From patchwork Wed Apr 27 07:43:58 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Arkadiusz Kusztal X-Patchwork-Id: 110302 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@inbox.dpdk.org Delivered-To: patchwork@inbox.dpdk.org Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 33A12A050F; Wed, 27 Apr 2022 09:44:16 +0200 (CEST) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id CBF3F427F7; Wed, 27 Apr 2022 09:44:12 +0200 (CEST) Received: from mga17.intel.com (mga17.intel.com [192.55.52.151]) by mails.dpdk.org (Postfix) with ESMTP id 775F241141 for ; Wed, 27 Apr 2022 09:44:11 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1651045451; x=1682581451; h=from:to:cc:subject:date:message-id:in-reply-to: references; bh=uDg9z0i/GEm1b68mBpcLUcMA+biPn+Pe9seGtmJjbQM=; b=E5ingKJpFiL/D2a2QFUSE3IdGq1BZc8760xabALBbXRUgsGMgA1h5Fc8 AYDy02/33Vh5dA0bh49JvSMJDBTszklVRNE1hb8n9s9Su8YJAbhUDDHys Kc/e6ourH3fzjthpvqfPVHewnePcKUa+QUZZEQ12BMjcUhJpeBjde90jD 2i3tWicXZ0ofo1nXoY+U9CNAYqRvHVs9mYbXEAnwwoImxHD1K918E/nZV HlgiEttm1JPKmPUcpcvmra0LCYYGSmzUDnk/fxe9zy4SdalOKSq///8wc F7GXlpbkpykYvpXGcRskNXXiQvqqD+ksiyyqWg2NFXJdD7eeUBrL8mI5L A==; X-IronPort-AV: E=McAfee;i="6400,9594,10329"; a="246414397" X-IronPort-AV: E=Sophos;i="5.90,292,1643702400"; d="scan'208";a="246414397" Received: from orsmga003.jf.intel.com ([10.7.209.27]) by fmsmga107.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 27 Apr 2022 00:44:11 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.90,292,1643702400"; d="scan'208";a="513562101" Received: from silpixa00400308.ir.intel.com ([10.237.214.95]) by orsmga003.jf.intel.com with ESMTP; 27 Apr 2022 00:44:09 -0700 From: Arek Kusztal To: dev@dpdk.org Cc: gakhil@marvell.com, roy.fan.zhang@intel.com, Arek Kusztal Subject: [PATCH v4 1/3] cryptodev: move dh type from xform to dh op Date: Wed, 27 Apr 2022 08:43:58 +0100 Message-Id: <20220427074400.2091-2-arkadiuszx.kusztal@intel.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20220427074400.2091-1-arkadiuszx.kusztal@intel.com> References: <20220427074400.2091-1-arkadiuszx.kusztal@intel.com> X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Operation type (PUBLIC_KEY_GENERATION, SHARED_SECRET) should be free to choose for any operation. One xform/session should be enough to perform both DH operations, if op_type would be xform member, session would have to be to be created twice for the same group. Similar problem would be observed in sessionless case. Additionally, it will help extend DH to support Elliptic Curves. Signed-off-by: Arek Kusztal Acked-by: Fan Zhang Acked-by: Kai Ji --- lib/cryptodev/rte_crypto_asym.h | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/lib/cryptodev/rte_crypto_asym.h b/lib/cryptodev/rte_crypto_asym.h index cd24d4b07b..4697a7bc59 100644 --- a/lib/cryptodev/rte_crypto_asym.h +++ b/lib/cryptodev/rte_crypto_asym.h @@ -256,8 +256,6 @@ struct rte_crypto_modinv_xform { * */ struct rte_crypto_dh_xform { - enum rte_crypto_asym_op_type type; - /**< Setup xform for key generate or shared secret compute */ rte_crypto_uint p; /**< Prime modulus data */ rte_crypto_uint g; @@ -391,27 +389,29 @@ struct rte_crypto_rsa_op_param { * @note: */ struct rte_crypto_dh_op_param { + enum rte_crypto_asym_op_type op_type; + /**< Diffie-Hellman operation type */ rte_crypto_uint pub_key; /**< - * Output generated public key when xform type is + * Output generated public key when op_type is * DH PUB_KEY_GENERATION. - * Input peer public key when xform type is DH + * Input peer public key when op_type is DH * SHARED_SECRET_COMPUTATION * */ rte_crypto_uint priv_key; /**< - * Output generated private key if xform type is + * Output generated private key if op_type is * DH PRIVATE_KEY_GENERATION - * Input when xform type is DH SHARED_SECRET_COMPUTATION. + * Input when op_type is DH SHARED_SECRET_COMPUTATION. * */ rte_crypto_uint shared_secret; /**< * Output with calculated shared secret - * when dh xform set up with op type = SHARED_SECRET_COMPUTATION. + * when dh op_type = SHARED_SECRET_COMPUTATION. * */ }; From patchwork Wed Apr 27 07:43:59 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Arkadiusz Kusztal X-Patchwork-Id: 110303 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@inbox.dpdk.org Delivered-To: patchwork@inbox.dpdk.org Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id DF9BCA050F; Wed, 27 Apr 2022 09:44:22 +0200 (CEST) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id AE871427FC; Wed, 27 Apr 2022 09:44:14 +0200 (CEST) Received: from mga17.intel.com (mga17.intel.com [192.55.52.151]) by mails.dpdk.org (Postfix) with ESMTP id AEDF1427FB for ; Wed, 27 Apr 2022 09:44:13 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1651045453; x=1682581453; h=from:to:cc:subject:date:message-id:in-reply-to: references; bh=3cRP0ScJPiqTHGNW7QEk5/3Ife0+X4kT4JgeB5Z5Ba0=; b=GancfU7oMBkfRK5+Mg5X8ekhQkiki7HD4S7JcC5WmHrly+48hn21AiNU T7ud8ehVcwCW6X6yUszMnSs7kqRRHgWYaaZRYT1QJwEVNRKnbTOzUKPIq vnl6/nNpytyM42AaoBCTJ6aUdmw5jd5ybftO7lJHdYVrhAq3z9nW7W/CN sxyHJIdkmAENPMD243LfzkptYaiYZbd1HP4NJSg72in8Zc7dCxkkRQfym hy4faGU1IJtLWCJbr62ePmMdWGB+Eegaqse9BKyiThUR7KgeFxbNV/y+v fU3Tq0PolHZLTaNnk0q8H2bJAJo38b6Ki1hTSXfKOS3QH8Ol5OfuCZyer Q==; X-IronPort-AV: E=McAfee;i="6400,9594,10329"; a="246414407" X-IronPort-AV: E=Sophos;i="5.90,292,1643702400"; d="scan'208";a="246414407" Received: from orsmga003.jf.intel.com ([10.7.209.27]) by fmsmga107.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 27 Apr 2022 00:44:13 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.90,292,1643702400"; d="scan'208";a="513562111" Received: from silpixa00400308.ir.intel.com ([10.237.214.95]) by orsmga003.jf.intel.com with ESMTP; 27 Apr 2022 00:44:11 -0700 From: Arek Kusztal To: dev@dpdk.org Cc: gakhil@marvell.com, roy.fan.zhang@intel.com, Arek Kusztal Subject: [PATCH v4 2/3] crypto/openssl: move dh type from xform to dh op Date: Wed, 27 Apr 2022 08:43:59 +0100 Message-Id: <20220427074400.2091-3-arkadiuszx.kusztal@intel.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20220427074400.2091-1-arkadiuszx.kusztal@intel.com> References: <20220427074400.2091-1-arkadiuszx.kusztal@intel.com> X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org This commit reflects API changes of location of operation type in Diffie-Hellman. Signed-off-by: Arek Kusztal Acked-by: Fan Zhang --- drivers/crypto/openssl/rte_openssl_pmd.c | 54 ++-------------------------- drivers/crypto/openssl/rte_openssl_pmd_ops.c | 26 -------------- 2 files changed, 3 insertions(+), 77 deletions(-) diff --git a/drivers/crypto/openssl/rte_openssl_pmd.c b/drivers/crypto/openssl/rte_openssl_pmd.c index d80e1052e2..409711c097 100644 --- a/drivers/crypto/openssl/rte_openssl_pmd.c +++ b/drivers/crypto/openssl/rte_openssl_pmd.c @@ -1696,12 +1696,7 @@ process_openssl_dh_op(struct rte_crypto_op *cop, BIGNUM *priv_key = NULL; int ret = 0; - if (sess->u.dh.key_op & - (1 << RTE_CRYPTO_ASYM_OP_SHARED_SECRET_COMPUTE)) { - /* compute shared secret using peer public key - * and current private key - * shared secret = peer_key ^ priv_key mod p - */ + if (op->op_type == RTE_CRYPTO_ASYM_OP_SHARED_SECRET_COMPUTE) { BIGNUM *peer_key = NULL; /* copy private key and peer key and compute shared secret */ @@ -1735,10 +1730,6 @@ process_openssl_dh_op(struct rte_crypto_op *cop, if (ret < 0) { cop->status = RTE_CRYPTO_OP_STATUS_ERROR; BN_free(peer_key); - /* priv key is already loaded into dh, - * let's not free that directly here. - * DH_free() will auto free it later. - */ return 0; } cop->status = RTE_CRYPTO_OP_STATUS_SUCCESS; @@ -1747,50 +1738,12 @@ process_openssl_dh_op(struct rte_crypto_op *cop, return 0; } - /* - * other options are public and private key generations. - * - * if user provides private key, - * then first set DH with user provided private key - */ - if ((sess->u.dh.key_op & - (1 << RTE_CRYPTO_ASYM_OP_PUBLIC_KEY_GENERATE)) && - !(sess->u.dh.key_op & - (1 << RTE_CRYPTO_ASYM_OP_PRIVATE_KEY_GENERATE))) { - /* generate public key using user-provided private key - * pub_key = g ^ priv_key mod p - */ - - /* load private key into DH */ - priv_key = BN_bin2bn(op->priv_key.data, - op->priv_key.length, - priv_key); - if (priv_key == NULL) { - cop->status = RTE_CRYPTO_OP_STATUS_NOT_PROCESSED; - return -1; - } - ret = set_dh_priv_key(dh_key, priv_key); - if (ret) { - OPENSSL_LOG(ERR, "Failed to set private key\n"); - cop->status = RTE_CRYPTO_OP_STATUS_ERROR; - BN_free(priv_key); - return 0; - } - } - - /* generate public and private key pair. - * - * if private key already set, generates only public key. - * - * if private key is not already set, then set it to random value - * and update internal private key. - */ if (!DH_generate_key(dh_key)) { cop->status = RTE_CRYPTO_OP_STATUS_ERROR; return 0; } - if (sess->u.dh.key_op & (1 << RTE_CRYPTO_ASYM_OP_PUBLIC_KEY_GENERATE)) { + if (op->op_type == RTE_CRYPTO_ASYM_OP_PUBLIC_KEY_GENERATE) { const BIGNUM *pub_key = NULL; OPENSSL_LOG(DEBUG, "%s:%d update public key\n", @@ -1804,8 +1757,7 @@ process_openssl_dh_op(struct rte_crypto_op *cop, op->pub_key.data); } - if (sess->u.dh.key_op & - (1 << RTE_CRYPTO_ASYM_OP_PRIVATE_KEY_GENERATE)) { + if (op->op_type == RTE_CRYPTO_ASYM_OP_PRIVATE_KEY_GENERATE) { const BIGNUM *priv_key = NULL; OPENSSL_LOG(DEBUG, "%s:%d updated priv key\n", diff --git a/drivers/crypto/openssl/rte_openssl_pmd_ops.c b/drivers/crypto/openssl/rte_openssl_pmd_ops.c index 1cb07794bd..02802ab0c2 100644 --- a/drivers/crypto/openssl/rte_openssl_pmd_ops.c +++ b/drivers/crypto/openssl/rte_openssl_pmd_ops.c @@ -1000,32 +1000,6 @@ static int openssl_set_asym_session_parameters( goto err_dh; } - /* - * setup xfrom for - * public key generate, or - * DH Priv key generate, or both - * public and private key generate - */ - asym_session->u.dh.key_op = (1 << xform->dh.type); - - if (xform->dh.type == - RTE_CRYPTO_ASYM_OP_PRIVATE_KEY_GENERATE) { - /* check if next is pubkey */ - if ((xform->next != NULL) && - (xform->next->xform_type == - RTE_CRYPTO_ASYM_XFORM_DH) && - (xform->next->dh.type == - RTE_CRYPTO_ASYM_OP_PUBLIC_KEY_GENERATE) - ) { - /* - * setup op as pub/priv key - * pair generationi - */ - asym_session->u.dh.key_op |= - (1 << - RTE_CRYPTO_ASYM_OP_PUBLIC_KEY_GENERATE); - } - } asym_session->u.dh.dh_key = dh; asym_session->xfrm_type = RTE_CRYPTO_ASYM_XFORM_DH; break; From patchwork Wed Apr 27 07:44:00 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Arkadiusz Kusztal X-Patchwork-Id: 110304 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@inbox.dpdk.org Delivered-To: patchwork@inbox.dpdk.org Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 7193CA050F; Wed, 27 Apr 2022 09:44:30 +0200 (CEST) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 031AD42809; Wed, 27 Apr 2022 09:44:17 +0200 (CEST) Received: from mga17.intel.com (mga17.intel.com [192.55.52.151]) by mails.dpdk.org (Postfix) with ESMTP id D3E1D42806 for ; Wed, 27 Apr 2022 09:44:15 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1651045456; x=1682581456; h=from:to:cc:subject:date:message-id:in-reply-to: references; bh=Y6XYg0Xc33M5bmf6cEASYqOHGEV6MJhB8k7Mg4hcwUU=; b=g5Le7Ut5xtlJhQ5cSeAWwoekvkXFq4MGh/Ej/EeTEi9UlCEh/brz6P8W 00JhsLeJb3abAJDm02vsZmpYcNMn4SopS/3Eui/vgDZPims2td0bxXgCC OfoWaDEJBDw475J3o3FJtrMo6PPBANgi2RmsH8XfTgnnA5v5iXrl+mV9l 75tTMckm2/IzWLiKIzFiNmfgGvkqH5zerXz1ZgChRc1OAQmDW4dtgrd47 9PMcFhJJiusRefQrd2+LEPBxy5eRyPQKfi211jMQEvf3kJevPyC/NFB93 yZnUPna+Scx28891uuUJ5Zd/GygQ8sb5+R8oqvYTpNds3tI9bnmyzbIIB g==; X-IronPort-AV: E=McAfee;i="6400,9594,10329"; a="246414413" X-IronPort-AV: E=Sophos;i="5.90,292,1643702400"; d="scan'208";a="246414413" Received: from orsmga003.jf.intel.com ([10.7.209.27]) by fmsmga107.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 27 Apr 2022 00:44:15 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.90,292,1643702400"; d="scan'208";a="513562119" Received: from silpixa00400308.ir.intel.com ([10.237.214.95]) by orsmga003.jf.intel.com with ESMTP; 27 Apr 2022 00:44:14 -0700 From: Arek Kusztal To: dev@dpdk.org Cc: gakhil@marvell.com, roy.fan.zhang@intel.com, Arek Kusztal Subject: [PATCH v4 3/3] test/crypto: move dh type from xform to dh op Date: Wed, 27 Apr 2022 08:44:00 +0100 Message-Id: <20220427074400.2091-4-arkadiuszx.kusztal@intel.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20220427074400.2091-1-arkadiuszx.kusztal@intel.com> References: <20220427074400.2091-1-arkadiuszx.kusztal@intel.com> X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org This commit reflects API changes in Diffie-Hellman, now for setting crypto operation type asym_op no xform is responsible. Signed-off-by: Arek Kusztal Acked-by: Fan Zhang --- app/test/test_cryptodev_asym.c | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/app/test/test_cryptodev_asym.c b/app/test/test_cryptodev_asym.c index 573af2a537..a5e385f4bd 100644 --- a/app/test/test_cryptodev_asym.c +++ b/app/test/test_cryptodev_asym.c @@ -1064,8 +1064,8 @@ test_dh_gen_shared_sec(struct rte_crypto_asym_xform *xfrm) asym_op = op->asym; /* Setup a xform and op to generate private key only */ - xform.dh.type = RTE_CRYPTO_ASYM_OP_SHARED_SECRET_COMPUTE; xform.next = NULL; + asym_op->dh.op_type = RTE_CRYPTO_ASYM_OP_SHARED_SECRET_COMPUTE; asym_op->dh.priv_key.data = dh_test_params.priv_key.data; asym_op->dh.priv_key.length = dh_test_params.priv_key.length; asym_op->dh.pub_key.data = (uint8_t *)peer; @@ -1146,7 +1146,7 @@ test_dh_gen_priv_key(struct rte_crypto_asym_xform *xfrm) asym_op = op->asym; /* Setup a xform and op to generate private key only */ - xform.dh.type = RTE_CRYPTO_ASYM_OP_PRIVATE_KEY_GENERATE; + asym_op->dh.op_type = RTE_CRYPTO_ASYM_OP_PRIVATE_KEY_GENERATE; xform.next = NULL; asym_op->dh.priv_key.data = output; asym_op->dh.priv_key.length = sizeof(output); @@ -1229,7 +1229,7 @@ test_dh_gen_pub_key(struct rte_crypto_asym_xform *xfrm) * using test private key * */ - xform.dh.type = RTE_CRYPTO_ASYM_OP_PUBLIC_KEY_GENERATE; + asym_op->dh.op_type = RTE_CRYPTO_ASYM_OP_PUBLIC_KEY_GENERATE; xform.next = NULL; asym_op->dh.pub_key.data = output; @@ -1319,9 +1319,10 @@ test_dh_gen_kp(struct rte_crypto_asym_xform *xfrm) /* Setup a xform chain to generate * private key first followed by * public key - */xform.dh.type = RTE_CRYPTO_ASYM_OP_PRIVATE_KEY_GENERATE; + */ + asym_op->dh.op_type = RTE_CRYPTO_ASYM_OP_PRIVATE_KEY_GENERATE; pub_key_xform.xform_type = RTE_CRYPTO_ASYM_XFORM_DH; - pub_key_xform.dh.type = RTE_CRYPTO_ASYM_OP_PUBLIC_KEY_GENERATE; + asym_op->dh.op_type = RTE_CRYPTO_ASYM_OP_PUBLIC_KEY_GENERATE; xform.next = &pub_key_xform; asym_op->dh.pub_key.data = out_pub_key;