipher.length);
 		break;
 	case RTE_CRYPTO_ASYM_OP_DECRYPT:
-		if (rsa->padding.type == RTE_CRYPTO_RSA_PADDING_NONE) {
+		if (rsa_ctx->padding.type == RTE_CRYPTO_RSA_PADDING_NONE) {
 			rsa->message.length = rsa_ctx->n.length;
 			memcpy(rsa->message.data, rptr, rsa->message.length);
 		} else {
@@ -856,7 +859,7 @@  cnxk_ae_dequeue_rsa_op(struct rte_crypto_op *cop, uint8_t *rptr,
 		memcpy(rsa->sign.data, rptr, rsa->sign.length);
 		break;
 	case RTE_CRYPTO_ASYM_OP_VERIFY:
-		if (rsa->padding.type == RTE_CRYPTO_RSA_PADDING_NONE) {
+		if (rsa_ctx->padding.type == RTE_CRYPTO_RSA_PADDING_NONE) {
 			rsa->sign.length = rsa_ctx->n.length;
 			memcpy(rsa->sign.data, rptr, rsa->sign.length);
 		} else {
diff --git a/drivers/crypto/octeontx/otx_cryptodev_ops.c b/drivers/crypto/octeontx/otx_cryptodev_ops.c
index 947e1be385..d315dc3237 100644
--- a/drivers/crypto/octeontx/otx_cryptodev_ops.c
+++ b/drivers/crypto/octeontx/otx_cryptodev_ops.c
@@ -708,7 +708,7 @@  otx_cpt_asym_rsa_op(struct rte_crypto_op *cop, struct cpt_request_info *req,
 		memcpy(rsa->cipher.data, req->rptr, rsa->cipher.length);
 		break;
 	case RTE_CRYPTO_ASYM_OP_DECRYPT:
-		if (rsa->padding.type == RTE_CRYPTO_RSA_PADDING_NONE)
+		if (rsa_ctx->padding.type == RTE_CRYPTO_RSA_PADDING_NONE)
 			rsa->message.length = rsa_ctx->n.length;
 		else {
 			/* Get length of decrypted output */
@@ -725,7 +725,7 @@  otx_cpt_asym_rsa_op(struct rte_crypto_op *cop, struct cpt_request_info *req,
 		memcpy(rsa->sign.data, req->rptr, rsa->sign.length);
 		break;
 	case RTE_CRYPTO_ASYM_OP_VERIFY:
-		if (rsa->padding.type == RTE_CRYPTO_RSA_PADDING_NONE)
+		if (rsa_ctx->padding.type == RTE_CRYPTO_RSA_PADDING_NONE)
 			rsa->sign.length = rsa_ctx->n.length;
 		else {
 			/* Get length of decrypted output */
diff --git a/drivers/crypto/openssl/openssl_pmd_private.h b/drivers/crypto/openssl/openssl_pmd_private.h
index ed6841e460..a6cc3b0749 100644
--- a/drivers/crypto/openssl/openssl_pmd_private.h
+++ b/drivers/crypto/openssl/openssl_pmd_private.h
@@ -173,6 +173,7 @@  struct openssl_asym_session {
 	union {
 		struct rsa {
 			RSA *rsa;
+			uint32_t pad;
 #if (OPENSSL_VERSION_NUMBER >= 0x30000000L)
 			EVP_PKEY_CTX * ctx;
 #endif
diff --git a/drivers/crypto/openssl/rte_openssl_pmd.c b/drivers/crypto/openssl/rte_openssl_pmd.c
index f65fbca300..451151e47c 100644
--- a/drivers/crypto/openssl/rte_openssl_pmd.c
+++ b/drivers/crypto/openssl/rte_openssl_pmd.c
@@ -2513,7 +2513,7 @@  process_openssl_rsa_op_evp(struct rte_crypto_op *cop,
 		struct openssl_asym_session *sess)
 {
 	struct rte_crypto_asym_op *op = cop->asym;
-	uint32_t pad = (op->rsa.padding.type);
+	uint32_t pad = sess->u.r.pad;
 	uint8_t *tmp;
 	size_t outlen = 0;
 	int ret = -1;
@@ -2670,7 +2670,7 @@  process_openssl_rsa_op(struct rte_crypto_op *cop,
 	int ret = 0;
 	struct rte_crypto_asym_op *op = cop->asym;
 	RSA *rsa = sess->u.r.rsa;
-	uint32_t pad = (op->rsa.padding.type);
+	uint32_t pad = sess->u.r.pad;
 	uint8_t *tmp;
 
 	cop->status = RTE_CRYPTO_OP_STATUS_SUCCESS;
diff --git a/drivers/crypto/openssl/rte_openssl_pmd_ops.c b/drivers/crypto/openssl/rte_openssl_pmd_ops.c
index 29ad1b9505..3ea46caae9 100644
--- a/drivers/crypto/openssl/rte_openssl_pmd_ops.c
+++ b/drivers/crypto/openssl/rte_openssl_pmd_ops.c
@@ -845,6 +845,7 @@  static int openssl_set_asym_session_parameters(
 		if (!n || !e)
 			goto err_rsa;
 
+		asym_session->u.r.pad = xform->rsa.padding.type;
 #if (OPENSSL_VERSION_NUMBER >= 0x30000000L)
 		OSSL_PARAM_BLD * param_bld = OSSL_PARAM_BLD_new();
 		if (!param_bld) {
diff --git a/drivers/crypto/qat/qat_asym.c b/drivers/crypto/qat/qat_asym.c
index 82e165538d..e1b6e0b2f6 100644
--- a/drivers/crypto/qat/qat_asym.c
+++ b/drivers/crypto/qat/qat_asym.c
@@ -353,7 +353,7 @@  rsa_set_pub_input(struct icp_qat_fw_pke_request *qat_req,
 	alg_bytesize = qat_function.bytesize;
 
 	if (asym_op->rsa.op_type == RTE_CRYPTO_ASYM_OP_ENCRYPT) {
-		switch (asym_op->rsa.padding.type) {
+		switch (xform->rsa.padding.type) {
 		case RTE_CRYPTO_RSA_PADDING_NONE:
 			SET_PKE_LN(asym_op->rsa.message, alg_bytesize, 0);
 			break;
@@ -365,7 +365,7 @@  rsa_set_pub_input(struct icp_qat_fw_pke_request *qat_req,
 		}
 		HEXDUMP("RSA Message", cookie->input_array[0], alg_bytesize);
 	} else {
-		switch (asym_op->rsa.padding.type) {
+		switch (xform->rsa.padding.type) {
 		case RTE_CRYPTO_RSA_PADDING_NONE:
 			SET_PKE_LN(asym_op->rsa.sign, alg_bytesize, 0);
 			break;
@@ -451,7 +451,7 @@  rsa_set_priv_input(struct icp_qat_fw_pke_request *qat_req,
 
 	if (asym_op->rsa.op_type ==
 			RTE_CRYPTO_ASYM_OP_DECRYPT) {
-		switch (asym_op->rsa.padding.type) {
+		switch (xform->rsa.padding.type) {
 		case RTE_CRYPTO_RSA_PADDING_NONE:
 			SET_PKE_LN(asym_op->rsa.cipher,	alg_bytesize, 0);
 			HEXDUMP("RSA ciphertext", cookie->input_array[0],
@@ -465,7 +465,7 @@  rsa_set_priv_input(struct icp_qat_fw_pke_request *qat_req,
 
 	} else if (asym_op->rsa.op_type ==
 			RTE_CRYPTO_ASYM_OP_SIGN) {
-		switch (asym_op->rsa.padding.type) {
+		switch (xform->rsa.padding.type) {
 		case RTE_CRYPTO_RSA_PADDING_NONE:
 			SET_PKE_LN(asym_op->rsa.message, alg_bytesize, 0);
 			HEXDUMP("RSA text to be signed", cookie->input_array[0],
@@ -505,7 +505,8 @@  rsa_set_input(struct icp_qat_fw_pke_request *qat_req,
 
 static uint8_t
 rsa_collect(struct rte_crypto_asym_op *asym_op,
-		const struct qat_asym_op_cookie *cookie)
+		const struct qat_asym_op_cookie *cookie,
+		const struct rte_crypto_asym_xform *xform)
 {
 	uint32_t alg_bytesize = cookie->alg_bytesize;
 
@@ -521,7 +522,7 @@  rsa_collect(struct rte_crypto_asym_op *asym_op,
 			HEXDUMP("RSA Encrypted data", cookie->output_array[0],
 				alg_bytesize);
 		} else {
-			switch (asym_op->rsa.padding.type) {
+			switch (xform->rsa.padding.type) {
 			case RTE_CRYPTO_RSA_PADDING_NONE:
 				rte_memcpy(asym_op->rsa.cipher.data,
 						cookie->output_array[0],
@@ -538,7 +539,7 @@  rsa_collect(struct rte_crypto_asym_op *asym_op,
 		}
 	} else {
 		if (asym_op->rsa.op_type == RTE_CRYPTO_ASYM_OP_DECRYPT) {
-			switch (asym_op->rsa.padding.type) {
+			switch (xform->rsa.padding.type) {
 			case RTE_CRYPTO_RSA_PADDING_NONE:
 				rte_memcpy(asym_op->rsa.message.data,
 					cookie->output_array[0],
@@ -1009,7 +1010,7 @@  qat_asym_collect_response(struct rte_crypto_op *op,
 	case RTE_CRYPTO_ASYM_XFORM_MODINV:
 		return modinv_collect(asym_op, cookie, xform);
 	case RTE_CRYPTO_ASYM_XFORM_RSA:
-		return rsa_collect(asym_op, cookie);
+		return rsa_collect(asym_op, cookie, xform);
 	case RTE_CRYPTO_ASYM_XFORM_ECDSA:
 		return ecdsa_collect(asym_op, cookie);
 	case RTE_CRYPTO_ASYM_XFORM_ECPM:
diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c
index 4237224d9d..c8e8145a69 100644
--- a/examples/fips_validation/main.c
+++ b/examples/fips_validation/main.c
@@ -926,31 +926,7 @@  prepare_rsa_op(void)
 	__rte_crypto_op_reset(env.op, RTE_CRYPTO_OP_TYPE_ASYMMETRIC);
 
 	asym = env.op->asym;
-	asym->rsa.padding.type = info.interim_info.rsa_data.padding;
-	asym->rsa.padding.hash = info.interim_info.rsa_data.auth;
-
 	if (env.digest) {
-		if (asym->rsa.padding.type == RTE_CRYPTO_RSA_PADDING_PKCS1_5) {
-			int b_len = 0;
-			uint8_t b[32];
-
-			b_len = get_hash_oid(asym->rsa.padding.hash, b);
-			if (b_len < 0) {
-				RTE_LOG(ERR, USER1, "Failed to get digest info for hash %d\n",
-					asym->rsa.padding.hash);
-				return -EINVAL;
-			}
-
-			if (b_len) {
-				msg.len = env.digest_len + b_len;
-				msg.val = rte_zmalloc(NULL, msg.len, 0);
-				rte_memcpy(msg.val, b, b_len);
-				rte_memcpy(msg.val + b_len, env.digest, env.digest_len);
-				rte_free(env.digest);
-				env.digest = msg.val;
-				env.digest_len = msg.len;
-			}
-		}
 		msg.val = env.digest;
 		msg.len = env.digest_len;
 	} else {
@@ -1542,6 +1518,34 @@  prepare_rsa_xform(struct rte_crypto_asym_xform *xform)
 	xform->rsa.e.length = vec.rsa.e.len;
 	xform->rsa.n.data = vec.rsa.n.val;
 	xform->rsa.n.length = vec.rsa.n.len;
+
+	xform->rsa.padding.type = info.interim_info.rsa_data.padding;
+	xform->rsa.padding.hash = info.interim_info.rsa_data.auth;
+	if (env.digest) {
+		if (xform->rsa.padding.type == RTE_CRYPTO_RSA_PADDING_PKCS1_5) {
+			struct fips_val msg;
+			int b_len = 0;
+			uint8_t b[32];
+
+			b_len = get_hash_oid(xform->rsa.padding.hash, b);
+			if (b_len < 0) {
+				RTE_LOG(ERR, USER1, "Failed to get digest info for hash %d\n",
+					xform->rsa.padding.hash);
+				return -EINVAL;
+			}
+
+			if (b_len) {
+				msg.len = env.digest_len + b_len;
+				msg.val = rte_zmalloc(NULL, msg.len, 0);
+				rte_memcpy(msg.val, b, b_len);
+				rte_memcpy(msg.val + b_len, env.digest, env.digest_len);
+				rte_free(env.digest);
+				env.digest = msg.val;
+				env.digest_len = msg.len;
+			}
+		}
+	}
+
 	return 0;
 }
 
diff --git a/lib/cryptodev/rte_crypto_asym.h b/lib/cryptodev/rte_crypto_asym.h
index bdf92d4358..5c80e05da2 100644
--- a/lib/cryptodev/rte_crypto_asym.h
+++ b/lib/cryptodev/rte_crypto_asym.h
@@ -315,6 +315,9 @@  struct rte_crypto_rsa_xform {
 		struct rte_crypto_rsa_priv_key_qt qt;
 		/**< qt - Private key in quintuple format */
 	};
+
+	struct rte_crypto_rsa_padding padding;
+	/**< RSA padding information */
 };
 
 /**
@@ -451,9 +454,6 @@  struct rte_crypto_rsa_op_param {
 	 * This could be validated and overwritten by the PMD
 	 * with the signature length.
 	 */
-
-	struct rte_crypto_rsa_padding padding;
-	/**< RSA padding information */
 };
 
 /**